From openssl at openssl.org  Sat Aug  1 00:01:57 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Sat, 01 Aug 2020 00:01:57 +0000
Subject: SUCCESSFUL build of OpenSSL branch master with options -d
 --strict-warnings no-sm3
Message-ID: <1596240117.486950.15577.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-sm3

Commit log since last time:

cfae32c69a [test][ectest] Minor touches to custom_generator_test
f5384f064e [test] Vertically test explicit EC params API patterns
79410c5f8b namemap: fix threading issue
5cd9962272 Fix a test_verify failure
ef8980176d Deprecate -nodes in favor of -noenc in pkcs12 and req app
846f96f821 TEST: Add RSA-PSS cases in test/serdes_test.c
a4e55cccc9 PROV: Add a DER to RSA-PSS deserializer implementation
456b3b97a4 EVP, PROV: Add misc missing bits for RSA-PSS
51d9ac870a Fix no-ec2m

From openssl at openssl.org  Sat Aug  1 00:26:00 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Sat, 01 Aug 2020 00:26:00 +0000
Subject: SUCCESSFUL build of OpenSSL branch master with options -d
 --strict-warnings no-sm4
Message-ID: <1596241560.612997.929.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-sm4

Commit log since last time:

cfae32c69a [test][ectest] Minor touches to custom_generator_test
f5384f064e [test] Vertically test explicit EC params API patterns
79410c5f8b namemap: fix threading issue
5cd9962272 Fix a test_verify failure
ef8980176d Deprecate -nodes in favor of -noenc in pkcs12 and req app
846f96f821 TEST: Add RSA-PSS cases in test/serdes_test.c
a4e55cccc9 PROV: Add a DER to RSA-PSS deserializer implementation
456b3b97a4 EVP, PROV: Add misc missing bits for RSA-PSS
51d9ac870a Fix no-ec2m

From openssl at openssl.org  Sat Aug  1 00:50:28 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Sat, 01 Aug 2020 00:50:28 +0000
Subject: SUCCESSFUL build of OpenSSL branch master with options -d
 --strict-warnings enable-trace
Message-ID: <1596243028.548621.18009.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-trace

Commit log since last time:

cfae32c69a [test][ectest] Minor touches to custom_generator_test
f5384f064e [test] Vertically test explicit EC params API patterns
79410c5f8b namemap: fix threading issue
5cd9962272 Fix a test_verify failure
ef8980176d Deprecate -nodes in favor of -noenc in pkcs12 and req app
846f96f821 TEST: Add RSA-PSS cases in test/serdes_test.c
a4e55cccc9 PROV: Add a DER to RSA-PSS deserializer implementation
456b3b97a4 EVP, PROV: Add misc missing bits for RSA-PSS
51d9ac870a Fix no-ec2m

From pauli at openssl.org  Sat Aug  1 01:53:48 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Sat, 01 Aug 2020 01:53:48 +0000
Subject: [openssl]  master update
Message-ID: <1596246828.505632.29493.nullmailer@dev.openssl.org>

The branch master has been updated
       via  790a1b030ac6f968104e17fe5b721c581ebd1d3e (commit)
       via  1dbf4537738d86d8078b74c89e38b6ed0b2b1196 (commit)
       via  3c033c5bfed214b02c0f041239d1cb8a4e27fd82 (commit)
       via  319d0b2be96539f10628c98f37306655fd158f61 (commit)
       via  7c664b1f1b5f60bf896f5fdea5c08c401c541dfe (commit)
       via  3ff8159a8af6ab4e945318c56cd2fffcdd817cf8 (commit)
       via  4701f0a9a0ff08b354142c9f3b4797ff225d7c84 (commit)
       via  a6495479adfb8dc0b500030d4eeb007d9af4572a (commit)
       via  6c6b20d59153cd29e38dfebee0b8a6f998402254 (commit)
       via  86b5ab58aae0bddb93a58e9dcfac5ea3db022f6a (commit)
      from  1202de4481df88d63a2a5cc1e9e0450a7e72f4ac (commit)


- Log -----------------------------------------------------------------
commit 790a1b030ac6f968104e17fe5b721c581ebd1d3e
Author: Richard Levitte <levitte at openssl.org>
Date:   Mon Jul 27 22:11:53 2020 +0200

    DESERIALIZER: Small bugfix in the deser_process()
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12544)

commit 1dbf4537738d86d8078b74c89e38b6ed0b2b1196
Author: Richard Levitte <levitte at openssl.org>
Date:   Mon Jul 27 22:02:07 2020 +0200

    DESERIALIZER: Make OSSL_DESERIALIZER_from_{bio,fp} use BIO_tell() / BIO_seek()
    
    Depending on the BIO used, using BIO_reset() may lead to "interesting"
    results.  For example, a BIO_f_buffer() on top of another BIO that
    handles BIO_reset() as a BIO_seek(bio, 0), the deserialization process
    may find itself with a file that's rewound more than expected.
    
    Therefore, OSSL_DESERIALIZER_from_{bio,fp}'s behaviour is changed to
    rely purely on BIO_tell() / BIO_seek(), and since BIO_s_mem() is used
    internally, it's changed to handle BIO_tell() and BIO_seek() better.
    
    This does currently mean that OSSL_DESERIALIZER can't be easily used
    with streams that don't support BIO_tell() / BIO_seek().
    
    Fixes #12541
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12544)

commit 3c033c5bfed214b02c0f041239d1cb8a4e27fd82
Author: Richard Levitte <levitte at openssl.org>
Date:   Mon Jul 27 21:51:44 2020 +0200

    DESERIALIZER: Refactor the constructor setting API
    
    It's not the best idea to set a whole bunch of parameters in one call,
    that leads to functions that are hard to update.  Better to re-model
    this into several function made to set one parameter each.
    
    This also renames "finalizer" to "constructor", which was suggested
    earlier but got lost at the time.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12544)

commit 319d0b2be96539f10628c98f37306655fd158f61
Author: Richard Levitte <levitte at openssl.org>
Date:   Mon Jul 27 18:40:11 2020 +0200

    TEST: Add testutil tests to compare unterminated strings of different lengths
    
    We use this in test/serdes_test.c, to compare serializations into PEM,
    which aren't necessarily terminated with a NUL byte when they were
    written to a BIO_s_mem().
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12544)

commit 7c664b1f1b5f60bf896f5fdea5c08c401c541dfe
Author: Richard Levitte <levitte at openssl.org>
Date:   Mon Jul 27 18:40:05 2020 +0200

    DESERIALIZER: Add deserializers for the rest of our asymmetric key types
    
    To be able to implement this, there was a need for the standard
    EVP_PKEY_set1_, EVP_PKEY_get0_ and EVP_PKEY_get1_ functions for
    ED25519, ED448, X25519 and X448, as well as the corresponding
    EVP_PKEY_assign_ macros.  There was also a need to extend the list of
    hard coded names that EVP_PKEY_is_a() recognise.
    
    Along with this, OSSL_FUNC_keymgmt_load() are implemented for all
    those key types.
    
    The deserializers for these key types are all implemented generically,
    in providers/implementations/serializers/deserializer_der2key.c.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12544)

commit 3ff8159a8af6ab4e945318c56cd2fffcdd817cf8
Author: Richard Levitte <levitte at openssl.org>
Date:   Mon Jul 27 18:40:02 2020 +0200

    DESERIALIZER: Make it possible to deserialize public keys too
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12544)

commit 4701f0a9a0ff08b354142c9f3b4797ff225d7c84
Author: Richard Levitte <levitte at openssl.org>
Date:   Mon Jul 27 18:39:58 2020 +0200

    DESERIALIZER: Rethink password handling
    
    The OSSL_DESERIALIZER API makes the incorrect assumption that the
    caller must cipher and other pass phrase related parameters to the
    individual desserializer implementations, when the reality is that
    they only need a passphrase callback, and will be able to figure out
    the rest themselves from the input they get.
    
    We simplify it further by never passing any explicit passphrase to the
    provider implementation, and simply have them call the passphrase
    callback unconditionally when they need, leaving it to libcrypto code
    to juggle explicit passphrases, cached passphrases and actual
    passphrase callback calls.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12544)

commit a6495479adfb8dc0b500030d4eeb007d9af4572a
Author: Richard Levitte <levitte at openssl.org>
Date:   Mon Jul 27 18:39:55 2020 +0200

    RSA: Better synchronisation between ASN1 PSS params and RSA_PSS_PARAMS_30
    
    This is needed so RSA keys created from different code paths have a
    chance to compare as equal.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12544)

commit 6c6b20d59153cd29e38dfebee0b8a6f998402254
Author: Richard Levitte <levitte at openssl.org>
Date:   Mon Jul 27 18:39:51 2020 +0200

    DER writer: Make context-specific tags constructed (i.e. explicit)
    
    For now, that's what we see being used.  It's possible that we will
    have to figure out a way to specific if these should be implicit or
    explicit on a case by case basis.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12544)

commit 86b5ab58aae0bddb93a58e9dcfac5ea3db022f6a
Author: Richard Levitte <levitte at openssl.org>
Date:   Mon Jul 27 18:39:44 2020 +0200

    PROV: Fix small logic error in ec_kmgmt.c matching function
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12544)

-----------------------------------------------------------------------

Summary of changes:
 crypto/bio/bss_mem.c                               |  25 +-
 crypto/der_writer.c                                |   6 +-
 crypto/err/openssl.txt                             |   2 +
 crypto/evp/evp_err.c                               |   2 +
 crypto/evp/p_lib.c                                 |  61 ++++
 crypto/rsa/rsa_ameth.c                             | 114 +++++-
 crypto/serializer/deserializer_lib.c               |  94 +++--
 crypto/serializer/deserializer_meth.c              |   8 +-
 crypto/serializer/deserializer_pkey.c              | 103 +++---
 crypto/serializer/serdes_pass.c                    |   7 +-
 crypto/serializer/serializer_local.h               |  21 +-
 doc/man3/EVP_PKEY_set1_RSA.pod                     |  55 ++-
 doc/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.pod |  46 ++-
 doc/man3/OSSL_DESERIALIZER_from_bio.pod            | 135 ++++---
 include/openssl/deserializer.h                     |  41 ++-
 include/openssl/evp.h                              |  21 ++
 include/openssl/evperr.h                           |   2 +
 providers/deserializers.inc                        |  14 +
 .../implementations/include/prov/implementations.h |   7 +
 providers/implementations/keymgmt/dh_kmgmt.c       |  16 +
 providers/implementations/keymgmt/dsa_kmgmt.c      |  16 +
 providers/implementations/keymgmt/ec_kmgmt.c       |  18 +-
 providers/implementations/keymgmt/ecx_kmgmt.c      |  16 +
 providers/implementations/serializers/build.info   |   3 +-
 .../serializers/deserialize_common.c               |  22 +-
 .../serializers/deserialize_der2key.c              | 234 ++++++++++++
 .../serializers/deserialize_der2rsa.c              | 309 ----------------
 .../serializers/deserialize_pem2der.c              |  73 +---
 .../implementations/serializers/serializer_local.h |   2 +-
 test/serdes_test.c                                 | 393 +++++++++++++++------
 test/testutil.h                                    |  10 +-
 test/testutil/tests.c                              |  16 +-
 util/libcrypto.num                                 |  22 +-
 util/other.syms                                    |   8 +-
 34 files changed, 1203 insertions(+), 719 deletions(-)
 create mode 100644 providers/implementations/serializers/deserialize_der2key.c
 delete mode 100644 providers/implementations/serializers/deserialize_der2rsa.c

diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c
index 4043043626..d9580e6d37 100644
--- a/crypto/bio/bss_mem.c
+++ b/crypto/bio/bss_mem.c
@@ -176,6 +176,7 @@ static int mem_buf_free(BIO *a)
 
 /*
  * Reallocate memory buffer if read pointer differs
+ * NOT FOR RDONLY
  */
 static int mem_buf_sync(BIO *b)
 {
@@ -247,12 +248,18 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr)
     long ret = 1;
     char **pptr;
     BIO_BUF_MEM *bbm = (BIO_BUF_MEM *)b->ptr;
-    BUF_MEM *bm;
+    BUF_MEM *bm, *bo;            /* bio_mem, bio_other */
+    long off, remain;
 
-    if (b->flags & BIO_FLAGS_MEM_RDONLY)
+    if (b->flags & BIO_FLAGS_MEM_RDONLY) {
         bm = bbm->buf;
-    else
+        bo = bbm->readp;
+    } else {
         bm = bbm->readp;
+        bo = bbm->buf;
+    }
+    off = bm->data - bo->data;
+    remain = bm->length;
 
     switch (cmd) {
     case BIO_CTRL_RESET:
@@ -270,6 +277,18 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr)
             }
         }
         break;
+    case BIO_C_FILE_SEEK:
+        if (num < 0 || num > off + remain)
+            return -1;   /* Can't see outside of the current buffer */
+
+        bm->data = bo->data + num;
+        bm->length = bo->length - num;
+        bm->max = bo->max - num;
+        off = num;
+        /* FALLTHRU */
+    case BIO_C_FILE_TELL:
+        ret = off;
+        break;
     case BIO_CTRL_EOF:
         ret = (long)(bm->length == 0);
         break;
diff --git a/crypto/der_writer.c b/crypto/der_writer.c
index 8762787504..117b5dff90 100644
--- a/crypto/der_writer.c
+++ b/crypto/der_writer.c
@@ -38,10 +38,14 @@ static int int_end_context(WPACKET *pkt, int tag)
         return 1;
     if (!ossl_assert(tag <= 30))
         return 0;
+
+    /* Context specific are normally (?) constructed */
+    tag |= DER_F_CONSTRUCTED | DER_C_CONTEXT;
+
     return WPACKET_get_total_written(pkt, &size1)
         && WPACKET_close(pkt)
         && WPACKET_get_total_written(pkt, &size2)
-        && (size1 == size2 || WPACKET_put_bytes_u8(pkt, DER_C_CONTEXT | tag));
+        && (size1 == size2 || WPACKET_put_bytes_u8(pkt, tag));
 }
 
 int DER_w_precompiled(WPACKET *pkt, int tag,
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 0124d1d3ae..1b4fca9b97 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -875,6 +875,7 @@ EVP_F_EVP_PKEY_ENCRYPT_INIT:139:EVP_PKEY_encrypt_init
 EVP_F_EVP_PKEY_ENCRYPT_OLD:152:EVP_PKEY_encrypt_old
 EVP_F_EVP_PKEY_GET0_DH:119:EVP_PKEY_get0_DH
 EVP_F_EVP_PKEY_GET0_DSA:120:EVP_PKEY_get0_DSA
+EVP_F_EVP_PKEY_GET0_ECX_KEY:222:
 EVP_F_EVP_PKEY_GET0_EC_KEY:131:EVP_PKEY_get0_EC_KEY
 EVP_F_EVP_PKEY_GET0_HMAC:183:EVP_PKEY_get0_hmac
 EVP_F_EVP_PKEY_GET0_POLY1305:184:EVP_PKEY_get0_poly1305
@@ -2532,6 +2533,7 @@ EVP_R_EXPECTING_AN_HMAC_KEY:174:expecting an hmac key
 EVP_R_EXPECTING_AN_RSA_KEY:127:expecting an rsa key
 EVP_R_EXPECTING_A_DH_KEY:128:expecting a dh key
 EVP_R_EXPECTING_A_DSA_KEY:129:expecting a dsa key
+EVP_R_EXPECTING_A_ECX_KEY:219:expecting a ecx key
 EVP_R_EXPECTING_A_EC_KEY:142:expecting a ec key
 EVP_R_EXPECTING_A_POLY1305_KEY:164:expecting a poly1305 key
 EVP_R_EXPECTING_A_SIPHASH_KEY:175:expecting a siphash key
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index 239efaa51a..d13cd05faa 100644
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -61,6 +61,8 @@ static const ERR_STRING_DATA EVP_str_reasons[] = {
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_EXPECTING_A_DH_KEY), "expecting a dh key"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_EXPECTING_A_DSA_KEY),
     "expecting a dsa key"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_EXPECTING_A_ECX_KEY),
+    "expecting a ecx key"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_EXPECTING_A_EC_KEY), "expecting a ec key"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_EXPECTING_A_POLY1305_KEY),
     "expecting a poly1305 key"},
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index a7fd687dd0..3e3f2118a2 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -34,6 +34,7 @@
 
 #include "crypto/asn1.h"
 #include "crypto/evp.h"
+#include "crypto/ecx.h"
 #include "internal/evp.h"
 #include "internal/provider.h"
 #include "evp_local.h"
@@ -855,6 +856,54 @@ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
         EC_KEY_up_ref(ret);
     return ret;
 }
+
+static int EVP_PKEY_set1_ECX_KEY(EVP_PKEY *pkey, int type, ECX_KEY *key)
+{
+    int ret = EVP_PKEY_assign(pkey, type, key);
+    if (ret)
+        ecx_key_up_ref(key);
+    return ret;
+}
+
+static ECX_KEY *EVP_PKEY_get0_ECX_KEY(const EVP_PKEY *pkey, int type)
+{
+    if (!evp_pkey_downgrade((EVP_PKEY *)pkey)) {
+        ERR_raise(ERR_LIB_EVP, EVP_R_INACCESSIBLE_KEY);
+        return NULL;
+    }
+    if (EVP_PKEY_base_id(pkey) != type) {
+        ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_A_ECX_KEY);
+        return NULL;
+    }
+    return pkey->pkey.ecx;
+}
+
+static ECX_KEY *EVP_PKEY_get1_ECX_KEY(EVP_PKEY *pkey, int type)
+{
+    ECX_KEY *ret = EVP_PKEY_get0_ECX_KEY(pkey, type);
+    if (ret != NULL)
+        ecx_key_up_ref(ret);
+    return ret;
+}
+
+#  define IMPLEMENT_ECX_VARIANT(NAME)                                   \
+    int EVP_PKEY_set1_##NAME(EVP_PKEY *pkey, ECX_KEY *key)              \
+    {                                                                   \
+        return EVP_PKEY_set1_ECX_KEY(pkey, EVP_PKEY_##NAME, key);       \
+    }                                                                   \
+    ECX_KEY *EVP_PKEY_get0_##NAME(const EVP_PKEY *pkey)                 \
+    {                                                                   \
+        return EVP_PKEY_get0_ECX_KEY(pkey, EVP_PKEY_##NAME);            \
+    }                                                                   \
+    ECX_KEY *EVP_PKEY_get1_##NAME(EVP_PKEY *pkey)                       \
+    {                                                                   \
+        return EVP_PKEY_get1_ECX_KEY(pkey, EVP_PKEY_##NAME);            \
+    }
+IMPLEMENT_ECX_VARIANT(X25519)
+IMPLEMENT_ECX_VARIANT(X448)
+IMPLEMENT_ECX_VARIANT(ED25519)
+IMPLEMENT_ECX_VARIANT(ED448)
+
 # endif
 
 # ifndef OPENSSL_NO_DH
@@ -940,6 +989,18 @@ int EVP_PKEY_is_a(const EVP_PKEY *pkey, const char *name)
 #ifndef OPENSSL_NO_EC
         else if (strcasecmp(name, "EC") == 0)
             type = EVP_PKEY_EC;
+        else if (strcasecmp(name, "ED25519") == 0)
+            type = EVP_PKEY_ED25519;
+        else if (strcasecmp(name, "ED448") == 0)
+            type = EVP_PKEY_ED448;
+        else if (strcasecmp(name, "X25519") == 0)
+            type = EVP_PKEY_X25519;
+        else if (strcasecmp(name, "X448") == 0)
+            type = EVP_PKEY_X448;
+#endif
+#ifndef OPENSSL_NO_DH
+        else if (strcasecmp(name, "DH") == 0)
+            type = EVP_PKEY_DH;
 #endif
 #ifndef OPENSSL_NO_DSA
         else if (strcasecmp(name, "DSA") == 0)
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
index 22c06a2139..f5911ad233 100644
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@@ -34,6 +34,7 @@ static int rsa_cms_encrypt(CMS_RecipientInfo *ri);
 #endif
 
 static RSA_PSS_PARAMS *rsa_pss_decode(const X509_ALGOR *alg);
+static int rsa_sync_to_pss_params_30(RSA *rsa);
 
 /* Set any parameters associated with pkey */
 static int rsa_param_encode(const EVP_PKEY *pkey,
@@ -78,6 +79,8 @@ static int rsa_param_decode(RSA *rsa, const X509_ALGOR *alg)
     rsa->pss = rsa_pss_decode(alg);
     if (rsa->pss == NULL)
         return 0;
+    if (!rsa_sync_to_pss_params_30(rsa))
+        return 0;
     return 1;
 }
 
@@ -118,6 +121,20 @@ static int rsa_pub_decode(EVP_PKEY *pkey, const X509_PUBKEY *pubkey)
         RSA_free(rsa);
         return 0;
     }
+
+    RSA_clear_flags(rsa, RSA_FLAG_TYPE_MASK);
+    switch (pkey->ameth->pkey_id) {
+    case EVP_PKEY_RSA:
+        RSA_set_flags(rsa, RSA_FLAG_TYPE_RSA);
+        break;
+    case EVP_PKEY_RSA_PSS:
+        RSA_set_flags(rsa, RSA_FLAG_TYPE_RSASSAPSS);
+        break;
+    default:
+        /* Leave the type bits zero */
+        break;
+    }
+
     if (!EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, rsa)) {
         RSA_free(rsa);
         return 0;
@@ -729,9 +746,34 @@ static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx,
     return rv;
 }
 
-int rsa_pss_get_param(const RSA_PSS_PARAMS *pss, const EVP_MD **pmd,
-                      const EVP_MD **pmgf1md, int *psaltlen)
+static int rsa_pss_verify_param(const EVP_MD **pmd, const EVP_MD **pmgf1md,
+                                int *psaltlen, int *ptrailerField)
 {
+    if (psaltlen != NULL && *psaltlen < 0) {
+        ERR_raise(ERR_LIB_RSA, RSA_R_INVALID_SALT_LENGTH);
+        return 0;
+    }
+    /*
+     * low-level routines support only trailer field 0xbc (value 1) and
+     * PKCS#1 says we should reject any other value anyway.
+     */
+    if (ptrailerField != NULL && *ptrailerField != 1) {
+        ERR_raise(ERR_LIB_RSA, RSA_R_INVALID_TRAILER);
+        return 0;
+    }
+    return 1;
+}
+
+static int rsa_pss_get_param_unverified(const RSA_PSS_PARAMS *pss,
+                                        const EVP_MD **pmd,
+                                        const EVP_MD **pmgf1md,
+                                        int *psaltlen, int *ptrailerField)
+{
+    RSA_PSS_PARAMS_30 pss_params;
+
+    /* Get the defaults from the ONE place */
+    (void)rsa_pss_params_30_set_defaults(&pss_params);
+
     if (pss == NULL)
         return 0;
     *pmd = rsa_algor_to_md(pss->hashAlgorithm);
@@ -740,25 +782,65 @@ int rsa_pss_get_param(const RSA_PSS_PARAMS *pss, const EVP_MD **pmd,
     *pmgf1md = rsa_algor_to_md(pss->maskHash);
     if (*pmgf1md == NULL)
         return 0;
-    if (pss->saltLength) {
+    if (pss->saltLength)
         *psaltlen = ASN1_INTEGER_get(pss->saltLength);
-        if (*psaltlen < 0) {
-            RSAerr(RSA_F_RSA_PSS_GET_PARAM, RSA_R_INVALID_SALT_LENGTH);
-            return 0;
-        }
-    } else {
-        *psaltlen = 20;
-    }
+    else
+        *psaltlen = rsa_pss_params_30_saltlen(&pss_params);
+    if (pss->trailerField)
+        *ptrailerField = ASN1_INTEGER_get(pss->trailerField);
+    else
+        *ptrailerField = rsa_pss_params_30_trailerfield(&pss_params);;
+
+    return 1;
+}
 
+int rsa_pss_get_param(const RSA_PSS_PARAMS *pss, const EVP_MD **pmd,
+                      const EVP_MD **pmgf1md, int *psaltlen)
+{
     /*
-     * low-level routines support only trailer field 0xbc (value 1) and
-     * PKCS#1 says we should reject any other value anyway.
+     * Callers do not care about the trailer field, and yet, we must
+     * pass it from get_param to verify_param, since the latter checks
+     * its value.
+     *
+     * When callers start caring, it's a simple thing to add another
+     * argument to this function.
      */
-    if (pss->trailerField && ASN1_INTEGER_get(pss->trailerField) != 1) {
-        RSAerr(RSA_F_RSA_PSS_GET_PARAM, RSA_R_INVALID_TRAILER);
-        return 0;
-    }
+    int trailerField = 0;
+
+    return rsa_pss_get_param_unverified(pss, pmd, pmgf1md, psaltlen,
+                                        &trailerField)
+        && rsa_pss_verify_param(pmd, pmgf1md, psaltlen, &trailerField);
+}
+
+static int rsa_sync_to_pss_params_30(RSA *rsa)
+{
+    if (rsa != NULL && rsa->pss != NULL) {
+        const EVP_MD *md = NULL, *mgf1md = NULL;
+        int md_nid, mgf1md_nid, saltlen, trailerField;
+        RSA_PSS_PARAMS_30 pss_params;
 
+        /*
+         * We don't care about the validity of the fields here, we just
+         * want to synchronise values.  Verifying here makes it impossible
+         * to even read a key with invalid values, making it hard to test
+         * a bad situation.
+         *
+         * Other routines use rsa_pss_get_param(), so the values will be
+         * checked, eventually.
+         */
+        if (!rsa_pss_get_param_unverified(rsa->pss, &md, &mgf1md,
+                                          &saltlen, &trailerField))
+            return 0;
+        md_nid = EVP_MD_type(md);
+        mgf1md_nid = EVP_MD_type(mgf1md);
+        if (!rsa_pss_params_30_set_defaults(&pss_params)
+            || !rsa_pss_params_30_set_hashalg(&pss_params, md_nid)
+            || !rsa_pss_params_30_set_maskgenhashalg(&pss_params, mgf1md_nid)
+            || !rsa_pss_params_30_set_saltlen(&pss_params, saltlen)
+            || !rsa_pss_params_30_set_trailerfield(&pss_params, trailerField))
+            return 0;
+        rsa->pss_params = pss_params;
+    }
     return 1;
 }
 
diff --git a/crypto/serializer/deserializer_lib.c b/crypto/serializer/deserializer_lib.c
index 2fbb7782cf..aa3b552786 100644
--- a/crypto/serializer/deserializer_lib.c
+++ b/crypto/serializer/deserializer_lib.c
@@ -37,10 +37,11 @@ int OSSL_DESERIALIZER_from_bio(OSSL_DESERIALIZER_CTX *ctx, BIO *in)
 
     ok = deser_process(NULL, &data);
 
-    /* Clear any cached passphrase */
-    OPENSSL_clear_free(ctx->cached_passphrase, ctx->cached_passphrase_len);
-    ctx->cached_passphrase = NULL;
-    ctx->cached_passphrase_len = 0;
+    /* Clear any internally cached passphrase */
+    if (!ctx->flag_user_passphrase) {
+        OSSL_DESERIALIZER_CTX_set_passphrase(ctx, NULL, 0);
+        ctx->flag_user_passphrase = 0;
+    }
     return ok;
 }
 
@@ -274,21 +275,62 @@ int OSSL_DESERIALIZER_CTX_num_deserializers(OSSL_DESERIALIZER_CTX *ctx)
     return sk_OSSL_DESERIALIZER_INSTANCE_num(ctx->deser_insts);
 }
 
-int OSSL_DESERIALIZER_CTX_set_finalizer(OSSL_DESERIALIZER_CTX *ctx,
-                                        OSSL_DESERIALIZER_FINALIZER *finalizer,
-                                        OSSL_DESERIALIZER_CLEANER *cleaner,
-                                        void *finalize_arg)
+int OSSL_DESERIALIZER_CTX_set_construct(OSSL_DESERIALIZER_CTX *ctx,
+                                        OSSL_DESERIALIZER_CONSTRUCT *construct)
+{
+    if (!ossl_assert(ctx != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    ctx->construct = construct;
+    return 1;
+}
+
+int OSSL_DESERIALIZER_CTX_set_construct_data(OSSL_DESERIALIZER_CTX *ctx,
+                                             void *construct_data)
+{
+    if (!ossl_assert(ctx != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    ctx->construct_data = construct_data;
+    return 1;
+}
+
+int OSSL_DESERIALIZER_CTX_set_cleanup(OSSL_DESERIALIZER_CTX *ctx,
+                                      OSSL_DESERIALIZER_CLEANUP *cleanup)
 {
     if (!ossl_assert(ctx != NULL)) {
         ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
         return 0;
     }
-    ctx->finalizer = finalizer;
-    ctx->cleaner = cleaner;
-    ctx->finalize_arg = finalize_arg;
+    ctx->cleanup = cleanup;
     return 1;
 }
 
+OSSL_DESERIALIZER_CONSTRUCT *
+OSSL_DESERIALIZER_CTX_get_construct(OSSL_DESERIALIZER_CTX *ctx)
+{
+    if (ctx == NULL)
+        return NULL;
+    return ctx->construct;
+}
+
+void *OSSL_DESERIALIZER_CTX_get_construct_data(OSSL_DESERIALIZER_CTX *ctx)
+{
+    if (ctx == NULL)
+        return NULL;
+    return ctx->construct_data;
+}
+
+OSSL_DESERIALIZER_CLEANUP *
+OSSL_DESERIALIZER_CTX_get_cleanup(OSSL_DESERIALIZER_CTX *ctx)
+{
+    if (ctx == NULL)
+        return NULL;
+    return ctx->cleanup;
+}
+
 int OSSL_DESERIALIZER_export(OSSL_DESERIALIZER_INSTANCE *deser_inst,
                              void *reference, size_t reference_sz,
                              OSSL_CALLBACK *export_cb, void *export_cbarg)
@@ -353,12 +395,13 @@ static int deser_process(const OSSL_PARAM params[], void *arg)
                                                 data->current_deser_inst_index);
         deser = OSSL_DESERIALIZER_INSTANCE_deserializer(deser_inst);
 
-        if (ctx->finalizer(deser_inst, params, ctx->finalize_arg)) {
+        if (ctx->construct != NULL
+            && ctx->construct(deser_inst, params, ctx->construct_data)) {
             ok = 1;
             goto end;
         }
 
-        /* The finalizer didn't return success */
+        /* The constructor didn't return success */
 
         /*
          * so we try to use the object we got and feed it to any next
@@ -400,7 +443,8 @@ static int deser_process(const OSSL_PARAM params[], void *arg)
          * that's the case, we do this extra check.
          */
         if (deser == NULL && ctx->start_input_type != NULL
-            && strcasecmp(ctx->start_input_type, deser_inst->input_type) != 0)
+            && strcasecmp(ctx->start_input_type,
+                          new_deser_inst->input_type) != 0)
             continue;
 
         /*
@@ -413,20 +457,26 @@ static int deser_process(const OSSL_PARAM params[], void *arg)
             && !OSSL_DESERIALIZER_is_a(deser, new_deser_inst->input_type))
             continue;
 
-        if (loc == 0) {
-            if (BIO_reset(bio) <= 0)
-                goto end;
-        } else {
-            if (BIO_seek(bio, loc) <= 0)
-                goto end;
-        }
+        /*
+         * Checking the return value of BIO_reset() or BIO_seek() is unsafe.
+         * Furthermore, BIO_reset() is unsafe to use if the source BIO happens
+         * to be a BIO_s_mem(), because the earlier BIO_tell() gives us zero
+         * no matter where we are in the underlying buffer we're reading from.
+         *
+         * So, we simply do a BIO_seek(), and use BIO_tell() that we're back
+         * at the same position.  This is a best effort attempt, but BIO_seek()
+         * and BIO_tell() should come as a pair...
+         */
+        (void)BIO_seek(bio, loc);
+        if (BIO_tell(bio) != loc)
+            goto end;
 
         /* Recurse */
         new_data.current_deser_inst_index = i;
         ok = new_deser->deserialize(new_deser_inst->deserctx,
                                     (OSSL_CORE_BIO *)bio,
                                     deser_process, &new_data,
-                                    NULL /* ossl_deserializer_passphrase_in_cb */,
+                                    ctx->passphrase_cb,
                                     new_data.ctx);
         if (ok)
             break;
diff --git a/crypto/serializer/deserializer_meth.c b/crypto/serializer/deserializer_meth.c
index 54500716ec..4739c2956d 100644
--- a/crypto/serializer/deserializer_meth.c
+++ b/crypto/serializer/deserializer_meth.c
@@ -490,6 +490,7 @@ OSSL_DESERIALIZER_CTX *OSSL_DESERIALIZER_CTX_new(void)
         return NULL;
     }
 
+    ctx->passphrase_cb = ossl_deserializer_passphrase_in_cb;
     return ctx;
 }
 
@@ -538,11 +539,12 @@ OSSL_DESERIALIZER_INSTANCE_free(OSSL_DESERIALIZER_INSTANCE *deser_inst)
 void OSSL_DESERIALIZER_CTX_free(OSSL_DESERIALIZER_CTX *ctx)
 {
     if (ctx != NULL) {
-        if (ctx->cleaner != NULL)
-            ctx->cleaner(ctx->finalize_arg);
+        if (ctx->cleanup != NULL)
+            ctx->cleanup(ctx->construct_data);
         sk_OSSL_DESERIALIZER_INSTANCE_pop_free(ctx->deser_insts,
                                                OSSL_DESERIALIZER_INSTANCE_free);
-        UI_destroy_method(ctx->allocated_ui_method);
+        OSSL_DESERIALIZER_CTX_set_passphrase_ui(ctx, NULL, NULL);
+        OSSL_DESERIALIZER_CTX_set_passphrase(ctx, NULL, 0);
         OPENSSL_free(ctx);
     }
 }
diff --git a/crypto/serializer/deserializer_pkey.c b/crypto/serializer/deserializer_pkey.c
index 0fafdf31aa..e5e8bfda6f 100644
--- a/crypto/serializer/deserializer_pkey.c
+++ b/crypto/serializer/deserializer_pkey.c
@@ -11,37 +11,37 @@
 #include <openssl/evp.h>
 #include <openssl/ui.h>
 #include <openssl/deserializer.h>
-#include <openssl/core_names.h>
 #include <openssl/safestack.h>
 #include "crypto/evp.h"
 #include "serializer_local.h"
 
-int OSSL_DESERIALIZER_CTX_set_cipher(OSSL_DESERIALIZER_CTX *ctx,
-                                     const char *cipher_name,
-                                     const char *propquery)
-{
-    OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END };
-
-    params[0] =
-        OSSL_PARAM_construct_utf8_string(OSSL_DESERIALIZER_PARAM_CIPHER,
-                                         (void *)cipher_name, 0);
-    params[1] =
-        OSSL_PARAM_construct_utf8_string(OSSL_DESERIALIZER_PARAM_PROPERTIES,
-                                         (void *)propquery, 0);
-
-    return OSSL_DESERIALIZER_CTX_set_params(ctx, params);
-}
-
 int OSSL_DESERIALIZER_CTX_set_passphrase(OSSL_DESERIALIZER_CTX *ctx,
                                          const unsigned char *kstr,
                                          size_t klen)
 {
-    OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
-
-    params[0] = OSSL_PARAM_construct_octet_string(OSSL_DESERIALIZER_PARAM_PASS,
-                                                  (void *)kstr, klen);
+    if (!ossl_assert(ctx != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
 
-    return OSSL_DESERIALIZER_CTX_set_params(ctx, params);
+    OPENSSL_clear_free(ctx->cached_passphrase, ctx->cached_passphrase_len);
+    ctx->cached_passphrase = NULL;
+    ctx->cached_passphrase_len = 0;
+    if (kstr != NULL) {
+        if (klen == 0) {
+            ctx->cached_passphrase = OPENSSL_zalloc(1);
+            ctx->cached_passphrase_len = 0;
+        } else {
+            ctx->cached_passphrase = OPENSSL_memdup(kstr, klen);
+            ctx->cached_passphrase_len = klen;
+        }
+        if (ctx->cached_passphrase == NULL) {
+            ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+    }
+    ctx->flag_user_passphrase = 1;
+    return 1;
 }
 
 static void deserializer_ctx_reset_passphrase_ui(OSSL_DESERIALIZER_CTX *ctx)
@@ -67,27 +67,36 @@ int OSSL_DESERIALIZER_CTX_set_passphrase_ui(OSSL_DESERIALIZER_CTX *ctx,
     return 1;
 }
 
-int OSSL_DESERIALIZER_CTX_set_passphrase_cb(OSSL_DESERIALIZER_CTX *ctx,
-                                            pem_password_cb *cb, void *cbarg)
+int OSSL_DESERIALIZER_CTX_set_pem_password_cb(OSSL_DESERIALIZER_CTX *ctx,
+                                              pem_password_cb *cb, void *cbarg)
 {
+    UI_METHOD *ui_method = NULL;
+
     if (!ossl_assert(ctx != NULL)) {
         ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
         return 0;
     }
 
-    deserializer_ctx_reset_passphrase_ui(ctx);
-    if (cb == NULL)
+    /*
+     * If |cb| is NULL, it means the caller wants to reset previous
+     * password callback info.  Otherwise, we only set the new data
+     * if a new UI_METHOD could be created for this sort of callback.
+     */
+    if (cb == NULL
+        || (ui_method = UI_UTIL_wrap_read_pem_callback(cb, 0)) != NULL) {
+        deserializer_ctx_reset_passphrase_ui(ctx);
+        ctx->ui_method = ctx->allocated_ui_method = ui_method;
+        ctx->ui_data = cbarg;
+        ctx->passphrase_cb = ossl_deserializer_passphrase_in_cb;
         return 1;
-    ctx->ui_method =
-        ctx->allocated_ui_method = UI_UTIL_wrap_read_pem_callback(cb, 0);
-    ctx->ui_data = cbarg;
+    }
 
-    return ctx->ui_method != NULL;
+    return 0;
 }
 
 /*
  * Support for OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY:
- * Handle an object reference
+ * The construct data, and collecting keymgmt information for it
  */
 
 DEFINE_STACK_OF(EVP_KEYMGMT)
@@ -98,11 +107,11 @@ struct deser_EVP_PKEY_data_st {
     STACK_OF(EVP_KEYMGMT) *keymgmts; /* The EVP_KEYMGMTs we handle */
 };
 
-static int deser_finalize_EVP_PKEY(OSSL_DESERIALIZER_INSTANCE *deser_inst,
-                                   const OSSL_PARAM *params,
-                                   void *finalize_arg)
+static int deser_construct_EVP_PKEY(OSSL_DESERIALIZER_INSTANCE *deser_inst,
+                                    const OSSL_PARAM *params,
+                                    void *construct_data)
 {
-    struct deser_EVP_PKEY_data_st *data = finalize_arg;
+    struct deser_EVP_PKEY_data_st *data = construct_data;
     OSSL_DESERIALIZER *deser =
         OSSL_DESERIALIZER_INSTANCE_deserializer(deser_inst);
     void *deserctx = OSSL_DESERIALIZER_INSTANCE_deserializer_ctx(deser_inst);
@@ -216,13 +225,15 @@ static int deser_finalize_EVP_PKEY(OSSL_DESERIALIZER_INSTANCE *deser_inst,
     return (*data->object != NULL);
 }
 
-static void deser_clean_EVP_PKEY(void *finalize_arg)
+static void deser_clean_EVP_PKEY_construct_arg(void *construct_data)
 {
-    struct deser_EVP_PKEY_data_st *data = finalize_arg;
+    struct deser_EVP_PKEY_data_st *data = construct_data;
 
-    sk_EVP_KEYMGMT_pop_free(data->keymgmts, EVP_KEYMGMT_free);
-    OPENSSL_free(data->object_type);
-    OPENSSL_free(data);
+    if (data != NULL) {
+        sk_EVP_KEYMGMT_pop_free(data->keymgmts, EVP_KEYMGMT_free);
+        OPENSSL_free(data->object_type);
+        OPENSSL_free(data);
+    }
 }
 
 DEFINE_STACK_OF_CSTRING()
@@ -344,17 +355,15 @@ OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY(EVP_PKEY **pkey,
     /* Finally, collect extra deserializers based on what we already have */
     (void)OSSL_DESERIALIZER_CTX_add_extra(ctx, libctx, propquery);
 
-    if (!OSSL_DESERIALIZER_CTX_set_finalizer(ctx, deser_finalize_EVP_PKEY,
-                                             deser_clean_EVP_PKEY,
-                                             data->process_data))
+    if (!OSSL_DESERIALIZER_CTX_set_construct(ctx, deser_construct_EVP_PKEY)
+        || !OSSL_DESERIALIZER_CTX_set_construct_data(ctx, data->process_data)
+        || !OSSL_DESERIALIZER_CTX_set_cleanup
+                (ctx, deser_clean_EVP_PKEY_construct_arg))
         goto err;
 
     data->process_data = NULL;
  err:
-    if (data->process_data != NULL)
-        sk_EVP_KEYMGMT_pop_free(data->process_data->keymgmts,
-                                EVP_KEYMGMT_free);
-    OPENSSL_free(data->process_data);
+    deser_clean_EVP_PKEY_construct_arg(data->process_data);
     sk_OPENSSL_CSTRING_free(data->names);
     OPENSSL_free(data);
     return ctx;
diff --git a/crypto/serializer/serdes_pass.c b/crypto/serializer/serdes_pass.c
index 8a33af5e9a..75200955b5 100644
--- a/crypto/serializer/serdes_pass.c
+++ b/crypto/serializer/serdes_pass.c
@@ -48,8 +48,11 @@ static int do_passphrase(char *pass, size_t pass_size, size_t *pass_len,
         return 0;
     }
 
-    UI_set_method(ui, ui_method);
-    UI_add_user_data(ui, ui_data);
+    if (ui_method != NULL) {
+        UI_set_method(ui, ui_method);
+        if (ui_data != NULL)
+            UI_add_user_data(ui, ui_data);
+    }
 
     /* Get an application constructed prompt */
     prompt = UI_construct_prompt(ui, "pass phrase", prompt_info);
diff --git a/crypto/serializer/serializer_local.h b/crypto/serializer/serializer_local.h
index acf600c285..d139e402d7 100644
--- a/crypto/serializer/serializer_local.h
+++ b/crypto/serializer/serializer_local.h
@@ -96,17 +96,18 @@ struct ossl_deserializer_ctx_st {
     STACK_OF(OSSL_DESERIALIZER_INSTANCE) *deser_insts;
 
     /*
-     * The finalizer of a deserialization, and its caller argument.
+     * The constructors of a deserialization, and its caller argument.
      */
-    OSSL_DESERIALIZER_FINALIZER *finalizer;
-    OSSL_DESERIALIZER_CLEANER *cleaner;
-    void *finalize_arg;
+    OSSL_DESERIALIZER_CONSTRUCT *construct;
+    OSSL_DESERIALIZER_CLEANUP *cleanup;
+    void *construct_data;
 
     /* For any function that needs a passphrase reader */
+    OSSL_PASSPHRASE_CALLBACK *passphrase_cb;
     const UI_METHOD *ui_method;
     void *ui_data;
     /*
-     * if caller used OSSL_SERIALIZER_CTX_set_passphrase_cb(), we need
+     * if caller used OSSL_SERIALIZER_CTX_set_pem_password_cb(), we need
      * intermediary storage.
      */
     UI_METHOD *allocated_ui_method;
@@ -117,6 +118,16 @@ struct ossl_deserializer_ctx_st {
      */
     unsigned char *cached_passphrase;
     size_t cached_passphrase_len;
+
+    /*
+     * Flag section.  Keep these together
+     */
+
+    /*
+     * The passphrase was passed to us by the user.  In that case, it
+     * should only be freed when freeing this context.
+     */
+    unsigned int flag_user_passphrase:1;
 };
 
 /* Passphrase callbacks, found in serdes_pass.c */
diff --git a/doc/man3/EVP_PKEY_set1_RSA.pod b/doc/man3/EVP_PKEY_set1_RSA.pod
index 10a8e94661..89737a3c8c 100644
--- a/doc/man3/EVP_PKEY_set1_RSA.pod
+++ b/doc/man3/EVP_PKEY_set1_RSA.pod
@@ -3,10 +3,18 @@
 =head1 NAME
 
 EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY,
+EVP_PKEY_set1_ED25519, EVP_PKEY_set1_ED448,
+EVP_PKEY_set1_X25519, EVP_PKEY_set1_X448,
 EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY,
+EVP_PKEY_get1_ED25519, EVP_PKEY_get1_ED448,
+EVP_PKEY_get1_X25519, EVP_PKEY_get1_X448,
 EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY,
+EVP_PKEY_get0_ED25519, EVP_PKEY_get0_ED448,
+EVP_PKEY_get0_X25519, EVP_PKEY_get0_X448,
 EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH,
 EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH,
+EVP_PKEY_assign_ED25519, EVP_PKEY_assign_ED448,
+EVP_PKEY_assign_X25519, EVP_PKEY_assign_X448,
 EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash,
 EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type,
 EVP_PKEY_set1_engine, EVP_PKEY_get0_engine - EVP_PKEY assignment functions
@@ -19,11 +27,19 @@ EVP_PKEY_set1_engine, EVP_PKEY_get0_engine - EVP_PKEY assignment functions
  int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
  int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
  int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_set1_ED25519(EVP_PKEY *pkey, ECX_KEY *key);
+ int EVP_PKEY_set1_ED448(EVP_PKEY *pkey, ECX_KEY *key);
+ int EVP_PKEY_set1_X25519(EVP_PKEY *pkey, ECX_KEY *key);
+ int EVP_PKEY_set1_X448(EVP_PKEY *pkey, ECX_KEY *key);
 
  RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
  DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
  DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
  EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+ ECX_KEY *EVP_PKEY_get1_ED25519(EVP_PKEY *pkey);
+ ECX_KEY *EVP_PKEY_get1_ED448(EVP_PKEY *pkey);
+ ECX_KEY *EVP_PKEY_get1_X25519(EVP_PKEY *pkey);
+ ECX_KEY *EVP_PKEY_get1_X448(EVP_PKEY *pkey);
 
  const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
  const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
@@ -32,11 +48,19 @@ EVP_PKEY_set1_engine, EVP_PKEY_get0_engine - EVP_PKEY assignment functions
  DSA *EVP_PKEY_get0_DSA(const EVP_PKEY *pkey);
  DH *EVP_PKEY_get0_DH(const EVP_PKEY *pkey);
  EC_KEY *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey);
+ ECX_KEY *EVP_PKEY_get0_ED25519(EVP_PKEY *pkey);
+ ECX_KEY *EVP_PKEY_get0_ED448(EVP_PKEY *pkey);
+ ECX_KEY *EVP_PKEY_get0_X25519(EVP_PKEY *pkey);
+ ECX_KEY *EVP_PKEY_get0_X448(EVP_PKEY *pkey);
 
  int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
  int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
  int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
  int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_ED25519(EVP_PKEY *pkey, ECX_KEY *key);
+ int EVP_PKEY_assign_ED448(EVP_PKEY *pkey, ECX_KEY *key);
+ int EVP_PKEY_assign_X25519(EVP_PKEY *pkey, ECX_KEY *key);
+ int EVP_PKEY_assign_X448(EVP_PKEY *pkey, ECX_KEY *key);
  int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
  int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
 
@@ -50,24 +74,31 @@ EVP_PKEY_set1_engine, EVP_PKEY_get0_engine - EVP_PKEY assignment functions
 
 =head1 DESCRIPTION
 
-EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and
-EVP_PKEY_set1_EC_KEY() set the key referenced by I<pkey> to I<key>.
+EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH(),
+EVP_PKEY_set1_EC_KEY(), EVP_PKEY_set1_ED25519(), EVP_PKEY_set1_ED448(),
+EVP_PKEY_set1_X25519() and EVP_PKEY_set1_X448() set the key referenced by
+I<pkey> to I<key>.
 
 EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and
-EVP_PKEY_get1_EC_KEY() return the referenced key in I<pkey> or
-NULL if the key is not of the correct type.
+EVP_PKEY_get1_EC_KEY(), EVP_PKEY_get1_ED25519(), EVP_PKEY_get1_ED448(),
+EVP_PKEY_get1_X25519() and EVP_PKEY_get1_X448() return the referenced key in
+I<pkey> or NULL if the key is not of the correct type.  The returned key must
+be freed after use.
 
 EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(),
-EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH()
-and EVP_PKEY_get0_EC_KEY() also return the referenced key in I<pkey> or NULL
-if the key is not of the correct type but the reference count of the
-returned key is B<not> incremented and so must not be freed up after use.
+EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH(),
+EVP_PKEY_get0_EC_KEY(), EVP_PKEY_get0_ED25519(), EVP_PKEY_get0_ED448(),
+EVP_PKEY_get0_X25519() and EVP_PKEY_get0_X448() return the referenced
+key in I<pkey> or NULL if the key is not of the correct type but the
+reference count of the returned key is B<not> incremented and so must not be
+freed after use.
 
 EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(),
-EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and
-EVP_PKEY_assign_SIPHASH() also set the referenced key to I<key>
-however these use the supplied I<key> internally and so I<key>
-will be freed when the parent I<pkey> is freed.
+EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_ED25519(), EVP_PKEY_assign_ED448(),
+EVP_PKEY_assign_X25519(), EVP_PKEY_assign_X448(), EVP_PKEY_assign_POLY1305() and
+EVP_PKEY_assign_SIPHASH() set the referenced key to I<key> however these use
+the supplied I<key> internally and so I<key> will be freed when the parent
+I<pkey> is freed.
 
 EVP_PKEY_base_id() returns the type of I<pkey>. For example
 an RSA key will return B<EVP_PKEY_RSA>.
diff --git a/doc/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.pod b/doc/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.pod
index 9ed4e5992e..c8466657c9 100644
--- a/doc/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.pod
+++ b/doc/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.pod
@@ -3,9 +3,8 @@
 =head1 NAME
 
 OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY,
-OSSL_DESERIALIZER_CTX_set_cipher,
 OSSL_DESERIALIZER_CTX_set_passphrase,
-OSSL_DESERIALIZER_CTX_set_passphrase_cb,
+OSSL_DESERIALIZER_CTX_set_pem_password_cb,
 OSSL_DESERIALIZER_CTX_set_passphrase_ui
 - Deserializer routines to deserialize EVP_PKEYs
 
@@ -19,14 +18,12 @@ OSSL_DESERIALIZER_CTX_set_passphrase_ui
                                        OPENSSL_CTX *libctx,
                                        const char *propquery);
 
- int OSSL_DESERIALIZER_CTX_set_cipher(OSSL_DESERIALIZER_CTX *ctx,
-                                      const char *cipher_name,
-                                      const char *propquery);
  int OSSL_DESERIALIZER_CTX_set_passphrase(OSSL_DESERIALIZER_CTX *ctx,
                                           const unsigned char *kstr,
                                           size_t klen);
- int OSSL_DESERIALIZER_CTX_set_passphrase_cb(OSSL_DESERIALIZER_CTX *ctx,
-                                             pem_password_cb *cb, void *cbarg);
+ int OSSL_DESERIALIZER_CTX_set_pem_password_cb(OSSL_DESERIALIZER_CTX *ctx,
+                                               pem_password_cb *cb,
+                                               void *cbarg);
  int OSSL_DESERIALIZER_CTX_set_passphrase_ui(OSSL_DESERIALIZER_CTX *ctx,
                                              const UI_METHOD *ui_method,
                                              void *ui_data);
@@ -55,38 +52,35 @@ zero).  This helps the caller distinguish between an error when
 creating the B<OSSL_DESERIALIZER_CTX>, and the lack the deserializer
 support and act accordingly.
 
-OSSL_DESERIALIZER_CTX_set_cipher() tells the implementation what cipher
-should be used to decrypt serialized keys.  The cipher is given by
-name I<cipher_name>.  The interpretation of that I<cipher_name> is
-implementation dependent.  The implementation may implement the cipher
-directly itself, or it may choose to fetch it.  If the implementation
-supports fetching the cipher, then it may use I<propquery> as
-properties to be queried for when fetching.  I<cipher_name> may also
-be NULL, which will result in failure if the serialized input is an
-encrypted key.
-
 OSSL_DESERIALIZER_CTX_set_passphrase() gives the implementation a
 pass phrase to use when decrypting the serialized private key.
 Alternatively, a pass phrase callback may be specified with the
 following functions.
 
-OSSL_DESERIALIZER_CTX_set_passphrase_cb() and
-OSSL_DESERIALIZER_CTX_set_passphrase_ui() sets up a callback method that
-the implementation can use to prompt for a pass phrase.
+OSSL_DESERIALIZER_CTX_set_pem_password_cb() and
+OSSL_DESERIALIZER_CTX_set_passphrase_ui() set up a callback method that
+the implementation can use to prompt for a pass phrase, giving the caller
+the choice of prefered pass phrase callback form.  These are called
+indirectly, through an internal B<OSSL_PASSPHRASE_CALLBACK> function.
+
+The internal B<OSSL_PASSPHRASE_CALLBACK> function caches the pass phrase, to
+be re-used in all deserializations that are performed in the same
+deserialization run
+(for example, within one L<OSSL_DESERIALIZER_from_bio(3)> call).
 
-=for comment Note that the callback method is called indirectly,
-through an internal B<OSSL_PASSPHRASE_CALLBACK> function.
+=for comment the name OSSL_DESERIALIZER_CTX_set_pem_password_cb() leaves
+open the future possibility of having a function where the caller can set a
+B<OSSL_PASSPHRASE_CALLBACK> method as another option.
 
 =head1 RETURN VALUES
 
 OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY() returns a pointer to a
 B<OSSL_DESERIALIZER_CTX>, or NULL if it couldn't be created.
 
-OSSL_DESERIALIZER_CTX_set_cipher(),
 OSSL_DESERIALIZER_CTX_set_passphrase(),
-OSSL_DESERIALIZER_CTX_set_passphrase_cb(), and
-OSSL_DESERIALIZER_CTX_set_passphrase_ui() all return 1 on success, or 0
-on failure.
+OSSL_DESERIALIZER_CTX_set_pem_password_cb() and
+OSSL_DESERIALIZER_CTX_set_passphrase_ui()
+all return 1 on success, or 0 on failure.
 
 =head1 NOTES
 
diff --git a/doc/man3/OSSL_DESERIALIZER_from_bio.pod b/doc/man3/OSSL_DESERIALIZER_from_bio.pod
index 8c372a6cf6..1aa54899a5 100644
--- a/doc/man3/OSSL_DESERIALIZER_from_bio.pod
+++ b/doc/man3/OSSL_DESERIALIZER_from_bio.pod
@@ -9,9 +9,14 @@ OSSL_DESERIALIZER_CTX_add_deserializer,
 OSSL_DESERIALIZER_CTX_add_extra,
 OSSL_DESERIALIZER_CTX_num_deserializers,
 OSSL_DESERIALIZER_INSTANCE,
-OSSL_DESERIALIZER_FINALIZER,
-OSSL_DESERIALIZER_CLEANER,
-OSSL_DESERIALIZER_CTX_set_finalizer,
+OSSL_DESERIALIZER_CONSTRUCT,
+OSSL_DESERIALIZER_CLEANUP,
+OSSL_DESERIALIZER_CTX_set_construct,
+OSSL_DESERIALIZER_CTX_set_construct_data,
+OSSL_DESERIALIZER_CTX_set_cleanup,
+OSSL_DESERIALIZER_CTX_get_construct,
+OSSL_DESERIALIZER_CTX_get_construct_data,
+OSSL_DESERIALIZER_CTX_get_cleanup,
 OSSL_DESERIALIZER_export,
 OSSL_DESERIALIZER_INSTANCE_deserializer,
 OSSL_DESERIALIZER_INSTANCE_deserializer_ctx
@@ -32,25 +37,32 @@ OSSL_DESERIALIZER_INSTANCE_deserializer_ctx
  int OSSL_DESERIALIZER_CTX_num_deserializers(OSSL_DESERIALIZER_CTX *ctx);
 
  typedef struct ossl_deserializer_instance_st OSSL_DESERIALIZER_INSTANCE;
- typedef int (OSSL_DESERIALIZER_FINALIZER)
-     (OSSL_DESERIALIZER_INSTANCE *deser_inst,
-      const OSSL_PARAM *params, void *finalize_arg);
- typedef void (OSSL_DESERIALIZER_CLEANER)(void *finalize_arg);
+ OSSL_DESERIALIZER *OSSL_DESERIALIZER_INSTANCE_deserializer
+     (OSSL_DESERIALIZER_INSTANCE *deser_inst);
+ void *OSSL_DESERIALIZER_INSTANCE_deserializer_ctx
+     (OSSL_DESERIALIZER_INSTANCE *deser_inst);
 
- int OSSL_DESERIALIZER_CTX_set_finalizer(OSSL_DESERIALIZER_CTX *ctx,
-                                         OSSL_DESRIALIZER_FINALIZER *finalizer,
-                                         OSSL_DESERIALIZER_CLEANER *cleaner,
-                                         void *finalize_arg);
+ typedef int (OSSL_DESERIALIZER_CONSTRUCT)
+     (OSSL_DESERIALIZER_INSTANCE *deser_inst,
+      const OSSL_PARAM *params, void *construct_data);
+ typedef void (OSSL_DESERIALIZER_CLEANUP)(void *construct_data);
+
+ int OSSL_DESERIALIZER_CTX_set_construct
+     (OSSL_DESERIALIZER_CTX *ctx, OSSL_DESERIALIZER_CONSTRUCT *construct);
+ int OSSL_DESERIALIZER_CTX_set_construct_data
+     (OSSL_DESERIALIZER_CTX *ctx, void *construct_data);
+ int OSSL_DESERIALIZER_CTX_set_cleanup(OSSL_DESERIALIZER_CTX *ctx,
+                                       OSSL_DESERIALIZER_CLEANUP *cleanup);
+ OSSL_DESERIALIZER_CONSTRUCT *
+ OSSL_DESERIALIZER_CTX_get_construct(OSSL_DESERIALIZER_CTX *ctx);
+ void *OSSL_DESERIALIZER_CTX_get_construct_data(OSSL_DESERIALIZER_CTX *ctx);
+ OSSL_DESERIALIZER_CLEANUP *
+ OSSL_DESERIALIZER_CTX_get_cleanup(OSSL_DESERIALIZER_CTX *ctx);
 
  int OSSL_DESERIALIZER_export(OSSL_DESERIALIZER_INSTANCE *deser_inst,
                               void *reference, size_t reference_sz,
                               OSSL_CALLBACK *export_cb, void *export_cbarg);
 
- OSSL_DESERIALIZER *OSSL_DESERIALIZER_INSTANCE_deserializer
-     (OSSL_DESERIALIZER_INSTANCE *deser_inst);
- void *OSSL_DESERIALIZER_INSTANCE_deserializer_ctx
-     (OSSL_DESERIALIZER_INSTANCE *deser_inst);
-
 Feature availability macros:
 
 =over 4
@@ -83,26 +95,23 @@ what type of input they have.  In this case, OSSL_DESERIALIZER_from_bio()
 will simply try with one deserializer implementation after the other, and
 thereby discover what kind of input the caller gave it.
 
-For every deserialization done, even intermediary, a I<finalizer>
-provided by the caller is used to attempt to "finalize" the current
-deserialization output, which is always a provider side object of some
-sort, by "wrapping" it into some appropriate type or structure that
-the caller knows how to handle.  Exactly what this "wrapping" consists
-of is entirely at the discretion of the I<finalizer>.
+For every deserialization done, even an intermediary one, a constructor
+provided by the caller is called to attempt to construct an appropriate type
+/ structure that the caller knows how to handle from the current
+deserialization result.
+The constructor is set with OSSL_DESERIALIZER_CTX_set_construct().
 
 B<OSSL_DESERIALIZER_INSTANCE> is an opaque structure that contains
 data about the deserializer that was just used, and that may be
-useful for the I<finalizer>.  There are some functions to extract data
+useful for the constructor.  There are some functions to extract data
 from this type, described further down.
 
 =head2 Functions
 
 OSSL_DESERIALIZER_from_bio() runs the deserialization process for the
-context I<ctx>, with the input coming from the B<BIO> I<in>.  The
-application is required to set up the B<BIO> properly, for example to
-have it in text or binary mode if that's appropriate.
-
-=for comment Know your deserializer!
+context I<ctx>, with the input coming from the B<BIO> I<in>.  Should
+it make a difference, it's recommended to have the BIO set in binary
+mode rather than text mode.
 
 OSSL_DESERIALIZER_from_fp() does the same thing as OSSL_DESERIALIZER_from_bio(),
 except that the input is coming from the B<FILE> I<fp>.
@@ -122,17 +131,28 @@ description above.
 OSSL_DESERIALIZER_CTX_num_deserializers() gets the number of
 deserializers currently added to the context I<ctx>.
 
-OSSL_DESERIALIZER_CTX_set_finalizer() sets the I<finalizer> function
-together with the caller argument for the finalizer, I<finalize_arg>,
-as well as I<cleaner>, the function to clean up I<finalize_arg> when
-the deserialization has concluded.
+OSSL_DESERIALIZER_CTX_set_construct() sets the constructor I<construct>.
 
-OSSL_DESERIALIZER_export() is a fallback function for I<finalizers>
-that can't use the data they get directly for diverse reasons.  It
-takes the same deserialize instance I<deser_inst> that the
-I<finalizer> got and an object I<reference>, unpacks the object that
-refers to, and exports it by creating an L<OSSL_PARAM(3)> array that
-it then passes to I<export_cb>, along with I<export_arg>.
+OSSL_DESERIALIZER_CTX_set_construct_data() sets the constructor data that is
+passed to the constructor every time it's called.
+
+OSSL_DESERIALIZER_CTX_set_cleanup() sets the constructor data I<cleanup>
+function.  This is called by L<OSSL_DESERIALIZER_CTX_free(3)>.
+
+OSSL_DESERIALIZER_CTX_get_construct(),
+OSSL_DESERIALIZER_CTX_get_construct_data() and
+OSSL_DESERIALIZER_CTX_get_cleanup()
+return the values that have been set by
+OSSL_DESERIALIZER_CTX_set_construct(),
+OSSL_DESERIALIZER_CTX_set_construct_data() and
+OSSL_DESERIALIZER_CTX_set_cleanup() respectively.
+
+OSSL_DESERIALIZER_export() is a fallback function for constructors that
+cannot use the data they get directly for diverse reasons.  It takes the same
+deserialize instance I<deser_inst> that the constructor got and an object
+I<reference>, unpacks the object which it refers to, and exports it by creating
+an L<OSSL_PARAM(3)> array that it then passes to I<export_cb>, along with
+I<export_arg>.
 
 OSSL_DESERIALIZER_INSTANCE_deserializer() can be used to get the
 deserializer method from a deserializer instance I<deser_inst>.
@@ -141,32 +161,31 @@ OSSL_DESERIALIZER_INSTANCE_deserializer-ctx() can be used to get the
 deserializer method's provider context from a deserializer instance
 I<deser_inst>.
 
-=head2 Finalizer
+=head2 Constructor
 
-The I<finalizer> gets the following arguments:
+A B<OSSL_DESERIALIZER_CONSTRUCT> gets the following arguments:
 
 =over 4
 
 =item I<deser_inst>
 
 The B<OSSL_DESERIALIZER_INSTANCE> for the deserializer from which
-I<finalizer> gets its data.
+the constructor gets its data.
 
 =item I<params>
 
 The data produced by the deserializer, further described below.
 
-=item I<finalize_arg>
+=item I<construct_data>
 
-The pointer that was set with OSSL_DESERIALIZE_CTX_set_finalizer() as
-I<finalize_arg>.
+The pointer that was set with OSSL_DESERIALIZE_CTX_set_construct_data().
 
 =back
 
-The I<finalizer> is expected to return 1 when the data it receives can
-be "finalized", otherwise 0.
+The constructor is expected to return 1 when the data it receives can
+be constructed, otherwise 0.
 
-The globally known parameters that I<finalize> can get in I<params>
+The globally known parameters that the constructor can get in I<params>
 are:
 
 =over 4
@@ -177,7 +196,7 @@ This is a detected content type that some deserializers may provide.
 For example, PEM input sometimes has a type specified in its header,
 and some deserializers may add that information as this parameter.
 This is an optional parameter, but may be useful for extra checks in
-the I<finalizer>.
+the constructor.
 
 =item "data" (B<OSSL_DESERIALIZER_PARAM_DATA>) <octet string>
 
@@ -185,7 +204,7 @@ The deserialized data itself, as an octet string.  This is produced by
 deserializers when it's possible to pass an object in this form.  Most
 often, this is simply meant to be passed to the next deserializer in a
 chain, but could be considered final data as well, at the discretion
-of the I<finalizer>.
+of the constructor.
 
 =item "reference" (B<OSSL_DESERIALIZER_PARAM_DATA>) <octet string>
 
@@ -197,11 +216,12 @@ provides I<deser>.
 =back
 
 At least one of "data" or "reference" must be present, and it's
-possible that both can be.  A I<finalizer> should choose to use the
-"reference" parameter if possible, otherwise the "data" parameter.
+possible that both can be.  A constructor should choose to use the
+"reference" parameter if possible, otherwise it should use the "data"
+parameter.
 
 If it's not possible to use the "reference" parameter, but that's
-still what a I<finalizer> wants to do, it is possible to use
+still what a constructor wants to do, it is possible to use
 OSSL_DESERIALIZER_export() as a fallback.
 
 =head1 RETURN VALUES
@@ -210,10 +230,17 @@ OSSL_DESERIALIZER_from_bio() and OSSL_DESERIALIZER_from_fp() return 1 on
 success, or 0 on failure.
 
 OSSL_DESERIALIZER_CTX_add_deserializer(),
-OSSL_DESERIALIZER_CTX_add_extra(), and
-OSSL_DESERIALIZER_CTX_set_finalizer() return 1 on success, or 0 on
+OSSL_DESERIALIZER_CTX_add_extra(),
+OSSL_DESERIALIZER_CTX_set_construct(),
+OSSL_DESERIALIZER_CTX_set_construct_data() and
+OSSL_DESERIALIZER_CTX_set_cleanup() return 1 on success, or 0 on
 failure.
 
+OSSL_DESERIALIZER_CTX_get_construct(),
+OSSL_DESERIALIZER_CTX_get_construct_data() and
+OSSL_DESERIALIZER_CTX_get_cleanup() return the current pointers to the
+cosntructor, the constructor data and the cleanup functions, respectively.
+
 OSSL_DESERIALIZER_CTX_num_deserializers() returns the current
 number of deserializers.  It returns 0 if I<ctx> is NULL.
 
diff --git a/include/openssl/deserializer.h b/include/openssl/deserializer.h
index d54e47915d..0133785b50 100644
--- a/include/openssl/deserializer.h
+++ b/include/openssl/deserializer.h
@@ -55,14 +55,12 @@ int OSSL_DESERIALIZER_CTX_set_params(OSSL_DESERIALIZER_CTX *ctx,
 void OSSL_DESERIALIZER_CTX_free(OSSL_DESERIALIZER_CTX *ctx);
 
 /* Utilities that help set specific parameters */
-int OSSL_DESERIALIZER_CTX_set_cipher(OSSL_DESERIALIZER_CTX *ctx,
-                                     const char *cipher_name,
-                                     const char *propquery);
 int OSSL_DESERIALIZER_CTX_set_passphrase(OSSL_DESERIALIZER_CTX *ctx,
                                          const unsigned char *kstr,
                                          size_t klen);
-int OSSL_DESERIALIZER_CTX_set_passphrase_cb(OSSL_DESERIALIZER_CTX *ctx,
-                                            pem_password_cb *cb, void *cbarg);
+int OSSL_DESERIALIZER_CTX_set_pem_password_cb(OSSL_DESERIALIZER_CTX *ctx,
+                                              pem_password_cb *cb,
+                                              void *cbarg);
 int OSSL_DESERIALIZER_CTX_set_passphrase_ui(OSSL_DESERIALIZER_CTX *ctx,
                                             const UI_METHOD *ui_method,
                                             void *ui_data);
@@ -81,25 +79,32 @@ int OSSL_DESERIALIZER_CTX_add_extra(OSSL_DESERIALIZER_CTX *ctx,
 int OSSL_DESERIALIZER_CTX_num_deserializers(OSSL_DESERIALIZER_CTX *ctx);
 
 typedef struct ossl_deserializer_instance_st OSSL_DESERIALIZER_INSTANCE;
-typedef int (OSSL_DESERIALIZER_FINALIZER)
-    (OSSL_DESERIALIZER_INSTANCE *deser_inst,
-     const OSSL_PARAM *params, void *finalize_arg);
-typedef void (OSSL_DESERIALIZER_CLEANER)(void *finalize_arg);
+OSSL_DESERIALIZER *OSSL_DESERIALIZER_INSTANCE_deserializer
+    (OSSL_DESERIALIZER_INSTANCE *deser_inst);
+void *OSSL_DESERIALIZER_INSTANCE_deserializer_ctx
+    (OSSL_DESERIALIZER_INSTANCE *deser_inst);
 
-int OSSL_DESERIALIZER_CTX_set_finalizer(OSSL_DESERIALIZER_CTX *ctx,
-                                        OSSL_DESERIALIZER_FINALIZER *finalizer,
-                                        OSSL_DESERIALIZER_CLEANER *cleaner,
-                                        void *finalize_arg);
+typedef int (OSSL_DESERIALIZER_CONSTRUCT)
+    (OSSL_DESERIALIZER_INSTANCE *deser_inst,
+     const OSSL_PARAM *params, void *construct_data);
+typedef void (OSSL_DESERIALIZER_CLEANUP)(void *construct_data);
+
+int OSSL_DESERIALIZER_CTX_set_construct(OSSL_DESERIALIZER_CTX *ctx,
+                                        OSSL_DESERIALIZER_CONSTRUCT *construct);
+int OSSL_DESERIALIZER_CTX_set_construct_data(OSSL_DESERIALIZER_CTX *ctx,
+                                             void *construct_data);
+int OSSL_DESERIALIZER_CTX_set_cleanup(OSSL_DESERIALIZER_CTX *ctx,
+                                      OSSL_DESERIALIZER_CLEANUP *cleanup);
+OSSL_DESERIALIZER_CONSTRUCT *
+OSSL_DESERIALIZER_CTX_get_construct(OSSL_DESERIALIZER_CTX *ctx);
+void *OSSL_DESERIALIZER_CTX_get_construct_data(OSSL_DESERIALIZER_CTX *ctx);
+OSSL_DESERIALIZER_CLEANUP *
+OSSL_DESERIALIZER_CTX_get_cleanup(OSSL_DESERIALIZER_CTX *ctx);
 
 int OSSL_DESERIALIZER_export(OSSL_DESERIALIZER_INSTANCE *deser_inst,
                              void *reference, size_t reference_sz,
                              OSSL_CALLBACK *export_cb, void *export_cbarg);
 
-OSSL_DESERIALIZER *OSSL_DESERIALIZER_INSTANCE_deserializer
-    (OSSL_DESERIALIZER_INSTANCE *deser_inst);
-void *OSSL_DESERIALIZER_INSTANCE_deserializer_ctx
-    (OSSL_DESERIALIZER_INSTANCE *deser_inst);
-
 int OSSL_DESERIALIZER_from_bio(OSSL_DESERIALIZER_CTX *ctx, BIO *in);
 #ifndef OPENSSL_NO_STDIO
 int OSSL_DESERIALIZER_from_fp(OSSL_DESERIALIZER_CTX *ctx, FILE *in);
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 78771ca251..57b6ff1f7c 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -466,6 +466,14 @@ typedef int (EVP_PBE_KEYGEN) (EVP_CIPHER_CTX *ctx, const char *pass,
 # ifndef OPENSSL_NO_EC
 #  define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC,\
                                         (eckey))
+#  define EVP_PKEY_assign_X25519(pkey,ecxkey) EVP_PKEY_assign((pkey),EVP_PKEY_X25519,\
+                                        (ecxkey))
+#  define EVP_PKEY_assign_X448(pkey,ecxkey) EVP_PKEY_assign((pkey),EVP_PKEY_X448,\
+                                        (ecxkey))
+#  define EVP_PKEY_assign_ED25519(pkey,ecxkey) EVP_PKEY_assign((pkey),EVP_PKEY_ED25519,\
+                                        (ecxkey))
+#  define EVP_PKEY_assign_ED448(pkey,ecxkey) EVP_PKEY_assign((pkey),EVP_PKEY_ED448,\
+                                        (ecxkey))
 # endif
 # ifndef OPENSSL_NO_SIPHASH
 #  define EVP_PKEY_assign_SIPHASH(pkey,shkey) EVP_PKEY_assign((pkey),\
@@ -1222,6 +1230,19 @@ struct ec_key_st;
 int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, struct ec_key_st *key);
 struct ec_key_st *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey);
 struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+struct ecx_key_st;
+int EVP_PKEY_set1_X25519(EVP_PKEY *pkey, struct ecx_key_st *key);
+struct ecx_key_st *EVP_PKEY_get0_X25519(const EVP_PKEY *pkey);
+struct ecx_key_st *EVP_PKEY_get1_X25519(EVP_PKEY *pkey);
+int EVP_PKEY_set1_X448(EVP_PKEY *pkey, struct ecx_key_st *key);
+struct ecx_key_st *EVP_PKEY_get0_X448(const EVP_PKEY *pkey);
+struct ecx_key_st *EVP_PKEY_get1_X448(EVP_PKEY *pkey);
+int EVP_PKEY_set1_ED25519(EVP_PKEY *pkey, struct ecx_key_st *key);
+struct ecx_key_st *EVP_PKEY_get0_ED25519(const EVP_PKEY *pkey);
+struct ecx_key_st *EVP_PKEY_get1_ED25519(EVP_PKEY *pkey);
+int EVP_PKEY_set1_ED448(EVP_PKEY *pkey, struct ecx_key_st *key);
+struct ecx_key_st *EVP_PKEY_get0_ED448(const EVP_PKEY *pkey);
+struct ecx_key_st *EVP_PKEY_get1_ED448(EVP_PKEY *pkey);
 # endif
 
 EVP_PKEY *EVP_PKEY_new(void);
diff --git a/include/openssl/evperr.h b/include/openssl/evperr.h
index 6bc106812b..5aa002815a 100644
--- a/include/openssl/evperr.h
+++ b/include/openssl/evperr.h
@@ -102,6 +102,7 @@ int ERR_load_EVP_strings(void);
 #  define EVP_F_EVP_PKEY_ENCRYPT_OLD                       0
 #  define EVP_F_EVP_PKEY_GET0_DH                           0
 #  define EVP_F_EVP_PKEY_GET0_DSA                          0
+#  define EVP_F_EVP_PKEY_GET0_ECX_KEY                      0
 #  define EVP_F_EVP_PKEY_GET0_EC_KEY                       0
 #  define EVP_F_EVP_PKEY_GET0_HMAC                         0
 #  define EVP_F_EVP_PKEY_GET0_POLY1305                     0
@@ -185,6 +186,7 @@ int ERR_load_EVP_strings(void);
 # define EVP_R_EXPECTING_AN_RSA_KEY                       127
 # define EVP_R_EXPECTING_A_DH_KEY                         128
 # define EVP_R_EXPECTING_A_DSA_KEY                        129
+# define EVP_R_EXPECTING_A_ECX_KEY                        219
 # define EVP_R_EXPECTING_A_EC_KEY                         142
 # define EVP_R_EXPECTING_A_POLY1305_KEY                   164
 # define EVP_R_EXPECTING_A_SIPHASH_KEY                    175
diff --git a/providers/deserializers.inc b/providers/deserializers.inc
index bab709d31d..ead1c67878 100644
--- a/providers/deserializers.inc
+++ b/providers/deserializers.inc
@@ -11,6 +11,20 @@
 # error Macro DESER undefined
 #endif
 
+#ifndef OPENSSL_NO_DH
+    DESER("DH", "yes", "der", der_to_dh_deserializer_functions),
+#endif
+#ifndef OPENSSL_NO_DSA
+    DESER("DSA", "yes", "der", der_to_dsa_deserializer_functions),
+#endif
+#ifndef OPENSSL_NO_EC
+    DESER("EC", "yes", "der", der_to_ec_deserializer_functions),
+    DESER("ED25519", "yes", "der", der_to_ed25519_deserializer_functions),
+    DESER("ED448", "yes", "der", der_to_ed448_deserializer_functions),
+    DESER("X25519", "yes", "der", der_to_x25519_deserializer_functions),
+    DESER("X448", "yes", "der", der_to_x448_deserializer_functions),
+#endif
     DESER("RSA", "yes", "der", der_to_rsa_deserializer_functions),
     DESER("RSA-PSS", "yes", "der", der_to_rsapss_deserializer_functions),
+
     DESER("DER", "yes", "pem", pem_to_der_deserializer_functions),
diff --git a/providers/implementations/include/prov/implementations.h b/providers/implementations/include/prov/implementations.h
index b02f0c6476..73d4a0225e 100644
--- a/providers/implementations/include/prov/implementations.h
+++ b/providers/implementations/include/prov/implementations.h
@@ -359,6 +359,13 @@ extern const OSSL_DISPATCH ec_priv_pem_serializer_functions[];
 extern const OSSL_DISPATCH ec_pub_pem_serializer_functions[];
 extern const OSSL_DISPATCH ec_param_pem_serializer_functions[];
 
+extern const OSSL_DISPATCH der_to_dh_deserializer_functions[];
+extern const OSSL_DISPATCH der_to_dsa_deserializer_functions[];
+extern const OSSL_DISPATCH der_to_ec_deserializer_functions[];
+extern const OSSL_DISPATCH der_to_x25519_deserializer_functions[];
+extern const OSSL_DISPATCH der_to_x448_deserializer_functions[];
+extern const OSSL_DISPATCH der_to_ed25519_deserializer_functions[];
+extern const OSSL_DISPATCH der_to_ed448_deserializer_functions[];
 extern const OSSL_DISPATCH der_to_rsa_deserializer_functions[];
 extern const OSSL_DISPATCH der_to_rsapss_deserializer_functions[];
 extern const OSSL_DISPATCH pem_to_der_deserializer_functions[];
diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c
index aa4097766d..2a8b7f8521 100644
--- a/providers/implementations/keymgmt/dh_kmgmt.c
+++ b/providers/implementations/keymgmt/dh_kmgmt.c
@@ -34,6 +34,7 @@ static OSSL_FUNC_keymgmt_gen_set_params_fn dh_gen_set_params;
 static OSSL_FUNC_keymgmt_gen_settable_params_fn dh_gen_settable_params;
 static OSSL_FUNC_keymgmt_gen_fn dh_gen;
 static OSSL_FUNC_keymgmt_gen_cleanup_fn dh_gen_cleanup;
+static OSSL_FUNC_keymgmt_load_fn dh_load;
 static OSSL_FUNC_keymgmt_get_params_fn dh_get_params;
 static OSSL_FUNC_keymgmt_gettable_params_fn dh_gettable_params;
 static OSSL_FUNC_keymgmt_set_params_fn dh_set_params;
@@ -644,6 +645,20 @@ static void dh_gen_cleanup(void *genctx)
     OPENSSL_free(gctx);
 }
 
+void *dh_load(const void *reference, size_t reference_sz)
+{
+    DH *dh = NULL;
+
+    if (reference_sz == sizeof(dh)) {
+        /* The contents of the reference is the address to our object */
+        dh = *(DH **)reference;
+        /* We grabbed, so we detach it */
+        *(DH **)reference = NULL;
+        return dh;
+    }
+    return NULL;
+}
+
 const OSSL_DISPATCH dh_keymgmt_functions[] = {
     { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))dh_newdata },
     { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))dh_gen_init },
@@ -653,6 +668,7 @@ const OSSL_DISPATCH dh_keymgmt_functions[] = {
       (void (*)(void))dh_gen_settable_params },
     { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))dh_gen },
     { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))dh_gen_cleanup },
+    { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))dh_load },
     { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))dh_freedata },
     { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))dh_get_params },
     { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))dh_gettable_params },
diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c
index 3d38fea44d..58e9fc564f 100644
--- a/providers/implementations/keymgmt/dsa_kmgmt.c
+++ b/providers/implementations/keymgmt/dsa_kmgmt.c
@@ -34,6 +34,7 @@ static OSSL_FUNC_keymgmt_gen_set_params_fn dsa_gen_set_params;
 static OSSL_FUNC_keymgmt_gen_settable_params_fn dsa_gen_settable_params;
 static OSSL_FUNC_keymgmt_gen_fn dsa_gen;
 static OSSL_FUNC_keymgmt_gen_cleanup_fn dsa_gen_cleanup;
+static OSSL_FUNC_keymgmt_load_fn dsa_load;
 static OSSL_FUNC_keymgmt_get_params_fn dsa_get_params;
 static OSSL_FUNC_keymgmt_gettable_params_fn dsa_gettable_params;
 static OSSL_FUNC_keymgmt_has_fn dsa_has;
@@ -557,6 +558,20 @@ static void dsa_gen_cleanup(void *genctx)
     OPENSSL_free(gctx);
 }
 
+void *dsa_load(const void *reference, size_t reference_sz)
+{
+    DSA *dsa = NULL;
+
+    if (reference_sz == sizeof(dsa)) {
+        /* The contents of the reference is the address to our object */
+        dsa = *(DSA **)reference;
+        /* We grabbed, so we detach it */
+        *(DSA **)reference = NULL;
+        return dsa;
+    }
+    return NULL;
+}
+
 const OSSL_DISPATCH dsa_keymgmt_functions[] = {
     { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))dsa_newdata },
     { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))dsa_gen_init },
@@ -566,6 +581,7 @@ const OSSL_DISPATCH dsa_keymgmt_functions[] = {
       (void (*)(void))dsa_gen_settable_params },
     { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))dsa_gen },
     { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))dsa_gen_cleanup },
+    { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))dsa_load },
     { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))dsa_freedata },
     { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))dsa_get_params },
     { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))dsa_gettable_params },
diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c
index c1114eee7f..4d040a1902 100644
--- a/providers/implementations/keymgmt/ec_kmgmt.c
+++ b/providers/implementations/keymgmt/ec_kmgmt.c
@@ -33,6 +33,7 @@ static OSSL_FUNC_keymgmt_gen_set_params_fn ec_gen_set_params;
 static OSSL_FUNC_keymgmt_gen_settable_params_fn ec_gen_settable_params;
 static OSSL_FUNC_keymgmt_gen_fn ec_gen;
 static OSSL_FUNC_keymgmt_gen_cleanup_fn ec_gen_cleanup;
+static OSSL_FUNC_keymgmt_load_fn ec_load;
 static OSSL_FUNC_keymgmt_free_fn ec_freedata;
 static OSSL_FUNC_keymgmt_get_params_fn ec_get_params;
 static OSSL_FUNC_keymgmt_gettable_params_fn ec_gettable_params;
@@ -299,7 +300,7 @@ static int ec_match(const void *keydata1, const void *keydata2, int selection)
         const EC_POINT *pa = EC_KEY_get0_public_key(ec1);
         const EC_POINT *pb = EC_KEY_get0_public_key(ec2);
 
-        ok = ok && EC_POINT_cmp(group_b, pa, pb, NULL);
+        ok = ok && EC_POINT_cmp(group_b, pa, pb, NULL) == 0;
     }
     return ok;
 }
@@ -791,6 +792,20 @@ static void ec_gen_cleanup(void *genctx)
     OPENSSL_free(gctx);
 }
 
+void *ec_load(const void *reference, size_t reference_sz)
+{
+    EC_KEY *ec = NULL;
+
+    if (reference_sz == sizeof(ec)) {
+        /* The contents of the reference is the address to our object */
+        ec = *(EC_KEY **)reference;
+        /* We grabbed, so we detach it */
+        *(EC_KEY **)reference = NULL;
+        return ec;
+    }
+    return NULL;
+}
+
 const OSSL_DISPATCH ec_keymgmt_functions[] = {
     { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))ec_newdata },
     { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))ec_gen_init },
@@ -801,6 +816,7 @@ const OSSL_DISPATCH ec_keymgmt_functions[] = {
       (void (*)(void))ec_gen_settable_params },
     { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))ec_gen },
     { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))ec_gen_cleanup },
+    { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))ec_load },
     { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))ec_freedata },
     { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))ec_get_params },
     { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))ec_gettable_params },
diff --git a/providers/implementations/keymgmt/ecx_kmgmt.c b/providers/implementations/keymgmt/ecx_kmgmt.c
index 542592666e..a1e1edbf5a 100644
--- a/providers/implementations/keymgmt/ecx_kmgmt.c
+++ b/providers/implementations/keymgmt/ecx_kmgmt.c
@@ -41,6 +41,7 @@ static OSSL_FUNC_keymgmt_gen_fn x448_gen;
 static OSSL_FUNC_keymgmt_gen_fn ed25519_gen;
 static OSSL_FUNC_keymgmt_gen_fn ed448_gen;
 static OSSL_FUNC_keymgmt_gen_cleanup_fn ecx_gen_cleanup;
+static OSSL_FUNC_keymgmt_load_fn ecx_load;
 static OSSL_FUNC_keymgmt_get_params_fn x25519_get_params;
 static OSSL_FUNC_keymgmt_get_params_fn x448_get_params;
 static OSSL_FUNC_keymgmt_get_params_fn ed25519_get_params;
@@ -589,6 +590,20 @@ static void ecx_gen_cleanup(void *genctx)
     OPENSSL_free(gctx);
 }
 
+void *ecx_load(const void *reference, size_t reference_sz)
+{
+    ECX_KEY *key = NULL;
+
+    if (reference_sz == sizeof(key)) {
+        /* The contents of the reference is the address to our object */
+        key = *(ECX_KEY **)reference;
+        /* We grabbed, so we detach it */
+        *(ECX_KEY **)reference = NULL;
+        return key;
+    }
+    return NULL;
+}
+
 #define MAKE_KEYMGMT_FUNCTIONS(alg) \
     const OSSL_DISPATCH alg##_keymgmt_functions[] = { \
         { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))alg##_new_key }, \
@@ -609,6 +624,7 @@ static void ecx_gen_cleanup(void *genctx)
           (void (*)(void))ecx_gen_settable_params }, \
         { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))alg##_gen }, \
         { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))ecx_gen_cleanup }, \
+        { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))ecx_load }, \
         { 0, NULL } \
     };
 
diff --git a/providers/implementations/serializers/build.info b/providers/implementations/serializers/build.info
index bcfe9d4d4b..d660385163 100644
--- a/providers/implementations/serializers/build.info
+++ b/providers/implementations/serializers/build.info
@@ -2,6 +2,7 @@
 # switch each to the Legacy provider when needed.
 
 $SERIALIZER_GOAL=../../libimplementations.a
+$DESERIALIZER_GOAL=../../libimplementations.a
 $RSA_GOAL=../../libimplementations.a
 $FFC_GOAL=../../libimplementations.a
 $DH_GOAL=../../libimplementations.a
@@ -11,7 +12,7 @@ $EC_GOAL=../../libimplementations.a
 
 SOURCE[$SERIALIZER_GOAL]=serializer_common.c deserialize_common.c
 
-SOURCE[$RSA_GOAL]=deserialize_der2rsa.c deserialize_pem2der.c
+SOURCE[$RSA_GOAL]=deserialize_der2key.c deserialize_pem2der.c
 SOURCE[$RSA_GOAL]=serializer_rsa.c serializer_rsa_priv.c serializer_rsa_pub.c
 DEPEND[serializer_rsa.o]=../../common/include/prov/der_rsa.h
 
diff --git a/providers/implementations/serializers/deserialize_common.c b/providers/implementations/serializers/deserialize_common.c
index 449d57b0a3..1a9d3d4a77 100644
--- a/providers/implementations/serializers/deserialize_common.c
+++ b/providers/implementations/serializers/deserialize_common.c
@@ -47,7 +47,7 @@ int ossl_prov_read_pem(PROV_CTX *provctx, OSSL_CORE_BIO *cin,
 
 int ossl_prov_der_from_p8(unsigned char **new_der, long *new_der_len,
                           unsigned char *input_der, long input_der_len,
-                          struct pkcs8_encrypt_ctx_st *ctx)
+                          OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
 {
     const unsigned char *derp;
     X509_SIG *p8 = NULL;
@@ -57,30 +57,20 @@ int ossl_prov_der_from_p8(unsigned char **new_der, long *new_der_len,
         || !ossl_assert(new_der_len != NULL))
         return 0;
 
-    if (ctx->cipher == NULL)
-        return 0;
-
     derp = input_der;
     if ((p8 = d2i_X509_SIG(NULL, &derp, input_der_len)) != NULL) {
         char pbuf[PEM_BUFSIZE];
-        const void *pstr = ctx->cipher_pass;
-        size_t plen = ctx->cipher_pass_length;
-
-        if (pstr == NULL) {
-            pstr = pbuf;
-            if (!ctx->cb(pbuf, sizeof(pbuf), &plen, NULL, ctx->cbarg)) {
-                ERR_raise(ERR_LIB_PROV, PROV_R_READ_KEY);
-                pstr = NULL;
-            }
-        }
+        size_t plen = 0;
 
-        if (pstr != NULL) {
+        if (!pw_cb(pbuf, sizeof(pbuf), &plen, NULL, pw_cbarg)) {
+            ERR_raise(ERR_LIB_PROV, PROV_R_READ_KEY);
+        } else {
             const X509_ALGOR *alg = NULL;
             const ASN1_OCTET_STRING *oct = NULL;
             int len = 0;
 
             X509_SIG_get0(p8, &alg, &oct);
-            if (PKCS12_pbe_crypt(alg, pstr, plen, oct->data, oct->length,
+            if (PKCS12_pbe_crypt(alg, pbuf, plen, oct->data, oct->length,
                                  new_der, &len, 0) != NULL)
                 ok = 1;
             *new_der_len = len;
diff --git a/providers/implementations/serializers/deserialize_der2key.c b/providers/implementations/serializers/deserialize_der2key.c
new file mode 100644
index 0000000000..a544d8522c
--- /dev/null
+++ b/providers/implementations/serializers/deserialize_der2key.c
@@ -0,0 +1,234 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/*
+ * low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
+#include <openssl/core_dispatch.h>
+#include <openssl/core_names.h>
+#include <openssl/crypto.h>
+#include <openssl/params.h>
+#include <openssl/x509.h>
+#include "prov/bio.h"
+#include "prov/implementations.h"
+#include "serializer_local.h"
+
+static OSSL_FUNC_deserializer_newctx_fn der2rsa_newctx;
+
+static OSSL_FUNC_deserializer_freectx_fn der2key_freectx;
+static OSSL_FUNC_deserializer_gettable_params_fn der2key_gettable_params;
+static OSSL_FUNC_deserializer_get_params_fn der2key_get_params;
+static OSSL_FUNC_deserializer_deserialize_fn der2key_deserialize;
+static OSSL_FUNC_deserializer_export_object_fn der2key_export_object;
+
+typedef void *(extract_key_fn)(EVP_PKEY *);
+typedef void (free_key_fn)(void *);
+struct keytype_desc_st {
+    int type;                 /* EVP key type */
+    const char *name;         /* Keytype */
+    const OSSL_DISPATCH *fns; /* Keymgmt (to pilfer functions from) */
+
+    /*
+     * These must be the correct EVP_PKEY_get1_{TYPE}() and {TYPE}_free()
+     * function for the key.
+     */
+    extract_key_fn *extract_key;
+    free_key_fn *free_key;
+};
+
+/*
+ * Context used for DER to key deserialization.
+ */
+struct der2key_ctx_st {
+    PROV_CTX *provctx;
+    const struct keytype_desc_st *desc;
+};
+
+static struct der2key_ctx_st *
+der2key_newctx(void *provctx, const struct keytype_desc_st *desc)
+{
+    struct der2key_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx));
+
+    if (ctx != NULL) {
+        ctx->provctx = provctx;
+        ctx->desc = desc;
+    }
+    return ctx;
+}
+
+static void der2key_freectx(void *vctx)
+{
+    struct der2key_ctx_st *ctx = vctx;
+
+    OPENSSL_free(ctx);
+}
+
+static const OSSL_PARAM *der2key_gettable_params(void)
+{
+    static const OSSL_PARAM gettables[] = {
+        { OSSL_DESERIALIZER_PARAM_INPUT_TYPE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 },
+        OSSL_PARAM_END,
+    };
+
+    return gettables;
+}
+
+static int der2key_get_params(OSSL_PARAM params[])
+{
+    OSSL_PARAM *p;
+
+    p = OSSL_PARAM_locate(params, OSSL_DESERIALIZER_PARAM_INPUT_TYPE);
+    if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "DER"))
+        return 0;
+
+    return 1;
+}
+
+static int der2key_deserialize(void *vctx, OSSL_CORE_BIO *cin,
+                               OSSL_CALLBACK *data_cb, void *data_cbarg,
+                               OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
+{
+    struct der2key_ctx_st *ctx = vctx;
+    void *libctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx);
+    unsigned char *der = NULL;
+    const unsigned char *derp;
+    long der_len = 0;
+    unsigned char *new_der = NULL;
+    long new_der_len;
+    EVP_PKEY *pkey = NULL;
+    void *key = NULL;
+    int ok = 0;
+
+    if (!ossl_prov_read_der(ctx->provctx, cin, &der, &der_len))
+        return 0;
+
+    /*
+     * Opportunistic attempt to decrypt.  If it doesn't work, we try to
+     * decode our input unencrypted.
+     */
+    if (ossl_prov_der_from_p8(&new_der, &new_der_len, der, der_len,
+                              pw_cb, pw_cbarg)) {
+        OPENSSL_free(der);
+        der = new_der;
+        der_len = new_der_len;
+    }
+
+    derp = der;
+    pkey = d2i_PrivateKey_ex(ctx->desc->type, NULL, &derp, der_len,
+                             libctx, NULL);
+    if (pkey == NULL) {
+        derp = der;
+        pkey = d2i_PUBKEY(NULL, &derp, der_len);
+    }
+
+    if (pkey != NULL) {
+        /*
+         * Tear out the low-level key pointer from the pkey,
+         * but only if it matches the expected key type.
+         *
+         * TODO(3.0): The check should be done with EVP_PKEY_is_a(), but
+         * as long as we still have #legacy internal keys, it's safer to
+         * use the type numbers in side the provider.
+         */
+        if (EVP_PKEY_id(pkey) == ctx->desc->type)
+            key = ctx->desc->extract_key(pkey);
+
+        /*
+         * ctx->desc->extract_key() is expected to have incremented |key|'s
+         * reference count, so it should be safe to free |pkey| now.
+         */
+        EVP_PKEY_free(pkey);
+    }
+
+    OPENSSL_free(der);
+
+    if (key != NULL) {
+        OSSL_PARAM params[3];
+
+        params[0] =
+            OSSL_PARAM_construct_utf8_string(OSSL_DESERIALIZER_PARAM_DATA_TYPE,
+                                             (char *)ctx->desc->name, 0);
+        /* The address of the key becomes the octet string */
+        params[1] =
+            OSSL_PARAM_construct_octet_string(OSSL_DESERIALIZER_PARAM_REFERENCE,
+                                              &key, sizeof(key));
+        params[2] = OSSL_PARAM_construct_end();
+
+        ok = data_cb(params, data_cbarg);
+    }
+    ctx->desc->free_key(key);
+
+    return ok;
+}
+
+static int der2key_export_object(void *vctx,
+                                 const void *reference, size_t reference_sz,
+                                 OSSL_CALLBACK *export_cb, void *export_cbarg)
+{
+    struct der2key_ctx_st *ctx = vctx;
+    OSSL_FUNC_keymgmt_export_fn *export =
+        ossl_prov_get_keymgmt_export(ctx->desc->fns);
+    void *keydata;
+
+    if (reference_sz == sizeof(keydata) && export != NULL) {
+        /* The contents of the reference is the address to our object */
+        keydata = *(void **)reference;
+
+        return export(keydata, OSSL_KEYMGMT_SELECT_ALL,
+                      export_cb, export_cbarg);
+    }
+    return 0;
+}
+
+#define IMPLEMENT_NEWCTX(KEYTYPEstr, KEYTYPE, keytype, extract, free)   \
+    static const struct keytype_desc_st keytype##_desc =                \
+        { EVP_PKEY_##KEYTYPE, KEYTYPEstr, keytype##_keymgmt_functions,  \
+          (extract_key_fn *)extract,                                    \
+          (free_key_fn *)free };                                        \
+    static void *der2##keytype##_newctx(void *provctx)                  \
+    {                                                                   \
+        return der2key_newctx(provctx, &keytype##_desc);                \
+    }                                                                   \
+    const OSSL_DISPATCH der_to_##keytype##_deserializer_functions[] = { \
+        { OSSL_FUNC_DESERIALIZER_NEWCTX,                                \
+          (void (*)(void))der2##keytype##_newctx },                     \
+        { OSSL_FUNC_DESERIALIZER_FREECTX,                               \
+          (void (*)(void))der2key_freectx },                            \
+        { OSSL_FUNC_DESERIALIZER_GETTABLE_PARAMS,                       \
+          (void (*)(void))der2key_gettable_params },                    \
+        { OSSL_FUNC_DESERIALIZER_GET_PARAMS,                            \
+          (void (*)(void))der2key_get_params },                         \
+        { OSSL_FUNC_DESERIALIZER_DESERIALIZE,                           \
+          (void (*)(void))der2key_deserialize },                        \
+        { OSSL_FUNC_DESERIALIZER_EXPORT_OBJECT,                         \
+          (void (*)(void))der2key_export_object },                      \
+        { 0, NULL }                                                     \
+    }
+
+#ifndef OPENSSL_NO_DH
+IMPLEMENT_NEWCTX("DH", DH, dh, EVP_PKEY_get1_DH, DH_free);
+#endif
+#ifndef OPENSSL_NO_DSA
+IMPLEMENT_NEWCTX("DSA", DSA, dsa, EVP_PKEY_get1_DSA, DSA_free);
+#endif
+#ifndef OPENSSL_NO_EC
+IMPLEMENT_NEWCTX("EC", EC, ec, EVP_PKEY_get1_EC_KEY, EC_KEY_free);
+IMPLEMENT_NEWCTX("X25519", X25519, x25519,
+                 EVP_PKEY_get1_X25519, ecx_key_free);
+IMPLEMENT_NEWCTX("X448", X448, x448,
+                 EVP_PKEY_get1_X448, ecx_key_free);
+IMPLEMENT_NEWCTX("ED25519", ED25519, ed25519,
+                 EVP_PKEY_get1_ED25519, ecx_key_free);
+IMPLEMENT_NEWCTX("ED448", ED448, ed448, EVP_PKEY_get1_ED448, ecx_key_free);
+#endif
+IMPLEMENT_NEWCTX("RSA", RSA, rsa, EVP_PKEY_get1_RSA, RSA_free);
+IMPLEMENT_NEWCTX("RSA-PSS", RSA_PSS, rsapss, EVP_PKEY_get1_RSA, RSA_free);
diff --git a/providers/implementations/serializers/deserialize_der2rsa.c b/providers/implementations/serializers/deserialize_der2rsa.c
deleted file mode 100644
index 75066546ba..0000000000
--- a/providers/implementations/serializers/deserialize_der2rsa.c
+++ /dev/null
@@ -1,309 +0,0 @@
-/*
- * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-/*
- * RSA low level APIs are deprecated for public use, but still ok for
- * internal use.
- */
-#include "internal/deprecated.h"
-
-#include <openssl/core_dispatch.h>
-#include <openssl/core_names.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/params.h>
-#include <openssl/x509.h>
-#include "prov/bio.h"
-#include "prov/implementations.h"
-#include "prov/providercommonerr.h"
-#include "serializer_local.h"
-
-static OSSL_FUNC_deserializer_newctx_fn der2rsa_newctx;
-static OSSL_FUNC_deserializer_freectx_fn der2rsa_freectx;
-static OSSL_FUNC_deserializer_gettable_params_fn der2rsa_gettable_params;
-static OSSL_FUNC_deserializer_get_params_fn der2rsa_get_params;
-static OSSL_FUNC_deserializer_settable_ctx_params_fn der2rsa_settable_ctx_params;
-static OSSL_FUNC_deserializer_set_ctx_params_fn der2rsa_set_ctx_params;
-static OSSL_FUNC_deserializer_deserialize_fn der2rsa_deserialize;
-static OSSL_FUNC_deserializer_export_object_fn der2rsa_export_object;
-
-/*
- * Context used for DER to RSA key deserialization.
- */
-struct der2rsa_ctx_st {
-    PROV_CTX *provctx;
-
-    int type;
-
-    struct pkcs8_encrypt_ctx_st sc;
-};
-
-static struct der2rsa_ctx_st *der2rsa_newctx_int(void *provctx)
-{
-    struct der2rsa_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx));
-
-    if (ctx != NULL) {
-        ctx->provctx = provctx;
-        /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */
-        ctx->sc.pbe_nid = -1;
-    }
-    return ctx;
-}
-
-static void *der2rsa_newctx(void *provctx)
-{
-    struct der2rsa_ctx_st *ctx = der2rsa_newctx_int(provctx);
-
-    if (ctx != NULL)
-        ctx->type = EVP_PKEY_RSA;
-    return ctx;
-}
-
-static void *der2rsapss_newctx(void *provctx)
-{
-    struct der2rsa_ctx_st *ctx = der2rsa_newctx_int(provctx);
-
-    if (ctx != NULL)
-        ctx->type = EVP_PKEY_RSA_PSS;
-    return ctx;
-}
-
-static void der2rsa_freectx(void *vctx)
-{
-    struct der2rsa_ctx_st *ctx = vctx;
-
-    EVP_CIPHER_free(ctx->sc.cipher);
-    OPENSSL_clear_free(ctx->sc.cipher_pass, ctx->sc.cipher_pass_length);
-    OPENSSL_free(ctx);
-}
-
-static const OSSL_PARAM *der2rsa_gettable_params(void)
-{
-    static const OSSL_PARAM gettables[] = {
-        { OSSL_DESERIALIZER_PARAM_INPUT_TYPE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 },
-        OSSL_PARAM_END,
-    };
-
-    return gettables;
-}
-
-static int der2rsa_get_params(OSSL_PARAM params[])
-{
-    OSSL_PARAM *p;
-
-    p = OSSL_PARAM_locate(params, OSSL_DESERIALIZER_PARAM_INPUT_TYPE);
-    if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "DER"))
-        return 0;
-
-    return 1;
-}
-
-
-static const OSSL_PARAM *der2rsa_settable_ctx_params(void)
-{
-    static const OSSL_PARAM settables[] = {
-        OSSL_PARAM_utf8_string(OSSL_DESERIALIZER_PARAM_CIPHER, NULL, 0),
-        OSSL_PARAM_utf8_string(OSSL_DESERIALIZER_PARAM_PROPERTIES, NULL, 0),
-        OSSL_PARAM_octet_string(OSSL_DESERIALIZER_PARAM_PASS, NULL, 0),
-        OSSL_PARAM_END,
-    };
-
-    return settables;
-}
-
-static int der2rsa_set_ctx_params(void *vctx, const OSSL_PARAM params[])
-{
-    struct der2rsa_ctx_st *ctx = vctx;
-    OPENSSL_CTX *libctx = PROV_CTX_get0_library_context(ctx->provctx);
-    const OSSL_PARAM *p;
-
-    if ((p = OSSL_PARAM_locate_const(params, OSSL_DESERIALIZER_PARAM_CIPHER))
-        != NULL) {
-        const OSSL_PARAM *propsp =
-            OSSL_PARAM_locate_const(params, OSSL_DESERIALIZER_PARAM_PROPERTIES);
-        const char *props = NULL;
-
-        if (p->data_type != OSSL_PARAM_UTF8_STRING)
-            return 0;
-        if (propsp != NULL && propsp->data_type != OSSL_PARAM_UTF8_STRING)
-            return 0;
-        props = (propsp != NULL ? propsp->data : NULL);
-
-        EVP_CIPHER_free(ctx->sc.cipher);
-        ctx->sc.cipher = NULL;
-        ctx->sc.cipher_intent = p->data != NULL;
-        if (p->data != NULL
-            && ((ctx->sc.cipher = EVP_CIPHER_fetch(libctx, p->data, props))
-                == NULL))
-            return 0;
-    }
-    if ((p = OSSL_PARAM_locate_const(params, OSSL_DESERIALIZER_PARAM_PASS))
-        != NULL) {
-        OPENSSL_clear_free(ctx->sc.cipher_pass, ctx->sc.cipher_pass_length);
-        ctx->sc.cipher_pass = NULL;
-        if (!OSSL_PARAM_get_octet_string(p, &ctx->sc.cipher_pass, 0,
-                                         &ctx->sc.cipher_pass_length))
-            return 0;
-    }
-    return 1;
-}
-
-static int der2rsa_deserialize(void *vctx, OSSL_CORE_BIO *cin,
-                               OSSL_CALLBACK *data_cb, void *data_cbarg,
-                               OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
-{
-    struct der2rsa_ctx_st *ctx = vctx;
-    void *libctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx);
-    RSA *rsa = NULL;
-    unsigned char *der = NULL;
-    const unsigned char *derp;
-    long der_len = 0;
-    unsigned char *new_der = NULL;
-    long new_der_len;
-    EVP_PKEY *pkey = NULL;
-    int ok = 0;
-
-    ctx->sc.cb = pw_cb;
-    ctx->sc.cbarg = pw_cbarg;
-
-    if (!ossl_prov_read_der(ctx->provctx, cin, &der, &der_len))
-        return 0;
-
-    /*
-     * Opportunistic attempt to decrypt.  If it doesn't work, we try to
-     * decode our input unencrypted.
-     */
-    if (ctx->sc.cipher_intent
-        && ossl_prov_der_from_p8(&new_der, &new_der_len, der, der_len,
-                                 &ctx->sc)) {
-        OPENSSL_free(der);
-        der = new_der;
-        der_len = new_der_len;
-    }
-
-    derp = der;
-    if ((pkey = d2i_PrivateKey_ex(ctx->type, NULL, &derp, der_len,
-                                  libctx, NULL)) != NULL) {
-        /* Tear out the RSA pointer from the pkey */
-        rsa = EVP_PKEY_get1_RSA(pkey);
-        EVP_PKEY_free(pkey);
-    }
-
-    OPENSSL_free(der);
-
-    if (rsa != NULL) {
-        OSSL_PARAM params[3];
-        char *object_type = NULL;
-
-        switch (RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK)) {
-        case RSA_FLAG_TYPE_RSA:
-            object_type = "RSA";
-            break;
-        case RSA_FLAG_TYPE_RSASSAPSS:
-            object_type = "RSA-PSS";
-            break;
-        default:
-            ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_RSA_KEY,
-                           "Expected the RSA type to be %d or %d, but got %d",
-                           RSA_FLAG_TYPE_RSA, RSA_FLAG_TYPE_RSASSAPSS,
-                           RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK));
-            goto end;
-        }
-
-
-        params[0] =
-            OSSL_PARAM_construct_utf8_string(OSSL_DESERIALIZER_PARAM_DATA_TYPE,
-                                             object_type, 0);
-        /* The address of the key becomes the octet string */
-        params[1] =
-            OSSL_PARAM_construct_octet_string(OSSL_DESERIALIZER_PARAM_REFERENCE,
-                                              &rsa, sizeof(rsa));
-        params[2] = OSSL_PARAM_construct_end();
-
-        ok = data_cb(params, data_cbarg);
-    }
- end:
-    RSA_free(rsa);
-
-    return ok;
-}
-
-static int der2rsa_export_object_int(void *vctx,
-                                     const void *reference, size_t reference_sz,
-                                     OSSL_FUNC_keymgmt_export_fn *rsa_export,
-                                     OSSL_CALLBACK *export_cb,
-                                     void *export_cbarg)
-{
-    void *keydata;
-
-    if (reference_sz == sizeof(keydata) && rsa_export != NULL) {
-        /* The contents of the reference is the address to our object */
-        keydata = *(RSA **)reference;
-
-        return rsa_export(keydata, OSSL_KEYMGMT_SELECT_ALL,
-                          export_cb, export_cbarg);
-    }
-    return 0;
-}
-
-static int der2rsa_export_object(void *vctx,
-                                 const void *reference, size_t reference_sz,
-                                 OSSL_CALLBACK *export_cb,
-                                 void *export_cbarg)
-{
-    return der2rsa_export_object_int(vctx, reference, reference_sz,
-                                     ossl_prov_get_keymgmt_rsa_export(),
-                                     export_cb, export_cbarg);
-}
-
-static int der2rsapss_export_object(void *vctx,
-                                    const void *reference, size_t reference_sz,
-                                    OSSL_CALLBACK *export_cb,
-                                    void *export_cbarg)
-{
-    return der2rsa_export_object_int(vctx, reference, reference_sz,
-                                     ossl_prov_get_keymgmt_rsapss_export(),
-                                     export_cb, export_cbarg);
-}
-
-const OSSL_DISPATCH der_to_rsa_deserializer_functions[] = {
-    { OSSL_FUNC_DESERIALIZER_NEWCTX, (void (*)(void))der2rsa_newctx },
-    { OSSL_FUNC_DESERIALIZER_FREECTX, (void (*)(void))der2rsa_freectx },
-    { OSSL_FUNC_DESERIALIZER_GETTABLE_PARAMS,
-      (void (*)(void))der2rsa_gettable_params },
-    { OSSL_FUNC_DESERIALIZER_GET_PARAMS,
-      (void (*)(void))der2rsa_get_params },
-    { OSSL_FUNC_DESERIALIZER_SETTABLE_CTX_PARAMS,
-      (void (*)(void))der2rsa_settable_ctx_params },
-    { OSSL_FUNC_DESERIALIZER_SET_CTX_PARAMS,
-      (void (*)(void))der2rsa_set_ctx_params },
-    { OSSL_FUNC_DESERIALIZER_DESERIALIZE,
-      (void (*)(void))der2rsa_deserialize },
-    { OSSL_FUNC_DESERIALIZER_EXPORT_OBJECT,
-      (void (*)(void))der2rsa_export_object },
-    { 0, NULL }
-};
-
-const OSSL_DISPATCH der_to_rsapss_deserializer_functions[] = {
-    { OSSL_FUNC_DESERIALIZER_NEWCTX, (void (*)(void))der2rsapss_newctx },
-    { OSSL_FUNC_DESERIALIZER_FREECTX, (void (*)(void))der2rsa_freectx },
-    { OSSL_FUNC_DESERIALIZER_GETTABLE_PARAMS,
-      (void (*)(void))der2rsa_gettable_params },
-    { OSSL_FUNC_DESERIALIZER_GET_PARAMS,
-      (void (*)(void))der2rsa_get_params },
-    { OSSL_FUNC_DESERIALIZER_SETTABLE_CTX_PARAMS,
-      (void (*)(void))der2rsa_settable_ctx_params },
-    { OSSL_FUNC_DESERIALIZER_SET_CTX_PARAMS,
-      (void (*)(void))der2rsa_set_ctx_params },
-    { OSSL_FUNC_DESERIALIZER_DESERIALIZE,
-      (void (*)(void))der2rsa_deserialize },
-    { OSSL_FUNC_DESERIALIZER_EXPORT_OBJECT,
-      (void (*)(void))der2rsapss_export_object },
-    { 0, NULL }
-};
diff --git a/providers/implementations/serializers/deserialize_pem2der.c b/providers/implementations/serializers/deserialize_pem2der.c
index a46ec681a1..cbd0867da9 100644
--- a/providers/implementations/serializers/deserialize_pem2der.c
+++ b/providers/implementations/serializers/deserialize_pem2der.c
@@ -37,19 +37,6 @@ static OSSL_FUNC_deserializer_deserialize_fn pem2der_deserialize;
  */
 struct pem2der_ctx_st {
     PROV_CTX *provctx;
-
-    /* Set to 1 if intending to encrypt/decrypt, otherwise 0 */
-    int cipher_intent;
-
-    EVP_CIPHER *cipher;
-
-    /* Passphrase that was passed by the caller */
-    void *cipher_pass;
-    size_t cipher_pass_length;
-
-    /* This callback is only used if |cipher_pass| is NULL */
-    OSSL_PASSPHRASE_CALLBACK *cb;
-    void *cbarg;
 };
 
 static void *pem2der_newctx(void *provctx)
@@ -65,8 +52,6 @@ static void pem2der_freectx(void *vctx)
 {
     struct pem2der_ctx_st *ctx = vctx;
 
-    EVP_CIPHER_free(ctx->cipher);
-    OPENSSL_clear_free(ctx->cipher_pass, ctx->cipher_pass_length);
     OPENSSL_free(ctx);
 }
 
@@ -91,50 +76,22 @@ static int pem2der_get_params(OSSL_PARAM params[])
     return 1;
 }
 
-static const OSSL_PARAM *pem2der_settable_ctx_params(void)
-{
-    static const OSSL_PARAM settables[] = {
-        OSSL_PARAM_octet_string(OSSL_DESERIALIZER_PARAM_PASS, NULL, 0),
-        OSSL_PARAM_END,
-    };
-
-    return settables;
-}
-
-static int pem2der_set_ctx_params(void *vctx, const OSSL_PARAM params[])
-{
-    struct pem2der_ctx_st *ctx = vctx;
-    const OSSL_PARAM *p;
-
-    if ((p = OSSL_PARAM_locate_const(params, OSSL_DESERIALIZER_PARAM_PASS))
-        != NULL) {
-        OPENSSL_clear_free(ctx->cipher_pass, ctx->cipher_pass_length);
-        ctx->cipher_pass = NULL;
-        if (!OSSL_PARAM_get_octet_string(p, &ctx->cipher_pass, 0,
-                                         &ctx->cipher_pass_length))
-            return 0;
-    }
-    return 1;
-}
-
 /* pem_password_cb compatible function */
+struct pem2der_pass_data_st {
+    OSSL_PASSPHRASE_CALLBACK *cb;
+    void *cbarg;
+};
+
 static int pem2der_pass_helper(char *buf, int num, int w, void *data)
 {
-    struct pem2der_ctx_st *ctx = data;
+    struct pem2der_pass_data_st *pass_data = data;
     size_t plen;
 
-    if (ctx->cipher_pass != NULL) {
-        if (ctx->cipher_pass_length < (size_t)num - 1) {
-            strncpy(buf, ctx->cipher_pass, ctx->cipher_pass_length);
-            buf[ctx->cipher_pass_length] = '\0';
-        } else {
-            OPENSSL_strlcpy(buf, ctx->cipher_pass, num);
-        }
-    } else if (ctx->cb == NULL
-               || !ctx->cb(buf, num, &plen, NULL, ctx->cbarg)) {
+    if (pass_data == NULL
+        || pass_data->cb == NULL
+        || !pass_data->cb(buf, num, &plen, NULL, pass_data->cbarg))
         return -1;
-    }
-    return (int)ctx->cipher_pass_length;
+    return (int)plen;
 }
 
 static int pem2der_deserialize(void *vctx, OSSL_CORE_BIO *cin,
@@ -159,9 +116,13 @@ static int pem2der_deserialize(void *vctx, OSSL_CORE_BIO *cin,
      */
     if (strlen(pem_header) > 10) {
         EVP_CIPHER_INFO cipher;
+        struct pem2der_pass_data_st pass_data;
 
+        pass_data.cb = pw_cb;
+        pass_data.cbarg = pw_cbarg;
         if (!PEM_get_EVP_CIPHER_INFO(pem_header, &cipher)
-            || !PEM_do_header(&cipher, der, &der_len, pem2der_pass_helper, ctx))
+            || !PEM_do_header(&cipher, der, &der_len,
+                              pem2der_pass_helper, &pass_data))
             goto end;
     }
 
@@ -193,10 +154,6 @@ const OSSL_DISPATCH pem_to_der_deserializer_functions[] = {
       (void (*)(void))pem2der_gettable_params },
     { OSSL_FUNC_DESERIALIZER_GET_PARAMS,
       (void (*)(void))pem2der_get_params },
-    { OSSL_FUNC_DESERIALIZER_SETTABLE_CTX_PARAMS,
-      (void (*)(void))pem2der_settable_ctx_params },
-    { OSSL_FUNC_DESERIALIZER_SET_CTX_PARAMS,
-      (void (*)(void))pem2der_set_ctx_params },
     { OSSL_FUNC_DESERIALIZER_DESERIALIZE, (void (*)(void))pem2der_deserialize },
     { 0, NULL }
 };
diff --git a/providers/implementations/serializers/serializer_local.h b/providers/implementations/serializers/serializer_local.h
index f1d2fe743c..d1359f7f4d 100644
--- a/providers/implementations/serializers/serializer_local.h
+++ b/providers/implementations/serializers/serializer_local.h
@@ -170,5 +170,5 @@ int ossl_prov_read_pem(PROV_CTX *provctx, OSSL_CORE_BIO *cin,
 
 int ossl_prov_der_from_p8(unsigned char **new_der, long *new_der_len,
                           unsigned char *input_der, long input_der_len,
-                          struct pkcs8_encrypt_ctx_st *ctx);
+                          OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg);
 
diff --git a/test/serdes_test.c b/test/serdes_test.c
index 0fc5cb7b4d..85165523ca 100644
--- a/test/serdes_test.c
+++ b/test/serdes_test.c
@@ -12,6 +12,7 @@
 #include <openssl/pem.h>
 #include <openssl/rsa.h>
 #include <openssl/x509.h>
+#include <openssl/params.h>
 #include <openssl/serializer.h>
 #include <openssl/deserializer.h>
 
@@ -27,22 +28,42 @@
  * serializing/deserializing with "traditional" keys.
  */
 
-static EVP_PKEY *key_RSA = NULL;
-static EVP_PKEY *legacy_key_RSA = NULL;
-static EVP_PKEY *key_RSA_PSS = NULL;
-static EVP_PKEY *legacy_key_RSA_PSS = NULL;
+static EVP_PKEY *make_template(const char *type, OSSL_PARAM *genparams)
+{
+    EVP_PKEY *pkey = NULL;
+    EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_name(NULL, type, NULL);
+
+    /*
+     * No real need to check the errors other than for the cascade
+     * effect.  |pkey| will simply remain NULL if something goes wrong.
+     */
+    (void)(ctx != NULL
+           && EVP_PKEY_paramgen_init(ctx) > 0
+           && (genparams == NULL
+               || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
+           && EVP_PKEY_gen(ctx, &pkey) > 0);
+    EVP_PKEY_CTX_free(ctx);
+
+    return pkey;
+}
 
-static EVP_PKEY *make_RSA(const char *rsa_type, int make_legacy)
+static EVP_PKEY *make_key(const char *type, EVP_PKEY *template,
+                          OSSL_PARAM *genparams, int make_legacy)
 {
     EVP_PKEY *pkey = NULL;
-    EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_name(NULL, rsa_type, NULL);
+    EVP_PKEY_CTX *ctx =
+        template != NULL
+        ? EVP_PKEY_CTX_new(template, NULL)
+        : EVP_PKEY_CTX_new_from_name(NULL, type, NULL);
 
     /*
      * No real need to check the errors other than for the cascade
-     * effect.  |pkey| will imply remain NULL if something goes wrong.
+     * effect.  |pkey| will simply remain NULL if something goes wrong.
      */
     (void)(ctx != NULL
            && EVP_PKEY_keygen_init(ctx) > 0
+           && (genparams == NULL
+               || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
            && EVP_PKEY_keygen(ctx, &pkey) > 0);
     EVP_PKEY_CTX_free(ctx);
     if (make_legacy && EVP_PKEY_get0(pkey) == NULL) {
@@ -53,15 +74,24 @@ static EVP_PKEY *make_RSA(const char *rsa_type, int make_legacy)
     return pkey;
 }
 
+
 /* Main test driver */
 
+/*
+ * TODO(3.0) For better error output, changed the callbacks to take __FILE__
+ * and __LINE__ as first two arguments, and have them use the lower case
+ * functions, such as test_strn_eq(), rather than the uppercase macros
+ * (TEST_strn2_eq(), for example).
+ */
+
 typedef int (serializer)(void **serialized, long *serialized_len,
-                         void *object,
-                         const char *pass, const char *pcipher,
+                         void *object, const char *pass, const char *pcipher,
                          const char *ser_propq);
 typedef int (deserializer)(void **object,
                            void *serialized, long serialized_len,
-                           const char *pass, const char *pcipher);
+                           const char *pass);
+typedef int (tester)(const void *data1, size_t data1_len,
+                     const void *data2, size_t data2_len);
 typedef int (checker)(const char *type, const void *data, size_t data_len);
 typedef void (dumper)(const char *label, const void *data, size_t data_len);
 
@@ -69,6 +99,7 @@ static int test_serialize_deserialize(const char *type, EVP_PKEY *pkey,
                                       const char *pass, const char *pcipher,
                                       serializer *serialize_cb,
                                       deserializer *deserialize_cb,
+                                      tester *test_cb,
                                       checker *check_cb, dumper *dump_cb,
                                       const char *ser_propq, int make_legacy)
 {
@@ -83,7 +114,7 @@ static int test_serialize_deserialize(const char *type, EVP_PKEY *pkey,
                       pass, pcipher, ser_propq)
         || !check_cb(type, serialized, serialized_len)
         || !deserialize_cb((void **)&pkey2, serialized, serialized_len,
-                           pass, pcipher)
+                           pass)
         || !TEST_int_eq(EVP_PKEY_eq(pkey, pkey2), 1))
         goto end;
 
@@ -103,14 +134,18 @@ static int test_serialize_deserialize(const char *type, EVP_PKEY *pkey,
     if ((pass == NULL && pcipher == NULL)
         && (!serialize_cb(&serialized2, &serialized2_len, pkey2,
                           pass, pcipher, ser_propq)
-            || !TEST_mem_eq(serialized, serialized_len,
-                            serialized2, serialized2_len)))
+            || !test_cb(serialized, serialized_len,
+                        serialized2, serialized2_len)))
         goto end;
 
     ok = 1;
  end:
-    if (!ok)
-        dump_cb("serialized result", serialized, serialized_len);
+    if (!ok) {
+        if (serialized != NULL && serialized_len != 0)
+            dump_cb("serialized result", serialized, serialized_len);
+        if (serialized2 != NULL && serialized2_len != 0)
+            dump_cb("re-serialized result", serialized2, serialized2_len);
+    }
 
     OPENSSL_free(serialized);
     OPENSSL_free(serialized2);
@@ -157,7 +192,7 @@ static int serialize_EVP_PKEY_prov(void **serialized, long *serialized_len,
 
 static int deserialize_EVP_PKEY_prov(void **object,
                                      void *serialized, long serialized_len,
-                                     const char *pass, const char *pcipher)
+                                     const char *pass)
 {
     EVP_PKEY *pkey = NULL;
     OSSL_DESERIALIZER_CTX *dctx = NULL;
@@ -170,8 +205,6 @@ static int deserialize_EVP_PKEY_prov(void **object,
         || (pass != NULL
             && !OSSL_DESERIALIZER_CTX_set_passphrase(dctx, upass,
                                                      strlen(pass)))
-        || (pcipher != NULL
-            && !OSSL_DESERIALIZER_CTX_set_cipher(dctx, pcipher, NULL))
         || !TEST_ptr(mem_deser = BIO_new_mem_buf(serialized, serialized_len))
         || !TEST_true(OSSL_DESERIALIZER_from_bio(dctx, mem_deser)))
         goto end;
@@ -222,6 +255,18 @@ static int serialize_EVP_PKEY_legacy_PEM(void **serialized,
     return ok;
 }
 
+static int test_text(const void *data1, size_t data1_len,
+                     const void *data2, size_t data2_len)
+{
+    return TEST_strn2_eq(data1, data1_len, data2, data2_len);
+}
+
+static int test_mem(const void *data1, size_t data1_len,
+                    const void *data2, size_t data2_len)
+{
+    return TEST_mem_eq(data1, data1_len, data2, data2_len);
+}
+
 /* Test cases and their dumpers / checkers */
 
 static void dump_der(const char *label, const void *data, size_t data_len)
@@ -252,21 +297,12 @@ static int check_unprotected_PKCS8_DER(const char *type,
     return ok;
 }
 
-static int test_unprotected_RSA_via_DER(void)
+static int test_unprotected_via_DER(const char *type, EVP_PKEY *key)
 {
-    return test_serialize_deserialize("RSA", key_RSA, NULL, NULL,
-                                      serialize_EVP_PKEY_prov,
-                                      deserialize_EVP_PKEY_prov,
-                                      check_unprotected_PKCS8_DER, dump_der,
-                                      OSSL_SERIALIZER_PrivateKey_TO_DER_PQ,
-                                      0);
-}
-
-static int test_unprotected_RSA_PSS_via_DER(void)
-{
-    return test_serialize_deserialize("RSA-PSS", key_RSA_PSS, NULL, NULL,
+    return test_serialize_deserialize(type, key, NULL, NULL,
                                       serialize_EVP_PKEY_prov,
                                       deserialize_EVP_PKEY_prov,
+                                      test_mem,
                                       check_unprotected_PKCS8_DER, dump_der,
                                       OSSL_SERIALIZER_PrivateKey_TO_DER_PQ,
                                       0);
@@ -280,21 +316,12 @@ static int check_unprotected_PKCS8_PEM(const char *type,
     return TEST_strn_eq(data, pem_header, sizeof(pem_header) - 1);
 }
 
-static int test_unprotected_RSA_via_PEM(void)
+static int test_unprotected_via_PEM(const char *type, EVP_PKEY *key)
 {
-    return test_serialize_deserialize("RSA", key_RSA, NULL, NULL,
-                                      serialize_EVP_PKEY_prov,
-                                      deserialize_EVP_PKEY_prov,
-                                      check_unprotected_PKCS8_PEM, dump_pem,
-                                      OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ,
-                                      0);
-}
-
-static int test_unprotected_RSA_PSS_via_PEM(void)
-{
-    return test_serialize_deserialize("RSA-PSS", key_RSA_PSS, NULL, NULL,
+    return test_serialize_deserialize(type, key, NULL, NULL,
                                       serialize_EVP_PKEY_prov,
                                       deserialize_EVP_PKEY_prov,
+                                      test_text,
                                       check_unprotected_PKCS8_PEM, dump_pem,
                                       OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ,
                                       0);
@@ -311,20 +338,12 @@ static int check_unprotected_legacy_PEM(const char *type,
         && TEST_strn_eq(data, pem_header, strlen(pem_header));
 }
 
-static int test_unprotected_RSA_via_legacy_PEM(void)
+static int test_unprotected_via_legacy_PEM(const char *type, EVP_PKEY *key)
 {
-    return test_serialize_deserialize("RSA", legacy_key_RSA, NULL, NULL,
-                                      serialize_EVP_PKEY_legacy_PEM,
-                                      deserialize_EVP_PKEY_prov,
-                                      check_unprotected_legacy_PEM, dump_pem,
-                                      NULL, 1);
-}
-
-static int test_unprotected_RSA_PSS_via_legacy_PEM(void)
-{
-    return test_serialize_deserialize("RSA-PSS", legacy_key_RSA_PSS, NULL, NULL,
+    return test_serialize_deserialize(type, key, NULL, NULL,
                                       serialize_EVP_PKEY_legacy_PEM,
                                       deserialize_EVP_PKEY_prov,
+                                      test_text,
                                       check_unprotected_legacy_PEM, dump_pem,
                                       NULL, 1);
 }
@@ -343,21 +362,12 @@ static int check_protected_PKCS8_DER(const char *type,
     return ok;
 }
 
-static int test_protected_RSA_via_DER(void)
+static int test_protected_via_DER(const char *type, EVP_PKEY *key)
 {
-    return test_serialize_deserialize("RSA", key_RSA, pass, pass_cipher,
-                                      serialize_EVP_PKEY_prov,
-                                      deserialize_EVP_PKEY_prov,
-                                      check_protected_PKCS8_DER, dump_der,
-                                      OSSL_SERIALIZER_PrivateKey_TO_DER_PQ,
-                                      0);
-}
-
-static int test_protected_RSA_PSS_via_DER(void)
-{
-    return test_serialize_deserialize("RSA", key_RSA, pass, pass_cipher,
+    return test_serialize_deserialize(type, key, pass, pass_cipher,
                                       serialize_EVP_PKEY_prov,
                                       deserialize_EVP_PKEY_prov,
+                                      test_mem,
                                       check_protected_PKCS8_DER, dump_der,
                                       OSSL_SERIALIZER_PrivateKey_TO_DER_PQ,
                                       0);
@@ -371,21 +381,12 @@ static int check_protected_PKCS8_PEM(const char *type,
     return TEST_strn_eq(data, pem_header, sizeof(pem_header) - 1);
 }
 
-static int test_protected_RSA_via_PEM(void)
+static int test_protected_via_PEM(const char *type, EVP_PKEY *key)
 {
-    return test_serialize_deserialize("RSA", key_RSA, pass, pass_cipher,
-                                      serialize_EVP_PKEY_prov,
-                                      deserialize_EVP_PKEY_prov,
-                                      check_protected_PKCS8_PEM, dump_pem,
-                                      OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ,
-                                      0);
-}
-
-static int test_protected_RSA_PSS_via_PEM(void)
-{
-    return test_serialize_deserialize("RSA-PSS", key_RSA_PSS, pass, pass_cipher,
+    return test_serialize_deserialize(type, key, pass, pass_cipher,
                                       serialize_EVP_PKEY_prov,
                                       deserialize_EVP_PKEY_prov,
+                                      test_text,
                                       check_protected_PKCS8_PEM, dump_pem,
                                       OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ,
                                       0);
@@ -403,52 +404,230 @@ static int check_protected_legacy_PEM(const char *type,
         && TEST_ptr(strstr(data, "\nDEK-Info: "));
 }
 
-static int test_protected_RSA_via_legacy_PEM(void)
+static int test_protected_via_legacy_PEM(const char *type, EVP_PKEY *key)
 {
-    return test_serialize_deserialize("RSA", legacy_key_RSA, pass, pass_cipher,
+    return test_serialize_deserialize(type, key, pass, pass_cipher,
                                       serialize_EVP_PKEY_legacy_PEM,
                                       deserialize_EVP_PKEY_prov,
+                                      test_text,
                                       check_protected_legacy_PEM, dump_pem,
                                       NULL, 1);
 }
 
-static int test_protected_RSA_PSS_via_legacy_PEM(void)
+static int check_public_DER(const char *type, const void *data, size_t data_len)
 {
-    return test_serialize_deserialize("RSA-PSS", legacy_key_RSA_PSS,
-                                      pass, pass_cipher,
-                                      serialize_EVP_PKEY_legacy_PEM,
+    const unsigned char *datap = data;
+    EVP_PKEY *pkey = d2i_PUBKEY(NULL, &datap, data_len);
+    int ok = (TEST_ptr(pkey) && TEST_true(EVP_PKEY_is_a(pkey, type)));
+
+    EVP_PKEY_free(pkey);
+    return ok;
+}
+
+static int test_public_via_DER(const char *type, EVP_PKEY *key)
+{
+    return test_serialize_deserialize(type, key, NULL, NULL,
+                                      serialize_EVP_PKEY_prov,
                                       deserialize_EVP_PKEY_prov,
-                                      check_protected_legacy_PEM, dump_pem,
-                                      NULL, 1);
+                                      test_mem,
+                                      check_public_DER, dump_der,
+                                      OSSL_SERIALIZER_PUBKEY_TO_DER_PQ,
+                                      0);
+}
+
+static int check_public_PEM(const char *type, const void *data, size_t data_len)
+{
+    static const char pem_header[] = "-----BEGIN " PEM_STRING_PUBLIC "-----";
+
+    return
+        TEST_strn_eq(data, pem_header, sizeof(pem_header) - 1);
 }
 
+static int test_public_via_PEM(const char *type, EVP_PKEY *key)
+{
+    return test_serialize_deserialize(type, key, NULL, NULL,
+                                      serialize_EVP_PKEY_prov,
+                                      deserialize_EVP_PKEY_prov,
+                                      test_text,
+                                      check_public_PEM, dump_pem,
+                                      OSSL_SERIALIZER_PUBKEY_TO_PEM_PQ,
+                                      0);
+}
+
+#define KEYS(KEYTYPE)                           \
+    static EVP_PKEY *key_##KEYTYPE = NULL;      \
+    static EVP_PKEY *legacy_key_##KEYTYPE = NULL
+#define MAKE_KEYS(KEYTYPE, KEYTYPEstr, params)                          \
+    ok = ok                                                             \
+        && TEST_ptr(key_##KEYTYPE =                                     \
+                    make_key(KEYTYPEstr, NULL, params, 0))              \
+        && TEST_ptr(legacy_key_##KEYTYPE =                              \
+                    make_key(KEYTYPEstr, NULL, params, 1))
+#define FREE_KEYS(KEYTYPE)                                              \
+    EVP_PKEY_free(key_##KEYTYPE);                                       \
+    EVP_PKEY_free(legacy_key_##KEYTYPE)
+
+#define DOMAIN_KEYS(KEYTYPE)                    \
+    static EVP_PKEY *template_##KEYTYPE = NULL; \
+    static EVP_PKEY *key_##KEYTYPE = NULL;      \
+    static EVP_PKEY *legacy_key_##KEYTYPE = NULL
+#define MAKE_DOMAIN_KEYS(KEYTYPE, KEYTYPEstr, params)                   \
+    ok = ok                                                             \
+        && TEST_ptr(template_##KEYTYPE =                                \
+                    make_template(KEYTYPEstr, params))                  \
+        && TEST_ptr(key_##KEYTYPE =                                     \
+                    make_key(KEYTYPEstr, template_##KEYTYPE, NULL, 0))  \
+        && TEST_ptr(legacy_key_##KEYTYPE =                              \
+                    make_key(KEYTYPEstr, template_##KEYTYPE, NULL, 1))
+#define FREE_DOMAIN_KEYS(KEYTYPE)                                       \
+    EVP_PKEY_free(template_##KEYTYPE);                                  \
+    EVP_PKEY_free(key_##KEYTYPE);                                       \
+    EVP_PKEY_free(legacy_key_##KEYTYPE)
+
+#define IMPLEMENT_TEST_SUITE(KEYTYPE, KEYTYPEstr)                       \
+    static int test_unprotected_##KEYTYPE##_via_DER(void)               \
+    {                                                                   \
+        return test_unprotected_via_DER(KEYTYPEstr, key_##KEYTYPE);     \
+    }                                                                   \
+    static int test_unprotected_##KEYTYPE##_via_PEM(void)               \
+    {                                                                   \
+        return test_unprotected_via_PEM(KEYTYPEstr, key_##KEYTYPE);     \
+    }                                                                   \
+    static int test_unprotected_##KEYTYPE##_via_legacy_PEM(void)        \
+    {                                                                   \
+        return test_unprotected_via_legacy_PEM(KEYTYPEstr,              \
+                                               legacy_key_##KEYTYPE);   \
+    }                                                                   \
+    static int test_protected_##KEYTYPE##_via_DER(void)                 \
+    {                                                                   \
+        return test_protected_via_DER(KEYTYPEstr, key_##KEYTYPE);       \
+    }                                                                   \
+    static int test_protected_##KEYTYPE##_via_PEM(void)                 \
+    {                                                                   \
+        return test_protected_via_PEM(KEYTYPEstr, key_##KEYTYPE);       \
+    }                                                                   \
+    static int test_protected_##KEYTYPE##_via_legacy_PEM(void)          \
+    {                                                                   \
+        return test_protected_via_legacy_PEM(KEYTYPEstr,                \
+                                             legacy_key_##KEYTYPE);     \
+    }                                                                   \
+    static int test_public_##KEYTYPE##_via_DER(void)                    \
+    {                                                                   \
+        return test_public_via_DER(KEYTYPEstr, key_##KEYTYPE);          \
+    }                                                                   \
+    static int test_public_##KEYTYPE##_via_PEM(void)                    \
+    {                                                                   \
+        return test_public_via_PEM(KEYTYPEstr, key_##KEYTYPE);          \
+    }
+
+#define ADD_TEST_SUITE(KEYTYPE)                                 \
+    ADD_TEST(test_unprotected_##KEYTYPE##_via_DER);             \
+    ADD_TEST(test_unprotected_##KEYTYPE##_via_PEM);             \
+    ADD_TEST(test_unprotected_##KEYTYPE##_via_legacy_PEM);      \
+    ADD_TEST(test_protected_##KEYTYPE##_via_DER);               \
+    ADD_TEST(test_protected_##KEYTYPE##_via_PEM);               \
+    ADD_TEST(test_protected_##KEYTYPE##_via_legacy_PEM);        \
+    ADD_TEST(test_public_##KEYTYPE##_via_DER);                  \
+    ADD_TEST(test_public_##KEYTYPE##_via_PEM)
+
+#ifndef OPENSSL_NO_DH
+DOMAIN_KEYS(DH);
+IMPLEMENT_TEST_SUITE(DH, "DH")
+#endif
+#ifndef OPENSSL_NO_DSA
+DOMAIN_KEYS(DSA);
+IMPLEMENT_TEST_SUITE(DSA, "DSA")
+#endif
+#ifndef OPENSSL_NO_EC
+DOMAIN_KEYS(EC);
+IMPLEMENT_TEST_SUITE(EC, "EC")
+KEYS(ED25519);
+IMPLEMENT_TEST_SUITE(ED25519, "ED25519")
+KEYS(ED448);
+IMPLEMENT_TEST_SUITE(ED448, "ED448")
+KEYS(X25519);
+IMPLEMENT_TEST_SUITE(X25519, "X25519")
+KEYS(X448);
+IMPLEMENT_TEST_SUITE(X448, "X448")
+#endif
+KEYS(RSA);
+IMPLEMENT_TEST_SUITE(RSA, "RSA")
+KEYS(RSA_PSS);
+IMPLEMENT_TEST_SUITE(RSA_PSS, "RSA-PSS")
+
 int setup_tests(void)
 {
+    int ok = 1;
+
+#ifndef OPENSSL_NO_EC
+    static char groupname[] = "prime256v1";
+    OSSL_PARAM EC_params[] = {
+        OSSL_PARAM_utf8_string("group", groupname, sizeof(groupname) - 1),
+        OSSL_PARAM_END
+    };
+#endif
+
+    /* 7 is the default magic number */
+    static unsigned int rsapss_min_saltlen = 7;
+    OSSL_PARAM RSA_PSS_params[] = {
+        OSSL_PARAM_uint("saltlen", &rsapss_min_saltlen),
+        OSSL_PARAM_END
+    };
+
     TEST_info("Generating keys...");
-    if (!TEST_ptr(key_RSA = make_RSA("RSA", 0))
-        || !TEST_ptr(legacy_key_RSA = make_RSA("RSA", 1))
-        || !TEST_ptr(key_RSA_PSS = make_RSA("RSA-PSS", 0))
-        || !TEST_ptr(legacy_key_RSA_PSS = make_RSA("RSA-PSS", 1))) {
-        EVP_PKEY_free(key_RSA);
-        EVP_PKEY_free(legacy_key_RSA);
-        EVP_PKEY_free(key_RSA_PSS);
-        EVP_PKEY_free(legacy_key_RSA_PSS);
-        return 0;
-    }
+#ifndef OPENSSL_NO_DH
+    MAKE_DOMAIN_KEYS(DH, "DH", NULL);
+#endif
+#ifndef OPENSSL_NO_DSA
+    MAKE_DOMAIN_KEYS(DSA, "DSA", NULL);
+#endif
+#ifndef OPENSSL_NO_EC
+    MAKE_DOMAIN_KEYS(EC, "EC", EC_params);
+    MAKE_KEYS(ED25519, "ED25519", NULL);
+    MAKE_KEYS(ED448, "ED448", NULL);
+    MAKE_KEYS(X25519, "X25519", NULL);
+    MAKE_KEYS(X448, "X448", NULL);
+#endif
+    MAKE_KEYS(RSA, "RSA", NULL);
+    MAKE_KEYS(RSA_PSS, "RSA-PSS", RSA_PSS_params);
     TEST_info("Generating key... done");
 
-    ADD_TEST(test_unprotected_RSA_via_DER);
-    ADD_TEST(test_unprotected_RSA_via_PEM);
-    ADD_TEST(test_unprotected_RSA_via_legacy_PEM);
-    ADD_TEST(test_protected_RSA_via_DER);
-    ADD_TEST(test_protected_RSA_via_PEM);
-    ADD_TEST(test_protected_RSA_via_legacy_PEM);
-    ADD_TEST(test_unprotected_RSA_PSS_via_DER);
-    ADD_TEST(test_unprotected_RSA_PSS_via_PEM);
-    ADD_TEST(test_unprotected_RSA_PSS_via_legacy_PEM);
-    ADD_TEST(test_protected_RSA_PSS_via_DER);
-    ADD_TEST(test_protected_RSA_PSS_via_PEM);
-    ADD_TEST(test_protected_RSA_PSS_via_legacy_PEM);
+    if (ok) {
+#ifndef OPENSSL_NO_DH
+        ADD_TEST_SUITE(DH);
+#endif
+#ifndef OPENSSL_NO_DSA
+        ADD_TEST_SUITE(DSA);
+#endif
+#ifndef OPENSSL_NO_EC
+        ADD_TEST_SUITE(EC);
+        ADD_TEST_SUITE(ED25519);
+        ADD_TEST_SUITE(ED448);
+        ADD_TEST_SUITE(X25519);
+        ADD_TEST_SUITE(X448);
+#endif
+        ADD_TEST_SUITE(RSA);
+        ADD_TEST_SUITE(RSA_PSS);
+    }
 
     return 1;
 }
+
+void cleanup_tests(void)
+{
+#ifndef OPENSSL_NO_DH
+    FREE_DOMAIN_KEYS(DH);
+#endif
+#ifndef OPENSSL_NO_DSA
+    FREE_DOMAIN_KEYS(DSA);
+#endif
+#ifndef OPENSSL_NO_EC
+    FREE_DOMAIN_KEYS(EC);
+    FREE_KEYS(ED25519);
+    FREE_KEYS(ED448);
+    FREE_KEYS(X25519);
+    FREE_KEYS(X448);
+#endif
+    FREE_KEYS(RSA);
+    FREE_KEYS(RSA_PSS);
+}
diff --git a/test/testutil.h b/test/testutil.h
index 69869e2601..88a3cbc9a8 100644
--- a/test/testutil.h
+++ b/test/testutil.h
@@ -296,9 +296,9 @@ DECLARE_COMPARISON(char *, str, ne)
  * Same as above, but for strncmp.
  */
 int test_strn_eq(const char *file, int line, const char *, const char *,
-                 const char *a, const char *b, size_t s);
+                 const char *a, size_t an, const char *b, size_t bn);
 int test_strn_ne(const char *file, int line, const char *, const char *,
-                 const char *a, const char *b, size_t s);
+                 const char *a, size_t an, const char *b, size_t bn);
 
 /*
  * Equality test for memory blocks where NULL is a legitimate value.
@@ -438,8 +438,10 @@ void test_perror(const char *s);
 
 # define TEST_str_eq(a, b)    test_str_eq(__FILE__, __LINE__, #a, #b, a, b)
 # define TEST_str_ne(a, b)    test_str_ne(__FILE__, __LINE__, #a, #b, a, b)
-# define TEST_strn_eq(a, b, n) test_strn_eq(__FILE__, __LINE__, #a, #b, a, b, n)
-# define TEST_strn_ne(a, b, n) test_strn_ne(__FILE__, __LINE__, #a, #b, a, b, n)
+# define TEST_strn_eq(a, b, n) test_strn_eq(__FILE__, __LINE__, #a, #b, a, n, b, n)
+# define TEST_strn_ne(a, b, n) test_strn_ne(__FILE__, __LINE__, #a, #b, a, n, b, n)
+# define TEST_strn2_eq(a, m, b, n) test_strn_eq(__FILE__, __LINE__, #a, #b, a, m, b, n)
+# define TEST_strn2_ne(a, m, b, n) test_strn_ne(__FILE__, __LINE__, #a, #b, a, m, b, n)
 
 # define TEST_mem_eq(a, m, b, n) test_mem_eq(__FILE__, __LINE__, #a, #b, a, m, b, n)
 # define TEST_mem_ne(a, m, b, n) test_mem_ne(__FILE__, __LINE__, #a, #b, a, m, b, n)
diff --git a/test/testutil/tests.c b/test/testutil/tests.c
index 56177cd999..c1605ca8eb 100644
--- a/test/testutil/tests.c
+++ b/test/testutil/tests.c
@@ -302,28 +302,28 @@ int test_str_ne(const char *file, int line, const char *st1, const char *st2,
 }
 
 int test_strn_eq(const char *file, int line, const char *st1, const char *st2,
-                 const char *s1, const char *s2, size_t len)
+                 const char *s1, size_t n1, const char *s2, size_t n2)
 {
     if (s1 == NULL && s2 == NULL)
       return 1;
-    if (s1 == NULL || s2 == NULL || strncmp(s1, s2, len) != 0) {
+    if (n1 != n2 || s1 == NULL || s2 == NULL || strncmp(s1, s2, n1) != 0) {
         test_fail_string_message(NULL, file, line, "string", st1, st2, "==",
-                                 s1, s1 == NULL ? 0 : OPENSSL_strnlen(s1, len),
-                                 s2, s2 == NULL ? 0 : OPENSSL_strnlen(s2, len));
+                                 s1, s1 == NULL ? 0 : OPENSSL_strnlen(s1, n1),
+                                 s2, s2 == NULL ? 0 : OPENSSL_strnlen(s2, n2));
         return 0;
     }
     return 1;
 }
 
 int test_strn_ne(const char *file, int line, const char *st1, const char *st2,
-                 const char *s1, const char *s2, size_t len)
+                 const char *s1, size_t n1, const char *s2, size_t n2)
 {
     if ((s1 == NULL) ^ (s2 == NULL))
       return 1;
-    if (s1 == NULL || strncmp(s1, s2, len) == 0) {
+    if (n1 != n2 || s1 == NULL || strncmp(s1, s2, n1) == 0) {
         test_fail_string_message(NULL, file, line, "string", st1, st2, "!=",
-                                 s1, s1 == NULL ? 0 : OPENSSL_strnlen(s1, len),
-                                 s2, s2 == NULL ? 0 : OPENSSL_strnlen(s2, len));
+                                 s1, s1 == NULL ? 0 : OPENSSL_strnlen(s1, n1),
+                                 s2, s2 == NULL ? 0 : OPENSSL_strnlen(s2, n2));
         return 0;
     }
     return 1;
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 1a59d81624..b1c7947b86 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5163,16 +5163,14 @@ OSSL_DESERIALIZER_settable_ctx_params   ?	3_0_0	EXIST::FUNCTION:
 OSSL_DESERIALIZER_CTX_new               ?	3_0_0	EXIST::FUNCTION:
 OSSL_DESERIALIZER_CTX_set_params        ?	3_0_0	EXIST::FUNCTION:
 OSSL_DESERIALIZER_CTX_free              ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_CTX_set_cipher        ?	3_0_0	EXIST::FUNCTION:
 OSSL_DESERIALIZER_CTX_set_passphrase    ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_CTX_set_passphrase_cb ?	3_0_0	EXIST::FUNCTION:
+OSSL_DESERIALIZER_CTX_set_pem_password_cb ?	3_0_0	EXIST::FUNCTION:
 OSSL_DESERIALIZER_CTX_set_passphrase_ui ?	3_0_0	EXIST::FUNCTION:
 OSSL_DESERIALIZER_from_bio              ?	3_0_0	EXIST::FUNCTION:
 OSSL_DESERIALIZER_from_fp               ?	3_0_0	EXIST::FUNCTION:STDIO
 OSSL_DESERIALIZER_CTX_add_deserializer  ?	3_0_0	EXIST::FUNCTION:
 OSSL_DESERIALIZER_CTX_add_extra         ?	3_0_0	EXIST::FUNCTION:
 OSSL_DESERIALIZER_CTX_num_deserializers ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_CTX_set_finalizer     ?	3_0_0	EXIST::FUNCTION:
 OSSL_DESERIALIZER_CTX_set_input_type    ?	3_0_0	EXIST::FUNCTION:
 OSSL_DESERIALIZER_export                ?	3_0_0	EXIST::FUNCTION:
 OSSL_DESERIALIZER_INSTANCE_deserializer ?	3_0_0	EXIST::FUNCTION:
@@ -5181,3 +5179,21 @@ ERR_load_OSSL_DESERIALIZER_strings      ?	3_0_0	EXIST::FUNCTION:
 OSSL_DESERIALIZER_gettable_params       ?	3_0_0	EXIST::FUNCTION:
 OSSL_DESERIALIZER_get_params            ?	3_0_0	EXIST::FUNCTION:
 OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY   ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_set1_X25519                    ?	3_0_0	EXIST::FUNCTION:EC
+EVP_PKEY_get0_X25519                    ?	3_0_0	EXIST::FUNCTION:EC
+EVP_PKEY_get1_X25519                    ?	3_0_0	EXIST::FUNCTION:EC
+EVP_PKEY_set1_X448                      ?	3_0_0	EXIST::FUNCTION:EC
+EVP_PKEY_get0_X448                      ?	3_0_0	EXIST::FUNCTION:EC
+EVP_PKEY_get1_X448                      ?	3_0_0	EXIST::FUNCTION:EC
+EVP_PKEY_set1_ED25519                   ?	3_0_0	EXIST::FUNCTION:EC
+EVP_PKEY_get0_ED25519                   ?	3_0_0	EXIST::FUNCTION:EC
+EVP_PKEY_get1_ED25519                   ?	3_0_0	EXIST::FUNCTION:EC
+EVP_PKEY_set1_ED448                     ?	3_0_0	EXIST::FUNCTION:EC
+EVP_PKEY_get0_ED448                     ?	3_0_0	EXIST::FUNCTION:EC
+EVP_PKEY_get1_ED448                     ?	3_0_0	EXIST::FUNCTION:EC
+OSSL_DESERIALIZER_CTX_set_construct     ?	3_0_0	EXIST::FUNCTION:
+OSSL_DESERIALIZER_CTX_set_construct_data ?	3_0_0	EXIST::FUNCTION:
+OSSL_DESERIALIZER_CTX_set_cleanup       ?	3_0_0	EXIST::FUNCTION:
+OSSL_DESERIALIZER_CTX_get_construct     ?	3_0_0	EXIST::FUNCTION:
+OSSL_DESERIALIZER_CTX_get_construct_data ?	3_0_0	EXIST::FUNCTION:
+OSSL_DESERIALIZER_CTX_get_cleanup       ?	3_0_0	EXIST::FUNCTION:
diff --git a/util/other.syms b/util/other.syms
index 38ad3d3a33..bfe320396b 100644
--- a/util/other.syms
+++ b/util/other.syms
@@ -43,8 +43,8 @@ OPENSSL_CTX                             datatype
 NAMING_AUTHORITY                        datatype
 OSSL_DESERIALIZER                       datatype
 OSSL_DESERIALIZER_CTX                   datatype
-OSSL_DESERIALIZER_FINALIZER             datatype
-OSSL_DESERIALIZER_CLEANER               datatype
+OSSL_DESERIALIZER_CONSTRUCT             datatype
+OSSL_DESERIALIZER_CLEANUP               datatype
 OSSL_DESERIALIZER_INSTANCE              datatype
 OSSL_DESERIALIZER_CTX                   datatype
 OSSL_HTTP_bio_cb_t                      datatype
@@ -305,6 +305,10 @@ EVP_PKEY_CTX_set_tls1_prf_md            define
 EVP_PKEY_assign_DH                      define
 EVP_PKEY_assign_DSA                     define
 EVP_PKEY_assign_EC_KEY                  define
+EVP_PKEY_assign_ED25519                 define
+EVP_PKEY_assign_ED448                   define
+EVP_PKEY_assign_X25519                  define
+EVP_PKEY_assign_X448                    define
 EVP_PKEY_assign_POLY1305                define
 EVP_PKEY_assign_RSA                     define
 EVP_PKEY_assign_SIPHASH                 define

From pauli at openssl.org  Sat Aug  1 01:56:15 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Sat, 01 Aug 2020 01:56:15 +0000
Subject: [openssl]  master update
Message-ID: <1596246975.859642.9939.nullmailer@dev.openssl.org>

The branch master has been updated
       via  0f9fdefeb05768b86f4364a8e976c87ee197638e (commit)
      from  790a1b030ac6f968104e17fe5b721c581ebd1d3e (commit)


- Log -----------------------------------------------------------------
commit 0f9fdefeb05768b86f4364a8e976c87ee197638e
Author: Matt Caswell <matt at openssl.org>
Date:   Thu Jul 30 15:15:05 2020 +0100

    Fix an ENGINE leak in asn1_item_digest_with_libctx
    
    Commit 6725682d introduced a call to ENGINE_get_digest_engine() into
    the function asn1_item_digest_with_libctx() to determine whether there
    is an ENGINE registered to handle the specified digest. However that
    function increases the ref count on the returned ENGINE object, so it
    must be freed.
    
    Fixes #12558
    
    [extended tests]
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    Reviewed-by: Nicola Tuveri <nic.tuv at gmail.com>
    (Merged from https://github.com/openssl/openssl/pull/12560)

-----------------------------------------------------------------------

Summary of changes:
 crypto/asn1/a_digest.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/crypto/asn1/a_digest.c b/crypto/asn1/a_digest.c
index c0c1cda272..3e7b418a19 100644
--- a/crypto/asn1/a_digest.c
+++ b/crypto/asn1/a_digest.c
@@ -68,7 +68,11 @@ int asn1_item_digest_with_libctx(const ASN1_ITEM *it, const EVP_MD *md,
 
     if (EVP_MD_provider(md) == NULL) {
 #if !defined(OPENSSL_NO_ENGINE)
-        if (ENGINE_get_digest_engine(EVP_MD_type(md)) == NULL)
+        ENGINE *tmpeng = ENGINE_get_digest_engine(EVP_MD_type(md));
+
+        if (tmpeng != NULL)
+            ENGINE_finish(tmpeng);
+        else
 #endif
             fetched_md = EVP_MD_fetch(libctx, EVP_MD_name(md), propq);
     }

From builds at travis-ci.com  Sat Aug  1 03:27:59 2020
From: builds at travis-ci.com (Travis CI)
Date: Sat, 01 Aug 2020 03:27:59 +0000
Subject: Still Failing: openssl/openssl#36440 (master - 790a1b0)
In-Reply-To: <openssl/openssl+178035855+still failing@travis-ci.com>
Message-ID: <5f24e13ebbf69_13fe30ff172782004bc@travis-pro-tasks-b4db6756c-mssfk.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36440
Status: Still Failing

Duration: 1 hr, 32 mins, and 47 secs
Commit: 790a1b0 (master)
Author: Richard Levitte
Message: DESERIALIZER: Small bugfix in the deser_process()

Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12544)

View the changeset: https://github.com/openssl/openssl/compare/1202de4481df...790a1b030ac6

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178035855?utm_medium=notification&utm_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200801/6baae280/attachment.html>

From builds at travis-ci.com  Sat Aug  1 04:34:33 2020
From: builds at travis-ci.com (Travis CI)
Date: Sat, 01 Aug 2020 04:34:33 +0000
Subject: Still Failing: openssl/openssl#36441 (master - 0f9fdef)
In-Reply-To: <openssl/openssl+178035936+still failing@travis-ci.com>
Message-ID: <5f24f0d96bf2c_13f89946e0a3413655@travis-pro-tasks-8667f9c959-6lzhf.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36441
Status: Still Failing

Duration: 1 hr, 26 mins, and 49 secs
Commit: 0f9fdef (master)
Author: Matt Caswell
Message: Fix an ENGINE leak in asn1_item_digest_with_libctx

Commit 6725682d introduced a call to ENGINE_get_digest_engine() into
the function asn1_item_digest_with_libctx() to determine whether there
is an ENGINE registered to handle the specified digest. However that
function increases the ref count on the returned ENGINE object, so it
must be freed.

Fixes #12558

[extended tests]

Reviewed-by: Paul Dale <paul.dale at oracle.com>
Reviewed-by: Nicola Tuveri <nic.tuv at gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12560)

View the changeset: https://github.com/openssl/openssl/compare/790a1b030ac6...0f9fdefeb057

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178035936?utm_medium=notification&utm_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200801/f8f6306e/attachment-0001.html>

From scan-admin at coverity.com  Sun Aug  2 07:52:43 2020
From: scan-admin at coverity.com (scan-admin at coverity.com)
Date: Sun, 02 Aug 2020 07:52:43 +0000 (UTC)
Subject: Coverity Scan: Analysis completed for OpenSSL-1.0.2
Message-ID: <5f2670cb8021d_1a5e182aafc0020f54885dd@prd-scan-dashboard-0.mail>


    Your request for analysis of OpenSSL-1.0.2 has been completed successfully.
    The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7Hlun-2FGpeF2rhqKLKnzox0Gkw-3D-3DqU2y_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeGNhHzQrMGufuZCnymOJEo8IVpqAKY60l-2BFBW7nEK8ZK6jncFneZPkuowLlz5eI3d4xnQqH3dsO2i2856Sw-2F4hIkMPWxwSt9I-2BMs3CfZaIXimPO9wfykPOrcfzJQukTfGwsPlq2kilJ1auWJIT-2B5ZGWy2fhhARzQTjsyrbL3VX-2BTYZK65dzD0IstXuzaviXN7I-3D

    Build ID: 330138

    Analysis Summary:
       New defects found: 0
       Defects eliminated: 0


From scan-admin at coverity.com  Sun Aug  2 07:57:10 2020
From: scan-admin at coverity.com (scan-admin at coverity.com)
Date: Sun, 02 Aug 2020 07:57:10 +0000 (UTC)
Subject: Coverity Scan: Analysis completed for openssl/openssl
Message-ID: <5f2671d66a0ca_1a605c2aafc0020f548850@prd-scan-dashboard-0.mail>


    Your request for analysis of openssl/openssl has been completed successfully.
    The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3DyTkm_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeEsC4Bohg6yIHVqNvwSYk7A7e4mWvJ7QbR6UqEo1pdJYAk8IX-2F7uyEavfpWAueqyrCANRpIhWdj9U4g1PlYTqhY4pe5o3ahmhsfqpV0UP4Bncv7N7IXem1cst5F1ZF7IQdUFW2CyNVmB30VHHKl0X-2F8QZcFNhfVtj4TcCXQLPe6rG8a6MVajAjCYBQ0uzZIEyc-3D

    Build ID: 330136

    Analysis Summary:
       New defects found: 1
       Defects eliminated: 3

    If you have difficulty understanding any defects, email us at scan-admin at coverity.com,
    or post your question to StackOverflow
    at https://u15810271.ct.sendgrid.net/ls/click?upn=CTPegkVN6peWFCMEieYYmPWIi1E4yUS9EoqKFcNAiqhRq8qmgeBE-2Bdt3uvFRAFXd-2FlwX83-2FVVdybfzIMOby0qA-3D-3D3p4m_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeEsC4Bohg6yIHVqNvwSYk7A7e4mWvJ7QbR6UqEo1pdJYH2kxkgrnCiak48W72rt2BEwmu-2FPMZHPWUzK94F68u3ASG14vt1JnDUlMT9fFs0Y2eBmvJxcRWyeDb8M2IWPO1zPcnbpaoLleNBn-2FMrJGcT5PgX-2BHBeqEtFEmtlBzdg1anDKo7mLYZE6zYFlMrA-2FwMc-3D

From openssl at openssl.org  Sun Aug  2 23:58:05 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Sun, 02 Aug 2020 23:58:05 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT
Message-ID: <1596412685.462092.11830.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT

Commit log since last time:

0f9fdefeb0 Fix an ENGINE leak in asn1_item_digest_with_libctx
790a1b030a DESERIALIZER: Small bugfix in the deser_process()
1dbf453773 DESERIALIZER: Make OSSL_DESERIALIZER_from_{bio,fp} use BIO_tell() / BIO_seek()
3c033c5bfe DESERIALIZER: Refactor the constructor setting API
319d0b2be9 TEST: Add testutil tests to compare unterminated strings of different lengths
7c664b1f1b DESERIALIZER: Add deserializers for the rest of our asymmetric key types
3ff8159a8a DESERIALIZER: Make it possible to deserialize public keys too
4701f0a9a0 DESERIALIZER: Rethink password handling
a6495479ad RSA: Better synchronisation between ASN1 PSS params and RSA_PSS_PARAMS_30
6c6b20d591 DER writer: Make context-specific tags constructed (i.e. explicit)
86b5ab58aa PROV: Fix small logic error in ec_kmgmt.c matching function
1202de4481 Add OSSL_CMP_MSG_write(), use it in apps/cmp.c
fafa56a14f Export ossl_cmp_msg_load() as OSSL_CMP_MSG_read(), use it in apps/cmp.c
87d20a9651 apps/cmp.c: Improve documentation of -recipient option
a3f15e237c deserialisation: add deserialisation to the base provider
dfc0857d81 serialisation: Add a built-in base provider.
aa97970c1a unify spelling of serialize
adf3f83e52 Fix test_cmp_cli for extended tests
b8ea8d3912 Don't fallback to legacy in DigestSignInit/DigestVerifyInit too easily
593d6554f8 Export crm_new() of cmp_msg.c under the name OSSL_CMP_CTX_setup_CRM()
299e0f1eae Streamline the CMP request session API, adding the generalized OSSL_CMP_exec_certreq()

Build log ended with (last 100 lines):

            # Server sent alert unexpected_message but client received no alert.
            # 8007E830157F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:318:
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1
    not ok 6 - running ssl_test 25-cipher.cnf
# ------------------------------------------------------------------------------
    # Looks like you failed 2 tests of 9.
not ok 26 - Test configuration 25-cipher.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok

        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #2, ECDHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 80477E13DA7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #3, DHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 80477E13DA7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 4 - iteration 4
# ------------------------------------------------------------------------------
    not ok 1 - test_ssl_corrupt
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1
not ok 1 - running sslcorrupttest
# ------------------------------------------------------------------------------
#   Failed test 'running sslcorrupttest'
#   at ../openssl/test/recipes/80-test_sslcorrupt.t line 19.
# Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests 
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ skipped: Test only supported in a shared build
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls_mtu.t               (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  26
  Non-zero exit status: 1
80-test_sslcorrupt.t             (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=207, Tests=3044, 1705 wallclock secs (11.99 usr  1.46 sys + 1532.53 cusr 153.17 csys = 1699.15 CPU)
Result: FAIL
Makefile:2511: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-asan'
Makefile:2509: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Mon Aug  3 00:57:41 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 03 Aug 2020 00:57:41 +0000
Subject: Build failed: openssl master.35904
Message-ID: <20200803005741.1.5979E7D7564BF386@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200803/0ce764a0/attachment.html>

From no-reply at appveyor.com  Mon Aug  3 01:27:35 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 03 Aug 2020 01:27:35 +0000
Subject: Build completed: openssl master.35905
Message-ID: <20200803012735.1.1B53F967B6593913@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200803/2209b53c/attachment.html>

From openssl at openssl.org  Mon Aug  3 01:56:28 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 03 Aug 2020 01:56:28 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-autoerrinit
Message-ID: <1596419788.588220.10078.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit

Commit log since last time:

0f9fdefeb0 Fix an ENGINE leak in asn1_item_digest_with_libctx
790a1b030a DESERIALIZER: Small bugfix in the deser_process()
1dbf453773 DESERIALIZER: Make OSSL_DESERIALIZER_from_{bio,fp} use BIO_tell() / BIO_seek()
3c033c5bfe DESERIALIZER: Refactor the constructor setting API
319d0b2be9 TEST: Add testutil tests to compare unterminated strings of different lengths
7c664b1f1b DESERIALIZER: Add deserializers for the rest of our asymmetric key types
3ff8159a8a DESERIALIZER: Make it possible to deserialize public keys too
4701f0a9a0 DESERIALIZER: Rethink password handling
a6495479ad RSA: Better synchronisation between ASN1 PSS params and RSA_PSS_PARAMS_30
6c6b20d591 DER writer: Make context-specific tags constructed (i.e. explicit)
86b5ab58aa PROV: Fix small logic error in ec_kmgmt.c matching function
1202de4481 Add OSSL_CMP_MSG_write(), use it in apps/cmp.c
fafa56a14f Export ossl_cmp_msg_load() as OSSL_CMP_MSG_read(), use it in apps/cmp.c
87d20a9651 apps/cmp.c: Improve documentation of -recipient option
a3f15e237c deserialisation: add deserialisation to the base provider
dfc0857d81 serialisation: Add a built-in base provider.
aa97970c1a unify spelling of serialize
adf3f83e52 Fix test_cmp_cli for extended tests
b8ea8d3912 Don't fallback to legacy in DigestSignInit/DigestVerifyInit too easily
593d6554f8 Export crm_new() of cmp_msg.c under the name OSSL_CMP_CTX_setup_CRM()
299e0f1eae Streamline the CMP request session API, adding the generalized OSSL_CMP_exec_certreq()

Build log ended with (last 100 lines):

65-test_cmp_status.t ............... ok
65-test_cmp_vfy.t .................. ok
70-test_asyncio.t .................. ok
70-test_bad_dtls.t ................. ok
70-test_clienthello.t .............. ok
70-test_comp.t ..................... ok
70-test_key_share.t ................ ok
70-test_packet.t ................... ok
70-test_recordlen.t ................ ok
70-test_renegotiation.t ............ ok
70-test_servername.t ............... ok
70-test_sslcbcpadding.t ............ ok
70-test_sslcertstatus.t ............ ok
70-test_sslextension.t ............. ok
70-test_sslmessages.t .............. ok
70-test_sslrecords.t ............... ok
70-test_sslsessiontick.t ........... ok
70-test_sslsigalgs.t ............... ok
70-test_sslsignature.t ............. ok
70-test_sslskewith0p.t ............. ok
70-test_sslversions.t .............. ok
70-test_sslvertol.t ................ ok
70-test_tls13alerts.t .............. ok
70-test_tls13cookie.t .............. ok
70-test_tls13downgrade.t ........... ok
70-test_tls13hrr.t ................. ok
70-test_tls13kexmodes.t ............ ok
70-test_tls13messages.t ............ ok
70-test_tls13psk.t ................. ok
70-test_tlsextms.t ................. ok
70-test_verify_extra.t ............. ok
70-test_wpacket.t .................. ok
71-test_ssl_ctx.t .................. ok
80-test_ca.t ....................... ok
80-test_cipherbytes.t .............. ok
80-test_cipherlist.t ............... ok
80-test_ciphername.t ............... ok

# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... ok
80-test_dtls_mtu.t ................. ok
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok
80-test_ssl_new.t .................. ok
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
04-test_err.t                    (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=207, Tests=3113, 853 wallclock secs (13.20 usr  1.23 sys + 787.73 cusr 59.55 csys = 861.71 CPU)
Result: FAIL
Makefile:3162: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit'
Makefile:3160: recipe for target 'tests' failed
make: *** [tests] Error 2

From dev at ddvo.net  Mon Aug  3 06:32:07 2020
From: dev at ddvo.net (dev at ddvo.net)
Date: Mon, 03 Aug 2020 06:32:07 +0000
Subject: [openssl]  master update
Message-ID: <1596436327.585824.13868.nullmailer@dev.openssl.org>

The branch master has been updated
       via  a677190779705d243cca88ae04f2105dee52672d (commit)
      from  0f9fdefeb05768b86f4364a8e976c87ee197638e (commit)


- Log -----------------------------------------------------------------
commit a677190779705d243cca88ae04f2105dee52672d
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Mon Jul 27 08:50:27 2020 +0200

    81-test_cmp_cli.t: Skip tests with mock server if server cannot be started
    
    Fixes #12514
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12537)

-----------------------------------------------------------------------

Summary of changes:
 test/recipes/81-test_cmp_cli.t | 34 +++++++++++++++++++---------------
 1 file changed, 19 insertions(+), 15 deletions(-)

diff --git a/test/recipes/81-test_cmp_cli.t b/test/recipes/81-test_cmp_cli.t
index 51b4baf6a5..8c4f0f920a 100644
--- a/test/recipes/81-test_cmp_cli.t
+++ b/test/recipes/81-test_cmp_cli.t
@@ -217,23 +217,27 @@ indir data_dir() => sub {
     foreach my $server_name (@server_configurations) {
         $server_name = chop_dblquot($server_name);
         load_config($server_name, $server_name);
-        my $pid;
-        if ($server_name eq "Mock") {
-            indir "Mock" => sub {
-                $pid = start_mock_server("");
-                die "Cannot start or find the started CMP mock server" unless $pid;
+      SKIP:
+        {
+            my $pid;
+            if ($server_name eq "Mock") {
+                indir "Mock" => sub {
+                    $pid = start_mock_server("");
+                    skip "Cannot start or find the started CMP mock server",
+                        scalar @all_aspects unless $pid;
+                }
             }
-        }
-        foreach my $aspect (@all_aspects) {
-            $aspect = chop_dblquot($aspect);
-            next if $server_name eq "Mock" && $aspect eq "certstatus";
-            load_config($server_name, $aspect); # update with any aspect-specific settings
-            indir $server_name => sub {
-                my $tests = load_tests($server_name, $aspect);
-                test_cmp_cli_aspect($server_name, $aspect, $tests);
+            foreach my $aspect (@all_aspects) {
+                $aspect = chop_dblquot($aspect);
+                next if $server_name eq "Mock" && $aspect eq "certstatus";
+                load_config($server_name, $aspect); # update with any aspect-specific settings
+                indir $server_name => sub {
+                    my $tests = load_tests($server_name, $aspect);
+                    test_cmp_cli_aspect($server_name, $aspect, $tests);
+                };
             };
-        };
-        stop_mock_server($pid) if $pid;
+            stop_mock_server($pid) if $pid;
+        }
     };
 };
 

From openssl at openssl.org  Mon Aug  3 07:34:39 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 03 Aug 2020 07:34:39 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-des
Message-ID: <1596440079.401122.20019.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-des

Commit log since last time:

0f9fdefeb0 Fix an ENGINE leak in asn1_item_digest_with_libctx
790a1b030a DESERIALIZER: Small bugfix in the deser_process()
1dbf453773 DESERIALIZER: Make OSSL_DESERIALIZER_from_{bio,fp} use BIO_tell() / BIO_seek()
3c033c5bfe DESERIALIZER: Refactor the constructor setting API
319d0b2be9 TEST: Add testutil tests to compare unterminated strings of different lengths
7c664b1f1b DESERIALIZER: Add deserializers for the rest of our asymmetric key types
3ff8159a8a DESERIALIZER: Make it possible to deserialize public keys too
4701f0a9a0 DESERIALIZER: Rethink password handling
a6495479ad RSA: Better synchronisation between ASN1 PSS params and RSA_PSS_PARAMS_30
6c6b20d591 DER writer: Make context-specific tags constructed (i.e. explicit)
86b5ab58aa PROV: Fix small logic error in ec_kmgmt.c matching function
1202de4481 Add OSSL_CMP_MSG_write(), use it in apps/cmp.c
fafa56a14f Export ossl_cmp_msg_load() as OSSL_CMP_MSG_read(), use it in apps/cmp.c
87d20a9651 apps/cmp.c: Improve documentation of -recipient option
a3f15e237c deserialisation: add deserialisation to the base provider
dfc0857d81 serialisation: Add a built-in base provider.
aa97970c1a unify spelling of serialize
adf3f83e52 Fix test_cmp_cli for extended tests
b8ea8d3912 Don't fallback to legacy in DigestSignInit/DigestVerifyInit too easily
593d6554f8 Export crm_new() of cmp_msg.c under the name OSSL_CMP_CTX_setup_CRM()
299e0f1eae Streamline the CMP request session API, adding the generalized OSSL_CMP_exec_certreq()

Build log ended with (last 100 lines):

C050EBBF847F0000:error::asn1 encoding routines:asn1_d2i_ex_primitive:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:698:
C050EBBF847F0000:error::asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:630:Field=pkey, Type=PKCS8_PRIV_KEY_INFO
C050EBBF847F0000:error::asn1 encoding routines:d2i_PrivateKey_ex:ASN1 lib:../openssl/crypto/asn1/d2i_pr.c:67:
C050EBBF847F0000:error::asn1 encoding routines:d2i_PrivateKey_ex:ASN1 lib:../openssl/crypto/asn1/d2i_pr.c:67:
C050EBBF847F0000:error::asn1 encoding routines:asn1_check_tlen:wrong tag:../openssl/crypto/asn1/tasn_dec.c:1135:
C050EBBF847F0000:error::asn1 encoding routines:asn1_d2i_ex_primitive:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:698:
C050EBBF847F0000:error::asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:630:Field=pkey, Type=PKCS8_PRIV_KEY_INFO
C050EBBF847F0000:error::asn1 encoding routines:asn1_check_tlen:wrong tag:../openssl/crypto/asn1/tasn_dec.c:1135:
C050EBBF847F0000:error::asn1 encoding routines:asn1_d2i_ex_primitive:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:698:
C050EBBF847F0000:error::asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:630:Field=pkey, Type=PKCS8_PRIV_KEY_INFO
OPENSSL_FUNC:../openssl/apps/cmp.c:3039:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2881:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2098:CMP info: will contact http://127.0.0.1:1700/pkix/
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 1
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
Could not open file or uri test.cert.pem for loading CMP client certificate (and optionally extra certs)
C0A0C0A09D7F0000:error::system library:file_open_with_libctx:No such file or directory:../openssl/crypto/store/loader_file.c:928:calling stat(test.cert.pem)
Unable to load CMP client certificate (and optionally extra certs)
OPENSSL_FUNC:../openssl/apps/cmp.c:3039:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2881:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2098:CMP info: will contact http://127.0.0.1:1700/pkix/
# OPENSSL_FUNC:../openssl/apps/cmp.c:2122:CMP warning: -subject '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=leaf' given, which overrides the subject of 'test.cert.pem' in KUR
# OPENSSL_FUNC:../openssl/apps/cmp.c:826:CMP warning: can load only one certificate in DER format from test.cert.pem
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 1
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
Could not open file or uri test.cert.pem for loading CMP client certificate (and optionally extra certs)
C0107C42A07F0000:error::system library:file_open_with_libctx:No such file or directory:../openssl/crypto/store/loader_file.c:928:calling stat(test.cert.pem)
Unable to load CMP client certificate (and optionally extra certs)
OPENSSL_FUNC:../openssl/apps/cmp.c:3039:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2881:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -subject option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -secret option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2098:CMP info: will contact http://127.0.0.1:1700/pkix/
# OPENSSL_FUNC:../openssl/apps/cmp.c:826:CMP warning: can load only one certificate in DER format from test.cert.pem
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 1
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
    # Looks like you failed 31 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-des/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=207, Tests=3147, 846 wallclock secs (12.77 usr  1.30 sys + 793.89 cusr 57.35 csys = 865.31 CPU)
Result: FAIL
Makefile:3084: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-des'
Makefile:3082: recipe for target 'tests' failed
make: *** [tests] Error 2

From builds at travis-ci.com  Mon Aug  3 07:51:39 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 03 Aug 2020 07:51:39 +0000
Subject: Still Failing: openssl/openssl#36450 (master - a677190)
In-Reply-To: <openssl/openssl+178211933+still failing@travis-ci.com>
Message-ID: <5f27c20957df1_13fe46f6b185c43046c@travis-pro-tasks-9d5dd7679-k2bv6.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36450
Status: Still Failing

Duration: 1 hr, 17 mins, and 18 secs
Commit: a677190 (master)
Author: Dr. David von Oheimb
Message: 81-test_cmp_cli.t: Skip tests with mock server if server cannot be started

Fixes #12514

Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12537)

View the changeset: https://github.com/openssl/openssl/compare/0f9fdefeb057...a67719077970

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178211933?utm_medium=notification&utm_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200803/ab9fe430/attachment-0001.html>

From openssl at openssl.org  Mon Aug  3 07:58:27 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 03 Aug 2020 07:58:27 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dgram
Message-ID: <1596441507.079428.4458.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dgram

Commit log since last time:

0f9fdefeb0 Fix an ENGINE leak in asn1_item_digest_with_libctx
790a1b030a DESERIALIZER: Small bugfix in the deser_process()
1dbf453773 DESERIALIZER: Make OSSL_DESERIALIZER_from_{bio,fp} use BIO_tell() / BIO_seek()
3c033c5bfe DESERIALIZER: Refactor the constructor setting API
319d0b2be9 TEST: Add testutil tests to compare unterminated strings of different lengths
7c664b1f1b DESERIALIZER: Add deserializers for the rest of our asymmetric key types
3ff8159a8a DESERIALIZER: Make it possible to deserialize public keys too
4701f0a9a0 DESERIALIZER: Rethink password handling
a6495479ad RSA: Better synchronisation between ASN1 PSS params and RSA_PSS_PARAMS_30
6c6b20d591 DER writer: Make context-specific tags constructed (i.e. explicit)
86b5ab58aa PROV: Fix small logic error in ec_kmgmt.c matching function
1202de4481 Add OSSL_CMP_MSG_write(), use it in apps/cmp.c
fafa56a14f Export ossl_cmp_msg_load() as OSSL_CMP_MSG_read(), use it in apps/cmp.c
87d20a9651 apps/cmp.c: Improve documentation of -recipient option
a3f15e237c deserialisation: add deserialisation to the base provider
dfc0857d81 serialisation: Add a built-in base provider.
aa97970c1a unify spelling of serialize
adf3f83e52 Fix test_cmp_cli for extended tests
b8ea8d3912 Don't fallback to legacy in DigestSignInit/DigestVerifyInit too easily
593d6554f8 Export crm_new() of cmp_msg.c under the name OSSL_CMP_CTX_setup_CRM()
299e0f1eae Streamline the CMP request session API, adding the generalized OSSL_CMP_exec_certreq()

Build log ended with (last 100 lines):


# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build
80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok

            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 7 - iteration 7
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 8 - iteration 8
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 10 - iteration 10
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 11 - iteration 11
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 12 - iteration 12
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips.cnf => 1
    not ok 9 - running ssl_test 04-client_auth.cnf
# ------------------------------------------------------------------------------
    #   Failed test 'running ssl_test 04-client_auth.cnf'
    #   at ../openssl/test/recipes/80-test_ssl_new.t line 173.
    # Looks like you failed 1 test of 9.
not ok 5 - Test configuration 04-client_auth.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  5
  Non-zero exit status: 1
Files=207, Tests=3247, 847 wallclock secs (12.62 usr  1.20 sys + 785.13 cusr 62.33 csys = 861.28 CPU)
Result: FAIL
Makefile:3155: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dgram'
Makefile:3153: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Mon Aug  3 12:19:50 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 03 Aug 2020 12:19:50 +0000
Subject: Build failed: openssl master.35913
Message-ID: <20200803121950.1.467BEFAC4613FD66@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200803/2e6329fc/attachment.html>

From no-reply at appveyor.com  Mon Aug  3 12:54:48 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 03 Aug 2020 12:54:48 +0000
Subject: Build completed: openssl master.35914
Message-ID: <20200803125448.1.CB00B5EADDDB3CFC@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200803/ebe38ce1/attachment.html>

From openssl at openssl.org  Mon Aug  3 13:08:25 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 03 Aug 2020 13:08:25 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-err
Message-ID: <1596460105.454306.26313.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-err

Commit log since last time:

0f9fdefeb0 Fix an ENGINE leak in asn1_item_digest_with_libctx
790a1b030a DESERIALIZER: Small bugfix in the deser_process()
1dbf453773 DESERIALIZER: Make OSSL_DESERIALIZER_from_{bio,fp} use BIO_tell() / BIO_seek()
3c033c5bfe DESERIALIZER: Refactor the constructor setting API
319d0b2be9 TEST: Add testutil tests to compare unterminated strings of different lengths
7c664b1f1b DESERIALIZER: Add deserializers for the rest of our asymmetric key types
3ff8159a8a DESERIALIZER: Make it possible to deserialize public keys too
4701f0a9a0 DESERIALIZER: Rethink password handling
a6495479ad RSA: Better synchronisation between ASN1 PSS params and RSA_PSS_PARAMS_30
6c6b20d591 DER writer: Make context-specific tags constructed (i.e. explicit)
86b5ab58aa PROV: Fix small logic error in ec_kmgmt.c matching function
1202de4481 Add OSSL_CMP_MSG_write(), use it in apps/cmp.c
fafa56a14f Export ossl_cmp_msg_load() as OSSL_CMP_MSG_read(), use it in apps/cmp.c
87d20a9651 apps/cmp.c: Improve documentation of -recipient option
a3f15e237c deserialisation: add deserialisation to the base provider
dfc0857d81 serialisation: Add a built-in base provider.
aa97970c1a unify spelling of serialize
adf3f83e52 Fix test_cmp_cli for extended tests
b8ea8d3912 Don't fallback to legacy in DigestSignInit/DigestVerifyInit too easily
593d6554f8 Export crm_new() of cmp_msg.c under the name OSSL_CMP_CTX_setup_CRM()
299e0f1eae Streamline the CMP request session API, adding the generalized OSSL_CMP_exec_certreq()

Build log ended with (last 100 lines):

65-test_cmp_status.t ............... ok
65-test_cmp_vfy.t .................. ok
70-test_asyncio.t .................. ok
70-test_bad_dtls.t ................. ok
70-test_clienthello.t .............. ok
70-test_comp.t ..................... ok
70-test_key_share.t ................ ok
70-test_packet.t ................... ok
70-test_recordlen.t ................ ok
70-test_renegotiation.t ............ ok
70-test_servername.t ............... ok
70-test_sslcbcpadding.t ............ ok
70-test_sslcertstatus.t ............ ok
70-test_sslextension.t ............. ok
70-test_sslmessages.t .............. ok
70-test_sslrecords.t ............... ok
70-test_sslsessiontick.t ........... ok
70-test_sslsigalgs.t ............... ok
70-test_sslsignature.t ............. ok
70-test_sslskewith0p.t ............. ok
70-test_sslversions.t .............. ok
70-test_sslvertol.t ................ ok
70-test_tls13alerts.t .............. ok
70-test_tls13cookie.t .............. ok
70-test_tls13downgrade.t ........... ok
70-test_tls13hrr.t ................. ok
70-test_tls13kexmodes.t ............ ok
70-test_tls13messages.t ............ ok
70-test_tls13psk.t ................. ok
70-test_tlsextms.t ................. ok
70-test_verify_extra.t ............. ok
70-test_wpacket.t .................. ok
71-test_ssl_ctx.t .................. ok
80-test_ca.t ....................... ok
80-test_cipherbytes.t .............. ok
80-test_cipherlist.t ............... ok
80-test_ciphername.t ............... ok

# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... ok
80-test_dtls_mtu.t ................. ok
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok
80-test_ssl_new.t .................. ok
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
04-test_err.t                    (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=207, Tests=3113, 850 wallclock secs (12.78 usr  1.20 sys + 791.70 cusr 56.14 csys = 861.82 CPU)
Result: FAIL
Makefile:3160: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-err'
Makefile:3158: recipe for target 'tests' failed
make: *** [tests] Error 2

From tmraz at fedoraproject.org  Mon Aug  3 15:18:37 2020
From: tmraz at fedoraproject.org (tmraz at fedoraproject.org)
Date: Mon, 03 Aug 2020 15:18:37 +0000
Subject: [openssl]  master update
Message-ID: <1596467917.609897.23978.nullmailer@dev.openssl.org>

The branch master has been updated
       via  37d898df348b87a423133afdbb828383be22fda7 (commit)
       via  892a9e4c99f13e295f6146b41e72b92b91899a12 (commit)
       via  396e72096589593cb00412c85170c7ec87d13b89 (commit)
       via  c832840e899091948bb7f5e9af63f929e6a18f95 (commit)
      from  a677190779705d243cca88ae04f2105dee52672d (commit)


- Log -----------------------------------------------------------------
commit 37d898df348b87a423133afdbb828383be22fda7
Author: David Woodhouse <dwmw2 at infradead.org>
Date:   Tue May 19 11:51:14 2020 +0100

    Add CHANGES.md entry for SSL_set1_host()/SSL_add1_host() taking IP literals
    
    Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/9201)

commit 892a9e4c99f13e295f6146b41e72b92b91899a12
Author: David Woodhouse <dwmw2 at infradead.org>
Date:   Mon May 11 19:28:03 2020 +0100

    Disallow setting more than one IP address with SSL_add1_host()
    
    The X509_VERIFY_PARAM can only take a single IP address, although it can
    have multiple hostnames. When SSL_add1_host() is given an IP address,
    don't accept it if there is already one configured.
    
    Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/9201)

commit 396e72096589593cb00412c85170c7ec87d13b89
Author: David Woodhouse <dwmw2 at infradead.org>
Date:   Thu Jun 20 21:39:38 2019 +0100

    Fix certificate validation for IPv6 literals in sconnect demo
    
    Instead of na?vely trying to truncate at the first colon, use
    BIO_get_conn_hostname(). That handles IPv6 literals correctly, even
    stripping the [] from around them.
    
    Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/9201)

commit c832840e899091948bb7f5e9af63f929e6a18f95
Author: David Woodhouse <dwmw2 at infradead.org>
Date:   Mon Oct 14 10:46:07 2019 +0100

    Make SSL_set1_host() and SSL_add1_host() take IP addresses
    
    There is a slight mismatch here because X509_VERIFY_PARAM copes only
    with a single IP address, and doesn't let it be cleared once it's set.
    But this fixes up the major use case, making things easier for users to
    get it right.
    
    The sconnect demo now works for Legacy IP literals; for IPv6 it needs to
    fix up the way it tries to split the host:port string, which will happen
    in a subsequent patch.
    
    Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/9201)

-----------------------------------------------------------------------

Summary of changes:
 CHANGES.md           |  5 +++++
 demos/bio/sconnect.c | 15 +++++++--------
 ssl/ssl_lib.c        | 29 +++++++++++++++++++++++++++++
 3 files changed, 41 insertions(+), 8 deletions(-)

diff --git a/CHANGES.md b/CHANGES.md
index 14694739ae..75ecfc22f4 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -23,6 +23,11 @@ OpenSSL 3.0
 
 ### Changes between 1.1.1 and 3.0 [xx XXX xxxx]
 
+ * Allow SSL_set1_host() and SSL_add1_host() to take IP literal addresses
+   as well as actual hostnames.
+
+   *David Woodhouse*
+
  * The 'MinProtocol' and 'MaxProtocol' configuration commands now silently
    ignore TLS protocol version bounds when configuring DTLS-based contexts, and
    conversely, silently ignore DTLS protocol version bounds when configuring
diff --git a/demos/bio/sconnect.c b/demos/bio/sconnect.c
index 7e46bf0ad8..19f8ee78de 100644
--- a/demos/bio/sconnect.c
+++ b/demos/bio/sconnect.c
@@ -29,7 +29,7 @@ int main(int argc, char *argv[])
 {
     const char *hostport = HOSTPORT;
     const char *CAfile = CAFILE;
-    char *hostname;
+    const char *hostname;
     char *cp;
     BIO *out = NULL;
     char buf[1024 * 10], *p;
@@ -43,10 +43,6 @@ int main(int argc, char *argv[])
     if (argc > 2)
         CAfile = argv[2];
 
-    hostname = OPENSSL_strdup(hostport);
-    if ((cp = strchr(hostname, ':')) != NULL)
-        *cp = 0;
-
 #ifdef WATT32
     dbug_init();
     sock_init();
@@ -62,9 +58,6 @@ int main(int argc, char *argv[])
     ssl = SSL_new(ssl_ctx);
     SSL_set_connect_state(ssl);
 
-    /* Enable peername verification */
-    if (SSL_set1_host(ssl, hostname) <= 0)
-        goto err;
 
     /* Use it inside an SSL BIO */
     ssl_bio = BIO_new(BIO_f_ssl());
@@ -73,6 +66,12 @@ int main(int argc, char *argv[])
     /* Lets use a connect BIO under the SSL BIO */
     out = BIO_new(BIO_s_connect());
     BIO_set_conn_hostname(out, hostport);
+
+    /* The BIO has parsed the host:port and even IPv6 literals in [] */
+    hostname = BIO_get_conn_hostname(out);
+    if (!hostname || SSL_set1_host(ssl, hostname) <= 0)
+        goto err;
+
     BIO_set_nbio(out, 1);
     out = BIO_push(ssl_bio, out);
 
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 871606cfc1..3f621d5677 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -955,11 +955,40 @@ int SSL_set_trust(SSL *s, int trust)
 
 int SSL_set1_host(SSL *s, const char *hostname)
 {
+    /* If a hostname is provided and parses as an IP address,
+     * treat it as such. */
+    if (hostname && X509_VERIFY_PARAM_set1_ip_asc(s->param, hostname) == 1)
+        return 1;
+
     return X509_VERIFY_PARAM_set1_host(s->param, hostname, 0);
 }
 
 int SSL_add1_host(SSL *s, const char *hostname)
 {
+    /* If a hostname is provided and parses as an IP address,
+     * treat it as such. */
+    if (hostname)
+    {
+        ASN1_OCTET_STRING *ip;
+        char *old_ip;
+
+        ip = a2i_IPADDRESS(hostname);
+        if (ip) {
+            /* We didn't want it; only to check if it *is* an IP address */
+            ASN1_OCTET_STRING_free(ip);
+
+            old_ip = X509_VERIFY_PARAM_get1_ip_asc(s->param);
+            if (old_ip)
+            {
+                free(old_ip);
+                /* There can be only one IP address */
+                return 0;
+            }
+
+            return X509_VERIFY_PARAM_set1_ip_asc(s->param, hostname);
+        }
+    }
+
     return X509_VERIFY_PARAM_add1_host(s->param, hostname, 0);
 }
 

From builds at travis-ci.com  Mon Aug  3 16:37:17 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 03 Aug 2020 16:37:17 +0000
Subject: Still Failing: openssl/openssl#36459 (master - 37d898d)
In-Reply-To: <openssl/openssl+178277589+still failing@travis-ci.com>
Message-ID: <5f283d3c81bc8_13fa8098b86c0116149@travis-pro-tasks-58b454d888-d2k7v.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36459
Status: Still Failing

Duration: 1 hr, 17 mins, and 16 secs
Commit: 37d898d (master)
Author: David Woodhouse
Message: Add CHANGES.md entry for SSL_set1_host()/SSL_add1_host() taking IP literals

Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9201)

View the changeset: https://github.com/openssl/openssl/compare/a67719077970...37d898df348b

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178277589?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200803/d7704a3e/attachment.html>

From no-reply at appveyor.com  Mon Aug  3 17:21:10 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 03 Aug 2020 17:21:10 +0000
Subject: Build failed: openssl master.35920
Message-ID: <20200803172110.1.D4E7AF25F5679CD5@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200803/21f69271/attachment.html>

From no-reply at appveyor.com  Mon Aug  3 19:38:00 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 03 Aug 2020 19:38:00 +0000
Subject: Build failed: openssl master.35921
Message-ID: <20200803193800.1.FDF1B7398AC46446@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200803/a971a626/attachment.html>

From openssl at openssl.org  Mon Aug  3 21:14:16 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 03 Aug 2020 21:14:16 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-ui-console
Message-ID: <1596489256.187166.2518.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ui-console

Commit log since last time:

0f9fdefeb0 Fix an ENGINE leak in asn1_item_digest_with_libctx
790a1b030a DESERIALIZER: Small bugfix in the deser_process()
1dbf453773 DESERIALIZER: Make OSSL_DESERIALIZER_from_{bio,fp} use BIO_tell() / BIO_seek()
3c033c5bfe DESERIALIZER: Refactor the constructor setting API
319d0b2be9 TEST: Add testutil tests to compare unterminated strings of different lengths
7c664b1f1b DESERIALIZER: Add deserializers for the rest of our asymmetric key types
3ff8159a8a DESERIALIZER: Make it possible to deserialize public keys too
4701f0a9a0 DESERIALIZER: Rethink password handling
a6495479ad RSA: Better synchronisation between ASN1 PSS params and RSA_PSS_PARAMS_30
6c6b20d591 DER writer: Make context-specific tags constructed (i.e. explicit)
86b5ab58aa PROV: Fix small logic error in ec_kmgmt.c matching function
1202de4481 Add OSSL_CMP_MSG_write(), use it in apps/cmp.c
fafa56a14f Export ossl_cmp_msg_load() as OSSL_CMP_MSG_read(), use it in apps/cmp.c
87d20a9651 apps/cmp.c: Improve documentation of -recipient option
a3f15e237c deserialisation: add deserialisation to the base provider
dfc0857d81 serialisation: Add a built-in base provider.
aa97970c1a unify spelling of serialize
adf3f83e52 Fix test_cmp_cli for extended tests
b8ea8d3912 Don't fallback to legacy in DigestSignInit/DigestVerifyInit too easily
593d6554f8 Export crm_new() of cmp_msg.c under the name OSSL_CMP_CTX_setup_CRM()
299e0f1eae Streamline the CMP request session API, adding the generalized OSSL_CMP_exec_certreq()

Build log ended with (last 100 lines):

    #   Failed test 'p10cr csr empty file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -csr wrong.csr.pem => 139
    not ok 78 - p10cr wrong csr
# ------------------------------------------------------------------------------
    #   Failed test 'p10cr wrong csr'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -revreason 5 => 139
    not ok 79 - ir + ignored revocation
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 139
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 139
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 139
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' => 139
    not ok 86 - kur newkey is directory
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139
    not ok 89 - kur oldcert is directory
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert is directory'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139
    not ok 90 - kur oldcert not existing
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert not existing'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139
    not ok 91 - kur empty oldcert file
# ------------------------------------------------------------------------------
    #   Failed test 'kur empty oldcert file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139
    not ok 92 - kur command without cert and oldcert
# ------------------------------------------------------------------------------
    #   Failed test 'kur command without cert and oldcert'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 65 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-ui-console/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=207, Tests=3250, 905 wallclock secs (13.12 usr  1.34 sys + 796.21 cusr 62.46 csys = 873.13 CPU)
Result: FAIL
Makefile:3147: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-ui-console'
Makefile:3145: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Mon Aug  3 23:39:43 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 03 Aug 2020 23:39:43 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 enable-fuzz-afl no-shared no-module
Message-ID: <1596497983.464661.14630.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module

Commit log since last time:

0f9fdefeb0 Fix an ENGINE leak in asn1_item_digest_with_libctx
790a1b030a DESERIALIZER: Small bugfix in the deser_process()
1dbf453773 DESERIALIZER: Make OSSL_DESERIALIZER_from_{bio,fp} use BIO_tell() / BIO_seek()
3c033c5bfe DESERIALIZER: Refactor the constructor setting API
319d0b2be9 TEST: Add testutil tests to compare unterminated strings of different lengths
7c664b1f1b DESERIALIZER: Add deserializers for the rest of our asymmetric key types
3ff8159a8a DESERIALIZER: Make it possible to deserialize public keys too
4701f0a9a0 DESERIALIZER: Rethink password handling
a6495479ad RSA: Better synchronisation between ASN1 PSS params and RSA_PSS_PARAMS_30
6c6b20d591 DER writer: Make context-specific tags constructed (i.e. explicit)
86b5ab58aa PROV: Fix small logic error in ec_kmgmt.c matching function
1202de4481 Add OSSL_CMP_MSG_write(), use it in apps/cmp.c
fafa56a14f Export ossl_cmp_msg_load() as OSSL_CMP_MSG_read(), use it in apps/cmp.c
87d20a9651 apps/cmp.c: Improve documentation of -recipient option
a3f15e237c deserialisation: add deserialisation to the base provider
dfc0857d81 serialisation: Add a built-in base provider.
aa97970c1a unify spelling of serialize
adf3f83e52 Fix test_cmp_cli for extended tests
b8ea8d3912 Don't fallback to legacy in DigestSignInit/DigestVerifyInit too easily
593d6554f8 Export crm_new() of cmp_msg.c under the name OSSL_CMP_CTX_setup_CRM()
299e0f1eae Streamline the CMP request session API, adding the generalized OSSL_CMP_exec_certreq()

Build log ended with (last 100 lines):

../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock credentials' -proxy '' -no_proxy 127.0.0.1 -cert "" -key "" -keypass "" -unprotected_requests => 0
    not ok 38 - unprotected request
# ------------------------------------------------------------------------------
    #   Failed test 'unprotected request'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 3 tests of 38.
not ok 5 - CMP app CLI Mock credentials
# ------------------------------------------------------------------------------
OPENSSL_FUNC:../openssl/apps/cmp.c:3105:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2881:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2098:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2262:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 43 - popo RAVERIFIED
# ------------------------------------------------------------------------------
OPENSSL_FUNC:../openssl/apps/cmp.c:3105:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2881:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2098:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2262:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 47 - popo NONE
# ------------------------------------------------------------------------------
    #   Failed test 'popo NONE'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
OPENSSL_FUNC:../openssl/apps/cmp.c:3105:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2881:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2098:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2262:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 2 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 48 - popo KEYENC not supported
# ------------------------------------------------------------------------------
    # Looks like you failed 3 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/enable-fuzz-afl/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 3 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 3 (wstat 768, 0x300)
Failed 3/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ skipped: Test only supported in a shared build
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 768 Tests: 7 Failed: 3)
  Failed tests:  4-5, 7
  Non-zero exit status: 3
Files=207, Tests=2959, 771 wallclock secs ( 9.91 usr  1.36 sys + 712.67 cusr 49.68 csys = 773.62 CPU)
Result: FAIL
Makefile:2391: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-fuzz-afl'
Makefile:2389: recipe for target 'tests' failed
make: *** [tests] Error 2

From shane.lontis at oracle.com  Tue Aug  4 02:20:07 2020
From: shane.lontis at oracle.com (shane.lontis at oracle.com)
Date: Tue, 04 Aug 2020 02:20:07 +0000
Subject: [openssl]  master update
Message-ID: <1596507607.608282.5945.nullmailer@dev.openssl.org>

The branch master has been updated
       via  e5b2cd5899b2631363740a40c76d96fd15d32d1c (commit)
      from  37d898df348b87a423133afdbb828383be22fda7 (commit)


- Log -----------------------------------------------------------------
commit e5b2cd5899b2631363740a40c76d96fd15d32d1c
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 4 12:18:51 2020 +1000

    Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo
    
    Added der_writer functions for writing octet string primitives.
    Generate OID's for key wrapping algorithms used by X942 KDF.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12554)

-----------------------------------------------------------------------

Summary of changes:
 .gitignore                                         |   2 +
 crypto/der_writer.c                                |  23 ++
 doc/internal/man3/DER_w_bn.pod                     |  12 +-
 include/internal/der.h                             |   3 +
 providers/common/der/build.info                    |  15 +-
 .../common/der/{der_dsa_gen.c.in => der_wrap.h.in} |   6 +-
 .../der/{der_dsa_gen.c.in => der_wrap_gen.c.in}    |   4 +-
 providers/common/der/wrap.asn1                     |  19 ++
 providers/implementations/exchange/ecdh_exch.c     |   2 -
 providers/implementations/kdfs/build.info          |   1 +
 providers/implementations/kdfs/x942kdf.c           | 254 +++++++++++----------
 test/recipes/30-test_evp_data/evpkdf.txt           |  12 +-
 12 files changed, 226 insertions(+), 127 deletions(-)
 copy providers/common/der/{der_dsa_gen.c.in => der_wrap.h.in} (81%)
 copy providers/common/der/{der_dsa_gen.c.in => der_wrap_gen.c.in} (84%)
 create mode 100644 providers/common/der/wrap.asn1

diff --git a/.gitignore b/.gitignore
index 3a0dafda11..ecbc524829 100644
--- a/.gitignore
+++ b/.gitignore
@@ -34,10 +34,12 @@ providers/common/der/der_digests_gen.c
 providers/common/der/der_dsa_gen.c
 providers/common/der/der_ec_gen.c
 providers/common/der/der_rsa_gen.c
+providers/common/der/der_wrap_gen.c
 providers/common/include/prov/der_dsa.h
 providers/common/include/prov/der_ec.h
 providers/common/include/prov/der_rsa.h
 providers/common/include/prov/der_digests.h
+providers/common/include/prov/der_wrap.h
 
 # error code files
 /crypto/err/openssl.txt.old
diff --git a/crypto/der_writer.c b/crypto/der_writer.c
index 117b5dff90..8210327f06 100644
--- a/crypto/der_writer.c
+++ b/crypto/der_writer.c
@@ -66,6 +66,29 @@ int DER_w_boolean(WPACKET *pkt, int tag, int b)
         && int_end_context(pkt, tag);
 }
 
+int DER_w_octet_string(WPACKET *pkt, int tag,
+                       const unsigned char *data, size_t data_n)
+{
+    return int_start_context(pkt, tag)
+        && WPACKET_start_sub_packet(pkt)
+        && WPACKET_memcpy(pkt, data, data_n)
+        && WPACKET_close(pkt)
+        && WPACKET_put_bytes_u8(pkt, DER_P_OCTET_STRING)
+        && int_end_context(pkt, tag);
+}
+
+int DER_w_octet_string_uint32(WPACKET *pkt, int tag, uint32_t value)
+{
+    unsigned char tmp[4] = { 0, 0, 0, 0 };
+    unsigned char *pbuf = tmp + (sizeof(tmp) - 1);
+
+    while (value > 0) {
+        *pbuf-- = (value & 0xFF);
+        value >>= 8;
+    }
+    return DER_w_octet_string(pkt, tag, tmp, sizeof(tmp));
+}
+
 static int int_der_w_integer(WPACKET *pkt, int tag,
                              int (*put_bytes)(WPACKET *pkt, const void *v,
                                               unsigned int *top_byte),
diff --git a/doc/internal/man3/DER_w_bn.pod b/doc/internal/man3/DER_w_bn.pod
index c51223f71a..deea5de346 100644
--- a/doc/internal/man3/DER_w_bn.pod
+++ b/doc/internal/man3/DER_w_bn.pod
@@ -2,7 +2,8 @@
 
 =head1 NAME
 
-DER_w_boolean, DER_w_ulong, DER_w_bn, DER_w_null
+DER_w_boolean, DER_w_ulong, DER_w_bn, DER_w_null,
+DER_w_octet_string, DER_w_octet_string_uint32
 - internal DER writers for DER primitives
 
 =head1 SYNOPSIS
@@ -13,6 +14,9 @@ DER_w_boolean, DER_w_ulong, DER_w_bn, DER_w_null
  int DER_w_ulong(WPACKET *pkt, int tag, unsigned long v);
  int DER_w_bn(WPACKET *pkt, int tag, const BIGNUM *v);
  int DER_w_null(WPACKET *pkt, int tag);
+ int DER_w_octet_string(WPACKET *pkt, int tag,
+                        const unsigned char *data, size_t data_n);
+ int DER_w_octet_string_uint32(WPACKET *pkt, int tag, uint32_t value);
 
 =head1 DESCRIPTION
 
@@ -33,6 +37,12 @@ added.
 
 DER_w_null() writes the primitive NULL.
 
+DER_w_octet_string() writes the primitive OCTET STRING using the bytes from
+I<data> with a length of I<data_n>.
+
+DER_w_octet_string_uint32() writes the primitive OCTET STRING using a 32 bit
+value in I<value>.
+
 =head1 RETURN VALUES
 
 All the functions return 1 on success and 0 on failure.  Failure may
diff --git a/include/internal/der.h b/include/internal/der.h
index 118aa9857c..ce667dc869 100644
--- a/include/internal/der.h
+++ b/include/internal/der.h
@@ -76,6 +76,9 @@ int DER_w_boolean(WPACKET *pkt, int tag, int b);
 int DER_w_ulong(WPACKET *pkt, int tag, unsigned long v);
 int DER_w_bn(WPACKET *pkt, int tag, const BIGNUM *v);
 int DER_w_null(WPACKET *pkt, int tag);
+int DER_w_octet_string(WPACKET *pkt, int tag,
+                       const unsigned char *data, size_t data_n);
+int DER_w_octet_string_uint32(WPACKET *pkt, int tag, uint32_t value);
 
 /*
  * All constructors for constructed elements have a begin and a end function
diff --git a/providers/common/der/build.info b/providers/common/der/build.info
index 7bb1d0dc46..f7eb86fdfb 100644
--- a/providers/common/der/build.info
+++ b/providers/common/der/build.info
@@ -50,6 +50,17 @@ DEPEND[${DER_EC_GEN/.c/.o}]=$DER_EC_H
 GENERATE[$DER_EC_H]=der_ec.h.in
 DEPEND[$DER_EC_H]=oids_to_c.pm
 
+#----- KEY WRAP
+$DER_WRAP_H=../include/prov/der_wrap.h
+$DER_WRAP_GEN=der_wrap_gen.c
+
+GENERATE[$DER_WRAP_GEN]=der_wrap_gen.c.in
+DEPEND[$DER_WRAP_GEN]=oids_to_c.pm
+
+DEPEND[${DER_WRAP_GEN/.c/.o}]=$DER_WRAP_H
+GENERATE[$DER_WRAP_H]=der_wrap.h.in
+DEPEND[$DER_WRAP_H]=oids_to_c.pm
+
 #----- Conclusion
 
 # TODO(3.0) $COMMON should go to libcommon.a, but this currently leads
@@ -59,6 +70,8 @@ $COMMON=\
         $DER_RSA_COMMON \
         $DER_DSA_GEN $DER_DSA_AUX \
         $DER_EC_GEN $DER_EC_AUX \
-        $DER_DIGESTS_GEN
+        $DER_DIGESTS_GEN \
+        $DER_WRAP_GEN
+
 SOURCE[../../libfips.a]=$COMMON $DER_RSA_FIPSABLE
 SOURCE[../../libnonfips.a]=$COMMON $DER_RSA_FIPSABLE
diff --git a/providers/common/der/der_dsa_gen.c.in b/providers/common/der/der_wrap.h.in
similarity index 81%
copy from providers/common/der/der_dsa_gen.c.in
copy to providers/common/der/der_wrap.h.in
index 95f1f5cdd1..5348fc4697 100644
--- a/providers/common/der/der_dsa_gen.c.in
+++ b/providers/common/der/der_wrap.h.in
@@ -7,11 +7,11 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include "prov/der_dsa.h"
+#include "internal/der.h"
 
 /* Well known OIDs precompiled */
 {-
-    $OUT = oids_to_c::process_leaves('providers/common/der/DSA.asn1',
+    $OUT = oids_to_c::process_leaves('providers/common/der/wrap.asn1',
                                      { dir => $config{sourcedir},
-                                       filter => \&oids_to_c::filter_to_C });
+                                       filter => \&oids_to_c::filter_to_H });
 -}
diff --git a/providers/common/der/der_dsa_gen.c.in b/providers/common/der/der_wrap_gen.c.in
similarity index 84%
copy from providers/common/der/der_dsa_gen.c.in
copy to providers/common/der/der_wrap_gen.c.in
index 95f1f5cdd1..b74c334b53 100644
--- a/providers/common/der/der_dsa_gen.c.in
+++ b/providers/common/der/der_wrap_gen.c.in
@@ -7,11 +7,11 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include "prov/der_dsa.h"
+#include "prov/der_wrap.h"
 
 /* Well known OIDs precompiled */
 {-
-    $OUT = oids_to_c::process_leaves('providers/common/der/DSA.asn1',
+    $OUT = oids_to_c::process_leaves('providers/common/der/wrap.asn1',
                                      { dir => $config{sourcedir},
                                        filter => \&oids_to_c::filter_to_C });
 -}
diff --git a/providers/common/der/wrap.asn1 b/providers/common/der/wrap.asn1
new file mode 100644
index 0000000000..006ea0b16c
--- /dev/null
+++ b/providers/common/der/wrap.asn1
@@ -0,0 +1,19 @@
+-- -------------------------------------------------------------------
+-- Taken from RFC 3370, Section 4.3.1 Triple-DES Key Wrap
+-- (https://tools.ietf.org/html/rfc3370)
+
+id-alg-CMS3DESwrap OBJECT IDENTIFIER ::= {
+    iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 6
+}
+
+-- -------------------------------------------------------------------
+-- Taken from RFC 3394, Section 3. Object Identifiers
+-- (https://tools.ietf.org/html/rfc3565)
+
+aes  OBJECT IDENTIFIER  ::=  {
+    joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithm(4) 1
+}
+
+id-aes128-wrap OBJECT IDENTIFIER ::= { aes 5 }
+id-aes192-wrap OBJECT IDENTIFIER ::= { aes 25 }
+id-aes256-wrap OBJECT IDENTIFIER ::= { aes 45 }
diff --git a/providers/implementations/exchange/ecdh_exch.c b/providers/implementations/exchange/ecdh_exch.c
index 6334d0e8bd..ba28d5102e 100644
--- a/providers/implementations/exchange/ecdh_exch.c
+++ b/providers/implementations/exchange/ecdh_exch.c
@@ -521,8 +521,6 @@ int ecdh_derive(void *vpecdhctx, unsigned char *secret,
     return 0;
 }
 
-
-
 const OSSL_DISPATCH ecdh_keyexch_functions[] = {
     { OSSL_FUNC_KEYEXCH_NEWCTX, (void (*)(void))ecdh_newctx },
     { OSSL_FUNC_KEYEXCH_INIT, (void (*)(void))ecdh_init },
diff --git a/providers/implementations/kdfs/build.info b/providers/implementations/kdfs/build.info
index 2c6b2ce1c8..3b3884436a 100644
--- a/providers/implementations/kdfs/build.info
+++ b/providers/implementations/kdfs/build.info
@@ -30,3 +30,4 @@ SOURCE[$SSKDF_GOAL]=sskdf.c
 SOURCE[$SCRYPT_GOAL]=scrypt.c
 SOURCE[$SSHKDF_GOAL]=sshkdf.c
 SOURCE[$X942KDF_GOAL]=x942kdf.c
+DEPEND[x942kdf.o]=../../common/include/prov/der_wrap.h
diff --git a/providers/implementations/kdfs/x942kdf.c b/providers/implementations/kdfs/x942kdf.c
index be141c0d88..cf0ad0bcda 100644
--- a/providers/implementations/kdfs/x942kdf.c
+++ b/providers/implementations/kdfs/x942kdf.c
@@ -9,28 +9,20 @@
  */
 
 #include "e_os.h"
-
-#ifndef OPENSSL_NO_CMS
-
-# include <stdlib.h>
-# include <stdarg.h>
-# include <string.h>
-# include <openssl/hmac.h>
-# include <openssl/cms.h>
-# include <openssl/evp.h>
-# include <openssl/kdf.h>
-# include <openssl/x509.h>
-# include <openssl/obj_mac.h>
-# include <openssl/core_names.h>
-# include "internal/cryptlib.h"
-# include "internal/numbers.h"
-# include "crypto/evp.h"
-# include "prov/provider_ctx.h"
-# include "prov/providercommonerr.h"
-# include "prov/implementations.h"
-# include "prov/provider_util.h"
-
-# define X942KDF_MAX_INLEN (1 << 30)
+#include <openssl/core_names.h>
+#include <openssl/core_dispatch.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/params.h>
+#include "internal/packet.h"
+#include "internal/der.h"
+#include "prov/provider_ctx.h"
+#include "prov/providercommonerr.h"
+#include "prov/implementations.h"
+#include "prov/provider_util.h"
+#include "prov/der_wrap.h"
+
+#define X942KDF_MAX_INLEN (1 << 30)
 
 static OSSL_FUNC_kdf_newctx_fn x942kdf_new;
 static OSSL_FUNC_kdf_freectx_fn x942kdf_free;
@@ -46,42 +38,83 @@ typedef struct {
     PROV_DIGEST digest;
     unsigned char *secret;
     size_t secret_len;
-    int cek_nid;
     unsigned char *ukm;
     size_t ukm_len;
     size_t dkm_len;
+    const unsigned char *cek_oid;
+    size_t cek_oid_len;
 } KDF_X942;
 
-/* A table of allowed wrapping algorithms and the associated output lengths */
+/*
+ * A table of allowed wrapping algorithms, oids and the associated output
+ * lengths.
+ * NOTE: RC2wrap and camellia128_wrap have been removed as there are no
+ * corresponding ciphers for these operations.
+ */
 static const struct {
-    int nid;
+    const char *name;
+    const unsigned char *oid;
+    size_t oid_len;
     size_t keklen; /* size in bytes */
 } kek_algs[] = {
-    { NID_id_smime_alg_CMS3DESwrap, 24 },
-    { NID_id_smime_alg_CMSRC2wrap, 16 },
-    { NID_id_aes128_wrap, 16 },
-    { NID_id_aes192_wrap, 24 },
-    { NID_id_aes256_wrap, 32 },
-    { NID_id_camellia128_wrap, 16 },
-    { NID_id_camellia192_wrap, 24 },
-    { NID_id_camellia256_wrap, 32 }
+    { "AES-128-WRAP", der_oid_id_aes128_wrap, DER_OID_SZ_id_aes128_wrap, 16 },
+    { "AES-192-WRAP", der_oid_id_aes192_wrap, DER_OID_SZ_id_aes192_wrap, 24 },
+    { "AES-256-WRAP", der_oid_id_aes256_wrap, DER_OID_SZ_id_aes256_wrap, 32 },
+#ifndef FIPS_MODULE
+    { "DES3-WRAP", der_oid_id_alg_CMS3DESwrap, DER_OID_SZ_id_alg_CMS3DESwrap,
+      24 },
+#endif
 };
 
-/* Skip past an ASN1 structure: for OBJECT skip content octets too */
-static int skip_asn1(unsigned char **pp, long *plen, int exptag)
+static int find_alg_id(OPENSSL_CTX *libctx, const char *algname, size_t *id)
 {
-    int i, tag, xclass;
-    long tmplen;
-    const unsigned char *q = *pp;
+    int ret = 1;
+    size_t i;
+    EVP_CIPHER *cipher;
 
-    i = ASN1_get_object(&q, &tmplen, &tag, &xclass, *plen);
-    if ((i & 0x80) != 0 || tag != exptag || xclass != V_ASN1_UNIVERSAL)
-        return 0;
-    if (tag == V_ASN1_OBJECT)
-        q += tmplen;
-    *pp = (unsigned char *)q;
-    *plen -= q - *pp;
-    return 1;
+    cipher = EVP_CIPHER_fetch(libctx, algname, NULL);
+    if (cipher != NULL) {
+        for (i = 0; i < OSSL_NELEM(kek_algs); i++) {
+            if (EVP_CIPHER_is_a(cipher, kek_algs[i].name)) {
+                *id = i;
+                goto end;
+            }
+        }
+    }
+    ret = 0;
+    ERR_raise(ERR_LIB_PROV, PROV_R_UNSUPPORTED_CEK_ALG);
+end:
+    EVP_CIPHER_free(cipher);
+    return ret;
+}
+
+static int DER_w_keyinfo(WPACKET *pkt,
+                         const unsigned char *der_oid, size_t der_oidlen,
+                         unsigned char **pcounter)
+{
+    return DER_w_begin_sequence(pkt, -1)
+           /* Store the initial value of 1 into the counter */
+           && DER_w_octet_string_uint32(pkt, -1, 1)
+           /* Remember where we stored the counter in the buffer */
+           && (pcounter == NULL
+               || (*pcounter = WPACKET_get_curr(pkt)) != NULL)
+           && DER_w_precompiled(pkt, -1, der_oid, der_oidlen)
+           && DER_w_end_sequence(pkt, -1);
+}
+
+static int der_encode_sharedinfo(WPACKET *pkt, unsigned char *buf, size_t buflen,
+                                 const unsigned char *der_oid, size_t der_oidlen,
+                                 const unsigned char *ukm, size_t ukmlen,
+                                 uint32_t keylen_bits, unsigned char **pcounter)
+{
+    return (buf != NULL ? WPACKET_init_der(pkt, buf, buflen) :
+                          WPACKET_init_null_der(pkt))
+           && DER_w_begin_sequence(pkt, -1)
+           && DER_w_octet_string_uint32(pkt, 2, keylen_bits)
+           && (ukm == NULL || DER_w_octet_string(pkt, 0, ukm, ukmlen))
+           && DER_w_keyinfo(pkt, der_oid, der_oidlen, pcounter)
+           && DER_w_end_sequence(pkt, -1)
+           && WPACKET_finish(pkt);
 }
 
 /*
@@ -94,15 +127,18 @@ static int skip_asn1(unsigned char **pp, long *plen, int exptag)
  *      partyAInfo [0] OCTET STRING OPTIONAL,
  *      suppPubInfo [2] OCTET STRING
  *  }
+ *  Note suppPubInfo is the key length (in bits) (stored into 4 bytes)
+ *
  *
  *  KeySpecificInfo ::= SEQUENCE {
  *      algorithm OBJECT IDENTIFIER,
  *      counter OCTET STRING SIZE (4..4)
  *  }
  *
- * |nid| is the algorithm object identifier.
  * |keylen| is the length (in bytes) of the generated KEK. It is stored into
  * suppPubInfo (in bits).
+ * |cek_oid| The oid of the key wrapping algorithm.
+ * |cek_oidlen| The length (in bytes) of the key wrapping algorithm oid,
  * |ukm| is the optional user keying material that is stored into partyAInfo. It
  * can be NULL.
  * |ukmlen| is the user keying material length (in bytes).
@@ -114,66 +150,60 @@ static int skip_asn1(unsigned char **pp, long *plen, int exptag)
  * Returns: 1 if successfully encoded, or 0 otherwise.
  * Assumptions: |der|, |der_len| & |out_ctr| are not NULL.
  */
-static int x942_encode_otherinfo(int nid, size_t keylen,
+static int x942_encode_otherinfo(size_t keylen,
+                                 const unsigned char *cek_oid, size_t cek_oidlen,
                                  const unsigned char *ukm, size_t ukmlen,
                                  unsigned char **der, size_t *der_len,
                                  unsigned char **out_ctr)
 {
-    unsigned char *p, *encoded = NULL;
-    int ret = 0, encoded_len;
-    long tlen;
-    /* "magic" value to check offset is sane */
-    static unsigned char ctr[4] = { 0x00, 0x00, 0x00, 0x01 };
-    X509_ALGOR *ksi = NULL;
-    ASN1_OBJECT *alg_oid = NULL;
-    ASN1_OCTET_STRING *ctr_oct = NULL, *ukm_oct = NULL;
-
-    /* set the KeySpecificInfo - which contains an algorithm oid and counter */
-    ksi = X509_ALGOR_new();
-    alg_oid = OBJ_dup(OBJ_nid2obj(nid));
-    ctr_oct = ASN1_OCTET_STRING_new();
-    if (ksi == NULL
-        || alg_oid == NULL
-        || ctr_oct == NULL
-        || !ASN1_OCTET_STRING_set(ctr_oct, ctr, sizeof(ctr))
-        || !X509_ALGOR_set0(ksi, alg_oid, V_ASN1_OCTET_STRING, ctr_oct))
+    int ret = 0;
+    unsigned char *pcounter = NULL, *der_buf = NULL;
+    size_t der_buflen = 0;
+    WPACKET pkt;
+    uint32_t keylen_bits;
+
+    /* keylenbits must fit into 4 bytes */
+    if (keylen > 0xFFFFFF)
         goto err;
-    /* NULL these as they now belong to ksi */
-    alg_oid = NULL;
-    ctr_oct = NULL;
-
-    /* Set the optional partyAInfo */
-    if (ukm != NULL) {
-        ukm_oct = ASN1_OCTET_STRING_new();
-        if (ukm_oct == NULL)
-            goto err;
-        ASN1_OCTET_STRING_set(ukm_oct, (unsigned char *)ukm, ukmlen);
-    }
-    /* Generate the OtherInfo DER data */
-    encoded_len = CMS_SharedInfo_encode(&encoded, ksi, ukm_oct, keylen);
-    if (encoded_len <= 0)
+    keylen_bits = 8 * keylen;
+
+    /* Calculate the size of the buffer */
+    if (!der_encode_sharedinfo(&pkt, NULL, 0, cek_oid, cek_oidlen, ukm, ukmlen,
+                               keylen_bits, NULL)
+        || !WPACKET_get_total_written(&pkt, &der_buflen))
+        goto err;
+    WPACKET_cleanup(&pkt);
+    /* Alloc the buffer */
+    der_buf = OPENSSL_zalloc(der_buflen);
+    if (der_buf == NULL)
+        goto err;
+    /* Encode into the buffer */
+    if (!der_encode_sharedinfo(&pkt, der_buf, der_buflen, cek_oid, cek_oidlen,
+                               ukm, ukmlen, keylen_bits, &pcounter))
+        goto err;
+    /*
+     * Since we allocated the exact size required, the buffer should point to the
+     * start of the alllocated buffer at this point.
+     */
+    if (WPACKET_get_curr(&pkt) != der_buf)
         goto err;
 
-    /* Parse the encoded data to find the offset of the counter data */
-    p = encoded;
-    tlen = (long)encoded_len;
-    if (skip_asn1(&p, &tlen, V_ASN1_SEQUENCE)
-        && skip_asn1(&p, &tlen, V_ASN1_SEQUENCE)
-        && skip_asn1(&p, &tlen, V_ASN1_OBJECT)
-        && skip_asn1(&p, &tlen, V_ASN1_OCTET_STRING)
-        && CRYPTO_memcmp(p, ctr, 4) == 0) {
-        *out_ctr = p;
-        *der = encoded;
-        *der_len = (size_t)encoded_len;
-        ret = 1;
-    }
+    /*
+     * The data for the DER encoded octet string of a 32 bit counter = 1
+     * should be 04 04 00 00 00 01
+     * So just check the header is correct and skip over it.
+     * This counter will be incremented in the kdf update loop.
+     */
+    if (pcounter == NULL
+        || pcounter[0] != 0x04
+        || pcounter[1] != 0x04)
+        goto err;
+    *out_ctr = (pcounter + 2);
+    *der = der_buf;
+    *der_len = der_buflen;
+    ret = 1;
 err:
-    if (ret != 1)
-        OPENSSL_free(encoded);
-    ASN1_OCTET_STRING_free(ctr_oct);
-    ASN1_OCTET_STRING_free(ukm_oct);
-    ASN1_OBJECT_free(alg_oid);
-    X509_ALGOR_free(ksi);
+    WPACKET_cleanup(&pkt);
     return ret;
 }
 
@@ -315,7 +345,7 @@ static int x942kdf_derive(void *vctx, unsigned char *key, size_t keylen)
         ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_MESSAGE_DIGEST);
         return 0;
     }
-    if (ctx->cek_nid == NID_undef) {
+    if (ctx->cek_oid == NULL || ctx->cek_oid_len == 0) {
         ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_CEK_ALG);
         return 0;
     }
@@ -327,12 +357,9 @@ static int x942kdf_derive(void *vctx, unsigned char *key, size_t keylen)
         ERR_raise(ERR_LIB_PROV, PROV_R_INAVLID_UKM_LENGTH);
         return 0;
     }
-    if (keylen != ctx->dkm_len) {
-        ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_CEK_ALG);
-        return 0;
-    }
     /* generate the otherinfo der */
-    if (!x942_encode_otherinfo(ctx->cek_nid, ctx->dkm_len,
+    if (!x942_encode_otherinfo(ctx->dkm_len,
+                               ctx->cek_oid, ctx->cek_oid_len,
                                ctx->ukm, ctx->ukm_len,
                                &der, &der_len, &ctr)) {
         ERR_raise(ERR_LIB_PROV, PROV_R_BAD_ENCODING);
@@ -349,7 +376,7 @@ static int x942kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     const OSSL_PARAM *p;
     KDF_X942 *ctx = vctx;
     OPENSSL_CTX *provctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx);
-    size_t i;
+    size_t id;
 
     if (!ossl_prov_digest_load_from_params(&ctx->digest, params, provctx))
         return 0;
@@ -366,14 +393,11 @@ static int x942kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_CEK_ALG)) != NULL) {
         if (p->data_type != OSSL_PARAM_UTF8_STRING)
             return 0;
-        ctx->cek_nid = OBJ_sn2nid(p->data);
-        for (i = 0; i < OSSL_NELEM(kek_algs); i++)
-            if (kek_algs[i].nid == ctx->cek_nid)
-                goto cek_found;
-        ERR_raise(ERR_LIB_PROV, PROV_R_UNSUPPORTED_CEK_ALG);
-        return 0;
-cek_found:
-        ctx->dkm_len = kek_algs[i].keklen;
+        if (find_alg_id(provctx, p->data, &id) == 0)
+            return 0;
+        ctx->cek_oid = kek_algs[id].oid;
+        ctx->cek_oid_len = kek_algs[id].oid_len;
+        ctx->dkm_len = kek_algs[id].keklen;
     }
     return 1;
 }
@@ -424,5 +448,3 @@ const OSSL_DISPATCH kdf_x942_kdf_functions[] = {
     { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void(*)(void))x942kdf_get_ctx_params },
     { 0, NULL }
 };
-
-#endif /* OPENSSL_NO_CMS */
diff --git a/test/recipes/30-test_evp_data/evpkdf.txt b/test/recipes/30-test_evp_data/evpkdf.txt
index 73d3b3ca9e..85bc53991b 100644
--- a/test/recipes/30-test_evp_data/evpkdf.txt
+++ b/test/recipes/30-test_evp_data/evpkdf.txt
@@ -6517,12 +6517,20 @@ Ctrl.hexsecret = hexsecret:000102030405060708090a0b0c0d0e0f10111213
 Ctrl.cekalg = cekalg:id-smime-alg-CMS3DESwrap
 Output = a09661392376f7044d9052a397883246b67f5f1ef63eb5fb
 
+Title = X9.42 KDF tests (RFC3565 2.3.2 Examples)
+
+KDF = X942KDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:000102030405060708090a0b0c0d0e0f10111213
+Ctrl.cekalg = cekalg:id-aes128-wrap
+Output = d6d6b094c1027a7de6e3117294a35364
+
 KDF = X942KDF
 Ctrl.digest = digest:SHA1
 Ctrl.hexsecret = hexsecret:000102030405060708090a0b0c0d0e0f10111213
-Ctrl.cekalg = cekalg:id-smime-alg-CMSRC2wrap
+Ctrl.cekalg = cekalg:id-aes256-wrap
 Ctrl.hexukm = hexukm:0123456789abcdeffedcba98765432010123456789abcdeffedcba98765432010123456789abcdeffedcba98765432010123456789abcdeffedcba9876543201
-Output = 48950c46e0530075403cce72889604e0
+Output = 8890585C4E281A5C1167CAA530BED59B3230D893CBA8F922BD1B56A0
 
 Title = KRB5KDF tests (from RFC 3961 test vectors and krb5 sources)
 

From shane.lontis at oracle.com  Tue Aug  4 02:35:47 2020
From: shane.lontis at oracle.com (shane.lontis at oracle.com)
Date: Tue, 04 Aug 2020 02:35:47 +0000
Subject: [openssl]  master update
Message-ID: <1596508547.863942.4639.nullmailer@dev.openssl.org>

The branch master has been updated
       via  19b4e6f8feba9aeec5d4e0d0aacb11d143b59340 (commit)
      from  e5b2cd5899b2631363740a40c76d96fd15d32d1c (commit)


- Log -----------------------------------------------------------------
commit 19b4e6f8feba9aeec5d4e0d0aacb11d143b59340
Author: Norman Ashley <nashley at cisco.com>
Date:   Tue Aug 4 12:34:22 2020 +1000

    Coverity Fixes for issue #12531
    
    Fixes #12531 on master branch.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12557)

-----------------------------------------------------------------------

Summary of changes:
 crypto/asn1/x_algor.c  | 7 ++++++-
 crypto/cms/cms_lib.c   | 4 ++--
 crypto/x509/pcy_data.c | 1 +
 3 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/crypto/asn1/x_algor.c b/crypto/asn1/x_algor.c
index 70f2615026..f29d26d91c 100644
--- a/crypto/asn1/x_algor.c
+++ b/crypto/asn1/x_algor.c
@@ -110,13 +110,18 @@ int X509_ALGOR_copy(X509_ALGOR *dest, const X509_ALGOR *src)
         if ((dest->algorithm = OBJ_dup(src->algorithm)) == NULL)
 	    return 0;
 
-    if (src->parameter)
+    if (src->parameter != NULL) {
+        dest->parameter = ASN1_TYPE_new();
+        if (dest->parameter == NULL)
+            return 0;
+
         /* Assuming this is also correct for a BOOL.
          * set does copy as a side effect.
          */
         if (ASN1_TYPE_set1(dest->parameter, 
               src->parameter->type, src->parameter->value.ptr) == 0)
 	    return 0;
+    }
 
     return 1;
 }
diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c
index 67f4fbb4ea..6e2a20c4b3 100644
--- a/crypto/cms/cms_lib.c
+++ b/crypto/cms/cms_lib.c
@@ -97,12 +97,12 @@ BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont)
 
     default:
         CMSerr(CMS_F_CMS_DATAINIT, CMS_R_UNSUPPORTED_TYPE);
-        return NULL;
+        goto err;
     }
 
     if (cmsbio)
         return BIO_push(cmsbio, cont);
-
+err:
     if (!icont)
         BIO_free(cont);
     return NULL;
diff --git a/crypto/x509/pcy_data.c b/crypto/x509/pcy_data.c
index 966b0b2ecb..6b509cf457 100644
--- a/crypto/x509/pcy_data.c
+++ b/crypto/x509/pcy_data.c
@@ -54,6 +54,7 @@ X509_POLICY_DATA *policy_data_new(POLICYINFO *policy,
         id = NULL;
     ret = OPENSSL_zalloc(sizeof(*ret));
     if (ret == NULL) {
+        ASN1_OBJECT_free(id);
         X509V3err(X509V3_F_POLICY_DATA_NEW, ERR_R_MALLOC_FAILURE);
         return NULL;
     }

From builds at travis-ci.com  Tue Aug  4 03:39:16 2020
From: builds at travis-ci.com (Travis CI)
Date: Tue, 04 Aug 2020 03:39:16 +0000
Subject: Still Failing: openssl/openssl#36467 (master - e5b2cd5)
In-Reply-To: <openssl/openssl+178346451+still failing@travis-ci.com>
Message-ID: <5f28d8643927d_13fcb76add9882406c4@travis-pro-tasks-c9b54469-7svxd.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36467
Status: Still Failing

Duration: 1 hr, 17 mins, and 51 secs
Commit: e5b2cd5 (master)
Author: Shane Lontis
Message: Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo

Added der_writer functions for writing octet string primitives.
Generate OID's for key wrapping algorithms used by X942 KDF.

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12554)

View the changeset: https://github.com/openssl/openssl/compare/37d898df348b...e5b2cd5899b2

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178346451?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200804/34aae110/attachment.html>

From pauli at openssl.org  Tue Aug  4 04:35:39 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Tue, 04 Aug 2020 04:35:39 +0000
Subject: [openssl]  master update
Message-ID: <1596515739.208294.18834.nullmailer@dev.openssl.org>

The branch master has been updated
       via  b5b6669fb63702233124c8fd5504e8477e559d07 (commit)
      from  19b4e6f8feba9aeec5d4e0d0aacb11d143b59340 (commit)


- Log -----------------------------------------------------------------
commit b5b6669fb63702233124c8fd5504e8477e559d07
Author: Richard Levitte <levitte at openssl.org>
Date:   Sun Aug 2 13:12:54 2020 +0200

    PROV: Make the DER to KEY deserializer decode parameters too
    
    It should be noted that this may be dodgy if we ever encounter
    parameter objects that look like something else.  However, experience
    with the OSSL_STORE 'file:' loader, which does exactly this kind of
    thing, has worked fine so far.
    
    A possibility could be that to decode parameters specifically, we
    demand that there's an incoming data type specifying this, which
    demands by extension that parameters can only come from a file format
    that has the parameter type encoded, such as PEM.  This would be a
    future effort.
    
    Fixes #12568
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12569)

-----------------------------------------------------------------------

Summary of changes:
 providers/implementations/serializers/deserialize_der2key.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/providers/implementations/serializers/deserialize_der2key.c b/providers/implementations/serializers/deserialize_der2key.c
index a544d8522c..87ac7b5e12 100644
--- a/providers/implementations/serializers/deserialize_der2key.c
+++ b/providers/implementations/serializers/deserialize_der2key.c
@@ -130,6 +130,11 @@ static int der2key_deserialize(void *vctx, OSSL_CORE_BIO *cin,
         pkey = d2i_PUBKEY(NULL, &derp, der_len);
     }
 
+    if (pkey == NULL) {
+        derp = der;
+        pkey = d2i_KeyParams(ctx->desc->type, NULL, &derp, der_len);
+    }
+
     if (pkey != NULL) {
         /*
          * Tear out the low-level key pointer from the pkey,

From builds at travis-ci.com  Tue Aug  4 05:32:41 2020
From: builds at travis-ci.com (Travis CI)
Date: Tue, 04 Aug 2020 05:32:41 +0000
Subject: Still Failing: openssl/openssl#36469 (master - 19b4e6f)
In-Reply-To: <openssl/openssl+178347291+still failing@travis-ci.com>
Message-ID: <5f28f2f96c029_13fb7a2bc3ba0142828@travis-pro-tasks-7f55f4c657-w4vf2.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36469
Status: Still Failing

Duration: 1 hr, 19 mins, and 11 secs
Commit: 19b4e6f (master)
Author: Norman Ashley
Message: Coverity Fixes for issue #12531

Fixes #12531 on master branch.

Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12557)

View the changeset: https://github.com/openssl/openssl/compare/e5b2cd5899b2...19b4e6f8feba

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178347291?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200804/0962a180/attachment.html>

From openssl at openssl.org  Tue Aug  4 05:53:11 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 04 Aug 2020 05:53:11 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-posix-io
Message-ID: <1596520391.612660.28735.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-posix-io

Commit log since last time:

0f9fdefeb0 Fix an ENGINE leak in asn1_item_digest_with_libctx
790a1b030a DESERIALIZER: Small bugfix in the deser_process()
1dbf453773 DESERIALIZER: Make OSSL_DESERIALIZER_from_{bio,fp} use BIO_tell() / BIO_seek()
3c033c5bfe DESERIALIZER: Refactor the constructor setting API
319d0b2be9 TEST: Add testutil tests to compare unterminated strings of different lengths
7c664b1f1b DESERIALIZER: Add deserializers for the rest of our asymmetric key types
3ff8159a8a DESERIALIZER: Make it possible to deserialize public keys too
4701f0a9a0 DESERIALIZER: Rethink password handling
a6495479ad RSA: Better synchronisation between ASN1 PSS params and RSA_PSS_PARAMS_30
6c6b20d591 DER writer: Make context-specific tags constructed (i.e. explicit)
86b5ab58aa PROV: Fix small logic error in ec_kmgmt.c matching function
1202de4481 Add OSSL_CMP_MSG_write(), use it in apps/cmp.c
fafa56a14f Export ossl_cmp_msg_load() as OSSL_CMP_MSG_read(), use it in apps/cmp.c
87d20a9651 apps/cmp.c: Improve documentation of -recipient option
a3f15e237c deserialisation: add deserialisation to the base provider
dfc0857d81 serialisation: Add a built-in base provider.
aa97970c1a unify spelling of serialize
adf3f83e52 Fix test_cmp_cli for extended tests
b8ea8d3912 Don't fallback to legacy in DigestSignInit/DigestVerifyInit too easily
593d6554f8 Export crm_new() of cmp_msg.c under the name OSSL_CMP_CTX_setup_CRM()
299e0f1eae Streamline the CMP request session API, adding the generalized OSSL_CMP_exec_certreq()

Build log ended with (last 100 lines):

rm -f doc/html/man1/CA.pl.html doc/html/man1/openssl-asn1parse.html doc/html/man1/openssl-ca.html doc/html/man1/openssl-ciphers.html doc/html/man1/openssl-cmds.html doc/html/man1/openssl-cmp.html doc/html/man1/openssl-cms.html doc/html/man1/openssl-crl.html doc/html/man1/openssl-crl2pkcs7.html doc/html/man1/openssl-dgst.html doc/html/man1/openssl-dhparam.html doc/html/man1/openssl-dsa.html doc/html/man1/openssl-dsaparam.html doc/html/man1/openssl-ec.html doc/html/man1/openssl-ecparam.html doc/html/man1/openssl-enc.html doc/html/man1/openssl-engine.html doc/html/man1/openssl-errstr.html doc/html/man1/openssl-fipsinstall.html doc/html/man1/openssl-gendsa.html doc/html/man1/openssl-genpkey.html doc/html/man1/openssl-genrsa.html doc/html/man1/openssl-info.html doc/html/man1/openssl-kdf.html doc/html/man1/openssl-list.html doc/html/man1/openssl-mac.html doc/html/man1/openssl-nseq.html doc/html/man1/openssl-ocsp.html doc/html/man1/openssl-passwd.html doc/html/man1/openssl-pkcs12.html doc/html/man1/openssl-pkcs7.html doc/html/man1/openssl-pkcs8.html doc/html/man1/openssl-pkey.html doc/html/man1/openssl-pkeyparam.html doc/html/man1/openssl-pkeyutl.html doc/html/man1/openssl-prime.html doc/html/man1/openssl-provider.html doc/html/man1/openssl-rand.html doc/html/man1/openssl-rehash.html doc/html/man1/openssl-req.html doc/html/man1/openssl-rsa.html doc/html/man1/openssl-rsautl.html doc/html/man1/openssl-s_client.html doc/html/man1/openssl-s_server.html doc/html/man1/openssl-s_time.html doc/html/man1/openssl-sess_id.html doc/html/man1/openssl-smime.html doc/html/man1/openssl-speed.html doc/html/man1/openssl-spkac.html doc/html/man1/openssl-srp.html doc/html/man1/openssl-storeutl.html doc/html/man1/openssl-ts.html doc/html/man1/openssl-verify.html doc/html/man1/openssl-version.html doc/html/man1/openssl-x509.html doc/html/man1/openssl.html doc/html/man1/tsget.html doc/html/man3/ADMISSIONS.html doc/html/man3/ASN1_INTEGER_get_int64.html doc/html/man3/ASN1_INTEGER_new.html doc/html/man3/ASN1_ITEM_lookup.html doc/html/man3/ASN1_OBJECT_new.html doc/html/man3/ASN1_STRING_TABLE_add.html doc/html/man3/ASN1_STRING_length.html doc/html/man3/ASN1_STRING_new.html doc/html/man3/ASN1_STRING_print_ex.html doc/html/man3/ASN1_TIME_set.html doc/html/man3/ASN1_TYPE_get.html doc/html/man3/ASN1_generate_nconf.html doc/html/man3/ASYNC_WAIT_CTX_new.html doc/html/man3/ASYNC_start_job.html doc/html/man3/BF_encrypt.html doc/html/man3/BIO_ADDR.html doc/html/man3/BIO_ADDRINFO.html doc/html/man3/BIO_connect.html doc/html/man3/BIO_ctrl.html doc/html/man3/BIO_f_base64.html doc/html/man3/BIO_f_buffer.html doc/html/man3/BIO_f_cipher.html doc/html/man3/BIO_f_md.html doc/html/man3/BIO_f_null.html doc/html/man3/BIO_f_prefix.html doc/html/man3/BIO_f_ssl.html doc/html/man3/BIO_find_type.html doc/html/man3/BIO_get_data.html doc/html/man3/BIO_get_ex_new_index.html doc/html/man3/BIO_meth_new.html doc/html/man3/BIO_new.html doc/html/man3/BIO_new_CMS.html doc/html/man3/BIO_parse_hostserv.html doc/html/man3/BIO_printf.html doc/html/man3/BIO_push.html doc/html/man3/BIO_read.html doc/html/man3/BIO_s_accept.html doc/html/man3/BIO_s_bio.html doc/html/man3/BIO_s_connect.html doc/html/man3/BIO_s_fd.html doc/html/man3/BIO_s_file.html doc/html/man3/BIO_s_mem.html doc/html/man3/BIO_s_null.html doc/html/man3/BIO_s_socket.html doc/html/man3/BIO_set_callback.html doc/html/man3/BIO_should_retry.html doc/html/man3/BIO_socket_wait.html doc/html/man3/BN_BLINDING_new.html doc/html/man3/BN_CTX_new.html doc/html/man3/BN_CTX_start.html doc/html/man3/BN_add.html doc/html/man3/BN_add_word.html doc/html/man3/BN_bn2bin.html doc/html/man3/BN_cmp.html doc/html/man3/BN_copy.html doc/html/man3/BN_generate_prime.html doc/html/man3/BN_mod_inverse.html doc/html/man3/BN_mod_mul_montgomery.html doc/html/man3/BN_mod_mul_reciprocal.html doc/html/man3/BN_new.html doc/html/man3/BN_num_bytes.html doc/html/man3/BN_rand.html doc/html/man3/BN_security_bits.html doc/html/man3/BN_set_bit.html doc/html/man3/BN_swap.html doc/html/man3/BN_zero.html doc/html/man3/BUF_MEM_new.html doc/html/man3/CMS_EnvelopedData_create.html doc/html/man3/CMS_add0_cert.html doc/html/man3/CMS_add1_recipient_cert.html doc/html/man3/CMS_add1_signer.html doc/html/man3/CMS_compress.html doc/html/man3/CMS_decrypt.html doc/html/man3/CMS_encrypt.html doc/html/man3/CMS_final.html doc/html/man3/CMS_get0_RecipientInfos.html doc/html/man3/CMS_get0_SignerInfos.html doc/html/man3/CMS_get0_type.html doc/html/man3/CMS_get1_ReceiptRequest.html doc/html/man3/CMS_sign.html doc/html/man3/CMS_sign_receipt.html doc/html/man3/CMS_uncompress.html doc/html/man3/CMS_verify.html doc/html/man3/CMS_verify_receipt.html doc/html/man3/CONF_modules_free.html doc/html/man3/CONF_modules_load_file.html doc/html/man3/CRYPTO_THREAD_run_once.html doc/html/man3/CRYPTO_get_ex_new_index.html doc/html/man3/CRYPTO_memcmp.html doc/html/man3/CTLOG_STORE_get0_log_by_id.html doc/html/man3/CTLOG_STORE_new.html doc/html/man3/CTLOG_new.html doc/html/man3/CT_POLICY_EVAL_CTX_new.html doc/html/man3/DEFINE_STACK_OF.html doc/html/man3/DES_random_key.html doc/html/man3/DH_generate_key.html doc/html/man3/DH_generate_parameters.html doc/html/man3/DH_get0_pqg.html doc/html/man3/DH_get_1024_160.html doc/html/man3/DH_meth_new.html doc/html/man3/DH_new.html doc/html/man3/DH_new_by_nid.html doc/html/man3/DH_set_method.html doc/html/man3/DH_size.html doc/html/man3/DSA_SIG_new.html doc/html/man3/DSA_do_sign.html doc/html/man3/DSA_dup_DH.html doc/html/man3/DSA_generate_key.html doc/html/man3/DSA_generate_parameters.html doc/html/man3/DSA_get0_pqg.html doc/html/man3/DSA_meth_new.html doc/html/man3/DSA_new.html doc/html/man3/DSA_set_method.html doc/html/man3/DSA_sign.html doc/html/man3/DSA_size.html doc/html/man3/DTLS_get_data_mtu.html doc/html/man3/DTLS_set_timer_cb.html doc/html/man3/DTLSv1_listen.html doc/html/man3/ECDSA_SIG_new.html doc/html/man3/ECPKParameters_print.html doc/html/man3/EC_GFp_simple_method.html doc/html/man3/EC_GROUP_copy.html doc/html/man3/EC_GROUP_new.html doc/html/man3/EC_KEY_get_enc_flags.html doc/html/man3/EC_KEY_new.html doc/html/man3/EC_POINT_add.html doc/html/man3/EC_POINT_new.html doc/html/man3/ENGINE_add.html doc/html/man3/ERR_GET_LIB.html doc/html/man3/ERR_clear_error.html doc/html/man3/ERR_error_string.html doc/html/man3/ERR_get_error.html doc/html/man3/ERR_load_crypto_strings.html doc/html/man3/ERR_load_strings.html doc/html/man3/ERR_new.html doc/html/man3/ERR_print_errors.html doc/html/man3/ERR_put_error.html doc/html/man3/ERR_remove_state.html doc/html/man3/ERR_set_mark.html doc/html/man3/EVP_ASYM_CIPHER_free.html doc/html/man3/EVP_BytesToKey.html doc/html/man3/EVP_CIPHER_CTX_get_cipher_data.html doc/html/man3/EVP_CIPHER_meth_new.html doc/html/man3/EVP_DigestInit.html doc/html/man3/EVP_DigestSignInit.html doc/html/man3/EVP_DigestVerifyInit.html doc/html/man3/EVP_EncodeInit.html doc/html/man3/EVP_EncryptInit.html doc/html/man3/EVP_KDF.html doc/html/man3/EVP_KEYEXCH_free.html doc/html/man3/EVP_KEYMGMT.html doc/html/man3/EVP_MAC.html doc/html/man3/EVP_MD_meth_new.html doc/html/man3/EVP_OpenInit.html doc/html/man3/EVP_PKEY_ASN1_METHOD.html doc/html/man3/EVP_PKEY_CTX_ctrl.html doc/html/man3/EVP_PKEY_CTX_new.html doc/html/man3/EVP_PKEY_CTX_set1_pbe_pass.html doc/html/man3/EVP_PKEY_CTX_set_hkdf_md.html doc/html/man3/EVP_PKEY_CTX_set_params.html doc/html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.html doc/html/man3/EVP_PKEY_CTX_set_scrypt_N.html doc/html/man3/EVP_PKEY_CTX_set_tls1_prf_md.html doc/html/man3/EVP_PKEY_asn1_get_count.html doc/html/man3/EVP_PKEY_check.html doc/html/man3/EVP_PKEY_copy_parameters.html doc/html/man3/EVP_PKEY_decrypt.html doc/html/man3/EVP_PKEY_derive.html doc/html/man3/EVP_PKEY_encrypt.html doc/html/man3/EVP_PKEY_fromdata.html doc/html/man3/EVP_PKEY_gen.html doc/html/man3/EVP_PKEY_get_default_digest_nid.html doc/html/man3/EVP_PKEY_gettable_params.html doc/html/man3/EVP_PKEY_is_a.html doc/html/man3/EVP_PKEY_meth_get_count.html doc/html/man3/EVP_PKEY_meth_new.html doc/html/man3/EVP_PKEY_new.html doc/html/man3/EVP_PKEY_print_private.html doc/html/man3/EVP_PKEY_set1_RSA.html doc/html/man3/EVP_PKEY_set_type.html doc/html/man3/EVP_PKEY_sign.html doc/html/man3/EVP_PKEY_size.html doc/html/man3/EVP_PKEY_supports_digest_nid.html doc/html/man3/EVP_PKEY_verify.html doc/html/man3/EVP_PKEY_verify_recover.html doc/html/man3/EVP_RAND.html doc/html/man3/EVP_SIGNATURE_free.html doc/html/man3/EVP_SealInit.html doc/html/man3/EVP_SignInit.html doc/html/man3/EVP_VerifyInit.html doc/html/man3/EVP_aes_128_gcm.html doc/html/man3/EVP_aria_128_gcm.html doc/html/man3/EVP_bf_cbc.html doc/html/man3/EVP_blake2b512.html doc/html/man3/EVP_camellia_128_ecb.html doc/html/man3/EVP_cast5_cbc.html doc/html/man3/EVP_chacha20.html doc/html/man3/EVP_des_cbc.html doc/html/man3/EVP_desx_cbc.html doc/html/man3/EVP_idea_cbc.html doc/html/man3/EVP_md2.html doc/html/man3/EVP_md4.html doc/html/man3/EVP_md5.html doc/html/man3/EVP_mdc2.html doc/html/man3/EVP_rc2_cbc.html doc/html/man3/EVP_rc4.html doc/html/man3/EVP_rc5_32_12_16_cbc.html doc/html/man3/EVP_ripemd160.html doc/html/man3/EVP_seed_cbc.html doc/html/man3/EVP_set_default_properties.html doc/html/man3/EVP_sha1.html doc/html/man3/EVP_sha224.html doc/html/man3/EVP_sha3_224.html doc/html/man3/EVP_sm3.html doc/html/man3/EVP_sm4_cbc.html doc/html/man3/EVP_whirlpool.html doc/html/man3/HMAC.html doc/html/man3/MD5.html doc/html/man3/MDC2_Init.html doc/html/man3/NCONF_new_with_libctx.html doc/html/man3/OBJ_nid2obj.html doc/html/man3/OCSP_REQUEST_new.html doc/html/man3/OCSP_cert_to_id.html doc/html/man3/OCSP_request_add1_nonce.html doc/html/man3/OCSP_resp_find_status.html doc/html/man3/OCSP_response_status.html doc/html/man3/OCSP_sendreq_new.html doc/html/man3/OPENSSL_Applink.html doc/html/man3/OPENSSL_CTX.html doc/html/man3/OPENSSL_FILE.html doc/html/man3/OPENSSL_LH_COMPFUNC.html doc/html/man3/OPENSSL_LH_stats.html doc/html/man3/OPENSSL_config.html doc/html/man3/OPENSSL_fork_prepare.html doc/html/man3/OPENSSL_hexchar2int.html doc/html/man3/OPENSSL_ia32cap.html doc/html/man3/OPENSSL_init_crypto.html doc/html/man3/OPENSSL_init_ssl.html doc/html/man3/OPENSSL_instrument_bus.html doc/html/man3/OPENSSL_load_builtin_modules.html doc/html/man3/OPENSSL_malloc.html doc/html/man3/OPENSSL_s390xcap.html doc/html/man3/OPENSSL_secure_malloc.html doc/html/man3/OSSL_CMP_CTX_new.html doc/html/man3/OSSL_CMP_HDR_get0_transactionID.html doc/html/man3/OSSL_CMP_ITAV_set0.html doc/html/man3/OSSL_CMP_MSG_get0_header.html doc/html/man3/OSSL_CMP_MSG_http_perform.html doc/html/man3/OSSL_CMP_SRV_CTX_new.html doc/html/man3/OSSL_CMP_STATUSINFO_new.html doc/html/man3/OSSL_CMP_exec_certreq.html doc/html/man3/OSSL_CMP_log_open.html doc/html/man3/OSSL_CMP_validate_msg.html doc/html/man3/OSSL_CRMF_MSG_get0_tmpl.html doc/html/man3/OSSL_CRMF_MSG_set0_validity.html doc/html/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.html doc/html/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.html doc/html/man3/OSSL_CRMF_pbmp_new.html doc/html/man3/OSSL_DESERIALIZER.html doc/html/man3/OSSL_DESERIALIZER_CTX.html doc/html/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.html doc/html/man3/OSSL_DESERIALIZER_from_bio.html doc/html/man3/OSSL_HTTP_transfer.html doc/html/man3/OSSL_PARAM.html doc/html/man3/OSSL_PARAM_BLD.html doc/html/man3/OSSL_PARAM_allocate_from_text.html doc/html/man3/OSSL_PARAM_int.html doc/html/man3/OSSL_PROVIDER.html doc/html/man3/OSSL_SELF_TEST_new.html doc/html/man3/OSSL_SELF_TEST_set_callback.html doc/html/man3/OSSL_SERIALIZER.html doc/html/man3/OSSL_SERIALIZER_CTX.html doc/html/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.html doc/html/man3/OSSL_SERIALIZER_to_bio.html doc/html/man3/OSSL_STORE_INFO.html doc/html/man3/OSSL_STORE_LOADER.html doc/html/man3/OSSL_STORE_SEARCH.html doc/html/man3/OSSL_STORE_attach.html doc/html/man3/OSSL_STORE_expect.html doc/html/man3/OSSL_STORE_open.html doc/html/man3/OSSL_trace_enabled.html doc/html/man3/OSSL_trace_get_category_num.html doc/html/man3/OSSL_trace_set_channel.html doc/html/man3/OpenSSL_add_all_algorithms.html doc/html/man3/OpenSSL_version.html doc/html/man3/PEM_X509_INFO_read_bio_with_libctx.html doc/html/man3/PEM_bytes_read_bio.html doc/html/man3/PEM_read.html doc/html/man3/PEM_read_CMS.html doc/html/man3/PEM_read_bio_PrivateKey.html doc/html/man3/PEM_read_bio_ex.html doc/html/man3/PEM_write_bio_CMS_stream.html doc/html/man3/PEM_write_bio_PKCS7_stream.html doc/html/man3/PKCS12_SAFEBAG_get0_attrs.html doc/html/man3/PKCS12_add_CSPName_asc.html doc/html/man3/PKCS12_add_friendlyname_asc.html doc/html/man3/PKCS12_add_localkeyid.html doc/html/man3/PKCS12_create.html doc/html/man3/PKCS12_get_friendlyname.html doc/html/man3/PKCS12_newpass.html doc/html/man3/PKCS12_parse.html doc/html/man3/PKCS5_PBKDF2_HMAC.html doc/html/man3/PKCS7_decrypt.html doc/html/man3/PKCS7_encrypt.html doc/html/man3/PKCS7_sign.html doc/html/man3/PKCS7_sign_add_signer.html doc/html/man3/PKCS7_verify.html doc/html/man3/PKCS8_pkey_add1_attr.html doc/html/man3/RAND_DRBG_generate.html doc/html/man3/RAND_DRBG_get0_public.html doc/html/man3/RAND_DRBG_new.html doc/html/man3/RAND_DRBG_reseed.html doc/html/man3/RAND_DRBG_set_callbacks.html doc/html/man3/RAND_add.html doc/html/man3/RAND_bytes.html doc/html/man3/RAND_cleanup.html doc/html/man3/RAND_egd.html doc/html/man3/RAND_load_file.html doc/html/man3/RAND_set_rand_method.html doc/html/man3/RC4_set_key.html doc/html/man3/RIPEMD160_Init.html doc/html/man3/RSA_blinding_on.html doc/html/man3/RSA_check_key.html doc/html/man3/RSA_generate_key.html doc/html/man3/RSA_get0_key.html doc/html/man3/RSA_meth_new.html doc/html/man3/RSA_new.html doc/html/man3/RSA_padding_add_PKCS1_type_1.html doc/html/man3/RSA_print.html doc/html/man3/RSA_private_encrypt.html doc/html/man3/RSA_public_encrypt.html doc/html/man3/RSA_set_method.html doc/html/man3/RSA_sign.html doc/html/man3/RSA_sign_ASN1_OCTET_STRING.html doc/html/man3/RSA_size.html doc/html/man3/SCT_new.html doc/html/man3/SCT_print.html doc/html/man3/SCT_validate.html doc/html/man3/SHA256_Init.html doc/html/man3/SMIME_read_CMS.html doc/html/man3/SMIME_read_PKCS7.html doc/html/man3/SMIME_write_CMS.html doc/html/man3/SMIME_write_PKCS7.html doc/html/man3/SRP_Calc_B.html doc/html/man3/SRP_VBASE_new.html doc/html/man3/SRP_create_verifier.html doc/html/man3/SRP_user_pwd_new.html doc/html/man3/SSL_CIPHER_get_name.html doc/html/man3/SSL_COMP_add_compression_method.html doc/html/man3/SSL_CONF_CTX_new.html doc/html/man3/SSL_CONF_CTX_set1_prefix.html doc/html/man3/SSL_CONF_CTX_set_flags.html doc/html/man3/SSL_CONF_CTX_set_ssl_ctx.html doc/html/man3/SSL_CONF_cmd.html doc/html/man3/SSL_CONF_cmd_argv.html doc/html/man3/SSL_CTX_add1_chain_cert.html doc/html/man3/SSL_CTX_add_extra_chain_cert.html doc/html/man3/SSL_CTX_add_session.html doc/html/man3/SSL_CTX_config.html doc/html/man3/SSL_CTX_ctrl.html doc/html/man3/SSL_CTX_dane_enable.html doc/html/man3/SSL_CTX_flush_sessions.html doc/html/man3/SSL_CTX_free.html doc/html/man3/SSL_CTX_get0_param.html doc/html/man3/SSL_CTX_get_verify_mode.html doc/html/man3/SSL_CTX_has_client_custom_ext.html doc/html/man3/SSL_CTX_load_verify_locations.html doc/html/man3/SSL_CTX_new.html doc/html/man3/SSL_CTX_sess_number.html doc/html/man3/SSL_CTX_sess_set_cache_size.html doc/html/man3/SSL_CTX_sess_set_get_cb.html doc/html/man3/SSL_CTX_sessions.html doc/html/man3/SSL_CTX_set0_CA_list.html doc/html/man3/SSL_CTX_set1_curves.html doc/html/man3/SSL_CTX_set1_sigalgs.html doc/html/man3/SSL_CTX_set1_verify_cert_store.html doc/html/man3/SSL_CTX_set_alpn_select_cb.html doc/html/man3/SSL_CTX_set_cert_cb.html doc/html/man3/SSL_CTX_set_cert_store.html doc/html/man3/SSL_CTX_set_cert_verify_callback.html doc/html/man3/SSL_CTX_set_cipher_list.html doc/html/man3/SSL_CTX_set_client_cert_cb.html doc/html/man3/SSL_CTX_set_client_hello_cb.html doc/html/man3/SSL_CTX_set_ct_validation_callback.html doc/html/man3/SSL_CTX_set_ctlog_list_file.html doc/html/man3/SSL_CTX_set_default_passwd_cb.html doc/html/man3/SSL_CTX_set_generate_session_id.html doc/html/man3/SSL_CTX_set_info_callback.html doc/html/man3/SSL_CTX_set_keylog_callback.html doc/html/man3/SSL_CTX_set_max_cert_list.html doc/html/man3/SSL_CTX_set_min_proto_version.html doc/html/man3/SSL_CTX_set_mode.html doc/html/man3/SSL_CTX_set_msg_callback.html doc/html/man3/SSL_CTX_set_num_tickets.html doc/html/man3/SSL_CTX_set_options.html doc/html/man3/SSL_CTX_set_psk_client_callback.html doc/html/man3/SSL_CTX_set_quiet_shutdown.html doc/html/man3/SSL_CTX_set_read_ahead.html doc/html/man3/SSL_CTX_set_record_padding_callback.html doc/html/man3/SSL_CTX_set_security_level.html doc/html/man3/SSL_CTX_set_session_cache_mode.html doc/html/man3/SSL_CTX_set_session_id_context.html doc/html/man3/SSL_CTX_set_session_ticket_cb.html doc/html/man3/SSL_CTX_set_split_send_fragment.html doc/html/man3/SSL_CTX_set_srp_password.html doc/html/man3/SSL_CTX_set_ssl_version.html doc/html/man3/SSL_CTX_set_stateless_cookie_generate_cb.html doc/html/man3/SSL_CTX_set_timeout.html doc/html/man3/SSL_CTX_set_tlsext_servername_callback.html doc/html/man3/SSL_CTX_set_tlsext_status_cb.html doc/html/man3/SSL_CTX_set_tlsext_ticket_key_cb.html doc/html/man3/SSL_CTX_set_tlsext_use_srtp.html doc/html/man3/SSL_CTX_set_tmp_dh_callback.html doc/html/man3/SSL_CTX_set_tmp_ecdh.html doc/html/man3/SSL_CTX_set_verify.html doc/html/man3/SSL_CTX_use_certificate.html doc/html/man3/SSL_CTX_use_psk_identity_hint.html doc/html/man3/SSL_CTX_use_serverinfo.html doc/html/man3/SSL_SESSION_free.html doc/html/man3/SSL_SESSION_get0_cipher.html doc/html/man3/SSL_SESSION_get0_hostname.html doc/html/man3/SSL_SESSION_get0_id_context.html doc/html/man3/SSL_SESSION_get0_peer.html doc/html/man3/SSL_SESSION_get_compress_id.html doc/html/man3/SSL_SESSION_get_protocol_version.html doc/html/man3/SSL_SESSION_get_time.html doc/html/man3/SSL_SESSION_has_ticket.html doc/html/man3/SSL_SESSION_is_resumable.html doc/html/man3/SSL_SESSION_print.html doc/html/man3/SSL_SESSION_set1_id.html doc/html/man3/SSL_accept.html doc/html/man3/SSL_alert_type_string.html doc/html/man3/SSL_alloc_buffers.html doc/html/man3/SSL_check_chain.html doc/html/man3/SSL_clear.html doc/html/man3/SSL_connect.html doc/html/man3/SSL_do_handshake.html doc/html/man3/SSL_export_keying_material.html doc/html/man3/SSL_extension_supported.html doc/html/man3/SSL_free.html doc/html/man3/SSL_get0_peer_scts.html doc/html/man3/SSL_get_SSL_CTX.html doc/html/man3/SSL_get_all_async_fds.html doc/html/man3/SSL_get_ciphers.html doc/html/man3/SSL_get_client_random.html doc/html/man3/SSL_get_current_cipher.html doc/html/man3/SSL_get_default_timeout.html doc/html/man3/SSL_get_error.html doc/html/man3/SSL_get_extms_support.html doc/html/man3/SSL_get_fd.html doc/html/man3/SSL_get_peer_cert_chain.html doc/html/man3/SSL_get_peer_certificate.html doc/html/man3/SSL_get_peer_signature_nid.html doc/html/man3/SSL_get_peer_tmp_key.html doc/html/man3/SSL_get_psk_identity.html doc/html/man3/SSL_get_rbio.html doc/html/man3/SSL_get_session.html doc/html/man3/SSL_get_shared_sigalgs.html doc/html/man3/SSL_get_verify_result.html doc/html/man3/SSL_get_version.html doc/html/man3/SSL_in_init.html doc/html/man3/SSL_key_update.html doc/html/man3/SSL_library_init.html doc/html/man3/SSL_load_client_CA_file.html doc/html/man3/SSL_new.html doc/html/man3/SSL_pending.html doc/html/man3/SSL_read.html doc/html/man3/SSL_read_early_data.html doc/html/man3/SSL_rstate_string.html doc/html/man3/SSL_session_reused.html doc/html/man3/SSL_set1_host.html doc/html/man3/SSL_set_async_callback.html doc/html/man3/SSL_set_bio.html doc/html/man3/SSL_set_connect_state.html doc/html/man3/SSL_set_fd.html doc/html/man3/SSL_set_session.html doc/html/man3/SSL_set_shutdown.html doc/html/man3/SSL_set_verify_result.html doc/html/man3/SSL_shutdown.html doc/html/man3/SSL_state_string.html doc/html/man3/SSL_want.html doc/html/man3/SSL_write.html doc/html/man3/TS_VERIFY_CTX_set_certs.html doc/html/man3/UI_STRING.html doc/html/man3/UI_UTIL_read_pw.html doc/html/man3/UI_create_method.html doc/html/man3/UI_new.html doc/html/man3/X509V3_get_d2i.html doc/html/man3/X509_ALGOR_dup.html doc/html/man3/X509_CRL_get0_by_serial.html doc/html/man3/X509_EXTENSION_set_object.html doc/html/man3/X509_LOOKUP.html doc/html/man3/X509_LOOKUP_hash_dir.html doc/html/man3/X509_LOOKUP_meth_new.html doc/html/man3/X509_NAME_ENTRY_get_object.html doc/html/man3/X509_NAME_add_entry_by_txt.html doc/html/man3/X509_NAME_get0_der.html doc/html/man3/X509_NAME_get_index_by_NID.html doc/html/man3/X509_NAME_print_ex.html doc/html/man3/X509_PUBKEY_new.html doc/html/man3/X509_SIG_get0.html doc/html/man3/X509_STORE_CTX_get_error.html doc/html/man3/X509_STORE_CTX_new.html doc/html/man3/X509_STORE_CTX_set_verify_cb.html doc/html/man3/X509_STORE_add_cert.html doc/html/man3/X509_STORE_get0_param.html doc/html/man3/X509_STORE_new.html doc/html/man3/X509_STORE_set_verify_cb_func.html doc/html/man3/X509_VERIFY_PARAM_set_flags.html doc/html/man3/X509_check_ca.html doc/html/man3/X509_check_host.html doc/html/man3/X509_check_issued.html doc/html/man3/X509_check_private_key.html doc/html/man3/X509_check_purpose.html doc/html/man3/X509_cmp.html doc/html/man3/X509_cmp_time.html doc/html/man3/X509_digest.html doc/html/man3/X509_dup.html doc/html/man3/X509_get0_distinguishing_id.html doc/html/man3/X509_get0_notBefore.html doc/html/man3/X509_get0_signature.html doc/html/man3/X509_get0_uids.html doc/html/man3/X509_get_extension_flags.html doc/html/man3/X509_get_pubkey.html doc/html/man3/X509_get_serialNumber.html doc/html/man3/X509_get_subject_name.html doc/html/man3/X509_get_version.html doc/html/man3/X509_load_http.html doc/html/man3/X509_new.html doc/html/man3/X509_sign.html doc/html/man3/X509_verify.html doc/html/man3/X509_verify_cert.html doc/html/man3/X509v3_get_ext_by_NID.html doc/html/man3/d2i_DHparams.html doc/html/man3/d2i_PKCS8PrivateKey_bio.html doc/html/man3/d2i_PrivateKey.html doc/html/man3/d2i_SSL_SESSION.html doc/html/man3/d2i_X509.html doc/html/man3/i2d_CMS_bio_stream.html doc/html/man3/i2d_PKCS7_bio_stream.html doc/html/man3/i2d_re_X509_tbs.html doc/html/man3/o2i_SCT_LIST.html doc/html/man3/s2i_ASN1_IA5STRING.html doc/html/man5/config.html doc/html/man5/fips_config.html doc/html/man5/x509v3_config.html doc/html/man7/EVP_KDF-HKDF.html doc/html/man7/EVP_KDF-KB.html doc/html/man7/EVP_KDF-KRB5KDF.html doc/html/man7/EVP_KDF-PBKDF2.html doc/html/man7/EVP_KDF-SCRYPT.html doc/html/man7/EVP_KDF-SS.html doc/html/man7/EVP_KDF-SSHKDF.html doc/html/man7/EVP_KDF-TLS1_PRF.html doc/html/man7/EVP_KDF-X942.html doc/html/man7/EVP_KDF-X963.html doc/html/man7/EVP_KEYEXCH-DH.html doc/html/man7/EVP_KEYEXCH-ECDH.html doc/html/man7/EVP_KEYEXCH-X25519.html doc/html/man7/EVP_MAC-BLAKE2.html doc/html/man7/EVP_MAC-CMAC.html doc/html/man7/EVP_MAC-GMAC.html doc/html/man7/EVP_MAC-HMAC.html doc/html/man7/EVP_MAC-KMAC.html doc/html/man7/EVP_MAC-Poly1305.html doc/html/man7/EVP_MAC-Siphash.html doc/html/man7/EVP_MD-BLAKE2.html doc/html/man7/EVP_MD-MD2.html doc/html/man7/EVP_MD-MD4.html doc/html/man7/EVP_MD-MD5-SHA1.html doc/html/man7/EVP_MD-MD5.html doc/html/man7/EVP_MD-MDC2.html doc/html/man7/EVP_MD-RIPEMD160.html doc/html/man7/EVP_MD-SHA1.html doc/html/man7/EVP_MD-SHA2.html doc/html/man7/EVP_MD-SHA3.html doc/html/man7/EVP_MD-SHAKE.html doc/html/man7/EVP_MD-SM3.html doc/html/man7/EVP_MD-WHIRLPOOL.html doc/html/man7/EVP_MD-common.html doc/html/man7/EVP_PKEY-DH.html doc/html/man7/EVP_PKEY-DSA.html doc/html/man7/EVP_PKEY-EC.html doc/html/man7/EVP_PKEY-FFC.html doc/html/man7/EVP_PKEY-RSA.html doc/html/man7/EVP_PKEY-X25519.html doc/html/man7/EVP_RAND-CTR-DRBG.html doc/html/man7/EVP_RAND-HASH-DRBG.html doc/html/man7/EVP_RAND-HMAC-DRBG.html doc/html/man7/EVP_RAND-TEST-RAND.html doc/html/man7/EVP_SIGNATURE-DSA.html doc/html/man7/EVP_SIGNATURE-ECDSA.html doc/html/man7/EVP_SIGNATURE-ED25519.html doc/html/man7/EVP_SIGNATURE-RSA.html doc/html/man7/OSSL_PROVIDER-FIPS.html doc/html/man7/OSSL_PROVIDER-base.html doc/html/man7/OSSL_PROVIDER-default.html doc/html/man7/OSSL_PROVIDER-legacy.html doc/html/man7/OSSL_PROVIDER-null.html doc/html/man7/RAND.html doc/html/man7/RAND_DRBG.html doc/html/man7/RSA-PSS.html doc/html/man7/SM2.html doc/html/man7/X25519.html doc/html/man7/bio.html doc/html/man7/crypto.html doc/html/man7/ct.html doc/html/man7/des_modes.html doc/html/man7/evp.html doc/html/man7/openssl-core.h.html doc/html/man7/openssl-core_dispatch.h.html doc/html/man7/openssl-core_names.h.html doc/html/man7/openssl-env.html doc/html/man7/openssl_user_macros.html doc/html/man7/ossl_store-file.html doc/html/man7/ossl_store.html doc/html/man7/passphrase-encoding.html doc/html/man7/property.html doc/html/man7/provider-asym_cipher.html doc/html/man7/provider-base.html doc/html/man7/provider-cipher.html doc/html/man7/provider-digest.html doc/html/man7/provider-keyexch.html doc/html/man7/provider-keymgmt.html doc/html/man7/provider-mac.html doc/html/man7/provider-rand.html doc/html/man7/provider-serializer.html doc/html/man7/provider-signature.html doc/html/man7/provider.html doc/html/man7/proxy-certificates.html doc/html/man7/ssl.html doc/html/man7/x509.html
rm -f doc/man/man1/CA.pl.1 doc/man/man1/openssl-asn1parse.1 doc/man/man1/openssl-ca.1 doc/man/man1/openssl-ciphers.1 doc/man/man1/openssl-cmds.1 doc/man/man1/openssl-cmp.1 doc/man/man1/openssl-cms.1 doc/man/man1/openssl-crl.1 doc/man/man1/openssl-crl2pkcs7.1 doc/man/man1/openssl-dgst.1 doc/man/man1/openssl-dhparam.1 doc/man/man1/openssl-dsa.1 doc/man/man1/openssl-dsaparam.1 doc/man/man1/openssl-ec.1 doc/man/man1/openssl-ecparam.1 doc/man/man1/openssl-enc.1 doc/man/man1/openssl-engine.1 doc/man/man1/openssl-errstr.1 doc/man/man1/openssl-fipsinstall.1 doc/man/man1/openssl-gendsa.1 doc/man/man1/openssl-genpkey.1 doc/man/man1/openssl-genrsa.1 doc/man/man1/openssl-info.1 doc/man/man1/openssl-kdf.1 doc/man/man1/openssl-list.1 doc/man/man1/openssl-mac.1 doc/man/man1/openssl-nseq.1 doc/man/man1/openssl-ocsp.1 doc/man/man1/openssl-passwd.1 doc/man/man1/openssl-pkcs12.1 doc/man/man1/openssl-pkcs7.1 doc/man/man1/openssl-pkcs8.1 doc/man/man1/openssl-pkey.1 doc/man/man1/openssl-pkeyparam.1 doc/man/man1/openssl-pkeyutl.1 doc/man/man1/openssl-prime.1 doc/man/man1/openssl-provider.1 doc/man/man1/openssl-rand.1 doc/man/man1/openssl-rehash.1 doc/man/man1/openssl-req.1 doc/man/man1/openssl-rsa.1 doc/man/man1/openssl-rsautl.1 doc/man/man1/openssl-s_client.1 doc/man/man1/openssl-s_server.1 doc/man/man1/openssl-s_time.1 doc/man/man1/openssl-sess_id.1 doc/man/man1/openssl-smime.1 doc/man/man1/openssl-speed.1 doc/man/man1/openssl-spkac.1 doc/man/man1/openssl-srp.1 doc/man/man1/openssl-storeutl.1 doc/man/man1/openssl-ts.1 doc/man/man1/openssl-verify.1 doc/man/man1/openssl-version.1 doc/man/man1/openssl-x509.1 doc/man/man1/openssl.1 doc/man/man1/tsget.1 doc/man/man3/ADMISSIONS.3 doc/man/man3/ASN1_INTEGER_get_int64.3 doc/man/man3/ASN1_INTEGER_new.3 doc/man/man3/ASN1_ITEM_lookup.3 doc/man/man3/ASN1_OBJECT_new.3 doc/man/man3/ASN1_STRING_TABLE_add.3 doc/man/man3/ASN1_STRING_length.3 doc/man/man3/ASN1_STRING_new.3 doc/man/man3/ASN1_STRING_print_ex.3 doc/man/man3/ASN1_TIME_set.3 doc/man/man3/ASN1_TYPE_get.3 doc/man/man3/ASN1_generate_nconf.3 doc/man/man3/ASYNC_WAIT_CTX_new.3 doc/man/man3/ASYNC_start_job.3 doc/man/man3/BF_encrypt.3 doc/man/man3/BIO_ADDR.3 doc/man/man3/BIO_ADDRINFO.3 doc/man/man3/BIO_connect.3 doc/man/man3/BIO_ctrl.3 doc/man/man3/BIO_f_base64.3 doc/man/man3/BIO_f_buffer.3 doc/man/man3/BIO_f_cipher.3 doc/man/man3/BIO_f_md.3 doc/man/man3/BIO_f_null.3 doc/man/man3/BIO_f_prefix.3 doc/man/man3/BIO_f_ssl.3 doc/man/man3/BIO_find_type.3 doc/man/man3/BIO_get_data.3 doc/man/man3/BIO_get_ex_new_index.3 doc/man/man3/BIO_meth_new.3 doc/man/man3/BIO_new.3 doc/man/man3/BIO_new_CMS.3 doc/man/man3/BIO_parse_hostserv.3 doc/man/man3/BIO_printf.3 doc/man/man3/BIO_push.3 doc/man/man3/BIO_read.3 doc/man/man3/BIO_s_accept.3 doc/man/man3/BIO_s_bio.3 doc/man/man3/BIO_s_connect.3 doc/man/man3/BIO_s_fd.3 doc/man/man3/BIO_s_file.3 doc/man/man3/BIO_s_mem.3 doc/man/man3/BIO_s_null.3 doc/man/man3/BIO_s_socket.3 doc/man/man3/BIO_set_callback.3 doc/man/man3/BIO_should_retry.3 doc/man/man3/BIO_socket_wait.3 doc/man/man3/BN_BLINDING_new.3 doc/man/man3/BN_CTX_new.3 doc/man/man3/BN_CTX_start.3 doc/man/man3/BN_add.3 doc/man/man3/BN_add_word.3 doc/man/man3/BN_bn2bin.3 doc/man/man3/BN_cmp.3 doc/man/man3/BN_copy.3 doc/man/man3/BN_generate_prime.3 doc/man/man3/BN_mod_inverse.3 doc/man/man3/BN_mod_mul_montgomery.3 doc/man/man3/BN_mod_mul_reciprocal.3 doc/man/man3/BN_new.3 doc/man/man3/BN_num_bytes.3 doc/man/man3/BN_rand.3 doc/man/man3/BN_security_bits.3 doc/man/man3/BN_set_bit.3 doc/man/man3/BN_swap.3 doc/man/man3/BN_zero.3 doc/man/man3/BUF_MEM_new.3 doc/man/man3/CMS_EnvelopedData_create.3 doc/man/man3/CMS_add0_cert.3 doc/man/man3/CMS_add1_recipient_cert.3 doc/man/man3/CMS_add1_signer.3 doc/man/man3/CMS_compress.3 doc/man/man3/CMS_decrypt.3 doc/man/man3/CMS_encrypt.3 doc/man/man3/CMS_final.3 doc/man/man3/CMS_get0_RecipientInfos.3 doc/man/man3/CMS_get0_SignerInfos.3 doc/man/man3/CMS_get0_type.3 doc/man/man3/CMS_get1_ReceiptRequest.3 doc/man/man3/CMS_sign.3 doc/man/man3/CMS_sign_receipt.3 doc/man/man3/CMS_uncompress.3 doc/man/man3/CMS_verify.3 doc/man/man3/CMS_verify_receipt.3 doc/man/man3/CONF_modules_free.3 doc/man/man3/CONF_modules_load_file.3 doc/man/man3/CRYPTO_THREAD_run_once.3 doc/man/man3/CRYPTO_get_ex_new_index.3 doc/man/man3/CRYPTO_memcmp.3 doc/man/man3/CTLOG_STORE_get0_log_by_id.3 doc/man/man3/CTLOG_STORE_new.3 doc/man/man3/CTLOG_new.3 doc/man/man3/CT_POLICY_EVAL_CTX_new.3 doc/man/man3/DEFINE_STACK_OF.3 doc/man/man3/DES_random_key.3 doc/man/man3/DH_generate_key.3 doc/man/man3/DH_generate_parameters.3 doc/man/man3/DH_get0_pqg.3 doc/man/man3/DH_get_1024_160.3 doc/man/man3/DH_meth_new.3 doc/man/man3/DH_new.3 doc/man/man3/DH_new_by_nid.3 doc/man/man3/DH_set_method.3 doc/man/man3/DH_size.3 doc/man/man3/DSA_SIG_new.3 doc/man/man3/DSA_do_sign.3 doc/man/man3/DSA_dup_DH.3 doc/man/man3/DSA_generate_key.3 doc/man/man3/DSA_generate_parameters.3 doc/man/man3/DSA_get0_pqg.3 doc/man/man3/DSA_meth_new.3 doc/man/man3/DSA_new.3 doc/man/man3/DSA_set_method.3 doc/man/man3/DSA_sign.3 doc/man/man3/DSA_size.3 doc/man/man3/DTLS_get_data_mtu.3 doc/man/man3/DTLS_set_timer_cb.3 doc/man/man3/DTLSv1_listen.3 doc/man/man3/ECDSA_SIG_new.3 doc/man/man3/ECPKParameters_print.3 doc/man/man3/EC_GFp_simple_method.3 doc/man/man3/EC_GROUP_copy.3 doc/man/man3/EC_GROUP_new.3 doc/man/man3/EC_KEY_get_enc_flags.3 doc/man/man3/EC_KEY_new.3 doc/man/man3/EC_POINT_add.3 doc/man/man3/EC_POINT_new.3 doc/man/man3/ENGINE_add.3 doc/man/man3/ERR_GET_LIB.3 doc/man/man3/ERR_clear_error.3 doc/man/man3/ERR_error_string.3 doc/man/man3/ERR_get_error.3 doc/man/man3/ERR_load_crypto_strings.3 doc/man/man3/ERR_load_strings.3 doc/man/man3/ERR_new.3 doc/man/man3/ERR_print_errors.3 doc/man/man3/ERR_put_error.3 doc/man/man3/ERR_remove_state.3 doc/man/man3/ERR_set_mark.3 doc/man/man3/EVP_ASYM_CIPHER_free.3 doc/man/man3/EVP_BytesToKey.3 doc/man/man3/EVP_CIPHER_CTX_get_cipher_data.3 doc/man/man3/EVP_CIPHER_meth_new.3 doc/man/man3/EVP_DigestInit.3 doc/man/man3/EVP_DigestSignInit.3 doc/man/man3/EVP_DigestVerifyInit.3 doc/man/man3/EVP_EncodeInit.3 doc/man/man3/EVP_EncryptInit.3 doc/man/man3/EVP_KDF.3 doc/man/man3/EVP_KEYEXCH_free.3 doc/man/man3/EVP_KEYMGMT.3 doc/man/man3/EVP_MAC.3 doc/man/man3/EVP_MD_meth_new.3 doc/man/man3/EVP_OpenInit.3 doc/man/man3/EVP_PKEY_ASN1_METHOD.3 doc/man/man3/EVP_PKEY_CTX_ctrl.3 doc/man/man3/EVP_PKEY_CTX_new.3 doc/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3 doc/man/man3/EVP_PKEY_CTX_set_hkdf_md.3 doc/man/man3/EVP_PKEY_CTX_set_params.3 doc/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3 doc/man/man3/EVP_PKEY_CTX_set_scrypt_N.3 doc/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3 doc/man/man3/EVP_PKEY_asn1_get_count.3 doc/man/man3/EVP_PKEY_check.3 doc/man/man3/EVP_PKEY_copy_parameters.3 doc/man/man3/EVP_PKEY_decrypt.3 doc/man/man3/EVP_PKEY_derive.3 doc/man/man3/EVP_PKEY_encrypt.3 doc/man/man3/EVP_PKEY_fromdata.3 doc/man/man3/EVP_PKEY_gen.3 doc/man/man3/EVP_PKEY_get_default_digest_nid.3 doc/man/man3/EVP_PKEY_gettable_params.3 doc/man/man3/EVP_PKEY_is_a.3 doc/man/man3/EVP_PKEY_meth_get_count.3 doc/man/man3/EVP_PKEY_meth_new.3 doc/man/man3/EVP_PKEY_new.3 doc/man/man3/EVP_PKEY_print_private.3 doc/man/man3/EVP_PKEY_set1_RSA.3 doc/man/man3/EVP_PKEY_set_type.3 doc/man/man3/EVP_PKEY_sign.3 doc/man/man3/EVP_PKEY_size.3 doc/man/man3/EVP_PKEY_supports_digest_nid.3 doc/man/man3/EVP_PKEY_verify.3 doc/man/man3/EVP_PKEY_verify_recover.3 doc/man/man3/EVP_RAND.3 doc/man/man3/EVP_SIGNATURE_free.3 doc/man/man3/EVP_SealInit.3 doc/man/man3/EVP_SignInit.3 doc/man/man3/EVP_VerifyInit.3 doc/man/man3/EVP_aes_128_gcm.3 doc/man/man3/EVP_aria_128_gcm.3 doc/man/man3/EVP_bf_cbc.3 doc/man/man3/EVP_blake2b512.3 doc/man/man3/EVP_camellia_128_ecb.3 doc/man/man3/EVP_cast5_cbc.3 doc/man/man3/EVP_chacha20.3 doc/man/man3/EVP_des_cbc.3 doc/man/man3/EVP_desx_cbc.3 doc/man/man3/EVP_idea_cbc.3 doc/man/man3/EVP_md2.3 doc/man/man3/EVP_md4.3 doc/man/man3/EVP_md5.3 doc/man/man3/EVP_mdc2.3 doc/man/man3/EVP_rc2_cbc.3 doc/man/man3/EVP_rc4.3 doc/man/man3/EVP_rc5_32_12_16_cbc.3 doc/man/man3/EVP_ripemd160.3 doc/man/man3/EVP_seed_cbc.3 doc/man/man3/EVP_set_default_properties.3 doc/man/man3/EVP_sha1.3 doc/man/man3/EVP_sha224.3 doc/man/man3/EVP_sha3_224.3 doc/man/man3/EVP_sm3.3 doc/man/man3/EVP_sm4_cbc.3 doc/man/man3/EVP_whirlpool.3 doc/man/man3/HMAC.3 doc/man/man3/MD5.3 doc/man/man3/MDC2_Init.3 doc/man/man3/NCONF_new_with_libctx.3 doc/man/man3/OBJ_nid2obj.3 doc/man/man3/OCSP_REQUEST_new.3 doc/man/man3/OCSP_cert_to_id.3 doc/man/man3/OCSP_request_add1_nonce.3 doc/man/man3/OCSP_resp_find_status.3 doc/man/man3/OCSP_response_status.3 doc/man/man3/OCSP_sendreq_new.3 doc/man/man3/OPENSSL_Applink.3 doc/man/man3/OPENSSL_CTX.3 doc/man/man3/OPENSSL_FILE.3 doc/man/man3/OPENSSL_LH_COMPFUNC.3 doc/man/man3/OPENSSL_LH_stats.3 doc/man/man3/OPENSSL_config.3 doc/man/man3/OPENSSL_fork_prepare.3 doc/man/man3/OPENSSL_hexchar2int.3 doc/man/man3/OPENSSL_ia32cap.3 doc/man/man3/OPENSSL_init_crypto.3 doc/man/man3/OPENSSL_init_ssl.3 doc/man/man3/OPENSSL_instrument_bus.3 doc/man/man3/OPENSSL_load_builtin_modules.3 doc/man/man3/OPENSSL_malloc.3 doc/man/man3/OPENSSL_s390xcap.3 doc/man/man3/OPENSSL_secure_malloc.3 doc/man/man3/OSSL_CMP_CTX_new.3 doc/man/man3/OSSL_CMP_HDR_get0_transactionID.3 doc/man/man3/OSSL_CMP_ITAV_set0.3 doc/man/man3/OSSL_CMP_MSG_get0_header.3 doc/man/man3/OSSL_CMP_MSG_http_perform.3 doc/man/man3/OSSL_CMP_SRV_CTX_new.3 doc/man/man3/OSSL_CMP_STATUSINFO_new.3 doc/man/man3/OSSL_CMP_exec_certreq.3 doc/man/man3/OSSL_CMP_log_open.3 doc/man/man3/OSSL_CMP_validate_msg.3 doc/man/man3/OSSL_CRMF_MSG_get0_tmpl.3 doc/man/man3/OSSL_CRMF_MSG_set0_validity.3 doc/man/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.3 doc/man/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.3 doc/man/man3/OSSL_CRMF_pbmp_new.3 doc/man/man3/OSSL_DESERIALIZER.3 doc/man/man3/OSSL_DESERIALIZER_CTX.3 doc/man/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_DESERIALIZER_from_bio.3 doc/man/man3/OSSL_HTTP_transfer.3 doc/man/man3/OSSL_PARAM.3 doc/man/man3/OSSL_PARAM_BLD.3 doc/man/man3/OSSL_PARAM_allocate_from_text.3 doc/man/man3/OSSL_PARAM_int.3 doc/man/man3/OSSL_PROVIDER.3 doc/man/man3/OSSL_SELF_TEST_new.3 doc/man/man3/OSSL_SELF_TEST_set_callback.3 doc/man/man3/OSSL_SERIALIZER.3 doc/man/man3/OSSL_SERIALIZER_CTX.3 doc/man/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_SERIALIZER_to_bio.3 doc/man/man3/OSSL_STORE_INFO.3 doc/man/man3/OSSL_STORE_LOADER.3 doc/man/man3/OSSL_STORE_SEARCH.3 doc/man/man3/OSSL_STORE_attach.3 doc/man/man3/OSSL_STORE_expect.3 doc/man/man3/OSSL_STORE_open.3 doc/man/man3/OSSL_trace_enabled.3 doc/man/man3/OSSL_trace_get_category_num.3 doc/man/man3/OSSL_trace_set_channel.3 doc/man/man3/OpenSSL_add_all_algorithms.3 doc/man/man3/OpenSSL_version.3 doc/man/man3/PEM_X509_INFO_read_bio_with_libctx.3 doc/man/man3/PEM_bytes_read_bio.3 doc/man/man3/PEM_read.3 doc/man/man3/PEM_read_CMS.3 doc/man/man3/PEM_read_bio_PrivateKey.3 doc/man/man3/PEM_read_bio_ex.3 doc/man/man3/PEM_write_bio_CMS_stream.3 doc/man/man3/PEM_write_bio_PKCS7_stream.3 doc/man/man3/PKCS12_SAFEBAG_get0_attrs.3 doc/man/man3/PKCS12_add_CSPName_asc.3 doc/man/man3/PKCS12_add_friendlyname_asc.3 doc/man/man3/PKCS12_add_localkeyid.3 doc/man/man3/PKCS12_create.3 doc/man/man3/PKCS12_get_friendlyname.3 doc/man/man3/PKCS12_newpass.3 doc/man/man3/PKCS12_parse.3 doc/man/man3/PKCS5_PBKDF2_HMAC.3 doc/man/man3/PKCS7_decrypt.3 doc/man/man3/PKCS7_encrypt.3 doc/man/man3/PKCS7_sign.3 doc/man/man3/PKCS7_sign_add_signer.3 doc/man/man3/PKCS7_verify.3 doc/man/man3/PKCS8_pkey_add1_attr.3 doc/man/man3/RAND_DRBG_generate.3 doc/man/man3/RAND_DRBG_get0_public.3 doc/man/man3/RAND_DRBG_new.3 doc/man/man3/RAND_DRBG_reseed.3 doc/man/man3/RAND_DRBG_set_callbacks.3 doc/man/man3/RAND_add.3 doc/man/man3/RAND_bytes.3 doc/man/man3/RAND_cleanup.3 doc/man/man3/RAND_egd.3 doc/man/man3/RAND_load_file.3 doc/man/man3/RAND_set_rand_method.3 doc/man/man3/RC4_set_key.3 doc/man/man3/RIPEMD160_Init.3 doc/man/man3/RSA_blinding_on.3 doc/man/man3/RSA_check_key.3 doc/man/man3/RSA_generate_key.3 doc/man/man3/RSA_get0_key.3 doc/man/man3/RSA_meth_new.3 doc/man/man3/RSA_new.3 doc/man/man3/RSA_padding_add_PKCS1_type_1.3 doc/man/man3/RSA_print.3 doc/man/man3/RSA_private_encrypt.3 doc/man/man3/RSA_public_encrypt.3 doc/man/man3/RSA_set_method.3 doc/man/man3/RSA_sign.3 doc/man/man3/RSA_sign_ASN1_OCTET_STRING.3 doc/man/man3/RSA_size.3 doc/man/man3/SCT_new.3 doc/man/man3/SCT_print.3 doc/man/man3/SCT_validate.3 doc/man/man3/SHA256_Init.3 doc/man/man3/SMIME_read_CMS.3 doc/man/man3/SMIME_read_PKCS7.3 doc/man/man3/SMIME_write_CMS.3 doc/man/man3/SMIME_write_PKCS7.3 doc/man/man3/SRP_Calc_B.3 doc/man/man3/SRP_VBASE_new.3 doc/man/man3/SRP_create_verifier.3 doc/man/man3/SRP_user_pwd_new.3 doc/man/man3/SSL_CIPHER_get_name.3 doc/man/man3/SSL_COMP_add_compression_method.3 doc/man/man3/SSL_CONF_CTX_new.3 doc/man/man3/SSL_CONF_CTX_set1_prefix.3 doc/man/man3/SSL_CONF_CTX_set_flags.3 doc/man/man3/SSL_CONF_CTX_set_ssl_ctx.3 doc/man/man3/SSL_CONF_cmd.3 doc/man/man3/SSL_CONF_cmd_argv.3 doc/man/man3/SSL_CTX_add1_chain_cert.3 doc/man/man3/SSL_CTX_add_extra_chain_cert.3 doc/man/man3/SSL_CTX_add_session.3 doc/man/man3/SSL_CTX_config.3 doc/man/man3/SSL_CTX_ctrl.3 doc/man/man3/SSL_CTX_dane_enable.3 doc/man/man3/SSL_CTX_flush_sessions.3 doc/man/man3/SSL_CTX_free.3 doc/man/man3/SSL_CTX_get0_param.3 doc/man/man3/SSL_CTX_get_verify_mode.3 doc/man/man3/SSL_CTX_has_client_custom_ext.3 doc/man/man3/SSL_CTX_load_verify_locations.3 doc/man/man3/SSL_CTX_new.3 doc/man/man3/SSL_CTX_sess_number.3 doc/man/man3/SSL_CTX_sess_set_cache_size.3 doc/man/man3/SSL_CTX_sess_set_get_cb.3 doc/man/man3/SSL_CTX_sessions.3 doc/man/man3/SSL_CTX_set0_CA_list.3 doc/man/man3/SSL_CTX_set1_curves.3 doc/man/man3/SSL_CTX_set1_sigalgs.3 doc/man/man3/SSL_CTX_set1_verify_cert_store.3 doc/man/man3/SSL_CTX_set_alpn_select_cb.3 doc/man/man3/SSL_CTX_set_cert_cb.3 doc/man/man3/SSL_CTX_set_cert_store.3 doc/man/man3/SSL_CTX_set_cert_verify_callback.3 doc/man/man3/SSL_CTX_set_cipher_list.3 doc/man/man3/SSL_CTX_set_client_cert_cb.3 doc/man/man3/SSL_CTX_set_client_hello_cb.3 doc/man/man3/SSL_CTX_set_ct_validation_callback.3 doc/man/man3/SSL_CTX_set_ctlog_list_file.3 doc/man/man3/SSL_CTX_set_default_passwd_cb.3 doc/man/man3/SSL_CTX_set_generate_session_id.3 doc/man/man3/SSL_CTX_set_info_callback.3 doc/man/man3/SSL_CTX_set_keylog_callback.3 doc/man/man3/SSL_CTX_set_max_cert_list.3 doc/man/man3/SSL_CTX_set_min_proto_version.3 doc/man/man3/SSL_CTX_set_mode.3 doc/man/man3/SSL_CTX_set_msg_callback.3 doc/man/man3/SSL_CTX_set_num_tickets.3 doc/man/man3/SSL_CTX_set_options.3 doc/man/man3/SSL_CTX_set_psk_client_callback.3 doc/man/man3/SSL_CTX_set_quiet_shutdown.3 doc/man/man3/SSL_CTX_set_read_ahead.3 doc/man/man3/SSL_CTX_set_record_padding_callback.3 doc/man/man3/SSL_CTX_set_security_level.3 doc/man/man3/SSL_CTX_set_session_cache_mode.3 doc/man/man3/SSL_CTX_set_session_id_context.3 doc/man/man3/SSL_CTX_set_session_ticket_cb.3 doc/man/man3/SSL_CTX_set_split_send_fragment.3 doc/man/man3/SSL_CTX_set_srp_password.3 doc/man/man3/SSL_CTX_set_ssl_version.3 doc/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3 doc/man/man3/SSL_CTX_set_timeout.3 doc/man/man3/SSL_CTX_set_tlsext_servername_callback.3 doc/man/man3/SSL_CTX_set_tlsext_status_cb.3 doc/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3 doc/man/man3/SSL_CTX_set_tlsext_use_srtp.3 doc/man/man3/SSL_CTX_set_tmp_dh_callback.3 doc/man/man3/SSL_CTX_set_tmp_ecdh.3 doc/man/man3/SSL_CTX_set_verify.3 doc/man/man3/SSL_CTX_use_certificate.3 doc/man/man3/SSL_CTX_use_psk_identity_hint.3 doc/man/man3/SSL_CTX_use_serverinfo.3 doc/man/man3/SSL_SESSION_free.3 doc/man/man3/SSL_SESSION_get0_cipher.3 doc/man/man3/SSL_SESSION_get0_hostname.3 doc/man/man3/SSL_SESSION_get0_id_context.3 doc/man/man3/SSL_SESSION_get0_peer.3 doc/man/man3/SSL_SESSION_get_compress_id.3 doc/man/man3/SSL_SESSION_get_protocol_version.3 doc/man/man3/SSL_SESSION_get_time.3 doc/man/man3/SSL_SESSION_has_ticket.3 doc/man/man3/SSL_SESSION_is_resumable.3 doc/man/man3/SSL_SESSION_print.3 doc/man/man3/SSL_SESSION_set1_id.3 doc/man/man3/SSL_accept.3 doc/man/man3/SSL_alert_type_string.3 doc/man/man3/SSL_alloc_buffers.3 doc/man/man3/SSL_check_chain.3 doc/man/man3/SSL_clear.3 doc/man/man3/SSL_connect.3 doc/man/man3/SSL_do_handshake.3 doc/man/man3/SSL_export_keying_material.3 doc/man/man3/SSL_extension_supported.3 doc/man/man3/SSL_free.3 doc/man/man3/SSL_get0_peer_scts.3 doc/man/man3/SSL_get_SSL_CTX.3 doc/man/man3/SSL_get_all_async_fds.3 doc/man/man3/SSL_get_ciphers.3 doc/man/man3/SSL_get_client_random.3 doc/man/man3/SSL_get_current_cipher.3 doc/man/man3/SSL_get_default_timeout.3 doc/man/man3/SSL_get_error.3 doc/man/man3/SSL_get_extms_support.3 doc/man/man3/SSL_get_fd.3 doc/man/man3/SSL_get_peer_cert_chain.3 doc/man/man3/SSL_get_peer_certificate.3 doc/man/man3/SSL_get_peer_signature_nid.3 doc/man/man3/SSL_get_peer_tmp_key.3 doc/man/man3/SSL_get_psk_identity.3 doc/man/man3/SSL_get_rbio.3 doc/man/man3/SSL_get_session.3 doc/man/man3/SSL_get_shared_sigalgs.3 doc/man/man3/SSL_get_verify_result.3 doc/man/man3/SSL_get_version.3 doc/man/man3/SSL_in_init.3 doc/man/man3/SSL_key_update.3 doc/man/man3/SSL_library_init.3 doc/man/man3/SSL_load_client_CA_file.3 doc/man/man3/SSL_new.3 doc/man/man3/SSL_pending.3 doc/man/man3/SSL_read.3 doc/man/man3/SSL_read_early_data.3 doc/man/man3/SSL_rstate_string.3 doc/man/man3/SSL_session_reused.3 doc/man/man3/SSL_set1_host.3 doc/man/man3/SSL_set_async_callback.3 doc/man/man3/SSL_set_bio.3 doc/man/man3/SSL_set_connect_state.3 doc/man/man3/SSL_set_fd.3 doc/man/man3/SSL_set_session.3 doc/man/man3/SSL_set_shutdown.3 doc/man/man3/SSL_set_verify_result.3 doc/man/man3/SSL_shutdown.3 doc/man/man3/SSL_state_string.3 doc/man/man3/SSL_want.3 doc/man/man3/SSL_write.3 doc/man/man3/TS_VERIFY_CTX_set_certs.3 doc/man/man3/UI_STRING.3 doc/man/man3/UI_UTIL_read_pw.3 doc/man/man3/UI_create_method.3 doc/man/man3/UI_new.3 doc/man/man3/X509V3_get_d2i.3 doc/man/man3/X509_ALGOR_dup.3 doc/man/man3/X509_CRL_get0_by_serial.3 doc/man/man3/X509_EXTENSION_set_object.3 doc/man/man3/X509_LOOKUP.3 doc/man/man3/X509_LOOKUP_hash_dir.3 doc/man/man3/X509_LOOKUP_meth_new.3 doc/man/man3/X509_NAME_ENTRY_get_object.3 doc/man/man3/X509_NAME_add_entry_by_txt.3 doc/man/man3/X509_NAME_get0_der.3 doc/man/man3/X509_NAME_get_index_by_NID.3 doc/man/man3/X509_NAME_print_ex.3 doc/man/man3/X509_PUBKEY_new.3 doc/man/man3/X509_SIG_get0.3 doc/man/man3/X509_STORE_CTX_get_error.3 doc/man/man3/X509_STORE_CTX_new.3 doc/man/man3/X509_STORE_CTX_set_verify_cb.3 doc/man/man3/X509_STORE_add_cert.3 doc/man/man3/X509_STORE_get0_param.3 doc/man/man3/X509_STORE_new.3 doc/man/man3/X509_STORE_set_verify_cb_func.3 doc/man/man3/X509_VERIFY_PARAM_set_flags.3 doc/man/man3/X509_check_ca.3 doc/man/man3/X509_check_host.3 doc/man/man3/X509_check_issued.3 doc/man/man3/X509_check_private_key.3 doc/man/man3/X509_check_purpose.3 doc/man/man3/X509_cmp.3 doc/man/man3/X509_cmp_time.3 doc/man/man3/X509_digest.3 doc/man/man3/X509_dup.3 doc/man/man3/X509_get0_distinguishing_id.3 doc/man/man3/X509_get0_notBefore.3 doc/man/man3/X509_get0_signature.3 doc/man/man3/X509_get0_uids.3 doc/man/man3/X509_get_extension_flags.3 doc/man/man3/X509_get_pubkey.3 doc/man/man3/X509_get_serialNumber.3 doc/man/man3/X509_get_subject_name.3 doc/man/man3/X509_get_version.3 doc/man/man3/X509_load_http.3 doc/man/man3/X509_new.3 doc/man/man3/X509_sign.3 doc/man/man3/X509_verify.3 doc/man/man3/X509_verify_cert.3 doc/man/man3/X509v3_get_ext_by_NID.3 doc/man/man3/d2i_DHparams.3 doc/man/man3/d2i_PKCS8PrivateKey_bio.3 doc/man/man3/d2i_PrivateKey.3 doc/man/man3/d2i_SSL_SESSION.3 doc/man/man3/d2i_X509.3 doc/man/man3/i2d_CMS_bio_stream.3 doc/man/man3/i2d_PKCS7_bio_stream.3 doc/man/man3/i2d_re_X509_tbs.3 doc/man/man3/o2i_SCT_LIST.3 doc/man/man3/s2i_ASN1_IA5STRING.3 doc/man/man5/config.5 doc/man/man5/fips_config.5 doc/man/man5/x509v3_config.5 doc/man/man7/EVP_KDF-HKDF.7 doc/man/man7/EVP_KDF-KB.7 doc/man/man7/EVP_KDF-KRB5KDF.7 doc/man/man7/EVP_KDF-PBKDF2.7 doc/man/man7/EVP_KDF-SCRYPT.7 doc/man/man7/EVP_KDF-SS.7 doc/man/man7/EVP_KDF-SSHKDF.7 doc/man/man7/EVP_KDF-TLS1_PRF.7 doc/man/man7/EVP_KDF-X942.7 doc/man/man7/EVP_KDF-X963.7 doc/man/man7/EVP_KEYEXCH-DH.7 doc/man/man7/EVP_KEYEXCH-ECDH.7 doc/man/man7/EVP_KEYEXCH-X25519.7 doc/man/man7/EVP_MAC-BLAKE2.7 doc/man/man7/EVP_MAC-CMAC.7 doc/man/man7/EVP_MAC-GMAC.7 doc/man/man7/EVP_MAC-HMAC.7 doc/man/man7/EVP_MAC-KMAC.7 doc/man/man7/EVP_MAC-Poly1305.7 doc/man/man7/EVP_MAC-Siphash.7 doc/man/man7/EVP_MD-BLAKE2.7 doc/man/man7/EVP_MD-MD2.7 doc/man/man7/EVP_MD-MD4.7 doc/man/man7/EVP_MD-MD5-SHA1.7 doc/man/man7/EVP_MD-MD5.7 doc/man/man7/EVP_MD-MDC2.7 doc/man/man7/EVP_MD-RIPEMD160.7 doc/man/man7/EVP_MD-SHA1.7 doc/man/man7/EVP_MD-SHA2.7 doc/man/man7/EVP_MD-SHA3.7 doc/man/man7/EVP_MD-SHAKE.7 doc/man/man7/EVP_MD-SM3.7 doc/man/man7/EVP_MD-WHIRLPOOL.7 doc/man/man7/EVP_MD-common.7 doc/man/man7/EVP_PKEY-DH.7 doc/man/man7/EVP_PKEY-DSA.7 doc/man/man7/EVP_PKEY-EC.7 doc/man/man7/EVP_PKEY-FFC.7 doc/man/man7/EVP_PKEY-RSA.7 doc/man/man7/EVP_PKEY-X25519.7 doc/man/man7/EVP_RAND-CTR-DRBG.7 doc/man/man7/EVP_RAND-HASH-DRBG.7 doc/man/man7/EVP_RAND-HMAC-DRBG.7 doc/man/man7/EVP_RAND-TEST-RAND.7 doc/man/man7/EVP_SIGNATURE-DSA.7 doc/man/man7/EVP_SIGNATURE-ECDSA.7 doc/man/man7/EVP_SIGNATURE-ED25519.7 doc/man/man7/EVP_SIGNATURE-RSA.7 doc/man/man7/OSSL_PROVIDER-FIPS.7 doc/man/man7/OSSL_PROVIDER-base.7 doc/man/man7/OSSL_PROVIDER-default.7 doc/man/man7/OSSL_PROVIDER-legacy.7 doc/man/man7/OSSL_PROVIDER-null.7 doc/man/man7/RAND.7 doc/man/man7/RAND_DRBG.7 doc/man/man7/RSA-PSS.7 doc/man/man7/SM2.7 doc/man/man7/X25519.7 doc/man/man7/bio.7 doc/man/man7/crypto.7 doc/man/man7/ct.7 doc/man/man7/des_modes.7 doc/man/man7/evp.7 doc/man/man7/openssl-core.h.7 doc/man/man7/openssl-core_dispatch.h.7 doc/man/man7/openssl-core_names.h.7 doc/man/man7/openssl-env.7 doc/man/man7/openssl_user_macros.7 doc/man/man7/ossl_store-file.7 doc/man/man7/ossl_store.7 doc/man/man7/passphrase-encoding.7 doc/man/man7/property.7 doc/man/man7/provider-asym_cipher.7 doc/man/man7/provider-base.7 doc/man/man7/provider-cipher.7 doc/man/man7/provider-digest.7 doc/man/man7/provider-keyexch.7 doc/man/man7/provider-keymgmt.7 doc/man/man7/provider-mac.7 doc/man/man7/provider-rand.7 doc/man/man7/provider-serializer.7 doc/man/man7/provider-signature.7 doc/man/man7/provider.7 doc/man/man7/proxy-certificates.7 doc/man/man7/ssl.7 doc/man/man7/x509.7
rm -f apps/openssl fuzz/asn1-test fuzz/asn1parse-test fuzz/bignum-test fuzz/bndiv-test fuzz/client-test fuzz/cmp-test fuzz/cms-test fuzz/conf-test fuzz/crl-test fuzz/ct-test fuzz/server-test fuzz/x509-test test/aborttest test/acvp_test test/aesgcmtest test/afalgtest test/asn1_decode_test test/asn1_dsa_internal_test test/asn1_encode_test test/asn1_internal_test test/asn1_string_table_test test/asn1_time_test test/asynciotest test/asynctest test/bad_dtls_test test/bftest test/bio_callback_test test/bio_enc_test test/bio_memleak_test test/bio_prefix_text test/bioprinttest test/bn_internal_test test/bntest test/buildtest_c_aes test/buildtest_c_asn1 test/buildtest_c_asn1t test/buildtest_c_async test/buildtest_c_bio test/buildtest_c_blowfish test/buildtest_c_bn test/buildtest_c_buffer test/buildtest_c_camellia test/buildtest_c_cast test/buildtest_c_cmac test/buildtest_c_cmp test/buildtest_c_cmp_util test/buildtest_c_cms test/buildtest_c_comp test/buildtest_c_conf test/buildtest_c_conf_api test/buildtest_c_core test/buildtest_c_core_dispatch test/buildtest_c_core_names test/buildtest_c_crmf test/buildtest_c_crypto test/buildtest_c_ct test/buildtest_c_des test/buildtest_c_deserializer test/buildtest_c_dh test/buildtest_c_dsa test/buildtest_c_dtls1 test/buildtest_c_e_os2 test/buildtest_c_ebcdic test/buildtest_c_ec test/buildtest_c_ecdh test/buildtest_c_ecdsa test/buildtest_c_engine test/buildtest_c_ess test/buildtest_c_evp test/buildtest_c_fips_names test/buildtest_c_hmac test/buildtest_c_http test/buildtest_c_idea test/buildtest_c_kdf test/buildtest_c_lhash test/buildtest_c_macros test/buildtest_c_md4 test/buildtest_c_md5 test/buildtest_c_mdc2 test/buildtest_c_modes test/buildtest_c_obj_mac test/buildtest_c_objects test/buildtest_c_ocsp test/buildtest_c_ossl_typ test/buildtest_c_param_build test/buildtest_c_params test/buildtest_c_pem test/buildtest_c_pem2 test/buildtest_c_pkcs12 test/buildtest_c_pkcs7 test/buildtest_c_provider test/buildtest_c_rand test/buildtest_c_rand_drbg test/buildtest_c_rc2 test/buildtest_c_rc4 test/buildtest_c_ripemd test/buildtest_c_rsa test/buildtest_c_safestack test/buildtest_c_seed test/buildtest_c_self_test test/buildtest_c_serializer test/buildtest_c_sha test/buildtest_c_srp test/buildtest_c_srtp test/buildtest_c_ssl test/buildtest_c_ssl2 test/buildtest_c_stack test/buildtest_c_store test/buildtest_c_symhacks test/buildtest_c_tls1 test/buildtest_c_ts test/buildtest_c_txt_db test/buildtest_c_types test/buildtest_c_ui test/buildtest_c_whrlpool test/buildtest_c_x509 test/buildtest_c_x509_vfy test/buildtest_c_x509v3 test/casttest test/chacha_internal_test test/cipher_overhead_test test/cipherbytes_test test/cipherlist_test test/ciphername_test test/clienthellotest test/cmactest test/cmp_asn_test test/cmp_client_test test/cmp_ctx_test test/cmp_hdr_test test/cmp_msg_test test/cmp_protect_test test/cmp_server_test test/cmp_status_test test/cmp_vfy_test test/cmsapitest test/conf_include_test test/confdump test/constant_time_test test/context_internal_test test/crltest test/ct_test test/ctype_internal_test test/curve448_internal_test test/d2i_test test/danetest test/destest test/dhtest test/drbg_cavs_test test/drbg_extra_test test/drbgtest test/dsa_no_digest_size_test test/dsatest test/dtls_mtu_test test/dtlstest test/dtlsv1listentest test/ec_internal_test test/ecdsatest test/ecstresstest test/ectest test/enginetest test/errtest test/evp_extra_test test/evp_extra_test2 test/evp_fetch_prov_test test/evp_kdf_test test/evp_libctx_test test/evp_pkey_dparams_test test/evp_pkey_provided_test test/evp_test test/exdatatest test/exptest test/fatalerrtest test/ffc_internal_test test/gmdifftest test/gosttest test/hexstr_test test/hmactest test/http_test test/ideatest test/igetest test/keymgmt_internal_test test/lhash_test test/mdc2_internal_test test/mdc2test test/memleaktest test/modes_internal_test test/namemap_internal_test test/ocspapitest test/packettest test/param_build_test test/params_api_test test/params_conversion_test test/params_test test/pbelutest test/pemtest test/pkey_meth_kdf_test test/pkey_meth_test test/poly1305_internal_test test/property_test test/provider_fallback_test test/provider_internal_test test/provider_test test/rc2test test/rc4test test/rc5test test/rdrand_sanitytest test/recordlentest test/rsa_complex test/rsa_mp_test test/rsa_sp800_56b_test test/rsa_test test/sanitytest test/secmemtest test/serdes_test test/servername_test test/shlibloadtest test/siphash_internal_test test/sm2_internal_test test/sm4_internal_test test/sparse_array_test test/srptest test/ssl_cert_table_internal_test test/ssl_ctx_test test/ssl_test test/ssl_test_ctx_test test/sslapitest test/sslbuffertest test/sslcorrupttest test/ssltest_old test/stack_test test/sysdefaulttest test/test_test test/threadstest test/time_offset_test test/tls13ccstest test/tls13encryptiontest test/tls13secretstest test/uitest test/v3ext test/v3nametest test/verify_extra_test test/versions test/wpackettest test/x509_check_cert_pkey_test test/x509_dup_cert_test test/x509_internal_test test/x509_time_test test/x509aux  engines/afalg.so engines/capi.so engines/dasync.so engines/ossltest.so engines/padlock.so providers/fips.so providers/legacy.so test/p_test.so apps/CA.pl apps/tsget.pl tools/c_rehash util/shlib_wrap.sh
rm -f doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod include/crypto/bn_conf.h include/crypto/dso_conf.h include/openssl/configuration.h include/openssl/fipskey.h include/openssl/opensslv.h test/provider_internal_test.cnf apps/CA.pl apps/progs.c apps/progs.h apps/tsget.pl crypto/aes/aes-x86_64.s crypto/aes/aesni-mb-x86_64.s crypto/aes/aesni-sha1-x86_64.s crypto/aes/aesni-sha256-x86_64.s crypto/aes/aesni-x86_64.s crypto/aes/bsaes-x86_64.s crypto/aes/vpaes-x86_64.s crypto/bn/rsaz-avx2.s crypto/bn/rsaz-x86_64.s crypto/bn/x86_64-gf2m.s crypto/bn/x86_64-mont.s crypto/bn/x86_64-mont5.s crypto/buildinf.h crypto/camellia/cmll-x86_64.s crypto/chacha/chacha-x86_64.s crypto/ec/ecp_nistz256-x86_64.s crypto/ec/x25519-x86_64.s crypto/md5/md5-x86_64.s crypto/modes/aesni-gcm-x86_64.s crypto/modes/ghash-x86_64.s crypto/poly1305/poly1305-x86_64.s crypto/rc4/rc4-md5-x86_64.s crypto/rc4/rc4-x86_64.s crypto/sha/keccak1600-x86_64.s crypto/sha/sha1-mb-x86_64.s crypto/sha/sha1-x86_64.s crypto/sha/sha256-mb-x86_64.s crypto/sha/sha256-x86_64.s crypto/sha/sha512-x86_64.s crypto/whrlpool/wp-x86_64.s crypto/x86_64cpuid.s doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod engines/afalg.ld engines/capi.ld engines/dasync.ld engines/e_padlock-x86_64.s engines/ossltest.ld engines/padlock.ld libcrypto.ld libssl.ld providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_rsa_gen.c providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_rsa.h providers/fips.ld providers/legacy.ld test/buildtest_aes.c test/buildtest_asn1.c test/buildtest_asn1t.c test/buildtest_async.c test/buildtest_bio.c test/buildtest_blowfish.c test/buildtest_bn.c test/buildtest_buffer.c test/buildtest_camellia.c test/buildtest_cast.c test/buildtest_cmac.c test/buildtest_cmp.c test/buildtest_cmp_util.c test/buildtest_cms.c test/buildtest_comp.c test/buildtest_conf.c test/buildtest_conf_api.c test/buildtest_core.c test/buildtest_core_dispatch.c test/buildtest_core_names.c test/buildtest_crmf.c test/buildtest_crypto.c test/buildtest_ct.c test/buildtest_des.c test/buildtest_deserializer.c test/buildtest_dh.c test/buildtest_dsa.c test/buildtest_dtls1.c test/buildtest_e_os2.c test/buildtest_ebcdic.c test/buildtest_ec.c test/buildtest_ecdh.c test/buildtest_ecdsa.c test/buildtest_engine.c test/buildtest_ess.c test/buildtest_evp.c test/buildtest_fips_names.c test/buildtest_hmac.c test/buildtest_http.c test/buildtest_idea.c test/buildtest_kdf.c test/buildtest_lhash.c test/buildtest_macros.c test/buildtest_md4.c test/buildtest_md5.c test/buildtest_mdc2.c test/buildtest_modes.c test/buildtest_obj_mac.c test/buildtest_objects.c test/buildtest_ocsp.c test/buildtest_ossl_typ.c test/buildtest_param_build.c test/buildtest_params.c test/buildtest_pem.c test/buildtest_pem2.c test/buildtest_pkcs12.c test/buildtest_pkcs7.c test/buildtest_provider.c test/buildtest_rand.c test/buildtest_rand_drbg.c test/buildtest_rc2.c test/buildtest_rc4.c test/buildtest_ripemd.c test/buildtest_rsa.c test/buildtest_safestack.c test/buildtest_seed.c test/buildtest_self_test.c test/buildtest_serializer.c test/buildtest_sha.c test/buildtest_srp.c test/buildtest_srtp.c test/buildtest_ssl.c test/buildtest_ssl2.c test/buildtest_stack.c test/buildtest_store.c test/buildtest_symhacks.c test/buildtest_tls1.c test/buildtest_ts.c test/buildtest_txt_db.c test/buildtest_types.c test/buildtest_ui.c test/buildtest_whrlpool.c test/buildtest_x509.c test/buildtest_x509_vfy.c test/buildtest_x509v3.c test/p_test.ld tools/c_rehash util/shlib_wrap.sh
rm -f `find . -name '*.d' \! -name '.*' \! -type d -print`
rm -f `find . -name '*.o' \! -name '.*' \! -type d -print`
rm -f core
rm -f tags TAGS doc-nits cmd-nits md-nits
rm -f -r test/test-runs
rm -f openssl.pc libcrypto.pc libssl.pc
rm -f `find . -type l \! -name '.*' -print`
rm -f ../openssl-3.0.0-alpha6-dev.tar
$ make depend
$ LDCMD= make -j4
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-asn1parse.pod.in > doc/man1/openssl-asn1parse.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ca.pod.in > doc/man1/openssl-ca.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ciphers.pod.in > doc/man1/openssl-ciphers.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmds.pod.in > doc/man1/openssl-cmds.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmp.pod.in > doc/man1/openssl-cmp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cms.pod.in > doc/man1/openssl-cms.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl.pod.in > doc/man1/openssl-crl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-provider.pod.in > doc/man1/openssl-provider.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf
make depend && make _build_sw
make[1]: Entering directory '/home/openssl/run-checker/no-posix-io'
make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io'
make[1]: Entering directory '/home/openssl/run-checker/no-posix-io'
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c
../openssl/apps/lib/http_server.c:27:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations]
int multi = 0; /* run multiple responder processes */
    ^
1 error generated.
Makefile:4145: recipe for target 'apps/lib/libapps-lib-http_server.o' failed
make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io'
Makefile:3114: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From builds at travis-ci.com  Tue Aug  4 07:08:47 2020
From: builds at travis-ci.com (Travis CI)
Date: Tue, 04 Aug 2020 07:08:47 +0000
Subject: Still Failing: openssl/openssl#36471 (master - b5b6669)
In-Reply-To: <openssl/openssl+178354410+still failing@travis-ci.com>
Message-ID: <5f29097f872e9_13ff0732d91841883b1@travis-pro-tasks-7f55f4c657-95dr5.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36471
Status: Still Failing

Duration: 1 hr, 21 mins, and 27 secs
Commit: b5b6669 (master)
Author: Richard Levitte
Message: PROV: Make the DER to KEY deserializer decode parameters too

It should be noted that this may be dodgy if we ever encounter
parameter objects that look like something else.  However, experience
with the OSSL_STORE 'file:' loader, which does exactly this kind of
thing, has worked fine so far.

A possibility could be that to decode parameters specifically, we
demand that there's an incoming data type specifying this, which
demands by extension that parameters can only come from a file format
that has the parameter type encoded, such as PEM.  This would be a
future effort.

Fixes #12568

Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12569)

View the changeset: https://github.com/openssl/openssl/compare/19b4e6f8feba...b5b6669fb637

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178354410?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200804/2903d34a/attachment.html>

From dev at ddvo.net  Tue Aug  4 07:19:44 2020
From: dev at ddvo.net (dev at ddvo.net)
Date: Tue, 04 Aug 2020 07:19:44 +0000
Subject: [openssl]  master update
Message-ID: <1596525584.268795.25719.nullmailer@dev.openssl.org>

The branch master has been updated
       via  aff8c0a411824f29687a54a3aa82f7e770faff48 (commit)
       via  57c05c57c3aab2755ec6eeae5d1800ac9cbd2f6d (commit)
       via  02ae130e3dd1e4b4252692f65cb1f975bfe47935 (commit)
       via  1ac658ac9d40711d0a9610e932ddfa7b90fdc537 (commit)
       via  c90c469376e28e87caf02e96bf6568131f1c5d1b (commit)
       via  b516a4b1399328ed2177e6bc5f717416a7d03806 (commit)
       via  8f7e897995ae49546ab94a6969e85d797ac6c486 (commit)
      from  b5b6669fb63702233124c8fd5504e8477e559d07 (commit)


- Log -----------------------------------------------------------------
commit aff8c0a411824f29687a54a3aa82f7e770faff48
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Sat Jun 27 10:29:55 2020 +0200

    Fix error message on setting cert validity period in apps/cmp.c
    
    Fixes #12268
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12296)

commit 57c05c57c3aab2755ec6eeae5d1800ac9cbd2f6d
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Sat Jun 27 10:28:45 2020 +0200

    apps: Correct and extend diagnostics of parse_name()
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12296)

commit 02ae130e3dd1e4b4252692f65cb1f975bfe47935
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Fri Jun 26 20:40:19 2020 +0200

    Add 'section=...' info in error output of X509V3_EXT_nconf() as far as appropriate
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12296)

commit 1ac658ac9d40711d0a9610e932ddfa7b90fdc537
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Fri Jun 26 20:13:47 2020 +0200

    Rename misleading X509V3_R_INVALID_NULL_NAME to X509V3_R_INVALID_EMPTY_NAME
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12296)

commit c90c469376e28e87caf02e96bf6568131f1c5d1b
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Fri Jun 26 16:16:00 2020 +0200

    Correct confusing X509V3 conf error output by removing needless 'section:<NULL>' etc.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12296)

commit b516a4b1399328ed2177e6bc5f717416a7d03806
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Fri Jun 26 16:16:56 2020 +0200

    Correct misleading diagnostics of OBJ_txt2obj on unknown object name
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12296)

commit 8f7e897995ae49546ab94a6969e85d797ac6c486
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Fri Jun 26 12:37:12 2020 +0200

    apps/cmp.c: Defer diagnostic output on server+proxy to be contacted
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12296)

-----------------------------------------------------------------------

Summary of changes:
 apps/ca.c                    |  2 +-
 apps/cmp.c                   | 12 ++++++------
 apps/include/apps.h          |  3 ++-
 apps/lib/apps.c              | 38 ++++++++++++++++++++++----------------
 apps/req.c                   |  2 +-
 apps/storeutl.c              | 12 ++++--------
 apps/x509.c                  |  3 ++-
 crypto/err/openssl.txt       |  3 ++-
 crypto/objects/obj_dat.c     |  4 ++++
 crypto/objects/obj_err.c     |  4 +++-
 crypto/x509/v3_addr.c        | 19 ++++++++++---------
 crypto/x509/v3_asid.c        |  9 +++++----
 crypto/x509/v3_bcons.c       |  4 +++-
 crypto/x509/v3_bitst.c       |  2 +-
 crypto/x509/v3_conf.c        | 43 +++++++++++++++++++++++++++++++------------
 crypto/x509/v3_cpols.c       | 20 +++++++++++---------
 crypto/x509/v3_crld.c        |  5 +++--
 crypto/x509/v3_extku.c       |  2 +-
 crypto/x509/v3_pci.c         |  1 +
 crypto/x509/v3_pcons.c       |  2 +-
 crypto/x509/v3_pmaps.c       |  4 ++--
 crypto/x509/v3_tlsf.c        |  3 ++-
 crypto/x509/v3_utl.c         | 11 ++++++-----
 crypto/x509/v3err.c          |  4 ++--
 crypto/x509/x509_local.h     |  3 +++
 include/openssl/objectserr.h |  5 +++--
 include/openssl/x509v3err.h  |  2 +-
 27 files changed, 133 insertions(+), 89 deletions(-)

diff --git a/apps/ca.c b/apps/ca.c
index e001a34190..fef0b82c39 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1463,7 +1463,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
         row[i] = NULL;
 
     if (subj) {
-        X509_NAME *n = parse_name(subj, chtype, multirdn);
+        X509_NAME *n = parse_name(subj, chtype, multirdn, "subject");
 
         if (!n) {
             ERR_print_errors(bio_err);
diff --git a/apps/cmp.c b/apps/cmp.c
index e5f72cbea7..01c5394344 100644
--- a/apps/cmp.c
+++ b/apps/cmp.c
@@ -1109,12 +1109,10 @@ static int set_name(const char *str,
                     OSSL_CMP_CTX *ctx, const char *desc)
 {
     if (str != NULL) {
-        X509_NAME *n = parse_name(str, MBSTRING_ASC, 0);
+        X509_NAME *n = parse_name(str, MBSTRING_ASC, 0, desc);
 
-        if (n == NULL) {
-            CMP_err2("cannot parse %s DN '%s'", desc, str);
+        if (n == NULL)
             return 0;
-        }
         if (!(*set_fn) (ctx, n)) {
             X509_NAME_free(n);
             CMP_err("out of memory");
@@ -1869,7 +1867,7 @@ static int setup_request_ctx(OSSL_CMP_CTX *ctx, ENGINE *engine)
     if (opt_days > 0
             && !OSSL_CMP_CTX_set_option(ctx, OSSL_CMP_OPT_VALIDITY_DAYS,
                                         opt_days)) {
-        CMP_err("could to set requested cert validity period");
+        CMP_err("could not set requested cert validity period");
         goto err;
     }
 
@@ -2095,7 +2093,6 @@ static int setup_client_ctx(OSSL_CMP_CTX *ctx, ENGINE *engine)
 
     if (opt_proxy != NULL)
         (void)BIO_snprintf(proxy_buf, sizeof(proxy_buf), " via %s", opt_proxy);
-    CMP_info2("will contact %s%s", server_buf, proxy_buf);
 
     if (!transform_opts())
         goto err;
@@ -2217,6 +2214,9 @@ static int setup_client_ctx(OSSL_CMP_CTX *ctx, ENGINE *engine)
     if (opt_geninfo != NULL && !handle_opt_geninfo(ctx))
         goto err;
 
+    /* not printing earlier, to minimize confusion in case setup fails before */
+    CMP_info2("will contact %s%s", server_buf, proxy_buf);
+
     ret = 1;
 
  err:
diff --git a/apps/include/apps.h b/apps/include/apps.h
index e91cdcdb8f..554d33e1c9 100644
--- a/apps/include/apps.h
+++ b/apps/include/apps.h
@@ -201,7 +201,8 @@ void free_index(CA_DB *db);
 int index_name_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b);
 int parse_yesno(const char *str, int def);
 
-X509_NAME *parse_name(const char *str, long chtype, int multirdn);
+X509_NAME *parse_name(const char *str, int chtype, int multirdn,
+                      const char *desc);
 void policies_print(X509_STORE_CTX *ctx);
 int bio_to_mem(unsigned char **out, int maxlen, BIO *in);
 int pkey_ctrl_string(EVP_PKEY_CTX *ctx, const char *value);
diff --git a/apps/lib/apps.c b/apps/lib/apps.c
index cf99ca0ebf..e8592c4880 100644
--- a/apps/lib/apps.c
+++ b/apps/lib/apps.c
@@ -1670,7 +1670,8 @@ int parse_yesno(const char *str, int def)
  * name is expected to be in the format /type0=value0/type1=value1/type2=...
  * where characters may be escaped by \
  */
-X509_NAME *parse_name(const char *cp, long chtype, int canmulti)
+X509_NAME *parse_name(const char *cp, int chtype, int canmulti,
+                      const char *desc)
 {
     int nextismulti = 0;
     char *work;
@@ -1678,19 +1679,22 @@ X509_NAME *parse_name(const char *cp, long chtype, int canmulti)
 
     if (*cp++ != '/') {
         BIO_printf(bio_err,
-                   "name is expected to be in the format "
+                   "%s: %s name is expected to be in the format "
                    "/type0=value0/type1=value1/type2=... where characters may "
                    "be escaped by \\. This name is not in that format: '%s'\n",
-                   --cp);
+                   opt_getprog(), desc, --cp);
         return NULL;
     }
 
     n = X509_NAME_new();
-    if (n == NULL)
+    if (n == NULL) {
+        BIO_printf(bio_err, "%s: Out of memory\n", opt_getprog());
         return NULL;
+    }
     work = OPENSSL_strdup(cp);
     if (work == NULL) {
-        BIO_printf(bio_err, "%s: Error copying name input\n", opt_getprog());
+        BIO_printf(bio_err, "%s: Error copying %s name input\n",
+                   opt_getprog(), desc);
         goto err;
     }
 
@@ -1705,13 +1709,13 @@ X509_NAME *parse_name(const char *cp, long chtype, int canmulti)
         /* Collect the type */
         while (*cp != '\0' && *cp != '=')
             *bp++ = *cp++;
+        *bp++ = '\0';
         if (*cp == '\0') {
             BIO_printf(bio_err,
-                       "%s: Hit end of string before finding the '='\n",
-                       opt_getprog());
+                       "%s: Missing '=' after RDN type string '%s' in %s name string\n",
+                       opt_getprog(), typestr, desc);
             goto err;
         }
-        *bp++ = '\0';
         ++cp;
 
         /* Collect the value. */
@@ -1723,8 +1727,8 @@ X509_NAME *parse_name(const char *cp, long chtype, int canmulti)
             }
             if (*cp == '\\' && *++cp == '\0') {
                 BIO_printf(bio_err,
-                           "%s: Escape character at end of string\n",
-                           opt_getprog());
+                           "%s: Escape character at end of %s name string\n",
+                           opt_getprog(), desc);
                 goto err;
             }
         }
@@ -1737,22 +1741,24 @@ X509_NAME *parse_name(const char *cp, long chtype, int canmulti)
         /* Parse */
         nid = OBJ_txt2nid(typestr);
         if (nid == NID_undef) {
-            BIO_printf(bio_err, "%s: Skipping unknown attribute \"%s\"\n",
-                       opt_getprog(), typestr);
+            BIO_printf(bio_err,
+                       "%s: Skipping unknown %s name attribute \"%s\"\n",
+                       opt_getprog(), desc, typestr);
             continue;
         }
         if (*valstr == '\0') {
             BIO_printf(bio_err,
-                       "%s: No value provided for Subject Attribute %s, skipped\n",
-                       opt_getprog(), typestr);
+                       "%s: No value provided for %s name attribute \"%s\", skipped\n",
+                       opt_getprog(), desc, typestr);
             continue;
         }
         if (!X509_NAME_add_entry_by_NID(n, nid, chtype,
                                         valstr, strlen((char *)valstr),
                                         -1, ismulti ? -1 : 0)) {
             ERR_print_errors(bio_err);
-            BIO_printf(bio_err, "%s: Error adding name attribute \"/%s=%s\"\n",
-                       opt_getprog(), typestr ,valstr);
+            BIO_printf(bio_err,
+                       "%s: Error adding %s name attribute \"/%s=%s\"\n",
+                       opt_getprog(), desc, typestr ,valstr);
             goto err;
         }
     }
diff --git a/apps/req.c b/apps/req.c
index 8931e9829f..46739554bd 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -1078,7 +1078,7 @@ static int build_subject(X509_REQ *req, const char *subject, unsigned long chtyp
 {
     X509_NAME *n;
 
-    if ((n = parse_name(subject, chtype, multirdn)) == NULL)
+    if ((n = parse_name(subject, chtype, multirdn, "subject")) == NULL)
         return 0;
 
     if (!X509_REQ_set_subject_name(req, n)) {
diff --git a/apps/storeutl.c b/apps/storeutl.c
index 95af277260..66fd423ab0 100644
--- a/apps/storeutl.c
+++ b/apps/storeutl.c
@@ -157,11 +157,9 @@ int storeutl_main(int argc, char *argv[])
                            prog);
                 goto end;
             }
-            if ((subject = parse_name(opt_arg(), MBSTRING_UTF8, 1)) == NULL) {
-                BIO_printf(bio_err, "%s: can't parse subject argument.\n",
-                           prog);
+            subject = parse_name(opt_arg(), MBSTRING_UTF8, 1, "subject");
+            if (subject == NULL)
                 goto end;
-            }
             break;
         case OPT_CRITERION_ISSUER:
             if (criterion != 0
@@ -177,11 +175,9 @@ int storeutl_main(int argc, char *argv[])
                            prog);
                 goto end;
             }
-            if ((issuer = parse_name(opt_arg(), MBSTRING_UTF8, 1)) == NULL) {
-                BIO_printf(bio_err, "%s: can't parse issuer argument.\n",
-                           prog);
+            issuer = parse_name(opt_arg(), MBSTRING_UTF8, 1, "issuer");
+            if (issuer == NULL)
                 goto end;
-            }
             break;
         case OPT_CRITERION_SERIAL:
             if (criterion != 0
diff --git a/apps/x509.c b/apps/x509.c
index d8f69c08eb..fbe4b8cefe 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -536,7 +536,8 @@ int x509_main(int argc, char **argv)
                    "The -new option requires a subject to be set using -subj\n");
         goto end;
     }
-    if (subj != NULL && (fsubj = parse_name(subj, chtype, multirdn)) == NULL)
+    if (subj != NULL
+            && (fsubj = parse_name(subj, chtype, multirdn, "subject")) == NULL)
         goto end;
 
     if (CAkeyfile == NULL && CA_flag && CAformat == FORMAT_PEM) {
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 1b4fca9b97..53becb8ed4 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2668,6 +2668,7 @@ KDF_R_VALUE_MISSING:102:value missing
 KDF_R_WRONG_OUTPUT_BUFFER_SIZE:112:wrong output buffer size
 OBJ_R_OID_EXISTS:102:oid exists
 OBJ_R_UNKNOWN_NID:101:unknown nid
+OBJ_R_UNKNOWN_OBJECT_NAME:103:unknown object name
 OCSP_R_CERTIFICATE_VERIFY_ERROR:101:certificate verify error
 OCSP_R_DIGEST_ERR:102:digest err
 OCSP_R_ERROR_IN_NEXTUPDATE_FIELD:122:error in nextupdate field
@@ -3470,7 +3471,7 @@ X509V3_R_INVALID_IPADDRESS:166:invalid ipaddress
 X509V3_R_INVALID_MULTIPLE_RDNS:161:invalid multiple rdns
 X509V3_R_INVALID_NAME:106:invalid name
 X509V3_R_INVALID_NULL_ARGUMENT:107:invalid null argument
-X509V3_R_INVALID_NULL_NAME:108:invalid null name
+X509V3_R_INVALID_EMPTY_NAME:108:invalid empty name
 X509V3_R_INVALID_NULL_VALUE:109:invalid null value
 X509V3_R_INVALID_NUMBER:140:invalid number
 X509V3_R_INVALID_NUMBERS:141:invalid numbers
diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c
index 0c4ec985cb..b2fd4a0226 100644
--- a/crypto/objects/obj_dat.c
+++ b/crypto/objects/obj_dat.c
@@ -372,6 +372,10 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name)
         if (((nid = OBJ_sn2nid(s)) != NID_undef) ||
             ((nid = OBJ_ln2nid(s)) != NID_undef))
             return OBJ_nid2obj(nid);
+        if (!ossl_isdigit(*s)) {
+            OBJerr(OBJ_F_OBJ_TXT2OBJ, OBJ_R_UNKNOWN_OBJECT_NAME);
+            return NULL;
+        }
     }
 
     /* Work out size of content octets */
diff --git a/crypto/objects/obj_err.c b/crypto/objects/obj_err.c
index b32e9f6f55..c55e8ef2d0 100644
--- a/crypto/objects/obj_err.c
+++ b/crypto/objects/obj_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -16,6 +16,8 @@
 static const ERR_STRING_DATA OBJ_str_reasons[] = {
     {ERR_PACK(ERR_LIB_OBJ, 0, OBJ_R_OID_EXISTS), "oid exists"},
     {ERR_PACK(ERR_LIB_OBJ, 0, OBJ_R_UNKNOWN_NID), "unknown nid"},
+    {ERR_PACK(ERR_LIB_OBJ, 0, OBJ_R_UNKNOWN_OBJECT_NAME),
+    "unknown object name"},
     {0, NULL}
 };
 
diff --git a/crypto/x509/v3_addr.c b/crypto/x509/v3_addr.c
index 9e2b9d48a9..d965d74553 100644
--- a/crypto/x509/v3_addr.c
+++ b/crypto/x509/v3_addr.c
@@ -22,6 +22,7 @@
 #include <openssl/x509v3.h>
 #include "crypto/x509.h"
 #include "ext_dat.h"
+#include "x509_local.h"
 
 #ifndef OPENSSL_NO_RFC3779
 
@@ -925,7 +926,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
         } else {
             X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
                       X509V3_R_EXTENSION_NAME_ERROR);
-            X509V3_conf_err(val);
+            ERR_add_error_data(1, val->name);
             goto err;
         }
 
@@ -949,7 +950,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
             t += strspn(t, " \t");
             if (*safi > 0xFF || *t++ != ':') {
                 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_SAFI);
-                X509V3_conf_err(val);
+                X509V3_conf_add_error_name_value(val);
                 goto err;
             }
             t += strspn(t, " \t");
@@ -970,7 +971,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
             if (!X509v3_addr_add_inherit(addr, afi, safi)) {
                 X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
                           X509V3_R_INVALID_INHERITANCE);
-                X509V3_conf_err(val);
+                X509V3_conf_add_error_name_value(val);
                 goto err;
             }
             OPENSSL_free(s);
@@ -985,7 +986,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
 
         if (a2i_ipadd(min, s) != length) {
             X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_IPADDRESS);
-            X509V3_conf_err(val);
+            X509V3_conf_add_error_name_value(val);
             goto err;
         }
 
@@ -995,7 +996,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
             if (t == s + i2 || *t != '\0') {
                 X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
                           X509V3_R_EXTENSION_VALUE_ERROR);
-                X509V3_conf_err(val);
+                X509V3_conf_add_error_name_value(val);
                 goto err;
             }
             if (!X509v3_addr_add_prefix(addr, afi, safi, min, prefixlen)) {
@@ -1009,19 +1010,19 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
             if (i1 == i2 || s[i2] != '\0') {
                 X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
                           X509V3_R_EXTENSION_VALUE_ERROR);
-                X509V3_conf_err(val);
+                X509V3_conf_add_error_name_value(val);
                 goto err;
             }
             if (a2i_ipadd(max, s + i1) != length) {
                 X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
                           X509V3_R_INVALID_IPADDRESS);
-                X509V3_conf_err(val);
+                X509V3_conf_add_error_name_value(val);
                 goto err;
             }
             if (memcmp(min, max, length_from_afi(afi)) > 0) {
                 X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
                           X509V3_R_EXTENSION_VALUE_ERROR);
-                X509V3_conf_err(val);
+                X509V3_conf_add_error_name_value(val);
                 goto err;
             }
             if (!X509v3_addr_add_range(addr, afi, safi, min, max)) {
@@ -1038,7 +1039,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
         default:
             X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
                       X509V3_R_EXTENSION_VALUE_ERROR);
-            X509V3_conf_err(val);
+            X509V3_conf_add_error_name_value(val);
             goto err;
         }
 
diff --git a/crypto/x509/v3_asid.c b/crypto/x509/v3_asid.c
index 0ff37073cf..0fc7641386 100644
--- a/crypto/x509/v3_asid.c
+++ b/crypto/x509/v3_asid.c
@@ -23,6 +23,7 @@
 #include "crypto/x509.h"
 #include <openssl/bn.h>
 #include "ext_dat.h"
+#include "x509_local.h"
 
 #ifndef OPENSSL_NO_RFC3779
 
@@ -545,7 +546,7 @@ static void *v2i_ASIdentifiers(const struct v3_ext_method *method,
         } else {
             X509V3err(X509V3_F_V2I_ASIDENTIFIERS,
                       X509V3_R_EXTENSION_NAME_ERROR);
-            X509V3_conf_err(val);
+            X509V3_conf_add_error_name_value(val);
             goto err;
         }
 
@@ -557,7 +558,7 @@ static void *v2i_ASIdentifiers(const struct v3_ext_method *method,
                 continue;
             X509V3err(X509V3_F_V2I_ASIDENTIFIERS,
                       X509V3_R_INVALID_INHERITANCE);
-            X509V3_conf_err(val);
+            X509V3_conf_add_error_name_value(val);
             goto err;
         }
 
@@ -573,7 +574,7 @@ static void *v2i_ASIdentifiers(const struct v3_ext_method *method,
             if (val->value[i2] != '-') {
                 X509V3err(X509V3_F_V2I_ASIDENTIFIERS,
                           X509V3_R_INVALID_ASNUMBER);
-                X509V3_conf_err(val);
+                X509V3_conf_add_error_name_value(val);
                 goto err;
             }
             i2++;
@@ -582,7 +583,7 @@ static void *v2i_ASIdentifiers(const struct v3_ext_method *method,
             if (val->value[i3] != '\0') {
                 X509V3err(X509V3_F_V2I_ASIDENTIFIERS,
                           X509V3_R_INVALID_ASRANGE);
-                X509V3_conf_err(val);
+                X509V3_conf_add_error_name_value(val);
                 goto err;
             }
         }
diff --git a/crypto/x509/v3_bcons.c b/crypto/x509/v3_bcons.c
index 6ab4aaf687..01d38473a3 100644
--- a/crypto/x509/v3_bcons.c
+++ b/crypto/x509/v3_bcons.c
@@ -14,6 +14,7 @@
 #include <openssl/conf.h>
 #include <openssl/x509v3.h>
 #include "ext_dat.h"
+#include "x509_local.h"
 
 DEFINE_STACK_OF(CONF_VALUE)
 
@@ -73,9 +74,10 @@ static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
         } else if (strcmp(val->name, "pathlen") == 0) {
             if (!X509V3_get_value_int(val, &bcons->pathlen))
                 goto err;
+            /* TODO add sanity check on int value - at least, must be >= 0 */
         } else {
             X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS, X509V3_R_INVALID_NAME);
-            X509V3_conf_err(val);
+            X509V3_conf_add_error_name_value(val);
             goto err;
         }
     }
diff --git a/crypto/x509/v3_bitst.c b/crypto/x509/v3_bitst.c
index ec8fdc55a1..02d40863a6 100644
--- a/crypto/x509/v3_bitst.c
+++ b/crypto/x509/v3_bitst.c
@@ -86,7 +86,7 @@ ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
         if (!bnam->lname) {
             X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,
                       X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT);
-            X509V3_conf_err(val);
+            ERR_add_error_data(1, val->name);
             ASN1_BIT_STRING_free(bs);
             return NULL;
         }
diff --git a/crypto/x509/v3_conf.c b/crypto/x509/v3_conf.c
index bbe67dc3d3..88e29f9cc4 100644
--- a/crypto/x509/v3_conf.c
+++ b/crypto/x509/v3_conf.c
@@ -33,33 +33,42 @@ static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method,
                                   int ext_nid, int crit, void *ext_struc);
 static unsigned char *generic_asn1(const char *value, X509V3_CTX *ctx,
                                    long *ext_len);
-/* CONF *conf:  Config file    */
-/* char *name:  Name    */
-/* char *value:  Value    */
-X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, const char *name,
-                                 const char *value)
+
+static X509_EXTENSION *X509V3_EXT_nconf_int(CONF *conf, X509V3_CTX *ctx,
+                                            const char *section,
+                                            const char *name, const char *value)
 {
     int crit;
     int ext_type;
     X509_EXTENSION *ret;
+
     crit = v3_check_critical(&value);
     if ((ext_type = v3_check_generic(&value)))
         return v3_generic_extension(name, value, crit, ext_type, ctx);
     ret = do_ext_nconf(conf, ctx, OBJ_sn2nid(name), crit, value);
     if (!ret) {
-        X509V3err(X509V3_F_X509V3_EXT_NCONF, X509V3_R_ERROR_IN_EXTENSION);
-        ERR_add_error_data(4, "name=", name, ", value=", value);
+        X509V3err(0, X509V3_R_ERROR_IN_EXTENSION);
+        if (section != NULL)
+            ERR_add_error_data(6, "section=", section,
+                               ", name=", name, ", value=", value);
+        else
+            ERR_add_error_data(4, "name=", name, ", value=", value);
     }
     return ret;
 }
 
-/* CONF *conf:  Config file    */
-/* char *value:  Value    */
+X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, const char *name,
+                                 const char *value)
+{
+    return X509V3_EXT_nconf_int(conf, ctx, NULL, name, value);
+}
+
 X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid,
                                      const char *value)
 {
     int crit;
     int ext_type;
+
     crit = v3_check_critical(&value);
     if ((ext_type = v3_check_generic(&value)))
         return v3_generic_extension(OBJ_nid2sn(ext_nid),
@@ -138,6 +147,7 @@ static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method,
     int ext_len;
     ASN1_OCTET_STRING *ext_oct = NULL;
     X509_EXTENSION *ext;
+
     /* Convert internal representation to DER */
     if (method->it) {
         ext_der = NULL;
@@ -192,6 +202,7 @@ X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc)
 static int v3_check_critical(const char **value)
 {
     const char *p = *value;
+
     if ((strlen(p) < 9) || strncmp(p, "critical,", 9))
         return 0;
     p += 9;
@@ -206,6 +217,7 @@ static int v3_check_generic(const char **value)
 {
     int gen_type = 0;
     const char *p = *value;
+
     if ((strlen(p) >= 4) && strncmp(p, "DER:", 4) == 0) {
         p += 4;
         gen_type = 1;
@@ -275,6 +287,7 @@ static unsigned char *generic_asn1(const char *value, X509V3_CTX *ctx,
 {
     ASN1_TYPE *typ;
     unsigned char *ext_der = NULL;
+
     typ = ASN1_generate_v3(value, ctx);
     if (typ == NULL)
         return NULL;
@@ -287,9 +300,11 @@ static void delete_ext(STACK_OF(X509_EXTENSION) *sk, X509_EXTENSION *dext)
 {
     int idx;
     ASN1_OBJECT *obj;
+
     obj = X509_EXTENSION_get_object(dext);
     while ((idx = X509v3_get_ext_by_OBJ(sk, obj, -1)) >= 0) {
         X509_EXTENSION *tmpext = X509v3_get_ext(sk, idx);
+
         X509v3_delete_ext(sk, idx);
         X509_EXTENSION_free(tmpext);
     }
@@ -312,7 +327,8 @@ int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, const char *section,
         return 0;
     for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
         val = sk_CONF_VALUE_value(nval, i);
-        if ((ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value)) == NULL)
+        if ((ext = X509V3_EXT_nconf_int(conf, ctx, val->section,
+                                        val->name, val->value)) == NULL)
             return 0;
         if (ctx->flags == X509V3_CTX_REPLACE)
             delete_ext(*sk, ext);
@@ -358,6 +374,7 @@ int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section,
 {
     STACK_OF(X509_EXTENSION) *extlist = NULL, **sk = NULL;
     int i;
+
     if (req)
         sk = &extlist;
     i = X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
@@ -448,12 +465,11 @@ X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
                                 const char *name, const char *value)
 {
     CONF ctmp;
+
     CONF_set_nconf(&ctmp, conf);
     return X509V3_EXT_nconf(&ctmp, ctx, name, value);
 }
 
-/* LHASH *conf:  Config file    */
-/* char *value:  Value    */
 X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf,
                                     X509V3_CTX *ctx, int ext_nid, const char *value)
 {
@@ -489,6 +505,7 @@ int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
                         const char *section, X509 *cert)
 {
     CONF ctmp;
+
     CONF_set_nconf(&ctmp, conf);
     return X509V3_EXT_add_nconf(&ctmp, ctx, section, cert);
 }
@@ -499,6 +516,7 @@ int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
                             const char *section, X509_CRL *crl)
 {
     CONF ctmp;
+
     CONF_set_nconf(&ctmp, conf);
     return X509V3_EXT_CRL_add_nconf(&ctmp, ctx, section, crl);
 }
@@ -509,6 +527,7 @@ int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
                             const char *section, X509_REQ *req)
 {
     CONF ctmp;
+
     CONF_set_nconf(&ctmp, conf);
     return X509V3_EXT_REQ_add_nconf(&ctmp, ctx, section, req);
 }
diff --git a/crypto/x509/v3_cpols.c b/crypto/x509/v3_cpols.c
index abbf5fbe60..6b507f40d7 100644
--- a/crypto/x509/v3_cpols.c
+++ b/crypto/x509/v3_cpols.c
@@ -14,6 +14,7 @@
 #include <openssl/asn1t.h>
 #include <openssl/x509v3.h>
 
+#include "x509_local.h"
 #include "pcy_local.h"
 #include "ext_dat.h"
 
@@ -116,11 +117,10 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
     ia5org = 0;
     for (i = 0; i < num; i++) {
         cnf = sk_CONF_VALUE_value(vals, i);
-
-        if (cnf->value || !cnf->name) {
+        if (cnf->value != NULL || cnf->name == NULL) {
             X509V3err(X509V3_F_R2I_CERTPOL,
                       X509V3_R_INVALID_POLICY_IDENTIFIER);
-            X509V3_conf_err(cnf);
+            X509V3_conf_add_error_name_value(cnf);
             goto err;
         }
         pstr = cnf->name;
@@ -133,8 +133,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
             polsect = X509V3_get_section(ctx, pstr + 1);
             if (polsect == NULL) {
                 X509V3err(X509V3_F_R2I_CERTPOL, X509V3_R_INVALID_SECTION);
-
-                X509V3_conf_err(cnf);
+                ERR_add_error_data(1, cnf->name);
                 goto err;
             }
             pol = policy_section(ctx, polsect, ia5org);
@@ -145,7 +144,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
             if ((pobj = OBJ_txt2obj(cnf->name, 0)) == NULL) {
                 X509V3err(X509V3_F_R2I_CERTPOL,
                           X509V3_R_INVALID_OBJECT_IDENTIFIER);
-                X509V3_conf_err(cnf);
+                ERR_add_error_data(1, cnf->name);
                 goto err;
             }
             pol = POLICYINFO_new();
@@ -184,6 +183,7 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
         cnf = sk_CONF_VALUE_value(polstrs, i);
         if (strcmp(cnf->name, "policyIdentifier") == 0) {
             ASN1_OBJECT *pobj;
+
             if ((pobj = OBJ_txt2obj(cnf->value, 0)) == NULL) {
                 X509V3err(X509V3_F_POLICY_SECTION,
                           X509V3_R_INVALID_OBJECT_IDENTIFIER);
@@ -233,7 +233,6 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
                 goto merr;
         } else {
             X509V3err(X509V3_F_POLICY_SECTION, X509V3_R_INVALID_OPTION);
-
             X509V3_conf_err(cnf);
             goto err;
         }
@@ -307,6 +306,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
     qual->d.usernotice = not;
     for (i = 0; i < sk_CONF_VALUE_num(unot); i++) {
         cnf = sk_CONF_VALUE_value(unot, i);
+
         value = cnf->value;
         if (strcmp(cnf->name, "explicitText") == 0) {
             tag = displaytext_str2tag(value, &tag_len);
@@ -319,6 +319,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
                 goto merr;
         } else if (strcmp(cnf->name, "organization") == 0) {
             NOTICEREF *nref;
+
             if (!not->noticeref) {
                 if ((nref = NOTICEREF_new()) == NULL)
                     goto merr;
@@ -334,6 +335,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
                 goto merr;
         } else if (strcmp(cnf->name, "noticeNumbers") == 0) {
             NOTICEREF *nref;
+
             STACK_OF(CONF_VALUE) *nos;
             if (!not->noticeref) {
                 if ((nref = NOTICEREF_new()) == NULL)
@@ -344,7 +346,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
             nos = X509V3_parse_list(cnf->value);
             if (!nos || !sk_CONF_VALUE_num(nos)) {
                 X509V3err(X509V3_F_NOTICE_SECTION, X509V3_R_INVALID_NUMBERS);
-                X509V3_conf_err(cnf);
+                X509V3_conf_add_error_name_value(cnf);
                 sk_CONF_VALUE_pop_free(nos, X509V3_conf_free);
                 goto err;
             }
@@ -354,7 +356,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
                 goto err;
         } else {
             X509V3err(X509V3_F_NOTICE_SECTION, X509V3_R_INVALID_OPTION);
-            X509V3_conf_err(cnf);
+            X509V3_conf_add_error_name_value(cnf);
             goto err;
         }
     }
diff --git a/crypto/x509/v3_crld.c b/crypto/x509/v3_crld.c
index 21a1bfcd7d..b54346d036 100644
--- a/crypto/x509/v3_crld.c
+++ b/crypto/x509/v3_crld.c
@@ -16,6 +16,7 @@
 
 #include "crypto/x509.h"
 #include "ext_dat.h"
+#include "x509_local.h"
 
 DEFINE_STACK_OF(CONF_VALUE)
 DEFINE_STACK_OF(GENERAL_NAME)
@@ -256,7 +257,7 @@ static void *v2i_crld(const X509V3_EXT_METHOD *method,
         DIST_POINT *point;
 
         cnf = sk_CONF_VALUE_value(nval, i);
-        if (!cnf->value) {
+        if (cnf->value == NULL) {
             STACK_OF(CONF_VALUE) *dpsect;
             dpsect = X509V3_get_section(ctx, cnf->name);
             if (!dpsect)
@@ -398,7 +399,7 @@ static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
                 goto err;
         } else {
             X509V3err(X509V3_F_V2I_IDP, X509V3_R_INVALID_NAME);
-            X509V3_conf_err(cnf);
+            X509V3_conf_add_error_name_value(cnf);
             goto err;
         }
     }
diff --git a/crypto/x509/v3_extku.c b/crypto/x509/v3_extku.c
index ed51b60f0c..7769bc9931 100644
--- a/crypto/x509/v3_extku.c
+++ b/crypto/x509/v3_extku.c
@@ -97,7 +97,7 @@ static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method,
             sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free);
             X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE,
                       X509V3_R_INVALID_OBJECT_IDENTIFIER);
-            X509V3_conf_err(val);
+            ERR_add_error_data(1, extval);
             return NULL;
         }
         sk_ASN1_OBJECT_push(extku, objtmp);  /* no failure as it was reserved */
diff --git a/crypto/x509/v3_pci.c b/crypto/x509/v3_pci.c
index 30711149ce..714733684b 100644
--- a/crypto/x509/v3_pci.c
+++ b/crypto/x509/v3_pci.c
@@ -255,6 +255,7 @@ static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
     vals = X509V3_parse_list(value);
     for (i = 0; i < sk_CONF_VALUE_num(vals); i++) {
         CONF_VALUE *cnf = sk_CONF_VALUE_value(vals, i);
+
         if (!cnf->name || (*cnf->name != '@' && !cnf->value)) {
             X509V3err(X509V3_F_R2I_PCI,
                       X509V3_R_INVALID_PROXY_POLICY_SETTING);
diff --git a/crypto/x509/v3_pcons.c b/crypto/x509/v3_pcons.c
index e7bb7e9546..88a9497504 100644
--- a/crypto/x509/v3_pcons.c
+++ b/crypto/x509/v3_pcons.c
@@ -76,7 +76,7 @@ static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method,
                 goto err;
         } else {
             X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS, X509V3_R_INVALID_NAME);
-            X509V3_conf_err(val);
+            ERR_add_error_data(1, val->name);
             goto err;
         }
     }
diff --git a/crypto/x509/v3_pmaps.c b/crypto/x509/v3_pmaps.c
index d54384dac2..23aefb196c 100644
--- a/crypto/x509/v3_pmaps.c
+++ b/crypto/x509/v3_pmaps.c
@@ -85,7 +85,7 @@ static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method,
         if (!val->value || !val->name) {
             X509V3err(X509V3_F_V2I_POLICY_MAPPINGS,
                       X509V3_R_INVALID_OBJECT_IDENTIFIER);
-            X509V3_conf_err(val);
+            ERR_add_error_data(1, val->name);
             goto err;
         }
         obj1 = OBJ_txt2obj(val->name, 0);
@@ -93,7 +93,7 @@ static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method,
         if (!obj1 || !obj2) {
             X509V3err(X509V3_F_V2I_POLICY_MAPPINGS,
                       X509V3_R_INVALID_OBJECT_IDENTIFIER);
-            X509V3_conf_err(val);
+            ERR_add_error_data(1, val->name);
             goto err;
         }
         pmap = POLICY_MAPPING_new();
diff --git a/crypto/x509/v3_tlsf.c b/crypto/x509/v3_tlsf.c
index e494e4e8d1..81ce333a34 100644
--- a/crypto/x509/v3_tlsf.c
+++ b/crypto/x509/v3_tlsf.c
@@ -14,6 +14,7 @@
 #include <openssl/conf.h>
 #include <openssl/x509v3.h>
 #include "ext_dat.h"
+#include "x509_local.h"
 
 DEFINE_STACK_OF(ASN1_INTEGER)
 DEFINE_STACK_OF(CONF_VALUE)
@@ -119,7 +120,7 @@ static TLS_FEATURE *v2i_TLS_FEATURE(const X509V3_EXT_METHOD *method,
             if (((*endptr) != '\0') || (extval == endptr) || (tlsextid < 0) ||
                 (tlsextid > 65535)) {
                 X509V3err(X509V3_F_V2I_TLS_FEATURE, X509V3_R_INVALID_SYNTAX);
-                X509V3_conf_err(val);
+                X509V3_conf_add_error_name_value(val);
                 goto err;
             }
         }
diff --git a/crypto/x509/v3_utl.c b/crypto/x509/v3_utl.c
index aefb589743..acb0e35a42 100644
--- a/crypto/x509/v3_utl.c
+++ b/crypto/x509/v3_utl.c
@@ -19,6 +19,7 @@
 #include "crypto/x509.h"
 #include <openssl/bn.h>
 #include "ext_dat.h"
+#include "x509_local.h"
 
 DEFINE_STACK_OF(CONF_VALUE)
 DEFINE_STACK_OF(GENERAL_NAME)
@@ -271,7 +272,7 @@ int X509V3_get_value_bool(const CONF_VALUE *value, int *asn1_bool)
  err:
     X509V3err(X509V3_F_X509V3_GET_VALUE_BOOL,
               X509V3_R_INVALID_BOOLEAN_STRING);
-    X509V3_conf_err(value);
+    X509V3_conf_add_error_name_value(value);
     return 0;
 }
 
@@ -280,7 +281,7 @@ int X509V3_get_value_int(const CONF_VALUE *value, ASN1_INTEGER **aint)
     ASN1_INTEGER *itmp;
 
     if ((itmp = s2i_ASN1_INTEGER(NULL, value->value)) == NULL) {
-        X509V3_conf_err(value);
+        X509V3_conf_add_error_name_value(value);
         return 0;
     }
     *aint = itmp;
@@ -322,7 +323,7 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line)
                 ntmp = strip_spaces(q);
                 if (!ntmp) {
                     X509V3err(X509V3_F_X509V3_PARSE_LIST,
-                              X509V3_R_INVALID_NULL_NAME);
+                              X509V3_R_INVALID_EMPTY_NAME);
                     goto err;
                 }
                 q = p + 1;
@@ -332,7 +333,7 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line)
                 q = p + 1;
                 if (!ntmp) {
                     X509V3err(X509V3_F_X509V3_PARSE_LIST,
-                              X509V3_R_INVALID_NULL_NAME);
+                              X509V3_R_INVALID_EMPTY_NAME);
                     goto err;
                 }
                 X509V3_add_value(ntmp, NULL, &values);
@@ -368,7 +369,7 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line)
     } else {
         ntmp = strip_spaces(q);
         if (!ntmp) {
-            X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME);
+            X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_EMPTY_NAME);
             goto err;
         }
         X509V3_add_value(ntmp, NULL, &values);
diff --git a/crypto/x509/v3err.c b/crypto/x509/v3err.c
index cbda3f2cf8..91fe0d075a 100644
--- a/crypto/x509/v3err.c
+++ b/crypto/x509/v3err.c
@@ -62,8 +62,8 @@ static const ERR_STRING_DATA X509V3_str_reasons[] = {
     {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_NAME), "invalid name"},
     {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_NULL_ARGUMENT),
     "invalid null argument"},
-    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_NULL_NAME),
-    "invalid null name"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_EMPTY_NAME),
+    "invalid empty name"},
     {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_NULL_VALUE),
     "invalid null value"},
     {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_NUMBER), "invalid number"},
diff --git a/crypto/x509/x509_local.h b/crypto/x509/x509_local.h
index e944d16afe..6a2137129c 100644
--- a/crypto/x509/x509_local.h
+++ b/crypto/x509/x509_local.h
@@ -9,6 +9,9 @@
 
 #include "internal/refcount.h"
 
+#define X509V3_conf_add_error_name_value(val) \
+    ERR_add_error_data(4, "name=", (val)->name, ", value=", (val)->value)
+
 /*
  * This structure holds all parameters associated with a verify operation by
  * including an X509_VERIFY_PARAM structure in related structures the
diff --git a/include/openssl/objectserr.h b/include/openssl/objectserr.h
index 3cac9a7327..f1de77945b 100644
--- a/include/openssl/objectserr.h
+++ b/include/openssl/objectserr.h
@@ -8,8 +8,8 @@
  * https://www.openssl.org/source/license.html
  */
 
-#ifndef OPENSSL_OBJECTSERR_H
-# define OPENSSL_OBJECTSERR_H
+#ifndef OPENSSL_OBJERR_H
+# define OPENSSL_OBJERR_H
 # pragma once
 
 # include <openssl/opensslconf.h>
@@ -41,5 +41,6 @@ int ERR_load_OBJ_strings(void);
  */
 # define OBJ_R_OID_EXISTS                                 102
 # define OBJ_R_UNKNOWN_NID                                101
+# define OBJ_R_UNKNOWN_OBJECT_NAME                        103
 
 #endif
diff --git a/include/openssl/x509v3err.h b/include/openssl/x509v3err.h
index eb3593fa20..d7aa5da6ac 100644
--- a/include/openssl/x509v3err.h
+++ b/include/openssl/x509v3err.h
@@ -127,7 +127,7 @@ int ERR_load_X509V3_strings(void);
 # define X509V3_R_INVALID_MULTIPLE_RDNS                   161
 # define X509V3_R_INVALID_NAME                            106
 # define X509V3_R_INVALID_NULL_ARGUMENT                   107
-# define X509V3_R_INVALID_NULL_NAME                       108
+# define X509V3_R_INVALID_EMPTY_NAME                      108
 # define X509V3_R_INVALID_NULL_VALUE                      109
 # define X509V3_R_INVALID_NUMBER                          140
 # define X509V3_R_INVALID_NUMBERS                         141

From levitte at openssl.org  Tue Aug  4 08:20:40 2020
From: levitte at openssl.org (Richard Levitte)
Date: Tue, 04 Aug 2020 08:20:40 +0000
Subject: [openssl]  master update
Message-ID: <1596529240.177985.6488.nullmailer@dev.openssl.org>

The branch master has been updated
       via  4c525cb5b6bbc85de592cb7bf623676a914b8dae (commit)
      from  aff8c0a411824f29687a54a3aa82f7e770faff48 (commit)


- Log -----------------------------------------------------------------
commit 4c525cb5b6bbc85de592cb7bf623676a914b8dae
Author: Richard Levitte <levitte at openssl.org>
Date:   Mon Aug 3 07:22:37 2020 +0200

    DESERIALIZER: Fix EVP_PKEY construction by export
    
    When the keymgmt provider and the deserializer provider differ,
    deserialization uses the deserializer export function instead of the
    keymgmt load, with a selection of what parts should be exported.  That
    selection was set to OSSL_KEYMGMT_SELECT_ALL_PARAMETERS when it should
    have been OSSL_KEYMGMT_SELECT_ALL.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12571)

-----------------------------------------------------------------------

Summary of changes:
 crypto/serializer/deserializer_pkey.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/crypto/serializer/deserializer_pkey.c b/crypto/serializer/deserializer_pkey.c
index e5e8bfda6f..44e7eb56ee 100644
--- a/crypto/serializer/deserializer_pkey.c
+++ b/crypto/serializer/deserializer_pkey.c
@@ -181,7 +181,7 @@ static int deser_construct_EVP_PKEY(OSSL_DESERIALIZER_INSTANCE *deser_inst,
                 OSSL_DESERIALIZER_provider(deser);
 
             /*
-             * If the EVP_KEYMGMT and the OSSL_DDESERIALIZER are from the
+             * If the EVP_KEYMGMT and the OSSL_DESERIALIZER are from the
              * same provider, we assume that the KEYMGMT has a key loading
              * function that can handle the provider reference we hold.
              *
@@ -195,7 +195,7 @@ static int deser_construct_EVP_PKEY(OSSL_DESERIALIZER_INSTANCE *deser_inst,
 
                 import_data.keymgmt = keymgmt;
                 import_data.keydata = NULL;
-                import_data.selection = OSSL_KEYMGMT_SELECT_ALL_PARAMETERS;
+                import_data.selection = OSSL_KEYMGMT_SELECT_ALL;
 
                 /*
                  * No need to check for errors here, the value of

From builds at travis-ci.com  Tue Aug  4 08:53:14 2020
From: builds at travis-ci.com (Travis CI)
Date: Tue, 04 Aug 2020 08:53:14 +0000
Subject: Still Failing: openssl/openssl#36473 (master - aff8c0a)
In-Reply-To: <openssl/openssl+178366010+still failing@travis-ci.com>
Message-ID: <5f2921fa57b0f_13fd1f81d383c10698b@travis-pro-tasks-5c6c6d687f-xz5h6.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36473
Status: Still Failing

Duration: 1 hr, 19 mins, and 58 secs
Commit: aff8c0a (master)
Author: Dr. David von Oheimb
Message: Fix error message on setting cert validity period in apps/cmp.c

Fixes #12268

Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12296)

View the changeset: https://github.com/openssl/openssl/compare/b5b6669fb637...aff8c0a41182

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178366010?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200804/17ec043b/attachment.html>

From dev at ddvo.net  Tue Aug  4 10:12:32 2020
From: dev at ddvo.net (dev at ddvo.net)
Date: Tue, 04 Aug 2020 10:12:32 +0000
Subject: [openssl]  master update
Message-ID: <1596535952.865330.32040.nullmailer@dev.openssl.org>

The branch master has been updated
       via  ebc1e8fc4ec2888fdb99d487c064d8ef586f3ee3 (commit)
      from  4c525cb5b6bbc85de592cb7bf623676a914b8dae (commit)


- Log -----------------------------------------------------------------
commit ebc1e8fc4ec2888fdb99d487c064d8ef586f3ee3
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Sat Jul 25 13:47:04 2020 +0200

    openssl-cmp.pod.in: Update and extend example using Insta Demo CA
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12534)

-----------------------------------------------------------------------

Summary of changes:
 .../insta.ca.crt                                       | Bin 1169 -> 916 bytes
 doc/man1/openssl-cmp.pod.in                            |   6 ++++++
 2 files changed, 6 insertions(+)
 copy fuzz/corpora/cmp/ab6a410b82656ea3d967dbcf91b4269ada98a4a6 => apps/insta.ca.crt (69%)

diff --git a/fuzz/corpora/cmp/ab6a410b82656ea3d967dbcf91b4269ada98a4a6 b/apps/insta.ca.crt
similarity index 69%
copy from fuzz/corpora/cmp/ab6a410b82656ea3d967dbcf91b4269ada98a4a6
copy to apps/insta.ca.crt
index 6eaf335124..6aea6d4f97 100644
Binary files a/fuzz/corpora/cmp/ab6a410b82656ea3d967dbcf91b4269ada98a4a6 and b/apps/insta.ca.crt differ
diff --git a/doc/man1/openssl-cmp.pod.in b/doc/man1/openssl-cmp.pod.in
index 45355cbdb3..8d3e686b55 100644
--- a/doc/man1/openssl-cmp.pod.in
+++ b/doc/man1/openssl-cmp.pod.in
@@ -991,8 +991,10 @@ to issue the following shell commands.
 
   cd /path/to/openssl
   export OPENSSL_CONF=openssl.cnf
+=begin comment
   wget 'http://pki.certificate.fi:8080/install-ca-cert.html/ca-certificate.crt\
         ?ca-id=632&download-certificate=1' -O insta.ca.crt
+=end comment
   openssl genrsa -out insta.priv.pem
   openssl cmp -section insta
 
@@ -1048,7 +1050,11 @@ or
 
 Many more options can be used in the configuration file
 and/or on the command line.
+For instance, the B<-reqexts> CLI option may refer to a section in the
+configuration file defining X.509 extensions to use in certificate requests,
+such as B<v3_req> in F<openssl/apps/openssl.cnf>:
 
+  openssl cmp -section insta,cr -reqexts v3_req
 
 =head2 Certificate enrollment
 

From builds at travis-ci.com  Tue Aug  4 10:42:08 2020
From: builds at travis-ci.com (Travis CI)
Date: Tue, 04 Aug 2020 10:42:08 +0000
Subject: Still Failing: openssl/openssl#36475 (master - 4c525cb)
In-Reply-To: <openssl/openssl+178372736+still failing@travis-ci.com>
Message-ID: <5f293b803cd34_13fe628ade924199656@travis-pro-tasks-5c6c6d687f-g2stb.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36475
Status: Still Failing

Duration: 56 mins and 45 secs
Commit: 4c525cb (master)
Author: Richard Levitte
Message: DESERIALIZER: Fix EVP_PKEY construction by export

When the keymgmt provider and the deserializer provider differ,
deserialization uses the deserializer export function instead of the
keymgmt load, with a selection of what parts should be exported.  That
selection was set to OSSL_KEYMGMT_SELECT_ALL_PARAMETERS when it should
have been OSSL_KEYMGMT_SELECT_ALL.

Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12571)

View the changeset: https://github.com/openssl/openssl/compare/aff8c0a41182...4c525cb5b6bb

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178372736?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200804/f529bae3/attachment.html>

From openssl at openssl.org  Tue Aug  4 10:54:09 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 04 Aug 2020 10:54:09 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-sock
Message-ID: <1596538449.577760.4541.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-sock

Commit log since last time:

0f9fdefeb0 Fix an ENGINE leak in asn1_item_digest_with_libctx
790a1b030a DESERIALIZER: Small bugfix in the deser_process()
1dbf453773 DESERIALIZER: Make OSSL_DESERIALIZER_from_{bio,fp} use BIO_tell() / BIO_seek()
3c033c5bfe DESERIALIZER: Refactor the constructor setting API
319d0b2be9 TEST: Add testutil tests to compare unterminated strings of different lengths
7c664b1f1b DESERIALIZER: Add deserializers for the rest of our asymmetric key types
3ff8159a8a DESERIALIZER: Make it possible to deserialize public keys too
4701f0a9a0 DESERIALIZER: Rethink password handling
a6495479ad RSA: Better synchronisation between ASN1 PSS params and RSA_PSS_PARAMS_30
6c6b20d591 DER writer: Make context-specific tags constructed (i.e. explicit)
86b5ab58aa PROV: Fix small logic error in ec_kmgmt.c matching function
1202de4481 Add OSSL_CMP_MSG_write(), use it in apps/cmp.c
fafa56a14f Export ossl_cmp_msg_load() as OSSL_CMP_MSG_read(), use it in apps/cmp.c
87d20a9651 apps/cmp.c: Improve documentation of -recipient option
a3f15e237c deserialisation: add deserialisation to the base provider
dfc0857d81 serialisation: Add a built-in base provider.
aa97970c1a unify spelling of serialize
adf3f83e52 Fix test_cmp_cli for extended tests
b8ea8d3912 Don't fallback to legacy in DigestSignInit/DigestVerifyInit too easily
593d6554f8 Export crm_new() of cmp_msg.c under the name OSSL_CMP_CTX_setup_CRM()
299e0f1eae Streamline the CMP request session API, adding the generalized OSSL_CMP_exec_certreq()

Build log ended with (last 100 lines):

rm -f doc/html/man1/CA.pl.html doc/html/man1/openssl-asn1parse.html doc/html/man1/openssl-ca.html doc/html/man1/openssl-ciphers.html doc/html/man1/openssl-cmds.html doc/html/man1/openssl-cmp.html doc/html/man1/openssl-cms.html doc/html/man1/openssl-crl.html doc/html/man1/openssl-crl2pkcs7.html doc/html/man1/openssl-dgst.html doc/html/man1/openssl-dhparam.html doc/html/man1/openssl-dsa.html doc/html/man1/openssl-dsaparam.html doc/html/man1/openssl-ec.html doc/html/man1/openssl-ecparam.html doc/html/man1/openssl-enc.html doc/html/man1/openssl-engine.html doc/html/man1/openssl-errstr.html doc/html/man1/openssl-fipsinstall.html doc/html/man1/openssl-gendsa.html doc/html/man1/openssl-genpkey.html doc/html/man1/openssl-genrsa.html doc/html/man1/openssl-info.html doc/html/man1/openssl-kdf.html doc/html/man1/openssl-list.html doc/html/man1/openssl-mac.html doc/html/man1/openssl-nseq.html doc/html/man1/openssl-ocsp.html doc/html/man1/openssl-passwd.html doc/html/man1/openssl-pkcs12.html doc/html/man1/openssl-pkcs7.html doc/html/man1/openssl-pkcs8.html doc/html/man1/openssl-pkey.html doc/html/man1/openssl-pkeyparam.html doc/html/man1/openssl-pkeyutl.html doc/html/man1/openssl-prime.html doc/html/man1/openssl-provider.html doc/html/man1/openssl-rand.html doc/html/man1/openssl-rehash.html doc/html/man1/openssl-req.html doc/html/man1/openssl-rsa.html doc/html/man1/openssl-rsautl.html doc/html/man1/openssl-s_client.html doc/html/man1/openssl-s_server.html doc/html/man1/openssl-s_time.html doc/html/man1/openssl-sess_id.html doc/html/man1/openssl-smime.html doc/html/man1/openssl-speed.html doc/html/man1/openssl-spkac.html doc/html/man1/openssl-srp.html doc/html/man1/openssl-storeutl.html doc/html/man1/openssl-ts.html doc/html/man1/openssl-verify.html doc/html/man1/openssl-version.html doc/html/man1/openssl-x509.html doc/html/man1/openssl.html doc/html/man1/tsget.html doc/html/man3/ADMISSIONS.html doc/html/man3/ASN1_INTEGER_get_int64.html doc/html/man3/ASN1_INTEGER_new.html doc/html/man3/ASN1_ITEM_lookup.html doc/html/man3/ASN1_OBJECT_new.html doc/html/man3/ASN1_STRING_TABLE_add.html doc/html/man3/ASN1_STRING_length.html doc/html/man3/ASN1_STRING_new.html doc/html/man3/ASN1_STRING_print_ex.html doc/html/man3/ASN1_TIME_set.html doc/html/man3/ASN1_TYPE_get.html doc/html/man3/ASN1_generate_nconf.html doc/html/man3/ASYNC_WAIT_CTX_new.html doc/html/man3/ASYNC_start_job.html doc/html/man3/BF_encrypt.html doc/html/man3/BIO_ADDR.html doc/html/man3/BIO_ADDRINFO.html doc/html/man3/BIO_connect.html doc/html/man3/BIO_ctrl.html doc/html/man3/BIO_f_base64.html doc/html/man3/BIO_f_buffer.html doc/html/man3/BIO_f_cipher.html doc/html/man3/BIO_f_md.html doc/html/man3/BIO_f_null.html doc/html/man3/BIO_f_prefix.html doc/html/man3/BIO_f_ssl.html doc/html/man3/BIO_find_type.html doc/html/man3/BIO_get_data.html doc/html/man3/BIO_get_ex_new_index.html doc/html/man3/BIO_meth_new.html doc/html/man3/BIO_new.html doc/html/man3/BIO_new_CMS.html doc/html/man3/BIO_parse_hostserv.html doc/html/man3/BIO_printf.html doc/html/man3/BIO_push.html doc/html/man3/BIO_read.html doc/html/man3/BIO_s_accept.html doc/html/man3/BIO_s_bio.html doc/html/man3/BIO_s_connect.html doc/html/man3/BIO_s_fd.html doc/html/man3/BIO_s_file.html doc/html/man3/BIO_s_mem.html doc/html/man3/BIO_s_null.html doc/html/man3/BIO_s_socket.html doc/html/man3/BIO_set_callback.html doc/html/man3/BIO_should_retry.html doc/html/man3/BIO_socket_wait.html doc/html/man3/BN_BLINDING_new.html doc/html/man3/BN_CTX_new.html doc/html/man3/BN_CTX_start.html doc/html/man3/BN_add.html doc/html/man3/BN_add_word.html doc/html/man3/BN_bn2bin.html doc/html/man3/BN_cmp.html doc/html/man3/BN_copy.html doc/html/man3/BN_generate_prime.html doc/html/man3/BN_mod_inverse.html doc/html/man3/BN_mod_mul_montgomery.html doc/html/man3/BN_mod_mul_reciprocal.html doc/html/man3/BN_new.html doc/html/man3/BN_num_bytes.html doc/html/man3/BN_rand.html doc/html/man3/BN_security_bits.html doc/html/man3/BN_set_bit.html doc/html/man3/BN_swap.html doc/html/man3/BN_zero.html doc/html/man3/BUF_MEM_new.html doc/html/man3/CMS_EnvelopedData_create.html doc/html/man3/CMS_add0_cert.html doc/html/man3/CMS_add1_recipient_cert.html doc/html/man3/CMS_add1_signer.html doc/html/man3/CMS_compress.html doc/html/man3/CMS_decrypt.html doc/html/man3/CMS_encrypt.html doc/html/man3/CMS_final.html doc/html/man3/CMS_get0_RecipientInfos.html doc/html/man3/CMS_get0_SignerInfos.html doc/html/man3/CMS_get0_type.html doc/html/man3/CMS_get1_ReceiptRequest.html doc/html/man3/CMS_sign.html doc/html/man3/CMS_sign_receipt.html doc/html/man3/CMS_uncompress.html doc/html/man3/CMS_verify.html doc/html/man3/CMS_verify_receipt.html doc/html/man3/CONF_modules_free.html doc/html/man3/CONF_modules_load_file.html doc/html/man3/CRYPTO_THREAD_run_once.html doc/html/man3/CRYPTO_get_ex_new_index.html doc/html/man3/CRYPTO_memcmp.html doc/html/man3/CTLOG_STORE_get0_log_by_id.html doc/html/man3/CTLOG_STORE_new.html doc/html/man3/CTLOG_new.html doc/html/man3/CT_POLICY_EVAL_CTX_new.html doc/html/man3/DEFINE_STACK_OF.html doc/html/man3/DES_random_key.html doc/html/man3/DH_generate_key.html doc/html/man3/DH_generate_parameters.html doc/html/man3/DH_get0_pqg.html doc/html/man3/DH_get_1024_160.html doc/html/man3/DH_meth_new.html doc/html/man3/DH_new.html doc/html/man3/DH_new_by_nid.html doc/html/man3/DH_set_method.html doc/html/man3/DH_size.html doc/html/man3/DSA_SIG_new.html doc/html/man3/DSA_do_sign.html doc/html/man3/DSA_dup_DH.html doc/html/man3/DSA_generate_key.html doc/html/man3/DSA_generate_parameters.html doc/html/man3/DSA_get0_pqg.html doc/html/man3/DSA_meth_new.html doc/html/man3/DSA_new.html doc/html/man3/DSA_set_method.html doc/html/man3/DSA_sign.html doc/html/man3/DSA_size.html doc/html/man3/DTLS_get_data_mtu.html doc/html/man3/DTLS_set_timer_cb.html doc/html/man3/DTLSv1_listen.html doc/html/man3/ECDSA_SIG_new.html doc/html/man3/ECPKParameters_print.html doc/html/man3/EC_GFp_simple_method.html doc/html/man3/EC_GROUP_copy.html doc/html/man3/EC_GROUP_new.html doc/html/man3/EC_KEY_get_enc_flags.html doc/html/man3/EC_KEY_new.html doc/html/man3/EC_POINT_add.html doc/html/man3/EC_POINT_new.html doc/html/man3/ENGINE_add.html doc/html/man3/ERR_GET_LIB.html doc/html/man3/ERR_clear_error.html doc/html/man3/ERR_error_string.html doc/html/man3/ERR_get_error.html doc/html/man3/ERR_load_crypto_strings.html doc/html/man3/ERR_load_strings.html doc/html/man3/ERR_new.html doc/html/man3/ERR_print_errors.html doc/html/man3/ERR_put_error.html doc/html/man3/ERR_remove_state.html doc/html/man3/ERR_set_mark.html doc/html/man3/EVP_ASYM_CIPHER_free.html doc/html/man3/EVP_BytesToKey.html doc/html/man3/EVP_CIPHER_CTX_get_cipher_data.html doc/html/man3/EVP_CIPHER_meth_new.html doc/html/man3/EVP_DigestInit.html doc/html/man3/EVP_DigestSignInit.html doc/html/man3/EVP_DigestVerifyInit.html doc/html/man3/EVP_EncodeInit.html doc/html/man3/EVP_EncryptInit.html doc/html/man3/EVP_KDF.html doc/html/man3/EVP_KEYEXCH_free.html doc/html/man3/EVP_KEYMGMT.html doc/html/man3/EVP_MAC.html doc/html/man3/EVP_MD_meth_new.html doc/html/man3/EVP_OpenInit.html doc/html/man3/EVP_PKEY_ASN1_METHOD.html doc/html/man3/EVP_PKEY_CTX_ctrl.html doc/html/man3/EVP_PKEY_CTX_new.html doc/html/man3/EVP_PKEY_CTX_set1_pbe_pass.html doc/html/man3/EVP_PKEY_CTX_set_hkdf_md.html doc/html/man3/EVP_PKEY_CTX_set_params.html doc/html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.html doc/html/man3/EVP_PKEY_CTX_set_scrypt_N.html doc/html/man3/EVP_PKEY_CTX_set_tls1_prf_md.html doc/html/man3/EVP_PKEY_asn1_get_count.html doc/html/man3/EVP_PKEY_check.html doc/html/man3/EVP_PKEY_copy_parameters.html doc/html/man3/EVP_PKEY_decrypt.html doc/html/man3/EVP_PKEY_derive.html doc/html/man3/EVP_PKEY_encrypt.html doc/html/man3/EVP_PKEY_fromdata.html doc/html/man3/EVP_PKEY_gen.html doc/html/man3/EVP_PKEY_get_default_digest_nid.html doc/html/man3/EVP_PKEY_gettable_params.html doc/html/man3/EVP_PKEY_is_a.html doc/html/man3/EVP_PKEY_meth_get_count.html doc/html/man3/EVP_PKEY_meth_new.html doc/html/man3/EVP_PKEY_new.html doc/html/man3/EVP_PKEY_print_private.html doc/html/man3/EVP_PKEY_set1_RSA.html doc/html/man3/EVP_PKEY_set_type.html doc/html/man3/EVP_PKEY_sign.html doc/html/man3/EVP_PKEY_size.html doc/html/man3/EVP_PKEY_supports_digest_nid.html doc/html/man3/EVP_PKEY_verify.html doc/html/man3/EVP_PKEY_verify_recover.html doc/html/man3/EVP_RAND.html doc/html/man3/EVP_SIGNATURE_free.html doc/html/man3/EVP_SealInit.html doc/html/man3/EVP_SignInit.html doc/html/man3/EVP_VerifyInit.html doc/html/man3/EVP_aes_128_gcm.html doc/html/man3/EVP_aria_128_gcm.html doc/html/man3/EVP_bf_cbc.html doc/html/man3/EVP_blake2b512.html doc/html/man3/EVP_camellia_128_ecb.html doc/html/man3/EVP_cast5_cbc.html doc/html/man3/EVP_chacha20.html doc/html/man3/EVP_des_cbc.html doc/html/man3/EVP_desx_cbc.html doc/html/man3/EVP_idea_cbc.html doc/html/man3/EVP_md2.html doc/html/man3/EVP_md4.html doc/html/man3/EVP_md5.html doc/html/man3/EVP_mdc2.html doc/html/man3/EVP_rc2_cbc.html doc/html/man3/EVP_rc4.html doc/html/man3/EVP_rc5_32_12_16_cbc.html doc/html/man3/EVP_ripemd160.html doc/html/man3/EVP_seed_cbc.html doc/html/man3/EVP_set_default_properties.html doc/html/man3/EVP_sha1.html doc/html/man3/EVP_sha224.html doc/html/man3/EVP_sha3_224.html doc/html/man3/EVP_sm3.html doc/html/man3/EVP_sm4_cbc.html doc/html/man3/EVP_whirlpool.html doc/html/man3/HMAC.html doc/html/man3/MD5.html doc/html/man3/MDC2_Init.html doc/html/man3/NCONF_new_with_libctx.html doc/html/man3/OBJ_nid2obj.html doc/html/man3/OCSP_REQUEST_new.html doc/html/man3/OCSP_cert_to_id.html doc/html/man3/OCSP_request_add1_nonce.html doc/html/man3/OCSP_resp_find_status.html doc/html/man3/OCSP_response_status.html doc/html/man3/OCSP_sendreq_new.html doc/html/man3/OPENSSL_Applink.html doc/html/man3/OPENSSL_CTX.html doc/html/man3/OPENSSL_FILE.html doc/html/man3/OPENSSL_LH_COMPFUNC.html doc/html/man3/OPENSSL_LH_stats.html doc/html/man3/OPENSSL_config.html doc/html/man3/OPENSSL_fork_prepare.html doc/html/man3/OPENSSL_hexchar2int.html doc/html/man3/OPENSSL_ia32cap.html doc/html/man3/OPENSSL_init_crypto.html doc/html/man3/OPENSSL_init_ssl.html doc/html/man3/OPENSSL_instrument_bus.html doc/html/man3/OPENSSL_load_builtin_modules.html doc/html/man3/OPENSSL_malloc.html doc/html/man3/OPENSSL_s390xcap.html doc/html/man3/OPENSSL_secure_malloc.html doc/html/man3/OSSL_CMP_CTX_new.html doc/html/man3/OSSL_CMP_HDR_get0_transactionID.html doc/html/man3/OSSL_CMP_ITAV_set0.html doc/html/man3/OSSL_CMP_MSG_get0_header.html doc/html/man3/OSSL_CMP_MSG_http_perform.html doc/html/man3/OSSL_CMP_SRV_CTX_new.html doc/html/man3/OSSL_CMP_STATUSINFO_new.html doc/html/man3/OSSL_CMP_exec_certreq.html doc/html/man3/OSSL_CMP_log_open.html doc/html/man3/OSSL_CMP_validate_msg.html doc/html/man3/OSSL_CRMF_MSG_get0_tmpl.html doc/html/man3/OSSL_CRMF_MSG_set0_validity.html doc/html/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.html doc/html/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.html doc/html/man3/OSSL_CRMF_pbmp_new.html doc/html/man3/OSSL_DESERIALIZER.html doc/html/man3/OSSL_DESERIALIZER_CTX.html doc/html/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.html doc/html/man3/OSSL_DESERIALIZER_from_bio.html doc/html/man3/OSSL_HTTP_transfer.html doc/html/man3/OSSL_PARAM.html doc/html/man3/OSSL_PARAM_BLD.html doc/html/man3/OSSL_PARAM_allocate_from_text.html doc/html/man3/OSSL_PARAM_int.html doc/html/man3/OSSL_PROVIDER.html doc/html/man3/OSSL_SELF_TEST_new.html doc/html/man3/OSSL_SELF_TEST_set_callback.html doc/html/man3/OSSL_SERIALIZER.html doc/html/man3/OSSL_SERIALIZER_CTX.html doc/html/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.html doc/html/man3/OSSL_SERIALIZER_to_bio.html doc/html/man3/OSSL_STORE_INFO.html doc/html/man3/OSSL_STORE_LOADER.html doc/html/man3/OSSL_STORE_SEARCH.html doc/html/man3/OSSL_STORE_attach.html doc/html/man3/OSSL_STORE_expect.html doc/html/man3/OSSL_STORE_open.html doc/html/man3/OSSL_trace_enabled.html doc/html/man3/OSSL_trace_get_category_num.html doc/html/man3/OSSL_trace_set_channel.html doc/html/man3/OpenSSL_add_all_algorithms.html doc/html/man3/OpenSSL_version.html doc/html/man3/PEM_X509_INFO_read_bio_with_libctx.html doc/html/man3/PEM_bytes_read_bio.html doc/html/man3/PEM_read.html doc/html/man3/PEM_read_CMS.html doc/html/man3/PEM_read_bio_PrivateKey.html doc/html/man3/PEM_read_bio_ex.html doc/html/man3/PEM_write_bio_CMS_stream.html doc/html/man3/PEM_write_bio_PKCS7_stream.html doc/html/man3/PKCS12_SAFEBAG_get0_attrs.html doc/html/man3/PKCS12_add_CSPName_asc.html doc/html/man3/PKCS12_add_friendlyname_asc.html doc/html/man3/PKCS12_add_localkeyid.html doc/html/man3/PKCS12_create.html doc/html/man3/PKCS12_get_friendlyname.html doc/html/man3/PKCS12_newpass.html doc/html/man3/PKCS12_parse.html doc/html/man3/PKCS5_PBKDF2_HMAC.html doc/html/man3/PKCS7_decrypt.html doc/html/man3/PKCS7_encrypt.html doc/html/man3/PKCS7_sign.html doc/html/man3/PKCS7_sign_add_signer.html doc/html/man3/PKCS7_verify.html doc/html/man3/PKCS8_pkey_add1_attr.html doc/html/man3/RAND_DRBG_generate.html doc/html/man3/RAND_DRBG_get0_public.html doc/html/man3/RAND_DRBG_new.html doc/html/man3/RAND_DRBG_reseed.html doc/html/man3/RAND_DRBG_set_callbacks.html doc/html/man3/RAND_add.html doc/html/man3/RAND_bytes.html doc/html/man3/RAND_cleanup.html doc/html/man3/RAND_egd.html doc/html/man3/RAND_load_file.html doc/html/man3/RAND_set_rand_method.html doc/html/man3/RC4_set_key.html doc/html/man3/RIPEMD160_Init.html doc/html/man3/RSA_blinding_on.html doc/html/man3/RSA_check_key.html doc/html/man3/RSA_generate_key.html doc/html/man3/RSA_get0_key.html doc/html/man3/RSA_meth_new.html doc/html/man3/RSA_new.html doc/html/man3/RSA_padding_add_PKCS1_type_1.html doc/html/man3/RSA_print.html doc/html/man3/RSA_private_encrypt.html doc/html/man3/RSA_public_encrypt.html doc/html/man3/RSA_set_method.html doc/html/man3/RSA_sign.html doc/html/man3/RSA_sign_ASN1_OCTET_STRING.html doc/html/man3/RSA_size.html doc/html/man3/SCT_new.html doc/html/man3/SCT_print.html doc/html/man3/SCT_validate.html doc/html/man3/SHA256_Init.html doc/html/man3/SMIME_read_CMS.html doc/html/man3/SMIME_read_PKCS7.html doc/html/man3/SMIME_write_CMS.html doc/html/man3/SMIME_write_PKCS7.html doc/html/man3/SRP_Calc_B.html doc/html/man3/SRP_VBASE_new.html doc/html/man3/SRP_create_verifier.html doc/html/man3/SRP_user_pwd_new.html doc/html/man3/SSL_CIPHER_get_name.html doc/html/man3/SSL_COMP_add_compression_method.html doc/html/man3/SSL_CONF_CTX_new.html doc/html/man3/SSL_CONF_CTX_set1_prefix.html doc/html/man3/SSL_CONF_CTX_set_flags.html doc/html/man3/SSL_CONF_CTX_set_ssl_ctx.html doc/html/man3/SSL_CONF_cmd.html doc/html/man3/SSL_CONF_cmd_argv.html doc/html/man3/SSL_CTX_add1_chain_cert.html doc/html/man3/SSL_CTX_add_extra_chain_cert.html doc/html/man3/SSL_CTX_add_session.html doc/html/man3/SSL_CTX_config.html doc/html/man3/SSL_CTX_ctrl.html doc/html/man3/SSL_CTX_dane_enable.html doc/html/man3/SSL_CTX_flush_sessions.html doc/html/man3/SSL_CTX_free.html doc/html/man3/SSL_CTX_get0_param.html doc/html/man3/SSL_CTX_get_verify_mode.html doc/html/man3/SSL_CTX_has_client_custom_ext.html doc/html/man3/SSL_CTX_load_verify_locations.html doc/html/man3/SSL_CTX_new.html doc/html/man3/SSL_CTX_sess_number.html doc/html/man3/SSL_CTX_sess_set_cache_size.html doc/html/man3/SSL_CTX_sess_set_get_cb.html doc/html/man3/SSL_CTX_sessions.html doc/html/man3/SSL_CTX_set0_CA_list.html doc/html/man3/SSL_CTX_set1_curves.html doc/html/man3/SSL_CTX_set1_sigalgs.html doc/html/man3/SSL_CTX_set1_verify_cert_store.html doc/html/man3/SSL_CTX_set_alpn_select_cb.html doc/html/man3/SSL_CTX_set_cert_cb.html doc/html/man3/SSL_CTX_set_cert_store.html doc/html/man3/SSL_CTX_set_cert_verify_callback.html doc/html/man3/SSL_CTX_set_cipher_list.html doc/html/man3/SSL_CTX_set_client_cert_cb.html doc/html/man3/SSL_CTX_set_client_hello_cb.html doc/html/man3/SSL_CTX_set_ct_validation_callback.html doc/html/man3/SSL_CTX_set_ctlog_list_file.html doc/html/man3/SSL_CTX_set_default_passwd_cb.html doc/html/man3/SSL_CTX_set_generate_session_id.html doc/html/man3/SSL_CTX_set_info_callback.html doc/html/man3/SSL_CTX_set_keylog_callback.html doc/html/man3/SSL_CTX_set_max_cert_list.html doc/html/man3/SSL_CTX_set_min_proto_version.html doc/html/man3/SSL_CTX_set_mode.html doc/html/man3/SSL_CTX_set_msg_callback.html doc/html/man3/SSL_CTX_set_num_tickets.html doc/html/man3/SSL_CTX_set_options.html doc/html/man3/SSL_CTX_set_psk_client_callback.html doc/html/man3/SSL_CTX_set_quiet_shutdown.html doc/html/man3/SSL_CTX_set_read_ahead.html doc/html/man3/SSL_CTX_set_record_padding_callback.html doc/html/man3/SSL_CTX_set_security_level.html doc/html/man3/SSL_CTX_set_session_cache_mode.html doc/html/man3/SSL_CTX_set_session_id_context.html doc/html/man3/SSL_CTX_set_session_ticket_cb.html doc/html/man3/SSL_CTX_set_split_send_fragment.html doc/html/man3/SSL_CTX_set_srp_password.html doc/html/man3/SSL_CTX_set_ssl_version.html doc/html/man3/SSL_CTX_set_stateless_cookie_generate_cb.html doc/html/man3/SSL_CTX_set_timeout.html doc/html/man3/SSL_CTX_set_tlsext_servername_callback.html doc/html/man3/SSL_CTX_set_tlsext_status_cb.html doc/html/man3/SSL_CTX_set_tlsext_ticket_key_cb.html doc/html/man3/SSL_CTX_set_tlsext_use_srtp.html doc/html/man3/SSL_CTX_set_tmp_dh_callback.html doc/html/man3/SSL_CTX_set_tmp_ecdh.html doc/html/man3/SSL_CTX_set_verify.html doc/html/man3/SSL_CTX_use_certificate.html doc/html/man3/SSL_CTX_use_psk_identity_hint.html doc/html/man3/SSL_CTX_use_serverinfo.html doc/html/man3/SSL_SESSION_free.html doc/html/man3/SSL_SESSION_get0_cipher.html doc/html/man3/SSL_SESSION_get0_hostname.html doc/html/man3/SSL_SESSION_get0_id_context.html doc/html/man3/SSL_SESSION_get0_peer.html doc/html/man3/SSL_SESSION_get_compress_id.html doc/html/man3/SSL_SESSION_get_protocol_version.html doc/html/man3/SSL_SESSION_get_time.html doc/html/man3/SSL_SESSION_has_ticket.html doc/html/man3/SSL_SESSION_is_resumable.html doc/html/man3/SSL_SESSION_print.html doc/html/man3/SSL_SESSION_set1_id.html doc/html/man3/SSL_accept.html doc/html/man3/SSL_alert_type_string.html doc/html/man3/SSL_alloc_buffers.html doc/html/man3/SSL_check_chain.html doc/html/man3/SSL_clear.html doc/html/man3/SSL_connect.html doc/html/man3/SSL_do_handshake.html doc/html/man3/SSL_export_keying_material.html doc/html/man3/SSL_extension_supported.html doc/html/man3/SSL_free.html doc/html/man3/SSL_get0_peer_scts.html doc/html/man3/SSL_get_SSL_CTX.html doc/html/man3/SSL_get_all_async_fds.html doc/html/man3/SSL_get_ciphers.html doc/html/man3/SSL_get_client_random.html doc/html/man3/SSL_get_current_cipher.html doc/html/man3/SSL_get_default_timeout.html doc/html/man3/SSL_get_error.html doc/html/man3/SSL_get_extms_support.html doc/html/man3/SSL_get_fd.html doc/html/man3/SSL_get_peer_cert_chain.html doc/html/man3/SSL_get_peer_certificate.html doc/html/man3/SSL_get_peer_signature_nid.html doc/html/man3/SSL_get_peer_tmp_key.html doc/html/man3/SSL_get_psk_identity.html doc/html/man3/SSL_get_rbio.html doc/html/man3/SSL_get_session.html doc/html/man3/SSL_get_shared_sigalgs.html doc/html/man3/SSL_get_verify_result.html doc/html/man3/SSL_get_version.html doc/html/man3/SSL_in_init.html doc/html/man3/SSL_key_update.html doc/html/man3/SSL_library_init.html doc/html/man3/SSL_load_client_CA_file.html doc/html/man3/SSL_new.html doc/html/man3/SSL_pending.html doc/html/man3/SSL_read.html doc/html/man3/SSL_read_early_data.html doc/html/man3/SSL_rstate_string.html doc/html/man3/SSL_session_reused.html doc/html/man3/SSL_set1_host.html doc/html/man3/SSL_set_async_callback.html doc/html/man3/SSL_set_bio.html doc/html/man3/SSL_set_connect_state.html doc/html/man3/SSL_set_fd.html doc/html/man3/SSL_set_session.html doc/html/man3/SSL_set_shutdown.html doc/html/man3/SSL_set_verify_result.html doc/html/man3/SSL_shutdown.html doc/html/man3/SSL_state_string.html doc/html/man3/SSL_want.html doc/html/man3/SSL_write.html doc/html/man3/TS_VERIFY_CTX_set_certs.html doc/html/man3/UI_STRING.html doc/html/man3/UI_UTIL_read_pw.html doc/html/man3/UI_create_method.html doc/html/man3/UI_new.html doc/html/man3/X509V3_get_d2i.html doc/html/man3/X509_ALGOR_dup.html doc/html/man3/X509_CRL_get0_by_serial.html doc/html/man3/X509_EXTENSION_set_object.html doc/html/man3/X509_LOOKUP.html doc/html/man3/X509_LOOKUP_hash_dir.html doc/html/man3/X509_LOOKUP_meth_new.html doc/html/man3/X509_NAME_ENTRY_get_object.html doc/html/man3/X509_NAME_add_entry_by_txt.html doc/html/man3/X509_NAME_get0_der.html doc/html/man3/X509_NAME_get_index_by_NID.html doc/html/man3/X509_NAME_print_ex.html doc/html/man3/X509_PUBKEY_new.html doc/html/man3/X509_SIG_get0.html doc/html/man3/X509_STORE_CTX_get_error.html doc/html/man3/X509_STORE_CTX_new.html doc/html/man3/X509_STORE_CTX_set_verify_cb.html doc/html/man3/X509_STORE_add_cert.html doc/html/man3/X509_STORE_get0_param.html doc/html/man3/X509_STORE_new.html doc/html/man3/X509_STORE_set_verify_cb_func.html doc/html/man3/X509_VERIFY_PARAM_set_flags.html doc/html/man3/X509_check_ca.html doc/html/man3/X509_check_host.html doc/html/man3/X509_check_issued.html doc/html/man3/X509_check_private_key.html doc/html/man3/X509_check_purpose.html doc/html/man3/X509_cmp.html doc/html/man3/X509_cmp_time.html doc/html/man3/X509_digest.html doc/html/man3/X509_dup.html doc/html/man3/X509_get0_distinguishing_id.html doc/html/man3/X509_get0_notBefore.html doc/html/man3/X509_get0_signature.html doc/html/man3/X509_get0_uids.html doc/html/man3/X509_get_extension_flags.html doc/html/man3/X509_get_pubkey.html doc/html/man3/X509_get_serialNumber.html doc/html/man3/X509_get_subject_name.html doc/html/man3/X509_get_version.html doc/html/man3/X509_load_http.html doc/html/man3/X509_new.html doc/html/man3/X509_sign.html doc/html/man3/X509_verify.html doc/html/man3/X509_verify_cert.html doc/html/man3/X509v3_get_ext_by_NID.html doc/html/man3/d2i_DHparams.html doc/html/man3/d2i_PKCS8PrivateKey_bio.html doc/html/man3/d2i_PrivateKey.html doc/html/man3/d2i_SSL_SESSION.html doc/html/man3/d2i_X509.html doc/html/man3/i2d_CMS_bio_stream.html doc/html/man3/i2d_PKCS7_bio_stream.html doc/html/man3/i2d_re_X509_tbs.html doc/html/man3/o2i_SCT_LIST.html doc/html/man3/s2i_ASN1_IA5STRING.html doc/html/man5/config.html doc/html/man5/fips_config.html doc/html/man5/x509v3_config.html doc/html/man7/EVP_KDF-HKDF.html doc/html/man7/EVP_KDF-KB.html doc/html/man7/EVP_KDF-KRB5KDF.html doc/html/man7/EVP_KDF-PBKDF2.html doc/html/man7/EVP_KDF-SCRYPT.html doc/html/man7/EVP_KDF-SS.html doc/html/man7/EVP_KDF-SSHKDF.html doc/html/man7/EVP_KDF-TLS1_PRF.html doc/html/man7/EVP_KDF-X942.html doc/html/man7/EVP_KDF-X963.html doc/html/man7/EVP_KEYEXCH-DH.html doc/html/man7/EVP_KEYEXCH-ECDH.html doc/html/man7/EVP_KEYEXCH-X25519.html doc/html/man7/EVP_MAC-BLAKE2.html doc/html/man7/EVP_MAC-CMAC.html doc/html/man7/EVP_MAC-GMAC.html doc/html/man7/EVP_MAC-HMAC.html doc/html/man7/EVP_MAC-KMAC.html doc/html/man7/EVP_MAC-Poly1305.html doc/html/man7/EVP_MAC-Siphash.html doc/html/man7/EVP_MD-BLAKE2.html doc/html/man7/EVP_MD-MD2.html doc/html/man7/EVP_MD-MD4.html doc/html/man7/EVP_MD-MD5-SHA1.html doc/html/man7/EVP_MD-MD5.html doc/html/man7/EVP_MD-MDC2.html doc/html/man7/EVP_MD-RIPEMD160.html doc/html/man7/EVP_MD-SHA1.html doc/html/man7/EVP_MD-SHA2.html doc/html/man7/EVP_MD-SHA3.html doc/html/man7/EVP_MD-SHAKE.html doc/html/man7/EVP_MD-SM3.html doc/html/man7/EVP_MD-WHIRLPOOL.html doc/html/man7/EVP_MD-common.html doc/html/man7/EVP_PKEY-DH.html doc/html/man7/EVP_PKEY-DSA.html doc/html/man7/EVP_PKEY-EC.html doc/html/man7/EVP_PKEY-FFC.html doc/html/man7/EVP_PKEY-RSA.html doc/html/man7/EVP_PKEY-X25519.html doc/html/man7/EVP_RAND-CTR-DRBG.html doc/html/man7/EVP_RAND-HASH-DRBG.html doc/html/man7/EVP_RAND-HMAC-DRBG.html doc/html/man7/EVP_RAND-TEST-RAND.html doc/html/man7/EVP_SIGNATURE-DSA.html doc/html/man7/EVP_SIGNATURE-ECDSA.html doc/html/man7/EVP_SIGNATURE-ED25519.html doc/html/man7/EVP_SIGNATURE-RSA.html doc/html/man7/OSSL_PROVIDER-FIPS.html doc/html/man7/OSSL_PROVIDER-base.html doc/html/man7/OSSL_PROVIDER-default.html doc/html/man7/OSSL_PROVIDER-legacy.html doc/html/man7/OSSL_PROVIDER-null.html doc/html/man7/RAND.html doc/html/man7/RAND_DRBG.html doc/html/man7/RSA-PSS.html doc/html/man7/SM2.html doc/html/man7/X25519.html doc/html/man7/bio.html doc/html/man7/crypto.html doc/html/man7/ct.html doc/html/man7/des_modes.html doc/html/man7/evp.html doc/html/man7/openssl-core.h.html doc/html/man7/openssl-core_dispatch.h.html doc/html/man7/openssl-core_names.h.html doc/html/man7/openssl-env.html doc/html/man7/openssl_user_macros.html doc/html/man7/ossl_store-file.html doc/html/man7/ossl_store.html doc/html/man7/passphrase-encoding.html doc/html/man7/property.html doc/html/man7/provider-asym_cipher.html doc/html/man7/provider-base.html doc/html/man7/provider-cipher.html doc/html/man7/provider-digest.html doc/html/man7/provider-keyexch.html doc/html/man7/provider-keymgmt.html doc/html/man7/provider-mac.html doc/html/man7/provider-rand.html doc/html/man7/provider-serializer.html doc/html/man7/provider-signature.html doc/html/man7/provider.html doc/html/man7/proxy-certificates.html doc/html/man7/ssl.html doc/html/man7/x509.html
rm -f doc/man/man1/CA.pl.1 doc/man/man1/openssl-asn1parse.1 doc/man/man1/openssl-ca.1 doc/man/man1/openssl-ciphers.1 doc/man/man1/openssl-cmds.1 doc/man/man1/openssl-cmp.1 doc/man/man1/openssl-cms.1 doc/man/man1/openssl-crl.1 doc/man/man1/openssl-crl2pkcs7.1 doc/man/man1/openssl-dgst.1 doc/man/man1/openssl-dhparam.1 doc/man/man1/openssl-dsa.1 doc/man/man1/openssl-dsaparam.1 doc/man/man1/openssl-ec.1 doc/man/man1/openssl-ecparam.1 doc/man/man1/openssl-enc.1 doc/man/man1/openssl-engine.1 doc/man/man1/openssl-errstr.1 doc/man/man1/openssl-fipsinstall.1 doc/man/man1/openssl-gendsa.1 doc/man/man1/openssl-genpkey.1 doc/man/man1/openssl-genrsa.1 doc/man/man1/openssl-info.1 doc/man/man1/openssl-kdf.1 doc/man/man1/openssl-list.1 doc/man/man1/openssl-mac.1 doc/man/man1/openssl-nseq.1 doc/man/man1/openssl-ocsp.1 doc/man/man1/openssl-passwd.1 doc/man/man1/openssl-pkcs12.1 doc/man/man1/openssl-pkcs7.1 doc/man/man1/openssl-pkcs8.1 doc/man/man1/openssl-pkey.1 doc/man/man1/openssl-pkeyparam.1 doc/man/man1/openssl-pkeyutl.1 doc/man/man1/openssl-prime.1 doc/man/man1/openssl-provider.1 doc/man/man1/openssl-rand.1 doc/man/man1/openssl-rehash.1 doc/man/man1/openssl-req.1 doc/man/man1/openssl-rsa.1 doc/man/man1/openssl-rsautl.1 doc/man/man1/openssl-s_client.1 doc/man/man1/openssl-s_server.1 doc/man/man1/openssl-s_time.1 doc/man/man1/openssl-sess_id.1 doc/man/man1/openssl-smime.1 doc/man/man1/openssl-speed.1 doc/man/man1/openssl-spkac.1 doc/man/man1/openssl-srp.1 doc/man/man1/openssl-storeutl.1 doc/man/man1/openssl-ts.1 doc/man/man1/openssl-verify.1 doc/man/man1/openssl-version.1 doc/man/man1/openssl-x509.1 doc/man/man1/openssl.1 doc/man/man1/tsget.1 doc/man/man3/ADMISSIONS.3 doc/man/man3/ASN1_INTEGER_get_int64.3 doc/man/man3/ASN1_INTEGER_new.3 doc/man/man3/ASN1_ITEM_lookup.3 doc/man/man3/ASN1_OBJECT_new.3 doc/man/man3/ASN1_STRING_TABLE_add.3 doc/man/man3/ASN1_STRING_length.3 doc/man/man3/ASN1_STRING_new.3 doc/man/man3/ASN1_STRING_print_ex.3 doc/man/man3/ASN1_TIME_set.3 doc/man/man3/ASN1_TYPE_get.3 doc/man/man3/ASN1_generate_nconf.3 doc/man/man3/ASYNC_WAIT_CTX_new.3 doc/man/man3/ASYNC_start_job.3 doc/man/man3/BF_encrypt.3 doc/man/man3/BIO_ADDR.3 doc/man/man3/BIO_ADDRINFO.3 doc/man/man3/BIO_connect.3 doc/man/man3/BIO_ctrl.3 doc/man/man3/BIO_f_base64.3 doc/man/man3/BIO_f_buffer.3 doc/man/man3/BIO_f_cipher.3 doc/man/man3/BIO_f_md.3 doc/man/man3/BIO_f_null.3 doc/man/man3/BIO_f_prefix.3 doc/man/man3/BIO_f_ssl.3 doc/man/man3/BIO_find_type.3 doc/man/man3/BIO_get_data.3 doc/man/man3/BIO_get_ex_new_index.3 doc/man/man3/BIO_meth_new.3 doc/man/man3/BIO_new.3 doc/man/man3/BIO_new_CMS.3 doc/man/man3/BIO_parse_hostserv.3 doc/man/man3/BIO_printf.3 doc/man/man3/BIO_push.3 doc/man/man3/BIO_read.3 doc/man/man3/BIO_s_accept.3 doc/man/man3/BIO_s_bio.3 doc/man/man3/BIO_s_connect.3 doc/man/man3/BIO_s_fd.3 doc/man/man3/BIO_s_file.3 doc/man/man3/BIO_s_mem.3 doc/man/man3/BIO_s_null.3 doc/man/man3/BIO_s_socket.3 doc/man/man3/BIO_set_callback.3 doc/man/man3/BIO_should_retry.3 doc/man/man3/BIO_socket_wait.3 doc/man/man3/BN_BLINDING_new.3 doc/man/man3/BN_CTX_new.3 doc/man/man3/BN_CTX_start.3 doc/man/man3/BN_add.3 doc/man/man3/BN_add_word.3 doc/man/man3/BN_bn2bin.3 doc/man/man3/BN_cmp.3 doc/man/man3/BN_copy.3 doc/man/man3/BN_generate_prime.3 doc/man/man3/BN_mod_inverse.3 doc/man/man3/BN_mod_mul_montgomery.3 doc/man/man3/BN_mod_mul_reciprocal.3 doc/man/man3/BN_new.3 doc/man/man3/BN_num_bytes.3 doc/man/man3/BN_rand.3 doc/man/man3/BN_security_bits.3 doc/man/man3/BN_set_bit.3 doc/man/man3/BN_swap.3 doc/man/man3/BN_zero.3 doc/man/man3/BUF_MEM_new.3 doc/man/man3/CMS_EnvelopedData_create.3 doc/man/man3/CMS_add0_cert.3 doc/man/man3/CMS_add1_recipient_cert.3 doc/man/man3/CMS_add1_signer.3 doc/man/man3/CMS_compress.3 doc/man/man3/CMS_decrypt.3 doc/man/man3/CMS_encrypt.3 doc/man/man3/CMS_final.3 doc/man/man3/CMS_get0_RecipientInfos.3 doc/man/man3/CMS_get0_SignerInfos.3 doc/man/man3/CMS_get0_type.3 doc/man/man3/CMS_get1_ReceiptRequest.3 doc/man/man3/CMS_sign.3 doc/man/man3/CMS_sign_receipt.3 doc/man/man3/CMS_uncompress.3 doc/man/man3/CMS_verify.3 doc/man/man3/CMS_verify_receipt.3 doc/man/man3/CONF_modules_free.3 doc/man/man3/CONF_modules_load_file.3 doc/man/man3/CRYPTO_THREAD_run_once.3 doc/man/man3/CRYPTO_get_ex_new_index.3 doc/man/man3/CRYPTO_memcmp.3 doc/man/man3/CTLOG_STORE_get0_log_by_id.3 doc/man/man3/CTLOG_STORE_new.3 doc/man/man3/CTLOG_new.3 doc/man/man3/CT_POLICY_EVAL_CTX_new.3 doc/man/man3/DEFINE_STACK_OF.3 doc/man/man3/DES_random_key.3 doc/man/man3/DH_generate_key.3 doc/man/man3/DH_generate_parameters.3 doc/man/man3/DH_get0_pqg.3 doc/man/man3/DH_get_1024_160.3 doc/man/man3/DH_meth_new.3 doc/man/man3/DH_new.3 doc/man/man3/DH_new_by_nid.3 doc/man/man3/DH_set_method.3 doc/man/man3/DH_size.3 doc/man/man3/DSA_SIG_new.3 doc/man/man3/DSA_do_sign.3 doc/man/man3/DSA_dup_DH.3 doc/man/man3/DSA_generate_key.3 doc/man/man3/DSA_generate_parameters.3 doc/man/man3/DSA_get0_pqg.3 doc/man/man3/DSA_meth_new.3 doc/man/man3/DSA_new.3 doc/man/man3/DSA_set_method.3 doc/man/man3/DSA_sign.3 doc/man/man3/DSA_size.3 doc/man/man3/DTLS_get_data_mtu.3 doc/man/man3/DTLS_set_timer_cb.3 doc/man/man3/DTLSv1_listen.3 doc/man/man3/ECDSA_SIG_new.3 doc/man/man3/ECPKParameters_print.3 doc/man/man3/EC_GFp_simple_method.3 doc/man/man3/EC_GROUP_copy.3 doc/man/man3/EC_GROUP_new.3 doc/man/man3/EC_KEY_get_enc_flags.3 doc/man/man3/EC_KEY_new.3 doc/man/man3/EC_POINT_add.3 doc/man/man3/EC_POINT_new.3 doc/man/man3/ENGINE_add.3 doc/man/man3/ERR_GET_LIB.3 doc/man/man3/ERR_clear_error.3 doc/man/man3/ERR_error_string.3 doc/man/man3/ERR_get_error.3 doc/man/man3/ERR_load_crypto_strings.3 doc/man/man3/ERR_load_strings.3 doc/man/man3/ERR_new.3 doc/man/man3/ERR_print_errors.3 doc/man/man3/ERR_put_error.3 doc/man/man3/ERR_remove_state.3 doc/man/man3/ERR_set_mark.3 doc/man/man3/EVP_ASYM_CIPHER_free.3 doc/man/man3/EVP_BytesToKey.3 doc/man/man3/EVP_CIPHER_CTX_get_cipher_data.3 doc/man/man3/EVP_CIPHER_meth_new.3 doc/man/man3/EVP_DigestInit.3 doc/man/man3/EVP_DigestSignInit.3 doc/man/man3/EVP_DigestVerifyInit.3 doc/man/man3/EVP_EncodeInit.3 doc/man/man3/EVP_EncryptInit.3 doc/man/man3/EVP_KDF.3 doc/man/man3/EVP_KEYEXCH_free.3 doc/man/man3/EVP_KEYMGMT.3 doc/man/man3/EVP_MAC.3 doc/man/man3/EVP_MD_meth_new.3 doc/man/man3/EVP_OpenInit.3 doc/man/man3/EVP_PKEY_ASN1_METHOD.3 doc/man/man3/EVP_PKEY_CTX_ctrl.3 doc/man/man3/EVP_PKEY_CTX_new.3 doc/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3 doc/man/man3/EVP_PKEY_CTX_set_hkdf_md.3 doc/man/man3/EVP_PKEY_CTX_set_params.3 doc/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3 doc/man/man3/EVP_PKEY_CTX_set_scrypt_N.3 doc/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3 doc/man/man3/EVP_PKEY_asn1_get_count.3 doc/man/man3/EVP_PKEY_check.3 doc/man/man3/EVP_PKEY_copy_parameters.3 doc/man/man3/EVP_PKEY_decrypt.3 doc/man/man3/EVP_PKEY_derive.3 doc/man/man3/EVP_PKEY_encrypt.3 doc/man/man3/EVP_PKEY_fromdata.3 doc/man/man3/EVP_PKEY_gen.3 doc/man/man3/EVP_PKEY_get_default_digest_nid.3 doc/man/man3/EVP_PKEY_gettable_params.3 doc/man/man3/EVP_PKEY_is_a.3 doc/man/man3/EVP_PKEY_meth_get_count.3 doc/man/man3/EVP_PKEY_meth_new.3 doc/man/man3/EVP_PKEY_new.3 doc/man/man3/EVP_PKEY_print_private.3 doc/man/man3/EVP_PKEY_set1_RSA.3 doc/man/man3/EVP_PKEY_set_type.3 doc/man/man3/EVP_PKEY_sign.3 doc/man/man3/EVP_PKEY_size.3 doc/man/man3/EVP_PKEY_supports_digest_nid.3 doc/man/man3/EVP_PKEY_verify.3 doc/man/man3/EVP_PKEY_verify_recover.3 doc/man/man3/EVP_RAND.3 doc/man/man3/EVP_SIGNATURE_free.3 doc/man/man3/EVP_SealInit.3 doc/man/man3/EVP_SignInit.3 doc/man/man3/EVP_VerifyInit.3 doc/man/man3/EVP_aes_128_gcm.3 doc/man/man3/EVP_aria_128_gcm.3 doc/man/man3/EVP_bf_cbc.3 doc/man/man3/EVP_blake2b512.3 doc/man/man3/EVP_camellia_128_ecb.3 doc/man/man3/EVP_cast5_cbc.3 doc/man/man3/EVP_chacha20.3 doc/man/man3/EVP_des_cbc.3 doc/man/man3/EVP_desx_cbc.3 doc/man/man3/EVP_idea_cbc.3 doc/man/man3/EVP_md2.3 doc/man/man3/EVP_md4.3 doc/man/man3/EVP_md5.3 doc/man/man3/EVP_mdc2.3 doc/man/man3/EVP_rc2_cbc.3 doc/man/man3/EVP_rc4.3 doc/man/man3/EVP_rc5_32_12_16_cbc.3 doc/man/man3/EVP_ripemd160.3 doc/man/man3/EVP_seed_cbc.3 doc/man/man3/EVP_set_default_properties.3 doc/man/man3/EVP_sha1.3 doc/man/man3/EVP_sha224.3 doc/man/man3/EVP_sha3_224.3 doc/man/man3/EVP_sm3.3 doc/man/man3/EVP_sm4_cbc.3 doc/man/man3/EVP_whirlpool.3 doc/man/man3/HMAC.3 doc/man/man3/MD5.3 doc/man/man3/MDC2_Init.3 doc/man/man3/NCONF_new_with_libctx.3 doc/man/man3/OBJ_nid2obj.3 doc/man/man3/OCSP_REQUEST_new.3 doc/man/man3/OCSP_cert_to_id.3 doc/man/man3/OCSP_request_add1_nonce.3 doc/man/man3/OCSP_resp_find_status.3 doc/man/man3/OCSP_response_status.3 doc/man/man3/OCSP_sendreq_new.3 doc/man/man3/OPENSSL_Applink.3 doc/man/man3/OPENSSL_CTX.3 doc/man/man3/OPENSSL_FILE.3 doc/man/man3/OPENSSL_LH_COMPFUNC.3 doc/man/man3/OPENSSL_LH_stats.3 doc/man/man3/OPENSSL_config.3 doc/man/man3/OPENSSL_fork_prepare.3 doc/man/man3/OPENSSL_hexchar2int.3 doc/man/man3/OPENSSL_ia32cap.3 doc/man/man3/OPENSSL_init_crypto.3 doc/man/man3/OPENSSL_init_ssl.3 doc/man/man3/OPENSSL_instrument_bus.3 doc/man/man3/OPENSSL_load_builtin_modules.3 doc/man/man3/OPENSSL_malloc.3 doc/man/man3/OPENSSL_s390xcap.3 doc/man/man3/OPENSSL_secure_malloc.3 doc/man/man3/OSSL_CMP_CTX_new.3 doc/man/man3/OSSL_CMP_HDR_get0_transactionID.3 doc/man/man3/OSSL_CMP_ITAV_set0.3 doc/man/man3/OSSL_CMP_MSG_get0_header.3 doc/man/man3/OSSL_CMP_MSG_http_perform.3 doc/man/man3/OSSL_CMP_SRV_CTX_new.3 doc/man/man3/OSSL_CMP_STATUSINFO_new.3 doc/man/man3/OSSL_CMP_exec_certreq.3 doc/man/man3/OSSL_CMP_log_open.3 doc/man/man3/OSSL_CMP_validate_msg.3 doc/man/man3/OSSL_CRMF_MSG_get0_tmpl.3 doc/man/man3/OSSL_CRMF_MSG_set0_validity.3 doc/man/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.3 doc/man/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.3 doc/man/man3/OSSL_CRMF_pbmp_new.3 doc/man/man3/OSSL_DESERIALIZER.3 doc/man/man3/OSSL_DESERIALIZER_CTX.3 doc/man/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_DESERIALIZER_from_bio.3 doc/man/man3/OSSL_HTTP_transfer.3 doc/man/man3/OSSL_PARAM.3 doc/man/man3/OSSL_PARAM_BLD.3 doc/man/man3/OSSL_PARAM_allocate_from_text.3 doc/man/man3/OSSL_PARAM_int.3 doc/man/man3/OSSL_PROVIDER.3 doc/man/man3/OSSL_SELF_TEST_new.3 doc/man/man3/OSSL_SELF_TEST_set_callback.3 doc/man/man3/OSSL_SERIALIZER.3 doc/man/man3/OSSL_SERIALIZER_CTX.3 doc/man/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_SERIALIZER_to_bio.3 doc/man/man3/OSSL_STORE_INFO.3 doc/man/man3/OSSL_STORE_LOADER.3 doc/man/man3/OSSL_STORE_SEARCH.3 doc/man/man3/OSSL_STORE_attach.3 doc/man/man3/OSSL_STORE_expect.3 doc/man/man3/OSSL_STORE_open.3 doc/man/man3/OSSL_trace_enabled.3 doc/man/man3/OSSL_trace_get_category_num.3 doc/man/man3/OSSL_trace_set_channel.3 doc/man/man3/OpenSSL_add_all_algorithms.3 doc/man/man3/OpenSSL_version.3 doc/man/man3/PEM_X509_INFO_read_bio_with_libctx.3 doc/man/man3/PEM_bytes_read_bio.3 doc/man/man3/PEM_read.3 doc/man/man3/PEM_read_CMS.3 doc/man/man3/PEM_read_bio_PrivateKey.3 doc/man/man3/PEM_read_bio_ex.3 doc/man/man3/PEM_write_bio_CMS_stream.3 doc/man/man3/PEM_write_bio_PKCS7_stream.3 doc/man/man3/PKCS12_SAFEBAG_get0_attrs.3 doc/man/man3/PKCS12_add_CSPName_asc.3 doc/man/man3/PKCS12_add_friendlyname_asc.3 doc/man/man3/PKCS12_add_localkeyid.3 doc/man/man3/PKCS12_create.3 doc/man/man3/PKCS12_get_friendlyname.3 doc/man/man3/PKCS12_newpass.3 doc/man/man3/PKCS12_parse.3 doc/man/man3/PKCS5_PBKDF2_HMAC.3 doc/man/man3/PKCS7_decrypt.3 doc/man/man3/PKCS7_encrypt.3 doc/man/man3/PKCS7_sign.3 doc/man/man3/PKCS7_sign_add_signer.3 doc/man/man3/PKCS7_verify.3 doc/man/man3/PKCS8_pkey_add1_attr.3 doc/man/man3/RAND_DRBG_generate.3 doc/man/man3/RAND_DRBG_get0_public.3 doc/man/man3/RAND_DRBG_new.3 doc/man/man3/RAND_DRBG_reseed.3 doc/man/man3/RAND_DRBG_set_callbacks.3 doc/man/man3/RAND_add.3 doc/man/man3/RAND_bytes.3 doc/man/man3/RAND_cleanup.3 doc/man/man3/RAND_egd.3 doc/man/man3/RAND_load_file.3 doc/man/man3/RAND_set_rand_method.3 doc/man/man3/RC4_set_key.3 doc/man/man3/RIPEMD160_Init.3 doc/man/man3/RSA_blinding_on.3 doc/man/man3/RSA_check_key.3 doc/man/man3/RSA_generate_key.3 doc/man/man3/RSA_get0_key.3 doc/man/man3/RSA_meth_new.3 doc/man/man3/RSA_new.3 doc/man/man3/RSA_padding_add_PKCS1_type_1.3 doc/man/man3/RSA_print.3 doc/man/man3/RSA_private_encrypt.3 doc/man/man3/RSA_public_encrypt.3 doc/man/man3/RSA_set_method.3 doc/man/man3/RSA_sign.3 doc/man/man3/RSA_sign_ASN1_OCTET_STRING.3 doc/man/man3/RSA_size.3 doc/man/man3/SCT_new.3 doc/man/man3/SCT_print.3 doc/man/man3/SCT_validate.3 doc/man/man3/SHA256_Init.3 doc/man/man3/SMIME_read_CMS.3 doc/man/man3/SMIME_read_PKCS7.3 doc/man/man3/SMIME_write_CMS.3 doc/man/man3/SMIME_write_PKCS7.3 doc/man/man3/SRP_Calc_B.3 doc/man/man3/SRP_VBASE_new.3 doc/man/man3/SRP_create_verifier.3 doc/man/man3/SRP_user_pwd_new.3 doc/man/man3/SSL_CIPHER_get_name.3 doc/man/man3/SSL_COMP_add_compression_method.3 doc/man/man3/SSL_CONF_CTX_new.3 doc/man/man3/SSL_CONF_CTX_set1_prefix.3 doc/man/man3/SSL_CONF_CTX_set_flags.3 doc/man/man3/SSL_CONF_CTX_set_ssl_ctx.3 doc/man/man3/SSL_CONF_cmd.3 doc/man/man3/SSL_CONF_cmd_argv.3 doc/man/man3/SSL_CTX_add1_chain_cert.3 doc/man/man3/SSL_CTX_add_extra_chain_cert.3 doc/man/man3/SSL_CTX_add_session.3 doc/man/man3/SSL_CTX_config.3 doc/man/man3/SSL_CTX_ctrl.3 doc/man/man3/SSL_CTX_dane_enable.3 doc/man/man3/SSL_CTX_flush_sessions.3 doc/man/man3/SSL_CTX_free.3 doc/man/man3/SSL_CTX_get0_param.3 doc/man/man3/SSL_CTX_get_verify_mode.3 doc/man/man3/SSL_CTX_has_client_custom_ext.3 doc/man/man3/SSL_CTX_load_verify_locations.3 doc/man/man3/SSL_CTX_new.3 doc/man/man3/SSL_CTX_sess_number.3 doc/man/man3/SSL_CTX_sess_set_cache_size.3 doc/man/man3/SSL_CTX_sess_set_get_cb.3 doc/man/man3/SSL_CTX_sessions.3 doc/man/man3/SSL_CTX_set0_CA_list.3 doc/man/man3/SSL_CTX_set1_curves.3 doc/man/man3/SSL_CTX_set1_sigalgs.3 doc/man/man3/SSL_CTX_set1_verify_cert_store.3 doc/man/man3/SSL_CTX_set_alpn_select_cb.3 doc/man/man3/SSL_CTX_set_cert_cb.3 doc/man/man3/SSL_CTX_set_cert_store.3 doc/man/man3/SSL_CTX_set_cert_verify_callback.3 doc/man/man3/SSL_CTX_set_cipher_list.3 doc/man/man3/SSL_CTX_set_client_cert_cb.3 doc/man/man3/SSL_CTX_set_client_hello_cb.3 doc/man/man3/SSL_CTX_set_ct_validation_callback.3 doc/man/man3/SSL_CTX_set_ctlog_list_file.3 doc/man/man3/SSL_CTX_set_default_passwd_cb.3 doc/man/man3/SSL_CTX_set_generate_session_id.3 doc/man/man3/SSL_CTX_set_info_callback.3 doc/man/man3/SSL_CTX_set_keylog_callback.3 doc/man/man3/SSL_CTX_set_max_cert_list.3 doc/man/man3/SSL_CTX_set_min_proto_version.3 doc/man/man3/SSL_CTX_set_mode.3 doc/man/man3/SSL_CTX_set_msg_callback.3 doc/man/man3/SSL_CTX_set_num_tickets.3 doc/man/man3/SSL_CTX_set_options.3 doc/man/man3/SSL_CTX_set_psk_client_callback.3 doc/man/man3/SSL_CTX_set_quiet_shutdown.3 doc/man/man3/SSL_CTX_set_read_ahead.3 doc/man/man3/SSL_CTX_set_record_padding_callback.3 doc/man/man3/SSL_CTX_set_security_level.3 doc/man/man3/SSL_CTX_set_session_cache_mode.3 doc/man/man3/SSL_CTX_set_session_id_context.3 doc/man/man3/SSL_CTX_set_session_ticket_cb.3 doc/man/man3/SSL_CTX_set_split_send_fragment.3 doc/man/man3/SSL_CTX_set_srp_password.3 doc/man/man3/SSL_CTX_set_ssl_version.3 doc/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3 doc/man/man3/SSL_CTX_set_timeout.3 doc/man/man3/SSL_CTX_set_tlsext_servername_callback.3 doc/man/man3/SSL_CTX_set_tlsext_status_cb.3 doc/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3 doc/man/man3/SSL_CTX_set_tlsext_use_srtp.3 doc/man/man3/SSL_CTX_set_tmp_dh_callback.3 doc/man/man3/SSL_CTX_set_tmp_ecdh.3 doc/man/man3/SSL_CTX_set_verify.3 doc/man/man3/SSL_CTX_use_certificate.3 doc/man/man3/SSL_CTX_use_psk_identity_hint.3 doc/man/man3/SSL_CTX_use_serverinfo.3 doc/man/man3/SSL_SESSION_free.3 doc/man/man3/SSL_SESSION_get0_cipher.3 doc/man/man3/SSL_SESSION_get0_hostname.3 doc/man/man3/SSL_SESSION_get0_id_context.3 doc/man/man3/SSL_SESSION_get0_peer.3 doc/man/man3/SSL_SESSION_get_compress_id.3 doc/man/man3/SSL_SESSION_get_protocol_version.3 doc/man/man3/SSL_SESSION_get_time.3 doc/man/man3/SSL_SESSION_has_ticket.3 doc/man/man3/SSL_SESSION_is_resumable.3 doc/man/man3/SSL_SESSION_print.3 doc/man/man3/SSL_SESSION_set1_id.3 doc/man/man3/SSL_accept.3 doc/man/man3/SSL_alert_type_string.3 doc/man/man3/SSL_alloc_buffers.3 doc/man/man3/SSL_check_chain.3 doc/man/man3/SSL_clear.3 doc/man/man3/SSL_connect.3 doc/man/man3/SSL_do_handshake.3 doc/man/man3/SSL_export_keying_material.3 doc/man/man3/SSL_extension_supported.3 doc/man/man3/SSL_free.3 doc/man/man3/SSL_get0_peer_scts.3 doc/man/man3/SSL_get_SSL_CTX.3 doc/man/man3/SSL_get_all_async_fds.3 doc/man/man3/SSL_get_ciphers.3 doc/man/man3/SSL_get_client_random.3 doc/man/man3/SSL_get_current_cipher.3 doc/man/man3/SSL_get_default_timeout.3 doc/man/man3/SSL_get_error.3 doc/man/man3/SSL_get_extms_support.3 doc/man/man3/SSL_get_fd.3 doc/man/man3/SSL_get_peer_cert_chain.3 doc/man/man3/SSL_get_peer_certificate.3 doc/man/man3/SSL_get_peer_signature_nid.3 doc/man/man3/SSL_get_peer_tmp_key.3 doc/man/man3/SSL_get_psk_identity.3 doc/man/man3/SSL_get_rbio.3 doc/man/man3/SSL_get_session.3 doc/man/man3/SSL_get_shared_sigalgs.3 doc/man/man3/SSL_get_verify_result.3 doc/man/man3/SSL_get_version.3 doc/man/man3/SSL_in_init.3 doc/man/man3/SSL_key_update.3 doc/man/man3/SSL_library_init.3 doc/man/man3/SSL_load_client_CA_file.3 doc/man/man3/SSL_new.3 doc/man/man3/SSL_pending.3 doc/man/man3/SSL_read.3 doc/man/man3/SSL_read_early_data.3 doc/man/man3/SSL_rstate_string.3 doc/man/man3/SSL_session_reused.3 doc/man/man3/SSL_set1_host.3 doc/man/man3/SSL_set_async_callback.3 doc/man/man3/SSL_set_bio.3 doc/man/man3/SSL_set_connect_state.3 doc/man/man3/SSL_set_fd.3 doc/man/man3/SSL_set_session.3 doc/man/man3/SSL_set_shutdown.3 doc/man/man3/SSL_set_verify_result.3 doc/man/man3/SSL_shutdown.3 doc/man/man3/SSL_state_string.3 doc/man/man3/SSL_want.3 doc/man/man3/SSL_write.3 doc/man/man3/TS_VERIFY_CTX_set_certs.3 doc/man/man3/UI_STRING.3 doc/man/man3/UI_UTIL_read_pw.3 doc/man/man3/UI_create_method.3 doc/man/man3/UI_new.3 doc/man/man3/X509V3_get_d2i.3 doc/man/man3/X509_ALGOR_dup.3 doc/man/man3/X509_CRL_get0_by_serial.3 doc/man/man3/X509_EXTENSION_set_object.3 doc/man/man3/X509_LOOKUP.3 doc/man/man3/X509_LOOKUP_hash_dir.3 doc/man/man3/X509_LOOKUP_meth_new.3 doc/man/man3/X509_NAME_ENTRY_get_object.3 doc/man/man3/X509_NAME_add_entry_by_txt.3 doc/man/man3/X509_NAME_get0_der.3 doc/man/man3/X509_NAME_get_index_by_NID.3 doc/man/man3/X509_NAME_print_ex.3 doc/man/man3/X509_PUBKEY_new.3 doc/man/man3/X509_SIG_get0.3 doc/man/man3/X509_STORE_CTX_get_error.3 doc/man/man3/X509_STORE_CTX_new.3 doc/man/man3/X509_STORE_CTX_set_verify_cb.3 doc/man/man3/X509_STORE_add_cert.3 doc/man/man3/X509_STORE_get0_param.3 doc/man/man3/X509_STORE_new.3 doc/man/man3/X509_STORE_set_verify_cb_func.3 doc/man/man3/X509_VERIFY_PARAM_set_flags.3 doc/man/man3/X509_check_ca.3 doc/man/man3/X509_check_host.3 doc/man/man3/X509_check_issued.3 doc/man/man3/X509_check_private_key.3 doc/man/man3/X509_check_purpose.3 doc/man/man3/X509_cmp.3 doc/man/man3/X509_cmp_time.3 doc/man/man3/X509_digest.3 doc/man/man3/X509_dup.3 doc/man/man3/X509_get0_distinguishing_id.3 doc/man/man3/X509_get0_notBefore.3 doc/man/man3/X509_get0_signature.3 doc/man/man3/X509_get0_uids.3 doc/man/man3/X509_get_extension_flags.3 doc/man/man3/X509_get_pubkey.3 doc/man/man3/X509_get_serialNumber.3 doc/man/man3/X509_get_subject_name.3 doc/man/man3/X509_get_version.3 doc/man/man3/X509_load_http.3 doc/man/man3/X509_new.3 doc/man/man3/X509_sign.3 doc/man/man3/X509_verify.3 doc/man/man3/X509_verify_cert.3 doc/man/man3/X509v3_get_ext_by_NID.3 doc/man/man3/d2i_DHparams.3 doc/man/man3/d2i_PKCS8PrivateKey_bio.3 doc/man/man3/d2i_PrivateKey.3 doc/man/man3/d2i_SSL_SESSION.3 doc/man/man3/d2i_X509.3 doc/man/man3/i2d_CMS_bio_stream.3 doc/man/man3/i2d_PKCS7_bio_stream.3 doc/man/man3/i2d_re_X509_tbs.3 doc/man/man3/o2i_SCT_LIST.3 doc/man/man3/s2i_ASN1_IA5STRING.3 doc/man/man5/config.5 doc/man/man5/fips_config.5 doc/man/man5/x509v3_config.5 doc/man/man7/EVP_KDF-HKDF.7 doc/man/man7/EVP_KDF-KB.7 doc/man/man7/EVP_KDF-KRB5KDF.7 doc/man/man7/EVP_KDF-PBKDF2.7 doc/man/man7/EVP_KDF-SCRYPT.7 doc/man/man7/EVP_KDF-SS.7 doc/man/man7/EVP_KDF-SSHKDF.7 doc/man/man7/EVP_KDF-TLS1_PRF.7 doc/man/man7/EVP_KDF-X942.7 doc/man/man7/EVP_KDF-X963.7 doc/man/man7/EVP_KEYEXCH-DH.7 doc/man/man7/EVP_KEYEXCH-ECDH.7 doc/man/man7/EVP_KEYEXCH-X25519.7 doc/man/man7/EVP_MAC-BLAKE2.7 doc/man/man7/EVP_MAC-CMAC.7 doc/man/man7/EVP_MAC-GMAC.7 doc/man/man7/EVP_MAC-HMAC.7 doc/man/man7/EVP_MAC-KMAC.7 doc/man/man7/EVP_MAC-Poly1305.7 doc/man/man7/EVP_MAC-Siphash.7 doc/man/man7/EVP_MD-BLAKE2.7 doc/man/man7/EVP_MD-MD2.7 doc/man/man7/EVP_MD-MD4.7 doc/man/man7/EVP_MD-MD5-SHA1.7 doc/man/man7/EVP_MD-MD5.7 doc/man/man7/EVP_MD-MDC2.7 doc/man/man7/EVP_MD-RIPEMD160.7 doc/man/man7/EVP_MD-SHA1.7 doc/man/man7/EVP_MD-SHA2.7 doc/man/man7/EVP_MD-SHA3.7 doc/man/man7/EVP_MD-SHAKE.7 doc/man/man7/EVP_MD-SM3.7 doc/man/man7/EVP_MD-WHIRLPOOL.7 doc/man/man7/EVP_MD-common.7 doc/man/man7/EVP_PKEY-DH.7 doc/man/man7/EVP_PKEY-DSA.7 doc/man/man7/EVP_PKEY-EC.7 doc/man/man7/EVP_PKEY-FFC.7 doc/man/man7/EVP_PKEY-RSA.7 doc/man/man7/EVP_PKEY-X25519.7 doc/man/man7/EVP_RAND-CTR-DRBG.7 doc/man/man7/EVP_RAND-HASH-DRBG.7 doc/man/man7/EVP_RAND-HMAC-DRBG.7 doc/man/man7/EVP_RAND-TEST-RAND.7 doc/man/man7/EVP_SIGNATURE-DSA.7 doc/man/man7/EVP_SIGNATURE-ECDSA.7 doc/man/man7/EVP_SIGNATURE-ED25519.7 doc/man/man7/EVP_SIGNATURE-RSA.7 doc/man/man7/OSSL_PROVIDER-FIPS.7 doc/man/man7/OSSL_PROVIDER-base.7 doc/man/man7/OSSL_PROVIDER-default.7 doc/man/man7/OSSL_PROVIDER-legacy.7 doc/man/man7/OSSL_PROVIDER-null.7 doc/man/man7/RAND.7 doc/man/man7/RAND_DRBG.7 doc/man/man7/RSA-PSS.7 doc/man/man7/SM2.7 doc/man/man7/X25519.7 doc/man/man7/bio.7 doc/man/man7/crypto.7 doc/man/man7/ct.7 doc/man/man7/des_modes.7 doc/man/man7/evp.7 doc/man/man7/openssl-core.h.7 doc/man/man7/openssl-core_dispatch.h.7 doc/man/man7/openssl-core_names.h.7 doc/man/man7/openssl-env.7 doc/man/man7/openssl_user_macros.7 doc/man/man7/ossl_store-file.7 doc/man/man7/ossl_store.7 doc/man/man7/passphrase-encoding.7 doc/man/man7/property.7 doc/man/man7/provider-asym_cipher.7 doc/man/man7/provider-base.7 doc/man/man7/provider-cipher.7 doc/man/man7/provider-digest.7 doc/man/man7/provider-keyexch.7 doc/man/man7/provider-keymgmt.7 doc/man/man7/provider-mac.7 doc/man/man7/provider-rand.7 doc/man/man7/provider-serializer.7 doc/man/man7/provider-signature.7 doc/man/man7/provider.7 doc/man/man7/proxy-certificates.7 doc/man/man7/ssl.7 doc/man/man7/x509.7
rm -f apps/openssl fuzz/asn1-test fuzz/asn1parse-test fuzz/bignum-test fuzz/bndiv-test fuzz/client-test fuzz/cmp-test fuzz/cms-test fuzz/conf-test fuzz/crl-test fuzz/ct-test fuzz/server-test fuzz/x509-test test/aborttest test/acvp_test test/aesgcmtest test/afalgtest test/asn1_decode_test test/asn1_dsa_internal_test test/asn1_encode_test test/asn1_internal_test test/asn1_string_table_test test/asn1_time_test test/asynciotest test/asynctest test/bad_dtls_test test/bftest test/bio_callback_test test/bio_enc_test test/bio_memleak_test test/bio_prefix_text test/bioprinttest test/bn_internal_test test/bntest test/buildtest_c_aes test/buildtest_c_asn1 test/buildtest_c_asn1t test/buildtest_c_async test/buildtest_c_bio test/buildtest_c_blowfish test/buildtest_c_bn test/buildtest_c_buffer test/buildtest_c_camellia test/buildtest_c_cast test/buildtest_c_cmac test/buildtest_c_cmp test/buildtest_c_cmp_util test/buildtest_c_cms test/buildtest_c_comp test/buildtest_c_conf test/buildtest_c_conf_api test/buildtest_c_core test/buildtest_c_core_dispatch test/buildtest_c_core_names test/buildtest_c_crmf test/buildtest_c_crypto test/buildtest_c_ct test/buildtest_c_des test/buildtest_c_deserializer test/buildtest_c_dh test/buildtest_c_dsa test/buildtest_c_e_os2 test/buildtest_c_ebcdic test/buildtest_c_ec test/buildtest_c_ecdh test/buildtest_c_ecdsa test/buildtest_c_engine test/buildtest_c_ess test/buildtest_c_evp test/buildtest_c_fips_names test/buildtest_c_hmac test/buildtest_c_http test/buildtest_c_idea test/buildtest_c_kdf test/buildtest_c_lhash test/buildtest_c_macros test/buildtest_c_md4 test/buildtest_c_md5 test/buildtest_c_mdc2 test/buildtest_c_modes test/buildtest_c_obj_mac test/buildtest_c_objects test/buildtest_c_ocsp test/buildtest_c_ossl_typ test/buildtest_c_param_build test/buildtest_c_params test/buildtest_c_pem test/buildtest_c_pem2 test/buildtest_c_pkcs12 test/buildtest_c_pkcs7 test/buildtest_c_provider test/buildtest_c_rand test/buildtest_c_rand_drbg test/buildtest_c_rc2 test/buildtest_c_rc4 test/buildtest_c_ripemd test/buildtest_c_rsa test/buildtest_c_safestack test/buildtest_c_seed test/buildtest_c_self_test test/buildtest_c_serializer test/buildtest_c_sha test/buildtest_c_srp test/buildtest_c_srtp test/buildtest_c_ssl test/buildtest_c_ssl2 test/buildtest_c_stack test/buildtest_c_store test/buildtest_c_symhacks test/buildtest_c_tls1 test/buildtest_c_ts test/buildtest_c_txt_db test/buildtest_c_types test/buildtest_c_ui test/buildtest_c_whrlpool test/buildtest_c_x509 test/buildtest_c_x509_vfy test/buildtest_c_x509v3 test/casttest test/chacha_internal_test test/cipher_overhead_test test/cipherbytes_test test/cipherlist_test test/ciphername_test test/clienthellotest test/cmactest test/cmp_asn_test test/cmp_client_test test/cmp_ctx_test test/cmp_hdr_test test/cmp_msg_test test/cmp_protect_test test/cmp_server_test test/cmp_status_test test/cmp_vfy_test test/cmsapitest test/conf_include_test test/confdump test/constant_time_test test/context_internal_test test/crltest test/ct_test test/ctype_internal_test test/curve448_internal_test test/d2i_test test/danetest test/destest test/dhtest test/drbg_cavs_test test/drbg_extra_test test/drbgtest test/dsa_no_digest_size_test test/dsatest test/dtls_mtu_test test/dtlstest test/dtlsv1listentest test/ec_internal_test test/ecdsatest test/ecstresstest test/ectest test/enginetest test/errtest test/evp_extra_test test/evp_extra_test2 test/evp_fetch_prov_test test/evp_kdf_test test/evp_libctx_test test/evp_pkey_dparams_test test/evp_pkey_provided_test test/evp_test test/exdatatest test/exptest test/fatalerrtest test/ffc_internal_test test/gmdifftest test/gosttest test/hexstr_test test/hmactest test/http_test test/ideatest test/igetest test/keymgmt_internal_test test/lhash_test test/mdc2_internal_test test/mdc2test test/memleaktest test/modes_internal_test test/namemap_internal_test test/ocspapitest test/packettest test/param_build_test test/params_api_test test/params_conversion_test test/params_test test/pbelutest test/pemtest test/pkey_meth_kdf_test test/pkey_meth_test test/poly1305_internal_test test/property_test test/provider_fallback_test test/provider_internal_test test/provider_test test/rc2test test/rc4test test/rc5test test/rdrand_sanitytest test/recordlentest test/rsa_complex test/rsa_mp_test test/rsa_sp800_56b_test test/rsa_test test/sanitytest test/secmemtest test/serdes_test test/servername_test test/shlibloadtest test/siphash_internal_test test/sm2_internal_test test/sm4_internal_test test/sparse_array_test test/srptest test/ssl_cert_table_internal_test test/ssl_ctx_test test/ssl_test test/ssl_test_ctx_test test/sslapitest test/sslbuffertest test/sslcorrupttest test/ssltest_old test/stack_test test/sysdefaulttest test/test_test test/threadstest test/time_offset_test test/tls13ccstest test/tls13encryptiontest test/tls13secretstest test/uitest test/v3ext test/v3nametest test/verify_extra_test test/versions test/wpackettest test/x509_check_cert_pkey_test test/x509_dup_cert_test test/x509_internal_test test/x509_time_test test/x509aux  engines/afalg.so engines/capi.so engines/dasync.so engines/ossltest.so engines/padlock.so providers/fips.so providers/legacy.so test/p_test.so apps/CA.pl apps/tsget.pl tools/c_rehash util/shlib_wrap.sh
rm -f doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod include/crypto/bn_conf.h include/crypto/dso_conf.h include/openssl/configuration.h include/openssl/fipskey.h include/openssl/opensslv.h test/provider_internal_test.cnf apps/CA.pl apps/progs.c apps/progs.h apps/tsget.pl crypto/aes/aes-x86_64.s crypto/aes/aesni-mb-x86_64.s crypto/aes/aesni-sha1-x86_64.s crypto/aes/aesni-sha256-x86_64.s crypto/aes/aesni-x86_64.s crypto/aes/bsaes-x86_64.s crypto/aes/vpaes-x86_64.s crypto/bn/rsaz-avx2.s crypto/bn/rsaz-x86_64.s crypto/bn/x86_64-gf2m.s crypto/bn/x86_64-mont.s crypto/bn/x86_64-mont5.s crypto/buildinf.h crypto/camellia/cmll-x86_64.s crypto/chacha/chacha-x86_64.s crypto/ec/ecp_nistz256-x86_64.s crypto/ec/x25519-x86_64.s crypto/md5/md5-x86_64.s crypto/modes/aesni-gcm-x86_64.s crypto/modes/ghash-x86_64.s crypto/poly1305/poly1305-x86_64.s crypto/rc4/rc4-md5-x86_64.s crypto/rc4/rc4-x86_64.s crypto/sha/keccak1600-x86_64.s crypto/sha/sha1-mb-x86_64.s crypto/sha/sha1-x86_64.s crypto/sha/sha256-mb-x86_64.s crypto/sha/sha256-x86_64.s crypto/sha/sha512-x86_64.s crypto/whrlpool/wp-x86_64.s crypto/x86_64cpuid.s doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod engines/afalg.ld engines/capi.ld engines/dasync.ld engines/e_padlock-x86_64.s engines/ossltest.ld engines/padlock.ld libcrypto.ld libssl.ld providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_rsa_gen.c providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_rsa.h providers/fips.ld providers/legacy.ld test/buildtest_aes.c test/buildtest_asn1.c test/buildtest_asn1t.c test/buildtest_async.c test/buildtest_bio.c test/buildtest_blowfish.c test/buildtest_bn.c test/buildtest_buffer.c test/buildtest_camellia.c test/buildtest_cast.c test/buildtest_cmac.c test/buildtest_cmp.c test/buildtest_cmp_util.c test/buildtest_cms.c test/buildtest_comp.c test/buildtest_conf.c test/buildtest_conf_api.c test/buildtest_core.c test/buildtest_core_dispatch.c test/buildtest_core_names.c test/buildtest_crmf.c test/buildtest_crypto.c test/buildtest_ct.c test/buildtest_des.c test/buildtest_deserializer.c test/buildtest_dh.c test/buildtest_dsa.c test/buildtest_e_os2.c test/buildtest_ebcdic.c test/buildtest_ec.c test/buildtest_ecdh.c test/buildtest_ecdsa.c test/buildtest_engine.c test/buildtest_ess.c test/buildtest_evp.c test/buildtest_fips_names.c test/buildtest_hmac.c test/buildtest_http.c test/buildtest_idea.c test/buildtest_kdf.c test/buildtest_lhash.c test/buildtest_macros.c test/buildtest_md4.c test/buildtest_md5.c test/buildtest_mdc2.c test/buildtest_modes.c test/buildtest_obj_mac.c test/buildtest_objects.c test/buildtest_ocsp.c test/buildtest_ossl_typ.c test/buildtest_param_build.c test/buildtest_params.c test/buildtest_pem.c test/buildtest_pem2.c test/buildtest_pkcs12.c test/buildtest_pkcs7.c test/buildtest_provider.c test/buildtest_rand.c test/buildtest_rand_drbg.c test/buildtest_rc2.c test/buildtest_rc4.c test/buildtest_ripemd.c test/buildtest_rsa.c test/buildtest_safestack.c test/buildtest_seed.c test/buildtest_self_test.c test/buildtest_serializer.c test/buildtest_sha.c test/buildtest_srp.c test/buildtest_srtp.c test/buildtest_ssl.c test/buildtest_ssl2.c test/buildtest_stack.c test/buildtest_store.c test/buildtest_symhacks.c test/buildtest_tls1.c test/buildtest_ts.c test/buildtest_txt_db.c test/buildtest_types.c test/buildtest_ui.c test/buildtest_whrlpool.c test/buildtest_x509.c test/buildtest_x509_vfy.c test/buildtest_x509v3.c test/p_test.ld tools/c_rehash util/shlib_wrap.sh
rm -f `find . -name '*.d' \! -name '.*' \! -type d -print`
rm -f `find . -name '*.o' \! -name '.*' \! -type d -print`
rm -f core
rm -f tags TAGS doc-nits cmd-nits md-nits
rm -f -r test/test-runs
rm -f openssl.pc libcrypto.pc libssl.pc
rm -f `find . -type l \! -name '.*' -print`
rm -f ../openssl-3.0.0-alpha6-dev.tar
$ make depend
$ LDCMD= make -j4
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-asn1parse.pod.in > doc/man1/openssl-asn1parse.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ca.pod.in > doc/man1/openssl-ca.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ciphers.pod.in > doc/man1/openssl-ciphers.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmds.pod.in > doc/man1/openssl-cmds.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmp.pod.in > doc/man1/openssl-cmp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cms.pod.in > doc/man1/openssl-cms.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl.pod.in > doc/man1/openssl-crl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-provider.pod.in > doc/man1/openssl-provider.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf
make depend && make _build_sw
make[1]: Entering directory '/home/openssl/run-checker/no-sock'
make[1]: Leaving directory '/home/openssl/run-checker/no-sock'
make[1]: Entering directory '/home/openssl/run-checker/no-sock'
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c
../openssl/apps/lib/http_server.c:27:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations]
int multi = 0; /* run multiple responder processes */
    ^
1 error generated.
Makefile:4164: recipe for target 'apps/lib/libapps-lib-http_server.o' failed
make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-sock'
Makefile:3133: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From tmraz at fedoraproject.org  Tue Aug  4 11:35:09 2020
From: tmraz at fedoraproject.org (tmraz at fedoraproject.org)
Date: Tue, 04 Aug 2020 11:35:09 +0000
Subject: [openssl]  master update
Message-ID: <1596540909.286597.9575.nullmailer@dev.openssl.org>

The branch master has been updated
       via  c5b356d5d6cfca1128b35f235dfdb893f2888027 (commit)
      from  ebc1e8fc4ec2888fdb99d487c064d8ef586f3ee3 (commit)


- Log -----------------------------------------------------------------
commit c5b356d5d6cfca1128b35f235dfdb893f2888027
Author: Peter Eisentraut <peter at eisentraut.org>
Date:   Thu Jul 16 10:18:16 2020 +0200

    Mark an argument of an inline function as unused
    
    This allows users of this header file to compile their own code with
    the gcc option -Wunused-parameter.
    
    CLA: trivial
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12459)

-----------------------------------------------------------------------

Summary of changes:
 include/openssl/err.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/openssl/err.h b/include/openssl/err.h
index fd3b93aa47..77bbba4f9f 100644
--- a/include/openssl/err.h
+++ b/include/openssl/err.h
@@ -221,7 +221,7 @@ static ossl_inline int ERR_GET_LIB(unsigned long errcode)
     return (errcode >> ERR_LIB_OFFSET) & ERR_LIB_MASK;
 }
 
-static ossl_inline int ERR_GET_FUNC(unsigned long errcode)
+static ossl_inline int ERR_GET_FUNC(unsigned long errcode ossl_unused)
 {
     return 0;
 }

From no-reply at appveyor.com  Tue Aug  4 11:40:21 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Tue, 04 Aug 2020 11:40:21 +0000
Subject: Build failed: openssl master.35941
Message-ID: <20200804114021.1.5D63CE29A0F7DA65@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200804/71682838/attachment.html>

From no-reply at appveyor.com  Tue Aug  4 12:11:58 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Tue, 04 Aug 2020 12:11:58 +0000
Subject: Build completed: openssl master.35942
Message-ID: <20200804121158.1.7B6B71437A8C1DEF@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200804/84463a0a/attachment.html>

From builds at travis-ci.com  Tue Aug  4 14:22:06 2020
From: builds at travis-ci.com (Travis CI)
Date: Tue, 04 Aug 2020 14:22:06 +0000
Subject: Still Failing: openssl/openssl#36484 (master - ebc1e8f)
In-Reply-To: <openssl/openssl+178386969+still failing@travis-ci.com>
Message-ID: <5f296f0d8a685_13f8fea0b6af82417fc@travis-pro-tasks-6bbb5cd89f-r65v6.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36484
Status: Still Failing

Duration: 1 hr, 19 mins, and 10 secs
Commit: ebc1e8f (master)
Author: Dr. David von Oheimb
Message: openssl-cmp.pod.in: Update and extend example using Insta Demo CA

Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12534)

View the changeset: https://github.com/openssl/openssl/compare/4c525cb5b6bb...ebc1e8fc4ec2

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178386969?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200804/cdf6ec2c/attachment-0001.html>

From openssl at openssl.org  Tue Aug  4 14:45:31 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 04 Aug 2020 14:45:31 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT
 -fno-sanitize=alignment
Message-ID: <1596552331.478776.24082.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment

Commit log since last time:

0f9fdefeb0 Fix an ENGINE leak in asn1_item_digest_with_libctx
790a1b030a DESERIALIZER: Small bugfix in the deser_process()
1dbf453773 DESERIALIZER: Make OSSL_DESERIALIZER_from_{bio,fp} use BIO_tell() / BIO_seek()
3c033c5bfe DESERIALIZER: Refactor the constructor setting API
319d0b2be9 TEST: Add testutil tests to compare unterminated strings of different lengths
7c664b1f1b DESERIALIZER: Add deserializers for the rest of our asymmetric key types
3ff8159a8a DESERIALIZER: Make it possible to deserialize public keys too
4701f0a9a0 DESERIALIZER: Rethink password handling
a6495479ad RSA: Better synchronisation between ASN1 PSS params and RSA_PSS_PARAMS_30
6c6b20d591 DER writer: Make context-specific tags constructed (i.e. explicit)
86b5ab58aa PROV: Fix small logic error in ec_kmgmt.c matching function
1202de4481 Add OSSL_CMP_MSG_write(), use it in apps/cmp.c
fafa56a14f Export ossl_cmp_msg_load() as OSSL_CMP_MSG_read(), use it in apps/cmp.c
87d20a9651 apps/cmp.c: Improve documentation of -recipient option
a3f15e237c deserialisation: add deserialisation to the base provider
dfc0857d81 serialisation: Add a built-in base provider.
aa97970c1a unify spelling of serialize
adf3f83e52 Fix test_cmp_cli for extended tests
b8ea8d3912 Don't fallback to legacy in DigestSignInit/DigestVerifyInit too easily
593d6554f8 Export crm_new() of cmp_msg.c under the name OSSL_CMP_CTX_setup_CRM()
299e0f1eae Streamline the CMP request session API, adding the generalized OSSL_CMP_exec_certreq()

Build log ended with (last 100 lines):

            # Server sent alert unexpected_message but client received no alert.
            # 403715BC797F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:318:
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1
    not ok 6 - running ssl_test 25-cipher.cnf
# ------------------------------------------------------------------------------
    # Looks like you failed 2 tests of 9.
not ok 26 - Test configuration 25-cipher.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok

        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #2, ECDHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 400761BCF67F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #3, DHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 400761BCF67F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 4 - iteration 4
# ------------------------------------------------------------------------------
    not ok 1 - test_ssl_corrupt
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1
not ok 1 - running sslcorrupttest
# ------------------------------------------------------------------------------
#   Failed test 'running sslcorrupttest'
#   at ../openssl/test/recipes/80-test_sslcorrupt.t line 19.
# Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests 
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls_mtu.t               (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  26
  Non-zero exit status: 1
80-test_sslcorrupt.t             (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=207, Tests=3250, 1736 wallclock secs (13.68 usr  1.49 sys + 1647.73 cusr 84.69 csys = 1747.59 CPU)
Result: FAIL
Makefile:3151: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-ubsan'
Makefile:3149: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Tue Aug  4 15:10:05 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 04 Aug 2020 15:10:05 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-ui
Message-ID: <1596553805.537062.9999.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ui

Commit log since last time:

0f9fdefeb0 Fix an ENGINE leak in asn1_item_digest_with_libctx
790a1b030a DESERIALIZER: Small bugfix in the deser_process()
1dbf453773 DESERIALIZER: Make OSSL_DESERIALIZER_from_{bio,fp} use BIO_tell() / BIO_seek()
3c033c5bfe DESERIALIZER: Refactor the constructor setting API
319d0b2be9 TEST: Add testutil tests to compare unterminated strings of different lengths
7c664b1f1b DESERIALIZER: Add deserializers for the rest of our asymmetric key types
3ff8159a8a DESERIALIZER: Make it possible to deserialize public keys too
4701f0a9a0 DESERIALIZER: Rethink password handling
a6495479ad RSA: Better synchronisation between ASN1 PSS params and RSA_PSS_PARAMS_30
6c6b20d591 DER writer: Make context-specific tags constructed (i.e. explicit)
86b5ab58aa PROV: Fix small logic error in ec_kmgmt.c matching function
1202de4481 Add OSSL_CMP_MSG_write(), use it in apps/cmp.c
fafa56a14f Export ossl_cmp_msg_load() as OSSL_CMP_MSG_read(), use it in apps/cmp.c
87d20a9651 apps/cmp.c: Improve documentation of -recipient option
a3f15e237c deserialisation: add deserialisation to the base provider
dfc0857d81 serialisation: Add a built-in base provider.
aa97970c1a unify spelling of serialize
adf3f83e52 Fix test_cmp_cli for extended tests
b8ea8d3912 Don't fallback to legacy in DigestSignInit/DigestVerifyInit too easily
593d6554f8 Export crm_new() of cmp_msg.c under the name OSSL_CMP_CTX_setup_CRM()
299e0f1eae Streamline the CMP request session API, adding the generalized OSSL_CMP_exec_certreq()

Build log ended with (last 100 lines):

    #   Failed test 'p10cr csr empty file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -csr wrong.csr.pem => 139
    not ok 78 - p10cr wrong csr
# ------------------------------------------------------------------------------
    #   Failed test 'p10cr wrong csr'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -revreason 5 => 139
    not ok 79 - ir + ignored revocation
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 139
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 139
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 139
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' => 139
    not ok 86 - kur newkey is directory
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139
    not ok 89 - kur oldcert is directory
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert is directory'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139
    not ok 90 - kur oldcert not existing
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert not existing'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139
    not ok 91 - kur empty oldcert file
# ------------------------------------------------------------------------------
    #   Failed test 'kur empty oldcert file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139
    not ok 92 - kur command without cert and oldcert
# ------------------------------------------------------------------------------
    #   Failed test 'kur command without cert and oldcert'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 65 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-ui/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=207, Tests=3250, 894 wallclock secs (12.62 usr  1.20 sys + 796.08 cusr 60.59 csys = 870.49 CPU)
Result: FAIL
Makefile:3157: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-ui'
Makefile:3155: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Tue Aug  4 16:47:52 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Tue, 04 Aug 2020 16:47:52 +0000
Subject: Build failed: openssl OpenSSL_1_1_1-stable.35950
Message-ID: <20200804164752.1.8EC2AC40D30ACFFC@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200804/4df9aae0/attachment.html>

From builds at travis-ci.com  Tue Aug  4 16:49:42 2020
From: builds at travis-ci.com (Travis CI)
Date: Tue, 04 Aug 2020 16:49:42 +0000
Subject: Errored: openssl/openssl#36487 (master - c5b356d)
In-Reply-To: <openssl/openssl+178396487+errored@travis-ci.com>
Message-ID: <5f2991a5cd981_13ff18aab51881307e6@travis-pro-tasks-5947b94475-rf6ng.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36487
Status: Errored

Duration: 1 hr, 9 mins, and 3 secs
Commit: c5b356d (master)
Author: Peter Eisentraut
Message: Mark an argument of an inline function as unused

This allows users of this header file to compile their own code with
the gcc option -Wunused-parameter.

CLA: trivial

Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12459)

View the changeset: https://github.com/openssl/openssl/compare/ebc1e8fc4ec2...c5b356d5d6cf

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178396487?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200804/b55cc643/attachment-0001.html>

From openssl at openssl.org  Tue Aug  4 17:58:02 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 04 Aug 2020 17:58:02 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls
Message-ID: <1596563882.096563.1356.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls

Commit log since last time:

0f9fdefeb0 Fix an ENGINE leak in asn1_item_digest_with_libctx
790a1b030a DESERIALIZER: Small bugfix in the deser_process()
1dbf453773 DESERIALIZER: Make OSSL_DESERIALIZER_from_{bio,fp} use BIO_tell() / BIO_seek()
3c033c5bfe DESERIALIZER: Refactor the constructor setting API
319d0b2be9 TEST: Add testutil tests to compare unterminated strings of different lengths
7c664b1f1b DESERIALIZER: Add deserializers for the rest of our asymmetric key types
3ff8159a8a DESERIALIZER: Make it possible to deserialize public keys too
4701f0a9a0 DESERIALIZER: Rethink password handling
a6495479ad RSA: Better synchronisation between ASN1 PSS params and RSA_PSS_PARAMS_30
6c6b20d591 DER writer: Make context-specific tags constructed (i.e. explicit)
86b5ab58aa PROV: Fix small logic error in ec_kmgmt.c matching function
1202de4481 Add OSSL_CMP_MSG_write(), use it in apps/cmp.c
fafa56a14f Export ossl_cmp_msg_load() as OSSL_CMP_MSG_read(), use it in apps/cmp.c
87d20a9651 apps/cmp.c: Improve documentation of -recipient option
a3f15e237c deserialisation: add deserialisation to the base provider
dfc0857d81 serialisation: Add a built-in base provider.
aa97970c1a unify spelling of serialize
adf3f83e52 Fix test_cmp_cli for extended tests
b8ea8d3912 Don't fallback to legacy in DigestSignInit/DigestVerifyInit too easily
593d6554f8 Export crm_new() of cmp_msg.c under the name OSSL_CMP_CTX_setup_CRM()
299e0f1eae Streamline the CMP request session API, adding the generalized OSSL_CMP_exec_certreq()

Build log ended with (last 100 lines):


# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build
80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok

            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 7 - iteration 7
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 8 - iteration 8
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 10 - iteration 10
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 11 - iteration 11
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 12 - iteration 12
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips.cnf => 1
    not ok 9 - running ssl_test 04-client_auth.cnf
# ------------------------------------------------------------------------------
    #   Failed test 'running ssl_test 04-client_auth.cnf'
    #   at ../openssl/test/recipes/80-test_ssl_new.t line 173.
    # Looks like you failed 1 test of 9.
not ok 5 - Test configuration 04-client_auth.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  5
  Non-zero exit status: 1
Files=207, Tests=3247, 839 wallclock secs (12.20 usr  1.31 sys + 779.14 cusr 60.64 csys = 853.29 CPU)
Result: FAIL
Makefile:3156: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls'
Makefile:3154: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Tue Aug  4 20:39:15 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 04 Aug 2020 20:39:15 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls1_2
Message-ID: <1596573555.605286.20894.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2

Commit log since last time:

0f9fdefeb0 Fix an ENGINE leak in asn1_item_digest_with_libctx
790a1b030a DESERIALIZER: Small bugfix in the deser_process()
1dbf453773 DESERIALIZER: Make OSSL_DESERIALIZER_from_{bio,fp} use BIO_tell() / BIO_seek()
3c033c5bfe DESERIALIZER: Refactor the constructor setting API
319d0b2be9 TEST: Add testutil tests to compare unterminated strings of different lengths
7c664b1f1b DESERIALIZER: Add deserializers for the rest of our asymmetric key types
3ff8159a8a DESERIALIZER: Make it possible to deserialize public keys too
4701f0a9a0 DESERIALIZER: Rethink password handling
a6495479ad RSA: Better synchronisation between ASN1 PSS params and RSA_PSS_PARAMS_30
6c6b20d591 DER writer: Make context-specific tags constructed (i.e. explicit)
86b5ab58aa PROV: Fix small logic error in ec_kmgmt.c matching function
1202de4481 Add OSSL_CMP_MSG_write(), use it in apps/cmp.c
fafa56a14f Export ossl_cmp_msg_load() as OSSL_CMP_MSG_read(), use it in apps/cmp.c
87d20a9651 apps/cmp.c: Improve documentation of -recipient option
a3f15e237c deserialisation: add deserialisation to the base provider
dfc0857d81 serialisation: Add a built-in base provider.
aa97970c1a unify spelling of serialize
adf3f83e52 Fix test_cmp_cli for extended tests
b8ea8d3912 Don't fallback to legacy in DigestSignInit/DigestVerifyInit too easily
593d6554f8 Export crm_new() of cmp_msg.c under the name OSSL_CMP_CTX_setup_CRM()
299e0f1eae Streamline the CMP request session API, adding the generalized OSSL_CMP_exec_certreq()

Build log ended with (last 100 lines):

    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C070480DBB7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C070480DBB7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C070480DBB7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6749
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/SxpFBkY70P default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C020AFF5DC7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C020AFF5DC7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:846
    # false
    not ok 3 - test_large_message_dtls
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C020AFF5DC7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C020AFF5DC7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C020AFF5DC7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C020AFF5DC7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6749
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/SxpFBkY70P fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls.t                   (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 1024 Tests: 31 Failed: 4)
  Failed tests:  5, 8, 17, 19
  Non-zero exit status: 4
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=207, Tests=3249, 853 wallclock secs (12.40 usr  1.29 sys + 790.39 cusr 60.90 csys = 864.98 CPU)
Result: FAIL
Makefile:3156: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2'
Makefile:3154: recipe for target 'tests' failed
make: *** [tests] Error 2

From shane.lontis at oracle.com  Tue Aug  4 22:47:02 2020
From: shane.lontis at oracle.com (shane.lontis at oracle.com)
Date: Tue, 04 Aug 2020 22:47:02 +0000
Subject: [openssl]  master update
Message-ID: <1596581222.690088.1093.nullmailer@dev.openssl.org>

The branch master has been updated
       via  914f97eecc9166fbfdb50c2d04e2b9f9d0c52198 (commit)
      from  c5b356d5d6cfca1128b35f235dfdb893f2888027 (commit)


- Log -----------------------------------------------------------------
commit 914f97eecc9166fbfdb50c2d04e2b9f9d0c52198
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Wed Aug 5 08:45:29 2020 +1000

    Fix provider cipher reinit after init/update with a partial update block.
    
    The test added previously used a 16 byte block during the update which does not cause internal buffering in the provider.
    Some internal variables related to the buffering were not being cleared in the init, which meant that the second
    update would use the buffered data from the first update.
    Added test for this scenario with exclusions for ciphers that do not support partial block updates.
    
    Found by guidovranken.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12523)

-----------------------------------------------------------------------

Summary of changes:
 providers/implementations/ciphers/cipher_aes_ocb.c |  2 +
 providers/implementations/ciphers/cipher_des.c     |  1 +
 .../implementations/ciphers/cipher_tdes_common.c   |  1 +
 providers/implementations/ciphers/ciphercommon.c   |  1 +
 test/evp_libctx_test.c                             | 78 ++++++++++++++++++++++
 5 files changed, 83 insertions(+)

diff --git a/providers/implementations/ciphers/cipher_aes_ocb.c b/providers/implementations/ciphers/cipher_aes_ocb.c
index 2f30b7ffdf..230b353c50 100644
--- a/providers/implementations/ciphers/cipher_aes_ocb.c
+++ b/providers/implementations/ciphers/cipher_aes_ocb.c
@@ -103,6 +103,8 @@ static int aes_ocb_init(void *vctx, const unsigned char *key, size_t keylen,
 {
    PROV_AES_OCB_CTX *ctx = (PROV_AES_OCB_CTX *)vctx;
 
+   ctx->aad_buf_len = 0;
+   ctx->data_buf_len = 0;
    ctx->base.enc = enc;
 
    if (iv != NULL) {
diff --git a/providers/implementations/ciphers/cipher_des.c b/providers/implementations/ciphers/cipher_des.c
index 9a7c13902f..4974234efd 100644
--- a/providers/implementations/ciphers/cipher_des.c
+++ b/providers/implementations/ciphers/cipher_des.c
@@ -68,6 +68,7 @@ static int des_init(void *vctx, const unsigned char *key, size_t keylen,
     PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
 
     ctx->num = 0;
+    ctx->bufsz = 0;
     ctx->enc = enc;
 
     if (iv != NULL) {
diff --git a/providers/implementations/ciphers/cipher_tdes_common.c b/providers/implementations/ciphers/cipher_tdes_common.c
index d2379f741b..a226e2aac4 100644
--- a/providers/implementations/ciphers/cipher_tdes_common.c
+++ b/providers/implementations/ciphers/cipher_tdes_common.c
@@ -58,6 +58,7 @@ static int tdes_init(void *vctx, const unsigned char *key, size_t keylen,
     PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
 
     ctx->num = 0;
+    ctx->bufsz = 0;
     ctx->enc = enc;
 
     if (iv != NULL) {
diff --git a/providers/implementations/ciphers/ciphercommon.c b/providers/implementations/ciphers/ciphercommon.c
index a3ebd3f7e7..2d119a7b39 100644
--- a/providers/implementations/ciphers/ciphercommon.c
+++ b/providers/implementations/ciphers/ciphercommon.c
@@ -150,6 +150,7 @@ static int cipher_generic_init_internal(PROV_CIPHER_CTX *ctx,
                                         int enc)
 {
     ctx->num = 0;
+    ctx->bufsz = 0;
     ctx->updated = 0;
     ctx->enc = enc ? 1 : 0;
 
diff --git a/test/evp_libctx_test.c b/test/evp_libctx_test.c
index 395c5d99b5..7421e1e3ca 100644
--- a/test/evp_libctx_test.c
+++ b/test/evp_libctx_test.c
@@ -268,6 +268,82 @@ err:
     return ret;
 }
 
+/*
+ * This test only uses a partial block (half the block size) of input for each
+ * EVP_EncryptUpdate() in order to test that the second init/update is not using
+ * a leftover buffer from the first init/update.
+ * Note: some ciphers don't need a full block to produce output.
+ */
+static int test_cipher_reinit_partialupdate(int test_id)
+{
+    int ret = 0, out1_len = 0, out2_len = 0, in_len;
+    EVP_CIPHER *cipher = NULL;
+    EVP_CIPHER_CTX *ctx = NULL;
+    unsigned char out1[256];
+    unsigned char out2[256];
+    static const unsigned char in[32] = {
+        0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+        0xba, 0xbe, 0xba, 0xbe, 0x00, 0x00, 0xba, 0xbe,
+        0x01, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+        0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+    };
+    static const unsigned char key[64] = {
+        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+        0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+        0x01, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+        0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+        0x02, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+        0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+        0x03, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+        0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+    };
+    static const unsigned char iv[16] = {
+        0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
+        0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00
+    };
+    const char *name = sk_OPENSSL_CSTRING_value(cipher_names, test_id);
+
+    if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new()))
+        goto err;
+
+    TEST_note("Fetching %s\n", name);
+    if (!TEST_ptr(cipher = EVP_CIPHER_fetch(libctx, name, NULL)))
+        goto err;
+
+    in_len = EVP_CIPHER_block_size(cipher) / 2;
+
+    /* skip any ciphers that don't allow partial updates */
+    if (((EVP_CIPHER_flags(cipher)
+          & (EVP_CIPH_FLAG_CTS | EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) != 0)
+        || EVP_CIPHER_mode(cipher) == EVP_CIPH_CCM_MODE
+        || EVP_CIPHER_mode(cipher) == EVP_CIPH_XTS_MODE
+        || EVP_CIPHER_mode(cipher) == EVP_CIPH_WRAP_MODE) {
+        ret = 1;
+        goto err;
+    }
+
+    if (!TEST_true(EVP_EncryptInit_ex(ctx, cipher, NULL, key, iv))
+        || !TEST_true(EVP_EncryptUpdate(ctx, out1, &out1_len, in, in_len))
+        || !TEST_true(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
+        || !TEST_true(EVP_EncryptUpdate(ctx, out2, &out2_len, in, in_len)))
+        goto err;
+
+    /* DES3-WRAP uses random every update - so it will give a different value */
+    if (EVP_CIPHER_is_a(cipher, "DES3-WRAP")) {
+        if (!TEST_mem_ne(out1, out1_len, out2, out2_len))
+            goto err;
+    } else {
+        if (!TEST_mem_eq(out1, out1_len, out2, out2_len))
+            goto err;
+    }
+    ret = 1;
+err:
+    EVP_CIPHER_free(cipher);
+    EVP_CIPHER_CTX_free(ctx);
+    return ret;
+}
+
+
 static int name_cmp(const char * const *a, const char * const *b)
 {
     return strcasecmp(*a, *b);
@@ -332,6 +408,8 @@ int setup_tests(void)
     EVP_CIPHER_do_all_provided(libctx, collect_cipher_names, cipher_names);
 
     ADD_ALL_TESTS(test_cipher_reinit, sk_OPENSSL_CSTRING_num(cipher_names));
+    ADD_ALL_TESTS(test_cipher_reinit_partialupdate,
+                  sk_OPENSSL_CSTRING_num(cipher_names));
     return 1;
 }
 

From openssl at openssl.org  Tue Aug  4 23:00:48 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 04 Aug 2020 23:00:48 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls1_2-method
Message-ID: <1596582048.168001.25317.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method

Commit log since last time:

0f9fdefeb0 Fix an ENGINE leak in asn1_item_digest_with_libctx
790a1b030a DESERIALIZER: Small bugfix in the deser_process()
1dbf453773 DESERIALIZER: Make OSSL_DESERIALIZER_from_{bio,fp} use BIO_tell() / BIO_seek()
3c033c5bfe DESERIALIZER: Refactor the constructor setting API
319d0b2be9 TEST: Add testutil tests to compare unterminated strings of different lengths
7c664b1f1b DESERIALIZER: Add deserializers for the rest of our asymmetric key types
3ff8159a8a DESERIALIZER: Make it possible to deserialize public keys too
4701f0a9a0 DESERIALIZER: Rethink password handling
a6495479ad RSA: Better synchronisation between ASN1 PSS params and RSA_PSS_PARAMS_30
6c6b20d591 DER writer: Make context-specific tags constructed (i.e. explicit)
86b5ab58aa PROV: Fix small logic error in ec_kmgmt.c matching function
1202de4481 Add OSSL_CMP_MSG_write(), use it in apps/cmp.c
fafa56a14f Export ossl_cmp_msg_load() as OSSL_CMP_MSG_read(), use it in apps/cmp.c
87d20a9651 apps/cmp.c: Improve documentation of -recipient option
a3f15e237c deserialisation: add deserialisation to the base provider
dfc0857d81 serialisation: Add a built-in base provider.
aa97970c1a unify spelling of serialize
adf3f83e52 Fix test_cmp_cli for extended tests
b8ea8d3912 Don't fallback to legacy in DigestSignInit/DigestVerifyInit too easily
593d6554f8 Export crm_new() of cmp_msg.c under the name OSSL_CMP_CTX_setup_CRM()
299e0f1eae Streamline the CMP request session API, adding the generalized OSSL_CMP_exec_certreq()

Build log ended with (last 100 lines):

    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C010CA6A0E7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C010CA6A0E7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C010CA6A0E7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6749
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/8LZCdlwaqQ default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C0908521787F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0908521787F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:846
    # false
    not ok 3 - test_large_message_dtls
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C0908521787F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0908521787F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0908521787F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0908521787F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6749
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/8LZCdlwaqQ fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls.t                   (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 1024 Tests: 31 Failed: 4)
  Failed tests:  5, 8, 17, 19
  Non-zero exit status: 4
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=207, Tests=3249, 846 wallclock secs (12.41 usr  1.21 sys + 787.01 cusr 58.92 csys = 859.55 CPU)
Result: FAIL
Makefile:3169: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method'
Makefile:3167: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Tue Aug  4 23:45:59 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 04 Aug 2020 23:45:59 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-tls1_3
Message-ID: <1596584759.952625.26116.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_3

Commit log since last time:

0f9fdefeb0 Fix an ENGINE leak in asn1_item_digest_with_libctx
790a1b030a DESERIALIZER: Small bugfix in the deser_process()
1dbf453773 DESERIALIZER: Make OSSL_DESERIALIZER_from_{bio,fp} use BIO_tell() / BIO_seek()
3c033c5bfe DESERIALIZER: Refactor the constructor setting API
319d0b2be9 TEST: Add testutil tests to compare unterminated strings of different lengths
7c664b1f1b DESERIALIZER: Add deserializers for the rest of our asymmetric key types
3ff8159a8a DESERIALIZER: Make it possible to deserialize public keys too
4701f0a9a0 DESERIALIZER: Rethink password handling
a6495479ad RSA: Better synchronisation between ASN1 PSS params and RSA_PSS_PARAMS_30
6c6b20d591 DER writer: Make context-specific tags constructed (i.e. explicit)
86b5ab58aa PROV: Fix small logic error in ec_kmgmt.c matching function
1202de4481 Add OSSL_CMP_MSG_write(), use it in apps/cmp.c
fafa56a14f Export ossl_cmp_msg_load() as OSSL_CMP_MSG_read(), use it in apps/cmp.c
87d20a9651 apps/cmp.c: Improve documentation of -recipient option
a3f15e237c deserialisation: add deserialisation to the base provider
dfc0857d81 serialisation: Add a built-in base provider.
aa97970c1a unify spelling of serialize
adf3f83e52 Fix test_cmp_cli for extended tests
b8ea8d3912 Don't fallback to legacy in DigestSignInit/DigestVerifyInit too easily
593d6554f8 Export crm_new() of cmp_msg.c under the name OSSL_CMP_CTX_setup_CRM()
299e0f1eae Streamline the CMP request session API, adding the generalized OSSL_CMP_exec_certreq()

Build log ended with (last 100 lines):

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok

        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0B02ACCF77F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:415:
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0B02ACCF77F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8202
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0B02ACCF77F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:415:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0B02ACCF77F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8202
        # false
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
    not ok 37 - test_sigalgs_available
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/erQRlCLFZs default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C09090E1EA7F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:415:
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C09090E1EA7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8202
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C09090E1EA7F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:415:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C09090E1EA7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8202
        # false
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
    not ok 37 - test_sigalgs_available
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/erQRlCLFZs fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build
90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=207, Tests=3171, 789 wallclock secs (11.07 usr  1.17 sys + 733.21 cusr 54.05 csys = 799.50 CPU)
Result: FAIL
Makefile:3150: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-tls1_3'
Makefile:3148: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Tue Aug  4 23:57:08 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Tue, 04 Aug 2020 23:57:08 +0000
Subject: Build completed: openssl master.35951
Message-ID: <20200804235708.1.5034BF822DFF5BF3@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200804/5fa22a7c/attachment.html>

From no-reply at appveyor.com  Wed Aug  5 01:15:22 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Wed, 05 Aug 2020 01:15:22 +0000
Subject: Build failed: openssl master.35953
Message-ID: <20200805011522.1.CE56B2CEA423D170@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200805/fc208d1a/attachment.html>

From no-reply at appveyor.com  Wed Aug  5 03:41:11 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Wed, 05 Aug 2020 03:41:11 +0000
Subject: Build completed: openssl master.35954
Message-ID: <20200805034111.1.0DA624C611D073B7@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200805/1c24deff/attachment.html>

From builds at travis-ci.com  Wed Aug  5 10:41:06 2020
From: builds at travis-ci.com (Travis CI)
Date: Wed, 05 Aug 2020 10:41:06 +0000
Subject: Errored: openssl/openssl#36492 (master - 914f97e)
In-Reply-To: <openssl/openssl+178477933+errored@travis-ci.com>
Message-ID: <5f2a8cc0683cd_13fb3aceed640320820@travis-pro-tasks-55bbd9f598-4ncsx.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36492
Status: Errored

Duration: 11 hrs, 52 mins, and 43 secs
Commit: 914f97e (master)
Author: Shane Lontis
Message: Fix provider cipher reinit after init/update with a partial update block.

The test added previously used a 16 byte block during the update which does not cause internal buffering in the provider.
Some internal variables related to the buffering were not being cleared in the init, which meant that the second
update would use the buffered data from the first update.
Added test for this scenario with exclusions for ciphers that do not support partial block updates.

Found by guidovranken.

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12523)

View the changeset: https://github.com/openssl/openssl/compare/c5b356d5d6cf...914f97eecc91

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178477933?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200805/4859fa79/attachment-0001.html>

From no-reply at appveyor.com  Wed Aug  5 11:21:36 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Wed, 05 Aug 2020 11:21:36 +0000
Subject: Build failed: openssl master.35965
Message-ID: <20200805112136.1.CAD4DCDAA7D1D49B@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200805/cf3df05b/attachment.html>

From openssl at openssl.org  Wed Aug  5 23:57:36 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Wed, 05 Aug 2020 23:57:36 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT
Message-ID: <1596671856.121738.27949.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT

Commit log since last time:

914f97eecc Fix provider cipher reinit after init/update with a partial update block.
c5b356d5d6 Mark an argument of an inline function as unused
ebc1e8fc4e openssl-cmp.pod.in: Update and extend example using Insta Demo CA
4c525cb5b6 DESERIALIZER: Fix EVP_PKEY construction by export
aff8c0a411 Fix error message on setting cert validity period in apps/cmp.c
57c05c57c3 apps: Correct and extend diagnostics of parse_name()
02ae130e3d Add 'section=...' info in error output of X509V3_EXT_nconf() as far as appropriate
1ac658ac9d Rename misleading X509V3_R_INVALID_NULL_NAME to X509V3_R_INVALID_EMPTY_NAME
c90c469376 Correct confusing X509V3 conf error output by removing needless 'section:<NULL>' etc.
b516a4b139 Correct misleading diagnostics of OBJ_txt2obj on unknown object name
8f7e897995 apps/cmp.c: Defer diagnostic output on server+proxy to be contacted
b5b6669fb6 PROV: Make the DER to KEY deserializer decode parameters too
19b4e6f8fe Coverity Fixes for issue #12531
e5b2cd5899 Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo
37d898df34 Add CHANGES.md entry for SSL_set1_host()/SSL_add1_host() taking IP literals
892a9e4c99 Disallow setting more than one IP address with SSL_add1_host()
396e720965 Fix certificate validation for IPv6 literals in sconnect demo
c832840e89 Make SSL_set1_host() and SSL_add1_host() take IP addresses
a677190779 81-test_cmp_cli.t: Skip tests with mock server if server cannot be started

Build log ended with (last 100 lines):

            # Server sent alert unexpected_message but client received no alert.
            # 8097B653B97F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:318:
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1
    not ok 6 - running ssl_test 25-cipher.cnf
# ------------------------------------------------------------------------------
    # Looks like you failed 2 tests of 9.
not ok 26 - Test configuration 25-cipher.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok

        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #2, ECDHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 80575E42407F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #3, DHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 80575E42407F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 4 - iteration 4
# ------------------------------------------------------------------------------
    not ok 1 - test_ssl_corrupt
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1
not ok 1 - running sslcorrupttest
# ------------------------------------------------------------------------------
#   Failed test 'running sslcorrupttest'
#   at ../openssl/test/recipes/80-test_sslcorrupt.t line 19.
# Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests 
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ skipped: Test only supported in a shared build
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls_mtu.t               (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  26
  Non-zero exit status: 1
80-test_sslcorrupt.t             (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=207, Tests=3044, 1716 wallclock secs (12.17 usr  1.48 sys + 1542.85 cusr 154.32 csys = 1710.82 CPU)
Result: FAIL
Makefile:2524: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-asan'
Makefile:2522: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Thu Aug  6 01:52:46 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 06 Aug 2020 01:52:46 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-autoerrinit
Message-ID: <1596678766.163617.26210.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit

Commit log since last time:

914f97eecc Fix provider cipher reinit after init/update with a partial update block.
c5b356d5d6 Mark an argument of an inline function as unused
ebc1e8fc4e openssl-cmp.pod.in: Update and extend example using Insta Demo CA
4c525cb5b6 DESERIALIZER: Fix EVP_PKEY construction by export
aff8c0a411 Fix error message on setting cert validity period in apps/cmp.c
57c05c57c3 apps: Correct and extend diagnostics of parse_name()
02ae130e3d Add 'section=...' info in error output of X509V3_EXT_nconf() as far as appropriate
1ac658ac9d Rename misleading X509V3_R_INVALID_NULL_NAME to X509V3_R_INVALID_EMPTY_NAME
c90c469376 Correct confusing X509V3 conf error output by removing needless 'section:<NULL>' etc.
b516a4b139 Correct misleading diagnostics of OBJ_txt2obj on unknown object name
8f7e897995 apps/cmp.c: Defer diagnostic output on server+proxy to be contacted
b5b6669fb6 PROV: Make the DER to KEY deserializer decode parameters too
19b4e6f8fe Coverity Fixes for issue #12531
e5b2cd5899 Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo
37d898df34 Add CHANGES.md entry for SSL_set1_host()/SSL_add1_host() taking IP literals
892a9e4c99 Disallow setting more than one IP address with SSL_add1_host()
396e720965 Fix certificate validation for IPv6 literals in sconnect demo
c832840e89 Make SSL_set1_host() and SSL_add1_host() take IP addresses
a677190779 81-test_cmp_cli.t: Skip tests with mock server if server cannot be started

Build log ended with (last 100 lines):

65-test_cmp_status.t ............... ok
65-test_cmp_vfy.t .................. ok
70-test_asyncio.t .................. ok
70-test_bad_dtls.t ................. ok
70-test_clienthello.t .............. ok
70-test_comp.t ..................... ok
70-test_key_share.t ................ ok
70-test_packet.t ................... ok
70-test_recordlen.t ................ ok
70-test_renegotiation.t ............ ok
70-test_servername.t ............... ok
70-test_sslcbcpadding.t ............ ok
70-test_sslcertstatus.t ............ ok
70-test_sslextension.t ............. ok
70-test_sslmessages.t .............. ok
70-test_sslrecords.t ............... ok
70-test_sslsessiontick.t ........... ok
70-test_sslsigalgs.t ............... ok
70-test_sslsignature.t ............. ok
70-test_sslskewith0p.t ............. ok
70-test_sslversions.t .............. ok
70-test_sslvertol.t ................ ok
70-test_tls13alerts.t .............. ok
70-test_tls13cookie.t .............. ok
70-test_tls13downgrade.t ........... ok
70-test_tls13hrr.t ................. ok
70-test_tls13kexmodes.t ............ ok
70-test_tls13messages.t ............ ok
70-test_tls13psk.t ................. ok
70-test_tlsextms.t ................. ok
70-test_verify_extra.t ............. ok
70-test_wpacket.t .................. ok
71-test_ssl_ctx.t .................. ok
80-test_ca.t ....................... ok
80-test_cipherbytes.t .............. ok
80-test_cipherlist.t ............... ok
80-test_ciphername.t ............... ok

# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... ok
80-test_dtls_mtu.t ................. ok
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok
80-test_ssl_new.t .................. ok
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
04-test_err.t                    (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=207, Tests=3113, 853 wallclock secs (13.34 usr  1.46 sys + 788.71 cusr 59.26 csys = 862.77 CPU)
Result: FAIL
Makefile:3154: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit'
Makefile:3152: recipe for target 'tests' failed
make: *** [tests] Error 2

From builds at travis-ci.com  Thu Aug  6 01:55:58 2020
From: builds at travis-ci.com (Travis CI)
Date: Thu, 06 Aug 2020 01:55:58 +0000
Subject: Canceled: openssl/openssl#36492 (master - 914f97e)
In-Reply-To: <openssl/openssl+178477933+canceled@travis-ci.com>
Message-ID: <5f2b632c8731a_13fe2089c34001846ac@travis-pro-tasks-f4c64555f-rdh8w.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36492
Status: Canceled

Duration: 11 hrs, 52 mins, and 43 secs
Commit: 914f97e (master)
Author: Shane Lontis
Message: Fix provider cipher reinit after init/update with a partial update block.

The test added previously used a 16 byte block during the update which does not cause internal buffering in the provider.
Some internal variables related to the buffering were not being cleared in the init, which meant that the second
update would use the buffered data from the first update.
Added test for this scenario with exclusions for ciphers that do not support partial block updates.

Found by guidovranken.

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12523)

View the changeset: https://github.com/openssl/openssl/compare/c5b356d5d6cf...914f97eecc91

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178477933?utm_medium=notification&utm_source=email

  Restart your build: https://travis-ci.com/github/openssl/openssl/builds/178477933?utm_medium=notification&utm_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200806/4286397c/attachment-0001.html>

From openssl at openssl.org  Thu Aug  6 04:43:48 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 06 Aug 2020 04:43:48 +0000
Subject: FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-cms
Message-ID: <1596689028.117090.1329.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-cms

Commit log since last time:

914f97eecc Fix provider cipher reinit after init/update with a partial update block.
c5b356d5d6 Mark an argument of an inline function as unused
ebc1e8fc4e openssl-cmp.pod.in: Update and extend example using Insta Demo CA
4c525cb5b6 DESERIALIZER: Fix EVP_PKEY construction by export
aff8c0a411 Fix error message on setting cert validity period in apps/cmp.c
57c05c57c3 apps: Correct and extend diagnostics of parse_name()
02ae130e3d Add 'section=...' info in error output of X509V3_EXT_nconf() as far as appropriate
1ac658ac9d Rename misleading X509V3_R_INVALID_NULL_NAME to X509V3_R_INVALID_EMPTY_NAME
c90c469376 Correct confusing X509V3 conf error output by removing needless 'section:<NULL>' etc.
b516a4b139 Correct misleading diagnostics of OBJ_txt2obj on unknown object name
8f7e897995 apps/cmp.c: Defer diagnostic output on server+proxy to be contacted
b5b6669fb6 PROV: Make the DER to KEY deserializer decode parameters too
19b4e6f8fe Coverity Fixes for issue #12531
e5b2cd5899 Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo
37d898df34 Add CHANGES.md entry for SSL_set1_host()/SSL_add1_host() taking IP literals
892a9e4c99 Disallow setting more than one IP address with SSL_add1_host()
396e720965 Fix certificate validation for IPv6 literals in sconnect demo
c832840e89 Make SSL_set1_host() and SSL_add1_host() take IP addresses
a677190779 81-test_cmp_cli.t: Skip tests with mock server if server cannot be started

Build log ended with (last 100 lines):

clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.d.tmp -MT test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o -c -o test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o ../openssl/test/ssl_cert_table_internal_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_ctx_test-bin-ssl_ctx_test.d.tmp -MT test/ssl_ctx_test-bin-ssl_ctx_test.o -c -o test/ssl_ctx_test-bin-ssl_ctx_test.o ../openssl/test/ssl_ctx_test.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test-bin-handshake_helper.d.tmp -MT test/ssl_test-bin-handshake_helper.o -c -o test/ssl_test-bin-handshake_helper.o ../openssl/test/handshake_helper.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test-bin-ssl_test.d.tmp -MT test/ssl_test-bin-ssl_test.o -c -o test/ssl_test-bin-ssl_test.o ../openssl/test/ssl_test.c
clang  -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test-bin-ssl_test_ctx.o -c -o test/ssl_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c
clang  -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx_test.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o ../openssl/test/ssl_test_ctx_test.c
clang  -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-filterprov.d.tmp -MT test/sslapitest-bin-filterprov.o -c -o test/sslapitest-bin-filterprov.o ../openssl/test/filterprov.c
clang  -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-sslapitest.d.tmp -MT test/sslapitest-bin-sslapitest.o -c -o test/sslapitest-bin-sslapitest.o ../openssl/test/sslapitest.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-ssltestlib.d.tmp -MT test/sslapitest-bin-ssltestlib.o -c -o test/sslapitest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-tls-provider.d.tmp -MT test/sslapitest-bin-tls-provider.o -c -o test/sslapitest-bin-tls-provider.o ../openssl/test/tls-provider.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslbuffertest-bin-sslbuffertest.d.tmp -MT test/sslbuffertest-bin-sslbuffertest.o -c -o test/sslbuffertest-bin-sslbuffertest.o ../openssl/test/sslbuffertest.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslbuffertest-bin-ssltestlib.d.tmp -MT test/sslbuffertest-bin-ssltestlib.o -c -o test/sslbuffertest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslcorrupttest-bin-sslcorrupttest.d.tmp -MT test/sslcorrupttest-bin-sslcorrupttest.o -c -o test/sslcorrupttest-bin-sslcorrupttest.o ../openssl/test/sslcorrupttest.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslcorrupttest-bin-ssltestlib.d.tmp -MT test/sslcorrupttest-bin-ssltestlib.o -c -o test/sslcorrupttest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssltest_old-bin-ssltest_old.d.tmp -MT test/ssltest_old-bin-ssltest_old.o -c -o test/ssltest_old-bin-ssltest_old.o ../openssl/test/ssltest_old.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/stack_test-bin-stack_test.d.tmp -MT test/stack_test-bin-stack_test.o -c -o test/stack_test-bin-stack_test.o ../openssl/test/stack_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sysdefaulttest-bin-sysdefaulttest.d.tmp -MT test/sysdefaulttest-bin-sysdefaulttest.o -c -o test/sysdefaulttest-bin-sysdefaulttest.o ../openssl/test/sysdefaulttest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/test_test-bin-test_test.d.tmp -MT test/test_test-bin-test_test.o -c -o test/test_test-bin-test_test.o ../openssl/test/test_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/threadstest-bin-threadstest.d.tmp -MT test/threadstest-bin-threadstest.o -c -o test/threadstest-bin-threadstest.o ../openssl/test/threadstest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/time_offset_test-bin-time_offset_test.d.tmp -MT test/time_offset_test-bin-time_offset_test.o -c -o test/time_offset_test-bin-time_offset_test.o ../openssl/test/time_offset_test.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13ccstest-bin-ssltestlib.d.tmp -MT test/tls13ccstest-bin-ssltestlib.o -c -o test/tls13ccstest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13ccstest-bin-tls13ccstest.d.tmp -MT test/tls13ccstest-bin-tls13ccstest.o -c -o test/tls13ccstest-bin-tls13ccstest.o ../openssl/test/tls13ccstest.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13encryptiontest-bin-tls13encryptiontest.d.tmp -MT test/tls13encryptiontest-bin-tls13encryptiontest.o -c -o test/tls13encryptiontest-bin-tls13encryptiontest.o ../openssl/test/tls13encryptiontest.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/tls13secretstest-bin-packet.d.tmp -MT crypto/tls13secretstest-bin-packet.o -c -o crypto/tls13secretstest-bin-packet.o ../openssl/crypto/packet.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF ssl/tls13secretstest-bin-tls13_enc.d.tmp -MT ssl/tls13secretstest-bin-tls13_enc.o -c -o ssl/tls13secretstest-bin-tls13_enc.o ../openssl/ssl/tls13_enc.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13secretstest-bin-tls13secretstest.d.tmp -MT test/tls13secretstest-bin-tls13secretstest.o -c -o test/tls13secretstest-bin-tls13secretstest.o ../openssl/test/tls13secretstest.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/uitest-bin-apps_ui.d.tmp -MT apps/lib/uitest-bin-apps_ui.o -c -o apps/lib/uitest-bin-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/uitest-bin-uitest.d.tmp -MT test/uitest-bin-uitest.o -c -o test/uitest-bin-uitest.o ../openssl/test/uitest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/v3ext-bin-v3ext.d.tmp -MT test/v3ext-bin-v3ext.o -c -o test/v3ext-bin-v3ext.o ../openssl/test/v3ext.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/v3nametest-bin-v3nametest.d.tmp -MT test/v3nametest-bin-v3nametest.o -c -o test/v3nametest-bin-v3nametest.o ../openssl/test/v3nametest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/verify_extra_test-bin-verify_extra_test.d.tmp -MT test/verify_extra_test-bin-verify_extra_test.o -c -o test/verify_extra_test-bin-verify_extra_test.o ../openssl/test/verify_extra_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/versions-bin-versions.d.tmp -MT test/versions-bin-versions.o -c -o test/versions-bin-versions.o ../openssl/test/versions.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/wpackettest-bin-wpackettest.d.tmp -MT test/wpackettest-bin-wpackettest.o -c -o test/wpackettest-bin-wpackettest.o ../openssl/test/wpackettest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.d.tmp -MT test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o -c -o test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o ../openssl/test/x509_check_cert_pkey_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_dup_cert_test-bin-x509_dup_cert_test.d.tmp -MT test/x509_dup_cert_test-bin-x509_dup_cert_test.o -c -o test/x509_dup_cert_test-bin-x509_dup_cert_test.o ../openssl/test/x509_dup_cert_test.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_internal_test-bin-x509_internal_test.d.tmp -MT test/x509_internal_test-bin-x509_internal_test.o -c -o test/x509_internal_test-bin-x509_internal_test.o ../openssl/test/x509_internal_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_time_test-bin-x509_time_test.d.tmp -MT test/x509_time_test-bin-x509_time_test.o -c -o test/x509_time_test-bin-x509_time_test.o ../openssl/test/x509_time_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509aux-bin-x509aux.d.tmp -MT test/x509aux-bin-x509aux.o -c -o test/x509aux-bin-x509aux.o ../openssl/test/x509aux.c
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/apps/CA.pl.in > "apps/CA.pl"
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/apps/tsget.in > "apps/tsget.pl"
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/tools/c_rehash.in > "tools/c_rehash"
chmod a+x apps/CA.pl
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/util/shlib_wrap.sh.in > "util/shlib_wrap.sh"
chmod a+x apps/tsget.pl
ar r apps/libapps.a apps/lib/libapps-lib-app_params.o apps/lib/libapps-lib-app_provider.o apps/lib/libapps-lib-app_rand.o apps/lib/libapps-lib-app_x509.o apps/lib/libapps-lib-apps.o apps/lib/libapps-lib-apps_ui.o apps/lib/libapps-lib-columns.o apps/lib/libapps-lib-fmt.o apps/lib/libapps-lib-http_server.o apps/lib/libapps-lib-names.o apps/lib/libapps-lib-opt.o apps/lib/libapps-lib-s_cb.o apps/lib/libapps-lib-s_socket.o
ar: creating apps/libapps.a
ranlib apps/libapps.a || echo Never mind.
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aes-x86_64.o crypto/aes/aes-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-mb-x86_64.o crypto/aes/aesni-mb-x86_64.s
chmod a+x tools/c_rehash
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-sha1-x86_64.o crypto/aes/aesni-sha1-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-sha256-x86_64.o crypto/aes/aesni-sha256-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-x86_64.o crypto/aes/aesni-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-bsaes-x86_64.o crypto/aes/bsaes-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-vpaes-x86_64.o crypto/aes/vpaes-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-rsaz-avx2.o crypto/bn/rsaz-avx2.s
chmod a+x util/shlib_wrap.sh
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-rsaz-x86_64.o crypto/bn/rsaz-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-x86_64-gf2m.o crypto/bn/x86_64-gf2m.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-x86_64-mont.o crypto/bn/x86_64-mont.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-x86_64-mont5.o crypto/bn/x86_64-mont5.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/camellia/libcrypto-lib-cmll-x86_64.o crypto/camellia/cmll-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/chacha/libcrypto-lib-chacha-x86_64.o crypto/chacha/chacha-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/ec/libcrypto-lib-ecp_nistz256-x86_64.o crypto/ec/ecp_nistz256-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/ec/libcrypto-lib-x25519-x86_64.o crypto/ec/x25519-x86_64.s
clang  -Icrypto -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/libcrypto-lib-cversion.d.tmp -MT crypto/libcrypto-lib-cversion.o -c -o crypto/libcrypto-lib-cversion.o ../openssl/crypto/cversion.c
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/libcrypto-lib-x86_64cpuid.o crypto/x86_64cpuid.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/md5/libcrypto-lib-md5-x86_64.o crypto/md5/md5-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/modes/libcrypto-lib-aesni-gcm-x86_64.o crypto/modes/aesni-gcm-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/modes/libcrypto-lib-ghash-x86_64.o crypto/modes/ghash-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/poly1305/libcrypto-lib-poly1305-x86_64.o crypto/poly1305/poly1305-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/rc4/libcrypto-lib-rc4-md5-x86_64.o crypto/rc4/rc4-md5-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/rc4/libcrypto-lib-rc4-x86_64.o crypto/rc4/rc4-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-keccak1600-x86_64.o crypto/sha/keccak1600-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha1-mb-x86_64.o crypto/sha/sha1-mb-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha1-x86_64.o crypto/sha/sha1-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha256-mb-x86_64.o crypto/sha/sha256-mb-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha256-x86_64.o crypto/sha/sha256-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha512-x86_64.o crypto/sha/sha512-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/whrlpool/libcrypto-lib-wp-x86_64.o crypto/whrlpool/wp-x86_64.s
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/implementations/kdfs/libimplementations-lib-x942kdf.d.tmp -MT providers/implementations/kdfs/libimplementations-lib-x942kdf.o -c -o providers/implementations/kdfs/libimplementations-lib-x942kdf.o ../openssl/providers/implementations/kdfs/x942kdf.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/implementations/serializers/libimplementations-lib-serializer_rsa.d.tmp -MT providers/implementations/serializers/libimplementations-lib-serializer_rsa.o -c -o providers/implementations/serializers/libimplementations-lib-serializer_rsa.o ../openssl/providers/implementations/serializers/serializer_rsa.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/implementations/signature/libimplementations-lib-dsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-dsa.o -c -o providers/implementations/signature/libimplementations-lib-dsa.o ../openssl/providers/implementations/signature/dsa.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/common/der/libnonfips-lib-der_digests_gen.d.tmp -MT providers/common/der/libnonfips-lib-der_digests_gen.o -c -o providers/common/der/libnonfips-lib-der_digests_gen.o providers/common/der/der_digests_gen.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/common/der/libnonfips-lib-der_dsa_gen.d.tmp -MT providers/common/der/libnonfips-lib-der_dsa_gen.o -c -o providers/common/der/libnonfips-lib-der_dsa_gen.o providers/common/der/der_dsa_gen.c
../openssl/providers/implementations/kdfs/x942kdf.c:438:21: error: no previous extern declaration for non-static variable 'kdf_x942_kdf_functions' [-Werror,-Wmissing-variable-declarations]
const OSSL_DISPATCH kdf_x942_kdf_functions[] = {
                    ^
1 error generated.
Makefile:21236: recipe for target 'providers/implementations/kdfs/libimplementations-lib-x942kdf.o' failed
make[1]: *** [providers/implementations/kdfs/libimplementations-lib-x942kdf.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-cms'
Makefile:3117: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From openssl at openssl.org  Thu Aug  6 07:08:26 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 06 Aug 2020 07:08:26 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-des
Message-ID: <1596697706.574611.4561.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-des

Commit log since last time:

914f97eecc Fix provider cipher reinit after init/update with a partial update block.
c5b356d5d6 Mark an argument of an inline function as unused
ebc1e8fc4e openssl-cmp.pod.in: Update and extend example using Insta Demo CA
4c525cb5b6 DESERIALIZER: Fix EVP_PKEY construction by export
aff8c0a411 Fix error message on setting cert validity period in apps/cmp.c
57c05c57c3 apps: Correct and extend diagnostics of parse_name()
02ae130e3d Add 'section=...' info in error output of X509V3_EXT_nconf() as far as appropriate
1ac658ac9d Rename misleading X509V3_R_INVALID_NULL_NAME to X509V3_R_INVALID_EMPTY_NAME
c90c469376 Correct confusing X509V3 conf error output by removing needless 'section:<NULL>' etc.
b516a4b139 Correct misleading diagnostics of OBJ_txt2obj on unknown object name
8f7e897995 apps/cmp.c: Defer diagnostic output on server+proxy to be contacted
b5b6669fb6 PROV: Make the DER to KEY deserializer decode parameters too
19b4e6f8fe Coverity Fixes for issue #12531
e5b2cd5899 Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo
37d898df34 Add CHANGES.md entry for SSL_set1_host()/SSL_add1_host() taking IP literals
892a9e4c99 Disallow setting more than one IP address with SSL_add1_host()
396e720965 Fix certificate validation for IPv6 literals in sconnect demo
c832840e89 Make SSL_set1_host() and SSL_add1_host() take IP addresses
a677190779 81-test_cmp_cli.t: Skip tests with mock server if server cannot be started

Build log ended with (last 100 lines):

C0E03A92BA7F0000:error::asn1 encoding routines:d2i_PrivateKey_ex:ASN1 lib:../openssl/crypto/asn1/d2i_pr.c:67:
C0E03A92BA7F0000:error::asn1 encoding routines:asn1_check_tlen:wrong tag:../openssl/crypto/asn1/tasn_dec.c:1135:
C0E03A92BA7F0000:error::asn1 encoding routines:asn1_d2i_ex_primitive:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:698:
C0E03A92BA7F0000:error::asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:630:Field=pkey, Type=PKCS8_PRIV_KEY_INFO
C0E03A92BA7F0000:error::asn1 encoding routines:asn1_check_tlen:wrong tag:../openssl/crypto/asn1/tasn_dec.c:1135:
C0E03A92BA7F0000:error::asn1 encoding routines:asn1_d2i_ex_primitive:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:698:
C0E03A92BA7F0000:error::asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:630:Field=pkey, Type=PKCS8_PRIV_KEY_INFO
OPENSSL_FUNC:../openssl/apps/cmp.c:3039:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2881:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -proxy option is empty string, resetting option
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 1
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
Could not open file or uri test.cert.pem for loading CMP client certificate (and optionally extra certs)
C090AFB2FC7E0000:error::system library:file_open_with_libctx:No such file or directory:../openssl/crypto/store/loader_file.c:928:calling stat(test.cert.pem)
Unable to load CMP client certificate (and optionally extra certs)
OPENSSL_FUNC:../openssl/apps/cmp.c:3039:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2881:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2119:CMP warning: -subject '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=leaf' given, which overrides the subject of 'test.cert.pem' in KUR
# OPENSSL_FUNC:../openssl/apps/cmp.c:826:CMP warning: can load only one certificate in DER format from test.cert.pem
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 1
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
Could not open file or uri test.cert.pem for loading CMP client certificate (and optionally extra certs)
C040FADEB37F0000:error::system library:file_open_with_libctx:No such file or directory:../openssl/crypto/store/loader_file.c:928:calling stat(test.cert.pem)
Unable to load CMP client certificate (and optionally extra certs)
OPENSSL_FUNC:../openssl/apps/cmp.c:3039:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2881:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -subject option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -secret option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:826:CMP warning: can load only one certificate in DER format from test.cert.pem
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 1
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
    # Looks like you failed 31 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-des/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
30-test_evp.t                    (Wstat: 256 Tests: 29 Failed: 1)
  Failed test:  15
  Non-zero exit status: 1
30-test_evp_kdf.t                (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=207, Tests=3147, 869 wallclock secs (13.32 usr  1.59 sys + 809.10 cusr 55.67 csys = 879.68 CPU)
Result: FAIL
Makefile:3123: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-des'
Makefile:3121: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Thu Aug  6 07:31:56 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 06 Aug 2020 07:31:56 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dgram
Message-ID: <1596699116.892559.21472.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dgram

Commit log since last time:

914f97eecc Fix provider cipher reinit after init/update with a partial update block.
c5b356d5d6 Mark an argument of an inline function as unused
ebc1e8fc4e openssl-cmp.pod.in: Update and extend example using Insta Demo CA
4c525cb5b6 DESERIALIZER: Fix EVP_PKEY construction by export
aff8c0a411 Fix error message on setting cert validity period in apps/cmp.c
57c05c57c3 apps: Correct and extend diagnostics of parse_name()
02ae130e3d Add 'section=...' info in error output of X509V3_EXT_nconf() as far as appropriate
1ac658ac9d Rename misleading X509V3_R_INVALID_NULL_NAME to X509V3_R_INVALID_EMPTY_NAME
c90c469376 Correct confusing X509V3 conf error output by removing needless 'section:<NULL>' etc.
b516a4b139 Correct misleading diagnostics of OBJ_txt2obj on unknown object name
8f7e897995 apps/cmp.c: Defer diagnostic output on server+proxy to be contacted
b5b6669fb6 PROV: Make the DER to KEY deserializer decode parameters too
19b4e6f8fe Coverity Fixes for issue #12531
e5b2cd5899 Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo
37d898df34 Add CHANGES.md entry for SSL_set1_host()/SSL_add1_host() taking IP literals
892a9e4c99 Disallow setting more than one IP address with SSL_add1_host()
396e720965 Fix certificate validation for IPv6 literals in sconnect demo
c832840e89 Make SSL_set1_host() and SSL_add1_host() take IP addresses
a677190779 81-test_cmp_cli.t: Skip tests with mock server if server cannot be started

Build log ended with (last 100 lines):


# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build
80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok

            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 7 - iteration 7
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 8 - iteration 8
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 10 - iteration 10
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 11 - iteration 11
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 12 - iteration 12
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips.cnf => 1
    not ok 9 - running ssl_test 04-client_auth.cnf
# ------------------------------------------------------------------------------
    #   Failed test 'running ssl_test 04-client_auth.cnf'
    #   at ../openssl/test/recipes/80-test_ssl_new.t line 173.
    # Looks like you failed 1 test of 9.
not ok 5 - Test configuration 04-client_auth.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  5
  Non-zero exit status: 1
Files=207, Tests=3247, 836 wallclock secs (12.49 usr  1.25 sys + 776.90 cusr 59.71 csys = 850.35 CPU)
Result: FAIL
Makefile:3158: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dgram'
Makefile:3156: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Thu Aug  6 12:39:08 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 06 Aug 2020 12:39:08 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-err
Message-ID: <1596717548.697985.10081.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-err

Commit log since last time:

914f97eecc Fix provider cipher reinit after init/update with a partial update block.
c5b356d5d6 Mark an argument of an inline function as unused
ebc1e8fc4e openssl-cmp.pod.in: Update and extend example using Insta Demo CA
4c525cb5b6 DESERIALIZER: Fix EVP_PKEY construction by export
aff8c0a411 Fix error message on setting cert validity period in apps/cmp.c
57c05c57c3 apps: Correct and extend diagnostics of parse_name()
02ae130e3d Add 'section=...' info in error output of X509V3_EXT_nconf() as far as appropriate
1ac658ac9d Rename misleading X509V3_R_INVALID_NULL_NAME to X509V3_R_INVALID_EMPTY_NAME
c90c469376 Correct confusing X509V3 conf error output by removing needless 'section:<NULL>' etc.
b516a4b139 Correct misleading diagnostics of OBJ_txt2obj on unknown object name
8f7e897995 apps/cmp.c: Defer diagnostic output on server+proxy to be contacted
b5b6669fb6 PROV: Make the DER to KEY deserializer decode parameters too
19b4e6f8fe Coverity Fixes for issue #12531
e5b2cd5899 Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo
37d898df34 Add CHANGES.md entry for SSL_set1_host()/SSL_add1_host() taking IP literals
892a9e4c99 Disallow setting more than one IP address with SSL_add1_host()
396e720965 Fix certificate validation for IPv6 literals in sconnect demo
c832840e89 Make SSL_set1_host() and SSL_add1_host() take IP addresses
a677190779 81-test_cmp_cli.t: Skip tests with mock server if server cannot be started

Build log ended with (last 100 lines):

65-test_cmp_status.t ............... ok
65-test_cmp_vfy.t .................. ok
70-test_asyncio.t .................. ok
70-test_bad_dtls.t ................. ok
70-test_clienthello.t .............. ok
70-test_comp.t ..................... ok
70-test_key_share.t ................ ok
70-test_packet.t ................... ok
70-test_recordlen.t ................ ok
70-test_renegotiation.t ............ ok
70-test_servername.t ............... ok
70-test_sslcbcpadding.t ............ ok
70-test_sslcertstatus.t ............ ok
70-test_sslextension.t ............. ok
70-test_sslmessages.t .............. ok
70-test_sslrecords.t ............... ok
70-test_sslsessiontick.t ........... ok
70-test_sslsigalgs.t ............... ok
70-test_sslsignature.t ............. ok
70-test_sslskewith0p.t ............. ok
70-test_sslversions.t .............. ok
70-test_sslvertol.t ................ ok
70-test_tls13alerts.t .............. ok
70-test_tls13cookie.t .............. ok
70-test_tls13downgrade.t ........... ok
70-test_tls13hrr.t ................. ok
70-test_tls13kexmodes.t ............ ok
70-test_tls13messages.t ............ ok
70-test_tls13psk.t ................. ok
70-test_tlsextms.t ................. ok
70-test_verify_extra.t ............. ok
70-test_wpacket.t .................. ok
71-test_ssl_ctx.t .................. ok
80-test_ca.t ....................... ok
80-test_cipherbytes.t .............. ok
80-test_cipherlist.t ............... ok
80-test_ciphername.t ............... ok

# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... ok
80-test_dtls_mtu.t ................. ok
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok
80-test_ssl_new.t .................. ok
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
04-test_err.t                    (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=207, Tests=3113, 862 wallclock secs (13.01 usr  1.16 sys + 802.25 cusr 59.70 csys = 876.12 CPU)
Result: FAIL
Makefile:3160: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-err'
Makefile:3158: recipe for target 'tests' failed
make: *** [tests] Error 2

From matt at openssl.org  Thu Aug  6 12:49:38 2020
From: matt at openssl.org (Matt Caswell)
Date: Thu, 06 Aug 2020 12:49:38 +0000
Subject: [openssl]  master update
Message-ID: <1596718178.397913.8381.nullmailer@dev.openssl.org>

The branch master has been updated
       via  0f84cbc3e2025424772b2424be4b6fd728e7df2f (commit)
      from  914f97eecc9166fbfdb50c2d04e2b9f9d0c52198 (commit)


- Log -----------------------------------------------------------------
commit 0f84cbc3e2025424772b2424be4b6fd728e7df2f
Author: Matt Caswell <matt at openssl.org>
Date:   Thu Aug 6 13:22:30 2020 +0100

    Update copyright year
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12595)

-----------------------------------------------------------------------

Summary of changes:
 crypto/bio/bss_mem.c                         | 2 +-
 crypto/bn/bn_mont.c                          | 2 +-
 crypto/evp/cmeth_lib.c                       | 2 +-
 crypto/objects/obj_dat.c                     | 2 +-
 crypto/pem/pem_local.h                       | 2 +-
 crypto/x509/v3err.c                          | 2 +-
 demos/bio/sconnect.c                         | 2 +-
 doc/internal/man3/ossl_algorithm_do_all.pod  | 2 +-
 doc/internal/man3/ossl_method_construct.pod  | 2 +-
 doc/man3/BIO_connect.pod                     | 2 +-
 doc/man3/BIO_f_cipher.pod                    | 2 +-
 doc/man3/BIO_printf.pod                      | 2 +-
 doc/man3/BIO_read.pod                        | 2 +-
 doc/man3/BIO_s_accept.pod                    | 2 +-
 doc/man3/BIO_s_file.pod                      | 2 +-
 doc/man3/BIO_s_mem.pod                       | 2 +-
 doc/man3/BN_add.pod                          | 2 +-
 doc/man3/BN_generate_prime.pod               | 2 +-
 doc/man3/BN_mod_mul_montgomery.pod           | 2 +-
 doc/man3/BN_set_bit.pod                      | 2 +-
 doc/man3/DH_get_1024_160.pod                 | 2 +-
 doc/man3/ERR_new.pod                         | 2 +-
 doc/man3/ERR_print_errors.pod                | 2 +-
 doc/man3/EVP_MD_meth_new.pod                 | 2 +-
 doc/man3/EVP_PKEY_meth_get_count.pod         | 2 +-
 doc/man3/EVP_PKEY_meth_new.pod               | 2 +-
 doc/man3/EVP_bf_cbc.pod                      | 2 +-
 doc/man3/EVP_cast5_cbc.pod                   | 2 +-
 doc/man3/EVP_chacha20.pod                    | 2 +-
 doc/man3/EVP_desx_cbc.pod                    | 2 +-
 doc/man3/EVP_idea_cbc.pod                    | 2 +-
 doc/man3/EVP_rc2_cbc.pod                     | 2 +-
 doc/man3/EVP_rc4.pod                         | 2 +-
 doc/man3/EVP_rc5_32_12_16_cbc.pod            | 2 +-
 doc/man3/EVP_seed_cbc.pod                    | 2 +-
 doc/man3/OBJ_nid2obj.pod                     | 2 +-
 doc/man3/OPENSSL_init_ssl.pod                | 2 +-
 doc/man3/OpenSSL_add_all_algorithms.pod      | 2 +-
 doc/man3/PEM_read.pod                        | 2 +-
 doc/man3/RAND_cleanup.pod                    | 2 +-
 doc/man3/RAND_load_file.pod                  | 2 +-
 doc/man3/RSA_blinding_on.pod                 | 2 +-
 doc/man3/SSL_COMP_add_compression_method.pod | 2 +-
 doc/man3/SSL_CTX_dane_enable.pod             | 2 +-
 doc/man3/SSL_CTX_get0_param.pod              | 2 +-
 doc/man3/SSL_CTX_set_alpn_select_cb.pod      | 2 +-
 doc/man3/SSL_CTX_set_cert_cb.pod             | 2 +-
 doc/man3/SSL_CTX_set_client_cert_cb.pod      | 2 +-
 doc/man3/SSL_CTX_set_info_callback.pod       | 2 +-
 doc/man3/SSL_CTX_set_max_cert_list.pod       | 2 +-
 doc/man3/SSL_CTX_set_mode.pod                | 2 +-
 doc/man3/SSL_CTX_set_read_ahead.pod          | 2 +-
 doc/man3/SSL_CTX_set_security_level.pod      | 2 +-
 doc/man3/SSL_CTX_set_srp_password.pod        | 2 +-
 doc/man3/SSL_SESSION_get0_id_context.pod     | 2 +-
 doc/man3/SSL_SESSION_set1_id.pod             | 2 +-
 doc/man3/SSL_alloc_buffers.pod               | 2 +-
 doc/man3/SSL_load_client_CA_file.pod         | 2 +-
 doc/man3/SSL_set1_host.pod                   | 2 +-
 doc/man3/SSL_set_fd.pod                      | 2 +-
 doc/man3/SSL_state_string.pod                | 2 +-
 doc/man3/SSL_want.pod                        | 2 +-
 doc/man3/SSL_write.pod                       | 2 +-
 doc/man3/X509_SIG_get0.pod                   | 2 +-
 doc/man3/X509_new.pod                        | 2 +-
 include/crypto/serializer.h                  | 2 +-
 include/crypto/siv.h                         | 2 +-
 ssl/ssl_mcnf.c                               | 2 +-
 test/pkey_meth_test.c                        | 2 +-
 test/recipes/30-test_engine.t                | 2 +-
 test/recipes/30-test_evp_data/evpkdf.txt     | 2 +-
 test/recipes/80-test_tsa.t                   | 2 +-
 test/smime-certs/mksmime-certs.sh            | 2 +-
 test/testutil/tests.c                        | 2 +-
 74 files changed, 74 insertions(+), 74 deletions(-)

diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c
index d9580e6d37..57b7a7449e 100644
--- a/crypto/bio/bss_mem.c
+++ b/crypto/bio/bss_mem.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c
index 778b45244c..6294a4f86a 100644
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/crypto/evp/cmeth_lib.c b/crypto/evp/cmeth_lib.c
index 55f77133b5..7734295214 100644
--- a/crypto/evp/cmeth_lib.c
+++ b/crypto/evp/cmeth_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c
index b2fd4a0226..010cfa89bb 100644
--- a/crypto/objects/obj_dat.c
+++ b/crypto/objects/obj_dat.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/crypto/pem/pem_local.h b/crypto/pem/pem_local.h
index 9563925f73..2fb1e6f4d5 100644
--- a/crypto/pem/pem_local.h
+++ b/crypto/pem/pem_local.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/crypto/x509/v3err.c b/crypto/x509/v3err.c
index 91fe0d075a..4c62e59db9 100644
--- a/crypto/x509/v3err.c
+++ b/crypto/x509/v3err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/demos/bio/sconnect.c b/demos/bio/sconnect.c
index 19f8ee78de..18f7007ce7 100644
--- a/demos/bio/sconnect.c
+++ b/demos/bio/sconnect.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1998-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/internal/man3/ossl_algorithm_do_all.pod b/doc/internal/man3/ossl_algorithm_do_all.pod
index be85df3f54..f5d89d80e5 100644
--- a/doc/internal/man3/ossl_algorithm_do_all.pod
+++ b/doc/internal/man3/ossl_algorithm_do_all.pod
@@ -53,7 +53,7 @@ This functionality was added to OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use this
 file except in compliance with the License.  You can obtain a copy in the file
diff --git a/doc/internal/man3/ossl_method_construct.pod b/doc/internal/man3/ossl_method_construct.pod
index fa151bb92a..707cce6f83 100644
--- a/doc/internal/man3/ossl_method_construct.pod
+++ b/doc/internal/man3/ossl_method_construct.pod
@@ -149,7 +149,7 @@ This functionality was added to OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use this
 file except in compliance with the License.  You can obtain a copy in the file
diff --git a/doc/man3/BIO_connect.pod b/doc/man3/BIO_connect.pod
index 3d51720a9f..3134ccb8c3 100644
--- a/doc/man3/BIO_connect.pod
+++ b/doc/man3/BIO_connect.pod
@@ -107,7 +107,7 @@ Use the functions described above instead.
 
 =head1 COPYRIGHT
 
-Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/BIO_f_cipher.pod b/doc/man3/BIO_f_cipher.pod
index 807977215f..48f5536039 100644
--- a/doc/man3/BIO_f_cipher.pod
+++ b/doc/man3/BIO_f_cipher.pod
@@ -71,7 +71,7 @@ BIO_get_cipher_ctx() currently always returns 1.
 
 =head1 COPYRIGHT
 
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/BIO_printf.pod b/doc/man3/BIO_printf.pod
index 625360b323..2d7c230308 100644
--- a/doc/man3/BIO_printf.pod
+++ b/doc/man3/BIO_printf.pod
@@ -40,7 +40,7 @@ buffer is too small.
 
 =head1 COPYRIGHT
 
-Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/BIO_read.pod b/doc/man3/BIO_read.pod
index ccd165189e..abaf4cb6a4 100644
--- a/doc/man3/BIO_read.pod
+++ b/doc/man3/BIO_read.pod
@@ -87,7 +87,7 @@ keep the '\n' at the end of the line in the buffer.
 
 =head1 COPYRIGHT
 
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/BIO_s_accept.pod b/doc/man3/BIO_s_accept.pod
index 6c091bbb5c..02c6006453 100644
--- a/doc/man3/BIO_s_accept.pod
+++ b/doc/man3/BIO_s_accept.pod
@@ -224,7 +224,7 @@ down each and finally closes both down.
 
 =head1 COPYRIGHT
 
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/BIO_s_file.pod b/doc/man3/BIO_s_file.pod
index 7b6246669b..c2beb7f924 100644
--- a/doc/man3/BIO_s_file.pod
+++ b/doc/man3/BIO_s_file.pod
@@ -158,7 +158,7 @@ L<BIO_set_close(3)>, L<BIO_get_close(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/BIO_s_mem.pod b/doc/man3/BIO_s_mem.pod
index a00ef5dd98..6b3cc6a2da 100644
--- a/doc/man3/BIO_s_mem.pod
+++ b/doc/man3/BIO_s_mem.pod
@@ -154,7 +154,7 @@ Extract the BUF_MEM structure from a memory BIO and then free up the BIO:
 
 =head1 COPYRIGHT
 
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/BN_add.pod b/doc/man3/BN_add.pod
index 6f9b923914..62d3ee7205 100644
--- a/doc/man3/BN_add.pod
+++ b/doc/man3/BN_add.pod
@@ -119,7 +119,7 @@ L<BN_add_word(3)>, L<BN_set_bit(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/BN_generate_prime.pod b/doc/man3/BN_generate_prime.pod
index 9827499b39..97632ac64b 100644
--- a/doc/man3/BN_generate_prime.pod
+++ b/doc/man3/BN_generate_prime.pod
@@ -240,7 +240,7 @@ BN_check_prime() was added in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/BN_mod_mul_montgomery.pod b/doc/man3/BN_mod_mul_montgomery.pod
index 24109e2a1d..82db19308e 100644
--- a/doc/man3/BN_mod_mul_montgomery.pod
+++ b/doc/man3/BN_mod_mul_montgomery.pod
@@ -80,7 +80,7 @@ BN_MONT_CTX_init() was removed in OpenSSL 1.1.0
 
 =head1 COPYRIGHT
 
-Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/BN_set_bit.pod b/doc/man3/BN_set_bit.pod
index 323eb7d659..c2bed68d91 100644
--- a/doc/man3/BN_set_bit.pod
+++ b/doc/man3/BN_set_bit.pod
@@ -59,7 +59,7 @@ L<BN_num_bytes(3)>, L<BN_add(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/DH_get_1024_160.pod b/doc/man3/DH_get_1024_160.pod
index c47a6874b7..8bf9ddfadc 100644
--- a/doc/man3/DH_get_1024_160.pod
+++ b/doc/man3/DH_get_1024_160.pod
@@ -64,7 +64,7 @@ Defined above.
 
 =head1 COPYRIGHT
 
-Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/ERR_new.pod b/doc/man3/ERR_new.pod
index ada27ed360..4c18f76ef3 100644
--- a/doc/man3/ERR_new.pod
+++ b/doc/man3/ERR_new.pod
@@ -68,7 +68,7 @@ L<ERR_load_strings(3)>, L<BIO_snprintf(3)>, L<provider-base(7)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/ERR_print_errors.pod b/doc/man3/ERR_print_errors.pod
index 95efe364f2..b09c098389 100644
--- a/doc/man3/ERR_print_errors.pod
+++ b/doc/man3/ERR_print_errors.pod
@@ -49,7 +49,7 @@ L<ERR_get_error(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/EVP_MD_meth_new.pod b/doc/man3/EVP_MD_meth_new.pod
index 7beaaebc0b..e2db3fc52a 100644
--- a/doc/man3/EVP_MD_meth_new.pod
+++ b/doc/man3/EVP_MD_meth_new.pod
@@ -194,7 +194,7 @@ counted in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/EVP_PKEY_meth_get_count.pod b/doc/man3/EVP_PKEY_meth_get_count.pod
index 7b56de5c8a..278600f4b2 100644
--- a/doc/man3/EVP_PKEY_meth_get_count.pod
+++ b/doc/man3/EVP_PKEY_meth_get_count.pod
@@ -51,7 +51,7 @@ All of these functions were deprecated in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2002-2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/EVP_PKEY_meth_new.pod b/doc/man3/EVP_PKEY_meth_new.pod
index 48df32f65b..4432fff516 100644
--- a/doc/man3/EVP_PKEY_meth_new.pod
+++ b/doc/man3/EVP_PKEY_meth_new.pod
@@ -453,7 +453,7 @@ All of these functions were deprecated in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/EVP_bf_cbc.pod b/doc/man3/EVP_bf_cbc.pod
index ef9f2c2374..0338562087 100644
--- a/doc/man3/EVP_bf_cbc.pod
+++ b/doc/man3/EVP_bf_cbc.pod
@@ -51,7 +51,7 @@ L<EVP_CIPHER_meth_new(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/EVP_cast5_cbc.pod b/doc/man3/EVP_cast5_cbc.pod
index bb9ca80316..e823a197f9 100644
--- a/doc/man3/EVP_cast5_cbc.pod
+++ b/doc/man3/EVP_cast5_cbc.pod
@@ -51,7 +51,7 @@ L<EVP_CIPHER_meth_new(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/EVP_chacha20.pod b/doc/man3/EVP_chacha20.pod
index 00890bb383..060b1bfc25 100644
--- a/doc/man3/EVP_chacha20.pod
+++ b/doc/man3/EVP_chacha20.pod
@@ -54,7 +54,7 @@ L<EVP_CIPHER_meth_new(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/EVP_desx_cbc.pod b/doc/man3/EVP_desx_cbc.pod
index aafda64bfc..c9e250f34c 100644
--- a/doc/man3/EVP_desx_cbc.pod
+++ b/doc/man3/EVP_desx_cbc.pod
@@ -39,7 +39,7 @@ L<EVP_CIPHER_meth_new(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/EVP_idea_cbc.pod b/doc/man3/EVP_idea_cbc.pod
index c1afb6d0a8..2fa5a2925f 100644
--- a/doc/man3/EVP_idea_cbc.pod
+++ b/doc/man3/EVP_idea_cbc.pod
@@ -49,7 +49,7 @@ L<EVP_CIPHER_meth_new(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/EVP_rc2_cbc.pod b/doc/man3/EVP_rc2_cbc.pod
index b1fe2c0ebd..e6111ff3af 100644
--- a/doc/man3/EVP_rc2_cbc.pod
+++ b/doc/man3/EVP_rc2_cbc.pod
@@ -65,7 +65,7 @@ L<EVP_CIPHER_meth_new(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/EVP_rc4.pod b/doc/man3/EVP_rc4.pod
index dafa18b240..9deaab97f8 100644
--- a/doc/man3/EVP_rc4.pod
+++ b/doc/man3/EVP_rc4.pod
@@ -57,7 +57,7 @@ L<EVP_CIPHER_meth_new(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/EVP_rc5_32_12_16_cbc.pod b/doc/man3/EVP_rc5_32_12_16_cbc.pod
index 4de6df0187..8ac23b4a9e 100644
--- a/doc/man3/EVP_rc5_32_12_16_cbc.pod
+++ b/doc/man3/EVP_rc5_32_12_16_cbc.pod
@@ -71,7 +71,7 @@ L<EVP_CIPHER_meth_new(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/EVP_seed_cbc.pod b/doc/man3/EVP_seed_cbc.pod
index efc10de20a..eef7dd540d 100644
--- a/doc/man3/EVP_seed_cbc.pod
+++ b/doc/man3/EVP_seed_cbc.pod
@@ -51,7 +51,7 @@ L<EVP_CIPHER_meth_new(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/OBJ_nid2obj.pod b/doc/man3/OBJ_nid2obj.pod
index 771f32a7fa..9089f95622 100644
--- a/doc/man3/OBJ_nid2obj.pod
+++ b/doc/man3/OBJ_nid2obj.pod
@@ -181,7 +181,7 @@ and should not be used.
 
 =head1 COPYRIGHT
 
-Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/OPENSSL_init_ssl.pod b/doc/man3/OPENSSL_init_ssl.pod
index ce6f23042a..ca060bffc8 100644
--- a/doc/man3/OPENSSL_init_ssl.pod
+++ b/doc/man3/OPENSSL_init_ssl.pod
@@ -74,7 +74,7 @@ The OPENSSL_init_ssl() function was added in OpenSSL 1.1.0.
 
 =head1 COPYRIGHT
 
-Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/OpenSSL_add_all_algorithms.pod b/doc/man3/OpenSSL_add_all_algorithms.pod
index 7a2e7d325a..263d9b00fd 100644
--- a/doc/man3/OpenSSL_add_all_algorithms.pod
+++ b/doc/man3/OpenSSL_add_all_algorithms.pod
@@ -53,7 +53,7 @@ not be used.
 
 =head1 COPYRIGHT
 
-Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/PEM_read.pod b/doc/man3/PEM_read.pod
index 0f71a84408..c76039f711 100644
--- a/doc/man3/PEM_read.pod
+++ b/doc/man3/PEM_read.pod
@@ -122,7 +122,7 @@ L<passphrase-encoding(7)>
 
 =head1 COPYRIGHT
 
-Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/RAND_cleanup.pod b/doc/man3/RAND_cleanup.pod
index 6f854eaef2..f407620ddd 100644
--- a/doc/man3/RAND_cleanup.pod
+++ b/doc/man3/RAND_cleanup.pod
@@ -36,7 +36,7 @@ See L<OPENSSL_init_crypto(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/RAND_load_file.pod b/doc/man3/RAND_load_file.pod
index a5e146cc27..baca54cb3c 100644
--- a/doc/man3/RAND_load_file.pod
+++ b/doc/man3/RAND_load_file.pod
@@ -77,7 +77,7 @@ L<RAND(7)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/RSA_blinding_on.pod b/doc/man3/RSA_blinding_on.pod
index cd57839fdd..b74ca4074f 100644
--- a/doc/man3/RSA_blinding_on.pod
+++ b/doc/man3/RSA_blinding_on.pod
@@ -33,7 +33,7 @@ RSA_blinding_off() returns no value.
 
 =head1 COPYRIGHT
 
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SSL_COMP_add_compression_method.pod b/doc/man3/SSL_COMP_add_compression_method.pod
index e62374838d..87718df408 100644
--- a/doc/man3/SSL_COMP_add_compression_method.pod
+++ b/doc/man3/SSL_COMP_add_compression_method.pod
@@ -96,7 +96,7 @@ The SSL_COMP_get0_name() and SSL_comp_get_id() functions were added in OpenSSL 1
 
 =head1 COPYRIGHT
 
-Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SSL_CTX_dane_enable.pod b/doc/man3/SSL_CTX_dane_enable.pod
index 4ca9e978b1..e886325191 100644
--- a/doc/man3/SSL_CTX_dane_enable.pod
+++ b/doc/man3/SSL_CTX_dane_enable.pod
@@ -373,7 +373,7 @@ These functions were added in OpenSSL 1.1.0.
 
 =head1 COPYRIGHT
 
-Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SSL_CTX_get0_param.pod b/doc/man3/SSL_CTX_get0_param.pod
index 958b251926..6985517366 100644
--- a/doc/man3/SSL_CTX_get0_param.pod
+++ b/doc/man3/SSL_CTX_get0_param.pod
@@ -55,7 +55,7 @@ These functions were added in OpenSSL 1.0.2.
 
 =head1 COPYRIGHT
 
-Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SSL_CTX_set_alpn_select_cb.pod b/doc/man3/SSL_CTX_set_alpn_select_cb.pod
index 62da53cd79..102e657851 100644
--- a/doc/man3/SSL_CTX_set_alpn_select_cb.pod
+++ b/doc/man3/SSL_CTX_set_alpn_select_cb.pod
@@ -187,7 +187,7 @@ L<SSL_CTX_set_tlsext_servername_arg(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SSL_CTX_set_cert_cb.pod b/doc/man3/SSL_CTX_set_cert_cb.pod
index efcd25a538..c3966782c0 100644
--- a/doc/man3/SSL_CTX_set_cert_cb.pod
+++ b/doc/man3/SSL_CTX_set_cert_cb.pod
@@ -70,7 +70,7 @@ L<SSL_clear(3)>, L<SSL_free(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SSL_CTX_set_client_cert_cb.pod b/doc/man3/SSL_CTX_set_client_cert_cb.pod
index 977ad02155..f1341cb40e 100644
--- a/doc/man3/SSL_CTX_set_client_cert_cb.pod
+++ b/doc/man3/SSL_CTX_set_client_cert_cb.pod
@@ -100,7 +100,7 @@ L<SSL_clear(3)>, L<SSL_free(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SSL_CTX_set_info_callback.pod b/doc/man3/SSL_CTX_set_info_callback.pod
index 19973b2f9e..9cee642073 100644
--- a/doc/man3/SSL_CTX_set_info_callback.pod
+++ b/doc/man3/SSL_CTX_set_info_callback.pod
@@ -156,7 +156,7 @@ L<SSL_alert_type_string(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SSL_CTX_set_max_cert_list.pod b/doc/man3/SSL_CTX_set_max_cert_list.pod
index 9f44673246..ea18ccb3ff 100644
--- a/doc/man3/SSL_CTX_set_max_cert_list.pod
+++ b/doc/man3/SSL_CTX_set_max_cert_list.pod
@@ -72,7 +72,7 @@ L<SSL_CTX_set_verify(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SSL_CTX_set_mode.pod b/doc/man3/SSL_CTX_set_mode.pod
index 160110f9f1..a814022d3c 100644
--- a/doc/man3/SSL_CTX_set_mode.pod
+++ b/doc/man3/SSL_CTX_set_mode.pod
@@ -154,7 +154,7 @@ SSL_MODE_NO_KTLS_TX was added in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SSL_CTX_set_read_ahead.pod b/doc/man3/SSL_CTX_set_read_ahead.pod
index 09900794c8..c2fc6fd7dc 100644
--- a/doc/man3/SSL_CTX_set_read_ahead.pod
+++ b/doc/man3/SSL_CTX_set_read_ahead.pod
@@ -64,7 +64,7 @@ L<ssl(7)>, L<SSL_pending(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SSL_CTX_set_security_level.pod b/doc/man3/SSL_CTX_set_security_level.pod
index 4b1fef867c..292d6a2333 100644
--- a/doc/man3/SSL_CTX_set_security_level.pod
+++ b/doc/man3/SSL_CTX_set_security_level.pod
@@ -178,7 +178,7 @@ These functions were added in OpenSSL 1.1.0.
 
 =head1 COPYRIGHT
 
-Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SSL_CTX_set_srp_password.pod b/doc/man3/SSL_CTX_set_srp_password.pod
index 347bb3bf78..bd89261485 100644
--- a/doc/man3/SSL_CTX_set_srp_password.pod
+++ b/doc/man3/SSL_CTX_set_srp_password.pod
@@ -207,7 +207,7 @@ These functions were added in OpenSSL 1.0.1.
 
 =head1 COPYRIGHT
 
-Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SSL_SESSION_get0_id_context.pod b/doc/man3/SSL_SESSION_get0_id_context.pod
index 65ac76a9a8..c210eb0cf7 100644
--- a/doc/man3/SSL_SESSION_get0_id_context.pod
+++ b/doc/man3/SSL_SESSION_get0_id_context.pod
@@ -46,7 +46,7 @@ The SSL_SESSION_get0_id_context() function was added in OpenSSL 1.1.0.
 
 =head1 COPYRIGHT
 
-Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SSL_SESSION_set1_id.pod b/doc/man3/SSL_SESSION_set1_id.pod
index 297e9cdacb..f4cdcde509 100644
--- a/doc/man3/SSL_SESSION_set1_id.pod
+++ b/doc/man3/SSL_SESSION_set1_id.pod
@@ -40,7 +40,7 @@ The SSL_SESSION_set1_id() function was added in OpenSSL 1.1.0.
 
 =head1 COPYRIGHT
 
-Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SSL_alloc_buffers.pod b/doc/man3/SSL_alloc_buffers.pod
index d27da05b2f..678640a569 100644
--- a/doc/man3/SSL_alloc_buffers.pod
+++ b/doc/man3/SSL_alloc_buffers.pod
@@ -58,7 +58,7 @@ L<CRYPTO_set_mem_functions(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SSL_load_client_CA_file.pod b/doc/man3/SSL_load_client_CA_file.pod
index 892e362a65..c3f0cd80f9 100644
--- a/doc/man3/SSL_load_client_CA_file.pod
+++ b/doc/man3/SSL_load_client_CA_file.pod
@@ -96,7 +96,7 @@ were added in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SSL_set1_host.pod b/doc/man3/SSL_set1_host.pod
index 6278f89ed5..c91a075a6a 100644
--- a/doc/man3/SSL_set1_host.pod
+++ b/doc/man3/SSL_set1_host.pod
@@ -109,7 +109,7 @@ These functions were added in OpenSSL 1.1.0.
 
 =head1 COPYRIGHT
 
-Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SSL_set_fd.pod b/doc/man3/SSL_set_fd.pod
index 01c362360c..0b474eb99b 100644
--- a/doc/man3/SSL_set_fd.pod
+++ b/doc/man3/SSL_set_fd.pod
@@ -53,7 +53,7 @@ L<SSL_shutdown(3)>, L<ssl(7)> , L<bio(7)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SSL_state_string.pod b/doc/man3/SSL_state_string.pod
index 465e425ccd..f1bd6eba9d 100644
--- a/doc/man3/SSL_state_string.pod
+++ b/doc/man3/SSL_state_string.pod
@@ -44,7 +44,7 @@ L<ssl(7)>, L<SSL_CTX_set_info_callback(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SSL_want.pod b/doc/man3/SSL_want.pod
index 65f056f5fa..5b7955546c 100644
--- a/doc/man3/SSL_want.pod
+++ b/doc/man3/SSL_want.pod
@@ -106,7 +106,7 @@ were added in OpenSSL 1.1.1.
 
 =head1 COPYRIGHT
 
-Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SSL_write.pod b/doc/man3/SSL_write.pod
index ef1193c674..06bd368c46 100644
--- a/doc/man3/SSL_write.pod
+++ b/doc/man3/SSL_write.pod
@@ -145,7 +145,7 @@ The SSL_sendfile() function was added in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/X509_SIG_get0.pod b/doc/man3/X509_SIG_get0.pod
index ca67d3d0bf..44c6166ffe 100644
--- a/doc/man3/X509_SIG_get0.pod
+++ b/doc/man3/X509_SIG_get0.pod
@@ -30,7 +30,7 @@ L<d2i_X509(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/X509_new.pod b/doc/man3/X509_new.pod
index 798f7a7760..29baef570d 100644
--- a/doc/man3/X509_new.pod
+++ b/doc/man3/X509_new.pod
@@ -86,7 +86,7 @@ The function X509_new_with_libctx() was added in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/include/crypto/serializer.h b/include/crypto/serializer.h
index df4953994f..84d6b54de7 100644
--- a/include/crypto/serializer.h
+++ b/include/crypto/serializer.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/include/crypto/siv.h b/include/crypto/siv.h
index 9ed8b1b121..fd39be00db 100644
--- a/include/crypto/siv.h
+++ b/include/crypto/siv.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/ssl/ssl_mcnf.c b/ssl/ssl_mcnf.c
index 66f0bc5abe..10c2f412e0 100644
--- a/ssl/ssl_mcnf.c
+++ b/ssl/ssl_mcnf.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/test/pkey_meth_test.c b/test/pkey_meth_test.c
index ecff269fec..d3c6c79684 100644
--- a/test/pkey_meth_test.c
+++ b/test/pkey_meth_test.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/test/recipes/30-test_engine.t b/test/recipes/30-test_engine.t
index 443c0484b2..57a2479b04 100644
--- a/test/recipes/30-test_engine.t
+++ b/test/recipes/30-test_engine.t
@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the Apache License 2.0 (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
diff --git a/test/recipes/30-test_evp_data/evpkdf.txt b/test/recipes/30-test_evp_data/evpkdf.txt
index 85bc53991b..ac4f5e87fd 100644
--- a/test/recipes/30-test_evp_data/evpkdf.txt
+++ b/test/recipes/30-test_evp_data/evpkdf.txt
@@ -1,5 +1,5 @@
 #
-# Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the Apache License 2.0 (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
diff --git a/test/recipes/80-test_tsa.t b/test/recipes/80-test_tsa.t
index 3a4d729d0d..1d80b24bac 100644
--- a/test/recipes/80-test_tsa.t
+++ b/test/recipes/80-test_tsa.t
@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the Apache License 2.0 (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
diff --git a/test/smime-certs/mksmime-certs.sh b/test/smime-certs/mksmime-certs.sh
index 9316831d64..b0603d4e86 100644
--- a/test/smime-certs/mksmime-certs.sh
+++ b/test/smime-certs/mksmime-certs.sh
@@ -1,5 +1,5 @@
 #!/bin/sh
-# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2013-2020 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the Apache License 2.0 (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
diff --git a/test/testutil/tests.c b/test/testutil/tests.c
index c1605ca8eb..cb3f77f14a 100644
--- a/test/testutil/tests.c
+++ b/test/testutil/tests.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy

From matt at openssl.org  Thu Aug  6 13:27:38 2020
From: matt at openssl.org (Matt Caswell)
Date: Thu, 06 Aug 2020 13:27:38 +0000
Subject: [openssl]  master update
Message-ID: <1596720458.158162.20784.nullmailer@dev.openssl.org>

The branch master has been updated
       via  1b2873e4a1ed49b45555eb9a6ecff4d38df8d7e9 (commit)
       via  e3ec8020b433f9bccebb547889e43c4691eb8713 (commit)
      from  0f84cbc3e2025424772b2424be4b6fd728e7df2f (commit)


- Log -----------------------------------------------------------------
commit 1b2873e4a1ed49b45555eb9a6ecff4d38df8d7e9
Author: Matt Caswell <matt at openssl.org>
Date:   Thu Aug 6 14:02:31 2020 +0100

    Prepare for 3.0 alpha 7
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>

commit e3ec8020b433f9bccebb547889e43c4691eb8713
Author: Matt Caswell <matt at openssl.org>
Date:   Thu Aug 6 14:00:13 2020 +0100

    Prepare for release of 3.0 alpha 6
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>

-----------------------------------------------------------------------

Summary of changes:
 VERSION.dat | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VERSION.dat b/VERSION.dat
index 7c83447f66..fa4e93c5f0 100644
--- a/VERSION.dat
+++ b/VERSION.dat
@@ -1,7 +1,7 @@
 MAJOR=3
 MINOR=0
 PATCH=0
-PRE_RELEASE_TAG=alpha6-dev
+PRE_RELEASE_TAG=alpha7-dev
 BUILD_METADATA=
 RELEASE_DATE=""
 SHLIB_VERSION=3

From matt at openssl.org  Thu Aug  6 13:41:33 2020
From: matt at openssl.org (Matt Caswell)
Date: Thu, 06 Aug 2020 13:41:33 +0000
Subject: [web]  master update
Message-ID: <1596721293.556636.16673.nullmailer@dev.openssl.org>

The branch master has been updated
       via  1ee0b6a74934e813ae26995ae59cab209127da03 (commit)
      from  352c7424739f080133f1309e1dff033cd66f2c4a (commit)


- Log -----------------------------------------------------------------
commit 1ee0b6a74934e813ae26995ae59cab209127da03
Author: Matt Caswell <matt at openssl.org>
Date:   Thu Aug 6 14:18:45 2020 +0100

    Update newsflash.txt for the alpha6 release
    
    Reviewed-by: Mark J. Cox <mark at awe.com>
    (Merged from https://github.com/openssl/web/pull/190)

-----------------------------------------------------------------------

Summary of changes:
 news/newsflash.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/news/newsflash.txt b/news/newsflash.txt
index 163dd21..a1094b9 100644
--- a/news/newsflash.txt
+++ b/news/newsflash.txt
@@ -5,6 +5,7 @@
 # headings.  URL paths must all be absolute.
 Date: Item
 
+06-Aug-2020: Alpha 6 of OpenSSL 3.0 is now available: please download and test it
 16-Jul-2020: Alpha 5 of OpenSSL 3.0 is now available: please download and test it
 25-Jun-2020: New Blog post: <a href="/blog/blog/2020/06/25/OpenSSL3.0Alpha4/">OpenSSL 3.0 Alpha4 Release</a>
 25-Jun-2020: Alpha 4 of OpenSSL 3.0 is now available: please download and test it

From builds at travis-ci.com  Thu Aug  6 14:42:09 2020
From: builds at travis-ci.com (Travis CI)
Date: Thu, 06 Aug 2020 14:42:09 +0000
Subject: Failed: openssl/openssl#36523 (master - 0f84cbc)
In-Reply-To: <openssl/openssl+178750910+failed@travis-ci.com>
Message-ID: <5f2c16c081dea_13fd10d91381848312c@travis-pro-tasks-55c9447d6-w6b2f.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36523
Status: Failed

Duration: 1 hr, 18 mins, and 6 secs
Commit: 0f84cbc (master)
Author: Matt Caswell
Message: Update copyright year

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12595)

View the changeset: https://github.com/openssl/openssl/compare/914f97eecc91...0f84cbc3e202

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178750910?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200806/d53b2db5/attachment.html>

From tmraz at fedoraproject.org  Thu Aug  6 16:06:19 2020
From: tmraz at fedoraproject.org (tmraz at fedoraproject.org)
Date: Thu, 06 Aug 2020 16:06:19 +0000
Subject: [openssl]  master update
Message-ID: <1596729979.830830.31487.nullmailer@dev.openssl.org>

The branch master has been updated
       via  15c9aa3aef77c642ef2b6c84bba2b57b35ed083e (commit)
      from  1b2873e4a1ed49b45555eb9a6ecff4d38df8d7e9 (commit)


- Log -----------------------------------------------------------------
commit 15c9aa3aef77c642ef2b6c84bba2b57b35ed083e
Author: Sahana Prasad <sahana at redhat.com>
Date:   Wed Jul 22 13:36:36 2020 +0200

    apps/pkcs12: Change defaults from RC2 to PBES2 with PBKDF2
    
    Fixes #11672
    
    Add "-legacy" option to load the legacy provider and
    fall back to the old legacy default algorithms.
    
    doc/man1/openssl-pkcs12.pod.in: updates documentation about the new
    "-legacy" option
    
    Signed-off-by: Sahana Prasad <sahana at redhat.com>
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12540)

-----------------------------------------------------------------------

Summary of changes:
 apps/pkcs12.c                  | 46 ++++++++++++++++++++++++++++++++----------
 doc/man1/openssl-pkcs12.pod.in | 24 ++++++++++++++++++++--
 2 files changed, 57 insertions(+), 13 deletions(-)

diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index ca83e2d1be..3398250efd 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -18,6 +18,7 @@
 #include <openssl/err.h>
 #include <openssl/pem.h>
 #include <openssl/pkcs12.h>
+#include <openssl/provider.h>
 
 DEFINE_STACK_OF(X509)
 DEFINE_STACK_OF(PKCS7)
@@ -61,12 +62,13 @@ typedef enum OPTION_choice {
     OPT_INKEY, OPT_CERTFILE, OPT_NAME, OPT_CSP, OPT_CANAME,
     OPT_IN, OPT_OUT, OPT_PASSIN, OPT_PASSOUT, OPT_PASSWORD, OPT_CAPATH,
     OPT_CAFILE, OPT_CASTORE, OPT_NOCAPATH, OPT_NOCAFILE, OPT_NOCASTORE, OPT_ENGINE,
-    OPT_R_ENUM, OPT_PROV_ENUM
+    OPT_R_ENUM, OPT_PROV_ENUM, OPT_LEGACY_ALG
 } OPTION_CHOICE;
 
 const OPTIONS pkcs12_options[] = {
     OPT_SECTION("General"),
     {"help", OPT_HELP, '-', "Display this summary"},
+    {"legacy", OPT_LEGACY_ALG, '-', "use legacy algorithms"},
 #ifndef OPENSSL_NO_ENGINE
     {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
 #endif
@@ -117,9 +119,9 @@ const OPTIONS pkcs12_options[] = {
     OPT_SECTION("Encryption"),
 #ifndef OPENSSL_NO_RC2
     {"descert", OPT_DESCERT, '-',
-     "Encrypt output with 3DES (default RC2-40)"},
+     "Encrypt output with 3DES (default PBES2 with PBKDF2 and AES-256 CBC)"},
     {"certpbe", OPT_CERTPBE, 's',
-     "Certificate PBE algorithm (default RC2-40)"},
+     "Certificate PBE algorithm (default PBES2 with PBKDF2 and AES-256 CBC)"},
 #else
     {"descert", OPT_DESCERT, '-', "Encrypt output with 3DES (the default)"},
     {"certpbe", OPT_CERTPBE, 's', "Certificate PBE algorithm (default 3DES)"},
@@ -143,14 +145,10 @@ int pkcs12_main(int argc, char **argv)
     char *infile = NULL, *outfile = NULL, *keyname = NULL, *certfile = NULL;
     char *name = NULL, *csp_name = NULL;
     char pass[PASSWD_BUF_SIZE] = "", macpass[PASSWD_BUF_SIZE] = "";
-    int export_cert = 0, options = 0, chain = 0, twopass = 0, keytype = 0;
+    int export_cert = 0, options = 0, chain = 0, twopass = 0, keytype = 0, use_legacy = 0;
     int iter = PKCS12_DEFAULT_ITER, maciter = PKCS12_DEFAULT_ITER;
-#ifndef OPENSSL_NO_RC2
-    int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
-#else
-    int cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
-#endif
-    int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+    int cert_pbe = NID_aes_256_cbc;
+    int key_pbe = NID_aes_256_cbc;
     int ret = 1, macver = 1, add_lmk = 0, private = 0;
     int noprompt = 0;
     char *passinarg = NULL, *passoutarg = NULL, *passarg = NULL;
@@ -162,7 +160,7 @@ int pkcs12_main(int argc, char **argv)
     BIO *in = NULL, *out = NULL;
     PKCS12 *p12 = NULL;
     STACK_OF(OPENSSL_STRING) *canames = NULL;
-    const EVP_CIPHER *enc = EVP_des_ede3_cbc();
+    const EVP_CIPHER *enc = EVP_aes_256_cbc();
     OPTION_CHOICE o;
 
     prog = opt_init(argc, argv, pkcs12_options);
@@ -313,6 +311,9 @@ int pkcs12_main(int argc, char **argv)
         case OPT_ENGINE:
             e = setup_engine(opt_arg(), 0);
             break;
+        case OPT_LEGACY_ALG:
+            use_legacy = 1;
+            break;
         case OPT_PROV_CASES:
             if (!opt_provider(o))
                 goto end;
@@ -320,6 +321,29 @@ int pkcs12_main(int argc, char **argv)
         }
     }
     argc = opt_num_rest();
+
+    if (use_legacy) {
+        /* load the legacy provider if not loaded already*/
+        if (!OSSL_PROVIDER_available(app_get0_libctx(), "legacy")) {
+            if (!app_provider_load(app_get0_libctx(), "legacy"))
+                goto end;
+            /* load the default provider explicitly */
+            if (!app_provider_load(app_get0_libctx(), "default"))
+                goto end;
+        }
+        if (cert_pbe != NID_pbe_WithSHA1And3_Key_TripleDES_CBC) {
+            /* Restore default algorithms */
+#ifndef OPENSSL_NO_RC2
+            cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
+#else
+            cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+#endif
+        }
+
+        key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+        enc = EVP_des_ede3_cbc();
+    }
+
     if (argc != 0)
         goto opthelp;
 
diff --git a/doc/man1/openssl-pkcs12.pod.in b/doc/man1/openssl-pkcs12.pod.in
index 3a97a81517..90d8a7e19e 100644
--- a/doc/man1/openssl-pkcs12.pod.in
+++ b/doc/man1/openssl-pkcs12.pod.in
@@ -44,6 +44,7 @@ B<openssl> B<pkcs12>
 [B<-maciter>]
 [B<-nomac>]
 [B<-twopass>]
+[B<-legacy>]
 [B<-descert>]
 [B<-certpbe> I<cipher>]
 [B<-keypbe> I<cipher>]
@@ -166,6 +167,16 @@ always assumes these are the same so this option will render such
 PKCS#12 files unreadable. Cannot be used in combination with the options
 B<-password>, B<-passin> if importing, or B<-passout> if exporting.
 
+=item B<-legacy>
+
+Use legacy mode of operation and automatically load the legacy provider.
+In the legacy mode, the default algorithm for certificate encryption
+is RC2_CBC or 3DES_CBC depending on whether the RC2 cipher is enabled
+in the build. The default algorithm for private key encryption is 3DES_CBC.
+If the legacy option is not specified, then the legacy provider is not loaded
+and the default encryption algorithm for both certificates and private keys is
+AES_256_CBC with PBKDF2 for key derivation by default.
+
 =back
 
 =head1 FILE CREATION OPTIONS
@@ -229,8 +240,9 @@ for this search. If the search fails it is considered a fatal error.
 
 Encrypt the certificate using triple DES, this may render the PKCS#12
 file unreadable by some "export grade" software. By default the private
-key is encrypted using triple DES and the certificate using 40 bit RC2
-unless RC2 is disabled in which case triple DES is used.
+key is encrypted using AES and the certificate using triple DES unless
+the '-legacy' option is used. If '-descert' is used with the '-legacy'
+then both, the private key and the certificate are encrypted using triple DES.
 
 =item B<-keypbe> I<alg>, B<-certpbe> I<alg>
 
@@ -355,6 +367,10 @@ Print some info about a PKCS#12 file:
 
  openssl pkcs12 -in file.p12 -info -noout
 
+Print some info about a PKCS#12 file in legacy mode:
+
+ openssl pkcs12 -in file.p12 -info -noout -legacy
+
 Create a PKCS#12 file:
 
  openssl pkcs12 -export -in file.pem -out file.p12 -name "My Certificate"
@@ -364,6 +380,10 @@ Include some extra certificates:
  openssl pkcs12 -export -in file.pem -out file.p12 -name "My Certificate" \
   -certfile othercerts.pem
 
+Export a PKCS#12 file with default encryption algorithms as in the legacy provider:
+
+ openssl pkcs12 -export -in cert.pem -inkey key.pem -out file.p12 -legacy
+
 =head1 SEE ALSO
 
 L<openssl(1)>,

From builds at travis-ci.com  Thu Aug  6 16:51:29 2020
From: builds at travis-ci.com (Travis CI)
Date: Thu, 06 Aug 2020 16:51:29 +0000
Subject: Failed: openssl/openssl#36528 (master - 1b2873e)
In-Reply-To: <openssl/openssl+178756452+failed@travis-ci.com>
Message-ID: <5f2c35115c685_13fee8d9c3aa4116965@travis-pro-tasks-5658dd68c8-8gfsx.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36528
Status: Failed

Duration: 1 hr, 24 mins, and 25 secs
Commit: 1b2873e (master)
Author: Matt Caswell
Message: Prepare for 3.0 alpha 7

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>

View the changeset: https://github.com/openssl/openssl/compare/0f84cbc3e202...1b2873e4a1ed

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178756452?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200806/3ebb532b/attachment.html>

From builds at travis-ci.com  Thu Aug  6 19:48:37 2020
From: builds at travis-ci.com (Travis CI)
Date: Thu, 06 Aug 2020 19:48:37 +0000
Subject: Still Failing: openssl/openssl#36531 (master - 15c9aa3)
In-Reply-To: <openssl/openssl+178780645+still failing@travis-ci.com>
Message-ID: <5f2c5e96badb2_13fee8d9c38c4589158@travis-pro-tasks-5658dd68c8-8gfsx.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36531
Status: Still Failing

Duration: 1 hr, 27 mins, and 8 secs
Commit: 15c9aa3 (master)
Author: Sahana Prasad
Message: apps/pkcs12: Change defaults from RC2 to PBES2 with PBKDF2

Fixes #11672

Add "-legacy" option to load the legacy provider and
fall back to the old legacy default algorithms.

doc/man1/openssl-pkcs12.pod.in: updates documentation about the new
"-legacy" option

Signed-off-by: Sahana Prasad <sahana at redhat.com>

Reviewed-by: Paul Dale <paul.dale at oracle.com>
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12540)

View the changeset: https://github.com/openssl/openssl/compare/1b2873e4a1ed...15c9aa3aef77

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178780645?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200806/21d30311/attachment-0001.html>

From openssl at openssl.org  Thu Aug  6 20:42:07 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 06 Aug 2020 20:42:07 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-ui-console
Message-ID: <1596746527.784947.18277.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ui-console

Commit log since last time:

914f97eecc Fix provider cipher reinit after init/update with a partial update block.
c5b356d5d6 Mark an argument of an inline function as unused
ebc1e8fc4e openssl-cmp.pod.in: Update and extend example using Insta Demo CA
4c525cb5b6 DESERIALIZER: Fix EVP_PKEY construction by export
aff8c0a411 Fix error message on setting cert validity period in apps/cmp.c
57c05c57c3 apps: Correct and extend diagnostics of parse_name()
02ae130e3d Add 'section=...' info in error output of X509V3_EXT_nconf() as far as appropriate
1ac658ac9d Rename misleading X509V3_R_INVALID_NULL_NAME to X509V3_R_INVALID_EMPTY_NAME
c90c469376 Correct confusing X509V3 conf error output by removing needless 'section:<NULL>' etc.
b516a4b139 Correct misleading diagnostics of OBJ_txt2obj on unknown object name
8f7e897995 apps/cmp.c: Defer diagnostic output on server+proxy to be contacted
b5b6669fb6 PROV: Make the DER to KEY deserializer decode parameters too
19b4e6f8fe Coverity Fixes for issue #12531
e5b2cd5899 Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo
37d898df34 Add CHANGES.md entry for SSL_set1_host()/SSL_add1_host() taking IP literals
892a9e4c99 Disallow setting more than one IP address with SSL_add1_host()
396e720965 Fix certificate validation for IPv6 literals in sconnect demo
c832840e89 Make SSL_set1_host() and SSL_add1_host() take IP addresses
a677190779 81-test_cmp_cli.t: Skip tests with mock server if server cannot be started

Build log ended with (last 100 lines):

    #   Failed test 'p10cr csr empty file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -csr wrong.csr.pem => 139
    not ok 78 - p10cr wrong csr
# ------------------------------------------------------------------------------
    #   Failed test 'p10cr wrong csr'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -revreason 5 => 139
    not ok 79 - ir + ignored revocation
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 139
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 139
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 139
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' => 139
    not ok 86 - kur newkey is directory
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139
    not ok 89 - kur oldcert is directory
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert is directory'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139
    not ok 90 - kur oldcert not existing
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert not existing'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139
    not ok 91 - kur empty oldcert file
# ------------------------------------------------------------------------------
    #   Failed test 'kur empty oldcert file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139
    not ok 92 - kur command without cert and oldcert
# ------------------------------------------------------------------------------
    #   Failed test 'kur command without cert and oldcert'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 65 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-ui-console/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=207, Tests=3250, 885 wallclock secs (12.48 usr  1.26 sys + 785.46 cusr 59.59 csys = 858.79 CPU)
Result: FAIL
Makefile:3160: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-ui-console'
Makefile:3158: recipe for target 'tests' failed
make: *** [tests] Error 2

From pauli at openssl.org  Thu Aug  6 22:01:01 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Thu, 06 Aug 2020 22:01:01 +0000
Subject: [openssl]  master update
Message-ID: <1596751261.236671.10156.nullmailer@dev.openssl.org>

The branch master has been updated
       via  c5ec6dcf0bdd15354a1440632766e19540487c58 (commit)
      from  15c9aa3aef77c642ef2b6c84bba2b57b35ed083e (commit)


- Log -----------------------------------------------------------------
commit c5ec6dcf0bdd15354a1440632766e19540487c58
Author: Jon Spillett <jon.spillett at oracle.com>
Date:   Thu Sep 19 15:39:13 2019 +1000

    Add new APIs to get PKCS12 secretBag OID and value
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/10063)

-----------------------------------------------------------------------

Summary of changes:
 apps/pkcs12.c                           |  14 +
 crypto/err/openssl.txt                  |   2 +
 crypto/pkcs12/p12_attr.c                |  28 +-
 crypto/pkcs12/p12_crt.c                 |  18 +
 crypto/pkcs12/p12_sbag.c                |  66 ++-
 crypto/pkcs12/pk12err.c                 |   3 +-
 doc/man3/PKCS12_SAFEBAG_create_cert.pod |  80 ++++
 doc/man3/PKCS12_SAFEBAG_get1_cert.pod   |  74 ++++
 doc/man3/PKCS12_add1_attr_by_NID.pod    |  52 +++
 doc/man3/PKCS12_add_cert.pod            |  66 +++
 doc/man3/PKCS12_add_safe.pod            |  64 +++
 include/openssl/pkcs12.h                |   9 +
 include/openssl/pkcs12err.h             |   2 +
 test/build.info                         |   7 +-
 test/pkcs12_format_test.c               | 444 ++++++++++++++++++++
 test/pkcs12_helper.c                    | 708 ++++++++++++++++++++++++++++++++
 test/pkcs12_helper.h                    |  99 +++++
 test/recipes/80-test_pkcs12.t           |   5 +-
 util/libcrypto.num                      |   6 +
 19 files changed, 1738 insertions(+), 9 deletions(-)
 create mode 100644 doc/man3/PKCS12_SAFEBAG_create_cert.pod
 create mode 100644 doc/man3/PKCS12_SAFEBAG_get1_cert.pod
 create mode 100644 doc/man3/PKCS12_add1_attr_by_NID.pod
 create mode 100644 doc/man3/PKCS12_add_cert.pod
 create mode 100644 doc/man3/PKCS12_add_safe.pod
 create mode 100644 test/pkcs12_format_test.c
 create mode 100644 test/pkcs12_helper.c
 create mode 100644 test/pkcs12_helper.h

diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index 3398250efd..46340c0d25 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -789,6 +789,16 @@ int dump_certs_pkeys_bag(BIO *out, const PKCS12_SAFEBAG *bag,
         X509_free(x509);
         break;
 
+    case NID_secretBag:
+        if (options & INFO) 
+            BIO_printf(bio_err, "Secret bag\n");
+        print_attribs(out, attrs, "Bag Attributes");
+        BIO_printf(bio_err, "Bag Type: ");
+        i2a_ASN1_OBJECT(bio_err, PKCS12_SAFEBAG_get0_bag_type(bag));
+        BIO_printf(bio_err, "\nBag Value: ");
+        print_attribute(out, PKCS12_SAFEBAG_get0_bag_obj(bag));
+        return 1;
+
     case NID_safeContentsBag:
         if (options & INFO)
             BIO_printf(bio_err, "Safe Contents bag\n");
@@ -954,6 +964,10 @@ void print_attribute(BIO *out, const ASN1_TYPE *av)
         OPENSSL_free(value);
         break;
 
+    case V_ASN1_UTF8STRING:
+        BIO_printf(out, "%s\n", av->value.utf8string->data);
+        break;
+
     case V_ASN1_OCTET_STRING:
         hex_prin(out, av->value.octet_string->data,
                  av->value.octet_string->length);
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 53becb8ed4..cbfc495a0a 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -1058,6 +1058,7 @@ PKCS12_F_PKCS12_SAFEBAG_CREATE0_P8INF:112:PKCS12_SAFEBAG_create0_p8inf
 PKCS12_F_PKCS12_SAFEBAG_CREATE0_PKCS8:113:PKCS12_SAFEBAG_create0_pkcs8
 PKCS12_F_PKCS12_SAFEBAG_CREATE_PKCS8_ENCRYPT:133:\
 	PKCS12_SAFEBAG_create_pkcs8_encrypt
+PKCS12_F_PKCS12_SAFEBAG_CREATE_SECRET:134:
 PKCS12_F_PKCS12_SETUP_MAC:122:PKCS12_setup_mac
 PKCS12_F_PKCS12_SET_MAC:123:PKCS12_set_mac
 PKCS12_F_PKCS12_UNPACK_AUTHSAFES:130:PKCS12_unpack_authsafes
@@ -2760,6 +2761,7 @@ PKCS12_R_ENCRYPT_ERROR:103:encrypt error
 PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE:120:error setting encrypted data type
 PKCS12_R_INVALID_NULL_ARGUMENT:104:invalid null argument
 PKCS12_R_INVALID_NULL_PKCS12_POINTER:105:invalid null pkcs12 pointer
+PKCS12_R_INVALID_TYPE:112:invalid type
 PKCS12_R_IV_GEN_ERROR:106:iv gen error
 PKCS12_R_KEY_GEN_ERROR:107:key gen error
 PKCS12_R_MAC_ABSENT:108:mac absent
diff --git a/crypto/pkcs12/p12_attr.c b/crypto/pkcs12/p12_attr.c
index e2ca95bcfa..0acecef7a3 100644
--- a/crypto/pkcs12/p12_attr.c
+++ b/crypto/pkcs12/p12_attr.c
@@ -18,7 +18,7 @@ int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name,
                           int namelen)
 {
     if (X509at_add1_attr_by_NID(&bag->attrib, NID_localKeyID,
-                                V_ASN1_OCTET_STRING, name, namelen))
+                                V_ASN1_OCTET_STRING, name, namelen) != NULL)
         return 1;
     else
         return 0;
@@ -39,7 +39,7 @@ int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
                                 int namelen)
 {
     if (X509at_add1_attr_by_NID(&bag->attrib, NID_friendlyName,
-                                MBSTRING_ASC, (unsigned char *)name, namelen))
+                                MBSTRING_ASC, (unsigned char *)name, namelen) != NULL)
         return 1;
     else
         return 0;
@@ -49,7 +49,7 @@ int PKCS12_add_friendlyname_utf8(PKCS12_SAFEBAG *bag, const char *name,
                                 int namelen)
 {
     if (X509at_add1_attr_by_NID(&bag->attrib, NID_friendlyName,
-                                MBSTRING_UTF8, (unsigned char *)name, namelen))
+                                MBSTRING_UTF8, (unsigned char *)name, namelen) != NULL)
         return 1;
     else
         return 0;
@@ -59,7 +59,7 @@ int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag,
                                 const unsigned char *name, int namelen)
 {
     if (X509at_add1_attr_by_NID(&bag->attrib, NID_friendlyName,
-                                MBSTRING_BMP, name, namelen))
+                                MBSTRING_BMP, name, namelen) != NULL)
         return 1;
     else
         return 0;
@@ -68,7 +68,25 @@ int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag,
 int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name, int namelen)
 {
     if (X509at_add1_attr_by_NID(&bag->attrib, NID_ms_csp_name,
-                                MBSTRING_ASC, (unsigned char *)name, namelen))
+                                MBSTRING_ASC, (unsigned char *)name, namelen) != NULL)
+        return 1;
+    else
+        return 0;
+}
+
+int PKCS12_add1_attr_by_NID(PKCS12_SAFEBAG *bag, int nid, int type,
+                            const unsigned char *bytes, int len)
+{
+    if (X509at_add1_attr_by_NID(&bag->attrib, nid, type, bytes, len) != NULL)
+        return 1;
+    else
+        return 0;
+}
+
+int PKCS12_add1_attr_by_txt(PKCS12_SAFEBAG *bag, const char *attrname, int type,
+                            const unsigned char *bytes, int len)
+{
+    if (X509at_add1_attr_by_txt(&bag->attrib, attrname, type, bytes, len) != NULL)
         return 1;
     else
         return 0;
diff --git a/crypto/pkcs12/p12_crt.c b/crypto/pkcs12/p12_crt.c
index f75b2437c9..699f1b7d61 100644
--- a/crypto/pkcs12/p12_crt.c
+++ b/crypto/pkcs12/p12_crt.c
@@ -207,6 +207,24 @@ PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,
 
 }
 
+PKCS12_SAFEBAG *PKCS12_add_secret(STACK_OF(PKCS12_SAFEBAG) **pbags, 
+                                  int nid_type, const unsigned char *value, int len)
+{
+    PKCS12_SAFEBAG *bag = NULL;
+
+    /* Add secret, storing the value as an octet string */
+    if ((bag = PKCS12_SAFEBAG_create_secret(nid_type, V_ASN1_OCTET_STRING, value, len)) == NULL)
+        goto err;
+
+    if (!pkcs12_add_bag(pbags, bag))
+        goto err;
+
+    return bag;
+ err:
+    PKCS12_SAFEBAG_free(bag);
+    return NULL;
+}
+
 int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
                     int nid_safe, int iter, const char *pass)
 {
diff --git a/crypto/pkcs12/p12_sbag.c b/crypto/pkcs12/p12_sbag.c
index ccb9acb17e..3da437f7ea 100644
--- a/crypto/pkcs12/p12_sbag.c
+++ b/crypto/pkcs12/p12_sbag.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -71,6 +71,16 @@ int PKCS12_SAFEBAG_get_bag_nid(const PKCS12_SAFEBAG *bag)
     return OBJ_obj2nid(bag->value.bag->type);
 }
 
+const ASN1_OBJECT *PKCS12_SAFEBAG_get0_bag_type(const PKCS12_SAFEBAG *bag)
+{
+    return bag->value.bag->type;
+}
+
+const ASN1_TYPE *PKCS12_SAFEBAG_get0_bag_obj(const PKCS12_SAFEBAG *bag)
+{
+    return bag->value.bag->value.other;
+}
+
 X509 *PKCS12_SAFEBAG_get1_cert(const PKCS12_SAFEBAG *bag)
 {
     if (PKCS12_SAFEBAG_get_nid(bag) != NID_certBag)
@@ -103,6 +113,60 @@ PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_crl(X509_CRL *crl)
                                     NID_x509Crl, NID_crlBag);
 }
 
+PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_secret(int type, int vtype, const unsigned char *value, int len)
+{
+    PKCS12_BAGS *bag;
+    PKCS12_SAFEBAG *safebag;
+
+    if ((bag = PKCS12_BAGS_new()) == NULL) {
+        PKCS12err(0, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    bag->type = OBJ_nid2obj(type);
+
+    switch(vtype) {
+    case V_ASN1_OCTET_STRING:
+        {
+            ASN1_OCTET_STRING *strtmp = ASN1_OCTET_STRING_new();
+
+            if (strtmp == NULL) {
+                PKCS12err(0, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+            /* Pack data into an octet string */
+            if (!ASN1_OCTET_STRING_set(strtmp, value, len)) {
+                ASN1_OCTET_STRING_free(strtmp);
+                PKCS12err(0, PKCS12_R_ENCODE_ERROR);
+                goto err;
+            }
+            bag->value.other = ASN1_TYPE_new();
+            if (bag->value.other == NULL) {
+                ASN1_OCTET_STRING_free(strtmp);
+                PKCS12err(0, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+            ASN1_TYPE_set(bag->value.other, vtype, strtmp);
+        }
+        break;
+
+    default:
+        PKCS12err(0, PKCS12_R_INVALID_TYPE);
+        goto err;
+    }
+
+    if ((safebag = PKCS12_SAFEBAG_new()) == NULL) {
+        PKCS12err(0, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    safebag->value.bag = bag;
+    safebag->type = OBJ_nid2obj(NID_secretBag);
+    return safebag;
+ 
+ err:
+    PKCS12_BAGS_free(bag);
+    return NULL;
+}
+
 /* Turn PKCS8 object into a keybag */
 
 PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO *p8)
diff --git a/crypto/pkcs12/pk12err.c b/crypto/pkcs12/pk12err.c
index c3ad2bf708..f7789dc8d3 100644
--- a/crypto/pkcs12/pk12err.c
+++ b/crypto/pkcs12/pk12err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -27,6 +27,7 @@ static const ERR_STRING_DATA PKCS12_str_reasons[] = {
     "invalid null argument"},
     {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_INVALID_NULL_PKCS12_POINTER),
     "invalid null pkcs12 pointer"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_INVALID_TYPE), "invalid type"},
     {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_IV_GEN_ERROR), "iv gen error"},
     {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_KEY_GEN_ERROR), "key gen error"},
     {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_MAC_ABSENT), "mac absent"},
diff --git a/doc/man3/PKCS12_SAFEBAG_create_cert.pod b/doc/man3/PKCS12_SAFEBAG_create_cert.pod
new file mode 100644
index 0000000000..380cde5612
--- /dev/null
+++ b/doc/man3/PKCS12_SAFEBAG_create_cert.pod
@@ -0,0 +1,80 @@
+=pod
+
+=head1 NAME
+
+PKCS12_SAFEBAG_create_cert, PKCS12_SAFEBAG_create_crl,
+PKCS12_SAFEBAG_create_secret, PKCS12_SAFEBAG_create0_p8inf, 
+PKCS12_SAFEBAG_create0_pkcs8, PKCS12_SAFEBAG_create_pkcs8_encrypt - Create
+PKCS#12 safeBag objects
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs12.h>
+
+ PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_cert(X509 *x509);
+ PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_crl(X509_CRL *crl);
+ PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_secret(int type, int vtype,
+                                              const unsigned char* value,
+                                              int len);
+ PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO *p8);
+ PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_pkcs8(X509_SIG *p8);
+ PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid,
+                                                     const char *pass,
+                                                     int passlen,
+                                                     unsigned char *salt,
+                                                     int saltlen, int iter,
+                                                     PKCS8_PRIV_KEY_INFO *p8inf);
+
+=head1 DESCRIPTION
+
+PKCS12_SAFEBAG_create_cert() creates a new B<PKCS12_SAFEBAG> of type B<NID_certBag>
+containing the supplied certificate.
+
+PKCS12_SAFEBAG_create_crl() creates a new B<PKCS12_SAFEBAG> of type B<NID_crlBag>
+containing the supplied crl.
+
+PKCS12_SAFEBAG_create_secret() creates a new B<PKCS12_SAFEBAG> of type
+corresponding to a PKCS#12 I<secretBag>. The I<secretBag> contents are tagged as
+I<type> with an ASN1 value of type I<vtype> constructed using the bytes in
+I<value> of length I<len>.
+
+PKCS12_SAFEBAG_create0_p8inf() creates a new B<PKCS12_SAFEBAG> of type B<NID_keyBag>
+containing the supplied PKCS8 structure.
+
+PKCS12_SAFEBAG_create0_pkcs8() creates a new B<PKCS12_SAFEBAG> of type
+B<NID_pkcs8ShroudedKeyBag> containing the supplied PKCS8 structure.
+
+PKCS12_SAFEBAG_create_pkcs8_encrypt() creates a new B<PKCS12_SAFEBAG> of type 
+B<NID_pkcs8ShroudedKeyBag> by encrypting the supplied PKCS8 I<p8inf>.
+If I<pbe_nid> is 0, a default encryption algorithm is used. I<pass> is the
+passphrase and I<iter> is the iteration count. If I<iter> is zero then a default
+value of 2048 is used. If I<salt> is NULL then a salt is generated randomly.
+
+=head1 NOTES
+
+PKCS12_SAFEBAG_create_pkcs8_encrypt() makes assumptions regarding the encoding of the given pass
+phrase.
+See L<passphrase-encoding(7)> for more information.
+
+PKCS12_SAFEBAG_create_secret() was added in OpenSSL 3.0.
+
+=head1 RETURN VALUES
+
+All of these functions return a valid B<PKCS12_SAFEBAG> structure or NULL if an error occurred.
+
+=head1 SEE ALSO
+
+L<PKCS12_create(3)>,
+L<PKCS12_add_safe(3)>,
+L<PKCS12_add_safes(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man3/PKCS12_SAFEBAG_get1_cert.pod b/doc/man3/PKCS12_SAFEBAG_get1_cert.pod
new file mode 100644
index 0000000000..e1bff6a1c8
--- /dev/null
+++ b/doc/man3/PKCS12_SAFEBAG_get1_cert.pod
@@ -0,0 +1,74 @@
+=pod
+
+=head1 NAME
+
+PKCS12_SAFEBAG_get0_attr, PKCS12_SAFEBAG_get0_type,
+PKCS12_SAFEBAG_get_nid, PKCS12_SAFEBAG_get_bag_nid,
+PKCS12_SAFEBAG_get0_bag_obj, PKCS12_SAFEBAG_get0_bag_type,
+PKCS12_SAFEBAG_get1_cert, PKCS12_SAFEBAG_get1_crl,
+PKCS12_SAFEBAG_get0_safes, PKCS12_SAFEBAG_get0_p8inf,
+PKCS12_SAFEBAG_get0_pkcs8 - Get objects from a PKCS#12 safeBag
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs12.h>
+
+ const ASN1_TYPE *PKCS12_SAFEBAG_get0_attr(const PKCS12_SAFEBAG *bag,
+                                           int attr_nid);
+ const ASN1_OBJECT *PKCS12_SAFEBAG_get0_type(const PKCS12_SAFEBAG *bag);
+ int PKCS12_SAFEBAG_get_nid(const PKCS12_SAFEBAG *bag);
+ int PKCS12_SAFEBAG_get_bag_nid(const PKCS12_SAFEBAG *bag);
+ const ASN1_TYPE *PKCS12_SAFEBAG_get0_bag_obj(const PKCS12_SAFEBAG *bag);
+ const ASN1_OBJECT *PKCS12_SAFEBAG_get0_bag_type(const PKCS12_SAFEBAG *bag);
+ X509 *PKCS12_SAFEBAG_get1_cert(const PKCS12_SAFEBAG *bag);
+ X509_CRL *PKCS12_SAFEBAG_get1_crl(const PKCS12_SAFEBAG *bag);
+ const STACK_OF(PKCS12_SAFEBAG) *PKCS12_SAFEBAG_get0_safes(const PKCS12_SAFEBAG *bag);
+ const PKCS8_PRIV_KEY_INFO *PKCS12_SAFEBAG_get0_p8inf(const PKCS12_SAFEBAG *bag);
+ const X509_SIG *PKCS12_SAFEBAG_get0_pkcs8(const PKCS12_SAFEBAG *bag);
+
+=head1 DESCRIPTION
+
+PKCS12_SAFEBAG_get0_attr() gets the attribute value corresponding to the B<attr_nid>.
+
+PKCS12_SAFEBAG_get0_type() gets the B<safeBag> type as an OID, whereas
+PKCS12_SAFEBAG_get_nid() gets the B<safeBag> type as an NID, which could be
+B<NID_certBag>, B<NID_crlBag>, B<NID_keyBag>, B<NID_secretBag>, B<NID_safeContentsBag>
+or B<NID_pkcs8ShroudedKeyBag>.
+
+PKCS12_SAFEBAG_get_bag_nid() gets the type of the object contained within the
+B<PKCS12_SAFEBAG>. This corresponds to the bag type for most bags, but can be
+arbitrary for B<secretBag>s. PKCS12_SAFEBAG_get0_bag_type() gets this type as an OID.
+
+PKCS12_SAFEBAG_get0_bag_obj() retrieves the object contained within the safeBag.
+
+PKCS12_SAFEBAG_get1_cert() and PKCS12_SAFEBAG_get1_crl() return new B<X509> or
+B<X509_CRL> objects from the item in the safeBag.
+
+PKCS12_SAFEBAG_get0_p8inf() and PKCS12_SAFEBAG_get0_pkcs8() return the PKCS8 object
+from a PKCS8shroudedKeyBag or a keyBag.
+
+PKCS12_SAFEBAG_get0_safes() retrieves the set of B<safeBags> contained within a
+safeContentsBag. 
+
+=head1 RETURN VALUES
+
+PKCS12_SAFEBAG_get_nid() and PKCS12_SAFEBAG_get_bag_nid() return the NID of the safeBag
+or bag object, or -1 if there is no corresponding NID.
+Other functions return a valid object of the specified type or NULL if an error occurred.
+
+=head1 SEE ALSO
+
+L<PKCS12_create(3)>,
+L<PKCS12_add_safe(3)>,
+L<PKCS12_add_safes(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man3/PKCS12_add1_attr_by_NID.pod b/doc/man3/PKCS12_add1_attr_by_NID.pod
new file mode 100644
index 0000000000..4871da35d7
--- /dev/null
+++ b/doc/man3/PKCS12_add1_attr_by_NID.pod
@@ -0,0 +1,52 @@
+=pod
+
+=head1 NAME
+
+PKCS12_add1_attr_by_NID, PKCS12_add1_attr_by_txt - Add an attribute to a PKCS#12
+safeBag structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs12.h>
+
+ int PKCS12_add1_attr_by_NID(PKCS12_SAFEBAG *bag, int nid, int type,
+                             const unsigned char *bytes, int len);
+ int PKCS12_add1_attr_by_txt(PKCS12_SAFEBAG *bag, const char *attrname, int type,
+                             const unsigned char *bytes, int len);
+
+=head1 DESCRIPTION
+
+These functions add a PKCS#12 Attribute to the Attribute Set of the B<bag>.
+
+PKCS12_add1_attr_by_NID() adds an attribute of type B<nid> with a value of ASN1
+type B<type> constructed using B<len> bytes from B<bytes>.
+
+PKCS12_add1_attr_by_txt() adds an attribute of type B<attrname> with a value of
+ASN1 type B<type> constructed using B<len> bytes from B<bytes>.
+
+=head1 NOTES
+
+These functions do not check whether an existing attribute of the same type is
+present. There can be multiple attributes with the same type assigned to a
+safeBag.
+
+Both functions were added in OpenSSL 3.0.
+
+=head1 RETURN VALUES
+
+A return value of 1 indicates success, 0 indicates failure.
+
+=head1 SEE ALSO
+
+L<PKCS12_create(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man3/PKCS12_add_cert.pod b/doc/man3/PKCS12_add_cert.pod
new file mode 100644
index 0000000000..bb326f7f4c
--- /dev/null
+++ b/doc/man3/PKCS12_add_cert.pod
@@ -0,0 +1,66 @@
+=pod
+
+=head1 NAME
+
+PKCS12_add_cert, PKCS12_add_key,
+PKCS12_add_secret - Add an object to a set of PKCS#12 safeBags
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs12.h>
+
+ PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert);
+ PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,
+                               EVP_PKEY *key, int key_usage, int iter,
+                               int key_nid, const char *pass);
+ PKCS12_SAFEBAG *PKCS12_add_secret(STACK_OF(PKCS12_SAFEBAG) **pbags,
+                                  int nid_type, const unsigned char *value, int len);
+
+=head1 DESCRIPTION
+
+These functions create a new B<PKCS12_SAFEBAG> and add it to the set of safeBags
+in I<pbags>.
+
+PKCS12_add_cert() creates a PKCS#12 certBag containing the supplied
+certificate and adds this to the set of PKCS#12 safeBags.
+
+PKCS12_add_key() creates a PKCS#12 keyBag (unencrypted) or a pkcs8shroudedKeyBag
+(encrypted) containing the supplied B<EVP_PKEY> and adds this to the set of PKCS#12
+safeBags. If I<key_nid> is not -1 then the key is encrypted with the supplied
+algorithm, using I<pass> as the passphrase and I<iter> as the iteration count. If
+I<iter> is zero then a default value for iteration count of 2048 is used.
+
+PKCS12_add_secret() creates a PKCS#12 secretBag with an OID corresponding to
+the supplied B<nid_type> containing the supplied value as an ASN1 octet string.
+This is then added to the set of PKCS#12 safeBags.
+
+=head1 NOTES
+
+If a certificate contains an B<alias> or a B<keyid> then this will be
+used for the corresponding B<friendlyName> or B<localKeyID> in the
+PKCS12 structure.
+
+PKCS12_add_key() makes assumptions regarding the encoding of the given pass
+phrase.
+See L<passphrase-encoding(7)> for more information.
+
+PKCS12_add_secret() was added in OpenSSL 3.0.
+
+=head1 RETURN VALUES
+
+A valid B<PKCS12_SAFEBAG> structure or NULL if an error occurred.
+
+=head1 SEE ALSO
+
+L<PKCS12_create(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man3/PKCS12_add_safe.pod b/doc/man3/PKCS12_add_safe.pod
new file mode 100644
index 0000000000..ec657aaa07
--- /dev/null
+++ b/doc/man3/PKCS12_add_safe.pod
@@ -0,0 +1,64 @@
+=pod
+
+=head1 NAME
+
+PKCS12_add_safe, PKCS12_add_safes - Create and add objects to a PKCS#12 structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs12.h>
+
+ int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
+                    int safe_nid, int iter, const char *pass);
+ PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid);
+
+=head1 DESCRIPTION
+
+PKCS12_add_safe() creates a new PKCS7 contentInfo containing the supplied
+B<PKCS12_SAFEBAG>s and adds this to a set of PKCS7 contentInfos. Its type
+depends on the value of B<safe_nid>:
+
+=over 4
+
+=item * If I<safe_nid> is -1, a plain PKCS7 I<data> contentInfo is created.
+
+=item * If I<safe_nid> is a valid PBE algorithm NID, a PKCS7 B<encryptedData>
+contentInfo is created. The algorithm uses I<pass> as the passphrase and I<iter>
+as the iteration count. If I<iter> is zero then a default value for iteration
+count of 2048 is used.
+
+=item * If I<safe_nid> is 0, a PKCS7 B<encryptedData> contentInfo is created using
+a default encryption algorithm, currently B<NID_pbe_WithSHA1And3_Key_TripleDES_CBC>.
+
+=back
+
+PKCS12_add_safes() creates a B<PKCS12> structure containing the supplied set of
+PKCS7 contentInfos. The I<safes> are enclosed first within a PKCS7 contentInfo
+of type I<p7_nid>. Currently the only supported type is B<NID_pkcs7_data>.
+
+=head1 NOTES
+
+PKCS12_add_safe() makes assumptions regarding the encoding of the given pass
+phrase.
+See L<passphrase-encoding(7)> for more information.
+
+=head1 RETURN VALUES
+
+PKCS12_add_safe() returns a value of 1 indicating success or 0 for failure.
+
+PKCS12_add_safes() returns a valid B<PKCS12> structure or NULL if an error occurred.
+
+=head1 SEE ALSO
+
+L<PKCS12_create(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/include/openssl/pkcs12.h b/include/openssl/pkcs12.h
index abf124f27a..46e95c11b6 100644
--- a/include/openssl/pkcs12.h
+++ b/include/openssl/pkcs12.h
@@ -93,6 +93,8 @@ const ASN1_TYPE *PKCS12_SAFEBAG_get0_attr(const PKCS12_SAFEBAG *bag,
 const ASN1_OBJECT *PKCS12_SAFEBAG_get0_type(const PKCS12_SAFEBAG *bag);
 int PKCS12_SAFEBAG_get_nid(const PKCS12_SAFEBAG *bag);
 int PKCS12_SAFEBAG_get_bag_nid(const PKCS12_SAFEBAG *bag);
+const ASN1_TYPE *PKCS12_SAFEBAG_get0_bag_obj(const PKCS12_SAFEBAG *bag);
+const ASN1_OBJECT *PKCS12_SAFEBAG_get0_bag_type(const PKCS12_SAFEBAG *bag);
 
 X509 *PKCS12_SAFEBAG_get1_cert(const PKCS12_SAFEBAG *bag);
 X509_CRL *PKCS12_SAFEBAG_get1_crl(const PKCS12_SAFEBAG *bag);
@@ -103,6 +105,7 @@ const X509_SIG *PKCS12_SAFEBAG_get0_pkcs8(const PKCS12_SAFEBAG *bag);
 
 PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_cert(X509 *x509);
 PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_crl(X509_CRL *crl);
+PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_secret(int type, int vtype, const unsigned char *value, int len);
 PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO *p8);
 PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_pkcs8(X509_SIG *p8);
 PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid,
@@ -144,6 +147,10 @@ int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
                            int namelen);
 int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag,
                                 const unsigned char *name, int namelen);
+int PKCS12_add1_attr_by_NID(PKCS12_SAFEBAG *bag, int nid, int type,
+                            const unsigned char *bytes, int len);
+int PKCS12_add1_attr_by_txt(PKCS12_SAFEBAG *bag, const char *attrname, int type,
+                            const unsigned char *bytes, int len);
 int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage);
 ASN1_TYPE *PKCS12_get_attr_gen(const STACK_OF(X509_ATTRIBUTE) *attrs,
                                int attr_nid);
@@ -209,6 +216,8 @@ PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert);
 PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,
                                EVP_PKEY *key, int key_usage, int iter,
                                int key_nid, const char *pass);
+PKCS12_SAFEBAG *PKCS12_add_secret(STACK_OF(PKCS12_SAFEBAG) **pbags,
+                                  int nid_type, const unsigned char *value, int len);
 int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
                     int safe_nid, int iter, const char *pass);
 PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid);
diff --git a/include/openssl/pkcs12err.h b/include/openssl/pkcs12err.h
index 8d69b63f1a..0a3f42bd62 100644
--- a/include/openssl/pkcs12err.h
+++ b/include/openssl/pkcs12err.h
@@ -47,6 +47,7 @@ int ERR_load_PKCS12_strings(void);
 #  define PKCS12_F_PKCS12_SAFEBAG_CREATE0_P8INF            0
 #  define PKCS12_F_PKCS12_SAFEBAG_CREATE0_PKCS8            0
 #  define PKCS12_F_PKCS12_SAFEBAG_CREATE_PKCS8_ENCRYPT     0
+#  define PKCS12_F_PKCS12_SAFEBAG_CREATE_SECRET            0
 #  define PKCS12_F_PKCS12_SETUP_MAC                        0
 #  define PKCS12_F_PKCS12_SET_MAC                          0
 #  define PKCS12_F_PKCS12_UNPACK_AUTHSAFES                 0
@@ -67,6 +68,7 @@ int ERR_load_PKCS12_strings(void);
 # define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE       120
 # define PKCS12_R_INVALID_NULL_ARGUMENT                   104
 # define PKCS12_R_INVALID_NULL_PKCS12_POINTER             105
+# define PKCS12_R_INVALID_TYPE                            112
 # define PKCS12_R_IV_GEN_ERROR                            106
 # define PKCS12_R_KEY_GEN_ERROR                           107
 # define PKCS12_R_MAC_ABSENT                              108
diff --git a/test/build.info b/test/build.info
index d15ee75814..a3e5857b99 100644
--- a/test/build.info
+++ b/test/build.info
@@ -30,7 +30,7 @@ IF[{- !$disabled{tests} -}]
   PROGRAMS{noinst}= \
           confdump \
           versions \
-          aborttest test_test \
+          aborttest test_test pkcs12_format_test \
           sanitytest rsa_complex exdatatest bntest \
           ectest ecstresstest gmdifftest pbelutest \
           destest mdc2test \
@@ -234,6 +234,10 @@ IF[{- !$disabled{tests} -}]
   INCLUDE[memleaktest]=../include ../apps/include
   DEPEND[memleaktest]=../libcrypto libtestutil.a
 
+  SOURCE[pkcs12_format_test]=pkcs12_format_test.c pkcs12_helper.c
+  INCLUDE[pkcs12_format_test]=../include ../apps/include
+  DEPEND[pkcs12_format_test]=../libcrypto libtestutil.a
+
   SOURCE[stack_test]=stack_test.c
   INCLUDE[stack_test]=../include ../apps/include
   DEPEND[stack_test]=../libcrypto libtestutil.a
@@ -276,6 +280,7 @@ IF[{- !$disabled{tests} -}]
 
   INCLUDE[ssl_test_ctx.o]=../include
   INCLUDE[handshake_helper.o]=.. ../include
+  INCLUDE[pkcs12_helper.o]=.. ../include
   INCLUDE[ssltestlib.o]=.. ../include
   INCLUDE[cmp_testlib.o]=.. ../include ../apps/include
 
diff --git a/test/pkcs12_format_test.c b/test/pkcs12_format_test.c
new file mode 100644
index 0000000000..4b638af82d
--- /dev/null
+++ b/test/pkcs12_format_test.c
@@ -0,0 +1,444 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "internal/nelem.h"
+
+#include <openssl/pkcs12.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/pem.h>
+
+#include "testutil.h"
+#include "pkcs12_helper.h"
+
+
+/* --------------------------------------------------------------------------
+ * PKCS12 component test data
+ */
+
+static const unsigned char CERT1[] =
+{
+    0x30, 0x82, 0x01, 0xed, 0x30, 0x82, 0x01, 0x56, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
+    0x8b, 0x4b, 0x5e, 0x6c, 0x03, 0x28, 0x4e, 0xe6, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
+    0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x19, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55,
+    0x04, 0x03, 0x0c, 0x0e, 0x50, 0x31, 0x32, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x52, 0x6f, 0x6f, 0x74,
+    0x2d, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x39, 0x30, 0x39, 0x33, 0x30, 0x30, 0x30, 0x34, 0x36,
+    0x35, 0x36, 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x39, 0x32, 0x37, 0x30, 0x30, 0x34, 0x36, 0x35,
+    0x36, 0x5a, 0x30, 0x1b, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x10, 0x50,
+    0x31, 0x32, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2d, 0x31, 0x30,
+    0x81, 0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
+    0x00, 0x03, 0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xbc, 0xdc, 0x6f, 0x8c,
+    0x7a, 0x2a, 0x4b, 0xea, 0x66, 0x66, 0x04, 0xa9, 0x05, 0x92, 0x53, 0xd7, 0x13, 0x3c, 0x49, 0xe1,
+    0xc8, 0xbb, 0xdf, 0x3d, 0xcb, 0x88, 0x31, 0x07, 0x20, 0x59, 0x93, 0x24, 0x7f, 0x7d, 0xc6, 0x84,
+    0x81, 0x16, 0x64, 0x4a, 0x52, 0xa6, 0x30, 0x44, 0xdc, 0x1a, 0x30, 0xde, 0xae, 0x29, 0x18, 0xcf,
+    0xc7, 0xf3, 0xcf, 0x0c, 0xb7, 0x8e, 0x2b, 0x1e, 0x21, 0x01, 0x0b, 0xfb, 0xe5, 0xe6, 0xcf, 0x2b,
+    0x84, 0xe1, 0x33, 0xf8, 0xba, 0x02, 0xfc, 0x30, 0xfa, 0xc4, 0x33, 0xc7, 0x37, 0xc6, 0x7f, 0x72,
+    0x31, 0x92, 0x1d, 0x8f, 0xa0, 0xfb, 0xe5, 0x4a, 0x08, 0x31, 0x78, 0x80, 0x9c, 0x23, 0xb4, 0xe9,
+    0x19, 0x56, 0x04, 0xfa, 0x0d, 0x07, 0x04, 0xb7, 0x43, 0xac, 0x4c, 0x49, 0x7c, 0xc2, 0xa1, 0x44,
+    0xc1, 0x48, 0x7d, 0x28, 0xe5, 0x23, 0x66, 0x07, 0x22, 0xd5, 0xf0, 0xf1, 0x02, 0x03, 0x01, 0x00,
+    0x01, 0xa3, 0x3b, 0x30, 0x39, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16,
+    0x80, 0x14, 0xdb, 0xbb, 0xb8, 0x92, 0x4e, 0x24, 0x0b, 0x1b, 0xbb, 0x78, 0x33, 0xf9, 0x01, 0x02,
+    0x23, 0x0d, 0x96, 0x18, 0x30, 0x47, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30,
+    0x00, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x04, 0xf0, 0x30, 0x0d,
+    0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x81, 0x81,
+    0x00, 0x1c, 0x13, 0xdc, 0x02, 0xf1, 0x44, 0x36, 0x65, 0xa9, 0xbe, 0x30, 0x1c, 0x66, 0x14, 0x20,
+    0x86, 0x5a, 0xa8, 0x69, 0x25, 0xf8, 0x1a, 0xb6, 0x9e, 0x5e, 0xe9, 0x89, 0xb8, 0x67, 0x70, 0x19,
+    0x87, 0x60, 0xeb, 0x4b, 0x11, 0x71, 0x85, 0xf8, 0xe9, 0xa7, 0x3e, 0x20, 0x42, 0xec, 0x43, 0x25,
+    0x01, 0x03, 0xe5, 0x4d, 0x83, 0x22, 0xf5, 0x8e, 0x3a, 0x1a, 0x1b, 0xd4, 0x1c, 0xda, 0x6b, 0x9d,
+    0x10, 0x1b, 0xee, 0x67, 0x4e, 0x1f, 0x69, 0xab, 0xbc, 0xaa, 0x62, 0x8e, 0x9e, 0xc6, 0xee, 0xd6,
+    0x09, 0xc0, 0xca, 0xe0, 0xaa, 0x9f, 0x07, 0xb2, 0xc2, 0xbb, 0x31, 0x96, 0xa2, 0x04, 0x62, 0xd3,
+    0x13, 0x32, 0x29, 0x67, 0x6e, 0xad, 0x2e, 0x0b, 0xea, 0x04, 0x7c, 0x8c, 0x5a, 0x5d, 0xac, 0x14,
+    0xaa, 0x61, 0x7f, 0x28, 0x6c, 0x2d, 0x64, 0x2d, 0xc3, 0xaf, 0x77, 0x52, 0x90, 0xb4, 0x37, 0xc0,
+    0x30, 
+};
+
+static const unsigned char CERT2[] =
+{
+    0x30, 0x82, 0x01, 0xed, 0x30, 0x82, 0x01, 0x56, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
+    0x8b, 0x4b, 0x5e, 0x6c, 0x03, 0x28, 0x4e, 0xe7, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
+    0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x19, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55,
+    0x04, 0x03, 0x0c, 0x0e, 0x50, 0x31, 0x32, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x52, 0x6f, 0x6f, 0x74,
+    0x2d, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x39, 0x30, 0x39, 0x33, 0x30, 0x30, 0x30, 0x34, 0x36,
+    0x35, 0x36, 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x39, 0x32, 0x37, 0x30, 0x30, 0x34, 0x36, 0x35,
+    0x36, 0x5a, 0x30, 0x1b, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x10, 0x50,
+    0x31, 0x32, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2d, 0x31, 0x30,
+    0x81, 0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
+    0x00, 0x03, 0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xa8, 0x6e, 0x40, 0x86,
+    0x9f, 0x98, 0x59, 0xfb, 0x57, 0xbf, 0xc1, 0x55, 0x12, 0x38, 0xeb, 0xb3, 0x46, 0x34, 0xc9, 0x35,
+    0x4d, 0xfd, 0x03, 0xe9, 0x3a, 0x88, 0x9e, 0x97, 0x8f, 0xf4, 0xec, 0x36, 0x7b, 0x3f, 0xba, 0xb8,
+    0xa5, 0x96, 0x30, 0x03, 0xc5, 0xc6, 0xd9, 0xa8, 0x4e, 0xbc, 0x23, 0x51, 0xa1, 0x96, 0xd2, 0x03,
+    0x98, 0x73, 0xb6, 0x17, 0x9c, 0x77, 0xd4, 0x95, 0x1e, 0x1b, 0xb3, 0x1b, 0xc8, 0x71, 0xd1, 0x2e,
+    0x31, 0xc7, 0x6a, 0x75, 0x57, 0x08, 0x7f, 0xba, 0x70, 0x76, 0xf7, 0x67, 0xf4, 0x4e, 0xbe, 0xfc,
+    0x70, 0x61, 0x41, 0x07, 0x2b, 0x7c, 0x3c, 0x3b, 0xb3, 0xbc, 0xd5, 0xa8, 0xbd, 0x28, 0xd8, 0x49,
+    0xd3, 0xe1, 0x78, 0xc8, 0xc1, 0x42, 0x5e, 0x18, 0x36, 0xa8, 0x41, 0xf7, 0xc8, 0xaa, 0x35, 0xfe,
+    0x2d, 0xd1, 0xb4, 0xcc, 0x00, 0x67, 0xae, 0x79, 0xd3, 0x28, 0xd5, 0x5b, 0x02, 0x03, 0x01, 0x00,
+    0x01, 0xa3, 0x3b, 0x30, 0x39, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16,
+    0x80, 0x14, 0xdb, 0xbb, 0xb8, 0x92, 0x4e, 0x24, 0x0b, 0x1b, 0xbb, 0x78, 0x33, 0xf9, 0x01, 0x02,
+    0x23, 0x0d, 0x96, 0x18, 0x30, 0x47, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30,
+    0x00, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x04, 0xf0, 0x30, 0x0d,
+    0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x81, 0x81,
+    0x00, 0x3b, 0xa6, 0x73, 0xbe, 0xe0, 0x28, 0xed, 0x1f, 0x29, 0x78, 0x4c, 0xc0, 0x1f, 0xe9, 0x85,
+    0xc6, 0x8f, 0xe3, 0x87, 0x7c, 0xd9, 0xe7, 0x0a, 0x37, 0xe8, 0xaa, 0xb5, 0xd2, 0x7f, 0xf8, 0x90,
+    0x20, 0x80, 0x35, 0xa7, 0x79, 0x2b, 0x04, 0xa7, 0xbf, 0xe6, 0x7b, 0x58, 0xcb, 0xec, 0x0e, 0x58,
+    0xef, 0x2a, 0x70, 0x8a, 0x56, 0x8a, 0xcf, 0x6b, 0x7a, 0x74, 0x0c, 0xf4, 0x15, 0x37, 0x93, 0xcd,
+    0xe6, 0xb2, 0xa1, 0x83, 0x09, 0xdb, 0x9e, 0x4f, 0xff, 0x6a, 0x17, 0x4f, 0x33, 0xc9, 0xcc, 0x90,
+    0x2a, 0x67, 0xff, 0x16, 0x78, 0xa8, 0x2c, 0x10, 0xe0, 0x52, 0x8c, 0xe6, 0xe9, 0x90, 0x8d, 0xe0,
+    0x62, 0x04, 0x9a, 0x0f, 0x44, 0x01, 0x82, 0x14, 0x92, 0x44, 0x25, 0x69, 0x22, 0xb7, 0xb8, 0xc5,
+    0x94, 0x4c, 0x4b, 0x1c, 0x9b, 0x92, 0x60, 0x66, 0x90, 0x4e, 0xb9, 0xa8, 0x4c, 0x89, 0xbb, 0x0f,
+    0x0b, 
+};
+
+static const unsigned char KEY1[] =
+{
+    0x30, 0x82, 0x02, 0x5d, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xbc, 0xdc, 0x6f, 0x8c, 0x7a,
+    0x2a, 0x4b, 0xea, 0x66, 0x66, 0x04, 0xa9, 0x05, 0x92, 0x53, 0xd7, 0x13, 0x3c, 0x49, 0xe1, 0xc8,
+    0xbb, 0xdf, 0x3d, 0xcb, 0x88, 0x31, 0x07, 0x20, 0x59, 0x93, 0x24, 0x7f, 0x7d, 0xc6, 0x84, 0x81,
+    0x16, 0x64, 0x4a, 0x52, 0xa6, 0x30, 0x44, 0xdc, 0x1a, 0x30, 0xde, 0xae, 0x29, 0x18, 0xcf, 0xc7,
+    0xf3, 0xcf, 0x0c, 0xb7, 0x8e, 0x2b, 0x1e, 0x21, 0x01, 0x0b, 0xfb, 0xe5, 0xe6, 0xcf, 0x2b, 0x84,
+    0xe1, 0x33, 0xf8, 0xba, 0x02, 0xfc, 0x30, 0xfa, 0xc4, 0x33, 0xc7, 0x37, 0xc6, 0x7f, 0x72, 0x31,
+    0x92, 0x1d, 0x8f, 0xa0, 0xfb, 0xe5, 0x4a, 0x08, 0x31, 0x78, 0x80, 0x9c, 0x23, 0xb4, 0xe9, 0x19,
+    0x56, 0x04, 0xfa, 0x0d, 0x07, 0x04, 0xb7, 0x43, 0xac, 0x4c, 0x49, 0x7c, 0xc2, 0xa1, 0x44, 0xc1,
+    0x48, 0x7d, 0x28, 0xe5, 0x23, 0x66, 0x07, 0x22, 0xd5, 0xf0, 0xf1, 0x02, 0x03, 0x01, 0x00, 0x01,
+    0x02, 0x81, 0x81, 0x00, 0xa5, 0x6d, 0xf9, 0x8f, 0xf5, 0x5a, 0xa3, 0x50, 0xd9, 0x0d, 0x37, 0xbb,
+    0xce, 0x13, 0x94, 0xb8, 0xea, 0x32, 0x7f, 0x0c, 0xf5, 0x46, 0x0b, 0x90, 0x17, 0x7e, 0x5e, 0x63,
+    0xbd, 0xa4, 0x78, 0xcd, 0x19, 0x97, 0xd4, 0x92, 0x30, 0x78, 0xaa, 0xb4, 0xa7, 0x9c, 0xc6, 0xdf,
+    0x2a, 0x65, 0x0e, 0xb5, 0x9f, 0x9c, 0x84, 0x0d, 0x4d, 0x3a, 0x74, 0xfc, 0xd0, 0xb4, 0x09, 0x74,
+    0xc4, 0xb8, 0x24, 0x03, 0xa8, 0xf0, 0xf8, 0x0d, 0x5c, 0x8e, 0xdf, 0x4b, 0xe1, 0x0a, 0x8f, 0x4f,
+    0xd5, 0xc7, 0x9b, 0x54, 0x55, 0x8f, 0x00, 0x5c, 0xea, 0x4c, 0x73, 0xf9, 0x1b, 0xbf, 0xb8, 0x93,
+    0x33, 0x20, 0xce, 0x45, 0xd9, 0x03, 0x02, 0xb2, 0x36, 0xc5, 0x0a, 0x30, 0x50, 0x78, 0x80, 0x66,
+    0x00, 0x22, 0x38, 0x86, 0xcf, 0x63, 0x4a, 0x5c, 0xbf, 0x2b, 0xd9, 0x6e, 0xe6, 0xf0, 0x39, 0xad,
+    0x12, 0x25, 0x41, 0xb9, 0x02, 0x41, 0x00, 0xf3, 0x7c, 0x07, 0x99, 0x64, 0x3a, 0x28, 0x8c, 0x8d,
+    0x05, 0xfe, 0x32, 0xb5, 0x4c, 0x8c, 0x6d, 0xde, 0x3d, 0x16, 0x08, 0xa0, 0x01, 0x61, 0x4f, 0x8e,
+    0xa0, 0xf7, 0x26, 0x26, 0xb5, 0x8e, 0xc0, 0x7a, 0xce, 0x86, 0x34, 0xde, 0xb8, 0xef, 0x86, 0x01,
+    0xbe, 0x24, 0xaa, 0x9b, 0x36, 0x93, 0x72, 0x9b, 0xf9, 0xc6, 0xcb, 0x76, 0x84, 0x67, 0x06, 0x06,
+    0x30, 0x50, 0xdf, 0x42, 0x17, 0xe0, 0xa7, 0x02, 0x41, 0x00, 0xc6, 0x91, 0xa0, 0x41, 0x34, 0x11,
+    0x67, 0x4b, 0x08, 0x0f, 0xda, 0xa7, 0x99, 0xec, 0x58, 0x11, 0xa5, 0x82, 0xdb, 0x50, 0xfe, 0x77,
+    0xe2, 0xd1, 0x53, 0x9c, 0x7d, 0xe8, 0xbf, 0xe7, 0x7c, 0xa9, 0x01, 0xb1, 0x87, 0xc3, 0x52, 0x79,
+    0x9e, 0x2c, 0xa7, 0x6f, 0x02, 0x37, 0x32, 0xef, 0x24, 0x31, 0x21, 0x0b, 0x86, 0x05, 0x32, 0x4a,
+    0x2e, 0x0b, 0x65, 0x05, 0xd3, 0xd6, 0x30, 0xb2, 0xfc, 0xa7, 0x02, 0x41, 0x00, 0xc2, 0xed, 0x31,
+    0xdc, 0x40, 0x9c, 0x3a, 0xe8, 0x42, 0xe2, 0x60, 0x5e, 0x52, 0x3c, 0xc5, 0x54, 0x14, 0x0e, 0x8d,
+    0x7c, 0x3c, 0x34, 0xbe, 0xa6, 0x05, 0x86, 0xa2, 0x36, 0x5d, 0xd9, 0x0e, 0x3e, 0xd4, 0x52, 0x50,
+    0xa9, 0x35, 0x01, 0x93, 0x68, 0x92, 0x2e, 0x9a, 0x86, 0x27, 0x1a, 0xab, 0x32, 0x9e, 0xe2, 0x79,
+    0x9f, 0x5b, 0xf3, 0xa5, 0xd2, 0xf1, 0xd3, 0x6e, 0x7b, 0x3e, 0x1b, 0x85, 0x93, 0x02, 0x40, 0x68,
+    0xb8, 0xb6, 0x7e, 0x8c, 0xba, 0x3c, 0xf2, 0x8a, 0x2e, 0xea, 0x4f, 0x07, 0xd3, 0x68, 0x62, 0xee,
+    0x1a, 0x04, 0x16, 0x44, 0x0d, 0xef, 0xf6, 0x1b, 0x95, 0x65, 0xa5, 0xd1, 0x47, 0x81, 0x2c, 0x14,
+    0xb3, 0x8e, 0xf9, 0x08, 0xcf, 0x11, 0x07, 0x55, 0xca, 0x2a, 0xad, 0xf7, 0xd3, 0xbd, 0x0f, 0x97,
+    0xf0, 0xde, 0xde, 0x70, 0xb6, 0x44, 0x70, 0x47, 0xf7, 0xf9, 0xcf, 0x75, 0x61, 0x7f, 0xf3, 0x02,
+    0x40, 0x38, 0x4a, 0x67, 0xaf, 0xae, 0xb6, 0xb2, 0x6a, 0x00, 0x25, 0x5a, 0xa4, 0x65, 0x20, 0xb1,
+    0x13, 0xbd, 0x83, 0xff, 0xb4, 0xbc, 0xf4, 0xdd, 0xa1, 0xbb, 0x1c, 0x96, 0x37, 0x35, 0xf4, 0xbf,
+    0xed, 0x4c, 0xed, 0x92, 0xe8, 0xac, 0xc9, 0xc1, 0xa5, 0xa3, 0x23, 0x66, 0x40, 0x8a, 0xa1, 0xe6,
+    0xe3, 0x95, 0xfe, 0xc4, 0x53, 0xf5, 0x7d, 0x6e, 0xca, 0x45, 0x42, 0xe4, 0xc2, 0x9f, 0xe5, 0x1e,
+    0xb5, 
+};
+
+
+static const unsigned char KEY2[] =
+{
+    0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xa8, 0x6e, 0x40, 0x86, 0x9f,
+    0x98, 0x59, 0xfb, 0x57, 0xbf, 0xc1, 0x55, 0x12, 0x38, 0xeb, 0xb3, 0x46, 0x34, 0xc9, 0x35, 0x4d,
+    0xfd, 0x03, 0xe9, 0x3a, 0x88, 0x9e, 0x97, 0x8f, 0xf4, 0xec, 0x36, 0x7b, 0x3f, 0xba, 0xb8, 0xa5,
+    0x96, 0x30, 0x03, 0xc5, 0xc6, 0xd9, 0xa8, 0x4e, 0xbc, 0x23, 0x51, 0xa1, 0x96, 0xd2, 0x03, 0x98,
+    0x73, 0xb6, 0x17, 0x9c, 0x77, 0xd4, 0x95, 0x1e, 0x1b, 0xb3, 0x1b, 0xc8, 0x71, 0xd1, 0x2e, 0x31,
+    0xc7, 0x6a, 0x75, 0x57, 0x08, 0x7f, 0xba, 0x70, 0x76, 0xf7, 0x67, 0xf4, 0x4e, 0xbe, 0xfc, 0x70,
+    0x61, 0x41, 0x07, 0x2b, 0x7c, 0x3c, 0x3b, 0xb3, 0xbc, 0xd5, 0xa8, 0xbd, 0x28, 0xd8, 0x49, 0xd3,
+    0xe1, 0x78, 0xc8, 0xc1, 0x42, 0x5e, 0x18, 0x36, 0xa8, 0x41, 0xf7, 0xc8, 0xaa, 0x35, 0xfe, 0x2d,
+    0xd1, 0xb4, 0xcc, 0x00, 0x67, 0xae, 0x79, 0xd3, 0x28, 0xd5, 0x5b, 0x02, 0x03, 0x01, 0x00, 0x01,
+    0x02, 0x81, 0x81, 0x00, 0xa6, 0x00, 0x83, 0xf8, 0x2b, 0x33, 0xac, 0xfb, 0xdb, 0xf0, 0x52, 0x4b,
+    0xd6, 0x39, 0xe3, 0x94, 0x3d, 0x8d, 0xa9, 0x01, 0xb0, 0x6b, 0xbe, 0x7f, 0x10, 0x01, 0xb6, 0xcd,
+    0x0a, 0x45, 0x0a, 0xca, 0x67, 0x8e, 0xd8, 0x29, 0x44, 0x8a, 0x51, 0xa8, 0x66, 0x35, 0x26, 0x30,
+    0x8b, 0xe9, 0x41, 0xa6, 0x22, 0xec, 0xd2, 0xf0, 0x58, 0x41, 0x33, 0x26, 0xf2, 0x3f, 0xe8, 0x75,
+    0x4f, 0xc7, 0x5d, 0x2e, 0x5a, 0xa8, 0x7a, 0xd2, 0xbf, 0x59, 0xa0, 0x86, 0x79, 0x0b, 0x92, 0x6c,
+    0x95, 0x5d, 0x87, 0x63, 0x5c, 0xd6, 0x1a, 0xc0, 0xf6, 0x7a, 0x15, 0x8d, 0xc7, 0x3c, 0xb6, 0x9e,
+    0xa6, 0x58, 0x46, 0x9b, 0xbf, 0x3e, 0x28, 0x8c, 0xdf, 0x1a, 0x87, 0xaa, 0x7e, 0xf5, 0xf2, 0xcb,
+    0x5e, 0x84, 0x2d, 0xf6, 0x82, 0x7e, 0x89, 0x4e, 0xf5, 0xe6, 0x3c, 0x92, 0x80, 0x1e, 0x98, 0x1c,
+    0x6a, 0x7b, 0x57, 0x01, 0x02, 0x41, 0x00, 0xdd, 0x60, 0x95, 0xd7, 0xa1, 0x9d, 0x0c, 0xa1, 0x84,
+    0xc5, 0x39, 0xca, 0x67, 0x4c, 0x1c, 0x06, 0x71, 0x5b, 0x5c, 0x2d, 0x8d, 0xce, 0xcd, 0xe2, 0x79,
+    0xc8, 0x33, 0xbe, 0x50, 0x37, 0x60, 0x9f, 0x3b, 0xb9, 0x59, 0x55, 0x22, 0x1f, 0xa5, 0x4b, 0x1d,
+    0xca, 0x38, 0xa0, 0xab, 0x87, 0x9c, 0x86, 0x0e, 0xdb, 0x1c, 0x4f, 0x4f, 0x07, 0xed, 0x18, 0x3f,
+    0x05, 0x3c, 0xec, 0x78, 0x11, 0xf6, 0x99, 0x02, 0x41, 0x00, 0xc2, 0xc5, 0xcf, 0xbe, 0x95, 0x91,
+    0xeb, 0xcf, 0x47, 0xf3, 0x33, 0x32, 0xc7, 0x7e, 0x93, 0x56, 0xf7, 0xd8, 0xf9, 0xd4, 0xb6, 0xd6,
+    0x20, 0xac, 0xba, 0x8a, 0x20, 0x19, 0x14, 0xab, 0xc5, 0x5d, 0xb2, 0x08, 0xcc, 0x77, 0x7c, 0x65,
+    0xa8, 0xdb, 0x66, 0x97, 0x36, 0x44, 0x2c, 0x63, 0xc0, 0x6a, 0x7e, 0xb0, 0x0b, 0x5c, 0x90, 0x12,
+    0x50, 0xb4, 0x36, 0x60, 0xc3, 0x1f, 0x22, 0x0c, 0xc8, 0x13, 0x02, 0x40, 0x33, 0xc8, 0x7e, 0x04,
+    0x7c, 0x97, 0x61, 0xf6, 0xfe, 0x39, 0xac, 0x34, 0xfe, 0x48, 0xbd, 0x5d, 0x7c, 0x72, 0xa4, 0x73,
+    0x3b, 0x72, 0x9e, 0x92, 0x55, 0x6e, 0x51, 0x3c, 0x39, 0x43, 0x5a, 0xe4, 0xa4, 0x71, 0xcc, 0xc5,
+    0xaf, 0x3f, 0xbb, 0xc8, 0x80, 0x65, 0x67, 0x2d, 0x9e, 0x32, 0x10, 0x99, 0x03, 0x2c, 0x99, 0xc8,
+    0xab, 0x71, 0xed, 0x31, 0xf8, 0xbb, 0xde, 0xee, 0x69, 0x7f, 0xba, 0x31, 0x02, 0x40, 0x7e, 0xbc,
+    0x60, 0x55, 0x4e, 0xd5, 0xc8, 0x6e, 0xf4, 0x0e, 0x57, 0xbe, 0x2e, 0xf9, 0x39, 0xbe, 0x59, 0x3f,
+    0xa2, 0x30, 0xbb, 0x57, 0xd1, 0xa3, 0x13, 0x2e, 0x55, 0x7c, 0x7c, 0x6a, 0xd8, 0xde, 0x02, 0xbe,
+    0x9e, 0xed, 0x10, 0xd0, 0xc5, 0x73, 0x1d, 0xea, 0x3e, 0xb1, 0x55, 0x81, 0x02, 0xef, 0x48, 0xc8,
+    0x1c, 0x5c, 0x7a, 0x92, 0xb0, 0x58, 0xd3, 0x19, 0x5b, 0x5d, 0xa2, 0xb6, 0x56, 0x69, 0x02, 0x40,
+    0x1e, 0x00, 0x6a, 0x9f, 0xba, 0xee, 0x46, 0x5a, 0xc5, 0xb5, 0x9f, 0x91, 0x33, 0xdd, 0xc9, 0x96,
+    0x75, 0xb7, 0x87, 0xcf, 0x18, 0x1c, 0xb7, 0xb9, 0x3f, 0x04, 0x10, 0xb8, 0x75, 0xa9, 0xb8, 0xa0,
+    0x31, 0x35, 0x03, 0x30, 0x89, 0xc8, 0x37, 0x68, 0x20, 0x30, 0x99, 0x39, 0x96, 0xd6, 0x2b, 0x3d,
+    0x5e, 0x45, 0x84, 0xf7, 0xd2, 0x61, 0x50, 0xc9, 0x50, 0xba, 0x8d, 0x08, 0xaa, 0xd0, 0x08, 0x1e,
+};
+
+
+static const PKCS12_ATTR ATTRS1[] = {
+    { "friendlyName", "george" },
+    { "localKeyID", "1234567890" },
+    { "1.2.3.4.5", "MyCustomAttribute" },
+    { NULL, NULL }
+};
+
+static const PKCS12_ATTR ATTRS2[] = {
+    { "friendlyName", "janet" },
+    { "localKeyID", "987654321" },
+    { "1.2.3.5.8.13", "AnotherCustomAttribute" },
+    { NULL, NULL }
+};
+
+static const PKCS12_ENC enc_default = {
+    NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
+    "Password1",
+    1000
+};
+
+static const PKCS12_ENC mac_default = {
+    NID_sha1,
+    "Password1",
+    1000
+};
+
+
+/* --------------------------------------------------------------------------
+ * Local functions
+ */ 
+
+static int get_custom_oid(void)
+{
+    static int sec_nid = -1;
+
+    if (sec_nid != -1)
+        return sec_nid;
+    if (!TEST_true(OBJ_create("1.3.5.7.9", "CustomSecretOID", "My custom secret OID")))
+        return -1;
+    return sec_nid = OBJ_txt2nid("CustomSecretOID");
+}
+
+
+/* --------------------------------------------------------------------------
+ * PKCS12 format tests
+ */
+
+static int test_single_cert_no_attrs(void)
+{
+    PKCS12_BUILDER *pb = new_pkcs12_builder("1cert.p12");
+
+    /* Generate/encode */
+    start_pkcs12(pb);
+
+        start_contentinfo(pb);
+
+            add_certbag(pb, CERT1, sizeof(CERT1), NULL);
+
+        end_contentinfo(pb);
+
+    end_pkcs12(pb);
+
+    /* Read/decode */
+    start_check_pkcs12(pb);
+
+        start_check_contentinfo(pb);
+
+            check_certbag(pb, CERT1, sizeof(CERT1), NULL);
+
+        end_check_contentinfo(pb);
+
+    end_check_pkcs12(pb);
+
+    return end_pkcs12_builder(pb);
+}
+
+static int test_single_key_with_attrs(void)
+{
+    PKCS12_BUILDER *pb = new_pkcs12_builder("1key.p12");
+    
+    /* Generate/encode */
+    start_pkcs12(pb);
+
+        start_contentinfo(pb);
+
+            add_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
+
+        end_contentinfo(pb);
+
+    end_pkcs12(pb);
+
+    /* Read/decode */
+    start_check_pkcs12(pb);
+
+        start_check_contentinfo(pb);
+
+            check_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
+
+        end_check_contentinfo(pb);
+
+    end_check_pkcs12(pb);
+
+    return end_pkcs12_builder(pb);
+}
+
+static int test_cert_key_with_attrs_and_mac(void)
+{
+    PKCS12_BUILDER *pb = new_pkcs12_builder("1cert1key.p12");
+    
+    /* Generate/encode */
+    start_pkcs12(pb);
+
+        start_contentinfo(pb);
+
+            add_certbag(pb, CERT1, sizeof(CERT1), ATTRS1);
+            add_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
+
+        end_contentinfo(pb);
+
+    end_pkcs12_with_mac(pb, &mac_default);
+
+    /* Read/decode */
+    start_check_pkcs12_with_mac(pb, &mac_default);
+
+        start_check_contentinfo(pb);
+
+            check_certbag(pb, CERT1, sizeof(CERT1), ATTRS1);
+            check_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
+
+        end_check_contentinfo(pb);
+
+    end_check_pkcs12(pb);
+
+    return end_pkcs12_builder(pb);
+}
+
+static int test_cert_key_encrypted_content(void)
+{
+    PKCS12_BUILDER *pb = new_pkcs12_builder("1cert1key_enc.p12");
+    
+    /* Generate/encode */
+    start_pkcs12(pb);
+
+        start_contentinfo(pb);
+
+            add_certbag(pb, CERT1, sizeof(CERT1), ATTRS1);
+            add_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
+
+        end_contentinfo_encrypted(pb, &enc_default);
+
+    end_pkcs12_with_mac(pb, &mac_default);
+
+    /* Read/decode */
+    start_check_pkcs12_with_mac(pb, &mac_default);
+
+        start_check_contentinfo_encrypted(pb, &enc_default);
+
+            check_certbag(pb, CERT1, sizeof(CERT1), ATTRS1);
+            check_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
+
+        end_check_contentinfo(pb);
+
+    end_check_pkcs12(pb);
+
+    return end_pkcs12_builder(pb);
+}
+
+static int test_single_secret_encrypted_content(void)
+{
+    PKCS12_BUILDER *pb = new_pkcs12_builder("1secret.p12");
+    int custom_nid = get_custom_oid();
+    
+    /* Generate/encode */
+    start_pkcs12(pb);
+
+        start_contentinfo(pb);
+
+            add_secretbag(pb, custom_nid, "VerySecretMessage", ATTRS1);
+
+        end_contentinfo_encrypted(pb, &enc_default);
+
+    end_pkcs12_with_mac(pb, &mac_default);
+
+    /* Read/decode */
+    start_check_pkcs12_with_mac(pb, &mac_default);
+
+        start_check_contentinfo_encrypted(pb, &enc_default);
+
+            check_secretbag(pb, custom_nid, "VerySecretMessage", ATTRS1);
+
+        end_check_contentinfo(pb);
+
+    end_check_pkcs12(pb);
+
+    return end_pkcs12_builder(pb);
+}
+
+static int test_multiple_contents(void)
+{
+    PKCS12_BUILDER *pb = new_pkcs12_builder("multi_contents.p12");
+    int custom_nid = get_custom_oid();
+    
+    /* Generate/encode */
+    start_pkcs12(pb);
+
+        start_contentinfo(pb);
+
+            add_certbag(pb, CERT1, sizeof(CERT1), ATTRS1);
+            add_certbag(pb, CERT2, sizeof(CERT2), ATTRS2);
+            add_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
+            add_keybag(pb, KEY2, sizeof(KEY2), ATTRS2, &enc_default);
+
+        end_contentinfo(pb);
+
+        start_contentinfo(pb);
+
+            add_secretbag(pb, custom_nid, "VeryVerySecretMessage", ATTRS1);
+
+        end_contentinfo_encrypted(pb, &enc_default);
+
+    end_pkcs12_with_mac(pb, &mac_default);
+
+    /* Read/decode */
+    start_check_pkcs12_with_mac(pb, &mac_default);
+
+        start_check_contentinfo(pb);
+
+            check_certbag(pb, CERT1, sizeof(CERT1), ATTRS1);
+            check_certbag(pb, CERT2, sizeof(CERT2), ATTRS2);
+            check_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
+            check_keybag(pb, KEY2, sizeof(KEY2), ATTRS2, &enc_default);
+
+        end_check_contentinfo(pb);
+
+        start_check_contentinfo_encrypted(pb, &enc_default);
+
+            check_secretbag(pb, custom_nid, "VeryVerySecretMessage", ATTRS1);
+
+        end_check_contentinfo(pb);
+
+    end_check_pkcs12(pb);
+
+    return end_pkcs12_builder(pb);
+}
+
+
+int setup_tests(void)
+{
+    ADD_TEST(test_single_cert_no_attrs);
+    ADD_TEST(test_single_key_with_attrs);
+    ADD_TEST(test_cert_key_with_attrs_and_mac);
+    ADD_TEST(test_cert_key_encrypted_content);
+    ADD_TEST(test_single_secret_encrypted_content);
+    ADD_TEST(test_multiple_contents);
+    return 1;
+}
+
diff --git a/test/pkcs12_helper.c b/test/pkcs12_helper.c
new file mode 100644
index 0000000000..22bebe8e2b
--- /dev/null
+++ b/test/pkcs12_helper.c
@@ -0,0 +1,708 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "internal/nelem.h"
+
+#include <openssl/pkcs12.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/pem.h>
+
+#include "testutil.h"
+#include "pkcs12_helper.h"
+
+
+DEFINE_STACK_OF(PKCS7)
+DEFINE_STACK_OF(PKCS12_SAFEBAG)
+DEFINE_STACK_OF(X509_ATTRIBUTE)
+
+/* Set this to > 0 write test data to file */
+int write_files = 0;
+
+/* -------------------------------------------------------------------------
+ * Local function declarations
+ */
+
+static X509 *load_cert(const unsigned char *bytes, int len);
+static EVP_PKEY *load_pkey(const unsigned char *bytes, int len);
+
+static int add_attributes(PKCS12_SAFEBAG *bag, const PKCS12_ATTR *attrs);
+
+static void generate_p12(PKCS12_BUILDER *pb, const PKCS12_ENC *mac);
+static int write_p12(PKCS12 *p12, const char *outfile);
+
+static PKCS12 *from_bio_p12(BIO *bio, const PKCS12_ENC *mac);
+static PKCS12 *read_p12(const char *infile, const PKCS12_ENC *mac);
+static int check_p12_mac(PKCS12 *p12, const PKCS12_ENC *mac);
+static int check_asn1_string(const ASN1_TYPE *av, const char *txt);
+static int check_attrs(const STACK_OF(X509_ATTRIBUTE) *bag_attrs, const PKCS12_ATTR *attrs);
+
+
+/* --------------------------------------------------------------------------
+ * Test data load functions
+ */
+
+static X509 *load_cert(const unsigned char *bytes, int len)
+{
+    X509 *cert = NULL;
+
+    cert = d2i_X509(NULL, &bytes, len);
+    if (!TEST_ptr(cert))
+        goto err;
+err:
+    return cert;
+}
+
+static EVP_PKEY *load_pkey(const unsigned char *bytes, int len)
+{
+    EVP_PKEY *pkey = NULL;
+
+    pkey = d2i_AutoPrivateKey(NULL, &bytes, len);
+    if (!TEST_ptr(pkey))
+        goto err;
+err:
+    return pkey;
+}
+
+
+/* -------------------------------------------------------------------------
+ * PKCS12 builder
+ */
+
+PKCS12_BUILDER *new_pkcs12_builder(const char *filename)
+{
+    PKCS12_BUILDER *pb = OPENSSL_malloc(sizeof(PKCS12_BUILDER));
+    if (!TEST_ptr(pb))
+        return NULL;
+
+    pb->filename = filename;
+    pb->success = 1;
+    return pb;
+}
+
+int end_pkcs12_builder(PKCS12_BUILDER *pb)
+{
+    int result = pb->success;
+
+    OPENSSL_free(pb);
+    return result;
+}
+
+
+void start_pkcs12(PKCS12_BUILDER *pb)
+{
+    pb->safes = NULL;
+}
+
+
+void end_pkcs12(PKCS12_BUILDER *pb)
+{
+    if (!pb->success)
+        return;
+    generate_p12(pb, NULL);
+}
+
+
+void end_pkcs12_with_mac(PKCS12_BUILDER *pb, const PKCS12_ENC *mac)
+{
+    if (!pb->success)
+        return;
+    generate_p12(pb, mac);
+}
+
+
+/* Generate the PKCS12 encoding and write to memory bio */
+static void generate_p12(PKCS12_BUILDER *pb, const PKCS12_ENC *mac)
+{
+    PKCS12 *p12;
+
+    if (!pb->success)
+        return;
+
+    pb->p12bio = BIO_new(BIO_s_mem());
+    if (!TEST_ptr(pb->p12bio)) {
+        pb->success = 0;
+        return;
+    }
+    p12 = PKCS12_add_safes(pb->safes, 0);
+    if (!TEST_ptr(p12)) {
+        pb->success = 0;
+        goto err;
+    }
+    sk_PKCS7_pop_free(pb->safes, PKCS7_free);
+
+    if (mac != NULL) {
+        if (!TEST_true(PKCS12_set_mac(p12, mac->pass, strlen(mac->pass),
+                                      NULL, 0, mac->iter, EVP_get_digestbynid(mac->nid)))) {
+            pb->success = 0;
+            goto err;
+        }
+    }
+    i2d_PKCS12_bio(pb->p12bio, p12);
+
+    /* Can write to file here for debug */
+    if (write_files)
+        write_p12(p12, pb->filename);
+err:
+    PKCS12_free(p12);
+}
+
+
+static int write_p12(PKCS12 *p12, const char *outfile)
+{
+    int ret = 0;
+    BIO *out = BIO_new_file(outfile, "w");
+
+    if (out == NULL)
+        goto err;
+
+    if (!TEST_int_eq(i2d_PKCS12_bio(out, p12), 1))
+        goto err;
+    ret = 1;
+err:
+    BIO_free(out);
+    return ret;
+}
+
+static PKCS12 *from_bio_p12(BIO *bio, const PKCS12_ENC *mac)
+{
+    PKCS12 *p12 = NULL;
+
+    p12 = d2i_PKCS12_bio(bio, NULL);
+    BIO_free(bio);
+    if (!TEST_ptr(p12))
+        goto err;
+    if (mac == NULL) {
+        if (!TEST_false(PKCS12_mac_present(p12)))
+            goto err;
+    } else {
+        if (!check_p12_mac(p12, mac))
+            goto err;
+    }
+    return p12;
+err:
+    PKCS12_free(p12);
+    return NULL;
+}
+
+
+/* For use with existing files */
+static PKCS12 *read_p12(const char *infile, const PKCS12_ENC *mac)
+{
+    PKCS12 *p12 = NULL;
+    BIO *in = BIO_new_file(infile, "r");
+
+    if (in == NULL)
+        goto err;
+    p12 = d2i_PKCS12_bio(in, NULL);
+    BIO_free(in);
+    if (!TEST_ptr(p12))
+        goto err;
+    if (mac == NULL) {
+        if (!TEST_false(PKCS12_mac_present(p12)))
+            goto err;
+    } else {
+        if (!check_p12_mac(p12, mac))
+            goto err;
+    }
+    return p12;
+err:
+    PKCS12_free(p12);
+    return NULL;
+}
+
+static int check_p12_mac(PKCS12 *p12, const PKCS12_ENC *mac)
+{
+    return TEST_true(PKCS12_mac_present(p12))
+        && TEST_true(PKCS12_verify_mac(p12, mac->pass, strlen(mac->pass)));
+}
+
+
+/* -------------------------------------------------------------------------
+ * PKCS7 content info builder
+ */
+
+void start_contentinfo(PKCS12_BUILDER *pb)
+{
+    pb->bags = NULL;
+}
+
+
+void end_contentinfo(PKCS12_BUILDER *pb)
+{
+    if (pb->success) {
+        if (pb->bags && !TEST_true(PKCS12_add_safe(&pb->safes, pb->bags, -1, 0, NULL))) {
+            pb->success = 0;
+            return;
+        }
+    }
+    sk_PKCS12_SAFEBAG_pop_free(pb->bags, PKCS12_SAFEBAG_free);
+    pb->bags = NULL;
+}
+
+
+void end_contentinfo_encrypted(PKCS12_BUILDER *pb, const PKCS12_ENC *enc)
+{
+    if (pb->success) {
+        if (pb->bags 
+            && !TEST_true(PKCS12_add_safe(&pb->safes, pb->bags, enc->nid, enc->iter, enc->pass))) {
+            pb->success = 0;
+            return;
+        }
+    }
+    sk_PKCS12_SAFEBAG_pop_free(pb->bags, PKCS12_SAFEBAG_free);
+    pb->bags = NULL;
+}
+
+
+static STACK_OF(PKCS12_SAFEBAG) *decode_contentinfo(STACK_OF(PKCS7) *safes, int idx, const PKCS12_ENC *enc)
+{
+    STACK_OF(PKCS12_SAFEBAG) *bags = NULL;
+    PKCS7 *p7 = sk_PKCS7_value(safes, idx);
+    int bagnid = OBJ_obj2nid(p7->type);
+
+    if (enc) {
+        if (!TEST_int_eq(bagnid, NID_pkcs7_encrypted))
+            goto err;
+        /* TODO: Check algorithm (iterations?) against what we originally set */
+        bags = PKCS12_unpack_p7encdata(p7, enc->pass, strlen(enc->pass));
+    } else {
+        if (!TEST_int_eq(bagnid, NID_pkcs7_data))
+            goto err;
+        bags = PKCS12_unpack_p7data(p7);
+    }
+    if (!TEST_ptr(bags))
+        goto err;
+
+    return bags;
+err:
+    return NULL;
+}
+
+
+/* -------------------------------------------------------------------------
+ * PKCS12 safeBag/attribute builder
+ */
+
+static int add_attributes(PKCS12_SAFEBAG *bag, const PKCS12_ATTR *attrs)
+{
+    int ret = 0;
+    int attr_nid;
+    const PKCS12_ATTR *p_attr = attrs;
+
+    if (attrs == NULL)
+        return 1;
+
+    while (p_attr->oid != NULL) {
+        TEST_info("Adding attribute %s = %s", p_attr->oid, p_attr->value);
+        attr_nid = OBJ_txt2nid(p_attr->oid);
+
+        if (attr_nid == NID_friendlyName) {
+            if (!TEST_true(PKCS12_add_friendlyname(bag, p_attr->value, -1)))
+                goto err;
+        } else if (attr_nid == NID_localKeyID) {
+            if (!TEST_true(PKCS12_add_localkeyid(bag, (unsigned char *)p_attr->value,
+                                                 strlen(p_attr->value))))
+                goto err;
+        } else {
+            /* Custom attribute values limited to ASCII in these tests */
+            if (!TEST_true(PKCS12_add1_attr_by_txt(bag, p_attr->oid, MBSTRING_ASC,
+                                                   (unsigned char *)p_attr->value,
+                                                   strlen(p_attr->value))))
+                goto err;
+        }
+        p_attr++;
+    }
+    ret = 1;
+err:
+    return ret;
+}
+
+void add_certbag(PKCS12_BUILDER *pb, const unsigned char *bytes, int len,
+                 const PKCS12_ATTR *attrs)
+{
+    PKCS12_SAFEBAG *bag = NULL;
+    X509 *cert = NULL;
+    char *name;
+
+    if (!pb->success)
+        return;
+
+    cert = load_cert(bytes, len);
+    if (!TEST_ptr(cert)) {
+        pb->success = 0;
+        return;
+    }
+
+    name = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0);
+    TEST_info("Adding certificate <%s>", name);
+    OPENSSL_free(name);
+
+    bag = PKCS12_add_cert(&pb->bags, cert);
+    if (!TEST_ptr(bag)) {
+        pb->success = 0;
+        goto err;
+    }
+
+    if (!TEST_true(add_attributes(bag, attrs))) {
+        pb->success = 0;
+        goto err;
+    }
+err:
+    X509_free(cert);
+}
+
+void add_keybag(PKCS12_BUILDER *pb, const unsigned char *bytes, int len,
+                const PKCS12_ATTR *attrs, const PKCS12_ENC *enc)
+{
+    PKCS12_SAFEBAG *bag = NULL;
+    EVP_PKEY *pkey = NULL;
+
+    if (!pb->success)
+        return;
+
+    TEST_info("Adding key");
+
+    pkey = load_pkey(bytes, len);
+    if (!TEST_ptr(pkey)) {
+        pb->success = 0;
+        return;
+    }
+
+    bag = PKCS12_add_key(&pb->bags, pkey, 0 /*keytype*/, enc->iter, enc->nid, enc->pass);
+    if (!TEST_ptr(bag)) {
+        pb->success = 0;
+        goto err;
+    }
+    if (!add_attributes(bag, attrs))
+        pb->success = 0;
+err:
+    EVP_PKEY_free(pkey);
+}
+
+void add_secretbag(PKCS12_BUILDER *pb, int secret_nid, const char *secret,
+                               const PKCS12_ATTR *attrs)
+{
+    PKCS12_SAFEBAG *bag = NULL;
+
+    if (!pb->success)
+        return;
+
+    TEST_info("Adding secret <%s>", secret);
+
+    bag = PKCS12_add_secret(&pb->bags, secret_nid, (const unsigned char *)secret, strlen(secret));
+    if (!TEST_ptr(bag)) {
+        pb->success = 0;
+        return;
+    }
+    if (!add_attributes(bag, attrs))
+        pb->success = 0;
+}
+
+
+/* -------------------------------------------------------------------------
+ * PKCS12 structure checking
+ */
+
+static int check_asn1_string(const ASN1_TYPE *av, const char *txt)
+{
+    int ret = 0;
+    char *value = NULL;
+
+    if (!TEST_ptr(av))
+        goto err;
+
+    switch (av->type) {
+    case V_ASN1_BMPSTRING:
+        value = OPENSSL_uni2asc(av->value.bmpstring->data,
+                                av->value.bmpstring->length);
+        if (!TEST_str_eq(txt, (char *)value))
+            goto err;
+        break;
+
+    case V_ASN1_UTF8STRING:
+        if (!TEST_str_eq(txt, (char *)av->value.utf8string->data))
+            goto err;
+        break;
+
+    case V_ASN1_OCTET_STRING:
+        if (!TEST_str_eq(txt, (char *)av->value.octet_string->data))
+            goto err;
+        break;
+
+    default:
+        /* Tests do not support other attribute types currently */
+        goto err;
+    }
+    ret = 1;
+err:
+    OPENSSL_free(value);
+    return ret;
+}
+
+static int check_attrs(const STACK_OF(X509_ATTRIBUTE) *bag_attrs, const PKCS12_ATTR *attrs)
+{
+    int ret = 0;
+    X509_ATTRIBUTE *attr;
+    ASN1_TYPE *av;
+    int i, j;
+    char attr_txt[100];
+
+    for (i = 0; i < sk_X509_ATTRIBUTE_num(bag_attrs); i++) {
+        const PKCS12_ATTR *p_attr = attrs;
+        ASN1_OBJECT *attr_obj;
+
+        attr = sk_X509_ATTRIBUTE_value(bag_attrs, i);
+        attr_obj = X509_ATTRIBUTE_get0_object(attr);
+        OBJ_obj2txt(attr_txt, 100, attr_obj, 0);
+
+        while(p_attr->oid != NULL) {
+            /* Find a matching attribute type */
+            if (strcmp(p_attr->oid, attr_txt) == 0) {
+
+                /* TODO: Handle multi-value attributes */
+                if (!TEST_int_eq(X509_ATTRIBUTE_count(attr), 1))
+                    goto err;
+
+                for (j = 0; j < X509_ATTRIBUTE_count(attr); j++)
+                {
+                    av = X509_ATTRIBUTE_get0_type(attr, j);
+                    if (!TEST_true(check_asn1_string(av, p_attr->value)))
+                        goto err;
+                }
+                break;
+            }
+            p_attr++;
+        }
+    }
+    ret = 1;
+err:
+    return ret;
+}
+
+void check_certbag(PKCS12_BUILDER *pb, const unsigned char *bytes, int len,
+                   const PKCS12_ATTR *attrs)
+{
+    X509 *x509 = NULL;
+    X509 *ref_x509 = NULL;
+    const PKCS12_SAFEBAG *bag;
+
+    if (!pb->success)
+        return;
+
+    bag = sk_PKCS12_SAFEBAG_value(pb->bags, pb->bag_idx++);
+    if (!TEST_ptr(bag)) {
+        pb->success = 0;
+        return;
+    }
+    if (!check_attrs(PKCS12_SAFEBAG_get0_attrs(bag), attrs)
+        || !TEST_int_eq(PKCS12_SAFEBAG_get_nid(bag), NID_certBag)
+        || !TEST_int_eq(PKCS12_SAFEBAG_get_bag_nid(bag), NID_x509Certificate)) {
+        pb->success = 0;
+        return;
+    }
+    x509 = PKCS12_SAFEBAG_get1_cert(bag);
+    if (!TEST_ptr(x509)) {
+        pb->success = 0;
+        goto err;
+    }
+    ref_x509 = load_cert(bytes, len);
+    if (!TEST_false(X509_cmp(x509, ref_x509)))
+        pb->success = 0;
+err:
+    X509_free(x509);
+    X509_free(ref_x509);
+}
+
+void check_keybag(PKCS12_BUILDER *pb, const unsigned char *bytes, int len,
+                  const PKCS12_ATTR *attrs, const PKCS12_ENC *enc)
+{
+    EVP_PKEY *pkey = NULL;
+    EVP_PKEY *ref_pkey = NULL;
+    PKCS8_PRIV_KEY_INFO *p8;
+    const PKCS8_PRIV_KEY_INFO *p8c;
+    const PKCS12_SAFEBAG *bag;
+
+    if (!pb->success)
+        return;
+
+    bag = sk_PKCS12_SAFEBAG_value(pb->bags, pb->bag_idx++);
+    if (!TEST_ptr(bag)) {
+        pb->success = 0;
+        return;
+    }
+
+    if (!check_attrs(PKCS12_SAFEBAG_get0_attrs(bag), attrs)) {
+        pb->success = 0;
+        return;
+    }
+
+    switch (PKCS12_SAFEBAG_get_nid(bag)) {
+    case NID_keyBag:
+        p8c = PKCS12_SAFEBAG_get0_p8inf(bag);
+        if (!TEST_ptr(pkey = EVP_PKCS82PKEY(p8c))) {
+            pb->success = 0;
+            goto err;
+        }
+        /* TODO: handle key attributes */
+        /* PKCS8_pkey_get0_attrs(p8c); */
+        break;
+
+    case NID_pkcs8ShroudedKeyBag:
+        if (!TEST_ptr(p8 = PKCS12_decrypt_skey(bag, enc->pass, strlen(enc->pass)))) {
+            pb->success = 0;
+            goto err;
+        }
+        if (!TEST_ptr(pkey = EVP_PKCS82PKEY(p8))) {
+            PKCS8_PRIV_KEY_INFO_free(p8);
+            pb->success = 0;
+            goto err;
+        }
+        /* TODO: handle key attributes */
+        /* PKCS8_pkey_get0_attrs(p8); */
+        PKCS8_PRIV_KEY_INFO_free(p8);
+        break;
+
+    default:
+        pb->success = 0;
+        goto err;
+    }
+
+    /* PKEY compare returns 1 for match */
+    ref_pkey = load_pkey(bytes, len);
+    if (!TEST_true(EVP_PKEY_eq(pkey, ref_pkey)))
+        pb->success = 0;
+err:
+    EVP_PKEY_free(pkey);
+    EVP_PKEY_free(ref_pkey);
+}
+
+void check_secretbag(PKCS12_BUILDER *pb, int secret_nid, const char *secret, const PKCS12_ATTR *attrs)
+{
+    const PKCS12_SAFEBAG *bag;
+
+    if (!pb->success)
+        return;
+        
+    bag = sk_PKCS12_SAFEBAG_value(pb->bags, pb->bag_idx++);
+    if (!TEST_ptr(bag)) {
+        pb->success = 0;
+        return;
+    }   
+    
+    if (!check_attrs(PKCS12_SAFEBAG_get0_attrs(bag), attrs)
+        || !TEST_int_eq(PKCS12_SAFEBAG_get_nid(bag), NID_secretBag)
+        || !TEST_int_eq(PKCS12_SAFEBAG_get_bag_nid(bag), secret_nid)
+        || !TEST_true(check_asn1_string(PKCS12_SAFEBAG_get0_bag_obj(bag), secret)))
+        pb->success = 0;
+}
+
+
+void start_check_pkcs12(PKCS12_BUILDER *pb)
+{
+    PKCS12 *p12 = from_bio_p12(pb->p12bio, NULL);
+    if (!TEST_ptr(p12)) {
+        pb->success = 0;
+        return;
+    }
+    pb->safes = PKCS12_unpack_authsafes(p12);
+    if (!TEST_ptr(pb->safes))
+        pb->success = 0;
+
+    pb->safe_idx = 0;
+    PKCS12_free(p12);
+}
+
+void start_check_pkcs12_with_mac(PKCS12_BUILDER *pb, const PKCS12_ENC *mac)
+{
+    PKCS12 *p12 = from_bio_p12(pb->p12bio, mac); 
+    if (!TEST_ptr(p12)) {
+        pb->success = 0;
+        return;
+    }
+    pb->safes = PKCS12_unpack_authsafes(p12); 
+    if (!TEST_ptr(pb->safes)) 
+        pb->success = 0;
+
+    pb->safe_idx = 0;
+    PKCS12_free(p12);
+}
+
+void start_check_pkcs12_file(PKCS12_BUILDER *pb)
+{
+    PKCS12 *p12 = read_p12(pb->filename, NULL);
+    if (!TEST_ptr(p12)) {
+        pb->success = 0;
+        return;
+    }
+    pb->safes = PKCS12_unpack_authsafes(p12);
+    if (!TEST_ptr(pb->safes))
+        pb->success = 0;
+
+    pb->safe_idx = 0;
+    PKCS12_free(p12);
+}       
+        
+void start_check_pkcs12_file_with_mac(PKCS12_BUILDER *pb, const PKCS12_ENC *mac)
+{
+    PKCS12 *p12 = read_p12(pb->filename, mac);
+    if (!TEST_ptr(p12)) {
+        pb->success = 0;
+        return;
+    }
+    pb->safes = PKCS12_unpack_authsafes(p12);
+    if (!TEST_ptr(pb->safes))
+        pb->success = 0;
+
+    pb->safe_idx = 0;
+    PKCS12_free(p12);
+}
+
+void end_check_pkcs12(PKCS12_BUILDER *pb)
+{
+    sk_PKCS7_pop_free(pb->safes, PKCS7_free);
+}
+
+
+void start_check_contentinfo(PKCS12_BUILDER *pb)
+{
+    pb->bag_idx = 0;
+    pb->bags = decode_contentinfo(pb->safes, pb->safe_idx++, NULL);
+    if (!TEST_ptr(pb->bags)) {
+        pb->success = 0;
+        return;
+    }
+    TEST_info("Decoding %d bags", sk_PKCS12_SAFEBAG_num(pb->bags));
+}
+
+void start_check_contentinfo_encrypted(PKCS12_BUILDER *pb, const PKCS12_ENC *enc)
+{
+    pb->bag_idx = 0;
+    pb->bags = decode_contentinfo(pb->safes, pb->safe_idx++, enc);
+    if (!TEST_ptr(pb->bags)) {
+        pb->success = 0;
+        return;
+    }
+    TEST_info("Decoding %d bags", sk_PKCS12_SAFEBAG_num(pb->bags));
+}
+
+
+void end_check_contentinfo(PKCS12_BUILDER *pb)
+{
+    if (!TEST_int_eq(sk_PKCS12_SAFEBAG_num(pb->bags), pb->bag_idx))
+        pb->success = 0;
+    sk_PKCS12_SAFEBAG_pop_free(pb->bags, PKCS12_SAFEBAG_free);
+    pb->bags = NULL;
+}
+
+
diff --git a/test/pkcs12_helper.h b/test/pkcs12_helper.h
new file mode 100644
index 0000000000..8ae640d7f8
--- /dev/null
+++ b/test/pkcs12_helper.h
@@ -0,0 +1,99 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "internal/nelem.h"
+
+#include <openssl/pkcs12.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/pem.h>
+
+#include "testutil.h"
+
+/* Set this to > 0 write test data to file */
+extern int write_files;
+
+/* -------------------------------------------------------------------------
+ * PKCS#12 Test structures
+ */
+
+/* Holds a set of Attributes */
+typedef struct pkcs12_attr {
+    char *oid;
+    char *value;
+} PKCS12_ATTR;
+
+
+/* Holds encryption parameters */
+typedef struct pkcs12_enc {
+    int      nid;
+    char    *pass;
+    int      iter;
+} PKCS12_ENC;
+
+/* Set of variables required for constructing the PKCS#12 structure */
+typedef struct pkcs12_builder {
+    const char *filename;
+    int success;
+    BIO *p12bio;
+    STACK_OF(PKCS7) *safes;
+    int safe_idx;
+    STACK_OF(PKCS12_SAFEBAG) *bags;
+    int bag_idx;
+} PKCS12_BUILDER;
+
+
+/* -------------------------------------------------------------------------
+ * PKCS#12 Test function declarations
+ */
+
+/* Allocate and initialise a PKCS#12 builder object */
+PKCS12_BUILDER *new_pkcs12_builder(const char *filename);
+
+/* Finalise and free the PKCS#12 builder object, returning the success/fail flag */
+int end_pkcs12_builder(PKCS12_BUILDER *pb);
+
+/* Encode/build functions */
+void start_pkcs12(PKCS12_BUILDER *pb);
+void end_pkcs12(PKCS12_BUILDER *pb);
+void end_pkcs12_with_mac(PKCS12_BUILDER *pb, const PKCS12_ENC *mac);
+
+void start_contentinfo(PKCS12_BUILDER *pb);
+void end_contentinfo(PKCS12_BUILDER *pb);
+void end_contentinfo_encrypted(PKCS12_BUILDER *pb, const PKCS12_ENC *enc);
+
+void add_certbag(PKCS12_BUILDER *pb, const unsigned char *bytes, int len,
+                 const PKCS12_ATTR *attrs);
+void add_keybag(PKCS12_BUILDER *pb, const unsigned char *bytes, int len,
+                const PKCS12_ATTR *attrs, const PKCS12_ENC *enc);
+void add_secretbag(PKCS12_BUILDER *pb, int secret_nid, const char *secret,
+                   const PKCS12_ATTR *attrs);
+
+/* Decode/check functions */
+void start_check_pkcs12(PKCS12_BUILDER *pb);
+void start_check_pkcs12_with_mac(PKCS12_BUILDER *pb, const PKCS12_ENC *mac);
+void start_check_pkcs12_file(PKCS12_BUILDER *pb);
+void start_check_pkcs12_file_with_mac(PKCS12_BUILDER *pb, const PKCS12_ENC *mac);
+void end_check_pkcs12(PKCS12_BUILDER *pb);
+
+void start_check_contentinfo(PKCS12_BUILDER *pb);
+void start_check_contentinfo_encrypted(PKCS12_BUILDER *pb, const PKCS12_ENC *enc);
+void end_check_contentinfo(PKCS12_BUILDER *pb);
+
+void check_certbag(PKCS12_BUILDER *pb, const unsigned char *bytes, int len,
+                   const PKCS12_ATTR *attrs);
+void check_keybag(PKCS12_BUILDER *pb, const unsigned char *bytes, int len,
+                  const PKCS12_ATTR *attrs, const PKCS12_ENC *enc);
+void check_secretbag(PKCS12_BUILDER *pb, int secret_nid, const char *secret,
+                     const PKCS12_ATTR *attrs);
+
diff --git a/test/recipes/80-test_pkcs12.t b/test/recipes/80-test_pkcs12.t
index 77a442f765..fa95649212 100644
--- a/test/recipes/80-test_pkcs12.t
+++ b/test/recipes/80-test_pkcs12.t
@@ -57,7 +57,10 @@ if (eval { require Win32::API; 1; }) {
 }
 $ENV{OPENSSL_WIN32_UTF8}=1;
 
-plan tests => 1;
+plan tests => 2;
+
+# Test different PKCS#12 formats
+ok(run(test(["pkcs12_format_test"])), "test pkcs12 formats");
 
 # just see that we can read shibboleth.pfx protected with $pass
 ok(run(app(["openssl", "pkcs12", "-noout",
diff --git a/util/libcrypto.num b/util/libcrypto.num
index b1c7947b86..f1614c7813 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5197,3 +5197,9 @@ OSSL_DESERIALIZER_CTX_set_cleanup       ?	3_0_0	EXIST::FUNCTION:
 OSSL_DESERIALIZER_CTX_get_construct     ?	3_0_0	EXIST::FUNCTION:
 OSSL_DESERIALIZER_CTX_get_construct_data ?	3_0_0	EXIST::FUNCTION:
 OSSL_DESERIALIZER_CTX_get_cleanup       ?	3_0_0	EXIST::FUNCTION:
+PKCS12_SAFEBAG_get0_bag_obj             ?	3_0_0	EXIST::FUNCTION:
+PKCS12_SAFEBAG_get0_bag_type            ?	3_0_0	EXIST::FUNCTION:
+PKCS12_SAFEBAG_create_secret            ?	3_0_0	EXIST::FUNCTION:
+PKCS12_add1_attr_by_NID                 ?	3_0_0	EXIST::FUNCTION:
+PKCS12_add1_attr_by_txt                 ?	3_0_0	EXIST::FUNCTION:
+PKCS12_add_secret                       ?	3_0_0	EXIST::FUNCTION:

From pauli at openssl.org  Thu Aug  6 22:04:01 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Thu, 06 Aug 2020 22:04:01 +0000
Subject: [openssl]  master update
Message-ID: <1596751441.355596.13379.nullmailer@dev.openssl.org>

The branch master has been updated
       via  992492f5e82e0cf9b24acc14ea90ce8afd4c447a (commit)
       via  132b61604b7f782f8ff09bb63527645e47691862 (commit)
       via  af5e1e852d4858860d4b7210cafe7bdf39e73f80 (commit)
       via  18ec26babc1da90befc0bf5671bc8072428c5bab (commit)
      from  c5ec6dcf0bdd15354a1440632766e19540487c58 (commit)


- Log -----------------------------------------------------------------
commit 992492f5e82e0cf9b24acc14ea90ce8afd4c447a
Author: Pauli <paul.dale at oracle.com>
Date:   Wed Aug 5 13:24:04 2020 +1000

    gettables: documentation changes to pass the provider context.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12581)

commit 132b61604b7f782f8ff09bb63527645e47691862
Author: Pauli <paul.dale at oracle.com>
Date:   Wed Aug 5 13:23:52 2020 +1000

    gettables: test changes to pass the provider context.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12581)

commit af5e1e852d4858860d4b7210cafe7bdf39e73f80
Author: Pauli <paul.dale at oracle.com>
Date:   Wed Aug 5 13:23:32 2020 +1000

    gettables: provider changes to pass the provider context.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12581)

commit 18ec26babc1da90befc0bf5671bc8072428c5bab
Author: Pauli <paul.dale at oracle.com>
Date:   Wed Aug 5 13:23:16 2020 +1000

    gettables: core changes to pass the provider context.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12581)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/digest.c                                | 20 ++++---
 crypto/evp/evp_enc.c                               |  9 ++-
 crypto/evp/evp_rand.c                              | 16 ++++--
 crypto/evp/kdf_meth.c                              |  6 +-
 crypto/evp/keymgmt_meth.c                          |  8 ++-
 crypto/evp/mac_meth.c                              |  6 +-
 crypto/evp/pmeth_lib.c                             | 44 +++++++++++----
 crypto/serializer/deserializer_meth.c              |  6 +-
 crypto/serializer/serializer_meth.c                |  3 +-
 doc/man7/provider-asym_cipher.pod                  |  4 +-
 doc/man7/provider-cipher.pod                       |  6 +-
 doc/man7/provider-digest.pod                       |  6 +-
 doc/man7/provider-keyexch.pod                      |  4 +-
 doc/man7/provider-keymgmt.pod                      |  4 +-
 doc/man7/provider-mac.pod                          |  6 +-
 doc/man7/provider-rand.pod                         |  6 +-
 doc/man7/provider-serializer.pod                   |  2 +-
 doc/man7/provider-signature.pod                    |  4 +-
 include/openssl/core_dispatch.h                    | 65 +++++++++++++---------
 providers/implementations/asymciphers/rsa_enc.c    |  4 +-
 .../ciphers/cipher_aes_cbc_hmac_sha.c              |  4 +-
 providers/implementations/ciphers/cipher_aes_ocb.c |  7 ++-
 providers/implementations/ciphers/cipher_aes_siv.c | 20 ++++++-
 providers/implementations/ciphers/cipher_aes_xts.c |  2 +-
 .../implementations/ciphers/cipher_chacha20.c      |  4 +-
 .../ciphers/cipher_chacha20_poly1305.c             |  2 +-
 providers/implementations/ciphers/cipher_null.c    |  4 +-
 .../implementations/ciphers/cipher_rc4_hmac_md5.c  |  4 +-
 providers/implementations/ciphers/ciphercommon.c   |  6 +-
 providers/implementations/digests/digestcommon.c   |  2 +-
 providers/implementations/digests/md5_sha1_prov.c  |  2 +-
 providers/implementations/digests/mdc2_prov.c      |  2 +-
 providers/implementations/digests/sha2_prov.c      |  2 +-
 providers/implementations/digests/sha3_prov.c      |  2 +-
 providers/implementations/exchange/dh_exch.c       |  2 +-
 providers/implementations/exchange/ecdh_exch.c     |  4 +-
 .../implementations/include/prov/ciphercommon.h    |  4 +-
 .../implementations/include/prov/digestcommon.h    |  2 +-
 providers/implementations/kdfs/hkdf.c              |  4 +-
 providers/implementations/kdfs/kbkdf.c             |  6 +-
 providers/implementations/kdfs/krb5kdf.c           |  4 +-
 providers/implementations/kdfs/pbkdf2.c            |  6 +-
 providers/implementations/kdfs/scrypt.c            |  6 +-
 providers/implementations/kdfs/sshkdf.c            |  4 +-
 providers/implementations/kdfs/sskdf.c             |  4 +-
 providers/implementations/kdfs/tls1_prf.c          |  6 +-
 providers/implementations/kdfs/x942kdf.c           |  4 +-
 providers/implementations/keymgmt/dh_kmgmt.c       |  4 +-
 providers/implementations/keymgmt/dsa_kmgmt.c      |  2 +-
 providers/implementations/keymgmt/ec_kmgmt.c       |  4 +-
 providers/implementations/keymgmt/ecx_kmgmt.c      | 16 +++---
 providers/implementations/keymgmt/rsa_kmgmt.c      |  2 +-
 providers/implementations/macs/blake2_mac_impl.c   |  4 +-
 providers/implementations/macs/cmac_prov.c         |  4 +-
 providers/implementations/macs/gmac_prov.c         |  4 +-
 providers/implementations/macs/hmac_prov.c         |  4 +-
 providers/implementations/macs/kmac_prov.c         |  4 +-
 providers/implementations/macs/poly1305_prov.c     |  4 +-
 providers/implementations/macs/siphash_prov.c      |  4 +-
 providers/implementations/rands/drbg_ctr.c         |  4 +-
 providers/implementations/rands/drbg_hash.c        |  4 +-
 providers/implementations/rands/drbg_hmac.c        |  4 +-
 providers/implementations/rands/test_rng.c         |  4 +-
 .../serializers/deserialize_der2key.c              |  2 +-
 .../serializers/deserialize_pem2der.c              |  2 +-
 .../serializers/serializer_dh_priv.c               |  2 +-
 .../serializers/serializer_dsa_priv.c              |  2 +-
 .../serializers/serializer_ec_priv.c               |  2 +-
 .../serializers/serializer_ecx_priv.c              |  2 +-
 .../serializers/serializer_rsa_priv.c              |  2 +-
 providers/implementations/signature/dsa.c          |  4 +-
 providers/implementations/signature/ecdsa.c        |  4 +-
 providers/implementations/signature/rsa.c          |  4 +-
 test/tls-provider.c                                |  4 +-
 74 files changed, 263 insertions(+), 187 deletions(-)

diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 3d25b75be7..58cd160502 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -557,7 +557,8 @@ int EVP_MD_get_params(const EVP_MD *digest, OSSL_PARAM params[])
 const OSSL_PARAM *EVP_MD_gettable_params(const EVP_MD *digest)
 {
     if (digest != NULL && digest->gettable_params != NULL)
-        return digest->gettable_params();
+        return digest->gettable_params(
+                           ossl_provider_ctx(EVP_MD_provider(digest)));
     return NULL;
 }
 
@@ -581,7 +582,7 @@ int EVP_MD_CTX_set_params(EVP_MD_CTX *ctx, const OSSL_PARAM params[])
 const OSSL_PARAM *EVP_MD_settable_ctx_params(const EVP_MD *md)
 {
     if (md != NULL && md->settable_ctx_params != NULL)
-        return md->settable_ctx_params();
+        return md->settable_ctx_params(ossl_provider_ctx(EVP_MD_provider(md)));
     return NULL;
 }
 
@@ -589,10 +590,12 @@ const OSSL_PARAM *EVP_MD_CTX_settable_params(EVP_MD_CTX *ctx)
 {
     EVP_PKEY_CTX *pctx;
 
-    if (ctx != NULL
-            && ctx->digest != NULL
-            && ctx->digest->settable_ctx_params != NULL)
-        return ctx->digest->settable_ctx_params();
+    if (ctx == NULL)
+        return NULL;
+
+    if (ctx->digest != NULL && ctx->digest->settable_ctx_params != NULL)
+        return ctx->digest->settable_ctx_params(
+                  ossl_provider_ctx(EVP_MD_provider(ctx->digest)));
 
     pctx = ctx->pctx;
     if (pctx != NULL
@@ -627,7 +630,7 @@ int EVP_MD_CTX_get_params(EVP_MD_CTX *ctx, OSSL_PARAM params[])
 const OSSL_PARAM *EVP_MD_gettable_ctx_params(const EVP_MD *md)
 {
     if (md != NULL && md->gettable_ctx_params != NULL)
-        return md->gettable_ctx_params();
+        return md->gettable_ctx_params(ossl_provider_ctx(EVP_MD_provider(md)));
     return NULL;
 }
 
@@ -638,7 +641,8 @@ const OSSL_PARAM *EVP_MD_CTX_gettable_params(EVP_MD_CTX *ctx)
     if (ctx != NULL
             && ctx->digest != NULL
             && ctx->digest->gettable_ctx_params != NULL)
-        return ctx->digest->gettable_ctx_params();
+        return ctx->digest->gettable_ctx_params(
+                   ossl_provider_ctx(EVP_MD_provider(ctx->digest)));
 
     pctx = ctx->pctx;
     if (pctx != NULL
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index b8cb5daad0..6ade73e978 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -1160,21 +1160,24 @@ int EVP_CIPHER_CTX_get_params(EVP_CIPHER_CTX *ctx, OSSL_PARAM params[])
 const OSSL_PARAM *EVP_CIPHER_gettable_params(const EVP_CIPHER *cipher)
 {
     if (cipher != NULL && cipher->gettable_params != NULL)
-        return cipher->gettable_params();
+        return cipher->gettable_params(
+                   ossl_provider_ctx(EVP_CIPHER_provider(cipher)));
     return NULL;
 }
 
 const OSSL_PARAM *EVP_CIPHER_settable_ctx_params(const EVP_CIPHER *cipher)
 {
     if (cipher != NULL && cipher->settable_ctx_params != NULL)
-        return cipher->settable_ctx_params();
+        return cipher->settable_ctx_params(
+                   ossl_provider_ctx(EVP_CIPHER_provider(cipher)));
     return NULL;
 }
 
 const OSSL_PARAM *EVP_CIPHER_gettable_ctx_params(const EVP_CIPHER *cipher)
 {
     if (cipher != NULL && cipher->gettable_ctx_params != NULL)
-        return cipher->gettable_ctx_params();
+        return cipher->gettable_ctx_params(
+                   ossl_provider_ctx(EVP_CIPHER_provider(cipher)));
     return NULL;
 }
 
diff --git a/crypto/evp/evp_rand.c b/crypto/evp/evp_rand.c
index 9273fd9c19..9056f6d20b 100644
--- a/crypto/evp/evp_rand.c
+++ b/crypto/evp/evp_rand.c
@@ -377,19 +377,25 @@ int EVP_RAND_set_ctx_params(EVP_RAND_CTX *ctx, const OSSL_PARAM params[])
 
 const OSSL_PARAM *EVP_RAND_gettable_params(const EVP_RAND *rand)
 {
-    return rand->gettable_params == NULL ? NULL : rand->gettable_params();
+    if (rand->gettable_params == NULL)
+        return NULL;
+    return rand->gettable_params(ossl_provider_ctx(EVP_RAND_provider(rand)));
 }
 
 const OSSL_PARAM *EVP_RAND_gettable_ctx_params(const EVP_RAND *rand)
 {
-    return rand->gettable_ctx_params == NULL ? NULL
-                                             : rand->gettable_ctx_params();
+    if (rand->gettable_params == NULL)
+        return NULL;
+    return rand->gettable_ctx_params(
+               ossl_provider_ctx(EVP_RAND_provider(rand)));
 }
 
 const OSSL_PARAM *EVP_RAND_settable_ctx_params(const EVP_RAND *rand)
 {
-    return rand->settable_ctx_params == NULL ? NULL
-                                             : rand->settable_ctx_params();
+    if (rand->gettable_params == NULL)
+        return NULL;
+    return rand->settable_ctx_params(
+               ossl_provider_ctx(EVP_RAND_provider(rand)));
 }
 
 void EVP_RAND_do_all_provided(OPENSSL_CTX *libctx,
diff --git a/crypto/evp/kdf_meth.c b/crypto/evp/kdf_meth.c
index 9b5e01afa6..1e0128b532 100644
--- a/crypto/evp/kdf_meth.c
+++ b/crypto/evp/kdf_meth.c
@@ -169,21 +169,21 @@ const OSSL_PARAM *EVP_KDF_gettable_params(const EVP_KDF *kdf)
 {
     if (kdf->gettable_params == NULL)
         return NULL;
-    return kdf->gettable_params();
+    return kdf->gettable_params(ossl_provider_ctx(EVP_KDF_provider(kdf)));
 }
 
 const OSSL_PARAM *EVP_KDF_gettable_ctx_params(const EVP_KDF *kdf)
 {
     if (kdf->gettable_ctx_params == NULL)
         return NULL;
-    return kdf->gettable_ctx_params();
+    return kdf->gettable_ctx_params(ossl_provider_ctx(EVP_KDF_provider(kdf)));
 }
 
 const OSSL_PARAM *EVP_KDF_settable_ctx_params(const EVP_KDF *kdf)
 {
     if (kdf->settable_ctx_params == NULL)
         return NULL;
-    return kdf->settable_ctx_params();
+    return kdf->settable_ctx_params(ossl_provider_ctx(EVP_KDF_provider(kdf)));
 }
 
 void EVP_KDF_do_all_provided(OPENSSL_CTX *libctx,
diff --git a/crypto/evp/keymgmt_meth.c b/crypto/evp/keymgmt_meth.c
index 47067dd6c7..99d9504251 100644
--- a/crypto/evp/keymgmt_meth.c
+++ b/crypto/evp/keymgmt_meth.c
@@ -369,9 +369,11 @@ int evp_keymgmt_get_params(const EVP_KEYMGMT *keymgmt, void *keydata,
 
 const OSSL_PARAM *evp_keymgmt_gettable_params(const EVP_KEYMGMT *keymgmt)
 {
+    void *provctx = ossl_provider_ctx(EVP_KEYMGMT_provider(keymgmt));
+
     if (keymgmt->gettable_params == NULL)
         return NULL;
-    return keymgmt->gettable_params();
+    return keymgmt->gettable_params(provctx);
 }
 
 int evp_keymgmt_set_params(const EVP_KEYMGMT *keymgmt, void *keydata,
@@ -384,9 +386,11 @@ int evp_keymgmt_set_params(const EVP_KEYMGMT *keymgmt, void *keydata,
 
 const OSSL_PARAM *evp_keymgmt_settable_params(const EVP_KEYMGMT *keymgmt)
 {
+    void *provctx = ossl_provider_ctx(EVP_KEYMGMT_provider(keymgmt));
+
     if (keymgmt->settable_params == NULL)
         return NULL;
-    return keymgmt->settable_params();
+    return keymgmt->settable_params(provctx);
 }
 
 int evp_keymgmt_has(const EVP_KEYMGMT *keymgmt, void *keydata, int selection)
diff --git a/crypto/evp/mac_meth.c b/crypto/evp/mac_meth.c
index d96383a961..7d02861c7c 100644
--- a/crypto/evp/mac_meth.c
+++ b/crypto/evp/mac_meth.c
@@ -176,21 +176,21 @@ const OSSL_PARAM *EVP_MAC_gettable_params(const EVP_MAC *mac)
 {
     if (mac->gettable_params == NULL)
         return NULL;
-    return mac->gettable_params();
+    return mac->gettable_params(ossl_provider_ctx(EVP_MAC_provider(mac)));
 }
 
 const OSSL_PARAM *EVP_MAC_gettable_ctx_params(const EVP_MAC *mac)
 {
     if (mac->gettable_ctx_params == NULL)
         return NULL;
-    return mac->gettable_ctx_params();
+    return mac->gettable_ctx_params(ossl_provider_ctx(EVP_MAC_provider(mac)));
 }
 
 const OSSL_PARAM *EVP_MAC_settable_ctx_params(const EVP_MAC *mac)
 {
     if (mac->settable_ctx_params == NULL)
         return NULL;
-    return mac->settable_ctx_params();
+    return mac->settable_ctx_params(ossl_provider_ctx(EVP_MAC_provider(mac)));
 }
 
 void EVP_MAC_do_all_provided(OPENSSL_CTX *libctx,
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 52c304227b..17e73e05ba 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -631,35 +631,55 @@ int EVP_PKEY_CTX_get_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params)
 #ifndef FIPS_MODULE
 const OSSL_PARAM *EVP_PKEY_CTX_gettable_params(EVP_PKEY_CTX *ctx)
 {
+    void *provctx;
+
     if (EVP_PKEY_CTX_IS_DERIVE_OP(ctx)
             && ctx->op.kex.exchange != NULL
-            && ctx->op.kex.exchange->gettable_ctx_params != NULL)
-        return ctx->op.kex.exchange->gettable_ctx_params();
+            && ctx->op.kex.exchange->gettable_ctx_params != NULL) {
+        provctx = ossl_provider_ctx(EVP_KEYEXCH_provider(ctx->op.kex.exchange));
+        return ctx->op.kex.exchange->gettable_ctx_params(provctx);
+    }
     if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
             && ctx->op.sig.signature != NULL
-            && ctx->op.sig.signature->gettable_ctx_params != NULL)
-        return ctx->op.sig.signature->gettable_ctx_params();
+            && ctx->op.sig.signature->gettable_ctx_params != NULL) {
+        provctx = ossl_provider_ctx(
+                      EVP_SIGNATURE_provider(ctx->op.sig.signature));
+        return ctx->op.sig.signature->gettable_ctx_params(provctx);
+    }
     if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
             && ctx->op.ciph.cipher != NULL
-            && ctx->op.ciph.cipher->gettable_ctx_params != NULL)
-        return ctx->op.ciph.cipher->gettable_ctx_params();
+            && ctx->op.ciph.cipher->gettable_ctx_params != NULL) {
+        provctx = ossl_provider_ctx(
+                      EVP_ASYM_CIPHER_provider(ctx->op.ciph.cipher));
+        return ctx->op.ciph.cipher->gettable_ctx_params(provctx);
+    }
     return NULL;
 }
 
 const OSSL_PARAM *EVP_PKEY_CTX_settable_params(EVP_PKEY_CTX *ctx)
 {
+    void *provctx;
+
     if (EVP_PKEY_CTX_IS_DERIVE_OP(ctx)
             && ctx->op.kex.exchange != NULL
-            && ctx->op.kex.exchange->settable_ctx_params != NULL)
-        return ctx->op.kex.exchange->settable_ctx_params();
+            && ctx->op.kex.exchange->settable_ctx_params != NULL) {
+        provctx = ossl_provider_ctx(EVP_KEYEXCH_provider(ctx->op.kex.exchange));
+        return ctx->op.kex.exchange->settable_ctx_params(provctx);
+    }
     if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
             && ctx->op.sig.signature != NULL
-            && ctx->op.sig.signature->settable_ctx_params != NULL)
-        return ctx->op.sig.signature->settable_ctx_params();
+            && ctx->op.sig.signature->settable_ctx_params != NULL) {
+        provctx = ossl_provider_ctx(
+                      EVP_SIGNATURE_provider(ctx->op.sig.signature));
+        return ctx->op.sig.signature->settable_ctx_params(provctx);
+    }
     if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
             && ctx->op.ciph.cipher != NULL
-            && ctx->op.ciph.cipher->settable_ctx_params != NULL)
-        return ctx->op.ciph.cipher->settable_ctx_params();
+            && ctx->op.ciph.cipher->settable_ctx_params != NULL) {
+        provctx = ossl_provider_ctx(
+                      EVP_ASYM_CIPHER_provider(ctx->op.ciph.cipher));
+        return ctx->op.ciph.cipher->settable_ctx_params(provctx);
+    }
     if (EVP_PKEY_CTX_IS_GEN_OP(ctx)
             && ctx->keymgmt != NULL)
         return evp_keymgmt_gen_settable_params(ctx->keymgmt);
diff --git a/crypto/serializer/deserializer_meth.c b/crypto/serializer/deserializer_meth.c
index 4739c2956d..69099f5e95 100644
--- a/crypto/serializer/deserializer_meth.c
+++ b/crypto/serializer/deserializer_meth.c
@@ -452,7 +452,8 @@ const OSSL_PARAM *
 OSSL_DESERIALIZER_gettable_params(OSSL_DESERIALIZER *deser)
 {
     if (deser != NULL && deser->gettable_params != NULL)
-        return deser->gettable_params();
+        return deser->gettable_params(
+                   ossl_provider_ctx(OSSL_DESERIALIZER_provider(deser)));
     return NULL;
 }
 
@@ -467,7 +468,8 @@ const OSSL_PARAM *
 OSSL_DESERIALIZER_settable_ctx_params(OSSL_DESERIALIZER *deser)
 {
     if (deser != NULL && deser->settable_ctx_params != NULL)
-        return deser->settable_ctx_params();
+        return deser->settable_ctx_params(
+                   ossl_provider_ctx(OSSL_DESERIALIZER_provider(deser)));
     return NULL;
 }
 
diff --git a/crypto/serializer/serializer_meth.c b/crypto/serializer/serializer_meth.c
index c2ff1c0dca..1489fff890 100644
--- a/crypto/serializer/serializer_meth.c
+++ b/crypto/serializer/serializer_meth.c
@@ -444,7 +444,8 @@ void OSSL_SERIALIZER_names_do_all(const OSSL_SERIALIZER *ser,
 const OSSL_PARAM *OSSL_SERIALIZER_settable_ctx_params(OSSL_SERIALIZER *ser)
 {
     if (ser != NULL && ser->settable_ctx_params != NULL)
-        return ser->settable_ctx_params();
+        return ser->settable_ctx_params(
+                   ossl_provider_ctx(OSSL_SERIALIZER_provider(ser)));
     return NULL;
 }
 
diff --git a/doc/man7/provider-asym_cipher.pod b/doc/man7/provider-asym_cipher.pod
index fa56391a04..5531a08f37 100644
--- a/doc/man7/provider-asym_cipher.pod
+++ b/doc/man7/provider-asym_cipher.pod
@@ -36,9 +36,9 @@ provider-asym_cipher - The asym_cipher library E<lt>-E<gt> provider functions
 
  /* Asymmetric Cipher parameters */
  int OSSL_FUNC_asym_cipher_get_ctx_params(void *ctx, OSSL_PARAM params[]);
- const OSSL_PARAM *OSSL_FUNC_asym_cipher_gettable_ctx_params(void);
+ const OSSL_PARAM *OSSL_FUNC_asym_cipher_gettable_ctx_params(void *provctx);
  int OSSL_FUNC_asym_cipher_set_ctx_params(void *ctx, const OSSL_PARAM params[]);
- const OSSL_PARAM *OSSL_FUNC_asym_cipher_settable_ctx_params(void);
+ const OSSL_PARAM *OSSL_FUNC_asym_cipher_settable_ctx_params(void *provctx);
 
 =head1 DESCRIPTION
 
diff --git a/doc/man7/provider-cipher.pod b/doc/man7/provider-cipher.pod
index 83f1768302..ee159ff7eb 100644
--- a/doc/man7/provider-cipher.pod
+++ b/doc/man7/provider-cipher.pod
@@ -37,11 +37,11 @@ provider-cipher - The cipher library E<lt>-E<gt> provider functions
                              size_t outsize, const unsigned char *in, size_t inl);
 
  /* Cipher parameter descriptors */
- const OSSL_PARAM *OSSL_FUNC_cipher_gettable_params(void);
+ const OSSL_PARAM *OSSL_FUNC_cipher_gettable_params(void *provctx);
 
  /* Cipher operation parameter descriptors */
- const OSSL_PARAM *OSSL_FUNC_cipher_gettable_ctx_params(void);
- const OSSL_PARAM *OSSL_FUNC_cipher_settable_ctx_params(void);
+ const OSSL_PARAM *OSSL_FUNC_cipher_gettable_ctx_params(void *provctx);
+ const OSSL_PARAM *OSSL_FUNC_cipher_settable_ctx_params(void *provctx);
 
  /* Cipher parameters */
  int OSSL_FUNC_cipher_get_params(OSSL_PARAM params[]);
diff --git a/doc/man7/provider-digest.pod b/doc/man7/provider-digest.pod
index c350148471..1c09ee3c40 100644
--- a/doc/man7/provider-digest.pod
+++ b/doc/man7/provider-digest.pod
@@ -30,11 +30,11 @@ provider-digest - The digest library E<lt>-E<gt> provider functions
                              unsigned char *out, size_t *outl, size_t outsz);
 
  /* Digest parameter descriptors */
- const OSSL_PARAM *OSSL_FUNC_digest_gettable_params(void);
+ const OSSL_PARAM *OSSL_FUNC_digest_gettable_params(void *provctx);
 
  /* Digest operation parameter descriptors */
- const OSSL_PARAM *OSSL_FUNC_digest_gettable_ctx_params(void);
- const OSSL_PARAM *OSSL_FUNC_digest_settable_ctx_params(void);
+ const OSSL_PARAM *OSSL_FUNC_digest_gettable_ctx_params(void *provctx);
+ const OSSL_PARAM *OSSL_FUNC_digest_settable_ctx_params(void *provctx);
 
  /* Digest parameters */
  int OSSL_FUNC_digest_get_params(OSSL_PARAM params[]);
diff --git a/doc/man7/provider-keyexch.pod b/doc/man7/provider-keyexch.pod
index f69979aa13..01a8ec5e4d 100644
--- a/doc/man7/provider-keyexch.pod
+++ b/doc/man7/provider-keyexch.pod
@@ -30,9 +30,9 @@ provider-keyexch - The keyexch library E<lt>-E<gt> provider functions
 
  /* Key Exchange parameters */
  int OSSL_FUNC_keyexch_set_ctx_params(void *ctx, const OSSL_PARAM params[]);
- const OSSL_PARAM *OSSL_FUNC_keyexch_settable_ctx_params(void);
+ const OSSL_PARAM *OSSL_FUNC_keyexch_settable_ctx_params(void *provctx);
  int OSSL_FUNC_keyexch_get_ctx_params(void *ctx, OSSL_PARAM params[]);
- const OSSL_PARAM *OSSL_FUNC_keyexch_gettable_ctx_params(void);
+ const OSSL_PARAM *OSSL_FUNC_keyexch_gettable_ctx_params(void *provctx);
 
 =head1 DESCRIPTION
 
diff --git a/doc/man7/provider-keymgmt.pod b/doc/man7/provider-keymgmt.pod
index 43743798ac..fdb1bf7794 100644
--- a/doc/man7/provider-keymgmt.pod
+++ b/doc/man7/provider-keymgmt.pod
@@ -31,9 +31,9 @@ provider-keymgmt - The KEYMGMT library E<lt>-E<gt> provider functions
 
  /* Key object information */
  int OSSL_FUNC_keymgmt_get_params(void *keydata, OSSL_PARAM params[]);
- const OSSL_PARAM *OSSL_FUNC_keymgmt_gettable_params(void);
+ const OSSL_PARAM *OSSL_FUNC_keymgmt_gettable_params(void *provctx);
  int OSSL_FUNC_keymgmt_set_params(void *keydata, const OSSL_PARAM params[]);
- const OSSL_PARAM *OSSL_FUNC_keymgmt_settable_params(void);
+ const OSSL_PARAM *OSSL_FUNC_keymgmt_settable_params(void *provctx);
 
  /* Key object content checks */
  int OSSL_FUNC_keymgmt_has(void *keydata, int selection);
diff --git a/doc/man7/provider-mac.pod b/doc/man7/provider-mac.pod
index 2d34716be4..f89b1fe0e2 100644
--- a/doc/man7/provider-mac.pod
+++ b/doc/man7/provider-mac.pod
@@ -28,9 +28,9 @@ provider-mac - The mac library E<lt>-E<gt> provider functions
  int OSSL_FUNC_mac_final(void *mctx, unsigned char *out, size_t *outl, size_t outsize);
 
  /* MAC parameter descriptors */
- const OSSL_PARAM *OSSL_FUNC_mac_get_params(void);
- const OSSL_PARAM *OSSL_FUNC_mac_get_ctx_params(void);
- const OSSL_PARAM *OSSL_FUNC_mac_set_ctx_params(void);
+ const OSSL_PARAM *OSSL_FUNC_mac_get_params(void *provctx);
+ const OSSL_PARAM *OSSL_FUNC_mac_get_ctx_params(void *provctx);
+ const OSSL_PARAM *OSSL_FUNC_mac_set_ctx_params(void *provctx);
 
  /* MAC parameters */
  int OSSL_FUNC_mac_get_params(OSSL_PARAM params[]);
diff --git a/doc/man7/provider-rand.pod b/doc/man7/provider-rand.pod
index fb6f436b7c..d6e538ec87 100644
--- a/doc/man7/provider-rand.pod
+++ b/doc/man7/provider-rand.pod
@@ -50,9 +50,9 @@ functions
  void OSSL_FUNC_rand_unlock(void *ctx);
 
  /* RAND parameter descriptors */
- const OSSL_PARAM *OSSL_FUNC_rand_gettable_params(void);
- const OSSL_PARAM *OSSL_FUNC_rand_gettable_ctx_params(void);
- const OSSL_PARAM *OSSL_FUNC_rand_settable_ctx_params(void);
+ const OSSL_PARAM *OSSL_FUNC_rand_gettable_params(void *provctx);
+ const OSSL_PARAM *OSSL_FUNC_rand_gettable_ctx_params(void *provctx);
+ const OSSL_PARAM *OSSL_FUNC_rand_settable_ctx_params(void *provctx);
 
  /* RAND parameters */
  int OSSL_FUNC_rand_get_params(OSSL_PARAM params[]);
diff --git a/doc/man7/provider-serializer.pod b/doc/man7/provider-serializer.pod
index e97c9766d9..0c1662837f 100644
--- a/doc/man7/provider-serializer.pod
+++ b/doc/man7/provider-serializer.pod
@@ -24,7 +24,7 @@ Future development will also include deserializing functions.
  void *OSSL_FUNC_serializer_newctx(void *provctx);
  void OSSL_FUNC_serializer_freectx(void *ctx);
  int OSSL_FUNC_serializer_set_ctx_params(void *ctx, const OSSL_PARAM params[]);
- const OSSL_PARAM *OSSL_FUNC_serializer_settable_ctx_params(void)
+ const OSSL_PARAM *OSSL_FUNC_serializer_settable_ctx_params(void *provctx)
 
  /* Functions to serialize object data */
  int OSSL_FUNC_serializer_serialize_data(void *ctx, const OSSL_PARAM *data,
diff --git a/doc/man7/provider-signature.pod b/doc/man7/provider-signature.pod
index 38d06bdce8..bf10b6572c 100644
--- a/doc/man7/provider-signature.pod
+++ b/doc/man7/provider-signature.pod
@@ -64,9 +64,9 @@ provider-signature - The signature library E<lt>-E<gt> provider functions
 
  /* Signature parameters */
  int OSSL_FUNC_signature_get_ctx_params(void *ctx, OSSL_PARAM params[]);
- const OSSL_PARAM *OSSL_FUNC_signature_gettable_ctx_params(void);
+ const OSSL_PARAM *OSSL_FUNC_signature_gettable_ctx_params(void *provctx);
  int OSSL_FUNC_signature_set_ctx_params(void *ctx, const OSSL_PARAM params[]);
- const OSSL_PARAM *OSSL_FUNC_signature_settable_ctx_params(void);
+ const OSSL_PARAM *OSSL_FUNC_signature_settable_ctx_params(void *provctx);
 
  /* MD parameters */
  int OSSL_FUNC_signature_get_ctx_md_params(void *ctx, OSSL_PARAM params[]);
diff --git a/include/openssl/core_dispatch.h b/include/openssl/core_dispatch.h
index c3f6c88f46..98f71cf25b 100644
--- a/include/openssl/core_dispatch.h
+++ b/include/openssl/core_dispatch.h
@@ -229,9 +229,12 @@ OSSL_CORE_MAKE_FUNC(int, digest_set_ctx_params,
                     (void *vctx, const OSSL_PARAM params[]))
 OSSL_CORE_MAKE_FUNC(int, digest_get_ctx_params,
                     (void *vctx, OSSL_PARAM params[]))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, digest_gettable_params, (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, digest_settable_ctx_params, (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, digest_gettable_ctx_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, digest_gettable_params,
+                    (void *provctx))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, digest_settable_ctx_params,
+                    (void *provctx))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, digest_gettable_ctx_params,
+                    (void *provctx))
 
 /* Symmetric Ciphers */
 
@@ -279,9 +282,12 @@ OSSL_CORE_MAKE_FUNC(int, cipher_get_ctx_params, (void *cctx,
                                                     OSSL_PARAM params[]))
 OSSL_CORE_MAKE_FUNC(int, cipher_set_ctx_params, (void *cctx,
                                                     const OSSL_PARAM params[]))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, cipher_gettable_params,     (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, cipher_settable_ctx_params, (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, cipher_gettable_ctx_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, cipher_gettable_params,
+                    (void *provctx))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, cipher_settable_ctx_params,
+                    (void *provctx))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, cipher_gettable_ctx_params,
+                    (void *provctx))
 
 /* MACs */
 
@@ -308,9 +314,11 @@ OSSL_CORE_MAKE_FUNC(int, mac_update,
 OSSL_CORE_MAKE_FUNC(int, mac_final,
                     (void *mctx,
                      unsigned char *out, size_t *outl, size_t outsize))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, mac_gettable_params, (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, mac_gettable_ctx_params, (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, mac_settable_ctx_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, mac_gettable_params, (void *provctx))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, mac_gettable_ctx_params,
+                    (void *provctx))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, mac_settable_ctx_params,
+                    (void *provctx))
 OSSL_CORE_MAKE_FUNC(int, mac_get_params, (OSSL_PARAM params[]))
 OSSL_CORE_MAKE_FUNC(int, mac_get_ctx_params,
                     (void *mctx, OSSL_PARAM params[]))
@@ -337,9 +345,11 @@ OSSL_CORE_MAKE_FUNC(void, kdf_freectx, (void *kctx))
 OSSL_CORE_MAKE_FUNC(void, kdf_reset, (void *kctx))
 OSSL_CORE_MAKE_FUNC(int, kdf_derive, (void *kctx, unsigned char *key,
                                           size_t keylen))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, kdf_gettable_params, (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, kdf_gettable_ctx_params, (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, kdf_settable_ctx_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, kdf_gettable_params, (void *provctx))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, kdf_gettable_ctx_params,
+                    (void *provctx))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, kdf_settable_ctx_params,
+                    (void *provctx))
 OSSL_CORE_MAKE_FUNC(int, kdf_get_params, (OSSL_PARAM params[]))
 OSSL_CORE_MAKE_FUNC(int, kdf_get_ctx_params,
                     (void *kctx, OSSL_PARAM params[]))
@@ -390,9 +400,11 @@ OSSL_CORE_MAKE_FUNC(size_t,rand_nonce,
 OSSL_CORE_MAKE_FUNC(int,rand_enable_locking, (void *vctx))
 OSSL_CORE_MAKE_FUNC(int,rand_lock, (void *vctx))
 OSSL_CORE_MAKE_FUNC(void,rand_unlock, (void *vctx))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,rand_gettable_params, (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,rand_gettable_ctx_params, (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,rand_settable_ctx_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,rand_gettable_params, (void *provctx))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,rand_gettable_ctx_params,
+                    (void *provctx))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,rand_settable_ctx_params,
+                    (void *provctx))
 OSSL_CORE_MAKE_FUNC(int,rand_get_params, (OSSL_PARAM params[]))
 OSSL_CORE_MAKE_FUNC(int,rand_get_ctx_params,
                     (void *vctx, OSSL_PARAM params[]))
@@ -497,13 +509,13 @@ OSSL_CORE_MAKE_FUNC(void, keymgmt_free, (void *keydata))
 #define OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS             12
 OSSL_CORE_MAKE_FUNC(int, keymgmt_get_params,
                     (void *keydata, OSSL_PARAM params[]))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keymgmt_gettable_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keymgmt_gettable_params, (void *))
 
 #define OSSL_FUNC_KEYMGMT_SET_PARAMS                  13
 #define OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS             14
 OSSL_CORE_MAKE_FUNC(int, keymgmt_set_params,
                     (void *keydata, const OSSL_PARAM params[]))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keymgmt_settable_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keymgmt_settable_params, (void *))
 
 /* Key checks - discovery of supported operations */
 # define OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME       20
@@ -568,11 +580,11 @@ OSSL_CORE_MAKE_FUNC(void *, keyexch_dupctx, (void *ctx))
 OSSL_CORE_MAKE_FUNC(int, keyexch_set_ctx_params, (void *ctx,
                                                      const OSSL_PARAM params[]))
 OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keyexch_settable_ctx_params,
-                    (void))
+                    (void *provctx))
 OSSL_CORE_MAKE_FUNC(int, keyexch_get_ctx_params, (void *ctx,
                                                      OSSL_PARAM params[]))
 OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keyexch_gettable_ctx_params,
-                    (void))
+                    (void *provctx))
 
 /* Signature */
 
@@ -647,11 +659,11 @@ OSSL_CORE_MAKE_FUNC(void *, signature_dupctx, (void *ctx))
 OSSL_CORE_MAKE_FUNC(int, signature_get_ctx_params,
                     (void *ctx, OSSL_PARAM params[]))
 OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, signature_gettable_ctx_params,
-                    (void))
+                    (void *provctx))
 OSSL_CORE_MAKE_FUNC(int, signature_set_ctx_params,
                     (void *ctx, const OSSL_PARAM params[]))
 OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, signature_settable_ctx_params,
-                    (void))
+                    (void *provctx))
 OSSL_CORE_MAKE_FUNC(int, signature_get_ctx_md_params,
                     (void *ctx, OSSL_PARAM params[]))
 OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, signature_gettable_ctx_md_params,
@@ -694,11 +706,11 @@ OSSL_CORE_MAKE_FUNC(void *, asym_cipher_dupctx, (void *ctx))
 OSSL_CORE_MAKE_FUNC(int, asym_cipher_get_ctx_params,
                     (void *ctx, OSSL_PARAM params[]))
 OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, asym_cipher_gettable_ctx_params,
-                    (void))
+                    (void *provctx))
 OSSL_CORE_MAKE_FUNC(int, asym_cipher_set_ctx_params,
                     (void *ctx, const OSSL_PARAM params[]))
 OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, asym_cipher_settable_ctx_params,
-                    (void))
+                    (void *provctx))
 
 /* Serializers and deserializers */
 # define OSSL_FUNC_SERIALIZER_NEWCTX                1
@@ -712,7 +724,7 @@ OSSL_CORE_MAKE_FUNC(void, serializer_freectx, (void *ctx))
 OSSL_CORE_MAKE_FUNC(int, serializer_set_ctx_params,
                     (void *ctx, const OSSL_PARAM params[]))
 OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, serializer_settable_ctx_params,
-                    (void))
+                    (void *provctx))
 
 OSSL_CORE_MAKE_FUNC(int, serializer_serialize_data,
                     (void *ctx, const OSSL_PARAM[], OSSL_CORE_BIO *out,
@@ -732,11 +744,12 @@ OSSL_CORE_MAKE_FUNC(int, serializer_serialize_object,
 OSSL_CORE_MAKE_FUNC(void *, deserializer_newctx, (void *provctx))
 OSSL_CORE_MAKE_FUNC(void, deserializer_freectx, (void *ctx))
 OSSL_CORE_MAKE_FUNC(int, deserializer_get_params, (OSSL_PARAM params[]))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, deserializer_gettable_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, deserializer_gettable_params,
+                    (void *provctx))
 OSSL_CORE_MAKE_FUNC(int, deserializer_set_ctx_params,
                     (void *ctx, const OSSL_PARAM params[]))
 OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, deserializer_settable_ctx_params,
-                    (void))
+                    (void *provctx))
 
 OSSL_CORE_MAKE_FUNC(int, deserializer_deserialize,
                     (void *ctx, OSSL_CORE_BIO *in,
diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c
index 8a5cd5cdc3..2528cd2dc4 100644
--- a/providers/implementations/asymciphers/rsa_enc.c
+++ b/providers/implementations/asymciphers/rsa_enc.c
@@ -382,7 +382,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *rsa_gettable_ctx_params(void)
+static const OSSL_PARAM *rsa_gettable_ctx_params(void *provctx)
 {
     return known_gettable_ctx_params;
 }
@@ -526,7 +526,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *rsa_settable_ctx_params(void)
+static const OSSL_PARAM *rsa_settable_ctx_params(void *provctx)
 {
     return known_settable_ctx_params;
 }
diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c
index 046a66c56d..6cf6a1b111 100644
--- a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c
+++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c
@@ -59,7 +59,7 @@ static const OSSL_PARAM cipher_aes_known_settable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
     OSSL_PARAM_END
 };
-const OSSL_PARAM *aes_settable_ctx_params(void)
+const OSSL_PARAM *aes_settable_ctx_params(void *provctx)
 {
     return cipher_aes_known_settable_ctx_params;
 }
@@ -250,7 +250,7 @@ static const OSSL_PARAM cipher_aes_known_gettable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0),
     OSSL_PARAM_END
 };
-const OSSL_PARAM *aes_gettable_ctx_params(void)
+const OSSL_PARAM *aes_gettable_ctx_params(void *provctx)
 {
     return cipher_aes_known_gettable_ctx_params;
 }
diff --git a/providers/implementations/ciphers/cipher_aes_ocb.c b/providers/implementations/ciphers/cipher_aes_ocb.c
index 230b353c50..162945f922 100644
--- a/providers/implementations/ciphers/cipher_aes_ocb.c
+++ b/providers/implementations/ciphers/cipher_aes_ocb.c
@@ -39,6 +39,8 @@ static OSSL_FUNC_cipher_freectx_fn aes_ocb_freectx;
 static OSSL_FUNC_cipher_dupctx_fn aes_ocb_dupctx;
 static OSSL_FUNC_cipher_get_ctx_params_fn aes_ocb_get_ctx_params;
 static OSSL_FUNC_cipher_set_ctx_params_fn aes_ocb_set_ctx_params;
+static OSSL_FUNC_cipher_gettable_ctx_params_fn cipher_ocb_gettable_ctx_params;
+static OSSL_FUNC_cipher_settable_ctx_params_fn cipher_ocb_settable_ctx_params;
 
 /*
  * The following methods could be moved into PROV_AES_OCB_HW if
@@ -437,7 +439,7 @@ static const OSSL_PARAM cipher_ocb_known_gettable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *cipher_ocb_gettable_ctx_params(void)
+static const OSSL_PARAM *cipher_ocb_gettable_ctx_params(void *provctx)
 {
     return cipher_ocb_known_gettable_ctx_params;
 }
@@ -448,7 +450,7 @@ static const OSSL_PARAM cipher_ocb_known_settable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *cipher_ocb_settable_ctx_params(void)
+static const OSSL_PARAM *cipher_ocb_settable_ctx_params(void *provctx)
 {
     return cipher_ocb_known_settable_ctx_params;
 }
@@ -513,4 +515,3 @@ const OSSL_DISPATCH aes##kbits##mode##_functions[] = {                         \
 IMPLEMENT_cipher(ocb, OCB, AES_OCB_FLAGS, 256, 128, OCB_DEFAULT_IV_LEN * 8);
 IMPLEMENT_cipher(ocb, OCB, AES_OCB_FLAGS, 192, 128, OCB_DEFAULT_IV_LEN * 8);
 IMPLEMENT_cipher(ocb, OCB, AES_OCB_FLAGS, 128, 128, OCB_DEFAULT_IV_LEN * 8);
-
diff --git a/providers/implementations/ciphers/cipher_aes_siv.c b/providers/implementations/ciphers/cipher_aes_siv.c
index 84c078da82..2432c6a280 100644
--- a/providers/implementations/ciphers/cipher_aes_siv.c
+++ b/providers/implementations/ciphers/cipher_aes_siv.c
@@ -166,7 +166,7 @@ static const OSSL_PARAM aes_siv_known_gettable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *aes_siv_gettable_ctx_params(void)
+static const OSSL_PARAM *aes_siv_gettable_ctx_params(void *provctx)
 {
     return aes_siv_known_gettable_ctx_params;
 }
@@ -216,19 +216,33 @@ static const OSSL_PARAM aes_siv_known_settable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *aes_siv_settable_ctx_params(void)
+static const OSSL_PARAM *aes_siv_settable_ctx_params(void *provctx)
 {
     return aes_siv_known_settable_ctx_params;
 }
 
 #define IMPLEMENT_cipher(alg, lc, UCMODE, flags, kbits, blkbits, ivbits)       \
+static OSSL_FUNC_cipher_newctx_fn alg##kbits##lc##_newctx;                     \
+static OSSL_FUNC_cipher_freectx_fn alg##_##lc##_freectx;                       \
+static OSSL_FUNC_cipher_dupctx_fn lc##_dupctx;                                 \
+static OSSL_FUNC_cipher_encrypt_init_fn lc##_einit;                            \
+static OSSL_FUNC_cipher_decrypt_init_fn lc##_dinit;                            \
+static OSSL_FUNC_cipher_update_fn lc##_stream_update;                          \
+static OSSL_FUNC_cipher_final_fn lc##_stream_final;                            \
+static OSSL_FUNC_cipher_cipher_fn lc##_cipher;                                 \
 static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lc##_get_params;       \
+static OSSL_FUNC_cipher_gettable_params_fn alg##_##lc##_gettable_ctx_params;   \
+static OSSL_FUNC_cipher_get_ctx_params_fn alg##_##lc##_get_ctx_params;         \
+static OSSL_FUNC_cipher_gettable_ctx_params_fn                                 \
+            alg##_##lc##_gettable_ctx_params;                                  \
+static OSSL_FUNC_cipher_set_ctx_params_fn alg##_##lc##_set_ctx_params;         \
+static OSSL_FUNC_cipher_settable_ctx_params_fn                                 \
+            alg##_##lc##_settable_ctx_params;                                  \
 static int alg##_##kbits##_##lc##_get_params(OSSL_PARAM params[])              \
 {                                                                              \
     return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE,         \
                                      flags, 2*kbits, blkbits, ivbits);         \
 }                                                                              \
-static OSSL_FUNC_cipher_newctx_fn alg##kbits##lc##_newctx;                     \
 static void * alg##kbits##lc##_newctx(void *provctx)                           \
 {                                                                              \
     return alg##_##lc##_newctx(provctx, 2*kbits, EVP_CIPH_##UCMODE##_MODE,     \
diff --git a/providers/implementations/ciphers/cipher_aes_xts.c b/providers/implementations/ciphers/cipher_aes_xts.c
index f564075abe..5430b6da1b 100644
--- a/providers/implementations/ciphers/cipher_aes_xts.c
+++ b/providers/implementations/ciphers/cipher_aes_xts.c
@@ -211,7 +211,7 @@ static const OSSL_PARAM aes_xts_known_settable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *aes_xts_settable_ctx_params(void)
+static const OSSL_PARAM *aes_xts_settable_ctx_params(void *provctx)
 {
     return aes_xts_known_settable_ctx_params;
 }
diff --git a/providers/implementations/ciphers/cipher_chacha20.c b/providers/implementations/ciphers/cipher_chacha20.c
index 6759b0e0f9..5d5e62870d 100644
--- a/providers/implementations/ciphers/cipher_chacha20.c
+++ b/providers/implementations/ciphers/cipher_chacha20.c
@@ -91,7 +91,7 @@ static const OSSL_PARAM chacha20_known_gettable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL),
     OSSL_PARAM_END
 };
-const OSSL_PARAM *chacha20_gettable_ctx_params(void)
+const OSSL_PARAM *chacha20_gettable_ctx_params(void *provctx)
 {
     return chacha20_known_gettable_ctx_params;
 }
@@ -131,7 +131,7 @@ static const OSSL_PARAM chacha20_known_settable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL),
     OSSL_PARAM_END
 };
-const OSSL_PARAM *chacha20_settable_ctx_params(void)
+const OSSL_PARAM *chacha20_settable_ctx_params(void *provctx)
 {
     return chacha20_known_settable_ctx_params;
 }
diff --git a/providers/implementations/ciphers/cipher_chacha20_poly1305.c b/providers/implementations/ciphers/cipher_chacha20_poly1305.c
index a93f722551..0174337c81 100644
--- a/providers/implementations/ciphers/cipher_chacha20_poly1305.c
+++ b/providers/implementations/ciphers/cipher_chacha20_poly1305.c
@@ -135,7 +135,7 @@ static const OSSL_PARAM chacha20_poly1305_known_gettable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *chacha20_poly1305_gettable_ctx_params(void)
+static const OSSL_PARAM *chacha20_poly1305_gettable_ctx_params(void *provctx)
 {
     return chacha20_poly1305_known_gettable_ctx_params;
 }
diff --git a/providers/implementations/ciphers/cipher_null.c b/providers/implementations/ciphers/cipher_null.c
index 713d29e3e8..c524a83f4a 100644
--- a/providers/implementations/ciphers/cipher_null.c
+++ b/providers/implementations/ciphers/cipher_null.c
@@ -95,7 +95,7 @@ static const OSSL_PARAM null_known_gettable_ctx_params[] = {
 };
 
 static OSSL_FUNC_cipher_gettable_ctx_params_fn null_gettable_ctx_params;
-static const OSSL_PARAM *null_gettable_ctx_params(void)
+static const OSSL_PARAM *null_gettable_ctx_params(void *provctx)
 {
     return null_known_gettable_ctx_params;
 }
@@ -131,7 +131,7 @@ static const OSSL_PARAM null_known_settable_ctx_params[] = {
 };
 
 static OSSL_FUNC_cipher_settable_ctx_params_fn null_settable_ctx_params;
-static const OSSL_PARAM *null_settable_ctx_params(void)
+static const OSSL_PARAM *null_settable_ctx_params(void *provctx)
 {
     return null_known_settable_ctx_params;
 }
diff --git a/providers/implementations/ciphers/cipher_rc4_hmac_md5.c b/providers/implementations/ciphers/cipher_rc4_hmac_md5.c
index d9535e23ce..e17584a0ab 100644
--- a/providers/implementations/ciphers/cipher_rc4_hmac_md5.c
+++ b/providers/implementations/ciphers/cipher_rc4_hmac_md5.c
@@ -72,7 +72,7 @@ static const OSSL_PARAM rc4_hmac_md5_known_gettable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL),
     OSSL_PARAM_END
 };
-const OSSL_PARAM *rc4_hmac_md5_gettable_ctx_params(void)
+const OSSL_PARAM *rc4_hmac_md5_gettable_ctx_params(void *provctx)
 {
     return rc4_hmac_md5_known_gettable_ctx_params;
 }
@@ -107,7 +107,7 @@ static const OSSL_PARAM rc4_hmac_md5_known_settable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, NULL, 0),
     OSSL_PARAM_END
 };
-const OSSL_PARAM *rc4_hmac_md5_settable_ctx_params(void)
+const OSSL_PARAM *rc4_hmac_md5_settable_ctx_params(void *provctx)
 {
     return rc4_hmac_md5_known_settable_ctx_params;
 }
diff --git a/providers/implementations/ciphers/ciphercommon.c b/providers/implementations/ciphers/ciphercommon.c
index 2d119a7b39..dd25f00db4 100644
--- a/providers/implementations/ciphers/ciphercommon.c
+++ b/providers/implementations/ciphers/ciphercommon.c
@@ -29,7 +29,7 @@ static const OSSL_PARAM cipher_known_gettable_params[] = {
     { OSSL_CIPHER_PARAM_TLS_MAC, OSSL_PARAM_OCTET_PTR, NULL, 0, OSSL_PARAM_UNMODIFIED },
     OSSL_PARAM_END
 };
-const OSSL_PARAM *cipher_generic_gettable_params(void)
+const OSSL_PARAM *cipher_generic_gettable_params(void *provctx)
 {
     return cipher_known_gettable_params;
 }
@@ -117,7 +117,7 @@ static const OSSL_PARAM cipher_aead_known_gettable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_GET_IV_GEN, NULL, 0),
     OSSL_PARAM_END
 };
-const OSSL_PARAM *cipher_aead_gettable_ctx_params(void)
+const OSSL_PARAM *cipher_aead_gettable_ctx_params(void *provctx)
 {
     return cipher_aead_known_gettable_ctx_params;
 }
@@ -130,7 +130,7 @@ static const OSSL_PARAM cipher_aead_known_settable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_SET_IV_INV, NULL, 0),
     OSSL_PARAM_END
 };
-const OSSL_PARAM *cipher_aead_settable_ctx_params(void)
+const OSSL_PARAM *cipher_aead_settable_ctx_params(void *provctx)
 {
     return cipher_aead_known_settable_ctx_params;
 }
diff --git a/providers/implementations/digests/digestcommon.c b/providers/implementations/digests/digestcommon.c
index 9d30b2be2c..d4910e121d 100644
--- a/providers/implementations/digests/digestcommon.c
+++ b/providers/implementations/digests/digestcommon.c
@@ -40,7 +40,7 @@ static const OSSL_PARAM digest_default_known_gettable_params[] = {
     OSSL_PARAM_ulong(OSSL_DIGEST_PARAM_FLAGS, NULL),
     OSSL_PARAM_END
 };
-const OSSL_PARAM *digest_default_gettable_params(void)
+const OSSL_PARAM *digest_default_gettable_params(void *provctx)
 {
     return digest_default_known_gettable_params;
 }
diff --git a/providers/implementations/digests/md5_sha1_prov.c b/providers/implementations/digests/md5_sha1_prov.c
index c5dc4a36ce..632fb4a8d0 100644
--- a/providers/implementations/digests/md5_sha1_prov.c
+++ b/providers/implementations/digests/md5_sha1_prov.c
@@ -30,7 +30,7 @@ static const OSSL_PARAM known_md5_sha1_settable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *md5_sha1_settable_ctx_params(void)
+static const OSSL_PARAM *md5_sha1_settable_ctx_params(void *provctx)
 {
     return known_md5_sha1_settable_ctx_params;
 }
diff --git a/providers/implementations/digests/mdc2_prov.c b/providers/implementations/digests/mdc2_prov.c
index 51958f7cf7..b1d3b5c0ff 100644
--- a/providers/implementations/digests/mdc2_prov.c
+++ b/providers/implementations/digests/mdc2_prov.c
@@ -30,7 +30,7 @@ static const OSSL_PARAM known_mdc2_settable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *mdc2_settable_ctx_params(void)
+static const OSSL_PARAM *mdc2_settable_ctx_params(void *provctx)
 {
     return known_mdc2_settable_ctx_params;
 }
diff --git a/providers/implementations/digests/sha2_prov.c b/providers/implementations/digests/sha2_prov.c
index 5a73940b87..94ec269728 100644
--- a/providers/implementations/digests/sha2_prov.c
+++ b/providers/implementations/digests/sha2_prov.c
@@ -31,7 +31,7 @@ static const OSSL_PARAM known_sha1_settable_ctx_params[] = {
     {OSSL_DIGEST_PARAM_SSL3_MS, OSSL_PARAM_OCTET_STRING, NULL, 0, 0},
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *sha1_settable_ctx_params(void)
+static const OSSL_PARAM *sha1_settable_ctx_params(void *provctx)
 {
     return known_sha1_settable_ctx_params;
 }
diff --git a/providers/implementations/digests/sha3_prov.c b/providers/implementations/digests/sha3_prov.c
index d7c7e8e44b..0703dbe9e0 100644
--- a/providers/implementations/digests/sha3_prov.c
+++ b/providers/implementations/digests/sha3_prov.c
@@ -250,7 +250,7 @@ static const OSSL_PARAM known_shake_settable_ctx_params[] = {
     {OSSL_DIGEST_PARAM_XOFLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL, 0, 0},
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *shake_settable_ctx_params(void)
+static const OSSL_PARAM *shake_settable_ctx_params(void *provctx)
 {
     return known_shake_settable_ctx_params;
 }
diff --git a/providers/implementations/exchange/dh_exch.c b/providers/implementations/exchange/dh_exch.c
index 765ab2e89a..c0cb378c12 100644
--- a/providers/implementations/exchange/dh_exch.c
+++ b/providers/implementations/exchange/dh_exch.c
@@ -163,7 +163,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *dh_settable_ctx_params(void)
+static const OSSL_PARAM *dh_settable_ctx_params(void *provctx)
 {
     return known_settable_ctx_params;
 }
diff --git a/providers/implementations/exchange/ecdh_exch.c b/providers/implementations/exchange/ecdh_exch.c
index ba28d5102e..d2d7f7ed07 100644
--- a/providers/implementations/exchange/ecdh_exch.c
+++ b/providers/implementations/exchange/ecdh_exch.c
@@ -279,7 +279,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
 };
 
 static
-const OSSL_PARAM *ecdh_settable_ctx_params(void)
+const OSSL_PARAM *ecdh_settable_ctx_params(void *provctx)
 {
     return known_settable_ctx_params;
 }
@@ -360,7 +360,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
 };
 
 static
-const OSSL_PARAM *ecdh_gettable_ctx_params(void)
+const OSSL_PARAM *ecdh_gettable_ctx_params(void *provctx)
 {
     return known_gettable_ctx_params;
 }
diff --git a/providers/implementations/include/prov/ciphercommon.h b/providers/implementations/include/prov/ciphercommon.h
index 7e8143fae0..43cec3cc2b 100644
--- a/providers/implementations/include/prov/ciphercommon.h
+++ b/providers/implementations/include/prov/ciphercommon.h
@@ -319,7 +319,7 @@ static const OSSL_PARAM name##_known_gettable_ctx_params[] = {                 \
 #define CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(name)                           \
     OSSL_PARAM_END                                                             \
 };                                                                             \
-const OSSL_PARAM * name##_gettable_ctx_params(void)                            \
+const OSSL_PARAM * name##_gettable_ctx_params(void *provctx)                   \
 {                                                                              \
     return name##_known_gettable_ctx_params;                                   \
 }
@@ -331,7 +331,7 @@ static const OSSL_PARAM name##_known_settable_ctx_params[] = {                 \
 #define CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(name)                           \
     OSSL_PARAM_END                                                             \
 };                                                                             \
-const OSSL_PARAM * name##_settable_ctx_params(void)                            \
+const OSSL_PARAM * name##_settable_ctx_params(void *provctx)                   \
 {                                                                              \
     return name##_known_settable_ctx_params;                                   \
 }
diff --git a/providers/implementations/include/prov/digestcommon.h b/providers/implementations/include/prov/digestcommon.h
index e6461d9d10..7d3d5f1e23 100644
--- a/providers/implementations/include/prov/digestcommon.h
+++ b/providers/implementations/include/prov/digestcommon.h
@@ -93,7 +93,7 @@ PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_START(name, CTX, blksize, dgstsize, flags, \
 PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_END
 
 
-const OSSL_PARAM *digest_default_gettable_params(void);
+const OSSL_PARAM *digest_default_gettable_params(void *provctx);
 int digest_default_get_params(OSSL_PARAM params[], size_t blksz, size_t paramsz,
                               unsigned long flags);
 
diff --git a/providers/implementations/kdfs/hkdf.c b/providers/implementations/kdfs/hkdf.c
index 0b1a6e9b7e..fa1e1bcad0 100644
--- a/providers/implementations/kdfs/hkdf.c
+++ b/providers/implementations/kdfs/hkdf.c
@@ -225,7 +225,7 @@ static int kdf_hkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return 1;
 }
 
-static const OSSL_PARAM *kdf_hkdf_settable_ctx_params(void)
+static const OSSL_PARAM *kdf_hkdf_settable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_MODE, NULL, 0),
@@ -250,7 +250,7 @@ static int kdf_hkdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
     return -2;
 }
 
-static const OSSL_PARAM *kdf_hkdf_gettable_ctx_params(void)
+static const OSSL_PARAM *kdf_hkdf_gettable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
diff --git a/providers/implementations/kdfs/kbkdf.c b/providers/implementations/kdfs/kbkdf.c
index d25da76d17..2801f25a7f 100644
--- a/providers/implementations/kdfs/kbkdf.c
+++ b/providers/implementations/kdfs/kbkdf.c
@@ -76,6 +76,8 @@ static OSSL_FUNC_kdf_reset_fn kbkdf_reset;
 static OSSL_FUNC_kdf_derive_fn kbkdf_derive;
 static OSSL_FUNC_kdf_settable_ctx_params_fn kbkdf_settable_ctx_params;
 static OSSL_FUNC_kdf_set_ctx_params_fn kbkdf_set_ctx_params;
+static OSSL_FUNC_kdf_gettable_ctx_params_fn kbkdf_gettable_ctx_params;
+static OSSL_FUNC_kdf_get_ctx_params_fn kbkdf_get_ctx_params;
 
 /* Not all platforms have htobe32(). */
 static uint32_t be32(uint32_t host)
@@ -296,7 +298,7 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return 1;
 }
 
-static const OSSL_PARAM *kbkdf_settable_ctx_params(void)
+static const OSSL_PARAM *kbkdf_settable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_octet_string(OSSL_KDF_PARAM_INFO, NULL, 0),
@@ -326,7 +328,7 @@ static int kbkdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
     return OSSL_PARAM_set_size_t(p, SIZE_MAX);
 }
 
-static const OSSL_PARAM *kbkdf_gettable_ctx_params(void)
+static const OSSL_PARAM *kbkdf_gettable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] =
         { OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL), OSSL_PARAM_END };
diff --git a/providers/implementations/kdfs/krb5kdf.c b/providers/implementations/kdfs/krb5kdf.c
index 25462f3c1d..052c3b33d3 100644
--- a/providers/implementations/kdfs/krb5kdf.c
+++ b/providers/implementations/kdfs/krb5kdf.c
@@ -140,7 +140,7 @@ static int krb5kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return 1;
 }
 
-static const OSSL_PARAM *krb5kdf_settable_ctx_params(void)
+static const OSSL_PARAM *krb5kdf_settable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0),
@@ -170,7 +170,7 @@ static int krb5kdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
     return -2;
 }
 
-static const OSSL_PARAM *krb5kdf_gettable_ctx_params(void)
+static const OSSL_PARAM *krb5kdf_gettable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
diff --git a/providers/implementations/kdfs/pbkdf2.c b/providers/implementations/kdfs/pbkdf2.c
index e6956fe155..1bacfc8ab5 100644
--- a/providers/implementations/kdfs/pbkdf2.c
+++ b/providers/implementations/kdfs/pbkdf2.c
@@ -41,6 +41,8 @@ static OSSL_FUNC_kdf_reset_fn kdf_pbkdf2_reset;
 static OSSL_FUNC_kdf_derive_fn kdf_pbkdf2_derive;
 static OSSL_FUNC_kdf_settable_ctx_params_fn kdf_pbkdf2_settable_ctx_params;
 static OSSL_FUNC_kdf_set_ctx_params_fn kdf_pbkdf2_set_ctx_params;
+static OSSL_FUNC_kdf_gettable_ctx_params_fn kdf_pbkdf2_gettable_ctx_params;
+static OSSL_FUNC_kdf_get_ctx_params_fn kdf_pbkdf2_get_ctx_params;
 
 static int  pbkdf2_derive(const char *pass, size_t passlen,
                           const unsigned char *salt, int saltlen, uint64_t iter,
@@ -198,7 +200,7 @@ static int kdf_pbkdf2_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return 1;
 }
 
-static const OSSL_PARAM *kdf_pbkdf2_settable_ctx_params(void)
+static const OSSL_PARAM *kdf_pbkdf2_settable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0),
@@ -221,7 +223,7 @@ static int kdf_pbkdf2_get_ctx_params(void *vctx, OSSL_PARAM params[])
     return -2;
 }
 
-static const OSSL_PARAM *kdf_pbkdf2_gettable_ctx_params(void)
+static const OSSL_PARAM *kdf_pbkdf2_gettable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
diff --git a/providers/implementations/kdfs/scrypt.c b/providers/implementations/kdfs/scrypt.c
index 77869f957d..60ae8f5563 100644
--- a/providers/implementations/kdfs/scrypt.c
+++ b/providers/implementations/kdfs/scrypt.c
@@ -29,6 +29,8 @@ static OSSL_FUNC_kdf_reset_fn kdf_scrypt_reset;
 static OSSL_FUNC_kdf_derive_fn kdf_scrypt_derive;
 static OSSL_FUNC_kdf_settable_ctx_params_fn kdf_scrypt_settable_ctx_params;
 static OSSL_FUNC_kdf_set_ctx_params_fn kdf_scrypt_set_ctx_params;
+static OSSL_FUNC_kdf_gettable_ctx_params_fn kdf_scrypt_gettable_ctx_params;
+static OSSL_FUNC_kdf_get_ctx_params_fn kdf_scrypt_get_ctx_params;
 
 static int scrypt_alg(const char *pass, size_t passlen,
                       const unsigned char *salt, size_t saltlen,
@@ -190,7 +192,7 @@ static int kdf_scrypt_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return 1;
 }
 
-static const OSSL_PARAM *kdf_scrypt_settable_ctx_params(void)
+static const OSSL_PARAM *kdf_scrypt_settable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_octet_string(OSSL_KDF_PARAM_PASSWORD, NULL, 0),
@@ -213,7 +215,7 @@ static int kdf_scrypt_get_ctx_params(void *vctx, OSSL_PARAM params[])
     return -2;
 }
 
-static const OSSL_PARAM *kdf_scrypt_gettable_ctx_params(void)
+static const OSSL_PARAM *kdf_scrypt_gettable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
diff --git a/providers/implementations/kdfs/sshkdf.c b/providers/implementations/kdfs/sshkdf.c
index 72d7c607dc..4fe3e4467f 100644
--- a/providers/implementations/kdfs/sshkdf.c
+++ b/providers/implementations/kdfs/sshkdf.c
@@ -160,7 +160,7 @@ static int kdf_sshkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return 1;
 }
 
-static const OSSL_PARAM *kdf_sshkdf_settable_ctx_params(void)
+static const OSSL_PARAM *kdf_sshkdf_settable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0),
@@ -183,7 +183,7 @@ static int kdf_sshkdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
     return -2;
 }
 
-static const OSSL_PARAM *kdf_sshkdf_gettable_ctx_params(void)
+static const OSSL_PARAM *kdf_sshkdf_gettable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
diff --git a/providers/implementations/kdfs/sskdf.c b/providers/implementations/kdfs/sskdf.c
index 5ef73644f0..5415c72f4f 100644
--- a/providers/implementations/kdfs/sskdf.c
+++ b/providers/implementations/kdfs/sskdf.c
@@ -478,7 +478,7 @@ static int sskdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return 1;
 }
 
-static const OSSL_PARAM *sskdf_settable_ctx_params(void)
+static const OSSL_PARAM *sskdf_settable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_octet_string(OSSL_KDF_PARAM_SECRET, NULL, 0),
@@ -504,7 +504,7 @@ static int sskdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
     return -2;
 }
 
-static const OSSL_PARAM *sskdf_gettable_ctx_params(void)
+static const OSSL_PARAM *sskdf_gettable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
diff --git a/providers/implementations/kdfs/tls1_prf.c b/providers/implementations/kdfs/tls1_prf.c
index 73437531f6..bc7d7fd721 100644
--- a/providers/implementations/kdfs/tls1_prf.c
+++ b/providers/implementations/kdfs/tls1_prf.c
@@ -67,6 +67,8 @@ static OSSL_FUNC_kdf_reset_fn kdf_tls1_prf_reset;
 static OSSL_FUNC_kdf_derive_fn kdf_tls1_prf_derive;
 static OSSL_FUNC_kdf_settable_ctx_params_fn kdf_tls1_prf_settable_ctx_params;
 static OSSL_FUNC_kdf_set_ctx_params_fn kdf_tls1_prf_set_ctx_params;
+static OSSL_FUNC_kdf_gettable_ctx_params_fn kdf_tls1_prf_gettable_ctx_params;
+static OSSL_FUNC_kdf_get_ctx_params_fn kdf_tls1_prf_get_ctx_params;
 
 static int tls1_prf_alg(EVP_MAC_CTX *mdctx, EVP_MAC_CTX *sha1ctx,
                         const unsigned char *sec, size_t slen,
@@ -201,7 +203,7 @@ static int kdf_tls1_prf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return 1;
 }
 
-static const OSSL_PARAM *kdf_tls1_prf_settable_ctx_params(void)
+static const OSSL_PARAM *kdf_tls1_prf_settable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0),
@@ -222,7 +224,7 @@ static int kdf_tls1_prf_get_ctx_params(void *vctx, OSSL_PARAM params[])
     return -2;
 }
 
-static const OSSL_PARAM *kdf_tls1_prf_gettable_ctx_params(void)
+static const OSSL_PARAM *kdf_tls1_prf_gettable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
diff --git a/providers/implementations/kdfs/x942kdf.c b/providers/implementations/kdfs/x942kdf.c
index cf0ad0bcda..9790700bf0 100644
--- a/providers/implementations/kdfs/x942kdf.c
+++ b/providers/implementations/kdfs/x942kdf.c
@@ -402,7 +402,7 @@ static int x942kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return 1;
 }
 
-static const OSSL_PARAM *x942kdf_settable_ctx_params(void)
+static const OSSL_PARAM *x942kdf_settable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0),
@@ -426,7 +426,7 @@ static int x942kdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
     return -2;
 }
 
-static const OSSL_PARAM *x942kdf_gettable_ctx_params(void)
+static const OSSL_PARAM *x942kdf_gettable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c
index 2a8b7f8521..73fcb3fc41 100644
--- a/providers/implementations/keymgmt/dh_kmgmt.c
+++ b/providers/implementations/keymgmt/dh_kmgmt.c
@@ -326,7 +326,7 @@ static const OSSL_PARAM dh_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *dh_gettable_params(void)
+static const OSSL_PARAM *dh_gettable_params(void *provctx)
 {
     return dh_params;
 }
@@ -336,7 +336,7 @@ static const OSSL_PARAM dh_known_settable_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *dh_settable_params(void)
+static const OSSL_PARAM *dh_settable_params(void *provctx)
 {
     return dh_known_settable_params;
 }
diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c
index 58e9fc564f..d9c6007650 100644
--- a/providers/implementations/keymgmt/dsa_kmgmt.c
+++ b/providers/implementations/keymgmt/dsa_kmgmt.c
@@ -295,7 +295,7 @@ static const OSSL_PARAM dsa_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *dsa_gettable_params(void)
+static const OSSL_PARAM *dsa_gettable_params(void *provctx)
 {
     return dsa_params;
 }
diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c
index 4d040a1902..34b2737fdf 100644
--- a/providers/implementations/keymgmt/ec_kmgmt.c
+++ b/providers/implementations/keymgmt/ec_kmgmt.c
@@ -570,7 +570,7 @@ static const OSSL_PARAM ec_known_gettable_params[] = {
 };
 
 static
-const OSSL_PARAM *ec_gettable_params(void)
+const OSSL_PARAM *ec_gettable_params(void *provctx)
 {
     return ec_known_gettable_params;
 }
@@ -582,7 +582,7 @@ static const OSSL_PARAM ec_known_settable_params[] = {
 };
 
 static
-const OSSL_PARAM *ec_settable_params(void)
+const OSSL_PARAM *ec_settable_params(void *provctx)
 {
     return ec_known_settable_params;
 }
diff --git a/providers/implementations/keymgmt/ecx_kmgmt.c b/providers/implementations/keymgmt/ecx_kmgmt.c
index a1e1edbf5a..fff50ef0bf 100644
--- a/providers/implementations/keymgmt/ecx_kmgmt.c
+++ b/providers/implementations/keymgmt/ecx_kmgmt.c
@@ -314,22 +314,22 @@ static const OSSL_PARAM ed_gettable_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *x25519_gettable_params(void)
+static const OSSL_PARAM *x25519_gettable_params(void *provctx)
 {
     return ecx_gettable_params;
 }
 
-static const OSSL_PARAM *x448_gettable_params(void)
+static const OSSL_PARAM *x448_gettable_params(void *provctx)
 {
     return ecx_gettable_params;
 }
 
-static const OSSL_PARAM *ed25519_gettable_params(void)
+static const OSSL_PARAM *ed25519_gettable_params(void *provctx)
 {
     return ed_gettable_params;
 }
 
-static const OSSL_PARAM *ed448_gettable_params(void)
+static const OSSL_PARAM *ed448_gettable_params(void *provctx)
 {
     return ed_gettable_params;
 }
@@ -384,22 +384,22 @@ static const OSSL_PARAM ed_settable_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *x25519_settable_params(void)
+static const OSSL_PARAM *x25519_settable_params(void *provctx)
 {
     return ecx_settable_params;
 }
 
-static const OSSL_PARAM *x448_settable_params(void)
+static const OSSL_PARAM *x448_settable_params(void *provctx)
 {
     return ecx_settable_params;
 }
 
-static const OSSL_PARAM *ed25519_settable_params(void)
+static const OSSL_PARAM *ed25519_settable_params(void *provctx)
 {
     return ed_settable_params;
 }
 
-static const OSSL_PARAM *ed448_settable_params(void)
+static const OSSL_PARAM *ed448_settable_params(void *provctx)
 {
     return ed_settable_params;
 }
diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c
index 7ed280e861..ab2325d4bd 100644
--- a/providers/implementations/keymgmt/rsa_kmgmt.c
+++ b/providers/implementations/keymgmt/rsa_kmgmt.c
@@ -341,7 +341,7 @@ static const OSSL_PARAM rsa_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *rsa_gettable_params(void)
+static const OSSL_PARAM *rsa_gettable_params(void *provctx)
 {
     return rsa_params;
 }
diff --git a/providers/implementations/macs/blake2_mac_impl.c b/providers/implementations/macs/blake2_mac_impl.c
index 9fd7f2c0ba..586a546214 100644
--- a/providers/implementations/macs/blake2_mac_impl.c
+++ b/providers/implementations/macs/blake2_mac_impl.c
@@ -108,7 +108,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *blake2_gettable_ctx_params(void)
+static const OSSL_PARAM *blake2_gettable_ctx_params(void *provctx)
 {
     return known_gettable_ctx_params;
 }
@@ -130,7 +130,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_MAC_PARAM_SALT, NULL, 0),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *blake2_mac_settable_ctx_params()
+static const OSSL_PARAM *blake2_mac_settable_ctx_params(void *provctx)
 {
     return known_settable_ctx_params;
 }
diff --git a/providers/implementations/macs/cmac_prov.c b/providers/implementations/macs/cmac_prov.c
index 8ae6a89ad6..c02031a92c 100644
--- a/providers/implementations/macs/cmac_prov.c
+++ b/providers/implementations/macs/cmac_prov.c
@@ -125,7 +125,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *cmac_gettable_ctx_params(void)
+static const OSSL_PARAM *cmac_gettable_ctx_params(void *provctx)
 {
     return known_gettable_ctx_params;
 }
@@ -146,7 +146,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *cmac_settable_ctx_params(void)
+static const OSSL_PARAM *cmac_settable_ctx_params(void *provctx)
 {
     return known_settable_ctx_params;
 }
diff --git a/providers/implementations/macs/gmac_prov.c b/providers/implementations/macs/gmac_prov.c
index 845ea87527..5a69afe89e 100644
--- a/providers/implementations/macs/gmac_prov.c
+++ b/providers/implementations/macs/gmac_prov.c
@@ -136,7 +136,7 @@ static const OSSL_PARAM known_gettable_params[] = {
     OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *gmac_gettable_params(void)
+static const OSSL_PARAM *gmac_gettable_params(void *provctx)
 {
     return known_gettable_params;
 }
@@ -158,7 +158,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_MAC_PARAM_IV, NULL, 0),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *gmac_settable_ctx_params(void)
+static const OSSL_PARAM *gmac_settable_ctx_params(void *provctx)
 {
     return known_settable_ctx_params;
 }
diff --git a/providers/implementations/macs/hmac_prov.c b/providers/implementations/macs/hmac_prov.c
index 5260995861..109f93d243 100644
--- a/providers/implementations/macs/hmac_prov.c
+++ b/providers/implementations/macs/hmac_prov.c
@@ -139,7 +139,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *hmac_gettable_ctx_params(void)
+static const OSSL_PARAM *hmac_gettable_ctx_params(void *provctx)
 {
     return known_gettable_ctx_params;
 }
@@ -161,7 +161,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_int(OSSL_MAC_PARAM_FLAGS, NULL),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *hmac_settable_ctx_params(void)
+static const OSSL_PARAM *hmac_settable_ctx_params(void *provctx)
 {
     return known_settable_ctx_params;
 }
diff --git a/providers/implementations/macs/kmac_prov.c b/providers/implementations/macs/kmac_prov.c
index bc37ad34cb..46b0bd644a 100644
--- a/providers/implementations/macs/kmac_prov.c
+++ b/providers/implementations/macs/kmac_prov.c
@@ -307,7 +307,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *kmac_gettable_ctx_params(void)
+static const OSSL_PARAM *kmac_gettable_ctx_params(void *provctx)
 {
     return known_gettable_ctx_params;
 }
@@ -329,7 +329,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_MAC_PARAM_CUSTOM, NULL, 0),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *kmac_settable_ctx_params(void)
+static const OSSL_PARAM *kmac_settable_ctx_params(void *provctx)
 {
     return known_settable_ctx_params;
 }
diff --git a/providers/implementations/macs/poly1305_prov.c b/providers/implementations/macs/poly1305_prov.c
index aa0b7df7ee..eef546047f 100644
--- a/providers/implementations/macs/poly1305_prov.c
+++ b/providers/implementations/macs/poly1305_prov.c
@@ -101,7 +101,7 @@ static const OSSL_PARAM known_gettable_params[] = {
     OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *poly1305_gettable_params(void)
+static const OSSL_PARAM *poly1305_gettable_params(void *provctx)
 {
     return known_gettable_params;
 }
@@ -120,7 +120,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *poly1305_settable_ctx_params(void)
+static const OSSL_PARAM *poly1305_settable_ctx_params(void *provctx)
 {
     return known_settable_ctx_params;
 }
diff --git a/providers/implementations/macs/siphash_prov.c b/providers/implementations/macs/siphash_prov.c
index 64ac70f567..17137e946b 100644
--- a/providers/implementations/macs/siphash_prov.c
+++ b/providers/implementations/macs/siphash_prov.c
@@ -112,7 +112,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *siphash_gettable_ctx_params(void)
+static const OSSL_PARAM *siphash_gettable_ctx_params(void *provctx)
 {
     return known_gettable_ctx_params;
 }
@@ -132,7 +132,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *siphash_settable_params(void)
+static const OSSL_PARAM *siphash_settable_params(void *provctx)
 {
     return known_settable_ctx_params;
 }
diff --git a/providers/implementations/rands/drbg_ctr.c b/providers/implementations/rands/drbg_ctr.c
index 48fb7ebd3d..52c4a3368f 100644
--- a/providers/implementations/rands/drbg_ctr.c
+++ b/providers/implementations/rands/drbg_ctr.c
@@ -635,7 +635,7 @@ static int drbg_ctr_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
     return drbg_get_ctx_params(drbg, params);
 }
 
-static const OSSL_PARAM *drbg_ctr_gettable_ctx_params(void)
+static const OSSL_PARAM *drbg_ctr_gettable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_DRBG_GETABLE_CTX_COMMON,
@@ -701,7 +701,7 @@ static int drbg_ctr_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return drbg_set_ctx_params(ctx, params);
 }
 
-static const OSSL_PARAM *drbg_ctr_settable_ctx_params(void)
+static const OSSL_PARAM *drbg_ctr_settable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_PROPERTIES, NULL, 0),
diff --git a/providers/implementations/rands/drbg_hash.c b/providers/implementations/rands/drbg_hash.c
index f655dc57c6..8ff4263cb8 100644
--- a/providers/implementations/rands/drbg_hash.c
+++ b/providers/implementations/rands/drbg_hash.c
@@ -432,7 +432,7 @@ static int drbg_hash_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
     return drbg_get_ctx_params(drbg, params);
 }
 
-static const OSSL_PARAM *drbg_hash_gettable_ctx_params(void)
+static const OSSL_PARAM *drbg_hash_gettable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_DRBG_GETABLE_CTX_COMMON,
@@ -476,7 +476,7 @@ static int drbg_hash_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return drbg_set_ctx_params(ctx, params);
 }
 
-static const OSSL_PARAM *drbg_hash_settable_ctx_params(void)
+static const OSSL_PARAM *drbg_hash_settable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_PROPERTIES, NULL, 0),
diff --git a/providers/implementations/rands/drbg_hmac.c b/providers/implementations/rands/drbg_hmac.c
index 7ddfae1568..ced2e32b6e 100644
--- a/providers/implementations/rands/drbg_hmac.c
+++ b/providers/implementations/rands/drbg_hmac.c
@@ -329,7 +329,7 @@ static int drbg_hmac_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
     return drbg_get_ctx_params(drbg, params);
 }
 
-static const OSSL_PARAM *drbg_hmac_gettable_ctx_params(void)
+static const OSSL_PARAM *drbg_hmac_gettable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_DRBG_GETABLE_CTX_COMMON,
@@ -378,7 +378,7 @@ static int drbg_hmac_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return drbg_set_ctx_params(ctx, params);
 }
 
-static const OSSL_PARAM *drbg_hmac_settable_ctx_params(void)
+static const OSSL_PARAM *drbg_hmac_settable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_PROPERTIES, NULL, 0),
diff --git a/providers/implementations/rands/test_rng.c b/providers/implementations/rands/test_rng.c
index 7303d36f2f..ec3e9368c5 100644
--- a/providers/implementations/rands/test_rng.c
+++ b/providers/implementations/rands/test_rng.c
@@ -186,7 +186,7 @@ static int test_rng_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
     return drbg_get_ctx_params(drbg, params);
 }
 
-static const OSSL_PARAM *test_rng_gettable_ctx_params(void)
+static const OSSL_PARAM *test_rng_gettable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_DRBG_GETABLE_CTX_COMMON,
@@ -264,7 +264,7 @@ static int test_rng_set_ctx_params(void *vdrbg, const OSSL_PARAM params[])
     return drbg_set_ctx_params(drbg, params);
 }
 
-static const OSSL_PARAM *test_rng_settable_ctx_params(void)
+static const OSSL_PARAM *test_rng_settable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY, NULL, 0),
diff --git a/providers/implementations/serializers/deserialize_der2key.c b/providers/implementations/serializers/deserialize_der2key.c
index 87ac7b5e12..d765ad8fab 100644
--- a/providers/implementations/serializers/deserialize_der2key.c
+++ b/providers/implementations/serializers/deserialize_der2key.c
@@ -72,7 +72,7 @@ static void der2key_freectx(void *vctx)
     OPENSSL_free(ctx);
 }
 
-static const OSSL_PARAM *der2key_gettable_params(void)
+static const OSSL_PARAM *der2key_gettable_params(void *provctx)
 {
     static const OSSL_PARAM gettables[] = {
         { OSSL_DESERIALIZER_PARAM_INPUT_TYPE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 },
diff --git a/providers/implementations/serializers/deserialize_pem2der.c b/providers/implementations/serializers/deserialize_pem2der.c
index cbd0867da9..ea43bd8319 100644
--- a/providers/implementations/serializers/deserialize_pem2der.c
+++ b/providers/implementations/serializers/deserialize_pem2der.c
@@ -55,7 +55,7 @@ static void pem2der_freectx(void *vctx)
     OPENSSL_free(ctx);
 }
 
-static const OSSL_PARAM *pem2der_gettable_params(void)
+static const OSSL_PARAM *pem2der_gettable_params(void *provctx)
 {
     static const OSSL_PARAM gettables[] = {
         { OSSL_DESERIALIZER_PARAM_INPUT_TYPE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 },
diff --git a/providers/implementations/serializers/serializer_dh_priv.c b/providers/implementations/serializers/serializer_dh_priv.c
index 2399052f7e..fe11834c28 100644
--- a/providers/implementations/serializers/serializer_dh_priv.c
+++ b/providers/implementations/serializers/serializer_dh_priv.c
@@ -71,7 +71,7 @@ static void dh_priv_freectx(void *vctx)
     OPENSSL_free(ctx);
 }
 
-static const OSSL_PARAM *dh_priv_settable_ctx_params(void)
+static const OSSL_PARAM *dh_priv_settable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM settables[] = {
         OSSL_PARAM_utf8_string(OSSL_SERIALIZER_PARAM_CIPHER, NULL, 0),
diff --git a/providers/implementations/serializers/serializer_dsa_priv.c b/providers/implementations/serializers/serializer_dsa_priv.c
index 637b1126b1..ca8b4e5c9c 100644
--- a/providers/implementations/serializers/serializer_dsa_priv.c
+++ b/providers/implementations/serializers/serializer_dsa_priv.c
@@ -71,7 +71,7 @@ static void dsa_priv_freectx(void *vctx)
     OPENSSL_free(ctx);
 }
 
-static const OSSL_PARAM *dsa_priv_settable_ctx_params(void)
+static const OSSL_PARAM *dsa_priv_settable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM settables[] = {
         OSSL_PARAM_utf8_string(OSSL_SERIALIZER_PARAM_CIPHER, NULL, 0),
diff --git a/providers/implementations/serializers/serializer_ec_priv.c b/providers/implementations/serializers/serializer_ec_priv.c
index 9a315dfbcf..6e37b9b3c5 100644
--- a/providers/implementations/serializers/serializer_ec_priv.c
+++ b/providers/implementations/serializers/serializer_ec_priv.c
@@ -65,7 +65,7 @@ static void ec_priv_freectx(void *vctx)
     OPENSSL_free(ctx);
 }
 
-static const OSSL_PARAM *ec_priv_settable_ctx_params(void)
+static const OSSL_PARAM *ec_priv_settable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM settables[] = {
         OSSL_PARAM_utf8_string(OSSL_SERIALIZER_PARAM_CIPHER, NULL, 0),
diff --git a/providers/implementations/serializers/serializer_ecx_priv.c b/providers/implementations/serializers/serializer_ecx_priv.c
index b74404a886..904a8559c8 100644
--- a/providers/implementations/serializers/serializer_ecx_priv.c
+++ b/providers/implementations/serializers/serializer_ecx_priv.c
@@ -88,7 +88,7 @@ static void ecx_priv_freectx(void *vctx)
     OPENSSL_free(ctx);
 }
 
-static const OSSL_PARAM *ecx_priv_settable_ctx_params(void)
+static const OSSL_PARAM *ecx_priv_settable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM settables[] = {
         OSSL_PARAM_utf8_string(OSSL_SERIALIZER_PARAM_CIPHER, NULL, 0),
diff --git a/providers/implementations/serializers/serializer_rsa_priv.c b/providers/implementations/serializers/serializer_rsa_priv.c
index c9bdfaa3fc..c11ec786fa 100644
--- a/providers/implementations/serializers/serializer_rsa_priv.c
+++ b/providers/implementations/serializers/serializer_rsa_priv.c
@@ -73,7 +73,7 @@ static void rsa_priv_freectx(void *vctx)
     OPENSSL_free(ctx);
 }
 
-static const OSSL_PARAM *rsa_priv_settable_ctx_params(void)
+static const OSSL_PARAM *rsa_priv_settable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM settables[] = {
         OSSL_PARAM_utf8_string(OSSL_SERIALIZER_PARAM_CIPHER, NULL, 0),
diff --git a/providers/implementations/signature/dsa.c b/providers/implementations/signature/dsa.c
index e7a19620fa..76c65ceaa8 100644
--- a/providers/implementations/signature/dsa.c
+++ b/providers/implementations/signature/dsa.c
@@ -412,7 +412,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *dsa_gettable_ctx_params(void)
+static const OSSL_PARAM *dsa_gettable_ctx_params(void *provctx)
 {
     return known_gettable_ctx_params;
 }
@@ -454,7 +454,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *dsa_settable_ctx_params(void)
+static const OSSL_PARAM *dsa_settable_ctx_params(void *provctx)
 {
     /*
      * TODO(3.0): Should this function return a different set of settable ctx
diff --git a/providers/implementations/signature/ecdsa.c b/providers/implementations/signature/ecdsa.c
index e6da05c1e1..729a2b39ad 100644
--- a/providers/implementations/signature/ecdsa.c
+++ b/providers/implementations/signature/ecdsa.c
@@ -399,7 +399,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *ecdsa_gettable_ctx_params(void)
+static const OSSL_PARAM *ecdsa_gettable_ctx_params(void *provctx)
 {
     return known_gettable_ctx_params;
 }
@@ -451,7 +451,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *ecdsa_settable_ctx_params(void)
+static const OSSL_PARAM *ecdsa_settable_ctx_params(void *provctx)
 {
     /*
      * TODO(3.0): Should this function return a different set of settable ctx
diff --git a/providers/implementations/signature/rsa.c b/providers/implementations/signature/rsa.c
index 42654f929a..6de10d1f53 100644
--- a/providers/implementations/signature/rsa.c
+++ b/providers/implementations/signature/rsa.c
@@ -983,7 +983,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *rsa_gettable_ctx_params(void)
+static const OSSL_PARAM *rsa_gettable_ctx_params(void *provctx)
 {
     return known_gettable_ctx_params;
 }
@@ -1233,7 +1233,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *rsa_settable_ctx_params(void)
+static const OSSL_PARAM *rsa_settable_ctx_params(void *provctx)
 {
     /*
      * TODO(3.0): Should this function return a different set of settable ctx
diff --git a/test/tls-provider.c b/test/tls-provider.c
index 37ba1f96d3..496ba7ead9 100644
--- a/test/tls-provider.c
+++ b/test/tls-provider.c
@@ -286,7 +286,7 @@ static const OSSL_PARAM xor_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *xor_gettable_params(void)
+static const OSSL_PARAM *xor_gettable_params(void *provctx)
 {
     return xor_params;
 }
@@ -313,7 +313,7 @@ static const OSSL_PARAM xor_known_settable_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *xor_settable_params(void)
+static const OSSL_PARAM *xor_settable_params(void *provctx)
 {
     return xor_known_settable_params;
 }

From pauli at openssl.org  Thu Aug  6 22:07:38 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Thu, 06 Aug 2020 22:07:38 +0000
Subject: [openssl]  master update
Message-ID: <1596751658.762093.25253.nullmailer@dev.openssl.org>

The branch master has been updated
       via  5f6a0b2ff055cf3ad09a1d49a4b95b13e1106b35 (commit)
      from  992492f5e82e0cf9b24acc14ea90ce8afd4c447a (commit)


- Log -----------------------------------------------------------------
commit 5f6a0b2ff055cf3ad09a1d49a4b95b13e1106b35
Author: Pauli <paul.dale at oracle.com>
Date:   Wed Aug 5 15:26:48 2020 +1000

    mac: add some consistency to setting the XXX_final output length.
    
    The various MACs were all over the place with respects to what they did with
    the output length in the final call.  Now they all unconditionally set the
    output length and the EVP layer handles the possibility of a NULL pointer.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12582)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/mac_lib.c                             | 4 +++-
 providers/implementations/macs/blake2_mac_impl.c | 1 +
 providers/implementations/macs/hmac_prov.c       | 3 +--
 providers/implementations/macs/kmac_prov.c       | 3 +--
 providers/implementations/macs/poly1305_prov.c   | 1 +
 5 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/crypto/evp/mac_lib.c b/crypto/evp/mac_lib.c
index a5c1b44666..2198c46680 100644
--- a/crypto/evp/mac_lib.c
+++ b/crypto/evp/mac_lib.c
@@ -120,11 +120,13 @@ int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen)
 int EVP_MAC_final(EVP_MAC_CTX *ctx,
                   unsigned char *out, size_t *outl, size_t outsize)
 {
-    size_t l = EVP_MAC_size(ctx);
+    size_t l;
     int res = 1;
 
     if (out != NULL)
         res = ctx->meth->final(ctx->data, out, &l, outsize);
+    else
+        l = EVP_MAC_size(ctx);
     if (outl != NULL)
         *outl = l;
     return res;
diff --git a/providers/implementations/macs/blake2_mac_impl.c b/providers/implementations/macs/blake2_mac_impl.c
index 586a546214..d4e61e44a4 100644
--- a/providers/implementations/macs/blake2_mac_impl.c
+++ b/providers/implementations/macs/blake2_mac_impl.c
@@ -101,6 +101,7 @@ static int blake2_mac_final(void *vmacctx,
 {
     struct blake2_mac_data_st *macctx = vmacctx;
 
+    *outl = blake2_mac_size(macctx);
     return BLAKE2_FINAL(out, &macctx->ctx);
 }
 
diff --git a/providers/implementations/macs/hmac_prov.c b/providers/implementations/macs/hmac_prov.c
index 109f93d243..af2a2098cd 100644
--- a/providers/implementations/macs/hmac_prov.c
+++ b/providers/implementations/macs/hmac_prov.c
@@ -130,8 +130,7 @@ static int hmac_final(void *vmacctx, unsigned char *out, size_t *outl,
 
     if (!HMAC_Final(macctx->ctx, out, &hlen))
         return 0;
-    if (outl != NULL)
-        *outl = hlen;
+    *outl = hlen;
     return 1;
 }
 
diff --git a/providers/implementations/macs/kmac_prov.c b/providers/implementations/macs/kmac_prov.c
index 46b0bd644a..792bc6c5bb 100644
--- a/providers/implementations/macs/kmac_prov.c
+++ b/providers/implementations/macs/kmac_prov.c
@@ -298,8 +298,7 @@ static int kmac_final(void *vmacctx, unsigned char *out, size_t *outl,
     ok = right_encode(encoded_outlen, &len, lbits)
         && EVP_DigestUpdate(ctx, encoded_outlen, len)
         && EVP_DigestFinalXOF(ctx, out, kctx->out_len);
-    if (ok && outl != NULL)
-        *outl = kctx->out_len;
+    *outl = kctx->out_len;
     return ok;
 }
 
diff --git a/providers/implementations/macs/poly1305_prov.c b/providers/implementations/macs/poly1305_prov.c
index eef546047f..748cafbaca 100644
--- a/providers/implementations/macs/poly1305_prov.c
+++ b/providers/implementations/macs/poly1305_prov.c
@@ -94,6 +94,7 @@ static int poly1305_final(void *vmacctx, unsigned char *out, size_t *outl,
     struct poly1305_data_st *ctx = vmacctx;
 
     Poly1305_Final(&ctx->poly1305, out);
+    *outl = poly1305_size();
     return 1;
 }
 

From openssl at openssl.org  Thu Aug  6 23:04:25 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 06 Aug 2020 23:04:25 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 enable-fuzz-afl no-shared no-module
Message-ID: <1596755065.506823.31514.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module

Commit log since last time:

914f97eecc Fix provider cipher reinit after init/update with a partial update block.
c5b356d5d6 Mark an argument of an inline function as unused
ebc1e8fc4e openssl-cmp.pod.in: Update and extend example using Insta Demo CA
4c525cb5b6 DESERIALIZER: Fix EVP_PKEY construction by export
aff8c0a411 Fix error message on setting cert validity period in apps/cmp.c
57c05c57c3 apps: Correct and extend diagnostics of parse_name()
02ae130e3d Add 'section=...' info in error output of X509V3_EXT_nconf() as far as appropriate
1ac658ac9d Rename misleading X509V3_R_INVALID_NULL_NAME to X509V3_R_INVALID_EMPTY_NAME
c90c469376 Correct confusing X509V3 conf error output by removing needless 'section:<NULL>' etc.
b516a4b139 Correct misleading diagnostics of OBJ_txt2obj on unknown object name
8f7e897995 apps/cmp.c: Defer diagnostic output on server+proxy to be contacted
b5b6669fb6 PROV: Make the DER to KEY deserializer decode parameters too
19b4e6f8fe Coverity Fixes for issue #12531
e5b2cd5899 Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo
37d898df34 Add CHANGES.md entry for SSL_set1_host()/SSL_add1_host() taking IP literals
892a9e4c99 Disallow setting more than one IP address with SSL_add1_host()
396e720965 Fix certificate validation for IPv6 literals in sconnect demo
c832840e89 Make SSL_set1_host() and SSL_add1_host() take IP addresses
a677190779 81-test_cmp_cli.t: Skip tests with mock server if server cannot be started

Build log ended with (last 100 lines):

../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock credentials' -proxy '' -no_proxy 127.0.0.1 -cert "" -key "" -keypass "" -unprotected_requests => 0
    not ok 38 - unprotected request
# ------------------------------------------------------------------------------
    #   Failed test 'unprotected request'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 3 tests of 38.
not ok 5 - CMP app CLI Mock credentials
# ------------------------------------------------------------------------------
OPENSSL_FUNC:../openssl/apps/cmp.c:3105:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2881:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2218:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2262:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 43 - popo RAVERIFIED
# ------------------------------------------------------------------------------
OPENSSL_FUNC:../openssl/apps/cmp.c:3105:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2881:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2218:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2262:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 47 - popo NONE
# ------------------------------------------------------------------------------
    #   Failed test 'popo NONE'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
OPENSSL_FUNC:../openssl/apps/cmp.c:3105:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2881:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2218:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2262:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 2 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 48 - popo KEYENC not supported
# ------------------------------------------------------------------------------
    # Looks like you failed 3 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/enable-fuzz-afl/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 3 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 3 (wstat 768, 0x300)
Failed 3/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ skipped: Test only supported in a shared build
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 768 Tests: 7 Failed: 3)
  Failed tests:  4-5, 7
  Non-zero exit status: 3
Files=207, Tests=2959, 740 wallclock secs ( 9.49 usr  1.14 sys + 685.02 cusr 49.02 csys = 744.67 CPU)
Result: FAIL
Makefile:2403: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-fuzz-afl'
Makefile:2401: recipe for target 'tests' failed
make: *** [tests] Error 2

From builds at travis-ci.com  Thu Aug  6 23:21:45 2020
From: builds at travis-ci.com (Travis CI)
Date: Thu, 06 Aug 2020 23:21:45 +0000
Subject: Still Failing: openssl/openssl#36535 (master - c5ec6dc)
In-Reply-To: <openssl/openssl+178819742+still failing@travis-ci.com>
Message-ID: <5f2c9089398e8_13fa17a4a80704173f6@travis-pro-tasks-766cdf8b84-6qr7r.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36535
Status: Still Failing

Duration: 1 hr, 18 mins, and 38 secs
Commit: c5ec6dc (master)
Author: Jon Spillett
Message: Add new APIs to get PKCS12 secretBag OID and value

Reviewed-by: Paul Dale <paul.dale at oracle.com>
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10063)

View the changeset: https://github.com/openssl/openssl/compare/15c9aa3aef77...c5ec6dcf0bdd

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178819742?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200806/ac7221e8/attachment-0001.html>

From pauli at openssl.org  Fri Aug  7 00:00:11 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Fri, 07 Aug 2020 00:00:11 +0000
Subject: [openssl]  master update
Message-ID: <1596758411.163729.31951.nullmailer@dev.openssl.org>

The branch master has been updated
       via  6ce6ad39fe85cf8b5c84ded9885329bf703ee649 (commit)
      from  5f6a0b2ff055cf3ad09a1d49a4b95b13e1106b35 (commit)


- Log -----------------------------------------------------------------
commit 6ce6ad39fe85cf8b5c84ded9885329bf703ee649
Author: Richard Levitte <levitte at openssl.org>
Date:   Wed Aug 5 08:01:59 2020 +0200

    RSA: Be less strict on PSS parameters when exporting to provider
    
    We have a key in test/recipes/30-test_evp_data/evppkey.txt with bad
    PSS parameters (RSA-PSS-BAD), which is supposed to trigger signature
    computation faults.  However, if this key needs to be exported to the
    RSA provider implementation, the result would be an earlier error,
    giving the computation that's supposed to be checked n chance to even
    be reached.
    
    Either way, the legacy to provider export is no place to validate the
    values of the key.
    
    We also ensure that the provider implementation can handle and detect
    signed (negative) saltlen values.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12583)

-----------------------------------------------------------------------

Summary of changes:
 crypto/rsa/rsa_ameth.c                    |  5 +++--
 include/crypto/rsa.h                      |  4 ++--
 providers/implementations/signature/rsa.c | 14 +++++++-------
 3 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
index f5911ad233..749cd8764b 100644
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@@ -1218,10 +1218,11 @@ static int rsa_int_export_to(const EVP_PKEY *from, int rsa_type,
 
     if (rsa->pss != NULL) {
         const EVP_MD *md = NULL, *mgf1md = NULL;
-        int md_nid, mgf1md_nid, saltlen;
+        int md_nid, mgf1md_nid, saltlen, trailerfield;
         RSA_PSS_PARAMS_30 pss_params;
 
-        if (!rsa_pss_get_param(rsa->pss, &md, &mgf1md, &saltlen))
+        if (!rsa_pss_get_param_unverified(rsa->pss, &md, &mgf1md,
+                                          &saltlen, &trailerfield))
             goto err;
         md_nid = EVP_MD_type(md);
         mgf1md_nid = EVP_MD_type(mgf1md);
diff --git a/include/crypto/rsa.h b/include/crypto/rsa.h
index 9469ec9233..97cbfa1d7e 100644
--- a/include/crypto/rsa.h
+++ b/include/crypto/rsa.h
@@ -19,8 +19,8 @@ typedef struct rsa_pss_params_30_st {
         int algorithm_nid;       /* Currently always NID_mgf1 */
         int hash_algorithm_nid;
     } mask_gen;
-    unsigned int salt_len;
-    unsigned int trailer_field;
+    int salt_len;
+    int trailer_field;
 } RSA_PSS_PARAMS_30;
 
 RSA_PSS_PARAMS_30 *rsa_get0_pss_params_30(RSA *r);
diff --git a/providers/implementations/signature/rsa.c b/providers/implementations/signature/rsa.c
index 6de10d1f53..491c72d990 100644
--- a/providers/implementations/signature/rsa.c
+++ b/providers/implementations/signature/rsa.c
@@ -176,16 +176,16 @@ static int rsa_check_padding(int mdnid, int padding)
     return 1;
 }
 
-static int rsa_check_parameters(EVP_MD *md, PROV_RSA_CTX *prsactx)
+static int rsa_check_parameters(PROV_RSA_CTX *prsactx)
 {
     if (prsactx->pad_mode == RSA_PKCS1_PSS_PADDING) {
         int max_saltlen;
 
         /* See if minimum salt length exceeds maximum possible */
-        max_saltlen = RSA_size(prsactx->rsa) - EVP_MD_size(md);
+        max_saltlen = RSA_size(prsactx->rsa) - EVP_MD_size(prsactx->md);
         if ((RSA_bits(prsactx->rsa) & 0x7) == 1)
             max_saltlen--;
-        if (prsactx->min_saltlen > max_saltlen) {
+        if (prsactx->min_saltlen < 0 || prsactx->min_saltlen > max_saltlen) {
             ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_SALT_LENGTH);
             return 0;
         }
@@ -230,7 +230,6 @@ static int rsa_setup_md(PROV_RSA_CTX *ctx, const char *mdname,
         if (md == NULL
             || md_nid == NID_undef
             || !rsa_check_padding(md_nid, ctx->pad_mode)
-            || !rsa_check_parameters(md, ctx)
             || mdname_len >= sizeof(ctx->mdname)) {
             if (md == NULL)
                 ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST,
@@ -365,7 +364,8 @@ static int rsa_signature_init(void *vprsactx, void *vrsa, int operation)
                 prsactx->saltlen = min_saltlen;
 
                 return rsa_setup_md(prsactx, mdname, prsactx->propq)
-                    && rsa_setup_mgf1_md(prsactx, mgf1mdname, prsactx->propq);
+                    && rsa_setup_mgf1_md(prsactx, mgf1mdname, prsactx->propq)
+                    && rsa_check_parameters(prsactx);
             }
         }
 
@@ -1151,7 +1151,7 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])
         }
 
         if (rsa_pss_restricted(prsactx)) {
-            switch (prsactx->saltlen) {
+            switch (saltlen) {
             case RSA_PSS_SALTLEN_AUTO:
                 if (prsactx->operation == EVP_PKEY_OP_VERIFY) {
                     ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_PSS_SALTLEN);
@@ -1168,7 +1168,7 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])
                                    EVP_MD_size(prsactx->md));
                     return 0;
                 }
-                /* FALLTHRU */
+                break;
             default:
                 if (saltlen >= 0 && saltlen < prsactx->min_saltlen) {
                     ERR_raise_data(ERR_LIB_PROV,

From builds at travis-ci.com  Fri Aug  7 00:32:27 2020
From: builds at travis-ci.com (Travis CI)
Date: Fri, 07 Aug 2020 00:32:27 +0000
Subject: Still Failing: openssl/openssl#36536 (master - 992492f)
In-Reply-To: <openssl/openssl+178819975+still failing@travis-ci.com>
Message-ID: <5f2ca0ff84277_13fa763627894864bf@travis-pro-tasks-544b56898d-jp74z.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36536
Status: Still Failing

Duration: 1 hr, 32 mins, and 5 secs
Commit: 992492f (master)
Author: Pauli
Message: gettables: documentation changes to pass the provider context.

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12581)

View the changeset: https://github.com/openssl/openssl/compare/c5ec6dcf0bdd...992492f5e82e

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178819975?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200807/88afd871/attachment.html>

From levitte at openssl.org  Fri Aug  7 02:13:34 2020
From: levitte at openssl.org (Richard Levitte)
Date: Fri, 07 Aug 2020 02:13:34 +0000
Subject: [openssl]  master update
Message-ID: <1596766414.693828.12176.nullmailer@dev.openssl.org>

The branch master has been updated
       via  a7922e208ddfbdcff44d1b3fa5839f96510d04bd (commit)
       via  dca51418b0186c1d829b04ce89990148fbedbf9c (commit)
       via  37d398c180cd30f69a9d122af4734852309b55a5 (commit)
       via  fb89000897cddee45abb2949c0697a3f8ec090b2 (commit)
       via  413835f5d158acb14147e9f1c4f85b9c518b1fa6 (commit)
      from  6ce6ad39fe85cf8b5c84ded9885329bf703ee649 (commit)


- Log -----------------------------------------------------------------
commit a7922e208ddfbdcff44d1b3fa5839f96510d04bd
Author: Richard Levitte <levitte at openssl.org>
Date:   Mon Aug 3 21:10:19 2020 +0200

    TEST: Adjust the serdes test to include MSBLOB and PVK
    
    Because PVK uses RC4, we must ensure that default + legacy providers
    are active.
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12574)

commit dca51418b0186c1d829b04ce89990148fbedbf9c
Author: Richard Levitte <levitte at openssl.org>
Date:   Mon Aug 3 21:09:26 2020 +0200

    PEM: Fix i2b_PvK to use EVP_Encrypt calls consistently
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12574)

commit 37d398c180cd30f69a9d122af4734852309b55a5
Author: Richard Levitte <levitte at openssl.org>
Date:   Mon Aug 3 21:08:40 2020 +0200

    PROV: Add MSBLOB and PVK to DSA and RSA deserializers
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12574)

commit fb89000897cddee45abb2949c0697a3f8ec090b2
Author: Richard Levitte <levitte at openssl.org>
Date:   Mon Aug 3 21:04:05 2020 +0200

    DESERIALIZER: Adjust to allow the use several deserializers with same name
    
    A key type may be deserialized from one of several sources, which
    means that more than one deserializer with the same name should be
    possible to add to the stack of deserializers to try, in the
    OSSL_DESERIALIZER_CTX collection.
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12574)

commit 413835f5d158acb14147e9f1c4f85b9c518b1fa6
Author: Richard Levitte <levitte at openssl.org>
Date:   Mon Aug 3 21:01:35 2020 +0200

    PEM: Make general MSBLOB reader functions exposed internally
    
    Fly-by fix is to move crypto/include/internal/pem_int.h to
    include/internal/pem.h.
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12574)

-----------------------------------------------------------------------

Summary of changes:
 crypto/pem/pvkfmt.c                                |  55 ++---
 crypto/serializer/deserializer_pkey.c              |  67 +++---
 crypto/store/loader_file.c                         |   2 +-
 .../internal/pem_int.h => include/internal/pem.h   |  12 +-
 providers/deserializers.inc                        |  11 +
 .../implementations/include/prov/implementations.h |   4 +
 providers/implementations/serializers/build.info   |   6 +-
 .../serializers/deserialize_common.c               |  58 ++++-
 ...{deserialize_der2key.c => deserialize_ms2key.c} | 182 ++++++++--------
 .../implementations/serializers/serializer_local.h |   8 +
 test/recipes/04-test_serializer_deserializer.t     |  12 +-
 test/serdes_test.c                                 | 239 ++++++++++++++++++++-
 12 files changed, 503 insertions(+), 153 deletions(-)
 rename crypto/include/internal/pem_int.h => include/internal/pem.h (75%)
 copy providers/implementations/serializers/{deserialize_der2key.c => deserialize_ms2key.c} (54%)

diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c
index 6d85a8a4e1..95d1ff5a94 100644
--- a/crypto/pem/pvkfmt.c
+++ b/crypto/pem/pvkfmt.c
@@ -20,7 +20,7 @@
 
 #include "internal/cryptlib.h"
 #include <openssl/pem.h>
-#include "internal/pem_int.h"
+#include "internal/pem.h"
 #include <openssl/rand.h>
 #include <openssl/bn.h>
 #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
@@ -186,28 +186,27 @@ static unsigned int blob_length(unsigned bitlen, int isdss, int ispub)
 
 }
 
-static EVP_PKEY *do_b2i(const unsigned char **in, unsigned int length,
-                        int ispub)
+EVP_PKEY *ossl_b2i(const unsigned char **in, unsigned int length, int *ispub)
 {
     const unsigned char *p = *in;
     unsigned int bitlen, magic;
     int isdss;
-    if (ossl_do_blob_header(&p, length, &magic, &bitlen, &isdss, &ispub) <= 0) {
-        PEMerr(PEM_F_DO_B2I, PEM_R_KEYBLOB_HEADER_PARSE_ERROR);
+    if (ossl_do_blob_header(&p, length, &magic, &bitlen, &isdss, ispub) <= 0) {
+        PEMerr(0, PEM_R_KEYBLOB_HEADER_PARSE_ERROR);
         return NULL;
     }
     length -= 16;
-    if (length < blob_length(bitlen, isdss, ispub)) {
-        PEMerr(PEM_F_DO_B2I, PEM_R_KEYBLOB_TOO_SHORT);
+    if (length < blob_length(bitlen, isdss, *ispub)) {
+        PEMerr(0, PEM_R_KEYBLOB_TOO_SHORT);
         return NULL;
     }
     if (isdss)
-        return b2i_dss(&p, bitlen, ispub);
+        return b2i_dss(&p, bitlen, *ispub);
     else
-        return b2i_rsa(&p, bitlen, ispub);
+        return b2i_rsa(&p, bitlen, *ispub);
 }
 
-static EVP_PKEY *do_b2i_bio(BIO *in, int ispub)
+EVP_PKEY *ossl_b2i_bio(BIO *in, int *ispub)
 {
     const unsigned char *p;
     unsigned char hdr_buf[16], *buf = NULL;
@@ -215,33 +214,33 @@ static EVP_PKEY *do_b2i_bio(BIO *in, int ispub)
     int isdss;
     EVP_PKEY *ret = NULL;
     if (BIO_read(in, hdr_buf, 16) != 16) {
-        PEMerr(PEM_F_DO_B2I_BIO, PEM_R_KEYBLOB_TOO_SHORT);
+        PEMerr(0, PEM_R_KEYBLOB_TOO_SHORT);
         return NULL;
     }
     p = hdr_buf;
-    if (ossl_do_blob_header(&p, 16, &magic, &bitlen, &isdss, &ispub) <= 0)
+    if (ossl_do_blob_header(&p, 16, &magic, &bitlen, &isdss, ispub) <= 0)
         return NULL;
 
-    length = blob_length(bitlen, isdss, ispub);
+    length = blob_length(bitlen, isdss, *ispub);
     if (length > BLOB_MAX_LENGTH) {
-        PEMerr(PEM_F_DO_B2I_BIO, PEM_R_HEADER_TOO_LONG);
+        PEMerr(0, PEM_R_HEADER_TOO_LONG);
         return NULL;
     }
     buf = OPENSSL_malloc(length);
     if (buf == NULL) {
-        PEMerr(PEM_F_DO_B2I_BIO, ERR_R_MALLOC_FAILURE);
+        PEMerr(0, ERR_R_MALLOC_FAILURE);
         goto err;
     }
     p = buf;
     if (BIO_read(in, buf, length) != (int)length) {
-        PEMerr(PEM_F_DO_B2I_BIO, PEM_R_KEYBLOB_TOO_SHORT);
+        PEMerr(0, PEM_R_KEYBLOB_TOO_SHORT);
         goto err;
     }
 
     if (isdss)
-        ret = b2i_dss(&p, bitlen, ispub);
+        ret = b2i_dss(&p, bitlen, *ispub);
     else
-        ret = b2i_rsa(&p, bitlen, ispub);
+        ret = b2i_rsa(&p, bitlen, *ispub);
 
  err:
     OPENSSL_free(buf);
@@ -391,22 +390,30 @@ static EVP_PKEY *b2i_rsa(const unsigned char **in,
 
 EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length)
 {
-    return do_b2i(in, length, 0);
+    int ispub = 0;
+
+    return ossl_b2i(in, length, &ispub);
 }
 
 EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length)
 {
-    return do_b2i(in, length, 1);
+    int ispub = 1;
+
+    return ossl_b2i(in, length, &ispub);
 }
 
 EVP_PKEY *b2i_PrivateKey_bio(BIO *in)
 {
-    return do_b2i_bio(in, 0);
+    int ispub = 0;
+
+    return ossl_b2i_bio(in, &ispub);
 }
 
 EVP_PKEY *b2i_PublicKey_bio(BIO *in)
 {
-    return do_b2i_bio(in, 1);
+    int ispub = 1;
+
+    return ossl_b2i_bio(in, &ispub);
 }
 
 static void write_ledword(unsigned char **out, unsigned int dw)
@@ -852,9 +859,9 @@ static int i2b_PVK(unsigned char **out, const EVP_PKEY *pk, int enclevel,
         if (!EVP_EncryptInit_ex(cctx, EVP_rc4(), NULL, keybuf, NULL))
             goto error;
         OPENSSL_cleanse(keybuf, 20);
-        if (!EVP_DecryptUpdate(cctx, p, &enctmplen, p, pklen - 8))
+        if (!EVP_EncryptUpdate(cctx, p, &enctmplen, p, pklen - 8))
             goto error;
-        if (!EVP_DecryptFinal_ex(cctx, p + enctmplen, &enctmplen))
+        if (!EVP_EncryptFinal_ex(cctx, p + enctmplen, &enctmplen))
             goto error;
     }
 
diff --git a/crypto/serializer/deserializer_pkey.c b/crypto/serializer/deserializer_pkey.c
index 44e7eb56ee..6375a29e36 100644
--- a/crypto/serializer/deserializer_pkey.c
+++ b/crypto/serializer/deserializer_pkey.c
@@ -241,6 +241,7 @@ DEFINE_STACK_OF_CSTRING()
 struct collected_data_st {
     struct deser_EVP_PKEY_data_st *process_data;
     STACK_OF(OPENSSL_CSTRING) *names;
+    OSSL_DESERIALIZER_CTX *ctx;
 
     unsigned int error_occured:1;
 };
@@ -279,6 +280,28 @@ static void collect_name(const char *name, void *arg)
     data->error_occured = 0;         /* All is good now */
 }
 
+static void collect_deserializer(OSSL_DESERIALIZER *deser, void *arg)
+{
+    struct collected_data_st *data = arg;
+    size_t i, end_i;
+
+    if (data->error_occured)
+        return;
+
+    data->error_occured = 1;         /* Assume the worst */
+
+    end_i = sk_OPENSSL_CSTRING_num(data->names);
+    for (i = 0; i < end_i; i++) {
+        const char *name = sk_OPENSSL_CSTRING_value(data->names, i);
+
+        if (!OSSL_DESERIALIZER_is_a(deser, name))
+            continue;
+        (void)OSSL_DESERIALIZER_CTX_add_deserializer(data->ctx, deser);
+    }
+
+    data->error_occured = 0;         /* All is good now */
+}
+
 OSSL_DESERIALIZER_CTX *
 OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY(EVP_PKEY **pkey,
                                       const char *input_type,
@@ -300,6 +323,7 @@ OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY(EVP_PKEY **pkey,
         goto err;
     }
     data->process_data->object = (void **)pkey;
+    data->ctx = ctx;
     OSSL_DESERIALIZER_CTX_set_input_type(ctx, input_type);
 
     /* First, find all keymgmts to form goals */
@@ -308,49 +332,30 @@ OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY(EVP_PKEY **pkey,
     if (data->error_occured)
         goto err;
 
-    /*
-     * Then, use the names of those keymgmts to find the first set of
-     * derializers.
-     */
-    ERR_set_mark();
+    /* Then, we collect all the keymgmt names */
     end_i = sk_EVP_KEYMGMT_num(data->process_data->keymgmts);
     for (i = 0; i < end_i; i++) {
         EVP_KEYMGMT *keymgmt =
             sk_EVP_KEYMGMT_value(data->process_data->keymgmts, i);
-        size_t j;
-        OSSL_DESERIALIZER *deser = NULL;
 
         EVP_KEYMGMT_names_do_all(keymgmt, collect_name, data);
 
-        for (j = sk_OPENSSL_CSTRING_num(data->names);
-             j-- > 0 && deser == NULL;) {
-            const char *name = sk_OPENSSL_CSTRING_pop(data->names);
+        if (data->error_occured)
+            goto err;
+    }
 
-            ERR_set_mark();
-            deser = OSSL_DESERIALIZER_fetch(libctx, name, propquery);
-            ERR_pop_to_mark();
-        }
+    /*
+     * Finally, find all deserializers that have any keymgmt of the collected
+     * keymgmt names
+     */
+    OSSL_DESERIALIZER_do_all_provided(libctx, collect_deserializer, data);
 
-        /*
-         * The names in |data->names| aren't allocated for the stack,
-         * so we can simply clear it and let it be re-used.
-         */
-        sk_OPENSSL_CSTRING_zero(data->names);
+    if (data->error_occured)
+        goto err;
 
-        /*
-         * If we found a matching serializer, try to add it to the context.
-         */
-        if (deser != NULL) {
-            (void)OSSL_DESERIALIZER_CTX_add_deserializer(ctx, deser);
-            OSSL_DESERIALIZER_free(deser);
-        }
-    }
     /* If we found no deserializers to match the keymgmts, we err */
-    if (OSSL_DESERIALIZER_CTX_num_deserializers(ctx) == 0) {
-        ERR_clear_last_mark();
+    if (OSSL_DESERIALIZER_CTX_num_deserializers(ctx) == 0)
         goto err;
-    }
-    ERR_pop_to_mark();
 
     /* Finally, collect extra deserializers based on what we already have */
     (void)OSSL_DESERIALIZER_CTX_add_extra(ctx, libctx, propquery);
diff --git a/crypto/store/loader_file.c b/crypto/store/loader_file.c
index 5ff93e33ab..da4e96b989 100644
--- a/crypto/store/loader_file.c
+++ b/crypto/store/loader_file.c
@@ -21,7 +21,7 @@
 #include <openssl/err.h>
 #include <openssl/evp.h>
 #include <openssl/pem.h>
-#include "internal/pem_int.h"
+#include "internal/pem.h"
 #include <openssl/pkcs12.h>      /* For the PKCS8 stuff o.O */
 #include <openssl/rsa.h>         /* For d2i_RSAPrivateKey */
 #include <openssl/safestack.h>
diff --git a/crypto/include/internal/pem_int.h b/include/internal/pem.h
similarity index 75%
rename from crypto/include/internal/pem_int.h
rename to include/internal/pem.h
index c8f90528c3..b6a10241f3 100644
--- a/crypto/include/internal/pem_int.h
+++ b/include/internal/pem.h
@@ -7,17 +7,25 @@
  * https://www.openssl.org/source/license.html
  */
 
-#ifndef HEADER_PEM_INT_H
-# define HEADER_PEM_INT_H
+#ifndef OSSL_INTERNAL_PEM_H
+# define OSSL_INTERNAL_PEM_H
 
 # include <openssl/pem.h>
 
+# ifndef OPENSSL_NO_DSA
 /* Found in crypto/pem/pvkfmt.c */
 int ossl_do_blob_header(const unsigned char **in, unsigned int length,
                         unsigned int *pmagic, unsigned int *pbitlen,
                         int *pisdss, int *pispub);
+#  ifndef OPENSSL_NO_RC4
 int ossl_do_PVK_header(const unsigned char **in, unsigned int length,
                        int skip_magic,
                        unsigned int *psaltlen, unsigned int *pkeylen);
+#  endif
+
+EVP_PKEY *ossl_b2i(const unsigned char **in, unsigned int length, int *ispub);
+EVP_PKEY *ossl_b2i_bio(BIO *in, int *ispub);
+
+# endif
 
 #endif
diff --git a/providers/deserializers.inc b/providers/deserializers.inc
index ead1c67878..e11056ee9e 100644
--- a/providers/deserializers.inc
+++ b/providers/deserializers.inc
@@ -16,6 +16,10 @@
 #endif
 #ifndef OPENSSL_NO_DSA
     DESER("DSA", "yes", "der", der_to_dsa_deserializer_functions),
+    DESER("DSA", "yes", "mblob", msblob_to_dsa_deserializer_functions),
+# ifndef OPENSSL_NO_RC4
+    DESER("DSA", "yes", "pvk", pvk_to_dsa_deserializer_functions),
+# endif
 #endif
 #ifndef OPENSSL_NO_EC
     DESER("EC", "yes", "der", der_to_ec_deserializer_functions),
@@ -26,5 +30,12 @@
 #endif
     DESER("RSA", "yes", "der", der_to_rsa_deserializer_functions),
     DESER("RSA-PSS", "yes", "der", der_to_rsapss_deserializer_functions),
+#ifndef OPENSSL_NO_DSA
+    DESER("RSA", "yes", "mblob", msblob_to_rsa_deserializer_functions),
+# ifndef OPENSSL_NO_RC4
+    DESER("RSA", "yes", "pvk", pvk_to_rsa_deserializer_functions),
+# endif
+#endif
 
     DESER("DER", "yes", "pem", pem_to_der_deserializer_functions),
+
diff --git a/providers/implementations/include/prov/implementations.h b/providers/implementations/include/prov/implementations.h
index 73d4a0225e..7e470044cd 100644
--- a/providers/implementations/include/prov/implementations.h
+++ b/providers/implementations/include/prov/implementations.h
@@ -361,6 +361,8 @@ extern const OSSL_DISPATCH ec_param_pem_serializer_functions[];
 
 extern const OSSL_DISPATCH der_to_dh_deserializer_functions[];
 extern const OSSL_DISPATCH der_to_dsa_deserializer_functions[];
+extern const OSSL_DISPATCH msblob_to_dsa_deserializer_functions[];
+extern const OSSL_DISPATCH pvk_to_dsa_deserializer_functions[];
 extern const OSSL_DISPATCH der_to_ec_deserializer_functions[];
 extern const OSSL_DISPATCH der_to_x25519_deserializer_functions[];
 extern const OSSL_DISPATCH der_to_x448_deserializer_functions[];
@@ -368,4 +370,6 @@ extern const OSSL_DISPATCH der_to_ed25519_deserializer_functions[];
 extern const OSSL_DISPATCH der_to_ed448_deserializer_functions[];
 extern const OSSL_DISPATCH der_to_rsa_deserializer_functions[];
 extern const OSSL_DISPATCH der_to_rsapss_deserializer_functions[];
+extern const OSSL_DISPATCH msblob_to_rsa_deserializer_functions[];
+extern const OSSL_DISPATCH pvk_to_rsa_deserializer_functions[];
 extern const OSSL_DISPATCH pem_to_der_deserializer_functions[];
diff --git a/providers/implementations/serializers/build.info b/providers/implementations/serializers/build.info
index d660385163..04f230b334 100644
--- a/providers/implementations/serializers/build.info
+++ b/providers/implementations/serializers/build.info
@@ -12,7 +12,11 @@ $EC_GOAL=../../libimplementations.a
 
 SOURCE[$SERIALIZER_GOAL]=serializer_common.c deserialize_common.c
 
-SOURCE[$RSA_GOAL]=deserialize_der2key.c deserialize_pem2der.c
+SOURCE[$DESERIALIZER_GOAL]=deserialize_der2key.c deserialize_pem2der.c
+IF[{- !$disabled{dsa} -}]
+  SOURCE[$DESERIALIZER_GOAL]=deserialize_ms2key.c
+ENDIF
+
 SOURCE[$RSA_GOAL]=serializer_rsa.c serializer_rsa_priv.c serializer_rsa_pub.c
 DEPEND[serializer_rsa.o]=../../common/include/prov/der_rsa.h
 
diff --git a/providers/implementations/serializers/deserialize_common.c b/providers/implementations/serializers/deserialize_common.c
index 1a9d3d4a77..54c63347fd 100644
--- a/providers/implementations/serializers/deserialize_common.c
+++ b/providers/implementations/serializers/deserialize_common.c
@@ -7,11 +7,13 @@
  * https://www.openssl.org/source/license.html
  */
 
+#include <openssl/core_names.h>
 #include <openssl/bio.h>
 #include <openssl/err.h>
 #include <openssl/buffer.h>
-#include <openssl/pem.h>
+#include <openssl/pem.h>         /* For public PEM and PVK functions */
 #include <openssl/pkcs12.h>
+#include "internal/pem.h"        /* For internal PVK and "blob" functions */
 #include "internal/cryptlib.h"
 #include "crypto/asn1.h"
 #include "prov/bio.h"               /* ossl_prov_bio_printf() */
@@ -45,6 +47,60 @@ int ossl_prov_read_pem(PROV_CTX *provctx, OSSL_CORE_BIO *cin,
     return ok;
 }
 
+#ifndef OPENSSL_NO_DSA
+EVP_PKEY *ossl_prov_read_msblob(PROV_CTX *provctx, OSSL_CORE_BIO *cin,
+                                int *ispub)
+{
+    BIO *in = bio_new_from_core_bio(provctx, cin);
+    EVP_PKEY *pkey = ossl_b2i_bio(in, ispub);
+
+    BIO_free(in);
+    return pkey;
+}
+
+struct pwdata_st {
+    OSSL_PASSPHRASE_CALLBACK *pw_cb;
+    void *pw_cbarg;
+};
+
+pem_password_cb pw_pem_password_to_ossl_passhrase;
+int pw_pem_password_to_ossl_passhrase(char *buf, int size, int rwflag,
+                                      void *userdata)
+{
+    struct pwdata_st *data = userdata;
+    size_t pw_len = 0;
+    static char prompt_info[] = "pass phrase";
+    OSSL_PARAM params[] = {
+        OSSL_PARAM_utf8_string(OSSL_PASSPHRASE_PARAM_INFO, prompt_info,
+                               sizeof(prompt_info) - 1),
+        OSSL_PARAM_END
+    };
+    int ok = data->pw_cb(buf, (size_t)size, &pw_len, params, data->pw_cbarg);
+
+    if (ok)
+        return (int)pw_len;
+    else
+        return -1;
+}
+
+# ifndef OPENSSL_NO_RC4
+EVP_PKEY *ossl_prov_read_pvk(PROV_CTX *provctx, OSSL_CORE_BIO *cin,
+                             OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
+{
+    BIO *in = bio_new_from_core_bio(provctx, cin);
+    EVP_PKEY *pkey = NULL;
+    struct pwdata_st pwdata;
+
+    pwdata.pw_cb = pw_cb;
+    pwdata.pw_cbarg = pw_cbarg;
+    pkey = b2i_PVK_bio(in, pw_pem_password_to_ossl_passhrase, &pwdata);
+
+    BIO_free(in);
+    return pkey;
+}
+# endif
+#endif
+
 int ossl_prov_der_from_p8(unsigned char **new_der, long *new_der_len,
                           unsigned char *input_der, long input_der_len,
                           OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
diff --git a/providers/implementations/serializers/deserialize_der2key.c b/providers/implementations/serializers/deserialize_ms2key.c
similarity index 54%
copy from providers/implementations/serializers/deserialize_der2key.c
copy to providers/implementations/serializers/deserialize_ms2key.c
index d765ad8fab..73d462e41e 100644
--- a/providers/implementations/serializers/deserialize_der2key.c
+++ b/providers/implementations/serializers/deserialize_ms2key.c
@@ -18,17 +18,22 @@
 #include <openssl/crypto.h>
 #include <openssl/params.h>
 #include <openssl/x509.h>
+#include "internal/pem.h"        /* For PVK and "blob" PEM headers */
 #include "prov/bio.h"
 #include "prov/implementations.h"
 #include "serializer_local.h"
 
-static OSSL_FUNC_deserializer_newctx_fn der2rsa_newctx;
-
-static OSSL_FUNC_deserializer_freectx_fn der2key_freectx;
-static OSSL_FUNC_deserializer_gettable_params_fn der2key_gettable_params;
-static OSSL_FUNC_deserializer_get_params_fn der2key_get_params;
-static OSSL_FUNC_deserializer_deserialize_fn der2key_deserialize;
-static OSSL_FUNC_deserializer_export_object_fn der2key_export_object;
+static OSSL_FUNC_deserializer_freectx_fn ms2key_freectx;
+static OSSL_FUNC_deserializer_gettable_params_fn ms2key_gettable_params;
+static OSSL_FUNC_deserializer_get_params_fn msblob2key_get_params;
+#ifndef OPENSSL_NO_RC4
+static OSSL_FUNC_deserializer_get_params_fn pvk2key_get_params;
+#endif
+static OSSL_FUNC_deserializer_deserialize_fn msblob2key_deserialize;
+#ifndef OPENSSL_NO_RC4
+static OSSL_FUNC_deserializer_deserialize_fn pvk2key_deserialize;
+#endif
+static OSSL_FUNC_deserializer_export_object_fn ms2key_export_object;
 
 typedef void *(extract_key_fn)(EVP_PKEY *);
 typedef void (free_key_fn)(void *);
@@ -48,15 +53,15 @@ struct keytype_desc_st {
 /*
  * Context used for DER to key deserialization.
  */
-struct der2key_ctx_st {
+struct ms2key_ctx_st {
     PROV_CTX *provctx;
     const struct keytype_desc_st *desc;
 };
 
-static struct der2key_ctx_st *
-der2key_newctx(void *provctx, const struct keytype_desc_st *desc)
+static struct ms2key_ctx_st *
+ms2key_newctx(void *provctx, const struct keytype_desc_st *desc)
 {
-    struct der2key_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx));
+    struct ms2key_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx));
 
     if (ctx != NULL) {
         ctx->provctx = provctx;
@@ -65,14 +70,14 @@ der2key_newctx(void *provctx, const struct keytype_desc_st *desc)
     return ctx;
 }
 
-static void der2key_freectx(void *vctx)
+static void ms2key_freectx(void *vctx)
 {
-    struct der2key_ctx_st *ctx = vctx;
+    struct ms2key_ctx_st *ctx = vctx;
 
     OPENSSL_free(ctx);
 }
 
-static const OSSL_PARAM *der2key_gettable_params(void *provctx)
+static const OSSL_PARAM *ms2key_gettable_params(void)
 {
     static const OSSL_PARAM gettables[] = {
         { OSSL_DESERIALIZER_PARAM_INPUT_TYPE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 },
@@ -82,58 +87,35 @@ static const OSSL_PARAM *der2key_gettable_params(void *provctx)
     return gettables;
 }
 
-static int der2key_get_params(OSSL_PARAM params[])
+static int msblob2key_get_params(OSSL_PARAM params[])
 {
     OSSL_PARAM *p;
 
     p = OSSL_PARAM_locate(params, OSSL_DESERIALIZER_PARAM_INPUT_TYPE);
-    if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "DER"))
+    if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "MSBLOB"))
         return 0;
 
     return 1;
 }
 
-static int der2key_deserialize(void *vctx, OSSL_CORE_BIO *cin,
-                               OSSL_CALLBACK *data_cb, void *data_cbarg,
-                               OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
+#ifndef OPENSSL_NO_RC4
+static int pvk2key_get_params(OSSL_PARAM params[])
 {
-    struct der2key_ctx_st *ctx = vctx;
-    void *libctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx);
-    unsigned char *der = NULL;
-    const unsigned char *derp;
-    long der_len = 0;
-    unsigned char *new_der = NULL;
-    long new_der_len;
-    EVP_PKEY *pkey = NULL;
-    void *key = NULL;
-    int ok = 0;
+    OSSL_PARAM *p;
 
-    if (!ossl_prov_read_der(ctx->provctx, cin, &der, &der_len))
+    p = OSSL_PARAM_locate(params, OSSL_DESERIALIZER_PARAM_INPUT_TYPE);
+    if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "PVK"))
         return 0;
 
-    /*
-     * Opportunistic attempt to decrypt.  If it doesn't work, we try to
-     * decode our input unencrypted.
-     */
-    if (ossl_prov_der_from_p8(&new_der, &new_der_len, der, der_len,
-                              pw_cb, pw_cbarg)) {
-        OPENSSL_free(der);
-        der = new_der;
-        der_len = new_der_len;
-    }
-
-    derp = der;
-    pkey = d2i_PrivateKey_ex(ctx->desc->type, NULL, &derp, der_len,
-                             libctx, NULL);
-    if (pkey == NULL) {
-        derp = der;
-        pkey = d2i_PUBKEY(NULL, &derp, der_len);
-    }
+    return 1;
+}
+#endif
 
-    if (pkey == NULL) {
-        derp = der;
-        pkey = d2i_KeyParams(ctx->desc->type, NULL, &derp, der_len);
-    }
+static int ms2key_post(struct ms2key_ctx_st *ctx, EVP_PKEY *pkey,
+                       OSSL_CALLBACK *data_cb, void *data_cbarg)
+{
+    void *key = NULL;
+    int ok = 0;
 
     if (pkey != NULL) {
         /*
@@ -146,16 +128,8 @@ static int der2key_deserialize(void *vctx, OSSL_CORE_BIO *cin,
          */
         if (EVP_PKEY_id(pkey) == ctx->desc->type)
             key = ctx->desc->extract_key(pkey);
-
-        /*
-         * ctx->desc->extract_key() is expected to have incremented |key|'s
-         * reference count, so it should be safe to free |pkey| now.
-         */
-        EVP_PKEY_free(pkey);
     }
 
-    OPENSSL_free(der);
-
     if (key != NULL) {
         OSSL_PARAM params[3];
 
@@ -175,11 +149,40 @@ static int der2key_deserialize(void *vctx, OSSL_CORE_BIO *cin,
     return ok;
 }
 
-static int der2key_export_object(void *vctx,
+static int msblob2key_deserialize(void *vctx, OSSL_CORE_BIO *cin,
+                                  OSSL_CALLBACK *data_cb, void *data_cbarg,
+                                  OSSL_PASSPHRASE_CALLBACK *pw_cb,
+                                  void *pw_cbarg)
+{
+    struct ms2key_ctx_st *ctx = vctx;
+    int ispub = -1;
+    EVP_PKEY *pkey = ossl_prov_read_msblob(ctx->provctx, cin, &ispub);
+    int ok = ms2key_post(ctx, pkey, data_cb, data_cbarg);
+
+    EVP_PKEY_free(pkey);
+    return ok;
+}
+
+#ifndef OPENSSL_NO_RC4
+static int pvk2key_deserialize(void *vctx, OSSL_CORE_BIO *cin,
+                               OSSL_CALLBACK *data_cb, void *data_cbarg,
+                               OSSL_PASSPHRASE_CALLBACK *pw_cb,
+                               void *pw_cbarg)
+{
+    struct ms2key_ctx_st *ctx = vctx;
+    EVP_PKEY *pkey = ossl_prov_read_pvk(ctx->provctx, cin, pw_cb, pw_cbarg);
+    int ok = ms2key_post(ctx, pkey, data_cb, data_cbarg);
+
+    EVP_PKEY_free(pkey);
+    return ok;
+}
+#endif
+
+static int ms2key_export_object(void *vctx,
                                  const void *reference, size_t reference_sz,
                                  OSSL_CALLBACK *export_cb, void *export_cbarg)
 {
-    struct der2key_ctx_st *ctx = vctx;
+    struct ms2key_ctx_st *ctx = vctx;
     OSSL_FUNC_keymgmt_export_fn *export =
         ossl_prov_get_keymgmt_export(ctx->desc->fns);
     void *keydata;
@@ -194,46 +197,45 @@ static int der2key_export_object(void *vctx,
     return 0;
 }
 
-#define IMPLEMENT_NEWCTX(KEYTYPEstr, KEYTYPE, keytype, extract, free)   \
+#define IMPLEMENT_TYPE(KEYTYPEstr, KEYTYPE, keytype, extract, free)     \
+    static const struct keytype_desc_st keytype##_desc;                 \
+    static OSSL_FUNC_deserializer_newctx_fn ms2##keytype##_newctx;      \
+    static void *ms2##keytype##_newctx(void *provctx)                   \
+    {                                                                   \
+        return ms2key_newctx(provctx, &keytype##_desc);                 \
+    }                                                                   \
     static const struct keytype_desc_st keytype##_desc =                \
         { EVP_PKEY_##KEYTYPE, KEYTYPEstr, keytype##_keymgmt_functions,  \
           (extract_key_fn *)extract,                                    \
-          (free_key_fn *)free };                                        \
-    static void *der2##keytype##_newctx(void *provctx)                  \
-    {                                                                   \
-        return der2key_newctx(provctx, &keytype##_desc);                \
-    }                                                                   \
-    const OSSL_DISPATCH der_to_##keytype##_deserializer_functions[] = { \
+          (free_key_fn *)free }
+
+#define IMPLEMENT_MS(mstype, keytype)                                   \
+    const OSSL_DISPATCH                                                 \
+    mstype##_to_##keytype##_deserializer_functions[] = {                \
         { OSSL_FUNC_DESERIALIZER_NEWCTX,                                \
-          (void (*)(void))der2##keytype##_newctx },                     \
+          (void (*)(void))ms2##keytype##_newctx },                      \
         { OSSL_FUNC_DESERIALIZER_FREECTX,                               \
-          (void (*)(void))der2key_freectx },                            \
+          (void (*)(void))ms2key_freectx },                             \
         { OSSL_FUNC_DESERIALIZER_GETTABLE_PARAMS,                       \
-          (void (*)(void))der2key_gettable_params },                    \
+          (void (*)(void))ms2key_gettable_params },                     \
         { OSSL_FUNC_DESERIALIZER_GET_PARAMS,                            \
-          (void (*)(void))der2key_get_params },                         \
+          (void (*)(void))mstype##2key_get_params },                    \
         { OSSL_FUNC_DESERIALIZER_DESERIALIZE,                           \
-          (void (*)(void))der2key_deserialize },                        \
+          (void (*)(void))mstype##2key_deserialize },                   \
         { OSSL_FUNC_DESERIALIZER_EXPORT_OBJECT,                         \
-          (void (*)(void))der2key_export_object },                      \
+          (void (*)(void))ms2key_export_object },                       \
         { 0, NULL }                                                     \
     }
 
-#ifndef OPENSSL_NO_DH
-IMPLEMENT_NEWCTX("DH", DH, dh, EVP_PKEY_get1_DH, DH_free);
-#endif
 #ifndef OPENSSL_NO_DSA
-IMPLEMENT_NEWCTX("DSA", DSA, dsa, EVP_PKEY_get1_DSA, DSA_free);
+IMPLEMENT_TYPE("DSA", DSA, dsa, EVP_PKEY_get1_DSA, DSA_free);
+IMPLEMENT_MS(msblob, dsa);
+# ifndef OPENSSL_NO_RC4
+IMPLEMENT_MS(pvk, dsa);
+# endif
 #endif
-#ifndef OPENSSL_NO_EC
-IMPLEMENT_NEWCTX("EC", EC, ec, EVP_PKEY_get1_EC_KEY, EC_KEY_free);
-IMPLEMENT_NEWCTX("X25519", X25519, x25519,
-                 EVP_PKEY_get1_X25519, ecx_key_free);
-IMPLEMENT_NEWCTX("X448", X448, x448,
-                 EVP_PKEY_get1_X448, ecx_key_free);
-IMPLEMENT_NEWCTX("ED25519", ED25519, ed25519,
-                 EVP_PKEY_get1_ED25519, ecx_key_free);
-IMPLEMENT_NEWCTX("ED448", ED448, ed448, EVP_PKEY_get1_ED448, ecx_key_free);
+IMPLEMENT_TYPE("RSA", RSA, rsa, EVP_PKEY_get1_RSA, RSA_free);
+IMPLEMENT_MS(msblob, rsa);
+#ifndef OPENSSL_NO_RC4
+IMPLEMENT_MS(pvk, rsa);
 #endif
-IMPLEMENT_NEWCTX("RSA", RSA, rsa, EVP_PKEY_get1_RSA, RSA_free);
-IMPLEMENT_NEWCTX("RSA-PSS", RSA_PSS, rsapss, EVP_PKEY_get1_RSA, RSA_free);
diff --git a/providers/implementations/serializers/serializer_local.h b/providers/implementations/serializers/serializer_local.h
index d1359f7f4d..49ec8882c6 100644
--- a/providers/implementations/serializers/serializer_local.h
+++ b/providers/implementations/serializers/serializer_local.h
@@ -167,6 +167,14 @@ int ossl_prov_read_der(PROV_CTX *provctx, OSSL_CORE_BIO *cin,
 int ossl_prov_read_pem(PROV_CTX *provctx, OSSL_CORE_BIO *cin,
                        char **pem_name, char **pem_header,
                        unsigned char **data, long *len);
+#ifndef OPENSSL_NO_DSA
+EVP_PKEY *ossl_prov_read_msblob(PROV_CTX *provctx, OSSL_CORE_BIO *cin,
+                                int *ispub);
+# ifndef OPENSSL_NO_RC4
+EVP_PKEY *ossl_prov_read_pvk(PROV_CTX *provctx, OSSL_CORE_BIO *cin,
+                             OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg);
+# endif
+#endif
 
 int ossl_prov_der_from_p8(unsigned char **new_der, long *new_der_len,
                           unsigned char *input_der, long input_der_len,
diff --git a/test/recipes/04-test_serializer_deserializer.t b/test/recipes/04-test_serializer_deserializer.t
index 8da6ffb09f..905fc3fccc 100644
--- a/test/recipes/04-test_serializer_deserializer.t
+++ b/test/recipes/04-test_serializer_deserializer.t
@@ -10,6 +10,14 @@ use strict;
 use warnings;
 
 use OpenSSL::Test::Simple;
-use OpenSSL::Test;
+use OpenSSL::Test qw/:DEFAULT srctop_file bldtop_dir/;
+use Cwd qw(abs_path);
 
-simple_test("test_serializer_deserializer", "serdes_test");
+setup("test_serializer_deserializer");
+
+plan tests => 1;
+
+$ENV{OPENSSL_MODULES} = abs_path(bldtop_dir("providers"));
+$ENV{OPENSSL_CONF} = abs_path(srctop_file("test", "default-and-legacy.cnf"));
+
+ok(run(test(["serdes_test"])));
diff --git a/test/serdes_test.c b/test/serdes_test.c
index 85165523ca..43d64155f5 100644
--- a/test/serdes_test.c
+++ b/test/serdes_test.c
@@ -16,6 +16,7 @@
 #include <openssl/serializer.h>
 #include <openssl/deserializer.h>
 
+#include "internal/pem.h"        /* For PVK and "blob" PEM headers */
 #include "internal/cryptlib.h"   /* ossl_assert */
 
 #include "testutil.h"
@@ -255,6 +256,102 @@ static int serialize_EVP_PKEY_legacy_PEM(void **serialized,
     return ok;
 }
 
+#ifndef OPENSSL_NO_DSA
+static int serialize_EVP_PKEY_MSBLOB(void **serialized,
+                                     long *serialized_len,
+                                     void *object,
+                                     ossl_unused const char *pass,
+                                     ossl_unused const char *pcipher,
+                                     ossl_unused const char *ser_propq)
+{
+    EVP_PKEY *pkey = object;
+    BIO *mem_ser = NULL;
+    BUF_MEM *mem_buf = NULL;
+    int ok = 0;
+
+    if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
+        || !TEST_int_ge(i2b_PrivateKey_bio(mem_ser, pkey), 0)
+        || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
+        || !TEST_ptr(*serialized = mem_buf->data)
+        || !TEST_long_gt(*serialized_len = mem_buf->length, 0))
+        goto end;
+
+    /* Detach the serialized output */
+    mem_buf->data = NULL;
+    mem_buf->length = 0;
+    ok = 1;
+ end:
+    BIO_free(mem_ser);
+    return ok;
+}
+
+static int serialize_public_EVP_PKEY_MSBLOB(void **serialized,
+                                            long *serialized_len,
+                                            void *object,
+                                            ossl_unused const char *pass,
+                                            ossl_unused const char *pcipher,
+                                            ossl_unused const char *ser_propq)
+{
+    EVP_PKEY *pkey = object;
+    BIO *mem_ser = NULL;
+    BUF_MEM *mem_buf = NULL;
+    int ok = 0;
+
+    if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
+        || !TEST_int_ge(i2b_PublicKey_bio(mem_ser, pkey), 0)
+        || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
+        || !TEST_ptr(*serialized = mem_buf->data)
+        || !TEST_long_gt(*serialized_len = mem_buf->length, 0))
+        goto end;
+
+    /* Detach the serialized output */
+    mem_buf->data = NULL;
+    mem_buf->length = 0;
+    ok = 1;
+ end:
+    BIO_free(mem_ser);
+    return ok;
+}
+
+# ifndef OPENSSL_NO_RC4
+static pem_password_cb pass_pw;
+static int pass_pw(char *buf, int size, int rwflag, void *userdata)
+{
+    OPENSSL_strlcpy(buf, userdata, size);
+    return strlen(userdata);
+}
+
+static int serialize_EVP_PKEY_PVK(void **serialized, long *serialized_len,
+                                  void *object,
+                                  const char *pass,
+                                  ossl_unused const char *pcipher,
+                                  ossl_unused const char *ser_propq)
+{
+    EVP_PKEY *pkey = object;
+    BIO *mem_ser = NULL;
+    BUF_MEM *mem_buf = NULL;
+    int enc = (pass != NULL);
+    int ok = 0;
+
+    if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
+        || !TEST_int_ge(i2b_PVK_bio(mem_ser, pkey, enc,
+                                    pass_pw, (void *)pass), 0)
+        || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
+        || !TEST_ptr(*serialized = mem_buf->data)
+        || !TEST_long_gt(*serialized_len = mem_buf->length, 0))
+        goto end;
+
+    /* Detach the serialized output */
+    mem_buf->data = NULL;
+    mem_buf->length = 0;
+    ok = 1;
+ end:
+    BIO_free(mem_ser);
+    return ok;
+}
+# endif
+#endif
+
 static int test_text(const void *data1, size_t data1_len,
                      const void *data2, size_t data2_len)
 {
@@ -348,6 +445,49 @@ static int test_unprotected_via_legacy_PEM(const char *type, EVP_PKEY *key)
                                       NULL, 1);
 }
 
+#ifndef OPENSSL_NO_DSA
+static int check_MSBLOB(const char *type, const void *data, size_t data_len)
+{
+    const unsigned char *datap = data;
+    EVP_PKEY *pkey = b2i_PrivateKey(&datap, data_len);
+    int ok = TEST_ptr(pkey);
+
+    EVP_PKEY_free(pkey);
+    return ok;
+}
+
+static int test_unprotected_via_MSBLOB(const char *type, EVP_PKEY *key)
+{
+    return test_serialize_deserialize(type, key, NULL, NULL,
+                                      serialize_EVP_PKEY_MSBLOB,
+                                      deserialize_EVP_PKEY_prov,
+                                      test_mem,
+                                      check_MSBLOB, dump_der,
+                                      NULL, 0);
+}
+
+# ifndef OPENSSL_NO_RC4
+static int check_PVK(const char *type, const void *data, size_t data_len)
+{
+    const unsigned char *in = data;
+    unsigned int saltlen = 0, keylen = 0;
+    int ok = ossl_do_PVK_header(&in, data_len, 0, &saltlen, &keylen);
+
+    return ok;
+}
+
+static int test_unprotected_via_PVK(const char *type, EVP_PKEY *key)
+{
+    return test_serialize_deserialize(type, key, NULL, NULL,
+                                      serialize_EVP_PKEY_PVK,
+                                      deserialize_EVP_PKEY_prov,
+                                      test_mem,
+                                      check_PVK, dump_der,
+                                      NULL, 0);
+}
+# endif
+#endif
+
 static const char *pass_cipher = "AES-256-CBC";
 static const char *pass = "the holy handgrenade of antioch";
 
@@ -414,6 +554,18 @@ static int test_protected_via_legacy_PEM(const char *type, EVP_PKEY *key)
                                       NULL, 1);
 }
 
+#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
+static int test_protected_via_PVK(const char *type, EVP_PKEY *key)
+{
+    return test_serialize_deserialize(type, key, pass, NULL,
+                                      serialize_EVP_PKEY_PVK,
+                                      deserialize_EVP_PKEY_prov,
+                                      test_mem,
+                                      check_PVK, dump_der,
+                                      NULL, 0);
+}
+#endif
+
 static int check_public_DER(const char *type, const void *data, size_t data_len)
 {
     const unsigned char *datap = data;
@@ -454,6 +606,29 @@ static int test_public_via_PEM(const char *type, EVP_PKEY *key)
                                       0);
 }
 
+#ifndef OPENSSL_NO_DSA
+static int check_public_MSBLOB(const char *type,
+                               const void *data, size_t data_len)
+{
+    const unsigned char *datap = data;
+    EVP_PKEY *pkey = b2i_PublicKey(&datap, data_len);
+    int ok = TEST_ptr(pkey);
+
+    EVP_PKEY_free(pkey);
+    return ok;
+}
+
+static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key)
+{
+    return test_serialize_deserialize(type, key, NULL, NULL,
+                                      serialize_public_EVP_PKEY_MSBLOB,
+                                      deserialize_EVP_PKEY_prov,
+                                      test_mem,
+                                      check_public_MSBLOB, dump_der,
+                                      NULL, 0);
+}
+#endif
+
 #define KEYS(KEYTYPE)                           \
     static EVP_PKEY *key_##KEYTYPE = NULL;      \
     static EVP_PKEY *legacy_key_##KEYTYPE = NULL
@@ -530,6 +705,38 @@ static int test_public_via_PEM(const char *type, EVP_PKEY *key)
     ADD_TEST(test_public_##KEYTYPE##_via_DER);                  \
     ADD_TEST(test_public_##KEYTYPE##_via_PEM)
 
+#ifndef OPENSSL_NO_DSA
+# define IMPLEMENT_TEST_SUITE_MSBLOB(KEYTYPE, KEYTYPEstr)               \
+    static int test_unprotected_##KEYTYPE##_via_MSBLOB(void)            \
+    {                                                                   \
+        return test_unprotected_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE);  \
+    }                                                                   \
+    static int test_public_##KEYTYPE##_via_MSBLOB(void)                 \
+    {                                                                   \
+        return test_public_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE);       \
+    }
+
+# define ADD_TEST_SUITE_MSBLOB(KEYTYPE)                         \
+    ADD_TEST(test_unprotected_##KEYTYPE##_via_MSBLOB);          \
+    ADD_TEST(test_public_##KEYTYPE##_via_MSBLOB)
+
+# ifndef OPENSSL_NO_RC4
+#  define IMPLEMENT_TEST_SUITE_PVK(KEYTYPE, KEYTYPEstr)                 \
+    static int test_unprotected_##KEYTYPE##_via_PVK(void)               \
+    {                                                                   \
+        return test_unprotected_via_PVK(KEYTYPEstr, key_##KEYTYPE);     \
+    }                                                                   \
+    static int test_protected_##KEYTYPE##_via_PVK(void)                 \
+    {                                                                   \
+        return test_protected_via_PVK(KEYTYPEstr, key_##KEYTYPE);       \
+    }
+
+#  define ADD_TEST_SUITE_PVK(KEYTYPE)                           \
+    ADD_TEST(test_unprotected_##KEYTYPE##_via_PVK);             \
+    ADD_TEST(test_protected_##KEYTYPE##_via_PVK)
+# endif
+#endif
+
 #ifndef OPENSSL_NO_DH
 DOMAIN_KEYS(DH);
 IMPLEMENT_TEST_SUITE(DH, "DH")
@@ -537,6 +744,10 @@ IMPLEMENT_TEST_SUITE(DH, "DH")
 #ifndef OPENSSL_NO_DSA
 DOMAIN_KEYS(DSA);
 IMPLEMENT_TEST_SUITE(DSA, "DSA")
+IMPLEMENT_TEST_SUITE_MSBLOB(DSA, "DSA")
+# ifndef OPENSSL_NO_RC4
+IMPLEMENT_TEST_SUITE_PVK(DSA, "DSA")
+# endif
 #endif
 #ifndef OPENSSL_NO_EC
 DOMAIN_KEYS(EC);
@@ -554,11 +765,27 @@ KEYS(RSA);
 IMPLEMENT_TEST_SUITE(RSA, "RSA")
 KEYS(RSA_PSS);
 IMPLEMENT_TEST_SUITE(RSA_PSS, "RSA-PSS")
+#ifndef OPENSSL_NO_DSA
+IMPLEMENT_TEST_SUITE_MSBLOB(RSA, "RSA")
+# ifndef OPENSSL_NO_RC4
+IMPLEMENT_TEST_SUITE_PVK(RSA, "RSA")
+# endif
+#endif
 
 int setup_tests(void)
 {
     int ok = 1;
 
+#ifndef OPENSSL_NO_DSA
+    static size_t qbits = 160;  /* PVK only tolerates 160 Q bits */
+    static size_t pbits = 1024; /* With 160 Q bits, we MUST use 1024 P bits */
+    OSSL_PARAM DSA_params[] = {
+        OSSL_PARAM_size_t("pbits", &pbits),
+        OSSL_PARAM_size_t("qbits", &qbits),
+        OSSL_PARAM_END
+    };
+#endif
+
 #ifndef OPENSSL_NO_EC
     static char groupname[] = "prime256v1";
     OSSL_PARAM EC_params[] = {
@@ -579,7 +806,7 @@ int setup_tests(void)
     MAKE_DOMAIN_KEYS(DH, "DH", NULL);
 #endif
 #ifndef OPENSSL_NO_DSA
-    MAKE_DOMAIN_KEYS(DSA, "DSA", NULL);
+    MAKE_DOMAIN_KEYS(DSA, "DSA", DSA_params);
 #endif
 #ifndef OPENSSL_NO_EC
     MAKE_DOMAIN_KEYS(EC, "EC", EC_params);
@@ -598,6 +825,10 @@ int setup_tests(void)
 #endif
 #ifndef OPENSSL_NO_DSA
         ADD_TEST_SUITE(DSA);
+        ADD_TEST_SUITE_MSBLOB(DSA);
+# ifndef OPENSSL_NO_RC4
+        ADD_TEST_SUITE_PVK(DSA);
+# endif
 #endif
 #ifndef OPENSSL_NO_EC
         ADD_TEST_SUITE(EC);
@@ -608,6 +839,12 @@ int setup_tests(void)
 #endif
         ADD_TEST_SUITE(RSA);
         ADD_TEST_SUITE(RSA_PSS);
+#ifndef OPENSSL_NO_DSA
+        ADD_TEST_SUITE_MSBLOB(RSA);
+# ifndef OPENSSL_NO_RC4
+        ADD_TEST_SUITE_PVK(RSA);
+# endif
+#endif
     }
 
     return 1;

From levitte at openssl.org  Fri Aug  7 02:15:32 2020
From: levitte at openssl.org (Richard Levitte)
Date: Fri, 07 Aug 2020 02:15:32 +0000
Subject: [openssl]  master update
Message-ID: <1596766532.538739.14288.nullmailer@dev.openssl.org>

The branch master has been updated
       via  90ef39f43ad5bf4e85c56a79d0b56fb590b3c7f7 (commit)
      from  a7922e208ddfbdcff44d1b3fa5839f96510d04bd (commit)


- Log -----------------------------------------------------------------
commit 90ef39f43ad5bf4e85c56a79d0b56fb590b3c7f7
Author: Richard Levitte <levitte at openssl.org>
Date:   Wed Aug 5 10:40:01 2020 +0200

    EVP: Fix the returned value for ASN1_PKEY_CTRL_DEFAULT_MD_NID
    
    Trust the returned value from EVP_PKEY_get_default_digest_name()!  It
    mimics exactly the values that EVP_PKEY_get_default_digest_nid() is
    supposed to return, and that value should simply be passed unchanged.
    Callers depend on it.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12586)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/p_lib.c | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index 3e3f2118a2..2563cd97ca 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -1202,19 +1202,18 @@ static int legacy_asn1_ctrl_to_param(EVP_PKEY *pkey, int op,
     case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
         {
             char mdname[80] = "";
-            int nid;
             int rv = EVP_PKEY_get_default_digest_name(pkey, mdname,
                                                       sizeof(mdname));
 
-            if (rv <= 0)
-                return rv;
-            nid = OBJ_sn2nid(mdname);
-            if (nid == NID_undef)
-                nid = OBJ_ln2nid(mdname);
-            if (nid == NID_undef)
-                return 0;
-            *(int *)arg2 = nid;
-            return 1;
+            if (rv > 0) {
+                int nid;
+
+                nid = OBJ_sn2nid(mdname);
+                if (nid == NID_undef)
+                    nid = OBJ_ln2nid(mdname);
+                *(int *)arg2 = nid;
+            }
+            return rv;
         }
     default:
         return -2;

From builds at travis-ci.com  Fri Aug  7 02:32:16 2020
From: builds at travis-ci.com (Travis CI)
Date: Fri, 07 Aug 2020 02:32:16 +0000
Subject: Still Failing: openssl/openssl#36538 (master - 5f6a0b2)
In-Reply-To: <openssl/openssl+178820289+still failing@travis-ci.com>
Message-ID: <5f2cbd20ec59b_13f84f2daa280120660@travis-pro-tasks-544b56898d-bhdfx.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36538
Status: Still Failing

Duration: 55 mins and 16 secs
Commit: 5f6a0b2 (master)
Author: Pauli
Message: mac: add some consistency to setting the XXX_final output length.

The various MACs were all over the place with respects to what they did with
the output length in the final call.  Now they all unconditionally set the
output length and the EVP layer handles the possibility of a NULL pointer.

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12582)

View the changeset: https://github.com/openssl/openssl/compare/992492f5e82e...5f6a0b2ff055

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178820289?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200807/7bf58aca/attachment.html>

From no-reply at appveyor.com  Fri Aug  7 03:08:53 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 07 Aug 2020 03:08:53 +0000
Subject: Build failed: openssl master.36002
Message-ID: <20200807030853.1.BA50CF5E9122B97E@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200807/b23a4e41/attachment-0001.html>

From levitte at openssl.org  Fri Aug  7 03:13:58 2020
From: levitte at openssl.org (Richard Levitte)
Date: Fri, 07 Aug 2020 03:13:58 +0000
Subject: [openssl]  master update
Message-ID: <1596770038.014886.24825.nullmailer@dev.openssl.org>

The branch master has been updated
       via  4df0d37ff6cc399b93f9ef2524d087c2d67d41b5 (commit)
      from  90ef39f43ad5bf4e85c56a79d0b56fb590b3c7f7 (commit)


- Log -----------------------------------------------------------------
commit 4df0d37ff6cc399b93f9ef2524d087c2d67d41b5
Author: Richard Levitte <levitte at openssl.org>
Date:   Fri Aug 7 04:44:06 2020 +0200

    PROV: Fix MSBLOB / PVK deserializer
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12601)

-----------------------------------------------------------------------

Summary of changes:
 providers/implementations/serializers/deserialize_ms2key.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/providers/implementations/serializers/deserialize_ms2key.c b/providers/implementations/serializers/deserialize_ms2key.c
index 73d462e41e..8b9ddec6a0 100644
--- a/providers/implementations/serializers/deserialize_ms2key.c
+++ b/providers/implementations/serializers/deserialize_ms2key.c
@@ -77,7 +77,7 @@ static void ms2key_freectx(void *vctx)
     OPENSSL_free(ctx);
 }
 
-static const OSSL_PARAM *ms2key_gettable_params(void)
+static const OSSL_PARAM *ms2key_gettable_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM gettables[] = {
         { OSSL_DESERIALIZER_PARAM_INPUT_TYPE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 },

From no-reply at appveyor.com  Fri Aug  7 03:42:48 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 07 Aug 2020 03:42:48 +0000
Subject: Build completed: openssl master.36003
Message-ID: <20200807034248.1.3DE189B6812F4BCF@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200807/3cb0ce5d/attachment.html>

From pauli at openssl.org  Fri Aug  7 04:17:49 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Fri, 07 Aug 2020 04:17:49 +0000
Subject: [openssl]  master update
Message-ID: <1596773869.381581.1495.nullmailer@dev.openssl.org>

The branch master has been updated
       via  64827f407b0b603f585d7fadfd7e61a60ed7a45b (commit)
       via  7d615e2178fbffa53f05a67f68e5741374340308 (commit)
      from  4df0d37ff6cc399b93f9ef2524d087c2d67d41b5 (commit)


- Log -----------------------------------------------------------------
commit 64827f407b0b603f585d7fadfd7e61a60ed7a45b
Author: Pauli <paul.dale at oracle.com>
Date:   Thu Aug 6 11:11:44 2020 +1000

    drbgtest: avoid a memory leak
    
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
    (Merged from https://github.com/openssl/openssl/pull/12509)

commit 7d615e2178fbffa53f05a67f68e5741374340308
Author: Pauli <paul.dale at oracle.com>
Date:   Wed Jul 22 12:55:31 2020 +1000

    rand_drbg: remove RAND_DRBG.
    
    The RAND_DRBG API did not fit well into the new provider concept as
    implemented by EVP_RAND and EVP_RAND_CTX. The main reason is that the
    RAND_DRBG API is a mixture of 'front end' and 'back end' API calls
    and some of its API calls are rather low-level. This holds in particular
    for the callback mechanism (RAND_DRBG_set_callbacks()) and the RAND_DRBG
    type changing mechanism (RAND_DRBG_set()).
    
    Adding a compatibility layer to continue supporting the RAND_DRBG API as
    a legacy API for a regular deprecation period turned out to come at the
    price of complicating the new provider API unnecessarily. Since the
    RAND_DRBG API exists only since version 1.1.1, it was decided by the OMC
    to drop it entirely.
    
    Other related changes:
    
    Use RNG instead of DRBG in EVP_RAND documentation.  The documentation was
    using DRBG in places where it should have been RNG or CSRNG.
    
    Move the RAND_DRBG(7) documentation to EVP_RAND(7).
    
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
    (Merged from https://github.com/openssl/openssl/pull/12509)

-----------------------------------------------------------------------

Summary of changes:
 CHANGES.md                                         |   16 +
 NEWS.md                                            |    1 +
 crypto/err/openssl.txt                             |    4 +-
 crypto/evp/e_aria.c                                |    1 -
 crypto/evp/evp_enc.c                               |    1 -
 crypto/evp/evp_local.h                             |   27 -
 crypto/evp/evp_rand.c                              |   63 +-
 crypto/rand/build.info                             |    2 +-
 crypto/rand/drbg_lib.c                             | 1016 ---
 crypto/rand/rand_err.c                             |    4 +
 crypto/rand/rand_lib.c                             |  285 +-
 crypto/rand/rand_local.h                           |   34 +-
 crypto/rand/rand_meth.c                            |   69 +
 crypto/rand/randfile.c                             |    1 -
 doc/man1/openssl-rand.pod.in                       |    4 +-
 doc/man3/BIO_get_ex_new_index.pod                  |    3 -
 doc/man3/BN_rand.pod                               |    2 +-
 doc/man3/CRYPTO_get_ex_new_index.pod               |    1 -
 doc/man3/EVP_RAND.pod                              |   20 +-
 doc/man3/RAND_DRBG_generate.pod                    |   90 -
 doc/man3/RAND_DRBG_get0_public.pod                 |   97 -
 doc/man3/RAND_DRBG_new.pod                         |  170 -
 doc/man3/RAND_DRBG_reseed.pod                      |  118 -
 doc/man3/RAND_DRBG_set_callbacks.pod               |  171 -
 doc/man3/RAND_add.pod                              |    4 +-
 doc/man3/RAND_bytes.pod                            |    4 +-
 doc/man3/RAND_get0_primary.pod                     |   78 +
 doc/man7/{RAND_DRBG.pod => EVP_RAND.pod}           |  111 +-
 doc/man7/RAND.pod                                  |   35 +-
 doc/man7/provider-rand.pod                         |   14 +-
 include/openssl/core_dispatch.h                    |    3 +-
 include/openssl/evp.h                              |    6 +-
 include/openssl/rand.h                             |   15 +
 include/openssl/rand_drbg.h                        |  168 -
 include/openssl/randerr.h                          |    2 +
 providers/fips/fipsprov.c                          |    4 +-
 providers/implementations/include/prov/rand_pool.h |    2 +-
 providers/implementations/rands/drbg.c             |   89 +-
 providers/implementations/rands/drbg_ctr.c         |    1 -
 providers/implementations/rands/drbg_hash.c        |    1 -
 providers/implementations/rands/drbg_hmac.c        |    1 -
 providers/implementations/rands/drbg_local.h       |    9 -
 ssl/ssl_lib.c                                      |    1 -
 test/build.info                                    |   12 +-
 test/drbg_cavs_data_ctr.c                          | 7769 ------------------
 test/drbg_cavs_data_hash.c                         | 8387 --------------------
 test/drbg_cavs_data_hmac.c                         |  285 -
 test/drbg_cavs_test.c                              |  308 -
 test/drbg_extra_test.c                             |   92 -
 test/drbgtest.c                                    |  857 +-
 test/recipes/05-test_rand.t                        |    6 +-
 util/libcrypto.num                                 |   55 +-
 52 files changed, 723 insertions(+), 19796 deletions(-)
 delete mode 100644 crypto/rand/drbg_lib.c
 create mode 100644 crypto/rand/rand_meth.c
 delete mode 100644 doc/man3/RAND_DRBG_generate.pod
 delete mode 100644 doc/man3/RAND_DRBG_get0_public.pod
 delete mode 100644 doc/man3/RAND_DRBG_new.pod
 delete mode 100644 doc/man3/RAND_DRBG_reseed.pod
 delete mode 100644 doc/man3/RAND_DRBG_set_callbacks.pod
 create mode 100644 doc/man3/RAND_get0_primary.pod
 rename doc/man7/{RAND_DRBG.pod => EVP_RAND.pod} (77%)
 delete mode 100644 include/openssl/rand_drbg.h
 delete mode 100644 test/drbg_cavs_data_ctr.c
 delete mode 100644 test/drbg_cavs_data_hash.c
 delete mode 100644 test/drbg_cavs_data_hmac.c
 delete mode 100644 test/drbg_cavs_test.c
 delete mode 100644 test/drbg_extra_test.c

diff --git a/CHANGES.md b/CHANGES.md
index 75ecfc22f4..3ecdd5d99b 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -23,6 +23,22 @@ OpenSSL 3.0
 
 ### Changes between 1.1.1 and 3.0 [xx XXX xxxx]
 
+ * Remove the RAND_DRBG API
+
+   The RAND_DRBG API did not fit well into the new provider concept as
+   implemented by EVP_RAND and EVP_RAND_CTX. The main reason is that the
+   RAND_DRBG API is a mixture of 'front end' and 'back end' API calls
+   and some of its API calls are rather low-level. This holds in particular
+   for the callback mechanism (RAND_DRBG_set_callbacks()).
+
+   Adding a compatibility layer to continue supporting the RAND_DRBG API as
+   a legacy API for a regular deprecation period turned out to come at the
+   price of complicating the new provider API unnecessarily. Since the
+   RAND_DRBG API exists only since version 1.1.1, it was decided by the OMC
+   to drop it entirely.
+
+   *Paul Dale and Matthias St. Pierre*
+
  * Allow SSL_set1_host() and SSL_add1_host() to take IP literal addresses
    as well as actual hostnames.
 
diff --git a/NEWS.md b/NEWS.md
index 801016f2b5..e40b2932b3 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -20,6 +20,7 @@ OpenSSL 3.0
 
 ### Major changes between OpenSSL 1.1.1 and OpenSSL 3.0 [under development]
 
+  * Remove the `RAND_DRBG` API.
   * Deprecated the `ENGINE` API.
   * Added `OPENSSL_CTX`, a libcrypto library context.
   * Interactive mode is removed from the 'openssl' program.
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index cbfc495a0a..af19ab26cd 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2989,6 +2989,8 @@ RAND_R_RESEED_ERROR:118:reseed error
 RAND_R_SELFTEST_FAILURE:119:selftest failure
 RAND_R_TOO_LITTLE_NONCE_REQUESTED:135:too little nonce requested
 RAND_R_TOO_MUCH_NONCE_REQUESTED:136:too much nonce requested
+RAND_R_UNABLE_TO_CREATE_DRBG:143:unable to create drbg
+RAND_R_UNABLE_TO_FETCH_DRBG:144:unable to fetch drbg
 RAND_R_UNABLE_TO_GET_PARENT_RESEED_PROP_COUNTER:141:\
 	unable to get parent reseed prop counter
 RAND_R_UNABLE_TO_GET_PARENT_STRENGTH:138:unable to get parent strength
@@ -3467,13 +3469,13 @@ X509V3_R_INCORRECT_POLICY_SYNTAX_TAG:152:incorrect policy syntax tag
 X509V3_R_INVALID_ASNUMBER:162:invalid asnumber
 X509V3_R_INVALID_ASRANGE:163:invalid asrange
 X509V3_R_INVALID_BOOLEAN_STRING:104:invalid boolean string
+X509V3_R_INVALID_EMPTY_NAME:108:invalid empty name
 X509V3_R_INVALID_EXTENSION_STRING:105:invalid extension string
 X509V3_R_INVALID_INHERITANCE:165:invalid inheritance
 X509V3_R_INVALID_IPADDRESS:166:invalid ipaddress
 X509V3_R_INVALID_MULTIPLE_RDNS:161:invalid multiple rdns
 X509V3_R_INVALID_NAME:106:invalid name
 X509V3_R_INVALID_NULL_ARGUMENT:107:invalid null argument
-X509V3_R_INVALID_EMPTY_NAME:108:invalid empty name
 X509V3_R_INVALID_NULL_VALUE:109:invalid null value
 X509V3_R_INVALID_NUMBER:140:invalid number
 X509V3_R_INVALID_NUMBERS:141:invalid numbers
diff --git a/crypto/evp/e_aria.c b/crypto/evp/e_aria.c
index 9720fcb7e5..ba654f6b94 100644
--- a/crypto/evp/e_aria.c
+++ b/crypto/evp/e_aria.c
@@ -13,7 +13,6 @@
 # include <openssl/evp.h>
 # include <openssl/modes.h>
 # include <openssl/rand.h>
-# include <openssl/rand_drbg.h>
 # include "crypto/aria.h"
 # include "crypto/evp.h"
 # include "crypto/modes.h"
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 6ade73e978..2f00f9a13b 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -16,7 +16,6 @@
 #include <openssl/evp.h>
 #include <openssl/err.h>
 #include <openssl/rand.h>
-#include <openssl/rand_drbg.h>
 #include <openssl/engine.h>
 #include <openssl/params.h>
 #include <openssl/core_names.h>
diff --git a/crypto/evp/evp_local.h b/crypto/evp/evp_local.h
index 99c53484a6..1e1d689070 100644
--- a/crypto/evp/evp_local.h
+++ b/crypto/evp/evp_local.h
@@ -71,33 +71,6 @@ struct evp_rand_ctx_st {
     void *data;                 /* Algorithm-specific data */
 } /* EVP_RAND_CTX */ ;
 
-struct evp_rand_st {
-    OSSL_PROVIDER *prov;
-    int name_id;
-    CRYPTO_REF_COUNT refcnt;
-    CRYPTO_RWLOCK *refcnt_lock;
-
-    const OSSL_DISPATCH *dispatch;
-    OSSL_FUNC_rand_newctx_fn *newctx;
-    OSSL_FUNC_rand_freectx_fn *freectx;
-    OSSL_FUNC_rand_instantiate_fn *instantiate;
-    OSSL_FUNC_rand_uninstantiate_fn *uninstantiate;
-    OSSL_FUNC_rand_generate_fn *generate;
-    OSSL_FUNC_rand_reseed_fn *reseed;
-    OSSL_FUNC_rand_nonce_fn *nonce;
-    OSSL_FUNC_rand_enable_locking_fn *enable_locking;
-    OSSL_FUNC_rand_lock_fn *lock;
-    OSSL_FUNC_rand_unlock_fn *unlock;
-    OSSL_FUNC_rand_gettable_params_fn *gettable_params;
-    OSSL_FUNC_rand_gettable_ctx_params_fn *gettable_ctx_params;
-    OSSL_FUNC_rand_settable_ctx_params_fn *settable_ctx_params;
-    OSSL_FUNC_rand_get_params_fn *get_params;
-    OSSL_FUNC_rand_get_ctx_params_fn *get_ctx_params;
-    OSSL_FUNC_rand_set_ctx_params_fn *set_ctx_params;
-    OSSL_FUNC_rand_set_callbacks_fn *set_callbacks;
-    OSSL_FUNC_rand_verify_zeroization_fn *verify_zeroization;
-} /* EVP_RAND */ ;
-
 struct evp_keymgmt_st {
     int id;                      /* libcrypto internal */
 
diff --git a/crypto/evp/evp_rand.c b/crypto/evp/evp_rand.c
index 9056f6d20b..0e5e8c11f9 100644
--- a/crypto/evp/evp_rand.c
+++ b/crypto/evp/evp_rand.c
@@ -25,6 +25,32 @@
 #include "internal/provider.h"
 #include "evp_local.h"
 
+struct evp_rand_st {
+    OSSL_PROVIDER *prov;
+    int name_id;
+    CRYPTO_REF_COUNT refcnt;
+    CRYPTO_RWLOCK *refcnt_lock;
+
+    const OSSL_DISPATCH *dispatch;
+    OSSL_FUNC_rand_newctx_fn *newctx;
+    OSSL_FUNC_rand_freectx_fn *freectx;
+    OSSL_FUNC_rand_instantiate_fn *instantiate;
+    OSSL_FUNC_rand_uninstantiate_fn *uninstantiate;
+    OSSL_FUNC_rand_generate_fn *generate;
+    OSSL_FUNC_rand_reseed_fn *reseed;
+    OSSL_FUNC_rand_nonce_fn *nonce;
+    OSSL_FUNC_rand_enable_locking_fn *enable_locking;
+    OSSL_FUNC_rand_lock_fn *lock;
+    OSSL_FUNC_rand_unlock_fn *unlock;
+    OSSL_FUNC_rand_gettable_params_fn *gettable_params;
+    OSSL_FUNC_rand_gettable_ctx_params_fn *gettable_ctx_params;
+    OSSL_FUNC_rand_settable_ctx_params_fn *settable_ctx_params;
+    OSSL_FUNC_rand_get_params_fn *get_params;
+    OSSL_FUNC_rand_get_ctx_params_fn *get_ctx_params;
+    OSSL_FUNC_rand_set_ctx_params_fn *set_ctx_params;
+    OSSL_FUNC_rand_verify_zeroization_fn *verify_zeroization;
+} /* EVP_RAND */ ;
+
 static int evp_rand_up_ref(void *vrand)
 {
     EVP_RAND *rand = (EVP_RAND *)vrand;
@@ -144,11 +170,6 @@ static void *evp_rand_from_dispatch(int name_id,
                 break;
             rand->nonce = OSSL_FUNC_rand_nonce(fns);
             break;
-        case OSSL_FUNC_RAND_SET_CALLBACKS:
-            if (rand->set_callbacks != NULL)
-                break;
-            rand->set_callbacks = OSSL_FUNC_rand_set_callbacks(fns);
-            break;
         case OSSL_FUNC_RAND_ENABLE_LOCKING:
             if (rand->enable_locking != NULL)
                 break;
@@ -579,38 +600,6 @@ int EVP_RAND_state(EVP_RAND_CTX *ctx)
     return state;
 }
 
-static int evp_rand_set_callbacks_locked(EVP_RAND_CTX *ctx,
-                                         OSSL_INOUT_CALLBACK *get_entropy,
-                                         OSSL_CALLBACK *cleanup_entropy,
-                                         OSSL_INOUT_CALLBACK *get_nonce,
-                                         OSSL_CALLBACK *cleanup_nonce,
-                                         void *arg)
-{
-    if (ctx->meth->set_callbacks == NULL) {
-        EVPerr(0, EVP_R_UNABLE_TO_SET_CALLBACKS);
-        return 0;
-    }
-    ctx->meth->set_callbacks(ctx->data, get_entropy, cleanup_entropy,
-                             get_nonce, cleanup_nonce, arg);
-    return 1;
-}
-
-int EVP_RAND_set_callbacks(EVP_RAND_CTX *ctx,
-                           OSSL_INOUT_CALLBACK *get_entropy,
-                           OSSL_CALLBACK *cleanup_entropy,
-                           OSSL_INOUT_CALLBACK *get_nonce,
-                           OSSL_CALLBACK *cleanup_nonce, void *arg)
-{
-    int res;
-
-    if (!evp_rand_lock(ctx))
-        return 0;
-    res = evp_rand_set_callbacks_locked(ctx, get_entropy, cleanup_entropy,
-                                        get_nonce, cleanup_nonce, arg);
-    evp_rand_unlock(ctx);
-    return res;
-}
-
 static int evp_rand_verify_zeroization_locked(EVP_RAND_CTX *ctx)
 {
     if (ctx->meth->verify_zeroization != NULL)
diff --git a/crypto/rand/build.info b/crypto/rand/build.info
index 7776ca8820..f58a026f3b 100644
--- a/crypto/rand/build.info
+++ b/crypto/rand/build.info
@@ -1,6 +1,6 @@
 LIBS=../../libcrypto
 
-$COMMON=drbg_lib.c rand_lib.c
+$COMMON=rand_lib.c rand_meth.c
 $CRYPTO=randfile.c rand_err.c rand_deprecated.c
 
 IF[{- !$disabled{'egd'} -}]
diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c
deleted file mode 100644
index d2566920cd..0000000000
--- a/crypto/rand/drbg_lib.c
+++ /dev/null
@@ -1,1016 +0,0 @@
-/*
- * Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-/*
- * RAND_DRBG_set is deprecated for public use, but still ok for
- * internal use.
- */
-#include "internal/deprecated.h"
-
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/rand.h>
-#include <openssl/core_names.h>
-#include "rand_local.h"
-#include "internal/thread_once.h"
-#include "crypto/rand.h"
-#include "crypto/cryptlib.h"
-
-/*
- * Support framework for NIST SP 800-90A DRBG
- *
- * See manual page RAND_DRBG(7) for a general overview.
- *
- * The OpenSSL model is to have new and free functions, and that new
- * does all initialization.  That is not the NIST model, which has
- * instantiation and un-instantiate, and re-use within a new/free
- * lifecycle.  (No doubt this comes from the desire to support hardware
- * DRBG, where allocation of resources on something like an HSM is
- * a much bigger deal than just re-setting an allocated resource.)
- */
-
-
-typedef struct drbg_global_st {
-    /*
-     * The three shared DRBG instances
-     *
-     * There are three shared DRBG instances: <primary>, <public>, and
-     * <private>.  The <public> and <private> DRBGs are secondary ones.
-     * These are used for non-secret (e.g. nonces) and secret
-     * (e.g. private keys) data respectively.
-     */
-    CRYPTO_RWLOCK *lock;
-
-    /*
-     * The <primary> DRBG
-     *
-     * Not used directly by the application, only for reseeding the two other
-     * DRBGs. It reseeds itself by pulling either randomness from os entropy
-     * sources or by consuming randomness which was added by RAND_add().
-     *
-     * The <primary> DRBG is a global instance which is accessed concurrently by
-     * all threads. The necessary locking is managed automatically by its child
-     * DRBG instances during reseeding.
-     */
-    RAND_DRBG *primary_drbg;
-    /*
-     * The <public> DRBG
-     *
-     * Used by default for generating random bytes using RAND_bytes().
-     *
-     * The <public> secondary DRBG is thread-local, i.e., there is one instance
-     * per thread.
-     */
-    CRYPTO_THREAD_LOCAL public_drbg;
-    /*
-     * The <private> DRBG
-     *
-     * Used by default for generating private keys using RAND_priv_bytes()
-     *
-     * The <private> secondary DRBG is thread-local, i.e., there is one
-     * instance per thread.
-     */
-    CRYPTO_THREAD_LOCAL private_drbg;
-} DRBG_GLOBAL;
-
-#define RAND_DRBG_TYPE_FLAGS    ( \
-    RAND_DRBG_FLAG_PRIMARY | RAND_DRBG_FLAG_PUBLIC | RAND_DRBG_FLAG_PRIVATE )
-
-#define RAND_DRBG_TYPE_PRIMARY                    0
-#define RAND_DRBG_TYPE_PUBLIC                     1
-#define RAND_DRBG_TYPE_PRIVATE                    2
-
-/* Defaults */
-static int rand_drbg_type[3] = {
-    RAND_DRBG_TYPE, /* Primary */
-    RAND_DRBG_TYPE, /* Public */
-    RAND_DRBG_TYPE  /* Private */
-};
-static unsigned int rand_drbg_flags[3] = {
-    RAND_DRBG_FLAGS | RAND_DRBG_FLAG_PRIMARY, /* Primary */
-    RAND_DRBG_FLAGS | RAND_DRBG_FLAG_PUBLIC,  /* Public */
-    RAND_DRBG_FLAGS | RAND_DRBG_FLAG_PRIVATE  /* Private */
-};
-
-static unsigned int primary_reseed_interval = PRIMARY_RESEED_INTERVAL;
-static unsigned int secondary_reseed_interval = SECONDARY_RESEED_INTERVAL;
-
-static time_t primary_reseed_time_interval = PRIMARY_RESEED_TIME_INTERVAL;
-static time_t secondary_reseed_time_interval = SECONDARY_RESEED_TIME_INTERVAL;
-
-/* A logical OR of all used DRBG flag bits (currently there is only one) */
-static const unsigned int rand_drbg_used_flags =
-    RAND_DRBG_FLAG_CTR_NO_DF | RAND_DRBG_FLAG_HMAC | RAND_DRBG_TYPE_FLAGS;
-
-
-static RAND_DRBG *drbg_setup(OPENSSL_CTX *ctx, RAND_DRBG *parent,
-                             int drbg_type);
-
-static int get_drbg_params(int type, unsigned int flags, const char **name,
-                           OSSL_PARAM params[3])
-{
-    OSSL_PARAM *p = params;
-
-    switch (type) {
-    case 0:
-        return 1;
-    default:
-        return 0;
-
-#define CTR(v)                                                              \
-    *name = "CTR-DRBG";                                                     \
-    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_CIPHER, v, 0)
-
-    case NID_aes_128_ctr:
-        CTR(SN_aes_128_ctr);
-        break;
-    case NID_aes_192_ctr:
-        CTR(SN_aes_192_ctr);
-        break;
-    case NID_aes_256_ctr:
-        CTR(SN_aes_256_ctr);
-        break;
-
-#define DGST(v)                                                             \
-    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_DIGEST, v, 0);  \
-    if ((flags & RAND_DRBG_FLAG_HMAC) == 0) {                               \
-        *name = "HASH-DRBG";                                                \
-    } else {                                                                \
-        *name = "HMAC-DRBG";                                                \
-        *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_MAC,        \
-                                                SN_hmac, 0);                \
-    }
-
-    case NID_sha1:
-        DGST(SN_sha1);
-        break;
-    case NID_sha224:
-        DGST(SN_sha224);
-        break;
-    case NID_sha256:
-        DGST(SN_sha256);
-        break;
-    case NID_sha384:
-        DGST(SN_sha384);
-        break;
-    case NID_sha512:
-        DGST(SN_sha512);
-        break;
-    case NID_sha512_224:
-        DGST(SN_sha512_224);
-        break;
-    case NID_sha512_256:
-        DGST(SN_sha512_256);
-        break;
-    case NID_sha3_224:
-        DGST(SN_sha3_224);
-        break;
-    case NID_sha3_256:
-        DGST(SN_sha3_256);
-        break;
-    case NID_sha3_384:
-        DGST(SN_sha3_384);
-        break;
-    case NID_sha3_512:
-        DGST(SN_sha3_512);
-    }
-    *p = OSSL_PARAM_construct_end();
-    return 1;
-}
-
-/*
- * Initialize the OPENSSL_CTX global DRBGs on first use.
- * Returns the allocated global data on success or NULL on failure.
- */
-static void *drbg_ossl_ctx_new(OPENSSL_CTX *libctx)
-{
-    DRBG_GLOBAL *dgbl = OPENSSL_zalloc(sizeof(*dgbl));
-
-    if (dgbl == NULL)
-        return NULL;
-
-#ifndef FIPS_MODULE
-    /*
-     * We need to ensure that base libcrypto thread handling has been
-     * initialised.
-     */
-     OPENSSL_init_crypto(0, NULL);
-#endif
-
-    dgbl->lock = CRYPTO_THREAD_lock_new();
-    if (dgbl->lock == NULL)
-        goto err0;
-
-    if (!CRYPTO_THREAD_init_local(&dgbl->private_drbg, NULL))
-        goto err1;
-
-    if (!CRYPTO_THREAD_init_local(&dgbl->public_drbg, NULL))
-        goto err2;
-
-    return dgbl;
-
- err2:
-    CRYPTO_THREAD_cleanup_local(&dgbl->private_drbg);
- err1:
-    CRYPTO_THREAD_lock_free(dgbl->lock);
- err0:
-    OPENSSL_free(dgbl);
-    return NULL;
-}
-
-static void drbg_ossl_ctx_free(void *vdgbl)
-{
-    DRBG_GLOBAL *dgbl = vdgbl;
-
-    if (dgbl == NULL)
-        return;
-
-    CRYPTO_THREAD_lock_free(dgbl->lock);
-    RAND_DRBG_free(dgbl->primary_drbg);
-    CRYPTO_THREAD_cleanup_local(&dgbl->private_drbg);
-    CRYPTO_THREAD_cleanup_local(&dgbl->public_drbg);
-
-    OPENSSL_free(dgbl);
-}
-
-static const OPENSSL_CTX_METHOD drbg_ossl_ctx_method = {
-    drbg_ossl_ctx_new,
-    drbg_ossl_ctx_free,
-};
-
-static DRBG_GLOBAL *drbg_get_global(OPENSSL_CTX *libctx)
-{
-    return openssl_ctx_get_data(libctx, OPENSSL_CTX_DRBG_INDEX,
-                                &drbg_ossl_ctx_method);
-}
-
-/*
- * Set the |drbg|'s callback data pointer for the entropy and nonce callbacks
- *
- * The ownership of the context data remains with the caller,
- * i.e., it is the caller's responsibility to keep it available as long
- * as it is need by the callbacks and free it after use.
- *
- * Setting the callback data is allowed only if the drbg has not been
- * initialized yet. Otherwise, the operation will fail.
- *
- * Returns 1 on success, 0 on failure.
- */
-int RAND_DRBG_set_callback_data(RAND_DRBG *drbg, void *data)
-{
-    if (EVP_RAND_state(drbg->rand) != EVP_RAND_STATE_UNINITIALISED
-            || drbg->parent != NULL)
-        return 0;
-
-    drbg->callback_data = data;
-    return 1;
-}
-
-/* Retrieve the callback data pointer */
-void *RAND_DRBG_get_callback_data(RAND_DRBG *drbg)
-{
-    return drbg->callback_data;
-}
-
-/*
- * Set/initialize |drbg| to be of type |type|, with optional |flags|.
- *
- * If |type| and |flags| are zero, use the defaults
- *
- * Returns 1 on success, 0 on failure.
- */
-int RAND_DRBG_set(RAND_DRBG *drbg, int type, unsigned int flags)
-{
-    OSSL_PARAM params[6], *p = params;
-    unsigned int reseed_interval;
-    time_t reseed_time_interval;
-    const char *name = NULL;
-    EVP_RAND *rand;
-    EVP_RAND_CTX *pctx;
-    int use_df;
-
-    RAND_DRBG_get_entropy_fn get_entropy = drbg->get_entropy;
-    RAND_DRBG_cleanup_entropy_fn cleanup_entropy = drbg->cleanup_entropy;
-    RAND_DRBG_get_nonce_fn get_nonce = drbg->get_nonce;
-    RAND_DRBG_cleanup_nonce_fn cleanup_nonce = drbg->cleanup_nonce;
-
-    if (type == 0 && flags == 0) {
-        type = rand_drbg_type[RAND_DRBG_TYPE_PRIMARY];
-        flags = rand_drbg_flags[RAND_DRBG_TYPE_PRIMARY];
-    }
-
-    if (drbg->parent == NULL) {
-        reseed_interval = primary_reseed_interval;
-        reseed_time_interval = primary_reseed_time_interval;
-    } else {
-        reseed_interval = secondary_reseed_interval;
-        reseed_time_interval = secondary_reseed_time_interval;
-    }
-    *p++ = OSSL_PARAM_construct_uint(OSSL_DRBG_PARAM_RESEED_REQUESTS,
-                                     &reseed_interval);
-    *p++ = OSSL_PARAM_construct_time_t(OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL,
-                                       &reseed_time_interval);
-    use_df = (flags & RAND_DRBG_FLAG_CTR_NO_DF) == 0;
-    *p++ = OSSL_PARAM_construct_int(OSSL_DRBG_PARAM_USE_DF, &use_df);
-
-    if (!get_drbg_params(type, flags, &name, p)) {
-        RANDerr(0, RAND_R_UNSUPPORTED_DRBG_TYPE);
-        return 0;
-    }
-
-    rand = EVP_RAND_fetch(drbg->libctx, name, NULL);
-    if (rand == NULL) {
-        RANDerr(0, RAND_R_NO_DRBG_IMPLEMENTATION_SELECTED);
-        return 0;
-    }
-
-    EVP_RAND_CTX_free(drbg->rand);
-    drbg->rand = NULL;
-
-    drbg->flags = flags;
-    drbg->type = type;
-
-    pctx = drbg->parent != NULL ? drbg->parent->rand : NULL;
-    drbg->rand = EVP_RAND_CTX_new(rand, pctx);
-    EVP_RAND_free(rand);
-    if (drbg->rand == NULL) {
-        RANDerr(0, RAND_R_NO_DRBG_IMPLEMENTATION_SELECTED);
-        goto err;
-    }
-
-    if (!EVP_RAND_set_ctx_params(drbg->rand, params)) {
-        RANDerr(0, RAND_R_ERROR_INITIALISING_DRBG);
-        goto err;
-    }
-
-    if (!RAND_DRBG_set_callbacks(drbg,
-                                 get_entropy, cleanup_entropy,
-                                 get_nonce, cleanup_nonce)) {
-        RANDerr(0, RAND_R_ERROR_INITIALISING_DRBG);
-        goto err;
-    }
-
-    return 1;
-err:
-    EVP_RAND_CTX_free(drbg->rand);
-    drbg->rand = NULL;
-    drbg->type = 0;
-    drbg->flags = 0;
-    return 0;
-}
-
-/*
- * Set/initialize default |type| and |flag| for new drbg instances.
- *
- * Returns 1 on success, 0 on failure.
- */
-int RAND_DRBG_set_defaults(int type, unsigned int flags)
-{
-    int all;
-    const char *name;
-    OSSL_PARAM params[3];
-
-    if (!get_drbg_params(type, flags, &name, params)) {
-        RANDerr(RAND_F_RAND_DRBG_SET_DEFAULTS, RAND_R_UNSUPPORTED_DRBG_TYPE);
-        return 0;
-    }
-
-    if ((flags & ~rand_drbg_used_flags) != 0) {
-        RANDerr(RAND_F_RAND_DRBG_SET_DEFAULTS, RAND_R_UNSUPPORTED_DRBG_FLAGS);
-        return 0;
-    }
-
-    all = ((flags & RAND_DRBG_TYPE_FLAGS) == 0);
-    if (all || (flags & RAND_DRBG_FLAG_PRIMARY) != 0) {
-        rand_drbg_type[RAND_DRBG_TYPE_PRIMARY] = type;
-        rand_drbg_flags[RAND_DRBG_TYPE_PRIMARY] = flags
-                                                  | RAND_DRBG_FLAG_PRIMARY;
-    }
-    if (all || (flags & RAND_DRBG_FLAG_PUBLIC) != 0) {
-        rand_drbg_type[RAND_DRBG_TYPE_PUBLIC]  = type;
-        rand_drbg_flags[RAND_DRBG_TYPE_PUBLIC] = flags | RAND_DRBG_FLAG_PUBLIC;
-    }
-    if (all || (flags & RAND_DRBG_FLAG_PRIVATE) != 0) {
-        rand_drbg_type[RAND_DRBG_TYPE_PRIVATE] = type;
-        rand_drbg_flags[RAND_DRBG_TYPE_PRIVATE] = flags
-                                                  | RAND_DRBG_FLAG_PRIVATE;
-    }
-    return 1;
-}
-
-
-/*
- * Allocate memory and initialize a new DRBG.
- * The |parent|, if not NULL, will be used as random source for reseeding.
- *
- * Returns a pointer to the new DRBG instance on success, NULL on failure.
- */
-static RAND_DRBG *rand_drbg_new(OPENSSL_CTX *ctx,
-                                int type,
-                                unsigned int flags,
-                                RAND_DRBG *parent)
-{
-    RAND_DRBG *drbg = OPENSSL_zalloc(sizeof(*drbg));
-
-    if (drbg == NULL) {
-        RANDerr(RAND_F_RAND_DRBG_NEW, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    drbg->libctx = ctx;
-    drbg->parent = parent;
-
-    if (RAND_DRBG_set(drbg, type, flags) == 0)
-        goto err;
-
-    return drbg;
-
- err:
-    RAND_DRBG_free(drbg);
-
-    return NULL;
-}
-
-RAND_DRBG *RAND_DRBG_new_ex(OPENSSL_CTX *ctx, int type, unsigned int flags,
-                            RAND_DRBG *parent)
-{
-    return rand_drbg_new(ctx, type, flags, parent);
-}
-
-RAND_DRBG *RAND_DRBG_new(int type, unsigned int flags, RAND_DRBG *parent)
-{
-    return RAND_DRBG_new_ex(NULL, type, flags, parent);
-}
-
-/*
- * Uninstantiate |drbg| and free all memory.
- */
-void RAND_DRBG_free(RAND_DRBG *drbg)
-{
-    if (drbg == NULL)
-        return;
-
-    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RAND_DRBG, drbg, &drbg->ex_data);
-    EVP_RAND_CTX_free(drbg->rand);
-    OPENSSL_free(drbg);
-}
-
-/*
- * Instantiate |drbg|, after it has been initialized.  Use |pers| and
- * |perslen| as prediction-resistance input.
- *
- * Requires that drbg->lock is already locked for write, if non-null.
- *
- * Returns 1 on success, 0 on failure.
- */
-int RAND_DRBG_instantiate(RAND_DRBG *drbg,
-                          const unsigned char *pers, size_t perslen)
-{
-    return EVP_RAND_instantiate(drbg->rand, EVP_RAND_strength(drbg->rand), 0,
-                                pers, perslen);
-}
-
-/*
- * Uninstantiate |drbg|. Must be instantiated before it can be used.
- *
- * Requires that drbg->lock is already locked for write, if non-null.
- *
- * Returns 1 on success, 0 on failure.
- */
-int RAND_DRBG_uninstantiate(RAND_DRBG *drbg)
-{
-    int index = -1, type, flags;
-
-    if (!EVP_RAND_uninstantiate(drbg->rand))
-        return 0;
-
-    /* The reset uses the default values for type and flags */
-    if (drbg->flags & RAND_DRBG_FLAG_PRIMARY)
-        index = RAND_DRBG_TYPE_PRIMARY;
-    else if (drbg->flags & RAND_DRBG_FLAG_PRIVATE)
-        index = RAND_DRBG_TYPE_PRIVATE;
-    else if (drbg->flags & RAND_DRBG_FLAG_PUBLIC)
-        index = RAND_DRBG_TYPE_PUBLIC;
-
-    if (index != -1) {
-        flags = rand_drbg_flags[index];
-        type = rand_drbg_type[index];
-    } else {
-        flags = drbg->flags;
-        type = drbg->type;
-    }
-    return RAND_DRBG_set(drbg, type, flags);
-}
-
-/*
- * Reseed |drbg|, mixing in the specified data
- *
- * Requires that drbg->lock is already locked for write, if non-null.
- *
- * Returns 1 on success, 0 on failure.
- */
-int RAND_DRBG_reseed(RAND_DRBG *drbg,
-                     const unsigned char *adin, size_t adinlen,
-                     int prediction_resistance)
-{
-    return EVP_RAND_reseed(drbg->rand, prediction_resistance, NULL, 0,
-                           adin, adinlen);
-}
-
-/*
- * Generate |outlen| bytes into the buffer at |out|.  Reseed if we need
- * to or if |prediction_resistance| is set.  Additional input can be
- * sent in |adin| and |adinlen|.
- *
- * Requires that drbg->lock is already locked for write, if non-null.
- *
- * Returns 1 on success, 0 on failure.
- *
- */
-int RAND_DRBG_generate(RAND_DRBG *drbg, unsigned char *out, size_t outlen,
-                       int prediction_resistance,
-                       const unsigned char *adin, size_t adinlen)
-{
-    return EVP_RAND_generate(drbg->rand, out, outlen, 0,
-                             prediction_resistance, adin, adinlen);
-}
-
-/*
- * Generates |outlen| random bytes and stores them in |out|. It will
- * using the given |drbg| to generate the bytes.
- *
- * Requires that drbg->lock is already locked for write, if non-null.
- *
- * Returns 1 on success 0 on failure.
- */
-int RAND_DRBG_bytes(RAND_DRBG *drbg, unsigned char *out, size_t outlen)
-{
-    return EVP_RAND_generate(drbg->rand, out, outlen, 0, 0, NULL, 0);
-}
-
-/* DRBG call back shims */
-static int rand_drbg_get_entroy_cb(const OSSL_PARAM *params, OSSL_PARAM *out,
-                                   void *vdrbg)
-{
-    RAND_DRBG *drbg = (RAND_DRBG *)vdrbg;
-    int entropy = 0, prediction_resistance = 0;
-    size_t min_len = 0, max_len = 2048;
-    const OSSL_PARAM *p;
-    OSSL_PARAM *q;
-
-    if (drbg->get_entropy == NULL)
-        return 0;
-
-    p = OSSL_PARAM_locate_const(params, OSSL_DRBG_PARAM_ENTROPY_REQUIRED);
-    if (p == NULL || !OSSL_PARAM_get_int(p, &entropy))
-        return 0;
-
-    p = OSSL_PARAM_locate_const(params, OSSL_DRBG_PARAM_PREDICTION_RESISTANCE);
-    if (p == NULL || !OSSL_PARAM_get_int(p, &prediction_resistance))
-        return 0;
-
-    p = OSSL_PARAM_locate_const(params, OSSL_DRBG_PARAM_MAX_LENGTH);
-    if (p == NULL || !OSSL_PARAM_get_size_t(p, &max_len))
-        return 0;
-
-    p = OSSL_PARAM_locate_const(params, OSSL_DRBG_PARAM_MIN_LENGTH);
-    if (p == NULL || !OSSL_PARAM_get_size_t(p, &min_len))
-        return 0;
-
-    q = OSSL_PARAM_locate(out, OSSL_DRBG_PARAM_RANDOM_DATA);
-    if (q == NULL || q->data_type != OSSL_PARAM_OCTET_PTR || q->data == NULL)
-        return 0;
-
-    q->return_size = drbg->get_entropy(drbg, (unsigned char **)q->data, entropy,
-                                       min_len, max_len, prediction_resistance);
-    return 1;
-}
-
-static int rand_drbg_cleanup_entropy_cb(const OSSL_PARAM *params, void *vdrbg)
-{
-    RAND_DRBG *drbg = (RAND_DRBG *)vdrbg;
-    const OSSL_PARAM *p;
-    size_t sz;
-
-    if (drbg->cleanup_entropy == NULL)
-        return 0;
-
-    p = OSSL_PARAM_locate_const(params, OSSL_DRBG_PARAM_SIZE);
-    if (p == NULL || !OSSL_PARAM_get_size_t(p, &sz))
-        return 0;
-
-    p = OSSL_PARAM_locate_const(params, OSSL_DRBG_PARAM_RANDOM_DATA);
-    if (p == NULL || p->data_type != OSSL_PARAM_OCTET_PTR)
-        return 0;
-
-    drbg->cleanup_entropy(drbg, p->data, sz);
-    return 1;
-}
-
-static int rand_drbg_get_nonce_cb(const OSSL_PARAM *params, OSSL_PARAM *out,
-                                  void *vdrbg)
-{
-    RAND_DRBG *drbg = (RAND_DRBG *)vdrbg;
-    int entropy = 0;
-    size_t min_len = 0, max_len = 10240;
-    const OSSL_PARAM *p;
-    OSSL_PARAM *q;
-
-    if (drbg->get_nonce == NULL)
-        return 0;
-
-    p = OSSL_PARAM_locate_const(params, OSSL_DRBG_PARAM_ENTROPY_REQUIRED);
-    if (p == NULL || !OSSL_PARAM_get_int(p, &entropy))
-        return 0;
-
-    p = OSSL_PARAM_locate_const(params, OSSL_DRBG_PARAM_MAX_LENGTH);
-    if (p == NULL || !OSSL_PARAM_get_size_t(p, &max_len))
-        return 0;
-
-    p = OSSL_PARAM_locate_const(params, OSSL_DRBG_PARAM_MIN_LENGTH);
-    if (p == NULL || !OSSL_PARAM_get_size_t(p, &min_len))
-        return 0;
-
-    q = OSSL_PARAM_locate(out, OSSL_DRBG_PARAM_RANDOM_DATA);
-    if (q == NULL || q->data_type != OSSL_PARAM_OCTET_PTR || q->data == NULL)
-        return 0;
-
-    q->return_size = drbg->get_nonce(drbg, (unsigned char **)q->data, entropy,
-                                     min_len, max_len);
-    return 1;
-}
-
-static int rand_drbg_cleanup_nonce_cb(const OSSL_PARAM *params, void *vdrbg)
-{
-    RAND_DRBG *drbg = (RAND_DRBG *)vdrbg;
-    const OSSL_PARAM *p;
-    size_t sz;
-
-    if (drbg->cleanup_nonce == NULL)
-        return 0;
-
-    p = OSSL_PARAM_locate_const(params, OSSL_DRBG_PARAM_SIZE);
-    if (p == NULL || !OSSL_PARAM_get_size_t(p, &sz))
-        return 0;
-
-    p = OSSL_PARAM_locate_const(params, OSSL_DRBG_PARAM_RANDOM_DATA);
-    if (p == NULL || p->data_type != OSSL_PARAM_OCTET_PTR)
-        return 0;
-
-    drbg->cleanup_nonce(drbg, p->data, sz);
-    return 1;
-}
-
-/*
- * Set the RAND_DRBG callbacks for obtaining entropy and nonce.
- *
- * Setting the callbacks is allowed only if the drbg has not been
- * initialized yet. Otherwise, the operation will fail.
- *
- * Returns 1 on success, 0 on failure.
- */
-int RAND_DRBG_set_callbacks(RAND_DRBG *drbg,
-                            RAND_DRBG_get_entropy_fn get_entropy,
-                            RAND_DRBG_cleanup_entropy_fn cleanup_entropy,
-                            RAND_DRBG_get_nonce_fn get_nonce,
-                            RAND_DRBG_cleanup_nonce_fn cleanup_nonce)
-{
-    EVP_RAND_CTX *rand = drbg->rand;
-    OSSL_INOUT_CALLBACK *g_ent = NULL, *g_nonce = NULL;
-    OSSL_CALLBACK *c_ent = NULL, *c_nonce = NULL;
-
-    if (get_entropy != NULL) {
-        g_ent = &rand_drbg_get_entroy_cb;
-        c_ent = &rand_drbg_cleanup_entropy_cb;
-    }
-    if (get_nonce != NULL) {
-        g_nonce = rand_drbg_get_nonce_cb;
-        c_nonce = rand_drbg_cleanup_nonce_cb;
-    }
-    if (!EVP_RAND_set_callbacks(rand, g_ent, c_ent, g_nonce, c_nonce, drbg))
-        return 0;
-
-    drbg->get_entropy = g_ent != NULL ? get_entropy : NULL;
-    drbg->cleanup_entropy = c_ent != NULL ? cleanup_entropy : NULL;
-    drbg->get_nonce = g_nonce != NULL ? get_nonce : NULL;
-    drbg->cleanup_nonce = c_nonce != NULL ? cleanup_nonce : NULL;
-    return 1;
-}
-
-/*
- * Set the reseed interval.
- *
- * The drbg will reseed automatically whenever the number of generate
- * requests exceeds the given reseed interval. If the reseed interval
- * is 0, then this feature is disabled.
- *
- * Returns 1 on success, 0 on failure.
- */
-int RAND_DRBG_set_reseed_interval(RAND_DRBG *drbg, unsigned int interval)
-{
-    OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
-
-    if (interval > MAX_RESEED_INTERVAL)
-        return 0;
-    params[0] = OSSL_PARAM_construct_uint(OSSL_DRBG_PARAM_RESEED_REQUESTS,
-                                          &interval);
-    return EVP_RAND_set_ctx_params(drbg->rand, params);
-}
-
-/*
- * Set the reseed time interval.
- *
- * The drbg will reseed automatically whenever the time elapsed since
- * the last reseeding exceeds the given reseed time interval. For safety,
- * a reseeding will also occur if the clock has been reset to a smaller
- * value.
- *
- * Returns 1 on success, 0 on failure.
- */
-int RAND_DRBG_set_reseed_time_interval(RAND_DRBG *drbg, time_t interval)
-{
-    OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
-
-    if (interval > MAX_RESEED_TIME_INTERVAL)
-        return 0;
-    params[0] =
-        OSSL_PARAM_construct_time_t(OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL,
-                                    &interval);
-    return EVP_RAND_set_ctx_params(drbg->rand, params);
-}
-
-/*
- * Set the default values for reseed (time) intervals of new DRBG instances
- *
- * The default values can be set independently for primary DRBG instances
- * (without a parent) and secondary DRBG instances (with parent).
- *
- * Returns 1 on success, 0 on failure.
- */
-
-int RAND_DRBG_set_reseed_defaults(
-                                  unsigned int _primary_reseed_interval,
-                                  unsigned int _secondary_reseed_interval,
-                                  time_t _primary_reseed_time_interval,
-                                  time_t _secondary_reseed_time_interval
-                                  )
-{
-    if (_primary_reseed_interval > MAX_RESEED_INTERVAL
-        || _secondary_reseed_interval > MAX_RESEED_INTERVAL)
-        return 0;
-
-    if (_primary_reseed_time_interval > MAX_RESEED_TIME_INTERVAL
-        || _secondary_reseed_time_interval > MAX_RESEED_TIME_INTERVAL)
-        return 0;
-
-    primary_reseed_interval = _primary_reseed_interval;
-    secondary_reseed_interval = _secondary_reseed_interval;
-
-    primary_reseed_time_interval = _primary_reseed_time_interval;
-    secondary_reseed_time_interval = _secondary_reseed_time_interval;
-
-    return 1;
-}
-
-/*
- * Get and set the EXDATA
- */
-int RAND_DRBG_set_ex_data(RAND_DRBG *drbg, int idx, void *arg)
-{
-    return CRYPTO_set_ex_data(&drbg->ex_data, idx, arg);
-}
-
-void *RAND_DRBG_get_ex_data(const RAND_DRBG *drbg, int idx)
-{
-    return CRYPTO_get_ex_data(&drbg->ex_data, idx);
-}
-
-/*
- * The following functions provide a RAND_METHOD that works on the
- * global DRBG.  They lock.
- */
-
-/*
- * Allocates a new global DRBG on the secure heap (if enabled) and
- * initializes it with default settings.
- *
- * Returns a pointer to the new DRBG instance on success, NULL on failure.
- */
-static RAND_DRBG *drbg_setup(OPENSSL_CTX *ctx, RAND_DRBG *parent, int drbg_type)
-{
-    RAND_DRBG *drbg;
-
-    drbg = RAND_DRBG_new_ex(ctx, rand_drbg_type[drbg_type],
-                            rand_drbg_flags[drbg_type], parent);
-    if (drbg == NULL)
-        return NULL;
-
-    /* Only the primary DRBG needs to have a lock */
-    if (parent == NULL && EVP_RAND_enable_locking(drbg->rand) == 0)
-        goto err;
-
-    /*
-     * Ignore instantiation error to support just-in-time instantiation.
-     *
-     * The state of the drbg will be checked in RAND_DRBG_generate() and
-     * an automatic recovery is attempted.
-     */
-    (void)RAND_DRBG_instantiate(drbg, NULL, 0);
-    return drbg;
-
-err:
-    RAND_DRBG_free(drbg);
-    return NULL;
-}
-
-static void drbg_delete_thread_state(void *arg)
-{
-    OPENSSL_CTX *ctx = arg;
-    DRBG_GLOBAL *dgbl = drbg_get_global(ctx);
-    RAND_DRBG *drbg;
-
-    if (dgbl == NULL)
-        return;
-    drbg = CRYPTO_THREAD_get_local(&dgbl->public_drbg);
-    CRYPTO_THREAD_set_local(&dgbl->public_drbg, NULL);
-    RAND_DRBG_free(drbg);
-
-    drbg = CRYPTO_THREAD_get_local(&dgbl->private_drbg);
-    CRYPTO_THREAD_set_local(&dgbl->private_drbg, NULL);
-    RAND_DRBG_free(drbg);
-}
-
-/* Implements the default OpenSSL RAND_bytes() method */
-static int drbg_bytes(unsigned char *out, int count)
-{
-    int ret;
-    RAND_DRBG *drbg = RAND_DRBG_get0_public();
-
-    if (drbg == NULL)
-        return 0;
-
-    ret = RAND_DRBG_bytes(drbg, out, count);
-
-    return ret;
-}
-
-/* Implements the default OpenSSL RAND_add() method */
-static int drbg_add(const void *buf, int num, double randomness)
-{
-    RAND_DRBG *drbg = RAND_DRBG_get0_master();
-
-    if (drbg == NULL || num <= 0)
-        return 0;
-
-    return EVP_RAND_reseed(drbg->rand, 0, NULL, 0, buf, num);
-}
-
-/* Implements the default OpenSSL RAND_seed() method */
-static int drbg_seed(const void *buf, int num)
-{
-    return drbg_add(buf, num, num);
-}
-
-/* Implements the default OpenSSL RAND_status() method */
-static int drbg_status(void)
-{
-    int ret;
-    RAND_DRBG *drbg = RAND_DRBG_get0_master();
-
-    if (drbg == NULL)
-        return 0;
-
-    ret = EVP_RAND_state(drbg->rand) == EVP_RAND_STATE_READY ? 1 : 0;
-    return ret;
-}
-
-int RAND_DRBG_verify_zeroization(RAND_DRBG *drbg)
-{
-    return EVP_RAND_verify_zeroization(drbg->rand);
-}
-
-/*
- * Get the primary DRBG.
- * Returns pointer to the DRBG on success, NULL on failure.
- *
- */
-RAND_DRBG *OPENSSL_CTX_get0_primary_drbg(OPENSSL_CTX *ctx)
-{
-    DRBG_GLOBAL *dgbl = drbg_get_global(ctx);
-
-    if (dgbl == NULL)
-        return NULL;
-
-    if (dgbl->primary_drbg == NULL) {
-        if (!CRYPTO_THREAD_write_lock(dgbl->lock))
-            return NULL;
-        if (dgbl->primary_drbg == NULL)
-            dgbl->primary_drbg = drbg_setup(ctx, NULL, RAND_DRBG_TYPE_PRIMARY);
-        CRYPTO_THREAD_unlock(dgbl->lock);
-    }
-    return dgbl->primary_drbg;
-}
-
-RAND_DRBG *RAND_DRBG_get0_master(void)
-{
-    return OPENSSL_CTX_get0_primary_drbg(NULL);
-}
-
-/*
- * Get the public DRBG.
- * Returns pointer to the DRBG on success, NULL on failure.
- */
-RAND_DRBG *OPENSSL_CTX_get0_public_drbg(OPENSSL_CTX *ctx)
-{
-    DRBG_GLOBAL *dgbl = drbg_get_global(ctx);
-    RAND_DRBG *drbg, *primary;
-
-    if (dgbl == NULL)
-        return NULL;
-
-    drbg = CRYPTO_THREAD_get_local(&dgbl->public_drbg);
-    if (drbg == NULL) {
-        primary = OPENSSL_CTX_get0_primary_drbg(ctx);
-        if (primary == NULL)
-            return NULL;
-
-        ctx = openssl_ctx_get_concrete(ctx);
-        /*
-         * If the private_drbg is also NULL then this is the first time we've
-         * used this thread.
-         */
-        if (CRYPTO_THREAD_get_local(&dgbl->private_drbg) == NULL
-                && !ossl_init_thread_start(NULL, ctx, drbg_delete_thread_state))
-            return NULL;
-        drbg = drbg_setup(ctx, primary, RAND_DRBG_TYPE_PUBLIC);
-        CRYPTO_THREAD_set_local(&dgbl->public_drbg, drbg);
-    }
-    return drbg;
-}
-
-RAND_DRBG *RAND_DRBG_get0_public(void)
-{
-    return OPENSSL_CTX_get0_public_drbg(NULL);
-}
-
-/*
- * Get the private DRBG.
- * Returns pointer to the DRBG on success, NULL on failure.
- */
-RAND_DRBG *OPENSSL_CTX_get0_private_drbg(OPENSSL_CTX *ctx)
-{
-    DRBG_GLOBAL *dgbl = drbg_get_global(ctx);
-    RAND_DRBG *drbg, *primary;
-
-    if (dgbl == NULL)
-        return NULL;
-
-    drbg = CRYPTO_THREAD_get_local(&dgbl->private_drbg);
-    if (drbg == NULL) {
-        primary = OPENSSL_CTX_get0_primary_drbg(ctx);
-        if (primary == NULL)
-            return NULL;
-
-        ctx = openssl_ctx_get_concrete(ctx);
-        /*
-         * If the public_drbg is also NULL then this is the first time we've
-         * used this thread.
-         */
-        if (CRYPTO_THREAD_get_local(&dgbl->public_drbg) == NULL
-                && !ossl_init_thread_start(NULL, ctx, drbg_delete_thread_state))
-            return NULL;
-        drbg = drbg_setup(ctx, primary, RAND_DRBG_TYPE_PRIVATE);
-        CRYPTO_THREAD_set_local(&dgbl->private_drbg, drbg);
-    }
-    return drbg;
-}
-
-RAND_DRBG *RAND_DRBG_get0_private(void)
-{
-    return OPENSSL_CTX_get0_private_drbg(NULL);
-}
-
-RAND_METHOD rand_meth = {
-    drbg_seed,
-    drbg_bytes,
-    NULL,
-    drbg_add,
-    drbg_bytes,
-    drbg_status
-};
-
-RAND_METHOD *RAND_OpenSSL(void)
-{
-#ifndef FIPS_MODULE
-    return &rand_meth;
-#else
-    return NULL;
-#endif
-}
diff --git a/crypto/rand/rand_err.c b/crypto/rand/rand_err.c
index 39f547c7f1..b70cc4cb9f 100644
--- a/crypto/rand/rand_err.c
+++ b/crypto/rand/rand_err.c
@@ -79,6 +79,10 @@ static const ERR_STRING_DATA RAND_str_reasons[] = {
     "too little nonce requested"},
     {ERR_PACK(ERR_LIB_RAND, 0, RAND_R_TOO_MUCH_NONCE_REQUESTED),
     "too much nonce requested"},
+    {ERR_PACK(ERR_LIB_RAND, 0, RAND_R_UNABLE_TO_CREATE_DRBG),
+    "unable to create drbg"},
+    {ERR_PACK(ERR_LIB_RAND, 0, RAND_R_UNABLE_TO_FETCH_DRBG),
+    "unable to fetch drbg"},
     {ERR_PACK(ERR_LIB_RAND, 0, RAND_R_UNABLE_TO_GET_PARENT_RESEED_PROP_COUNTER),
     "unable to get parent reseed prop counter"},
     {ERR_PACK(ERR_LIB_RAND, 0, RAND_R_UNABLE_TO_GET_PARENT_STRENGTH),
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index d43b4fb8db..89277e93c5 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -15,7 +15,9 @@
 #include "internal/cryptlib.h"
 #include <openssl/opensslconf.h>
 #include "crypto/rand.h"
+#include "crypto/cryptlib.h"
 #include <openssl/engine.h>
+#include <openssl/core_names.h>
 #include "internal/thread_once.h"
 #include "rand_local.h"
 #include "e_os.h"
@@ -105,16 +107,17 @@ int RAND_poll(void)
 {
     const RAND_METHOD *meth = RAND_get_rand_method();
     int ret = meth == RAND_OpenSSL();
-    RAND_POOL *pool;
 
     if (meth == NULL)
         return 0;
 
+#ifndef OPENSSL_NO_DEPRECATED_3_0
     if (!ret) {
         /* fill random pool and seed the current legacy RNG */
-        pool = rand_pool_new(RAND_DRBG_STRENGTH, 1,
-                             (RAND_DRBG_STRENGTH + 7) / 8,
-                             RAND_POOL_MAX_LENGTH);
+        RAND_POOL *pool = rand_pool_new(RAND_DRBG_STRENGTH, 1,
+                                        (RAND_DRBG_STRENGTH + 7) / 8,
+                                        RAND_POOL_MAX_LENGTH);
+
         if (pool == NULL)
             return 0;
 
@@ -131,6 +134,7 @@ int RAND_poll(void)
      err:
         rand_pool_free(pool);
     }
+#endif
     return ret;
 }
 
@@ -235,15 +239,15 @@ int RAND_pseudo_bytes(unsigned char *buf, int num)
 
 int RAND_status(void)
 {
-    RAND_DRBG *drbg;
+    EVP_RAND_CTX *rand;
     const RAND_METHOD *meth = RAND_get_rand_method();
 
     if (meth != NULL && meth != RAND_OpenSSL())
         return meth->status != NULL ? meth->status() : 0;
 
-    if ((drbg = RAND_DRBG_get0_master()) == NULL || drbg->rand == NULL)
+    if ((rand = RAND_get0_primary(NULL)) == NULL)
         return EVP_RAND_STATE_UNINITIALISED;
-    return EVP_RAND_state(drbg->rand) == EVP_RAND_STATE_READY;
+    return EVP_RAND_state(rand) == EVP_RAND_STATE_READY;
 }
 #else  /* !FIPS_MODULE */
 
@@ -260,7 +264,7 @@ const RAND_METHOD *RAND_get_rand_method(void)
  */
 int RAND_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num)
 {
-    RAND_DRBG *drbg;
+    EVP_RAND_CTX *rand;
     const RAND_METHOD *meth = RAND_get_rand_method();
 
     if (meth != NULL && meth != RAND_OpenSSL()) {
@@ -270,9 +274,9 @@ int RAND_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num)
         return -1;
     }
 
-    drbg = OPENSSL_CTX_get0_private_drbg(ctx);
-    if (drbg != NULL)
-        return RAND_DRBG_bytes(drbg, buf, num);
+    rand = RAND_get0_private(ctx);
+    if (rand != NULL)
+        return EVP_RAND_generate(rand, buf, num, 0, 0, NULL, 0);
 
     return 0;
 }
@@ -284,7 +288,7 @@ int RAND_priv_bytes(unsigned char *buf, int num)
 
 int RAND_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num)
 {
-    RAND_DRBG *drbg;
+    EVP_RAND_CTX *rand;
     const RAND_METHOD *meth = RAND_get_rand_method();
 
     if (meth != NULL && meth != RAND_OpenSSL()) {
@@ -294,9 +298,9 @@ int RAND_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num)
         return -1;
     }
 
-    drbg = OPENSSL_CTX_get0_public_drbg(ctx);
-    if (drbg != NULL)
-        return RAND_DRBG_bytes(drbg, buf, num);
+    rand = RAND_get0_public(ctx);
+    if (rand != NULL)
+        return EVP_RAND_generate(rand, buf, num, 0, 0, NULL, 0);
 
     return 0;
 }
@@ -305,3 +309,254 @@ int RAND_bytes(unsigned char *buf, int num)
 {
     return RAND_bytes_ex(NULL, buf, num);
 }
+
+typedef struct rand_global_st {
+    /*
+     * The three shared DRBG instances
+     *
+     * There are three shared DRBG instances: <primary>, <public>, and
+     * <private>.  The <public> and <private> DRBGs are secondary ones.
+     * These are used for non-secret (e.g. nonces) and secret
+     * (e.g. private keys) data respectively.
+     */
+    CRYPTO_RWLOCK *lock;
+
+    /*
+     * The <primary> DRBG
+     *
+     * Not used directly by the application, only for reseeding the two other
+     * DRBGs. It reseeds itself by pulling either randomness from os entropy
+     * sources or by consuming randomness which was added by RAND_add().
+     *
+     * The <primary> DRBG is a global instance which is accessed concurrently by
+     * all threads. The necessary locking is managed automatically by its child
+     * DRBG instances during reseeding.
+     */
+    EVP_RAND_CTX *primary;
+
+    /*
+     * The <public> DRBG
+     *
+     * Used by default for generating random bytes using RAND_bytes().
+     *
+     * The <public> secondary DRBG is thread-local, i.e., there is one instance
+     * per thread.
+     */
+    CRYPTO_THREAD_LOCAL public;
+
+    /*
+     * The <private> DRBG
+     *
+     * Used by default for generating private keys using RAND_priv_bytes()
+     *
+     * The <private> secondary DRBG is thread-local, i.e., there is one
+     * instance per thread.
+     */
+    CRYPTO_THREAD_LOCAL private;
+} RAND_GLOBAL;
+
+/*
+ * Initialize the OPENSSL_CTX global DRBGs on first use.
+ * Returns the allocated global data on success or NULL on failure.
+ */
+static void *rand_ossl_ctx_new(OPENSSL_CTX *libctx)
+{
+    RAND_GLOBAL *dgbl = OPENSSL_zalloc(sizeof(*dgbl));
+
+    if (dgbl == NULL)
+        return NULL;
+
+#ifndef FIPS_MODULE
+    /*
+     * We need to ensure that base libcrypto thread handling has been
+     * initialised.
+     */
+     OPENSSL_init_crypto(0, NULL);
+#endif
+
+    dgbl->lock = CRYPTO_THREAD_lock_new();
+    if (dgbl->lock == NULL)
+        goto err1;
+
+    if (!CRYPTO_THREAD_init_local(&dgbl->private, NULL))
+        goto err1;
+
+    if (!CRYPTO_THREAD_init_local(&dgbl->public, NULL))
+        goto err2;
+
+    return dgbl;
+
+ err2:
+    CRYPTO_THREAD_cleanup_local(&dgbl->private);
+ err1:
+    CRYPTO_THREAD_lock_free(dgbl->lock);
+    OPENSSL_free(dgbl);
+    return NULL;
+}
+
+static void rand_ossl_ctx_free(void *vdgbl)
+{
+    RAND_GLOBAL *dgbl = vdgbl;
+
+    if (dgbl == NULL)
+        return;
+
+    CRYPTO_THREAD_lock_free(dgbl->lock);
+    EVP_RAND_CTX_free(dgbl->primary);
+    CRYPTO_THREAD_cleanup_local(&dgbl->private);
+    CRYPTO_THREAD_cleanup_local(&dgbl->public);
+
+    OPENSSL_free(dgbl);
+}
+
+static const OPENSSL_CTX_METHOD rand_drbg_ossl_ctx_method = {
+    rand_ossl_ctx_new,
+    rand_ossl_ctx_free,
+};
+
+static RAND_GLOBAL *rand_get_global(OPENSSL_CTX *libctx)
+{
+    return openssl_ctx_get_data(libctx, OPENSSL_CTX_DRBG_INDEX,
+                                &rand_drbg_ossl_ctx_method);
+}
+
+static void rand_delete_thread_state(void *arg)
+{
+    OPENSSL_CTX *ctx = arg;
+    RAND_GLOBAL *dgbl = rand_get_global(ctx);
+    EVP_RAND_CTX *rand;
+
+    if (dgbl == NULL)
+        return;
+
+    rand = CRYPTO_THREAD_get_local(&dgbl->public);
+    CRYPTO_THREAD_set_local(&dgbl->public, NULL);
+    EVP_RAND_CTX_free(rand);
+
+    rand = CRYPTO_THREAD_get_local(&dgbl->private);
+    CRYPTO_THREAD_set_local(&dgbl->private, NULL);
+    EVP_RAND_CTX_free(rand);
+}
+
+static EVP_RAND_CTX *rand_new_drbg(OPENSSL_CTX *libctx, EVP_RAND_CTX *parent,
+                                   unsigned int reseed_interval,
+                                   time_t reseed_time_interval)
+{
+    EVP_RAND *rand = EVP_RAND_fetch(libctx, "CTR-DRBG", NULL);
+    EVP_RAND_CTX *ctx;
+    OSSL_PARAM params[4], *p = params;
+    
+    if (rand == NULL) {
+        RANDerr(0, RAND_R_UNABLE_TO_FETCH_DRBG);
+        return NULL;
+    }
+    ctx = EVP_RAND_CTX_new(rand, parent);
+    EVP_RAND_free(rand);
+    if (ctx == NULL) {
+        RANDerr(0, RAND_R_UNABLE_TO_CREATE_DRBG);
+        return NULL;
+    }
+
+    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_CIPHER,
+                                            "AES-256-CTR", 0);
+    *p++ = OSSL_PARAM_construct_uint(OSSL_DRBG_PARAM_RESEED_REQUESTS,
+                                     &reseed_interval);
+    *p++ = OSSL_PARAM_construct_time_t(OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL,
+                                       &reseed_time_interval);
+    *p = OSSL_PARAM_construct_end();
+    if (!EVP_RAND_set_ctx_params(ctx, params)) {
+        RANDerr(0, RAND_R_ERROR_INITIALISING_DRBG);
+        EVP_RAND_CTX_free(ctx);
+        ctx = NULL;
+    }
+    return ctx;
+}
+
+/*
+ * Get the primary random generator.
+ * Returns pointer to its EVP_RAND_CTX on success, NULL on failure.
+ *
+ */
+EVP_RAND_CTX *RAND_get0_primary(OPENSSL_CTX *ctx)
+{
+    RAND_GLOBAL *dgbl = rand_get_global(ctx);
+
+    if (dgbl == NULL)
+        return NULL;
+
+    if (dgbl->primary == NULL) {
+        if (!CRYPTO_THREAD_write_lock(dgbl->lock))
+            return NULL;
+        if (dgbl->primary == NULL)
+            dgbl->primary = rand_new_drbg(ctx, NULL, PRIMARY_RESEED_INTERVAL,
+                                          PRIMARY_RESEED_TIME_INTERVAL);
+        CRYPTO_THREAD_unlock(dgbl->lock);
+    }
+    return dgbl->primary;
+}
+
+/*
+ * Get the public random generator.
+ * Returns pointer to its EVP_RAND_CTX on success, NULL on failure.
+ */
+EVP_RAND_CTX *RAND_get0_public(OPENSSL_CTX *ctx)
+{
+    RAND_GLOBAL *dgbl = rand_get_global(ctx);
+    EVP_RAND_CTX *rand, *primary;
+
+    if (dgbl == NULL)
+        return NULL;
+
+    rand = CRYPTO_THREAD_get_local(&dgbl->public);
+    if (rand == NULL) {
+        primary = RAND_get0_primary(ctx);
+        if (primary == NULL)
+            return NULL;
+
+        ctx = openssl_ctx_get_concrete(ctx);
+        /*
+         * If the private is also NULL then this is the first time we've
+         * used this thread.
+         */
+        if (CRYPTO_THREAD_get_local(&dgbl->private) == NULL
+                && !ossl_init_thread_start(NULL, ctx, rand_delete_thread_state))
+            return NULL;
+        rand = rand_new_drbg(ctx, primary, SECONDARY_RESEED_INTERVAL,
+                             SECONDARY_RESEED_TIME_INTERVAL);
+        CRYPTO_THREAD_set_local(&dgbl->public, rand);
+    }
+    return rand;
+}
+
+/*
+ * Get the private random generator.
+ * Returns pointer to its EVP_RAND_CTX on success, NULL on failure.
+ */
+EVP_RAND_CTX *RAND_get0_private(OPENSSL_CTX *ctx)
+{
+    RAND_GLOBAL *dgbl = rand_get_global(ctx);
+    EVP_RAND_CTX *rand, *primary;
+
+    if (dgbl == NULL)
+        return NULL;
+
+    rand = CRYPTO_THREAD_get_local(&dgbl->private);
+    if (rand == NULL) {
+        primary = RAND_get0_primary(ctx);
+        if (primary == NULL)
+            return NULL;
+
+        ctx = openssl_ctx_get_concrete(ctx);
+        /*
+         * If the public is also NULL then this is the first time we've
+         * used this thread.
+         */
+        if (CRYPTO_THREAD_get_local(&dgbl->public) == NULL
+                && !ossl_init_thread_start(NULL, ctx, rand_delete_thread_state))
+            return NULL;
+        rand = rand_new_drbg(ctx, primary, SECONDARY_RESEED_INTERVAL,
+                             SECONDARY_RESEED_TIME_INTERVAL);
+        CRYPTO_THREAD_set_local(&dgbl->private, rand);
+    }
+    return rand;
+}
diff --git a/crypto/rand/rand_local.h b/crypto/rand/rand_local.h
index 73751d25e4..d1c9bd7fec 100644
--- a/crypto/rand/rand_local.h
+++ b/crypto/rand/rand_local.h
@@ -15,48 +15,16 @@
 # include <openssl/sha.h>
 # include <openssl/hmac.h>
 # include <openssl/ec.h>
-# include <openssl/rand_drbg.h>
+# include <openssl/rand.h>
 # include "internal/tsan_assist.h"
 # include "crypto/rand.h"
 
-# include "internal/numbers.h"
-
-/* Maximum reseed intervals */
-# define MAX_RESEED_INTERVAL                     (1 << 24)
-# define MAX_RESEED_TIME_INTERVAL                (1 << 20) /* approx. 12 days */
-
 /* Default reseed intervals */
 # define PRIMARY_RESEED_INTERVAL                 (1 << 8)
 # define SECONDARY_RESEED_INTERVAL               (1 << 16)
 # define PRIMARY_RESEED_TIME_INTERVAL            (60 * 60) /* 1 hour */
 # define SECONDARY_RESEED_TIME_INTERVAL          (7 * 60)  /* 7 minutes */
 
-/*
- * The state of all types of DRBGs.
- */
-struct rand_drbg_st {
-    CRYPTO_RWLOCK *lock;
-    /* The library context this DRBG is associated with, if any */
-    OPENSSL_CTX *libctx;
-    RAND_DRBG *parent;
-    int type; /* the nid of the underlying algorithm */
-    unsigned short flags; /* various external flags */
-
-    /* Application data, mainly used in the KATs. */
-    CRYPTO_EX_DATA ex_data;
-
-    /* Implementation */
-    EVP_RAND_CTX *rand;
-
-    /* Callback functions.  See comments in rand_lib.c */
-    RAND_DRBG_get_entropy_fn get_entropy;
-    RAND_DRBG_cleanup_entropy_fn cleanup_entropy;
-    RAND_DRBG_get_nonce_fn get_nonce;
-    RAND_DRBG_cleanup_nonce_fn cleanup_nonce;
-
-    void *callback_data;
-};
-
 /* The global RAND method, and the global buffer and DRBG instance. */
 extern RAND_METHOD rand_meth;
 
diff --git a/crypto/rand/rand_meth.c b/crypto/rand/rand_meth.c
new file mode 100644
index 0000000000..e9237a4cd9
--- /dev/null
+++ b/crypto/rand/rand_meth.c
@@ -0,0 +1,69 @@
+/*
+ * Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+#include "rand_local.h"
+
+/* Implements the default OpenSSL RAND_add() method */
+static int drbg_add(const void *buf, int num, double randomness)
+{
+    EVP_RAND_CTX *drbg = RAND_get0_primary(NULL);
+
+    if (drbg == NULL || num <= 0)
+        return 0;
+
+    return EVP_RAND_reseed(drbg, 0, NULL, 0, buf, num);
+}
+
+/* Implements the default OpenSSL RAND_seed() method */
+static int drbg_seed(const void *buf, int num)
+{
+    return drbg_add(buf, num, num);
+}
+
+/* Implements the default OpenSSL RAND_status() method */
+static int drbg_status(void)
+{
+    EVP_RAND_CTX *drbg = RAND_get0_primary(NULL);
+
+    if (drbg == NULL)
+        return 0;
+
+    return  EVP_RAND_state(drbg) == EVP_RAND_STATE_READY ? 1 : 0;
+}
+
+/* Implements the default OpenSSL RAND_bytes() method */
+static int drbg_bytes(unsigned char *out, int count)
+{
+    EVP_RAND_CTX *drbg = RAND_get0_public(NULL);
+
+    if (drbg == NULL)
+        return 0;
+
+    return EVP_RAND_generate(drbg, out, count, 0, 0, NULL, 0);
+}
+
+RAND_METHOD rand_meth = {
+    drbg_seed,
+    drbg_bytes,
+    NULL,
+    drbg_add,
+    drbg_bytes,
+    drbg_status
+};
+
+RAND_METHOD *RAND_OpenSSL(void)
+{
+#ifndef FIPS_MODULE
+    return &rand_meth;
+#else
+    return NULL;
+#endif
+}
diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
index b27d0fb0e9..2bdd76c078 100644
--- a/crypto/rand/randfile.c
+++ b/crypto/rand/randfile.c
@@ -16,7 +16,6 @@
 
 #include <openssl/crypto.h>
 #include <openssl/rand.h>
-#include <openssl/rand_drbg.h>
 #include <openssl/buffer.h>
 
 #ifdef OPENSSL_SYS_VMS
diff --git a/doc/man1/openssl-rand.pod.in b/doc/man1/openssl-rand.pod.in
index 67696ee413..cd799b7bd0 100644
--- a/doc/man1/openssl-rand.pod.in
+++ b/doc/man1/openssl-rand.pod.in
@@ -28,7 +28,7 @@ The random bytes are generated using the L<RAND_bytes(3)> function,
 which provides a security level of 256 bits, provided it managed to
 seed itself successfully from a trusted operating system entropy source.
 Otherwise, the command will fail with a nonzero error code.
-For more details, see L<RAND_bytes(3)>, L<RAND(7)>, and L<RAND_DRBG(7)>.
+For more details, see L<RAND_bytes(3)>, L<RAND(7)>, and L<EVP_RAND(7)>.
 
 =head1 OPTIONS
 
@@ -63,7 +63,7 @@ Show the output as a hex string.
 L<openssl(1)>,
 L<RAND_bytes(3)>,
 L<RAND(7)>,
-L<RAND_DRBG(7)>
+L<EVP_RAND(7)>
 
 =head1 HISTORY
 
diff --git a/doc/man3/BIO_get_ex_new_index.pod b/doc/man3/BIO_get_ex_new_index.pod
index 7e5c2852a6..a2d2f1b312 100644
--- a/doc/man3/BIO_get_ex_new_index.pod
+++ b/doc/man3/BIO_get_ex_new_index.pod
@@ -10,7 +10,6 @@ ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data,
 EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data,
 ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data,
 EVP_PKEY_get_ex_new_index, EVP_PKEY_set_ex_data, EVP_PKEY_get_ex_data,
-RAND_DRBG_set_ex_data, RAND_DRBG_get_ex_data, RAND_DRBG_get_ex_new_index,
 RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data,
 RSA_set_app_data, RSA_get_app_data,
 SSL_get_ex_new_index, SSL_set_ex_data, SSL_get_ex_data,
@@ -70,8 +69,6 @@ TYPE_set_app_data() is a macro that invokes TYPE_set_ex_data() with
 B<idx> set to zero.
 TYPE_get_app_data() is a macro that invokes TYPE_get_ex_data() with
 B<idx> set to zero.
-Note that these functions are not defined for the B<RAND_DRBG> type because
-there are no backward compatibility concerns.
 
 =head1 RETURN VALUES
 
diff --git a/doc/man3/BN_rand.pod b/doc/man3/BN_rand.pod
index fc41322f8e..529d6471e4 100644
--- a/doc/man3/BN_rand.pod
+++ b/doc/man3/BN_rand.pod
@@ -82,7 +82,7 @@ L<RAND_add(3)>,
 L<RAND_bytes(3)>,
 L<RAND_priv_bytes(3)>,
 L<RAND(7)>,
-L<RAND_DRBG(7)>
+L<EVP_RAND(7)>
 
 =head1 HISTORY
 
diff --git a/doc/man3/CRYPTO_get_ex_new_index.pod b/doc/man3/CRYPTO_get_ex_new_index.pod
index b673f00862..463e2c8646 100644
--- a/doc/man3/CRYPTO_get_ex_new_index.pod
+++ b/doc/man3/CRYPTO_get_ex_new_index.pod
@@ -50,7 +50,6 @@ The specific structures are:
     EC_KEY
     ENGINE
     EVP_PKEY
-    RAND_DRBG
     RSA
     SSL
     SSL_CTX
diff --git a/doc/man3/EVP_RAND.pod b/doc/man3/EVP_RAND.pod
index 5cf62fa359..dfd2a7eb4c 100644
--- a/doc/man3/EVP_RAND.pod
+++ b/doc/man3/EVP_RAND.pod
@@ -5,7 +5,7 @@
 EVP_RAND, EVP_RAND_fetch, EVP_RAND_free, EVP_RAND_up_ref, EVP_RAND_CTX,
 EVP_RAND_CTX_new, EVP_RAND_CTX_free, EVP_RAND_instantiate,
 EVP_RAND_uninstantiate, EVP_RAND_generate, EVP_RAND_reseed,
-EVP_RAND_nonce, EVP_RAND_enable_locking, EVP_RAND_set_callbacks,
+EVP_RAND_nonce, EVP_RAND_enable_locking,
 EVP_RAND_verify_zeroization, EVP_RAND_strength, EVP_RAND_state,
 EVP_RAND_provider, EVP_RAND_CTX_rand, EVP_RAND_is_a, EVP_RAND_number,
 EVP_RAND_name, EVP_RAND_names_do_all, EVP_RAND_get_ctx_params,
@@ -57,10 +57,6 @@ EVP_RAND_STATE_ERROR - EVP RAND routines
                      const unsigned char *addin, size_t addin_len);
  int EVP_RAND_nonce(EVP_RAND_CTX *ctx, unsigned char *out, size_t outlen);
  int EVP_RAND_enable_locking(EVP_RAND_CTX *ctx);
- int EVP_RAND_set_callbacks(EVP_RAND_CTX *ctx, OSSL_CALLBACK *get_entropy,
-                            OSSL_CALLBACK *cleanup_entropy,
-                            OSSL_CALLBACK *get_nonce,
-                            OSSL_CALLBACK *cleanup_nonce, void *arg);
  int EVP_RAND_verify_zeroization(EVP_RAND_CTX *ctx);
  unsigned int EVP_RAND_strength(EVP_RAND_CTX *ctx);
  int EVP_RAND_state(EVP_RAND_CTX *ctx);
@@ -157,12 +153,6 @@ EVP_RAND_enable_locking() enables locking for the RAND I<ctx> and all of
 its parents.  After this I<ctx> will operate in a thread safe manner, albeit
 more slowly.
 
-EVP_RAND_set_callbacks() sets callbacks on the RAND I<ctx> to accept
-external entropy and nonce input.  The callback I<get_entropy> fills a buffer
-with new randomness and the callback I<cleanup_entropy> clears and frees the
-buffer.  Likewise for I<get_nonce> and I<cleanup_nonce>.  In all cases the
-callbacks are passed I<arg> in addition to an OSSL_PARAM array.
-
 EVP_RAND_get_params() retrieves details about the implementation
 I<rand>.
 The set of parameters given with I<params> determine exactly what
@@ -198,22 +188,22 @@ See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor.
 EVP_RAND_strength() returns the security strength of the RAND I<ctx>.
 
 EVP_RAND_state() returns the current state of the RAND I<ctx>.
-States defined by the OpenSSL DRBGs are:
+States defined by the OpenSSL RNGs are:
 
 =over 4
 
 =item *
 
-EVP_RAND_STATE_UNINITIALISED: this DRBG is currently uninitialised.
+EVP_RAND_STATE_UNINITIALISED: this RNG is currently uninitialised.
 The instantiate call will change this to the ready state.
 
 =item *
 
-EVP_RAND_STATE_READY: this DRBG is currently ready to generate output.
+EVP_RAND_STATE_READY: this RNG is currently ready to generate output.
 
 =item *
 
-EVP_RAND_STATE_ERROR: this DRBG is in an error state.
+EVP_RAND_STATE_ERROR: this RNG is in an error state.
 
 =back
 
diff --git a/doc/man3/RAND_DRBG_generate.pod b/doc/man3/RAND_DRBG_generate.pod
deleted file mode 100644
index def98a9680..0000000000
--- a/doc/man3/RAND_DRBG_generate.pod
+++ /dev/null
@@ -1,90 +0,0 @@
-=pod
-
-=head1 NAME
-
-RAND_DRBG_generate,
-RAND_DRBG_bytes
-- generate random bytes using the given drbg instance
-
-=head1 SYNOPSIS
-
- #include <openssl/rand_drbg.h>
-
- int RAND_DRBG_generate(RAND_DRBG *drbg,
-                        unsigned char *out, size_t outlen,
-                        int prediction_resistance,
-                        const unsigned char *adin, size_t adinlen);
-
- int RAND_DRBG_bytes(RAND_DRBG *drbg,
-                     unsigned char *out, size_t outlen);
-
-
-=head1 DESCRIPTION
-
-RAND_DRBG_generate() generates B<outlen> random bytes using the given
-DRBG instance B<drbg> and stores them in the buffer at B<out>.
-
-Before generating the output, the DRBG instance checks whether the maximum
-number of generate requests (I<reseed interval>) or the maximum timespan
-(I<reseed time interval>) since its last seeding have been reached.
-If this is the case, the DRBG reseeds automatically.
-Additionally, an immediate reseeding can be requested by setting the
-B<prediction_resistance> flag to 1.
-Requesting prediction resistance is a relative expensive operation.
-See NOTES section for more details.
-
-The caller can optionally provide additional data to be used for reseeding
-by passing a pointer B<adin> to a buffer of length B<adinlen>.
-This additional data is mixed into the internal state of the random
-generator but does not contribute to the entropy count.
-The additional data can be omitted by setting B<adin> to NULL and
-B<adinlen> to 0;
-
-RAND_DRBG_bytes() generates B<outlen> random bytes using the given
-DRBG instance B<drbg> and stores them in the buffer at B<out>.
-This function is a wrapper around the RAND_DRBG_generate() call,
-which collects some additional data from low entropy sources
-(e.g., a high resolution timer) and calls
-RAND_DRBG_generate(drbg, out, outlen, 0, adin, adinlen).
-
-
-=head1 RETURN VALUES
-
-RAND_DRBG_generate() and RAND_DRBG_bytes() return 1 on success,
-and 0 on failure.
-
-=head1 NOTES
-
-The I<reseed interval> and I<reseed time interval> of the B<drbg> are set to
-reasonable default values, which in general do not have to be adjusted.
-If necessary, they can be changed using L<RAND_DRBG_set_reseed_interval(3)>
-and L<RAND_DRBG_set_reseed_time_interval(3)>, respectively.
-
-A request for prediction resistance can only be satisfied by pulling fresh
-entropy from a live entropy source (section 5.5.2 of [NIST SP 800-90C]).
-It is up to the user to ensure that a live entropy source is configured
-and is being used.
-
-=head1 SEE ALSO
-
-L<RAND_bytes(3)>,
-L<RAND_DRBG_set_reseed_interval(3)>,
-L<RAND_DRBG_set_reseed_time_interval(3)>,
-L<RAND_DRBG(7)>
-
-=head1 HISTORY
-
-The RAND_DRBG functions were added in OpenSSL 1.1.1.
-
-Prediction resistance is supported from OpenSSL 3.0.
-
-=head1 COPYRIGHT
-
-Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
-
-Licensed under the Apache License 2.0 (the "License").  You may not use
-this file except in compliance with the License.  You can obtain a copy
-in the file LICENSE in the source distribution or at
-L<https://www.openssl.org/source/license.html>.
-
-=cut
diff --git a/doc/man3/RAND_DRBG_get0_public.pod b/doc/man3/RAND_DRBG_get0_public.pod
deleted file mode 100644
index 18b15bc9b9..0000000000
--- a/doc/man3/RAND_DRBG_get0_public.pod
+++ /dev/null
@@ -1,97 +0,0 @@
-=pod
-
-=head1 NAME
-
-OPENSSL_CTX_get0_primary_drbg,
-OPENSSL_CTX_get0_public_drbg,
-OPENSSL_CTX_get0_private_drbg,
-RAND_DRBG_get0_master,
-RAND_DRBG_get0_public,
-RAND_DRBG_get0_private
-- get access to the global RAND_DRBG instances
-
-=head1 SYNOPSIS
-
- #include <openssl/rand_drbg.h>
-
- RAND_DRBG *OPENSSL_CTX_get0_primary_drbg(OPENSSL_CTX *ctx);
- RAND_DRBG *OPENSSL_CTX_get0_public_drbg(OPENSSL_CTX *ctx);
- RAND_DRBG *OPENSSL_CTX_get0_private_drbg(OPENSSL_CTX *ctx);
- RAND_DRBG *RAND_DRBG_get0_master(void);
- RAND_DRBG *RAND_DRBG_get0_public(void);
- RAND_DRBG *RAND_DRBG_get0_private(void);
-
-
-=head1 DESCRIPTION
-
-The default RAND API implementation (RAND_OpenSSL()) utilizes three
-shared DRBG instances which are accessed via the RAND API:
-
-The I<public> and I<private> DRBG are thread-local instances, which are used
-by RAND_bytes() and RAND_priv_bytes(), respectively.
-The I<master> DRBG is a global instance, which is not intended to be used
-directly, but is used internally to reseed the other two instances.
-
-These functions here provide access to the shared DRBG instances.
-
-=head1 RETURN VALUES
-
-OPENSSL_CTX_get0_primary_drbg() returns a pointer to the I<master> DRBG instance
-for the given OPENSSL_CTX B<ctx>.
-
-OPENSSL_CTX_get0_public_drbg() returns a pointer to the I<public> DRBG instance
-for the given OPENSSL_CTX B<ctx>.
-
-OPENSSL_CTX_get0_private_drbg() returns a pointer to the I<private> DRBG instance
-for the given OPENSSL_CTX B<ctx>.
-
-In all the above cases the B<ctx> parameter can
-be NULL in which case the default OPENSSL_CTX is used. RAND_DRBG_get0_master(),
-RAND_DRBG_get0_public() and RAND_DRBG_get0_private() are the same as
-OPENSSL_CTX_get0_primary_drbg(), OPENSSL_CTX_get0_public_drbg() and
-OPENSSL_CTX_get0_private_drbg() respectively except that the default OPENSSL_CTX
-is always used.
-
-=head1 NOTES
-
-It is not thread-safe to access the I<master> DRBG instance.
-The I<public> and I<private> DRBG instance can be accessed safely, because
-they are thread-local. Note however, that changes to these two instances
-apply only to the current thread.
-
-For that reason it is recommended not to change the settings of these
-three instances directly.
-Instead, an application should change the default settings for new DRBG instances
-at initialization time, before creating additional threads.
-
-During initialization, it is possible to change the reseed interval
-and reseed time interval.
-It is also possible to exchange the reseeding callbacks entirely.
-
-=head1 SEE ALSO
-
-L<RAND_DRBG_set_callbacks(3)>,
-L<RAND_DRBG_set_reseed_defaults(3)>,
-L<RAND_DRBG_set_reseed_interval(3)>,
-L<RAND_DRBG_set_reseed_time_interval(3)>,
-L<RAND_DRBG_set_callbacks(3)>,
-L<RAND_DRBG_generate(3)>,
-L<RAND_DRBG(7)>
-
-=head1 HISTORY
-
-The OPENSSL_CTX_get0_primary_drbg(), OPENSSL_CTX_get0_public_drbg() and
-OPENSSL_CTX_get0_private_drbg() functions were added in OpenSSL 3.0.
-
-All other RAND_DRBG functions were added in OpenSSL 1.1.1.
-
-=head1 COPYRIGHT
-
-Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
-
-Licensed under the Apache License 2.0 (the "License").  You may not use
-this file except in compliance with the License.  You can obtain a copy
-in the file LICENSE in the source distribution or at
-L<https://www.openssl.org/source/license.html>.
-
-=cut
diff --git a/doc/man3/RAND_DRBG_new.pod b/doc/man3/RAND_DRBG_new.pod
deleted file mode 100644
index 340fccdce6..0000000000
--- a/doc/man3/RAND_DRBG_new.pod
+++ /dev/null
@@ -1,170 +0,0 @@
-=pod
-
-=head1 NAME
-
-RAND_DRBG_new_ex,
-RAND_DRBG_new,
-RAND_DRBG_set,
-RAND_DRBG_set_defaults,
-RAND_DRBG_instantiate,
-RAND_DRBG_uninstantiate,
-RAND_DRBG_free,
-RAND_DRBG_verify_zeroization
-- initialize and cleanup a RAND_DRBG instance
-
-=head1 SYNOPSIS
-
- #include <openssl/rand_drbg.h>
-
- RAND_DRBG *RAND_DRBG_new_ex(OPENSSL_CTX *ctx,
-                             int type,
-                             unsigned int flags,
-                             RAND_DRBG *parent);
-
- RAND_DRBG *RAND_DRBG_new(int type,
-                          unsigned int flags,
-                          RAND_DRBG *parent);
-
- int RAND_DRBG_set_defaults(int type, unsigned int flags);
-
- int RAND_DRBG_instantiate(RAND_DRBG *drbg,
-                           const unsigned char *pers, size_t perslen);
-
- int RAND_DRBG_uninstantiate(RAND_DRBG *drbg);
-
- void RAND_DRBG_free(RAND_DRBG *drbg);
- int RAND_DRBG_verify_zeroization(RAND_DRBG *drbg);
-
-Deprecated since OpenSSL 3.0, can be hidden entirely by defining
-B<OPENSSL_API_COMPAT> with a suitable version value, see
-L<openssl_user_macros(7)>:
-
- int RAND_DRBG_set(RAND_DRBG *drbg,
-                   int type, unsigned int flags);
-
-=head1 DESCRIPTION
-
-RAND_DRBG_new_ex() creates a new DRBG instance of the given B<type> for the
-given OPENSSL_CTX <ctx>.
-The <ctx> parameter can be NULL in which case the default OPENSSL_CTX is used.
-RAND_DRBG_new() is the same as RAND_DRBG_new_ex() except that the default
-OPENSSL_CTX is always used.
-
-RAND_DRBG_set() initializes the B<drbg> with the given B<type> and B<flags>.
-This function is deprecated.  Applications should instead use
-RAND_DRBG_new_ex() to create a new DRBG.
-
-RAND_DRBG_set_defaults() sets the default B<type> and B<flags> for new DRBG
-instances.
-
-The DRBG types are AES-CTR, HMAC and HASH so B<type> can be one of the
-following values:
-
-NID_aes_128_ctr, NID_aes_192_ctr, NID_aes_256_ctr, NID_sha1, NID_sha224,
-NID_sha256, NID_sha384, NID_sha512, NID_sha512_224, NID_sha512_256,
-NID_sha3_224, NID_sha3_256, NID_sha3_384 or NID_sha3_512.
-
-If this method is not called then the default type is given by NID_aes_256_ctr
-and the default flags are zero.
-
-Before the DRBG can be used to generate random bits, it is necessary to set
-its type and to instantiate it.
-
-The optional B<flags> argument specifies a set of bit flags which can be
-joined using the | operator. The supported flags are:
-
-=over 4
-
-=item RAND_DRBG_FLAG_CTR_NO_DF
-
-Disables the use of the derivation function ctr_df. For an explanation,
-see [NIST SP 800-90A Rev. 1].
-
-=item RAND_DRBG_FLAG_HMAC
-
-Enables use of HMAC instead of the HASH DRBG.
-
-=item RAND_DRBG_FLAG_PRIMARY
-
-=item RAND_DRBG_FLAG_PUBLIC
-
-=item RAND_DRBG_FLAG_PRIVATE
-
-These 3 flags can be used to set the individual DRBG types created. Multiple
-calls are required to set the types to different values. If none of these 3
-flags are used, then the same type and flags are used for all 3 DRBGs in the
-B<drbg> chain (<master>, <public> and <private>).
-
-=back
-
-If a B<parent> instance is specified then this will be used instead of
-the default entropy source for reseeding the B<drbg>. It is said that the
-B<drbg> is I<chained> to its B<parent>.
-For more information, see the NOTES section.
-
-RAND_DRBG_instantiate()
-seeds the B<drbg> instance using random input from trusted entropy sources.
-Optionally, a personalization string B<pers> of length B<perslen> can be
-specified.
-To omit the personalization string, set B<pers>=NULL and B<perslen>=0;
-
-RAND_DRBG_uninstantiate()
-clears the internal state of the B<drbg> and puts it back in the
-uninstantiated state.
-
-RAND_DRBG_verify_zeroization() confirms if the internal DRBG state is
-currently zeroed.
-
-=head1 RETURN VALUES
-
-
-RAND_DRBG_new_ex() and RAND_DRBG_new() return a pointer to a DRBG instance
-allocated on the heap.
-
-RAND_DRBG_set(),
-RAND_DRBG_instantiate(), and
-RAND_DRBG_uninstantiate()
-return 1 on success, and 0 on failure.
-
-RAND_DRBG_verify_zeroization() returns 1 if the DRBG state is current zeroed,
-and 0 if not.
-
-RAND_DRBG_free() does not return a value.
-
-=head1 NOTES
-
-The DRBG design supports I<chaining>, which means that a DRBG instance can
-use another B<parent> DRBG instance instead of the default entropy source
-to obtain fresh random input for reseeding, provided that B<parent> DRBG
-instance was properly instantiated, either from a trusted entropy source,
-or from yet another parent DRBG instance.
-For a detailed description of the reseeding process, see L<RAND_DRBG(7)>.
-
-The default DRBG type and flags are applied only during creation of a DRBG
-instance.
-To ensure that they are applied to the global and thread-local DRBG instances
-(<master>, resp. <public> and <private>), it is necessary to call
-RAND_DRBG_set_defaults() before creating any thread and before calling any
-cryptographic routines that obtain random data directly or indirectly.
-
-=head1 SEE ALSO
-
-L<RAND_DRBG_generate(3)>,
-L<RAND_DRBG(7)>
-
-=head1 HISTORY
-
-The RAND_DRBG_set() function was deprecated in OpenSSL 3.0.
-
-The RAND_DRBG functions were added in OpenSSL 1.1.1.
-
-=head1 COPYRIGHT
-
-Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
-
-Licensed under the Apache License 2.0 (the "License").  You may not use
-this file except in compliance with the License.  You can obtain a copy
-in the file LICENSE in the source distribution or at
-L<https://www.openssl.org/source/license.html>.
-
-=cut
diff --git a/doc/man3/RAND_DRBG_reseed.pod b/doc/man3/RAND_DRBG_reseed.pod
deleted file mode 100644
index 8bf2669a87..0000000000
--- a/doc/man3/RAND_DRBG_reseed.pod
+++ /dev/null
@@ -1,118 +0,0 @@
-=pod
-
-=head1 NAME
-
-RAND_DRBG_reseed,
-RAND_DRBG_set_reseed_interval,
-RAND_DRBG_set_reseed_time_interval,
-RAND_DRBG_set_reseed_defaults
-- reseed a RAND_DRBG instance
-
-=head1 SYNOPSIS
-
- #include <openssl/rand_drbg.h>
-
- int RAND_DRBG_reseed(RAND_DRBG *drbg,
-                      const unsigned char *adin, size_t adinlen,
-                      int prediction_resistance);
-
- int RAND_DRBG_set_reseed_interval(RAND_DRBG *drbg,
-                                   unsigned int interval);
-
- int RAND_DRBG_set_reseed_time_interval(RAND_DRBG *drbg,
-                                        time_t interval);
-
- int RAND_DRBG_set_reseed_defaults(
-                                   unsigned int primary_reseed_interval,
-                                   unsigned int secondary_reseed_interval,
-                                   time_t primary_reseed_time_interval,
-                                   time_t secondary_reseed_time_interval
-                                   );
-
-
-=head1 DESCRIPTION
-
-RAND_DRBG_reseed()
-reseeds the given B<drbg>, obtaining entropy input from its entropy source
-and mixing in the specified additional data provided in the buffer B<adin>
-of length B<adinlen>.
-The additional data can be omitted by setting B<adin> to NULL and B<adinlen>
-to 0.
-An immediate reseeding can be requested by setting the
-B<prediction_resistance> flag to 1.
-Requesting prediction resistance is a relative expensive operation.
-See NOTES section for more details.
-
-RAND_DRBG_set_reseed_interval()
-sets the reseed interval of the B<drbg>, which is the maximum allowed number
-of generate requests between consecutive reseedings.
-If B<interval> > 0, then the B<drbg> will reseed automatically whenever the
-number of generate requests since its last seeding exceeds the given reseed
-interval.
-If B<interval> == 0, then this feature is disabled.
-
-
-RAND_DRBG_set_reseed_time_interval()
-sets the reseed time interval of the B<drbg>, which is the maximum allowed
-number of seconds between consecutive reseedings.
-If B<interval> > 0, then the B<drbg> will reseed automatically whenever the
-elapsed time since its last reseeding exceeds the given reseed time interval.
-If B<interval> == 0, then this feature is disabled.
-
-RAND_DRBG_set_reseed_defaults() sets the default values for the reseed interval
-(B<primary_reseed_interval> and B<secondary_reseed_interval>)
-and the reseed time interval
-(B<primary_reseed_time_interval> and B<secondary_reseed_tme_interval>)
-of DRBG instances.
-The default values are set independently for primary DRBG instances (which don't
-have a parent) and secondary DRBG instances (which are chained to a parent
-DRBG).
-
-=head1 RETURN VALUES
-
-RAND_DRBG_reseed(),
-RAND_DRBG_set_reseed_interval(), and
-RAND_DRBG_set_reseed_time_interval(),
-return 1 on success, 0 on failure.
-
-=head1 NOTES
-
-The default OpenSSL random generator is already set up for automatic reseeding,
-so in general it is not necessary to reseed it explicitly, or to modify
-its reseeding thresholds.
-
-Normally, the entropy input for seeding a DRBG is either obtained from a
-trusted os entropy source or from a parent DRBG instance, which was seeded
-(directly or indirectly) from a trusted os entropy source.
-In exceptional cases it is possible to replace the reseeding mechanism entirely
-by providing application defined callbacks using RAND_DRBG_set_callbacks().
-
-The reseeding default values are applied only during creation of a DRBG instance.
-To ensure that they are applied to the global and thread-local DRBG instances
-(<primary>, resp. <public> and <private>), it is necessary to call
-RAND_DRBG_set_reseed_defaults() before creating any thread and before calling
-any cryptographic routines that obtain random data directly or indirectly.
-
-=head1 SEE ALSO
-
-L<RAND_DRBG_generate(3)>,
-L<RAND_DRBG_bytes(3)>,
-L<RAND_DRBG_set_callbacks(3)>.
-L<RAND_DRBG(7)>
-
-=head1 HISTORY
-
-The RAND_DRBG functions were added in OpenSSL 1.1.1.
-
-Prediction resistance is supported from OpenSSL 3.0.
-
-=head1 COPYRIGHT
-
-Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
-
-Licensed under the Apache License 2.0 (the "License").  You may not use
-this file except in compliance with the License.  You can obtain a copy
-in the file LICENSE in the source distribution or at
-L<https://www.openssl.org/source/license.html>.
-
-=cut
diff --git a/doc/man3/RAND_DRBG_set_callbacks.pod b/doc/man3/RAND_DRBG_set_callbacks.pod
deleted file mode 100644
index 53022c8194..0000000000
--- a/doc/man3/RAND_DRBG_set_callbacks.pod
+++ /dev/null
@@ -1,171 +0,0 @@
-=pod
-
-=head1 NAME
-
-RAND_DRBG_set_callbacks,
-RAND_DRBG_set_callback_data,
-RAND_DRBG_get_callback_data,
-RAND_DRBG_get_entropy_fn,
-RAND_DRBG_cleanup_entropy_fn,
-RAND_DRBG_get_nonce_fn,
-RAND_DRBG_cleanup_nonce_fn
-- set callbacks for reseeding
-
-=head1 SYNOPSIS
-
- #include <openssl/rand_drbg.h>
-
-
- int RAND_DRBG_set_callbacks(RAND_DRBG *drbg,
-                             RAND_DRBG_get_entropy_fn get_entropy,
-                             RAND_DRBG_cleanup_entropy_fn cleanup_entropy,
-                             RAND_DRBG_get_nonce_fn get_nonce,
-                             RAND_DRBG_cleanup_nonce_fn cleanup_nonce);
-
- int RAND_DRBG_set_callback_data(RAND_DRBG *drbg, void *ctx);
-
- void *RAND_DRBG_get_callback_data(RAND_DRBG *drbg);
-
-=head2 Callback Functions
-
- typedef size_t (*RAND_DRBG_get_entropy_fn)(
-                       RAND_DRBG *drbg,
-                       unsigned char **pout,
-                       int entropy,
-                       size_t min_len, size_t max_len,
-                       int prediction_resistance);
-
- typedef void (*RAND_DRBG_cleanup_entropy_fn)(
-                     RAND_DRBG *drbg,
-                     unsigned char *out, size_t outlen);
-
- typedef size_t (*RAND_DRBG_get_nonce_fn)(
-                       RAND_DRBG *drbg,
-                       unsigned char **pout,
-                       int entropy,
-                       size_t min_len, size_t max_len);
-
- typedef void (*RAND_DRBG_cleanup_nonce_fn)(
-                     RAND_DRBG *drbg,
-                     unsigned char *out, size_t outlen);
-
-
-
-=head1 DESCRIPTION
-
-RAND_DRBG_set_callbacks() sets the callbacks for obtaining fresh entropy and
-the nonce when reseeding the given B<drbg>.
-The callback functions are implemented and provided by the caller.
-Their parameter lists need to match the function prototypes above.
-
-RAND_DRBG_set_callback_data() can be used to store a pointer to some context
-specific data, which can subsequently be retrieved by the entropy and nonce
-callbacks using RAND_DRBG_get_callback_data().
-The ownership of the context data remains with the caller, i.e., it is the
-caller's responsibility to keep it available as long as it is needed by the
-callbacks and free it after use.
-For more information about the callback data see the NOTES section.
-
-Setting the callbacks or the callback data is allowed only if the DRBG has
-not been initialized yet.
-Otherwise, the operation will fail.
-To change the settings for one of the three shared DRBGs it is necessary to call
-RAND_DRBG_uninstantiate() first.
-
-The B<get_entropy>() callback is called by the B<drbg> when it requests fresh
-random input.
-It is expected that the callback allocates and fills a random buffer of size
-B<min_len> <= size <= B<max_len> (in bytes) which contains at least B<entropy>
-bits of randomness.
-The B<prediction_resistance> flag indicates whether the reseeding was
-triggered by a prediction resistance request.
-
-The buffer's address is to be returned in *B<pout> and the number of collected
-randomness bytes as return value.
-
-If the callback fails to acquire at least B<entropy> bits of randomness,
-it must indicate an error by returning a buffer length of 0.
-
-If B<prediction_resistance> was requested and the random source of the DRBG
-does not satisfy the conditions requested by [NIST SP 800-90C], then
-it must also indicate an error by returning a buffer length of 0.
-See NOTES section for more details.
-
-The B<cleanup_entropy>() callback is called from the B<drbg> to clear and
-free the buffer allocated previously by get_entropy().
-The values B<out> and B<outlen> are the random buffer's address and length,
-as returned by the get_entropy() callback.
-
-The B<get_nonce>() and B<cleanup_nonce>() callbacks are used to obtain a nonce
-and free it again. A nonce is only required for instantiation (not for reseeding)
-and only in the case where the DRBG uses a derivation function.
-The callbacks are analogous to get_entropy() and cleanup_entropy(),
-except for the missing prediction_resistance flag.
-
-If the derivation function is disabled, then no nonce is used for instantiation,
-and the B<get_nonce>() and B<cleanup_nonce>() callbacks can be omitted by
-setting them to NULL.
-
-
-=head1 RETURN VALUES
-
-RAND_DRBG_set_callbacks() returns 1 on success, and 0 on failure.
-
-RAND_DRBG_set_callback_data() returns 1 on success, and 0 on failure.
-
-RAND_DRBG_get_callback_data() returns the pointer to the callback data,
-which is NULL if none has been set previously.
-
-=head1 NOTES
-
-It is important that B<cleanup_entropy>() and B<cleanup_nonce>() clear the buffer
-contents safely before freeing it, in order not to leave sensitive information
-about the DRBG's state in memory.
-
-A request for prediction resistance can only be satisfied by pulling fresh
-entropy from a live entropy source (section 5.5.2 of [NIST SP 800-90C]).
-It is up to the user to ensure that a live entropy source is configured
-and is being used.
-
-The derivation function is disabled by calling the RAND_DRBG_new_ex()
-function with the RAND_DRBG_FLAG_CTR_NO_DF flag.  For more information on
-the derivation function and when it can be omitted, see [NIST SP 800-90A
-Rev. 1]. Roughly speaking it can be omitted if the random source has "full
-entropy", that is, it contains 8 bits of entropy per byte. In a FIPS context,
-the derivation function can never be omitted.
-
-Even if a nonce is required, the B<get_nonce>() and B<cleanup_nonce>()
-callbacks can be omitted by setting them to NULL.
-In this case the DRBG will automatically request an extra amount of entropy
-(using the B<get_entropy>() and B<cleanup_entropy>() callbacks) which it will
-utilize for the nonce, following the recommendations of [NIST SP 800-90A Rev. 1],
-section 8.6.7.
-
-The callback data is a rather specialized feature, because in general the
-random sources don't (and in fact, they must not) depend on any state provided
-by the DRBG.
-There are however exceptional cases where this feature is useful, most notably
-for implementing known answer tests (KATs) or deterministic signatures like
-those specified in RFC6979, which require passing a specified entropy and nonce
-for instantiating the DRBG.
-
-=head1 SEE ALSO
-
-L<RAND_DRBG_new(3)>,
-L<RAND_DRBG_reseed(3)>,
-L<RAND_DRBG(7)>
-
-=head1 HISTORY
-
-The RAND_DRBG functions were added in OpenSSL 1.1.1.
-
-=head1 COPYRIGHT
-
-Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
-
-Licensed under the Apache License 2.0 (the "License").  You may not use
-this file except in compliance with the License.  You can obtain a copy
-in the file LICENSE in the source distribution or at
-L<https://www.openssl.org/source/license.html>.
-
-=cut
diff --git a/doc/man3/RAND_add.pod b/doc/man3/RAND_add.pod
index 2f12e0963c..990f6978d3 100644
--- a/doc/man3/RAND_add.pod
+++ b/doc/man3/RAND_add.pod
@@ -58,7 +58,7 @@ should consider using L<RAND_load_file(3)> instead.
 NOTE: In FIPS mode, random data provided by the application is not considered to
 be a trusted entropy source. It is mixed into the internal state of the RNG as
 additional data only and this does not count as a full reseed.
-For more details, see L<RAND_DRBG(7)>.
+For more details, see L<EVP_RAND(7)>.
 
 RAND_seed() is equivalent to RAND_add() with B<randomness> set to B<num>.
 
@@ -92,7 +92,7 @@ L<RAND_bytes(3)>,
 L<RAND_egd(3)>,
 L<RAND_load_file(3)>,
 L<RAND(7)>
-L<RAND_DRBG(7)>
+L<EVP_RAND(7)>
 
 =head1 HISTORY
 
diff --git a/doc/man3/RAND_bytes.pod b/doc/man3/RAND_bytes.pod
index 935113add8..0673f1b839 100644
--- a/doc/man3/RAND_bytes.pod
+++ b/doc/man3/RAND_bytes.pod
@@ -31,7 +31,7 @@ be used for generating values that should remain private. If using the
 default RAND_METHOD, this function uses a separate "private" PRNG
 instance so that a compromise of the "public" PRNG instance will not
 affect the secrecy of these private values, as described in L<RAND(7)>
-and L<RAND_DRBG(7)>.
+and L<EVP_RAND(7)>.
 
 RAND_bytes_ex() and RAND_priv_bytes_ex() are the same as RAND_bytes() and
 RAND_priv_bytes() except that they both take an additional I<ctx> parameter.
@@ -75,7 +75,7 @@ L<RAND_bytes(3)>,
 L<RAND_priv_bytes(3)>,
 L<ERR_get_error(3)>,
 L<RAND(7)>,
-L<RAND_DRBG(7)>
+L<EVP_RAND(7)>
 
 =head1 HISTORY
 
diff --git a/doc/man3/RAND_get0_primary.pod b/doc/man3/RAND_get0_primary.pod
new file mode 100644
index 0000000000..16bb223d4a
--- /dev/null
+++ b/doc/man3/RAND_get0_primary.pod
@@ -0,0 +1,78 @@
+=pod
+
+=head1 NAME
+
+RAND_get0_primary,
+RAND_get0_public,
+RAND_get0_private
+- get access to the global EVP_RAND_CTX instances
+
+=head1 SYNOPSIS
+
+ #include <openssl/rand.h>
+
+ EVP_RAND_CTX *RAND_get0_primary(OPENSSL_CTX *ctx);
+ EVP_RAND_CTX *RAND_get0_public(OPENSSL_CTX *ctx);
+ EVP_RAND_CTX *RAND_get0_private(OPENSSL_CTX *ctx);
+
+
+=head1 DESCRIPTION
+
+The default RAND API implementation (RAND_OpenSSL()) utilizes three
+shared DRBG instances which are accessed via the RAND API:
+
+The I<public> and I<private> DRBG are thread-local instances, which are used
+by RAND_bytes() and RAND_priv_bytes(), respectively.
+The I<primary> DRBG is a global instance, which is not intended to be used
+directly, but is used internally to reseed the other two instances.
+
+These functions here provide access to the shared DRBG instances.
+
+=head1 RETURN VALUES
+
+RAND_get0_primary() returns a pointer to the I<primary> DRBG instance
+for the given OPENSSL_CTX B<ctx>.
+
+RAND_get0_public() returns a pointer to the I<public> DRBG instance
+for the given OPENSSL_CTX B<ctx>.
+
+RAND_get0_private() returns a pointer to the I<private> DRBG instance
+for the given OPENSSL_CTX B<ctx>.
+
+In all the above cases the B<ctx> parameter can
+be NULL in which case the default OPENSSL_CTX is used.
+
+=head1 NOTES
+
+It is not thread-safe to access the I<primary> DRBG instance.
+The I<public> and I<private> DRBG instance can be accessed safely, because
+they are thread-local. Note however, that changes to these two instances
+apply only to the current thread.
+
+For that reason it is recommended not to change the settings of these
+three instances directly.
+Instead, an application should change the default settings for new DRBG instances
+at initialization time, before creating additional threads.
+
+During initialization, it is possible to change the reseed interval
+and reseed time interval.
+It is also possible to exchange the reseeding callbacks entirely.
+
+=head1 SEE ALSO
+
+L<EVP_RAND(3)>
+
+=head1 HISTORY
+
+These functions were added in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/RAND_DRBG.pod b/doc/man7/EVP_RAND.pod
similarity index 77%
rename from doc/man7/RAND_DRBG.pod
rename to doc/man7/EVP_RAND.pod
index 8b91505000..08f48fdc45 100644
--- a/doc/man7/RAND_DRBG.pod
+++ b/doc/man7/EVP_RAND.pod
@@ -2,30 +2,31 @@
 
 =head1 NAME
 
-RAND_DRBG - the deterministic random bit generator
+EVP_RAND - the random bit generator
 
 =head1 SYNOPSIS
 
- #include <openssl/rand_drbg.h>
+ #include <openssl/evp.h>
+ #include <rand.h>
 
 =head1 DESCRIPTION
 
-The default OpenSSL RAND method is based on the RAND_DRBG class,
-which implements a deterministic random bit generator (DRBG).
-A DRBG is a certain type of cryptographically-secure pseudo-random
-number generator (CSPRNG), which is described in
-[NIST SP 800-90A Rev. 1].
+The default OpenSSL RAND method is based on the EVP_RAND classes to provide
+non-deterministic inputs to other cryptographic algorithms.
 
 While the RAND API is the 'frontend' which is intended to be used by
-application developers for obtaining random bytes, the RAND_DRBG API
+application developers for obtaining random bytes, the EVP_RAND API
 serves as the 'backend', connecting the former with the operating
-systems's entropy sources and providing access to the DRBG's
-configuration parameters.
+systems's entropy sources and providing access to deterministic random
+bit generators (DRBG) and their configuration parameters.
+A DRBG is a certain type of cryptographically-secure pseudo-random
+number generator (CSPRNG), which is described in
+[NIST SP 800-90A Rev. 1].
 
 =head2 Disclaimer
 
 Unless you have very specific requirements for your random generator,
-it is in general not necessary to utilize the RAND_DRBG API directly.
+it is in general not necessary to utilize the EVP_RAND API directly.
 The usual way to obtain random bytes is to use L<RAND_bytes(3)> or
 L<RAND_priv_bytes(3)>, see also L<RAND(7)>.
 
@@ -46,6 +47,8 @@ to be locked).
 =item *
 
 You need to integrate a previously unsupported entropy source.
+Refer to L<provider-rand(7)> for the implementation details to support adding
+randomness sources to EVP_RAND.
 
 =item *
 
@@ -55,30 +58,33 @@ implementation to meet specific requirements.
 =back
 
 
-=head1 CHAINING
+=head1 EVP_RAND CHAINING
 
-A DRBG instance can be used as the entropy source of another DRBG instance,
-provided it has itself access to a valid entropy source.
-The DRBG instance which acts as entropy source is called the I<parent> DRBG,
-the other instance the I<child> DRBG.
+An EVP_RAND instance can be used as the entropy source of another
+EVP_RAND instance, provided it has itself access to a valid entropy source.
+The EVP_RAND instance which acts as entropy source is called the I<parent>,
+the other instance the I<child>.  Typically, the child will be a DRBG because
+it does not make sense for the child to be an entropy source.
 
-This is called chaining. A chained DRBG instance is created by passing
-a pointer to the parent DRBG as argument to the RAND_DRBG_new() call.
+This is called chaining. A chained EVP_RAND instance is created by passing
+a pointer to the parent EVP_RAND_CTX as argument to the EVP_RAND_CTX_new() call.
 It is possible to create chains of more than two DRBG in a row.
+It is also possible to use any EVP_RAND_CTX class as the parent, however, only
+a live entropy source may ignore and not use its parent.
 
 =head1 THE THREE SHARED DRBG INSTANCES
 
 Currently, there are three shared DRBG instances,
-the <master>, <public>, and <private> DRBG.
-While the <master> DRBG is a single global instance, the <public> and <private>
+the <primary>, <public>, and <private> DRBG.
+While the <primary> DRBG is a single global instance, the <public> and <private>
 DRBG are created per thread and accessed through thread-local storage.
 
 By default, the functions L<RAND_bytes(3)> and L<RAND_priv_bytes(3)> use
 the thread-local <public> and <private> DRBG instance, respectively.
 
-=head2 The <master> DRBG instance
+=head2 The <primary> DRBG instance
 
-The <master> DRBG is not used directly by the application, only for reseeding
+The <primary> DRBG is not used directly by the application, only for reseeding
 the two other two DRBG instances. It reseeds itself by obtaining randomness
 either from os entropy sources or by consuming randomness which was added
 previously by L<RAND_add(3)>.
@@ -94,18 +100,16 @@ This instance is used per default by L<RAND_priv_bytes(3)>
 
 =head1 LOCKING
 
-The <master> DRBG is intended to be accessed concurrently for reseeding
+The <primary> DRBG is intended to be accessed concurrently for reseeding
 by its child DRBG instances. The necessary locking is done internally.
-It is I<not> thread-safe to access the <master> DRBG directly via the
-RAND_DRBG interface.
+It is I<not> thread-safe to access the <primary> DRBG directly via the
+EVP_RAND interface.
 The <public> and <private> DRBG are thread-local, i.e. there is an
 instance of each per thread. So they can safely be accessed without
-locking via the RAND_DRBG interface.
+locking via the EVP_RAND interface.
 
 Pointers to these DRBG instances can be obtained using
-RAND_DRBG_get0_master(),
-RAND_DRBG_get0_public(), and
-RAND_DRBG_get0_private(), respectively.
+RAND_get0_primary(), RAND_get0_public() and RAND_get0_private(), respectively.
 Note that it is not allowed to store a pointer to one of the thread-local
 DRBG instances in a variable or other memory location where it will be
 accessed and used by multiple threads.
@@ -114,9 +118,9 @@ All other DRBG instances created by an application don't support locking,
 because they are intended to be used by a single thread.
 Instead of accessing a single DRBG instance concurrently from different
 threads, it is recommended to instantiate a separate DRBG instance per
-thread. Using the <master> DRBG as entropy source for multiple DRBG
+thread. Using the <primary> DRBG as entropy source for multiple DRBG
 instances on different threads is thread-safe, because the DRBG instance
-will lock the <master> DRBG automatically for obtaining random input.
+will lock the <primary> DRBG automatically for obtaining random input.
 
 =head1 THE OVERALL PICTURE
 
@@ -128,7 +132,7 @@ together and are being used.
                +--------------------+
                         |
                         v           +-----------------------------+
-      RAND_add() ==> <master>     <-| shared DRBG (with locking)  |
+     RAND_add() ==> <primary>     <-| shared DRBG (with locking)  |
                       /   \         +-----------------------------+
                      /     \              +---------------------------+
               <public>     <private>   <- | per-thread DRBG instances |
@@ -145,10 +149,9 @@ together and are being used.
 
 The usual way to obtain random bytes is to call RAND_bytes(...) or
 RAND_priv_bytes(...). These calls are roughly equivalent to calling
-RAND_DRBG_bytes(<public>, ...) and RAND_DRBG_bytes(<private>, ...),
-respectively. The method L<RAND_DRBG_bytes(3)> is a convenience method
-wrapping the L<RAND_DRBG_generate(3)> function, which serves the actual
-request for random data.
+EVP_RAND_generate(<public>, ...) and
+EVP_RAND_generate(<private>, ...),
+respectively.
 
 =head1 RESEEDING
 
@@ -163,7 +166,7 @@ the reseeding process in more detail.
 
 =head2 Automatic Reseeding
 
-Before satisfying a generate request (L<RAND_DRBG_generate(3)>), the DRBG
+Before satisfying a generate request (L<EVP_RAND_generate(3)>), the DRBG
 reseeds itself automatically, if one of the following conditions holds:
 
 - the DRBG was not instantiated (=seeded) yet or has been uninstantiated.
@@ -187,7 +190,8 @@ from the error as soon as the entropy source is available again.
 
 In addition to automatic reseeding, the caller can request an immediate
 reseeding of the DRBG with fresh entropy by setting the
-I<prediction resistance> parameter to 1 when calling L<RAND_DRBG_generate(3)>.
+I<prediction resistance> parameter to 1 when calling
+L<EVP_RAND_generate(3)>.
 
 The document [NIST SP 800-90C] describes prediction resistance requests
 in detail and imposes strict conditions on the entropy sources that are
@@ -197,13 +201,12 @@ entropy from a live entropy source (section 5.5.2 of [NIST SP 800-90C]).
 It is up to the user to ensure that a live entropy source is configured
 and is being used.
 
-
 For the three shared DRBGs (and only for these) there is another way to
 reseed them manually:
 If L<RAND_add(3)> is called with a positive I<randomness> argument
-(or L<RAND_seed(3)>), then this will immediately reseed the <master> DRBG.
+(or L<RAND_seed(3)>), then this will immediately reseed the <primary> DRBG.
 The <public> and <private> DRBG will detect this on their next generate
-call and reseed, pulling randomness from <master>.
+call and reseed, pulling randomness from <primary>.
 
 The last feature has been added to support the common practice used with
 previous OpenSSL versions to call RAND_add() before calling RAND_bytes().
@@ -216,23 +219,22 @@ which comes from a trusted source, and I<additional input>',
 which can optionally be added by the user and is considered untrusted.
 It is possible to add I<additional input> not only during reseeding,
 but also for every generate request.
-This is in fact done automatically by L<RAND_DRBG_bytes(3)>.
 
 
 =head2 Configuring the Random Seed Source
 
 In most cases OpenSSL will automatically choose a suitable seed source
-for automatically seeding and reseeding its <master> DRBG. In some cases
+for automatically seeding and reseeding its <primary> DRBG. In some cases
 however, it will be necessary to explicitly specify a seed source during
 configuration, using the --with-rand-seed option. For more information,
 see the INSTALL instructions. There are also operating systems where no
 seed source is available and automatic reseeding is disabled by default.
 
-The following two sections describe the reseeding process of the master
+The following two sections describe the reseeding process of the primary
 DRBG, depending on whether automatic reseeding is available or not.
 
 
-=head2 Reseeding the master DRBG with automatic seeding enabled
+=head2 Reseeding the primary DRBG with automatic seeding enabled
 
 Calling RAND_poll() or RAND_add() is not necessary, because the DRBG
 pulls the necessary entropy from its source automatically.
@@ -271,7 +273,7 @@ reseeding (Section 9.2). For that reason, the I<randomness>
 argument is ignored and the random bytes provided by the L<RAND_add(3)> and
 L<RAND_seed(3)> calls are treated as additional data.
 
-=head2 Reseeding the master DRBG with automatic seeding disabled
+=head2 Reseeding the primary DRBG with automatic seeding disabled
 
 Calling RAND_poll() will always fail.
 
@@ -286,20 +288,15 @@ I<security strength> of the DRBG, which is set to 256 by default.
 
 =head1 SEE ALSO
 
-L<RAND_DRBG_bytes(3)>,
-L<RAND_DRBG_generate(3)>,
-L<RAND_DRBG_reseed(3)>,
-L<RAND_DRBG_get0_master(3)>,
-L<RAND_DRBG_get0_public(3)>,
-L<RAND_DRBG_get0_private(3)>,
-L<RAND_DRBG_set_reseed_interval(3)>,
-L<RAND_DRBG_set_reseed_time_interval(3)>,
-L<RAND_DRBG_set_reseed_defaults(3)>,
-L<RAND(7)>,
+L<RAND(7)>, L<EVP_RAND(3)>
+
+=head1 HISTORY
+
+This functionality was added in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man7/RAND.pod b/doc/man7/RAND.pod
index e253e9025d..d5fa154224 100644
--- a/doc/man7/RAND.pod
+++ b/doc/man7/RAND.pod
@@ -33,11 +33,12 @@ is available or the trusted source(s) temporarily fail to provide sufficient
 random seed material.
 In this case the CSPRNG enters an error state and ceases to provide output,
 until it is able to recover from the error by reseeding itself.
-For more details on reseeding and error recovery, see L<RAND_DRBG(7)>.
+For more details on reseeding and error recovery, see L<EVP_RAND(7)>.
 
 For values that should remain secret, you can use L<RAND_priv_bytes(3)>
 instead.
-This method does not provide 'better' randomness, it uses the same type of CSPRNG.
+This method does not provide 'better' randomness, it uses the same type of
+CSPRNG.
 The intention behind using a dedicated CSPRNG exclusively for private
 values is that none of its output should be visible to an attacker (e.g.,
 used as salt value), in order to reveal as little information as
@@ -45,35 +46,31 @@ possible about its internal state, and that a compromise of the "public"
 CSPRNG instance will not affect the secrecy of these private values.
 
 In the rare case where the default implementation does not satisfy your special
-requirements, there are two options:
+requirements, the default RAND method can be replaced by your own RAND
+method using L<RAND_set_rand_method(3)>.
 
-=over 2
+Changing the default random generator should be necessary
+only in exceptional cases and is not recommended, unless you have a profound
+knowledge of cryptographic principles and understand the implications of your
+changes.
 
-=item *
+=head1 DEAFULT SETUP
 
-Replace the default RAND method by your own RAND method using
-L<RAND_set_rand_method(3)>.
+The default OpenSSL RAND method is based on the EVP_RAND deterministic random
+bit generator (DRBG) classes.
+A DRBG is a certain type of cryptographically-secure pseudo-random
+number generator (CSPRNG), which is described in [NIST SP 800-90A Rev. 1].
 
-=item *
-
-Modify the default settings of the OpenSSL RAND method by modifying the security
-parameters of the underlying DRBG, which is described in detail in L<RAND_DRBG(7)>.
-
-=back
-
-Changing the default random generator or its default parameters should be necessary
-only in exceptional cases and is not recommended, unless you have a profound knowledge
-of cryptographic principles and understand the implications of your changes.
 
 =head1 SEE ALSO
 
-L<RAND_add(3)>,
 L<RAND_bytes(3)>,
 L<RAND_priv_bytes(3)>,
 L<RAND_get_rand_method(3)>,
 L<RAND_set_rand_method(3)>,
 L<RAND_OpenSSL(3)>,
-L<RAND_DRBG(7)>
+L<EVP_RAND(3)>,
+L<RAND_get0_primary(3)>
 
 =head1 COPYRIGHT
 
diff --git a/doc/man7/provider-rand.pod b/doc/man7/provider-rand.pod
index d6e538ec87..8b310726ff 100644
--- a/doc/man7/provider-rand.pod
+++ b/doc/man7/provider-rand.pod
@@ -38,10 +38,6 @@ functions
  /* Random number generator functions: additional */
  size_t OSSL_FUNC_rand_nonce(void *ctx, unsigned char *out, size_t outlen,
                              int strength, size_t min_noncelen, size_t max_noncelen);
- void OSSL_FUNC_rand_set_callbacks(void *ctx, OSSL_CALLBACK *get_entropy,
-                                   OSSL_CALLBACK *cleanup_entropy,
-                                   OSSL_CALLBACK *get_nonce,
-                                   OSSL_CALLBACK *cleanup_nonce, void *arg);
  int OSSL_FUNC_rand_verify_zeroization(void *ctx);
 
  /* Context Locking */
@@ -114,14 +110,6 @@ OSSL_FUNC_rand_nonce() is used to generate a nonce of the given I<strength> with
 length from I<min_noncelen> to I<max_noncelen>. If the output buffer I<out> is
 NULL, the length of the nonce should be returned.
 
-OSSL_FUNC_rand_set_callbacks() is used to supply custom entropy and nonce callbacks.
-Instead of gathering seed material from its usual sources, the DRBG I<ctx>
-should call these functions.
-The I<get_entropy> and I<cleanup_entropy> callbacks obtain and release bytes
-of entropy.
-The I<get_nonce> and I<cleanup_nonce> functions obtain and release nonce bytes.
-In all cases, the additional argument I<arg> is passed to the callbacks.
-
 OSSL_FUNC_rand_verify_zeroization() is used to determine if the internal state of the
 DRBG is zero.  This capability is mandated by NIST as part of the self
 tests, it is unlikely to be useful in other circumstances.
@@ -258,7 +246,7 @@ All of the remaining functions should return 1 for success or 0 on error.
 
 L<provider(7)>,
 L<RAND(7)>,
-L<RAND_DRBG(7)>
+L<EVP_RAND(7)>
 
 =head1 HISTORY
 
diff --git a/include/openssl/core_dispatch.h b/include/openssl/core_dispatch.h
index 98f71cf25b..a3f5107aff 100644
--- a/include/openssl/core_dispatch.h
+++ b/include/openssl/core_dispatch.h
@@ -374,8 +374,7 @@ OSSL_CORE_MAKE_FUNC(int, kdf_set_ctx_params,
 # define OSSL_FUNC_RAND_GET_PARAMS                   14
 # define OSSL_FUNC_RAND_GET_CTX_PARAMS               15
 # define OSSL_FUNC_RAND_SET_CTX_PARAMS               16
-# define OSSL_FUNC_RAND_SET_CALLBACKS                17
-# define OSSL_FUNC_RAND_VERIFY_ZEROIZATION           18
+# define OSSL_FUNC_RAND_VERIFY_ZEROIZATION           17
 
 OSSL_CORE_MAKE_FUNC(void *,rand_newctx,
                     (void *provctx, void *parent,
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 57b6ff1f7c..0d21c035fe 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -1160,11 +1160,7 @@ int EVP_RAND_reseed(EVP_RAND_CTX *ctx, int prediction_resistance,
                     const unsigned char *addin, size_t addin_len);
 __owur int EVP_RAND_nonce(EVP_RAND_CTX *ctx, unsigned char *out, size_t outlen);
 __owur int EVP_RAND_enable_locking(EVP_RAND_CTX *ctx);
-int EVP_RAND_set_callbacks(EVP_RAND_CTX *ctx,
-                           OSSL_INOUT_CALLBACK *get_entropy,
-                           OSSL_CALLBACK *cleanup_entropy,
-                           OSSL_INOUT_CALLBACK *get_nonce,
-                           OSSL_CALLBACK *cleanup_nonce, void *arg);
+
 int EVP_RAND_verify_zeroization(EVP_RAND_CTX *ctx);
 unsigned int EVP_RAND_strength(EVP_RAND_CTX *ctx);
 int EVP_RAND_state(EVP_RAND_CTX *ctx);
diff --git a/include/openssl/rand.h b/include/openssl/rand.h
index d2db26a8ae..e641675fa6 100644
--- a/include/openssl/rand.h
+++ b/include/openssl/rand.h
@@ -20,11 +20,22 @@
 # include <openssl/types.h>
 # include <openssl/e_os2.h>
 # include <openssl/randerr.h>
+# include <openssl/evp.h>
 
 #ifdef  __cplusplus
 extern "C" {
 #endif
 
+/*
+ * Default security strength (in the sense of [NIST SP 800-90Ar1])
+ *
+ * NIST SP 800-90Ar1 supports the strength of the DRBG being smaller than that
+ * of the cipher by collecting less entropy. The current DRBG implementation
+ * does not take RAND_DRBG_STRENGTH into account and sets the strength of the
+ * DRBG to that of the cipher.
+ */
+# define RAND_DRBG_STRENGTH             256
+
 struct rand_meth_st {
     int (*seed) (const void *buf, int num);
     int (*bytes) (unsigned char *buf, int num);
@@ -56,6 +67,10 @@ int RAND_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num);
 
 DEPRECATEDIN_1_1_0(int RAND_pseudo_bytes(unsigned char *buf, int num))
 
+EVP_RAND_CTX *RAND_get0_primary(OPENSSL_CTX *ctx);
+EVP_RAND_CTX *RAND_get0_public(OPENSSL_CTX *ctx);
+EVP_RAND_CTX *RAND_get0_private(OPENSSL_CTX *ctx);
+
 void RAND_seed(const void *buf, int num);
 void RAND_keep_random_devices_open(int keep);
 
diff --git a/include/openssl/rand_drbg.h b/include/openssl/rand_drbg.h
deleted file mode 100644
index afc4d43eb8..0000000000
--- a/include/openssl/rand_drbg.h
+++ /dev/null
@@ -1,168 +0,0 @@
-/*
- * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#ifndef OPENSSL_RAND_DRBG_H
-# define OPENSSL_RAND_DRBG_H
-# pragma once
-
-# include <openssl/macros.h>
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-#  define HEADER_DRBG_RAND_H
-# endif
-
-# include <time.h>
-# include <openssl/types.h>
-# include <openssl/obj_mac.h>
-
-/*
- * RAND_DRBG  flags
- *
- * Note: if new flags are added, the constant `rand_drbg_used_flags`
- *       in drbg_lib.c needs to be updated accordingly.
- */
-
-/* In CTR mode, disable derivation function ctr_df */
-# define RAND_DRBG_FLAG_CTR_NO_DF            0x1
-/*
- * This flag is only used when a digest NID is specified (i.e: not a CTR cipher)
- * Selects DRBG_HMAC if this is set otherwise use DRBG_HASH.
- */
-# define RAND_DRBG_FLAG_HMAC                 0x2
-
-/* Used by RAND_DRBG_set_defaults() to set the primary DRBG type and flags. */
-# define RAND_DRBG_FLAG_PRIMARY              0x4
-/* Used by RAND_DRBG_set_defaults() to set the public DRBG type and flags. */
-# define RAND_DRBG_FLAG_PUBLIC               0x8
-/* Used by RAND_DRBG_set_defaults() to set the private DRBG type and flags. */
-# define RAND_DRBG_FLAG_PRIVATE              0x10
-
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-/* This #define was replaced by an internal constant and should not be used. */
-#  define RAND_DRBG_USED_FLAGS  (RAND_DRBG_FLAG_CTR_NO_DF)
-# endif
-
-/*
- * Default security strength (in the sense of [NIST SP 800-90Ar1])
- *
- * NIST SP 800-90Ar1 supports the strength of the DRBG being smaller than that
- * of the cipher by collecting less entropy. The current DRBG implementation
- * does not take RAND_DRBG_STRENGTH into account and sets the strength of the
- * DRBG to that of the cipher.
- *
- * RAND_DRBG_STRENGTH is currently only used for the legacy RAND
- * implementation.
- *
- * Currently supported ciphers are: NID_aes_128_ctr, NID_aes_192_ctr and
- * NID_aes_256_ctr.
- * The digest types for DRBG_hash or DRBG_hmac are: NID_sha1, NID_sha224,
- * NID_sha256, NID_sha384, NID_sha512, NID_sha512_224, NID_sha512_256,
- * NID_sha3_224, NID_sha3_256, NID_sha3_384 and NID_sha3_512.
- */
-# define RAND_DRBG_STRENGTH             256
-/* Default drbg type */
-# define RAND_DRBG_TYPE                 NID_aes_256_ctr
-/* Default drbg flags */
-# define RAND_DRBG_FLAGS                0
-
-
-# ifdef  __cplusplus
-extern "C" {
-# endif
-
-/*
- * Object lifetime functions.
- */
-RAND_DRBG *RAND_DRBG_new_ex(OPENSSL_CTX *ctx, int type, unsigned int flags,
-                            RAND_DRBG *parent);
-RAND_DRBG *RAND_DRBG_new(int type, unsigned int flags, RAND_DRBG *parent);
-DEPRECATEDIN_3_0(int RAND_DRBG_set(RAND_DRBG *drbg, int type,
-                                   unsigned int flags))
-int RAND_DRBG_set_defaults(int type, unsigned int flags);
-int RAND_DRBG_instantiate(RAND_DRBG *drbg,
-                          const unsigned char *pers, size_t perslen);
-int RAND_DRBG_uninstantiate(RAND_DRBG *drbg);
-void RAND_DRBG_free(RAND_DRBG *drbg);
-
-/*
- * Object "use" functions.
- */
-int RAND_DRBG_reseed(RAND_DRBG *drbg,
-                     const unsigned char *adin, size_t adinlen,
-                     int prediction_resistance);
-int RAND_DRBG_generate(RAND_DRBG *drbg, unsigned char *out, size_t outlen,
-                       int prediction_resistance,
-                       const unsigned char *adin, size_t adinlen);
-int RAND_DRBG_bytes(RAND_DRBG *drbg, unsigned char *out, size_t outlen);
-
-int RAND_DRBG_set_reseed_interval(RAND_DRBG *drbg, unsigned int interval);
-int RAND_DRBG_set_reseed_time_interval(RAND_DRBG *drbg, time_t interval);
-
-int RAND_DRBG_set_reseed_defaults(
-                                  unsigned int primary_reseed_interval,
-                                  unsigned int secondary_reseed_interval,
-                                  time_t primary_reseed_time_interval,
-                                  time_t secondary_reseed_time_interval
-                                  );
-
-RAND_DRBG *OPENSSL_CTX_get0_primary_drbg(OPENSSL_CTX *ctx);
-RAND_DRBG *OPENSSL_CTX_get0_public_drbg(OPENSSL_CTX *ctx);
-RAND_DRBG *OPENSSL_CTX_get0_private_drbg(OPENSSL_CTX *ctx);
-RAND_DRBG *RAND_DRBG_get0_master(void);
-RAND_DRBG *RAND_DRBG_get0_public(void);
-RAND_DRBG *RAND_DRBG_get0_private(void);
-
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-/* Retain legacy deprecated names */
-#  define RAND_DRBG_FLAG_MASTER        RAND_DRBG_FLAG_PRIMARY
-#  define OPENSSL_CTX_get0_master_drbg OPENSSL_CTX_get0_primary_drbg
-#  define RAND_DRBG_get0_master        RAND_DRBG_get0_master
-# endif
-
-/*
- * EXDATA
- */
-# define RAND_DRBG_get_ex_new_index(l, p, newf, dupf, freef) \
-    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RAND_DRBG, l, p, newf, dupf, freef)
-int RAND_DRBG_set_ex_data(RAND_DRBG *drbg, int idx, void *arg);
-void *RAND_DRBG_get_ex_data(const RAND_DRBG *drbg, int idx);
-
-/*
- * Callback function typedefs
- */
-typedef size_t (*RAND_DRBG_get_entropy_fn)(RAND_DRBG *drbg,
-                                           unsigned char **pout,
-                                           int entropy, size_t min_len,
-                                           size_t max_len,
-                                           int prediction_resistance);
-typedef void (*RAND_DRBG_cleanup_entropy_fn)(RAND_DRBG *ctx,
-                                             unsigned char *out, size_t outlen);
-typedef size_t (*RAND_DRBG_get_nonce_fn)(RAND_DRBG *drbg, unsigned char **pout,
-                                         int entropy, size_t min_len,
-                                         size_t max_len);
-typedef void (*RAND_DRBG_cleanup_nonce_fn)(RAND_DRBG *drbg,
-                                           unsigned char *out, size_t outlen);
-
-int RAND_DRBG_set_callbacks(RAND_DRBG *drbg,
-                            RAND_DRBG_get_entropy_fn get_entropy,
-                            RAND_DRBG_cleanup_entropy_fn cleanup_entropy,
-                            RAND_DRBG_get_nonce_fn get_nonce,
-                            RAND_DRBG_cleanup_nonce_fn cleanup_nonce);
-
-
-int RAND_DRBG_set_callback_data(RAND_DRBG *drbg, void *data);
-
-void *RAND_DRBG_get_callback_data(RAND_DRBG *drbg);
-
-int RAND_DRBG_verify_zeroization(RAND_DRBG *drbg);
-
-# ifdef  __cplusplus
-}
-# endif
-
-#endif
diff --git a/include/openssl/randerr.h b/include/openssl/randerr.h
index 2764894b0c..3eef9afdd2 100644
--- a/include/openssl/randerr.h
+++ b/include/openssl/randerr.h
@@ -98,6 +98,8 @@ int ERR_load_RAND_strings(void);
 # define RAND_R_SELFTEST_FAILURE                          119
 # define RAND_R_TOO_LITTLE_NONCE_REQUESTED                135
 # define RAND_R_TOO_MUCH_NONCE_REQUESTED                  136
+# define RAND_R_UNABLE_TO_CREATE_DRBG                     143
+# define RAND_R_UNABLE_TO_FETCH_DRBG                      144
 # define RAND_R_UNABLE_TO_GET_PARENT_RESEED_PROP_COUNTER  141
 # define RAND_R_UNABLE_TO_GET_PARENT_STRENGTH             138
 # define RAND_R_UNABLE_TO_GET_RESEED_PROP_CTR             142
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index 77cd75fcdf..771f23c667 100644
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -12,7 +12,7 @@
 #include <openssl/params.h>
 #include <openssl/obj_mac.h> /* NIDs used by ossl_prov_util_nid_to_name() */
 #include <openssl/fips_names.h>
-#include <openssl/rand_drbg.h> /* OPENSSL_CTX_get0_public_drbg() */
+#include <openssl/rand.h> /* RAND_get0_public() */
 #include "internal/cryptlib.h"
 #include "prov/implementations.h"
 #include "prov/provider_ctx.h"
@@ -642,7 +642,7 @@ int OSSL_provider_init(const OSSL_CORE_HANDLE *handle,
     }
 
     /* TODO(3.0): Tests will hang if this is removed */
-    (void)OPENSSL_CTX_get0_public_drbg(libctx);
+    (void)RAND_get0_public(libctx);
 
     *out = fips_dispatch_table;
     return 1;
diff --git a/providers/implementations/include/prov/rand_pool.h b/providers/implementations/include/prov/rand_pool.h
index f476604770..9c5c92e365 100644
--- a/providers/implementations/include/prov/rand_pool.h
+++ b/providers/implementations/include/prov/rand_pool.h
@@ -11,7 +11,7 @@
 # define OSSL_PROVIDER_RAND_POOL_H
 
 # include <stdio.h>
-# include <openssl/rand_drbg.h>
+# include <openssl/rand.h>
 
 /*
  * Maximum allocation size for RANDOM_POOL buffers
diff --git a/providers/implementations/rands/drbg.c b/providers/implementations/rands/drbg.c
index 929b32e708..593bb176c8 100644
--- a/providers/implementations/rands/drbg.c
+++ b/providers/implementations/rands/drbg.c
@@ -228,19 +228,7 @@ err:
 static void prov_drbg_cleanup_entropy(PROV_DRBG *drbg,
                                       unsigned char *out, size_t outlen)
 {
-    OSSL_PARAM params[3], *p = params;
-
-    if (drbg->get_entropy_fn != NULL) {
-        if (drbg->cleanup_entropy_fn != NULL) {
-            *p++ = OSSL_PARAM_construct_size_t(OSSL_DRBG_PARAM_SIZE,
-                                               &outlen);
-            *p++ = OSSL_PARAM_construct_octet_ptr(OSSL_DRBG_PARAM_RANDOM_DATA,
-                                                  (void **)&out, 0);
-            *p = OSSL_PARAM_construct_end();
-
-            drbg->cleanup_entropy_fn(params, drbg->callback_arg);
-        }
-    } else if (drbg->seed_pool == NULL) {
+    if (drbg->seed_pool == NULL) {
         OPENSSL_secure_clear_free(out, outlen);
     }
 }
@@ -249,28 +237,6 @@ static size_t get_entropy(PROV_DRBG *drbg, unsigned char **pout, int entropy,
                           size_t min_len, size_t max_len,
                           int prediction_resistance)
 {
-    if (drbg->get_entropy_fn != NULL) {
-        OSSL_PARAM params[6], *p = params;
-        OSSL_PARAM out[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
-
-        *p++ = OSSL_PARAM_construct_int(OSSL_DRBG_PARAM_ENTROPY_REQUIRED,
-                                        &entropy);
-        *p++ = OSSL_PARAM_construct_int(OSSL_DRBG_PARAM_PREDICTION_RESISTANCE,
-                                        &prediction_resistance);
-        *p++ = OSSL_PARAM_construct_size_t(OSSL_DRBG_PARAM_MIN_LENGTH,
-                                           &min_len);
-        *p++ = OSSL_PARAM_construct_size_t(OSSL_DRBG_PARAM_MAX_LENGTH,
-                                           &max_len);
-        *p = OSSL_PARAM_construct_end();
-        *out = OSSL_PARAM_construct_octet_ptr(OSSL_DRBG_PARAM_RANDOM_DATA,
-                                              (void **)pout, 0);
-
-        if (drbg->get_entropy_fn(params, out, drbg->callback_arg))
-            return out->return_size;
-        ERR_raise(ERR_LIB_PROV, PROV_R_UNABLE_TO_GET_ENTROPY);
-        return 0;
-    }
-
 #ifdef FIPS_MODULE
     if (drbg->parent == NULL)
         return prov_crngt_get_entropy(drbg, pout, entropy, min_len, max_len,
@@ -349,8 +315,6 @@ static size_t prov_drbg_get_nonce(PROV_DRBG *drbg,
     PROV_DRBG_NONCE_GLOBAL *dngbl
         = openssl_ctx_get_data(libctx, OPENSSL_CTX_DRBG_NONCE_INDEX,
                                &drbg_nonce_ossl_ctx_method);
-    OSSL_PARAM params[5], *p = params;
-    OSSL_PARAM out[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
     struct {
         void *instance;
         int count;
@@ -359,22 +323,6 @@ static size_t prov_drbg_get_nonce(PROV_DRBG *drbg,
     if (dngbl == NULL)
         return 0;
 
-    if (drbg->get_nonce_fn != NULL) {
-        *p++ = OSSL_PARAM_construct_int(OSSL_DRBG_PARAM_ENTROPY_REQUIRED,
-                                        &entropy);
-        *p++ = OSSL_PARAM_construct_size_t(OSSL_DRBG_PARAM_MIN_LENGTH,
-                                           &min_len);
-        *p++ = OSSL_PARAM_construct_size_t(OSSL_DRBG_PARAM_MAX_LENGTH,
-                                           &max_len);
-        *p = OSSL_PARAM_construct_end();
-        *out = OSSL_PARAM_construct_octet_ptr(OSSL_DRBG_PARAM_RANDOM_DATA,
-                                              (void **)pout, 0);
-
-        if (drbg->get_nonce_fn(params, out, drbg->callback_arg))
-            return out->return_size;
-        ERR_raise(ERR_LIB_PROV, PROV_R_UNABLE_TO_GET_NONCE);
-        return 0;
-    }
     if (drbg->parent != NULL) {
         if (drbg->parent_nonce != NULL) {
             n = drbg->parent_nonce(drbg->parent, NULL, 0, drbg->min_noncelen,
@@ -420,21 +368,7 @@ static size_t prov_drbg_get_nonce(PROV_DRBG *drbg,
 static void prov_drbg_clear_nonce(PROV_DRBG *drbg, unsigned char *nonce,
                                   size_t noncelen)
 {
-    OSSL_PARAM params[3], *p = params;
-
-    if (drbg->get_nonce_fn != NULL) {
-        if (drbg->cleanup_nonce_fn != NULL) {
-            *p++ = OSSL_PARAM_construct_size_t(OSSL_DRBG_PARAM_SIZE,
-                                               &noncelen);
-            *p++ = OSSL_PARAM_construct_octet_ptr(OSSL_DRBG_PARAM_RANDOM_DATA,
-                                                  (void **)&nonce, 0);
-            *p = OSSL_PARAM_construct_end();
-
-            drbg->cleanup_nonce_fn(params, drbg->callback_arg);
-        }
-    } else {
-        OPENSSL_clear_free(nonce, noncelen);
-    }
+    OPENSSL_clear_free(nonce, noncelen);
 }
 #else
 # define prov_drbg_clear_nonce(drbg, nonce, len) \
@@ -1015,22 +949,3 @@ int drbg_set_ctx_params(PROV_DRBG *drbg, const OSSL_PARAM params[])
         return 0;
     return 1;
 }
-
-int drbg_set_callbacks(void *vctx, OSSL_INOUT_CALLBACK *get_entropy_fn,
-                       OSSL_CALLBACK *cleanup_entropy_fn,
-                       OSSL_INOUT_CALLBACK *get_nonce_fn,
-                       OSSL_CALLBACK *cleanup_nonce_fn, void *arg)
-{
-    PROV_DRBG *drbg = vctx;
-
-    if (drbg->state != EVP_RAND_STATE_UNINITIALISED
-            || drbg->parent != NULL)
-        return 0;
-
-    drbg->get_entropy_fn = get_entropy_fn;
-    drbg->cleanup_entropy_fn = cleanup_entropy_fn;
-    drbg->get_nonce_fn = get_nonce_fn;
-    drbg->cleanup_nonce_fn = cleanup_nonce_fn;
-    drbg->callback_arg = arg;
-    return 1;
-}
diff --git a/providers/implementations/rands/drbg_ctr.c b/providers/implementations/rands/drbg_ctr.c
index 52c4a3368f..42362f988f 100644
--- a/providers/implementations/rands/drbg_ctr.c
+++ b/providers/implementations/rands/drbg_ctr.c
@@ -738,7 +738,6 @@ const OSSL_DISPATCH drbg_ctr_functions[] = {
     { OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS,
       (void(*)(void))drbg_ctr_gettable_ctx_params },
     { OSSL_FUNC_RAND_GET_CTX_PARAMS, (void(*)(void))drbg_ctr_get_ctx_params },
-    { OSSL_FUNC_RAND_SET_CALLBACKS, (void(*)(void))drbg_set_callbacks },
     { OSSL_FUNC_RAND_VERIFY_ZEROIZATION,
       (void(*)(void))drbg_ctr_verify_zeroization },
     { 0, NULL }
diff --git a/providers/implementations/rands/drbg_hash.c b/providers/implementations/rands/drbg_hash.c
index 8ff4263cb8..bec996f084 100644
--- a/providers/implementations/rands/drbg_hash.c
+++ b/providers/implementations/rands/drbg_hash.c
@@ -505,7 +505,6 @@ const OSSL_DISPATCH drbg_hash_functions[] = {
     { OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS,
       (void(*)(void))drbg_hash_gettable_ctx_params },
     { OSSL_FUNC_RAND_GET_CTX_PARAMS, (void(*)(void))drbg_hash_get_ctx_params },
-    { OSSL_FUNC_RAND_SET_CALLBACKS, (void(*)(void))drbg_set_callbacks },
     { OSSL_FUNC_RAND_VERIFY_ZEROIZATION,
       (void(*)(void))drbg_hash_verify_zeroization },
     { 0, NULL }
diff --git a/providers/implementations/rands/drbg_hmac.c b/providers/implementations/rands/drbg_hmac.c
index ced2e32b6e..041b6cbb07 100644
--- a/providers/implementations/rands/drbg_hmac.c
+++ b/providers/implementations/rands/drbg_hmac.c
@@ -408,7 +408,6 @@ const OSSL_DISPATCH drbg_hmac_functions[] = {
     { OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS,
       (void(*)(void))drbg_hmac_gettable_ctx_params },
     { OSSL_FUNC_RAND_GET_CTX_PARAMS, (void(*)(void))drbg_hmac_get_ctx_params },
-    { OSSL_FUNC_RAND_SET_CALLBACKS, (void(*)(void))drbg_set_callbacks },
     { OSSL_FUNC_RAND_VERIFY_ZEROIZATION,
       (void(*)(void))drbg_hmac_verify_zeroization },
     { 0, NULL }
diff --git a/providers/implementations/rands/drbg_local.h b/providers/implementations/rands/drbg_local.h
index 06e2e95a69..f5950967c5 100644
--- a/providers/implementations/rands/drbg_local.h
+++ b/providers/implementations/rands/drbg_local.h
@@ -219,15 +219,6 @@ int PROV_DRBG_generate(PROV_DRBG *drbg, unsigned char *out, size_t outlen,
                        unsigned int strength, int prediction_resistance,
                        const unsigned char *adin, size_t adinlen);
 
-/*
- * Entropy call back for the FIPS 140-2 section 4.9.2 Conditional Tests.
- * These need to be exposed for the unit tests.
- */
-int drbg_set_callbacks(void *vctx, OSSL_INOUT_CALLBACK *get_entropy_fn,
-                       OSSL_CALLBACK *cleanup_entropy_fn,
-                       OSSL_INOUT_CALLBACK *get_nonce_fn,
-                       OSSL_CALLBACK *cleanup_nonce_fn, void *arg);
-
 /* Verify that an array of numeric values is all zero */
 #define PROV_DRBG_VERYIFY_ZEROIZATION(v)    \
     {                                       \
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 3f621d5677..63a7433be4 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -18,7 +18,6 @@
 #include <openssl/objects.h>
 #include <openssl/x509v3.h>
 #include <openssl/rand.h>
-#include <openssl/rand_drbg.h>
 #include <openssl/ocsp.h>
 #include <openssl/dh.h>
 #include <openssl/engine.h>
diff --git a/test/build.info b/test/build.info
index a3e5857b99..d8a585e615 100644
--- a/test/build.info
+++ b/test/build.info
@@ -52,7 +52,7 @@ IF[{- !$disabled{tests} -}]
           cipherbytes_test \
           asn1_encode_test asn1_decode_test asn1_string_table_test \
           x509_time_test x509_dup_cert_test x509_check_cert_pkey_test \
-          recordlentest drbgtest drbg_cavs_test drbg_extra_test sslbuffertest \
+          recordlentest drbgtest sslbuffertest \
           time_offset_test pemtest ssl_cert_table_internal_test ciphername_test \
           http_test servername_test ocspapitest fatalerrtest tls13ccstest \
           sysdefaulttest errtest ssl_ctx_test gosttest \
@@ -372,16 +372,6 @@ IF[{- !$disabled{tests} -}]
   INCLUDE[drbgtest]=../include ../apps/include
   DEPEND[drbgtest]=../libcrypto.a libtestutil.a
 
-  SOURCE[drbg_cavs_test]=drbg_cavs_test.c drbg_cavs_data_ctr.c \
-                         drbg_cavs_data_hash.c drbg_cavs_data_hmac.c
-
-  INCLUDE[drbg_cavs_test]=../include ../apps/include . ..
-  DEPEND[drbg_cavs_test]=../libcrypto libtestutil.a
-
-  SOURCE[drbg_extra_test]=drbg_extra_test.c
-  INCLUDE[drbg_extra_test]=../include . .. ../apps/include
-  DEPEND[drbg_extra_test]=../libcrypto libtestutil.a
-
   SOURCE[x509_dup_cert_test]=x509_dup_cert_test.c
   INCLUDE[x509_dup_cert_test]=../include ../apps/include
   DEPEND[x509_dup_cert_test]=../libcrypto libtestutil.a
diff --git a/test/drbg_cavs_data_ctr.c b/test/drbg_cavs_data_ctr.c
deleted file mode 100644
index 52cec0d8f0..0000000000
--- a/test/drbg_cavs_data_ctr.c
+++ /dev/null
@@ -1,7769 +0,0 @@
-/*
- * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-/*
- * Subset of DRBG test vectors from:
- * https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/
- * The index in the names given below (e.g- kat1680)- refers to the CAVS index.
- */
-
-#include <openssl/obj_mac.h>
-#include "internal/nelem.h"
-#include "drbg_cavs_data.h"
-
-
-static const unsigned char kat1_nor_entropyin[] = {
-    0x89, 0x0e, 0xb0, 0x67, 0xac, 0xf7, 0x38, 0x2e, 0xff, 0x80, 0xb0, 0xc7,
-    0x3b, 0xc8, 0x72, 0xc6,
-};
-static const unsigned char kat1_nor_nonce[] = {
-    0xaa, 0xd4, 0x71, 0xef, 0x3e, 0xf1, 0xd2, 0x03,
-};
-static const unsigned char kat1_nor_persstr[] = {0};
-static const unsigned char kat1_nor_addin0[] = {0};
-static const unsigned char kat1_nor_addin1[] = {0};
-static const unsigned char kat1_nor_retbytes[] = {
-    0xa5, 0x51, 0x4e, 0xd7, 0x09, 0x5f, 0x64, 0xf3, 0xd0, 0xd3, 0xa5, 0x76,
-    0x03, 0x94, 0xab, 0x42, 0x06, 0x2f, 0x37, 0x3a, 0x25, 0x07, 0x2a, 0x6e,
-    0xa6, 0xbc, 0xfd, 0x84, 0x89, 0xe9, 0x4a, 0xf6, 0xcf, 0x18, 0x65, 0x9f,
-    0xea, 0x22, 0xed, 0x1c, 0xa0, 0xa9, 0xe3, 0x3f, 0x71, 0x8b, 0x11, 0x5e,
-    0xe5, 0x36, 0xb1, 0x28, 0x09, 0xc3, 0x1b, 0x72, 0xb0, 0x8d, 0xdd, 0x8b,
-    0xe1, 0x91, 0x0f, 0xa3,
-};
-static const struct drbg_kat_no_reseed kat1_nor_t = {
-    0, kat1_nor_entropyin, kat1_nor_nonce, kat1_nor_persstr,
-    kat1_nor_addin0, kat1_nor_addin1, kat1_nor_retbytes
-};
-static const struct drbg_kat kat1_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat1_nor_t
-};
-
-static const unsigned char kat2_nor_entropyin[] = {
-    0xc4, 0x7b, 0xe8, 0xe8, 0x21, 0x9a, 0x5a, 0x87, 0xc9, 0x40, 0x64, 0xa5,
-    0x12, 0x08, 0x9f, 0x2b,
-};
-static const unsigned char kat2_nor_nonce[] = {
-    0xf2, 0xa2, 0x3e, 0x63, 0x6a, 0xee, 0x75, 0xc6,
-};
-static const unsigned char kat2_nor_persstr[] = {0};
-static const unsigned char kat2_nor_addin0[] = {0};
-static const unsigned char kat2_nor_addin1[] = {0};
-static const unsigned char kat2_nor_retbytes[] = {
-    0x5a, 0x16, 0x50, 0xbb, 0x6d, 0x6a, 0x16, 0xf6, 0x04, 0x05, 0x91, 0xd5,
-    0x6a, 0xbc, 0xd5, 0xdd, 0x3d, 0xb8, 0x77, 0x2a, 0x9c, 0x75, 0xc4, 0x4d,
-    0x9f, 0xc6, 0x4d, 0x51, 0xb7, 0x33, 0xd4, 0xa6, 0x75, 0x9b, 0xd5, 0xa6,
-    0x4e, 0xc4, 0x23, 0x1a, 0x24, 0xe6, 0x62, 0xfd, 0xd4, 0x7c, 0x82, 0xdb,
-    0x63, 0xb2, 0x00, 0xda, 0xf8, 0xd0, 0x98, 0x56, 0x0e, 0xb5, 0xba, 0x7b,
-    0xf3, 0xf9, 0xab, 0xf7,
-};
-static const struct drbg_kat_no_reseed kat2_nor_t = {
-    1, kat2_nor_entropyin, kat2_nor_nonce, kat2_nor_persstr,
-    kat2_nor_addin0, kat2_nor_addin1, kat2_nor_retbytes
-};
-static const struct drbg_kat kat2_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat2_nor_t
-};
-
-static const unsigned char kat3_nor_entropyin[] = {
-    0x13, 0x0b, 0x8c, 0x3d, 0x2d, 0x7b, 0x6e, 0x02, 0xc4, 0x10, 0xb4, 0x16,
-    0x8e, 0x12, 0x2c, 0x38,
-};
-static const unsigned char kat3_nor_nonce[] = {
-    0x79, 0xa6, 0x74, 0xc5, 0xb2, 0xc5, 0x1a, 0xa9,
-};
-static const unsigned char kat3_nor_persstr[] = {0};
-static const unsigned char kat3_nor_addin0[] = {0};
-static const unsigned char kat3_nor_addin1[] = {0};
-static const unsigned char kat3_nor_retbytes[] = {
-    0x57, 0xe8, 0xa1, 0xe5, 0x78, 0xed, 0xe1, 0xc6, 0x68, 0x79, 0xc4, 0x30,
-    0xdf, 0x72, 0x64, 0x35, 0xd5, 0x1a, 0x36, 0x9a, 0x0f, 0xe5, 0x9a, 0x03,
-    0x58, 0xd1, 0xde, 0x35, 0x2d, 0x42, 0x80, 0xfd, 0x7b, 0x22, 0x5f, 0x5f,
-    0x38, 0x6a, 0x4f, 0xcf, 0x12, 0xf7, 0x27, 0x94, 0xad, 0x0f, 0x37, 0x57,
-    0xfb, 0x25, 0xde, 0xba, 0x3c, 0x75, 0x12, 0xce, 0x4d, 0x37, 0x33, 0xc7,
-    0xee, 0x06, 0x70, 0x43,
-};
-static const struct drbg_kat_no_reseed kat3_nor_t = {
-    2, kat3_nor_entropyin, kat3_nor_nonce, kat3_nor_persstr,
-    kat3_nor_addin0, kat3_nor_addin1, kat3_nor_retbytes
-};
-static const struct drbg_kat kat3_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat3_nor_t
-};
-
-static const unsigned char kat4_nor_entropyin[] = {
-    0x04, 0xd2, 0x41, 0x45, 0x28, 0x76, 0x64, 0xf6, 0x76, 0x2b, 0x5d, 0x2a,
-    0x10, 0x2a, 0xc6, 0x03,
-};
-static const unsigned char kat4_nor_nonce[] = {
-    0xec, 0xac, 0x63, 0xe1, 0x21, 0x7e, 0xe3, 0x35,
-};
-static const unsigned char kat4_nor_persstr[] = {0};
-static const unsigned char kat4_nor_addin0[] = {0};
-static const unsigned char kat4_nor_addin1[] = {0};
-static const unsigned char kat4_nor_retbytes[] = {
-    0xfa, 0x5e, 0x74, 0x6d, 0xec, 0xd6, 0x80, 0x1e, 0xb7, 0x08, 0x3b, 0x6f,
-    0x0e, 0x72, 0x43, 0x2e, 0x1f, 0xd4, 0x24, 0x31, 0x04, 0xf7, 0x48, 0xd0,
-    0xf1, 0x90, 0x83, 0x92, 0x3b, 0x95, 0x55, 0x68, 0x8f, 0x43, 0x14, 0x6d,
-    0x5a, 0xce, 0xa9, 0x62, 0xda, 0x01, 0x23, 0x1d, 0x9e, 0x5f, 0xaf, 0xf0,
-    0xe8, 0x1f, 0x3d, 0x39, 0x4a, 0xce, 0x3a, 0x34, 0x54, 0x53, 0x6d, 0x72,
-    0x65, 0x75, 0x04, 0x1f,
-};
-static const struct drbg_kat_no_reseed kat4_nor_t = {
-    3, kat4_nor_entropyin, kat4_nor_nonce, kat4_nor_persstr,
-    kat4_nor_addin0, kat4_nor_addin1, kat4_nor_retbytes
-};
-static const struct drbg_kat kat4_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat4_nor_t
-};
-
-static const unsigned char kat5_nor_entropyin[] = {
-    0xae, 0xde, 0x4e, 0x61, 0x35, 0x56, 0xb1, 0xd5, 0xa3, 0x0f, 0xce, 0x26,
-    0x1f, 0xbb, 0x82, 0x0c,
-};
-static const unsigned char kat5_nor_nonce[] = {
-    0x39, 0xac, 0xba, 0x03, 0xc5, 0xf1, 0x0a, 0xf4,
-};
-static const unsigned char kat5_nor_persstr[] = {0};
-static const unsigned char kat5_nor_addin0[] = {0};
-static const unsigned char kat5_nor_addin1[] = {0};
-static const unsigned char kat5_nor_retbytes[] = {
-    0x23, 0x2c, 0x44, 0xb8, 0x19, 0xb8, 0x8f, 0x1a, 0xeb, 0x83, 0xf2, 0x03,
-    0x4f, 0x84, 0x2d, 0x5a, 0x00, 0xf0, 0x30, 0x15, 0x05, 0xd2, 0xaa, 0x69,
-    0xaa, 0xec, 0xb3, 0xcb, 0x14, 0xbc, 0xb1, 0x58, 0x75, 0xe0, 0xfd, 0x60,
-    0x07, 0x1a, 0x80, 0xf6, 0x26, 0x2d, 0xce, 0xbc, 0xf4, 0x1a, 0x0e, 0x14,
-    0x76, 0xd9, 0x6f, 0x40, 0x97, 0x12, 0xd8, 0x28, 0xae, 0x31, 0x3a, 0x9d,
-    0x28, 0xec, 0x2d, 0xee,
-};
-static const struct drbg_kat_no_reseed kat5_nor_t = {
-    4, kat5_nor_entropyin, kat5_nor_nonce, kat5_nor_persstr,
-    kat5_nor_addin0, kat5_nor_addin1, kat5_nor_retbytes
-};
-static const struct drbg_kat kat5_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat5_nor_t
-};
-
-static const unsigned char kat6_nor_entropyin[] = {
-    0x9f, 0x90, 0x54, 0x1c, 0x10, 0xd4, 0xb7, 0xc0, 0x89, 0xfe, 0x68, 0x8e,
-    0xa3, 0xef, 0x4f, 0xc6,
-};
-static const unsigned char kat6_nor_nonce[] = {
-    0x1e, 0xac, 0x1c, 0x22, 0x03, 0x6e, 0x2b, 0x22,
-};
-static const unsigned char kat6_nor_persstr[] = {0};
-static const unsigned char kat6_nor_addin0[] = {0};
-static const unsigned char kat6_nor_addin1[] = {0};
-static const unsigned char kat6_nor_retbytes[] = {
-    0x71, 0xaf, 0x3f, 0xdf, 0x67, 0x34, 0x04, 0x16, 0x3b, 0x06, 0x73, 0x7e,
-    0x0f, 0x39, 0x91, 0x5f, 0xae, 0xc2, 0x18, 0x21, 0x81, 0x6c, 0x31, 0x42,
-    0xe8, 0x0a, 0x50, 0x3c, 0x70, 0xcb, 0x2e, 0xdd, 0x46, 0x8c, 0x3f, 0x03,
-    0xcb, 0x1f, 0x8a, 0x2f, 0x92, 0x48, 0x63, 0x5b, 0x63, 0xd7, 0xb8, 0xf1,
-    0x9e, 0x9e, 0x11, 0xca, 0xf0, 0xab, 0x0c, 0x3d, 0x2f, 0xf9, 0xc7, 0x13,
-    0x21, 0xca, 0xc1, 0x54,
-};
-static const struct drbg_kat_no_reseed kat6_nor_t = {
-    5, kat6_nor_entropyin, kat6_nor_nonce, kat6_nor_persstr,
-    kat6_nor_addin0, kat6_nor_addin1, kat6_nor_retbytes
-};
-static const struct drbg_kat kat6_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat6_nor_t
-};
-
-static const unsigned char kat7_nor_entropyin[] = {
-    0x3b, 0x8a, 0x18, 0x1c, 0xea, 0x83, 0x90, 0xd5, 0xd7, 0xa4, 0xe6, 0x51,
-    0x5c, 0xf9, 0x2e, 0x3e,
-};
-static const unsigned char kat7_nor_nonce[] = {
-    0x37, 0xf4, 0xd1, 0x74, 0x87, 0x14, 0x34, 0x5b,
-};
-static const unsigned char kat7_nor_persstr[] = {0};
-static const unsigned char kat7_nor_addin0[] = {0};
-static const unsigned char kat7_nor_addin1[] = {0};
-static const unsigned char kat7_nor_retbytes[] = {
-    0xd6, 0xfd, 0x0f, 0xfb, 0x10, 0x85, 0x0e, 0xb6, 0xeb, 0x70, 0x50, 0xe6,
-    0x1e, 0xac, 0x00, 0xd4, 0x72, 0xf6, 0x5c, 0xd3, 0xd9, 0x35, 0x08, 0x14,
-    0x77, 0xfe, 0x44, 0xaa, 0x85, 0x69, 0x4e, 0x12, 0x0a, 0xb5, 0xa1, 0xca,
-    0x1f, 0xa1, 0x98, 0xaf, 0x76, 0xdf, 0xa8, 0xd0, 0xab, 0xdf, 0x53, 0xe8,
-    0x5a, 0xa8, 0xc8, 0x7f, 0xed, 0x0a, 0x8c, 0x24, 0x16, 0x39, 0x43, 0xb9,
-    0x6d, 0x80, 0xaa, 0xfb,
-};
-static const struct drbg_kat_no_reseed kat7_nor_t = {
-    6, kat7_nor_entropyin, kat7_nor_nonce, kat7_nor_persstr,
-    kat7_nor_addin0, kat7_nor_addin1, kat7_nor_retbytes
-};
-static const struct drbg_kat kat7_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat7_nor_t
-};
-
-static const unsigned char kat8_nor_entropyin[] = {
-    0x85, 0x4c, 0xaa, 0x2a, 0x74, 0xf3, 0xf4, 0x3b, 0x6a, 0xbd, 0x80, 0x6d,
-    0x67, 0x48, 0xed, 0x80,
-};
-static const unsigned char kat8_nor_nonce[] = {
-    0x0c, 0xbd, 0x13, 0x72, 0xbe, 0xb6, 0x27, 0x36,
-};
-static const unsigned char kat8_nor_persstr[] = {0};
-static const unsigned char kat8_nor_addin0[] = {0};
-static const unsigned char kat8_nor_addin1[] = {0};
-static const unsigned char kat8_nor_retbytes[] = {
-    0x46, 0x53, 0x40, 0x28, 0x16, 0x5f, 0xfe, 0x28, 0x45, 0xa9, 0x72, 0x62,
-    0x7e, 0x67, 0xe1, 0x53, 0x51, 0x0c, 0xa1, 0x88, 0x0e, 0x6a, 0x3a, 0xd3,
-    0x1f, 0xde, 0xe7, 0x1f, 0xf2, 0x40, 0xd3, 0x27, 0x86, 0x24, 0xb3, 0x1f,
-    0x2d, 0x38, 0x6d, 0x7b, 0x22, 0x28, 0xce, 0xd6, 0x24, 0xa4, 0x2e, 0x7a,
-    0x3b, 0x07, 0x48, 0x0b, 0x23, 0x23, 0x16, 0x6c, 0x18, 0xd1, 0xac, 0x0f,
-    0x60, 0x00, 0x2e, 0xc4,
-};
-static const struct drbg_kat_no_reseed kat8_nor_t = {
-    7, kat8_nor_entropyin, kat8_nor_nonce, kat8_nor_persstr,
-    kat8_nor_addin0, kat8_nor_addin1, kat8_nor_retbytes
-};
-static const struct drbg_kat kat8_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat8_nor_t
-};
-
-static const unsigned char kat9_nor_entropyin[] = {
-    0x87, 0xe1, 0xc5, 0x32, 0x99, 0x7f, 0x57, 0xa3, 0x5c, 0x28, 0x6d, 0xe8,
-    0x64, 0xbf, 0xf2, 0x64,
-};
-static const unsigned char kat9_nor_nonce[] = {
-    0xa3, 0x9e, 0x98, 0xdb, 0x6c, 0x10, 0x78, 0x7f,
-};
-static const unsigned char kat9_nor_persstr[] = {0};
-static const unsigned char kat9_nor_addin0[] = {0};
-static const unsigned char kat9_nor_addin1[] = {0};
-static const unsigned char kat9_nor_retbytes[] = {
-    0x2c, 0x14, 0x7e, 0x24, 0x11, 0x9a, 0xd8, 0xd4, 0xb2, 0xed, 0x61, 0xc1,
-    0x53, 0xd0, 0x50, 0xc9, 0x24, 0xff, 0x59, 0x75, 0x15, 0xf1, 0x17, 0x3a,
-    0x3d, 0xf4, 0x4b, 0x2c, 0x84, 0x28, 0xef, 0x89, 0x0e, 0xb9, 0xde, 0xf3,
-    0xe4, 0x78, 0x04, 0xb2, 0xfd, 0x9b, 0x35, 0x7f, 0xe1, 0x3f, 0x8a, 0x3e,
-    0x10, 0xc8, 0x67, 0x0a, 0xf9, 0xdf, 0x2d, 0x6c, 0x96, 0xfb, 0xb2, 0xb8,
-    0xcb, 0x2d, 0xd6, 0xb0,
-};
-static const struct drbg_kat_no_reseed kat9_nor_t = {
-    8, kat9_nor_entropyin, kat9_nor_nonce, kat9_nor_persstr,
-    kat9_nor_addin0, kat9_nor_addin1, kat9_nor_retbytes
-};
-static const struct drbg_kat kat9_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat9_nor_t
-};
-
-static const unsigned char kat10_nor_entropyin[] = {
-    0x2f, 0xc6, 0x23, 0x42, 0x90, 0x29, 0xc9, 0x6e, 0xde, 0xf6, 0x16, 0x62,
-    0x47, 0xb0, 0x8c, 0xb0,
-};
-static const unsigned char kat10_nor_nonce[] = {
-    0x99, 0x82, 0x66, 0x33, 0x55, 0x58, 0x27, 0x88,
-};
-static const unsigned char kat10_nor_persstr[] = {0};
-static const unsigned char kat10_nor_addin0[] = {0};
-static const unsigned char kat10_nor_addin1[] = {0};
-static const unsigned char kat10_nor_retbytes[] = {
-    0x55, 0x96, 0xcb, 0x16, 0xf3, 0xbe, 0x85, 0x52, 0xc1, 0xe5, 0xc1, 0x64,
-    0xd5, 0x40, 0xcb, 0x1f, 0xaf, 0x4b, 0xea, 0x87, 0x33, 0xb6, 0x0a, 0x8a,
-    0xd0, 0xc4, 0x06, 0x26, 0x25, 0x65, 0x48, 0xc7, 0xaa, 0x96, 0xd1, 0xd2,
-    0x72, 0x9d, 0x26, 0xf0, 0x08, 0x73, 0x1f, 0xc3, 0x93, 0x07, 0xbe, 0x5b,
-    0xcd, 0x20, 0x81, 0xc6, 0x9e, 0x31, 0x4e, 0x0c, 0x73, 0xe3, 0xd0, 0xfd,
-    0x1d, 0x90, 0x58, 0x28,
-};
-static const struct drbg_kat_no_reseed kat10_nor_t = {
-    9, kat10_nor_entropyin, kat10_nor_nonce, kat10_nor_persstr,
-    kat10_nor_addin0, kat10_nor_addin1, kat10_nor_retbytes
-};
-static const struct drbg_kat kat10_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat10_nor_t
-};
-
-static const unsigned char kat11_nor_entropyin[] = {
-    0x98, 0xab, 0x8b, 0x4e, 0xaf, 0xab, 0x6e, 0x53, 0x6f, 0x78, 0x45, 0xab,
-    0xec, 0x13, 0x78, 0x08,
-};
-static const unsigned char kat11_nor_nonce[] = {
-    0xdb, 0xa9, 0x44, 0xc9, 0x8b, 0x31, 0x1d, 0x8e,
-};
-static const unsigned char kat11_nor_persstr[] = {0};
-static const unsigned char kat11_nor_addin0[] = {0};
-static const unsigned char kat11_nor_addin1[] = {0};
-static const unsigned char kat11_nor_retbytes[] = {
-    0x86, 0xee, 0xd3, 0xa9, 0xfa, 0x53, 0x45, 0x2f, 0xb1, 0x1d, 0xba, 0x9c,
-    0xac, 0x8e, 0x44, 0x02, 0x52, 0x29, 0x28, 0xf2, 0x70, 0x5a, 0x5e, 0x58,
-    0x2f, 0x4d, 0x00, 0xeb, 0x8f, 0xed, 0x81, 0x8e, 0x62, 0x9c, 0x72, 0xa6,
-    0xa7, 0x79, 0xbe, 0xb4, 0xed, 0x9a, 0x23, 0x93, 0x68, 0x23, 0x3c, 0xbf,
-    0xcf, 0x55, 0x68, 0x5d, 0xbf, 0x2d, 0xe3, 0x4a, 0xb5, 0x89, 0x20, 0xcf,
-    0xac, 0xa4, 0xaa, 0xfe,
-};
-static const struct drbg_kat_no_reseed kat11_nor_t = {
-    10, kat11_nor_entropyin, kat11_nor_nonce, kat11_nor_persstr,
-    kat11_nor_addin0, kat11_nor_addin1, kat11_nor_retbytes
-};
-static const struct drbg_kat kat11_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat11_nor_t
-};
-
-static const unsigned char kat12_nor_entropyin[] = {
-    0x7d, 0xcf, 0x4f, 0xa7, 0x31, 0x13, 0x9c, 0x5b, 0xb6, 0x44, 0x2f, 0xed,
-    0x91, 0xe8, 0x9f, 0x68,
-};
-static const unsigned char kat12_nor_nonce[] = {
-    0xff, 0xd9, 0x4f, 0xe2, 0x1a, 0x80, 0x8b, 0x15,
-};
-static const unsigned char kat12_nor_persstr[] = {0};
-static const unsigned char kat12_nor_addin0[] = {0};
-static const unsigned char kat12_nor_addin1[] = {0};
-static const unsigned char kat12_nor_retbytes[] = {
-    0x8e, 0xca, 0x20, 0xe3, 0x1c, 0x98, 0x39, 0xb7, 0x41, 0xaa, 0xa9, 0xbf,
-    0x6c, 0xee, 0xe2, 0x24, 0xd3, 0x21, 0x26, 0xb3, 0x19, 0x6e, 0xef, 0x3e,
-    0xcd, 0x34, 0x3d, 0x41, 0x4d, 0x32, 0x33, 0xb9, 0xfd, 0x0e, 0xa0, 0xed,
-    0x1b, 0xc7, 0x70, 0x0c, 0x88, 0xcd, 0x7c, 0x88, 0xd3, 0xc0, 0x76, 0x13,
-    0xc4, 0x2c, 0xd1, 0xf9, 0x09, 0xfe, 0xd8, 0xc6, 0xa7, 0x08, 0xd0, 0x5d,
-    0x6b, 0x68, 0xfb, 0x2e,
-};
-static const struct drbg_kat_no_reseed kat12_nor_t = {
-    11, kat12_nor_entropyin, kat12_nor_nonce, kat12_nor_persstr,
-    kat12_nor_addin0, kat12_nor_addin1, kat12_nor_retbytes
-};
-static const struct drbg_kat kat12_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat12_nor_t
-};
-
-static const unsigned char kat13_nor_entropyin[] = {
-    0x51, 0x9c, 0x6e, 0xfe, 0xde, 0xd2, 0xa1, 0x10, 0xac, 0x41, 0x83, 0x9a,
-    0x8b, 0x8a, 0xbf, 0xce,
-};
-static const unsigned char kat13_nor_nonce[] = {
-    0x81, 0xd9, 0x5e, 0xdc, 0x06, 0xdd, 0xe6, 0xb3,
-};
-static const unsigned char kat13_nor_persstr[] = {0};
-static const unsigned char kat13_nor_addin0[] = {0};
-static const unsigned char kat13_nor_addin1[] = {0};
-static const unsigned char kat13_nor_retbytes[] = {
-    0x39, 0xcd, 0xd1, 0x0e, 0x49, 0xe0, 0x35, 0x81, 0xe3, 0x81, 0x1d, 0xdd,
-    0x07, 0xd9, 0xd0, 0xac, 0xc3, 0x40, 0x85, 0xa1, 0x2c, 0x1c, 0x6b, 0x87,
-    0xa7, 0x63, 0x86, 0xe9, 0x70, 0x32, 0xdc, 0x01, 0xf5, 0x23, 0xf6, 0x32,
-    0xec, 0x95, 0x0d, 0x04, 0x34, 0xc2, 0x59, 0x37, 0xe4, 0x32, 0xd9, 0x85,
-    0x54, 0x59, 0x9a, 0x85, 0x5d, 0xb9, 0xad, 0xf5, 0x8b, 0x9e, 0x04, 0x59,
-    0x7a, 0x21, 0xd0, 0x0d,
-};
-static const struct drbg_kat_no_reseed kat13_nor_t = {
-    12, kat13_nor_entropyin, kat13_nor_nonce, kat13_nor_persstr,
-    kat13_nor_addin0, kat13_nor_addin1, kat13_nor_retbytes
-};
-static const struct drbg_kat kat13_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat13_nor_t
-};
-
-static const unsigned char kat14_nor_entropyin[] = {
-    0x80, 0xc1, 0x9e, 0xea, 0xad, 0x1a, 0x58, 0x37, 0x94, 0x66, 0xaf, 0xae,
-    0x1d, 0x80, 0x87, 0x6d,
-};
-static const unsigned char kat14_nor_nonce[] = {
-    0xd9, 0xa2, 0x09, 0x3f, 0x11, 0x89, 0x2b, 0x82,
-};
-static const unsigned char kat14_nor_persstr[] = {0};
-static const unsigned char kat14_nor_addin0[] = {0};
-static const unsigned char kat14_nor_addin1[] = {0};
-static const unsigned char kat14_nor_retbytes[] = {
-    0xce, 0xc5, 0x1b, 0x98, 0x5e, 0xc9, 0x7b, 0x18, 0xee, 0x8e, 0xad, 0x36,
-    0x15, 0x7b, 0xea, 0xf9, 0x6f, 0x12, 0x9f, 0x28, 0x28, 0x08, 0x89, 0xec,
-    0x87, 0x3c, 0x27, 0xb5, 0x62, 0x71, 0x98, 0xc5, 0x85, 0xa6, 0xad, 0x21,
-    0xae, 0x23, 0xa9, 0x59, 0xc9, 0xfa, 0x49, 0xd9, 0x85, 0xaf, 0x0d, 0xf4,
-    0x02, 0x8f, 0xdf, 0x1f, 0x51, 0xd8, 0x2e, 0x8f, 0x2b, 0x3f, 0x02, 0x88,
-    0x53, 0xf1, 0x4e, 0x8f,
-};
-static const struct drbg_kat_no_reseed kat14_nor_t = {
-    13, kat14_nor_entropyin, kat14_nor_nonce, kat14_nor_persstr,
-    kat14_nor_addin0, kat14_nor_addin1, kat14_nor_retbytes
-};
-static const struct drbg_kat kat14_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat14_nor_t
-};
-
-static const unsigned char kat15_nor_entropyin[] = {
-    0xb7, 0x7b, 0xd2, 0x2e, 0xfe, 0xb7, 0x71, 0x58, 0x6d, 0x51, 0x6f, 0x58,
-    0x21, 0x92, 0xa3, 0x11,
-};
-static const unsigned char kat15_nor_nonce[] = {
-    0xa6, 0x99, 0xf4, 0x2a, 0x49, 0x81, 0xfe, 0xfc,
-};
-static const unsigned char kat15_nor_persstr[] = {0};
-static const unsigned char kat15_nor_addin0[] = {0};
-static const unsigned char kat15_nor_addin1[] = {0};
-static const unsigned char kat15_nor_retbytes[] = {
-    0x7f, 0xf0, 0xab, 0xea, 0xff, 0xc6, 0xec, 0x92, 0x3c, 0xeb, 0xd9, 0x10,
-    0xf5, 0x93, 0x7b, 0xf1, 0x4f, 0xc5, 0x2d, 0x2a, 0x74, 0x25, 0x83, 0x88,
-    0xc7, 0x6c, 0x1b, 0xc9, 0xe6, 0x35, 0xad, 0xf1, 0x75, 0x85, 0x8f, 0x0a,
-    0x55, 0x87, 0x7e, 0x7e, 0x9f, 0x5f, 0x86, 0x7d, 0x00, 0xb9, 0xb1, 0x36,
-    0x3d, 0xde, 0x46, 0x28, 0x8a, 0x6f, 0xff, 0x53, 0x21, 0xf4, 0x69, 0x44,
-    0x5a, 0xad, 0x41, 0x98,
-};
-static const struct drbg_kat_no_reseed kat15_nor_t = {
-    14, kat15_nor_entropyin, kat15_nor_nonce, kat15_nor_persstr,
-    kat15_nor_addin0, kat15_nor_addin1, kat15_nor_retbytes
-};
-static const struct drbg_kat kat15_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat15_nor_t
-};
-
-static const unsigned char kat16_nor_entropyin[] = {
-    0xb4, 0x08, 0xce, 0xfb, 0x5b, 0xc7, 0x15, 0x7d, 0x3f, 0x26, 0xcb, 0x95,
-    0xa8, 0xb1, 0xd7, 0xac,
-};
-static const unsigned char kat16_nor_nonce[] = {
-    0x02, 0x6c, 0x76, 0x8f, 0xd5, 0x77, 0xb9, 0x2a,
-};
-static const unsigned char kat16_nor_persstr[] = {0};
-static const unsigned char kat16_nor_addin0[] = {
-    0x57, 0x37, 0xef, 0x81, 0xde, 0xe3, 0x65, 0xb6, 0xda, 0xdb, 0x3f, 0xee,
-    0xbf, 0x5d, 0x10, 0x84,
-};
-static const unsigned char kat16_nor_addin1[] = {
-    0x33, 0x68, 0xa5, 0x16, 0xb3, 0x43, 0x1a, 0x3d, 0xaa, 0xa6, 0x0d, 0xc8,
-    0x74, 0x3c, 0x82, 0x97,
-};
-static const unsigned char kat16_nor_retbytes[] = {
-    0x4e, 0x90, 0x9e, 0xbb, 0x24, 0x14, 0x7a, 0x00, 0x04, 0x06, 0x3a, 0x5e,
-    0x47, 0xee, 0x04, 0x4f, 0xea, 0xd6, 0x10, 0xd6, 0x23, 0x24, 0xbd, 0x0f,
-    0x96, 0x3f, 0x75, 0x6f, 0xb9, 0x13, 0x61, 0xe8, 0xb8, 0x7e, 0x3a, 0x76,
-    0xa3, 0x98, 0x14, 0x3f, 0xe8, 0x81, 0x30, 0xfe, 0x1b, 0x54, 0x7b, 0x66,
-    0x1a, 0x64, 0x80, 0xc7, 0x11, 0xb7, 0x39, 0xf1, 0x8a, 0x9d, 0xf3, 0xae,
-    0x51, 0xd4, 0x1b, 0xc9,
-};
-static const struct drbg_kat_no_reseed kat16_nor_t = {
-    0, kat16_nor_entropyin, kat16_nor_nonce, kat16_nor_persstr,
-    kat16_nor_addin0, kat16_nor_addin1, kat16_nor_retbytes
-};
-static const struct drbg_kat kat16_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat16_nor_t
-};
-
-static const unsigned char kat17_nor_entropyin[] = {
-    0x71, 0xbd, 0xce, 0x35, 0x42, 0x7d, 0x20, 0xbf, 0x58, 0xcf, 0x17, 0x74,
-    0xce, 0x72, 0xd8, 0x33,
-};
-static const unsigned char kat17_nor_nonce[] = {
-    0x34, 0x50, 0x2d, 0x8f, 0x5b, 0x14, 0xc4, 0xdd,
-};
-static const unsigned char kat17_nor_persstr[] = {0};
-static const unsigned char kat17_nor_addin0[] = {
-    0x66, 0xef, 0x42, 0xd6, 0x9a, 0x8c, 0x3d, 0x6d, 0x4a, 0x9e, 0x95, 0xa6,
-    0x91, 0x4d, 0x81, 0x56,
-};
-static const unsigned char kat17_nor_addin1[] = {
-    0xe3, 0x18, 0x83, 0xd9, 0x4b, 0x5e, 0xc4, 0xcc, 0xaa, 0x61, 0x2f, 0xbb,
-    0x4a, 0x55, 0xd1, 0xc6,
-};
-static const unsigned char kat17_nor_retbytes[] = {
-    0x97, 0x33, 0xe8, 0x20, 0x12, 0xe2, 0x7b, 0xa1, 0x46, 0x8f, 0xf2, 0x34,
-    0xb3, 0xc9, 0xb6, 0x6b, 0x20, 0xb2, 0x4f, 0xee, 0x27, 0xd8, 0x0b, 0x21,
-    0x8c, 0xff, 0x63, 0x73, 0x69, 0x29, 0xfb, 0xf3, 0x85, 0xcd, 0x88, 0x8e,
-    0x43, 0x2c, 0x71, 0x8b, 0xa2, 0x55, 0xd2, 0x0f, 0x1d, 0x7f, 0xe3, 0xe1,
-    0x2a, 0xa3, 0xe9, 0x2c, 0x25, 0x89, 0xc7, 0x14, 0x52, 0x99, 0x56, 0xcc,
-    0xc3, 0xdf, 0xb3, 0x81,
-};
-static const struct drbg_kat_no_reseed kat17_nor_t = {
-    1, kat17_nor_entropyin, kat17_nor_nonce, kat17_nor_persstr,
-    kat17_nor_addin0, kat17_nor_addin1, kat17_nor_retbytes
-};
-static const struct drbg_kat kat17_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat17_nor_t
-};
-
-static const unsigned char kat18_nor_entropyin[] = {
-    0x9c, 0x0e, 0x4a, 0xea, 0xfc, 0x35, 0x7f, 0xf8, 0xe3, 0xf5, 0x40, 0xa4,
-    0x55, 0x67, 0x8d, 0x7e,
-};
-static const unsigned char kat18_nor_nonce[] = {
-    0xef, 0xd8, 0x3d, 0xc5, 0xc5, 0x31, 0xd1, 0x67,
-};
-static const unsigned char kat18_nor_persstr[] = {0};
-static const unsigned char kat18_nor_addin0[] = {
-    0x58, 0xa1, 0x18, 0x14, 0x08, 0x1c, 0x1c, 0x35, 0xaf, 0x89, 0x88, 0xf1,
-    0x31, 0x40, 0xf6, 0xcc,
-};
-static const unsigned char kat18_nor_addin1[] = {
-    0x19, 0x19, 0x22, 0x70, 0xd6, 0x1a, 0x43, 0x26, 0x4a, 0x30, 0xba, 0x9e,
-    0xbc, 0x72, 0x8a, 0x5b,
-};
-static const unsigned char kat18_nor_retbytes[] = {
-    0x1e, 0xff, 0x1c, 0xf6, 0xb5, 0x75, 0x31, 0x55, 0x90, 0x70, 0x38, 0x82,
-    0x35, 0x9b, 0x6a, 0xdb, 0x3c, 0x21, 0xeb, 0xcf, 0xda, 0x5d, 0x3b, 0x5d,
-    0x6e, 0x88, 0xac, 0xab, 0x6e, 0x87, 0x9e, 0x0a, 0x6f, 0x75, 0x37, 0x5c,
-    0x02, 0xd1, 0xd3, 0xfb, 0xae, 0x94, 0x3c, 0x34, 0x43, 0xe3, 0x9c, 0x29,
-    0x9b, 0x80, 0xe2, 0x41, 0xcd, 0x36, 0x5d, 0x4a, 0xf8, 0xcd, 0x1a, 0xd5,
-    0xd9, 0xd5, 0x4c, 0x58,
-};
-static const struct drbg_kat_no_reseed kat18_nor_t = {
-    2, kat18_nor_entropyin, kat18_nor_nonce, kat18_nor_persstr,
-    kat18_nor_addin0, kat18_nor_addin1, kat18_nor_retbytes
-};
-static const struct drbg_kat kat18_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat18_nor_t
-};
-
-static const unsigned char kat19_nor_entropyin[] = {
-    0x95, 0x07, 0x01, 0x9b, 0x1f, 0xe8, 0x79, 0x84, 0xbe, 0xc1, 0xd0, 0x9c,
-    0xec, 0xcf, 0x36, 0x35,
-};
-static const unsigned char kat19_nor_nonce[] = {
-    0x47, 0x58, 0x62, 0x74, 0xfa, 0x75, 0x3e, 0x0d,
-};
-static const unsigned char kat19_nor_persstr[] = {0};
-static const unsigned char kat19_nor_addin0[] = {
-    0xf1, 0x7d, 0xe4, 0xce, 0xef, 0x9f, 0x2f, 0x23, 0x42, 0x20, 0xcb, 0x71,
-    0xd8, 0xce, 0xb7, 0x0d,
-};
-static const unsigned char kat19_nor_addin1[] = {
-    0x99, 0xd4, 0x8d, 0x9c, 0xe2, 0xfe, 0x76, 0xdc, 0xb8, 0xd0, 0x5f, 0xa4,
-    0xec, 0x07, 0x1a, 0xec,
-};
-static const unsigned char kat19_nor_retbytes[] = {
-    0x25, 0xa0, 0xd1, 0x67, 0x8e, 0x25, 0xb1, 0x94, 0x39, 0xd8, 0x33, 0x4c,
-    0xa9, 0x02, 0xdb, 0x63, 0x47, 0xa9, 0xa4, 0x2b, 0x86, 0xf3, 0x54, 0xb9,
-    0xe0, 0xb3, 0xc4, 0xf4, 0xe8, 0xba, 0x9d, 0x19, 0x2a, 0x5d, 0x76, 0x5a,
-    0xae, 0x5f, 0x4c, 0x5a, 0x74, 0xa0, 0x17, 0x7d, 0x3e, 0xb6, 0x13, 0x70,
-    0x62, 0xe6, 0xd9, 0x8b, 0x65, 0x18, 0x22, 0x26, 0x5b, 0xfe, 0xfc, 0x92,
-    0x9a, 0x39, 0x69, 0xdd,
-};
-static const struct drbg_kat_no_reseed kat19_nor_t = {
-    3, kat19_nor_entropyin, kat19_nor_nonce, kat19_nor_persstr,
-    kat19_nor_addin0, kat19_nor_addin1, kat19_nor_retbytes
-};
-static const struct drbg_kat kat19_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat19_nor_t
-};
-
-static const unsigned char kat20_nor_entropyin[] = {
-    0x12, 0xe8, 0xb3, 0xda, 0x3a, 0x3b, 0x3e, 0x77, 0x3a, 0xfc, 0x23, 0x05,
-    0xbd, 0xa8, 0x6d, 0xb6,
-};
-static const unsigned char kat20_nor_nonce[] = {
-    0xc4, 0x9f, 0x26, 0x1a, 0x9a, 0xb9, 0xd9, 0xf8,
-};
-static const unsigned char kat20_nor_persstr[] = {0};
-static const unsigned char kat20_nor_addin0[] = {
-    0x86, 0xb6, 0x38, 0x52, 0x41, 0x96, 0x15, 0x9d, 0xea, 0x01, 0x76, 0xe5,
-    0x46, 0x2a, 0xe6, 0x5c,
-};
-static const unsigned char kat20_nor_addin1[] = {
-    0x5e, 0xad, 0xb7, 0x67, 0x72, 0xbe, 0x3c, 0xe8, 0x47, 0xaf, 0x6b, 0x77,
-    0x94, 0xe0, 0x02, 0xe3,
-};
-static const unsigned char kat20_nor_retbytes[] = {
-    0x1b, 0xbf, 0x85, 0xe0, 0x2c, 0x1f, 0xc0, 0x4b, 0xea, 0x5f, 0xc4, 0x7f,
-    0x23, 0x6a, 0x07, 0x1c, 0x13, 0xf8, 0xf5, 0x2e, 0xb1, 0x13, 0xcb, 0x83,
-    0xc4, 0x15, 0x2a, 0xc8, 0x32, 0x62, 0x7a, 0xbb, 0xa6, 0xec, 0xde, 0xc1,
-    0x7a, 0x9f, 0xf0, 0x30, 0x5b, 0x7a, 0x49, 0x81, 0x79, 0x83, 0xfa, 0x5b,
-    0x66, 0x51, 0x45, 0xe7, 0xba, 0x9a, 0x5d, 0xf5, 0x72, 0x26, 0xec, 0xcf,
-    0xc1, 0x64, 0xe3, 0xbb,
-};
-static const struct drbg_kat_no_reseed kat20_nor_t = {
-    4, kat20_nor_entropyin, kat20_nor_nonce, kat20_nor_persstr,
-    kat20_nor_addin0, kat20_nor_addin1, kat20_nor_retbytes
-};
-static const struct drbg_kat kat20_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat20_nor_t
-};
-
-static const unsigned char kat21_nor_entropyin[] = {
-    0xb6, 0x08, 0xb1, 0x49, 0xcf, 0x44, 0xfe, 0x06, 0x06, 0x13, 0xb1, 0x66,
-    0x1d, 0xa0, 0xdf, 0x63,
-};
-static const unsigned char kat21_nor_nonce[] = {
-    0x95, 0x17, 0xc9, 0x93, 0xf1, 0x50, 0x34, 0x77,
-};
-static const unsigned char kat21_nor_persstr[] = {0};
-static const unsigned char kat21_nor_addin0[] = {
-    0x55, 0x9c, 0xb8, 0x12, 0xc3, 0x75, 0x8b, 0x2b, 0x31, 0x9d, 0xd9, 0xf5,
-    0x76, 0x8e, 0x8d, 0x3d,
-};
-static const unsigned char kat21_nor_addin1[] = {
-    0xc9, 0xaf, 0x98, 0x7e, 0xfc, 0xe4, 0x70, 0x0f, 0xa9, 0xc8, 0xeb, 0xb9,
-    0xfe, 0xcf, 0x00, 0xda,
-};
-static const unsigned char kat21_nor_retbytes[] = {
-    0x5b, 0x48, 0x13, 0x4d, 0xc7, 0xe6, 0x58, 0x9f, 0x1b, 0x40, 0x2c, 0xf5,
-    0xc4, 0xf6, 0xe3, 0xa3, 0xeb, 0xfd, 0xa8, 0x26, 0x72, 0x50, 0xe8, 0xe8,
-    0x11, 0xec, 0x05, 0x98, 0x6f, 0xf2, 0x1c, 0x78, 0xa1, 0x69, 0x30, 0xa8,
-    0xe0, 0x81, 0x03, 0x07, 0x76, 0x08, 0xc0, 0x6f, 0xa5, 0xe2, 0xa0, 0x48,
-    0xe8, 0x5d, 0xd6, 0xf3, 0x95, 0xce, 0xe2, 0x01, 0xd3, 0xcd, 0xe6, 0x35,
-    0xe1, 0x7e, 0x20, 0x3e,
-};
-static const struct drbg_kat_no_reseed kat21_nor_t = {
-    5, kat21_nor_entropyin, kat21_nor_nonce, kat21_nor_persstr,
-    kat21_nor_addin0, kat21_nor_addin1, kat21_nor_retbytes
-};
-static const struct drbg_kat kat21_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat21_nor_t
-};
-
-static const unsigned char kat22_nor_entropyin[] = {
-    0xe9, 0x2f, 0xd0, 0x7a, 0x09, 0xf2, 0xbc, 0xcb, 0x43, 0x42, 0x4c, 0x57,
-    0x57, 0x73, 0xb0, 0xf0,
-};
-static const unsigned char kat22_nor_nonce[] = {
-    0xb4, 0xe3, 0xca, 0x71, 0xae, 0x15, 0xa0, 0x36,
-};
-static const unsigned char kat22_nor_persstr[] = {0};
-static const unsigned char kat22_nor_addin0[] = {
-    0xe1, 0xb4, 0xb0, 0x40, 0x13, 0xdc, 0x12, 0x18, 0x8c, 0x62, 0x3d, 0x10,
-    0x11, 0xd4, 0x08, 0xf1,
-};
-static const unsigned char kat22_nor_addin1[] = {
-    0x79, 0x56, 0xbf, 0x5b, 0x16, 0x58, 0x0b, 0x3e, 0x72, 0x0a, 0x81, 0x33,
-    0x3e, 0xae, 0x24, 0x83,
-};
-static const unsigned char kat22_nor_retbytes[] = {
-    0x21, 0xa4, 0x67, 0x22, 0x42, 0x46, 0x56, 0x37, 0x0c, 0x47, 0x5b, 0x69,
-    0xa1, 0xfb, 0xc7, 0x0c, 0x8c, 0xbf, 0x44, 0x2d, 0xc2, 0xbc, 0x28, 0xe0,
-    0xab, 0x34, 0xbb, 0x6f, 0xfe, 0xd0, 0x6d, 0x10, 0xf4, 0x90, 0xdf, 0x7e,
-    0x78, 0x7c, 0x12, 0xb6, 0x52, 0xd2, 0x19, 0xa5, 0x77, 0x30, 0x6f, 0x04,
-    0xa9, 0xc8, 0x78, 0xb6, 0xcf, 0xdf, 0xf4, 0x3e, 0x13, 0x55, 0xc4, 0xd1,
-    0x10, 0xfb, 0x0f, 0xb2,
-};
-static const struct drbg_kat_no_reseed kat22_nor_t = {
-    6, kat22_nor_entropyin, kat22_nor_nonce, kat22_nor_persstr,
-    kat22_nor_addin0, kat22_nor_addin1, kat22_nor_retbytes
-};
-static const struct drbg_kat kat22_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat22_nor_t
-};
-
-static const unsigned char kat23_nor_entropyin[] = {
-    0xde, 0x0b, 0x4e, 0xa1, 0xa4, 0x40, 0xce, 0x68, 0x0e, 0xd0, 0x04, 0xcf,
-    0x64, 0xaf, 0xbe, 0x0f,
-};
-static const unsigned char kat23_nor_nonce[] = {
-    0xab, 0xb3, 0x1a, 0x3a, 0xb1, 0x5e, 0xd4, 0x49,
-};
-static const unsigned char kat23_nor_persstr[] = {0};
-static const unsigned char kat23_nor_addin0[] = {
-    0x45, 0xe7, 0x10, 0x10, 0x0c, 0xad, 0x00, 0xf3, 0xd2, 0x93, 0xdb, 0x75,
-    0x5e, 0xe1, 0x99, 0x0d,
-};
-static const unsigned char kat23_nor_addin1[] = {
-    0xb9, 0x11, 0xc9, 0xa4, 0x38, 0x9e, 0x71, 0x67, 0x98, 0x2a, 0x51, 0x24,
-    0x8e, 0xe2, 0x93, 0x7e,
-};
-static const unsigned char kat23_nor_retbytes[] = {
-    0x01, 0xc3, 0xaf, 0x83, 0x55, 0x7c, 0x63, 0x2d, 0xd8, 0x22, 0x83, 0x3f,
-    0x18, 0xe5, 0x48, 0xfb, 0x60, 0x36, 0xe9, 0xcc, 0xac, 0xc3, 0xb4, 0x33,
-    0xc5, 0xa7, 0x00, 0x79, 0x39, 0x93, 0x30, 0x89, 0x16, 0x22, 0x0e, 0x5a,
-    0x74, 0x16, 0x39, 0x86, 0x1c, 0x2f, 0x17, 0x71, 0x9b, 0x32, 0x51, 0x22,
-    0x06, 0xe3, 0x6e, 0x94, 0x7b, 0x28, 0x60, 0x07, 0x3b, 0x11, 0x3c, 0xcd,
-    0xa3, 0xfe, 0x31, 0x68,
-};
-static const struct drbg_kat_no_reseed kat23_nor_t = {
-    7, kat23_nor_entropyin, kat23_nor_nonce, kat23_nor_persstr,
-    kat23_nor_addin0, kat23_nor_addin1, kat23_nor_retbytes
-};
-static const struct drbg_kat kat23_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat23_nor_t
-};
-
-static const unsigned char kat24_nor_entropyin[] = {
-    0x72, 0x27, 0xe1, 0x1c, 0xfc, 0x1a, 0x6b, 0x84, 0xb4, 0x0e, 0xca, 0x24,
-    0xe7, 0x7f, 0x8c, 0x64,
-};
-static const unsigned char kat24_nor_nonce[] = {
-    0xab, 0x7e, 0x9f, 0xc4, 0x5e, 0x58, 0x63, 0xfb,
-};
-static const unsigned char kat24_nor_persstr[] = {0};
-static const unsigned char kat24_nor_addin0[] = {
-    0xca, 0xeb, 0xb3, 0xcd, 0x32, 0xc9, 0xd3, 0xe1, 0xf5, 0xd3, 0x8f, 0x8b,
-    0xdd, 0x89, 0x58, 0x7d,
-};
-static const unsigned char kat24_nor_addin1[] = {
-    0x31, 0x38, 0x09, 0x26, 0xb8, 0x60, 0x80, 0x06, 0xb7, 0xc7, 0x93, 0x61,
-    0xf0, 0xf9, 0x1d, 0x5e,
-};
-static const unsigned char kat24_nor_retbytes[] = {
-    0x3a, 0xd7, 0xb9, 0x32, 0x59, 0xc6, 0xd0, 0xfd, 0xb5, 0x14, 0x27, 0x7a,
-    0xe9, 0x95, 0x01, 0x22, 0xfb, 0x97, 0x11, 0x33, 0x74, 0x2d, 0xe8, 0xe5,
-    0x17, 0xdd, 0x22, 0x69, 0xdd, 0x5a, 0x3c, 0x25, 0x7e, 0x3d, 0x10, 0x6b,
-    0x55, 0x56, 0x60, 0xcf, 0xdd, 0x6a, 0x92, 0xc2, 0xcd, 0xdf, 0x1e, 0x53,
-    0xc4, 0x94, 0x5e, 0xd7, 0x72, 0xee, 0x30, 0x38, 0x04, 0xd0, 0x56, 0xf2,
-    0x42, 0xbf, 0x53, 0x99,
-};
-static const struct drbg_kat_no_reseed kat24_nor_t = {
-    8, kat24_nor_entropyin, kat24_nor_nonce, kat24_nor_persstr,
-    kat24_nor_addin0, kat24_nor_addin1, kat24_nor_retbytes
-};
-static const struct drbg_kat kat24_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat24_nor_t
-};
-
-static const unsigned char kat25_nor_entropyin[] = {
-    0x3b, 0x9e, 0xe2, 0x0c, 0x82, 0x42, 0xb3, 0xf3, 0x58, 0xdb, 0xe8, 0xea,
-    0x58, 0x9e, 0x6e, 0x7c,
-};
-static const unsigned char kat25_nor_nonce[] = {
-    0xb1, 0xdc, 0x3a, 0x47, 0x03, 0x68, 0x52, 0x15,
-};
-static const unsigned char kat25_nor_persstr[] = {0};
-static const unsigned char kat25_nor_addin0[] = {
-    0x47, 0x33, 0x34, 0x47, 0x86, 0x73, 0xe7, 0xb4, 0xa4, 0x3e, 0x9a, 0xe6,
-    0xa8, 0xac, 0x98, 0xbf,
-};
-static const unsigned char kat25_nor_addin1[] = {
-    0x06, 0x1f, 0xe4, 0x45, 0x5a, 0x17, 0x08, 0x74, 0x98, 0xfe, 0x20, 0x9c,
-    0x2c, 0xba, 0x7a, 0x91,
-};
-static const unsigned char kat25_nor_retbytes[] = {
-    0x8e, 0x50, 0x62, 0xb1, 0xfb, 0x29, 0x05, 0xc1, 0x57, 0xc5, 0x26, 0xfa,
-    0x5f, 0x67, 0xcc, 0x99, 0xc6, 0xd7, 0x08, 0x0a, 0x3d, 0x31, 0x42, 0xfa,
-    0x37, 0xc2, 0x09, 0xcf, 0x53, 0x4a, 0xf1, 0x6a, 0x9a, 0x2f, 0x28, 0x61,
-    0xb8, 0x94, 0xea, 0x84, 0xa3, 0x73, 0xd4, 0xa8, 0x04, 0xc3, 0xdc, 0xd5,
-    0x1f, 0xcc, 0x09, 0xdd, 0x0f, 0x5b, 0x39, 0x45, 0x69, 0x7a, 0xac, 0xd0,
-    0xb8, 0xf3, 0xea, 0xfd,
-};
-static const struct drbg_kat_no_reseed kat25_nor_t = {
-    9, kat25_nor_entropyin, kat25_nor_nonce, kat25_nor_persstr,
-    kat25_nor_addin0, kat25_nor_addin1, kat25_nor_retbytes
-};
-static const struct drbg_kat kat25_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat25_nor_t
-};
-
-static const unsigned char kat26_nor_entropyin[] = {
-    0x8f, 0xf7, 0x57, 0xb2, 0x11, 0x69, 0xb3, 0xfd, 0x6e, 0x88, 0x00, 0xaa,
-    0xc0, 0xe3, 0xc4, 0x1f,
-};
-static const unsigned char kat26_nor_nonce[] = {
-    0x49, 0x4d, 0x42, 0x51, 0xe8, 0x88, 0x15, 0xb4,
-};
-static const unsigned char kat26_nor_persstr[] = {0};
-static const unsigned char kat26_nor_addin0[] = {
-    0xe0, 0x19, 0x9f, 0xb9, 0xf0, 0xf0, 0xa1, 0xa8, 0xdd, 0x9d, 0x19, 0xd1,
-    0x43, 0x68, 0xfa, 0x1e,
-};
-static const unsigned char kat26_nor_addin1[] = {
-    0x21, 0x91, 0xab, 0xe7, 0x24, 0x41, 0x28, 0x56, 0x36, 0xc1, 0x1b, 0xde,
-    0xe9, 0x83, 0xed, 0x8c,
-};
-static const unsigned char kat26_nor_retbytes[] = {
-    0x06, 0x75, 0xb2, 0x25, 0x4b, 0x71, 0x31, 0x8e, 0xb3, 0xa3, 0x60, 0x4d,
-    0x7b, 0x6d, 0x77, 0x80, 0x6c, 0xd7, 0xdf, 0x32, 0x5c, 0x7c, 0xe8, 0x9e,
-    0x16, 0xd3, 0xbd, 0x56, 0x16, 0xb0, 0xfa, 0xec, 0x33, 0x0c, 0xfe, 0x6b,
-    0x84, 0xb6, 0x87, 0x61, 0xad, 0xf7, 0x0c, 0xc1, 0x4e, 0x46, 0x25, 0x3e,
-    0x11, 0x55, 0x72, 0xc1, 0xa4, 0xac, 0xbb, 0xae, 0xee, 0x1a, 0xd6, 0x81,
-    0xb5, 0x38, 0xd6, 0xc9,
-};
-static const struct drbg_kat_no_reseed kat26_nor_t = {
-    10, kat26_nor_entropyin, kat26_nor_nonce, kat26_nor_persstr,
-    kat26_nor_addin0, kat26_nor_addin1, kat26_nor_retbytes
-};
-static const struct drbg_kat kat26_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat26_nor_t
-};
-
-static const unsigned char kat27_nor_entropyin[] = {
-    0x46, 0x0c, 0x0a, 0x1e, 0x92, 0x9b, 0x75, 0x18, 0xdb, 0xcf, 0x44, 0xe4,
-    0xe7, 0xee, 0x4d, 0x83,
-};
-static const unsigned char kat27_nor_nonce[] = {
-    0x88, 0x65, 0xd5, 0x01, 0x53, 0x48, 0x25, 0x9e,
-};
-static const unsigned char kat27_nor_persstr[] = {0};
-static const unsigned char kat27_nor_addin0[] = {
-    0xf9, 0x32, 0x78, 0x91, 0x40, 0xa0, 0xa7, 0x6f, 0x07, 0xb2, 0x5b, 0x5f,
-    0x8e, 0x1d, 0x00, 0xdc,
-};
-static const unsigned char kat27_nor_addin1[] = {
-    0xe6, 0x44, 0x6a, 0xe2, 0xc6, 0x62, 0x66, 0x73, 0xe1, 0x8e, 0x37, 0x3d,
-    0xeb, 0x12, 0xbd, 0x26,
-};
-static const unsigned char kat27_nor_retbytes[] = {
-    0xc5, 0xde, 0x2e, 0x1a, 0x2a, 0xa7, 0x0a, 0x28, 0xac, 0xe6, 0x8e, 0x62,
-    0x0c, 0x94, 0xb8, 0x88, 0xa0, 0x7b, 0x07, 0x80, 0xb3, 0x14, 0x38, 0xc5,
-    0xe1, 0x1c, 0x5d, 0x76, 0xdf, 0xd6, 0x15, 0xf4, 0x1d, 0x4b, 0xa3, 0x24,
-    0xd2, 0x2c, 0x12, 0xfe, 0xe3, 0x8f, 0x58, 0x93, 0x5d, 0xad, 0x35, 0xe0,
-    0x0f, 0xe6, 0xa6, 0xe6, 0x11, 0x86, 0xc7, 0x88, 0x1c, 0x30, 0x6e, 0x96,
-    0x31, 0xcc, 0x15, 0xec,
-};
-static const struct drbg_kat_no_reseed kat27_nor_t = {
-    11, kat27_nor_entropyin, kat27_nor_nonce, kat27_nor_persstr,
-    kat27_nor_addin0, kat27_nor_addin1, kat27_nor_retbytes
-};
-static const struct drbg_kat kat27_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat27_nor_t
-};
-
-static const unsigned char kat28_nor_entropyin[] = {
-    0xb2, 0xda, 0x44, 0xbc, 0x3b, 0xe2, 0xd1, 0x7a, 0x9a, 0xc2, 0x08, 0x80,
-    0x85, 0xe9, 0x26, 0xf8,
-};
-static const unsigned char kat28_nor_nonce[] = {
-    0x04, 0xbe, 0x54, 0x49, 0x35, 0x26, 0xc5, 0x78,
-};
-static const unsigned char kat28_nor_persstr[] = {0};
-static const unsigned char kat28_nor_addin0[] = {
-    0x67, 0xbe, 0x89, 0x19, 0x59, 0x65, 0xcd, 0x7d, 0xc9, 0x84, 0x27, 0x1b,
-    0x49, 0x7d, 0x61, 0x90,
-};
-static const unsigned char kat28_nor_addin1[] = {
-    0xc9, 0x95, 0x6b, 0x00, 0x4b, 0x0c, 0x26, 0xb3, 0xf6, 0x57, 0xc6, 0xc1,
-    0x55, 0xd3, 0x60, 0xcc,
-};
-static const unsigned char kat28_nor_retbytes[] = {
-    0xc7, 0x74, 0x56, 0x62, 0x19, 0x48, 0xf6, 0x08, 0x38, 0xe3, 0x77, 0x9a,
-    0x14, 0x60, 0x63, 0x22, 0x52, 0x96, 0xda, 0x38, 0x18, 0x0e, 0x2c, 0x4c,
-    0x58, 0x35, 0xea, 0x27, 0xb2, 0x84, 0x24, 0xa8, 0x83, 0x1c, 0xee, 0x8c,
-    0x8d, 0xf7, 0x39, 0xa2, 0xb1, 0x73, 0xb3, 0x7b, 0xe2, 0xc0, 0x2b, 0xff,
-    0x38, 0xe0, 0xb3, 0x67, 0xd4, 0x82, 0xfb, 0x76, 0x54, 0x5f, 0xb3, 0xc9,
-    0x8d, 0x82, 0xb6, 0xe7,
-};
-static const struct drbg_kat_no_reseed kat28_nor_t = {
-    12, kat28_nor_entropyin, kat28_nor_nonce, kat28_nor_persstr,
-    kat28_nor_addin0, kat28_nor_addin1, kat28_nor_retbytes
-};
-static const struct drbg_kat kat28_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat28_nor_t
-};
-
-static const unsigned char kat29_nor_entropyin[] = {
-    0xf1, 0x77, 0xbc, 0x8a, 0xf7, 0x5c, 0x49, 0xe1, 0xd3, 0x79, 0xb5, 0x72,
-    0x26, 0x92, 0xbb, 0x3f,
-};
-static const unsigned char kat29_nor_nonce[] = {
-    0xd8, 0xb5, 0xfb, 0xdc, 0x5d, 0xa7, 0xea, 0x7b,
-};
-static const unsigned char kat29_nor_persstr[] = {0};
-static const unsigned char kat29_nor_addin0[] = {
-    0x37, 0x41, 0x94, 0x38, 0x35, 0x54, 0xa4, 0x21, 0x41, 0x0a, 0xf5, 0xde,
-    0x2f, 0xc2, 0xec, 0x82,
-};
-static const unsigned char kat29_nor_addin1[] = {
-    0x00, 0x0b, 0xe9, 0xac, 0x8e, 0x4b, 0x0c, 0xd1, 0x24, 0x5d, 0x7b, 0x7d,
-    0xbf, 0x8d, 0x87, 0x4f,
-};
-static const unsigned char kat29_nor_retbytes[] = {
-    0xb4, 0xa0, 0x0c, 0xd6, 0xe5, 0xf4, 0x7e, 0xa8, 0x7b, 0x12, 0x07, 0xc3,
-    0xa2, 0x18, 0xd8, 0x98, 0x8d, 0x4c, 0xb7, 0xed, 0x52, 0xb1, 0x4b, 0x79,
-    0xbb, 0xa5, 0x6a, 0xa7, 0xe5, 0x7e, 0x63, 0x64, 0x05, 0x70, 0x25, 0xab,
-    0x8f, 0x60, 0xd9, 0x7b, 0x84, 0x71, 0x7b, 0xbf, 0x25, 0x58, 0xdd, 0x43,
-    0x1f, 0x4b, 0xc3, 0x8c, 0xf1, 0xf6, 0x1e, 0xc0, 0xe7, 0xc2, 0xb4, 0xae,
-    0xb5, 0x4b, 0x2f, 0xaa,
-};
-static const struct drbg_kat_no_reseed kat29_nor_t = {
-    13, kat29_nor_entropyin, kat29_nor_nonce, kat29_nor_persstr,
-    kat29_nor_addin0, kat29_nor_addin1, kat29_nor_retbytes
-};
-static const struct drbg_kat kat29_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat29_nor_t
-};
-
-static const unsigned char kat30_nor_entropyin[] = {
-    0x52, 0x6b, 0xc8, 0xb7, 0x97, 0xad, 0x67, 0xeb, 0x9b, 0x11, 0xbb, 0x5d,
-    0x17, 0x32, 0x00, 0x87,
-};
-static const unsigned char kat30_nor_nonce[] = {
-    0x64, 0x7b, 0xd2, 0x32, 0xad, 0x4d, 0x13, 0x00,
-};
-static const unsigned char kat30_nor_persstr[] = {0};
-static const unsigned char kat30_nor_addin0[] = {
-    0x58, 0xc8, 0xbf, 0x95, 0x0f, 0xab, 0x02, 0x71, 0x19, 0xee, 0x4a, 0x59,
-    0x27, 0x27, 0xaa, 0x02,
-};
-static const unsigned char kat30_nor_addin1[] = {
-    0x25, 0x39, 0xe1, 0x23, 0x92, 0x6b, 0x74, 0xab, 0x23, 0x41, 0x4d, 0x63,
-    0x50, 0xb8, 0x92, 0x87,
-};
-static const unsigned char kat30_nor_retbytes[] = {
-    0x35, 0x9c, 0x56, 0x08, 0x34, 0xbb, 0xeb, 0xdb, 0x41, 0x34, 0xcc, 0x3e,
-    0x66, 0xbc, 0x06, 0x95, 0xce, 0xfd, 0xb4, 0xfe, 0x56, 0x63, 0x75, 0x2b,
-    0x6e, 0xba, 0x97, 0x4c, 0x4b, 0x85, 0x92, 0x4a, 0x01, 0xdc, 0xd4, 0xea,
-    0x3e, 0xd7, 0x7f, 0x2a, 0xf3, 0x95, 0x7b, 0x87, 0x51, 0xf7, 0x37, 0x15,
-    0x74, 0xbb, 0x8b, 0x09, 0x0b, 0xc0, 0xd5, 0x12, 0xc1, 0x57, 0xc6, 0x55,
-    0x9c, 0x16, 0xd0, 0xfd,
-};
-static const struct drbg_kat_no_reseed kat30_nor_t = {
-    14, kat30_nor_entropyin, kat30_nor_nonce, kat30_nor_persstr,
-    kat30_nor_addin0, kat30_nor_addin1, kat30_nor_retbytes
-};
-static const struct drbg_kat kat30_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat30_nor_t
-};
-
-static const unsigned char kat31_nor_entropyin[] = {
-    0xe1, 0x0b, 0xc2, 0x8a, 0x0b, 0xfd, 0xdf, 0xe9, 0x3e, 0x7f, 0x51, 0x86,
-    0xe0, 0xca, 0x0b, 0x3b,
-};
-static const unsigned char kat31_nor_nonce[] = {
-    0x9f, 0xf4, 0x77, 0xc1, 0x86, 0x73, 0x84, 0x0d,
-};
-static const unsigned char kat31_nor_persstr[] = {
-    0xc9, 0x80, 0xde, 0xdf, 0x98, 0x82, 0xed, 0x44, 0x64, 0xa6, 0x74, 0x96,
-    0x78, 0x68, 0xf1, 0x43,
-};
-static const unsigned char kat31_nor_addin0[] = {0};
-static const unsigned char kat31_nor_addin1[] = {0};
-static const unsigned char kat31_nor_retbytes[] = {
-    0x35, 0xb0, 0x0d, 0xf6, 0x26, 0x9b, 0x66, 0x41, 0xfd, 0x4c, 0xcb, 0x35,
-    0x4d, 0x56, 0xd8, 0x51, 0xde, 0x7a, 0x77, 0x52, 0x7e, 0x03, 0x4d, 0x60,
-    0xc9, 0xe1, 0xa9, 0xe1, 0x52, 0x5a, 0x30, 0xed, 0x36, 0x1f, 0xde, 0xd8,
-    0x9d, 0x3d, 0xcc, 0xb9, 0x78, 0xd4, 0xe7, 0xa9, 0xe1, 0x00, 0xeb, 0xf6,
-    0x30, 0x62, 0x73, 0x5b, 0x52, 0x83, 0x1c, 0x6f, 0x0a, 0x1d, 0x3e, 0x1b,
-    0xdc, 0x5e, 0xbc, 0x72,
-};
-static const struct drbg_kat_no_reseed kat31_nor_t = {
-    0, kat31_nor_entropyin, kat31_nor_nonce, kat31_nor_persstr,
-    kat31_nor_addin0, kat31_nor_addin1, kat31_nor_retbytes
-};
-static const struct drbg_kat kat31_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat31_nor_t
-};
-
-static const unsigned char kat32_nor_entropyin[] = {
-    0xca, 0x4b, 0x1e, 0xfa, 0x75, 0xbd, 0x69, 0x36, 0x38, 0x73, 0xb8, 0xf9,
-    0xdb, 0x4d, 0x35, 0x0e,
-};
-static const unsigned char kat32_nor_nonce[] = {
-    0x47, 0xbf, 0x6c, 0x37, 0x72, 0xfd, 0xf7, 0xa9,
-};
-static const unsigned char kat32_nor_persstr[] = {
-    0xeb, 0xaa, 0x60, 0x2c, 0x4d, 0xbe, 0x33, 0xff, 0x1b, 0xef, 0xbf, 0x0a,
-    0x0b, 0xc6, 0x97, 0x54,
-};
-static const unsigned char kat32_nor_addin0[] = {0};
-static const unsigned char kat32_nor_addin1[] = {0};
-static const unsigned char kat32_nor_retbytes[] = {
-    0x59, 0xc3, 0x19, 0x79, 0x1b, 0xb1, 0xf3, 0x0e, 0xe9, 0x34, 0xae, 0x6e,
-    0x8b, 0x1f, 0xad, 0x1f, 0x74, 0xca, 0x25, 0x45, 0x68, 0xb8, 0x7f, 0x75,
-    0x12, 0xf8, 0xf2, 0xab, 0x4c, 0x23, 0x01, 0x03, 0x05, 0xe1, 0x70, 0xee,
-    0x75, 0xd8, 0xcb, 0xeb, 0x23, 0x4c, 0x7a, 0x23, 0x6e, 0x12, 0x27, 0xdb,
-    0x6f, 0x7a, 0xac, 0x3c, 0x44, 0xb7, 0x87, 0x4b, 0x65, 0x56, 0x74, 0x45,
-    0x34, 0x30, 0x0c, 0x3d,
-};
-static const struct drbg_kat_no_reseed kat32_nor_t = {
-    1, kat32_nor_entropyin, kat32_nor_nonce, kat32_nor_persstr,
-    kat32_nor_addin0, kat32_nor_addin1, kat32_nor_retbytes
-};
-static const struct drbg_kat kat32_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat32_nor_t
-};
-
-static const unsigned char kat33_nor_entropyin[] = {
-    0x35, 0x19, 0x49, 0x15, 0x74, 0x71, 0x9d, 0xdb, 0x1f, 0x51, 0xb5, 0xf5,
-    0x9e, 0x21, 0xad, 0x3d,
-};
-static const unsigned char kat33_nor_nonce[] = {
-    0xef, 0x1d, 0xbe, 0xae, 0x79, 0xf0, 0x89, 0x8b,
-};
-static const unsigned char kat33_nor_persstr[] = {
-    0x7f, 0xdc, 0x21, 0xe3, 0x53, 0x24, 0x9e, 0x93, 0xdf, 0x98, 0xf2, 0x91,
-    0x02, 0xb9, 0xac, 0xec,
-};
-static const unsigned char kat33_nor_addin0[] = {0};
-static const unsigned char kat33_nor_addin1[] = {0};
-static const unsigned char kat33_nor_retbytes[] = {
-    0x19, 0x2c, 0x71, 0x85, 0x74, 0x47, 0xaf, 0x82, 0x01, 0x37, 0x06, 0xb8,
-    0xeb, 0x00, 0x8f, 0x8e, 0x2c, 0x2e, 0xb3, 0x99, 0x4a, 0x23, 0x8c, 0xf7,
-    0x39, 0xe1, 0x74, 0x60, 0xfe, 0x84, 0xef, 0x71, 0xca, 0x43, 0x7e, 0x8a,
-    0xcb, 0xb8, 0xd9, 0xd2, 0x88, 0x07, 0xc4, 0x7a, 0x5f, 0x03, 0x44, 0x42,
-    0xaa, 0xf3, 0xc2, 0xf3, 0xe7, 0xde, 0xbe, 0x53, 0x1b, 0xc3, 0x59, 0x60,
-    0x56, 0x68, 0x58, 0x48,
-};
-static const struct drbg_kat_no_reseed kat33_nor_t = {
-    2, kat33_nor_entropyin, kat33_nor_nonce, kat33_nor_persstr,
-    kat33_nor_addin0, kat33_nor_addin1, kat33_nor_retbytes
-};
-static const struct drbg_kat kat33_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat33_nor_t
-};
-
-static const unsigned char kat34_nor_entropyin[] = {
-    0x68, 0xed, 0xc1, 0xc7, 0xf0, 0x4f, 0xa2, 0x2f, 0x75, 0x1b, 0x91, 0x8b,
-    0x01, 0x6b, 0xbf, 0xb5,
-};
-static const unsigned char kat34_nor_nonce[] = {
-    0xa9, 0xb6, 0x7a, 0x39, 0x58, 0xf2, 0x02, 0xf0,
-};
-static const unsigned char kat34_nor_persstr[] = {
-    0x9d, 0x6f, 0xbb, 0x02, 0x0e, 0x3d, 0x99, 0xd1, 0x95, 0xff, 0x46, 0x9f,
-    0x0a, 0xc0, 0xb8, 0xca,
-};
-static const unsigned char kat34_nor_addin0[] = {0};
-static const unsigned char kat34_nor_addin1[] = {0};
-static const unsigned char kat34_nor_retbytes[] = {
-    0xd9, 0x02, 0x89, 0xb1, 0xb6, 0x76, 0x3a, 0x76, 0x90, 0xfc, 0xb5, 0xd6,
-    0x7c, 0x81, 0xc2, 0x03, 0xa1, 0xcf, 0xb0, 0x88, 0x71, 0xb9, 0x4a, 0xf6,
-    0x51, 0xc4, 0xcd, 0x7e, 0xc2, 0xfa, 0x4b, 0x9d, 0x47, 0xc8, 0xe5, 0xfc,
-    0xc9, 0x9a, 0xff, 0xc2, 0x21, 0x43, 0xb6, 0x12, 0x70, 0x18, 0xe9, 0xe2,
-    0xc0, 0x91, 0x4f, 0x9d, 0x47, 0xa5, 0xa3, 0x0b, 0x26, 0xe7, 0x4d, 0xdc,
-    0x31, 0xa4, 0x48, 0x42,
-};
-static const struct drbg_kat_no_reseed kat34_nor_t = {
-    3, kat34_nor_entropyin, kat34_nor_nonce, kat34_nor_persstr,
-    kat34_nor_addin0, kat34_nor_addin1, kat34_nor_retbytes
-};
-static const struct drbg_kat kat34_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat34_nor_t
-};
-
-static const unsigned char kat35_nor_entropyin[] = {
-    0x8e, 0x6b, 0xaf, 0x81, 0xa3, 0xf9, 0xe7, 0x32, 0xef, 0xb9, 0x65, 0xaf,
-    0xa5, 0x9e, 0x71, 0xee,
-};
-static const unsigned char kat35_nor_nonce[] = {
-    0x9a, 0x40, 0x36, 0xfe, 0x7f, 0xf2, 0x25, 0xb8,
-};
-static const unsigned char kat35_nor_persstr[] = {
-    0xc5, 0x7e, 0x42, 0xad, 0x7a, 0xef, 0x53, 0x77, 0xfc, 0x4c, 0xd6, 0x20,
-    0xd6, 0x31, 0xb0, 0x61,
-};
-static const unsigned char kat35_nor_addin0[] = {0};
-static const unsigned char kat35_nor_addin1[] = {0};
-static const unsigned char kat35_nor_retbytes[] = {
-    0x71, 0x39, 0xa2, 0xd6, 0x74, 0xee, 0xfe, 0x54, 0x08, 0x7a, 0x2d, 0xd5,
-    0xf4, 0x97, 0xf5, 0xa1, 0xcb, 0x44, 0x44, 0x72, 0xe3, 0x64, 0x04, 0x5c,
-    0xb9, 0x20, 0x2b, 0xce, 0x24, 0x58, 0x1b, 0x4b, 0x1b, 0x80, 0x3f, 0xa5,
-    0xf4, 0xa9, 0xac, 0x6d, 0x66, 0x37, 0xbd, 0xd9, 0x06, 0xaf, 0x3d, 0x8f,
-    0x49, 0xb5, 0xb8, 0x0f, 0x44, 0xcd, 0x16, 0xee, 0x5b, 0x1a, 0xe3, 0xbf,
-    0x51, 0xb5, 0x98, 0xba,
-};
-static const struct drbg_kat_no_reseed kat35_nor_t = {
-    4, kat35_nor_entropyin, kat35_nor_nonce, kat35_nor_persstr,
-    kat35_nor_addin0, kat35_nor_addin1, kat35_nor_retbytes
-};
-static const struct drbg_kat kat35_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat35_nor_t
-};
-
-static const unsigned char kat36_nor_entropyin[] = {
-    0xf8, 0x99, 0x2f, 0x34, 0x0f, 0x90, 0xc8, 0xd8, 0x16, 0xb4, 0xbd, 0x8b,
-    0x43, 0x5d, 0xa0, 0x35,
-};
-static const unsigned char kat36_nor_nonce[] = {
-    0xfc, 0xf9, 0x44, 0x00, 0x6f, 0x29, 0x27, 0x98,
-};
-static const unsigned char kat36_nor_persstr[] = {
-    0x56, 0x32, 0x23, 0x5e, 0x85, 0x2c, 0x07, 0x40, 0x09, 0xb4, 0x97, 0xed,
-    0xa4, 0x38, 0xa1, 0x6f,
-};
-static const unsigned char kat36_nor_addin0[] = {0};
-static const unsigned char kat36_nor_addin1[] = {0};
-static const unsigned char kat36_nor_retbytes[] = {
-    0x9e, 0xab, 0x55, 0xfa, 0x4b, 0x2c, 0x1c, 0xfa, 0xc6, 0x3d, 0x4d, 0xe4,
-    0x7a, 0xa8, 0xf5, 0x9f, 0x78, 0x5e, 0xe4, 0x90, 0xda, 0x44, 0xce, 0xe3,
-    0x0f, 0x91, 0x61, 0xe9, 0x3a, 0xfc, 0x46, 0x1d, 0xad, 0x0e, 0x7f, 0x4a,
-    0x06, 0x4e, 0x92, 0xef, 0xd6, 0x00, 0x89, 0x16, 0xc2, 0x2f, 0x83, 0x64,
-    0xc1, 0x90, 0x46, 0x7a, 0xde, 0x12, 0xab, 0x4e, 0x18, 0xb1, 0xf3, 0x9c,
-    0xe1, 0x8b, 0x35, 0x8a,
-};
-static const struct drbg_kat_no_reseed kat36_nor_t = {
-    5, kat36_nor_entropyin, kat36_nor_nonce, kat36_nor_persstr,
-    kat36_nor_addin0, kat36_nor_addin1, kat36_nor_retbytes
-};
-static const struct drbg_kat kat36_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat36_nor_t
-};
-
-static const unsigned char kat37_nor_entropyin[] = {
-    0x07, 0x43, 0x8f, 0x83, 0x53, 0xb7, 0xb0, 0x67, 0x42, 0x18, 0x31, 0x9e,
-    0x29, 0x54, 0x0b, 0xca,
-};
-static const unsigned char kat37_nor_nonce[] = {
-    0x41, 0x14, 0x77, 0x63, 0x6a, 0x50, 0x0c, 0x62,
-};
-static const unsigned char kat37_nor_persstr[] = {
-    0xcf, 0x36, 0xf2, 0xaa, 0x72, 0xf2, 0xf3, 0x5e, 0x33, 0x5e, 0x65, 0xcf,
-    0xd1, 0x7e, 0x2d, 0x3d,
-};
-static const unsigned char kat37_nor_addin0[] = {0};
-static const unsigned char kat37_nor_addin1[] = {0};
-static const unsigned char kat37_nor_retbytes[] = {
-    0x6c, 0xfa, 0xcf, 0xe4, 0x7a, 0xcf, 0x8f, 0x61, 0xd8, 0xaf, 0x3e, 0xd4,
-    0xfb, 0xac, 0xef, 0x5c, 0xd7, 0x41, 0xac, 0x2f, 0x16, 0x5e, 0x15, 0xbd,
-    0xaa, 0xb1, 0xd0, 0x30, 0xc6, 0x85, 0x67, 0x83, 0x7e, 0xf3, 0xda, 0x1e,
-    0xc8, 0x3d, 0xa0, 0x42, 0x3c, 0xa3, 0x42, 0x4c, 0xf2, 0x93, 0xf6, 0x1f,
-    0x71, 0x75, 0xfb, 0xa8, 0xe9, 0x1e, 0x5f, 0xdc, 0x8b, 0x39, 0x55, 0x77,
-    0x73, 0x61, 0xd6, 0x90,
-};
-static const struct drbg_kat_no_reseed kat37_nor_t = {
-    6, kat37_nor_entropyin, kat37_nor_nonce, kat37_nor_persstr,
-    kat37_nor_addin0, kat37_nor_addin1, kat37_nor_retbytes
-};
-static const struct drbg_kat kat37_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat37_nor_t
-};
-
-static const unsigned char kat38_nor_entropyin[] = {
-    0x8e, 0x93, 0x73, 0x5c, 0x34, 0xae, 0x0c, 0x5e, 0xa5, 0x21, 0x3d, 0x83,
-    0xa8, 0xda, 0x80, 0x45,
-};
-static const unsigned char kat38_nor_nonce[] = {
-    0x2a, 0x0b, 0x27, 0x9a, 0x9d, 0x67, 0x78, 0x38,
-};
-static const unsigned char kat38_nor_persstr[] = {
-    0x14, 0xf4, 0x52, 0x66, 0x52, 0x4a, 0x81, 0x52, 0x85, 0x7a, 0x83, 0x31,
-    0x6a, 0x17, 0x75, 0x85,
-};
-static const unsigned char kat38_nor_addin0[] = {0};
-static const unsigned char kat38_nor_addin1[] = {0};
-static const unsigned char kat38_nor_retbytes[] = {
-    0xe0, 0x0c, 0xb8, 0x63, 0x6f, 0x96, 0x02, 0xc3, 0x30, 0x21, 0xa8, 0x2a,
-    0x7f, 0x9d, 0xc9, 0xc7, 0x4e, 0xd3, 0x43, 0x5b, 0x34, 0x89, 0x7d, 0x6e,
-    0xfd, 0x8c, 0x05, 0xf1, 0x77, 0xe8, 0x55, 0x6a, 0x44, 0x3b, 0xd1, 0x8c,
-    0x20, 0xa5, 0x57, 0xb9, 0xbd, 0xc4, 0x17, 0xe8, 0x99, 0x85, 0x06, 0x48,
-    0x50, 0x91, 0xd6, 0xbc, 0x91, 0x8e, 0x9c, 0xbf, 0xfb, 0xb8, 0x5c, 0x62,
-    0x0f, 0x74, 0xc6, 0xec,
-};
-static const struct drbg_kat_no_reseed kat38_nor_t = {
-    7, kat38_nor_entropyin, kat38_nor_nonce, kat38_nor_persstr,
-    kat38_nor_addin0, kat38_nor_addin1, kat38_nor_retbytes
-};
-static const struct drbg_kat kat38_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat38_nor_t
-};
-
-static const unsigned char kat39_nor_entropyin[] = {
-    0xec, 0x6b, 0x87, 0xe9, 0xe0, 0x3f, 0x44, 0xf9, 0x19, 0xe4, 0x0e, 0x1d,
-    0xac, 0x02, 0xf8, 0x73,
-};
-static const unsigned char kat39_nor_nonce[] = {
-    0x5e, 0x9a, 0xc5, 0x09, 0x0a, 0x5e, 0x28, 0x97,
-};
-static const unsigned char kat39_nor_persstr[] = {
-    0x0d, 0x9b, 0xa4, 0x62, 0xbf, 0x16, 0x6f, 0x3b, 0x36, 0x6a, 0x2a, 0xdf,
-    0x55, 0xd2, 0x76, 0x45,
-};
-static const unsigned char kat39_nor_addin0[] = {0};
-static const unsigned char kat39_nor_addin1[] = {0};
-static const unsigned char kat39_nor_retbytes[] = {
-    0xec, 0x37, 0xac, 0xbd, 0xdf, 0xb0, 0x41, 0xe4, 0x24, 0x9c, 0x1c, 0xb9,
-    0x83, 0x3a, 0x31, 0xfc, 0x6f, 0xbd, 0xaa, 0x66, 0x58, 0xe4, 0xb7, 0x48,
-    0xc0, 0xeb, 0xf6, 0xab, 0x54, 0xa3, 0xb9, 0xc0, 0xf6, 0x2d, 0x7c, 0x89,
-    0xdb, 0xb2, 0x1d, 0x1d, 0xe1, 0x33, 0x15, 0xcb, 0xae, 0x2f, 0xf4, 0xf5,
-    0x46, 0x24, 0x91, 0x32, 0x1f, 0xbe, 0x04, 0xb4, 0x14, 0xfb, 0xa2, 0x80,
-    0x7e, 0xd9, 0x14, 0xee,
-};
-static const struct drbg_kat_no_reseed kat39_nor_t = {
-    8, kat39_nor_entropyin, kat39_nor_nonce, kat39_nor_persstr,
-    kat39_nor_addin0, kat39_nor_addin1, kat39_nor_retbytes
-};
-static const struct drbg_kat kat39_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat39_nor_t
-};
-
-static const unsigned char kat40_nor_entropyin[] = {
-    0x9d, 0x28, 0x2f, 0x5a, 0x0c, 0x15, 0xa6, 0x53, 0x04, 0x73, 0x10, 0xb5,
-    0x62, 0x7d, 0x8f, 0xa2,
-};
-static const unsigned char kat40_nor_nonce[] = {
-    0x55, 0x22, 0xc4, 0x2f, 0x4b, 0xb0, 0x76, 0xdc,
-};
-static const unsigned char kat40_nor_persstr[] = {
-    0x84, 0x6b, 0x2e, 0x17, 0xb0, 0x62, 0xc4, 0xc7, 0xc5, 0x61, 0x94, 0x3b,
-    0x5d, 0x97, 0x56, 0x5d,
-};
-static const unsigned char kat40_nor_addin0[] = {0};
-static const unsigned char kat40_nor_addin1[] = {0};
-static const unsigned char kat40_nor_retbytes[] = {
-    0x45, 0xf6, 0x0e, 0x1b, 0xa9, 0x81, 0xaf, 0x7f, 0x52, 0xef, 0x49, 0x39,
-    0xc0, 0xbb, 0x0b, 0xdb, 0x6f, 0xe4, 0x6f, 0x37, 0x2c, 0xc6, 0x48, 0x06,
-    0x4b, 0xbd, 0x3a, 0x0a, 0x2b, 0x85, 0xc0, 0x23, 0x91, 0xb2, 0x97, 0x92,
-    0xcc, 0x88, 0x05, 0xbb, 0x5d, 0x45, 0x3e, 0xe2, 0x90, 0xcd, 0x1b, 0x9c,
-    0x9f, 0x8f, 0x20, 0xb0, 0x91, 0x16, 0xaf, 0x1f, 0xd5, 0xec, 0xea, 0xe8,
-    0x0d, 0x03, 0x58, 0xd8,
-};
-static const struct drbg_kat_no_reseed kat40_nor_t = {
-    9, kat40_nor_entropyin, kat40_nor_nonce, kat40_nor_persstr,
-    kat40_nor_addin0, kat40_nor_addin1, kat40_nor_retbytes
-};
-static const struct drbg_kat kat40_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat40_nor_t
-};
-
-static const unsigned char kat41_nor_entropyin[] = {
-    0x83, 0x82, 0x7c, 0x08, 0x52, 0x4b, 0x54, 0xe8, 0x0f, 0x60, 0xe1, 0x86,
-    0xcf, 0xce, 0x36, 0xdb,
-};
-static const unsigned char kat41_nor_nonce[] = {
-    0x17, 0x7e, 0x5c, 0x00, 0xf7, 0x85, 0xa6, 0xf9,
-};
-static const unsigned char kat41_nor_persstr[] = {
-    0x71, 0x75, 0xa2, 0xc2, 0x2e, 0xab, 0x4d, 0x0b, 0x1a, 0x65, 0xfd, 0xad,
-    0xed, 0x35, 0x6a, 0xeb,
-};
-static const unsigned char kat41_nor_addin0[] = {0};
-static const unsigned char kat41_nor_addin1[] = {0};
-static const unsigned char kat41_nor_retbytes[] = {
-    0x84, 0x24, 0xe7, 0x6c, 0x73, 0x6c, 0x03, 0x09, 0x42, 0x3c, 0xf4, 0x8d,
-    0xc1, 0x05, 0xfe, 0xef, 0x22, 0x8d, 0xd4, 0x7b, 0xfd, 0x8d, 0x33, 0x80,
-    0x19, 0x50, 0xd2, 0x10, 0x2d, 0x5d, 0xba, 0xfb, 0x51, 0xe1, 0xa8, 0x5b,
-    0x4a, 0x97, 0x1e, 0x4f, 0x0b, 0x9d, 0x52, 0x65, 0x69, 0x73, 0xdb, 0x45,
-    0x5b, 0x28, 0x6f, 0x58, 0x8c, 0xa6, 0x1d, 0x15, 0x99, 0xc4, 0xec, 0x60,
-    0xdd, 0x80, 0xbe, 0x98,
-};
-static const struct drbg_kat_no_reseed kat41_nor_t = {
-    10, kat41_nor_entropyin, kat41_nor_nonce, kat41_nor_persstr,
-    kat41_nor_addin0, kat41_nor_addin1, kat41_nor_retbytes
-};
-static const struct drbg_kat kat41_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat41_nor_t
-};
-
-static const unsigned char kat42_nor_entropyin[] = {
-    0x9f, 0x32, 0x13, 0xa2, 0xd6, 0xfe, 0x5f, 0x3d, 0xfa, 0xf0, 0xe4, 0xed,
-    0x29, 0x2e, 0x0f, 0x2a,
-};
-static const unsigned char kat42_nor_nonce[] = {
-    0xf9, 0xc0, 0x55, 0x3b, 0x18, 0xb2, 0x1c, 0xc3,
-};
-static const unsigned char kat42_nor_persstr[] = {
-    0x21, 0x73, 0xd3, 0x9b, 0x37, 0x55, 0x04, 0x19, 0x11, 0x98, 0x9f, 0x89,
-    0xf1, 0xe9, 0x5d, 0x3e,
-};
-static const unsigned char kat42_nor_addin0[] = {0};
-static const unsigned char kat42_nor_addin1[] = {0};
-static const unsigned char kat42_nor_retbytes[] = {
-    0x10, 0x45, 0xf7, 0xb5, 0x36, 0xda, 0xb4, 0xde, 0x01, 0x54, 0x48, 0xac,
-    0x47, 0x66, 0x18, 0x8a, 0x36, 0x7b, 0xb6, 0x93, 0x97, 0x91, 0x3d, 0xfd,
-    0x3d, 0x5b, 0xbf, 0x83, 0xf1, 0xbb, 0xac, 0x73, 0x23, 0x2d, 0x47, 0x64,
-    0x4e, 0x5a, 0x9c, 0x16, 0x99, 0x60, 0x58, 0x1e, 0x4a, 0xd5, 0xed, 0x26,
-    0x95, 0x36, 0x0b, 0x94, 0xf4, 0x20, 0x9c, 0x77, 0xd7, 0x69, 0x40, 0x16,
-    0xb4, 0xb3, 0x97, 0xc2,
-};
-static const struct drbg_kat_no_reseed kat42_nor_t = {
-    11, kat42_nor_entropyin, kat42_nor_nonce, kat42_nor_persstr,
-    kat42_nor_addin0, kat42_nor_addin1, kat42_nor_retbytes
-};
-static const struct drbg_kat kat42_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat42_nor_t
-};
-
-static const unsigned char kat43_nor_entropyin[] = {
-    0xfb, 0xc8, 0x19, 0x90, 0x74, 0xa7, 0x6f, 0x23, 0x68, 0x86, 0x36, 0xae,
-    0x31, 0x14, 0x28, 0x1e,
-};
-static const unsigned char kat43_nor_nonce[] = {
-    0xeb, 0xc2, 0x2e, 0x95, 0xdd, 0xae, 0xb6, 0xfc,
-};
-static const unsigned char kat43_nor_persstr[] = {
-    0x71, 0xfb, 0xd5, 0x9f, 0x88, 0xfc, 0x99, 0xa9, 0xb6, 0x07, 0x00, 0x27,
-    0xe7, 0x35, 0x41, 0xc2,
-};
-static const unsigned char kat43_nor_addin0[] = {0};
-static const unsigned char kat43_nor_addin1[] = {0};
-static const unsigned char kat43_nor_retbytes[] = {
-    0x87, 0x25, 0x66, 0xa7, 0x00, 0x47, 0x98, 0xe0, 0x06, 0x97, 0xbd, 0xb3,
-    0x3a, 0xf1, 0xee, 0x7a, 0x07, 0x6e, 0x9f, 0xd2, 0x89, 0xaf, 0x83, 0xaf,
-    0xcb, 0x10, 0xa0, 0x25, 0x2b, 0xb5, 0xc1, 0x06, 0xc8, 0xdd, 0x20, 0xd7,
-    0x7c, 0x85, 0x9f, 0x14, 0x01, 0x11, 0x8c, 0x24, 0xf5, 0xa8, 0x96, 0x8f,
-    0x11, 0xfa, 0x9f, 0x77, 0x78, 0xc2, 0x80, 0x31, 0x89, 0xc8, 0xda, 0x87,
-    0xe6, 0x49, 0x45, 0xc8,
-};
-static const struct drbg_kat_no_reseed kat43_nor_t = {
-    12, kat43_nor_entropyin, kat43_nor_nonce, kat43_nor_persstr,
-    kat43_nor_addin0, kat43_nor_addin1, kat43_nor_retbytes
-};
-static const struct drbg_kat kat43_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat43_nor_t
-};
-
-static const unsigned char kat44_nor_entropyin[] = {
-    0x43, 0xf4, 0xd0, 0x89, 0x06, 0x0c, 0x90, 0x7f, 0x38, 0x76, 0x05, 0x1f,
-    0xd5, 0xe3, 0x6f, 0x74,
-};
-static const unsigned char kat44_nor_nonce[] = {
-    0x45, 0x71, 0xe6, 0x61, 0x5b, 0xa3, 0xbb, 0xce,
-};
-static const unsigned char kat44_nor_persstr[] = {
-    0xfc, 0x90, 0x57, 0x74, 0x9b, 0xa4, 0x37, 0xd8, 0xfb, 0xe9, 0xf8, 0x1d,
-    0x29, 0xdf, 0x5e, 0xf1,
-};
-static const unsigned char kat44_nor_addin0[] = {0};
-static const unsigned char kat44_nor_addin1[] = {0};
-static const unsigned char kat44_nor_retbytes[] = {
-    0x90, 0x78, 0xf1, 0xbc, 0x92, 0x91, 0x0e, 0xbc, 0xf8, 0xe3, 0x17, 0x57,
-    0xb6, 0x24, 0xbd, 0x23, 0xdb, 0xcd, 0x74, 0xf9, 0xca, 0x70, 0xff, 0x1c,
-    0x6f, 0x2b, 0x21, 0xd8, 0x59, 0xa4, 0xe8, 0xa4, 0xe9, 0x96, 0x3e, 0xf1,
-    0x32, 0xa0, 0x25, 0xb3, 0xae, 0x28, 0x5b, 0x43, 0xa6, 0x96, 0x98, 0x90,
-    0x0d, 0x4f, 0x8a, 0x30, 0xbb, 0x5e, 0x99, 0x29, 0x0e, 0x45, 0x04, 0x16,
-    0x19, 0x97, 0xa8, 0x37,
-};
-static const struct drbg_kat_no_reseed kat44_nor_t = {
-    13, kat44_nor_entropyin, kat44_nor_nonce, kat44_nor_persstr,
-    kat44_nor_addin0, kat44_nor_addin1, kat44_nor_retbytes
-};
-static const struct drbg_kat kat44_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat44_nor_t
-};
-
-static const unsigned char kat45_nor_entropyin[] = {
-    0x0e, 0xe3, 0x8e, 0xa2, 0x9d, 0x71, 0x95, 0x00, 0x3e, 0x2b, 0x94, 0x2a,
-    0xbf, 0x13, 0x48, 0xfc,
-};
-static const unsigned char kat45_nor_nonce[] = {
-    0x80, 0xa7, 0x5c, 0x77, 0xce, 0xff, 0x54, 0xe4,
-};
-static const unsigned char kat45_nor_persstr[] = {
-    0x83, 0x8e, 0xae, 0xbc, 0x98, 0x2c, 0xaa, 0x15, 0x62, 0xc3, 0x06, 0x4c,
-    0xce, 0x42, 0xe5, 0x1e,
-};
-static const unsigned char kat45_nor_addin0[] = {0};
-static const unsigned char kat45_nor_addin1[] = {0};
-static const unsigned char kat45_nor_retbytes[] = {
-    0x66, 0x29, 0x1b, 0x86, 0x85, 0xe9, 0x7c, 0x76, 0xe2, 0x21, 0x6d, 0x70,
-    0x8b, 0x40, 0x70, 0x22, 0x68, 0x4b, 0x28, 0x29, 0x1f, 0x3d, 0xc7, 0x1b,
-    0x5d, 0x60, 0xde, 0x14, 0x3f, 0x5f, 0xdf, 0x0b, 0xb0, 0x7a, 0xe9, 0xd7,
-    0x52, 0x44, 0x56, 0xc4, 0xdf, 0xd0, 0x89, 0xea, 0x88, 0xde, 0x86, 0xdd,
-    0xfa, 0x1d, 0x48, 0xca, 0x54, 0x2f, 0x00, 0xfa, 0x58, 0x6d, 0xa7, 0xa6,
-    0x02, 0x7d, 0x83, 0x7b,
-};
-static const struct drbg_kat_no_reseed kat45_nor_t = {
-    14, kat45_nor_entropyin, kat45_nor_nonce, kat45_nor_persstr,
-    kat45_nor_addin0, kat45_nor_addin1, kat45_nor_retbytes
-};
-static const struct drbg_kat kat45_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat45_nor_t
-};
-
-static const unsigned char kat46_nor_entropyin[] = {
-    0xca, 0xe4, 0x8d, 0xd8, 0x0d, 0x29, 0x81, 0x03, 0xef, 0x1e, 0xc0, 0xbf,
-    0x1b, 0xb9, 0x62, 0x70,
-};
-static const unsigned char kat46_nor_nonce[] = {
-    0xd8, 0x27, 0xf9, 0x16, 0x13, 0xe0, 0xb4, 0x7f,
-};
-static const unsigned char kat46_nor_persstr[] = {
-    0xcc, 0x92, 0x8f, 0x3d, 0x2d, 0xf3, 0x1a, 0x29, 0xf4, 0xe4, 0x44, 0xf3,
-    0xdf, 0x08, 0xbe, 0x21,
-};
-static const unsigned char kat46_nor_addin0[] = {
-    0x7e, 0xaa, 0x1b, 0xbe, 0xc7, 0x93, 0x93, 0xa7, 0xf4, 0xa8, 0x22, 0x7b,
-    0x69, 0x1e, 0xcb, 0x68,
-};
-static const unsigned char kat46_nor_addin1[] = {
-    0x68, 0x69, 0xc6, 0xc7, 0xb9, 0xe6, 0x65, 0x3b, 0x39, 0x77, 0xf0, 0x78,
-    0x9e, 0x94, 0x47, 0x8a,
-};
-static const unsigned char kat46_nor_retbytes[] = {
-    0x92, 0x01, 0x32, 0xcd, 0x28, 0x46, 0x95, 0xb8, 0x68, 0xb5, 0xbc, 0x4b,
-    0x70, 0x3a, 0xfe, 0xa4, 0xd9, 0x96, 0x62, 0x4a, 0x8f, 0x57, 0xe9, 0xfb,
-    0xf5, 0xe7, 0x93, 0xb5, 0x09, 0xcb, 0x15, 0xb4, 0xbe, 0xaf, 0x70, 0x2d,
-    0xac, 0x28, 0x71, 0x2d, 0x24, 0x9a, 0xe7, 0x50, 0x90, 0xa9, 0x1f, 0xd3,
-    0x57, 0x75, 0x29, 0x4b, 0xf2, 0x4d, 0xde, 0xbf, 0xd2, 0x4e, 0x45, 0xd1,
-    0x3f, 0x4a, 0x17, 0x48,
-};
-static const struct drbg_kat_no_reseed kat46_nor_t = {
-    0, kat46_nor_entropyin, kat46_nor_nonce, kat46_nor_persstr,
-    kat46_nor_addin0, kat46_nor_addin1, kat46_nor_retbytes
-};
-static const struct drbg_kat kat46_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat46_nor_t
-};
-
-static const unsigned char kat47_nor_entropyin[] = {
-    0xc0, 0x70, 0x1f, 0x92, 0x50, 0x75, 0x8f, 0xcd, 0xf2, 0xbe, 0x73, 0x98,
-    0x80, 0xdb, 0x66, 0xeb,
-};
-static const unsigned char kat47_nor_nonce[] = {
-    0x14, 0x68, 0xb4, 0xa5, 0x87, 0x9c, 0x2d, 0xa6,
-};
-static const unsigned char kat47_nor_persstr[] = {
-    0x80, 0x08, 0xae, 0xe8, 0xe9, 0x69, 0x40, 0xc5, 0x08, 0x73, 0xc7, 0x9f,
-    0x8e, 0xcf, 0xe0, 0x02,
-};
-static const unsigned char kat47_nor_addin0[] = {
-    0xf9, 0x01, 0xf8, 0x16, 0x7a, 0x1d, 0xff, 0xde, 0x8e, 0x3c, 0x83, 0xe2,
-    0x44, 0x85, 0xe7, 0xfe,
-};
-static const unsigned char kat47_nor_addin1[] = {
-    0x17, 0x1c, 0x09, 0x38, 0xc2, 0x38, 0x9f, 0x97, 0x87, 0x60, 0x55, 0xb4,
-    0x82, 0x16, 0x62, 0x7f,
-};
-static const unsigned char kat47_nor_retbytes[] = {
-    0x97, 0xc0, 0xc0, 0xe5, 0xa0, 0xcc, 0xf2, 0x4f, 0x33, 0x63, 0x48, 0x8a,
-    0xdb, 0x13, 0x0a, 0x35, 0x89, 0xbf, 0x80, 0x65, 0x62, 0xee, 0x13, 0x95,
-    0x7c, 0x33, 0xd3, 0x7d, 0xf4, 0x07, 0x77, 0x7a, 0x2b, 0x65, 0x0b, 0x5f,
-    0x45, 0x5c, 0x13, 0xf1, 0x90, 0x77, 0x7f, 0xc5, 0x04, 0x3f, 0xcc, 0x1a,
-    0x38, 0xf8, 0xcd, 0x1b, 0xbb, 0xd5, 0x57, 0xd1, 0x4a, 0x4c, 0x2e, 0x8a,
-    0x2b, 0x49, 0x1e, 0x5c,
-};
-static const struct drbg_kat_no_reseed kat47_nor_t = {
-    1, kat47_nor_entropyin, kat47_nor_nonce, kat47_nor_persstr,
-    kat47_nor_addin0, kat47_nor_addin1, kat47_nor_retbytes
-};
-static const struct drbg_kat kat47_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat47_nor_t
-};
-
-static const unsigned char kat48_nor_entropyin[] = {
-    0x6b, 0x98, 0x53, 0x2d, 0x67, 0x8f, 0xd2, 0x79, 0xcf, 0x73, 0x7c, 0x58,
-    0x15, 0x0c, 0xe5, 0x89,
-};
-static const unsigned char kat48_nor_nonce[] = {
-    0xca, 0x55, 0x45, 0x07, 0x3d, 0x54, 0x9d, 0x06,
-};
-static const unsigned char kat48_nor_persstr[] = {
-    0x80, 0x90, 0x8a, 0xc1, 0x34, 0xe0, 0xcd, 0x23, 0xef, 0x7e, 0x31, 0x85,
-    0x48, 0xf9, 0x21, 0x91,
-};
-static const unsigned char kat48_nor_addin0[] = {
-    0x53, 0x79, 0x0d, 0xa9, 0x09, 0xbf, 0xde, 0xed, 0xaa, 0xfd, 0x99, 0x61,
-    0x9f, 0x3f, 0x46, 0x1b,
-};
-static const unsigned char kat48_nor_addin1[] = {
-    0xc7, 0xa5, 0x87, 0x77, 0xd1, 0xfb, 0xd1, 0x55, 0x3e, 0x95, 0x46, 0xc8,
-    0x3e, 0x40, 0x9f, 0xc2,
-};
-static const unsigned char kat48_nor_retbytes[] = {
-    0xd9, 0x84, 0xa2, 0x40, 0x58, 0x87, 0x39, 0x02, 0x27, 0x94, 0x09, 0x59,
-    0xe4, 0x9f, 0x94, 0x4e, 0x49, 0x04, 0xc4, 0xf0, 0x46, 0x7f, 0xf2, 0x4d,
-    0x87, 0x64, 0xdb, 0x91, 0x53, 0x0a, 0x1e, 0x59, 0x65, 0x68, 0x84, 0x72,
-    0xfa, 0xc1, 0x31, 0xbe, 0xa0, 0x55, 0xc7, 0x15, 0x12, 0x27, 0xe2, 0xfc,
-    0xb0, 0xda, 0xd9, 0x65, 0x5e, 0xc3, 0xac, 0x22, 0xcd, 0x7d, 0xff, 0x72,
-    0xf6, 0xc7, 0x4a, 0xa0,
-};
-static const struct drbg_kat_no_reseed kat48_nor_t = {
-    2, kat48_nor_entropyin, kat48_nor_nonce, kat48_nor_persstr,
-    kat48_nor_addin0, kat48_nor_addin1, kat48_nor_retbytes
-};
-static const struct drbg_kat kat48_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat48_nor_t
-};
-
-static const unsigned char kat49_nor_entropyin[] = {
-    0x97, 0x51, 0x6e, 0x48, 0xd9, 0x10, 0x37, 0x2a, 0x3f, 0x1f, 0xb4, 0xaa,
-    0x7a, 0xe4, 0x93, 0x0f,
-};
-static const unsigned char kat49_nor_nonce[] = {
-    0xbb, 0xa3, 0x0b, 0x3d, 0xeb, 0x19, 0x33, 0x89,
-};
-static const unsigned char kat49_nor_persstr[] = {
-    0x8c, 0x0e, 0x3e, 0x71, 0xc8, 0x20, 0x1a, 0x77, 0x10, 0x55, 0x19, 0xdf,
-    0xfa, 0x89, 0xc1, 0xaa,
-};
-static const unsigned char kat49_nor_addin0[] = {
-    0x0a, 0x18, 0x78, 0x7e, 0x46, 0x50, 0xfa, 0x02, 0x49, 0xf7, 0x79, 0x62,
-    0xac, 0x15, 0x8c, 0x63,
-};
-static const unsigned char kat49_nor_addin1[] = {
-    0x2f, 0xb1, 0x92, 0x31, 0x4c, 0x3e, 0x07, 0xf9, 0x63, 0xfb, 0xa3, 0x4d,
-    0x8d, 0xfc, 0x8c, 0x9c,
-};
-static const unsigned char kat49_nor_retbytes[] = {
-    0xd7, 0xb7, 0x3e, 0x44, 0x9a, 0xed, 0x8f, 0x0a, 0x06, 0x93, 0x84, 0x83,
-    0xe8, 0x78, 0x11, 0x04, 0x9b, 0x4a, 0xcf, 0xe5, 0x1c, 0xa5, 0x55, 0xf1,
-    0xee, 0x97, 0x86, 0xe3, 0x3f, 0xce, 0x90, 0x69, 0x7d, 0xb6, 0x8d, 0x2d,
-    0xc6, 0x36, 0x1c, 0x94, 0x2c, 0xf6, 0x7d, 0x89, 0x26, 0x19, 0x49, 0x7e,
-    0x96, 0x19, 0x43, 0x32, 0xae, 0x32, 0xa6, 0x35, 0xcf, 0x35, 0x5b, 0xbc,
-    0x3c, 0x66, 0x79, 0x55,
-};
-static const struct drbg_kat_no_reseed kat49_nor_t = {
-    3, kat49_nor_entropyin, kat49_nor_nonce, kat49_nor_persstr,
-    kat49_nor_addin0, kat49_nor_addin1, kat49_nor_retbytes
-};
-static const struct drbg_kat kat49_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat49_nor_t
-};
-
-static const unsigned char kat50_nor_entropyin[] = {
-    0x62, 0xce, 0xf3, 0x5a, 0x51, 0x8e, 0xf6, 0x52, 0x0b, 0x6e, 0xdb, 0x1a,
-    0xa9, 0xa2, 0x14, 0x96,
-};
-static const unsigned char kat50_nor_nonce[] = {
-    0x2b, 0x98, 0xe2, 0x69, 0xf5, 0x1f, 0xb3, 0xba,
-};
-static const unsigned char kat50_nor_persstr[] = {
-    0x89, 0xa6, 0xc9, 0x11, 0x27, 0x13, 0xd0, 0xd1, 0x96, 0xc8, 0xe0, 0x26,
-    0x60, 0xa2, 0x51, 0x31,
-};
-static const unsigned char kat50_nor_addin0[] = {
-    0x35, 0xed, 0xb8, 0x77, 0x01, 0xcb, 0x50, 0x01, 0x43, 0x4d, 0xb1, 0x85,
-    0x7b, 0xf9, 0x8e, 0xfb,
-};
-static const unsigned char kat50_nor_addin1[] = {
-    0xa9, 0xfa, 0x53, 0xb5, 0xd3, 0x03, 0x2e, 0x4b, 0xe6, 0x0d, 0xcd, 0xb1,
-    0xe9, 0x4b, 0x4f, 0x50,
-};
-static const unsigned char kat50_nor_retbytes[] = {
-    0xde, 0x8b, 0x77, 0x0b, 0x3e, 0xd4, 0x33, 0x15, 0xab, 0x7e, 0x83, 0x31,
-    0xe2, 0xdf, 0x12, 0xcb, 0x9a, 0xbe, 0xb3, 0xf6, 0xb1, 0x4c, 0x45, 0x7a,
-    0x30, 0x4b, 0xcd, 0x1d, 0xf7, 0x30, 0xdb, 0x52, 0xd4, 0xb4, 0x02, 0xf7,
-    0x8b, 0x80, 0x54, 0x59, 0x65, 0xfc, 0x5a, 0x83, 0xdd, 0xf9, 0x99, 0x63,
-    0xaa, 0xb5, 0xe1, 0xb3, 0x79, 0x24, 0x57, 0xdf, 0x4b, 0xf9, 0x27, 0xb6,
-    0x6a, 0x4d, 0x67, 0x45,
-};
-static const struct drbg_kat_no_reseed kat50_nor_t = {
-    4, kat50_nor_entropyin, kat50_nor_nonce, kat50_nor_persstr,
-    kat50_nor_addin0, kat50_nor_addin1, kat50_nor_retbytes
-};
-static const struct drbg_kat kat50_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat50_nor_t
-};
-
-static const unsigned char kat51_nor_entropyin[] = {
-    0xc0, 0x2a, 0xf7, 0x05, 0xf6, 0x99, 0xc3, 0xa7, 0xf5, 0xe2, 0xbb, 0x9b,
-    0x14, 0xc7, 0xce, 0xa7,
-};
-static const unsigned char kat51_nor_nonce[] = {
-    0xeb, 0x24, 0x6b, 0x26, 0xa3, 0xa0, 0xa1, 0x0b,
-};
-static const unsigned char kat51_nor_persstr[] = {
-    0x07, 0xdf, 0x3d, 0x3d, 0x48, 0x6b, 0xbe, 0x68, 0x19, 0x04, 0x40, 0x94,
-    0xc9, 0x15, 0x89, 0x99,
-};
-static const unsigned char kat51_nor_addin0[] = {
-    0xf4, 0x9d, 0x27, 0x9f, 0x04, 0x81, 0x5d, 0x98, 0x30, 0x92, 0xb6, 0xb5,
-    0xfe, 0x4f, 0x10, 0xf7,
-};
-static const unsigned char kat51_nor_addin1[] = {
-    0xd7, 0x66, 0x07, 0x00, 0x64, 0xdf, 0xe2, 0x03, 0xb2, 0xa3, 0x9d, 0x1b,
-    0x24, 0x75, 0x84, 0x10,
-};
-static const unsigned char kat51_nor_retbytes[] = {
-    0xdd, 0xbb, 0x48, 0x8c, 0x6b, 0x6f, 0x0f, 0x9c, 0xb7, 0x05, 0xa3, 0xc5,
-    0xab, 0x13, 0xc3, 0x17, 0x6f, 0x86, 0x7b, 0x12, 0x0c, 0x29, 0xdb, 0x37,
-    0xf7, 0x9c, 0x00, 0x23, 0x8a, 0x77, 0xa0, 0x41, 0x45, 0x04, 0xd3, 0x28,
-    0x93, 0xa0, 0x8c, 0x7e, 0x99, 0xc2, 0xb1, 0xa8, 0x8d, 0x50, 0x92, 0x2e,
-    0x52, 0xb0, 0xdf, 0x56, 0x0b, 0x75, 0x3a, 0xdd, 0x48, 0x60, 0x4c, 0xaa,
-    0xbb, 0xb9, 0x75, 0x2f,
-};
-static const struct drbg_kat_no_reseed kat51_nor_t = {
-    5, kat51_nor_entropyin, kat51_nor_nonce, kat51_nor_persstr,
-    kat51_nor_addin0, kat51_nor_addin1, kat51_nor_retbytes
-};
-static const struct drbg_kat kat51_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat51_nor_t
-};
-
-static const unsigned char kat52_nor_entropyin[] = {
-    0x56, 0x6f, 0xc3, 0x38, 0x98, 0x5a, 0x8f, 0xc8, 0x67, 0xda, 0xbe, 0x24,
-    0xf7, 0xf9, 0x09, 0x7d,
-};
-static const unsigned char kat52_nor_nonce[] = {
-    0xdb, 0xf7, 0x1d, 0x79, 0x17, 0xe0, 0xb1, 0x51,
-};
-static const unsigned char kat52_nor_persstr[] = {
-    0x66, 0x56, 0x94, 0x18, 0x17, 0xa6, 0x15, 0xe2, 0x9f, 0x62, 0xbd, 0x4f,
-    0x1d, 0x93, 0xcb, 0x11,
-};
-static const unsigned char kat52_nor_addin0[] = {
-    0xa2, 0x74, 0xbe, 0x52, 0x97, 0x46, 0xbd, 0x0b, 0x6a, 0x58, 0x73, 0xdc,
-    0x3c, 0x1d, 0xae, 0xbc,
-};
-static const unsigned char kat52_nor_addin1[] = {
-    0x4e, 0x23, 0xfa, 0x29, 0xd2, 0x6b, 0x1f, 0xe9, 0x2b, 0xb4, 0x2b, 0x3e,
-    0x9f, 0x2b, 0x4c, 0x08,
-};
-static const unsigned char kat52_nor_retbytes[] = {
-    0xb5, 0xda, 0x60, 0xb8, 0x70, 0x22, 0x6a, 0x48, 0xb2, 0xb9, 0xb5, 0xd9,
-    0xa9, 0x46, 0x49, 0x54, 0xa8, 0xdb, 0x0d, 0x3e, 0x5f, 0xb3, 0x06, 0x3c,
-    0x80, 0xe6, 0x75, 0x19, 0x7d, 0xc5, 0x84, 0x07, 0xb4, 0xc0, 0x40, 0x9c,
-    0xd0, 0x69, 0x75, 0xed, 0xa8, 0xaf, 0xe6, 0x66, 0x7a, 0xa0, 0xd7, 0x9e,
-    0xcf, 0x55, 0x5e, 0x23, 0x8f, 0x83, 0x42, 0x4f, 0x13, 0x08, 0x19, 0x20,
-    0x0c, 0x24, 0x4a, 0x77,
-};
-static const struct drbg_kat_no_reseed kat52_nor_t = {
-    6, kat52_nor_entropyin, kat52_nor_nonce, kat52_nor_persstr,
-    kat52_nor_addin0, kat52_nor_addin1, kat52_nor_retbytes
-};
-static const struct drbg_kat kat52_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat52_nor_t
-};
-
-static const unsigned char kat53_nor_entropyin[] = {
-    0x67, 0x43, 0xbc, 0x12, 0x2a, 0xaa, 0x13, 0x4f, 0x82, 0xac, 0x8c, 0x78,
-    0xcc, 0x0b, 0x64, 0xe7,
-};
-static const unsigned char kat53_nor_nonce[] = {
-    0x2d, 0xc3, 0x2e, 0x4f, 0x3b, 0xba, 0x5a, 0x20,
-};
-static const unsigned char kat53_nor_persstr[] = {
-    0xb8, 0x07, 0x7f, 0x23, 0xa9, 0x08, 0xc4, 0x25, 0x92, 0xc1, 0x3b, 0x63,
-    0x89, 0x09, 0x98, 0xd0,
-};
-static const unsigned char kat53_nor_addin0[] = {
-    0xd6, 0x83, 0x74, 0xf5, 0x8c, 0xe2, 0x5b, 0xd8, 0xe9, 0x5f, 0xe0, 0x6d,
-    0xe8, 0xa9, 0x50, 0xa1,
-};
-static const unsigned char kat53_nor_addin1[] = {
-    0x07, 0xb7, 0xab, 0x9c, 0x32, 0xa9, 0x78, 0x30, 0xa0, 0x0e, 0xd9, 0x89,
-    0x5e, 0x3b, 0xbe, 0x19,
-};
-static const unsigned char kat53_nor_retbytes[] = {
-    0xfe, 0x82, 0x7f, 0x53, 0x07, 0x6d, 0xf3, 0x08, 0x47, 0xd0, 0xfb, 0x0f,
-    0x55, 0xa2, 0xcd, 0x63, 0x81, 0xca, 0x0e, 0x79, 0xe6, 0x81, 0x62, 0x1f,
-    0x49, 0xf3, 0x1e, 0x48, 0x11, 0xe9, 0xa6, 0x4c, 0x57, 0xc0, 0x99, 0x4f,
-    0x18, 0x0c, 0x31, 0x1a, 0x40, 0x44, 0x40, 0xf2, 0x77, 0xfa, 0x62, 0xe0,
-    0xf9, 0x9c, 0x6f, 0x5c, 0x7b, 0x88, 0xbe, 0xe2, 0x07, 0xfc, 0xa9, 0x92,
-    0x6b, 0xfc, 0x9e, 0x46,
-};
-static const struct drbg_kat_no_reseed kat53_nor_t = {
-    7, kat53_nor_entropyin, kat53_nor_nonce, kat53_nor_persstr,
-    kat53_nor_addin0, kat53_nor_addin1, kat53_nor_retbytes
-};
-static const struct drbg_kat kat53_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat53_nor_t
-};
-
-static const unsigned char kat54_nor_entropyin[] = {
-    0xf2, 0xad, 0xdf, 0x01, 0x67, 0xa1, 0x6d, 0xa3, 0x8d, 0x2f, 0xd7, 0x92,
-    0xa7, 0x18, 0x9c, 0x06,
-};
-static const unsigned char kat54_nor_nonce[] = {
-    0x2b, 0x50, 0xd8, 0xcc, 0x7f, 0x71, 0x40, 0x1c,
-};
-static const unsigned char kat54_nor_persstr[] = {
-    0xb9, 0x17, 0xa5, 0x4c, 0x13, 0xd5, 0x8c, 0xb6, 0xad, 0x47, 0xc8, 0xfa,
-    0xf6, 0xf9, 0xa7, 0xf5,
-};
-static const unsigned char kat54_nor_addin0[] = {
-    0xcf, 0x2e, 0x78, 0x5a, 0x06, 0xbc, 0x5e, 0xb7, 0x1e, 0x3b, 0x52, 0x4f,
-    0x11, 0x72, 0xc7, 0x55,
-};
-static const unsigned char kat54_nor_addin1[] = {
-    0xc9, 0xa7, 0x53, 0xa9, 0xce, 0xdd, 0xd7, 0x5d, 0x1a, 0x62, 0x6d, 0xa7,
-    0x27, 0x95, 0xa3, 0xc6,
-};
-static const unsigned char kat54_nor_retbytes[] = {
-    0xe2, 0xaa, 0xf1, 0x1c, 0x20, 0xde, 0x2b, 0xaf, 0x89, 0x23, 0x04, 0x1d,
-    0x83, 0x8f, 0x4a, 0xcb, 0x38, 0xe2, 0x22, 0xd3, 0x06, 0xb9, 0x7c, 0x97,
-    0xbf, 0xe5, 0x46, 0x61, 0x7b, 0x3d, 0x8d, 0x92, 0xe4, 0x0c, 0xaa, 0x2e,
-    0xdc, 0xac, 0x7a, 0x2f, 0xb0, 0x64, 0x3e, 0xd5, 0x7d, 0x47, 0xa9, 0x0a,
-    0x11, 0x64, 0x10, 0x44, 0xb6, 0xc6, 0xa7, 0xdf, 0x42, 0x4d, 0xbd, 0xa2,
-    0xb4, 0x5f, 0x0d, 0xf9,
-};
-static const struct drbg_kat_no_reseed kat54_nor_t = {
-    8, kat54_nor_entropyin, kat54_nor_nonce, kat54_nor_persstr,
-    kat54_nor_addin0, kat54_nor_addin1, kat54_nor_retbytes
-};
-static const struct drbg_kat kat54_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat54_nor_t
-};
-
-static const unsigned char kat55_nor_entropyin[] = {
-    0xca, 0x23, 0x34, 0x58, 0xf6, 0x6b, 0x26, 0xf2, 0xc1, 0x35, 0x7a, 0xef,
-    0xce, 0xb6, 0x79, 0xef,
-};
-static const unsigned char kat55_nor_nonce[] = {
-    0xfe, 0x13, 0x64, 0x04, 0xad, 0x7a, 0x49, 0xe7,
-};
-static const unsigned char kat55_nor_persstr[] = {
-    0x26, 0x83, 0xdc, 0x31, 0x3b, 0xc0, 0xbb, 0x93, 0xeb, 0xb4, 0x6b, 0xbb,
-    0x55, 0x3f, 0x58, 0x75,
-};
-static const unsigned char kat55_nor_addin0[] = {
-    0xf7, 0x8a, 0xb1, 0xf4, 0x52, 0x6f, 0x0f, 0xa5, 0xcb, 0x75, 0x43, 0xd1,
-    0x46, 0x43, 0xfe, 0xb5,
-};
-static const unsigned char kat55_nor_addin1[] = {
-    0x40, 0xb9, 0x26, 0x32, 0x4c, 0xc2, 0x94, 0x3a, 0xca, 0x83, 0x7f, 0x69,
-    0x0d, 0x0b, 0xcd, 0xa4,
-};
-static const unsigned char kat55_nor_retbytes[] = {
-    0x37, 0x24, 0xd0, 0xe5, 0x80, 0xe9, 0x0d, 0x4e, 0xf3, 0x2e, 0x5f, 0x8a,
-    0x5b, 0xb5, 0x62, 0x25, 0xa9, 0x13, 0xf2, 0x10, 0xb7, 0x6d, 0x5a, 0x78,
-    0xfd, 0x8e, 0xf2, 0x5d, 0x6e, 0xec, 0x9f, 0xf1, 0x47, 0x11, 0xd6, 0xdb,
-    0x80, 0xe1, 0xe8, 0x11, 0x42, 0xa5, 0x60, 0x75, 0x34, 0xa7, 0x25, 0xd2,
-    0x78, 0x5c, 0x8e, 0x3e, 0x4a, 0x48, 0xa5, 0x94, 0xb0, 0xd9, 0x1b, 0xc9,
-    0x32, 0x82, 0x7b, 0xd7,
-};
-static const struct drbg_kat_no_reseed kat55_nor_t = {
-    9, kat55_nor_entropyin, kat55_nor_nonce, kat55_nor_persstr,
-    kat55_nor_addin0, kat55_nor_addin1, kat55_nor_retbytes
-};
-static const struct drbg_kat kat55_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat55_nor_t
-};
-
-static const unsigned char kat56_nor_entropyin[] = {
-    0x2b, 0x52, 0x1d, 0xc4, 0x03, 0x12, 0x9f, 0xd9, 0xed, 0x0b, 0xe9, 0xf5,
-    0xfd, 0xe0, 0x66, 0x17,
-};
-static const unsigned char kat56_nor_nonce[] = {
-    0xf0, 0xdf, 0xa0, 0x1e, 0x09, 0x9b, 0x95, 0xa1,
-};
-static const unsigned char kat56_nor_persstr[] = {
-    0xfe, 0x85, 0x8d, 0x59, 0xd7, 0x34, 0xf6, 0x0f, 0x71, 0xa3, 0x87, 0x55,
-    0x3c, 0xca, 0x46, 0xff,
-};
-static const unsigned char kat56_nor_addin0[] = {
-    0x6f, 0xba, 0x8d, 0x06, 0xff, 0x43, 0x30, 0x07, 0xbd, 0x7d, 0x15, 0x56,
-    0x9a, 0xf3, 0xd0, 0x69,
-};
-static const unsigned char kat56_nor_addin1[] = {
-    0x80, 0xb0, 0xc1, 0x1f, 0x18, 0xb5, 0x92, 0x3a, 0x89, 0xf0, 0xfe, 0x23,
-    0x77, 0x6d, 0x39, 0x05,
-};
-static const unsigned char kat56_nor_retbytes[] = {
-    0x41, 0x73, 0x88, 0xde, 0xe9, 0x08, 0x4f, 0x58, 0x8d, 0x0a, 0xdb, 0x5e,
-    0x5d, 0x1b, 0x54, 0x6b, 0x12, 0x55, 0xcd, 0xf5, 0x9d, 0x69, 0x95, 0x7a,
-    0xe6, 0x87, 0xc7, 0x82, 0x2b, 0x93, 0x5c, 0xe0, 0x29, 0x30, 0x6c, 0x02,
-    0x50, 0xd4, 0x69, 0x83, 0x9c, 0x7d, 0xf9, 0xd3, 0xd0, 0x8e, 0xc8, 0xc5,
-    0x0a, 0x66, 0x7a, 0xf1, 0x0d, 0x8d, 0x5b, 0x00, 0x73, 0x02, 0xa6, 0xe8,
-    0x7b, 0x4e, 0x7f, 0x2c,
-};
-static const struct drbg_kat_no_reseed kat56_nor_t = {
-    10, kat56_nor_entropyin, kat56_nor_nonce, kat56_nor_persstr,
-    kat56_nor_addin0, kat56_nor_addin1, kat56_nor_retbytes
-};
-static const struct drbg_kat kat56_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat56_nor_t
-};
-
-static const unsigned char kat57_nor_entropyin[] = {
-    0xd0, 0x50, 0x2b, 0x78, 0xf7, 0xaa, 0x6f, 0xa1, 0xd8, 0x88, 0x42, 0x1d,
-    0x70, 0x2c, 0xad, 0xd1,
-};
-static const unsigned char kat57_nor_nonce[] = {
-    0x4b, 0x37, 0xb8, 0x96, 0x59, 0x69, 0xea, 0x8d,
-};
-static const unsigned char kat57_nor_persstr[] = {
-    0x56, 0xbd, 0x43, 0x1f, 0x04, 0x88, 0xfe, 0x6d, 0x7b, 0xa3, 0x83, 0x6e,
-    0x5c, 0x8c, 0x7a, 0xa9,
-};
-static const unsigned char kat57_nor_addin0[] = {
-    0x26, 0x92, 0x5d, 0xbc, 0xbe, 0xd7, 0x33, 0xbe, 0x2a, 0x5e, 0x76, 0x49,
-    0xc8, 0x76, 0xa0, 0xf8,
-};
-static const unsigned char kat57_nor_addin1[] = {
-    0x9c, 0x70, 0x35, 0x2d, 0x4f, 0x9c, 0x88, 0x0e, 0x76, 0xd4, 0x68, 0x08,
-    0x38, 0xdd, 0x0d, 0xea,
-};
-static const unsigned char kat57_nor_retbytes[] = {
-    0x65, 0x00, 0x24, 0x2c, 0x35, 0x88, 0xb4, 0x52, 0x30, 0x7b, 0x2a, 0x06,
-    0x34, 0x90, 0x0e, 0x75, 0x6a, 0x3d, 0x26, 0x19, 0xfc, 0x2a, 0xdf, 0x10,
-    0x77, 0x69, 0x22, 0xb0, 0x06, 0x61, 0x7e, 0xe8, 0x81, 0x82, 0x83, 0x66,
-    0xac, 0x52, 0x7f, 0xad, 0xa0, 0x01, 0x86, 0xbc, 0x8b, 0xfd, 0x6b, 0xee,
-    0x66, 0xd6, 0x38, 0x03, 0x5a, 0xaf, 0xff, 0xbc, 0x83, 0x32, 0xa5, 0x4c,
-    0xa1, 0x7d, 0xf1, 0x6f,
-};
-static const struct drbg_kat_no_reseed kat57_nor_t = {
-    11, kat57_nor_entropyin, kat57_nor_nonce, kat57_nor_persstr,
-    kat57_nor_addin0, kat57_nor_addin1, kat57_nor_retbytes
-};
-static const struct drbg_kat kat57_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat57_nor_t
-};
-
-static const unsigned char kat58_nor_entropyin[] = {
-    0xa3, 0xb9, 0x5f, 0x32, 0x01, 0xfa, 0x01, 0x01, 0x07, 0x57, 0x30, 0x74,
-    0xb1, 0x19, 0x9b, 0xc0,
-};
-static const unsigned char kat58_nor_nonce[] = {
-    0x60, 0x30, 0xe5, 0xb6, 0x13, 0x47, 0xb0, 0xe2,
-};
-static const unsigned char kat58_nor_persstr[] = {
-    0x9e, 0x77, 0x85, 0x46, 0xd4, 0x5f, 0x17, 0x93, 0xa1, 0x1d, 0x80, 0xa0,
-    0x2e, 0x4c, 0xa3, 0xc3,
-};
-static const unsigned char kat58_nor_addin0[] = {
-    0xe5, 0x07, 0x33, 0x61, 0x98, 0x25, 0x31, 0x37, 0xa5, 0x55, 0xe8, 0xc1,
-    0x18, 0xa1, 0x2d, 0x2f,
-};
-static const unsigned char kat58_nor_addin1[] = {
-    0xe5, 0xce, 0xea, 0xcb, 0xb5, 0x22, 0xf5, 0xde, 0x81, 0x78, 0x9c, 0x32,
-    0xcb, 0xcd, 0xef, 0x30,
-};
-static const unsigned char kat58_nor_retbytes[] = {
-    0x4a, 0xd1, 0x8e, 0xa0, 0x83, 0x7f, 0x06, 0x3e, 0x9f, 0xbf, 0x6c, 0x72,
-    0xd1, 0xaf, 0x6f, 0x77, 0x96, 0x41, 0xf4, 0xe1, 0x1c, 0x40, 0x0d, 0x95,
-    0xcb, 0x2b, 0xa4, 0x22, 0x99, 0xa9, 0x66, 0x48, 0xe0, 0x59, 0xe1, 0xa6,
-    0x3f, 0x7c, 0x03, 0x79, 0x25, 0x44, 0x89, 0xc7, 0xcb, 0xff, 0xfb, 0x22,
-    0x11, 0x84, 0x57, 0x18, 0xc5, 0x26, 0x00, 0xc9, 0xe8, 0x58, 0x49, 0xd6,
-    0xe0, 0x95, 0x1f, 0x7b,
-};
-static const struct drbg_kat_no_reseed kat58_nor_t = {
-    12, kat58_nor_entropyin, kat58_nor_nonce, kat58_nor_persstr,
-    kat58_nor_addin0, kat58_nor_addin1, kat58_nor_retbytes
-};
-static const struct drbg_kat kat58_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat58_nor_t
-};
-
-static const unsigned char kat59_nor_entropyin[] = {
-    0x88, 0x18, 0xbe, 0x7e, 0x8e, 0x81, 0x5b, 0xca, 0x0c, 0xb5, 0xa0, 0x14,
-    0x4d, 0x44, 0xb6, 0x72,
-};
-static const unsigned char kat59_nor_nonce[] = {
-    0x12, 0x2b, 0x14, 0x8c, 0xa1, 0xaa, 0xba, 0x60,
-};
-static const unsigned char kat59_nor_persstr[] = {
-    0x90, 0x6d, 0xc3, 0x0b, 0x39, 0x54, 0x27, 0x38, 0x56, 0x73, 0x26, 0x13,
-    0x66, 0xf5, 0xe9, 0xa8,
-};
-static const unsigned char kat59_nor_addin0[] = {
-    0x56, 0xee, 0x67, 0xff, 0x14, 0x66, 0xce, 0xed, 0xd7, 0x28, 0x1d, 0x73,
-    0xf3, 0x9c, 0x6c, 0x85,
-};
-static const unsigned char kat59_nor_addin1[] = {
-    0x82, 0xe4, 0xa6, 0xed, 0xb0, 0x78, 0x00, 0x79, 0xfa, 0xee, 0x25, 0x8e,
-    0xd1, 0x13, 0x7e, 0xcf,
-};
-static const unsigned char kat59_nor_retbytes[] = {
-    0x88, 0x55, 0xad, 0x03, 0xe3, 0x87, 0x27, 0xd0, 0x49, 0xe8, 0x55, 0x8e,
-    0xcc, 0x66, 0x3b, 0x8c, 0x89, 0xcb, 0x5b, 0xd1, 0x38, 0xac, 0x34, 0x9c,
-    0x6e, 0x5f, 0x78, 0x41, 0x70, 0xc5, 0x07, 0x69, 0xc8, 0xc9, 0x7b, 0x09,
-    0x4d, 0xfa, 0x07, 0x52, 0xd0, 0x65, 0x53, 0x1d, 0xa4, 0x00, 0x85, 0x81,
-    0x7c, 0xcb, 0x08, 0xf2, 0xb9, 0x4c, 0xbb, 0xba, 0xe7, 0x59, 0x8c, 0x96,
-    0x3e, 0x3a, 0xd6, 0xd1,
-};
-static const struct drbg_kat_no_reseed kat59_nor_t = {
-    13, kat59_nor_entropyin, kat59_nor_nonce, kat59_nor_persstr,
-    kat59_nor_addin0, kat59_nor_addin1, kat59_nor_retbytes
-};
-static const struct drbg_kat kat59_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat59_nor_t
-};
-
-static const unsigned char kat60_nor_entropyin[] = {
-    0x00, 0x90, 0xdc, 0xb9, 0x1f, 0x02, 0x70, 0xf6, 0x58, 0x20, 0x7d, 0x49,
-    0xa7, 0x47, 0x38, 0xe2,
-};
-static const unsigned char kat60_nor_nonce[] = {
-    0x9d, 0x18, 0xae, 0xa2, 0x68, 0x4e, 0xe2, 0xb7,
-};
-static const unsigned char kat60_nor_persstr[] = {
-    0x64, 0xa8, 0x18, 0x57, 0xce, 0x29, 0xf0, 0xd2, 0xa8, 0x51, 0x03, 0x00,
-    0xb0, 0xa3, 0xfa, 0xc0,
-};
-static const unsigned char kat60_nor_addin0[] = {
-    0xcd, 0x7f, 0x89, 0xf8, 0xd5, 0x46, 0x8e, 0xae, 0x8b, 0xca, 0x31, 0x4f,
-    0xd9, 0xf2, 0x5b, 0x23,
-};
-static const unsigned char kat60_nor_addin1[] = {
-    0x94, 0x9b, 0x94, 0x41, 0x7f, 0xb4, 0x2b, 0xbc, 0x7c, 0xdb, 0x3f, 0x53,
-    0xa0, 0x55, 0x80, 0x19,
-};
-static const unsigned char kat60_nor_retbytes[] = {
-    0x63, 0xd3, 0xe9, 0x19, 0x88, 0x1f, 0x87, 0xd6, 0x9c, 0xba, 0xdc, 0xb6,
-    0x78, 0x9e, 0x0b, 0x8f, 0x2e, 0x49, 0xf4, 0xc9, 0xd0, 0xe3, 0xba, 0x1e,
-    0x4a, 0x59, 0x16, 0x2a, 0xf7, 0x18, 0xbc, 0x40, 0xdd, 0x67, 0x3e, 0xae,
-    0x8f, 0x48, 0xfd, 0x27, 0x82, 0xe0, 0x6c, 0xde, 0xc5, 0x63, 0x2a, 0x4b,
-    0x2e, 0x60, 0x65, 0x5c, 0xba, 0x75, 0xaf, 0xaf, 0x4c, 0x12, 0xa6, 0x74,
-    0xee, 0xe4, 0xd3, 0xfc,
-};
-static const struct drbg_kat_no_reseed kat60_nor_t = {
-    14, kat60_nor_entropyin, kat60_nor_nonce, kat60_nor_persstr,
-    kat60_nor_addin0, kat60_nor_addin1, kat60_nor_retbytes
-};
-static const struct drbg_kat kat60_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat60_nor_t
-};
-
-static const unsigned char kat61_nor_entropyin[] = {
-    0x2d, 0x2a, 0xb5, 0x64, 0x20, 0x29, 0x18, 0xc4, 0xef, 0x5b, 0x10, 0x2d,
-    0xda, 0x38, 0x5a, 0x18,
-};
-static const unsigned char kat61_nor_nonce[] = {
-    0x25, 0x91, 0x95, 0x26, 0x9e, 0xc1, 0x1a, 0xf6,
-};
-static const unsigned char kat61_nor_persstr[] = {0};
-static const unsigned char kat61_nor_addin0[] = {0};
-static const unsigned char kat61_nor_addin1[] = {0};
-static const unsigned char kat61_nor_retbytes[] = {
-    0x2c, 0x5c, 0xd7, 0x9e, 0xd8, 0x76, 0x22, 0xa9, 0x1b, 0x86, 0x54, 0xc8,
-    0x90, 0x3d, 0x85, 0x22, 0x42, 0xcd, 0x49, 0xcb, 0x5d, 0xf2, 0xd4, 0xb4,
-    0x15, 0x05, 0x84, 0x30, 0x1c, 0x59, 0xf0, 0x1f, 0xd9, 0x5a, 0x70, 0x2a,
-    0xc1, 0x57, 0xc8, 0x4c, 0xc1, 0x5f, 0x42, 0xc8, 0x21, 0x13, 0x35, 0x67,
-    0x2d, 0x8c, 0xe1, 0x29, 0x1e, 0xf9, 0xb1, 0xde, 0xf7, 0x81, 0x49, 0xa0,
-    0x4f, 0xa2, 0x69, 0x7c,
-};
-static const struct drbg_kat_no_reseed kat61_nor_t = {
-    0, kat61_nor_entropyin, kat61_nor_nonce, kat61_nor_persstr,
-    kat61_nor_addin0, kat61_nor_addin1, kat61_nor_retbytes
-};
-static const struct drbg_kat kat61_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat61_nor_t
-};
-
-static const unsigned char kat62_nor_entropyin[] = {
-    0xa0, 0x16, 0x46, 0x3d, 0xbb, 0x49, 0x99, 0x90, 0xcb, 0xcd, 0xa4, 0x50,
-    0x46, 0xd8, 0xf3, 0x37,
-};
-static const unsigned char kat62_nor_nonce[] = {
-    0x24, 0x9d, 0x02, 0xde, 0x2d, 0xcf, 0x3e, 0x57,
-};
-static const unsigned char kat62_nor_persstr[] = {0};
-static const unsigned char kat62_nor_addin0[] = {0};
-static const unsigned char kat62_nor_addin1[] = {0};
-static const unsigned char kat62_nor_retbytes[] = {
-    0x35, 0xb8, 0x1f, 0xb9, 0x42, 0x41, 0xf4, 0xc9, 0x31, 0x9a, 0x7f, 0x16,
-    0xb4, 0x42, 0x49, 0x52, 0x52, 0xdb, 0x4c, 0x98, 0x48, 0x60, 0xd0, 0x35,
-    0xf6, 0xc4, 0x54, 0x03, 0xf9, 0x74, 0xf5, 0x34, 0xfa, 0x93, 0xb2, 0x1b,
-    0x6b, 0x89, 0x44, 0x1b, 0xe0, 0x7c, 0x5c, 0x29, 0x31, 0x7f, 0x86, 0x8d,
-    0xc9, 0xab, 0x5c, 0x18, 0x37, 0x74, 0x37, 0xfa, 0xdb, 0x4d, 0x85, 0x7e,
-    0xe0, 0x92, 0xf9, 0x23,
-};
-static const struct drbg_kat_no_reseed kat62_nor_t = {
-    1, kat62_nor_entropyin, kat62_nor_nonce, kat62_nor_persstr,
-    kat62_nor_addin0, kat62_nor_addin1, kat62_nor_retbytes
-};
-static const struct drbg_kat kat62_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat62_nor_t
-};
-
-static const unsigned char kat63_nor_entropyin[] = {
-    0x1e, 0x38, 0x20, 0xc4, 0x6e, 0x50, 0xb7, 0xcb, 0xc5, 0x8b, 0x05, 0xaa,
-    0x72, 0x24, 0x27, 0xa8,
-};
-static const unsigned char kat63_nor_nonce[] = {
-    0xfe, 0x0f, 0x40, 0x01, 0x4e, 0xb3, 0x27, 0x9f,
-};
-static const unsigned char kat63_nor_persstr[] = {0};
-static const unsigned char kat63_nor_addin0[] = {0};
-static const unsigned char kat63_nor_addin1[] = {0};
-static const unsigned char kat63_nor_retbytes[] = {
-    0x18, 0x53, 0x0b, 0x9d, 0xe8, 0x89, 0xd8, 0xad, 0x3f, 0x41, 0xd5, 0x39,
-    0x79, 0x6c, 0x2a, 0x95, 0xd6, 0x82, 0xfb, 0x02, 0x6d, 0xf7, 0xca, 0x09,
-    0x4a, 0xf4, 0xab, 0x23, 0x95, 0x29, 0x2e, 0x6f, 0xcd, 0xb1, 0x75, 0xba,
-    0x25, 0x7d, 0x61, 0x27, 0x9d, 0xa4, 0xd0, 0xfc, 0x78, 0xfd, 0xf8, 0xa4,
-    0xeb, 0x46, 0xa0, 0xe2, 0xd7, 0x54, 0xf5, 0xf8, 0xf0, 0x9e, 0xcb, 0x15,
-    0x7c, 0x8a, 0x58, 0xa1,
-};
-static const struct drbg_kat_no_reseed kat63_nor_t = {
-    2, kat63_nor_entropyin, kat63_nor_nonce, kat63_nor_persstr,
-    kat63_nor_addin0, kat63_nor_addin1, kat63_nor_retbytes
-};
-static const struct drbg_kat kat63_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat63_nor_t
-};
-
-static const unsigned char kat64_nor_entropyin[] = {
-    0x3b, 0x02, 0xc5, 0xa4, 0x74, 0x67, 0x96, 0x48, 0xe2, 0xfe, 0x09, 0x0a,
-    0x13, 0xbe, 0x04, 0x1c,
-};
-static const unsigned char kat64_nor_nonce[] = {
-    0x71, 0xed, 0x5a, 0xa0, 0x78, 0xb8, 0x3a, 0x7b,
-};
-static const unsigned char kat64_nor_persstr[] = {0};
-static const unsigned char kat64_nor_addin0[] = {0};
-static const unsigned char kat64_nor_addin1[] = {0};
-static const unsigned char kat64_nor_retbytes[] = {
-    0xe8, 0xe2, 0xe5, 0xd8, 0xbd, 0x99, 0x29, 0xe4, 0xe1, 0x67, 0x5c, 0x84,
-    0x61, 0x45, 0x7c, 0xab, 0x06, 0x33, 0xd8, 0x3f, 0x9b, 0xd2, 0x43, 0xbc,
-    0x58, 0x29, 0x37, 0xc2, 0xb9, 0x61, 0xb7, 0x1c, 0x11, 0x85, 0x6f, 0x83,
-    0x6c, 0x37, 0x32, 0x9d, 0x3f, 0xa8, 0x63, 0x76, 0xee, 0xc9, 0x71, 0x39,
-    0x10, 0x4d, 0xe5, 0x32, 0x60, 0xe1, 0x22, 0xcb, 0x2b, 0x6d, 0x82, 0x4e,
-    0x21, 0xe7, 0x5c, 0xe7,
-};
-static const struct drbg_kat_no_reseed kat64_nor_t = {
-    3, kat64_nor_entropyin, kat64_nor_nonce, kat64_nor_persstr,
-    kat64_nor_addin0, kat64_nor_addin1, kat64_nor_retbytes
-};
-static const struct drbg_kat kat64_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat64_nor_t
-};
-
-static const unsigned char kat65_nor_entropyin[] = {
-    0x05, 0x0c, 0x48, 0xab, 0x8a, 0x05, 0xff, 0x69, 0x0b, 0x62, 0xe3, 0x7d,
-    0x9b, 0x21, 0xf2, 0xfa,
-};
-static const unsigned char kat65_nor_nonce[] = {
-    0xf7, 0x96, 0x48, 0x75, 0xbe, 0x28, 0x83, 0x53,
-};
-static const unsigned char kat65_nor_persstr[] = {0};
-static const unsigned char kat65_nor_addin0[] = {0};
-static const unsigned char kat65_nor_addin1[] = {0};
-static const unsigned char kat65_nor_retbytes[] = {
-    0x24, 0xcb, 0x0e, 0xdc, 0xb8, 0x9e, 0xec, 0x61, 0x76, 0x13, 0xa2, 0x7f,
-    0xe3, 0xe4, 0x47, 0x5a, 0xff, 0xab, 0x49, 0x8d, 0x57, 0xbc, 0x3c, 0x4e,
-    0xf8, 0x44, 0xfe, 0x19, 0xb3, 0x84, 0x13, 0x47, 0x7c, 0x1d, 0xb0, 0x40,
-    0xf1, 0x67, 0x57, 0xf1, 0x85, 0x1b, 0x79, 0x9c, 0x1f, 0x26, 0x69, 0xaa,
-    0x9f, 0x9c, 0x50, 0x53, 0x2e, 0xaf, 0xbe, 0x1e, 0x29, 0x48, 0xe3, 0x38,
-    0xd1, 0xca, 0x4b, 0xd7,
-};
-static const struct drbg_kat_no_reseed kat65_nor_t = {
-    4, kat65_nor_entropyin, kat65_nor_nonce, kat65_nor_persstr,
-    kat65_nor_addin0, kat65_nor_addin1, kat65_nor_retbytes
-};
-static const struct drbg_kat kat65_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat65_nor_t
-};
-
-static const unsigned char kat66_nor_entropyin[] = {
-    0xec, 0xd9, 0x9c, 0x0b, 0x49, 0x1c, 0xf6, 0xa3, 0x23, 0xbc, 0x33, 0x36,
-    0x46, 0xe5, 0xc5, 0x6a,
-};
-static const unsigned char kat66_nor_nonce[] = {
-    0xb1, 0x0a, 0x17, 0x84, 0x99, 0x5c, 0xb3, 0x4c,
-};
-static const unsigned char kat66_nor_persstr[] = {0};
-static const unsigned char kat66_nor_addin0[] = {0};
-static const unsigned char kat66_nor_addin1[] = {0};
-static const unsigned char kat66_nor_retbytes[] = {
-    0x65, 0x35, 0xc4, 0x8d, 0x99, 0x9a, 0x30, 0x6a, 0xcb, 0x83, 0xf7, 0xb7,
-    0x20, 0xb3, 0xc3, 0x97, 0x72, 0xa4, 0x96, 0xe7, 0x5a, 0x89, 0x0f, 0x6e,
-    0x14, 0xd7, 0x0a, 0x82, 0x41, 0x42, 0xa1, 0x2d, 0x01, 0xde, 0xe5, 0x52,
-    0x71, 0xb8, 0x2c, 0x7b, 0x02, 0x7b, 0x94, 0x68, 0xc3, 0x09, 0xfa, 0x2d,
-    0x08, 0xe9, 0x1e, 0x5e, 0x37, 0x9e, 0xb9, 0x0c, 0xf8, 0x91, 0x5c, 0xf4,
-    0xcc, 0x24, 0x1b, 0x50,
-};
-static const struct drbg_kat_no_reseed kat66_nor_t = {
-    5, kat66_nor_entropyin, kat66_nor_nonce, kat66_nor_persstr,
-    kat66_nor_addin0, kat66_nor_addin1, kat66_nor_retbytes
-};
-static const struct drbg_kat kat66_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat66_nor_t
-};
-
-static const unsigned char kat67_nor_entropyin[] = {
-    0x34, 0xae, 0xe3, 0xef, 0x35, 0xb2, 0xa1, 0xe3, 0x1c, 0x42, 0x97, 0x25,
-    0xfe, 0xaa, 0x6b, 0xfd,
-};
-static const unsigned char kat67_nor_nonce[] = {
-    0xe4, 0x36, 0x9b, 0x6a, 0xda, 0x90, 0x91, 0xed,
-};
-static const unsigned char kat67_nor_persstr[] = {0};
-static const unsigned char kat67_nor_addin0[] = {0};
-static const unsigned char kat67_nor_addin1[] = {0};
-static const unsigned char kat67_nor_retbytes[] = {
-    0xaf, 0x9d, 0xb4, 0xdf, 0x46, 0xac, 0x80, 0xfe, 0xca, 0xd6, 0xc3, 0xd1,
-    0xd9, 0x75, 0xd2, 0xd0, 0xa6, 0x65, 0xf3, 0x1b, 0x4e, 0x3b, 0x07, 0xd9,
-    0x62, 0x63, 0x22, 0x96, 0xb7, 0x60, 0x39, 0xdd, 0xca, 0xb8, 0xed, 0xde,
-    0x17, 0xba, 0xd6, 0x23, 0x01, 0x31, 0x16, 0x2e, 0x59, 0xd0, 0x7d, 0xbb,
-    0xd0, 0xf0, 0xb5, 0x2e, 0x5c, 0xa9, 0x3c, 0xf3, 0x7f, 0x12, 0xc0, 0x30,
-    0x42, 0xbf, 0x0c, 0x82,
-};
-static const struct drbg_kat_no_reseed kat67_nor_t = {
-    6, kat67_nor_entropyin, kat67_nor_nonce, kat67_nor_persstr,
-    kat67_nor_addin0, kat67_nor_addin1, kat67_nor_retbytes
-};
-static const struct drbg_kat kat67_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat67_nor_t
-};
-
-static const unsigned char kat68_nor_entropyin[] = {
-    0x91, 0x15, 0x64, 0x69, 0x54, 0x0c, 0x78, 0x5d, 0xf5, 0x6a, 0x10, 0xe1,
-    0x6b, 0x66, 0x10, 0x7c,
-};
-static const unsigned char kat68_nor_nonce[] = {
-    0x7e, 0x2b, 0x2a, 0x7f, 0x58, 0xf3, 0xef, 0x20,
-};
-static const unsigned char kat68_nor_persstr[] = {0};
-static const unsigned char kat68_nor_addin0[] = {0};
-static const unsigned char kat68_nor_addin1[] = {0};
-static const unsigned char kat68_nor_retbytes[] = {
-    0x9a, 0x76, 0x3a, 0x4c, 0x05, 0x27, 0x25, 0xe7, 0xae, 0x9d, 0x21, 0x22,
-    0xa4, 0x5c, 0xd1, 0x8e, 0xa2, 0x8c, 0x58, 0x17, 0x2b, 0x87, 0xc5, 0x7e,
-    0xdb, 0x9d, 0xaa, 0x32, 0xf8, 0xa2, 0x6e, 0xb9, 0x8d, 0x6b, 0x88, 0x12,
-    0x09, 0x5a, 0x54, 0xcf, 0x62, 0x82, 0xc5, 0xe0, 0xfc, 0x18, 0xcd, 0x30,
-    0x12, 0x44, 0x15, 0xd2, 0x67, 0xc9, 0xfc, 0x2c, 0xda, 0xe9, 0xbe, 0xed,
-    0xbb, 0x86, 0x58, 0x4e,
-};
-static const struct drbg_kat_no_reseed kat68_nor_t = {
-    7, kat68_nor_entropyin, kat68_nor_nonce, kat68_nor_persstr,
-    kat68_nor_addin0, kat68_nor_addin1, kat68_nor_retbytes
-};
-static const struct drbg_kat kat68_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat68_nor_t
-};
-
-static const unsigned char kat69_nor_entropyin[] = {
-    0xcd, 0x5d, 0xbc, 0x35, 0xd1, 0xb4, 0x43, 0x5c, 0x4c, 0x94, 0x5b, 0xaf,
-    0xe4, 0xb8, 0xfc, 0x7a,
-};
-static const unsigned char kat69_nor_nonce[] = {
-    0xaf, 0x4a, 0xcd, 0xfc, 0x81, 0x19, 0x32, 0x2c,
-};
-static const unsigned char kat69_nor_persstr[] = {0};
-static const unsigned char kat69_nor_addin0[] = {0};
-static const unsigned char kat69_nor_addin1[] = {0};
-static const unsigned char kat69_nor_retbytes[] = {
-    0xfe, 0x67, 0x82, 0x99, 0xf1, 0xad, 0xe1, 0x96, 0x21, 0x88, 0x02, 0x35,
-    0xfa, 0x6f, 0xe2, 0xb5, 0x01, 0x84, 0xf8, 0x12, 0x43, 0x83, 0x3e, 0xbe,
-    0x68, 0xc6, 0x16, 0xa9, 0x03, 0x4e, 0x23, 0xe0, 0xcc, 0x87, 0x3e, 0x8a,
-    0xc4, 0xd0, 0xe3, 0x65, 0xb5, 0x24, 0xa3, 0x78, 0x32, 0xb5, 0x2d, 0x97,
-    0xa8, 0x38, 0x62, 0x93, 0x24, 0x91, 0xd2, 0x64, 0x3a, 0x73, 0xe4, 0x6a,
-    0x80, 0xb5, 0x14, 0x9c,
-};
-static const struct drbg_kat_no_reseed kat69_nor_t = {
-    8, kat69_nor_entropyin, kat69_nor_nonce, kat69_nor_persstr,
-    kat69_nor_addin0, kat69_nor_addin1, kat69_nor_retbytes
-};
-static const struct drbg_kat kat69_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat69_nor_t
-};
-
-static const unsigned char kat70_nor_entropyin[] = {
-    0xd5, 0x2d, 0x11, 0x59, 0x78, 0x7b, 0xaa, 0xb2, 0x13, 0xe8, 0x79, 0x21,
-    0xfd, 0x95, 0x91, 0x10,
-};
-static const unsigned char kat70_nor_nonce[] = {
-    0x7a, 0xb3, 0x75, 0x38, 0xee, 0x02, 0x45, 0xc8,
-};
-static const unsigned char kat70_nor_persstr[] = {0};
-static const unsigned char kat70_nor_addin0[] = {0};
-static const unsigned char kat70_nor_addin1[] = {0};
-static const unsigned char kat70_nor_retbytes[] = {
-    0xf4, 0xd9, 0xea, 0xd3, 0x59, 0x46, 0x06, 0xac, 0x51, 0x94, 0x22, 0x15,
-    0xaa, 0x0b, 0xd2, 0x9b, 0xaa, 0x7c, 0x28, 0x1e, 0x62, 0xd2, 0xbc, 0xc1,
-    0xa7, 0x7f, 0x57, 0xe3, 0x59, 0x66, 0x83, 0x19, 0x9d, 0x70, 0xc0, 0x09,
-    0xc0, 0x84, 0xeb, 0x36, 0x54, 0x22, 0x4e, 0xd7, 0xb0, 0x7a, 0x09, 0xb4,
-    0x94, 0x48, 0x0a, 0x11, 0x3b, 0x33, 0xe0, 0x36, 0x6c, 0xb2, 0x25, 0x3e,
-    0xdb, 0xb0, 0xcb, 0x5e,
-};
-static const struct drbg_kat_no_reseed kat70_nor_t = {
-    9, kat70_nor_entropyin, kat70_nor_nonce, kat70_nor_persstr,
-    kat70_nor_addin0, kat70_nor_addin1, kat70_nor_retbytes
-};
-static const struct drbg_kat kat70_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat70_nor_t
-};
-
-static const unsigned char kat71_nor_entropyin[] = {
-    0x51, 0x10, 0xdb, 0x9d, 0x5f, 0x4f, 0xbd, 0xc0, 0x37, 0x55, 0x0e, 0x83,
-    0xc2, 0xbd, 0x96, 0xfe,
-};
-static const unsigned char kat71_nor_nonce[] = {
-    0xde, 0xe6, 0x41, 0xf9, 0x17, 0x7c, 0x9d, 0xa4,
-};
-static const unsigned char kat71_nor_persstr[] = {0};
-static const unsigned char kat71_nor_addin0[] = {0};
-static const unsigned char kat71_nor_addin1[] = {0};
-static const unsigned char kat71_nor_retbytes[] = {
-    0x05, 0xf8, 0xca, 0xd2, 0xd0, 0x31, 0xce, 0x6b, 0x52, 0x7e, 0xe0, 0x43,
-    0xb5, 0x05, 0x6d, 0xb2, 0x0e, 0xe5, 0xca, 0x66, 0x0a, 0x95, 0xc2, 0x9b,
-    0x8f, 0x8b, 0x2e, 0x43, 0xef, 0xa5, 0xc7, 0xaa, 0x62, 0x35, 0x12, 0x33,
-    0xf4, 0xf1, 0x60, 0x36, 0x8c, 0x3d, 0xad, 0x4a, 0x74, 0xf4, 0x71, 0xbb,
-    0x02, 0x15, 0x3f, 0x86, 0xc8, 0x7a, 0x14, 0x0a, 0x36, 0xe0, 0xf1, 0x22,
-    0xc6, 0x8b, 0xa7, 0x7d,
-};
-static const struct drbg_kat_no_reseed kat71_nor_t = {
-    10, kat71_nor_entropyin, kat71_nor_nonce, kat71_nor_persstr,
-    kat71_nor_addin0, kat71_nor_addin1, kat71_nor_retbytes
-};
-static const struct drbg_kat kat71_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat71_nor_t
-};
-
-static const unsigned char kat72_nor_entropyin[] = {
-    0x97, 0x90, 0x65, 0xbc, 0x1a, 0x1c, 0x8c, 0x82, 0x90, 0xdd, 0xe2, 0x19,
-    0xf0, 0x12, 0x1a, 0xbe,
-};
-static const unsigned char kat72_nor_nonce[] = {
-    0x59, 0x3a, 0x0e, 0x1f, 0xa9, 0x85, 0x64, 0xa3,
-};
-static const unsigned char kat72_nor_persstr[] = {0};
-static const unsigned char kat72_nor_addin0[] = {0};
-static const unsigned char kat72_nor_addin1[] = {0};
-static const unsigned char kat72_nor_retbytes[] = {
-    0x19, 0x9e, 0x68, 0xe5, 0xb6, 0x37, 0xa2, 0x7b, 0xe7, 0x94, 0x53, 0xd9,
-    0x95, 0x3a, 0x0e, 0x52, 0x95, 0x36, 0x37, 0x4e, 0x7f, 0x63, 0xe8, 0x59,
-    0x5a, 0xfe, 0x4b, 0x5d, 0x4e, 0x3b, 0xb3, 0x79, 0xc6, 0xd4, 0x62, 0xf6,
-    0x43, 0x12, 0x44, 0xaf, 0x43, 0x36, 0xb1, 0x7f, 0x9d, 0xfd, 0xfe, 0xaf,
-    0xa6, 0xf4, 0xff, 0xf5, 0x00, 0x4a, 0xa6, 0x5f, 0x7d, 0x6b, 0xb3, 0xb8,
-    0x8a, 0xf8, 0xe9, 0xe2,
-};
-static const struct drbg_kat_no_reseed kat72_nor_t = {
-    11, kat72_nor_entropyin, kat72_nor_nonce, kat72_nor_persstr,
-    kat72_nor_addin0, kat72_nor_addin1, kat72_nor_retbytes
-};
-static const struct drbg_kat kat72_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat72_nor_t
-};
-
-static const unsigned char kat73_nor_entropyin[] = {
-    0x89, 0xa7, 0x87, 0xbe, 0x64, 0xba, 0x33, 0x58, 0x95, 0x2f, 0x9d, 0x60,
-    0x2b, 0xd8, 0xfa, 0xb4,
-};
-static const unsigned char kat73_nor_nonce[] = {
-    0xab, 0x96, 0x1b, 0x68, 0xc6, 0x58, 0x92, 0xd3,
-};
-static const unsigned char kat73_nor_persstr[] = {0};
-static const unsigned char kat73_nor_addin0[] = {0};
-static const unsigned char kat73_nor_addin1[] = {0};
-static const unsigned char kat73_nor_retbytes[] = {
-    0x6e, 0x5d, 0xd2, 0xa6, 0x51, 0xf2, 0x61, 0x4f, 0xca, 0x88, 0x1f, 0x5e,
-    0xdb, 0x05, 0xd5, 0xee, 0xc6, 0x12, 0x75, 0xdd, 0x05, 0xb3, 0x1f, 0xd8,
-    0xa3, 0x06, 0x2f, 0xac, 0x51, 0x59, 0x60, 0xde, 0xf7, 0xb0, 0xd4, 0xdb,
-    0x30, 0x4f, 0x64, 0x2b, 0x91, 0xe6, 0x40, 0x1f, 0x2a, 0x00, 0xb0, 0xfb,
-    0x69, 0x3e, 0xdd, 0x73, 0x13, 0x10, 0x2f, 0x58, 0xd7, 0x33, 0x02, 0xea,
-    0x8b, 0x5a, 0x9d, 0x7a,
-};
-static const struct drbg_kat_no_reseed kat73_nor_t = {
-    12, kat73_nor_entropyin, kat73_nor_nonce, kat73_nor_persstr,
-    kat73_nor_addin0, kat73_nor_addin1, kat73_nor_retbytes
-};
-static const struct drbg_kat kat73_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat73_nor_t
-};
-
-static const unsigned char kat74_nor_entropyin[] = {
-    0x21, 0xf0, 0x2f, 0xc7, 0x5a, 0x28, 0x2d, 0x7f, 0x87, 0xca, 0xb0, 0x57,
-    0x67, 0x55, 0x8e, 0x08,
-};
-static const unsigned char kat74_nor_nonce[] = {
-    0x3b, 0x43, 0xd7, 0x7b, 0x0c, 0x64, 0x71, 0xe9,
-};
-static const unsigned char kat74_nor_persstr[] = {0};
-static const unsigned char kat74_nor_addin0[] = {0};
-static const unsigned char kat74_nor_addin1[] = {0};
-static const unsigned char kat74_nor_retbytes[] = {
-    0x3b, 0x87, 0x09, 0xce, 0xfe, 0x27, 0x06, 0x27, 0xeb, 0x49, 0x47, 0xf3,
-    0xc7, 0x69, 0x5e, 0xed, 0x2c, 0x85, 0xcc, 0x15, 0x25, 0xbe, 0x25, 0x3f,
-    0x20, 0x0a, 0x44, 0xad, 0x55, 0xf7, 0x58, 0x3e, 0x10, 0x91, 0xb8, 0x80,
-    0xee, 0x16, 0xa8, 0x08, 0xe9, 0x0d, 0xc1, 0xdd, 0x5c, 0x0e, 0xd3, 0xb8,
-    0xd1, 0x96, 0x40, 0x76, 0x61, 0xde, 0x80, 0x61, 0xf6, 0xa2, 0xd7, 0x8c,
-    0xdc, 0x93, 0x42, 0x9d,
-};
-static const struct drbg_kat_no_reseed kat74_nor_t = {
-    13, kat74_nor_entropyin, kat74_nor_nonce, kat74_nor_persstr,
-    kat74_nor_addin0, kat74_nor_addin1, kat74_nor_retbytes
-};
-static const struct drbg_kat kat74_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat74_nor_t
-};
-
-static const unsigned char kat75_nor_entropyin[] = {
-    0xdf, 0x5b, 0x1c, 0xd5, 0x10, 0x45, 0xc8, 0x38, 0x01, 0x53, 0x24, 0x49,
-    0xd6, 0xa8, 0x7a, 0xed,
-};
-static const unsigned char kat75_nor_nonce[] = {
-    0x8d, 0xd1, 0x72, 0xb8, 0x12, 0x86, 0xa2, 0x38,
-};
-static const unsigned char kat75_nor_persstr[] = {0};
-static const unsigned char kat75_nor_addin0[] = {0};
-static const unsigned char kat75_nor_addin1[] = {0};
-static const unsigned char kat75_nor_retbytes[] = {
-    0xf0, 0x17, 0x2b, 0x3a, 0x5b, 0x42, 0xea, 0xd6, 0xe6, 0x54, 0xd3, 0xab,
-    0xc7, 0x8d, 0xda, 0x08, 0x78, 0x0e, 0xa4, 0x32, 0x23, 0x62, 0x57, 0x07,
-    0xf8, 0xab, 0x02, 0x1b, 0xef, 0x54, 0x12, 0xdb, 0x89, 0xb0, 0x89, 0xcf,
-    0x75, 0x11, 0x78, 0xeb, 0x1b, 0x97, 0xbe, 0x13, 0xf5, 0xe8, 0x3b, 0x9f,
-    0x10, 0x76, 0xd0, 0xfc, 0x88, 0xe6, 0xbb, 0xd6, 0xee, 0xf1, 0xef, 0x63,
-    0x55, 0xe3, 0x67, 0x2b,
-};
-static const struct drbg_kat_no_reseed kat75_nor_t = {
-    14, kat75_nor_entropyin, kat75_nor_nonce, kat75_nor_persstr,
-    kat75_nor_addin0, kat75_nor_addin1, kat75_nor_retbytes
-};
-static const struct drbg_kat kat75_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat75_nor_t
-};
-
-static const unsigned char kat76_nor_entropyin[] = {
-    0xad, 0xf5, 0x71, 0x1f, 0x93, 0xd8, 0xc8, 0x99, 0x73, 0x49, 0x42, 0x9c,
-    0xca, 0xed, 0xae, 0x0a,
-};
-static const unsigned char kat76_nor_nonce[] = {
-    0xb2, 0x57, 0x16, 0x93, 0x1b, 0x6e, 0x3c, 0xc1,
-};
-static const unsigned char kat76_nor_persstr[] = {0};
-static const unsigned char kat76_nor_addin0[] = {
-    0xab, 0xf8, 0xcd, 0x66, 0xdd, 0x39, 0x75, 0x8b, 0x01, 0xd7, 0xdb, 0xb9,
-    0x9a, 0xb1, 0x7d, 0xc3,
-};
-static const unsigned char kat76_nor_addin1[] = {
-    0x4b, 0xe0, 0xf6, 0xb2, 0x75, 0x53, 0x77, 0xc6, 0xe8, 0x81, 0xfb, 0xb2,
-    0x61, 0xb5, 0x6b, 0xeb,
-};
-static const unsigned char kat76_nor_retbytes[] = {
-    0xd4, 0x20, 0x60, 0x4d, 0xee, 0x64, 0x67, 0x49, 0x2d, 0xb5, 0x95, 0x7c,
-    0x86, 0x20, 0x7a, 0x70, 0x8f, 0xd2, 0x42, 0xed, 0x67, 0x94, 0x2a, 0xed,
-    0x29, 0x94, 0x25, 0x33, 0x5c, 0x83, 0xb4, 0x14, 0x37, 0x41, 0x85, 0x82,
-    0xf4, 0x1b, 0xc7, 0xfc, 0x0e, 0xf0, 0xd6, 0x92, 0x7f, 0x34, 0xd8, 0x3a,
-    0xcd, 0x67, 0xc7, 0x01, 0x33, 0x64, 0x4f, 0xd7, 0x11, 0xdd, 0x5a, 0x65,
-    0x73, 0x1f, 0x9f, 0x02,
-};
-static const struct drbg_kat_no_reseed kat76_nor_t = {
-    0, kat76_nor_entropyin, kat76_nor_nonce, kat76_nor_persstr,
-    kat76_nor_addin0, kat76_nor_addin1, kat76_nor_retbytes
-};
-static const struct drbg_kat kat76_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat76_nor_t
-};
-
-static const unsigned char kat77_nor_entropyin[] = {
-    0xe9, 0x21, 0x00, 0x02, 0x07, 0x34, 0x90, 0x9d, 0x61, 0x09, 0xd2, 0x9c,
-    0xf2, 0xc8, 0x98, 0xb0,
-};
-static const unsigned char kat77_nor_nonce[] = {
-    0x91, 0xfb, 0xd9, 0xa3, 0xa8, 0xed, 0xc3, 0xa4,
-};
-static const unsigned char kat77_nor_persstr[] = {0};
-static const unsigned char kat77_nor_addin0[] = {
-    0x09, 0x80, 0xc7, 0xdb, 0xcf, 0xd0, 0xe7, 0xf7, 0x7a, 0xf8, 0x35, 0xac,
-    0xc7, 0x4a, 0x4b, 0xa3,
-};
-static const unsigned char kat77_nor_addin1[] = {
-    0x3c, 0xbf, 0x47, 0xd4, 0x66, 0x55, 0xa0, 0xce, 0x75, 0xa5, 0xd5, 0x65,
-    0x28, 0x12, 0x7b, 0xc0,
-};
-static const unsigned char kat77_nor_retbytes[] = {
-    0xe7, 0x7c, 0xcc, 0x52, 0x63, 0x62, 0x54, 0x29, 0xce, 0x7e, 0x53, 0x56,
-    0x22, 0x48, 0x1d, 0x0b, 0xef, 0x47, 0x61, 0x41, 0xd1, 0xa0, 0xab, 0xfa,
-    0x7f, 0x69, 0x67, 0xc1, 0x1f, 0x47, 0xf7, 0xa7, 0x0f, 0xa9, 0xbc, 0x70,
-    0x59, 0x8e, 0xce, 0x3f, 0xf2, 0x83, 0xe5, 0xae, 0x04, 0xf1, 0x05, 0x35,
-    0xd3, 0x49, 0xc2, 0x31, 0x34, 0x9a, 0xf8, 0x07, 0x1a, 0x22, 0x32, 0x3a,
-    0x6e, 0x95, 0x10, 0x39,
-};
-static const struct drbg_kat_no_reseed kat77_nor_t = {
-    1, kat77_nor_entropyin, kat77_nor_nonce, kat77_nor_persstr,
-    kat77_nor_addin0, kat77_nor_addin1, kat77_nor_retbytes
-};
-static const struct drbg_kat kat77_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat77_nor_t
-};
-
-static const unsigned char kat78_nor_entropyin[] = {
-    0x09, 0x2f, 0xfe, 0x74, 0x57, 0xd6, 0x17, 0x3e, 0x67, 0x13, 0xb0, 0xaf,
-    0x76, 0x52, 0x1d, 0x82,
-};
-static const unsigned char kat78_nor_nonce[] = {
-    0xd0, 0xb8, 0xca, 0xe6, 0xab, 0x9e, 0x29, 0xac,
-};
-static const unsigned char kat78_nor_persstr[] = {0};
-static const unsigned char kat78_nor_addin0[] = {
-    0xe3, 0x1a, 0xf5, 0xe1, 0x81, 0xc4, 0x34, 0x6e, 0x42, 0x3e, 0xbc, 0x1f,
-    0xf9, 0xf4, 0x6d, 0xdd,
-};
-static const unsigned char kat78_nor_addin1[] = {
-    0x02, 0xb9, 0x49, 0xd1, 0x34, 0xfc, 0x89, 0x68, 0xba, 0x51, 0x8f, 0xda,
-    0x3b, 0x42, 0xc9, 0x7f,
-};
-static const unsigned char kat78_nor_retbytes[] = {
-    0x0b, 0x64, 0xd9, 0xc6, 0x1d, 0x1f, 0x23, 0x44, 0x0c, 0xe5, 0x7d, 0xbf,
-    0x46, 0x5f, 0x8c, 0x62, 0x9a, 0x9f, 0xfe, 0xdd, 0x16, 0x43, 0x99, 0xab,
-    0x84, 0xfc, 0x11, 0x84, 0x66, 0xa5, 0x67, 0x9b, 0xb2, 0xd9, 0xc8, 0x05,
-    0xea, 0x9d, 0x29, 0x49, 0x72, 0x61, 0xea, 0x58, 0xbd, 0x8f, 0xa4, 0x5c,
-    0xf2, 0x4e, 0x21, 0x2c, 0x07, 0x7b, 0xab, 0xa4, 0xd4, 0xe5, 0x73, 0x8b,
-    0xb8, 0x83, 0xc8, 0x83,
-};
-static const struct drbg_kat_no_reseed kat78_nor_t = {
-    2, kat78_nor_entropyin, kat78_nor_nonce, kat78_nor_persstr,
-    kat78_nor_addin0, kat78_nor_addin1, kat78_nor_retbytes
-};
-static const struct drbg_kat kat78_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat78_nor_t
-};
-
-static const unsigned char kat79_nor_entropyin[] = {
-    0xa7, 0xa4, 0x78, 0x41, 0xcf, 0x1a, 0x75, 0xee, 0x96, 0x93, 0x5f, 0x52,
-    0xa3, 0x32, 0x2d, 0x9d,
-};
-static const unsigned char kat79_nor_nonce[] = {
-    0x5b, 0x48, 0xc3, 0xc3, 0x47, 0x39, 0x46, 0x56,
-};
-static const unsigned char kat79_nor_persstr[] = {0};
-static const unsigned char kat79_nor_addin0[] = {
-    0xaa, 0xc2, 0x03, 0x1f, 0x6a, 0xa4, 0x0f, 0x08, 0x75, 0x49, 0x33, 0x70,
-    0x92, 0x7c, 0x7c, 0xa8,
-};
-static const unsigned char kat79_nor_addin1[] = {
-    0x1a, 0x67, 0x44, 0xd0, 0x3f, 0xc2, 0x15, 0x12, 0x94, 0x70, 0x7c, 0x3b,
-    0xce, 0xa8, 0x84, 0x02,
-};
-static const unsigned char kat79_nor_retbytes[] = {
-    0xb4, 0x67, 0x48, 0x67, 0xcb, 0x6c, 0xd4, 0xfa, 0xde, 0x78, 0x46, 0xf4,
-    0x92, 0xbd, 0x9e, 0xca, 0x69, 0xc1, 0x33, 0xf1, 0x17, 0x1c, 0xc6, 0x0b,
-    0x6c, 0xd7, 0x5f, 0x22, 0xe2, 0xba, 0x7e, 0x70, 0x20, 0x7c, 0xa3, 0x8b,
-    0xdc, 0xef, 0x17, 0xac, 0x15, 0xe4, 0x88, 0x49, 0xba, 0x13, 0x0d, 0x5f,
-    0xb8, 0x10, 0x84, 0x4c, 0x25, 0x39, 0xfe, 0xc5, 0x19, 0xc4, 0xfa, 0x97,
-    0x7f, 0xfa, 0x07, 0x38,
-};
-static const struct drbg_kat_no_reseed kat79_nor_t = {
-    3, kat79_nor_entropyin, kat79_nor_nonce, kat79_nor_persstr,
-    kat79_nor_addin0, kat79_nor_addin1, kat79_nor_retbytes
-};
-static const struct drbg_kat kat79_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat79_nor_t
-};
-
-static const unsigned char kat80_nor_entropyin[] = {
-    0x52, 0x89, 0xc3, 0x33, 0xce, 0x1c, 0xee, 0xf5, 0x6a, 0x19, 0xa1, 0x11,
-    0xe9, 0x20, 0x1a, 0x38,
-};
-static const unsigned char kat80_nor_nonce[] = {
-    0xdb, 0xd6, 0xb7, 0x6b, 0x1f, 0xdf, 0x5d, 0x1b,
-};
-static const unsigned char kat80_nor_persstr[] = {0};
-static const unsigned char kat80_nor_addin0[] = {
-    0xf1, 0xfa, 0x6e, 0xc8, 0xca, 0xf9, 0x4f, 0x65, 0xf1, 0x2e, 0x9c, 0x0d,
-    0x8f, 0x57, 0x04, 0xf6,
-};
-static const unsigned char kat80_nor_addin1[] = {
-    0x6e, 0xb6, 0xa5, 0x57, 0xf1, 0x70, 0x18, 0x83, 0x0b, 0x5d, 0x72, 0xb6,
-    0x7d, 0x32, 0x22, 0x63,
-};
-static const unsigned char kat80_nor_retbytes[] = {
-    0x39, 0xec, 0x96, 0xbc, 0x71, 0x6e, 0x1d, 0x21, 0x48, 0x80, 0xd1, 0xf4,
-    0xb8, 0xa9, 0x84, 0xbb, 0x83, 0x39, 0x94, 0x53, 0xec, 0x1e, 0xb9, 0xf3,
-    0x71, 0x28, 0x2d, 0x65, 0x8e, 0x32, 0xd7, 0x39, 0xb4, 0x89, 0xf4, 0xc5,
-    0xee, 0xae, 0x62, 0xa8, 0xfe, 0xe8, 0xe0, 0x84, 0xee, 0xae, 0x6d, 0x01,
-    0xcc, 0xa0, 0xad, 0x80, 0xda, 0x1c, 0x53, 0x23, 0x0f, 0x8a, 0x1f, 0xaf,
-    0x7c, 0x33, 0x5e, 0xdf,
-};
-static const struct drbg_kat_no_reseed kat80_nor_t = {
-    4, kat80_nor_entropyin, kat80_nor_nonce, kat80_nor_persstr,
-    kat80_nor_addin0, kat80_nor_addin1, kat80_nor_retbytes
-};
-static const struct drbg_kat kat80_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat80_nor_t
-};
-
-static const unsigned char kat81_nor_entropyin[] = {
-    0x4f, 0x05, 0xef, 0x26, 0xc6, 0x85, 0x44, 0x4d, 0x6e, 0x65, 0xd8, 0xf2,
-    0x6e, 0x0f, 0x2e, 0xf2,
-};
-static const unsigned char kat81_nor_nonce[] = {
-    0xd0, 0xab, 0x06, 0x6c, 0x7a, 0x49, 0x03, 0xb7,
-};
-static const unsigned char kat81_nor_persstr[] = {0};
-static const unsigned char kat81_nor_addin0[] = {
-    0xd2, 0x75, 0x42, 0x60, 0x43, 0xa8, 0x2d, 0xe2, 0x0f, 0x89, 0xf1, 0xcb,
-    0x2c, 0xff, 0x5c, 0x9b,
-};
-static const unsigned char kat81_nor_addin1[] = {
-    0x02, 0xa3, 0x27, 0x63, 0xed, 0x9a, 0xab, 0x16, 0x72, 0x82, 0xd0, 0xa0,
-    0x97, 0xf3, 0x10, 0x3e,
-};
-static const unsigned char kat81_nor_retbytes[] = {
-    0xaf, 0xa2, 0xd3, 0x7c, 0xc1, 0xc7, 0x9d, 0x20, 0xa6, 0x10, 0x4d, 0x67,
-    0x29, 0xfc, 0x75, 0x44, 0x36, 0x1b, 0x95, 0xd2, 0x36, 0x33, 0x48, 0x7e,
-    0x8b, 0xb2, 0x82, 0xb2, 0x77, 0xe2, 0x5f, 0x8a, 0xd5, 0x31, 0x36, 0x10,
-    0x9b, 0x21, 0xc3, 0x80, 0xaa, 0x05, 0xe4, 0x1d, 0xd9, 0xef, 0xd8, 0xad,
-    0xf4, 0x6b, 0x7d, 0x69, 0x5b, 0xba, 0xf5, 0xb0, 0x30, 0x72, 0x16, 0xa1,
-    0x94, 0xfd, 0x91, 0x28,
-};
-static const struct drbg_kat_no_reseed kat81_nor_t = {
-    5, kat81_nor_entropyin, kat81_nor_nonce, kat81_nor_persstr,
-    kat81_nor_addin0, kat81_nor_addin1, kat81_nor_retbytes
-};
-static const struct drbg_kat kat81_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat81_nor_t
-};
-
-static const unsigned char kat82_nor_entropyin[] = {
-    0x0c, 0x2c, 0xcf, 0xd6, 0x5c, 0x23, 0xbc, 0x06, 0x93, 0xc9, 0xd4, 0x66,
-    0x7a, 0x94, 0x2b, 0x42,
-};
-static const unsigned char kat82_nor_nonce[] = {
-    0xc0, 0x8d, 0x55, 0x22, 0x8f, 0xe8, 0x4b, 0xd7,
-};
-static const unsigned char kat82_nor_persstr[] = {0};
-static const unsigned char kat82_nor_addin0[] = {
-    0xcc, 0x01, 0x7b, 0xb7, 0x96, 0x2d, 0xa6, 0xdb, 0x0f, 0x51, 0x7b, 0xe9,
-    0x18, 0x3f, 0xa6, 0xf4,
-};
-static const unsigned char kat82_nor_addin1[] = {
-    0xc4, 0x24, 0xaa, 0x0c, 0xe8, 0x4a, 0x80, 0x7a, 0x78, 0xb7, 0xb7, 0x32,
-    0x11, 0x3c, 0x22, 0xa1,
-};
-static const unsigned char kat82_nor_retbytes[] = {
-    0xcb, 0x55, 0x6f, 0x6d, 0x22, 0x3a, 0x51, 0xa2, 0x00, 0xd7, 0x35, 0xf2,
-    0xf4, 0xba, 0x21, 0x7a, 0x67, 0x2e, 0xf6, 0xbc, 0x14, 0x51, 0x97, 0x6d,
-    0x1d, 0x05, 0xb4, 0x4a, 0x2c, 0x0d, 0x54, 0x27, 0x8a, 0xf7, 0x47, 0x83,
-    0x79, 0x22, 0xcd, 0x0b, 0x28, 0xd7, 0xaa, 0xa2, 0xa8, 0x7e, 0x23, 0x05,
-    0x5e, 0x18, 0xd6, 0x7d, 0x76, 0xfa, 0x90, 0x72, 0x82, 0x94, 0xab, 0xa4,
-    0xac, 0x36, 0x96, 0x5e,
-};
-static const struct drbg_kat_no_reseed kat82_nor_t = {
-    6, kat82_nor_entropyin, kat82_nor_nonce, kat82_nor_persstr,
-    kat82_nor_addin0, kat82_nor_addin1, kat82_nor_retbytes
-};
-static const struct drbg_kat kat82_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat82_nor_t
-};
-
-static const unsigned char kat83_nor_entropyin[] = {
-    0x3b, 0x74, 0x81, 0x3e, 0xeb, 0xf5, 0xf5, 0xf2, 0xa6, 0xa5, 0xa4, 0xf3,
-    0xf9, 0x07, 0xdc, 0xb8,
-};
-static const unsigned char kat83_nor_nonce[] = {
-    0x35, 0xda, 0xa2, 0xef, 0xda, 0xd8, 0x8f, 0xb8,
-};
-static const unsigned char kat83_nor_persstr[] = {0};
-static const unsigned char kat83_nor_addin0[] = {
-    0x5e, 0x0a, 0xe3, 0x69, 0xb6, 0xe8, 0x50, 0xed, 0x30, 0xf9, 0xae, 0x64,
-    0xfe, 0x10, 0x5a, 0xf3,
-};
-static const unsigned char kat83_nor_addin1[] = {
-    0x3e, 0x69, 0x7b, 0xb2, 0xbf, 0x25, 0x85, 0x26, 0x45, 0xf2, 0xd1, 0x6f,
-    0x67, 0x6f, 0x90, 0x78,
-};
-static const unsigned char kat83_nor_retbytes[] = {
-    0x79, 0x0b, 0x1f, 0x6c, 0xcd, 0xf3, 0x52, 0xde, 0xc0, 0xe5, 0x7f, 0xa0,
-    0xc7, 0x72, 0xc6, 0x4d, 0x77, 0x77, 0xe4, 0xbd, 0xb9, 0xff, 0x8a, 0x91,
-    0xda, 0x01, 0x89, 0x02, 0x20, 0x3d, 0xb5, 0x82, 0xf9, 0x01, 0xc2, 0x0d,
-    0xd2, 0x53, 0x61, 0xdf, 0x22, 0xe7, 0x17, 0x12, 0xa4, 0x97, 0x57, 0x8d,
-    0x22, 0xee, 0xa8, 0x52, 0x46, 0xce, 0xfd, 0x42, 0x5b, 0x08, 0xf1, 0x50,
-    0x74, 0x34, 0x1f, 0x39,
-};
-static const struct drbg_kat_no_reseed kat83_nor_t = {
-    7, kat83_nor_entropyin, kat83_nor_nonce, kat83_nor_persstr,
-    kat83_nor_addin0, kat83_nor_addin1, kat83_nor_retbytes
-};
-static const struct drbg_kat kat83_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat83_nor_t
-};
-
-static const unsigned char kat84_nor_entropyin[] = {
-    0x46, 0x26, 0x07, 0xb2, 0xb7, 0x7b, 0x90, 0x3f, 0xdb, 0xd4, 0x2b, 0xf1,
-    0xd7, 0x7b, 0xc8, 0x1a,
-};
-static const unsigned char kat84_nor_nonce[] = {
-    0xb5, 0x4d, 0x43, 0x00, 0x6a, 0xde, 0x2a, 0x7c,
-};
-static const unsigned char kat84_nor_persstr[] = {0};
-static const unsigned char kat84_nor_addin0[] = {
-    0x61, 0x05, 0xc5, 0xdd, 0xed, 0xcc, 0x74, 0x46, 0x65, 0x91, 0x5e, 0xbe,
-    0x48, 0xad, 0x3b, 0x54,
-};
-static const unsigned char kat84_nor_addin1[] = {
-    0xfd, 0xde, 0xe2, 0x35, 0xc3, 0x7e, 0xd4, 0xbc, 0x21, 0xea, 0xe0, 0x8e,
-    0x61, 0x53, 0x33, 0x1f,
-};
-static const unsigned char kat84_nor_retbytes[] = {
-    0x16, 0x33, 0x9e, 0x91, 0x0e, 0xaf, 0x9b, 0xad, 0x90, 0x4a, 0x7b, 0x3f,
-    0x9b, 0x2e, 0x02, 0x41, 0xd2, 0xb4, 0x66, 0x5d, 0x1f, 0x9c, 0x76, 0x55,
-    0xf9, 0x21, 0x7e, 0x34, 0x25, 0x3a, 0xcc, 0x33, 0x0d, 0xfc, 0x98, 0x81,
-    0x7d, 0x97, 0x81, 0x86, 0xf8, 0xad, 0x77, 0xb1, 0x0f, 0x38, 0xdd, 0x72,
-    0xf4, 0x71, 0xb4, 0x61, 0x5b, 0x28, 0xf3, 0xa3, 0x9c, 0x40, 0x66, 0x23,
-    0xea, 0x5d, 0x63, 0x77,
-};
-static const struct drbg_kat_no_reseed kat84_nor_t = {
-    8, kat84_nor_entropyin, kat84_nor_nonce, kat84_nor_persstr,
-    kat84_nor_addin0, kat84_nor_addin1, kat84_nor_retbytes
-};
-static const struct drbg_kat kat84_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat84_nor_t
-};
-
-static const unsigned char kat85_nor_entropyin[] = {
-    0xba, 0x2e, 0xa9, 0x9b, 0x79, 0x2b, 0xde, 0xe8, 0xbd, 0xba, 0xf9, 0xc0,
-    0x5a, 0xb7, 0xb6, 0x33,
-};
-static const unsigned char kat85_nor_nonce[] = {
-    0x44, 0x53, 0x34, 0x46, 0x44, 0xd4, 0x34, 0xa5,
-};
-static const unsigned char kat85_nor_persstr[] = {0};
-static const unsigned char kat85_nor_addin0[] = {
-    0x81, 0x72, 0x7d, 0x30, 0xd6, 0x4a, 0xe0, 0x7f, 0xf6, 0x15, 0x69, 0xfc,
-    0x7a, 0x35, 0x0c, 0xcc,
-};
-static const unsigned char kat85_nor_addin1[] = {
-    0x65, 0x56, 0xf6, 0x2f, 0x75, 0xd5, 0x26, 0x84, 0x93, 0xcc, 0xa5, 0x12,
-    0x01, 0x14, 0x93, 0x4c,
-};
-static const unsigned char kat85_nor_retbytes[] = {
-    0x2a, 0x3b, 0x39, 0x87, 0x02, 0xbc, 0x5f, 0xff, 0xd9, 0x14, 0xf9, 0x16,
-    0x72, 0xaa, 0x05, 0xbe, 0xb6, 0x87, 0x82, 0xe0, 0xa6, 0x22, 0xf6, 0x7b,
-    0x21, 0x82, 0x6c, 0x23, 0x32, 0x6c, 0x50, 0x78, 0xcc, 0xda, 0x6a, 0xa3,
-    0xdb, 0x01, 0x4c, 0xec, 0x56, 0xa0, 0x65, 0x63, 0x6b, 0x80, 0x57, 0xe8,
-    0x12, 0xa6, 0xf4, 0xb7, 0xc6, 0xc4, 0xde, 0x6e, 0x9f, 0x06, 0xaa, 0x53,
-    0x77, 0xb2, 0x8b, 0xe6,
-};
-static const struct drbg_kat_no_reseed kat85_nor_t = {
-    9, kat85_nor_entropyin, kat85_nor_nonce, kat85_nor_persstr,
-    kat85_nor_addin0, kat85_nor_addin1, kat85_nor_retbytes
-};
-static const struct drbg_kat kat85_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat85_nor_t
-};
-
-static const unsigned char kat86_nor_entropyin[] = {
-    0x61, 0xcf, 0x4e, 0x09, 0xd9, 0xa4, 0x6a, 0xf3, 0x18, 0xc7, 0x06, 0x42,
-    0x5c, 0xd3, 0x50, 0xfb,
-};
-static const unsigned char kat86_nor_nonce[] = {
-    0x28, 0xec, 0x9c, 0x4a, 0xe9, 0x8f, 0x05, 0x74,
-};
-static const unsigned char kat86_nor_persstr[] = {0};
-static const unsigned char kat86_nor_addin0[] = {
-    0x7f, 0xc3, 0xbf, 0x8a, 0xd3, 0x3e, 0x59, 0x61, 0x74, 0x5b, 0xb2, 0xae,
-    0x7c, 0x39, 0x9b, 0xa0,
-};
-static const unsigned char kat86_nor_addin1[] = {
-    0x31, 0x35, 0x71, 0xd3, 0x0d, 0xc5, 0x90, 0x9a, 0x03, 0x38, 0x8c, 0x69,
-    0x3f, 0x4e, 0xf9, 0x4c,
-};
-static const unsigned char kat86_nor_retbytes[] = {
-    0xd2, 0x25, 0xf0, 0xc6, 0x5e, 0x9a, 0xe8, 0xc3, 0x64, 0x93, 0xb0, 0x09,
-    0x47, 0x6f, 0x5a, 0x56, 0x36, 0xd4, 0x52, 0x54, 0x4c, 0xe1, 0x6b, 0x99,
-    0x1c, 0x73, 0xd6, 0xea, 0xe5, 0xef, 0x5e, 0xff, 0x3b, 0x74, 0xe0, 0x03,
-    0x28, 0xf8, 0x7f, 0x20, 0x30, 0xf3, 0xdf, 0x53, 0xb2, 0xfc, 0x26, 0x47,
-    0xd6, 0x3a, 0x28, 0xe5, 0xc7, 0xb5, 0x83, 0x44, 0xed, 0x99, 0xc5, 0xd0,
-    0xbc, 0x62, 0x93, 0xb4,
-};
-static const struct drbg_kat_no_reseed kat86_nor_t = {
-    10, kat86_nor_entropyin, kat86_nor_nonce, kat86_nor_persstr,
-    kat86_nor_addin0, kat86_nor_addin1, kat86_nor_retbytes
-};
-static const struct drbg_kat kat86_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat86_nor_t
-};
-
-static const unsigned char kat87_nor_entropyin[] = {
-    0xdd, 0x6c, 0x7d, 0xba, 0xc4, 0xfc, 0x4c, 0x8d, 0x9c, 0x69, 0xce, 0x4d,
-    0xcf, 0x43, 0xb6, 0x67,
-};
-static const unsigned char kat87_nor_nonce[] = {
-    0x83, 0x26, 0x16, 0x1c, 0x2a, 0xac, 0x48, 0x06,
-};
-static const unsigned char kat87_nor_persstr[] = {0};
-static const unsigned char kat87_nor_addin0[] = {
-    0xcf, 0x95, 0x9f, 0x9e, 0x93, 0x89, 0x09, 0xd9, 0x5c, 0x47, 0x25, 0xdc,
-    0x39, 0xd7, 0xef, 0xd7,
-};
-static const unsigned char kat87_nor_addin1[] = {
-    0xe4, 0x37, 0xd2, 0x26, 0xc4, 0x02, 0x68, 0xcb, 0x9f, 0x63, 0x94, 0x5c,
-    0xbc, 0xe5, 0x4b, 0x2d,
-};
-static const unsigned char kat87_nor_retbytes[] = {
-    0x90, 0xdd, 0xc5, 0x3c, 0x48, 0x04, 0x1f, 0x0c, 0x45, 0x01, 0xff, 0xee,
-    0x61, 0x7b, 0x3a, 0x35, 0x83, 0xcb, 0xf5, 0x1a, 0x4c, 0x45, 0xad, 0x7b,
-    0xa5, 0xb3, 0xdd, 0x34, 0x65, 0xff, 0x13, 0x92, 0xbd, 0x2e, 0xb4, 0x65,
-    0x1a, 0xc2, 0x2a, 0x34, 0xa0, 0xf5, 0x37, 0x72, 0x01, 0x27, 0x12, 0xf2,
-    0x39, 0x31, 0xba, 0x8f, 0x0a, 0x3b, 0x74, 0xfa, 0xe0, 0xa1, 0x6b, 0xd4,
-    0xa1, 0x88, 0x35, 0x13,
-};
-static const struct drbg_kat_no_reseed kat87_nor_t = {
-    11, kat87_nor_entropyin, kat87_nor_nonce, kat87_nor_persstr,
-    kat87_nor_addin0, kat87_nor_addin1, kat87_nor_retbytes
-};
-static const struct drbg_kat kat87_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat87_nor_t
-};
-
-static const unsigned char kat88_nor_entropyin[] = {
-    0xdf, 0x4f, 0xef, 0xc1, 0xc3, 0xd4, 0x03, 0xfb, 0x17, 0x9b, 0x9b, 0x95,
-    0x77, 0x53, 0x81, 0xe3,
-};
-static const unsigned char kat88_nor_nonce[] = {
-    0xd6, 0x84, 0x83, 0xae, 0xe4, 0x2c, 0xfc, 0x00,
-};
-static const unsigned char kat88_nor_persstr[] = {0};
-static const unsigned char kat88_nor_addin0[] = {
-    0xe8, 0x77, 0xeb, 0x37, 0x51, 0xe2, 0xba, 0xfe, 0xa0, 0x33, 0xac, 0x8c,
-    0xc5, 0xba, 0x66, 0xf6,
-};
-static const unsigned char kat88_nor_addin1[] = {
-    0x79, 0x56, 0x87, 0x40, 0x22, 0xb5, 0x0a, 0xa0, 0x32, 0xba, 0xfa, 0x29,
-    0xe7, 0x21, 0xf3, 0x56,
-};
-static const unsigned char kat88_nor_retbytes[] = {
-    0x6a, 0xda, 0x06, 0x20, 0xd4, 0x29, 0xcd, 0x38, 0x75, 0x4e, 0x55, 0x9a,
-    0x2e, 0xb8, 0x8c, 0x08, 0x26, 0x6c, 0xd9, 0xcb, 0xac, 0x24, 0x48, 0xb2,
-    0xb8, 0xa0, 0x5d, 0x92, 0x7d, 0xa1, 0x72, 0x59, 0x19, 0x9d, 0xbc, 0xc5,
-    0xeb, 0x0b, 0x7a, 0xde, 0xe6, 0x1c, 0x60, 0x74, 0xae, 0x2e, 0x7a, 0xf6,
-    0xb2, 0xc9, 0xb1, 0xfd, 0x52, 0x89, 0xfb, 0xc3, 0xd9, 0xbe, 0x30, 0x85,
-    0x84, 0xd0, 0xae, 0x4a,
-};
-static const struct drbg_kat_no_reseed kat88_nor_t = {
-    12, kat88_nor_entropyin, kat88_nor_nonce, kat88_nor_persstr,
-    kat88_nor_addin0, kat88_nor_addin1, kat88_nor_retbytes
-};
-static const struct drbg_kat kat88_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat88_nor_t
-};
-
-static const unsigned char kat89_nor_entropyin[] = {
-    0x62, 0x0e, 0xa3, 0x17, 0x34, 0x4d, 0x86, 0x85, 0x8d, 0x64, 0xf6, 0xbb,
-    0x05, 0xd4, 0x47, 0x97,
-};
-static const unsigned char kat89_nor_nonce[] = {
-    0xf6, 0xdd, 0xc5, 0x84, 0x4f, 0xbd, 0x73, 0x9e,
-};
-static const unsigned char kat89_nor_persstr[] = {0};
-static const unsigned char kat89_nor_addin0[] = {
-    0x3c, 0xcf, 0xb0, 0x69, 0xef, 0x27, 0xf8, 0x64, 0xe3, 0xb7, 0x31, 0xd9,
-    0x4c, 0x3f, 0x2c, 0x6c,
-};
-static const unsigned char kat89_nor_addin1[] = {
-    0x80, 0x85, 0x7d, 0x3f, 0x59, 0x8b, 0x1b, 0x16, 0x01, 0x4e, 0x6a, 0x35,
-    0x49, 0xa2, 0xd2, 0x2c,
-};
-static const unsigned char kat89_nor_retbytes[] = {
-    0xd7, 0xa7, 0x87, 0xbe, 0xeb, 0x7e, 0xfc, 0x9c, 0x58, 0x4f, 0x93, 0x34,
-    0x55, 0x33, 0xa5, 0x99, 0xed, 0x61, 0x5e, 0xb2, 0x13, 0x6b, 0x8f, 0xb8,
-    0x74, 0xa7, 0xf5, 0xa7, 0x1a, 0xea, 0x98, 0xf8, 0x0c, 0x56, 0x92, 0x30,
-    0x98, 0x56, 0x7a, 0xa3, 0xb4, 0xc3, 0x16, 0x96, 0x82, 0x6f, 0x08, 0x16,
-    0x76, 0xa3, 0xce, 0xed, 0x1d, 0x91, 0x4c, 0x94, 0x9d, 0x54, 0x23, 0x90,
-    0xb6, 0x99, 0xd3, 0xfe,
-};
-static const struct drbg_kat_no_reseed kat89_nor_t = {
-    13, kat89_nor_entropyin, kat89_nor_nonce, kat89_nor_persstr,
-    kat89_nor_addin0, kat89_nor_addin1, kat89_nor_retbytes
-};
-static const struct drbg_kat kat89_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat89_nor_t
-};
-
-static const unsigned char kat90_nor_entropyin[] = {
-    0xd8, 0xba, 0x9d, 0x16, 0xa0, 0x07, 0x0f, 0xbd, 0xf5, 0x10, 0x9d, 0x3c,
-    0x1e, 0xd8, 0x59, 0x16,
-};
-static const unsigned char kat90_nor_nonce[] = {
-    0x29, 0xce, 0x07, 0xdd, 0xa6, 0x1b, 0x50, 0x14,
-};
-static const unsigned char kat90_nor_persstr[] = {0};
-static const unsigned char kat90_nor_addin0[] = {
-    0x16, 0x0a, 0xd7, 0x76, 0x75, 0xc6, 0x4c, 0x74, 0x87, 0xee, 0xdb, 0x34,
-    0x34, 0x37, 0x00, 0xc0,
-};
-static const unsigned char kat90_nor_addin1[] = {
-    0x16, 0x32, 0x54, 0x60, 0x58, 0xf1, 0x9e, 0xe1, 0xb8, 0x49, 0xe5, 0xd2,
-    0x7e, 0x2d, 0x75, 0x5a,
-};
-static const unsigned char kat90_nor_retbytes[] = {
-    0xe0, 0x5c, 0x62, 0xcb, 0xef, 0xaf, 0x03, 0x80, 0x43, 0xd4, 0x9c, 0x97,
-    0x6b, 0xa8, 0x55, 0x21, 0xc2, 0x06, 0x71, 0xd9, 0xf8, 0x1c, 0xeb, 0xf5,
-    0xa8, 0x75, 0x81, 0x65, 0x9e, 0x3d, 0x18, 0x19, 0x90, 0x8e, 0x84, 0xec,
-    0x01, 0x93, 0xa5, 0x30, 0xf3, 0x10, 0xcc, 0x35, 0x44, 0xba, 0x90, 0xad,
-    0x92, 0xa6, 0xc9, 0x9d, 0x3a, 0x1a, 0xf5, 0x5b, 0x5a, 0xed, 0x72, 0x87,
-    0x1d, 0xb8, 0x90, 0x02,
-};
-static const struct drbg_kat_no_reseed kat90_nor_t = {
-    14, kat90_nor_entropyin, kat90_nor_nonce, kat90_nor_persstr,
-    kat90_nor_addin0, kat90_nor_addin1, kat90_nor_retbytes
-};
-static const struct drbg_kat kat90_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat90_nor_t
-};
-
-static const unsigned char kat91_nor_entropyin[] = {
-    0x0a, 0xf1, 0x3f, 0x64, 0x59, 0x02, 0xaf, 0x49, 0xe9, 0xa7, 0xce, 0xd6,
-    0xe3, 0x6a, 0x21, 0x0d,
-};
-static const unsigned char kat91_nor_nonce[] = {
-    0xc3, 0xbf, 0xf2, 0x91, 0xa1, 0x1a, 0xc4, 0x97,
-};
-static const unsigned char kat91_nor_persstr[] = {
-    0xe8, 0xf1, 0xd1, 0xb4, 0x73, 0x1c, 0x4d, 0x57, 0xd7, 0xea, 0xd9, 0xc2,
-    0xf6, 0x00, 0xfd, 0xc6,
-};
-static const unsigned char kat91_nor_addin0[] = {0};
-static const unsigned char kat91_nor_addin1[] = {0};
-static const unsigned char kat91_nor_retbytes[] = {
-    0xac, 0x6f, 0x94, 0x5a, 0x4b, 0x9f, 0xd3, 0xb4, 0x7c, 0x74, 0x37, 0x9e,
-    0xb1, 0xf2, 0xa7, 0xbb, 0xed, 0xf8, 0xee, 0xc6, 0x8e, 0xfd, 0x3c, 0x7a,
-    0x6c, 0xf6, 0x8c, 0x54, 0xae, 0x7a, 0x3f, 0x7b, 0xe7, 0x28, 0x0f, 0x45,
-    0x9c, 0x2e, 0x0b, 0x72, 0xaf, 0xa4, 0x5c, 0xeb, 0xbe, 0xbb, 0xa1, 0x7c,
-    0x86, 0x7e, 0x96, 0x11, 0xc8, 0x96, 0xa5, 0x7d, 0x51, 0x5b, 0xeb, 0x06,
-    0xa7, 0xb9, 0x1f, 0x4c,
-};
-static const struct drbg_kat_no_reseed kat91_nor_t = {
-    0, kat91_nor_entropyin, kat91_nor_nonce, kat91_nor_persstr,
-    kat91_nor_addin0, kat91_nor_addin1, kat91_nor_retbytes
-};
-static const struct drbg_kat kat91_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat91_nor_t
-};
-
-static const unsigned char kat92_nor_entropyin[] = {
-    0x0e, 0x11, 0x3f, 0x47, 0xf2, 0xfc, 0x76, 0xe8, 0x3e, 0x2d, 0x13, 0xd5,
-    0x72, 0x24, 0x56, 0x08,
-};
-static const unsigned char kat92_nor_nonce[] = {
-    0x5f, 0xf8, 0x5c, 0xc6, 0xa5, 0x34, 0xf1, 0x5a,
-};
-static const unsigned char kat92_nor_persstr[] = {
-    0x50, 0x25, 0x06, 0x68, 0xe5, 0x9d, 0xe3, 0x5f, 0xde, 0x91, 0xe0, 0x8f,
-    0xe1, 0x84, 0x84, 0xab,
-};
-static const unsigned char kat92_nor_addin0[] = {0};
-static const unsigned char kat92_nor_addin1[] = {0};
-static const unsigned char kat92_nor_retbytes[] = {
-    0xdc, 0xc6, 0x4a, 0x96, 0x6a, 0x52, 0xd6, 0x00, 0x8d, 0xbe, 0x07, 0xa2,
-    0x48, 0x4b, 0xca, 0xad, 0x67, 0xb2, 0x54, 0xd6, 0xf2, 0x46, 0xe4, 0x50,
-    0x1d, 0x98, 0x64, 0xb6, 0x4a, 0xd8, 0xb7, 0xed, 0xf1, 0x0f, 0xdb, 0xc6,
-    0xdd, 0xc4, 0x14, 0xa9, 0xb4, 0x31, 0xb0, 0x58, 0xa7, 0xee, 0x5c, 0xed,
-    0x23, 0xf7, 0xa6, 0xac, 0x7e, 0xea, 0x0f, 0xe6, 0x13, 0x1c, 0x9e, 0xb7,
-    0x41, 0x2e, 0x68, 0xdf,
-};
-static const struct drbg_kat_no_reseed kat92_nor_t = {
-    1, kat92_nor_entropyin, kat92_nor_nonce, kat92_nor_persstr,
-    kat92_nor_addin0, kat92_nor_addin1, kat92_nor_retbytes
-};
-static const struct drbg_kat kat92_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat92_nor_t
-};
-
-static const unsigned char kat93_nor_entropyin[] = {
-    0x16, 0xd2, 0xa2, 0x33, 0xf0, 0x49, 0x7c, 0x75, 0x1d, 0xdd, 0x85, 0xef,
-    0x7c, 0xd8, 0x62, 0xe6,
-};
-static const unsigned char kat93_nor_nonce[] = {
-    0x7e, 0x7e, 0x1a, 0xab, 0x1b, 0x82, 0x67, 0x5d,
-};
-static const unsigned char kat93_nor_persstr[] = {
-    0x15, 0xf8, 0x1e, 0x40, 0xa2, 0x49, 0x3b, 0x85, 0x9c, 0xce, 0xd3, 0x3c,
-    0xdf, 0x7b, 0x75, 0x90,
-};
-static const unsigned char kat93_nor_addin0[] = {0};
-static const unsigned char kat93_nor_addin1[] = {0};
-static const unsigned char kat93_nor_retbytes[] = {
-    0xc5, 0x20, 0x97, 0xd2, 0xd0, 0x09, 0xdc, 0xe7, 0xcb, 0xd4, 0x6d, 0x74,
-    0x0d, 0xe5, 0x4d, 0x70, 0xc0, 0x73, 0x2f, 0x96, 0xfa, 0xc0, 0xbd, 0x16,
-    0x9f, 0x38, 0x56, 0xe5, 0x0f, 0x9e, 0x46, 0x01, 0x67, 0x25, 0x38, 0xb2,
-    0x3f, 0x37, 0x1f, 0x78, 0x0e, 0x61, 0xe8, 0x2f, 0x2d, 0xb9, 0x9e, 0xf3,
-    0x83, 0x40, 0x08, 0xaa, 0xdc, 0x26, 0xc2, 0x78, 0x55, 0xa6, 0x86, 0x96,
-    0xee, 0x81, 0x2c, 0x9c,
-};
-static const struct drbg_kat_no_reseed kat93_nor_t = {
-    2, kat93_nor_entropyin, kat93_nor_nonce, kat93_nor_persstr,
-    kat93_nor_addin0, kat93_nor_addin1, kat93_nor_retbytes
-};
-static const struct drbg_kat kat93_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat93_nor_t
-};
-
-static const unsigned char kat94_nor_entropyin[] = {
-    0xea, 0x36, 0x89, 0x1e, 0x0d, 0x64, 0x26, 0x94, 0x5a, 0x6e, 0x1f, 0x33,
-    0x8c, 0x86, 0xca, 0x4b,
-};
-static const unsigned char kat94_nor_nonce[] = {
-    0x89, 0x69, 0x66, 0x60, 0x0e, 0x85, 0xd3, 0xda,
-};
-static const unsigned char kat94_nor_persstr[] = {
-    0xb8, 0xc7, 0x01, 0xa1, 0x1e, 0x7c, 0x00, 0x8e, 0x37, 0xc2, 0x32, 0x62,
-    0x7c, 0x24, 0xb6, 0xd1,
-};
-static const unsigned char kat94_nor_addin0[] = {0};
-static const unsigned char kat94_nor_addin1[] = {0};
-static const unsigned char kat94_nor_retbytes[] = {
-    0x44, 0x63, 0x60, 0xf1, 0x6b, 0x1e, 0x59, 0xa8, 0x25, 0x96, 0xe6, 0x1d,
-    0xf2, 0x3a, 0xf1, 0x8f, 0x5a, 0x95, 0xb7, 0xd8, 0xb7, 0xdd, 0x61, 0x72,
-    0xf3, 0x57, 0x5d, 0x45, 0x25, 0x13, 0x86, 0xb0, 0x4b, 0x69, 0x78, 0x5b,
-    0xa4, 0x4a, 0x75, 0xeb, 0x2a, 0x54, 0x15, 0x71, 0x3a, 0x84, 0x36, 0x5c,
-    0xac, 0x81, 0xb3, 0x0d, 0xf0, 0xb4, 0x8a, 0x61, 0x09, 0x77, 0xfe, 0x69,
-    0x61, 0xe7, 0xee, 0x8a,
-};
-static const struct drbg_kat_no_reseed kat94_nor_t = {
-    3, kat94_nor_entropyin, kat94_nor_nonce, kat94_nor_persstr,
-    kat94_nor_addin0, kat94_nor_addin1, kat94_nor_retbytes
-};
-static const struct drbg_kat kat94_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat94_nor_t
-};
-
-static const unsigned char kat95_nor_entropyin[] = {
-    0x3f, 0x41, 0x38, 0xd8, 0x4d, 0x7a, 0xbd, 0x13, 0xbb, 0xe1, 0x5e, 0x18,
-    0xb2, 0x92, 0xf1, 0x5f,
-};
-static const unsigned char kat95_nor_nonce[] = {
-    0x34, 0x62, 0xe5, 0x2e, 0x82, 0xf2, 0x86, 0x53,
-};
-static const unsigned char kat95_nor_persstr[] = {
-    0x24, 0xc5, 0x17, 0x70, 0x84, 0x95, 0x1c, 0xf5, 0x32, 0xf2, 0x43, 0x2a,
-    0x18, 0x82, 0x59, 0x6f,
-};
-static const unsigned char kat95_nor_addin0[] = {0};
-static const unsigned char kat95_nor_addin1[] = {0};
-static const unsigned char kat95_nor_retbytes[] = {
-    0xba, 0x2c, 0xa1, 0xe4, 0x43, 0xc7, 0x5d, 0x55, 0xc4, 0x20, 0x65, 0xba,
-    0x91, 0xf7, 0x7d, 0xb5, 0xb8, 0xde, 0x6c, 0x34, 0x2b, 0x65, 0xa2, 0xc1,
-    0x49, 0x44, 0x59, 0x79, 0xff, 0x26, 0x3e, 0x9d, 0x01, 0x8f, 0x56, 0x44,
-    0x30, 0xfe, 0x1e, 0xdb, 0x48, 0xb4, 0x03, 0xce, 0xf2, 0x3f, 0x86, 0x0e,
-    0xa2, 0x71, 0x46, 0xd8, 0x51, 0x18, 0x43, 0xe0, 0xa3, 0x9f, 0xf3, 0x37,
-    0xba, 0x74, 0xd2, 0x21,
-};
-static const struct drbg_kat_no_reseed kat95_nor_t = {
-    4, kat95_nor_entropyin, kat95_nor_nonce, kat95_nor_persstr,
-    kat95_nor_addin0, kat95_nor_addin1, kat95_nor_retbytes
-};
-static const struct drbg_kat kat95_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat95_nor_t
-};
-
-static const unsigned char kat96_nor_entropyin[] = {
-    0xa6, 0xae, 0xf8, 0x0f, 0xab, 0x61, 0xe2, 0x7e, 0xf6, 0x11, 0xb8, 0x6f,
-    0x92, 0x4e, 0x97, 0x6c,
-};
-static const unsigned char kat96_nor_nonce[] = {
-    0x74, 0x27, 0x8f, 0x50, 0x23, 0xc2, 0x55, 0x2c,
-};
-static const unsigned char kat96_nor_persstr[] = {
-    0xa3, 0x85, 0x16, 0x79, 0xe1, 0x12, 0x94, 0x82, 0x01, 0x39, 0x6d, 0x98,
-    0xd6, 0xbe, 0x5c, 0x13,
-};
-static const unsigned char kat96_nor_addin0[] = {0};
-static const unsigned char kat96_nor_addin1[] = {0};
-static const unsigned char kat96_nor_retbytes[] = {
-    0x68, 0x57, 0x26, 0x82, 0x7f, 0x3d, 0x38, 0x42, 0x7d, 0x07, 0xdf, 0xcf,
-    0xb6, 0x4a, 0x7f, 0x95, 0xb6, 0xf0, 0x6e, 0xf0, 0x1c, 0xed, 0x28, 0x1d,
-    0xce, 0x7f, 0x41, 0x30, 0x34, 0x12, 0x36, 0x11, 0x24, 0x36, 0x2b, 0xa5,
-    0x1c, 0xe8, 0xd2, 0x55, 0x2a, 0xf0, 0x54, 0xa2, 0x0f, 0xda, 0xc9, 0x4e,
-    0x51, 0x69, 0x16, 0x5b, 0x71, 0x52, 0x67, 0x63, 0x8c, 0x1e, 0x0b, 0x9b,
-    0x34, 0x52, 0xb5, 0xb7,
-};
-static const struct drbg_kat_no_reseed kat96_nor_t = {
-    5, kat96_nor_entropyin, kat96_nor_nonce, kat96_nor_persstr,
-    kat96_nor_addin0, kat96_nor_addin1, kat96_nor_retbytes
-};
-static const struct drbg_kat kat96_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat96_nor_t
-};
-
-static const unsigned char kat97_nor_entropyin[] = {
-    0x01, 0x64, 0xae, 0x53, 0xe5, 0x33, 0xf2, 0xf1, 0x22, 0x2d, 0x4a, 0xa2,
-    0x72, 0x76, 0x81, 0x4c,
-};
-static const unsigned char kat97_nor_nonce[] = {
-    0x26, 0x05, 0xf5, 0x89, 0xcb, 0x1b, 0xea, 0x9c,
-};
-static const unsigned char kat97_nor_persstr[] = {
-    0x9d, 0xe7, 0x03, 0xa5, 0xe2, 0xbb, 0xf2, 0xe5, 0x3d, 0x0f, 0xe3, 0xb5,
-    0x73, 0xf5, 0x2a, 0xcf,
-};
-static const unsigned char kat97_nor_addin0[] = {0};
-static const unsigned char kat97_nor_addin1[] = {0};
-static const unsigned char kat97_nor_retbytes[] = {
-    0xfd, 0x7f, 0x64, 0x62, 0x2e, 0x87, 0xde, 0x3b, 0x66, 0xe1, 0x99, 0x30,
-    0xcf, 0x4c, 0xcd, 0xc3, 0xe6, 0x72, 0xf5, 0xa4, 0xde, 0xf0, 0xda, 0xdd,
-    0xb3, 0x71, 0x07, 0x43, 0x0e, 0xc7, 0xf6, 0x91, 0xc6, 0x32, 0x15, 0x45,
-    0x10, 0x3c, 0x2a, 0x61, 0x4d, 0x7f, 0x0f, 0x33, 0x17, 0x3b, 0xde, 0xc4,
-    0x20, 0x58, 0x58, 0x22, 0xcd, 0xa8, 0xc2, 0x72, 0x20, 0x19, 0x22, 0xb6,
-    0x02, 0xf5, 0xd8, 0xa7,
-};
-static const struct drbg_kat_no_reseed kat97_nor_t = {
-    6, kat97_nor_entropyin, kat97_nor_nonce, kat97_nor_persstr,
-    kat97_nor_addin0, kat97_nor_addin1, kat97_nor_retbytes
-};
-static const struct drbg_kat kat97_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat97_nor_t
-};
-
-static const unsigned char kat98_nor_entropyin[] = {
-    0x29, 0xdc, 0x8b, 0xad, 0x50, 0x0c, 0xce, 0x29, 0x5b, 0x9e, 0x86, 0xb2,
-    0x15, 0x9c, 0x6d, 0xcd,
-};
-static const unsigned char kat98_nor_nonce[] = {
-    0xb6, 0x9a, 0x5a, 0x77, 0x69, 0x4f, 0xc4, 0xa0,
-};
-static const unsigned char kat98_nor_persstr[] = {
-    0xc5, 0x3b, 0x13, 0xaf, 0xbf, 0x21, 0xf1, 0x7e, 0xe9, 0xf4, 0xdd, 0x7c,
-    0x09, 0x93, 0xe0, 0xf9,
-};
-static const unsigned char kat98_nor_addin0[] = {0};
-static const unsigned char kat98_nor_addin1[] = {0};
-static const unsigned char kat98_nor_retbytes[] = {
-    0x08, 0xc9, 0x7d, 0x63, 0x8b, 0x5d, 0x82, 0x59, 0x93, 0x10, 0x32, 0x5d,
-    0x3b, 0x1e, 0x63, 0x27, 0x74, 0x1c, 0xd9, 0x18, 0x87, 0xd6, 0x58, 0xb5,
-    0xd8, 0x15, 0xee, 0xed, 0x7a, 0x72, 0xab, 0x86, 0xe2, 0xfa, 0x17, 0xe9,
-    0xd0, 0x13, 0xe1, 0x7a, 0x92, 0x14, 0xd6, 0x39, 0x6a, 0xc1, 0x48, 0x1f,
-    0x76, 0x88, 0x30, 0xa4, 0xd8, 0xc4, 0xfc, 0x39, 0x20, 0x12, 0xe9, 0x07,
-    0x64, 0x34, 0x93, 0x9f,
-};
-static const struct drbg_kat_no_reseed kat98_nor_t = {
-    7, kat98_nor_entropyin, kat98_nor_nonce, kat98_nor_persstr,
-    kat98_nor_addin0, kat98_nor_addin1, kat98_nor_retbytes
-};
-static const struct drbg_kat kat98_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat98_nor_t
-};
-
-static const unsigned char kat99_nor_entropyin[] = {
-    0xb3, 0xae, 0xe2, 0xcf, 0x80, 0xe3, 0xd0, 0x5a, 0xed, 0xa0, 0xe0, 0x1c,
-    0xf6, 0x5e, 0xa9, 0x65,
-};
-static const unsigned char kat99_nor_nonce[] = {
-    0x24, 0xb5, 0x8b, 0x7c, 0x6a, 0x99, 0xeb, 0x2a,
-};
-static const unsigned char kat99_nor_persstr[] = {
-    0x73, 0x44, 0x04, 0x3c, 0x84, 0x91, 0x5b, 0xcd, 0xd6, 0xd8, 0x1f, 0x3f,
-    0xe2, 0x3b, 0xa2, 0x73,
-};
-static const unsigned char kat99_nor_addin0[] = {0};
-static const unsigned char kat99_nor_addin1[] = {0};
-static const unsigned char kat99_nor_retbytes[] = {
-    0xbe, 0x35, 0x3c, 0xf8, 0x32, 0xe8, 0x46, 0x44, 0x4a, 0xf0, 0x01, 0x5e,
-    0xd0, 0x5d, 0x54, 0xb7, 0x2c, 0x9a, 0x1a, 0x02, 0x31, 0xf2, 0xa4, 0xc4,
-    0x75, 0x61, 0x17, 0x46, 0xef, 0x86, 0x10, 0x29, 0xe1, 0x88, 0x42, 0xc1,
-    0xb7, 0x61, 0x48, 0xd2, 0xa3, 0xeb, 0x01, 0x74, 0xa3, 0x0c, 0xad, 0x81,
-    0xb5, 0x58, 0xd0, 0xd1, 0xe0, 0x1a, 0x8c, 0x7d, 0xd5, 0x10, 0xf0, 0xb5,
-    0x6f, 0x1f, 0xdd, 0xc3,
-};
-static const struct drbg_kat_no_reseed kat99_nor_t = {
-    8, kat99_nor_entropyin, kat99_nor_nonce, kat99_nor_persstr,
-    kat99_nor_addin0, kat99_nor_addin1, kat99_nor_retbytes
-};
-static const struct drbg_kat kat99_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat99_nor_t
-};
-
-static const unsigned char kat100_nor_entropyin[] = {
-    0xa5, 0x25, 0xf6, 0x91, 0x65, 0xc4, 0x4f, 0x3a, 0x8a, 0xf8, 0x08, 0x57,
-    0xa5, 0xe8, 0x74, 0xb0,
-};
-static const unsigned char kat100_nor_nonce[] = {
-    0x0c, 0x80, 0x6a, 0x40, 0xc1, 0xdc, 0xb7, 0xcc,
-};
-static const unsigned char kat100_nor_persstr[] = {
-    0x43, 0x12, 0xc2, 0x30, 0x9a, 0x1d, 0xfe, 0x2d, 0x9a, 0x66, 0xf5, 0xc1,
-    0x8f, 0xc4, 0x0b, 0x87,
-};
-static const unsigned char kat100_nor_addin0[] = {0};
-static const unsigned char kat100_nor_addin1[] = {0};
-static const unsigned char kat100_nor_retbytes[] = {
-    0xd0, 0xb4, 0x6f, 0x7e, 0x18, 0x77, 0xdb, 0x24, 0x4f, 0xf4, 0xe0, 0xae,
-    0xb6, 0x4c, 0x4e, 0xfa, 0x3e, 0x8c, 0x2a, 0x86, 0x62, 0x41, 0x5c, 0xf5,
-    0xba, 0x67, 0xf2, 0xdc, 0x91, 0xe8, 0x23, 0x10, 0xa6, 0xa9, 0x33, 0xc4,
-    0xdf, 0x6a, 0x40, 0x2f, 0x8f, 0xae, 0x27, 0x0b, 0x22, 0x9b, 0xf2, 0x54,
-    0xcd, 0x35, 0x94, 0x3a, 0x13, 0x34, 0x09, 0x79, 0x37, 0x66, 0x69, 0x11,
-    0x9e, 0x0e, 0x5c, 0xf8,
-};
-static const struct drbg_kat_no_reseed kat100_nor_t = {
-    9, kat100_nor_entropyin, kat100_nor_nonce, kat100_nor_persstr,
-    kat100_nor_addin0, kat100_nor_addin1, kat100_nor_retbytes
-};
-static const struct drbg_kat kat100_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat100_nor_t
-};
-
-static const unsigned char kat101_nor_entropyin[] = {
-    0x06, 0x08, 0xdc, 0x6c, 0x8f, 0x9f, 0x19, 0x56, 0xfb, 0xe7, 0xd5, 0xa7,
-    0xc8, 0x2f, 0xd3, 0xb3,
-};
-static const unsigned char kat101_nor_nonce[] = {
-    0x61, 0x5b, 0x62, 0xa0, 0x0d, 0x6d, 0x8d, 0x85,
-};
-static const unsigned char kat101_nor_persstr[] = {
-    0x70, 0xdd, 0x43, 0xc1, 0x76, 0x43, 0x18, 0x17, 0x4a, 0x28, 0x57, 0xc4,
-    0x20, 0xdd, 0xf4, 0x07,
-};
-static const unsigned char kat101_nor_addin0[] = {0};
-static const unsigned char kat101_nor_addin1[] = {0};
-static const unsigned char kat101_nor_retbytes[] = {
-    0x71, 0xf4, 0xb5, 0xdf, 0x5b, 0xfa, 0x5f, 0xd5, 0x2c, 0xdc, 0x98, 0x51,
-    0xa6, 0x33, 0xf7, 0x7e, 0xd9, 0x04, 0x58, 0xb5, 0xa2, 0x90, 0xb0, 0x4d,
-    0x2f, 0x35, 0x13, 0x0d, 0x67, 0xa4, 0x2c, 0x16, 0x98, 0xac, 0x5f, 0x9b,
-    0x13, 0x9a, 0x9e, 0xcf, 0x35, 0x90, 0x75, 0x5a, 0x20, 0x41, 0x60, 0xa3,
-    0xa8, 0xf1, 0x7b, 0x77, 0x72, 0x66, 0x52, 0xc6, 0xdc, 0x6e, 0x9f, 0x00,
-    0x96, 0x64, 0x54, 0xfd,
-};
-static const struct drbg_kat_no_reseed kat101_nor_t = {
-    10, kat101_nor_entropyin, kat101_nor_nonce, kat101_nor_persstr,
-    kat101_nor_addin0, kat101_nor_addin1, kat101_nor_retbytes
-};
-static const struct drbg_kat kat101_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat101_nor_t
-};
-
-static const unsigned char kat102_nor_entropyin[] = {
-    0x7b, 0x39, 0x1f, 0x35, 0xdb, 0x0e, 0x53, 0xbf, 0x48, 0xee, 0x55, 0x76,
-    0xb0, 0x23, 0xff, 0x90,
-};
-static const unsigned char kat102_nor_nonce[] = {
-    0x76, 0x21, 0xaa, 0xd5, 0x32, 0x98, 0x2b, 0x23,
-};
-static const unsigned char kat102_nor_persstr[] = {
-    0xa6, 0xe7, 0x57, 0x78, 0xb7, 0x77, 0xd0, 0x1f, 0x00, 0x62, 0x27, 0xc4,
-    0x00, 0xd8, 0xff, 0x86,
-};
-static const unsigned char kat102_nor_addin0[] = {0};
-static const unsigned char kat102_nor_addin1[] = {0};
-static const unsigned char kat102_nor_retbytes[] = {
-    0xd6, 0x17, 0x80, 0xb5, 0xc7, 0x81, 0x41, 0x2b, 0xf3, 0x08, 0x5e, 0xec,
-    0xce, 0xe4, 0x9b, 0x99, 0x35, 0x8a, 0x18, 0x32, 0x23, 0x82, 0x8c, 0x1d,
-    0x80, 0x13, 0xac, 0xe6, 0x13, 0xd8, 0x9a, 0x45, 0x04, 0xd7, 0x5b, 0xa3,
-    0x09, 0xe5, 0x10, 0x58, 0x9a, 0x53, 0xb4, 0x72, 0xbd, 0x5f, 0xa1, 0xee,
-    0x2a, 0x22, 0x39, 0x2b, 0x82, 0x65, 0x70, 0x7c, 0x15, 0xe3, 0x29, 0x35,
-    0xbc, 0x8e, 0xfb, 0x4e,
-};
-static const struct drbg_kat_no_reseed kat102_nor_t = {
-    11, kat102_nor_entropyin, kat102_nor_nonce, kat102_nor_persstr,
-    kat102_nor_addin0, kat102_nor_addin1, kat102_nor_retbytes
-};
-static const struct drbg_kat kat102_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat102_nor_t
-};
-
-static const unsigned char kat103_nor_entropyin[] = {
-    0x09, 0x9f, 0x1f, 0x59, 0x17, 0x07, 0xd1, 0xf9, 0xab, 0xae, 0x7e, 0x2b,
-    0x65, 0xad, 0xab, 0xc3,
-};
-static const unsigned char kat103_nor_nonce[] = {
-    0xf9, 0x0d, 0x35, 0x7a, 0x90, 0x1f, 0x11, 0x35,
-};
-static const unsigned char kat103_nor_persstr[] = {
-    0x74, 0xb8, 0x26, 0x0c, 0xed, 0x4b, 0xbb, 0x80, 0x41, 0x77, 0x92, 0xf1,
-    0x93, 0xc6, 0xf9, 0xac,
-};
-static const unsigned char kat103_nor_addin0[] = {0};
-static const unsigned char kat103_nor_addin1[] = {0};
-static const unsigned char kat103_nor_retbytes[] = {
-    0x86, 0xf5, 0x06, 0x25, 0x6d, 0x29, 0x45, 0x0f, 0x16, 0x07, 0x31, 0x27,
-    0x39, 0xe5, 0xa0, 0x89, 0xb6, 0xb7, 0x86, 0xfd, 0xf5, 0x21, 0x45, 0x76,
-    0x9c, 0xb7, 0x0e, 0xf4, 0xee, 0xd3, 0x21, 0x09, 0xcf, 0x62, 0x36, 0x9d,
-    0x7a, 0x76, 0x59, 0x55, 0x78, 0x1e, 0xae, 0x63, 0x52, 0x02, 0x75, 0x16,
-    0x93, 0x68, 0x25, 0x7c, 0x6d, 0x34, 0x8e, 0xcc, 0x90, 0x0a, 0x38, 0x98,
-    0x77, 0x8d, 0x9a, 0x1a,
-};
-static const struct drbg_kat_no_reseed kat103_nor_t = {
-    12, kat103_nor_entropyin, kat103_nor_nonce, kat103_nor_persstr,
-    kat103_nor_addin0, kat103_nor_addin1, kat103_nor_retbytes
-};
-static const struct drbg_kat kat103_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat103_nor_t
-};
-
-static const unsigned char kat104_nor_entropyin[] = {
-    0xc9, 0x05, 0x9d, 0x7c, 0x01, 0x5c, 0x64, 0xf6, 0xe4, 0x1a, 0xa4, 0x92,
-    0x09, 0x9f, 0x4e, 0xf0,
-};
-static const unsigned char kat104_nor_nonce[] = {
-    0x3f, 0x6e, 0x07, 0x69, 0xce, 0xe1, 0x77, 0xc6,
-};
-static const unsigned char kat104_nor_persstr[] = {
-    0x76, 0xc6, 0xc6, 0x61, 0x32, 0x98, 0xd9, 0x25, 0xa6, 0xc5, 0x07, 0xae,
-    0x65, 0x4d, 0x6d, 0x9a,
-};
-static const unsigned char kat104_nor_addin0[] = {0};
-static const unsigned char kat104_nor_addin1[] = {0};
-static const unsigned char kat104_nor_retbytes[] = {
-    0x23, 0x81, 0x11, 0xc0, 0x06, 0xe5, 0x14, 0xc0, 0x5f, 0x2a, 0xe9, 0x35,
-    0xa3, 0x2d, 0xba, 0xa0, 0xb1, 0x28, 0xda, 0xa0, 0x73, 0x6e, 0x83, 0xd9,
-    0x34, 0x03, 0x77, 0x6c, 0x91, 0xe4, 0x77, 0xd0, 0xd0, 0x2c, 0x4a, 0x24,
-    0x87, 0x6a, 0x23, 0x29, 0xa0, 0xf1, 0x06, 0x03, 0x8d, 0x70, 0x1f, 0xed,
-    0xdf, 0x02, 0x47, 0xcc, 0x75, 0x84, 0x6d, 0xd3, 0x01, 0x08, 0x29, 0x9d,
-    0x84, 0x0e, 0xc4, 0xa8,
-};
-static const struct drbg_kat_no_reseed kat104_nor_t = {
-    13, kat104_nor_entropyin, kat104_nor_nonce, kat104_nor_persstr,
-    kat104_nor_addin0, kat104_nor_addin1, kat104_nor_retbytes
-};
-static const struct drbg_kat kat104_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat104_nor_t
-};
-
-static const unsigned char kat105_nor_entropyin[] = {
-    0x98, 0xd1, 0x3c, 0x30, 0xa6, 0xda, 0xe2, 0xca, 0x76, 0xd7, 0xd6, 0x67,
-    0x9f, 0x1f, 0xfb, 0xc4,
-};
-static const unsigned char kat105_nor_nonce[] = {
-    0x49, 0x0b, 0x93, 0x9e, 0xb5, 0x56, 0xff, 0x1b,
-};
-static const unsigned char kat105_nor_persstr[] = {
-    0x6c, 0x10, 0xa7, 0xc3, 0x0f, 0xb5, 0x34, 0xb5, 0x93, 0x4b, 0x1c, 0x29,
-    0x80, 0x84, 0x94, 0xb9,
-};
-static const unsigned char kat105_nor_addin0[] = {0};
-static const unsigned char kat105_nor_addin1[] = {0};
-static const unsigned char kat105_nor_retbytes[] = {
-    0xcb, 0x7d, 0xee, 0xea, 0x97, 0xbd, 0xb0, 0x3f, 0x72, 0xa0, 0x3b, 0x2d,
-    0x9b, 0x5f, 0x1b, 0x33, 0x03, 0x44, 0x48, 0x6e, 0x53, 0xe0, 0x49, 0x27,
-    0xc5, 0x8f, 0xb6, 0x3c, 0x97, 0x1a, 0xc9, 0x87, 0x33, 0xb0, 0x24, 0x9a,
-    0x1e, 0xfa, 0x85, 0xf8, 0x8b, 0xec, 0x48, 0x18, 0xe1, 0x31, 0x10, 0x22,
-    0x07, 0x76, 0xe4, 0xfd, 0xe4, 0x29, 0xe6, 0x39, 0x0a, 0xf4, 0x66, 0x71,
-    0x29, 0x01, 0x18, 0x9b,
-};
-static const struct drbg_kat_no_reseed kat105_nor_t = {
-    14, kat105_nor_entropyin, kat105_nor_nonce, kat105_nor_persstr,
-    kat105_nor_addin0, kat105_nor_addin1, kat105_nor_retbytes
-};
-static const struct drbg_kat kat105_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat105_nor_t
-};
-
-static const unsigned char kat106_nor_entropyin[] = {
-    0x25, 0xad, 0x6e, 0x73, 0x05, 0x5e, 0xcb, 0xc9, 0x49, 0xf2, 0x91, 0xf0,
-    0xf7, 0x97, 0xf1, 0x7a,
-};
-static const unsigned char kat106_nor_nonce[] = {
-    0x1f, 0x85, 0xa9, 0x2a, 0x46, 0x0a, 0x2e, 0xea,
-};
-static const unsigned char kat106_nor_persstr[] = {
-    0x83, 0xd0, 0x4b, 0x4b, 0x15, 0x91, 0xc7, 0xba, 0xc9, 0xbc, 0xa9, 0x07,
-    0xbb, 0xe9, 0xdd, 0xd4,
-};
-static const unsigned char kat106_nor_addin0[] = {
-    0x52, 0x3c, 0x6c, 0xb0, 0xbc, 0x27, 0xd1, 0x9f, 0x8d, 0x2e, 0xbe, 0xf5,
-    0x79, 0x26, 0xdd, 0xe4,
-};
-static const unsigned char kat106_nor_addin1[] = {
-    0xd3, 0x3c, 0xd1, 0x4b, 0x5b, 0x79, 0x37, 0x38, 0x8e, 0x89, 0xec, 0xc0,
-    0x80, 0x63, 0x03, 0xf0,
-};
-static const unsigned char kat106_nor_retbytes[] = {
-    0x23, 0xd9, 0x19, 0x5e, 0x40, 0x26, 0xed, 0xf0, 0x70, 0x88, 0xb8, 0x37,
-    0x62, 0x75, 0x47, 0xa0, 0xea, 0x91, 0x37, 0xed, 0x03, 0x36, 0xd7, 0x69,
-    0x60, 0x15, 0xdd, 0x6f, 0x29, 0x84, 0xde, 0xdb, 0x2a, 0x20, 0x7f, 0x2e,
-    0xb8, 0xa2, 0x56, 0x60, 0xa5, 0xee, 0x78, 0x11, 0x78, 0x57, 0x9a, 0x0f,
-    0x23, 0x3f, 0xb6, 0xf7, 0x26, 0x03, 0x58, 0xdb, 0xfd, 0x53, 0x25, 0xc3,
-    0xf8, 0xc8, 0xfe, 0x33,
-};
-static const struct drbg_kat_no_reseed kat106_nor_t = {
-    0, kat106_nor_entropyin, kat106_nor_nonce, kat106_nor_persstr,
-    kat106_nor_addin0, kat106_nor_addin1, kat106_nor_retbytes
-};
-static const struct drbg_kat kat106_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat106_nor_t
-};
-
-static const unsigned char kat107_nor_entropyin[] = {
-    0xae, 0x33, 0x2f, 0x73, 0x39, 0x0e, 0x27, 0x75, 0x6b, 0xc9, 0x3d, 0x2b,
-    0x95, 0x1b, 0x8b, 0x44,
-};
-static const unsigned char kat107_nor_nonce[] = {
-    0xe6, 0x9f, 0xc8, 0xa1, 0x64, 0x50, 0xfb, 0x6d,
-};
-static const unsigned char kat107_nor_persstr[] = {
-    0x5f, 0x76, 0x86, 0x3d, 0x3a, 0x20, 0x87, 0xe9, 0xcb, 0x90, 0xe1, 0x12,
-    0xc1, 0x68, 0x06, 0xe2,
-};
-static const unsigned char kat107_nor_addin0[] = {
-    0xbf, 0x6a, 0x8e, 0x05, 0x6e, 0x6c, 0x3c, 0xc1, 0xa6, 0xcb, 0xdb, 0x6b,
-    0x59, 0xeb, 0xea, 0xe2,
-};
-static const unsigned char kat107_nor_addin1[] = {
-    0xd8, 0x7a, 0xb9, 0x22, 0x4a, 0xa9, 0xcd, 0x9b, 0x5b, 0x84, 0x78, 0x35,
-    0xcb, 0x0d, 0xaa, 0xc4,
-};
-static const unsigned char kat107_nor_retbytes[] = {
-    0xe0, 0xa2, 0xdd, 0x56, 0x06, 0xa0, 0xa2, 0x61, 0x57, 0xf9, 0x21, 0x05,
-    0x11, 0xbb, 0xde, 0x50, 0xc9, 0x2f, 0x34, 0xad, 0x92, 0x36, 0x3c, 0xb9,
-    0x2a, 0x05, 0x20, 0x8b, 0x60, 0xb3, 0x3d, 0x21, 0xc3, 0xd6, 0xc0, 0xc6,
-    0xef, 0x05, 0x4e, 0xc4, 0x09, 0xb4, 0x63, 0x0d, 0xea, 0xc4, 0xc6, 0xd1,
-    0xad, 0x1b, 0x6b, 0xe7, 0x5f, 0xff, 0x27, 0xaa, 0x74, 0x94, 0x13, 0xc8,
-    0xb6, 0x4c, 0xf3, 0xe1,
-};
-static const struct drbg_kat_no_reseed kat107_nor_t = {
-    1, kat107_nor_entropyin, kat107_nor_nonce, kat107_nor_persstr,
-    kat107_nor_addin0, kat107_nor_addin1, kat107_nor_retbytes
-};
-static const struct drbg_kat kat107_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat107_nor_t
-};
-
-static const unsigned char kat108_nor_entropyin[] = {
-    0xe1, 0xa5, 0x89, 0xaf, 0xab, 0x83, 0x91, 0x69, 0x2d, 0xba, 0x52, 0x31,
-    0x8a, 0xa8, 0xdc, 0x0d,
-};
-static const unsigned char kat108_nor_nonce[] = {
-    0x22, 0xeb, 0xcf, 0x2e, 0x24, 0xa9, 0x55, 0x28,
-};
-static const unsigned char kat108_nor_persstr[] = {
-    0x82, 0xe8, 0xc3, 0x55, 0xdb, 0xc9, 0xcd, 0x4c, 0x8d, 0x52, 0xfa, 0x45,
-    0x21, 0x18, 0xf9, 0xf8,
-};
-static const unsigned char kat108_nor_addin0[] = {
-    0xf7, 0x74, 0x57, 0xec, 0x32, 0xde, 0x66, 0x6f, 0x37, 0x0d, 0xa9, 0xe6,
-    0xc2, 0x20, 0xc5, 0x80,
-};
-static const unsigned char kat108_nor_addin1[] = {
-    0xba, 0x25, 0xaa, 0x3a, 0xb3, 0xd5, 0x0a, 0x72, 0xb6, 0xc1, 0xb4, 0x3f,
-    0x30, 0xdb, 0x44, 0x55,
-};
-static const unsigned char kat108_nor_retbytes[] = {
-    0x88, 0x59, 0x55, 0xd1, 0x27, 0xfa, 0xf4, 0xc9, 0x21, 0xc4, 0xed, 0x3f,
-    0x38, 0xbc, 0x15, 0x42, 0xb9, 0x5a, 0x87, 0x83, 0x4d, 0x4d, 0x73, 0xd1,
-    0x56, 0x24, 0x00, 0xa6, 0xd3, 0xaa, 0x8e, 0x6c, 0x69, 0x7b, 0x71, 0x1d,
-    0x91, 0x0e, 0xec, 0xeb, 0xc9, 0xca, 0x4e, 0xc2, 0xdc, 0x17, 0xe7, 0x98,
-    0x93, 0xe7, 0xf7, 0x34, 0xc4, 0x56, 0x75, 0xde, 0x47, 0x7f, 0x55, 0x45,
-    0xbd, 0x94, 0xcd, 0xee,
-};
-static const struct drbg_kat_no_reseed kat108_nor_t = {
-    2, kat108_nor_entropyin, kat108_nor_nonce, kat108_nor_persstr,
-    kat108_nor_addin0, kat108_nor_addin1, kat108_nor_retbytes
-};
-static const struct drbg_kat kat108_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat108_nor_t
-};
-
-static const unsigned char kat109_nor_entropyin[] = {
-    0x6f, 0xb7, 0x6f, 0xcd, 0x3d, 0x76, 0x2f, 0xa4, 0xc5, 0x0d, 0xe1, 0xf2,
-    0x2e, 0x92, 0x76, 0x83,
-};
-static const unsigned char kat109_nor_nonce[] = {
-    0xa5, 0xee, 0xf1, 0x2f, 0x3b, 0x3c, 0x25, 0xa3,
-};
-static const unsigned char kat109_nor_persstr[] = {
-    0x54, 0x86, 0x7d, 0x7d, 0xc8, 0xce, 0xf5, 0x23, 0x42, 0xbb, 0xc0, 0x09,
-    0x95, 0x4e, 0xfb, 0xf8,
-};
-static const unsigned char kat109_nor_addin0[] = {
-    0xfa, 0xc5, 0x52, 0xaa, 0x87, 0x96, 0xe8, 0x85, 0x8d, 0x55, 0xae, 0x37,
-    0x1a, 0x0f, 0x54, 0x8f,
-};
-static const unsigned char kat109_nor_addin1[] = {
-    0xfe, 0xfb, 0xe9, 0xc8, 0x3c, 0x15, 0x9f, 0xcf, 0xa9, 0x2e, 0xe8, 0x18,
-    0x76, 0x1d, 0x49, 0xdc,
-};
-static const unsigned char kat109_nor_retbytes[] = {
-    0x09, 0x4f, 0x86, 0x3b, 0x88, 0xe2, 0xb5, 0x5e, 0xf4, 0x15, 0xd2, 0x68,
-    0x82, 0x94, 0xc7, 0xd8, 0xd2, 0xd7, 0x76, 0xc1, 0x69, 0x16, 0x73, 0x91,
-    0xdf, 0x36, 0xf8, 0x0a, 0xd8, 0xe9, 0x83, 0x3e, 0x97, 0x61, 0x6e, 0xf6,
-    0xe0, 0xa4, 0x5f, 0x94, 0x0d, 0x66, 0x38, 0x30, 0x18, 0xae, 0xe8, 0x6a,
-    0x48, 0x0a, 0x26, 0x51, 0xd6, 0xe2, 0xef, 0xad, 0x61, 0x5a, 0x05, 0x1f,
-    0x0d, 0xca, 0x64, 0xae,
-};
-static const struct drbg_kat_no_reseed kat109_nor_t = {
-    3, kat109_nor_entropyin, kat109_nor_nonce, kat109_nor_persstr,
-    kat109_nor_addin0, kat109_nor_addin1, kat109_nor_retbytes
-};
-static const struct drbg_kat kat109_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat109_nor_t
-};
-
-static const unsigned char kat110_nor_entropyin[] = {
-    0x5b, 0x32, 0xa3, 0x92, 0xdc, 0x66, 0x5a, 0xb5, 0x8f, 0x25, 0x98, 0xea,
-    0xb0, 0x7d, 0x8e, 0x53,
-};
-static const unsigned char kat110_nor_nonce[] = {
-    0xc6, 0xf6, 0x13, 0x10, 0x73, 0x88, 0x60, 0xf5,
-};
-static const unsigned char kat110_nor_persstr[] = {
-    0x9f, 0x30, 0x9a, 0x68, 0x53, 0x29, 0x82, 0x16, 0x92, 0xa9, 0x73, 0x00,
-    0x62, 0x0c, 0x01, 0x56,
-};
-static const unsigned char kat110_nor_addin0[] = {
-    0x87, 0x5a, 0x4a, 0x43, 0xbd, 0xdf, 0x1a, 0x73, 0x05, 0x52, 0x6a, 0x48,
-    0x8a, 0x1e, 0x0e, 0xb4,
-};
-static const unsigned char kat110_nor_addin1[] = {
-    0x21, 0x14, 0xa7, 0xcb, 0x15, 0x49, 0x0c, 0x06, 0x3b, 0xb4, 0x66, 0x8f,
-    0x36, 0x9a, 0x3d, 0x8e,
-};
-static const unsigned char kat110_nor_retbytes[] = {
-    0x91, 0xc1, 0xf1, 0x99, 0xf6, 0x71, 0xff, 0x56, 0x8e, 0x0e, 0xce, 0x46,
-    0x08, 0x87, 0x65, 0x16, 0x23, 0x22, 0xa8, 0x21, 0x60, 0x66, 0xf9, 0xa4,
-    0x15, 0xd7, 0xcc, 0xd9, 0xdf, 0xe7, 0x23, 0xc5, 0x21, 0xf5, 0x7d, 0xbd,
-    0x84, 0x69, 0xe3, 0x9b, 0xac, 0xda, 0xc3, 0x1e, 0x74, 0x2a, 0x2d, 0x2f,
-    0xf2, 0xa3, 0x1d, 0x5a, 0x15, 0xa0, 0x1b, 0xfd, 0x32, 0xbe, 0x50, 0x28,
-    0x6c, 0x73, 0x0e, 0xad,
-};
-static const struct drbg_kat_no_reseed kat110_nor_t = {
-    4, kat110_nor_entropyin, kat110_nor_nonce, kat110_nor_persstr,
-    kat110_nor_addin0, kat110_nor_addin1, kat110_nor_retbytes
-};
-static const struct drbg_kat kat110_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat110_nor_t
-};
-
-static const unsigned char kat111_nor_entropyin[] = {
-    0x79, 0x95, 0x7c, 0x33, 0xe4, 0x5b, 0xba, 0x1c, 0x8a, 0xe6, 0x90, 0x29,
-    0x07, 0x7a, 0xe3, 0x6b,
-};
-static const unsigned char kat111_nor_nonce[] = {
-    0x5b, 0x49, 0xd8, 0xe7, 0xc1, 0x80, 0xbc, 0xb6,
-};
-static const unsigned char kat111_nor_persstr[] = {
-    0x2a, 0xa8, 0xe7, 0x7b, 0x94, 0xfe, 0x0d, 0xdf, 0x0e, 0x57, 0x30, 0x2c,
-    0x8e, 0xbd, 0xc2, 0x2a,
-};
-static const unsigned char kat111_nor_addin0[] = {
-    0x14, 0x84, 0x4d, 0x85, 0xe5, 0x0c, 0xb1, 0xfc, 0xb4, 0xe6, 0x88, 0x7b,
-    0x3f, 0xc6, 0x7f, 0x54,
-};
-static const unsigned char kat111_nor_addin1[] = {
-    0x4c, 0x7c, 0xb0, 0x69, 0x29, 0x7c, 0x18, 0x65, 0x33, 0x94, 0xb8, 0x2b,
-    0xe6, 0xa9, 0x30, 0x99,
-};
-static const unsigned char kat111_nor_retbytes[] = {
-    0x06, 0x61, 0xe2, 0x41, 0x6e, 0x71, 0xfe, 0x49, 0x11, 0x9f, 0x96, 0x76,
-    0x42, 0xfd, 0x37, 0xdd, 0xb5, 0x82, 0xa1, 0x89, 0xa8, 0x88, 0xe7, 0xd4,
-    0xa2, 0xaa, 0x56, 0x27, 0x51, 0x94, 0xc8, 0xca, 0x69, 0x8f, 0xb2, 0xd6,
-    0x96, 0x83, 0x4b, 0x88, 0xb5, 0x72, 0xf0, 0xfd, 0xf5, 0xba, 0xdb, 0x6b,
-    0xf5, 0x8d, 0x16, 0x12, 0xd2, 0x5f, 0x5e, 0xe3, 0xf6, 0x2d, 0x33, 0xdb,
-    0x9a, 0x86, 0xb0, 0x87,
-};
-static const struct drbg_kat_no_reseed kat111_nor_t = {
-    5, kat111_nor_entropyin, kat111_nor_nonce, kat111_nor_persstr,
-    kat111_nor_addin0, kat111_nor_addin1, kat111_nor_retbytes
-};
-static const struct drbg_kat kat111_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat111_nor_t
-};
-
-static const unsigned char kat112_nor_entropyin[] = {
-    0x70, 0x50, 0x89, 0x80, 0x36, 0x2e, 0x96, 0x2a, 0xe7, 0x78, 0x45, 0x80,
-    0x81, 0xcf, 0xbb, 0xe6,
-};
-static const unsigned char kat112_nor_nonce[] = {
-    0x29, 0xcc, 0xf6, 0xed, 0xba, 0x46, 0x2d, 0xc2,
-};
-static const unsigned char kat112_nor_persstr[] = {
-    0x48, 0xa3, 0xd8, 0xdb, 0xdc, 0x85, 0x18, 0x8a, 0xbb, 0x35, 0xb5, 0x6c,
-    0x19, 0x4d, 0x60, 0x20,
-};
-static const unsigned char kat112_nor_addin0[] = {
-    0xa8, 0x14, 0x72, 0x42, 0xe2, 0x47, 0x37, 0xfc, 0xf3, 0xb0, 0x07, 0xd2,
-    0x84, 0xd6, 0x61, 0xc4,
-};
-static const unsigned char kat112_nor_addin1[] = {
-    0x96, 0x4a, 0x9d, 0x06, 0x86, 0xd9, 0x61, 0x93, 0xfb, 0x2e, 0x4a, 0x35,
-    0x14, 0x5e, 0xdc, 0xc8,
-};
-static const unsigned char kat112_nor_retbytes[] = {
-    0xd8, 0x1b, 0xd5, 0xda, 0x60, 0xd9, 0x9d, 0x6d, 0xaa, 0xec, 0xeb, 0xc0,
-    0x60, 0x65, 0x26, 0x33, 0xec, 0x14, 0xdc, 0x3b, 0x84, 0x69, 0x3b, 0xdf,
-    0xf7, 0x67, 0x77, 0x1f, 0x03, 0x2b, 0xfa, 0x2e, 0x4d, 0xfa, 0xd5, 0x3e,
-    0xf6, 0xd1, 0x99, 0x10, 0xbd, 0x92, 0x5d, 0xf1, 0x20, 0x9f, 0x33, 0xea,
-    0x11, 0xe3, 0xf1, 0xe8, 0x37, 0xb0, 0x3e, 0x7a, 0x70, 0x03, 0x25, 0x7f,
-    0xf4, 0x20, 0xa6, 0x92,
-};
-static const struct drbg_kat_no_reseed kat112_nor_t = {
-    6, kat112_nor_entropyin, kat112_nor_nonce, kat112_nor_persstr,
-    kat112_nor_addin0, kat112_nor_addin1, kat112_nor_retbytes
-};
-static const struct drbg_kat kat112_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat112_nor_t
-};
-
-static const unsigned char kat113_nor_entropyin[] = {
-    0xb7, 0x83, 0x71, 0xba, 0xf5, 0x86, 0xc0, 0xdd, 0x05, 0x4b, 0xfd, 0x29,
-    0x3f, 0xc7, 0xe8, 0xdc,
-};
-static const unsigned char kat113_nor_nonce[] = {
-    0x11, 0x9b, 0x23, 0x2c, 0xe4, 0xca, 0xda, 0x97,
-};
-static const unsigned char kat113_nor_persstr[] = {
-    0x3a, 0x58, 0x75, 0xb4, 0x43, 0x07, 0x3c, 0x9b, 0xf6, 0x4a, 0x0a, 0xaa,
-    0xf2, 0x6b, 0xa4, 0x4f,
-};
-static const unsigned char kat113_nor_addin0[] = {
-    0x4d, 0x2d, 0x4f, 0x16, 0xb7, 0xb7, 0xd2, 0xd2, 0xbb, 0x4d, 0x83, 0xa4,
-    0x92, 0x99, 0x96, 0xb2,
-};
-static const unsigned char kat113_nor_addin1[] = {
-    0x7d, 0x31, 0x73, 0xe0, 0x8a, 0xea, 0x4c, 0x8b, 0x6e, 0xf9, 0xe3, 0xcd,
-    0x69, 0x8f, 0x9b, 0x09,
-};
-static const unsigned char kat113_nor_retbytes[] = {
-    0xbb, 0x04, 0x86, 0x41, 0xf0, 0x36, 0xdc, 0x11, 0xb8, 0xdf, 0x8a, 0xd3,
-    0xe4, 0xd5, 0xbd, 0xfc, 0x30, 0x9b, 0x2c, 0x3f, 0x22, 0xb3, 0xd2, 0xb8,
-    0xac, 0xf1, 0x96, 0xd5, 0x0c, 0xd5, 0x42, 0xde, 0x13, 0xcd, 0x99, 0x97,
-    0x8a, 0x92, 0x0a, 0xcb, 0xa6, 0x1d, 0xc0, 0x7c, 0x64, 0x6b, 0x48, 0x09,
-    0x44, 0x79, 0xbb, 0x44, 0x17, 0xd8, 0x40, 0x9a, 0xba, 0xe3, 0xd6, 0x9e,
-    0xd5, 0x2a, 0x2a, 0x3e,
-};
-static const struct drbg_kat_no_reseed kat113_nor_t = {
-    7, kat113_nor_entropyin, kat113_nor_nonce, kat113_nor_persstr,
-    kat113_nor_addin0, kat113_nor_addin1, kat113_nor_retbytes
-};
-static const struct drbg_kat kat113_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat113_nor_t
-};
-
-static const unsigned char kat114_nor_entropyin[] = {
-    0x96, 0xbf, 0xc3, 0x47, 0xb3, 0x06, 0x80, 0x5a, 0xf8, 0x8d, 0xa0, 0x07,
-    0x67, 0x5d, 0xb4, 0x7c,
-};
-static const unsigned char kat114_nor_nonce[] = {
-    0x12, 0x95, 0x37, 0x06, 0xa0, 0x6e, 0xb5, 0x30,
-};
-static const unsigned char kat114_nor_persstr[] = {
-    0x46, 0x73, 0x3d, 0xdd, 0xaf, 0x70, 0xe3, 0xf2, 0x07, 0x5c, 0xb8, 0x70,
-    0xf4, 0x7e, 0x72, 0xdf,
-};
-static const unsigned char kat114_nor_addin0[] = {
-    0x64, 0xf7, 0x9a, 0xd1, 0xdf, 0xa3, 0x93, 0xd3, 0x6b, 0xf5, 0xbe, 0x83,
-    0x32, 0x90, 0xb6, 0x94,
-};
-static const unsigned char kat114_nor_addin1[] = {
-    0x5d, 0x21, 0x0f, 0x12, 0x85, 0xf0, 0xfb, 0x03, 0x8a, 0x75, 0x34, 0x76,
-    0xef, 0x24, 0x91, 0x79,
-};
-static const unsigned char kat114_nor_retbytes[] = {
-    0x67, 0xb6, 0x9b, 0xa4, 0x34, 0x90, 0x3e, 0x2b, 0xbf, 0x46, 0xd3, 0xf5,
-    0xe3, 0x00, 0xb9, 0xe5, 0xcf, 0x33, 0x01, 0xbe, 0xaa, 0xb7, 0xd3, 0x0b,
-    0x46, 0x52, 0xed, 0x3b, 0xf6, 0x62, 0x65, 0x79, 0x50, 0x3a, 0x54, 0x4e,
-    0x58, 0x23, 0x7c, 0x5e, 0x55, 0x1a, 0xd5, 0xee, 0x17, 0xb7, 0x36, 0x12,
-    0x0c, 0x37, 0xa3, 0x02, 0x9b, 0xd7, 0xa1, 0x03, 0x4d, 0x4c, 0x49, 0xf6,
-    0x1e, 0x04, 0x0a, 0xca,
-};
-static const struct drbg_kat_no_reseed kat114_nor_t = {
-    8, kat114_nor_entropyin, kat114_nor_nonce, kat114_nor_persstr,
-    kat114_nor_addin0, kat114_nor_addin1, kat114_nor_retbytes
-};
-static const struct drbg_kat kat114_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat114_nor_t
-};
-
-static const unsigned char kat115_nor_entropyin[] = {
-    0x9a, 0x4c, 0x8b, 0x46, 0xa9, 0x74, 0xfb, 0xc8, 0x5e, 0x25, 0x6d, 0x1f,
-    0x07, 0xcc, 0x59, 0xaa,
-};
-static const unsigned char kat115_nor_nonce[] = {
-    0xeb, 0x8d, 0x66, 0x21, 0x02, 0x09, 0x01, 0x14,
-};
-static const unsigned char kat115_nor_persstr[] = {
-    0xb9, 0x4b, 0x8d, 0x2a, 0x64, 0x92, 0x66, 0x64, 0x5a, 0x71, 0x5a, 0xfc,
-    0xa0, 0x99, 0x5d, 0x9d,
-};
-static const unsigned char kat115_nor_addin0[] = {
-    0xf3, 0x36, 0xe1, 0xd6, 0x2a, 0xc5, 0x68, 0xed, 0x13, 0x2e, 0xa0, 0x18,
-    0x15, 0xda, 0xd5, 0x08,
-};
-static const unsigned char kat115_nor_addin1[] = {
-    0x66, 0x76, 0x26, 0xa2, 0x3d, 0x23, 0xb7, 0x16, 0x5a, 0x6a, 0x88, 0x5d,
-    0x41, 0xfa, 0x90, 0x1c,
-};
-static const unsigned char kat115_nor_retbytes[] = {
-    0x2d, 0xf3, 0x3f, 0x7a, 0xd2, 0xc2, 0xd8, 0x6e, 0x61, 0x63, 0x3c, 0x25,
-    0xa8, 0xac, 0x57, 0xb5, 0xde, 0xad, 0x88, 0x02, 0x1c, 0x93, 0xad, 0x69,
-    0xba, 0x6c, 0x52, 0x27, 0x99, 0xc4, 0xbe, 0xbf, 0xda, 0x78, 0x27, 0x72,
-    0xc8, 0x1e, 0x7e, 0x02, 0xd8, 0xb8, 0x82, 0x54, 0x6b, 0x24, 0x2b, 0xb2,
-    0x2f, 0x31, 0x05, 0x65, 0xba, 0xc3, 0x16, 0x26, 0x9f, 0xfc, 0x80, 0x04,
-    0xd5, 0x44, 0x06, 0x31,
-};
-static const struct drbg_kat_no_reseed kat115_nor_t = {
-    9, kat115_nor_entropyin, kat115_nor_nonce, kat115_nor_persstr,
-    kat115_nor_addin0, kat115_nor_addin1, kat115_nor_retbytes
-};
-static const struct drbg_kat kat115_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat115_nor_t
-};
-
-static const unsigned char kat116_nor_entropyin[] = {
-    0xc7, 0xd6, 0x55, 0x75, 0x65, 0xa1, 0xfd, 0xe4, 0x80, 0x84, 0x1f, 0x1f,
-    0x1a, 0x10, 0xf6, 0x7d,
-};
-static const unsigned char kat116_nor_nonce[] = {
-    0x02, 0xf8, 0x47, 0x98, 0x66, 0x26, 0xbb, 0x4b,
-};
-static const unsigned char kat116_nor_persstr[] = {
-    0x61, 0x8c, 0xac, 0x99, 0x53, 0x17, 0x91, 0x67, 0x36, 0x03, 0xa1, 0x6b,
-    0x99, 0xab, 0x0e, 0x80,
-};
-static const unsigned char kat116_nor_addin0[] = {
-    0x81, 0x0c, 0x8b, 0xe4, 0xb1, 0x80, 0x1f, 0xec, 0x75, 0x40, 0x63, 0xc2,
-    0x61, 0x15, 0x66, 0x60,
-};
-static const unsigned char kat116_nor_addin1[] = {
-    0xe2, 0x59, 0x4d, 0x34, 0xce, 0x1a, 0xd6, 0x53, 0x51, 0x28, 0x60, 0x69,
-    0xeb, 0x1a, 0x63, 0x08,
-};
-static const unsigned char kat116_nor_retbytes[] = {
-    0xa3, 0xc4, 0xd0, 0x2d, 0xa0, 0x16, 0x6f, 0xef, 0x32, 0xce, 0x69, 0x97,
-    0x5d, 0xb9, 0x4d, 0x19, 0x60, 0x44, 0xe8, 0x1f, 0x59, 0x04, 0x4d, 0x22,
-    0xdf, 0x84, 0x05, 0xb4, 0x68, 0xeb, 0xd5, 0xa9, 0x29, 0x97, 0xfe, 0xeb,
-    0xa8, 0x2d, 0x7a, 0xdf, 0x97, 0xcc, 0xbb, 0x1a, 0x59, 0x35, 0x56, 0x26,
-    0xae, 0xfa, 0xe0, 0xd4, 0x35, 0xb4, 0x03, 0xb7, 0xde, 0xb9, 0x00, 0x5b,
-    0x8f, 0x5e, 0xa9, 0xa5,
-};
-static const struct drbg_kat_no_reseed kat116_nor_t = {
-    10, kat116_nor_entropyin, kat116_nor_nonce, kat116_nor_persstr,
-    kat116_nor_addin0, kat116_nor_addin1, kat116_nor_retbytes
-};
-static const struct drbg_kat kat116_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat116_nor_t
-};
-
-static const unsigned char kat117_nor_entropyin[] = {
-    0x14, 0x0d, 0xbf, 0xf6, 0x3e, 0x70, 0x83, 0xc3, 0x08, 0x41, 0x9f, 0x86,
-    0x4c, 0x09, 0x3e, 0x99,
-};
-static const unsigned char kat117_nor_nonce[] = {
-    0xeb, 0x1c, 0x66, 0x92, 0xdb, 0x94, 0x9d, 0x5a,
-};
-static const unsigned char kat117_nor_persstr[] = {
-    0x23, 0xd3, 0x27, 0x21, 0xf1, 0xc0, 0x3a, 0x90, 0xf3, 0x9e, 0xf0, 0x21,
-    0xac, 0x88, 0x84, 0xc7,
-};
-static const unsigned char kat117_nor_addin0[] = {
-    0xc6, 0xe3, 0x80, 0x8d, 0xb9, 0xf9, 0xda, 0x14, 0x23, 0x9a, 0xd7, 0xd7,
-    0x18, 0x28, 0x6a, 0x96,
-};
-static const unsigned char kat117_nor_addin1[] = {
-    0xa8, 0x4a, 0xaa, 0xdb, 0x7d, 0x57, 0x2a, 0x9a, 0xfc, 0xa3, 0xf7, 0x6c,
-    0xed, 0xf0, 0xa4, 0xb9,
-};
-static const unsigned char kat117_nor_retbytes[] = {
-    0x74, 0x3d, 0xf9, 0x7c, 0x2e, 0x99, 0xd9, 0x74, 0x07, 0x77, 0x72, 0xa6,
-    0xfe, 0xa4, 0x03, 0x12, 0x8f, 0x41, 0xff, 0x32, 0xa9, 0x5f, 0xb4, 0xf8,
-    0xb0, 0xec, 0xca, 0xa0, 0x57, 0x1c, 0xd2, 0x57, 0x8e, 0x48, 0x2c, 0xe7,
-    0x09, 0x84, 0x99, 0xc4, 0xd3, 0x01, 0x5f, 0x91, 0x92, 0x35, 0x52, 0x38,
-    0xc7, 0x0f, 0x8b, 0x76, 0xa5, 0x04, 0x27, 0x2a, 0x87, 0x09, 0xcd, 0x0e,
-    0x2d, 0xc8, 0x2c, 0x9c,
-};
-static const struct drbg_kat_no_reseed kat117_nor_t = {
-    11, kat117_nor_entropyin, kat117_nor_nonce, kat117_nor_persstr,
-    kat117_nor_addin0, kat117_nor_addin1, kat117_nor_retbytes
-};
-static const struct drbg_kat kat117_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat117_nor_t
-};
-
-static const unsigned char kat118_nor_entropyin[] = {
-    0x6a, 0xf3, 0x96, 0x2f, 0xd6, 0xae, 0x84, 0xde, 0xc3, 0xf8, 0x94, 0xbf,
-    0x39, 0xc6, 0x46, 0x42,
-};
-static const unsigned char kat118_nor_nonce[] = {
-    0xc0, 0x20, 0x49, 0x64, 0x61, 0xa3, 0x91, 0x61,
-};
-static const unsigned char kat118_nor_persstr[] = {
-    0x75, 0xca, 0xef, 0xe7, 0x75, 0x20, 0x45, 0xfc, 0xb1, 0xe5, 0xfc, 0x22,
-    0x7f, 0xfb, 0x94, 0x0d,
-};
-static const unsigned char kat118_nor_addin0[] = {
-    0x16, 0x64, 0xf7, 0xcc, 0x88, 0xd0, 0x1d, 0x7f, 0x27, 0x86, 0x15, 0xc5,
-    0x63, 0x09, 0x2f, 0xd6,
-};
-static const unsigned char kat118_nor_addin1[] = {
-    0x60, 0xb7, 0xa8, 0x6b, 0xc0, 0xc8, 0xdd, 0x2b, 0xd0, 0x7a, 0xda, 0xa4,
-    0xd5, 0xc2, 0x4d, 0x68,
-};
-static const unsigned char kat118_nor_retbytes[] = {
-    0xb4, 0xed, 0xc9, 0x65, 0x0d, 0x81, 0x47, 0x17, 0x0c, 0x81, 0x52, 0x9f,
-    0x2f, 0xd7, 0x33, 0x11, 0x53, 0xa6, 0x1d, 0x0d, 0x58, 0xb7, 0x6b, 0x50,
-    0xbb, 0x52, 0xda, 0x0a, 0x79, 0x51, 0x64, 0xbe, 0xeb, 0xc6, 0x09, 0x32,
-    0x05, 0x20, 0x32, 0x8f, 0x3d, 0x4e, 0x83, 0xcd, 0x80, 0xd0, 0xb1, 0xcb,
-    0xbb, 0xfd, 0x0a, 0x84, 0xa9, 0x65, 0x10, 0x88, 0x11, 0x01, 0xfb, 0xc7,
-    0x40, 0xb2, 0x81, 0x7f,
-};
-static const struct drbg_kat_no_reseed kat118_nor_t = {
-    12, kat118_nor_entropyin, kat118_nor_nonce, kat118_nor_persstr,
-    kat118_nor_addin0, kat118_nor_addin1, kat118_nor_retbytes
-};
-static const struct drbg_kat kat118_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat118_nor_t
-};
-
-static const unsigned char kat119_nor_entropyin[] = {
-    0x36, 0xe2, 0x7a, 0xa6, 0xb3, 0x66, 0x99, 0xe9, 0x46, 0x45, 0x95, 0xa9,
-    0x32, 0xcc, 0x92, 0x8e,
-};
-static const unsigned char kat119_nor_nonce[] = {
-    0x65, 0x16, 0xbb, 0x91, 0x85, 0x66, 0xbf, 0x89,
-};
-static const unsigned char kat119_nor_persstr[] = {
-    0x9b, 0xc6, 0x83, 0xa1, 0xf4, 0x65, 0xba, 0x0f, 0x2c, 0xe1, 0x8c, 0x8b,
-    0x9c, 0x61, 0x42, 0x44,
-};
-static const unsigned char kat119_nor_addin0[] = {
-    0x0d, 0x17, 0x5b, 0x34, 0xd8, 0xb9, 0xe2, 0x70, 0x74, 0x5a, 0x71, 0xf3,
-    0x5d, 0x41, 0x6f, 0x10,
-};
-static const unsigned char kat119_nor_addin1[] = {
-    0xa7, 0x90, 0xc8, 0x6f, 0xdf, 0x0c, 0xa8, 0x0e, 0xb3, 0xd6, 0xf7, 0x02,
-    0x91, 0x6e, 0xa9, 0x9f,
-};
-static const unsigned char kat119_nor_retbytes[] = {
-    0x34, 0xea, 0x96, 0x29, 0x62, 0x7f, 0x66, 0x84, 0xb9, 0xab, 0x85, 0xf8,
-    0x16, 0x46, 0x86, 0x4d, 0xd8, 0xef, 0x3a, 0x15, 0xed, 0xc8, 0x01, 0xdc,
-    0x39, 0xa7, 0x31, 0xdc, 0x9e, 0x80, 0xe6, 0x26, 0xfc, 0x8c, 0xe2, 0x1e,
-    0x9b, 0x62, 0xe9, 0x48, 0x88, 0x64, 0x89, 0xd5, 0xe4, 0x43, 0x6e, 0x65,
-    0x9f, 0x26, 0xbf, 0xb3, 0x43, 0x51, 0x04, 0xad, 0x9b, 0xfa, 0x0a, 0xaf,
-    0xc5, 0x50, 0x69, 0x17,
-};
-static const struct drbg_kat_no_reseed kat119_nor_t = {
-    13, kat119_nor_entropyin, kat119_nor_nonce, kat119_nor_persstr,
-    kat119_nor_addin0, kat119_nor_addin1, kat119_nor_retbytes
-};
-static const struct drbg_kat kat119_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat119_nor_t
-};
-
-static const unsigned char kat120_nor_entropyin[] = {
-    0xac, 0xa3, 0x59, 0xf1, 0x07, 0xc3, 0x24, 0x64, 0x8a, 0xd4, 0x45, 0x56,
-    0x4b, 0xfa, 0xe5, 0x6d,
-};
-static const unsigned char kat120_nor_nonce[] = {
-    0xf9, 0x5d, 0x1c, 0x8f, 0xd2, 0x66, 0xdf, 0x64,
-};
-static const unsigned char kat120_nor_persstr[] = {
-    0xa5, 0xcf, 0xdc, 0x76, 0xc4, 0xe8, 0x49, 0xe4, 0x5d, 0x8b, 0xcc, 0x68,
-    0xee, 0xb0, 0x12, 0x84,
-};
-static const unsigned char kat120_nor_addin0[] = {
-    0x57, 0x80, 0x2c, 0xc0, 0x6e, 0xf0, 0x34, 0x4b, 0xd1, 0x4a, 0x48, 0x57,
-    0xc6, 0x9f, 0x68, 0xd4,
-};
-static const unsigned char kat120_nor_addin1[] = {
-    0x53, 0x14, 0xfc, 0xcb, 0xe4, 0x52, 0x01, 0x8f, 0xc1, 0x6e, 0x5f, 0xfb,
-    0x5d, 0x90, 0xe8, 0x88,
-};
-static const unsigned char kat120_nor_retbytes[] = {
-    0x21, 0x1d, 0x90, 0xec, 0xd7, 0xd3, 0xdd, 0xd0, 0x3f, 0x91, 0xe8, 0xa6,
-    0x74, 0x40, 0x0f, 0xb1, 0x8d, 0x3f, 0xb3, 0x98, 0x86, 0xa2, 0x26, 0x2f,
-    0x0e, 0x09, 0xff, 0x07, 0x5f, 0x99, 0x8d, 0x21, 0x74, 0x19, 0xf2, 0xe9,
-    0x35, 0x3d, 0x45, 0xb9, 0xdf, 0x10, 0x72, 0x3e, 0xba, 0xeb, 0xcf, 0xf1,
-    0xaa, 0x80, 0x24, 0xd9, 0xb0, 0x96, 0x06, 0x4d, 0x6f, 0x31, 0x83, 0x5b,
-    0x75, 0xf8, 0xea, 0xa6,
-};
-static const struct drbg_kat_no_reseed kat120_nor_t = {
-    14, kat120_nor_entropyin, kat120_nor_nonce, kat120_nor_persstr,
-    kat120_nor_addin0, kat120_nor_addin1, kat120_nor_retbytes
-};
-static const struct drbg_kat kat120_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat120_nor_t
-};
-
-static const unsigned char kat121_nor_entropyin[] = {
-    0x2e, 0x17, 0x24, 0xdb, 0x48, 0x22, 0x32, 0xa3, 0xe6, 0x1f, 0x92, 0xc1,
-    0xc2, 0x66, 0xfa, 0xf8,
-};
-static const unsigned char kat121_nor_nonce[] = {
-    0x38, 0xaa, 0x55, 0x90, 0xf6, 0xbf, 0xaa, 0x4b,
-};
-static const unsigned char kat121_nor_persstr[] = {0};
-static const unsigned char kat121_nor_addin0[] = {0};
-static const unsigned char kat121_nor_addin1[] = {0};
-static const unsigned char kat121_nor_retbytes[] = {
-    0x44, 0x38, 0xb4, 0x8a, 0x45, 0xfb, 0x01, 0x41, 0xe3, 0x1f, 0x0a, 0x96,
-    0x24, 0xdf, 0xe6, 0xfc, 0xc2, 0xf9, 0xed, 0xc0, 0x75, 0xc0, 0xa5, 0x2b,
-    0xc5, 0xfc, 0x46, 0xd8, 0x5a, 0x96, 0x6c, 0x85, 0x3f, 0xee, 0xe6, 0xaf,
-    0x91, 0x32, 0x34, 0xb3, 0xf9, 0xa6, 0x79, 0xf6, 0x67, 0x89, 0x8d, 0xc1,
-    0x5a, 0x24, 0xaa, 0xed, 0x89, 0xf0, 0x35, 0xbf, 0xa5, 0xda, 0x51, 0x6e,
-    0x43, 0x5b, 0xba, 0xd1,
-};
-static const struct drbg_kat_no_reseed kat121_nor_t = {
-    0, kat121_nor_entropyin, kat121_nor_nonce, kat121_nor_persstr,
-    kat121_nor_addin0, kat121_nor_addin1, kat121_nor_retbytes
-};
-static const struct drbg_kat kat121_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat121_nor_t
-};
-
-static const unsigned char kat122_nor_entropyin[] = {
-    0x22, 0x56, 0x4f, 0x77, 0xc4, 0x5b, 0x05, 0x3c, 0xdf, 0x61, 0x43, 0x3e,
-    0xb9, 0x6b, 0x1d, 0x7c,
-};
-static const unsigned char kat122_nor_nonce[] = {
-    0xcf, 0x73, 0xe6, 0x20, 0xf8, 0x51, 0x52, 0x03,
-};
-static const unsigned char kat122_nor_persstr[] = {0};
-static const unsigned char kat122_nor_addin0[] = {0};
-static const unsigned char kat122_nor_addin1[] = {0};
-static const unsigned char kat122_nor_retbytes[] = {
-    0xc7, 0x90, 0x8e, 0x71, 0x2c, 0x71, 0x6d, 0x1f, 0x5e, 0xd5, 0x33, 0xe1,
-    0x42, 0xe7, 0x21, 0x87, 0xea, 0x77, 0xfb, 0x4f, 0x51, 0x6d, 0xc3, 0x1a,
-    0xa1, 0x0a, 0x1e, 0x54, 0x9d, 0x85, 0xea, 0xdb, 0x7a, 0x46, 0x46, 0x17,
-    0x04, 0x64, 0xc1, 0xf7, 0xa7, 0x52, 0xc0, 0x1a, 0x94, 0x06, 0xbe, 0x66,
-    0x43, 0xee, 0x96, 0x7d, 0x04, 0x64, 0xb8, 0x4b, 0x6a, 0x08, 0xb2, 0xed,
-    0x0a, 0x7a, 0xcb, 0x07,
-};
-static const struct drbg_kat_no_reseed kat122_nor_t = {
-    1, kat122_nor_entropyin, kat122_nor_nonce, kat122_nor_persstr,
-    kat122_nor_addin0, kat122_nor_addin1, kat122_nor_retbytes
-};
-static const struct drbg_kat kat122_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat122_nor_t
-};
-
-static const unsigned char kat123_nor_entropyin[] = {
-    0x2a, 0x5b, 0x01, 0x2b, 0x09, 0x79, 0x26, 0xe8, 0xf8, 0x57, 0x0f, 0xf8,
-    0x69, 0x2c, 0xc5, 0xd1,
-};
-static const unsigned char kat123_nor_nonce[] = {
-    0xde, 0x8e, 0x07, 0x2d, 0x15, 0x81, 0xaf, 0xe6,
-};
-static const unsigned char kat123_nor_persstr[] = {0};
-static const unsigned char kat123_nor_addin0[] = {0};
-static const unsigned char kat123_nor_addin1[] = {0};
-static const unsigned char kat123_nor_retbytes[] = {
-    0x81, 0xf2, 0xe2, 0xc8, 0x58, 0x5e, 0x8d, 0xc4, 0x65, 0xd7, 0x8e, 0x7b,
-    0x75, 0xb9, 0xf6, 0xc2, 0xbb, 0xdc, 0xde, 0x94, 0x75, 0xd4, 0x25, 0x0f,
-    0xb4, 0x9e, 0x04, 0xc5, 0x6e, 0x30, 0x48, 0x9e, 0x24, 0xdf, 0x48, 0x58,
-    0xf7, 0x4e, 0xd0, 0x85, 0xcb, 0xa9, 0xf9, 0x92, 0xeb, 0x7d, 0x13, 0xe4,
-    0xe0, 0x64, 0xa7, 0x45, 0xf4, 0x51, 0xcb, 0x6e, 0xdf, 0xc3, 0x7c, 0x57,
-    0xf3, 0x5e, 0x8d, 0x57,
-};
-static const struct drbg_kat_no_reseed kat123_nor_t = {
-    2, kat123_nor_entropyin, kat123_nor_nonce, kat123_nor_persstr,
-    kat123_nor_addin0, kat123_nor_addin1, kat123_nor_retbytes
-};
-static const struct drbg_kat kat123_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat123_nor_t
-};
-
-static const unsigned char kat124_nor_entropyin[] = {
-    0x2c, 0x6b, 0x05, 0xd1, 0xc8, 0x6a, 0xae, 0x86, 0xa8, 0x9e, 0x81, 0x64,
-    0x82, 0x98, 0x32, 0x36,
-};
-static const unsigned char kat124_nor_nonce[] = {
-    0x33, 0x85, 0xd9, 0x29, 0xad, 0xe9, 0x96, 0xe8,
-};
-static const unsigned char kat124_nor_persstr[] = {0};
-static const unsigned char kat124_nor_addin0[] = {0};
-static const unsigned char kat124_nor_addin1[] = {0};
-static const unsigned char kat124_nor_retbytes[] = {
-    0x52, 0x56, 0xa6, 0x44, 0x29, 0xa5, 0x56, 0xd1, 0xa9, 0x1d, 0x58, 0x99,
-    0x9c, 0x75, 0xb3, 0x6d, 0xe7, 0xcc, 0x01, 0xf7, 0x46, 0x3c, 0x4e, 0x24,
-    0xaf, 0xd1, 0x5d, 0xe0, 0xa3, 0x5d, 0xcb, 0x5a, 0xda, 0x26, 0x79, 0x13,
-    0x4f, 0x15, 0xf4, 0xc5, 0x1d, 0xc0, 0x6b, 0x34, 0x45, 0x4d, 0x6d, 0xca,
-    0xa1, 0xd2, 0x51, 0x1c, 0x1d, 0x22, 0x6f, 0x23, 0x2f, 0x44, 0x52, 0x76,
-    0x25, 0x57, 0x51, 0xe6,
-};
-static const struct drbg_kat_no_reseed kat124_nor_t = {
-    3, kat124_nor_entropyin, kat124_nor_nonce, kat124_nor_persstr,
-    kat124_nor_addin0, kat124_nor_addin1, kat124_nor_retbytes
-};
-static const struct drbg_kat kat124_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat124_nor_t
-};
-
-static const unsigned char kat125_nor_entropyin[] = {
-    0x48, 0xba, 0xb2, 0xf8, 0x2d, 0x80, 0x59, 0x7f, 0x93, 0xad, 0xdb, 0x7e,
-    0x1f, 0x0f, 0x2e, 0x72,
-};
-static const unsigned char kat125_nor_nonce[] = {
-    0xf5, 0xf4, 0x90, 0x18, 0xe8, 0x55, 0x9b, 0x0a,
-};
-static const unsigned char kat125_nor_persstr[] = {0};
-static const unsigned char kat125_nor_addin0[] = {0};
-static const unsigned char kat125_nor_addin1[] = {0};
-static const unsigned char kat125_nor_retbytes[] = {
-    0xfa, 0x32, 0x3d, 0x2d, 0xae, 0x96, 0x74, 0xd8, 0x0b, 0xd2, 0xf1, 0x42,
-    0x7c, 0x1c, 0x79, 0x53, 0x2b, 0x23, 0x74, 0xed, 0x1f, 0xb3, 0xa1, 0x3c,
-    0x62, 0x06, 0x05, 0x04, 0x8a, 0xc5, 0x78, 0xb3, 0x07, 0x0c, 0x67, 0x48,
-    0x31, 0x4e, 0x5e, 0xd1, 0xdb, 0xd3, 0xea, 0xaa, 0x64, 0x1e, 0x50, 0x5c,
-    0x3d, 0x3f, 0x59, 0xfa, 0xc2, 0x5d, 0x89, 0x7b, 0xf3, 0x94, 0xdc, 0xad,
-    0xb6, 0x3b, 0x7f, 0xf9,
-};
-static const struct drbg_kat_no_reseed kat125_nor_t = {
-    4, kat125_nor_entropyin, kat125_nor_nonce, kat125_nor_persstr,
-    kat125_nor_addin0, kat125_nor_addin1, kat125_nor_retbytes
-};
-static const struct drbg_kat kat125_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat125_nor_t
-};
-
-static const unsigned char kat126_nor_entropyin[] = {
-    0xad, 0x7a, 0xff, 0x42, 0x24, 0xe9, 0x3f, 0x32, 0x35, 0x45, 0x41, 0x6a,
-    0x1e, 0x56, 0x97, 0xce,
-};
-static const unsigned char kat126_nor_nonce[] = {
-    0x9c, 0xc1, 0x2c, 0xe2, 0xed, 0x5e, 0x8d, 0x1c,
-};
-static const unsigned char kat126_nor_persstr[] = {0};
-static const unsigned char kat126_nor_addin0[] = {0};
-static const unsigned char kat126_nor_addin1[] = {0};
-static const unsigned char kat126_nor_retbytes[] = {
-    0x36, 0xc7, 0x22, 0x23, 0xb9, 0x24, 0x4c, 0xdb, 0x2c, 0x2c, 0x0d, 0xd5,
-    0xa5, 0x97, 0x06, 0x55, 0x8e, 0x2e, 0x5a, 0x11, 0x84, 0x5c, 0xab, 0xf9,
-    0x54, 0x5c, 0xd4, 0xad, 0x08, 0x15, 0x4a, 0x46, 0x70, 0x3a, 0xe7, 0x50,
-    0xb7, 0xf0, 0xc4, 0xf5, 0xbb, 0x33, 0xac, 0xd3, 0xc3, 0x81, 0xe5, 0xee,
-    0x4c, 0xe0, 0x99, 0x16, 0x43, 0x11, 0x44, 0xe8, 0x51, 0x5f, 0xed, 0x91,
-    0x4d, 0x5c, 0x5b, 0x5e,
-};
-static const struct drbg_kat_no_reseed kat126_nor_t = {
-    5, kat126_nor_entropyin, kat126_nor_nonce, kat126_nor_persstr,
-    kat126_nor_addin0, kat126_nor_addin1, kat126_nor_retbytes
-};
-static const struct drbg_kat kat126_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat126_nor_t
-};
-
-static const unsigned char kat127_nor_entropyin[] = {
-    0x29, 0x9c, 0x01, 0xd3, 0xa2, 0xf1, 0x32, 0x3d, 0xf7, 0x53, 0xcf, 0x14,
-    0x84, 0x5e, 0x0d, 0xe5,
-};
-static const unsigned char kat127_nor_nonce[] = {
-    0x51, 0x1e, 0x36, 0x23, 0x2a, 0x11, 0x29, 0x1d,
-};
-static const unsigned char kat127_nor_persstr[] = {0};
-static const unsigned char kat127_nor_addin0[] = {0};
-static const unsigned char kat127_nor_addin1[] = {0};
-static const unsigned char kat127_nor_retbytes[] = {
-    0x77, 0x09, 0xfd, 0xc6, 0x27, 0x8d, 0xb4, 0x4b, 0x21, 0xd3, 0x9a, 0x19,
-    0x4b, 0x80, 0x6e, 0x48, 0xe7, 0xfe, 0x3e, 0x9a, 0xe1, 0x16, 0xe2, 0x38,
-    0xc2, 0x05, 0xc2, 0xc3, 0x45, 0x98, 0x1c, 0xe8, 0x1f, 0x25, 0x57, 0x13,
-    0x59, 0x7c, 0xec, 0x2b, 0x3a, 0xd3, 0x91, 0x0f, 0x2b, 0x67, 0x42, 0xae,
-    0xa6, 0x64, 0x04, 0x71, 0x2d, 0xf8, 0x32, 0x8d, 0x2f, 0x2d, 0x19, 0x48,
-    0x41, 0x30, 0x97, 0xdb,
-};
-static const struct drbg_kat_no_reseed kat127_nor_t = {
-    6, kat127_nor_entropyin, kat127_nor_nonce, kat127_nor_persstr,
-    kat127_nor_addin0, kat127_nor_addin1, kat127_nor_retbytes
-};
-static const struct drbg_kat kat127_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat127_nor_t
-};
-
-static const unsigned char kat128_nor_entropyin[] = {
-    0xb6, 0xee, 0x77, 0x79, 0x99, 0x4b, 0xa8, 0xcd, 0x49, 0x0a, 0x03, 0xcf,
-    0x68, 0x99, 0xb1, 0x35,
-};
-static const unsigned char kat128_nor_nonce[] = {
-    0x66, 0xed, 0xa9, 0xb5, 0xa5, 0x4d, 0x7d, 0xed,
-};
-static const unsigned char kat128_nor_persstr[] = {0};
-static const unsigned char kat128_nor_addin0[] = {0};
-static const unsigned char kat128_nor_addin1[] = {0};
-static const unsigned char kat128_nor_retbytes[] = {
-    0x4e, 0x21, 0xb4, 0x8f, 0xde, 0x08, 0x22, 0x63, 0xd7, 0x6a, 0x10, 0x34,
-    0xe8, 0x7a, 0x56, 0x6e, 0x1a, 0x1c, 0x9d, 0x2e, 0x1b, 0xd5, 0xc7, 0x48,
-    0xe3, 0x0e, 0x1d, 0x87, 0x50, 0xf2, 0xff, 0x03, 0x93, 0x1c, 0x4b, 0xfe,
-    0x19, 0x4d, 0x2d, 0xa4, 0xed, 0x1c, 0xf1, 0x53, 0x03, 0x01, 0xe5, 0xb1,
-    0xab, 0xc4, 0xbd, 0x2b, 0xda, 0x7b, 0xe8, 0x92, 0x84, 0xf8, 0xc2, 0x19,
-    0x36, 0x88, 0xc9, 0x82,
-};
-static const struct drbg_kat_no_reseed kat128_nor_t = {
-    7, kat128_nor_entropyin, kat128_nor_nonce, kat128_nor_persstr,
-    kat128_nor_addin0, kat128_nor_addin1, kat128_nor_retbytes
-};
-static const struct drbg_kat kat128_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat128_nor_t
-};
-
-static const unsigned char kat129_nor_entropyin[] = {
-    0xe3, 0xcc, 0xb9, 0x91, 0xc3, 0xe1, 0xb3, 0xed, 0xa0, 0xb4, 0x0b, 0x51,
-    0x42, 0xac, 0x84, 0xd3,
-};
-static const unsigned char kat129_nor_nonce[] = {
-    0x99, 0x87, 0x57, 0xe0, 0x0d, 0xa2, 0xb9, 0xef,
-};
-static const unsigned char kat129_nor_persstr[] = {0};
-static const unsigned char kat129_nor_addin0[] = {0};
-static const unsigned char kat129_nor_addin1[] = {0};
-static const unsigned char kat129_nor_retbytes[] = {
-    0xd3, 0x2b, 0xc1, 0x90, 0x99, 0x8f, 0x18, 0xe9, 0xd5, 0x50, 0x9f, 0x46,
-    0x02, 0x29, 0x05, 0xd0, 0x11, 0xbb, 0xec, 0x77, 0x4f, 0x05, 0x83, 0x69,
-    0x1d, 0x48, 0x12, 0x43, 0x79, 0xe8, 0x1d, 0x99, 0xf0, 0xcd, 0xd4, 0x61,
-    0x38, 0xbc, 0xcc, 0x47, 0xeb, 0x77, 0x3f, 0x25, 0x7a, 0x66, 0x2b, 0x79,
-    0x8f, 0xab, 0x27, 0x58, 0x86, 0x94, 0x89, 0x36, 0xbc, 0xe7, 0x2d, 0xbd,
-    0x2c, 0x61, 0x88, 0xac,
-};
-static const struct drbg_kat_no_reseed kat129_nor_t = {
-    8, kat129_nor_entropyin, kat129_nor_nonce, kat129_nor_persstr,
-    kat129_nor_addin0, kat129_nor_addin1, kat129_nor_retbytes
-};
-static const struct drbg_kat kat129_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat129_nor_t
-};
-
-static const unsigned char kat130_nor_entropyin[] = {
-    0xc3, 0x4e, 0x39, 0x80, 0x41, 0xcc, 0xee, 0x23, 0x89, 0x7f, 0x7c, 0xa3,
-    0x43, 0xf3, 0x56, 0x40,
-};
-static const unsigned char kat130_nor_nonce[] = {
-    0xa2, 0x4f, 0x8e, 0xa0, 0x88, 0x6b, 0xf6, 0xbf,
-};
-static const unsigned char kat130_nor_persstr[] = {0};
-static const unsigned char kat130_nor_addin0[] = {0};
-static const unsigned char kat130_nor_addin1[] = {0};
-static const unsigned char kat130_nor_retbytes[] = {
-    0x5f, 0xf0, 0xda, 0xef, 0x30, 0x04, 0xc5, 0x03, 0xb8, 0x09, 0x8e, 0x3b,
-    0x96, 0x8a, 0x8e, 0x32, 0x33, 0x19, 0xbe, 0x78, 0x6c, 0x7b, 0x74, 0x2a,
-    0xac, 0xee, 0x35, 0x5f, 0x1a, 0x3c, 0x9d, 0xe7, 0x50, 0x61, 0x10, 0x8e,
-    0x79, 0x18, 0x13, 0x61, 0xf2, 0xe3, 0x30, 0x6a, 0xf0, 0x7b, 0xcd, 0xed,
-    0x10, 0xe3, 0x2d, 0xef, 0x1b, 0x7b, 0xb3, 0xe4, 0xeb, 0xc1, 0x70, 0x96,
-    0xc6, 0x93, 0x30, 0x58,
-};
-static const struct drbg_kat_no_reseed kat130_nor_t = {
-    9, kat130_nor_entropyin, kat130_nor_nonce, kat130_nor_persstr,
-    kat130_nor_addin0, kat130_nor_addin1, kat130_nor_retbytes
-};
-static const struct drbg_kat kat130_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat130_nor_t
-};
-
-static const unsigned char kat131_nor_entropyin[] = {
-    0xfc, 0x1f, 0xd2, 0x5c, 0xed, 0x5b, 0xd3, 0x0a, 0x62, 0x1c, 0xd4, 0xae,
-    0x77, 0x96, 0x80, 0xad,
-};
-static const unsigned char kat131_nor_nonce[] = {
-    0xaf, 0x17, 0xa9, 0xc9, 0x74, 0xb3, 0x6e, 0x6c,
-};
-static const unsigned char kat131_nor_persstr[] = {0};
-static const unsigned char kat131_nor_addin0[] = {0};
-static const unsigned char kat131_nor_addin1[] = {0};
-static const unsigned char kat131_nor_retbytes[] = {
-    0x59, 0xf9, 0x9d, 0x08, 0x57, 0x49, 0x36, 0x74, 0x78, 0x68, 0x4a, 0x5d,
-    0xdc, 0x8f, 0xe1, 0x81, 0xb9, 0x7a, 0x4e, 0x67, 0xfd, 0xe5, 0xc1, 0x51,
-    0xc4, 0x69, 0x6d, 0x52, 0x3d, 0x7c, 0x14, 0xb7, 0x26, 0x89, 0xa9, 0x5a,
-    0x5b, 0x60, 0x92, 0xe9, 0x49, 0xdd, 0x16, 0x3b, 0xd8, 0xf9, 0xe4, 0x57,
-    0x27, 0xd2, 0xb8, 0xa3, 0x1e, 0xd2, 0x88, 0xc8, 0xc6, 0x22, 0x9e, 0x8b,
-    0xe6, 0x80, 0x8e, 0xc8,
-};
-static const struct drbg_kat_no_reseed kat131_nor_t = {
-    10, kat131_nor_entropyin, kat131_nor_nonce, kat131_nor_persstr,
-    kat131_nor_addin0, kat131_nor_addin1, kat131_nor_retbytes
-};
-static const struct drbg_kat kat131_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat131_nor_t
-};
-
-static const unsigned char kat132_nor_entropyin[] = {
-    0x72, 0xc0, 0xe2, 0x3d, 0x92, 0x07, 0x0a, 0x8b, 0xab, 0x70, 0x7f, 0x65,
-    0xd5, 0x95, 0x18, 0x6d,
-};
-static const unsigned char kat132_nor_nonce[] = {
-    0x1a, 0x63, 0xdc, 0xfc, 0x52, 0xe5, 0x5c, 0x58,
-};
-static const unsigned char kat132_nor_persstr[] = {0};
-static const unsigned char kat132_nor_addin0[] = {0};
-static const unsigned char kat132_nor_addin1[] = {0};
-static const unsigned char kat132_nor_retbytes[] = {
-    0x49, 0xfe, 0xc2, 0x67, 0x58, 0x85, 0xd5, 0x4a, 0x4c, 0x6b, 0x10, 0x1f,
-    0x29, 0x19, 0x45, 0xc7, 0x35, 0xad, 0x9c, 0x2d, 0xb5, 0x1a, 0x63, 0xb9,
-    0x41, 0xbc, 0x18, 0x2e, 0xe5, 0x1f, 0xd8, 0xfd, 0x84, 0xb8, 0xc6, 0x33,
-    0x7b, 0x0f, 0x77, 0xf3, 0x10, 0xca, 0x50, 0x69, 0x3b, 0x91, 0xb5, 0x90,
-    0xe3, 0xef, 0x65, 0x5b, 0xe7, 0xad, 0x76, 0x21, 0xed, 0x21, 0xff, 0x39,
-    0xd3, 0x29, 0x2e, 0xfd,
-};
-static const struct drbg_kat_no_reseed kat132_nor_t = {
-    11, kat132_nor_entropyin, kat132_nor_nonce, kat132_nor_persstr,
-    kat132_nor_addin0, kat132_nor_addin1, kat132_nor_retbytes
-};
-static const struct drbg_kat kat132_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat132_nor_t
-};
-
-static const unsigned char kat133_nor_entropyin[] = {
-    0xa0, 0x90, 0x91, 0xca, 0x32, 0x80, 0xf7, 0xf5, 0x83, 0x76, 0xbf, 0x68,
-    0x0d, 0xe1, 0x11, 0x92,
-};
-static const unsigned char kat133_nor_nonce[] = {
-    0x1d, 0x08, 0xdc, 0x0d, 0x06, 0x00, 0x95, 0xb3,
-};
-static const unsigned char kat133_nor_persstr[] = {0};
-static const unsigned char kat133_nor_addin0[] = {0};
-static const unsigned char kat133_nor_addin1[] = {0};
-static const unsigned char kat133_nor_retbytes[] = {
-    0x0d, 0x59, 0xac, 0xa0, 0x23, 0x64, 0x7f, 0x0b, 0xf2, 0x68, 0x81, 0xd9,
-    0x12, 0x6b, 0xab, 0x8c, 0x7f, 0xea, 0x92, 0x2d, 0x2b, 0x4c, 0x24, 0xf1,
-    0xdc, 0xc0, 0xbf, 0xf8, 0x7a, 0x3d, 0x0d, 0x1b, 0x1d, 0xa0, 0xe8, 0x75,
-    0x62, 0x6a, 0x56, 0x42, 0x61, 0x86, 0xef, 0xd0, 0x07, 0x1f, 0x5a, 0x78,
-    0x9f, 0xbf, 0x35, 0xfa, 0x8b, 0xfc, 0x85, 0xaf, 0xaf, 0xd3, 0xaf, 0x6c,
-    0x9c, 0x7c, 0xd0, 0x7a,
-};
-static const struct drbg_kat_no_reseed kat133_nor_t = {
-    12, kat133_nor_entropyin, kat133_nor_nonce, kat133_nor_persstr,
-    kat133_nor_addin0, kat133_nor_addin1, kat133_nor_retbytes
-};
-static const struct drbg_kat kat133_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat133_nor_t
-};
-
-static const unsigned char kat134_nor_entropyin[] = {
-    0x8b, 0x41, 0x75, 0xd0, 0xa1, 0x95, 0x39, 0xef, 0x3d, 0x5d, 0x40, 0x84,
-    0x6c, 0xb4, 0x0a, 0xb3,
-};
-static const unsigned char kat134_nor_nonce[] = {
-    0x8c, 0x31, 0x0d, 0x43, 0x1c, 0xf0, 0x0b, 0x3e,
-};
-static const unsigned char kat134_nor_persstr[] = {0};
-static const unsigned char kat134_nor_addin0[] = {0};
-static const unsigned char kat134_nor_addin1[] = {0};
-static const unsigned char kat134_nor_retbytes[] = {
-    0x92, 0xb3, 0xb0, 0xe5, 0x7a, 0xe4, 0xce, 0xfc, 0x40, 0xd6, 0xe5, 0xfa,
-    0x0d, 0x9f, 0xa8, 0x5c, 0x97, 0x0c, 0x2d, 0xd0, 0xcd, 0x4e, 0x04, 0xd7,
-    0x27, 0x27, 0x56, 0x63, 0x4b, 0x84, 0xcc, 0x20, 0xc5, 0x36, 0x8f, 0x3a,
-    0x7b, 0x3e, 0x12, 0x11, 0xc5, 0xfa, 0x2e, 0x63, 0x35, 0x43, 0x6b, 0x88,
-    0x58, 0x2d, 0x04, 0x8b, 0xc7, 0x6a, 0x7c, 0x19, 0xbb, 0xfe, 0xc1, 0x35,
-    0xa1, 0x05, 0x5c, 0xbd,
-};
-static const struct drbg_kat_no_reseed kat134_nor_t = {
-    13, kat134_nor_entropyin, kat134_nor_nonce, kat134_nor_persstr,
-    kat134_nor_addin0, kat134_nor_addin1, kat134_nor_retbytes
-};
-static const struct drbg_kat kat134_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat134_nor_t
-};
-
-static const unsigned char kat135_nor_entropyin[] = {
-    0x68, 0xc8, 0x53, 0xb9, 0x12, 0x9c, 0xb2, 0x0a, 0x3d, 0xdf, 0x11, 0xe7,
-    0x8a, 0x58, 0x75, 0xba,
-};
-static const unsigned char kat135_nor_nonce[] = {
-    0xf5, 0xab, 0x54, 0x86, 0x05, 0xa5, 0x11, 0x03,
-};
-static const unsigned char kat135_nor_persstr[] = {0};
-static const unsigned char kat135_nor_addin0[] = {0};
-static const unsigned char kat135_nor_addin1[] = {0};
-static const unsigned char kat135_nor_retbytes[] = {
-    0x43, 0xcf, 0xb0, 0x3a, 0x51, 0xd7, 0xda, 0x40, 0xb3, 0x94, 0x68, 0x36,
-    0x1c, 0x2e, 0xe0, 0x78, 0x81, 0x90, 0x75, 0x87, 0x2f, 0x4f, 0x7c, 0x5d,
-    0x2b, 0x09, 0xef, 0x39, 0x91, 0x46, 0x02, 0xa7, 0x2a, 0x62, 0xc6, 0x3e,
-    0x29, 0x38, 0x3f, 0xbb, 0x9e, 0x45, 0x0f, 0xb2, 0xae, 0xf3, 0x2e, 0xb9,
-    0xf3, 0x70, 0xcb, 0xbc, 0x1a, 0xb4, 0x70, 0x8a, 0x5d, 0x28, 0x98, 0xdf,
-    0x8a, 0xe4, 0xf6, 0x26,
-};
-static const struct drbg_kat_no_reseed kat135_nor_t = {
-    14, kat135_nor_entropyin, kat135_nor_nonce, kat135_nor_persstr,
-    kat135_nor_addin0, kat135_nor_addin1, kat135_nor_retbytes
-};
-static const struct drbg_kat kat135_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat135_nor_t
-};
-
-static const unsigned char kat136_nor_entropyin[] = {
-    0x9b, 0xfa, 0xef, 0xb6, 0x98, 0xb1, 0xb5, 0xfc, 0xc6, 0x2d, 0xb2, 0xc1,
-    0x64, 0x98, 0xc3, 0x3a,
-};
-static const unsigned char kat136_nor_nonce[] = {
-    0x11, 0x1d, 0x86, 0x12, 0xa0, 0xf0, 0x4e, 0x2a,
-};
-static const unsigned char kat136_nor_persstr[] = {0};
-static const unsigned char kat136_nor_addin0[] = {
-    0xae, 0xdb, 0xe0, 0x28, 0x47, 0xb1, 0xb0, 0x8b, 0x6a, 0x67, 0x3b, 0xdf,
-    0x25, 0xb0, 0x22, 0x4c,
-};
-static const unsigned char kat136_nor_addin1[] = {
-    0x99, 0x01, 0xea, 0xd6, 0x2c, 0xe5, 0x65, 0x73, 0xb0, 0xf7, 0x1c, 0xd0,
-    0x20, 0xfe, 0x34, 0x69,
-};
-static const unsigned char kat136_nor_retbytes[] = {
-    0xdf, 0xf8, 0xbf, 0x2a, 0xec, 0x53, 0x1f, 0x85, 0x32, 0x60, 0x7e, 0x73,
-    0x8b, 0xd7, 0x9f, 0x91, 0xd6, 0x08, 0x5c, 0xb1, 0x95, 0x68, 0xb7, 0xb0,
-    0x24, 0x0c, 0xe6, 0xa6, 0xb3, 0x71, 0xa2, 0x82, 0xba, 0xfc, 0xdb, 0xa0,
-    0x21, 0x37, 0xdf, 0x99, 0x05, 0x35, 0xd9, 0xeb, 0xf0, 0xba, 0x77, 0x11,
-    0x77, 0x51, 0x62, 0x6b, 0x26, 0x78, 0xac, 0xa7, 0xbe, 0x4d, 0xec, 0xfd,
-    0x6b, 0x9d, 0x4b, 0x38,
-};
-static const struct drbg_kat_no_reseed kat136_nor_t = {
-    0, kat136_nor_entropyin, kat136_nor_nonce, kat136_nor_persstr,
-    kat136_nor_addin0, kat136_nor_addin1, kat136_nor_retbytes
-};
-static const struct drbg_kat kat136_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat136_nor_t
-};
-
-static const unsigned char kat137_nor_entropyin[] = {
-    0xdf, 0x99, 0x3f, 0xed, 0xd5, 0x96, 0x74, 0xa8, 0x7a, 0x15, 0x14, 0x7b,
-    0x80, 0xbe, 0x37, 0xae,
-};
-static const unsigned char kat137_nor_nonce[] = {
-    0x22, 0xb3, 0x31, 0x5a, 0xcc, 0xf1, 0xad, 0x13,
-};
-static const unsigned char kat137_nor_persstr[] = {0};
-static const unsigned char kat137_nor_addin0[] = {
-    0x9f, 0x9b, 0x94, 0x09, 0x04, 0x8a, 0x71, 0x17, 0x45, 0xc7, 0xef, 0x7a,
-    0x6d, 0xdd, 0xc1, 0x7d,
-};
-static const unsigned char kat137_nor_addin1[] = {
-    0xc5, 0x60, 0x68, 0x5b, 0xd4, 0x9c, 0x05, 0x9f, 0x04, 0x38, 0xe9, 0xdf,
-    0xf6, 0x2d, 0x82, 0xd7,
-};
-static const unsigned char kat137_nor_retbytes[] = {
-    0x04, 0xd7, 0x4f, 0xa1, 0xb6, 0x9d, 0xe6, 0x89, 0x3a, 0x47, 0xbf, 0xb0,
-    0xb6, 0xae, 0x58, 0xa7, 0x98, 0x4b, 0xbb, 0x08, 0x8f, 0xce, 0x62, 0x0b,
-    0x9d, 0x8e, 0xbc, 0x0b, 0x54, 0xcd, 0xdb, 0xca, 0x00, 0x45, 0xd7, 0x5d,
-    0x5b, 0x04, 0x6f, 0xcd, 0x88, 0x95, 0xc1, 0x6b, 0x05, 0x13, 0xaa, 0x52,
-    0x1b, 0x8d, 0x4a, 0xf2, 0x76, 0x78, 0x3d, 0x9d, 0x25, 0x77, 0xac, 0xb3,
-    0x2c, 0xea, 0xdb, 0x89,
-};
-static const struct drbg_kat_no_reseed kat137_nor_t = {
-    1, kat137_nor_entropyin, kat137_nor_nonce, kat137_nor_persstr,
-    kat137_nor_addin0, kat137_nor_addin1, kat137_nor_retbytes
-};
-static const struct drbg_kat kat137_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat137_nor_t
-};
-
-static const unsigned char kat138_nor_entropyin[] = {
-    0xdb, 0x4f, 0xae, 0x0c, 0x43, 0x02, 0xeb, 0xe8, 0x4f, 0x2a, 0x28, 0xad,
-    0x98, 0x4d, 0xae, 0xc1,
-};
-static const unsigned char kat138_nor_nonce[] = {
-    0x07, 0x9e, 0xbf, 0x0f, 0x00, 0x93, 0xcd, 0xb2,
-};
-static const unsigned char kat138_nor_persstr[] = {0};
-static const unsigned char kat138_nor_addin0[] = {
-    0x2f, 0xfb, 0x64, 0x85, 0xac, 0xe2, 0xad, 0x77, 0xd5, 0xf8, 0xad, 0xbd,
-    0x09, 0xb3, 0xf3, 0x72,
-};
-static const unsigned char kat138_nor_addin1[] = {
-    0xf4, 0xb8, 0x44, 0x74, 0x3d, 0x00, 0x65, 0xa0, 0x38, 0x98, 0x80, 0x49,
-    0xf6, 0xaa, 0x53, 0xb5,
-};
-static const unsigned char kat138_nor_retbytes[] = {
-    0xcb, 0x8e, 0x71, 0x44, 0x8f, 0xf7, 0x91, 0x1e, 0x5c, 0xae, 0xa7, 0xd5,
-    0x4a, 0x12, 0x94, 0x5e, 0xd3, 0x4b, 0xea, 0x42, 0xdb, 0xb6, 0x57, 0x3b,
-    0xf8, 0x42, 0x0d, 0xbb, 0x6b, 0xae, 0x6a, 0x11, 0xe0, 0x24, 0x82, 0x92,
-    0xc9, 0xd9, 0x3d, 0xa3, 0x09, 0x68, 0x56, 0xe0, 0xf2, 0x94, 0x18, 0xf1,
-    0xc8, 0x0d, 0x13, 0x8b, 0x34, 0x15, 0x66, 0x7b, 0xfb, 0x45, 0x6b, 0x08,
-    0x9f, 0x26, 0x62, 0x1a,
-};
-static const struct drbg_kat_no_reseed kat138_nor_t = {
-    2, kat138_nor_entropyin, kat138_nor_nonce, kat138_nor_persstr,
-    kat138_nor_addin0, kat138_nor_addin1, kat138_nor_retbytes
-};
-static const struct drbg_kat kat138_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat138_nor_t
-};
-
-static const unsigned char kat139_nor_entropyin[] = {
-    0xa4, 0x23, 0x48, 0xf1, 0xbe, 0xc0, 0x6f, 0x58, 0x36, 0xfc, 0xa0, 0x60,
-    0x66, 0x14, 0x34, 0xc0,
-};
-static const unsigned char kat139_nor_nonce[] = {
-    0x2f, 0x70, 0xf6, 0xa2, 0xe7, 0xd0, 0xb4, 0x36,
-};
-static const unsigned char kat139_nor_persstr[] = {0};
-static const unsigned char kat139_nor_addin0[] = {
-    0x54, 0x70, 0x91, 0xef, 0x85, 0xb0, 0x13, 0xf3, 0xf5, 0xdc, 0x82, 0x2a,
-    0x5b, 0x3f, 0x27, 0xf9,
-};
-static const unsigned char kat139_nor_addin1[] = {
-    0x2c, 0xa9, 0x9e, 0xe7, 0x97, 0xf4, 0xa9, 0xb1, 0x67, 0x88, 0xd2, 0x98,
-    0xbb, 0xa2, 0xd1, 0x83,
-};
-static const unsigned char kat139_nor_retbytes[] = {
-    0x4b, 0x41, 0xed, 0x62, 0x81, 0xa8, 0x1d, 0x44, 0x2a, 0x8c, 0xb0, 0x3a,
-    0x81, 0x45, 0xfe, 0x78, 0x86, 0x3d, 0x25, 0xd7, 0xee, 0x70, 0xe7, 0x2d,
-    0x4d, 0x3a, 0xfd, 0x51, 0x68, 0x16, 0x48, 0x76, 0xa6, 0x6b, 0x5a, 0xca,
-    0x31, 0x8c, 0x9c, 0x91, 0x17, 0x23, 0x05, 0xe3, 0x88, 0xe1, 0xda, 0xc3,
-    0x86, 0xcb, 0xab, 0x6d, 0x15, 0x0a, 0x39, 0x12, 0x36, 0x9c, 0x93, 0x90,
-    0x08, 0x6b, 0xd7, 0x44,
-};
-static const struct drbg_kat_no_reseed kat139_nor_t = {
-    3, kat139_nor_entropyin, kat139_nor_nonce, kat139_nor_persstr,
-    kat139_nor_addin0, kat139_nor_addin1, kat139_nor_retbytes
-};
-static const struct drbg_kat kat139_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat139_nor_t
-};
-
-static const unsigned char kat140_nor_entropyin[] = {
-    0x14, 0x83, 0xb9, 0x8e, 0x08, 0xc0, 0x40, 0x12, 0xb0, 0x3f, 0x1f, 0x61,
-    0x02, 0xa2, 0x83, 0x06,
-};
-static const unsigned char kat140_nor_nonce[] = {
-    0x89, 0xe6, 0x7c, 0xa1, 0xda, 0x05, 0xdd, 0x4f,
-};
-static const unsigned char kat140_nor_persstr[] = {0};
-static const unsigned char kat140_nor_addin0[] = {
-    0x30, 0x85, 0x9e, 0xcc, 0x30, 0x25, 0x04, 0x79, 0x30, 0xb3, 0x85, 0x3a,
-    0xe6, 0x8a, 0xbd, 0xa2,
-};
-static const unsigned char kat140_nor_addin1[] = {
-    0xf5, 0x05, 0x57, 0xf0, 0x40, 0x29, 0x28, 0x6c, 0xaf, 0xb2, 0xfc, 0xbf,
-    0x14, 0x64, 0xe4, 0xe5,
-};
-static const unsigned char kat140_nor_retbytes[] = {
-    0x45, 0xac, 0xf5, 0x2f, 0xf5, 0x69, 0xcc, 0x48, 0x15, 0x95, 0x88, 0x01,
-    0x62, 0x89, 0x3b, 0x57, 0x9b, 0xe4, 0x05, 0x43, 0xc5, 0x6a, 0x94, 0xb7,
-    0x18, 0x4b, 0xc9, 0x92, 0xd1, 0xdf, 0x37, 0x85, 0x18, 0xf9, 0x3f, 0xb4,
-    0xd9, 0x75, 0x5d, 0x86, 0x58, 0xe9, 0x72, 0x2b, 0x34, 0x79, 0x53, 0x6b,
-    0xa4, 0x83, 0x9a, 0x8e, 0xee, 0x7a, 0x65, 0x5f, 0xed, 0x88, 0x4a, 0xaf,
-    0x5a, 0x55, 0x6e, 0xb7,
-};
-static const struct drbg_kat_no_reseed kat140_nor_t = {
-    4, kat140_nor_entropyin, kat140_nor_nonce, kat140_nor_persstr,
-    kat140_nor_addin0, kat140_nor_addin1, kat140_nor_retbytes
-};
-static const struct drbg_kat kat140_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat140_nor_t
-};
-
-static const unsigned char kat141_nor_entropyin[] = {
-    0xbe, 0x9f, 0xcd, 0xd7, 0x11, 0xce, 0x1b, 0x0a, 0x3c, 0x97, 0xb1, 0xac,
-    0x19, 0x79, 0x20, 0x7d,
-};
-static const unsigned char kat141_nor_nonce[] = {
-    0xa8, 0x02, 0x94, 0xb5, 0xd6, 0x59, 0xff, 0xb4,
-};
-static const unsigned char kat141_nor_persstr[] = {0};
-static const unsigned char kat141_nor_addin0[] = {
-    0xb2, 0x0c, 0x04, 0x54, 0x6a, 0x0c, 0x6a, 0x5e, 0x6b, 0x95, 0x63, 0x7c,
-    0x96, 0x0b, 0xca, 0x63,
-};
-static const unsigned char kat141_nor_addin1[] = {
-    0x67, 0x07, 0xcc, 0x21, 0x7f, 0xb1, 0x98, 0xaf, 0x85, 0x2e, 0x06, 0xdb,
-    0x14, 0x61, 0x58, 0x05,
-};
-static const unsigned char kat141_nor_retbytes[] = {
-    0x6b, 0x62, 0x0c, 0x76, 0xf0, 0xb1, 0xa4, 0xa3, 0xd7, 0xf0, 0xf6, 0x0a,
-    0x76, 0x45, 0x81, 0x1b, 0xb7, 0x9b, 0xf1, 0x84, 0x77, 0xf8, 0x5b, 0x94,
-    0xf0, 0xee, 0x09, 0xe0, 0xc6, 0x8b, 0x0f, 0xdb, 0x3e, 0x11, 0xd8, 0xe5,
-    0x8a, 0x34, 0xd2, 0x4f, 0xe3, 0x6e, 0x8b, 0x7e, 0xa7, 0x2a, 0x26, 0xb6,
-    0xcb, 0x92, 0xd9, 0x87, 0xc5, 0x81, 0xab, 0x48, 0xe5, 0xfb, 0x8f, 0xb7,
-    0x0f, 0x76, 0x5f, 0x5f,
-};
-static const struct drbg_kat_no_reseed kat141_nor_t = {
-    5, kat141_nor_entropyin, kat141_nor_nonce, kat141_nor_persstr,
-    kat141_nor_addin0, kat141_nor_addin1, kat141_nor_retbytes
-};
-static const struct drbg_kat kat141_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat141_nor_t
-};
-
-static const unsigned char kat142_nor_entropyin[] = {
-    0xa5, 0x8e, 0xb5, 0x4d, 0x10, 0x9b, 0x51, 0x4d, 0xb3, 0x38, 0xfc, 0xce,
-    0xa2, 0x8e, 0xf2, 0xea,
-};
-static const unsigned char kat142_nor_nonce[] = {
-    0x91, 0x2d, 0x24, 0xa1, 0xd8, 0x1d, 0xe7, 0xdc,
-};
-static const unsigned char kat142_nor_persstr[] = {0};
-static const unsigned char kat142_nor_addin0[] = {
-    0x59, 0xd4, 0x59, 0xb0, 0x73, 0x52, 0x60, 0x21, 0xec, 0x45, 0x51, 0x12,
-    0x56, 0xcf, 0xb3, 0x58,
-};
-static const unsigned char kat142_nor_addin1[] = {
-    0xf7, 0x9f, 0x7e, 0x5a, 0x2a, 0x79, 0x1a, 0x39, 0xbb, 0x32, 0xb6, 0xb1,
-    0x5f, 0xe0, 0x14, 0x61,
-};
-static const unsigned char kat142_nor_retbytes[] = {
-    0xc1, 0x26, 0xd4, 0x09, 0xc2, 0x0d, 0x5d, 0x3d, 0x4c, 0x79, 0x46, 0x12,
-    0x56, 0xf5, 0x40, 0x3d, 0x1c, 0xc5, 0x9b, 0xcf, 0x11, 0xa4, 0xa6, 0x16,
-    0xab, 0xf0, 0x65, 0x30, 0x32, 0xe0, 0x45, 0x0a, 0x11, 0xf3, 0x2f, 0x38,
-    0x16, 0xc3, 0x51, 0x91, 0x2f, 0xe8, 0xe3, 0x00, 0x84, 0xed, 0x34, 0xdb,
-    0xcd, 0x0a, 0x9c, 0x95, 0xe1, 0xc0, 0x13, 0x62, 0xef, 0x61, 0x6d, 0xd2,
-    0x2a, 0x13, 0x7f, 0x72,
-};
-static const struct drbg_kat_no_reseed kat142_nor_t = {
-    6, kat142_nor_entropyin, kat142_nor_nonce, kat142_nor_persstr,
-    kat142_nor_addin0, kat142_nor_addin1, kat142_nor_retbytes
-};
-static const struct drbg_kat kat142_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat142_nor_t
-};
-
-static const unsigned char kat143_nor_entropyin[] = {
-    0xe0, 0xa5, 0xd9, 0x4d, 0x0c, 0xa9, 0x5a, 0x7b, 0x38, 0x0b, 0x99, 0x9c,
-    0x69, 0xd9, 0x01, 0x1c,
-};
-static const unsigned char kat143_nor_nonce[] = {
-    0x47, 0xcd, 0xc5, 0x5a, 0x19, 0x56, 0xaf, 0x8d,
-};
-static const unsigned char kat143_nor_persstr[] = {0};
-static const unsigned char kat143_nor_addin0[] = {
-    0xa9, 0x16, 0x84, 0xd0, 0x12, 0xdc, 0x48, 0x83, 0x0b, 0xe4, 0xcf, 0xae,
-    0xe2, 0xfc, 0x88, 0x54,
-};
-static const unsigned char kat143_nor_addin1[] = {
-    0xa0, 0x61, 0xc2, 0xb1, 0x3b, 0xf1, 0x00, 0x6d, 0x3b, 0xa2, 0xf2, 0x29,
-    0x7f, 0x95, 0x4f, 0xb5,
-};
-static const unsigned char kat143_nor_retbytes[] = {
-    0xe1, 0x36, 0xea, 0x57, 0x3d, 0x1d, 0x81, 0xec, 0xb7, 0x84, 0x2e, 0xc4,
-    0x3a, 0xf0, 0xb4, 0xb9, 0x78, 0x3f, 0x3f, 0xe4, 0xb1, 0xab, 0x90, 0x24,
-    0xc6, 0x2e, 0xae, 0xf0, 0x86, 0x0e, 0x81, 0x3d, 0x5a, 0x24, 0xf1, 0xa5,
-    0xfa, 0xb7, 0x4b, 0x8f, 0x1f, 0x66, 0x1b, 0x50, 0x39, 0x29, 0x02, 0x56,
-    0xd0, 0xe5, 0xaa, 0xa9, 0xe0, 0xfd, 0xab, 0x3a, 0x18, 0x9b, 0x2d, 0x66,
-    0x95, 0x89, 0x39, 0x99,
-};
-static const struct drbg_kat_no_reseed kat143_nor_t = {
-    7, kat143_nor_entropyin, kat143_nor_nonce, kat143_nor_persstr,
-    kat143_nor_addin0, kat143_nor_addin1, kat143_nor_retbytes
-};
-static const struct drbg_kat kat143_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat143_nor_t
-};
-
-static const unsigned char kat144_nor_entropyin[] = {
-    0x91, 0x8b, 0xda, 0x9e, 0x89, 0x72, 0x7b, 0xbd, 0x97, 0x04, 0x25, 0xc7,
-    0x48, 0x3e, 0xf1, 0xaf,
-};
-static const unsigned char kat144_nor_nonce[] = {
-    0xfc, 0x3b, 0xee, 0xec, 0x38, 0x0b, 0x02, 0xc2,
-};
-static const unsigned char kat144_nor_persstr[] = {0};
-static const unsigned char kat144_nor_addin0[] = {
-    0x6f, 0x48, 0x36, 0x73, 0xaf, 0x64, 0xbc, 0xd7, 0x4c, 0xfe, 0xff, 0x3f,
-    0x98, 0xb6, 0xcd, 0x5a,
-};
-static const unsigned char kat144_nor_addin1[] = {
-    0x15, 0xbd, 0x5e, 0xab, 0xba, 0x23, 0x2d, 0xf5, 0xa1, 0xb6, 0x03, 0xa2,
-    0xfc, 0x16, 0x39, 0xc0,
-};
-static const unsigned char kat144_nor_retbytes[] = {
-    0x43, 0x85, 0x55, 0x1a, 0x3a, 0x7d, 0xd9, 0x0d, 0x77, 0xa7, 0x65, 0xf7,
-    0xcb, 0x85, 0x9d, 0x80, 0xab, 0x6a, 0xc4, 0x84, 0x8e, 0x3b, 0xd9, 0x11,
-    0x01, 0xb4, 0x52, 0x32, 0x34, 0xca, 0x0f, 0x16, 0xc0, 0x6a, 0x45, 0x79,
-    0xa9, 0x7e, 0xa5, 0x1d, 0xb0, 0x37, 0xfd, 0x8b, 0x8c, 0x40, 0x83, 0xcd,
-    0xb6, 0xf4, 0xed, 0x97, 0x56, 0xf5, 0xa4, 0x48, 0x8b, 0xb5, 0xdf, 0xcf,
-    0x7a, 0x8f, 0x8a, 0x9a,
-};
-static const struct drbg_kat_no_reseed kat144_nor_t = {
-    8, kat144_nor_entropyin, kat144_nor_nonce, kat144_nor_persstr,
-    kat144_nor_addin0, kat144_nor_addin1, kat144_nor_retbytes
-};
-static const struct drbg_kat kat144_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat144_nor_t
-};
-
-static const unsigned char kat145_nor_entropyin[] = {
-    0xd8, 0xad, 0xd3, 0x82, 0xd4, 0xdc, 0x7a, 0x1d, 0x10, 0xd4, 0x63, 0x03,
-    0x17, 0x39, 0x18, 0x01,
-};
-static const unsigned char kat145_nor_nonce[] = {
-    0x6f, 0xc0, 0xb1, 0xa3, 0xaa, 0x2b, 0x3a, 0xdb,
-};
-static const unsigned char kat145_nor_persstr[] = {0};
-static const unsigned char kat145_nor_addin0[] = {
-    0x10, 0x1f, 0xcf, 0xd6, 0x60, 0x80, 0x75, 0xdc, 0xbb, 0xf2, 0xeb, 0xe8,
-    0x32, 0xd9, 0x6b, 0x13,
-};
-static const unsigned char kat145_nor_addin1[] = {
-    0x63, 0x2f, 0x7a, 0x11, 0xfb, 0xa9, 0x79, 0xd2, 0x97, 0x9e, 0x41, 0x7e,
-    0x2d, 0xed, 0x1d, 0x30,
-};
-static const unsigned char kat145_nor_retbytes[] = {
-    0xa6, 0xa1, 0x55, 0x95, 0xbb, 0xd8, 0x57, 0xbb, 0x62, 0x15, 0x04, 0xc8,
-    0x5f, 0x03, 0x03, 0x3c, 0xe4, 0x7b, 0x5d, 0xf8, 0x62, 0x96, 0xb8, 0x0d,
-    0x40, 0xd0, 0x09, 0xfe, 0x6c, 0x5e, 0x1f, 0xff, 0xf0, 0x84, 0x04, 0x56,
-    0x99, 0x0a, 0x14, 0xf3, 0xa1, 0xc4, 0x9c, 0x36, 0x73, 0x7b, 0x70, 0xb6,
-    0x2f, 0x40, 0x6f, 0xa3, 0xc5, 0x32, 0x95, 0x2f, 0xb2, 0x2e, 0xfc, 0x76,
-    0x00, 0x9a, 0x1b, 0x1a,
-};
-static const struct drbg_kat_no_reseed kat145_nor_t = {
-    9, kat145_nor_entropyin, kat145_nor_nonce, kat145_nor_persstr,
-    kat145_nor_addin0, kat145_nor_addin1, kat145_nor_retbytes
-};
-static const struct drbg_kat kat145_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat145_nor_t
-};
-
-static const unsigned char kat146_nor_entropyin[] = {
-    0xd1, 0x9f, 0xa3, 0x38, 0xc7, 0xbd, 0x52, 0x40, 0x74, 0x7b, 0xac, 0xab,
-    0x70, 0x32, 0x8f, 0xb3,
-};
-static const unsigned char kat146_nor_nonce[] = {
-    0x5b, 0x42, 0x82, 0x35, 0x41, 0x42, 0x83, 0xb4,
-};
-static const unsigned char kat146_nor_persstr[] = {0};
-static const unsigned char kat146_nor_addin0[] = {
-    0xf3, 0x7c, 0x9f, 0xeb, 0x90, 0xc9, 0x6a, 0x26, 0x3f, 0x41, 0xb1, 0xc4,
-    0x98, 0xd5, 0xe0, 0x75,
-};
-static const unsigned char kat146_nor_addin1[] = {
-    0xa3, 0xd8, 0x86, 0x96, 0xfc, 0x1a, 0x44, 0x70, 0x28, 0x42, 0x31, 0x71,
-    0xba, 0xd4, 0x65, 0x24,
-};
-static const unsigned char kat146_nor_retbytes[] = {
-    0x11, 0xee, 0x72, 0xb4, 0x81, 0xd5, 0x54, 0xf0, 0xfe, 0x49, 0xdc, 0x27,
-    0x37, 0x46, 0x6d, 0x5f, 0x5a, 0x64, 0x76, 0xa2, 0xb5, 0xb2, 0xf9, 0x3c,
-    0xd6, 0x0e, 0xe8, 0xab, 0x1b, 0xf7, 0x56, 0x3d, 0x3e, 0xbc, 0x60, 0x5e,
-    0x44, 0xc3, 0x65, 0xe7, 0x86, 0x5b, 0xff, 0x31, 0xc0, 0x77, 0xd1, 0x76,
-    0xd3, 0x61, 0xa4, 0x24, 0x06, 0x27, 0xde, 0xb2, 0x8a, 0xd5, 0x68, 0x50,
-    0x46, 0x91, 0xf9, 0x47,
-};
-static const struct drbg_kat_no_reseed kat146_nor_t = {
-    10, kat146_nor_entropyin, kat146_nor_nonce, kat146_nor_persstr,
-    kat146_nor_addin0, kat146_nor_addin1, kat146_nor_retbytes
-};
-static const struct drbg_kat kat146_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat146_nor_t
-};
-
-static const unsigned char kat147_nor_entropyin[] = {
-    0xc3, 0xd8, 0x2c, 0x63, 0x01, 0x41, 0x77, 0xe6, 0x2b, 0xda, 0x82, 0xdd,
-    0xe9, 0x11, 0x54, 0x50,
-};
-static const unsigned char kat147_nor_nonce[] = {
-    0x5e, 0x6f, 0x3b, 0x1c, 0x75, 0x70, 0x6f, 0x5f,
-};
-static const unsigned char kat147_nor_persstr[] = {0};
-static const unsigned char kat147_nor_addin0[] = {
-    0x72, 0xa7, 0x17, 0xc6, 0x6f, 0xb2, 0x69, 0x06, 0xd6, 0x99, 0x5d, 0x3e,
-    0xec, 0xc5, 0x79, 0xd9,
-};
-static const unsigned char kat147_nor_addin1[] = {
-    0xb1, 0xb7, 0xa9, 0xad, 0x3c, 0x64, 0x35, 0x5d, 0x5d, 0x70, 0xf0, 0x3c,
-    0x7b, 0x83, 0x29, 0xb0,
-};
-static const unsigned char kat147_nor_retbytes[] = {
-    0x34, 0xc3, 0x09, 0xf2, 0x35, 0x27, 0x09, 0xa9, 0x1f, 0x1f, 0x1a, 0x6a,
-    0xfb, 0x60, 0x14, 0x66, 0xf8, 0x6d, 0xc8, 0x02, 0x2b, 0xcb, 0xfd, 0xee,
-    0x09, 0x51, 0x90, 0xa8, 0x5f, 0xe1, 0xf0, 0x33, 0x2b, 0x8b, 0xab, 0x32,
-    0xf4, 0x42, 0x49, 0x43, 0x00, 0x41, 0xcb, 0x0c, 0xf2, 0xc4, 0x0d, 0x9c,
-    0xdd, 0x0c, 0x0d, 0xf4, 0x23, 0xe3, 0x4f, 0x2d, 0xa8, 0xd7, 0xf7, 0xb8,
-    0x32, 0x94, 0x56, 0x19,
-};
-static const struct drbg_kat_no_reseed kat147_nor_t = {
-    11, kat147_nor_entropyin, kat147_nor_nonce, kat147_nor_persstr,
-    kat147_nor_addin0, kat147_nor_addin1, kat147_nor_retbytes
-};
-static const struct drbg_kat kat147_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat147_nor_t
-};
-
-static const unsigned char kat148_nor_entropyin[] = {
-    0x1c, 0x34, 0x80, 0x46, 0x79, 0x40, 0x8c, 0x0d, 0xd1, 0xc0, 0xb0, 0xb2,
-    0xcb, 0x4c, 0x0c, 0x8d,
-};
-static const unsigned char kat148_nor_nonce[] = {
-    0x23, 0xe6, 0xd5, 0xa1, 0x31, 0x74, 0x0e, 0xc9,
-};
-static const unsigned char kat148_nor_persstr[] = {0};
-static const unsigned char kat148_nor_addin0[] = {
-    0x8b, 0x99, 0xe4, 0x48, 0x55, 0x10, 0xe7, 0xc4, 0xef, 0x31, 0x86, 0xc7,
-    0x5d, 0x0f, 0x42, 0x1d,
-};
-static const unsigned char kat148_nor_addin1[] = {
-    0xcc, 0x1e, 0xcf, 0x02, 0x3c, 0x9b, 0xea, 0xfb, 0x63, 0x48, 0x69, 0x57,
-    0x32, 0x7c, 0x2b, 0xde,
-};
-static const unsigned char kat148_nor_retbytes[] = {
-    0x7f, 0xbf, 0x33, 0xf0, 0x51, 0x08, 0x78, 0x6f, 0xe0, 0x19, 0x97, 0x14,
-    0x6a, 0x27, 0xe5, 0x94, 0x68, 0x76, 0x49, 0x9a, 0x8b, 0xa5, 0x2a, 0x71,
-    0x47, 0x16, 0xd9, 0x82, 0xce, 0xa2, 0x3f, 0x39, 0x2d, 0x40, 0x23, 0x4d,
-    0x3e, 0x00, 0x33, 0x8d, 0x1a, 0xc8, 0x80, 0x9d, 0x43, 0xc7, 0x79, 0x42,
-    0x40, 0x30, 0x19, 0x3b, 0xc6, 0x12, 0x3b, 0x70, 0x67, 0xb6, 0xa8, 0xc2,
-    0xed, 0x17, 0x9a, 0x25,
-};
-static const struct drbg_kat_no_reseed kat148_nor_t = {
-    12, kat148_nor_entropyin, kat148_nor_nonce, kat148_nor_persstr,
-    kat148_nor_addin0, kat148_nor_addin1, kat148_nor_retbytes
-};
-static const struct drbg_kat kat148_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat148_nor_t
-};
-
-static const unsigned char kat149_nor_entropyin[] = {
-    0xaa, 0x70, 0xaa, 0x9d, 0x3c, 0x0a, 0x77, 0xf8, 0x68, 0x38, 0x80, 0x5e,
-    0xef, 0x34, 0x82, 0xba,
-};
-static const unsigned char kat149_nor_nonce[] = {
-    0xcf, 0x7a, 0x0f, 0x57, 0xc7, 0xde, 0xdf, 0x50,
-};
-static const unsigned char kat149_nor_persstr[] = {0};
-static const unsigned char kat149_nor_addin0[] = {
-    0xf6, 0xd4, 0x76, 0xea, 0xe4, 0x2f, 0x02, 0xc9, 0xec, 0x21, 0x98, 0x12,
-    0x29, 0xd0, 0xf9, 0x76,
-};
-static const unsigned char kat149_nor_addin1[] = {
-    0x1a, 0xa4, 0x1e, 0xfd, 0xf1, 0x06, 0xe5, 0xa3, 0xe5, 0xd9, 0x76, 0x77,
-    0x8b, 0x8f, 0x0c, 0x32,
-};
-static const unsigned char kat149_nor_retbytes[] = {
-    0x84, 0xc1, 0xc0, 0x61, 0x9f, 0x69, 0x79, 0xe2, 0xf4, 0xd2, 0xab, 0xc6,
-    0x33, 0x35, 0x42, 0xbf, 0x42, 0xfd, 0x32, 0x79, 0x14, 0x2f, 0x07, 0x1d,
-    0xad, 0xb2, 0x64, 0x45, 0xfb, 0x2d, 0xe5, 0x1c, 0x4f, 0xad, 0x68, 0x1d,
-    0xce, 0x89, 0x18, 0xaf, 0x3a, 0xe1, 0x64, 0x19, 0xfa, 0xfa, 0x3c, 0x55,
-    0x26, 0xd8, 0xc4, 0x78, 0x59, 0x9e, 0x85, 0xee, 0x61, 0xa2, 0x73, 0x18,
-    0x36, 0x05, 0x45, 0x0e,
-};
-static const struct drbg_kat_no_reseed kat149_nor_t = {
-    13, kat149_nor_entropyin, kat149_nor_nonce, kat149_nor_persstr,
-    kat149_nor_addin0, kat149_nor_addin1, kat149_nor_retbytes
-};
-static const struct drbg_kat kat149_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat149_nor_t
-};
-
-static const unsigned char kat150_nor_entropyin[] = {
-    0x94, 0xc6, 0x97, 0x57, 0xc9, 0x75, 0xe5, 0x3c, 0xa9, 0x44, 0xcb, 0xe8,
-    0xf7, 0x68, 0x6f, 0x85,
-};
-static const unsigned char kat150_nor_nonce[] = {
-    0x6e, 0x14, 0x5c, 0xc7, 0xd7, 0x2d, 0xec, 0x57,
-};
-static const unsigned char kat150_nor_persstr[] = {0};
-static const unsigned char kat150_nor_addin0[] = {
-    0xce, 0x08, 0x94, 0x6b, 0x04, 0xfd, 0x83, 0x13, 0xdc, 0xda, 0x8c, 0xde,
-    0x3b, 0x0f, 0xf9, 0xdf,
-};
-static const unsigned char kat150_nor_addin1[] = {
-    0x9f, 0xfc, 0x93, 0x9d, 0x30, 0x5a, 0xe5, 0x86, 0xd8, 0x6a, 0x1a, 0x14,
-    0x70, 0x32, 0x68, 0x0b,
-};
-static const unsigned char kat150_nor_retbytes[] = {
-    0xb1, 0xd7, 0xb3, 0x87, 0xa9, 0xf6, 0x7b, 0x91, 0x50, 0x55, 0xe6, 0x82,
-    0x98, 0xe0, 0x37, 0x73, 0xa0, 0x19, 0x75, 0x56, 0xf8, 0xd4, 0xb7, 0xe0,
-    0x29, 0x52, 0x03, 0x35, 0xef, 0xdc, 0xe2, 0xac, 0xb0, 0xd4, 0xd4, 0xcd,
-    0xae, 0x8a, 0xf8, 0xc0, 0x9f, 0xb5, 0x7a, 0x21, 0x5f, 0x20, 0x87, 0xab,
-    0xb8, 0x4e, 0xc8, 0x5b, 0x12, 0xdc, 0x3a, 0x85, 0x3d, 0x73, 0xa4, 0xdd,
-    0x11, 0x43, 0x00, 0xc5,
-};
-static const struct drbg_kat_no_reseed kat150_nor_t = {
-    14, kat150_nor_entropyin, kat150_nor_nonce, kat150_nor_persstr,
-    kat150_nor_addin0, kat150_nor_addin1, kat150_nor_retbytes
-};
-static const struct drbg_kat kat150_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat150_nor_t
-};
-
-static const unsigned char kat151_nor_entropyin[] = {
-    0xab, 0xa3, 0x6f, 0xf7, 0xa5, 0x35, 0x37, 0x45, 0x4b, 0x5c, 0xb2, 0x68,
-    0x39, 0x17, 0x15, 0x40,
-};
-static const unsigned char kat151_nor_nonce[] = {
-    0x68, 0x71, 0xc0, 0xf5, 0x26, 0xfb, 0xcd, 0xc7,
-};
-static const unsigned char kat151_nor_persstr[] = {
-    0xdb, 0xc4, 0x4a, 0xf4, 0x98, 0x16, 0x1f, 0x1f, 0x2a, 0xf6, 0xfc, 0xe6,
-    0x6c, 0xcc, 0x30, 0xa8,
-};
-static const unsigned char kat151_nor_addin0[] = {0};
-static const unsigned char kat151_nor_addin1[] = {0};
-static const unsigned char kat151_nor_retbytes[] = {
-    0xaf, 0x68, 0x6e, 0x9a, 0xaf, 0x10, 0xaa, 0xbc, 0xbb, 0x44, 0xb3, 0x74,
-    0x89, 0x53, 0xad, 0x18, 0x5d, 0xbf, 0x12, 0x89, 0x8e, 0x52, 0x4d, 0x04,
-    0x08, 0x61, 0x02, 0xe4, 0x5f, 0x38, 0x41, 0xc6, 0x50, 0xf6, 0x23, 0xf4,
-    0x8f, 0x54, 0x2c, 0xaa, 0x14, 0x79, 0x3e, 0x4f, 0xcb, 0xbc, 0xf2, 0xe4,
-    0x61, 0xbe, 0x1c, 0x01, 0xed, 0x8f, 0x1f, 0x48, 0xb9, 0x70, 0x4d, 0x79,
-    0xa8, 0xeb, 0xf7, 0x9d,
-};
-static const struct drbg_kat_no_reseed kat151_nor_t = {
-    0, kat151_nor_entropyin, kat151_nor_nonce, kat151_nor_persstr,
-    kat151_nor_addin0, kat151_nor_addin1, kat151_nor_retbytes
-};
-static const struct drbg_kat kat151_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat151_nor_t
-};
-
-static const unsigned char kat152_nor_entropyin[] = {
-    0x47, 0xaf, 0xb8, 0x3e, 0x3a, 0xda, 0x22, 0x0f, 0x7d, 0x7e, 0x63, 0x82,
-    0xa8, 0xb3, 0x8c, 0xbb,
-};
-static const unsigned char kat152_nor_nonce[] = {
-    0x7a, 0xb8, 0xae, 0x9b, 0xac, 0x8b, 0x15, 0xa5,
-};
-static const unsigned char kat152_nor_persstr[] = {
-    0x8b, 0xec, 0x1c, 0xb2, 0xd1, 0x80, 0xb3, 0x67, 0x7c, 0xd1, 0xa8, 0x60,
-    0x4b, 0x61, 0x4d, 0xbe,
-};
-static const unsigned char kat152_nor_addin0[] = {0};
-static const unsigned char kat152_nor_addin1[] = {0};
-static const unsigned char kat152_nor_retbytes[] = {
-    0x90, 0xcf, 0x1d, 0x9e, 0x65, 0xd9, 0x76, 0xca, 0xce, 0x2f, 0x20, 0xe7,
-    0x81, 0x47, 0xd5, 0x04, 0x0d, 0x02, 0x23, 0x7e, 0x04, 0x17, 0x3f, 0x1f,
-    0x37, 0x10, 0xe5, 0x22, 0x7d, 0xcb, 0x85, 0x64, 0x68, 0x4f, 0x2e, 0xba,
-    0x38, 0xe1, 0xde, 0xf7, 0x2b, 0x93, 0xbe, 0xdb, 0x44, 0x85, 0xf2, 0xb8,
-    0x17, 0xee, 0x66, 0xc1, 0x89, 0x02, 0x4b, 0x2a, 0x12, 0x73, 0x65, 0xbc,
-    0x83, 0x50, 0x08, 0x71,
-};
-static const struct drbg_kat_no_reseed kat152_nor_t = {
-    1, kat152_nor_entropyin, kat152_nor_nonce, kat152_nor_persstr,
-    kat152_nor_addin0, kat152_nor_addin1, kat152_nor_retbytes
-};
-static const struct drbg_kat kat152_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat152_nor_t
-};
-
-static const unsigned char kat153_nor_entropyin[] = {
-    0xbb, 0x69, 0x93, 0xaf, 0xf4, 0x80, 0x4a, 0x87, 0xdd, 0x42, 0x59, 0x73,
-    0xfd, 0xe3, 0x53, 0x11,
-};
-static const unsigned char kat153_nor_nonce[] = {
-    0xfb, 0x14, 0x70, 0x0b, 0x33, 0x5a, 0x01, 0x46,
-};
-static const unsigned char kat153_nor_persstr[] = {
-    0x1e, 0xb0, 0x65, 0x44, 0xca, 0xa8, 0x6e, 0x2a, 0xc4, 0x58, 0x8a, 0xa8,
-    0x51, 0xe8, 0xfc, 0x0e,
-};
-static const unsigned char kat153_nor_addin0[] = {0};
-static const unsigned char kat153_nor_addin1[] = {0};
-static const unsigned char kat153_nor_retbytes[] = {
-    0x4e, 0xe7, 0x27, 0x07, 0x3a, 0xba, 0xa3, 0xd7, 0x41, 0x8d, 0x6b, 0x3e,
-    0x3b, 0xd4, 0x67, 0xc9, 0x28, 0x48, 0x54, 0x42, 0x3b, 0xa6, 0xd4, 0xef,
-    0x02, 0xb2, 0xda, 0xbf, 0x14, 0xb9, 0xb8, 0x24, 0xb2, 0x7a, 0xda, 0x2b,
-    0x4a, 0x42, 0xf7, 0xdd, 0x1c, 0xd3, 0x9d, 0xc4, 0x42, 0x0e, 0xe6, 0xe8,
-    0x43, 0xfa, 0x7f, 0x2e, 0xee, 0x06, 0xbb, 0x05, 0xc6, 0x47, 0xdc, 0xc0,
-    0xd6, 0x97, 0xc0, 0x09,
-};
-static const struct drbg_kat_no_reseed kat153_nor_t = {
-    2, kat153_nor_entropyin, kat153_nor_nonce, kat153_nor_persstr,
-    kat153_nor_addin0, kat153_nor_addin1, kat153_nor_retbytes
-};
-static const struct drbg_kat kat153_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat153_nor_t
-};
-
-static const unsigned char kat154_nor_entropyin[] = {
-    0xa0, 0x5d, 0x9d, 0x84, 0xa5, 0x0d, 0xe7, 0x97, 0x01, 0xc7, 0x59, 0x59,
-    0xaf, 0x26, 0xa8, 0xfa,
-};
-static const unsigned char kat154_nor_nonce[] = {
-    0x7e, 0xde, 0x7f, 0x16, 0x30, 0xdc, 0x01, 0xf7,
-};
-static const unsigned char kat154_nor_persstr[] = {
-    0x54, 0xf5, 0xd6, 0xe5, 0xd9, 0xb1, 0xfe, 0xb0, 0xa1, 0xc3, 0xd9, 0xa7,
-    0xec, 0x81, 0xdd, 0x98,
-};
-static const unsigned char kat154_nor_addin0[] = {0};
-static const unsigned char kat154_nor_addin1[] = {0};
-static const unsigned char kat154_nor_retbytes[] = {
-    0xf4, 0x7a, 0xab, 0x57, 0xdf, 0xff, 0x93, 0x1d, 0x4b, 0xfc, 0x75, 0xa0,
-    0x13, 0x11, 0x86, 0xf0, 0xf5, 0xc1, 0x50, 0x5e, 0x9c, 0x6c, 0x7e, 0xb9,
-    0x35, 0xe3, 0x1b, 0x49, 0xf1, 0x34, 0xef, 0xc0, 0x0e, 0x45, 0xfc, 0x96,
-    0x73, 0x58, 0xee, 0xc4, 0xa9, 0x21, 0xfd, 0xa0, 0xd0, 0x53, 0x7d, 0x9e,
-    0x4f, 0xb3, 0x3b, 0x26, 0x3d, 0xb8, 0xe0, 0x8e, 0x73, 0xf2, 0x1f, 0xe1,
-    0x75, 0x05, 0x19, 0x6f,
-};
-static const struct drbg_kat_no_reseed kat154_nor_t = {
-    3, kat154_nor_entropyin, kat154_nor_nonce, kat154_nor_persstr,
-    kat154_nor_addin0, kat154_nor_addin1, kat154_nor_retbytes
-};
-static const struct drbg_kat kat154_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat154_nor_t
-};
-
-static const unsigned char kat155_nor_entropyin[] = {
-    0x80, 0x7d, 0x1b, 0x10, 0x96, 0xe3, 0xd7, 0xf7, 0x89, 0x03, 0x6d, 0x64,
-    0x4d, 0xfb, 0x9e, 0x8b,
-};
-static const unsigned char kat155_nor_nonce[] = {
-    0x8c, 0xd7, 0x7f, 0x71, 0xcc, 0xd8, 0xa3, 0x22,
-};
-static const unsigned char kat155_nor_persstr[] = {
-    0x4f, 0x72, 0x74, 0x5e, 0x2f, 0x2a, 0xa5, 0x43, 0x61, 0x89, 0xdb, 0x92,
-    0x27, 0x82, 0x0e, 0x46,
-};
-static const unsigned char kat155_nor_addin0[] = {0};
-static const unsigned char kat155_nor_addin1[] = {0};
-static const unsigned char kat155_nor_retbytes[] = {
-    0xff, 0x4a, 0xe0, 0x06, 0x4c, 0x25, 0xfc, 0xef, 0x07, 0x4a, 0xb3, 0x65,
-    0x0e, 0xb6, 0xd3, 0x04, 0x4f, 0x86, 0x68, 0x7e, 0x6d, 0xb2, 0x26, 0x29,
-    0x99, 0x2b, 0x08, 0xed, 0x07, 0x8c, 0x65, 0xd0, 0x3d, 0xaf, 0x62, 0x41,
-    0xa3, 0x10, 0xe5, 0x76, 0x3c, 0x29, 0x86, 0x63, 0x84, 0x8e, 0x32, 0xd0,
-    0x61, 0x4e, 0x98, 0x98, 0x9a, 0x16, 0xd3, 0x7d, 0xc1, 0x72, 0x91, 0x35,
-    0xfc, 0xa5, 0xe6, 0x2e,
-};
-static const struct drbg_kat_no_reseed kat155_nor_t = {
-    4, kat155_nor_entropyin, kat155_nor_nonce, kat155_nor_persstr,
-    kat155_nor_addin0, kat155_nor_addin1, kat155_nor_retbytes
-};
-static const struct drbg_kat kat155_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat155_nor_t
-};
-
-static const unsigned char kat156_nor_entropyin[] = {
-    0x1a, 0xbc, 0xe2, 0x1f, 0x12, 0x33, 0x68, 0xb2, 0x6c, 0x66, 0x56, 0xb0,
-    0xce, 0xbc, 0x03, 0xe8,
-};
-static const unsigned char kat156_nor_nonce[] = {
-    0x1f, 0x7a, 0x6d, 0x5b, 0xc2, 0xcb, 0x97, 0x59,
-};
-static const unsigned char kat156_nor_persstr[] = {
-    0x00, 0xcd, 0x25, 0x9b, 0xb8, 0x7e, 0x4e, 0x6e, 0x21, 0x3e, 0xd4, 0x4e,
-    0xec, 0x19, 0xd9, 0x9d,
-};
-static const unsigned char kat156_nor_addin0[] = {0};
-static const unsigned char kat156_nor_addin1[] = {0};
-static const unsigned char kat156_nor_retbytes[] = {
-    0x86, 0xc0, 0x0d, 0x31, 0x81, 0xc1, 0xb6, 0x06, 0xc5, 0x1f, 0x90, 0x98,
-    0x93, 0x83, 0xb4, 0xb8, 0x92, 0x2e, 0x4a, 0x19, 0x0b, 0x94, 0x01, 0x65,
-    0x8f, 0x8d, 0x45, 0x13, 0x69, 0x7c, 0xa7, 0xd5, 0x84, 0xf5, 0xfc, 0xce,
-    0xb3, 0x32, 0x4f, 0x62, 0x4c, 0x47, 0x81, 0xdf, 0xe5, 0x5c, 0x0d, 0xba,
-    0x2d, 0x66, 0xbd, 0x85, 0x8f, 0xb6, 0x43, 0xf2, 0x3c, 0xe5, 0xd6, 0x7e,
-    0x57, 0x25, 0x00, 0x07,
-};
-static const struct drbg_kat_no_reseed kat156_nor_t = {
-    5, kat156_nor_entropyin, kat156_nor_nonce, kat156_nor_persstr,
-    kat156_nor_addin0, kat156_nor_addin1, kat156_nor_retbytes
-};
-static const struct drbg_kat kat156_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat156_nor_t
-};
-
-static const unsigned char kat157_nor_entropyin[] = {
-    0x06, 0xd5, 0xfb, 0x81, 0x4c, 0xa4, 0xb2, 0xba, 0xc9, 0xe1, 0xcf, 0xba,
-    0x0f, 0x13, 0x69, 0x9d,
-};
-static const unsigned char kat157_nor_nonce[] = {
-    0x0e, 0xa8, 0x7b, 0x9f, 0x3b, 0xb1, 0xe6, 0x29,
-};
-static const unsigned char kat157_nor_persstr[] = {
-    0xf6, 0x36, 0x79, 0xdf, 0xa3, 0x53, 0x70, 0x3f, 0x12, 0xe7, 0x23, 0x61,
-    0x73, 0xc7, 0xd3, 0x20,
-};
-static const unsigned char kat157_nor_addin0[] = {0};
-static const unsigned char kat157_nor_addin1[] = {0};
-static const unsigned char kat157_nor_retbytes[] = {
-    0xe0, 0xc8, 0xff, 0x1f, 0x1d, 0x2c, 0x69, 0xaf, 0xca, 0xe0, 0xb7, 0x3b,
-    0xe8, 0xb3, 0xc4, 0xc7, 0x41, 0x3f, 0x7f, 0xbc, 0xbe, 0xfc, 0x3b, 0xcf,
-    0x1e, 0x68, 0x8d, 0x2a, 0x7d, 0x08, 0x49, 0xfd, 0xee, 0x60, 0xbd, 0xe9,
-    0x1a, 0x0f, 0xb1, 0xa5, 0xef, 0x4b, 0xf3, 0xdf, 0xb3, 0x36, 0xb7, 0x3e,
-    0xd0, 0x47, 0xdf, 0xa7, 0x74, 0x77, 0xa5, 0x1c, 0x6d, 0xee, 0x81, 0x72,
-    0x63, 0xa2, 0x0c, 0x37,
-};
-static const struct drbg_kat_no_reseed kat157_nor_t = {
-    6, kat157_nor_entropyin, kat157_nor_nonce, kat157_nor_persstr,
-    kat157_nor_addin0, kat157_nor_addin1, kat157_nor_retbytes
-};
-static const struct drbg_kat kat157_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat157_nor_t
-};
-
-static const unsigned char kat158_nor_entropyin[] = {
-    0xdd, 0x3b, 0x7c, 0xfc, 0x51, 0x8c, 0x18, 0x0c, 0xf2, 0x89, 0xf1, 0x45,
-    0x25, 0x15, 0x0c, 0xa5,
-};
-static const unsigned char kat158_nor_nonce[] = {
-    0x36, 0x94, 0x04, 0x3c, 0x71, 0xc2, 0xdd, 0xc5,
-};
-static const unsigned char kat158_nor_persstr[] = {
-    0x3b, 0x1c, 0x08, 0xfa, 0xb6, 0x36, 0x18, 0x51, 0xd7, 0xa5, 0x18, 0xae,
-    0x35, 0x5b, 0x8c, 0x9b,
-};
-static const unsigned char kat158_nor_addin0[] = {0};
-static const unsigned char kat158_nor_addin1[] = {0};
-static const unsigned char kat158_nor_retbytes[] = {
-    0x59, 0x16, 0x4b, 0xac, 0x7a, 0x71, 0x4f, 0xcd, 0x5a, 0x45, 0x80, 0xfb,
-    0x54, 0xed, 0x4d, 0xdf, 0x99, 0xc3, 0x9c, 0xf5, 0x9c, 0x23, 0xf8, 0x5f,
-    0x6c, 0x52, 0x16, 0xf4, 0xe8, 0x9c, 0xf2, 0x8d, 0xa1, 0x59, 0x9f, 0x82,
-    0x57, 0xa6, 0xaf, 0xc3, 0x02, 0xed, 0x3a, 0x1d, 0xec, 0x00, 0x3f, 0xf4,
-    0x50, 0x91, 0x2c, 0x2b, 0xcd, 0x68, 0x2c, 0xd3, 0x40, 0x79, 0xcf, 0xb3,
-    0xcc, 0xf2, 0x59, 0x3a,
-};
-static const struct drbg_kat_no_reseed kat158_nor_t = {
-    7, kat158_nor_entropyin, kat158_nor_nonce, kat158_nor_persstr,
-    kat158_nor_addin0, kat158_nor_addin1, kat158_nor_retbytes
-};
-static const struct drbg_kat kat158_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat158_nor_t
-};
-
-static const unsigned char kat159_nor_entropyin[] = {
-    0xb7, 0x31, 0x4b, 0xac, 0xd0, 0xb3, 0xe9, 0xe2, 0x21, 0x4e, 0x11, 0xa4,
-    0x9c, 0x4f, 0xab, 0x54,
-};
-static const unsigned char kat159_nor_nonce[] = {
-    0x8c, 0xd5, 0x9a, 0x9c, 0x39, 0x50, 0x1c, 0x0b,
-};
-static const unsigned char kat159_nor_persstr[] = {
-    0xb6, 0xe3, 0xa4, 0x64, 0x4f, 0xb9, 0x13, 0xa5, 0x4c, 0x89, 0x21, 0xcb,
-    0xc1, 0x73, 0x72, 0x38,
-};
-static const unsigned char kat159_nor_addin0[] = {0};
-static const unsigned char kat159_nor_addin1[] = {0};
-static const unsigned char kat159_nor_retbytes[] = {
-    0xe9, 0x2c, 0x97, 0xcc, 0xbb, 0xd6, 0x01, 0x31, 0x78, 0xee, 0x06, 0xd0,
-    0x1a, 0xd2, 0xc9, 0xeb, 0x54, 0x64, 0xa7, 0xe3, 0x04, 0x32, 0xb9, 0x43,
-    0xe0, 0xb3, 0x71, 0xf1, 0x36, 0xa9, 0x94, 0xb9, 0xf5, 0x44, 0xf3, 0x7b,
-    0x60, 0x56, 0x1e, 0x10, 0x25, 0xb1, 0x2b, 0x5a, 0x15, 0xcb, 0x66, 0x1b,
-    0x30, 0x1b, 0x5d, 0xd4, 0x38, 0x4b, 0x8b, 0xc0, 0x0d, 0x1d, 0x72, 0xb3,
-    0xc6, 0x18, 0xf8, 0x75,
-};
-static const struct drbg_kat_no_reseed kat159_nor_t = {
-    8, kat159_nor_entropyin, kat159_nor_nonce, kat159_nor_persstr,
-    kat159_nor_addin0, kat159_nor_addin1, kat159_nor_retbytes
-};
-static const struct drbg_kat kat159_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat159_nor_t
-};
-
-static const unsigned char kat160_nor_entropyin[] = {
-    0xd6, 0x2b, 0x1f, 0xc2, 0xb0, 0x45, 0x71, 0x8a, 0x3f, 0xe5, 0x9d, 0xfa,
-    0xc4, 0xa1, 0xc0, 0x3b,
-};
-static const unsigned char kat160_nor_nonce[] = {
-    0x41, 0x99, 0x17, 0xd5, 0x8a, 0x67, 0x56, 0xa5,
-};
-static const unsigned char kat160_nor_persstr[] = {
-    0xf4, 0x79, 0x4b, 0xdc, 0x10, 0x9f, 0x13, 0x00, 0x4b, 0x89, 0x3b, 0x32,
-    0x83, 0xc0, 0x97, 0x7e,
-};
-static const unsigned char kat160_nor_addin0[] = {0};
-static const unsigned char kat160_nor_addin1[] = {0};
-static const unsigned char kat160_nor_retbytes[] = {
-    0x05, 0x42, 0xdf, 0xda, 0xb8, 0x8e, 0x34, 0x91, 0x63, 0xed, 0x9b, 0xa6,
-    0x34, 0xee, 0x76, 0x25, 0x7d, 0xc9, 0x27, 0x66, 0x61, 0xcd, 0x5d, 0xd2,
-    0xfa, 0xa9, 0x31, 0xbc, 0x3a, 0x2e, 0x9c, 0x2d, 0x17, 0xe5, 0x70, 0xff,
-    0xa1, 0xa5, 0xf1, 0x44, 0x96, 0xf0, 0xea, 0xc3, 0x33, 0x9e, 0xfd, 0xe4,
-    0x6a, 0xa4, 0x0e, 0x87, 0xf2, 0x1a, 0x98, 0x54, 0x95, 0xfd, 0xa3, 0x94,
-    0xf2, 0x06, 0x6e, 0xbb,
-};
-static const struct drbg_kat_no_reseed kat160_nor_t = {
-    9, kat160_nor_entropyin, kat160_nor_nonce, kat160_nor_persstr,
-    kat160_nor_addin0, kat160_nor_addin1, kat160_nor_retbytes
-};
-static const struct drbg_kat kat160_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat160_nor_t
-};
-
-static const unsigned char kat161_nor_entropyin[] = {
-    0x91, 0xb4, 0xaa, 0x7d, 0x56, 0x58, 0x32, 0xe9, 0x6a, 0x21, 0xd6, 0x80,
-    0xa0, 0xec, 0xdb, 0x4c,
-};
-static const unsigned char kat161_nor_nonce[] = {
-    0x06, 0x09, 0x09, 0xe2, 0xce, 0x8b, 0x2d, 0xc8,
-};
-static const unsigned char kat161_nor_persstr[] = {
-    0x5c, 0xba, 0xce, 0xb8, 0x9c, 0x15, 0x0d, 0x22, 0x9b, 0x51, 0x6c, 0x34,
-    0x93, 0x60, 0xf2, 0x7f,
-};
-static const unsigned char kat161_nor_addin0[] = {0};
-static const unsigned char kat161_nor_addin1[] = {0};
-static const unsigned char kat161_nor_retbytes[] = {
-    0xc0, 0x79, 0xc2, 0x91, 0x7e, 0x8f, 0x6b, 0x84, 0xc5, 0x8e, 0x02, 0x26,
-    0xad, 0x0b, 0x8a, 0x60, 0xa8, 0x7b, 0x88, 0x22, 0xa9, 0x90, 0x45, 0x9d,
-    0xe2, 0x4c, 0xc6, 0x55, 0x4c, 0x7f, 0x24, 0x1a, 0xff, 0x30, 0xcd, 0xea,
-    0x61, 0xa7, 0x48, 0x47, 0x0a, 0x58, 0xc9, 0x4a, 0x15, 0x0e, 0xbd, 0xdc,
-    0x35, 0x5c, 0x64, 0x4d, 0xd4, 0x78, 0x6e, 0x36, 0xf1, 0x7e, 0xcf, 0xce,
-    0xa7, 0x33, 0x9d, 0x42,
-};
-static const struct drbg_kat_no_reseed kat161_nor_t = {
-    10, kat161_nor_entropyin, kat161_nor_nonce, kat161_nor_persstr,
-    kat161_nor_addin0, kat161_nor_addin1, kat161_nor_retbytes
-};
-static const struct drbg_kat kat161_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat161_nor_t
-};
-
-static const unsigned char kat162_nor_entropyin[] = {
-    0x32, 0xe1, 0x66, 0xc0, 0x93, 0x8d, 0x6d, 0xa7, 0x21, 0xcf, 0xce, 0x23,
-    0x5a, 0x66, 0xa1, 0x80,
-};
-static const unsigned char kat162_nor_nonce[] = {
-    0xeb, 0x68, 0x79, 0x96, 0xa8, 0xff, 0x63, 0x94,
-};
-static const unsigned char kat162_nor_persstr[] = {
-    0x05, 0xb9, 0x9f, 0x8d, 0x9f, 0x10, 0x2c, 0x5f, 0xf6, 0xd0, 0xd4, 0x5c,
-    0x4d, 0x68, 0x5f, 0xf8,
-};
-static const unsigned char kat162_nor_addin0[] = {0};
-static const unsigned char kat162_nor_addin1[] = {0};
-static const unsigned char kat162_nor_retbytes[] = {
-    0xec, 0x5a, 0xe3, 0x97, 0x25, 0x72, 0x20, 0x45, 0x2e, 0x61, 0x05, 0xa5,
-    0xa2, 0x9f, 0x56, 0xd9, 0x33, 0x21, 0x32, 0xf5, 0x33, 0x8d, 0x19, 0xe8,
-    0x1a, 0xf6, 0xd3, 0x10, 0x22, 0xbb, 0x91, 0xf8, 0x7f, 0x04, 0xe4, 0x52,
-    0x0d, 0x50, 0x76, 0x61, 0x43, 0xd3, 0x53, 0x3e, 0x7b, 0x9d, 0x57, 0x0a,
-    0x80, 0x68, 0x84, 0xa3, 0xdf, 0xe2, 0x81, 0xe0, 0x00, 0xf7, 0x7e, 0x7b,
-    0x85, 0x59, 0x44, 0x34,
-};
-static const struct drbg_kat_no_reseed kat162_nor_t = {
-    11, kat162_nor_entropyin, kat162_nor_nonce, kat162_nor_persstr,
-    kat162_nor_addin0, kat162_nor_addin1, kat162_nor_retbytes
-};
-static const struct drbg_kat kat162_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat162_nor_t
-};
-
-static const unsigned char kat163_nor_entropyin[] = {
-    0x3a, 0x3d, 0x6a, 0xa9, 0xdb, 0x0f, 0x54, 0x0a, 0x37, 0xeb, 0x81, 0x50,
-    0x9d, 0xdb, 0x65, 0x5d,
-};
-static const unsigned char kat163_nor_nonce[] = {
-    0x1f, 0xe8, 0xc2, 0x5b, 0x27, 0xee, 0x3a, 0xbe,
-};
-static const unsigned char kat163_nor_persstr[] = {
-    0x8e, 0x15, 0xa5, 0xad, 0x7a, 0x5f, 0x29, 0x38, 0xeb, 0xdb, 0x5c, 0x08,
-    0x8b, 0xdc, 0xf3, 0x07,
-};
-static const unsigned char kat163_nor_addin0[] = {0};
-static const unsigned char kat163_nor_addin1[] = {0};
-static const unsigned char kat163_nor_retbytes[] = {
-    0x8d, 0x7e, 0xae, 0xe5, 0x0e, 0x87, 0xf0, 0xbc, 0x34, 0xa4, 0x9b, 0xe9,
-    0x4e, 0x7a, 0x4a, 0x64, 0xfd, 0x1e, 0xc9, 0x86, 0x1e, 0xf3, 0x34, 0x22,
-    0x2f, 0xfb, 0x15, 0xaf, 0x89, 0x29, 0xf9, 0xed, 0x42, 0xfb, 0x3f, 0xa6,
-    0x29, 0xd6, 0xba, 0x39, 0x70, 0x6b, 0x91, 0x93, 0xe1, 0x2b, 0xa2, 0x40,
-    0x44, 0x76, 0x17, 0x7c, 0x4f, 0x69, 0xbf, 0xd1, 0x8c, 0xfe, 0x59, 0x55,
-    0x5d, 0xca, 0x7c, 0x04,
-};
-static const struct drbg_kat_no_reseed kat163_nor_t = {
-    12, kat163_nor_entropyin, kat163_nor_nonce, kat163_nor_persstr,
-    kat163_nor_addin0, kat163_nor_addin1, kat163_nor_retbytes
-};
-static const struct drbg_kat kat163_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat163_nor_t
-};
-
-static const unsigned char kat164_nor_entropyin[] = {
-    0xc0, 0x84, 0x69, 0xf8, 0x36, 0xfc, 0x12, 0x48, 0xde, 0xd4, 0xed, 0xd8,
-    0xaf, 0x4d, 0x9d, 0xe8,
-};
-static const unsigned char kat164_nor_nonce[] = {
-    0x74, 0x6e, 0xa2, 0xd7, 0x4c, 0xcc, 0xc4, 0xcd,
-};
-static const unsigned char kat164_nor_persstr[] = {
-    0xa5, 0x18, 0x18, 0xae, 0x54, 0x37, 0x56, 0x25, 0x52, 0x65, 0x11, 0x80,
-    0xf3, 0xde, 0x5d, 0xae,
-};
-static const unsigned char kat164_nor_addin0[] = {0};
-static const unsigned char kat164_nor_addin1[] = {0};
-static const unsigned char kat164_nor_retbytes[] = {
-    0xa0, 0x8a, 0xee, 0xde, 0x46, 0x3f, 0xc9, 0xac, 0x48, 0x90, 0x7a, 0xb4,
-    0xb0, 0xb3, 0x9d, 0x6f, 0x86, 0xa8, 0x79, 0xf4, 0x21, 0x81, 0x61, 0x41,
-    0xa0, 0x52, 0xeb, 0x48, 0xd8, 0x7f, 0xf5, 0xd9, 0xb5, 0xb6, 0xcb, 0xfe,
-    0xef, 0xdd, 0x8c, 0xfc, 0x17, 0x72, 0xeb, 0x62, 0x67, 0x12, 0x45, 0x3f,
-    0x88, 0xec, 0x74, 0x7f, 0x6a, 0x05, 0xaf, 0x91, 0x7c, 0x9f, 0xa1, 0x61,
-    0xed, 0xe1, 0x1d, 0x7f,
-};
-static const struct drbg_kat_no_reseed kat164_nor_t = {
-    13, kat164_nor_entropyin, kat164_nor_nonce, kat164_nor_persstr,
-    kat164_nor_addin0, kat164_nor_addin1, kat164_nor_retbytes
-};
-static const struct drbg_kat kat164_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat164_nor_t
-};
-
-static const unsigned char kat165_nor_entropyin[] = {
-    0x0c, 0xe4, 0xc1, 0x82, 0x8f, 0x9c, 0x9f, 0x0a, 0xea, 0xb4, 0x95, 0x36,
-    0x72, 0x23, 0x59, 0x23,
-};
-static const unsigned char kat165_nor_nonce[] = {
-    0x46, 0x4b, 0x42, 0xc9, 0xfc, 0x5b, 0x38, 0x31,
-};
-static const unsigned char kat165_nor_persstr[] = {
-    0x48, 0xde, 0x34, 0xd8, 0x48, 0x29, 0x8d, 0xcf, 0x3f, 0x58, 0xc5, 0x2d,
-    0x96, 0xc7, 0x7b, 0xf5,
-};
-static const unsigned char kat165_nor_addin0[] = {0};
-static const unsigned char kat165_nor_addin1[] = {0};
-static const unsigned char kat165_nor_retbytes[] = {
-    0xa7, 0xd3, 0x79, 0x02, 0x26, 0xf5, 0xab, 0x5b, 0x38, 0x33, 0xdc, 0xc7,
-    0x63, 0xc2, 0xe9, 0xe7, 0xc5, 0xb7, 0x7d, 0x57, 0xc2, 0xfa, 0x26, 0x15,
-    0x47, 0xae, 0x0e, 0x39, 0xe9, 0x78, 0x4d, 0xf2, 0x69, 0xd0, 0x8b, 0xbd,
-    0x40, 0x36, 0x46, 0x2f, 0x3a, 0xcc, 0xc7, 0x1b, 0x37, 0x8b, 0x09, 0x41,
-    0xe9, 0x9c, 0x32, 0x7c, 0x4a, 0x50, 0x34, 0x39, 0xa9, 0x3b, 0x4e, 0xc7,
-    0xa0, 0x39, 0xa2, 0xa8,
-};
-static const struct drbg_kat_no_reseed kat165_nor_t = {
-    14, kat165_nor_entropyin, kat165_nor_nonce, kat165_nor_persstr,
-    kat165_nor_addin0, kat165_nor_addin1, kat165_nor_retbytes
-};
-static const struct drbg_kat kat165_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat165_nor_t
-};
-
-static const unsigned char kat166_nor_entropyin[] = {
-    0x70, 0x7a, 0x43, 0x07, 0x2e, 0xac, 0xb8, 0xce, 0xa9, 0x5f, 0xb8, 0x52,
-    0x1a, 0xe5, 0x16, 0x0b,
-};
-static const unsigned char kat166_nor_nonce[] = {
-    0xfd, 0x62, 0x12, 0x13, 0x26, 0x16, 0x30, 0xad,
-};
-static const unsigned char kat166_nor_persstr[] = {
-    0x6b, 0xf9, 0xa7, 0x2e, 0xaf, 0xe3, 0x5d, 0x58, 0x3c, 0x91, 0x5c, 0x95,
-    0x25, 0x74, 0x7b, 0xa0,
-};
-static const unsigned char kat166_nor_addin0[] = {
-    0xe3, 0xdf, 0xd6, 0x92, 0x7c, 0x4a, 0xe1, 0x03, 0x43, 0x2e, 0xb6, 0x19,
-    0x63, 0x67, 0xec, 0xee,
-};
-static const unsigned char kat166_nor_addin1[] = {
-    0xe1, 0x8c, 0xd5, 0x04, 0xe9, 0x40, 0x27, 0x53, 0x3c, 0xf3, 0x30, 0x71,
-    0xca, 0x93, 0x1b, 0x60,
-};
-static const unsigned char kat166_nor_retbytes[] = {
-    0xee, 0x46, 0x3c, 0xdc, 0x78, 0xdd, 0x25, 0x3c, 0x44, 0x66, 0xdd, 0xc2,
-    0xe3, 0x5c, 0xc4, 0xa9, 0x1a, 0xf2, 0x0a, 0xd3, 0xb3, 0x39, 0x66, 0x69,
-    0xce, 0xf5, 0x22, 0x1b, 0x0a, 0x9c, 0xcc, 0x5d, 0xfc, 0x72, 0x3b, 0x2f,
-    0xe1, 0xe5, 0x7f, 0xa2, 0x6d, 0xd0, 0x30, 0xad, 0x0b, 0x6e, 0xa1, 0x4e,
-    0xcb, 0x89, 0xf9, 0x1c, 0x4b, 0xc6, 0x93, 0x82, 0xa0, 0x1d, 0x8d, 0xfa,
-    0x6f, 0x1d, 0xff, 0x8a,
-};
-static const struct drbg_kat_no_reseed kat166_nor_t = {
-    0, kat166_nor_entropyin, kat166_nor_nonce, kat166_nor_persstr,
-    kat166_nor_addin0, kat166_nor_addin1, kat166_nor_retbytes
-};
-static const struct drbg_kat kat166_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat166_nor_t
-};
-
-static const unsigned char kat167_nor_entropyin[] = {
-    0x35, 0x67, 0xac, 0x54, 0xb9, 0x03, 0xfd, 0x5d, 0xdc, 0x57, 0x23, 0x4c,
-    0x31, 0x9b, 0x14, 0x15,
-};
-static const unsigned char kat167_nor_nonce[] = {
-    0x8f, 0x75, 0xc5, 0x6a, 0x85, 0x77, 0x21, 0x92,
-};
-static const unsigned char kat167_nor_persstr[] = {
-    0xd1, 0xe3, 0xff, 0xed, 0x85, 0x21, 0x1c, 0x40, 0x8e, 0x31, 0xdb, 0x12,
-    0xe8, 0x5b, 0x75, 0xdb,
-};
-static const unsigned char kat167_nor_addin0[] = {
-    0xcc, 0x38, 0x84, 0x33, 0x5e, 0x19, 0x42, 0x7c, 0xaf, 0x09, 0xf0, 0x1c,
-    0x63, 0x4b, 0x30, 0x8a,
-};
-static const unsigned char kat167_nor_addin1[] = {
-    0xf7, 0x73, 0x3d, 0x02, 0x51, 0xff, 0x02, 0xaf, 0xc0, 0xe9, 0x61, 0xc1,
-    0x12, 0x28, 0x84, 0xfc,
-};
-static const unsigned char kat167_nor_retbytes[] = {
-    0x28, 0xc6, 0x9b, 0xb4, 0x98, 0x76, 0x42, 0xe5, 0xa4, 0x67, 0x93, 0x8f,
-    0x52, 0xa7, 0x37, 0x14, 0xd3, 0x9a, 0xd0, 0x89, 0xee, 0x09, 0xda, 0xbe,
-    0x70, 0xd6, 0x90, 0x36, 0x17, 0x8f, 0x59, 0x98, 0x18, 0x6c, 0xc6, 0x45,
-    0x10, 0x0b, 0x56, 0xf9, 0x8e, 0xf4, 0x5c, 0xe3, 0x5b, 0x06, 0xf0, 0x9c,
-    0x26, 0x20, 0xba, 0x68, 0x0a, 0x5a, 0x03, 0xd3, 0xd9, 0x59, 0x43, 0xed,
-    0x17, 0x16, 0x0f, 0xe4,
-};
-static const struct drbg_kat_no_reseed kat167_nor_t = {
-    1, kat167_nor_entropyin, kat167_nor_nonce, kat167_nor_persstr,
-    kat167_nor_addin0, kat167_nor_addin1, kat167_nor_retbytes
-};
-static const struct drbg_kat kat167_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat167_nor_t
-};
-
-static const unsigned char kat168_nor_entropyin[] = {
-    0x41, 0x76, 0x72, 0x58, 0xe0, 0x6e, 0x50, 0x11, 0x24, 0xf3, 0xdb, 0x8b,
-    0xe4, 0x58, 0xd3, 0xbf,
-};
-static const unsigned char kat168_nor_nonce[] = {
-    0xde, 0x8f, 0xa0, 0xa7, 0x9f, 0x1a, 0x7f, 0x0c,
-};
-static const unsigned char kat168_nor_persstr[] = {
-    0x9d, 0xab, 0x2f, 0x46, 0xd2, 0x2d, 0x37, 0x86, 0x08, 0xe2, 0x1f, 0xc2,
-    0x37, 0xe9, 0x98, 0x71,
-};
-static const unsigned char kat168_nor_addin0[] = {
-    0xea, 0x41, 0xd1, 0x33, 0xb4, 0xf8, 0x6a, 0x35, 0x22, 0x7b, 0x76, 0x16,
-    0x7f, 0x51, 0xbb, 0x5f,
-};
-static const unsigned char kat168_nor_addin1[] = {
-    0x71, 0x61, 0xe1, 0x2c, 0x6f, 0x65, 0xc1, 0x42, 0xba, 0xf9, 0x4f, 0x1a,
-    0x09, 0xe9, 0x4e, 0x22,
-};
-static const unsigned char kat168_nor_retbytes[] = {
-    0xb3, 0x90, 0xc9, 0x52, 0x0e, 0xad, 0x28, 0x82, 0x69, 0x2a, 0x29, 0x59,
-    0x3d, 0x16, 0x5c, 0x58, 0xbc, 0x66, 0x14, 0x62, 0x11, 0x2a, 0xf6, 0xd2,
-    0x5a, 0x57, 0x14, 0x73, 0xe6, 0x1f, 0x1c, 0xbc, 0xd0, 0x75, 0xe3, 0xad,
-    0x1c, 0xae, 0xeb, 0x51, 0xcb, 0x99, 0x28, 0x40, 0x51, 0xce, 0xa4, 0x5a,
-    0x17, 0x06, 0xe9, 0x84, 0xe2, 0x7c, 0x32, 0x84, 0xfc, 0x1e, 0x87, 0xab,
-    0x68, 0xa6, 0xf1, 0x46,
-};
-static const struct drbg_kat_no_reseed kat168_nor_t = {
-    2, kat168_nor_entropyin, kat168_nor_nonce, kat168_nor_persstr,
-    kat168_nor_addin0, kat168_nor_addin1, kat168_nor_retbytes
-};
-static const struct drbg_kat kat168_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat168_nor_t
-};
-
-static const unsigned char kat169_nor_entropyin[] = {
-    0x19, 0xdb, 0x2d, 0xcd, 0xc5, 0x7d, 0xf2, 0x1e, 0x55, 0xb6, 0x56, 0x4e,
-    0xae, 0x47, 0x41, 0x0b,
-};
-static const unsigned char kat169_nor_nonce[] = {
-    0xeb, 0xec, 0x8e, 0xce, 0x62, 0xd3, 0x29, 0xb6,
-};
-static const unsigned char kat169_nor_persstr[] = {
-    0x80, 0xba, 0xec, 0xa8, 0x2b, 0x3b, 0xa2, 0x07, 0xb9, 0xf3, 0x75, 0x08,
-    0x38, 0xbd, 0xe4, 0x98,
-};
-static const unsigned char kat169_nor_addin0[] = {
-    0x5d, 0x74, 0xcd, 0xd7, 0xbc, 0xbe, 0x7b, 0xc9, 0x48, 0xb8, 0xf1, 0x3e,
-    0xfa, 0x83, 0x5a, 0xd4,
-};
-static const unsigned char kat169_nor_addin1[] = {
-    0x17, 0xbb, 0x7c, 0xb9, 0x1b, 0x48, 0x11, 0xa5, 0xe7, 0xdb, 0x26, 0x78,
-    0x4c, 0xbb, 0xc2, 0xe5,
-};
-static const unsigned char kat169_nor_retbytes[] = {
-    0x26, 0x54, 0xd9, 0x86, 0x67, 0xf7, 0x56, 0x15, 0xfb, 0x6c, 0x74, 0xd5,
-    0xb9, 0x0b, 0x62, 0x3c, 0xcc, 0xb9, 0x62, 0x49, 0xe1, 0x4e, 0x08, 0xe8,
-    0x8d, 0x1c, 0xb5, 0xe0, 0x90, 0x93, 0x26, 0xb6, 0x77, 0x67, 0xa5, 0x73,
-    0xe0, 0xa4, 0xd1, 0xdf, 0x05, 0x7f, 0x2d, 0xe7, 0xa4, 0x95, 0xde, 0xae,
-    0xcb, 0xeb, 0x7e, 0x25, 0xe3, 0xaa, 0x82, 0xde, 0x55, 0x59, 0x08, 0xbf,
-    0xe3, 0xcc, 0x6a, 0x85,
-};
-static const struct drbg_kat_no_reseed kat169_nor_t = {
-    3, kat169_nor_entropyin, kat169_nor_nonce, kat169_nor_persstr,
-    kat169_nor_addin0, kat169_nor_addin1, kat169_nor_retbytes
-};
-static const struct drbg_kat kat169_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat169_nor_t
-};
-
-static const unsigned char kat170_nor_entropyin[] = {
-    0x64, 0xd7, 0xb4, 0x2c, 0x52, 0x64, 0x33, 0x76, 0xd8, 0xa1, 0x1b, 0x0d,
-    0xa5, 0xcc, 0xa5, 0xe6,
-};
-static const unsigned char kat170_nor_nonce[] = {
-    0x6f, 0xeb, 0x03, 0x5f, 0x39, 0x14, 0x25, 0x14,
-};
-static const unsigned char kat170_nor_persstr[] = {
-    0x3f, 0x12, 0xa6, 0xf2, 0x40, 0x01, 0xb9, 0x8c, 0x1f, 0x24, 0xab, 0xcf,
-    0xab, 0x68, 0x95, 0x08,
-};
-static const unsigned char kat170_nor_addin0[] = {
-    0xfe, 0xe4, 0x82, 0xb1, 0xfe, 0xa0, 0x53, 0x65, 0xab, 0xa0, 0x7b, 0xc7,
-    0xc3, 0x35, 0x1c, 0x6d,
-};
-static const unsigned char kat170_nor_addin1[] = {
-    0xaf, 0x13, 0x59, 0x83, 0xab, 0x81, 0x13, 0x91, 0x45, 0x35, 0x13, 0x49,
-    0x18, 0x78, 0xb5, 0xb5,
-};
-static const unsigned char kat170_nor_retbytes[] = {
-    0x0c, 0x21, 0xf6, 0x97, 0xf1, 0xb0, 0x0d, 0x22, 0x83, 0xae, 0xe4, 0xe7,
-    0xb7, 0xe1, 0x01, 0x33, 0x38, 0x6a, 0xb0, 0xab, 0xfa, 0xdb, 0x5e, 0x14,
-    0xbf, 0xe5, 0xb4, 0x52, 0xa6, 0xd9, 0x17, 0x46, 0x2a, 0x7b, 0xd0, 0xed,
-    0xa0, 0x6f, 0xa1, 0x41, 0xb1, 0xbc, 0x3e, 0xab, 0x4f, 0x47, 0x73, 0xa2,
-    0x40, 0xbe, 0x73, 0x51, 0xe3, 0x2a, 0x1d, 0xab, 0xdd, 0xc5, 0x7b, 0xae,
-    0x02, 0xd2, 0x6c, 0xd2,
-};
-static const struct drbg_kat_no_reseed kat170_nor_t = {
-    4, kat170_nor_entropyin, kat170_nor_nonce, kat170_nor_persstr,
-    kat170_nor_addin0, kat170_nor_addin1, kat170_nor_retbytes
-};
-static const struct drbg_kat kat170_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat170_nor_t
-};
-
-static const unsigned char kat171_nor_entropyin[] = {
-    0xa5, 0x5a, 0x5a, 0x07, 0x29, 0xc3, 0x9e, 0xfb, 0xc8, 0x6c, 0xe6, 0x4d,
-    0x91, 0x51, 0x03, 0x4e,
-};
-static const unsigned char kat171_nor_nonce[] = {
-    0x10, 0xf1, 0x15, 0x57, 0x73, 0xfb, 0xcd, 0x3b,
-};
-static const unsigned char kat171_nor_persstr[] = {
-    0x6c, 0x6f, 0x3f, 0x77, 0x80, 0x15, 0xb2, 0xd3, 0x34, 0x92, 0x2e, 0x7a,
-    0x13, 0xea, 0xd6, 0xe6,
-};
-static const unsigned char kat171_nor_addin0[] = {
-    0x84, 0x10, 0x15, 0x5a, 0x9f, 0x4d, 0x40, 0xa3, 0x29, 0x8d, 0x5b, 0x0f,
-    0x42, 0xc0, 0xef, 0x46,
-};
-static const unsigned char kat171_nor_addin1[] = {
-    0xfd, 0x91, 0x1c, 0x8b, 0xb6, 0xff, 0x14, 0xe7, 0xd7, 0x6a, 0x61, 0x1a,
-    0xdd, 0xda, 0x72, 0x11,
-};
-static const unsigned char kat171_nor_retbytes[] = {
-    0x16, 0x5f, 0x07, 0xd1, 0x4b, 0xb1, 0xb3, 0x7b, 0xd9, 0xe0, 0x94, 0x9e,
-    0x7b, 0x0c, 0x0d, 0xfa, 0xdd, 0x06, 0x7a, 0xdf, 0x15, 0xb6, 0x6c, 0xb3,
-    0x96, 0xe6, 0x44, 0x4b, 0xcd, 0xf1, 0x1b, 0xc2, 0x34, 0xb0, 0xd5, 0x9b,
-    0x23, 0x17, 0x21, 0x4a, 0x9c, 0xde, 0x72, 0xe5, 0x32, 0xf3, 0x00, 0xc9,
-    0xd0, 0x90, 0x7f, 0xf5, 0x9e, 0x62, 0x12, 0x82, 0x6a, 0x92, 0x0f, 0xd9,
-    0x2b, 0x53, 0xad, 0xf7,
-};
-static const struct drbg_kat_no_reseed kat171_nor_t = {
-    5, kat171_nor_entropyin, kat171_nor_nonce, kat171_nor_persstr,
-    kat171_nor_addin0, kat171_nor_addin1, kat171_nor_retbytes
-};
-static const struct drbg_kat kat171_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat171_nor_t
-};
-
-static const unsigned char kat172_nor_entropyin[] = {
-    0x53, 0xea, 0x1b, 0xef, 0x71, 0x12, 0xfd, 0xcb, 0x15, 0x51, 0x36, 0x16,
-    0xae, 0x7e, 0x07, 0x03,
-};
-static const unsigned char kat172_nor_nonce[] = {
-    0xca, 0xac, 0x5b, 0x2f, 0xbf, 0x5b, 0xd1, 0xb8,
-};
-static const unsigned char kat172_nor_persstr[] = {
-    0x79, 0x04, 0x26, 0x8d, 0x84, 0x6f, 0x81, 0x41, 0xcd, 0x78, 0x3e, 0xcb,
-    0xa6, 0xef, 0xc9, 0x01,
-};
-static const unsigned char kat172_nor_addin0[] = {
-    0x03, 0x64, 0xae, 0xea, 0xf7, 0x42, 0x4c, 0x92, 0xc2, 0x61, 0x1f, 0x33,
-    0x86, 0xfb, 0xe3, 0x8a,
-};
-static const unsigned char kat172_nor_addin1[] = {
-    0x9c, 0x77, 0xd6, 0x80, 0xc5, 0xf2, 0x70, 0xae, 0xfa, 0x8a, 0x45, 0xb3,
-    0xe9, 0x35, 0x53, 0x30,
-};
-static const unsigned char kat172_nor_retbytes[] = {
-    0xe5, 0x6f, 0xa9, 0x81, 0x29, 0x23, 0x89, 0x0b, 0x94, 0x81, 0xee, 0x07,
-    0x80, 0xea, 0x23, 0xb2, 0x05, 0x94, 0x7e, 0x80, 0xf3, 0xe3, 0x8f, 0x55,
-    0xc2, 0x2d, 0xef, 0xce, 0x6c, 0xae, 0xa8, 0x4f, 0xd9, 0x85, 0x0f, 0x2c,
-    0x50, 0x9c, 0x51, 0x48, 0xe0, 0x1c, 0xd9, 0x77, 0x34, 0x8c, 0xc8, 0xb3,
-    0xcc, 0xab, 0xd3, 0xd7, 0x51, 0x5c, 0xc2, 0xca, 0x95, 0xd0, 0xbc, 0x13,
-    0x48, 0xba, 0xc5, 0xc2,
-};
-static const struct drbg_kat_no_reseed kat172_nor_t = {
-    6, kat172_nor_entropyin, kat172_nor_nonce, kat172_nor_persstr,
-    kat172_nor_addin0, kat172_nor_addin1, kat172_nor_retbytes
-};
-static const struct drbg_kat kat172_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat172_nor_t
-};
-
-static const unsigned char kat173_nor_entropyin[] = {
-    0x1f, 0xae, 0xf5, 0x93, 0x5c, 0xb8, 0x2d, 0x27, 0x08, 0x13, 0x25, 0x2c,
-    0x77, 0xef, 0x3d, 0x6c,
-};
-static const unsigned char kat173_nor_nonce[] = {
-    0x75, 0xf6, 0x8a, 0x1b, 0x65, 0x8c, 0x72, 0x77,
-};
-static const unsigned char kat173_nor_persstr[] = {
-    0x08, 0x15, 0xfa, 0x38, 0x8d, 0xb0, 0x3a, 0x89, 0x2d, 0xf4, 0x47, 0x4f,
-    0x19, 0xde, 0x31, 0xbc,
-};
-static const unsigned char kat173_nor_addin0[] = {
-    0x9f, 0x92, 0x23, 0xae, 0x37, 0x86, 0xd3, 0x8c, 0x43, 0xe0, 0xe9, 0x2a,
-    0xa1, 0xbf, 0x5e, 0x3f,
-};
-static const unsigned char kat173_nor_addin1[] = {
-    0x4d, 0x9c, 0x28, 0xcd, 0x69, 0x4e, 0x01, 0x6f, 0xaf, 0xbd, 0xe3, 0xcb,
-    0x30, 0x85, 0xb8, 0xd9,
-};
-static const unsigned char kat173_nor_retbytes[] = {
-    0xcd, 0x69, 0x3a, 0xab, 0x02, 0xec, 0x80, 0xa0, 0x4b, 0xeb, 0xcf, 0xef,
-    0x66, 0x04, 0x38, 0x4f, 0x48, 0xc8, 0xeb, 0x7d, 0x44, 0xd6, 0x91, 0xac,
-    0x35, 0xfb, 0x11, 0xe1, 0x81, 0x83, 0x88, 0x4b, 0x9e, 0x35, 0xd5, 0x8e,
-    0x62, 0xfc, 0x56, 0x7b, 0x9a, 0x3d, 0xa4, 0x0e, 0x3a, 0xee, 0xa7, 0x83,
-    0x11, 0x5e, 0x80, 0x19, 0x22, 0x09, 0x03, 0xab, 0x55, 0x9b, 0xe9, 0x83,
-    0x4c, 0x37, 0x77, 0x58,
-};
-static const struct drbg_kat_no_reseed kat173_nor_t = {
-    7, kat173_nor_entropyin, kat173_nor_nonce, kat173_nor_persstr,
-    kat173_nor_addin0, kat173_nor_addin1, kat173_nor_retbytes
-};
-static const struct drbg_kat kat173_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat173_nor_t
-};
-
-static const unsigned char kat174_nor_entropyin[] = {
-    0x0b, 0x8c, 0x52, 0x08, 0xd9, 0x11, 0x3c, 0xbe, 0x8a, 0x31, 0xcf, 0x3d,
-    0xe1, 0x43, 0x38, 0x1a,
-};
-static const unsigned char kat174_nor_nonce[] = {
-    0x44, 0x9e, 0xbf, 0x57, 0xb8, 0x2a, 0xa5, 0xcb,
-};
-static const unsigned char kat174_nor_persstr[] = {
-    0x7f, 0x60, 0x01, 0xd6, 0x0c, 0x31, 0xcf, 0x8a, 0x90, 0x4c, 0xb3, 0x18,
-    0xcb, 0x70, 0x04, 0x7b,
-};
-static const unsigned char kat174_nor_addin0[] = {
-    0x4f, 0xe0, 0x45, 0xed, 0xbb, 0x98, 0x16, 0x0a, 0x42, 0x63, 0x5b, 0x77,
-    0x79, 0x6e, 0x8a, 0x97,
-};
-static const unsigned char kat174_nor_addin1[] = {
-    0xd8, 0x96, 0x4e, 0x5f, 0xa8, 0x16, 0xea, 0x83, 0xd1, 0xa5, 0xab, 0xbd,
-    0x15, 0x68, 0xad, 0xaa,
-};
-static const unsigned char kat174_nor_retbytes[] = {
-    0xab, 0x1f, 0xba, 0xf1, 0x54, 0xa9, 0x07, 0x2b, 0x62, 0xc3, 0xd6, 0xbb,
-    0x9d, 0x01, 0x48, 0xac, 0xe4, 0xb4, 0xcd, 0xe0, 0x8d, 0x9a, 0x71, 0x2a,
-    0xa2, 0x94, 0x10, 0xab, 0x51, 0x4d, 0x03, 0xe3, 0x5d, 0xb3, 0xf4, 0x91,
-    0x80, 0x66, 0x73, 0x04, 0x18, 0x33, 0xa2, 0xeb, 0xeb, 0xe8, 0x70, 0x55,
-    0xf1, 0xf5, 0xfb, 0x64, 0xdd, 0x8e, 0x40, 0x8e, 0x3b, 0x99, 0x57, 0xd2,
-    0x1e, 0x66, 0xca, 0xa2,
-};
-static const struct drbg_kat_no_reseed kat174_nor_t = {
-    8, kat174_nor_entropyin, kat174_nor_nonce, kat174_nor_persstr,
-    kat174_nor_addin0, kat174_nor_addin1, kat174_nor_retbytes
-};
-static const struct drbg_kat kat174_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat174_nor_t
-};
-
-static const unsigned char kat175_nor_entropyin[] = {
-    0xae, 0x90, 0x6d, 0x89, 0x04, 0x15, 0x45, 0xc7, 0xef, 0x70, 0x71, 0xf5,
-    0x3e, 0xce, 0xea, 0x52,
-};
-static const unsigned char kat175_nor_nonce[] = {
-    0x1f, 0x4b, 0x28, 0x4c, 0x36, 0xaa, 0xe3, 0xba,
-};
-static const unsigned char kat175_nor_persstr[] = {
-    0xb9, 0x19, 0x98, 0xc3, 0x21, 0x83, 0x00, 0x6f, 0x7d, 0xf1, 0xc5, 0xd7,
-    0x1f, 0xba, 0xc5, 0x7b,
-};
-static const unsigned char kat175_nor_addin0[] = {
-    0x86, 0x47, 0x5c, 0xa2, 0xb4, 0x84, 0xb8, 0xc6, 0xf3, 0x3b, 0x11, 0x22,
-    0x8b, 0xc6, 0x65, 0x05,
-};
-static const unsigned char kat175_nor_addin1[] = {
-    0x0c, 0x34, 0xe0, 0xea, 0xe8, 0xfa, 0x94, 0xc2, 0x6c, 0xb5, 0x11, 0xc7,
-    0x9a, 0x49, 0x83, 0x3e,
-};
-static const unsigned char kat175_nor_retbytes[] = {
-    0x89, 0xeb, 0xf1, 0x81, 0x5e, 0x2c, 0x33, 0x32, 0x59, 0xd6, 0xaa, 0xa0,
-    0x07, 0xd1, 0x9c, 0xa5, 0xe0, 0x1e, 0x59, 0x87, 0x76, 0xac, 0x2a, 0xf5,
-    0x5a, 0xbf, 0x78, 0xc1, 0x1b, 0x4e, 0xd7, 0x44, 0xb6, 0xde, 0x87, 0x5a,
-    0x36, 0xf4, 0x52, 0xc2, 0x7a, 0xc4, 0xa0, 0xe6, 0x77, 0x93, 0x8b, 0x16,
-    0x1b, 0x2c, 0x00, 0xeb, 0x06, 0x59, 0xbd, 0xf2, 0xdc, 0x42, 0x5a, 0x89,
-    0xa2, 0x4a, 0xff, 0xd0,
-};
-static const struct drbg_kat_no_reseed kat175_nor_t = {
-    9, kat175_nor_entropyin, kat175_nor_nonce, kat175_nor_persstr,
-    kat175_nor_addin0, kat175_nor_addin1, kat175_nor_retbytes
-};
-static const struct drbg_kat kat175_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat175_nor_t
-};
-
-static const unsigned char kat176_nor_entropyin[] = {
-    0x1d, 0x0e, 0x60, 0xe6, 0x80, 0x17, 0x40, 0x42, 0x1d, 0x29, 0xf6, 0x5a,
-    0x60, 0x60, 0x6c, 0x1b,
-};
-static const unsigned char kat176_nor_nonce[] = {
-    0x37, 0x03, 0x36, 0xdb, 0x08, 0x35, 0xe9, 0x1a,
-};
-static const unsigned char kat176_nor_persstr[] = {
-    0x7a, 0x27, 0x3b, 0x4d, 0x99, 0x75, 0x35, 0x11, 0xfc, 0xf3, 0x4f, 0x3b,
-    0x1b, 0xb2, 0x9e, 0x16,
-};
-static const unsigned char kat176_nor_addin0[] = {
-    0xd6, 0x44, 0xcb, 0x46, 0xe0, 0x1c, 0x07, 0x12, 0xef, 0x9d, 0xa4, 0xed,
-    0xe5, 0xca, 0x40, 0x7c,
-};
-static const unsigned char kat176_nor_addin1[] = {
-    0x5c, 0x99, 0x05, 0x45, 0xee, 0xaf, 0x59, 0xde, 0x4d, 0x34, 0x9a, 0xe6,
-    0x66, 0x1f, 0x70, 0x41,
-};
-static const unsigned char kat176_nor_retbytes[] = {
-    0xda, 0xd5, 0x03, 0xe7, 0x20, 0x96, 0x02, 0xa8, 0x6f, 0x18, 0xd0, 0x1a,
-    0x2b, 0x05, 0x15, 0xb4, 0xb3, 0xd4, 0xa4, 0xc0, 0x37, 0xaf, 0x71, 0x86,
-    0xec, 0xba, 0x25, 0xdc, 0xb7, 0x81, 0xd9, 0x73, 0x11, 0x81, 0x0f, 0x98,
-    0xc1, 0x7c, 0x34, 0x17, 0x30, 0x61, 0xab, 0x78, 0xec, 0xcb, 0xd4, 0x91,
-    0x85, 0xcf, 0x5d, 0x4f, 0xb9, 0x1d, 0xff, 0xf4, 0xb0, 0xb6, 0x53, 0xdc,
-    0x15, 0x89, 0x92, 0x29,
-};
-static const struct drbg_kat_no_reseed kat176_nor_t = {
-    10, kat176_nor_entropyin, kat176_nor_nonce, kat176_nor_persstr,
-    kat176_nor_addin0, kat176_nor_addin1, kat176_nor_retbytes
-};
-static const struct drbg_kat kat176_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat176_nor_t
-};
-
-static const unsigned char kat177_nor_entropyin[] = {
-    0x67, 0x58, 0x85, 0x38, 0x3c, 0x6b, 0x3b, 0x00, 0x8e, 0x88, 0x49, 0x37,
-    0xed, 0xa7, 0x7b, 0xe8,
-};
-static const unsigned char kat177_nor_nonce[] = {
-    0xb9, 0x1c, 0x7c, 0x06, 0x87, 0x85, 0x32, 0xf2,
-};
-static const unsigned char kat177_nor_persstr[] = {
-    0x12, 0xce, 0x97, 0xb4, 0x0a, 0x1b, 0xcd, 0xe5, 0x03, 0x90, 0xe3, 0x15,
-    0xcd, 0x91, 0x1d, 0x53,
-};
-static const unsigned char kat177_nor_addin0[] = {
-    0x10, 0x58, 0x43, 0x4c, 0xf9, 0xb3, 0x8f, 0xd7, 0x2a, 0x14, 0x0c, 0xf0,
-    0x94, 0x24, 0x36, 0xe3,
-};
-static const unsigned char kat177_nor_addin1[] = {
-    0x59, 0x8b, 0xf8, 0x01, 0x43, 0x39, 0x82, 0x09, 0x66, 0xd9, 0x4b, 0xe1,
-    0xe2, 0xe9, 0xc8, 0x55,
-};
-static const unsigned char kat177_nor_retbytes[] = {
-    0x45, 0x48, 0x8c, 0xa0, 0xe2, 0xf2, 0x83, 0xf1, 0x74, 0x1b, 0xcb, 0xf4,
-    0x9a, 0x79, 0x36, 0x54, 0x59, 0x07, 0x52, 0x49, 0xe1, 0xc4, 0x17, 0x77,
-    0xf3, 0xe0, 0x08, 0xd8, 0x02, 0x0e, 0xe1, 0xf5, 0x98, 0xac, 0xa0, 0xad,
-    0x26, 0xed, 0xcd, 0x92, 0x0c, 0x85, 0x59, 0xd0, 0xea, 0xf7, 0xcc, 0x5d,
-    0x5a, 0x71, 0x44, 0x37, 0xc0, 0x45, 0x81, 0xa6, 0x4c, 0x74, 0x99, 0xe5,
-    0xf0, 0xbe, 0x08, 0x9c,
-};
-static const struct drbg_kat_no_reseed kat177_nor_t = {
-    11, kat177_nor_entropyin, kat177_nor_nonce, kat177_nor_persstr,
-    kat177_nor_addin0, kat177_nor_addin1, kat177_nor_retbytes
-};
-static const struct drbg_kat kat177_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat177_nor_t
-};
-
-static const unsigned char kat178_nor_entropyin[] = {
-    0x71, 0x23, 0x93, 0xa9, 0xf4, 0xa1, 0xb0, 0xbb, 0xab, 0xf4, 0xf4, 0x96,
-    0xe8, 0x17, 0x0a, 0xdc,
-};
-static const unsigned char kat178_nor_nonce[] = {
-    0x0f, 0x59, 0x0c, 0x32, 0x39, 0xc6, 0xcf, 0x47,
-};
-static const unsigned char kat178_nor_persstr[] = {
-    0xb7, 0x2b, 0x40, 0x97, 0xa9, 0xfb, 0x3d, 0x45, 0xbb, 0x06, 0x24, 0x15,
-    0xb6, 0xf2, 0xdf, 0xb1,
-};
-static const unsigned char kat178_nor_addin0[] = {
-    0xe2, 0x7a, 0xde, 0x7c, 0x11, 0x86, 0x56, 0x55, 0x3f, 0x06, 0xec, 0x20,
-    0x19, 0x9b, 0x53, 0x70,
-};
-static const unsigned char kat178_nor_addin1[] = {
-    0x4e, 0xb4, 0xfd, 0xa3, 0xff, 0xda, 0xd4, 0xf9, 0xdd, 0xaf, 0xd0, 0xd0,
-    0xbf, 0xec, 0xd4, 0x44,
-};
-static const unsigned char kat178_nor_retbytes[] = {
-    0x04, 0x49, 0xa8, 0x2a, 0x31, 0x7e, 0x22, 0xe5, 0xa7, 0xa6, 0x68, 0x4d,
-    0x08, 0xb8, 0xf6, 0x3e, 0x02, 0xd8, 0xb9, 0x08, 0x5d, 0x61, 0x9a, 0xb5,
-    0x6c, 0xde, 0x52, 0x2c, 0x86, 0x67, 0xd5, 0xf8, 0x8b, 0x2e, 0xa8, 0x83,
-    0x03, 0x29, 0x49, 0x1a, 0x5e, 0xa8, 0x28, 0xe0, 0xa3, 0x66, 0xae, 0x7e,
-    0x84, 0xf2, 0xcd, 0xee, 0x69, 0x8a, 0x92, 0x41, 0x18, 0x88, 0x83, 0xbe,
-    0x00, 0xc5, 0x33, 0xe8,
-};
-static const struct drbg_kat_no_reseed kat178_nor_t = {
-    12, kat178_nor_entropyin, kat178_nor_nonce, kat178_nor_persstr,
-    kat178_nor_addin0, kat178_nor_addin1, kat178_nor_retbytes
-};
-static const struct drbg_kat kat178_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat178_nor_t
-};
-
-static const unsigned char kat179_nor_entropyin[] = {
-    0x57, 0x66, 0x40, 0xf9, 0x76, 0xa6, 0x28, 0xb0, 0x9e, 0x98, 0xaf, 0x48,
-    0x3b, 0x64, 0x5e, 0x56,
-};
-static const unsigned char kat179_nor_nonce[] = {
-    0x82, 0x2e, 0x8a, 0x10, 0xdf, 0x06, 0xd0, 0xfe,
-};
-static const unsigned char kat179_nor_persstr[] = {
-    0x6d, 0x6a, 0x6f, 0x68, 0xbb, 0x38, 0x1c, 0x29, 0x1f, 0x3f, 0xa6, 0x21,
-    0xd6, 0xab, 0x64, 0xb2,
-};
-static const unsigned char kat179_nor_addin0[] = {
-    0xb0, 0x5f, 0x14, 0xe4, 0x1f, 0x54, 0x33, 0x8c, 0x44, 0x15, 0xa5, 0xb5,
-    0xc8, 0xc5, 0x61, 0x99,
-};
-static const unsigned char kat179_nor_addin1[] = {
-    0xc6, 0x84, 0x7c, 0x9e, 0xd7, 0x4c, 0x86, 0x9a, 0xc4, 0xa5, 0x6f, 0xf2,
-    0xd0, 0x95, 0x6d, 0x6b,
-};
-static const unsigned char kat179_nor_retbytes[] = {
-    0x5c, 0x6a, 0x7e, 0x58, 0xea, 0xcf, 0xa5, 0x8d, 0xca, 0x93, 0x99, 0xa3,
-    0xf9, 0xb6, 0xcb, 0x41, 0xd2, 0xbc, 0x24, 0xf6, 0x72, 0x58, 0x7d, 0xb2,
-    0x29, 0xbf, 0x22, 0x20, 0xc2, 0x85, 0x13, 0x47, 0xd4, 0x7d, 0xa1, 0xca,
-    0x0a, 0x6a, 0x13, 0x77, 0x96, 0x05, 0xdb, 0x90, 0xd9, 0x1a, 0x61, 0x48,
-    0x88, 0x18, 0xd3, 0x3b, 0x2a, 0x4a, 0xd6, 0x74, 0x09, 0x00, 0x68, 0x5f,
-    0x8e, 0xc6, 0x13, 0x6f,
-};
-static const struct drbg_kat_no_reseed kat179_nor_t = {
-    13, kat179_nor_entropyin, kat179_nor_nonce, kat179_nor_persstr,
-    kat179_nor_addin0, kat179_nor_addin1, kat179_nor_retbytes
-};
-static const struct drbg_kat kat179_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat179_nor_t
-};
-
-static const unsigned char kat180_nor_entropyin[] = {
-    0x69, 0x65, 0x03, 0xc8, 0x48, 0x60, 0x51, 0x87, 0x84, 0xdd, 0x4c, 0x6c,
-    0x31, 0x71, 0x0f, 0x43,
-};
-static const unsigned char kat180_nor_nonce[] = {
-    0xee, 0x52, 0xc0, 0xa4, 0xcd, 0x90, 0xdf, 0x1e,
-};
-static const unsigned char kat180_nor_persstr[] = {
-    0x9a, 0x08, 0xd6, 0xb4, 0x80, 0xef, 0x3a, 0xc2, 0x00, 0xa1, 0x30, 0x87,
-    0x8d, 0x80, 0xd0, 0x79,
-};
-static const unsigned char kat180_nor_addin0[] = {
-    0x5c, 0x51, 0x31, 0x59, 0x7b, 0xd3, 0xab, 0x02, 0x5c, 0xa0, 0x05, 0x79,
-    0xc8, 0x6f, 0xfd, 0xed,
-};
-static const unsigned char kat180_nor_addin1[] = {
-    0xa8, 0xcc, 0x33, 0xc8, 0x51, 0xee, 0x11, 0xe4, 0x70, 0x1a, 0x32, 0x19,
-    0x7b, 0x61, 0x76, 0x23,
-};
-static const unsigned char kat180_nor_retbytes[] = {
-    0x9a, 0xfd, 0xc4, 0x54, 0xf5, 0xc2, 0xce, 0x29, 0x95, 0xfc, 0x7c, 0xcf,
-    0xb4, 0xe8, 0x67, 0x1a, 0x4b, 0x27, 0xdf, 0xcb, 0x1c, 0x02, 0xfe, 0xc6,
-    0x07, 0xaa, 0xfc, 0x64, 0x22, 0x65, 0x70, 0x96, 0xce, 0x18, 0x14, 0x10,
-    0x1b, 0x8a, 0x74, 0x3e, 0x2d, 0x4a, 0x2c, 0x4e, 0x2e, 0x8d, 0xa2, 0x57,
-    0x57, 0x8d, 0xe7, 0x10, 0x54, 0x12, 0xf3, 0x52, 0xa4, 0xcd, 0x14, 0xaf,
-    0x7d, 0xb0, 0xeb, 0x03,
-};
-static const struct drbg_kat_no_reseed kat180_nor_t = {
-    14, kat180_nor_entropyin, kat180_nor_nonce, kat180_nor_persstr,
-    kat180_nor_addin0, kat180_nor_addin1, kat180_nor_retbytes
-};
-static const struct drbg_kat kat180_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat180_nor_t
-};
-
-static const unsigned char kat181_nor_entropyin[] = {
-    0x6b, 0xdf, 0x53, 0x32, 0xbd, 0xce, 0x46, 0x55, 0xd4, 0x5c, 0x2c, 0xfe,
-    0xa8, 0x97, 0xb0, 0x00,
-};
-static const unsigned char kat181_nor_nonce[] = {
-    0xe7, 0x8c, 0x55, 0x71, 0xc5, 0xf9, 0x26, 0xf9,
-};
-static const unsigned char kat181_nor_persstr[] = {0};
-static const unsigned char kat181_nor_addin0[] = {0};
-static const unsigned char kat181_nor_addin1[] = {0};
-static const unsigned char kat181_nor_retbytes[] = {
-    0xe0, 0x71, 0x56, 0x88, 0x76, 0x5a, 0x32, 0x85, 0xe7, 0xb7, 0xdb, 0x55,
-    0x5f, 0x27, 0x79, 0x24, 0xe7, 0x17, 0x1f, 0x75, 0x41, 0xbf, 0x26, 0x12,
-    0x2b, 0x13, 0xdb, 0xaa, 0xa3, 0x9f, 0x9e, 0x2b, 0x03, 0x45, 0xc6, 0x59,
-    0x58, 0x3f, 0xf8, 0xc9, 0xcf, 0xd8, 0x88, 0xf1, 0xab, 0xd2, 0xf3, 0xb3,
-    0x6a, 0x7c, 0x9d, 0x47, 0xc6, 0x87, 0xb0, 0x1c, 0x81, 0x9a, 0x9f, 0x98,
-    0x88, 0x54, 0x2e, 0x0f,
-};
-static const struct drbg_kat_no_reseed kat181_nor_t = {
-    0, kat181_nor_entropyin, kat181_nor_nonce, kat181_nor_persstr,
-    kat181_nor_addin0, kat181_nor_addin1, kat181_nor_retbytes
-};
-static const struct drbg_kat kat181_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat181_nor_t
-};
-
-static const unsigned char kat182_nor_entropyin[] = {
-    0xa4, 0x73, 0x7d, 0x48, 0xa8, 0x93, 0x25, 0x07, 0x85, 0x79, 0xe6, 0x49,
-    0xe2, 0xfa, 0x65, 0xeb,
-};
-static const unsigned char kat182_nor_nonce[] = {
-    0x6a, 0x79, 0x9a, 0x7a, 0x2f, 0x13, 0xe8, 0x13,
-};
-static const unsigned char kat182_nor_persstr[] = {0};
-static const unsigned char kat182_nor_addin0[] = {0};
-static const unsigned char kat182_nor_addin1[] = {0};
-static const unsigned char kat182_nor_retbytes[] = {
-    0x75, 0x2a, 0x91, 0x6d, 0x98, 0x05, 0x18, 0xd9, 0xe7, 0xe4, 0x75, 0x99,
-    0x06, 0x6b, 0x45, 0x71, 0x46, 0x61, 0xf3, 0x41, 0x59, 0xf0, 0xc8, 0xce,
-    0xa8, 0xda, 0xbd, 0x59, 0x6a, 0x06, 0x6a, 0xff, 0x7a, 0xe6, 0xc2, 0x1e,
-    0x69, 0xa3, 0x56, 0xdd, 0x2e, 0xe0, 0xda, 0x55, 0x42, 0x9c, 0x67, 0x5a,
-    0xa6, 0xfa, 0x09, 0x00, 0x17, 0x3f, 0x54, 0x77, 0xcd, 0x7f, 0xd6, 0x49,
-    0xea, 0xe0, 0xc9, 0x9a,
-};
-static const struct drbg_kat_no_reseed kat182_nor_t = {
-    1, kat182_nor_entropyin, kat182_nor_nonce, kat182_nor_persstr,
-    kat182_nor_addin0, kat182_nor_addin1, kat182_nor_retbytes
-};
-static const struct drbg_kat kat182_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat182_nor_t
-};
-
-static const unsigned char kat183_nor_entropyin[] = {
-    0x99, 0xb4, 0xe9, 0xe5, 0xba, 0xaa, 0x99, 0xbf, 0x8b, 0x8a, 0x0c, 0x2c,
-    0xfd, 0x9a, 0x89, 0xce,
-};
-static const unsigned char kat183_nor_nonce[] = {
-    0xf4, 0x8b, 0x31, 0x29, 0x41, 0xd3, 0x55, 0x4d,
-};
-static const unsigned char kat183_nor_persstr[] = {0};
-static const unsigned char kat183_nor_addin0[] = {0};
-static const unsigned char kat183_nor_addin1[] = {0};
-static const unsigned char kat183_nor_retbytes[] = {
-    0x85, 0xcf, 0x14, 0x8c, 0x65, 0xec, 0xe7, 0x52, 0x5d, 0xea, 0x96, 0x34,
-    0x4d, 0xa6, 0x45, 0x11, 0x99, 0x49, 0x21, 0x85, 0xc8, 0xb8, 0xdf, 0xff,
-    0x50, 0x0d, 0xdd, 0x68, 0xca, 0xab, 0x50, 0xbd, 0x74, 0x18, 0x66, 0x93,
-    0x7a, 0x50, 0x1a, 0xf8, 0x76, 0xae, 0x84, 0x9b, 0x5b, 0x1b, 0x53, 0x30,
-    0xde, 0x65, 0xeb, 0xf3, 0x8e, 0x9d, 0x55, 0x96, 0x93, 0xfa, 0xe8, 0x05,
-    0xcc, 0xc9, 0xaa, 0xed,
-};
-static const struct drbg_kat_no_reseed kat183_nor_t = {
-    2, kat183_nor_entropyin, kat183_nor_nonce, kat183_nor_persstr,
-    kat183_nor_addin0, kat183_nor_addin1, kat183_nor_retbytes
-};
-static const struct drbg_kat kat183_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat183_nor_t
-};
-
-static const unsigned char kat184_nor_entropyin[] = {
-    0x7c, 0x1e, 0xf8, 0x46, 0xe7, 0xf3, 0xa7, 0xcf, 0xe5, 0xc7, 0xbb, 0x47,
-    0xe4, 0x6a, 0xa0, 0xe8,
-};
-static const unsigned char kat184_nor_nonce[] = {
-    0x78, 0xeb, 0x00, 0x29, 0x55, 0xd2, 0x70, 0xd3,
-};
-static const unsigned char kat184_nor_persstr[] = {0};
-static const unsigned char kat184_nor_addin0[] = {0};
-static const unsigned char kat184_nor_addin1[] = {0};
-static const unsigned char kat184_nor_retbytes[] = {
-    0xb7, 0x39, 0xf9, 0x53, 0x39, 0xe8, 0x3f, 0xe8, 0xa3, 0x39, 0x16, 0x2f,
-    0x1e, 0x96, 0xcc, 0x82, 0xb6, 0x7a, 0xf4, 0x17, 0x59, 0xf4, 0x83, 0x06,
-    0x4e, 0x61, 0xa0, 0x39, 0x13, 0x7a, 0xf0, 0x7d, 0x93, 0x4a, 0x0e, 0xb7,
-    0xca, 0x72, 0x84, 0xc1, 0x46, 0x86, 0xca, 0x04, 0x88, 0x95, 0x3e, 0xe4,
-    0x40, 0xf6, 0xcd, 0x11, 0x45, 0xd0, 0x76, 0x6f, 0x4f, 0xf1, 0xc7, 0x7b,
-    0x0d, 0x81, 0xd3, 0x61,
-};
-static const struct drbg_kat_no_reseed kat184_nor_t = {
-    3, kat184_nor_entropyin, kat184_nor_nonce, kat184_nor_persstr,
-    kat184_nor_addin0, kat184_nor_addin1, kat184_nor_retbytes
-};
-static const struct drbg_kat kat184_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat184_nor_t
-};
-
-static const unsigned char kat185_nor_entropyin[] = {
-    0x6f, 0x75, 0x0f, 0xb7, 0x3f, 0xbc, 0xb6, 0xdb, 0x57, 0x50, 0x6c, 0xf2,
-    0xde, 0xfa, 0xf6, 0xd4,
-};
-static const unsigned char kat185_nor_nonce[] = {
-    0xa5, 0x2c, 0x92, 0x97, 0xe0, 0x2f, 0x42, 0x55,
-};
-static const unsigned char kat185_nor_persstr[] = {0};
-static const unsigned char kat185_nor_addin0[] = {0};
-static const unsigned char kat185_nor_addin1[] = {0};
-static const unsigned char kat185_nor_retbytes[] = {
-    0x0c, 0xa7, 0x48, 0xfc, 0xb3, 0xba, 0x23, 0xbd, 0x04, 0x3f, 0x48, 0x50,
-    0x75, 0x85, 0x42, 0x52, 0x34, 0xec, 0x4a, 0x0f, 0x35, 0x0e, 0xfd, 0xcc,
-    0x87, 0xf9, 0x06, 0x2c, 0x8a, 0xe0, 0xcf, 0x1e, 0x03, 0x3b, 0x7d, 0xf8,
-    0x35, 0x7f, 0x5b, 0x0e, 0x4f, 0x7c, 0x21, 0xd4, 0xfb, 0xdc, 0xf8, 0x9c,
-    0xe0, 0x19, 0x9c, 0x25, 0x79, 0x02, 0x70, 0xfe, 0x67, 0xff, 0xee, 0xc2,
-    0x6c, 0xfc, 0x4d, 0x18,
-};
-static const struct drbg_kat_no_reseed kat185_nor_t = {
-    4, kat185_nor_entropyin, kat185_nor_nonce, kat185_nor_persstr,
-    kat185_nor_addin0, kat185_nor_addin1, kat185_nor_retbytes
-};
-static const struct drbg_kat kat185_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat185_nor_t
-};
-
-static const unsigned char kat186_nor_entropyin[] = {
-    0x44, 0xb6, 0xc3, 0x9a, 0x3a, 0xf6, 0xa4, 0x73, 0x14, 0x8e, 0x32, 0xd9,
-    0x79, 0x2b, 0x9e, 0xee,
-};
-static const unsigned char kat186_nor_nonce[] = {
-    0xde, 0x44, 0xdd, 0x36, 0x00, 0x3e, 0x48, 0x22,
-};
-static const unsigned char kat186_nor_persstr[] = {0};
-static const unsigned char kat186_nor_addin0[] = {0};
-static const unsigned char kat186_nor_addin1[] = {0};
-static const unsigned char kat186_nor_retbytes[] = {
-    0x10, 0x12, 0x20, 0x08, 0x7c, 0xa7, 0x70, 0xe4, 0x57, 0x4f, 0xd0, 0x5b,
-    0x2e, 0x88, 0x85, 0x1b, 0x48, 0x09, 0xcf, 0x21, 0xe6, 0x5e, 0xb0, 0xe3,
-    0xd1, 0xec, 0xda, 0x29, 0xaa, 0xcf, 0x2d, 0x93, 0xe7, 0x5d, 0x79, 0x3b,
-    0x99, 0x24, 0xae, 0xdd, 0x9b, 0x9a, 0x38, 0x84, 0x4d, 0xb4, 0x30, 0x47,
-    0x0d, 0x01, 0x5d, 0xa6, 0x04, 0x18, 0x75, 0x3f, 0x2e, 0x3c, 0x6a, 0x15,
-    0xf5, 0x58, 0xf4, 0xa9,
-};
-static const struct drbg_kat_no_reseed kat186_nor_t = {
-    5, kat186_nor_entropyin, kat186_nor_nonce, kat186_nor_persstr,
-    kat186_nor_addin0, kat186_nor_addin1, kat186_nor_retbytes
-};
-static const struct drbg_kat kat186_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat186_nor_t
-};
-
-static const unsigned char kat187_nor_entropyin[] = {
-    0xe4, 0xd1, 0xff, 0x1c, 0x3c, 0xd2, 0x78, 0x49, 0xa2, 0x97, 0xe5, 0xa9,
-    0x8e, 0xde, 0x08, 0x6a,
-};
-static const unsigned char kat187_nor_nonce[] = {
-    0xf8, 0x9d, 0x58, 0xb0, 0x61, 0x7e, 0x5d, 0x10,
-};
-static const unsigned char kat187_nor_persstr[] = {0};
-static const unsigned char kat187_nor_addin0[] = {0};
-static const unsigned char kat187_nor_addin1[] = {0};
-static const unsigned char kat187_nor_retbytes[] = {
-    0x54, 0xc4, 0x67, 0x97, 0xa3, 0x8e, 0x11, 0xc5, 0x43, 0x47, 0x78, 0x09,
-    0xd9, 0xd6, 0xed, 0x0a, 0xe4, 0x02, 0x02, 0x85, 0xed, 0xf9, 0x9e, 0x7e,
-    0xc9, 0x45, 0xcf, 0xcf, 0x21, 0xdd, 0xaa, 0x6d, 0x9a, 0x71, 0x85, 0x6b,
-    0xdb, 0xd6, 0x61, 0x3b, 0xf8, 0xe9, 0x7e, 0x0a, 0xf8, 0xd3, 0xc4, 0xce,
-    0xdd, 0x0d, 0xfc, 0xfb, 0x47, 0x42, 0xa2, 0xef, 0x0a, 0x44, 0x3e, 0xf8,
-    0x78, 0x96, 0x0e, 0x6f,
-};
-static const struct drbg_kat_no_reseed kat187_nor_t = {
-    6, kat187_nor_entropyin, kat187_nor_nonce, kat187_nor_persstr,
-    kat187_nor_addin0, kat187_nor_addin1, kat187_nor_retbytes
-};
-static const struct drbg_kat kat187_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat187_nor_t
-};
-
-static const unsigned char kat188_nor_entropyin[] = {
-    0x15, 0x14, 0xbe, 0x70, 0x6e, 0x4c, 0x16, 0x72, 0x90, 0x55, 0x06, 0xb0,
-    0xc5, 0x53, 0x47, 0xf2,
-};
-static const unsigned char kat188_nor_nonce[] = {
-    0xad, 0x8d, 0x88, 0x9f, 0x2b, 0x91, 0xa6, 0xdd,
-};
-static const unsigned char kat188_nor_persstr[] = {0};
-static const unsigned char kat188_nor_addin0[] = {0};
-static const unsigned char kat188_nor_addin1[] = {0};
-static const unsigned char kat188_nor_retbytes[] = {
-    0xb3, 0x64, 0x4a, 0x6d, 0x16, 0x34, 0x0e, 0xf8, 0xb2, 0x8a, 0xd0, 0x6f,
-    0x4c, 0xbf, 0xd5, 0xe7, 0x99, 0xf0, 0x80, 0xd4, 0xb2, 0xf8, 0x31, 0xfd,
-    0x90, 0xb3, 0x13, 0xc8, 0x62, 0xd5, 0x76, 0x3d, 0x22, 0xb1, 0x21, 0x7f,
-    0xe3, 0xd4, 0xf0, 0x7c, 0x00, 0x6a, 0x39, 0x89, 0x5d, 0x46, 0xd5, 0x24,
-    0x70, 0xb3, 0xf8, 0xb7, 0x75, 0x21, 0xe1, 0x41, 0xf6, 0x8b, 0x06, 0xb5,
-    0x4c, 0x38, 0x66, 0x6f,
-};
-static const struct drbg_kat_no_reseed kat188_nor_t = {
-    7, kat188_nor_entropyin, kat188_nor_nonce, kat188_nor_persstr,
-    kat188_nor_addin0, kat188_nor_addin1, kat188_nor_retbytes
-};
-static const struct drbg_kat kat188_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat188_nor_t
-};
-
-static const unsigned char kat189_nor_entropyin[] = {
-    0x83, 0x35, 0xa4, 0x33, 0xa8, 0x0d, 0x5a, 0x3e, 0x8a, 0xb1, 0xf7, 0x38,
-    0x55, 0xf9, 0x7a, 0x9b,
-};
-static const unsigned char kat189_nor_nonce[] = {
-    0x02, 0x62, 0xb4, 0x7c, 0x2a, 0xb5, 0xfc, 0xba,
-};
-static const unsigned char kat189_nor_persstr[] = {0};
-static const unsigned char kat189_nor_addin0[] = {0};
-static const unsigned char kat189_nor_addin1[] = {0};
-static const unsigned char kat189_nor_retbytes[] = {
-    0x66, 0xa0, 0x3a, 0x0b, 0x3b, 0x2e, 0xf8, 0xd0, 0x4e, 0x01, 0xda, 0x6e,
-    0x31, 0xbc, 0x90, 0x02, 0xeb, 0xac, 0xa9, 0x8d, 0x63, 0xfd, 0xde, 0xb0,
-    0x7f, 0xa3, 0xe0, 0x65, 0x0a, 0x32, 0xe1, 0x42, 0xfc, 0xab, 0x99, 0x63,
-    0xf0, 0x6b, 0xa8, 0x8c, 0xd5, 0x8b, 0xe7, 0x5a, 0x99, 0xdf, 0xa1, 0x3b,
-    0x4f, 0x8f, 0xea, 0xe6, 0xf8, 0x4c, 0xe2, 0xde, 0x4d, 0x20, 0x19, 0x92,
-    0x23, 0x1f, 0xf3, 0xb8,
-};
-static const struct drbg_kat_no_reseed kat189_nor_t = {
-    8, kat189_nor_entropyin, kat189_nor_nonce, kat189_nor_persstr,
-    kat189_nor_addin0, kat189_nor_addin1, kat189_nor_retbytes
-};
-static const struct drbg_kat kat189_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat189_nor_t
-};
-
-static const unsigned char kat190_nor_entropyin[] = {
-    0x37, 0xfa, 0xeb, 0x0b, 0x3f, 0x85, 0x37, 0x2c, 0xcb, 0x44, 0x22, 0xe3,
-    0x66, 0x90, 0xe9, 0x6c,
-};
-static const unsigned char kat190_nor_nonce[] = {
-    0xda, 0x16, 0x5c, 0x92, 0xd5, 0xfa, 0xaa, 0x3a,
-};
-static const unsigned char kat190_nor_persstr[] = {0};
-static const unsigned char kat190_nor_addin0[] = {0};
-static const unsigned char kat190_nor_addin1[] = {0};
-static const unsigned char kat190_nor_retbytes[] = {
-    0x47, 0x75, 0x15, 0x90, 0x25, 0xd5, 0xb8, 0x82, 0xf3, 0x7c, 0x7e, 0xdb,
-    0x8d, 0x89, 0xb3, 0x8a, 0xcb, 0x14, 0xa0, 0x28, 0x39, 0x80, 0x2c, 0x37,
-    0x7a, 0xc4, 0x82, 0xf8, 0xc6, 0xb5, 0x9a, 0xd6, 0x9c, 0x7d, 0x67, 0x55,
-    0x6b, 0xc4, 0x1c, 0xc3, 0x22, 0xd9, 0xcd, 0x75, 0x03, 0x2a, 0xf5, 0x27,
-    0x15, 0xb3, 0x60, 0x2f, 0x24, 0xc2, 0xb0, 0x99, 0x84, 0x0e, 0xab, 0x00,
-    0xb7, 0x42, 0x93, 0xad,
-};
-static const struct drbg_kat_no_reseed kat190_nor_t = {
-    9, kat190_nor_entropyin, kat190_nor_nonce, kat190_nor_persstr,
-    kat190_nor_addin0, kat190_nor_addin1, kat190_nor_retbytes
-};
-static const struct drbg_kat kat190_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat190_nor_t
-};
-
-static const unsigned char kat191_nor_entropyin[] = {
-    0xb6, 0x83, 0x0f, 0x64, 0xe4, 0x73, 0x88, 0xa9, 0xc3, 0xc6, 0x4a, 0xa0,
-    0xbe, 0x70, 0x84, 0x51,
-};
-static const unsigned char kat191_nor_nonce[] = {
-    0x5c, 0xd4, 0x30, 0x34, 0xc9, 0x89, 0xda, 0x56,
-};
-static const unsigned char kat191_nor_persstr[] = {0};
-static const unsigned char kat191_nor_addin0[] = {0};
-static const unsigned char kat191_nor_addin1[] = {0};
-static const unsigned char kat191_nor_retbytes[] = {
-    0xe1, 0x2f, 0x1e, 0x9f, 0xd9, 0x0e, 0x4f, 0x16, 0x6a, 0x13, 0xa4, 0xd3,
-    0x5f, 0x90, 0x91, 0xa9, 0x74, 0x44, 0x32, 0x91, 0xff, 0xae, 0x44, 0x02,
-    0xcb, 0xcd, 0x9a, 0x24, 0x89, 0x3b, 0x77, 0x09, 0x6b, 0x0a, 0x00, 0xdb,
-    0x20, 0xe4, 0x32, 0x88, 0x62, 0x61, 0x39, 0xf7, 0xc1, 0x76, 0x7f, 0x6e,
-    0x7f, 0xfe, 0xe9, 0x02, 0x2d, 0xde, 0x41, 0xb4, 0x78, 0x48, 0x5e, 0xe9,
-    0x12, 0x5f, 0x3e, 0xb8,
-};
-static const struct drbg_kat_no_reseed kat191_nor_t = {
-    10, kat191_nor_entropyin, kat191_nor_nonce, kat191_nor_persstr,
-    kat191_nor_addin0, kat191_nor_addin1, kat191_nor_retbytes
-};
-static const struct drbg_kat kat191_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat191_nor_t
-};
-
-static const unsigned char kat192_nor_entropyin[] = {
-    0xf7, 0x1a, 0x01, 0xef, 0x00, 0xb3, 0xd6, 0x13, 0x46, 0x07, 0xdf, 0xc5,
-    0x73, 0x25, 0xf6, 0x87,
-};
-static const unsigned char kat192_nor_nonce[] = {
-    0x49, 0x76, 0x0a, 0xeb, 0xbc, 0x89, 0x61, 0xfe,
-};
-static const unsigned char kat192_nor_persstr[] = {0};
-static const unsigned char kat192_nor_addin0[] = {0};
-static const unsigned char kat192_nor_addin1[] = {0};
-static const unsigned char kat192_nor_retbytes[] = {
-    0x0f, 0x00, 0x8e, 0x60, 0xab, 0x48, 0x14, 0xcc, 0xd8, 0xd2, 0x89, 0x77,
-    0x53, 0xf5, 0x8c, 0xa3, 0x58, 0xba, 0xcd, 0x3f, 0x2e, 0xfc, 0x22, 0xc0,
-    0xec, 0x89, 0xa6, 0x5b, 0x0a, 0x91, 0x82, 0xf5, 0x55, 0xcc, 0x49, 0x7a,
-    0xa5, 0x9a, 0xf9, 0x14, 0xbc, 0x9c, 0x65, 0xbe, 0x7c, 0x09, 0x21, 0x46,
-    0xcb, 0x78, 0xfc, 0xe2, 0x40, 0xfc, 0x8f, 0xe1, 0x36, 0x72, 0x9e, 0xa7,
-    0x77, 0x16, 0x44, 0x7f,
-};
-static const struct drbg_kat_no_reseed kat192_nor_t = {
-    11, kat192_nor_entropyin, kat192_nor_nonce, kat192_nor_persstr,
-    kat192_nor_addin0, kat192_nor_addin1, kat192_nor_retbytes
-};
-static const struct drbg_kat kat192_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat192_nor_t
-};
-
-static const unsigned char kat193_nor_entropyin[] = {
-    0x79, 0x0e, 0xf8, 0xf0, 0xee, 0x6d, 0xf4, 0x80, 0xb2, 0xd4, 0x4d, 0xac,
-    0x1c, 0x37, 0x61, 0x4c,
-};
-static const unsigned char kat193_nor_nonce[] = {
-    0xd5, 0x52, 0x44, 0x4d, 0x7d, 0xc3, 0x5e, 0x5c,
-};
-static const unsigned char kat193_nor_persstr[] = {0};
-static const unsigned char kat193_nor_addin0[] = {0};
-static const unsigned char kat193_nor_addin1[] = {0};
-static const unsigned char kat193_nor_retbytes[] = {
-    0x2a, 0xf8, 0xe3, 0x09, 0x77, 0x55, 0x6f, 0xae, 0x7c, 0x18, 0xae, 0x12,
-    0xba, 0x22, 0x01, 0xb4, 0x0d, 0xe8, 0xc0, 0x21, 0x66, 0xed, 0x94, 0xc1,
-    0x41, 0x27, 0x20, 0x50, 0xdb, 0xea, 0x72, 0xf3, 0xb8, 0xf9, 0x91, 0x54,
-    0x7f, 0xc0, 0xf5, 0x58, 0x36, 0x17, 0x12, 0x67, 0xd4, 0x2a, 0x53, 0xdc,
-    0xfb, 0x37, 0xc1, 0x5a, 0x22, 0x76, 0x76, 0xbf, 0x21, 0x8a, 0x49, 0xd0,
-    0xb7, 0x23, 0x68, 0x9c,
-};
-static const struct drbg_kat_no_reseed kat193_nor_t = {
-    12, kat193_nor_entropyin, kat193_nor_nonce, kat193_nor_persstr,
-    kat193_nor_addin0, kat193_nor_addin1, kat193_nor_retbytes
-};
-static const struct drbg_kat kat193_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat193_nor_t
-};
-
-static const unsigned char kat194_nor_entropyin[] = {
-    0xbe, 0x19, 0x6c, 0x9c, 0xe3, 0x83, 0xc8, 0xb1, 0x01, 0xcd, 0x27, 0xa1,
-    0x12, 0x91, 0x9f, 0xbc,
-};
-static const unsigned char kat194_nor_nonce[] = {
-    0x33, 0x2e, 0xbe, 0x3d, 0x47, 0x3a, 0x3a, 0x35,
-};
-static const unsigned char kat194_nor_persstr[] = {0};
-static const unsigned char kat194_nor_addin0[] = {0};
-static const unsigned char kat194_nor_addin1[] = {0};
-static const unsigned char kat194_nor_retbytes[] = {
-    0x01, 0x6b, 0x05, 0xd5, 0x57, 0x77, 0x7b, 0x36, 0xa1, 0x92, 0x04, 0x0c,
-    0x58, 0x0a, 0x5c, 0x51, 0x6d, 0xda, 0x11, 0x55, 0x93, 0x4a, 0xfb, 0xd9,
-    0x6c, 0xc8, 0x5b, 0x6e, 0x8b, 0x00, 0x83, 0xbb, 0xda, 0x27, 0x3e, 0xa6,
-    0xdb, 0x52, 0xa0, 0x58, 0x9d, 0x9d, 0xe2, 0xe5, 0x56, 0x8f, 0xfe, 0xf9,
-    0xdb, 0x39, 0x50, 0x09, 0x3c, 0x4d, 0xb2, 0xe8, 0xce, 0x9c, 0x25, 0x13,
-    0x08, 0x46, 0x93, 0xe4,
-};
-static const struct drbg_kat_no_reseed kat194_nor_t = {
-    13, kat194_nor_entropyin, kat194_nor_nonce, kat194_nor_persstr,
-    kat194_nor_addin0, kat194_nor_addin1, kat194_nor_retbytes
-};
-static const struct drbg_kat kat194_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat194_nor_t
-};
-
-static const unsigned char kat195_nor_entropyin[] = {
-    0x76, 0x39, 0x61, 0x6e, 0xe5, 0xcb, 0x26, 0x9b, 0x5f, 0x54, 0x0d, 0xe1,
-    0x50, 0xb4, 0x65, 0x0e,
-};
-static const unsigned char kat195_nor_nonce[] = {
-    0x3c, 0x93, 0x3a, 0xbe, 0xd3, 0x07, 0xf6, 0xe2,
-};
-static const unsigned char kat195_nor_persstr[] = {0};
-static const unsigned char kat195_nor_addin0[] = {0};
-static const unsigned char kat195_nor_addin1[] = {0};
-static const unsigned char kat195_nor_retbytes[] = {
-    0x06, 0x33, 0xc9, 0xaf, 0x4d, 0x40, 0xf3, 0xc2, 0x1a, 0xd4, 0xe0, 0x78,
-    0xa0, 0xc8, 0x4e, 0xe0, 0x3a, 0xd7, 0xad, 0x41, 0x0a, 0x0f, 0x7c, 0xf3,
-    0xdf, 0xdf, 0xf5, 0x92, 0x0d, 0xcd, 0x39, 0x87, 0xfc, 0xec, 0xed, 0x11,
-    0xa2, 0xb3, 0x8b, 0x15, 0x53, 0x5e, 0x44, 0xb5, 0x53, 0x77, 0xa8, 0xf2,
-    0x0f, 0x4f, 0xe0, 0x51, 0x87, 0xf9, 0x76, 0xa2, 0x76, 0xe6, 0x4b, 0x81,
-    0x3e, 0x55, 0xa8, 0xb9,
-};
-static const struct drbg_kat_no_reseed kat195_nor_t = {
-    14, kat195_nor_entropyin, kat195_nor_nonce, kat195_nor_persstr,
-    kat195_nor_addin0, kat195_nor_addin1, kat195_nor_retbytes
-};
-static const struct drbg_kat kat195_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat195_nor_t
-};
-
-static const unsigned char kat196_nor_entropyin[] = {
-    0x8b, 0x80, 0x93, 0x6e, 0x69, 0xc6, 0x7e, 0xdb, 0x77, 0x1c, 0x28, 0xf9,
-    0xb9, 0x45, 0x21, 0x24,
-};
-static const unsigned char kat196_nor_nonce[] = {
-    0x7e, 0xe2, 0x61, 0x4e, 0xad, 0x3c, 0x12, 0x8e,
-};
-static const unsigned char kat196_nor_persstr[] = {0};
-static const unsigned char kat196_nor_addin0[] = {
-    0xfc, 0x35, 0xcb, 0xa9, 0x7a, 0x1e, 0x21, 0x1b, 0xc4, 0x20, 0xe8, 0xaf,
-    0x53, 0xf8, 0xe1, 0x3c,
-};
-static const unsigned char kat196_nor_addin1[] = {
-    0xfb, 0xa4, 0x38, 0xaa, 0xa7, 0x5a, 0x3c, 0xd4, 0xcd, 0x0c, 0xce, 0x39,
-    0x9b, 0xfe, 0xc7, 0x4a,
-};
-static const unsigned char kat196_nor_retbytes[] = {
-    0x67, 0x21, 0xcc, 0x1a, 0xda, 0x5e, 0xbc, 0x17, 0x13, 0xf7, 0x4c, 0x75,
-    0x90, 0x00, 0x76, 0x56, 0x52, 0xee, 0xb5, 0xf3, 0xf9, 0xc2, 0x4f, 0xb9,
-    0x34, 0x1b, 0x36, 0xa3, 0x69, 0xce, 0xc1, 0xd2, 0x7e, 0xa8, 0x0d, 0x6b,
-    0x73, 0xb5, 0x60, 0x47, 0xaf, 0x07, 0x13, 0x8c, 0x5a, 0x43, 0xc9, 0x9a,
-    0x87, 0x75, 0x31, 0x15, 0xc4, 0x71, 0xb8, 0x58, 0x7e, 0xa6, 0x5f, 0xa2,
-    0x06, 0x5e, 0x3c, 0xe0,
-};
-static const struct drbg_kat_no_reseed kat196_nor_t = {
-    0, kat196_nor_entropyin, kat196_nor_nonce, kat196_nor_persstr,
-    kat196_nor_addin0, kat196_nor_addin1, kat196_nor_retbytes
-};
-static const struct drbg_kat kat196_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat196_nor_t
-};
-
-static const unsigned char kat197_nor_entropyin[] = {
-    0x89, 0xce, 0x6c, 0x76, 0xbc, 0x41, 0xaa, 0x32, 0xa9, 0xc8, 0xe3, 0xe3,
-    0x7d, 0x62, 0x02, 0xef,
-};
-static const unsigned char kat197_nor_nonce[] = {
-    0xa3, 0x47, 0xf6, 0xcb, 0x64, 0xed, 0x19, 0xdd,
-};
-static const unsigned char kat197_nor_persstr[] = {0};
-static const unsigned char kat197_nor_addin0[] = {
-    0xc5, 0x03, 0xb1, 0x22, 0x95, 0x7d, 0xce, 0xc8, 0xd9, 0xeb, 0x9c, 0xc9,
-    0x94, 0xb8, 0xd1, 0x22,
-};
-static const unsigned char kat197_nor_addin1[] = {
-    0x3b, 0xb2, 0xf1, 0x19, 0x7a, 0x99, 0x58, 0x8d, 0xf3, 0x57, 0xc0, 0xd1,
-    0x98, 0x6a, 0xc6, 0xed,
-};
-static const unsigned char kat197_nor_retbytes[] = {
-    0xf0, 0xf4, 0x25, 0xb1, 0x9e, 0xb7, 0x5a, 0xea, 0x68, 0x99, 0xfa, 0xb7,
-    0x61, 0x2c, 0x98, 0xa0, 0xb5, 0xc5, 0xc5, 0xa3, 0xc8, 0x61, 0x07, 0xa8,
-    0xc2, 0x01, 0x62, 0x3f, 0x75, 0x99, 0x31, 0x90, 0x9a, 0xfd, 0x63, 0x41,
-    0x9d, 0x1c, 0xce, 0xb8, 0x6b, 0xd4, 0xf1, 0x6e, 0x94, 0x8a, 0xef, 0x08,
-    0x47, 0x61, 0x70, 0x75, 0x7b, 0xca, 0xf7, 0x98, 0x84, 0xf9, 0xc3, 0x6b,
-    0xc7, 0x7e, 0x9f, 0xf9,
-};
-static const struct drbg_kat_no_reseed kat197_nor_t = {
-    1, kat197_nor_entropyin, kat197_nor_nonce, kat197_nor_persstr,
-    kat197_nor_addin0, kat197_nor_addin1, kat197_nor_retbytes
-};
-static const struct drbg_kat kat197_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat197_nor_t
-};
-
-static const unsigned char kat198_nor_entropyin[] = {
-    0xbc, 0x51, 0x67, 0x8d, 0x1f, 0x31, 0x28, 0x65, 0x7b, 0x38, 0x84, 0x9a,
-    0xe9, 0xc4, 0xbb, 0x1e,
-};
-static const unsigned char kat198_nor_nonce[] = {
-    0xdd, 0x29, 0xd9, 0xd8, 0x3f, 0xdb, 0x5e, 0x09,
-};
-static const unsigned char kat198_nor_persstr[] = {0};
-static const unsigned char kat198_nor_addin0[] = {
-    0xd4, 0xcd, 0x00, 0x67, 0x5c, 0xfe, 0x22, 0x7d, 0xe0, 0xcb, 0xab, 0x65,
-    0x11, 0x35, 0x22, 0x89,
-};
-static const unsigned char kat198_nor_addin1[] = {
-    0x55, 0xbb, 0x93, 0x62, 0x80, 0xae, 0x46, 0xb2, 0x6d, 0x66, 0xb2, 0xf3,
-    0xfe, 0xb2, 0x68, 0xd8,
-};
-static const unsigned char kat198_nor_retbytes[] = {
-    0xe5, 0x81, 0x38, 0xb6, 0xb0, 0x23, 0x2e, 0x4d, 0x6d, 0x9e, 0xa8, 0xb6,
-    0x5b, 0xd7, 0x69, 0x65, 0xcd, 0xbc, 0x58, 0x4c, 0xca, 0x2e, 0x83, 0xd4,
-    0xea, 0xd9, 0x36, 0xbf, 0xb9, 0xc7, 0x9d, 0x77, 0xde, 0xc9, 0x42, 0x4f,
-    0x2c, 0xf8, 0x95, 0x01, 0x1e, 0xf1, 0x03, 0x3c, 0x61, 0x9e, 0x28, 0xd1,
-    0xdb, 0xa5, 0xdd, 0x3c, 0xed, 0x04, 0x42, 0x9c, 0x1b, 0xd3, 0xc0, 0x3e,
-    0x5d, 0x13, 0xe2, 0xb8,
-};
-static const struct drbg_kat_no_reseed kat198_nor_t = {
-    2, kat198_nor_entropyin, kat198_nor_nonce, kat198_nor_persstr,
-    kat198_nor_addin0, kat198_nor_addin1, kat198_nor_retbytes
-};
-static const struct drbg_kat kat198_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat198_nor_t
-};
-
-static const unsigned char kat199_nor_entropyin[] = {
-    0x06, 0x5a, 0x5d, 0x4f, 0xdb, 0x34, 0xb0, 0x8f, 0xd8, 0xef, 0xc8, 0x1f,
-    0x99, 0x62, 0x69, 0xab,
-};
-static const unsigned char kat199_nor_nonce[] = {
-    0xd5, 0xa6, 0x74, 0x7c, 0x7f, 0x8e, 0xef, 0x46,
-};
-static const unsigned char kat199_nor_persstr[] = {0};
-static const unsigned char kat199_nor_addin0[] = {
-    0x72, 0xeb, 0xd3, 0x51, 0xed, 0xc0, 0x00, 0xd8, 0x36, 0x32, 0x58, 0xa6,
-    0x9f, 0x2b, 0x98, 0xcc,
-};
-static const unsigned char kat199_nor_addin1[] = {
-    0xe5, 0xc8, 0x61, 0x21, 0x32, 0x96, 0xea, 0x2a, 0xd5, 0x09, 0x8f, 0x9b,
-    0x4c, 0x50, 0x64, 0x7d,
-};
-static const unsigned char kat199_nor_retbytes[] = {
-    0xa8, 0xea, 0x47, 0x0f, 0x17, 0xbe, 0xe5, 0x02, 0x1d, 0x49, 0xc8, 0x4b,
-    0x72, 0x1e, 0x0b, 0x67, 0x47, 0x0d, 0x3b, 0xc4, 0xf9, 0x8f, 0xac, 0x68,
-    0xc6, 0x74, 0x42, 0x97, 0x9d, 0x4f, 0xbc, 0xcb, 0xbc, 0xd0, 0x47, 0x7c,
-    0x1e, 0x74, 0x93, 0x12, 0x6c, 0xbe, 0x16, 0x9b, 0x84, 0x44, 0x6f, 0x5f,
-    0xcf, 0x66, 0x67, 0x86, 0x77, 0x5d, 0x19, 0xf3, 0x5c, 0x61, 0x52, 0x52,
-    0x9a, 0x41, 0xde, 0x6d,
-};
-static const struct drbg_kat_no_reseed kat199_nor_t = {
-    3, kat199_nor_entropyin, kat199_nor_nonce, kat199_nor_persstr,
-    kat199_nor_addin0, kat199_nor_addin1, kat199_nor_retbytes
-};
-static const struct drbg_kat kat199_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat199_nor_t
-};
-
-static const unsigned char kat200_nor_entropyin[] = {
-    0x12, 0x48, 0xed, 0x4b, 0xf6, 0x06, 0xcc, 0x65, 0x8b, 0x64, 0x1b, 0x79,
-    0x58, 0x59, 0x7f, 0x5a,
-};
-static const unsigned char kat200_nor_nonce[] = {
-    0x16, 0xc8, 0x8d, 0xea, 0x4e, 0x75, 0x3d, 0x50,
-};
-static const unsigned char kat200_nor_persstr[] = {0};
-static const unsigned char kat200_nor_addin0[] = {
-    0xfc, 0x67, 0xe7, 0x63, 0x41, 0x32, 0x02, 0xe0, 0x4c, 0x55, 0x69, 0x7e,
-    0xb7, 0x54, 0x8c, 0x56,
-};
-static const unsigned char kat200_nor_addin1[] = {
-    0x21, 0xe0, 0xe3, 0x86, 0x65, 0xec, 0xf6, 0x0f, 0xa9, 0x73, 0x0b, 0xdf,
-    0x7e, 0x22, 0xcc, 0x7f,
-};
-static const unsigned char kat200_nor_retbytes[] = {
-    0x63, 0xd9, 0xb5, 0x0d, 0xd6, 0x9e, 0xa9, 0xda, 0xc7, 0x5f, 0x48, 0xae,
-    0x01, 0x2f, 0xce, 0xc2, 0x7c, 0x2e, 0x1d, 0xcf, 0xc2, 0xac, 0x2e, 0x59,
-    0x24, 0x4a, 0xf4, 0xa6, 0xce, 0x9a, 0x73, 0xc4, 0xd8, 0xbd, 0xe6, 0x57,
-    0x0d, 0x85, 0xee, 0x15, 0xb0, 0x8a, 0x48, 0xef, 0x47, 0x3d, 0x12, 0xdb,
-    0x87, 0x1f, 0x6d, 0xf1, 0xd8, 0x14, 0x41, 0x61, 0x3d, 0xcc, 0x1e, 0xfb,
-    0x20, 0x18, 0xf0, 0xc3,
-};
-static const struct drbg_kat_no_reseed kat200_nor_t = {
-    4, kat200_nor_entropyin, kat200_nor_nonce, kat200_nor_persstr,
-    kat200_nor_addin0, kat200_nor_addin1, kat200_nor_retbytes
-};
-static const struct drbg_kat kat200_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat200_nor_t
-};
-
-static const unsigned char kat201_nor_entropyin[] = {
-    0x6f, 0xa6, 0x29, 0xd0, 0x3c, 0xb4, 0xeb, 0x53, 0x4e, 0xfa, 0x03, 0x33,
-    0x4d, 0x3b, 0x1d, 0x02,
-};
-static const unsigned char kat201_nor_nonce[] = {
-    0xd9, 0x52, 0x15, 0x3e, 0x79, 0xdf, 0x53, 0x8f,
-};
-static const unsigned char kat201_nor_persstr[] = {0};
-static const unsigned char kat201_nor_addin0[] = {
-    0x2e, 0x5c, 0x55, 0x45, 0x78, 0xa0, 0x69, 0xf5, 0xe4, 0x95, 0x9d, 0xcb,
-    0x35, 0x1a, 0x29, 0x4d,
-};
-static const unsigned char kat201_nor_addin1[] = {
-    0x2d, 0x26, 0xae, 0xaa, 0xd9, 0xcb, 0xf2, 0x53, 0xad, 0xd8, 0x68, 0x4d,
-    0x29, 0xb1, 0xa6, 0x33,
-};
-static const unsigned char kat201_nor_retbytes[] = {
-    0xf5, 0x82, 0x46, 0x31, 0x32, 0x84, 0x99, 0x02, 0x98, 0x86, 0x4a, 0x89,
-    0xbf, 0xe7, 0xbe, 0x19, 0x70, 0xc0, 0x33, 0xdc, 0x16, 0x64, 0xad, 0x7f,
-    0x5c, 0xd9, 0xb8, 0x12, 0xf5, 0xb7, 0xe9, 0x0f, 0x69, 0xa4, 0x9c, 0xdf,
-    0xbe, 0xe0, 0xe2, 0x79, 0xf7, 0xdf, 0x1a, 0x8e, 0xd7, 0x9e, 0xca, 0x6e,
-    0x68, 0x0d, 0x74, 0x0c, 0x0f, 0x2a, 0xe1, 0x2f, 0x87, 0x79, 0x8a, 0xcc,
-    0x6d, 0x73, 0xd4, 0x2f,
-};
-static const struct drbg_kat_no_reseed kat201_nor_t = {
-    5, kat201_nor_entropyin, kat201_nor_nonce, kat201_nor_persstr,
-    kat201_nor_addin0, kat201_nor_addin1, kat201_nor_retbytes
-};
-static const struct drbg_kat kat201_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat201_nor_t
-};
-
-static const unsigned char kat202_nor_entropyin[] = {
-    0xc5, 0x8e, 0xeb, 0x2e, 0x57, 0xf2, 0x95, 0xd7, 0xaf, 0x1a, 0x37, 0x67,
-    0x93, 0x5b, 0x85, 0xeb,
-};
-static const unsigned char kat202_nor_nonce[] = {
-    0x98, 0x61, 0x2b, 0x6c, 0xa0, 0x2f, 0x60, 0xe4,
-};
-static const unsigned char kat202_nor_persstr[] = {0};
-static const unsigned char kat202_nor_addin0[] = {
-    0x10, 0xe8, 0x9c, 0x27, 0x1e, 0x2b, 0x28, 0x3d, 0x69, 0xb0, 0x4a, 0xbf,
-    0x6c, 0x54, 0xb1, 0xe1,
-};
-static const unsigned char kat202_nor_addin1[] = {
-    0x20, 0x79, 0x50, 0xc2, 0x8b, 0x26, 0xec, 0x16, 0xc4, 0xf2, 0x81, 0x21,
-    0x60, 0x7f, 0x4a, 0x5a,
-};
-static const unsigned char kat202_nor_retbytes[] = {
-    0x28, 0xef, 0xf6, 0x03, 0xff, 0x0d, 0xc8, 0x39, 0xf8, 0x8f, 0x84, 0x47,
-    0x33, 0xb2, 0x75, 0xbc, 0x6f, 0xda, 0x6d, 0x45, 0x46, 0xee, 0x26, 0x03,
-    0x4f, 0x51, 0xf8, 0x4c, 0xe4, 0x30, 0xb0, 0x73, 0xc3, 0xda, 0x8a, 0xbf,
-    0xe8, 0x2b, 0x53, 0x13, 0xba, 0x2e, 0x0f, 0x60, 0x04, 0x5b, 0x80, 0x96,
-    0xb9, 0xcf, 0x31, 0x42, 0x48, 0x63, 0xe0, 0x6f, 0x72, 0xef, 0xf1, 0xba,
-    0xa4, 0xb2, 0x52, 0x70,
-};
-static const struct drbg_kat_no_reseed kat202_nor_t = {
-    6, kat202_nor_entropyin, kat202_nor_nonce, kat202_nor_persstr,
-    kat202_nor_addin0, kat202_nor_addin1, kat202_nor_retbytes
-};
-static const struct drbg_kat kat202_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat202_nor_t
-};
-
-static const unsigned char kat203_nor_entropyin[] = {
-    0x8a, 0x34, 0x5b, 0x5a, 0x5e, 0xb7, 0xd7, 0xaa, 0x70, 0x0b, 0xff, 0x26,
-    0x61, 0x25, 0xed, 0xe1,
-};
-static const unsigned char kat203_nor_nonce[] = {
-    0x00, 0xb2, 0x96, 0x37, 0x27, 0x8d, 0xa4, 0x57,
-};
-static const unsigned char kat203_nor_persstr[] = {0};
-static const unsigned char kat203_nor_addin0[] = {
-    0x44, 0x53, 0x4b, 0x92, 0xaf, 0x03, 0x81, 0x71, 0xb6, 0x7b, 0x70, 0xf4,
-    0xe1, 0xd5, 0xe7, 0xf5,
-};
-static const unsigned char kat203_nor_addin1[] = {
-    0x53, 0x14, 0x76, 0x60, 0xc0, 0xfd, 0xe5, 0xf9, 0x89, 0x34, 0x74, 0xf0,
-    0x38, 0x84, 0xab, 0x14,
-};
-static const unsigned char kat203_nor_retbytes[] = {
-    0xa6, 0xa7, 0xa5, 0x6f, 0xc3, 0x2c, 0x3d, 0x3c, 0x33, 0x06, 0xdd, 0x65,
-    0x10, 0x9f, 0xf8, 0xd6, 0x80, 0x31, 0x19, 0x3b, 0xbf, 0x5b, 0x38, 0x38,
-    0x0e, 0x38, 0x25, 0xdb, 0x7b, 0xef, 0x72, 0x94, 0x05, 0x14, 0x16, 0x26,
-    0x37, 0x95, 0xf3, 0x34, 0xd1, 0xf8, 0x70, 0x54, 0xe9, 0x7d, 0xbb, 0x52,
-    0xdd, 0x24, 0x4d, 0x52, 0x7a, 0x6f, 0xfc, 0xe0, 0x86, 0xd1, 0xad, 0x17,
-    0x7b, 0xa8, 0xfb, 0x81,
-};
-static const struct drbg_kat_no_reseed kat203_nor_t = {
-    7, kat203_nor_entropyin, kat203_nor_nonce, kat203_nor_persstr,
-    kat203_nor_addin0, kat203_nor_addin1, kat203_nor_retbytes
-};
-static const struct drbg_kat kat203_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat203_nor_t
-};
-
-static const unsigned char kat204_nor_entropyin[] = {
-    0xfe, 0x50, 0x4e, 0x06, 0x89, 0x5d, 0x34, 0x08, 0x90, 0x50, 0x9f, 0x39,
-    0x8f, 0xe7, 0x08, 0x32,
-};
-static const unsigned char kat204_nor_nonce[] = {
-    0x3b, 0x3d, 0x94, 0xb6, 0x94, 0x8f, 0x74, 0x01,
-};
-static const unsigned char kat204_nor_persstr[] = {0};
-static const unsigned char kat204_nor_addin0[] = {
-    0x64, 0x20, 0x03, 0x18, 0x1f, 0x79, 0x1c, 0xb5, 0xba, 0xce, 0xf7, 0x23,
-    0xc9, 0x6c, 0xe2, 0x62,
-};
-static const unsigned char kat204_nor_addin1[] = {
-    0x34, 0x5e, 0x8d, 0x29, 0xd5, 0xef, 0xdd, 0xc8, 0xab, 0x37, 0x83, 0x8b,
-    0x18, 0x91, 0xbc, 0xd0,
-};
-static const unsigned char kat204_nor_retbytes[] = {
-    0x45, 0x30, 0x40, 0x99, 0x14, 0x5b, 0x8e, 0x3d, 0xa8, 0x00, 0xa9, 0x2e,
-    0x0f, 0x59, 0x15, 0xc8, 0x98, 0x1f, 0xb7, 0x70, 0x6a, 0x1d, 0xf0, 0xa6,
-    0xc0, 0xb2, 0xad, 0x54, 0x35, 0xda, 0x19, 0xce, 0xd3, 0xac, 0xdf, 0xd5,
-    0x83, 0x27, 0x95, 0x01, 0x3a, 0xfa, 0x5f, 0xf2, 0x1f, 0xf3, 0x32, 0x6a,
-    0xda, 0x7d, 0x57, 0x78, 0x17, 0xf6, 0xb9, 0x4e, 0xb3, 0x5f, 0x33, 0x62,
-    0x3d, 0xb4, 0x71, 0x76,
-};
-static const struct drbg_kat_no_reseed kat204_nor_t = {
-    8, kat204_nor_entropyin, kat204_nor_nonce, kat204_nor_persstr,
-    kat204_nor_addin0, kat204_nor_addin1, kat204_nor_retbytes
-};
-static const struct drbg_kat kat204_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat204_nor_t
-};
-
-static const unsigned char kat205_nor_entropyin[] = {
-    0xe0, 0x22, 0x7d, 0xe1, 0x4d, 0x5b, 0xc6, 0xad, 0xe2, 0xa0, 0x14, 0xee,
-    0x43, 0x01, 0x51, 0xb4,
-};
-static const unsigned char kat205_nor_nonce[] = {
-    0x15, 0x37, 0xf8, 0x56, 0x16, 0x75, 0x87, 0x53,
-};
-static const unsigned char kat205_nor_persstr[] = {0};
-static const unsigned char kat205_nor_addin0[] = {
-    0x87, 0xee, 0xfe, 0xf0, 0xe0, 0xcf, 0xd9, 0x0d, 0xd2, 0x6d, 0x48, 0x33,
-    0x79, 0x78, 0x7c, 0x7f,
-};
-static const unsigned char kat205_nor_addin1[] = {
-    0x74, 0xd2, 0xff, 0xf6, 0xf2, 0x9f, 0x89, 0x2e, 0x66, 0xa9, 0xf8, 0x0b,
-    0x2a, 0x5d, 0x9d, 0x20,
-};
-static const unsigned char kat205_nor_retbytes[] = {
-    0xdd, 0xe0, 0x86, 0xce, 0xc0, 0xad, 0xd3, 0x1f, 0xb9, 0x55, 0x3d, 0x56,
-    0xcc, 0x2c, 0x6b, 0x7c, 0x02, 0x2d, 0x8c, 0x87, 0xff, 0x54, 0x99, 0xfa,
-    0x78, 0xa6, 0x8e, 0xeb, 0x05, 0x1c, 0xdb, 0xf8, 0x99, 0x67, 0x3b, 0x4e,
-    0xd7, 0x6f, 0xe8, 0x67, 0xb7, 0x9e, 0xcf, 0x6f, 0xc1, 0xd7, 0xc6, 0xf8,
-    0xf5, 0x97, 0x01, 0x31, 0x39, 0xd5, 0x28, 0xd3, 0x48, 0xca, 0x3b, 0xee,
-    0x96, 0x05, 0xdd, 0x80,
-};
-static const struct drbg_kat_no_reseed kat205_nor_t = {
-    9, kat205_nor_entropyin, kat205_nor_nonce, kat205_nor_persstr,
-    kat205_nor_addin0, kat205_nor_addin1, kat205_nor_retbytes
-};
-static const struct drbg_kat kat205_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat205_nor_t
-};
-
-static const unsigned char kat206_nor_entropyin[] = {
-    0x44, 0xb7, 0x28, 0x2f, 0x95, 0x1c, 0x59, 0x1a, 0x7a, 0x3d, 0x9f, 0xf6,
-    0x96, 0x0f, 0x20, 0xb9,
-};
-static const unsigned char kat206_nor_nonce[] = {
-    0xb7, 0x7e, 0xbe, 0x26, 0x99, 0x0c, 0xbe, 0x8c,
-};
-static const unsigned char kat206_nor_persstr[] = {0};
-static const unsigned char kat206_nor_addin0[] = {
-    0x90, 0x00, 0x58, 0x7b, 0xb1, 0x8d, 0x20, 0x1e, 0xcf, 0xd5, 0x6f, 0x30,
-    0xdb, 0xa4, 0x83, 0xd2,
-};
-static const unsigned char kat206_nor_addin1[] = {
-    0x24, 0x55, 0x23, 0x06, 0x0b, 0x0a, 0xf3, 0xe5, 0x75, 0xb1, 0x48, 0x0a,
-    0xa6, 0xd8, 0xa3, 0x3b,
-};
-static const unsigned char kat206_nor_retbytes[] = {
-    0x9f, 0x25, 0x67, 0x4a, 0xc0, 0x85, 0xa7, 0xa4, 0x87, 0xe7, 0xd7, 0x20,
-    0x84, 0xd5, 0xd3, 0xc0, 0xfb, 0xd7, 0xd4, 0x18, 0x70, 0xf0, 0xf7, 0x66,
-    0xd6, 0x13, 0x01, 0x59, 0x96, 0x05, 0x2e, 0xbf, 0xc6, 0xf6, 0x2e, 0x4c,
-    0xf3, 0x89, 0xaf, 0x85, 0xcf, 0x12, 0x5d, 0x9d, 0x99, 0xc6, 0x49, 0xd4,
-    0xe8, 0x75, 0x50, 0x79, 0xa6, 0x81, 0x7a, 0x9e, 0x81, 0x44, 0x5d, 0x1b,
-    0x99, 0x4d, 0x29, 0x61,
-};
-static const struct drbg_kat_no_reseed kat206_nor_t = {
-    10, kat206_nor_entropyin, kat206_nor_nonce, kat206_nor_persstr,
-    kat206_nor_addin0, kat206_nor_addin1, kat206_nor_retbytes
-};
-static const struct drbg_kat kat206_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat206_nor_t
-};
-
-static const unsigned char kat207_nor_entropyin[] = {
-    0x74, 0x5c, 0xa1, 0x6e, 0xbc, 0x9e, 0x1a, 0x58, 0xda, 0x81, 0x02, 0x78,
-    0x88, 0x5d, 0xff, 0x33,
-};
-static const unsigned char kat207_nor_nonce[] = {
-    0x7e, 0x11, 0xf9, 0x49, 0x86, 0x2c, 0xbc, 0xc9,
-};
-static const unsigned char kat207_nor_persstr[] = {0};
-static const unsigned char kat207_nor_addin0[] = {
-    0x4b, 0x89, 0x8e, 0xbd, 0xd3, 0x21, 0x42, 0x62, 0x78, 0x15, 0xbe, 0x10,
-    0x35, 0x43, 0x56, 0x96,
-};
-static const unsigned char kat207_nor_addin1[] = {
-    0x33, 0x0b, 0x0c, 0xe2, 0x87, 0x84, 0x2d, 0x3d, 0x71, 0x9a, 0x0c, 0xe4,
-    0x15, 0x36, 0x3b, 0x77,
-};
-static const unsigned char kat207_nor_retbytes[] = {
-    0x9c, 0x6d, 0xd7, 0x63, 0x88, 0x80, 0x65, 0x54, 0x1b, 0x1a, 0x38, 0x0c,
-    0xf4, 0xf4, 0x59, 0x83, 0x9f, 0xb4, 0xf1, 0xef, 0x4f, 0x78, 0x17, 0x28,
-    0x6b, 0xe4, 0x50, 0x33, 0x95, 0x7f, 0x79, 0xd1, 0x42, 0x9c, 0xfe, 0xfe,
-    0xd1, 0xab, 0xd6, 0x22, 0x8b, 0x26, 0x74, 0x7e, 0x69, 0xec, 0x9b, 0x1a,
-    0x02, 0x7b, 0x3a, 0x0b, 0x9a, 0x28, 0x48, 0x7e, 0x95, 0x4d, 0xda, 0x06,
-    0xb7, 0xee, 0xb4, 0x54,
-};
-static const struct drbg_kat_no_reseed kat207_nor_t = {
-    11, kat207_nor_entropyin, kat207_nor_nonce, kat207_nor_persstr,
-    kat207_nor_addin0, kat207_nor_addin1, kat207_nor_retbytes
-};
-static const struct drbg_kat kat207_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat207_nor_t
-};
-
-static const unsigned char kat208_nor_entropyin[] = {
-    0x1e, 0x54, 0x6f, 0xee, 0xba, 0xf0, 0xfe, 0xba, 0x3a, 0x07, 0xc6, 0x35,
-    0xe6, 0x23, 0x5b, 0xfb,
-};
-static const unsigned char kat208_nor_nonce[] = {
-    0x17, 0x88, 0xd9, 0xee, 0xa4, 0x44, 0xad, 0x7b,
-};
-static const unsigned char kat208_nor_persstr[] = {0};
-static const unsigned char kat208_nor_addin0[] = {
-    0x51, 0x99, 0xd4, 0xaa, 0x59, 0x30, 0x22, 0x0c, 0x27, 0x34, 0x2e, 0x1c,
-    0x0b, 0x99, 0x46, 0x4f,
-};
-static const unsigned char kat208_nor_addin1[] = {
-    0x16, 0xdd, 0x52, 0x0f, 0x00, 0x93, 0x29, 0xed, 0x7b, 0xe1, 0x4d, 0x25,
-    0xe5, 0xc7, 0x91, 0x12,
-};
-static const unsigned char kat208_nor_retbytes[] = {
-    0x34, 0xfa, 0x78, 0x30, 0x6c, 0x9e, 0xfb, 0x91, 0x2e, 0xe7, 0x8f, 0xb9,
-    0x8a, 0x03, 0x54, 0x6d, 0x16, 0xc1, 0xcc, 0x9b, 0xc3, 0xb6, 0x7a, 0x04,
-    0xf2, 0xa8, 0xe6, 0xfb, 0x26, 0x24, 0x14, 0xbc, 0xf3, 0xcc, 0x51, 0xd3,
-    0xcf, 0x3a, 0x1a, 0x30, 0x48, 0x09, 0xf1, 0x86, 0xbd, 0x74, 0xf2, 0x09,
-    0xb2, 0x42, 0x86, 0xf7, 0x71, 0x76, 0x67, 0xcc, 0x56, 0x60, 0xd3, 0xec,
-    0x73, 0x2f, 0xb0, 0xd3,
-};
-static const struct drbg_kat_no_reseed kat208_nor_t = {
-    12, kat208_nor_entropyin, kat208_nor_nonce, kat208_nor_persstr,
-    kat208_nor_addin0, kat208_nor_addin1, kat208_nor_retbytes
-};
-static const struct drbg_kat kat208_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat208_nor_t
-};
-
-static const unsigned char kat209_nor_entropyin[] = {
-    0xde, 0x1f, 0xca, 0xee, 0x63, 0x29, 0xe9, 0xac, 0x06, 0xa6, 0xdc, 0x18,
-    0xa1, 0x8d, 0x14, 0x7d,
-};
-static const unsigned char kat209_nor_nonce[] = {
-    0xe1, 0x0e, 0xa5, 0x48, 0xcc, 0x37, 0x73, 0xab,
-};
-static const unsigned char kat209_nor_persstr[] = {0};
-static const unsigned char kat209_nor_addin0[] = {
-    0x5c, 0xdd, 0xd4, 0xfd, 0x07, 0xb6, 0xac, 0x3e, 0x96, 0xb1, 0x33, 0x39,
-    0xa7, 0x5f, 0x56, 0xf9,
-};
-static const unsigned char kat209_nor_addin1[] = {
-    0x45, 0x47, 0x14, 0xbe, 0xbf, 0x96, 0x03, 0xe1, 0xcf, 0xef, 0x7b, 0x80,
-    0x38, 0x37, 0x48, 0x99,
-};
-static const unsigned char kat209_nor_retbytes[] = {
-    0x5e, 0x34, 0x83, 0x12, 0x58, 0x35, 0x24, 0x30, 0x48, 0xa5, 0x10, 0x18,
-    0x4f, 0x08, 0x64, 0x87, 0xe9, 0xb0, 0x2f, 0xc0, 0xca, 0x60, 0xfb, 0x46,
-    0x41, 0x6f, 0xb0, 0xcc, 0xc1, 0x3e, 0x45, 0x08, 0x1d, 0xa5, 0x96, 0x91,
-    0xe3, 0x26, 0x78, 0xfc, 0xb6, 0xaa, 0xbe, 0xf5, 0x85, 0xfb, 0x49, 0x2b,
-    0x19, 0x4e, 0x06, 0x17, 0x1a, 0x8d, 0x17, 0xaf, 0x85, 0x56, 0xa3, 0x6b,
-    0xf4, 0x93, 0x1f, 0xf5,
-};
-static const struct drbg_kat_no_reseed kat209_nor_t = {
-    13, kat209_nor_entropyin, kat209_nor_nonce, kat209_nor_persstr,
-    kat209_nor_addin0, kat209_nor_addin1, kat209_nor_retbytes
-};
-static const struct drbg_kat kat209_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat209_nor_t
-};
-
-static const unsigned char kat210_nor_entropyin[] = {
-    0x8b, 0x52, 0x95, 0x07, 0xbc, 0x2e, 0x8f, 0x71, 0x19, 0x34, 0xad, 0xc8,
-    0x8c, 0x65, 0x30, 0xa3,
-};
-static const unsigned char kat210_nor_nonce[] = {
-    0x72, 0x15, 0x95, 0x6b, 0x7c, 0x57, 0x4e, 0x71,
-};
-static const unsigned char kat210_nor_persstr[] = {0};
-static const unsigned char kat210_nor_addin0[] = {
-    0x1a, 0xdb, 0x1e, 0xf6, 0x33, 0x47, 0xb2, 0x1e, 0x33, 0x51, 0x8b, 0x96,
-    0x2f, 0x6d, 0xb8, 0x98,
-};
-static const unsigned char kat210_nor_addin1[] = {
-    0xd5, 0xc6, 0x9f, 0x42, 0xf3, 0x6e, 0xa2, 0x24, 0x98, 0x42, 0xb6, 0xfc,
-    0x26, 0xac, 0x54, 0xfe,
-};
-static const unsigned char kat210_nor_retbytes[] = {
-    0xc3, 0x74, 0xbd, 0xd6, 0x2c, 0xb1, 0xe4, 0x2e, 0x64, 0x84, 0x03, 0x84,
-    0x3b, 0x8c, 0x06, 0xc0, 0xb3, 0x05, 0xf9, 0x45, 0x68, 0x5f, 0x72, 0xd1,
-    0xbc, 0x2e, 0x42, 0x8c, 0x19, 0xdf, 0x45, 0x20, 0x18, 0xdd, 0xea, 0x81,
-    0xeb, 0xe5, 0xb1, 0x5f, 0xad, 0x3b, 0xe4, 0xeb, 0x17, 0xfa, 0x2d, 0x2c,
-    0xf5, 0x78, 0x36, 0xdd, 0x08, 0x09, 0x70, 0xf7, 0x16, 0xc0, 0xb2, 0x2f,
-    0x72, 0x63, 0x41, 0x4a,
-};
-static const struct drbg_kat_no_reseed kat210_nor_t = {
-    14, kat210_nor_entropyin, kat210_nor_nonce, kat210_nor_persstr,
-    kat210_nor_addin0, kat210_nor_addin1, kat210_nor_retbytes
-};
-static const struct drbg_kat kat210_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat210_nor_t
-};
-
-static const unsigned char kat211_nor_entropyin[] = {
-    0xf4, 0x1f, 0x46, 0x6b, 0x32, 0x19, 0xbe, 0x21, 0x59, 0x77, 0x63, 0xfa,
-    0x7b, 0x76, 0xfb, 0x40,
-};
-static const unsigned char kat211_nor_nonce[] = {
-    0xcd, 0x93, 0xfe, 0xb9, 0x96, 0x2e, 0x81, 0xac,
-};
-static const unsigned char kat211_nor_persstr[] = {
-    0xb5, 0x8f, 0x86, 0x9a, 0xd0, 0xaa, 0x98, 0x08, 0xf6, 0x64, 0x61, 0x37,
-    0x43, 0x1d, 0x43, 0x0c,
-};
-static const unsigned char kat211_nor_addin0[] = {0};
-static const unsigned char kat211_nor_addin1[] = {0};
-static const unsigned char kat211_nor_retbytes[] = {
-    0x2f, 0xb6, 0xd7, 0xec, 0xa3, 0x92, 0x67, 0x4f, 0xc7, 0x22, 0xa6, 0x19,
-    0x20, 0x2e, 0x81, 0x9d, 0x0d, 0xa9, 0xd1, 0x1b, 0xc6, 0x7d, 0xb1, 0x0b,
-    0xe4, 0xc1, 0x3c, 0xb9, 0x64, 0xe3, 0x0a, 0xda, 0x96, 0xdc, 0xcf, 0x0c,
-    0x92, 0x2b, 0x71, 0x0a, 0xc0, 0x0d, 0xed, 0x54, 0x57, 0xfa, 0x97, 0x1b,
-    0xb1, 0xc6, 0x61, 0xa0, 0x9a, 0xfa, 0x72, 0x0a, 0x58, 0x64, 0x34, 0x4b,
-    0xf7, 0x7a, 0x36, 0xae,
-};
-static const struct drbg_kat_no_reseed kat211_nor_t = {
-    0, kat211_nor_entropyin, kat211_nor_nonce, kat211_nor_persstr,
-    kat211_nor_addin0, kat211_nor_addin1, kat211_nor_retbytes
-};
-static const struct drbg_kat kat211_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat211_nor_t
-};
-
-static const unsigned char kat212_nor_entropyin[] = {
-    0x9d, 0x1b, 0x88, 0x34, 0x83, 0x2f, 0xfa, 0x13, 0x83, 0x2e, 0xb0, 0x86,
-    0x04, 0x7b, 0xf3, 0xb1,
-};
-static const unsigned char kat212_nor_nonce[] = {
-    0xd0, 0xf1, 0x5e, 0xfe, 0x86, 0x47, 0x7f, 0x75,
-};
-static const unsigned char kat212_nor_persstr[] = {
-    0x73, 0xc9, 0x37, 0x34, 0xf6, 0xea, 0x39, 0xae, 0x04, 0xe6, 0xa4, 0xb4,
-    0x97, 0x66, 0xb8, 0x20,
-};
-static const unsigned char kat212_nor_addin0[] = {0};
-static const unsigned char kat212_nor_addin1[] = {0};
-static const unsigned char kat212_nor_retbytes[] = {
-    0x9f, 0xb6, 0x7d, 0x35, 0x37, 0x89, 0x40, 0xa5, 0xd7, 0x6b, 0x96, 0x3a,
-    0xce, 0x4f, 0x81, 0x58, 0xe9, 0x3f, 0xe0, 0xca, 0x06, 0x4f, 0x96, 0x56,
-    0xd4, 0x6d, 0xf1, 0xc1, 0x0d, 0x02, 0x5f, 0x48, 0xb3, 0x35, 0x69, 0xda,
-    0x07, 0xc7, 0x7e, 0xc5, 0x12, 0x23, 0x6d, 0x08, 0xd2, 0x69, 0x97, 0xd6,
-    0xb9, 0xbb, 0x69, 0x15, 0xdf, 0x63, 0x9e, 0xa8, 0x9d, 0xa9, 0x57, 0xe6,
-    0x6f, 0xc2, 0x90, 0x03,
-};
-static const struct drbg_kat_no_reseed kat212_nor_t = {
-    1, kat212_nor_entropyin, kat212_nor_nonce, kat212_nor_persstr,
-    kat212_nor_addin0, kat212_nor_addin1, kat212_nor_retbytes
-};
-static const struct drbg_kat kat212_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat212_nor_t
-};
-
-static const unsigned char kat213_nor_entropyin[] = {
-    0x29, 0x89, 0x86, 0x2a, 0x79, 0xe2, 0x55, 0x19, 0x5a, 0x24, 0x82, 0x8f,
-    0xd3, 0x00, 0xeb, 0x34,
-};
-static const unsigned char kat213_nor_nonce[] = {
-    0x30, 0xff, 0xda, 0xcb, 0x3a, 0xc7, 0xb2, 0x7b,
-};
-static const unsigned char kat213_nor_persstr[] = {
-    0x71, 0x9b, 0x89, 0x9c, 0x9e, 0x4a, 0x5d, 0xb9, 0xe7, 0x1d, 0xfd, 0xa4,
-    0x8f, 0xa6, 0x58, 0xcd,
-};
-static const unsigned char kat213_nor_addin0[] = {0};
-static const unsigned char kat213_nor_addin1[] = {0};
-static const unsigned char kat213_nor_retbytes[] = {
-    0xb4, 0xf2, 0x00, 0x60, 0xea, 0x30, 0x01, 0xef, 0xdb, 0xd5, 0xcc, 0x89,
-    0x83, 0x8e, 0x0a, 0x08, 0xc0, 0x9f, 0x7a, 0x6f, 0xe5, 0xbc, 0x02, 0x3c,
-    0x33, 0xd1, 0x15, 0xfe, 0xdd, 0x6a, 0xe1, 0x51, 0x30, 0x74, 0x22, 0xf9,
-    0x97, 0xd3, 0x2b, 0x3c, 0xea, 0xb8, 0x79, 0x95, 0x86, 0x23, 0x68, 0xc4,
-    0xc3, 0xaf, 0x7a, 0xc4, 0x81, 0x58, 0x74, 0xc0, 0x08, 0x4e, 0xa1, 0xdc,
-    0xec, 0x50, 0x58, 0xba,
-};
-static const struct drbg_kat_no_reseed kat213_nor_t = {
-    2, kat213_nor_entropyin, kat213_nor_nonce, kat213_nor_persstr,
-    kat213_nor_addin0, kat213_nor_addin1, kat213_nor_retbytes
-};
-static const struct drbg_kat kat213_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat213_nor_t
-};
-
-static const unsigned char kat214_nor_entropyin[] = {
-    0x74, 0x82, 0xb2, 0xb0, 0x2a, 0x74, 0x46, 0xde, 0x58, 0x9d, 0x7e, 0x60,
-    0xcf, 0x01, 0x29, 0x69,
-};
-static const unsigned char kat214_nor_nonce[] = {
-    0x1c, 0x4b, 0xda, 0x6a, 0x57, 0xf4, 0x1f, 0xfb,
-};
-static const unsigned char kat214_nor_persstr[] = {
-    0x52, 0x9e, 0x4e, 0x80, 0xf5, 0x01, 0xe7, 0x3e, 0xc8, 0x6e, 0xaa, 0x25,
-    0x96, 0x28, 0xa1, 0x97,
-};
-static const unsigned char kat214_nor_addin0[] = {0};
-static const unsigned char kat214_nor_addin1[] = {0};
-static const unsigned char kat214_nor_retbytes[] = {
-    0x74, 0x98, 0xf9, 0x17, 0x2a, 0xf7, 0xf5, 0xf2, 0x6d, 0x84, 0x77, 0x97,
-    0x76, 0x8e, 0x45, 0x91, 0x70, 0xdd, 0x9e, 0xc7, 0xf4, 0x2a, 0x1f, 0xe9,
-    0x79, 0xa2, 0xe4, 0xfa, 0x32, 0xa5, 0xe1, 0x24, 0xc5, 0xcb, 0x1a, 0xd4,
-    0xc3, 0x94, 0xa2, 0xc2, 0x09, 0x9e, 0x8f, 0x94, 0x2e, 0xfb, 0xe5, 0x9a,
-    0xf0, 0x97, 0x5b, 0x56, 0xa9, 0xaf, 0xa7, 0x74, 0x33, 0x16, 0x12, 0xad,
-    0x88, 0x7b, 0x3f, 0x55,
-};
-static const struct drbg_kat_no_reseed kat214_nor_t = {
-    3, kat214_nor_entropyin, kat214_nor_nonce, kat214_nor_persstr,
-    kat214_nor_addin0, kat214_nor_addin1, kat214_nor_retbytes
-};
-static const struct drbg_kat kat214_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat214_nor_t
-};
-
-static const unsigned char kat215_nor_entropyin[] = {
-    0x0a, 0x84, 0x05, 0x99, 0x1a, 0xeb, 0x64, 0xf3, 0xa8, 0x2d, 0x8b, 0xef,
-    0x2b, 0x6c, 0x94, 0x22,
-};
-static const unsigned char kat215_nor_nonce[] = {
-    0xa7, 0xa5, 0x8d, 0xa9, 0xb2, 0x16, 0xf7, 0xfb,
-};
-static const unsigned char kat215_nor_persstr[] = {
-    0x68, 0xdf, 0x62, 0xfc, 0x01, 0xd3, 0xdb, 0xb0, 0x18, 0xc1, 0x63, 0xbe,
-    0x34, 0x29, 0xf2, 0xaa,
-};
-static const unsigned char kat215_nor_addin0[] = {0};
-static const unsigned char kat215_nor_addin1[] = {0};
-static const unsigned char kat215_nor_retbytes[] = {
-    0x7a, 0x9b, 0xa1, 0xe8, 0x25, 0x13, 0x3f, 0xf4, 0xc1, 0xd6, 0x46, 0xce,
-    0x55, 0x77, 0xf3, 0x5a, 0x17, 0x84, 0xee, 0xc2, 0xc1, 0x97, 0x70, 0x90,
-    0xb4, 0x8e, 0x30, 0xbd, 0x3b, 0x75, 0x06, 0xf4, 0x47, 0xee, 0x62, 0xd0,
-    0x21, 0xca, 0xe1, 0x2a, 0xd2, 0x87, 0xb4, 0x17, 0xed, 0xdb, 0x9e, 0xc6,
-    0x46, 0x0e, 0x3e, 0x28, 0x4a, 0xfa, 0x73, 0xb7, 0x39, 0x56, 0x4e, 0x40,
-    0x73, 0xd0, 0x0e, 0x3c,
-};
-static const struct drbg_kat_no_reseed kat215_nor_t = {
-    4, kat215_nor_entropyin, kat215_nor_nonce, kat215_nor_persstr,
-    kat215_nor_addin0, kat215_nor_addin1, kat215_nor_retbytes
-};
-static const struct drbg_kat kat215_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat215_nor_t
-};
-
-static const unsigned char kat216_nor_entropyin[] = {
-    0xc7, 0xe9, 0xf6, 0x88, 0x33, 0xb1, 0x8e, 0x03, 0x6a, 0xa1, 0xda, 0x02,
-    0x5a, 0x35, 0x9e, 0xd7,
-};
-static const unsigned char kat216_nor_nonce[] = {
-    0x99, 0xf0, 0xe4, 0x9c, 0xe8, 0x11, 0xee, 0x7e,
-};
-static const unsigned char kat216_nor_persstr[] = {
-    0x8d, 0xe7, 0xc8, 0x6b, 0x8e, 0xc6, 0x1d, 0x6a, 0xbb, 0x52, 0xa7, 0x91,
-    0x66, 0x71, 0xad, 0xb9,
-};
-static const unsigned char kat216_nor_addin0[] = {0};
-static const unsigned char kat216_nor_addin1[] = {0};
-static const unsigned char kat216_nor_retbytes[] = {
-    0x14, 0x07, 0xb6, 0x81, 0x51, 0xfc, 0xb0, 0xf0, 0x8e, 0xba, 0xbc, 0x21,
-    0xc6, 0xc1, 0x81, 0xac, 0x1d, 0xbf, 0x9c, 0x6f, 0xb1, 0xb2, 0xc1, 0x6e,
-    0xaf, 0x1f, 0x8c, 0x49, 0x0d, 0x6f, 0x7d, 0x52, 0xd0, 0xf4, 0x21, 0x11,
-    0x6a, 0x59, 0x98, 0x33, 0x0d, 0x81, 0x05, 0xf5, 0x02, 0x76, 0x17, 0xdc,
-    0x94, 0xb1, 0x4c, 0x08, 0x3f, 0x49, 0xd1, 0x1c, 0x34, 0xf4, 0xf2, 0x63,
-    0x02, 0x31, 0x66, 0x24,
-};
-static const struct drbg_kat_no_reseed kat216_nor_t = {
-    5, kat216_nor_entropyin, kat216_nor_nonce, kat216_nor_persstr,
-    kat216_nor_addin0, kat216_nor_addin1, kat216_nor_retbytes
-};
-static const struct drbg_kat kat216_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat216_nor_t
-};
-
-static const unsigned char kat217_nor_entropyin[] = {
-    0xd6, 0x7e, 0xeb, 0x00, 0xa4, 0x29, 0x1a, 0x18, 0x47, 0x11, 0x84, 0xb4,
-    0x31, 0x59, 0xd2, 0xbd,
-};
-static const unsigned char kat217_nor_nonce[] = {
-    0xe4, 0xa3, 0x61, 0x49, 0x7e, 0xe1, 0x43, 0x8a,
-};
-static const unsigned char kat217_nor_persstr[] = {
-    0xf0, 0x54, 0xad, 0xf2, 0xad, 0x38, 0x49, 0xda, 0x72, 0x72, 0xb3, 0xb3,
-    0x2a, 0xe0, 0xfc, 0xab,
-};
-static const unsigned char kat217_nor_addin0[] = {0};
-static const unsigned char kat217_nor_addin1[] = {0};
-static const unsigned char kat217_nor_retbytes[] = {
-    0x52, 0x45, 0xc3, 0x0a, 0x65, 0x1d, 0x98, 0x61, 0xb6, 0x36, 0xc8, 0xe8,
-    0xcc, 0x8b, 0x84, 0x52, 0x46, 0xda, 0x10, 0xc1, 0x04, 0xd7, 0x81, 0x34,
-    0xa8, 0x4e, 0x41, 0xfe, 0xa8, 0x0e, 0x0e, 0x73, 0x69, 0x2f, 0x84, 0x81,
-    0xcd, 0x4d, 0x75, 0x0c, 0x79, 0xe3, 0x87, 0x6b, 0x9a, 0xbf, 0xa9, 0xd6,
-    0x14, 0xd8, 0x68, 0x24, 0x96, 0x05, 0x61, 0x9d, 0xef, 0xef, 0x29, 0x68,
-    0xfd, 0x33, 0x14, 0x1e,
-};
-static const struct drbg_kat_no_reseed kat217_nor_t = {
-    6, kat217_nor_entropyin, kat217_nor_nonce, kat217_nor_persstr,
-    kat217_nor_addin0, kat217_nor_addin1, kat217_nor_retbytes
-};
-static const struct drbg_kat kat217_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat217_nor_t
-};
-
-static const unsigned char kat218_nor_entropyin[] = {
-    0xce, 0x08, 0xf0, 0x2b, 0xcd, 0xe4, 0x7f, 0x60, 0x30, 0x82, 0x02, 0x43,
-    0xe1, 0x01, 0x38, 0x87,
-};
-static const unsigned char kat218_nor_nonce[] = {
-    0xd1, 0xb1, 0x51, 0x30, 0xcd, 0x03, 0x8d, 0x6d,
-};
-static const unsigned char kat218_nor_persstr[] = {
-    0xad, 0x0b, 0xcb, 0x82, 0x01, 0x16, 0x0d, 0x82, 0xf1, 0x79, 0x66, 0xd4,
-    0xc7, 0xb6, 0xa4, 0xec,
-};
-static const unsigned char kat218_nor_addin0[] = {0};
-static const unsigned char kat218_nor_addin1[] = {0};
-static const unsigned char kat218_nor_retbytes[] = {
-    0xf4, 0x8e, 0xd0, 0x3b, 0xdb, 0xa9, 0x31, 0x0d, 0x7f, 0xe0, 0xa5, 0xdd,
-    0xdf, 0x9d, 0xf4, 0x9c, 0x0d, 0xbe, 0x07, 0xb9, 0x5b, 0xde, 0x25, 0xa0,
-    0xb6, 0x6e, 0xd0, 0x1a, 0x9f, 0x7a, 0x07, 0x82, 0x0f, 0x2d, 0x7e, 0xaa,
-    0x98, 0x63, 0x70, 0xa0, 0xce, 0x00, 0x01, 0x3b, 0x43, 0x31, 0xe4, 0x4b,
-    0xeb, 0x30, 0x10, 0x57, 0x5a, 0xf7, 0xd6, 0x25, 0xbe, 0xd5, 0x5a, 0x59,
-    0x2d, 0x97, 0x38, 0x28,
-};
-static const struct drbg_kat_no_reseed kat218_nor_t = {
-    7, kat218_nor_entropyin, kat218_nor_nonce, kat218_nor_persstr,
-    kat218_nor_addin0, kat218_nor_addin1, kat218_nor_retbytes
-};
-static const struct drbg_kat kat218_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat218_nor_t
-};
-
-static const unsigned char kat219_nor_entropyin[] = {
-    0x8d, 0xbc, 0xda, 0xa7, 0x8a, 0xdd, 0xb2, 0x85, 0xdf, 0xdb, 0x5e, 0x41,
-    0xee, 0xf6, 0x7e, 0x6f,
-};
-static const unsigned char kat219_nor_nonce[] = {
-    0x49, 0x06, 0x2c, 0x09, 0x8b, 0x64, 0xe7, 0xf8,
-};
-static const unsigned char kat219_nor_persstr[] = {
-    0x7d, 0xc1, 0x4e, 0x73, 0x96, 0xf6, 0x24, 0x50, 0xbe, 0xbd, 0xf2, 0xeb,
-    0xf0, 0x17, 0xaa, 0xd5,
-};
-static const unsigned char kat219_nor_addin0[] = {0};
-static const unsigned char kat219_nor_addin1[] = {0};
-static const unsigned char kat219_nor_retbytes[] = {
-    0x49, 0xd0, 0x3f, 0xe3, 0xb7, 0x2d, 0x44, 0xa8, 0xa1, 0xe4, 0x69, 0xd2,
-    0x5a, 0x14, 0x5b, 0xa6, 0x4d, 0x61, 0x69, 0xdd, 0x94, 0x7f, 0x87, 0x93,
-    0xd5, 0xef, 0x43, 0xde, 0x7b, 0x23, 0x94, 0x13, 0x70, 0x83, 0xe6, 0xe7,
-    0x69, 0xbb, 0xfd, 0xe9, 0x60, 0x0c, 0x36, 0xb0, 0x32, 0xb7, 0x78, 0x65,
-    0x22, 0x07, 0x0b, 0x5a, 0x65, 0xc7, 0x93, 0x92, 0x68, 0x92, 0xb9, 0xfb,
-    0x0d, 0x1c, 0x1d, 0x54,
-};
-static const struct drbg_kat_no_reseed kat219_nor_t = {
-    8, kat219_nor_entropyin, kat219_nor_nonce, kat219_nor_persstr,
-    kat219_nor_addin0, kat219_nor_addin1, kat219_nor_retbytes
-};
-static const struct drbg_kat kat219_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat219_nor_t
-};
-
-static const unsigned char kat220_nor_entropyin[] = {
-    0x0d, 0x98, 0x37, 0x0c, 0xff, 0xa0, 0xa8, 0x79, 0xfe, 0x85, 0xb5, 0xde,
-    0x4e, 0x69, 0xcf, 0x7d,
-};
-static const unsigned char kat220_nor_nonce[] = {
-    0x93, 0x50, 0xa8, 0x6b, 0x7a, 0x1b, 0xc6, 0x8a,
-};
-static const unsigned char kat220_nor_persstr[] = {
-    0x01, 0x61, 0xb2, 0x4d, 0x1c, 0x3c, 0xa5, 0x90, 0x11, 0x7e, 0xc2, 0x9a,
-    0xcc, 0x39, 0x44, 0x6f,
-};
-static const unsigned char kat220_nor_addin0[] = {0};
-static const unsigned char kat220_nor_addin1[] = {0};
-static const unsigned char kat220_nor_retbytes[] = {
-    0x7c, 0xd6, 0x46, 0x84, 0x28, 0x9b, 0x43, 0xb1, 0xe5, 0x93, 0xd9, 0x4a,
-    0xe9, 0x79, 0xf7, 0xfa, 0x5d, 0xe8, 0x95, 0x77, 0xf3, 0x7c, 0x7a, 0xea,
-    0x0b, 0x58, 0x4d, 0x18, 0x60, 0x2c, 0x25, 0x1b, 0x1e, 0xc2, 0x5f, 0xf6,
-    0x12, 0xd9, 0x7f, 0xda, 0x37, 0x84, 0xe9, 0x65, 0x59, 0x73, 0xe3, 0x1f,
-    0xd4, 0xb5, 0xd1, 0xea, 0xde, 0xc6, 0x68, 0x61, 0xae, 0x2e, 0x97, 0x19,
-    0xad, 0x34, 0x47, 0x30,
-};
-static const struct drbg_kat_no_reseed kat220_nor_t = {
-    9, kat220_nor_entropyin, kat220_nor_nonce, kat220_nor_persstr,
-    kat220_nor_addin0, kat220_nor_addin1, kat220_nor_retbytes
-};
-static const struct drbg_kat kat220_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat220_nor_t
-};
-
-static const unsigned char kat221_nor_entropyin[] = {
-    0xd9, 0xb6, 0xfb, 0x62, 0xda, 0x0a, 0x02, 0x32, 0x35, 0xe7, 0xcd, 0x78,
-    0x16, 0x37, 0x7c, 0xf5,
-};
-static const unsigned char kat221_nor_nonce[] = {
-    0x1c, 0xa8, 0xc5, 0xfa, 0x5b, 0x9f, 0x8c, 0x90,
-};
-static const unsigned char kat221_nor_persstr[] = {
-    0x17, 0xbe, 0x48, 0x85, 0xb5, 0xf9, 0x64, 0x1b, 0xf5, 0xf6, 0x89, 0xbc,
-    0x97, 0x97, 0x88, 0x58,
-};
-static const unsigned char kat221_nor_addin0[] = {0};
-static const unsigned char kat221_nor_addin1[] = {0};
-static const unsigned char kat221_nor_retbytes[] = {
-    0xe1, 0x1e, 0x3c, 0xa6, 0xc8, 0x32, 0xf4, 0x6f, 0xf1, 0xf9, 0x71, 0xc0,
-    0x7e, 0x7b, 0x66, 0xc7, 0xd5, 0xb1, 0xb2, 0xe6, 0xec, 0x8c, 0x5f, 0xfc,
-    0x77, 0x10, 0x3f, 0x0a, 0xd3, 0x08, 0x80, 0x0b, 0xb9, 0x89, 0xb9, 0xab,
-    0x70, 0x10, 0x68, 0x33, 0x78, 0xa3, 0xf7, 0x81, 0x9a, 0x29, 0x7a, 0x37,
-    0x65, 0x25, 0x6a, 0xc4, 0x0f, 0xb0, 0xa9, 0xcb, 0x22, 0x46, 0xae, 0xb8,
-    0x5d, 0x73, 0x60, 0x1b,
-};
-static const struct drbg_kat_no_reseed kat221_nor_t = {
-    10, kat221_nor_entropyin, kat221_nor_nonce, kat221_nor_persstr,
-    kat221_nor_addin0, kat221_nor_addin1, kat221_nor_retbytes
-};
-static const struct drbg_kat kat221_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat221_nor_t
-};
-
-static const unsigned char kat222_nor_entropyin[] = {
-    0xa7, 0x11, 0x39, 0x44, 0xfc, 0x4d, 0x4b, 0x15, 0xa9, 0x49, 0x67, 0xc8,
-    0xf5, 0x65, 0x2a, 0x36,
-};
-static const unsigned char kat222_nor_nonce[] = {
-    0xa5, 0x06, 0xb7, 0x9a, 0xfe, 0x6a, 0xf8, 0x22,
-};
-static const unsigned char kat222_nor_persstr[] = {
-    0x91, 0x8f, 0xe4, 0xf3, 0x65, 0x25, 0x9c, 0x18, 0xeb, 0x68, 0x50, 0xfb,
-    0xee, 0x40, 0x3f, 0x5e,
-};
-static const unsigned char kat222_nor_addin0[] = {0};
-static const unsigned char kat222_nor_addin1[] = {0};
-static const unsigned char kat222_nor_retbytes[] = {
-    0x60, 0x76, 0xb2, 0xc0, 0xf7, 0xde, 0x1d, 0xd3, 0xe4, 0x6a, 0xdb, 0x11,
-    0x61, 0xb7, 0x2a, 0x7f, 0x83, 0xb8, 0x77, 0x3f, 0xab, 0x0d, 0xcb, 0x1c,
-    0x1f, 0xde, 0x25, 0xdb, 0x0d, 0x09, 0x86, 0x2a, 0xcd, 0xd3, 0x8f, 0x8d,
-    0x21, 0x64, 0x90, 0x3a, 0x8e, 0x88, 0x58, 0xf8, 0xa9, 0xb6, 0x1b, 0xd7,
-    0xda, 0xe3, 0xf6, 0x06, 0x68, 0xe6, 0xee, 0x26, 0x4b, 0x9f, 0xfa, 0xf5,
-    0x78, 0xb5, 0x56, 0x46,
-};
-static const struct drbg_kat_no_reseed kat222_nor_t = {
-    11, kat222_nor_entropyin, kat222_nor_nonce, kat222_nor_persstr,
-    kat222_nor_addin0, kat222_nor_addin1, kat222_nor_retbytes
-};
-static const struct drbg_kat kat222_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat222_nor_t
-};
-
-static const unsigned char kat223_nor_entropyin[] = {
-    0xac, 0xf7, 0x62, 0x38, 0x39, 0xb9, 0x4b, 0xd7, 0xa8, 0x93, 0xc2, 0x87,
-    0x61, 0x6c, 0xdb, 0x6a,
-};
-static const unsigned char kat223_nor_nonce[] = {
-    0xa1, 0xf6, 0x03, 0x9f, 0x91, 0xc1, 0x76, 0x23,
-};
-static const unsigned char kat223_nor_persstr[] = {
-    0x5f, 0x9c, 0x69, 0xde, 0x2c, 0x32, 0x87, 0x3f, 0x67, 0x9d, 0x17, 0x68,
-    0xef, 0x3c, 0x70, 0xfb,
-};
-static const unsigned char kat223_nor_addin0[] = {0};
-static const unsigned char kat223_nor_addin1[] = {0};
-static const unsigned char kat223_nor_retbytes[] = {
-    0xf6, 0xab, 0xbf, 0xfd, 0x79, 0x65, 0x64, 0x94, 0x36, 0xb4, 0x8b, 0x09,
-    0x20, 0x86, 0xcd, 0xf0, 0x50, 0x2f, 0x52, 0xc8, 0x7c, 0x8f, 0xdc, 0x8f,
-    0x6d, 0x49, 0xf0, 0x84, 0x33, 0xa2, 0x02, 0xd8, 0xbe, 0x44, 0xf6, 0x56,
-    0x2a, 0xce, 0x58, 0x0e, 0x80, 0x75, 0xf0, 0xbc, 0x67, 0x0b, 0x2e, 0x9d,
-    0x95, 0x1f, 0x15, 0xf8, 0x4d, 0x82, 0xaf, 0xe6, 0xb8, 0x32, 0x76, 0x5e,
-    0xca, 0xb0, 0x37, 0xee,
-};
-static const struct drbg_kat_no_reseed kat223_nor_t = {
-    12, kat223_nor_entropyin, kat223_nor_nonce, kat223_nor_persstr,
-    kat223_nor_addin0, kat223_nor_addin1, kat223_nor_retbytes
-};
-static const struct drbg_kat kat223_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat223_nor_t
-};
-
-static const unsigned char kat224_nor_entropyin[] = {
-    0xd9, 0x0d, 0x78, 0x6e, 0x9d, 0x19, 0x62, 0x84, 0x3b, 0x02, 0x7a, 0xa0,
-    0xe8, 0x59, 0x8f, 0xd4,
-};
-static const unsigned char kat224_nor_nonce[] = {
-    0x04, 0x17, 0xf1, 0x4f, 0x96, 0xf2, 0x02, 0x9c,
-};
-static const unsigned char kat224_nor_persstr[] = {
-    0xec, 0x5c, 0x55, 0x14, 0x5a, 0x4f, 0x95, 0x52, 0xf2, 0x51, 0xf7, 0xdf,
-    0xb0, 0x17, 0xc1, 0xd4,
-};
-static const unsigned char kat224_nor_addin0[] = {0};
-static const unsigned char kat224_nor_addin1[] = {0};
-static const unsigned char kat224_nor_retbytes[] = {
-    0xfe, 0x2c, 0xa4, 0x44, 0x55, 0xa5, 0xe7, 0xde, 0x70, 0x8a, 0x71, 0x0a,
-    0xb6, 0x46, 0xcf, 0xcf, 0xbc, 0x87, 0xd6, 0x78, 0xb3, 0xe9, 0x41, 0x06,
-    0x3f, 0xa7, 0x01, 0xda, 0xc7, 0xcb, 0x4f, 0x09, 0x53, 0xaf, 0x8f, 0xce,
-    0x45, 0x8c, 0xee, 0x54, 0x9f, 0x53, 0x7f, 0xa7, 0x71, 0xb8, 0x9b, 0x04,
-    0x94, 0xc0, 0xbb, 0x5c, 0xfd, 0x35, 0xbf, 0x67, 0xf4, 0xb2, 0x70, 0xd6,
-    0x20, 0x5f, 0x47, 0x03,
-};
-static const struct drbg_kat_no_reseed kat224_nor_t = {
-    13, kat224_nor_entropyin, kat224_nor_nonce, kat224_nor_persstr,
-    kat224_nor_addin0, kat224_nor_addin1, kat224_nor_retbytes
-};
-static const struct drbg_kat kat224_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat224_nor_t
-};
-
-static const unsigned char kat225_nor_entropyin[] = {
-    0x1c, 0xdb, 0x74, 0x45, 0x59, 0xa8, 0x2c, 0x62, 0xfb, 0x3b, 0x15, 0xa2,
-    0xa3, 0xaa, 0xd1, 0x89,
-};
-static const unsigned char kat225_nor_nonce[] = {
-    0x43, 0x43, 0x2c, 0xe3, 0x0a, 0xe7, 0xf9, 0x6b,
-};
-static const unsigned char kat225_nor_persstr[] = {
-    0xf5, 0x9a, 0xd9, 0x93, 0x9f, 0xcd, 0x6c, 0x0f, 0x47, 0x8c, 0xc5, 0x08,
-    0x39, 0xf8, 0xff, 0xce,
-};
-static const unsigned char kat225_nor_addin0[] = {0};
-static const unsigned char kat225_nor_addin1[] = {0};
-static const unsigned char kat225_nor_retbytes[] = {
-    0x91, 0xb9, 0xeb, 0xeb, 0x92, 0x9d, 0xc6, 0x99, 0x94, 0x91, 0x22, 0x97,
-    0x0b, 0x21, 0x77, 0xd5, 0xd5, 0xb7, 0x05, 0x04, 0x2d, 0x3a, 0x0d, 0x60,
-    0xd7, 0xd3, 0xbb, 0x21, 0x8b, 0x7a, 0x69, 0xe1, 0xcd, 0x68, 0x64, 0xb8,
-    0xa2, 0x68, 0xca, 0x78, 0xc8, 0x34, 0x23, 0x2d, 0x0c, 0xb8, 0x8f, 0x93,
-    0x77, 0x30, 0x08, 0x4b, 0x1e, 0xc7, 0xd2, 0x86, 0x7f, 0xbc, 0x85, 0x0e,
-    0x04, 0x05, 0x03, 0x24,
-};
-static const struct drbg_kat_no_reseed kat225_nor_t = {
-    14, kat225_nor_entropyin, kat225_nor_nonce, kat225_nor_persstr,
-    kat225_nor_addin0, kat225_nor_addin1, kat225_nor_retbytes
-};
-static const struct drbg_kat kat225_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 0, 64, &kat225_nor_t
-};
-
-static const unsigned char kat226_nor_entropyin[] = {
-    0x71, 0xba, 0x02, 0x9a, 0x7a, 0x92, 0x39, 0x1b, 0x3f, 0x29, 0x4f, 0x2f,
-    0xbf, 0x57, 0x27, 0xab,
-};
-static const unsigned char kat226_nor_nonce[] = {
-    0xf0, 0xe9, 0x12, 0x78, 0x8f, 0x98, 0x27, 0xff,
-};
-static const unsigned char kat226_nor_persstr[] = {
-    0x23, 0xf3, 0x69, 0x80, 0xda, 0x40, 0x16, 0x64, 0x2c, 0x81, 0x0d, 0xa2,
-    0x99, 0x0a, 0xa2, 0x5e,
-};
-static const unsigned char kat226_nor_addin0[] = {
-    0x59, 0xab, 0x41, 0xb2, 0x4e, 0xe8, 0xe2, 0x71, 0xe2, 0x53, 0xc6, 0xcc,
-    0x40, 0x48, 0x7c, 0xb5,
-};
-static const unsigned char kat226_nor_addin1[] = {
-    0x91, 0x64, 0xf0, 0x28, 0x60, 0x77, 0x3e, 0x3b, 0x96, 0xd8, 0x5b, 0x37,
-    0x38, 0x38, 0x50, 0x66,
-};
-static const unsigned char kat226_nor_retbytes[] = {
-    0xde, 0x1b, 0x8a, 0x25, 0x95, 0x89, 0x23, 0x54, 0xda, 0x47, 0xb4, 0xea,
-    0xaf, 0x9d, 0xdc, 0xec, 0x64, 0xa9, 0x61, 0x01, 0x17, 0xb0, 0x5e, 0x40,
-    0xd0, 0x76, 0x60, 0xa8, 0x0b, 0xcf, 0x82, 0x5e, 0xef, 0xdb, 0xd2, 0x8e,
-    0x07, 0xd5, 0x96, 0x81, 0xf9, 0xe0, 0x03, 0x7b, 0xdb, 0x72, 0x5f, 0xe6,
-    0xce, 0x84, 0x6d, 0x82, 0x4b, 0x3b, 0x34, 0xc2, 0xc2, 0x1a, 0x48, 0xf8,
-    0x89, 0x5f, 0x9f, 0x5e,
-};
-static const struct drbg_kat_no_reseed kat226_nor_t = {
-    0, kat226_nor_entropyin, kat226_nor_nonce, kat226_nor_persstr,
-    kat226_nor_addin0, kat226_nor_addin1, kat226_nor_retbytes
-};
-static const struct drbg_kat kat226_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat226_nor_t
-};
-
-static const unsigned char kat227_nor_entropyin[] = {
-    0x67, 0x73, 0x94, 0xf0, 0x3e, 0xac, 0xb5, 0xa1, 0x37, 0x51, 0x5f, 0xcd,
-    0x3e, 0xa2, 0xbb, 0xc7,
-};
-static const unsigned char kat227_nor_nonce[] = {
-    0x9a, 0x5c, 0x1c, 0xea, 0x26, 0xef, 0xbf, 0x76,
-};
-static const unsigned char kat227_nor_persstr[] = {
-    0xdd, 0x73, 0xb1, 0x8e, 0xee, 0x62, 0x94, 0x34, 0x9a, 0xa6, 0x45, 0x6d,
-    0xaa, 0x77, 0xd2, 0x4f,
-};
-static const unsigned char kat227_nor_addin0[] = {
-    0xeb, 0x70, 0x19, 0x82, 0x6d, 0xb3, 0x27, 0x17, 0xa5, 0x73, 0x5e, 0xb4,
-    0x07, 0x73, 0xea, 0x56,
-};
-static const unsigned char kat227_nor_addin1[] = {
-    0xb6, 0x2d, 0xe2, 0xb4, 0xaa, 0x8d, 0x97, 0xf5, 0x26, 0xdd, 0xba, 0x44,
-    0x09, 0xf5, 0xaa, 0x26,
-};
-static const unsigned char kat227_nor_retbytes[] = {
-    0x22, 0x22, 0xa6, 0xbb, 0x0f, 0xfe, 0x14, 0xd2, 0xf7, 0x89, 0xe6, 0x4d,
-    0xcd, 0xf4, 0x78, 0x51, 0xa6, 0xc3, 0xa6, 0xe1, 0xd0, 0x83, 0x7d, 0x8b,
-    0x51, 0x1a, 0xa2, 0xf5, 0x6a, 0x6d, 0x08, 0x53, 0x4c, 0x97, 0xf4, 0xb1,
-    0x2a, 0x77, 0x44, 0x7d, 0xb2, 0x04, 0x09, 0xd3, 0x27, 0xfc, 0x08, 0x81,
-    0x62, 0xc0, 0xf2, 0xc5, 0x9f, 0xe4, 0x7e, 0x8c, 0x92, 0xae, 0x5d, 0xcd,
-    0xd7, 0x38, 0xc7, 0x68,
-};
-static const struct drbg_kat_no_reseed kat227_nor_t = {
-    1, kat227_nor_entropyin, kat227_nor_nonce, kat227_nor_persstr,
-    kat227_nor_addin0, kat227_nor_addin1, kat227_nor_retbytes
-};
-static const struct drbg_kat kat227_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat227_nor_t
-};
-
-static const unsigned char kat228_nor_entropyin[] = {
-    0x3f, 0x51, 0xf6, 0xcc, 0xf2, 0x24, 0x79, 0xed, 0x89, 0x1b, 0x89, 0x1f,
-    0xc4, 0xc6, 0xb5, 0x51,
-};
-static const unsigned char kat228_nor_nonce[] = {
-    0x19, 0xe0, 0x75, 0x4f, 0x7b, 0xfa, 0x0c, 0xef,
-};
-static const unsigned char kat228_nor_persstr[] = {
-    0x40, 0x2a, 0x1d, 0xab, 0x45, 0x0e, 0xa9, 0x04, 0x97, 0x38, 0x78, 0x2a,
-    0x93, 0x34, 0x7a, 0xff,
-};
-static const unsigned char kat228_nor_addin0[] = {
-    0x52, 0xc9, 0x0f, 0x57, 0x1c, 0x8c, 0x63, 0xf0, 0xdc, 0xdb, 0xd4, 0xe6,
-    0xc9, 0x65, 0x34, 0x78,
-};
-static const unsigned char kat228_nor_addin1[] = {
-    0x8b, 0xe6, 0x3b, 0x5e, 0xf2, 0x12, 0x69, 0x4e, 0xdb, 0xc2, 0xc8, 0xde,
-    0xc9, 0xa0, 0x58, 0x7b,
-};
-static const unsigned char kat228_nor_retbytes[] = {
-    0x1a, 0xbf, 0xe2, 0xd7, 0x21, 0x93, 0xb6, 0xe3, 0xd9, 0xbe, 0x85, 0x10,
-    0x7e, 0xce, 0x8f, 0xea, 0x5d, 0x22, 0x95, 0x68, 0x56, 0x8c, 0x93, 0xeb,
-    0x5e, 0xae, 0xd4, 0x63, 0xbf, 0x2b, 0x79, 0xcf, 0xdb, 0xd0, 0x47, 0x40,
-    0x2f, 0xf4, 0xe4, 0x22, 0x34, 0xc4, 0xe3, 0xe1, 0x50, 0xc1, 0xf0, 0xe8,
-    0x24, 0x00, 0xf6, 0xa5, 0x9e, 0xeb, 0xd0, 0x92, 0xee, 0x73, 0xad, 0xf1,
-    0xff, 0xca, 0x64, 0x94,
-};
-static const struct drbg_kat_no_reseed kat228_nor_t = {
-    2, kat228_nor_entropyin, kat228_nor_nonce, kat228_nor_persstr,
-    kat228_nor_addin0, kat228_nor_addin1, kat228_nor_retbytes
-};
-static const struct drbg_kat kat228_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat228_nor_t
-};
-
-static const unsigned char kat229_nor_entropyin[] = {
-    0x5a, 0x01, 0xb6, 0x38, 0x31, 0x1a, 0x29, 0x6b, 0xfe, 0x1f, 0x6e, 0x18,
-    0x0f, 0x24, 0x3d, 0x5b,
-};
-static const unsigned char kat229_nor_nonce[] = {
-    0x16, 0xbb, 0x4e, 0x36, 0xfd, 0x04, 0xb0, 0x5b,
-};
-static const unsigned char kat229_nor_persstr[] = {
-    0xd5, 0x44, 0x0a, 0x6f, 0xa4, 0xd3, 0x45, 0xcb, 0x84, 0xd5, 0x6d, 0xec,
-    0xaa, 0x3d, 0xbd, 0x18,
-};
-static const unsigned char kat229_nor_addin0[] = {
-    0xbd, 0x3e, 0x11, 0xdb, 0xb9, 0xf4, 0x0a, 0x13, 0x51, 0xc8, 0xbf, 0x7b,
-    0xd8, 0x94, 0xad, 0x20,
-};
-static const unsigned char kat229_nor_addin1[] = {
-    0xe0, 0x4a, 0x83, 0xa5, 0x18, 0x75, 0x15, 0x10, 0x4a, 0xa1, 0xe7, 0xf4,
-    0x34, 0xff, 0x43, 0x36,
-};
-static const unsigned char kat229_nor_retbytes[] = {
-    0x27, 0x28, 0xfc, 0xc1, 0xfe, 0xa7, 0xfe, 0x63, 0x5d, 0xdf, 0xed, 0x8b,
-    0xb3, 0xf7, 0xca, 0x29, 0xe1, 0xcb, 0xd8, 0x51, 0x6a, 0x2b, 0x5e, 0xab,
-    0xb7, 0xd0, 0x91, 0xe6, 0xe7, 0xf2, 0x04, 0x6a, 0x80, 0x77, 0xef, 0x6d,
-    0x1a, 0x90, 0x16, 0x5f, 0x18, 0x9d, 0x07, 0xa8, 0x97, 0xcd, 0xfc, 0x06,
-    0x88, 0x2a, 0xdb, 0x78, 0x1b, 0xe5, 0x89, 0xe0, 0xe5, 0xeb, 0x2d, 0xc9,
-    0x7b, 0xe6, 0x54, 0x6b,
-};
-static const struct drbg_kat_no_reseed kat229_nor_t = {
-    3, kat229_nor_entropyin, kat229_nor_nonce, kat229_nor_persstr,
-    kat229_nor_addin0, kat229_nor_addin1, kat229_nor_retbytes
-};
-static const struct drbg_kat kat229_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat229_nor_t
-};
-
-static const unsigned char kat230_nor_entropyin[] = {
-    0x97, 0xe4, 0x15, 0xb3, 0xca, 0x11, 0x0a, 0x80, 0x9e, 0xa6, 0x00, 0xa1,
-    0x3e, 0x47, 0xaa, 0x04,
-};
-static const unsigned char kat230_nor_nonce[] = {
-    0x12, 0x6e, 0x16, 0xdc, 0x57, 0x22, 0xa4, 0x49,
-};
-static const unsigned char kat230_nor_persstr[] = {
-    0xa9, 0xbe, 0x38, 0xe3, 0x01, 0x19, 0x86, 0xb9, 0x04, 0x71, 0x71, 0x93,
-    0xec, 0x4a, 0x7d, 0x4c,
-};
-static const unsigned char kat230_nor_addin0[] = {
-    0x19, 0x68, 0x69, 0x92, 0x21, 0xeb, 0x8b, 0x5e, 0xd0, 0x23, 0xa5, 0xd2,
-    0xd2, 0xd8, 0x12, 0x56,
-};
-static const unsigned char kat230_nor_addin1[] = {
-    0x4b, 0x5e, 0x1b, 0xde, 0x38, 0xb2, 0xa9, 0x79, 0x3b, 0x16, 0x6d, 0x86,
-    0x81, 0x6e, 0xd2, 0x31,
-};
-static const unsigned char kat230_nor_retbytes[] = {
-    0x4b, 0xe9, 0x89, 0x89, 0xdf, 0x2f, 0xe6, 0x68, 0x7e, 0x50, 0x88, 0xe5,
-    0x06, 0x98, 0x50, 0x7d, 0x91, 0x06, 0x1a, 0x8d, 0x6e, 0xb9, 0x5d, 0x66,
-    0x27, 0xd2, 0xb8, 0x57, 0x25, 0x3f, 0x05, 0x3c, 0x99, 0xee, 0x79, 0x84,
-    0xa4, 0x98, 0xde, 0x4d, 0xf3, 0x12, 0x44, 0x42, 0x85, 0x6f, 0x18, 0xe9,
-    0x8e, 0x66, 0x41, 0xf1, 0x52, 0xcd, 0x12, 0x9b, 0xd0, 0x4e, 0x99, 0x71,
-    0x09, 0x30, 0xc3, 0xe1,
-};
-static const struct drbg_kat_no_reseed kat230_nor_t = {
-    4, kat230_nor_entropyin, kat230_nor_nonce, kat230_nor_persstr,
-    kat230_nor_addin0, kat230_nor_addin1, kat230_nor_retbytes
-};
-static const struct drbg_kat kat230_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat230_nor_t
-};
-
-static const unsigned char kat231_nor_entropyin[] = {
-    0xb6, 0xc4, 0xcd, 0x96, 0xf7, 0xfd, 0xe8, 0x3e, 0xb5, 0x71, 0x22, 0x9b,
-    0x53, 0x7a, 0xcf, 0x5a,
-};
-static const unsigned char kat231_nor_nonce[] = {
-    0x4c, 0x4e, 0x0a, 0xac, 0xb5, 0xc5, 0x28, 0xe7,
-};
-static const unsigned char kat231_nor_persstr[] = {
-    0x5c, 0xe1, 0x09, 0x4d, 0x0d, 0x30, 0x7b, 0x41, 0xdb, 0x9b, 0xf2, 0x6d,
-    0xa4, 0x1d, 0xb1, 0x00,
-};
-static const unsigned char kat231_nor_addin0[] = {
-    0x98, 0x04, 0x7e, 0xe9, 0x87, 0x63, 0x7e, 0x45, 0x84, 0xfe, 0x7f, 0xe2,
-    0x86, 0x9c, 0x84, 0x5d,
-};
-static const unsigned char kat231_nor_addin1[] = {
-    0x17, 0x7e, 0x3c, 0x29, 0xd4, 0xfa, 0xf0, 0x43, 0x07, 0x7f, 0xbe, 0xfe,
-    0x0b, 0x99, 0x4b, 0x91,
-};
-static const unsigned char kat231_nor_retbytes[] = {
-    0x5e, 0xaf, 0x01, 0x3f, 0xd3, 0x77, 0x5a, 0x2d, 0x3e, 0x97, 0x16, 0x6d,
-    0x23, 0x15, 0x3a, 0x00, 0xf1, 0x86, 0x44, 0x96, 0x3e, 0x69, 0xcb, 0x96,
-    0x2a, 0x7b, 0xd2, 0xc3, 0x0a, 0xf9, 0xbd, 0x6a, 0x29, 0xd4, 0xbc, 0x70,
-    0x93, 0x0a, 0x92, 0x9b, 0x92, 0x52, 0xd8, 0x08, 0xdb, 0x41, 0x0c, 0x66,
-    0x41, 0x23, 0xbd, 0x69, 0xc1, 0xd0, 0xc1, 0xd4, 0xba, 0x3c, 0x7d, 0x8f,
-    0xf7, 0xae, 0x00, 0xf0,
-};
-static const struct drbg_kat_no_reseed kat231_nor_t = {
-    5, kat231_nor_entropyin, kat231_nor_nonce, kat231_nor_persstr,
-    kat231_nor_addin0, kat231_nor_addin1, kat231_nor_retbytes
-};
-static const struct drbg_kat kat231_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat231_nor_t
-};
-
-static const unsigned char kat232_nor_entropyin[] = {
-    0x2d, 0x1b, 0x80, 0x61, 0xd7, 0xd5, 0x83, 0xf8, 0x3b, 0xe5, 0x53, 0xc4,
-    0x83, 0x72, 0x12, 0xa0,
-};
-static const unsigned char kat232_nor_nonce[] = {
-    0x62, 0xa1, 0xfa, 0x74, 0x53, 0x62, 0xba, 0xce,
-};
-static const unsigned char kat232_nor_persstr[] = {
-    0x4d, 0x97, 0x6a, 0xdd, 0x18, 0xd5, 0xe2, 0x48, 0x4f, 0x67, 0xf7, 0xc8,
-    0x4c, 0xc6, 0x8b, 0x52,
-};
-static const unsigned char kat232_nor_addin0[] = {
-    0x57, 0x64, 0xde, 0x5d, 0xb9, 0x7e, 0x22, 0x3c, 0x04, 0x4a, 0x83, 0x3f,
-    0xa4, 0x2c, 0xf6, 0x29,
-};
-static const unsigned char kat232_nor_addin1[] = {
-    0xde, 0xef, 0x8d, 0x58, 0x1f, 0x6e, 0x4f, 0x80, 0x89, 0x92, 0xfd, 0x20,
-    0xc0, 0x6e, 0x10, 0x2d,
-};
-static const unsigned char kat232_nor_retbytes[] = {
-    0xac, 0xb7, 0x8f, 0x27, 0x33, 0x50, 0xd4, 0x59, 0xc7, 0x98, 0x09, 0xd8,
-    0x9b, 0x40, 0x28, 0x25, 0xbb, 0x00, 0xe3, 0x8a, 0xbd, 0x5e, 0xc1, 0x2f,
-    0xea, 0xdc, 0xde, 0xf6, 0x11, 0x46, 0x84, 0xb6, 0xfc, 0xb0, 0xe1, 0x76,
-    0xcb, 0xe4, 0x65, 0x91, 0x0f, 0xc2, 0x84, 0x8f, 0x0a, 0x70, 0x88, 0x44,
-    0x79, 0x4c, 0x5e, 0xea, 0xfe, 0xad, 0xa7, 0x56, 0x3c, 0x38, 0xc3, 0xee,
-    0x63, 0xc9, 0x7e, 0xf9,
-};
-static const struct drbg_kat_no_reseed kat232_nor_t = {
-    6, kat232_nor_entropyin, kat232_nor_nonce, kat232_nor_persstr,
-    kat232_nor_addin0, kat232_nor_addin1, kat232_nor_retbytes
-};
-static const struct drbg_kat kat232_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat232_nor_t
-};
-
-static const unsigned char kat233_nor_entropyin[] = {
-    0xef, 0x30, 0xfd, 0x99, 0x5f, 0xf0, 0xef, 0x44, 0xcc, 0xe6, 0x07, 0x7b,
-    0xb2, 0x2d, 0xe6, 0x99,
-};
-static const unsigned char kat233_nor_nonce[] = {
-    0x85, 0xc7, 0xd6, 0x05, 0x4a, 0x57, 0x76, 0x22,
-};
-static const unsigned char kat233_nor_persstr[] = {
-    0x5d, 0x59, 0xb3, 0xf0, 0x25, 0x00, 0x60, 0xe2, 0x20, 0x02, 0xad, 0xf7,
-    0x06, 0x48, 0x6d, 0x85,
-};
-static const unsigned char kat233_nor_addin0[] = {
-    0x79, 0x46, 0x81, 0xf7, 0x5d, 0xf9, 0xc9, 0x88, 0x30, 0x3f, 0x75, 0x1f,
-    0xb7, 0xe7, 0xfb, 0xa9,
-};
-static const unsigned char kat233_nor_addin1[] = {
-    0x7b, 0x13, 0x74, 0xc8, 0x47, 0x25, 0x37, 0xfa, 0x31, 0x11, 0xeb, 0x44,
-    0xe5, 0x2a, 0xfa, 0x23,
-};
-static const unsigned char kat233_nor_retbytes[] = {
-    0xb0, 0x49, 0x50, 0xf1, 0xa3, 0x57, 0x52, 0xc0, 0x67, 0xbc, 0xe8, 0x35,
-    0x76, 0x35, 0xf4, 0x70, 0xd1, 0x0b, 0x3b, 0xae, 0x47, 0x46, 0x6f, 0xd1,
-    0x16, 0x6f, 0x9f, 0xfa, 0xef, 0xbd, 0x32, 0x4b, 0x26, 0x53, 0xc7, 0xf3,
-    0x0e, 0xe4, 0x84, 0x86, 0x73, 0xd7, 0x04, 0x18, 0x65, 0xd9, 0x95, 0x45,
-    0x12, 0x58, 0x94, 0x92, 0x98, 0x9a, 0x00, 0xea, 0x4d, 0xa1, 0xdd, 0x28,
-    0x9e, 0x87, 0x17, 0xc3,
-};
-static const struct drbg_kat_no_reseed kat233_nor_t = {
-    7, kat233_nor_entropyin, kat233_nor_nonce, kat233_nor_persstr,
-    kat233_nor_addin0, kat233_nor_addin1, kat233_nor_retbytes
-};
-static const struct drbg_kat kat233_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat233_nor_t
-};
-
-static const unsigned char kat234_nor_entropyin[] = {
-    0xee, 0x4b, 0xde, 0x4f, 0x71, 0x2d, 0xc9, 0xfc, 0x1f, 0x2c, 0x01, 0xf1,
-    0xc6, 0x08, 0x6f, 0x35,
-};
-static const unsigned char kat234_nor_nonce[] = {
-    0xf6, 0x83, 0x7c, 0xfe, 0x53, 0xec, 0x48, 0x74,
-};
-static const unsigned char kat234_nor_persstr[] = {
-    0xfd, 0xb8, 0xf6, 0x4d, 0x99, 0xbd, 0x71, 0x7e, 0xee, 0x3d, 0x89, 0x35,
-    0x3b, 0x73, 0xc9, 0xc1,
-};
-static const unsigned char kat234_nor_addin0[] = {
-    0x09, 0xe5, 0xba, 0x3b, 0x23, 0x89, 0x5c, 0x5d, 0xff, 0x89, 0x38, 0x2d,
-    0x5e, 0x91, 0x70, 0x0d,
-};
-static const unsigned char kat234_nor_addin1[] = {
-    0xeb, 0x1a, 0x98, 0xde, 0x89, 0x62, 0xbb, 0xc4, 0xcb, 0x75, 0xcf, 0x0b,
-    0xf0, 0xf8, 0xdf, 0xa4,
-};
-static const unsigned char kat234_nor_retbytes[] = {
-    0xaa, 0xcd, 0xee, 0x0f, 0x3d, 0x1f, 0x95, 0x5f, 0x89, 0x6d, 0x5a, 0x5a,
-    0x25, 0x30, 0xfd, 0x80, 0x9a, 0x20, 0x2c, 0x92, 0x1d, 0x90, 0xa9, 0xcf,
-    0x59, 0x3e, 0x03, 0x93, 0x4e, 0x07, 0xc3, 0x92, 0xcc, 0x55, 0x54, 0xf5,
-    0x99, 0x21, 0xb4, 0x0c, 0xc0, 0x03, 0xfc, 0x26, 0x82, 0xca, 0xef, 0x9e,
-    0x6e, 0x61, 0xee, 0x4a, 0xbf, 0x45, 0x14, 0x8e, 0x5f, 0xf3, 0xff, 0x65,
-    0x87, 0x1b, 0x0d, 0x81,
-};
-static const struct drbg_kat_no_reseed kat234_nor_t = {
-    8, kat234_nor_entropyin, kat234_nor_nonce, kat234_nor_persstr,
-    kat234_nor_addin0, kat234_nor_addin1, kat234_nor_retbytes
-};
-static const struct drbg_kat kat234_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat234_nor_t
-};
-
-static const unsigned char kat235_nor_entropyin[] = {
-    0xa6, 0xaa, 0x94, 0x5e, 0xbe, 0x19, 0x29, 0x98, 0xbe, 0x8e, 0x24, 0x7d,
-    0xb9, 0x9c, 0xe7, 0xd0,
-};
-static const unsigned char kat235_nor_nonce[] = {
-    0x7d, 0xff, 0x26, 0xe9, 0x7a, 0x0a, 0x8d, 0xba,
-};
-static const unsigned char kat235_nor_persstr[] = {
-    0x4b, 0x6c, 0xcf, 0xac, 0x6c, 0x47, 0xfd, 0x65, 0x64, 0xbc, 0xfd, 0x94,
-    0xfe, 0x9e, 0xb2, 0x8d,
-};
-static const unsigned char kat235_nor_addin0[] = {
-    0x07, 0x83, 0x70, 0x53, 0xd2, 0x4c, 0xd0, 0xf4, 0xf4, 0x32, 0x7e, 0x97,
-    0xd2, 0x9d, 0x67, 0x95,
-};
-static const unsigned char kat235_nor_addin1[] = {
-    0x3b, 0x17, 0x2d, 0xdc, 0x8d, 0x38, 0x3b, 0x98, 0xd4, 0x08, 0x39, 0x4c,
-    0x0b, 0xa1, 0x52, 0xc1,
-};
-static const unsigned char kat235_nor_retbytes[] = {
-    0xd9, 0x0a, 0xa4, 0x22, 0xa8, 0xd2, 0xb8, 0x6e, 0x1f, 0x09, 0xde, 0x29,
-    0xdd, 0x16, 0xd4, 0x60, 0x50, 0x98, 0xa4, 0x5a, 0xea, 0xbe, 0x69, 0xc6,
-    0xbc, 0x8a, 0xe0, 0xc8, 0xf0, 0x1b, 0x7c, 0xc7, 0x3f, 0x88, 0x50, 0xec,
-    0x0c, 0x47, 0xd6, 0x16, 0xcb, 0x6c, 0xca, 0xb7, 0x7f, 0x22, 0x07, 0x99,
-    0x38, 0xed, 0x11, 0xb4, 0x8f, 0xcf, 0x3c, 0xf4, 0x6a, 0x3f, 0x64, 0x2f,
-    0x05, 0xae, 0xb8, 0xb7,
-};
-static const struct drbg_kat_no_reseed kat235_nor_t = {
-    9, kat235_nor_entropyin, kat235_nor_nonce, kat235_nor_persstr,
-    kat235_nor_addin0, kat235_nor_addin1, kat235_nor_retbytes
-};
-static const struct drbg_kat kat235_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat235_nor_t
-};
-
-static const unsigned char kat236_nor_entropyin[] = {
-    0x7e, 0xb5, 0x0f, 0x53, 0x2b, 0x00, 0x76, 0x52, 0x8e, 0x2d, 0x1f, 0x26,
-    0x6b, 0x38, 0x14, 0x06,
-};
-static const unsigned char kat236_nor_nonce[] = {
-    0x2a, 0x5e, 0x92, 0xe8, 0xfb, 0xf0, 0xe9, 0xee,
-};
-static const unsigned char kat236_nor_persstr[] = {
-    0x7e, 0xcb, 0xfd, 0x22, 0x98, 0x87, 0x2a, 0x79, 0x34, 0xe4, 0xed, 0x61,
-    0xa9, 0xf0, 0x04, 0xcd,
-};
-static const unsigned char kat236_nor_addin0[] = {
-    0x17, 0x9f, 0xa5, 0xd2, 0xeb, 0x90, 0xd4, 0x15, 0x48, 0x19, 0x2c, 0xc7,
-    0x44, 0x98, 0xbd, 0x42,
-};
-static const unsigned char kat236_nor_addin1[] = {
-    0x92, 0xdc, 0x9d, 0x60, 0xd2, 0xe3, 0x6d, 0x4b, 0xfb, 0x97, 0x90, 0x78,
-    0x3d, 0x1c, 0x58, 0x19,
-};
-static const unsigned char kat236_nor_retbytes[] = {
-    0x9a, 0x17, 0x1b, 0x50, 0x48, 0xba, 0xf1, 0x37, 0x5c, 0x14, 0x07, 0xa8,
-    0xdc, 0x1c, 0x8e, 0xda, 0x53, 0x2d, 0xf5, 0x52, 0x96, 0x77, 0x06, 0x88,
-    0x4e, 0x5f, 0xe3, 0xd4, 0x67, 0x86, 0x07, 0x74, 0x48, 0xf2, 0x8f, 0x89,
-    0xb3, 0x8e, 0xb7, 0x64, 0xdf, 0x7e, 0x0e, 0x3b, 0x40, 0x1a, 0xed, 0x3a,
-    0x23, 0x06, 0xfa, 0x2b, 0xed, 0xe3, 0x82, 0xaa, 0xe1, 0x08, 0xe1, 0x6a,
-    0xb4, 0x85, 0x69, 0x1e,
-};
-static const struct drbg_kat_no_reseed kat236_nor_t = {
-    10, kat236_nor_entropyin, kat236_nor_nonce, kat236_nor_persstr,
-    kat236_nor_addin0, kat236_nor_addin1, kat236_nor_retbytes
-};
-static const struct drbg_kat kat236_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat236_nor_t
-};
-
-static const unsigned char kat237_nor_entropyin[] = {
-    0x7d, 0x33, 0x40, 0xa8, 0xb1, 0xe1, 0x51, 0x71, 0xee, 0x34, 0x03, 0xcc,
-    0x19, 0xd3, 0xfe, 0xa9,
-};
-static const unsigned char kat237_nor_nonce[] = {
-    0xfd, 0xe6, 0x97, 0xac, 0xc7, 0xe7, 0x2b, 0x75,
-};
-static const unsigned char kat237_nor_persstr[] = {
-    0xa1, 0x28, 0x79, 0x71, 0x79, 0xc5, 0xca, 0xd6, 0xa9, 0xb4, 0x76, 0xff,
-    0x99, 0xf9, 0x82, 0x8f,
-};
-static const unsigned char kat237_nor_addin0[] = {
-    0x2d, 0xfa, 0x30, 0x85, 0xfa, 0x02, 0x3b, 0x53, 0x61, 0xdb, 0xa7, 0x9d,
-    0x40, 0x77, 0x38, 0xbc,
-};
-static const unsigned char kat237_nor_addin1[] = {
-    0xae, 0xf5, 0x3a, 0xf3, 0xbe, 0x89, 0x41, 0xe7, 0xd2, 0x71, 0x3c, 0x71,
-    0x28, 0x41, 0xdc, 0x68,
-};
-static const unsigned char kat237_nor_retbytes[] = {
-    0xc1, 0xf7, 0x25, 0xb2, 0x90, 0xed, 0x13, 0x10, 0xdd, 0x3f, 0x39, 0xe9,
-    0x9c, 0x7a, 0x65, 0xb8, 0x01, 0xb4, 0x74, 0x2f, 0x50, 0x66, 0xb3, 0xc7,
-    0x1b, 0xb4, 0x6f, 0x3d, 0xe7, 0x4d, 0xd2, 0xca, 0xae, 0xa4, 0x08, 0x21,
-    0x17, 0x4f, 0x67, 0x67, 0x22, 0xdb, 0x38, 0xfe, 0xda, 0x5d, 0x10, 0x96,
-    0xc7, 0x9a, 0xd1, 0xea, 0xbe, 0xff, 0x78, 0xde, 0xf0, 0x84, 0x7a, 0x24,
-    0x23, 0xbb, 0x46, 0x02,
-};
-static const struct drbg_kat_no_reseed kat237_nor_t = {
-    11, kat237_nor_entropyin, kat237_nor_nonce, kat237_nor_persstr,
-    kat237_nor_addin0, kat237_nor_addin1, kat237_nor_retbytes
-};
-static const struct drbg_kat kat237_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat237_nor_t
-};
-
-static const unsigned char kat238_nor_entropyin[] = {
-    0x05, 0x71, 0xd4, 0x1f, 0x98, 0xb7, 0x1e, 0xad, 0x41, 0x5f, 0xcb, 0x97,
-    0xfd, 0x05, 0xa1, 0xf1,
-};
-static const unsigned char kat238_nor_nonce[] = {
-    0x42, 0x16, 0x18, 0x2c, 0x09, 0x4c, 0x4b, 0x14,
-};
-static const unsigned char kat238_nor_persstr[] = {
-    0x6b, 0xed, 0x5c, 0xc7, 0x26, 0x60, 0xf7, 0xfd, 0x4c, 0x32, 0xab, 0xe5,
-    0xcb, 0x1a, 0xef, 0xed,
-};
-static const unsigned char kat238_nor_addin0[] = {
-    0xb1, 0x98, 0x97, 0x3f, 0x68, 0x9c, 0x37, 0xeb, 0x63, 0x76, 0xa0, 0x88,
-    0xa7, 0xc7, 0x3e, 0x97,
-};
-static const unsigned char kat238_nor_addin1[] = {
-    0xdf, 0xf3, 0xa3, 0xb0, 0x72, 0x43, 0x02, 0xf8, 0x3b, 0x85, 0x4f, 0x2f,
-    0xa8, 0xec, 0x34, 0x96,
-};
-static const unsigned char kat238_nor_retbytes[] = {
-    0x66, 0x7d, 0xdb, 0x87, 0x07, 0x9b, 0x39, 0x49, 0x03, 0x0f, 0x41, 0xff,
-    0x91, 0xb2, 0xec, 0x0a, 0x59, 0x8a, 0xb2, 0xd5, 0x5c, 0x99, 0xd0, 0x17,
-    0xe4, 0xfc, 0x79, 0xe9, 0x4f, 0x15, 0xb4, 0x10, 0xcc, 0x29, 0x70, 0xff,
-    0x01, 0x74, 0x82, 0xb2, 0x9e, 0xef, 0x2c, 0x25, 0x0a, 0x09, 0x12, 0x8a,
-    0x18, 0x60, 0x5e, 0x0f, 0xa1, 0x4a, 0xcc, 0xe3, 0x7b, 0x89, 0xc4, 0x38,
-    0xc8, 0x21, 0x31, 0x94,
-};
-static const struct drbg_kat_no_reseed kat238_nor_t = {
-    12, kat238_nor_entropyin, kat238_nor_nonce, kat238_nor_persstr,
-    kat238_nor_addin0, kat238_nor_addin1, kat238_nor_retbytes
-};
-static const struct drbg_kat kat238_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat238_nor_t
-};
-
-static const unsigned char kat239_nor_entropyin[] = {
-    0x8e, 0xe3, 0xed, 0xc1, 0xc6, 0x4e, 0xa7, 0xd6, 0xf0, 0xba, 0xb9, 0x73,
-    0x1e, 0x5d, 0x17, 0x62,
-};
-static const unsigned char kat239_nor_nonce[] = {
-    0x92, 0xa1, 0x42, 0x26, 0x08, 0x7a, 0xfa, 0xfb,
-};
-static const unsigned char kat239_nor_persstr[] = {
-    0x2a, 0x24, 0x04, 0xbe, 0xf6, 0xf7, 0x11, 0x34, 0x17, 0xdf, 0x0b, 0x18,
-    0x54, 0xd8, 0x47, 0x3d,
-};
-static const unsigned char kat239_nor_addin0[] = {
-    0xa2, 0x78, 0xe8, 0xa5, 0x0b, 0xcc, 0xd6, 0x12, 0x97, 0x4d, 0x02, 0x6e,
-    0xde, 0xf7, 0x50, 0x1c,
-};
-static const unsigned char kat239_nor_addin1[] = {
-    0xe7, 0x48, 0xf5, 0xe2, 0xf9, 0x8b, 0x48, 0x8e, 0x74, 0xb0, 0xbb, 0xd5,
-    0x59, 0xb5, 0xba, 0xbc,
-};
-static const unsigned char kat239_nor_retbytes[] = {
-    0x81, 0xec, 0xf8, 0xb7, 0xb0, 0x7c, 0x64, 0xce, 0xd1, 0xa4, 0x9b, 0x21,
-    0x33, 0x54, 0x99, 0x5a, 0x7b, 0xf1, 0x68, 0xd3, 0x8a, 0x83, 0x0b, 0x15,
-    0x70, 0x41, 0x4f, 0x5a, 0x20, 0x15, 0x49, 0x9e, 0x09, 0xaf, 0xf3, 0xbf,
-    0x58, 0x37, 0x19, 0x88, 0x6f, 0xe9, 0x9d, 0x00, 0xe6, 0xd9, 0xeb, 0x9a,
-    0x4f, 0xde, 0x29, 0xd8, 0xd9, 0x78, 0x8d, 0xd6, 0xff, 0xe2, 0x09, 0x83,
-    0x9a, 0x73, 0x9c, 0xd2,
-};
-static const struct drbg_kat_no_reseed kat239_nor_t = {
-    13, kat239_nor_entropyin, kat239_nor_nonce, kat239_nor_persstr,
-    kat239_nor_addin0, kat239_nor_addin1, kat239_nor_retbytes
-};
-static const struct drbg_kat kat239_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat239_nor_t
-};
-
-static const unsigned char kat240_nor_entropyin[] = {
-    0x06, 0x18, 0xc2, 0x88, 0x49, 0x14, 0x71, 0x22, 0x26, 0xad, 0x4e, 0x95,
-    0x80, 0xc0, 0x95, 0x23,
-};
-static const unsigned char kat240_nor_nonce[] = {
-    0x6e, 0xbc, 0x4d, 0x5d, 0xb4, 0x76, 0x7f, 0x5f,
-};
-static const unsigned char kat240_nor_persstr[] = {
-    0x7a, 0x82, 0x50, 0xa3, 0xbc, 0xbd, 0x81, 0x54, 0xc5, 0x05, 0x8b, 0x55,
-    0x1c, 0xf2, 0x20, 0x36,
-};
-static const unsigned char kat240_nor_addin0[] = {
-    0x30, 0x26, 0x05, 0x32, 0xb5, 0x6c, 0x0f, 0x8e, 0xde, 0x9b, 0x72, 0x5c,
-    0x32, 0x20, 0x8f, 0x31,
-};
-static const unsigned char kat240_nor_addin1[] = {
-    0x1e, 0x90, 0xdc, 0x4f, 0x67, 0xc1, 0xcb, 0x2d, 0xa1, 0x2d, 0x10, 0xa0,
-    0xb0, 0xfb, 0xb6, 0x26,
-};
-static const unsigned char kat240_nor_retbytes[] = {
-    0x49, 0x93, 0x57, 0x58, 0x80, 0xd0, 0x01, 0x45, 0xc1, 0xf9, 0x67, 0xdb,
-    0x25, 0xcc, 0xc8, 0xf3, 0x4c, 0xf0, 0xc6, 0x2a, 0xcc, 0xcb, 0xcf, 0xa0,
-    0xe7, 0x2c, 0x89, 0xea, 0xcf, 0x9f, 0xbe, 0x56, 0x14, 0x50, 0x74, 0xe4,
-    0xd4, 0x7f, 0x2b, 0x76, 0x74, 0xf4, 0xb0, 0xe0, 0x7e, 0xe3, 0xb5, 0x10,
-    0x4b, 0xf7, 0xcc, 0xfe, 0xd8, 0x00, 0x1d, 0x67, 0x11, 0xc6, 0x6f, 0xda,
-    0x94, 0x44, 0xfb, 0x8a,
-};
-static const struct drbg_kat_no_reseed kat240_nor_t = {
-    14, kat240_nor_entropyin, kat240_nor_nonce, kat240_nor_persstr,
-    kat240_nor_addin0, kat240_nor_addin1, kat240_nor_retbytes
-};
-static const struct drbg_kat kat240_nor = {
-    NO_RESEED, USE_DF, NID_aes_128_ctr, 16, 8, 16, 16, 64, &kat240_nor_t
-};
-
-static const unsigned char kat480_nor_entropyin[] = {
-    0x3d, 0x17, 0x4d, 0x98, 0xec, 0xa8, 0x0a, 0xe3, 0x9c, 0x75, 0xd2, 0x7f,
-    0x97, 0xb9, 0x9e, 0x9b, 0x0f, 0x74, 0x2b, 0x32, 0xe3, 0x7b, 0x94, 0xe8,
-};
-static const unsigned char kat480_nor_nonce[] = {
-    0xbc, 0xfc, 0x46, 0x13, 0x17, 0x5b, 0x6e, 0x35, 0x34, 0x08, 0xe2, 0x3b,
-    0x85, 0x81, 0xe7, 0x05,
-};
-static const unsigned char kat480_nor_persstr[] = {
-    0x3d, 0x0e, 0x9f, 0xa5, 0x61, 0x6f, 0xa2, 0x5a, 0x0d, 0x58, 0xdd, 0xbd,
-    0xc4, 0xa6, 0xa8, 0xe5, 0x5b, 0xef, 0x05, 0x1d, 0xb6, 0xfe, 0xdc, 0x8b,
-    0xe8, 0xd4, 0xc7, 0x52, 0xf1, 0xd2, 0xc9, 0x4a,
-};
-static const unsigned char kat480_nor_addin0[] = {
-    0x87, 0x18, 0xb1, 0x5a, 0x55, 0x0f, 0x97, 0x89, 0x39, 0xf5, 0x82, 0x79,
-    0xec, 0xda, 0xaf, 0xe7, 0x98, 0x0a, 0x1b, 0xbf, 0xe6, 0xb9, 0xde, 0x85,
-    0xb9, 0xfe, 0x10, 0x7c, 0x72, 0xa8, 0xfe, 0x20,
-};
-static const unsigned char kat480_nor_addin1[] = {
-    0x07, 0x88, 0x99, 0xf5, 0xa1, 0xed, 0xd1, 0xba, 0x8e, 0x10, 0xeb, 0x8e,
-    0xfa, 0x2c, 0x98, 0xba, 0x17, 0x4c, 0x1b, 0xd3, 0x5a, 0x74, 0x41, 0x4c,
-    0xff, 0x86, 0x23, 0x63, 0x3a, 0xc1, 0xc2, 0x5b,
-};
-static const unsigned char kat480_nor_retbytes[] = {
-    0x74, 0xe1, 0x55, 0xa5, 0x70, 0x7e, 0xb1, 0x9b, 0x79, 0xcf, 0x7e, 0xfc,
-    0xe1, 0xc4, 0x23, 0x7b, 0xac, 0x69, 0xe3, 0xf9, 0x31, 0x14, 0x11, 0xc9,
-    0x2d, 0xac, 0xfd, 0x8a, 0xc9, 0x2e, 0xa1, 0x1a, 0x87, 0x87, 0xa4, 0x7b,
-    0xc4, 0x4f, 0x1c, 0x29, 0x44, 0x44, 0x5b, 0x2b, 0x05, 0x27, 0xe1, 0x6a,
-    0xec, 0x6c, 0x01, 0x16, 0x54, 0x82, 0xd7, 0xe3, 0xb6, 0x44, 0x37, 0x09,
-    0x3b, 0x87, 0xbf, 0xbc,
-};
-static const struct drbg_kat_no_reseed kat480_nor_t = {
-    14, kat480_nor_entropyin, kat480_nor_nonce, kat480_nor_persstr,
-    kat480_nor_addin0, kat480_nor_addin1, kat480_nor_retbytes
-};
-static const struct drbg_kat kat480_nor = {
-    NO_RESEED, USE_DF, NID_aes_192_ctr, 24, 16, 32, 32, 64, &kat480_nor_t
-};
-
-
-static const unsigned char kat720_nor_entropyin[] = {
-    0x5f, 0xc1, 0xa4, 0x6b, 0x9b, 0x53, 0xe8, 0x3a, 0xdd, 0xd6, 0x16, 0x51,
-    0x79, 0x32, 0xad, 0x8a, 0x84, 0xe5, 0x50, 0xa5, 0x83, 0x27, 0xee, 0x24,
-    0x5a, 0xef, 0x20, 0x82, 0x64, 0xc5, 0xb9, 0x1c,
-};
-static const unsigned char kat720_nor_nonce[] = {
-    0x9c, 0xe7, 0x4e, 0x2b, 0x3c, 0x43, 0xba, 0x1d, 0x98, 0xf7, 0xd4, 0xe8,
-    0xeb, 0x5c, 0x9b, 0x3e,
-};
-static const unsigned char kat720_nor_persstr[] = {
-    0x5f, 0xe0, 0x1c, 0x84, 0xf8, 0x24, 0xc1, 0x7e, 0x4d, 0xfb, 0xfd, 0xb7,
-    0x5c, 0x32, 0x12, 0xcb, 0x2b, 0xfd, 0xf2, 0xda, 0x7c, 0x49, 0x7f, 0xeb,
-    0xc0, 0x96, 0x74, 0x75, 0xeb, 0xe2, 0x91, 0xf7,
-};
-static const unsigned char kat720_nor_addin0[] = {
-    0x84, 0x92, 0x2c, 0x03, 0x35, 0xa0, 0xea, 0xd6, 0x09, 0xe5, 0xa9, 0x2c,
-    0xfc, 0x4a, 0x22, 0x5b, 0xd3, 0xc7, 0xc0, 0x1a, 0xb4, 0x58, 0x0b, 0x78,
-    0x63, 0x38, 0xe1, 0xca, 0xa3, 0x62, 0x2f, 0x44,
-};
-static const unsigned char kat720_nor_addin1[] = {
-    0x34, 0xb0, 0x34, 0xca, 0x64, 0x3b, 0xbf, 0xd2, 0xfc, 0xc5, 0x7c, 0x9b,
-    0x53, 0xe0, 0xf9, 0xb3, 0xfd, 0x6a, 0x73, 0x45, 0x4f, 0x18, 0x23, 0xdf,
-    0xe7, 0xb7, 0x07, 0x6e, 0xc7, 0x3f, 0xd9, 0x56,
-};
-static const unsigned char kat720_nor_retbytes[] = {
-    0x6c, 0xaa, 0x44, 0x75, 0x18, 0x9e, 0xe0, 0x0d, 0xdc, 0x54, 0x91, 0x0f,
-    0x87, 0x23, 0xb0, 0xe5, 0xb8, 0xd3, 0xd0, 0xc3, 0x21, 0xce, 0x7f, 0x2a,
-    0xc7, 0x19, 0x4d, 0x13, 0x4a, 0x0a, 0x31, 0xd9, 0x6b, 0x10, 0x2d, 0xd5,
-    0x8e, 0x09, 0x2e, 0x08, 0xf8, 0xa0, 0x08, 0xf0, 0x5c, 0x4f, 0x2a, 0xfb,
-    0x29, 0x01, 0xc6, 0xe2, 0x95, 0x49, 0xd3, 0xa7, 0x20, 0xaa, 0x2b, 0x1d,
-    0x1f, 0x46, 0x1b, 0xb9,
-};
-static const struct drbg_kat_no_reseed kat720_nor_t = {
-    14, kat720_nor_entropyin, kat720_nor_nonce, kat720_nor_persstr,
-    kat720_nor_addin0, kat720_nor_addin1, kat720_nor_retbytes
-};
-static const struct drbg_kat kat720_nor = {
-    NO_RESEED, USE_DF, NID_aes_256_ctr, 32, 16, 32, 32, 64, &kat720_nor_t
-};
-
-static const unsigned char kat960_nor_entropyin[] = {
-    0x22, 0x54, 0x60, 0x44, 0xdf, 0x54, 0xe2, 0xbf, 0xe7, 0x46, 0x93, 0x18,
-    0xc5, 0x7c, 0x15, 0x9d, 0x0f, 0x25, 0xa5, 0x8b, 0xcf, 0x4f, 0xbe, 0x70,
-    0xae, 0x21, 0x4b, 0x66, 0x9b, 0x2e, 0x63, 0x14,
-};
-static const unsigned char kat960_nor_nonce[] = {0};
-static const unsigned char kat960_nor_persstr[] = {
-    0x28, 0xcf, 0x3c, 0xa7, 0xdf, 0x24, 0xcd, 0x72, 0x70, 0x4c, 0xc7, 0x3b,
-    0x4a, 0x61, 0x8c, 0xad, 0xb6, 0xac, 0x93, 0xf2, 0x16, 0x8c, 0x47, 0x9c,
-    0x35, 0x8d, 0xe1, 0x90, 0x7c, 0x0a, 0x0c, 0x82,
-};
-static const unsigned char kat960_nor_addin0[] = {
-    0x36, 0x55, 0x1e, 0xf0, 0x92, 0x32, 0xd2, 0x19, 0x95, 0x47, 0xaa, 0xef,
-    0xec, 0xaa, 0xad, 0x21, 0x74, 0x43, 0xd6, 0x16, 0x43, 0x3d, 0x9d, 0x16,
-    0x9b, 0xd8, 0xcd, 0x3e, 0xae, 0x7f, 0x91, 0xe2,
-};
-static const unsigned char kat960_nor_addin1[] = {
-    0x9e, 0x57, 0xa4, 0xe9, 0x6a, 0xce, 0x48, 0x3d, 0xbc, 0x3c, 0x22, 0x6d,
-    0x27, 0x23, 0xc9, 0x25, 0x80, 0x63, 0x27, 0x81, 0x40, 0xd2, 0x20, 0xc4,
-    0xfd, 0x02, 0x3c, 0x77, 0xfb, 0x20, 0xb8, 0x4c,
-};
-static const unsigned char kat960_nor_retbytes[] = {
-    0xca, 0x43, 0xdc, 0xec, 0xda, 0xb6, 0x89, 0x54, 0x9b, 0xc4, 0x49, 0x3a,
-    0x38, 0xa6, 0xa0, 0x17, 0xf6, 0x04, 0x82, 0x70, 0xe5, 0xd7, 0x0d, 0x0d,
-    0x75, 0x76, 0xa2, 0xab, 0x76, 0x4d, 0x92, 0x2b, 0xc3, 0x46, 0xe3, 0x0f,
-    0x42, 0xdc, 0x5a, 0x73, 0xea, 0x6a, 0x21, 0x0d, 0x2e, 0xba, 0x9b, 0xee,
-    0x5b, 0x5a, 0xfe, 0x3c, 0x66, 0x86, 0x7a, 0x68, 0xab, 0x3f, 0xe0, 0xd0,
-    0x8f, 0x51, 0x11, 0x01,
-};
-static const struct drbg_kat_no_reseed kat960_nor_t = {
-    14, kat960_nor_entropyin, kat960_nor_nonce, kat960_nor_persstr,
-    kat960_nor_addin0, kat960_nor_addin1, kat960_nor_retbytes
-};
-static const struct drbg_kat kat960_nor = {
-    NO_RESEED, NO_DF, NID_aes_128_ctr, 32, 0, 32, 32, 64, &kat960_nor_t
-};
-
-static const unsigned char kat1200_nor_entropyin[] = {
-    0x52, 0x40, 0x12, 0xbf, 0xc4, 0x7b, 0xed, 0x3d, 0xa7, 0xa3, 0x54, 0x88,
-    0xe8, 0x26, 0xc4, 0x2a, 0x76, 0x60, 0x7c, 0x0d, 0x98, 0x0c, 0xa0, 0x21,
-    0xc9, 0xea, 0x9c, 0xe0, 0xcf, 0x6d, 0xce, 0xd5, 0xc8, 0xea, 0x0c, 0x61,
-    0x77, 0x2e, 0x4d, 0x64,
-};
-static const unsigned char kat1200_nor_nonce[] = {0};
-static const unsigned char kat1200_nor_persstr[] = {
-    0x3a, 0x27, 0xc2, 0x5e, 0xb5, 0x94, 0x30, 0x28, 0xc0, 0x19, 0x96, 0xb5,
-    0x76, 0x6a, 0xf3, 0x39, 0x06, 0x1b, 0xee, 0xd2, 0xc8, 0xd8, 0xe7, 0x73,
-    0xfe, 0x08, 0xba, 0xde, 0x72, 0x80, 0x25, 0xd4, 0x73, 0xe2, 0x73, 0x39,
-    0xb6, 0x8d, 0xe5, 0xe6,
-};
-static const unsigned char kat1200_nor_addin0[] = {
-    0x8b, 0x98, 0x1e, 0xc9, 0xca, 0x88, 0xb1, 0x49, 0x3e, 0x7f, 0xf3, 0xb9,
-    0x0c, 0x02, 0xda, 0x6f, 0x47, 0x8b, 0xfa, 0x57, 0x3f, 0x5a, 0x03, 0x54,
-    0x94, 0x1d, 0xfe, 0xdb, 0x86, 0x3c, 0xa9, 0xd0, 0x5e, 0xfe, 0xa9, 0xd8,
-    0x83, 0x54, 0x59, 0xad,
-};
-static const unsigned char kat1200_nor_addin1[] = {
-    0x82, 0x9e, 0x75, 0xa5, 0x8e, 0xdd, 0x00, 0xd8, 0x62, 0x69, 0xef, 0x33,
-    0x2e, 0x67, 0x44, 0x72, 0x3b, 0x28, 0x9f, 0x7d, 0xf8, 0xf1, 0xc0, 0xbb,
-    0xf7, 0x02, 0x22, 0xb5, 0x42, 0xb9, 0x01, 0x4e, 0x2d, 0x0c, 0xdd, 0x6a,
-    0xae, 0xc8, 0xc1, 0x94,
-};
-static const unsigned char kat1200_nor_retbytes[] = {
-    0x8c, 0x4a, 0xa7, 0x94, 0xaf, 0x3d, 0x7d, 0x4d, 0x68, 0x40, 0x06, 0x80,
-    0x8c, 0x98, 0xc1, 0x1d, 0x81, 0x46, 0xb1, 0x1f, 0xd0, 0x62, 0xc6, 0x9c,
-    0xac, 0x01, 0x9f, 0x19, 0x13, 0xc4, 0x57, 0xb4, 0x9d, 0x42, 0x3b, 0x5e,
-    0xc6, 0x83, 0xf1, 0x91, 0x43, 0xea, 0xb3, 0x72, 0x07, 0x9a, 0x6d, 0xf5,
-    0x51, 0xfc, 0x68, 0x6d, 0x9d, 0x6f, 0x9c, 0xe5, 0xf6, 0x4e, 0xf6, 0x19,
-    0x18, 0x6f, 0x81, 0x6b,
-};
-static const struct drbg_kat_no_reseed kat1200_nor_t = {
-    14, kat1200_nor_entropyin, kat1200_nor_nonce, kat1200_nor_persstr,
-    kat1200_nor_addin0, kat1200_nor_addin1, kat1200_nor_retbytes
-};
-static const struct drbg_kat kat1200_nor = {
-    NO_RESEED, NO_DF, NID_aes_192_ctr, 40, 0, 40, 40, 64, &kat1200_nor_t
-};
-
-static const unsigned char kat1440_nor_entropyin[] = {
-    0x65, 0x62, 0xbb, 0xb3, 0x98, 0xc0, 0x2c, 0x7d, 0xdf, 0x0b, 0xdc, 0xbf,
-    0xea, 0xcd, 0x5a, 0xfe, 0x31, 0xc7, 0x75, 0xbd, 0xa5, 0x3b, 0x4c, 0xb2,
-    0xa3, 0x89, 0x6a, 0x89, 0x81, 0x49, 0xbb, 0x19, 0x5f, 0xa3, 0xdd, 0x69,
-    0x23, 0x7b, 0xfa, 0xbe, 0x3a, 0x4c, 0x2d, 0xae, 0xbf, 0x30, 0xdc, 0x17,
-};
-static const unsigned char kat1440_nor_nonce[] = {0};
-static const unsigned char kat1440_nor_persstr[] = {
-    0x96, 0x3e, 0x80, 0xb8, 0x4c, 0xeb, 0x20, 0x45, 0xf9, 0xb5, 0x21, 0x92,
-    0x39, 0xb4, 0x21, 0x39, 0xaa, 0xc6, 0x75, 0xca, 0x0b, 0x59, 0x1b, 0x25,
-    0x53, 0xe8, 0x39, 0x64, 0x7a, 0xba, 0x20, 0x84, 0x99, 0x3b, 0x07, 0x65,
-    0x45, 0x6a, 0xe9, 0x07, 0xaa, 0x5d, 0x6d, 0xa3, 0x44, 0x87, 0x43, 0x2a,
-};
-static const unsigned char kat1440_nor_addin0[] = {
-    0x59, 0xcc, 0xb9, 0x0f, 0xb7, 0xe9, 0xae, 0x3a, 0x53, 0x2f, 0x95, 0x6b,
-    0xc0, 0x03, 0x8c, 0xe0, 0xae, 0x32, 0xfa, 0x71, 0x4d, 0x88, 0x36, 0xc4,
-    0x78, 0x91, 0x98, 0x3a, 0xfb, 0x68, 0x2e, 0xd2, 0x33, 0x56, 0x00, 0x63,
-    0x9d, 0xa1, 0xd2, 0xa9, 0xe8, 0x9a, 0x95, 0x7a, 0xbc, 0x5b, 0x3d, 0x50,
-};
-static const unsigned char kat1440_nor_addin1[] = {
-    0x91, 0x16, 0x5e, 0x46, 0x01, 0x6f, 0x2d, 0x56, 0x19, 0xcd, 0x45, 0x49,
-    0xf5, 0xac, 0x20, 0x56, 0x39, 0x6b, 0xee, 0x73, 0x16, 0xa3, 0x66, 0xec,
-    0x60, 0x51, 0xf3, 0xbd, 0x26, 0x77, 0x0b, 0x3f, 0xd6, 0x3c, 0x16, 0x34,
-    0x94, 0xfb, 0x7e, 0x9d, 0x32, 0x6e, 0xca, 0xd9, 0xbf, 0xc1, 0x71, 0xa8,
-};
-static const unsigned char kat1440_nor_retbytes[] = {
-    0x87, 0xed, 0x4a, 0xef, 0x26, 0x4f, 0x2a, 0xc5, 0x45, 0x10, 0xb8, 0x3b,
-    0x98, 0xf7, 0x58, 0x5a, 0xef, 0x7f, 0x38, 0x29, 0x47, 0xcb, 0x49, 0x80,
-    0x37, 0x84, 0xa2, 0x7c, 0xfb, 0xbc, 0x58, 0x74, 0x56, 0x2b, 0x6d, 0x6c,
-    0xb5, 0x7b, 0x75, 0x48, 0xa1, 0xbe, 0x46, 0x4a, 0xbb, 0x20, 0x28, 0xc3,
-    0x44, 0x07, 0x45, 0x27, 0xe8, 0xec, 0x56, 0xad, 0x6e, 0x2b, 0x3b, 0x8f,
-    0xc5, 0x6f, 0x17, 0x7c,
-};
-static const struct drbg_kat_no_reseed kat1440_nor_t = {
-    14, kat1440_nor_entropyin, kat1440_nor_nonce, kat1440_nor_persstr,
-    kat1440_nor_addin0, kat1440_nor_addin1, kat1440_nor_retbytes
-};
-static const struct drbg_kat kat1440_nor = {
-    NO_RESEED, NO_DF, NID_aes_256_ctr, 48, 0, 48, 48, 64, &kat1440_nor_t
-};
-
-
-static const unsigned char kat1_prt_entropyin[] = {
-    0x5d, 0x40, 0x41, 0x94, 0x2b, 0xcf, 0x68, 0x86, 0x4a, 0x49, 0x97, 0xd8,
-    0x17, 0x1f, 0x1f, 0x9f,
-};
-static const unsigned char kat1_prt_nonce[] = {
-    0xd4, 0xf1, 0xf4, 0xae, 0x08, 0xbc, 0xb3, 0xe1,
-};
-static const unsigned char kat1_prt_persstr[] = {0};
-static const unsigned char kat1_prt_entropyinpr0[] = {
-    0xef, 0x55, 0xa7, 0x69, 0xb7, 0xea, 0xf0, 0x3f, 0xe0, 0x82, 0x02, 0x9b,
-    0xb3, 0x2a, 0x2b, 0x9d,
-};
-static const unsigned char kat1_prt_entropyinpr1[] = {
-    0x82, 0x39, 0xe8, 0x65, 0xc0, 0xa4, 0x2e, 0x14, 0xb9, 0x64, 0xb9, 0xc0,
-    0x9d, 0xe8, 0x5a, 0x20,
-};
-static const unsigned char kat1_prt_addin0[] = {0};
-static const unsigned char kat1_prt_addin1[] = {0};
-static const unsigned char kat1_prt_retbytes[] = {
-    0x41, 0x55, 0x32, 0x02, 0x87, 0xee, 0xdc, 0xf7, 0xd4, 0x84, 0xc2, 0xc2,
-    0xa1, 0xe2, 0xeb, 0x64, 0xb9, 0xc9, 0xce, 0x77, 0xc8, 0x72, 0x02, 0xa1,
-    0xae, 0x16, 0x16, 0xc7, 0xa5, 0xcf, 0xd1, 0xc6, 0x87, 0xc7, 0xa0, 0xbf,
-    0xcc, 0x85, 0xbd, 0xa4, 0x8f, 0xdd, 0x46, 0x29, 0xfd, 0x33, 0x0c, 0x22,
-    0xd0, 0xa7, 0x60, 0x76, 0xf8, 0x8f, 0xc7, 0xcd, 0x04, 0x03, 0x7e, 0xe0,
-    0x6b, 0x7a, 0xf6, 0x02,
-};
-static const struct drbg_kat_pr_true kat1_prt_t = {
-    0, kat1_prt_entropyin, kat1_prt_nonce, kat1_prt_persstr,
-    kat1_prt_entropyinpr0, kat1_prt_addin0, kat1_prt_entropyinpr1,
-    kat1_prt_addin1, kat1_prt_retbytes
-};
-static const struct drbg_kat kat1_prt = {
-    PR_TRUE, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat1_prt_t
-};
-
-static const unsigned char kat1440_prt_entropyin[] = {
-    0x5a, 0x6e, 0x33, 0xd1, 0x56, 0x67, 0x27, 0x28, 0x14, 0xb1, 0xb8, 0x3e,
-    0x37, 0x24, 0xf9, 0x95, 0xaf, 0x0f, 0xb0, 0x5c, 0x24, 0x72, 0x03, 0xc3,
-    0x4a, 0x07, 0xa6, 0x74, 0x36, 0xe7, 0xde, 0xdc, 0xd7, 0x17, 0xa2, 0x4c,
-    0xa4, 0xa9, 0xd9, 0xf9, 0xd4, 0x7a, 0x6b, 0x6b, 0x84, 0xb6, 0x3b, 0x88,
-};
-static const unsigned char kat1440_prt_nonce[] = {0};
-static const unsigned char kat1440_prt_persstr[] = {
-    0xf3, 0xfe, 0x7a, 0xd7, 0xd0, 0xd6, 0xb8, 0x60, 0x93, 0x12, 0xf0, 0x49,
-    0xf7, 0x5a, 0x2e, 0x9c, 0xe6, 0x43, 0xc9, 0x35, 0xd8, 0x2a, 0xce, 0x41,
-    0xdb, 0xa5, 0xb0, 0xc1, 0xc9, 0x85, 0x68, 0x43, 0x28, 0xfe, 0x31, 0xc4,
-    0xe7, 0x7d, 0xb6, 0x0f, 0x25, 0x14, 0x38, 0xed, 0x74, 0x83, 0xef, 0x19,
-};
-static const unsigned char kat1440_prt_entropyinpr0[] = {
-    0xb4, 0xe1, 0x56, 0xfe, 0x5a, 0x63, 0x56, 0xcf, 0xcb, 0x2c, 0xbb, 0x79,
-    0xa1, 0x81, 0xe4, 0x0a, 0x1d, 0x8f, 0xd0, 0xe1, 0x0f, 0xc4, 0x77, 0x58,
-    0x93, 0xb8, 0x51, 0x32, 0xed, 0xe0, 0xca, 0x22, 0x26, 0x8e, 0xad, 0x5a,
-    0x40, 0xb6, 0xde, 0x69, 0x84, 0xce, 0xe2, 0xfc, 0xa6, 0x2f, 0xdb, 0xee,
-};
-static const unsigned char kat1440_prt_entropyinpr1[] = {
-    0xd0, 0x04, 0xfa, 0x7a, 0xe5, 0x59, 0x65, 0x6f, 0x6a, 0x8f, 0x85, 0x25,
-    0xc6, 0xe5, 0x5d, 0x24, 0x5c, 0x8d, 0x7f, 0x58, 0x0c, 0xfe, 0x63, 0xba,
-    0x84, 0x57, 0x5c, 0x5b, 0x6e, 0xf8, 0xbb, 0xf6, 0x13, 0x0f, 0xda, 0x8f,
-    0x01, 0xfd, 0x87, 0x30, 0x79, 0x23, 0xe0, 0x63, 0x9a, 0x23, 0xf4, 0xe8,
-};
-static const unsigned char kat1440_prt_addin0[] = {
-    0x56, 0x1d, 0x2a, 0x23, 0x52, 0xab, 0x0e, 0x73, 0xf3, 0xec, 0x11, 0x35,
-    0xe4, 0xf2, 0xdd, 0x22, 0x6d, 0x5f, 0x3e, 0x4b, 0xc3, 0xc4, 0xd8, 0xc4,
-    0x6d, 0xe8, 0x66, 0x44, 0x65, 0x99, 0x44, 0x6d, 0x0f, 0x15, 0x8b, 0xda,
-    0x30, 0xc3, 0xee, 0xc2, 0x03, 0x3d, 0xbe, 0x09, 0x92, 0x4c, 0x94, 0xb1,
-};
-static const unsigned char kat1440_prt_addin1[] = {
-    0x1f, 0xc6, 0x76, 0x04, 0x93, 0x0d, 0xec, 0xe4, 0x93, 0x7f, 0x2b, 0x01,
-    0xaa, 0x4c, 0x44, 0xeb, 0x63, 0x70, 0xa5, 0xfb, 0xe1, 0xe1, 0x68, 0xa8,
-    0x4c, 0x26, 0xfa, 0x3c, 0x6d, 0xd0, 0xfd, 0xa4, 0xe2, 0x07, 0x16, 0x96,
-    0xe3, 0x24, 0x6d, 0x34, 0x85, 0xf4, 0xd5, 0xf1, 0x9c, 0x6b, 0x18, 0x53,
-};
-static const unsigned char kat1440_prt_retbytes[] = {
-    0x65, 0xfa, 0x1b, 0x5c, 0xd3, 0xbc, 0x6f, 0x0a, 0x6a, 0x89, 0x90, 0x14,
-    0xf8, 0xdd, 0x94, 0xc6, 0x24, 0xcb, 0xd6, 0xde, 0xef, 0xa5, 0x0b, 0x3f,
-    0x65, 0xa1, 0x06, 0x7a, 0x1a, 0xfb, 0x95, 0x2f, 0x13, 0x4f, 0xf7, 0x33,
-    0x35, 0x81, 0x84, 0x33, 0x52, 0x60, 0xd2, 0x85, 0xc1, 0x76, 0x71, 0x8f,
-    0xcc, 0x58, 0xf0, 0xd2, 0x82, 0xa2, 0x48, 0x11, 0xb8, 0x60, 0x8f, 0x3d,
-    0x75, 0x3d, 0xe0, 0x68,
-};
-static const struct drbg_kat_pr_true kat1440_prt_t = {
-    14, kat1440_prt_entropyin, kat1440_prt_nonce, kat1440_prt_persstr,
-    kat1440_prt_entropyinpr0, kat1440_prt_addin0, kat1440_prt_entropyinpr1,
-    kat1440_prt_addin1, kat1440_prt_retbytes
-};
-static const struct drbg_kat kat1440_prt = {
-    PR_TRUE, NO_DF, NID_aes_256_ctr, 48, 0, 48, 48, 64, &kat1440_prt_t
-};
-
-
-static const unsigned char kat1_prf_entropyin[] = {
-    0x0f, 0x65, 0xda, 0x13, 0xdc, 0xa4, 0x07, 0x99, 0x9d, 0x47, 0x73, 0xc2,
-    0xb4, 0xa1, 0x1d, 0x85,
-};
-static const unsigned char kat1_prf_nonce[] = {
-    0x52, 0x09, 0xe5, 0xb4, 0xed, 0x82, 0xa2, 0x34,
-};
-static const unsigned char kat1_prf_persstr[] = {0};
-static const unsigned char kat1_prf_entropyin_reseed[] = {
-    0x1d, 0xea, 0x0a, 0x12, 0xc5, 0x2b, 0xf6, 0x43, 0x39, 0xdd, 0x29, 0x1c,
-    0x80, 0xd8, 0xca, 0x89,
-};
-static const unsigned char kat1_prf_addin_reseed[] = {0};
-static const unsigned char kat1_prf_addin0[] = {0};
-static const unsigned char kat1_prf_addin1[] = {0};
-static const unsigned char kat1_prf_retbytes[] = {
-    0x28, 0x59, 0xcc, 0x46, 0x8a, 0x76, 0xb0, 0x86, 0x61, 0xff, 0xd2, 0x3b,
-    0x28, 0x54, 0x7f, 0xfd, 0x09, 0x97, 0xad, 0x52, 0x6a, 0x0f, 0x51, 0x26,
-    0x1b, 0x99, 0xed, 0x3a, 0x37, 0xbd, 0x40, 0x7b, 0xf4, 0x18, 0xdb, 0xe6,
-    0xc6, 0xc3, 0xe2, 0x6e, 0xd0, 0xdd, 0xef, 0xcb, 0x74, 0x74, 0xd8, 0x99,
-    0xbd, 0x99, 0xf3, 0x65, 0x54, 0x27, 0x51, 0x9f, 0xc5, 0xb4, 0x05, 0x7b,
-    0xca, 0xf3, 0x06, 0xd4,
-};
-static const struct drbg_kat_pr_false kat1_prf_t = {
-    0, kat1_prf_entropyin, kat1_prf_nonce, kat1_prf_persstr,
-    kat1_prf_entropyin_reseed, kat1_prf_addin_reseed,
-    kat1_prf_addin0, kat1_prf_addin1, kat1_prf_retbytes
-};
-static const struct drbg_kat kat1_prf = {
-    PR_FALSE, USE_DF, NID_aes_128_ctr, 16, 8, 0, 0, 64, &kat1_prf_t
-};
-
-static const unsigned char kat1440_prf_entropyin[] = {
-    0x88, 0x2e, 0xd0, 0x54, 0x87, 0xdc, 0xe4, 0xb4, 0xf9, 0xe5, 0x8e, 0xc4,
-    0xf2, 0xda, 0x1f, 0xa5, 0xd8, 0xeb, 0xb4, 0xef, 0x9f, 0xcb, 0xf7, 0xb0,
-    0xa0, 0xe1, 0x5c, 0x4d, 0xcc, 0xb8, 0xe1, 0x97, 0x88, 0xf8, 0x6d, 0xcf,
-    0x28, 0x85, 0xe7, 0x1a, 0x20, 0xcb, 0xd9, 0xac, 0x10, 0xa6, 0x64, 0x8e,
-};
-static const unsigned char kat1440_prf_nonce[] = {0};
-static const unsigned char kat1440_prf_persstr[] = {
-    0x05, 0xf5, 0xbc, 0x41, 0x68, 0x7e, 0xa1, 0xe4, 0xc3, 0x4a, 0x69, 0x94,
-    0x4f, 0xba, 0xe2, 0x83, 0xcf, 0xee, 0x4c, 0x42, 0xb1, 0xbb, 0xd7, 0x8f,
-    0xdd, 0xb0, 0x97, 0x3d, 0x0f, 0xca, 0x94, 0x85, 0x39, 0xb6, 0x84, 0x36,
-    0x58, 0xb6, 0x7c, 0x30, 0xb7, 0x31, 0x91, 0xb9, 0xa0, 0xbf, 0x29, 0x21,
-};
-static const unsigned char kat1440_prf_entropyin_reseed[] = {
-    0xca, 0x16, 0x03, 0xd4, 0xc8, 0x71, 0x14, 0x04, 0xc7, 0xbd, 0xc1, 0x2c,
-    0x7c, 0x75, 0xb2, 0x94, 0x3a, 0x4b, 0x04, 0x2e, 0xa1, 0xd2, 0xeb, 0x54,
-    0x50, 0x6a, 0x68, 0x76, 0x95, 0x21, 0x57, 0xca, 0xf3, 0xb1, 0x52, 0xdc,
-    0x75, 0xf2, 0x7f, 0x22, 0x13, 0x64, 0x5a, 0x14, 0x15, 0x77, 0xe8, 0xba,
-};
-static const unsigned char kat1440_prf_addin_reseed[] = {
-    0x83, 0xcd, 0xa5, 0x33, 0x80, 0x88, 0x8d, 0x53, 0x51, 0x5e, 0x58, 0x15,
-    0x4f, 0x89, 0xd5, 0x52, 0x8a, 0xb6, 0x9f, 0x31, 0xfb, 0xcf, 0xca, 0x34,
-    0x98, 0x8c, 0xf0, 0x3c, 0x4c, 0xae, 0x5f, 0x60, 0xaa, 0x62, 0x91, 0xf3,
-    0x2d, 0x99, 0xab, 0x2a, 0x72, 0x6b, 0x6e, 0x08, 0xd2, 0x50, 0x2c, 0xf5,
-};
-static const unsigned char kat1440_prf_addin0[] = {
-    0x5b, 0xf5, 0xca, 0x9f, 0x96, 0x4e, 0xdd, 0x91, 0xe8, 0xef, 0x49, 0x1f,
-    0xd3, 0xcd, 0x32, 0xfa, 0xf9, 0xcb, 0x9d, 0x19, 0x93, 0xd8, 0x22, 0x19,
-    0x14, 0xd1, 0x75, 0x1f, 0xb0, 0xd4, 0x25, 0x2a, 0x5c, 0xa9, 0x50, 0xe2,
-    0x13, 0xf0, 0x88, 0x05, 0x09, 0x00, 0xb2, 0xbd, 0x74, 0xf5, 0xe3, 0x36,
-};
-static const unsigned char kat1440_prf_addin1[] = {
-    0xdb, 0xa2, 0x8d, 0xc1, 0xd8, 0xd6, 0x15, 0x65, 0x15, 0x47, 0x86, 0x7d,
-    0x4e, 0xf4, 0x25, 0x19, 0x04, 0x5e, 0xe1, 0x63, 0x78, 0x14, 0x36, 0x85,
-    0x10, 0x1d, 0xa4, 0x7a, 0x27, 0xb5, 0x54, 0x98, 0x07, 0x8e, 0x8a, 0x8f,
-    0x48, 0x54, 0x05, 0x2f, 0x7c, 0xc6, 0xf5, 0xb0, 0x2e, 0x57, 0x1a, 0xe8,
-};
-static const unsigned char kat1440_prf_retbytes[] = {
-    0x01, 0xf1, 0x19, 0x71, 0x83, 0x58, 0x19, 0xc1, 0x14, 0x8a, 0xa0, 0x79,
-    0xee, 0xa0, 0x9f, 0xd5, 0xb1, 0xaa, 0x3a, 0xc6, 0xba, 0x55, 0x7a, 0xe3,
-    0x31, 0x7b, 0x1a, 0x33, 0xf4, 0x50, 0x51, 0x74, 0xcf, 0x9d, 0x7e, 0x94,
-    0x08, 0x21, 0xc9, 0xb0, 0xe5, 0x52, 0x7a, 0x1d, 0x3e, 0x18, 0x6a, 0x7a,
-    0x83, 0xf1, 0x87, 0xc6, 0x2d, 0x32, 0x23, 0xcf, 0x59, 0x64, 0xff, 0x95,
-    0x26, 0xd8, 0x48, 0x4c,
-};
-static const struct drbg_kat_pr_false kat1440_prf_t = {
-    14, kat1440_prf_entropyin, kat1440_prf_nonce, kat1440_prf_persstr,
-    kat1440_prf_entropyin_reseed, kat1440_prf_addin_reseed,
-    kat1440_prf_addin0, kat1440_prf_addin1, kat1440_prf_retbytes
-};
-static const struct drbg_kat kat1440_prf = {
-    PR_FALSE, NO_DF, NID_aes_256_ctr, 48, 0, 48, 48, 64, &kat1440_prf_t
-};
-
-const struct drbg_kat *drbg_ctr_test[] = {
-    &kat1_nor, &kat2_nor, &kat3_nor, &kat4_nor, &kat5_nor,
-    &kat6_nor, &kat7_nor, &kat8_nor, &kat9_nor, &kat10_nor,
-    &kat11_nor, &kat12_nor, &kat13_nor, &kat14_nor, &kat15_nor,
-    &kat16_nor, &kat17_nor, &kat18_nor, &kat19_nor, &kat20_nor,
-    &kat21_nor, &kat22_nor, &kat23_nor, &kat24_nor, &kat25_nor,
-    &kat26_nor, &kat27_nor, &kat28_nor, &kat29_nor, &kat30_nor,
-    &kat31_nor, &kat32_nor, &kat33_nor, &kat34_nor, &kat35_nor,
-    &kat36_nor, &kat37_nor, &kat38_nor, &kat39_nor, &kat40_nor,
-    &kat41_nor, &kat42_nor, &kat43_nor, &kat44_nor, &kat45_nor,
-    &kat46_nor, &kat47_nor, &kat48_nor, &kat49_nor, &kat50_nor,
-    &kat51_nor, &kat52_nor, &kat53_nor, &kat54_nor, &kat55_nor,
-    &kat56_nor, &kat57_nor, &kat58_nor, &kat59_nor, &kat60_nor,
-    &kat61_nor, &kat62_nor, &kat63_nor, &kat64_nor, &kat65_nor,
-    &kat66_nor, &kat67_nor, &kat68_nor, &kat69_nor, &kat70_nor,
-    &kat71_nor, &kat72_nor, &kat73_nor, &kat74_nor, &kat75_nor,
-    &kat76_nor, &kat77_nor, &kat78_nor, &kat79_nor, &kat80_nor,
-    &kat81_nor, &kat82_nor, &kat83_nor, &kat84_nor, &kat85_nor,
-    &kat86_nor, &kat87_nor, &kat88_nor, &kat89_nor, &kat90_nor,
-    &kat91_nor, &kat92_nor, &kat93_nor, &kat94_nor, &kat95_nor,
-    &kat96_nor, &kat97_nor, &kat98_nor, &kat99_nor, &kat100_nor,
-    &kat101_nor, &kat102_nor, &kat103_nor, &kat104_nor, &kat105_nor,
-    &kat106_nor, &kat107_nor, &kat108_nor, &kat109_nor, &kat110_nor,
-    &kat111_nor, &kat112_nor, &kat113_nor, &kat114_nor, &kat115_nor,
-    &kat116_nor, &kat117_nor, &kat118_nor, &kat119_nor, &kat120_nor,
-    &kat121_nor, &kat122_nor, &kat123_nor, &kat124_nor, &kat125_nor,
-    &kat126_nor, &kat127_nor, &kat128_nor, &kat129_nor, &kat130_nor,
-    &kat131_nor, &kat132_nor, &kat133_nor, &kat134_nor, &kat135_nor,
-    &kat136_nor, &kat137_nor, &kat138_nor, &kat139_nor, &kat140_nor,
-    &kat141_nor, &kat142_nor, &kat143_nor, &kat144_nor, &kat145_nor,
-    &kat146_nor, &kat147_nor, &kat148_nor, &kat149_nor, &kat150_nor,
-    &kat151_nor, &kat152_nor, &kat153_nor, &kat154_nor, &kat155_nor,
-    &kat156_nor, &kat157_nor, &kat158_nor, &kat159_nor, &kat160_nor,
-    &kat161_nor, &kat162_nor, &kat163_nor, &kat164_nor, &kat165_nor,
-    &kat166_nor, &kat167_nor, &kat168_nor, &kat169_nor, &kat170_nor,
-    &kat171_nor, &kat172_nor, &kat173_nor, &kat174_nor, &kat175_nor,
-    &kat176_nor, &kat177_nor, &kat178_nor, &kat179_nor, &kat180_nor,
-    &kat181_nor, &kat182_nor, &kat183_nor, &kat184_nor, &kat185_nor,
-    &kat186_nor, &kat187_nor, &kat188_nor, &kat189_nor, &kat190_nor,
-    &kat191_nor, &kat192_nor, &kat193_nor, &kat194_nor, &kat195_nor,
-    &kat196_nor, &kat197_nor, &kat198_nor, &kat199_nor, &kat200_nor,
-    &kat201_nor, &kat202_nor, &kat203_nor, &kat204_nor, &kat205_nor,
-    &kat206_nor, &kat207_nor, &kat208_nor, &kat209_nor, &kat210_nor,
-    &kat211_nor, &kat212_nor, &kat213_nor, &kat214_nor, &kat215_nor,
-    &kat216_nor, &kat217_nor, &kat218_nor, &kat219_nor, &kat220_nor,
-    &kat221_nor, &kat222_nor, &kat223_nor, &kat224_nor, &kat225_nor,
-    &kat226_nor, &kat227_nor, &kat228_nor, &kat229_nor, &kat230_nor,
-    &kat231_nor, &kat232_nor, &kat233_nor, &kat234_nor, &kat235_nor,
-    &kat236_nor, &kat237_nor, &kat238_nor, &kat239_nor, &kat240_nor,
-    &kat480_nor, &kat720_nor, &kat960_nor, &kat1200_nor, &kat1440_nor,
-    &kat1_prt,  &kat1440_prt, &kat1_prf,   &kat1440_prf
-};
-const size_t drbg_ctr_nelem = OSSL_NELEM(drbg_ctr_test);
diff --git a/test/drbg_cavs_data_hash.c b/test/drbg_cavs_data_hash.c
deleted file mode 100644
index 72d00d186c..0000000000
--- a/test/drbg_cavs_data_hash.c
+++ /dev/null
@@ -1,8387 +0,0 @@
-/*
- * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-/*
- * Small subset of DRBG test vectors from:
- * https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/
- * The index in the names given below (e.g- kat1680)- refers to the CAVS index.
- */
-
-#include <openssl/obj_mac.h>
-#include "internal/nelem.h"
-#include "drbg_cavs_data.h"
-
-
-static const unsigned char kat1_nor_entropyin[] = {
-    0x13, 0x6c, 0xf1, 0xc1, 0x74, 0xe5, 0xa0, 0x9f, 0x66, 0xb9, 0x62, 0xd9,
-    0x94, 0x39, 0x65, 0x25,
-};
-static const unsigned char kat1_nor_nonce[] = {
-    0xff, 0xf1, 0xc6, 0x64, 0x5f, 0x19, 0x23, 0x1f,
-};
-static const unsigned char kat1_nor_persstr[] = {0};
-static const unsigned char kat1_nor_addin0[] = {0};
-static const unsigned char kat1_nor_addin1[] = {0};
-static const unsigned char kat1_nor_retbytes[] = {
-    0x0e, 0x28, 0x13, 0x0f, 0xa5, 0xca, 0x11, 0xed, 0xd3, 0x29, 0x3c, 0xa2,
-    0x6f, 0xdb, 0x8a, 0xe1, 0x81, 0x06, 0x11, 0xf7, 0x87, 0x15, 0x08, 0x2e,
-    0xd3, 0x84, 0x1e, 0x74, 0x86, 0xf1, 0x66, 0x77, 0xb2, 0x8e, 0x33, 0xff,
-    0xe0, 0xb9, 0x3d, 0x98, 0xba, 0x57, 0xba, 0x35, 0x8c, 0x13, 0x43, 0xab,
-    0x2a, 0x26, 0xb4, 0xeb, 0x79, 0x40, 0xf5, 0xbc, 0x63, 0x93, 0x84, 0x64,
-    0x1e, 0xe8, 0x0a, 0x25, 0x14, 0x03, 0x31, 0x07, 0x62, 0x68, 0xbd, 0x1c,
-    0xe7, 0x02, 0xad, 0x53, 0x4d, 0xda, 0x0e, 0xd8,
-};
-static const struct drbg_kat_no_reseed kat1_nor_t = {
-    0, kat1_nor_entropyin, kat1_nor_nonce, kat1_nor_persstr,
-    kat1_nor_addin0, kat1_nor_addin1, kat1_nor_retbytes
-};
-static const struct drbg_kat kat1_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat1_nor_t
-};
-
-static const unsigned char kat2_nor_entropyin[] = {
-    0xdf, 0xed, 0x69, 0xb0, 0x89, 0x02, 0xfc, 0xfb, 0x79, 0x5d, 0x5d, 0x35,
-    0xdb, 0xe2, 0x3f, 0x6b,
-};
-static const unsigned char kat2_nor_nonce[] = {
-    0x37, 0x25, 0x8e, 0x82, 0x04, 0x32, 0xe3, 0x92,
-};
-static const unsigned char kat2_nor_persstr[] = {0};
-static const unsigned char kat2_nor_addin0[] = {0};
-static const unsigned char kat2_nor_addin1[] = {0};
-static const unsigned char kat2_nor_retbytes[] = {
-    0xad, 0xcb, 0x8e, 0x2c, 0xbb, 0xc5, 0x95, 0x7d, 0x53, 0x8a, 0x20, 0xdb,
-    0x18, 0xb5, 0xe7, 0xfe, 0x35, 0x0a, 0x90, 0xa2, 0x01, 0x35, 0x9f, 0xab,
-    0x9e, 0x0f, 0x15, 0x4c, 0x53, 0xaa, 0x14, 0x6b, 0xc6, 0xaf, 0x1f, 0xcc,
-    0x7f, 0xf8, 0xf3, 0x30, 0xb8, 0xd9, 0xf3, 0xd7, 0xb0, 0x38, 0x48, 0x8b,
-    0xa6, 0x27, 0xe6, 0xfa, 0x21, 0xd0, 0x14, 0x73, 0x77, 0xb1, 0x34, 0x04,
-    0x22, 0xb2, 0x26, 0x34, 0xb4, 0x12, 0xda, 0xc6, 0x9a, 0xc8, 0x2c, 0x35,
-    0xb5, 0xfb, 0x41, 0x1a, 0x4e, 0x42, 0xa1, 0x33,
-};
-static const struct drbg_kat_no_reseed kat2_nor_t = {
-    1, kat2_nor_entropyin, kat2_nor_nonce, kat2_nor_persstr,
-    kat2_nor_addin0, kat2_nor_addin1, kat2_nor_retbytes
-};
-static const struct drbg_kat kat2_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat2_nor_t
-};
-
-static const unsigned char kat3_nor_entropyin[] = {
-    0xf3, 0x2e, 0x36, 0xff, 0x80, 0x98, 0xf9, 0x32, 0x03, 0x5c, 0xae, 0x42,
-    0x9c, 0x0e, 0xce, 0x72,
-};
-static const unsigned char kat3_nor_nonce[] = {
-    0x55, 0x52, 0xce, 0xb1, 0x82, 0x32, 0x4b, 0x49,
-};
-static const unsigned char kat3_nor_persstr[] = {0};
-static const unsigned char kat3_nor_addin0[] = {0};
-static const unsigned char kat3_nor_addin1[] = {0};
-static const unsigned char kat3_nor_retbytes[] = {
-    0xba, 0xc9, 0x4b, 0xc1, 0x79, 0x7b, 0x20, 0x9b, 0x8e, 0x57, 0x67, 0x09,
-    0xd6, 0x8d, 0x92, 0xa9, 0x4a, 0xa8, 0xa5, 0xf4, 0x14, 0xfe, 0xee, 0x3e,
-    0x87, 0xd2, 0xf2, 0x1f, 0xcb, 0x59, 0x39, 0x31, 0x4b, 0x1b, 0x47, 0x11,
-    0x27, 0x40, 0x77, 0xe7, 0x94, 0xe8, 0xe3, 0x85, 0xa2, 0x8f, 0xab, 0xb5,
-    0xb4, 0x90, 0x81, 0xef, 0x14, 0xcb, 0x13, 0x96, 0xcb, 0x12, 0x54, 0x2f,
-    0xd1, 0xb4, 0x8c, 0x2a, 0xd4, 0xdf, 0x98, 0xf7, 0x4b, 0xf0, 0x83, 0x46,
-    0xf0, 0xa2, 0x9f, 0xf7, 0x08, 0x8d, 0xcb, 0xfe,
-};
-static const struct drbg_kat_no_reseed kat3_nor_t = {
-    2, kat3_nor_entropyin, kat3_nor_nonce, kat3_nor_persstr,
-    kat3_nor_addin0, kat3_nor_addin1, kat3_nor_retbytes
-};
-static const struct drbg_kat kat3_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat3_nor_t
-};
-
-static const unsigned char kat4_nor_entropyin[] = {
-    0x21, 0x3e, 0x90, 0x22, 0x89, 0x8a, 0xa0, 0x5c, 0x7a, 0x6a, 0x01, 0xa4,
-    0xb8, 0xd3, 0x43, 0xcc,
-};
-static const unsigned char kat4_nor_nonce[] = {
-    0x7b, 0x69, 0x81, 0xd7, 0xe1, 0x6c, 0x98, 0x80,
-};
-static const unsigned char kat4_nor_persstr[] = {0};
-static const unsigned char kat4_nor_addin0[] = {0};
-static const unsigned char kat4_nor_addin1[] = {0};
-static const unsigned char kat4_nor_retbytes[] = {
-    0xa7, 0x49, 0x06, 0x34, 0x0d, 0x75, 0x14, 0xdb, 0x5b, 0x44, 0x86, 0x01,
-    0x70, 0xa5, 0xe0, 0x73, 0x3c, 0x67, 0xd3, 0xce, 0x7e, 0x51, 0xbd, 0x32,
-    0xb0, 0x49, 0x80, 0x0d, 0x8e, 0x3c, 0x36, 0xc8, 0x45, 0x56, 0x00, 0x84,
-    0xde, 0xcc, 0x79, 0xe6, 0xf7, 0xb4, 0xd6, 0xf2, 0xf1, 0x27, 0x59, 0x2e,
-    0x64, 0x58, 0x91, 0x79, 0x2d, 0x0f, 0x56, 0x2b, 0x67, 0xbc, 0x8a, 0x1f,
-    0x63, 0xaa, 0x14, 0x9d, 0x84, 0x9d, 0xe1, 0xfe, 0x03, 0x28, 0x25, 0xf3,
-    0xa5, 0xd4, 0x6f, 0xe3, 0x70, 0x50, 0x24, 0xeb,
-};
-static const struct drbg_kat_no_reseed kat4_nor_t = {
-    3, kat4_nor_entropyin, kat4_nor_nonce, kat4_nor_persstr,
-    kat4_nor_addin0, kat4_nor_addin1, kat4_nor_retbytes
-};
-static const struct drbg_kat kat4_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat4_nor_t
-};
-
-static const unsigned char kat5_nor_entropyin[] = {
-    0x09, 0x1b, 0xa7, 0x85, 0xfa, 0xc4, 0x66, 0xb4, 0x85, 0x1e, 0xa2, 0xdc,
-    0xa8, 0xb3, 0x8b, 0xcd,
-};
-static const unsigned char kat5_nor_nonce[] = {
-    0x90, 0x12, 0xcb, 0xb0, 0xf9, 0xb5, 0x9c, 0xac,
-};
-static const unsigned char kat5_nor_persstr[] = {0};
-static const unsigned char kat5_nor_addin0[] = {0};
-static const unsigned char kat5_nor_addin1[] = {0};
-static const unsigned char kat5_nor_retbytes[] = {
-    0x39, 0x9a, 0xe6, 0x1f, 0xe5, 0x31, 0x44, 0x8c, 0x82, 0x06, 0xd7, 0xac,
-    0x12, 0x7b, 0x6a, 0x44, 0x86, 0xad, 0xae, 0xbe, 0xff, 0x35, 0x67, 0xb6,
-    0xbc, 0xd0, 0xf5, 0x54, 0xb8, 0x2a, 0x6a, 0xa6, 0x33, 0x7f, 0x73, 0x11,
-    0x46, 0x59, 0x46, 0x91, 0x22, 0x83, 0xdc, 0x3f, 0xb0, 0x5c, 0xf8, 0x9a,
-    0x74, 0xad, 0x0a, 0x18, 0x51, 0xc5, 0xa2, 0x00, 0x26, 0xca, 0x99, 0x0f,
-    0x11, 0x84, 0xa8, 0xa9, 0x97, 0x8a, 0xad, 0x2e, 0x0c, 0x40, 0xb6, 0xc4,
-    0xe3, 0x57, 0x1b, 0xfa, 0x0f, 0x14, 0x43, 0x29,
-};
-static const struct drbg_kat_no_reseed kat5_nor_t = {
-    4, kat5_nor_entropyin, kat5_nor_nonce, kat5_nor_persstr,
-    kat5_nor_addin0, kat5_nor_addin1, kat5_nor_retbytes
-};
-static const struct drbg_kat kat5_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat5_nor_t
-};
-
-static const unsigned char kat6_nor_entropyin[] = {
-    0xff, 0x07, 0x6a, 0x63, 0x0f, 0x39, 0xbd, 0x94, 0xd0, 0x7e, 0x88, 0xd0,
-    0x23, 0x2d, 0xd5, 0x6e,
-};
-static const unsigned char kat6_nor_nonce[] = {
-    0xf5, 0x1a, 0x8c, 0x5d, 0x4c, 0xd4, 0x13, 0x1f,
-};
-static const unsigned char kat6_nor_persstr[] = {0};
-static const unsigned char kat6_nor_addin0[] = {0};
-static const unsigned char kat6_nor_addin1[] = {0};
-static const unsigned char kat6_nor_retbytes[] = {
-    0x99, 0x1d, 0x77, 0xb5, 0x15, 0xbb, 0x73, 0xde, 0xc2, 0x22, 0x6c, 0x24,
-    0x86, 0xe6, 0x34, 0xd6, 0x53, 0x1a, 0xaa, 0x6c, 0xef, 0x9f, 0x64, 0x6f,
-    0xba, 0x5f, 0xdd, 0x02, 0x10, 0x83, 0x4c, 0x73, 0x0b, 0x7f, 0x2f, 0xa1,
-    0x10, 0xab, 0x06, 0x1c, 0xfb, 0xb0, 0x8a, 0x95, 0xb3, 0x69, 0x4b, 0x62,
-    0xe8, 0x1d, 0x0c, 0x6b, 0x82, 0xcf, 0x29, 0x4e, 0xa6, 0x2f, 0xde, 0xc0,
-    0x94, 0xc3, 0xed, 0x78, 0x34, 0xfb, 0xf9, 0xb8, 0x76, 0xf1, 0xa6, 0x3a,
-    0x58, 0x3e, 0x2e, 0xa4, 0x2a, 0x58, 0xff, 0x74,
-};
-static const struct drbg_kat_no_reseed kat6_nor_t = {
-    5, kat6_nor_entropyin, kat6_nor_nonce, kat6_nor_persstr,
-    kat6_nor_addin0, kat6_nor_addin1, kat6_nor_retbytes
-};
-static const struct drbg_kat kat6_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat6_nor_t
-};
-
-static const unsigned char kat7_nor_entropyin[] = {
-    0x0f, 0x67, 0x9e, 0x66, 0x2f, 0x08, 0x19, 0x7e, 0x76, 0x45, 0x76, 0x39,
-    0x19, 0xba, 0x08, 0xe8,
-};
-static const unsigned char kat7_nor_nonce[] = {
-    0x18, 0x7e, 0x82, 0xeb, 0x84, 0x4b, 0x32, 0xc2,
-};
-static const unsigned char kat7_nor_persstr[] = {0};
-static const unsigned char kat7_nor_addin0[] = {0};
-static const unsigned char kat7_nor_addin1[] = {0};
-static const unsigned char kat7_nor_retbytes[] = {
-    0xff, 0x63, 0x9c, 0x15, 0xf8, 0x73, 0xd3, 0x50, 0xf1, 0x77, 0x8f, 0x1e,
-    0x9e, 0xa0, 0xa5, 0x61, 0x4e, 0xb2, 0x60, 0xac, 0x45, 0x3f, 0x5c, 0x57,
-    0x30, 0xbb, 0x0b, 0xe9, 0x07, 0x2a, 0x01, 0x3f, 0x15, 0x96, 0xae, 0x26,
-    0x6c, 0xc0, 0x9f, 0xf1, 0xc8, 0xa7, 0xfe, 0x52, 0x0e, 0xbd, 0x40, 0x69,
-    0x24, 0x8d, 0x86, 0xea, 0x36, 0xde, 0x43, 0x58, 0x0c, 0xd0, 0x7c, 0xce,
-    0xf1, 0xec, 0x8b, 0x6f, 0xe1, 0x6c, 0x2a, 0x50, 0x04, 0x24, 0xab, 0xe6,
-    0x57, 0x65, 0xc4, 0x18, 0x91, 0x97, 0x2d, 0xc9,
-};
-static const struct drbg_kat_no_reseed kat7_nor_t = {
-    6, kat7_nor_entropyin, kat7_nor_nonce, kat7_nor_persstr,
-    kat7_nor_addin0, kat7_nor_addin1, kat7_nor_retbytes
-};
-static const struct drbg_kat kat7_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat7_nor_t
-};
-
-static const unsigned char kat8_nor_entropyin[] = {
-    0xc4, 0x48, 0x62, 0x40, 0x35, 0xdf, 0x3b, 0x16, 0x8a, 0xf3, 0x97, 0x55,
-    0xb9, 0x52, 0xf0, 0xef,
-};
-static const unsigned char kat8_nor_nonce[] = {
-    0x6c, 0x32, 0xbd, 0x9d, 0xd5, 0x34, 0x7f, 0x3c,
-};
-static const unsigned char kat8_nor_persstr[] = {0};
-static const unsigned char kat8_nor_addin0[] = {0};
-static const unsigned char kat8_nor_addin1[] = {0};
-static const unsigned char kat8_nor_retbytes[] = {
-    0x3b, 0xb7, 0x25, 0x63, 0x37, 0x45, 0xc3, 0x0a, 0x3c, 0xfe, 0x9f, 0xeb,
-    0x05, 0x29, 0x53, 0x2a, 0x65, 0x36, 0x8b, 0x65, 0xd2, 0xe7, 0xfb, 0x99,
-    0x0d, 0x6b, 0xa2, 0xf9, 0xbb, 0xbb, 0xb8, 0xcd, 0x66, 0xec, 0x1a, 0xf5,
-    0x30, 0x61, 0x4f, 0xe3, 0x9b, 0x7a, 0xd5, 0x5b, 0x2a, 0x62, 0x91, 0x79,
-    0x17, 0x41, 0xf7, 0xe7, 0x61, 0x16, 0xda, 0x1e, 0xbf, 0xed, 0x65, 0x8e,
-    0xc5, 0x5a, 0x86, 0x29, 0x47, 0x67, 0x16, 0x82, 0xd2, 0x87, 0xc0, 0xf6,
-    0xe8, 0xce, 0xab, 0xd5, 0x0c, 0x4c, 0x37, 0x59,
-};
-static const struct drbg_kat_no_reseed kat8_nor_t = {
-    7, kat8_nor_entropyin, kat8_nor_nonce, kat8_nor_persstr,
-    kat8_nor_addin0, kat8_nor_addin1, kat8_nor_retbytes
-};
-static const struct drbg_kat kat8_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat8_nor_t
-};
-
-static const unsigned char kat9_nor_entropyin[] = {
-    0xef, 0xd2, 0x56, 0x11, 0x48, 0xbf, 0xad, 0x41, 0x59, 0x5b, 0xe9, 0x69,
-    0xc3, 0xf0, 0x21, 0xfe,
-};
-static const unsigned char kat9_nor_nonce[] = {
-    0x7c, 0x72, 0x33, 0xe9, 0xe0, 0x6f, 0xa1, 0x89,
-};
-static const unsigned char kat9_nor_persstr[] = {0};
-static const unsigned char kat9_nor_addin0[] = {0};
-static const unsigned char kat9_nor_addin1[] = {0};
-static const unsigned char kat9_nor_retbytes[] = {
-    0xd9, 0xb6, 0xb5, 0xb0, 0xaa, 0x26, 0xa0, 0x1d, 0xe1, 0x52, 0xce, 0xd9,
-    0x4a, 0x83, 0xbb, 0xb6, 0xaf, 0xfd, 0xb9, 0x15, 0xe4, 0x88, 0xa0, 0x4b,
-    0x64, 0x22, 0x11, 0xf8, 0xe3, 0xb8, 0x8d, 0x89, 0xf5, 0x9d, 0x92, 0xf9,
-    0xf4, 0xfc, 0xd8, 0x99, 0x89, 0x07, 0xbf, 0x14, 0x8b, 0xc5, 0x8f, 0x30,
-    0x11, 0x5c, 0x8f, 0xff, 0x85, 0xc5, 0x57, 0x13, 0x54, 0x5f, 0xe7, 0x75,
-    0x82, 0xd9, 0x06, 0x75, 0x8d, 0xb2, 0x0a, 0xe7, 0x53, 0x7f, 0x3d, 0xa6,
-    0xf9, 0xa8, 0xc9, 0x94, 0xfa, 0x2d, 0x01, 0xb5,
-};
-static const struct drbg_kat_no_reseed kat9_nor_t = {
-    8, kat9_nor_entropyin, kat9_nor_nonce, kat9_nor_persstr,
-    kat9_nor_addin0, kat9_nor_addin1, kat9_nor_retbytes
-};
-static const struct drbg_kat kat9_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat9_nor_t
-};
-
-static const unsigned char kat10_nor_entropyin[] = {
-    0xa1, 0x3e, 0xd8, 0xf6, 0x04, 0xac, 0x03, 0x46, 0xc2, 0xac, 0x27, 0x01,
-    0x29, 0xbb, 0x35, 0x78,
-};
-static const unsigned char kat10_nor_nonce[] = {
-    0x9c, 0xa5, 0xf6, 0x2c, 0x4d, 0x09, 0xde, 0x87,
-};
-static const unsigned char kat10_nor_persstr[] = {0};
-static const unsigned char kat10_nor_addin0[] = {0};
-static const unsigned char kat10_nor_addin1[] = {0};
-static const unsigned char kat10_nor_retbytes[] = {
-    0x6c, 0xf7, 0x0e, 0x27, 0xa9, 0x79, 0x3c, 0x14, 0xeb, 0xae, 0x73, 0xb6,
-    0x53, 0x79, 0x8c, 0x15, 0xe1, 0x4e, 0x6c, 0xb9, 0xb8, 0x54, 0x34, 0x9e,
-    0x42, 0xd8, 0x80, 0x1d, 0x49, 0x36, 0x4d, 0x77, 0x88, 0x68, 0x6f, 0x89,
-    0xc6, 0xea, 0x2d, 0xb7, 0xf0, 0x38, 0xdd, 0x42, 0x43, 0x2d, 0xd7, 0x44,
-    0xbb, 0xc9, 0x1e, 0x1f, 0xcd, 0xaf, 0x6e, 0xee, 0x2e, 0x76, 0x32, 0x5d,
-    0xb7, 0x29, 0xfd, 0x3a, 0x99, 0xb9, 0x6c, 0xd6, 0x38, 0xc4, 0xa8, 0x92,
-    0x35, 0x16, 0xfa, 0x04, 0xfd, 0x90, 0xea, 0xc5,
-};
-static const struct drbg_kat_no_reseed kat10_nor_t = {
-    9, kat10_nor_entropyin, kat10_nor_nonce, kat10_nor_persstr,
-    kat10_nor_addin0, kat10_nor_addin1, kat10_nor_retbytes
-};
-static const struct drbg_kat kat10_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat10_nor_t
-};
-
-static const unsigned char kat11_nor_entropyin[] = {
-    0xdf, 0xe6, 0xeb, 0xca, 0x43, 0xec, 0x46, 0xb8, 0xaa, 0xc3, 0x53, 0x33,
-    0xdd, 0xc4, 0x7d, 0x44,
-};
-static const unsigned char kat11_nor_nonce[] = {
-    0x5d, 0x03, 0xcb, 0xac, 0xd4, 0x4d, 0xb1, 0x69,
-};
-static const unsigned char kat11_nor_persstr[] = {0};
-static const unsigned char kat11_nor_addin0[] = {0};
-static const unsigned char kat11_nor_addin1[] = {0};
-static const unsigned char kat11_nor_retbytes[] = {
-    0x1c, 0x1d, 0x75, 0x6b, 0x6d, 0x5d, 0x47, 0x5e, 0xe3, 0x93, 0x19, 0x39,
-    0x92, 0x00, 0xb7, 0xf8, 0x64, 0x11, 0x24, 0x54, 0xbf, 0x03, 0xcc, 0x61,
-    0xf6, 0x85, 0x6c, 0x5d, 0x42, 0x07, 0xb1, 0xcd, 0x97, 0x92, 0xc0, 0x84,
-    0x1a, 0xb3, 0xb5, 0x67, 0x30, 0xab, 0x26, 0xd9, 0x5c, 0x36, 0x0c, 0xc0,
-    0x2a, 0xc4, 0x61, 0x1e, 0xf4, 0x7f, 0x80, 0xd6, 0x65, 0xff, 0xb8, 0x32,
-    0x7e, 0x10, 0x3f, 0xef, 0x24, 0x6b, 0xf9, 0x3a, 0x2a, 0x10, 0x38, 0xb2,
-    0xbe, 0xda, 0x9a, 0x8a, 0x6d, 0x21, 0xc4, 0x15,
-};
-static const struct drbg_kat_no_reseed kat11_nor_t = {
-    10, kat11_nor_entropyin, kat11_nor_nonce, kat11_nor_persstr,
-    kat11_nor_addin0, kat11_nor_addin1, kat11_nor_retbytes
-};
-static const struct drbg_kat kat11_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat11_nor_t
-};
-
-static const unsigned char kat12_nor_entropyin[] = {
-    0x48, 0xe5, 0xfb, 0xd1, 0xac, 0xc6, 0x01, 0xe0, 0x2d, 0x81, 0xce, 0x03,
-    0x0f, 0x10, 0x01, 0x55,
-};
-static const unsigned char kat12_nor_nonce[] = {
-    0xa0, 0xfc, 0x82, 0xd8, 0xe6, 0x92, 0xe6, 0x9b,
-};
-static const unsigned char kat12_nor_persstr[] = {0};
-static const unsigned char kat12_nor_addin0[] = {0};
-static const unsigned char kat12_nor_addin1[] = {0};
-static const unsigned char kat12_nor_retbytes[] = {
-    0x9e, 0xea, 0x52, 0x5c, 0xa5, 0x72, 0x09, 0x5b, 0x4d, 0x0b, 0x96, 0x7c,
-    0xa8, 0xfc, 0xc5, 0xda, 0xe6, 0xec, 0x32, 0x6a, 0x0b, 0x9b, 0xb6, 0x3c,
-    0x4a, 0x7f, 0x08, 0xd1, 0xda, 0xd4, 0xa5, 0xd2, 0x1c, 0x15, 0xcf, 0x4b,
-    0x8d, 0xf9, 0xeb, 0x8a, 0xd2, 0x60, 0x37, 0xd9, 0xdc, 0xe9, 0xa7, 0x84,
-    0x8a, 0xf5, 0xee, 0x8e, 0x30, 0x49, 0x3d, 0xea, 0x7b, 0xe2, 0xb1, 0xf1,
-    0xff, 0xe8, 0xc4, 0x17, 0x1c, 0x13, 0x11, 0xac, 0xf9, 0x82, 0x1c, 0x06,
-    0x61, 0x48, 0x38, 0xae, 0x2b, 0x8a, 0xb7, 0xb2,
-};
-static const struct drbg_kat_no_reseed kat12_nor_t = {
-    11, kat12_nor_entropyin, kat12_nor_nonce, kat12_nor_persstr,
-    kat12_nor_addin0, kat12_nor_addin1, kat12_nor_retbytes
-};
-static const struct drbg_kat kat12_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat12_nor_t
-};
-
-static const unsigned char kat13_nor_entropyin[] = {
-    0xdc, 0x8c, 0x36, 0x9f, 0x6f, 0x65, 0x9c, 0xf7, 0x60, 0x71, 0x0b, 0x1a,
-    0x69, 0xa5, 0x47, 0xcf,
-};
-static const unsigned char kat13_nor_nonce[] = {
-    0x45, 0x84, 0x7c, 0xf4, 0x8b, 0x89, 0xb3, 0xc9,
-};
-static const unsigned char kat13_nor_persstr[] = {0};
-static const unsigned char kat13_nor_addin0[] = {0};
-static const unsigned char kat13_nor_addin1[] = {0};
-static const unsigned char kat13_nor_retbytes[] = {
-    0xf8, 0x45, 0x62, 0xc1, 0x5d, 0x3a, 0x35, 0x74, 0xa2, 0x7d, 0x3e, 0xd8,
-    0x99, 0x1f, 0x17, 0xb8, 0xe7, 0xd3, 0xb7, 0x4a, 0x06, 0x50, 0xd6, 0xdc,
-    0x32, 0x8d, 0x94, 0x7a, 0x98, 0x42, 0x57, 0xcf, 0x22, 0xf9, 0xf6, 0xef,
-    0x5f, 0x5f, 0xb2, 0x08, 0x0e, 0x59, 0xd6, 0x5f, 0x6f, 0x2c, 0xa9, 0x96,
-    0xb7, 0xb1, 0x51, 0xd7, 0xb7, 0x9b, 0xc9, 0x8c, 0xc7, 0x1e, 0x50, 0x42,
-    0xa1, 0x0b, 0xc4, 0xb9, 0x33, 0xfa, 0x5c, 0xa2, 0x73, 0x1b, 0xfc, 0x5c,
-    0xc6, 0xb0, 0xb7, 0xca, 0x25, 0xe6, 0x41, 0x6b,
-};
-static const struct drbg_kat_no_reseed kat13_nor_t = {
-    12, kat13_nor_entropyin, kat13_nor_nonce, kat13_nor_persstr,
-    kat13_nor_addin0, kat13_nor_addin1, kat13_nor_retbytes
-};
-static const struct drbg_kat kat13_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat13_nor_t
-};
-
-static const unsigned char kat14_nor_entropyin[] = {
-    0x4e, 0x8b, 0x4b, 0x1e, 0x2f, 0x6a, 0x9f, 0xe8, 0xab, 0xb5, 0x6f, 0x71,
-    0x6b, 0xc8, 0x94, 0xb8,
-};
-static const unsigned char kat14_nor_nonce[] = {
-    0x38, 0x56, 0x5e, 0x90, 0xcd, 0x13, 0x1e, 0x3f,
-};
-static const unsigned char kat14_nor_persstr[] = {0};
-static const unsigned char kat14_nor_addin0[] = {0};
-static const unsigned char kat14_nor_addin1[] = {0};
-static const unsigned char kat14_nor_retbytes[] = {
-    0xe0, 0x46, 0x05, 0x0e, 0xd2, 0xa1, 0x4a, 0x56, 0x4d, 0xc6, 0x9b, 0x7e,
-    0x4a, 0xa8, 0x9a, 0x99, 0x8a, 0x0d, 0xc7, 0x32, 0x5a, 0x05, 0xe4, 0x66,
-    0x6b, 0x0c, 0xf6, 0x11, 0x88, 0x5f, 0x63, 0x91, 0xd9, 0x8c, 0x31, 0xd8,
-    0xe2, 0x52, 0x7e, 0xa2, 0x96, 0x79, 0x1d, 0x0c, 0x8f, 0x34, 0x52, 0x2c,
-    0xed, 0x84, 0x21, 0x7b, 0xae, 0x3e, 0xac, 0x5e, 0xb8, 0x73, 0x2c, 0xbc,
-    0x4a, 0xf0, 0x71, 0x69, 0xe2, 0x5f, 0x9f, 0xb6, 0xda, 0x45, 0x88, 0xe0,
-    0x19, 0x96, 0x9d, 0x79, 0xfc, 0xcc, 0xd5, 0xf7,
-};
-static const struct drbg_kat_no_reseed kat14_nor_t = {
-    13, kat14_nor_entropyin, kat14_nor_nonce, kat14_nor_persstr,
-    kat14_nor_addin0, kat14_nor_addin1, kat14_nor_retbytes
-};
-static const struct drbg_kat kat14_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat14_nor_t
-};
-
-static const unsigned char kat15_nor_entropyin[] = {
-    0x6f, 0xe9, 0x59, 0x7b, 0x59, 0x90, 0x3b, 0x1a, 0xf4, 0x01, 0x2a, 0x15,
-    0x36, 0x8a, 0xf7, 0xb1,
-};
-static const unsigned char kat15_nor_nonce[] = {
-    0xfd, 0x3e, 0x84, 0xb3, 0xa9, 0x6c, 0xaa, 0xff,
-};
-static const unsigned char kat15_nor_persstr[] = {0};
-static const unsigned char kat15_nor_addin0[] = {0};
-static const unsigned char kat15_nor_addin1[] = {0};
-static const unsigned char kat15_nor_retbytes[] = {
-    0x1e, 0xee, 0x4c, 0x78, 0x64, 0x76, 0xd4, 0x88, 0xe5, 0x8d, 0x0e, 0x06,
-    0x5b, 0xb0, 0x25, 0xdb, 0x54, 0x87, 0x87, 0xfa, 0xfb, 0xe7, 0x57, 0xf2,
-    0x9e, 0xe2, 0xbd, 0x47, 0x81, 0xcf, 0x69, 0x21, 0x60, 0x91, 0xba, 0x2b,
-    0x68, 0x91, 0x9b, 0x54, 0xad, 0x30, 0x70, 0xac, 0x72, 0xa2, 0x34, 0x23,
-    0x20, 0xeb, 0x1e, 0x69, 0x7b, 0x91, 0x15, 0xac, 0xbe, 0x07, 0xe1, 0x94,
-    0xd0, 0x60, 0x56, 0x2e, 0x4d, 0x0f, 0xd9, 0x66, 0xab, 0x29, 0xe2, 0xc5,
-    0xe5, 0x60, 0x57, 0x4b, 0x2d, 0xac, 0x04, 0xce,
-};
-static const struct drbg_kat_no_reseed kat15_nor_t = {
-    14, kat15_nor_entropyin, kat15_nor_nonce, kat15_nor_persstr,
-    kat15_nor_addin0, kat15_nor_addin1, kat15_nor_retbytes
-};
-static const struct drbg_kat kat15_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat15_nor_t
-};
-
-static const unsigned char kat16_nor_entropyin[] = {
-    0xc3, 0xef, 0x82, 0xce, 0x24, 0x1f, 0x02, 0xe4, 0x29, 0x8b, 0x11, 0x8c,
-    0xa4, 0xf1, 0x62, 0x25,
-};
-static const unsigned char kat16_nor_nonce[] = {
-    0x15, 0xe3, 0x2a, 0xbb, 0xae, 0x6b, 0x74, 0x33,
-};
-static const unsigned char kat16_nor_persstr[] = {0};
-static const unsigned char kat16_nor_addin0[] = {
-    0x2b, 0x79, 0x00, 0x52, 0xf0, 0x9b, 0x36, 0x4d, 0x4a, 0x82, 0x67, 0xa0,
-    0xa7, 0xde, 0x63, 0xb8,
-};
-static const unsigned char kat16_nor_addin1[] = {
-    0x2e, 0xe0, 0x81, 0x9a, 0x67, 0x1d, 0x07, 0xb5, 0x08, 0x5c, 0xc4, 0x6a,
-    0xa0, 0xe6, 0x1b, 0x56,
-};
-static const unsigned char kat16_nor_retbytes[] = {
-    0x58, 0x25, 0xfa, 0x1d, 0x1d, 0xc3, 0x3c, 0x64, 0xcd, 0xc8, 0x69, 0x06,
-    0x82, 0xef, 0xf0, 0x60, 0x39, 0xe7, 0x95, 0x08, 0xc3, 0xaf, 0x48, 0xe8,
-    0x80, 0xf8, 0x22, 0x7d, 0x5f, 0x9a, 0xaa, 0x14, 0xb3, 0xbc, 0x76, 0xba,
-    0xee, 0x47, 0x7e, 0xbb, 0xb5, 0xc4, 0x55, 0x47, 0x13, 0x41, 0x79, 0x22,
-    0x32, 0x57, 0x52, 0x5e, 0x8f, 0x3a, 0xfe, 0xfb, 0x78, 0xb5, 0x9d, 0xa0,
-    0x32, 0xf1, 0x00, 0x6d, 0x74, 0xc9, 0x83, 0x13, 0x75, 0xa6, 0x77, 0xea,
-    0xb3, 0x23, 0x9c, 0x94, 0xeb, 0xe3, 0xf7, 0xfa,
-};
-static const struct drbg_kat_no_reseed kat16_nor_t = {
-    0, kat16_nor_entropyin, kat16_nor_nonce, kat16_nor_persstr,
-    kat16_nor_addin0, kat16_nor_addin1, kat16_nor_retbytes
-};
-static const struct drbg_kat kat16_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat16_nor_t
-};
-
-static const unsigned char kat17_nor_entropyin[] = {
-    0x4b, 0xa7, 0x07, 0x43, 0xac, 0xcd, 0x43, 0x19, 0xe1, 0x1d, 0xe0, 0x46,
-    0x1d, 0x9a, 0x37, 0xaa,
-};
-static const unsigned char kat17_nor_nonce[] = {
-    0x84, 0x5e, 0x4a, 0x96, 0x46, 0x2f, 0xb1, 0x6a,
-};
-static const unsigned char kat17_nor_persstr[] = {0};
-static const unsigned char kat17_nor_addin0[] = {
-    0xc7, 0xde, 0xec, 0x6c, 0xb5, 0x04, 0x9c, 0x34, 0xc8, 0xbe, 0x42, 0x37,
-    0x5a, 0xfe, 0xc6, 0xf0,
-};
-static const unsigned char kat17_nor_addin1[] = {
-    0x37, 0xaf, 0x84, 0x11, 0x08, 0x5b, 0x41, 0xd8, 0x8e, 0xcf, 0x89, 0x9f,
-    0xf2, 0xbb, 0x13, 0x25,
-};
-static const unsigned char kat17_nor_retbytes[] = {
-    0x7b, 0x6d, 0xac, 0xba, 0x0f, 0x66, 0xf2, 0xa1, 0x20, 0x71, 0xf9, 0xda,
-    0x43, 0xf7, 0x5a, 0x61, 0x24, 0x0d, 0xf7, 0x5a, 0x47, 0xdd, 0xa1, 0x6f,
-    0x47, 0x4e, 0xd2, 0xcf, 0x03, 0x08, 0xf5, 0x07, 0x94, 0xbf, 0x01, 0x7c,
-    0xc6, 0xe6, 0xf0, 0x18, 0xfa, 0x9f, 0xa1, 0x50, 0x07, 0x48, 0xf7, 0xe0,
-    0xb3, 0x6e, 0x62, 0xc6, 0x2a, 0x8d, 0xc4, 0x27, 0xf5, 0x8c, 0x1f, 0x2c,
-    0x5a, 0xed, 0x10, 0xa4, 0x72, 0x6d, 0x88, 0x6c, 0xa1, 0x23, 0x25, 0xef,
-    0x0c, 0x56, 0x6d, 0x5b, 0xc9, 0xa0, 0x4e, 0xcf,
-};
-static const struct drbg_kat_no_reseed kat17_nor_t = {
-    1, kat17_nor_entropyin, kat17_nor_nonce, kat17_nor_persstr,
-    kat17_nor_addin0, kat17_nor_addin1, kat17_nor_retbytes
-};
-static const struct drbg_kat kat17_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat17_nor_t
-};
-
-static const unsigned char kat18_nor_entropyin[] = {
-    0xac, 0x3c, 0xd0, 0xea, 0x3d, 0x26, 0x19, 0x7c, 0xc9, 0x37, 0x9b, 0x82,
-    0xbd, 0x82, 0x89, 0xff,
-};
-static const unsigned char kat18_nor_nonce[] = {
-    0xe3, 0x63, 0xff, 0x61, 0x74, 0x1a, 0xab, 0x5e,
-};
-static const unsigned char kat18_nor_persstr[] = {0};
-static const unsigned char kat18_nor_addin0[] = {
-    0xc7, 0xc3, 0x0f, 0x2a, 0x6e, 0x50, 0x0b, 0x0b, 0xf9, 0x46, 0xd0, 0x21,
-    0x93, 0x2b, 0xb1, 0x24,
-};
-static const unsigned char kat18_nor_addin1[] = {
-    0xbc, 0xb4, 0x0c, 0x37, 0x3a, 0x4a, 0x9b, 0xe6, 0x06, 0x79, 0x0e, 0x55,
-    0x17, 0x37, 0xf0, 0x6c,
-};
-static const unsigned char kat18_nor_retbytes[] = {
-    0x15, 0xf4, 0x9e, 0x79, 0x14, 0xfe, 0x0b, 0xce, 0x03, 0x9b, 0x99, 0x06,
-    0x0c, 0xc3, 0x72, 0xce, 0xb4, 0x53, 0x28, 0x29, 0x46, 0x57, 0x9a, 0x47,
-    0xd9, 0xbf, 0xb6, 0x1c, 0x5a, 0xed, 0x7a, 0x4d, 0xa0, 0xdc, 0x77, 0xbe,
-    0x7e, 0x7b, 0xc3, 0x3b, 0x63, 0xd6, 0x50, 0xf2, 0x84, 0x90, 0xd9, 0x2f,
-    0xb5, 0x87, 0x25, 0xd5, 0x19, 0xfa, 0xd9, 0x44, 0x92, 0xf7, 0x12, 0xbd,
-    0x81, 0x93, 0xd0, 0x94, 0xc8, 0x65, 0xcc, 0xbd, 0x41, 0x96, 0x25, 0xd5,
-    0xd2, 0x7e, 0x24, 0x9b, 0x1c, 0xc5, 0x55, 0xcc,
-};
-static const struct drbg_kat_no_reseed kat18_nor_t = {
-    2, kat18_nor_entropyin, kat18_nor_nonce, kat18_nor_persstr,
-    kat18_nor_addin0, kat18_nor_addin1, kat18_nor_retbytes
-};
-static const struct drbg_kat kat18_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat18_nor_t
-};
-
-static const unsigned char kat19_nor_entropyin[] = {
-    0xeb, 0x51, 0xfe, 0x7b, 0xd7, 0x24, 0x74, 0x65, 0x99, 0x47, 0xb0, 0xed,
-    0x51, 0x09, 0xbe, 0x38,
-};
-static const unsigned char kat19_nor_nonce[] = {
-    0x0a, 0x2a, 0xff, 0x93, 0xbf, 0xcc, 0x07, 0x22,
-};
-static const unsigned char kat19_nor_persstr[] = {0};
-static const unsigned char kat19_nor_addin0[] = {
-    0x94, 0xf6, 0x17, 0x3e, 0xd7, 0xc3, 0x6a, 0x63, 0xc4, 0xa9, 0x5c, 0x91,
-    0x4d, 0x07, 0x42, 0xb7,
-};
-static const unsigned char kat19_nor_addin1[] = {
-    0x6b, 0x11, 0x98, 0x91, 0x48, 0xcb, 0x86, 0x04, 0x07, 0xa3, 0x67, 0x5a,
-    0x33, 0x79, 0x89, 0x69,
-};
-static const unsigned char kat19_nor_retbytes[] = {
-    0xa6, 0x79, 0xa0, 0x8a, 0x10, 0x0e, 0xcc, 0x52, 0x50, 0xc3, 0x3b, 0x9b,
-    0x1d, 0xcd, 0x9e, 0x20, 0x46, 0x9b, 0x30, 0x31, 0x6d, 0x0e, 0x0e, 0x47,
-    0x80, 0xff, 0xe1, 0x5c, 0x06, 0xc9, 0x9c, 0x04, 0x40, 0xf7, 0xdb, 0xf0,
-    0x46, 0x21, 0x21, 0x5d, 0x3d, 0x50, 0x81, 0x20, 0x1d, 0x4a, 0x10, 0x41,
-    0x6a, 0x91, 0x38, 0x78, 0x2c, 0x56, 0x92, 0xed, 0x9e, 0xae, 0xdc, 0x99,
-    0xc7, 0xcc, 0xfb, 0x09, 0xab, 0x08, 0x49, 0x38, 0x11, 0x50, 0x14, 0x5d,
-    0xc0, 0xe5, 0x5a, 0x8f, 0xa8, 0x89, 0x80, 0x68,
-};
-static const struct drbg_kat_no_reseed kat19_nor_t = {
-    3, kat19_nor_entropyin, kat19_nor_nonce, kat19_nor_persstr,
-    kat19_nor_addin0, kat19_nor_addin1, kat19_nor_retbytes
-};
-static const struct drbg_kat kat19_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat19_nor_t
-};
-
-static const unsigned char kat20_nor_entropyin[] = {
-    0x9c, 0xdb, 0x91, 0xa2, 0x1b, 0x4f, 0xdc, 0xc4, 0x10, 0xf9, 0x60, 0xce,
-    0xb7, 0xac, 0x8e, 0xc8,
-};
-static const unsigned char kat20_nor_nonce[] = {
-    0x9d, 0x01, 0xf7, 0x3a, 0xe1, 0x68, 0xed, 0x6e,
-};
-static const unsigned char kat20_nor_persstr[] = {0};
-static const unsigned char kat20_nor_addin0[] = {
-    0xe1, 0xeb, 0x4b, 0xb2, 0xd0, 0x80, 0xb1, 0xd3, 0xe9, 0x5b, 0xc0, 0x42,
-    0xac, 0xe9, 0x4c, 0x68,
-};
-static const unsigned char kat20_nor_addin1[] = {
-    0x06, 0x2d, 0xc8, 0x66, 0xf4, 0x14, 0xb9, 0x51, 0xe3, 0xf6, 0x1a, 0xa7,
-    0xfe, 0x6d, 0x1f, 0xfe,
-};
-static const unsigned char kat20_nor_retbytes[] = {
-    0xbf, 0xb0, 0x07, 0x7e, 0x99, 0x5f, 0x49, 0xc4, 0x03, 0xdc, 0x38, 0x29,
-    0x7e, 0xe4, 0x7b, 0x41, 0x93, 0x88, 0x64, 0xd7, 0x34, 0xb2, 0xe7, 0xb7,
-    0x94, 0xe9, 0xbb, 0xf4, 0x61, 0xa2, 0xa4, 0xa4, 0x5f, 0x36, 0x4d, 0x82,
-    0xa6, 0x6b, 0x37, 0x30, 0xbc, 0x5c, 0x99, 0x02, 0xd7, 0xb5, 0x99, 0x9f,
-    0x74, 0x55, 0x4e, 0x59, 0xe4, 0x54, 0xd6, 0x58, 0xa8, 0x6d, 0x48, 0x13,
-    0xb5, 0xe7, 0x60, 0x9e, 0x03, 0xbc, 0x75, 0x0c, 0x38, 0xcd, 0x52, 0xb3,
-    0x66, 0x76, 0x05, 0x7e, 0xd8, 0x0b, 0xfd, 0x41,
-};
-static const struct drbg_kat_no_reseed kat20_nor_t = {
-    4, kat20_nor_entropyin, kat20_nor_nonce, kat20_nor_persstr,
-    kat20_nor_addin0, kat20_nor_addin1, kat20_nor_retbytes
-};
-static const struct drbg_kat kat20_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat20_nor_t
-};
-
-static const unsigned char kat21_nor_entropyin[] = {
-    0x7d, 0xd2, 0xff, 0xfc, 0x51, 0x45, 0x6d, 0xd4, 0x72, 0x60, 0x39, 0x5d,
-    0xdc, 0xa6, 0x0c, 0x8f,
-};
-static const unsigned char kat21_nor_nonce[] = {
-    0x63, 0x1e, 0x5b, 0x0c, 0xe8, 0x4e, 0x36, 0x52,
-};
-static const unsigned char kat21_nor_persstr[] = {0};
-static const unsigned char kat21_nor_addin0[] = {
-    0xcf, 0xc3, 0xab, 0x0a, 0x51, 0xc3, 0xb0, 0xad, 0xb3, 0x20, 0xfb, 0xa6,
-    0x11, 0x2a, 0xc8, 0x56,
-};
-static const unsigned char kat21_nor_addin1[] = {
-    0xf5, 0xaa, 0xae, 0x47, 0xc8, 0x23, 0xc0, 0x4e, 0x69, 0x60, 0xdc, 0xc2,
-    0x05, 0xfd, 0x77, 0xa3,
-};
-static const unsigned char kat21_nor_retbytes[] = {
-    0xc6, 0x11, 0x8f, 0x46, 0x89, 0xc7, 0xfc, 0xcd, 0x5a, 0xeb, 0x46, 0x87,
-    0x75, 0x80, 0x7d, 0x39, 0x63, 0x1f, 0x5b, 0x31, 0x5f, 0x0c, 0x83, 0xb5,
-    0xd9, 0x6f, 0xa6, 0xc2, 0xeb, 0xc0, 0xf9, 0x5e, 0xf4, 0x41, 0x4e, 0xfe,
-    0x1c, 0x99, 0xce, 0x71, 0xe6, 0x2c, 0x46, 0x17, 0xdd, 0x1c, 0xc9, 0x57,
-    0x77, 0xdd, 0xda, 0xa8, 0x25, 0x8d, 0x06, 0x5b, 0xf3, 0xaf, 0x2a, 0xdc,
-    0x67, 0x9d, 0xd3, 0xd1, 0x9d, 0x23, 0xce, 0xd6, 0xe2, 0xb4, 0xb4, 0x7c,
-    0x85, 0x65, 0x76, 0xf9, 0x69, 0x7a, 0x5f, 0x42,
-};
-static const struct drbg_kat_no_reseed kat21_nor_t = {
-    5, kat21_nor_entropyin, kat21_nor_nonce, kat21_nor_persstr,
-    kat21_nor_addin0, kat21_nor_addin1, kat21_nor_retbytes
-};
-static const struct drbg_kat kat21_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat21_nor_t
-};
-
-static const unsigned char kat22_nor_entropyin[] = {
-    0x74, 0x91, 0xcd, 0x16, 0x5d, 0xe8, 0x4b, 0xe1, 0xce, 0x94, 0xf0, 0xbc,
-    0x28, 0xb7, 0xa0, 0x1c,
-};
-static const unsigned char kat22_nor_nonce[] = {
-    0x7d, 0xe5, 0xf3, 0x7f, 0xbd, 0x77, 0x75, 0x26,
-};
-static const unsigned char kat22_nor_persstr[] = {0};
-static const unsigned char kat22_nor_addin0[] = {
-    0x2c, 0x2e, 0xb1, 0x93, 0x19, 0x7b, 0xe1, 0x1f, 0xd9, 0x6c, 0x6b, 0x4f,
-    0x8a, 0x56, 0x74, 0x8e,
-};
-static const unsigned char kat22_nor_addin1[] = {
-    0x41, 0x1d, 0x9f, 0x71, 0xe0, 0xf9, 0x7e, 0x94, 0x06, 0x50, 0xf4, 0xca,
-    0x99, 0x9f, 0xde, 0x5c,
-};
-static const unsigned char kat22_nor_retbytes[] = {
-    0xdf, 0xd1, 0x5d, 0x00, 0xe3, 0x69, 0x3e, 0x89, 0xef, 0xff, 0xed, 0xd2,
-    0x87, 0xaf, 0x2f, 0x6f, 0x33, 0x00, 0x4c, 0xb4, 0x2b, 0x16, 0xb3, 0x8b,
-    0x41, 0xa3, 0x93, 0x54, 0x81, 0x90, 0xf8, 0x41, 0xdb, 0xca, 0xdd, 0xf6,
-    0x7c, 0x41, 0x0b, 0x79, 0xa9, 0xcf, 0x10, 0x4a, 0xd1, 0x80, 0x5e, 0x89,
-    0xe2, 0xc1, 0xa4, 0x1a, 0x24, 0x05, 0x36, 0x14, 0xd6, 0x7e, 0x95, 0x67,
-    0xc1, 0xac, 0x98, 0x9d, 0xb3, 0x3d, 0x79, 0x2d, 0x80, 0x24, 0x55, 0xb1,
-    0x7b, 0x17, 0x4a, 0xdb, 0xc9, 0xde, 0xd7, 0xb4,
-};
-static const struct drbg_kat_no_reseed kat22_nor_t = {
-    6, kat22_nor_entropyin, kat22_nor_nonce, kat22_nor_persstr,
-    kat22_nor_addin0, kat22_nor_addin1, kat22_nor_retbytes
-};
-static const struct drbg_kat kat22_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat22_nor_t
-};
-
-static const unsigned char kat23_nor_entropyin[] = {
-    0x14, 0x98, 0x67, 0x34, 0xe4, 0x19, 0xb6, 0x47, 0xda, 0x59, 0xba, 0xd3,
-    0x86, 0xa1, 0x6c, 0xf9,
-};
-static const unsigned char kat23_nor_nonce[] = {
-    0xc3, 0x7c, 0x9b, 0xf5, 0xa4, 0x36, 0x51, 0x23,
-};
-static const unsigned char kat23_nor_persstr[] = {0};
-static const unsigned char kat23_nor_addin0[] = {
-    0x58, 0xbb, 0x48, 0x58, 0x52, 0xa8, 0x67, 0xeb, 0x55, 0x6c, 0x53, 0xe9,
-    0x04, 0xc5, 0x59, 0x39,
-};
-static const unsigned char kat23_nor_addin1[] = {
-    0x92, 0xfd, 0x0b, 0x39, 0xdb, 0x4f, 0x98, 0x26, 0x03, 0x99, 0xd5, 0xc1,
-    0x2d, 0x74, 0x4a, 0xd3,
-};
-static const unsigned char kat23_nor_retbytes[] = {
-    0x81, 0xc7, 0x50, 0x9f, 0xd3, 0xaa, 0x29, 0xf7, 0x9e, 0x6c, 0xe6, 0x03,
-    0x7e, 0xd4, 0x80, 0x03, 0x17, 0xb7, 0x4a, 0x6e, 0xab, 0x5c, 0x8e, 0xe1,
-    0x52, 0x05, 0xd2, 0x92, 0xbd, 0xab, 0x76, 0xd7, 0xba, 0xe6, 0x2c, 0xb2,
-    0xc2, 0x6c, 0x6b, 0xb9, 0x5d, 0x66, 0xbc, 0x8d, 0x3b, 0x27, 0x0e, 0x89,
-    0xf9, 0xe6, 0x1b, 0x62, 0x81, 0x8e, 0xbe, 0x27, 0xff, 0xe4, 0x9f, 0x3e,
-    0xb8, 0x6e, 0xe5, 0xfc, 0xd4, 0x92, 0xb7, 0xee, 0x03, 0xdd, 0xca, 0x6d,
-    0xd3, 0x33, 0xa3, 0xd9, 0x33, 0x4f, 0xe2, 0xda,
-};
-static const struct drbg_kat_no_reseed kat23_nor_t = {
-    7, kat23_nor_entropyin, kat23_nor_nonce, kat23_nor_persstr,
-    kat23_nor_addin0, kat23_nor_addin1, kat23_nor_retbytes
-};
-static const struct drbg_kat kat23_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat23_nor_t
-};
-
-static const unsigned char kat24_nor_entropyin[] = {
-    0x29, 0x87, 0x24, 0x60, 0xa7, 0xf1, 0x3c, 0x18, 0xe6, 0x80, 0x67, 0xa0,
-    0xfb, 0x8d, 0xd6, 0xc2,
-};
-static const unsigned char kat24_nor_nonce[] = {
-    0x7d, 0x62, 0xe2, 0x0a, 0xa7, 0x1a, 0x94, 0x5b,
-};
-static const unsigned char kat24_nor_persstr[] = {0};
-static const unsigned char kat24_nor_addin0[] = {
-    0xeb, 0xd9, 0x87, 0xbd, 0x55, 0x1b, 0x35, 0x4b, 0xdd, 0xc1, 0x74, 0x14,
-    0xa2, 0x6e, 0x1f, 0x08,
-};
-static const unsigned char kat24_nor_addin1[] = {
-    0xc2, 0xc0, 0xe5, 0x3e, 0x61, 0x45, 0x1a, 0xe1, 0x7f, 0xf6, 0xa9, 0x0c,
-    0x49, 0xb4, 0x66, 0xd7,
-};
-static const unsigned char kat24_nor_retbytes[] = {
-    0x95, 0x60, 0x98, 0x22, 0x20, 0x32, 0x63, 0xf9, 0x2a, 0x40, 0x95, 0x5a,
-    0x56, 0x19, 0x24, 0x0e, 0x74, 0x09, 0x13, 0x63, 0x34, 0xe3, 0x1b, 0x95,
-    0x63, 0x68, 0xb4, 0x9b, 0xb8, 0x55, 0x06, 0x51, 0x72, 0xde, 0x37, 0x18,
-    0xc4, 0x04, 0x83, 0x87, 0x1b, 0x45, 0x5d, 0x8e, 0x25, 0xf4, 0x34, 0x23,
-    0xb9, 0x91, 0xb3, 0xaa, 0x9b, 0xcf, 0x0e, 0x27, 0xb4, 0x50, 0x9b, 0x45,
-    0xd8, 0xf7, 0x98, 0x3b, 0xc0, 0x54, 0xed, 0x5f, 0xf1, 0x99, 0x9f, 0xbb,
-    0x75, 0xf9, 0xe9, 0x1b, 0xfe, 0xab, 0x8a, 0x6e,
-};
-static const struct drbg_kat_no_reseed kat24_nor_t = {
-    8, kat24_nor_entropyin, kat24_nor_nonce, kat24_nor_persstr,
-    kat24_nor_addin0, kat24_nor_addin1, kat24_nor_retbytes
-};
-static const struct drbg_kat kat24_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat24_nor_t
-};
-
-static const unsigned char kat25_nor_entropyin[] = {
-    0xbb, 0x0a, 0x1f, 0x9b, 0x84, 0x74, 0x1b, 0x55, 0x38, 0x4b, 0x89, 0xc0,
-    0x55, 0xd5, 0x02, 0x72,
-};
-static const unsigned char kat25_nor_nonce[] = {
-    0x25, 0x86, 0xdf, 0xe6, 0x30, 0x6d, 0xb7, 0x3d,
-};
-static const unsigned char kat25_nor_persstr[] = {0};
-static const unsigned char kat25_nor_addin0[] = {
-    0xbc, 0xf6, 0xee, 0x1e, 0xac, 0x1d, 0x2d, 0x3a, 0x7b, 0x96, 0x05, 0x00,
-    0xf8, 0x0c, 0x53, 0x28,
-};
-static const unsigned char kat25_nor_addin1[] = {
-    0x54, 0x3f, 0xea, 0x55, 0x15, 0xec, 0x0e, 0xa5, 0xd2, 0x5d, 0x01, 0x9b,
-    0xce, 0x97, 0x39, 0x09,
-};
-static const unsigned char kat25_nor_retbytes[] = {
-    0x9d, 0x88, 0x97, 0x0a, 0x80, 0x76, 0x40, 0x1f, 0xc1, 0x32, 0xec, 0xff,
-    0x78, 0x2a, 0x2f, 0x68, 0x17, 0xe4, 0x82, 0x9f, 0x6e, 0x87, 0x41, 0x72,
-    0xab, 0x3b, 0x99, 0x1f, 0x46, 0xff, 0x53, 0x19, 0x98, 0x7d, 0xd6, 0xae,
-    0x53, 0x9f, 0xc2, 0xa3, 0x65, 0x7f, 0x00, 0x48, 0x0c, 0x7b, 0xb5, 0xe7,
-    0xdd, 0x6d, 0x1a, 0x12, 0x96, 0x9e, 0x81, 0xa3, 0x87, 0xa9, 0xae, 0x43,
-    0xab, 0x9c, 0x0d, 0x28, 0x26, 0x44, 0x8c, 0x6c, 0xa9, 0xe9, 0xbf, 0x9a,
-    0xe0, 0x82, 0x1a, 0x35, 0xc4, 0xe2, 0xf0, 0xbd,
-};
-static const struct drbg_kat_no_reseed kat25_nor_t = {
-    9, kat25_nor_entropyin, kat25_nor_nonce, kat25_nor_persstr,
-    kat25_nor_addin0, kat25_nor_addin1, kat25_nor_retbytes
-};
-static const struct drbg_kat kat25_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat25_nor_t
-};
-
-static const unsigned char kat26_nor_entropyin[] = {
-    0xb9, 0xde, 0x65, 0x31, 0x31, 0x2e, 0x4c, 0x7c, 0x6f, 0x49, 0x2f, 0x94,
-    0x3d, 0x74, 0xc2, 0xc3,
-};
-static const unsigned char kat26_nor_nonce[] = {
-    0xae, 0x15, 0xbd, 0xf3, 0xcd, 0x20, 0x86, 0xdc,
-};
-static const unsigned char kat26_nor_persstr[] = {0};
-static const unsigned char kat26_nor_addin0[] = {
-    0xf4, 0x03, 0x54, 0x91, 0x8f, 0x58, 0x78, 0xcc, 0xb0, 0x2e, 0x38, 0x29,
-    0x89, 0x30, 0x35, 0xf5,
-};
-static const unsigned char kat26_nor_addin1[] = {
-    0xdf, 0x58, 0x7b, 0x08, 0x22, 0xe6, 0x49, 0x18, 0xc2, 0xf4, 0x90, 0x3a,
-    0x0f, 0x3e, 0x2e, 0x3b,
-};
-static const unsigned char kat26_nor_retbytes[] = {
-    0xa7, 0xab, 0x93, 0xcd, 0x9f, 0xfe, 0x24, 0x6d, 0xd4, 0xe3, 0xdc, 0x55,
-    0xba, 0x94, 0x6e, 0xb2, 0x15, 0x1d, 0x03, 0xd0, 0xdd, 0x2b, 0x6a, 0x81,
-    0x2f, 0x8e, 0x3a, 0x2d, 0xb1, 0x9c, 0x78, 0x10, 0xfb, 0xf2, 0xb9, 0x51,
-    0x34, 0x13, 0x14, 0x15, 0x62, 0xaa, 0xd7, 0xe5, 0x7f, 0x8d, 0xdf, 0x74,
-    0x25, 0x70, 0x2f, 0x6c, 0x19, 0x76, 0xdf, 0xcd, 0x82, 0x1a, 0x71, 0x58,
-    0x68, 0xcb, 0x6d, 0x43, 0x6a, 0xcf, 0x97, 0x08, 0x48, 0x1b, 0xfa, 0x09,
-    0x54, 0x54, 0xc8, 0xc6, 0xb8, 0x1d, 0xe6, 0x2b,
-};
-static const struct drbg_kat_no_reseed kat26_nor_t = {
-    10, kat26_nor_entropyin, kat26_nor_nonce, kat26_nor_persstr,
-    kat26_nor_addin0, kat26_nor_addin1, kat26_nor_retbytes
-};
-static const struct drbg_kat kat26_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat26_nor_t
-};
-
-static const unsigned char kat27_nor_entropyin[] = {
-    0x70, 0xfd, 0xd3, 0x7d, 0x38, 0x64, 0xbe, 0x69, 0x92, 0xfb, 0xdb, 0x78,
-    0x55, 0x64, 0x9f, 0xcc,
-};
-static const unsigned char kat27_nor_nonce[] = {
-    0x9f, 0x6d, 0x99, 0x4d, 0x1c, 0xdd, 0x27, 0x0b,
-};
-static const unsigned char kat27_nor_persstr[] = {0};
-static const unsigned char kat27_nor_addin0[] = {
-    0x9e, 0x5a, 0x48, 0xc9, 0xb3, 0x42, 0x89, 0xdc, 0xce, 0x94, 0x7c, 0x37,
-    0xcf, 0x1a, 0x8d, 0xb7,
-};
-static const unsigned char kat27_nor_addin1[] = {
-    0xa2, 0x3d, 0xd5, 0x8b, 0xf5, 0xfd, 0x18, 0x7f, 0xc2, 0xa0, 0x63, 0x62,
-    0x24, 0x38, 0x8a, 0x3f,
-};
-static const unsigned char kat27_nor_retbytes[] = {
-    0xbb, 0x89, 0xab, 0x58, 0x54, 0xed, 0xe9, 0x2a, 0xb6, 0x76, 0x6d, 0xb2,
-    0xdb, 0x04, 0xa7, 0x8c, 0xd0, 0x31, 0x92, 0xba, 0x64, 0xf9, 0x57, 0x77,
-    0x9d, 0x6a, 0x23, 0x22, 0x1e, 0xdb, 0xe8, 0x6c, 0x1a, 0xb7, 0x6d, 0xdd,
-    0x1a, 0xf7, 0x40, 0x66, 0x88, 0xfb, 0xeb, 0xb8, 0xad, 0x37, 0x7b, 0xb4,
-    0x99, 0xf6, 0x6e, 0xc9, 0x67, 0x27, 0x05, 0xd2, 0xfe, 0x30, 0xe8, 0xa2,
-    0xd5, 0xee, 0xd9, 0xb5, 0xda, 0x5c, 0x2c, 0x2f, 0xd1, 0xe0, 0x59, 0xd0,
-    0x6c, 0x84, 0xe3, 0xa4, 0xd0, 0x46, 0xfc, 0x66,
-};
-static const struct drbg_kat_no_reseed kat27_nor_t = {
-    11, kat27_nor_entropyin, kat27_nor_nonce, kat27_nor_persstr,
-    kat27_nor_addin0, kat27_nor_addin1, kat27_nor_retbytes
-};
-static const struct drbg_kat kat27_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat27_nor_t
-};
-
-static const unsigned char kat28_nor_entropyin[] = {
-    0x0e, 0x18, 0x34, 0xca, 0x71, 0x8e, 0x2e, 0xc8, 0x9d, 0xf6, 0x6f, 0x76,
-    0x7e, 0x31, 0x01, 0x8b,
-};
-static const unsigned char kat28_nor_nonce[] = {
-    0xb9, 0x77, 0x57, 0xad, 0xf5, 0x15, 0x8e, 0x82,
-};
-static const unsigned char kat28_nor_persstr[] = {0};
-static const unsigned char kat28_nor_addin0[] = {
-    0x1b, 0x8f, 0x11, 0x5d, 0xc9, 0x37, 0x54, 0x00, 0x21, 0x2e, 0x50, 0x33,
-    0x76, 0xa9, 0x0f, 0x6b,
-};
-static const unsigned char kat28_nor_addin1[] = {
-    0xb7, 0xb8, 0xa7, 0x4d, 0x1d, 0xb1, 0xec, 0xb6, 0x6c, 0x8a, 0x7f, 0x82,
-    0xec, 0x55, 0xec, 0x13,
-};
-static const unsigned char kat28_nor_retbytes[] = {
-    0xa5, 0x5d, 0x54, 0xfa, 0x57, 0xaa, 0x36, 0x45, 0x6c, 0x64, 0xed, 0xf2,
-    0xa4, 0xbf, 0xc3, 0xa0, 0x45, 0x8d, 0x20, 0xc0, 0x0b, 0xd1, 0x9b, 0x5d,
-    0xc9, 0x71, 0x64, 0x7e, 0xb4, 0x6d, 0x28, 0x24, 0x66, 0xc5, 0xad, 0xe2,
-    0x64, 0x03, 0xf3, 0x7a, 0xf1, 0x90, 0x6e, 0x57, 0x55, 0x0b, 0xd4, 0x1e,
-    0xd4, 0xe8, 0x84, 0x8b, 0x48, 0x5a, 0x12, 0x20, 0x50, 0xc7, 0x1e, 0xc1,
-    0xc5, 0x9a, 0x28, 0x39, 0x9f, 0xf0, 0x70, 0x97, 0xab, 0x28, 0x49, 0xcb,
-    0x01, 0x65, 0xfe, 0x6f, 0xa5, 0x77, 0xf0, 0x32,
-};
-static const struct drbg_kat_no_reseed kat28_nor_t = {
-    12, kat28_nor_entropyin, kat28_nor_nonce, kat28_nor_persstr,
-    kat28_nor_addin0, kat28_nor_addin1, kat28_nor_retbytes
-};
-static const struct drbg_kat kat28_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat28_nor_t
-};
-
-static const unsigned char kat29_nor_entropyin[] = {
-    0x49, 0x66, 0x6d, 0x8b, 0x26, 0xcf, 0x63, 0x0f, 0x37, 0xea, 0xb9, 0x08,
-    0x9e, 0xab, 0xba, 0xe2,
-};
-static const unsigned char kat29_nor_nonce[] = {
-    0x85, 0xea, 0xd7, 0x58, 0xfa, 0x67, 0xa2, 0x9a,
-};
-static const unsigned char kat29_nor_persstr[] = {0};
-static const unsigned char kat29_nor_addin0[] = {
-    0x77, 0x02, 0xe3, 0x97, 0xa4, 0x47, 0x47, 0x2d, 0xf6, 0xab, 0xa9, 0xb3,
-    0x22, 0x36, 0x8a, 0xee,
-};
-static const unsigned char kat29_nor_addin1[] = {
-    0xd1, 0xaf, 0xea, 0x4c, 0x22, 0x36, 0x93, 0x33, 0xa7, 0xb0, 0x82, 0x99,
-    0xae, 0x3d, 0x44, 0xb1,
-};
-static const unsigned char kat29_nor_retbytes[] = {
-    0x63, 0x85, 0x4c, 0x32, 0xa5, 0x80, 0x54, 0xe7, 0xdd, 0xb0, 0xc0, 0xc3,
-    0x9b, 0x8e, 0x54, 0xa9, 0xde, 0x6d, 0xf4, 0xa9, 0xd8, 0xb6, 0x32, 0x44,
-    0x52, 0xcf, 0x9d, 0x02, 0x23, 0x19, 0xf6, 0xb7, 0xe3, 0x0c, 0x7f, 0x6c,
-    0x75, 0x01, 0x9a, 0x0f, 0x37, 0xb7, 0x4b, 0x8d, 0x1c, 0xb1, 0x9b, 0x0d,
-    0xd2, 0x81, 0x4d, 0xe6, 0xb3, 0x66, 0x8f, 0xc7, 0x9c, 0x34, 0x22, 0x2f,
-    0xff, 0xaf, 0xba, 0xca, 0x94, 0x89, 0x41, 0x3d, 0x0e, 0x29, 0xf8, 0xb6,
-    0x2d, 0x75, 0x94, 0x27, 0x43, 0x71, 0xdd, 0x90,
-};
-static const struct drbg_kat_no_reseed kat29_nor_t = {
-    13, kat29_nor_entropyin, kat29_nor_nonce, kat29_nor_persstr,
-    kat29_nor_addin0, kat29_nor_addin1, kat29_nor_retbytes
-};
-static const struct drbg_kat kat29_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat29_nor_t
-};
-
-static const unsigned char kat30_nor_entropyin[] = {
-    0xa3, 0xa0, 0xcf, 0xee, 0x0a, 0x1f, 0xcc, 0x88, 0x55, 0x83, 0x61, 0x5d,
-    0x2d, 0x4b, 0x59, 0x52,
-};
-static const unsigned char kat30_nor_nonce[] = {
-    0xe7, 0xde, 0x2c, 0x6f, 0xfb, 0xf1, 0xfc, 0xa0,
-};
-static const unsigned char kat30_nor_persstr[] = {0};
-static const unsigned char kat30_nor_addin0[] = {
-    0x93, 0xdc, 0x42, 0x4b, 0xd0, 0xd2, 0x66, 0x87, 0x96, 0x01, 0x74, 0x5a,
-    0x23, 0x31, 0x71, 0x41,
-};
-static const unsigned char kat30_nor_addin1[] = {
-    0xa1, 0x73, 0x21, 0x01, 0x5d, 0x32, 0x7c, 0x5d, 0xc0, 0xbc, 0x1e, 0x13,
-    0x0a, 0xad, 0x81, 0xee,
-};
-static const unsigned char kat30_nor_retbytes[] = {
-    0xf6, 0x82, 0x83, 0x4b, 0x5b, 0x49, 0x2e, 0x09, 0xff, 0x8e, 0x0f, 0x2c,
-    0x80, 0x68, 0x3b, 0x03, 0x2a, 0x3b, 0x26, 0x2d, 0x16, 0xbc, 0x60, 0x9c,
-    0x55, 0x0d, 0xc0, 0xe7, 0x4a, 0x4b, 0x7d, 0x8e, 0xbc, 0x0e, 0x3b, 0x8f,
-    0x2c, 0x99, 0x70, 0xd9, 0x0a, 0xec, 0x9a, 0x82, 0x49, 0x7d, 0xde, 0xd2,
-    0x04, 0x22, 0xb1, 0x7b, 0x9e, 0x3c, 0xc3, 0xbc, 0xa7, 0x71, 0xcb, 0xe7,
-    0x17, 0xdd, 0xae, 0xd5, 0xa7, 0xa6, 0xae, 0x26, 0x01, 0xc7, 0xf7, 0x65,
-    0xea, 0xa7, 0x19, 0xb7, 0x16, 0x24, 0xe8, 0x3b,
-};
-static const struct drbg_kat_no_reseed kat30_nor_t = {
-    14, kat30_nor_entropyin, kat30_nor_nonce, kat30_nor_persstr,
-    kat30_nor_addin0, kat30_nor_addin1, kat30_nor_retbytes
-};
-static const struct drbg_kat kat30_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat30_nor_t
-};
-
-static const unsigned char kat31_nor_entropyin[] = {
-    0xf7, 0xe3, 0x16, 0xb1, 0x31, 0x17, 0xdc, 0xc1, 0x8c, 0x44, 0x07, 0xb6,
-    0xa5, 0xcd, 0xc5, 0xd8,
-};
-static const unsigned char kat31_nor_nonce[] = {
-    0xb8, 0x0d, 0xde, 0xe7, 0x5c, 0xf3, 0x9a, 0x48,
-};
-static const unsigned char kat31_nor_persstr[] = {
-    0x81, 0x6c, 0xb1, 0x37, 0xef, 0x64, 0xf9, 0xdf, 0x71, 0xa3, 0xb3, 0xa0,
-    0xb3, 0xaa, 0xf9, 0xb1,
-};
-static const unsigned char kat31_nor_addin0[] = {0};
-static const unsigned char kat31_nor_addin1[] = {0};
-static const unsigned char kat31_nor_retbytes[] = {
-    0xbe, 0x88, 0x85, 0x85, 0xd9, 0x5d, 0x95, 0x26, 0x9f, 0x00, 0x2a, 0xbd,
-    0x8b, 0x1e, 0x33, 0xb2, 0xcb, 0x66, 0x7a, 0x96, 0xd3, 0xbe, 0x6d, 0x20,
-    0xd7, 0x84, 0xb1, 0xbb, 0xc6, 0x63, 0x93, 0x47, 0x83, 0x7d, 0x01, 0xd4,
-    0xb9, 0x5e, 0xed, 0x81, 0x37, 0xcf, 0x29, 0xfe, 0x72, 0x4c, 0xfe, 0xdf,
-    0x8b, 0x23, 0xf9, 0x25, 0x84, 0x80, 0xbe, 0x35, 0x0c, 0x34, 0x07, 0x97,
-    0x3c, 0x59, 0xa9, 0xd7, 0xf3, 0xa6, 0x58, 0x5b, 0x3c, 0x0e, 0x36, 0xa3,
-    0x6c, 0x62, 0x34, 0xd6, 0x88, 0x52, 0xac, 0xaf,
-};
-static const struct drbg_kat_no_reseed kat31_nor_t = {
-    0, kat31_nor_entropyin, kat31_nor_nonce, kat31_nor_persstr,
-    kat31_nor_addin0, kat31_nor_addin1, kat31_nor_retbytes
-};
-static const struct drbg_kat kat31_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat31_nor_t
-};
-
-static const unsigned char kat32_nor_entropyin[] = {
-    0x03, 0x3f, 0x1e, 0x32, 0x61, 0x2f, 0xd1, 0x19, 0x74, 0xc6, 0x99, 0x2b,
-    0xe2, 0x8b, 0x00, 0x9d,
-};
-static const unsigned char kat32_nor_nonce[] = {
-    0x6b, 0x52, 0x8c, 0x9d, 0x2a, 0xcc, 0xd0, 0xaf,
-};
-static const unsigned char kat32_nor_persstr[] = {
-    0x1b, 0x1d, 0xef, 0xb5, 0x46, 0x20, 0x6d, 0x55, 0x5c, 0x55, 0xbf, 0x23,
-    0xa7, 0xfe, 0xfd, 0x10,
-};
-static const unsigned char kat32_nor_addin0[] = {0};
-static const unsigned char kat32_nor_addin1[] = {0};
-static const unsigned char kat32_nor_retbytes[] = {
-    0xf1, 0xe0, 0x12, 0xc3, 0x3a, 0x6f, 0x2a, 0x5f, 0x06, 0xf0, 0x0e, 0xca,
-    0xe9, 0x97, 0xe4, 0xd6, 0xc4, 0x8b, 0x3e, 0x5b, 0x76, 0x9c, 0x05, 0x89,
-    0x51, 0xe3, 0xcb, 0x3c, 0xd1, 0xae, 0x07, 0x94, 0x16, 0x5b, 0x54, 0xd9,
-    0x0f, 0x0d, 0xf6, 0x6a, 0x40, 0x02, 0x59, 0x56, 0xeb, 0x76, 0xa6, 0x15,
-    0x0a, 0x85, 0x0c, 0xec, 0x48, 0xc2, 0x49, 0x7d, 0x2d, 0x58, 0x61, 0x29,
-    0x68, 0x77, 0xe6, 0x27, 0xdf, 0x2f, 0x06, 0x4d, 0x3d, 0x7c, 0x12, 0xf9,
-    0x69, 0x2d, 0x65, 0x7f, 0x4e, 0xea, 0x70, 0x86,
-};
-static const struct drbg_kat_no_reseed kat32_nor_t = {
-    1, kat32_nor_entropyin, kat32_nor_nonce, kat32_nor_persstr,
-    kat32_nor_addin0, kat32_nor_addin1, kat32_nor_retbytes
-};
-static const struct drbg_kat kat32_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat32_nor_t
-};
-
-static const unsigned char kat33_nor_entropyin[] = {
-    0xb2, 0x07, 0xab, 0x84, 0x0b, 0x35, 0x7a, 0xe0, 0xf8, 0x4d, 0x84, 0xfd,
-    0x91, 0xfe, 0x9d, 0xb2,
-};
-static const unsigned char kat33_nor_nonce[] = {
-    0x6a, 0xd6, 0xf6, 0x7b, 0x65, 0x4f, 0x8c, 0x1d,
-};
-static const unsigned char kat33_nor_persstr[] = {
-    0x80, 0xe0, 0x29, 0x0e, 0x51, 0xb6, 0x7e, 0x7a, 0x5f, 0x26, 0xb1, 0x51,
-    0x71, 0x7c, 0x11, 0xc4,
-};
-static const unsigned char kat33_nor_addin0[] = {0};
-static const unsigned char kat33_nor_addin1[] = {0};
-static const unsigned char kat33_nor_retbytes[] = {
-    0xb1, 0x50, 0x05, 0x33, 0x48, 0x3e, 0x00, 0x7f, 0x92, 0x21, 0x66, 0x3f,
-    0x00, 0xe3, 0x74, 0x5b, 0x15, 0x1b, 0x80, 0x85, 0x22, 0x9d, 0xf0, 0x5e,
-    0x90, 0xad, 0x6e, 0x1b, 0x4f, 0x28, 0x6c, 0x11, 0x65, 0x6b, 0xcd, 0x13,
-    0xec, 0x28, 0x0c, 0xb9, 0x20, 0x75, 0xb5, 0x0c, 0x17, 0xf4, 0xcc, 0x9b,
-    0xf4, 0xa0, 0x7d, 0x66, 0x1c, 0xfe, 0x17, 0x51, 0x8e, 0xc5, 0xd2, 0x64,
-    0x93, 0x18, 0xb9, 0x58, 0x7d, 0xb8, 0x8e, 0x09, 0x3e, 0x98, 0x1f, 0xc5,
-    0x16, 0x74, 0xc9, 0x89, 0x30, 0x44, 0xac, 0x7d,
-};
-static const struct drbg_kat_no_reseed kat33_nor_t = {
-    2, kat33_nor_entropyin, kat33_nor_nonce, kat33_nor_persstr,
-    kat33_nor_addin0, kat33_nor_addin1, kat33_nor_retbytes
-};
-static const struct drbg_kat kat33_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat33_nor_t
-};
-
-static const unsigned char kat34_nor_entropyin[] = {
-    0xd8, 0x89, 0x57, 0xfb, 0xca, 0x97, 0xba, 0x8a, 0x2e, 0x73, 0xeb, 0x64,
-    0xa3, 0x8e, 0xf3, 0x1c,
-};
-static const unsigned char kat34_nor_nonce[] = {
-    0x3e, 0x07, 0xa9, 0x17, 0xc1, 0x11, 0xc5, 0xf4,
-};
-static const unsigned char kat34_nor_persstr[] = {
-    0x70, 0x86, 0x0b, 0xe0, 0x05, 0xc1, 0xdd, 0x2b, 0xf3, 0x22, 0x74, 0x40,
-    0x40, 0xe2, 0xb7, 0x02,
-};
-static const unsigned char kat34_nor_addin0[] = {0};
-static const unsigned char kat34_nor_addin1[] = {0};
-static const unsigned char kat34_nor_retbytes[] = {
-    0xd7, 0xa9, 0xf9, 0xc6, 0xac, 0x7b, 0x5a, 0xb8, 0xe0, 0x6e, 0xf7, 0x07,
-    0x62, 0x68, 0x88, 0x62, 0x8a, 0x3f, 0xa9, 0xcc, 0x86, 0x38, 0x5a, 0xb5,
-    0x6e, 0x39, 0x90, 0x1e, 0x8b, 0x72, 0x0b, 0x93, 0x2c, 0x5c, 0x77, 0x98,
-    0x0a, 0x96, 0x7f, 0x38, 0xed, 0xb9, 0x5f, 0x19, 0xb3, 0xc0, 0xf8, 0xe9,
-    0x5e, 0x0b, 0xfd, 0xc8, 0xfb, 0x40, 0x47, 0x71, 0xf0, 0x53, 0xda, 0x5f,
-    0x96, 0xe7, 0x9d, 0x52, 0x94, 0x5c, 0xb4, 0x27, 0x79, 0x81, 0xa9, 0x78,
-    0xce, 0xe8, 0x0d, 0x84, 0xb2, 0x86, 0xe1, 0xb6,
-};
-static const struct drbg_kat_no_reseed kat34_nor_t = {
-    3, kat34_nor_entropyin, kat34_nor_nonce, kat34_nor_persstr,
-    kat34_nor_addin0, kat34_nor_addin1, kat34_nor_retbytes
-};
-static const struct drbg_kat kat34_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat34_nor_t
-};
-
-static const unsigned char kat35_nor_entropyin[] = {
-    0x0a, 0x4c, 0x59, 0x0e, 0xbc, 0xef, 0x05, 0x56, 0xaf, 0x98, 0x11, 0xb6,
-    0x46, 0x2b, 0x92, 0xd6,
-};
-static const unsigned char kat35_nor_nonce[] = {
-    0x23, 0x8d, 0x39, 0x5f, 0x8d, 0x29, 0x52, 0x05,
-};
-static const unsigned char kat35_nor_persstr[] = {
-    0x3d, 0xf3, 0xdd, 0xb4, 0xcb, 0x22, 0xe2, 0xa6, 0xcc, 0xd6, 0x85, 0xf0,
-    0x94, 0x07, 0x8a, 0x12,
-};
-static const unsigned char kat35_nor_addin0[] = {0};
-static const unsigned char kat35_nor_addin1[] = {0};
-static const unsigned char kat35_nor_retbytes[] = {
-    0x22, 0xdf, 0xbc, 0x94, 0x62, 0xcf, 0xf9, 0x4c, 0x26, 0xd6, 0x07, 0x3c,
-    0xe1, 0x09, 0x49, 0xfb, 0x5c, 0xd5, 0x3c, 0x60, 0x55, 0xd7, 0x27, 0xb1,
-    0xbe, 0x79, 0x8c, 0x5b, 0x1d, 0x01, 0x8f, 0x73, 0x21, 0x39, 0xe7, 0x4f,
-    0xd7, 0xdf, 0x60, 0x42, 0x24, 0x42, 0x3a, 0x2c, 0xba, 0x88, 0xdf, 0xe9,
-    0x8a, 0xf8, 0x8f, 0x99, 0x77, 0xb7, 0xd7, 0x9f, 0xff, 0x08, 0xfc, 0x6c,
-    0xde, 0xfc, 0xad, 0x3a, 0xc7, 0x40, 0x84, 0xba, 0xb8, 0xaf, 0x04, 0xc5,
-    0xfd, 0xab, 0xc9, 0x43, 0xd5, 0x1e, 0xda, 0x0a,
-};
-static const struct drbg_kat_no_reseed kat35_nor_t = {
-    4, kat35_nor_entropyin, kat35_nor_nonce, kat35_nor_persstr,
-    kat35_nor_addin0, kat35_nor_addin1, kat35_nor_retbytes
-};
-static const struct drbg_kat kat35_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat35_nor_t
-};
-
-static const unsigned char kat36_nor_entropyin[] = {
-    0xf8, 0xd9, 0x70, 0x58, 0x29, 0xd4, 0x90, 0x8e, 0x43, 0xd0, 0xfb, 0x62,
-    0xf7, 0x2b, 0x12, 0x0a,
-};
-static const unsigned char kat36_nor_nonce[] = {
-    0x34, 0x96, 0x18, 0xdc, 0xe5, 0x51, 0xe7, 0xc3,
-};
-static const unsigned char kat36_nor_persstr[] = {
-    0x05, 0x4d, 0x18, 0xec, 0x3b, 0x0f, 0x5a, 0xfc, 0x46, 0xf9, 0x7b, 0xbc,
-    0x0c, 0x58, 0x21, 0xe1,
-};
-static const unsigned char kat36_nor_addin0[] = {0};
-static const unsigned char kat36_nor_addin1[] = {0};
-static const unsigned char kat36_nor_retbytes[] = {
-    0xa4, 0x3c, 0x01, 0xfe, 0x30, 0xb0, 0x1d, 0xd1, 0x46, 0x8e, 0x4c, 0x81,
-    0xf9, 0xa6, 0xb0, 0x4f, 0x8c, 0x34, 0xf9, 0x04, 0xb2, 0x1e, 0x5d, 0xbe,
-    0x18, 0x90, 0x77, 0x8c, 0x13, 0xf5, 0xb3, 0x6a, 0x66, 0x48, 0x37, 0xb9,
-    0x8a, 0x1b, 0xb0, 0xf5, 0x33, 0x65, 0x3d, 0x6a, 0xc7, 0xe5, 0x37, 0xa6,
-    0xa0, 0xc5, 0xc8, 0x79, 0xba, 0xf4, 0x58, 0x15, 0xec, 0xae, 0xe6, 0xb0,
-    0x3a, 0x67, 0x7b, 0x2d, 0xc5, 0xcc, 0x12, 0x04, 0x2f, 0x7c, 0xa1, 0x61,
-    0xbf, 0x90, 0xb2, 0xa7, 0x3c, 0xf4, 0x1d, 0x23,
-};
-static const struct drbg_kat_no_reseed kat36_nor_t = {
-    5, kat36_nor_entropyin, kat36_nor_nonce, kat36_nor_persstr,
-    kat36_nor_addin0, kat36_nor_addin1, kat36_nor_retbytes
-};
-static const struct drbg_kat kat36_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat36_nor_t
-};
-
-static const unsigned char kat37_nor_entropyin[] = {
-    0x53, 0xe0, 0x93, 0x05, 0x5d, 0x91, 0x2f, 0x7f, 0xe9, 0x6f, 0x0b, 0xcc,
-    0xc4, 0x61, 0x65, 0xc8,
-};
-static const unsigned char kat37_nor_nonce[] = {
-    0x80, 0xf5, 0x97, 0x7f, 0x22, 0xa0, 0x96, 0xb1,
-};
-static const unsigned char kat37_nor_persstr[] = {
-    0x92, 0xad, 0x83, 0x18, 0x7b, 0x24, 0x74, 0x8e, 0xd7, 0x7b, 0x36, 0x31,
-    0x39, 0x17, 0xe9, 0x80,
-};
-static const unsigned char kat37_nor_addin0[] = {0};
-static const unsigned char kat37_nor_addin1[] = {0};
-static const unsigned char kat37_nor_retbytes[] = {
-    0xe9, 0x59, 0x37, 0xe3, 0x4e, 0x5e, 0x0c, 0x54, 0x7a, 0xeb, 0x0e, 0x8d,
-    0xbe, 0x3c, 0xb9, 0xba, 0x5f, 0x82, 0x39, 0x78, 0xe3, 0xa4, 0x22, 0x55,
-    0xa0, 0x80, 0x3d, 0x09, 0x6b, 0xea, 0x9c, 0xd2, 0x2f, 0x38, 0x7b, 0x4d,
-    0x96, 0x7e, 0xc6, 0xc6, 0xd5, 0xa6, 0x6d, 0x62, 0xf4, 0x5a, 0x83, 0x76,
-    0x73, 0xc5, 0x86, 0x35, 0x1d, 0x75, 0x33, 0x47, 0x2d, 0x3b, 0xd4, 0xfa,
-    0x14, 0x9d, 0x26, 0xe1, 0x5e, 0xba, 0xe9, 0x10, 0x71, 0x46, 0xb9, 0x92,
-    0x19, 0xd4, 0xfa, 0xed, 0x13, 0x80, 0xa8, 0x1b,
-};
-static const struct drbg_kat_no_reseed kat37_nor_t = {
-    6, kat37_nor_entropyin, kat37_nor_nonce, kat37_nor_persstr,
-    kat37_nor_addin0, kat37_nor_addin1, kat37_nor_retbytes
-};
-static const struct drbg_kat kat37_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat37_nor_t
-};
-
-static const unsigned char kat38_nor_entropyin[] = {
-    0xca, 0xcb, 0x0b, 0xf9, 0x34, 0xe4, 0x27, 0xbc, 0xcd, 0x07, 0xa6, 0xed,
-    0x85, 0xd5, 0x51, 0xe1,
-};
-static const unsigned char kat38_nor_nonce[] = {
-    0xbc, 0x16, 0x67, 0x6c, 0x43, 0x86, 0xff, 0xa4,
-};
-static const unsigned char kat38_nor_persstr[] = {
-    0x5f, 0xd3, 0xb0, 0x5b, 0xea, 0xab, 0x79, 0x95, 0x37, 0x09, 0xed, 0x3c,
-    0x60, 0xe7, 0x12, 0x30,
-};
-static const unsigned char kat38_nor_addin0[] = {0};
-static const unsigned char kat38_nor_addin1[] = {0};
-static const unsigned char kat38_nor_retbytes[] = {
-    0x60, 0xec, 0xf6, 0xd8, 0x9a, 0xe6, 0x3b, 0x0c, 0xa3, 0xc3, 0x95, 0xec,
-    0xba, 0x93, 0xfa, 0x16, 0x77, 0x76, 0xdd, 0x46, 0xfa, 0x20, 0x18, 0xf1,
-    0x1b, 0x5d, 0x4c, 0xfb, 0x29, 0xce, 0x1f, 0xb1, 0x9d, 0x14, 0xca, 0x7c,
-    0xe8, 0x88, 0x7c, 0x5b, 0x19, 0x5b, 0xd1, 0xbc, 0x0d, 0xf4, 0x73, 0x50,
-    0x5d, 0x4b, 0x0e, 0x69, 0xa7, 0xbb, 0x54, 0xff, 0x31, 0xc4, 0xb4, 0x8f,
-    0xd0, 0x6b, 0xbc, 0x78, 0x3b, 0xfa, 0x85, 0xc8, 0x71, 0x5a, 0xef, 0x86,
-    0xfd, 0xee, 0xca, 0x52, 0x12, 0xa1, 0x2b, 0xac,
-};
-static const struct drbg_kat_no_reseed kat38_nor_t = {
-    7, kat38_nor_entropyin, kat38_nor_nonce, kat38_nor_persstr,
-    kat38_nor_addin0, kat38_nor_addin1, kat38_nor_retbytes
-};
-static const struct drbg_kat kat38_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat38_nor_t
-};
-
-static const unsigned char kat39_nor_entropyin[] = {
-    0xb9, 0xb6, 0x6a, 0xea, 0x1e, 0x07, 0xb6, 0x0b, 0x30, 0xfd, 0x32, 0xff,
-    0x2c, 0xdc, 0xba, 0x61,
-};
-static const unsigned char kat39_nor_nonce[] = {
-    0x9b, 0x49, 0x7b, 0xed, 0x54, 0x94, 0x5c, 0x93,
-};
-static const unsigned char kat39_nor_persstr[] = {
-    0xed, 0xde, 0x3a, 0xe3, 0x95, 0x78, 0xea, 0x81, 0x9f, 0x67, 0xb3, 0x8e,
-    0x55, 0x2b, 0xe3, 0xb8,
-};
-static const unsigned char kat39_nor_addin0[] = {0};
-static const unsigned char kat39_nor_addin1[] = {0};
-static const unsigned char kat39_nor_retbytes[] = {
-    0x7d, 0xfb, 0x2c, 0xfa, 0x07, 0x47, 0x07, 0x1c, 0x97, 0xf1, 0x1a, 0x4d,
-    0xda, 0x37, 0x80, 0xf3, 0xca, 0xd2, 0x0b, 0x1c, 0x59, 0x8d, 0x3e, 0x74,
-    0xb2, 0xa9, 0x0f, 0xd3, 0x9f, 0xf6, 0xb6, 0x59, 0x01, 0x2c, 0xac, 0xbf,
-    0x60, 0x4b, 0x27, 0x07, 0x62, 0xbf, 0x50, 0x08, 0xa9, 0xf7, 0x79, 0xac,
-    0xbf, 0xb2, 0xc4, 0xb1, 0x60, 0xd4, 0x22, 0x85, 0xd6, 0x3e, 0x5a, 0x90,
-    0x19, 0x62, 0x63, 0x61, 0xbb, 0xd9, 0x8b, 0xfa, 0xd1, 0x48, 0xcc, 0x81,
-    0x42, 0x6c, 0xec, 0xbc, 0x07, 0x6e, 0x92, 0x6f,
-};
-static const struct drbg_kat_no_reseed kat39_nor_t = {
-    8, kat39_nor_entropyin, kat39_nor_nonce, kat39_nor_persstr,
-    kat39_nor_addin0, kat39_nor_addin1, kat39_nor_retbytes
-};
-static const struct drbg_kat kat39_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat39_nor_t
-};
-
-static const unsigned char kat40_nor_entropyin[] = {
-    0x81, 0x1b, 0xd6, 0x4f, 0xa9, 0x15, 0xfa, 0xdf, 0x72, 0xc1, 0x14, 0xb7,
-    0xb9, 0xa3, 0xcd, 0x40,
-};
-static const unsigned char kat40_nor_nonce[] = {
-    0x88, 0x70, 0x42, 0x0e, 0x78, 0xb3, 0x3a, 0xf8,
-};
-static const unsigned char kat40_nor_persstr[] = {
-    0xe0, 0xdc, 0xc2, 0x80, 0x4e, 0xd0, 0x7b, 0x8f, 0x4e, 0xee, 0xa4, 0xe4,
-    0x02, 0x68, 0x44, 0x3b,
-};
-static const unsigned char kat40_nor_addin0[] = {0};
-static const unsigned char kat40_nor_addin1[] = {0};
-static const unsigned char kat40_nor_retbytes[] = {
-    0x7f, 0x4d, 0xbd, 0xaa, 0xce, 0xdc, 0xce, 0x57, 0x6b, 0xdf, 0xa0, 0x3a,
-    0x80, 0xc3, 0x86, 0x1c, 0xb5, 0x2d, 0x8b, 0x14, 0xa6, 0xf6, 0x3e, 0x03,
-    0x48, 0x68, 0xdc, 0x3f, 0xde, 0xbb, 0x5f, 0x2c, 0xd1, 0xae, 0x57, 0x90,
-    0xb7, 0x55, 0xca, 0x61, 0x7c, 0x91, 0x71, 0x4b, 0xe9, 0x29, 0x02, 0xd0,
-    0x08, 0x8a, 0x60, 0xd2, 0x50, 0x11, 0x23, 0x94, 0x5d, 0x53, 0x3e, 0xbc,
-    0x8b, 0x9a, 0x13, 0xfc, 0x81, 0xb6, 0xcf, 0x22, 0xcc, 0x0d, 0xca, 0x1c,
-    0x86, 0xf2, 0x8a, 0xa5, 0xbf, 0x38, 0xa6, 0xfa,
-};
-static const struct drbg_kat_no_reseed kat40_nor_t = {
-    9, kat40_nor_entropyin, kat40_nor_nonce, kat40_nor_persstr,
-    kat40_nor_addin0, kat40_nor_addin1, kat40_nor_retbytes
-};
-static const struct drbg_kat kat40_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat40_nor_t
-};
-
-static const unsigned char kat41_nor_entropyin[] = {
-    0x37, 0x5a, 0xde, 0x01, 0x2a, 0xae, 0xfb, 0x48, 0x0d, 0xd9, 0xe0, 0x1d,
-    0xca, 0xc6, 0xb0, 0x9d,
-};
-static const unsigned char kat41_nor_nonce[] = {
-    0x4b, 0x52, 0x18, 0xc5, 0x85, 0x46, 0x4f, 0xa1,
-};
-static const unsigned char kat41_nor_persstr[] = {
-    0x1d, 0x04, 0xbe, 0xea, 0xf7, 0x92, 0xcf, 0x33, 0x60, 0x13, 0xf6, 0xdf,
-    0xec, 0xf8, 0xbf, 0x37,
-};
-static const unsigned char kat41_nor_addin0[] = {0};
-static const unsigned char kat41_nor_addin1[] = {0};
-static const unsigned char kat41_nor_retbytes[] = {
-    0xea, 0xbf, 0xcd, 0xfc, 0x39, 0x6b, 0x5e, 0x9c, 0x10, 0xe0, 0x9b, 0x45,
-    0xaa, 0x0f, 0xe9, 0x78, 0x55, 0x8a, 0xaf, 0x8a, 0x13, 0xc4, 0xce, 0x7c,
-    0xdc, 0xba, 0xb0, 0x21, 0x68, 0x82, 0xd3, 0x95, 0x55, 0xb3, 0x69, 0xc6,
-    0x8e, 0x62, 0x48, 0x4d, 0x1c, 0xcd, 0x51, 0xfd, 0xcc, 0x4c, 0xb6, 0x1b,
-    0x22, 0xa0, 0x12, 0x01, 0x47, 0xe6, 0x68, 0x6c, 0x26, 0x3c, 0x32, 0xf6,
-    0x62, 0x33, 0x27, 0x3a, 0x30, 0x11, 0xda, 0xd2, 0x42, 0x8d, 0x4d, 0x6f,
-    0x5e, 0x9e, 0x20, 0xb9, 0xef, 0x64, 0x74, 0xe4,
-};
-static const struct drbg_kat_no_reseed kat41_nor_t = {
-    10, kat41_nor_entropyin, kat41_nor_nonce, kat41_nor_persstr,
-    kat41_nor_addin0, kat41_nor_addin1, kat41_nor_retbytes
-};
-static const struct drbg_kat kat41_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat41_nor_t
-};
-
-static const unsigned char kat42_nor_entropyin[] = {
-    0x86, 0xe5, 0x9a, 0x04, 0x69, 0x83, 0x7c, 0x69, 0xff, 0xec, 0xa5, 0x66,
-    0x65, 0x6f, 0x02, 0x54,
-};
-static const unsigned char kat42_nor_nonce[] = {
-    0x67, 0x7e, 0x6c, 0xb3, 0x13, 0xa3, 0x4a, 0x19,
-};
-static const unsigned char kat42_nor_persstr[] = {
-    0x38, 0x09, 0x01, 0x3d, 0x72, 0xfc, 0x55, 0x99, 0x01, 0xca, 0x1b, 0x06,
-    0xbe, 0x58, 0x78, 0xf8,
-};
-static const unsigned char kat42_nor_addin0[] = {0};
-static const unsigned char kat42_nor_addin1[] = {0};
-static const unsigned char kat42_nor_retbytes[] = {
-    0x8f, 0xa6, 0x23, 0x14, 0xbf, 0x1a, 0x1f, 0xf5, 0x84, 0x31, 0x79, 0x96,
-    0xa1, 0x3a, 0x64, 0x80, 0x06, 0x95, 0x8f, 0xe8, 0xcd, 0x52, 0x63, 0xc6,
-    0x1a, 0x2c, 0x68, 0x94, 0x19, 0x35, 0x8d, 0xc3, 0x56, 0xf3, 0x4e, 0x1b,
-    0x19, 0x81, 0xaa, 0x8f, 0x4d, 0x18, 0x99, 0xa5, 0x1f, 0xed, 0x1a, 0x9c,
-    0xfc, 0x8d, 0xb7, 0xe8, 0x4b, 0x73, 0x50, 0x63, 0x77, 0xcd, 0x12, 0x36,
-    0x6b, 0xbc, 0x14, 0x40, 0x32, 0x1e, 0xf1, 0xd6, 0x4a, 0x0a, 0x6e, 0xb0,
-    0xff, 0xe2, 0x54, 0x00, 0xeb, 0x82, 0xa7, 0xac,
-};
-static const struct drbg_kat_no_reseed kat42_nor_t = {
-    11, kat42_nor_entropyin, kat42_nor_nonce, kat42_nor_persstr,
-    kat42_nor_addin0, kat42_nor_addin1, kat42_nor_retbytes
-};
-static const struct drbg_kat kat42_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat42_nor_t
-};
-
-static const unsigned char kat43_nor_entropyin[] = {
-    0x66, 0xd1, 0xab, 0x7b, 0x31, 0x15, 0x24, 0x93, 0x61, 0xdb, 0x41, 0x48,
-    0x25, 0x38, 0xd1, 0x42,
-};
-static const unsigned char kat43_nor_nonce[] = {
-    0xa1, 0x7c, 0xbb, 0xde, 0x72, 0x00, 0xd2, 0xbe,
-};
-static const unsigned char kat43_nor_persstr[] = {
-    0xaa, 0xd7, 0xb6, 0xa9, 0xde, 0x71, 0x7a, 0xcc, 0x17, 0xfa, 0x7c, 0xed,
-    0xc2, 0x85, 0x8e, 0xa9,
-};
-static const unsigned char kat43_nor_addin0[] = {0};
-static const unsigned char kat43_nor_addin1[] = {0};
-static const unsigned char kat43_nor_retbytes[] = {
-    0x18, 0xe3, 0xfa, 0x3d, 0x86, 0x1a, 0xb8, 0x10, 0xe4, 0xfc, 0xd0, 0x52,
-    0x06, 0xb3, 0xec, 0x49, 0x87, 0xc1, 0x60, 0x00, 0xf6, 0xa8, 0x4a, 0x28,
-    0xe2, 0xe8, 0x93, 0x87, 0xb4, 0x01, 0x0c, 0x84, 0x0f, 0x79, 0x64, 0x84,
-    0xd4, 0x73, 0x0c, 0x5b, 0x3a, 0x46, 0xe3, 0x7c, 0x99, 0xe5, 0xe1, 0xea,
-    0x02, 0xa6, 0xd1, 0x53, 0xd5, 0x0e, 0x97, 0x19, 0xe0, 0x41, 0x9e, 0x58,
-    0xe9, 0xf6, 0x25, 0x4b, 0xa3, 0xb9, 0xca, 0x80, 0xbb, 0x1b, 0x27, 0xf7,
-    0x0a, 0x05, 0xc9, 0x44, 0xcb, 0xbf, 0x9e, 0x89,
-};
-static const struct drbg_kat_no_reseed kat43_nor_t = {
-    12, kat43_nor_entropyin, kat43_nor_nonce, kat43_nor_persstr,
-    kat43_nor_addin0, kat43_nor_addin1, kat43_nor_retbytes
-};
-static const struct drbg_kat kat43_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat43_nor_t
-};
-
-static const unsigned char kat44_nor_entropyin[] = {
-    0x61, 0x49, 0x06, 0x0c, 0x71, 0xc6, 0xd6, 0xfa, 0xc0, 0xd3, 0x08, 0x83,
-    0x69, 0xa9, 0x62, 0x8e,
-};
-static const unsigned char kat44_nor_nonce[] = {
-    0x6a, 0x97, 0xf8, 0x19, 0x9b, 0x36, 0xb3, 0xca,
-};
-static const unsigned char kat44_nor_persstr[] = {
-    0x23, 0x1c, 0x6f, 0x78, 0x38, 0x8f, 0xb6, 0x3c, 0xfe, 0x94, 0x22, 0xde,
-    0xd4, 0x1c, 0xaa, 0x7a,
-};
-static const unsigned char kat44_nor_addin0[] = {0};
-static const unsigned char kat44_nor_addin1[] = {0};
-static const unsigned char kat44_nor_retbytes[] = {
-    0x9d, 0x7c, 0xea, 0x99, 0x27, 0xe5, 0xe9, 0x55, 0x2d, 0xe9, 0xda, 0x9a,
-    0x8c, 0x29, 0x1b, 0x94, 0x00, 0xe3, 0x8f, 0xb3, 0x2c, 0x30, 0xdc, 0x33,
-    0x4f, 0x57, 0x2b, 0xac, 0xe0, 0x72, 0x81, 0x5b, 0xcc, 0x48, 0x06, 0xfc,
-    0x07, 0x7b, 0x7a, 0xe6, 0xe4, 0xc8, 0x2e, 0xd9, 0xa8, 0x0b, 0x28, 0x1f,
-    0xe1, 0x86, 0x81, 0x8c, 0x38, 0xbc, 0x1d, 0x0f, 0x16, 0xce, 0x05, 0xee,
-    0x64, 0x44, 0x50, 0xd2, 0x0d, 0xe5, 0xec, 0xdb, 0xa5, 0x75, 0xe4, 0x36,
-    0xac, 0xb8, 0x52, 0x62, 0x30, 0xcd, 0x8b, 0xce,
-};
-static const struct drbg_kat_no_reseed kat44_nor_t = {
-    13, kat44_nor_entropyin, kat44_nor_nonce, kat44_nor_persstr,
-    kat44_nor_addin0, kat44_nor_addin1, kat44_nor_retbytes
-};
-static const struct drbg_kat kat44_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat44_nor_t
-};
-
-static const unsigned char kat45_nor_entropyin[] = {
-    0xf3, 0x68, 0xb8, 0x15, 0x01, 0x33, 0x8a, 0x3c, 0xca, 0x94, 0x83, 0x53,
-    0xfe, 0x16, 0x97, 0x0d,
-};
-static const unsigned char kat45_nor_nonce[] = {
-    0xfa, 0x9a, 0xda, 0xe9, 0x24, 0x41, 0x71, 0x50,
-};
-static const unsigned char kat45_nor_persstr[] = {
-    0xdb, 0xad, 0x22, 0xc3, 0x89, 0xc5, 0x27, 0x71, 0x5d, 0x21, 0xa5, 0xbd,
-    0xf3, 0x8c, 0x1f, 0xad,
-};
-static const unsigned char kat45_nor_addin0[] = {0};
-static const unsigned char kat45_nor_addin1[] = {0};
-static const unsigned char kat45_nor_retbytes[] = {
-    0xa1, 0x8d, 0x57, 0xe6, 0x72, 0x21, 0x89, 0x56, 0xe6, 0xc8, 0xcb, 0x99,
-    0x01, 0xd0, 0x28, 0x88, 0xf3, 0x58, 0x71, 0x77, 0xc3, 0xe1, 0x1e, 0x1a,
-    0x99, 0xea, 0x72, 0x37, 0x03, 0x47, 0xb9, 0x53, 0xa9, 0xf1, 0x22, 0xc9,
-    0x44, 0x6d, 0xfa, 0x10, 0x97, 0x23, 0xb2, 0x7f, 0x36, 0xfb, 0xf1, 0x5e,
-    0xdf, 0x10, 0x3a, 0x56, 0x74, 0x1c, 0x24, 0x96, 0x85, 0x92, 0x47, 0x9c,
-    0xfe, 0x30, 0xbc, 0x00, 0x53, 0xfa, 0x7b, 0x98, 0x18, 0xe9, 0xde, 0xbc,
-    0xc4, 0x94, 0xdb, 0x64, 0xd1, 0x5d, 0x03, 0x8b,
-};
-static const struct drbg_kat_no_reseed kat45_nor_t = {
-    14, kat45_nor_entropyin, kat45_nor_nonce, kat45_nor_persstr,
-    kat45_nor_addin0, kat45_nor_addin1, kat45_nor_retbytes
-};
-static const struct drbg_kat kat45_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat45_nor_t
-};
-
-static const unsigned char kat46_nor_entropyin[] = {
-    0x64, 0x66, 0xe1, 0x79, 0x9a, 0x68, 0x01, 0x23, 0x79, 0x63, 0x1b, 0x3a,
-    0xae, 0x41, 0xf5, 0x9b,
-};
-static const unsigned char kat46_nor_nonce[] = {
-    0x6b, 0x0c, 0x61, 0x26, 0x9f, 0x67, 0xc5, 0x76,
-};
-static const unsigned char kat46_nor_persstr[] = {
-    0xcc, 0x93, 0x6b, 0x87, 0xc8, 0xc8, 0xc1, 0xab, 0x85, 0xdd, 0xe0, 0xad,
-    0x2e, 0x92, 0x42, 0xb4,
-};
-static const unsigned char kat46_nor_addin0[] = {
-    0xd1, 0x03, 0x3a, 0xc5, 0x53, 0xef, 0x08, 0xf2, 0x2f, 0xd3, 0x8f, 0x12,
-    0xb4, 0x9b, 0x45, 0xbc,
-};
-static const unsigned char kat46_nor_addin1[] = {
-    0xf0, 0x04, 0xba, 0x01, 0xf5, 0x14, 0x55, 0x43, 0x0d, 0x84, 0x36, 0x2e,
-    0x37, 0x6e, 0xb7, 0x75,
-};
-static const unsigned char kat46_nor_retbytes[] = {
-    0x5d, 0x67, 0x5d, 0x1e, 0x92, 0x49, 0x09, 0x52, 0x70, 0x3c, 0x19, 0x41,
-    0x94, 0xe1, 0xb0, 0x61, 0xb6, 0xec, 0x4e, 0x21, 0x9d, 0xc2, 0xe1, 0xed,
-    0xaa, 0x89, 0x1e, 0xf2, 0xd1, 0xb7, 0xed, 0x05, 0x0a, 0x06, 0x34, 0x2d,
-    0x3c, 0x09, 0x50, 0x11, 0xeb, 0x33, 0x9f, 0x19, 0x85, 0x19, 0x77, 0x9b,
-    0x01, 0xab, 0x1a, 0x58, 0x0b, 0xd2, 0xe3, 0x4d, 0x6c, 0xf4, 0xe4, 0x7c,
-    0x1b, 0xef, 0xe0, 0xc7, 0xdc, 0x37, 0xb4, 0xaa, 0xfb, 0x31, 0x12, 0x8f,
-    0xa3, 0x96, 0x26, 0x7f, 0x37, 0x32, 0x09, 0x5a,
-};
-static const struct drbg_kat_no_reseed kat46_nor_t = {
-    0, kat46_nor_entropyin, kat46_nor_nonce, kat46_nor_persstr,
-    kat46_nor_addin0, kat46_nor_addin1, kat46_nor_retbytes
-};
-static const struct drbg_kat kat46_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat46_nor_t
-};
-
-static const unsigned char kat47_nor_entropyin[] = {
-    0x7e, 0xd2, 0x84, 0xc8, 0x59, 0x6b, 0x6f, 0x01, 0x07, 0xde, 0x3b, 0x4b,
-    0x95, 0xcd, 0x91, 0x14,
-};
-static const unsigned char kat47_nor_nonce[] = {
-    0x69, 0x11, 0x6c, 0x8a, 0x07, 0x3b, 0xf4, 0xf4,
-};
-static const unsigned char kat47_nor_persstr[] = {
-    0xaf, 0x66, 0x8e, 0xb6, 0x5b, 0x0f, 0x4d, 0xf2, 0xed, 0x49, 0xb3, 0x7c,
-    0x84, 0x2b, 0x27, 0x2e,
-};
-static const unsigned char kat47_nor_addin0[] = {
-    0xf0, 0xdd, 0xc4, 0x59, 0x22, 0x36, 0x3f, 0x40, 0x27, 0x1e, 0x7a, 0x01,
-    0xed, 0x67, 0xba, 0x84,
-};
-static const unsigned char kat47_nor_addin1[] = {
-    0xc2, 0xda, 0x95, 0xcb, 0xfe, 0xfd, 0x2a, 0xc7, 0x39, 0x5c, 0xf9, 0x89,
-    0x71, 0x1c, 0x13, 0x50,
-};
-static const unsigned char kat47_nor_retbytes[] = {
-    0x30, 0x6f, 0x55, 0x30, 0x77, 0x03, 0x4e, 0xc2, 0xa8, 0x6a, 0x64, 0xcd,
-    0xf3, 0x43, 0x87, 0xc5, 0x97, 0x69, 0xaa, 0xe1, 0x49, 0xd8, 0xcd, 0xb0,
-    0x04, 0x1a, 0x5c, 0x2e, 0x6d, 0xf9, 0xdd, 0x1e, 0x00, 0xef, 0x08, 0x98,
-    0x17, 0x9d, 0x6c, 0x6b, 0xf0, 0x2b, 0x2c, 0x42, 0xb4, 0xa8, 0x98, 0xf4,
-    0x8c, 0xdd, 0x9b, 0xa4, 0xad, 0x2b, 0x99, 0xfb, 0x13, 0x3c, 0x5a, 0xce,
-    0x42, 0x49, 0xa6, 0x7b, 0xc3, 0x0e, 0x64, 0x52, 0x49, 0x5c, 0x18, 0x62,
-    0x44, 0xdc, 0x5a, 0xc6, 0x92, 0x8b, 0x1f, 0xf3,
-};
-static const struct drbg_kat_no_reseed kat47_nor_t = {
-    1, kat47_nor_entropyin, kat47_nor_nonce, kat47_nor_persstr,
-    kat47_nor_addin0, kat47_nor_addin1, kat47_nor_retbytes
-};
-static const struct drbg_kat kat47_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat47_nor_t
-};
-
-static const unsigned char kat48_nor_entropyin[] = {
-    0x48, 0xfe, 0xfe, 0x99, 0x7c, 0xef, 0x3b, 0xa2, 0xb7, 0x3e, 0x76, 0xaa,
-    0xf0, 0x03, 0x59, 0x0a,
-};
-static const unsigned char kat48_nor_nonce[] = {
-    0x19, 0xdb, 0x21, 0xe0, 0xd0, 0x5d, 0x99, 0xb9,
-};
-static const unsigned char kat48_nor_persstr[] = {
-    0xd8, 0x17, 0x59, 0xf6, 0xa2, 0x89, 0x2c, 0x5b, 0x2d, 0x51, 0xb8, 0x5f,
-    0x94, 0xd8, 0x98, 0x72,
-};
-static const unsigned char kat48_nor_addin0[] = {
-    0x70, 0x08, 0x42, 0x84, 0x15, 0x73, 0xe6, 0xae, 0xfc, 0x1f, 0xcf, 0x20,
-    0xaa, 0x87, 0x74, 0x16,
-};
-static const unsigned char kat48_nor_addin1[] = {
-    0xa9, 0x1e, 0xfe, 0x14, 0x15, 0xec, 0xfe, 0xe7, 0x1d, 0xf0, 0x68, 0xa1,
-    0x6b, 0xaf, 0x03, 0x4d,
-};
-static const unsigned char kat48_nor_retbytes[] = {
-    0xe6, 0xbe, 0xd7, 0x8b, 0xe0, 0x92, 0x15, 0xd9, 0xd1, 0xbe, 0xb0, 0xb8,
-    0xb0, 0x88, 0x9e, 0x67, 0x79, 0x62, 0xa6, 0x1b, 0xf9, 0x01, 0xdf, 0x09,
-    0xad, 0x8e, 0x36, 0xce, 0xec, 0x05, 0x25, 0x88, 0xb5, 0x7c, 0xdd, 0x44,
-    0x5c, 0xe5, 0xa2, 0xc5, 0x7f, 0xd4, 0x0b, 0x74, 0x32, 0x86, 0x0f, 0xa3,
-    0xc1, 0xc9, 0x78, 0x47, 0xd7, 0x90, 0xab, 0xd5, 0xd7, 0x04, 0xee, 0xfc,
-    0x12, 0xff, 0x16, 0x36, 0xa6, 0xc9, 0x99, 0xc4, 0xda, 0xe9, 0x40, 0x0a,
-    0x7c, 0x96, 0x8e, 0x84, 0xbc, 0x7e, 0xc3, 0xe6,
-};
-static const struct drbg_kat_no_reseed kat48_nor_t = {
-    2, kat48_nor_entropyin, kat48_nor_nonce, kat48_nor_persstr,
-    kat48_nor_addin0, kat48_nor_addin1, kat48_nor_retbytes
-};
-static const struct drbg_kat kat48_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat48_nor_t
-};
-
-static const unsigned char kat49_nor_entropyin[] = {
-    0x31, 0xc4, 0x90, 0x0e, 0x6e, 0x37, 0x25, 0x0a, 0x80, 0xdb, 0x3b, 0x59,
-    0xcb, 0xaa, 0x10, 0xee,
-};
-static const unsigned char kat49_nor_nonce[] = {
-    0x8e, 0x19, 0x4c, 0x49, 0x4a, 0x41, 0x9d, 0x9e,
-};
-static const unsigned char kat49_nor_persstr[] = {
-    0x12, 0x16, 0x74, 0x89, 0x8e, 0x64, 0x77, 0x5d, 0x34, 0x4f, 0x02, 0x2e,
-    0xa6, 0x92, 0xd9, 0xe7,
-};
-static const unsigned char kat49_nor_addin0[] = {
-    0x06, 0x62, 0x0c, 0x19, 0x98, 0xde, 0x33, 0x31, 0xb9, 0x2f, 0x24, 0x09,
-    0xe8, 0x63, 0x58, 0x61,
-};
-static const unsigned char kat49_nor_addin1[] = {
-    0xe0, 0xbc, 0x04, 0x53, 0x44, 0xe4, 0x59, 0x27, 0x36, 0x4b, 0x27, 0xd9,
-    0xfc, 0xa2, 0xc5, 0x3f,
-};
-static const unsigned char kat49_nor_retbytes[] = {
-    0x1b, 0x6e, 0x68, 0xec, 0x91, 0xba, 0x97, 0x08, 0x56, 0x2a, 0xaf, 0x2c,
-    0xe6, 0xe3, 0xb4, 0x99, 0xf4, 0x2a, 0x1b, 0x72, 0xb1, 0x4e, 0x5c, 0x20,
-    0xa8, 0x8e, 0x37, 0x3b, 0x85, 0xcb, 0xff, 0xc9, 0x24, 0xda, 0x24, 0xb4,
-    0xc0, 0x88, 0x36, 0xb7, 0xa8, 0x49, 0x27, 0x06, 0x4e, 0xb0, 0xcc, 0x82,
-    0x4f, 0x2d, 0xfa, 0x0f, 0x5a, 0xa8, 0xd4, 0x80, 0xcb, 0xbf, 0x7c, 0xa7,
-    0x50, 0x8d, 0x96, 0x37, 0x0d, 0x92, 0xa5, 0x9f, 0x81, 0x37, 0xea, 0x39,
-    0x16, 0x7a, 0x37, 0xda, 0x7f, 0x75, 0xc8, 0x9b,
-};
-static const struct drbg_kat_no_reseed kat49_nor_t = {
-    3, kat49_nor_entropyin, kat49_nor_nonce, kat49_nor_persstr,
-    kat49_nor_addin0, kat49_nor_addin1, kat49_nor_retbytes
-};
-static const struct drbg_kat kat49_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat49_nor_t
-};
-
-static const unsigned char kat50_nor_entropyin[] = {
-    0xe8, 0xb4, 0x1a, 0x5a, 0xf5, 0xc4, 0x51, 0x52, 0x82, 0xf3, 0x07, 0x86,
-    0x88, 0xbe, 0x48, 0xa2,
-};
-static const unsigned char kat50_nor_nonce[] = {
-    0x4c, 0x3b, 0x5a, 0x55, 0x9c, 0xec, 0xa5, 0x1d,
-};
-static const unsigned char kat50_nor_persstr[] = {
-    0xcf, 0x1a, 0xd8, 0xf0, 0x83, 0x98, 0x17, 0x06, 0x1b, 0xa5, 0x34, 0xe0,
-    0x04, 0xf6, 0x13, 0x11,
-};
-static const unsigned char kat50_nor_addin0[] = {
-    0x3c, 0x78, 0x3a, 0xa5, 0xe0, 0x96, 0xf5, 0x30, 0x5d, 0x84, 0xaa, 0xef,
-    0x0d, 0xe0, 0x86, 0x5e,
-};
-static const unsigned char kat50_nor_addin1[] = {
-    0x62, 0x27, 0x1e, 0x83, 0x41, 0x72, 0x5f, 0xad, 0xfc, 0x41, 0xef, 0x13,
-    0x64, 0x92, 0xc6, 0xb3,
-};
-static const unsigned char kat50_nor_retbytes[] = {
-    0x48, 0xa1, 0x17, 0x29, 0xd1, 0x98, 0xf9, 0x08, 0x26, 0x90, 0x65, 0xbc,
-    0x85, 0x2d, 0x06, 0x2b, 0x93, 0x32, 0x04, 0x75, 0x35, 0xc0, 0x4d, 0x8c,
-    0x0a, 0xd0, 0xb6, 0xb9, 0x9e, 0x9a, 0x90, 0xe6, 0x86, 0xdf, 0xca, 0x34,
-    0x4d, 0xf6, 0x8c, 0x7b, 0xb7, 0x2e, 0xcb, 0xc7, 0x39, 0x63, 0x45, 0x19,
-    0x07, 0x7f, 0xa6, 0xf1, 0xf0, 0x0e, 0x8d, 0xf4, 0xe3, 0x71, 0x2c, 0xfa,
-    0x79, 0xef, 0x4d, 0x2d, 0x7e, 0x95, 0x00, 0x85, 0x99, 0x4b, 0xd5, 0x53,
-    0x50, 0x2f, 0x67, 0x3f, 0x8f, 0xfe, 0xc1, 0x7a,
-};
-static const struct drbg_kat_no_reseed kat50_nor_t = {
-    4, kat50_nor_entropyin, kat50_nor_nonce, kat50_nor_persstr,
-    kat50_nor_addin0, kat50_nor_addin1, kat50_nor_retbytes
-};
-static const struct drbg_kat kat50_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat50_nor_t
-};
-
-static const unsigned char kat51_nor_entropyin[] = {
-    0xe9, 0x00, 0xd8, 0xf9, 0x80, 0x3f, 0x7f, 0xde, 0xb4, 0xfe, 0x52, 0x22,
-    0xd9, 0x9c, 0xe8, 0xb5,
-};
-static const unsigned char kat51_nor_nonce[] = {
-    0xa5, 0x41, 0x2a, 0x73, 0xd5, 0x9f, 0xfd, 0x2f,
-};
-static const unsigned char kat51_nor_persstr[] = {
-    0x10, 0x52, 0x3f, 0x20, 0xa6, 0x90, 0x46, 0x5f, 0x73, 0x39, 0xf6, 0x6f,
-    0x8d, 0x91, 0xf9, 0xaf,
-};
-static const unsigned char kat51_nor_addin0[] = {
-    0x75, 0x4f, 0xb2, 0xb6, 0x2c, 0xe1, 0x79, 0x1c, 0x0a, 0x17, 0x31, 0xec,
-    0xa8, 0xd0, 0x06, 0xdc,
-};
-static const unsigned char kat51_nor_addin1[] = {
-    0x66, 0xa8, 0xfa, 0x07, 0x27, 0xf4, 0xf8, 0x80, 0xaf, 0xd4, 0x00, 0x65,
-    0x74, 0xa5, 0x1b, 0xd8,
-};
-static const unsigned char kat51_nor_retbytes[] = {
-    0xa7, 0x2c, 0x09, 0xf2, 0x3d, 0xe8, 0xcd, 0xab, 0x9d, 0x60, 0x67, 0xb8,
-    0xee, 0x0d, 0xbc, 0xbb, 0xa9, 0x73, 0x06, 0xad, 0x71, 0x18, 0x60, 0xf7,
-    0x95, 0x8d, 0x4c, 0x58, 0x89, 0xe6, 0x15, 0x49, 0xe3, 0x0f, 0xea, 0x41,
-    0x5a, 0xbc, 0xb6, 0x21, 0x1d, 0x0e, 0xbd, 0xdd, 0x27, 0xda, 0x0c, 0xa1,
-    0x10, 0x4a, 0x4c, 0x58, 0x54, 0x86, 0xea, 0x49, 0x5e, 0xde, 0xa8, 0x72,
-    0x57, 0xd2, 0xb7, 0x54, 0x62, 0x50, 0x45, 0x38, 0xf2, 0x1d, 0x18, 0x03,
-    0xf2, 0x67, 0x91, 0x28, 0xf8, 0xfd, 0xab, 0x7a,
-};
-static const struct drbg_kat_no_reseed kat51_nor_t = {
-    5, kat51_nor_entropyin, kat51_nor_nonce, kat51_nor_persstr,
-    kat51_nor_addin0, kat51_nor_addin1, kat51_nor_retbytes
-};
-static const struct drbg_kat kat51_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat51_nor_t
-};
-
-static const unsigned char kat52_nor_entropyin[] = {
-    0x39, 0x5b, 0x1d, 0xa9, 0x17, 0x18, 0x83, 0x71, 0xad, 0xbb, 0x0d, 0x50,
-    0x27, 0xdf, 0xc2, 0xd8,
-};
-static const unsigned char kat52_nor_nonce[] = {
-    0x77, 0x39, 0xdd, 0x16, 0x0f, 0x53, 0xbf, 0x02,
-};
-static const unsigned char kat52_nor_persstr[] = {
-    0x3e, 0x86, 0x4c, 0x12, 0x87, 0xdc, 0x15, 0xee, 0x2c, 0x58, 0x5f, 0xae,
-    0xd1, 0x22, 0x26, 0xc5,
-};
-static const unsigned char kat52_nor_addin0[] = {
-    0xb4, 0x06, 0xd8, 0xb8, 0x9f, 0x3d, 0x60, 0x25, 0x60, 0x25, 0x7f, 0xa4,
-    0x76, 0x03, 0x16, 0xe1,
-};
-static const unsigned char kat52_nor_addin1[] = {
-    0x94, 0xb7, 0x2e, 0x35, 0x5f, 0xd1, 0x2a, 0x08, 0x34, 0xcd, 0x24, 0x48,
-    0xf4, 0x34, 0x3d, 0x16,
-};
-static const unsigned char kat52_nor_retbytes[] = {
-    0xe0, 0xa3, 0xa7, 0xc3, 0x6b, 0x94, 0x61, 0xa0, 0x3f, 0x75, 0x35, 0x6e,
-    0x58, 0x8b, 0x64, 0x34, 0xc1, 0xea, 0x08, 0xd9, 0x16, 0x83, 0x58, 0xc8,
-    0x28, 0x7e, 0x7a, 0x3d, 0x99, 0xfc, 0x15, 0x53, 0x0e, 0x15, 0x61, 0xd3,
-    0x12, 0xc7, 0x41, 0xdf, 0x9e, 0x8f, 0xac, 0x58, 0x29, 0x9e, 0xbd, 0xe1,
-    0x8f, 0xc9, 0x0a, 0xd8, 0xa9, 0x52, 0xc8, 0x98, 0x4e, 0xf3, 0x1d, 0xcd,
-    0xc9, 0xa6, 0x02, 0x3d, 0x5e, 0xdb, 0x4b, 0xc3, 0x93, 0xb3, 0x79, 0xfe,
-    0xb9, 0xa9, 0x18, 0x89, 0x8d, 0x8c, 0x46, 0x8e,
-};
-static const struct drbg_kat_no_reseed kat52_nor_t = {
-    6, kat52_nor_entropyin, kat52_nor_nonce, kat52_nor_persstr,
-    kat52_nor_addin0, kat52_nor_addin1, kat52_nor_retbytes
-};
-static const struct drbg_kat kat52_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat52_nor_t
-};
-
-static const unsigned char kat53_nor_entropyin[] = {
-    0x0a, 0xcd, 0x1d, 0xa3, 0xcf, 0xeb, 0xd6, 0xc6, 0x6d, 0x4f, 0x2a, 0xc3,
-    0x6a, 0xec, 0x6d, 0xee,
-};
-static const unsigned char kat53_nor_nonce[] = {
-    0xfb, 0xa4, 0xc2, 0x00, 0xff, 0x69, 0x1b, 0xcc,
-};
-static const unsigned char kat53_nor_persstr[] = {
-    0x6a, 0xfc, 0xa0, 0x03, 0x4d, 0xbc, 0xf6, 0x32, 0xc8, 0x15, 0xe3, 0x3e,
-    0x69, 0xf7, 0x33, 0x40,
-};
-static const unsigned char kat53_nor_addin0[] = {
-    0x0f, 0x3d, 0xea, 0xdd, 0xdf, 0x2c, 0x53, 0xbf, 0xee, 0xdb, 0x47, 0xfe,
-    0xd1, 0x0c, 0xf4, 0xe3,
-};
-static const unsigned char kat53_nor_addin1[] = {
-    0x32, 0x6e, 0xd6, 0x10, 0xfe, 0x03, 0x8f, 0x5f, 0x16, 0x8c, 0xf7, 0xee,
-    0x4a, 0x1e, 0xf3, 0x8e,
-};
-static const unsigned char kat53_nor_retbytes[] = {
-    0xa6, 0x5e, 0xf7, 0x22, 0xc9, 0x17, 0x21, 0xba, 0xf5, 0xe6, 0x09, 0xea,
-    0x12, 0x9a, 0x32, 0x11, 0xd0, 0x5c, 0x53, 0x67, 0x7a, 0x57, 0x6a, 0xc5,
-    0x55, 0x2e, 0x0d, 0x03, 0x2c, 0xa1, 0x72, 0x28, 0xa1, 0xa6, 0xce, 0xdc,
-    0x41, 0xa0, 0x6e, 0x5a, 0xdd, 0x7d, 0x9c, 0x44, 0xc4, 0x11, 0x10, 0xaf,
-    0xdf, 0x5f, 0xa2, 0x7f, 0x9c, 0xd4, 0xb4, 0xfd, 0x1b, 0x65, 0xc7, 0xa3,
-    0x46, 0xc3, 0x9f, 0xc3, 0xc2, 0x2d, 0x1e, 0x04, 0x2e, 0x39, 0x6a, 0xe1,
-    0x96, 0x28, 0xb2, 0xee, 0x4f, 0x3c, 0xb5, 0xd9,
-};
-static const struct drbg_kat_no_reseed kat53_nor_t = {
-    7, kat53_nor_entropyin, kat53_nor_nonce, kat53_nor_persstr,
-    kat53_nor_addin0, kat53_nor_addin1, kat53_nor_retbytes
-};
-static const struct drbg_kat kat53_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat53_nor_t
-};
-
-static const unsigned char kat54_nor_entropyin[] = {
-    0xe9, 0x49, 0x29, 0x67, 0xa0, 0x6e, 0x84, 0xc8, 0x0b, 0xd0, 0x49, 0xfe,
-    0x9f, 0x2d, 0x08, 0xa7,
-};
-static const unsigned char kat54_nor_nonce[] = {
-    0x28, 0x7d, 0x30, 0xdc, 0x97, 0x2f, 0xfc, 0x8c,
-};
-static const unsigned char kat54_nor_persstr[] = {
-    0xfa, 0x60, 0xa8, 0x94, 0xd9, 0x95, 0x5f, 0xd1, 0x4d, 0x36, 0x8a, 0xef,
-    0xcb, 0xe5, 0x0e, 0x67,
-};
-static const unsigned char kat54_nor_addin0[] = {
-    0xba, 0xe9, 0xd7, 0x92, 0xa1, 0xd6, 0x67, 0xfa, 0xdb, 0xee, 0xfe, 0x98,
-    0xd6, 0x45, 0x78, 0x0e,
-};
-static const unsigned char kat54_nor_addin1[] = {
-    0x41, 0x82, 0x02, 0x16, 0x0d, 0x92, 0xcb, 0x59, 0xd1, 0xe7, 0x37, 0x88,
-    0x38, 0x64, 0x3c, 0x1e,
-};
-static const unsigned char kat54_nor_retbytes[] = {
-    0xa6, 0xdb, 0xef, 0xea, 0xf6, 0xf8, 0x59, 0xd7, 0xac, 0x41, 0x37, 0xaf,
-    0x79, 0x8c, 0xaa, 0x8f, 0xbb, 0x4f, 0xa2, 0xfb, 0xe4, 0x96, 0x98, 0x6c,
-    0xdc, 0x8c, 0x86, 0xba, 0xbc, 0x72, 0xb1, 0x65, 0x5e, 0x98, 0xe5, 0x2c,
-    0x40, 0xf6, 0x66, 0x81, 0xc4, 0xd4, 0xcb, 0x13, 0x19, 0xb3, 0xcf, 0xa9,
-    0x7d, 0xa7, 0x33, 0x33, 0x10, 0x9c, 0xe4, 0x14, 0xce, 0x41, 0xc9, 0x3b,
-    0x1e, 0x62, 0x76, 0x7f, 0xd2, 0x6a, 0x75, 0x7e, 0xb8, 0x2d, 0xce, 0x2d,
-    0x44, 0x54, 0xf8, 0xe9, 0xdf, 0xfb, 0x79, 0x1f,
-};
-static const struct drbg_kat_no_reseed kat54_nor_t = {
-    8, kat54_nor_entropyin, kat54_nor_nonce, kat54_nor_persstr,
-    kat54_nor_addin0, kat54_nor_addin1, kat54_nor_retbytes
-};
-static const struct drbg_kat kat54_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat54_nor_t
-};
-
-static const unsigned char kat55_nor_entropyin[] = {
-    0x3a, 0x65, 0x5b, 0x77, 0x52, 0x7c, 0x15, 0x24, 0xaa, 0x13, 0xc7, 0x1a,
-    0x3d, 0x9e, 0x19, 0x16,
-};
-static const unsigned char kat55_nor_nonce[] = {
-    0x66, 0x12, 0xc7, 0x46, 0xe4, 0xbc, 0xc0, 0xef,
-};
-static const unsigned char kat55_nor_persstr[] = {
-    0x8a, 0x1c, 0x40, 0x2e, 0x8a, 0xbc, 0x71, 0xff, 0x11, 0xd7, 0xe4, 0x73,
-    0x8f, 0x14, 0xb0, 0x0f,
-};
-static const unsigned char kat55_nor_addin0[] = {
-    0x39, 0xaf, 0x3c, 0xe9, 0x9e, 0xb8, 0xe9, 0xea, 0x59, 0x64, 0x31, 0x0c,
-    0x27, 0xc5, 0x06, 0x73,
-};
-static const unsigned char kat55_nor_addin1[] = {
-    0xb3, 0x35, 0x3b, 0xf5, 0x22, 0xfd, 0xf8, 0xca, 0x87, 0xe8, 0x40, 0x66,
-    0x5d, 0xb7, 0x3a, 0x1e,
-};
-static const unsigned char kat55_nor_retbytes[] = {
-    0x2b, 0xe2, 0x93, 0x38, 0xc9, 0x15, 0xbd, 0x42, 0x39, 0x7d, 0x73, 0x90,
-    0x7d, 0x70, 0xf5, 0xd9, 0x5b, 0xa9, 0xbf, 0xf4, 0x99, 0xd1, 0x1f, 0x7a,
-    0x27, 0x39, 0x9d, 0xb6, 0x64, 0x70, 0xe2, 0x65, 0x98, 0xcd, 0xac, 0xb5,
-    0xab, 0x06, 0xd1, 0xd1, 0x37, 0x57, 0x04, 0x3c, 0x8d, 0xbf, 0x56, 0xa0,
-    0x5d, 0x30, 0x39, 0x2c, 0xc3, 0xb2, 0x1f, 0x42, 0x10, 0xcc, 0x14, 0x16,
-    0x52, 0xea, 0x42, 0xb0, 0x2e, 0x4b, 0x95, 0x7c, 0x84, 0x6e, 0xfd, 0x21,
-    0x4a, 0x4b, 0xe0, 0xf0, 0x15, 0xb5, 0x14, 0xd0,
-};
-static const struct drbg_kat_no_reseed kat55_nor_t = {
-    9, kat55_nor_entropyin, kat55_nor_nonce, kat55_nor_persstr,
-    kat55_nor_addin0, kat55_nor_addin1, kat55_nor_retbytes
-};
-static const struct drbg_kat kat55_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat55_nor_t
-};
-
-static const unsigned char kat56_nor_entropyin[] = {
-    0x12, 0x42, 0x0e, 0xb0, 0x2f, 0xd4, 0x38, 0x32, 0x63, 0x81, 0x49, 0x68,
-    0xdc, 0xf6, 0x07, 0x91,
-};
-static const unsigned char kat56_nor_nonce[] = {
-    0x37, 0x7a, 0x3f, 0xca, 0xa2, 0x67, 0x0b, 0x8b,
-};
-static const unsigned char kat56_nor_persstr[] = {
-    0x4e, 0xfc, 0x59, 0x26, 0xbd, 0x99, 0x9a, 0xd4, 0x6c, 0x30, 0xe9, 0xbc,
-    0x72, 0x96, 0xb2, 0xba,
-};
-static const unsigned char kat56_nor_addin0[] = {
-    0x5c, 0x68, 0xc0, 0xf0, 0x79, 0x11, 0x04, 0x76, 0xc1, 0x48, 0x77, 0xc5,
-    0xfd, 0xed, 0x2b, 0x7f,
-};
-static const unsigned char kat56_nor_addin1[] = {
-    0x3f, 0x17, 0x47, 0xb2, 0xa6, 0x4b, 0xb3, 0x71, 0xeb, 0x56, 0x6a, 0x02,
-    0x04, 0xc8, 0x2e, 0x7b,
-};
-static const unsigned char kat56_nor_retbytes[] = {
-    0x1d, 0x73, 0x39, 0x29, 0x28, 0x43, 0x8d, 0xa9, 0xe9, 0xf7, 0xa2, 0x8f,
-    0xff, 0x33, 0x32, 0x74, 0x6f, 0x7f, 0xf9, 0x05, 0x58, 0xc9, 0x87, 0x38,
-    0x33, 0x05, 0xc8, 0xdb, 0x81, 0x75, 0xc9, 0x01, 0x2d, 0xeb, 0xda, 0xf7,
-    0x36, 0x59, 0xfd, 0xb4, 0xc4, 0x04, 0x17, 0xb5, 0xd8, 0xda, 0xa4, 0xfe,
-    0xf8, 0xb4, 0x26, 0x96, 0x35, 0x9f, 0x05, 0x58, 0x45, 0x42, 0xd1, 0x47,
-    0x21, 0xd6, 0x8f, 0x8c, 0xa7, 0x80, 0x7b, 0x75, 0x1d, 0x64, 0x9e, 0xf2,
-    0x4e, 0xb4, 0x29, 0x46, 0xc1, 0xc5, 0x00, 0x3c,
-};
-static const struct drbg_kat_no_reseed kat56_nor_t = {
-    10, kat56_nor_entropyin, kat56_nor_nonce, kat56_nor_persstr,
-    kat56_nor_addin0, kat56_nor_addin1, kat56_nor_retbytes
-};
-static const struct drbg_kat kat56_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat56_nor_t
-};
-
-static const unsigned char kat57_nor_entropyin[] = {
-    0x84, 0x7b, 0x94, 0xcb, 0xbf, 0xf8, 0xbc, 0xe7, 0x09, 0x53, 0x0a, 0xa0,
-    0x19, 0xd1, 0x02, 0x81,
-};
-static const unsigned char kat57_nor_nonce[] = {
-    0xf1, 0x26, 0x6d, 0x65, 0x2c, 0x32, 0x7a, 0xa5,
-};
-static const unsigned char kat57_nor_persstr[] = {
-    0xaf, 0x28, 0xaf, 0x29, 0x7a, 0xb2, 0x98, 0xa8, 0x38, 0x61, 0x6f, 0x1f,
-    0xdd, 0xe1, 0xce, 0xed,
-};
-static const unsigned char kat57_nor_addin0[] = {
-    0x09, 0x33, 0x4c, 0xe2, 0x3d, 0xf4, 0xcf, 0x76, 0x29, 0x79, 0x4a, 0xc0,
-    0x16, 0xd4, 0xab, 0x61,
-};
-static const unsigned char kat57_nor_addin1[] = {
-    0x59, 0x2f, 0x2a, 0x1f, 0x07, 0x5a, 0xe6, 0x9f, 0x31, 0x08, 0x27, 0xd1,
-    0x5e, 0xb2, 0xd6, 0xc9,
-};
-static const unsigned char kat57_nor_retbytes[] = {
-    0x00, 0x35, 0x68, 0x4b, 0x66, 0xbd, 0x9e, 0x73, 0xcb, 0x23, 0xfb, 0x04,
-    0xfd, 0x47, 0xc4, 0xe1, 0xf3, 0x54, 0x67, 0x03, 0x1a, 0xcf, 0x05, 0xdc,
-    0xd9, 0x77, 0x1a, 0x81, 0x93, 0x18, 0x0d, 0x7c, 0x69, 0xbf, 0x87, 0x52,
-    0x1a, 0x1d, 0xf1, 0x9b, 0xf8, 0x47, 0xc6, 0x59, 0xa6, 0xc4, 0xcd, 0xbc,
-    0x0c, 0x21, 0xe2, 0xb9, 0xcb, 0x26, 0x03, 0x4c, 0xcc, 0xb9, 0x02, 0x56,
-    0x3d, 0x16, 0xc6, 0x3f, 0x39, 0x31, 0x4d, 0x8c, 0xb5, 0x95, 0x04, 0x87,
-    0xbc, 0x37, 0x8f, 0x77, 0x5b, 0x8c, 0xfd, 0x8f,
-};
-static const struct drbg_kat_no_reseed kat57_nor_t = {
-    11, kat57_nor_entropyin, kat57_nor_nonce, kat57_nor_persstr,
-    kat57_nor_addin0, kat57_nor_addin1, kat57_nor_retbytes
-};
-static const struct drbg_kat kat57_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat57_nor_t
-};
-
-static const unsigned char kat58_nor_entropyin[] = {
-    0x3d, 0xaf, 0x9f, 0x11, 0x0b, 0xfe, 0x02, 0xbb, 0x4b, 0x1c, 0xad, 0xb6,
-    0x1f, 0x79, 0xda, 0x85,
-};
-static const unsigned char kat58_nor_nonce[] = {
-    0x1a, 0x0e, 0x5f, 0x88, 0xd5, 0x0f, 0xd8, 0x6e,
-};
-static const unsigned char kat58_nor_persstr[] = {
-    0x16, 0xb3, 0x20, 0xd8, 0xbf, 0x28, 0xc7, 0x26, 0x42, 0xaa, 0x32, 0xd4,
-    0xd9, 0x79, 0x8c, 0x4b,
-};
-static const unsigned char kat58_nor_addin0[] = {
-    0x15, 0x3a, 0xb4, 0x30, 0xf0, 0x75, 0x06, 0x59, 0xfd, 0xff, 0xa6, 0xf9,
-    0x8c, 0x6e, 0xa9, 0xf6,
-};
-static const unsigned char kat58_nor_addin1[] = {
-    0x7e, 0xb0, 0xd6, 0x25, 0x9b, 0x23, 0x7b, 0x7c, 0x38, 0x72, 0x8f, 0xe7,
-    0x64, 0x9e, 0x64, 0x3f,
-};
-static const unsigned char kat58_nor_retbytes[] = {
-    0x92, 0xd0, 0x66, 0xeb, 0x16, 0xcb, 0x87, 0x53, 0x63, 0x08, 0x88, 0xe4,
-    0x40, 0x18, 0x59, 0x28, 0x80, 0xc6, 0x25, 0x35, 0x76, 0x53, 0x1d, 0x90,
-    0xd0, 0x42, 0xd1, 0xbe, 0x96, 0x71, 0xc1, 0xb7, 0x8c, 0xb8, 0x42, 0x61,
-    0xb5, 0xce, 0x0b, 0x12, 0xf3, 0xfc, 0x1e, 0x12, 0xa8, 0x8f, 0x97, 0x99,
-    0xcb, 0xa1, 0xa8, 0xa0, 0x5b, 0x1c, 0xb0, 0xc5, 0x89, 0x25, 0xa7, 0x91,
-    0x3a, 0xb2, 0x74, 0xf8, 0x75, 0xcc, 0x71, 0xc4, 0x74, 0x03, 0xfb, 0x24,
-    0x2f, 0x85, 0xae, 0x85, 0x8e, 0xc5, 0x85, 0x05,
-};
-static const struct drbg_kat_no_reseed kat58_nor_t = {
-    12, kat58_nor_entropyin, kat58_nor_nonce, kat58_nor_persstr,
-    kat58_nor_addin0, kat58_nor_addin1, kat58_nor_retbytes
-};
-static const struct drbg_kat kat58_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat58_nor_t
-};
-
-static const unsigned char kat59_nor_entropyin[] = {
-    0xdd, 0x71, 0x99, 0x3a, 0xb8, 0xd7, 0xf4, 0xde, 0x58, 0xf4, 0xa9, 0x4a,
-    0xec, 0xb0, 0x96, 0x2a,
-};
-static const unsigned char kat59_nor_nonce[] = {
-    0xb6, 0x17, 0xbe, 0x93, 0x44, 0x50, 0x43, 0x1b,
-};
-static const unsigned char kat59_nor_persstr[] = {
-    0x84, 0xc6, 0x95, 0xd8, 0x3b, 0xc7, 0xd5, 0xef, 0x90, 0x2a, 0x58, 0x3b,
-    0xd7, 0x99, 0xf2, 0xb8,
-};
-static const unsigned char kat59_nor_addin0[] = {
-    0x13, 0xee, 0x6c, 0xce, 0xd4, 0x02, 0xef, 0x8c, 0x85, 0x43, 0xec, 0x3a,
-    0xc1, 0x6a, 0x38, 0xc6,
-};
-static const unsigned char kat59_nor_addin1[] = {
-    0x9d, 0x0a, 0x0f, 0xc6, 0x78, 0x84, 0x98, 0x60, 0x32, 0x05, 0x68, 0xf9,
-    0xb1, 0x90, 0x53, 0xf9,
-};
-static const unsigned char kat59_nor_retbytes[] = {
-    0xfb, 0xda, 0x06, 0x0b, 0xd0, 0xd0, 0x0b, 0x0c, 0x31, 0xc8, 0xcd, 0x13,
-    0x50, 0x7c, 0x36, 0x57, 0x9e, 0x6a, 0xf5, 0xe1, 0x56, 0xc9, 0x6b, 0xd8,
-    0x60, 0x64, 0x6b, 0x83, 0xe8, 0x1c, 0x24, 0x37, 0xf6, 0x36, 0xde, 0xba,
-    0x7b, 0x2e, 0xf6, 0xe5, 0x95, 0x8f, 0xb3, 0xda, 0xe2, 0x65, 0x93, 0x44,
-    0x76, 0xa6, 0x54, 0x99, 0x0d, 0x08, 0x92, 0x6d, 0xee, 0xde, 0xcf, 0x1e,
-    0x43, 0xa4, 0x1f, 0xfb, 0x61, 0xbc, 0xad, 0x56, 0x0d, 0xcb, 0xce, 0x85,
-    0x8c, 0x6a, 0xc3, 0xf7, 0x48, 0x95, 0x56, 0x60,
-};
-static const struct drbg_kat_no_reseed kat59_nor_t = {
-    13, kat59_nor_entropyin, kat59_nor_nonce, kat59_nor_persstr,
-    kat59_nor_addin0, kat59_nor_addin1, kat59_nor_retbytes
-};
-static const struct drbg_kat kat59_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat59_nor_t
-};
-
-static const unsigned char kat60_nor_entropyin[] = {
-    0xd7, 0x7f, 0xf8, 0x6d, 0x65, 0x3f, 0x38, 0x97, 0x53, 0x22, 0xd0, 0xb7,
-    0xf1, 0xc0, 0x2b, 0x6b,
-};
-static const unsigned char kat60_nor_nonce[] = {
-    0x4b, 0x2d, 0x2a, 0x31, 0xb1, 0x36, 0x7c, 0x86,
-};
-static const unsigned char kat60_nor_persstr[] = {
-    0x84, 0x21, 0x08, 0xe0, 0x74, 0xfd, 0xea, 0x38, 0x7c, 0xfe, 0x71, 0x52,
-    0x6e, 0xaa, 0xc9, 0xb4,
-};
-static const unsigned char kat60_nor_addin0[] = {
-    0xe4, 0x88, 0xe1, 0x6f, 0x48, 0xc6, 0x1d, 0xd2, 0x15, 0x2a, 0xfe, 0x92,
-    0x5e, 0xce, 0xee, 0x92,
-};
-static const unsigned char kat60_nor_addin1[] = {
-    0x12, 0xc6, 0x92, 0xab, 0xd9, 0x0a, 0xb4, 0x85, 0xf4, 0xd9, 0x49, 0x96,
-    0x80, 0xa6, 0x89, 0x3f,
-};
-static const unsigned char kat60_nor_retbytes[] = {
-    0x8b, 0xa0, 0x46, 0x17, 0xa1, 0x35, 0xd8, 0xab, 0xe0, 0xc3, 0xc0, 0xa1,
-    0x70, 0xe7, 0x47, 0x2e, 0x7e, 0xd7, 0x50, 0xea, 0xc7, 0x06, 0xe5, 0xc3,
-    0xed, 0x83, 0x05, 0xd6, 0xf6, 0xf8, 0xa1, 0xa5, 0x3e, 0x0c, 0x52, 0xd4,
-    0x85, 0x3b, 0x21, 0xab, 0x89, 0x51, 0xe8, 0x09, 0x70, 0xb4, 0x26, 0x00,
-    0x8a, 0xe1, 0x19, 0x52, 0xff, 0x36, 0x48, 0x17, 0xb6, 0x85, 0x6e, 0xf0,
-    0x81, 0x08, 0x60, 0xdc, 0x65, 0xfa, 0xea, 0x48, 0x7b, 0x5d, 0x7c, 0x3f,
-    0x3d, 0x63, 0xfd, 0x44, 0x37, 0x56, 0xd2, 0xa8,
-};
-static const struct drbg_kat_no_reseed kat60_nor_t = {
-    14, kat60_nor_entropyin, kat60_nor_nonce, kat60_nor_persstr,
-    kat60_nor_addin0, kat60_nor_addin1, kat60_nor_retbytes
-};
-static const struct drbg_kat kat60_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat60_nor_t
-};
-
-static const unsigned char kat61_nor_entropyin[] = {
-    0x66, 0xb3, 0xc7, 0x8f, 0xa8, 0xc8, 0x6d, 0xd8, 0x91, 0xaa, 0xb0, 0xe5,
-    0x3f, 0x36, 0x06, 0xde,
-};
-static const unsigned char kat61_nor_nonce[] = {
-    0x84, 0x14, 0x2c, 0x2d, 0x1f, 0x1c, 0xda, 0x88,
-};
-static const unsigned char kat61_nor_persstr[] = {0};
-static const unsigned char kat61_nor_addin0[] = {0};
-static const unsigned char kat61_nor_addin1[] = {0};
-static const unsigned char kat61_nor_retbytes[] = {
-    0xe6, 0x0d, 0x83, 0xed, 0x6b, 0xbe, 0x75, 0x35, 0x1f, 0x2f, 0xbd, 0x35,
-    0x6a, 0x4b, 0xc8, 0x90, 0x4b, 0x97, 0x0d, 0x45, 0x98, 0x2e, 0xde, 0xb8,
-    0x98, 0xd0, 0xf2, 0xe6, 0xf4, 0x70, 0x7f, 0xaf, 0x49, 0x74, 0x71, 0xc3,
-    0xdf, 0x74, 0x60, 0x78, 0x3e, 0x4b, 0xef, 0xf0, 0x01, 0x5d, 0x23, 0xd8,
-    0xc7, 0xba, 0x27, 0x0b, 0x6f, 0x56, 0x2c, 0x4a, 0x7b, 0x76, 0xc0, 0x69,
-    0x0b, 0x26, 0x09, 0xad, 0xe3, 0xfe, 0x37, 0x2b, 0x53, 0xf1, 0xc5, 0xff,
-    0x4d, 0x5f, 0x0d, 0xd9, 0xa3, 0x96, 0x68, 0x25,
-};
-static const struct drbg_kat_no_reseed kat61_nor_t = {
-    0, kat61_nor_entropyin, kat61_nor_nonce, kat61_nor_persstr,
-    kat61_nor_addin0, kat61_nor_addin1, kat61_nor_retbytes
-};
-static const struct drbg_kat kat61_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat61_nor_t
-};
-
-static const unsigned char kat62_nor_entropyin[] = {
-    0x22, 0xbf, 0x7d, 0x4b, 0x28, 0xe0, 0xb0, 0xcd, 0x26, 0x3c, 0x11, 0x4e,
-    0x59, 0x4c, 0xe5, 0xa1,
-};
-static const unsigned char kat62_nor_nonce[] = {
-    0x20, 0x9e, 0xab, 0x89, 0x79, 0xe7, 0xb5, 0x9a,
-};
-static const unsigned char kat62_nor_persstr[] = {0};
-static const unsigned char kat62_nor_addin0[] = {0};
-static const unsigned char kat62_nor_addin1[] = {0};
-static const unsigned char kat62_nor_retbytes[] = {
-    0x4c, 0xa3, 0xbb, 0x37, 0xcf, 0x63, 0xc5, 0x89, 0xed, 0xfd, 0x06, 0x2a,
-    0xbd, 0x77, 0x11, 0x65, 0x42, 0xb5, 0xb7, 0x53, 0xc3, 0xcd, 0xca, 0x97,
-    0x49, 0x7e, 0xb6, 0xe1, 0x3b, 0xea, 0xed, 0xde, 0x8c, 0x43, 0xbe, 0xed,
-    0xbc, 0xf9, 0xa7, 0x2c, 0xc8, 0x71, 0x50, 0x70, 0xcb, 0xdd, 0xf0, 0xf6,
-    0xdd, 0xc6, 0x14, 0x69, 0x71, 0xb2, 0x2c, 0xcd, 0xb1, 0xe3, 0xc9, 0xee,
-    0x73, 0x0d, 0xa1, 0xb2, 0x12, 0x6b, 0xff, 0x2c, 0x3c, 0xb0, 0xef, 0xab,
-    0xc8, 0x71, 0xfe, 0xa4, 0x94, 0x70, 0xa7, 0xcb,
-};
-static const struct drbg_kat_no_reseed kat62_nor_t = {
-    1, kat62_nor_entropyin, kat62_nor_nonce, kat62_nor_persstr,
-    kat62_nor_addin0, kat62_nor_addin1, kat62_nor_retbytes
-};
-static const struct drbg_kat kat62_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat62_nor_t
-};
-
-static const unsigned char kat63_nor_entropyin[] = {
-    0x20, 0x80, 0x7f, 0x2c, 0x0e, 0x86, 0x55, 0x14, 0xf6, 0xfc, 0xdb, 0xbb,
-    0xaa, 0xc5, 0x98, 0x95,
-};
-static const unsigned char kat63_nor_nonce[] = {
-    0xe6, 0x0b, 0xaa, 0x00, 0x3c, 0x2c, 0x18, 0xd5,
-};
-static const unsigned char kat63_nor_persstr[] = {0};
-static const unsigned char kat63_nor_addin0[] = {0};
-static const unsigned char kat63_nor_addin1[] = {0};
-static const unsigned char kat63_nor_retbytes[] = {
-    0xff, 0x89, 0x7d, 0x95, 0x7d, 0x8b, 0xe8, 0x63, 0x91, 0x54, 0x61, 0x29,
-    0xce, 0x6c, 0x98, 0xdd, 0xc4, 0x38, 0x06, 0x78, 0x4c, 0x24, 0xa0, 0xd3,
-    0xcb, 0x30, 0x80, 0xe9, 0xea, 0xc3, 0xc2, 0x06, 0x05, 0xff, 0x6d, 0x1c,
-    0xaa, 0x24, 0xbd, 0x03, 0x8d, 0x8b, 0x68, 0x3f, 0x07, 0xb2, 0x4f, 0x38,
-    0x46, 0xac, 0xa8, 0x23, 0x65, 0x81, 0xb4, 0xc4, 0xd0, 0x4e, 0xb8, 0xb8,
-    0x70, 0x20, 0xc0, 0x7b, 0x55, 0x88, 0x83, 0x47, 0xa2, 0x63, 0x82, 0xd6,
-    0x2f, 0x9d, 0x10, 0xd4, 0x12, 0x1a, 0x21, 0xc9,
-};
-static const struct drbg_kat_no_reseed kat63_nor_t = {
-    2, kat63_nor_entropyin, kat63_nor_nonce, kat63_nor_persstr,
-    kat63_nor_addin0, kat63_nor_addin1, kat63_nor_retbytes
-};
-static const struct drbg_kat kat63_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat63_nor_t
-};
-
-static const unsigned char kat64_nor_entropyin[] = {
-    0xbe, 0x8d, 0x9f, 0xec, 0x6b, 0x80, 0x91, 0x4c, 0x70, 0xa9, 0xc2, 0x8e,
-    0xa6, 0xbf, 0xe7, 0xc4,
-};
-static const unsigned char kat64_nor_nonce[] = {
-    0xd6, 0xf7, 0xda, 0x93, 0xc2, 0x69, 0x33, 0x41,
-};
-static const unsigned char kat64_nor_persstr[] = {0};
-static const unsigned char kat64_nor_addin0[] = {0};
-static const unsigned char kat64_nor_addin1[] = {0};
-static const unsigned char kat64_nor_retbytes[] = {
-    0x7a, 0xab, 0x1f, 0x40, 0x8b, 0x87, 0x1a, 0x49, 0x4b, 0x9d, 0xf4, 0x22,
-    0x08, 0xd8, 0x3b, 0xfe, 0xf1, 0xba, 0x64, 0x76, 0xa5, 0x1c, 0xc2, 0xf3,
-    0xb7, 0x08, 0x96, 0x81, 0x6b, 0x1c, 0x1e, 0x41, 0x0d, 0x50, 0x6a, 0xac,
-    0xd3, 0xe1, 0xf8, 0x91, 0x6d, 0xc8, 0xbe, 0x0b, 0xce, 0x42, 0xf9, 0x86,
-    0xf6, 0x7b, 0xd2, 0xf9, 0xf0, 0x23, 0x95, 0xfb, 0xa1, 0xff, 0xe4, 0x99,
-    0xe5, 0xee, 0xf7, 0x0b, 0x3b, 0xf7, 0x43, 0xf5, 0x19, 0xfd, 0x8c, 0xa1,
-    0xdb, 0x69, 0x4f, 0x89, 0x70, 0xf8, 0x24, 0x21,
-};
-static const struct drbg_kat_no_reseed kat64_nor_t = {
-    3, kat64_nor_entropyin, kat64_nor_nonce, kat64_nor_persstr,
-    kat64_nor_addin0, kat64_nor_addin1, kat64_nor_retbytes
-};
-static const struct drbg_kat kat64_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat64_nor_t
-};
-
-static const unsigned char kat65_nor_entropyin[] = {
-    0x29, 0x58, 0x12, 0x8d, 0xf4, 0x64, 0x9e, 0x1a, 0xe1, 0xf0, 0xdd, 0x5d,
-    0xd3, 0x74, 0x0c, 0xe9,
-};
-static const unsigned char kat65_nor_nonce[] = {
-    0x18, 0x1c, 0xe1, 0x94, 0xbb, 0x3a, 0xa4, 0xec,
-};
-static const unsigned char kat65_nor_persstr[] = {0};
-static const unsigned char kat65_nor_addin0[] = {0};
-static const unsigned char kat65_nor_addin1[] = {0};
-static const unsigned char kat65_nor_retbytes[] = {
-    0xb7, 0xcd, 0xa6, 0xec, 0x47, 0xed, 0x3f, 0xf8, 0xda, 0xfb, 0x78, 0xed,
-    0x04, 0xfc, 0x5c, 0x0e, 0xc2, 0xd6, 0xcc, 0xb1, 0x86, 0x94, 0x22, 0x66,
-    0x5d, 0xc4, 0xbd, 0xf9, 0x84, 0x25, 0x96, 0xee, 0xe0, 0x0f, 0xd5, 0x93,
-    0x4d, 0xc1, 0x7c, 0xbb, 0x17, 0xc5, 0x7f, 0xb9, 0x70, 0xce, 0x9a, 0x9b,
-    0xdf, 0xdc, 0xa7, 0x5a, 0xaa, 0xa4, 0x26, 0x3a, 0x87, 0x5a, 0x2e, 0xd0,
-    0x12, 0xb6, 0xd5, 0x60, 0x49, 0xf1, 0x3b, 0x51, 0xe2, 0xa4, 0x4a, 0xcb,
-    0x37, 0xf9, 0x22, 0xf8, 0xd1, 0x3a, 0x4d, 0x19,
-};
-static const struct drbg_kat_no_reseed kat65_nor_t = {
-    4, kat65_nor_entropyin, kat65_nor_nonce, kat65_nor_persstr,
-    kat65_nor_addin0, kat65_nor_addin1, kat65_nor_retbytes
-};
-static const struct drbg_kat kat65_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat65_nor_t
-};
-
-static const unsigned char kat66_nor_entropyin[] = {
-    0x91, 0xea, 0xff, 0xb7, 0xb6, 0x3f, 0x5d, 0xba, 0x78, 0x24, 0xd5, 0x62,
-    0xf8, 0x63, 0xb0, 0x53,
-};
-static const unsigned char kat66_nor_nonce[] = {
-    0xfe, 0x53, 0x0c, 0xa5, 0xb6, 0xe3, 0x24, 0x3f,
-};
-static const unsigned char kat66_nor_persstr[] = {0};
-static const unsigned char kat66_nor_addin0[] = {0};
-static const unsigned char kat66_nor_addin1[] = {0};
-static const unsigned char kat66_nor_retbytes[] = {
-    0xea, 0x37, 0x08, 0xf5, 0x6e, 0x3a, 0x51, 0x5b, 0x5e, 0xef, 0x9e, 0x36,
-    0x1c, 0x4e, 0x0a, 0x8c, 0x38, 0x5f, 0x38, 0xc1, 0x7e, 0x82, 0x16, 0xf4,
-    0x2a, 0x2d, 0xb5, 0x8e, 0x4c, 0xe5, 0xb4, 0x8c, 0x75, 0x21, 0xb2, 0xff,
-    0xdf, 0xe2, 0xe0, 0xbe, 0x55, 0xd4, 0x30, 0x15, 0x0b, 0x6a, 0x21, 0x21,
-    0xde, 0x11, 0xca, 0x71, 0x97, 0x16, 0x7e, 0xc0, 0xd3, 0xbd, 0x63, 0x83,
-    0xbe, 0x4b, 0x3b, 0x47, 0xd9, 0xc5, 0x7f, 0xc2, 0x24, 0x08, 0x8d, 0x05,
-    0x01, 0x14, 0x75, 0x71, 0x15, 0xee, 0xe0, 0x02,
-};
-static const struct drbg_kat_no_reseed kat66_nor_t = {
-    5, kat66_nor_entropyin, kat66_nor_nonce, kat66_nor_persstr,
-    kat66_nor_addin0, kat66_nor_addin1, kat66_nor_retbytes
-};
-static const struct drbg_kat kat66_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat66_nor_t
-};
-
-static const unsigned char kat67_nor_entropyin[] = {
-    0x22, 0xc8, 0x9c, 0x67, 0x1b, 0x47, 0x80, 0x15, 0xca, 0xe3, 0xda, 0x53,
-    0x03, 0x56, 0x85, 0x2d,
-};
-static const unsigned char kat67_nor_nonce[] = {
-    0x96, 0x32, 0xeb, 0xd1, 0x3a, 0xc4, 0x06, 0xd6,
-};
-static const unsigned char kat67_nor_persstr[] = {0};
-static const unsigned char kat67_nor_addin0[] = {0};
-static const unsigned char kat67_nor_addin1[] = {0};
-static const unsigned char kat67_nor_retbytes[] = {
-    0x86, 0x1a, 0xec, 0x24, 0x88, 0xdf, 0x56, 0xea, 0x7f, 0x0b, 0xc4, 0xbd,
-    0x14, 0x2c, 0x91, 0x62, 0xce, 0x6a, 0x64, 0xb7, 0x39, 0x12, 0xd9, 0x49,
-    0x81, 0xb7, 0x15, 0xaa, 0x14, 0xdd, 0x1f, 0xd6, 0x49, 0xad, 0x1d, 0x86,
-    0xfc, 0x4a, 0x53, 0x65, 0xc2, 0x30, 0x7d, 0x9f, 0x67, 0x71, 0xdd, 0xfd,
-    0xb7, 0x2d, 0x6d, 0x89, 0xd9, 0x8a, 0x10, 0x34, 0x1e, 0x44, 0x05, 0x62,
-    0xc7, 0x61, 0xc9, 0xab, 0x11, 0x90, 0x52, 0x9b, 0xf7, 0x21, 0xdb, 0x2a,
-    0xc0, 0xd0, 0x0c, 0xfb, 0x61, 0x8e, 0x34, 0xa5,
-};
-static const struct drbg_kat_no_reseed kat67_nor_t = {
-    6, kat67_nor_entropyin, kat67_nor_nonce, kat67_nor_persstr,
-    kat67_nor_addin0, kat67_nor_addin1, kat67_nor_retbytes
-};
-static const struct drbg_kat kat67_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat67_nor_t
-};
-
-static const unsigned char kat68_nor_entropyin[] = {
-    0xed, 0xa4, 0xdd, 0x91, 0x7f, 0xd7, 0x76, 0x5a, 0x8b, 0x10, 0x2e, 0x83,
-    0x1c, 0x39, 0x38, 0x4b,
-};
-static const unsigned char kat68_nor_nonce[] = {
-    0x25, 0x5d, 0x24, 0x8c, 0xdb, 0xa3, 0xcf, 0x78,
-};
-static const unsigned char kat68_nor_persstr[] = {0};
-static const unsigned char kat68_nor_addin0[] = {0};
-static const unsigned char kat68_nor_addin1[] = {0};
-static const unsigned char kat68_nor_retbytes[] = {
-    0x83, 0x26, 0x3f, 0xec, 0x6c, 0x1c, 0x70, 0xcb, 0xc0, 0x88, 0xe1, 0x3d,
-    0xde, 0x4d, 0xe3, 0x1f, 0x14, 0x2d, 0x7d, 0x20, 0x42, 0x45, 0x7d, 0x79,
-    0xf0, 0xc0, 0x33, 0xf0, 0xd7, 0x90, 0x62, 0x1f, 0x75, 0x82, 0x3c, 0x55,
-    0xe4, 0x1e, 0x9a, 0x44, 0x61, 0xad, 0x7c, 0xcd, 0xdf, 0x52, 0x37, 0x73,
-    0x40, 0xd5, 0x1f, 0x72, 0x7b, 0x0f, 0x9b, 0x81, 0x2d, 0x15, 0x10, 0x36,
-    0xcf, 0xa6, 0x86, 0xbc, 0x28, 0xaf, 0xea, 0xae, 0x99, 0x5e, 0x13, 0x0a,
-    0x1e, 0xe0, 0xdd, 0x11, 0x10, 0x4e, 0x5a, 0xb1,
-};
-static const struct drbg_kat_no_reseed kat68_nor_t = {
-    7, kat68_nor_entropyin, kat68_nor_nonce, kat68_nor_persstr,
-    kat68_nor_addin0, kat68_nor_addin1, kat68_nor_retbytes
-};
-static const struct drbg_kat kat68_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat68_nor_t
-};
-
-static const unsigned char kat69_nor_entropyin[] = {
-    0x4e, 0xf4, 0x97, 0x80, 0x78, 0xec, 0x29, 0x82, 0x06, 0x36, 0xbb, 0x17,
-    0x7f, 0xfb, 0x4b, 0x2f,
-};
-static const unsigned char kat69_nor_nonce[] = {
-    0xe4, 0xc9, 0xc3, 0x45, 0xce, 0xdf, 0xc1, 0x23,
-};
-static const unsigned char kat69_nor_persstr[] = {0};
-static const unsigned char kat69_nor_addin0[] = {0};
-static const unsigned char kat69_nor_addin1[] = {0};
-static const unsigned char kat69_nor_retbytes[] = {
-    0x22, 0xc7, 0xec, 0xa6, 0x33, 0xda, 0xb4, 0x83, 0x68, 0x81, 0x39, 0x39,
-    0x7a, 0x2c, 0xd8, 0xc4, 0x26, 0x50, 0x6f, 0x60, 0xdd, 0xe1, 0xbf, 0xe5,
-    0xe4, 0xe7, 0x99, 0x99, 0x90, 0x87, 0xf7, 0xf2, 0x04, 0x6f, 0x7d, 0x8e,
-    0x04, 0x06, 0x17, 0x9d, 0x48, 0x59, 0xff, 0x61, 0x9d, 0x70, 0xce, 0x6d,
-    0xb7, 0x57, 0x3e, 0xc4, 0xa2, 0x08, 0x5c, 0x48, 0x24, 0xd7, 0xe8, 0x2d,
-    0x4f, 0xef, 0xa6, 0xfa, 0x43, 0xcf, 0xe2, 0x3b, 0x24, 0x5d, 0xab, 0x95,
-    0xc6, 0x24, 0x86, 0x6a, 0x72, 0xc1, 0x67, 0xa0,
-};
-static const struct drbg_kat_no_reseed kat69_nor_t = {
-    8, kat69_nor_entropyin, kat69_nor_nonce, kat69_nor_persstr,
-    kat69_nor_addin0, kat69_nor_addin1, kat69_nor_retbytes
-};
-static const struct drbg_kat kat69_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat69_nor_t
-};
-
-static const unsigned char kat70_nor_entropyin[] = {
-    0xa2, 0x68, 0x07, 0x50, 0xd8, 0x73, 0x1c, 0xd0, 0x93, 0xd6, 0x28, 0x4f,
-    0x57, 0x04, 0x66, 0xad,
-};
-static const unsigned char kat70_nor_nonce[] = {
-    0x76, 0x58, 0xf3, 0x00, 0x66, 0x6b, 0x66, 0xd2,
-};
-static const unsigned char kat70_nor_persstr[] = {0};
-static const unsigned char kat70_nor_addin0[] = {0};
-static const unsigned char kat70_nor_addin1[] = {0};
-static const unsigned char kat70_nor_retbytes[] = {
-    0xda, 0x6c, 0xdf, 0x35, 0x48, 0xef, 0x1a, 0xe5, 0x95, 0x58, 0x14, 0xe3,
-    0x6c, 0x73, 0xb7, 0xae, 0xaf, 0x5b, 0x4d, 0x53, 0x3b, 0x03, 0x7a, 0xfc,
-    0xe4, 0x9b, 0xf7, 0x2b, 0xf0, 0x41, 0x6c, 0x91, 0x18, 0x25, 0xae, 0x05,
-    0xfd, 0x97, 0xcc, 0x5f, 0xed, 0x23, 0x01, 0xcb, 0xfb, 0x20, 0x54, 0x5a,
-    0x20, 0xd5, 0x60, 0x96, 0xaa, 0x47, 0x4a, 0x39, 0xb3, 0xda, 0xbf, 0xc8,
-    0x88, 0xa8, 0xa6, 0x5e, 0xf3, 0x23, 0x0e, 0x69, 0xf2, 0xce, 0x5b, 0x0d,
-    0x7d, 0x30, 0x73, 0x8f, 0x70, 0x8d, 0x5f, 0x58,
-};
-static const struct drbg_kat_no_reseed kat70_nor_t = {
-    9, kat70_nor_entropyin, kat70_nor_nonce, kat70_nor_persstr,
-    kat70_nor_addin0, kat70_nor_addin1, kat70_nor_retbytes
-};
-static const struct drbg_kat kat70_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat70_nor_t
-};
-
-static const unsigned char kat71_nor_entropyin[] = {
-    0x23, 0x8f, 0x4a, 0x64, 0xdb, 0x2c, 0xd8, 0xd1, 0x40, 0xf9, 0xfb, 0xfd,
-    0xea, 0x10, 0x23, 0x38,
-};
-static const unsigned char kat71_nor_nonce[] = {
-    0xb1, 0x9a, 0xf3, 0xbc, 0x12, 0x55, 0x2f, 0xbb,
-};
-static const unsigned char kat71_nor_persstr[] = {0};
-static const unsigned char kat71_nor_addin0[] = {0};
-static const unsigned char kat71_nor_addin1[] = {0};
-static const unsigned char kat71_nor_retbytes[] = {
-    0x27, 0xce, 0x1e, 0xfb, 0x77, 0xdf, 0x4a, 0x84, 0x8f, 0x0e, 0xb7, 0x24,
-    0x51, 0xc0, 0x77, 0x1f, 0x08, 0xb8, 0x0f, 0x45, 0xe2, 0x90, 0x09, 0x1f,
-    0x8c, 0x38, 0x52, 0xfd, 0xa0, 0xb7, 0x1b, 0x28, 0x1d, 0x01, 0xa0, 0x70,
-    0xb3, 0x80, 0xda, 0xf7, 0xef, 0xa9, 0x46, 0x97, 0x80, 0x6d, 0x3d, 0x13,
-    0x8e, 0x94, 0x51, 0x13, 0x00, 0x2a, 0x62, 0x84, 0x83, 0xdd, 0x7e, 0x34,
-    0x1c, 0x7a, 0x9a, 0x6f, 0x83, 0x6d, 0x99, 0x57, 0x7b, 0x39, 0xfb, 0x0f,
-    0x9a, 0x73, 0x2f, 0x14, 0x45, 0x95, 0x95, 0xfc,
-};
-static const struct drbg_kat_no_reseed kat71_nor_t = {
-    10, kat71_nor_entropyin, kat71_nor_nonce, kat71_nor_persstr,
-    kat71_nor_addin0, kat71_nor_addin1, kat71_nor_retbytes
-};
-static const struct drbg_kat kat71_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat71_nor_t
-};
-
-static const unsigned char kat72_nor_entropyin[] = {
-    0x1a, 0x3a, 0x03, 0x33, 0x34, 0x0f, 0x1d, 0x67, 0xdd, 0xa7, 0x15, 0x28,
-    0x5b, 0xbf, 0xb6, 0x17,
-};
-static const unsigned char kat72_nor_nonce[] = {
-    0x37, 0x4b, 0x8f, 0x8b, 0xe9, 0xf2, 0x82, 0x0e,
-};
-static const unsigned char kat72_nor_persstr[] = {0};
-static const unsigned char kat72_nor_addin0[] = {0};
-static const unsigned char kat72_nor_addin1[] = {0};
-static const unsigned char kat72_nor_retbytes[] = {
-    0xf2, 0x8c, 0xd9, 0x13, 0x65, 0xd0, 0x2d, 0x20, 0x4f, 0xa7, 0x1f, 0xe8,
-    0x6e, 0xe4, 0x0f, 0xb0, 0x5f, 0x47, 0x78, 0x64, 0xbe, 0x55, 0x6f, 0x2e,
-    0x8e, 0x0f, 0x21, 0x2d, 0xcb, 0x1e, 0xd9, 0x8e, 0xf5, 0x9a, 0xdd, 0xe4,
-    0x85, 0xcb, 0x28, 0xaf, 0xee, 0x97, 0xac, 0x44, 0xa7, 0x89, 0x62, 0x65,
-    0x50, 0xd5, 0x33, 0xe6, 0xcb, 0x8a, 0x13, 0xe0, 0xcd, 0x03, 0x9a, 0x7d,
-    0x56, 0xf2, 0x70, 0xb8, 0x92, 0xdf, 0x74, 0x2c, 0x49, 0x9f, 0x5c, 0x60,
-    0x9e, 0xf7, 0x44, 0x54, 0xf1, 0xa8, 0xcb, 0xf5,
-};
-static const struct drbg_kat_no_reseed kat72_nor_t = {
-    11, kat72_nor_entropyin, kat72_nor_nonce, kat72_nor_persstr,
-    kat72_nor_addin0, kat72_nor_addin1, kat72_nor_retbytes
-};
-static const struct drbg_kat kat72_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat72_nor_t
-};
-
-static const unsigned char kat73_nor_entropyin[] = {
-    0xd6, 0x22, 0xc4, 0x7e, 0x98, 0x38, 0xe0, 0xfc, 0xd8, 0xbf, 0xb2, 0x09,
-    0xf4, 0x2a, 0x3c, 0x29,
-};
-static const unsigned char kat73_nor_nonce[] = {
-    0xb2, 0x9b, 0xba, 0x7c, 0xfe, 0xba, 0x90, 0xcc,
-};
-static const unsigned char kat73_nor_persstr[] = {0};
-static const unsigned char kat73_nor_addin0[] = {0};
-static const unsigned char kat73_nor_addin1[] = {0};
-static const unsigned char kat73_nor_retbytes[] = {
-    0x93, 0x40, 0xbb, 0x46, 0x92, 0xe5, 0x27, 0x92, 0x69, 0x3e, 0x8e, 0xdc,
-    0x0c, 0x28, 0x83, 0xf5, 0x4f, 0x8b, 0x93, 0x94, 0x2a, 0xe3, 0x6f, 0x06,
-    0xd5, 0x53, 0x29, 0x64, 0xf1, 0xf9, 0xb5, 0x81, 0xc0, 0x2a, 0x86, 0xb9,
-    0x52, 0x05, 0x66, 0xf5, 0xf7, 0x96, 0xe3, 0xcb, 0x21, 0x94, 0x85, 0x3e,
-    0xd9, 0xec, 0x18, 0xb6, 0x93, 0xbc, 0x7a, 0xc9, 0xa8, 0x3c, 0x0f, 0x8d,
-    0xb8, 0x96, 0xd9, 0x3f, 0xa2, 0x09, 0x53, 0xd4, 0x59, 0xaf, 0xe4, 0x43,
-    0xb6, 0x3d, 0x12, 0x41, 0xd0, 0xb4, 0x7c, 0xc1,
-};
-static const struct drbg_kat_no_reseed kat73_nor_t = {
-    12, kat73_nor_entropyin, kat73_nor_nonce, kat73_nor_persstr,
-    kat73_nor_addin0, kat73_nor_addin1, kat73_nor_retbytes
-};
-static const struct drbg_kat kat73_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat73_nor_t
-};
-
-static const unsigned char kat74_nor_entropyin[] = {
-    0xb5, 0x4f, 0xa4, 0xfb, 0xef, 0xc6, 0x3f, 0x96, 0xa4, 0x50, 0x70, 0xdb,
-    0xa6, 0x69, 0xc3, 0xfa,
-};
-static const unsigned char kat74_nor_nonce[] = {
-    0xdc, 0x9b, 0xb5, 0xe0, 0x14, 0xdf, 0x5f, 0x2b,
-};
-static const unsigned char kat74_nor_persstr[] = {0};
-static const unsigned char kat74_nor_addin0[] = {0};
-static const unsigned char kat74_nor_addin1[] = {0};
-static const unsigned char kat74_nor_retbytes[] = {
-    0x07, 0x45, 0x2a, 0xa8, 0x5d, 0x24, 0x16, 0xbb, 0x09, 0x1b, 0x9c, 0xc8,
-    0xf4, 0x9a, 0xdd, 0x2d, 0xc8, 0x97, 0x46, 0x59, 0x98, 0x78, 0x2a, 0x01,
-    0xe6, 0x28, 0xe9, 0xfe, 0xd6, 0xf0, 0xf1, 0x85, 0xfd, 0x5d, 0x41, 0x2d,
-    0xc4, 0x06, 0x25, 0xde, 0xc7, 0x10, 0xeb, 0xf2, 0x67, 0x29, 0xd0, 0x34,
-    0x6c, 0x34, 0x4e, 0xf2, 0xb1, 0xd3, 0xd4, 0x2a, 0x9a, 0xd6, 0x0f, 0x05,
-    0x38, 0x64, 0x13, 0xe4, 0x09, 0x78, 0xd2, 0x06, 0xcf, 0x3f, 0xc8, 0xec,
-    0xf4, 0x09, 0x50, 0xa2, 0x80, 0xe4, 0x47, 0x7c,
-};
-static const struct drbg_kat_no_reseed kat74_nor_t = {
-    13, kat74_nor_entropyin, kat74_nor_nonce, kat74_nor_persstr,
-    kat74_nor_addin0, kat74_nor_addin1, kat74_nor_retbytes
-};
-static const struct drbg_kat kat74_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat74_nor_t
-};
-
-static const unsigned char kat75_nor_entropyin[] = {
-    0xce, 0xb3, 0x54, 0x44, 0x4d, 0x1a, 0x29, 0xc0, 0xc3, 0xe8, 0xa1, 0xcc,
-    0x24, 0xd0, 0x28, 0x46,
-};
-static const unsigned char kat75_nor_nonce[] = {
-    0x86, 0xd3, 0xfd, 0x9f, 0xc5, 0x1f, 0x8b, 0x19,
-};
-static const unsigned char kat75_nor_persstr[] = {0};
-static const unsigned char kat75_nor_addin0[] = {0};
-static const unsigned char kat75_nor_addin1[] = {0};
-static const unsigned char kat75_nor_retbytes[] = {
-    0x6f, 0x90, 0xad, 0x61, 0x19, 0x87, 0xa3, 0x7b, 0xac, 0x54, 0xbe, 0xa0,
-    0x78, 0x2a, 0xc7, 0x82, 0x15, 0xb7, 0xd1, 0x7e, 0xcd, 0xd3, 0x99, 0x1a,
-    0x81, 0xa3, 0x6d, 0x0e, 0x26, 0x3c, 0x6f, 0x0d, 0xda, 0x2c, 0x10, 0x2c,
-    0xfb, 0xa5, 0x6b, 0x26, 0xc7, 0xb7, 0x4b, 0x5d, 0xd2, 0x54, 0x8b, 0xe9,
-    0xbc, 0x81, 0xc7, 0x95, 0x8e, 0x9d, 0x19, 0x82, 0x15, 0x83, 0xc6, 0xf3,
-    0x88, 0x13, 0x2b, 0x9e, 0x19, 0xae, 0x76, 0x09, 0xad, 0xd9, 0xa2, 0x96,
-    0xc1, 0xe9, 0x2d, 0x66, 0xa2, 0xef, 0x54, 0x64,
-};
-static const struct drbg_kat_no_reseed kat75_nor_t = {
-    14, kat75_nor_entropyin, kat75_nor_nonce, kat75_nor_persstr,
-    kat75_nor_addin0, kat75_nor_addin1, kat75_nor_retbytes
-};
-static const struct drbg_kat kat75_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat75_nor_t
-};
-
-static const unsigned char kat76_nor_entropyin[] = {
-    0xea, 0x97, 0xce, 0xcb, 0xca, 0xa4, 0xed, 0x7d, 0xa1, 0x3b, 0xec, 0xfe,
-    0xda, 0x62, 0x05, 0xb4,
-};
-static const unsigned char kat76_nor_nonce[] = {
-    0x59, 0x31, 0x5c, 0xd4, 0x61, 0x66, 0x3f, 0xe0,
-};
-static const unsigned char kat76_nor_persstr[] = {0};
-static const unsigned char kat76_nor_addin0[] = {
-    0x2b, 0x4b, 0xc4, 0x95, 0xeb, 0x17, 0x1e, 0x88, 0xbd, 0x9f, 0x63, 0x42,
-    0x70, 0x80, 0xfa, 0x75,
-};
-static const unsigned char kat76_nor_addin1[] = {
-    0xda, 0xc9, 0x7b, 0xb5, 0x11, 0x6f, 0x63, 0xbd, 0xb7, 0x2f, 0x29, 0xf4,
-    0x6d, 0x38, 0xe5, 0x7c,
-};
-static const unsigned char kat76_nor_retbytes[] = {
-    0xd7, 0x53, 0x6d, 0xab, 0x2b, 0x3b, 0x6c, 0x71, 0x86, 0x44, 0x3d, 0xe2,
-    0xa7, 0xc6, 0x9e, 0x69, 0x65, 0xa0, 0x9c, 0xa8, 0xc7, 0x0f, 0x5d, 0xa0,
-    0x69, 0xea, 0xa9, 0xd1, 0xb9, 0xff, 0xb2, 0x71, 0x4b, 0xda, 0x75, 0x1e,
-    0x47, 0x9d, 0x83, 0x7f, 0x7d, 0xe4, 0xc8, 0xc9, 0x7b, 0xc8, 0xc1, 0x49,
-    0x25, 0x79, 0x5f, 0xf1, 0x98, 0x3a, 0xf7, 0x1f, 0x04, 0x2d, 0xf3, 0xc8,
-    0x73, 0xe8, 0xc4, 0x00, 0x81, 0xb9, 0xa4, 0x20, 0x53, 0xd4, 0x21, 0x53,
-    0xdd, 0x16, 0x80, 0xbb, 0x2e, 0x8a, 0x45, 0x56,
-};
-static const struct drbg_kat_no_reseed kat76_nor_t = {
-    0, kat76_nor_entropyin, kat76_nor_nonce, kat76_nor_persstr,
-    kat76_nor_addin0, kat76_nor_addin1, kat76_nor_retbytes
-};
-static const struct drbg_kat kat76_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat76_nor_t
-};
-
-static const unsigned char kat77_nor_entropyin[] = {
-    0xbe, 0x8b, 0xb1, 0x86, 0xbd, 0x76, 0xc6, 0xe3, 0xc2, 0xaa, 0x01, 0x67,
-    0x85, 0xef, 0x0c, 0x94,
-};
-static const unsigned char kat77_nor_nonce[] = {
-    0x0c, 0xdf, 0x98, 0x0a, 0x92, 0x49, 0x18, 0x0d,
-};
-static const unsigned char kat77_nor_persstr[] = {0};
-static const unsigned char kat77_nor_addin0[] = {
-    0x57, 0x62, 0xc6, 0x47, 0x8f, 0x21, 0x3d, 0xf4, 0x41, 0x18, 0xa8, 0x72,
-    0xa7, 0x61, 0x62, 0x3a,
-};
-static const unsigned char kat77_nor_addin1[] = {
-    0x98, 0x44, 0x75, 0xdb, 0x54, 0x03, 0xd4, 0xac, 0xf7, 0x1b, 0xad, 0x13,
-    0x56, 0x72, 0x28, 0xc6,
-};
-static const unsigned char kat77_nor_retbytes[] = {
-    0x15, 0x19, 0xc0, 0x13, 0x2b, 0xec, 0x98, 0x81, 0xf8, 0x03, 0xfe, 0xe1,
-    0x6f, 0xcc, 0xf0, 0x4d, 0xb1, 0x1d, 0xa7, 0x10, 0x57, 0xa8, 0x83, 0xfe,
-    0x26, 0x8d, 0x3c, 0x12, 0x0e, 0x41, 0xb6, 0xef, 0x86, 0x30, 0xa1, 0x91,
-    0xad, 0xc2, 0xc9, 0xa4, 0x18, 0x33, 0x03, 0x96, 0x6f, 0x6f, 0x81, 0x5a,
-    0x1c, 0xbc, 0xfd, 0xc2, 0x2e, 0xdc, 0x1f, 0x95, 0xbc, 0x82, 0x07, 0x6a,
-    0xb5, 0x26, 0x1e, 0x8e, 0xa7, 0x49, 0x66, 0x0d, 0xd3, 0xa8, 0xf1, 0x07,
-    0x72, 0x01, 0x28, 0x4a, 0x75, 0x29, 0x70, 0xa5,
-};
-static const struct drbg_kat_no_reseed kat77_nor_t = {
-    1, kat77_nor_entropyin, kat77_nor_nonce, kat77_nor_persstr,
-    kat77_nor_addin0, kat77_nor_addin1, kat77_nor_retbytes
-};
-static const struct drbg_kat kat77_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat77_nor_t
-};
-
-static const unsigned char kat78_nor_entropyin[] = {
-    0x8c, 0x3f, 0x3c, 0x3a, 0xd8, 0x5d, 0x8d, 0xbf, 0x0b, 0x75, 0x57, 0x14,
-    0x47, 0x7b, 0x45, 0x6c,
-};
-static const unsigned char kat78_nor_nonce[] = {
-    0x69, 0x62, 0x8b, 0xcc, 0x65, 0xbb, 0x13, 0x28,
-};
-static const unsigned char kat78_nor_persstr[] = {0};
-static const unsigned char kat78_nor_addin0[] = {
-    0x5d, 0x85, 0xf4, 0x40, 0x86, 0x24, 0x69, 0x2f, 0x0d, 0x02, 0x58, 0xda,
-    0xde, 0xb7, 0x0e, 0x16,
-};
-static const unsigned char kat78_nor_addin1[] = {
-    0x4f, 0x94, 0x3e, 0x04, 0x3d, 0xd2, 0x24, 0xdb, 0x1a, 0x14, 0x4f, 0xf7,
-    0x4f, 0xe9, 0x13, 0xad,
-};
-static const unsigned char kat78_nor_retbytes[] = {
-    0x1e, 0x39, 0x68, 0x7f, 0x18, 0xb0, 0x8f, 0x56, 0xbc, 0xe6, 0xc2, 0x02,
-    0x2e, 0x5a, 0x7d, 0xe1, 0xb0, 0x4c, 0xed, 0x77, 0x16, 0x30, 0xef, 0xeb,
-    0x32, 0xb6, 0xc4, 0xa1, 0x25, 0xba, 0x83, 0xec, 0xed, 0x08, 0x08, 0x4c,
-    0x9a, 0xd1, 0x79, 0xc6, 0x26, 0xce, 0x93, 0x07, 0x04, 0xa0, 0x60, 0xb2,
-    0x5d, 0x15, 0xbe, 0x03, 0x2e, 0x15, 0xee, 0x67, 0x69, 0x52, 0x80, 0xda,
-    0xc2, 0xe2, 0xb3, 0x86, 0x4a, 0xd3, 0x08, 0xbb, 0x54, 0xf9, 0xb6, 0x0b,
-    0x0f, 0x1b, 0xd9, 0x21, 0x2e, 0x03, 0x21, 0xe1,
-};
-static const struct drbg_kat_no_reseed kat78_nor_t = {
-    2, kat78_nor_entropyin, kat78_nor_nonce, kat78_nor_persstr,
-    kat78_nor_addin0, kat78_nor_addin1, kat78_nor_retbytes
-};
-static const struct drbg_kat kat78_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat78_nor_t
-};
-
-static const unsigned char kat79_nor_entropyin[] = {
-    0x5f, 0x5a, 0x57, 0xc0, 0xe7, 0x83, 0x90, 0xba, 0x0e, 0x9a, 0xa6, 0x07,
-    0x31, 0x02, 0xa5, 0x63,
-};
-static const unsigned char kat79_nor_nonce[] = {
-    0x46, 0x78, 0x27, 0x5a, 0x8b, 0x8d, 0xfc, 0xbd,
-};
-static const unsigned char kat79_nor_persstr[] = {0};
-static const unsigned char kat79_nor_addin0[] = {
-    0x1e, 0x45, 0x7c, 0xd7, 0x04, 0x84, 0xf7, 0x64, 0xfd, 0x44, 0x92, 0x1e,
-    0xdd, 0x93, 0x1a, 0x93,
-};
-static const unsigned char kat79_nor_addin1[] = {
-    0xc3, 0xdc, 0x45, 0xc2, 0x20, 0xb7, 0xbc, 0x21, 0xb3, 0x18, 0x05, 0x3f,
-    0x36, 0x29, 0xf5, 0x6d,
-};
-static const unsigned char kat79_nor_retbytes[] = {
-    0x1f, 0x58, 0x2c, 0xec, 0x88, 0xd7, 0x1a, 0xcd, 0xc1, 0x54, 0x4a, 0x89,
-    0x91, 0x86, 0x28, 0xe9, 0xab, 0xb9, 0xf5, 0x8b, 0x8f, 0xf8, 0xb9, 0x62,
-    0x59, 0xdf, 0x55, 0xbb, 0x1f, 0xa2, 0xb5, 0xa7, 0x52, 0x9c, 0x0e, 0x79,
-    0x0e, 0xac, 0xea, 0xa8, 0xf4, 0xa8, 0x1f, 0x86, 0x22, 0x69, 0x8e, 0xbf,
-    0xb2, 0xdb, 0x9d, 0xa2, 0x55, 0xa3, 0xf2, 0xb4, 0x51, 0x56, 0xa4, 0x21,
-    0x9f, 0x6d, 0xea, 0x24, 0x98, 0xd8, 0xdf, 0xff, 0x59, 0x9a, 0x2d, 0x0c,
-    0x0b, 0xc8, 0xf0, 0xfb, 0x22, 0x0d, 0xc6, 0xd5,
-};
-static const struct drbg_kat_no_reseed kat79_nor_t = {
-    3, kat79_nor_entropyin, kat79_nor_nonce, kat79_nor_persstr,
-    kat79_nor_addin0, kat79_nor_addin1, kat79_nor_retbytes
-};
-static const struct drbg_kat kat79_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat79_nor_t
-};
-
-static const unsigned char kat80_nor_entropyin[] = {
-    0x90, 0xad, 0xa5, 0x5b, 0xf6, 0xde, 0xf3, 0x9b, 0xf8, 0xf6, 0x16, 0x99,
-    0xe7, 0xc4, 0x58, 0x34,
-};
-static const unsigned char kat80_nor_nonce[] = {
-    0xf0, 0x34, 0xdb, 0x6d, 0x32, 0x51, 0xb3, 0xea,
-};
-static const unsigned char kat80_nor_persstr[] = {0};
-static const unsigned char kat80_nor_addin0[] = {
-    0xe5, 0xf1, 0x58, 0x80, 0x93, 0x5a, 0xe7, 0x75, 0xfa, 0xc2, 0xc1, 0x5d,
-    0xe2, 0x0a, 0x32, 0xa9,
-};
-static const unsigned char kat80_nor_addin1[] = {
-    0xbf, 0xf5, 0x26, 0xe1, 0x08, 0xb7, 0x81, 0x8d, 0x5a, 0x30, 0xe9, 0xb0,
-    0x62, 0x6a, 0x87, 0x94,
-};
-static const unsigned char kat80_nor_retbytes[] = {
-    0x78, 0x79, 0x38, 0x71, 0xb3, 0xd2, 0x96, 0x67, 0xce, 0xdd, 0x43, 0x96,
-    0x38, 0x90, 0x70, 0xc8, 0xae, 0xdf, 0x11, 0x5a, 0x0c, 0xbf, 0x3a, 0x4a,
-    0xd2, 0xeb, 0xa1, 0xc3, 0xbc, 0xa0, 0x58, 0xf8, 0xc3, 0xde, 0xc4, 0xe2,
-    0x3c, 0x63, 0x53, 0xff, 0x50, 0x16, 0x14, 0xea, 0x37, 0x67, 0x83, 0xe9,
-    0xec, 0xd8, 0x39, 0x69, 0x10, 0xf0, 0x4f, 0xb7, 0x00, 0x5f, 0xb9, 0xf2,
-    0x79, 0xea, 0xbd, 0x1b, 0x26, 0x20, 0x62, 0x64, 0x99, 0xcd, 0x77, 0x02,
-    0xf4, 0x1e, 0x78, 0x1f, 0xd3, 0x41, 0x3d, 0x7a,
-};
-static const struct drbg_kat_no_reseed kat80_nor_t = {
-    4, kat80_nor_entropyin, kat80_nor_nonce, kat80_nor_persstr,
-    kat80_nor_addin0, kat80_nor_addin1, kat80_nor_retbytes
-};
-static const struct drbg_kat kat80_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat80_nor_t
-};
-
-static const unsigned char kat81_nor_entropyin[] = {
-    0x46, 0x7d, 0x32, 0x15, 0x3d, 0x45, 0x03, 0x25, 0x5b, 0xfa, 0xbb, 0xbb,
-    0xe4, 0x45, 0xb3, 0x88,
-};
-static const unsigned char kat81_nor_nonce[] = {
-    0x18, 0x2b, 0x13, 0x92, 0x2f, 0xa8, 0x6d, 0x97,
-};
-static const unsigned char kat81_nor_persstr[] = {0};
-static const unsigned char kat81_nor_addin0[] = {
-    0x84, 0xe9, 0x61, 0x47, 0x21, 0x25, 0xdf, 0x37, 0x39, 0x6b, 0xe2, 0xd8,
-    0xf4, 0x18, 0x7a, 0x9d,
-};
-static const unsigned char kat81_nor_addin1[] = {
-    0x12, 0x32, 0x64, 0x4a, 0xaa, 0xb0, 0xb9, 0xa6, 0x61, 0xfa, 0x2a, 0xef,
-    0x59, 0x76, 0xde, 0xe7,
-};
-static const unsigned char kat81_nor_retbytes[] = {
-    0x20, 0x4a, 0xb4, 0x9a, 0x98, 0x3d, 0xbd, 0xda, 0x27, 0xbc, 0xd1, 0xa0,
-    0xb8, 0x3d, 0xcd, 0x23, 0x33, 0x87, 0x7d, 0x6d, 0xb6, 0x7d, 0x6c, 0x31,
-    0x0d, 0x49, 0x2c, 0x18, 0x27, 0x27, 0x4e, 0x34, 0x22, 0x6e, 0xfa, 0x02,
-    0x88, 0x70, 0xc5, 0xc1, 0x25, 0x65, 0x6d, 0xdd, 0xaa, 0x77, 0xba, 0xbc,
-    0x47, 0xdb, 0x6b, 0xda, 0xfa, 0x3c, 0x2f, 0xad, 0xe1, 0x2d, 0x8e, 0xc5,
-    0xf3, 0xc8, 0xb8, 0x1f, 0x81, 0xb1, 0xe9, 0xee, 0xf3, 0x8f, 0x33, 0xcd,
-    0x84, 0x02, 0x34, 0xd3, 0x97, 0x67, 0xa9, 0x7e,
-};
-static const struct drbg_kat_no_reseed kat81_nor_t = {
-    5, kat81_nor_entropyin, kat81_nor_nonce, kat81_nor_persstr,
-    kat81_nor_addin0, kat81_nor_addin1, kat81_nor_retbytes
-};
-static const struct drbg_kat kat81_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat81_nor_t
-};
-
-static const unsigned char kat82_nor_entropyin[] = {
-    0x1d, 0x22, 0xfa, 0x6c, 0xda, 0x79, 0x05, 0x3b, 0x68, 0xbb, 0x6b, 0xa9,
-    0x8b, 0x98, 0x5a, 0x52,
-};
-static const unsigned char kat82_nor_nonce[] = {
-    0x2f, 0x7d, 0x01, 0xa0, 0xfb, 0x26, 0x14, 0x5a,
-};
-static const unsigned char kat82_nor_persstr[] = {0};
-static const unsigned char kat82_nor_addin0[] = {
-    0x6b, 0x78, 0x6c, 0xe4, 0x3d, 0xa7, 0x7a, 0x58, 0xa5, 0x31, 0xfb, 0xac,
-    0x74, 0x93, 0xec, 0x2e,
-};
-static const unsigned char kat82_nor_addin1[] = {
-    0x91, 0x7b, 0x22, 0x0b, 0x80, 0x97, 0x93, 0xa4, 0x19, 0x38, 0x27, 0xe4,
-    0xfb, 0xf0, 0xdb, 0x70,
-};
-static const unsigned char kat82_nor_retbytes[] = {
-    0xbf, 0xdc, 0x3c, 0x80, 0x06, 0x81, 0xac, 0xb5, 0x33, 0x7b, 0xd3, 0xad,
-    0x90, 0x4e, 0x26, 0xfa, 0xe6, 0x17, 0x4c, 0x3e, 0x57, 0x65, 0x79, 0xc4,
-    0x95, 0xcc, 0xce, 0x73, 0xec, 0xab, 0xd5, 0x4a, 0x5e, 0x14, 0xe6, 0xa8,
-    0x98, 0x0f, 0x6e, 0x8f, 0xb2, 0xce, 0xe6, 0x21, 0x34, 0x30, 0x92, 0xd0,
-    0x45, 0x59, 0x45, 0x1e, 0xe5, 0xe1, 0x6d, 0xee, 0xcb, 0xaf, 0x57, 0xd1,
-    0xbc, 0x4c, 0xb5, 0x08, 0x7b, 0x32, 0x91, 0x94, 0x1e, 0xf7, 0xe6, 0xc6,
-    0xf5, 0x11, 0xa8, 0x69, 0xee, 0x2d, 0x57, 0xee,
-};
-static const struct drbg_kat_no_reseed kat82_nor_t = {
-    6, kat82_nor_entropyin, kat82_nor_nonce, kat82_nor_persstr,
-    kat82_nor_addin0, kat82_nor_addin1, kat82_nor_retbytes
-};
-static const struct drbg_kat kat82_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat82_nor_t
-};
-
-static const unsigned char kat83_nor_entropyin[] = {
-    0x54, 0xb5, 0xfd, 0xd7, 0xdd, 0x2e, 0x7e, 0x1c, 0x4f, 0x09, 0xa6, 0x11,
-    0x8e, 0x4e, 0x60, 0xeb,
-};
-static const unsigned char kat83_nor_nonce[] = {
-    0x81, 0x62, 0x37, 0x9c, 0x2b, 0x3d, 0xd9, 0x7f,
-};
-static const unsigned char kat83_nor_persstr[] = {0};
-static const unsigned char kat83_nor_addin0[] = {
-    0xb2, 0xed, 0x50, 0x78, 0xe1, 0x76, 0x44, 0x7a, 0x17, 0x98, 0x6e, 0x98,
-    0xf9, 0x82, 0x7a, 0x43,
-};
-static const unsigned char kat83_nor_addin1[] = {
-    0x5e, 0x6a, 0x48, 0x3c, 0xc9, 0xf2, 0x3e, 0x5c, 0x9d, 0x96, 0x95, 0x2b,
-    0xa7, 0xcf, 0x10, 0x5e,
-};
-static const unsigned char kat83_nor_retbytes[] = {
-    0x86, 0x7e, 0xc6, 0xf9, 0x25, 0xc5, 0x22, 0x7c, 0x74, 0x83, 0x67, 0x8b,
-    0x4b, 0x09, 0x85, 0xf9, 0x02, 0xf1, 0xfd, 0x87, 0xf2, 0x2e, 0xda, 0xe2,
-    0xa5, 0xad, 0xaf, 0x85, 0xcc, 0x77, 0x1b, 0x16, 0x40, 0x8e, 0xd6, 0x46,
-    0x77, 0x8d, 0x87, 0x24, 0x37, 0x0b, 0xdb, 0x01, 0x37, 0xa8, 0x72, 0xb7,
-    0x69, 0x94, 0xe8, 0x74, 0xde, 0x7f, 0xc2, 0xe7, 0x24, 0xde, 0x16, 0xf5,
-    0xa0, 0x7d, 0xc9, 0x49, 0xd1, 0xc3, 0xbc, 0x9e, 0x73, 0xa4, 0xa0, 0xc2,
-    0x99, 0x05, 0xc2, 0xb1, 0xcd, 0x99, 0xdf, 0x48,
-};
-static const struct drbg_kat_no_reseed kat83_nor_t = {
-    7, kat83_nor_entropyin, kat83_nor_nonce, kat83_nor_persstr,
-    kat83_nor_addin0, kat83_nor_addin1, kat83_nor_retbytes
-};
-static const struct drbg_kat kat83_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat83_nor_t
-};
-
-static const unsigned char kat84_nor_entropyin[] = {
-    0xbb, 0x20, 0x61, 0x7c, 0xc0, 0xf7, 0xed, 0x8e, 0xf1, 0x29, 0xa7, 0xa0,
-    0xe4, 0x78, 0x4c, 0x58,
-};
-static const unsigned char kat84_nor_nonce[] = {
-    0xcb, 0x3b, 0x83, 0xd6, 0x13, 0xcc, 0x85, 0xdc,
-};
-static const unsigned char kat84_nor_persstr[] = {0};
-static const unsigned char kat84_nor_addin0[] = {
-    0xb1, 0x41, 0x9e, 0x3d, 0xbf, 0x91, 0xe1, 0x55, 0xcd, 0x32, 0x07, 0xea,
-    0xd5, 0x28, 0xb2, 0x3d,
-};
-static const unsigned char kat84_nor_addin1[] = {
-    0x9d, 0x54, 0x88, 0xca, 0x66, 0x4c, 0x2b, 0x19, 0x79, 0x48, 0x9a, 0x4c,
-    0xf7, 0x42, 0x0e, 0x8d,
-};
-static const unsigned char kat84_nor_retbytes[] = {
-    0x97, 0xee, 0x02, 0xe3, 0x86, 0xb0, 0x1b, 0x92, 0x9b, 0xde, 0x52, 0x2e,
-    0x5f, 0x19, 0x8c, 0x85, 0xed, 0x03, 0x10, 0x25, 0xf4, 0xfd, 0x3f, 0x80,
-    0x5c, 0x8a, 0xce, 0xab, 0x9d, 0x43, 0x28, 0x6f, 0x7e, 0xc7, 0x14, 0x22,
-    0x82, 0x8b, 0x42, 0x70, 0x06, 0xd0, 0x35, 0xdf, 0x49, 0x4b, 0x86, 0xfb,
-    0x9e, 0x71, 0x09, 0x01, 0x65, 0x18, 0x97, 0x18, 0x7e, 0x1c, 0xde, 0xa5,
-    0xa6, 0x49, 0x41, 0x8c, 0x87, 0x24, 0xf0, 0xe6, 0x41, 0x26, 0x9a, 0x03,
-    0x12, 0x72, 0x52, 0xb2, 0x9d, 0x79, 0x49, 0x4e,
-};
-static const struct drbg_kat_no_reseed kat84_nor_t = {
-    8, kat84_nor_entropyin, kat84_nor_nonce, kat84_nor_persstr,
-    kat84_nor_addin0, kat84_nor_addin1, kat84_nor_retbytes
-};
-static const struct drbg_kat kat84_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat84_nor_t
-};
-
-static const unsigned char kat85_nor_entropyin[] = {
-    0xe9, 0xae, 0x7f, 0xab, 0x36, 0xe1, 0x64, 0x42, 0xfc, 0x6f, 0x88, 0xb7,
-    0xd8, 0x90, 0xd7, 0x3d,
-};
-static const unsigned char kat85_nor_nonce[] = {
-    0x37, 0xf7, 0x21, 0xf2, 0xb2, 0x27, 0xf1, 0x72,
-};
-static const unsigned char kat85_nor_persstr[] = {0};
-static const unsigned char kat85_nor_addin0[] = {
-    0x63, 0xf9, 0x2e, 0xc7, 0x0f, 0x47, 0x45, 0x8c, 0xa0, 0x38, 0x8a, 0xcb,
-    0x1d, 0xc5, 0x51, 0xd2,
-};
-static const unsigned char kat85_nor_addin1[] = {
-    0x85, 0x33, 0x11, 0xc7, 0x50, 0x63, 0xad, 0xa9, 0x9d, 0x25, 0xba, 0xa6,
-    0x48, 0x4f, 0xc9, 0x53,
-};
-static const unsigned char kat85_nor_retbytes[] = {
-    0x2c, 0xa7, 0x94, 0x59, 0xfa, 0x30, 0x12, 0x19, 0x88, 0x12, 0x13, 0xcd,
-    0x3e, 0x0c, 0x14, 0xcb, 0x00, 0x4d, 0x12, 0xe1, 0xb0, 0xc7, 0x76, 0xfd,
-    0x4f, 0x06, 0x32, 0xf9, 0x16, 0x73, 0xcb, 0x67, 0xa6, 0x65, 0x22, 0xfb,
-    0x72, 0x4b, 0xe1, 0x21, 0xf8, 0xb4, 0x6c, 0xfb, 0xd1, 0x22, 0xcf, 0xd2,
-    0xb1, 0x6d, 0x36, 0xf2, 0x7d, 0x17, 0x35, 0xe5, 0xf1, 0x73, 0x2a, 0xca,
-    0xe8, 0x5b, 0xf2, 0x0f, 0xb4, 0xb5, 0x5c, 0x53, 0xbd, 0xc9, 0x30, 0x90,
-    0x62, 0xa6, 0x64, 0x9f, 0xb5, 0x0f, 0xbc, 0xb2,
-};
-static const struct drbg_kat_no_reseed kat85_nor_t = {
-    9, kat85_nor_entropyin, kat85_nor_nonce, kat85_nor_persstr,
-    kat85_nor_addin0, kat85_nor_addin1, kat85_nor_retbytes
-};
-static const struct drbg_kat kat85_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat85_nor_t
-};
-
-static const unsigned char kat86_nor_entropyin[] = {
-    0xef, 0x8b, 0x69, 0xc2, 0x11, 0x3d, 0x3e, 0x83, 0x87, 0x50, 0x0b, 0x8e,
-    0x91, 0xe6, 0xd0, 0x77,
-};
-static const unsigned char kat86_nor_nonce[] = {
-    0xa4, 0xb2, 0x5b, 0xcb, 0xe9, 0x2a, 0x9e, 0x5a,
-};
-static const unsigned char kat86_nor_persstr[] = {0};
-static const unsigned char kat86_nor_addin0[] = {
-    0x3a, 0x42, 0x62, 0x11, 0xe7, 0x6c, 0x02, 0x46, 0xcf, 0x25, 0x82, 0xa0,
-    0x7e, 0x5c, 0xa6, 0x81,
-};
-static const unsigned char kat86_nor_addin1[] = {
-    0xd8, 0x72, 0x1b, 0x09, 0xb2, 0x40, 0x48, 0x67, 0x61, 0xee, 0x0c, 0x67,
-    0x0e, 0x5a, 0xf4, 0x73,
-};
-static const unsigned char kat86_nor_retbytes[] = {
-    0x05, 0x5e, 0x5f, 0x05, 0x8b, 0x05, 0x43, 0x77, 0x83, 0x0b, 0xa4, 0xc7,
-    0x31, 0x61, 0x7f, 0x9a, 0xcf, 0x16, 0x4f, 0xc5, 0xe2, 0x51, 0x74, 0x23,
-    0x4e, 0x05, 0x20, 0x95, 0x41, 0x0b, 0x91, 0x24, 0x36, 0x66, 0xef, 0x57,
-    0x33, 0x53, 0x29, 0x90, 0x89, 0x43, 0xc6, 0xd8, 0x8c, 0xfc, 0x00, 0xee,
-    0x3f, 0x0d, 0xc0, 0x00, 0x23, 0xec, 0x32, 0xcf, 0xc4, 0x90, 0xe8, 0x2c,
-    0xfb, 0xf4, 0x35, 0xe3, 0x88, 0x94, 0x98, 0x15, 0xdf, 0xc0, 0x05, 0xfc,
-    0x03, 0x93, 0xd1, 0xd5, 0xef, 0xf7, 0xfd, 0xcf,
-};
-static const struct drbg_kat_no_reseed kat86_nor_t = {
-    10, kat86_nor_entropyin, kat86_nor_nonce, kat86_nor_persstr,
-    kat86_nor_addin0, kat86_nor_addin1, kat86_nor_retbytes
-};
-static const struct drbg_kat kat86_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat86_nor_t
-};
-
-static const unsigned char kat87_nor_entropyin[] = {
-    0x1c, 0x98, 0x41, 0x2f, 0x62, 0xd9, 0x22, 0x0e, 0xbd, 0x84, 0x1b, 0x37,
-    0x91, 0x28, 0xb1, 0x89,
-};
-static const unsigned char kat87_nor_nonce[] = {
-    0xe1, 0xbe, 0x24, 0x32, 0x43, 0x1e, 0x83, 0xeb,
-};
-static const unsigned char kat87_nor_persstr[] = {0};
-static const unsigned char kat87_nor_addin0[] = {
-    0x6b, 0x43, 0xfe, 0x77, 0x0e, 0x72, 0x49, 0x7c, 0x13, 0x68, 0x5a, 0xa5,
-    0x58, 0x72, 0x7f, 0x2d,
-};
-static const unsigned char kat87_nor_addin1[] = {
-    0x96, 0x82, 0xfa, 0x8b, 0x49, 0x8d, 0x85, 0x3f, 0x3b, 0x43, 0x64, 0x98,
-    0xaa, 0x68, 0x35, 0x8b,
-};
-static const unsigned char kat87_nor_retbytes[] = {
-    0xca, 0x10, 0x79, 0xd6, 0x86, 0x75, 0x4c, 0x55, 0x38, 0x82, 0xab, 0x96,
-    0x3d, 0xbd, 0x43, 0xa9, 0x53, 0xbc, 0x76, 0xbc, 0x77, 0x9b, 0x94, 0x5c,
-    0xf3, 0x80, 0xac, 0x6d, 0x38, 0xd2, 0x12, 0x44, 0xa1, 0xbc, 0x14, 0x63,
-    0x20, 0x21, 0x40, 0x41, 0xbb, 0xb5, 0x56, 0x04, 0x39, 0xfa, 0xb9, 0x97,
-    0x21, 0xcc, 0xdc, 0xa6, 0x4f, 0x79, 0xb5, 0x57, 0xf6, 0xcd, 0x1e, 0x05,
-    0x1c, 0x6b, 0x41, 0xd3, 0xa3, 0xbb, 0x86, 0x7c, 0xae, 0xdb, 0x45, 0x75,
-    0x74, 0x9c, 0x5c, 0xd4, 0x51, 0xb6, 0x95, 0xe3,
-};
-static const struct drbg_kat_no_reseed kat87_nor_t = {
-    11, kat87_nor_entropyin, kat87_nor_nonce, kat87_nor_persstr,
-    kat87_nor_addin0, kat87_nor_addin1, kat87_nor_retbytes
-};
-static const struct drbg_kat kat87_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat87_nor_t
-};
-
-static const unsigned char kat88_nor_entropyin[] = {
-    0xd7, 0xf7, 0x5f, 0x88, 0x96, 0xce, 0xcb, 0xd6, 0x49, 0x27, 0x32, 0x0d,
-    0xbb, 0xe7, 0xa7, 0x1c,
-};
-static const unsigned char kat88_nor_nonce[] = {
-    0xbb, 0x0e, 0x49, 0xae, 0x3b, 0x40, 0xe2, 0x8b,
-};
-static const unsigned char kat88_nor_persstr[] = {0};
-static const unsigned char kat88_nor_addin0[] = {
-    0xcd, 0xd3, 0x5d, 0x76, 0xe4, 0xdc, 0xec, 0xea, 0xe9, 0x18, 0xa3, 0xf5,
-    0x8d, 0xc1, 0x1a, 0xe2,
-};
-static const unsigned char kat88_nor_addin1[] = {
-    0xef, 0xdd, 0xd6, 0x12, 0x1e, 0x3f, 0x27, 0x66, 0x5e, 0x0e, 0x58, 0x5b,
-    0x03, 0x5f, 0x77, 0x1f,
-};
-static const unsigned char kat88_nor_retbytes[] = {
-    0x23, 0x6b, 0xf7, 0x25, 0x59, 0xc4, 0x8b, 0xa0, 0xea, 0x7d, 0x0d, 0x8a,
-    0x6c, 0x76, 0xe0, 0x6d, 0xbf, 0x96, 0x6a, 0xf7, 0xcc, 0x29, 0xb1, 0x68,
-    0xfd, 0x79, 0x8a, 0xec, 0xbb, 0x00, 0xdd, 0xda, 0x6e, 0x82, 0xcf, 0x03,
-    0xd4, 0x30, 0xe0, 0x83, 0xcb, 0x4f, 0xe4, 0x2a, 0x9e, 0xb5, 0x47, 0xe2,
-    0xc8, 0x2a, 0xd0, 0xdd, 0x62, 0x88, 0x2c, 0x17, 0x31, 0xde, 0x37, 0xe8,
-    0x87, 0x44, 0x19, 0xe8, 0x96, 0xa4, 0xa5, 0x3e, 0x44, 0x8e, 0x98, 0xa0,
-    0xb3, 0x08, 0x87, 0xa7, 0xfc, 0x8e, 0x50, 0xb5,
-};
-static const struct drbg_kat_no_reseed kat88_nor_t = {
-    12, kat88_nor_entropyin, kat88_nor_nonce, kat88_nor_persstr,
-    kat88_nor_addin0, kat88_nor_addin1, kat88_nor_retbytes
-};
-static const struct drbg_kat kat88_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat88_nor_t
-};
-
-static const unsigned char kat89_nor_entropyin[] = {
-    0x40, 0x84, 0xb0, 0x5f, 0xd6, 0x2d, 0xa1, 0x89, 0x02, 0x45, 0xed, 0x6b,
-    0xcc, 0xe6, 0xcd, 0x72,
-};
-static const unsigned char kat89_nor_nonce[] = {
-    0xcf, 0xc3, 0x62, 0xec, 0x0d, 0xbf, 0x23, 0xe0,
-};
-static const unsigned char kat89_nor_persstr[] = {0};
-static const unsigned char kat89_nor_addin0[] = {
-    0xa5, 0x29, 0x2a, 0x17, 0x23, 0x39, 0xa4, 0x29, 0x1f, 0xb3, 0x0b, 0x9a,
-    0x33, 0x25, 0xaa, 0x97,
-};
-static const unsigned char kat89_nor_addin1[] = {
-    0xea, 0xe3, 0xdd, 0x07, 0x3e, 0xdc, 0xf8, 0x4c, 0xaa, 0xc2, 0xf6, 0x16,
-    0x19, 0x73, 0xdd, 0xaa,
-};
-static const unsigned char kat89_nor_retbytes[] = {
-    0xb0, 0x30, 0x97, 0x4c, 0xd3, 0xf0, 0xa2, 0x12, 0x51, 0x82, 0x1b, 0xe6,
-    0x5a, 0x0a, 0x2c, 0x9d, 0x8b, 0xaa, 0xca, 0xaa, 0x06, 0x80, 0x4b, 0x6e,
-    0x74, 0xbf, 0xe0, 0x0b, 0xa0, 0x69, 0x1a, 0x05, 0x52, 0x11, 0xac, 0xbd,
-    0xeb, 0x2f, 0xa7, 0xda, 0x96, 0x41, 0xab, 0x4f, 0x8b, 0xbf, 0x74, 0xab,
-    0x30, 0x32, 0xa9, 0x8f, 0x24, 0x17, 0x69, 0x7f, 0xbd, 0xf8, 0x0d, 0x74,
-    0x88, 0x77, 0x52, 0x07, 0x26, 0x59, 0xf8, 0x17, 0xf1, 0x68, 0x17, 0x53,
-    0x41, 0xdd, 0xef, 0x5b, 0x6e, 0xfd, 0x9f, 0xb6,
-};
-static const struct drbg_kat_no_reseed kat89_nor_t = {
-    13, kat89_nor_entropyin, kat89_nor_nonce, kat89_nor_persstr,
-    kat89_nor_addin0, kat89_nor_addin1, kat89_nor_retbytes
-};
-static const struct drbg_kat kat89_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat89_nor_t
-};
-
-static const unsigned char kat90_nor_entropyin[] = {
-    0x46, 0xeb, 0xaf, 0x3f, 0xb0, 0x58, 0x3f, 0xc5, 0xb8, 0x01, 0x3e, 0x14,
-    0x58, 0x4c, 0xe7, 0x17,
-};
-static const unsigned char kat90_nor_nonce[] = {
-    0xd5, 0xd6, 0x8f, 0x69, 0x56, 0x7c, 0xb2, 0x90,
-};
-static const unsigned char kat90_nor_persstr[] = {0};
-static const unsigned char kat90_nor_addin0[] = {
-    0x32, 0xd0, 0x9b, 0x60, 0x4a, 0x65, 0xdc, 0x8d, 0xaa, 0x35, 0xcd, 0xc3,
-    0x41, 0x41, 0xb7, 0x51,
-};
-static const unsigned char kat90_nor_addin1[] = {
-    0xb8, 0x18, 0x6a, 0x29, 0x4c, 0x78, 0x24, 0xb7, 0xc5, 0x50, 0xc1, 0x05,
-    0x4b, 0xad, 0xec, 0x00,
-};
-static const unsigned char kat90_nor_retbytes[] = {
-    0xae, 0x9a, 0x09, 0x1c, 0xfa, 0xfb, 0xf0, 0xe7, 0x4c, 0x2b, 0xe8, 0xad,
-    0x4b, 0x98, 0x4e, 0x82, 0x4a, 0x24, 0xe6, 0x5b, 0xa7, 0x61, 0x0b, 0x0f,
-    0x3a, 0xb1, 0x75, 0x0e, 0x2f, 0x12, 0xde, 0x16, 0x20, 0xdb, 0x6b, 0xb8,
-    0xc4, 0x93, 0xb3, 0xd8, 0xb0, 0x6a, 0xb7, 0x8e, 0x69, 0xcf, 0x2d, 0xff,
-    0xd7, 0x3d, 0x43, 0x22, 0xa6, 0x7e, 0xe7, 0x72, 0x5a, 0xad, 0x84, 0xfb,
-    0x45, 0x8b, 0x8f, 0x26, 0xcf, 0x04, 0x84, 0x68, 0x50, 0x20, 0x2e, 0x53,
-    0xc8, 0x74, 0x21, 0x32, 0x21, 0xe7, 0x61, 0xe5,
-};
-static const struct drbg_kat_no_reseed kat90_nor_t = {
-    14, kat90_nor_entropyin, kat90_nor_nonce, kat90_nor_persstr,
-    kat90_nor_addin0, kat90_nor_addin1, kat90_nor_retbytes
-};
-static const struct drbg_kat kat90_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat90_nor_t
-};
-
-static const unsigned char kat91_nor_entropyin[] = {
-    0xf0, 0xfd, 0x21, 0x99, 0xc6, 0x25, 0x26, 0x28, 0x63, 0x99, 0x76, 0x62,
-    0x8c, 0xb7, 0x1c, 0x39,
-};
-static const unsigned char kat91_nor_nonce[] = {
-    0xe2, 0xda, 0xeb, 0xbc, 0x0c, 0xe7, 0xa1, 0x83,
-};
-static const unsigned char kat91_nor_persstr[] = {
-    0x5f, 0xa5, 0xee, 0xe4, 0xf3, 0x6f, 0x5d, 0x42, 0xf5, 0x93, 0xc5, 0x7d,
-    0xe8, 0x75, 0x43, 0xab,
-};
-static const unsigned char kat91_nor_addin0[] = {0};
-static const unsigned char kat91_nor_addin1[] = {0};
-static const unsigned char kat91_nor_retbytes[] = {
-    0x3e, 0x1a, 0x75, 0xdf, 0x86, 0x12, 0xb4, 0x0e, 0xce, 0xad, 0xe7, 0xa8,
-    0xc7, 0x3f, 0x0c, 0x11, 0xca, 0x40, 0x46, 0xa3, 0xa1, 0x3e, 0x15, 0x9a,
-    0xf3, 0xfb, 0x9b, 0x96, 0x9f, 0x38, 0x99, 0x4f, 0xd1, 0xbf, 0x68, 0x96,
-    0xa2, 0x68, 0x12, 0x55, 0x55, 0x93, 0x4a, 0xee, 0xa0, 0x14, 0x5a, 0x8a,
-    0x83, 0xa7, 0x80, 0xf2, 0xd7, 0x1c, 0x12, 0x68, 0x9c, 0xaa, 0x9f, 0xae,
-    0xc6, 0xd0, 0xd1, 0x98, 0x75, 0x8d, 0x4a, 0x06, 0x64, 0x25, 0x0b, 0xd4,
-    0xd8, 0x9f, 0xe9, 0x61, 0x4a, 0xdc, 0xa3, 0xe3,
-};
-static const struct drbg_kat_no_reseed kat91_nor_t = {
-    0, kat91_nor_entropyin, kat91_nor_nonce, kat91_nor_persstr,
-    kat91_nor_addin0, kat91_nor_addin1, kat91_nor_retbytes
-};
-static const struct drbg_kat kat91_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat91_nor_t
-};
-
-static const unsigned char kat92_nor_entropyin[] = {
-    0x75, 0xb8, 0xf6, 0x6d, 0xb0, 0x2e, 0x8a, 0x39, 0xd4, 0x8f, 0xf6, 0xbd,
-    0xb8, 0x64, 0x39, 0x2a,
-};
-static const unsigned char kat92_nor_nonce[] = {
-    0x19, 0x88, 0x3b, 0xc6, 0x81, 0x29, 0x39, 0x91,
-};
-static const unsigned char kat92_nor_persstr[] = {
-    0x1c, 0x5f, 0x89, 0x0d, 0xcf, 0x7c, 0x4c, 0x81, 0xfb, 0xe5, 0x9f, 0x12,
-    0xdf, 0xa4, 0x87, 0xbf,
-};
-static const unsigned char kat92_nor_addin0[] = {0};
-static const unsigned char kat92_nor_addin1[] = {0};
-static const unsigned char kat92_nor_retbytes[] = {
-    0x9a, 0x4d, 0x78, 0xb6, 0xee, 0x54, 0xbc, 0x20, 0x04, 0x88, 0xfb, 0xc5,
-    0x22, 0xd9, 0x67, 0xc6, 0xe3, 0x97, 0xb1, 0x2f, 0x29, 0xde, 0xdd, 0x2a,
-    0x44, 0xb4, 0xc2, 0xd2, 0xa5, 0xe0, 0xc5, 0xde, 0x7d, 0x19, 0xa5, 0xcd,
-    0x77, 0x8f, 0xb0, 0xa0, 0xcb, 0xe1, 0xd9, 0x89, 0x38, 0x65, 0xa3, 0x78,
-    0x38, 0x0d, 0x12, 0xb0, 0x58, 0x2c, 0x35, 0xbe, 0xfe, 0xba, 0xa1, 0x35,
-    0xda, 0x44, 0xdc, 0x08, 0x40, 0x31, 0x65, 0xa0, 0x01, 0xbb, 0x31, 0x80,
-    0xcf, 0xa5, 0x64, 0x49, 0x92, 0x11, 0x2f, 0x26,
-};
-static const struct drbg_kat_no_reseed kat92_nor_t = {
-    1, kat92_nor_entropyin, kat92_nor_nonce, kat92_nor_persstr,
-    kat92_nor_addin0, kat92_nor_addin1, kat92_nor_retbytes
-};
-static const struct drbg_kat kat92_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat92_nor_t
-};
-
-static const unsigned char kat93_nor_entropyin[] = {
-    0x8d, 0xdc, 0x1d, 0x1a, 0xa7, 0x3c, 0x79, 0x75, 0x02, 0xf9, 0x71, 0xbb,
-    0xd5, 0x9e, 0xfe, 0xc6,
-};
-static const unsigned char kat93_nor_nonce[] = {
-    0xe5, 0xb5, 0x4a, 0x7a, 0xf7, 0x6f, 0xb1, 0x20,
-};
-static const unsigned char kat93_nor_persstr[] = {
-    0x37, 0xec, 0x27, 0x25, 0x34, 0x7b, 0x49, 0x08, 0xab, 0xe8, 0xf6, 0x9e,
-    0x22, 0x83, 0x6d, 0x4b,
-};
-static const unsigned char kat93_nor_addin0[] = {0};
-static const unsigned char kat93_nor_addin1[] = {0};
-static const unsigned char kat93_nor_retbytes[] = {
-    0xbd, 0x96, 0x54, 0x9e, 0xd8, 0xc0, 0x94, 0xbb, 0x04, 0x38, 0x70, 0x42,
-    0x4d, 0x38, 0xa7, 0x14, 0x79, 0xe4, 0x4a, 0x3f, 0x47, 0xe9, 0x2e, 0xc0,
-    0x10, 0xa1, 0x01, 0x8a, 0xd5, 0xee, 0xaf, 0xe8, 0x32, 0xfd, 0xa5, 0x41,
-    0x55, 0x39, 0x48, 0xc9, 0x75, 0x54, 0x0a, 0xd8, 0xe7, 0x3a, 0xcb, 0x36,
-    0x48, 0x68, 0x14, 0x95, 0x04, 0xdf, 0x35, 0x74, 0xa0, 0x4b, 0x1c, 0x34,
-    0xfe, 0x7b, 0xd7, 0x00, 0x92, 0x11, 0xc2, 0x7f, 0x30, 0xcd, 0x34, 0xc1,
-    0xfd, 0xd4, 0x10, 0xb8, 0x32, 0x01, 0x94, 0x7a,
-};
-static const struct drbg_kat_no_reseed kat93_nor_t = {
-    2, kat93_nor_entropyin, kat93_nor_nonce, kat93_nor_persstr,
-    kat93_nor_addin0, kat93_nor_addin1, kat93_nor_retbytes
-};
-static const struct drbg_kat kat93_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat93_nor_t
-};
-
-static const unsigned char kat94_nor_entropyin[] = {
-    0x3c, 0x03, 0x46, 0x41, 0x29, 0xb1, 0x3d, 0x93, 0xe4, 0xbc, 0x07, 0xf5,
-    0x73, 0x1a, 0x59, 0xb6,
-};
-static const unsigned char kat94_nor_nonce[] = {
-    0x5f, 0xfe, 0xa1, 0x2f, 0xd5, 0xf6, 0x2d, 0xcc,
-};
-static const unsigned char kat94_nor_persstr[] = {
-    0x58, 0x82, 0x04, 0xa0, 0x22, 0x72, 0x7a, 0xfa, 0x3f, 0x94, 0xce, 0xb7,
-    0xbb, 0x8e, 0xdf, 0xbb,
-};
-static const unsigned char kat94_nor_addin0[] = {0};
-static const unsigned char kat94_nor_addin1[] = {0};
-static const unsigned char kat94_nor_retbytes[] = {
-    0x17, 0xa2, 0xfb, 0x65, 0xd6, 0x6d, 0x8a, 0x7f, 0x31, 0x92, 0x46, 0x38,
-    0xa9, 0x44, 0x51, 0x36, 0xca, 0x6e, 0x5b, 0xdc, 0x35, 0x99, 0xa5, 0x50,
-    0x1f, 0xfe, 0x97, 0x62, 0x89, 0x29, 0x7b, 0xe9, 0xee, 0x00, 0x28, 0x21,
-    0x59, 0x01, 0xb4, 0xdf, 0xe6, 0x64, 0x30, 0xfc, 0xa4, 0xb0, 0xe4, 0xc8,
-    0xf0, 0xe0, 0xc7, 0x4d, 0x98, 0x69, 0xb5, 0x8c, 0x7b, 0x67, 0xb5, 0xfa,
-    0xc5, 0x60, 0x34, 0x9f, 0x2c, 0x60, 0x31, 0x8c, 0x79, 0xa7, 0xf3, 0xc1,
-    0x43, 0xc5, 0xf6, 0x1c, 0xaa, 0x37, 0x14, 0xe5,
-};
-static const struct drbg_kat_no_reseed kat94_nor_t = {
-    3, kat94_nor_entropyin, kat94_nor_nonce, kat94_nor_persstr,
-    kat94_nor_addin0, kat94_nor_addin1, kat94_nor_retbytes
-};
-static const struct drbg_kat kat94_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat94_nor_t
-};
-
-static const unsigned char kat95_nor_entropyin[] = {
-    0x05, 0xb1, 0x7d, 0x99, 0x62, 0xee, 0x6b, 0xa8, 0xcf, 0xd6, 0xf5, 0xe8,
-    0x49, 0xb8, 0x45, 0x7b,
-};
-static const unsigned char kat95_nor_nonce[] = {
-    0xf6, 0xd7, 0xa5, 0xae, 0xa8, 0x8a, 0x24, 0xbe,
-};
-static const unsigned char kat95_nor_persstr[] = {
-    0x13, 0xd9, 0xc6, 0x0d, 0xe4, 0xb0, 0x4f, 0xc6, 0x3d, 0x07, 0x48, 0x5d,
-    0x0e, 0xb2, 0x33, 0x7b,
-};
-static const unsigned char kat95_nor_addin0[] = {0};
-static const unsigned char kat95_nor_addin1[] = {0};
-static const unsigned char kat95_nor_retbytes[] = {
-    0x80, 0xa2, 0x96, 0xe2, 0x08, 0x23, 0x24, 0xe1, 0xd7, 0xa8, 0x50, 0xab,
-    0xb5, 0xee, 0xc2, 0x36, 0x94, 0xae, 0x69, 0x53, 0x45, 0xd5, 0x7f, 0x07,
-    0xf3, 0xbc, 0x46, 0xc4, 0x2e, 0x5d, 0x80, 0x12, 0xb3, 0x7d, 0xad, 0xad,
-    0xac, 0xa5, 0xf1, 0xfc, 0xb0, 0x08, 0x8c, 0x59, 0x00, 0x50, 0x58, 0x9e,
-    0x5b, 0x10, 0xf8, 0xbf, 0xd9, 0x67, 0x22, 0xec, 0x0c, 0x56, 0x7b, 0x90,
-    0xbe, 0xa5, 0x65, 0xed, 0xbe, 0xdd, 0x41, 0x5b, 0xab, 0x2f, 0xa6, 0x30,
-    0xd9, 0x47, 0x38, 0xc4, 0x44, 0xdb, 0x14, 0xdc,
-};
-static const struct drbg_kat_no_reseed kat95_nor_t = {
-    4, kat95_nor_entropyin, kat95_nor_nonce, kat95_nor_persstr,
-    kat95_nor_addin0, kat95_nor_addin1, kat95_nor_retbytes
-};
-static const struct drbg_kat kat95_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat95_nor_t
-};
-
-static const unsigned char kat96_nor_entropyin[] = {
-    0xe5, 0x36, 0xcf, 0x01, 0x38, 0x56, 0x6d, 0x88, 0x52, 0x55, 0x65, 0xc6,
-    0xb6, 0xcd, 0x2f, 0x86,
-};
-static const unsigned char kat96_nor_nonce[] = {
-    0xd0, 0x48, 0xa5, 0x18, 0x56, 0x90, 0x27, 0xf9,
-};
-static const unsigned char kat96_nor_persstr[] = {
-    0x68, 0xe2, 0x28, 0x6e, 0xd4, 0x68, 0x33, 0x3e, 0xe2, 0x7c, 0x57, 0x34,
-    0x53, 0x56, 0x99, 0x94,
-};
-static const unsigned char kat96_nor_addin0[] = {0};
-static const unsigned char kat96_nor_addin1[] = {0};
-static const unsigned char kat96_nor_retbytes[] = {
-    0x61, 0x53, 0x84, 0xd1, 0x98, 0x2f, 0x75, 0xf8, 0xe8, 0xc0, 0x08, 0xfd,
-    0x65, 0x6b, 0x3b, 0xe0, 0x95, 0xdc, 0x6a, 0x1b, 0x15, 0x72, 0x5c, 0xdc,
-    0x22, 0x06, 0xab, 0xb5, 0xb0, 0xe7, 0xd7, 0x25, 0x14, 0xee, 0x4f, 0x47,
-    0x7d, 0x12, 0x0a, 0x4b, 0x1f, 0xa8, 0x1c, 0x40, 0xec, 0x88, 0xbc, 0x7c,
-    0xb4, 0x04, 0x8d, 0xf8, 0x3c, 0x94, 0xc7, 0xb2, 0xb6, 0xf7, 0xfd, 0x91,
-    0x6f, 0xfc, 0x17, 0x67, 0x81, 0x51, 0x7d, 0x4d, 0xec, 0xb9, 0xb8, 0xab,
-    0xe5, 0x3c, 0x22, 0x89, 0xdb, 0x4b, 0x41, 0xef,
-};
-static const struct drbg_kat_no_reseed kat96_nor_t = {
-    5, kat96_nor_entropyin, kat96_nor_nonce, kat96_nor_persstr,
-    kat96_nor_addin0, kat96_nor_addin1, kat96_nor_retbytes
-};
-static const struct drbg_kat kat96_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat96_nor_t
-};
-
-static const unsigned char kat97_nor_entropyin[] = {
-    0x0f, 0x48, 0xee, 0xcd, 0x99, 0x13, 0xb7, 0x10, 0x4f, 0xf8, 0xb8, 0x80,
-    0x0a, 0x2b, 0x13, 0x16,
-};
-static const unsigned char kat97_nor_nonce[] = {
-    0x6d, 0xe0, 0x36, 0xfe, 0x5a, 0x20, 0x1b, 0x5f,
-};
-static const unsigned char kat97_nor_persstr[] = {
-    0xd0, 0x0c, 0x23, 0x70, 0x30, 0xad, 0xba, 0x87, 0x4e, 0x1e, 0x6b, 0xcb,
-    0xcf, 0x2a, 0x47, 0xbf,
-};
-static const unsigned char kat97_nor_addin0[] = {0};
-static const unsigned char kat97_nor_addin1[] = {0};
-static const unsigned char kat97_nor_retbytes[] = {
-    0x36, 0xb7, 0x65, 0x62, 0xae, 0x5d, 0xc3, 0x05, 0x45, 0xe6, 0xce, 0x14,
-    0xdd, 0xbc, 0xe1, 0x23, 0x30, 0xf1, 0xcf, 0xea, 0x88, 0x22, 0x7b, 0x8e,
-    0xc1, 0x16, 0x54, 0xe6, 0x2b, 0x4e, 0x81, 0x06, 0x3a, 0x55, 0x74, 0x75,
-    0x81, 0x63, 0xf4, 0x47, 0x8a, 0x28, 0x38, 0xaf, 0x25, 0x83, 0xec, 0xe2,
-    0xe6, 0x9b, 0xfb, 0xf1, 0x45, 0x0f, 0x12, 0xac, 0x6e, 0x37, 0xa6, 0x94,
-    0x8e, 0x7e, 0xc3, 0x67, 0x16, 0xdb, 0x22, 0xc4, 0x05, 0x65, 0xb1, 0xa1,
-    0x6a, 0x4b, 0x06, 0xe2, 0x66, 0x59, 0xc3, 0x4f,
-};
-static const struct drbg_kat_no_reseed kat97_nor_t = {
-    6, kat97_nor_entropyin, kat97_nor_nonce, kat97_nor_persstr,
-    kat97_nor_addin0, kat97_nor_addin1, kat97_nor_retbytes
-};
-static const struct drbg_kat kat97_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat97_nor_t
-};
-
-static const unsigned char kat98_nor_entropyin[] = {
-    0x66, 0x29, 0x30, 0xe8, 0xba, 0xe1, 0x4d, 0x3b, 0xe8, 0x7d, 0x96, 0x54,
-    0x63, 0x5a, 0x20, 0x22,
-};
-static const unsigned char kat98_nor_nonce[] = {
-    0x38, 0x36, 0xf4, 0xd7, 0xa5, 0x08, 0x59, 0x5d,
-};
-static const unsigned char kat98_nor_persstr[] = {
-    0x74, 0x60, 0xd1, 0x6d, 0xa0, 0x1d, 0xfe, 0x50, 0x48, 0x70, 0xde, 0x63,
-    0xbd, 0x4c, 0xf6, 0x0c,
-};
-static const unsigned char kat98_nor_addin0[] = {0};
-static const unsigned char kat98_nor_addin1[] = {0};
-static const unsigned char kat98_nor_retbytes[] = {
-    0xc9, 0x9b, 0x9c, 0xea, 0x7f, 0x76, 0x10, 0xd5, 0x46, 0x32, 0xd3, 0x9b,
-    0x45, 0x75, 0x25, 0xdf, 0xf4, 0xf0, 0x1c, 0x57, 0x98, 0x9f, 0x50, 0x94,
-    0x9d, 0x18, 0x57, 0x99, 0x8f, 0x4a, 0xae, 0x14, 0xaa, 0xc5, 0x7a, 0x1c,
-    0xc7, 0xad, 0x51, 0x38, 0xe9, 0x70, 0xca, 0x67, 0x8a, 0x7d, 0x4c, 0xbd,
-    0x42, 0xc9, 0xd9, 0x61, 0xf1, 0x5b, 0x45, 0x66, 0x5d, 0xda, 0x08, 0xab,
-    0x2c, 0xb1, 0xea, 0xff, 0x68, 0x90, 0xc7, 0xb6, 0x26, 0x84, 0xe2, 0x94,
-    0xf6, 0xb3, 0x7f, 0x89, 0xf1, 0x11, 0x98, 0x35,
-};
-static const struct drbg_kat_no_reseed kat98_nor_t = {
-    7, kat98_nor_entropyin, kat98_nor_nonce, kat98_nor_persstr,
-    kat98_nor_addin0, kat98_nor_addin1, kat98_nor_retbytes
-};
-static const struct drbg_kat kat98_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat98_nor_t
-};
-
-static const unsigned char kat99_nor_entropyin[] = {
-    0x3e, 0xf0, 0x96, 0xac, 0x9e, 0x72, 0xa9, 0x61, 0xf5, 0x68, 0x90, 0xf4,
-    0xb5, 0x23, 0xf9, 0x5f,
-};
-static const unsigned char kat99_nor_nonce[] = {
-    0x1c, 0x10, 0x04, 0x01, 0xa4, 0x94, 0x02, 0xcb,
-};
-static const unsigned char kat99_nor_persstr[] = {
-    0xe2, 0x2d, 0x6f, 0x4b, 0x7f, 0xa5, 0x04, 0x63, 0xdb, 0x12, 0x13, 0x80,
-    0x44, 0xcc, 0xfd, 0x37,
-};
-static const unsigned char kat99_nor_addin0[] = {0};
-static const unsigned char kat99_nor_addin1[] = {0};
-static const unsigned char kat99_nor_retbytes[] = {
-    0x41, 0x38, 0x09, 0x17, 0x74, 0xbb, 0xf3, 0x94, 0xd9, 0x0b, 0x33, 0xc1,
-    0xb6, 0x60, 0x17, 0xd8, 0x42, 0xc7, 0xc5, 0xe7, 0x22, 0x1f, 0x57, 0xf5,
-    0x5e, 0xf0, 0xd6, 0x0d, 0xa4, 0x39, 0x8c, 0x50, 0xc7, 0xd2, 0xec, 0x98,
-    0x13, 0x17, 0x76, 0x73, 0xb9, 0xf3, 0x36, 0xa0, 0xb8, 0x5a, 0x25, 0xf8,
-    0x8e, 0x21, 0x56, 0xea, 0x5f, 0xb2, 0x25, 0x0b, 0x95, 0xeb, 0xc8, 0x79,
-    0xa5, 0xac, 0x58, 0x58, 0x4a, 0xf8, 0x09, 0x4c, 0x31, 0xd7, 0x71, 0x83,
-    0x5e, 0x26, 0x24, 0xd1, 0x1d, 0xb5, 0x01, 0x18,
-};
-static const struct drbg_kat_no_reseed kat99_nor_t = {
-    8, kat99_nor_entropyin, kat99_nor_nonce, kat99_nor_persstr,
-    kat99_nor_addin0, kat99_nor_addin1, kat99_nor_retbytes
-};
-static const struct drbg_kat kat99_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat99_nor_t
-};
-
-static const unsigned char kat100_nor_entropyin[] = {
-    0xa3, 0x00, 0x92, 0xb4, 0xf4, 0x81, 0xc7, 0x4e, 0xfa, 0x85, 0xa2, 0x83,
-    0x6a, 0x92, 0xdc, 0x2b,
-};
-static const unsigned char kat100_nor_nonce[] = {
-    0xcd, 0x22, 0xe3, 0xe3, 0xe7, 0x02, 0x1c, 0x08,
-};
-static const unsigned char kat100_nor_persstr[] = {
-    0x86, 0x02, 0xbf, 0x58, 0x9c, 0xf6, 0x70, 0xe6, 0xba, 0x78, 0x7b, 0x32,
-    0x15, 0x3b, 0x2d, 0x3a,
-};
-static const unsigned char kat100_nor_addin0[] = {0};
-static const unsigned char kat100_nor_addin1[] = {0};
-static const unsigned char kat100_nor_retbytes[] = {
-    0x67, 0x8f, 0x1b, 0xce, 0xdb, 0xc8, 0x5c, 0x20, 0x02, 0xe0, 0x4c, 0xf7,
-    0x8b, 0xa8, 0xa8, 0x9e, 0x7b, 0x1d, 0x56, 0xfe, 0xe4, 0x20, 0xd2, 0x15,
-    0xa0, 0xfb, 0xf3, 0x3e, 0x30, 0x1d, 0xe3, 0xf0, 0x75, 0xac, 0xde, 0xb3,
-    0x36, 0x3b, 0x3c, 0x6c, 0x5d, 0x73, 0xed, 0x1d, 0x5a, 0x28, 0x43, 0x75,
-    0xfc, 0x3b, 0x8b, 0x4c, 0x73, 0xa2, 0x74, 0x05, 0xd7, 0x57, 0x03, 0xea,
-    0x6b, 0xd9, 0xb2, 0x95, 0x14, 0x8b, 0xa9, 0xb7, 0x03, 0x63, 0x9c, 0xff,
-    0xee, 0x9b, 0x37, 0x80, 0x82, 0x31, 0x89, 0x40,
-};
-static const struct drbg_kat_no_reseed kat100_nor_t = {
-    9, kat100_nor_entropyin, kat100_nor_nonce, kat100_nor_persstr,
-    kat100_nor_addin0, kat100_nor_addin1, kat100_nor_retbytes
-};
-static const struct drbg_kat kat100_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat100_nor_t
-};
-
-static const unsigned char kat101_nor_entropyin[] = {
-    0x25, 0x16, 0xc2, 0x2a, 0xa5, 0xae, 0xcf, 0xb0, 0x65, 0x94, 0xdb, 0x80,
-    0x39, 0xfb, 0xab, 0x26,
-};
-static const unsigned char kat101_nor_nonce[] = {
-    0x2b, 0x52, 0xac, 0x33, 0x99, 0xc0, 0xd7, 0xb4,
-};
-static const unsigned char kat101_nor_persstr[] = {
-    0xed, 0x8c, 0xdb, 0xd1, 0x0a, 0x1f, 0xc7, 0xc4, 0x28, 0x0f, 0x39, 0x9a,
-    0x93, 0xb8, 0xe4, 0x7a,
-};
-static const unsigned char kat101_nor_addin0[] = {0};
-static const unsigned char kat101_nor_addin1[] = {0};
-static const unsigned char kat101_nor_retbytes[] = {
-    0xb9, 0x26, 0xbd, 0xf4, 0x38, 0xc6, 0xe3, 0x06, 0xa9, 0xac, 0x00, 0x84,
-    0x29, 0x4c, 0x1a, 0x97, 0xef, 0x13, 0x68, 0xe1, 0x06, 0x24, 0x4e, 0xdd,
-    0x40, 0x66, 0x24, 0x8a, 0x20, 0xd4, 0xf8, 0xd6, 0x01, 0xe4, 0x35, 0x83,
-    0xb6, 0x82, 0xaf, 0xed, 0x51, 0x89, 0xf5, 0x1b, 0x6f, 0x06, 0xae, 0x00,
-    0x44, 0x14, 0xcc, 0x66, 0x8c, 0x08, 0x2f, 0x88, 0x45, 0xa7, 0x07, 0x5e,
-    0x5d, 0x39, 0x23, 0x15, 0x8f, 0xdd, 0x83, 0x77, 0xd1, 0x73, 0x51, 0xb9,
-    0xd9, 0x24, 0xc8, 0xb8, 0xf3, 0x8b, 0xea, 0x4d,
-};
-static const struct drbg_kat_no_reseed kat101_nor_t = {
-    10, kat101_nor_entropyin, kat101_nor_nonce, kat101_nor_persstr,
-    kat101_nor_addin0, kat101_nor_addin1, kat101_nor_retbytes
-};
-static const struct drbg_kat kat101_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat101_nor_t
-};
-
-static const unsigned char kat102_nor_entropyin[] = {
-    0x35, 0xed, 0xf0, 0x13, 0xd8, 0x0e, 0xec, 0x2d, 0x3b, 0x78, 0x57, 0x26,
-    0x62, 0x9e, 0xe0, 0x74,
-};
-static const unsigned char kat102_nor_nonce[] = {
-    0x14, 0x9c, 0x12, 0x60, 0xbd, 0x2b, 0x1d, 0x9c,
-};
-static const unsigned char kat102_nor_persstr[] = {
-    0x92, 0x12, 0xa9, 0x5a, 0x4c, 0xf0, 0x85, 0x5e, 0x3e, 0xe8, 0xc5, 0x25,
-    0x79, 0x14, 0xea, 0x36,
-};
-static const unsigned char kat102_nor_addin0[] = {0};
-static const unsigned char kat102_nor_addin1[] = {0};
-static const unsigned char kat102_nor_retbytes[] = {
-    0x91, 0x0b, 0xfa, 0x60, 0x25, 0x83, 0xb1, 0xfa, 0x5c, 0x05, 0x91, 0x8d,
-    0x34, 0x53, 0xac, 0x7e, 0xfc, 0x16, 0x30, 0x40, 0xcd, 0x34, 0x5f, 0xdd,
-    0x2b, 0x5b, 0x34, 0x2d, 0x0d, 0xd6, 0xf4, 0x2e, 0xb2, 0xf8, 0x47, 0x93,
-    0x27, 0x12, 0xcf, 0x12, 0x19, 0xae, 0x29, 0x76, 0x65, 0x32, 0xab, 0x16,
-    0xe6, 0xd8, 0x11, 0x2c, 0xd6, 0xfe, 0xac, 0x56, 0x9f, 0x3e, 0x99, 0x42,
-    0xc0, 0x45, 0x0b, 0x9f, 0xcc, 0xa2, 0x2c, 0xb9, 0x50, 0x4b, 0x28, 0x90,
-    0x94, 0xc9, 0x6d, 0x5d, 0x1a, 0x7f, 0x7c, 0x3b,
-};
-static const struct drbg_kat_no_reseed kat102_nor_t = {
-    11, kat102_nor_entropyin, kat102_nor_nonce, kat102_nor_persstr,
-    kat102_nor_addin0, kat102_nor_addin1, kat102_nor_retbytes
-};
-static const struct drbg_kat kat102_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat102_nor_t
-};
-
-static const unsigned char kat103_nor_entropyin[] = {
-    0x88, 0xeb, 0xea, 0x4a, 0xd8, 0x8d, 0x9e, 0x35, 0x18, 0x7c, 0xc7, 0x05,
-    0x03, 0xd7, 0x73, 0xf5,
-};
-static const unsigned char kat103_nor_nonce[] = {
-    0x53, 0xad, 0x0f, 0x40, 0xfa, 0xcc, 0x3f, 0x98,
-};
-static const unsigned char kat103_nor_persstr[] = {
-    0x80, 0x95, 0xd8, 0xab, 0x6b, 0x61, 0x7f, 0xa1, 0xd1, 0x15, 0xd1, 0xbf,
-    0xe5, 0x17, 0xf4, 0xef,
-};
-static const unsigned char kat103_nor_addin0[] = {0};
-static const unsigned char kat103_nor_addin1[] = {0};
-static const unsigned char kat103_nor_retbytes[] = {
-    0x25, 0x6c, 0x83, 0x77, 0x81, 0xfa, 0x60, 0xcd, 0x1f, 0x77, 0x5d, 0xb1,
-    0xd4, 0xd7, 0xb7, 0x65, 0xad, 0xbb, 0x3b, 0xb5, 0xda, 0xcc, 0x17, 0x16,
-    0xd3, 0x9e, 0xfd, 0x71, 0x8f, 0x8e, 0x99, 0x95, 0x66, 0xf0, 0x9c, 0xeb,
-    0xc1, 0xd8, 0xd0, 0x38, 0xc6, 0x3a, 0x31, 0x92, 0xd6, 0xab, 0xab, 0xf5,
-    0xb3, 0xeb, 0x38, 0xf8, 0x79, 0x56, 0x62, 0xbe, 0x59, 0x4e, 0x63, 0x58,
-    0x9d, 0x7a, 0xdc, 0xe5, 0x78, 0x84, 0xab, 0x62, 0xdc, 0x40, 0x99, 0xc4,
-    0x9c, 0x1d, 0x25, 0xe8, 0x8a, 0x99, 0x28, 0x3f,
-};
-static const struct drbg_kat_no_reseed kat103_nor_t = {
-    12, kat103_nor_entropyin, kat103_nor_nonce, kat103_nor_persstr,
-    kat103_nor_addin0, kat103_nor_addin1, kat103_nor_retbytes
-};
-static const struct drbg_kat kat103_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat103_nor_t
-};
-
-static const unsigned char kat104_nor_entropyin[] = {
-    0x7e, 0x9d, 0x7f, 0x2d, 0x74, 0x9f, 0xd4, 0x46, 0x74, 0x71, 0x4d, 0x0f,
-    0x6b, 0x09, 0x8b, 0x47,
-};
-static const unsigned char kat104_nor_nonce[] = {
-    0x29, 0x70, 0xb7, 0x16, 0xb2, 0x11, 0x68, 0x95,
-};
-static const unsigned char kat104_nor_persstr[] = {
-    0x57, 0xac, 0xd2, 0x52, 0x0d, 0x9e, 0xbf, 0xb7, 0x62, 0xb7, 0x59, 0xb9,
-    0x98, 0xfe, 0x5f, 0x36,
-};
-static const unsigned char kat104_nor_addin0[] = {0};
-static const unsigned char kat104_nor_addin1[] = {0};
-static const unsigned char kat104_nor_retbytes[] = {
-    0xea, 0x84, 0x63, 0x03, 0xd9, 0xe1, 0xac, 0x84, 0x69, 0xfe, 0xd0, 0x16,
-    0x3d, 0xeb, 0x49, 0xc6, 0xd6, 0xf6, 0x9d, 0xa2, 0x44, 0x3d, 0xd3, 0x1b,
-    0x66, 0xc7, 0x28, 0x55, 0xac, 0x30, 0xe7, 0xc0, 0x2e, 0x06, 0x55, 0x8d,
-    0x78, 0xe7, 0x33, 0xd9, 0xf5, 0xa0, 0xf6, 0xe5, 0x27, 0x63, 0x63, 0x9c,
-    0xc2, 0xb8, 0xc4, 0xc0, 0xe0, 0x5b, 0x8c, 0x69, 0xf6, 0xa3, 0xdd, 0x84,
-    0x06, 0x39, 0x97, 0x66, 0x3e, 0xd5, 0xf4, 0xe6, 0x90, 0xdd, 0xbb, 0x86,
-    0x42, 0x38, 0x0f, 0x8e, 0x8c, 0x9a, 0xa8, 0xa2,
-};
-static const struct drbg_kat_no_reseed kat104_nor_t = {
-    13, kat104_nor_entropyin, kat104_nor_nonce, kat104_nor_persstr,
-    kat104_nor_addin0, kat104_nor_addin1, kat104_nor_retbytes
-};
-static const struct drbg_kat kat104_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat104_nor_t
-};
-
-static const unsigned char kat105_nor_entropyin[] = {
-    0xd2, 0x0b, 0x5e, 0xd7, 0x01, 0x18, 0xec, 0xfe, 0xb2, 0xdc, 0xfe, 0x8c,
-    0xfd, 0x7e, 0x6b, 0x6e,
-};
-static const unsigned char kat105_nor_nonce[] = {
-    0x83, 0x68, 0xee, 0x0e, 0x29, 0xd3, 0x5c, 0x67,
-};
-static const unsigned char kat105_nor_persstr[] = {
-    0xf1, 0x89, 0xa8, 0x0d, 0x56, 0x19, 0xf5, 0x3c, 0xce, 0x87, 0x8e, 0xd5,
-    0x75, 0x22, 0xa4, 0x68,
-};
-static const unsigned char kat105_nor_addin0[] = {0};
-static const unsigned char kat105_nor_addin1[] = {0};
-static const unsigned char kat105_nor_retbytes[] = {
-    0xae, 0xac, 0x59, 0x33, 0x06, 0x5c, 0x33, 0xce, 0x2a, 0xce, 0x25, 0x31,
-    0xa1, 0x93, 0xe3, 0x67, 0xf7, 0x3c, 0x83, 0xfc, 0x32, 0x8f, 0x61, 0xee,
-    0x26, 0x27, 0xf6, 0xf3, 0x84, 0x19, 0x14, 0xc6, 0xb8, 0xa3, 0xff, 0x76,
-    0x7f, 0x96, 0xb3, 0xc3, 0xb6, 0x85, 0xba, 0xc9, 0x31, 0xaf, 0x9e, 0xc1,
-    0x0c, 0x6f, 0x3e, 0xfe, 0x25, 0xb5, 0x10, 0x9b, 0xb6, 0x47, 0xb1, 0x20,
-    0xe3, 0xa3, 0xf6, 0x97, 0x1a, 0x4e, 0xc4, 0x1f, 0x4e, 0xf0, 0xc7, 0xa9,
-    0x00, 0xfd, 0xb0, 0x9d, 0x7f, 0xf3, 0xb2, 0x47,
-};
-static const struct drbg_kat_no_reseed kat105_nor_t = {
-    14, kat105_nor_entropyin, kat105_nor_nonce, kat105_nor_persstr,
-    kat105_nor_addin0, kat105_nor_addin1, kat105_nor_retbytes
-};
-static const struct drbg_kat kat105_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat105_nor_t
-};
-
-static const unsigned char kat106_nor_entropyin[] = {
-    0xef, 0x3e, 0xb1, 0xe6, 0x3f, 0x98, 0x78, 0xd6, 0x29, 0x84, 0x87, 0x67,
-    0x12, 0xe7, 0x6e, 0x56,
-};
-static const unsigned char kat106_nor_nonce[] = {
-    0xf9, 0x59, 0xd3, 0x16, 0x50, 0x36, 0x4e, 0x70,
-};
-static const unsigned char kat106_nor_persstr[] = {
-    0xfc, 0xfe, 0x42, 0xc0, 0xc6, 0x5b, 0xbd, 0xc4, 0xa2, 0x9e, 0xb0, 0xb5,
-    0x98, 0x35, 0x3e, 0x17,
-};
-static const unsigned char kat106_nor_addin0[] = {
-    0xd2, 0x18, 0xda, 0x50, 0x1f, 0xa0, 0x9b, 0x43, 0xed, 0x8e, 0x2f, 0xb8,
-    0xc3, 0xec, 0xc5, 0x64,
-};
-static const unsigned char kat106_nor_addin1[] = {
-    0x24, 0x79, 0xf4, 0x33, 0x0a, 0xf9, 0x91, 0x0d, 0x74, 0x08, 0x40, 0x46,
-    0x90, 0xd8, 0xeb, 0x93,
-};
-static const unsigned char kat106_nor_retbytes[] = {
-    0x5d, 0xe8, 0x1d, 0x92, 0xcd, 0xdd, 0xb3, 0xec, 0x23, 0x60, 0x37, 0xf4,
-    0xdc, 0x80, 0xd6, 0xc7, 0x78, 0xca, 0x72, 0xe1, 0x28, 0x41, 0x1a, 0x64,
-    0x68, 0x9f, 0x26, 0xa2, 0x43, 0xfb, 0x2b, 0x6f, 0xc5, 0x44, 0x11, 0xee,
-    0x9f, 0x41, 0x7b, 0x1e, 0x11, 0x37, 0x60, 0x13, 0x9a, 0xe4, 0xb2, 0xf8,
-    0x0d, 0x74, 0x75, 0xb6, 0x66, 0xaf, 0x16, 0xf8, 0x7b, 0xad, 0xc5, 0x8e,
-    0x53, 0x04, 0x6e, 0xe6, 0x05, 0xae, 0x96, 0x06, 0xba, 0x97, 0x43, 0xc5,
-    0xe5, 0x7a, 0x69, 0x59, 0xbe, 0xbe, 0xb3, 0xa8,
-};
-static const struct drbg_kat_no_reseed kat106_nor_t = {
-    0, kat106_nor_entropyin, kat106_nor_nonce, kat106_nor_persstr,
-    kat106_nor_addin0, kat106_nor_addin1, kat106_nor_retbytes
-};
-static const struct drbg_kat kat106_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat106_nor_t
-};
-
-static const unsigned char kat107_nor_entropyin[] = {
-    0x74, 0x80, 0xaf, 0xff, 0x27, 0x4e, 0x31, 0x88, 0xc6, 0xc6, 0x86, 0x28,
-    0xfc, 0x31, 0x5c, 0x0b,
-};
-static const unsigned char kat107_nor_nonce[] = {
-    0xfd, 0x5e, 0xbb, 0xed, 0xaa, 0xdb, 0x6a, 0xe4,
-};
-static const unsigned char kat107_nor_persstr[] = {
-    0x1c, 0xab, 0x57, 0x35, 0xb2, 0x49, 0xe5, 0x50, 0xff, 0x36, 0x09, 0xef,
-    0xe8, 0x9d, 0xbc, 0x9e,
-};
-static const unsigned char kat107_nor_addin0[] = {
-    0x83, 0x4e, 0xa3, 0xf1, 0x5f, 0x77, 0x3e, 0x6d, 0x9c, 0x27, 0xfa, 0x78,
-    0x7a, 0xa6, 0x58, 0x86,
-};
-static const unsigned char kat107_nor_addin1[] = {
-    0x85, 0xcb, 0x35, 0xd2, 0xe7, 0xcc, 0xef, 0x7d, 0x22, 0xe1, 0x63, 0x85,
-    0x54, 0x22, 0x89, 0x12,
-};
-static const unsigned char kat107_nor_retbytes[] = {
-    0xf8, 0xb0, 0x50, 0x22, 0x4e, 0xe8, 0x90, 0xde, 0xfa, 0xf9, 0xaa, 0x7d,
-    0xc5, 0x0b, 0x0e, 0x3a, 0xda, 0xcc, 0x51, 0xf5, 0xd2, 0xb5, 0x4f, 0xbd,
-    0x1c, 0xf9, 0x95, 0x25, 0x68, 0x18, 0x76, 0xd2, 0x1e, 0x5c, 0x45, 0x27,
-    0x1f, 0x8a, 0x8e, 0x9e, 0xf8, 0x98, 0x70, 0xe5, 0x21, 0x42, 0xa7, 0xf9,
-    0x90, 0xaf, 0xd4, 0x86, 0x89, 0x59, 0x12, 0xc3, 0xd4, 0x56, 0xdb, 0xc1,
-    0x3e, 0x89, 0xb2, 0x86, 0x38, 0xe9, 0xa3, 0x13, 0x0e, 0x80, 0x8d, 0xdb,
-    0xae, 0x96, 0xde, 0x74, 0xb3, 0xdc, 0x16, 0x17,
-};
-static const struct drbg_kat_no_reseed kat107_nor_t = {
-    1, kat107_nor_entropyin, kat107_nor_nonce, kat107_nor_persstr,
-    kat107_nor_addin0, kat107_nor_addin1, kat107_nor_retbytes
-};
-static const struct drbg_kat kat107_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat107_nor_t
-};
-
-static const unsigned char kat108_nor_entropyin[] = {
-    0x72, 0x66, 0xe7, 0xe0, 0xa7, 0xad, 0x02, 0x52, 0xd2, 0x7b, 0x82, 0xa0,
-    0x28, 0x98, 0x58, 0xd4,
-};
-static const unsigned char kat108_nor_nonce[] = {
-    0xb0, 0x2a, 0xa9, 0x20, 0x33, 0xb4, 0x04, 0x5b,
-};
-static const unsigned char kat108_nor_persstr[] = {
-    0xd0, 0xd2, 0x24, 0x78, 0xc0, 0x69, 0xde, 0xda, 0x19, 0x7e, 0x73, 0x51,
-    0xed, 0xfd, 0x6a, 0x0c,
-};
-static const unsigned char kat108_nor_addin0[] = {
-    0x36, 0x99, 0x12, 0x64, 0xcb, 0xc2, 0x17, 0x1d, 0x2e, 0x3f, 0xc9, 0x56,
-    0xc2, 0xd8, 0x1f, 0x57,
-};
-static const unsigned char kat108_nor_addin1[] = {
-    0xe4, 0xe2, 0xe9, 0x76, 0xbf, 0x83, 0x36, 0x95, 0xe0, 0xbb, 0xae, 0xa1,
-    0xd9, 0x2b, 0xed, 0x7b,
-};
-static const unsigned char kat108_nor_retbytes[] = {
-    0x06, 0xc9, 0xff, 0x2a, 0x14, 0x8a, 0x9b, 0x5f, 0x08, 0x0f, 0xd0, 0xfd,
-    0x77, 0x42, 0xde, 0xe9, 0x1e, 0x5f, 0x1b, 0x4b, 0xff, 0x6f, 0xc4, 0xad,
-    0x27, 0x46, 0x38, 0xac, 0xa0, 0x7e, 0x9e, 0xeb, 0xc2, 0x2d, 0x48, 0x47,
-    0x33, 0xc8, 0x27, 0xb6, 0x1f, 0x47, 0xc6, 0xd0, 0xc4, 0x4b, 0x33, 0xdd,
-    0xbb, 0xec, 0x1f, 0x2a, 0xb3, 0xad, 0x00, 0x42, 0xdd, 0x50, 0x1a, 0xee,
-    0xe2, 0xc9, 0x19, 0xaf, 0x26, 0x63, 0x51, 0xe2, 0xf0, 0x70, 0xce, 0xe6,
-    0xe7, 0x28, 0x8c, 0x30, 0x6b, 0x8f, 0x84, 0xd3,
-};
-static const struct drbg_kat_no_reseed kat108_nor_t = {
-    2, kat108_nor_entropyin, kat108_nor_nonce, kat108_nor_persstr,
-    kat108_nor_addin0, kat108_nor_addin1, kat108_nor_retbytes
-};
-static const struct drbg_kat kat108_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat108_nor_t
-};
-
-static const unsigned char kat109_nor_entropyin[] = {
-    0x7c, 0x6c, 0x0d, 0x59, 0x1b, 0x81, 0xbd, 0x60, 0x16, 0x02, 0xf1, 0xf3,
-    0xbe, 0x60, 0xa0, 0x53,
-};
-static const unsigned char kat109_nor_nonce[] = {
-    0x84, 0xe2, 0xd7, 0xb9, 0xd8, 0x0a, 0xf9, 0xe2,
-};
-static const unsigned char kat109_nor_persstr[] = {
-    0xe9, 0x6d, 0x18, 0x31, 0x21, 0x23, 0x9b, 0xa3, 0x50, 0x56, 0x26, 0x4e,
-    0x73, 0xed, 0xbe, 0x79,
-};
-static const unsigned char kat109_nor_addin0[] = {
-    0x67, 0x3f, 0x40, 0x9a, 0x0e, 0x13, 0x3c, 0x6f, 0x37, 0xf2, 0xf3, 0xc3,
-    0xa3, 0x0e, 0xf0, 0xdc,
-};
-static const unsigned char kat109_nor_addin1[] = {
-    0xc2, 0x68, 0x10, 0x12, 0x11, 0x61, 0xf3, 0xe0, 0x8c, 0x85, 0x4c, 0x29,
-    0x9a, 0x3c, 0x5b, 0x45,
-};
-static const unsigned char kat109_nor_retbytes[] = {
-    0x7b, 0x1c, 0x78, 0x4c, 0xce, 0x23, 0x8d, 0xa7, 0x65, 0x18, 0x4c, 0x6f,
-    0xc0, 0x3f, 0x2b, 0xf5, 0x82, 0xd2, 0x65, 0x2c, 0x5b, 0x76, 0x3d, 0x42,
-    0x5b, 0x5b, 0xe9, 0x32, 0xbd, 0x3d, 0x75, 0x65, 0xaa, 0xd0, 0x1e, 0xb9,
-    0x02, 0x13, 0xd0, 0x0f, 0xd1, 0xd3, 0x8c, 0x59, 0xdf, 0xb3, 0xd5, 0xcd,
-    0x92, 0xcf, 0x8a, 0x0b, 0x67, 0x6d, 0xe1, 0xc1, 0x13, 0xd7, 0xc5, 0x67,
-    0xac, 0x92, 0xb8, 0x52, 0x85, 0x12, 0x10, 0xb6, 0x20, 0x7e, 0x48, 0x4f,
-    0xdf, 0x4a, 0x3a, 0x62, 0x44, 0xa2, 0xff, 0xae,
-};
-static const struct drbg_kat_no_reseed kat109_nor_t = {
-    3, kat109_nor_entropyin, kat109_nor_nonce, kat109_nor_persstr,
-    kat109_nor_addin0, kat109_nor_addin1, kat109_nor_retbytes
-};
-static const struct drbg_kat kat109_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat109_nor_t
-};
-
-static const unsigned char kat110_nor_entropyin[] = {
-    0x5f, 0x6a, 0xd5, 0xae, 0xfc, 0xc3, 0x9b, 0x33, 0x19, 0xaa, 0x7e, 0xda,
-    0xbd, 0x5c, 0x3b, 0x5b,
-};
-static const unsigned char kat110_nor_nonce[] = {
-    0xdc, 0xbe, 0xe7, 0x5d, 0xb3, 0x07, 0xb6, 0xf5,
-};
-static const unsigned char kat110_nor_persstr[] = {
-    0x6b, 0xc3, 0xfb, 0x02, 0x3c, 0x6f, 0xd9, 0xce, 0xb6, 0x5e, 0xac, 0xce,
-    0xaa, 0x5c, 0x4e, 0x76,
-};
-static const unsigned char kat110_nor_addin0[] = {
-    0x8e, 0x9b, 0xa1, 0xa1, 0xf6, 0xa7, 0x31, 0x5b, 0x7b, 0x5c, 0x55, 0x7a,
-    0xb0, 0x0c, 0x68, 0xd7,
-};
-static const unsigned char kat110_nor_addin1[] = {
-    0xe5, 0x4b, 0xfb, 0xf4, 0x41, 0x51, 0x04, 0xe4, 0x76, 0xcc, 0x9f, 0x37,
-    0xc5, 0x0e, 0xde, 0xa7,
-};
-static const unsigned char kat110_nor_retbytes[] = {
-    0x33, 0x71, 0x86, 0x66, 0x66, 0xc2, 0xca, 0xbf, 0x02, 0x8f, 0x88, 0x8a,
-    0xb1, 0x2b, 0x6a, 0xec, 0xe4, 0x3a, 0x7b, 0x20, 0x21, 0xd8, 0x09, 0x8e,
-    0xcc, 0x42, 0x3c, 0x3e, 0x72, 0x60, 0x0b, 0xf4, 0x9a, 0xed, 0xc7, 0x1d,
-    0x24, 0xda, 0x4c, 0x7d, 0x99, 0x2a, 0x7c, 0xe1, 0x58, 0x96, 0xf7, 0xae,
-    0x11, 0xb3, 0x24, 0xfe, 0xc9, 0x3d, 0x76, 0x15, 0x0b, 0x13, 0x89, 0x2b,
-    0x00, 0xe9, 0x11, 0x02, 0x6a, 0xc8, 0xe3, 0x54, 0x3b, 0xbb, 0xd0, 0xca,
-    0xf1, 0x99, 0x6d, 0x9e, 0x07, 0xb0, 0x49, 0xb4,
-};
-static const struct drbg_kat_no_reseed kat110_nor_t = {
-    4, kat110_nor_entropyin, kat110_nor_nonce, kat110_nor_persstr,
-    kat110_nor_addin0, kat110_nor_addin1, kat110_nor_retbytes
-};
-static const struct drbg_kat kat110_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat110_nor_t
-};
-
-static const unsigned char kat111_nor_entropyin[] = {
-    0x7f, 0x26, 0x7c, 0x4c, 0xb0, 0x7d, 0x85, 0xba, 0xc0, 0x61, 0x4d, 0xdd,
-    0xd4, 0xd8, 0x9d, 0x80,
-};
-static const unsigned char kat111_nor_nonce[] = {
-    0xd8, 0x19, 0xac, 0x8c, 0x6b, 0x43, 0xfd, 0x61,
-};
-static const unsigned char kat111_nor_persstr[] = {
-    0x61, 0x7d, 0x25, 0x87, 0x40, 0xd8, 0xab, 0x7c, 0xb2, 0xc6, 0x32, 0xb6,
-    0x37, 0x2e, 0xf3, 0xae,
-};
-static const unsigned char kat111_nor_addin0[] = {
-    0x3a, 0x29, 0x9f, 0xd0, 0x7e, 0x86, 0x11, 0xe1, 0xc3, 0xbb, 0xff, 0xac,
-    0x00, 0x1a, 0xdb, 0x2c,
-};
-static const unsigned char kat111_nor_addin1[] = {
-    0x94, 0xf5, 0xbf, 0xb5, 0x3e, 0x32, 0x03, 0xb2, 0x12, 0xbf, 0xfd, 0x88,
-    0x69, 0x5c, 0xfb, 0x58,
-};
-static const unsigned char kat111_nor_retbytes[] = {
-    0x46, 0x8b, 0xed, 0xcb, 0xb2, 0xf9, 0xc6, 0xde, 0xb8, 0x14, 0x18, 0x88,
-    0xa7, 0x58, 0xbd, 0x79, 0x31, 0xef, 0x12, 0x8d, 0xe4, 0xe6, 0x78, 0xbe,
-    0x99, 0x85, 0x29, 0x8c, 0x26, 0x64, 0xd3, 0x39, 0x99, 0xd6, 0x83, 0x42,
-    0xa0, 0x74, 0x7a, 0xcf, 0x18, 0xdf, 0xfc, 0xab, 0xc3, 0x2a, 0x0c, 0x09,
-    0xce, 0x7c, 0x65, 0x22, 0x67, 0x3b, 0x67, 0x39, 0xef, 0xe6, 0x6c, 0xc2,
-    0x5b, 0x28, 0xc0, 0x6e, 0x86, 0x77, 0xab, 0x3c, 0x6f, 0x1e, 0x38, 0x40,
-    0x85, 0x2d, 0x24, 0x5e, 0x05, 0x53, 0xca, 0x47,
-};
-static const struct drbg_kat_no_reseed kat111_nor_t = {
-    5, kat111_nor_entropyin, kat111_nor_nonce, kat111_nor_persstr,
-    kat111_nor_addin0, kat111_nor_addin1, kat111_nor_retbytes
-};
-static const struct drbg_kat kat111_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat111_nor_t
-};
-
-static const unsigned char kat112_nor_entropyin[] = {
-    0x85, 0x89, 0x23, 0xf0, 0x5c, 0x1a, 0x1a, 0x93, 0x70, 0xc4, 0x95, 0xfc,
-    0x84, 0x02, 0x58, 0x9d,
-};
-static const unsigned char kat112_nor_nonce[] = {
-    0xa8, 0x8f, 0x68, 0x8f, 0x22, 0xe8, 0xbd, 0x53,
-};
-static const unsigned char kat112_nor_persstr[] = {
-    0x4c, 0xc6, 0x8f, 0x42, 0x20, 0x6a, 0xfd, 0x82, 0x60, 0x8d, 0xdf, 0x9f,
-    0x18, 0x50, 0x73, 0x98,
-};
-static const unsigned char kat112_nor_addin0[] = {
-    0x46, 0x70, 0x63, 0x1a, 0x5d, 0x2f, 0xbd, 0x86, 0xf5, 0x84, 0x87, 0x60,
-    0x3b, 0x88, 0x00, 0x65,
-};
-static const unsigned char kat112_nor_addin1[] = {
-    0x34, 0xf7, 0xb4, 0xc9, 0x2b, 0xa1, 0xaa, 0x90, 0x0f, 0x7b, 0xc6, 0x76,
-    0xc2, 0x8f, 0x42, 0x83,
-};
-static const unsigned char kat112_nor_retbytes[] = {
-    0xa3, 0x91, 0xbb, 0x3c, 0x2f, 0x2c, 0xbd, 0xe7, 0xda, 0xbd, 0x18, 0xa7,
-    0x2b, 0x4e, 0x29, 0xb3, 0xb5, 0xc1, 0x1d, 0x07, 0xc5, 0xc7, 0x7a, 0x6b,
-    0x34, 0xe9, 0x30, 0xf2, 0x80, 0x4d, 0x3a, 0xbd, 0x5a, 0xf4, 0x5f, 0x41,
-    0x02, 0xad, 0x1e, 0x41, 0xda, 0x51, 0x25, 0x72, 0xed, 0x94, 0xd9, 0xd3,
-    0x31, 0x7a, 0xc9, 0xc7, 0x6b, 0xd5, 0x6a, 0x0f, 0x10, 0xff, 0x10, 0xca,
-    0x7a, 0x8b, 0xeb, 0x59, 0x2d, 0xc3, 0xc8, 0xa0, 0x17, 0x03, 0x0b, 0x0b,
-    0x19, 0x0a, 0x7a, 0xbd, 0x50, 0x6e, 0xa5, 0x9b,
-};
-static const struct drbg_kat_no_reseed kat112_nor_t = {
-    6, kat112_nor_entropyin, kat112_nor_nonce, kat112_nor_persstr,
-    kat112_nor_addin0, kat112_nor_addin1, kat112_nor_retbytes
-};
-static const struct drbg_kat kat112_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat112_nor_t
-};
-
-static const unsigned char kat113_nor_entropyin[] = {
-    0x31, 0x7d, 0xdf, 0xb1, 0xa0, 0x1b, 0xb0, 0xe1, 0x47, 0xea, 0xae, 0xd3,
-    0x75, 0x99, 0x97, 0x30,
-};
-static const unsigned char kat113_nor_nonce[] = {
-    0xd7, 0xc5, 0xa2, 0x7e, 0xbd, 0x92, 0x09, 0xee,
-};
-static const unsigned char kat113_nor_persstr[] = {
-    0x8d, 0x53, 0x5a, 0x8d, 0x76, 0x04, 0x22, 0x33, 0xe4, 0xb2, 0xbc, 0xf6,
-    0xae, 0x3a, 0x71, 0x42,
-};
-static const unsigned char kat113_nor_addin0[] = {
-    0xb9, 0x86, 0x56, 0x84, 0x60, 0xca, 0xf3, 0x6f, 0x3e, 0x83, 0xcd, 0x27,
-    0xd7, 0x9f, 0xcb, 0x69,
-};
-static const unsigned char kat113_nor_addin1[] = {
-    0x1a, 0x4b, 0xe6, 0x76, 0x6a, 0x58, 0x99, 0xa2, 0x1b, 0xea, 0x32, 0x87,
-    0xfa, 0x21, 0xcd, 0x88,
-};
-static const unsigned char kat113_nor_retbytes[] = {
-    0x3e, 0x1c, 0x68, 0x8b, 0xb6, 0xb6, 0x80, 0x50, 0x20, 0x61, 0x51, 0x4b,
-    0x59, 0xae, 0x90, 0x80, 0x9d, 0xfc, 0x72, 0x18, 0x2f, 0x54, 0xf0, 0xe8,
-    0x37, 0x7f, 0xf5, 0x0d, 0xb2, 0xa8, 0x60, 0x82, 0xf9, 0x9e, 0x9f, 0x4c,
-    0x9e, 0xac, 0x9e, 0x3c, 0x5f, 0x06, 0xee, 0xc4, 0x9d, 0x9e, 0x51, 0x43,
-    0x40, 0x28, 0xbe, 0x4e, 0x08, 0xf7, 0x06, 0x34, 0xb1, 0x33, 0x9d, 0xb7,
-    0x03, 0xbf, 0xc8, 0x48, 0xeb, 0xc6, 0x60, 0xa0, 0x6a, 0xb8, 0x44, 0x04,
-    0x09, 0xed, 0x1e, 0xf4, 0x17, 0x55, 0x84, 0xcc,
-};
-static const struct drbg_kat_no_reseed kat113_nor_t = {
-    7, kat113_nor_entropyin, kat113_nor_nonce, kat113_nor_persstr,
-    kat113_nor_addin0, kat113_nor_addin1, kat113_nor_retbytes
-};
-static const struct drbg_kat kat113_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat113_nor_t
-};
-
-static const unsigned char kat114_nor_entropyin[] = {
-    0xe3, 0xdd, 0x2e, 0x76, 0x7f, 0x52, 0x05, 0xb6, 0xd0, 0xc4, 0x90, 0x8d,
-    0x46, 0x5c, 0xd2, 0xa0,
-};
-static const unsigned char kat114_nor_nonce[] = {
-    0x4e, 0x35, 0x6c, 0x17, 0x17, 0x09, 0xce, 0xfe,
-};
-static const unsigned char kat114_nor_persstr[] = {
-    0xeb, 0x84, 0xe2, 0xe5, 0xb2, 0x20, 0x88, 0x82, 0xd3, 0x72, 0xf2, 0x66,
-    0xbd, 0x1b, 0x5b, 0xa1,
-};
-static const unsigned char kat114_nor_addin0[] = {
-    0x83, 0x18, 0x68, 0xd3, 0x0c, 0x12, 0xad, 0x5a, 0x81, 0xe3, 0x9f, 0x74,
-    0xed, 0xa9, 0xf8, 0x7e,
-};
-static const unsigned char kat114_nor_addin1[] = {
-    0x0e, 0x34, 0x96, 0x0f, 0x94, 0x69, 0xe2, 0x3e, 0xd4, 0xfa, 0x28, 0x5e,
-    0xdd, 0x6b, 0x83, 0x71,
-};
-static const unsigned char kat114_nor_retbytes[] = {
-    0xe4, 0x7b, 0x96, 0xa3, 0x06, 0xa4, 0x07, 0x9a, 0x1a, 0x79, 0xe7, 0xe8,
-    0xe9, 0x3d, 0x8a, 0x5e, 0x2f, 0x96, 0xfd, 0x99, 0x5a, 0x02, 0xbe, 0x29,
-    0xc4, 0xc3, 0x6f, 0x98, 0x0f, 0x23, 0x42, 0xaa, 0x94, 0x99, 0x67, 0xa3,
-    0xa4, 0xf3, 0x12, 0xa7, 0x02, 0x08, 0x1e, 0xf7, 0xbd, 0x95, 0x91, 0x25,
-    0x28, 0x74, 0x11, 0xf9, 0x6c, 0xe6, 0x47, 0xb9, 0x1b, 0x56, 0xee, 0x93,
-    0x2e, 0x55, 0x54, 0xd4, 0x55, 0x70, 0x3f, 0xaa, 0x6a, 0xbe, 0x41, 0x09,
-    0x43, 0x63, 0x35, 0xc4, 0xd2, 0x31, 0x2b, 0x77,
-};
-static const struct drbg_kat_no_reseed kat114_nor_t = {
-    8, kat114_nor_entropyin, kat114_nor_nonce, kat114_nor_persstr,
-    kat114_nor_addin0, kat114_nor_addin1, kat114_nor_retbytes
-};
-static const struct drbg_kat kat114_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat114_nor_t
-};
-
-static const unsigned char kat115_nor_entropyin[] = {
-    0xcb, 0xff, 0x42, 0xd1, 0x36, 0x1f, 0xa6, 0xcf, 0x28, 0x3e, 0xa3, 0x0f,
-    0x49, 0xf8, 0x5a, 0xbd,
-};
-static const unsigned char kat115_nor_nonce[] = {
-    0x82, 0x41, 0x8a, 0x77, 0x8a, 0xea, 0xfc, 0xcc,
-};
-static const unsigned char kat115_nor_persstr[] = {
-    0x93, 0xde, 0x97, 0x31, 0xc0, 0xc7, 0x18, 0x07, 0x98, 0x46, 0x81, 0x69,
-    0x9a, 0x78, 0x27, 0x98,
-};
-static const unsigned char kat115_nor_addin0[] = {
-    0x7d, 0x11, 0xeb, 0xed, 0xcc, 0x74, 0xe2, 0x49, 0xb2, 0x7a, 0xb3, 0x09,
-    0x87, 0x53, 0x97, 0x92,
-};
-static const unsigned char kat115_nor_addin1[] = {
-    0xdd, 0x2c, 0x36, 0x32, 0xf5, 0x73, 0xeb, 0xdb, 0xbd, 0xb5, 0x62, 0x2c,
-    0x04, 0xb3, 0x1d, 0xdc,
-};
-static const unsigned char kat115_nor_retbytes[] = {
-    0x12, 0xaf, 0xcb, 0x02, 0x3c, 0x29, 0x79, 0x5c, 0x6b, 0x3d, 0xee, 0xb6,
-    0x55, 0x8d, 0x59, 0xc7, 0xa0, 0x73, 0x9d, 0x49, 0x9c, 0x41, 0x35, 0xc3,
-    0x7f, 0xf3, 0xdc, 0xd0, 0x02, 0x2c, 0x75, 0x15, 0xb1, 0xf8, 0x77, 0x7c,
-    0x1f, 0x2e, 0xbb, 0x49, 0x32, 0x2f, 0x5d, 0xfd, 0xf9, 0xea, 0x14, 0x15,
-    0x1d, 0x20, 0x86, 0x9b, 0x5c, 0xa1, 0x45, 0xfe, 0xec, 0x0d, 0xcf, 0xf8,
-    0x42, 0x93, 0xed, 0x31, 0x55, 0x77, 0x44, 0xcc, 0x74, 0xea, 0xc3, 0xb1,
-    0x5c, 0xf4, 0x50, 0xd1, 0x9d, 0x11, 0x36, 0xf8,
-};
-static const struct drbg_kat_no_reseed kat115_nor_t = {
-    9, kat115_nor_entropyin, kat115_nor_nonce, kat115_nor_persstr,
-    kat115_nor_addin0, kat115_nor_addin1, kat115_nor_retbytes
-};
-static const struct drbg_kat kat115_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat115_nor_t
-};
-
-static const unsigned char kat116_nor_entropyin[] = {
-    0x9c, 0x50, 0x1a, 0x22, 0x07, 0xd4, 0x16, 0xc0, 0x84, 0xf8, 0xc6, 0xba,
-    0x02, 0x2a, 0x7a, 0x35,
-};
-static const unsigned char kat116_nor_nonce[] = {
-    0xcb, 0x44, 0x76, 0x7d, 0xe7, 0x04, 0x29, 0x09,
-};
-static const unsigned char kat116_nor_persstr[] = {
-    0xf3, 0x23, 0x2c, 0xa9, 0xde, 0xf8, 0x3f, 0xbb, 0x54, 0x5e, 0x2c, 0xba,
-    0xf8, 0x0b, 0xc8, 0x06,
-};
-static const unsigned char kat116_nor_addin0[] = {
-    0xf4, 0xf6, 0x76, 0x89, 0x06, 0x34, 0xe1, 0x31, 0xd0, 0x37, 0x50, 0xe9,
-    0x3b, 0x25, 0xfa, 0xe8,
-};
-static const unsigned char kat116_nor_addin1[] = {
-    0x48, 0xbb, 0xaa, 0xd1, 0x91, 0xbd, 0xc7, 0x77, 0x93, 0x74, 0x44, 0xbd,
-    0x23, 0x34, 0xda, 0xcf,
-};
-static const unsigned char kat116_nor_retbytes[] = {
-    0x20, 0x02, 0x17, 0xf9, 0x15, 0x1c, 0x70, 0x28, 0x40, 0xd9, 0xfc, 0xd1,
-    0x3d, 0xc3, 0x0b, 0x99, 0x3f, 0x1d, 0xda, 0xb2, 0x29, 0x17, 0x91, 0xa9,
-    0x2e, 0xe5, 0x62, 0xe5, 0x2a, 0xbc, 0xd5, 0x35, 0x8a, 0xff, 0x1a, 0xb2,
-    0x4e, 0x63, 0xf7, 0xdd, 0x1a, 0xf2, 0x70, 0xfd, 0x1e, 0x3e, 0x58, 0xc4,
-    0xd4, 0x00, 0x25, 0x22, 0x53, 0xa8, 0x0d, 0x7e, 0xb0, 0x50, 0x1e, 0x4a,
-    0x41, 0x13, 0xc0, 0x6d, 0x94, 0x5b, 0xce, 0x64, 0x0b, 0x77, 0x5a, 0xd6,
-    0x57, 0xba, 0xd1, 0x05, 0xaf, 0x60, 0x28, 0x0d,
-};
-static const struct drbg_kat_no_reseed kat116_nor_t = {
-    10, kat116_nor_entropyin, kat116_nor_nonce, kat116_nor_persstr,
-    kat116_nor_addin0, kat116_nor_addin1, kat116_nor_retbytes
-};
-static const struct drbg_kat kat116_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat116_nor_t
-};
-
-static const unsigned char kat117_nor_entropyin[] = {
-    0xa8, 0xc6, 0x88, 0x26, 0xec, 0x82, 0x54, 0xbe, 0xf2, 0x45, 0x17, 0xad,
-    0xc8, 0x96, 0x2f, 0x0b,
-};
-static const unsigned char kat117_nor_nonce[] = {
-    0xbd, 0x51, 0x4b, 0xfa, 0x52, 0xbc, 0xf8, 0x49,
-};
-static const unsigned char kat117_nor_persstr[] = {
-    0x00, 0x07, 0x2c, 0x1d, 0x2e, 0x76, 0x70, 0xbd, 0x38, 0xf7, 0xe4, 0x09,
-    0x3d, 0x89, 0x4b, 0x51,
-};
-static const unsigned char kat117_nor_addin0[] = {
-    0x35, 0x1a, 0xf5, 0x5b, 0x61, 0x24, 0x9d, 0xba, 0xe6, 0x0a, 0xde, 0xe7,
-    0x15, 0x6c, 0xfe, 0x40,
-};
-static const unsigned char kat117_nor_addin1[] = {
-    0x02, 0xd9, 0x97, 0xaa, 0xe4, 0x80, 0x47, 0xee, 0xad, 0x33, 0x3c, 0x64,
-    0x0a, 0x10, 0x95, 0x8d,
-};
-static const unsigned char kat117_nor_retbytes[] = {
-    0x9e, 0x3d, 0xce, 0xa0, 0x56, 0x2a, 0x8c, 0x76, 0xa5, 0x69, 0xab, 0xcf,
-    0xc8, 0x05, 0xa1, 0x78, 0x82, 0x5d, 0x8d, 0xe5, 0xd7, 0xeb, 0xcc, 0xaf,
-    0x48, 0x74, 0x7a, 0x68, 0xd5, 0xe5, 0x48, 0x07, 0x06, 0xef, 0x6a, 0xcc,
-    0x5f, 0xe5, 0xe0, 0xe2, 0x4c, 0xa9, 0x36, 0x2a, 0xb2, 0x3d, 0xf8, 0x4c,
-    0xa6, 0x29, 0x87, 0x6b, 0x23, 0xbf, 0x4b, 0xbb, 0xe9, 0xee, 0xfe, 0x58,
-    0xc9, 0x36, 0x76, 0xb4, 0x7c, 0x58, 0x2c, 0x1a, 0x71, 0x81, 0xf5, 0x05,
-    0x74, 0x95, 0xe8, 0x3d, 0x30, 0xef, 0x98, 0x44,
-};
-static const struct drbg_kat_no_reseed kat117_nor_t = {
-    11, kat117_nor_entropyin, kat117_nor_nonce, kat117_nor_persstr,
-    kat117_nor_addin0, kat117_nor_addin1, kat117_nor_retbytes
-};
-static const struct drbg_kat kat117_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat117_nor_t
-};
-
-static const unsigned char kat118_nor_entropyin[] = {
-    0x0e, 0x57, 0x9b, 0xc1, 0x1f, 0x69, 0xb1, 0xd1, 0x06, 0xe9, 0x2c, 0x0a,
-    0x31, 0x83, 0x3a, 0xac,
-};
-static const unsigned char kat118_nor_nonce[] = {
-    0x85, 0x57, 0xf8, 0x0c, 0x6f, 0x1e, 0xa3, 0x49,
-};
-static const unsigned char kat118_nor_persstr[] = {
-    0xc6, 0xf3, 0x84, 0x8b, 0x26, 0xfd, 0xb4, 0xb4, 0x40, 0x2b, 0x4f, 0x95,
-    0x16, 0xe7, 0x11, 0x45,
-};
-static const unsigned char kat118_nor_addin0[] = {
-    0x1a, 0x06, 0x8f, 0x37, 0xe9, 0xc4, 0xa7, 0xa1, 0x55, 0xb8, 0xb7, 0x3e,
-    0xb3, 0x1a, 0x72, 0x6f,
-};
-static const unsigned char kat118_nor_addin1[] = {
-    0x8c, 0x35, 0x97, 0xd2, 0x3d, 0xa6, 0xcd, 0x67, 0x2b, 0x6e, 0xc8, 0x73,
-    0xaa, 0xc9, 0x50, 0x2f,
-};
-static const unsigned char kat118_nor_retbytes[] = {
-    0xdd, 0x60, 0x5d, 0x5f, 0x8b, 0x19, 0x31, 0x96, 0xad, 0x84, 0x30, 0x72,
-    0x76, 0x8f, 0x87, 0x27, 0x59, 0x4c, 0x2c, 0x4e, 0x74, 0x1d, 0x22, 0x0c,
-    0xb5, 0xd4, 0xe7, 0xd7, 0x00, 0x1b, 0x93, 0xce, 0xd7, 0x34, 0xf1, 0xa3,
-    0xad, 0x26, 0x3b, 0xdb, 0xf2, 0x03, 0xfe, 0x5f, 0xbb, 0x07, 0xe6, 0x2a,
-    0xf4, 0x56, 0xf9, 0xef, 0x4b, 0xfd, 0x93, 0xd0, 0xc4, 0xf6, 0xa7, 0x52,
-    0x3a, 0xc8, 0x4b, 0x80, 0x88, 0xda, 0x6c, 0x57, 0x86, 0xc5, 0x2c, 0x64,
-    0x89, 0x02, 0xb9, 0x72, 0xd0, 0x78, 0x1c, 0x15,
-};
-static const struct drbg_kat_no_reseed kat118_nor_t = {
-    12, kat118_nor_entropyin, kat118_nor_nonce, kat118_nor_persstr,
-    kat118_nor_addin0, kat118_nor_addin1, kat118_nor_retbytes
-};
-static const struct drbg_kat kat118_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat118_nor_t
-};
-
-static const unsigned char kat119_nor_entropyin[] = {
-    0x06, 0xdd, 0xcf, 0xcd, 0x7c, 0x11, 0xf7, 0xca, 0xd4, 0x9e, 0x83, 0x29,
-    0x0c, 0xcf, 0xe3, 0x20,
-};
-static const unsigned char kat119_nor_nonce[] = {
-    0xbd, 0xd6, 0xf8, 0xb1, 0x9d, 0xda, 0xee, 0x6c,
-};
-static const unsigned char kat119_nor_persstr[] = {
-    0xc4, 0x73, 0xd3, 0xe0, 0x77, 0x89, 0x27, 0x66, 0x5f, 0x2e, 0x36, 0x18,
-    0x7b, 0xd8, 0xe8, 0xa0,
-};
-static const unsigned char kat119_nor_addin0[] = {
-    0xd6, 0x46, 0x31, 0x60, 0x60, 0x5f, 0x3d, 0x40, 0x34, 0x4a, 0xe8, 0xfe,
-    0x8d, 0x5b, 0x7c, 0x5e,
-};
-static const unsigned char kat119_nor_addin1[] = {
-    0xeb, 0xba, 0xb9, 0xe5, 0xe4, 0xd8, 0x42, 0x27, 0xe8, 0xca, 0xbe, 0x8b,
-    0xca, 0xac, 0x77, 0x11,
-};
-static const unsigned char kat119_nor_retbytes[] = {
-    0x0e, 0x57, 0x83, 0x6e, 0x98, 0x29, 0x9c, 0x46, 0x80, 0xbd, 0x28, 0xfb,
-    0x26, 0xca, 0x84, 0x80, 0x70, 0xad, 0x83, 0xe9, 0x99, 0x1f, 0x7d, 0x93,
-    0x4c, 0x31, 0xe0, 0xae, 0x17, 0xf3, 0x2c, 0xd5, 0x91, 0xd4, 0xf2, 0xee,
-    0xf1, 0x4b, 0x2e, 0xaf, 0x95, 0xb2, 0x7e, 0x3b, 0x1c, 0x75, 0xe9, 0xa0,
-    0x49, 0x6a, 0x6d, 0xec, 0xea, 0xe8, 0xfe, 0xd5, 0x98, 0x2d, 0x03, 0xa0,
-    0xba, 0xf8, 0x61, 0xee, 0x93, 0x24, 0xfc, 0x6e, 0x75, 0x09, 0x3c, 0x79,
-    0x53, 0x46, 0x19, 0x18, 0xa6, 0x08, 0x45, 0x0b,
-};
-static const struct drbg_kat_no_reseed kat119_nor_t = {
-    13, kat119_nor_entropyin, kat119_nor_nonce, kat119_nor_persstr,
-    kat119_nor_addin0, kat119_nor_addin1, kat119_nor_retbytes
-};
-static const struct drbg_kat kat119_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat119_nor_t
-};
-
-static const unsigned char kat120_nor_entropyin[] = {
-    0x03, 0xd3, 0x89, 0xe9, 0xa0, 0xfc, 0x11, 0x0d, 0x17, 0x3a, 0xdb, 0x2c,
-    0xeb, 0x33, 0x58, 0xba,
-};
-static const unsigned char kat120_nor_nonce[] = {
-    0x8b, 0x32, 0x55, 0x99, 0x29, 0x7c, 0x0d, 0x47,
-};
-static const unsigned char kat120_nor_persstr[] = {
-    0xab, 0x25, 0xbe, 0xf8, 0xd0, 0x09, 0x7b, 0xbd, 0x42, 0xd5, 0x53, 0x16,
-    0xaf, 0x32, 0x1b, 0xac,
-};
-static const unsigned char kat120_nor_addin0[] = {
-    0xaf, 0x57, 0x8f, 0xbb, 0xb8, 0xa8, 0x30, 0x94, 0x7e, 0x9b, 0x4e, 0x2c,
-    0x9e, 0x72, 0x93, 0x36,
-};
-static const unsigned char kat120_nor_addin1[] = {
-    0x5a, 0x69, 0x86, 0x4c, 0xa3, 0x9d, 0xa1, 0xba, 0x47, 0x19, 0xdf, 0xe1,
-    0xdc, 0x85, 0x0a, 0x4a,
-};
-static const unsigned char kat120_nor_retbytes[] = {
-    0x8b, 0x84, 0x6f, 0x03, 0xcb, 0x66, 0xf7, 0xe4, 0x9f, 0xdd, 0xdf, 0x7c,
-    0xc4, 0x49, 0xa5, 0xf3, 0xf6, 0xcc, 0xdc, 0x17, 0xae, 0x7e, 0x22, 0x65,
-    0xa5, 0xd0, 0xe3, 0x9e, 0xa1, 0x0f, 0xc3, 0xe6, 0xcf, 0xfe, 0xfc, 0x04,
-    0x14, 0x7b, 0x77, 0x3a, 0x15, 0x84, 0xe4, 0x29, 0xfe, 0x99, 0xe8, 0x85,
-    0xf2, 0x78, 0xaf, 0xf7, 0x4a, 0x49, 0xd8, 0xc8, 0x42, 0xe7, 0xcc, 0xd8,
-    0x70, 0xf1, 0x33, 0x06, 0x92, 0xfc, 0x9c, 0x48, 0x36, 0xda, 0xc5, 0x04,
-    0x6c, 0x54, 0x4b, 0xe7, 0x46, 0x52, 0xda, 0x26,
-};
-static const struct drbg_kat_no_reseed kat120_nor_t = {
-    14, kat120_nor_entropyin, kat120_nor_nonce, kat120_nor_persstr,
-    kat120_nor_addin0, kat120_nor_addin1, kat120_nor_retbytes
-};
-static const struct drbg_kat kat120_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat120_nor_t
-};
-
-static const unsigned char kat121_nor_entropyin[] = {
-    0xac, 0x1f, 0x51, 0xd4, 0x3f, 0xaf, 0xea, 0x51, 0x94, 0x53, 0xea, 0xca,
-    0x3e, 0xbb, 0x2f, 0x95,
-};
-static const unsigned char kat121_nor_nonce[] = {
-    0xa6, 0x66, 0x6f, 0xe2, 0x6d, 0x87, 0x02, 0xc1,
-};
-static const unsigned char kat121_nor_persstr[] = {0};
-static const unsigned char kat121_nor_addin0[] = {0};
-static const unsigned char kat121_nor_addin1[] = {0};
-static const unsigned char kat121_nor_retbytes[] = {
-    0x3e, 0xa6, 0x9d, 0xff, 0x9d, 0x56, 0x33, 0x69, 0x9d, 0x27, 0xfb, 0x4b,
-    0xab, 0x4c, 0xa9, 0x72, 0x53, 0x6d, 0xae, 0xf1, 0x5d, 0xe5, 0x84, 0x42,
-    0x73, 0x84, 0xd6, 0x6f, 0x00, 0x31, 0x2c, 0x31, 0xa2, 0x1e, 0xf0, 0x2d,
-    0x88, 0xec, 0x9c, 0xa7, 0x95, 0x83, 0xb6, 0x9f, 0xca, 0x77, 0x6e, 0x2f,
-    0x67, 0xfc, 0x6a, 0x9a, 0x1c, 0xa2, 0xc5, 0x19, 0x31, 0x7d, 0x25, 0x23,
-    0x79, 0x3d, 0xec, 0x48, 0xe1, 0x1c, 0xde, 0xe2, 0x8b, 0x1f, 0xc6, 0x10,
-    0x02, 0x4b, 0x03, 0xbc, 0x23, 0x46, 0x19, 0xba,
-};
-static const struct drbg_kat_no_reseed kat121_nor_t = {
-    0, kat121_nor_entropyin, kat121_nor_nonce, kat121_nor_persstr,
-    kat121_nor_addin0, kat121_nor_addin1, kat121_nor_retbytes
-};
-static const struct drbg_kat kat121_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat121_nor_t
-};
-
-static const unsigned char kat122_nor_entropyin[] = {
-    0xbd, 0x67, 0x68, 0x78, 0x8f, 0x02, 0xe8, 0x4a, 0x2f, 0xc3, 0x58, 0x0a,
-    0x87, 0xb4, 0x69, 0xfa,
-};
-static const unsigned char kat122_nor_nonce[] = {
-    0xe2, 0x6b, 0x8c, 0x9c, 0x4b, 0xc6, 0x12, 0x8a,
-};
-static const unsigned char kat122_nor_persstr[] = {0};
-static const unsigned char kat122_nor_addin0[] = {0};
-static const unsigned char kat122_nor_addin1[] = {0};
-static const unsigned char kat122_nor_retbytes[] = {
-    0xd4, 0xe9, 0x00, 0xb0, 0xa6, 0xed, 0x2c, 0x88, 0xca, 0x0b, 0x28, 0xee,
-    0x92, 0x12, 0xfa, 0xf0, 0x65, 0x7d, 0x28, 0xd7, 0xa5, 0x3d, 0x39, 0x3f,
-    0x04, 0x75, 0xc4, 0x3c, 0xe5, 0xf0, 0xf2, 0x20, 0x7a, 0x3f, 0x18, 0xcd,
-    0xea, 0x08, 0xd9, 0x6a, 0x2a, 0x53, 0x36, 0x47, 0xa6, 0x90, 0x05, 0xb6,
-    0x75, 0x75, 0x8c, 0x93, 0x18, 0xa8, 0x34, 0x09, 0x79, 0xc4, 0xe1, 0xd0,
-    0xbb, 0x46, 0x04, 0x0e, 0x3f, 0x65, 0x6a, 0x48, 0x62, 0xd4, 0xdb, 0xfd,
-    0x07, 0x80, 0xca, 0xe9, 0xba, 0xa4, 0xab, 0x5a,
-};
-static const struct drbg_kat_no_reseed kat122_nor_t = {
-    1, kat122_nor_entropyin, kat122_nor_nonce, kat122_nor_persstr,
-    kat122_nor_addin0, kat122_nor_addin1, kat122_nor_retbytes
-};
-static const struct drbg_kat kat122_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat122_nor_t
-};
-
-static const unsigned char kat123_nor_entropyin[] = {
-    0x51, 0x4c, 0xb0, 0x5a, 0xf1, 0x92, 0xb0, 0xb0, 0x44, 0x35, 0xe2, 0x1a,
-    0x13, 0xde, 0x0a, 0x2b,
-};
-static const unsigned char kat123_nor_nonce[] = {
-    0x27, 0x8c, 0x9a, 0x83, 0xac, 0xbd, 0xda, 0xff,
-};
-static const unsigned char kat123_nor_persstr[] = {0};
-static const unsigned char kat123_nor_addin0[] = {0};
-static const unsigned char kat123_nor_addin1[] = {0};
-static const unsigned char kat123_nor_retbytes[] = {
-    0x31, 0xf8, 0x64, 0x41, 0x7a, 0xc2, 0x79, 0x92, 0x78, 0x8b, 0xcd, 0x5e,
-    0x07, 0xff, 0xf7, 0x88, 0x6e, 0x96, 0x9d, 0x06, 0xe7, 0x47, 0xfa, 0x5c,
-    0x73, 0xa4, 0x8a, 0x19, 0x4a, 0x54, 0xf6, 0x12, 0x32, 0x7a, 0xec, 0xc3,
-    0x12, 0x7b, 0x1e, 0x41, 0x0a, 0x5d, 0x3f, 0x56, 0x4a, 0xa5, 0x6b, 0x97,
-    0x83, 0x50, 0xe9, 0x3e, 0x2b, 0x98, 0x8b, 0x99, 0xa6, 0xd3, 0x1c, 0xb0,
-    0xfd, 0x8b, 0x74, 0x06, 0xaa, 0xa2, 0xda, 0xaa, 0x5a, 0x9e, 0xd6, 0x6f,
-    0xb7, 0x46, 0xe3, 0xa5, 0x8c, 0xc3, 0x61, 0x4c,
-};
-static const struct drbg_kat_no_reseed kat123_nor_t = {
-    2, kat123_nor_entropyin, kat123_nor_nonce, kat123_nor_persstr,
-    kat123_nor_addin0, kat123_nor_addin1, kat123_nor_retbytes
-};
-static const struct drbg_kat kat123_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat123_nor_t
-};
-
-static const unsigned char kat124_nor_entropyin[] = {
-    0x8a, 0x08, 0x99, 0xc4, 0x65, 0x94, 0x9b, 0x49, 0x99, 0x61, 0x9c, 0x06,
-    0x08, 0x69, 0x97, 0xe6,
-};
-static const unsigned char kat124_nor_nonce[] = {
-    0xe1, 0xad, 0x18, 0xe1, 0x76, 0x45, 0xdf, 0x1c,
-};
-static const unsigned char kat124_nor_persstr[] = {0};
-static const unsigned char kat124_nor_addin0[] = {0};
-static const unsigned char kat124_nor_addin1[] = {0};
-static const unsigned char kat124_nor_retbytes[] = {
-    0x39, 0xde, 0x5b, 0x2b, 0x5d, 0xff, 0x4a, 0xad, 0x99, 0xcd, 0xfa, 0xbc,
-    0xac, 0x9d, 0x7b, 0x3c, 0x0d, 0x0f, 0x9f, 0xed, 0xb1, 0xc1, 0xf0, 0x37,
-    0x04, 0xb3, 0xb5, 0xbb, 0xd8, 0xc8, 0xea, 0x2c, 0xbd, 0x75, 0x9b, 0x4e,
-    0x66, 0x8d, 0x12, 0x70, 0x85, 0x50, 0xba, 0xd5, 0xd5, 0xd3, 0x15, 0xac,
-    0xec, 0x8c, 0x0a, 0xb9, 0x52, 0xbf, 0x2a, 0xc8, 0x69, 0x58, 0x6a, 0xaa,
-    0x27, 0x86, 0x3d, 0x68, 0xd9, 0x18, 0x39, 0x60, 0xd5, 0x08, 0x13, 0x3e,
-    0x4a, 0xdb, 0x9c, 0x8a, 0xf3, 0xe4, 0x1f, 0x53,
-};
-static const struct drbg_kat_no_reseed kat124_nor_t = {
-    3, kat124_nor_entropyin, kat124_nor_nonce, kat124_nor_persstr,
-    kat124_nor_addin0, kat124_nor_addin1, kat124_nor_retbytes
-};
-static const struct drbg_kat kat124_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat124_nor_t
-};
-
-static const unsigned char kat125_nor_entropyin[] = {
-    0x5d, 0xd1, 0xda, 0x78, 0x87, 0x75, 0xb4, 0xa3, 0x06, 0x69, 0xb9, 0x2a,
-    0x1c, 0x99, 0x2e, 0xba,
-};
-static const unsigned char kat125_nor_nonce[] = {
-    0xb4, 0x3a, 0xa4, 0x1b, 0x02, 0xeb, 0x42, 0xcf,
-};
-static const unsigned char kat125_nor_persstr[] = {0};
-static const unsigned char kat125_nor_addin0[] = {0};
-static const unsigned char kat125_nor_addin1[] = {0};
-static const unsigned char kat125_nor_retbytes[] = {
-    0x8a, 0x45, 0x62, 0xf7, 0x66, 0x21, 0x61, 0x00, 0x04, 0xf4, 0x01, 0xfe,
-    0x72, 0xf5, 0xd1, 0x40, 0x6d, 0xbe, 0x6a, 0xda, 0xeb, 0xd9, 0x26, 0xc2,
-    0x06, 0x5f, 0x57, 0x46, 0x6b, 0xd7, 0x88, 0x30, 0x6b, 0x20, 0xd1, 0x3c,
-    0x16, 0xd1, 0xe7, 0x62, 0x7c, 0xdb, 0x20, 0x0c, 0x25, 0x81, 0xeb, 0x23,
-    0xb0, 0x2d, 0x58, 0x8d, 0xc4, 0xe5, 0x25, 0x1d, 0x61, 0x05, 0x62, 0xa0,
-    0x84, 0xc1, 0x89, 0x40, 0xf2, 0xf4, 0xd5, 0xec, 0x30, 0x6c, 0x6e, 0xee,
-    0x83, 0xee, 0x25, 0x7b, 0x93, 0xa7, 0x49, 0xd8,
-};
-static const struct drbg_kat_no_reseed kat125_nor_t = {
-    4, kat125_nor_entropyin, kat125_nor_nonce, kat125_nor_persstr,
-    kat125_nor_addin0, kat125_nor_addin1, kat125_nor_retbytes
-};
-static const struct drbg_kat kat125_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat125_nor_t
-};
-
-static const unsigned char kat126_nor_entropyin[] = {
-    0x7c, 0x46, 0x37, 0xdc, 0x79, 0xe2, 0x9f, 0x7b, 0x85, 0x7f, 0x65, 0x70,
-    0x0d, 0x6f, 0xa8, 0x91,
-};
-static const unsigned char kat126_nor_nonce[] = {
-    0x8a, 0xb3, 0x67, 0x89, 0xa6, 0x8a, 0x4a, 0x94,
-};
-static const unsigned char kat126_nor_persstr[] = {0};
-static const unsigned char kat126_nor_addin0[] = {0};
-static const unsigned char kat126_nor_addin1[] = {0};
-static const unsigned char kat126_nor_retbytes[] = {
-    0x4d, 0xfd, 0x7b, 0xde, 0xe8, 0x96, 0x6c, 0x26, 0x03, 0x31, 0xad, 0xc8,
-    0xa1, 0x76, 0x3b, 0xd4, 0xd1, 0x5b, 0xa7, 0x13, 0xd5, 0xce, 0x7e, 0x29,
-    0x1d, 0x27, 0x43, 0x87, 0xd5, 0x9a, 0x98, 0x02, 0x8b, 0x36, 0x75, 0xc5,
-    0xa5, 0x8c, 0x23, 0x7d, 0x8f, 0x40, 0x63, 0x8b, 0xfe, 0x48, 0x92, 0xa1,
-    0x6c, 0x6f, 0x76, 0xe9, 0x2e, 0x8b, 0x43, 0x35, 0xf2, 0x8a, 0x93, 0xef,
-    0x41, 0x01, 0x8e, 0x60, 0x22, 0xa9, 0x07, 0x2e, 0xef, 0x6c, 0xf0, 0xaa,
-    0x83, 0x3d, 0x80, 0xf0, 0x56, 0xa8, 0x89, 0x8a,
-};
-static const struct drbg_kat_no_reseed kat126_nor_t = {
-    5, kat126_nor_entropyin, kat126_nor_nonce, kat126_nor_persstr,
-    kat126_nor_addin0, kat126_nor_addin1, kat126_nor_retbytes
-};
-static const struct drbg_kat kat126_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat126_nor_t
-};
-
-static const unsigned char kat127_nor_entropyin[] = {
-    0x46, 0xf1, 0x5e, 0x71, 0x1d, 0xdd, 0x17, 0x2e, 0xd9, 0x94, 0x69, 0xa9,
-    0xd1, 0x75, 0x80, 0x11,
-};
-static const unsigned char kat127_nor_nonce[] = {
-    0xb2, 0x2c, 0x68, 0x5b, 0xd5, 0x46, 0x35, 0x21,
-};
-static const unsigned char kat127_nor_persstr[] = {0};
-static const unsigned char kat127_nor_addin0[] = {0};
-static const unsigned char kat127_nor_addin1[] = {0};
-static const unsigned char kat127_nor_retbytes[] = {
-    0xb2, 0xb0, 0x0d, 0x3e, 0xf6, 0xa9, 0xec, 0x8a, 0x8c, 0xcd, 0x82, 0x7f,
-    0x82, 0x8f, 0xd5, 0x65, 0x56, 0xea, 0x3d, 0xbd, 0xc4, 0x7a, 0x73, 0xa3,
-    0x15, 0xf0, 0x72, 0x53, 0xd6, 0x6e, 0x14, 0xf8, 0xfa, 0x02, 0x0e, 0x5b,
-    0xf0, 0x25, 0xc7, 0xad, 0xc5, 0xf0, 0xb8, 0x1b, 0x2c, 0xd9, 0x92, 0x93,
-    0x0e, 0x43, 0xe4, 0xb4, 0xe2, 0xd8, 0xdf, 0xb9, 0x26, 0xfc, 0x38, 0x7f,
-    0x9f, 0xa9, 0x8c, 0x58, 0xf2, 0x9f, 0x26, 0x7d, 0xe1, 0xa8, 0x23, 0x5c,
-    0x53, 0x27, 0xae, 0x85, 0x48, 0x6f, 0xa3, 0xba,
-};
-static const struct drbg_kat_no_reseed kat127_nor_t = {
-    6, kat127_nor_entropyin, kat127_nor_nonce, kat127_nor_persstr,
-    kat127_nor_addin0, kat127_nor_addin1, kat127_nor_retbytes
-};
-static const struct drbg_kat kat127_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat127_nor_t
-};
-
-static const unsigned char kat128_nor_entropyin[] = {
-    0x89, 0x48, 0x66, 0x09, 0xb2, 0x1f, 0x4a, 0x77, 0xd4, 0x49, 0x03, 0x30,
-    0x92, 0x38, 0xcd, 0x10,
-};
-static const unsigned char kat128_nor_nonce[] = {
-    0x2c, 0x65, 0xe5, 0x7d, 0xc6, 0x2b, 0x71, 0x82,
-};
-static const unsigned char kat128_nor_persstr[] = {0};
-static const unsigned char kat128_nor_addin0[] = {0};
-static const unsigned char kat128_nor_addin1[] = {0};
-static const unsigned char kat128_nor_retbytes[] = {
-    0x04, 0x4e, 0xb7, 0x22, 0xca, 0xf8, 0x5f, 0x4a, 0xa4, 0x58, 0x64, 0x59,
-    0x92, 0x5f, 0x77, 0x68, 0xa5, 0x95, 0x67, 0x40, 0x92, 0xf5, 0x59, 0xf0,
-    0x4d, 0x78, 0xef, 0x6d, 0x94, 0xdb, 0x38, 0x2b, 0xb1, 0xeb, 0xbb, 0x7b,
-    0x9e, 0x10, 0xba, 0x28, 0x89, 0x6e, 0x84, 0xfa, 0x54, 0xb1, 0x00, 0x71,
-    0x5f, 0x6d, 0xe5, 0xd9, 0xc3, 0x13, 0x83, 0x23, 0x38, 0x30, 0x7c, 0xd4,
-    0x80, 0xe7, 0xca, 0xa5, 0xb9, 0x58, 0xd3, 0x9f, 0x48, 0x99, 0xef, 0x8f,
-    0x1e, 0x09, 0x26, 0xe9, 0xf9, 0xde, 0x96, 0x42,
-};
-static const struct drbg_kat_no_reseed kat128_nor_t = {
-    7, kat128_nor_entropyin, kat128_nor_nonce, kat128_nor_persstr,
-    kat128_nor_addin0, kat128_nor_addin1, kat128_nor_retbytes
-};
-static const struct drbg_kat kat128_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat128_nor_t
-};
-
-static const unsigned char kat129_nor_entropyin[] = {
-    0xf1, 0x32, 0x23, 0x28, 0xdf, 0xf8, 0xc7, 0x33, 0x0d, 0x74, 0x08, 0x31,
-    0x5f, 0x74, 0x76, 0xad,
-};
-static const unsigned char kat129_nor_nonce[] = {
-    0x30, 0x26, 0xa9, 0x60, 0x7b, 0xc8, 0xd5, 0xa7,
-};
-static const unsigned char kat129_nor_persstr[] = {0};
-static const unsigned char kat129_nor_addin0[] = {0};
-static const unsigned char kat129_nor_addin1[] = {0};
-static const unsigned char kat129_nor_retbytes[] = {
-    0xb5, 0xfc, 0x47, 0x2a, 0x4a, 0x35, 0xd5, 0x9a, 0x0f, 0x29, 0x8e, 0xa5,
-    0xfc, 0x14, 0x46, 0xd1, 0x50, 0x82, 0x0f, 0x8c, 0x78, 0x08, 0x85, 0x11,
-    0xa4, 0x53, 0x97, 0xf4, 0x7f, 0xce, 0x79, 0xbd, 0xf5, 0xfd, 0x62, 0xaf,
-    0x96, 0xe7, 0xd9, 0x7a, 0x83, 0xef, 0x50, 0x54, 0x59, 0xaa, 0xdd, 0x81,
-    0xc2, 0x44, 0xbb, 0xe4, 0x70, 0x41, 0x96, 0xbd, 0x1f, 0x31, 0x24, 0xf6,
-    0xd4, 0x21, 0xf7, 0xa8, 0x2b, 0xcf, 0x8b, 0xe4, 0x0e, 0x54, 0x60, 0xf0,
-    0xf7, 0x4e, 0x6c, 0xa8, 0xec, 0x39, 0xd7, 0xa3,
-};
-static const struct drbg_kat_no_reseed kat129_nor_t = {
-    8, kat129_nor_entropyin, kat129_nor_nonce, kat129_nor_persstr,
-    kat129_nor_addin0, kat129_nor_addin1, kat129_nor_retbytes
-};
-static const struct drbg_kat kat129_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat129_nor_t
-};
-
-static const unsigned char kat130_nor_entropyin[] = {
-    0x0c, 0xad, 0xd9, 0xc2, 0x73, 0x60, 0xad, 0x9c, 0xf3, 0xde, 0x96, 0xb6,
-    0x20, 0x56, 0xf6, 0xc4,
-};
-static const unsigned char kat130_nor_nonce[] = {
-    0xb2, 0xeb, 0x6a, 0x83, 0x95, 0x74, 0xc0, 0x19,
-};
-static const unsigned char kat130_nor_persstr[] = {0};
-static const unsigned char kat130_nor_addin0[] = {0};
-static const unsigned char kat130_nor_addin1[] = {0};
-static const unsigned char kat130_nor_retbytes[] = {
-    0xd2, 0x8a, 0x38, 0xeb, 0xc8, 0xae, 0xbf, 0xc4, 0x1d, 0x58, 0x11, 0x6d,
-    0xf3, 0x6a, 0x35, 0x33, 0xc4, 0x8c, 0x87, 0x7b, 0xb8, 0x99, 0x2c, 0x30,
-    0xea, 0x17, 0xb4, 0x6b, 0xa2, 0x94, 0x59, 0x67, 0xc8, 0x17, 0x8a, 0x50,
-    0x0f, 0x27, 0x11, 0x97, 0xc6, 0x7e, 0x87, 0x66, 0xbb, 0x55, 0x2d, 0xf5,
-    0x97, 0x0f, 0x07, 0xa7, 0x6a, 0x4d, 0x8e, 0x57, 0xfd, 0x64, 0x67, 0xb4,
-    0x14, 0x84, 0x39, 0xdc, 0x16, 0x3c, 0xf7, 0x00, 0x78, 0x1c, 0x7b, 0xd8,
-    0x1c, 0x1d, 0x1b, 0x2f, 0xc3, 0x84, 0x85, 0x10,
-};
-static const struct drbg_kat_no_reseed kat130_nor_t = {
-    9, kat130_nor_entropyin, kat130_nor_nonce, kat130_nor_persstr,
-    kat130_nor_addin0, kat130_nor_addin1, kat130_nor_retbytes
-};
-static const struct drbg_kat kat130_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat130_nor_t
-};
-
-static const unsigned char kat131_nor_entropyin[] = {
-    0x12, 0xc2, 0xb4, 0x95, 0xcf, 0xa5, 0x5a, 0x44, 0x82, 0xdc, 0xee, 0x03,
-    0x59, 0x23, 0xe8, 0x5e,
-};
-static const unsigned char kat131_nor_nonce[] = {
-    0xcb, 0x5b, 0x88, 0x62, 0x2d, 0x93, 0x35, 0x89,
-};
-static const unsigned char kat131_nor_persstr[] = {0};
-static const unsigned char kat131_nor_addin0[] = {0};
-static const unsigned char kat131_nor_addin1[] = {0};
-static const unsigned char kat131_nor_retbytes[] = {
-    0x70, 0x75, 0x31, 0x2c, 0x4d, 0xc2, 0x1e, 0x54, 0xa2, 0xa8, 0x33, 0x46,
-    0xee, 0x8d, 0x37, 0x10, 0xa2, 0xec, 0xeb, 0x34, 0xc0, 0x2d, 0xcd, 0xab,
-    0x38, 0x17, 0xf8, 0xa6, 0x82, 0xcc, 0x0b, 0x1b, 0xf7, 0xb1, 0xc7, 0x77,
-    0xcb, 0xd2, 0xaf, 0x1e, 0x45, 0x4f, 0xf4, 0x71, 0x12, 0x9a, 0x94, 0x05,
-    0x9a, 0x25, 0x3c, 0x82, 0x95, 0x5b, 0x5a, 0xd9, 0x19, 0x63, 0x72, 0xd1,
-    0xc9, 0x34, 0x16, 0x50, 0x0a, 0x65, 0xf9, 0x62, 0x15, 0x1a, 0x32, 0xc6,
-    0x3b, 0xc6, 0xbc, 0x6b, 0x84, 0x43, 0xac, 0x9f,
-};
-static const struct drbg_kat_no_reseed kat131_nor_t = {
-    10, kat131_nor_entropyin, kat131_nor_nonce, kat131_nor_persstr,
-    kat131_nor_addin0, kat131_nor_addin1, kat131_nor_retbytes
-};
-static const struct drbg_kat kat131_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat131_nor_t
-};
-
-static const unsigned char kat132_nor_entropyin[] = {
-    0x2f, 0xea, 0x96, 0x91, 0xd8, 0x25, 0x87, 0x63, 0xd5, 0xd0, 0xe8, 0x69,
-    0x54, 0xcf, 0xd8, 0xda,
-};
-static const unsigned char kat132_nor_nonce[] = {
-    0x3e, 0xf7, 0x1a, 0x30, 0x17, 0xee, 0xf2, 0x5a,
-};
-static const unsigned char kat132_nor_persstr[] = {0};
-static const unsigned char kat132_nor_addin0[] = {0};
-static const unsigned char kat132_nor_addin1[] = {0};
-static const unsigned char kat132_nor_retbytes[] = {
-    0x59, 0x56, 0xec, 0x9a, 0x16, 0xbc, 0x61, 0xb8, 0x4b, 0xc0, 0x01, 0x4e,
-    0xee, 0x2f, 0x56, 0x15, 0xcc, 0x25, 0x90, 0x08, 0xba, 0xb2, 0x3a, 0xd6,
-    0xa0, 0x0f, 0xf7, 0xe3, 0x66, 0x87, 0xe0, 0xf6, 0xee, 0x90, 0xea, 0x4b,
-    0x90, 0xb3, 0xc7, 0xa9, 0xe9, 0x0c, 0x8f, 0x9d, 0x84, 0x4c, 0x91, 0x5b,
-    0x4c, 0xaa, 0xea, 0x7c, 0x15, 0x8b, 0x0e, 0x91, 0x64, 0xd9, 0x8d, 0x2e,
-    0x95, 0x31, 0xf0, 0x2f, 0x5d, 0xcb, 0x36, 0xa8, 0x4b, 0xeb, 0xcd, 0xbd,
-    0x7b, 0x7a, 0x91, 0xa7, 0xf8, 0xe1, 0x35, 0x38,
-};
-static const struct drbg_kat_no_reseed kat132_nor_t = {
-    11, kat132_nor_entropyin, kat132_nor_nonce, kat132_nor_persstr,
-    kat132_nor_addin0, kat132_nor_addin1, kat132_nor_retbytes
-};
-static const struct drbg_kat kat132_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat132_nor_t
-};
-
-static const unsigned char kat133_nor_entropyin[] = {
-    0x62, 0x4a, 0xb7, 0x6f, 0x32, 0x91, 0xda, 0x22, 0xfa, 0x54, 0xd4, 0x90,
-    0x31, 0xfe, 0x02, 0xfc,
-};
-static const unsigned char kat133_nor_nonce[] = {
-    0xd4, 0x01, 0xec, 0x34, 0xa7, 0xe4, 0xff, 0x2f,
-};
-static const unsigned char kat133_nor_persstr[] = {0};
-static const unsigned char kat133_nor_addin0[] = {0};
-static const unsigned char kat133_nor_addin1[] = {0};
-static const unsigned char kat133_nor_retbytes[] = {
-    0x8b, 0x86, 0x2d, 0x9b, 0xa4, 0xad, 0xaf, 0xd1, 0x7a, 0x45, 0x8c, 0x58,
-    0x5d, 0x87, 0x06, 0xf1, 0x13, 0x2a, 0xee, 0xd8, 0xaa, 0x11, 0x9d, 0xda,
-    0xf4, 0x41, 0x2a, 0x4a, 0x57, 0x16, 0xad, 0x44, 0x2c, 0x97, 0x4f, 0x6f,
-    0xb3, 0x67, 0xba, 0xe7, 0x6f, 0xe0, 0xf3, 0x3f, 0x84, 0xd3, 0x11, 0x78,
-    0x87, 0xac, 0x45, 0x92, 0xdf, 0xbc, 0x85, 0x99, 0x83, 0x9b, 0x8e, 0x43,
-    0x6f, 0xb2, 0x26, 0x32, 0xfe, 0x43, 0xa8, 0xaa, 0x77, 0xff, 0xd8, 0x6d,
-    0x09, 0xb4, 0xb3, 0x78, 0xa3, 0x9c, 0x61, 0x37,
-};
-static const struct drbg_kat_no_reseed kat133_nor_t = {
-    12, kat133_nor_entropyin, kat133_nor_nonce, kat133_nor_persstr,
-    kat133_nor_addin0, kat133_nor_addin1, kat133_nor_retbytes
-};
-static const struct drbg_kat kat133_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat133_nor_t
-};
-
-static const unsigned char kat134_nor_entropyin[] = {
-    0x1d, 0xa2, 0xef, 0x22, 0x7c, 0xb7, 0x8d, 0xb7, 0x7f, 0xfa, 0x87, 0x2e,
-    0x40, 0x76, 0x24, 0xc3,
-};
-static const unsigned char kat134_nor_nonce[] = {
-    0x3c, 0x17, 0xde, 0x55, 0x28, 0x3f, 0xe6, 0x6a,
-};
-static const unsigned char kat134_nor_persstr[] = {0};
-static const unsigned char kat134_nor_addin0[] = {0};
-static const unsigned char kat134_nor_addin1[] = {0};
-static const unsigned char kat134_nor_retbytes[] = {
-    0x68, 0x2a, 0x99, 0x1f, 0xe8, 0x36, 0xc3, 0x2b, 0x61, 0x13, 0x40, 0xe6,
-    0x98, 0xc4, 0x83, 0x01, 0xc4, 0xc0, 0xb1, 0x4a, 0x22, 0x1f, 0x2f, 0x75,
-    0xe3, 0x7e, 0x68, 0xb4, 0xdb, 0x4c, 0xf9, 0xa2, 0x6a, 0x46, 0x5a, 0x8b,
-    0xbe, 0x55, 0x58, 0x9a, 0x8a, 0x5d, 0x00, 0x60, 0x93, 0x91, 0x7c, 0xe8,
-    0x59, 0xf9, 0x3b, 0x0f, 0x01, 0x6d, 0x43, 0xe2, 0xee, 0xb4, 0xed, 0x73,
-    0x9a, 0x77, 0xe6, 0x5f, 0xa5, 0xc0, 0x88, 0x06, 0xce, 0x7a, 0x89, 0xd3,
-    0x05, 0x40, 0x5a, 0x72, 0x0e, 0x29, 0x6d, 0x25,
-};
-static const struct drbg_kat_no_reseed kat134_nor_t = {
-    13, kat134_nor_entropyin, kat134_nor_nonce, kat134_nor_persstr,
-    kat134_nor_addin0, kat134_nor_addin1, kat134_nor_retbytes
-};
-static const struct drbg_kat kat134_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat134_nor_t
-};
-
-static const unsigned char kat135_nor_entropyin[] = {
-    0xb7, 0xdd, 0xb8, 0x2f, 0x56, 0x64, 0x83, 0x4b, 0x4f, 0xb1, 0x77, 0x78,
-    0xd2, 0x2e, 0x62, 0xf2,
-};
-static const unsigned char kat135_nor_nonce[] = {
-    0x52, 0x46, 0x19, 0x24, 0xbe, 0xca, 0xb1, 0x75,
-};
-static const unsigned char kat135_nor_persstr[] = {0};
-static const unsigned char kat135_nor_addin0[] = {0};
-static const unsigned char kat135_nor_addin1[] = {0};
-static const unsigned char kat135_nor_retbytes[] = {
-    0x87, 0x35, 0xd0, 0x6e, 0x26, 0x81, 0x4e, 0xe5, 0x4b, 0x5d, 0xac, 0xa4,
-    0xe1, 0xda, 0x3e, 0x32, 0x1a, 0x5a, 0x19, 0xb0, 0x62, 0xec, 0x0c, 0x3a,
-    0xfb, 0xe3, 0xb1, 0x6f, 0x23, 0x33, 0x2a, 0x68, 0x7f, 0xad, 0xb2, 0x9e,
-    0x65, 0x20, 0x81, 0x30, 0xc3, 0xd6, 0x67, 0xc0, 0x75, 0x66, 0x0f, 0xf7,
-    0x0a, 0xea, 0x96, 0x43, 0x0f, 0xee, 0x25, 0x4c, 0x47, 0x26, 0x86, 0xb8,
-    0xe8, 0x2c, 0xa3, 0x59, 0xa5, 0x7b, 0xbd, 0xc3, 0x00, 0x4b, 0xb3, 0xeb,
-    0x64, 0x1c, 0x1f, 0x97, 0xe4, 0xb1, 0x9e, 0x02,
-};
-static const struct drbg_kat_no_reseed kat135_nor_t = {
-    14, kat135_nor_entropyin, kat135_nor_nonce, kat135_nor_persstr,
-    kat135_nor_addin0, kat135_nor_addin1, kat135_nor_retbytes
-};
-static const struct drbg_kat kat135_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat135_nor_t
-};
-
-static const unsigned char kat136_nor_entropyin[] = {
-    0x21, 0xb6, 0x80, 0x8c, 0x0f, 0xc5, 0x9e, 0xcd, 0x92, 0x5e, 0xbe, 0x35,
-    0xdd, 0xfe, 0xce, 0x08,
-};
-static const unsigned char kat136_nor_nonce[] = {
-    0x09, 0xdd, 0x03, 0xcc, 0xac, 0x54, 0x85, 0xdf,
-};
-static const unsigned char kat136_nor_persstr[] = {0};
-static const unsigned char kat136_nor_addin0[] = {
-    0x22, 0x72, 0xf1, 0x97, 0x6f, 0x14, 0x65, 0xa0, 0x7f, 0xfd, 0x72, 0xae,
-    0x25, 0x0e, 0x20, 0x0d,
-};
-static const unsigned char kat136_nor_addin1[] = {
-    0x0b, 0x2e, 0x00, 0x90, 0xa2, 0x1a, 0xc3, 0x72, 0xc9, 0x4c, 0xe8, 0x9a,
-    0x2c, 0xfb, 0xc5, 0xf0,
-};
-static const unsigned char kat136_nor_retbytes[] = {
-    0x16, 0x59, 0x15, 0xd1, 0xba, 0x81, 0xeb, 0x3f, 0x0b, 0x02, 0x13, 0xb0,
-    0x58, 0xe5, 0x28, 0x26, 0x5d, 0x29, 0x0c, 0x14, 0xd3, 0x0b, 0x53, 0x2a,
-    0x7f, 0x3c, 0xf1, 0xc3, 0x94, 0x1a, 0x73, 0xef, 0x5f, 0xe3, 0x7c, 0x87,
-    0x2d, 0x72, 0x41, 0xb1, 0x54, 0x45, 0x48, 0xa2, 0x3e, 0x92, 0x30, 0xcc,
-    0x7f, 0x21, 0x15, 0xd3, 0xbb, 0x44, 0xa3, 0x0d, 0x1a, 0x34, 0xea, 0x93,
-    0xbb, 0x5f, 0xed, 0x30, 0x5f, 0x95, 0xad, 0x7d, 0x4c, 0x3b, 0xe5, 0xef,
-    0xed, 0xe5, 0xa8, 0x9e, 0xdf, 0x97, 0x55, 0x7e,
-};
-static const struct drbg_kat_no_reseed kat136_nor_t = {
-    0, kat136_nor_entropyin, kat136_nor_nonce, kat136_nor_persstr,
-    kat136_nor_addin0, kat136_nor_addin1, kat136_nor_retbytes
-};
-static const struct drbg_kat kat136_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat136_nor_t
-};
-
-static const unsigned char kat137_nor_entropyin[] = {
-    0x38, 0x13, 0xf3, 0x76, 0xf4, 0xfd, 0x1c, 0x6d, 0x73, 0xf3, 0xe1, 0x60,
-    0xd4, 0xf9, 0x98, 0xe9,
-};
-static const unsigned char kat137_nor_nonce[] = {
-    0x95, 0x42, 0x85, 0x69, 0x74, 0x2d, 0x38, 0x7a,
-};
-static const unsigned char kat137_nor_persstr[] = {0};
-static const unsigned char kat137_nor_addin0[] = {
-    0x64, 0xa7, 0x33, 0xe7, 0x74, 0x59, 0x6f, 0xf4, 0x8d, 0xed, 0x12, 0x9b,
-    0x04, 0xd9, 0x28, 0x5a,
-};
-static const unsigned char kat137_nor_addin1[] = {
-    0x5b, 0x12, 0xc6, 0x91, 0x5e, 0x0b, 0x86, 0x99, 0x8b, 0x00, 0xed, 0x29,
-    0x0b, 0x90, 0x1a, 0x30,
-};
-static const unsigned char kat137_nor_retbytes[] = {
-    0x62, 0x24, 0xb1, 0xea, 0x5d, 0x09, 0x72, 0x90, 0xa6, 0x03, 0xb7, 0x2f,
-    0xdb, 0x2a, 0x94, 0xdc, 0xd8, 0x55, 0xfc, 0x70, 0x2f, 0x9e, 0x7f, 0x0c,
-    0x1f, 0x4d, 0x57, 0xfa, 0x1b, 0x64, 0xe2, 0x0f, 0x66, 0x0b, 0xeb, 0x61,
-    0x20, 0xf6, 0xd6, 0xee, 0x24, 0x76, 0x5b, 0x50, 0x67, 0x4f, 0x1e, 0x61,
-    0x2b, 0xb2, 0x91, 0x59, 0xd0, 0x99, 0x34, 0xba, 0x18, 0x40, 0x33, 0x28,
-    0xed, 0xf8, 0x2f, 0x35, 0x30, 0x29, 0x1e, 0x61, 0x72, 0xbc, 0x4b, 0x7e,
-    0x76, 0xe7, 0xda, 0x5d, 0xb0, 0xe6, 0xcf, 0xcd,
-};
-static const struct drbg_kat_no_reseed kat137_nor_t = {
-    1, kat137_nor_entropyin, kat137_nor_nonce, kat137_nor_persstr,
-    kat137_nor_addin0, kat137_nor_addin1, kat137_nor_retbytes
-};
-static const struct drbg_kat kat137_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat137_nor_t
-};
-
-static const unsigned char kat138_nor_entropyin[] = {
-    0xe7, 0x50, 0x04, 0xf4, 0x1a, 0xe0, 0x7d, 0xb8, 0xec, 0xef, 0xca, 0x47,
-    0x88, 0x8e, 0xc1, 0x14,
-};
-static const unsigned char kat138_nor_nonce[] = {
-    0x1c, 0x1d, 0x86, 0x98, 0x0d, 0x1d, 0xad, 0x6c,
-};
-static const unsigned char kat138_nor_persstr[] = {0};
-static const unsigned char kat138_nor_addin0[] = {
-    0xfe, 0x3a, 0x34, 0x1a, 0x5c, 0x8f, 0xaf, 0xf3, 0x15, 0x59, 0x79, 0x3f,
-    0x3d, 0xd9, 0xb4, 0x3f,
-};
-static const unsigned char kat138_nor_addin1[] = {
-    0x95, 0xee, 0x78, 0x2a, 0xc0, 0xac, 0x3e, 0xa4, 0xd2, 0xc5, 0x14, 0x8f,
-    0x3b, 0x37, 0x74, 0x7f,
-};
-static const unsigned char kat138_nor_retbytes[] = {
-    0xbf, 0x50, 0x6d, 0xd7, 0x0b, 0x76, 0xc9, 0x54, 0x1a, 0x06, 0x3b, 0x8c,
-    0xc4, 0xaa, 0x6f, 0x93, 0xb5, 0x54, 0x9d, 0x71, 0xdf, 0x89, 0x98, 0x23,
-    0xc9, 0xb6, 0x9c, 0x47, 0xd3, 0x0a, 0x77, 0xc4, 0xcd, 0x6f, 0x4e, 0x50,
-    0x65, 0x4c, 0x49, 0x55, 0xa8, 0xe5, 0x58, 0x1e, 0x43, 0xbe, 0x2c, 0xf4,
-    0x6a, 0x52, 0x89, 0x56, 0x0a, 0xcf, 0x00, 0x0b, 0xf5, 0x44, 0x30, 0xa1,
-    0x94, 0x9b, 0x52, 0x43, 0xe9, 0xa7, 0x99, 0xdb, 0x3c, 0xb0, 0x86, 0xf0,
-    0x8e, 0x6e, 0x1e, 0x34, 0xe5, 0x4d, 0x32, 0x08,
-};
-static const struct drbg_kat_no_reseed kat138_nor_t = {
-    2, kat138_nor_entropyin, kat138_nor_nonce, kat138_nor_persstr,
-    kat138_nor_addin0, kat138_nor_addin1, kat138_nor_retbytes
-};
-static const struct drbg_kat kat138_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat138_nor_t
-};
-
-static const unsigned char kat139_nor_entropyin[] = {
-    0x78, 0x64, 0x71, 0x92, 0x8f, 0xf5, 0x58, 0xa2, 0x93, 0xf4, 0xa3, 0x66,
-    0x86, 0x61, 0x18, 0x72,
-};
-static const unsigned char kat139_nor_nonce[] = {
-    0xdc, 0x41, 0x93, 0x0c, 0x51, 0x63, 0xbc, 0x77,
-};
-static const unsigned char kat139_nor_persstr[] = {0};
-static const unsigned char kat139_nor_addin0[] = {
-    0xfc, 0xfc, 0x99, 0xf0, 0x5f, 0xe9, 0xa0, 0x58, 0xc0, 0x47, 0xdc, 0x03,
-    0xc0, 0x17, 0x1c, 0x6f,
-};
-static const unsigned char kat139_nor_addin1[] = {
-    0xeb, 0xa3, 0xd9, 0x77, 0x42, 0x43, 0xa2, 0x73, 0xee, 0xd0, 0x91, 0xd5,
-    0x44, 0x4a, 0x7b, 0xa2,
-};
-static const unsigned char kat139_nor_retbytes[] = {
-    0x5e, 0xb1, 0x33, 0xf8, 0xf1, 0xef, 0x9d, 0x76, 0x4c, 0xe4, 0x50, 0xd6,
-    0xd2, 0xbe, 0xda, 0xb3, 0xdb, 0xc8, 0x2f, 0x5a, 0x95, 0x6b, 0xe5, 0x7a,
-    0xc4, 0x08, 0xd6, 0xba, 0x92, 0x51, 0xe6, 0x42, 0xbd, 0xa0, 0xbb, 0xcd,
-    0x92, 0x0e, 0xfe, 0xe3, 0x2b, 0xbe, 0x77, 0xc3, 0xab, 0xe8, 0x45, 0xb4,
-    0xaa, 0x0c, 0xb2, 0xdd, 0x45, 0x0e, 0x97, 0x10, 0x8c, 0xa2, 0xa9, 0xa0,
-    0xe8, 0xfa, 0x9b, 0x3c, 0x4a, 0xdd, 0xc2, 0x0b, 0xdb, 0x2a, 0xb5, 0xd7,
-    0x6a, 0x5a, 0x4e, 0xee, 0x3e, 0x01, 0x57, 0x93,
-};
-static const struct drbg_kat_no_reseed kat139_nor_t = {
-    3, kat139_nor_entropyin, kat139_nor_nonce, kat139_nor_persstr,
-    kat139_nor_addin0, kat139_nor_addin1, kat139_nor_retbytes
-};
-static const struct drbg_kat kat139_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat139_nor_t
-};
-
-static const unsigned char kat140_nor_entropyin[] = {
-    0x51, 0x35, 0x9d, 0xd9, 0x2b, 0xf3, 0xb8, 0xc4, 0x32, 0xd3, 0x28, 0xaa,
-    0x4a, 0x6c, 0xe8, 0xda,
-};
-static const unsigned char kat140_nor_nonce[] = {
-    0xf8, 0x44, 0xb3, 0x4b, 0xab, 0xf2, 0xbc, 0x9b,
-};
-static const unsigned char kat140_nor_persstr[] = {0};
-static const unsigned char kat140_nor_addin0[] = {
-    0x59, 0x3b, 0x02, 0x5d, 0x32, 0x78, 0xc3, 0x2b, 0x26, 0x97, 0x07, 0x61,
-    0x95, 0x88, 0x8e, 0xbf,
-};
-static const unsigned char kat140_nor_addin1[] = {
-    0xae, 0x23, 0xf5, 0x1e, 0xbb, 0x06, 0xf5, 0x17, 0xcd, 0x5c, 0xcd, 0x2b,
-    0x86, 0xca, 0xfd, 0x28,
-};
-static const unsigned char kat140_nor_retbytes[] = {
-    0x1d, 0x9f, 0xe2, 0x8a, 0x9d, 0x69, 0x5d, 0x14, 0x20, 0x0d, 0x19, 0x36,
-    0x36, 0x93, 0x3c, 0x94, 0xac, 0x11, 0x8f, 0x2e, 0xc3, 0x3c, 0x16, 0xa8,
-    0xa6, 0x71, 0xf9, 0xc1, 0xef, 0x47, 0x4b, 0x5b, 0xcf, 0xb1, 0x8e, 0x99,
-    0xd2, 0x9b, 0xa6, 0xd5, 0x5c, 0x1a, 0x07, 0xea, 0x42, 0x95, 0x8b, 0x5f,
-    0xf6, 0x46, 0x85, 0x17, 0x2c, 0xd7, 0xde, 0x24, 0xfa, 0xf0, 0x65, 0x10,
-    0xd5, 0xb9, 0xf7, 0xc8, 0x4c, 0xf8, 0x95, 0x5a, 0xf6, 0x70, 0x7b, 0x93,
-    0x21, 0x69, 0x23, 0x36, 0xdf, 0xed, 0xf2, 0xec,
-};
-static const struct drbg_kat_no_reseed kat140_nor_t = {
-    4, kat140_nor_entropyin, kat140_nor_nonce, kat140_nor_persstr,
-    kat140_nor_addin0, kat140_nor_addin1, kat140_nor_retbytes
-};
-static const struct drbg_kat kat140_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat140_nor_t
-};
-
-static const unsigned char kat141_nor_entropyin[] = {
-    0x56, 0x72, 0xab, 0x20, 0xf6, 0x67, 0xe5, 0x91, 0x8a, 0x80, 0x87, 0x68,
-    0x1c, 0x18, 0x7d, 0xac,
-};
-static const unsigned char kat141_nor_nonce[] = {
-    0xa9, 0xb4, 0x2c, 0xfb, 0x74, 0xcc, 0xce, 0xaa,
-};
-static const unsigned char kat141_nor_persstr[] = {0};
-static const unsigned char kat141_nor_addin0[] = {
-    0x6f, 0x4d, 0x34, 0xdd, 0x4c, 0xc4, 0x1d, 0x01, 0x5d, 0x00, 0x26, 0x30,
-    0xa5, 0x7b, 0x5d, 0xa5,
-};
-static const unsigned char kat141_nor_addin1[] = {
-    0xd5, 0x71, 0xf6, 0xf4, 0xc1, 0x20, 0x0b, 0x61, 0x94, 0x83, 0xb6, 0x91,
-    0x66, 0xa5, 0x9c, 0xdc,
-};
-static const unsigned char kat141_nor_retbytes[] = {
-    0x6c, 0x43, 0x69, 0x29, 0x0d, 0x51, 0x7d, 0x40, 0x97, 0x26, 0x0f, 0x88,
-    0x61, 0x8c, 0x36, 0x6a, 0x85, 0x53, 0x51, 0xbf, 0x5e, 0x78, 0xab, 0xcb,
-    0xb2, 0x33, 0x21, 0xf5, 0xf0, 0xf2, 0xda, 0x59, 0x2b, 0x21, 0x02, 0x4f,
-    0xc7, 0xe9, 0xb2, 0x7d, 0x76, 0x8e, 0x84, 0x1e, 0x8d, 0x77, 0x8d, 0x43,
-    0x67, 0xa0, 0xfa, 0xca, 0x95, 0x9a, 0x2c, 0x9b, 0x96, 0xbd, 0x2f, 0x25,
-    0x6f, 0xbd, 0xd3, 0x45, 0xab, 0x9c, 0xdd, 0x5b, 0x03, 0x5b, 0xdd, 0x7a,
-    0xc3, 0xc5, 0xd3, 0x56, 0xbc, 0x1e, 0xd8, 0xe4,
-};
-static const struct drbg_kat_no_reseed kat141_nor_t = {
-    5, kat141_nor_entropyin, kat141_nor_nonce, kat141_nor_persstr,
-    kat141_nor_addin0, kat141_nor_addin1, kat141_nor_retbytes
-};
-static const struct drbg_kat kat141_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat141_nor_t
-};
-
-static const unsigned char kat142_nor_entropyin[] = {
-    0xb6, 0x5b, 0xc4, 0xcf, 0xa1, 0x15, 0xbc, 0xdd, 0x15, 0x73, 0x0e, 0xf5,
-    0xf7, 0xb3, 0xd7, 0xb1,
-};
-static const unsigned char kat142_nor_nonce[] = {
-    0x57, 0x7f, 0x9b, 0xe9, 0x0f, 0x62, 0x5e, 0xde,
-};
-static const unsigned char kat142_nor_persstr[] = {0};
-static const unsigned char kat142_nor_addin0[] = {
-    0x9e, 0x76, 0xda, 0xe1, 0xd2, 0xf6, 0x8f, 0x69, 0x93, 0xe5, 0x31, 0xe6,
-    0x13, 0xf6, 0x22, 0x63,
-};
-static const unsigned char kat142_nor_addin1[] = {
-    0x16, 0xa5, 0xfc, 0x59, 0x9f, 0x9d, 0x94, 0xe2, 0xd3, 0x71, 0x7c, 0xf7,
-    0x75, 0x51, 0xd4, 0x7e,
-};
-static const unsigned char kat142_nor_retbytes[] = {
-    0x33, 0xe0, 0x9a, 0x71, 0x0a, 0xb4, 0x10, 0x34, 0xd1, 0x6b, 0xb1, 0x36,
-    0x9e, 0x2b, 0xc1, 0x57, 0xf3, 0x33, 0xa3, 0xba, 0x6d, 0xfc, 0x73, 0x00,
-    0xf6, 0xfe, 0x60, 0x0c, 0x52, 0x45, 0xb0, 0x43, 0xc5, 0x91, 0x8d, 0xba,
-    0x6b, 0xd3, 0xbc, 0xa6, 0xaf, 0xcf, 0xff, 0x33, 0x25, 0xad, 0xab, 0xe5,
-    0x50, 0x88, 0x4f, 0x80, 0xb0, 0x72, 0x39, 0x68, 0x4b, 0xd2, 0xd8, 0xf9,
-    0xd5, 0x58, 0xf5, 0x8b, 0x52, 0x08, 0x28, 0x06, 0x7e, 0xe9, 0x0f, 0x47,
-    0xb3, 0x09, 0x54, 0xa2, 0x67, 0x6c, 0x5c, 0xec,
-};
-static const struct drbg_kat_no_reseed kat142_nor_t = {
-    6, kat142_nor_entropyin, kat142_nor_nonce, kat142_nor_persstr,
-    kat142_nor_addin0, kat142_nor_addin1, kat142_nor_retbytes
-};
-static const struct drbg_kat kat142_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat142_nor_t
-};
-
-static const unsigned char kat143_nor_entropyin[] = {
-    0x56, 0x39, 0xff, 0xf8, 0xa2, 0x3a, 0xe7, 0xc5, 0x1b, 0xce, 0x07, 0x44,
-    0xcc, 0x69, 0xe5, 0x34,
-};
-static const unsigned char kat143_nor_nonce[] = {
-    0xc6, 0xd5, 0x63, 0x2f, 0xd6, 0x89, 0x9d, 0xa2,
-};
-static const unsigned char kat143_nor_persstr[] = {0};
-static const unsigned char kat143_nor_addin0[] = {
-    0xab, 0xce, 0x9c, 0x7f, 0xb0, 0x0d, 0x7e, 0x48, 0x01, 0x65, 0x1f, 0x89,
-    0xd5, 0xbd, 0x47, 0xea,
-};
-static const unsigned char kat143_nor_addin1[] = {
-    0x1d, 0xa0, 0x83, 0x32, 0x02, 0xc8, 0x2d, 0xa9, 0x71, 0xe8, 0x19, 0x8e,
-    0xe7, 0xaa, 0x0b, 0x90,
-};
-static const unsigned char kat143_nor_retbytes[] = {
-    0x7c, 0x0a, 0x23, 0x05, 0xe5, 0x23, 0x3e, 0xde, 0xed, 0xa4, 0x21, 0x90,
-    0x6d, 0x85, 0x28, 0x42, 0x6c, 0xcc, 0x45, 0x5c, 0xcd, 0xc2, 0x8f, 0x30,
-    0xdf, 0x3b, 0x31, 0xad, 0x8b, 0xec, 0x99, 0x0b, 0xfc, 0x28, 0x3f, 0xe5,
-    0xff, 0xba, 0xba, 0x93, 0xb8, 0x80, 0xf9, 0xa0, 0x17, 0x24, 0x68, 0x4c,
-    0xe8, 0xe7, 0x24, 0x2a, 0x26, 0xc3, 0xe9, 0xb1, 0xa9, 0xd2, 0x3a, 0x14,
-    0xa4, 0x81, 0xe5, 0xd3, 0xc7, 0x56, 0x12, 0xc6, 0xbe, 0x27, 0x63, 0x36,
-    0x1a, 0x74, 0x9e, 0x8e, 0xce, 0x57, 0xf7, 0xf5,
-};
-static const struct drbg_kat_no_reseed kat143_nor_t = {
-    7, kat143_nor_entropyin, kat143_nor_nonce, kat143_nor_persstr,
-    kat143_nor_addin0, kat143_nor_addin1, kat143_nor_retbytes
-};
-static const struct drbg_kat kat143_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat143_nor_t
-};
-
-static const unsigned char kat144_nor_entropyin[] = {
-    0xb0, 0x39, 0xd4, 0xad, 0xad, 0x57, 0x68, 0x0a, 0xd2, 0xa0, 0xf7, 0x43,
-    0xa5, 0x06, 0x33, 0xa0,
-};
-static const unsigned char kat144_nor_nonce[] = {
-    0x0a, 0x47, 0x2b, 0xdd, 0x9f, 0x6e, 0x2b, 0xea,
-};
-static const unsigned char kat144_nor_persstr[] = {0};
-static const unsigned char kat144_nor_addin0[] = {
-    0xc5, 0x39, 0x24, 0x1e, 0xe0, 0x59, 0x44, 0xed, 0x08, 0x74, 0xea, 0xf3,
-    0xaa, 0xbf, 0x34, 0x2a,
-};
-static const unsigned char kat144_nor_addin1[] = {
-    0xe9, 0x7f, 0x92, 0xe5, 0x6c, 0xde, 0x35, 0x0d, 0x19, 0x01, 0x20, 0x69,
-    0x03, 0x60, 0x5f, 0x66,
-};
-static const unsigned char kat144_nor_retbytes[] = {
-    0x22, 0x83, 0x61, 0xa8, 0xb6, 0x11, 0x3e, 0xed, 0x3d, 0x84, 0xed, 0x46,
-    0xa0, 0x57, 0x31, 0x34, 0xc7, 0x0d, 0x2d, 0x5a, 0x18, 0x7a, 0x35, 0xb4,
-    0x59, 0x9f, 0x2b, 0xf1, 0x82, 0x03, 0x09, 0xe7, 0x21, 0x1d, 0xea, 0x34,
-    0xd3, 0x3a, 0x62, 0xdf, 0xa7, 0x42, 0xa2, 0x16, 0x75, 0x2a, 0x9e, 0x57,
-    0xf3, 0x3a, 0x60, 0x4b, 0xe3, 0xe8, 0x8e, 0xa0, 0xf1, 0x5f, 0x5d, 0x91,
-    0x6d, 0x72, 0x66, 0x46, 0x73, 0xd8, 0x86, 0x10, 0x4a, 0x7b, 0x6c, 0x39,
-    0x04, 0xaf, 0x6d, 0x65, 0x63, 0xe0, 0x57, 0x61,
-};
-static const struct drbg_kat_no_reseed kat144_nor_t = {
-    8, kat144_nor_entropyin, kat144_nor_nonce, kat144_nor_persstr,
-    kat144_nor_addin0, kat144_nor_addin1, kat144_nor_retbytes
-};
-static const struct drbg_kat kat144_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat144_nor_t
-};
-
-static const unsigned char kat145_nor_entropyin[] = {
-    0x71, 0xe7, 0xd5, 0xb1, 0x84, 0x57, 0x07, 0xeb, 0xbe, 0xd4, 0x71, 0xbc,
-    0x66, 0x3b, 0x85, 0x17,
-};
-static const unsigned char kat145_nor_nonce[] = {
-    0x42, 0x50, 0x3f, 0xc9, 0x49, 0x68, 0x64, 0xa8,
-};
-static const unsigned char kat145_nor_persstr[] = {0};
-static const unsigned char kat145_nor_addin0[] = {
-    0x59, 0xea, 0x5d, 0xc5, 0x5e, 0x22, 0xe0, 0x34, 0xf1, 0xed, 0x46, 0xd1,
-    0x73, 0x9f, 0x1d, 0x33,
-};
-static const unsigned char kat145_nor_addin1[] = {
-    0xd9, 0x7a, 0xf0, 0x12, 0x77, 0x04, 0x33, 0x95, 0xdb, 0xef, 0x3a, 0x0e,
-    0xac, 0xd6, 0x16, 0x3d,
-};
-static const unsigned char kat145_nor_retbytes[] = {
-    0xd6, 0xc5, 0xca, 0xd4, 0xaf, 0x95, 0x48, 0x34, 0x28, 0x49, 0x7f, 0x0f,
-    0xf0, 0xd8, 0xa3, 0x0f, 0x67, 0x37, 0x87, 0xf4, 0x4f, 0xfc, 0xb9, 0xbf,
-    0x55, 0xc1, 0xed, 0x39, 0xfa, 0x41, 0xe3, 0xf5, 0x38, 0x49, 0xda, 0x76,
-    0xfa, 0xa5, 0x37, 0x7e, 0xaa, 0x83, 0x2c, 0x83, 0x5e, 0xea, 0x20, 0x02,
-    0x26, 0xf5, 0xf3, 0xf0, 0x57, 0x5d, 0x67, 0x51, 0x48, 0x20, 0x02, 0x43,
-    0x39, 0xe2, 0x48, 0xb0, 0x91, 0x11, 0x19, 0x5c, 0x0b, 0xb7, 0x14, 0x8f,
-    0xac, 0xf3, 0x10, 0xb5, 0x93, 0x94, 0x72, 0x56,
-};
-static const struct drbg_kat_no_reseed kat145_nor_t = {
-    9, kat145_nor_entropyin, kat145_nor_nonce, kat145_nor_persstr,
-    kat145_nor_addin0, kat145_nor_addin1, kat145_nor_retbytes
-};
-static const struct drbg_kat kat145_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat145_nor_t
-};
-
-static const unsigned char kat146_nor_entropyin[] = {
-    0xef, 0x32, 0x52, 0x65, 0xd5, 0xaf, 0x25, 0xd2, 0x55, 0x78, 0x4e, 0x10,
-    0x9b, 0x20, 0xb7, 0x61,
-};
-static const unsigned char kat146_nor_nonce[] = {
-    0x52, 0xf6, 0xfa, 0xa7, 0xf3, 0x7c, 0x7d, 0xf2,
-};
-static const unsigned char kat146_nor_persstr[] = {0};
-static const unsigned char kat146_nor_addin0[] = {
-    0x77, 0x09, 0xe2, 0x20, 0xf0, 0x67, 0xba, 0x16, 0x1c, 0xd3, 0x61, 0x63,
-    0x95, 0x80, 0xc4, 0x2e,
-};
-static const unsigned char kat146_nor_addin1[] = {
-    0xed, 0x6a, 0xcb, 0x90, 0x2f, 0x1d, 0x02, 0x66, 0xc1, 0x4f, 0x29, 0x93,
-    0xbd, 0xb7, 0x7f, 0xf9,
-};
-static const unsigned char kat146_nor_retbytes[] = {
-    0x3b, 0x8b, 0xc3, 0xe1, 0xca, 0xb6, 0x7f, 0x41, 0x84, 0x1f, 0x74, 0xb0,
-    0xd2, 0x0b, 0x87, 0xb9, 0x54, 0x83, 0xbe, 0x53, 0xda, 0x22, 0x9f, 0xe3,
-    0x4b, 0x47, 0x15, 0x1d, 0x2a, 0xc2, 0x80, 0x8c, 0xeb, 0x6e, 0x50, 0xda,
-    0x6c, 0xff, 0xfb, 0x14, 0xb5, 0x5d, 0x0f, 0x3b, 0x84, 0x66, 0x76, 0x61,
-    0x21, 0x30, 0xa7, 0x01, 0x19, 0x15, 0xb9, 0x46, 0xdf, 0x67, 0x18, 0x95,
-    0x14, 0xb6, 0x9c, 0x11, 0x51, 0x4c, 0x06, 0xce, 0x27, 0x1d, 0xc3, 0x70,
-    0xf1, 0x36, 0xf6, 0xc5, 0x08, 0x9f, 0x8c, 0x6d,
-};
-static const struct drbg_kat_no_reseed kat146_nor_t = {
-    10, kat146_nor_entropyin, kat146_nor_nonce, kat146_nor_persstr,
-    kat146_nor_addin0, kat146_nor_addin1, kat146_nor_retbytes
-};
-static const struct drbg_kat kat146_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat146_nor_t
-};
-
-static const unsigned char kat147_nor_entropyin[] = {
-    0x80, 0xda, 0x5b, 0x7e, 0x53, 0x16, 0xc9, 0x9a, 0xe6, 0xa2, 0x1e, 0xcf,
-    0xe2, 0xe0, 0x13, 0xb0,
-};
-static const unsigned char kat147_nor_nonce[] = {
-    0x28, 0xdc, 0xd7, 0x15, 0x91, 0xa7, 0x64, 0xb5,
-};
-static const unsigned char kat147_nor_persstr[] = {0};
-static const unsigned char kat147_nor_addin0[] = {
-    0x39, 0xa1, 0x65, 0x63, 0x0c, 0x5d, 0xbf, 0x4e, 0xcc, 0x53, 0xf8, 0xdd,
-    0x82, 0x5d, 0x98, 0x2a,
-};
-static const unsigned char kat147_nor_addin1[] = {
-    0x57, 0x6a, 0xfb, 0xba, 0x4f, 0x94, 0x08, 0x05, 0x09, 0x38, 0xb8, 0xd2,
-    0x04, 0xa8, 0xb1, 0xf6,
-};
-static const unsigned char kat147_nor_retbytes[] = {
-    0x9d, 0x0b, 0x9b, 0x54, 0xb9, 0xa2, 0xcb, 0x61, 0x86, 0xd4, 0x3b, 0x12,
-    0x82, 0xfd, 0x21, 0x4a, 0x00, 0xcb, 0x41, 0x39, 0x04, 0x02, 0x3b, 0x48,
-    0x20, 0x08, 0x4f, 0x36, 0xa0, 0xf0, 0xe5, 0x08, 0x88, 0xcb, 0x8b, 0x33,
-    0xf6, 0x73, 0x15, 0x55, 0x59, 0x5e, 0xa5, 0xb2, 0x05, 0x21, 0xf1, 0x8d,
-    0x1e, 0x94, 0xaa, 0x8e, 0xab, 0xaf, 0xcf, 0x16, 0x86, 0xcd, 0xc8, 0x50,
-    0x96, 0x59, 0x11, 0x16, 0x6f, 0x94, 0x11, 0x50, 0x13, 0xe7, 0x8d, 0x85,
-    0x80, 0x4a, 0x63, 0x4c, 0xf0, 0x7a, 0x3d, 0x55,
-};
-static const struct drbg_kat_no_reseed kat147_nor_t = {
-    11, kat147_nor_entropyin, kat147_nor_nonce, kat147_nor_persstr,
-    kat147_nor_addin0, kat147_nor_addin1, kat147_nor_retbytes
-};
-static const struct drbg_kat kat147_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat147_nor_t
-};
-
-static const unsigned char kat148_nor_entropyin[] = {
-    0xd7, 0x49, 0x21, 0xd6, 0xdf, 0xa6, 0x9d, 0x7a, 0x73, 0x86, 0x10, 0x16,
-    0xcf, 0x15, 0x5c, 0xbb,
-};
-static const unsigned char kat148_nor_nonce[] = {
-    0x3e, 0x49, 0x48, 0x39, 0x02, 0x08, 0x60, 0x04,
-};
-static const unsigned char kat148_nor_persstr[] = {0};
-static const unsigned char kat148_nor_addin0[] = {
-    0x48, 0x39, 0xcd, 0x93, 0x86, 0xe6, 0x82, 0x98, 0xaa, 0x27, 0x4b, 0x83,
-    0xf5, 0xae, 0x91, 0x34,
-};
-static const unsigned char kat148_nor_addin1[] = {
-    0xc0, 0x8d, 0x03, 0xf6, 0x5e, 0xea, 0xbd, 0xe5, 0xc9, 0xbf, 0x72, 0x30,
-    0xa5, 0xa3, 0xbf, 0x91,
-};
-static const unsigned char kat148_nor_retbytes[] = {
-    0x17, 0x2b, 0x29, 0xd4, 0x6e, 0x9a, 0xcd, 0x26, 0xc0, 0xa3, 0x82, 0x71,
-    0xad, 0xaf, 0x92, 0x6e, 0x4e, 0xce, 0x48, 0x03, 0xf2, 0x13, 0xab, 0xd6,
-    0xa1, 0x06, 0x5b, 0x8f, 0xe3, 0x14, 0x27, 0xf1, 0xf5, 0xbc, 0xac, 0x78,
-    0xf2, 0xf2, 0x15, 0x6e, 0x78, 0x11, 0xe9, 0xc5, 0xc9, 0x84, 0xf9, 0x7a,
-    0xef, 0xfa, 0xa4, 0x51, 0x9d, 0xae, 0xd0, 0x67, 0xff, 0xa1, 0x97, 0x59,
-    0x45, 0x89, 0x74, 0x60, 0x54, 0x8f, 0x78, 0xb6, 0x73, 0x70, 0xd3, 0x32,
-    0xaf, 0x3a, 0xf1, 0xf9, 0xa1, 0x2d, 0xdc, 0x22,
-};
-static const struct drbg_kat_no_reseed kat148_nor_t = {
-    12, kat148_nor_entropyin, kat148_nor_nonce, kat148_nor_persstr,
-    kat148_nor_addin0, kat148_nor_addin1, kat148_nor_retbytes
-};
-static const struct drbg_kat kat148_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat148_nor_t
-};
-
-static const unsigned char kat149_nor_entropyin[] = {
-    0xd4, 0xa2, 0xf2, 0xde, 0xd0, 0x1a, 0xe7, 0xa5, 0xc3, 0x3b, 0x09, 0xf6,
-    0x38, 0xf9, 0xae, 0x5c,
-};
-static const unsigned char kat149_nor_nonce[] = {
-    0xee, 0xab, 0x2a, 0xc9, 0x71, 0xbc, 0x8f, 0x6b,
-};
-static const unsigned char kat149_nor_persstr[] = {0};
-static const unsigned char kat149_nor_addin0[] = {
-    0xc3, 0xe7, 0x27, 0xb3, 0xce, 0x8c, 0xf2, 0x20, 0x0d, 0xfc, 0x06, 0x7d,
-    0x13, 0xc8, 0x02, 0x18,
-};
-static const unsigned char kat149_nor_addin1[] = {
-    0x6d, 0x4c, 0x88, 0x9b, 0x91, 0x60, 0x38, 0x90, 0x45, 0x82, 0x77, 0xb9,
-    0xfc, 0xc5, 0x7a, 0xa8,
-};
-static const unsigned char kat149_nor_retbytes[] = {
-    0x9d, 0xef, 0xb2, 0x3c, 0x7c, 0xbf, 0x32, 0xe2, 0xf8, 0x95, 0xd8, 0xbe,
-    0x3c, 0xcd, 0x9b, 0x0c, 0x6f, 0x2d, 0x6c, 0xdd, 0x3d, 0xb0, 0xaa, 0xd9,
-    0xa3, 0xa5, 0xf2, 0xf6, 0x18, 0x9a, 0x44, 0x17, 0x58, 0xbf, 0x1a, 0x62,
-    0x23, 0x13, 0xa9, 0xad, 0x7d, 0xa7, 0xd2, 0x95, 0x36, 0x4e, 0xf8, 0x57,
-    0x90, 0x1e, 0x22, 0x29, 0xe7, 0x31, 0x5b, 0x06, 0xc7, 0x55, 0x98, 0xc9,
-    0xce, 0x6d, 0xb2, 0x6a, 0x96, 0x6c, 0x3d, 0xfa, 0x49, 0xdf, 0x45, 0x51,
-    0x4b, 0xdf, 0x46, 0x12, 0x5c, 0x62, 0x28, 0x66,
-};
-static const struct drbg_kat_no_reseed kat149_nor_t = {
-    13, kat149_nor_entropyin, kat149_nor_nonce, kat149_nor_persstr,
-    kat149_nor_addin0, kat149_nor_addin1, kat149_nor_retbytes
-};
-static const struct drbg_kat kat149_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat149_nor_t
-};
-
-static const unsigned char kat150_nor_entropyin[] = {
-    0xbf, 0x76, 0x41, 0x51, 0x13, 0x65, 0x97, 0xee, 0xf9, 0xc1, 0xa7, 0xcc,
-    0xff, 0x0f, 0x34, 0x5f,
-};
-static const unsigned char kat150_nor_nonce[] = {
-    0x29, 0xf9, 0x05, 0x9f, 0x90, 0x81, 0x6c, 0x57,
-};
-static const unsigned char kat150_nor_persstr[] = {0};
-static const unsigned char kat150_nor_addin0[] = {
-    0x77, 0x25, 0xef, 0x70, 0x59, 0x2c, 0x36, 0x2d, 0x70, 0xb0, 0x88, 0xed,
-    0x63, 0x9f, 0x9d, 0x9b,
-};
-static const unsigned char kat150_nor_addin1[] = {
-    0x5a, 0xb2, 0xe0, 0x06, 0x7c, 0x3b, 0x38, 0x4e, 0x55, 0xa7, 0x84, 0x92,
-    0xf0, 0xf6, 0xed, 0x44,
-};
-static const unsigned char kat150_nor_retbytes[] = {
-    0xca, 0x09, 0x5d, 0xa3, 0x9d, 0x9c, 0x21, 0xd7, 0xda, 0x07, 0x3d, 0x9c,
-    0x95, 0xd2, 0xe4, 0x15, 0x50, 0x3b, 0x33, 0xc3, 0x27, 0xd7, 0x39, 0xf1,
-    0x83, 0x8b, 0xbe, 0xa4, 0xfc, 0x6f, 0x02, 0x54, 0xfd, 0xaf, 0x8e, 0xf6,
-    0x15, 0x2e, 0x92, 0x63, 0xf4, 0x6b, 0x86, 0x4f, 0x39, 0xc7, 0x10, 0x4d,
-    0x1d, 0x33, 0x7d, 0x99, 0xfe, 0xe5, 0x88, 0x06, 0x11, 0x52, 0xe6, 0x23,
-    0xd7, 0xe0, 0x0a, 0x27, 0xe0, 0x3b, 0x5d, 0x16, 0xfe, 0x6e, 0x54, 0x34,
-    0x53, 0xa3, 0x1d, 0x4d, 0xaf, 0xed, 0xa3, 0xb5,
-};
-static const struct drbg_kat_no_reseed kat150_nor_t = {
-    14, kat150_nor_entropyin, kat150_nor_nonce, kat150_nor_persstr,
-    kat150_nor_addin0, kat150_nor_addin1, kat150_nor_retbytes
-};
-static const struct drbg_kat kat150_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat150_nor_t
-};
-
-static const unsigned char kat151_nor_entropyin[] = {
-    0x91, 0xd9, 0x9c, 0x51, 0x1c, 0x2f, 0x19, 0x67, 0xd3, 0x1d, 0x20, 0xb3,
-    0x13, 0xe5, 0x38, 0x2d,
-};
-static const unsigned char kat151_nor_nonce[] = {
-    0x1e, 0xaf, 0x7f, 0x1d, 0x0a, 0xa3, 0x6a, 0x19,
-};
-static const unsigned char kat151_nor_persstr[] = {
-    0x31, 0xe6, 0xb0, 0x4d, 0x73, 0xb1, 0xa9, 0x70, 0xfd, 0x3d, 0xcd, 0x8f,
-    0x08, 0x9e, 0x44, 0x02,
-};
-static const unsigned char kat151_nor_addin0[] = {0};
-static const unsigned char kat151_nor_addin1[] = {0};
-static const unsigned char kat151_nor_retbytes[] = {
-    0x1c, 0x95, 0xfb, 0x98, 0x5c, 0xf1, 0x7c, 0xb9, 0xcf, 0x0b, 0xcd, 0x53,
-    0x95, 0x99, 0x72, 0xc8, 0xfd, 0x4b, 0xbc, 0x72, 0x5b, 0x2e, 0xcc, 0x8e,
-    0xe8, 0x43, 0xd5, 0x5e, 0x49, 0x4b, 0xc7, 0x68, 0x4d, 0x17, 0x65, 0x93,
-    0x1c, 0x17, 0x3a, 0x83, 0x8d, 0xc7, 0xb4, 0x34, 0x4c, 0xdc, 0x14, 0x58,
-    0x64, 0x09, 0x06, 0x6d, 0x4f, 0x1d, 0x54, 0xac, 0x21, 0x4e, 0xcb, 0xe5,
-    0xbd, 0x13, 0x9c, 0x65, 0xab, 0xe1, 0x99, 0x52, 0x5f, 0xa8, 0xff, 0xbe,
-    0xf5, 0x93, 0x04, 0xe4, 0x7b, 0xaa, 0xc9, 0xa9,
-};
-static const struct drbg_kat_no_reseed kat151_nor_t = {
-    0, kat151_nor_entropyin, kat151_nor_nonce, kat151_nor_persstr,
-    kat151_nor_addin0, kat151_nor_addin1, kat151_nor_retbytes
-};
-static const struct drbg_kat kat151_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat151_nor_t
-};
-
-static const unsigned char kat152_nor_entropyin[] = {
-    0xe6, 0x77, 0x28, 0x1e, 0x87, 0x1c, 0x28, 0xd6, 0x31, 0xb2, 0x36, 0x11,
-    0x07, 0x24, 0x0c, 0x22,
-};
-static const unsigned char kat152_nor_nonce[] = {
-    0x87, 0x46, 0x89, 0x67, 0xe4, 0x55, 0xd2, 0xda,
-};
-static const unsigned char kat152_nor_persstr[] = {
-    0x11, 0x4b, 0xa9, 0x2f, 0x79, 0x45, 0x18, 0x01, 0x5c, 0x06, 0x7f, 0x7c,
-    0x35, 0x8c, 0x40, 0x41,
-};
-static const unsigned char kat152_nor_addin0[] = {0};
-static const unsigned char kat152_nor_addin1[] = {0};
-static const unsigned char kat152_nor_retbytes[] = {
-    0x59, 0x58, 0x4f, 0xf0, 0x0c, 0x44, 0xa0, 0xdb, 0xd1, 0x5c, 0x1f, 0x35,
-    0xe0, 0x50, 0xc1, 0x84, 0xe8, 0xd5, 0x87, 0xe8, 0x85, 0x9c, 0xb0, 0x61,
-    0xc8, 0x40, 0x9c, 0x45, 0x4b, 0x95, 0x39, 0x24, 0xf5, 0xe6, 0xee, 0x1f,
-    0xee, 0x4d, 0x76, 0x34, 0x62, 0xdd, 0x6a, 0x29, 0xa6, 0xcb, 0xe4, 0xa3,
-    0x73, 0x97, 0x4c, 0x01, 0xd6, 0x88, 0xee, 0x57, 0x28, 0xcf, 0x71, 0x2b,
-    0xcd, 0xc8, 0x2c, 0xb0, 0xad, 0x15, 0x41, 0x92, 0x29, 0xb8, 0xcd, 0x11,
-    0x4a, 0xc7, 0x85, 0x1e, 0x37, 0xa3, 0xd7, 0xb2,
-};
-static const struct drbg_kat_no_reseed kat152_nor_t = {
-    1, kat152_nor_entropyin, kat152_nor_nonce, kat152_nor_persstr,
-    kat152_nor_addin0, kat152_nor_addin1, kat152_nor_retbytes
-};
-static const struct drbg_kat kat152_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat152_nor_t
-};
-
-static const unsigned char kat153_nor_entropyin[] = {
-    0xbd, 0x48, 0x31, 0xa8, 0x52, 0x79, 0xfd, 0x76, 0x7c, 0xaf, 0xf4, 0x4b,
-    0xa2, 0x60, 0x53, 0xae,
-};
-static const unsigned char kat153_nor_nonce[] = {
-    0x9e, 0x56, 0xa8, 0x08, 0x71, 0x18, 0x27, 0xf6,
-};
-static const unsigned char kat153_nor_persstr[] = {
-    0x69, 0xe0, 0xfe, 0x7b, 0x80, 0x4c, 0x65, 0xbb, 0x8c, 0x7b, 0xa8, 0x9a,
-    0x8b, 0x4c, 0x7c, 0x6a,
-};
-static const unsigned char kat153_nor_addin0[] = {0};
-static const unsigned char kat153_nor_addin1[] = {0};
-static const unsigned char kat153_nor_retbytes[] = {
-    0x7d, 0x1f, 0xe8, 0xc9, 0xde, 0x79, 0x61, 0x1d, 0x57, 0xb5, 0x12, 0x97,
-    0xcf, 0x1b, 0x23, 0x04, 0x59, 0x15, 0x04, 0xa0, 0x46, 0x94, 0xe6, 0x0e,
-    0x21, 0xfd, 0xd7, 0x0f, 0x3d, 0x78, 0x2d, 0x17, 0xae, 0xa3, 0x51, 0x73,
-    0xef, 0xa3, 0x0e, 0xf2, 0xf2, 0x35, 0x89, 0x4d, 0x69, 0x6f, 0x1a, 0x15,
-    0x0b, 0xfe, 0x03, 0x96, 0x27, 0x1f, 0xd8, 0xcb, 0xa0, 0x62, 0x82, 0x35,
-    0x80, 0xa9, 0xe1, 0xde, 0x8e, 0x32, 0xd9, 0x62, 0xbd, 0xcb, 0x4b, 0x4f,
-    0x47, 0xb9, 0x42, 0xfc, 0x39, 0x84, 0x9a, 0xbf,
-};
-static const struct drbg_kat_no_reseed kat153_nor_t = {
-    2, kat153_nor_entropyin, kat153_nor_nonce, kat153_nor_persstr,
-    kat153_nor_addin0, kat153_nor_addin1, kat153_nor_retbytes
-};
-static const struct drbg_kat kat153_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat153_nor_t
-};
-
-static const unsigned char kat154_nor_entropyin[] = {
-    0x46, 0xbd, 0xab, 0x81, 0x1f, 0x76, 0xb7, 0x52, 0x55, 0x1a, 0x2b, 0x11,
-    0xb7, 0x08, 0x96, 0x3e,
-};
-static const unsigned char kat154_nor_nonce[] = {
-    0x8b, 0xe4, 0xfc, 0x15, 0x9f, 0xdb, 0x75, 0x15,
-};
-static const unsigned char kat154_nor_persstr[] = {
-    0xbc, 0x4f, 0x4d, 0x95, 0x92, 0x7b, 0x1a, 0xa6, 0x66, 0x79, 0x1c, 0x4a,
-    0xa8, 0x18, 0x70, 0x0f,
-};
-static const unsigned char kat154_nor_addin0[] = {0};
-static const unsigned char kat154_nor_addin1[] = {0};
-static const unsigned char kat154_nor_retbytes[] = {
-    0xc5, 0x35, 0x85, 0x9c, 0xef, 0x07, 0x49, 0x16, 0xf7, 0xa3, 0x78, 0x55,
-    0x37, 0x28, 0x5b, 0xe3, 0x85, 0x89, 0x38, 0x22, 0xa9, 0x53, 0xfd, 0x41,
-    0xab, 0xa6, 0x00, 0xf5, 0x6d, 0x80, 0xe6, 0xef, 0xe2, 0x95, 0x2f, 0x92,
-    0xec, 0xe5, 0xcb, 0xec, 0x15, 0xb2, 0xb0, 0x3a, 0x22, 0x90, 0x80, 0xde,
-    0x98, 0xc6, 0xeb, 0xda, 0x74, 0x1f, 0x19, 0xd3, 0x55, 0x70, 0x15, 0xa9,
-    0x0e, 0xe0, 0xb2, 0xa0, 0xde, 0x9c, 0x0e, 0xb6, 0x4c, 0x8b, 0x8a, 0xf6,
-    0xdc, 0xcf, 0x8f, 0x74, 0xe7, 0xca, 0x1c, 0x1f,
-};
-static const struct drbg_kat_no_reseed kat154_nor_t = {
-    3, kat154_nor_entropyin, kat154_nor_nonce, kat154_nor_persstr,
-    kat154_nor_addin0, kat154_nor_addin1, kat154_nor_retbytes
-};
-static const struct drbg_kat kat154_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat154_nor_t
-};
-
-static const unsigned char kat155_nor_entropyin[] = {
-    0x67, 0x01, 0x13, 0x8a, 0x46, 0xb1, 0x48, 0xa2, 0x68, 0x88, 0x79, 0x98,
-    0x9a, 0xb4, 0xda, 0x96,
-};
-static const unsigned char kat155_nor_nonce[] = {
-    0x1b, 0xbd, 0x5c, 0x7f, 0x09, 0x55, 0x34, 0xcc,
-};
-static const unsigned char kat155_nor_persstr[] = {
-    0xce, 0xd0, 0x4a, 0x25, 0xa8, 0xbd, 0xed, 0xbd, 0xbb, 0x28, 0x53, 0x43,
-    0x76, 0xbb, 0x24, 0x14,
-};
-static const unsigned char kat155_nor_addin0[] = {0};
-static const unsigned char kat155_nor_addin1[] = {0};
-static const unsigned char kat155_nor_retbytes[] = {
-    0xb4, 0xc2, 0xf0, 0xe9, 0x89, 0xbd, 0x85, 0x8e, 0xd1, 0x60, 0x37, 0xf8,
-    0x34, 0x45, 0x57, 0xb0, 0xcb, 0x35, 0xd0, 0x44, 0x19, 0x1d, 0x68, 0x0c,
-    0xb1, 0xaf, 0xcd, 0x2d, 0x85, 0x63, 0x68, 0x6a, 0x92, 0xfd, 0xff, 0x5e,
-    0x13, 0x31, 0xfd, 0x3f, 0xc8, 0x7d, 0x14, 0xf3, 0xba, 0x10, 0xeb, 0x14,
-    0xee, 0x6b, 0x16, 0xd6, 0x48, 0x18, 0x13, 0x92, 0x33, 0x5c, 0x0e, 0xe4,
-    0xc2, 0xab, 0x27, 0x58, 0x81, 0xbb, 0xa3, 0x6c, 0x55, 0x3d, 0x34, 0x81,
-    0x0b, 0x8c, 0x68, 0x9a, 0xad, 0x01, 0x73, 0x43,
-};
-static const struct drbg_kat_no_reseed kat155_nor_t = {
-    4, kat155_nor_entropyin, kat155_nor_nonce, kat155_nor_persstr,
-    kat155_nor_addin0, kat155_nor_addin1, kat155_nor_retbytes
-};
-static const struct drbg_kat kat155_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat155_nor_t
-};
-
-static const unsigned char kat156_nor_entropyin[] = {
-    0x9d, 0xf8, 0x20, 0x29, 0x7b, 0xc0, 0x01, 0x6d, 0x24, 0x6a, 0x93, 0xcb,
-    0x64, 0x19, 0x20, 0x73,
-};
-static const unsigned char kat156_nor_nonce[] = {
-    0xf2, 0xdc, 0xff, 0x78, 0xc9, 0x0a, 0x15, 0xa7,
-};
-static const unsigned char kat156_nor_persstr[] = {
-    0x70, 0x59, 0x43, 0x3f, 0x58, 0x64, 0x6f, 0x57, 0x94, 0xcc, 0xf1, 0x71,
-    0xca, 0x18, 0x8a, 0x95,
-};
-static const unsigned char kat156_nor_addin0[] = {0};
-static const unsigned char kat156_nor_addin1[] = {0};
-static const unsigned char kat156_nor_retbytes[] = {
-    0x06, 0xa5, 0xc6, 0x1c, 0x66, 0x45, 0x03, 0x46, 0x9a, 0xf0, 0xff, 0x67,
-    0x14, 0xae, 0x87, 0xe8, 0xa7, 0x69, 0x96, 0xc3, 0x5d, 0x80, 0xd4, 0x5b,
-    0x02, 0x08, 0xbb, 0x26, 0x73, 0x5b, 0x9e, 0x46, 0x30, 0xea, 0xcf, 0x50,
-    0xcf, 0x62, 0xff, 0x35, 0x30, 0x21, 0x4e, 0x8d, 0xed, 0xbe, 0x42, 0x40,
-    0x84, 0x86, 0x38, 0xeb, 0x41, 0x78, 0x3f, 0x8d, 0x1d, 0x3e, 0xfa, 0x63,
-    0x99, 0xbc, 0x1d, 0x95, 0x54, 0xf5, 0xb5, 0xa3, 0x86, 0x08, 0x24, 0x98,
-    0xa3, 0x3f, 0x8e, 0xa4, 0xfa, 0x53, 0x09, 0xf1,
-};
-static const struct drbg_kat_no_reseed kat156_nor_t = {
-    5, kat156_nor_entropyin, kat156_nor_nonce, kat156_nor_persstr,
-    kat156_nor_addin0, kat156_nor_addin1, kat156_nor_retbytes
-};
-static const struct drbg_kat kat156_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat156_nor_t
-};
-
-static const unsigned char kat157_nor_entropyin[] = {
-    0x24, 0x4c, 0xc3, 0xba, 0xa0, 0x00, 0xaf, 0xa7, 0xd5, 0x47, 0x51, 0x17,
-    0x70, 0x16, 0x5f, 0x70,
-};
-static const unsigned char kat157_nor_nonce[] = {
-    0xc5, 0x83, 0x94, 0x2d, 0x88, 0x88, 0x28, 0xff,
-};
-static const unsigned char kat157_nor_persstr[] = {
-    0x53, 0xab, 0x8f, 0x3e, 0x39, 0x26, 0x96, 0xff, 0xb6, 0xb0, 0x6f, 0x45,
-    0xaf, 0x12, 0x56, 0x56,
-};
-static const unsigned char kat157_nor_addin0[] = {0};
-static const unsigned char kat157_nor_addin1[] = {0};
-static const unsigned char kat157_nor_retbytes[] = {
-    0x67, 0xd1, 0x73, 0x5a, 0x4c, 0xd3, 0x7b, 0xe6, 0x7e, 0x68, 0x2e, 0xe5,
-    0xa3, 0xc9, 0x9a, 0xba, 0x13, 0x8b, 0x74, 0x88, 0x7b, 0x90, 0xc8, 0x29,
-    0x1e, 0x9e, 0x4e, 0x71, 0x56, 0xc7, 0x86, 0xef, 0x56, 0x26, 0xec, 0xb2,
-    0x42, 0x0e, 0x47, 0xd6, 0x4b, 0x6a, 0x04, 0x4f, 0xac, 0x95, 0x1d, 0xdb,
-    0x30, 0x2d, 0x18, 0x4c, 0x5a, 0xe0, 0x1f, 0x03, 0xc4, 0x2e, 0xcf, 0x63,
-    0x3a, 0x1e, 0x53, 0x9f, 0xcd, 0xb4, 0xf9, 0x26, 0xa4, 0x72, 0xc4, 0x8d,
-    0xd8, 0xce, 0x30, 0x91, 0x4c, 0xc2, 0x29, 0xd4,
-};
-static const struct drbg_kat_no_reseed kat157_nor_t = {
-    6, kat157_nor_entropyin, kat157_nor_nonce, kat157_nor_persstr,
-    kat157_nor_addin0, kat157_nor_addin1, kat157_nor_retbytes
-};
-static const struct drbg_kat kat157_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat157_nor_t
-};
-
-static const unsigned char kat158_nor_entropyin[] = {
-    0xd8, 0x99, 0x7d, 0x36, 0xed, 0x9d, 0x8d, 0x50, 0xa1, 0x90, 0xed, 0x4f,
-    0xf8, 0x16, 0x0a, 0xcf,
-};
-static const unsigned char kat158_nor_nonce[] = {
-    0xd9, 0xb4, 0xad, 0xd5, 0xce, 0x5a, 0x28, 0xb9,
-};
-static const unsigned char kat158_nor_persstr[] = {
-    0xfd, 0x9f, 0x0c, 0xfd, 0xb8, 0x0e, 0xe5, 0x81, 0xe8, 0x36, 0x76, 0xcf,
-    0xc4, 0xfa, 0x09, 0xd7,
-};
-static const unsigned char kat158_nor_addin0[] = {0};
-static const unsigned char kat158_nor_addin1[] = {0};
-static const unsigned char kat158_nor_retbytes[] = {
-    0x68, 0x50, 0xdb, 0x84, 0xa8, 0x68, 0xeb, 0x1f, 0x0d, 0xe7, 0x5a, 0x38,
-    0x81, 0xa4, 0xec, 0x79, 0xa1, 0x15, 0x6f, 0x30, 0xb8, 0x61, 0x8c, 0xa1,
-    0x6e, 0x55, 0x17, 0x5a, 0xb6, 0xf8, 0x40, 0x93, 0x2d, 0x21, 0xa3, 0x40,
-    0xd9, 0x46, 0x5f, 0xa1, 0x2a, 0x58, 0x7c, 0xff, 0x1f, 0x87, 0x86, 0x27,
-    0xaa, 0xd2, 0xe9, 0xc8, 0x27, 0x84, 0xf6, 0x50, 0xdf, 0xca, 0xbd, 0x12,
-    0xb3, 0x6c, 0xdb, 0x1b, 0x10, 0xa2, 0xd1, 0x75, 0x1d, 0x97, 0x56, 0xb5,
-    0xe2, 0x89, 0xe8, 0xaa, 0x7d, 0x23, 0x02, 0xeb,
-};
-static const struct drbg_kat_no_reseed kat158_nor_t = {
-    7, kat158_nor_entropyin, kat158_nor_nonce, kat158_nor_persstr,
-    kat158_nor_addin0, kat158_nor_addin1, kat158_nor_retbytes
-};
-static const struct drbg_kat kat158_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat158_nor_t
-};
-
-static const unsigned char kat159_nor_entropyin[] = {
-    0x02, 0x85, 0xda, 0x43, 0x1e, 0xd1, 0xc6, 0x18, 0x07, 0x8e, 0x1b, 0x4e,
-    0xd9, 0xef, 0xfc, 0xa4,
-};
-static const unsigned char kat159_nor_nonce[] = {
-    0xf1, 0x0a, 0x22, 0xcf, 0x4a, 0xdb, 0x6c, 0x3f,
-};
-static const unsigned char kat159_nor_persstr[] = {
-    0x07, 0x3b, 0x53, 0x7b, 0x35, 0xc6, 0xa4, 0x97, 0xe4, 0x78, 0x51, 0x6e,
-    0xd7, 0x97, 0x83, 0xee,
-};
-static const unsigned char kat159_nor_addin0[] = {0};
-static const unsigned char kat159_nor_addin1[] = {0};
-static const unsigned char kat159_nor_retbytes[] = {
-    0x12, 0xf8, 0xf3, 0x57, 0x63, 0x3b, 0x5c, 0x76, 0x96, 0x65, 0xc3, 0x33,
-    0xb9, 0x75, 0xa8, 0x1e, 0xd9, 0x7f, 0x94, 0x0f, 0x50, 0x09, 0x4b, 0xda,
-    0xb1, 0xe2, 0x78, 0x12, 0x63, 0x56, 0xf9, 0xf9, 0xda, 0xb2, 0x1a, 0x2f,
-    0xea, 0x61, 0xa0, 0xf4, 0x91, 0x14, 0x39, 0x78, 0x89, 0x42, 0x38, 0xc0,
-    0x4c, 0xf4, 0x95, 0x6a, 0xe8, 0xff, 0xab, 0xad, 0xb6, 0xab, 0xf0, 0xac,
-    0x4e, 0xfe, 0xf7, 0x6d, 0x5a, 0x58, 0x1e, 0xd7, 0x97, 0x94, 0x8c, 0x66,
-    0x72, 0x00, 0x8a, 0x89, 0x73, 0xe9, 0x75, 0x67,
-};
-static const struct drbg_kat_no_reseed kat159_nor_t = {
-    8, kat159_nor_entropyin, kat159_nor_nonce, kat159_nor_persstr,
-    kat159_nor_addin0, kat159_nor_addin1, kat159_nor_retbytes
-};
-static const struct drbg_kat kat159_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat159_nor_t
-};
-
-static const unsigned char kat160_nor_entropyin[] = {
-    0xd6, 0xb7, 0x35, 0xfd, 0xa7, 0x41, 0x9f, 0x43, 0x23, 0x1d, 0x90, 0x51,
-    0xd7, 0x35, 0x41, 0xf6,
-};
-static const unsigned char kat160_nor_nonce[] = {
-    0x7e, 0x09, 0x5b, 0x38, 0xbe, 0x8e, 0xc5, 0x49,
-};
-static const unsigned char kat160_nor_persstr[] = {
-    0x27, 0x87, 0x2a, 0xf7, 0x30, 0xf3, 0xab, 0x90, 0xa3, 0xa5, 0x20, 0xe3,
-    0x24, 0xc9, 0x08, 0xa0,
-};
-static const unsigned char kat160_nor_addin0[] = {0};
-static const unsigned char kat160_nor_addin1[] = {0};
-static const unsigned char kat160_nor_retbytes[] = {
-    0xf6, 0x84, 0x24, 0x8e, 0x03, 0x9a, 0x99, 0x19, 0x77, 0x3e, 0x17, 0x80,
-    0x86, 0xde, 0xb5, 0x58, 0x10, 0x52, 0xee, 0x66, 0xec, 0x06, 0x23, 0x6a,
-    0x49, 0x72, 0xe4, 0x45, 0x9a, 0xe1, 0x6f, 0x7d, 0x5d, 0xe6, 0x6c, 0x74,
-    0x23, 0x18, 0x9f, 0x12, 0xe1, 0xc9, 0xa1, 0x05, 0xd1, 0xfb, 0x15, 0x00,
-    0x01, 0x0e, 0xb2, 0x80, 0xf3, 0x46, 0xb4, 0x5d, 0x96, 0xac, 0x90, 0x38,
-    0x9f, 0xf5, 0x17, 0x4c, 0xc0, 0x09, 0x11, 0xec, 0x3a, 0x89, 0x72, 0xed,
-    0x02, 0x8f, 0x74, 0xeb, 0xa8, 0x34, 0x77, 0x32,
-};
-static const struct drbg_kat_no_reseed kat160_nor_t = {
-    9, kat160_nor_entropyin, kat160_nor_nonce, kat160_nor_persstr,
-    kat160_nor_addin0, kat160_nor_addin1, kat160_nor_retbytes
-};
-static const struct drbg_kat kat160_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat160_nor_t
-};
-
-static const unsigned char kat161_nor_entropyin[] = {
-    0x87, 0x06, 0xde, 0xce, 0x8a, 0x59, 0x5f, 0x0c, 0x48, 0x85, 0xc1, 0x46,
-    0x95, 0xff, 0x29, 0xd9,
-};
-static const unsigned char kat161_nor_nonce[] = {
-    0x96, 0x58, 0x7c, 0x6f, 0x34, 0xd2, 0x9e, 0x6f,
-};
-static const unsigned char kat161_nor_persstr[] = {
-    0xbd, 0x77, 0x0a, 0x8f, 0x31, 0xf7, 0x84, 0x82, 0xb2, 0xca, 0x2e, 0x1e,
-    0x4b, 0x24, 0xb3, 0x3b,
-};
-static const unsigned char kat161_nor_addin0[] = {0};
-static const unsigned char kat161_nor_addin1[] = {0};
-static const unsigned char kat161_nor_retbytes[] = {
-    0x4d, 0x30, 0x52, 0x3f, 0xc5, 0x74, 0xd6, 0x35, 0x2b, 0xad, 0xa3, 0xd2,
-    0x56, 0x71, 0x78, 0xc7, 0x02, 0x80, 0x5a, 0xde, 0xef, 0x69, 0xbd, 0x68,
-    0x20, 0xed, 0x97, 0x14, 0x6b, 0xb3, 0x0d, 0x09, 0xc1, 0x6f, 0xff, 0x50,
-    0x20, 0x89, 0xa9, 0x0f, 0x9c, 0x99, 0x36, 0x86, 0xc7, 0x2c, 0x40, 0x18,
-    0x25, 0xa8, 0x3f, 0x09, 0x4e, 0x81, 0x52, 0xaf, 0x22, 0x1d, 0x71, 0xd5,
-    0x5e, 0x68, 0x82, 0xa1, 0x0f, 0x4d, 0x17, 0xaa, 0x08, 0xdf, 0xbe, 0x54,
-    0xb2, 0x63, 0xd2, 0xba, 0xae, 0x0b, 0x83, 0xd4,
-};
-static const struct drbg_kat_no_reseed kat161_nor_t = {
-    10, kat161_nor_entropyin, kat161_nor_nonce, kat161_nor_persstr,
-    kat161_nor_addin0, kat161_nor_addin1, kat161_nor_retbytes
-};
-static const struct drbg_kat kat161_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat161_nor_t
-};
-
-static const unsigned char kat162_nor_entropyin[] = {
-    0x32, 0x52, 0x6f, 0x30, 0xf3, 0x61, 0xbc, 0xd4, 0xdf, 0x58, 0x02, 0x72,
-    0x44, 0x42, 0xb0, 0x1d,
-};
-static const unsigned char kat162_nor_nonce[] = {
-    0x19, 0x29, 0xdf, 0xb1, 0x7d, 0x50, 0x04, 0x42,
-};
-static const unsigned char kat162_nor_persstr[] = {
-    0xf9, 0x45, 0xc1, 0xe2, 0xea, 0xbc, 0x43, 0x51, 0x93, 0x13, 0x46, 0x28,
-    0xbc, 0x8c, 0x03, 0xe1,
-};
-static const unsigned char kat162_nor_addin0[] = {0};
-static const unsigned char kat162_nor_addin1[] = {0};
-static const unsigned char kat162_nor_retbytes[] = {
-    0xe8, 0x96, 0x26, 0x54, 0x57, 0xd9, 0x25, 0x1f, 0x40, 0x62, 0xa1, 0x4f,
-    0x08, 0xd1, 0x6a, 0xe5, 0xc4, 0xff, 0x37, 0x0b, 0x46, 0x75, 0xf2, 0x0f,
-    0xed, 0x95, 0x11, 0xea, 0xd9, 0x99, 0xa5, 0xe4, 0xab, 0x70, 0x94, 0xba,
-    0x66, 0x78, 0xe6, 0x9a, 0xbc, 0x7a, 0x95, 0x91, 0x66, 0x76, 0x28, 0x0c,
-    0x7f, 0x78, 0xcf, 0xbe, 0xd7, 0xdf, 0xce, 0xa4, 0x64, 0x93, 0xf5, 0x76,
-    0x34, 0xe9, 0x3d, 0xd1, 0x87, 0x00, 0x60, 0x7e, 0x1e, 0x19, 0xb7, 0x8a,
-    0x57, 0xd1, 0xe4, 0x7b, 0xa0, 0x79, 0xe4, 0x05,
-};
-static const struct drbg_kat_no_reseed kat162_nor_t = {
-    11, kat162_nor_entropyin, kat162_nor_nonce, kat162_nor_persstr,
-    kat162_nor_addin0, kat162_nor_addin1, kat162_nor_retbytes
-};
-static const struct drbg_kat kat162_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat162_nor_t
-};
-
-static const unsigned char kat163_nor_entropyin[] = {
-    0x87, 0x4b, 0x0d, 0xd4, 0x2d, 0x1d, 0xdf, 0xb3, 0xd3, 0x83, 0x52, 0x71,
-    0xf5, 0x73, 0x16, 0x29,
-};
-static const unsigned char kat163_nor_nonce[] = {
-    0x87, 0xb6, 0xc8, 0x9e, 0xda, 0x28, 0x47, 0x8a,
-};
-static const unsigned char kat163_nor_persstr[] = {
-    0x7d, 0x5b, 0x80, 0x24, 0x74, 0x11, 0xc0, 0x67, 0x79, 0x7d, 0xfc, 0x10,
-    0xc1, 0x66, 0x87, 0x75,
-};
-static const unsigned char kat163_nor_addin0[] = {0};
-static const unsigned char kat163_nor_addin1[] = {0};
-static const unsigned char kat163_nor_retbytes[] = {
-    0x69, 0x97, 0x23, 0x85, 0x9d, 0x25, 0xab, 0x75, 0x9a, 0x9b, 0x8b, 0x37,
-    0x28, 0xa6, 0x7b, 0xf6, 0x39, 0xe0, 0x2b, 0x80, 0x5d, 0x5e, 0xa7, 0xb6,
-    0xe6, 0xd6, 0x14, 0xec, 0x29, 0x72, 0x8b, 0x68, 0xd6, 0xd9, 0xed, 0x29,
-    0xa9, 0x3a, 0xb1, 0xf1, 0xc6, 0x24, 0xd3, 0xf2, 0xd5, 0xca, 0x18, 0x26,
-    0xcd, 0x09, 0xcc, 0x1c, 0x55, 0x55, 0x60, 0x45, 0x37, 0x56, 0x7f, 0xa6,
-    0xfd, 0xb1, 0xf6, 0x62, 0x2d, 0x29, 0xf2, 0xd8, 0x1d, 0x1d, 0xd7, 0xc2,
-    0x31, 0x79, 0xd7, 0x5c, 0x43, 0xd7, 0x2f, 0x06,
-};
-static const struct drbg_kat_no_reseed kat163_nor_t = {
-    12, kat163_nor_entropyin, kat163_nor_nonce, kat163_nor_persstr,
-    kat163_nor_addin0, kat163_nor_addin1, kat163_nor_retbytes
-};
-static const struct drbg_kat kat163_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat163_nor_t
-};
-
-static const unsigned char kat164_nor_entropyin[] = {
-    0x51, 0x62, 0x63, 0x6e, 0x7b, 0x1a, 0x5c, 0xf9, 0xb1, 0xc1, 0x4d, 0x72,
-    0x3b, 0xb3, 0xee, 0xb9,
-};
-static const unsigned char kat164_nor_nonce[] = {
-    0x21, 0xe5, 0xb1, 0x77, 0xf1, 0x19, 0xc4, 0x77,
-};
-static const unsigned char kat164_nor_persstr[] = {
-    0x65, 0x13, 0x31, 0x8d, 0x80, 0x21, 0x85, 0x46, 0x38, 0x5c, 0x2a, 0xfc,
-    0x56, 0xe4, 0x11, 0x6d,
-};
-static const unsigned char kat164_nor_addin0[] = {0};
-static const unsigned char kat164_nor_addin1[] = {0};
-static const unsigned char kat164_nor_retbytes[] = {
-    0xc2, 0x95, 0xe6, 0x51, 0x5a, 0xbf, 0x25, 0x98, 0x12, 0x27, 0x52, 0xb2,
-    0x4b, 0x4b, 0xb1, 0x49, 0x3d, 0x82, 0x1e, 0x6b, 0xb1, 0x95, 0x61, 0xc2,
-    0x69, 0x0d, 0xfb, 0xc0, 0x61, 0x19, 0xc8, 0x65, 0x39, 0xc0, 0xd2, 0x10,
-    0x02, 0xd2, 0x44, 0x84, 0x74, 0x76, 0x2d, 0x60, 0x75, 0x1b, 0xa8, 0xa5,
-    0x81, 0x65, 0xf6, 0x6f, 0xca, 0xf6, 0x34, 0x2d, 0xcd, 0x4e, 0x46, 0x83,
-    0x63, 0x46, 0x2f, 0x94, 0x14, 0x9d, 0xa6, 0x63, 0x6c, 0x54, 0x8f, 0xe5,
-    0xb9, 0xf2, 0xaa, 0xd1, 0x38, 0xa5, 0x4a, 0x43,
-};
-static const struct drbg_kat_no_reseed kat164_nor_t = {
-    13, kat164_nor_entropyin, kat164_nor_nonce, kat164_nor_persstr,
-    kat164_nor_addin0, kat164_nor_addin1, kat164_nor_retbytes
-};
-static const struct drbg_kat kat164_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat164_nor_t
-};
-
-static const unsigned char kat165_nor_entropyin[] = {
-    0xf8, 0xa1, 0x56, 0x6d, 0x14, 0xff, 0xf9, 0x2e, 0x8d, 0xe3, 0x79, 0xd1,
-    0x68, 0xff, 0x3c, 0xfa,
-};
-static const unsigned char kat165_nor_nonce[] = {
-    0x4e, 0x83, 0x8a, 0x12, 0x4e, 0x4b, 0x53, 0xdf,
-};
-static const unsigned char kat165_nor_persstr[] = {
-    0x16, 0x3e, 0x39, 0x3b, 0x29, 0x0a, 0x4d, 0x39, 0x0a, 0xb0, 0xbe, 0xb3,
-    0x92, 0xf5, 0x2d, 0x26,
-};
-static const unsigned char kat165_nor_addin0[] = {0};
-static const unsigned char kat165_nor_addin1[] = {0};
-static const unsigned char kat165_nor_retbytes[] = {
-    0x76, 0x23, 0x4a, 0xfc, 0x29, 0x6e, 0xa3, 0x6a, 0x44, 0x25, 0x4f, 0x99,
-    0x9a, 0xc3, 0x1f, 0xca, 0x25, 0x8a, 0x24, 0x42, 0x7c, 0xf4, 0xbf, 0xe2,
-    0xc5, 0x44, 0x95, 0xfc, 0x41, 0x47, 0x8e, 0xc4, 0xa0, 0x0b, 0x54, 0x06,
-    0x59, 0xb3, 0xb9, 0x46, 0x1c, 0xc6, 0x18, 0x8b, 0xc1, 0xf5, 0x7c, 0x19,
-    0xae, 0x41, 0x4b, 0xd1, 0x8a, 0xa8, 0x1e, 0xca, 0x7b, 0x9d, 0x76, 0x5a,
-    0x78, 0x4f, 0x0e, 0xf2, 0x43, 0x35, 0xe4, 0x6c, 0x2c, 0x77, 0xb8, 0xdc,
-    0x91, 0x5f, 0x5d, 0x12, 0xc2, 0x6b, 0xc6, 0x53,
-};
-static const struct drbg_kat_no_reseed kat165_nor_t = {
-    14, kat165_nor_entropyin, kat165_nor_nonce, kat165_nor_persstr,
-    kat165_nor_addin0, kat165_nor_addin1, kat165_nor_retbytes
-};
-static const struct drbg_kat kat165_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat165_nor_t
-};
-
-static const unsigned char kat166_nor_entropyin[] = {
-    0x5e, 0x05, 0x66, 0xb6, 0x60, 0x63, 0x1b, 0x94, 0xbf, 0xa0, 0x96, 0xb3,
-    0x22, 0x5d, 0x59, 0xe3,
-};
-static const unsigned char kat166_nor_nonce[] = {
-    0x81, 0x2b, 0xba, 0x14, 0x29, 0x37, 0x56, 0x2d,
-};
-static const unsigned char kat166_nor_persstr[] = {
-    0x08, 0xe8, 0x3a, 0x8e, 0x3d, 0x50, 0xe5, 0x0d, 0xb2, 0xb0, 0xbe, 0x92,
-    0xf2, 0x36, 0xf7, 0x86,
-};
-static const unsigned char kat166_nor_addin0[] = {
-    0x49, 0x6b, 0x30, 0xce, 0xb7, 0xef, 0x9e, 0xbe, 0x9d, 0x44, 0x9d, 0x12,
-    0x4d, 0x22, 0x02, 0xa6,
-};
-static const unsigned char kat166_nor_addin1[] = {
-    0x2d, 0xf0, 0xb0, 0x3d, 0xd0, 0xec, 0xec, 0xd2, 0x05, 0x52, 0xfb, 0xfd,
-    0x33, 0x18, 0x8d, 0x4f,
-};
-static const unsigned char kat166_nor_retbytes[] = {
-    0x48, 0x1e, 0x35, 0x58, 0xc5, 0x0c, 0xb6, 0x69, 0x16, 0x44, 0x48, 0x00,
-    0x1d, 0xaa, 0x1d, 0x56, 0x3c, 0x52, 0xaf, 0xe1, 0x4a, 0x92, 0xb5, 0x8d,
-    0xbf, 0xa6, 0x12, 0xf0, 0xec, 0xd9, 0x4e, 0x2e, 0x64, 0x23, 0x40, 0xa3,
-    0x90, 0x70, 0x28, 0xfe, 0xcc, 0x21, 0x40, 0x87, 0xab, 0xef, 0xe3, 0xb6,
-    0x5c, 0x8f, 0xc2, 0xe0, 0x25, 0x5f, 0x52, 0x0c, 0x85, 0xbf, 0x62, 0xf0,
-    0x2a, 0x7e, 0x18, 0x79, 0x69, 0x50, 0xf4, 0xfd, 0xd4, 0xa4, 0x08, 0xbe,
-    0xc6, 0x92, 0x4e, 0xa5, 0x02, 0x36, 0x05, 0x90,
-};
-static const struct drbg_kat_no_reseed kat166_nor_t = {
-    0, kat166_nor_entropyin, kat166_nor_nonce, kat166_nor_persstr,
-    kat166_nor_addin0, kat166_nor_addin1, kat166_nor_retbytes
-};
-static const struct drbg_kat kat166_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat166_nor_t
-};
-
-static const unsigned char kat167_nor_entropyin[] = {
-    0xf9, 0xbd, 0x51, 0x0f, 0x8a, 0xb8, 0x9e, 0xe8, 0x45, 0x10, 0x69, 0xf3,
-    0xf9, 0xc0, 0x1c, 0xb0,
-};
-static const unsigned char kat167_nor_nonce[] = {
-    0xa4, 0x22, 0xdf, 0xa0, 0xb0, 0x62, 0x1e, 0xa0,
-};
-static const unsigned char kat167_nor_persstr[] = {
-    0x94, 0xb4, 0xb3, 0xcf, 0x14, 0x53, 0x45, 0x7f, 0xd5, 0x8e, 0xdc, 0xf4,
-    0xae, 0xaf, 0x4c, 0x4c,
-};
-static const unsigned char kat167_nor_addin0[] = {
-    0x30, 0x66, 0xbd, 0xe4, 0xe2, 0x6c, 0x14, 0xda, 0x64, 0x9f, 0xc0, 0xcb,
-    0x71, 0x4b, 0x7e, 0x20,
-};
-static const unsigned char kat167_nor_addin1[] = {
-    0x40, 0x54, 0x4e, 0x97, 0x2e, 0x9a, 0x7b, 0xc2, 0x27, 0xc8, 0x7f, 0xeb,
-    0x19, 0x3a, 0x85, 0xeb,
-};
-static const unsigned char kat167_nor_retbytes[] = {
-    0x44, 0xf9, 0x71, 0x34, 0x7a, 0xbb, 0x13, 0xb4, 0x50, 0x30, 0xef, 0x60,
-    0x03, 0xac, 0x15, 0x4e, 0x07, 0x6e, 0x6e, 0xf4, 0x9e, 0xc5, 0x84, 0x9d,
-    0x80, 0xf0, 0x92, 0x65, 0x07, 0x01, 0x55, 0x9c, 0x41, 0xcf, 0x6e, 0xeb,
-    0x02, 0xe8, 0xd8, 0xe3, 0x19, 0xa5, 0xb7, 0x56, 0x95, 0x01, 0x4d, 0xb8,
-    0x95, 0xde, 0x56, 0xdb, 0x11, 0x21, 0x79, 0x8f, 0x8e, 0x68, 0x1e, 0x6f,
-    0x4a, 0x3e, 0xc6, 0x6e, 0x85, 0x3f, 0x01, 0x3b, 0x01, 0x78, 0x59, 0xd1,
-    0xc7, 0x6d, 0x34, 0x8c, 0x0e, 0xe7, 0x26, 0x65,
-};
-static const struct drbg_kat_no_reseed kat167_nor_t = {
-    1, kat167_nor_entropyin, kat167_nor_nonce, kat167_nor_persstr,
-    kat167_nor_addin0, kat167_nor_addin1, kat167_nor_retbytes
-};
-static const struct drbg_kat kat167_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat167_nor_t
-};
-
-static const unsigned char kat168_nor_entropyin[] = {
-    0x10, 0x5d, 0x33, 0xd2, 0x36, 0x2b, 0x87, 0xad, 0x3e, 0xe5, 0x1f, 0xd7,
-    0xac, 0x74, 0xb7, 0x56,
-};
-static const unsigned char kat168_nor_nonce[] = {
-    0xcf, 0xa2, 0x0f, 0x0e, 0x56, 0x6d, 0xc5, 0xc7,
-};
-static const unsigned char kat168_nor_persstr[] = {
-    0x76, 0x4c, 0x28, 0xee, 0x81, 0x33, 0x6a, 0xed, 0xca, 0x87, 0x2c, 0xe2,
-    0x66, 0xd5, 0x63, 0x13,
-};
-static const unsigned char kat168_nor_addin0[] = {
-    0x12, 0xcc, 0xa7, 0x0d, 0xcf, 0x8b, 0xee, 0x7f, 0xcb, 0x19, 0x89, 0x49,
-    0x83, 0x9b, 0x14, 0x40,
-};
-static const unsigned char kat168_nor_addin1[] = {
-    0x11, 0x4b, 0xc1, 0x7e, 0x43, 0x91, 0xcc, 0x4f, 0xe8, 0xcd, 0x45, 0x15,
-    0xc2, 0xeb, 0x05, 0xa9,
-};
-static const unsigned char kat168_nor_retbytes[] = {
-    0x00, 0xdb, 0x80, 0x05, 0xe9, 0xc9, 0x19, 0x1c, 0x5c, 0xb1, 0xc8, 0x9f,
-    0x79, 0xfe, 0x13, 0xa0, 0xe9, 0xb5, 0xb4, 0xe1, 0x0b, 0x4c, 0xc7, 0x72,
-    0xc8, 0xad, 0x9f, 0x86, 0xd5, 0x7b, 0xb0, 0xf4, 0x3e, 0xc8, 0xa4, 0xb8,
-    0x75, 0xa5, 0xd4, 0x25, 0x75, 0xb9, 0x1d, 0x6e, 0x52, 0x77, 0xb1, 0x82,
-    0x75, 0xac, 0x76, 0x93, 0x25, 0xaf, 0x3f, 0xaf, 0xfb, 0xff, 0x6a, 0x9d,
-    0x66, 0xf6, 0x85, 0x00, 0xa0, 0x7f, 0xae, 0xe8, 0x22, 0xd0, 0x8e, 0xd8,
-    0xde, 0x79, 0x0b, 0xc5, 0x1c, 0xea, 0x80, 0xa9,
-};
-static const struct drbg_kat_no_reseed kat168_nor_t = {
-    2, kat168_nor_entropyin, kat168_nor_nonce, kat168_nor_persstr,
-    kat168_nor_addin0, kat168_nor_addin1, kat168_nor_retbytes
-};
-static const struct drbg_kat kat168_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat168_nor_t
-};
-
-static const unsigned char kat169_nor_entropyin[] = {
-    0x5f, 0x21, 0xe9, 0x6d, 0x25, 0xa5, 0x4e, 0xc1, 0xdb, 0xa7, 0x3e, 0x67,
-    0xb2, 0x20, 0x2d, 0xab,
-};
-static const unsigned char kat169_nor_nonce[] = {
-    0xb8, 0xfd, 0x43, 0x45, 0xdc, 0x8e, 0xb0, 0x83,
-};
-static const unsigned char kat169_nor_persstr[] = {
-    0x40, 0x92, 0xd3, 0x5f, 0xe7, 0x46, 0x09, 0xeb, 0x54, 0x0b, 0xfb, 0xc1,
-    0x8f, 0x07, 0x88, 0xc6,
-};
-static const unsigned char kat169_nor_addin0[] = {
-    0x2b, 0xcb, 0xc4, 0xa0, 0x21, 0x88, 0x4d, 0xb4, 0x10, 0xb7, 0xd2, 0x3a,
-    0x35, 0x16, 0x29, 0x24,
-};
-static const unsigned char kat169_nor_addin1[] = {
-    0x74, 0x20, 0xff, 0x1f, 0xbc, 0xf8, 0x33, 0xdb, 0x6a, 0xff, 0xfa, 0x4c,
-    0x0f, 0x8b, 0xd0, 0xf8,
-};
-static const unsigned char kat169_nor_retbytes[] = {
-    0x6f, 0x43, 0x3e, 0x45, 0x9b, 0x9a, 0xdc, 0xa5, 0xc7, 0x36, 0x93, 0xc5,
-    0x86, 0xe9, 0xd3, 0x71, 0x83, 0xb9, 0xf8, 0xc4, 0x46, 0x38, 0x05, 0xcf,
-    0x2b, 0x78, 0x4f, 0xcd, 0x8b, 0x9e, 0x67, 0x71, 0xf5, 0x3b, 0x6f, 0x8d,
-    0xd8, 0xa9, 0x8e, 0x04, 0x76, 0x17, 0x33, 0x3c, 0xd2, 0x6e, 0xa7, 0xb7,
-    0x6b, 0x2c, 0x7e, 0xfd, 0xc1, 0xcc, 0x2c, 0xcb, 0x88, 0x58, 0x77, 0x7f,
-    0x64, 0x67, 0xb2, 0x22, 0xc5, 0x1e, 0xab, 0x14, 0xbc, 0x0d, 0x74, 0xc6,
-    0x2a, 0xf7, 0x35, 0x82, 0x0e, 0xca, 0x54, 0xce,
-};
-static const struct drbg_kat_no_reseed kat169_nor_t = {
-    3, kat169_nor_entropyin, kat169_nor_nonce, kat169_nor_persstr,
-    kat169_nor_addin0, kat169_nor_addin1, kat169_nor_retbytes
-};
-static const struct drbg_kat kat169_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat169_nor_t
-};
-
-static const unsigned char kat170_nor_entropyin[] = {
-    0xdb, 0x01, 0x94, 0x2b, 0x1e, 0x18, 0x9b, 0x29, 0x81, 0x40, 0x7d, 0xdf,
-    0xb8, 0x4b, 0x30, 0x81,
-};
-static const unsigned char kat170_nor_nonce[] = {
-    0x3f, 0xbe, 0x77, 0x68, 0xdc, 0xd6, 0x48, 0x70,
-};
-static const unsigned char kat170_nor_persstr[] = {
-    0xeb, 0xa9, 0xf4, 0x97, 0x4b, 0x3c, 0xe7, 0xbf, 0x67, 0x57, 0x7f, 0xdb,
-    0xb6, 0x91, 0x60, 0xad,
-};
-static const unsigned char kat170_nor_addin0[] = {
-    0xf9, 0xf8, 0x5d, 0xc7, 0x36, 0x2a, 0x00, 0x95, 0x10, 0x95, 0x5f, 0x90,
-    0x00, 0x42, 0x35, 0x56,
-};
-static const unsigned char kat170_nor_addin1[] = {
-    0x7b, 0xd4, 0xf4, 0xd1, 0x30, 0xa5, 0xd6, 0x1b, 0xe1, 0x9e, 0xdc, 0xa0,
-    0x70, 0x78, 0xe2, 0x8d,
-};
-static const unsigned char kat170_nor_retbytes[] = {
-    0x57, 0xa4, 0xb0, 0xe9, 0x81, 0x76, 0x2f, 0x6b, 0xc6, 0xa9, 0x80, 0xb6,
-    0x93, 0xa6, 0xe1, 0xda, 0xc8, 0x5c, 0xe3, 0x44, 0xe9, 0x8f, 0x63, 0xde,
-    0x34, 0x5d, 0x34, 0x27, 0xd9, 0x8c, 0x4c, 0xcc, 0x00, 0x89, 0x2c, 0x6b,
-    0x3e, 0xf7, 0x35, 0xbc, 0x27, 0x3f, 0x68, 0x57, 0x02, 0x1a, 0x1f, 0x2b,
-    0x81, 0xbe, 0x7d, 0x60, 0xc2, 0x2e, 0x60, 0x04, 0x2f, 0xad, 0x87, 0x50,
-    0x89, 0x4f, 0x77, 0xfe, 0x64, 0xbf, 0x25, 0x31, 0x2f, 0x15, 0x0f, 0xfe,
-    0xe6, 0x12, 0x1b, 0x13, 0x45, 0x1a, 0xeb, 0xed,
-};
-static const struct drbg_kat_no_reseed kat170_nor_t = {
-    4, kat170_nor_entropyin, kat170_nor_nonce, kat170_nor_persstr,
-    kat170_nor_addin0, kat170_nor_addin1, kat170_nor_retbytes
-};
-static const struct drbg_kat kat170_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat170_nor_t
-};
-
-static const unsigned char kat171_nor_entropyin[] = {
-    0x33, 0x75, 0xf0, 0x34, 0x06, 0x9c, 0x25, 0x69, 0xe6, 0x4d, 0x71, 0x8a,
-    0x4d, 0xeb, 0x98, 0x74,
-};
-static const unsigned char kat171_nor_nonce[] = {
-    0x58, 0xcf, 0x63, 0x12, 0x2c, 0x30, 0xc5, 0xf5,
-};
-static const unsigned char kat171_nor_persstr[] = {
-    0x47, 0x65, 0x14, 0x2d, 0xa0, 0x16, 0x13, 0x78, 0x45, 0x83, 0xcf, 0xe5,
-    0x9c, 0x5b, 0x9d, 0xdf,
-};
-static const unsigned char kat171_nor_addin0[] = {
-    0x47, 0xdc, 0x67, 0x57, 0xcb, 0xce, 0x93, 0x86, 0x86, 0x78, 0x08, 0xb2,
-    0x4f, 0x32, 0x78, 0xfa,
-};
-static const unsigned char kat171_nor_addin1[] = {
-    0x20, 0x49, 0x63, 0x11, 0xbf, 0xad, 0x06, 0xcc, 0xd3, 0x46, 0x0c, 0x93,
-    0x11, 0x07, 0xad, 0x87,
-};
-static const unsigned char kat171_nor_retbytes[] = {
-    0xf5, 0x99, 0xcb, 0xbb, 0xf0, 0xd9, 0x3c, 0x9e, 0x30, 0x15, 0x1d, 0xd0,
-    0x86, 0x89, 0x83, 0x8d, 0x41, 0x32, 0xe4, 0xd8, 0x3b, 0xd3, 0x80, 0x63,
-    0xda, 0x1d, 0x84, 0x57, 0x66, 0xf4, 0xc3, 0x7b, 0x00, 0xbb, 0xd5, 0x60,
-    0xb7, 0x83, 0x62, 0x68, 0x7c, 0xdf, 0x7d, 0x67, 0x43, 0x37, 0xd2, 0x03,
-    0xa3, 0x34, 0x67, 0x22, 0x6d, 0x35, 0xcb, 0xdb, 0x6f, 0xc9, 0x24, 0xc9,
-    0xb9, 0x66, 0xf9, 0xdf, 0x19, 0x96, 0x6f, 0x59, 0xf5, 0xf5, 0x7c, 0x9f,
-    0x3b, 0x46, 0xe3, 0x06, 0x5e, 0xc8, 0xb6, 0x52,
-};
-static const struct drbg_kat_no_reseed kat171_nor_t = {
-    5, kat171_nor_entropyin, kat171_nor_nonce, kat171_nor_persstr,
-    kat171_nor_addin0, kat171_nor_addin1, kat171_nor_retbytes
-};
-static const struct drbg_kat kat171_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat171_nor_t
-};
-
-static const unsigned char kat172_nor_entropyin[] = {
-    0x62, 0x9b, 0x62, 0x13, 0x1d, 0x5a, 0xf0, 0x4f, 0xe2, 0xe1, 0xf3, 0x77,
-    0xc6, 0xfe, 0x7d, 0x01,
-};
-static const unsigned char kat172_nor_nonce[] = {
-    0xca, 0xeb, 0x88, 0x81, 0x84, 0x52, 0x6f, 0x97,
-};
-static const unsigned char kat172_nor_persstr[] = {
-    0xe9, 0x6e, 0x5c, 0xa5, 0x45, 0x5d, 0x7a, 0x26, 0x94, 0x1b, 0xd9, 0x93,
-    0xe4, 0x80, 0xe6, 0x4e,
-};
-static const unsigned char kat172_nor_addin0[] = {
-    0x0d, 0xd7, 0x0e, 0x0d, 0x02, 0x98, 0x47, 0x67, 0x29, 0x37, 0x58, 0x48,
-    0x56, 0x19, 0xa3, 0x18,
-};
-static const unsigned char kat172_nor_addin1[] = {
-    0x1b, 0x34, 0x05, 0xea, 0xa9, 0x84, 0x08, 0x01, 0x4e, 0x6b, 0x14, 0xf0,
-    0x80, 0xb4, 0xb7, 0x40,
-};
-static const unsigned char kat172_nor_retbytes[] = {
-    0x9c, 0xf2, 0x02, 0xd4, 0xd4, 0x9e, 0x74, 0x4a, 0xe4, 0xcf, 0xf5, 0x04,
-    0x90, 0x49, 0x91, 0xe4, 0xd8, 0xad, 0x96, 0x12, 0xd6, 0x4d, 0xa8, 0xea,
-    0x03, 0xba, 0x02, 0x3f, 0x54, 0xf4, 0xcc, 0x49, 0x59, 0x8d, 0x2f, 0x80,
-    0x15, 0xb2, 0xc8, 0xbe, 0x84, 0x00, 0xb4, 0xa3, 0xd9, 0xb4, 0x4d, 0xda,
-    0x53, 0x2b, 0x3e, 0x72, 0x4e, 0x27, 0xdd, 0x57, 0x44, 0xf8, 0xf3, 0xc7,
-    0xd9, 0x9a, 0x33, 0x67, 0x09, 0x99, 0xb1, 0x1d, 0x40, 0x3d, 0x69, 0x4c,
-    0x95, 0xcb, 0x7e, 0x06, 0xa8, 0xa0, 0xe0, 0xb4,
-};
-static const struct drbg_kat_no_reseed kat172_nor_t = {
-    6, kat172_nor_entropyin, kat172_nor_nonce, kat172_nor_persstr,
-    kat172_nor_addin0, kat172_nor_addin1, kat172_nor_retbytes
-};
-static const struct drbg_kat kat172_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat172_nor_t
-};
-
-static const unsigned char kat173_nor_entropyin[] = {
-    0x1e, 0x46, 0xcc, 0xc7, 0xb6, 0x2a, 0x7a, 0x19, 0x95, 0x8d, 0x65, 0xcb,
-    0x6d, 0x20, 0xc1, 0x06,
-};
-static const unsigned char kat173_nor_nonce[] = {
-    0x68, 0x0b, 0xb7, 0xfa, 0x43, 0xb0, 0xdb, 0x4a,
-};
-static const unsigned char kat173_nor_persstr[] = {
-    0x2e, 0x38, 0xeb, 0x08, 0x3f, 0xc5, 0xdb, 0x45, 0x98, 0x57, 0x6d, 0xae,
-    0x95, 0xa0, 0x93, 0xb2,
-};
-static const unsigned char kat173_nor_addin0[] = {
-    0x95, 0xb3, 0x64, 0x9a, 0xcf, 0xe5, 0x15, 0x8e, 0xf8, 0x09, 0x06, 0xc4,
-    0x1a, 0xe7, 0x48, 0x7f,
-};
-static const unsigned char kat173_nor_addin1[] = {
-    0x03, 0xa9, 0x0d, 0xc9, 0x38, 0x65, 0x0d, 0x30, 0xbe, 0x53, 0xcd, 0x72,
-    0xc2, 0x69, 0x07, 0x14,
-};
-static const unsigned char kat173_nor_retbytes[] = {
-    0x05, 0x49, 0x5f, 0x39, 0x99, 0x3c, 0x97, 0xe1, 0xf8, 0x4f, 0xae, 0xe2,
-    0x05, 0x82, 0x64, 0xb1, 0xc2, 0x5b, 0x3e, 0xf6, 0x1f, 0x59, 0xeb, 0xa1,
-    0x83, 0x2f, 0xa6, 0xaf, 0x8c, 0x11, 0xe2, 0x1b, 0xa3, 0xd4, 0xd3, 0x8c,
-    0x25, 0x7a, 0x46, 0xef, 0xaa, 0xc7, 0x94, 0x2a, 0x58, 0x2b, 0x17, 0x27,
-    0x7f, 0xec, 0x6b, 0x3a, 0x9a, 0x95, 0x4e, 0x3f, 0x32, 0x3c, 0x9a, 0x2a,
-    0x9f, 0x8f, 0xa9, 0xf9, 0x0b, 0x1f, 0x47, 0xfb, 0xee, 0xc6, 0xd1, 0x06,
-    0x98, 0x33, 0x7c, 0x18, 0x7e, 0x5b, 0x82, 0xc8,
-};
-static const struct drbg_kat_no_reseed kat173_nor_t = {
-    7, kat173_nor_entropyin, kat173_nor_nonce, kat173_nor_persstr,
-    kat173_nor_addin0, kat173_nor_addin1, kat173_nor_retbytes
-};
-static const struct drbg_kat kat173_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat173_nor_t
-};
-
-static const unsigned char kat174_nor_entropyin[] = {
-    0x21, 0x95, 0x2d, 0xb3, 0x3e, 0xbd, 0xf9, 0xae, 0x6a, 0x78, 0x5f, 0x6a,
-    0xf9, 0x80, 0x91, 0x54,
-};
-static const unsigned char kat174_nor_nonce[] = {
-    0x72, 0x2e, 0xe3, 0x82, 0xe4, 0xa0, 0x4a, 0xe5,
-};
-static const unsigned char kat174_nor_persstr[] = {
-    0xb9, 0x91, 0xbf, 0x9e, 0xb7, 0xcc, 0xa7, 0x6f, 0x25, 0xf4, 0x5e, 0x1d,
-    0x0e, 0x0e, 0x96, 0xff,
-};
-static const unsigned char kat174_nor_addin0[] = {
-    0xa8, 0xd8, 0xb6, 0xee, 0x7b, 0xe5, 0x2c, 0xb0, 0x41, 0x4c, 0x55, 0xa3,
-    0x8f, 0x6a, 0xd7, 0x4c,
-};
-static const unsigned char kat174_nor_addin1[] = {
-    0x7f, 0x5c, 0x64, 0xce, 0x33, 0x73, 0xc1, 0x54, 0x37, 0x6f, 0x4f, 0x18,
-    0x9b, 0x11, 0xe6, 0xfe,
-};
-static const unsigned char kat174_nor_retbytes[] = {
-    0x33, 0xbc, 0x2a, 0x75, 0x99, 0xb4, 0xa2, 0xdb, 0x6f, 0x0d, 0xd1, 0x89,
-    0x6e, 0x40, 0xdc, 0xf6, 0x12, 0xb6, 0x26, 0x91, 0x95, 0xe8, 0x1b, 0x20,
-    0xc4, 0x84, 0x2c, 0xda, 0x27, 0x22, 0x7f, 0xd9, 0xe7, 0x49, 0x11, 0xd5,
-    0x50, 0x4f, 0xc3, 0x4c, 0xa0, 0xd8, 0x58, 0x41, 0x2b, 0x50, 0x82, 0xcc,
-    0xe2, 0xc0, 0x7d, 0x37, 0x7e, 0xa4, 0xea, 0xa7, 0xe8, 0x78, 0x22, 0x94,
-    0x60, 0xac, 0x2f, 0xb5, 0xad, 0xf2, 0x41, 0xb2, 0x92, 0xde, 0xc3, 0x1a,
-    0xeb, 0xfa, 0x44, 0x34, 0xee, 0xff, 0x38, 0x08,
-};
-static const struct drbg_kat_no_reseed kat174_nor_t = {
-    8, kat174_nor_entropyin, kat174_nor_nonce, kat174_nor_persstr,
-    kat174_nor_addin0, kat174_nor_addin1, kat174_nor_retbytes
-};
-static const struct drbg_kat kat174_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat174_nor_t
-};
-
-static const unsigned char kat175_nor_entropyin[] = {
-    0xf0, 0x81, 0xdd, 0x93, 0x2d, 0x9f, 0x5e, 0x53, 0xd9, 0xee, 0xe9, 0x80,
-    0x7d, 0xb5, 0x8f, 0xcd,
-};
-static const unsigned char kat175_nor_nonce[] = {
-    0x92, 0xf0, 0x27, 0xb1, 0x5c, 0xa5, 0x86, 0x6f,
-};
-static const unsigned char kat175_nor_persstr[] = {
-    0x3c, 0xab, 0xd9, 0xfd, 0x3d, 0xe7, 0xe1, 0x96, 0xe1, 0x80, 0x3f, 0x36,
-    0x19, 0xa3, 0xd0, 0x48,
-};
-static const unsigned char kat175_nor_addin0[] = {
-    0x5a, 0xea, 0x80, 0x4f, 0x52, 0x50, 0x07, 0x5d, 0x54, 0x27, 0xde, 0x0e,
-    0x73, 0xdf, 0x42, 0xda,
-};
-static const unsigned char kat175_nor_addin1[] = {
-    0xed, 0xdc, 0x6c, 0x24, 0x28, 0x13, 0x84, 0x1e, 0xd7, 0xac, 0x48, 0x3e,
-    0xb6, 0xcb, 0xab, 0x67,
-};
-static const unsigned char kat175_nor_retbytes[] = {
-    0xbe, 0x50, 0x36, 0xd8, 0xf7, 0x9f, 0xc9, 0xc1, 0x02, 0x9c, 0x3f, 0x9e,
-    0x42, 0xf1, 0x04, 0x53, 0x43, 0xdf, 0xca, 0x9e, 0xff, 0x6b, 0x74, 0xf6,
-    0xac, 0x0b, 0x96, 0x66, 0xb4, 0xdf, 0x71, 0x51, 0xeb, 0xd1, 0x3f, 0xd0,
-    0x52, 0xcc, 0x8b, 0xb9, 0xbc, 0x7b, 0x1c, 0xe6, 0xfc, 0xe0, 0xf2, 0x74,
-    0x9f, 0x31, 0x3d, 0xf7, 0xb9, 0xd0, 0x6c, 0xeb, 0xf3, 0xf6, 0xaa, 0x93,
-    0x62, 0x70, 0x03, 0x2e, 0x8e, 0x0d, 0xec, 0x34, 0x05, 0xee, 0x24, 0x6b,
-    0x80, 0x82, 0x68, 0x50, 0xa1, 0x22, 0x89, 0x00,
-};
-static const struct drbg_kat_no_reseed kat175_nor_t = {
-    9, kat175_nor_entropyin, kat175_nor_nonce, kat175_nor_persstr,
-    kat175_nor_addin0, kat175_nor_addin1, kat175_nor_retbytes
-};
-static const struct drbg_kat kat175_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat175_nor_t
-};
-
-static const unsigned char kat176_nor_entropyin[] = {
-    0x9e, 0xb9, 0x08, 0xf5, 0x09, 0xc7, 0x7c, 0x0a, 0xc9, 0x53, 0x56, 0x04,
-    0x93, 0xf4, 0xdc, 0x28,
-};
-static const unsigned char kat176_nor_nonce[] = {
-    0x1a, 0xeb, 0xf6, 0x9b, 0x03, 0xde, 0x5c, 0xf8,
-};
-static const unsigned char kat176_nor_persstr[] = {
-    0xa7, 0xf0, 0x1f, 0x55, 0xfe, 0x0e, 0x6b, 0x6d, 0x73, 0x1f, 0x38, 0x7c,
-    0xaf, 0x95, 0xd0, 0x45,
-};
-static const unsigned char kat176_nor_addin0[] = {
-    0x5d, 0xca, 0x6d, 0x75, 0x18, 0x3f, 0x30, 0x92, 0xa1, 0x8c, 0x8d, 0xfd,
-    0x95, 0x0f, 0xdf, 0x98,
-};
-static const unsigned char kat176_nor_addin1[] = {
-    0x50, 0xeb, 0x0c, 0xc7, 0x6a, 0xa3, 0x8e, 0x31, 0xb8, 0x7e, 0x7c, 0xd8,
-    0xdf, 0x95, 0x0f, 0x08,
-};
-static const unsigned char kat176_nor_retbytes[] = {
-    0xba, 0x52, 0xcb, 0xdb, 0x84, 0x5f, 0x5e, 0xe8, 0x64, 0xfc, 0x1c, 0x17,
-    0xc6, 0xbd, 0x0a, 0x68, 0x43, 0x9a, 0x7e, 0xee, 0x70, 0x27, 0xfe, 0xf5,
-    0xa8, 0x08, 0x3b, 0x2e, 0x01, 0x46, 0xc6, 0x04, 0x64, 0x24, 0x65, 0x27,
-    0xd5, 0x2a, 0xe5, 0x9f, 0xf5, 0x58, 0x0f, 0x33, 0x6b, 0x94, 0x59, 0x4f,
-    0x5a, 0xa9, 0x33, 0xc3, 0xf7, 0x57, 0x44, 0xc7, 0x67, 0x84, 0xdf, 0x97,
-    0x83, 0xbd, 0xc9, 0x1d, 0x13, 0x0e, 0x29, 0x65, 0x8f, 0xb2, 0x72, 0x04,
-    0x5e, 0x95, 0x37, 0x94, 0xae, 0x9b, 0xb3, 0x16,
-};
-static const struct drbg_kat_no_reseed kat176_nor_t = {
-    10, kat176_nor_entropyin, kat176_nor_nonce, kat176_nor_persstr,
-    kat176_nor_addin0, kat176_nor_addin1, kat176_nor_retbytes
-};
-static const struct drbg_kat kat176_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat176_nor_t
-};
-
-static const unsigned char kat177_nor_entropyin[] = {
-    0xf8, 0xcf, 0x96, 0x2f, 0x6e, 0x58, 0x39, 0x70, 0x02, 0x7d, 0x42, 0x63,
-    0xf3, 0xf8, 0xb9, 0x36,
-};
-static const unsigned char kat177_nor_nonce[] = {
-    0x0c, 0xc2, 0x39, 0xa1, 0xfe, 0x97, 0x50, 0xc7,
-};
-static const unsigned char kat177_nor_persstr[] = {
-    0xc9, 0x25, 0x1c, 0x51, 0x9d, 0x55, 0x26, 0xd6, 0x88, 0x2f, 0x1b, 0x23,
-    0x5f, 0xb9, 0xb9, 0x44,
-};
-static const unsigned char kat177_nor_addin0[] = {
-    0x97, 0x52, 0xb7, 0xe4, 0x4c, 0x67, 0xda, 0x39, 0x0d, 0x4e, 0xd5, 0xe8,
-    0xb9, 0x58, 0x17, 0xcb,
-};
-static const unsigned char kat177_nor_addin1[] = {
-    0xd1, 0x8d, 0x46, 0x05, 0x12, 0x74, 0x7b, 0x63, 0x86, 0x52, 0xfd, 0x4d,
-    0x45, 0x7b, 0xbc, 0xe9,
-};
-static const unsigned char kat177_nor_retbytes[] = {
-    0x5a, 0x7e, 0x2a, 0xc6, 0x6b, 0x5f, 0xb1, 0x2b, 0x3e, 0xee, 0x1b, 0x6a,
-    0xad, 0x4b, 0x34, 0xe2, 0x43, 0x9c, 0x53, 0x22, 0x9e, 0x6f, 0x2a, 0x10,
-    0xa9, 0x20, 0x69, 0xf8, 0x03, 0x45, 0x62, 0xd1, 0x12, 0x5a, 0x70, 0x77,
-    0x66, 0x93, 0x6b, 0x6e, 0x9c, 0x65, 0x51, 0xd7, 0xc8, 0xc0, 0x27, 0x75,
-    0xa5, 0x72, 0x18, 0x81, 0xf1, 0x2a, 0x28, 0xe1, 0xd6, 0x3c, 0x18, 0xe4,
-    0xa7, 0x86, 0x92, 0x32, 0x51, 0x19, 0x89, 0xc7, 0x9c, 0x5a, 0x8d, 0x3c,
-    0xb1, 0xd4, 0xcb, 0x36, 0xea, 0x92, 0x1c, 0x78,
-};
-static const struct drbg_kat_no_reseed kat177_nor_t = {
-    11, kat177_nor_entropyin, kat177_nor_nonce, kat177_nor_persstr,
-    kat177_nor_addin0, kat177_nor_addin1, kat177_nor_retbytes
-};
-static const struct drbg_kat kat177_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat177_nor_t
-};
-
-static const unsigned char kat178_nor_entropyin[] = {
-    0x55, 0xe3, 0x11, 0xa2, 0x3e, 0x87, 0x2b, 0xa9, 0x06, 0xbf, 0x06, 0x03,
-    0x88, 0xe6, 0x0a, 0xe5,
-};
-static const unsigned char kat178_nor_nonce[] = {
-    0x59, 0x72, 0xe7, 0xae, 0xb9, 0xf7, 0x53, 0x44,
-};
-static const unsigned char kat178_nor_persstr[] = {
-    0xbe, 0x3f, 0x6e, 0x93, 0x23, 0x39, 0xc5, 0xb9, 0xf7, 0x1b, 0x87, 0xe7,
-    0x2f, 0xf4, 0xda, 0xb1,
-};
-static const unsigned char kat178_nor_addin0[] = {
-    0xfa, 0xb4, 0x6e, 0x39, 0x1e, 0x2c, 0x5f, 0x30, 0xb3, 0x72, 0x98, 0x64,
-    0x3b, 0xc5, 0x5d, 0x50,
-};
-static const unsigned char kat178_nor_addin1[] = {
-    0xcf, 0x4e, 0x54, 0x83, 0xcf, 0xd7, 0x94, 0xf0, 0x32, 0x69, 0xe2, 0x89,
-    0xf2, 0xb4, 0xc0, 0x8c,
-};
-static const unsigned char kat178_nor_retbytes[] = {
-    0x64, 0x8e, 0xc7, 0x77, 0x3f, 0x8c, 0x66, 0x4f, 0x3d, 0x7f, 0xb2, 0x79,
-    0xb5, 0x1c, 0x5b, 0x9a, 0x3d, 0x9b, 0x06, 0x7d, 0x6a, 0xa5, 0x4e, 0x93,
-    0xc9, 0xbb, 0x9a, 0x89, 0x2d, 0xa9, 0x1f, 0xad, 0x4a, 0x30, 0xe8, 0xe4,
-    0xc5, 0x86, 0x6d, 0xda, 0xbd, 0x2b, 0xb4, 0x4b, 0x24, 0x3d, 0x7a, 0x3a,
-    0x00, 0xaf, 0xfe, 0xc9, 0xef, 0xb7, 0x25, 0xc9, 0x51, 0x86, 0x2f, 0xf9,
-    0x18, 0x43, 0x92, 0xdf, 0xd6, 0x26, 0xe7, 0x11, 0xe0, 0xa3, 0x84, 0x0d,
-    0xb8, 0x49, 0xb1, 0xe3, 0xb0, 0x1b, 0x4f, 0xa4,
-};
-static const struct drbg_kat_no_reseed kat178_nor_t = {
-    12, kat178_nor_entropyin, kat178_nor_nonce, kat178_nor_persstr,
-    kat178_nor_addin0, kat178_nor_addin1, kat178_nor_retbytes
-};
-static const struct drbg_kat kat178_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat178_nor_t
-};
-
-static const unsigned char kat179_nor_entropyin[] = {
-    0x4a, 0x98, 0x9e, 0x6b, 0xc3, 0x7b, 0x91, 0x57, 0xfe, 0xfe, 0x67, 0x89,
-    0xaf, 0xf2, 0x30, 0xf3,
-};
-static const unsigned char kat179_nor_nonce[] = {
-    0x7e, 0x5e, 0xe2, 0x46, 0x79, 0x8d, 0xd7, 0xbd,
-};
-static const unsigned char kat179_nor_persstr[] = {
-    0xa7, 0xf5, 0xaf, 0x48, 0xda, 0x67, 0x7d, 0x67, 0x21, 0xd1, 0x1e, 0x28,
-    0x4f, 0xb1, 0xff, 0xef,
-};
-static const unsigned char kat179_nor_addin0[] = {
-    0x33, 0x51, 0x00, 0x20, 0x30, 0xee, 0xa1, 0x00, 0xc8, 0x48, 0x40, 0x74,
-    0x8b, 0x0a, 0x3d, 0x4d,
-};
-static const unsigned char kat179_nor_addin1[] = {
-    0xac, 0xd3, 0x2c, 0x8d, 0x51, 0x51, 0x09, 0xe9, 0x0d, 0xfe, 0x1b, 0xd9,
-    0xe6, 0xb3, 0x26, 0xbd,
-};
-static const unsigned char kat179_nor_retbytes[] = {
-    0xa7, 0x7b, 0xd7, 0xdc, 0x39, 0x86, 0xb4, 0x31, 0x36, 0x60, 0x6a, 0x20,
-    0x9d, 0x60, 0x0a, 0xd9, 0x00, 0x68, 0xb5, 0x67, 0xa5, 0xe3, 0xa2, 0xf7,
-    0x5e, 0x61, 0xb2, 0x74, 0x8e, 0x26, 0x5e, 0x50, 0x0f, 0xc7, 0xed, 0x49,
-    0x2b, 0x8c, 0xdd, 0xe3, 0x9a, 0x6b, 0x0a, 0x87, 0xad, 0x4d, 0xd0, 0x05,
-    0x29, 0xfa, 0x7f, 0xeb, 0x46, 0x35, 0xe3, 0x15, 0xb7, 0x11, 0x6e, 0x1c,
-    0xe6, 0x25, 0x1a, 0x80, 0x6c, 0x7c, 0x87, 0x1f, 0x7c, 0xcc, 0x44, 0x75,
-    0xe3, 0x32, 0x05, 0x4e, 0xf8, 0x12, 0xc6, 0x31,
-};
-static const struct drbg_kat_no_reseed kat179_nor_t = {
-    13, kat179_nor_entropyin, kat179_nor_nonce, kat179_nor_persstr,
-    kat179_nor_addin0, kat179_nor_addin1, kat179_nor_retbytes
-};
-static const struct drbg_kat kat179_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat179_nor_t
-};
-
-static const unsigned char kat180_nor_entropyin[] = {
-    0x75, 0xdd, 0xc6, 0xb5, 0x8a, 0x06, 0xa0, 0xfe, 0xb2, 0x0b, 0x70, 0x3a,
-    0xb6, 0xdd, 0x6d, 0xa0,
-};
-static const unsigned char kat180_nor_nonce[] = {
-    0x52, 0x71, 0x30, 0xcd, 0xe5, 0x21, 0x4f, 0x55,
-};
-static const unsigned char kat180_nor_persstr[] = {
-    0x3a, 0x2f, 0xa9, 0xc3, 0xb1, 0x33, 0x97, 0xed, 0x8e, 0xbd, 0xf5, 0x7d,
-    0x1e, 0xfc, 0x1c, 0x97,
-};
-static const unsigned char kat180_nor_addin0[] = {
-    0x27, 0x48, 0x6f, 0x8d, 0xae, 0x1b, 0x36, 0x46, 0x26, 0x39, 0xff, 0x7e,
-    0xee, 0x86, 0x9a, 0x29,
-};
-static const unsigned char kat180_nor_addin1[] = {
-    0xd1, 0xbf, 0xc7, 0xea, 0xbd, 0x8e, 0xdd, 0xf6, 0x22, 0x29, 0x70, 0x12,
-    0x16, 0x9f, 0x35, 0x1b,
-};
-static const unsigned char kat180_nor_retbytes[] = {
-    0x4c, 0x89, 0x3c, 0x3d, 0x1e, 0xd3, 0xa1, 0x90, 0xfa, 0x88, 0xe1, 0x59,
-    0xd6, 0xc9, 0x9f, 0x26, 0xa0, 0x2f, 0xb5, 0xfc, 0xcb, 0x98, 0xbd, 0xef,
-    0x9f, 0xe4, 0x3f, 0x1f, 0x49, 0x2f, 0x49, 0x01, 0x09, 0x22, 0x4b, 0xa6,
-    0xc3, 0x17, 0xdb, 0x95, 0x69, 0xf6, 0x18, 0x98, 0x44, 0x09, 0xf2, 0xfb,
-    0x3d, 0xb0, 0xb1, 0xe2, 0xcd, 0x4b, 0x95, 0x74, 0x6f, 0x15, 0x9c, 0xca,
-    0x76, 0xf1, 0x20, 0x4f, 0x6d, 0x2a, 0x4c, 0x45, 0x5c, 0x54, 0x7a, 0x39,
-    0xa5, 0xf7, 0x9f, 0xec, 0x95, 0xc8, 0xf4, 0xcd,
-};
-static const struct drbg_kat_no_reseed kat180_nor_t = {
-    14, kat180_nor_entropyin, kat180_nor_nonce, kat180_nor_persstr,
-    kat180_nor_addin0, kat180_nor_addin1, kat180_nor_retbytes
-};
-static const struct drbg_kat kat180_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat180_nor_t
-};
-
-static const unsigned char kat181_nor_entropyin[] = {
-    0x4c, 0x2f, 0xbe, 0xa1, 0x66, 0xf7, 0x92, 0x0a, 0xf0, 0xf0, 0x52, 0x1e,
-    0x22, 0x48, 0x72, 0x66,
-};
-static const unsigned char kat181_nor_nonce[] = {
-    0xef, 0x58, 0xd3, 0x98, 0x07, 0xd5, 0x88, 0xd8,
-};
-static const unsigned char kat181_nor_persstr[] = {0};
-static const unsigned char kat181_nor_addin0[] = {0};
-static const unsigned char kat181_nor_addin1[] = {0};
-static const unsigned char kat181_nor_retbytes[] = {
-    0x54, 0xd8, 0xc2, 0x26, 0x6c, 0x0f, 0xa6, 0x61, 0x3e, 0x76, 0x76, 0x88,
-    0x56, 0x88, 0x3d, 0xa0, 0xbd, 0xcd, 0x0d, 0x66, 0x21, 0x40, 0x7e, 0x85,
-    0x99, 0x45, 0x1e, 0x28, 0x59, 0xb5, 0xd0, 0xb5, 0x6e, 0x58, 0x80, 0x89,
-    0xe3, 0x9e, 0x22, 0x9d, 0xdf, 0x84, 0xf3, 0x26, 0x7b, 0xa5, 0xac, 0xde,
-    0x53, 0x9e, 0x5c, 0x0e, 0x4d, 0x33, 0xaa, 0x51, 0xe1, 0x8e, 0x07, 0x58,
-    0xe7, 0xb5, 0x2a, 0x24, 0x0d, 0x39, 0x94, 0xa7, 0x7e, 0xdc, 0x4b, 0xd8,
-    0xd3, 0xc2, 0x54, 0xbe, 0xdb, 0xbe, 0x27, 0xf1,
-};
-static const struct drbg_kat_no_reseed kat181_nor_t = {
-    0, kat181_nor_entropyin, kat181_nor_nonce, kat181_nor_persstr,
-    kat181_nor_addin0, kat181_nor_addin1, kat181_nor_retbytes
-};
-static const struct drbg_kat kat181_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat181_nor_t
-};
-
-static const unsigned char kat182_nor_entropyin[] = {
-    0x5d, 0x83, 0x9a, 0xd9, 0xed, 0xa9, 0x31, 0x02, 0x19, 0x01, 0xb2, 0x62,
-    0xe4, 0x8f, 0xfc, 0x81,
-};
-static const unsigned char kat182_nor_nonce[] = {
-    0xef, 0xbe, 0xe0, 0xdc, 0xb5, 0x60, 0x10, 0x86,
-};
-static const unsigned char kat182_nor_persstr[] = {0};
-static const unsigned char kat182_nor_addin0[] = {0};
-static const unsigned char kat182_nor_addin1[] = {0};
-static const unsigned char kat182_nor_retbytes[] = {
-    0xde, 0x5d, 0x11, 0x98, 0xd1, 0xda, 0x55, 0x80, 0x60, 0x56, 0xd7, 0x95,
-    0x79, 0x40, 0x9f, 0xe7, 0x24, 0x15, 0xd1, 0x81, 0x14, 0x8d, 0xb8, 0x27,
-    0x3b, 0x0c, 0xba, 0x1e, 0x9f, 0xf0, 0xa8, 0xf4, 0x55, 0x20, 0x47, 0xde,
-    0xd2, 0xf5, 0x65, 0xe6, 0xff, 0x70, 0x35, 0xed, 0x42, 0x04, 0x78, 0xeb,
-    0xbd, 0x8e, 0x4f, 0x0e, 0x30, 0x1d, 0xe8, 0xa5, 0xb5, 0x58, 0xf2, 0x37,
-    0x3a, 0x57, 0x70, 0x8e, 0x05, 0xf0, 0x01, 0x77, 0x48, 0xc4, 0x0f, 0x7b,
-    0xbd, 0xa2, 0xd2, 0x97, 0xbe, 0x23, 0xcf, 0xdb,
-};
-static const struct drbg_kat_no_reseed kat182_nor_t = {
-    1, kat182_nor_entropyin, kat182_nor_nonce, kat182_nor_persstr,
-    kat182_nor_addin0, kat182_nor_addin1, kat182_nor_retbytes
-};
-static const struct drbg_kat kat182_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat182_nor_t
-};
-
-static const unsigned char kat183_nor_entropyin[] = {
-    0x80, 0x31, 0x71, 0xf0, 0x67, 0x59, 0x50, 0x3e, 0x5a, 0xca, 0x87, 0xee,
-    0x10, 0xd3, 0x7f, 0xbe,
-};
-static const unsigned char kat183_nor_nonce[] = {
-    0xdf, 0x19, 0x52, 0x7d, 0xf6, 0xda, 0x46, 0x6b,
-};
-static const unsigned char kat183_nor_persstr[] = {0};
-static const unsigned char kat183_nor_addin0[] = {0};
-static const unsigned char kat183_nor_addin1[] = {0};
-static const unsigned char kat183_nor_retbytes[] = {
-    0x8f, 0x71, 0xd3, 0x5e, 0x91, 0x48, 0x0b, 0x19, 0x31, 0x17, 0x4d, 0x08,
-    0x0c, 0x90, 0x5a, 0xbb, 0xa4, 0xe1, 0x17, 0x94, 0x76, 0xa3, 0x5e, 0xaf,
-    0xfb, 0x18, 0xdf, 0x53, 0x8b, 0x39, 0x7d, 0x45, 0xde, 0xcc, 0x4a, 0x4c,
-    0x9f, 0xbe, 0xe8, 0xe8, 0xb7, 0x49, 0x11, 0xe7, 0xe3, 0x79, 0xd6, 0x7c,
-    0xad, 0x77, 0x87, 0x36, 0x71, 0x24, 0x8c, 0x65, 0xc2, 0x1c, 0x7f, 0x93,
-    0xd9, 0xc2, 0x11, 0x62, 0x84, 0xe7, 0x95, 0xe9, 0x41, 0xc8, 0xef, 0xaf,
-    0x2d, 0xe0, 0xd1, 0x47, 0x4e, 0x81, 0xe7, 0x0d,
-};
-static const struct drbg_kat_no_reseed kat183_nor_t = {
-    2, kat183_nor_entropyin, kat183_nor_nonce, kat183_nor_persstr,
-    kat183_nor_addin0, kat183_nor_addin1, kat183_nor_retbytes
-};
-static const struct drbg_kat kat183_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat183_nor_t
-};
-
-static const unsigned char kat184_nor_entropyin[] = {
-    0xbe, 0xb3, 0x3d, 0x42, 0xe9, 0xbe, 0x57, 0x3b, 0xd9, 0xe1, 0xc9, 0xe1,
-    0xd6, 0xaf, 0xf4, 0x4d,
-};
-static const unsigned char kat184_nor_nonce[] = {
-    0xe4, 0x2f, 0x6b, 0x81, 0x77, 0xfc, 0x41, 0x7d,
-};
-static const unsigned char kat184_nor_persstr[] = {0};
-static const unsigned char kat184_nor_addin0[] = {0};
-static const unsigned char kat184_nor_addin1[] = {0};
-static const unsigned char kat184_nor_retbytes[] = {
-    0xdf, 0xca, 0xc4, 0x39, 0x73, 0x8b, 0x84, 0xd0, 0x38, 0x18, 0x56, 0x8b,
-    0x2b, 0xb9, 0xd7, 0x1a, 0x0f, 0x52, 0xf0, 0xb9, 0x62, 0xd9, 0x3d, 0x91,
-    0x3e, 0x2b, 0x90, 0x9a, 0xb4, 0x64, 0xa3, 0x78, 0xe0, 0x03, 0x64, 0x0c,
-    0xa3, 0xad, 0xdb, 0x46, 0xf1, 0xf4, 0x60, 0x75, 0x43, 0xf2, 0x98, 0x5f,
-    0x56, 0x1f, 0xc4, 0xde, 0xf4, 0x08, 0xb4, 0x7f, 0xca, 0xf8, 0x38, 0xe2,
-    0x54, 0x68, 0xfc, 0x97, 0xdb, 0xcf, 0x05, 0x7e, 0xdd, 0x51, 0xd8, 0x8c,
-    0x34, 0x2c, 0x81, 0xd6, 0xce, 0x92, 0xb0, 0x20,
-};
-static const struct drbg_kat_no_reseed kat184_nor_t = {
-    3, kat184_nor_entropyin, kat184_nor_nonce, kat184_nor_persstr,
-    kat184_nor_addin0, kat184_nor_addin1, kat184_nor_retbytes
-};
-static const struct drbg_kat kat184_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat184_nor_t
-};
-
-static const unsigned char kat185_nor_entropyin[] = {
-    0x6b, 0xd4, 0x9c, 0xb7, 0xc8, 0xac, 0x1d, 0x6a, 0x04, 0xdb, 0x64, 0x2d,
-    0x8b, 0x46, 0x2e, 0xe7,
-};
-static const unsigned char kat185_nor_nonce[] = {
-    0x73, 0xe7, 0xca, 0xdf, 0x29, 0xbe, 0x5f, 0x35,
-};
-static const unsigned char kat185_nor_persstr[] = {0};
-static const unsigned char kat185_nor_addin0[] = {0};
-static const unsigned char kat185_nor_addin1[] = {0};
-static const unsigned char kat185_nor_retbytes[] = {
-    0xaa, 0x51, 0x57, 0xbd, 0xe2, 0xc8, 0x33, 0x2f, 0x7e, 0xde, 0x49, 0xb6,
-    0xfd, 0x59, 0x0d, 0x90, 0xdc, 0xb6, 0x37, 0xaa, 0x2c, 0x62, 0x27, 0x2d,
-    0x72, 0x1f, 0x0f, 0x80, 0xba, 0x8f, 0xa8, 0x3f, 0x61, 0x6b, 0x90, 0x1d,
-    0xff, 0xe3, 0xb9, 0xe2, 0x36, 0x00, 0x3a, 0xd0, 0x1a, 0x95, 0x9d, 0x95,
-    0xbf, 0xfb, 0x1e, 0x24, 0xf1, 0x8c, 0xb4, 0x44, 0x5d, 0x4b, 0x64, 0xae,
-    0x2b, 0x5d, 0x1e, 0x78, 0xfd, 0x0b, 0x58, 0x30, 0xfa, 0x4a, 0xec, 0x73,
-    0xee, 0x18, 0x9f, 0x17, 0xbe, 0xd7, 0x9b, 0x80,
-};
-static const struct drbg_kat_no_reseed kat185_nor_t = {
-    4, kat185_nor_entropyin, kat185_nor_nonce, kat185_nor_persstr,
-    kat185_nor_addin0, kat185_nor_addin1, kat185_nor_retbytes
-};
-static const struct drbg_kat kat185_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat185_nor_t
-};
-
-static const unsigned char kat186_nor_entropyin[] = {
-    0x93, 0x06, 0xeb, 0x88, 0xe8, 0xa6, 0x27, 0x44, 0xff, 0x5d, 0xd0, 0x1d,
-    0x92, 0xe5, 0xfc, 0x4e,
-};
-static const unsigned char kat186_nor_nonce[] = {
-    0x58, 0x2d, 0xe6, 0x2d, 0x3c, 0x45, 0xe9, 0xc6,
-};
-static const unsigned char kat186_nor_persstr[] = {0};
-static const unsigned char kat186_nor_addin0[] = {0};
-static const unsigned char kat186_nor_addin1[] = {0};
-static const unsigned char kat186_nor_retbytes[] = {
-    0xb7, 0x37, 0x14, 0xfb, 0x42, 0xe9, 0x16, 0x20, 0xd1, 0xb8, 0x1a, 0x80,
-    0xa4, 0x16, 0xf5, 0x23, 0x9e, 0xd3, 0x85, 0x6e, 0x4f, 0x73, 0x20, 0xfc,
-    0x57, 0x26, 0xa6, 0x32, 0x07, 0x70, 0x77, 0x10, 0x80, 0x3e, 0xa3, 0xfe,
-    0x11, 0x81, 0x3e, 0x6b, 0xb7, 0xd5, 0xc2, 0xb9, 0x56, 0x5e, 0xaf, 0x05,
-    0x9d, 0x8f, 0x33, 0x84, 0xf6, 0xdd, 0x1d, 0x83, 0xf6, 0x91, 0x7f, 0xf3,
-    0xef, 0xcf, 0x92, 0x90, 0xe3, 0x47, 0x52, 0x92, 0x3e, 0x54, 0x77, 0x4a,
-    0x10, 0x3d, 0x0a, 0x51, 0x35, 0xef, 0x2f, 0xdf,
-};
-static const struct drbg_kat_no_reseed kat186_nor_t = {
-    5, kat186_nor_entropyin, kat186_nor_nonce, kat186_nor_persstr,
-    kat186_nor_addin0, kat186_nor_addin1, kat186_nor_retbytes
-};
-static const struct drbg_kat kat186_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat186_nor_t
-};
-
-static const unsigned char kat187_nor_entropyin[] = {
-    0x02, 0x83, 0x59, 0x2b, 0x01, 0xb7, 0xd9, 0x32, 0xdd, 0x79, 0xbe, 0x81,
-    0x5a, 0x32, 0x58, 0x41,
-};
-static const unsigned char kat187_nor_nonce[] = {
-    0x4f, 0xcf, 0x02, 0xc7, 0x76, 0x4c, 0x5a, 0x3b,
-};
-static const unsigned char kat187_nor_persstr[] = {0};
-static const unsigned char kat187_nor_addin0[] = {0};
-static const unsigned char kat187_nor_addin1[] = {0};
-static const unsigned char kat187_nor_retbytes[] = {
-    0x24, 0x70, 0xde, 0x1f, 0xf9, 0x0f, 0xd8, 0x4c, 0x4e, 0x17, 0xea, 0xc1,
-    0xdc, 0xff, 0x65, 0x63, 0x47, 0x99, 0x71, 0x6a, 0xa0, 0xd0, 0x27, 0xa3,
-    0xa9, 0xab, 0xdf, 0x92, 0xae, 0x95, 0x6a, 0x18, 0xab, 0xe8, 0xb2, 0x37,
-    0x42, 0xbb, 0xf8, 0x31, 0x7a, 0xec, 0xe6, 0xa6, 0xd1, 0xad, 0x2e, 0x00,
-    0x41, 0xfb, 0x11, 0x2b, 0x7c, 0x85, 0x71, 0x50, 0xf3, 0x37, 0xa1, 0x59,
-    0x27, 0x09, 0x5f, 0x0a, 0x9e, 0x8c, 0xaa, 0x42, 0xb3, 0x47, 0xc6, 0x5e,
-    0x75, 0x0b, 0x07, 0x37, 0xb0, 0xa7, 0x02, 0x41,
-};
-static const struct drbg_kat_no_reseed kat187_nor_t = {
-    6, kat187_nor_entropyin, kat187_nor_nonce, kat187_nor_persstr,
-    kat187_nor_addin0, kat187_nor_addin1, kat187_nor_retbytes
-};
-static const struct drbg_kat kat187_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat187_nor_t
-};
-
-static const unsigned char kat188_nor_entropyin[] = {
-    0xd1, 0xb8, 0x1f, 0xb4, 0x14, 0xd0, 0xc0, 0x70, 0xee, 0x84, 0x69, 0xb1,
-    0x90, 0xc3, 0x32, 0x79,
-};
-static const unsigned char kat188_nor_nonce[] = {
-    0x43, 0xf7, 0x2e, 0x66, 0x35, 0x8b, 0x29, 0xe1,
-};
-static const unsigned char kat188_nor_persstr[] = {0};
-static const unsigned char kat188_nor_addin0[] = {0};
-static const unsigned char kat188_nor_addin1[] = {0};
-static const unsigned char kat188_nor_retbytes[] = {
-    0xca, 0xad, 0x46, 0x38, 0xfb, 0x82, 0xe6, 0x19, 0x66, 0x5a, 0x30, 0x0c,
-    0xfa, 0x2f, 0x88, 0x23, 0x4e, 0xb6, 0x5d, 0x41, 0x4b, 0x9d, 0x1e, 0xc9,
-    0xf9, 0xcb, 0xee, 0x94, 0x29, 0x62, 0x63, 0x93, 0x36, 0x6c, 0x81, 0x48,
-    0xbe, 0x55, 0xb2, 0x38, 0xc0, 0x8f, 0xf4, 0x89, 0x35, 0x73, 0x8c, 0xa6,
-    0xe8, 0x40, 0xcc, 0xe0, 0x24, 0xa5, 0x80, 0x5d, 0xe9, 0x21, 0x46, 0x40,
-    0x89, 0x93, 0x54, 0x73, 0x80, 0xcf, 0x53, 0xbe, 0x7c, 0x6e, 0x45, 0x5d,
-    0xac, 0xed, 0x82, 0x0f, 0xc8, 0xfb, 0x34, 0xe4,
-};
-static const struct drbg_kat_no_reseed kat188_nor_t = {
-    7, kat188_nor_entropyin, kat188_nor_nonce, kat188_nor_persstr,
-    kat188_nor_addin0, kat188_nor_addin1, kat188_nor_retbytes
-};
-static const struct drbg_kat kat188_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat188_nor_t
-};
-
-static const unsigned char kat189_nor_entropyin[] = {
-    0x61, 0x23, 0xec, 0x40, 0xc4, 0x2f, 0x3b, 0xed, 0x9c, 0xd1, 0x78, 0xd4,
-    0x00, 0x4e, 0xe9, 0x1f,
-};
-static const unsigned char kat189_nor_nonce[] = {
-    0x02, 0x64, 0x71, 0x2f, 0x52, 0xed, 0xb2, 0x3d,
-};
-static const unsigned char kat189_nor_persstr[] = {0};
-static const unsigned char kat189_nor_addin0[] = {0};
-static const unsigned char kat189_nor_addin1[] = {0};
-static const unsigned char kat189_nor_retbytes[] = {
-    0xd5, 0x8b, 0x3f, 0x09, 0x1a, 0x96, 0x7c, 0xa1, 0x3b, 0x55, 0x46, 0x3e,
-    0x85, 0x29, 0x04, 0x5d, 0x60, 0xa6, 0x0b, 0x96, 0x02, 0xf4, 0x3e, 0xe7,
-    0xbe, 0xe0, 0x75, 0x47, 0x1e, 0xef, 0x83, 0x82, 0x3b, 0x2d, 0x54, 0x0b,
-    0x3e, 0xce, 0x6d, 0x63, 0x7e, 0x11, 0x53, 0x57, 0x9e, 0x2c, 0x17, 0x9e,
-    0xc1, 0x55, 0x25, 0x0a, 0x18, 0xc3, 0xae, 0x46, 0x49, 0x0c, 0x61, 0xe4,
-    0x64, 0x31, 0x43, 0x46, 0x4d, 0xce, 0xe9, 0x4c, 0x88, 0xc2, 0xaf, 0xb4,
-    0x1b, 0x7d, 0x51, 0x6f, 0x65, 0xf2, 0x15, 0xfc,
-};
-static const struct drbg_kat_no_reseed kat189_nor_t = {
-    8, kat189_nor_entropyin, kat189_nor_nonce, kat189_nor_persstr,
-    kat189_nor_addin0, kat189_nor_addin1, kat189_nor_retbytes
-};
-static const struct drbg_kat kat189_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat189_nor_t
-};
-
-static const unsigned char kat190_nor_entropyin[] = {
-    0xb1, 0xe6, 0x32, 0x84, 0x94, 0x27, 0xbe, 0xc0, 0x28, 0x97, 0x71, 0x8c,
-    0x3d, 0xf8, 0x86, 0x5b,
-};
-static const unsigned char kat190_nor_nonce[] = {
-    0xc8, 0xc1, 0xc6, 0x4b, 0xfd, 0x80, 0xbe, 0x1f,
-};
-static const unsigned char kat190_nor_persstr[] = {0};
-static const unsigned char kat190_nor_addin0[] = {0};
-static const unsigned char kat190_nor_addin1[] = {0};
-static const unsigned char kat190_nor_retbytes[] = {
-    0x49, 0x85, 0x77, 0x77, 0x45, 0xc4, 0xfb, 0x29, 0xd0, 0x19, 0x67, 0x57,
-    0x09, 0x37, 0xda, 0x62, 0xa6, 0xc6, 0x44, 0x88, 0x1a, 0x4f, 0xd0, 0x3e,
-    0x14, 0x03, 0x99, 0x2a, 0x6a, 0x86, 0xdb, 0xeb, 0x98, 0x44, 0x28, 0x52,
-    0x72, 0x88, 0x44, 0x42, 0x9d, 0xad, 0xba, 0xb4, 0x34, 0xa0, 0xb0, 0x35,
-    0x94, 0xc8, 0xd6, 0xae, 0x41, 0xfc, 0x2b, 0x4a, 0x9c, 0xed, 0x5f, 0x63,
-    0xb4, 0xec, 0xd8, 0xd4, 0x06, 0x4f, 0x80, 0xac, 0xd3, 0xef, 0x50, 0x91,
-    0x0c, 0x9d, 0x84, 0xa0, 0x29, 0x0c, 0x26, 0x15,
-};
-static const struct drbg_kat_no_reseed kat190_nor_t = {
-    9, kat190_nor_entropyin, kat190_nor_nonce, kat190_nor_persstr,
-    kat190_nor_addin0, kat190_nor_addin1, kat190_nor_retbytes
-};
-static const struct drbg_kat kat190_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat190_nor_t
-};
-
-static const unsigned char kat191_nor_entropyin[] = {
-    0xf6, 0xb7, 0x32, 0xcd, 0x0a, 0xa7, 0x20, 0x0a, 0xee, 0x67, 0x84, 0x55,
-    0x2d, 0x0c, 0x38, 0xaf,
-};
-static const unsigned char kat191_nor_nonce[] = {
-    0x2d, 0x69, 0xa6, 0x00, 0xa4, 0x26, 0x74, 0xac,
-};
-static const unsigned char kat191_nor_persstr[] = {0};
-static const unsigned char kat191_nor_addin0[] = {0};
-static const unsigned char kat191_nor_addin1[] = {0};
-static const unsigned char kat191_nor_retbytes[] = {
-    0x47, 0xe9, 0x73, 0x8a, 0x0d, 0x0e, 0x09, 0xba, 0x78, 0x6d, 0x5c, 0x9d,
-    0x0a, 0x14, 0x47, 0x26, 0x79, 0x43, 0x2a, 0xaa, 0x36, 0x3b, 0xce, 0xb1,
-    0x2b, 0xca, 0x2d, 0x85, 0x24, 0x8d, 0x61, 0xcf, 0xb2, 0xe4, 0xb7, 0x12,
-    0xea, 0x4c, 0xce, 0xfa, 0x14, 0x82, 0x02, 0x27, 0xdb, 0x3a, 0x31, 0xf0,
-    0x63, 0xe9, 0x8c, 0x40, 0xac, 0x21, 0xbb, 0xbf, 0xae, 0x3d, 0x63, 0x26,
-    0xc2, 0xfd, 0x59, 0x04, 0x6d, 0x88, 0x64, 0x97, 0x6b, 0xcd, 0x51, 0x78,
-    0x27, 0x50, 0x33, 0x62, 0x42, 0x97, 0x48, 0xbb,
-};
-static const struct drbg_kat_no_reseed kat191_nor_t = {
-    10, kat191_nor_entropyin, kat191_nor_nonce, kat191_nor_persstr,
-    kat191_nor_addin0, kat191_nor_addin1, kat191_nor_retbytes
-};
-static const struct drbg_kat kat191_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat191_nor_t
-};
-
-static const unsigned char kat192_nor_entropyin[] = {
-    0x49, 0xc4, 0x94, 0x01, 0x3b, 0xbe, 0x33, 0x20, 0x85, 0x9f, 0xcc, 0x0c,
-    0xf7, 0x3c, 0xd4, 0x72,
-};
-static const unsigned char kat192_nor_nonce[] = {
-    0x83, 0xf1, 0x4a, 0x32, 0x41, 0x9c, 0xda, 0xe2,
-};
-static const unsigned char kat192_nor_persstr[] = {0};
-static const unsigned char kat192_nor_addin0[] = {0};
-static const unsigned char kat192_nor_addin1[] = {0};
-static const unsigned char kat192_nor_retbytes[] = {
-    0xb1, 0xf3, 0xaa, 0x9a, 0x90, 0x44, 0x0b, 0x35, 0xcc, 0xb7, 0x97, 0xf7,
-    0xe0, 0xb7, 0xb4, 0xb7, 0x07, 0x15, 0x79, 0x6f, 0x32, 0x04, 0x39, 0x93,
-    0x7b, 0x5e, 0x7c, 0xc6, 0x9c, 0xea, 0xc6, 0x69, 0x1d, 0x3c, 0xc2, 0x62,
-    0xba, 0xb3, 0x57, 0x08, 0xac, 0x84, 0x5d, 0x9c, 0x44, 0xc5, 0x0a, 0x0d,
-    0x45, 0xe2, 0x94, 0x01, 0xe5, 0x2b, 0xe4, 0x22, 0x46, 0x0e, 0x0c, 0x0f,
-    0x6b, 0x98, 0x3d, 0xad, 0x6d, 0x5e, 0x61, 0xf7, 0xf6, 0x92, 0x9d, 0x88,
-    0x1f, 0x43, 0x03, 0x48, 0xbf, 0x16, 0xde, 0x94,
-};
-static const struct drbg_kat_no_reseed kat192_nor_t = {
-    11, kat192_nor_entropyin, kat192_nor_nonce, kat192_nor_persstr,
-    kat192_nor_addin0, kat192_nor_addin1, kat192_nor_retbytes
-};
-static const struct drbg_kat kat192_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat192_nor_t
-};
-
-static const unsigned char kat193_nor_entropyin[] = {
-    0x49, 0x8c, 0x61, 0x22, 0x3b, 0xfa, 0xa5, 0x33, 0xda, 0x30, 0x7e, 0x7f,
-    0xd7, 0x9b, 0x77, 0x6e,
-};
-static const unsigned char kat193_nor_nonce[] = {
-    0xb3, 0x62, 0xd9, 0x06, 0x63, 0xb1, 0xc9, 0x21,
-};
-static const unsigned char kat193_nor_persstr[] = {0};
-static const unsigned char kat193_nor_addin0[] = {0};
-static const unsigned char kat193_nor_addin1[] = {0};
-static const unsigned char kat193_nor_retbytes[] = {
-    0x80, 0xa2, 0xa0, 0xf2, 0x82, 0x29, 0x85, 0x42, 0x84, 0x71, 0xba, 0xc8,
-    0xc5, 0xc4, 0x6c, 0xd5, 0xdb, 0xee, 0x0f, 0x9f, 0xb9, 0x1d, 0x08, 0xb9,
-    0xed, 0x69, 0xa5, 0x57, 0x70, 0x01, 0x34, 0x73, 0x87, 0x52, 0x31, 0x0e,
-    0xef, 0xc2, 0x3a, 0xce, 0x02, 0x1f, 0xbc, 0xb8, 0x2c, 0xc6, 0x70, 0x96,
-    0xb5, 0x8a, 0xae, 0x14, 0x46, 0x36, 0x07, 0xa5, 0x07, 0x70, 0x72, 0xea,
-    0x74, 0xaf, 0x4b, 0xfd, 0xe6, 0x8e, 0xe9, 0x1f, 0x89, 0x23, 0x1b, 0xd3,
-    0xba, 0xfa, 0xea, 0xaa, 0xd1, 0x40, 0x6b, 0x39,
-};
-static const struct drbg_kat_no_reseed kat193_nor_t = {
-    12, kat193_nor_entropyin, kat193_nor_nonce, kat193_nor_persstr,
-    kat193_nor_addin0, kat193_nor_addin1, kat193_nor_retbytes
-};
-static const struct drbg_kat kat193_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat193_nor_t
-};
-
-static const unsigned char kat194_nor_entropyin[] = {
-    0x33, 0xf7, 0x24, 0x71, 0x7a, 0xef, 0xf4, 0x85, 0x54, 0x3a, 0xd0, 0xd5,
-    0xc7, 0x70, 0x33, 0x56,
-};
-static const unsigned char kat194_nor_nonce[] = {
-    0xac, 0x45, 0x58, 0xa2, 0x2a, 0xae, 0xfc, 0x9d,
-};
-static const unsigned char kat194_nor_persstr[] = {0};
-static const unsigned char kat194_nor_addin0[] = {0};
-static const unsigned char kat194_nor_addin1[] = {0};
-static const unsigned char kat194_nor_retbytes[] = {
-    0x81, 0x0b, 0xe2, 0xed, 0x84, 0xcb, 0x7b, 0xc2, 0x05, 0xf6, 0xba, 0x6d,
-    0xd6, 0x91, 0x18, 0x6e, 0x45, 0x4d, 0xa0, 0x73, 0x95, 0x5c, 0xe6, 0xe5,
-    0x4f, 0x9b, 0x94, 0x54, 0x45, 0xae, 0x69, 0x8a, 0x3d, 0x47, 0x47, 0xc9,
-    0x73, 0x05, 0x2a, 0xa1, 0xcc, 0x7e, 0x21, 0x22, 0x08, 0xec, 0xd4, 0xcc,
-    0x58, 0xb2, 0xf3, 0x0f, 0xf6, 0xc4, 0xf2, 0xac, 0xdc, 0xab, 0xc3, 0x72,
-    0x7e, 0x86, 0x65, 0xf5, 0x5d, 0xe7, 0x96, 0x2f, 0x6f, 0xcb, 0xbe, 0xb4,
-    0x06, 0x86, 0x99, 0x24, 0xc6, 0x16, 0x6a, 0xc2,
-};
-static const struct drbg_kat_no_reseed kat194_nor_t = {
-    13, kat194_nor_entropyin, kat194_nor_nonce, kat194_nor_persstr,
-    kat194_nor_addin0, kat194_nor_addin1, kat194_nor_retbytes
-};
-static const struct drbg_kat kat194_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat194_nor_t
-};
-
-static const unsigned char kat195_nor_entropyin[] = {
-    0xf4, 0x84, 0xb9, 0x22, 0xf4, 0x92, 0xd1, 0x9b, 0x58, 0x40, 0x7c, 0x24,
-    0x2a, 0xb9, 0x0e, 0x76,
-};
-static const unsigned char kat195_nor_nonce[] = {
-    0x89, 0x52, 0xa0, 0xa4, 0xb6, 0x66, 0xb0, 0xc8,
-};
-static const unsigned char kat195_nor_persstr[] = {0};
-static const unsigned char kat195_nor_addin0[] = {0};
-static const unsigned char kat195_nor_addin1[] = {0};
-static const unsigned char kat195_nor_retbytes[] = {
-    0x2d, 0x77, 0x23, 0x5f, 0xa2, 0x73, 0xca, 0xb3, 0xc1, 0xbb, 0x17, 0x6d,
-    0x44, 0x81, 0x7c, 0xc2, 0x53, 0x00, 0xb3, 0xf0, 0x17, 0x2a, 0x0b, 0x5a,
-    0xaa, 0x66, 0xb2, 0x82, 0xc0, 0x15, 0xd4, 0x26, 0xed, 0xec, 0x5f, 0x1e,
-    0xbb, 0xfc, 0x02, 0x69, 0x95, 0x6b, 0x85, 0x99, 0x41, 0x67, 0x99, 0x2a,
-    0x71, 0x00, 0x25, 0x86, 0x92, 0x3e, 0xa2, 0x34, 0xbe, 0x6c, 0x5d, 0xf0,
-    0x9f, 0x47, 0xd8, 0x91, 0x32, 0xe4, 0x40, 0x82, 0x7b, 0x89, 0xf7, 0xff,
-    0x97, 0xe0, 0x32, 0xb3, 0xf7, 0x4f, 0xe3, 0x2f,
-};
-static const struct drbg_kat_no_reseed kat195_nor_t = {
-    14, kat195_nor_entropyin, kat195_nor_nonce, kat195_nor_persstr,
-    kat195_nor_addin0, kat195_nor_addin1, kat195_nor_retbytes
-};
-static const struct drbg_kat kat195_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 0, 80, &kat195_nor_t
-};
-
-static const unsigned char kat196_nor_entropyin[] = {
-    0x9e, 0x13, 0xa5, 0x7f, 0xb4, 0x3d, 0xdc, 0xd0, 0x69, 0xfc, 0x83, 0x80,
-    0xb8, 0x18, 0xf2, 0xae,
-};
-static const unsigned char kat196_nor_nonce[] = {
-    0xfd, 0x09, 0x58, 0x60, 0x67, 0xe5, 0xd9, 0x2c,
-};
-static const unsigned char kat196_nor_persstr[] = {0};
-static const unsigned char kat196_nor_addin0[] = {
-    0xb2, 0x25, 0x7b, 0xa7, 0x7d, 0x8a, 0xf7, 0x5d, 0x23, 0xb8, 0x0c, 0x9a,
-    0x9c, 0xe7, 0x46, 0x30,
-};
-static const unsigned char kat196_nor_addin1[] = {
-    0x79, 0x77, 0x52, 0x10, 0xd7, 0x49, 0x66, 0x2d, 0x6a, 0x5e, 0xa2, 0xb2,
-    0xbb, 0xbf, 0x35, 0x30,
-};
-static const unsigned char kat196_nor_retbytes[] = {
-    0x78, 0xa4, 0x95, 0x79, 0x78, 0x45, 0x0a, 0x7f, 0x8a, 0xd0, 0x0f, 0x3c,
-    0x3b, 0x4e, 0x21, 0x87, 0x6f, 0x5a, 0x82, 0x8c, 0xc6, 0x0c, 0xd8, 0xea,
-    0xf4, 0x88, 0xea, 0xeb, 0x1b, 0x96, 0x40, 0xbf, 0x49, 0x3a, 0x9c, 0xed,
-    0xa1, 0xd3, 0xc7, 0x68, 0x43, 0x4d, 0xeb, 0x20, 0x18, 0x3b, 0x7c, 0x0e,
-    0xc8, 0xe7, 0xd7, 0x51, 0xba, 0x90, 0x11, 0xe3, 0x48, 0x95, 0x63, 0xc7,
-    0x95, 0xb6, 0x78, 0xbe, 0x5e, 0xa1, 0x36, 0x18, 0xbc, 0xc3, 0xba, 0x54,
-    0xfe, 0x59, 0x44, 0x53, 0xc9, 0x5c, 0x88, 0x8b,
-};
-static const struct drbg_kat_no_reseed kat196_nor_t = {
-    0, kat196_nor_entropyin, kat196_nor_nonce, kat196_nor_persstr,
-    kat196_nor_addin0, kat196_nor_addin1, kat196_nor_retbytes
-};
-static const struct drbg_kat kat196_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat196_nor_t
-};
-
-static const unsigned char kat197_nor_entropyin[] = {
-    0xa4, 0xe8, 0x62, 0x18, 0xfb, 0xeb, 0xac, 0x79, 0xa3, 0x1b, 0x3a, 0xcf,
-    0x2a, 0xd3, 0xc6, 0xea,
-};
-static const unsigned char kat197_nor_nonce[] = {
-    0xea, 0x2a, 0xec, 0x42, 0x3f, 0x4d, 0xcf, 0x62,
-};
-static const unsigned char kat197_nor_persstr[] = {0};
-static const unsigned char kat197_nor_addin0[] = {
-    0x00, 0x27, 0x7c, 0x54, 0xa4, 0x9f, 0x8d, 0x71, 0xd3, 0x24, 0xc4, 0xf6,
-    0xd7, 0x53, 0xab, 0x8b,
-};
-static const unsigned char kat197_nor_addin1[] = {
-    0x8b, 0x56, 0xdd, 0x32, 0xe1, 0x4f, 0xe6, 0x06, 0x89, 0x8f, 0x8f, 0xeb,
-    0x4b, 0x5e, 0x05, 0xd6,
-};
-static const unsigned char kat197_nor_retbytes[] = {
-    0xc9, 0x31, 0x06, 0x94, 0xbb, 0xea, 0x39, 0x92, 0x11, 0xec, 0x91, 0xd4,
-    0x1c, 0x60, 0xf3, 0x23, 0x13, 0xfc, 0xa2, 0x8a, 0xe5, 0xed, 0xdc, 0x77,
-    0x2e, 0x98, 0xd8, 0xf5, 0x92, 0x78, 0x64, 0xad, 0x69, 0xf7, 0x18, 0x00,
-    0xd9, 0x33, 0x1e, 0xa4, 0xe5, 0x31, 0xe3, 0xbb, 0x83, 0x56, 0xc6, 0xba,
-    0x93, 0x65, 0xac, 0x76, 0xb7, 0x8c, 0x40, 0xff, 0x28, 0xd0, 0xba, 0xd4,
-    0xa1, 0x44, 0xb8, 0xd7, 0x4f, 0xe4, 0x56, 0x6e, 0x8d, 0xcf, 0xf0, 0x46,
-    0xdc, 0xca, 0xa9, 0x38, 0xae, 0xdb, 0xb2, 0x90,
-};
-static const struct drbg_kat_no_reseed kat197_nor_t = {
-    1, kat197_nor_entropyin, kat197_nor_nonce, kat197_nor_persstr,
-    kat197_nor_addin0, kat197_nor_addin1, kat197_nor_retbytes
-};
-static const struct drbg_kat kat197_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat197_nor_t
-};
-
-static const unsigned char kat198_nor_entropyin[] = {
-    0xb1, 0x3f, 0x24, 0x09, 0xb5, 0xbc, 0x41, 0x51, 0xca, 0x70, 0x37, 0xf7,
-    0xde, 0x83, 0x52, 0x61,
-};
-static const unsigned char kat198_nor_nonce[] = {
-    0x2f, 0x7a, 0xe4, 0x58, 0xde, 0xda, 0x5e, 0x41,
-};
-static const unsigned char kat198_nor_persstr[] = {0};
-static const unsigned char kat198_nor_addin0[] = {
-    0xb2, 0x4f, 0x34, 0x9c, 0x35, 0x7a, 0x53, 0xb3, 0x42, 0xeb, 0xe5, 0x31,
-    0xe1, 0xa0, 0x40, 0x13,
-};
-static const unsigned char kat198_nor_addin1[] = {
-    0xe8, 0xa5, 0xc6, 0x54, 0x74, 0xa2, 0x7d, 0x2f, 0xd5, 0x0f, 0x6e, 0x6b,
-    0xd0, 0x3c, 0xc2, 0x7a,
-};
-static const unsigned char kat198_nor_retbytes[] = {
-    0xb7, 0xd3, 0x33, 0x78, 0x34, 0xf2, 0xe2, 0x23, 0x57, 0x03, 0x00, 0xf1,
-    0x6b, 0x9b, 0x5a, 0x1d, 0x1d, 0x7f, 0xda, 0x5e, 0xb5, 0xbe, 0x14, 0xb8,
-    0x90, 0x66, 0xdd, 0x9b, 0xe3, 0x9b, 0xab, 0xda, 0xe4, 0x1a, 0xfd, 0xf5,
-    0x75, 0x89, 0xe4, 0xc9, 0xec, 0x06, 0x2d, 0xc0, 0xab, 0x0d, 0x62, 0x95,
-    0x45, 0x8f, 0xe0, 0x83, 0xdf, 0xa6, 0xc5, 0x51, 0x47, 0xa1, 0x35, 0x65,
-    0x62, 0x8d, 0x59, 0x6c, 0x91, 0x3e, 0x28, 0xa8, 0x27, 0x00, 0xd8, 0x9a,
-    0x8b, 0xbe, 0x22, 0x6d, 0x33, 0xe0, 0x8e, 0x8b,
-};
-static const struct drbg_kat_no_reseed kat198_nor_t = {
-    2, kat198_nor_entropyin, kat198_nor_nonce, kat198_nor_persstr,
-    kat198_nor_addin0, kat198_nor_addin1, kat198_nor_retbytes
-};
-static const struct drbg_kat kat198_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat198_nor_t
-};
-
-static const unsigned char kat199_nor_entropyin[] = {
-    0x70, 0xc7, 0x3c, 0x77, 0x62, 0x32, 0xd1, 0x4f, 0x09, 0xdc, 0x1f, 0x84,
-    0xaf, 0xad, 0xea, 0xb4,
-};
-static const unsigned char kat199_nor_nonce[] = {
-    0x39, 0xd4, 0x59, 0xb1, 0xa3, 0x61, 0x74, 0x0d,
-};
-static const unsigned char kat199_nor_persstr[] = {0};
-static const unsigned char kat199_nor_addin0[] = {
-    0x67, 0x9f, 0x2f, 0xf0, 0xaa, 0xf5, 0x1a, 0x1e, 0x69, 0xac, 0x27, 0x48,
-    0x0d, 0x57, 0x69, 0x32,
-};
-static const unsigned char kat199_nor_addin1[] = {
-    0x27, 0xd4, 0x92, 0x0d, 0xfd, 0x26, 0x83, 0xb6, 0x6a, 0x42, 0xad, 0x3d,
-    0x32, 0x07, 0x15, 0x47,
-};
-static const unsigned char kat199_nor_retbytes[] = {
-    0xbb, 0x8e, 0x50, 0x08, 0xc1, 0x1c, 0x4d, 0x6e, 0x4c, 0x63, 0x99, 0x6f,
-    0x1e, 0x50, 0xed, 0xf4, 0x80, 0xbd, 0x15, 0x5f, 0xd0, 0x46, 0x68, 0x65,
-    0x2e, 0xee, 0xd6, 0xa8, 0x71, 0xde, 0x7c, 0x86, 0x05, 0xf2, 0x17, 0xfa,
-    0x79, 0x42, 0xe0, 0x3f, 0x3c, 0xc2, 0xb8, 0xbd, 0x1c, 0xa1, 0x8d, 0x6d,
-    0xde, 0xf7, 0x3e, 0xd9, 0xec, 0x00, 0x72, 0x03, 0x6a, 0x34, 0x16, 0x10,
-    0x2c, 0x60, 0xf8, 0x3d, 0xeb, 0xeb, 0xac, 0xff, 0xe9, 0xfd, 0xeb, 0xe2,
-    0xa4, 0x78, 0xc2, 0xc7, 0xca, 0x68, 0xab, 0xb6,
-};
-static const struct drbg_kat_no_reseed kat199_nor_t = {
-    3, kat199_nor_entropyin, kat199_nor_nonce, kat199_nor_persstr,
-    kat199_nor_addin0, kat199_nor_addin1, kat199_nor_retbytes
-};
-static const struct drbg_kat kat199_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat199_nor_t
-};
-
-static const unsigned char kat200_nor_entropyin[] = {
-    0xb8, 0x38, 0xbb, 0x13, 0x6a, 0xd9, 0xb6, 0xf2, 0xb7, 0x91, 0x3f, 0xf4,
-    0x1a, 0xf9, 0xaf, 0x40,
-};
-static const unsigned char kat200_nor_nonce[] = {
-    0x43, 0xcc, 0xad, 0x7a, 0x42, 0x27, 0xad, 0x7c,
-};
-static const unsigned char kat200_nor_persstr[] = {0};
-static const unsigned char kat200_nor_addin0[] = {
-    0x09, 0xdb, 0x57, 0x81, 0x70, 0x51, 0xcc, 0x2e, 0x19, 0x80, 0x6d, 0x18,
-    0xb0, 0xa9, 0x08, 0x4f,
-};
-static const unsigned char kat200_nor_addin1[] = {
-    0xf8, 0xeb, 0xc3, 0x54, 0x4a, 0x5c, 0xd5, 0x6e, 0x0b, 0x61, 0x36, 0xc9,
-    0xc3, 0x42, 0x84, 0x99,
-};
-static const unsigned char kat200_nor_retbytes[] = {
-    0x20, 0x60, 0xe3, 0x92, 0x27, 0x28, 0x70, 0x3c, 0x94, 0x7e, 0x0d, 0x7d,
-    0x94, 0x37, 0x4e, 0x97, 0x41, 0xf4, 0x33, 0xca, 0x24, 0x4c, 0x6c, 0xd3,
-    0x96, 0xdb, 0x88, 0x4a, 0xa4, 0x1f, 0x6a, 0x75, 0xd8, 0x34, 0xfe, 0x76,
-    0x3c, 0x8c, 0x87, 0x3a, 0x96, 0x0f, 0xf3, 0x01, 0x58, 0x6c, 0x87, 0x01,
-    0x27, 0x21, 0xd8, 0xbe, 0x1b, 0xc0, 0x22, 0x68, 0x84, 0xc2, 0x35, 0x32,
-    0x1b, 0x81, 0x8e, 0xc1, 0x95, 0x94, 0x0d, 0xcb, 0x5c, 0x21, 0xbf, 0xe9,
-    0x59, 0x36, 0xec, 0x2f, 0xe4, 0xa5, 0xde, 0xef,
-};
-static const struct drbg_kat_no_reseed kat200_nor_t = {
-    4, kat200_nor_entropyin, kat200_nor_nonce, kat200_nor_persstr,
-    kat200_nor_addin0, kat200_nor_addin1, kat200_nor_retbytes
-};
-static const struct drbg_kat kat200_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat200_nor_t
-};
-
-static const unsigned char kat201_nor_entropyin[] = {
-    0xe4, 0xf6, 0x9f, 0x55, 0x8d, 0xbb, 0xcf, 0x15, 0x76, 0x8e, 0x21, 0xe2,
-    0x76, 0xc7, 0x38, 0x1c,
-};
-static const unsigned char kat201_nor_nonce[] = {
-    0x6d, 0x14, 0xd8, 0xcd, 0xc6, 0xbb, 0xe6, 0xbb,
-};
-static const unsigned char kat201_nor_persstr[] = {0};
-static const unsigned char kat201_nor_addin0[] = {
-    0xdb, 0xf7, 0x65, 0xff, 0x20, 0x4e, 0xe3, 0x2c, 0x53, 0x82, 0xa3, 0x9d,
-    0xd6, 0xaf, 0xf8, 0x70,
-};
-static const unsigned char kat201_nor_addin1[] = {
-    0x4f, 0xa9, 0x01, 0x68, 0xa5, 0xa0, 0x07, 0x30, 0x90, 0xe4, 0xd4, 0xaf,
-    0x43, 0x2c, 0x39, 0xa4,
-};
-static const unsigned char kat201_nor_retbytes[] = {
-    0xe6, 0x54, 0x01, 0xce, 0x0e, 0xc9, 0xf0, 0xd2, 0x47, 0xd5, 0x0c, 0xff,
-    0x3a, 0xd0, 0x70, 0xbb, 0x1f, 0x3c, 0x9f, 0x9e, 0x81, 0xe7, 0x23, 0x7c,
-    0xa0, 0x53, 0x9b, 0x82, 0xe4, 0xc4, 0xd3, 0x62, 0x98, 0x3b, 0xb5, 0xad,
-    0xc3, 0xd2, 0xd9, 0x8d, 0xbc, 0x9a, 0x21, 0xa3, 0x35, 0x1e, 0x17, 0xfd,
-    0x78, 0x90, 0xef, 0x8f, 0xef, 0x72, 0x68, 0xf5, 0xc0, 0x03, 0x1f, 0xd4,
-    0x9d, 0xf5, 0x63, 0xab, 0x67, 0x71, 0x93, 0x9d, 0xd2, 0xbc, 0xd6, 0xd6,
-    0x5c, 0x30, 0x74, 0x85, 0xc0, 0xce, 0x1a, 0xf5,
-};
-static const struct drbg_kat_no_reseed kat201_nor_t = {
-    5, kat201_nor_entropyin, kat201_nor_nonce, kat201_nor_persstr,
-    kat201_nor_addin0, kat201_nor_addin1, kat201_nor_retbytes
-};
-static const struct drbg_kat kat201_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat201_nor_t
-};
-
-static const unsigned char kat202_nor_entropyin[] = {
-    0xd7, 0xa3, 0x2b, 0x55, 0x97, 0xd9, 0x99, 0x4f, 0xca, 0xdd, 0x9d, 0x94,
-    0x56, 0x55, 0x23, 0xa8,
-};
-static const unsigned char kat202_nor_nonce[] = {
-    0x5f, 0x47, 0x25, 0x4c, 0x88, 0xb7, 0x10, 0x55,
-};
-static const unsigned char kat202_nor_persstr[] = {0};
-static const unsigned char kat202_nor_addin0[] = {
-    0x1e, 0xbf, 0xd0, 0xd0, 0xa1, 0x3f, 0xfb, 0x06, 0xdd, 0x3b, 0xc3, 0x19,
-    0x2f, 0x55, 0xb2, 0xc6,
-};
-static const unsigned char kat202_nor_addin1[] = {
-    0x80, 0x4f, 0xc1, 0x77, 0x2a, 0xb3, 0x93, 0xc7, 0x4d, 0x7c, 0xca, 0x2e,
-    0x56, 0x6e, 0xf7, 0x0f,
-};
-static const unsigned char kat202_nor_retbytes[] = {
-    0xeb, 0x26, 0x9c, 0x0f, 0x2d, 0x02, 0xab, 0x44, 0x48, 0xf5, 0x1e, 0x04,
-    0x21, 0xdf, 0x97, 0x01, 0xf2, 0x7e, 0x9d, 0xa7, 0x7e, 0x75, 0xb2, 0xe7,
-    0x60, 0x3c, 0xf4, 0x21, 0x52, 0xa8, 0xed, 0xc5, 0xfc, 0x29, 0x2f, 0xa9,
-    0xd4, 0x04, 0x6b, 0x22, 0xf7, 0x84, 0x2b, 0xfa, 0x80, 0xd4, 0xa0, 0x33,
-    0x4c, 0x79, 0xe0, 0xc8, 0x38, 0x9a, 0x9c, 0xcd, 0x94, 0xf3, 0x4b, 0x9c,
-    0x6a, 0x18, 0x8b, 0x09, 0x99, 0x6b, 0xd6, 0xd1, 0xe0, 0xeb, 0xe7, 0x25,
-    0x39, 0xf6, 0xa2, 0x5a, 0x5c, 0xc7, 0x06, 0xf5,
-};
-static const struct drbg_kat_no_reseed kat202_nor_t = {
-    6, kat202_nor_entropyin, kat202_nor_nonce, kat202_nor_persstr,
-    kat202_nor_addin0, kat202_nor_addin1, kat202_nor_retbytes
-};
-static const struct drbg_kat kat202_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat202_nor_t
-};
-
-static const unsigned char kat203_nor_entropyin[] = {
-    0xb6, 0x80, 0x1a, 0xb7, 0x28, 0x56, 0x2a, 0xcb, 0xd7, 0x1a, 0x2e, 0x21,
-    0x57, 0xea, 0xa5, 0xb1,
-};
-static const unsigned char kat203_nor_nonce[] = {
-    0x2e, 0xf6, 0x9d, 0x68, 0xe4, 0x0b, 0x3d, 0x82,
-};
-static const unsigned char kat203_nor_persstr[] = {0};
-static const unsigned char kat203_nor_addin0[] = {
-    0x9b, 0xab, 0x4d, 0xe8, 0x29, 0x5a, 0x5e, 0xe6, 0xe1, 0x5c, 0xc4, 0x96,
-    0x2f, 0x08, 0x96, 0x31,
-};
-static const unsigned char kat203_nor_addin1[] = {
-    0xaa, 0xaa, 0x36, 0x77, 0x01, 0x55, 0x28, 0x19, 0xc4, 0xa2, 0x33, 0x16,
-    0x65, 0xbb, 0xf0, 0x61,
-};
-static const unsigned char kat203_nor_retbytes[] = {
-    0x09, 0x1e, 0xdf, 0xd8, 0x89, 0x48, 0xe7, 0x49, 0xb6, 0xab, 0xa6, 0xdd,
-    0x70, 0x07, 0x7c, 0x88, 0xf1, 0xea, 0x29, 0x7b, 0xce, 0xdc, 0xd9, 0xe1,
-    0xf0, 0xda, 0x80, 0xe5, 0x3e, 0xc1, 0x51, 0x7f, 0x08, 0x78, 0x6f, 0x2e,
-    0x86, 0x45, 0x17, 0xa2, 0x75, 0x4c, 0x5c, 0xd1, 0x50, 0x08, 0xd6, 0xc0,
-    0x3a, 0xb9, 0xff, 0x2d, 0x05, 0x88, 0x80, 0x86, 0x9d, 0x8b, 0x82, 0x47,
-    0xbe, 0x79, 0xa0, 0x11, 0x33, 0xc5, 0x56, 0xa5, 0x15, 0xfd, 0xe2, 0xb2,
-    0x11, 0x92, 0x69, 0xc7, 0xde, 0x06, 0xb4, 0x73,
-};
-static const struct drbg_kat_no_reseed kat203_nor_t = {
-    7, kat203_nor_entropyin, kat203_nor_nonce, kat203_nor_persstr,
-    kat203_nor_addin0, kat203_nor_addin1, kat203_nor_retbytes
-};
-static const struct drbg_kat kat203_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat203_nor_t
-};
-
-static const unsigned char kat204_nor_entropyin[] = {
-    0xee, 0x5a, 0xff, 0xe5, 0xe3, 0x15, 0xdb, 0x84, 0xf7, 0x1a, 0x22, 0x0b,
-    0x31, 0x58, 0x88, 0xbb,
-};
-static const unsigned char kat204_nor_nonce[] = {
-    0xf5, 0xe5, 0xf7, 0xaa, 0x35, 0xea, 0xe6, 0x29,
-};
-static const unsigned char kat204_nor_persstr[] = {0};
-static const unsigned char kat204_nor_addin0[] = {
-    0x6d, 0x3e, 0x8f, 0xd6, 0x87, 0x0d, 0x2f, 0xcb, 0x22, 0x38, 0x1c, 0x19,
-    0x58, 0xe3, 0x87, 0x5e,
-};
-static const unsigned char kat204_nor_addin1[] = {
-    0x8a, 0x3a, 0x40, 0x93, 0xfe, 0x50, 0x0f, 0xea, 0xa1, 0xf7, 0xe2, 0xde,
-    0x9f, 0xc5, 0x6b, 0xc0,
-};
-static const unsigned char kat204_nor_retbytes[] = {
-    0x27, 0xe7, 0x9a, 0x6d, 0xe3, 0xb9, 0x99, 0x71, 0x18, 0x2e, 0xab, 0x73,
-    0xe3, 0x21, 0x68, 0x3e, 0x2a, 0x60, 0x1d, 0xee, 0x46, 0x31, 0x45, 0x31,
-    0xef, 0x8a, 0x04, 0x00, 0x03, 0x7b, 0x1a, 0x66, 0x0e, 0x2c, 0xf0, 0x75,
-    0x9d, 0xf0, 0xf6, 0xd2, 0xaf, 0xca, 0x9a, 0x0d, 0xec, 0x50, 0x2b, 0x46,
-    0x6d, 0x95, 0xaf, 0xec, 0x52, 0xb8, 0x97, 0x41, 0x24, 0x2d, 0xad, 0xa5,
-    0x20, 0x28, 0x06, 0xec, 0xe7, 0x39, 0x96, 0xdf, 0x88, 0xf3, 0x5b, 0xf7,
-    0xc6, 0x86, 0xa0, 0xf6, 0x97, 0x32, 0xfa, 0x9e,
-};
-static const struct drbg_kat_no_reseed kat204_nor_t = {
-    8, kat204_nor_entropyin, kat204_nor_nonce, kat204_nor_persstr,
-    kat204_nor_addin0, kat204_nor_addin1, kat204_nor_retbytes
-};
-static const struct drbg_kat kat204_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat204_nor_t
-};
-
-static const unsigned char kat205_nor_entropyin[] = {
-    0x28, 0xf1, 0x5b, 0x1e, 0xcf, 0x1e, 0x8f, 0xbe, 0xb4, 0xeb, 0xb2, 0x43,
-    0xe8, 0x6e, 0x51, 0x0e,
-};
-static const unsigned char kat205_nor_nonce[] = {
-    0xa1, 0x49, 0x01, 0x1c, 0xa0, 0x96, 0x2b, 0x79,
-};
-static const unsigned char kat205_nor_persstr[] = {0};
-static const unsigned char kat205_nor_addin0[] = {
-    0xc5, 0x44, 0x25, 0xd4, 0x3b, 0x1e, 0x66, 0x35, 0x46, 0x7c, 0x51, 0x58,
-    0xab, 0x57, 0x05, 0x96,
-};
-static const unsigned char kat205_nor_addin1[] = {
-    0x79, 0x4c, 0x9b, 0x26, 0x04, 0xba, 0x24, 0x02, 0xa4, 0x76, 0x38, 0xdc,
-    0x73, 0x60, 0xac, 0x29,
-};
-static const unsigned char kat205_nor_retbytes[] = {
-    0x48, 0x71, 0x19, 0xe5, 0xdb, 0x7e, 0x5b, 0x6e, 0x57, 0x92, 0xac, 0x25,
-    0xeb, 0xc0, 0x55, 0xe9, 0x1b, 0xa8, 0x27, 0xcd, 0x69, 0x5b, 0x5b, 0x0f,
-    0x95, 0x91, 0x85, 0xd9, 0xbb, 0x62, 0xe2, 0x7a, 0x8f, 0x6c, 0x81, 0x4a,
-    0xfc, 0x39, 0xb2, 0x6f, 0x94, 0x87, 0x87, 0x07, 0xae, 0x2d, 0x67, 0xd0,
-    0x18, 0x77, 0xea, 0x26, 0x7f, 0xcc, 0x55, 0xd5, 0xdf, 0x83, 0xb2, 0xd8,
-    0x09, 0x9a, 0x09, 0x3e, 0x95, 0x2a, 0x43, 0xc5, 0xd8, 0xde, 0x99, 0x25,
-    0xe5, 0xa0, 0xbb, 0xda, 0xfd, 0x81, 0x37, 0x00,
-};
-static const struct drbg_kat_no_reseed kat205_nor_t = {
-    9, kat205_nor_entropyin, kat205_nor_nonce, kat205_nor_persstr,
-    kat205_nor_addin0, kat205_nor_addin1, kat205_nor_retbytes
-};
-static const struct drbg_kat kat205_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat205_nor_t
-};
-
-static const unsigned char kat206_nor_entropyin[] = {
-    0xae, 0x23, 0xad, 0xa4, 0x5b, 0xa1, 0xc1, 0xc4, 0x91, 0x18, 0x53, 0x11,
-    0xaa, 0x99, 0x4b, 0x18,
-};
-static const unsigned char kat206_nor_nonce[] = {
-    0x03, 0xa1, 0x57, 0xc7, 0xa7, 0x4a, 0x20, 0xd2,
-};
-static const unsigned char kat206_nor_persstr[] = {0};
-static const unsigned char kat206_nor_addin0[] = {
-    0x09, 0xf3, 0x7d, 0x8e, 0x0c, 0xe2, 0x3d, 0x2e, 0xd9, 0xa8, 0x20, 0xc4,
-    0x1c, 0x9c, 0x06, 0xee,
-};
-static const unsigned char kat206_nor_addin1[] = {
-    0xf3, 0x8d, 0xd1, 0x6e, 0x2f, 0xa8, 0xd5, 0x2c, 0x17, 0x08, 0xfc, 0x38,
-    0x69, 0xbd, 0x9a, 0x09,
-};
-static const unsigned char kat206_nor_retbytes[] = {
-    0xd4, 0x5f, 0x27, 0xd9, 0x1e, 0x07, 0x7b, 0x9f, 0xa0, 0x60, 0xc6, 0xa7,
-    0xd7, 0x07, 0xc0, 0x7c, 0x0e, 0xa3, 0xcb, 0xdb, 0x80, 0x19, 0x4f, 0x08,
-    0xfe, 0xa6, 0x4d, 0x31, 0x77, 0x15, 0xce, 0xf7, 0x6d, 0xc8, 0x8f, 0xef,
-    0x48, 0x35, 0x6c, 0x1c, 0xf9, 0xf9, 0x9e, 0x56, 0x44, 0xe6, 0xc5, 0x87,
-    0x2e, 0x79, 0x37, 0xdc, 0x1e, 0x2c, 0x9f, 0xfe, 0x0d, 0xfa, 0xa8, 0x7e,
-    0x42, 0x51, 0x08, 0xd9, 0x7f, 0x65, 0x16, 0x6a, 0xc2, 0xc1, 0x10, 0xed,
-    0x0c, 0xd0, 0x7f, 0xac, 0xba, 0x77, 0x36, 0x73,
-};
-static const struct drbg_kat_no_reseed kat206_nor_t = {
-    10, kat206_nor_entropyin, kat206_nor_nonce, kat206_nor_persstr,
-    kat206_nor_addin0, kat206_nor_addin1, kat206_nor_retbytes
-};
-static const struct drbg_kat kat206_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat206_nor_t
-};
-
-static const unsigned char kat207_nor_entropyin[] = {
-    0xb0, 0x05, 0x0c, 0xbc, 0x41, 0x2b, 0x31, 0x22, 0xd8, 0x91, 0x5b, 0x79,
-    0x53, 0x21, 0x61, 0x4c,
-};
-static const unsigned char kat207_nor_nonce[] = {
-    0xa0, 0x98, 0xbf, 0xa0, 0x17, 0xd5, 0xee, 0xb4,
-};
-static const unsigned char kat207_nor_persstr[] = {0};
-static const unsigned char kat207_nor_addin0[] = {
-    0x75, 0x81, 0x6d, 0x4a, 0xd2, 0x58, 0x1f, 0x92, 0xbc, 0xe5, 0xe6, 0x79,
-    0xbb, 0xcf, 0xff, 0x53,
-};
-static const unsigned char kat207_nor_addin1[] = {
-    0x7d, 0x40, 0xde, 0x16, 0x2b, 0x81, 0x21, 0x31, 0x91, 0x54, 0x08, 0xf9,
-    0x79, 0xbf, 0x1a, 0xc8,
-};
-static const unsigned char kat207_nor_retbytes[] = {
-    0x74, 0xcf, 0x8c, 0x5d, 0x35, 0xdc, 0xfc, 0xf4, 0x72, 0xf0, 0x84, 0x2b,
-    0x46, 0x5f, 0xdd, 0x13, 0x6f, 0x12, 0xb4, 0x05, 0xee, 0x35, 0x6e, 0xf4,
-    0x80, 0x94, 0x3e, 0x70, 0x4c, 0xbb, 0x12, 0xa8, 0xf5, 0x68, 0xd7, 0xe1,
-    0xc1, 0x31, 0xe2, 0x91, 0xa4, 0xe8, 0x2a, 0x01, 0x8b, 0x66, 0x7b, 0xb5,
-    0xc8, 0x12, 0x74, 0x55, 0x14, 0xc9, 0x02, 0xe7, 0x13, 0xc9, 0x35, 0x26,
-    0x53, 0x69, 0x6e, 0xe0, 0x7d, 0xf6, 0xa5, 0x52, 0x59, 0x8d, 0x04, 0x73,
-    0x46, 0x0b, 0xb3, 0x8f, 0xe1, 0xd6, 0x02, 0xc8,
-};
-static const struct drbg_kat_no_reseed kat207_nor_t = {
-    11, kat207_nor_entropyin, kat207_nor_nonce, kat207_nor_persstr,
-    kat207_nor_addin0, kat207_nor_addin1, kat207_nor_retbytes
-};
-static const struct drbg_kat kat207_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat207_nor_t
-};
-
-static const unsigned char kat208_nor_entropyin[] = {
-    0xfa, 0xab, 0x57, 0xf3, 0x12, 0x39, 0xc2, 0x2e, 0x88, 0x08, 0xc2, 0x46,
-    0x59, 0x6c, 0x1f, 0x5b,
-};
-static const unsigned char kat208_nor_nonce[] = {
-    0x03, 0x87, 0xf1, 0x63, 0x65, 0x43, 0xa6, 0x61,
-};
-static const unsigned char kat208_nor_persstr[] = {0};
-static const unsigned char kat208_nor_addin0[] = {
-    0xd1, 0xb1, 0xea, 0xc5, 0x81, 0x01, 0xb5, 0x60, 0x82, 0xf6, 0xcf, 0x3f,
-    0x03, 0xba, 0x3e, 0x6b,
-};
-static const unsigned char kat208_nor_addin1[] = {
-    0x13, 0xb0, 0xb5, 0xba, 0xad, 0x29, 0x9e, 0x76, 0xc7, 0x32, 0xdd, 0x79,
-    0x87, 0x8b, 0x7e, 0x4a,
-};
-static const unsigned char kat208_nor_retbytes[] = {
-    0x1a, 0x72, 0x30, 0xd1, 0x4e, 0xda, 0x7f, 0x2f, 0x96, 0xe3, 0x0e, 0x9b,
-    0x60, 0x13, 0x7b, 0xa3, 0x3a, 0xa4, 0xc5, 0xbe, 0x04, 0x72, 0x88, 0x04,
-    0x37, 0xbc, 0xc6, 0x1c, 0xa8, 0x2d, 0x1e, 0x08, 0x28, 0x91, 0x8b, 0x40,
-    0x62, 0xff, 0x7d, 0xee, 0x89, 0x12, 0x8a, 0x48, 0xed, 0x87, 0xac, 0x60,
-    0x65, 0x70, 0x51, 0xe0, 0xee, 0xb4, 0xcb, 0xf3, 0x72, 0xa2, 0x4b, 0xef,
-    0xff, 0x4d, 0x6e, 0x22, 0xe7, 0x3d, 0x3d, 0xfb, 0x34, 0xd5, 0x9d, 0x21,
-    0x3e, 0x05, 0xcc, 0x09, 0x9d, 0x48, 0xbb, 0xda,
-};
-static const struct drbg_kat_no_reseed kat208_nor_t = {
-    12, kat208_nor_entropyin, kat208_nor_nonce, kat208_nor_persstr,
-    kat208_nor_addin0, kat208_nor_addin1, kat208_nor_retbytes
-};
-static const struct drbg_kat kat208_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat208_nor_t
-};
-
-static const unsigned char kat209_nor_entropyin[] = {
-    0x93, 0xd7, 0x71, 0xd0, 0x7a, 0xe9, 0x8d, 0x78, 0x7f, 0xdb, 0x78, 0x7f,
-    0x30, 0xab, 0xd7, 0xd4,
-};
-static const unsigned char kat209_nor_nonce[] = {
-    0x38, 0x0d, 0x74, 0x3d, 0xcf, 0x70, 0xa7, 0x8f,
-};
-static const unsigned char kat209_nor_persstr[] = {0};
-static const unsigned char kat209_nor_addin0[] = {
-    0xe8, 0xb4, 0xb8, 0x33, 0xd8, 0x65, 0x73, 0x64, 0xb8, 0xea, 0x4a, 0x67,
-    0x04, 0xfb, 0x73, 0x2f,
-};
-static const unsigned char kat209_nor_addin1[] = {
-    0x61, 0x58, 0x53, 0xa9, 0xe6, 0xe5, 0x9b, 0xe8, 0x35, 0x3c, 0xb2, 0x3e,
-    0xd9, 0xb0, 0x68, 0xc0,
-};
-static const unsigned char kat209_nor_retbytes[] = {
-    0x2a, 0xea, 0x25, 0x55, 0xd2, 0x58, 0x35, 0xce, 0xb3, 0x42, 0x5f, 0x58,
-    0x4b, 0xa1, 0x1f, 0x20, 0xf2, 0x37, 0xe0, 0xa6, 0xaf, 0x2f, 0x55, 0x4b,
-    0x38, 0x24, 0x11, 0xec, 0xb0, 0xff, 0xa8, 0xd6, 0xd5, 0x50, 0x4b, 0x65,
-    0x44, 0x67, 0xba, 0x34, 0xa0, 0x43, 0x6d, 0xae, 0x4a, 0x9d, 0x48, 0x3f,
-    0x6f, 0x58, 0xa5, 0x2d, 0x73, 0x84, 0x45, 0x86, 0xbc, 0xe2, 0xd1, 0x40,
-    0x6f, 0x4d, 0x5f, 0x9b, 0x87, 0x8c, 0x4d, 0x14, 0x60, 0xef, 0x9c, 0x97,
-    0x4c, 0xac, 0x1c, 0xe0, 0xeb, 0xe8, 0x62, 0x7d,
-};
-static const struct drbg_kat_no_reseed kat209_nor_t = {
-    13, kat209_nor_entropyin, kat209_nor_nonce, kat209_nor_persstr,
-    kat209_nor_addin0, kat209_nor_addin1, kat209_nor_retbytes
-};
-static const struct drbg_kat kat209_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat209_nor_t
-};
-
-static const unsigned char kat210_nor_entropyin[] = {
-    0x7d, 0x7b, 0x1c, 0x32, 0x5e, 0x98, 0x43, 0xc3, 0xd2, 0x77, 0x0e, 0xfd,
-    0x5e, 0x13, 0x4f, 0xe7,
-};
-static const unsigned char kat210_nor_nonce[] = {
-    0x9d, 0xac, 0x46, 0xa2, 0xda, 0x81, 0x03, 0x0f,
-};
-static const unsigned char kat210_nor_persstr[] = {0};
-static const unsigned char kat210_nor_addin0[] = {
-    0x9e, 0x3e, 0xa6, 0xea, 0xc1, 0x20, 0xd6, 0x63, 0xe3, 0x30, 0xd2, 0x82,
-    0xca, 0x9b, 0x9d, 0x7c,
-};
-static const unsigned char kat210_nor_addin1[] = {
-    0xb8, 0xd7, 0x1f, 0xce, 0x77, 0x79, 0xa9, 0x90, 0x6b, 0x97, 0x90, 0xcd,
-    0x1d, 0x4e, 0x48, 0xd5,
-};
-static const unsigned char kat210_nor_retbytes[] = {
-    0x63, 0xd2, 0x8a, 0x30, 0x0a, 0x32, 0x9c, 0xa2, 0x02, 0xb9, 0x84, 0x98,
-    0xc9, 0xf4, 0x69, 0x12, 0x62, 0x0b, 0xc8, 0x5c, 0x24, 0x6f, 0x03, 0x4d,
-    0xca, 0x41, 0x86, 0xcd, 0x9b, 0x0e, 0x08, 0x10, 0xa3, 0x63, 0x78, 0x58,
-    0x78, 0xef, 0xfd, 0xe9, 0x0a, 0xec, 0x8c, 0xb5, 0x84, 0x86, 0x25, 0x24,
-    0xee, 0xbf, 0x94, 0x0c, 0x44, 0xfe, 0xd2, 0x1c, 0xb5, 0x80, 0xd4, 0x11,
-    0x5f, 0x3e, 0x0d, 0xda, 0x07, 0xe0, 0xe4, 0xa6, 0x66, 0x89, 0xc2, 0xff,
-    0x3e, 0x9b, 0x87, 0xed, 0xfa, 0xa4, 0xd0, 0x51,
-};
-static const struct drbg_kat_no_reseed kat210_nor_t = {
-    14, kat210_nor_entropyin, kat210_nor_nonce, kat210_nor_persstr,
-    kat210_nor_addin0, kat210_nor_addin1, kat210_nor_retbytes
-};
-static const struct drbg_kat kat210_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 0, 16, 80, &kat210_nor_t
-};
-
-static const unsigned char kat211_nor_entropyin[] = {
-    0xe4, 0xba, 0xc9, 0x55, 0xa3, 0xe8, 0x20, 0xe5, 0x89, 0x51, 0x94, 0xe2,
-    0xc1, 0x3e, 0xf9, 0xac,
-};
-static const unsigned char kat211_nor_nonce[] = {
-    0x8f, 0x4d, 0x17, 0x7d, 0xa6, 0x5e, 0xd4, 0x8e,
-};
-static const unsigned char kat211_nor_persstr[] = {
-    0x06, 0xc4, 0xc6, 0x01, 0x14, 0x5a, 0x9d, 0x13, 0x7a, 0x49, 0x0c, 0x7b,
-    0xcd, 0x22, 0xf4, 0x1e,
-};
-static const unsigned char kat211_nor_addin0[] = {0};
-static const unsigned char kat211_nor_addin1[] = {0};
-static const unsigned char kat211_nor_retbytes[] = {
-    0xe9, 0x67, 0xd2, 0xfa, 0x24, 0x78, 0x77, 0x53, 0x42, 0xec, 0x5c, 0xa1,
-    0x53, 0xe5, 0xcb, 0x13, 0xc6, 0x61, 0x34, 0xd4, 0xe1, 0x7a, 0x89, 0xcf,
-    0x62, 0x9d, 0x78, 0x45, 0xf8, 0xce, 0x26, 0x83, 0x32, 0xa0, 0x4f, 0x0d,
-    0x7e, 0x22, 0x82, 0x36, 0x8f, 0x40, 0x33, 0x99, 0x4f, 0x20, 0xbc, 0xbc,
-    0x7d, 0x43, 0x97, 0xd5, 0xfa, 0xcc, 0x44, 0x88, 0x42, 0xb1, 0xe9, 0x24,
-    0x6c, 0x24, 0xa6, 0x8e, 0x02, 0x9f, 0xff, 0x99, 0xe9, 0x08, 0x53, 0xbb,
-    0x19, 0xb7, 0xe6, 0xfc, 0x9f, 0x29, 0xe4, 0xb0,
-};
-static const struct drbg_kat_no_reseed kat211_nor_t = {
-    0, kat211_nor_entropyin, kat211_nor_nonce, kat211_nor_persstr,
-    kat211_nor_addin0, kat211_nor_addin1, kat211_nor_retbytes
-};
-static const struct drbg_kat kat211_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat211_nor_t
-};
-
-static const unsigned char kat212_nor_entropyin[] = {
-    0x2e, 0x95, 0x18, 0xf7, 0x53, 0xf5, 0x9a, 0x4a, 0x53, 0xfd, 0xac, 0x88,
-    0xaf, 0x18, 0x7d, 0xac,
-};
-static const unsigned char kat212_nor_nonce[] = {
-    0x9b, 0x92, 0x6c, 0x22, 0x3a, 0xd3, 0xef, 0xb0,
-};
-static const unsigned char kat212_nor_persstr[] = {
-    0xbc, 0xa0, 0x5f, 0xfd, 0xbc, 0x7d, 0x8b, 0x92, 0x8c, 0x79, 0x79, 0xc0,
-    0x83, 0xd6, 0x57, 0x84,
-};
-static const unsigned char kat212_nor_addin0[] = {0};
-static const unsigned char kat212_nor_addin1[] = {0};
-static const unsigned char kat212_nor_retbytes[] = {
-    0x05, 0x5f, 0xbe, 0x1d, 0x5e, 0x27, 0x60, 0x68, 0xf7, 0x88, 0x30, 0x94,
-    0xc3, 0xdf, 0x67, 0x9d, 0xa1, 0xbf, 0xcf, 0x38, 0x56, 0x2e, 0xbb, 0xff,
-    0x64, 0x45, 0x6c, 0x2e, 0xd4, 0xfb, 0x03, 0x98, 0x5b, 0xdd, 0xfb, 0x35,
-    0x21, 0x22, 0xad, 0xbb, 0x0b, 0xdd, 0x92, 0x67, 0x2d, 0x45, 0x4f, 0x7d,
-    0xb5, 0x16, 0x20, 0x9c, 0xfa, 0xfe, 0x28, 0x9b, 0xd2, 0x8b, 0xdb, 0xc5,
-    0x0b, 0xc2, 0x2f, 0x03, 0x91, 0x2e, 0xa6, 0x94, 0xad, 0x2f, 0xe1, 0xc9,
-    0xf2, 0xd5, 0x7e, 0xd3, 0x98, 0x93, 0xe8, 0x01,
-};
-static const struct drbg_kat_no_reseed kat212_nor_t = {
-    1, kat212_nor_entropyin, kat212_nor_nonce, kat212_nor_persstr,
-    kat212_nor_addin0, kat212_nor_addin1, kat212_nor_retbytes
-};
-static const struct drbg_kat kat212_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat212_nor_t
-};
-
-static const unsigned char kat213_nor_entropyin[] = {
-    0x29, 0x9f, 0xb6, 0x49, 0xae, 0x00, 0x2b, 0x0b, 0xd2, 0x9f, 0x23, 0xfb,
-    0xeb, 0x22, 0x1f, 0x08,
-};
-static const unsigned char kat213_nor_nonce[] = {
-    0x61, 0x40, 0xec, 0x1a, 0x58, 0x99, 0xeb, 0xab,
-};
-static const unsigned char kat213_nor_persstr[] = {
-    0xac, 0xd2, 0x16, 0x0d, 0x08, 0x85, 0x32, 0xe0, 0x58, 0x8a, 0x88, 0x8c,
-    0x5d, 0xba, 0x86, 0x3b,
-};
-static const unsigned char kat213_nor_addin0[] = {0};
-static const unsigned char kat213_nor_addin1[] = {0};
-static const unsigned char kat213_nor_retbytes[] = {
-    0x16, 0x30, 0xfc, 0xb4, 0x82, 0x95, 0x6b, 0x0f, 0x9a, 0x1f, 0x2c, 0x24,
-    0x8d, 0x06, 0xd8, 0x06, 0x96, 0x69, 0xab, 0x2c, 0x90, 0xaa, 0x39, 0x0d,
-    0xa6, 0x36, 0x95, 0x49, 0x45, 0x31, 0x26, 0x07, 0xd6, 0x45, 0xa6, 0xae,
-    0x86, 0x4c, 0x3e, 0x3f, 0x82, 0x3e, 0x2a, 0xac, 0x90, 0x00, 0x75, 0x72,
-    0x85, 0x48, 0xd7, 0x84, 0xac, 0xa3, 0x51, 0xf1, 0xf0, 0x98, 0xfb, 0x40,
-    0x1f, 0xd7, 0xe4, 0x14, 0x1e, 0x2a, 0x37, 0x4c, 0x8f, 0x25, 0x2b, 0xd7,
-    0x2a, 0xa8, 0xf5, 0x5d, 0xc0, 0x14, 0xa6, 0x8c,
-};
-static const struct drbg_kat_no_reseed kat213_nor_t = {
-    2, kat213_nor_entropyin, kat213_nor_nonce, kat213_nor_persstr,
-    kat213_nor_addin0, kat213_nor_addin1, kat213_nor_retbytes
-};
-static const struct drbg_kat kat213_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat213_nor_t
-};
-
-static const unsigned char kat214_nor_entropyin[] = {
-    0xbf, 0x95, 0x08, 0x82, 0x8a, 0x6d, 0xf3, 0x9c, 0xe1, 0x95, 0x7a, 0xc5,
-    0x3a, 0x21, 0x6a, 0xe8,
-};
-static const unsigned char kat214_nor_nonce[] = {
-    0x6c, 0xf3, 0x0f, 0x32, 0x88, 0x51, 0x2f, 0x8c,
-};
-static const unsigned char kat214_nor_persstr[] = {
-    0x13, 0x3f, 0x95, 0x81, 0x6e, 0x48, 0xf9, 0xc5, 0x7b, 0x5e, 0xdb, 0xb2,
-    0x2c, 0x6f, 0xf9, 0x7e,
-};
-static const unsigned char kat214_nor_addin0[] = {0};
-static const unsigned char kat214_nor_addin1[] = {0};
-static const unsigned char kat214_nor_retbytes[] = {
-    0x47, 0x83, 0x99, 0xdb, 0xad, 0x14, 0xa5, 0x99, 0x02, 0x7c, 0x8d, 0xc6,
-    0xbf, 0xd7, 0x9d, 0x26, 0xed, 0x36, 0x99, 0x7d, 0xe4, 0x88, 0xde, 0x51,
-    0xb5, 0x66, 0x71, 0xd1, 0xc1, 0xa3, 0xfe, 0xd8, 0x30, 0x75, 0xfe, 0x3b,
-    0x5c, 0x93, 0x0c, 0x5a, 0x0f, 0xeb, 0x42, 0x57, 0x53, 0x17, 0xe8, 0xc6,
-    0x49, 0x56, 0x20, 0x7b, 0x62, 0x41, 0x48, 0x96, 0xf5, 0x99, 0x16, 0x4e,
-    0x5d, 0xa7, 0xaf, 0xa6, 0x9d, 0x07, 0x87, 0x4b, 0xf1, 0x68, 0x99, 0x2b,
-    0xba, 0x0a, 0x9f, 0x98, 0x42, 0xfd, 0x1d, 0x21,
-};
-static const struct drbg_kat_no_reseed kat214_nor_t = {
-    3, kat214_nor_entropyin, kat214_nor_nonce, kat214_nor_persstr,
-    kat214_nor_addin0, kat214_nor_addin1, kat214_nor_retbytes
-};
-static const struct drbg_kat kat214_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat214_nor_t
-};
-
-static const unsigned char kat215_nor_entropyin[] = {
-    0x15, 0xff, 0x59, 0xf0, 0x7c, 0x18, 0xab, 0x87, 0x83, 0x36, 0xde, 0xe5,
-    0x4d, 0xcb, 0x47, 0xa4,
-};
-static const unsigned char kat215_nor_nonce[] = {
-    0x39, 0x63, 0x76, 0xc4, 0x8a, 0x1c, 0xe3, 0x43,
-};
-static const unsigned char kat215_nor_persstr[] = {
-    0x92, 0x4d, 0xda, 0xc1, 0x4f, 0x96, 0x11, 0xca, 0x3f, 0x81, 0x71, 0x20,
-    0x21, 0xc7, 0xf7, 0xda,
-};
-static const unsigned char kat215_nor_addin0[] = {0};
-static const unsigned char kat215_nor_addin1[] = {0};
-static const unsigned char kat215_nor_retbytes[] = {
-    0x76, 0xbe, 0x3c, 0x7f, 0x88, 0x6a, 0xb3, 0x8c, 0x1f, 0x98, 0x2c, 0xd6,
-    0x8e, 0x0a, 0x2c, 0x44, 0x85, 0xcf, 0x69, 0x62, 0x7d, 0x67, 0x01, 0x59,
-    0x67, 0x3b, 0x9f, 0x31, 0x85, 0xde, 0x19, 0x0f, 0xb8, 0xdf, 0x92, 0xe5,
-    0x16, 0x43, 0xc6, 0x61, 0xee, 0x84, 0xfa, 0xf9, 0x1e, 0x4a, 0xe7, 0xec,
-    0x26, 0x78, 0x8d, 0xf4, 0x76, 0x72, 0xa1, 0xe3, 0xc4, 0x83, 0xdd, 0x28,
-    0xdc, 0xf4, 0x88, 0x41, 0xc9, 0xf9, 0x10, 0xfb, 0x0d, 0x46, 0xdd, 0xda,
-    0x6f, 0x16, 0x79, 0x1a, 0xfb, 0xa7, 0x3a, 0x83,
-};
-static const struct drbg_kat_no_reseed kat215_nor_t = {
-    4, kat215_nor_entropyin, kat215_nor_nonce, kat215_nor_persstr,
-    kat215_nor_addin0, kat215_nor_addin1, kat215_nor_retbytes
-};
-static const struct drbg_kat kat215_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat215_nor_t
-};
-
-static const unsigned char kat216_nor_entropyin[] = {
-    0xdc, 0x5f, 0xd0, 0xfc, 0xab, 0x49, 0x0b, 0x8a, 0xec, 0x8d, 0xb1, 0x21,
-    0x54, 0x3e, 0x75, 0x0c,
-};
-static const unsigned char kat216_nor_nonce[] = {
-    0xb0, 0xae, 0x04, 0xcc, 0xe1, 0x4b, 0x1d, 0x5d,
-};
-static const unsigned char kat216_nor_persstr[] = {
-    0x15, 0x9d, 0x87, 0x27, 0x5d, 0xde, 0x2e, 0x35, 0x6f, 0xa8, 0x1d, 0x69,
-    0x3c, 0x51, 0x71, 0xd7,
-};
-static const unsigned char kat216_nor_addin0[] = {0};
-static const unsigned char kat216_nor_addin1[] = {0};
-static const unsigned char kat216_nor_retbytes[] = {
-    0xba, 0xc7, 0xc6, 0xc0, 0xfc, 0xde, 0x77, 0x84, 0xf5, 0x61, 0xf6, 0x6b,
-    0x07, 0xa1, 0x24, 0x22, 0xa3, 0xc7, 0x45, 0xd0, 0xef, 0x4d, 0x17, 0x43,
-    0x3a, 0xe0, 0xe1, 0x6a, 0x02, 0xe0, 0x8d, 0x8c, 0xdb, 0xe0, 0xed, 0x5a,
-    0x96, 0x89, 0x64, 0xff, 0x0a, 0xa9, 0xdd, 0xdd, 0x9a, 0xbd, 0x5c, 0x55,
-    0x90, 0x4a, 0xd7, 0xda, 0x95, 0xf9, 0xca, 0x6f, 0x74, 0x5f, 0x0f, 0xfe,
-    0x4b, 0xe0, 0xa0, 0xa8, 0x80, 0xdc, 0xee, 0x0a, 0x63, 0x1d, 0x34, 0x92,
-    0xc9, 0x9f, 0x6c, 0xc5, 0xe0, 0x54, 0x57, 0xc9,
-};
-static const struct drbg_kat_no_reseed kat216_nor_t = {
-    5, kat216_nor_entropyin, kat216_nor_nonce, kat216_nor_persstr,
-    kat216_nor_addin0, kat216_nor_addin1, kat216_nor_retbytes
-};
-static const struct drbg_kat kat216_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat216_nor_t
-};
-
-static const unsigned char kat217_nor_entropyin[] = {
-    0xec, 0xa5, 0x9e, 0xe3, 0x14, 0xb9, 0x59, 0x8f, 0x2b, 0x9a, 0x79, 0xb2,
-    0x2b, 0xb7, 0x91, 0xd4,
-};
-static const unsigned char kat217_nor_nonce[] = {
-    0x83, 0x82, 0xba, 0x70, 0xec, 0xce, 0x35, 0x9f,
-};
-static const unsigned char kat217_nor_persstr[] = {
-    0x82, 0x1d, 0xe6, 0x3a, 0xbd, 0x7c, 0xcf, 0x3f, 0x74, 0xdc, 0x9e, 0x99,
-    0xa5, 0xf6, 0xe3, 0x98,
-};
-static const unsigned char kat217_nor_addin0[] = {0};
-static const unsigned char kat217_nor_addin1[] = {0};
-static const unsigned char kat217_nor_retbytes[] = {
-    0x1f, 0x35, 0x09, 0x7f, 0x7c, 0x08, 0x06, 0xa6, 0xfa, 0x93, 0x99, 0xda,
-    0x1c, 0x45, 0xe8, 0xea, 0xa0, 0x7c, 0x6b, 0x1c, 0x8f, 0xc3, 0xda, 0xd9,
-    0x66, 0x67, 0xde, 0x01, 0xa3, 0x13, 0x93, 0x8e, 0x37, 0x64, 0x90, 0xe2,
-    0x14, 0x20, 0x7f, 0x79, 0xe1, 0x0c, 0x24, 0x34, 0x38, 0x02, 0x87, 0xb5,
-    0xf7, 0x2c, 0x67, 0xb9, 0x14, 0x7a, 0x8f, 0x56, 0x82, 0xcd, 0xaa, 0x04,
-    0x1a, 0xbb, 0x7b, 0xf3, 0x24, 0x46, 0x4f, 0x58, 0x9c, 0x06, 0xaf, 0xe1,
-    0xaa, 0xdb, 0xd4, 0x74, 0xaa, 0x51, 0x49, 0x7d,
-};
-static const struct drbg_kat_no_reseed kat217_nor_t = {
-    6, kat217_nor_entropyin, kat217_nor_nonce, kat217_nor_persstr,
-    kat217_nor_addin0, kat217_nor_addin1, kat217_nor_retbytes
-};
-static const struct drbg_kat kat217_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat217_nor_t
-};
-
-static const unsigned char kat218_nor_entropyin[] = {
-    0x24, 0x3d, 0xec, 0x1c, 0x74, 0xb6, 0xda, 0xf7, 0x5c, 0x94, 0x81, 0xde,
-    0x3a, 0xcc, 0xb3, 0x94,
-};
-static const unsigned char kat218_nor_nonce[] = {
-    0x63, 0xa8, 0x36, 0x1f, 0x5b, 0x8c, 0x9c, 0x0e,
-};
-static const unsigned char kat218_nor_persstr[] = {
-    0x79, 0xc6, 0x0f, 0x83, 0xc9, 0x26, 0x6b, 0x48, 0xe3, 0x51, 0x64, 0x8c,
-    0x99, 0x1c, 0xf4, 0xd5,
-};
-static const unsigned char kat218_nor_addin0[] = {0};
-static const unsigned char kat218_nor_addin1[] = {0};
-static const unsigned char kat218_nor_retbytes[] = {
-    0xa8, 0x5f, 0x1e, 0x42, 0xf6, 0xb7, 0x3b, 0x34, 0xfb, 0x63, 0xe5, 0x62,
-    0x30, 0x47, 0xd2, 0xa1, 0x6e, 0x9e, 0x03, 0xb9, 0xab, 0x8b, 0x2b, 0xd0,
-    0x35, 0x66, 0x9b, 0x7e, 0xdf, 0x18, 0xa7, 0x1f, 0x7e, 0xe9, 0x6d, 0xe8,
-    0x5f, 0x8b, 0x2c, 0xea, 0xfb, 0xe1, 0x34, 0x7e, 0x91, 0x94, 0xb3, 0xa6,
-    0x2d, 0xf8, 0xee, 0x5e, 0x06, 0x9b, 0x8d, 0x1f, 0x61, 0x9c, 0x20, 0x50,
-    0xfc, 0xf9, 0xd2, 0xdb, 0x10, 0x10, 0xa4, 0x93, 0xe9, 0xc0, 0xd3, 0x6f,
-    0x46, 0xfb, 0x98, 0x40, 0x60, 0x83, 0xf3, 0x35,
-};
-static const struct drbg_kat_no_reseed kat218_nor_t = {
-    7, kat218_nor_entropyin, kat218_nor_nonce, kat218_nor_persstr,
-    kat218_nor_addin0, kat218_nor_addin1, kat218_nor_retbytes
-};
-static const struct drbg_kat kat218_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat218_nor_t
-};
-
-static const unsigned char kat219_nor_entropyin[] = {
-    0x7f, 0xb9, 0x05, 0xa5, 0x59, 0x8e, 0x31, 0x33, 0xd3, 0xc4, 0x74, 0x89,
-    0xb1, 0x1e, 0xaa, 0x17,
-};
-static const unsigned char kat219_nor_nonce[] = {
-    0x91, 0x8c, 0xf0, 0xf9, 0x15, 0x2b, 0x62, 0x94,
-};
-static const unsigned char kat219_nor_persstr[] = {
-    0x28, 0x15, 0x18, 0x77, 0x28, 0x79, 0x0a, 0x95, 0xbb, 0x6d, 0x22, 0xd7,
-    0xb0, 0x92, 0xd2, 0xc4,
-};
-static const unsigned char kat219_nor_addin0[] = {0};
-static const unsigned char kat219_nor_addin1[] = {0};
-static const unsigned char kat219_nor_retbytes[] = {
-    0x15, 0x56, 0xa1, 0x82, 0x04, 0x57, 0x06, 0xd3, 0xc8, 0x60, 0xf2, 0x43,
-    0x2e, 0xc0, 0xbb, 0xe9, 0x68, 0x95, 0x5e, 0xbd, 0x52, 0x8c, 0x2e, 0x8f,
-    0xbc, 0xc5, 0xc1, 0x04, 0xbe, 0x88, 0x9c, 0x7b, 0x76, 0xff, 0x91, 0x35,
-    0x0e, 0xe5, 0xba, 0x69, 0x08, 0xc7, 0xfc, 0x18, 0xf8, 0xb1, 0x1a, 0xfd,
-    0x9b, 0xb9, 0x05, 0x72, 0x81, 0xe4, 0x62, 0xf5, 0x35, 0x0f, 0xd6, 0x78,
-    0xe5, 0xd8, 0x72, 0xdf, 0x19, 0x91, 0x01, 0x77, 0x17, 0x19, 0x7c, 0x21,
-    0xb1, 0x37, 0x4b, 0x79, 0xf6, 0xf7, 0xfe, 0xbb,
-};
-static const struct drbg_kat_no_reseed kat219_nor_t = {
-    8, kat219_nor_entropyin, kat219_nor_nonce, kat219_nor_persstr,
-    kat219_nor_addin0, kat219_nor_addin1, kat219_nor_retbytes
-};
-static const struct drbg_kat kat219_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat219_nor_t
-};
-
-static const unsigned char kat220_nor_entropyin[] = {
-    0x01, 0xfb, 0x28, 0xbf, 0xa4, 0x03, 0xa7, 0x19, 0xe1, 0xae, 0x11, 0xf6,
-    0x1a, 0xae, 0x03, 0x5e,
-};
-static const unsigned char kat220_nor_nonce[] = {
-    0x27, 0x03, 0x6c, 0xd4, 0x15, 0x8f, 0x1b, 0x7b,
-};
-static const unsigned char kat220_nor_persstr[] = {
-    0x6e, 0x18, 0x17, 0x55, 0x16, 0x81, 0x69, 0xba, 0x43, 0xc2, 0x69, 0xaf,
-    0x58, 0xec, 0x40, 0xfe,
-};
-static const unsigned char kat220_nor_addin0[] = {0};
-static const unsigned char kat220_nor_addin1[] = {0};
-static const unsigned char kat220_nor_retbytes[] = {
-    0x1d, 0xe8, 0x3d, 0x60, 0xa0, 0xe3, 0x6f, 0x7f, 0x4f, 0x7e, 0xdc, 0xe0,
-    0x30, 0x77, 0xbc, 0x92, 0x68, 0xda, 0x4d, 0x64, 0xed, 0xd2, 0x48, 0x59,
-    0xd2, 0x1a, 0x19, 0x0c, 0x06, 0xa0, 0x9a, 0xa3, 0xa5, 0xc7, 0x91, 0x11,
-    0x6b, 0xa1, 0x2e, 0x2a, 0x13, 0xff, 0xa5, 0xe1, 0x90, 0xd1, 0x33, 0x8b,
-    0x8f, 0x65, 0x5a, 0x8d, 0x98, 0x22, 0xb8, 0x4d, 0x86, 0x50, 0x95, 0x8b,
-    0xba, 0x81, 0x9b, 0xf9, 0xb4, 0x12, 0x92, 0xbf, 0x5d, 0x66, 0xb4, 0x9a,
-    0xc6, 0xcc, 0xc0, 0x2b, 0x9d, 0xfd, 0x39, 0xa8,
-};
-static const struct drbg_kat_no_reseed kat220_nor_t = {
-    9, kat220_nor_entropyin, kat220_nor_nonce, kat220_nor_persstr,
-    kat220_nor_addin0, kat220_nor_addin1, kat220_nor_retbytes
-};
-static const struct drbg_kat kat220_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat220_nor_t
-};
-
-static const unsigned char kat221_nor_entropyin[] = {
-    0x96, 0x49, 0x46, 0x5c, 0x60, 0x87, 0x9b, 0x37, 0x25, 0xb9, 0x2a, 0xad,
-    0x1f, 0xa4, 0x10, 0x77,
-};
-static const unsigned char kat221_nor_nonce[] = {
-    0x8e, 0x35, 0xb2, 0x87, 0xbc, 0x32, 0xc2, 0x73,
-};
-static const unsigned char kat221_nor_persstr[] = {
-    0x36, 0x1f, 0xf9, 0x96, 0x34, 0xed, 0x95, 0x41, 0xe7, 0x10, 0xb9, 0x51,
-    0xb0, 0x10, 0x5c, 0xd3,
-};
-static const unsigned char kat221_nor_addin0[] = {0};
-static const unsigned char kat221_nor_addin1[] = {0};
-static const unsigned char kat221_nor_retbytes[] = {
-    0x02, 0x11, 0xe8, 0x08, 0x3c, 0x45, 0x76, 0xa8, 0x15, 0xab, 0x2d, 0x68,
-    0xf1, 0xc4, 0xae, 0x89, 0x79, 0x19, 0x8d, 0x8e, 0x44, 0xa5, 0xd1, 0x4f,
-    0x80, 0x98, 0x76, 0x95, 0xa3, 0x97, 0xcf, 0x71, 0xd2, 0x57, 0xed, 0xec,
-    0x3a, 0x32, 0xbc, 0xcb, 0x2e, 0x29, 0x3c, 0x59, 0x17, 0x3f, 0xce, 0x4a,
-    0x1f, 0x97, 0x5e, 0x4e, 0x91, 0x11, 0xca, 0xdf, 0xab, 0x18, 0xcf, 0xa0,
-    0xbf, 0x5f, 0x39, 0x2e, 0x4e, 0x14, 0x4c, 0x48, 0x27, 0x9d, 0xa5, 0x63,
-    0xba, 0xc9, 0xd0, 0x3d, 0xdf, 0x0c, 0x73, 0x57,
-};
-static const struct drbg_kat_no_reseed kat221_nor_t = {
-    10, kat221_nor_entropyin, kat221_nor_nonce, kat221_nor_persstr,
-    kat221_nor_addin0, kat221_nor_addin1, kat221_nor_retbytes
-};
-static const struct drbg_kat kat221_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat221_nor_t
-};
-
-static const unsigned char kat222_nor_entropyin[] = {
-    0xb3, 0x3d, 0xca, 0x3f, 0xc1, 0x04, 0xae, 0x07, 0x2a, 0x78, 0x1e, 0xcc,
-    0x2d, 0xc4, 0xaa, 0x35,
-};
-static const unsigned char kat222_nor_nonce[] = {
-    0x92, 0xd9, 0x74, 0xf0, 0x27, 0x81, 0x11, 0xa6,
-};
-static const unsigned char kat222_nor_persstr[] = {
-    0xf2, 0x71, 0x50, 0x0a, 0x57, 0xf6, 0xd0, 0xfa, 0x65, 0x3e, 0x2a, 0x97,
-    0x61, 0xa5, 0x11, 0x8e,
-};
-static const unsigned char kat222_nor_addin0[] = {0};
-static const unsigned char kat222_nor_addin1[] = {0};
-static const unsigned char kat222_nor_retbytes[] = {
-    0xc4, 0x71, 0x04, 0x46, 0x78, 0xd3, 0xbf, 0xca, 0x70, 0xb7, 0xc0, 0x97,
-    0x9d, 0x82, 0xd0, 0xd3, 0xd7, 0xc7, 0xef, 0xac, 0xf8, 0x78, 0xff, 0x6e,
-    0x1d, 0x30, 0xf0, 0xf8, 0xff, 0x48, 0xaf, 0xf4, 0xd6, 0x39, 0xfb, 0x18,
-    0x9a, 0xcd, 0xab, 0x5b, 0x3c, 0x31, 0x82, 0x6c, 0x96, 0x0f, 0x44, 0x40,
-    0x73, 0x14, 0x7d, 0x8a, 0x6c, 0x8e, 0xd5, 0x08, 0x18, 0x8f, 0x48, 0xc9,
-    0x5f, 0x40, 0x1d, 0x00, 0x2e, 0xe5, 0xdd, 0x86, 0x6f, 0x0c, 0x4b, 0x05,
-    0xd0, 0xac, 0xc4, 0x84, 0x0c, 0x6b, 0xec, 0xf2,
-};
-static const struct drbg_kat_no_reseed kat222_nor_t = {
-    11, kat222_nor_entropyin, kat222_nor_nonce, kat222_nor_persstr,
-    kat222_nor_addin0, kat222_nor_addin1, kat222_nor_retbytes
-};
-static const struct drbg_kat kat222_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat222_nor_t
-};
-
-static const unsigned char kat223_nor_entropyin[] = {
-    0xbf, 0x2d, 0x50, 0xd2, 0x9b, 0x73, 0x37, 0xe7, 0x1c, 0xe1, 0x29, 0xae,
-    0x8f, 0x86, 0x11, 0xf1,
-};
-static const unsigned char kat223_nor_nonce[] = {
-    0x3c, 0xff, 0xbf, 0x94, 0xc8, 0x46, 0x2d, 0xf7,
-};
-static const unsigned char kat223_nor_persstr[] = {
-    0x52, 0x63, 0xf5, 0xb6, 0xea, 0xf9, 0x12, 0x2c, 0x2b, 0x57, 0xc5, 0x63,
-    0xaa, 0xc6, 0x58, 0x3c,
-};
-static const unsigned char kat223_nor_addin0[] = {0};
-static const unsigned char kat223_nor_addin1[] = {0};
-static const unsigned char kat223_nor_retbytes[] = {
-    0x1a, 0xce, 0x79, 0xcb, 0x19, 0x71, 0x9f, 0x58, 0xf3, 0x20, 0xbb, 0x68,
-    0xe5, 0xaa, 0x53, 0x1e, 0xbf, 0x59, 0x56, 0xbb, 0x23, 0x07, 0xdc, 0x09,
-    0xcf, 0x9a, 0xb5, 0x44, 0xbf, 0xae, 0x36, 0x30, 0x1a, 0x90, 0x84, 0x45,
-    0xe4, 0x19, 0x5f, 0x33, 0x4e, 0x62, 0x87, 0xc9, 0x0f, 0xf8, 0xa8, 0xc5,
-    0x79, 0xf4, 0x33, 0x7f, 0x88, 0xcc, 0xf9, 0x09, 0x5c, 0xe2, 0x31, 0x68,
-    0x70, 0x29, 0x59, 0xa8, 0x21, 0xca, 0x7a, 0x92, 0xef, 0xb0, 0xaa, 0x74,
-    0x8c, 0xd2, 0x52, 0x29, 0x8a, 0x59, 0xee, 0x96,
-};
-static const struct drbg_kat_no_reseed kat223_nor_t = {
-    12, kat223_nor_entropyin, kat223_nor_nonce, kat223_nor_persstr,
-    kat223_nor_addin0, kat223_nor_addin1, kat223_nor_retbytes
-};
-static const struct drbg_kat kat223_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat223_nor_t
-};
-
-static const unsigned char kat224_nor_entropyin[] = {
-    0xa2, 0xc7, 0x60, 0x04, 0xf5, 0x22, 0x92, 0xae, 0x30, 0x74, 0x4b, 0x3b,
-    0xb7, 0xb9, 0x74, 0x6a,
-};
-static const unsigned char kat224_nor_nonce[] = {
-    0xa2, 0x6e, 0x98, 0x09, 0x0c, 0x9c, 0x4e, 0x16,
-};
-static const unsigned char kat224_nor_persstr[] = {
-    0xdf, 0xff, 0xad, 0xa1, 0x52, 0xeb, 0xc2, 0xc6, 0xe2, 0xdd, 0x71, 0x21,
-    0xd5, 0x84, 0x4e, 0xa0,
-};
-static const unsigned char kat224_nor_addin0[] = {0};
-static const unsigned char kat224_nor_addin1[] = {0};
-static const unsigned char kat224_nor_retbytes[] = {
-    0x67, 0x5e, 0xd1, 0xb8, 0xa2, 0x8f, 0x8f, 0x00, 0xc3, 0xb6, 0xef, 0xd9,
-    0x27, 0x6d, 0xaf, 0x5c, 0xfb, 0xff, 0x95, 0xfd, 0x59, 0x2c, 0xe8, 0xc9,
-    0x4c, 0x4b, 0x5d, 0xc9, 0x79, 0x3b, 0x67, 0xeb, 0x2d, 0x9c, 0xa3, 0x7a,
-    0xa9, 0xc0, 0xb6, 0x0e, 0xc5, 0xc9, 0xa2, 0xa5, 0x68, 0x39, 0x70, 0x88,
-    0x09, 0x59, 0x48, 0x94, 0xcb, 0x7a, 0xdc, 0xf6, 0xc9, 0xce, 0xe7, 0x94,
-    0x47, 0x1d, 0xba, 0x01, 0xd6, 0xeb, 0xa2, 0xd1, 0xa6, 0x31, 0x62, 0x4b,
-    0x6d, 0x0c, 0x36, 0x80, 0x4f, 0xaf, 0x6a, 0x60,
-};
-static const struct drbg_kat_no_reseed kat224_nor_t = {
-    13, kat224_nor_entropyin, kat224_nor_nonce, kat224_nor_persstr,
-    kat224_nor_addin0, kat224_nor_addin1, kat224_nor_retbytes
-};
-static const struct drbg_kat kat224_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat224_nor_t
-};
-
-static const unsigned char kat225_nor_entropyin[] = {
-    0x4a, 0x1b, 0x6e, 0x50, 0xd2, 0x85, 0x48, 0x66, 0xe1, 0xc1, 0xdd, 0xb6,
-    0x53, 0x77, 0xba, 0xca,
-};
-static const unsigned char kat225_nor_nonce[] = {
-    0x72, 0x39, 0xf9, 0x2b, 0x63, 0xfb, 0x3d, 0xbe,
-};
-static const unsigned char kat225_nor_persstr[] = {
-    0x8d, 0x2e, 0x2c, 0xa3, 0x98, 0x5b, 0xd2, 0x53, 0x8a, 0x71, 0xf0, 0x2c,
-    0xc3, 0xeb, 0x55, 0x68,
-};
-static const unsigned char kat225_nor_addin0[] = {0};
-static const unsigned char kat225_nor_addin1[] = {0};
-static const unsigned char kat225_nor_retbytes[] = {
-    0x0e, 0x4c, 0xb3, 0x28, 0xc0, 0x3f, 0xaa, 0xed, 0xbe, 0xc7, 0x21, 0x57,
-    0x25, 0x85, 0x10, 0x69, 0xbc, 0xea, 0xe4, 0x33, 0x2d, 0xe6, 0xa7, 0x0e,
-    0x35, 0x21, 0xdd, 0x06, 0x5f, 0x2f, 0x79, 0x23, 0x48, 0x59, 0x69, 0x57,
-    0x1e, 0xbd, 0x7f, 0x24, 0xbe, 0x46, 0x0f, 0xd9, 0x01, 0xc6, 0xb3, 0xe3,
-    0x56, 0xda, 0x6e, 0xe5, 0x26, 0x2e, 0xf2, 0xd7, 0x6a, 0xd1, 0x4e, 0xb0,
-    0xf6, 0x97, 0xf8, 0xfb, 0x92, 0xaf, 0x2f, 0x46, 0x63, 0x01, 0x98, 0xc5,
-    0xf7, 0x01, 0x88, 0x60, 0x88, 0x61, 0x47, 0xb3,
-};
-static const struct drbg_kat_no_reseed kat225_nor_t = {
-    14, kat225_nor_entropyin, kat225_nor_nonce, kat225_nor_persstr,
-    kat225_nor_addin0, kat225_nor_addin1, kat225_nor_retbytes
-};
-static const struct drbg_kat kat225_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 0, 80, &kat225_nor_t
-};
-
-static const unsigned char kat226_nor_entropyin[] = {
-    0x1b, 0x28, 0x27, 0xae, 0x51, 0x82, 0x4e, 0x1f, 0x68, 0xa4, 0x81, 0x16,
-    0xdf, 0xb2, 0xe3, 0x43,
-};
-static const unsigned char kat226_nor_nonce[] = {
-    0xb9, 0xea, 0xc1, 0xb9, 0x47, 0xad, 0x0f, 0x4c,
-};
-static const unsigned char kat226_nor_persstr[] = {
-    0x51, 0xfc, 0x5e, 0x48, 0x5d, 0x8c, 0xd0, 0x82, 0x09, 0xc9, 0x89, 0x48,
-    0x21, 0xa2, 0xa6, 0xb6,
-};
-static const unsigned char kat226_nor_addin0[] = {
-    0x39, 0xa5, 0x27, 0x48, 0xbd, 0xbc, 0x7f, 0xe0, 0xff, 0x45, 0x45, 0xf0,
-    0x17, 0x99, 0x49, 0xe6,
-};
-static const unsigned char kat226_nor_addin1[] = {
-    0x4d, 0x1a, 0x77, 0x4a, 0x70, 0x74, 0x38, 0xbf, 0x46, 0xe6, 0x90, 0x9a,
-    0xff, 0x87, 0x41, 0x89,
-};
-static const unsigned char kat226_nor_retbytes[] = {
-    0x90, 0x0d, 0x58, 0x58, 0x48, 0x38, 0x8e, 0x45, 0x2f, 0xde, 0x77, 0x71,
-    0x40, 0x8c, 0x52, 0x92, 0x64, 0x5d, 0xf4, 0x62, 0x38, 0x9b, 0xbd, 0xbb,
-    0x29, 0xcd, 0x1e, 0x2a, 0xb4, 0xf2, 0x28, 0x74, 0x68, 0xee, 0xfa, 0x08,
-    0xb7, 0xb3, 0xbb, 0x69, 0xc2, 0x64, 0x53, 0xbd, 0x47, 0xab, 0xdb, 0x91,
-    0xba, 0x58, 0x2a, 0xe2, 0x7b, 0xb9, 0xd5, 0x24, 0x3f, 0x98, 0x3f, 0xef,
-    0xc6, 0x2b, 0xc1, 0x86, 0x58, 0x47, 0x99, 0x96, 0x33, 0x14, 0xd0, 0xf5,
-    0x64, 0xef, 0x36, 0xbe, 0x63, 0x8b, 0x1a, 0x64,
-};
-static const struct drbg_kat_no_reseed kat226_nor_t = {
-    0, kat226_nor_entropyin, kat226_nor_nonce, kat226_nor_persstr,
-    kat226_nor_addin0, kat226_nor_addin1, kat226_nor_retbytes
-};
-static const struct drbg_kat kat226_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat226_nor_t
-};
-
-static const unsigned char kat227_nor_entropyin[] = {
-    0x0f, 0x3b, 0x65, 0xbb, 0x13, 0xf1, 0xac, 0xb3, 0x17, 0x2b, 0xe7, 0x2e,
-    0xde, 0xa5, 0x24, 0x7c,
-};
-static const unsigned char kat227_nor_nonce[] = {
-    0x35, 0x22, 0xf2, 0xcb, 0xac, 0x34, 0x23, 0x8b,
-};
-static const unsigned char kat227_nor_persstr[] = {
-    0xd8, 0x92, 0xf6, 0x5f, 0x19, 0x49, 0xd2, 0x80, 0xee, 0xcb, 0x29, 0x52,
-    0x76, 0xb9, 0xc6, 0x9f,
-};
-static const unsigned char kat227_nor_addin0[] = {
-    0x37, 0x2c, 0x1f, 0x00, 0xa4, 0x62, 0xa5, 0x35, 0xc4, 0x7a, 0x77, 0x1b,
-    0x8e, 0x26, 0x53, 0x58,
-};
-static const unsigned char kat227_nor_addin1[] = {
-    0x30, 0x62, 0x26, 0x8c, 0x61, 0x09, 0xe9, 0x2e, 0x96, 0x4a, 0x65, 0x5b,
-    0xbe, 0x3f, 0x93, 0x80,
-};
-static const unsigned char kat227_nor_retbytes[] = {
-    0xb7, 0xbb, 0x52, 0x38, 0x4c, 0xa0, 0xe6, 0x07, 0xa9, 0x86, 0xab, 0xac,
-    0x17, 0x5e, 0xc2, 0x72, 0xdd, 0xaf, 0x05, 0x30, 0xf2, 0x41, 0xbd, 0xa6,
-    0xea, 0x7b, 0x54, 0xb4, 0x24, 0x56, 0x56, 0x9e, 0xcc, 0xc0, 0x25, 0xca,
-    0x66, 0x93, 0x6f, 0x2b, 0xac, 0xae, 0xe6, 0xdf, 0x8c, 0x93, 0xf7, 0xc1,
-    0x3a, 0x89, 0xbf, 0x30, 0x32, 0xb8, 0x17, 0x46, 0x44, 0x25, 0xf3, 0x24,
-    0xba, 0x17, 0x63, 0xad, 0xa7, 0x1d, 0x2d, 0x83, 0x46, 0x6c, 0x4f, 0x69,
-    0x31, 0x62, 0x64, 0x82, 0x23, 0x8f, 0xf2, 0x1b,
-};
-static const struct drbg_kat_no_reseed kat227_nor_t = {
-    1, kat227_nor_entropyin, kat227_nor_nonce, kat227_nor_persstr,
-    kat227_nor_addin0, kat227_nor_addin1, kat227_nor_retbytes
-};
-static const struct drbg_kat kat227_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat227_nor_t
-};
-
-static const unsigned char kat228_nor_entropyin[] = {
-    0xd7, 0x9c, 0x74, 0xc2, 0x3e, 0x2e, 0x01, 0x6f, 0x64, 0xbf, 0xa3, 0xad,
-    0x5b, 0x35, 0x19, 0x72,
-};
-static const unsigned char kat228_nor_nonce[] = {
-    0x5e, 0xfc, 0x54, 0xf3, 0x23, 0xf2, 0x08, 0x3c,
-};
-static const unsigned char kat228_nor_persstr[] = {
-    0x08, 0xe3, 0x1c, 0x36, 0xe9, 0x29, 0x6c, 0x6c, 0xc2, 0xa9, 0x6f, 0x2f,
-    0xd5, 0x39, 0xae, 0x5f,
-};
-static const unsigned char kat228_nor_addin0[] = {
-    0x80, 0x54, 0x04, 0x91, 0xeb, 0x6a, 0x5b, 0x39, 0xb0, 0x79, 0x72, 0x6a,
-    0x2d, 0x2e, 0x6e, 0xd7,
-};
-static const unsigned char kat228_nor_addin1[] = {
-    0x57, 0xd4, 0x92, 0xf0, 0xb0, 0x98, 0xcc, 0xd5, 0x81, 0x0f, 0x9a, 0x6b,
-    0xc9, 0xf7, 0x92, 0x13,
-};
-static const unsigned char kat228_nor_retbytes[] = {
-    0x40, 0xa1, 0xa6, 0xf1, 0x3f, 0x9e, 0x2c, 0x2b, 0x20, 0xe4, 0xbe, 0x32,
-    0xe5, 0x16, 0x21, 0x55, 0x16, 0x54, 0x03, 0xe9, 0x2a, 0xb8, 0xe4, 0xd5,
-    0x51, 0x7b, 0x44, 0xad, 0x6d, 0x24, 0xe0, 0xf7, 0xe5, 0x1a, 0x97, 0x0b,
-    0x46, 0x9a, 0xdb, 0x6d, 0xdb, 0x98, 0x70, 0xc1, 0x19, 0x55, 0x74, 0x6e,
-    0x28, 0x06, 0x67, 0x18, 0x5c, 0x5a, 0x5e, 0xb1, 0xc7, 0x21, 0x86, 0x3c,
-    0x22, 0xb2, 0x60, 0xc2, 0xc0, 0x07, 0x80, 0x02, 0x0e, 0x6a, 0x66, 0xe6,
-    0x53, 0x1d, 0xc7, 0x14, 0xe8, 0x83, 0xbc, 0x01,
-};
-static const struct drbg_kat_no_reseed kat228_nor_t = {
-    2, kat228_nor_entropyin, kat228_nor_nonce, kat228_nor_persstr,
-    kat228_nor_addin0, kat228_nor_addin1, kat228_nor_retbytes
-};
-static const struct drbg_kat kat228_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat228_nor_t
-};
-
-static const unsigned char kat229_nor_entropyin[] = {
-    0xda, 0x8b, 0x8c, 0x8a, 0x28, 0x5d, 0xed, 0xce, 0x25, 0x2e, 0x10, 0xeb,
-    0x80, 0x3e, 0x9b, 0x90,
-};
-static const unsigned char kat229_nor_nonce[] = {
-    0x47, 0x7b, 0x9d, 0x7b, 0xb8, 0xf0, 0x76, 0xaf,
-};
-static const unsigned char kat229_nor_persstr[] = {
-    0xb7, 0xa6, 0xed, 0xb7, 0xad, 0x25, 0x10, 0x07, 0xc2, 0x8b, 0x2d, 0x33,
-    0x30, 0xe7, 0xc6, 0x6b,
-};
-static const unsigned char kat229_nor_addin0[] = {
-    0x26, 0x71, 0x08, 0x1c, 0x7c, 0xf3, 0xb2, 0x0a, 0x65, 0x44, 0x4c, 0x3e,
-    0xd4, 0x95, 0xa8, 0xd4,
-};
-static const unsigned char kat229_nor_addin1[] = {
-    0xe3, 0x1b, 0x86, 0x8c, 0xfe, 0x28, 0x24, 0x13, 0x5d, 0x15, 0x32, 0xf8,
-    0x82, 0x31, 0x22, 0xe4,
-};
-static const unsigned char kat229_nor_retbytes[] = {
-    0x60, 0x25, 0x99, 0xed, 0xee, 0xb4, 0xc8, 0x6b, 0xaf, 0x94, 0x79, 0xd4,
-    0xb7, 0x45, 0xbd, 0x0f, 0x39, 0x29, 0x9d, 0x2b, 0x80, 0x84, 0xf1, 0xf6,
-    0xdf, 0x9f, 0x48, 0xee, 0xcd, 0x08, 0xde, 0xa9, 0x8a, 0x81, 0x37, 0x73,
-    0x2f, 0x08, 0xae, 0x83, 0xc6, 0x1b, 0x73, 0xae, 0x5a, 0xf0, 0x95, 0xed,
-    0xf7, 0xca, 0xf1, 0x12, 0xd9, 0x89, 0x01, 0x62, 0x24, 0x32, 0xb4, 0xf8,
-    0xd8, 0x8f, 0x2e, 0x65, 0x61, 0x24, 0x56, 0x52, 0xef, 0x94, 0xb3, 0x27,
-    0xfa, 0xf9, 0xce, 0x09, 0x0f, 0x79, 0x06, 0x8f,
-};
-static const struct drbg_kat_no_reseed kat229_nor_t = {
-    3, kat229_nor_entropyin, kat229_nor_nonce, kat229_nor_persstr,
-    kat229_nor_addin0, kat229_nor_addin1, kat229_nor_retbytes
-};
-static const struct drbg_kat kat229_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat229_nor_t
-};
-
-static const unsigned char kat230_nor_entropyin[] = {
-    0x4c, 0x49, 0xcf, 0xf5, 0x51, 0xdb, 0x41, 0xe6, 0x01, 0xbd, 0x14, 0x00,
-    0x5c, 0x90, 0x90, 0xa6,
-};
-static const unsigned char kat230_nor_nonce[] = {
-    0x7e, 0x9b, 0xf1, 0x33, 0x9d, 0x18, 0xcb, 0x6c,
-};
-static const unsigned char kat230_nor_persstr[] = {
-    0xb8, 0x34, 0xac, 0x33, 0xcd, 0x97, 0xa9, 0xb5, 0x06, 0x59, 0x3e, 0xd5,
-    0x97, 0x09, 0xe2, 0x13,
-};
-static const unsigned char kat230_nor_addin0[] = {
-    0x85, 0x64, 0x98, 0x37, 0xdb, 0x26, 0x91, 0x04, 0xef, 0x6a, 0x97, 0x67,
-    0x38, 0xa1, 0x71, 0xa8,
-};
-static const unsigned char kat230_nor_addin1[] = {
-    0x59, 0x82, 0x38, 0xe9, 0x01, 0x89, 0xd1, 0xe9, 0x23, 0xae, 0x39, 0xee,
-    0x5e, 0x7e, 0xc2, 0xd8,
-};
-static const unsigned char kat230_nor_retbytes[] = {
-    0x4c, 0x28, 0x99, 0x1d, 0x91, 0x98, 0x49, 0x41, 0xd1, 0x26, 0xad, 0xd7,
-    0x4b, 0x46, 0x3a, 0x8c, 0x31, 0xc8, 0xe0, 0xb6, 0x6d, 0x12, 0xe6, 0x64,
-    0x02, 0x16, 0x71, 0x23, 0x4d, 0x49, 0x46, 0xcd, 0x3e, 0x55, 0xf1, 0x4d,
-    0x22, 0x50, 0x66, 0x23, 0x16, 0x5b, 0xa9, 0xd2, 0x2c, 0x6a, 0x7f, 0x11,
-    0xff, 0x2a, 0x12, 0xc6, 0x26, 0x74, 0x6f, 0x73, 0x9d, 0x70, 0xc9, 0x71,
-    0xd4, 0xd4, 0x7f, 0x22, 0x97, 0x6a, 0x0e, 0x8d, 0x06, 0xb9, 0x36, 0x61,
-    0x35, 0x0b, 0x43, 0xc6, 0xb2, 0x75, 0x4a, 0x89,
-};
-static const struct drbg_kat_no_reseed kat230_nor_t = {
-    4, kat230_nor_entropyin, kat230_nor_nonce, kat230_nor_persstr,
-    kat230_nor_addin0, kat230_nor_addin1, kat230_nor_retbytes
-};
-static const struct drbg_kat kat230_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat230_nor_t
-};
-
-static const unsigned char kat231_nor_entropyin[] = {
-    0x65, 0xa0, 0x8a, 0x98, 0xf1, 0xb6, 0x32, 0xbe, 0xda, 0x76, 0x1c, 0x07,
-    0x8d, 0x4a, 0x19, 0x5b,
-};
-static const unsigned char kat231_nor_nonce[] = {
-    0xb9, 0x3a, 0x7d, 0x1a, 0x2f, 0x85, 0x9c, 0xc9,
-};
-static const unsigned char kat231_nor_persstr[] = {
-    0x38, 0xbf, 0x8e, 0x9d, 0xb8, 0x45, 0xfb, 0x9e, 0xe4, 0xa4, 0xa5, 0x0f,
-    0x6a, 0x14, 0xeb, 0x9e,
-};
-static const unsigned char kat231_nor_addin0[] = {
-    0x86, 0x5a, 0x17, 0xd8, 0xb9, 0xf7, 0xf9, 0x5a, 0x4b, 0x08, 0xbf, 0x94,
-    0xbd, 0xa2, 0x68, 0xa7,
-};
-static const unsigned char kat231_nor_addin1[] = {
-    0x7f, 0x18, 0x18, 0x2a, 0x36, 0xa6, 0xcf, 0x72, 0x40, 0x33, 0x7c, 0x4f,
-    0xbb, 0x5e, 0x4e, 0x72,
-};
-static const unsigned char kat231_nor_retbytes[] = {
-    0x30, 0xe2, 0x42, 0x71, 0xf4, 0x13, 0x59, 0x6f, 0x8c, 0xb0, 0xf3, 0xd3,
-    0x7c, 0xb5, 0xd3, 0x3f, 0xa5, 0xf1, 0xab, 0xeb, 0x08, 0xe5, 0x33, 0x1c,
-    0xe6, 0x90, 0x1b, 0xdb, 0xc1, 0xb8, 0xde, 0x42, 0xac, 0x12, 0xe4, 0x9b,
-    0xc0, 0x50, 0xeb, 0xcf, 0xf0, 0x0b, 0x42, 0xb3, 0x94, 0xcd, 0xe6, 0xbe,
-    0xf0, 0x99, 0x3f, 0x00, 0x2f, 0x18, 0xc0, 0xe6, 0x8a, 0xed, 0xff, 0x96,
-    0x96, 0x70, 0xf3, 0x12, 0xb9, 0xcd, 0xd8, 0x35, 0x9f, 0xaf, 0x3e, 0x0c,
-    0x4d, 0xe2, 0x4e, 0xf9, 0xdb, 0x61, 0x3c, 0x98,
-};
-static const struct drbg_kat_no_reseed kat231_nor_t = {
-    5, kat231_nor_entropyin, kat231_nor_nonce, kat231_nor_persstr,
-    kat231_nor_addin0, kat231_nor_addin1, kat231_nor_retbytes
-};
-static const struct drbg_kat kat231_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat231_nor_t
-};
-
-static const unsigned char kat232_nor_entropyin[] = {
-    0x70, 0x82, 0x70, 0x84, 0xcc, 0x1f, 0x48, 0x31, 0x7e, 0x1c, 0x95, 0xf2,
-    0x55, 0x83, 0x7a, 0x3c,
-};
-static const unsigned char kat232_nor_nonce[] = {
-    0x76, 0x5f, 0xba, 0xf6, 0xd0, 0x35, 0xab, 0xb7,
-};
-static const unsigned char kat232_nor_persstr[] = {
-    0xa5, 0xb8, 0x04, 0x29, 0x62, 0x06, 0xcf, 0x3a, 0x78, 0x93, 0x78, 0x08,
-    0x65, 0x64, 0x33, 0x30,
-};
-static const unsigned char kat232_nor_addin0[] = {
-    0xbd, 0x67, 0xfb, 0xd0, 0xce, 0xa2, 0x25, 0x28, 0x2d, 0xbb, 0xde, 0x85,
-    0xf9, 0xd8, 0x53, 0x24,
-};
-static const unsigned char kat232_nor_addin1[] = {
-    0x55, 0xb5, 0xb4, 0x15, 0xcc, 0xb0, 0x31, 0xf6, 0xca, 0x34, 0xc9, 0xd7,
-    0x71, 0x3b, 0xce, 0xd6,
-};
-static const unsigned char kat232_nor_retbytes[] = {
-    0x2b, 0x85, 0x40, 0xe3, 0x7c, 0x31, 0x8a, 0xfa, 0x95, 0xfc, 0x1e, 0x8d,
-    0x08, 0xb8, 0xd9, 0xeb, 0xf9, 0xe2, 0xb9, 0x10, 0xf2, 0x2d, 0xde, 0xb5,
-    0xfb, 0xae, 0x43, 0x27, 0xd3, 0x7c, 0xd9, 0x87, 0x24, 0xdc, 0x95, 0xbf,
-    0x36, 0x7e, 0x6e, 0x90, 0x19, 0x66, 0x39, 0xbd, 0x21, 0x32, 0x3d, 0x11,
-    0x12, 0x78, 0xca, 0x16, 0x66, 0x65, 0x8a, 0xc1, 0xe5, 0x5c, 0x7c, 0x93,
-    0x0f, 0x85, 0xe7, 0x73, 0xd3, 0x7d, 0xcf, 0xaf, 0x59, 0x11, 0x51, 0xff,
-    0xec, 0x27, 0x29, 0xe3, 0x6e, 0xc5, 0xfc, 0x4e,
-};
-static const struct drbg_kat_no_reseed kat232_nor_t = {
-    6, kat232_nor_entropyin, kat232_nor_nonce, kat232_nor_persstr,
-    kat232_nor_addin0, kat232_nor_addin1, kat232_nor_retbytes
-};
-static const struct drbg_kat kat232_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat232_nor_t
-};
-
-static const unsigned char kat233_nor_entropyin[] = {
-    0x39, 0xe7, 0x94, 0xb3, 0xb9, 0x56, 0x57, 0x4a, 0xdc, 0x9f, 0xa5, 0x40,
-    0x01, 0xb2, 0xba, 0xd5,
-};
-static const unsigned char kat233_nor_nonce[] = {
-    0xfc, 0x25, 0x1a, 0x9c, 0xa8, 0x1c, 0x02, 0x9b,
-};
-static const unsigned char kat233_nor_persstr[] = {
-    0x7b, 0x56, 0x4f, 0x15, 0x15, 0x46, 0x1f, 0xa9, 0xef, 0x73, 0x52, 0xa8,
-    0x9f, 0xfc, 0xb9, 0x8e,
-};
-static const unsigned char kat233_nor_addin0[] = {
-    0x24, 0x9b, 0x0a, 0xfd, 0xa2, 0x3f, 0x95, 0xf4, 0x5c, 0xb5, 0x11, 0x16,
-    0x92, 0x33, 0x59, 0xe7,
-};
-static const unsigned char kat233_nor_addin1[] = {
-    0x18, 0xb4, 0x25, 0x58, 0x45, 0xcd, 0x8b, 0x2f, 0x3e, 0xcd, 0x84, 0xf2,
-    0x70, 0x8d, 0x6a, 0x91,
-};
-static const unsigned char kat233_nor_retbytes[] = {
-    0xd5, 0x36, 0x7e, 0x18, 0x62, 0x59, 0xb8, 0x90, 0x0a, 0x4c, 0xc2, 0xd0,
-    0x8d, 0xe8, 0xbb, 0x86, 0x50, 0x3d, 0x23, 0xd8, 0x26, 0x42, 0x52, 0xdd,
-    0x73, 0xff, 0x9d, 0x21, 0xce, 0x9c, 0xb5, 0xb4, 0x65, 0x67, 0x62, 0x69,
-    0x80, 0x8b, 0x47, 0x7b, 0x4b, 0x24, 0xa7, 0x23, 0x1e, 0x5c, 0x8e, 0x31,
-    0xbf, 0x3a, 0x5d, 0x1d, 0x96, 0x44, 0x4e, 0x8f, 0xe1, 0x28, 0xcc, 0x71,
-    0x40, 0x21, 0x3d, 0xa6, 0x70, 0x62, 0x66, 0x0b, 0xa4, 0x90, 0xb8, 0xe6,
-    0xab, 0xee, 0xeb, 0x33, 0x81, 0x01, 0x8f, 0x0b,
-};
-static const struct drbg_kat_no_reseed kat233_nor_t = {
-    7, kat233_nor_entropyin, kat233_nor_nonce, kat233_nor_persstr,
-    kat233_nor_addin0, kat233_nor_addin1, kat233_nor_retbytes
-};
-static const struct drbg_kat kat233_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat233_nor_t
-};
-
-static const unsigned char kat234_nor_entropyin[] = {
-    0x0e, 0x54, 0xfd, 0x93, 0x17, 0x32, 0x45, 0x39, 0xb5, 0xf8, 0x7d, 0xda,
-    0x8c, 0x5f, 0xee, 0xe2,
-};
-static const unsigned char kat234_nor_nonce[] = {
-    0xf6, 0x6c, 0xeb, 0xa0, 0x13, 0x4d, 0x13, 0x92,
-};
-static const unsigned char kat234_nor_persstr[] = {
-    0x83, 0xca, 0x30, 0x99, 0xc4, 0xfd, 0x95, 0x6d, 0x69, 0xde, 0x1d, 0xa9,
-    0xdd, 0x2d, 0xae, 0x70,
-};
-static const unsigned char kat234_nor_addin0[] = {
-    0x60, 0x44, 0x60, 0x20, 0x1a, 0xdb, 0xa7, 0x56, 0x0a, 0x9b, 0x7f, 0xcb,
-    0xb2, 0xda, 0xb3, 0x45,
-};
-static const unsigned char kat234_nor_addin1[] = {
-    0x91, 0x1e, 0xe9, 0xcf, 0xba, 0xb9, 0xd8, 0xab, 0x26, 0x13, 0x15, 0x93,
-    0xb9, 0xa9, 0x74, 0xb8,
-};
-static const unsigned char kat234_nor_retbytes[] = {
-    0x55, 0x98, 0x42, 0x4e, 0x63, 0xe7, 0x44, 0x29, 0x43, 0x1a, 0xd9, 0xa0,
-    0x7d, 0xf0, 0x27, 0x04, 0x75, 0x4f, 0xfb, 0x9b, 0x30, 0x4d, 0x28, 0x93,
-    0xd0, 0x2e, 0xc6, 0xb4, 0x5f, 0x33, 0x5c, 0xf0, 0x66, 0x3e, 0x86, 0x52,
-    0x03, 0xcf, 0x2f, 0x10, 0x6c, 0x1a, 0x94, 0x72, 0xe6, 0x0c, 0x0c, 0x06,
-    0x31, 0xa9, 0x6f, 0xd3, 0x85, 0x62, 0x55, 0xac, 0x01, 0xdd, 0xb9, 0x4c,
-    0x7d, 0x0a, 0x23, 0x5d, 0xa6, 0x04, 0xe4, 0x6c, 0x19, 0xde, 0xcf, 0xd0,
-    0x08, 0x34, 0xa4, 0x63, 0xea, 0x27, 0x06, 0x57,
-};
-static const struct drbg_kat_no_reseed kat234_nor_t = {
-    8, kat234_nor_entropyin, kat234_nor_nonce, kat234_nor_persstr,
-    kat234_nor_addin0, kat234_nor_addin1, kat234_nor_retbytes
-};
-static const struct drbg_kat kat234_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat234_nor_t
-};
-
-static const unsigned char kat235_nor_entropyin[] = {
-    0x6b, 0x95, 0xce, 0x60, 0xfb, 0xde, 0x0b, 0x7a, 0x1c, 0x08, 0x4e, 0xe9,
-    0xc4, 0xc0, 0xef, 0x3a,
-};
-static const unsigned char kat235_nor_nonce[] = {
-    0xbc, 0x55, 0xd0, 0xd7, 0x3d, 0xf2, 0x01, 0x6c,
-};
-static const unsigned char kat235_nor_persstr[] = {
-    0x54, 0xd5, 0x95, 0x2c, 0x46, 0xfc, 0xcb, 0x8b, 0xdd, 0xa8, 0xde, 0xc9,
-    0xfe, 0x0f, 0x44, 0x20,
-};
-static const unsigned char kat235_nor_addin0[] = {
-    0xee, 0xfa, 0x1d, 0x45, 0x0f, 0x09, 0x44, 0x5e, 0x37, 0x2f, 0x30, 0xc8,
-    0xe7, 0xd0, 0xf3, 0x06,
-};
-static const unsigned char kat235_nor_addin1[] = {
-    0x16, 0x0a, 0xde, 0x5d, 0x9d, 0x4d, 0xfd, 0xce, 0x0e, 0x04, 0x45, 0x67,
-    0xa8, 0xba, 0xc0, 0x02,
-};
-static const unsigned char kat235_nor_retbytes[] = {
-    0x2a, 0x7d, 0x8d, 0x1d, 0x24, 0x8e, 0xdd, 0x67, 0xb8, 0x0b, 0x63, 0x6c,
-    0x22, 0xb5, 0xca, 0x69, 0xe9, 0x04, 0xce, 0xfc, 0xa3, 0x40, 0xbd, 0x85,
-    0x86, 0xd1, 0x79, 0x55, 0xc8, 0x2d, 0x77, 0x29, 0xbb, 0x24, 0x3b, 0x2c,
-    0x17, 0x15, 0x07, 0x4d, 0x85, 0x65, 0x97, 0x40, 0x6b, 0x86, 0xb9, 0x25,
-    0x81, 0x87, 0x24, 0x23, 0x70, 0x41, 0x12, 0x7e, 0x67, 0x28, 0xfe, 0x30,
-    0x80, 0xa4, 0x3f, 0x69, 0x55, 0x01, 0x9e, 0x10, 0xa0, 0xe9, 0xb4, 0xb6,
-    0x5e, 0x1d, 0xe6, 0x55, 0xd2, 0x62, 0x11, 0x60,
-};
-static const struct drbg_kat_no_reseed kat235_nor_t = {
-    9, kat235_nor_entropyin, kat235_nor_nonce, kat235_nor_persstr,
-    kat235_nor_addin0, kat235_nor_addin1, kat235_nor_retbytes
-};
-static const struct drbg_kat kat235_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat235_nor_t
-};
-
-static const unsigned char kat236_nor_entropyin[] = {
-    0x83, 0x99, 0x83, 0x66, 0xce, 0x3e, 0x12, 0x20, 0x2f, 0x20, 0xaf, 0x4c,
-    0x35, 0x56, 0x79, 0xf5,
-};
-static const unsigned char kat236_nor_nonce[] = {
-    0x4d, 0xb8, 0x3f, 0x88, 0x5f, 0xcd, 0x68, 0x19,
-};
-static const unsigned char kat236_nor_persstr[] = {
-    0x6e, 0x69, 0xe4, 0xad, 0x38, 0x71, 0x9f, 0x5a, 0x36, 0xf6, 0x24, 0xe3,
-    0x76, 0x6f, 0xfe, 0xa0,
-};
-static const unsigned char kat236_nor_addin0[] = {
-    0x4e, 0xd8, 0xec, 0xc9, 0xa4, 0x9f, 0xde, 0xe2, 0x86, 0x35, 0x5b, 0x49,
-    0x4a, 0xf8, 0x6d, 0x9b,
-};
-static const unsigned char kat236_nor_addin1[] = {
-    0xc1, 0xe7, 0x9f, 0xea, 0xcb, 0x75, 0x75, 0x24, 0x43, 0x42, 0xe0, 0x18,
-    0x3d, 0x25, 0x45, 0x6c,
-};
-static const unsigned char kat236_nor_retbytes[] = {
-    0xba, 0x1b, 0x0c, 0x90, 0x8e, 0x30, 0x15, 0xbb, 0xd8, 0x05, 0xdf, 0xfc,
-    0x80, 0x3b, 0xfa, 0x93, 0xf1, 0x30, 0x6d, 0x30, 0xdc, 0x7f, 0x05, 0xd2,
-    0xd4, 0xe7, 0x5d, 0x30, 0x63, 0x37, 0x1b, 0x94, 0x7e, 0xd7, 0xec, 0x98,
-    0xc2, 0x4c, 0x9e, 0x2d, 0xe4, 0x3b, 0x37, 0x22, 0x0f, 0x85, 0xaf, 0x7d,
-    0x4a, 0xd2, 0x63, 0x88, 0x94, 0x86, 0x93, 0x35, 0x8d, 0xa2, 0x3b, 0xde,
-    0xe6, 0xf2, 0x25, 0xe8, 0x77, 0x69, 0x05, 0xda, 0x1c, 0x24, 0xb0, 0xf9,
-    0x61, 0x25, 0xc0, 0x81, 0xa9, 0x0c, 0xe7, 0xcb,
-};
-static const struct drbg_kat_no_reseed kat236_nor_t = {
-    10, kat236_nor_entropyin, kat236_nor_nonce, kat236_nor_persstr,
-    kat236_nor_addin0, kat236_nor_addin1, kat236_nor_retbytes
-};
-static const struct drbg_kat kat236_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat236_nor_t
-};
-
-static const unsigned char kat237_nor_entropyin[] = {
-    0x2a, 0x40, 0x08, 0x08, 0xe0, 0x3c, 0xed, 0x38, 0x42, 0xba, 0x1e, 0xb3,
-    0xf1, 0x57, 0x5f, 0xe6,
-};
-static const unsigned char kat237_nor_nonce[] = {
-    0xc6, 0xb9, 0xb8, 0xc3, 0x33, 0x06, 0x3c, 0x4e,
-};
-static const unsigned char kat237_nor_persstr[] = {
-    0x44, 0x24, 0xf5, 0x3b, 0x70, 0xa4, 0xf4, 0x87, 0x30, 0xf8, 0x12, 0xb3,
-    0xcf, 0xcf, 0x53, 0x9c,
-};
-static const unsigned char kat237_nor_addin0[] = {
-    0x66, 0x5c, 0x17, 0x18, 0xa4, 0x88, 0x18, 0x6e, 0x3f, 0x7d, 0x0b, 0xb6,
-    0x96, 0x76, 0x2a, 0xa6,
-};
-static const unsigned char kat237_nor_addin1[] = {
-    0xb6, 0xd1, 0x3e, 0xbd, 0x72, 0x09, 0x43, 0x7e, 0xa5, 0xfa, 0xba, 0x33,
-    0x81, 0x4b, 0x2c, 0x74,
-};
-static const unsigned char kat237_nor_retbytes[] = {
-    0x2d, 0xc7, 0xa9, 0x54, 0xff, 0x43, 0x9e, 0xc8, 0x10, 0x8b, 0x06, 0x49,
-    0xac, 0xd3, 0xc5, 0xd8, 0xb2, 0xe2, 0x8c, 0x88, 0x04, 0xcc, 0x9d, 0x24,
-    0x9a, 0xca, 0xfe, 0xdc, 0x0e, 0xf8, 0x1a, 0xab, 0x1c, 0xae, 0xc3, 0x56,
-    0xcc, 0x50, 0xc4, 0x3b, 0x70, 0xc1, 0xfe, 0x4d, 0xc1, 0x17, 0x29, 0x0b,
-    0xb0, 0x64, 0x85, 0x88, 0xbf, 0xe8, 0x4c, 0x9b, 0x83, 0x96, 0x40, 0xc1,
-    0x50, 0x34, 0x38, 0x76, 0x5c, 0xed, 0xb0, 0xe5, 0x89, 0xcd, 0x13, 0xfc,
-    0x8c, 0xd8, 0x0b, 0xd9, 0x6a, 0xd1, 0x9c, 0x6f,
-};
-static const struct drbg_kat_no_reseed kat237_nor_t = {
-    11, kat237_nor_entropyin, kat237_nor_nonce, kat237_nor_persstr,
-    kat237_nor_addin0, kat237_nor_addin1, kat237_nor_retbytes
-};
-static const struct drbg_kat kat237_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat237_nor_t
-};
-
-static const unsigned char kat238_nor_entropyin[] = {
-    0x6f, 0x7a, 0x7d, 0x94, 0xdc, 0xe0, 0x25, 0x90, 0xe7, 0x90, 0xb9, 0x71,
-    0xaf, 0x9d, 0x42, 0x95,
-};
-static const unsigned char kat238_nor_nonce[] = {
-    0xd7, 0x42, 0xb2, 0xe7, 0xe6, 0x10, 0x00, 0x44,
-};
-static const unsigned char kat238_nor_persstr[] = {
-    0xb9, 0xdb, 0x42, 0x70, 0x26, 0x23, 0xc7, 0x50, 0xb8, 0xa5, 0x6f, 0x87,
-    0xe9, 0xb8, 0x6c, 0xe3,
-};
-static const unsigned char kat238_nor_addin0[] = {
-    0xd8, 0xaa, 0x16, 0x60, 0x02, 0x63, 0x46, 0xb6, 0x4c, 0x73, 0x04, 0x2c,
-    0xcd, 0x7b, 0xe9, 0x11,
-};
-static const unsigned char kat238_nor_addin1[] = {
-    0xb8, 0x42, 0xd8, 0x10, 0x5b, 0x29, 0xdc, 0xdd, 0x49, 0x3b, 0x37, 0x1b,
-    0xfe, 0x5f, 0xd9, 0xd9,
-};
-static const unsigned char kat238_nor_retbytes[] = {
-    0x5e, 0xb0, 0x08, 0xc4, 0xe9, 0xbd, 0xab, 0x61, 0x16, 0x28, 0xff, 0x58,
-    0x74, 0x11, 0xa8, 0x26, 0x2c, 0x27, 0x58, 0x95, 0x81, 0x03, 0xbd, 0x26,
-    0x6a, 0xa1, 0xaf, 0x38, 0x6e, 0xbc, 0x70, 0x48, 0x24, 0x81, 0xdc, 0x8d,
-    0xd6, 0xa2, 0x53, 0x22, 0x2e, 0x34, 0x44, 0x4b, 0xe4, 0x5a, 0x6a, 0xa2,
-    0x31, 0x11, 0x99, 0x87, 0x37, 0x9b, 0xd7, 0xff, 0xc4, 0x3f, 0x7a, 0x4a,
-    0xb7, 0x93, 0xd1, 0xfe, 0x90, 0x85, 0x52, 0x64, 0xf1, 0xf9, 0x47, 0x33,
-    0xe4, 0x24, 0xdd, 0x97, 0x38, 0x7a, 0x18, 0x0a,
-};
-static const struct drbg_kat_no_reseed kat238_nor_t = {
-    12, kat238_nor_entropyin, kat238_nor_nonce, kat238_nor_persstr,
-    kat238_nor_addin0, kat238_nor_addin1, kat238_nor_retbytes
-};
-static const struct drbg_kat kat238_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat238_nor_t
-};
-
-static const unsigned char kat239_nor_entropyin[] = {
-    0x5c, 0x6a, 0xed, 0x6f, 0x74, 0xcc, 0x30, 0x2e, 0x86, 0xc5, 0x04, 0xf0,
-    0x58, 0x6c, 0xdc, 0xbd,
-};
-static const unsigned char kat239_nor_nonce[] = {
-    0xe7, 0xcc, 0x8c, 0xd4, 0x4f, 0x6d, 0xac, 0xe7,
-};
-static const unsigned char kat239_nor_persstr[] = {
-    0x77, 0x11, 0x41, 0xd9, 0x42, 0x65, 0x8f, 0xe4, 0xd6, 0x58, 0xf4, 0xa8,
-    0xaf, 0x0d, 0xc4, 0x71,
-};
-static const unsigned char kat239_nor_addin0[] = {
-    0x5d, 0x7a, 0x91, 0xe1, 0x8f, 0x88, 0xbd, 0x50, 0x9a, 0x6a, 0x0d, 0x59,
-    0x0e, 0x71, 0xc7, 0x61,
-};
-static const unsigned char kat239_nor_addin1[] = {
-    0xd4, 0x6b, 0x57, 0xfa, 0x51, 0xa4, 0x21, 0xe2, 0x5a, 0xed, 0xf1, 0x11,
-    0x15, 0x7d, 0xb8, 0xb9,
-};
-static const unsigned char kat239_nor_retbytes[] = {
-    0xad, 0x1a, 0xda, 0x8c, 0xe7, 0x90, 0x45, 0xcb, 0x24, 0x74, 0x83, 0x78,
-    0xb4, 0xc4, 0x62, 0x9d, 0xd9, 0x08, 0x05, 0x83, 0x77, 0x50, 0x24, 0x36,
-    0xe6, 0xde, 0x51, 0xb8, 0xdb, 0xbd, 0x70, 0xd7, 0x21, 0xe8, 0x04, 0x95,
-    0x5a, 0x1e, 0xcb, 0x02, 0xf8, 0xb1, 0x1d, 0x1d, 0x44, 0xd9, 0xf5, 0x01,
-    0x18, 0x08, 0xc5, 0x6a, 0x6a, 0xfe, 0x94, 0xc7, 0x7c, 0x15, 0x31, 0x9d,
-    0x8e, 0x1f, 0x48, 0xc5, 0x02, 0x34, 0xd1, 0x32, 0x28, 0xfb, 0xc8, 0x4e,
-    0x13, 0xb4, 0x44, 0x0e, 0xac, 0xf4, 0xcd, 0x21,
-};
-static const struct drbg_kat_no_reseed kat239_nor_t = {
-    13, kat239_nor_entropyin, kat239_nor_nonce, kat239_nor_persstr,
-    kat239_nor_addin0, kat239_nor_addin1, kat239_nor_retbytes
-};
-static const struct drbg_kat kat239_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat239_nor_t
-};
-
-static const unsigned char kat240_nor_entropyin[] = {
-    0xb3, 0x0e, 0xd3, 0x21, 0xb4, 0x60, 0x9c, 0x2c, 0x1b, 0x51, 0x23, 0x59,
-    0x63, 0x95, 0x8e, 0xa5,
-};
-static const unsigned char kat240_nor_nonce[] = {
-    0x5b, 0xf9, 0xbc, 0x2f, 0xee, 0x57, 0x5e, 0xb4,
-};
-static const unsigned char kat240_nor_persstr[] = {
-    0x8f, 0xbd, 0x86, 0xda, 0x07, 0x24, 0x35, 0x5a, 0x40, 0x59, 0xf6, 0xac,
-    0x78, 0xfe, 0x63, 0x42,
-};
-static const unsigned char kat240_nor_addin0[] = {
-    0xfc, 0x54, 0xb5, 0x33, 0x9b, 0x37, 0xeb, 0x68, 0x89, 0xcf, 0xd7, 0xc1,
-    0x85, 0x07, 0x0b, 0xd0,
-};
-static const unsigned char kat240_nor_addin1[] = {
-    0xf6, 0xa7, 0x83, 0xd6, 0xd4, 0x2e, 0x5a, 0xd5, 0xab, 0xb0, 0xa9, 0x96,
-    0xbd, 0xdf, 0xa0, 0x4c,
-};
-static const unsigned char kat240_nor_retbytes[] = {
-    0x68, 0x3f, 0xaa, 0x73, 0x2c, 0x45, 0x51, 0x60, 0x4c, 0x88, 0x65, 0xb5,
-    0xf7, 0x77, 0x57, 0x1c, 0x7d, 0x3c, 0xf1, 0xa6, 0x01, 0x24, 0xc5, 0x9b,
-    0x91, 0x28, 0x3d, 0xa0, 0xcd, 0xa9, 0xb2, 0x17, 0x61, 0xd1, 0xc1, 0x7c,
-    0x81, 0x85, 0x69, 0x58, 0xc6, 0xd5, 0x90, 0x43, 0x6c, 0x73, 0x59, 0x4b,
-    0xb3, 0x6f, 0x46, 0xc2, 0xf8, 0x92, 0x37, 0xd8, 0xc7, 0xa7, 0xdd, 0xd2,
-    0xc5, 0x83, 0x94, 0xc9, 0x83, 0xf8, 0xf6, 0xc0, 0x00, 0xd7, 0x75, 0x66,
-    0xf2, 0xa1, 0xd8, 0x9b, 0xac, 0x05, 0x4b, 0xdb,
-};
-static const struct drbg_kat_no_reseed kat240_nor_t = {
-    14, kat240_nor_entropyin, kat240_nor_nonce, kat240_nor_persstr,
-    kat240_nor_addin0, kat240_nor_addin1, kat240_nor_retbytes
-};
-static const struct drbg_kat kat240_nor = {
-    NO_RESEED, NA, NID_sha1, 16, 8, 16, 16, 80, &kat240_nor_t
-};
-
-static const unsigned char kat480_nor_entropyin[] = {
-    0x63, 0xb6, 0x77, 0x16, 0x61, 0xab, 0x68, 0x98, 0x09, 0xcc, 0xc5, 0xe5,
-    0x59, 0x1b, 0xd1, 0x74, 0x39, 0x21, 0xd6, 0xed, 0x1e, 0x1d, 0xdd, 0x01,
-};
-static const unsigned char kat480_nor_nonce[] = {
-    0xb6, 0x34, 0xe9, 0x89, 0xec, 0x3b, 0xd5, 0xb5, 0x97, 0x77, 0xb2, 0x7d,
-};
-static const unsigned char kat480_nor_persstr[] = {
-    0x82, 0x2d, 0xe3, 0x95, 0x2f, 0xf3, 0x6c, 0xf2, 0xd4, 0xe4, 0x02, 0x7c,
-    0x12, 0xc4, 0xf7, 0xcd, 0x66, 0x5c, 0x08, 0xd9, 0x29, 0x59, 0x1b, 0x21,
-};
-static const unsigned char kat480_nor_addin0[] = {
-    0xe5, 0xc6, 0x33, 0xca, 0x50, 0xdc, 0xd8, 0x3e, 0x0a, 0x34, 0xd3, 0x97,
-    0xdf, 0x53, 0xf6, 0xd7, 0xa6, 0xf7, 0x17, 0x0a, 0x3f, 0x81, 0xf0, 0xe6,
-};
-static const unsigned char kat480_nor_addin1[] = {
-    0x5f, 0x0b, 0xeb, 0x5a, 0x2d, 0x29, 0x68, 0xe8, 0x3b, 0xa8, 0x7c, 0x92,
-    0xbf, 0xa4, 0x20, 0xfd, 0x6e, 0x85, 0x26, 0xfb, 0xbf, 0xde, 0xa1, 0x28,
-};
-static const unsigned char kat480_nor_retbytes[] = {
-    0x8b, 0xec, 0x11, 0xdf, 0x10, 0x22, 0xaa, 0x50, 0xd9, 0x5d, 0xae, 0xaf,
-    0x23, 0xd7, 0x8d, 0x6e, 0xe4, 0x5c, 0x43, 0xc5, 0x76, 0x8b, 0x90, 0x18,
-    0x1e, 0x10, 0x6c, 0x7d, 0xf8, 0xff, 0x33, 0x3d, 0x7c, 0xb8, 0x7c, 0xa1,
-    0xab, 0x83, 0xf8, 0x74, 0x23, 0x70, 0xdb, 0x1c, 0x8c, 0x0c, 0x0c, 0x22,
-    0xf1, 0x41, 0xff, 0x4d, 0xe3, 0x3a, 0xe8, 0xbd, 0xb1, 0x4f, 0xee, 0x7e,
-    0x6c, 0x06, 0x98, 0x19, 0x32, 0x06, 0x29, 0xc6, 0x6d, 0x94, 0xc7, 0xc9,
-    0x7f, 0xf5, 0x29, 0x30, 0xa3, 0xc1, 0xdc, 0xd5, 0x01, 0xb6, 0x0f, 0x0f,
-    0x84, 0xbd, 0xa4, 0x72, 0x0e, 0xe1, 0x87, 0xae, 0x85, 0x8a, 0x6e, 0x06,
-    0x83, 0x26, 0xed, 0xa5, 0x80, 0x97, 0x16, 0xe3, 0x66, 0xd1, 0xb6, 0x08,
-    0xc6, 0x1b, 0x01, 0x00,
-};
-static const struct drbg_kat_no_reseed kat480_nor_t = {
-    14, kat480_nor_entropyin, kat480_nor_nonce, kat480_nor_persstr,
-    kat480_nor_addin0, kat480_nor_addin1, kat480_nor_retbytes
-};
-static const struct drbg_kat kat480_nor = {
-    NO_RESEED, NA, NID_sha224, 24, 12, 24, 24, 112, &kat480_nor_t
-};
-
-static const unsigned char kat720_nor_entropyin[] = {
-    0x70, 0x8f, 0x5c, 0x7e, 0x10, 0xd5, 0x6c, 0x30, 0x45, 0x6e, 0x9e, 0x3f,
-    0x58, 0x69, 0xa9, 0x5a, 0x05, 0x1c, 0xf7, 0xcf, 0x10, 0x77, 0x08, 0xc4,
-    0x0c, 0xcc, 0xb8, 0x01, 0xa3, 0xa7, 0x63, 0x6d,
-};
-static const unsigned char kat720_nor_nonce[] = {
-    0xba, 0xc7, 0x55, 0xe7, 0x01, 0xb1, 0xfd, 0xd1, 0x70, 0xdc, 0x92, 0xeb,
-    0x0f, 0x12, 0xbd, 0x4b,
-};
-static const unsigned char kat720_nor_persstr[] = {
-    0xf1, 0xdb, 0x3a, 0xcd, 0x73, 0x91, 0x4a, 0x62, 0xbc, 0xa9, 0xa5, 0xce,
-    0x34, 0x97, 0xb1, 0xb4, 0xda, 0x12, 0xb2, 0x9c, 0xee, 0x7d, 0xc4, 0x78,
-    0x1d, 0x7c, 0xad, 0xdf, 0x67, 0xe4, 0x5f, 0x2c,
-};
-static const unsigned char kat720_nor_addin0[] = {
-    0x22, 0x85, 0x22, 0xe5, 0x8e, 0x65, 0xd5, 0x0d, 0xfd, 0x17, 0x6e, 0x8f,
-    0xf1, 0x74, 0x9f, 0xaa, 0x70, 0xfc, 0x2c, 0x82, 0xed, 0xa2, 0x5b, 0x07,
-    0x48, 0xdd, 0xc5, 0xd4, 0x1f, 0xd7, 0x1b, 0xe5,
-};
-static const unsigned char kat720_nor_addin1[] = {
-    0x7a, 0xf6, 0x0c, 0x47, 0xb4, 0xcd, 0x14, 0x6a, 0x39, 0x88, 0x7c, 0x9b,
-    0x81, 0x2a, 0x1d, 0xd8, 0x14, 0xd7, 0x4c, 0x39, 0x86, 0x09, 0xbb, 0xbf,
-    0xb5, 0x7e, 0x73, 0xda, 0x9c, 0xaf, 0xf5, 0x7a,
-};
-static const unsigned char kat720_nor_retbytes[] = {
-    0x95, 0x28, 0xc8, 0x8f, 0x0a, 0xea, 0x3f, 0xc0, 0x3b, 0xb8, 0xa9, 0x06,
-    0x1e, 0x15, 0x9a, 0x06, 0xd7, 0x8a, 0x2a, 0x65, 0x44, 0x08, 0x80, 0x8a,
-    0xa4, 0xd0, 0xe7, 0x3a, 0xb1, 0xa5, 0x1e, 0x5a, 0xa8, 0x5e, 0x8b, 0xca,
-    0xe7, 0x2d, 0x34, 0x78, 0x4f, 0xf6, 0xf5, 0x13, 0x19, 0x3e, 0x18, 0x3d,
-    0x55, 0x6d, 0xda, 0xc5, 0x67, 0x53, 0x14, 0xf2, 0xb5, 0xcf, 0xe3, 0x92,
-    0xd1, 0x52, 0x60, 0x56, 0xaf, 0xe3, 0x2d, 0x7c, 0x03, 0xe0, 0x9b, 0xa2,
-    0xbd, 0xf3, 0xb1, 0x0e, 0x22, 0x8b, 0x0f, 0x60, 0x0a, 0x61, 0xcc, 0xcd,
-    0x9e, 0x7b, 0xf1, 0x4d, 0xcc, 0xf1, 0x3b, 0x16, 0xa8, 0x38, 0xe6, 0x09,
-    0x09, 0x78, 0x53, 0x07, 0xe6, 0x90, 0x5d, 0x51, 0x0d, 0x98, 0x88, 0xea,
-    0xab, 0x16, 0x9f, 0xa6, 0x01, 0x55, 0x8f, 0xc9, 0x52, 0xaa, 0x85, 0x59,
-    0xd2, 0x70, 0xec, 0xd3, 0x86, 0xd7, 0xfb, 0xd7,
-};
-static const struct drbg_kat_no_reseed kat720_nor_t = {
-    14, kat720_nor_entropyin, kat720_nor_nonce, kat720_nor_persstr,
-    kat720_nor_addin0, kat720_nor_addin1, kat720_nor_retbytes
-};
-static const struct drbg_kat kat720_nor = {
-    NO_RESEED, NA, NID_sha256, 32, 16, 32, 32, 128, &kat720_nor_t
-};
-
-static const unsigned char kat960_nor_entropyin[] = {
-    0x16, 0x1b, 0xef, 0x11, 0x9a, 0xf7, 0x36, 0xfd, 0x23, 0xe1, 0x88, 0xa2,
-    0x27, 0xaa, 0xe7, 0x6e, 0xdd, 0x0f, 0xe6, 0x54, 0xf9, 0xf5, 0x83, 0xd7,
-    0x5d, 0x77, 0xa3, 0x76, 0x4b, 0xb8, 0x47, 0x9f,
-};
-static const unsigned char kat960_nor_nonce[] = {
-    0xc6, 0xe1, 0x4c, 0x68, 0x30, 0x9c, 0xa8, 0x47, 0x88, 0xad, 0x9f, 0x15,
-    0xd5, 0xf0, 0xa9, 0x0a,
-};
-static const unsigned char kat960_nor_persstr[] = {
-    0x8b, 0x20, 0x39, 0xa6, 0xd4, 0xb9, 0x09, 0x90, 0x6a, 0x87, 0x94, 0xdf,
-    0x59, 0x95, 0xfe, 0x9e, 0xa9, 0x77, 0xc5, 0xa1, 0xa3, 0x09, 0x82, 0x01,
-    0x5a, 0xad, 0xf9, 0x37, 0xc8, 0x63, 0xcf, 0xac,
-};
-static const unsigned char kat960_nor_addin0[] = {
-    0x23, 0xe4, 0xe6, 0xb0, 0xe0, 0xc1, 0xb2, 0x8a, 0x6f, 0x97, 0x31, 0xf8,
-    0xb0, 0x99, 0x60, 0xce, 0x7a, 0xda, 0xc1, 0x75, 0x27, 0xb3, 0xbb, 0xac,
-    0xa7, 0xc8, 0x11, 0xda, 0xea, 0x4b, 0x1c, 0xf5,
-};
-static const unsigned char kat960_nor_addin1[] = {
-    0xdc, 0x7f, 0xac, 0x6a, 0xed, 0xed, 0x9e, 0x17, 0xb5, 0xbb, 0x5e, 0x2b,
-    0xca, 0xd9, 0x42, 0x4d, 0x42, 0xdc, 0x07, 0xe8, 0x09, 0xda, 0x59, 0xd5,
-    0x2c, 0xae, 0xcb, 0xa6, 0xe7, 0x5c, 0xa4, 0x57,
-};
-static const unsigned char kat960_nor_retbytes[] = {
-    0x5a, 0x42, 0xb3, 0x5c, 0xf1, 0xb7, 0x2d, 0x25, 0x20, 0xd9, 0x27, 0x19,
-    0xa9, 0x4e, 0xf1, 0xa7, 0xca, 0x5b, 0x6d, 0x6c, 0x7e, 0xef, 0x2d, 0xe2,
-    0x5c, 0x8e, 0xa4, 0x4c, 0x1f, 0xc3, 0xa9, 0xa5, 0xff, 0x21, 0x28, 0xf4,
-    0x7b, 0xbe, 0x58, 0x08, 0x4a, 0x0c, 0x7a, 0x3f, 0xc7, 0x90, 0x62, 0x6e,
-    0xff, 0x56, 0x66, 0xb4, 0xc1, 0xe6, 0x8f, 0xb2, 0xf5, 0x3d, 0xe3, 0x37,
-    0x0b, 0x29, 0xc3, 0x98, 0xd5, 0x06, 0x7b, 0x25, 0x5f, 0x5f, 0x7f, 0x29,
-    0xfd, 0xb0, 0xf8, 0xbc, 0x25, 0x6e, 0xe3, 0xaf, 0xbe, 0x78, 0xa3, 0x39,
-    0x81, 0x62, 0x68, 0x37, 0xc5, 0x5f, 0x98, 0x1e, 0x56, 0xeb, 0x2e, 0x1b,
-    0xdd, 0x89, 0xca, 0x08, 0x1e, 0x48, 0xf6, 0xda, 0x7c, 0xe6, 0x57, 0x6f,
-    0xbd, 0x37, 0xdb, 0xd5, 0x7a, 0x3f, 0x41, 0xcf, 0x41, 0x0c, 0xb3, 0x75,
-    0x61, 0x4a, 0xf2, 0x39, 0xf2, 0xe1, 0x02, 0x18, 0xe7, 0x77, 0xfb, 0x97,
-    0xa5, 0x5d, 0x9c, 0xc7, 0x32, 0x43, 0x88, 0x2b, 0x8d, 0x8d, 0x2a, 0x2c,
-    0x81, 0x2f, 0xbd, 0xea, 0xae, 0xd9, 0x0b, 0x5b, 0xd7, 0x1a, 0x27, 0x4b,
-    0x4b, 0x17, 0x1c, 0xd7, 0xe6, 0x61, 0x91, 0x2c, 0x9b, 0x3d, 0xe1, 0x71,
-    0x4a, 0x3f, 0xe4, 0x93, 0x1d, 0x8f, 0xc7, 0xcb, 0x1c, 0x9f, 0x64, 0xf4,
-    0xe3, 0x7d, 0x4e, 0x5d, 0xbc, 0x31, 0x60, 0x2d, 0x2f, 0x86, 0x99, 0xe0,
-};
-static const struct drbg_kat_no_reseed kat960_nor_t = {
-    14, kat960_nor_entropyin, kat960_nor_nonce, kat960_nor_persstr,
-    kat960_nor_addin0, kat960_nor_addin1, kat960_nor_retbytes
-};
-static const struct drbg_kat kat960_nor = {
-    NO_RESEED, NA, NID_sha384, 32, 16, 32, 32, 192, &kat960_nor_t
-};
-
-static const unsigned char kat1200_nor_entropyin[] = {
-    0xb1, 0x48, 0xb3, 0x17, 0xa2, 0x68, 0x62, 0x8f, 0x04, 0xc9, 0xa8, 0x7a,
-    0x0a, 0xc5, 0xf9, 0x14, 0x98, 0xb8, 0x02, 0x0f, 0x4e, 0x48, 0x35, 0x72,
-    0x0c, 0x1a, 0x3c, 0xc0, 0x7b, 0x05, 0x0f, 0xa2,
-};
-static const unsigned char kat1200_nor_nonce[] = {
-    0x2f, 0x35, 0xe5, 0xb6, 0x22, 0xae, 0xef, 0xe7, 0x56, 0x05, 0xc2, 0x27,
-    0x4e, 0xc8, 0xc6, 0x96,
-};
-static const unsigned char kat1200_nor_persstr[] = {
-    0xfc, 0x52, 0x7a, 0x2f, 0x16, 0xb5, 0x3c, 0x51, 0x3f, 0x94, 0x85, 0x5b,
-    0x35, 0xce, 0xa6, 0x09, 0x0c, 0x30, 0x3d, 0xcc, 0x64, 0x2e, 0x98, 0xed,
-    0x5f, 0x32, 0x3a, 0xba, 0x0f, 0x35, 0xfa, 0x27,
-};
-static const unsigned char kat1200_nor_addin0[] = {
-    0x2c, 0xc9, 0xf1, 0x37, 0xfc, 0xd8, 0xc2, 0xd5, 0x26, 0xd7, 0x00, 0x93,
-    0xfe, 0x11, 0xf9, 0x0a, 0x0a, 0x36, 0xbc, 0x97, 0x64, 0xa4, 0xc5, 0x60,
-    0x90, 0x72, 0xe1, 0x81, 0xa2, 0x49, 0x45, 0x16,
-};
-static const unsigned char kat1200_nor_addin1[] = {
-    0xe4, 0x03, 0x61, 0x24, 0x5b, 0x91, 0x88, 0x0e, 0x30, 0x8f, 0xb7, 0x77,
-    0xc2, 0x8b, 0xbf, 0xae, 0xa5, 0x98, 0x2e, 0x45, 0xfe, 0xcb, 0x77, 0x57,
-    0xbb, 0x1c, 0x9d, 0xe2, 0xdf, 0x9d, 0xc6, 0x12,
-};
-static const unsigned char kat1200_nor_retbytes[] = {
-    0x66, 0xad, 0x04, 0x8b, 0x4d, 0x2d, 0x00, 0x32, 0x23, 0xc6, 0x4d, 0xd9,
-    0x82, 0x7c, 0xc2, 0x2e, 0xd3, 0xec, 0x8f, 0xcb, 0x61, 0x20, 0x9d, 0x19,
-    0x96, 0x19, 0x17, 0x75, 0x92, 0xe9, 0xb8, 0x92, 0x26, 0xbe, 0x30, 0xb1,
-    0x93, 0x0b, 0xdd, 0x74, 0x9f, 0x30, 0xed, 0x09, 0xda, 0x52, 0xab, 0xaa,
-    0x2e, 0x59, 0x9a, 0xfa, 0xf9, 0x19, 0x03, 0xe7, 0xa2, 0xb5, 0x9f, 0xfb,
-    0x8f, 0xd4, 0x70, 0xe6, 0x60, 0x44, 0x85, 0xa2, 0x7c, 0x20, 0x0d, 0x37,
-    0x5f, 0xef, 0xf6, 0x21, 0x11, 0x85, 0x95, 0xa7, 0xa3, 0x05, 0x7b, 0x7e,
-    0x31, 0xea, 0xdc, 0x06, 0x87, 0xb1, 0x00, 0x8c, 0x3c, 0xb2, 0xc7, 0x43,
-    0x5a, 0x57, 0x04, 0xb1, 0xa1, 0xa6, 0xa3, 0x48, 0x7d, 0x60, 0xfd, 0x14,
-    0x79, 0x3c, 0x31, 0x48, 0x6a, 0xf7, 0x65, 0xce, 0x2c, 0xe1, 0x82, 0xde,
-    0x88, 0x11, 0x24, 0x45, 0xdd, 0x5f, 0xf1, 0x1b, 0x25, 0x6c, 0xfd, 0xa0,
-    0x70, 0x18, 0xb9, 0x5f, 0x97, 0xed, 0xba, 0xb4, 0xe4, 0xc3, 0x9c, 0xa0,
-    0x97, 0xc4, 0x2f, 0x9d, 0xce, 0x80, 0xcd, 0x3f, 0x32, 0x67, 0x7f, 0x3c,
-    0x22, 0x4a, 0x86, 0xb3, 0x15, 0xd0, 0x2e, 0x37, 0x7d, 0xca, 0x8f, 0x37,
-    0x85, 0xe9, 0x74, 0x8f, 0xfd, 0xbe, 0x3f, 0xca, 0xa3, 0xb0, 0xc6, 0xbf,
-    0x00, 0x1b, 0x63, 0xb5, 0x74, 0x26, 0x83, 0x63, 0x58, 0xe9, 0xb3, 0x15,
-    0xc6, 0x71, 0x8e, 0x0b, 0x74, 0xfb, 0x82, 0xb9, 0xbf, 0x3d, 0xf7, 0x00,
-    0xa6, 0x41, 0xab, 0x94, 0x11, 0xd1, 0xb9, 0xfb, 0xa4, 0x23, 0x09, 0xa8,
-    0x4b, 0xef, 0x67, 0xa1, 0x42, 0x04, 0xf3, 0x16, 0x0e, 0xd1, 0x6a, 0x54,
-    0x97, 0xfe, 0x21, 0x1a, 0xa1, 0xf5, 0xd3, 0xae, 0x4b, 0x85, 0x8b, 0x6d,
-    0x44, 0x5f, 0x1d, 0x09, 0x45, 0x43, 0xd0, 0x10, 0x7c, 0xe0, 0x4e, 0xf1,
-    0xd1, 0xba, 0x33, 0xab,
-};
-static const struct drbg_kat_no_reseed kat1200_nor_t = {
-    14, kat1200_nor_entropyin, kat1200_nor_nonce, kat1200_nor_persstr,
-    kat1200_nor_addin0, kat1200_nor_addin1, kat1200_nor_retbytes
-};
-static const struct drbg_kat kat1200_nor = {
-    NO_RESEED, NA, NID_sha512, 32, 16, 32, 32, 256, &kat1200_nor_t
-};
-
-static const unsigned char kat1440_nor_entropyin[] = {
-    0x55, 0x86, 0xa1, 0x84, 0x3e, 0x05, 0x8e, 0x09, 0x64, 0xb7, 0x64, 0x45,
-    0xf6, 0x1a, 0xe4, 0xbe, 0x69, 0x71, 0xcf, 0xfa, 0xcc, 0x05, 0xed, 0xfa,
-};
-static const unsigned char kat1440_nor_nonce[] = {
-    0x31, 0x43, 0x32, 0x4d, 0x2f, 0x3c, 0x14, 0xf6, 0x06, 0x9d, 0xb0, 0xdd,
-};
-static const unsigned char kat1440_nor_persstr[] = {
-    0x57, 0xd8, 0xbf, 0x22, 0xe4, 0x1c, 0x7b, 0xa6, 0xe7, 0xbc, 0xbb, 0xef,
-    0xf5, 0x77, 0x45, 0x11, 0x44, 0x5f, 0x07, 0x0d, 0xa4, 0x08, 0x3b, 0x14,
-};
-static const unsigned char kat1440_nor_addin0[] = {
-    0x1b, 0x87, 0x25, 0x44, 0x7e, 0xc5, 0x39, 0xea, 0x4a, 0x13, 0xc4, 0x7b,
-    0x32, 0x3f, 0x1d, 0x6f, 0x43, 0x5b, 0xa7, 0xe6, 0x24, 0xdc, 0xf5, 0xaf,
-};
-static const unsigned char kat1440_nor_addin1[] = {
-    0x86, 0xd3, 0x0a, 0xf4, 0x0a, 0x7a, 0x39, 0x57, 0x64, 0xb8, 0xb6, 0x9f,
-    0x26, 0x56, 0x95, 0x4c, 0x7c, 0x3f, 0x1c, 0x30, 0xb2, 0xb7, 0x03, 0xb0,
-};
-static const unsigned char kat1440_nor_retbytes[] = {
-    0x2f, 0xb2, 0xf2, 0x4b, 0x2c, 0x38, 0xf2, 0x17, 0x23, 0x2d, 0xc2, 0x2e,
-    0xcc, 0x73, 0x80, 0xb8, 0x24, 0x0b, 0x05, 0xd2, 0xc7, 0xbc, 0x0e, 0x3d,
-    0xfd, 0xad, 0x26, 0x8c, 0x8c, 0x10, 0x91, 0x2a, 0x92, 0x59, 0x5d, 0x70,
-    0xdd, 0x98, 0xe7, 0xec, 0xdb, 0xdc, 0x6d, 0x7b, 0xce, 0x6c, 0x72, 0xcd,
-    0xeb, 0xd7, 0xe1, 0x21, 0xd7, 0x5d, 0xe8, 0xb6, 0x79, 0x5b, 0x66, 0x0b,
-    0xe9, 0x09, 0x6a, 0x1f, 0x24, 0xa9, 0x7e, 0x9c, 0x53, 0x44, 0xc3, 0x5f,
-    0x04, 0x45, 0x1d, 0xbd, 0x8d, 0x98, 0x08, 0xc7, 0xa8, 0x4c, 0x6f, 0xba,
-    0xfa, 0xb6, 0xd0, 0x60, 0x02, 0x64, 0x90, 0xd4, 0x92, 0x06, 0x0f, 0x05,
-    0x2f, 0xbf, 0x21, 0xa3, 0xbf, 0xa2, 0xa8, 0xe4, 0xa4, 0x0d, 0xb5, 0x86,
-    0x72, 0xca, 0x52, 0xce,
-};
-static const struct drbg_kat_no_reseed kat1440_nor_t = {
-    14, kat1440_nor_entropyin, kat1440_nor_nonce, kat1440_nor_persstr,
-    kat1440_nor_addin0, kat1440_nor_addin1, kat1440_nor_retbytes
-};
-static const struct drbg_kat kat1440_nor = {
-    NO_RESEED, NA, NID_sha512_224, 24, 12, 24, 24, 112, &kat1440_nor_t
-};
-
-static const unsigned char kat1680_nor_entropyin[] = {
-    0x1b, 0xeb, 0xff, 0x7d, 0x14, 0x50, 0xb3, 0xbb, 0xa8, 0xeb, 0x89, 0xee,
-    0x19, 0x8f, 0x53, 0x83, 0xa5, 0xe9, 0xd9, 0xfc, 0x7b, 0x35, 0xc0, 0x82,
-    0x13, 0x7f, 0x44, 0xb1, 0x52, 0x3f, 0xda, 0xde,
-};
-static const unsigned char kat1680_nor_nonce[] = {
-    0x96, 0xa4, 0x10, 0x18, 0x57, 0xa3, 0x90, 0x4d, 0xd6, 0xeb, 0xd1, 0x01,
-    0xe7, 0x3c, 0x9d, 0x5f,
-};
-static const unsigned char kat1680_nor_persstr[] = {
-    0x32, 0x78, 0xe5, 0xa6, 0xfd, 0x03, 0xd3, 0xf7, 0xbb, 0x31, 0x51, 0x16,
-    0xb7, 0xd1, 0x72, 0x01, 0x06, 0xe7, 0x7d, 0xef, 0xa3, 0xa8, 0x2a, 0x2c,
-    0x68, 0x1d, 0x6d, 0x91, 0xa6, 0xeb, 0x17, 0x2c,
-};
-static const unsigned char kat1680_nor_addin0[] = {
-    0x95, 0xf4, 0xb7, 0x87, 0x1a, 0x64, 0x1c, 0x5c, 0xc4, 0xf8, 0xdd, 0xb8,
-    0xcb, 0xd9, 0x87, 0xd3, 0xb0, 0x93, 0x5c, 0xb2, 0xf5, 0x5c, 0x77, 0xce,
-    0x34, 0x03, 0x56, 0x33, 0xc8, 0x5c, 0x85, 0xcc,
-};
-static const unsigned char kat1680_nor_addin1[] = {
-    0xb4, 0x94, 0xe2, 0xaf, 0x5b, 0x70, 0x8a, 0xc3, 0x06, 0x72, 0xb8, 0xce,
-    0x57, 0xe7, 0x20, 0x40, 0xe8, 0x23, 0x3c, 0x53, 0x80, 0x01, 0xa3, 0x48,
-    0xe2, 0xcb, 0xa9, 0x8a, 0x8c, 0xd1, 0x2a, 0xcb,
-};
-static const unsigned char kat1680_nor_retbytes[] = {
-    0xc7, 0x31, 0xcc, 0x7b, 0x21, 0xc4, 0x27, 0x30, 0xbd, 0x3c, 0xca, 0x61,
-    0xfc, 0x52, 0x50, 0xb5, 0x07, 0xad, 0x08, 0xb2, 0x4a, 0xc4, 0x71, 0xd5,
-    0x26, 0xf2, 0x21, 0x7f, 0x15, 0xdc, 0x4d, 0x1f, 0xea, 0x85, 0xb5, 0x7e,
-    0xa9, 0xcf, 0x6b, 0x3d, 0xe9, 0xf6, 0x50, 0xdf, 0x82, 0x26, 0x32, 0x6f,
-    0x8d, 0xa0, 0xa7, 0x66, 0xc6, 0xd3, 0xd9, 0xab, 0x77, 0x13, 0x93, 0x8d,
-    0x29, 0xd9, 0xd3, 0x3a, 0xe2, 0xff, 0xad, 0x65, 0x82, 0x10, 0x75, 0x12,
-    0x86, 0x89, 0x65, 0x27, 0x50, 0x4e, 0xa2, 0x3d, 0x6e, 0x4d, 0xaf, 0xa1,
-    0x0f, 0x6e, 0x62, 0x6a, 0x8b, 0x1e, 0x4b, 0x38, 0x6d, 0x2a, 0x27, 0xae,
-    0x12, 0xcd, 0x8c, 0xeb, 0x1f, 0x50, 0x24, 0x41, 0x8b, 0x70, 0xc0, 0x05,
-    0xb3, 0x5f, 0x2c, 0x89, 0x8a, 0x0f, 0xae, 0xf7, 0x4e, 0xb5, 0x60, 0x44,
-    0x40, 0x79, 0x30, 0xdc, 0x1c, 0xf7, 0x3f, 0x70,
-};
-static const struct drbg_kat_no_reseed kat1680_nor_t = {
-    14, kat1680_nor_entropyin, kat1680_nor_nonce, kat1680_nor_persstr,
-    kat1680_nor_addin0, kat1680_nor_addin1, kat1680_nor_retbytes
-};
-static const struct drbg_kat kat1680_nor = {
-    NO_RESEED, NA, NID_sha512_256, 32, 16, 32, 32, 128, &kat1680_nor_t
-};
-
-/* ------------------------------------------------------------------------ */
-
-static const unsigned char kat240_prt_entropyin[] = {
-    0x25, 0xa6, 0xd2, 0x6c, 0x8a, 0x9d, 0x73, 0xfb, 0x1a, 0x4c, 0xba, 0x5e,
-    0x39, 0x48, 0xda, 0xef,
-};
-static const unsigned char kat240_prt_nonce[] = {
-    0xe7, 0xda, 0xfc, 0xd8, 0x1a, 0xc1, 0xae, 0xba,
-};
-static const unsigned char kat240_prt_persstr[] = {
-    0xa8, 0xb8, 0x2f, 0xc8, 0xe8, 0x87, 0x46, 0x15, 0x8f, 0xd4, 0x01, 0x0a,
-    0x1d, 0x3d, 0x97, 0xe0,
-};
-static const unsigned char kat240_prt_entropyinpr0[] = {
-    0x57, 0xa5, 0x71, 0x72, 0xab, 0x86, 0xfc, 0x29, 0x00, 0x4b, 0x9d, 0x41,
-    0x2a, 0x97, 0x01, 0xf1,
-};
-static const unsigned char kat240_prt_entropyinpr1[] = {
-    0x7b, 0x55, 0x8b, 0x48, 0xf3, 0xc8, 0x91, 0xa7, 0x7f, 0xed, 0x29, 0x38,
-    0x81, 0x77, 0x51, 0x18,
-};
-static const unsigned char kat240_prt_addin0[] = {
-    0x6e, 0xcf, 0x52, 0xf9, 0x5b, 0x44, 0x43, 0xec, 0x8a, 0xc5, 0x2f, 0xae,
-    0x74, 0xe1, 0x93, 0x29,
-};
-static const unsigned char kat240_prt_addin1[] = {
-    0xb0, 0x71, 0x98, 0xa4, 0x9b, 0xc8, 0x54, 0xcf, 0xc9, 0xd6, 0xd7, 0x46,
-    0x6f, 0xe2, 0x49, 0x48,
-};
-static const unsigned char kat240_prt_retbytes[] = {
-    0x87, 0x8d, 0x26, 0xfb, 0x57, 0x58, 0x9d, 0x42, 0x49, 0x7b, 0x86, 0x95,
-    0x64, 0xa1, 0xda, 0xc5, 0xad, 0xf1, 0xb8, 0x36, 0x15, 0xf9, 0xab, 0x9f,
-    0xc3, 0x0b, 0x51, 0x40, 0xf7, 0x9e, 0x3b, 0x7f, 0x52, 0x5f, 0x1e, 0xff,
-    0x2e, 0x68, 0x00, 0x28, 0x01, 0x93, 0x9a, 0xa0, 0x72, 0x84, 0x32, 0xef,
-    0xad, 0x82, 0x9b, 0x5b, 0x12, 0x49, 0x14, 0x04, 0xfb, 0x50, 0xf2, 0x58,
-    0x4a, 0x3b, 0xde, 0xa8, 0x78, 0x5e, 0x79, 0x39, 0x05, 0x01, 0x97, 0x87,
-    0x04, 0xa6, 0x67, 0xec, 0x5d, 0x04, 0xda, 0x56,
-};
-static const struct drbg_kat_pr_true kat240_prt_t = {
-    14, kat240_prt_entropyin, kat240_prt_nonce, kat240_prt_persstr,
-    kat240_prt_entropyinpr0, kat240_prt_addin0, kat240_prt_entropyinpr1,
-    kat240_prt_addin1, kat240_prt_retbytes
-};
-static const struct drbg_kat kat240_prt = {
-    PR_TRUE, NA, NID_sha1, 16, 8, 16, 16, 80, &kat240_prt_t
-};
-
-static const unsigned char kat480_prt_entropyin[] = {
-    0xdb, 0x97, 0x7c, 0x5b, 0x3a, 0x1e, 0x79, 0x61, 0xe6, 0x4d, 0x99, 0x66,
-    0x65, 0x16, 0xfe, 0x56, 0x12, 0xb1, 0x51, 0x95, 0x6e, 0xc5, 0x1a, 0xdd,
-};
-static const unsigned char kat480_prt_nonce[] = {
-    0x05, 0xfa, 0x09, 0x36, 0xe2, 0x83, 0x6c, 0xd2, 0xe8, 0xe4, 0xcc, 0xe9,
-};
-static const unsigned char kat480_prt_persstr[] = {
-    0x4e, 0x8c, 0x5f, 0xfc, 0x09, 0x98, 0xb2, 0x69, 0x64, 0xab, 0x2b, 0x42,
-    0xcf, 0x21, 0x3d, 0x1c, 0x43, 0x17, 0x94, 0xbc, 0x40, 0x74, 0x76, 0x17,
-};
-static const unsigned char kat480_prt_entropyinpr0[] = {
-    0x16, 0xda, 0x81, 0x89, 0x74, 0xeb, 0x93, 0x58, 0x0d, 0xb3, 0x0f, 0x40,
-    0x0c, 0xff, 0x3e, 0xe1, 0xa3, 0xaf, 0x01, 0xe1, 0x21, 0xe3, 0xcd, 0xb4,
-};
-static const unsigned char kat480_prt_entropyinpr1[] = {
-    0x72, 0xf6, 0x4b, 0xe9, 0x11, 0xcb, 0xa5, 0x05, 0x6b, 0xc9, 0x1f, 0x26,
-    0xbd, 0x33, 0x5d, 0x59, 0xc6, 0x30, 0x14, 0x22, 0x79, 0x59, 0xb0, 0xb8,
-};
-static const unsigned char kat480_prt_addin0[] = {
-    0xe4, 0xeb, 0xa0, 0x0e, 0x64, 0xd2, 0x78, 0x54, 0xc0, 0x6d, 0xcd, 0x0a,
-    0xa2, 0xcd, 0x45, 0xb4, 0x7b, 0x7f, 0xa2, 0xcd, 0x77, 0xa7, 0xa1, 0x46,
-};
-static const unsigned char kat480_prt_addin1[] = {
-    0x11, 0x11, 0x6d, 0x24, 0x80, 0x29, 0x8a, 0x90, 0x91, 0x43, 0x7a, 0x49,
-    0xc6, 0x0b, 0x9d, 0x0a, 0x9d, 0x4c, 0xda, 0x4f, 0xa8, 0x5f, 0x09, 0x5e,
-};
-static const unsigned char kat480_prt_retbytes[] = {
-    0x39, 0x70, 0x77, 0x5a, 0xeb, 0x3d, 0xe4, 0x1b, 0x7b, 0xf1, 0x37, 0xd5,
-    0xf5, 0xff, 0xb9, 0xb7, 0x36, 0x76, 0x01, 0x21, 0x3b, 0xb5, 0xf1, 0xfe,
-    0x07, 0xca, 0x60, 0x9b, 0x6d, 0x3b, 0xed, 0x56, 0xd2, 0x67, 0xa9, 0x14,
-    0xc2, 0xd9, 0x79, 0x3e, 0xf9, 0x90, 0x7b, 0xc1, 0x7f, 0x1d, 0x0c, 0x5d,
-    0x01, 0x1d, 0x9b, 0xe4, 0x56, 0x5e, 0x01, 0xdd, 0xc2, 0x7e, 0xb2, 0xe9,
-    0xa0, 0x3e, 0x37, 0xf0, 0x82, 0x4a, 0x5d, 0x32, 0xd3, 0x4b, 0x94, 0xeb,
-    0x64, 0xf7, 0x11, 0x4a, 0x5c, 0xce, 0x46, 0x3d, 0xad, 0x0c, 0xdf, 0x5e,
-    0x89, 0xe5, 0xf3, 0x37, 0xec, 0xea, 0x10, 0xe3, 0x39, 0x3e, 0x2b, 0x6c,
-    0xa6, 0x1e, 0x5d, 0x33, 0xc2, 0x94, 0xbf, 0x90, 0x8b, 0xf7, 0x98, 0x7c,
-    0xc9, 0xe8, 0x08, 0xa0,
-};
-static const struct drbg_kat_pr_true kat480_prt_t = {
-    14, kat480_prt_entropyin, kat480_prt_nonce, kat480_prt_persstr,
-    kat480_prt_entropyinpr0, kat480_prt_addin0, kat480_prt_entropyinpr1,
-    kat480_prt_addin1, kat480_prt_retbytes
-};
-static const struct drbg_kat kat480_prt = {
-    PR_TRUE, NA, NID_sha224, 24, 12, 24, 24, 112, &kat480_prt_t
-};
-
-static const unsigned char kat720_prt_entropyin[] = {
-    0x06, 0x6d, 0xc8, 0xce, 0x75, 0xb2, 0x89, 0x66, 0xa6, 0x85, 0x16, 0x3f,
-    0xe2, 0xa4, 0xd4, 0x27, 0xfb, 0xdb, 0x61, 0x66, 0x50, 0x61, 0x6b, 0xa2,
-    0x82, 0xfc, 0x33, 0x2b, 0x4e, 0x6f, 0x12, 0x20,
-};
-static const unsigned char kat720_prt_nonce[] = {
-    0x55, 0x9f, 0x7c, 0x64, 0x89, 0x70, 0x83, 0xec, 0x2d, 0x73, 0x70, 0xd9,
-    0xf0, 0xe5, 0x07, 0x1f,
-};
-static const unsigned char kat720_prt_persstr[] = {
-    0x88, 0x6f, 0x54, 0x9a, 0xad, 0x1a, 0xc6, 0x3d, 0x18, 0xcb, 0xcc, 0x66,
-    0x85, 0xda, 0xa2, 0xc2, 0xf7, 0x9e, 0xb0, 0x89, 0x4c, 0xb4, 0xae, 0xf1,
-    0xac, 0x54, 0x4f, 0xce, 0x57, 0xf1, 0x5e, 0x11,
-};
-static const unsigned char kat720_prt_entropyinpr0[] = {
-    0xff, 0x80, 0xb7, 0xd2, 0x6a, 0x05, 0xbc, 0x8a, 0x7a, 0xbe, 0x53, 0x28,
-    0x6b, 0x0e, 0xeb, 0x73, 0x3b, 0x71, 0x5a, 0x20, 0x5b, 0xfa, 0x4f, 0xf6,
-    0x37, 0x03, 0xde, 0xad, 0xb6, 0xea, 0x0e, 0xf4,
-};
-static const unsigned char kat720_prt_entropyinpr1[] = {
-    0xc7, 0x38, 0x32, 0x53, 0x46, 0x81, 0xed, 0xe3, 0x7e, 0x03, 0x84, 0x6d,
-    0x3c, 0x84, 0x17, 0x67, 0x29, 0x7d, 0x24, 0x6c, 0x68, 0x92, 0x41, 0xd2,
-    0xe7, 0x75, 0xbe, 0x7e, 0xc9, 0x96, 0x29, 0x3d,
-};
-static const unsigned char kat720_prt_addin0[] = {
-    0xb7, 0x21, 0x5f, 0x14, 0xac, 0x7b, 0xaf, 0xd0, 0xa9, 0x17, 0x72, 0xba,
-    0x22, 0xf7, 0x19, 0xaf, 0xbd, 0x20, 0xb3, 0x11, 0x63, 0x6c, 0x2b, 0x1e,
-    0x83, 0xe4, 0xa8, 0x23, 0x35, 0x3f, 0xc6, 0xea,
-};
-static const unsigned char kat720_prt_addin1[] = {
-    0xce, 0xd3, 0x1f, 0x7e, 0x0d, 0xae, 0x5b, 0xb5, 0xc0, 0x43, 0xe2, 0x46,
-    0xb2, 0x94, 0x73, 0xe2, 0xfd, 0x39, 0x51, 0x2e, 0xad, 0x45, 0x69, 0xee,
-    0xe3, 0xe3, 0x80, 0x33, 0x14, 0xab, 0xa7, 0xa3,
-};
-static const unsigned char kat720_prt_retbytes[] = {
-    0x60, 0xc2, 0x34, 0xcf, 0xaf, 0xb4, 0x68, 0x03, 0x3b, 0xf1, 0x95, 0xe5,
-    0x78, 0xce, 0x26, 0x6e, 0x14, 0x65, 0x32, 0x6a, 0x96, 0xa9, 0xe0, 0x3f,
-    0x8b, 0x89, 0x36, 0x70, 0xef, 0x62, 0x75, 0x4d, 0x5e, 0x80, 0xd5, 0x53,
-    0xa1, 0xf8, 0x49, 0x50, 0x20, 0x8b, 0x93, 0x43, 0x07, 0x9f, 0x2e, 0xf8,
-    0x56, 0xe9, 0xc5, 0x70, 0x61, 0x85, 0x97, 0xb5, 0xdc, 0x82, 0xa2, 0xda,
-    0xea, 0xa3, 0xfd, 0x9b, 0x2f, 0xd2, 0xa0, 0xd7, 0x1b, 0xc6, 0x29, 0x35,
-    0xcc, 0xb8, 0x3d, 0xa0, 0x67, 0x98, 0x05, 0xa0, 0xe3, 0x1e, 0xfe, 0xe4,
-    0xf0, 0xe5, 0x13, 0xb0, 0x83, 0x17, 0xfa, 0xca, 0x93, 0x5e, 0x38, 0x29,
-    0x48, 0xd2, 0x72, 0xdb, 0x76, 0x3e, 0x6d, 0xf3, 0x25, 0x10, 0xff, 0x1b,
-    0x99, 0xff, 0xf8, 0xc6, 0x0e, 0xb0, 0xdd, 0x29, 0x2e, 0xbc, 0xbb, 0xc8,
-    0x0a, 0x01, 0x6e, 0xd3, 0xb0, 0x0e, 0x4e, 0xab,
-};
-static const struct drbg_kat_pr_true kat720_prt_t = {
-    14, kat720_prt_entropyin, kat720_prt_nonce, kat720_prt_persstr,
-    kat720_prt_entropyinpr0, kat720_prt_addin0, kat720_prt_entropyinpr1,
-    kat720_prt_addin1, kat720_prt_retbytes
-};
-static const struct drbg_kat kat720_prt = {
-    PR_TRUE, NA, NID_sha256, 32, 16, 32, 32, 128, &kat720_prt_t
-};
-
-
-static const unsigned char kat960_prt_entropyin[] = {
-    0x37, 0xea, 0x89, 0xa5, 0xe1, 0x21, 0xd1, 0x26, 0x4b, 0xf5, 0xce, 0x89,
-    0x23, 0x3b, 0x09, 0x02, 0x0d, 0xda, 0xeb, 0xf9, 0xb2, 0x7e, 0xc3, 0xec,
-    0x8a, 0xfd, 0xd9, 0x72, 0x14, 0x9a, 0x48, 0x72,
-};
-static const unsigned char kat960_prt_nonce[] = {
-    0x17, 0x22, 0x32, 0x8f, 0xa7, 0xe1, 0x34, 0x56, 0x5d, 0xdf, 0x01, 0x45,
-    0x02, 0x3d, 0x6a, 0xaa,
-};
-static const unsigned char kat960_prt_persstr[] = {
-    0xe2, 0x19, 0x12, 0xd5, 0x2c, 0xfb, 0x63, 0x14, 0x2b, 0xaa, 0xf0, 0x04,
-    0x6a, 0x7f, 0x85, 0xf1, 0x9e, 0x61, 0xfa, 0xd7, 0x9d, 0x65, 0x16, 0xcd,
-    0xcc, 0xf6, 0xb0, 0x59, 0x9c, 0x9b, 0xf4, 0x9f,
-};
-static const unsigned char kat960_prt_entropyinpr0[] = {
-    0x91, 0xe3, 0x42, 0xca, 0x93, 0x54, 0x42, 0x6c, 0x25, 0xe8, 0xe6, 0x56,
-    0x2d, 0xfd, 0x3c, 0xbf, 0x52, 0xa9, 0xc4, 0x02, 0x8c, 0xa6, 0x1a, 0xae,
-    0x26, 0x3f, 0x1d, 0x09, 0x15, 0xe9, 0x16, 0xfa,
-};
-static const unsigned char kat960_prt_entropyinpr1[] = {
-    0x42, 0x85, 0x0d, 0x17, 0x28, 0xf7, 0x14, 0xd9, 0x44, 0xbc, 0x67, 0x85,
-    0x0f, 0xa6, 0xdb, 0x4a, 0x7c, 0xc2, 0xe0, 0xf7, 0x3f, 0x5c, 0xa0, 0x44,
-    0xd6, 0x34, 0xd7, 0xc7, 0x15, 0x73, 0x71, 0xd2,
-};
-static const unsigned char kat960_prt_addin0[] = {
-    0x0d, 0xc5, 0x4c, 0xe0, 0x8f, 0xf3, 0x47, 0x11, 0xab, 0x0b, 0x78, 0xfb,
-    0x70, 0xcd, 0xb4, 0x11, 0x8a, 0x4f, 0x3f, 0x58, 0xa8, 0xf7, 0xdd, 0x83,
-    0xdc, 0x4f, 0xc7, 0x74, 0x4e, 0xe1, 0x81, 0xb6,
-};
-static const unsigned char kat960_prt_addin1[] = {
-    0xaf, 0xc8, 0xc5, 0x30, 0xd9, 0x10, 0xa2, 0x25, 0x73, 0xe0, 0xee, 0xc2,
-    0xc1, 0xa6, 0x75, 0x9a, 0x94, 0xac, 0x38, 0xd0, 0x7b, 0x52, 0xd4, 0x69,
-    0x38, 0xb5, 0x9c, 0xb2, 0x40, 0xeb, 0xb0, 0x03,
-};
-static const unsigned char kat960_prt_retbytes[] = {
-    0x1f, 0x8c, 0x8a, 0xd0, 0xa0, 0xad, 0x62, 0x55, 0x1d, 0xca, 0x84, 0x75,
-    0x31, 0xf0, 0x9b, 0x86, 0x5d, 0xbe, 0x97, 0xb2, 0x7a, 0xe1, 0x5d, 0x94,
-    0xef, 0x1c, 0xc6, 0xa9, 0x28, 0x07, 0x76, 0x66, 0x20, 0x4c, 0x1e, 0x90,
-    0x0a, 0x46, 0x88, 0xe9, 0xb3, 0x13, 0x96, 0x93, 0x18, 0x5b, 0xa6, 0xf8,
-    0x63, 0x66, 0x5d, 0x80, 0x74, 0x1f, 0xa6, 0x25, 0x14, 0x40, 0x96, 0x3b,
-    0x89, 0xcc, 0x35, 0x47, 0xb3, 0x78, 0x1c, 0x71, 0xa5, 0xec, 0xcf, 0x48,
-    0x60, 0xc2, 0x89, 0x88, 0x2c, 0x42, 0xd2, 0x23, 0xdd, 0xa3, 0xb8, 0xc3,
-    0x0d, 0x63, 0x88, 0xf8, 0xd2, 0xab, 0x9e, 0x19, 0x47, 0xe0, 0x33, 0x0d,
-    0xe4, 0x28, 0xce, 0xdd, 0x06, 0xde, 0x65, 0x06, 0xaa, 0xd1, 0x97, 0xa1,
-    0x07, 0x00, 0xc6, 0xeb, 0x4d, 0x34, 0x18, 0x5a, 0x27, 0x75, 0x1c, 0x83,
-    0xb4, 0x64, 0x79, 0xc6, 0x5b, 0x4f, 0x34, 0xe7, 0xf0, 0x90, 0x78, 0x97,
-    0xc0, 0xad, 0xcf, 0xe0, 0xaf, 0xd6, 0x7c, 0x89, 0x4a, 0xa1, 0x49, 0x1a,
-    0xe4, 0xda, 0x29, 0xac, 0x1d, 0x47, 0xe9, 0x46, 0x08, 0x94, 0x4a, 0x67,
-    0xc1, 0xa4, 0xe4, 0x75, 0x4e, 0xa1, 0x69, 0x2b, 0x79, 0xd6, 0x78, 0x70,
-    0xef, 0x78, 0xb6, 0xda, 0xae, 0xe4, 0xcd, 0x46, 0x00, 0xbd, 0x1e, 0xea,
-    0xc1, 0xd6, 0x7f, 0x81, 0xee, 0xd7, 0x3e, 0x8a, 0x54, 0x8c, 0x20, 0x67,
-};
-static const struct drbg_kat_pr_true kat960_prt_t = {
-    14, kat960_prt_entropyin, kat960_prt_nonce, kat960_prt_persstr,
-    kat960_prt_entropyinpr0, kat960_prt_addin0, kat960_prt_entropyinpr1,
-    kat960_prt_addin1, kat960_prt_retbytes
-};
-static const struct drbg_kat kat960_prt = {
-    PR_TRUE, NA, NID_sha384, 32, 16, 32, 32, 192, &kat960_prt_t
-};
-
-static const unsigned char kat1200_prt_entropyin[] = {
-    0x19, 0xff, 0x49, 0x7e, 0x90, 0x6d, 0x08, 0x11, 0xa0, 0xb7, 0xf7, 0x75,
-    0x86, 0x18, 0xaf, 0xab, 0x44, 0xfc, 0xe8, 0xed, 0x35, 0x38, 0xab, 0xfd,
-    0x10, 0x1c, 0x58, 0x6a, 0x9c, 0xea, 0xf6, 0x2d,
-};
-static const unsigned char kat1200_prt_nonce[] = {
-    0x49, 0x80, 0xcb, 0x99, 0x83, 0x87, 0x0a, 0x35, 0xd8, 0x00, 0xff, 0xf9,
-    0x32, 0x78, 0x40, 0xc5,
-};
-static const unsigned char kat1200_prt_persstr[] = {
-    0x2e, 0x34, 0xbe, 0xa4, 0xc1, 0x28, 0x43, 0x4a, 0xa2, 0x85, 0x9c, 0xc3,
-    0x39, 0x13, 0x71, 0x6b, 0xc8, 0x05, 0xa1, 0x83, 0xbb, 0x17, 0x62, 0xfc,
-    0x3a, 0xb5, 0x44, 0x89, 0xd9, 0xbd, 0x1c, 0x56,
-};
-static const unsigned char kat1200_prt_entropyinpr0[] = {
-    0xbe, 0x45, 0xca, 0x98, 0x78, 0x24, 0x7b, 0x00, 0x8e, 0x5d, 0xe8, 0xc5,
-    0x88, 0xb6, 0xcb, 0x84, 0x04, 0x8c, 0x0d, 0x90, 0x35, 0x7d, 0xbd, 0xfc,
-    0x98, 0xe9, 0xe2, 0x87, 0x91, 0x2f, 0xdb, 0x33,
-};
-static const unsigned char kat1200_prt_entropyinpr1[] = {
-    0xb8, 0x71, 0x61, 0x1f, 0x8f, 0xcb, 0x8c, 0x86, 0x0a, 0x72, 0xc4, 0xfd,
-    0x40, 0x6d, 0x49, 0x39, 0x33, 0x5a, 0x03, 0x1e, 0x0d, 0xe9, 0xf2, 0xd4,
-    0x36, 0xd4, 0x73, 0x6b, 0x6b, 0x06, 0x0c, 0x2d,
-};
-static const unsigned char kat1200_prt_addin0[] = {
-    0x47, 0xdd, 0x5c, 0x72, 0xea, 0x44, 0xdb, 0xf1, 0xd2, 0x35, 0x04, 0x0b,
-    0x18, 0xa8, 0x21, 0xc2, 0x0f, 0xb4, 0x0b, 0x88, 0xc0, 0x39, 0x1a, 0x5c,
-    0x16, 0x3f, 0x9c, 0x90, 0x2f, 0x6c, 0x6e, 0xb7,
-};
-static const unsigned char kat1200_prt_addin1[] = {
-    0xcf, 0x20, 0x40, 0xe9, 0x04, 0x6a, 0x69, 0xdd, 0x96, 0x38, 0xde, 0x94,
-    0x1f, 0x00, 0x90, 0xb7, 0x53, 0x5c, 0x51, 0xcf, 0xa9, 0xf1, 0xc7, 0xbb,
-    0x2a, 0x56, 0xa3, 0x32, 0x32, 0x69, 0x43, 0xd3,
-};
-static const unsigned char kat1200_prt_retbytes[] = {
-    0x2d, 0x99, 0x0f, 0x0d, 0xe4, 0x3d, 0x3a, 0x4b, 0x29, 0x30, 0x54, 0x2c,
-    0x27, 0xad, 0x27, 0x45, 0x8e, 0x88, 0x65, 0xca, 0x6b, 0x8f, 0x27, 0xfd,
-    0x7a, 0x96, 0x9c, 0xf4, 0xe2, 0xa0, 0x32, 0x3e, 0x38, 0xfe, 0x6f, 0x50,
-    0x5a, 0x2d, 0xba, 0x48, 0x8e, 0xa6, 0xb0, 0x43, 0x65, 0x20, 0x9c, 0x6d,
-    0xb7, 0x86, 0xcb, 0xbf, 0x0a, 0x7c, 0x73, 0xb4, 0xfd, 0x56, 0xd2, 0x49,
-    0x87, 0x71, 0x9d, 0xb0, 0xfd, 0xba, 0x1a, 0x3f, 0x07, 0x14, 0x95, 0x21,
-    0xdc, 0xf5, 0xb7, 0x75, 0x9c, 0x61, 0x0d, 0xa2, 0x2d, 0x15, 0x10, 0x57,
-    0xac, 0xef, 0xe7, 0x0d, 0xf1, 0xcc, 0xae, 0xb6, 0x7a, 0x97, 0x51, 0x59,
-    0xb8, 0x99, 0x6a, 0xca, 0x93, 0xd7, 0xa4, 0x80, 0x96, 0x92, 0x6d, 0xb4,
-    0x38, 0x1b, 0xbc, 0xe4, 0x81, 0x27, 0x7d, 0x7a, 0xb2, 0x7c, 0xbc, 0x03,
-    0x88, 0xf0, 0xb7, 0xce, 0xdb, 0xbf, 0xb8, 0x42, 0x1c, 0xb1, 0xdc, 0x5f,
-    0x2a, 0x9c, 0x67, 0x7f, 0x62, 0xac, 0xf9, 0x6a, 0xb2, 0x5e, 0x7e, 0x40,
-    0x6c, 0xe8, 0x2f, 0x5b, 0x96, 0xbc, 0xb4, 0x71, 0xaf, 0xbd, 0xf4, 0xb3,
-    0xf5, 0xa6, 0xfb, 0xcb, 0x8d, 0xa4, 0x5d, 0x22, 0x58, 0xe3, 0x50, 0xe7,
-    0x7d, 0x46, 0x33, 0xb0, 0xc1, 0xda, 0x69, 0x16, 0x62, 0xdd, 0x86, 0x99,
-    0x09, 0xdc, 0xfd, 0x7c, 0x8e, 0xd0, 0xf5, 0x4b, 0xa7, 0xaf, 0x0f, 0x9c,
-    0x03, 0x8e, 0xb3, 0x2d, 0x32, 0xb7, 0x05, 0xe5, 0x1b, 0x35, 0xbb, 0x3c,
-    0x2e, 0xef, 0xf0, 0x10, 0xbb, 0x47, 0xee, 0x32, 0x6c, 0x23, 0x18, 0xb5,
-    0xbc, 0xda, 0x96, 0x3c, 0x2d, 0xad, 0x41, 0x9c, 0x59, 0x23, 0xe3, 0x68,
-    0xd9, 0xb2, 0x8f, 0x25, 0xb0, 0x48, 0xa8, 0x7b, 0xdb, 0xa0, 0xa9, 0x0d,
-    0x98, 0xc2, 0x4c, 0x81, 0xb6, 0xdb, 0xde, 0x0f, 0x58, 0x05, 0x4a, 0x41,
-    0xa8, 0x29, 0x3a, 0x65,
-};
-static const struct drbg_kat_pr_true kat1200_prt_t = {
-    14, kat1200_prt_entropyin, kat1200_prt_nonce, kat1200_prt_persstr,
-    kat1200_prt_entropyinpr0, kat1200_prt_addin0, kat1200_prt_entropyinpr1,
-    kat1200_prt_addin1, kat1200_prt_retbytes
-};
-static const struct drbg_kat kat1200_prt = {
-    PR_TRUE, NA, NID_sha512, 32, 16, 32, 32, 256, &kat1200_prt_t
-};
-
-static const unsigned char kat1440_prt_entropyin[] = {
-    0xb7, 0xb8, 0x4c, 0x20, 0x4a, 0x15, 0x2f, 0x6a, 0x01, 0x4d, 0x10, 0xd8,
-    0x1e, 0x70, 0x86, 0x9a, 0xd2, 0xeb, 0x4f, 0x7a, 0x7e, 0x7e, 0xdc, 0x18,
-};
-static const unsigned char kat1440_prt_nonce[] = {
-    0x6b, 0x44, 0xc0, 0x33, 0xfb, 0x82, 0xd3, 0x60, 0x59, 0x8d, 0xee, 0x68,
-};
-static const unsigned char kat1440_prt_persstr[] = {
-    0x75, 0x32, 0xcb, 0x6b, 0xfb, 0xbf, 0xbe, 0xbd, 0x4d, 0x4c, 0x7a, 0xf9,
-    0xad, 0x89, 0x0a, 0x50, 0xcb, 0xe8, 0x20, 0x2c, 0x38, 0x80, 0xf8, 0x9c,
-};
-static const unsigned char kat1440_prt_entropyinpr0[] = {
-    0xc0, 0x77, 0xb4, 0xc2, 0xce, 0xff, 0xa7, 0x88, 0x7a, 0xf9, 0x09, 0xa6,
-    0xf1, 0xea, 0x46, 0xed, 0xc7, 0x3e, 0x02, 0x05, 0xdf, 0x68, 0x53, 0x7c,
-};
-static const unsigned char kat1440_prt_entropyinpr1[] = {
-    0xaa, 0x9b, 0x3d, 0xba, 0x73, 0x76, 0xb0, 0xa2, 0x1d, 0x34, 0xee, 0x6a,
-    0xc8, 0x93, 0x9a, 0x62, 0x5d, 0xbf, 0xec, 0x17, 0x2a, 0x10, 0x8c, 0x4c,
-};
-static const unsigned char kat1440_prt_addin0[] = {
-    0x5f, 0xc8, 0x2b, 0x7c, 0x36, 0x8e, 0x0e, 0xe3, 0x45, 0xb6, 0x03, 0xc3,
-    0x6a, 0xb1, 0xbb, 0x86, 0x3a, 0xd1, 0x44, 0x6e, 0x61, 0xfe, 0x6a, 0xf2,
-};
-static const unsigned char kat1440_prt_addin1[] = {
-    0xa0, 0x0a, 0xa1, 0x2c, 0x4a, 0x26, 0x03, 0x0b, 0x79, 0x89, 0x7e, 0x04,
-    0xd0, 0x17, 0x1b, 0xbc, 0xe1, 0xcd, 0x72, 0x57, 0xe0, 0xcc, 0xe3, 0x79,
-};
-static const unsigned char kat1440_prt_retbytes[] = {
-    0x54, 0xfb, 0x77, 0x8f, 0xcf, 0xc5, 0x54, 0x9e, 0x19, 0x02, 0x71, 0xdc,
-    0x12, 0x38, 0x9f, 0x42, 0xea, 0x81, 0x28, 0xdf, 0x55, 0xe6, 0x19, 0x3e,
-    0x03, 0x07, 0x38, 0x88, 0xb4, 0xbe, 0x31, 0xe2, 0xd7, 0xa7, 0x88, 0x45,
-    0xc4, 0x73, 0x62, 0xc4, 0xe9, 0x6b, 0x41, 0xfc, 0xe5, 0x03, 0xfb, 0x97,
-    0x0f, 0x91, 0x76, 0xbd, 0xb9, 0xb5, 0xd6, 0x64, 0xc3, 0x86, 0x89, 0x8a,
-    0x0e, 0x44, 0xff, 0xe1, 0x2f, 0x94, 0x80, 0x69, 0x9b, 0x7d, 0x56, 0x6d,
-    0x69, 0x7a, 0x4f, 0x52, 0x02, 0x68, 0xf6, 0x2e, 0x46, 0x03, 0x59, 0xa3,
-    0x9d, 0x09, 0x1f, 0x4c, 0x37, 0x2a, 0xd3, 0x3e, 0xf0, 0xee, 0xf5, 0x86,
-    0x22, 0xf4, 0x88, 0xc9, 0x34, 0x8a, 0xb5, 0xfd, 0x69, 0x3d, 0x4e, 0xde,
-    0xce, 0x79, 0x4b, 0x12,
-};
-static const struct drbg_kat_pr_true kat1440_prt_t = {
-    14, kat1440_prt_entropyin, kat1440_prt_nonce, kat1440_prt_persstr,
-    kat1440_prt_entropyinpr0, kat1440_prt_addin0, kat1440_prt_entropyinpr1,
-    kat1440_prt_addin1, kat1440_prt_retbytes
-};
-static const struct drbg_kat kat1440_prt = {
-    PR_TRUE, NA, NID_sha512_224, 24, 12, 24, 24, 112, &kat1440_prt_t
-};
-
-static const unsigned char kat1680_prt_entropyin[] = {
-    0x29, 0xe3, 0xfa, 0xcd, 0x8f, 0x0d, 0xb5, 0x25, 0xdd, 0x97, 0x17, 0x9f,
-    0xba, 0x20, 0x04, 0x78, 0x2c, 0xc7, 0x45, 0xc8, 0xdc, 0xc8, 0x60, 0xc3,
-    0x45, 0x8d, 0x7b, 0xf7, 0x70, 0xe1, 0x80, 0x28,
-};
-static const unsigned char kat1680_prt_nonce[] = {
-    0xa9, 0x6e, 0x20, 0x37, 0x82, 0xea, 0x56, 0xf0, 0xb9, 0xdb, 0x55, 0x88,
-    0xb3, 0xea, 0x70, 0x2b,
-};
-static const unsigned char kat1680_prt_persstr[] = {
-    0xe6, 0xb5, 0xc4, 0x0e, 0x32, 0x0a, 0x97, 0x07, 0x18, 0x5a, 0x05, 0xee,
-    0x91, 0xae, 0x73, 0x85, 0xe7, 0xca, 0x2e, 0x81, 0xf7, 0xbf, 0x65, 0xee,
-    0xd6, 0xf9, 0x31, 0x3a, 0x95, 0x9e, 0x5d, 0xd7,
-};
-static const unsigned char kat1680_prt_entropyinpr0[] = {
-    0xff, 0x68, 0xae, 0x1f, 0xfa, 0xac, 0xe1, 0xf0, 0xe8, 0x29, 0x98, 0x31,
-    0x84, 0x6e, 0x1e, 0x83, 0x79, 0xf9, 0xf9, 0x69, 0x6a, 0xa3, 0x2c, 0x76,
-    0x2c, 0x56, 0xaa, 0xd2, 0xdb, 0x58, 0x60, 0x25,
-};
-static const unsigned char kat1680_prt_entropyinpr1[] = {
-    0xf6, 0xf2, 0x29, 0x6c, 0x12, 0x20, 0xee, 0xc3, 0xb6, 0x81, 0xff, 0xe7,
-    0xdb, 0x9b, 0xf8, 0x83, 0xbf, 0x2a, 0x87, 0x13, 0x23, 0x87, 0x05, 0xb9,
-    0x48, 0x14, 0x7f, 0xd7, 0xfc, 0x5e, 0x52, 0x06,
-};
-static const unsigned char kat1680_prt_addin0[] = {
-    0xe7, 0x8d, 0xcf, 0x5e, 0x29, 0xa8, 0x39, 0x3e, 0x83, 0xe8, 0x6d, 0xae,
-    0xf0, 0x1d, 0x2a, 0xd7, 0x4b, 0x22, 0xee, 0xe0, 0x93, 0xd9, 0x46, 0x8b,
-    0xfa, 0xa0, 0xe8, 0xa1, 0xb8, 0x36, 0x44, 0x95,
-};
-static const unsigned char kat1680_prt_addin1[] = {
-    0x9d, 0x06, 0x7e, 0x72, 0xf6, 0x31, 0x0a, 0x0c, 0xb7, 0xe9, 0xeb, 0x2e,
-    0xf7, 0xb0, 0x2e, 0x1b, 0x8b, 0x9b, 0xf8, 0x0c, 0x51, 0xa7, 0x93, 0x3a,
-    0x5a, 0xa6, 0x9f, 0x13, 0x52, 0x9f, 0xf8, 0x49,
-};
-static const unsigned char kat1680_prt_retbytes[] = {
-    0x6a, 0xf6, 0x89, 0xce, 0xc6, 0x2a, 0x63, 0x34, 0x92, 0xf6, 0xe2, 0x4b,
-    0x75, 0x4d, 0x38, 0xdd, 0x6a, 0xb0, 0xb5, 0x56, 0xe9, 0x18, 0x02, 0xd7,
-    0x2f, 0x14, 0xdc, 0x8c, 0x0e, 0x9f, 0xf5, 0x0d, 0xf7, 0x28, 0xb4, 0xe7,
-    0x99, 0xa0, 0x36, 0xc3, 0xc4, 0x86, 0x30, 0xbe, 0x11, 0x6c, 0x8d, 0x6f,
-    0x19, 0x1f, 0x30, 0x82, 0x1b, 0x4b, 0x8c, 0x74, 0xd7, 0x16, 0xe8, 0xa8,
-    0x24, 0xd6, 0xc4, 0x1b, 0x81, 0xcc, 0xc2, 0x0c, 0xd0, 0x21, 0x57, 0x12,
-    0xaa, 0xab, 0x7e, 0x1b, 0x92, 0x66, 0xc1, 0x41, 0xac, 0x66, 0xa5, 0xbb,
-    0xb2, 0xe5, 0x00, 0x45, 0x5a, 0xbc, 0xbe, 0xa3, 0x91, 0x8f, 0x9f, 0xcb,
-    0x4c, 0x22, 0x0b, 0xb5, 0xa9, 0xbf, 0x78, 0x15, 0xcb, 0xd2, 0x43, 0x5b,
-    0x67, 0xcc, 0xf6, 0x3f, 0x89, 0x89, 0xcb, 0xc8, 0x63, 0x6e, 0xe8, 0x14,
-    0x09, 0xdb, 0xc2, 0x3a, 0xf9, 0x1f, 0x16, 0xd2,
-};
-static const struct drbg_kat_pr_true kat1680_prt_t = {
-    14, kat1680_prt_entropyin, kat1680_prt_nonce, kat1680_prt_persstr,
-    kat1680_prt_entropyinpr0, kat1680_prt_addin0, kat1680_prt_entropyinpr1,
-    kat1680_prt_addin1, kat1680_prt_retbytes
-};
-static const struct drbg_kat kat1680_prt = {
-    PR_TRUE, NA, NID_sha512_256, 32, 16, 32, 32, 128, &kat1680_prt_t
-};
-
-
-/* -------------------------------------------------------------------------- */
-
-static const unsigned char kat1_prf_entropyin[] = {
-    0x16, 0x10, 0xb8, 0x28, 0xcc, 0xd2, 0x7d, 0xe0, 0x8c, 0xee, 0xa0, 0x32,
-    0xa2, 0x0e, 0x92, 0x08,
-};
-static const unsigned char kat1_prf_nonce[] = {
-    0x49, 0x2c, 0xf1, 0x70, 0x92, 0x42, 0xf6, 0xb5,
-};
-static const unsigned char kat1_prf_persstr[] = {0};
-static const unsigned char kat1_prf_entropyin_reseed[] = {
-    0x72, 0xd2, 0x8c, 0x90, 0x8e, 0xda, 0xf9, 0xa4, 0xd1, 0xe5, 0x26, 0xd8,
-    0xf2, 0xde, 0xd5, 0x44,
-};
-static const unsigned char kat1_prf_addin_reseed[] = {0};
-static const unsigned char kat1_prf_addin0[] = {0};
-static const unsigned char kat1_prf_addin1[] = {0};
-static const unsigned char kat1_prf_retbytes[] = {
-    0x56, 0xf3, 0x3d, 0x4f, 0xdb, 0xb9, 0xa5, 0xb6, 0x4d, 0x26, 0x23, 0x44,
-    0x97, 0xe9, 0xdc, 0xb8, 0x77, 0x98, 0xc6, 0x8d, 0x08, 0xf7, 0xc4, 0x11,
-    0x99, 0xd4, 0xbd, 0xdf, 0x97, 0xeb, 0xbf, 0x6c, 0xb5, 0x55, 0x0e, 0x5d,
-    0x14, 0x9f, 0xf4, 0xd5, 0xbd, 0x0f, 0x05, 0xf2, 0x5a, 0x69, 0x88, 0xc1,
-    0x74, 0x36, 0x39, 0x62, 0x27, 0x18, 0x4a, 0xf8, 0x4a, 0x56, 0x43, 0x35,
-    0x65, 0x8e, 0x2f, 0x85, 0x72, 0xbe, 0xa3, 0x33, 0xee, 0xe2, 0xab, 0xff,
-    0x22, 0xff, 0xa6, 0xde, 0x3e, 0x22, 0xac, 0xa2,
-};
-static const struct drbg_kat_pr_false kat1_prf_t = {
-    0, kat1_prf_entropyin, kat1_prf_nonce, kat1_prf_persstr,
-    kat1_prf_entropyin_reseed, kat1_prf_addin_reseed,
-    kat1_prf_addin0, kat1_prf_addin1, kat1_prf_retbytes
-};
-static const struct drbg_kat kat1_prf = {
-    PR_FALSE, NA, NID_sha1, 16, 8, 0, 0, 80, &kat1_prf_t
-};
-
-static const unsigned char kat1680_prf_entropyin[] = {
-    0x5c, 0x15, 0x82, 0xc1, 0x31, 0x34, 0xbd, 0x98, 0x4b, 0xa6, 0xc2, 0x7d,
-    0x32, 0xbd, 0xf3, 0xfa, 0x18, 0x47, 0xc6, 0xf9, 0xc3, 0x7f, 0x9a, 0x5c,
-    0xb3, 0x15, 0xca, 0xba, 0xc9, 0xc8, 0xf2, 0xa6,
-};
-static const unsigned char kat1680_prf_nonce[] = {
-    0x5e, 0x3e, 0xba, 0xe1, 0xc1, 0xb1, 0x15, 0x07, 0xe0, 0xce, 0x8c, 0xe6,
-    0x80, 0x65, 0x75, 0x18,
-};
-static const unsigned char kat1680_prf_persstr[] = {
-    0x26, 0x1f, 0x0f, 0xa2, 0xfc, 0x41, 0xd2, 0x03, 0x63, 0xb0, 0x97, 0x5c,
-    0x58, 0xbd, 0x79, 0x54, 0x8c, 0x13, 0x3a, 0x66, 0xe8, 0xed, 0xd7, 0xc4,
-    0x40, 0xb7, 0xf6, 0x9d, 0x37, 0xb0, 0x32, 0x32,
-};
-static const unsigned char kat1680_prf_entropyin_reseed[] = {
-    0xda, 0x39, 0x0d, 0xbb, 0x19, 0x77, 0xa8, 0x98, 0x30, 0xcf, 0xd0, 0x28,
-    0x27, 0xec, 0xf2, 0x49, 0xaf, 0x17, 0xba, 0xf6, 0x81, 0x29, 0x61, 0xf7,
-    0x15, 0x79, 0xb0, 0xbb, 0x07, 0x79, 0x53, 0x7c,
-};
-static const unsigned char kat1680_prf_addin_reseed[] = {
-    0xf3, 0xe9, 0x21, 0x0b, 0x23, 0x57, 0x96, 0x85, 0x8e, 0x81, 0x88, 0x20,
-    0x2c, 0x66, 0xe7, 0xe0, 0x15, 0xc6, 0x97, 0x6d, 0x4f, 0x68, 0x72, 0xb0,
-    0xc5, 0x6b, 0x80, 0xf3, 0x4b, 0x1e, 0xc4, 0x4a,
-};
-static const unsigned char kat1680_prf_addin0[] = {
-    0x9a, 0xb2, 0x99, 0x96, 0x3b, 0xc9, 0x6b, 0x27, 0xd5, 0xe8, 0x06, 0xf1,
-    0x05, 0xb9, 0x30, 0xf4, 0x9d, 0x4a, 0x27, 0x0e, 0xc9, 0xb9, 0x8d, 0x13,
-    0xff, 0x43, 0x8e, 0xa9, 0xc5, 0x8f, 0x5b, 0x3d,
-};
-static const unsigned char kat1680_prf_addin1[] = {
-    0x9e, 0x08, 0xae, 0xcc, 0xed, 0xd8, 0xae, 0x05, 0xea, 0xfb, 0xbf, 0xaf,
-    0xd8, 0x79, 0x0a, 0x3e, 0x39, 0x81, 0xd8, 0x5c, 0x74, 0x3f, 0x5e, 0x6d,
-    0xa1, 0x8a, 0xc4, 0xf0, 0x41, 0xb9, 0xe6, 0x27,
-};
-static const unsigned char kat1680_prf_retbytes[] = {
-    0x51, 0x8c, 0xa2, 0x7a, 0xfa, 0xb1, 0xb5, 0x8f, 0xfa, 0x9e, 0x9d, 0x04,
-    0xdd, 0x7b, 0xb7, 0xbf, 0xc4, 0x11, 0x9a, 0x29, 0x9e, 0x08, 0x72, 0x7d,
-    0x8c, 0xf8, 0x99, 0x9d, 0xc4, 0x40, 0x04, 0x0f, 0x62, 0x14, 0x24, 0x6c,
-    0x56, 0xbe, 0xfb, 0x2f, 0xbb, 0xc4, 0x78, 0x4c, 0x96, 0x79, 0x94, 0x59,
-    0xcf, 0xac, 0x77, 0x88, 0x3a, 0x7b, 0x1f, 0xb2, 0x7b, 0xb8, 0xd9, 0xc9,
-    0x09, 0xc7, 0xe6, 0x2f, 0x01, 0x1c, 0xbb, 0x5c, 0x53, 0x32, 0xd7, 0x80,
-    0xfc, 0xc5, 0x00, 0x59, 0x3c, 0x2a, 0x70, 0x67, 0x41, 0x1f, 0x24, 0x67,
-    0x72, 0xd8, 0x22, 0xb4, 0xd6, 0xda, 0xc3, 0x93, 0xc6, 0xb4, 0x82, 0x0b,
-    0xcb, 0x6c, 0xdc, 0x26, 0x59, 0xbe, 0x54, 0x34, 0xcf, 0xfb, 0xd5, 0x35,
-    0xd5, 0x13, 0x05, 0x75, 0x70, 0x7b, 0x94, 0x35, 0x8d, 0x15, 0xb0, 0x88,
-    0xbc, 0x46, 0x37, 0xa8, 0x3a, 0x97, 0xf7, 0x8f,
-};
-static const struct drbg_kat_pr_false kat1680_prf_t = {
-    14, kat1680_prf_entropyin, kat1680_prf_nonce, kat1680_prf_persstr,
-    kat1680_prf_entropyin_reseed, kat1680_prf_addin_reseed,
-    kat1680_prf_addin0, kat1680_prf_addin1, kat1680_prf_retbytes
-};
-static const struct drbg_kat kat1680_prf = {
-    PR_FALSE, NA, NID_sha512_256, 32, 16, 32, 32, 128, &kat1680_prf_t
-};
-
-/* -------------------------------------------------------------------------- */
-
-const struct drbg_kat *drbg_hash_test[] = {
-    &kat1_nor, &kat2_nor, &kat3_nor, &kat4_nor, &kat5_nor,
-    &kat6_nor, &kat7_nor, &kat8_nor, &kat9_nor, &kat10_nor,
-    &kat11_nor, &kat12_nor, &kat13_nor, &kat14_nor, &kat15_nor,
-    &kat16_nor, &kat17_nor, &kat18_nor, &kat19_nor, &kat20_nor,
-    &kat21_nor, &kat22_nor, &kat23_nor, &kat24_nor, &kat25_nor,
-    &kat26_nor, &kat27_nor, &kat28_nor, &kat29_nor, &kat30_nor,
-    &kat31_nor, &kat32_nor, &kat33_nor, &kat34_nor, &kat35_nor,
-    &kat36_nor, &kat37_nor, &kat38_nor, &kat39_nor, &kat40_nor,
-    &kat41_nor, &kat42_nor, &kat43_nor, &kat44_nor, &kat45_nor,
-    &kat46_nor, &kat47_nor, &kat48_nor, &kat49_nor, &kat50_nor,
-    &kat51_nor, &kat52_nor, &kat53_nor, &kat54_nor, &kat55_nor,
-    &kat56_nor, &kat57_nor, &kat58_nor, &kat59_nor, &kat60_nor,
-    &kat61_nor, &kat62_nor, &kat63_nor, &kat64_nor, &kat65_nor,
-    &kat66_nor, &kat67_nor, &kat68_nor, &kat69_nor, &kat70_nor,
-    &kat71_nor, &kat72_nor, &kat73_nor, &kat74_nor, &kat75_nor,
-    &kat76_nor, &kat77_nor, &kat78_nor, &kat79_nor, &kat80_nor,
-    &kat81_nor, &kat82_nor, &kat83_nor, &kat84_nor, &kat85_nor,
-    &kat86_nor, &kat87_nor, &kat88_nor, &kat89_nor, &kat90_nor,
-    &kat91_nor, &kat92_nor, &kat93_nor, &kat94_nor, &kat95_nor,
-    &kat96_nor, &kat97_nor, &kat98_nor, &kat99_nor, &kat100_nor,
-    &kat101_nor, &kat102_nor, &kat103_nor, &kat104_nor, &kat105_nor,
-    &kat106_nor, &kat107_nor, &kat108_nor, &kat109_nor, &kat110_nor,
-    &kat111_nor, &kat112_nor, &kat113_nor, &kat114_nor, &kat115_nor,
-    &kat116_nor, &kat117_nor, &kat118_nor, &kat119_nor, &kat120_nor,
-    &kat121_nor, &kat122_nor, &kat123_nor, &kat124_nor, &kat125_nor,
-    &kat126_nor, &kat127_nor, &kat128_nor, &kat129_nor, &kat130_nor,
-    &kat131_nor, &kat132_nor, &kat133_nor, &kat134_nor, &kat135_nor,
-    &kat136_nor, &kat137_nor, &kat138_nor, &kat139_nor, &kat140_nor,
-    &kat141_nor, &kat142_nor, &kat143_nor, &kat144_nor, &kat145_nor,
-    &kat146_nor, &kat147_nor, &kat148_nor, &kat149_nor, &kat150_nor,
-    &kat151_nor, &kat152_nor, &kat153_nor, &kat154_nor, &kat155_nor,
-    &kat156_nor, &kat157_nor, &kat158_nor, &kat159_nor, &kat160_nor,
-    &kat161_nor, &kat162_nor, &kat163_nor, &kat164_nor, &kat165_nor,
-    &kat166_nor, &kat167_nor, &kat168_nor, &kat169_nor, &kat170_nor,
-    &kat171_nor, &kat172_nor, &kat173_nor, &kat174_nor, &kat175_nor,
-    &kat176_nor, &kat177_nor, &kat178_nor, &kat179_nor, &kat180_nor,
-    &kat181_nor, &kat182_nor, &kat183_nor, &kat184_nor, &kat185_nor,
-    &kat186_nor, &kat187_nor, &kat188_nor, &kat189_nor, &kat190_nor,
-    &kat191_nor, &kat192_nor, &kat193_nor, &kat194_nor, &kat195_nor,
-    &kat196_nor, &kat197_nor, &kat198_nor, &kat199_nor, &kat200_nor,
-    &kat201_nor, &kat202_nor, &kat203_nor, &kat204_nor, &kat205_nor,
-    &kat206_nor, &kat207_nor, &kat208_nor, &kat209_nor, &kat210_nor,
-    &kat211_nor, &kat212_nor, &kat213_nor, &kat214_nor, &kat215_nor,
-    &kat216_nor, &kat217_nor, &kat218_nor, &kat219_nor, &kat220_nor,
-    &kat221_nor, &kat222_nor, &kat223_nor, &kat224_nor, &kat225_nor,
-    &kat226_nor, &kat227_nor, &kat228_nor, &kat229_nor, &kat230_nor,
-    &kat231_nor, &kat232_nor, &kat233_nor, &kat234_nor, &kat235_nor,
-    &kat236_nor, &kat237_nor, &kat238_nor, &kat239_nor, &kat240_nor,
-    &kat480_nor, &kat720_nor, &kat960_nor, &kat1200_nor, &kat1440_nor,
-    &kat1680_nor,
-    &kat240_prt, &kat480_prt, &kat720_prt, &kat960_prt, &kat1200_prt,
-    &kat1440_prt, &kat1680_prt, &kat1_prf, &kat1680_prf
-};
-const size_t drbg_hash_nelem = OSSL_NELEM(drbg_hash_test);
diff --git a/test/drbg_cavs_data_hmac.c b/test/drbg_cavs_data_hmac.c
deleted file mode 100644
index f76ed07699..0000000000
--- a/test/drbg_cavs_data_hmac.c
+++ /dev/null
@@ -1,285 +0,0 @@
-/*
- * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-/*
- * Small subset of DRBG test vectors from:
- * https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/
- * The index in the names given below (e.g- kat1680)- refers to the CAVS index.
- */
-
-#include <openssl/obj_mac.h>
-#include "internal/nelem.h"
-#include "drbg_cavs_data.h"
-
-
-static const unsigned char kat1_nor_entropyin[] = {
-    0xe9, 0x1b, 0x63, 0x30, 0x9e, 0x93, 0xd1, 0xd0, 0x8e, 0x30, 0xe8, 0xd5,
-    0x56, 0x90, 0x68, 0x75,
-};
-static const unsigned char kat1_nor_nonce[] = {
-    0xf5, 0x97, 0x47, 0xc4, 0x68, 0xb0, 0xd0, 0xda,
-};
-static const unsigned char kat1_nor_persstr[] = {0};
-static const unsigned char kat1_nor_addin0[] = {0};
-static const unsigned char kat1_nor_addin1[] = {0};
-static const unsigned char kat1_nor_retbytes[] = {
-    0xb7, 0x92, 0x8f, 0x95, 0x03, 0xa4, 0x17, 0x11, 0x07, 0x88, 0xf9, 0xd0,
-    0xc2, 0x58, 0x5f, 0x8a, 0xee, 0x6f, 0xb7, 0x3b, 0x22, 0x0a, 0x62, 0x6b,
-    0x3a, 0xb9, 0x82, 0x5b, 0x7a, 0x9f, 0xac, 0xc7, 0x97, 0x23, 0xd7, 0xe1,
-    0xba, 0x92, 0x55, 0xe4, 0x0e, 0x65, 0xc2, 0x49, 0xb6, 0x08, 0x2a, 0x7b,
-    0xc5, 0xe3, 0xf1, 0x29, 0xd3, 0xd8, 0xf6, 0x9b, 0x04, 0xed, 0x11, 0x83,
-    0x41, 0x9d, 0x6c, 0x4f, 0x2a, 0x13, 0xb3, 0x04, 0xd2, 0xc5, 0x74, 0x3f,
-    0x41, 0xc8, 0xb0, 0xee, 0x73, 0x22, 0x53, 0x47,
-};
-static const struct drbg_kat_no_reseed kat1_nor_t = {
-    0, kat1_nor_entropyin, kat1_nor_nonce, kat1_nor_persstr,
-    kat1_nor_addin0, kat1_nor_addin1, kat1_nor_retbytes
-};
-static const struct drbg_kat kat1_nor = {
-    NO_RESEED, USE_HMAC, NID_sha1, 16, 8, 0, 0, 80, &kat1_nor_t
-};
-
-static const unsigned char kat1680_nor_entropyin[] = {
-    0x68, 0xcf, 0x3f, 0x51, 0x8b, 0x47, 0x45, 0x45, 0x2a, 0x41, 0x49, 0xd2,
-    0x00, 0x43, 0x49, 0x60, 0xcb, 0xe1, 0x0b, 0xcb, 0x78, 0x3c, 0x3f, 0x89,
-    0xd3, 0xb8, 0x5f, 0x61, 0x87, 0x99, 0xf5, 0xcb,
-};
-static const unsigned char kat1680_nor_nonce[] = {
-    0xdc, 0x34, 0x5f, 0x21, 0xa3, 0x3c, 0x16, 0x8e, 0x4e, 0x07, 0x60, 0x31,
-    0x87, 0x59, 0x2f, 0x9c,
-};
-static const unsigned char kat1680_nor_persstr[] = {
-    0x2c, 0x26, 0xce, 0x79, 0xee, 0x85, 0xd0, 0xc9, 0xca, 0x4d, 0x1a, 0xbc,
-    0x6e, 0x0a, 0xc2, 0xad, 0xb2, 0x6c, 0xd2, 0x23, 0xdc, 0xb5, 0x13, 0x40,
-    0x3a, 0x53, 0x75, 0x5b, 0x64, 0x75, 0x98, 0xe3,
-};
-static const unsigned char kat1680_nor_addin0[] = {
-    0xac, 0xcf, 0xf5, 0x36, 0x08, 0x61, 0x6d, 0x90, 0x07, 0x19, 0x9e, 0x41,
-    0x39, 0x68, 0x46, 0xbe, 0x58, 0x00, 0xee, 0xa5, 0x5f, 0x73, 0xf6, 0x4a,
-    0x6d, 0x8c, 0x8f, 0x26, 0xb5, 0xba, 0xe0, 0x7d,
-};
-static const unsigned char kat1680_nor_addin1[] = {
-    0xd8, 0xd5, 0x25, 0x8b, 0xaf, 0xf4, 0x18, 0x50, 0xde, 0x1f, 0xeb, 0x5e,
-    0xcb, 0xbd, 0x17, 0x95, 0xcd, 0xf4, 0x53, 0x8a, 0x1c, 0x57, 0xf5, 0x5c,
-    0x9f, 0x58, 0x5f, 0xf0, 0x35, 0xa1, 0x3e, 0x55,
-};
-static const unsigned char kat1680_nor_retbytes[] = {
-    0x50, 0x32, 0xda, 0xa0, 0x34, 0x15, 0xb2, 0xb6, 0x78, 0x0e, 0xf4, 0xc6,
-    0xcf, 0xec, 0xfa, 0xcc, 0xef, 0xda, 0x71, 0x2f, 0x25, 0x29, 0xd2, 0xcd,
-    0xf4, 0xcb, 0x45, 0xd5, 0x22, 0x29, 0xe2, 0xb7, 0x38, 0x8e, 0xbc, 0xe9,
-    0x26, 0xa7, 0xaa, 0x05, 0xcc, 0x13, 0x2b, 0x34, 0x79, 0xe7, 0xb9, 0xc0,
-    0xb8, 0xb4, 0xcd, 0x02, 0x62, 0xf7, 0xb1, 0x8a, 0x58, 0x32, 0x6e, 0xab,
-    0x2b, 0xae, 0xb9, 0x1e, 0xd4, 0x81, 0x8b, 0xf2, 0x0a, 0x10, 0x59, 0x75,
-    0x34, 0x2b, 0xed, 0x6a, 0x97, 0xf2, 0xe6, 0x7c, 0x48, 0x3a, 0x40, 0x3f,
-    0x98, 0xa4, 0xa5, 0xdf, 0xee, 0x98, 0x13, 0x07, 0x41, 0xb9, 0x09, 0xf0,
-    0xc4, 0x81, 0x2c, 0x19, 0x17, 0x33, 0x4d, 0xdc, 0x5e, 0x67, 0x82, 0x56,
-    0xb7, 0x8c, 0x23, 0x76, 0x42, 0x17, 0x79, 0x8f, 0x25, 0xdb, 0x20, 0xd8,
-    0x0e, 0xa8, 0x5b, 0x69, 0xef, 0xd7, 0x58, 0x92,
-};
-static const struct drbg_kat_no_reseed kat1680_nor_t = {
-    14, kat1680_nor_entropyin, kat1680_nor_nonce, kat1680_nor_persstr,
-    kat1680_nor_addin0, kat1680_nor_addin1, kat1680_nor_retbytes
-};
-static const struct drbg_kat kat1680_nor = {
-    NO_RESEED, USE_HMAC, NID_sha512_256, 32, 16, 32, 32, 128, &kat1680_nor_t
-};
-
-/* -------------------------------------------------------------------------- */
-
-static const unsigned char kat2_prt_entropyin[] = {
-    0x07, 0xbd, 0xda, 0xb0, 0x6c, 0xf3, 0xd7, 0xf0, 0x94, 0xcc, 0x23, 0x02,
-    0xab, 0xd7, 0x00, 0xa9,
-};
-static const unsigned char kat2_prt_nonce[] = {
-    0xd6, 0x74, 0x21, 0xae, 0xb7, 0x11, 0xf4, 0xbb,
-};
-static const unsigned char kat2_prt_persstr[] = {0};
-static const unsigned char kat2_prt_entropyinpr0[] = {
-    0xe6, 0x6f, 0x59, 0xe2, 0x8a, 0x46, 0x79, 0x42, 0x13, 0xbf, 0x3d, 0x0c,
-    0x3a, 0x2c, 0xbb, 0xb0,
-};
-static const unsigned char kat2_prt_entropyinpr1[] = {
-    0x92, 0x05, 0xb9, 0x0e, 0x0e, 0xf2, 0x12, 0xc7, 0x67, 0x9b, 0x37, 0x52,
-    0x6a, 0x80, 0x67, 0x89,
-};
-static const unsigned char kat2_prt_addin0[] = {0};
-static const unsigned char kat2_prt_addin1[] = {0};
-static const unsigned char kat2_prt_retbytes[] = {
-    0xf7, 0x6f, 0xd2, 0xa4, 0x9d, 0x95, 0x74, 0xc3, 0xf9, 0x08, 0x64, 0xf3,
-    0x5f, 0x32, 0x25, 0x3b, 0x83, 0x09, 0x8e, 0xe0, 0x4a, 0x4c, 0x8d, 0xba,
-    0x46, 0x4a, 0x80, 0x35, 0xf6, 0x65, 0xca, 0x16, 0x5c, 0x8a, 0x03, 0x8b,
-    0xe5, 0xe1, 0xb1, 0x00, 0xd5, 0x67, 0x52, 0xad, 0xcf, 0x59, 0xbe, 0xa1,
-    0x67, 0xe1, 0x5b, 0x1d, 0x01, 0xc4, 0x19, 0x94, 0x8d, 0x2d, 0x0a, 0x85,
-    0xbe, 0x66, 0xd1, 0x9b, 0xb4, 0x0e, 0x5e, 0x0a, 0x66, 0xcf, 0xd7, 0x6b,
-    0xa7, 0x54, 0x7e, 0xba, 0x62, 0x76, 0xea, 0x49,
-};
-static const struct drbg_kat_pr_true kat2_prt_t = {
-    1, kat2_prt_entropyin, kat2_prt_nonce, kat2_prt_persstr,
-    kat2_prt_entropyinpr0, kat2_prt_addin0, kat2_prt_entropyinpr1,
-    kat2_prt_addin1, kat2_prt_retbytes
-};
-static const struct drbg_kat kat2_prt = {
-    PR_TRUE, USE_HMAC, NID_sha1, 16, 8, 0, 0, 80, &kat2_prt_t
-};
-
-static const unsigned char kat1680_prt_entropyin[] = {
-    0xfa, 0x18, 0xc7, 0x94, 0x9c, 0xd5, 0xbc, 0xbe, 0x49, 0xc9, 0x6f, 0x4d,
-    0x66, 0x70, 0xc8, 0x4f, 0x55, 0xae, 0xe0, 0x0f, 0x36, 0xa4, 0x6c, 0xbf,
-    0xaf, 0xbe, 0x54, 0xe6, 0x6b, 0x32, 0x64, 0x23,
-};
-static const unsigned char kat1680_prt_nonce[] = {
-    0xc6, 0xfd, 0xec, 0x42, 0x46, 0xbd, 0xa3, 0xe2, 0xb6, 0x9f, 0xf6, 0x02,
-    0x67, 0x5f, 0x7e, 0x6d,
-};
-static const unsigned char kat1680_prt_persstr[] = {
-    0x9b, 0x31, 0xee, 0xbb, 0xe8, 0xbc, 0x02, 0x3c, 0xb8, 0x19, 0x3c, 0xe5,
-    0xe1, 0x5a, 0x62, 0x9d, 0x29, 0x20, 0xa0, 0xc4, 0x91, 0x69, 0xd2, 0x98,
-    0x92, 0x4b, 0xdb, 0xa2, 0xeb, 0x3b, 0xcd, 0x46,
-};
-static const unsigned char kat1680_prt_entropyinpr0[] = {
-    0xd7, 0x84, 0x2e, 0x7a, 0xd0, 0xcb, 0xac, 0x6b, 0x94, 0x04, 0xe8, 0xe9,
-    0x42, 0xfa, 0xbb, 0x77, 0x97, 0x4b, 0x35, 0x3a, 0x7f, 0x96, 0x33, 0x88,
-    0x06, 0x95, 0xfb, 0xff, 0xcb, 0x4d, 0x32, 0x79,
-};
-static const unsigned char kat1680_prt_entropyinpr1[] = {
-    0x96, 0xa3, 0x0d, 0x85, 0x93, 0xcc, 0xe5, 0xfe, 0xbd, 0x4f, 0x03, 0x4f,
-    0xf9, 0x74, 0x79, 0xeb, 0x88, 0x08, 0xe8, 0x1b, 0xd7, 0xb8, 0xf7, 0xb4,
-    0x4a, 0xe9, 0x45, 0xfb, 0xbf, 0x50, 0x35, 0x72,
-};
-static const unsigned char kat1680_prt_addin0[] = {
-    0x2e, 0x08, 0x83, 0xa8, 0x80, 0x21, 0xb7, 0xca, 0x2e, 0x8b, 0xe9, 0xb7,
-    0xb2, 0x08, 0xee, 0xc4, 0x10, 0x78, 0x64, 0x60, 0x5f, 0x71, 0x85, 0x10,
-    0x32, 0x3d, 0x89, 0xc8, 0x14, 0x6c, 0xa8, 0x93,
-};
-static const unsigned char kat1680_prt_addin1[] = {
-    0x01, 0x55, 0xdc, 0x73, 0xa3, 0x6c, 0x16, 0x0d, 0x9e, 0x13, 0xc0, 0x23,
-    0xe7, 0x32, 0x79, 0x8b, 0x4f, 0xba, 0x3a, 0x9f, 0xd8, 0x49, 0xc0, 0xed,
-    0xf8, 0x99, 0x76, 0x5c, 0x5f, 0xf7, 0x34, 0x9f,
-};
-static const unsigned char kat1680_prt_retbytes[] = {
-    0xee, 0x19, 0x1d, 0xc6, 0xbe, 0xf0, 0x25, 0xe3, 0x63, 0x02, 0xbb, 0x8c,
-    0xe0, 0xe6, 0xa9, 0x49, 0xf7, 0xb0, 0xd2, 0x94, 0x4b, 0x24, 0x6f, 0xc5,
-    0x2d, 0x68, 0xa2, 0x0c, 0x3b, 0x2b, 0x78, 0x75, 0x95, 0xca, 0x9d, 0x4b,
-    0xae, 0x2f, 0x55, 0xa1, 0x39, 0x24, 0xfa, 0xbb, 0xef, 0x8f, 0x70, 0x0a,
-    0xbc, 0x09, 0xd7, 0xda, 0xc1, 0xc1, 0xeb, 0x3a, 0x63, 0xc0, 0x40, 0x86,
-    0x75, 0x19, 0xe6, 0x72, 0x4f, 0xae, 0xb5, 0x32, 0xd0, 0x1c, 0xd3, 0x89,
-    0x22, 0xe4, 0xe0, 0x97, 0x35, 0x66, 0xfc, 0x23, 0xf5, 0xfb, 0xc0, 0x67,
-    0xf4, 0x96, 0xcb, 0x97, 0xfe, 0x3c, 0xe9, 0x75, 0x64, 0xf0, 0x01, 0x0d,
-    0x6c, 0xd2, 0xb5, 0xd8, 0x1a, 0x3e, 0x79, 0xfc, 0xb8, 0x5f, 0x01, 0x01,
-    0x91, 0xa7, 0x6b, 0x4d, 0x79, 0x6e, 0xa8, 0xc8, 0x5b, 0x11, 0x9d, 0xd2,
-    0x42, 0x10, 0xf6, 0x47, 0x25, 0xc0, 0x96, 0x89,
-};
-static const struct drbg_kat_pr_true kat1680_prt_t = {
-    14, kat1680_prt_entropyin, kat1680_prt_nonce, kat1680_prt_persstr,
-    kat1680_prt_entropyinpr0, kat1680_prt_addin0, kat1680_prt_entropyinpr1,
-    kat1680_prt_addin1, kat1680_prt_retbytes
-};
-static const struct drbg_kat kat1680_prt = {
-    PR_TRUE, USE_HMAC, NID_sha512_256, 32, 16, 32, 32, 128, &kat1680_prt_t
-};
-
-/* -------------------------------------------------------------------------- */
-
-static const unsigned char kat7_prf_entropyin[] = {
-    0xb3, 0xd4, 0x04, 0x12, 0x01, 0xf4, 0x34, 0x5e, 0x0a, 0x81, 0x8d, 0xe1,
-    0x36, 0xc6, 0xaa, 0x7e,
-};
-static const unsigned char kat7_prf_nonce[] = {
-    0x6b, 0x06, 0x12, 0xe1, 0xac, 0x6b, 0x3f, 0x2f,
-};
-static const unsigned char kat7_prf_persstr[] = {0};
-static const unsigned char kat7_prf_entropyin_reseed[] = {
-    0x26, 0xf6, 0xec, 0x32, 0x8a, 0xc7, 0xf8, 0x96, 0x6d, 0xca, 0x90, 0xe1,
-    0x62, 0xc2, 0x97, 0xef,
-};
-static const unsigned char kat7_prf_addin_reseed[] = {0};
-static const unsigned char kat7_prf_addin0[] = {0};
-static const unsigned char kat7_prf_addin1[] = {0};
-static const unsigned char kat7_prf_retbytes[] = {
-    0xd9, 0x24, 0x5a, 0x4a, 0x0a, 0xb0, 0xca, 0x97, 0xe7, 0x47, 0xc0, 0xd2,
-    0x90, 0x98, 0x97, 0x9e, 0x82, 0x48, 0xe5, 0x3f, 0x0e, 0xc6, 0xb9, 0x16,
-    0x78, 0x97, 0x2f, 0x3b, 0x56, 0x91, 0xe7, 0x99, 0x5a, 0xd2, 0xeb, 0x99,
-    0x64, 0x0d, 0x3e, 0x9a, 0x83, 0x64, 0x89, 0x1d, 0x0f, 0xf1, 0x79, 0x73,
-    0x2d, 0x63, 0x3f, 0x76, 0x2d, 0x65, 0x92, 0xa4, 0xd4, 0x9c, 0x4e, 0x66,
-    0x7c, 0x69, 0x9b, 0x26, 0x78, 0x92, 0x9c, 0x81, 0xd9, 0xbd, 0xfc, 0x74,
-    0xd6, 0x57, 0x5f, 0x5b, 0x72, 0x7f, 0x4d, 0x65,
-};
-static const struct drbg_kat_pr_false kat7_prf_t = {
-    6, kat7_prf_entropyin, kat7_prf_nonce, kat7_prf_persstr,
-    kat7_prf_entropyin_reseed, kat7_prf_addin_reseed,
-    kat7_prf_addin0, kat7_prf_addin1, kat7_prf_retbytes
-};
-static const struct drbg_kat kat7_prf = {
-    PR_FALSE, USE_HMAC, NID_sha1, 16, 8, 0, 0, 80, &kat7_prf_t
-};
-
-static const unsigned char kat1680_prf_entropyin[] = {
-    0x03, 0x8f, 0x2d, 0x21, 0x48, 0x1d, 0xe9, 0xf2, 0x28, 0x61, 0x68, 0xc8,
-    0x0d, 0xb5, 0x59, 0xb0, 0x37, 0xa3, 0x6a, 0x05, 0x91, 0xe3, 0xc2, 0x46,
-    0xa5, 0xe3, 0xa5, 0x5d, 0x0e, 0x39, 0x2b, 0x35,
-};
-static const unsigned char kat1680_prf_nonce[] = {
-    0x86, 0x95, 0x63, 0x4d, 0xb6, 0xfc, 0x1c, 0x67, 0x29, 0x9f, 0xd5, 0x55,
-    0x3b, 0x19, 0xc5, 0x4d,
-};
-static const unsigned char kat1680_prf_persstr[] = {
-    0x01, 0x35, 0x28, 0x7e, 0xfe, 0x2f, 0x40, 0xa9, 0xcf, 0x2a, 0xdc, 0x97,
-    0xa5, 0x58, 0x20, 0xbb, 0xb9, 0xf9, 0x49, 0x8b, 0xc5, 0x12, 0x70, 0x7c,
-    0x5a, 0xc9, 0xc7, 0x21, 0x89, 0x37, 0x57, 0xbf,
-};
-static const unsigned char kat1680_prf_entropyin_reseed[] = {
-    0x7d, 0x20, 0xf5, 0xdd, 0x7e, 0xba, 0x0d, 0x2d, 0xd1, 0x88, 0x2f, 0xd2,
-    0xdd, 0x98, 0x72, 0x80, 0xf3, 0xd9, 0x50, 0x2a, 0x62, 0x4d, 0xff, 0x55,
-    0x26, 0x7d, 0x59, 0x6d, 0x4a, 0xb0, 0x21, 0xc9,
-};
-static const unsigned char kat1680_prf_addin_reseed[] = {
-    0x7e, 0x78, 0x8d, 0x4f, 0xba, 0xb8, 0x92, 0xa6, 0x67, 0xc1, 0x52, 0xf2,
-    0x90, 0x6c, 0x4b, 0xd7, 0xc4, 0xa6, 0x29, 0x5f, 0x11, 0x5b, 0xb6, 0xf6,
-    0x5d, 0x80, 0x88, 0xfd, 0xff, 0xc8, 0xb5, 0xe5,
-};
-static const unsigned char kat1680_prf_addin0[] = {
-    0xb7, 0x5e, 0x30, 0x58, 0x84, 0x81, 0x60, 0xfd, 0x30, 0xe7, 0xd0, 0x4a,
-    0x72, 0xba, 0x5b, 0x37, 0x6f, 0xad, 0xf2, 0x66, 0xdb, 0x66, 0x6a, 0x95,
-    0xed, 0xaa, 0xab, 0x56, 0x52, 0x51, 0x1e, 0xb9,
-};
-static const unsigned char kat1680_prf_addin1[] = {
-    0x69, 0x73, 0xe0, 0x5c, 0xea, 0xb5, 0x31, 0x0b, 0x91, 0x21, 0xe1, 0xde,
-    0x19, 0x94, 0x84, 0xdf, 0x58, 0xfc, 0x4b, 0x26, 0x42, 0x9d, 0xdf, 0x44,
-    0x65, 0xcd, 0xe7, 0xf7, 0xd6, 0xea, 0x35, 0x54,
-};
-static const unsigned char kat1680_prf_retbytes[] = {
-    0x13, 0x44, 0x5b, 0x39, 0xab, 0x89, 0x3b, 0x31, 0x9c, 0xb0, 0xc4, 0x22,
-    0x50, 0x8d, 0x3f, 0x4d, 0x03, 0x26, 0x40, 0x16, 0xf9, 0xf6, 0x91, 0xb9,
-    0x16, 0x97, 0xb6, 0x37, 0xc4, 0xea, 0x25, 0x1c, 0x71, 0xec, 0x4c, 0xa3,
-    0x55, 0x70, 0xd1, 0x07, 0x24, 0xa3, 0xf9, 0x19, 0xe0, 0x42, 0xdc, 0xe3,
-    0x5f, 0x50, 0xfc, 0x10, 0x86, 0x6f, 0x7c, 0x9d, 0xf8, 0x8a, 0xb3, 0x7e,
-    0xa3, 0xbc, 0x25, 0xd2, 0x86, 0xfa, 0xe1, 0x55, 0x7f, 0xd9, 0x30, 0xed,
-    0x74, 0x7c, 0xdf, 0x24, 0x6b, 0xc7, 0xa3, 0xb2, 0xd6, 0xc9, 0x5d, 0x1f,
-    0x77, 0x17, 0xbb, 0xe4, 0x22, 0xd7, 0x10, 0x35, 0x6a, 0xf8, 0xab, 0x7d,
-    0xf7, 0xcd, 0x72, 0x4d, 0x02, 0x2f, 0xe5, 0xf8, 0xf2, 0xd8, 0x4d, 0x6f,
-    0x2b, 0x27, 0x0d, 0x70, 0xb1, 0x6a, 0xf1, 0x4b, 0x3c, 0xcb, 0x4d, 0x52,
-    0xfd, 0x58, 0x7c, 0x59, 0x8f, 0x00, 0x95, 0x1e,
-};
-static const struct drbg_kat_pr_false kat1680_prf_t = {
-    14, kat1680_prf_entropyin, kat1680_prf_nonce, kat1680_prf_persstr,
-    kat1680_prf_entropyin_reseed, kat1680_prf_addin_reseed,
-    kat1680_prf_addin0, kat1680_prf_addin1, kat1680_prf_retbytes
-};
-static const struct drbg_kat kat1680_prf = {
-    PR_FALSE, USE_HMAC, NID_sha512_256, 32, 16, 32, 32, 128, &kat1680_prf_t
-};
-
-/* -------------------------------------------------------------------------- */
-
-const struct drbg_kat *drbg_hmac_test[] = {
-    &kat1_nor, &kat1680_nor,
-    &kat2_prt, &kat1680_prt,
-    &kat7_prf, &kat1680_prf
-};
-const size_t drbg_hmac_nelem = OSSL_NELEM(drbg_hmac_test);
diff --git a/test/drbg_cavs_test.c b/test/drbg_cavs_test.c
deleted file mode 100644
index 2873417ff0..0000000000
--- a/test/drbg_cavs_test.c
+++ /dev/null
@@ -1,308 +0,0 @@
-/*
- * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <string.h>
-#include "internal/nelem.h"
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/rand.h>
-#include <openssl/obj_mac.h>
-#include <openssl/evp.h>
-#include <openssl/aes.h>
-#include "../crypto/rand/rand_local.h"
-
-#include "testutil.h"
-#include "drbg_cavs_data.h"
-
-static int app_data_index;
-
-typedef struct test_ctx_st {
-    const unsigned char *entropy;
-    size_t entropylen;
-    int entropycnt;
-    const unsigned char *nonce;
-    size_t noncelen;
-    int noncecnt;
-} TEST_CTX;
-
-static size_t kat_entropy(RAND_DRBG *drbg, unsigned char **pout,
-                          int entropy, size_t min_len, size_t max_len,
-                          int prediction_resistance)
-{
-    TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index);
-
-    t->entropycnt++;
-    *pout = (unsigned char *)t->entropy;
-    return t->entropylen;
-}
-
-static size_t kat_nonce(RAND_DRBG *drbg, unsigned char **pout,
-                        int entropy, size_t min_len, size_t max_len)
-{
-    TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index);
-
-    t->noncecnt++;
-    *pout = (unsigned char *)t->nonce;
-    return t->noncelen;
-}
-
-/*
- * Do a single NO_RESEED KAT:
- *
- * Instantiate
- * Generate Random Bits (pr=false)
- * Generate Random Bits (pr=false)
- * Uninstantiate
- *
- * Return 0 on failure.
- */
-static int single_kat_no_reseed(const struct drbg_kat *td)
-{
-    struct drbg_kat_no_reseed *data = (struct drbg_kat_no_reseed *)td->t;
-    RAND_DRBG *drbg = NULL;
-    unsigned char *buff = NULL;
-    unsigned int flags = 0;
-    int failures = 0;
-    TEST_CTX t;
-
-    if ((td->flags & USE_DF) == 0)
-        flags |= RAND_DRBG_FLAG_CTR_NO_DF;
-    if ((td->flags & USE_HMAC) != 0)
-        flags |= RAND_DRBG_FLAG_HMAC;
-
-    if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, flags, NULL)))
-        return 0;
-
-    if (!TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
-                                           kat_nonce, NULL))) {
-        failures++;
-        goto err;
-    }
-    memset(&t, 0, sizeof(t));
-    t.entropy = data->entropyin;
-    t.entropylen = td->entropyinlen;
-    t.nonce = data->nonce;
-    t.noncelen = td->noncelen;
-    RAND_DRBG_set_ex_data(drbg, app_data_index, &t);
-
-    buff = OPENSSL_malloc(td->retbyteslen);
-    if (buff == NULL)
-        goto err;
-
-    if (!TEST_true(RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen))
-        || !TEST_true(RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
-                                         data->addin1, td->addinlen))
-        || !TEST_true(RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
-                                         data->addin2, td->addinlen))
-        || !TEST_true(RAND_DRBG_uninstantiate(drbg))
-        || !TEST_mem_eq(data->retbytes, td->retbyteslen, buff,
-                        td->retbyteslen))
-        failures++;
-
-err:
-    OPENSSL_free(buff);
-    RAND_DRBG_uninstantiate(drbg);
-    RAND_DRBG_free(drbg);
-    return failures == 0;
-}
-
-/*-
- * Do a single PR_FALSE KAT:
- *
- * Instantiate
- * Reseed
- * Generate Random Bits (pr=false)
- * Generate Random Bits (pr=false)
- * Uninstantiate
- *
- * Return 0 on failure.
- */
-static int single_kat_pr_false(const struct drbg_kat *td)
-{
-    struct drbg_kat_pr_false *data = (struct drbg_kat_pr_false *)td->t;
-    RAND_DRBG *drbg = NULL;
-    unsigned char *buff = NULL;
-    unsigned int flags = 0;
-    int failures = 0;
-    TEST_CTX t;
-
-    if ((td->flags & USE_DF) == 0)
-        flags |= RAND_DRBG_FLAG_CTR_NO_DF;
-    if ((td->flags & USE_HMAC) != 0)
-        flags |= RAND_DRBG_FLAG_HMAC;
-
-    if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, flags, NULL)))
-        return 0;
-
-    if (!TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
-                                           kat_nonce, NULL))) {
-        failures++;
-        goto err;
-    }
-    memset(&t, 0, sizeof(t));
-    t.entropy = data->entropyin;
-    t.entropylen = td->entropyinlen;
-    t.nonce = data->nonce;
-    t.noncelen = td->noncelen;
-    RAND_DRBG_set_ex_data(drbg, app_data_index, &t);
-
-    buff = OPENSSL_malloc(td->retbyteslen);
-    if (buff == NULL)
-        goto err;
-
-    if (!TEST_true(RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen)))
-        failures++;
-
-    t.entropy = data->entropyinreseed;
-    t.entropylen = td->entropyinlen;
-
-    if (!TEST_true(RAND_DRBG_reseed(drbg, data->addinreseed, td->addinlen, 0))
-        || !TEST_true(RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
-                                         data->addin1, td->addinlen))
-        || !TEST_true(RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
-                                         data->addin2, td->addinlen))
-        || !TEST_true(RAND_DRBG_uninstantiate(drbg))
-        || !TEST_mem_eq(data->retbytes, td->retbyteslen, buff,
-                        td->retbyteslen))
-        failures++;
-
-err:
-    OPENSSL_free(buff);
-    RAND_DRBG_uninstantiate(drbg);
-    RAND_DRBG_free(drbg);
-    return failures == 0;
-}
-
-/*-
- * Do a single PR_TRUE KAT:
- *
- * Instantiate
- * Generate Random Bits (pr=true)
- * Generate Random Bits (pr=true)
- * Uninstantiate
- *
- * Return 0 on failure.
- */
-static int single_kat_pr_true(const struct drbg_kat *td)
-{
-    struct drbg_kat_pr_true *data = (struct drbg_kat_pr_true *)td->t;
-    RAND_DRBG *drbg = NULL;
-    unsigned char *buff = NULL;
-    unsigned int flags = 0;
-    int failures = 0;
-    TEST_CTX t;
-
-    if ((td->flags & USE_DF) == 0)
-        flags |= RAND_DRBG_FLAG_CTR_NO_DF;
-    if ((td->flags & USE_HMAC) != 0)
-        flags |= RAND_DRBG_FLAG_HMAC;
-
-    if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, flags, NULL)))
-        return 0;
-
-    if (!TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
-                                           kat_nonce, NULL))) {
-        failures++;
-        goto err;
-    }
-    memset(&t, 0, sizeof(t));
-    t.nonce = data->nonce;
-    t.noncelen = td->noncelen;
-    t.entropy = data->entropyin;
-    t.entropylen = td->entropyinlen;
-    RAND_DRBG_set_ex_data(drbg, app_data_index, &t);
-
-    buff = OPENSSL_malloc(td->retbyteslen);
-    if (buff == NULL)
-        goto err;
-
-    if (!TEST_true(RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen)))
-        failures++;
-
-    t.entropy = data->entropyinpr1;
-    t.entropylen = td->entropyinlen;
-
-    if (!TEST_true(RAND_DRBG_generate(drbg, buff, td->retbyteslen, 1,
-                                      data->addin1, td->addinlen)))
-        failures++;
-
-    t.entropy = data->entropyinpr2;
-    t.entropylen = td->entropyinlen;
-
-    if (!TEST_true(RAND_DRBG_generate(drbg, buff, td->retbyteslen, 1,
-                                      data->addin2, td->addinlen))
-        || !TEST_true(RAND_DRBG_uninstantiate(drbg))
-        || !TEST_mem_eq(data->retbytes, td->retbyteslen, buff,
-                        td->retbyteslen))
-        failures++;
-
-err:
-    OPENSSL_free(buff);
-    RAND_DRBG_uninstantiate(drbg);
-    RAND_DRBG_free(drbg);
-    return failures == 0;
-}
-
-static int test_cavs_kats(const struct drbg_kat *test[], int i)
-{
-    const struct drbg_kat *td = test[i];
-    int rv = 0;
-
-#ifdef FIPS_MODULE
-    /* FIPS mode doesn't support instantiating without a derivation function */
-    if ((td->flags & USE_DF) == 0)
-        return TEST_skip("instantiating without derivation function "
-                         "is not supported in FIPS mode");
-#endif
-    switch (td->type) {
-    case NO_RESEED:
-        if (!single_kat_no_reseed(td))
-            goto err;
-        break;
-    case PR_FALSE:
-        if (!single_kat_pr_false(td))
-            goto err;
-        break;
-    case PR_TRUE:
-        if (!single_kat_pr_true(td))
-            goto err;
-        break;
-    default:    /* cant happen */
-        goto err;
-    }
-    rv = 1;
-err:
-    return rv;
-}
-
-static int test_cavs_ctr(int i)
-{
-    return test_cavs_kats(drbg_ctr_test, i);
-}
-
-static int test_cavs_hmac(int i)
-{
-    return test_cavs_kats(drbg_hmac_test, i);
-}
-
-static int test_cavs_hash(int i)
-{
-    return test_cavs_kats(drbg_hash_test, i);
-}
-
-int setup_tests(void)
-{
-    app_data_index = RAND_DRBG_get_ex_new_index(0L, NULL, NULL, NULL, NULL);
-
-    ADD_ALL_TESTS(test_cavs_ctr,  drbg_ctr_nelem);
-    ADD_ALL_TESTS(test_cavs_hmac, drbg_hmac_nelem);
-    ADD_ALL_TESTS(test_cavs_hash, drbg_hash_nelem);
-
-    return 1;
-}
diff --git a/test/drbg_extra_test.c b/test/drbg_extra_test.c
deleted file mode 100644
index e7c0d77d7f..0000000000
--- a/test/drbg_extra_test.c
+++ /dev/null
@@ -1,92 +0,0 @@
-/*
- * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <string.h>
-#include "internal/nelem.h"
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/rand.h>
-#include <openssl/obj_mac.h>
-#include <openssl/evp.h>
-#include <openssl/aes.h>
-#include "../crypto/rand/rand_local.h"
-
-#include "testutil.h"
-#include "drbg_extra_test.h"
-
-static unsigned char zerobuff[32];
-
-static size_t kat_entropy(RAND_DRBG *drbg, unsigned char **pout,
-                          int entropy, size_t min_len, size_t max_len,
-                          int prediction_resistance)
-{
-    *pout = zerobuff;
-    return sizeof(zerobuff);
-}
-
-static size_t kat_nonce(RAND_DRBG *drbg, unsigned char **pout,
-                        int entropy, size_t min_len, size_t max_len)
-{
-    *pout = zerobuff;
-    return sizeof(zerobuff);
-}
-
-static int run_extra_kat(const struct drbg_extra_kat *td)
-{
-    unsigned long long i;
-    RAND_DRBG *drbg = NULL;
-    unsigned char buff[BUFFSIZE];
-    unsigned int flags = 0;
-    int failures = 0;
-
-    if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, flags, NULL)))
-        return 0;
-
-    /* Set deterministic entropy callback. */
-    if (!TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
-                                           kat_nonce, NULL))) {
-        failures++;
-        goto err;
-    }
-
-    /* Set fixed reseed intervall. */
-    if (!TEST_true(RAND_DRBG_set_reseed_interval(drbg, RESEEDINTERVAL))) {
-        failures++;
-        goto err;
-    }
-
-    if (!TEST_true(RAND_DRBG_instantiate(drbg, NULL, 0)))
-        failures++;
-
-    for (i = 0; i < td->ngen; i++) {
-        if(!TEST_true(RAND_DRBG_generate(drbg, buff, sizeof(buff), 0, NULL,
-                                         0)))
-            failures++;
-    }
-
-    if (!TEST_true(RAND_DRBG_uninstantiate(drbg))
-        || !TEST_mem_eq(td->expected, sizeof(buff), buff, sizeof(buff)))
-        failures++;
-
-err:
-    RAND_DRBG_uninstantiate(drbg);
-    RAND_DRBG_free(drbg);
-    return failures == 0;
-}
-
-static int test_extra_kats(int i)
-{
-    return run_extra_kat(drbg_extra_test[i]);
-}
-
-int setup_tests(void)
-{
-    ADD_ALL_TESTS(test_extra_kats, OSSL_NELEM(drbg_extra_test));
-    return 1;
-}
diff --git a/test/drbgtest.c b/test/drbgtest.c
index 3107ccaaf4..c6c8438e98 100644
--- a/test/drbgtest.c
+++ b/test/drbgtest.c
@@ -40,219 +40,88 @@
 #include "testutil.h"
 #include "drbgtest.h"
 
-typedef struct drbg_selftest_data_st {
-    int post;
-    int nid;
-    unsigned int flags;
-
-    /* KAT data for no PR */
-    const unsigned char *entropy;
-    size_t entropylen;
-    const unsigned char *nonce;
-    size_t noncelen;
-    const unsigned char *pers;
-    size_t perslen;
-    const unsigned char *adin;
-    size_t adinlen;
-    const unsigned char *entropyreseed;
-    size_t entropyreseedlen;
-    const unsigned char *adinreseed;
-    size_t adinreseedlen;
-    const unsigned char *adin2;
-    size_t adin2len;
-    const unsigned char *expected;
-    size_t exlen;
-    const unsigned char *kat2;
-    size_t kat2len;
-
-    /* KAT data for PR */
-    const unsigned char *entropy_pr;
-    size_t entropylen_pr;
-    const unsigned char *nonce_pr;
-    size_t noncelen_pr;
-    const unsigned char *pers_pr;
-    size_t perslen_pr;
-    const unsigned char *adin_pr;
-    size_t adinlen_pr;
-    const unsigned char *entropypr_pr;
-    size_t entropyprlen_pr;
-    const unsigned char *ading_pr;
-    size_t adinglen_pr;
-    const unsigned char *entropyg_pr;
-    size_t entropyglen_pr;
-    const unsigned char *kat_pr;
-    size_t katlen_pr;
-    const unsigned char *kat2_pr;
-    size_t kat2len_pr;
-} DRBG_SELFTEST_DATA;
-
-#define make_drbg_test_data(nid, flag, pr, post) {\
-    post, nid, flag, \
-    pr##_entropyinput, sizeof(pr##_entropyinput), \
-    pr##_nonce, sizeof(pr##_nonce), \
-    pr##_personalizationstring, sizeof(pr##_personalizationstring), \
-    pr##_additionalinput, sizeof(pr##_additionalinput), \
-    pr##_entropyinputreseed, sizeof(pr##_entropyinputreseed), \
-    pr##_additionalinputreseed, sizeof(pr##_additionalinputreseed), \
-    pr##_additionalinput2, sizeof(pr##_additionalinput2), \
-    pr##_int_returnedbits, sizeof(pr##_int_returnedbits), \
-    pr##_returnedbits, sizeof(pr##_returnedbits), \
-    pr##_pr_entropyinput, sizeof(pr##_pr_entropyinput), \
-    pr##_pr_nonce, sizeof(pr##_pr_nonce), \
-    pr##_pr_personalizationstring, sizeof(pr##_pr_personalizationstring), \
-    pr##_pr_additionalinput, sizeof(pr##_pr_additionalinput), \
-    pr##_pr_entropyinputpr, sizeof(pr##_pr_entropyinputpr), \
-    pr##_pr_additionalinput2, sizeof(pr##_pr_additionalinput2), \
-    pr##_pr_entropyinputpr2, sizeof(pr##_pr_entropyinputpr2), \
-    pr##_pr_int_returnedbits, sizeof(pr##_pr_int_returnedbits), \
-    pr##_pr_returnedbits, sizeof(pr##_pr_returnedbits) \
-    }
+/*
+ * DRBG generate wrappers
+ */
+static int gen_bytes(EVP_RAND_CTX *drbg, unsigned char *buf, int num)
+{
+    const RAND_METHOD *meth = RAND_get_rand_method();
 
-#define make_drbg_test_data_use_df(nid, pr, p) \
-    make_drbg_test_data(nid, 0, pr, p)
+    if (meth != NULL && meth != RAND_OpenSSL()) {
+        if (meth->bytes != NULL)
+            return meth->bytes(buf, num);
+        return -1;
+    }
 
-#define make_drbg_test_data_no_df(nid, pr, p)                      \
-    make_drbg_test_data(nid, RAND_DRBG_FLAG_CTR_NO_DF, pr, p)
+    if (drbg != NULL)
+        return EVP_RAND_generate(drbg, buf, num, 0, 0, NULL, 0);
+    return 0;
+}
 
-#define make_drbg_test_data_hash(nid, pr, p) \
-    make_drbg_test_data(nid, RAND_DRBG_FLAG_HMAC, hmac_##pr, p), \
-    make_drbg_test_data(nid, 0, pr, p)
+static int rand_bytes(unsigned char *buf, int num)
+{
+    return gen_bytes(RAND_get0_public(NULL), buf, num);
+}
 
-static DRBG_SELFTEST_DATA drbg_test[] = {
-#ifndef FIPS_MODULE
-    /* FIPS mode doesn't support CTR DRBG without a derivation function */
-    make_drbg_test_data_no_df (NID_aes_128_ctr, aes_128_no_df,  0),
-    make_drbg_test_data_no_df (NID_aes_192_ctr, aes_192_no_df,  0),
-    make_drbg_test_data_no_df (NID_aes_256_ctr, aes_256_no_df,  1),
-#endif
-    make_drbg_test_data_use_df(NID_aes_128_ctr, aes_128_use_df, 0),
-    make_drbg_test_data_use_df(NID_aes_192_ctr, aes_192_use_df, 0),
-    make_drbg_test_data_use_df(NID_aes_256_ctr, aes_256_use_df, 1),
-    make_drbg_test_data_hash(NID_sha1, sha1, 0),
-    make_drbg_test_data_hash(NID_sha224, sha224, 0),
-    make_drbg_test_data_hash(NID_sha256, sha256, 1),
-    make_drbg_test_data_hash(NID_sha384, sha384, 0),
-    make_drbg_test_data_hash(NID_sha512, sha512, 0),
-};
+static int rand_priv_bytes(unsigned char *buf, int num)
+{
+    return gen_bytes(RAND_get0_private(NULL), buf, num);
+}
 
 /*
  * DRBG query functions
  */
-static int state(RAND_DRBG *drbg)
-{
-    return EVP_RAND_state(drbg->rand);
-}
-
-static size_t query_rand_size_t(RAND_DRBG *drbg, const char *name)
+static int state(EVP_RAND_CTX *drbg)
 {
-    OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
-    size_t n;
-
-    *params = OSSL_PARAM_construct_size_t(name, &n);
-    if (EVP_RAND_get_ctx_params(drbg->rand, params))
-        return n;
-    return 0;
+    return EVP_RAND_state(drbg);
 }
 
-static unsigned int query_rand_uint(RAND_DRBG *drbg, const char *name)
+static unsigned int query_rand_uint(EVP_RAND_CTX *drbg, const char *name)
 {
     OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
     unsigned int n;
 
     *params = OSSL_PARAM_construct_uint(name, &n);
-    if (EVP_RAND_get_ctx_params(drbg->rand, params))
+    if (EVP_RAND_get_ctx_params(drbg, params))
         return n;
     return 0;
 }
 
-#define DRBG_SIZE_T(name)                               \
-    static size_t name(RAND_DRBG *drbg)                 \
-    {                                                   \
-        return query_rand_size_t(drbg, #name);          \
-    }
-DRBG_SIZE_T(min_entropylen)
-DRBG_SIZE_T(max_entropylen)
-DRBG_SIZE_T(min_noncelen)
-DRBG_SIZE_T(max_noncelen)
-DRBG_SIZE_T(max_perslen)
-DRBG_SIZE_T(max_adinlen)
-
 #define DRBG_UINT(name)                                 \
-    static unsigned int name(RAND_DRBG *drbg)           \
+    static unsigned int name(EVP_RAND_CTX *drbg)        \
     {                                                   \
         return query_rand_uint(drbg, #name);            \
     }
-DRBG_UINT(reseed_requests)
 DRBG_UINT(reseed_counter)
 
-static PROV_DRBG *prov_rand(RAND_DRBG *drbg)
+static PROV_DRBG *prov_rand(EVP_RAND_CTX *drbg)
 {
-    return (PROV_DRBG *)drbg->rand->data;
-}
-
-static void set_generate_counter(RAND_DRBG *drbg, unsigned int n)
-{
-    PROV_DRBG *p = prov_rand(drbg);
-
-    p->reseed_gen_counter = n;
+    return (PROV_DRBG *)drbg->data;
 }
 
-static void set_reseed_counter(RAND_DRBG *drbg, unsigned int n)
+static void set_reseed_counter(EVP_RAND_CTX *drbg, unsigned int n)
 {
     PROV_DRBG *p = prov_rand(drbg);
 
     p->reseed_counter = n;
 }
 
-static void inc_reseed_counter(RAND_DRBG *drbg)
+static void inc_reseed_counter(EVP_RAND_CTX *drbg)
 {
     set_reseed_counter(drbg, reseed_counter(drbg) + 1);
 }
 
-static time_t reseed_time(RAND_DRBG *drbg)
+static time_t reseed_time(EVP_RAND_CTX *drbg)
 {
     OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
     time_t t;
 
     *params = OSSL_PARAM_construct_time_t(OSSL_DRBG_PARAM_RESEED_TIME, &t);
-    if (EVP_RAND_get_ctx_params(drbg->rand, params))
+    if (EVP_RAND_get_ctx_params(drbg, params))
         return t;
     return 0;
 }
 
-/*
- * Test context data, attached as EXDATA to the RAND_DRBG
- */
-typedef struct test_ctx_st {
-    const unsigned char *entropy;
-    size_t entropylen;
-    int entropycnt;
-    const unsigned char *nonce;
-    size_t noncelen;
-    int noncecnt;
-} TEST_CTX;
-
-static size_t kat_entropy(RAND_DRBG *drbg, unsigned char **pout,
-                          int entropy, size_t min_len, size_t max_len,
-                          int prediction_resistance)
-{
-    TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_callback_data(drbg);
-
-    t->entropycnt++;
-    *pout = (unsigned char *)t->entropy;
-    return t->entropylen;
-}
-
-static size_t kat_nonce(RAND_DRBG *drbg, unsigned char **pout,
-                        int entropy, size_t min_len, size_t max_len)
-{
-    TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_callback_data(drbg);
-
-    t->noncecnt++;
-    *pout = (unsigned char *)t->nonce;
-    return t->noncelen;
-}
-
 /*
  * When building the FIPS module, it isn't possible to disable the continuous
  * RNG tests.  Tests that require this are skipped.
@@ -272,360 +141,13 @@ static int crngt_skip(void)
  * Once the RNG infrastructure is able to disable these tests, it should be
  * reconstituted.
  */
-static int disable_crngt(RAND_DRBG *drbg)
+static int disable_crngt(EVP_RAND_CTX *drbg)
 {
     return 1;
 }
 
-static int uninstantiate(RAND_DRBG *drbg)
-{
-    int ret = drbg == NULL ? 1 : RAND_DRBG_uninstantiate(drbg);
-
-    ERR_clear_error();
-    return ret;
-}
-
-/*
- * Do a single KAT test.  Return 0 on failure.
- */
-static int single_kat(DRBG_SELFTEST_DATA *td)
-{
-    RAND_DRBG *drbg = NULL;
-    TEST_CTX t;
-    int failures = 0;
-    unsigned char buff[1024];
-
-    if (crngt_skip())
-        return TEST_skip("CRNGT cannot be disabled");
-
-    /*
-     * Test without PR: Instantiate DRBG with test entropy, nonce and
-     * personalisation string.
-     */
-    if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, td->flags, NULL)))
-        return 0;
-    if (!TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
-                                           kat_nonce, NULL))
-        || !TEST_true(RAND_DRBG_set_callback_data(drbg, &t))
-        || !TEST_true(disable_crngt(drbg))) {
-        failures++;
-        goto err;
-    }
-    memset(&t, 0, sizeof(t));
-    t.entropy = td->entropy;
-    t.entropylen = td->entropylen;
-    t.nonce = td->nonce;
-    t.noncelen = td->noncelen;
-
-    if (!TEST_true(RAND_DRBG_instantiate(drbg, td->pers, td->perslen))
-            || !TEST_true(RAND_DRBG_generate(drbg, buff, td->exlen, 0,
-                                             td->adin, td->adinlen))
-            || !TEST_mem_eq(td->expected, td->exlen, buff, td->exlen))
-        failures++;
-
-    /* Reseed DRBG with test entropy and additional input */
-    t.entropy = td->entropyreseed;
-    t.entropylen = td->entropyreseedlen;
-    if (!TEST_true(RAND_DRBG_reseed(drbg, td->adinreseed, td->adinreseedlen, 0)
-            || !TEST_true(RAND_DRBG_generate(drbg, buff, td->kat2len, 0,
-                                             td->adin2, td->adin2len))
-            || !TEST_mem_eq(td->kat2, td->kat2len, buff, td->kat2len)))
-        failures++;
-    uninstantiate(drbg);
-
-    /*
-     * Now test with PR: Instantiate DRBG with test entropy, nonce and
-     * personalisation string.
-     */
-    if (!TEST_true(RAND_DRBG_set(drbg, td->nid, td->flags))
-            || !TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
-                                                  kat_nonce, NULL))
-            || !TEST_true(RAND_DRBG_set_callback_data(drbg, &t)))
-        failures++;
-    t.entropy = td->entropy_pr;
-    t.entropylen = td->entropylen_pr;
-    t.nonce = td->nonce_pr;
-    t.noncelen = td->noncelen_pr;
-    t.entropycnt = 0;
-    t.noncecnt = 0;
-    if (!TEST_true(RAND_DRBG_instantiate(drbg, td->pers_pr, td->perslen_pr)))
-        failures++;
-
-    /*
-     * Now generate with PR: we need to supply entropy as this will
-     * perform a reseed operation.
-     */
-    t.entropy = td->entropypr_pr;
-    t.entropylen = td->entropyprlen_pr;
-    if (!TEST_true(RAND_DRBG_generate(drbg, buff, td->katlen_pr, 1,
-                                      td->adin_pr, td->adinlen_pr))
-            || !TEST_mem_eq(td->kat_pr, td->katlen_pr, buff, td->katlen_pr))
-        failures++;
-
-    /*
-     * Now generate again with PR: supply new entropy again.
-     */
-    t.entropy = td->entropyg_pr;
-    t.entropylen = td->entropyglen_pr;
-
-    if (!TEST_true(RAND_DRBG_generate(drbg, buff, td->kat2len_pr, 1,
-                                      td->ading_pr, td->adinglen_pr))
-                || !TEST_mem_eq(td->kat2_pr, td->kat2len_pr,
-                                buff, td->kat2len_pr))
-        failures++;
-
-err:
-    uninstantiate(drbg);
-    RAND_DRBG_free(drbg);
-    return failures == 0;
-}
-
-/*
- * Initialise a DRBG based on selftest data
- */
-static int init(RAND_DRBG *drbg, DRBG_SELFTEST_DATA *td, TEST_CTX *t)
-{
-    if (!TEST_true(RAND_DRBG_set(drbg, td->nid, td->flags))
-            || !TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
-                                                  kat_nonce, NULL)))
-        return 0;
-    RAND_DRBG_set_callback_data(drbg, t);
-    t->entropy = td->entropy;
-    t->entropylen = td->entropylen;
-    t->nonce = td->nonce;
-    t->noncelen = td->noncelen;
-    t->entropycnt = 0;
-    t->noncecnt = 0;
-    return 1;
-}
-
-/*
- * Initialise and instantiate DRBG based on selftest data
- */
-static int instantiate(RAND_DRBG *drbg, DRBG_SELFTEST_DATA *td,
-                       TEST_CTX *t)
-{
-    if (!TEST_true(init(drbg, td, t))
-            || !TEST_true(RAND_DRBG_instantiate(drbg, td->pers, td->perslen)))
-        return 0;
-    return 1;
-}
-
-/*
- * Perform extensive error checking as required by SP800-90.
- * Induce several failure modes and check an error condition is set.
- */
-static int error_check(DRBG_SELFTEST_DATA *td)
-{
-    RAND_DRBG *drbg = NULL;
-    TEST_CTX t;
-    unsigned char buff[1024];
-    unsigned int reseed_counter_tmp;
-    int ret = 0;
-
-    if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, td->flags, NULL))
-        || !TEST_true(disable_crngt(drbg)))
-        goto err;
-
-    /*
-     * Personalisation string tests
-     */
-
-    /* Test detection of too large personalisation string */
-    if (!init(drbg, td, &t)
-            || !TEST_false(RAND_DRBG_instantiate(drbg, td->pers, max_perslen(drbg) + 1)))
-        goto err;
-
-    /*
-     * Entropy source tests
-     */
-
-    /* Test entropy source failure detection: i.e. returns no data */
-    t.entropylen = 0;
-    if (!TEST_false(RAND_DRBG_instantiate(drbg, td->pers, td->perslen)))
-        goto err;
-
-    /* Try to generate output from uninstantiated DRBG */
-    if (!TEST_false(RAND_DRBG_generate(drbg, buff, td->exlen, 0,
-                                       td->adin, td->adinlen))
-            || !uninstantiate(drbg))
-        goto err;
-
-    /* Test insufficient entropy */
-    if (!init(drbg, td, &t))
-        goto err;
-    t.entropylen = min_entropylen(drbg) - 1;
-    if (!TEST_false(RAND_DRBG_instantiate(drbg, td->pers, td->perslen))
-            || !uninstantiate(drbg))
-        goto err;
-
-    /* Test too much entropy */
-    if (!init(drbg, td, &t))
-        goto err;
-    t.entropylen = max_entropylen(drbg) + 1;
-    if (!TEST_false(RAND_DRBG_instantiate(drbg, td->pers, td->perslen))
-            || !uninstantiate(drbg))
-        goto err;
-
-    /*
-     * Nonce tests
-     */
-
-    /* Test too small nonce */
-    if (min_noncelen(drbg) != 0) {
-        if (!init(drbg, td, &t))
-            goto err;
-        t.noncelen = min_noncelen(drbg) - 1;
-        if (!TEST_false(RAND_DRBG_instantiate(drbg, td->pers, td->perslen))
-                || !uninstantiate(drbg))
-            goto err;
-    }
-
-    /* Test too large nonce */
-    if (max_noncelen(drbg) != 0) {
-        if (!init(drbg, td, &t))
-            goto err;
-        t.noncelen = max_noncelen(drbg) + 1;
-        if (!TEST_false(RAND_DRBG_instantiate(drbg, td->pers, td->perslen))
-                || !uninstantiate(drbg))
-            goto err;
-    }
-
-    /* Instantiate with valid data, Check generation is now OK */
-    if (!instantiate(drbg, td, &t)
-            || !TEST_true(RAND_DRBG_generate(drbg, buff, td->exlen, 0,
-                                             td->adin, td->adinlen)))
-        goto err;
-
-    /* Try too large additional input */
-    if (!TEST_false(RAND_DRBG_generate(drbg, buff, td->exlen, 0,
-                                       td->adin, max_adinlen(drbg) + 1)))
-        goto err;
-
-    /*
-     * Check prediction resistance request fails if entropy source
-     * failure.
-     */
-    t.entropylen = 0;
-    if (!TEST_false(RAND_DRBG_generate(drbg, buff, td->exlen, 1,
-                                      td->adin, td->adinlen))
-            || !uninstantiate(drbg))
-        goto err;
-
-    /* Instantiate again with valid data */
-    if (!instantiate(drbg, td, &t))
-        goto err;
-    reseed_counter_tmp = reseed_counter(drbg);
-    set_generate_counter(drbg, reseed_requests(drbg));
-
-    /* Generate output and check entropy has been requested for reseed */
-    t.entropycnt = 0;
-    if (!TEST_true(RAND_DRBG_generate(drbg, buff, td->exlen, 0,
-                                      td->adin, td->adinlen))
-            || !TEST_int_eq(t.entropycnt, 1)
-            || !TEST_int_eq(reseed_counter(drbg), reseed_counter_tmp + 1)
-            || !uninstantiate(drbg))
-        goto err;
-
-    /*
-     * Check prediction resistance request fails if entropy source
-     * failure.
-     */
-    t.entropylen = 0;
-    if (!TEST_false(RAND_DRBG_generate(drbg, buff, td->exlen, 1,
-                                       td->adin, td->adinlen))
-            || !uninstantiate(drbg))
-        goto err;
-
-    /* Test reseed counter works */
-    if (!instantiate(drbg, td, &t))
-        goto err;
-    reseed_counter_tmp = reseed_counter(drbg);
-    set_generate_counter(drbg, reseed_requests(drbg));
-
-    /* Generate output and check entropy has been requested for reseed */
-    t.entropycnt = 0;
-    if (!TEST_true(RAND_DRBG_generate(drbg, buff, td->exlen, 0,
-                                      td->adin, td->adinlen))
-            || !TEST_int_eq(t.entropycnt, 1)
-            || !TEST_int_eq(reseed_counter(drbg), reseed_counter_tmp + 1)
-            || !uninstantiate(drbg))
-        goto err;
-
-    /*
-     * Explicit reseed tests
-     */
-
-    /* Test explicit reseed with too large additional input */
-    if (!instantiate(drbg, td, &t)
-            || !TEST_false(RAND_DRBG_reseed(drbg, td->adin, max_adinlen(drbg) + 1, 0)))
-        goto err;
-
-    /* Test explicit reseed with entropy source failure */
-    t.entropylen = 0;
-    if (!TEST_false(RAND_DRBG_reseed(drbg, td->adin, td->adinlen, 0))
-            || !uninstantiate(drbg))
-        goto err;
-
-    /* Test explicit reseed with too much entropy */
-    if (!instantiate(drbg, td, &t))
-        goto err;
-    t.entropylen = max_entropylen(drbg) + 1;
-    if (!TEST_false(RAND_DRBG_reseed(drbg, td->adin, td->adinlen, 0))
-            || !uninstantiate(drbg))
-        goto err;
-
-    /* Test explicit reseed with too little entropy */
-    if (!instantiate(drbg, td, &t))
-        goto err;
-    t.entropylen = min_entropylen(drbg) - 1;
-    if (!TEST_false(RAND_DRBG_reseed(drbg, td->adin, td->adinlen, 0))
-            || !uninstantiate(drbg))
-        goto err;
-
-    /* Standard says we have to check uninstantiate really zeroes */
-    if (!TEST_true(EVP_RAND_verify_zeroization(drbg->rand)))
-        goto err;
-
-    ret = 1;
-
-err:
-    uninstantiate(drbg);
-    RAND_DRBG_free(drbg);
-    return ret;
-}
-
-static int test_kats(int i)
-{
-    DRBG_SELFTEST_DATA *td = &drbg_test[i];
-    int rv = 0;
-
-    if (!single_kat(td))
-        goto err;
-    rv = 1;
-
-err:
-    return rv;
-}
-
-static int test_error_checks(int i)
-{
-    DRBG_SELFTEST_DATA *td = &drbg_test[i];
-    int rv = 0;
-
-    if (crngt_skip())
-        return TEST_skip("CRNGT cannot be disabled");
-
-    if (!error_check(td))
-        goto err;
-    rv = 1;
-
-err:
-    return rv;
-}
-
 /*
- * Generates random output using RAND_bytes() and RAND_priv_bytes()
+ * Generates random output using rand_bytes() and rand_priv_bytes()
  * and checks whether the three shared DRBGs were reseeded as
  * expected.
  *
@@ -639,9 +161,9 @@ err:
  *                |before_reseed| time.
  */
 static int test_drbg_reseed(int expect_success,
-                            RAND_DRBG *primary,
-                            RAND_DRBG *public,
-                            RAND_DRBG *private,
+                            EVP_RAND_CTX *primary,
+                            EVP_RAND_CTX *public,
+                            EVP_RAND_CTX *private,
                             int expect_primary_reseed,
                             int expect_public_reseed,
                             int expect_private_reseed,
@@ -672,8 +194,8 @@ static int test_drbg_reseed(int expect_success,
 
     /* Generate random output from the public and private DRBG */
     before_reseed = expect_primary_reseed == 1 ? reseed_when : 0;
-    if (!TEST_int_eq(RAND_bytes(buf, sizeof(buf)), expect_success)
-        || !TEST_int_eq(RAND_priv_bytes(buf, sizeof(buf)), expect_success))
+    if (!TEST_int_eq(rand_bytes(buf, sizeof(buf)), expect_success)
+        || !TEST_int_eq(rand_priv_bytes(buf, sizeof(buf)), expect_success))
         return 0;
     after_reseed = time(NULL);
 
@@ -683,8 +205,8 @@ static int test_drbg_reseed(int expect_success,
      */
 
     /* Test whether reseeding succeeded as expected */
-    if (/*!TEST_int_eq(state(primary), expected_state)
-        || */!TEST_int_eq(state(public), expected_state)
+    if (!TEST_int_eq(state(primary), expected_state)
+        || !TEST_int_eq(state(public), expected_state)
         || !TEST_int_eq(state(private), expected_state))
         return 0;
 
@@ -733,9 +255,9 @@ static int test_drbg_reseed(int expect_success,
  * Test whether primary, public and private DRBG are reseeded after
  * forking the process.
  */
-static int test_drbg_reseed_after_fork(RAND_DRBG *primary,
-                                       RAND_DRBG *public,
-                                       RAND_DRBG *private)
+static int test_drbg_reseed_after_fork(EVP_RAND_CTX *primary,
+                                       EVP_RAND_CTX *public,
+                                       EVP_RAND_CTX *private)
 {
     pid_t pid;
     int status=0;
@@ -763,7 +285,7 @@ static int test_drbg_reseed_after_fork(RAND_DRBG *primary,
  */
 static int test_rand_drbg_reseed(void)
 {
-    RAND_DRBG *primary, *public, *private;
+    EVP_RAND_CTX *primary, *public, *private;
     unsigned char rand_add_buf[256];
     int rv = 0;
     time_t before_reseed;
@@ -776,17 +298,17 @@ static int test_rand_drbg_reseed(void)
         return 0;
 
     /* All three DRBGs should be non-null */
-    if (!TEST_ptr(primary = RAND_DRBG_get0_master())
-        || !TEST_ptr(public = RAND_DRBG_get0_public())
-        || !TEST_ptr(private = RAND_DRBG_get0_private()))
+    if (!TEST_ptr(primary = RAND_get0_primary(NULL))
+        || !TEST_ptr(public = RAND_get0_public(NULL))
+        || !TEST_ptr(private = RAND_get0_private(NULL)))
         return 0;
 
     /* There should be three distinct DRBGs, two of them chained to primary */
     if (!TEST_ptr_ne(public, private)
         || !TEST_ptr_ne(public, primary)
         || !TEST_ptr_ne(private, primary)
-        || !TEST_ptr_eq(public->parent, primary)
-        || !TEST_ptr_eq(private->parent, primary))
+        || !TEST_ptr_eq(prov_rand(public)->parent, prov_rand(primary))
+        || !TEST_ptr_eq(prov_rand(private)->parent, prov_rand(primary)))
         return 0;
 
     /* Disable CRNG testing for the primary DRBG */
@@ -794,9 +316,9 @@ static int test_rand_drbg_reseed(void)
         return 0;
 
     /* uninstantiate the three global DRBGs */
-    RAND_DRBG_uninstantiate(primary);
-    RAND_DRBG_uninstantiate(private);
-    RAND_DRBG_uninstantiate(public);
+    EVP_RAND_uninstantiate(primary);
+    EVP_RAND_uninstantiate(private);
+    EVP_RAND_uninstantiate(public);
 
 
     /*
@@ -884,27 +406,37 @@ error:
 static int multi_thread_rand_bytes_succeeded = 1;
 static int multi_thread_rand_priv_bytes_succeeded = 1;
 
+static int set_reseed_time_interval(EVP_RAND_CTX *drbg, int t)
+{
+    OSSL_PARAM params[2];
+
+    params[0] = OSSL_PARAM_construct_int(OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL,
+                                         &t);
+    params[1] = OSSL_PARAM_construct_end();
+    return EVP_RAND_set_ctx_params(drbg, params);
+}
+
 static void run_multi_thread_test(void)
 {
     unsigned char buf[256];
     time_t start = time(NULL);
-    RAND_DRBG *public = NULL, *private = NULL;
+    EVP_RAND_CTX *public = NULL, *private = NULL;
 
-    if (!TEST_ptr(public = RAND_DRBG_get0_public())
-            || !TEST_ptr(private = RAND_DRBG_get0_private())) {
+    if (!TEST_ptr(public = RAND_get0_public(NULL))
+            || !TEST_ptr(private = RAND_get0_private(NULL))
+            || !TEST_true(set_reseed_time_interval(private, 1))
+            || !TEST_true(set_reseed_time_interval(public, 1))) {
         multi_thread_rand_bytes_succeeded = 0;
         return;
     }
-    RAND_DRBG_set_reseed_time_interval(private, 1);
-    RAND_DRBG_set_reseed_time_interval(public, 1);
 
     do {
-        if (RAND_bytes(buf, sizeof(buf)) <= 0)
+        if (rand_bytes(buf, sizeof(buf)) <= 0)
             multi_thread_rand_bytes_succeeded = 0;
-        if (RAND_priv_bytes(buf, sizeof(buf)) <= 0)
+        if (rand_priv_bytes(buf, sizeof(buf)) <= 0)
             multi_thread_rand_priv_bytes_succeeded = 0;
     }
-    while(time(NULL) - start < 5);
+    while (time(NULL) - start < 5);
 }
 
 # if defined(OPENSSL_SYS_WINDOWS)
@@ -986,9 +518,29 @@ static int test_multi_thread(void)
 }
 #endif
 
+static EVP_RAND_CTX *new_drbg(EVP_RAND_CTX *parent)
+{
+    OSSL_PARAM params[2];
+    EVP_RAND *rand = NULL;
+    EVP_RAND_CTX *drbg = NULL;
+
+    params[0] = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_CIPHER,
+                                                 "AES-256-CTR", 0);
+    params[1] = OSSL_PARAM_construct_end();
+
+    if (!TEST_ptr(rand = EVP_RAND_fetch(NULL, "CTR-DRBG", NULL))
+            || !TEST_ptr(drbg = EVP_RAND_CTX_new(rand, parent))
+            || !TEST_true(EVP_RAND_set_ctx_params(drbg, params))) {
+        EVP_RAND_CTX_rand(drbg);
+        EVP_RAND_free(rand);
+        drbg = NULL;
+    }
+    return drbg;
+}
+
 static int test_rand_drbg_prediction_resistance(void)
 {
-    RAND_DRBG *x = NULL, *y = NULL, *z = NULL;
+    EVP_RAND_CTX *x = NULL, *y = NULL, *z = NULL;
     unsigned char buf1[51], buf2[sizeof(buf1)];
     int ret = 0, xreseed, yreseed, zreseed;
 
@@ -996,13 +548,13 @@ static int test_rand_drbg_prediction_resistance(void)
         return TEST_skip("CRNGT cannot be disabled");
 
     /* Initialise a three long DRBG chain */
-    if (!TEST_ptr(x = RAND_DRBG_new(0, 0, NULL))
+    if (!TEST_ptr(x = new_drbg(NULL))
         || !TEST_true(disable_crngt(x))
-        || !TEST_true(RAND_DRBG_instantiate(x, NULL, 0))
-        || !TEST_ptr(y = RAND_DRBG_new(0, 0, x))
-        || !TEST_true(RAND_DRBG_instantiate(y, NULL, 0))
-        || !TEST_ptr(z = RAND_DRBG_new(0, 0, y))
-        || !TEST_true(RAND_DRBG_instantiate(z, NULL, 0)))
+        || !TEST_true(EVP_RAND_instantiate(x, 0, 0, NULL, 0))
+        || !TEST_ptr(y = new_drbg(x))
+        || !TEST_true(EVP_RAND_instantiate(y, 0, 0, NULL, 0))
+        || !TEST_ptr(z = new_drbg(y))
+        || !TEST_true(EVP_RAND_instantiate(z, 0, 0, NULL, 0)))
         goto err;
 
     /*
@@ -1013,7 +565,7 @@ static int test_rand_drbg_prediction_resistance(void)
     xreseed = reseed_counter(x);
     yreseed = reseed_counter(y);
     zreseed = reseed_counter(z);
-    if (!TEST_true(RAND_DRBG_reseed(z, NULL, 0, 0))
+    if (!TEST_true(EVP_RAND_reseed(z, 0, NULL, 0, NULL, 0))
         || !TEST_int_eq(reseed_counter(x), xreseed)
         || !TEST_int_eq(reseed_counter(y), yreseed)
         || !TEST_int_gt(reseed_counter(z), zreseed))
@@ -1024,7 +576,7 @@ static int test_rand_drbg_prediction_resistance(void)
      * propagated to the primary, so that the entire DRBG chain reseeds.
      */
     zreseed = reseed_counter(z);
-    if (!TEST_true(RAND_DRBG_reseed(z, NULL, 0, 1))
+    if (!TEST_true(EVP_RAND_reseed(z, 1, NULL, 0, NULL, 0))
         || !TEST_int_gt(reseed_counter(x), xreseed)
         || !TEST_int_gt(reseed_counter(y), yreseed)
         || !TEST_int_gt(reseed_counter(z), zreseed))
@@ -1036,7 +588,7 @@ static int test_rand_drbg_prediction_resistance(void)
     xreseed = reseed_counter(x);
     yreseed = reseed_counter(y);
     zreseed = reseed_counter(z);
-    if (!TEST_true(RAND_DRBG_generate(z, buf1, sizeof(buf1), 0, NULL, 0))
+    if (!TEST_true(EVP_RAND_generate(z, buf1, sizeof(buf1), 0, 0, NULL, 0))
         || !TEST_int_eq(reseed_counter(x), xreseed)
         || !TEST_int_eq(reseed_counter(y), yreseed)
         || !TEST_int_gt(reseed_counter(z), zreseed))
@@ -1047,7 +599,7 @@ static int test_rand_drbg_prediction_resistance(void)
      * should be propagated to the primary, reseeding the entire DRBG chain.
      */
     zreseed = reseed_counter(z);
-    if (!TEST_true(RAND_DRBG_generate(z, buf2, sizeof(buf2), 1, NULL, 0))
+    if (!TEST_true(EVP_RAND_generate(z, buf2, sizeof(buf2), 0, 1, NULL, 0))
         || !TEST_int_gt(reseed_counter(x), xreseed)
         || !TEST_int_gt(reseed_counter(y), yreseed)
         || !TEST_int_gt(reseed_counter(z), zreseed)
@@ -1059,7 +611,7 @@ static int test_rand_drbg_prediction_resistance(void)
     xreseed = reseed_counter(x);
     yreseed = reseed_counter(y);
     zreseed = reseed_counter(z);
-    if (!TEST_true(RAND_DRBG_reseed(z, NULL, 0, 0))
+    if (!TEST_true(EVP_RAND_reseed(z, 0, NULL, 0, NULL, 0))
         || !TEST_int_eq(reseed_counter(x), xreseed)
         || !TEST_int_eq(reseed_counter(y), yreseed)
         || !TEST_int_gt(reseed_counter(z), zreseed))
@@ -1067,202 +619,23 @@ static int test_rand_drbg_prediction_resistance(void)
 
     ret = 1;
 err:
-    RAND_DRBG_free(z);
-    RAND_DRBG_free(y);
-    RAND_DRBG_free(x);
+    EVP_RAND_CTX_free(z);
+    EVP_RAND_CTX_free(y);
+    EVP_RAND_CTX_free(x);
     return ret;
 }
 
-static int test_multi_set(void)
-{
-    int rv = 0;
-    RAND_DRBG *drbg = NULL;
-
-    if (crngt_skip())
-        return TEST_skip("CRNGT cannot be disabled");
-
-    /* init drbg with default CTR initializer */
-    if (!TEST_ptr(drbg = RAND_DRBG_new(0, 0, NULL))
-        || !TEST_true(disable_crngt(drbg)))
-        goto err;
-    /* change it to use hmac */
-    if (!TEST_true(RAND_DRBG_set(drbg, NID_sha1, RAND_DRBG_FLAG_HMAC)))
-        goto err;
-    /* use same type */
-    if (!TEST_true(RAND_DRBG_set(drbg, NID_sha1, RAND_DRBG_FLAG_HMAC)))
-        goto err;
-    /* change it to use hash */
-    if (!TEST_true(RAND_DRBG_set(drbg, NID_sha256, 0)))
-        goto err;
-    /* use same type */
-    if (!TEST_true(RAND_DRBG_set(drbg, NID_sha256, 0)))
-        goto err;
-    /* change it to use ctr */
-    if (!TEST_true(RAND_DRBG_set(drbg, NID_aes_192_ctr, 0)))
-        goto err;
-    /* use same type */
-    if (!TEST_true(RAND_DRBG_set(drbg, NID_aes_192_ctr, 0)))
-        goto err;
-    if (!TEST_int_gt(RAND_DRBG_instantiate(drbg, NULL, 0), 0))
-        goto err;
-
-    rv = 1;
-err:
-    uninstantiate(drbg);
-    RAND_DRBG_free(drbg);
-    return rv;
-}
-
-static int test_set_defaults(void)
-{
-    RAND_DRBG *primary = NULL, *public = NULL, *private = NULL;
-
-   /* Check the default type and flags for primary, public and private */
-    return TEST_ptr(primary = RAND_DRBG_get0_master())
-           && TEST_ptr(public = RAND_DRBG_get0_public())
-           && TEST_ptr(private = RAND_DRBG_get0_private())
-           && TEST_int_eq(primary->type, RAND_DRBG_TYPE)
-           && TEST_int_eq(primary->flags,
-                          RAND_DRBG_FLAGS | RAND_DRBG_FLAG_PRIMARY)
-           && TEST_int_eq(public->type, RAND_DRBG_TYPE)
-           && TEST_int_eq(public->flags,
-                          RAND_DRBG_FLAGS | RAND_DRBG_FLAG_PUBLIC)
-           && TEST_int_eq(private->type, RAND_DRBG_TYPE)
-           && TEST_int_eq(private->flags,
-                          RAND_DRBG_FLAGS | RAND_DRBG_FLAG_PRIVATE)
-
-           /* change primary DRBG and check again */
-           && TEST_true(RAND_DRBG_set_defaults(NID_sha256,
-                                               RAND_DRBG_FLAG_PRIMARY))
-           && TEST_true(RAND_DRBG_uninstantiate(primary))
-           && TEST_int_eq(primary->type, NID_sha256)
-           && TEST_int_eq(primary->flags, RAND_DRBG_FLAG_PRIMARY)
-           && TEST_int_eq(public->type, RAND_DRBG_TYPE)
-           && TEST_int_eq(public->flags,
-                          RAND_DRBG_FLAGS | RAND_DRBG_FLAG_PUBLIC)
-           && TEST_int_eq(private->type, RAND_DRBG_TYPE)
-           && TEST_int_eq(private->flags,
-                          RAND_DRBG_FLAGS | RAND_DRBG_FLAG_PRIVATE)
-           /* change private DRBG and check again */
-           && TEST_true(RAND_DRBG_set_defaults(NID_sha256,
-                        RAND_DRBG_FLAG_PRIVATE|RAND_DRBG_FLAG_HMAC))
-           && TEST_true(RAND_DRBG_uninstantiate(private))
-           && TEST_int_eq(primary->type, NID_sha256)
-           && TEST_int_eq(primary->flags, RAND_DRBG_FLAG_PRIMARY)
-           && TEST_int_eq(public->type, RAND_DRBG_TYPE)
-           && TEST_int_eq(public->flags,
-                          RAND_DRBG_FLAGS | RAND_DRBG_FLAG_PUBLIC)
-           && TEST_int_eq(private->type, NID_sha256)
-           && TEST_int_eq(private->flags,
-                          RAND_DRBG_FLAG_PRIVATE | RAND_DRBG_FLAG_HMAC)
-           /* change public DRBG and check again */
-           && TEST_true(RAND_DRBG_set_defaults(NID_sha1,
-                                               RAND_DRBG_FLAG_PUBLIC
-                                               | RAND_DRBG_FLAG_HMAC))
-           && TEST_true(RAND_DRBG_uninstantiate(public))
-           && TEST_int_eq(primary->type, NID_sha256)
-           && TEST_int_eq(primary->flags, RAND_DRBG_FLAG_PRIMARY)
-           && TEST_int_eq(public->type, NID_sha1)
-           && TEST_int_eq(public->flags,
-                          RAND_DRBG_FLAG_PUBLIC | RAND_DRBG_FLAG_HMAC)
-           && TEST_int_eq(private->type, NID_sha256)
-           && TEST_int_eq(private->flags,
-                          RAND_DRBG_FLAG_PRIVATE | RAND_DRBG_FLAG_HMAC)
-           /* Change DRBG defaults and change public and check again */
-           && TEST_true(RAND_DRBG_set_defaults(NID_sha256, 0))
-           && TEST_true(RAND_DRBG_uninstantiate(public))
-           && TEST_int_eq(public->type, NID_sha256)
-           && TEST_int_eq(public->flags, RAND_DRBG_FLAG_PUBLIC)
-
-          /* FIPS mode doesn't support CTR DRBG without a derivation function */
-#ifndef FIPS_MODULE
-          /* Change DRBG defaults and change primary and check again */
-           && TEST_true(RAND_DRBG_set_defaults(NID_aes_256_ctr,
-                                               RAND_DRBG_FLAG_CTR_NO_DF))
-           && TEST_true(RAND_DRBG_uninstantiate(primary))
-           && TEST_int_eq(primary->type, NID_aes_256_ctr)
-           && TEST_int_eq(primary->flags,
-                          RAND_DRBG_FLAG_PRIMARY|RAND_DRBG_FLAG_CTR_NO_DF)
-#endif
-           /* Reset back to the standard defaults */
-           && TEST_true(RAND_DRBG_set_defaults(RAND_DRBG_TYPE,
-                                               RAND_DRBG_FLAGS
-                                               | RAND_DRBG_FLAG_PRIMARY
-                                               | RAND_DRBG_FLAG_PUBLIC
-                                               | RAND_DRBG_FLAG_PRIVATE))
-           && TEST_true(RAND_DRBG_uninstantiate(primary))
-           && TEST_true(RAND_DRBG_uninstantiate(public))
-           && TEST_true(RAND_DRBG_uninstantiate(private));
-}
-
-#if 0
-/*
- * A list of the FIPS DRGB types.
- * Because of the way HMAC DRGBs are implemented, both the NID and flags
- * are required.
- */
-static const struct s_drgb_types {
-    int nid;
-    int flags;
-} drgb_types[] = {
-    { NID_aes_128_ctr,  0                   },
-    { NID_aes_192_ctr,  0                   },
-    { NID_aes_256_ctr,  0                   },
-    { NID_sha1,         0                   },
-    { NID_sha224,       0                   },
-    { NID_sha256,       0                   },
-    { NID_sha384,       0                   },
-    { NID_sha512,       0                   },
-    { NID_sha512_224,   0                   },
-    { NID_sha512_256,   0                   },
-    { NID_sha3_224,     0                   },
-    { NID_sha3_256,     0                   },
-    { NID_sha3_384,     0                   },
-    { NID_sha3_512,     0                   },
-    { NID_sha1,         RAND_DRBG_FLAG_HMAC },
-    { NID_sha224,       RAND_DRBG_FLAG_HMAC },
-    { NID_sha256,       RAND_DRBG_FLAG_HMAC },
-    { NID_sha384,       RAND_DRBG_FLAG_HMAC },
-    { NID_sha512,       RAND_DRBG_FLAG_HMAC },
-    { NID_sha512_224,   RAND_DRBG_FLAG_HMAC },
-    { NID_sha512_256,   RAND_DRBG_FLAG_HMAC },
-    { NID_sha3_224,     RAND_DRBG_FLAG_HMAC },
-    { NID_sha3_256,     RAND_DRBG_FLAG_HMAC },
-    { NID_sha3_384,     RAND_DRBG_FLAG_HMAC },
-    { NID_sha3_512,     RAND_DRBG_FLAG_HMAC },
-};
-
-/* Six cases for each covers seed sizes up to 32 bytes */
-static const size_t crngt_num_cases = 6;
-
-static size_t crngt_case, crngt_idx;
-
-static int crngt_entropy_cb(OPENSSL_CTX *ctx, RAND_POOL *pool,
-                            unsigned char *buf, unsigned char *md,
-                            unsigned int *md_size)
-{
-    size_t i, z;
-
-    if (!TEST_int_lt(crngt_idx, crngt_num_cases))
-        return 0;
-    /* Generate a block of unique data unless this is the duplication point */
-    z = crngt_idx++;
-    if (z > 0 && crngt_case == z)
-        z--;
-    for (i = 0; i < CRNGT_BUFSIZ; i++)
-        buf[i] = (unsigned char)(i + 'A' + z);
-    return EVP_Digest(buf, CRNGT_BUFSIZ, md, md_size, EVP_sha256(), NULL);
-}
-#endif
-
 int setup_tests(void)
 {
-    ADD_ALL_TESTS(test_kats, 1);
-    ADD_ALL_TESTS(test_error_checks, OSSL_NELEM(drbg_test));
+    /*
+     * TODO(3.0): figure out why and fix.
+     * Create the primary DRBG here to avoid a memory leak if it is done in
+     * the test cases.
+     */
+    if (RAND_get0_primary(NULL) == NULL)
+        return 0;
     ADD_TEST(test_rand_drbg_reseed);
     ADD_TEST(test_rand_drbg_prediction_resistance);
-    ADD_TEST(test_multi_set);
-    ADD_TEST(test_set_defaults);
 #if defined(OPENSSL_THREADS)
     ADD_TEST(test_multi_thread);
 #endif
diff --git a/test/recipes/05-test_rand.t b/test/recipes/05-test_rand.t
index c1964d5048..4a080cb910 100644
--- a/test/recipes/05-test_rand.t
+++ b/test/recipes/05-test_rand.t
@@ -9,11 +9,9 @@
 use strict;
 use warnings;
 use OpenSSL::Test;
+use OpenSSL::Test::Utils;
 
-plan tests => 2;
+plan tests => 1;
 setup("test_rand");
 
 ok(run(test(["drbgtest"])));
-ok(run(test(["drbg_cavs_test"])));
-# commented out due to long running time
-#ok(run(test(["drbg_extra_test"])));
diff --git a/util/libcrypto.num b/util/libcrypto.num
index f1614c7813..813c86b4c1 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4198,17 +4198,17 @@ OSSL_STORE_LOADER_get0_engine           4287	3_0_0	EXIST::FUNCTION:
 OPENSSL_fork_prepare                    4288	3_0_0	EXIST:UNIX:FUNCTION:
 OPENSSL_fork_parent                     4289	3_0_0	EXIST:UNIX:FUNCTION:
 OPENSSL_fork_child                      4290	3_0_0	EXIST:UNIX:FUNCTION:
-RAND_DRBG_instantiate                   4292	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_uninstantiate                 4293	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_set                           4295	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0
-RAND_DRBG_set_callbacks                 4296	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_new                           4297	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_set_reseed_interval           4298	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_free                          4299	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_generate                      4300	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_reseed                        4301	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_set_ex_data                   4302	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_get_ex_data                   4303	3_0_0	EXIST::FUNCTION:
+RAND_DRBG_instantiate                   4292	3_0_0	NOEXIST::FUNCTION:
+RAND_DRBG_uninstantiate                 4293	3_0_0	NOEXIST::FUNCTION:
+RAND_DRBG_set                           4295	3_0_0	NOEXIST::FUNCTION:DEPRECATEDIN_3_0
+RAND_DRBG_set_callbacks                 4296	3_0_0	NOEXIST::FUNCTION:
+RAND_DRBG_new                           4297	3_0_0	NOEXIST::FUNCTION:
+RAND_DRBG_set_reseed_interval           4298	3_0_0	NOEXIST::FUNCTION:
+RAND_DRBG_free                          4299	3_0_0	NOEXIST::FUNCTION:
+RAND_DRBG_generate                      4300	3_0_0	NOEXIST::FUNCTION:
+RAND_DRBG_reseed                        4301	3_0_0	NOEXIST::FUNCTION:
+RAND_DRBG_set_ex_data                   4302	3_0_0	NOEXIST::FUNCTION:
+RAND_DRBG_get_ex_data                   4303	3_0_0	NOEXIST::FUNCTION:
 EVP_sha3_224                            4304	3_0_0	EXIST::FUNCTION:
 EVP_sha3_256                            4305	3_0_0	EXIST::FUNCTION:
 EVP_sha3_384                            4306	3_0_0	EXIST::FUNCTION:
@@ -4223,7 +4223,7 @@ SCRYPT_PARAMS_it                        4314	3_0_0	EXIST::FUNCTION:SCRYPT
 CRYPTO_secure_clear_free                4315	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_meth_get0                      4316	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0
 EVP_PKEY_meth_get_count                 4317	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0
-RAND_DRBG_get0_public                   4319	3_0_0	EXIST::FUNCTION:
+RAND_DRBG_get0_public                   4319	3_0_0	NOEXIST::FUNCTION:
 RAND_priv_bytes                         4320	3_0_0	EXIST::FUNCTION:
 BN_priv_rand                            4321	3_0_0	EXIST::FUNCTION:
 BN_priv_rand_range                      4322	3_0_0	EXIST::FUNCTION:
@@ -4233,7 +4233,7 @@ ASN1_TIME_compare                       4325	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_CTX_ctrl_uint64                4326	3_0_0	EXIST::FUNCTION:
 EVP_DigestFinalXOF                      4327	3_0_0	EXIST::FUNCTION:
 ERR_clear_last_mark                     4328	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_get0_private                  4329	3_0_0	EXIST::FUNCTION:
+RAND_DRBG_get0_private                  4329	3_0_0	NOEXIST::FUNCTION:
 EVP_aria_192_ccm                        4330	3_0_0	EXIST::FUNCTION:ARIA
 EVP_aria_256_gcm                        4331	3_0_0	EXIST::FUNCTION:ARIA
 EVP_aria_256_ccm                        4332	3_0_0	EXIST::FUNCTION:ARIA
@@ -4281,8 +4281,8 @@ RSA_set0_multi_prime_params             4376	3_0_0	EXIST::FUNCTION:RSA
 RSA_get_version                         4377	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
 RSA_meth_get_multi_prime_keygen         4378	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
 RSA_meth_set_multi_prime_keygen         4379	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
-RAND_DRBG_get0_master                   4380	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_set_reseed_time_interval      4381	3_0_0	EXIST::FUNCTION:
+RAND_DRBG_get0_master                   4380	3_0_0	NOEXIST::FUNCTION:
+RAND_DRBG_set_reseed_time_interval      4381	3_0_0	NOEXIST::FUNCTION:
 PROFESSION_INFO_get0_addProfessionInfo  4382	3_0_0	EXIST::FUNCTION:
 ADMISSION_SYNTAX_free                   4383	3_0_0	EXIST::FUNCTION:
 d2i_ADMISSION_SYNTAX                    4384	3_0_0	EXIST::FUNCTION:
@@ -4332,7 +4332,7 @@ ADMISSION_SYNTAX_new                    4427	3_0_0	EXIST::FUNCTION:
 EVP_sha512_256                          4428	3_0_0	EXIST::FUNCTION:
 EVP_sha512_224                          4429	3_0_0	EXIST::FUNCTION:
 OCSP_basic_sign_ctx                     4430	3_0_0	EXIST::FUNCTION:OCSP
-RAND_DRBG_bytes                         4431	3_0_0	EXIST::FUNCTION:
+RAND_DRBG_bytes                         4431	3_0_0	NOEXIST::FUNCTION:
 OSSL_STORE_vctrl                        4433	3_0_0	EXIST::FUNCTION:
 OSSL_STORE_SEARCH_by_alias              4434	3_0_0	EXIST::FUNCTION:
 BIO_bind                                4435	3_0_0	EXIST::FUNCTION:SOCK
@@ -4352,13 +4352,13 @@ X509_get0_authority_key_id              4448	3_0_0	EXIST::FUNCTION:
 OSSL_STORE_LOADER_set_find              4449	3_0_0	EXIST::FUNCTION:
 OSSL_STORE_SEARCH_free                  4450	3_0_0	EXIST::FUNCTION:
 OSSL_STORE_SEARCH_get0_digest           4451	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_set_reseed_defaults           4452	3_0_0	EXIST::FUNCTION:
+RAND_DRBG_set_reseed_defaults           4452	3_0_0	NOEXIST::FUNCTION:
 EVP_PKEY_new_raw_private_key            4453	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_new_raw_public_key             4454	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_new_CMAC_key                   4455	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_asn1_set_set_priv_key          4456	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_asn1_set_set_pub_key           4457	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_set_defaults                  4458	3_0_0	EXIST::FUNCTION:
+RAND_DRBG_set_defaults                  4458	3_0_0	NOEXIST::FUNCTION:
 conf_ssl_name_find                      4469	3_0_0	EXIST::FUNCTION:
 conf_ssl_get_cmd                        4470	3_0_0	EXIST::FUNCTION:
 conf_ssl_get                            4471	3_0_0	EXIST::FUNCTION:
@@ -4642,10 +4642,10 @@ OSSL_CMP_MSG_free                       ?	3_0_0	EXIST::FUNCTION:CMP
 ERR_load_CMP_strings                    ?	3_0_0	EXIST::FUNCTION:CMP
 EVP_MD_CTX_set_params                   ?	3_0_0	EXIST::FUNCTION:
 EVP_MD_CTX_get_params                   ?	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_new_ex                        ?	3_0_0	EXIST::FUNCTION:
-OPENSSL_CTX_get0_primary_drbg           ?	3_0_0	EXIST::FUNCTION:
-OPENSSL_CTX_get0_public_drbg            ?	3_0_0	EXIST::FUNCTION:
-OPENSSL_CTX_get0_private_drbg           ?	3_0_0	EXIST::FUNCTION:
+RAND_DRBG_new_ex                        ?	3_0_0	NOEXIST::FUNCTION:
+OPENSSL_CTX_get0_primary_drbg           ?	3_0_0	NOEXIST::FUNCTION:
+OPENSSL_CTX_get0_public_drbg            ?	3_0_0	NOEXIST::FUNCTION:
+OPENSSL_CTX_get0_private_drbg           ?	3_0_0	NOEXIST::FUNCTION:
 BN_CTX_new_ex                           ?	3_0_0	EXIST::FUNCTION:
 BN_CTX_secure_new_ex                    ?	3_0_0	EXIST::FUNCTION:
 OPENSSL_thread_stop_ex                  ?	3_0_0	EXIST::FUNCTION:
@@ -4923,8 +4923,8 @@ PKCS8_pkey_add1_attr_by_OBJ             ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_private_check                  ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_pairwise_check                 ?	3_0_0	EXIST::FUNCTION:
 ASN1_item_verify_ctx                    ?	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_set_callback_data             ?	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_get_callback_data             ?	3_0_0	EXIST::FUNCTION:
+RAND_DRBG_set_callback_data             ?	3_0_0	NOEXIST::FUNCTION:
+RAND_DRBG_get_callback_data             ?	3_0_0	NOEXIST::FUNCTION:
 BIO_socket_wait                         ?	3_0_0	EXIST::FUNCTION:SOCK
 BIO_wait                                ?	3_0_0	EXIST::FUNCTION:
 BIO_do_connect_retry                    ?	3_0_0	EXIST::FUNCTION:
@@ -5106,12 +5106,12 @@ EVP_RAND_uninstantiate                  ?	3_0_0	EXIST::FUNCTION:
 EVP_RAND_generate                       ?	3_0_0	EXIST::FUNCTION:
 EVP_RAND_reseed                         ?	3_0_0	EXIST::FUNCTION:
 EVP_RAND_nonce                          ?	3_0_0	EXIST::FUNCTION:
-EVP_RAND_set_callbacks                  ?	3_0_0	EXIST::FUNCTION:
+EVP_RAND_set_callbacks                  ?	3_0_0	NOEXIST::FUNCTION:
 EVP_RAND_enable_locking                 ?	3_0_0	EXIST::FUNCTION:
 EVP_RAND_verify_zeroization             ?	3_0_0	EXIST::FUNCTION:
 EVP_RAND_strength                       ?	3_0_0	EXIST::FUNCTION:
 EVP_RAND_state                          ?	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_verify_zeroization            ?	3_0_0	EXIST::FUNCTION:
+RAND_DRBG_verify_zeroization            ?	3_0_0	NOEXIST::FUNCTION:
 EVP_default_properties_is_fips_enabled  ?	3_0_0	EXIST::FUNCTION:
 EVP_default_properties_enable_fips      ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_new_raw_private_key_with_libctx ?	3_0_0	EXIST::FUNCTION:
@@ -5197,6 +5197,9 @@ OSSL_DESERIALIZER_CTX_set_cleanup       ?	3_0_0	EXIST::FUNCTION:
 OSSL_DESERIALIZER_CTX_get_construct     ?	3_0_0	EXIST::FUNCTION:
 OSSL_DESERIALIZER_CTX_get_construct_data ?	3_0_0	EXIST::FUNCTION:
 OSSL_DESERIALIZER_CTX_get_cleanup       ?	3_0_0	EXIST::FUNCTION:
+RAND_get0_primary                       ?	3_0_0	EXIST::FUNCTION:
+RAND_get0_public                        ?	3_0_0	EXIST::FUNCTION:
+RAND_get0_private                       ?	3_0_0	EXIST::FUNCTION:
 PKCS12_SAFEBAG_get0_bag_obj             ?	3_0_0	EXIST::FUNCTION:
 PKCS12_SAFEBAG_get0_bag_type            ?	3_0_0	EXIST::FUNCTION:
 PKCS12_SAFEBAG_create_secret            ?	3_0_0	EXIST::FUNCTION:

From shane.lontis at oracle.com  Fri Aug  7 04:45:49 2020
From: shane.lontis at oracle.com (shane.lontis at oracle.com)
Date: Fri, 07 Aug 2020 04:45:49 +0000
Subject: [openssl]  master update
Message-ID: <1596775549.318191.7328.nullmailer@dev.openssl.org>

The branch master has been updated
       via  5ccada09aae0cf846d3381a161d3eb20d4d9abfd (commit)
      from  64827f407b0b603f585d7fadfd7e61a60ed7a45b (commit)


- Log -----------------------------------------------------------------
commit 5ccada09aae0cf846d3381a161d3eb20d4d9abfd
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Fri Aug 7 14:29:00 2020 +1000

    Add evp_test fixes.
    
    Changed many tests so they also test fips (and removed 'availablein = default' from some tests).
    Seperated the monolithic evppkey.txt file into smaller maintainable groups.
    Changed the availablein option so it must be first - this then skips the entire test before any fetching happens.
    Changed the code so that all the OPENSSL_NO_XXXX tests are done in code via methods such as is_cipher_disabled(alg),
    before the fetch happens.
    Added missing libctx's found by adding a libctx to test_evp.
    Broke up large data files for cipher, kdf's and mac's into smaller pieces so they no longer need 'AvailableIn = default'
    Added missing algorithm aliases for cipher/digests to the providers.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12236)

-----------------------------------------------------------------------

Summary of changes:
 crypto/ec/ec_pmeth.c                               |     3 +-
 crypto/ec/ecdh_kdf.c                               |     7 +-
 crypto/evp/p5_crpt2.c                              |    19 +-
 crypto/evp/pbe_scrypt.c                            |     3 +-
 crypto/evp/pkey_kdf.c                              |     2 +-
 crypto/sm2/sm2_crypt.c                             |    21 +-
 crypto/sm2/sm2_pmeth.c                             |    21 +-
 crypto/sm2/sm2_sign.c                              |    28 +-
 include/crypto/ec.h                                |     2 +-
 include/crypto/evp.h                               |     6 +
 providers/defltprov.c                              |    10 +-
 providers/fips/fipsprov.c                          |     8 +-
 providers/implementations/exchange/ecdh_exch.c     |     3 +-
 providers/implementations/kdfs/scrypt.c            |    17 +-
 providers/legacyprov.c                             |     8 +-
 test/evp_test.c                                    |   666 +-
 test/recipes/30-test_evp.t                         |   132 +-
 test/recipes/30-test_evp_data/evpcase.txt          |    54 -
 .../{evpccmcavs.txt => evpciph_aes_ccm_cavs.txt}   |     2 +-
 .../{evpciph.txt => evpciph_aes_common.txt}        |  1243 +-
 test/recipes/30-test_evp_data/evpciph_aes_cts1.txt |   143 +
 .../{evpciph_aes_cts.txt => evpciph_aes_cts23.txt} |   264 +-
 test/recipes/30-test_evp_data/evpciph_aes_ocb.txt  |   209 +
 .../{evpaessiv.txt => evpciph_aes_siv.txt}         |     4 +-
 test/recipes/30-test_evp_data/evpciph_aria.txt     |   249 +
 test/recipes/30-test_evp_data/evpciph_bf.txt       |     8 -
 test/recipes/30-test_evp_data/evpciph_camellia.txt |   626 +
 test/recipes/30-test_evp_data/evpciph_chacha.txt   |     3 +-
 test/recipes/30-test_evp_data/evpciph_des.txt      |    22 +
 .../30-test_evp_data/evpciph_des3_common.txt       |    21 +
 test/recipes/30-test_evp_data/evpciph_sm4.txt      |     1 -
 test/recipes/30-test_evp_data/evpencod.txt         |     4 +-
 .../{evppkey_kdf.txt => evpkdf_hkdf.txt}           |   218 +-
 test/recipes/30-test_evp_data/evpkdf_krb5.txt      |   131 +
 test/recipes/30-test_evp_data/evpkdf_pbkdf2.txt    |   157 +
 test/recipes/30-test_evp_data/evpkdf_scrypt.txt    |    63 +
 test/recipes/30-test_evp_data/evpkdf_ss.txt        |  1121 +
 .../{evpkdf.txt => evpkdf_ssh.txt}                 |  1788 +-
 test/recipes/30-test_evp_data/evpkdf_tls11_prf.txt |    37 +
 test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt |    46 +
 test/recipes/30-test_evp_data/evpkdf_x942.txt      |    35 +
 test/recipes/30-test_evp_data/evpkdf_x963.txt      |   112 +
 test/recipes/30-test_evp_data/evpmac.txt           |  1061 -
 test/recipes/30-test_evp_data/evpmac_blake.txt     |   242 +
 test/recipes/30-test_evp_data/evpmac_common.txt    |   402 +
 test/recipes/30-test_evp_data/evpmac_poly1305.txt  |   288 +
 test/recipes/30-test_evp_data/evpmac_siphash.txt   |   166 +
 test/recipes/30-test_evp_data/evpmd_blake.txt      |    91 +
 test/recipes/30-test_evp_data/evpmd_md.txt         |   111 +
 test/recipes/30-test_evp_data/evpmd_md2.txt        |    44 -
 test/recipes/30-test_evp_data/evpmd_mdc2.txt       |     4 -
 test/recipes/30-test_evp_data/evpmd_ripemd.txt     |    46 +
 .../{evpdigest.txt => evpmd_sha.txt}               |   329 +-
 test/recipes/30-test_evp_data/evpmd_sm3.txt        |    61 +
 test/recipes/30-test_evp_data/evpmd_whirlpool.txt  |    51 +
 .../{evppbe.txt => evppbe_pbkdf2.txt}              |    99 +-
 test/recipes/30-test_evp_data/evppbe_pkcs12.txt    |    62 +
 test/recipes/30-test_evp_data/evppbe_scrypt.txt    |    52 +
 .../recipes/30-test_evp_data/evppkey_brainpool.txt |  1360 ++
 test/recipes/30-test_evp_data/evppkey_dsa.txt      |   130 +
 test/recipes/30-test_evp_data/evppkey_ecc.txt      |   575 +-
 test/recipes/30-test_evp_data/evppkey_ecdh.txt     |  3470 ++++
 test/recipes/30-test_evp_data/evppkey_ecdsa.txt    |   110 +
 test/recipes/30-test_evp_data/evppkey_ecx.txt      |   582 +
 test/recipes/30-test_evp_data/evppkey_ffdhe.txt    |   570 +
 .../{evppkey.txt => evppkey_kas.txt}               | 20325 ++++++-------------
 .../{evppkey_kdf.txt => evppkey_kdf_hkdf.txt}      |   118 +-
 .../30-test_evp_data/evppkey_kdf_scrypt.txt        |    63 +
 .../30-test_evp_data/evppkey_kdf_tls1_prf.txt      |    71 +
 test/recipes/30-test_evp_data/evppkey_mismatch.txt |    85 +
 test/recipes/30-test_evp_data/evppkey_rsa.txt      |  1693 ++
 test/recipes/30-test_evp_data/evppkey_sm2.txt      |    57 +
 test/recipes/30-test_evp_data/evprand.txt          |   288 +-
 73 files changed, 20016 insertions(+), 20107 deletions(-)
 delete mode 100644 test/recipes/30-test_evp_data/evpcase.txt
 rename test/recipes/30-test_evp_data/{evpccmcavs.txt => evpciph_aes_ccm_cavs.txt} (99%)
 rename test/recipes/30-test_evp_data/{evpciph.txt => evpciph_aes_common.txt} (58%)
 create mode 100644 test/recipes/30-test_evp_data/evpciph_aes_cts1.txt
 rename test/recipes/30-test_evp_data/{evpciph_aes_cts.txt => evpciph_aes_cts23.txt} (55%)
 create mode 100644 test/recipes/30-test_evp_data/evpciph_aes_ocb.txt
 rename test/recipes/30-test_evp_data/{evpaessiv.txt => evpciph_aes_siv.txt} (94%)
 create mode 100644 test/recipes/30-test_evp_data/evpciph_aria.txt
 create mode 100644 test/recipes/30-test_evp_data/evpciph_camellia.txt
 create mode 100644 test/recipes/30-test_evp_data/evpciph_des3_common.txt
 copy test/recipes/30-test_evp_data/{evppkey_kdf.txt => evpkdf_hkdf.txt} (56%)
 create mode 100644 test/recipes/30-test_evp_data/evpkdf_krb5.txt
 create mode 100644 test/recipes/30-test_evp_data/evpkdf_pbkdf2.txt
 create mode 100644 test/recipes/30-test_evp_data/evpkdf_scrypt.txt
 create mode 100644 test/recipes/30-test_evp_data/evpkdf_ss.txt
 rename test/recipes/30-test_evp_data/{evpkdf.txt => evpkdf_ssh.txt} (86%)
 create mode 100644 test/recipes/30-test_evp_data/evpkdf_tls11_prf.txt
 create mode 100644 test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt
 create mode 100644 test/recipes/30-test_evp_data/evpkdf_x942.txt
 create mode 100644 test/recipes/30-test_evp_data/evpkdf_x963.txt
 delete mode 100644 test/recipes/30-test_evp_data/evpmac.txt
 create mode 100644 test/recipes/30-test_evp_data/evpmac_blake.txt
 create mode 100644 test/recipes/30-test_evp_data/evpmac_common.txt
 create mode 100644 test/recipes/30-test_evp_data/evpmac_poly1305.txt
 create mode 100644 test/recipes/30-test_evp_data/evpmac_siphash.txt
 create mode 100644 test/recipes/30-test_evp_data/evpmd_blake.txt
 create mode 100644 test/recipes/30-test_evp_data/evpmd_md.txt
 delete mode 100644 test/recipes/30-test_evp_data/evpmd_md2.txt
 create mode 100644 test/recipes/30-test_evp_data/evpmd_ripemd.txt
 rename test/recipes/30-test_evp_data/{evpdigest.txt => evpmd_sha.txt} (59%)
 create mode 100644 test/recipes/30-test_evp_data/evpmd_sm3.txt
 create mode 100644 test/recipes/30-test_evp_data/evpmd_whirlpool.txt
 rename test/recipes/30-test_evp_data/{evppbe.txt => evppbe_pbkdf2.txt} (61%)
 create mode 100644 test/recipes/30-test_evp_data/evppbe_pkcs12.txt
 create mode 100644 test/recipes/30-test_evp_data/evppbe_scrypt.txt
 create mode 100644 test/recipes/30-test_evp_data/evppkey_brainpool.txt
 create mode 100644 test/recipes/30-test_evp_data/evppkey_dsa.txt
 create mode 100644 test/recipes/30-test_evp_data/evppkey_ecdh.txt
 create mode 100644 test/recipes/30-test_evp_data/evppkey_ecdsa.txt
 create mode 100644 test/recipes/30-test_evp_data/evppkey_ecx.txt
 create mode 100644 test/recipes/30-test_evp_data/evppkey_ffdhe.txt
 rename test/recipes/30-test_evp_data/{evppkey.txt => evppkey_kas.txt} (55%)
 rename test/recipes/30-test_evp_data/{evppkey_kdf.txt => evppkey_kdf_hkdf.txt} (62%)
 create mode 100644 test/recipes/30-test_evp_data/evppkey_kdf_scrypt.txt
 create mode 100644 test/recipes/30-test_evp_data/evppkey_kdf_tls1_prf.txt
 create mode 100644 test/recipes/30-test_evp_data/evppkey_mismatch.txt
 create mode 100644 test/recipes/30-test_evp_data/evppkey_rsa.txt
 create mode 100644 test/recipes/30-test_evp_data/evppkey_sm2.txt

diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c
index 7eeeedc0e9..0758d9be4a 100644
--- a/crypto/ec/ec_pmeth.c
+++ b/crypto/ec/ec_pmeth.c
@@ -216,7 +216,8 @@ static int pkey_ec_kdf_derive(EVP_PKEY_CTX *ctx,
         goto err;
     /* Do KDF stuff */
     if (!ecdh_KDF_X9_63(key, *keylen, ktmp, ktmplen,
-                        dctx->kdf_ukm, dctx->kdf_ukmlen, dctx->kdf_md))
+                        dctx->kdf_ukm, dctx->kdf_ukmlen, dctx->kdf_md,
+                        ctx->libctx, ctx->propquery))
         goto err;
     rv = 1;
 
diff --git a/crypto/ec/ecdh_kdf.c b/crypto/ec/ecdh_kdf.c
index fb501c6ada..7695e0be18 100644
--- a/crypto/ec/ecdh_kdf.c
+++ b/crypto/ec/ecdh_kdf.c
@@ -24,13 +24,14 @@
 int ecdh_KDF_X9_63(unsigned char *out, size_t outlen,
                    const unsigned char *Z, size_t Zlen,
                    const unsigned char *sinfo, size_t sinfolen,
-                   const EVP_MD *md)
+                   const EVP_MD *md,
+                   OPENSSL_CTX *libctx, const char *propq)
 {
     int ret = 0;
     EVP_KDF_CTX *kctx = NULL;
     OSSL_PARAM params[4], *p = params;
     const char *mdname = EVP_MD_name(md);
-    EVP_KDF *kdf = EVP_KDF_fetch(NULL, OSSL_KDF_NAME_X963KDF, NULL);
+    EVP_KDF *kdf = EVP_KDF_fetch(libctx, OSSL_KDF_NAME_X963KDF, propq);
 
     if ((kctx = EVP_KDF_CTX_new(kdf)) != NULL) {
         *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
@@ -59,6 +60,6 @@ int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
                    const unsigned char *sinfo, size_t sinfolen,
                    const EVP_MD *md)
 {
-    return ecdh_KDF_X9_63(out, outlen, Z, Zlen, sinfo, sinfolen, md);
+    return ecdh_KDF_X9_63(out, outlen, Z, Zlen, sinfo, sinfolen, md, NULL, NULL);
 }
 #endif
diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c
index 6e89ffd999..7b8f99d511 100644
--- a/crypto/evp/p5_crpt2.c
+++ b/crypto/evp/p5_crpt2.c
@@ -19,9 +19,11 @@
 #include "crypto/evp.h"
 #include "evp_local.h"
 
-int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
-                      const unsigned char *salt, int saltlen, int iter,
-                      const EVP_MD *digest, int keylen, unsigned char *out)
+int pkcs5_pbkdf2_hmac_with_libctx(const char *pass, int passlen,
+                                  const unsigned char *salt, int saltlen,
+                                  int iter, const EVP_MD *digest, int keylen,
+                                  unsigned char *out,
+                                  OPENSSL_CTX *libctx, const char *propq)
 {
     const char *empty = "";
     int rv = 1, mode = 1;
@@ -40,7 +42,7 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
     if (salt == NULL && saltlen == 0)
         salt = (unsigned char *)empty;
 
-    kdf = EVP_KDF_fetch(NULL, OSSL_KDF_NAME_PBKDF2, NULL);
+    kdf = EVP_KDF_fetch(libctx, OSSL_KDF_NAME_PBKDF2, propq);
     kctx = EVP_KDF_CTX_new(kdf);
     EVP_KDF_free(kdf);
     if (kctx == NULL)
@@ -78,6 +80,15 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
     return rv;
 }
 
+int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt,
+                      int saltlen, int iter, const EVP_MD *digest, int keylen,
+                      unsigned char *out)
+{
+    return pkcs5_pbkdf2_hmac_with_libctx(pass, passlen, salt, saltlen, iter,
+                                         digest, keylen, out, NULL, NULL);
+}
+
+
 int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
                            const unsigned char *salt, int saltlen, int iter,
                            int keylen, unsigned char *out)
diff --git a/crypto/evp/pbe_scrypt.c b/crypto/evp/pbe_scrypt.c
index fa7b1de17c..97997377e1 100644
--- a/crypto/evp/pbe_scrypt.c
+++ b/crypto/evp/pbe_scrypt.c
@@ -46,7 +46,7 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
     OSSL_PARAM params[7], *z = params;
 
     if (r > UINT32_MAX || p > UINT32_MAX) {
-        EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_PARAMETER_TOO_LARGE);
+        EVPerr(0, EVP_R_PARAMETER_TOO_LARGE);
         return 0;
     }
 
@@ -62,6 +62,7 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
     if (maxmem == 0)
         maxmem = SCRYPT_MAX_MEM;
 
+    /* Use OPENSSL_CTX_set0_default() if you need a library context */
     kdf = EVP_KDF_fetch(NULL, OSSL_KDF_NAME_SCRYPT, NULL);
     kctx = EVP_KDF_CTX_new(kdf);
     EVP_KDF_free(kdf);
diff --git a/crypto/evp/pkey_kdf.c b/crypto/evp/pkey_kdf.c
index ac4a0fa461..a2d25a925f 100644
--- a/crypto/evp/pkey_kdf.c
+++ b/crypto/evp/pkey_kdf.c
@@ -49,7 +49,7 @@ static int pkey_kdf_init(EVP_PKEY_CTX *ctx)
     if (pkctx == NULL)
         return 0;
 
-    kdf = EVP_KDF_fetch(NULL, kdf_name, NULL);
+    kdf = EVP_KDF_fetch(ctx->libctx, kdf_name, ctx->propquery);
     kctx = EVP_KDF_CTX_new(kdf);
     EVP_KDF_free(kdf);
     if (kctx == NULL) {
diff --git a/crypto/sm2/sm2_crypt.c b/crypto/sm2/sm2_crypt.c
index c09e4c001b..0ae67fb22b 100644
--- a/crypto/sm2/sm2_crypt.c
+++ b/crypto/sm2/sm2_crypt.c
@@ -138,6 +138,9 @@ int sm2_encrypt(const EC_KEY *key,
     uint8_t *C3 = NULL;
     size_t field_size;
     const int C3_size = EVP_MD_size(digest);
+    EVP_MD *fetched_digest = NULL;
+    OPENSSL_CTX *libctx = ec_key_get_libctx(key);
+    const char *propq = ec_key_get0_propq(key);
 
     /* NULL these before any "goto done" */
     ctext_struct.C2 = NULL;
@@ -156,7 +159,7 @@ int sm2_encrypt(const EC_KEY *key,
 
     kG = EC_POINT_new(group);
     kP = EC_POINT_new(group);
-    ctx = BN_CTX_new();
+    ctx = BN_CTX_new_ex(libctx);
     if (kG == NULL || kP == NULL || ctx == NULL) {
         SM2err(SM2_F_SM2_ENCRYPT, ERR_R_MALLOC_FAILURE);
         goto done;
@@ -211,7 +214,7 @@ int sm2_encrypt(const EC_KEY *key,
 
     /* X9.63 with no salt happens to match the KDF used in SM2 */
     if (!ecdh_KDF_X9_63(msg_mask, msg_len, x2y2, 2 * field_size, NULL, 0,
-                        digest)) {
+                        digest, libctx, propq)) {
         SM2err(SM2_F_SM2_ENCRYPT, ERR_R_EVP_LIB);
         goto done;
     }
@@ -219,7 +222,12 @@ int sm2_encrypt(const EC_KEY *key,
     for (i = 0; i != msg_len; ++i)
         msg_mask[i] ^= msg[i];
 
-    if (EVP_DigestInit(hash, digest) == 0
+    fetched_digest = EVP_MD_fetch(libctx, EVP_MD_name(digest), propq);
+    if (fetched_digest == NULL) {
+        SM2err(SM2_F_SM2_ENCRYPT, ERR_R_INTERNAL_ERROR);
+        goto done;
+    }
+    if (EVP_DigestInit(hash, fetched_digest) == 0
             || EVP_DigestUpdate(hash, x2y2, field_size) == 0
             || EVP_DigestUpdate(hash, msg, msg_len) == 0
             || EVP_DigestUpdate(hash, x2y2 + field_size, field_size) == 0
@@ -254,6 +262,7 @@ int sm2_encrypt(const EC_KEY *key,
     rc = 1;
 
  done:
+    EVP_MD_free(fetched_digest);
     ASN1_OCTET_STRING_free(ctext_struct.C2);
     ASN1_OCTET_STRING_free(ctext_struct.C3);
     OPENSSL_free(msg_mask);
@@ -288,6 +297,8 @@ int sm2_decrypt(const EC_KEY *key,
     const uint8_t *C3 = NULL;
     int msg_len = 0;
     EVP_MD_CTX *hash = NULL;
+    OPENSSL_CTX *libctx = ec_key_get_libctx(key);
+    const char *propq = ec_key_get0_propq(key);
 
     if (field_size == 0 || hash_size <= 0)
        goto done;
@@ -310,7 +321,7 @@ int sm2_decrypt(const EC_KEY *key,
     C3 = sm2_ctext->C3->data;
     msg_len = sm2_ctext->C2->length;
 
-    ctx = BN_CTX_new();
+    ctx = BN_CTX_new_ex(libctx);
     if (ctx == NULL) {
         SM2err(SM2_F_SM2_DECRYPT, ERR_R_MALLOC_FAILURE);
         goto done;
@@ -352,7 +363,7 @@ int sm2_decrypt(const EC_KEY *key,
     if (BN_bn2binpad(x2, x2y2, field_size) < 0
             || BN_bn2binpad(y2, x2y2 + field_size, field_size) < 0
             || !ecdh_KDF_X9_63(msg_mask, msg_len, x2y2, 2 * field_size, NULL, 0,
-                               digest)) {
+                               digest, libctx, propq)) {
         SM2err(SM2_F_SM2_DECRYPT, ERR_R_INTERNAL_ERROR);
         goto done;
     }
diff --git a/crypto/sm2/sm2_pmeth.c b/crypto/sm2/sm2_pmeth.c
index 45297f9bc6..a455b5e989 100644
--- a/crypto/sm2/sm2_pmeth.c
+++ b/crypto/sm2/sm2_pmeth.c
@@ -20,6 +20,7 @@
 #include "crypto/evp.h"
 #include "crypto/sm2.h"
 #include "crypto/sm2err.h"
+#include "crypto/ec.h"
 
 /* EC pkey context structure */
 
@@ -124,9 +125,12 @@ static int pkey_sm2_encrypt(EVP_PKEY_CTX *ctx,
                             unsigned char *out, size_t *outlen,
                             const unsigned char *in, size_t inlen)
 {
+    int ret;
     EC_KEY *ec = ctx->pkey->pkey.ec;
     SM2_PKEY_CTX *dctx = ctx->data;
     const EVP_MD *md = (dctx->md == NULL) ? EVP_sm3() : dctx->md;
+    OPENSSL_CTX *libctx = ec_key_get_libctx(ec);
+    EVP_MD *fetched_md = NULL;
 
     if (out == NULL) {
         if (!sm2_ciphertext_size(ec, md, inlen, outlen))
@@ -135,16 +139,24 @@ static int pkey_sm2_encrypt(EVP_PKEY_CTX *ctx,
             return 1;
     }
 
-    return sm2_encrypt(ec, md, in, inlen, out, outlen);
+    fetched_md = EVP_MD_fetch(libctx, EVP_MD_name(md), 0);
+    if (fetched_md == NULL)
+        return 0;
+    ret = sm2_encrypt(ec, fetched_md, in, inlen, out, outlen);
+    EVP_MD_free(fetched_md);
+    return ret;
 }
 
 static int pkey_sm2_decrypt(EVP_PKEY_CTX *ctx,
                             unsigned char *out, size_t *outlen,
                             const unsigned char *in, size_t inlen)
 {
+    int ret;
     EC_KEY *ec = ctx->pkey->pkey.ec;
     SM2_PKEY_CTX *dctx = ctx->data;
     const EVP_MD *md = (dctx->md == NULL) ? EVP_sm3() : dctx->md;
+    OPENSSL_CTX *libctx = ec_key_get_libctx(ec);
+    EVP_MD *fetched_md = NULL;
 
     if (out == NULL) {
         if (!sm2_plaintext_size(ec, md, inlen, outlen))
@@ -153,7 +165,12 @@ static int pkey_sm2_decrypt(EVP_PKEY_CTX *ctx,
             return 1;
     }
 
-    return sm2_decrypt(ec, md, in, inlen, out, outlen);
+    fetched_md = EVP_MD_fetch(libctx, EVP_MD_name(md), 0);
+    if (fetched_md == NULL)
+        return 0;
+    ret = sm2_decrypt(ec, fetched_md, in, inlen, out, outlen);
+    EVP_MD_free(fetched_md);
+    return ret;
 }
 
 static int pkey_sm2_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
diff --git a/crypto/sm2/sm2_sign.c b/crypto/sm2/sm2_sign.c
index 318e981802..099594c8bc 100644
--- a/crypto/sm2/sm2_sign.c
+++ b/crypto/sm2/sm2_sign.c
@@ -42,7 +42,7 @@ int sm2_compute_z_digest(uint8_t *out,
     uint8_t e_byte = 0;
 
     hash = EVP_MD_CTX_new();
-    ctx = BN_CTX_new();
+    ctx = BN_CTX_new_ex(ec_key_get_libctx(key));
     if (hash == NULL || ctx == NULL) {
         SM2err(SM2_F_SM2_COMPUTE_Z_DIGEST, ERR_R_MALLOC_FAILURE);
         goto done;
@@ -146,6 +146,9 @@ static BIGNUM *sm2_compute_msg_hash(const EVP_MD *digest,
     const int md_size = EVP_MD_size(digest);
     uint8_t *z = NULL;
     BIGNUM *e = NULL;
+    EVP_MD *fetched_digest = NULL;
+    OPENSSL_CTX *libctx = ec_key_get_libctx(key);
+    const char *propq = ec_key_get0_propq(key);
 
     if (md_size < 0) {
         SM2err(SM2_F_SM2_COMPUTE_MSG_HASH, SM2_R_INVALID_DIGEST);
@@ -158,12 +161,18 @@ static BIGNUM *sm2_compute_msg_hash(const EVP_MD *digest,
         goto done;
     }
 
-    if (!sm2_compute_z_digest(z, digest, id, id_len, key)) {
+    fetched_digest = EVP_MD_fetch(libctx, EVP_MD_name(digest), propq);
+    if (fetched_digest == NULL) {
+        SM2err(SM2_F_SM2_COMPUTE_MSG_HASH, ERR_R_INTERNAL_ERROR);
+        goto done;
+    }
+
+    if (!sm2_compute_z_digest(z, fetched_digest, id, id_len, key)) {
         /* SM2err already called */
         goto done;
     }
 
-    if (!EVP_DigestInit(hash, digest)
+    if (!EVP_DigestInit(hash, fetched_digest)
             || !EVP_DigestUpdate(hash, z, md_size)
             || !EVP_DigestUpdate(hash, msg, msg_len)
                /* reuse z buffer to hold H(Z || M) */
@@ -177,6 +186,7 @@ static BIGNUM *sm2_compute_msg_hash(const EVP_MD *digest,
         SM2err(SM2_F_SM2_COMPUTE_MSG_HASH, ERR_R_INTERNAL_ERROR);
 
  done:
+    EVP_MD_free(fetched_digest);
     OPENSSL_free(z);
     EVP_MD_CTX_free(hash);
     return e;
@@ -196,9 +206,10 @@ static ECDSA_SIG *sm2_sig_gen(const EC_KEY *key, const BIGNUM *e)
     BIGNUM *s = NULL;
     BIGNUM *x1 = NULL;
     BIGNUM *tmp = NULL;
+    OPENSSL_CTX *libctx = ec_key_get_libctx(key);
 
     kG = EC_POINT_new(group);
-    ctx = BN_CTX_new();
+    ctx = BN_CTX_new_ex(libctx);
     if (kG == NULL || ctx == NULL) {
         SM2err(SM2_F_SM2_SIG_GEN, ERR_R_MALLOC_FAILURE);
         goto done;
@@ -227,7 +238,7 @@ static ECDSA_SIG *sm2_sig_gen(const EC_KEY *key, const BIGNUM *e)
     }
 
     for (;;) {
-        if (!BN_priv_rand_range(k, order)) {
+        if (!BN_priv_rand_range_ex(k, order, ctx)) {
             SM2err(SM2_F_SM2_SIG_GEN, ERR_R_INTERNAL_ERROR);
             goto done;
         }
@@ -295,8 +306,9 @@ static int sm2_sig_verify(const EC_KEY *key, const ECDSA_SIG *sig,
     BIGNUM *x1 = NULL;
     const BIGNUM *r = NULL;
     const BIGNUM *s = NULL;
+    OPENSSL_CTX *libctx = ec_key_get_libctx(key);
 
-    ctx = BN_CTX_new();
+    ctx = BN_CTX_new_ex(libctx);
     pt = EC_POINT_new(group);
     if (ctx == NULL || pt == NULL) {
         SM2err(SM2_F_SM2_SIG_VERIFY, ERR_R_MALLOC_FAILURE);
@@ -421,6 +433,10 @@ int sm2_sign(const unsigned char *dgst, int dgstlen,
     }
 
     s = sm2_sig_gen(eckey, e);
+    if (s == NULL) {
+        SM2err(SM2_F_SM2_SIGN, ERR_R_INTERNAL_ERROR);
+        goto done;
+    }
 
     sigleni = i2d_ECDSA_SIG(s, &sig);
     if (sigleni < 0) {
diff --git a/include/crypto/ec.h b/include/crypto/ec.h
index a771cfd706..b6ab033626 100644
--- a/include/crypto/ec.h
+++ b/include/crypto/ec.h
@@ -47,7 +47,7 @@ __owur int ec_group_do_inverse_ord(const EC_GROUP *group, BIGNUM *res,
 int ecdh_KDF_X9_63(unsigned char *out, size_t outlen,
                    const unsigned char *Z, size_t Zlen,
                    const unsigned char *sinfo, size_t sinfolen,
-                   const EVP_MD *md);
+                   const EVP_MD *md, OPENSSL_CTX *libctx, const char *propq);
 
 int ec_generate_key(OPENSSL_CTX *libctx, EC_KEY *eckey, int pairwise_test);
 int ec_key_public_check(const EC_KEY *eckey, BN_CTX *ctx);
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
index 2e85b56266..f60ae9bc09 100644
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -753,6 +753,12 @@ void evp_encode_ctx_set_flags(EVP_ENCODE_CTX *ctx, unsigned int flags);
 const EVP_CIPHER *evp_get_cipherbyname_ex(OPENSSL_CTX *libctx, const char *name);
 const EVP_MD *evp_get_digestbyname_ex(OPENSSL_CTX *libctx, const char *name);
 
+int pkcs5_pbkdf2_hmac_with_libctx(const char *pass, int passlen,
+                                  const unsigned char *salt, int saltlen,
+                                  int iter, const EVP_MD *digest, int keylen,
+                                  unsigned char *out,
+                                  OPENSSL_CTX *libctx, const char *propq);
+
 #ifndef FIPS_MODULE
 /*
  * Internal helpers for stricter EVP_PKEY_CTX_{set,get}_params().
diff --git a/providers/defltprov.c b/providers/defltprov.c
index fa2fadbc95..0ee717acac 100644
--- a/providers/defltprov.c
+++ b/providers/defltprov.c
@@ -95,7 +95,7 @@ static int deflt_get_params(void *provctx, OSSL_PARAM params[])
  */
 static const OSSL_ALGORITHM deflt_digests[] = {
     /* Our primary name:NIST name[:our older names] */
-    { "SHA1:SHA-1", "provider=default", sha1_functions },
+    { "SHA1:SHA-1:SSL3-SHA1", "provider=default", sha1_functions },
     { "SHA2-224:SHA-224:SHA224", "provider=default", sha224_functions },
     { "SHA2-256:SHA-256:SHA256", "provider=default", sha256_functions },
     { "SHA2-384:SHA-384:SHA384", "provider=default", sha384_functions },
@@ -139,7 +139,7 @@ static const OSSL_ALGORITHM deflt_digests[] = {
 #endif /* OPENSSL_NO_SM3 */
 
 #ifndef OPENSSL_NO_MD5
-    { "MD5", "provider=default", md5_functions },
+    { "MD5:SSL3-MD5", "provider=default", md5_functions },
     { "MD5-SHA1", "provider=default", md5_sha1_functions },
 #endif /* OPENSSL_NO_MD5 */
 
@@ -151,9 +151,9 @@ static const OSSL_ALGORITHM_CAPABLE deflt_ciphers[] = {
     ALG("AES-256-ECB", aes256ecb_functions),
     ALG("AES-192-ECB", aes192ecb_functions),
     ALG("AES-128-ECB", aes128ecb_functions),
-    ALG("AES-256-CBC", aes256cbc_functions),
-    ALG("AES-192-CBC", aes192cbc_functions),
-    ALG("AES-128-CBC", aes128cbc_functions),
+    ALG("AES-256-CBC:AES256", aes256cbc_functions),
+    ALG("AES-192-CBC:AES192", aes192cbc_functions),
+    ALG("AES-128-CBC:AES128", aes128cbc_functions),
     ALG("AES-128-CBC-CTS", aes128cbc_cts_functions),
     ALG("AES-192-CBC-CTS", aes192cbc_cts_functions),
     ALG("AES-256-CBC-CTS", aes256cbc_cts_functions),
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index 771f23c667..73bba5b3a9 100644
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -271,7 +271,7 @@ const char *ossl_prov_util_nid_to_name(int nid)
  */
 static const OSSL_ALGORITHM fips_digests[] = {
     /* Our primary name:NiST name[:our older names] */
-    { "SHA1:SHA-1", FIPS_DEFAULT_PROPERTIES, sha1_functions },
+    { "SHA1:SHA-1:SSL3-SHA1", FIPS_DEFAULT_PROPERTIES, sha1_functions },
     { "SHA2-224:SHA-224:SHA224", FIPS_DEFAULT_PROPERTIES, sha224_functions },
     { "SHA2-256:SHA-256:SHA256", FIPS_DEFAULT_PROPERTIES, sha256_functions },
     { "SHA2-384:SHA-384:SHA384", FIPS_DEFAULT_PROPERTIES, sha384_functions },
@@ -306,9 +306,9 @@ static const OSSL_ALGORITHM_CAPABLE fips_ciphers[] = {
     ALG("AES-256-ECB", aes256ecb_functions),
     ALG("AES-192-ECB", aes192ecb_functions),
     ALG("AES-128-ECB", aes128ecb_functions),
-    ALG("AES-256-CBC", aes256cbc_functions),
-    ALG("AES-192-CBC", aes192cbc_functions),
-    ALG("AES-128-CBC", aes128cbc_functions),
+    ALG("AES-256-CBC:AES256", aes256cbc_functions),
+    ALG("AES-192-CBC:AES192", aes192cbc_functions),
+    ALG("AES-128-CBC:AES128", aes128cbc_functions),
     ALG("AES-256-CBC-CTS", aes256cbc_cts_functions),
     ALG("AES-192-CBC-CTS", aes192cbc_cts_functions),
     ALG("AES-128-CBC-CTS", aes128cbc_cts_functions),
diff --git a/providers/implementations/exchange/ecdh_exch.c b/providers/implementations/exchange/ecdh_exch.c
index d2d7f7ed07..08fb0cf224 100644
--- a/providers/implementations/exchange/ecdh_exch.c
+++ b/providers/implementations/exchange/ecdh_exch.c
@@ -489,7 +489,8 @@ int ecdh_X9_63_kdf_derive(void *vpecdhctx, unsigned char *secret,
                         stmp, stmplen,
                         pecdhctx->kdf_ukm,
                         pecdhctx->kdf_ukmlen,
-                        pecdhctx->kdf_md))
+                        pecdhctx->kdf_md,
+                        pecdhctx->libctx, NULL))
         goto err;
     *psecretlen = pecdhctx->kdf_outlen;
     ret = 1;
diff --git a/providers/implementations/kdfs/scrypt.c b/providers/implementations/kdfs/scrypt.c
index 60ae8f5563..5650d1cd5e 100644
--- a/providers/implementations/kdfs/scrypt.c
+++ b/providers/implementations/kdfs/scrypt.c
@@ -35,7 +35,8 @@ static OSSL_FUNC_kdf_get_ctx_params_fn kdf_scrypt_get_ctx_params;
 static int scrypt_alg(const char *pass, size_t passlen,
                       const unsigned char *salt, size_t saltlen,
                       uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem,
-                      unsigned char *key, size_t keylen, EVP_MD *sha256);
+                      unsigned char *key, size_t keylen, EVP_MD *sha256,
+                      OPENSSL_CTX *libctx, const char *propq);
 
 typedef struct {
     void *provctx;
@@ -138,7 +139,8 @@ static int kdf_scrypt_derive(void *vctx, unsigned char *key,
 
     return scrypt_alg((char *)ctx->pass, ctx->pass_len, ctx->salt,
                       ctx->salt_len, ctx->N, ctx->r, ctx->p,
-                      ctx->maxmem_bytes, key, keylen, ctx->sha256);
+                      ctx->maxmem_bytes, key, keylen, ctx->sha256,
+                      PROV_LIBRARY_CONTEXT_OF(ctx->provctx), NULL);
 }
 
 static int is_power_of_two(uint64_t value)
@@ -361,7 +363,8 @@ static void scryptROMix(unsigned char *B, uint64_t r, uint64_t N,
 static int scrypt_alg(const char *pass, size_t passlen,
                       const unsigned char *salt, size_t saltlen,
                       uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem,
-                      unsigned char *key, size_t keylen, EVP_MD *sha256)
+                      unsigned char *key, size_t keylen, EVP_MD *sha256,
+                      OPENSSL_CTX *libctx, const char *propq)
 {
     int rv = 0;
     unsigned char *B;
@@ -445,15 +448,15 @@ static int scrypt_alg(const char *pass, size_t passlen,
     X = (uint32_t *)(B + Blen);
     T = X + 32 * r;
     V = T + 32 * r;
-    if (PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, 1, sha256,
-                          (int)Blen, B) == 0)
+    if (pkcs5_pbkdf2_hmac_with_libctx(pass, passlen, salt, saltlen, 1, sha256,
+                                      (int)Blen, B, libctx, propq) == 0)
         goto err;
 
     for (i = 0; i < p; i++)
         scryptROMix(B + 128 * r * i, r, N, X, T, V);
 
-    if (PKCS5_PBKDF2_HMAC(pass, passlen, B, (int)Blen, 1, sha256,
-                          keylen, key) == 0)
+    if (pkcs5_pbkdf2_hmac_with_libctx(pass, passlen, B, (int)Blen, 1, sha256,
+                                      keylen, key, libctx, propq) == 0)
         goto err;
     rv = 1;
  err:
diff --git a/providers/legacyprov.c b/providers/legacyprov.c
index adf7c82374..40d24873a2 100644
--- a/providers/legacyprov.c
+++ b/providers/legacyprov.c
@@ -111,9 +111,9 @@ static const OSSL_ALGORITHM legacy_ciphers[] = {
 #endif /* OPENSSL_NO_SEED */
 #ifndef OPENSSL_NO_RC2
     ALG("RC2-ECB", rc2128ecb_functions),
-    ALG("RC2-CBC", rc2128cbc_functions),
-    ALG("RC2-40-CBC", rc240cbc_functions),
-    ALG("RC2-64-CBC", rc264cbc_functions),
+    ALG("RC2-CBC:RC2:RC2-128", rc2128cbc_functions),
+    ALG("RC2-40-CBC:RC2-40", rc240cbc_functions),
+    ALG("RC2-64-CBC:RC2-64", rc264cbc_functions),
     ALG("RC2-CFB", rc2128cfb128_functions),
     ALG("RC2-OFB", rc2128ofb128_functions),
 #endif /* OPENSSL_NO_RC2 */
@@ -126,7 +126,7 @@ static const OSSL_ALGORITHM legacy_ciphers[] = {
 #endif /* OPENSSL_NO_RC4 */
 #ifndef OPENSSL_NO_RC5
     ALG("RC5-ECB", rc5128ecb_functions),
-    ALG("RC5-CBC", rc5128cbc_functions),
+    ALG("RC5-CBC:RC5", rc5128cbc_functions),
     ALG("RC5-OFB", rc5128ofb64_functions),
     ALG("RC5-CFB", rc5128cfb64_functions),
 #endif /* OPENSSL_NO_RC5 */
diff --git a/test/evp_test.c b/test/evp_test.c
index 83b92a4166..30a0aa11ef 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -11,6 +11,7 @@
 #include <string.h>
 #include <stdlib.h>
 #include <ctype.h>
+#include "../e_os.h" /* strcasecmp */
 #include <openssl/evp.h>
 #include <openssl/pem.h>
 #include <openssl/err.h>
@@ -22,6 +23,7 @@
 #include <openssl/core_names.h>
 #include "internal/numbers.h"
 #include "internal/nelem.h"
+#include "crypto/evp.h"
 #include "testutil.h"
 #include "evp_test.h"
 
@@ -31,9 +33,7 @@ DEFINE_STACK_OF_STRING()
 
 typedef struct evp_test_method_st EVP_TEST_METHOD;
 
-/*
- * Structure holding test information
- */
+/* Structure holding test information */
 typedef struct evp_test_st {
     STANZA s;                     /* Common test stanza */
     char *name;
@@ -45,9 +45,7 @@ typedef struct evp_test_st {
     void *data;                   /* test specific data */
 } EVP_TEST;
 
-/*
- * Test method structure
- */
+/* Test method structure */
 struct evp_test_method_st {
     /* Name of test as it appears in file */
     const char *name;
@@ -61,24 +59,34 @@ struct evp_test_method_st {
     int (*run_test) (EVP_TEST * t);
 };
 
-
-/*
- * Linked list of named keys.
- */
+/* Linked list of named keys. */
 typedef struct key_list_st {
     char *name;
     EVP_PKEY *key;
     struct key_list_st *next;
 } KEY_LIST;
 
-/*
- * List of public and private keys
- */
+typedef enum OPTION_choice {
+    OPT_ERR = -1,
+    OPT_EOF = 0,
+    OPT_CONFIG_FILE,
+    OPT_TEST_ENUM
+} OPTION_CHOICE;
+
+static OSSL_PROVIDER *prov_null = NULL;
+static OPENSSL_CTX *libctx = NULL;
+
+/* List of public and private keys */
 static KEY_LIST *private_keys;
 static KEY_LIST *public_keys;
-static int find_key(EVP_PKEY **ppk, const char *name, KEY_LIST *lst);
 
+static int find_key(EVP_PKEY **ppk, const char *name, KEY_LIST *lst);
 static int parse_bin(const char *value, unsigned char **buf, size_t *buflen);
+static int is_digest_disabled(const char *name);
+static int is_pkey_disabled(const char *name);
+static int is_mac_disabled(const char *name);
+static int is_cipher_disabled(const char *name);
+static int is_kdf_disabled(const char *name);
 
 /*
  * Compare two memory regions for equality, returning zero if they differ.
@@ -120,9 +128,7 @@ static void evp_test_buffer_free(EVP_TEST_BUFFER *db)
     }
 }
 
-/*
- * append buffer to a list
- */
+/* append buffer to a list */
 static int evp_test_buffer_append(const char *value,
                                   STACK_OF(EVP_TEST_BUFFER) **sk)
 {
@@ -148,9 +154,7 @@ err:
     return 0;
 }
 
-/*
- * replace last buffer in list with copies of itself
- */
+/* replace last buffer in list with copies of itself */
 static int evp_test_buffer_ncopy(const char *value,
                                  STACK_OF(EVP_TEST_BUFFER) *sk)
 {
@@ -178,9 +182,7 @@ static int evp_test_buffer_ncopy(const char *value,
     return 1;
 }
 
-/*
- * set repeat count for last buffer in list
- */
+/* set repeat count for last buffer in list */
 static int evp_test_buffer_set_count(const char *value,
                                      STACK_OF(EVP_TEST_BUFFER) *sk)
 {
@@ -202,9 +204,7 @@ static int evp_test_buffer_set_count(const char *value,
     return 1;
 }
 
-/*
- * call "fn" with each element of the list in turn
- */
+/* call "fn" with each element of the list in turn */
 static int evp_test_buffer_do(STACK_OF(EVP_TEST_BUFFER) *sk,
                               int (*fn)(void *ctx,
                                         const unsigned char *buf,
@@ -319,10 +319,9 @@ static int parse_bin(const char *value, unsigned char **buf, size_t *buflen)
     return 1;
 }
 
-
 /**
-***  MESSAGE DIGEST TESTS
-**/
+ **  MESSAGE DIGEST TESTS
+ **/
 
 typedef struct digest_data_st {
     /* Digest this test is for */
@@ -343,15 +342,15 @@ static int digest_test_init(EVP_TEST *t, const char *alg)
     const EVP_MD *digest;
     EVP_MD *fetched_digest;
 
-    if ((digest = fetched_digest = EVP_MD_fetch(NULL, alg, NULL)) == NULL
-        && (digest = EVP_get_digestbyname(alg)) == NULL) {
-        /* If alg has an OID assume disabled algorithm */
-        if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) {
-            t->skip = 1;
-            return 1;
-        }
-        return 0;
+    if (is_digest_disabled(alg)) {
+        TEST_info("skipping, '%s' is disabled", alg);
+        t->skip = 1;
+        return 1;
     }
+
+    if ((digest = fetched_digest = EVP_MD_fetch(libctx, alg, NULL)) == NULL
+        && (digest = EVP_get_digestbyname(alg)) == NULL)
+        return 0;
     if (!TEST_ptr(mdat = OPENSSL_zalloc(sizeof(*mdat))))
         return 0;
     t->data = mdat;
@@ -489,7 +488,6 @@ static const EVP_TEST_METHOD digest_test_method = {
     digest_test_run
 };
 
-
 /**
 ***  CIPHER TESTS
 **/
@@ -526,15 +524,16 @@ static int cipher_test_init(EVP_TEST *t, const char *alg)
     CIPHER_DATA *cdat;
     int m;
 
-    if ((cipher = fetched_cipher = EVP_CIPHER_fetch(NULL, alg, NULL)) == NULL
-        && (cipher = EVP_get_cipherbyname(alg)) == NULL) {
-        /* If alg has an OID assume disabled algorithm */
-        if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) {
-            t->skip = 1;
-            return 1;
-        }
-        return 0;
+    if (is_cipher_disabled(alg)) {
+        t->skip = 1;
+        TEST_info("skipping, '%s' is disabled", alg);
+        return 1;
     }
+
+    if ((cipher = fetched_cipher = EVP_CIPHER_fetch(libctx, alg, NULL)) == NULL
+        && (cipher = EVP_get_cipherbyname(alg)) == NULL)
+        return 0;
+
     cdat = OPENSSL_zalloc(sizeof(*cdat));
     cdat->cipher = cipher;
     cdat->fetched_cipher = fetched_cipher;
@@ -664,9 +663,7 @@ static int cipher_test_enc(EVP_TEST *t, int enc,
         out_len = expected->plaintext_len;
     }
     if (inp_misalign == (size_t)-1) {
-        /*
-         * Exercise in-place encryption
-         */
+        /* Exercise in-place encryption */
         tmp = OPENSSL_malloc(out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH);
         if (!tmp)
             goto err;
@@ -982,8 +979,8 @@ static const EVP_TEST_METHOD cipher_test_method = {
 
 
 /**
-***  MAC TESTS
-**/
+ **  MAC TESTS
+ **/
 
 typedef struct mac_data_st {
     /* MAC type in one form or another */
@@ -1019,7 +1016,12 @@ static int mac_test_init(EVP_TEST *t, const char *alg)
     int type = NID_undef;
     MAC_DATA *mdat;
 
-    if ((mac = EVP_MAC_fetch(NULL, alg, NULL)) == NULL) {
+    if (is_mac_disabled(alg)) {
+        TEST_info("skipping, '%s' is disabled", alg);
+        t->skip = 1;
+        return 1;
+    }
+    if ((mac = EVP_MAC_fetch(libctx, alg, NULL)) == NULL) {
         /*
          * Since we didn't find an EVP_MAC, we check for known EVP_PKEY methods
          * For debugging purposes, we allow 'NNNN by EVP_PKEY' to force running
@@ -1032,41 +1034,16 @@ static int mac_test_init(EVP_TEST *t, const char *alg)
             && strcmp(alg + sz - (sizeof(epilogue) - 1), epilogue) == 0)
             sz -= sizeof(epilogue) - 1;
 
-        if (strncmp(alg, "HMAC", sz) == 0) {
+        if (strncmp(alg, "HMAC", sz) == 0)
             type = EVP_PKEY_HMAC;
-        } else if (strncmp(alg, "CMAC", sz) == 0) {
-#ifndef OPENSSL_NO_CMAC
+        else if (strncmp(alg, "CMAC", sz) == 0)
             type = EVP_PKEY_CMAC;
-#else
-            t->skip = 1;
-            return 1;
-#endif
-        } else if (strncmp(alg, "Poly1305", sz) == 0) {
-#ifndef OPENSSL_NO_POLY1305
+        else if (strncmp(alg, "Poly1305", sz) == 0)
             type = EVP_PKEY_POLY1305;
-#else
-            t->skip = 1;
-            return 1;
-#endif
-        } else if (strncmp(alg, "SipHash", sz) == 0) {
-#ifndef OPENSSL_NO_SIPHASH
+        else if (strncmp(alg, "SipHash", sz) == 0)
             type = EVP_PKEY_SIPHASH;
-#else
-            t->skip = 1;
-            return 1;
-#endif
-        } else {
-            /*
-             * Not a known EVP_PKEY method either.  If it's a known OID, then
-             * assume it's been disabled.
-             */
-            if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) {
-                t->skip = 1;
-                return 1;
-            }
-
+        else
             return 0;
-        }
     }
 
     mdat = OPENSSL_zalloc(sizeof(*mdat));
@@ -1157,7 +1134,8 @@ static int mac_test_run_pkey(EVP_TEST *t)
     EVP_MD_CTX *mctx = NULL;
     EVP_PKEY_CTX *pctx = NULL, *genctx = NULL;
     EVP_PKEY *key = NULL;
-    const EVP_MD *md = NULL;
+    const char *mdname = NULL;
+    EVP_CIPHER *cipher = NULL;
     unsigned char *got = NULL;
     size_t got_len;
     int i;
@@ -1168,36 +1146,44 @@ static int mac_test_run_pkey(EVP_TEST *t)
         TEST_info("Trying the EVP_PKEY %s test with %s",
                   OBJ_nid2sn(expected->type), expected->alg);
 
-#ifdef OPENSSL_NO_DES
-    if (expected->alg != NULL && strstr(expected->alg, "DES") != NULL) {
-        /* Skip DES */
-        t->err = NULL;
-        goto err;
-    }
-#endif
-
-    if (expected->type == EVP_PKEY_CMAC)
+    if (expected->type == EVP_PKEY_CMAC) {
+        if (is_cipher_disabled(expected->alg)) {
+            TEST_info("skipping, PKEY CMAC '%s' is disabled", expected->alg);
+            t->skip = 1;
+            t->err = NULL;
+            goto err;
+        }
+        if (!TEST_ptr(cipher = EVP_CIPHER_fetch(libctx, expected->alg, NULL))) {
+            t->err = "MAC_KEY_CREATE_ERROR";
+            goto err;
+        }
         key = EVP_PKEY_new_CMAC_key(NULL, expected->key, expected->key_len,
-                                    EVP_get_cipherbyname(expected->alg));
-    else
-        key = EVP_PKEY_new_raw_private_key(expected->type, NULL, expected->key,
-                                           expected->key_len);
+                                    cipher);
+    } else {
+        key = EVP_PKEY_new_raw_private_key_with_libctx(libctx,
+                                                       OBJ_nid2sn(expected->type),
+                                                       NULL, expected->key,
+                                                       expected->key_len);
+    }
     if (key == NULL) {
         t->err = "MAC_KEY_CREATE_ERROR";
         goto err;
     }
 
     if (expected->type == EVP_PKEY_HMAC) {
-        if (!TEST_ptr(md = EVP_get_digestbyname(expected->alg))) {
-            t->err = "MAC_ALGORITHM_SET_ERROR";
+        if (is_digest_disabled(expected->alg)) {
+            TEST_info("skipping, HMAC '%s' is disabled", expected->alg);
+            t->skip = 1;
+            t->err = NULL;
             goto err;
         }
+        mdname = expected->alg;
     }
     if (!TEST_ptr(mctx = EVP_MD_CTX_new())) {
         t->err = "INTERNAL_ERROR";
         goto err;
     }
-    if (!EVP_DigestSignInit(mctx, &pctx, md, NULL, key)) {
+    if (!EVP_DigestSignInit_ex(mctx, &pctx, mdname, NULL, key, libctx)) {
         t->err = "DIGESTSIGNINIT_ERROR";
         goto err;
     }
@@ -1229,6 +1215,7 @@ static int mac_test_run_pkey(EVP_TEST *t)
     }
     t->err = NULL;
  err:
+    EVP_CIPHER_free(cipher);
     EVP_MD_CTX_free(mctx);
     OPENSSL_free(got);
     EVP_PKEY_CTX_free(genctx);
@@ -1255,14 +1242,6 @@ static int mac_test_run_mac(EVP_TEST *t)
         TEST_info("Trying the EVP_MAC %s test with %s",
                   expected->mac_name, expected->alg);
 
-#ifdef OPENSSL_NO_DES
-    if (expected->alg != NULL && strstr(expected->alg, "DES") != NULL) {
-        /* Skip DES */
-        t->err = NULL;
-        goto err;
-    }
-#endif
-
     if (expected->alg != NULL) {
         /*
          * The underlying algorithm may be a cipher or a digest.
@@ -1305,9 +1284,7 @@ static int mac_test_run_mac(EVP_TEST *t)
                                               expected->iv,
                                               expected->iv_len);
 
-    /*
-     * Unknown controls.  They must match parameters that the MAC recognises
-     */
+    /* Unknown controls.  They must match parameters that the MAC recognizes */
     if (params_n + sk_OPENSSL_STRING_num(expected->controls)
         >= OSSL_NELEM(params)) {
         t->err = "MAC_TOO_MANY_PARAMETERS";
@@ -1402,9 +1379,9 @@ static const EVP_TEST_METHOD mac_test_method = {
 
 
 /**
-***  PUBLIC KEY TESTS
-***  These are all very similar and share much common code.
-**/
+ **  PUBLIC KEY TESTS
+ **  These are all very similar and share much common code.
+ **/
 
 typedef struct pkey_data_st {
     /* Context for this operation */
@@ -1442,6 +1419,7 @@ static int pkey_test_init(EVP_TEST *t, const char *name,
     if (rv == 0)
         rv = find_key(&pkey, name, private_keys);
     if (rv == 0 || pkey == NULL) {
+        TEST_info("skipping, key '%s' is disabled", name);
         t->skip = 1;
         return 1;
     }
@@ -1451,7 +1429,7 @@ static int pkey_test_init(EVP_TEST *t, const char *name,
         return 0;
     }
     kdata->keyop = keyop;
-    if (!TEST_ptr(kdata->ctx = EVP_PKEY_CTX_new(pkey, NULL))) {
+    if (!TEST_ptr(kdata->ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, NULL))) {
         EVP_PKEY_free(pkey);
         OPENSSL_free(kdata);
         return 0;
@@ -1487,14 +1465,8 @@ static int pkey_test_ctrl(EVP_TEST *t, EVP_PKEY_CTX *pctx,
         t->err = "PKEY_CTRL_INVALID";
         rv = 1;
     } else if (p != NULL && rv <= 0) {
-        /* If p has an OID and lookup fails assume disabled algorithm */
-        int nid = OBJ_sn2nid(p);
-
-        if (nid == NID_undef)
-             nid = OBJ_ln2nid(p);
-        if (nid != NID_undef
-                && EVP_get_digestbynid(nid) == NULL
-                && EVP_get_cipherbynid(nid) == NULL) {
+        if (is_digest_disabled(p) || is_cipher_disabled(p)) {
+            TEST_info("skipping, '%s' is disabled", p);
             t->skip = 1;
             rv = 1;
         } else {
@@ -1637,7 +1609,6 @@ static const EVP_TEST_METHOD pverify_test_method = {
     verify_test_run
 };
 
-
 static int pderive_test_init(EVP_TEST *t, const char *name)
 {
     return pkey_test_init(t, name, 0, EVP_PKEY_derive_init, 0);
@@ -1702,8 +1673,8 @@ static const EVP_TEST_METHOD pderive_test_method = {
 
 
 /**
-***  PBE TESTS
-**/
+ **  PBE TESTS
+ **/
 
 typedef enum pbe_type_enum {
     PBE_TYPE_INVALID = 0,
@@ -1729,9 +1700,7 @@ typedef struct pbe_data_st {
 } PBE_DATA;
 
 #ifndef OPENSSL_NO_SCRYPT
-/*
- * Parse unsigned decimal 64 bit integer value
- */
+/* Parse unsigned decimal 64 bit integer value */
 static int parse_uint64(const char *value, uint64_t *pr)
 {
     const char *p = value;
@@ -1812,13 +1781,13 @@ static int pbe_test_init(EVP_TEST *t, const char *alg)
     PBE_DATA *pdat;
     PBE_TYPE pbe_type = PBE_TYPE_INVALID;
 
-    if (strcmp(alg, "scrypt") == 0) {
-#ifndef OPENSSL_NO_SCRYPT
-        pbe_type = PBE_TYPE_SCRYPT;
-#else
+    if (is_kdf_disabled(alg)) {
+        TEST_info("skipping, '%s' is disabled", alg);
         t->skip = 1;
         return 1;
-#endif
+    }
+    if (strcmp(alg, "scrypt") == 0) {
+        pbe_type = PBE_TYPE_SCRYPT;
     } else if (strcmp(alg, "pbkdf2") == 0) {
         pbe_type = PBE_TYPE_PBKDF2;
     } else if (strcmp(alg, "pkcs12") == 0) {
@@ -1867,6 +1836,10 @@ static int pbe_test_run(EVP_TEST *t)
 {
     PBE_DATA *expected = t->data;
     unsigned char *key;
+    EVP_MD *fetched_digest = NULL;
+    OPENSSL_CTX *save_libctx;
+
+    save_libctx = OPENSSL_CTX_set0_default(libctx);
 
     if (!TEST_ptr(key = OPENSSL_malloc(expected->key_len))) {
         t->err = "INTERNAL_ERROR";
@@ -1883,18 +1856,23 @@ static int pbe_test_run(EVP_TEST *t)
 #ifndef OPENSSL_NO_SCRYPT
     } else if (expected->pbe_type == PBE_TYPE_SCRYPT) {
         if (EVP_PBE_scrypt((const char *)expected->pass, expected->pass_len,
-                           expected->salt, expected->salt_len, expected->N,
-                           expected->r, expected->p, expected->maxmem,
-                           key, expected->key_len) == 0) {
+                            expected->salt, expected->salt_len,
+                            expected->N, expected->r, expected->p,
+                            expected->maxmem, key, expected->key_len) == 0) {
             t->err = "SCRYPT_ERROR";
             goto err;
         }
 #endif
     } else if (expected->pbe_type == PBE_TYPE_PKCS12) {
+        fetched_digest = EVP_MD_fetch(libctx, EVP_MD_name(expected->md), NULL);
+        if (fetched_digest == NULL) {
+            t->err = "PKCS12_ERROR";
+            goto err;
+        }
         if (PKCS12_key_gen_uni(expected->pass, expected->pass_len,
                                expected->salt, expected->salt_len,
                                expected->id, expected->iter, expected->key_len,
-                               key, expected->md) == 0) {
+                               key, fetched_digest) == 0) {
             t->err = "PKCS12_ERROR";
             goto err;
         }
@@ -1905,7 +1883,9 @@ static int pbe_test_run(EVP_TEST *t)
 
     t->err = NULL;
 err:
+    EVP_MD_free(fetched_digest);
     OPENSSL_free(key);
+    OPENSSL_CTX_set0_default(save_libctx);
     return 1;
 }
 
@@ -1919,8 +1899,8 @@ static const EVP_TEST_METHOD pbe_test_method = {
 
 
 /**
-***  BASE64 TESTS
-**/
+ **  BASE64 TESTS
+ **/
 
 typedef enum {
     BASE64_CANONICAL_ENCODING = 0,
@@ -2066,9 +2046,8 @@ static const EVP_TEST_METHOD encode_test_method = {
 
 
 /**
-***  RAND TESTS
-**/
-
+ **  RAND TESTS
+ **/
 #define MAX_RAND_REPEATS    15
 
 typedef struct rand_data_pass_st {
@@ -2112,7 +2091,7 @@ static int rand_test_init(EVP_TEST *t, const char *name)
     if (!TEST_ptr(rdata = OPENSSL_zalloc(sizeof(*rdata))))
         return 0;
 
-    rand = EVP_RAND_fetch(NULL, "TEST-RAND", NULL);
+    rand = EVP_RAND_fetch(libctx, "TEST-RAND", NULL);
     if (rand == NULL)
         goto err;
     rdata->parent = EVP_RAND_CTX_new(rand, NULL);
@@ -2124,7 +2103,7 @@ static int rand_test_init(EVP_TEST *t, const char *name)
     if (!EVP_RAND_set_ctx_params(rdata->parent, params))
         goto err;
 
-    rand = EVP_RAND_fetch(NULL, name, NULL);
+    rand = EVP_RAND_fetch(libctx, name, NULL);
     if (rand == NULL)
         goto err;
     rdata->ctx = EVP_RAND_CTX_new(rand, rdata->parent);
@@ -2351,9 +2330,8 @@ static const EVP_TEST_METHOD rand_test_method = {
 
 
 /**
-***  KDF TESTS
-**/
-
+ **  KDF TESTS
+ **/
 typedef struct kdf_data_st {
     /* Context for this operation */
     EVP_KDF_CTX *ctx;
@@ -2373,27 +2351,18 @@ static int kdf_test_init(EVP_TEST *t, const char *name)
     KDF_DATA *kdata;
     EVP_KDF *kdf;
 
-#ifdef OPENSSL_NO_SCRYPT
-    /* TODO(3.0) Replace with "scrypt" once aliases are supported */
-    if (strcmp(name, "id-scrypt") == 0) {
-        t->skip = 1;
-        return 1;
-    }
-#endif /* OPENSSL_NO_SCRYPT */
-
-#ifdef OPENSSL_NO_CMS
-    if (strcmp(name, "X942KDF") == 0) {
+    if (is_kdf_disabled(name)) {
+        TEST_info("skipping, '%s' is disabled", name);
         t->skip = 1;
         return 1;
     }
-#endif /* OPENSSL_NO_CMS */
 
     if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata))))
         return 0;
     kdata->p = kdata->params;
     *kdata->p = OSSL_PARAM_construct_end();
 
-    kdf = EVP_KDF_fetch(NULL, name, NULL);
+    kdf = EVP_KDF_fetch(libctx, name, NULL);
     if (kdf == NULL) {
         OPENSSL_free(kdata);
         return 0;
@@ -2442,22 +2411,16 @@ static int kdf_test_ctrl(EVP_TEST *t, EVP_KDF_CTX *kctx,
         return 0;
     }
     if (p != NULL && strcmp(name, "digest") == 0) {
-        /* If p has an OID and lookup fails assume disabled algorithm */
-        int nid = OBJ_sn2nid(p);
-
-        if (nid == NID_undef)
-             nid = OBJ_ln2nid(p);
-        if (nid != NID_undef && EVP_get_digestbynid(nid) == NULL)
+        if (is_digest_disabled(p)) {
+            TEST_info("skipping, '%s' is disabled", p);
             t->skip = 1;
+        }
     }
     if (p != NULL && strcmp(name, "cipher") == 0) {
-        /* If p has an OID and lookup fails assume disabled algorithm */
-        int nid = OBJ_sn2nid(p);
-
-        if (nid == NID_undef)
-             nid = OBJ_ln2nid(p);
-        if (nid != NID_undef && EVP_get_cipherbynid(nid) == NULL)
+        if (is_cipher_disabled(p)) {
+            TEST_info("skipping, '%s' is disabled", p);
             t->skip = 1;
+        }
     }
     OPENSSL_free(name);
     return 1;
@@ -2513,10 +2476,9 @@ static const EVP_TEST_METHOD kdf_test_method = {
     kdf_test_run
 };
 
-
 /**
-***  PKEY KDF TESTS
-**/
+ **  PKEY KDF TESTS
+ **/
 
 typedef struct pkey_kdf_data_st {
     /* Context for this operation */
@@ -2532,40 +2494,41 @@ typedef struct pkey_kdf_data_st {
  */
 static int pkey_kdf_test_init(EVP_TEST *t, const char *name)
 {
-    PKEY_KDF_DATA *kdata;
+    OPENSSL_CTX *save_libctx = NULL;
+    PKEY_KDF_DATA *kdata = NULL;
     int kdf_nid = OBJ_sn2nid(name);
 
-#ifdef OPENSSL_NO_SCRYPT
-    if (strcmp(name, "scrypt") == 0) {
+    if (is_kdf_disabled(name)) {
+        TEST_info("skipping, '%s' is disabled", name);
         t->skip = 1;
         return 1;
     }
-#endif /* OPENSSL_NO_SCRYPT */
-
-#ifdef OPENSSL_NO_CMS
-    if (strcmp(name, "X942KDF") == 0) {
-        t->skip = 1;
-        return 1;
-    }
-#endif /* OPENSSL_NO_CMS */
 
     if (kdf_nid == NID_undef)
         kdf_nid = OBJ_ln2nid(name);
 
     if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata))))
         return 0;
+    /*
+     * TODO(3.0): This should be using EVP_PKEY_CTX_new_from_name(),
+     * but it does not currently since the PKEY_KDF is using legacy paths.
+     * Internally it still uses fetches with the legacy path,
+     * So for now we hack in the library context.
+     */
+    save_libctx = OPENSSL_CTX_set0_default(libctx);
     kdata->ctx = EVP_PKEY_CTX_new_id(kdf_nid, NULL);
-    if (kdata->ctx == NULL) {
-        OPENSSL_free(kdata);
-        return 0;
-    }
-    if (EVP_PKEY_derive_init(kdata->ctx) <= 0) {
-        EVP_PKEY_CTX_free(kdata->ctx);
-        OPENSSL_free(kdata);
-        return 0;
-    }
+    if (kdata->ctx == NULL
+        || EVP_PKEY_derive_init(kdata->ctx) <= 0)
+        goto err;
+
+    OPENSSL_CTX_set0_default(save_libctx);
     t->data = kdata;
     return 1;
+err:
+    OPENSSL_CTX_set0_default(save_libctx);
+    EVP_PKEY_CTX_free(kdata->ctx);
+    OPENSSL_free(kdata);
+    return 0;
 }
 
 static void pkey_kdf_test_cleanup(EVP_TEST *t)
@@ -2621,10 +2584,9 @@ static const EVP_TEST_METHOD pkey_kdf_test_method = {
     pkey_kdf_test_run
 };
 
-
 /**
-***  KEYPAIR TESTS
-**/
+ **  KEYPAIR TESTS
+ **/
 
 typedef struct keypair_test_data_st {
     EVP_PKEY *privk;
@@ -2739,8 +2701,8 @@ static const EVP_TEST_METHOD keypair_test_method = {
 };
 
 /**
-***  KEYGEN TEST
-**/
+ **  KEYGEN TEST
+ **/
 
 typedef struct keygen_test_data_st {
     EVP_PKEY_CTX *genctx; /* Keygen context to use */
@@ -2759,11 +2721,12 @@ static int keygen_test_init(EVP_TEST *t, const char *alg)
             return 0;
     }
 
-    if (!TEST_ptr(genctx = EVP_PKEY_CTX_new_id(nid, NULL))) {
-        /* assume algorithm disabled */
+    if (is_pkey_disabled(alg)) {
         t->skip = 1;
         return 1;
     }
+    if (!TEST_ptr(genctx = EVP_PKEY_CTX_new_from_name(libctx, alg, NULL)))
+        goto err;
 
     if (EVP_PKEY_keygen_init(genctx) <= 0) {
         t->err = "KEYGEN_INIT_ERROR";
@@ -2816,6 +2779,10 @@ static int keygen_test_run(EVP_TEST *t)
         goto err;
     }
 
+    if (!evp_pkey_is_provided(pkey)) {
+        TEST_info("Warning: legacy key generated %s", keygen->keyname);
+        goto err;
+    }
     if (keygen->keyname != NULL) {
         KEY_LIST *key;
 
@@ -2852,8 +2819,8 @@ static const EVP_TEST_METHOD keygen_test_method = {
 };
 
 /**
-***  DIGEST SIGN+VERIFY TESTS
-**/
+ **  DIGEST SIGN+VERIFY TESTS
+ **/
 
 typedef struct {
     int is_verify; /* Set to 1 if verifying */
@@ -2875,14 +2842,13 @@ static int digestsigver_test_init(EVP_TEST *t, const char *alg, int is_verify,
     DIGESTSIGN_DATA *mdat;
 
     if (strcmp(alg, "NULL") != 0) {
-        if ((md = EVP_get_digestbyname(alg)) == NULL) {
-            /* If alg has an OID assume disabled algorithm */
-            if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) {
-                t->skip = 1;
-                return 1;
-            }
-            return 0;
+        if (is_digest_disabled(alg)) {
+            t->skip = 1;
+            return 1;
         }
+        md = EVP_get_digestbyname(alg);
+        if (md == NULL)
+            return 0;
     }
     if (!TEST_ptr(mdat = OPENSSL_zalloc(sizeof(*mdat))))
         return 0;
@@ -2922,6 +2888,7 @@ static int digestsigver_test_parse(EVP_TEST *t,
     if (strcmp(keyword, "Key") == 0) {
         EVP_PKEY *pkey = NULL;
         int rv = 0;
+        const char *name = mdata->md == NULL ? NULL : EVP_MD_name(mdata->md);
 
         if (mdata->is_verify)
             rv = find_key(&pkey, value, public_keys);
@@ -2932,13 +2899,13 @@ static int digestsigver_test_parse(EVP_TEST *t,
             return 1;
         }
         if (mdata->is_verify) {
-            if (!EVP_DigestVerifyInit(mdata->ctx, &mdata->pctx, mdata->md,
-                                      NULL, pkey))
+            if (!EVP_DigestVerifyInit_ex(mdata->ctx, &mdata->pctx,
+                                         name, NULL, pkey, libctx))
                 t->err = "DIGESTVERIFYINIT_ERROR";
             return 1;
         }
-        if (!EVP_DigestSignInit(mdata->ctx, &mdata->pctx, mdata->md, NULL,
-                                pkey))
+        if (!EVP_DigestSignInit_ex(mdata->ctx, &mdata->pctx,
+                                   name, NULL, pkey, libctx))
             t->err = "DIGESTSIGNINIT_ERROR";
         return 1;
     }
@@ -3117,8 +3084,8 @@ static const EVP_TEST_METHOD oneshot_digestverify_test_method = {
 
 
 /**
-***  PARSING AND DISPATCH
-**/
+ **  PARSING AND DISPATCH
+ **/
 
 static const EVP_TEST_METHOD *evp_test_list[] = {
     &rand_test_method,
@@ -3175,9 +3142,7 @@ static void clear_test(EVP_TEST *t)
     t->meth = NULL;
 }
 
-/*
- * Check for errors in the test structure; return 1 if okay, else 0.
- */
+/* Check for errors in the test structure; return 1 if okay, else 0. */
 static int check_test_error(EVP_TEST *t)
 {
     unsigned long err;
@@ -3240,9 +3205,7 @@ static int check_test_error(EVP_TEST *t)
     return 0;
 }
 
-/*
- * Run a parsed test. Log a message and return 0 on error.
- */
+/* Run a parsed test. Log a message and return 0 on error. */
 static int run_test(EVP_TEST *t)
 {
     if (t->meth == NULL)
@@ -3319,9 +3282,7 @@ static int key_unsupported(void)
     return 0;
 }
 
-/*
- * NULL out the value from |pp| but return it.  This "steals" a pointer.
- */
+/* NULL out the value from |pp| but return it.  This "steals" a pointer. */
 static char *take_value(PAIR *pp)
 {
     char *p = pp->value;
@@ -3351,21 +3312,19 @@ static int prov_available(char *providers)
             more = 0;
         else
             *p = '\0';
-        if (OSSL_PROVIDER_available(NULL, providers))
+        if (OSSL_PROVIDER_available(libctx, providers))
             return 1;            /* Found one */
     }
     return 0;
 }
 
-/*
- * Read and parse one test.  Return 0 if failure, 1 if okay.
- */
+/* Read and parse one test.  Return 0 if failure, 1 if okay. */
 static int parse(EVP_TEST *t)
 {
     KEY_LIST *key, **klist;
     EVP_PKEY *pkey;
     PAIR *pp;
-    int i;
+    int i, skip_availablein = 0;
 
 top:
     do {
@@ -3380,8 +3339,9 @@ top:
     /* Are we adding a key? */
     klist = NULL;
     pkey = NULL;
+start:
     if (strcmp(pp->key, "PrivateKey") == 0) {
-        pkey = PEM_read_bio_PrivateKey(t->s.key, NULL, 0, NULL);
+        pkey = PEM_read_bio_PrivateKey_ex(t->s.key, NULL, 0, NULL, libctx, NULL);
         if (pkey == NULL && !key_unsupported()) {
             EVP_PKEY_free(pkey);
             TEST_info("Can't read private key %s", pp->value);
@@ -3424,7 +3384,7 @@ top:
 
         nid = OBJ_txt2nid(strnid);
         if (nid == NID_undef) {
-            TEST_info("Uncrecognised algorithm NID");
+            TEST_info("Unrecognised algorithm NID");
             return 0;
         }
         if (!parse_bin(keydata, &keybin, &keylen)) {
@@ -3432,9 +3392,11 @@ top:
             return 0;
         }
         if (klist == &private_keys)
-            pkey = EVP_PKEY_new_raw_private_key(nid, NULL, keybin, keylen);
+            pkey = EVP_PKEY_new_raw_private_key_with_libctx(libctx, strnid, NULL,
+                                                            keybin, keylen);
         else
-            pkey = EVP_PKEY_new_raw_public_key(nid, NULL, keybin, keylen);
+            pkey = EVP_PKEY_new_raw_public_key_with_libctx(libctx, strnid, NULL,
+                                                           keybin, keylen);
         if (pkey == NULL && !key_unsupported()) {
             TEST_info("Can't read %s data", pp->key);
             OPENSSL_free(keybin);
@@ -3442,6 +3404,16 @@ top:
             return 0;
         }
         OPENSSL_free(keybin);
+    } else if (strcmp(pp->key, "Availablein") == 0) {
+        if (!prov_available(pp->value)) {
+            TEST_info("skipping, '%s' provider not available: %s:%d",
+                      pp->value, t->s.test_file, t->s.start);
+                t->skip = 1;
+                return 0;
+        }
+        skip_availablein++;
+        pp++;
+        goto start;
     }
 
     /* If we have a key add to list */
@@ -3458,7 +3430,7 @@ top:
         *klist = key;
 
         /* Go back and start a new stanza. */
-        if (t->s.numpairs != 1)
+        if ((t->s.numpairs - skip_availablein) != 1)
             TEST_info("Line %d: missing blank line\n", t->s.curr);
         goto top;
     }
@@ -3475,14 +3447,11 @@ top:
         return 0;
     }
 
-    for (pp++, i = 1; i < t->s.numpairs; pp++, i++) {
+    for (pp++, i = 1; i < (t->s.numpairs - skip_availablein); pp++, i++) {
         if (strcmp(pp->key, "Availablein") == 0) {
-            if (!prov_available(pp->value)) {
-                TEST_info("skipping, providers not available: %s:%d",
-                          t->s.test_file, t->s.start);
-                t->skip = 1;
-                return 0;
-            }
+            TEST_info("Line %d: 'Availablein' should be the first option",
+                      t->s.curr);
+            return 0;
         } else if (strcmp(pp->key, "Result") == 0) {
             if (t->expected_err != NULL) {
                 TEST_info("Line %d: multiple result lines", t->s.curr);
@@ -3551,14 +3520,54 @@ static int run_file_tests(int i)
     return c == 0;
 }
 
-OPT_TEST_DECLARE_USAGE("file...\n")
+const OPTIONS *test_get_options(void)
+{
+    static const OPTIONS test_options[] = {
+        OPT_TEST_OPTIONS_WITH_EXTRA_USAGE("[file...]\n"),
+        { "config", OPT_CONFIG_FILE, '<',
+          "The configuration file to use for the libctx" },
+        { OPT_HELP_STR, 1, '-',
+          "file\tFile to run tests on.\n" },
+        { NULL }
+    };
+    return test_options;
+}
 
 int setup_tests(void)
 {
     size_t n;
+    char *config_file = NULL;
+
+    OPTION_CHOICE o;
+
+    while ((o = opt_next()) != OPT_EOF) {
+        switch (o) {
+        case OPT_CONFIG_FILE:
+            config_file = opt_arg();
+            break;
+        case OPT_TEST_CASES:
+           break;
+        default:
+        case OPT_ERR:
+            return 0;
+        }
+    }
+
+    /*
+     * Load the 'null' provider into the default library context to ensure that
+     * the the tests do not fallback to using the default provider.
+     */
+    prov_null = OSSL_PROVIDER_load(NULL, "null");
+    if (prov_null == NULL) {
+        opt_printf_stderr("Failed to load null provider into default libctx\n");
+        return 0;
+    }
 
-    if (!test_skip_common_options()) {
-        TEST_error("Error parsing test options\n");
+    /* load the provider via configuration into the created library context */
+    libctx = OPENSSL_CTX_new();
+    if (libctx == NULL
+        || !OPENSSL_CTX_load_config(libctx, config_file)) {
+        TEST_error("Failed to load config %s\n", config_file);
         return 0;
     }
 
@@ -3569,3 +3578,170 @@ int setup_tests(void)
     ADD_ALL_TESTS(run_file_tests, n);
     return 1;
 }
+
+void cleanup_tests(void)
+{
+    OSSL_PROVIDER_unload(prov_null);
+    OPENSSL_CTX_free(libctx);
+}
+
+#define STR_STARTS_WITH(str, pre) strncasecmp(pre, str, strlen(pre)) == 0
+#define STR_ENDS_WITH(str, pre)                                                \
+strlen(str) < strlen(pre) ? 0 : (strcasecmp(pre, str + strlen(str) - strlen(pre)) == 0)
+
+static int is_digest_disabled(const char *name)
+{
+#ifdef OPENSSL_NO_BLAKE2
+    if (STR_STARTS_WITH(name, "BLAKE"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_MD2
+    if (strcasecmp(name, "MD2") == 0)
+        return 1;
+#endif
+#ifdef OPENSSL_NO_MDC2
+    if (strcasecmp(name, "MDC2") == 0)
+        return 1;
+#endif
+#ifdef OPENSSL_NO_MD4
+    if (strcasecmp(name, "MD4") == 0)
+        return 1;
+#endif
+#ifdef OPENSSL_NO_MD5
+    if (strcasecmp(name, "MD5") == 0)
+        return 1;
+#endif
+#ifdef OPENSSL_NO_RMD160
+    if (strcasecmp(name, "RIPEMD160") == 0)
+        return 1;
+#endif
+#ifdef OPENSSL_NO_SM3
+    if (strcasecmp(name, "SM3") == 0)
+        return 1;
+#endif
+#ifdef OPENSSL_NO_WHIRLPOOL
+    if (strcasecmp(name, "WHIRLPOOL") == 0)
+        return 1;
+#endif
+    return 0;
+}
+
+static int is_pkey_disabled(const char *name)
+{
+#ifdef OPENSSL_NO_RSA
+    if (STR_STARTS_WITH(name, "RSA"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_EC
+    if (STR_STARTS_WITH(name, "EC"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_DH
+    if (STR_STARTS_WITH(name, "DH"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_DSA
+    if (STR_STARTS_WITH(name, "DSA"))
+        return 1;
+#endif
+    return 0;
+}
+
+static int is_mac_disabled(const char *name)
+{
+#ifdef OPENSSL_NO_BLAKE2
+    if (STR_STARTS_WITH(name, "BLAKE2BMAC")
+        || STR_STARTS_WITH(name, "BLAKE2SMAC"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_CMAC
+    if (STR_STARTS_WITH(name, "CMAC"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_POLY1305
+    if (STR_STARTS_WITH(name, "Poly1305"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_SIPHASH
+    if (STR_STARTS_WITH(name, "SipHash"))
+        return 1;
+#endif
+    return 0;
+}
+static int is_kdf_disabled(const char *name)
+{
+#ifdef OPENSSL_NO_SCRYPT
+    if (STR_ENDS_WITH(name, "SCRYPT"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_CMS
+    if (strcasecmp(name, "X942KDF") == 0)
+        return 1;
+#endif /* OPENSSL_NO_CMS */
+    return 0;
+}
+
+static int is_cipher_disabled(const char *name)
+{
+#ifdef OPENSSL_NO_ARIA
+    if (STR_STARTS_WITH(name, "ARIA"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_BF
+    if (STR_STARTS_WITH(name, "BF"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_CAMELLIA
+    if (STR_STARTS_WITH(name, "CAMELLIA"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_CAST
+    if (STR_STARTS_WITH(name, "CAST"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_CHACHA
+    if (STR_STARTS_WITH(name, "CHACHA"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_POLY1305
+    if (STR_ENDS_WITH(name, "Poly1305"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_DES
+    if (STR_STARTS_WITH(name, "DES"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_OCB
+    if (STR_ENDS_WITH(name, "OCB"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_IDEA
+    if (STR_STARTS_WITH(name, "IDEA"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_RC2
+    if (STR_STARTS_WITH(name, "RC2"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_RC4
+    if (STR_STARTS_WITH(name, "RC4"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_RC5
+    if (STR_STARTS_WITH(name, "RC5"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_SEED
+    if (STR_STARTS_WITH(name, "SEED"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_SIV
+    if (STR_ENDS_WITH(name, "SIV"))
+        return 1;
+#endif
+#ifdef OPENSSL_NO_SM4
+    if (STR_STARTS_WITH(name, "SM4"))
+        return 1;
+#endif
+    return 0;
+}
diff --git a/test/recipes/30-test_evp.t b/test/recipes/30-test_evp.t
index c94893a5bc..29fb224e63 100644
--- a/test/recipes/30-test_evp.t
+++ b/test/recipes/30-test_evp.t
@@ -14,7 +14,7 @@ use OpenSSL::Test qw(:DEFAULT data_file bldtop_dir srctop_file srctop_dir bldtop
 use OpenSSL::Test::Utils;
 
 BEGIN {
-setup("test_evp");
+    setup("test_evp");
 }
 
 use lib srctop_dir('Configurations');
@@ -31,49 +31,73 @@ my @configs = ( $defaultcnf );
 # Only add the FIPS config if the FIPS module has been built
 push @configs, 'fips.cnf' unless $no_fips;
 
-my @files = qw( evprand.txt evpciph.txt evpdigest.txt evppkey.txt
-    evppkey_ecc.txt evpciph_aes_cts.txt);
-
-my @defltfiles = qw( evpencod.txt evpkdf.txt evppkey_kdf.txt evpmac.txt
-    evppbe.txt evpcase.txt evpccmcavs.txt );
-my @ideafiles = qw( evpciph_idea.txt );
-push @defltfiles, @ideafiles unless disabled("idea");
-
-my @sivfiles = qw( evpaessiv.txt );
-push @defltfiles, @sivfiles unless disabled("siv");
-
-my @castfiles = qw( evpciph_cast5.txt );
-push @defltfiles, @castfiles unless disabled("cast");
-
-my @seedfiles = qw( evpciph_seed.txt );
-push @defltfiles, @seedfiles unless disabled("seed");
-
-my @sm4files = qw( evpciph_sm4.txt );
-push @defltfiles, @sm4files unless disabled("sm4");
-
-my @desfiles = qw( evpciph_des.txt );
-push @defltfiles, @desfiles unless disabled("des");
-
-my @rc4files = qw( evpciph_rc4.txt );
-push @defltfiles, @rc4files unless disabled("rc4");
-
-my @rc5files = qw( evpciph_rc5.txt );
-push @defltfiles, @rc5files unless disabled("rc5");
-
-my @rc2files = qw( evpciph_rc2.txt );
-push @defltfiles, @rc2files unless disabled("rc2");
-
-my @chachafiles = qw( evpciph_chacha.txt );
-push @defltfiles, @chachafiles unless disabled("chacha");
-
-my @bffiles = qw( evpciph_bf.txt );
-push @defltfiles, @bffiles unless disabled("bf");
-
-my @md2files = qw( evpmd_md2.txt );
-push @defltfiles, @md2files unless disabled("md2");
-
-my @mdc2files = qw( evpmd_mdc2.txt );
-push @defltfiles, @mdc2files unless disabled("mdc2");
+# A list of tests that run with both the default and fips provider.
+my @files = qw(
+                evpciph_aes_ccm_cavs.txt
+                evpciph_aes_common.txt
+                evpciph_aes_cts1.txt
+                evpciph_des3_common.txt
+                evpkdf_hkdf.txt
+                evpkdf_pbkdf2.txt
+                evpkdf_ss.txt
+                evpkdf_ssh.txt
+                evpkdf_tls12_prf.txt
+                evpkdf_x963.txt
+                evpmac_common.txt
+                evpmd_sha.txt
+                evppbe_pbkdf2.txt
+                evppbe_pkcs12.txt
+                evppkey_dsa.txt 
+                evppkey_ecc.txt
+                evppkey_ecdh.txt
+                evppkey_ecdsa.txt
+                evppkey_ecx.txt
+                evppkey_ffdhe.txt
+                evppkey_kas.txt
+                evppkey_kdf_hkdf.txt
+                evppkey_mismatch.txt
+                evppkey_rsa.txt
+                evprand.txt
+              );
+
+# A list of tests that only run with the default provider
+# (i.e. The algorithms are not present in the fips provider)
+my @defltfiles = qw(
+                     evpciph_aes_cts23.txt
+                     evpciph_aes_ocb.txt
+                     evpciph_aes_siv.txt
+                     evpciph_aria.txt 
+                     evpciph_bf.txt
+                     evpciph_camellia.txt
+                     evpciph_cast5.txt
+                     evpciph_chacha.txt
+                     evpciph_des.txt
+                     evpciph_idea.txt
+                     evpciph_rc2.txt
+                     evpciph_rc4.txt
+                     evpciph_rc5.txt
+                     evpciph_seed.txt
+                     evpciph_sm4.txt
+                     evpencod.txt
+                     evpkdf_krb5.txt
+                     evpkdf_scrypt.txt
+                     evpkdf_tls11_prf.txt
+                     evpkdf_x942.txt
+                     evpmac_blake.txt
+                     evpmac_poly1305.txt
+                     evpmac_siphash.txt
+                     evpmd_blake.txt
+                     evpmd_md.txt
+                     evpmd_mdc2.txt
+                     evpmd_ripemd.txt
+                     evpmd_sm3.txt
+                     evpmd_whirlpool.txt
+                     evppbe_scrypt.txt
+                     evppkey_brainpool.txt
+                     evppkey_kdf_scrypt.txt
+                     evppkey_kdf_tls1_prf.txt
+                     evppkey_sm2.txt
+                    );
 
 plan tests =>
     ($no_fips ? 0 : 1)          # FIPS install test
@@ -90,20 +114,20 @@ unless ($no_fips) {
 }
 
 foreach (@configs) {
-    $ENV{OPENSSL_CONF} = srctop_file("test", $_);
+    my $conf = srctop_file("test", $_);
 
     foreach my $f ( @files ) {
-        ok(run(test(["evp_test", data_file("$f")])),
-           "running evp_test $f");
+        ok(run(test(["evp_test",
+                     "-config", $conf,
+                     data_file("$f")])),
+           "running evp_test -config $conf $f");
     }
 }
 
-#TODO(3.0): As more operations are converted to providers we can move more of
-#           these tests to the loop above
-
-$ENV{OPENSSL_CONF} = srctop_file("test", $defaultcnf);
-
+my $conf = srctop_file("test", $defaultcnf);
 foreach my $f ( @defltfiles ) {
-    ok(run(test(["evp_test", data_file("$f")])),
-       "running evp_test $f");
+    ok(run(test(["evp_test",
+                 "-config", $conf,
+                 data_file("$f")])),
+       "running evp_test -config $conf $f");
 }
diff --git a/test/recipes/30-test_evp_data/evpcase.txt b/test/recipes/30-test_evp_data/evpcase.txt
deleted file mode 100644
index c56c5098b4..0000000000
--- a/test/recipes/30-test_evp_data/evpcase.txt
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
-#
-# Licensed under the Apache License 2.0 (the "License").  You may not use
-# this file except in compliance with the License.  You can obtain a copy
-# in the file LICENSE in the source distribution or at
-# https://www.openssl.org/source/license.html
-
-# Tests start with one of these keywords
-#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
-#       PrivPubKeyPair Sign Verify VerifyRecover
-# and continue until a blank line.  Lines starting with a pound sign,
-# like this prolog, are ignored.
-
-# These tests exercise the case insensitive handling of object names.
-# They are contrived
-
-Title = Case insensitive AES tests
-
-Cipher = Aes-128-eCb
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 3AD77BB40D7A3660A89ECAF32466EF97
-
-Cipher = AeS-128-cbC
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 73BED6B8E3C1743B7116E69E22229516
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 3FF1CAA1681FAC09120ECA307586E1A7
-
-Cipher = aES-128-CTR
-Key = AE6852F8121067CC4BF7A5765577F39E
-IV = 00000030000000000000000000000001
-Operation = ENCRYPT
-Plaintext = 53696E676C6520626C6F636B206D7367
-Ciphertext = E4095D4FB7A7B3792D6175A3261311B8
-
-Cipher = AES-128-GcM
-Key = 00000000000000000000000000000000
-IV = 000000000000000000000000
-AAD =
-Tag = ab6e47d42cec13bdf53a67b21257bddf
-Plaintext = 00000000000000000000000000000000
-Ciphertext = 0388dace60b6a392f328c2b971b2fe78
-
-Title = Case insensitive digest tests
-
-Digest = Sha3-256
-Input = ""
-Output = A7FFC6F8BF1ED76651C14756A061D662F580FF4DE43B49FA82D80A4B80F8434A
-
-Digest = shA512
-Input = "abc"
-Output = ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f
diff --git a/test/recipes/30-test_evp_data/evpccmcavs.txt b/test/recipes/30-test_evp_data/evpciph_aes_ccm_cavs.txt
similarity index 99%
rename from test/recipes/30-test_evp_data/evpccmcavs.txt
rename to test/recipes/30-test_evp_data/evpciph_aes_ccm_cavs.txt
index 4b74ea0223..41b7b065cb 100644
--- a/test/recipes/30-test_evp_data/evpccmcavs.txt
+++ b/test/recipes/30-test_evp_data/evpciph_aes_ccm_cavs.txt
@@ -1,5 +1,5 @@
 #
-# Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the Apache License 2.0 (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
diff --git a/test/recipes/30-test_evp_data/evpciph.txt b/test/recipes/30-test_evp_data/evpciph_aes_common.txt
similarity index 58%
rename from test/recipes/30-test_evp_data/evpciph.txt
rename to test/recipes/30-test_evp_data/evpciph_aes_common.txt
index 4f7afd0e1d..82a72db9b2 100644
--- a/test/recipes/30-test_evp_data/evpciph.txt
+++ b/test/recipes/30-test_evp_data/evpciph_aes_common.txt
@@ -9,47 +9,10 @@
 # Tests start with one of these keywords
 #       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
 #       PrivPubKeyPair Sign Verify VerifyRecover
-# and continue until a blank line.  Lines starting with a pound sign,
-# like this prolog, are ignored.
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+# The keyword Availablein must appear before the test name if needed.
 
 
-# DES EDE3 CFB1
-# echo -n "Hello World" |
-#  apps/openssl enc -des-ede3-cfb1 \
-#   -K 000102030405060708090A0B0C0D0E0F1011121314151617 -iv 0001020304050607 |
-#  xxd -ps -u
-
-Title = DES Tests (various sources)
-
-Cipher = DES-EDE3-CFB1
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F1011121314151617
-IV = 0001020304050607
-Plaintext = "Hello World"
-Ciphertext = 3CF55D656E9C0664513358
-
-Cipher = DES-EDE3-CFB1
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F1011121314151617
-IV = 0001020304050607
-Operation = DECRYPT
-Plaintext = "Hello World"
-Ciphertext = 3CF55D656E9C0664513358
-
-Cipher = DESX-CBC
-Availablein = legacy
-Key = 0123456789abcdeff1e0d3c2b5a49786fedcba9876543210
-IV = fedcba9876543210
-Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000
-Ciphertext = 846B2914851E9A2954732F8AA0A611C115CDC2D7951B1053A63C5E03B21AA3C4
-
-# DES EDE3 CBC tests (from destest)
-Cipher = DES-EDE3-CBC
-Key = 0123456789abcdeff1e0d3c2b5a49786fedcba9876543210
-IV = fedcba9876543210
-Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000
-Ciphertext = 3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675
-
 Title = AES (from FIPS-197 test vectors)
 
 Cipher = AES-128-ECB
@@ -958,226 +921,6 @@ Tag = 3b629ccfbc1119b7319e1dce2cd6fd6d
 Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f
 Ciphertext = 6268c6fa2a80b2d137467f092f657ac04d89be2beaa623d61b5a868c8f03ff95d3dcee23ad2f1ab3a6c80eaf4b140eb05de3457f0fbc111a6b43d0763aa422a3013cf1dc37fe417d1fbfc449b75d4cc5
 
-#AES OCB Test vectors
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD =
-Tag = 197B9C3C441D3C83EAFB2BEF633B9182
-Plaintext =
-Ciphertext =
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 0001020304050607
-Tag = 16DC76A46D47E1EAD537209E8A96D14E
-Plaintext = 0001020304050607
-Ciphertext = 92B657130A74B85A
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 0001020304050607
-Tag = 98B91552C8C009185044E30A6EB2FE21
-Plaintext =
-Ciphertext =
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD =
-Tag = 971EFFCAE19AD4716F88E87B871FBEED
-Plaintext = 0001020304050607
-Ciphertext = 92B657130A74B85A
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F
-Tag = 776C9924D6723A1FC4524532AC3E5BEB
-Plaintext = 000102030405060708090A0B0C0D0E0F
-Ciphertext = BEA5E8798DBE7110031C144DA0B26122
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F
-Tag = 7DDB8E6CEA6814866212509619B19CC6
-Plaintext =
-Ciphertext =
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD =
-Tag = 13CC8B747807121A4CBB3E4BD6B456AF
-Plaintext = 000102030405060708090A0B0C0D0E0F
-Ciphertext = BEA5E8798DBE7110031C144DA0B26122
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F1011121314151617
-Tag = 5FA94FC3F38820F1DC3F3D1FD4E55E1C
-Plaintext = 000102030405060708090A0B0C0D0E0F1011121314151617
-Ciphertext = BEA5E8798DBE7110031C144DA0B26122FCFCEE7A2A8D4D48
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F1011121314151617
-Tag = 282026DA3068BC9FA118681D559F10F6
-Plaintext =
-Ciphertext =
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD =
-Tag = 6EF2F52587FDA0ED97DC7EEDE241DF68
-Plaintext = 000102030405060708090A0B0C0D0E0F1011121314151617
-Ciphertext = BEA5E8798DBE7110031C144DA0B26122FCFCEE7A2A8D4D48
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Tag = B2A040DD3BD5164372D76D7BB6824240
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Tag = E1E072633BADE51A60E85951D9C42A1B
-Plaintext =
-Ciphertext =
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD =
-Tag = 4A3BAE824465CFDAF8C41FC50C7DF9D9
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Tag = 659C623211DEEA0DE30D2C381879F4C8
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB68C65778B058A635
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Tag = 7AEB7A69A1687DD082CA27B0D9A37096
-Plaintext =
-Ciphertext =
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD =
-Tag = 060C8467F4ABAB5E8B3C2067A2E115DC
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB68C65778B058A635
-
-#AES OCB Non standard test vectors - generated from reference implementation
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Tag = 1b6c44f34e3abb3cbf8976e7
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Ciphertext = 09a4fd29de949d9a9aa9924248422097ad4883b4713e6c214ff6567ada08a96766fc4e2ee3e3a5a1
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B0C0D0E
-AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Tag = 1ad62009901f40cba7cd7156f94a7324
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Ciphertext = 5e2fa7367ffbdb3938845cfd415fcc71ec79634eb31451609d27505f5e2978f43c44213d8fa441ee
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Tag = C203F98CE28F7DAD3F31C021
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F3031
-Ciphertext = 09A4FD29DE949D9A9AA9924248422097AD4883B4713E6C214FF6567ADA08A967B2176C12F110DD441B7CAA3A509B13C822D6
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Tag = 8346D7D47C5D893ED472F5AB
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F4041
-Ciphertext = 09A4FD29DE949D9A9AA9924248422097AD4883B4713E6C214FF6567ADA08A967B2176C12F110DD441B7CAA3A509B13C86A023AFCEE998BEE42028D44507B15F714FF
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Tag = 5822A9A70FDF55D29D2984A6
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F5051
-Ciphertext = 09A4FD29DE949D9A9AA9924248422097AD4883B4713E6C214FF6567ADA08A967B2176C12F110DD441B7CAA3A509B13C86A023AFCEE998BEE42028D44507B15F77C528A1DE6406B519BCEE8FCB8294170634D
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Tag = 81772B6741ABB4ECA9D2DEB2
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F6061
-Ciphertext = 09A4FD29DE949D9A9AA9924248422097AD4883B4713E6C214FF6567ADA08A967B2176C12F110DD441B7CAA3A509B13C86A023AFCEE998BEE42028D44507B15F77C528A1DE6406B519BCEE8FCB829417001E54E15A7576C4DF32366E0F439C7050FAA
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Tag = 3E52A01D068DE85456DB03B7
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F7071
-Ciphertext = 09A4FD29DE949D9A9AA9924248422097AD4883B4713E6C214FF6567ADA08A967B2176C12F110DD441B7CAA3A509B13C86A023AFCEE998BEE42028D44507B15F77C528A1DE6406B519BCEE8FCB829417001E54E15A7576C4DF32366E0F439C7051CB4824B8114E9A720CBC1CE0185B156B486
-
-Cipher = aes-128-ocb
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-IV = 000102030405060708090A0B
-AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
-Tag = 3E52A01D068DE85456DB03B6
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F7071
-Ciphertext = 09A4FD29DE949D9A9AA9924248422097AD4883B4713E6C214FF6567ADA08A967B2176C12F110DD441B7CAA3A509B13C86A023AFCEE998BEE42028D44507B15F77C528A1DE6406B519BCEE8FCB829417001E54E15A7576C4DF32366E0F439C7051CB4824B8114E9A720CBC1CE0185B156B486
-Operation = DECRYPT
-Result = CIPHERFINAL_ERROR
-
 Title = AES XTS test vectors from IEEE Std 1619-2007
 
 # Using the same key twice for encryption is always banned.
@@ -1190,8 +933,8 @@ Ciphertext = 917cf69ebd68b2ec9b9fe9a3eadda692cd43d2f59598ed858c02c2652fbf922e
 Result = KEY_SET_ERROR
 
 # Using the same key twice for decryption is banned in FIPS mode.
-Cipher = aes-128-xts
 Availablein = fips
+Cipher = aes-128-xts
 Operation = DECRYPT
 Key = 0000000000000000000000000000000000000000000000000000000000000000
 IV = 00000000000000000000000000000000
@@ -1200,8 +943,8 @@ Ciphertext = 917cf69ebd68b2ec9b9fe9a3eadda692cd43d2f59598ed858c02c2652fbf922e
 Result = KEY_SET_ERROR
 
 # Using the same key twice for decryption is allowed outside of FIPS mode.
-Cipher = aes-128-xts
 Availablein = default
+Cipher = aes-128-xts
 Operation = DECRYPT
 Key = 0000000000000000000000000000000000000000000000000000000000000000
 IV = 00000000000000000000000000000000
@@ -1443,7 +1186,6 @@ Plaintext = 00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F
 Ciphertext = 28C9F404C4B810F4CBCCB35CFB87F8263F5786E2D80ED326CBC7F0E71A99F43BFB988B9B7A02DD21
 Result = CIPHERUPDATE_ERROR
 
-
 # AES wrap tests from RFC5649
 Cipher = id-aes192-wrap-pad
 Key = 5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8
@@ -1455,973 +1197,32 @@ Key = 5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8
 Plaintext = 466f7250617369
 Ciphertext = afbeb0f07dfbf5419200f2ccb50bb24f
 
-Title = Camellia tests from RFC3713
-
-# For all ECB encrypts and decrypts, the transformed sequence is
-#   CAMELLIA-bits-ECB:key::plaintext:ciphertext:encdec
-Cipher = CAMELLIA-128-ECB
-Availablein = default
-Key = 0123456789abcdeffedcba9876543210
-Plaintext = 0123456789abcdeffedcba9876543210
-Ciphertext = 67673138549669730857065648eabe43
-
-Cipher = CAMELLIA-192-ECB
-Availablein = default
-Key = 0123456789abcdeffedcba98765432100011223344556677
-Plaintext = 0123456789abcdeffedcba9876543210
-Ciphertext = b4993401b3e996f84ee5cee7d79b09b9
-
-Cipher = CAMELLIA-256-ECB
-Availablein = default
-Key = 0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff
-Plaintext = 0123456789abcdeffedcba9876543210
-Ciphertext = 9acc237dff16d76c20ef7c919e3a7509
-
-# ECB-CAMELLIA128.Encrypt
-Cipher = CAMELLIA-128-ECB
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 00112233445566778899AABBCCDDEEFF
-Ciphertext = 77CF412067AF8270613529149919546F
-
-Cipher = CAMELLIA-192-ECB
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F1011121314151617
-Operation = ENCRYPT
-Plaintext = 00112233445566778899AABBCCDDEEFF
-Ciphertext = B22F3C36B72D31329EEE8ADDC2906C68
-
-Cipher = CAMELLIA-256-ECB
-Availablein = default
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Operation = ENCRYPT
-Plaintext = 00112233445566778899AABBCCDDEEFF
-Ciphertext = 2EDF1F3418D53B88841FC8985FB1ECF2
-
-
-# ECB-CAMELLIA128.Encrypt and ECB-CAMELLIA128.Decrypt
-Cipher = CAMELLIA-128-ECB
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 432FC5DCD628115B7C388D770B270C96
-
-Cipher = CAMELLIA-128-ECB
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 0BE1F14023782A22E8384C5ABB7FAB2B
-
-Cipher = CAMELLIA-128-ECB
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = A0A1ABCD1893AB6FE0FE5B65DF5F8636
-
-Cipher = CAMELLIA-128-ECB
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = E61925E0D5DFAA9BB29F815B3076E51A
-
-
-# ECB-CAMELLIA192.Encrypt and ECB-CAMELLIA192.Decrypt
-Cipher = CAMELLIA-192-ECB
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = CCCC6C4E138B45848514D48D0D3439D3
-
-Cipher = CAMELLIA-192-ECB
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 5713C62C14B2EC0F8393B6AFD6F5785A
-
-Cipher = CAMELLIA-192-ECB
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = B40ED2B60EB54D09D030CF511FEEF366
-
-Cipher = CAMELLIA-192-ECB
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 909DBD95799096748CB27357E73E1D26
-
-
-# ECB-CAMELLIA256.Encrypt and ECB-CAMELLIA256.Decrypt
-Cipher = CAMELLIA-256-ECB
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = BEFD219B112FA00098919CD101C9CCFA
-
-Cipher = CAMELLIA-256-ECB
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = C91D3A8F1AEA08A9386CF4B66C0169EA
-
-Cipher = CAMELLIA-256-ECB
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = A623D711DC5F25A51BB8A80D56397D28
-
-Cipher = CAMELLIA-256-ECB
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 7960109FB6DC42947FCFE59EA3C5EB6B
 
+Title = Case insensitive AES tests
 
-# For all CBC encrypts and decrypts, the transformed sequence is
-#   CAMELLIA-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec
-# CBC-CAMELLIA128.Encrypt and CBC-CAMELLIA128.Decrypt
-Cipher = CAMELLIA-128-CBC
-Availablein = default
+Cipher = Aes-128-eCb
 Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 000102030405060708090A0B0C0D0E0F
 Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 1607CF494B36BBF00DAEB0B503C831AB
-
-Cipher = CAMELLIA-128-CBC
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 1607CF494B36BBF00DAEB0B503C831AB
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = A2F2CF671629EF7840C5A5DFB5074887
-
-Cipher = CAMELLIA-128-CBC
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = A2F2CF671629EF7840C5A5DFB5074887
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 0F06165008CF8B8B5A63586362543E54
+Ciphertext = 3AD77BB40D7A3660A89ECAF32466EF97
 
-Cipher = CAMELLIA-128-CBC
-Availablein = default
+Cipher = AeS-128-cbC
 Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 36A84CDAFD5F9A85ADA0F0A993D6D577
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 74C64268CDB8B8FAF5B34E8AF3732980
-
-
-# CBC-CAMELLIA192.Encrypt and CBC-CAMELLIA192.Decrypt
-Cipher = CAMELLIA-192-CBC
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 000102030405060708090A0B0C0D0E0F
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 2A4830AB5AC4A1A2405955FD2195CF93
-
-Cipher = CAMELLIA-192-CBC
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 2A4830AB5AC4A1A2405955FD2195CF93
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 5D5A869BD14CE54264F892A6DD2EC3D5
-
-Cipher = CAMELLIA-192-CBC
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 5D5A869BD14CE54264F892A6DD2EC3D5
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 37D359C3349836D884E310ADDF68C449
-
-Cipher = CAMELLIA-192-CBC
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 37D359C3349836D884E310ADDF68C449
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 01FAAA930B4AB9916E9668E1428C6B08
-
-
-# CBC-CAMELLIA256.Encrypt and CBC-CAMELLIA256.Decrypt
-Cipher = CAMELLIA-256-CBC
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 000102030405060708090A0B0C0D0E0F
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = E6CFA35FC02B134A4D2C0B6737AC3EDA
-
-Cipher = CAMELLIA-256-CBC
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = E6CFA35FC02B134A4D2C0B6737AC3EDA
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 36CBEB73BD504B4070B1B7DE2B21EB50
-
-Cipher = CAMELLIA-256-CBC
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 36CBEB73BD504B4070B1B7DE2B21EB50
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = E31A6055297D96CA3330CDF1B1860A83
-
-Cipher = CAMELLIA-256-CBC
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = E31A6055297D96CA3330CDF1B1860A83
+IV = 73BED6B8E3C1743B7116E69E22229516
 Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 5D563F6D1CCCF236051C0C5C1C58F28F
-
+Ciphertext = 3FF1CAA1681FAC09120ECA307586E1A7
 
-# We don't support CFB{1,8}-CAMELLIAxxx.{En,De}crypt
-# For all CFB128 encrypts and decrypts, the transformed sequence is
-#   CAMELLIA-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec
-# CFB128-CAMELLIA128.Encrypt
-Cipher = CAMELLIA-128-CFB
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 000102030405060708090A0B0C0D0E0F
+Cipher = aES-128-CTR
+Key = AE6852F8121067CC4BF7A5765577F39E
+IV = 00000030000000000000000000000001
 Operation = ENCRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 14F7646187817EB586599146B82BD719
+Plaintext = 53696E676C6520626C6F636B206D7367
+Ciphertext = E4095D4FB7A7B3792D6175A3261311B8
 
-Cipher = CAMELLIA-128-CFB
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 14F7646187817EB586599146B82BD719
-Operation = ENCRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = A53D28BB82DF741103EA4F921A44880B
+Cipher = AES-128-GcM
+Key = 00000000000000000000000000000000
+IV = 000000000000000000000000
+AAD =
+Tag = ab6e47d42cec13bdf53a67b21257bddf
+Plaintext = 00000000000000000000000000000000
+Ciphertext = 0388dace60b6a392f328c2b971b2fe78
 
-Cipher = CAMELLIA-128-CFB
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = A53D28BB82DF741103EA4F921A44880B
-Operation = ENCRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 9C2157A664626D1DEF9EA420FDE69B96
-
-Cipher = CAMELLIA-128-CFB
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 9C2157A664626D1DEF9EA420FDE69B96
-Operation = ENCRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 742A25F0542340C7BAEF24CA8482BB09
-
-
-# CFB128-CAMELLIA128.Decrypt
-Cipher = CAMELLIA-128-CFB
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = DECRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 14F7646187817EB586599146B82BD719
-
-Cipher = CAMELLIA-128-CFB
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 14F7646187817EB586599146B82BD719
-Operation = DECRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = A53D28BB82DF741103EA4F921A44880B
-
-Cipher = CAMELLIA-128-CFB
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = A53D28BB82DF741103EA4F921A44880B
-Operation = DECRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 9C2157A664626D1DEF9EA420FDE69B96
-
-Cipher = CAMELLIA-128-CFB
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 9C2157A664626D1DEF9EA420FDE69B96
-Operation = DECRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 742A25F0542340C7BAEF24CA8482BB09
-
-
-# CFB128-CAMELLIA192.Encrypt
-Cipher = CAMELLIA-192-CFB
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = C832BB9780677DAA82D9B6860DCD565E
-
-Cipher = CAMELLIA-192-CFB
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = C832BB9780677DAA82D9B6860DCD565E
-Operation = ENCRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 86F8491627906D780C7A6D46EA331F98
-
-Cipher = CAMELLIA-192-CFB
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 86F8491627906D780C7A6D46EA331F98
-Operation = ENCRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 69511CCE594CF710CB98BB63D7221F01
-
-Cipher = CAMELLIA-192-CFB
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 69511CCE594CF710CB98BB63D7221F01
-Operation = ENCRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = D5B5378A3ABED55803F25565D8907B84
-
-
-# CFB128-CAMELLIA192.Decrypt
-Cipher = CAMELLIA-192-CFB
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = DECRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = C832BB9780677DAA82D9B6860DCD565E
-
-Cipher = CAMELLIA-192-CFB
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = C832BB9780677DAA82D9B6860DCD565E
-Operation = DECRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 86F8491627906D780C7A6D46EA331F98
-
-Cipher = CAMELLIA-192-CFB
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 86F8491627906D780C7A6D46EA331F98
-Operation = DECRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 69511CCE594CF710CB98BB63D7221F01
-
-Cipher = CAMELLIA-192-CFB
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 69511CCE594CF710CB98BB63D7221F01
-Operation = DECRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = D5B5378A3ABED55803F25565D8907B84
-
-
-# CFB128-CAMELLIA256.Encrypt
-Cipher = CAMELLIA-256-CFB
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93
-
-Cipher = CAMELLIA-256-CFB
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = CF6107BB0CEA7D7FB1BD31F5E7B06C93
-Operation = ENCRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 89BEDB4CCDD864EA11BA4CBE849B5E2B
-
-Cipher = CAMELLIA-256-CFB
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 89BEDB4CCDD864EA11BA4CBE849B5E2B
-Operation = ENCRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 555FC3F34BDD2D54C62D9E3BF338C1C4
-
-Cipher = CAMELLIA-256-CFB
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 555FC3F34BDD2D54C62D9E3BF338C1C4
-Operation = ENCRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 5953ADCE14DB8C7F39F1BD39F359BFFA
-
-
-# CFB128-CAMELLIA256.Decrypt
-Cipher = CAMELLIA-256-CFB
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = DECRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93
-
-Cipher = CAMELLIA-256-CFB
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = CF6107BB0CEA7D7FB1BD31F5E7B06C93
-Operation = DECRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 89BEDB4CCDD864EA11BA4CBE849B5E2B
-
-Cipher = CAMELLIA-256-CFB
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 89BEDB4CCDD864EA11BA4CBE849B5E2B
-Operation = DECRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 555FC3F34BDD2D54C62D9E3BF338C1C4
-
-Cipher = CAMELLIA-256-CFB
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 555FC3F34BDD2D54C62D9E3BF338C1C4
-Operation = DECRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 5953ADCE14DB8C7F39F1BD39F359BFFA
-
-
-# For all OFB encrypts and decrypts, the transformed sequence is
-#   CAMELLIA-bits-OFB:key:IV/output':plaintext:ciphertext:encdec
-# OFB-CAMELLIA128.Encrypt
-Cipher = CAMELLIA-128-OFB
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 14F7646187817EB586599146B82BD719
-
-Cipher = CAMELLIA-128-OFB
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 50FE67CC996D32B6DA0937E99BAFEC60
-Operation = ENCRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 25623DB569CA51E01482649977E28D84
-
-Cipher = CAMELLIA-128-OFB
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = D9A4DADA0892239F6B8B3D7680E15674
-Operation = ENCRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = C776634A60729DC657D12B9FCA801E98
-
-Cipher = CAMELLIA-128-OFB
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = A78819583F0308E7A6BF36B1386ABF23
-Operation = ENCRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = D776379BE0E50825E681DA1A4C980E8E
-
-
-# OFB-CAMELLIA128.Decrypt
-Cipher = CAMELLIA-128-OFB
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = DECRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = 14F7646187817EB586599146B82BD719
-
-Cipher = CAMELLIA-128-OFB
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = 50FE67CC996D32B6DA0937E99BAFEC60
-Operation = DECRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 25623DB569CA51E01482649977E28D84
-
-Cipher = CAMELLIA-128-OFB
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = D9A4DADA0892239F6B8B3D7680E15674
-Operation = DECRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = C776634A60729DC657D12B9FCA801E98
-
-Cipher = CAMELLIA-128-OFB
-Availablein = default
-Key = 2B7E151628AED2A6ABF7158809CF4F3C
-IV = A78819583F0308E7A6BF36B1386ABF23
-Operation = DECRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = D776379BE0E50825E681DA1A4C980E8E
-
-
-# OFB-CAMELLIA192.Encrypt
-Cipher = CAMELLIA-192-OFB
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = C832BB9780677DAA82D9B6860DCD565E
-
-Cipher = CAMELLIA-192-OFB
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = A609B38DF3B1133DDDFF2718BA09565E
-Operation = ENCRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 8ECEB7D0350D72C7F78562AEBDF99339
-
-Cipher = CAMELLIA-192-OFB
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 52EF01DA52602FE0975F78AC84BF8A50
-Operation = ENCRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = BDD62DBBB9700846C53B507F544696F0
-
-Cipher = CAMELLIA-192-OFB
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = BD5286AC63AABD7EB067AC54B553F71D
-Operation = ENCRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = E28014E046B802F385C4C2E13EAD4A72
-
-
-# OFB-CAMELLIA192.Decrypt
-Cipher = CAMELLIA-192-OFB
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = DECRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = C832BB9780677DAA82D9B6860DCD565E
-
-Cipher = CAMELLIA-192-OFB
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = A609B38DF3B1133DDDFF2718BA09565E
-Operation = DECRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 8ECEB7D0350D72C7F78562AEBDF99339
-
-Cipher = CAMELLIA-192-OFB
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = 52EF01DA52602FE0975F78AC84BF8A50
-Operation = DECRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = BDD62DBBB9700846C53B507F544696F0
-
-Cipher = CAMELLIA-192-OFB
-Availablein = default
-Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
-IV = BD5286AC63AABD7EB067AC54B553F71D
-Operation = DECRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = E28014E046B802F385C4C2E13EAD4A72
-
-
-# OFB-CAMELLIA256.Encrypt
-Cipher = CAMELLIA-256-OFB
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = ENCRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93
-
-Cipher = CAMELLIA-256-OFB
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = B7BF3A5DF43989DD97F0FA97EBCE2F4A
-Operation = ENCRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 127AD97E8E3994E4820027D7BA109368
-
-Cipher = CAMELLIA-256-OFB
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = E1C656305ED1A7A6563805746FE03EDC
-Operation = ENCRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 6BFF6265A6A6B7A535BC65A80B17214E
-
-Cipher = CAMELLIA-256-OFB
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 41635BE625B48AFC1666DD42A09D96E7
-Operation = ENCRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 0A4A0404E26AA78A27CB271E8BF3CF20
-
-
-# OFB-CAMELLIA256.Decrypt
-Cipher = CAMELLIA-256-OFB
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 000102030405060708090A0B0C0D0E0F
-Operation = DECRYPT
-Plaintext = 6BC1BEE22E409F96E93D7E117393172A
-Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93
-
-Cipher = CAMELLIA-256-OFB
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = B7BF3A5DF43989DD97F0FA97EBCE2F4A
-Operation = DECRYPT
-Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
-Ciphertext = 127AD97E8E3994E4820027D7BA109368
-
-Cipher = CAMELLIA-256-OFB
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = E1C656305ED1A7A6563805746FE03EDC
-Operation = DECRYPT
-Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
-Ciphertext = 6BFF6265A6A6B7A535BC65A80B17214E
-
-Cipher = CAMELLIA-256-OFB
-Availablein = default
-Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
-IV = 41635BE625B48AFC1666DD42A09D96E7
-Operation = DECRYPT
-Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
-Ciphertext = 0A4A0404E26AA78A27CB271E8BF3CF20
-
-
-# Camellia test vectors from RFC5528
-Cipher = CAMELLIA-128-CTR
-Availablein = default
-Key = AE6852F8121067CC4BF7A5765577F39E
-IV = 00000030000000000000000000000001
-Operation = ENCRYPT
-Plaintext = 53696E676C6520626C6F636B206D7367
-Ciphertext = D09DC29A8214619A20877C76DB1F0B3F
-
-Cipher = CAMELLIA-128-CTR
-Availablein = default
-Key = 7E24067817FAE0D743D6CE1F32539163
-IV = 006CB6DBC0543B59DA48D90B00000001
-Operation = ENCRYPT
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Ciphertext = DBF3C78DC08396D4DA7C907765BBCB442B8E8E0F31F0DCA72C7417E35360E048
-
-Cipher = CAMELLIA-128-CTR
-Availablein = default
-Key = 7691BE035E5020A8AC6E618529F9A0DC
-IV = 00E0017B27777F3F4A1786F000000001
-Operation = ENCRYPT
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223
-Ciphertext = B19D1FCDCB75EB882F849CE24D85CF739CE64B2B5C9D73F14F2D5D9DCE9889CDDF508696
-
-Cipher = CAMELLIA-192-CTR
-Availablein = default
-Key = 16AF5B145FC9F579C175F93E3BFB0EED863D06CCFDB78515
-IV = 0000004836733C147D6D93CB00000001
-Operation = ENCRYPT
-Plaintext = 53696E676C6520626C6F636B206D7367
-Ciphertext = 2379399E8A8D2B2B16702FC78B9E9696
-
-Cipher = CAMELLIA-192-CTR
-Availablein = default
-Key = 7C5CB2401B3DC33C19E7340819E0F69C678C3DB8E6F6A91A
-IV = 0096B03B020C6EADC2CB500D00000001
-Operation = ENCRYPT
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Ciphertext = 7DEF34F7A5D0E415674B7FFCAE67C75DD018B86FF23051E056392A99F35A4CED
-
-Cipher = CAMELLIA-192-CTR
-Availablein = default
-Key = 02BF391EE8ECB159B959617B0965279BF59B60A786D3E0FE
-IV = 0007BDFD5CBD60278DCC091200000001
-Operation = ENCRYPT
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223
-Ciphertext = 5710E556E1487A20B5AC0E73F19E4E7876F37FDC91B1EF4D4DADE8E666A64D0ED557AB57
-
-Cipher = CAMELLIA-256-CTR
-Availablein = default
-Key = 776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104
-IV = 00000060DB5672C97AA8F0B200000001
-Operation = ENCRYPT
-Plaintext = 53696E676C6520626C6F636B206D7367
-Ciphertext = 3401F9C8247EFFCEBD6994714C1BBB11
-
-Cipher = CAMELLIA-256-CTR
-Availablein = default
-Key = F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884
-IV = 00FAAC24C1585EF15A43D87500000001
-Operation = ENCRYPT
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Ciphertext = D6C30392246F7808A83C2B22A8839E45E51CD48A1CDF406EBC9CC2D3AB834108
-
-Cipher = CAMELLIA-256-CTR
-Availablein = default
-Key = FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D
-IV = 001CC5B751A51D70A1C1114800000001
-Operation = ENCRYPT
-Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223
-Ciphertext = A4DA23FCE6A5FFAA6D64AE9A0652A42CD161A34B65F9679F75C01F101F71276F15EF0D8D
-
-Title = ARIA test vectors from RFC5794 (and others)
-
-Cipher = ARIA-128-ECB
-Availablein = default
-Key = 000102030405060708090a0b0c0d0e0f
-Plaintext = 00112233445566778899aabbccddeeff
-Ciphertext = d718fbd6ab644c739da95f3be6451778
-
-Cipher = ARIA-192-ECB
-Availablein = default
-Key = 000102030405060708090a0b0c0d0e0f1011121314151617
-Plaintext = 00112233445566778899aabbccddeeff
-Ciphertext = 26449c1805dbe7aa25a468ce263a9e79
-
-Cipher = ARIA-256-ECB
-Availablein = default
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Plaintext = 00112233445566778899aabbccddeeff
-Ciphertext = f92bd7c79fb72e2f2b8f80c1972d24fc
-
-# Additional ARIA mode vectors from http://210.104.33.10/ARIA/doc/ARIA-testvector-e.pdf
-Cipher = ARIA-128-ECB
-Availablein = default
-Key = 00112233445566778899aabbccddeeff
-Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
-Ciphertext = c6ecd08e22c30abdb215cf74e2075e6e29ccaac63448708d331b2f816c51b17d9e133d1528dbf0af5787c7f3a3f5c2bf6b6f345907a3055612ce072ff54de7d788424da6e8ccfe8172b391be499354165665ba7864917000a6eeb2ecb4a698edfc7887e7f556377614ab0a282293e6d884dbb84206cdb16ed1754e77a1f243fd086953f752cc1e46c7c794ae85537dcaec8dd721f55c93b6edfe2adea43873e8
-
-Cipher = ARIA-128-CBC
-Availablein = default
-Key = 00112233445566778899aabbccddeeff
-IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
-Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
-Ciphertext = 49d61860b14909109cef0d22a9268134fadf9fb23151e9645fba75018bdb1538b53334634bbf7d4cd4b5377033060c155fe3948ca75de1031e1d85619e0ad61eb419a866b3c2dbfd10a4ed18b22149f75897f0b8668b0c1c542c687778835fb7cd46e45f85eaa7072437dd9fa6793d6f8d4ccefc4eb1ac641ac1bd30b18c6d64c49bca137eb21c2e04da62712ca2b4f540c57112c38791852cfac7a5d19ed83a
-
-Cipher = ARIA-128-CFB
-Availablein = default
-Key = 00112233445566778899aabbccddeeff
-IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
-Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
-Ciphertext = 3720e53ba7d615383406b09f0a05a200c07c21e6370f413a5d132500a68285017c61b434c7b7ca9685a51071861e4d4bb873b599b479e2d573dddeafba89f812ac6a9e44d554078eb3be94839db4b33da3f59c063123a7ef6f20e10579fa4fd239100ca73b52d4fcafeadee73f139f78f9b7614c2b3b9dbe010f87db06a89a9435f79ce8121431371f4e87b984e0230c22a6dacb32fc42dcc6accef33285bf11
-
-Cipher = ARIA-128-CFB8
-Availablein = default
-Key = 00112233445566778899aabbccddeeff
-IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
-Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
-Ciphertext = 373c8f6a965599ec785cc8f8149f6c81b632ccb8e0c6eb6a9707ae52c59257a41f94701c1096933127a90195ed0c8e98690547572423bb45c3d70e4a18ee56b967c10e000ba4df5fba7c404134a343d8375d04b151d161ef83417fe1748447d30a6723c406733df7d18aa39a20752d2381942e244811bb97f72eae446b1815aa690cd1b1adcbd007c0088ecdc91cb2e2caf0e11e72459878137eea64ac62a9a1
-
-Cipher = ARIA-128-OFB
-Availablein = default
-Key = 00112233445566778899aabbccddeeff
-IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
-Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
-Ciphertext = 3720e53ba7d615383406b09f0a05a2000063063f0560083483faeb041c8adecef30cf80cefb002a0d280759168ec01db3d49f61aced260bd43eec0a2731730eec6fa4f2304319cf8ccac2d7be7833e4f8ae6ce967012c1c6badc5d28e7e4144f6bf5cebe01253ee202afce4bc61f28dec069a6f16f6c8a7dd2afae44148f6ff4d0029d5c607b5fa6b8c8a6301cde5c7033565cd0b8f0974ab490b236197ba04a
-
-Cipher = ARIA-128-CTR
-Availablein = default
-Key = 00112233445566778899aabbccddeeff
-IV = 00000000000000000000000000000000
-Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
-Ciphertext = ac5d7de805a0bf1c57c854501af60fa11497e2a34519dea1569e91e5b5ccae2ff3bfa1bf975f4571f48be191613546c3911163c085f871f0e7ae5f2a085b81851c2a3ddf20ecb8fa51901aec8ee4ba32a35dab67bb72cd9140ad188a967ac0fbbdfa94ea6cce47dcf8525ab5a814cfeb2bb60ee2b126e2d9d847c1a9e96f9019e3e6a7fe40d3829afb73db1cc245646addb62d9b907baaafbe46a73dbc131d3d
-
-Cipher = ARIA-192-ECB
-Availablein = default
-Key = 00112233445566778899aabbccddeeff0011223344556677
-Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
-Ciphertext = 8d1470625f59ebacb0e55b534b3e462b5f23d33bff78f46c3c15911f4a21809aaccad80b4bda915aa9dae6bcebe06a6c83f77fd5391acfe61de2f646b5d447edbfd5bb49b12fbb9145b227895a757b2af1f7188734863d7b8b6ede5a5b2f06a0a233c8523d2db778fb31b0e311f32700152f33861e9d040c83b5eb40cd88ea49975709dc629365a189f78a3ec40345fc6a5a307a8f9a4413091e007eca5645a0
-
-Cipher = ARIA-192-CBC
-Availablein = default
-Key = 00112233445566778899aabbccddeeff0011223344556677
-IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
-Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
-Ciphertext = afe6cf23974b533c672a826264ea785f4e4f7f780dc7f3f1e0962b80902386d514e9c3e77259de92dd1102ffab086c1ea52a71260db5920a83295c25320e421147ca45d532f327b856ea947cd2196ae2e040826548b4c891b0ed0ca6e714dbc4631998d548110d666b3d54c2a091955c6f05beb4f62309368696c9791fc4c551564a2637f194346ec45fbca6c72a5b4612e208d531d6c34cc5c64eac6bd0cf8c
-
-Cipher = ARIA-192-CFB
-Availablein = default
-Key = 00112233445566778899aabbccddeeff0011223344556677
-IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
-Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
-Ciphertext = 4171f7192bf4495494d2736129640f5c4d87a9a213664c9448477c6ecc2013598d9766952dd8c3868f17e36ef66fd84bfa45d1593d2d6ee3ea2115047d710d4fb66187caa3a315b3c8ea2d313962edcfe5a3e2028d5ba9a09fd5c65c19d3440e477f0cab0628ec6902c73ee02f1afee9f80115be7b9df82d1e28228e28581a20560e195cbb9e2b327bf56fd2d0ae5502e42c13e9b4015d4da42dc859252e7da4
-
-Cipher = ARIA-192-CFB8
-Availablein = default
-Key = 00112233445566778899aabbccddeeff0011223344556677
-IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
-Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
-Ciphertext = 411d3b4f57f705aa4d13c46e2cf426af7c8c916ed7923d889f0047bbf11471b6d54f8757ef519339105be3cb69babb976a57d5631fc23cc3051fe9d36e8b8e27a2b2c0c4d31928ccbf30ea8239b46ba1b77f6198e7ecd2ce27b35958148e826f06aaf385bd30362ff141583e7c1d8924d44d36a1133094074631e18adafa9d2e55de98f6895c89d4266ebd33f3d4be5153a96fa12132ece2e81e66e55baa7ade
-
-Cipher = ARIA-192-OFB
-Availablein = default
-Key = 00112233445566778899aabbccddeeff0011223344556677
-IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
-Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
-Ciphertext = 4171f7192bf4495494d2736129640f5cc224d26d364b5a06ddde13d0f1e74faa846de354c63cda77469d1a2d425c47ff41734c71b3fa1fcdc11e0b2de22bfeed54898e233df652c75ae136e61de6524e62b3f806fb2e8e616eb410a1b9500537e327ffb04f19f7f82fde2b122100261f81b82723bf936be7beaaf3067d1c036001f1ade71422268d274d7dc6c6ae1970b27a5f2c2f39c1d241fe8cac5ccd74e9
-
-Cipher = ARIA-192-CTR
-Availablein = default
-Key = 00112233445566778899aabbccddeeff0011223344556677
-IV = 00000000000000000000000000000000
-Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
-Ciphertext = 08625ca8fe569c19ba7af3760a6ed1cef4d199263e999dde14082dbba7560b79a4c6b456b8707dce751f9854f18893dfdb3f4e5afa539733e6f1e70b98ba37891f8f81e95df8efc26c7ce043504cb18958b865e4e316cd2aa1c97f31bf23dc046ef326b95a692a191ba0f2a41c5fe9ae070f236ff7078e703b42666caafbdd20bad74ac4c20c0f46c7ca24c151716575c947da16c90cfe1bf217a41cfebe7531
-
-Cipher = ARIA-256-ECB
-Availablein = default
-Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff
-Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
-Ciphertext = 58a875e6044ad7fffa4f58420f7f442d8e191016f28e79aefc01e204773280d7018e5f7a938ec30711719953bae86542cd7ebc752474c1a5f6eaaace2a7e29462ee7dfa5afdb84177ead95ccd4b4bb6e1ed17b9534cff0a5fc2941429cfee2ee49c7adbeb7e9d1b0d2a8531d942079596a27ed79f5b1dd13ecd604b07a48885a3afa0627a0e4e60a3c703af292f1baa77b702f16c54aa74bc727ea95c7468b00
-
-Cipher = ARIA-256-CBC
-Availablein = default
-Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff
-IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
-Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
-Ciphertext = 523a8a806ae621f155fdd28dbc34e1ab7b9b42432ad8b2efb96e23b13f0a6e52f36185d50ad002c5f601bee5493f118b243ee2e313642bffc3902e7b2efd9a12fa682edd2d23c8b9c5f043c18b17c1ec4b5867918270fbec1027c19ed6af833da5d620994668ca22f599791d292dd6273b2959082aafb7a996167cce1eec5f0cfd15f610d87e2dda9ba68ce1260ca54b222491418374294e7909b1e8551cd8de
-
-Cipher = ARIA-256-CFB
-Availablein = default
-Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff
-IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
-Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
-Ciphertext = 26834705b0f2c0e2588d4a7f09009635f28bb93d8c31f870ec1e0bdb082b66fa402dd9c202be300c4517d196b14d4ce11dce97f7aaba54341b0d872cc9b63753a3e8556a14be6f7b3e27e3cfc39caf80f2a355aa50dc83c09c7b11828694f8e4aa726c528976b53f2c877f4991a3a8d28adb63bd751846ffb2350265e179d4990753ae8485ff9b4133ddad5875b84a90cbcfa62a045d726df71b6bda0eeca0be
-
-Cipher = ARIA-256-CFB8
-Availablein = default
-Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff
-IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
-Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
-Ciphertext = 26baa33651e1f66434fec88ef27fd2b9a79e246dd89a3ffa00e8bdb37155433e6c24bd0b87d9a85baa9f485ccb984f5ec24d6a3ef5e3c81396177f039cf580dfdb55d6e1c47a28921dfe369e12fd357b289ad3a5544e1c1bd616d454db9c5f91f603373f29d5b2ed1b4b51de80f28537bbd43d5e3b5dd071dc91153cbbe732dfc325821b06ed8acaae656dcf2da9f13e4f29db671476f1e644ff06d9b67d6bd4
-
-Cipher = ARIA-256-OFB
-Availablein = default
-Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff
-IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
-Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
-Ciphertext = 26834705b0f2c0e2588d4a7f0900963584c256815c4292b59f8d3f966a75b52345b4f5f98c785d3f368a8d5ff89b7f950ceab3cd63773c2621d652b8ef98b4196afb2c2b30496bc5b7d9e7f9084f9d855f63a511751c8909e7a6deadbe0a67a4fb89383ca5d209c6f66f793fc471195c476fb9c1eab2ac91e680e454b4f3ed9a67fb52f09c29b965b23cfa6f3f6bbb2a86c6cdbaa2857bf2486f543231892a52
-
-Cipher = ARIA-256-CTR
-Availablein = default
-Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff
-IV = 00000000000000000000000000000000
-Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
-Ciphertext = 30026c329666141721178b99c0a1f1b2f06940253f7b3089e2a30ea86aa3c88f5940f05ad7ee41d71347bb7261e348f18360473fdf7d4e7723bffb4411cc13f6cdd89f3bc7b9c768145022c7a74f14d7c305cd012a10f16050c23f1ae5c23f45998d13fbaa041e51619577e0772764896a5d4516d8ffceb3bf7e05f613edd9a60cdcedaff9cfcaf4e00d445a54334f73ab2cad944e51d266548e61c6eb0aa1cd
-
-Title = ARIA GCM test vectors from RFC8269
-
-Cipher = ARIA-128-GCM
-Availablein = default
-Key = e91e5e75da65554a48181f3846349562
-IV = 000020e8f5eb00000000315e
-AAD = 8008315ebf2e6fe020e8f5eb
-Tag = 5abace3f37f5a736f4be984bbffbedc1
-Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
-Ciphertext = 4d8a9a0675550c704b17d8c9ddc81a5cd6f7da34f2fe1b3db7cb3dfb9697102ea0f3c1fc2dbc873d44bceeae8e4442974ba21ff6789d3272613fb9631a7cf3f14bacbeb421633a90ffbe58c2fa6bdca534f10d0de0502ce1d531b6336e58878278531e5c22bc6c85bbd784d78d9e680aa19031aaf89101d669d7a3965c1f7e16229d7463e0535f4e253f5d18187d40b8ae0f564bd970b5e7e2adfb211e89a953
-
-Cipher = ARIA-256-GCM
-Availablein = default
-Key = 0c5ffd37a11edc42c325287fc0604f2e3e8cd5671a00fe3216aa5eb105783b54
-IV = 000020e8f5eb00000000315e
-AAD = 8008315ebf2e6fe020e8f5eb
-Tag = e210d6ced2cf430ff841472915e7ef48
-Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
-Ciphertext = 6f9e4bcbc8c85fc0128fb1e4a0a20cb9932ff74581f54fc013dd054b19f99371425b352d97d3f337b90b63d1b082adeeea9d2d7391897d591b985e55fb50cb5350cf7d38dc27dda127c078a149c8eb98083d66363a46e3726af217d3a00275ad5bf772c7610ea4c23006878f0ee69a8397703169a419303f40b72e4573714d19e2697df61e7c7252e5abc6bade876ac4961bfac4d5e867afca351a48aed52822
-
-Title = ARIA GCM self-generated test vectors
-
-Cipher = ARIA-128-GCM
-Availablein = default
-Key = e91e5e75da65554a48181f3846349562
-# Shorter than default IV
-IV = 0001020304
-AAD = 8008315ebf2e6fe020e8f5eb
-Tag = ebaa2645bb154542117ee46031aa176e
-Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
-Ciphertext = 1723ccfc0ed44a12520473cfeb63bc933cd450a943f5f1cba78e19d72f80cc102acc51f2459a06cf6435182b8ddd451f83e13479efe5ec7dfbf16229f4017920fb41457a9b6fe1a401b30b2f332d827ae2f86e962326927c1ed8bfedac1f7a00ddde63bd392a8f28a488ba5974689f8d15b9b1739fb50aae0ff244026ec72064003c621b33ffc8086b0a97eefb70604a2826f6499f6eb12d67a0da03fc8e1482
-
-Cipher = ARIA-128-GCM
-Availablein = default
-Key = e91e5e75da65554a48181f3846349562
-# Longer than default IV
-IV = 000102030405060708090a0b0c0d0e0f
-AAD = 8008315ebf2e6fe020e8f5eb
-Tag = 61f7f44c7da3c60195b29ae0b46051a4
-Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
-Ciphertext = 0d3e98fcaf7a2c4fe9198d66add90d113e5e0ff47598c40a4bf501960d935a4156c9a4d46c9358a608e10a16479a4247c9ab9bb4a02809e3eac3571b832590fe2ca3e2d545741e36282d96c041fc7d39a46ed60214c2c0ec70f27768dfea4f9563b5d5c2ac33b1368a78f2908f5daf942433fec6ab588f09e908e95cc8dfa85d1a0dfd5835dc14e148323230c63eedc99a9ce942214cb3768b97b821d613629f
-
-Cipher = ARIA-128-GCM
-Availablein = default
-Key = e91e5e75da65554a48181f3846349562
-# Extra long IV
-IV = 000102030405060708090a0b0c0d0e0f1011
-AAD = 8008315ebf2e6fe020e8f5eb
-Tag = c8b31ab6c2ddccab06b76af4e56e664e
-Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
-Ciphertext = 616a7bce24206501082cef7267c09a4affa54f8f82eb7fb2cdebdcaab4b6ab05c37e891c2d0fc90d15c5fb684247625c8bc0befad86896ae1c8f5a8506954caba4e13df0a0eb23853d4474e7f3b2c57bb398456a24d198e14566bce8a5f8d3bcdb12994d2fdc0f5cf19aeff990c1fe119e01f9fcc86757b1d43a9accf7b2f913c2208a46c1967f403867f89b46ffe96864c63f042265806ea5270e0dddd0e8dd
-
-
-Title = ARIA CCM test vectors from IETF draft-ietf-avtcore-aria-srtp-02
-
-# 16-byte Tag
-
-Cipher = ARIA-128-CCM
-Availablein = default
-Key = 974bee725d44fc3992267b284c3c6750
-IV = 000020e8f5eb00000000315e
-AAD = 8008315ebf2e6fe020e8f5eb
-Tag = 40f04b6467e300f6b336aedf9df4185b
-Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
-Ciphertext = 621e408a2e455505b39f704dcbac4307daabbd6d670abc4e42f2fd2fca263f094f4683e6fb0b10c5093d42b69dce0ba546520e7c4400975713f3bde93ef131160b9cbcd6df78a1502be7c6ea8d395b9ed0078819c3105c0ab92cb67b16ba51bb1f53508738bf7a37c9a905439b88b7af9d51a407916fdfea8d43bf253721846dc1671391225fc58d9d0693c8ade6a4ffb034ee6543dd4e651b7a084eae60f855
-
-Cipher = ARIA-256-CCM
-Availablein = default
-Key = 0c5ffd37a11edc42c325287fc0604f2e3e8cd5671a00fe3216aa5eb105783b54
-IV = 000020e8f5eb00000000315e
-AAD = 8008315ebf2e6fe020e8f5eb
-Tag = 87b6bd222c55365a9c7d0b215b77ea41 
-Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
-Ciphertext = ff78128ee18ee3cb9fb0d20726a017ff67fbd09d3a4c38aa32f6d306d3fdda378e459b83ed005507449d6cd981a4c1e3ff4193870c276ef09b6317a01a2283206ae4b4be0d0b235422c8abb00122410656b75e1ffc7fb49c0d0c5d6169aa7623610579968037aee8e83fc26264ea866590fd620aa3c0a5f323d953aa7f8defb0d0d60ab5a9de44dbaf8eae74ea3ab5f30594154f405fd630aa4c4d5603efdfa1
-
-# 8-byte Tag
-
-Cipher = ARIA-128-CCM
-Availablein = default
-Key = 974bee725d44fc3992267b284c3c6750
-IV = 000020e8f5eb00000000315e
-AAD = 8008315ebf2e6fe020e8f5eb
-Tag = dd2282c93a67fe4b
-Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
-Ciphertext = 621e408a2e455505b39f704dcbac4307daabbd6d670abc4e42f2fd2fca263f094f4683e6fb0b10c5093d42b69dce0ba546520e7c4400975713f3bde93ef131160b9cbcd6df78a1502be7c6ea8d395b9ed0078819c3105c0ab92cb67b16ba51bb1f53508738bf7a37c9a905439b88b7af9d51a407916fdfea8d43bf253721846dc1671391225fc58d9d0693c8ade6a4ffb034ee6543dd4e651b7a084eae60f855
-
-Cipher = ARIA-256-CCM
-Availablein = default
-Key = 0c5ffd37a11edc42c325287fc0604f2e3e8cd5671a00fe3216aa5eb105783b54
-IV = 000020e8f5eb00000000315e
-AAD = 8008315ebf2e6fe020e8f5eb
-Tag = 828dc0088f99a7ef
-Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
-Ciphertext = ff78128ee18ee3cb9fb0d20726a017ff67fbd09d3a4c38aa32f6d306d3fdda378e459b83ed005507449d6cd981a4c1e3ff4193870c276ef09b6317a01a2283206ae4b4be0d0b235422c8abb00122410656b75e1ffc7fb49c0d0c5d6169aa7623610579968037aee8e83fc26264ea866590fd620aa3c0a5f323d953aa7f8defb0d0d60ab5a9de44dbaf8eae74ea3ab5f30594154f405fd630aa4c4d5603efdfa1
-
-# 12-byte Tag
-
-Cipher = ARIA-128-CCM
-Availablein = default
-Key = 974bee725d44fc3992267b284c3c6750
-IV = 000020e8f5eb00000000315e
-AAD = 8008315ebf2e6fe020e8f5eb
-Tag = 01f3dedd15238da5ebfb1590
-Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
-Ciphertext = 621e408a2e455505b39f704dcbac4307daabbd6d670abc4e42f2fd2fca263f094f4683e6fb0b10c5093d42b69dce0ba546520e7c4400975713f3bde93ef131160b9cbcd6df78a1502be7c6ea8d395b9ed0078819c3105c0ab92cb67b16ba51bb1f53508738bf7a37c9a905439b88b7af9d51a407916fdfea8d43bf253721846dc1671391225fc58d9d0693c8ade6a4ffb034ee6543dd4e651b7a084eae60f855
-
-Cipher = ARIA-256-CCM
-Availablein = default
-Key = 0c5ffd37a11edc42c325287fc0604f2e3e8cd5671a00fe3216aa5eb105783b54
-IV = 000020e8f5eb00000000315e
-AAD = 8008315ebf2e6fe020e8f5eb
-Tag = 3615b7f90a651de15da20fb6
-Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
-Ciphertext = ff78128ee18ee3cb9fb0d20726a017ff67fbd09d3a4c38aa32f6d306d3fdda378e459b83ed005507449d6cd981a4c1e3ff4193870c276ef09b6317a01a2283206ae4b4be0d0b235422c8abb00122410656b75e1ffc7fb49c0d0c5d6169aa7623610579968037aee8e83fc26264ea866590fd620aa3c0a5f323d953aa7f8defb0d0d60ab5a9de44dbaf8eae74ea3ab5f30594154f405fd630aa4c4d5603efdfa1
-
-# Test that the tag can be set after specifying AAD.
-Cipher = ARIA-256-CCM
-Availablein = default
-Key = 0c5ffd37a11edc42c325287fc0604f2e3e8cd5671a00fe3216aa5eb105783b54
-IV = 000020e8f5eb00000000315e
-AAD = 8008315ebf2e6fe020e8f5eb
-Tag = 3615b7f90a651de15da20fb6
-SetTagLate = TRUE
-Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
-Ciphertext = ff78128ee18ee3cb9fb0d20726a017ff67fbd09d3a4c38aa32f6d306d3fdda378e459b83ed005507449d6cd981a4c1e3ff4193870c276ef09b6317a01a2283206ae4b4be0d0b235422c8abb00122410656b75e1ffc7fb49c0d0c5d6169aa7623610579968037aee8e83fc26264ea866590fd620aa3c0a5f323d953aa7f8defb0d0d60ab5a9de44dbaf8eae74ea3ab5f30594154f405fd630aa4c4d5603efdfa1
diff --git a/test/recipes/30-test_evp_data/evpciph_aes_cts1.txt b/test/recipes/30-test_evp_data/evpciph_aes_cts1.txt
new file mode 100644
index 0000000000..73da12b043
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpciph_aes_cts1.txt
@@ -0,0 +1,143 @@
+#
+# Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Original test vectors were taken from https://www.ietf.org/rfc/rfc3962.txt for CS3
+# These have an IV of all zeros, for a 128 bit AES key.
+
+Title = AES CBC Test vectors
+
+#------------------------------------------------------
+# AES_CBC results for aligned block lengths. (Result should be the same as 32 byte CTS1 & CTS2)
+
+# 32 bytes input
+Cipher = AES-128-CBC
+Key = 636869636b656e207465726979616b69
+IV = 00000000000000000000000000000000
+Plaintext = 4920776f756c64206c696b65207468652047656e6572616c2047617527732043
+Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a8
+
+# 48 bytes input
+Cipher = AES-128-CBC
+Key = 636869636b656e207465726979616b69
+IV = 00000000000000000000000000000000
+Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20
+Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a89dad8bbb96c4cdc03bc103e1a194bbd8
+
+# 64 bytes input
+Cipher = AES-128-CBC
+Key = 636869636b656e207465726979616b69
+IV = 00000000000000000000000000000000
+Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f75702e
+Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a89dad8bbb96c4cdc03bc103e1a194bbd84807efe836ee89a526730dbc2f7bc840
+
+Title = AES CBC CTS1 Test vectors
+
+#------------------------------------------------------
+# Manually edited using the same inputs to also produce CS1 ciphertext
+# where aligned blocks are the same as CBC mode, and partial lengths
+# have the last 2 blocks swapped compared to CS3.
+
+# 17 bytes Input((Default is CS1 if CTSMode is not specified)
+Cipher = AES-128-CBC-CTS
+Key = 636869636b656e207465726979616b69
+IV = 00000000000000000000000000000000
+Plaintext = 4920776f756c64206c696b652074686520
+Ciphertext = 97c6353568f2bf8cb4d8a580362da7ff7f
+
+# 31 bytes input
+Cipher = AES-128-CBC-CTS
+CTSMode = CS1
+Key = 636869636b656e207465726979616b69
+IV = 00000000000000000000000000000000
+Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320
+Ciphertext = 97687268d6ecccc0c07b25e25ecfe5fc00783e0efdb2c1d445d4c8eff7ed22
+
+# 32 bytes input
+Cipher = AES-128-CBC-CTS
+CTSMode = CS1
+Key = 636869636b656e207465726979616b69
+IV = 00000000000000000000000000000000
+Plaintext = 4920776f756c64206c696b65207468652047656e6572616c2047617527732043
+Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a8
+
+# 47 bytes input
+Cipher = AES-128-CBC-CTS
+Key = 636869636b656e207465726979616b69
+IV = 00000000000000000000000000000000
+Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c
+Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5b3fffd940c16a18c1b5549d2f838029e
+
+# 64 bytes input (CS1 is equivalent to CBC when the last block in full)
+Cipher = AES-128-CBC-CTS
+CTSMode = CS1
+Key = 636869636b656e207465726979616b69
+IV = 00000000000000000000000000000000
+Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f75702e
+Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a89dad8bbb96c4cdc03bc103e1a194bbd84807efe836ee89a526730dbc2f7bc840
+
+#-------------------------------------------------------------------------------
+# Generated test values using an IV.
+
+# 47 bytes input
+Cipher = AES-128-CBC-CTS
+CTSMode = CS1
+Key = 636869636b656e207465726979616b69
+IV =000102030405060708090A0B0C0D0E0F
+Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c
+Ciphertext = 5432a630742dee7beb70f9f1400ee6a0b557cfb581949a4bdf3bb67dedd472426da5c54a9990f5ae0b7825f51f0060
+
+# 127 bytes
+Cipher = AES-128-CBC-CTS
+CTSMode = CS1
+Key = 636869636b656e207465726979616b69
+IV = 000102030405060708090A0B0C0D0E0F
+Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f75702e4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f7570
+Ciphertext = 5432a630742dee7beb70f9f1400ee6a0b557cfb581949a4bdf3bb67dedd472b9fc50e4e7dacf9e3d94b6cc031f9997a22d2fea7e6ef4aba2b717b0fa3f150e5e86e46b9e51c6ea5091a92aa791ce826b2e4fbaaf0e0314939625434b9530ce56f299891a48d26bdc287f54b230340d652a4721bf0f082ede80b6399800a92f
+
+# 129 bytes
+Cipher = AES-128-CBC-CTS
+CTSMode = CS1
+Key = 636869636b656e207465726979616b69
+IV = 000102030405060708090A0B0C0D0E0F
+Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f75702e4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f75702e49
+Ciphertext = 5432a630742dee7beb70f9f1400ee6a0b557cfb581949a4bdf3bb67dedd472b9fc50e4e7dacf9e3d94b6cc031f9997a22d2fea7e6ef4aba2b717b0fa3f150e5e86e46b9e51c6ea5091a92aa791ce826b2e4fbaaf0e0314939625434b9530ce56f299891a48d26bdc287f54b230340d14fde9fd1098b9b1db788b5868a8d009eeef
+
+# 17 Bytes
+Cipher = AES-192-CBC-CTS
+CTSMode = CS1
+Key = 636869636b656e207465726979616b69636869636b656e20
+IV = 000102030405060708090A0B0C0D0E0F
+Plaintext = 4920776f756c64206c696b652074686520
+Ciphertext = e9de1b402de8f79f947cc6b5880588d9b6
+
+# 31 Bytes
+Cipher = AES-192-CBC-CTS
+CTSMode = CS1
+Key = 636869636b656e207465726979616b69636869636b656e20
+IV = 000102030405060708090A0B0C0D0E0F
+Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320
+Ciphertext = e9de17d6248fb492bdea1fb2e09c8edea2b610546f3b1e1d231821e283e153
+
+# 32 Bytes
+Cipher = AES-192-CBC-CTS
+CTSMode = CS1
+Key = 636869636b656e207465726979616b69636869636b656e20
+IV = 000102030405060708090A0B0C0D0E0F
+Plaintext = 4920776f756c64206c696b65207468652047656e6572616c2047617527732043
+Ciphertext = e9de17d6248fb492bdea1fb2e09c8e8e31d005cc9fea948fed1ba6308dad9dd1
+
+#------------------------------------------------------------------------------
+# Failure test
+
+# 15 bytes should fail for CS1
+Cipher = AES-128-CBC-CTS
+CTSMode = CS1
+Key = 636869636b656e207465726979616b69
+IV = 00000000000000000000000000000000
+Plaintext = 0102030405060708090A0B0C0D0E0F
+Result = CIPHERUPDATE_ERROR
diff --git a/test/recipes/30-test_evp_data/evpciph_aes_cts.txt b/test/recipes/30-test_evp_data/evpciph_aes_cts23.txt
similarity index 55%
rename from test/recipes/30-test_evp_data/evpciph_aes_cts.txt
rename to test/recipes/30-test_evp_data/evpciph_aes_cts23.txt
index 83bac2c5c8..f4865a880a 100644
--- a/test/recipes/30-test_evp_data/evpciph_aes_cts.txt
+++ b/test/recipes/30-test_evp_data/evpciph_aes_cts23.txt
@@ -9,83 +9,7 @@
 # Original test vectors were taken from https://www.ietf.org/rfc/rfc3962.txt for CS3
 # These have an IV of all zeros, for a 128 bit AES key.
 
-# 17 bytes Input
-Cipher = AES-128-CBC-CTS
-Availablein = default
-CTSMode = CS3
-Key = 636869636b656e207465726979616b69
-IV = 00000000000000000000000000000000
-Plaintext = 4920776f756c64206c696b652074686520
-Ciphertext = c6353568f2bf8cb4d8a580362da7ff7f97
-
-# 31 bytes input
-Cipher = AES-128-CBC-CTS
-Availablein = default
-CTSMode = CS3
-Key = 636869636b656e207465726979616b69
-IV = 00000000000000000000000000000000
-Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320
-Ciphertext = fc00783e0efdb2c1d445d4c8eff7ed2297687268d6ecccc0c07b25e25ecfe5
-
-# 32 bytes input (CS3 always swaps the last 2 byte blocks - so it is not equivalent to CBC for a full block)
-Cipher = AES-128-CBC-CTS
-Availablein = default
-CTSMode = CS3
-Key = 636869636b656e207465726979616b69
-IV = 00000000000000000000000000000000
-Plaintext = 4920776f756c64206c696b65207468652047656e6572616c2047617527732043
-Ciphertext = 39312523a78662d5be7fcbcc98ebf5a897687268d6ecccc0c07b25e25ecfe584
-
-# 47 bytes input
-Cipher = AES-128-CBC-CTS
-Availablein = default
-CTSMode = CS3
-Key = 636869636b656e207465726979616b69
-IV = 00000000000000000000000000000000
-Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c
-Ciphertext = 97687268d6ecccc0c07b25e25ecfe584b3fffd940c16a18c1b5549d2f838029e39312523a78662d5be7fcbcc98ebf5
-
-# 48 bytes input
-Cipher = AES-128-CBC-CTS
-Availablein = default
-CTSMode = CS3
-Key = 636869636b656e207465726979616b69
-IV = 00000000000000000000000000000000
-Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20
-Ciphertext = 97687268d6ecccc0c07b25e25ecfe5849dad8bbb96c4cdc03bc103e1a194bbd839312523a78662d5be7fcbcc98ebf5a8
-
-# 64 bytes input (CS3 always swaps the last 2 byte blocks - so it is not equivalent to CBC for a full block)
-Cipher = AES-128-CBC-CTS
-Availablein = default
-CTSMode = CS3
-Key = 636869636b656e207465726979616b69
-IV = 00000000000000000000000000000000
-Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f75702e
-Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a84807efe836ee89a526730dbc2f7bc8409dad8bbb96c4cdc03bc103e1a194bbd8
-
-#------------------------------------------------------
-# AES_CBC results for aligned block lengths. (Result should be the same as 32 byte CTS1 & CTS2)
-
-# 32 bytes input
-Cipher = AES-128-CBC
-Key = 636869636b656e207465726979616b69
-IV = 00000000000000000000000000000000
-Plaintext = 4920776f756c64206c696b65207468652047656e6572616c2047617527732043
-Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a8
-
-# 48 bytes input
-Cipher = AES-128-CBC
-Key = 636869636b656e207465726979616b69
-IV = 00000000000000000000000000000000
-Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20
-Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a89dad8bbb96c4cdc03bc103e1a194bbd8
-
-# 64 bytes input
-Cipher = AES-128-CBC
-Key = 636869636b656e207465726979616b69
-IV = 00000000000000000000000000000000
-Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f75702e
-Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a89dad8bbb96c4cdc03bc103e1a194bbd84807efe836ee89a526730dbc2f7bc840
+Title = AES CBC CTS2 Test vectors
 
 #------------------------------------------------------
 # Manually edited using the same inputs to also produce CS2 ciphertext
@@ -94,7 +18,6 @@ Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a89da
 
 # 17 bytes Input (For partial blocks the output should match CS3)
 Cipher = AES-128-CBC-CTS
-Availablein = default
 CTSMode = CS2
 Key = 636869636b656e207465726979616b69
 IV = 00000000000000000000000000000000
@@ -103,7 +26,6 @@ Ciphertext = c6353568f2bf8cb4d8a580362da7ff7f97
 
 # 31 bytes input (For partial blocks the output should match CS3)
 Cipher = AES-128-CBC-CTS
-Availablein = default
 CTSMode = CS2
 Key = 636869636b656e207465726979616b69
 IV = 00000000000000000000000000000000
@@ -112,7 +34,6 @@ Ciphertext = fc00783e0efdb2c1d445d4c8eff7ed2297687268d6ecccc0c07b25e25ecfe5
 
 # 32 bytes input (Aligned blocks should match normal CBC mode)
 Cipher = AES-128-CBC-CTS
-Availablein = default
 CTSMode = CS2
 Key = 636869636b656e207465726979616b69
 IV = 00000000000000000000000000000000
@@ -121,7 +42,6 @@ Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a8
 
 # 47 bytes input
 Cipher = AES-128-CBC-CTS
-Availablein = default
 CTSMode = CS2
 Key = 636869636b656e207465726979616b69
 IV = 00000000000000000000000000000000
@@ -130,96 +50,110 @@ Ciphertext = 97687268d6ecccc0c07b25e25ecfe584b3fffd940c16a18c1b5549d2f838029e393
 
 # 64 bytes input (CS2 is equivalent to CBC when the last block in full)
 Cipher = AES-128-CBC-CTS
-Availablein = default
 CTSMode = CS2
 Key = 636869636b656e207465726979616b69
 IV = 00000000000000000000000000000000
 Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f75702e
 Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a89dad8bbb96c4cdc03bc103e1a194bbd84807efe836ee89a526730dbc2f7bc840
 
-#------------------------------------------------------
-# Manually edited using the same inputs to also produce CS1 ciphertext
-# where aligned blocks are the same as CBC mode, and partial lengths
-# have the last 2 blocks swapped compared to CS3.
+# Generated test values using an IV.
+
+# 17 Bytes
+Cipher = AES-192-CBC-CTS
+CTSMode = CS2
+Key = 636869636b656e207465726979616b69636869636b656e20
+IV = 000102030405060708090A0B0C0D0E0F
+Plaintext = 4920776f756c64206c696b652074686520
+Ciphertext = de1b402de8f79f947cc6b5880588d9b6e9
 
-# 17 bytes Input((Default is CS1 if CTSMode is not specified)
+# 31 Bytes
+Cipher = AES-192-CBC-CTS
+CTSMode = CS2
+Key = 636869636b656e207465726979616b69636869636b656e20
+IV = 000102030405060708090A0B0C0D0E0F
+Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320
+Ciphertext = dea2b610546f3b1e1d231821e283e153e9de17d6248fb492bdea1fb2e09c8e
+
+# 32 Bytes
+Cipher = AES-192-CBC-CTS
+CTSMode = CS2
+Key = 636869636b656e207465726979616b69636869636b656e20
+IV = 000102030405060708090A0B0C0D0E0F
+Plaintext = 4920776f756c64206c696b65207468652047656e6572616c2047617527732043
+Ciphertext = e9de17d6248fb492bdea1fb2e09c8e8e31d005cc9fea948fed1ba6308dad9dd1
+
+# Failure test - 15 bytes should fail for CS2
 Cipher = AES-128-CBC-CTS
+CTSMode = CS2
+Key = 636869636b656e207465726979616b69
+IV = 00000000000000000000000000000000
+Plaintext = 0102030405060708090A0B0C0D0E0F
+Result = CIPHERUPDATE_ERROR
+
+
+
+Title = AES CBC CTS3 Test vectors
+
+# 17 bytes Input
+Cipher = AES-128-CBC-CTS
+CTSMode = CS3
 Key = 636869636b656e207465726979616b69
 IV = 00000000000000000000000000000000
 Plaintext = 4920776f756c64206c696b652074686520
-Ciphertext = 97c6353568f2bf8cb4d8a580362da7ff7f
+Ciphertext = c6353568f2bf8cb4d8a580362da7ff7f97
 
 # 31 bytes input
 Cipher = AES-128-CBC-CTS
-CTSMode = CS1
+CTSMode = CS3
 Key = 636869636b656e207465726979616b69
 IV = 00000000000000000000000000000000
 Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320
-Ciphertext = 97687268d6ecccc0c07b25e25ecfe5fc00783e0efdb2c1d445d4c8eff7ed22
+Ciphertext = fc00783e0efdb2c1d445d4c8eff7ed2297687268d6ecccc0c07b25e25ecfe5
 
-# 32 bytes input
+# 32 bytes input (CS3 always swaps the last 2 byte blocks - so it is not equivalent to CBC for a full block)
 Cipher = AES-128-CBC-CTS
-CTSMode = CS1
+CTSMode = CS3
 Key = 636869636b656e207465726979616b69
 IV = 00000000000000000000000000000000
 Plaintext = 4920776f756c64206c696b65207468652047656e6572616c2047617527732043
-Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a8
+Ciphertext = 39312523a78662d5be7fcbcc98ebf5a897687268d6ecccc0c07b25e25ecfe584
 
 # 47 bytes input
 Cipher = AES-128-CBC-CTS
+CTSMode = CS3
 Key = 636869636b656e207465726979616b69
 IV = 00000000000000000000000000000000
 Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c
-Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5b3fffd940c16a18c1b5549d2f838029e
+Ciphertext = 97687268d6ecccc0c07b25e25ecfe584b3fffd940c16a18c1b5549d2f838029e39312523a78662d5be7fcbcc98ebf5
 
-# 64 bytes input (CS1 is equivalent to CBC when the last block in full)
+# 48 bytes input
+Cipher = AES-128-CBC-CTS
+CTSMode = CS3
+Key = 636869636b656e207465726979616b69
+IV = 00000000000000000000000000000000
+Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20
+Ciphertext = 97687268d6ecccc0c07b25e25ecfe5849dad8bbb96c4cdc03bc103e1a194bbd839312523a78662d5be7fcbcc98ebf5a8
+
+# 64 bytes input (CS3 always swaps the last 2 byte blocks - so it is not equivalent to CBC for a full block)
 Cipher = AES-128-CBC-CTS
-CTSMode = CS1
+CTSMode = CS3
 Key = 636869636b656e207465726979616b69
 IV = 00000000000000000000000000000000
 Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f75702e
-Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a89dad8bbb96c4cdc03bc103e1a194bbd84807efe836ee89a526730dbc2f7bc840
+Ciphertext = 97687268d6ecccc0c07b25e25ecfe58439312523a78662d5be7fcbcc98ebf5a84807efe836ee89a526730dbc2f7bc8409dad8bbb96c4cdc03bc103e1a194bbd8
 
-#-------------------------------------------------------------------------------
-# Generated test values using an IV.
 
+# Generated test values using an IV.
 # 47 bytes input
 Cipher = AES-128-CBC-CTS
-Availablein = default
 CTSMode = CS3
 Key = 636869636b656e207465726979616b69
 IV = 000102030405060708090A0B0C0D0E0F
 Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c
 Ciphertext = 5432a630742dee7beb70f9f1400ee6a0426da5c54a9990f5ae0b7825f51f0060b557cfb581949a4bdf3bb67dedd472
 
-# 47 bytes input
-Cipher = AES-128-CBC-CTS
-CTSMode = CS1
-Key = 636869636b656e207465726979616b69
-IV =000102030405060708090A0B0C0D0E0F
-Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c
-Ciphertext = 5432a630742dee7beb70f9f1400ee6a0b557cfb581949a4bdf3bb67dedd472426da5c54a9990f5ae0b7825f51f0060
-
-# 127 bytes
-Cipher = AES-128-CBC-CTS
-CTSMode = CS1
-Key = 636869636b656e207465726979616b69
-IV = 000102030405060708090A0B0C0D0E0F
-Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f75702e4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f7570
-Ciphertext = 5432a630742dee7beb70f9f1400ee6a0b557cfb581949a4bdf3bb67dedd472b9fc50e4e7dacf9e3d94b6cc031f9997a22d2fea7e6ef4aba2b717b0fa3f150e5e86e46b9e51c6ea5091a92aa791ce826b2e4fbaaf0e0314939625434b9530ce56f299891a48d26bdc287f54b230340d652a4721bf0f082ede80b6399800a92f
-
-# 129 bytes
-Cipher = AES-128-CBC-CTS
-CTSMode = CS1
-Key = 636869636b656e207465726979616b69
-IV = 000102030405060708090A0B0C0D0E0F
-Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f75702e4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c20616e6420776f6e746f6e20736f75702e49
-Ciphertext = 5432a630742dee7beb70f9f1400ee6a0b557cfb581949a4bdf3bb67dedd472b9fc50e4e7dacf9e3d94b6cc031f9997a22d2fea7e6ef4aba2b717b0fa3f150e5e86e46b9e51c6ea5091a92aa791ce826b2e4fbaaf0e0314939625434b9530ce56f299891a48d26bdc287f54b230340d14fde9fd1098b9b1db788b5868a8d009eeef
-
-#-------------------------------------------------------------------------------
 # 17 Bytes
 Cipher = AES-192-CBC-CTS
-Availablein = default
 CTSMode = CS3
 Key = 636869636b656e207465726979616b69636869636b656e20
 IV =000102030405060708090A0B0C0D0E0F
@@ -228,7 +162,6 @@ Ciphertext = de1b402de8f79f947cc6b5880588d9b6e9
 
 # 31 Bytes
 Cipher = AES-192-CBC-CTS
-Availablein = default
 CTSMode = CS3
 Key = 636869636b656e207465726979616b69636869636b656e20
 IV = 000102030405060708090A0B0C0D0E0F
@@ -237,68 +170,14 @@ Ciphertext = dea2b610546f3b1e1d231821e283e153e9de17d6248fb492bdea1fb2e09c8e
 
 # 32 Bytes
 Cipher = AES-192-CBC-CTS
-Availablein = default
 CTSMode = CS3
 Key = 636869636b656e207465726979616b69636869636b656e20
 IV = 000102030405060708090A0B0C0D0E0F
 Plaintext = 4920776f756c64206c696b65207468652047656e6572616c2047617527732043
 Ciphertext = 31d005cc9fea948fed1ba6308dad9dd1e9de17d6248fb492bdea1fb2e09c8e8e
 
-# 17 Bytes
-Cipher = AES-192-CBC-CTS
-Availablein = default
-CTSMode = CS2
-Key = 636869636b656e207465726979616b69636869636b656e20
-IV = 000102030405060708090A0B0C0D0E0F
-Plaintext = 4920776f756c64206c696b652074686520
-Ciphertext = de1b402de8f79f947cc6b5880588d9b6e9
-
-# 31 Bytes
-Cipher = AES-192-CBC-CTS
-Availablein = default
-CTSMode = CS2
-Key = 636869636b656e207465726979616b69636869636b656e20
-IV = 000102030405060708090A0B0C0D0E0F
-Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320
-Ciphertext = dea2b610546f3b1e1d231821e283e153e9de17d6248fb492bdea1fb2e09c8e
-
-# 32 Bytes
-Cipher = AES-192-CBC-CTS
-Availablein = default
-CTSMode = CS2
-Key = 636869636b656e207465726979616b69636869636b656e20
-IV = 000102030405060708090A0B0C0D0E0F
-Plaintext = 4920776f756c64206c696b65207468652047656e6572616c2047617527732043
-Ciphertext = e9de17d6248fb492bdea1fb2e09c8e8e31d005cc9fea948fed1ba6308dad9dd1
-
-# 17 Bytes
-Cipher = AES-192-CBC-CTS
-CTSMode = CS1
-Key = 636869636b656e207465726979616b69636869636b656e20
-IV = 000102030405060708090A0B0C0D0E0F
-Plaintext = 4920776f756c64206c696b652074686520
-Ciphertext = e9de1b402de8f79f947cc6b5880588d9b6
-
-# 31 Bytes
-Cipher = AES-192-CBC-CTS
-CTSMode = CS1
-Key = 636869636b656e207465726979616b69636869636b656e20
-IV = 000102030405060708090A0B0C0D0E0F
-Plaintext = 4920776f756c64206c696b65207468652047656e6572616c20476175277320
-Ciphertext = e9de17d6248fb492bdea1fb2e09c8edea2b610546f3b1e1d231821e283e153
-
-# 32 Bytes
-Cipher = AES-192-CBC-CTS
-CTSMode = CS1
-Key = 636869636b656e207465726979616b69636869636b656e20
-IV = 000102030405060708090A0B0C0D0E0F
-Plaintext = 4920776f756c64206c696b65207468652047656e6572616c2047617527732043
-Ciphertext = e9de17d6248fb492bdea1fb2e09c8e8e31d005cc9fea948fed1ba6308dad9dd1
-
-#-------------------------------------------------------------------------------
 # 17 Bytes
 Cipher = AES-256-CBC-CTS
-Availablein = default
 CTSMode = CS3
 Key = 636869636b656e207465726979616b69636869636b656e207465726979616b69
 IV = 000102030405060708090A0B0C0D0E0F
@@ -307,7 +186,6 @@ Ciphertext = 6b5f5abc21c4d04156c73850da3bba29e9
 
 # 31 Bytes
 Cipher = AES-256-CBC-CTS
-Availablein = default
 CTSMode = CS3
 Key = 636869636b656e207465726979616b69636869636b656e207465726979616b69
 IV = 000102030405060708090A0B0C0D0E0F
@@ -316,36 +194,15 @@ Ciphertext = f22553af78ee4f468f02fbe6f0f2168ee954e79fae9310dc75b6070e1d6253
 
 # 32 Bytes
 Cipher = AES-256-CBC-CTS
-Availablein = default
 CTSMode = CS3
 Key = 636869636b656e207465726979616b69636869636b656e207465726979616b69
 IV = 000102030405060708090A0B0C0D0E0F
 Plaintext = 4920776f756c64206c696b65207468652047656e6572616c2047617527732043
 Ciphertext = 2c0463982174df10baa9d8f782c5a5b3e954e79fae9310dc75b6070e1d625346
 
-#------------------------------------------------------------------------------
 # Failure tests
-
-# 15 bytes should fail for CS1
-Cipher = AES-128-CBC-CTS
-CTSMode = CS1
-Key = 636869636b656e207465726979616b69
-IV = 00000000000000000000000000000000
-Plaintext = 0102030405060708090A0B0C0D0E0F
-Result = CIPHERUPDATE_ERROR
-
-# 15 bytes should fail for CS2
-Cipher = AES-128-CBC-CTS
-Availablein = default
-CTSMode = CS2
-Key = 636869636b656e207465726979616b69
-IV = 00000000000000000000000000000000
-Plaintext = 0102030405060708090A0B0C0D0E0F
-Result = CIPHERUPDATE_ERROR
-
 # 15 bytes should fail for CS3
 Cipher = AES-128-CBC-CTS
-Availablein = default
 CTSMode = CS3
 Key = 636869636b656e207465726979616b69
 IV = 00000000000000000000000000000000
@@ -354,7 +211,6 @@ Result = CIPHERUPDATE_ERROR
 
 # 16 bytes should fail for CS3 (since it always needs 2 blocks).
 Cipher = AES-128-CBC-CTS
-Availablein = default
 CTSMode = CS3
 Key = 636869636b656e207465726979616b69
 IV = 00000000000000000000000000000000
diff --git a/test/recipes/30-test_evp_data/evpciph_aes_ocb.txt b/test/recipes/30-test_evp_data/evpciph_aes_ocb.txt
new file mode 100644
index 0000000000..e58ee34b6b
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpciph_aes_ocb.txt
@@ -0,0 +1,209 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title = AES OCB Test vectors
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD =
+Tag = 197B9C3C441D3C83EAFB2BEF633B9182
+Plaintext =
+Ciphertext =
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 0001020304050607
+Tag = 16DC76A46D47E1EAD537209E8A96D14E
+Plaintext = 0001020304050607
+Ciphertext = 92B657130A74B85A
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 0001020304050607
+Tag = 98B91552C8C009185044E30A6EB2FE21
+Plaintext =
+Ciphertext =
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD =
+Tag = 971EFFCAE19AD4716F88E87B871FBEED
+Plaintext = 0001020304050607
+Ciphertext = 92B657130A74B85A
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F
+Tag = 776C9924D6723A1FC4524532AC3E5BEB
+Plaintext = 000102030405060708090A0B0C0D0E0F
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F
+Tag = 7DDB8E6CEA6814866212509619B19CC6
+Plaintext =
+Ciphertext =
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD =
+Tag = 13CC8B747807121A4CBB3E4BD6B456AF
+Plaintext = 000102030405060708090A0B0C0D0E0F
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F1011121314151617
+Tag = 5FA94FC3F38820F1DC3F3D1FD4E55E1C
+Plaintext = 000102030405060708090A0B0C0D0E0F1011121314151617
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122FCFCEE7A2A8D4D48
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F1011121314151617
+Tag = 282026DA3068BC9FA118681D559F10F6
+Plaintext =
+Ciphertext =
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD =
+Tag = 6EF2F52587FDA0ED97DC7EEDE241DF68
+Plaintext = 000102030405060708090A0B0C0D0E0F1011121314151617
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122FCFCEE7A2A8D4D48
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Tag = B2A040DD3BD5164372D76D7BB6824240
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Tag = E1E072633BADE51A60E85951D9C42A1B
+Plaintext =
+Ciphertext =
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD =
+Tag = 4A3BAE824465CFDAF8C41FC50C7DF9D9
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Tag = 659C623211DEEA0DE30D2C381879F4C8
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB68C65778B058A635
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Tag = 7AEB7A69A1687DD082CA27B0D9A37096
+Plaintext =
+Ciphertext =
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD =
+Tag = 060C8467F4ABAB5E8B3C2067A2E115DC
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB68C65778B058A635
+
+#AES OCB Non standard test vectors - generated from reference implementation
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Tag = 1b6c44f34e3abb3cbf8976e7
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Ciphertext = 09a4fd29de949d9a9aa9924248422097ad4883b4713e6c214ff6567ada08a96766fc4e2ee3e3a5a1
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B0C0D0E
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Tag = 1ad62009901f40cba7cd7156f94a7324
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Ciphertext = 5e2fa7367ffbdb3938845cfd415fcc71ec79634eb31451609d27505f5e2978f43c44213d8fa441ee
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Tag = C203F98CE28F7DAD3F31C021
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F3031
+Ciphertext = 09A4FD29DE949D9A9AA9924248422097AD4883B4713E6C214FF6567ADA08A967B2176C12F110DD441B7CAA3A509B13C822D6
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Tag = 8346D7D47C5D893ED472F5AB
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F4041
+Ciphertext = 09A4FD29DE949D9A9AA9924248422097AD4883B4713E6C214FF6567ADA08A967B2176C12F110DD441B7CAA3A509B13C86A023AFCEE998BEE42028D44507B15F714FF
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Tag = 5822A9A70FDF55D29D2984A6
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F5051
+Ciphertext = 09A4FD29DE949D9A9AA9924248422097AD4883B4713E6C214FF6567ADA08A967B2176C12F110DD441B7CAA3A509B13C86A023AFCEE998BEE42028D44507B15F77C528A1DE6406B519BCEE8FCB8294170634D
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Tag = 81772B6741ABB4ECA9D2DEB2
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F6061
+Ciphertext = 09A4FD29DE949D9A9AA9924248422097AD4883B4713E6C214FF6567ADA08A967B2176C12F110DD441B7CAA3A509B13C86A023AFCEE998BEE42028D44507B15F77C528A1DE6406B519BCEE8FCB829417001E54E15A7576C4DF32366E0F439C7050FAA
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Tag = 3E52A01D068DE85456DB03B7
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F7071
+Ciphertext = 09A4FD29DE949D9A9AA9924248422097AD4883B4713E6C214FF6567ADA08A967B2176C12F110DD441B7CAA3A509B13C86A023AFCEE998BEE42028D44507B15F77C528A1DE6406B519BCEE8FCB829417001E54E15A7576C4DF32366E0F439C7051CB4824B8114E9A720CBC1CE0185B156B486
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Tag = 3E52A01D068DE85456DB03B6
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F7071
+Ciphertext = 09A4FD29DE949D9A9AA9924248422097AD4883B4713E6C214FF6567ADA08A967B2176C12F110DD441B7CAA3A509B13C86A023AFCEE998BEE42028D44507B15F77C528A1DE6406B519BCEE8FCB829417001E54E15A7576C4DF32366E0F439C7051CB4824B8114E9A720CBC1CE0185B156B486
+Operation = DECRYPT
+Result = CIPHERFINAL_ERROR
diff --git a/test/recipes/30-test_evp_data/evpaessiv.txt b/test/recipes/30-test_evp_data/evpciph_aes_siv.txt
similarity index 94%
rename from test/recipes/30-test_evp_data/evpaessiv.txt
rename to test/recipes/30-test_evp_data/evpciph_aes_siv.txt
index e891b2149a..a78a49158d 100644
--- a/test/recipes/30-test_evp_data/evpaessiv.txt
+++ b/test/recipes/30-test_evp_data/evpciph_aes_siv.txt
@@ -9,10 +9,10 @@
 # Tests start with one of these keywords
 #       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
 #       PrivPubKeyPair Sign Verify VerifyRecover
-# and continue until a blank line.  Lines starting with a pound sign,
-# like this prolog, are ignored.
+# and continue until a blank line. Lines starting with a pound sign are ignored.
 
 Title = RFC5297 AES-SIV
+
 Cipher = aes-128-siv
 Key = fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
 AAD = 101112131415161718191a1b1c1d1e1f2021222324252627
diff --git a/test/recipes/30-test_evp_data/evpciph_aria.txt b/test/recipes/30-test_evp_data/evpciph_aria.txt
new file mode 100644
index 0000000000..be1698d822
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpciph_aria.txt
@@ -0,0 +1,249 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title = ARIA test vectors from RFC5794 (and others)
+
+Cipher = ARIA-128-ECB
+Key = 000102030405060708090a0b0c0d0e0f
+Plaintext = 00112233445566778899aabbccddeeff
+Ciphertext = d718fbd6ab644c739da95f3be6451778
+
+Cipher = ARIA-192-ECB
+Key = 000102030405060708090a0b0c0d0e0f1011121314151617
+Plaintext = 00112233445566778899aabbccddeeff
+Ciphertext = 26449c1805dbe7aa25a468ce263a9e79
+
+Cipher = ARIA-256-ECB
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Plaintext = 00112233445566778899aabbccddeeff
+Ciphertext = f92bd7c79fb72e2f2b8f80c1972d24fc
+
+# Additional ARIA mode vectors from http://210.104.33.10/ARIA/doc/ARIA-testvector-e.pdf
+Cipher = ARIA-128-ECB
+Key = 00112233445566778899aabbccddeeff
+Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
+Ciphertext = c6ecd08e22c30abdb215cf74e2075e6e29ccaac63448708d331b2f816c51b17d9e133d1528dbf0af5787c7f3a3f5c2bf6b6f345907a3055612ce072ff54de7d788424da6e8ccfe8172b391be499354165665ba7864917000a6eeb2ecb4a698edfc7887e7f556377614ab0a282293e6d884dbb84206cdb16ed1754e77a1f243fd086953f752cc1e46c7c794ae85537dcaec8dd721f55c93b6edfe2adea43873e8
+
+Cipher = ARIA-128-CBC
+Key = 00112233445566778899aabbccddeeff
+IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
+Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
+Ciphertext = 49d61860b14909109cef0d22a9268134fadf9fb23151e9645fba75018bdb1538b53334634bbf7d4cd4b5377033060c155fe3948ca75de1031e1d85619e0ad61eb419a866b3c2dbfd10a4ed18b22149f75897f0b8668b0c1c542c687778835fb7cd46e45f85eaa7072437dd9fa6793d6f8d4ccefc4eb1ac641ac1bd30b18c6d64c49bca137eb21c2e04da62712ca2b4f540c57112c38791852cfac7a5d19ed83a
+
+Cipher = ARIA-128-CFB
+Key = 00112233445566778899aabbccddeeff
+IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
+Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
+Ciphertext = 3720e53ba7d615383406b09f0a05a200c07c21e6370f413a5d132500a68285017c61b434c7b7ca9685a51071861e4d4bb873b599b479e2d573dddeafba89f812ac6a9e44d554078eb3be94839db4b33da3f59c063123a7ef6f20e10579fa4fd239100ca73b52d4fcafeadee73f139f78f9b7614c2b3b9dbe010f87db06a89a9435f79ce8121431371f4e87b984e0230c22a6dacb32fc42dcc6accef33285bf11
+
+Cipher = ARIA-128-CFB8
+Key = 00112233445566778899aabbccddeeff
+IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
+Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
+Ciphertext = 373c8f6a965599ec785cc8f8149f6c81b632ccb8e0c6eb6a9707ae52c59257a41f94701c1096933127a90195ed0c8e98690547572423bb45c3d70e4a18ee56b967c10e000ba4df5fba7c404134a343d8375d04b151d161ef83417fe1748447d30a6723c406733df7d18aa39a20752d2381942e244811bb97f72eae446b1815aa690cd1b1adcbd007c0088ecdc91cb2e2caf0e11e72459878137eea64ac62a9a1
+
+Cipher = ARIA-128-OFB
+Key = 00112233445566778899aabbccddeeff
+IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
+Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
+Ciphertext = 3720e53ba7d615383406b09f0a05a2000063063f0560083483faeb041c8adecef30cf80cefb002a0d280759168ec01db3d49f61aced260bd43eec0a2731730eec6fa4f2304319cf8ccac2d7be7833e4f8ae6ce967012c1c6badc5d28e7e4144f6bf5cebe01253ee202afce4bc61f28dec069a6f16f6c8a7dd2afae44148f6ff4d0029d5c607b5fa6b8c8a6301cde5c7033565cd0b8f0974ab490b236197ba04a
+
+Cipher = ARIA-128-CTR
+Key = 00112233445566778899aabbccddeeff
+IV = 00000000000000000000000000000000
+Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
+Ciphertext = ac5d7de805a0bf1c57c854501af60fa11497e2a34519dea1569e91e5b5ccae2ff3bfa1bf975f4571f48be191613546c3911163c085f871f0e7ae5f2a085b81851c2a3ddf20ecb8fa51901aec8ee4ba32a35dab67bb72cd9140ad188a967ac0fbbdfa94ea6cce47dcf8525ab5a814cfeb2bb60ee2b126e2d9d847c1a9e96f9019e3e6a7fe40d3829afb73db1cc245646addb62d9b907baaafbe46a73dbc131d3d
+
+Cipher = ARIA-192-ECB
+Key = 00112233445566778899aabbccddeeff0011223344556677
+Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
+Ciphertext = 8d1470625f59ebacb0e55b534b3e462b5f23d33bff78f46c3c15911f4a21809aaccad80b4bda915aa9dae6bcebe06a6c83f77fd5391acfe61de2f646b5d447edbfd5bb49b12fbb9145b227895a757b2af1f7188734863d7b8b6ede5a5b2f06a0a233c8523d2db778fb31b0e311f32700152f33861e9d040c83b5eb40cd88ea49975709dc629365a189f78a3ec40345fc6a5a307a8f9a4413091e007eca5645a0
+
+Cipher = ARIA-192-CBC
+Key = 00112233445566778899aabbccddeeff0011223344556677
+IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
+Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
+Ciphertext = afe6cf23974b533c672a826264ea785f4e4f7f780dc7f3f1e0962b80902386d514e9c3e77259de92dd1102ffab086c1ea52a71260db5920a83295c25320e421147ca45d532f327b856ea947cd2196ae2e040826548b4c891b0ed0ca6e714dbc4631998d548110d666b3d54c2a091955c6f05beb4f62309368696c9791fc4c551564a2637f194346ec45fbca6c72a5b4612e208d531d6c34cc5c64eac6bd0cf8c
+
+Cipher = ARIA-192-CFB
+Key = 00112233445566778899aabbccddeeff0011223344556677
+IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
+Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
+Ciphertext = 4171f7192bf4495494d2736129640f5c4d87a9a213664c9448477c6ecc2013598d9766952dd8c3868f17e36ef66fd84bfa45d1593d2d6ee3ea2115047d710d4fb66187caa3a315b3c8ea2d313962edcfe5a3e2028d5ba9a09fd5c65c19d3440e477f0cab0628ec6902c73ee02f1afee9f80115be7b9df82d1e28228e28581a20560e195cbb9e2b327bf56fd2d0ae5502e42c13e9b4015d4da42dc859252e7da4
+
+Cipher = ARIA-192-CFB8
+Key = 00112233445566778899aabbccddeeff0011223344556677
+IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
+Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
+Ciphertext = 411d3b4f57f705aa4d13c46e2cf426af7c8c916ed7923d889f0047bbf11471b6d54f8757ef519339105be3cb69babb976a57d5631fc23cc3051fe9d36e8b8e27a2b2c0c4d31928ccbf30ea8239b46ba1b77f6198e7ecd2ce27b35958148e826f06aaf385bd30362ff141583e7c1d8924d44d36a1133094074631e18adafa9d2e55de98f6895c89d4266ebd33f3d4be5153a96fa12132ece2e81e66e55baa7ade
+
+Cipher = ARIA-192-OFB
+Key = 00112233445566778899aabbccddeeff0011223344556677
+IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
+Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
+Ciphertext = 4171f7192bf4495494d2736129640f5cc224d26d364b5a06ddde13d0f1e74faa846de354c63cda77469d1a2d425c47ff41734c71b3fa1fcdc11e0b2de22bfeed54898e233df652c75ae136e61de6524e62b3f806fb2e8e616eb410a1b9500537e327ffb04f19f7f82fde2b122100261f81b82723bf936be7beaaf3067d1c036001f1ade71422268d274d7dc6c6ae1970b27a5f2c2f39c1d241fe8cac5ccd74e9
+
+Cipher = ARIA-192-CTR
+Key = 00112233445566778899aabbccddeeff0011223344556677
+IV = 00000000000000000000000000000000
+Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
+Ciphertext = 08625ca8fe569c19ba7af3760a6ed1cef4d199263e999dde14082dbba7560b79a4c6b456b8707dce751f9854f18893dfdb3f4e5afa539733e6f1e70b98ba37891f8f81e95df8efc26c7ce043504cb18958b865e4e316cd2aa1c97f31bf23dc046ef326b95a692a191ba0f2a41c5fe9ae070f236ff7078e703b42666caafbdd20bad74ac4c20c0f46c7ca24c151716575c947da16c90cfe1bf217a41cfebe7531
+
+Cipher = ARIA-256-ECB
+Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff
+Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
+Ciphertext = 58a875e6044ad7fffa4f58420f7f442d8e191016f28e79aefc01e204773280d7018e5f7a938ec30711719953bae86542cd7ebc752474c1a5f6eaaace2a7e29462ee7dfa5afdb84177ead95ccd4b4bb6e1ed17b9534cff0a5fc2941429cfee2ee49c7adbeb7e9d1b0d2a8531d942079596a27ed79f5b1dd13ecd604b07a48885a3afa0627a0e4e60a3c703af292f1baa77b702f16c54aa74bc727ea95c7468b00
+
+Cipher = ARIA-256-CBC
+Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff
+IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
+Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
+Ciphertext = 523a8a806ae621f155fdd28dbc34e1ab7b9b42432ad8b2efb96e23b13f0a6e52f36185d50ad002c5f601bee5493f118b243ee2e313642bffc3902e7b2efd9a12fa682edd2d23c8b9c5f043c18b17c1ec4b5867918270fbec1027c19ed6af833da5d620994668ca22f599791d292dd6273b2959082aafb7a996167cce1eec5f0cfd15f610d87e2dda9ba68ce1260ca54b222491418374294e7909b1e8551cd8de
+
+Cipher = ARIA-256-CFB
+Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff
+IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
+Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
+Ciphertext = 26834705b0f2c0e2588d4a7f09009635f28bb93d8c31f870ec1e0bdb082b66fa402dd9c202be300c4517d196b14d4ce11dce97f7aaba54341b0d872cc9b63753a3e8556a14be6f7b3e27e3cfc39caf80f2a355aa50dc83c09c7b11828694f8e4aa726c528976b53f2c877f4991a3a8d28adb63bd751846ffb2350265e179d4990753ae8485ff9b4133ddad5875b84a90cbcfa62a045d726df71b6bda0eeca0be
+
+Cipher = ARIA-256-CFB8
+Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff
+IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
+Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
+Ciphertext = 26baa33651e1f66434fec88ef27fd2b9a79e246dd89a3ffa00e8bdb37155433e6c24bd0b87d9a85baa9f485ccb984f5ec24d6a3ef5e3c81396177f039cf580dfdb55d6e1c47a28921dfe369e12fd357b289ad3a5544e1c1bd616d454db9c5f91f603373f29d5b2ed1b4b51de80f28537bbd43d5e3b5dd071dc91153cbbe732dfc325821b06ed8acaae656dcf2da9f13e4f29db671476f1e644ff06d9b67d6bd4
+
+Cipher = ARIA-256-OFB
+Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff
+IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0
+Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
+Ciphertext = 26834705b0f2c0e2588d4a7f0900963584c256815c4292b59f8d3f966a75b52345b4f5f98c785d3f368a8d5ff89b7f950ceab3cd63773c2621d652b8ef98b4196afb2c2b30496bc5b7d9e7f9084f9d855f63a511751c8909e7a6deadbe0a67a4fb89383ca5d209c6f66f793fc471195c476fb9c1eab2ac91e680e454b4f3ed9a67fb52f09c29b965b23cfa6f3f6bbb2a86c6cdbaa2857bf2486f543231892a52
+
+Cipher = ARIA-256-CTR
+Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff
+IV = 00000000000000000000000000000000
+Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd
+Ciphertext = 30026c329666141721178b99c0a1f1b2f06940253f7b3089e2a30ea86aa3c88f5940f05ad7ee41d71347bb7261e348f18360473fdf7d4e7723bffb4411cc13f6cdd89f3bc7b9c768145022c7a74f14d7c305cd012a10f16050c23f1ae5c23f45998d13fbaa041e51619577e0772764896a5d4516d8ffceb3bf7e05f613edd9a60cdcedaff9cfcaf4e00d445a54334f73ab2cad944e51d266548e61c6eb0aa1cd
+
+Title = ARIA GCM test vectors from RFC8269
+
+Cipher = ARIA-128-GCM
+Key = e91e5e75da65554a48181f3846349562
+IV = 000020e8f5eb00000000315e
+AAD = 8008315ebf2e6fe020e8f5eb
+Tag = 5abace3f37f5a736f4be984bbffbedc1
+Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
+Ciphertext = 4d8a9a0675550c704b17d8c9ddc81a5cd6f7da34f2fe1b3db7cb3dfb9697102ea0f3c1fc2dbc873d44bceeae8e4442974ba21ff6789d3272613fb9631a7cf3f14bacbeb421633a90ffbe58c2fa6bdca534f10d0de0502ce1d531b6336e58878278531e5c22bc6c85bbd784d78d9e680aa19031aaf89101d669d7a3965c1f7e16229d7463e0535f4e253f5d18187d40b8ae0f564bd970b5e7e2adfb211e89a953
+
+Cipher = ARIA-256-GCM
+Key = 0c5ffd37a11edc42c325287fc0604f2e3e8cd5671a00fe3216aa5eb105783b54
+IV = 000020e8f5eb00000000315e
+AAD = 8008315ebf2e6fe020e8f5eb
+Tag = e210d6ced2cf430ff841472915e7ef48
+Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
+Ciphertext = 6f9e4bcbc8c85fc0128fb1e4a0a20cb9932ff74581f54fc013dd054b19f99371425b352d97d3f337b90b63d1b082adeeea9d2d7391897d591b985e55fb50cb5350cf7d38dc27dda127c078a149c8eb98083d66363a46e3726af217d3a00275ad5bf772c7610ea4c23006878f0ee69a8397703169a419303f40b72e4573714d19e2697df61e7c7252e5abc6bade876ac4961bfac4d5e867afca351a48aed52822
+
+Title = ARIA GCM self-generated test vectors
+
+Cipher = ARIA-128-GCM
+Key = e91e5e75da65554a48181f3846349562
+# Shorter than default IV
+IV = 0001020304
+AAD = 8008315ebf2e6fe020e8f5eb
+Tag = ebaa2645bb154542117ee46031aa176e
+Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
+Ciphertext = 1723ccfc0ed44a12520473cfeb63bc933cd450a943f5f1cba78e19d72f80cc102acc51f2459a06cf6435182b8ddd451f83e13479efe5ec7dfbf16229f4017920fb41457a9b6fe1a401b30b2f332d827ae2f86e962326927c1ed8bfedac1f7a00ddde63bd392a8f28a488ba5974689f8d15b9b1739fb50aae0ff244026ec72064003c621b33ffc8086b0a97eefb70604a2826f6499f6eb12d67a0da03fc8e1482
+
+Cipher = ARIA-128-GCM
+Key = e91e5e75da65554a48181f3846349562
+# Longer than default IV
+IV = 000102030405060708090a0b0c0d0e0f
+AAD = 8008315ebf2e6fe020e8f5eb
+Tag = 61f7f44c7da3c60195b29ae0b46051a4
+Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
+Ciphertext = 0d3e98fcaf7a2c4fe9198d66add90d113e5e0ff47598c40a4bf501960d935a4156c9a4d46c9358a608e10a16479a4247c9ab9bb4a02809e3eac3571b832590fe2ca3e2d545741e36282d96c041fc7d39a46ed60214c2c0ec70f27768dfea4f9563b5d5c2ac33b1368a78f2908f5daf942433fec6ab588f09e908e95cc8dfa85d1a0dfd5835dc14e148323230c63eedc99a9ce942214cb3768b97b821d613629f
+
+Cipher = ARIA-128-GCM
+Key = e91e5e75da65554a48181f3846349562
+# Extra long IV
+IV = 000102030405060708090a0b0c0d0e0f1011
+AAD = 8008315ebf2e6fe020e8f5eb
+Tag = c8b31ab6c2ddccab06b76af4e56e664e
+Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
+Ciphertext = 616a7bce24206501082cef7267c09a4affa54f8f82eb7fb2cdebdcaab4b6ab05c37e891c2d0fc90d15c5fb684247625c8bc0befad86896ae1c8f5a8506954caba4e13df0a0eb23853d4474e7f3b2c57bb398456a24d198e14566bce8a5f8d3bcdb12994d2fdc0f5cf19aeff990c1fe119e01f9fcc86757b1d43a9accf7b2f913c2208a46c1967f403867f89b46ffe96864c63f042265806ea5270e0dddd0e8dd
+
+
+Title = ARIA CCM test vectors from IETF draft-ietf-avtcore-aria-srtp-02
+
+# 16-byte Tag
+
+Cipher = ARIA-128-CCM
+Key = 974bee725d44fc3992267b284c3c6750
+IV = 000020e8f5eb00000000315e
+AAD = 8008315ebf2e6fe020e8f5eb
+Tag = 40f04b6467e300f6b336aedf9df4185b
+Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
+Ciphertext = 621e408a2e455505b39f704dcbac4307daabbd6d670abc4e42f2fd2fca263f094f4683e6fb0b10c5093d42b69dce0ba546520e7c4400975713f3bde93ef131160b9cbcd6df78a1502be7c6ea8d395b9ed0078819c3105c0ab92cb67b16ba51bb1f53508738bf7a37c9a905439b88b7af9d51a407916fdfea8d43bf253721846dc1671391225fc58d9d0693c8ade6a4ffb034ee6543dd4e651b7a084eae60f855
+
+Cipher = ARIA-256-CCM
+Key = 0c5ffd37a11edc42c325287fc0604f2e3e8cd5671a00fe3216aa5eb105783b54
+IV = 000020e8f5eb00000000315e
+AAD = 8008315ebf2e6fe020e8f5eb
+Tag = 87b6bd222c55365a9c7d0b215b77ea41 
+Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
+Ciphertext = ff78128ee18ee3cb9fb0d20726a017ff67fbd09d3a4c38aa32f6d306d3fdda378e459b83ed005507449d6cd981a4c1e3ff4193870c276ef09b6317a01a2283206ae4b4be0d0b235422c8abb00122410656b75e1ffc7fb49c0d0c5d6169aa7623610579968037aee8e83fc26264ea866590fd620aa3c0a5f323d953aa7f8defb0d0d60ab5a9de44dbaf8eae74ea3ab5f30594154f405fd630aa4c4d5603efdfa1
+
+# 8-byte Tag
+
+Cipher = ARIA-128-CCM
+Key = 974bee725d44fc3992267b284c3c6750
+IV = 000020e8f5eb00000000315e
+AAD = 8008315ebf2e6fe020e8f5eb
+Tag = dd2282c93a67fe4b
+Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
+Ciphertext = 621e408a2e455505b39f704dcbac4307daabbd6d670abc4e42f2fd2fca263f094f4683e6fb0b10c5093d42b69dce0ba546520e7c4400975713f3bde93ef131160b9cbcd6df78a1502be7c6ea8d395b9ed0078819c3105c0ab92cb67b16ba51bb1f53508738bf7a37c9a905439b88b7af9d51a407916fdfea8d43bf253721846dc1671391225fc58d9d0693c8ade6a4ffb034ee6543dd4e651b7a084eae60f855
+
+Cipher = ARIA-256-CCM
+Key = 0c5ffd37a11edc42c325287fc0604f2e3e8cd5671a00fe3216aa5eb105783b54
+IV = 000020e8f5eb00000000315e
+AAD = 8008315ebf2e6fe020e8f5eb
+Tag = 828dc0088f99a7ef
+Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
+Ciphertext = ff78128ee18ee3cb9fb0d20726a017ff67fbd09d3a4c38aa32f6d306d3fdda378e459b83ed005507449d6cd981a4c1e3ff4193870c276ef09b6317a01a2283206ae4b4be0d0b235422c8abb00122410656b75e1ffc7fb49c0d0c5d6169aa7623610579968037aee8e83fc26264ea866590fd620aa3c0a5f323d953aa7f8defb0d0d60ab5a9de44dbaf8eae74ea3ab5f30594154f405fd630aa4c4d5603efdfa1
+
+# 12-byte Tag
+
+Cipher = ARIA-128-CCM
+Key = 974bee725d44fc3992267b284c3c6750
+IV = 000020e8f5eb00000000315e
+AAD = 8008315ebf2e6fe020e8f5eb
+Tag = 01f3dedd15238da5ebfb1590
+Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
+Ciphertext = 621e408a2e455505b39f704dcbac4307daabbd6d670abc4e42f2fd2fca263f094f4683e6fb0b10c5093d42b69dce0ba546520e7c4400975713f3bde93ef131160b9cbcd6df78a1502be7c6ea8d395b9ed0078819c3105c0ab92cb67b16ba51bb1f53508738bf7a37c9a905439b88b7af9d51a407916fdfea8d43bf253721846dc1671391225fc58d9d0693c8ade6a4ffb034ee6543dd4e651b7a084eae60f855
+
+Cipher = ARIA-256-CCM
+Key = 0c5ffd37a11edc42c325287fc0604f2e3e8cd5671a00fe3216aa5eb105783b54
+IV = 000020e8f5eb00000000315e
+AAD = 8008315ebf2e6fe020e8f5eb
+Tag = 3615b7f90a651de15da20fb6
+Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
+Ciphertext = ff78128ee18ee3cb9fb0d20726a017ff67fbd09d3a4c38aa32f6d306d3fdda378e459b83ed005507449d6cd981a4c1e3ff4193870c276ef09b6317a01a2283206ae4b4be0d0b235422c8abb00122410656b75e1ffc7fb49c0d0c5d6169aa7623610579968037aee8e83fc26264ea866590fd620aa3c0a5f323d953aa7f8defb0d0d60ab5a9de44dbaf8eae74ea3ab5f30594154f405fd630aa4c4d5603efdfa1
+
+# Test that the tag can be set after specifying AAD.
+Cipher = ARIA-256-CCM
+Key = 0c5ffd37a11edc42c325287fc0604f2e3e8cd5671a00fe3216aa5eb105783b54
+IV = 000020e8f5eb00000000315e
+AAD = 8008315ebf2e6fe020e8f5eb
+Tag = 3615b7f90a651de15da20fb6
+SetTagLate = TRUE
+Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5
+Ciphertext = ff78128ee18ee3cb9fb0d20726a017ff67fbd09d3a4c38aa32f6d306d3fdda378e459b83ed005507449d6cd981a4c1e3ff4193870c276ef09b6317a01a2283206ae4b4be0d0b235422c8abb00122410656b75e1ffc7fb49c0d0c5d6169aa7623610579968037aee8e83fc26264ea866590fd620aa3c0a5f323d953aa7f8defb0d0d60ab5a9de44dbaf8eae74ea3ab5f30594154f405fd630aa4c4d5603efdfa1
diff --git a/test/recipes/30-test_evp_data/evpciph_bf.txt b/test/recipes/30-test_evp_data/evpciph_bf.txt
index 2f99db19e0..d0fcb288ec 100644
--- a/test/recipes/30-test_evp_data/evpciph_bf.txt
+++ b/test/recipes/30-test_evp_data/evpciph_bf.txt
@@ -10,20 +10,17 @@
 Title = Self generated BF test vectors
 
 Cipher = BF-ECB
-Availablein = default
 Key = 000102030405060708090a0b0c0d0e0f
 Plaintext = 0f0e0c0d0b0a09080706050403020100
 Ciphertext = 079590e0010626685653b9b6c2a406e0
 
 #Bigger key
 Cipher = BF-ECB
-Availablein = default
 Key = 000102030405060708090a0b0c0d0e0f00000000
 Plaintext = 0f0e0c0d0b0a09080706050403020100
 Ciphertext = 7a0fe3734ad4785b49e59296b7861789
 
 Cipher = BF-CBC
-Availablein = default
 Key = 000102030405060708090a0b0c0d0e0f
 IV = 0101010101010101
 Plaintext = 0f0e0c0d0b0a09080706050403020100
@@ -31,14 +28,12 @@ Ciphertext = 39c65006742b62a49f7a40ff69749c0a
 
 #Bigger key
 Cipher = BF-CBC
-Availablein = default
 Key = 000102030405060708090a0b0c0d0e0f00000000
 IV = 0101010101010101
 Plaintext = 0f0e0c0d0b0a09080706050403020100
 Ciphertext = 3a5cefdb91e56e7aab45e7ea562bd465
 
 Cipher = BF-OFB
-Availablein = default
 Key = 0001020304050607
 IV = 0101010101010101
 Plaintext = 0f0e0c0d0b0a09080706050403020100
@@ -46,14 +41,12 @@ Ciphertext = 27be8331cdc52dc61724029d302b9358
 
 #Bigger key
 Cipher = BF-OFB
-Availablein = default
 Key = 000102030405060700000000
 IV = 0101010101010101
 Plaintext = 0f0e0c0d0b0a09080706050403020100
 Ciphertext = f108f229cc1cbe228aa3b2407979289a
 
 Cipher = BF-CFB
-Availablein = default
 Key = 0001020304050607
 IV = 0101010101010101
 Plaintext = 0f0e0c0d0b0a09080706050403020100
@@ -61,7 +54,6 @@ Ciphertext = 27be8331cdc52dc675a93625f90f5db4
 
 #Bigger key
 Cipher = BF-CFB
-Availablein = default
 Key = 000102030405060700000000
 IV = 0101010101010101
 Plaintext = 0f0e0c0d0b0a09080706050403020100
diff --git a/test/recipes/30-test_evp_data/evpciph_camellia.txt b/test/recipes/30-test_evp_data/evpciph_camellia.txt
new file mode 100644
index 0000000000..3a48fd778e
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpciph_camellia.txt
@@ -0,0 +1,626 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title = Camellia tests from RFC3713
+
+# For all ECB encrypts and decrypts, the transformed sequence is
+#   CAMELLIA-bits-ECB:key::plaintext:ciphertext:encdec
+Cipher = CAMELLIA-128-ECB
+Key = 0123456789abcdeffedcba9876543210
+Plaintext = 0123456789abcdeffedcba9876543210
+Ciphertext = 67673138549669730857065648eabe43
+
+Cipher = CAMELLIA-192-ECB
+Key = 0123456789abcdeffedcba98765432100011223344556677
+Plaintext = 0123456789abcdeffedcba9876543210
+Ciphertext = b4993401b3e996f84ee5cee7d79b09b9
+
+Cipher = CAMELLIA-256-ECB
+Key = 0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff
+Plaintext = 0123456789abcdeffedcba9876543210
+Ciphertext = 9acc237dff16d76c20ef7c919e3a7509
+
+# ECB-CAMELLIA128.Encrypt
+Cipher = CAMELLIA-128-ECB
+Key = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 00112233445566778899AABBCCDDEEFF
+Ciphertext = 77CF412067AF8270613529149919546F
+
+Cipher = CAMELLIA-192-ECB
+Key = 000102030405060708090A0B0C0D0E0F1011121314151617
+Operation = ENCRYPT
+Plaintext = 00112233445566778899AABBCCDDEEFF
+Ciphertext = B22F3C36B72D31329EEE8ADDC2906C68
+
+Cipher = CAMELLIA-256-ECB
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Operation = ENCRYPT
+Plaintext = 00112233445566778899AABBCCDDEEFF
+Ciphertext = 2EDF1F3418D53B88841FC8985FB1ECF2
+
+
+# ECB-CAMELLIA128.Encrypt and ECB-CAMELLIA128.Decrypt
+Cipher = CAMELLIA-128-ECB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = 432FC5DCD628115B7C388D770B270C96
+
+Cipher = CAMELLIA-128-ECB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 0BE1F14023782A22E8384C5ABB7FAB2B
+
+Cipher = CAMELLIA-128-ECB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = A0A1ABCD1893AB6FE0FE5B65DF5F8636
+
+Cipher = CAMELLIA-128-ECB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = E61925E0D5DFAA9BB29F815B3076E51A
+
+
+# ECB-CAMELLIA192.Encrypt and ECB-CAMELLIA192.Decrypt
+Cipher = CAMELLIA-192-ECB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = CCCC6C4E138B45848514D48D0D3439D3
+
+Cipher = CAMELLIA-192-ECB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 5713C62C14B2EC0F8393B6AFD6F5785A
+
+Cipher = CAMELLIA-192-ECB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = B40ED2B60EB54D09D030CF511FEEF366
+
+Cipher = CAMELLIA-192-ECB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 909DBD95799096748CB27357E73E1D26
+
+
+# ECB-CAMELLIA256.Encrypt and ECB-CAMELLIA256.Decrypt
+Cipher = CAMELLIA-256-ECB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = BEFD219B112FA00098919CD101C9CCFA
+
+Cipher = CAMELLIA-256-ECB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = C91D3A8F1AEA08A9386CF4B66C0169EA
+
+Cipher = CAMELLIA-256-ECB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = A623D711DC5F25A51BB8A80D56397D28
+
+Cipher = CAMELLIA-256-ECB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 7960109FB6DC42947FCFE59EA3C5EB6B
+
+
+# For all CBC encrypts and decrypts, the transformed sequence is
+#   CAMELLIA-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec
+# CBC-CAMELLIA128.Encrypt and CBC-CAMELLIA128.Decrypt
+Cipher = CAMELLIA-128-CBC
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 000102030405060708090A0B0C0D0E0F
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = 1607CF494B36BBF00DAEB0B503C831AB
+
+Cipher = CAMELLIA-128-CBC
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 1607CF494B36BBF00DAEB0B503C831AB
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = A2F2CF671629EF7840C5A5DFB5074887
+
+Cipher = CAMELLIA-128-CBC
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = A2F2CF671629EF7840C5A5DFB5074887
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 0F06165008CF8B8B5A63586362543E54
+
+Cipher = CAMELLIA-128-CBC
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 36A84CDAFD5F9A85ADA0F0A993D6D577
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 74C64268CDB8B8FAF5B34E8AF3732980
+
+
+# CBC-CAMELLIA192.Encrypt and CBC-CAMELLIA192.Decrypt
+Cipher = CAMELLIA-192-CBC
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 000102030405060708090A0B0C0D0E0F
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = 2A4830AB5AC4A1A2405955FD2195CF93
+
+Cipher = CAMELLIA-192-CBC
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 2A4830AB5AC4A1A2405955FD2195CF93
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 5D5A869BD14CE54264F892A6DD2EC3D5
+
+Cipher = CAMELLIA-192-CBC
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 5D5A869BD14CE54264F892A6DD2EC3D5
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 37D359C3349836D884E310ADDF68C449
+
+Cipher = CAMELLIA-192-CBC
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 37D359C3349836D884E310ADDF68C449
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 01FAAA930B4AB9916E9668E1428C6B08
+
+
+# CBC-CAMELLIA256.Encrypt and CBC-CAMELLIA256.Decrypt
+Cipher = CAMELLIA-256-CBC
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 000102030405060708090A0B0C0D0E0F
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = E6CFA35FC02B134A4D2C0B6737AC3EDA
+
+Cipher = CAMELLIA-256-CBC
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = E6CFA35FC02B134A4D2C0B6737AC3EDA
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 36CBEB73BD504B4070B1B7DE2B21EB50
+
+Cipher = CAMELLIA-256-CBC
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 36CBEB73BD504B4070B1B7DE2B21EB50
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = E31A6055297D96CA3330CDF1B1860A83
+
+Cipher = CAMELLIA-256-CBC
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = E31A6055297D96CA3330CDF1B1860A83
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 5D563F6D1CCCF236051C0C5C1C58F28F
+
+
+# We don't support CFB{1,8}-CAMELLIAxxx.{En,De}crypt
+# For all CFB128 encrypts and decrypts, the transformed sequence is
+#   CAMELLIA-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec
+# CFB128-CAMELLIA128.Encrypt
+Cipher = CAMELLIA-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = 14F7646187817EB586599146B82BD719
+
+Cipher = CAMELLIA-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 14F7646187817EB586599146B82BD719
+Operation = ENCRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = A53D28BB82DF741103EA4F921A44880B
+
+Cipher = CAMELLIA-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = A53D28BB82DF741103EA4F921A44880B
+Operation = ENCRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 9C2157A664626D1DEF9EA420FDE69B96
+
+Cipher = CAMELLIA-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 9C2157A664626D1DEF9EA420FDE69B96
+Operation = ENCRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 742A25F0542340C7BAEF24CA8482BB09
+
+
+# CFB128-CAMELLIA128.Decrypt
+Cipher = CAMELLIA-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = DECRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = 14F7646187817EB586599146B82BD719
+
+Cipher = CAMELLIA-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 14F7646187817EB586599146B82BD719
+Operation = DECRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = A53D28BB82DF741103EA4F921A44880B
+
+Cipher = CAMELLIA-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = A53D28BB82DF741103EA4F921A44880B
+Operation = DECRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 9C2157A664626D1DEF9EA420FDE69B96
+
+Cipher = CAMELLIA-128-CFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 9C2157A664626D1DEF9EA420FDE69B96
+Operation = DECRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 742A25F0542340C7BAEF24CA8482BB09
+
+
+# CFB128-CAMELLIA192.Encrypt
+Cipher = CAMELLIA-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = C832BB9780677DAA82D9B6860DCD565E
+
+Cipher = CAMELLIA-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = C832BB9780677DAA82D9B6860DCD565E
+Operation = ENCRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 86F8491627906D780C7A6D46EA331F98
+
+Cipher = CAMELLIA-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 86F8491627906D780C7A6D46EA331F98
+Operation = ENCRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 69511CCE594CF710CB98BB63D7221F01
+
+Cipher = CAMELLIA-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 69511CCE594CF710CB98BB63D7221F01
+Operation = ENCRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = D5B5378A3ABED55803F25565D8907B84
+
+
+# CFB128-CAMELLIA192.Decrypt
+Cipher = CAMELLIA-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = DECRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = C832BB9780677DAA82D9B6860DCD565E
+
+Cipher = CAMELLIA-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = C832BB9780677DAA82D9B6860DCD565E
+Operation = DECRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 86F8491627906D780C7A6D46EA331F98
+
+Cipher = CAMELLIA-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 86F8491627906D780C7A6D46EA331F98
+Operation = DECRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 69511CCE594CF710CB98BB63D7221F01
+
+Cipher = CAMELLIA-192-CFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 69511CCE594CF710CB98BB63D7221F01
+Operation = DECRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = D5B5378A3ABED55803F25565D8907B84
+
+
+# CFB128-CAMELLIA256.Encrypt
+Cipher = CAMELLIA-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93
+
+Cipher = CAMELLIA-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = CF6107BB0CEA7D7FB1BD31F5E7B06C93
+Operation = ENCRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 89BEDB4CCDD864EA11BA4CBE849B5E2B
+
+Cipher = CAMELLIA-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 89BEDB4CCDD864EA11BA4CBE849B5E2B
+Operation = ENCRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 555FC3F34BDD2D54C62D9E3BF338C1C4
+
+Cipher = CAMELLIA-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 555FC3F34BDD2D54C62D9E3BF338C1C4
+Operation = ENCRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 5953ADCE14DB8C7F39F1BD39F359BFFA
+
+
+# CFB128-CAMELLIA256.Decrypt
+Cipher = CAMELLIA-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = DECRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93
+
+Cipher = CAMELLIA-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = CF6107BB0CEA7D7FB1BD31F5E7B06C93
+Operation = DECRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 89BEDB4CCDD864EA11BA4CBE849B5E2B
+
+Cipher = CAMELLIA-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 89BEDB4CCDD864EA11BA4CBE849B5E2B
+Operation = DECRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 555FC3F34BDD2D54C62D9E3BF338C1C4
+
+Cipher = CAMELLIA-256-CFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 555FC3F34BDD2D54C62D9E3BF338C1C4
+Operation = DECRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 5953ADCE14DB8C7F39F1BD39F359BFFA
+
+
+# For all OFB encrypts and decrypts, the transformed sequence is
+#   CAMELLIA-bits-OFB:key:IV/output':plaintext:ciphertext:encdec
+# OFB-CAMELLIA128.Encrypt
+Cipher = CAMELLIA-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = 14F7646187817EB586599146B82BD719
+
+Cipher = CAMELLIA-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 50FE67CC996D32B6DA0937E99BAFEC60
+Operation = ENCRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 25623DB569CA51E01482649977E28D84
+
+Cipher = CAMELLIA-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = D9A4DADA0892239F6B8B3D7680E15674
+Operation = ENCRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = C776634A60729DC657D12B9FCA801E98
+
+Cipher = CAMELLIA-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = A78819583F0308E7A6BF36B1386ABF23
+Operation = ENCRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = D776379BE0E50825E681DA1A4C980E8E
+
+
+# OFB-CAMELLIA128.Decrypt
+Cipher = CAMELLIA-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = DECRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = 14F7646187817EB586599146B82BD719
+
+Cipher = CAMELLIA-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = 50FE67CC996D32B6DA0937E99BAFEC60
+Operation = DECRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 25623DB569CA51E01482649977E28D84
+
+Cipher = CAMELLIA-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = D9A4DADA0892239F6B8B3D7680E15674
+Operation = DECRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = C776634A60729DC657D12B9FCA801E98
+
+Cipher = CAMELLIA-128-OFB
+Key = 2B7E151628AED2A6ABF7158809CF4F3C
+IV = A78819583F0308E7A6BF36B1386ABF23
+Operation = DECRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = D776379BE0E50825E681DA1A4C980E8E
+
+
+# OFB-CAMELLIA192.Encrypt
+Cipher = CAMELLIA-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = C832BB9780677DAA82D9B6860DCD565E
+
+Cipher = CAMELLIA-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = A609B38DF3B1133DDDFF2718BA09565E
+Operation = ENCRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 8ECEB7D0350D72C7F78562AEBDF99339
+
+Cipher = CAMELLIA-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 52EF01DA52602FE0975F78AC84BF8A50
+Operation = ENCRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = BDD62DBBB9700846C53B507F544696F0
+
+Cipher = CAMELLIA-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = BD5286AC63AABD7EB067AC54B553F71D
+Operation = ENCRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = E28014E046B802F385C4C2E13EAD4A72
+
+
+# OFB-CAMELLIA192.Decrypt
+Cipher = CAMELLIA-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = DECRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = C832BB9780677DAA82D9B6860DCD565E
+
+Cipher = CAMELLIA-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = A609B38DF3B1133DDDFF2718BA09565E
+Operation = DECRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 8ECEB7D0350D72C7F78562AEBDF99339
+
+Cipher = CAMELLIA-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = 52EF01DA52602FE0975F78AC84BF8A50
+Operation = DECRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = BDD62DBBB9700846C53B507F544696F0
+
+Cipher = CAMELLIA-192-OFB
+Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B
+IV = BD5286AC63AABD7EB067AC54B553F71D
+Operation = DECRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = E28014E046B802F385C4C2E13EAD4A72
+
+
+# OFB-CAMELLIA256.Encrypt
+Cipher = CAMELLIA-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = ENCRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93
+
+Cipher = CAMELLIA-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = B7BF3A5DF43989DD97F0FA97EBCE2F4A
+Operation = ENCRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 127AD97E8E3994E4820027D7BA109368
+
+Cipher = CAMELLIA-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = E1C656305ED1A7A6563805746FE03EDC
+Operation = ENCRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 6BFF6265A6A6B7A535BC65A80B17214E
+
+Cipher = CAMELLIA-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 41635BE625B48AFC1666DD42A09D96E7
+Operation = ENCRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 0A4A0404E26AA78A27CB271E8BF3CF20
+
+
+# OFB-CAMELLIA256.Decrypt
+Cipher = CAMELLIA-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 000102030405060708090A0B0C0D0E0F
+Operation = DECRYPT
+Plaintext = 6BC1BEE22E409F96E93D7E117393172A
+Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93
+
+Cipher = CAMELLIA-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = B7BF3A5DF43989DD97F0FA97EBCE2F4A
+Operation = DECRYPT
+Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51
+Ciphertext = 127AD97E8E3994E4820027D7BA109368
+
+Cipher = CAMELLIA-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = E1C656305ED1A7A6563805746FE03EDC
+Operation = DECRYPT
+Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF
+Ciphertext = 6BFF6265A6A6B7A535BC65A80B17214E
+
+Cipher = CAMELLIA-256-OFB
+Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4
+IV = 41635BE625B48AFC1666DD42A09D96E7
+Operation = DECRYPT
+Plaintext = F69F2445DF4F9B17AD2B417BE66C3710
+Ciphertext = 0A4A0404E26AA78A27CB271E8BF3CF20
+
+
+# Camellia test vectors from RFC5528
+Cipher = CAMELLIA-128-CTR
+Key = AE6852F8121067CC4BF7A5765577F39E
+IV = 00000030000000000000000000000001
+Operation = ENCRYPT
+Plaintext = 53696E676C6520626C6F636B206D7367
+Ciphertext = D09DC29A8214619A20877C76DB1F0B3F
+
+Cipher = CAMELLIA-128-CTR
+Key = 7E24067817FAE0D743D6CE1F32539163
+IV = 006CB6DBC0543B59DA48D90B00000001
+Operation = ENCRYPT
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Ciphertext = DBF3C78DC08396D4DA7C907765BBCB442B8E8E0F31F0DCA72C7417E35360E048
+
+Cipher = CAMELLIA-128-CTR
+Key = 7691BE035E5020A8AC6E618529F9A0DC
+IV = 00E0017B27777F3F4A1786F000000001
+Operation = ENCRYPT
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223
+Ciphertext = B19D1FCDCB75EB882F849CE24D85CF739CE64B2B5C9D73F14F2D5D9DCE9889CDDF508696
+
+Cipher = CAMELLIA-192-CTR
+Key = 16AF5B145FC9F579C175F93E3BFB0EED863D06CCFDB78515
+IV = 0000004836733C147D6D93CB00000001
+Operation = ENCRYPT
+Plaintext = 53696E676C6520626C6F636B206D7367
+Ciphertext = 2379399E8A8D2B2B16702FC78B9E9696
+
+Cipher = CAMELLIA-192-CTR
+Key = 7C5CB2401B3DC33C19E7340819E0F69C678C3DB8E6F6A91A
+IV = 0096B03B020C6EADC2CB500D00000001
+Operation = ENCRYPT
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Ciphertext = 7DEF34F7A5D0E415674B7FFCAE67C75DD018B86FF23051E056392A99F35A4CED
+
+Cipher = CAMELLIA-192-CTR
+Key = 02BF391EE8ECB159B959617B0965279BF59B60A786D3E0FE
+IV = 0007BDFD5CBD60278DCC091200000001
+Operation = ENCRYPT
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223
+Ciphertext = 5710E556E1487A20B5AC0E73F19E4E7876F37FDC91B1EF4D4DADE8E666A64D0ED557AB57
+
+Cipher = CAMELLIA-256-CTR
+Key = 776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104
+IV = 00000060DB5672C97AA8F0B200000001
+Operation = ENCRYPT
+Plaintext = 53696E676C6520626C6F636B206D7367
+Ciphertext = 3401F9C8247EFFCEBD6994714C1BBB11
+
+Cipher = CAMELLIA-256-CTR
+Key = F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884
+IV = 00FAAC24C1585EF15A43D87500000001
+Operation = ENCRYPT
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Ciphertext = D6C30392246F7808A83C2B22A8839E45E51CD48A1CDF406EBC9CC2D3AB834108
+
+Cipher = CAMELLIA-256-CTR
+Key = FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D
+IV = 001CC5B751A51D70A1C1114800000001
+Operation = ENCRYPT
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223
+Ciphertext = A4DA23FCE6A5FFAA6D64AE9A0652A42CD161A34B65F9679F75C01F101F71276F15EF0D8D
diff --git a/test/recipes/30-test_evp_data/evpciph_chacha.txt b/test/recipes/30-test_evp_data/evpciph_chacha.txt
index 48d1a37a02..4fb1d2cc1b 100644
--- a/test/recipes/30-test_evp_data/evpciph_chacha.txt
+++ b/test/recipes/30-test_evp_data/evpciph_chacha.txt
@@ -9,8 +9,7 @@
 # Tests start with one of these keywords
 #       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
 #       PrivPubKeyPair Sign Verify VerifyRecover
-# and continue until a blank line.  Lines starting with a pound sign,
-# like this prolog, are ignored.
+# and continue until a blank line. Lines starting with a pound sign are ignored.
 
 Title = Chacha20 test vectors from RFC7539
 
diff --git a/test/recipes/30-test_evp_data/evpciph_des.txt b/test/recipes/30-test_evp_data/evpciph_des.txt
index 4841fdc318..d501e43cdd 100644
--- a/test/recipes/30-test_evp_data/evpciph_des.txt
+++ b/test/recipes/30-test_evp_data/evpciph_des.txt
@@ -62,3 +62,25 @@ Key = 0123456789abcdef
 IV = 1234567890abcdef
 Plaintext = 4e6f77206973207468652074696d6520666f7220616c6c20
 Ciphertext = f3096249c7f46e51a69e839b1a92f78403467133898ea622
+
+
+Title = DES Tests (various sources)
+
+Cipher = DES-EDE3-CFB1
+Key = 000102030405060708090A0B0C0D0E0F1011121314151617
+IV = 0001020304050607
+Plaintext = "Hello World"
+Ciphertext = 3CF55D656E9C0664513358
+
+Cipher = DES-EDE3-CFB1
+Key = 000102030405060708090A0B0C0D0E0F1011121314151617
+IV = 0001020304050607
+Operation = DECRYPT
+Plaintext = "Hello World"
+Ciphertext = 3CF55D656E9C0664513358
+
+Cipher = DESX-CBC
+Key = 0123456789abcdeff1e0d3c2b5a49786fedcba9876543210
+IV = fedcba9876543210
+Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000
+Ciphertext = 846B2914851E9A2954732F8AA0A611C115CDC2D7951B1053A63C5E03B21AA3C4
diff --git a/test/recipes/30-test_evp_data/evpciph_des3_common.txt b/test/recipes/30-test_evp_data/evpciph_des3_common.txt
new file mode 100644
index 0000000000..e8e2bf152f
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpciph_des3_common.txt
@@ -0,0 +1,21 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title = DES3 Test
+
+# DES EDE3 CBC tests (from destest)
+Cipher = DES-EDE3-CBC
+Key = 0123456789abcdeff1e0d3c2b5a49786fedcba9876543210
+IV = fedcba9876543210
+Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000
+Ciphertext = 3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675
diff --git a/test/recipes/30-test_evp_data/evpciph_sm4.txt b/test/recipes/30-test_evp_data/evpciph_sm4.txt
index 8434ccb6e2..464c4750eb 100644
--- a/test/recipes/30-test_evp_data/evpciph_sm4.txt
+++ b/test/recipes/30-test_evp_data/evpciph_sm4.txt
@@ -6,7 +6,6 @@
 # in the file LICENSE in the source distribution or at
 # https://www.openssl.org/source/license.html
 
-
 Title = SM4 test vectors from IETF draft-ribose-cfrg-sm4
 
 Cipher = SM4-ECB
diff --git a/test/recipes/30-test_evp_data/evpencod.txt b/test/recipes/30-test_evp_data/evpencod.txt
index f9ce7a842d..8584d532fd 100644
--- a/test/recipes/30-test_evp_data/evpencod.txt
+++ b/test/recipes/30-test_evp_data/evpencod.txt
@@ -9,8 +9,7 @@
 # Tests start with one of these keywords
 #       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
 #       PrivPubKeyPair Sign Verify VerifyRecover
-# and continue until a blank line.  Lines starting with a pound sign,
-# like this prolog, are ignored.
+# and continue until a blank line. Lines starting with a pound sign are ignored.
 
 Title = Base64 tests
 
@@ -191,4 +190,3 @@ Encoding = valid
 Input = "OpenSSLOpenSSL\n"
 Output = "T3BlblNTTE9wZW5TU0wK-abcd"
 
-
diff --git a/test/recipes/30-test_evp_data/evppkey_kdf.txt b/test/recipes/30-test_evp_data/evpkdf_hkdf.txt
similarity index 56%
copy from test/recipes/30-test_evp_data/evppkey_kdf.txt
copy to test/recipes/30-test_evp_data/evpkdf_hkdf.txt
index c619efdcc4..8d486c672a 100644
--- a/test/recipes/30-test_evp_data/evppkey_kdf.txt
+++ b/test/recipes/30-test_evp_data/evpkdf_hkdf.txt
@@ -1,5 +1,5 @@
 #
-# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the Apache License 2.0 (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -7,299 +7,189 @@
 # https://www.openssl.org/source/license.html
 
 # Tests start with one of these keywords
-#       Cipher Decrypt Derive Digest Encoding KDF PKEYKDF MAC PBE
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
 #       PrivPubKeyPair Sign Verify VerifyRecover
-# and continue until a blank line.  Lines starting with a pound sign,
-# like this prolog, are ignored.
-
-Title = TLS1 PRF tests (from NIST test vectors)
-
-PKEYKDF=TLS1-PRF
-Ctrl.md = md:MD5-SHA1
-Ctrl.Secret = hexsecret:bded7fa5c1699c010be23dd06ada3a48349f21e5f86263d512c0c5cc379f0e780ec55d9844b2f1db02a96453513568d0
-Ctrl.label = seed:master secret
-Ctrl.client_random = hexseed:e5acaf549cd25c22d964c0d930fa4b5261d2507fad84c33715b7b9a864020693
-Ctrl.server_random = hexseed:135e4d557fdf3aa6406d82975d5c606a9734c9334b42136e96990fbd5358cdb2
-Output = 2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62
-
-PKEYKDF=TLS1-PRF
-Ctrl.md = md:MD5-SHA1
-Ctrl.Secret = hexsecret:2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62
-Ctrl.label = seed:key expansion
-Ctrl.server_random = hexseed:67267e650eb32444119d222a368c191af3082888dc35afe8368e638c828874be
-Ctrl.client_random = hexseed:d58a7b1cd4fedaa232159df652ce188f9d997e061b9bf48e83b62990440931f6
-Output = 3088825988e77fce68d19f756e18e43eb7fe672433504feaf99b3c503d9091b164f166db301d70c9fc0870b4a94563907bee1a61fb786cb717576890bcc51cb9ead97e01d0a2fea99c953377b195205ff07b369589178796edc963fd80fdbe518a2fc1c35c18ae8d
-
-PKEYKDF=TLS1-PRF
-Ctrl.md = md:SHA256
-Ctrl.Secret = hexsecret:f8938ecc9edebc5030c0c6a441e213cd24e6f770a50dda07876f8d55da062bcadb386b411fd4fe4313a604fce6c17fbc
-Ctrl.label = seed:master secret
-Ctrl.client_random = hexseed:36c129d01a3200894b9179faac589d9835d58775f9b5ea3587cb8fd0364cae8c
-Ctrl.server_random = hexseed:f6c9575ed7ddd73e1f7d16eca115415812a43c2b747daaaae043abfb50053fce
-Output = 202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf
-
-PKEYKDF=TLS1-PRF
-Ctrl.md = md:SHA256
-Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf
-Ctrl.label = seed:key expansion
-Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868
-Ctrl.client_random = hexseed:62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616
-Output = d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928
-
-# As above but use long name for KDF
-PKEYKDF=tls1-prf
-Ctrl.md = md:SHA256
-Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf
-Ctrl.label = seed:key expansion
-Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868
-Ctrl.client_random = hexseed:62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616
-Output = d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928
-
-# Missing digest.
-PKEYKDF=TLS1-PRF
-Ctrl.Secret = hexsecret:01
-Ctrl.Seed = hexseed:02
-Output = 03
-Result = KDF_DERIVE_ERROR
-
-# Missing secret.
-PKEYKDF=TLS1-PRF
-Ctrl.md = md:MD5-SHA1
-Ctrl.Seed = hexseed:02
-Output = 03
-Result = KDF_DERIVE_ERROR
+# and continue until a blank line. Lines starting with a pound sign are ignored.
 
 Title = HKDF tests (from RFC5869 test vectors)
 
-PKEYKDF = HKDF
-Ctrl.md = md:SHA256
+KDF = HKDF
+Ctrl.digest = digest:SHA256
 Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
 Ctrl.salt = hexsalt:000102030405060708090a0b0c
 Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9
 Output = 3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865
 
-PKEYKDF = HKDF
+KDF = HKDF
 Ctrl.mode = mode:EXTRACT_ONLY
-Ctrl.md = md:SHA256
+Ctrl.digest = digest:SHA256
 Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
 Ctrl.salt = hexsalt:000102030405060708090a0b0c
 Output = 077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5
 
-PKEYKDF = HKDF
+KDF = HKDF
 Ctrl.mode = mode:EXPAND_ONLY
-Ctrl.md = md:SHA256
+Ctrl.digest = digest:SHA256
 Ctrl.IKM = hexkey:077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5
 Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9
 Output = 3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865
 
-PKEYKDF = HKDF
-Ctrl.md = md:SHA256
+KDF = HKDF
+Ctrl.digest = digest:SHA256
 Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f
 Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf
 Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
 Output = b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87
 
-PKEYKDF = HKDF
+KDF = HKDF
 Ctrl.mode = mode:EXTRACT_ONLY
-Ctrl.md = md:SHA256
+Ctrl.digest = digest:SHA256
 Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f
 Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf
 Output = 06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244
 
-PKEYKDF = HKDF
+KDF = HKDF
 Ctrl.mode = mode:EXPAND_ONLY
-Ctrl.md = md:SHA256
+Ctrl.digest = digest:SHA256
 Ctrl.IKM = hexkey:06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244
 Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
 Output = b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87
 
-PKEYKDF = HKDF
-Ctrl.md = md:SHA256
+KDF = HKDF
+Ctrl.digest = digest:SHA256
 Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
 Ctrl.salt = salt:
 Ctrl.info = info:
 Output = 8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8
 
-PKEYKDF = HKDF
+KDF = HKDF
 Ctrl.mode = mode:EXTRACT_ONLY
-Ctrl.md = md:SHA256
+Ctrl.digest = digest:SHA256
 Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
 Ctrl.salt = salt:
 Ctrl.info = info:
 Output = 19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04
 
-PKEYKDF = HKDF
+KDF = HKDF
 Ctrl.mode = mode:EXPAND_ONLY
-Ctrl.md = md:SHA256
+Ctrl.digest = digest:SHA256
 Ctrl.IKM = hexkey:19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04
 Ctrl.info = info:
 Output = 8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8
 
-PKEYKDF = HKDF
-Ctrl.md = md:SHA1
+KDF = HKDF
+Ctrl.digest = digest:SHA1
 Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b
 Ctrl.salt = hexsalt:000102030405060708090a0b0c
 Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9
 Output = 085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896
 
-PKEYKDF = HKDF
+KDF = HKDF
 Ctrl.mode = mode:EXTRACT_ONLY
-Ctrl.md = md:SHA1
+Ctrl.digest = digest:SHA1
 Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b
 Ctrl.salt = hexsalt:000102030405060708090a0b0c
 Output = 9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243
 
-PKEYKDF = HKDF
+KDF = HKDF
 Ctrl.mode = mode:EXPAND_ONLY
-Ctrl.md = md:SHA1
+Ctrl.digest = digest:SHA1
 Ctrl.IKM = hexkey:9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243
 Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9
 Output = 085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896
 
-PKEYKDF = HKDF
-Ctrl.md = md:SHA1
+KDF = HKDF
+Ctrl.digest = digest:SHA1
 Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f
 Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf
 Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
 Output = 0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4
 
-PKEYKDF = HKDF
+KDF = HKDF
 Ctrl.mode = mode:EXTRACT_ONLY
-Ctrl.md = md:SHA1
+Ctrl.digest = digest:SHA1
 Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f
 Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf
 Output = 8adae09a2a307059478d309b26c4115a224cfaf6
 
-PKEYKDF = HKDF
+KDF = HKDF
 Ctrl.mode = mode:EXPAND_ONLY
-Ctrl.md = md:SHA1
+Ctrl.digest = digest:SHA1
 Ctrl.IKM = hexkey:8adae09a2a307059478d309b26c4115a224cfaf6
 Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
 Output = 0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4
 
-PKEYKDF = HKDF
-Ctrl.md = md:SHA1
+KDF = HKDF
+Ctrl.digest = digest:SHA1
 Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
 Ctrl.salt = salt:
 Ctrl.info = info:
 Output = 0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918
 
-PKEYKDF = HKDF
+KDF = HKDF
 Ctrl.mode = mode:EXTRACT_ONLY
-Ctrl.md = md:SHA1
+Ctrl.digest = digest:SHA1
 Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
 Ctrl.salt = salt:
 Output = da8c8a73c7fa77288ec6f5e7c297786aa0d32d01
 
-PKEYKDF = HKDF
+KDF = HKDF
 Ctrl.mode = mode:EXPAND_ONLY
-Ctrl.md = md:SHA1
+Ctrl.digest = digest:SHA1
 Ctrl.IKM = hexkey:da8c8a73c7fa77288ec6f5e7c297786aa0d32d01
 Ctrl.info = info:
 Output = 0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918
 
-PKEYKDF = HKDF
-Ctrl.md = md:SHA1
+KDF = HKDF
+Ctrl.digest = digest:SHA1
 Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
 Ctrl.salt = salt:
 Ctrl.info = info:
 Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48
 
-PKEYKDF = HKDF
+KDF = HKDF
 Ctrl.mode = mode:EXTRACT_ONLY
-Ctrl.md = md:SHA1
+Ctrl.digest = digest:SHA1
 Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
 Ctrl.salt = salt:
 Output = 2adccada18779e7c2077ad2eb19d3f3e731385dd
 
-PKEYKDF = HKDF
+KDF = HKDF
 Ctrl.mode = mode:EXPAND_ONLY
-Ctrl.md = md:SHA1
+Ctrl.digest = digest:SHA1
 Ctrl.IKM = hexkey:2adccada18779e7c2077ad2eb19d3f3e731385dd
 Ctrl.info = info:
 Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48
 
-PKEYKDF = HKDF
+KDF = HKDF
 Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
 Ctrl.salt = salt:
 Ctrl.info = info:
 Output = 00
 Result = KDF_DERIVE_ERROR
 
-PKEYKDF = HKDF
-Ctrl.md = md:SHA1
+KDF = HKDF
+Ctrl.digest = digest:SHA1
 Ctrl.salt = salt:
 Ctrl.info = info:
 Output = 00
 Result = KDF_DERIVE_ERROR
 
-PKEYKDF = HKDF
-Ctrl.md = md:SHA1
+KDF = HKDF
+Ctrl.digest = digest:SHA1
 Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
 Ctrl.info = info:
 Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48
 
-PKEYKDF = HKDF
-Ctrl.md = md:SHA1
+KDF = HKDF
+Ctrl.digest = digest:SHA1
 Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
 Ctrl.salt = salt:
 Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48
 
-PKEYKDF = HKDF
+KDF = HKDF
 Ctrl.mode = mode:EXTRACT_AND_EXPAND
-Ctrl.md = md:SHA1
+Ctrl.digest = digest:SHA1
 Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
 Ctrl.salt = salt:
 Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48
-
-Title = id-scrypt tests (from draft-josefsson-id-scrypt-kdf-03 and others)
-
-PKEYKDF = scrypt
-Ctrl.pass = pass:
-Ctrl.salt = salt:
-Ctrl.N = N:16
-Ctrl.r = r:1
-Ctrl.p = p:1
-Output = 77d6576238657b203b19ca42c18a0497f16b4844e3074ae8dfdffa3fede21442fcd0069ded0948f8326a753a0fc81f17e8d3e0fb2e0d3628cf35e20c38d18906
-
-PKEYKDF = scrypt
-Ctrl.pass = pass:password
-Ctrl.salt = salt:NaCl
-Ctrl.N = N:1024
-Ctrl.r = r:8
-Ctrl.p = p:16
-Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640
-
-PKEYKDF = scrypt
-Ctrl.hexpass = hexpass:70617373776f7264
-Ctrl.salt = salt:NaCl
-Ctrl.N = N:1024
-Ctrl.r = r:8
-Ctrl.p = p:16
-Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640
-
-PKEYKDF = scrypt
-Ctrl.pass = pass:password
-Ctrl.hexsalt = hexsalt:4e61436c
-Ctrl.N = N:1024
-Ctrl.r = r:8
-Ctrl.p = p:16
-Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640
-
-PKEYKDF = scrypt
-Ctrl.pass = pass:pleaseletmein
-Ctrl.salt = salt:SodiumChloride
-Ctrl.N = N:16384
-Ctrl.r = r:8
-Ctrl.p = p:1
-Output = 7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887
-
-# Out of memory
-PKEYKDF = scrypt
-Ctrl.pass = pass:pleaseletmein
-Ctrl.salt = salt:SodiumChloride
-Ctrl.N = N:1048576
-Ctrl.r = r:8
-Ctrl.p = p:1
-Result = INTERNAL_ERROR
-
diff --git a/test/recipes/30-test_evp_data/evpkdf_krb5.txt b/test/recipes/30-test_evp_data/evpkdf_krb5.txt
new file mode 100644
index 0000000000..8c515ae39b
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpkdf_krb5.txt
@@ -0,0 +1,131 @@
+#
+# Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title = KRB5KDF tests (from RFC 3961 test vectors and krb5 sources)
+
+#RFC3961
+KDF = KRB5KDF
+Ctrl.cipher = cipher:DES-EDE3-CBC
+Ctrl.hexkey = hexkey:dce06b1f64c857a11c3db57c51899b2cc1791008ce973b92
+Ctrl.hexconstant = hexconstant:0000000155
+Output = 925179d04591a79b5d3192c4a7e9c289b049c71f6ee604cd
+
+KDF = KRB5KDF
+Ctrl.cipher = cipher:DES-EDE3-CBC
+Ctrl.hexkey = hexkey:5e13d31c70ef765746578531cb51c15bf11ca82c97cee9f2
+Ctrl.hexconstant = hexconstant:00000001aa
+Output = 9e58e5a146d9942a101c469845d67a20e3c4259ed913f207
+
+KDF = KRB5KDF
+Ctrl.cipher = cipher:DES-EDE3-CBC
+Ctrl.hexkey = hexkey:98e6fd8a04a4b6859b75a176540b9752bad3ecd610a252bc
+Ctrl.hexconstant = hexconstant:0000000155
+Output = 13fef80d763e94ec6d13fd2ca1d085070249dad39808eabf
+
+KDF = KRB5KDF
+Ctrl.cipher = cipher:DES-EDE3-CBC
+Ctrl.hexkey = hexkey:622aec25a2fe2cad7094680b7c64940280084c1a7cec92b5
+Ctrl.hexconstant = hexconstant:00000001aa
+Output = f8dfbf04b097e6d9dc0702686bcb3489d91fd9a4516b703e
+
+KDF = KRB5KDF
+Ctrl.cipher = cipher:DES-EDE3-CBC
+Ctrl.hexkey = hexkey:d3f8298ccb166438dcb9b93ee5a7629286a491f838f802fb
+Ctrl.hexconstant = hexconstant:6b65726265726f73
+Output = 2370da575d2a3da864cebfdc5204d56df779a7df43d9da43
+
+KDF = KRB5KDF
+Ctrl.cipher = cipher:DES-EDE3-CBC
+Ctrl.hexkey = hexkey:c1081649ada74362e6a1459d01dfd30d67c2234c940704da
+Ctrl.hexconstant = hexconstant:0000000155
+Output = 348057ec98fdc48016161c2a4c7a943e92ae492c989175f7
+
+KDF = KRB5KDF
+Ctrl.cipher = cipher:DES-EDE3-CBC
+Ctrl.hexkey = hexkey:5d154af238f46713155719d55e2f1f790dd661f279a7917c
+Ctrl.hexconstant = hexconstant:00000001aa
+Output = a8808ac267dada3dcbe9a7c84626fbc761c294b01315e5c1
+
+KDF = KRB5KDF
+Ctrl.cipher = cipher:DES-EDE3-CBC
+Ctrl.hexkey = hexkey:798562e049852f57dc8c343ba17f2ca1d97394efc8adc443
+Ctrl.hexconstant = hexconstant:0000000155
+Output = c813f88a3be3b334f75425ce9175fbe3c8493b89c8703b49
+
+KDF = KRB5KDF
+Ctrl.cipher = cipher:DES-EDE3-CBC
+Ctrl.hexkey = hexkey:26dce334b545292f2feab9a8701a89a4b99eb9942cecd016
+Ctrl.hexconstant = hexconstant:00000001aa
+Output = f48ffd6e83f83e7354e694fd252cf83bfe58f7d5ba37ec5d
+
+#Krb5 sources
+KDF = KRB5KDF
+Ctrl.cipher = cipher:DES-EDE3-CBC
+Ctrl.hexkey = hexkey:850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E
+Ctrl.hexconstant = hexconstant:0000000299
+Output = F78C496D16E6C2DAE0E0B6C24057A84C0426AEEF26FD6DCE
+
+KDF = KRB5KDF
+Ctrl.cipher = cipher:DES-EDE3-CBC
+Ctrl.hexkey = hexkey:850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E
+Ctrl.hexconstant = hexconstant:00000002AA
+Output = 5B5723D0B634CB684C3EBA5264E9A70D52E683231AD3C4CE
+
+KDF = KRB5KDF
+Ctrl.cipher = cipher:DES-EDE3-CBC
+Ctrl.hexkey = hexkey:850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E
+Ctrl.hexconstant = hexconstant:0000000255
+Output = A77C94980E9B7345A81525C423A737CE67F4CD91B6B3DA45
+
+KDF = KRB5KDF
+Ctrl.cipher = cipher:AES-128-CBC
+Ctrl.hexkey = hexkey:42263C6E89F4FC28B8DF68EE09799F15
+Ctrl.hexconstant = hexconstant:0000000299
+Output = 34280A382BC92769B2DA2F9EF066854B
+
+KDF = KRB5KDF
+Ctrl.cipher = cipher:AES-128-CBC
+Ctrl.hexkey = hexkey:42263C6E89F4FC28B8DF68EE09799F15
+Ctrl.hexconstant = hexconstant:00000002AA
+Output = 5B14FC4E250E14DDF9DCCF1AF6674F53
+
+KDF = KRB5KDF
+Ctrl.cipher = cipher:AES-128-CBC
+Ctrl.hexkey = hexkey:42263C6E89F4FC28B8DF68EE09799F15
+Ctrl.hexconstant = hexconstant:0000000255
+Output = 4ED31063621684F09AE8D89991AF3E8F
+
+KDF = KRB5KDF
+Ctrl.cipher = cipher:AES-256-CBC
+Ctrl.hexkey = hexkey:FE697B52BC0D3CE14432BA036A92E65BBB52280990A2FA27883998D72AF30161
+Ctrl.hexconstant = hexconstant:0000000299
+Output = BFAB388BDCB238E9F9C98D6A878304F04D30C82556375AC507A7A852790F4674
+
+KDF = KRB5KDF
+Ctrl.cipher = cipher:AES-256-CBC
+Ctrl.hexkey = hexkey:FE697B52BC0D3CE14432BA036A92E65BBB52280990A2FA27883998D72AF30161
+Ctrl.hexconstant = hexconstant:00000002AA
+Output = C7CFD9CD75FE793A586A542D87E0D1396F1134A104BB1A9190B8C90ADA3DDF37
+
+KDF = KRB5KDF
+Ctrl.cipher = cipher:AES-256-CBC
+Ctrl.hexkey = hexkey:FE697B52BC0D3CE14432BA036A92E65BBB52280990A2FA27883998D72AF30161
+Ctrl.hexconstant = hexconstant:0000000255
+Output = 97151B4C76945063E2EB0529DC067D97D7BBA90776D8126D91F34F3101AEA8BA
+
+#Same as the first but with no "fixup"
+KDF = KRB5KDF
+Ctrl.cipher = cipher:DES-EDE3-CBC
+Ctrl.hexkey = hexkey:dce06b1f64c857a11c3db57c51899b2cc1791008ce973b92
+Ctrl.hexconstant = hexconstant:0000000155
+Output = 935079d14490a75c3093c4a6e8c3b049c71e6ee705
diff --git a/test/recipes/30-test_evp_data/evpkdf_pbkdf2.txt b/test/recipes/30-test_evp_data/evpkdf_pbkdf2.txt
new file mode 100644
index 0000000000..3f59724072
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpkdf_pbkdf2.txt
@@ -0,0 +1,157 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title = PBKDF2 tests
+
+KDF = PBKDF2
+Ctrl.pkcs5 = pkcs5:1
+Ctrl.pass = pass:password
+Ctrl.salt = salt:salt
+Ctrl.iter = iter:1
+Ctrl.digest = digest:sha1
+Output = 0c60c80f961f0e71f3a9b524af6012062fe037a6
+
+KDF = PBKDF2
+Ctrl.pkcs5 = pkcs5:1
+Ctrl.pass = pass:password
+Ctrl.salt = salt:salt
+Ctrl.iter = iter:1
+Ctrl.digest = digest:sha256
+Output = 120fb6cffcf8b32c43e7225256c4f837a86548c92ccc35480805987cb70be17b
+
+KDF = PBKDF2
+Ctrl.pkcs5 = pkcs5:1
+Ctrl.pass = pass:password
+Ctrl.salt = salt:salt
+Ctrl.iter = iter:1
+Ctrl.digest = digest:sha512
+Output = 867f70cf1ade02cff3752599a3a53dc4af34c7a669815ae5d513554e1c8cf252c02d470a285a0501bad999bfe943c08f050235d7d68b1da55e63f73b60a57fce
+
+KDF = PBKDF2
+Ctrl.pkcs5 = pkcs5:1
+Ctrl.pass = pass:password
+Ctrl.salt = salt:salt
+Ctrl.iter = iter:2
+Ctrl.digest = digest:sha1
+Output = ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957
+
+KDF = PBKDF2
+Ctrl.pkcs5 = pkcs5:1
+Ctrl.pass = pass:password
+Ctrl.salt = salt:salt
+Ctrl.iter = iter:2
+Ctrl.digest = digest:sha256
+Output = ae4d0c95af6b46d32d0adff928f06dd02a303f8ef3c251dfd6e2d85a95474c43
+
+KDF = PBKDF2
+Ctrl.pkcs5 = pkcs5:1
+Ctrl.pass = pass:password
+Ctrl.salt = salt:salt
+Ctrl.iter = iter:2
+Ctrl.digest = digest:sha512
+Output = e1d9c16aa681708a45f5c7c4e215ceb66e011a2e9f0040713f18aefdb866d53cf76cab2868a39b9f7840edce4fef5a82be67335c77a6068e04112754f27ccf4e
+
+KDF = PBKDF2
+Ctrl.pkcs5 = pkcs5:1
+Ctrl.pass = pass:password
+Ctrl.salt = salt:salt
+Ctrl.iter = iter:4096
+Ctrl.digest = digest:sha1
+Output = 4b007901b765489abead49d926f721d065a429c1
+
+KDF = PBKDF2
+Ctrl.pkcs5 = pkcs5:1
+Ctrl.pass = pass:password
+Ctrl.salt = salt:salt
+Ctrl.iter = iter:4096
+Ctrl.digest = digest:sha256
+Output = c5e478d59288c841aa530db6845c4c8d962893a001ce4e11a4963873aa98134a
+
+KDF = PBKDF2
+Ctrl.pkcs5 = pkcs5:1
+Ctrl.pass = pass:password
+Ctrl.salt = salt:salt
+Ctrl.iter = iter:4096
+Ctrl.digest = digest:sha512
+Output = d197b1b33db0143e018b12f3d1d1479e6cdebdcc97c5c0f87f6902e072f457b5143f30602641b3d55cd335988cb36b84376060ecd532e039b742a239434af2d5
+
+KDF = PBKDF2
+Ctrl.pass = pass:passwordPASSWORDpassword
+Ctrl.salt = salt:saltSALTsaltSALTsaltSALTsaltSALTsalt
+Ctrl.iter = iter:4096
+Ctrl.digest = digest:sha1
+Output = 3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038
+
+KDF = PBKDF2
+Ctrl.pass = pass:passwordPASSWORDpassword
+Ctrl.salt = salt:saltSALTsaltSALTsaltSALTsaltSALTsalt
+Ctrl.iter = iter:4096
+Ctrl.digest = digest:sha256
+Output = 348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181c4e2a1fb8dd53e1c635518c7dac47e9
+
+KDF = PBKDF2
+Ctrl.pass = pass:passwordPASSWORDpassword
+Ctrl.salt = salt:saltSALTsaltSALTsaltSALTsaltSALTsalt
+Ctrl.iter = iter:4096
+Ctrl.digest = digest:sha512
+Output = 8c0511f4c6e597c6ac6315d8f0362e225f3c501495ba23b868c005174dc4ee71115b59f9e60cd9532fa33e0f75aefe30225c583a186cd82bd4daea9724a3d3b8
+
+KDF = PBKDF2
+Ctrl.pkcs5 = pkcs5:1
+Ctrl.hexpass = hexpass:7061737300776f7264
+Ctrl.hexsalt = hexsalt:7361006c74
+Ctrl.iter = iter:4096
+Ctrl.digest = digest:sha1
+Output = 56fa6aa75548099dcc37d7f03425e0c3
+
+KDF = PBKDF2
+Ctrl.pkcs5 = pkcs5:1
+Ctrl.hexpass = hexpass:7061737300776f7264
+Ctrl.hexsalt = hexsalt:7361006c74
+Ctrl.iter = iter:4096
+Ctrl.digest = digest:sha256
+Output = 89b69d0516f829893c696226650a8687
+
+KDF = PBKDF2
+Ctrl.pkcs5 = pkcs5:1
+Ctrl.hexpass = hexpass:7061737300776f7264
+Ctrl.hexsalt = hexsalt:7361006c74
+Ctrl.iter = iter:4096
+Ctrl.digest = digest:sha512
+Output = 9d9e9c4cd21fe4be24d5b8244c759665
+
+Title = PBKDF2 tests for empty inputs
+
+KDF = PBKDF2
+Ctrl.pkcs5 = pkcs5:1
+Ctrl.pass = pass:
+Ctrl.salt = salt:salt
+Ctrl.iter = iter:1
+Ctrl.digest = digest:sha1
+Output = a33dddc30478185515311f8752895d36ea4363a2
+
+KDF = PBKDF2
+Ctrl.pkcs5 = pkcs5:1
+Ctrl.pass = pass:
+Ctrl.salt = salt:salt
+Ctrl.iter = iter:1
+Ctrl.digest = digest:sha256
+Output = f135c27993baf98773c5cdb40a5706ce6a345cde
+
+KDF = PBKDF2
+Ctrl.pkcs5 = pkcs5:1
+Ctrl.pass = pass:
+Ctrl.salt = salt:salt
+Ctrl.iter = iter:1
+Ctrl.digest = digest:sha512
+Output = 00ef42cdbfc98d29db20976608e455567fdddf14
diff --git a/test/recipes/30-test_evp_data/evpkdf_scrypt.txt b/test/recipes/30-test_evp_data/evpkdf_scrypt.txt
new file mode 100644
index 0000000000..a7eb3a0789
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpkdf_scrypt.txt
@@ -0,0 +1,63 @@
+#
+# Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title = Scrypt tests (from draft-josefsson-id-scrypt-kdf-03 and others)
+
+KDF = id-scrypt
+Ctrl.pass = pass:
+Ctrl.salt = salt:
+Ctrl.N = n:16
+Ctrl.r = r:1
+Ctrl.p = p:1
+Output = 77d6576238657b203b19ca42c18a0497f16b4844e3074ae8dfdffa3fede21442fcd0069ded0948f8326a753a0fc81f17e8d3e0fb2e0d3628cf35e20c38d18906
+
+KDF = id-scrypt
+Ctrl.pass = pass:password
+Ctrl.salt = salt:NaCl
+Ctrl.N = n:1024
+Ctrl.r = r:8
+Ctrl.p = p:16
+Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640
+
+KDF = id-scrypt
+Ctrl.hexpass = hexpass:70617373776f7264
+Ctrl.salt = salt:NaCl
+Ctrl.N = n:1024
+Ctrl.r = r:8
+Ctrl.p = p:16
+Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640
+
+KDF = id-scrypt
+Ctrl.pass = pass:password
+Ctrl.hexsalt = hexsalt:4e61436c
+Ctrl.N = n:1024
+Ctrl.r = r:8
+Ctrl.p = p:16
+Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640
+
+KDF = id-scrypt
+Ctrl.pass = pass:pleaseletmein
+Ctrl.salt = salt:SodiumChloride
+Ctrl.N = n:16384
+Ctrl.r = r:8
+Ctrl.p = p:1
+Output = 7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887
+
+# Out of memory
+KDF = id-scrypt
+Ctrl.pass = pass:pleaseletmein
+Ctrl.salt = salt:SodiumChloride
+Ctrl.N = n:1048576
+Ctrl.r = r:8
+Ctrl.p = p:1
+Result = INTERNAL_ERROR
diff --git a/test/recipes/30-test_evp_data/evpkdf_ss.txt b/test/recipes/30-test_evp_data/evpkdf_ss.txt
new file mode 100644
index 0000000000..82c1d4e561
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpkdf_ss.txt
@@ -0,0 +1,1121 @@
+#
+# Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+# There are currently no official test vectors for Single Step KDF
+# https://github.com/patrickfav/singlestep-kdf/wiki/NIST-SP-800-56C-Rev1:-Non-Official-Test-Vectors
+
+Title = Single Step KDF tests
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:d09a6b1a472f930db4f5e6b967900744
+Ctrl.hexinfo = hexinfo:b117255ab5f1b6b96fc434b0
+Output = b5a3c52e97ae6e8c5069954354eab3c7
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:343666c0dd34b756e70f759f14c304f5
+Ctrl.hexinfo = hexinfo:722b28448d7eab85491bce09
+Output = 1003b650ddd3f0891a15166db5ec881d
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:b84acf03ab08652dd7f82fa956933261
+Ctrl.hexinfo = hexinfo:3d8773ec068c86053a918565
+Output = 1635dcd1ce698f736831b4badb68ab2b
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:8cc24ca3f1d1a8b34783780b79890430
+Ctrl.hexinfo = hexinfo:f08d4f2d9a8e6d7105c0bc16
+Output = b8e716fb84a420aed4812cd76d9700ee
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:b616905a6f7562cd2689142ce21e42a3
+Ctrl.hexinfo = hexinfo:ead310159a909da87e7b4b40
+Output = 1b9201358c50fe5d5d42907c4a9fce78
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:3f57fd3fd56199b3eb33890f7ee28180
+Ctrl.hexinfo = hexinfo:7a5056ba4fdb034c7cb6c4fe
+Output = e51ebd30a8c4b8449b0fb29d9adc11af
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:fb9fb108d104e9f662d6593fc84cde69
+Ctrl.hexinfo = hexinfo:5faf29211c1bdbf1b2696a7c
+Output = 7a3a7e670656e48c390cdd7c51e167e0
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:237a39981794f4516dccffc3dda28396
+Ctrl.hexinfo = hexinfo:62ed9528d104c241e0f66275
+Output = 0c26fc9e90e1c5c5f943428301682045
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:b9b6c45f7279218fa09894e06366a3a1
+Ctrl.hexinfo = hexinfo:0f384339670aaed4b89ecb7e
+Output = ee5fad414e32fad5d52a2bf61a7f6c72
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:08b7140e2cd0a4abd79171e4d5a71cad
+Ctrl.hexinfo = hexinfo:099211f0d8a2e02dbb5958c0
+Output = 6162f5142e057efafd2c4f2bad5985a1
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a2
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f4853
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493d
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759a
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac704
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbe
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf1050
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f3
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8b
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f22
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f227688
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abf
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e811a
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e811a568d
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e811a568d480d
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e811a568d480d9192
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:d7e6
+Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff
+Output = 31e798e9931b612a3ad1b9b1008faa8c
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:4646779d
+Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff
+Output = 139f68bcca879b490e268e569087d04d
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:d9811c81d4c6
+Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff
+Output = 914dc4f09cb633a76e6c389e04c64485
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:8838f9d99ec46f09
+Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff
+Output = 4f07dfb6f7a5bf348689e08b2e29c948
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:3e0939b33f34e779f30e
+Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff
+Output = b42c7a98c23be19d1187ff960e87557f
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:f36230cacca4d245d303058c
+Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff
+Output = 50f2068d8010d355d56c5e34aaffbc67
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:7005d32c3d4284c73c3aefc70438
+Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff
+Output = 66fd712ccf5462bbd41e89041ea7ea26
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:c01c83150b7734f8dbd6efd6f54d7365
+Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff
+Output = 5c5edb0ceda9cd0c7f1f3d9e239c67d5
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9
+Ctrl.hexinfo = hexinfo:9949
+Output = 33c83f54ed00fb1bccd2113e88550941
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9
+Ctrl.hexinfo = hexinfo:17144da6
+Output = a999c28961424cab35ec06015e8c376a
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9
+Ctrl.hexinfo = hexinfo:dffdee1062eb
+Output = 4101ad50e626ed6f957bff926dfbb7db
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9
+Ctrl.hexinfo = hexinfo:9f365043e23b4648
+Output = 4d3e4b971b88771f229df9f564984832
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9
+Ctrl.hexinfo = hexinfo:a885a0c4567ddc4f96da
+Output = bebbc30f5a83df5e9c9b57db33c0c879
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9
+Ctrl.hexinfo = hexinfo:c9d86183295bfe4c3d85f0fd
+Output = 87c947e45407db63eb94cbaa02d14e94
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9
+Ctrl.hexinfo = hexinfo:825fadce46964236a486732c5dad
+Output = 192370a85ff78e3c0245129d9b398558
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9
+Ctrl.hexinfo = hexinfo:5c0b5eb3ac9f342347d73d7a521723aa
+Output = c7b7634fd809383e87c4b1b3e728be56
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:8d7a4e7d5cf34b3f74873b862aeb33b7
+Output = 6a5594f402f74f69
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:9b208e7ee1e641fac1dff48fc1beb2d2
+Output = 556ed67e24ac0c7c46cc432da8bdb23c
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:4d2572539fed433211da28c8a0eebac3
+Output = 5a4054c59c5b92814025578f43c1b79fe84968fc284e240b
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:4e1e70c9886819a31bc29a537911add9
+Output = ddbfc440449aab4131c6d8aec08ce1496f2702241d0e27cc155c5c7c3cda75b5
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:68f144c952528e540c686dc353b766f2
+Output = 59ed66bb6f54a9688a0b891d0b2ea6743621d9e1b5cc098cf3a55e6f864f9af8a95e4d945d2f987f
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:b66c9d507c9f837fbe60b6675fdbf38b
+Output = c282787ddf421a72fc88811be81b08d0d6ab66c92d1011974aa58335a6bbbd62e9e982bfae5929865ea1d517247089d2
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:34e730b49e46c7ed2fb25975a4cccd2d
+Output = 39e76e6571cb00740260b9070accbdcc4a492c295cbef33d9e37dac21e5e9d07e0f12dc7063d2172641475d4e08b8e3712fb26a10c8376b8
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:e340d87e2d7adbc1b95ec2dbdc3b82be
+Output = a660c0037a53f76f1e7667043f5869348ad07ac0e272e615ce31f16d4ab90d4b35fe5c370c0010ce79aff45682c6fb8b97f9a05b7d40b5af3c62999a10df9c6d
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:afc4e154498d4770aa8365f6903dc83b
+Ctrl.hexinfo = hexinfo:662af20379b29d5ef813e655
+Output = f0b80d6ae4c1e19e2105a37024e35dc6
+
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA512
+Ctrl.hexsecret = hexsecret:108cf63318555c787fa578731dd4f037
+Ctrl.hexinfo = hexinfo:53191b1dd3f94d83084d61d6
+Output = 0ad475c1826da3007637970c8b92b993
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:6ee6c00d70a6cd14bd5a4e8fcfec8386
+Ctrl.hexsalt = hexsalt:532f5131e0a2fecc722f87e5aa2062cb
+Ctrl.hexinfo = hexinfo:861aa2886798231259bd0314
+Output = 13479e9a91dd20fdd757d68ffe8869fb
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:cb09b565de1ac27a50289b3704b93afd
+Ctrl.hexsalt = hexsalt:d504c1c41a499481ce88695d18ae2e8f
+Ctrl.hexinfo = hexinfo:5ed3768c2c7835943a789324
+Output = f081c0255b0cae16edc6ce1d6c9d12bc
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:98f50345fd970639a1b7935f501e1d7c
+Ctrl.hexsalt = hexsalt:3691939461247e9f74382ae4ef629b17
+Ctrl.hexinfo = hexinfo:6ddbdb1314663152c3ccc192
+Output = 56f42183ed3e287298dbbecf143f51ac
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:a72b0076221727eca4d3ef8f4d88ac96
+Ctrl.hexsalt = hexsalt:397dc6807de2c1d5ba52e03c4e6c7a19
+Ctrl.hexinfo = hexinfo:12379bd7873a7dbabe894ac8
+Output = 26c0f937e8ca337a859b6c092fe22b9a
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:0b09bf8ebe1e85a049174c521e35be64
+Ctrl.hexsalt = hexsalt:313d29bbeaa5ac9e52278f7619d29d93
+Ctrl.hexinfo = hexinfo:e2ac98de1486959bfc6363c0
+Output = 4bfdf78782a45e2a5858edb851c5783c
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:e907ad4fe811ee047af77e0c4418226a
+Ctrl.hexsalt = hexsalt:5000ef57104ca2e86a5fec5883ea4ea8
+Ctrl.hexinfo = hexinfo:c4ee443920f2b7542eee2a24
+Output = 06bfbd9571462c920a5a1b589c765383
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:608dae15fe8b906d2dc649815bdee148
+Ctrl.hexsalt = hexsalt:742cc5a02a24d09c66fd9da0d0c571f6
+Ctrl.hexinfo = hexinfo:ba60ff781e2756cba07f6524
+Output = 7f7f9e5d8f89a8edd10289f1d690f629
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:eb39e8dc7c40b906216108e2592bb6cd
+Ctrl.hexsalt = hexsalt:af9f612da575c1afc8c4afff4ced34e1
+Ctrl.hexinfo = hexinfo:84b7f0628df0cb22baaa279a
+Output = 5202576c69c6276daedf4916de250d19
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:4bac0c1a963b8cf6933beb2ad191a31e
+Ctrl.hexsalt = hexsalt:debd24d71a1a7ae77f7e3aa24d939635
+Ctrl.hexinfo = hexinfo:9e51c8593cec92c89e82439a
+Output = ecb9889f9004f80716b56c44910f160c
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:8aa41e3c8076ea01ca6789dd18709a68
+Ctrl.hexsalt = hexsalt:7c9dacc409cde7b05efdae07bd9973db
+Ctrl.hexinfo = hexinfo:52651f0f2e858bbfbacb2533
+Output = b8683c9a982e0826d659a1ab77a603d7
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d3
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d8
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d89102
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be0
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f2
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c504
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a1
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca6
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd99
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995de
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c710
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca9091
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab6
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2f355
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2f355b904
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2f355b904f9eb
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2f355b904f9eb0388
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2f355b904f9eb0388b5b7
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2f355b904f9eb0388b5b7fe19
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2f355b904f9eb0388b5b7fe193c95
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2f355b904f9eb0388b5b7fe193c9546d4
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2f355b904f9eb0388b5b7fe193c9546d45849
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
+Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
+Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
+Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2f355b904f9eb0388b5b7fe193c9546d45849133d
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:f4e1
+Ctrl.hexsalt = hexsalt:3638271ccd68a25dc24ecddd39ef3f89
+Ctrl.hexinfo = hexinfo:348a37a27ef1282f5f020dcc
+Output = 3f661ec46fcc1e110b88f33ee7dbc308
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:253554e5
+Ctrl.hexsalt = hexsalt:3638271ccd68a25dc24ecddd39ef3f89
+Ctrl.hexinfo = hexinfo:348a37a27ef1282f5f020dcc
+Output = 73ccb357554ca44967d507518262e38d
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:e10d0e0bc95b
+Ctrl.hexsalt = hexsalt:3638271ccd68a25dc24ecddd39ef3f89
+Ctrl.hexinfo = hexinfo:348a37a27ef1282f5f020dcc
+Output = c4f1cf190980b6777bb35107654b25f9
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:451f7f2c23c51326
+Ctrl.hexsalt = hexsalt:3638271ccd68a25dc24ecddd39ef3f89
+Ctrl.hexinfo = hexinfo:348a37a27ef1282f5f020dcc
+Output = ddb2d7475d00cc65bff6904b4f0b54ba
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:0f27277ee800d6cc5425
+Ctrl.hexsalt = hexsalt:3638271ccd68a25dc24ecddd39ef3f89
+Ctrl.hexinfo = hexinfo:348a37a27ef1282f5f020dcc
+Output = 1100a6049ae9d8be01ab3829754cecc2
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:20438ff1f26390dbc3a1a6d0
+Ctrl.hexsalt = hexsalt:3638271ccd68a25dc24ecddd39ef3f89
+Ctrl.hexinfo = hexinfo:348a37a27ef1282f5f020dcc
+Output = 5180382f740444ada597197f98e73e1e
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:b74a149a161546f8c20b06ac4ed4
+Ctrl.hexsalt = hexsalt:3638271ccd68a25dc24ecddd39ef3f89
+Ctrl.hexinfo = hexinfo:348a37a27ef1282f5f020dcc
+Output = 44f676e85c1b1a8bbc3d319218631ca3
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:8aa7df46b8cb3fe47228494f4e116b2c
+Ctrl.hexsalt = hexsalt:3638271ccd68a25dc24ecddd39ef3f89
+Ctrl.hexinfo = hexinfo:348a37a27ef1282f5f020dcc
+Output = ebb24413855a0a3249960d0de0f4750d
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:a678236b6ac82077b23f73a510c1d0e2
+Ctrl.hexsalt = hexsalt:46ee4f36a4167a09cde5a33b130c6e1c
+Ctrl.hexinfo = hexinfo:d851
+Output = 5dbe10ead8f81a81a29072eca4501658
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:a678236b6ac82077b23f73a510c1d0e2
+Ctrl.hexsalt = hexsalt:46ee4f36a4167a09cde5a33b130c6e1c
+Ctrl.hexinfo = hexinfo:b04da03c
+Output = 0a08d7616dcbec25a36f1936b82992ca
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:a678236b6ac82077b23f73a510c1d0e2
+Ctrl.hexsalt = hexsalt:46ee4f36a4167a09cde5a33b130c6e1c
+Ctrl.hexinfo = hexinfo:f9e8b47eade3
+Output = 84a29697445179b662d85dbc59bf8042
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:a678236b6ac82077b23f73a510c1d0e2
+Ctrl.hexsalt = hexsalt:46ee4f36a4167a09cde5a33b130c6e1c
+Ctrl.hexinfo = hexinfo:5b141bfa54fcf824
+Output = be7660c840644cec84d67d95ba7ebf2d
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:a678236b6ac82077b23f73a510c1d0e2
+Ctrl.hexsalt = hexsalt:46ee4f36a4167a09cde5a33b130c6e1c
+Ctrl.hexinfo = hexinfo:736e7ddb856f0ba14744
+Output = e3010b1fbcb02fd8baa8449ac71d0c62
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:a678236b6ac82077b23f73a510c1d0e2
+Ctrl.hexsalt = hexsalt:46ee4f36a4167a09cde5a33b130c6e1c
+Ctrl.hexinfo = hexinfo:c54320ff6e7d1a3b0b3aea00
+Output = df0ac84982999cda676e4cbf707c42f0
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:a678236b6ac82077b23f73a510c1d0e2
+Ctrl.hexsalt = hexsalt:46ee4f36a4167a09cde5a33b130c6e1c
+Ctrl.hexinfo = hexinfo:37ab143e1b4ab61d0294ea8afbc7
+Output = 93eec7f4dda18b7e710dbbd7570ebd13
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:a678236b6ac82077b23f73a510c1d0e2
+Ctrl.hexsalt = hexsalt:46ee4f36a4167a09cde5a33b130c6e1c
+Ctrl.hexinfo = hexinfo:c3146575d2c60981511e700902fc2ac1
+Output = e9125f77d699faa53d5bc48f3fc2f7d0
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:0031558fddb96e3db2e0496026302055
+Ctrl.hexsalt = hexsalt:1ae1
+Ctrl.hexinfo = hexinfo:97ed3540c7466ab27395fe79
+Output = ddf7eedcd997eca3943d4519aaf414f4
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:0031558fddb96e3db2e0496026302055
+Ctrl.hexsalt = hexsalt:3bda13b6
+Ctrl.hexinfo = hexinfo:97ed3540c7466ab27395fe79
+Output = ec783ca20501df3cacac5ab4adbc6427
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:0031558fddb96e3db2e0496026302055
+Ctrl.hexsalt = hexsalt:c792f52e5876
+Ctrl.hexinfo = hexinfo:97ed3540c7466ab27395fe79
+Output = 9303a2562e6f8c418e3fcc081b94bdcf
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:0031558fddb96e3db2e0496026302055
+Ctrl.hexsalt = hexsalt:a9b7a64840d52633
+Ctrl.hexinfo = hexinfo:97ed3540c7466ab27395fe79
+Output = aab6b0dc19bae0dd7fa02391ac3d6ef1
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:0031558fddb96e3db2e0496026302055
+Ctrl.hexsalt = hexsalt:8f62a3ec15cdf9b3522f
+Ctrl.hexinfo = hexinfo:97ed3540c7466ab27395fe79
+Output = 1516d5ed7f46474d250408b0864647cf
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:0031558fddb96e3db2e0496026302055
+Ctrl.hexsalt = hexsalt:55ed67cbdc98ed8e45214704
+Ctrl.hexinfo = hexinfo:97ed3540c7466ab27395fe79
+Output = 38bf96a3d737a84dc10a835d340b6866
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:0031558fddb96e3db2e0496026302055
+Ctrl.hexsalt = hexsalt:e4946aff3b2ab891b311234c77bc
+Ctrl.hexinfo = hexinfo:97ed3540c7466ab27395fe79
+Output = 3ddd870471ff028a63c5f1bacc7e5b5c
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:0031558fddb96e3db2e0496026302055
+Ctrl.hexsalt = hexsalt:91e8378de5348cea41f84c41e8546e34
+Ctrl.hexinfo = hexinfo:97ed3540c7466ab27395fe79
+Output = bf1eb0eab488b2393ad6a1c2eb804381
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:4ce16564db9615f75d46c6a9837af7ca
+Ctrl.hexsalt = hexsalt:6199187690823def2037e0632577c6b1
+Output = 0a102289b16cbf4b
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:2578fe1116e27e3a5e8e935e892e12eb
+Ctrl.hexsalt = hexsalt:6199187690823def2037e0632577c6b1
+Output = dd5773998893ad5a93f9819c8e798aab
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:e9dd8bd75f29661e61703346bbf2df47
+Ctrl.hexsalt = hexsalt:6199187690823def2037e0632577c6b1
+Output = 32136643daa64aaac0e2886364f157ba923d7b36ada761eb
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:e4640d3752cf48186a8ad2d7d4a81210
+Ctrl.hexsalt = hexsalt:6199187690823def2037e0632577c6b1
+Output = 6379d59efbe02576663af5efaccb9d063f596a22c8e1fed12cde7cdd7f327e88
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:3bd9a074a219d62273c3f639659a3ecd
+Ctrl.hexsalt = hexsalt:6199187690823def2037e0632577c6b1
+Output = cc45eb2ab80272c1e082b4f167ee4e086f12af3fbd0c812dda5568fea702928999cde3899cffc8a8
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:2147c0fb1c7587b22fa44ce3bf3d8f5b
+Ctrl.hexsalt = hexsalt:6199187690823def2037e0632577c6b1
+Output = 4e3a8827fcdb214686b35bfcc497ca69dccb78d3464aa4af0704ec0fba03c7bb10b9a4e31e27b1b2379a32e46935309c
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:2c2438b6321fed7a9eac200b91b3ac30
+Ctrl.hexsalt = hexsalt:6199187690823def2037e0632577c6b1
+Output = b402fda16e1c2719263be82158972c9080a7bafcbe0a3a6ede3504a3d5c8c0c0e00fe7e5f6bb3afdfa4d661b8fbe4bd7b950cfe0b2443bbd
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:0ffa4c40a822f6e3d86053aefe738eac
+Ctrl.hexsalt = hexsalt:6199187690823def2037e0632577c6b1
+Output = 0486d589aa71a603c09120fb76eeab3293eee2dc36a91b23eb954d6703ade8a7b660d920c5a6f7bf3898d0e81fbad3a680b74b33680e0cc6a16aa616d078b256
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:a801d997ed539ae9aa05d17871eb7fab
+Ctrl.hexinfo = hexinfo:03697296e42a6fdbdb24b3ec
+Output = 1a5efa3aca87c1f4
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:e9624e112f9e90e7bf8a749cf37d920c
+Ctrl.hexinfo = hexinfo:03697296e42a6fdbdb24b3ec
+Output = ee93ca3986cc43516ae4e29fd7a90ef1
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:a92acdee54a84a4564d4782d47801ec0
+Ctrl.hexinfo = hexinfo:03697296e42a6fdbdb24b3ec
+Output = 3116b87eaffaa0cc48a72e6c1574df335d706f7c860b44e9
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:e60d902e63b1a2bf5dab733cadb47b10
+Ctrl.hexinfo = hexinfo:03697296e42a6fdbdb24b3ec
+Output = 3fde6c078dd6dc65aacf62beafa39398d2b3d7cfb4b0ee4807bfc98a15330eef
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:d3b747a1d1584a0fc5aefcd4dd8ef9c3
+Ctrl.hexinfo = hexinfo:03697296e42a6fdbdb24b3ec
+Output = 2c4363597d42f9f8736e8050b4a6dd033d7ddac6f7211c4810ef74aff01f101d885767d7ae6f1d7f
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:119559a2c0a8888e9c95b9989a460d97
+Ctrl.hexinfo = hexinfo:03697296e42a6fdbdb24b3ec
+Output = 97922585f69adf484930cf22b8378c797694438502fa47e2f19f0fee97ca11451f3bc81a20c1d74964c63ab2d5df1985
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:807f375266988df5d0ae878efac424fa
+Ctrl.hexinfo = hexinfo:03697296e42a6fdbdb24b3ec
+Output = ba78ef8ab720fc583bb64581917634fca230876cc344e46b44fe61f3bdab556ee753743b78db4b16c0fcd8f987aebad15d0b7b13a10f6819
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:f7906f870b256753b5bc3ef408e47e9b
+Ctrl.hexinfo = hexinfo:03697296e42a6fdbdb24b3ec
+Output = 96bee2ae234f98c285aa970bd54c2e2891febf734bad58a91dc7a97490b6b05fe539f2156ae3acd2e661eced0d59084fda340cd1ba3daa7ca2a550d7b1c19462
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA512
+Ctrl.hexsecret = hexsecret:73b6e2ede34aae5680e2289e611ffc3a
+Ctrl.hexsalt = hexsalt:28df8439747d5a9b502e0838ca6999b2
+Ctrl.hexinfo = hexinfo:232941631fc04dd82f727a51
+Output = b0d36cd7d6b23b48ca6f89901bb784ec
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA512
+Ctrl.hexsecret = hexsecret:abb7d7554c0de41cada5826a1f79d76f
+Ctrl.hexinfo = hexinfo:a80b9061879365b1669c87a8
+Output = 71e29fff69198eca92f5180bcb281fbdaf409ec7c99ca704b1f56e782d3c4db10cb4158e6634d793a46c13bffb6bdb71a01101936ea9b20f7dbe302558b1356c
+
+Title = SSKDF Test vectors from RFC 8636 Section 8 (With precoumputed ASN.1 info)
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+Ctrl.hexinfo = hexinfo:307e300a06082b06010502030601a01f041d301ba0071b0553552e5345a110300ea003020101a10730051b036c6861a12904273025a0071b0553552e5345a11a3018a003020101a111300f1b066b72627467741b0553552e5345a22404223020a003020112a10c040aaaaaaaaaaaaaaaaaaaaaa20b0409bbbbbbbbbbbbbbbbbb
+Output = e6ab38c9413e035bb079201ed0b6b73d8d49a814a737c04ee6649614206f73ad
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+Ctrl.hexinfo = hexinfo:307e300a06082b06010502030602a01f041d301ba0071b0553552e5345a110300ea003020101a10730051b036c6861a12904273025a0071b0553552e5345a11a3018a003020101a111300f1b066b72627467741b0553552e5345a22404223020a003020112a10c040aaaaaaaaaaaaaaaaaaaaaa20b0409bbbbbbbbbbbbbbbbbb
+Output = 77ef4e48c420ae3fec75109d7981697eed5d295c90c62564f7bfd101fa9bc1d5
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA512
+Ctrl.hexsecret = hexsecret:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+Ctrl.hexinfo = hexinfo:307e300a06082b06010502030603a01f041d301ba0071b0553552e5345a110300ea003020101a10730051b036c6861a12904273025a0071b0553552e5345a11a3018a003020101a111300f1b066b72627467741b0553552e5345a22404223020a003020110a10c040aaaaaaaaaaaaaaaaaaaaaa20b0409bbbbbbbbbbbbbbbbbb
+Output = d3c78b78d75313e9a926f75dfb012363fa17fa01db
diff --git a/test/recipes/30-test_evp_data/evpkdf.txt b/test/recipes/30-test_evp_data/evpkdf_ssh.txt
similarity index 86%
rename from test/recipes/30-test_evp_data/evpkdf.txt
rename to test/recipes/30-test_evp_data/evpkdf_ssh.txt
index ac4f5e87fd..d870df7037 100644
--- a/test/recipes/30-test_evp_data/evpkdf.txt
+++ b/test/recipes/30-test_evp_data/evpkdf_ssh.txt
@@ -9,444 +9,7 @@
 # Tests start with one of these keywords
 #       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
 #       PrivPubKeyPair Sign Verify VerifyRecover
-# and continue until a blank line.  Lines starting with a pound sign,
-# like this prolog, are ignored.
-
-Title = TLS1 PRF tests (from NIST test vectors)
-
-KDF=TLS1-PRF
-Ctrl.digest = digest:MD5-SHA1
-Ctrl.Secret = hexsecret:bded7fa5c1699c010be23dd06ada3a48349f21e5f86263d512c0c5cc379f0e780ec55d9844b2f1db02a96453513568d0
-Ctrl.label = seed:master secret
-Ctrl.client_random = hexseed:e5acaf549cd25c22d964c0d930fa4b5261d2507fad84c33715b7b9a864020693
-Ctrl.server_random = hexseed:135e4d557fdf3aa6406d82975d5c606a9734c9334b42136e96990fbd5358cdb2
-Output = 2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62
-
-KDF=TLS1-PRF
-Ctrl.digest = digest:MD5-SHA1
-Ctrl.Secret = hexsecret:2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62
-Ctrl.label = seed:key expansion
-Ctrl.server_random = hexseed:67267e650eb32444119d222a368c191af3082888dc35afe8368e638c828874be
-Ctrl.client_random = hexseed:d58a7b1cd4fedaa232159df652ce188f9d997e061b9bf48e83b62990440931f6
-Output = 3088825988e77fce68d19f756e18e43eb7fe672433504feaf99b3c503d9091b164f166db301d70c9fc0870b4a94563907bee1a61fb786cb717576890bcc51cb9ead97e01d0a2fea99c953377b195205ff07b369589178796edc963fd80fdbe518a2fc1c35c18ae8d
-
-KDF=TLS1-PRF
-Ctrl.digest = digest:SHA256
-Ctrl.Secret = hexsecret:f8938ecc9edebc5030c0c6a441e213cd24e6f770a50dda07876f8d55da062bcadb386b411fd4fe4313a604fce6c17fbc
-Ctrl.label = seed:master secret
-Ctrl.client_random = hexseed:36c129d01a3200894b9179faac589d9835d58775f9b5ea3587cb8fd0364cae8c
-Ctrl.server_random = hexseed:f6c9575ed7ddd73e1f7d16eca115415812a43c2b747daaaae043abfb50053fce
-Output = 202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf
-
-KDF=TLS1-PRF
-Ctrl.digest = digest:SHA256
-Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf
-Ctrl.label = seed:key expansion
-Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868
-Ctrl.client_random = hexseed:62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616
-Output = d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928
-
-# As above but use long name for KDF
-KDF=tls1-prf
-Ctrl.digest = digest:SHA256
-Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf
-Ctrl.label = seed:key expansion
-Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868
-Ctrl.client_random = hexseed:62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616
-Output = d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928
-
-# Missing digest.
-KDF=TLS1-PRF
-Ctrl.Secret = hexsecret:01
-Ctrl.Seed = hexseed:02
-Output = 03
-Result = KDF_DERIVE_ERROR
-
-# Missing secret.
-KDF=TLS1-PRF
-Ctrl.digest = digest:MD5-SHA1
-Ctrl.Seed = hexseed:02
-Output = 03
-Result = KDF_DERIVE_ERROR
-
-Title = HKDF tests (from RFC5869 test vectors)
-
-KDF = HKDF
-Ctrl.digest = digest:SHA256
-Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
-Ctrl.salt = hexsalt:000102030405060708090a0b0c
-Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9
-Output = 3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865
-
-KDF = HKDF
-Ctrl.mode = mode:EXTRACT_ONLY
-Ctrl.digest = digest:SHA256
-Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
-Ctrl.salt = hexsalt:000102030405060708090a0b0c
-Output = 077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5
-
-KDF = HKDF
-Ctrl.mode = mode:EXPAND_ONLY
-Ctrl.digest = digest:SHA256
-Ctrl.IKM = hexkey:077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5
-Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9
-Output = 3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865
-
-KDF = HKDF
-Ctrl.digest = digest:SHA256
-Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f
-Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf
-Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
-Output = b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87
-
-KDF = HKDF
-Ctrl.mode = mode:EXTRACT_ONLY
-Ctrl.digest = digest:SHA256
-Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f
-Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf
-Output = 06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244
-
-KDF = HKDF
-Ctrl.mode = mode:EXPAND_ONLY
-Ctrl.digest = digest:SHA256
-Ctrl.IKM = hexkey:06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244
-Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
-Output = b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87
-
-KDF = HKDF
-Ctrl.digest = digest:SHA256
-Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
-Ctrl.salt = salt:
-Ctrl.info = info:
-Output = 8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8
-
-KDF = HKDF
-Ctrl.mode = mode:EXTRACT_ONLY
-Ctrl.digest = digest:SHA256
-Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
-Ctrl.salt = salt:
-Ctrl.info = info:
-Output = 19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04
-
-KDF = HKDF
-Ctrl.mode = mode:EXPAND_ONLY
-Ctrl.digest = digest:SHA256
-Ctrl.IKM = hexkey:19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04
-Ctrl.info = info:
-Output = 8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8
-
-KDF = HKDF
-Ctrl.digest = digest:SHA1
-Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b
-Ctrl.salt = hexsalt:000102030405060708090a0b0c
-Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9
-Output = 085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896
-
-KDF = HKDF
-Ctrl.mode = mode:EXTRACT_ONLY
-Ctrl.digest = digest:SHA1
-Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b
-Ctrl.salt = hexsalt:000102030405060708090a0b0c
-Output = 9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243
-
-KDF = HKDF
-Ctrl.mode = mode:EXPAND_ONLY
-Ctrl.digest = digest:SHA1
-Ctrl.IKM = hexkey:9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243
-Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9
-Output = 085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896
-
-KDF = HKDF
-Ctrl.digest = digest:SHA1
-Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f
-Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf
-Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
-Output = 0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4
-
-KDF = HKDF
-Ctrl.mode = mode:EXTRACT_ONLY
-Ctrl.digest = digest:SHA1
-Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f
-Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf
-Output = 8adae09a2a307059478d309b26c4115a224cfaf6
-
-KDF = HKDF
-Ctrl.mode = mode:EXPAND_ONLY
-Ctrl.digest = digest:SHA1
-Ctrl.IKM = hexkey:8adae09a2a307059478d309b26c4115a224cfaf6
-Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
-Output = 0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4
-
-KDF = HKDF
-Ctrl.digest = digest:SHA1
-Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
-Ctrl.salt = salt:
-Ctrl.info = info:
-Output = 0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918
-
-KDF = HKDF
-Ctrl.mode = mode:EXTRACT_ONLY
-Ctrl.digest = digest:SHA1
-Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
-Ctrl.salt = salt:
-Output = da8c8a73c7fa77288ec6f5e7c297786aa0d32d01
-
-KDF = HKDF
-Ctrl.mode = mode:EXPAND_ONLY
-Ctrl.digest = digest:SHA1
-Ctrl.IKM = hexkey:da8c8a73c7fa77288ec6f5e7c297786aa0d32d01
-Ctrl.info = info:
-Output = 0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918
-
-KDF = HKDF
-Ctrl.digest = digest:SHA1
-Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
-Ctrl.salt = salt:
-Ctrl.info = info:
-Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48
-
-KDF = HKDF
-Ctrl.mode = mode:EXTRACT_ONLY
-Ctrl.digest = digest:SHA1
-Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
-Ctrl.salt = salt:
-Output = 2adccada18779e7c2077ad2eb19d3f3e731385dd
-
-KDF = HKDF
-Ctrl.mode = mode:EXPAND_ONLY
-Ctrl.digest = digest:SHA1
-Ctrl.IKM = hexkey:2adccada18779e7c2077ad2eb19d3f3e731385dd
-Ctrl.info = info:
-Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48
-
-KDF = HKDF
-Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
-Ctrl.salt = salt:
-Ctrl.info = info:
-Output = 00
-Result = KDF_DERIVE_ERROR
-
-KDF = HKDF
-Ctrl.digest = digest:SHA1
-Ctrl.salt = salt:
-Ctrl.info = info:
-Output = 00
-Result = KDF_DERIVE_ERROR
-
-KDF = HKDF
-Ctrl.digest = digest:SHA1
-Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
-Ctrl.info = info:
-Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48
-
-KDF = HKDF
-Ctrl.digest = digest:SHA1
-Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
-Ctrl.salt = salt:
-Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48
-
-KDF = HKDF
-Ctrl.mode = mode:EXTRACT_AND_EXPAND
-Ctrl.digest = digest:SHA1
-Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
-Ctrl.salt = salt:
-Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48
-
-Title = id-scrypt tests (from draft-josefsson-id-scrypt-kdf-03 and others)
-
-KDF = id-scrypt
-Ctrl.pass = pass:
-Ctrl.salt = salt:
-Ctrl.N = n:16
-Ctrl.r = r:1
-Ctrl.p = p:1
-Output = 77d6576238657b203b19ca42c18a0497f16b4844e3074ae8dfdffa3fede21442fcd0069ded0948f8326a753a0fc81f17e8d3e0fb2e0d3628cf35e20c38d18906
-
-KDF = id-scrypt
-Ctrl.pass = pass:password
-Ctrl.salt = salt:NaCl
-Ctrl.N = n:1024
-Ctrl.r = r:8
-Ctrl.p = p:16
-Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640
-
-KDF = id-scrypt
-Ctrl.hexpass = hexpass:70617373776f7264
-Ctrl.salt = salt:NaCl
-Ctrl.N = n:1024
-Ctrl.r = r:8
-Ctrl.p = p:16
-Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640
-
-KDF = id-scrypt
-Ctrl.pass = pass:password
-Ctrl.hexsalt = hexsalt:4e61436c
-Ctrl.N = n:1024
-Ctrl.r = r:8
-Ctrl.p = p:16
-Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640
-
-KDF = id-scrypt
-Ctrl.pass = pass:pleaseletmein
-Ctrl.salt = salt:SodiumChloride
-Ctrl.N = n:16384
-Ctrl.r = r:8
-Ctrl.p = p:1
-Output = 7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887
-
-# Out of memory
-KDF = id-scrypt
-Ctrl.pass = pass:pleaseletmein
-Ctrl.salt = salt:SodiumChloride
-Ctrl.N = n:1048576
-Ctrl.r = r:8
-Ctrl.p = p:1
-Result = INTERNAL_ERROR
-
-Title = PBKDF2 tests
-
-KDF = PBKDF2
-Ctrl.pkcs5 = pkcs5:1
-Ctrl.pass = pass:password
-Ctrl.salt = salt:salt
-Ctrl.iter = iter:1
-Ctrl.digest = digest:sha1
-Output = 0c60c80f961f0e71f3a9b524af6012062fe037a6
-
-KDF = PBKDF2
-Ctrl.pkcs5 = pkcs5:1
-Ctrl.pass = pass:password
-Ctrl.salt = salt:salt
-Ctrl.iter = iter:1
-Ctrl.digest = digest:sha256
-Output = 120fb6cffcf8b32c43e7225256c4f837a86548c92ccc35480805987cb70be17b
-
-KDF = PBKDF2
-Ctrl.pkcs5 = pkcs5:1
-Ctrl.pass = pass:password
-Ctrl.salt = salt:salt
-Ctrl.iter = iter:1
-Ctrl.digest = digest:sha512
-Output = 867f70cf1ade02cff3752599a3a53dc4af34c7a669815ae5d513554e1c8cf252c02d470a285a0501bad999bfe943c08f050235d7d68b1da55e63f73b60a57fce
-
-KDF = PBKDF2
-Ctrl.pkcs5 = pkcs5:1
-Ctrl.pass = pass:password
-Ctrl.salt = salt:salt
-Ctrl.iter = iter:2
-Ctrl.digest = digest:sha1
-Output = ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957
-
-KDF = PBKDF2
-Ctrl.pkcs5 = pkcs5:1
-Ctrl.pass = pass:password
-Ctrl.salt = salt:salt
-Ctrl.iter = iter:2
-Ctrl.digest = digest:sha256
-Output = ae4d0c95af6b46d32d0adff928f06dd02a303f8ef3c251dfd6e2d85a95474c43
-
-KDF = PBKDF2
-Ctrl.pkcs5 = pkcs5:1
-Ctrl.pass = pass:password
-Ctrl.salt = salt:salt
-Ctrl.iter = iter:2
-Ctrl.digest = digest:sha512
-Output = e1d9c16aa681708a45f5c7c4e215ceb66e011a2e9f0040713f18aefdb866d53cf76cab2868a39b9f7840edce4fef5a82be67335c77a6068e04112754f27ccf4e
-
-KDF = PBKDF2
-Ctrl.pkcs5 = pkcs5:1
-Ctrl.pass = pass:password
-Ctrl.salt = salt:salt
-Ctrl.iter = iter:4096
-Ctrl.digest = digest:sha1
-Output = 4b007901b765489abead49d926f721d065a429c1
-
-KDF = PBKDF2
-Ctrl.pkcs5 = pkcs5:1
-Ctrl.pass = pass:password
-Ctrl.salt = salt:salt
-Ctrl.iter = iter:4096
-Ctrl.digest = digest:sha256
-Output = c5e478d59288c841aa530db6845c4c8d962893a001ce4e11a4963873aa98134a
-
-KDF = PBKDF2
-Ctrl.pkcs5 = pkcs5:1
-Ctrl.pass = pass:password
-Ctrl.salt = salt:salt
-Ctrl.iter = iter:4096
-Ctrl.digest = digest:sha512
-Output = d197b1b33db0143e018b12f3d1d1479e6cdebdcc97c5c0f87f6902e072f457b5143f30602641b3d55cd335988cb36b84376060ecd532e039b742a239434af2d5
-
-KDF = PBKDF2
-Ctrl.pass = pass:passwordPASSWORDpassword
-Ctrl.salt = salt:saltSALTsaltSALTsaltSALTsaltSALTsalt
-Ctrl.iter = iter:4096
-Ctrl.digest = digest:sha1
-Output = 3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038
-
-KDF = PBKDF2
-Ctrl.pass = pass:passwordPASSWORDpassword
-Ctrl.salt = salt:saltSALTsaltSALTsaltSALTsaltSALTsalt
-Ctrl.iter = iter:4096
-Ctrl.digest = digest:sha256
-Output = 348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181c4e2a1fb8dd53e1c635518c7dac47e9
-
-KDF = PBKDF2
-Ctrl.pass = pass:passwordPASSWORDpassword
-Ctrl.salt = salt:saltSALTsaltSALTsaltSALTsaltSALTsalt
-Ctrl.iter = iter:4096
-Ctrl.digest = digest:sha512
-Output = 8c0511f4c6e597c6ac6315d8f0362e225f3c501495ba23b868c005174dc4ee71115b59f9e60cd9532fa33e0f75aefe30225c583a186cd82bd4daea9724a3d3b8
-
-KDF = PBKDF2
-Ctrl.pkcs5 = pkcs5:1
-Ctrl.hexpass = hexpass:7061737300776f7264
-Ctrl.hexsalt = hexsalt:7361006c74
-Ctrl.iter = iter:4096
-Ctrl.digest = digest:sha1
-Output = 56fa6aa75548099dcc37d7f03425e0c3
-
-KDF = PBKDF2
-Ctrl.pkcs5 = pkcs5:1
-Ctrl.hexpass = hexpass:7061737300776f7264
-Ctrl.hexsalt = hexsalt:7361006c74
-Ctrl.iter = iter:4096
-Ctrl.digest = digest:sha256
-Output = 89b69d0516f829893c696226650a8687
-
-KDF = PBKDF2
-Ctrl.pkcs5 = pkcs5:1
-Ctrl.hexpass = hexpass:7061737300776f7264
-Ctrl.hexsalt = hexsalt:7361006c74
-Ctrl.iter = iter:4096
-Ctrl.digest = digest:sha512
-Output = 9d9e9c4cd21fe4be24d5b8244c759665
-
-Title = PBKDF2 tests for empty inputs
-
-KDF = PBKDF2
-Ctrl.pkcs5 = pkcs5:1
-Ctrl.pass = pass:
-Ctrl.salt = salt:salt
-Ctrl.iter = iter:1
-Ctrl.digest = digest:sha1
-Output = a33dddc30478185515311f8752895d36ea4363a2
-
-KDF = PBKDF2
-Ctrl.pkcs5 = pkcs5:1
-Ctrl.pass = pass:
-Ctrl.salt = salt:salt
-Ctrl.iter = iter:1
-Ctrl.digest = digest:sha256
-Output = f135c27993baf98773c5cdb40a5706ce6a345cde
-
-KDF = PBKDF2
-Ctrl.pkcs5 = pkcs5:1
-Ctrl.pass = pass:
-Ctrl.salt = salt:salt
-Ctrl.iter = iter:1
-Ctrl.digest = digest:sha512
-Output = 00ef42cdbfc98d29db20976608e455567fdddf14
+# and continue until a blank line. Lines starting with a pound sign are ignored.
 
 Title = SSHKDF tests (from NIST CAVS 14.1 test vectors)
 # The first one uses md instead of digest to test alias works
@@ -5302,1352 +4865,3 @@ Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245
 Ctrl.type = type:A
 Output = FF
 Result = KDF_MISMATCH
-
-#There are currently no official test vectors for Single Step KDF
-#https://github.com/patrickfav/singlestep-kdf/wiki/NIST-SP-800-56C-Rev1:-Non-Official-Test-Vectors
-Title = Single Step KDF tests
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:d09a6b1a472f930db4f5e6b967900744
-Ctrl.hexinfo = hexinfo:b117255ab5f1b6b96fc434b0
-Output = b5a3c52e97ae6e8c5069954354eab3c7
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:343666c0dd34b756e70f759f14c304f5
-Ctrl.hexinfo = hexinfo:722b28448d7eab85491bce09
-Output = 1003b650ddd3f0891a15166db5ec881d
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:b84acf03ab08652dd7f82fa956933261
-Ctrl.hexinfo = hexinfo:3d8773ec068c86053a918565
-Output = 1635dcd1ce698f736831b4badb68ab2b
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:8cc24ca3f1d1a8b34783780b79890430
-Ctrl.hexinfo = hexinfo:f08d4f2d9a8e6d7105c0bc16
-Output = b8e716fb84a420aed4812cd76d9700ee
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:b616905a6f7562cd2689142ce21e42a3
-Ctrl.hexinfo = hexinfo:ead310159a909da87e7b4b40
-Output = 1b9201358c50fe5d5d42907c4a9fce78
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:3f57fd3fd56199b3eb33890f7ee28180
-Ctrl.hexinfo = hexinfo:7a5056ba4fdb034c7cb6c4fe
-Output = e51ebd30a8c4b8449b0fb29d9adc11af
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:fb9fb108d104e9f662d6593fc84cde69
-Ctrl.hexinfo = hexinfo:5faf29211c1bdbf1b2696a7c
-Output = 7a3a7e670656e48c390cdd7c51e167e0
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:237a39981794f4516dccffc3dda28396
-Ctrl.hexinfo = hexinfo:62ed9528d104c241e0f66275
-Output = 0c26fc9e90e1c5c5f943428301682045
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:b9b6c45f7279218fa09894e06366a3a1
-Ctrl.hexinfo = hexinfo:0f384339670aaed4b89ecb7e
-Output = ee5fad414e32fad5d52a2bf61a7f6c72
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:08b7140e2cd0a4abd79171e4d5a71cad
-Ctrl.hexinfo = hexinfo:099211f0d8a2e02dbb5958c0
-Output = 6162f5142e057efafd2c4f2bad5985a1
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a2
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f4853
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493d
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759a
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac704
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbe
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf1050
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f3
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8b
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f22
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f227688
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abf
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e811a
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e811a568d
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e811a568d480d
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690
-Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b
-Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e811a568d480d9192
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:d7e6
-Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff
-Output = 31e798e9931b612a3ad1b9b1008faa8c
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:4646779d
-Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff
-Output = 139f68bcca879b490e268e569087d04d
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:d9811c81d4c6
-Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff
-Output = 914dc4f09cb633a76e6c389e04c64485
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:8838f9d99ec46f09
-Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff
-Output = 4f07dfb6f7a5bf348689e08b2e29c948
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:3e0939b33f34e779f30e
-Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff
-Output = b42c7a98c23be19d1187ff960e87557f
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:f36230cacca4d245d303058c
-Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff
-Output = 50f2068d8010d355d56c5e34aaffbc67
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:7005d32c3d4284c73c3aefc70438
-Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff
-Output = 66fd712ccf5462bbd41e89041ea7ea26
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:c01c83150b7734f8dbd6efd6f54d7365
-Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff
-Output = 5c5edb0ceda9cd0c7f1f3d9e239c67d5
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9
-Ctrl.hexinfo = hexinfo:9949
-Output = 33c83f54ed00fb1bccd2113e88550941
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9
-Ctrl.hexinfo = hexinfo:17144da6
-Output = a999c28961424cab35ec06015e8c376a
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9
-Ctrl.hexinfo = hexinfo:dffdee1062eb
-Output = 4101ad50e626ed6f957bff926dfbb7db
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9
-Ctrl.hexinfo = hexinfo:9f365043e23b4648
-Output = 4d3e4b971b88771f229df9f564984832
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9
-Ctrl.hexinfo = hexinfo:a885a0c4567ddc4f96da
-Output = bebbc30f5a83df5e9c9b57db33c0c879
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9
-Ctrl.hexinfo = hexinfo:c9d86183295bfe4c3d85f0fd
-Output = 87c947e45407db63eb94cbaa02d14e94
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9
-Ctrl.hexinfo = hexinfo:825fadce46964236a486732c5dad
-Output = 192370a85ff78e3c0245129d9b398558
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9
-Ctrl.hexinfo = hexinfo:5c0b5eb3ac9f342347d73d7a521723aa
-Output = c7b7634fd809383e87c4b1b3e728be56
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:8d7a4e7d5cf34b3f74873b862aeb33b7
-Output = 6a5594f402f74f69
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:9b208e7ee1e641fac1dff48fc1beb2d2
-Output = 556ed67e24ac0c7c46cc432da8bdb23c
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:4d2572539fed433211da28c8a0eebac3
-Output = 5a4054c59c5b92814025578f43c1b79fe84968fc284e240b
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:4e1e70c9886819a31bc29a537911add9
-Output = ddbfc440449aab4131c6d8aec08ce1496f2702241d0e27cc155c5c7c3cda75b5
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:68f144c952528e540c686dc353b766f2
-Output = 59ed66bb6f54a9688a0b891d0b2ea6743621d9e1b5cc098cf3a55e6f864f9af8a95e4d945d2f987f
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:b66c9d507c9f837fbe60b6675fdbf38b
-Output = c282787ddf421a72fc88811be81b08d0d6ab66c92d1011974aa58335a6bbbd62e9e982bfae5929865ea1d517247089d2
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:34e730b49e46c7ed2fb25975a4cccd2d
-Output = 39e76e6571cb00740260b9070accbdcc4a492c295cbef33d9e37dac21e5e9d07e0f12dc7063d2172641475d4e08b8e3712fb26a10c8376b8
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:e340d87e2d7adbc1b95ec2dbdc3b82be
-Output = a660c0037a53f76f1e7667043f5869348ad07ac0e272e615ce31f16d4ab90d4b35fe5c370c0010ce79aff45682c6fb8b97f9a05b7d40b5af3c62999a10df9c6d
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:afc4e154498d4770aa8365f6903dc83b
-Ctrl.hexinfo = hexinfo:662af20379b29d5ef813e655
-Output = f0b80d6ae4c1e19e2105a37024e35dc6
-
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA512
-Ctrl.hexsecret = hexsecret:108cf63318555c787fa578731dd4f037
-Ctrl.hexinfo = hexinfo:53191b1dd3f94d83084d61d6
-Output = 0ad475c1826da3007637970c8b92b993
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:6ee6c00d70a6cd14bd5a4e8fcfec8386
-Ctrl.hexsalt = hexsalt:532f5131e0a2fecc722f87e5aa2062cb
-Ctrl.hexinfo = hexinfo:861aa2886798231259bd0314
-Output = 13479e9a91dd20fdd757d68ffe8869fb
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:cb09b565de1ac27a50289b3704b93afd
-Ctrl.hexsalt = hexsalt:d504c1c41a499481ce88695d18ae2e8f
-Ctrl.hexinfo = hexinfo:5ed3768c2c7835943a789324
-Output = f081c0255b0cae16edc6ce1d6c9d12bc
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:98f50345fd970639a1b7935f501e1d7c
-Ctrl.hexsalt = hexsalt:3691939461247e9f74382ae4ef629b17
-Ctrl.hexinfo = hexinfo:6ddbdb1314663152c3ccc192
-Output = 56f42183ed3e287298dbbecf143f51ac
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:a72b0076221727eca4d3ef8f4d88ac96
-Ctrl.hexsalt = hexsalt:397dc6807de2c1d5ba52e03c4e6c7a19
-Ctrl.hexinfo = hexinfo:12379bd7873a7dbabe894ac8
-Output = 26c0f937e8ca337a859b6c092fe22b9a
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:0b09bf8ebe1e85a049174c521e35be64
-Ctrl.hexsalt = hexsalt:313d29bbeaa5ac9e52278f7619d29d93
-Ctrl.hexinfo = hexinfo:e2ac98de1486959bfc6363c0
-Output = 4bfdf78782a45e2a5858edb851c5783c
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:e907ad4fe811ee047af77e0c4418226a
-Ctrl.hexsalt = hexsalt:5000ef57104ca2e86a5fec5883ea4ea8
-Ctrl.hexinfo = hexinfo:c4ee443920f2b7542eee2a24
-Output = 06bfbd9571462c920a5a1b589c765383
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:608dae15fe8b906d2dc649815bdee148
-Ctrl.hexsalt = hexsalt:742cc5a02a24d09c66fd9da0d0c571f6
-Ctrl.hexinfo = hexinfo:ba60ff781e2756cba07f6524
-Output = 7f7f9e5d8f89a8edd10289f1d690f629
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:eb39e8dc7c40b906216108e2592bb6cd
-Ctrl.hexsalt = hexsalt:af9f612da575c1afc8c4afff4ced34e1
-Ctrl.hexinfo = hexinfo:84b7f0628df0cb22baaa279a
-Output = 5202576c69c6276daedf4916de250d19
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:4bac0c1a963b8cf6933beb2ad191a31e
-Ctrl.hexsalt = hexsalt:debd24d71a1a7ae77f7e3aa24d939635
-Ctrl.hexinfo = hexinfo:9e51c8593cec92c89e82439a
-Output = ecb9889f9004f80716b56c44910f160c
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:8aa41e3c8076ea01ca6789dd18709a68
-Ctrl.hexsalt = hexsalt:7c9dacc409cde7b05efdae07bd9973db
-Ctrl.hexinfo = hexinfo:52651f0f2e858bbfbacb2533
-Output = b8683c9a982e0826d659a1ab77a603d7
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d3
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d8
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d89102
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be0
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f2
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c504
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a1
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca6
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd99
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995de
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c710
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca9091
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab6
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2f355
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2f355b904
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2f355b904f9eb
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2f355b904f9eb0388
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2f355b904f9eb0388b5b7
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2f355b904f9eb0388b5b7fe19
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2f355b904f9eb0388b5b7fe193c95
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2f355b904f9eb0388b5b7fe193c9546d4
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2f355b904f9eb0388b5b7fe193c9546d45849
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:02b40d33e3f685aeae677ac344eeaf77
-Ctrl.hexsalt = hexsalt:0ad52c9357c85e4781296a36ca72039c
-Ctrl.hexinfo = hexinfo:c67c389580128f18f6cf8592
-Output = be32e7d306d891028be088f213f9f947c50420d9b5a12ca69818dd9995dedd8e6137c7104d67f2ca90915dda0ab68af2f355b904f9eb0388b5b7fe193c9546d45849133d
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:f4e1
-Ctrl.hexsalt = hexsalt:3638271ccd68a25dc24ecddd39ef3f89
-Ctrl.hexinfo = hexinfo:348a37a27ef1282f5f020dcc
-Output = 3f661ec46fcc1e110b88f33ee7dbc308
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:253554e5
-Ctrl.hexsalt = hexsalt:3638271ccd68a25dc24ecddd39ef3f89
-Ctrl.hexinfo = hexinfo:348a37a27ef1282f5f020dcc
-Output = 73ccb357554ca44967d507518262e38d
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:e10d0e0bc95b
-Ctrl.hexsalt = hexsalt:3638271ccd68a25dc24ecddd39ef3f89
-Ctrl.hexinfo = hexinfo:348a37a27ef1282f5f020dcc
-Output = c4f1cf190980b6777bb35107654b25f9
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:451f7f2c23c51326
-Ctrl.hexsalt = hexsalt:3638271ccd68a25dc24ecddd39ef3f89
-Ctrl.hexinfo = hexinfo:348a37a27ef1282f5f020dcc
-Output = ddb2d7475d00cc65bff6904b4f0b54ba
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:0f27277ee800d6cc5425
-Ctrl.hexsalt = hexsalt:3638271ccd68a25dc24ecddd39ef3f89
-Ctrl.hexinfo = hexinfo:348a37a27ef1282f5f020dcc
-Output = 1100a6049ae9d8be01ab3829754cecc2
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:20438ff1f26390dbc3a1a6d0
-Ctrl.hexsalt = hexsalt:3638271ccd68a25dc24ecddd39ef3f89
-Ctrl.hexinfo = hexinfo:348a37a27ef1282f5f020dcc
-Output = 5180382f740444ada597197f98e73e1e
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:b74a149a161546f8c20b06ac4ed4
-Ctrl.hexsalt = hexsalt:3638271ccd68a25dc24ecddd39ef3f89
-Ctrl.hexinfo = hexinfo:348a37a27ef1282f5f020dcc
-Output = 44f676e85c1b1a8bbc3d319218631ca3
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:8aa7df46b8cb3fe47228494f4e116b2c
-Ctrl.hexsalt = hexsalt:3638271ccd68a25dc24ecddd39ef3f89
-Ctrl.hexinfo = hexinfo:348a37a27ef1282f5f020dcc
-Output = ebb24413855a0a3249960d0de0f4750d
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:a678236b6ac82077b23f73a510c1d0e2
-Ctrl.hexsalt = hexsalt:46ee4f36a4167a09cde5a33b130c6e1c
-Ctrl.hexinfo = hexinfo:d851
-Output = 5dbe10ead8f81a81a29072eca4501658
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:a678236b6ac82077b23f73a510c1d0e2
-Ctrl.hexsalt = hexsalt:46ee4f36a4167a09cde5a33b130c6e1c
-Ctrl.hexinfo = hexinfo:b04da03c
-Output = 0a08d7616dcbec25a36f1936b82992ca
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:a678236b6ac82077b23f73a510c1d0e2
-Ctrl.hexsalt = hexsalt:46ee4f36a4167a09cde5a33b130c6e1c
-Ctrl.hexinfo = hexinfo:f9e8b47eade3
-Output = 84a29697445179b662d85dbc59bf8042
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:a678236b6ac82077b23f73a510c1d0e2
-Ctrl.hexsalt = hexsalt:46ee4f36a4167a09cde5a33b130c6e1c
-Ctrl.hexinfo = hexinfo:5b141bfa54fcf824
-Output = be7660c840644cec84d67d95ba7ebf2d
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:a678236b6ac82077b23f73a510c1d0e2
-Ctrl.hexsalt = hexsalt:46ee4f36a4167a09cde5a33b130c6e1c
-Ctrl.hexinfo = hexinfo:736e7ddb856f0ba14744
-Output = e3010b1fbcb02fd8baa8449ac71d0c62
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:a678236b6ac82077b23f73a510c1d0e2
-Ctrl.hexsalt = hexsalt:46ee4f36a4167a09cde5a33b130c6e1c
-Ctrl.hexinfo = hexinfo:c54320ff6e7d1a3b0b3aea00
-Output = df0ac84982999cda676e4cbf707c42f0
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:a678236b6ac82077b23f73a510c1d0e2
-Ctrl.hexsalt = hexsalt:46ee4f36a4167a09cde5a33b130c6e1c
-Ctrl.hexinfo = hexinfo:37ab143e1b4ab61d0294ea8afbc7
-Output = 93eec7f4dda18b7e710dbbd7570ebd13
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:a678236b6ac82077b23f73a510c1d0e2
-Ctrl.hexsalt = hexsalt:46ee4f36a4167a09cde5a33b130c6e1c
-Ctrl.hexinfo = hexinfo:c3146575d2c60981511e700902fc2ac1
-Output = e9125f77d699faa53d5bc48f3fc2f7d0
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:0031558fddb96e3db2e0496026302055
-Ctrl.hexsalt = hexsalt:1ae1
-Ctrl.hexinfo = hexinfo:97ed3540c7466ab27395fe79
-Output = ddf7eedcd997eca3943d4519aaf414f4
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:0031558fddb96e3db2e0496026302055
-Ctrl.hexsalt = hexsalt:3bda13b6
-Ctrl.hexinfo = hexinfo:97ed3540c7466ab27395fe79
-Output = ec783ca20501df3cacac5ab4adbc6427
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:0031558fddb96e3db2e0496026302055
-Ctrl.hexsalt = hexsalt:c792f52e5876
-Ctrl.hexinfo = hexinfo:97ed3540c7466ab27395fe79
-Output = 9303a2562e6f8c418e3fcc081b94bdcf
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:0031558fddb96e3db2e0496026302055
-Ctrl.hexsalt = hexsalt:a9b7a64840d52633
-Ctrl.hexinfo = hexinfo:97ed3540c7466ab27395fe79
-Output = aab6b0dc19bae0dd7fa02391ac3d6ef1
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:0031558fddb96e3db2e0496026302055
-Ctrl.hexsalt = hexsalt:8f62a3ec15cdf9b3522f
-Ctrl.hexinfo = hexinfo:97ed3540c7466ab27395fe79
-Output = 1516d5ed7f46474d250408b0864647cf
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:0031558fddb96e3db2e0496026302055
-Ctrl.hexsalt = hexsalt:55ed67cbdc98ed8e45214704
-Ctrl.hexinfo = hexinfo:97ed3540c7466ab27395fe79
-Output = 38bf96a3d737a84dc10a835d340b6866
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:0031558fddb96e3db2e0496026302055
-Ctrl.hexsalt = hexsalt:e4946aff3b2ab891b311234c77bc
-Ctrl.hexinfo = hexinfo:97ed3540c7466ab27395fe79
-Output = 3ddd870471ff028a63c5f1bacc7e5b5c
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:0031558fddb96e3db2e0496026302055
-Ctrl.hexsalt = hexsalt:91e8378de5348cea41f84c41e8546e34
-Ctrl.hexinfo = hexinfo:97ed3540c7466ab27395fe79
-Output = bf1eb0eab488b2393ad6a1c2eb804381
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:4ce16564db9615f75d46c6a9837af7ca
-Ctrl.hexsalt = hexsalt:6199187690823def2037e0632577c6b1
-Output = 0a102289b16cbf4b
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:2578fe1116e27e3a5e8e935e892e12eb
-Ctrl.hexsalt = hexsalt:6199187690823def2037e0632577c6b1
-Output = dd5773998893ad5a93f9819c8e798aab
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:e9dd8bd75f29661e61703346bbf2df47
-Ctrl.hexsalt = hexsalt:6199187690823def2037e0632577c6b1
-Output = 32136643daa64aaac0e2886364f157ba923d7b36ada761eb
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:e4640d3752cf48186a8ad2d7d4a81210
-Ctrl.hexsalt = hexsalt:6199187690823def2037e0632577c6b1
-Output = 6379d59efbe02576663af5efaccb9d063f596a22c8e1fed12cde7cdd7f327e88
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:3bd9a074a219d62273c3f639659a3ecd
-Ctrl.hexsalt = hexsalt:6199187690823def2037e0632577c6b1
-Output = cc45eb2ab80272c1e082b4f167ee4e086f12af3fbd0c812dda5568fea702928999cde3899cffc8a8
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:2147c0fb1c7587b22fa44ce3bf3d8f5b
-Ctrl.hexsalt = hexsalt:6199187690823def2037e0632577c6b1
-Output = 4e3a8827fcdb214686b35bfcc497ca69dccb78d3464aa4af0704ec0fba03c7bb10b9a4e31e27b1b2379a32e46935309c
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:2c2438b6321fed7a9eac200b91b3ac30
-Ctrl.hexsalt = hexsalt:6199187690823def2037e0632577c6b1
-Output = b402fda16e1c2719263be82158972c9080a7bafcbe0a3a6ede3504a3d5c8c0c0e00fe7e5f6bb3afdfa4d661b8fbe4bd7b950cfe0b2443bbd
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:0ffa4c40a822f6e3d86053aefe738eac
-Ctrl.hexsalt = hexsalt:6199187690823def2037e0632577c6b1
-Output = 0486d589aa71a603c09120fb76eeab3293eee2dc36a91b23eb954d6703ade8a7b660d920c5a6f7bf3898d0e81fbad3a680b74b33680e0cc6a16aa616d078b256
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:a801d997ed539ae9aa05d17871eb7fab
-Ctrl.hexinfo = hexinfo:03697296e42a6fdbdb24b3ec
-Output = 1a5efa3aca87c1f4
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:e9624e112f9e90e7bf8a749cf37d920c
-Ctrl.hexinfo = hexinfo:03697296e42a6fdbdb24b3ec
-Output = ee93ca3986cc43516ae4e29fd7a90ef1
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:a92acdee54a84a4564d4782d47801ec0
-Ctrl.hexinfo = hexinfo:03697296e42a6fdbdb24b3ec
-Output = 3116b87eaffaa0cc48a72e6c1574df335d706f7c860b44e9
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:e60d902e63b1a2bf5dab733cadb47b10
-Ctrl.hexinfo = hexinfo:03697296e42a6fdbdb24b3ec
-Output = 3fde6c078dd6dc65aacf62beafa39398d2b3d7cfb4b0ee4807bfc98a15330eef
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:d3b747a1d1584a0fc5aefcd4dd8ef9c3
-Ctrl.hexinfo = hexinfo:03697296e42a6fdbdb24b3ec
-Output = 2c4363597d42f9f8736e8050b4a6dd033d7ddac6f7211c4810ef74aff01f101d885767d7ae6f1d7f
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:119559a2c0a8888e9c95b9989a460d97
-Ctrl.hexinfo = hexinfo:03697296e42a6fdbdb24b3ec
-Output = 97922585f69adf484930cf22b8378c797694438502fa47e2f19f0fee97ca11451f3bc81a20c1d74964c63ab2d5df1985
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:807f375266988df5d0ae878efac424fa
-Ctrl.hexinfo = hexinfo:03697296e42a6fdbdb24b3ec
-Output = ba78ef8ab720fc583bb64581917634fca230876cc344e46b44fe61f3bdab556ee753743b78db4b16c0fcd8f987aebad15d0b7b13a10f6819
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:f7906f870b256753b5bc3ef408e47e9b
-Ctrl.hexinfo = hexinfo:03697296e42a6fdbdb24b3ec
-Output = 96bee2ae234f98c285aa970bd54c2e2891febf734bad58a91dc7a97490b6b05fe539f2156ae3acd2e661eced0d59084fda340cd1ba3daa7ca2a550d7b1c19462
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA512
-Ctrl.hexsecret = hexsecret:73b6e2ede34aae5680e2289e611ffc3a
-Ctrl.hexsalt = hexsalt:28df8439747d5a9b502e0838ca6999b2
-Ctrl.hexinfo = hexinfo:232941631fc04dd82f727a51
-Output = b0d36cd7d6b23b48ca6f89901bb784ec
-
-KDF = SSKDF
-Ctrl.mac = mac:HMAC
-Ctrl.digest = digest:SHA512
-Ctrl.hexsecret = hexsecret:abb7d7554c0de41cada5826a1f79d76f
-Ctrl.hexinfo = hexinfo:a80b9061879365b1669c87a8
-Output = 71e29fff69198eca92f5180bcb281fbdaf409ec7c99ca704b1f56e782d3c4db10cb4158e6634d793a46c13bffb6bdb71a01101936ea9b20f7dbe302558b1356c
-
-Title = SSKDF Test vectors from RFC 8636 Section 8 (With precoumputed ASN.1 info)
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
-Ctrl.hexinfo = hexinfo:307e300a06082b06010502030601a01f041d301ba0071b0553552e5345a110300ea003020101a10730051b036c6861a12904273025a0071b0553552e5345a11a3018a003020101a111300f1b066b72627467741b0553552e5345a22404223020a003020112a10c040aaaaaaaaaaaaaaaaaaaaaa20b0409bbbbbbbbbbbbbbbbbb
-Output = e6ab38c9413e035bb079201ed0b6b73d8d49a814a737c04ee6649614206f73ad
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
-Ctrl.hexinfo = hexinfo:307e300a06082b06010502030602a01f041d301ba0071b0553552e5345a110300ea003020101a10730051b036c6861a12904273025a0071b0553552e5345a11a3018a003020101a111300f1b066b72627467741b0553552e5345a22404223020a003020112a10c040aaaaaaaaaaaaaaaaaaaaaa20b0409bbbbbbbbbbbbbbbbbb
-Output = 77ef4e48c420ae3fec75109d7981697eed5d295c90c62564f7bfd101fa9bc1d5
-
-KDF = SSKDF
-Ctrl.digest = digest:SHA512
-Ctrl.hexsecret = hexsecret:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
-Ctrl.hexinfo = hexinfo:307e300a06082b06010502030603a01f041d301ba0071b0553552e5345a110300ea003020101a10730051b036c6861a12904273025a0071b0553552e5345a11a3018a003020101a111300f1b066b72627467741b0553552e5345a22404223020a003020110a10c040aaaaaaaaaaaaaaaaaaaaaa20b0409bbbbbbbbbbbbbbbbbb
-Output = d3c78b78d75313e9a926f75dfb012363fa17fa01db
-
-# Test vectors extracted from
-# https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/components/800-135testvectors/ansx963_2001.zip
-Title = X963 KDF tests (from NIST test vectors)
-
-KDF = X963KDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:fd17198b89ab39c4ab5d7cca363b82f9fd7e23c3984dc8a2
-Ctrl.hexinfo = hexinfo:856a53f3e36a26bbc5792879f307cce2
-Output = 6e5fad865cb4a51c95209b16df0cc490bc2c9064405c5bccd4ee4832a531fbe7f10cb79e2eab6ab1149fbd5a23cfdabc41242269c9df22f628c4424333855b64e95e2d4fb8469c669f17176c07d103376b10b384ec5763d8b8c610409f19aca8eb31f9d85cc61a8d6d4a03d03e5a506b78d6847e93d295ee548c65afedd2efec
-
-KDF = X963KDF
-Ctrl.digest = digest:SHA224
-Ctrl.hexsecret = hexsecret:da67a73072d521a8272c69023573012ddf9b46bff65b3900
-Ctrl.hexinfo = hexinfo:727997aed53e78f74b1d66743a4ea4d2
-Output = dfc3126c5eebf9a58d89730e8d8ff7cc772592f28c10b349b437d9d068698a22e532eae975dfaf9c5c6a9f2935eafb05353013c253444e61f07bc9ddd15948e614bdc7e445ba3b1893f42f87f18fb352d49956009a642c362d45410b43a9ab376e9261210739174759511d1f9e52f6ec73dfed446dbafaf7fd1a57113abc2e8d
-
-KDF = X963KDF
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:22518b10e70f2a3f243810ae3254139efbee04aa57c7af7d
-Ctrl.hexinfo = hexinfo:75eef81aa3041e33b80971203d2c0c52
-Output = c498af77161cc59f2962b9a713e2b215152d139766ce34a776df11866a69bf2e52a13d9c7c6fc878c50c5ea0bc7b00e0da2447cfd874f6cf92f30d0097111485500c90c3af8b487872d04685d14c8d1dc8d7fa08beb0ce0ababc11f0bd496269142d43525a78e5bc79a17f59676a5706dc54d54d4d1f0bd7e386128ec26afc21
-
-KDF = X963KDF
-Ctrl.digest = digest:SHA384
-Ctrl.hexsecret = hexsecret:d8554db1b392cd55c3fe957bed76af09c13ac2a9392f88f6
-Output = 671a46aada145162f8ddf1ca586a1cda
-
-KDF = X963KDF
-Ctrl.digest = digest:SHA384
-Ctrl.hexsecret = hexsecret:c051fd22539c9de791d6c43a854b8f80a6bf70190050854a
-Ctrl.hexinfo = hexinfo:1317504aa34759bb4c931e3b78201945
-Output = cf6a84434734ac6949e1d7976743277be789906908ad3ca3a8923da7f476abbeb574306d7243031a85566914bfd247d2519c479953d9d55b6b831e56260806c39af21b74e3ecf470e3bd8332791c8a23c13352514fdef00c2d1a408ba31b2d3f9fdcb373895484649a645d1845eec91b5bfdc5ad28c7824984482002dd4a8677
-
-KDF = X963KDF
-Ctrl.digest = digest:SHA512
-Ctrl.hexsecret = hexsecret:87fc0d8c4477485bb574f5fcea264b30885dc8d90ad82782
-Output = 947665fbb9152153ef460238506a0245
-
-KDF = X963KDF
-Ctrl.digest = digest:SHA512
-Ctrl.hexsecret = hexsecret:00aa5bb79b33e389fa58ceadc047197f14e73712f452caa9fc4c9adb369348b81507392f1a86ddfdb7c4ff8231c4bd0f44e44a1b55b1404747a9e2e753f55ef05a2d
-Ctrl.hexinfo = hexinfo:e3b5b4c1b0d5cf1d2b3a2f9937895d31
-Output = 4463f869f3cc18769b52264b0112b5858f7ad32a5a2d96d8cffabf7fa733633d6e4dd2a599acceb3ea54a6217ce0b50eef4f6b40a5c30250a5a8eeee208002267089dbf351f3f5022aa9638bf1ee419dea9c4ff745a25ac27bda33ca08bd56dd1a59b4106cf2dbbc0ab2aa8e2efa7b17902d34276951ceccab87f9661c3e8816
-
-KDF = X963KDF
-Ctrl.digest = digest:SHA512
-Ctrl.hexsecret = hexsecret:009dcd6ba5c8c803ca21f9996ca5dd86047d4ddc150fddace1b1ebe996c2007e3ee907c8ff03b9ef766e8ceb4dedf7489e5162e2278c0185e4be381bec17dd992cf8
-Ctrl.hexinfo = hexinfo:1e60e51c11a538b0ea8990d69a4c6358
-Output = 4e55036a32f32fc965046fdfbf686c108e43a69f8fc1a64ff1bd77763f2eedc8bf277d78b4ce31243e1adbe2c2d5dd59b47503b5b90b54f9d7a9a5aea49c7f0283cb64c3849a1d157000fd41ef6c1d1a5b62734e7c9a20dcfb57f2da974933f57ee619d72898d0e93d9a4254aaddf73941d6269298b4d49c0ac64a33802fe8f2
-
-KDF = X963KDF
-Ctrl.digest = digest:SHA512
-Ctrl.hexsecret = hexsecret:01bbc44314f24db4d67a2a7fb5ca3f7a5022790f5875895d448050eda5611a2f39de48e394c5a3df26208eb01f804d0a1d68eece6b6fa96d6db895e133e129094f78
-Ctrl.hexinfo = hexinfo:433e3ee77d00e4a9634efd677e2ff21b
-Output = f1255002293d5fbcf35ad0e532ae872171d11014616a2c52d7e5cb861b0251b9e505a77161c777bafc052b6525a6ecf34590605de72f13a1aff0a61a8a4a3364ebbe2f99224c13e043e497af8a26de749cd257e475b2f0e60e3b594901320a692a4af422f9636e4814b33f67d181a086265013b0d4efd9e1a94ea8a576afde66
-
-KDF = X963KDF
-Ctrl.digest = digest:SHA512
-Ctrl.hexsecret = hexsecret:01a33032a2bf6f8e9d6972dd339536c9e248ae9881844ff1bd04af48085be4ca1834f2a94ce1019dd9620d1e3a68203a5b291f40b5f8e3238a2a036312b89061cc60
-Ctrl.hexinfo = hexinfo:d3297ad6b9757d1f5a9d5b0e72176d74
-Output = 63565d1d3443620fba4218c97887ff40d6d68bf56b429c22018be5d91c318187ebe8a9399c5cc6c4a849288ab784d4340714ae3fdb426c4a83db9ce2ba8aea80d448e50ad543749b47bcaae519f7f00badd8d48296e81069104dcd293c605b08159ef2ef14c7833739d0414274136ae4db05ba4fa31b29c59de46d9be539525f
-
-KDF = X963KDF
-Ctrl.digest = digest:SHA512
-Ctrl.hexsecret = hexsecret:004b20a501776ea54cbdabffec2a664b7a93f8d67b17405a82bd9cbf3685a4659beb2deff1b6ecaa7ab187b6d4fd407f10db6992c65308410deb133be31a0de0c1c9
-Ctrl.hexinfo = hexinfo:fd5462cb37aa298e95f8e34bb49d85ca
-Output = cafcbc117317661bf15277c2881e05e345c1720b0c1c4040c33fe4a3ecf8032802642d29828a077ca91b6fac216b7a06517740c7d633c279dd2115eb7a34fd337376247219f53da32df57070f47c2e0816710080d6492e1c3e8cac818c3cfca2a3ce5cf1515f066b1815d2d2f69fa3111a9e81570963b90a536da0376c12265b
-
-KDF = X963KDF
-Ctrl.digest = digest:SHA512
-Ctrl.hexsecret = hexsecret:01fb44335b437771777f14d44e5b634c18c7f570b935228fd3073e3cbde299dfb9f4d64ad720d30e875e8c6bbe181027459c9d3f92a276a38e22faf25f208576a63f
-Ctrl.hexinfo = hexinfo:2359d18657243d61963ceca3fa93587d
-Output = 1544e54cd293e533959bdd893337f01ef0c7685a4d8d403d438b0223a7e18330c312a0f16bd819f4359fdd74ae85cc603d35e3d9cba896177452c8dee5214066fca420c3ab522a245af215beb7de52ebb0bdd15d0596b8b763cf7e25610a53efa726b899a1d9727b25ec673ee91ff2111f03cf761a7880d69625e784becfd4e0
-
-KDF = X963KDF
-Ctrl.digest = digest:SHA512
-Ctrl.hexsecret = hexsecret:0109afa3904193690d3f2c49e42d08c8c5cd2ea907a0d699c876e418e303b485374c8d6cf5a32af1491b3ea8a3503692b4a0fd78f9b4082e2a6e72345db4532d749f
-Ctrl.hexinfo = hexinfo:7c19631d3cd65915fa4789cf7b1c0979
-Output = fb60175568a66ef4202e110396663085fe2a9d6d2071e55d03c30ea499fee850c99c4e42a7227cca2eaf4d75e37dde205ae07260e84aeee6ef0819d98bd00d0ff5ba55994e7bf2a578baf2ee9aa862d94bf431fa14429010ebc30d7e602de726cdffacaeabc8541237fbc0c975abbf203c018c688ee354d07978654b90de9569
-
-KDF = X963KDF
-Ctrl.digest = digest:SHA512
-Ctrl.hexsecret = hexsecret:00632e165775f3c5b6e81d4042f809e904b8167687747638874b39ffce1993f46e8fc44e2a1c3df59563003bad3e25c85b61819e9addc0fdbe173dd4115c38f62ef6
-Ctrl.hexinfo = hexinfo:2bf0f18b7f21c4ec9c20b84c75f66b7c
-Output = c324fed01b75c37fc96703031403d5cc6857dc7ffa48192d9a10d5c69dd6274ecd0eb9a278f9e6b616c27bbf2e3e016635b311940390c52c61a4f4b3383ca6046961dbd2455ff6a982e8269864edd3cc1b1053da7daf9699c61b05f1acca7b79e68db655fd526fdc392bd36dcaf1c5b2fafb8975e318070d4bb948829ac41bb6
-
-KDF = X963KDF
-Ctrl.digest = digest:SHA512
-Ctrl.hexsecret = hexsecret:0096172bf47d06d544ae98471490cf9e52ee59ea7a2208b33b26c52d4952bb8f41b2211d3f9ff32e77ca8cc906ba8d246ff266ddf1df8f53824ccb15b8fb39724703
-Ctrl.hexinfo = hexinfo:cf3a74ba86af42f1ae85477ead645583
-Output = 995d1ab8557dfeafcb347f8182583fa0ac5e6cb3912393592590989f38a0214f6cf7d6fbe23917b0966c6a870876de2a2c13a45fa7aa1715be137ed332e1ffc204ce4dcce33ece6dec7f3da61fa049780040e44142cc8a1e5121cf56b386f65b7c261a192f05e5fefae4221a602bc51c41ef175dc45fb7eab8642421b4f7e3e7
-
-KDF = X963KDF
-Ctrl.digest = digest:SHA512
-Ctrl.hexsecret = hexsecret:0037cd001a0ad87f35ddf58ab355d6144ba2ed0749a7435dab548ba0bfbe723c047e2396b4eef99653412a92c8db74bb5c03063f2eb0525ae87356750ae3676faa86
-Ctrl.hexinfo = hexinfo:eb17da8851c41c7ac6710b1c49f324f8
-Output = 829a28b81f9e95b5f306604067499c07d5944ca034ed130d513951f7143e4e162bad8adb2833e53b8235c293cd2a809659ac7f7e392cba6a543660e5d95070c0c9e6a9cdc38123e22da61bb4cbb6ad6d1a58a069e934fc231bd9fe39a24afcbf322ccea385f0418f3b01c1edd6e7124593a1cefe3e48fcd95daaf72cfd973c59
-
-Title = X9.42 KDF tests (from RFC2631 test vectors)
-
-KDF = X942KDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:000102030405060708090a0b0c0d0e0f10111213
-Ctrl.cekalg = cekalg:id-smime-alg-CMS3DESwrap
-Output = a09661392376f7044d9052a397883246b67f5f1ef63eb5fb
-
-Title = X9.42 KDF tests (RFC3565 2.3.2 Examples)
-
-KDF = X942KDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:000102030405060708090a0b0c0d0e0f10111213
-Ctrl.cekalg = cekalg:id-aes128-wrap
-Output = d6d6b094c1027a7de6e3117294a35364
-
-KDF = X942KDF
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:000102030405060708090a0b0c0d0e0f10111213
-Ctrl.cekalg = cekalg:id-aes256-wrap
-Ctrl.hexukm = hexukm:0123456789abcdeffedcba98765432010123456789abcdeffedcba98765432010123456789abcdeffedcba98765432010123456789abcdeffedcba9876543201
-Output = 8890585C4E281A5C1167CAA530BED59B3230D893CBA8F922BD1B56A0
-
-Title = KRB5KDF tests (from RFC 3961 test vectors and krb5 sources)
-
-#RFC3961
-KDF = KRB5KDF
-Ctrl.cipher = cipher:DES-EDE3-CBC
-Ctrl.hexkey = hexkey:dce06b1f64c857a11c3db57c51899b2cc1791008ce973b92
-Ctrl.hexconstant = hexconstant:0000000155
-Output = 925179d04591a79b5d3192c4a7e9c289b049c71f6ee604cd
-
-KDF = KRB5KDF
-Ctrl.cipher = cipher:DES-EDE3-CBC
-Ctrl.hexkey = hexkey:5e13d31c70ef765746578531cb51c15bf11ca82c97cee9f2
-Ctrl.hexconstant = hexconstant:00000001aa
-Output = 9e58e5a146d9942a101c469845d67a20e3c4259ed913f207
-
-KDF = KRB5KDF
-Ctrl.cipher = cipher:DES-EDE3-CBC
-Ctrl.hexkey = hexkey:98e6fd8a04a4b6859b75a176540b9752bad3ecd610a252bc
-Ctrl.hexconstant = hexconstant:0000000155
-Output = 13fef80d763e94ec6d13fd2ca1d085070249dad39808eabf
-
-KDF = KRB5KDF
-Ctrl.cipher = cipher:DES-EDE3-CBC
-Ctrl.hexkey = hexkey:622aec25a2fe2cad7094680b7c64940280084c1a7cec92b5
-Ctrl.hexconstant = hexconstant:00000001aa
-Output = f8dfbf04b097e6d9dc0702686bcb3489d91fd9a4516b703e
-
-KDF = KRB5KDF
-Ctrl.cipher = cipher:DES-EDE3-CBC
-Ctrl.hexkey = hexkey:d3f8298ccb166438dcb9b93ee5a7629286a491f838f802fb
-Ctrl.hexconstant = hexconstant:6b65726265726f73
-Output = 2370da575d2a3da864cebfdc5204d56df779a7df43d9da43
-
-KDF = KRB5KDF
-Ctrl.cipher = cipher:DES-EDE3-CBC
-Ctrl.hexkey = hexkey:c1081649ada74362e6a1459d01dfd30d67c2234c940704da
-Ctrl.hexconstant = hexconstant:0000000155
-Output = 348057ec98fdc48016161c2a4c7a943e92ae492c989175f7
-
-KDF = KRB5KDF
-Ctrl.cipher = cipher:DES-EDE3-CBC
-Ctrl.hexkey = hexkey:5d154af238f46713155719d55e2f1f790dd661f279a7917c
-Ctrl.hexconstant = hexconstant:00000001aa
-Output = a8808ac267dada3dcbe9a7c84626fbc761c294b01315e5c1
-
-KDF = KRB5KDF
-Ctrl.cipher = cipher:DES-EDE3-CBC
-Ctrl.hexkey = hexkey:798562e049852f57dc8c343ba17f2ca1d97394efc8adc443
-Ctrl.hexconstant = hexconstant:0000000155
-Output = c813f88a3be3b334f75425ce9175fbe3c8493b89c8703b49
-
-KDF = KRB5KDF
-Ctrl.cipher = cipher:DES-EDE3-CBC
-Ctrl.hexkey = hexkey:26dce334b545292f2feab9a8701a89a4b99eb9942cecd016
-Ctrl.hexconstant = hexconstant:00000001aa
-Output = f48ffd6e83f83e7354e694fd252cf83bfe58f7d5ba37ec5d
-
-#Krb5 sources
-KDF = KRB5KDF
-Ctrl.cipher = cipher:DES-EDE3-CBC
-Ctrl.hexkey = hexkey:850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E
-Ctrl.hexconstant = hexconstant:0000000299
-Output = F78C496D16E6C2DAE0E0B6C24057A84C0426AEEF26FD6DCE
-
-KDF = KRB5KDF
-Ctrl.cipher = cipher:DES-EDE3-CBC
-Ctrl.hexkey = hexkey:850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E
-Ctrl.hexconstant = hexconstant:00000002AA
-Output = 5B5723D0B634CB684C3EBA5264E9A70D52E683231AD3C4CE
-
-KDF = KRB5KDF
-Ctrl.cipher = cipher:DES-EDE3-CBC
-Ctrl.hexkey = hexkey:850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E
-Ctrl.hexconstant = hexconstant:0000000255
-Output = A77C94980E9B7345A81525C423A737CE67F4CD91B6B3DA45
-
-KDF = KRB5KDF
-Ctrl.cipher = cipher:AES-128-CBC
-Ctrl.hexkey = hexkey:42263C6E89F4FC28B8DF68EE09799F15
-Ctrl.hexconstant = hexconstant:0000000299
-Output = 34280A382BC92769B2DA2F9EF066854B
-
-KDF = KRB5KDF
-Ctrl.cipher = cipher:AES-128-CBC
-Ctrl.hexkey = hexkey:42263C6E89F4FC28B8DF68EE09799F15
-Ctrl.hexconstant = hexconstant:00000002AA
-Output = 5B14FC4E250E14DDF9DCCF1AF6674F53
-
-KDF = KRB5KDF
-Ctrl.cipher = cipher:AES-128-CBC
-Ctrl.hexkey = hexkey:42263C6E89F4FC28B8DF68EE09799F15
-Ctrl.hexconstant = hexconstant:0000000255
-Output = 4ED31063621684F09AE8D89991AF3E8F
-
-KDF = KRB5KDF
-Ctrl.cipher = cipher:AES-256-CBC
-Ctrl.hexkey = hexkey:FE697B52BC0D3CE14432BA036A92E65BBB52280990A2FA27883998D72AF30161
-Ctrl.hexconstant = hexconstant:0000000299
-Output = BFAB388BDCB238E9F9C98D6A878304F04D30C82556375AC507A7A852790F4674
-
-KDF = KRB5KDF
-Ctrl.cipher = cipher:AES-256-CBC
-Ctrl.hexkey = hexkey:FE697B52BC0D3CE14432BA036A92E65BBB52280990A2FA27883998D72AF30161
-Ctrl.hexconstant = hexconstant:00000002AA
-Output = C7CFD9CD75FE793A586A542D87E0D1396F1134A104BB1A9190B8C90ADA3DDF37
-
-KDF = KRB5KDF
-Ctrl.cipher = cipher:AES-256-CBC
-Ctrl.hexkey = hexkey:FE697B52BC0D3CE14432BA036A92E65BBB52280990A2FA27883998D72AF30161
-Ctrl.hexconstant = hexconstant:0000000255
-Output = 97151B4C76945063E2EB0529DC067D97D7BBA90776D8126D91F34F3101AEA8BA
-
-#Same as the first but with no "fixup"
-KDF = KRB5KDF
-Ctrl.cipher = cipher:DES-EDE3-CBC
-Ctrl.hexkey = hexkey:dce06b1f64c857a11c3db57c51899b2cc1791008ce973b92
-Ctrl.hexconstant = hexconstant:0000000155
-Output = 935079d14490a75c3093c4a6e8c3b049c71e6ee705
-
diff --git a/test/recipes/30-test_evp_data/evpkdf_tls11_prf.txt b/test/recipes/30-test_evp_data/evpkdf_tls11_prf.txt
new file mode 100644
index 0000000000..6431f53b7a
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpkdf_tls11_prf.txt
@@ -0,0 +1,37 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title = TLS1 PRF tests (from NIST test vectors)
+
+KDF = TLS1-PRF
+Ctrl.digest = digest:MD5-SHA1
+Ctrl.Secret = hexsecret:bded7fa5c1699c010be23dd06ada3a48349f21e5f86263d512c0c5cc379f0e780ec55d9844b2f1db02a96453513568d0
+Ctrl.label = seed:master secret
+Ctrl.client_random = hexseed:e5acaf549cd25c22d964c0d930fa4b5261d2507fad84c33715b7b9a864020693
+Ctrl.server_random = hexseed:135e4d557fdf3aa6406d82975d5c606a9734c9334b42136e96990fbd5358cdb2
+Output = 2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62
+
+KDF = TLS1-PRF
+Ctrl.digest = digest:MD5-SHA1
+Ctrl.Secret = hexsecret:2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62
+Ctrl.label = seed:key expansion
+Ctrl.server_random = hexseed:67267e650eb32444119d222a368c191af3082888dc35afe8368e638c828874be
+Ctrl.client_random = hexseed:d58a7b1cd4fedaa232159df652ce188f9d997e061b9bf48e83b62990440931f6
+Output = 3088825988e77fce68d19f756e18e43eb7fe672433504feaf99b3c503d9091b164f166db301d70c9fc0870b4a94563907bee1a61fb786cb717576890bcc51cb9ead97e01d0a2fea99c953377b195205ff07b369589178796edc963fd80fdbe518a2fc1c35c18ae8d
+
+# Missing secret.
+KDF = TLS1-PRF
+Ctrl.digest = digest:MD5-SHA1
+Ctrl.Seed = hexseed:02
+Output = 03
+Result = KDF_DERIVE_ERROR
diff --git a/test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt b/test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt
new file mode 100644
index 0000000000..3ff4b536e4
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt
@@ -0,0 +1,46 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title = TLS12 PRF tests (from NIST test vectors)
+
+KDF = TLS1-PRF
+Ctrl.digest = digest:SHA256
+Ctrl.Secret = hexsecret:f8938ecc9edebc5030c0c6a441e213cd24e6f770a50dda07876f8d55da062bcadb386b411fd4fe4313a604fce6c17fbc
+Ctrl.label = seed:master secret
+Ctrl.client_random = hexseed:36c129d01a3200894b9179faac589d9835d58775f9b5ea3587cb8fd0364cae8c
+Ctrl.server_random = hexseed:f6c9575ed7ddd73e1f7d16eca115415812a43c2b747daaaae043abfb50053fce
+Output = 202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf
+
+KDF = TLS1-PRF
+Ctrl.digest = digest:SHA256
+Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf
+Ctrl.label = seed:key expansion
+Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868
+Ctrl.client_random = hexseed:62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616
+Output = d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928
+
+# As above but use long name for KDF
+KDF = tls1-prf
+Ctrl.digest = digest:SHA256
+Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf
+Ctrl.label = seed:key expansion
+Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868
+Ctrl.client_random = hexseed:62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616
+Output = d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928
+
+# Missing digest.
+KDF = TLS1-PRF
+Ctrl.Secret = hexsecret:01
+Ctrl.Seed = hexseed:02
+Output = 03
+Result = KDF_DERIVE_ERROR
diff --git a/test/recipes/30-test_evp_data/evpkdf_x942.txt b/test/recipes/30-test_evp_data/evpkdf_x942.txt
new file mode 100644
index 0000000000..104fa83026
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpkdf_x942.txt
@@ -0,0 +1,35 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title = X9.42 KDF tests (from RFC2631 test vectors)
+
+KDF = X942KDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:000102030405060708090a0b0c0d0e0f10111213
+Ctrl.cekalg = cekalg:id-smime-alg-CMS3DESwrap
+Output = a09661392376f7044d9052a397883246b67f5f1ef63eb5fb
+
+Title = X9.42 KDF tests (RFC3565 2.3.2 Examples)
+
+KDF = X942KDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:000102030405060708090a0b0c0d0e0f10111213
+Ctrl.cekalg = cekalg:id-aes128-wrap
+Output = d6d6b094c1027a7de6e3117294a35364
+
+KDF = X942KDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:000102030405060708090a0b0c0d0e0f10111213
+Ctrl.cekalg = cekalg:id-aes256-wrap
+Ctrl.hexukm = hexukm:0123456789abcdeffedcba98765432010123456789abcdeffedcba98765432010123456789abcdeffedcba98765432010123456789abcdeffedcba9876543201
+Output = 8890585C4E281A5C1167CAA530BED59B3230D893CBA8F922BD1B56A0
diff --git a/test/recipes/30-test_evp_data/evpkdf_x963.txt b/test/recipes/30-test_evp_data/evpkdf_x963.txt
new file mode 100644
index 0000000000..0f8920c90f
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpkdf_x963.txt
@@ -0,0 +1,112 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+
+# Test vectors extracted from
+# https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/components/800-135testvectors/ansx963_2001.zip
+
+Title = X963 KDF tests (from NIST test vectors)
+
+KDF = X963KDF
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:fd17198b89ab39c4ab5d7cca363b82f9fd7e23c3984dc8a2
+Ctrl.hexinfo = hexinfo:856a53f3e36a26bbc5792879f307cce2
+Output = 6e5fad865cb4a51c95209b16df0cc490bc2c9064405c5bccd4ee4832a531fbe7f10cb79e2eab6ab1149fbd5a23cfdabc41242269c9df22f628c4424333855b64e95e2d4fb8469c669f17176c07d103376b10b384ec5763d8b8c610409f19aca8eb31f9d85cc61a8d6d4a03d03e5a506b78d6847e93d295ee548c65afedd2efec
+
+KDF = X963KDF
+Ctrl.digest = digest:SHA224
+Ctrl.hexsecret = hexsecret:da67a73072d521a8272c69023573012ddf9b46bff65b3900
+Ctrl.hexinfo = hexinfo:727997aed53e78f74b1d66743a4ea4d2
+Output = dfc3126c5eebf9a58d89730e8d8ff7cc772592f28c10b349b437d9d068698a22e532eae975dfaf9c5c6a9f2935eafb05353013c253444e61f07bc9ddd15948e614bdc7e445ba3b1893f42f87f18fb352d49956009a642c362d45410b43a9ab376e9261210739174759511d1f9e52f6ec73dfed446dbafaf7fd1a57113abc2e8d
+
+KDF = X963KDF
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:22518b10e70f2a3f243810ae3254139efbee04aa57c7af7d
+Ctrl.hexinfo = hexinfo:75eef81aa3041e33b80971203d2c0c52
+Output = c498af77161cc59f2962b9a713e2b215152d139766ce34a776df11866a69bf2e52a13d9c7c6fc878c50c5ea0bc7b00e0da2447cfd874f6cf92f30d0097111485500c90c3af8b487872d04685d14c8d1dc8d7fa08beb0ce0ababc11f0bd496269142d43525a78e5bc79a17f59676a5706dc54d54d4d1f0bd7e386128ec26afc21
+
+KDF = X963KDF
+Ctrl.digest = digest:SHA384
+Ctrl.hexsecret = hexsecret:d8554db1b392cd55c3fe957bed76af09c13ac2a9392f88f6
+Output = 671a46aada145162f8ddf1ca586a1cda
+
+KDF = X963KDF
+Ctrl.digest = digest:SHA384
+Ctrl.hexsecret = hexsecret:c051fd22539c9de791d6c43a854b8f80a6bf70190050854a
+Ctrl.hexinfo = hexinfo:1317504aa34759bb4c931e3b78201945
+Output = cf6a84434734ac6949e1d7976743277be789906908ad3ca3a8923da7f476abbeb574306d7243031a85566914bfd247d2519c479953d9d55b6b831e56260806c39af21b74e3ecf470e3bd8332791c8a23c13352514fdef00c2d1a408ba31b2d3f9fdcb373895484649a645d1845eec91b5bfdc5ad28c7824984482002dd4a8677
+
+KDF = X963KDF
+Ctrl.digest = digest:SHA512
+Ctrl.hexsecret = hexsecret:87fc0d8c4477485bb574f5fcea264b30885dc8d90ad82782
+Output = 947665fbb9152153ef460238506a0245
+
+KDF = X963KDF
+Ctrl.digest = digest:SHA512
+Ctrl.hexsecret = hexsecret:00aa5bb79b33e389fa58ceadc047197f14e73712f452caa9fc4c9adb369348b81507392f1a86ddfdb7c4ff8231c4bd0f44e44a1b55b1404747a9e2e753f55ef05a2d
+Ctrl.hexinfo = hexinfo:e3b5b4c1b0d5cf1d2b3a2f9937895d31
+Output = 4463f869f3cc18769b52264b0112b5858f7ad32a5a2d96d8cffabf7fa733633d6e4dd2a599acceb3ea54a6217ce0b50eef4f6b40a5c30250a5a8eeee208002267089dbf351f3f5022aa9638bf1ee419dea9c4ff745a25ac27bda33ca08bd56dd1a59b4106cf2dbbc0ab2aa8e2efa7b17902d34276951ceccab87f9661c3e8816
+
+KDF = X963KDF
+Ctrl.digest = digest:SHA512
+Ctrl.hexsecret = hexsecret:009dcd6ba5c8c803ca21f9996ca5dd86047d4ddc150fddace1b1ebe996c2007e3ee907c8ff03b9ef766e8ceb4dedf7489e5162e2278c0185e4be381bec17dd992cf8
+Ctrl.hexinfo = hexinfo:1e60e51c11a538b0ea8990d69a4c6358
+Output = 4e55036a32f32fc965046fdfbf686c108e43a69f8fc1a64ff1bd77763f2eedc8bf277d78b4ce31243e1adbe2c2d5dd59b47503b5b90b54f9d7a9a5aea49c7f0283cb64c3849a1d157000fd41ef6c1d1a5b62734e7c9a20dcfb57f2da974933f57ee619d72898d0e93d9a4254aaddf73941d6269298b4d49c0ac64a33802fe8f2
+
+KDF = X963KDF
+Ctrl.digest = digest:SHA512
+Ctrl.hexsecret = hexsecret:01bbc44314f24db4d67a2a7fb5ca3f7a5022790f5875895d448050eda5611a2f39de48e394c5a3df26208eb01f804d0a1d68eece6b6fa96d6db895e133e129094f78
+Ctrl.hexinfo = hexinfo:433e3ee77d00e4a9634efd677e2ff21b
+Output = f1255002293d5fbcf35ad0e532ae872171d11014616a2c52d7e5cb861b0251b9e505a77161c777bafc052b6525a6ecf34590605de72f13a1aff0a61a8a4a3364ebbe2f99224c13e043e497af8a26de749cd257e475b2f0e60e3b594901320a692a4af422f9636e4814b33f67d181a086265013b0d4efd9e1a94ea8a576afde66
+
+KDF = X963KDF
+Ctrl.digest = digest:SHA512
+Ctrl.hexsecret = hexsecret:01a33032a2bf6f8e9d6972dd339536c9e248ae9881844ff1bd04af48085be4ca1834f2a94ce1019dd9620d1e3a68203a5b291f40b5f8e3238a2a036312b89061cc60
+Ctrl.hexinfo = hexinfo:d3297ad6b9757d1f5a9d5b0e72176d74
+Output = 63565d1d3443620fba4218c97887ff40d6d68bf56b429c22018be5d91c318187ebe8a9399c5cc6c4a849288ab784d4340714ae3fdb426c4a83db9ce2ba8aea80d448e50ad543749b47bcaae519f7f00badd8d48296e81069104dcd293c605b08159ef2ef14c7833739d0414274136ae4db05ba4fa31b29c59de46d9be539525f
+
+KDF = X963KDF
+Ctrl.digest = digest:SHA512
+Ctrl.hexsecret = hexsecret:004b20a501776ea54cbdabffec2a664b7a93f8d67b17405a82bd9cbf3685a4659beb2deff1b6ecaa7ab187b6d4fd407f10db6992c65308410deb133be31a0de0c1c9
+Ctrl.hexinfo = hexinfo:fd5462cb37aa298e95f8e34bb49d85ca
+Output = cafcbc117317661bf15277c2881e05e345c1720b0c1c4040c33fe4a3ecf8032802642d29828a077ca91b6fac216b7a06517740c7d633c279dd2115eb7a34fd337376247219f53da32df57070f47c2e0816710080d6492e1c3e8cac818c3cfca2a3ce5cf1515f066b1815d2d2f69fa3111a9e81570963b90a536da0376c12265b
+
+KDF = X963KDF
+Ctrl.digest = digest:SHA512
+Ctrl.hexsecret = hexsecret:01fb44335b437771777f14d44e5b634c18c7f570b935228fd3073e3cbde299dfb9f4d64ad720d30e875e8c6bbe181027459c9d3f92a276a38e22faf25f208576a63f
+Ctrl.hexinfo = hexinfo:2359d18657243d61963ceca3fa93587d
+Output = 1544e54cd293e533959bdd893337f01ef0c7685a4d8d403d438b0223a7e18330c312a0f16bd819f4359fdd74ae85cc603d35e3d9cba896177452c8dee5214066fca420c3ab522a245af215beb7de52ebb0bdd15d0596b8b763cf7e25610a53efa726b899a1d9727b25ec673ee91ff2111f03cf761a7880d69625e784becfd4e0
+
+KDF = X963KDF
+Ctrl.digest = digest:SHA512
+Ctrl.hexsecret = hexsecret:0109afa3904193690d3f2c49e42d08c8c5cd2ea907a0d699c876e418e303b485374c8d6cf5a32af1491b3ea8a3503692b4a0fd78f9b4082e2a6e72345db4532d749f
+Ctrl.hexinfo = hexinfo:7c19631d3cd65915fa4789cf7b1c0979
+Output = fb60175568a66ef4202e110396663085fe2a9d6d2071e55d03c30ea499fee850c99c4e42a7227cca2eaf4d75e37dde205ae07260e84aeee6ef0819d98bd00d0ff5ba55994e7bf2a578baf2ee9aa862d94bf431fa14429010ebc30d7e602de726cdffacaeabc8541237fbc0c975abbf203c018c688ee354d07978654b90de9569
+
+KDF = X963KDF
+Ctrl.digest = digest:SHA512
+Ctrl.hexsecret = hexsecret:00632e165775f3c5b6e81d4042f809e904b8167687747638874b39ffce1993f46e8fc44e2a1c3df59563003bad3e25c85b61819e9addc0fdbe173dd4115c38f62ef6
+Ctrl.hexinfo = hexinfo:2bf0f18b7f21c4ec9c20b84c75f66b7c
+Output = c324fed01b75c37fc96703031403d5cc6857dc7ffa48192d9a10d5c69dd6274ecd0eb9a278f9e6b616c27bbf2e3e016635b311940390c52c61a4f4b3383ca6046961dbd2455ff6a982e8269864edd3cc1b1053da7daf9699c61b05f1acca7b79e68db655fd526fdc392bd36dcaf1c5b2fafb8975e318070d4bb948829ac41bb6
+
+KDF = X963KDF
+Ctrl.digest = digest:SHA512
+Ctrl.hexsecret = hexsecret:0096172bf47d06d544ae98471490cf9e52ee59ea7a2208b33b26c52d4952bb8f41b2211d3f9ff32e77ca8cc906ba8d246ff266ddf1df8f53824ccb15b8fb39724703
+Ctrl.hexinfo = hexinfo:cf3a74ba86af42f1ae85477ead645583
+Output = 995d1ab8557dfeafcb347f8182583fa0ac5e6cb3912393592590989f38a0214f6cf7d6fbe23917b0966c6a870876de2a2c13a45fa7aa1715be137ed332e1ffc204ce4dcce33ece6dec7f3da61fa049780040e44142cc8a1e5121cf56b386f65b7c261a192f05e5fefae4221a602bc51c41ef175dc45fb7eab8642421b4f7e3e7
+
+KDF = X963KDF
+Ctrl.digest = digest:SHA512
+Ctrl.hexsecret = hexsecret:0037cd001a0ad87f35ddf58ab355d6144ba2ed0749a7435dab548ba0bfbe723c047e2396b4eef99653412a92c8db74bb5c03063f2eb0525ae87356750ae3676faa86
+Ctrl.hexinfo = hexinfo:eb17da8851c41c7ac6710b1c49f324f8
+Output = 829a28b81f9e95b5f306604067499c07d5944ca034ed130d513951f7143e4e162bad8adb2833e53b8235c293cd2a809659ac7f7e392cba6a543660e5d95070c0c9e6a9cdc38123e22da61bb4cbb6ad6d1a58a069e934fc231bd9fe39a24afcbf322ccea385f0418f3b01c1edd6e7124593a1cefe3e48fcd95daaf72cfd973c59
diff --git a/test/recipes/30-test_evp_data/evpmac.txt b/test/recipes/30-test_evp_data/evpmac.txt
deleted file mode 100644
index b6dc5b86e2..0000000000
--- a/test/recipes/30-test_evp_data/evpmac.txt
+++ /dev/null
@@ -1,1061 +0,0 @@
-#
-# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
-#
-# Licensed under the Apache License 2.0 (the "License").  You may not use
-# this file except in compliance with the License.  You can obtain a copy
-# in the file LICENSE in the source distribution or at
-# https://www.openssl.org/source/license.html
-
-# Tests start with one of these keywords
-#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
-#       PrivPubKeyPair Sign Verify VerifyRecover
-# and continue until a blank line.  Lines starting with a pound sign,
-# like this prolog, are ignored.
-
-# SIPHASH tests - default values: 2,4 rounds, 16-byte mac
-# There are no official test vectors, they are simple vectors 1, 2, 3, etc
-
-Title = SIPHASH tests
-
-MAC = SipHash
-Key = 000102030405060708090A0B0C0D0E0F
-Input =
-Output = a3817f04ba25a8e66df67214c7550293
-
-MAC = SipHash
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 00
-Output = da87c1d86b99af44347659119b22fc45
-
-MAC = SipHash
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 0001
-Output = 8177228da4a45dc7fca38bdef60affe4
-
-MAC = SipHash
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 000102
-Output = 9c70b60c5267a94e5f33b6b02985ed51
-
-MAC = SipHash
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 00010203
-Output = f88164c12d9c8faf7d0f6e7c7bcd5579
-
-MAC = SipHash
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 0001020304
-Output = 1368875980776f8854527a07690e9627
-
-MAC = SipHash
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 000102030405
-Output = 14eeca338b208613485ea0308fd7a15e
-
-MAC = SipHash
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 00010203040506
-Output = a1f1ebbed8dbc153c0b84aa61ff08239
-
-MAC = SipHash
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 0001020304050607
-Output = 3b62a9ba6258f5610f83e264f31497b4
-
-MAC = SipHash
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 000102030405060708
-Output = 264499060ad9baabc47f8b02bb6d71ed
-
-MAC = SipHash
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E
-Output = 5150d1772f50834a503e069a973fbd7c
-
-
-MAC = SipHash
-Key = 000102030405060708090A0B0C0D0E0F
-Input =
-Output = a3817f04ba25a8e66df67214c7550293
-
-MAC = SipHash
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 00
-Output = da87c1d86b99af44347659119b22fc45
-
-MAC = SipHash
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 0001
-Output = 8177228da4a45dc7fca38bdef60affe4
-
-MAC = SipHash
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 000102
-Output = 9c70b60c5267a94e5f33b6b02985ed51
-
-MAC = SipHash
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 00010203
-Output = f88164c12d9c8faf7d0f6e7c7bcd5579
-
-MAC = SipHash
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 0001020304
-Output = 1368875980776f8854527a07690e9627
-
-MAC = SipHash
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 000102030405
-Output = 14eeca338b208613485ea0308fd7a15e
-
-MAC = SipHash
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 00010203040506
-Output = a1f1ebbed8dbc153c0b84aa61ff08239
-
-MAC = SipHash
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 0001020304050607
-Output = 3b62a9ba6258f5610f83e264f31497b4
-
-MAC = SipHash by EVP_PKEY
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 000102030405060708
-Output = 264499060ad9baabc47f8b02bb6d71ed
-
-MAC = SipHash
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E
-Output = 5150d1772f50834a503e069a973fbd7c
-
-# SIPHASH - default values: 2,4 rounds, explicit 8-byte mac
-
-MAC = SipHash
-Ctrl = size:8
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E
-Output = 724506EB4C328A95
-
-# SIPHASH - default values: 2,4 rounds, explicit 16-byte mac
-
-MAC = SipHash
-Ctrl = size:16
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E
-Output = 5150d1772f50834a503e069a973fbd7c
-
-# SIPHASH - default values: 2,4 rounds, explicit 16-byte mac (set as 0)
-
-MAC = SipHash
-Ctrl = size:0
-Key = 000102030405060708090A0B0C0D0E0F
-Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E
-Output = 5150d1772f50834a503e069a973fbd7c
-
-# SIPHASH - default values: 2,4 rounds, explicit 13-byte mac (invalid size)
-
-MAC = SipHash
-Ctrl = size:13
-Key = 000102030405060708090A0B0C0D0E0F
-Result = MAC_BAD_PARAMS
-
-# SIPHASH - default values: 2,4 rounds, explicit 13-byte mac (invalid size)
-# by EVP_PKEY this time
-
-MAC = SipHash by EVP_PKEY
-Ctrl = size:13
-Key = 000102030405060708090A0B0C0D0E0F
-Result = EVPPKEYCTXCTRL_ERROR
-
-Title = Keyed BLAKE2 tests (Test vectors from reference implementation)
-
-MAC = BLAKE2BMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
-Input =
-Output = 10ebb67700b1868efb4417987acf4690ae9d972fb7a590c2f02871799aaa4786b5e996e8f0f4eb981fc214b005f42d2ff4233499391653df7aefcbc13fc51568
-
-MAC = BLAKE2BMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
-Input = 00
-Output = 961f6dd1e4dd30f63901690c512e78e4b45e4742ed197c3c5e45c549fd25f2e4187b0bc9fe30492b16b0d0bc4ef9b0f34c7003fac09a5ef1532e69430234cebd
-
-MAC = BLAKE2BMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
-Input = 0001
-Output = da2cfbe2d8409a0f38026113884f84b50156371ae304c4430173d08a99d9fb1b983164a3770706d537f49e0c916d9f32b95cc37a95b99d857436f0232c88a965
-
-MAC = BLAKE2BMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
-Input = 000102
-Output = 33d0825dddf7ada99b0e7e307104ad07ca9cfd9692214f1561356315e784f3e5a17e364ae9dbb14cb2036df932b77f4b292761365fb328de7afdc6d8998f5fc1
-
-MAC = BLAKE2BMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
-Input = 00010203
-Output = beaa5a3d08f3807143cf621d95cd690514d0b49efff9c91d24b59241ec0eefa5f60196d407048bba8d2146828ebcb0488d8842fd56bb4f6df8e19c4b4daab8ac
-
-MAC = BLAKE2BMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
-Input = 0001020304
-Output = 098084b51fd13deae5f4320de94a688ee07baea2800486689a8636117b46c1f4c1f6af7f74ae7c857600456a58a3af251dc4723a64cc7c0a5ab6d9cac91c20bb
-
-MAC = BLAKE2BMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
-Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9
-Output = 1085d78307b1c4b008c57a2e7e5b234658a0a82e4ff1e4aaac72b312fda0fe27d233bc5b10e9cc17fdc7697b540c7d95eb215a19a1a0e20e1abfa126efd568c7
-
-MAC = BLAKE2BMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
-Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fa
-Output = 4e5c734c7dde011d83eac2b7347b373594f92d7091b9ca34cb9c6f39bdf5a8d2f134379e16d822f6522170ccf2ddd55c84b9e6c64fc927ac4cf8dfb2a17701f2
-
-MAC = BLAKE2BMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
-Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafb
-Output = 695d83bd990a1117b3d0ce06cc888027d12a054c2677fd82f0d4fbfc93575523e7991a5e35a3752e9b70ce62992e268a877744cdd435f5f130869c9a2074b338
-
-MAC = BLAKE2BMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
-Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfc
-Output = a6213743568e3b3158b9184301f3690847554c68457cb40fc9a4b8cfd8d4a118c301a07737aeda0f929c68913c5f51c80394f53bff1c3e83b2e40ca97eba9e15
-
-MAC = BLAKE2BMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
-Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfd
-Output = d444bfa2362a96df213d070e33fa841f51334e4e76866b8139e8af3bb3398be2dfaddcbc56b9146de9f68118dc5829e74b0c28d7711907b121f9161cb92b69a9
-
-MAC = BLAKE2BMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
-Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfe
-Output = 142709d62e28fcccd0af97fad0f8465b971e82201dc51070faa0372aa43e92484be1c1e73ba10906d5d1853db6a4106e0a7bf9800d373d6dee2d46d62ef2a461
-
-MAC = BLAKE2SMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Input =
-Output = 48a8997da407876b3d79c0d92325ad3b89cbb754d86ab71aee047ad345fd2c49
-
-MAC = BLAKE2SMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Input = 00
-Output = 40d15fee7c328830166ac3f918650f807e7e01e177258cdc0a39b11f598066f1
-
-MAC = BLAKE2SMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Input = 0001
-Output = 6bb71300644cd3991b26ccd4d274acd1adeab8b1d7914546c1198bbe9fc9d803
-
-MAC = BLAKE2SMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Input = 000102
-Output = 1d220dbe2ee134661fdf6d9e74b41704710556f2f6e5a091b227697445dbea6b
-
-MAC = BLAKE2SMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Input = 00010203
-Output = f6c3fbadb4cc687a0064a5be6e791bec63b868ad62fba61b3757ef9ca52e05b2
-
-MAC = BLAKE2SMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Input = 0001020304
-Output = 49c1f21188dfd769aea0e911dd6b41f14dab109d2b85977aa3088b5c707e8598
-
-MAC = BLAKE2SMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9
-Output = 9fc5450109e1b779f6c7ae79d56c27635c8dd426c5a9d54e2578db989b8c3b4e
-
-MAC = BLAKE2SMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fa
-Output = d12bf3732ef4af5c22fa90356af8fc50fcb40f8f2ea5c8594737a3b3d5abdbd7
-
-MAC = BLAKE2SMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafb
-Output = 11030b9289bba5af65260672ab6fee88b87420acef4a1789a2073b7ec2f2a09e
-
-MAC = BLAKE2SMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfc
-Output = 69cb192b8444005c8c0ceb12c846860768188cda0aec27a9c8a55cdee2123632
-
-MAC = BLAKE2SMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfd
-Output = db444c15597b5f1a03d1f9edd16e4a9f43a667cc275175dfa2b704e3bb1a9b83
-
-MAC = BLAKE2SMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfe
-Output = 3fb735061abc519dfe979e54c1ee5bfad0a9d858b3315bad34bde999efd724dd
-
-Title = Custom keyed BLAKE2 tests
-
-MAC = BLAKE2BMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Custom = "email"
-Input = "Sample input for keylen<blocklen and custom"
-Output = fb7abee8f585b0d844a3c7db211b8f50a3a5de9bb20a560eb095d05430a60e83f3d44a84c84e8a8ef79eef694551418a05c7495d10aae051e9c63822dfa59e7c
-
-MAC = BLAKE2BMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Custom = "blockchain"
-Input = "Sample input for keylen<blocklen and custom"
-Output = b971503ceebaa26c98cb7722abaf019d74138d92ff5d82f91a7473ec641ae6811148bc1edbe9db9030fd9a8a965d7f35492d79f602be81f6e2d9b84abc819c62
-
-MAC = BLAKE2BMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Salt = a3a5de9b8fcccd0a560eb095a3638bb1
-Input = "Sample input for keylen<blocklen and salt"
-Output = a57e6f23123be251f4e8cd04d4313e50bfa2ed5a28a3685dc86398da78503d54a169faabcc186037418636af20718f20797fb883b83ab98f5b2d17ce185b615e
-
-MAC = BLAKE2BMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Salt = b4a5b8cd0a009561
-Input = "Sample input for keylen<blocklen and salt"
-Output = 709ee3733b179658d326fda6692e6761068d0044895252615bd2a19a14ad4da1ee6ddf613bdf1ae805f97809a140837640c4ce2fece1831b3ccd07544b0d36ab
-
-MAC = BLAKE2BMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Custom = "application"
-Salt = 000102030405060708090a0b0c0d0e0f
-Input = "Sample input for keylen<blocklen, salt and custom"
-Output = 233a6c732212f4813ec4c9f357e35297e59a652fd24155205f00363f7c54734ee1e8c7329d92116cbec62db35ebb5d51f9e5c2ba41789b84ac9ebc266918e524
-
-MAC = BLAKE2BMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Ctrl = size:128
-Result = MAC_BAD_PARAMS
-
-MAC = BLAKE2BMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Input = "Sample input for outlen<digest_length"
-Ctrl = size:1
-Output = 2a
-
-MAC = BLAKE2BMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Input = "Sample input for outlen<digest_length"
-Ctrl = size:32
-Output = 7fa43c7735fcacad9fce2b44bef37dba6501ab48c9397bedb5562a682e519793
-
-MAC = BLAKE2BMAC
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Input = "Combo input with outlen, custom and salt"
-Custom = "application"
-Salt = 000102030405060708090a0b0c0d0e0f
-Ctrl = size:32
-Output = 51742fc491171eaf6b9459c8b93a44bbf8f44a0b4869a17fa178c8209918ad96
-
-MAC = BLAKE2SMAC
-Key = 000102030405060708090a0b0c0d0e0f
-Custom = "email"
-Input = "Sample input for keylen<blocklen and custom"
-Output = 099619607617f8767b278d6d76216b91794ea372c9fd3733a4a36e995a767987
-
-MAC = BLAKE2SMAC
-Key = 000102030405060708090a0b0c0d0e0f
-Custom = "database"
-Input = "Sample input for keylen<blocklen and custom"
-Output = afa468ff12d922c1bfdfe26b7d74f1041e7708e83ee7e128ce878f93e2852ad0
-
-MAC = BLAKE2SMAC
-Key = 000102030405060708090a0b0c0d0e0f
-Salt = a205819e78d6d762
-Input = "Sample input for keylen<blocklen and salt"
-Output = 29f7d780009ef8f001ec44088622f0752f6c360cda40e3c2181c4f7eacdd9dc6
-
-MAC = BLAKE2SMAC
-Key = 000102030405060708090a0b0c0d0e0f
-Salt = d6e437b2
-Input = "Sample input for keylen<blocklen and salt"
-Output = aa9dbb8bbad89ea35467f1ff995521121989eb6439f1263e04e87d63a9c2ef28
-
-MAC = BLAKE2SMAC
-Key = 000102030405060708090a0b0c0d0e0f
-Custom = "app"
-Salt = a205819e78d6d762
-Input = "Sample input for keylen<blocklen, salt and custom"
-Output = e9f7704dfe5080a4aafe62a806f53ea7f98ffc24175164158f18ec5497b961f5
-
-MAC = BLAKE2SMAC
-Key = 000102030405060708090a0b0c0d0e0f
-Ctrl = size:64
-Result = MAC_BAD_PARAMS
-
-MAC = BLAKE2SMAC
-Key = 000102030405060708090a0b0c0d0e0f
-Ctrl = size:16
-Input = "Sample input for outlen<digest_length"
-Output = a09fb3d513efc3ed58dd1264de3c59f5
-
-MAC = BLAKE2SMAC
-Key = 000102030405060708090a0b0c0d0e0f
-Ctrl = size:16
-Custom = "app"
-Salt = 0001020304050607
-Input = "Combo input with outlen, custom and salt"
-Output = 6808d8daae537a16bf00e837010969a4
-
-Title = HMAC tests (from RFC2104 and others)
-
-MAC = HMAC
-Algorithm = MD5
-Key = 0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
-Input = "Hi There"
-Output = 9294727a3638bb1c13f48ef8158bfc9d
-
-MAC = HMAC
-Algorithm = MD5
-Key = "Jefe"
-Input = "what do ya want for nothing?"
-Output = 750c783e6ab0b503eaa86e310a5db738
-
-MAC = HMAC
-Algorithm = MD5
-Key = AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-Input = DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD
-Output = 56be34521d144c88dbb8c733f0e8b3f6
-
-Title = SHA1
-
-# HMAC tests from NIST test data
-
-MAC = HMAC
-Algorithm = SHA1
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
-Output = 5FD596EE78D5553C8FF4E72D266DFD192366DA29
-
-MAC = HMAC
-Algorithm = SHA1
-Input = "Sample message for keylen<blocklen"
-Key = 000102030405060708090A0B0C0D0E0F10111213
-Output = 4C99FF0CB1B31BD33F8431DBAF4D17FCD356A807
-
-MAC = HMAC
-Algorithm = SHA1
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
-Output = 2D51B2F7750E410584662E38F133435F4C4FD42A
-
-Title = SHA2
-
-MAC = HMAC
-Algorithm = SHA224
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
-Output = C7405E3AE058E8CD30B08B4140248581ED174CB34E1224BCC1EFC81B
-
-MAC = HMAC
-Algorithm = SHA224
-Input = "Sample message for keylen<blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B
-Output = E3D249A8CFB67EF8B7A169E9A0A599714A2CECBA65999A51BEB8FBBE
-
-MAC = HMAC
-Algorithm = SHA224
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
-Output = 91C52509E5AF8531601AE6230099D90BEF88AAEFB961F4080ABC014D
-
-MAC = HMAC
-Algorithm = SHA256
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
-Output = 8BB9A1DB9806F20DF7F77B82138C7914D174D59E13DC4D0169C9057B133E1D62
-
-MAC = HMAC
-Algorithm = SHA256
-Input = "Sample message for keylen<blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
-Output = A28CF43130EE696A98F14A37678B56BCFCBDD9E5CF69717FECF5480F0EBDF790
-
-MAC = HMAC
-Algorithm = SHA256
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
-Output = BDCCB6C72DDEADB500AE768386CB38CC41C63DBB0878DDB9C7A38A431B78378D
-
-MAC = HMAC
-Algorithm = SHA384
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
-Output = 63C5DAA5E651847CA897C95814AB830BEDEDC7D25E83EEF9195CD45857A37F448947858F5AF50CC2B1B730DDF29671A9
-
-MAC = HMAC
-Algorithm = SHA384
-Input = "Sample message for keylen<blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F
-Output = 6EB242BDBB582CA17BEBFA481B1E23211464D2B7F8C20B9FF2201637B93646AF5AE9AC316E98DB45D9CAE773675EEED0
-
-MAC = HMAC
-Algorithm = SHA384
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
-Output = 5B664436DF69B0CA22551231A3F0A3D5B4F97991713CFA84BFF4D0792EFF96C27DCCBBB6F79B65D548B40E8564CEF594
-
-MAC = HMAC
-Algorithm = SHA512
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
-Output = FC25E240658CA785B7A811A8D3F7B4CA48CFA26A8A366BF2CD1F836B05FCB024BD36853081811D6CEA4216EBAD79DA1CFCB95EA4586B8A0CE356596A55FB1347
-
-MAC = HMAC
-Algorithm = SHA512
-Input = "Sample message for keylen<blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
-Output = FD44C18BDA0BB0A6CE0E82B031BF2818F6539BD56EC00BDC10A8A2D730B3634DE2545D639B0F2CF710D0692C72A1896F1F211C2B922D1A96C392E07E7EA9FEDC
-
-MAC = HMAC
-Algorithm = SHA512
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
-Output = D93EC8D2DE1AD2A9957CB9B83F14E76AD6B5E0CCE285079A127D3B14BCCB7AA7286D4AC0D4CE64215F2BC9E6870B33D97438BE4AAA20CDA5C5A912B48B8E27F3
-
-Title = SHA3
-
-# NIST's test vectors
-
-MAC = HMAC
-Algorithm = SHA3-224
-Input = "Sample message for keylen<blocklen"
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b
-Output = 332cfd59347fdb8e576e77260be4aba2d6dc53117b3bfb52c6d18c04
-
-MAC = HMAC
-Algorithm = SHA3-224
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f
-Output = d8b733bcf66c644a12323d564e24dcf3fc75f231f3b67968359100c7
-
-MAC = HMAC
-Algorithm = SHA3-224
-Input = "Sample message for keylen>blocklen"
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaab
-Output = 078695eecc227c636ad31d063a15dd05a7e819a66ec6d8de1e193e59
-
-MAC = HMAC
-Algorithm = SHA3-256
-Input = "Sample message for keylen<blocklen"
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Output = 4fe8e202c4f058e8dddc23d8c34e467343e23555e24fc2f025d598f558f67205
-
-MAC = HMAC
-Algorithm = SHA3-256
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f8081828384858687
-Output = 68b94e2e538a9be4103bebb5aa016d47961d4d1aa906061313b557f8af2c3faa
-
-MAC = HMAC
-Algorithm = SHA3-256
-Input = "Sample message for keylen>blocklen"
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7
-Output = 9bcf2c238e235c3ce88404e813bd2f3a97185ac6f238c63d6229a00b07974258
-
-MAC = HMAC
-Algorithm = SHA3-384
-Input = "Sample message for keylen<blocklen"
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f
-Output = d588a3c51f3f2d906e8298c1199aa8ff6296218127f6b38a90b6afe2c5617725bc99987f79b22a557b6520db710b7f42
-
-MAC = HMAC
-Algorithm = SHA3-384
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f6061626364656667
-Output = a27d24b592e8c8cbf6d4ce6fc5bf62d8fc98bf2d486640d9eb8099e24047837f5f3bffbe92dcce90b4ed5b1e7e44fa90
-
-MAC = HMAC
-Algorithm = SHA3-384
-Input = "Sample message for keylen>blocklen"
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f9091929394959697
-Output = e5ae4c739f455279368ebf36d4f5354c95aa184c899d3870e460ebc288ef1f9470053f73f7c6da2a71bcaec38ce7d6ac
-
-MAC = HMAC
-Algorithm = SHA3-512
-Input = "Sample message for keylen<blocklen"
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
-Output = 4efd629d6c71bf86162658f29943b1c308ce27cdfa6db0d9c3ce81763f9cbce5f7ebe9868031db1a8f8eb7b6b95e5c5e3f657a8996c86a2f6527e307f0213196
-
-MAC = HMAC
-Algorithm = SHA3-512
-Input = "Sample message for keylen=blocklen"
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f4041424344454647
-Output = 544e257ea2a3e5ea19a590e6a24b724ce6327757723fe2751b75bf007d80f6b360744bf1b7a88ea585f9765b47911976d3191cf83c039f5ffab0d29cc9d9b6da
-
-MAC = HMAC by EVP_PKEY
-Algorithm = SHA3-512
-Input = "Sample message for keylen>blocklen"
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f8081828384858687
-Output = 5f464f5e5b7848e3885e49b2c385f0694985d0e38966242dc4a5fe3fea4b37d46b65ceced5dcf59438dd840bab22269f0ba7febdb9fcf74602a35666b2a32915
-
-Title = HMAC self generated tests
-
-MAC = HMAC
-Algorithm = SHAKE128
-Input = "Test that SHAKE128 fails"
-Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Result = MAC_BAD_PARAMS
-
-
-Title = CMAC tests (from FIPS module)
-
-MAC = CMAC
-Algorithm = AES-128-CBC
-Key = 77A77FAF290C1FA30C683DF16BA7A77B
-Input = 020683E1F0392F4CAC54318B6029259E9C553DBC4B6AD998E64D58E4E7DC2E13
-Output = FBFEA41BF9740CB501F1292C21CEBB40
-
-MAC = CMAC by EVP_PKEY
-Algorithm = AES-192-CBC
-Key = 7B32391369AA4CA97558095BE3C3EC862BD057CEF1E32D62
-Input =
-Output = E4D9340B03E67DEFD4969CC1ED3735E6
-
-MAC = CMAC
-Algorithm = AES-256-CBC
-Key = 0B122AC8F34ED1FE082A3625D157561454167AC145A10BBF77C6A70596D574F1
-Input = 498B53FDEC87EDCBF07097DCCDE93A084BAD7501A224E388DF349CE18959FE8485F8AD1537F0D896EA73BEDC7214713F
-Output = F62C46329B41085625669BAF51DEA66A
-
-MAC = CMAC
-Algorithm = DES-EDE3-CBC
-Key = 89BCD952A8C8AB371AF48AC7D07085D5EFF702E6D62CDC23
-Input = FA620C1BBE97319E9A0CF0492121F7A20EB08A6A709DCBD00AAF38E4F99E754E
-Output = 8F49A1B7D6AA2258
-
-MAC = CMAC by EVP_PKEY
-Algorithm = DES-EDE3-CBC
-Key = 89BCD952A8C8AB371AF48AC7D07085D5EFF702E6D62CDC23
-Input = FA620C1BBE97319E9A0CF0492121F7A20EB08A6A709DCBD00AAF38E4F99E754E
-Output = 8F49A1B7D6AA2258
-
-Title = GMAC Tests (from NIST)
-
-MAC = GMAC
-Algorithm = AES-128-GCM
-Key = 77BE63708971C4E240D1CB79E8D77FEB
-IV = E0E00F19FED7BA0136A797F3
-Input = 7A43EC1D9C0A5A78A0B16533A6213CAB
-Output = 209FCC8D3675ED938E9C7166709DD946
-
-Title = GMAC Tests (from http://www.ieee802.org/1/files/public/docs2011/bn-randall-test-vectors-0511-v1.pdf)
-
-MAC = GMAC
-Algorithm = AES-128-GCM
-Key = AD7A2BD03EAC835A6F620FDCB506B345
-IV = 12153524C0895E81B2C28465
-Input = D609B1F056637A0D46DF998D88E5222AB2C2846512153524C0895E8108000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30313233340001
-Output = F09478A9B09007D06F46E9B6A1DA25DD
-
-MAC = GMAC
-Algorithm = AES-256-GCM
-Key = E3C08A8F06C6E3AD95A70557B23F75483CE33021A9C72B7025666204C69C0B72
-IV = 12153524C0895E81B2C28465
-Input = D609B1F056637A0D46DF998D88E5222AB2C2846512153524C0895E8108000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30313233340001
-Output = 2F0BC5AF409E06D609EA8B7D0FA5EA50
-
-MAC = GMAC
-Algorithm = AES-128-GCM
-Key = 071B113B0CA743FECCCF3D051F737382
-IV = F0761E8DCD3D000176D457ED
-Input = E20106D7CD0DF0761E8DCD3D88E5400076D457ED08000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A0003
-Output = 0C017BC73B227DFCC9BAFA1C41ACC353
-
-MAC = GMAC
-Algorithm = AES-256-GCM
-Key = 691D3EE909D7F54167FD1CA0B5D769081F2BDE1AEE655FDBAB80BD5295AE6BE7
-IV = F0761E8DCD3D000176D457ED
-Input = E20106D7CD0DF0761E8DCD3D88E5400076D457ED08000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A0003
-Output = 35217C774BBC31B63166BCF9D4ABED07
-
-MAC = GMAC
-Algorithm = AES-128-GCM
-Key = 013FE00B5F11BE7F866D0CBBC55A7A90
-IV = 7CFDE9F9E33724C68932D612
-Input = 84C5D513D2AAF6E5BBD2727788E523008932D6127CFDE9F9E33724C608000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F0005
-Output = 217867E50C2DAD74C28C3B50ABDF695A
-
-MAC = GMAC
-Algorithm = AES-256-GCM
-Key = 83C093B58DE7FFE1C0DA926AC43FB3609AC1C80FEE1B624497EF942E2F79A823
-IV = 7CFDE9F9E33724C68932D612
-Input = 84C5D513D2AAF6E5BBD2727788E523008932D6127CFDE9F9E33724C608000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F0005
-Output = 6EE160E8FAECA4B36C86B234920CA975
-
-MAC = GMAC
-Algorithm = AES-128-GCM
-Key = 88EE087FD95DA9FBF6725AA9D757B0CD
-IV = 7AE8E2CA4EC500012E58495C
-Input = 68F2E77696CE7AE8E2CA4EC588E541002E58495C08000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D0007
-Output = 07922B8EBCF10BB2297588CA4C614523
-
-MAC = GMAC
-Algorithm = AES-256-GCM
-Key = 4C973DBC7364621674F8B5B89E5C15511FCED9216490FB1C1A2CAA0FFE0407E5
-IV = 7AE8E2CA4EC500012E58495C
-Input = 68F2E77696CE7AE8E2CA4EC588E541002E58495C08000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D0007
-Output = 00BDA1B7E87608BCBF470F12157F4C07
-
-
-Title = KMAC Tests (From NIST)
-MAC = KMAC128
-Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
-Input = 00010203
-Custom = ""
-Output = E5780B0D3EA6F7D3A429C5706AA43A00FADBD7D49628839E3187243F456EE14E
-Ctrl = xof:0
-
-MAC = KMAC128
-Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
-Input = 00010203
-Custom = "My Tagged Application"
-Output = 3B1FBA963CD8B0B59E8C1A6D71888B7143651AF8BA0A7070C0979E2811324AA5
-
-MAC = KMAC128
-Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
-Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
-Custom = "My Tagged Application"
-Output = 1F5B4E6CCA02209E0DCB5CA635B89A15E271ECC760071DFD805FAA38F9729230
-Ctrl = size:32
-
-MAC = KMAC256
-Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
-Input = 00010203
-Custom = "My Tagged Application"
-Output = 20C570C31346F703C9AC36C61C03CB64C3970D0CFC787E9B79599D273A68D2F7F69D4CC3DE9D104A351689F27CF6F5951F0103F33F4F24871024D9C27773A8DD
-
-MAC = KMAC256
-Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
-Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
-Custom = ""
-Output = 75358CF39E41494E949707927CEE0AF20A3FF553904C86B08F21CC414BCFD691589D27CF5E15369CBBFF8B9A4C2EB17800855D0235FF635DA82533EC6B759B69
-
-MAC = KMAC256
-Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
-Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
-Custom = "My Tagged Application"
-Output = B58618F71F92E1D56C1B8C55DDD7CD188B97B4CA4D99831EB2699A837DA2E4D970FBACFDE50033AEA585F1A2708510C32D07880801BD182898FE476876FC8965
-Ctrl = size:64
-
-Title = KMAC XOF Tests (From NIST)
-
-MAC = KMAC128
-Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
-Input = 00010203
-Output = CD83740BBD92CCC8CF032B1481A0F4460E7CA9DD12B08A0C4031178BACD6EC35
-Ctrl = xof:1
-
-MAC = KMAC128
-Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
-Input = 00010203
-Custom = "My Tagged Application"
-Output = 31A44527B4ED9F5C6101D11DE6D26F0620AA5C341DEF41299657FE9DF1A3B16C
-Ctrl = xof:1
-
-MAC = KMAC128
-Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
-Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
-Custom = "My Tagged Application"
-Output = 47026C7CD793084AA0283C253EF658490C0DB61438B8326FE9BDDF281B83AE0F
-Ctrl = xof:1
-Ctrl = size:32
-
-MAC = KMAC256
-Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
-Input = 00010203
-Custom = "My Tagged Application"
-Output = 1755133F1534752AAD0748F2C706FB5C784512CAB835CD15676B16C0C6647FA96FAA7AF634A0BF8FF6DF39374FA00FAD9A39E322A7C92065A64EB1FB0801EB2B
-Ctrl = xof:1
-
-MAC = KMAC256
-Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
-Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
-Custom = ""
-Output = FF7B171F1E8A2B24683EED37830EE797538BA8DC563F6DA1E667391A75EDC02CA633079F81CE12A25F45615EC89972031D18337331D24CEB8F8CA8E6A19FD98B
-Ctrl = xof:1
-
-MAC = KMAC256
-Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
-Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
-Custom = "My Tagged Application"
-Output = D5BE731C954ED7732846BB59DBE3A8E30F83E77A4BFF4459F2F1C2B4ECEBB8CE67BA01C62E8AB8578D2D499BD1BB276768781190020A306A97DE281DCC30305D
-Ctrl = size:64
-Ctrl = xof:1
-
-
-Title = Poly1305 Tests (from RFC 7539 and others)
-
-MAC = Poly1305
-Key = 0000000000000000000000000000000000000000000000000000000000000000
-Input = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
-Output = 00000000000000000000000000000000
-
-MAC = Poly1305
-Key = 0000000000000000000000000000000036e5f6b5c5e06070f0efca96227a863e
-Input = 416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f
-Output = 36e5f6b5c5e06070f0efca96227a863e
-
-MAC = Poly1305
-Key = 36e5f6b5c5e06070f0efca96227a863e00000000000000000000000000000000
-Input = 416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f
-Output = f3477e7cd95417af89a6b8794c310cf0
-
-MAC = Poly1305
-Key = 1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0
-Input = 2754776173206272696c6c69672c20616e642074686520736c6974687920746f7665730a446964206779726520616e642067696d626c6520696e2074686520776162653a0a416c6c206d696d737920776572652074686520626f726f676f7665732c0a416e6420746865206d6f6d65207261746873206f757467726162652e
-Output = 4541669a7eaaee61e708dc7cbcc5eb62
-
-# If one uses 130-bit partial reduction, does the code handle the case where partially reduced final result is not fully reduced?
-MAC = Poly1305
-Key = 0200000000000000000000000000000000000000000000000000000000000000
-Input = FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
-Output = 03000000000000000000000000000000
-
-# What happens if addition of s overflows modulo 2^128?
-MAC = Poly1305
-Key = 02000000000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
-Input = 02000000000000000000000000000000
-Output = 03000000000000000000000000000000
-
-# What happens if data limb is all ones and there is carry from lower limb?
-MAC = Poly1305
-Key = 0100000000000000000000000000000000000000000000000000000000000000
-Input = FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF11000000000000000000000000000000
-Output = 05000000000000000000000000000000
-
-# What happens if final result from polynomial part is exactly 2^130-5?
-MAC = Poly1305
-Key = 0100000000000000000000000000000000000000000000000000000000000000
-Input = FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFBFEFEFEFEFEFEFEFEFEFEFEFEFEFEFE01010101010101010101010101010101
-Output = 00000000000000000000000000000000
-
-# What happens if final result from polynomial part is exactly 2^130-6?
-MAC = Poly1305
-Key = 0200000000000000000000000000000000000000000000000000000000000000
-Input = FDFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
-Output = FAFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
-
-# Taken from poly1305_internal_test.c
-# More RFC7539
-
-MAC = Poly1305
-Input = 43727970746f6772617068696320466f72756d2052657365617263682047726f7570
-Key = 85d6be7857556d337f4452fe42d506a80103808afb0db2fd4abff6af4149f51b
-Output = a8061dc1305136c6c22b8baf0c0127a9
-
-# test vectors from "The Poly1305-AES message-authentication code"
-
-MAC = Poly1305
-Input = f3f6
-Key = 851fc40c3467ac0be05cc20404f3f700580b3b0f9447bb1e69d095b5928b6dbc
-Output = f4c633c3044fc145f84f335cb81953de
-
-# No input?
-# MAC = Poly1305
-# Input =
-# Key = a0f3080000f46400d0c7e9076c834403dd3fab2251f11ac759f0887129cc2ee7
-# Output = dd3fab2251f11ac759f0887129cc2ee7
-
-MAC = Poly1305
-Input = 663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136
-Key = 48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef
-Output = 0ee1c16bb73f0f4fd19881753c01cdbe
-
-MAC = Poly1305
-Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9
-Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57
-Output = 5154ad0d2cb26e01274fc51148491f1b
-
-# self-generated vectors exercise "significant" length such that* are handled by different code paths
-
-MAC = Poly1305
-Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af
-Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57
-Output = 812059a5da198637cac7c4a631bee466
-
-MAC = Poly1305
-Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67
-Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57
-Output = 5b88d7f6228b11e2e28579a5c0c1f761
-
-MAC = Poly1305
-Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136
-Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57
-Output = bbb613b2b6d753ba07395b916aaece15
-
-MAC = Poly1305
-Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24
-Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57
-Output = c794d7057d1778c4bbee0a39b3d97342
-
-MAC = Poly1305
-Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136
-Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57
-Output = ffbcb9b371423152d7fca5ad042fbaa9
-
-MAC = Poly1305
-Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136812059a5da198637cac7c4a631bee466
-Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57
-Output = 069ed6b8ef0f207b3e243bb1019fe632
-
-MAC = Poly1305
-Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136812059a5da198637cac7c4a631bee4665b88d7f6228b11e2e28579a5c0c1f761
-Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57
-Output = cca339d9a45fa2368c2c68b3a4179133
-
-MAC = Poly1305
-Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136812059a5da198637cac7c4a631bee4665b88d7f6228b11e2e28579a5c0c1f761ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136
-Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57
-Output = 53f6e828a2f0fe0ee815bf0bd5841a34
-
-MAC = Poly1305
-Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136812059a5da198637cac7c4a631bee4665b88d7f6228b11e2e28579a5c0c1f761ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136812059a5da198637cac7c4a631bee4665b88d7f6228b11e2e28579a5c0c1f761
-Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57
-Output = b846d44e9bbd53cedffbfbb6b7fa4933
-
-# 4th power of the key spills to 131th bit in SIMD key setup
-
-MAC = Poly1305
-Input = ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
-Key = ad628107e8351d0f2c231a05dc4a410600000000000000000000000000000000
-Output = 07145a4c02fe5fa32036de68fabe9066
-
-# poly1305_ieee754.c failed this in final stage
-
-MAC = Poly1305
-Input = 842364e156336c0998b933a6237726180d9e3fdcbde4cd5d17080fc3beb49614d7122c037463ff104d73f19c12704628d417c4c54a3fe30d3c3d7714382d43b0382a50a5dee54be844b076e8df88201a1cd43b90eb21643fa96f39b518aa8340c942ff3c31baf7c9bdbf0f31ae3fa096bf8c63030609829fe72e179824890bc8e08c315c1cce2a83144dbbff09f74e3efc770b54d0984a8f19b14719e63635641d6b1eedf63efbf080e1783d32445412114c20de0b837a0dfa33d6b82825fff44c9a70ea54ce47f07df698e6b03323b53079364a5fc3e9dd034392bdde86dccdda94321c5e44060489336cb65bf3989c36f7282c2f5d2b882c171e74
-Key = 95d5c005503e510d8cd0aa072c4a4d066eabc52d11653df47fbf63ab198bcc26
-Output = f248312e578d9d58f8b7bb4d19105431
-
-# AVX2 in poly1305-x86.pl failed this with 176+32 split
-
-MAC = Poly1305
-Input = 248ac31085b6c2adaaa38259a0d7192c5c35d1bb4ef39ad94c38d1c82479e2dd2159a077024b0589bc8a20101b506f0a1ad0bbab76e83a83f1b94be6beae74e874cab692c5963a75436b776121ec9f62399a3e66b2d22707dae81933b6277f3c8516bcbe26dbbd86f373103d7cf4cad1888c952118fbfbd0d7b4bedc4ae4936aff91157e7aa47c54442ea78d6ac251d324a0fbe49d89cc3521b66d16e9c66a3709894e4eb0a4eedc4ae19468e66b81f271351b1d921ea551047abcc6b87a901fde7db79fa1818c11336dbc07244a40eb
-Key = 000102030405060708090a0b0c0d0e0f00000000000000000000000000000000
-Output = bc939bc5281480fa99c6d68c258ec42f
-
-# test vectors from Google
-
-# No input?
-# MAC = Poly1305
-# Input =
-# Key = c8afaac331ee372cd6082de134943b174710130e9f6fea8d72293850a667d86c
-# Output = 4710130e9f6fea8d72293850a667d86c
-
-MAC = Poly1305
-Input = 48656c6c6f20776f726c6421
-Key = 746869732069732033322d62797465206b657920666f7220506f6c7931333035
-Output = a6f745008f81c916a20dcc74eef2b2f0
-
-MAC = Poly1305
-Input = 0000000000000000000000000000000000000000000000000000000000000000
-Key = 746869732069732033322d62797465206b657920666f7220506f6c7931333035
-Output = 49ec78090e481ec6c26b33b91ccc0307
-
-MAC = Poly1305
-Input = 89dab80b7717c1db5db437860a3f70218e93e1b8f461fb677f16f35f6f87e2a91c99bc3a47ace47640cc95c345be5ecca5a3523c35cc01893af0b64a620334270372ec12482d1b1e363561698a578b359803495bb4e2ef1930b17a5190b580f141300df30adbeca28f6427a8bc1a999fd51c554a017d095d8c3e3127daf9f595
-Key = 2d773be37adb1e4d683bf0075e79c4ee037918535a7f99ccb7040fb5f5f43aea
-Output = c85d15ed44c378d6b00e23064c7bcd51
-
-MAC = Poly1305
-Input = 000000000000000b170303020000000006db1f1f368d696a810a349c0c714c9a5e7850c2407d721acded95e018d7a85266a6e1289cdb4aeb18da5ac8a2b0026d24a59ad485227f3eaedbb2e7e35e1c66cd60f9abf716dcc9ac42682dd7dab287a7024c4eefc321cc0574e16793e37cec03c5bda42b54c114a80b57af26416c7be742005e20855c73e21dc8e2edc9d435cb6f6059280011c270b71570051c1c9b3052126620bc1e2730fa066c7a509d53c60e5ae1b40aa6e39e49669228c90eecb4a50db32a50bc49e90b4f4b359a1dfd11749cd3867fcf2fb7bb6cd4738f6a4ad6f7ca5058f7618845af9f020f6c3b967b8f4cd4a91e2813b507ae66f2d35c18284f7292186062e10fd5510d18775351ef334e7634ab4743f5b68f49adcab384d3fd75f7390f4006ef2a295c8c7a076ad54546cd25d2107fbe1436c840924aaebe5b370893cd63d1325b8616fc4810886bc152c53221b6df373119393255ee72bcaa880174f1717f9184fa91646f17a24ac55d16bfddca9581a92eda479201f0edbf633600d6066d1ab36d5d2415d71351bbcd608a25108d25641992c1f26c531cf9f90203bc4cc19f5927d834b0a47116d3884bbb164b8ec883d1ac832e56b3918a98601a08d171881541d594db399c6ae6151221745aec814c45b0b05b565436fd6f137aa10a0c0b643761dbd6f9a9dcb99b1a6e690854ce0769cde39761d82fcdec15f0d92d7d8e94ade8eb83fbe0
-Key = 99e5822dd4173c995e3dae0ddefb97743fde3b080134b39f76e9bf8d0e88d546
-Output = 2637408fe13086ea73f971e3425e2820
-
-# test vectors from Hanno Bock
-
-MAC = Poly1305
-Input = cccccccccccccccccccccccccccccccccccccccccccccccccc80ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccceccccccccccccccccccccccccccccccccccccc5cccccccccccccccccccccccccccccccccccccccccce3ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccaccccccccccccccccccccce6cccccccccc000000afccccccccccccccccccfffffff5000000000000000000000000000000000000000000000000000000ffffffe70000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000719205a8521dfc
-Key = 7f1b02640000000000000000000000000000000000000000cccccccccccccccc
-Output = 8559b876eceed66eb37798c0457baff9
-
-MAC = Poly1305
-Input = aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa000000000000000000800264
-Key = e00016000000000000000000000000000000aaaaaaaaaaaaaaaaaaaaaaaaaaaa
-Output = 00bd1258978e205444c9aaaa82006fed
-
-MAC = Poly1305
-Input = 02fc
-Key = 0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
-Output = 06120c0c0c0c0c0c0c0c0c0c0c0c0c0c
-
-MAC = Poly1305
-Input = 7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7a7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b5c7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b6e7b007b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7a7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b5c7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b6e7b001300000000b300000000000000000000000000000000000000000000f20000000000000000000000000000000000002000efff0009000000000000000000000000100000000009000000640000000000000000000000001300000000b300000000000000000000000000000000000000000000f20000000000000000000000000000000000002000efff00090000000000000000007a000010000000000900000064000000000000000000000000000000000000000000000000fc
-Key = 00ff000000000000000000000000000000000000001e00000000000000007b7b
-Output = 33205bbf9e9f8f7212ab9e2ab9b7e4a5
-
-MAC = Poly1305
-Input = 77777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777ffffffe9e9acacacacacacacacacacac0000acacec0100acacac2caca2acacacacacacacacacacac64f2
-Key = 0000007f0000007f01000020000000000000cf77777777777777777777777777
-Output = 02ee7c8c546ddeb1a467e4c3981158b9
-
-# test vectors from Andrew Moon - nacl
-
-MAC = Poly1305
-Input = 8e993b9f48681273c29650ba32fc76ce48332ea7164d96a4476fb8c531a1186ac0dfc17c98dce87b4da7f011ec48c97271d2c20f9b928fe2270d6fb863d51738b48eeee314a7cc8ab932164548e526ae90224368517acfeabd6bb3732bc0e9da99832b61ca01b6de56244a9e88d5f9b37973f622a43d14a6599b1f654cb45a74e355a5
-Key = eea6a7251c1e72916d11c2cb214d3c252539121d8e234e652d651fa4c8cff880
-Output = f3ffc7703f9400e52a7dfb4b3d3305d9
-
-# wrap 2^130-5
-MAC = Poly1305
-Input = ffffffffffffffffffffffffffffffff
-Key = 0200000000000000000000000000000000000000000000000000000000000000
-Output = 03000000000000000000000000000000
-
-# wrap 2^128
-MAC = Poly1305
-Input = 02000000000000000000000000000000
-Key = 02000000000000000000000000000000ffffffffffffffffffffffffffffffff
-Output = 03000000000000000000000000000000
-
-# limb carry
-MAC = Poly1305
-Input = fffffffffffffffffffffffffffffffff0ffffffffffffffffffffffffffffff11000000000000000000000000000000
-Key = 0100000000000000000000000000000000000000000000000000000000000000
-Output = 05000000000000000000000000000000
-
-# 2^130-5
-MAC = Poly1305
-Input = fffffffffffffffffffffffffffffffffbfefefefefefefefefefefefefefefe01010101010101010101010101010101
-Key = 0100000000000000000000000000000000000000000000000000000000000000
-Output = 00000000000000000000000000000000
-
-# 2^130-6
-MAC = Poly1305
-Input = fdffffffffffffffffffffffffffffff
-Key = 0200000000000000000000000000000000000000000000000000000000000000
-Output = faffffffffffffffffffffffffffffff
-
-# 5*H+L reduction intermediate
-MAC = Poly1305
-Input = e33594d7505e43b900000000000000003394d7505e4379cd01000000000000000000000000000000000000000000000001000000000000000000000000000000
-Key = 0100000000000000040000000000000000000000000000000000000000000000
-Output = 14000000000000005500000000000000
-
-# 5*H+L reduction final
-MAC = Poly1305
-Input = e33594d7505e43b900000000000000003394d7505e4379cd010000000000000000000000000000000000000000000000
-Key = 0100000000000000040000000000000000000000000000000000000000000000
-Output = 13000000000000000000000000000000
-
-# Here are 4 duplicated cases for Poly1305 by EVP_PKEY
-MAC = Poly1305 by EVP_PKEY
-Key = 0000000000000000000000000000000000000000000000000000000000000000
-Input = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
-Output = 00000000000000000000000000000000
-
-MAC = Poly1305 by EVP_PKEY
-Key = 0000000000000000000000000000000036e5f6b5c5e06070f0efca96227a863e
-Input = 416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f
-Output = 36e5f6b5c5e06070f0efca96227a863e
-
-MAC = Poly1305 by EVP_PKEY
-Key = 36e5f6b5c5e06070f0efca96227a863e00000000000000000000000000000000
-Input = 416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f
-Output = f3477e7cd95417af89a6b8794c310cf0
-
-MAC = Poly1305 by EVP_PKEY
-Key = 1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0
-Input = 2754776173206272696c6c69672c20616e642074686520736c6974687920746f7665730a446964206779726520616e642067696d626c6520696e2074686520776162653a0a416c6c206d696d737920776572652074686520626f726f676f7665732c0a416e6420746865206d6f6d65207261746873206f757467726162652e
-Output = 4541669a7eaaee61e708dc7cbcc5eb62
diff --git a/test/recipes/30-test_evp_data/evpmac_blake.txt b/test/recipes/30-test_evp_data/evpmac_blake.txt
new file mode 100644
index 0000000000..ad5836a175
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpmac_blake.txt
@@ -0,0 +1,242 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title = Keyed BLAKE2 tests (Test vectors from reference implementation)
+
+MAC = BLAKE2BMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
+Input =
+Output = 10ebb67700b1868efb4417987acf4690ae9d972fb7a590c2f02871799aaa4786b5e996e8f0f4eb981fc214b005f42d2ff4233499391653df7aefcbc13fc51568
+
+MAC = BLAKE2BMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
+Input = 00
+Output = 961f6dd1e4dd30f63901690c512e78e4b45e4742ed197c3c5e45c549fd25f2e4187b0bc9fe30492b16b0d0bc4ef9b0f34c7003fac09a5ef1532e69430234cebd
+
+MAC = BLAKE2BMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
+Input = 0001
+Output = da2cfbe2d8409a0f38026113884f84b50156371ae304c4430173d08a99d9fb1b983164a3770706d537f49e0c916d9f32b95cc37a95b99d857436f0232c88a965
+
+MAC = BLAKE2BMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
+Input = 000102
+Output = 33d0825dddf7ada99b0e7e307104ad07ca9cfd9692214f1561356315e784f3e5a17e364ae9dbb14cb2036df932b77f4b292761365fb328de7afdc6d8998f5fc1
+
+MAC = BLAKE2BMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
+Input = 00010203
+Output = beaa5a3d08f3807143cf621d95cd690514d0b49efff9c91d24b59241ec0eefa5f60196d407048bba8d2146828ebcb0488d8842fd56bb4f6df8e19c4b4daab8ac
+
+MAC = BLAKE2BMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
+Input = 0001020304
+Output = 098084b51fd13deae5f4320de94a688ee07baea2800486689a8636117b46c1f4c1f6af7f74ae7c857600456a58a3af251dc4723a64cc7c0a5ab6d9cac91c20bb
+
+MAC = BLAKE2BMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
+Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9
+Output = 1085d78307b1c4b008c57a2e7e5b234658a0a82e4ff1e4aaac72b312fda0fe27d233bc5b10e9cc17fdc7697b540c7d95eb215a19a1a0e20e1abfa126efd568c7
+
+MAC = BLAKE2BMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
+Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fa
+Output = 4e5c734c7dde011d83eac2b7347b373594f92d7091b9ca34cb9c6f39bdf5a8d2f134379e16d822f6522170ccf2ddd55c84b9e6c64fc927ac4cf8dfb2a17701f2
+
+MAC = BLAKE2BMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
+Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafb
+Output = 695d83bd990a1117b3d0ce06cc888027d12a054c2677fd82f0d4fbfc93575523e7991a5e35a3752e9b70ce62992e268a877744cdd435f5f130869c9a2074b338
+
+MAC = BLAKE2BMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
+Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfc
+Output = a6213743568e3b3158b9184301f3690847554c68457cb40fc9a4b8cfd8d4a118c301a07737aeda0f929c68913c5f51c80394f53bff1c3e83b2e40ca97eba9e15
+
+MAC = BLAKE2BMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
+Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfd
+Output = d444bfa2362a96df213d070e33fa841f51334e4e76866b8139e8af3bb3398be2dfaddcbc56b9146de9f68118dc5829e74b0c28d7711907b121f9161cb92b69a9
+
+MAC = BLAKE2BMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
+Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfe
+Output = 142709d62e28fcccd0af97fad0f8465b971e82201dc51070faa0372aa43e92484be1c1e73ba10906d5d1853db6a4106e0a7bf9800d373d6dee2d46d62ef2a461
+
+MAC = BLAKE2SMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Input =
+Output = 48a8997da407876b3d79c0d92325ad3b89cbb754d86ab71aee047ad345fd2c49
+
+MAC = BLAKE2SMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Input = 00
+Output = 40d15fee7c328830166ac3f918650f807e7e01e177258cdc0a39b11f598066f1
+
+MAC = BLAKE2SMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Input = 0001
+Output = 6bb71300644cd3991b26ccd4d274acd1adeab8b1d7914546c1198bbe9fc9d803
+
+MAC = BLAKE2SMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Input = 000102
+Output = 1d220dbe2ee134661fdf6d9e74b41704710556f2f6e5a091b227697445dbea6b
+
+MAC = BLAKE2SMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Input = 00010203
+Output = f6c3fbadb4cc687a0064a5be6e791bec63b868ad62fba61b3757ef9ca52e05b2
+
+MAC = BLAKE2SMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Input = 0001020304
+Output = 49c1f21188dfd769aea0e911dd6b41f14dab109d2b85977aa3088b5c707e8598
+
+MAC = BLAKE2SMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9
+Output = 9fc5450109e1b779f6c7ae79d56c27635c8dd426c5a9d54e2578db989b8c3b4e
+
+MAC = BLAKE2SMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fa
+Output = d12bf3732ef4af5c22fa90356af8fc50fcb40f8f2ea5c8594737a3b3d5abdbd7
+
+MAC = BLAKE2SMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafb
+Output = 11030b9289bba5af65260672ab6fee88b87420acef4a1789a2073b7ec2f2a09e
+
+MAC = BLAKE2SMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfc
+Output = 69cb192b8444005c8c0ceb12c846860768188cda0aec27a9c8a55cdee2123632
+
+MAC = BLAKE2SMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfd
+Output = db444c15597b5f1a03d1f9edd16e4a9f43a667cc275175dfa2b704e3bb1a9b83
+
+MAC = BLAKE2SMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Input = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfe
+Output = 3fb735061abc519dfe979e54c1ee5bfad0a9d858b3315bad34bde999efd724dd
+
+Title = Custom keyed BLAKE2 tests
+
+MAC = BLAKE2BMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Custom = "email"
+Input = "Sample input for keylen<blocklen and custom"
+Output = fb7abee8f585b0d844a3c7db211b8f50a3a5de9bb20a560eb095d05430a60e83f3d44a84c84e8a8ef79eef694551418a05c7495d10aae051e9c63822dfa59e7c
+
+MAC = BLAKE2BMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Custom = "blockchain"
+Input = "Sample input for keylen<blocklen and custom"
+Output = b971503ceebaa26c98cb7722abaf019d74138d92ff5d82f91a7473ec641ae6811148bc1edbe9db9030fd9a8a965d7f35492d79f602be81f6e2d9b84abc819c62
+
+MAC = BLAKE2BMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Salt = a3a5de9b8fcccd0a560eb095a3638bb1
+Input = "Sample input for keylen<blocklen and salt"
+Output = a57e6f23123be251f4e8cd04d4313e50bfa2ed5a28a3685dc86398da78503d54a169faabcc186037418636af20718f20797fb883b83ab98f5b2d17ce185b615e
+
+MAC = BLAKE2BMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Salt = b4a5b8cd0a009561
+Input = "Sample input for keylen<blocklen and salt"
+Output = 709ee3733b179658d326fda6692e6761068d0044895252615bd2a19a14ad4da1ee6ddf613bdf1ae805f97809a140837640c4ce2fece1831b3ccd07544b0d36ab
+
+MAC = BLAKE2BMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Custom = "application"
+Salt = 000102030405060708090a0b0c0d0e0f
+Input = "Sample input for keylen<blocklen, salt and custom"
+Output = 233a6c732212f4813ec4c9f357e35297e59a652fd24155205f00363f7c54734ee1e8c7329d92116cbec62db35ebb5d51f9e5c2ba41789b84ac9ebc266918e524
+
+MAC = BLAKE2BMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Ctrl = size:128
+Result = MAC_BAD_PARAMS
+
+MAC = BLAKE2BMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Input = "Sample input for outlen<digest_length"
+Ctrl = size:1
+Output = 2a
+
+MAC = BLAKE2BMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Input = "Sample input for outlen<digest_length"
+Ctrl = size:32
+Output = 7fa43c7735fcacad9fce2b44bef37dba6501ab48c9397bedb5562a682e519793
+
+MAC = BLAKE2BMAC
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Input = "Combo input with outlen, custom and salt"
+Custom = "application"
+Salt = 000102030405060708090a0b0c0d0e0f
+Ctrl = size:32
+Output = 51742fc491171eaf6b9459c8b93a44bbf8f44a0b4869a17fa178c8209918ad96
+
+MAC = BLAKE2SMAC
+Key = 000102030405060708090a0b0c0d0e0f
+Custom = "email"
+Input = "Sample input for keylen<blocklen and custom"
+Output = 099619607617f8767b278d6d76216b91794ea372c9fd3733a4a36e995a767987
+
+MAC = BLAKE2SMAC
+Key = 000102030405060708090a0b0c0d0e0f
+Custom = "database"
+Input = "Sample input for keylen<blocklen and custom"
+Output = afa468ff12d922c1bfdfe26b7d74f1041e7708e83ee7e128ce878f93e2852ad0
+
+MAC = BLAKE2SMAC
+Key = 000102030405060708090a0b0c0d0e0f
+Salt = a205819e78d6d762
+Input = "Sample input for keylen<blocklen and salt"
+Output = 29f7d780009ef8f001ec44088622f0752f6c360cda40e3c2181c4f7eacdd9dc6
+
+MAC = BLAKE2SMAC
+Key = 000102030405060708090a0b0c0d0e0f
+Salt = d6e437b2
+Input = "Sample input for keylen<blocklen and salt"
+Output = aa9dbb8bbad89ea35467f1ff995521121989eb6439f1263e04e87d63a9c2ef28
+
+MAC = BLAKE2SMAC
+Key = 000102030405060708090a0b0c0d0e0f
+Custom = "app"
+Salt = a205819e78d6d762
+Input = "Sample input for keylen<blocklen, salt and custom"
+Output = e9f7704dfe5080a4aafe62a806f53ea7f98ffc24175164158f18ec5497b961f5
+
+MAC = BLAKE2SMAC
+Key = 000102030405060708090a0b0c0d0e0f
+Ctrl = size:64
+Result = MAC_BAD_PARAMS
+
+MAC = BLAKE2SMAC
+Key = 000102030405060708090a0b0c0d0e0f
+Ctrl = size:16
+Input = "Sample input for outlen<digest_length"
+Output = a09fb3d513efc3ed58dd1264de3c59f5
+
+MAC = BLAKE2SMAC
+Key = 000102030405060708090a0b0c0d0e0f
+Ctrl = size:16
+Custom = "app"
+Salt = 0001020304050607
+Input = "Combo input with outlen, custom and salt"
+Output = 6808d8daae537a16bf00e837010969a4
diff --git a/test/recipes/30-test_evp_data/evpmac_common.txt b/test/recipes/30-test_evp_data/evpmac_common.txt
new file mode 100644
index 0000000000..dcea924695
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpmac_common.txt
@@ -0,0 +1,402 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+# The keyword Availablein must appear before the test name if needed.
+
+Title = HMAC tests (from RFC2104 and others)
+
+Availablein = default
+MAC = HMAC
+Algorithm = MD5
+Key = 0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
+Input = "Hi There"
+Output = 9294727a3638bb1c13f48ef8158bfc9d
+
+Availablein = default
+MAC = HMAC
+Algorithm = MD5
+Key = "Jefe"
+Input = "what do ya want for nothing?"
+Output = 750c783e6ab0b503eaa86e310a5db738
+
+Availablein = default
+MAC = HMAC
+Algorithm = MD5
+Key = AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+Input = DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD
+Output = 56be34521d144c88dbb8c733f0e8b3f6
+
+Title = SHA1
+
+# HMAC tests from NIST test data
+
+MAC = HMAC
+Algorithm = SHA1
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+Output = 5FD596EE78D5553C8FF4E72D266DFD192366DA29
+
+MAC = HMAC
+Algorithm = SHA1
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090A0B0C0D0E0F10111213
+Output = 4C99FF0CB1B31BD33F8431DBAF4D17FCD356A807
+
+MAC = HMAC
+Algorithm = SHA1
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
+Output = 2D51B2F7750E410584662E38F133435F4C4FD42A
+
+Title = SHA2
+
+MAC = HMAC
+Algorithm = SHA224
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+Output = C7405E3AE058E8CD30B08B4140248581ED174CB34E1224BCC1EFC81B
+
+MAC = HMAC
+Algorithm = SHA224
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B
+Output = E3D249A8CFB67EF8B7A169E9A0A599714A2CECBA65999A51BEB8FBBE
+
+MAC = HMAC
+Algorithm = SHA224
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
+Output = 91C52509E5AF8531601AE6230099D90BEF88AAEFB961F4080ABC014D
+
+MAC = HMAC
+Algorithm = SHA256
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+Output = 8BB9A1DB9806F20DF7F77B82138C7914D174D59E13DC4D0169C9057B133E1D62
+
+MAC = HMAC
+Algorithm = SHA256
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Output = A28CF43130EE696A98F14A37678B56BCFCBDD9E5CF69717FECF5480F0EBDF790
+
+MAC = HMAC
+Algorithm = SHA256
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
+Output = BDCCB6C72DDEADB500AE768386CB38CC41C63DBB0878DDB9C7A38A431B78378D
+
+MAC = HMAC
+Algorithm = SHA384
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
+Output = 63C5DAA5E651847CA897C95814AB830BEDEDC7D25E83EEF9195CD45857A37F448947858F5AF50CC2B1B730DDF29671A9
+
+MAC = HMAC
+Algorithm = SHA384
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F
+Output = 6EB242BDBB582CA17BEBFA481B1E23211464D2B7F8C20B9FF2201637B93646AF5AE9AC316E98DB45D9CAE773675EEED0
+
+MAC = HMAC
+Algorithm = SHA384
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
+Output = 5B664436DF69B0CA22551231A3F0A3D5B4F97991713CFA84BFF4D0792EFF96C27DCCBBB6F79B65D548B40E8564CEF594
+
+MAC = HMAC
+Algorithm = SHA512
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
+Output = FC25E240658CA785B7A811A8D3F7B4CA48CFA26A8A366BF2CD1F836B05FCB024BD36853081811D6CEA4216EBAD79DA1CFCB95EA4586B8A0CE356596A55FB1347
+
+MAC = HMAC
+Algorithm = SHA512
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+Output = FD44C18BDA0BB0A6CE0E82B031BF2818F6539BD56EC00BDC10A8A2D730B3634DE2545D639B0F2CF710D0692C72A1896F1F211C2B922D1A96C392E07E7EA9FEDC
+
+MAC = HMAC
+Algorithm = SHA512
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
+Output = D93EC8D2DE1AD2A9957CB9B83F14E76AD6B5E0CCE285079A127D3B14BCCB7AA7286D4AC0D4CE64215F2BC9E6870B33D97438BE4AAA20CDA5C5A912B48B8E27F3
+
+Title = SHA3
+
+# NIST's test vectors
+
+MAC = HMAC
+Algorithm = SHA3-224
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b
+Output = 332cfd59347fdb8e576e77260be4aba2d6dc53117b3bfb52c6d18c04
+
+MAC = HMAC
+Algorithm = SHA3-224
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f
+Output = d8b733bcf66c644a12323d564e24dcf3fc75f231f3b67968359100c7
+
+MAC = HMAC
+Algorithm = SHA3-224
+Input = "Sample message for keylen>blocklen"
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaab
+Output = 078695eecc227c636ad31d063a15dd05a7e819a66ec6d8de1e193e59
+
+MAC = HMAC
+Algorithm = SHA3-256
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Output = 4fe8e202c4f058e8dddc23d8c34e467343e23555e24fc2f025d598f558f67205
+
+MAC = HMAC
+Algorithm = SHA3-256
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f8081828384858687
+Output = 68b94e2e538a9be4103bebb5aa016d47961d4d1aa906061313b557f8af2c3faa
+
+MAC = HMAC
+Algorithm = SHA3-256
+Input = "Sample message for keylen>blocklen"
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7
+Output = 9bcf2c238e235c3ce88404e813bd2f3a97185ac6f238c63d6229a00b07974258
+
+MAC = HMAC
+Algorithm = SHA3-384
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f
+Output = d588a3c51f3f2d906e8298c1199aa8ff6296218127f6b38a90b6afe2c5617725bc99987f79b22a557b6520db710b7f42
+
+MAC = HMAC
+Algorithm = SHA3-384
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f6061626364656667
+Output = a27d24b592e8c8cbf6d4ce6fc5bf62d8fc98bf2d486640d9eb8099e24047837f5f3bffbe92dcce90b4ed5b1e7e44fa90
+
+MAC = HMAC
+Algorithm = SHA3-384
+Input = "Sample message for keylen>blocklen"
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f9091929394959697
+Output = e5ae4c739f455279368ebf36d4f5354c95aa184c899d3870e460ebc288ef1f9470053f73f7c6da2a71bcaec38ce7d6ac
+
+MAC = HMAC
+Algorithm = SHA3-512
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
+Output = 4efd629d6c71bf86162658f29943b1c308ce27cdfa6db0d9c3ce81763f9cbce5f7ebe9868031db1a8f8eb7b6b95e5c5e3f657a8996c86a2f6527e307f0213196
+
+MAC = HMAC
+Algorithm = SHA3-512
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f4041424344454647
+Output = 544e257ea2a3e5ea19a590e6a24b724ce6327757723fe2751b75bf007d80f6b360744bf1b7a88ea585f9765b47911976d3191cf83c039f5ffab0d29cc9d9b6da
+
+MAC = HMAC by EVP_PKEY
+Algorithm = SHA3-512
+Input = "Sample message for keylen>blocklen"
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f8081828384858687
+Output = 5f464f5e5b7848e3885e49b2c385f0694985d0e38966242dc4a5fe3fea4b37d46b65ceced5dcf59438dd840bab22269f0ba7febdb9fcf74602a35666b2a32915
+
+Title = HMAC self generated tests
+
+MAC = HMAC
+Algorithm = SHAKE128
+Input = "Test that SHAKE128 fails"
+Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Result = MAC_BAD_PARAMS
+
+
+Title = CMAC tests (from FIPS module)
+
+MAC = CMAC
+Algorithm = AES-128-CBC
+Key = 77A77FAF290C1FA30C683DF16BA7A77B
+Input = 020683E1F0392F4CAC54318B6029259E9C553DBC4B6AD998E64D58E4E7DC2E13
+Output = FBFEA41BF9740CB501F1292C21CEBB40
+
+MAC = CMAC by EVP_PKEY
+Algorithm = AES-192-CBC
+Key = 7B32391369AA4CA97558095BE3C3EC862BD057CEF1E32D62
+Input =
+Output = E4D9340B03E67DEFD4969CC1ED3735E6
+
+MAC = CMAC
+Algorithm = AES-256-CBC
+Key = 0B122AC8F34ED1FE082A3625D157561454167AC145A10BBF77C6A70596D574F1
+Input = 498B53FDEC87EDCBF07097DCCDE93A084BAD7501A224E388DF349CE18959FE8485F8AD1537F0D896EA73BEDC7214713F
+Output = F62C46329B41085625669BAF51DEA66A
+
+MAC = CMAC
+Algorithm = DES-EDE3-CBC
+Key = 89BCD952A8C8AB371AF48AC7D07085D5EFF702E6D62CDC23
+Input = FA620C1BBE97319E9A0CF0492121F7A20EB08A6A709DCBD00AAF38E4F99E754E
+Output = 8F49A1B7D6AA2258
+
+MAC = CMAC by EVP_PKEY
+Algorithm = DES-EDE3-CBC
+Key = 89BCD952A8C8AB371AF48AC7D07085D5EFF702E6D62CDC23
+Input = FA620C1BBE97319E9A0CF0492121F7A20EB08A6A709DCBD00AAF38E4F99E754E
+Output = 8F49A1B7D6AA2258
+
+Title = GMAC Tests (from NIST)
+
+MAC = GMAC
+Algorithm = AES-128-GCM
+Key = 77BE63708971C4E240D1CB79E8D77FEB
+IV = E0E00F19FED7BA0136A797F3
+Input = 7A43EC1D9C0A5A78A0B16533A6213CAB
+Output = 209FCC8D3675ED938E9C7166709DD946
+
+Title = GMAC Tests (from http://www.ieee802.org/1/files/public/docs2011/bn-randall-test-vectors-0511-v1.pdf)
+
+MAC = GMAC
+Algorithm = AES-128-GCM
+Key = AD7A2BD03EAC835A6F620FDCB506B345
+IV = 12153524C0895E81B2C28465
+Input = D609B1F056637A0D46DF998D88E5222AB2C2846512153524C0895E8108000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30313233340001
+Output = F09478A9B09007D06F46E9B6A1DA25DD
+
+MAC = GMAC
+Algorithm = AES-256-GCM
+Key = E3C08A8F06C6E3AD95A70557B23F75483CE33021A9C72B7025666204C69C0B72
+IV = 12153524C0895E81B2C28465
+Input = D609B1F056637A0D46DF998D88E5222AB2C2846512153524C0895E8108000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30313233340001
+Output = 2F0BC5AF409E06D609EA8B7D0FA5EA50
+
+MAC = GMAC
+Algorithm = AES-128-GCM
+Key = 071B113B0CA743FECCCF3D051F737382
+IV = F0761E8DCD3D000176D457ED
+Input = E20106D7CD0DF0761E8DCD3D88E5400076D457ED08000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A0003
+Output = 0C017BC73B227DFCC9BAFA1C41ACC353
+
+MAC = GMAC
+Algorithm = AES-256-GCM
+Key = 691D3EE909D7F54167FD1CA0B5D769081F2BDE1AEE655FDBAB80BD5295AE6BE7
+IV = F0761E8DCD3D000176D457ED
+Input = E20106D7CD0DF0761E8DCD3D88E5400076D457ED08000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A0003
+Output = 35217C774BBC31B63166BCF9D4ABED07
+
+MAC = GMAC
+Algorithm = AES-128-GCM
+Key = 013FE00B5F11BE7F866D0CBBC55A7A90
+IV = 7CFDE9F9E33724C68932D612
+Input = 84C5D513D2AAF6E5BBD2727788E523008932D6127CFDE9F9E33724C608000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F0005
+Output = 217867E50C2DAD74C28C3B50ABDF695A
+
+MAC = GMAC
+Algorithm = AES-256-GCM
+Key = 83C093B58DE7FFE1C0DA926AC43FB3609AC1C80FEE1B624497EF942E2F79A823
+IV = 7CFDE9F9E33724C68932D612
+Input = 84C5D513D2AAF6E5BBD2727788E523008932D6127CFDE9F9E33724C608000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F0005
+Output = 6EE160E8FAECA4B36C86B234920CA975
+
+MAC = GMAC
+Algorithm = AES-128-GCM
+Key = 88EE087FD95DA9FBF6725AA9D757B0CD
+IV = 7AE8E2CA4EC500012E58495C
+Input = 68F2E77696CE7AE8E2CA4EC588E541002E58495C08000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D0007
+Output = 07922B8EBCF10BB2297588CA4C614523
+
+MAC = GMAC
+Algorithm = AES-256-GCM
+Key = 4C973DBC7364621674F8B5B89E5C15511FCED9216490FB1C1A2CAA0FFE0407E5
+IV = 7AE8E2CA4EC500012E58495C
+Input = 68F2E77696CE7AE8E2CA4EC588E541002E58495C08000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D0007
+Output = 00BDA1B7E87608BCBF470F12157F4C07
+
+
+Title = KMAC Tests (From NIST)
+MAC = KMAC128
+Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
+Input = 00010203
+Custom = ""
+Output = E5780B0D3EA6F7D3A429C5706AA43A00FADBD7D49628839E3187243F456EE14E
+Ctrl = xof:0
+
+MAC = KMAC128
+Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
+Input = 00010203
+Custom = "My Tagged Application"
+Output = 3B1FBA963CD8B0B59E8C1A6D71888B7143651AF8BA0A7070C0979E2811324AA5
+
+MAC = KMAC128
+Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
+Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
+Custom = "My Tagged Application"
+Output = 1F5B4E6CCA02209E0DCB5CA635B89A15E271ECC760071DFD805FAA38F9729230
+Ctrl = size:32
+
+MAC = KMAC256
+Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
+Input = 00010203
+Custom = "My Tagged Application"
+Output = 20C570C31346F703C9AC36C61C03CB64C3970D0CFC787E9B79599D273A68D2F7F69D4CC3DE9D104A351689F27CF6F5951F0103F33F4F24871024D9C27773A8DD
+
+MAC = KMAC256
+Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
+Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
+Custom = ""
+Output = 75358CF39E41494E949707927CEE0AF20A3FF553904C86B08F21CC414BCFD691589D27CF5E15369CBBFF8B9A4C2EB17800855D0235FF635DA82533EC6B759B69
+
+MAC = KMAC256
+Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
+Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
+Custom = "My Tagged Application"
+Output = B58618F71F92E1D56C1B8C55DDD7CD188B97B4CA4D99831EB2699A837DA2E4D970FBACFDE50033AEA585F1A2708510C32D07880801BD182898FE476876FC8965
+Ctrl = size:64
+
+Title = KMAC XOF Tests (From NIST)
+
+MAC = KMAC128
+Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
+Input = 00010203
+Output = CD83740BBD92CCC8CF032B1481A0F4460E7CA9DD12B08A0C4031178BACD6EC35
+Ctrl = xof:1
+
+MAC = KMAC128
+Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
+Input = 00010203
+Custom = "My Tagged Application"
+Output = 31A44527B4ED9F5C6101D11DE6D26F0620AA5C341DEF41299657FE9DF1A3B16C
+Ctrl = xof:1
+
+MAC = KMAC128
+Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
+Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
+Custom = "My Tagged Application"
+Output = 47026C7CD793084AA0283C253EF658490C0DB61438B8326FE9BDDF281B83AE0F
+Ctrl = xof:1
+Ctrl = size:32
+
+MAC = KMAC256
+Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
+Input = 00010203
+Custom = "My Tagged Application"
+Output = 1755133F1534752AAD0748F2C706FB5C784512CAB835CD15676B16C0C6647FA96FAA7AF634A0BF8FF6DF39374FA00FAD9A39E322A7C92065A64EB1FB0801EB2B
+Ctrl = xof:1
+
+MAC = KMAC256
+Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
+Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
+Custom = ""
+Output = FF7B171F1E8A2B24683EED37830EE797538BA8DC563F6DA1E667391A75EDC02CA633079F81CE12A25F45615EC89972031D18337331D24CEB8F8CA8E6A19FD98B
+Ctrl = xof:1
+
+MAC = KMAC256
+Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
+Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
+Custom = "My Tagged Application"
+Output = D5BE731C954ED7732846BB59DBE3A8E30F83E77A4BFF4459F2F1C2B4ECEBB8CE67BA01C62E8AB8578D2D499BD1BB276768781190020A306A97DE281DCC30305D
+Ctrl = size:64
+Ctrl = xof:1
diff --git a/test/recipes/30-test_evp_data/evpmac_poly1305.txt b/test/recipes/30-test_evp_data/evpmac_poly1305.txt
new file mode 100644
index 0000000000..dcd3c6d369
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpmac_poly1305.txt
@@ -0,0 +1,288 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title = Poly1305 Tests (from RFC 7539 and others)
+
+MAC = Poly1305
+Key = 0000000000000000000000000000000000000000000000000000000000000000
+Input = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+Output = 00000000000000000000000000000000
+
+MAC = Poly1305
+Key = 0000000000000000000000000000000036e5f6b5c5e06070f0efca96227a863e
+Input = 416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f
+Output = 36e5f6b5c5e06070f0efca96227a863e
+
+MAC = Poly1305
+Key = 36e5f6b5c5e06070f0efca96227a863e00000000000000000000000000000000
+Input = 416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f
+Output = f3477e7cd95417af89a6b8794c310cf0
+
+MAC = Poly1305
+Key = 1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0
+Input = 2754776173206272696c6c69672c20616e642074686520736c6974687920746f7665730a446964206779726520616e642067696d626c6520696e2074686520776162653a0a416c6c206d696d737920776572652074686520626f726f676f7665732c0a416e6420746865206d6f6d65207261746873206f757467726162652e
+Output = 4541669a7eaaee61e708dc7cbcc5eb62
+
+# If one uses 130-bit partial reduction, does the code handle the case where partially reduced final result is not fully reduced?
+MAC = Poly1305
+Key = 0200000000000000000000000000000000000000000000000000000000000000
+Input = FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
+Output = 03000000000000000000000000000000
+
+# What happens if addition of s overflows modulo 2^128?
+MAC = Poly1305
+Key = 02000000000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
+Input = 02000000000000000000000000000000
+Output = 03000000000000000000000000000000
+
+# What happens if data limb is all ones and there is carry from lower limb?
+MAC = Poly1305
+Key = 0100000000000000000000000000000000000000000000000000000000000000
+Input = FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF11000000000000000000000000000000
+Output = 05000000000000000000000000000000
+
+# What happens if final result from polynomial part is exactly 2^130-5?
+MAC = Poly1305
+Key = 0100000000000000000000000000000000000000000000000000000000000000
+Input = FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFBFEFEFEFEFEFEFEFEFEFEFEFEFEFEFE01010101010101010101010101010101
+Output = 00000000000000000000000000000000
+
+# What happens if final result from polynomial part is exactly 2^130-6?
+MAC = Poly1305
+Key = 0200000000000000000000000000000000000000000000000000000000000000
+Input = FDFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
+Output = FAFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
+
+# Taken from poly1305_internal_test.c
+# More RFC7539
+
+MAC = Poly1305
+Input = 43727970746f6772617068696320466f72756d2052657365617263682047726f7570
+Key = 85d6be7857556d337f4452fe42d506a80103808afb0db2fd4abff6af4149f51b
+Output = a8061dc1305136c6c22b8baf0c0127a9
+
+# test vectors from "The Poly1305-AES message-authentication code"
+
+MAC = Poly1305
+Input = f3f6
+Key = 851fc40c3467ac0be05cc20404f3f700580b3b0f9447bb1e69d095b5928b6dbc
+Output = f4c633c3044fc145f84f335cb81953de
+
+# No input?
+# # MAC = Poly1305
+# Input =
+# Key = a0f3080000f46400d0c7e9076c834403dd3fab2251f11ac759f0887129cc2ee7
+# Output = dd3fab2251f11ac759f0887129cc2ee7
+
+MAC = Poly1305
+Input = 663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136
+Key = 48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef
+Output = 0ee1c16bb73f0f4fd19881753c01cdbe
+
+MAC = Poly1305
+Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9
+Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57
+Output = 5154ad0d2cb26e01274fc51148491f1b
+
+# self-generated vectors exercise "significant" length such that* are handled by different code paths
+
+MAC = Poly1305
+Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af
+Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57
+Output = 812059a5da198637cac7c4a631bee466
+
+MAC = Poly1305
+Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67
+Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57
+Output = 5b88d7f6228b11e2e28579a5c0c1f761
+
+MAC = Poly1305
+Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136
+Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57
+Output = bbb613b2b6d753ba07395b916aaece15
+
+MAC = Poly1305
+Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24
+Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57
+Output = c794d7057d1778c4bbee0a39b3d97342
+
+MAC = Poly1305
+Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136
+Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57
+Output = ffbcb9b371423152d7fca5ad042fbaa9
+
+MAC = Poly1305
+Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136812059a5da198637cac7c4a631bee466
+Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57
+Output = 069ed6b8ef0f207b3e243bb1019fe632
+
+MAC = Poly1305
+Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136812059a5da198637cac7c4a631bee4665b88d7f6228b11e2e28579a5c0c1f761
+Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57
+Output = cca339d9a45fa2368c2c68b3a4179133
+
+MAC = Poly1305
+Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136812059a5da198637cac7c4a631bee4665b88d7f6228b11e2e28579a5c0c1f761ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136
+Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57
+Output = 53f6e828a2f0fe0ee815bf0bd5841a34
+
+MAC = Poly1305
+Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136812059a5da198637cac7c4a631bee4665b88d7f6228b11e2e28579a5c0c1f761ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136812059a5da198637cac7c4a631bee4665b88d7f6228b11e2e28579a5c0c1f761
+Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57
+Output = b846d44e9bbd53cedffbfbb6b7fa4933
+
+# 4th power of the key spills to 131th bit in SIMD key setup
+
+MAC = Poly1305
+Input = ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
+Key = ad628107e8351d0f2c231a05dc4a410600000000000000000000000000000000
+Output = 07145a4c02fe5fa32036de68fabe9066
+
+# poly1305_ieee754.c failed this in final stage
+
+MAC = Poly1305
+Input = 842364e156336c0998b933a6237726180d9e3fdcbde4cd5d17080fc3beb49614d7122c037463ff104d73f19c12704628d417c4c54a3fe30d3c3d7714382d43b0382a50a5dee54be844b076e8df88201a1cd43b90eb21643fa96f39b518aa8340c942ff3c31baf7c9bdbf0f31ae3fa096bf8c63030609829fe72e179824890bc8e08c315c1cce2a83144dbbff09f74e3efc770b54d0984a8f19b14719e63635641d6b1eedf63efbf080e1783d32445412114c20de0b837a0dfa33d6b82825fff44c9a70ea54ce47f07df698e6b03323b53079364a5fc3e9dd034392bdde86dccdda94321c5e44060489336cb65bf3989c36f7282c2f5d2b882c171e74
+Key = 95d5c005503e510d8cd0aa072c4a4d066eabc52d11653df47fbf63ab198bcc26
+Output = f248312e578d9d58f8b7bb4d19105431
+
+# AVX2 in poly1305-x86.pl failed this with 176+32 split
+
+MAC = Poly1305
+Input = 248ac31085b6c2adaaa38259a0d7192c5c35d1bb4ef39ad94c38d1c82479e2dd2159a077024b0589bc8a20101b506f0a1ad0bbab76e83a83f1b94be6beae74e874cab692c5963a75436b776121ec9f62399a3e66b2d22707dae81933b6277f3c8516bcbe26dbbd86f373103d7cf4cad1888c952118fbfbd0d7b4bedc4ae4936aff91157e7aa47c54442ea78d6ac251d324a0fbe49d89cc3521b66d16e9c66a3709894e4eb0a4eedc4ae19468e66b81f271351b1d921ea551047abcc6b87a901fde7db79fa1818c11336dbc07244a40eb
+Key = 000102030405060708090a0b0c0d0e0f00000000000000000000000000000000
+Output = bc939bc5281480fa99c6d68c258ec42f
+
+# test vectors from Google
+
+# No input?
+# # MAC = Poly1305
+# Input =
+# Key = c8afaac331ee372cd6082de134943b174710130e9f6fea8d72293850a667d86c
+# Output = 4710130e9f6fea8d72293850a667d86c
+
+MAC = Poly1305
+Input = 48656c6c6f20776f726c6421
+Key = 746869732069732033322d62797465206b657920666f7220506f6c7931333035
+Output = a6f745008f81c916a20dcc74eef2b2f0
+
+MAC = Poly1305
+Input = 0000000000000000000000000000000000000000000000000000000000000000
+Key = 746869732069732033322d62797465206b657920666f7220506f6c7931333035
+Output = 49ec78090e481ec6c26b33b91ccc0307
+
+MAC = Poly1305
+Input = 89dab80b7717c1db5db437860a3f70218e93e1b8f461fb677f16f35f6f87e2a91c99bc3a47ace47640cc95c345be5ecca5a3523c35cc01893af0b64a620334270372ec12482d1b1e363561698a578b359803495bb4e2ef1930b17a5190b580f141300df30adbeca28f6427a8bc1a999fd51c554a017d095d8c3e3127daf9f595
+Key = 2d773be37adb1e4d683bf0075e79c4ee037918535a7f99ccb7040fb5f5f43aea
+Output = c85d15ed44c378d6b00e23064c7bcd51
+
+MAC = Poly1305
+Input = 000000000000000b170303020000000006db1f1f368d696a810a349c0c714c9a5e7850c2407d721acded95e018d7a85266a6e1289cdb4aeb18da5ac8a2b0026d24a59ad485227f3eaedbb2e7e35e1c66cd60f9abf716dcc9ac42682dd7dab287a7024c4eefc321cc0574e16793e37cec03c5bda42b54c114a80b57af26416c7be742005e20855c73e21dc8e2edc9d435cb6f6059280011c270b71570051c1c9b3052126620bc1e2730fa066c7a509d53c60e5ae1b40aa6e39e49669228c90eecb4a50db32a50bc49e90b4f4b359a1dfd11749cd3867fcf2fb7bb6cd4738f6a4ad6f7ca5058f7618845af9f020f6c3b967b8f4cd4a91e2813b507ae66f2d35c18284f7292186062e10fd5510d18775351ef334e7634ab4743f5b68f49adcab384d3fd75f7390f4006ef2a295c8c7a076ad54546cd25d2107fbe1436c840924aaebe5b370893cd63d1325b8616fc4810886bc152c53221b6df373119393255ee72bcaa880174f1717f9184fa91646f17a24ac55d16bfddca9581a92eda479201f0edbf633600d6066d1ab36d5d2415d71351bbcd608a25108d25641992c1f26c531cf9f90203bc4cc19f5927d834b0a47116d3884bbb164b8ec883d1ac832e56b3918a98601a08d171881541d594db399c6ae6151221745aec814c45b0b05b565436fd6f137aa10a0c0b643761dbd6f9a9dcb99b1a6e690854ce0769cde39761d82fcdec15f0d92d7d8e94ade8eb83fbe0
+Key = 99e5822dd4173c995e3dae0ddefb97743fde3b080134b39f76e9bf8d0e88d546
+Output = 2637408fe13086ea73f971e3425e2820
+
+# test vectors from Hanno Bock
+
+MAC = Poly1305
+Input = cccccccccccccccccccccccccccccccccccccccccccccccccc80ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccceccccccccccccccccccccccccccccccccccccc5cccccccccccccccccccccccccccccccccccccccccce3ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccaccccccccccccccccccccce6cccccccccc000000afccccccccccccccccccfffffff5000000000000000000000000000000000000000000000000000000ffffffe70000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000719205a8521dfc
+Key = 7f1b02640000000000000000000000000000000000000000cccccccccccccccc
+Output = 8559b876eceed66eb37798c0457baff9
+
+MAC = Poly1305
+Input = aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa000000000000000000800264
+Key = e00016000000000000000000000000000000aaaaaaaaaaaaaaaaaaaaaaaaaaaa
+Output = 00bd1258978e205444c9aaaa82006fed
+
+MAC = Poly1305
+Input = 02fc
+Key = 0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
+Output = 06120c0c0c0c0c0c0c0c0c0c0c0c0c0c
+
+MAC = Poly1305
+Input = 7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7a7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b5c7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b6e7b007b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7a7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b5c7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b6e7b001300000000b300000000000000000000000000000000000000000000f20000000000000000000000000000000000002000efff0009000000000000000000000000100000000009000000640000000000000000000000001300000000b300000000000000000000000000000000000000000000f20000000000000000000000000000000000002000efff00090000000000000000007a000010000000000900000064000000000000000000000000000000000000000000000000fc
+Key = 00ff000000000000000000000000000000000000001e00000000000000007b7b
+Output = 33205bbf9e9f8f7212ab9e2ab9b7e4a5
+
+MAC = Poly1305
+Input = 77777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777ffffffe9e9acacacacacacacacacacac0000acacec0100acacac2caca2acacacacacacacacacacac64f2
+Key = 0000007f0000007f01000020000000000000cf77777777777777777777777777
+Output = 02ee7c8c546ddeb1a467e4c3981158b9
+
+# test vectors from Andrew Moon - nacl
+
+MAC = Poly1305
+Input = 8e993b9f48681273c29650ba32fc76ce48332ea7164d96a4476fb8c531a1186ac0dfc17c98dce87b4da7f011ec48c97271d2c20f9b928fe2270d6fb863d51738b48eeee314a7cc8ab932164548e526ae90224368517acfeabd6bb3732bc0e9da99832b61ca01b6de56244a9e88d5f9b37973f622a43d14a6599b1f654cb45a74e355a5
+Key = eea6a7251c1e72916d11c2cb214d3c252539121d8e234e652d651fa4c8cff880
+Output = f3ffc7703f9400e52a7dfb4b3d3305d9
+
+# wrap 2^130-5
+MAC = Poly1305
+Input = ffffffffffffffffffffffffffffffff
+Key = 0200000000000000000000000000000000000000000000000000000000000000
+Output = 03000000000000000000000000000000
+
+# wrap 2^128
+MAC = Poly1305
+Input = 02000000000000000000000000000000
+Key = 02000000000000000000000000000000ffffffffffffffffffffffffffffffff
+Output = 03000000000000000000000000000000
+
+# limb carry
+MAC = Poly1305
+Input = fffffffffffffffffffffffffffffffff0ffffffffffffffffffffffffffffff11000000000000000000000000000000
+Key = 0100000000000000000000000000000000000000000000000000000000000000
+Output = 05000000000000000000000000000000
+
+# 2^130-5
+MAC = Poly1305
+Input = fffffffffffffffffffffffffffffffffbfefefefefefefefefefefefefefefe01010101010101010101010101010101
+Key = 0100000000000000000000000000000000000000000000000000000000000000
+Output = 00000000000000000000000000000000
+
+# 2^130-6
+MAC = Poly1305
+Input = fdffffffffffffffffffffffffffffff
+Key = 0200000000000000000000000000000000000000000000000000000000000000
+Output = faffffffffffffffffffffffffffffff
+
+# 5*H+L reduction intermediate
+MAC = Poly1305
+Input = e33594d7505e43b900000000000000003394d7505e4379cd01000000000000000000000000000000000000000000000001000000000000000000000000000000
+Key = 0100000000000000040000000000000000000000000000000000000000000000
+Output = 14000000000000005500000000000000
+
+# 5*H+L reduction final
+MAC = Poly1305
+Input = e33594d7505e43b900000000000000003394d7505e4379cd010000000000000000000000000000000000000000000000
+Key = 0100000000000000040000000000000000000000000000000000000000000000
+Output = 13000000000000000000000000000000
+
+# Here are 4 duplicated cases for Poly1305 by EVP_PKEY
+MAC = Poly1305 by EVP_PKEY
+Key = 0000000000000000000000000000000000000000000000000000000000000000
+Input = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+Output = 00000000000000000000000000000000
+
+MAC = Poly1305 by EVP_PKEY
+Key = 0000000000000000000000000000000036e5f6b5c5e06070f0efca96227a863e
+Input = 416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f
+Output = 36e5f6b5c5e06070f0efca96227a863e
+
+MAC = Poly1305 by EVP_PKEY
+Key = 36e5f6b5c5e06070f0efca96227a863e00000000000000000000000000000000
+Input = 416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f
+Output = f3477e7cd95417af89a6b8794c310cf0
+
+MAC = Poly1305 by EVP_PKEY
+Key = 1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0
+Input = 2754776173206272696c6c69672c20616e642074686520736c6974687920746f7665730a446964206779726520616e642067696d626c6520696e2074686520776162653a0a416c6c206d696d737920776572652074686520626f726f676f7665732c0a416e6420746865206d6f6d65207261746873206f757467726162652e
+Output = 4541669a7eaaee61e708dc7cbcc5eb62
diff --git a/test/recipes/30-test_evp_data/evpmac_siphash.txt b/test/recipes/30-test_evp_data/evpmac_siphash.txt
new file mode 100644
index 0000000000..2e24f8b1e5
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpmac_siphash.txt
@@ -0,0 +1,166 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+# SIPHASH tests - default values: 2,4 rounds, 16-byte mac
+# There are no official test vectors, they are simple vectors 1, 2, 3, etc
+
+Title = SIPHASH tests
+
+MAC = SipHash
+Key = 000102030405060708090A0B0C0D0E0F
+Input =
+Output = a3817f04ba25a8e66df67214c7550293
+
+MAC = SipHash
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 00
+Output = da87c1d86b99af44347659119b22fc45
+
+MAC = SipHash
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 0001
+Output = 8177228da4a45dc7fca38bdef60affe4
+
+MAC = SipHash
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 000102
+Output = 9c70b60c5267a94e5f33b6b02985ed51
+
+MAC = SipHash
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 00010203
+Output = f88164c12d9c8faf7d0f6e7c7bcd5579
+
+MAC = SipHash
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 0001020304
+Output = 1368875980776f8854527a07690e9627
+
+MAC = SipHash
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 000102030405
+Output = 14eeca338b208613485ea0308fd7a15e
+
+MAC = SipHash
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 00010203040506
+Output = a1f1ebbed8dbc153c0b84aa61ff08239
+
+MAC = SipHash
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 0001020304050607
+Output = 3b62a9ba6258f5610f83e264f31497b4
+
+MAC = SipHash
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 000102030405060708
+Output = 264499060ad9baabc47f8b02bb6d71ed
+
+MAC = SipHash
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E
+Output = 5150d1772f50834a503e069a973fbd7c
+
+MAC = SipHash
+Key = 000102030405060708090A0B0C0D0E0F
+Input =
+Output = a3817f04ba25a8e66df67214c7550293
+
+MAC = SipHash
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 00
+Output = da87c1d86b99af44347659119b22fc45
+
+MAC = SipHash
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 0001
+Output = 8177228da4a45dc7fca38bdef60affe4
+
+MAC = SipHash
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 000102
+Output = 9c70b60c5267a94e5f33b6b02985ed51
+
+MAC = SipHash
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 00010203
+Output = f88164c12d9c8faf7d0f6e7c7bcd5579
+
+MAC = SipHash
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 0001020304
+Output = 1368875980776f8854527a07690e9627
+
+MAC = SipHash
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 000102030405
+Output = 14eeca338b208613485ea0308fd7a15e
+
+MAC = SipHash
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 00010203040506
+Output = a1f1ebbed8dbc153c0b84aa61ff08239
+
+MAC = SipHash
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 0001020304050607
+Output = 3b62a9ba6258f5610f83e264f31497b4
+
+MAC = SipHash by EVP_PKEY
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 000102030405060708
+Output = 264499060ad9baabc47f8b02bb6d71ed
+
+MAC = SipHash
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E
+Output = 5150d1772f50834a503e069a973fbd7c
+
+# SIPHASH - default values: 2,4 rounds, explicit 8-byte mac
+
+MAC = SipHash
+Ctrl = size:8
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E
+Output = 724506EB4C328A95
+
+# SIPHASH - default values: 2,4 rounds, explicit 16-byte mac
+
+MAC = SipHash
+Ctrl = size:16
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E
+Output = 5150d1772f50834a503e069a973fbd7c
+
+# SIPHASH - default values: 2,4 rounds, explicit 16-byte mac (set as 0)
+
+MAC = SipHash
+Ctrl = size:0
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E
+Output = 5150d1772f50834a503e069a973fbd7c
+
+# SIPHASH - default values: 2,4 rounds, explicit 13-byte mac (invalid size)
+
+MAC = SipHash
+Ctrl = size:13
+Key = 000102030405060708090A0B0C0D0E0F
+Result = MAC_BAD_PARAMS
+
+# SIPHASH - default values: 2,4 rounds, explicit 13-byte mac (invalid size)
+# by EVP_PKEY this time
+
+MAC = SipHash by EVP_PKEY
+Ctrl = size:13
+Key = 000102030405060708090A0B0C0D0E0F
+Result = EVPPKEYCTXCTRL_ERROR
diff --git a/test/recipes/30-test_evp_data/evpmd_blake.txt b/test/recipes/30-test_evp_data/evpmd_blake.txt
new file mode 100644
index 0000000000..1d0ba59806
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpmd_blake.txt
@@ -0,0 +1,91 @@
+#
+# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+# BLAKE2 tests, using same inputs as MD5
+# There are no official BLAKE2 test vectors we can use since they all use a key
+# Which is currently unsupported by OpenSSL.  They were generated using the
+# reference implementation.  RFC7693 also mentions the 616263 / "abc" values.
+
+Title = BLAKE tests
+
+Digest = BLAKE2s256
+Input = 
+Output = 69217a3079908094e11121d042354a7c1f55b6482ca1a51e1b250dfd1ed0eef9
+
+Digest = BLAKE2s256
+Input = 61
+Output = 4a0d129873403037c2cd9b9048203687f6233fb6738956e0349bd4320fec3e90
+
+Digest = BLAKE2s256
+Input = 616263
+Output = 508c5e8c327c14e2e1a72ba34eeb452f37458b209ed63a294d999b4c86675982
+
+Digest = BLAKE2s256
+Input = 6d65737361676520646967657374
+Output = fa10ab775acf89b7d3c8a6e823d586f6b67bdbac4ce207fe145b7d3ac25cd28c
+
+Digest = BLAKE2s256
+Input = 6162636465666768696a6b6c6d6e6f707172737475767778797a
+Output = bdf88eb1f86a0cdf0e840ba88fa118508369df186c7355b4b16cf79fa2710a12
+
+Digest = BLAKE2s256
+Input = 4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839
+Output = c75439ea17e1de6fa4510c335dc3d3f343e6f9e1ce2773e25b4174f1df8b119b
+
+Digest = BLAKE2s256
+Input = 3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930
+Output = fdaedb290a0d5af9870864fec2e090200989dc9cd53a3c092129e8535e8b4f66
+
+Digest = BLAKE2s256
+Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
+Output = 1FA877DE67259D19863A2A34BCC6962A2B25FCBF5CBECD7EDE8F1FA36688A796
+
+Digest = BLAKE2s256
+Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F8081
+Output = C80ABEEBB669AD5DEEB5F5EC8EA6B7A05DDF7D31EC4C0A2EE20B0B98CAEC6746
+
+Digest = BLAKE2b512
+Input = 
+Output = 786a02f742015903c6c6fd852552d272912f4740e15847618a86e217f71f5419d25e1031afee585313896444934eb04b903a685b1448b755d56f701afe9be2ce
+
+Digest = BLAKE2b512
+Input = 61
+Output = 333fcb4ee1aa7c115355ec66ceac917c8bfd815bf7587d325aec1864edd24e34d5abe2c6b1b5ee3face62fed78dbef802f2a85cb91d455a8f5249d330853cb3c
+
+Digest = BLAKE2b512
+Input = 616263
+Output = ba80a53f981c4d0d6a2797b69f12f6e94c212f14685ac4b74b12bb6fdbffa2d17d87c5392aab792dc252d5de4533cc9518d38aa8dbf1925ab92386edd4009923
+
+Digest = BLAKE2b512
+Input = 6d65737361676520646967657374
+Output = 3c26ce487b1c0f062363afa3c675ebdbf5f4ef9bdc022cfbef91e3111cdc283840d8331fc30a8a0906cff4bcdbcd230c61aaec60fdfad457ed96b709a382359a
+
+Digest = BLAKE2b512
+Input = 6162636465666768696a6b6c6d6e6f707172737475767778797a
+Output = c68ede143e416eb7b4aaae0d8e48e55dd529eafed10b1df1a61416953a2b0a5666c761e7d412e6709e31ffe221b7a7a73908cb95a4d120b8b090a87d1fbedb4c
+
+Digest = BLAKE2b512
+Input = 4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839
+Output = 99964802e5c25e703722905d3fb80046b6bca698ca9e2cc7e49b4fe1fa087c2edf0312dfbb275cf250a1e542fd5dc2edd313f9c491127c2e8c0c9b24168e2d50
+
+Digest = BLAKE2b512
+Input = 3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930
+Output = 686f41ec5afff6e87e1f076f542aa466466ff5fbde162c48481ba48a748d842799f5b30f5b67fc684771b33b994206d05cc310f31914edd7b97e41860d77d282
+
+Digest = BLAKE2b512
+Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
+Output = 2319E3789C47E2DAA5FE807F61BEC2A1A6537FA03F19FF32E87EECBFD64B7E0E8CCFF439AC333B040F19B0C4DDD11A61E24AC1FE0F10A039806C5DCC0DA3D115
+
+Digest = BLAKE2b512
+Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F8081
+Output = DF0A9D0C212843A6A934E3902B2DD30D17FBA5F969D2030B12A546D8A6A45E80CF5635F071F0452E9C919275DA99BED51EB1173C1AF0518726B75B0EC3BAE2B5
diff --git a/test/recipes/30-test_evp_data/evpmd_md.txt b/test/recipes/30-test_evp_data/evpmd_md.txt
new file mode 100644
index 0000000000..f6bea2ac96
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpmd_md.txt
@@ -0,0 +1,111 @@
+#
+# Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+Title = MD2 tests
+
+Digest = MD2
+Input =
+Output = 8350e5a3e24c153df2275c9f80692773
+
+Digest = MD2
+Input = "a"
+Output = 32ec01ec4a6dac72c0ab96fb34c0b5d1
+
+Digest = MD2
+Input = "abc"
+Output = da853b0d3f88d99b30283a69e6ded6bb
+
+Digest = MD2
+Input = "message digest"
+Output = ab4f496bfb2a530b219ff33031fe06b0
+
+Digest = MD2
+Input = "abcdefghijklmnopqrstuvwxyz"
+Output = 4e8ddff3650292ab5a4108c3aa47940b
+
+Digest = MD2
+Input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
+Output = da33def2a42df13975352846c30338cd
+
+Digest = MD2
+Input = "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
+Output = d5976f79d83d3a0dc9806c3c66f3efd8
+
+Title = MD4 tests
+
+Digest = MD4
+Input = ""
+Output = 31d6cfe0d16ae931b73c59d7e0c089c0
+
+Digest = MD4
+Input = "a"
+Output = bde52cb31de33e46245e05fbdbd6fb24
+
+Digest = MD4
+Input = "abc"
+Output = a448017aaf21d8525fc10ae87aa6729d
+
+Digest = MD4
+Input = "message digest"
+Output = d9130a8164549fe818874806e1c7014b
+
+Digest = MD4
+Input = "abcdefghijklmnopqrstuvwxyz"
+Output = d79e1c308aa5bbcdeea8ed63df412da9
+
+Digest = MD4
+Input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
+Output = 043f8582f241db351ce627e153e7f0e4
+
+Digest = MD4
+Input = "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
+Output = e33b4ddc9c38f2199c3e7b164fcc0536
+
+Title =  MD5 tests
+
+Digest = MD5
+Input =
+Output = d41d8cd98f00b204e9800998ecf8427e
+
+Digest = MD5
+Input = 61
+Output = 0cc175b9c0f1b6a831c399e269772661
+
+Digest = MD5
+Input = 616263
+Output = 900150983cd24fb0d6963f7d28e17f72
+
+Digest = MD5
+Input = 6d65737361676520646967657374
+Output = f96b697d7cb7938d525a2f31aaf161d0
+
+Digest = MD5
+Input = 6162636465666768696a6b6c6d6e6f707172737475767778797a
+Output = c3fcd3d76192e4007dfb496cca67e13b
+
+Digest = MD5
+Input = 4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839
+Output = d174ab98d277d9f5a5611c2c9f419d9f
+
+Digest = MD5
+Input = 3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930
+Output = 57edf4a22be3c955ac49da2e2107b67a
+
+Title = MD5-SHA1
+
+Digest = MD5-SHA1
+Input =
+Output = d41d8cd98f00b204e9800998ecf8427eda39a3ee5e6b4b0d3255bfef95601890afd80709
+
+Digest = MD5-SHA1
+Input = "abc"
+Output = 900150983cd24fb0d6963f7d28e17f72a9993e364706816aba3e25717850c26c9cd0d89d
+
+Digest = MD5-SHA1
+Input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+Output = 8215ef0796a20bcaaae116d3876c664a84983e441c3bd26ebaae4aa1f95129e5e54670f1
diff --git a/test/recipes/30-test_evp_data/evpmd_md2.txt b/test/recipes/30-test_evp_data/evpmd_md2.txt
deleted file mode 100644
index cd0d5c6f88..0000000000
--- a/test/recipes/30-test_evp_data/evpmd_md2.txt
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
-#
-# Licensed under the Apache License 2.0 (the "License").  You may not use
-# this file except in compliance with the License.  You can obtain a copy
-# in the file LICENSE in the source distribution or at
-# https://www.openssl.org/source/license.html
-
-Title = MD2 tests
-
-Digest = MD2
-Availablein = legacy
-Input =
-Output = 8350e5a3e24c153df2275c9f80692773
-
-Digest = MD2
-Availablein = legacy
-Input = "a"
-Output = 32ec01ec4a6dac72c0ab96fb34c0b5d1
-
-Digest = MD2
-Availablein = legacy
-Input = "abc"
-Output = da853b0d3f88d99b30283a69e6ded6bb
-
-Digest = MD2
-Availablein = legacy
-Input = "message digest"
-Output = ab4f496bfb2a530b219ff33031fe06b0
-
-Digest = MD2
-Availablein = legacy
-Input = "abcdefghijklmnopqrstuvwxyz"
-Output = 4e8ddff3650292ab5a4108c3aa47940b
-
-Digest = MD2
-Availablein = legacy
-Input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
-Output = da33def2a42df13975352846c30338cd
-
-Digest = MD2
-Availablein = legacy
-Input = "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
-Output = d5976f79d83d3a0dc9806c3c66f3efd8
diff --git a/test/recipes/30-test_evp_data/evpmd_mdc2.txt b/test/recipes/30-test_evp_data/evpmd_mdc2.txt
index c0d0544af3..b9bff32769 100644
--- a/test/recipes/30-test_evp_data/evpmd_mdc2.txt
+++ b/test/recipes/30-test_evp_data/evpmd_mdc2.txt
@@ -6,22 +6,18 @@
 # in the file LICENSE in the source distribution or at
 # https://www.openssl.org/source/license.html
 
-
 Title = MDC2 test vectors
 
 Digest = MDC2
-Availablein = default
 Input = "Now is the time for all "
 Output = 42e50cd224baceba760bdd2bd409281a
 
 Digest = MDC2
-Availablein = default
 Padding = 1
 Input = "Now is the time for all "
 Output = 42e50cd224baceba760bdd2bd409281a
 
 Digest = MDC2
-Availablein = default
 Padding = 2
 Input = "Now is the time for all "
 Output = 2e4679b5add9ca7535d87afeab33bee2
diff --git a/test/recipes/30-test_evp_data/evpmd_ripemd.txt b/test/recipes/30-test_evp_data/evpmd_ripemd.txt
new file mode 100644
index 0000000000..6c63cc7db2
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpmd_ripemd.txt
@@ -0,0 +1,46 @@
+#
+# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title = RIPEMD160 tests
+
+Digest = RIPEMD160
+Input = ""
+Output = 9c1185a5c5e9fc54612808977ee8f548b2258d31
+
+Digest = RIPEMD160
+Input = "a"
+Output = 0bdc9d2d256b3ee9daae347be6f4dc835a467ffe
+
+Digest = RIPEMD160
+Input = "abc"
+Output = 8eb208f7e05d987a9b044a8e98c6b087f15a0bfc
+
+Digest = RIPEMD160
+Input = "message digest"
+Output = 5d0689ef49d2fae572b881b123a85ffa21595f36
+
+Digest = RIPEMD160
+Input = "abcdefghijklmnopqrstuvwxyz"
+Output = f71c27109c692c1b56bbdceb5b9d2865b3708dbc
+
+Digest = RIPEMD160
+Input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+Output = 12a053384a9c0c88e405a06c27dcf49ada62eb2b
+
+Digest = RIPEMD160
+Input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
+Output = b0e20b6e3116640286ed3a87a5713079b21f5189
+
+Digest = RIPEMD160
+Input = "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
+Output = 9b752e45573d4b39f4dbd3323cab82bf63326bfb
diff --git a/test/recipes/30-test_evp_data/evpdigest.txt b/test/recipes/30-test_evp_data/evpmd_sha.txt
similarity index 59%
rename from test/recipes/30-test_evp_data/evpdigest.txt
rename to test/recipes/30-test_evp_data/evpmd_sha.txt
index 5122ef5d34..66ddf4590a 100644
--- a/test/recipes/30-test_evp_data/evpdigest.txt
+++ b/test/recipes/30-test_evp_data/evpmd_sha.txt
@@ -9,105 +9,8 @@
 # Tests start with one of these keywords
 #       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
 #       PrivPubKeyPair Sign Verify VerifyRecover
-# and continue until a blank line.  Lines starting with a pound sign,
-# like this prolog, are ignored.
+# and continue until a blank line. Lines starting with a pound sign are ignored.
 
-# BLAKE2 tests, using same inputs as MD5
-# There are no official BLAKE2 test vectors we can use since they all use a key
-# Which is currently unsupported by OpenSSL.  They were generated using the
-# reference implementation.  RFC7693 also mentions the 616263 / "abc" values.
-
-Title = BLAKE tests
-
-Digest = BLAKE2s256
-Availablein = default
-Input = 
-Output = 69217a3079908094e11121d042354a7c1f55b6482ca1a51e1b250dfd1ed0eef9
-
-Digest = BLAKE2s256
-Availablein = default
-Input = 61
-Output = 4a0d129873403037c2cd9b9048203687f6233fb6738956e0349bd4320fec3e90
-
-Digest = BLAKE2s256
-Availablein = default
-Input = 616263
-Output = 508c5e8c327c14e2e1a72ba34eeb452f37458b209ed63a294d999b4c86675982
-
-Digest = BLAKE2s256
-Availablein = default
-Input = 6d65737361676520646967657374
-Output = fa10ab775acf89b7d3c8a6e823d586f6b67bdbac4ce207fe145b7d3ac25cd28c
-
-Digest = BLAKE2s256
-Availablein = default
-Input = 6162636465666768696a6b6c6d6e6f707172737475767778797a
-Output = bdf88eb1f86a0cdf0e840ba88fa118508369df186c7355b4b16cf79fa2710a12
-
-Digest = BLAKE2s256
-Availablein = default
-Input = 4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839
-Output = c75439ea17e1de6fa4510c335dc3d3f343e6f9e1ce2773e25b4174f1df8b119b
-
-Digest = BLAKE2s256
-Availablein = default
-Input = 3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930
-Output = fdaedb290a0d5af9870864fec2e090200989dc9cd53a3c092129e8535e8b4f66
-
-Digest = BLAKE2s256
-Availablein = default
-Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
-Output = 1FA877DE67259D19863A2A34BCC6962A2B25FCBF5CBECD7EDE8F1FA36688A796
-
-Digest = BLAKE2s256
-Availablein = default
-Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F8081
-Output = C80ABEEBB669AD5DEEB5F5EC8EA6B7A05DDF7D31EC4C0A2EE20B0B98CAEC6746
-
-Digest = BLAKE2b512
-Availablein = default
-Input = 
-Output = 786a02f742015903c6c6fd852552d272912f4740e15847618a86e217f71f5419d25e1031afee585313896444934eb04b903a685b1448b755d56f701afe9be2ce
-
-Digest = BLAKE2b512
-Availablein = default
-Input = 61
-Output = 333fcb4ee1aa7c115355ec66ceac917c8bfd815bf7587d325aec1864edd24e34d5abe2c6b1b5ee3face62fed78dbef802f2a85cb91d455a8f5249d330853cb3c
-
-Digest = BLAKE2b512
-Availablein = default
-Input = 616263
-Output = ba80a53f981c4d0d6a2797b69f12f6e94c212f14685ac4b74b12bb6fdbffa2d17d87c5392aab792dc252d5de4533cc9518d38aa8dbf1925ab92386edd4009923
-
-Digest = BLAKE2b512
-Availablein = default
-Input = 6d65737361676520646967657374
-Output = 3c26ce487b1c0f062363afa3c675ebdbf5f4ef9bdc022cfbef91e3111cdc283840d8331fc30a8a0906cff4bcdbcd230c61aaec60fdfad457ed96b709a382359a
-
-Digest = BLAKE2b512
-Availablein = default
-Input = 6162636465666768696a6b6c6d6e6f707172737475767778797a
-Output = c68ede143e416eb7b4aaae0d8e48e55dd529eafed10b1df1a61416953a2b0a5666c761e7d412e6709e31ffe221b7a7a73908cb95a4d120b8b090a87d1fbedb4c
-
-Digest = BLAKE2b512
-Availablein = default
-Input = 4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839
-Output = 99964802e5c25e703722905d3fb80046b6bca698ca9e2cc7e49b4fe1fa087c2edf0312dfbb275cf250a1e542fd5dc2edd313f9c491127c2e8c0c9b24168e2d50
-
-Digest = BLAKE2b512
-Availablein = default
-Input = 3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930
-Output = 686f41ec5afff6e87e1f076f542aa466466ff5fbde162c48481ba48a748d842799f5b30f5b67fc684771b33b994206d05cc310f31914edd7b97e41860d77d282
-
-Digest = BLAKE2b512
-Availablein = default
-Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
-Output = 2319E3789C47E2DAA5FE807F61BEC2A1A6537FA03F19FF32E87EECBFD64B7E0E8CCFF439AC333B040F19B0C4DDD11A61E24AC1FE0F10A039806C5DCC0DA3D115
-
-Digest = BLAKE2b512
-Availablein = default
-Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F8081
-Output = DF0A9D0C212843A6A934E3902B2DD30D17FBA5F969D2030B12A546D8A6A45E80CF5635F071F0452E9C919275DA99BED51EB1173C1AF0518726B75B0EC3BAE2B5
 
 Title = SHA tests from (RFC6234 section 8.5 and others)
 
@@ -245,186 +148,7 @@ Digest = SHA512-256
 Input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
 Output = 3928e184fb8690f840da3988121d31be65cb9d3ef83ee6146feac861e19b563a
 
-Title =  MD5 tests
-
-Digest = MD5
-Availablein = default
-Input =
-Output = d41d8cd98f00b204e9800998ecf8427e
-
-Digest = MD5
-Availablein = default
-Input = 61
-Output = 0cc175b9c0f1b6a831c399e269772661
-
-Digest = MD5
-Availablein = default
-Input = 616263
-Output = 900150983cd24fb0d6963f7d28e17f72
-
-Digest = MD5
-Availablein = default
-Input = 6d65737361676520646967657374
-Output = f96b697d7cb7938d525a2f31aaf161d0
-
-Digest = MD5
-Availablein = default
-Input = 6162636465666768696a6b6c6d6e6f707172737475767778797a
-Output = c3fcd3d76192e4007dfb496cca67e13b
-
-Digest = MD5
-Availablein = default
-Input = 4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839
-Output = d174ab98d277d9f5a5611c2c9f419d9f
-
-Digest = MD5
-Availablein = default
-Input = 3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930
-Output = 57edf4a22be3c955ac49da2e2107b67a
-
-Title = MD5-SHA1
-
-Digest = MD5-SHA1
-Availablein = default
-Input =
-Output = d41d8cd98f00b204e9800998ecf8427eda39a3ee5e6b4b0d3255bfef95601890afd80709
-
-Digest = MD5-SHA1
-Availablein = default
-Input = "abc"
-Output = 900150983cd24fb0d6963f7d28e17f72a9993e364706816aba3e25717850c26c9cd0d89d
-
-Digest = MD5-SHA1
-Availablein = default
-Input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
-Output = 8215ef0796a20bcaaae116d3876c664a84983e441c3bd26ebaae4aa1f95129e5e54670f1
-
-Title = MD4 tests
-
-Digest = MD4
-Availablein = legacy
-Input = ""
-Output = 31d6cfe0d16ae931b73c59d7e0c089c0
-
-Digest = MD4
-Availablein = legacy
-Input = "a"
-Output = bde52cb31de33e46245e05fbdbd6fb24
-
-Digest = MD4
-Availablein = legacy
-Input = "abc"
-Output = a448017aaf21d8525fc10ae87aa6729d
-
-Digest = MD4
-Availablein = legacy
-Input = "message digest"
-Output = d9130a8164549fe818874806e1c7014b
-
-Digest = MD4
-Availablein = legacy
-Input = "abcdefghijklmnopqrstuvwxyz"
-Output = d79e1c308aa5bbcdeea8ed63df412da9
-
-Digest = MD4
-Availablein = legacy
-Input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
-Output = 043f8582f241db351ce627e153e7f0e4
-
-Digest = MD4
-Availablein = legacy
-Input = "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
-Output = e33b4ddc9c38f2199c3e7b164fcc0536
-
-Title = RIPEMD160 tests
 
-Digest = RIPEMD160
-Availablein = legacy
-Input = ""
-Output = 9c1185a5c5e9fc54612808977ee8f548b2258d31
-
-Digest = RIPEMD160
-Availablein = legacy
-Input = "a"
-Output = 0bdc9d2d256b3ee9daae347be6f4dc835a467ffe
-
-Digest = RIPEMD160
-Availablein = legacy
-Input = "abc"
-Output = 8eb208f7e05d987a9b044a8e98c6b087f15a0bfc
-
-Digest = RIPEMD160
-Availablein = legacy
-Input = "message digest"
-Output = 5d0689ef49d2fae572b881b123a85ffa21595f36
-
-Digest = RIPEMD160
-Availablein = legacy
-Input = "abcdefghijklmnopqrstuvwxyz"
-Output = f71c27109c692c1b56bbdceb5b9d2865b3708dbc
-
-Digest = RIPEMD160
-Availablein = legacy
-Input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
-Output = 12a053384a9c0c88e405a06c27dcf49ada62eb2b
-
-Digest = RIPEMD160
-Availablein = legacy
-Input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
-Output = b0e20b6e3116640286ed3a87a5713079b21f5189
-
-Digest = RIPEMD160
-Availablein = legacy
-Input = "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
-Output = 9b752e45573d4b39f4dbd3323cab82bf63326bfb
-
-Title = Whirlpool (from ISO/IEC 10118-3 test vector set)
-
-Digest = whirlpool
-Availablein = legacy
-Input = ""
-Output = 19FA61D75522A4669B44E39C1D2E1726C530232130D407F89AFEE0964997F7A73E83BE698B288FEBCF88E3E03C4F0757EA8964E59B63D93708B138CC42A66EB3
-
-Digest = whirlpool
-Availablein = legacy
-Input = "a"
-Output = 8ACA2602792AEC6F11A67206531FB7D7F0DFF59413145E6973C45001D0087B42D11BC645413AEFF63A42391A39145A591A92200D560195E53B478584FDAE231A
-
-Digest = whirlpool
-Availablein = legacy
-Input = "abc"
-Output = 4E2448A4C6F486BB16B6562C73B4020BF3043E3A731BCE721AE1B303D97E6D4C7181EEBDB6C57E277D0E34957114CBD6C797FC9D95D8B582D225292076D4EEF5
-
-Digest = whirlpool
-Availablein = legacy
-Input = "message digest"
-Output = 378C84A4126E2DC6E56DCC7458377AAC838D00032230F53CE1F5700C0FFB4D3B8421557659EF55C106B4B52AC5A4AAA692ED920052838F3362E86DBD37A8903E
-
-Digest = whirlpool
-Availablein = legacy
-Input = "abcdefghijklmnopqrstuvwxyz"
-Output = F1D754662636FFE92C82EBB9212A484A8D38631EAD4238F5442EE13B8054E41B08BF2A9251C30B6A0B8AAE86177AB4A6F68F673E7207865D5D9819A3DBA4EB3B
-
-Digest = whirlpool
-Availablein = legacy
-Input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
-Output = DC37E008CF9EE69BF11F00ED9ABA26901DD7C28CDEC066CC6AF42E40F82F3A1E08EBA26629129D8FB7CB57211B9281A65517CC879D7B962142C65F5A7AF01467
-
-Digest = whirlpool
-Availablein = legacy
-Input = "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
-Output = 466EF18BABB0154D25B9D38A6414F5C08784372BCCB204D6549C4AFADB6014294D5BD8DF2A6C44E538CD047B2681A51A2C60481E88C5A20B2C2A80CF3A9A083B
-
-Digest = whirlpool
-Availablein = legacy
-Input = "abcdbcdecdefdefgefghfghighijhijk"
-Output = 2A987EA40F917061F5D6F0A0E4644F488A7A5A52DEEE656207C562F988E95C6916BDC8031BC5BE1B7B947639FE050B56939BAAA0ADFF9AE6745B7B181C3BE3FD
-
-Digest = whirlpool
-Availablein = legacy
-Input = "aaaaaaaaaa"
-Count = 100000
-Output = 0C99005BEB57EFF50A7CF005560DDF5D29057FD86B20BFD62DECA0F1CCEA4AF51FC15490EDDC47AF32BB2B66C34FF9AD8C6008AD677F77126953B226E4ED8B01
 
 Title = SHA3
 
@@ -514,7 +238,6 @@ Count = 200
 Output = 131AB8D2B594946B9C81333F9BB6E0CE75C3B93104FA3469D3917457385DA037CF232EF7164A6D1EB448C8908186AD852D3F85A5CF28DA1AB6FE3438171978467F1C05D58C7EF38C284C41F6C2221A76F12AB1C04082660250802294FB87180213FDEF5B0ECB7DF50CA1F8555BE14D32E10F6EDCDE892C09424B29F597AFC270C904556BFCB47A7D40778D390923642B3CBD0579E60908D5A000C1D08B98EF933F806445BF87F8B009BA9E94F7266122ED7AC24E5E266C42A82FA1BBEFB7B8DB0066E16A85E0493F07DF4809AEC084A593748AC3DDE5A6D7AAE1E8B6E5352B2D71EFBB47D4CAEED5E6D633805D2D323E6FD81B4684B93A2677D45E7421C2C6AEA259B855A698FD7D13477A1FE53E5A4A6197DBEC5CE95F505B520BCD9570C4A8265A7E01F89C0C002C59BFEC6CD4A5C109258953EE5EE70CD577EE217AF21FA70178F0946C9BF6CA8751793479F6B537737E40B6ED28511D8A2D7E73EB75F8DAAC912FF906E0AB955B083BAC45A8E5E9B744C8506F37E9B4E749A184B30F43EB188D855F1B70D71FF3E50C537AC1B0F8974F0FE1A6AD295BA42F6AEC74D123A7ABEDDE6E2C0711CAB36BE5ACB1A5A11A4B1DB08BA6982EFCCD716929A7741CFC63AA4435E0B69A9063E880795C3DC5EF3272E11C497A91ACF699FEFEE206227A44C9FB359FD56AC0A9A75A743CFF6862F17D7259AB075216C0699511643B6439
 
 Digest = SHAKE128
-Availablein = default
 Input = a6fe00064257aa318b621c5eb311d32bb8004c2fa1a969d205d71762cc5d2e633907992629d1b69d9557ff6d5e8deb454ab00f6e497c89a4fea09e257a6fa2074bd818ceb5981b3e3faefd6e720f2d1edd9c5e4a5c51e5009abf636ed5bca53fe159c8287014a1bd904f5c8a7501625f79ac81eb618f478ce21cae6664acffb30572f059e1ad0fc2912264e8f1ca52af26c8bf78e09d75f3dd9fc734afa8770abe0bd78c90cc2ff448105fb16dd2c5b7edd8611a62e537db9331f5023e16d6ec150cc6e706d7c7fcbfff930c7281831fd5c4aff86ece57ed0db882f59a5fe403105d0592ca38a081fed84922873f538ee774f13b8cc09bd0521db4374aec69f4bae6dcb66455822c0b84c91a3474ffac2ad06f0a4423cd2c6a49d4f0d6242d6a1890937b5d9835a5f0ea5b1d01884d22a6c1718e1f60b3ab5e232947c76ef70b344171083c688093b5f1475377e3069863
 Output = 3109d9472ca436e805c6b3db2251a9bc
 
@@ -558,49 +281,13 @@ Digest = SHAKE256
 Input = 8d8001e2c096f1b88e7c9224a086efd4797fbf74a8033a2d422a2b6b8f6747e4
 Output = 2e975f6a8a14f0704d51b13667d8195c219f71e6345696c49fa4b9d08e9225d3d39393425152c97e71dd24601c11abcfa0f12f53c680bd3ae757b8134a9c10d429615869217fdd5885c4db174985703a6d6de94a667eac3023443a8337ae1bc601b76d7d38ec3c34463105f0d3949d78e562a039e4469548b609395de5a4fd43c46ca9fd6ee29ada5efc07d84d553249450dab4a49c483ded250c9338f85cd937ae66bb436f3b4026e859fda1ca571432f3bfc09e7c03ca4d183b741111ca0483d0edabc03feb23b17ee48e844ba2408d9dcfd0139d2e8c7310125aee801c61ab7900d1efc47c078281766f361c5e6111346235e1dc38325666c
 
-Title = SM3 Tests
-
-# From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02
-
-Digest = SM3
-Availablein = default
-Input = 0090414C494345313233405941484F4F2E434F4D787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E49863E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A20AE4C7798AA0F119471BEE11825BE46202BB79E2A5844495E97C04FF4DF2548A7C0240F88F1CD4E16352A73C17B7F16F07353E53A176D684A9FE0C6BB798E857
-Output = F4A38489E32B45B6F876E3AC2168CA392362DC8F23459C1D1146FC3DBFB7BC9A
-
-# From https://tools.ietf.org/html/draft-shen-sm3-hash-01
-Digest = SM3
-Availablein = default
-Input = 616263
-Output = 66C7F0F462EEEDD9D1F2D46BDC10E4E24167C4875CF2F7A2297DA02B8F4BA8E0
-
-Digest = SM3
-Availablein = default
-Input = 61626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364
-Output = DEBE9FF92275B8A138604889C18E5A4D6FDB70E5387E5765293dCbA39C0C5732
+Title = Case insensitive digest tests
 
-# From GmSSL test suite
-
-Digest = SM3
-Availablein = default
-Input = 0090414C494345313233405941484F4F2E434F4D787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E49863E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A20AE4C7798AA0F119471BEE11825BE46202BB79E2A5844495E97C04FF4DF2548A7C0240F88F1CD4E16352A73C17B7F16F07353E53A176D684A9FE0C6BB798E857
-Output = F4A38489E32B45B6F876E3AC2168CA392362DC8F23459C1D1146FC3DBFB7BC9A
-
-Digest = SM3
-Availablein = default
-Input = 0090414C494345313233405941484F4F2E434F4D00000000000000000000000000000000000000000000000000000000000000000000E78BCD09746C202378A7E72B12BCE00266B9627ECB0B5A25367AD1AD4CC6242B00CDB9CA7F1E6B0441F658343F4B10297C0EF9B6491082400A62E7A7485735FADD013DE74DA65951C4D76DC89220D5F7777A611B1C38BAE260B175951DC8060C2B3E0165961645281A8626607B917F657D7E9382F1EA5CD931F40F6627F357542653B201686522130D590FB8DE635D8FCA715CC6BF3D05BEF3F75DA5D543454448166612
-Output = 26352AF82EC19F207BBC6F9474E11E90CE0F7DDACE03B27F801817E897A81FD5
-
-Digest = SM3
-Availablein = default
-Input = 0090414C494345313233405941484F4F2E434F4D787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E49863E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A23099093BF3C137D8FCBBCDF4A2AE50F3B0F216C3122D79425FE03A45DBFE16553DF79E8DAC1CF0ECBAA2F2B49D51A4B387F2EFAF482339086A27A8E05BAED98B
-Output = E4D1D0C3CA4C7F11BC8FF8CB3F4C02A78F108FA098E51A668487240F75E20F31
+Digest = Sha3-256
+Input = ""
+Output = A7FFC6F8BF1ED76651C14756A061D662F580FF4DE43B49FA82D80A4B80F8434A
 
-Digest = SM3
-Availablein = default
-Input = 008842494C4C343536405941484F4F2E434F4D787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E49863E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2245493D446C38D8CC0F118374690E7DF633A8A4BFB3329B5ECE604B2B4F37F4353C0869F4B9E17773DE68FEC45E14904E0DEA45BF6CECF9918C85EA047C60A4C
-Output = 6B4B6D0E276691BD4A11BF72F4FB501AE309FDACB72FA6CC336E6656119ABD67
+Digest = shA512
+Input = "abc"
+Output = ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f
 
-Digest = SM3
-Availablein = default
-Input = 4D38D2958CA7FD2CFAE3AF04486959CF92C8EF48E8B83A05C112E739D5F181D03082020CA003020102020900AF28725D98D33143300C06082A811CCF550183750500307D310B300906035504060C02636E310B300906035504080C02626A310B300906035504070C02626A310F300D060355040A0C06746F70736563310F300D060355040B0C06746F707365633111300F06035504030C08546F707365634341311F301D06092A864886F70D0109010C10626A40746F707365632E636F6D2E636E301E170D3132303632343037353433395A170D3332303632303037353433395A307D310B300906035504060C02636E310B300906035504080C02626A310B300906035504070C02626A310F300D060355040A0C06746F70736563310F300D060355040B0C06746F707365633111300F06035504030C08546F707365634341311F301D06092A864886F70D0109010C10626A40746F707365632E636F6D2E636E3059301306072A8648CE3D020106082A811CCF5501822D03420004D69C2F1EEC3BFB6B95B30C28085C77B125D77A9C39525D8190768F37D6B205B589DCD316BBE7D89A9DC21917F17799E698531F5E6E3E10BD31370B259C3F81C3A3733071300F0603551D130101FF040530030101FF301D0603551D0E041604148E5D90347858BAAAD870D8BDFBA6A85E7B563B64301F0603551D230418301680148E5D90347858BAAAD870D8BDFBA6A85E7B563B64300B0603551D0F040403020106301106096086480186F8420101040403020057
-Output = C3B02E500A8B60B77DEDCF6F4C11BEF8D56E5CDE708C72065654FD7B2167915A
diff --git a/test/recipes/30-test_evp_data/evpmd_sm3.txt b/test/recipes/30-test_evp_data/evpmd_sm3.txt
new file mode 100644
index 0000000000..f2546b5acc
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpmd_sm3.txt
@@ -0,0 +1,61 @@
+#
+# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title = SM3 Tests
+
+# From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02
+
+Digest = SM3
+Input = 0090414C494345313233405941484F4F2E434F4D787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E49863E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A20AE4C7798AA0F119471BEE11825BE46202BB79E2A5844495E97C04FF4DF2548A7C0240F88F1CD4E16352A73C17B7F16F07353E53A176D684A9FE0C6BB798E857
+Output = F4A38489E32B45B6F876E3AC2168CA392362DC8F23459C1D1146FC3DBFB7BC9A
+
+# From https://tools.ietf.org/html/draft-shen-sm3-hash-01
+Digest = SM3
+Input = 616263
+Output = 66C7F0F462EEEDD9D1F2D46BDC10E4E24167C4875CF2F7A2297DA02B8F4BA8E0
+
+Digest = SM3
+Input = 61626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364
+Output = DEBE9FF92275B8A138604889C18E5A4D6FDB70E5387E5765293dCbA39C0C5732
+
+# From GmSSL test suite
+
+Digest = SM3
+Input = 0090414C494345313233405941484F4F2E434F4D787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E49863E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A20AE4C7798AA0F119471BEE11825BE46202BB79E2A5844495E97C04FF4DF2548A7C0240F88F1CD4E16352A73C17B7F16F07353E53A176D684A9FE0C6BB798E857
+Output = F4A38489E32B45B6F876E3AC2168CA392362DC8F23459C1D1146FC3DBFB7BC9A
+
+Digest = SM3
+Input = 0090414C494345313233405941484F4F2E434F4D00000000000000000000000000000000000000000000000000000000000000000000E78BCD09746C202378A7E72B12BCE00266B9627ECB0B5A25367AD1AD4CC6242B00CDB9CA7F1E6B0441F658343F4B10297C0EF9B6491082400A62E7A7485735FADD013DE74DA65951C4D76DC89220D5F7777A611B1C38BAE260B175951DC8060C2B3E0165961645281A8626607B917F657D7E9382F1EA5CD931F40F6627F357542653B201686522130D590FB8DE635D8FCA715CC6BF3D05BEF3F75DA5D543454448166612
+Output = 26352AF82EC19F207BBC6F9474E11E90CE0F7DDACE03B27F801817E897A81FD5
+
+Digest = SM3
+Input = 0090414C494345313233405941484F4F2E434F4D787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E49863E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A23099093BF3C137D8FCBBCDF4A2AE50F3B0F216C3122D79425FE03A45DBFE16553DF79E8DAC1CF0ECBAA2F2B49D51A4B387F2EFAF482339086A27A8E05BAED98B
+Output = E4D1D0C3CA4C7F11BC8FF8CB3F4C02A78F108FA098E51A668487240F75E20F31
+
+Digest = SM3
+Input = 008842494C4C343536405941484F4F2E434F4D787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E49863E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2245493D446C38D8CC0F118374690E7DF633A8A4BFB3329B5ECE604B2B4F37F4353C0869F4B9E17773DE68FEC45E14904E0DEA45BF6CECF9918C85EA047C60A4C
+Output = 6B4B6D0E276691BD4A11BF72F4FB501AE309FDACB72FA6CC336E6656119ABD67
+
+Digest = SM3
+Input = 4D38D2958CA7FD2CFAE3AF04486959CF92C8EF48E8B83A05C112E739D5F181D03082020CA003020102020900AF28725D98D33143300C06082A811CCF550183750500307D310B300906035504060C02636E310B300906035504080C02626A310B300906035504070C02626A310F300D060355040A0C06746F70736563310F300D060355040B0C06746F707365633111300F06035504030C08546F707365634341311F301D06092A864886F70D0109010C10626A40746F707365632E636F6D2E636E301E170D3132303632343037353433395A170D3332303632303037353433395A307D310B300906035504060C02636E310B300906035504080C02626A310B300906035504070C02626A310F300D060355040A0C06746F70736563310F300D060355040B0C06746F707365633111300F06035504030C08546F707365634341311F301D06092A864886F70D0109010C10626A40746F707365632E636F6D2E636E3059301306072A8648CE3D020106082A811CCF5501822D03420004D69C2F1EEC3BFB6B95B30C28085C77B125D77A9C39525D8190768F37D6B205B589DCD316BBE7D89A9DC21917F17799E698531F5E6E3E10BD31370B259C3F81C3A3733071300F0603551D130101FF040530030101FF301D0603551D0E041604148E5D90347858BAAAD870D8BDFBA6A85E7B563B64301F0603551D230418301680148E5D90347858BAAAD870D8BDFBA6A85E7B563B64300B0603551D0F040403020106301106096086480186F8420101040403020057
+Output = C3B02E500A8B60B77DEDCF6F4C11BEF8D56E5CDE708C72065654FD7B2167915A
+
+Title = Case insensitive digest tests
+
+Digest = Sha3-256
+Input = ""
+Output = A7FFC6F8BF1ED76651C14756A061D662F580FF4DE43B49FA82D80A4B80F8434A
+
+Digest = shA512
+Input = "abc"
+Output = ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f
diff --git a/test/recipes/30-test_evp_data/evpmd_whirlpool.txt b/test/recipes/30-test_evp_data/evpmd_whirlpool.txt
new file mode 100644
index 0000000000..148969ac1d
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpmd_whirlpool.txt
@@ -0,0 +1,51 @@
+#
+# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title = Whirlpool (from ISO/IEC 10118-3 test vector set)
+
+Digest = whirlpool
+Input = ""
+Output = 19FA61D75522A4669B44E39C1D2E1726C530232130D407F89AFEE0964997F7A73E83BE698B288FEBCF88E3E03C4F0757EA8964E59B63D93708B138CC42A66EB3
+
+Digest = whirlpool
+Input = "a"
+Output = 8ACA2602792AEC6F11A67206531FB7D7F0DFF59413145E6973C45001D0087B42D11BC645413AEFF63A42391A39145A591A92200D560195E53B478584FDAE231A
+
+Digest = whirlpool
+Input = "abc"
+Output = 4E2448A4C6F486BB16B6562C73B4020BF3043E3A731BCE721AE1B303D97E6D4C7181EEBDB6C57E277D0E34957114CBD6C797FC9D95D8B582D225292076D4EEF5
+
+Digest = whirlpool
+Input = "message digest"
+Output = 378C84A4126E2DC6E56DCC7458377AAC838D00032230F53CE1F5700C0FFB4D3B8421557659EF55C106B4B52AC5A4AAA692ED920052838F3362E86DBD37A8903E
+
+Digest = whirlpool
+Input = "abcdefghijklmnopqrstuvwxyz"
+Output = F1D754662636FFE92C82EBB9212A484A8D38631EAD4238F5442EE13B8054E41B08BF2A9251C30B6A0B8AAE86177AB4A6F68F673E7207865D5D9819A3DBA4EB3B
+
+Digest = whirlpool
+Input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
+Output = DC37E008CF9EE69BF11F00ED9ABA26901DD7C28CDEC066CC6AF42E40F82F3A1E08EBA26629129D8FB7CB57211B9281A65517CC879D7B962142C65F5A7AF01467
+
+Digest = whirlpool
+Input = "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
+Output = 466EF18BABB0154D25B9D38A6414F5C08784372BCCB204D6549C4AFADB6014294D5BD8DF2A6C44E538CD047B2681A51A2C60481E88C5A20B2C2A80CF3A9A083B
+
+Digest = whirlpool
+Input = "abcdbcdecdefdefgefghfghighijhijk"
+Output = 2A987EA40F917061F5D6F0A0E4644F488A7A5A52DEEE656207C562F988E95C6916BDC8031BC5BE1B7B947639FE050B56939BAAA0ADFF9AE6745B7B181C3BE3FD
+
+Digest = whirlpool
+Input = "aaaaaaaaaa"
+Count = 100000
+Output = 0C99005BEB57EFF50A7CF005560DDF5D29057FD86B20BFD62DECA0F1CCEA4AF51FC15490EDDC47AF32BB2B66C34FF9AD8C6008AD677F77126953B226E4ED8B01
diff --git a/test/recipes/30-test_evp_data/evppbe.txt b/test/recipes/30-test_evp_data/evppbe_pbkdf2.txt
similarity index 61%
rename from test/recipes/30-test_evp_data/evppbe.txt
rename to test/recipes/30-test_evp_data/evppbe_pbkdf2.txt
index b333d2dd14..3304179ecd 100644
--- a/test/recipes/30-test_evp_data/evppbe.txt
+++ b/test/recipes/30-test_evp_data/evppbe_pbkdf2.txt
@@ -1,5 +1,5 @@
 #
-# Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the Apache License 2.0 (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -9,100 +9,9 @@
 # Tests start with one of these keywords
 #       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
 #       PrivPubKeyPair Sign Verify VerifyRecover
-# and continue until a blank line.  Lines starting with a pound sign,
-# like this prolog, are ignored.
+# and continue until a blank line. Lines starting with a pound sign are ignored.
 
-Title = scrypt tests (from draft-josefsson-scrypt-kdf-03 and others)
-
-PBE = scrypt
-Password = ""
-Salt = ""
-N = 16
-r = 1
-p = 1
-Key = 77d6576238657b203b19ca42c18a0497f16b4844e3074ae8dfdffa3fede21442fcd0069ded0948f8326a753a0fc81f17e8d3e0fb2e0d3628cf35e20c38d18906
-
-PBE = scrypt
-Password = "password"
-Salt = "NaCl"
-N = 1024
-r = 8
-p = 16
-Key = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640
-
-PBE = scrypt
-Password = "pleaseletmein"
-Salt = "SodiumChloride"
-N = 16384
-r = 8
-p = 1
-Key = 7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887
-
-# NB: this test requires more than 1GB of memory to run so it will hit the
-# scrypt memory limit and return an error. To run this test without error
-# uncomment out the "maxmem" line and comment out the "Result"
-# line
-PBE = scrypt
-Password = "pleaseletmein"
-Salt = "SodiumChloride"
-N = 1048576
-r = 8
-p = 1
-Key = 2101cb9b6a511aaeaddbbe09cf70f881ec568d574a2ffd4dabe5ee9820adaa478e56fd8f4ba5d09ffa1c6d927c40f4c337304049e8a952fbcbf45c6fa77a41a4
-Result = SCRYPT_ERROR
-#maxmem = 10000000000
-
-Title = PKCS12 tests
-
-PBE = pkcs12
-id = 1
-iter = 1
-MD = SHA1
-Password = 0073006D006500670000
-Salt = 0A58CF64530D823F
-Key = 8AAAE6297B6CB04642AB5B077851284EB7128F1A2A7FBCA3
-
-PBE = pkcs12
-id = 2
-iter = 1
-MD = SHA1
-Password = 0073006D006500670000
-Salt = 0A58CF64530D823F
-Key = 79993DFE048D3B76
-
-PBE = pkcs12
-id = 3
-iter = 1
-MD = SHA1
-Password = 0073006D006500670000
-Salt = 3D83C0E4546AC140
-Key = 8D967D88F6CAA9D714800AB3D48051D63F73A312
-
-PBE = pkcs12
-id = 1
-iter = 1000
-MD = SHA1
-Password = 007100750065006500670000
-Salt = 1682C0FC5B3F7EC5
-Key = 483DD6E919D7DE2E8E648BA8F862F3FBFBDC2BCB2C02957F
-
-PBE = pkcs12
-id = 2
-iter = 1000
-MD = SHA1
-Password = 007100750065006500670000
-Salt = 1682C0FC5B3F7EC5
-Key = 9D461D1B00355C50
-
-PBE = pkcs12
-id = 3
-iter = 1000
-MD = SHA1
-Password = 007100750065006500670000
-Salt = 263216FCC2FAB31C
-Key = 5EC4C7A80DF652294C3925B6489A7AB857C83476
-
-Title = PBKDF2 tests
+Title = PBKDF2 tests (using PBE)
 
 PBE = pbkdf2
 Password = "password"
@@ -252,5 +161,3 @@ Salt = "salt"
 iter = 1
 MD = sha512
 Key = 00ef42cdbfc98d29db20976608e455567fdddf14
-
-
diff --git a/test/recipes/30-test_evp_data/evppbe_pkcs12.txt b/test/recipes/30-test_evp_data/evppbe_pkcs12.txt
new file mode 100644
index 0000000000..5ba3f5840a
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evppbe_pkcs12.txt
@@ -0,0 +1,62 @@
+#
+# Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title = PKCS12 tests
+
+PBE = pkcs12
+id = 1
+iter = 1
+MD = SHA1
+Password = 0073006D006500670000
+Salt = 0A58CF64530D823F
+Key = 8AAAE6297B6CB04642AB5B077851284EB7128F1A2A7FBCA3
+
+PBE = pkcs12
+id = 2
+iter = 1
+MD = SHA1
+Password = 0073006D006500670000
+Salt = 0A58CF64530D823F
+Key = 79993DFE048D3B76
+
+PBE = pkcs12
+id = 3
+iter = 1
+MD = SHA1
+Password = 0073006D006500670000
+Salt = 3D83C0E4546AC140
+Key = 8D967D88F6CAA9D714800AB3D48051D63F73A312
+
+PBE = pkcs12
+id = 1
+iter = 1000
+MD = SHA1
+Password = 007100750065006500670000
+Salt = 1682C0FC5B3F7EC5
+Key = 483DD6E919D7DE2E8E648BA8F862F3FBFBDC2BCB2C02957F
+
+PBE = pkcs12
+id = 2
+iter = 1000
+MD = SHA1
+Password = 007100750065006500670000
+Salt = 1682C0FC5B3F7EC5
+Key = 9D461D1B00355C50
+
+PBE = pkcs12
+id = 3
+iter = 1000
+MD = SHA1
+Password = 007100750065006500670000
+Salt = 263216FCC2FAB31C
+Key = 5EC4C7A80DF652294C3925B6489A7AB857C83476
diff --git a/test/recipes/30-test_evp_data/evppbe_scrypt.txt b/test/recipes/30-test_evp_data/evppbe_scrypt.txt
new file mode 100644
index 0000000000..35fd5f6a65
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evppbe_scrypt.txt
@@ -0,0 +1,52 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title = scrypt tests (from draft-josefsson-scrypt-kdf-03 and others) Using PBE
+
+PBE = scrypt
+Password = ""
+Salt = ""
+N = 16
+r = 1
+p = 1
+Key = 77d6576238657b203b19ca42c18a0497f16b4844e3074ae8dfdffa3fede21442fcd0069ded0948f8326a753a0fc81f17e8d3e0fb2e0d3628cf35e20c38d18906
+
+PBE = scrypt
+Password = "password"
+Salt = "NaCl"
+N = 1024
+r = 8
+p = 16
+Key = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640
+
+PBE = scrypt
+Password = "pleaseletmein"
+Salt = "SodiumChloride"
+N = 16384
+r = 8
+p = 1
+Key = 7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887
+
+# NB: this test requires more than 1GB of memory to run so it will hit the
+# scrypt memory limit and return an error. To run this test without error
+# uncomment out the "maxmem" line and comment out the "Result"
+# line
+PBE = scrypt
+Password = "pleaseletmein"
+Salt = "SodiumChloride"
+N = 1048576
+r = 8
+p = 1
+Key = 2101cb9b6a511aaeaddbbe09cf70f881ec568d574a2ffd4dabe5ee9820adaa478e56fd8f4ba5d09ffa1c6d927c40f4c337304049e8a952fbcbf45c6fa77a41a4
+Result = SCRYPT_ERROR
+#maxmem = 10000000000
diff --git a/test/recipes/30-test_evp_data/evppkey_brainpool.txt b/test/recipes/30-test_evp_data/evppkey_brainpool.txt
new file mode 100644
index 0000000000..22af700da8
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evppkey_brainpool.txt
@@ -0,0 +1,1360 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title=brainpoolP160r1 curve tests
+
+PrivateKey=ALICE_cf_brainpoolP160r1
+-----BEGIN PRIVATE KEY-----
+MDYCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEBBBswGQIBAQQUo0UiM85512uHsr2DkIOYgyxSQxk=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_brainpoolP160r1_PUB
+-----BEGIN PUBLIC KEY-----
+MEIwFAYHKoZIzj0CAQYJKyQDAwIIAQEBAyoABI7OZhLqr+8c3D9Tn6++CqQtc9jG5a1COb1okeZb
+wKJUkmWn6NvNCQQ=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_brainpoolP160r1:ALICE_cf_brainpoolP160r1_PUB
+
+PrivateKey=BOB_cf_brainpoolP160r1
+-----BEGIN PRIVATE KEY-----
+MDYCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEBBBswGQIBAQQUmr0Vq3Z/feXq9tg9s8dxJXne1dU=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_brainpoolP160r1_PUB
+-----BEGIN PUBLIC KEY-----
+MEIwFAYHKoZIzj0CAQYJKyQDAwIIAQEBAyoABAu+ovBXBFQuw3Rt9qeImT6mLh9rerLFnTRL0+LH
+sptS1Mbd0R4+5HM=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_brainpoolP160r1:BOB_cf_brainpoolP160r1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_brainpoolP160r1
+PeerKey=BOB_cf_brainpoolP160r1_PUB
+SharedSecret=2e75cb6a8f13951b437e04a0ed1d714a610036cc
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_brainpoolP160r1
+PeerKey=ALICE_cf_brainpoolP160r1_PUB
+SharedSecret=2e75cb6a8f13951b437e04a0ed1d714a610036cc
+
+Title=brainpoolP160t1 curve tests
+
+PrivateKey=ALICE_cf_brainpoolP160t1
+-----BEGIN PRIVATE KEY-----
+MDYCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQECBBswGQIBAQQU1P/o5GQx5PA0kQoiwUtaXBUASUY=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_brainpoolP160t1_PUB
+-----BEGIN PUBLIC KEY-----
+MEIwFAYHKoZIzj0CAQYJKyQDAwIIAQECAyoABANetsUNsxVmDo7X4LQ9yPYTcjN1HvLTo9GEEQtV
+lG71NyzLPQwPDwM=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_brainpoolP160t1:ALICE_cf_brainpoolP160t1_PUB
+
+PrivateKey=BOB_cf_brainpoolP160t1
+-----BEGIN PRIVATE KEY-----
+MDYCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQECBBswGQIBAQQUck4Sh9X3JjSUIRoxxKv8qLM6Ijc=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_brainpoolP160t1_PUB
+-----BEGIN PUBLIC KEY-----
+MEIwFAYHKoZIzj0CAQYJKyQDAwIIAQECAyoABEtd7DRUMYXeoxhxpWgPz/esQkXtoTAAune8CAAo
+HqNNlR11VDctfkw=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_brainpoolP160t1:BOB_cf_brainpoolP160t1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_brainpoolP160t1
+PeerKey=BOB_cf_brainpoolP160t1_PUB
+SharedSecret=6ea603a6a1a83812b967c83ef1867bd807be761e
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_brainpoolP160t1
+PeerKey=ALICE_cf_brainpoolP160t1_PUB
+SharedSecret=6ea603a6a1a83812b967c83ef1867bd807be761e
+
+Title=brainpoolP192r1 curve tests
+
+PrivateKey=ALICE_cf_brainpoolP192r1
+-----BEGIN PRIVATE KEY-----
+MDoCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEDBB8wHQIBAQQYlF5JxzV9Doezn3hLoiidvy5TnIA7
+aR+j
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_brainpoolP192r1_PUB
+-----BEGIN PUBLIC KEY-----
+MEowFAYHKoZIzj0CAQYJKyQDAwIIAQEDAzIABELUMqBZrH66DIJ1a3a42k86THdH1DevigK0dc57
+8XEZ3HcuSQ+ycrMmit1PUQItbg==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_brainpoolP192r1:ALICE_cf_brainpoolP192r1_PUB
+
+PrivateKey=BOB_cf_brainpoolP192r1
+-----BEGIN PRIVATE KEY-----
+MDoCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEDBB8wHQIBAQQYjdu95CL1DQMGpsOmsfYOAjF5cW99
+bQie
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_brainpoolP192r1_PUB
+-----BEGIN PUBLIC KEY-----
+MEowFAYHKoZIzj0CAQYJKyQDAwIIAQEDAzIABInqyC1mAfyF7LU5tX/dRF5S/S9uPlQjNAhTRP6/
+/kAbKsXmABQXFeM0+P3hMw4UxQ==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_brainpoolP192r1:BOB_cf_brainpoolP192r1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_brainpoolP192r1
+PeerKey=BOB_cf_brainpoolP192r1_PUB
+SharedSecret=2b34396d02a40df0b9f8f9c0b8623be05b41249fbd69e02a
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_brainpoolP192r1
+PeerKey=ALICE_cf_brainpoolP192r1_PUB
+SharedSecret=2b34396d02a40df0b9f8f9c0b8623be05b41249fbd69e02a
+
+Title=brainpoolP192t1 curve tests
+
+PrivateKey=ALICE_cf_brainpoolP192t1
+-----BEGIN PRIVATE KEY-----
+MDoCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEEBB8wHQIBAQQYKkFNgJ5sJKNIyYPK1h+gdPw04bxa
+zIV7
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_brainpoolP192t1_PUB
+-----BEGIN PUBLIC KEY-----
+MEowFAYHKoZIzj0CAQYJKyQDAwIIAQEEAzIABAzDb+niXBQFn9f0zXf8z+kfdBIYTws8FSfdWFdU
+NGo4haY9+fL8D40kNNShgBnlKw==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_brainpoolP192t1:ALICE_cf_brainpoolP192t1_PUB
+
+PrivateKey=BOB_cf_brainpoolP192t1
+-----BEGIN PRIVATE KEY-----
+MDoCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEEBB8wHQIBAQQYFpxTrRJBEpyCePM20Fmw0uYPoxTm
+T/sq
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_brainpoolP192t1_PUB
+-----BEGIN PUBLIC KEY-----
+MEowFAYHKoZIzj0CAQYJKyQDAwIIAQEEAzIABC6CPE1t5PwHpXSS1u4R0JTs1IeDW8hiqarIn3pM
+I9wh+oCRjVcqvB4WDaql1bHCYg==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_brainpoolP192t1:BOB_cf_brainpoolP192t1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_brainpoolP192t1
+PeerKey=BOB_cf_brainpoolP192t1_PUB
+SharedSecret=84049068441a342d7c2951ff159cdc9d05c4bddf2a6e6309
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_brainpoolP192t1
+PeerKey=ALICE_cf_brainpoolP192t1_PUB
+SharedSecret=84049068441a342d7c2951ff159cdc9d05c4bddf2a6e6309
+
+Title=brainpoolP224r1 curve tests
+
+PrivateKey=ALICE_cf_brainpoolP224r1
+-----BEGIN PRIVATE KEY-----
+MD4CAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEFBCMwIQIBAQQcHhlSkNTFJbZSy79CADDwo855nH2+
+cWxwSl6BpQ==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_brainpoolP224r1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwFAYHKoZIzj0CAQYJKyQDAwIIAQEFAzoABBF4+KObaB0yJTPHPrCN6EOnr5M8zKb5CHa7SSyL
+4L9nRjgA8TfoU03LQsrtE9beREkxK3EHc25Z
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_brainpoolP224r1:ALICE_cf_brainpoolP224r1_PUB
+
+PrivateKey=BOB_cf_brainpoolP224r1
+-----BEGIN PRIVATE KEY-----
+MD4CAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEFBCMwIQIBAQQczslMgGENRTriMWvDfGrM/ilLpzy0
+Js79UiVzLA==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_brainpoolP224r1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwFAYHKoZIzj0CAQYJKyQDAwIIAQEFAzoABIGGu4+PPMwOihplm2tLO7dLcDqXZB1MQHloOU8a
+taeDvYHIck4z08+1DATvPqpIDzyn9WtXRqmG
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_brainpoolP224r1:BOB_cf_brainpoolP224r1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_brainpoolP224r1
+PeerKey=BOB_cf_brainpoolP224r1_PUB
+SharedSecret=477240c0587dea6aecfcac5a154d7ba3a5d4eb1ab30a69012d4401de
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_brainpoolP224r1
+PeerKey=ALICE_cf_brainpoolP224r1_PUB
+SharedSecret=477240c0587dea6aecfcac5a154d7ba3a5d4eb1ab30a69012d4401de
+
+Title=brainpoolP224t1 curve tests
+
+PrivateKey=ALICE_cf_brainpoolP224t1
+-----BEGIN PRIVATE KEY-----
+MD4CAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEGBCMwIQIBAQQca9rhmcgHV6etILVB9ccK2jIFXw4N
+YrvlljcGFw==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_brainpoolP224t1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwFAYHKoZIzj0CAQYJKyQDAwIIAQEGAzoABHA9XoULjM967710RPgT1ICW0b+y9pFpm2yCUq2m
+kSiy/JZvuWXhTJ+KmXGnAOTIlyiOUG8tZm39
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_brainpoolP224t1:ALICE_cf_brainpoolP224t1_PUB
+
+PrivateKey=BOB_cf_brainpoolP224t1
+-----BEGIN PRIVATE KEY-----
+MD4CAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEGBCMwIQIBAQQcFaiqaheY0xBo5lUY8hOXMUICdOAu
+NWP/Uw3l+Q==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_brainpoolP224t1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwFAYHKoZIzj0CAQYJKyQDAwIIAQEGAzoABLvPkrvyCeS/QdTX5D/AFfF0lTuPpXhSRPKocViS
+nUIZAEziCuOsgx+BqAOxNg+CN/tNzHsG1srf
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_brainpoolP224t1:BOB_cf_brainpoolP224t1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_brainpoolP224t1
+PeerKey=BOB_cf_brainpoolP224t1_PUB
+SharedSecret=2c8dd0dbf3a62a202150e12443461d348be57bc58db0f2f7d8938933
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_brainpoolP224t1
+PeerKey=ALICE_cf_brainpoolP224t1_PUB
+SharedSecret=2c8dd0dbf3a62a202150e12443461d348be57bc58db0f2f7d8938933
+
+Title=brainpoolP256r1 curve tests
+
+PrivateKey=ALICE_cf_brainpoolP256r1
+-----BEGIN PRIVATE KEY-----
+MEICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEHBCcwJQIBAQQgcH7I5THTXm+bu+vwtyNt+XBxk/uJ
+R5V/zzRyMoXjuek=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_brainpoolP256r1_PUB
+-----BEGIN PUBLIC KEY-----
+MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABDFYVAzLX03nHXeFY7aJspsp525bbgzfnT68kJXB
+HhChZmPaa5BAV5Cn4DXJ5HQ5N/V8Z8Dz0aux0SWtl6ctENM=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_brainpoolP256r1:ALICE_cf_brainpoolP256r1_PUB
+
+PrivateKey=BOB_cf_brainpoolP256r1
+-----BEGIN PRIVATE KEY-----
+MEICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEHBCcwJQIBAQQgDEj/wLk/4z4Wcv8rOc9lNnRQ6hpr
+XfiuUSRqgedZkRU=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_brainpoolP256r1_PUB
+-----BEGIN PUBLIC KEY-----
+MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABHJdRWXtaxwI0AdvDXEk+a6XuQp72Zi+wxCrxFFW
+NgJbmH0yr4jDklp4oiC2UHkapvT6XanGMKFo2ZSziltas0A=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_brainpoolP256r1:BOB_cf_brainpoolP256r1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_brainpoolP256r1
+PeerKey=BOB_cf_brainpoolP256r1_PUB
+SharedSecret=2fdd9d97efdcba3f5b181df53331db0ee42a3b1072147325ce8521dbaeafc3e4
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_brainpoolP256r1
+PeerKey=ALICE_cf_brainpoolP256r1_PUB
+SharedSecret=2fdd9d97efdcba3f5b181df53331db0ee42a3b1072147325ce8521dbaeafc3e4
+
+Title=brainpoolP256t1 curve tests
+
+PrivateKey=ALICE_cf_brainpoolP256t1
+-----BEGIN PRIVATE KEY-----
+MEICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEIBCcwJQIBAQQgBDlYKiUEsm+tEN/DDQBhlWKJhF4J
+We+4fqVSaPNT3VY=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_brainpoolP256t1_PUB
+-----BEGIN PUBLIC KEY-----
+MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEIA0IABE6XKfvmlGKrXKN/FHhW9cMThPFUIq6Au3cCujPI
+rHejQQJnsz9mSRBtzRkMM1abUc4Mf9xhkWbrT+QuJ3FcLWI=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_brainpoolP256t1:ALICE_cf_brainpoolP256t1_PUB
+
+PrivateKey=BOB_cf_brainpoolP256t1
+-----BEGIN PRIVATE KEY-----
+MEICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEIBCcwJQIBAQQgDUCTqTrVwouIU3hFoO3hwiME17PF
+X7ntzOWKS2ebqGs=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_brainpoolP256t1_PUB
+-----BEGIN PUBLIC KEY-----
+MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEIA0IABBwxGpomQmgqgsUYHmpYt3qGKRVT/pJfyU+lpLXi
+/XAibEp/IvX3oFMEolSoy39poO6Zkq6npAniBqer+bS9Jpw=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_brainpoolP256t1:BOB_cf_brainpoolP256t1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_brainpoolP256t1
+PeerKey=BOB_cf_brainpoolP256t1_PUB
+SharedSecret=7f177af329a4b377aea6e80bddf14f09c17c4fe81598703898fb62c929cbff04
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_brainpoolP256t1
+PeerKey=ALICE_cf_brainpoolP256t1_PUB
+SharedSecret=7f177af329a4b377aea6e80bddf14f09c17c4fe81598703898fb62c929cbff04
+
+Title=brainpoolP320r1 curve tests
+
+PrivateKey=ALICE_cf_brainpoolP320r1
+-----BEGIN PRIVATE KEY-----
+MEoCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEJBC8wLQIBAQQophG1zB+U2lRdetiZlk9C4+q7APJ9
+xqGQ0+GPq68+WmyZon1lDRQ5/g==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_brainpoolP320r1_PUB
+-----BEGIN PUBLIC KEY-----
+MGowFAYHKoZIzj0CAQYJKyQDAwIIAQEJA1IABM9TaT9Q2j+VTlQ1pfcXx9SjlU1fEk0RvEbaY1O8
+pq8OgkQeulcgSXiI1rJI0wjV/qJoi0coZUHhsJ7bXmdO8vSTdgCMbavZScCkN6iFsALm
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_brainpoolP320r1:ALICE_cf_brainpoolP320r1_PUB
+
+PrivateKey=BOB_cf_brainpoolP320r1
+-----BEGIN PRIVATE KEY-----
+MEoCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEJBC8wLQIBAQQoO6MtFhs8dwul0iRbyfssxtFF6Ubt
+q2oHlzvkFL5q4uLSY7pRcDz4vw==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_brainpoolP320r1_PUB
+-----BEGIN PUBLIC KEY-----
+MGowFAYHKoZIzj0CAQYJKyQDAwIIAQEJA1IABM50yDpoBMhirlHQqjMmVj/KZR0dfvmudoDt02qY
+3lKei94evfTHmPG/9BjMYQGQcRM4CDGHR0iUIUJa99e/rxj9IguPkkNiAmDZQaKsqmKB
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_brainpoolP320r1:BOB_cf_brainpoolP320r1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_brainpoolP320r1
+PeerKey=BOB_cf_brainpoolP320r1_PUB
+SharedSecret=4ee386c231d0a7c9bb6dc05362f56ca70bf7ba5dcb66d8c4574c0497fdab6a5b79818a64ff5dc87e
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_brainpoolP320r1
+PeerKey=ALICE_cf_brainpoolP320r1_PUB
+SharedSecret=4ee386c231d0a7c9bb6dc05362f56ca70bf7ba5dcb66d8c4574c0497fdab6a5b79818a64ff5dc87e
+
+Title=brainpoolP320t1 curve tests
+
+PrivateKey=ALICE_cf_brainpoolP320t1
+-----BEGIN PRIVATE KEY-----
+MEoCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEKBC8wLQIBAQQoMsI2lsl5Sj0I4A3J0I5XStMSLT4P
+hMxwrbFdtKQh+At6RN2s12W4Kg==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_brainpoolP320t1_PUB
+-----BEGIN PUBLIC KEY-----
+MGowFAYHKoZIzj0CAQYJKyQDAwIIAQEKA1IABAvtZgehjOIdjsYKMcK08LaS8zVb6znYb6Qa9Fzf
+LhLUSH5S728KJHWXMh7RqZMI3yTC5I0ESqB0CvG5N0hR+3y8L3eQJisCNdnzAgMyy0ab
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_brainpoolP320t1:ALICE_cf_brainpoolP320t1_PUB
+
+PrivateKey=BOB_cf_brainpoolP320t1
+-----BEGIN PRIVATE KEY-----
+MEoCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEKBC8wLQIBAQQoNtZiGbwSl0NNHBmTaJKf7/VMqZjo
+yWavjg6CPa6ZgpKRR7vIQt5d9Q==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_brainpoolP320t1_PUB
+-----BEGIN PUBLIC KEY-----
+MGowFAYHKoZIzj0CAQYJKyQDAwIIAQEKA1IABHlS/OtqhHctabDCsDexScvQ2DGXhBuypaEeKOUq
+vbLUovatBoreEj1j5YrOl9mKpd9Hj6YqYGWH+7KKjua+5DBn9rlxlmmkst+gb+vm3UE/
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_brainpoolP320t1:BOB_cf_brainpoolP320t1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_brainpoolP320t1
+PeerKey=BOB_cf_brainpoolP320t1_PUB
+SharedSecret=079d62bad81ceeab9f213818faf249f7b29b87a81b56a33b774b2631860f90a25f5377da504cb619
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_brainpoolP320t1
+PeerKey=ALICE_cf_brainpoolP320t1_PUB
+SharedSecret=079d62bad81ceeab9f213818faf249f7b29b87a81b56a33b774b2631860f90a25f5377da504cb619
+
+Title=brainpoolP384r1 curve tests
+
+PrivateKey=ALICE_cf_brainpoolP384r1
+-----BEGIN PRIVATE KEY-----
+MFICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQELBDcwNQIBAQQwUW3EKrK8Rr80Jn5wwvTLC+HDTApA
+ndycbRYiQkew7SgijhNO+cV0pE0sNpMZY+Wo
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_brainpoolP384r1_PUB
+-----BEGIN PUBLIC KEY-----
+MHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABBvE/fg0tIrsrIiAL07MlREd5zYk52mW7oQ+jPky
+PmGeUoZq1LtpEzQCE1uuruOuyQH1M2c7flVA8Gh3IbSCupwVBCR2QObolwk1w5qK/l/KR26tMeXI
+qL2Sy85NCUpMDw==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_brainpoolP384r1:ALICE_cf_brainpoolP384r1_PUB
+
+PrivateKey=BOB_cf_brainpoolP384r1
+-----BEGIN PRIVATE KEY-----
+MFICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQELBDcwNQIBAQQwdG7bSygpM2GpxDPAb4hOTtFZrP2n
+qbyf7v3jFe8/ERpzREPcSntkNDyu/iAsmQKj
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_brainpoolP384r1_PUB
+-----BEGIN PUBLIC KEY-----
+MHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABIIxQfeqZ+uWNKAwZtxAt4ieZW7lCg7Bezpn1dG/
+VDvy/Dd5YpAuDtVxFCLfCUVH+gXfC2wUpWj8j8lgPhP1wBat/hu/PN/AQPg9C/J2EcQRVQXwyZvQ
+PzgiZeo1aWw2+w==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_brainpoolP384r1:BOB_cf_brainpoolP384r1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_brainpoolP384r1
+PeerKey=BOB_cf_brainpoolP384r1_PUB
+SharedSecret=35e9a3f86a38888d183cc343801dcdaecb664d5b37f7fbc0459fd4612da6b29831bd2d8e5b599376ca510fcc3ac78be6
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_brainpoolP384r1
+PeerKey=ALICE_cf_brainpoolP384r1_PUB
+SharedSecret=35e9a3f86a38888d183cc343801dcdaecb664d5b37f7fbc0459fd4612da6b29831bd2d8e5b599376ca510fcc3ac78be6
+
+Title=brainpoolP384t1 curve tests
+
+PrivateKey=ALICE_cf_brainpoolP384t1
+-----BEGIN PRIVATE KEY-----
+MFICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEMBDcwNQIBAQQwGyCfuKlQDK4EflGVc01hBKW+OB/L
+ojNz6kgnAWMuWoCyOM8SOkSTbOCimaVqZrlq
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_brainpoolP384t1_PUB
+-----BEGIN PUBLIC KEY-----
+MHowFAYHKoZIzj0CAQYJKyQDAwIIAQEMA2IABE1O0qNzgozAxaQC7qX2wS+HNfKIAMc7eX4G4Z0w
+M30kgGyCn4CtWCBFgG15laf6OnYcdJgC8284B2smZiqHuvssw12SZwOlaXoLGyIsqygTitCO3Ebd
+k2dmuYdWzxj5/g==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_brainpoolP384t1:ALICE_cf_brainpoolP384t1_PUB
+
+PrivateKey=BOB_cf_brainpoolP384t1
+-----BEGIN PRIVATE KEY-----
+MFICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEMBDcwNQIBAQQwbpabbL6g9HZUZ4VusnNGHsHujUsA
+cDuviAZTBaHWJsCd5jA64hVFZXlZ9Jj/nSLs
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_brainpoolP384t1_PUB
+-----BEGIN PUBLIC KEY-----
+MHowFAYHKoZIzj0CAQYJKyQDAwIIAQEMA2IABAyawWqAcNlcwOauu2b93XXqpZQeRM26AYcDcHIf
+tZahQrwFpLgt6Tn7tzA2CgRGvSvBGZTxkzuHasxJn+dBDGLraias3U/sLD3P4TQuP9v8cO6i7g4x
+T+DZbNUQQ3ePDQ==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_brainpoolP384t1:BOB_cf_brainpoolP384t1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_brainpoolP384t1
+PeerKey=BOB_cf_brainpoolP384t1_PUB
+SharedSecret=030113dd1662230f1e47418c3044a0852dcd74fa508dbabb02d1fe5d788aa49d8047d02a802f796af21473ab17f6f85f
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_brainpoolP384t1
+PeerKey=ALICE_cf_brainpoolP384t1_PUB
+SharedSecret=030113dd1662230f1e47418c3044a0852dcd74fa508dbabb02d1fe5d788aa49d8047d02a802f796af21473ab17f6f85f
+
+Title=brainpoolP512r1 curve tests
+
+PrivateKey=ALICE_cf_brainpoolP512r1
+-----BEGIN PRIVATE KEY-----
+MGICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQENBEcwRQIBAQRAagAsEAU5t/T4yI0MvyTWuPcrQfaa
+1xZr99hRfeY7+pDV4yooxTIXUESqk/dBQlFSrVUkdvMQHq/8vm5V/w97LQ==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_brainpoolP512r1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDQOBggAEJLmN88iMClNBtyLHzmSgIE9d+v/GRtBr1+r+
+Wvz5XOwsiHWWFTRO5Um+3HUVZH+S3nky6n/3Yjn4DFA4lhxV+y40g8p+kkXYKwpXTByQhERcPPPS
+wKh/S7Y3k3KSLkphjiBExzlBcj9r3gLww9+0nVer/fnUgRz7YwWldv4PR2E=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_brainpoolP512r1:ALICE_cf_brainpoolP512r1_PUB
+
+PrivateKey=BOB_cf_brainpoolP512r1
+-----BEGIN PRIVATE KEY-----
+MGICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQENBEcwRQIBAQRAgHKjBCUMVJTF41vKv+Lp2xVz6bsF
+P1Aqc+2ehlxlEoYL4H8CbUBh89F1QPjGjIOLEebJcN/KnnpyRGVdx4UV2g==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_brainpoolP512r1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDQOBggAElWuk6uPxVgBSLSK9Zfqbid/ipXbIFKVaetCI
+YsYOdzkbjGIWLd2MFZIjZ9r7ePEcHXqQiwGvW+8itGM/xwLpA4qZ2QYazqtAbT187d5cdyZf4PQT
+/kv/ZTvXTl7xHDtaujQ1re00Z3liEKgKstI80BkA6eA4Jfy4G2F7CX/WuSQ=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_brainpoolP512r1:BOB_cf_brainpoolP512r1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_brainpoolP512r1
+PeerKey=BOB_cf_brainpoolP512r1_PUB
+SharedSecret=84269a8f2932b7e09b23deabaeab26eda6bbdee8846153b0c62b7d2663506a9e71d32cf0cc127ec130f6880612f4e054bc79adb57ddbee97949508ce1eda0bb1
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_brainpoolP512r1
+PeerKey=ALICE_cf_brainpoolP512r1_PUB
+SharedSecret=84269a8f2932b7e09b23deabaeab26eda6bbdee8846153b0c62b7d2663506a9e71d32cf0cc127ec130f6880612f4e054bc79adb57ddbee97949508ce1eda0bb1
+
+Title=brainpoolP512t1 curve tests
+
+PrivateKey=ALICE_cf_brainpoolP512t1
+-----BEGIN PRIVATE KEY-----
+MGICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEOBEcwRQIBAQRAd92o2JLX5lk2v6fGr1pH5TT8KUKR
+6FaCm6CRk0dC/xK6h0rpONjx+37VuH3uS+HoRlru83maSoeHQneWCc32XA==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_brainpoolP512t1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDgOBggAEob+TJkhNP6D+HoQtlWcLITI3MM25Axi++awv
+HnMoclRLLur7CjQsKd0v6aEzmG2+4WZSZFGLA9L8Z5sh9L916p5CD5nk1pNfy5QKNi2H5R3QC/oc
+RfNNxhXdVVekfTaAiqhe8UF3aMngmDAc7sq794DVZvCf1sqq8v5cHrnqRcQ=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_brainpoolP512t1:ALICE_cf_brainpoolP512t1_PUB
+
+PrivateKey=BOB_cf_brainpoolP512t1
+-----BEGIN PRIVATE KEY-----
+MGICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEOBEcwRQIBAQRAVW4ZQKgDeHAkubwYYlp2JKklrbpp
+gvez/prOdyHJXJbVriU4lCH/MpH2I+nXjaZ9zLcl9JbnrUOJ6xGPHfZJrw==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_brainpoolP512t1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDgOBggAEJbQFKxq27CuY7/mgNwEnH3GSYGXy9s6n48qq
+gbMrp5uREi8JXZ+BuLQmzZuF15ZPOOmh+EJFjbD8i9NDiUkYLnm1oy/EuE1f5VUNoXFeFFIa21vZ
+2kzPYYKYyUNOdG8p/s4rPBFyCMf6Tizt0D4XA4oLptKUUIX2SC1Sd+qakKA=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_brainpoolP512t1:BOB_cf_brainpoolP512t1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_brainpoolP512t1
+PeerKey=BOB_cf_brainpoolP512t1_PUB
+SharedSecret=48bc4ebdb9a88ca38bed58f5e547eb11d803fd01b6eadff1761ecb48c54525cba43bdb0ee4a4d7aa6701985e0bc12fd32382c035d80acc7ec26adfcb108a07cb
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_brainpoolP512t1
+PeerKey=ALICE_cf_brainpoolP512t1_PUB
+SharedSecret=48bc4ebdb9a88ca38bed58f5e547eb11d803fd01b6eadff1761ecb48c54525cba43bdb0ee4a4d7aa6701985e0bc12fd32382c035d80acc7ec26adfcb108a07cb
+
+
+
+
+# TEST CURVE brainpoolP160r1
+
+PrivateKey=ALICE_brainpoolP160r1
+-----BEGIN PRIVATE KEY-----
+MGQCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEBBEkwRwIBAQQUZTQYt6IOsZUUgr36
+WYGKTj10erShLAMqAAQkMf73t3Cov2cdezPSUt9Wn0ydhpk9+2HwZ13YufUyfcvP
+ijdJ/zFO
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_brainpoolP160r1_PUB
+-----BEGIN PUBLIC KEY-----
+MEIwFAYHKoZIzj0CAQYJKyQDAwIIAQEBAyoABCQx/ve3cKi/Zx17M9JS31afTJ2G
+mT37YfBnXdi59TJ9y8+KN0n/MU4=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_brainpoolP160r1:ALICE_brainpoolP160r1_PUB
+
+
+PrivateKey=BOB_brainpoolP160r1
+-----BEGIN PRIVATE KEY-----
+MGQCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEBBEkwRwIBAQQUb/ulIRG4yoOOihWD
+AV4l78I2GLWhLAMqAARPjEMetPWS4FlgFCHvVfK1nTK/TLsYScHregeZAZqn8gaF
+vgq4bE8v
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_brainpoolP160r1_PUB
+-----BEGIN PUBLIC KEY-----
+MEIwFAYHKoZIzj0CAQYJKyQDAwIIAQEBAyoABE+MQx609ZLgWWAUIe9V8rWdMr9M
+uxhJwet6B5kBmqfyBoW+CrhsTy8=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_brainpoolP160r1:BOB_brainpoolP160r1_PUB
+
+
+# ECDH Alice with Bob peer
+Derive=ALICE_brainpoolP160r1
+PeerKey=BOB_brainpoolP160r1_PUB
+SharedSecret=e4fe5ae99a60d17b597f5705a719cea6709c63b9
+
+# ECDH Bob with Alice peer
+Derive=BOB_brainpoolP160r1
+PeerKey=ALICE_brainpoolP160r1_PUB
+SharedSecret=e4fe5ae99a60d17b597f5705a719cea6709c63b9
+
+# TEST CURVE brainpoolP160t1
+
+PrivateKey=ALICE_brainpoolP160t1
+-----BEGIN PRIVATE KEY-----
+MGQCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQECBEkwRwIBAQQUWWAyUnMvmQyeKeHE
+bIjyrW0JzVqhLAMqAAQ/h1VSPKvn2cTPmfMq0FZ3mxypjCIWtCMav7GH9Fby+kCr
+WKA0lFVw
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_brainpoolP160t1_PUB
+-----BEGIN PUBLIC KEY-----
+MEIwFAYHKoZIzj0CAQYJKyQDAwIIAQECAyoABD+HVVI8q+fZxM+Z8yrQVnebHKmM
+Iha0Ixq/sYf0VvL6QKtYoDSUVXA=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_brainpoolP160t1:ALICE_brainpoolP160t1_PUB
+
+
+PrivateKey=BOB_brainpoolP160t1
+-----BEGIN PRIVATE KEY-----
+MGQCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQECBEkwRwIBAQQUDFpUx8SZ718X0cwv
++oQaTXSK0zyhLAMqAAQIgDYhuy9cj04IFE0LforgJPt9rgcjuO81V6WR+E3LNETJ
+rYsy1X9k
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_brainpoolP160t1_PUB
+-----BEGIN PUBLIC KEY-----
+MEIwFAYHKoZIzj0CAQYJKyQDAwIIAQECAyoABAiANiG7L1yPTggUTQt+iuAk+32u
+ByO47zVXpZH4Tcs0RMmtizLVf2Q=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_brainpoolP160t1:BOB_brainpoolP160t1_PUB
+
+
+# ECDH Alice with Bob peer
+Derive=ALICE_brainpoolP160t1
+PeerKey=BOB_brainpoolP160t1_PUB
+SharedSecret=199a218458b71a4e13f05a599fc17bc76f30ea2f
+
+# ECDH Bob with Alice peer
+Derive=BOB_brainpoolP160t1
+PeerKey=ALICE_brainpoolP160t1_PUB
+SharedSecret=199a218458b71a4e13f05a599fc17bc76f30ea2f
+
+# TEST CURVE brainpoolP192r1
+
+PrivateKey=ALICE_brainpoolP192r1
+-----BEGIN PRIVATE KEY-----
+MHACAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEDBFUwUwIBAQQYGiIpZVR71C31b9AE
+lLiEiEyzdhRsvTbkoTQDMgAEHAovVZJfm52KWqJr9IKz7w7Ta+7HUN5Bjy+qR87k
+Oo3nP+439TLOs4iDhIvzP8j1
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_brainpoolP192r1_PUB
+-----BEGIN PUBLIC KEY-----
+MEowFAYHKoZIzj0CAQYJKyQDAwIIAQEDAzIABBwKL1WSX5udilqia/SCs+8O02vu
+x1DeQY8vqkfO5DqN5z/uN/UyzrOIg4SL8z/I9Q==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_brainpoolP192r1:ALICE_brainpoolP192r1_PUB
+
+
+PrivateKey=BOB_brainpoolP192r1
+-----BEGIN PRIVATE KEY-----
+MHACAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEDBFUwUwIBAQQYkut8HljwyzxOArKA
+azilboA8yY6oy4svoTQDMgAEv/3NhrdVEA+PMFCm+muXhrC0wxX5UHvCUd/OAyda
+c2Jl7XVw2gS4hfXkTeT7MQMu
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_brainpoolP192r1_PUB
+-----BEGIN PUBLIC KEY-----
+MEowFAYHKoZIzj0CAQYJKyQDAwIIAQEDAzIABL/9zYa3VRAPjzBQpvprl4awtMMV
++VB7wlHfzgMnWnNiZe11cNoEuIX15E3k+zEDLg==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_brainpoolP192r1:BOB_brainpoolP192r1_PUB
+
+
+# ECDH Alice with Bob peer
+Derive=ALICE_brainpoolP192r1
+PeerKey=BOB_brainpoolP192r1_PUB
+SharedSecret=7ce122b49afdfd1adde6cdfaa13dc7180d6d4e70322c8773
+
+# ECDH Bob with Alice peer
+Derive=BOB_brainpoolP192r1
+PeerKey=ALICE_brainpoolP192r1_PUB
+SharedSecret=7ce122b49afdfd1adde6cdfaa13dc7180d6d4e70322c8773
+
+# TEST CURVE brainpoolP192t1
+
+PrivateKey=ALICE_brainpoolP192t1
+-----BEGIN PRIVATE KEY-----
+MHACAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEEBFUwUwIBAQQYCV1NuYw7DwOawqgY
+kALfFpEzFE2rjXqYoTQDMgAEmBmJ220/ZJVdxfSgHFTz3FOC2PHql2ItbG0LXs/v
+7n/qkWGWz9B7R2FBqFaLBk0L
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_brainpoolP192t1_PUB
+-----BEGIN PUBLIC KEY-----
+MEowFAYHKoZIzj0CAQYJKyQDAwIIAQEEAzIABJgZidttP2SVXcX0oBxU89xTgtjx
+6pdiLWxtC17P7+5/6pFhls/Qe0dhQahWiwZNCw==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_brainpoolP192t1:ALICE_brainpoolP192t1_PUB
+
+
+PrivateKey=BOB_brainpoolP192t1
+-----BEGIN PRIVATE KEY-----
+MHACAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEEBFUwUwIBAQQYmZP2vmYpfJvSnqEl
+4K0Yj0iMCr4ds9bboTQDMgAEcSuLSED2s4SIuEdomZbdDMSmNrpnezJRv/W+bCQp
+4bcnQAb20tp47ISw/yXoQSA0
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_brainpoolP192t1_PUB
+-----BEGIN PUBLIC KEY-----
+MEowFAYHKoZIzj0CAQYJKyQDAwIIAQEEAzIABHEri0hA9rOEiLhHaJmW3QzEpja6
+Z3syUb/1vmwkKeG3J0AG9tLaeOyEsP8l6EEgNA==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_brainpoolP192t1:BOB_brainpoolP192t1_PUB
+
+
+# ECDH Alice with Bob peer
+Derive=ALICE_brainpoolP192t1
+PeerKey=BOB_brainpoolP192t1_PUB
+SharedSecret=1a5444c2600d9d21d6a450d158fd25272ade262ab519790b
+
+# ECDH Bob with Alice peer
+Derive=BOB_brainpoolP192t1
+PeerKey=ALICE_brainpoolP192t1_PUB
+SharedSecret=1a5444c2600d9d21d6a450d158fd25272ade262ab519790b
+
+# TEST CURVE brainpoolP224r1
+
+PrivateKey=ALICE_brainpoolP224r1
+-----BEGIN PRIVATE KEY-----
+MHwCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEFBGEwXwIBAQQch91FmOz9tJ9Wfdyw
+krOM6UXinTuYBxjUWtU0HKE8AzoABIq0T5AJJzdDl9wbYqyxExMfTbNDt6W/ound
+ZTS6qXYvMegJ+nBcXeCi+FBI0pu6lHv8tF1ZjWLS
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_brainpoolP224r1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwFAYHKoZIzj0CAQYJKyQDAwIIAQEFAzoABIq0T5AJJzdDl9wbYqyxExMfTbND
+t6W/oundZTS6qXYvMegJ+nBcXeCi+FBI0pu6lHv8tF1ZjWLS
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_brainpoolP224r1:ALICE_brainpoolP224r1_PUB
+
+
+PrivateKey=BOB_brainpoolP224r1
+-----BEGIN PRIVATE KEY-----
+MHwCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEFBGEwXwIBAQQcvabkJWnrR4LuGUxf
+LO8DqDBcL4eix/a0qRWxm6E8AzoABM6qgBI9bmZwyYE0QFBJf5NpXe2phgcObKrG
+4URjdsORl4UJwlq7eLwINJLP9dPl0Qlb0Fv/gNVo
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_brainpoolP224r1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwFAYHKoZIzj0CAQYJKyQDAwIIAQEFAzoABM6qgBI9bmZwyYE0QFBJf5NpXe2p
+hgcObKrG4URjdsORl4UJwlq7eLwINJLP9dPl0Qlb0Fv/gNVo
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_brainpoolP224r1:BOB_brainpoolP224r1_PUB
+
+
+# ECDH Alice with Bob peer
+Derive=ALICE_brainpoolP224r1
+PeerKey=BOB_brainpoolP224r1_PUB
+SharedSecret=419e446a66968fcc372126cff4d637505c848c3a9b82503f2d441215
+
+# ECDH Bob with Alice peer
+Derive=BOB_brainpoolP224r1
+PeerKey=ALICE_brainpoolP224r1_PUB
+SharedSecret=419e446a66968fcc372126cff4d637505c848c3a9b82503f2d441215
+
+# TEST CURVE brainpoolP224t1
+
+PrivateKey=ALICE_brainpoolP224t1
+-----BEGIN PRIVATE KEY-----
+MHwCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEGBGEwXwIBAQQcSwWCcqYuiNyxR0gY
+VCMBQ17ykfaxEgMMyByZoqE8AzoABJiVhwIZAqy+OKj8RewjsdXPPCODfm+4RGV8
+2bYLW8SqiDeEDB+RvJirYwz/a5Ri+EL5Xk9QVkQF
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_brainpoolP224t1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwFAYHKoZIzj0CAQYJKyQDAwIIAQEGAzoABJiVhwIZAqy+OKj8RewjsdXPPCOD
+fm+4RGV82bYLW8SqiDeEDB+RvJirYwz/a5Ri+EL5Xk9QVkQF
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_brainpoolP224t1:ALICE_brainpoolP224t1_PUB
+
+
+PrivateKey=BOB_brainpoolP224t1
+-----BEGIN PRIVATE KEY-----
+MHwCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEGBGEwXwIBAQQcLK5R+idvzqC1a28G
+e9m6Eh5up82atVSTRWeXwKE8AzoABBg6ar3lkYSv0AcOM542SbPhAqxny/anS+Do
+ELViM0rofxlcvkywZiBY0T40xUvXBILDsY/0he22
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_brainpoolP224t1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwFAYHKoZIzj0CAQYJKyQDAwIIAQEGAzoABBg6ar3lkYSv0AcOM542SbPhAqxn
+y/anS+DoELViM0rofxlcvkywZiBY0T40xUvXBILDsY/0he22
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_brainpoolP224t1:BOB_brainpoolP224t1_PUB
+
+
+# ECDH Alice with Bob peer
+Derive=ALICE_brainpoolP224t1
+PeerKey=BOB_brainpoolP224t1_PUB
+SharedSecret=8f83465fb6353912a51c2809ea30b19b73b3e391c0422650e0f20b58
+
+# ECDH Bob with Alice peer
+Derive=BOB_brainpoolP224t1
+PeerKey=ALICE_brainpoolP224t1_PUB
+SharedSecret=8f83465fb6353912a51c2809ea30b19b73b3e391c0422650e0f20b58
+
+# TEST CURVE brainpoolP256r1
+
+PrivateKey=ALICE_brainpoolP256r1
+-----BEGIN PRIVATE KEY-----
+MIGIAgEAMBQGByqGSM49AgEGCSskAwMCCAEBBwRtMGsCAQEEIBMmEFKb8UQb4oCu
+k226EiMpk/omRsx/rrRNuh9WGB/zoUQDQgAEeIYdJpIpkxneKbL9qP/vSJ2/d7cH
+Cs2ZXggcRif7KKN55Ioit7Q1sVEeGzEDFbxpRWK6A+Kgu8sFkE+LHr5BGQ==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_brainpoolP256r1_PUB
+-----BEGIN PUBLIC KEY-----
+MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABHiGHSaSKZMZ3imy/aj/70idv3e3
+BwrNmV4IHEYn+yijeeSKIre0NbFRHhsxAxW8aUViugPioLvLBZBPix6+QRk=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_brainpoolP256r1:ALICE_brainpoolP256r1_PUB
+
+
+PrivateKey=BOB_brainpoolP256r1
+-----BEGIN PRIVATE KEY-----
+MIGIAgEAMBQGByqGSM49AgEGCSskAwMCCAEBBwRtMGsCAQEEIKXsf2pxFfTQiwbW
+2SKwZq50UOGhJYJZYO/xY33RHuQaoUQDQgAEC/FCNhyxZ4VcHY8zBehFbg3M54AU
+w6ixJ69gI2+xoyAXBn5d+pf8tAG0D0TUqtxRtwBgPWkt6pY4YYBQMY+NOA==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_brainpoolP256r1_PUB
+-----BEGIN PUBLIC KEY-----
+MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABAvxQjYcsWeFXB2PMwXoRW4NzOeA
+FMOosSevYCNvsaMgFwZ+XfqX/LQBtA9E1KrcUbcAYD1pLeqWOGGAUDGPjTg=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_brainpoolP256r1:BOB_brainpoolP256r1_PUB
+
+
+# ECDH Alice with Bob peer
+Derive=ALICE_brainpoolP256r1
+PeerKey=BOB_brainpoolP256r1_PUB
+SharedSecret=78ed4b7bb4ed808813f8c27132fe04f5d805365549b754994d83b002416b6ba0
+
+# ECDH Bob with Alice peer
+Derive=BOB_brainpoolP256r1
+PeerKey=ALICE_brainpoolP256r1_PUB
+SharedSecret=78ed4b7bb4ed808813f8c27132fe04f5d805365549b754994d83b002416b6ba0
+
+# TEST CURVE brainpoolP256t1
+
+PrivateKey=ALICE_brainpoolP256t1
+-----BEGIN PRIVATE KEY-----
+MIGIAgEAMBQGByqGSM49AgEGCSskAwMCCAEBCARtMGsCAQEEIC4yFvVLhvRyF9wu
+yYJbncxLagsMCD+Sxt2vAJiKFpKdoUQDQgAEiGxl8E0yj3gE4iOyFDVe0tUYS9fN
+cNzkxEx2CiZwm09jbSNQF2pKAoCmLZQa8VBz+UZqdeXZy9Sc8UpJU3Fghg==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_brainpoolP256t1_PUB
+-----BEGIN PUBLIC KEY-----
+MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEIA0IABIhsZfBNMo94BOIjshQ1XtLVGEvX
+zXDc5MRMdgomcJtPY20jUBdqSgKApi2UGvFQc/lGanXl2cvUnPFKSVNxYIY=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_brainpoolP256t1:ALICE_brainpoolP256t1_PUB
+
+
+PrivateKey=BOB_brainpoolP256t1
+-----BEGIN PRIVATE KEY-----
+MIGIAgEAMBQGByqGSM49AgEGCSskAwMCCAEBCARtMGsCAQEEIIfXus/y+3RdwUZ0
+0db3boxPCzzRcI3CgIC8ggdGDPqPoUQDQgAEdlZ2yOiBsmREPaw8TsrGNmTLL6q1
+lVz8+OQ780Xxfo9VIFeR0Qbk8CgqX0lWt5hbEbbzEbF6I2nZCJndQ9VIoA==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_brainpoolP256t1_PUB
+-----BEGIN PUBLIC KEY-----
+MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEIA0IABHZWdsjogbJkRD2sPE7KxjZkyy+q
+tZVc/PjkO/NF8X6PVSBXkdEG5PAoKl9JVreYWxG28xGxeiNp2QiZ3UPVSKA=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_brainpoolP256t1:BOB_brainpoolP256t1_PUB
+
+
+# ECDH Alice with Bob peer
+Derive=ALICE_brainpoolP256t1
+PeerKey=BOB_brainpoolP256t1_PUB
+SharedSecret=287a8f19e6f06476b222805eb11907c536fa6ea02b8877ea6d5323f9fabccdd8
+
+# ECDH Bob with Alice peer
+Derive=BOB_brainpoolP256t1
+PeerKey=ALICE_brainpoolP256t1_PUB
+SharedSecret=287a8f19e6f06476b222805eb11907c536fa6ea02b8877ea6d5323f9fabccdd8
+
+# TEST CURVE brainpoolP320r1
+
+PrivateKey=ALICE_brainpoolP320r1
+-----BEGIN PRIVATE KEY-----
+MIGiAgEAMBQGByqGSM49AgEGCSskAwMCCAEBCQSBhjCBgwIBAQQoRBvhspL4HZA6
+YcfouziNWFuE1e1RcN69xlsJ8OGZEMobV29pntQlSaFUA1IABFDmVKAu6UDU1doe
+67Fzp3WeLAKNcaLjX13W0X704bqNvSU7q747RCCbd46miRYsiqYejnsX0A/A5bOi
+I1LJixCGcAgm1pnGajKeok/ecsl+
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_brainpoolP320r1_PUB
+-----BEGIN PUBLIC KEY-----
+MGowFAYHKoZIzj0CAQYJKyQDAwIIAQEJA1IABFDmVKAu6UDU1doe67Fzp3WeLAKN
+caLjX13W0X704bqNvSU7q747RCCbd46miRYsiqYejnsX0A/A5bOiI1LJixCGcAgm
+1pnGajKeok/ecsl+
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_brainpoolP320r1:ALICE_brainpoolP320r1_PUB
+
+
+PrivateKey=BOB_brainpoolP320r1
+-----BEGIN PRIVATE KEY-----
+MIGiAgEAMBQGByqGSM49AgEGCSskAwMCCAEBCQSBhjCBgwIBAQQoi9ghqMQp8Zdx
+xVXuOMC66tVIvTQ9EX6taWLDy82eBRAt7MItb5LaMqFUA1IABHFexsmyGSMPdLCm
+a5vzaFlbk/gAkq6yfpE+BMokI+7GXx4dJz9+sKOi8h++T4SnocW03M7I5zOQVfK+
+82Kkq/vXCzEdkVRUPU4HVls7nil0
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_brainpoolP320r1_PUB
+-----BEGIN PUBLIC KEY-----
+MGowFAYHKoZIzj0CAQYJKyQDAwIIAQEJA1IABHFexsmyGSMPdLCma5vzaFlbk/gA
+kq6yfpE+BMokI+7GXx4dJz9+sKOi8h++T4SnocW03M7I5zOQVfK+82Kkq/vXCzEd
+kVRUPU4HVls7nil0
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_brainpoolP320r1:BOB_brainpoolP320r1_PUB
+
+
+# ECDH Alice with Bob peer
+Derive=ALICE_brainpoolP320r1
+PeerKey=BOB_brainpoolP320r1_PUB
+SharedSecret=13a56c63c2dafe3e053534d5bf32c7eb4a0733bf356510725d378c5cbcf6974240719e3e53b352bb
+
+# ECDH Bob with Alice peer
+Derive=BOB_brainpoolP320r1
+PeerKey=ALICE_brainpoolP320r1_PUB
+SharedSecret=13a56c63c2dafe3e053534d5bf32c7eb4a0733bf356510725d378c5cbcf6974240719e3e53b352bb
+
+# TEST CURVE brainpoolP320t1
+
+PrivateKey=ALICE_brainpoolP320t1
+-----BEGIN PRIVATE KEY-----
+MIGiAgEAMBQGByqGSM49AgEGCSskAwMCCAEBCgSBhjCBgwIBAQQoxl+OeILawo65
+M4YbtLSARXYJsFJi4F8cUF6vfo1swRoCL6sAnV0QSaFUA1IABFN48RBqcd0PyU7N
+TRjaJsUaYXBlectX7JwhB/X/bbuNUK1YW9tZJZSZ/bBUfVfEgUhC+0qrvomc3xhy
+YBJIQeGWODwC1rHjO2H7GGvx1HmF
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_brainpoolP320t1_PUB
+-----BEGIN PUBLIC KEY-----
+MGowFAYHKoZIzj0CAQYJKyQDAwIIAQEKA1IABFN48RBqcd0PyU7NTRjaJsUaYXBl
+ectX7JwhB/X/bbuNUK1YW9tZJZSZ/bBUfVfEgUhC+0qrvomc3xhyYBJIQeGWODwC
+1rHjO2H7GGvx1HmF
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_brainpoolP320t1:ALICE_brainpoolP320t1_PUB
+
+
+PrivateKey=BOB_brainpoolP320t1
+-----BEGIN PRIVATE KEY-----
+MIGiAgEAMBQGByqGSM49AgEGCSskAwMCCAEBCgSBhjCBgwIBAQQoMlTiH2CM3XGa
+VXPOQ5tdm+GJmnP03gbNK4POt5yQpnW8HoaHc+SS56FUA1IABLXO5ngGf17dU+ae
+QetDyXqlTTxtTrav1/NGb+i9BQUAsbIMQkdY0zWWbhksoMn56F2DBTSFwBlb1hBt
+p9fNIGUbgKqOlvtBpQHIoKXYEq3l
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_brainpoolP320t1_PUB
+-----BEGIN PUBLIC KEY-----
+MGowFAYHKoZIzj0CAQYJKyQDAwIIAQEKA1IABLXO5ngGf17dU+aeQetDyXqlTTxt
+Trav1/NGb+i9BQUAsbIMQkdY0zWWbhksoMn56F2DBTSFwBlb1hBtp9fNIGUbgKqO
+lvtBpQHIoKXYEq3l
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_brainpoolP320t1:BOB_brainpoolP320t1_PUB
+
+
+# ECDH Alice with Bob peer
+Derive=ALICE_brainpoolP320t1
+PeerKey=BOB_brainpoolP320t1_PUB
+SharedSecret=170d1f5fc4248700be75499eac813fac642df1311ab005e10796cc2ef43b82f8d788eb232d580243
+
+# ECDH Bob with Alice peer
+Derive=BOB_brainpoolP320t1
+PeerKey=ALICE_brainpoolP320t1_PUB
+SharedSecret=170d1f5fc4248700be75499eac813fac642df1311ab005e10796cc2ef43b82f8d788eb232d580243
+
+# TEST CURVE brainpoolP384r1
+
+PrivateKey=ALICE_brainpoolP384r1
+-----BEGIN PRIVATE KEY-----
+MIG6AgEAMBQGByqGSM49AgEGCSskAwMCCAEBCwSBnjCBmwIBAQQweTbLDp3fPbIL
+8w7I+aQzU8edVXXiFtt8Ulx7HSuAvHu/uaeedCKA+sXKXe33/aoDoWQDYgAEgQEp
+8Mrclp7hd1kkTnaXCEzAyhlMUtBIXQGI8ALS3FaMoL4mjIlhAU+vNdIcI9NGBx7Q
+FRUzFIy3IAyF+VPq8fM7Yyjk0x4P8UB1N+d2odKvKFqFBQBQmd6S5h+0ijis
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_brainpoolP384r1_PUB
+-----BEGIN PUBLIC KEY-----
+MHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABIEBKfDK3Jae4XdZJE52lwhMwMoZ
+TFLQSF0BiPAC0txWjKC+JoyJYQFPrzXSHCPTRgce0BUVMxSMtyAMhflT6vHzO2Mo
+5NMeD/FAdTfndqHSryhahQUAUJnekuYftIo4rA==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_brainpoolP384r1:ALICE_brainpoolP384r1_PUB
+
+
+PrivateKey=BOB_brainpoolP384r1
+-----BEGIN PRIVATE KEY-----
+MIG6AgEAMBQGByqGSM49AgEGCSskAwMCCAEBCwSBnjCBmwIBAQQwF6ERsBKPIs2v
+YHNnkyb15eHfTIQ58qsFlF90qztOdGzhytiWZXPvOh4khzujFfdZoWQDYgAEDxy4
+ddTAt+nTw0F16nhHhmmNbns3bX3rKEcY+686v58dAvx4VWOC7vHsiwek9ZYbZSkm
+Ky6H78ndkBrmU3BBR7hFGyU7CWSDFoH5Oybk0+JzkNa0qAm8+MpAIcFqb+IY
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_brainpoolP384r1_PUB
+-----BEGIN PUBLIC KEY-----
+MHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABA8cuHXUwLfp08NBdep4R4ZpjW57
+N2196yhHGPuvOr+fHQL8eFVjgu7x7IsHpPWWG2UpJisuh+/J3ZAa5lNwQUe4RRsl
+OwlkgxaB+Tsm5NPic5DWtKgJvPjKQCHBam/iGA==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_brainpoolP384r1:BOB_brainpoolP384r1_PUB
+
+
+# ECDH Alice with Bob peer
+Derive=ALICE_brainpoolP384r1
+PeerKey=BOB_brainpoolP384r1_PUB
+SharedSecret=0b3ad57e83759760d94904d9ea266b538120c6db2b5046217aa1ecd924828b949d335c8ce8a5b36bac7556bf6058c40a
+
+# ECDH Bob with Alice peer
+Derive=BOB_brainpoolP384r1
+PeerKey=ALICE_brainpoolP384r1_PUB
+SharedSecret=0b3ad57e83759760d94904d9ea266b538120c6db2b5046217aa1ecd924828b949d335c8ce8a5b36bac7556bf6058c40a
+
+# TEST CURVE brainpoolP384t1
+
+PrivateKey=ALICE_brainpoolP384t1
+-----BEGIN PRIVATE KEY-----
+MIG6AgEAMBQGByqGSM49AgEGCSskAwMCCAEBDASBnjCBmwIBAQQwYb/xX9O8mxEu
+tbOQwQ/pB862keq/eWxj8GW41m2OroEtOJZL1SsK/8ZwAL3BdNoyoWQDYgAENpcX
+DPQYBhU8zi4G6mQtjdgVmpdn4Iuwb0/VVmopmFAL0ISDB0qk9Hn2Lt9rmE8Nathq
+kKKlVHd/Y5FRqf06PZj8jaYHAxvz5E1J8ykrbT7rUpbj9Df2t+eop9YBbSxc
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_brainpoolP384t1_PUB
+-----BEGIN PUBLIC KEY-----
+MHowFAYHKoZIzj0CAQYJKyQDAwIIAQEMA2IABDaXFwz0GAYVPM4uBupkLY3YFZqX
+Z+CLsG9P1VZqKZhQC9CEgwdKpPR59i7fa5hPDWrYapCipVR3f2ORUan9Oj2Y/I2m
+BwMb8+RNSfMpK20+61KW4/Q39rfnqKfWAW0sXA==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_brainpoolP384t1:ALICE_brainpoolP384t1_PUB
+
+
+PrivateKey=BOB_brainpoolP384t1
+-----BEGIN PRIVATE KEY-----
+MIG6AgEAMBQGByqGSM49AgEGCSskAwMCCAEBDASBnjCBmwIBAQQwbFHOFMHlMXRY
+d29dF6HzKMh09dw7OAyxEeROTqOjFsI+whaqtL4GWH5P0UgFPDAHoWQDYgAER24u
+XKoWWnFFusbCPtDzz7n9zDIWzFqMeP6YE3MOseyfRFcKIVz/omWBVwpUbd3ca6Or
+d/Mh8hThIV4tZbPUwlyzzEW2NMJtd2t5JKdja0aT7fbp7NS9IJzNIRDl7r8z
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_brainpoolP384t1_PUB
+-----BEGIN PUBLIC KEY-----
+MHowFAYHKoZIzj0CAQYJKyQDAwIIAQEMA2IABEduLlyqFlpxRbrGwj7Q88+5/cwy
+FsxajHj+mBNzDrHsn0RXCiFc/6JlgVcKVG3d3Gujq3fzIfIU4SFeLWWz1MJcs8xF
+tjTCbXdreSSnY2tGk+326ezUvSCczSEQ5e6/Mw==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_brainpoolP384t1:BOB_brainpoolP384t1_PUB
+
+
+# ECDH Alice with Bob peer
+Derive=ALICE_brainpoolP384t1
+PeerKey=BOB_brainpoolP384t1_PUB
+SharedSecret=0fde85a61157cdd898196f291802ebd57bb2e39d98c4e6ad9bb3e2e0375e1df9bf7dadb8df7db1fea32818ef2c88babc
+
+# ECDH Bob with Alice peer
+Derive=BOB_brainpoolP384t1
+PeerKey=ALICE_brainpoolP384t1_PUB
+SharedSecret=0fde85a61157cdd898196f291802ebd57bb2e39d98c4e6ad9bb3e2e0375e1df9bf7dadb8df7db1fea32818ef2c88babc
+
+# TEST CURVE brainpoolP512r1
+
+PrivateKey=ALICE_brainpoolP512r1
+-----BEGIN PRIVATE KEY-----
+MIHsAgEAMBQGByqGSM49AgEGCSskAwMCCAEBDQSB0DCBzQIBAQRAjMVK5PA5xYk8
+5gNs28Yo0erQSkgmildL7WwMVeT66algoISleFKT+fQkDRlfSKPXCZjK0NnKX5K9
+rkMm8w9ywKGBhQOBggAEHlj4gsnR2wN53k/hSIcAtbgHwbld5uS1/gR8RtoyaEDi
+t4Ti59/I9kRkZFEHJemhpTP2xY03j3M5rHP7vzk1NVKgYHJQ9MvMtPd6G+Fj5D0Y
+N1nnyqP3IJ8PyXmOdXBMoMHu+H50QbYZpcUFOqJhKp1T0+58xTXJdP8axl1IjtI=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_brainpoolP512r1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDQOBggAEHlj4gsnR2wN53k/hSIcAtbgH
+wbld5uS1/gR8RtoyaEDit4Ti59/I9kRkZFEHJemhpTP2xY03j3M5rHP7vzk1NVKg
+YHJQ9MvMtPd6G+Fj5D0YN1nnyqP3IJ8PyXmOdXBMoMHu+H50QbYZpcUFOqJhKp1T
+0+58xTXJdP8axl1IjtI=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_brainpoolP512r1:ALICE_brainpoolP512r1_PUB
+
+
+PrivateKey=BOB_brainpoolP512r1
+-----BEGIN PRIVATE KEY-----
+MIHsAgEAMBQGByqGSM49AgEGCSskAwMCCAEBDQSB0DCBzQIBAQRAZA10+k4+Esme
+vjkT9LdSX07amRwXrT7CBnEskZpHkZEoYVQa6FuE7Fai0kjL86lUCC4xoTjFbH3t
+LLrD0v7vwqGBhQOBggAEo3NAMIGp0rJxReih4nbEiTegA4pSEk84CUHHBLGuLsek
+Vo1vmj1LTnu4dVuILLf+MSZh9jjNmsWuEGSHIaZx6hniFHGdaRQ3GFODGvkE6z2d
+2kwv3Fmsq9+gu4By2OhSCfP+hpFhobXAYwWXzgaBFH+TqlF31Dyr2fuPnkL7tK4=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_brainpoolP512r1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDQOBggAEo3NAMIGp0rJxReih4nbEiTeg
+A4pSEk84CUHHBLGuLsekVo1vmj1LTnu4dVuILLf+MSZh9jjNmsWuEGSHIaZx6hni
+FHGdaRQ3GFODGvkE6z2d2kwv3Fmsq9+gu4By2OhSCfP+hpFhobXAYwWXzgaBFH+T
+qlF31Dyr2fuPnkL7tK4=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_brainpoolP512r1:BOB_brainpoolP512r1_PUB
+
+
+# ECDH Alice with Bob peer
+Derive=ALICE_brainpoolP512r1
+PeerKey=BOB_brainpoolP512r1_PUB
+SharedSecret=80751feb09215a9da32f9f8c97133f53f0286a89969bd00d7f365da7f7736f45e634a35012d71b22f09bd89760ab0d2b0d426133cd9a379da9739d0f5f2e0360
+
+# ECDH Bob with Alice peer
+Derive=BOB_brainpoolP512r1
+PeerKey=ALICE_brainpoolP512r1_PUB
+SharedSecret=80751feb09215a9da32f9f8c97133f53f0286a89969bd00d7f365da7f7736f45e634a35012d71b22f09bd89760ab0d2b0d426133cd9a379da9739d0f5f2e0360
+
+# TEST CURVE brainpoolP512t1
+
+PrivateKey=ALICE_brainpoolP512t1
+-----BEGIN PRIVATE KEY-----
+MIHsAgEAMBQGByqGSM49AgEGCSskAwMCCAEBDgSB0DCBzQIBAQRAm8Dt1nWguxK5
+iqhf6mig/Y7ctmMgbRCWSJMMd3lw5/iM4mtP9achhaEWGImIWV6Fbryi6Jv3nitC
+BUxpqREpcqGBhQOBggAEH/z+dOHhLfxI0GLpmUjYaSlC2H380nBhe6P4GSrnpya/
+Yew0IRyDfo0p99vwgOaLh8wJIH3Joy4NMtHthg8IAFmoctAoWkQ21E0HjPjwqZbx
+mvBD0S9opVycFR8XUSaK0EHyHO7hfuVsdyYzIIjpKViP7uOOtrggsTepWzBQt9I=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_brainpoolP512t1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDgOBggAEH/z+dOHhLfxI0GLpmUjYaSlC
+2H380nBhe6P4GSrnpya/Yew0IRyDfo0p99vwgOaLh8wJIH3Joy4NMtHthg8IAFmo
+ctAoWkQ21E0HjPjwqZbxmvBD0S9opVycFR8XUSaK0EHyHO7hfuVsdyYzIIjpKViP
+7uOOtrggsTepWzBQt9I=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_brainpoolP512t1:ALICE_brainpoolP512t1_PUB
+
+
+PrivateKey=BOB_brainpoolP512t1
+-----BEGIN PRIVATE KEY-----
+MIHsAgEAMBQGByqGSM49AgEGCSskAwMCCAEBDgSB0DCBzQIBAQRAFStrWBwOtTlY
+/pBeT2ncjTHcNzKm+ocTiIvr0RUEuX8ITd+L5x9H+ZLk44T85/8yqTPlk6cZSHby
+TG5UkPGVvaGBhQOBggAEE6EYYwpBA3NBflj/HYwxzbaxuALefTsTr5O0bLqh4J6S
+xkAwsQnlkU8PCnzEuvdBNxSwW7276VGfwDO7kFKEdZq3cnT+P41yi/XBVK7xgaL1
+R2U+vCxWsje6JLixWEdJkJ+6TqPKICdriNge1zbjvfhb01zP58E/Xsgh5/deJco=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_brainpoolP512t1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDgOBggAEE6EYYwpBA3NBflj/HYwxzbax
+uALefTsTr5O0bLqh4J6SxkAwsQnlkU8PCnzEuvdBNxSwW7276VGfwDO7kFKEdZq3
+cnT+P41yi/XBVK7xgaL1R2U+vCxWsje6JLixWEdJkJ+6TqPKICdriNge1zbjvfhb
+01zP58E/Xsgh5/deJco=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_brainpoolP512t1:BOB_brainpoolP512t1_PUB
+
+
+# ECDH Alice with Bob peer
+Derive=ALICE_brainpoolP512t1
+PeerKey=BOB_brainpoolP512t1_PUB
+SharedSecret=0afecb44d108c9bf2bc159fcc613a1429e3906d5d201d579adc2167058e972ef85fc13d837f3566a2ff3a881e47bfe36b722baf4a9f865097fe11e171189a944
+
+# ECDH Bob with Alice peer
+Derive=BOB_brainpoolP512t1
+PeerKey=ALICE_brainpoolP512t1_PUB
+SharedSecret=0afecb44d108c9bf2bc159fcc613a1429e3906d5d201d579adc2167058e972ef85fc13d837f3566a2ff3a881e47bfe36b722baf4a9f865097fe11e171189a944
+
+
+Title = ECDH KATs (RFC 7027)
+
+# Keys and shared secrets from RFC 7027
+PrivateKey=BRAINPOOLP256R1_RFC7027
+-----BEGIN PRIVATE KEY-----
+MIGIAgEAMBQGByqGSM49AgEGCSskAwMCCAEBBwRtMGsCAQEEIIHbHuEAFQ/y6jON
+cIJxvjgwDLVCQdeZUPd7BjA5gE8doUQDQgAERBBukT+SvAKhcF2ZU6hBTbleGqpJ
+6B2ehfkpqOMQC+WKtIRvEcrMtzzknL3RIPWpAKaf0ywnIiP3ie8Q6wib3A==
+-----END PRIVATE KEY-----
+
+PublicKey=BRAINPOOLP256R1_RFC7027-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABEQQbpE/krwCoXBdmVOoQU25Xhqq
+SegdnoX5KajjEAvlirSEbxHKzLc85Jy90SD1qQCmn9MsJyIj94nvEOsIm9w=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BRAINPOOLP256R1_RFC7027:BRAINPOOLP256R1_RFC7027-PUBLIC
+
+
+PrivateKey=BRAINPOOLP256R1_RFC7027-Peer
+-----BEGIN PRIVATE KEY-----
+MIGIAgEAMBQGByqGSM49AgEGCSskAwMCCAEBBwRtMGsCAQEEIFXkC8QeN+PirSXD
+xmVFEf+oR0qRoAMgh1k4UtPn12vToUQDQgAEjS1ojGz5PhFgrQTMRCkRfcLEGCXh
+6fygrd005vGzn3uZDFdSCBK+USZB5HA0gyEGvH0+jdDkx/ETbXAGVHzsag==
+-----END PRIVATE KEY-----
+
+PublicKey=BRAINPOOLP256R1_RFC7027-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABI0taIxs+T4RYK0EzEQpEX3CxBgl
+4en8oK3dNObxs597mQxXUggSvlEmQeRwNIMhBrx9Po3Q5MfxE21wBlR87Go=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BRAINPOOLP256R1_RFC7027-Peer:BRAINPOOLP256R1_RFC7027-Peer-PUBLIC
+
+Derive=BRAINPOOLP256R1_RFC7027
+PeerKey=BRAINPOOLP256R1_RFC7027-Peer-PUBLIC
+SharedSecret=89AFC39D41D3B327814B80940B042590F96556EC91E6AE7939BCE31F3A18BF2B
+
+Derive=BRAINPOOLP256R1_RFC7027-Peer
+PeerKey=BRAINPOOLP256R1_RFC7027-PUBLIC
+SharedSecret=89AFC39D41D3B327814B80940B042590F96556EC91E6AE7939BCE31F3A18BF2B
+
+PrivateKey=BRAINPOOLP384R1_RFC7027
+-----BEGIN PRIVATE KEY-----
+MIG6AgEAMBQGByqGSM49AgEGCSskAwMCCAEBCwSBnjCBmwIBAQQwHiD14EiliG8f
+FXx06RveK5jItS1Y5QA9VwU/xLC9ZdbxXrXR7hYQ34cHlRQ2J9BCoWQDYgAEaLZl
+3ZHBlYAGUM3TY8Yl9OdC6BNGZ7dnsbR2eTWI+IWraYyFLUpud6JS1jgPyvBoVbyR
+o5yewB3uNgF7fWc6kxI20vH1yDlC0Enj+iBgdJPg0Dj/L9MMKrZ9Fchff6pZ
+-----END PRIVATE KEY-----
+
+PublicKey=BRAINPOOLP384R1_RFC7027-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABGi2Zd2RwZWABlDN02PGJfTnQugT
+Rme3Z7G0dnk1iPiFq2mMhS1KbneiUtY4D8rwaFW8kaOcnsAd7jYBe31nOpMSNtLx
+9cg5QtBJ4/ogYHST4NA4/y/TDCq2fRXIX3+qWQ==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BRAINPOOLP384R1_RFC7027:BRAINPOOLP384R1_RFC7027-PUBLIC
+
+
+PrivateKey=BRAINPOOLP384R1_RFC7027-Peer
+-----BEGIN PRIVATE KEY-----
+MIG6AgEAMBQGByqGSM49AgEGCSskAwMCCAEBCwSBnjCBmwIBAQQwAyZAvGADxZJg
+9yUMPbWM5kf5jhJgrM5KzaPdhp904B+LpeAyQwnbapgxSXq6yWZwoWQDYgAETUQy
+byaaWXpbWLulZdpVVu1/2aip63bCX0bbadGdyM5q0Y5ASxVziyCG3zfnHR60YtaS
+E23lbL6Tv1+jGI71i8ijoOxsHhUaIQOKQukYUym1snWQPRkvjU4fMv6cx4xI
+-----END PRIVATE KEY-----
+
+PublicKey=BRAINPOOLP384R1_RFC7027-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABE1EMm8mmll6W1i7pWXaVVbtf9mo
+qet2wl9G22nRncjOatGOQEsVc4sght835x0etGLWkhNt5Wy+k79foxiO9YvIo6Ds
+bB4VGiEDikLpGFMptbJ1kD0ZL41OHzL+nMeMSA==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BRAINPOOLP384R1_RFC7027-Peer:BRAINPOOLP384R1_RFC7027-Peer-PUBLIC
+
+Derive=BRAINPOOLP384R1_RFC7027
+PeerKey=BRAINPOOLP384R1_RFC7027-Peer-PUBLIC
+SharedSecret=0BD9D3A7EA0B3D519D09D8E48D0785FB744A6B355E6304BC51C229FBBCE239BBADF6403715C35D4FB2A5444F575D4F42
+
+Derive=BRAINPOOLP384R1_RFC7027-Peer
+PeerKey=BRAINPOOLP384R1_RFC7027-PUBLIC
+SharedSecret=0BD9D3A7EA0B3D519D09D8E48D0785FB744A6B355E6304BC51C229FBBCE239BBADF6403715C35D4FB2A5444F575D4F42
+
+PrivateKey=BRAINPOOLP512R1_RFC7027
+-----BEGIN PRIVATE KEY-----
+MIHsAgEAMBQGByqGSM49AgEGCSskAwMCCAEBDQSB0DCBzQIBAQRAFjAv8Nu7Wo1z
+PatxQcG0WsvIcVk5Z39qVoUKOL2HvVmwnoAnlgn/Mz651MBhIx+yb5LusEmCpfHR
+dkytV2ZUIqGBhQOBggAECkIFF+QGqsCs3OkPzXFIdxjTuVPv1/vsX38n4oxhSZmT
+l+keAp4GRX2y0+ZAZos5LCp+c3p/C/BENtEWQP0J/XLmiC6NsoqtNiN80l1YDbI3
+g5YcjcUt+i7BOK1HKg/O84h89itiOyqH3lxYgwHqPl/CabNztgck9egqatFH/ec=
+-----END PRIVATE KEY-----
+
+PublicKey=BRAINPOOLP512R1_RFC7027-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDQOBggAECkIFF+QGqsCs3OkPzXFIdxjT
+uVPv1/vsX38n4oxhSZmTl+keAp4GRX2y0+ZAZos5LCp+c3p/C/BENtEWQP0J/XLm
+iC6NsoqtNiN80l1YDbI3g5YcjcUt+i7BOK1HKg/O84h89itiOyqH3lxYgwHqPl/C
+abNztgck9egqatFH/ec=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BRAINPOOLP512R1_RFC7027:BRAINPOOLP512R1_RFC7027-PUBLIC
+
+
+PrivateKey=BRAINPOOLP512R1_RFC7027-Peer
+-----BEGIN PRIVATE KEY-----
+MIHsAgEAMBQGByqGSM49AgEGCSskAwMCCAEBDQSB0DCBzQIBAQRAIw4Y4bzIijYv
+pU5Oo5AgCSkvf4AzYk/UcbXYrOSdEs+rvBmWPauOLx66AL/7KeTXLRPyIkVi9AXL
+gFA2ZrJUKaGBhQOBggAEnUX2beXWfi5ttuk6Wc4LtIEGCX/3iggd54HNsx/OjMuq
+6o3UMgxBGfHpzUN6Lqs3MfqWaKsmjYcd7aVaVHMZny/cMTCVvN1fs6kWNvB6lZyO
+hrVjah6TDoOWBJy0gZYdNlzBFFOgbHGYNUdbEstS/Dw4O8414n7xlFErcYdihfo=
+-----END PRIVATE KEY-----
+
+PublicKey=BRAINPOOLP512R1_RFC7027-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDQOBggAEnUX2beXWfi5ttuk6Wc4LtIEG
+CX/3iggd54HNsx/OjMuq6o3UMgxBGfHpzUN6Lqs3MfqWaKsmjYcd7aVaVHMZny/c
+MTCVvN1fs6kWNvB6lZyOhrVjah6TDoOWBJy0gZYdNlzBFFOgbHGYNUdbEstS/Dw4
+O8414n7xlFErcYdihfo=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BRAINPOOLP512R1_RFC7027-Peer:BRAINPOOLP512R1_RFC7027-Peer-PUBLIC
+
+Derive=BRAINPOOLP512R1_RFC7027
+PeerKey=BRAINPOOLP512R1_RFC7027-Peer-PUBLIC
+SharedSecret=A7927098655F1F9976FA50A9D566865DC530331846381C87256BAF3226244B76D36403C024D7BBF0AA0803EAFF405D3D24F11A9B5C0BEF679FE1454B21C4CD1F
+
+Derive=BRAINPOOLP512R1_RFC7027-Peer
+PeerKey=BRAINPOOLP512R1_RFC7027-PUBLIC
+SharedSecret=A7927098655F1F9976FA50A9D566865DC530331846381C87256BAF3226244B76D36403C024D7BBF0AA0803EAFF405D3D24F11A9B5C0BEF679FE1454B21C4CD1F
diff --git a/test/recipes/30-test_evp_data/evppkey_dsa.txt b/test/recipes/30-test_evp_data/evppkey_dsa.txt
new file mode 100644
index 0000000000..551c9bd356
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evppkey_dsa.txt
@@ -0,0 +1,130 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+
+# Private keys used for PKEY operations.
+
+# DSA key
+PrivateKey=DSA-1024
+-----BEGIN PRIVATE KEY-----
+MIIBSwIBADCCASwGByqGSM44BAEwggEfAoGBAO0SwRpkAeM21qSM5ch4CLEHpFk4
+19R5ve1UUr421y3HEUURsrVpxYKvyx8aOBQC/akz95cYxNN3y1JnJJMxPklhdJrJ
+f/WDYPxjMk8BqNJmeZtLuCVLKGwQomuo7ZkG955WRyLHYEdQ6uC7K2QTPKpW6psF
+YFaDYjAjSEKk2MFxAhUAykDkKLZdhPWzwM8/qYaE31VmWz0CgYEApNVF8oFK41ez
+Qci9XbSZJHyPB+3jML1YQkHxiiInaIz6GEFtjUbIUEYA/ovY+6ECNI1aIDHTd7CH
+woS0mp33oQYs43nt29B6UwbtMmbzCOQ9vGGwWVho+JtHyyPWrDuLmkvLtoQPaxYt
+6PVa3gncr2v3njcVuH+EQ6DuFR93zksEFgIUbyv6pqH+UQurernJn/7sUm2U2i0=
+-----END PRIVATE KEY-----
+
+PublicKey=DSA-1024-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MIIBtzCCASwGByqGSM44BAEwggEfAoGBAO0SwRpkAeM21qSM5ch4CLEHpFk419R5
+ve1UUr421y3HEUURsrVpxYKvyx8aOBQC/akz95cYxNN3y1JnJJMxPklhdJrJf/WD
+YPxjMk8BqNJmeZtLuCVLKGwQomuo7ZkG955WRyLHYEdQ6uC7K2QTPKpW6psFYFaD
+YjAjSEKk2MFxAhUAykDkKLZdhPWzwM8/qYaE31VmWz0CgYEApNVF8oFK41ezQci9
+XbSZJHyPB+3jML1YQkHxiiInaIz6GEFtjUbIUEYA/ovY+6ECNI1aIDHTd7CHwoS0
+mp33oQYs43nt29B6UwbtMmbzCOQ9vGGwWVho+JtHyyPWrDuLmkvLtoQPaxYt6PVa
+3gncr2v3njcVuH+EQ6DuFR93zksDgYQAAoGAVXFwJ5wTuF0rQ6AWfTitm3/zUeRW
+SeKFo+Rg0GrBI+Wg2Tj+Yn6V8Xs+Xyjim1wsd2P6/BlJzCEr4nHjP9JcBICqM3vI
+9zCaT/vYsLD7/T7rF9AF/jV+LnkGJCzLbDYF04IkhtLNHOQob+Uc8PWB78e/1Lc4
+SzJw2oHciIOt+UU=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = DSA-1024:DSA-1024-PUBLIC
+
+Title = DSA tests
+
+Verify = DSA-1024
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1234"
+Output = 302d021500942b8c5850e05b59e24495116b1e8559e51b610e0214237aedf272d91f2397f63c9fc8790e1a6cde5d87
+
+Verify = DSA-1024-PUBLIC
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1234"
+Output = 302d021500942b8c5850e05b59e24495116b1e8559e51b610e0214237aedf272d91f2397f63c9fc8790e1a6cde5d87
+
+# Modified signature
+Verify = DSA-1024-PUBLIC
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1234"
+Output = 302d021500942b8c5850e05b59e24495116b1e8559e51b610e0214237aedf272d91f2397f63c9fc8790e1a6cde5d88
+Result = VERIFY_ERROR
+
+# Digest too short
+Verify = DSA-1024-PUBLIC
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF123"
+Output = 302d021500942b8c5850e05b59e24495116b1e8559e51b610e0214237aedf272d91f2397f63c9fc8790e1a6cde5d87
+Result = VERIFY_ERROR
+
+# Digest too long
+Verify = DSA-1024-PUBLIC
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF12345"
+Output = 302d021500942b8c5850e05b59e24495116b1e8559e51b610e0214237aedf272d91f2397f63c9fc8790e1a6cde5d87
+Result = VERIFY_ERROR
+
+# Garbage after signature
+Verify = DSA-1024-PUBLIC
+Input = "0123456789ABCDEF1234"
+Output = 302d021500942b8c5850e05b59e24495116b1e8559e51b610e0214237aedf272d91f2397f63c9fc8790e1a6cde5d8700
+Result = VERIFY_ERROR
+
+# Invalid tag
+Verify = DSA-1024-PUBLIC
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1234"
+Output = 312d021500942b8c5850e05b59e24495116b1e8559e51b610e0214237aedf272d91f2397f63c9fc8790e1a6cde5d87
+Result = VERIFY_ERROR
+
+# BER signature
+Verify = DSA-1024-PUBLIC
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1234"
+Output = 3080021500942b8c5850e05b59e24495116b1e8559e51b610e0214237aedf272d91f2397f63c9fc8790e1a6cde5d870000
+Result = VERIFY_ERROR
+
+Title = Test keypair mismatches
+
+PrivateKey = DSA-1024-BIS
+-----BEGIN PRIVATE KEY-----
+MIIBSwIBADCCASwGByqGSM44BAEwggEfAoGBAO0SwRpkAeM21qSM5ch4CLEHpFk419R5ve1UUr42
+1y3HEUURsrVpxYKvyx8aOBQC/akz95cYxNN3y1JnJJMxPklhdJrJf/WDYPxjMk8BqNJmeZtLuCVL
+KGwQomuo7ZkG955WRyLHYEdQ6uC7K2QTPKpW6psFYFaDYjAjSEKk2MFxAhUAykDkKLZdhPWzwM8/
+qYaE31VmWz0CgYEApNVF8oFK41ezQci9XbSZJHyPB+3jML1YQkHxiiInaIz6GEFtjUbIUEYA/ovY
++6ECNI1aIDHTd7CHwoS0mp33oQYs43nt29B6UwbtMmbzCOQ9vGGwWVho+JtHyyPWrDuLmkvLtoQP
+axYt6PVa3gncr2v3njcVuH+EQ6DuFR93zksEFgIUFQFshP0hj7i6ClXkSPYoFW6KrIY=
+-----END PRIVATE KEY-----
+
+PublicKey = DSA-1024-BIS-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MIIBtzCCASwGByqGSM44BAEwggEfAoGBAO0SwRpkAeM21qSM5ch4CLEHpFk419R5
+ve1UUr421y3HEUURsrVpxYKvyx8aOBQC/akz95cYxNN3y1JnJJMxPklhdJrJf/WD
+YPxjMk8BqNJmeZtLuCVLKGwQomuo7ZkG955WRyLHYEdQ6uC7K2QTPKpW6psFYFaD
+YjAjSEKk2MFxAhUAykDkKLZdhPWzwM8/qYaE31VmWz0CgYEApNVF8oFK41ezQci9
+XbSZJHyPB+3jML1YQkHxiiInaIz6GEFtjUbIUEYA/ovY+6ECNI1aIDHTd7CHwoS0
+mp33oQYs43nt29B6UwbtMmbzCOQ9vGGwWVho+JtHyyPWrDuLmkvLtoQPaxYt6PVa
+3gncr2v3njcVuH+EQ6DuFR93zksDgYQAAoGAdZCPYZ9WvtKW7dFvbEjl0HHBxLNX
+8kV1/FAxsDrQd+c8mWdruNzcmwsZJklJuTK9czKnXgLmkRHR20I4oNrJ/bptV8lV
+iDvJBJlmZ1aGh6yLIHzYBbgbgia3lBrFlO5qUxNmbNeiC+HIqUvlVBmQOLN6+Xjn
+Q4A0wDK8dmF2dFI=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = DSA-1024-BIS:DSA-1024-BIS-PUBLIC
+
+PrivPubKeyPair = DSA-1024:DSA-1024-BIS-PUBLIC
+Result = KEYPAIR_MISMATCH
+
+PrivPubKeyPair = DSA-1024-BIS:DSA-1024-PUBLIC
+Result = KEYPAIR_MISMATCH
diff --git a/test/recipes/30-test_evp_data/evppkey_ecc.txt b/test/recipes/30-test_evp_data/evppkey_ecc.txt
index b255f772bc..f0ae1081c4 100644
--- a/test/recipes/30-test_evp_data/evppkey_ecc.txt
+++ b/test/recipes/30-test_evp_data/evppkey_ecc.txt
@@ -1,566 +1,15 @@
-Title=brainpoolP160r1 curve tests
-
-PrivateKey=ALICE_cf_brainpoolP160r1
------BEGIN PRIVATE KEY-----
-MDYCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEBBBswGQIBAQQUo0UiM85512uHsr2DkIOYgyxSQxk=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_brainpoolP160r1_PUB
------BEGIN PUBLIC KEY-----
-MEIwFAYHKoZIzj0CAQYJKyQDAwIIAQEBAyoABI7OZhLqr+8c3D9Tn6++CqQtc9jG5a1COb1okeZb
-wKJUkmWn6NvNCQQ=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_brainpoolP160r1:ALICE_cf_brainpoolP160r1_PUB
-
-PrivateKey=BOB_cf_brainpoolP160r1
------BEGIN PRIVATE KEY-----
-MDYCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEBBBswGQIBAQQUmr0Vq3Z/feXq9tg9s8dxJXne1dU=
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_brainpoolP160r1_PUB
------BEGIN PUBLIC KEY-----
-MEIwFAYHKoZIzj0CAQYJKyQDAwIIAQEBAyoABAu+ovBXBFQuw3Rt9qeImT6mLh9rerLFnTRL0+LH
-sptS1Mbd0R4+5HM=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_brainpoolP160r1:BOB_cf_brainpoolP160r1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_brainpoolP160r1
-PeerKey=BOB_cf_brainpoolP160r1_PUB
-SharedSecret=2e75cb6a8f13951b437e04a0ed1d714a610036cc
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_brainpoolP160r1
-PeerKey=ALICE_cf_brainpoolP160r1_PUB
-SharedSecret=2e75cb6a8f13951b437e04a0ed1d714a610036cc
-
-Title=brainpoolP160t1 curve tests
-
-PrivateKey=ALICE_cf_brainpoolP160t1
------BEGIN PRIVATE KEY-----
-MDYCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQECBBswGQIBAQQU1P/o5GQx5PA0kQoiwUtaXBUASUY=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_brainpoolP160t1_PUB
------BEGIN PUBLIC KEY-----
-MEIwFAYHKoZIzj0CAQYJKyQDAwIIAQECAyoABANetsUNsxVmDo7X4LQ9yPYTcjN1HvLTo9GEEQtV
-lG71NyzLPQwPDwM=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_brainpoolP160t1:ALICE_cf_brainpoolP160t1_PUB
-
-PrivateKey=BOB_cf_brainpoolP160t1
------BEGIN PRIVATE KEY-----
-MDYCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQECBBswGQIBAQQUck4Sh9X3JjSUIRoxxKv8qLM6Ijc=
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_brainpoolP160t1_PUB
------BEGIN PUBLIC KEY-----
-MEIwFAYHKoZIzj0CAQYJKyQDAwIIAQECAyoABEtd7DRUMYXeoxhxpWgPz/esQkXtoTAAune8CAAo
-HqNNlR11VDctfkw=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_brainpoolP160t1:BOB_cf_brainpoolP160t1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_brainpoolP160t1
-PeerKey=BOB_cf_brainpoolP160t1_PUB
-SharedSecret=6ea603a6a1a83812b967c83ef1867bd807be761e
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_brainpoolP160t1
-PeerKey=ALICE_cf_brainpoolP160t1_PUB
-SharedSecret=6ea603a6a1a83812b967c83ef1867bd807be761e
-
-Title=brainpoolP192r1 curve tests
-
-PrivateKey=ALICE_cf_brainpoolP192r1
------BEGIN PRIVATE KEY-----
-MDoCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEDBB8wHQIBAQQYlF5JxzV9Doezn3hLoiidvy5TnIA7
-aR+j
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_brainpoolP192r1_PUB
------BEGIN PUBLIC KEY-----
-MEowFAYHKoZIzj0CAQYJKyQDAwIIAQEDAzIABELUMqBZrH66DIJ1a3a42k86THdH1DevigK0dc57
-8XEZ3HcuSQ+ycrMmit1PUQItbg==
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_brainpoolP192r1:ALICE_cf_brainpoolP192r1_PUB
-
-PrivateKey=BOB_cf_brainpoolP192r1
------BEGIN PRIVATE KEY-----
-MDoCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEDBB8wHQIBAQQYjdu95CL1DQMGpsOmsfYOAjF5cW99
-bQie
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_brainpoolP192r1_PUB
------BEGIN PUBLIC KEY-----
-MEowFAYHKoZIzj0CAQYJKyQDAwIIAQEDAzIABInqyC1mAfyF7LU5tX/dRF5S/S9uPlQjNAhTRP6/
-/kAbKsXmABQXFeM0+P3hMw4UxQ==
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_brainpoolP192r1:BOB_cf_brainpoolP192r1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_brainpoolP192r1
-PeerKey=BOB_cf_brainpoolP192r1_PUB
-SharedSecret=2b34396d02a40df0b9f8f9c0b8623be05b41249fbd69e02a
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_brainpoolP192r1
-PeerKey=ALICE_cf_brainpoolP192r1_PUB
-SharedSecret=2b34396d02a40df0b9f8f9c0b8623be05b41249fbd69e02a
-
-Title=brainpoolP192t1 curve tests
-
-PrivateKey=ALICE_cf_brainpoolP192t1
------BEGIN PRIVATE KEY-----
-MDoCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEEBB8wHQIBAQQYKkFNgJ5sJKNIyYPK1h+gdPw04bxa
-zIV7
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_brainpoolP192t1_PUB
------BEGIN PUBLIC KEY-----
-MEowFAYHKoZIzj0CAQYJKyQDAwIIAQEEAzIABAzDb+niXBQFn9f0zXf8z+kfdBIYTws8FSfdWFdU
-NGo4haY9+fL8D40kNNShgBnlKw==
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_brainpoolP192t1:ALICE_cf_brainpoolP192t1_PUB
-
-PrivateKey=BOB_cf_brainpoolP192t1
------BEGIN PRIVATE KEY-----
-MDoCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEEBB8wHQIBAQQYFpxTrRJBEpyCePM20Fmw0uYPoxTm
-T/sq
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_brainpoolP192t1_PUB
------BEGIN PUBLIC KEY-----
-MEowFAYHKoZIzj0CAQYJKyQDAwIIAQEEAzIABC6CPE1t5PwHpXSS1u4R0JTs1IeDW8hiqarIn3pM
-I9wh+oCRjVcqvB4WDaql1bHCYg==
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_brainpoolP192t1:BOB_cf_brainpoolP192t1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_brainpoolP192t1
-PeerKey=BOB_cf_brainpoolP192t1_PUB
-SharedSecret=84049068441a342d7c2951ff159cdc9d05c4bddf2a6e6309
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_brainpoolP192t1
-PeerKey=ALICE_cf_brainpoolP192t1_PUB
-SharedSecret=84049068441a342d7c2951ff159cdc9d05c4bddf2a6e6309
-
-Title=brainpoolP224r1 curve tests
-
-PrivateKey=ALICE_cf_brainpoolP224r1
------BEGIN PRIVATE KEY-----
-MD4CAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEFBCMwIQIBAQQcHhlSkNTFJbZSy79CADDwo855nH2+
-cWxwSl6BpQ==
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_brainpoolP224r1_PUB
------BEGIN PUBLIC KEY-----
-MFIwFAYHKoZIzj0CAQYJKyQDAwIIAQEFAzoABBF4+KObaB0yJTPHPrCN6EOnr5M8zKb5CHa7SSyL
-4L9nRjgA8TfoU03LQsrtE9beREkxK3EHc25Z
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_brainpoolP224r1:ALICE_cf_brainpoolP224r1_PUB
-
-PrivateKey=BOB_cf_brainpoolP224r1
------BEGIN PRIVATE KEY-----
-MD4CAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEFBCMwIQIBAQQczslMgGENRTriMWvDfGrM/ilLpzy0
-Js79UiVzLA==
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_brainpoolP224r1_PUB
------BEGIN PUBLIC KEY-----
-MFIwFAYHKoZIzj0CAQYJKyQDAwIIAQEFAzoABIGGu4+PPMwOihplm2tLO7dLcDqXZB1MQHloOU8a
-taeDvYHIck4z08+1DATvPqpIDzyn9WtXRqmG
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_brainpoolP224r1:BOB_cf_brainpoolP224r1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_brainpoolP224r1
-PeerKey=BOB_cf_brainpoolP224r1_PUB
-SharedSecret=477240c0587dea6aecfcac5a154d7ba3a5d4eb1ab30a69012d4401de
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_brainpoolP224r1
-PeerKey=ALICE_cf_brainpoolP224r1_PUB
-SharedSecret=477240c0587dea6aecfcac5a154d7ba3a5d4eb1ab30a69012d4401de
-
-Title=brainpoolP224t1 curve tests
-
-PrivateKey=ALICE_cf_brainpoolP224t1
------BEGIN PRIVATE KEY-----
-MD4CAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEGBCMwIQIBAQQca9rhmcgHV6etILVB9ccK2jIFXw4N
-YrvlljcGFw==
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_brainpoolP224t1_PUB
------BEGIN PUBLIC KEY-----
-MFIwFAYHKoZIzj0CAQYJKyQDAwIIAQEGAzoABHA9XoULjM967710RPgT1ICW0b+y9pFpm2yCUq2m
-kSiy/JZvuWXhTJ+KmXGnAOTIlyiOUG8tZm39
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_brainpoolP224t1:ALICE_cf_brainpoolP224t1_PUB
-
-PrivateKey=BOB_cf_brainpoolP224t1
------BEGIN PRIVATE KEY-----
-MD4CAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEGBCMwIQIBAQQcFaiqaheY0xBo5lUY8hOXMUICdOAu
-NWP/Uw3l+Q==
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_brainpoolP224t1_PUB
------BEGIN PUBLIC KEY-----
-MFIwFAYHKoZIzj0CAQYJKyQDAwIIAQEGAzoABLvPkrvyCeS/QdTX5D/AFfF0lTuPpXhSRPKocViS
-nUIZAEziCuOsgx+BqAOxNg+CN/tNzHsG1srf
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_brainpoolP224t1:BOB_cf_brainpoolP224t1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_brainpoolP224t1
-PeerKey=BOB_cf_brainpoolP224t1_PUB
-SharedSecret=2c8dd0dbf3a62a202150e12443461d348be57bc58db0f2f7d8938933
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_brainpoolP224t1
-PeerKey=ALICE_cf_brainpoolP224t1_PUB
-SharedSecret=2c8dd0dbf3a62a202150e12443461d348be57bc58db0f2f7d8938933
-
-Title=brainpoolP256r1 curve tests
-
-PrivateKey=ALICE_cf_brainpoolP256r1
------BEGIN PRIVATE KEY-----
-MEICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEHBCcwJQIBAQQgcH7I5THTXm+bu+vwtyNt+XBxk/uJ
-R5V/zzRyMoXjuek=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_brainpoolP256r1_PUB
------BEGIN PUBLIC KEY-----
-MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABDFYVAzLX03nHXeFY7aJspsp525bbgzfnT68kJXB
-HhChZmPaa5BAV5Cn4DXJ5HQ5N/V8Z8Dz0aux0SWtl6ctENM=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_brainpoolP256r1:ALICE_cf_brainpoolP256r1_PUB
-
-PrivateKey=BOB_cf_brainpoolP256r1
------BEGIN PRIVATE KEY-----
-MEICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEHBCcwJQIBAQQgDEj/wLk/4z4Wcv8rOc9lNnRQ6hpr
-XfiuUSRqgedZkRU=
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_brainpoolP256r1_PUB
------BEGIN PUBLIC KEY-----
-MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABHJdRWXtaxwI0AdvDXEk+a6XuQp72Zi+wxCrxFFW
-NgJbmH0yr4jDklp4oiC2UHkapvT6XanGMKFo2ZSziltas0A=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_brainpoolP256r1:BOB_cf_brainpoolP256r1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_brainpoolP256r1
-PeerKey=BOB_cf_brainpoolP256r1_PUB
-SharedSecret=2fdd9d97efdcba3f5b181df53331db0ee42a3b1072147325ce8521dbaeafc3e4
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_brainpoolP256r1
-PeerKey=ALICE_cf_brainpoolP256r1_PUB
-SharedSecret=2fdd9d97efdcba3f5b181df53331db0ee42a3b1072147325ce8521dbaeafc3e4
-
-Title=brainpoolP256t1 curve tests
-
-PrivateKey=ALICE_cf_brainpoolP256t1
------BEGIN PRIVATE KEY-----
-MEICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEIBCcwJQIBAQQgBDlYKiUEsm+tEN/DDQBhlWKJhF4J
-We+4fqVSaPNT3VY=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_brainpoolP256t1_PUB
------BEGIN PUBLIC KEY-----
-MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEIA0IABE6XKfvmlGKrXKN/FHhW9cMThPFUIq6Au3cCujPI
-rHejQQJnsz9mSRBtzRkMM1abUc4Mf9xhkWbrT+QuJ3FcLWI=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_brainpoolP256t1:ALICE_cf_brainpoolP256t1_PUB
-
-PrivateKey=BOB_cf_brainpoolP256t1
------BEGIN PRIVATE KEY-----
-MEICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEIBCcwJQIBAQQgDUCTqTrVwouIU3hFoO3hwiME17PF
-X7ntzOWKS2ebqGs=
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_brainpoolP256t1_PUB
------BEGIN PUBLIC KEY-----
-MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEIA0IABBwxGpomQmgqgsUYHmpYt3qGKRVT/pJfyU+lpLXi
-/XAibEp/IvX3oFMEolSoy39poO6Zkq6npAniBqer+bS9Jpw=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_brainpoolP256t1:BOB_cf_brainpoolP256t1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_brainpoolP256t1
-PeerKey=BOB_cf_brainpoolP256t1_PUB
-SharedSecret=7f177af329a4b377aea6e80bddf14f09c17c4fe81598703898fb62c929cbff04
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_brainpoolP256t1
-PeerKey=ALICE_cf_brainpoolP256t1_PUB
-SharedSecret=7f177af329a4b377aea6e80bddf14f09c17c4fe81598703898fb62c929cbff04
-
-Title=brainpoolP320r1 curve tests
-
-PrivateKey=ALICE_cf_brainpoolP320r1
------BEGIN PRIVATE KEY-----
-MEoCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEJBC8wLQIBAQQophG1zB+U2lRdetiZlk9C4+q7APJ9
-xqGQ0+GPq68+WmyZon1lDRQ5/g==
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_brainpoolP320r1_PUB
------BEGIN PUBLIC KEY-----
-MGowFAYHKoZIzj0CAQYJKyQDAwIIAQEJA1IABM9TaT9Q2j+VTlQ1pfcXx9SjlU1fEk0RvEbaY1O8
-pq8OgkQeulcgSXiI1rJI0wjV/qJoi0coZUHhsJ7bXmdO8vSTdgCMbavZScCkN6iFsALm
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_brainpoolP320r1:ALICE_cf_brainpoolP320r1_PUB
-
-PrivateKey=BOB_cf_brainpoolP320r1
------BEGIN PRIVATE KEY-----
-MEoCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEJBC8wLQIBAQQoO6MtFhs8dwul0iRbyfssxtFF6Ubt
-q2oHlzvkFL5q4uLSY7pRcDz4vw==
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_brainpoolP320r1_PUB
------BEGIN PUBLIC KEY-----
-MGowFAYHKoZIzj0CAQYJKyQDAwIIAQEJA1IABM50yDpoBMhirlHQqjMmVj/KZR0dfvmudoDt02qY
-3lKei94evfTHmPG/9BjMYQGQcRM4CDGHR0iUIUJa99e/rxj9IguPkkNiAmDZQaKsqmKB
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_brainpoolP320r1:BOB_cf_brainpoolP320r1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_brainpoolP320r1
-PeerKey=BOB_cf_brainpoolP320r1_PUB
-SharedSecret=4ee386c231d0a7c9bb6dc05362f56ca70bf7ba5dcb66d8c4574c0497fdab6a5b79818a64ff5dc87e
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_brainpoolP320r1
-PeerKey=ALICE_cf_brainpoolP320r1_PUB
-SharedSecret=4ee386c231d0a7c9bb6dc05362f56ca70bf7ba5dcb66d8c4574c0497fdab6a5b79818a64ff5dc87e
-
-Title=brainpoolP320t1 curve tests
-
-PrivateKey=ALICE_cf_brainpoolP320t1
------BEGIN PRIVATE KEY-----
-MEoCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEKBC8wLQIBAQQoMsI2lsl5Sj0I4A3J0I5XStMSLT4P
-hMxwrbFdtKQh+At6RN2s12W4Kg==
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_brainpoolP320t1_PUB
------BEGIN PUBLIC KEY-----
-MGowFAYHKoZIzj0CAQYJKyQDAwIIAQEKA1IABAvtZgehjOIdjsYKMcK08LaS8zVb6znYb6Qa9Fzf
-LhLUSH5S728KJHWXMh7RqZMI3yTC5I0ESqB0CvG5N0hR+3y8L3eQJisCNdnzAgMyy0ab
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_brainpoolP320t1:ALICE_cf_brainpoolP320t1_PUB
-
-PrivateKey=BOB_cf_brainpoolP320t1
------BEGIN PRIVATE KEY-----
-MEoCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEKBC8wLQIBAQQoNtZiGbwSl0NNHBmTaJKf7/VMqZjo
-yWavjg6CPa6ZgpKRR7vIQt5d9Q==
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_brainpoolP320t1_PUB
------BEGIN PUBLIC KEY-----
-MGowFAYHKoZIzj0CAQYJKyQDAwIIAQEKA1IABHlS/OtqhHctabDCsDexScvQ2DGXhBuypaEeKOUq
-vbLUovatBoreEj1j5YrOl9mKpd9Hj6YqYGWH+7KKjua+5DBn9rlxlmmkst+gb+vm3UE/
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_brainpoolP320t1:BOB_cf_brainpoolP320t1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_brainpoolP320t1
-PeerKey=BOB_cf_brainpoolP320t1_PUB
-SharedSecret=079d62bad81ceeab9f213818faf249f7b29b87a81b56a33b774b2631860f90a25f5377da504cb619
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_brainpoolP320t1
-PeerKey=ALICE_cf_brainpoolP320t1_PUB
-SharedSecret=079d62bad81ceeab9f213818faf249f7b29b87a81b56a33b774b2631860f90a25f5377da504cb619
-
-Title=brainpoolP384r1 curve tests
-
-PrivateKey=ALICE_cf_brainpoolP384r1
------BEGIN PRIVATE KEY-----
-MFICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQELBDcwNQIBAQQwUW3EKrK8Rr80Jn5wwvTLC+HDTApA
-ndycbRYiQkew7SgijhNO+cV0pE0sNpMZY+Wo
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_brainpoolP384r1_PUB
------BEGIN PUBLIC KEY-----
-MHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABBvE/fg0tIrsrIiAL07MlREd5zYk52mW7oQ+jPky
-PmGeUoZq1LtpEzQCE1uuruOuyQH1M2c7flVA8Gh3IbSCupwVBCR2QObolwk1w5qK/l/KR26tMeXI
-qL2Sy85NCUpMDw==
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_brainpoolP384r1:ALICE_cf_brainpoolP384r1_PUB
-
-PrivateKey=BOB_cf_brainpoolP384r1
------BEGIN PRIVATE KEY-----
-MFICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQELBDcwNQIBAQQwdG7bSygpM2GpxDPAb4hOTtFZrP2n
-qbyf7v3jFe8/ERpzREPcSntkNDyu/iAsmQKj
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_brainpoolP384r1_PUB
------BEGIN PUBLIC KEY-----
-MHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABIIxQfeqZ+uWNKAwZtxAt4ieZW7lCg7Bezpn1dG/
-VDvy/Dd5YpAuDtVxFCLfCUVH+gXfC2wUpWj8j8lgPhP1wBat/hu/PN/AQPg9C/J2EcQRVQXwyZvQ
-PzgiZeo1aWw2+w==
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_brainpoolP384r1:BOB_cf_brainpoolP384r1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_brainpoolP384r1
-PeerKey=BOB_cf_brainpoolP384r1_PUB
-SharedSecret=35e9a3f86a38888d183cc343801dcdaecb664d5b37f7fbc0459fd4612da6b29831bd2d8e5b599376ca510fcc3ac78be6
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_brainpoolP384r1
-PeerKey=ALICE_cf_brainpoolP384r1_PUB
-SharedSecret=35e9a3f86a38888d183cc343801dcdaecb664d5b37f7fbc0459fd4612da6b29831bd2d8e5b599376ca510fcc3ac78be6
-
-Title=brainpoolP384t1 curve tests
-
-PrivateKey=ALICE_cf_brainpoolP384t1
------BEGIN PRIVATE KEY-----
-MFICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEMBDcwNQIBAQQwGyCfuKlQDK4EflGVc01hBKW+OB/L
-ojNz6kgnAWMuWoCyOM8SOkSTbOCimaVqZrlq
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_brainpoolP384t1_PUB
------BEGIN PUBLIC KEY-----
-MHowFAYHKoZIzj0CAQYJKyQDAwIIAQEMA2IABE1O0qNzgozAxaQC7qX2wS+HNfKIAMc7eX4G4Z0w
-M30kgGyCn4CtWCBFgG15laf6OnYcdJgC8284B2smZiqHuvssw12SZwOlaXoLGyIsqygTitCO3Ebd
-k2dmuYdWzxj5/g==
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_brainpoolP384t1:ALICE_cf_brainpoolP384t1_PUB
-
-PrivateKey=BOB_cf_brainpoolP384t1
------BEGIN PRIVATE KEY-----
-MFICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEMBDcwNQIBAQQwbpabbL6g9HZUZ4VusnNGHsHujUsA
-cDuviAZTBaHWJsCd5jA64hVFZXlZ9Jj/nSLs
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_brainpoolP384t1_PUB
------BEGIN PUBLIC KEY-----
-MHowFAYHKoZIzj0CAQYJKyQDAwIIAQEMA2IABAyawWqAcNlcwOauu2b93XXqpZQeRM26AYcDcHIf
-tZahQrwFpLgt6Tn7tzA2CgRGvSvBGZTxkzuHasxJn+dBDGLraias3U/sLD3P4TQuP9v8cO6i7g4x
-T+DZbNUQQ3ePDQ==
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_brainpoolP384t1:BOB_cf_brainpoolP384t1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_brainpoolP384t1
-PeerKey=BOB_cf_brainpoolP384t1_PUB
-SharedSecret=030113dd1662230f1e47418c3044a0852dcd74fa508dbabb02d1fe5d788aa49d8047d02a802f796af21473ab17f6f85f
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_brainpoolP384t1
-PeerKey=ALICE_cf_brainpoolP384t1_PUB
-SharedSecret=030113dd1662230f1e47418c3044a0852dcd74fa508dbabb02d1fe5d788aa49d8047d02a802f796af21473ab17f6f85f
-
-Title=brainpoolP512r1 curve tests
-
-PrivateKey=ALICE_cf_brainpoolP512r1
------BEGIN PRIVATE KEY-----
-MGICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQENBEcwRQIBAQRAagAsEAU5t/T4yI0MvyTWuPcrQfaa
-1xZr99hRfeY7+pDV4yooxTIXUESqk/dBQlFSrVUkdvMQHq/8vm5V/w97LQ==
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_brainpoolP512r1_PUB
------BEGIN PUBLIC KEY-----
-MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDQOBggAEJLmN88iMClNBtyLHzmSgIE9d+v/GRtBr1+r+
-Wvz5XOwsiHWWFTRO5Um+3HUVZH+S3nky6n/3Yjn4DFA4lhxV+y40g8p+kkXYKwpXTByQhERcPPPS
-wKh/S7Y3k3KSLkphjiBExzlBcj9r3gLww9+0nVer/fnUgRz7YwWldv4PR2E=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_brainpoolP512r1:ALICE_cf_brainpoolP512r1_PUB
-
-PrivateKey=BOB_cf_brainpoolP512r1
------BEGIN PRIVATE KEY-----
-MGICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQENBEcwRQIBAQRAgHKjBCUMVJTF41vKv+Lp2xVz6bsF
-P1Aqc+2ehlxlEoYL4H8CbUBh89F1QPjGjIOLEebJcN/KnnpyRGVdx4UV2g==
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_brainpoolP512r1_PUB
------BEGIN PUBLIC KEY-----
-MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDQOBggAElWuk6uPxVgBSLSK9Zfqbid/ipXbIFKVaetCI
-YsYOdzkbjGIWLd2MFZIjZ9r7ePEcHXqQiwGvW+8itGM/xwLpA4qZ2QYazqtAbT187d5cdyZf4PQT
-/kv/ZTvXTl7xHDtaujQ1re00Z3liEKgKstI80BkA6eA4Jfy4G2F7CX/WuSQ=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_brainpoolP512r1:BOB_cf_brainpoolP512r1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_brainpoolP512r1
-PeerKey=BOB_cf_brainpoolP512r1_PUB
-SharedSecret=84269a8f2932b7e09b23deabaeab26eda6bbdee8846153b0c62b7d2663506a9e71d32cf0cc127ec130f6880612f4e054bc79adb57ddbee97949508ce1eda0bb1
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_brainpoolP512r1
-PeerKey=ALICE_cf_brainpoolP512r1_PUB
-SharedSecret=84269a8f2932b7e09b23deabaeab26eda6bbdee8846153b0c62b7d2663506a9e71d32cf0cc127ec130f6880612f4e054bc79adb57ddbee97949508ce1eda0bb1
-
-Title=brainpoolP512t1 curve tests
-
-PrivateKey=ALICE_cf_brainpoolP512t1
------BEGIN PRIVATE KEY-----
-MGICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEOBEcwRQIBAQRAd92o2JLX5lk2v6fGr1pH5TT8KUKR
-6FaCm6CRk0dC/xK6h0rpONjx+37VuH3uS+HoRlru83maSoeHQneWCc32XA==
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_brainpoolP512t1_PUB
------BEGIN PUBLIC KEY-----
-MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDgOBggAEob+TJkhNP6D+HoQtlWcLITI3MM25Axi++awv
-HnMoclRLLur7CjQsKd0v6aEzmG2+4WZSZFGLA9L8Z5sh9L916p5CD5nk1pNfy5QKNi2H5R3QC/oc
-RfNNxhXdVVekfTaAiqhe8UF3aMngmDAc7sq794DVZvCf1sqq8v5cHrnqRcQ=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_brainpoolP512t1:ALICE_cf_brainpoolP512t1_PUB
-
-PrivateKey=BOB_cf_brainpoolP512t1
------BEGIN PRIVATE KEY-----
-MGICAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEOBEcwRQIBAQRAVW4ZQKgDeHAkubwYYlp2JKklrbpp
-gvez/prOdyHJXJbVriU4lCH/MpH2I+nXjaZ9zLcl9JbnrUOJ6xGPHfZJrw==
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_brainpoolP512t1_PUB
------BEGIN PUBLIC KEY-----
-MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDgOBggAEJbQFKxq27CuY7/mgNwEnH3GSYGXy9s6n48qq
-gbMrp5uREi8JXZ+BuLQmzZuF15ZPOOmh+EJFjbD8i9NDiUkYLnm1oy/EuE1f5VUNoXFeFFIa21vZ
-2kzPYYKYyUNOdG8p/s4rPBFyCMf6Tizt0D4XA4oLptKUUIX2SC1Sd+qakKA=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_brainpoolP512t1:BOB_cf_brainpoolP512t1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_brainpoolP512t1
-PeerKey=BOB_cf_brainpoolP512t1_PUB
-SharedSecret=48bc4ebdb9a88ca38bed58f5e547eb11d803fd01b6eadff1761ecb48c54525cba43bdb0ee4a4d7aa6701985e0bc12fd32382c035d80acc7ec26adfcb108a07cb
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_brainpoolP512t1
-PeerKey=ALICE_cf_brainpoolP512t1_PUB
-SharedSecret=48bc4ebdb9a88ca38bed58f5e547eb11d803fd01b6eadff1761ecb48c54525cba43bdb0ee4a4d7aa6701985e0bc12fd32382c035d80acc7ec26adfcb108a07cb
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
 
 Title=c2pnb163v1 curve tests
 
diff --git a/test/recipes/30-test_evp_data/evppkey_ecdh.txt b/test/recipes/30-test_evp_data/evppkey_ecdh.txt
new file mode 100644
index 0000000000..35b507896e
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evppkey_ecdh.txt
@@ -0,0 +1,3470 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+
+# Public key algorithm tests
+
+# Private keys used for PKEY operations.
+
+
+# EC P-256 key
+
+PrivateKey=P-256
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgiocvtiiTxNH/xbnw
++RdYBp+DUuCPoFpJ+NuSbLVyhyWhRANCAAQsFQ9CnOcPIWwlLPXgYs4fY5zV0WXH
++JQkBywnGX14szuSDpXNtmTpkNzwz+oNlOKo5q+dDlgFbmUxBJJbn+bJ
+-----END PRIVATE KEY-----
+
+# EC public key for above
+
+PublicKey=P-256-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAELBUPQpznDyFsJSz14GLOH2Oc1dFl
+x/iUJAcsJxl9eLM7kg6VzbZk6ZDc8M/qDZTiqOavnQ5YBW5lMQSSW5/myQ==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = P-256:P-256-PUBLIC
+
+# Additional EC key for ECDH
+PrivateKey=P-256-Peer
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg/URzu1TDNwUFWZ3i
+dLISAZpEY0vfJ2pLB7f+Xnjyl2OhRANCAAQgBuXhSgeKpz+4piXlYSVLvy0NT+wK
+uZWUI3LqUUCV07wg+RLLMY8yNK9kjqcgZDs/cB+bet64nQq+dNnvtpxG
+-----END PRIVATE KEY-----
+
+PublicKey=P-256-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEIAbl4UoHiqc/uKYl5WElS78tDU/s
+CrmVlCNy6lFAldO8IPkSyzGPMjSvZI6nIGQ7P3Afm3reuJ0KvnTZ77acRg==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = P-256-Peer:P-256-Peer-PUBLIC
+
+Title = ECDH tests
+
+
+Derive=P-256
+PeerKey=P-256-Peer-PUBLIC
+SharedSecret=E3CC07DFBDDE76A1139811DB9FF5FAF9D17EF39944F1E77D1F6A208524BF7B1B
+
+
+Derive=P-256-Peer
+PeerKey=P-256-PUBLIC
+SharedSecret=E3CC07DFBDDE76A1139811DB9FF5FAF9D17EF39944F1E77D1F6A208524BF7B1B
+
+Title = ECDH tests (with random keys)
+
+# TEST CURVE secp112r1
+
+PrivateKey=ALICE_secp112r1
+-----BEGIN PRIVATE KEY-----
+ME4CAQAwEAYHKoZIzj0CAQYFK4EEAAYENzA1AgEBBA6sqKp39AWLClus2ha5rqEg
+Ax4ABJ4NTgOR1xQAr3M6eM46WqXW2zA6FnsUMKFFwcw=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_secp112r1_PUB
+-----BEGIN PUBLIC KEY-----
+MDIwEAYHKoZIzj0CAQYFK4EEAAYDHgAEng1OA5HXFACvczp4zjpapdbbMDoWexQw
+oUXBzA==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_secp112r1:ALICE_secp112r1_PUB
+
+
+PrivateKey=BOB_secp112r1
+-----BEGIN PRIVATE KEY-----
+ME4CAQAwEAYHKoZIzj0CAQYFK4EEAAYENzA1AgEBBA5pIbX+hEq49mFPjUl4/6Eg
+Ax4ABBsPNZHm1pcdw104ibwIycCe+r5voeRfQUZRZ3c=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_secp112r1_PUB
+-----BEGIN PUBLIC KEY-----
+MDIwEAYHKoZIzj0CAQYFK4EEAAYDHgAEGw81kebWlx3DXTiJvAjJwJ76vm+h5F9B
+RlFndw==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_secp112r1:BOB_secp112r1_PUB
+
+
+# ECDH Alice with Bob peer
+Derive=ALICE_secp112r1
+PeerKey=BOB_secp112r1_PUB
+SharedSecret=a6cefb5aa7a352afe818749eb401
+
+# ECDH Bob with Alice peer
+Derive=BOB_secp112r1
+PeerKey=ALICE_secp112r1_PUB
+SharedSecret=a6cefb5aa7a352afe818749eb401
+
+# TEST CURVE secp112r2
+
+PrivateKey=ALICE_secp112r2
+-----BEGIN PRIVATE KEY-----
+ME4CAQAwEAYHKoZIzj0CAQYFK4EEAAcENzA1AgEBBA4gzzblKfE6ZwoUW0FQmaEg
+Ax4ABJJ4L7Vo50NZ5VGZ4nNkxFNcjJQwDIQb1/9IkLE=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_secp112r2_PUB
+-----BEGIN PUBLIC KEY-----
+MDIwEAYHKoZIzj0CAQYFK4EEAAcDHgAEkngvtWjnQ1nlUZnic2TEU1yMlDAMhBvX
+/0iQsQ==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_secp112r2:ALICE_secp112r2_PUB
+
+
+PrivateKey=BOB_secp112r2
+-----BEGIN PRIVATE KEY-----
+ME4CAQAwEAYHKoZIzj0CAQYFK4EEAAcENzA1AgEBBA4D9oGGj+O8vjZz3OZNaqEg
+Ax4ABNZOv5gUzvVbgAHpTgu3hUhTQtB8LamTEIfaRWE=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_secp112r2_PUB
+-----BEGIN PUBLIC KEY-----
+MDIwEAYHKoZIzj0CAQYFK4EEAAcDHgAE1k6/mBTO9VuAAelOC7eFSFNC0HwtqZMQ
+h9pFYQ==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_secp112r2:BOB_secp112r2_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_secp112r2
+PeerKey=BOB_secp112r2_PUB
+SharedSecret=6bed2c55e233e9214d5898c4c12a
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_secp112r2
+PeerKey=ALICE_secp112r2_PUB
+SharedSecret=6bed2c55e233e9214d5898c4c12a
+
+# TEST CURVE secp128r1
+
+PrivateKey=ALICE_secp128r1
+-----BEGIN PRIVATE KEY-----
+MFQCAQAwEAYHKoZIzj0CAQYFK4EEABwEPTA7AgEBBBCP1c+lxfRT+MZWZ8uGCYYl
+oSQDIgAEH2n0icp87inv7kUYrEFjpZuHJ4DqArhHS+Zfp2XXO1A=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_secp128r1_PUB
+-----BEGIN PUBLIC KEY-----
+MDYwEAYHKoZIzj0CAQYFK4EEABwDIgAEH2n0icp87inv7kUYrEFjpZuHJ4DqArhH
+S+Zfp2XXO1A=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_secp128r1:ALICE_secp128r1_PUB
+
+
+PrivateKey=BOB_secp128r1
+-----BEGIN PRIVATE KEY-----
+MFQCAQAwEAYHKoZIzj0CAQYFK4EEABwEPTA7AgEBBBCGbEd3Hhwr76XbQekhIrDT
+oSQDIgAENKjS0HNx/gEKYQNNab9v8zlW/D4zSjv3Ny3Ep0GVYms=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_secp128r1_PUB
+-----BEGIN PUBLIC KEY-----
+MDYwEAYHKoZIzj0CAQYFK4EEABwDIgAENKjS0HNx/gEKYQNNab9v8zlW/D4zSjv3
+Ny3Ep0GVYms=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_secp128r1:BOB_secp128r1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_secp128r1
+PeerKey=BOB_secp128r1_PUB
+SharedSecret=91ded46ac404afdbd708fdcc1cac6842
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_secp128r1
+PeerKey=ALICE_secp128r1_PUB
+SharedSecret=91ded46ac404afdbd708fdcc1cac6842
+
+# TEST CURVE secp128r2
+
+PrivateKey=ALICE_secp128r2
+-----BEGIN PRIVATE KEY-----
+MFQCAQAwEAYHKoZIzj0CAQYFK4EEAB0EPTA7AgEBBBAgRKSjPsZ76LDGIA2it5SC
+oSQDIgAEBVdjcUpR+b6LRPm6R8fAD/6kBxV0Kl3939Wn0+nUpf8=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_secp128r2_PUB
+-----BEGIN PUBLIC KEY-----
+MDYwEAYHKoZIzj0CAQYFK4EEAB0DIgAEBVdjcUpR+b6LRPm6R8fAD/6kBxV0Kl39
+39Wn0+nUpf8=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_secp128r2:ALICE_secp128r2_PUB
+
+
+PrivateKey=BOB_secp128r2
+-----BEGIN PRIVATE KEY-----
+MFQCAQAwEAYHKoZIzj0CAQYFK4EEAB0EPTA7AgEBBBACp00jw5D7obvDmJp7wDuA
+oSQDIgAEBO3BbVrc5SvhvN+fmWShu2tWIFQap5ys5RHMCLLl098=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_secp128r2_PUB
+-----BEGIN PUBLIC KEY-----
+MDYwEAYHKoZIzj0CAQYFK4EEAB0DIgAEBO3BbVrc5SvhvN+fmWShu2tWIFQap5ys
+5RHMCLLl098=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_secp128r2:BOB_secp128r2_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_secp128r2
+PeerKey=BOB_secp128r2_PUB
+SharedSecret=dc32faa978008a694672076b756a1e4b
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_secp128r2
+PeerKey=ALICE_secp128r2_PUB
+SharedSecret=dc32faa978008a694672076b756a1e4b
+
+# TEST CURVE secp160k1
+
+PrivateKey=ALICE_secp160k1
+-----BEGIN PRIVATE KEY-----
+MGECAQAwEAYHKoZIzj0CAQYFK4EEAAkESjBIAgEBBBUAudN3YOXN0uu0CL2TGZdP
+YeNU/72hLAMqAAR3Du0dK28tSyWxYSz/Es2Wqr4C+bNfJ1uiK4J3BFS5Udc48nsx
+xfjj
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_secp160k1_PUB
+-----BEGIN PUBLIC KEY-----
+MD4wEAYHKoZIzj0CAQYFK4EEAAkDKgAEdw7tHStvLUslsWEs/xLNlqq+AvmzXydb
+oiuCdwRUuVHXOPJ7McX44w==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_secp160k1:ALICE_secp160k1_PUB
+
+
+PrivateKey=BOB_secp160k1
+-----BEGIN PRIVATE KEY-----
+MGECAQAwEAYHKoZIzj0CAQYFK4EEAAkESjBIAgEBBBUA5fNiCFVGPM1aHuwXUvuh
+xoY2yU+hLAMqAAQHlM6otmapt0/0sc+5bcPoYT6cfyARv4VUOOo6I2eBGXLIm812
+1ric
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_secp160k1_PUB
+-----BEGIN PUBLIC KEY-----
+MD4wEAYHKoZIzj0CAQYFK4EEAAkDKgAEB5TOqLZmqbdP9LHPuW3D6GE+nH8gEb+F
+VDjqOiNngRlyyJvNdta4nA==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_secp160k1:BOB_secp160k1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_secp160k1
+PeerKey=BOB_secp160k1_PUB
+SharedSecret=5457d367346cc3e82031784f95ebcd856de0c735
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_secp160k1
+PeerKey=ALICE_secp160k1_PUB
+SharedSecret=5457d367346cc3e82031784f95ebcd856de0c735
+
+# TEST CURVE secp160r1
+
+PrivateKey=ALICE_secp160r1
+-----BEGIN PRIVATE KEY-----
+MGECAQAwEAYHKoZIzj0CAQYFK4EEAAgESjBIAgEBBBUA0KDtaiFUWd8NG0lO9TLu
+zjLWXJehLAMqAASHQN1DGBXtdyF3+BjfIfbWg403dUqXbIXzZoctDyOPTQaGVblm
+SwXC
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_secp160r1_PUB
+-----BEGIN PUBLIC KEY-----
+MD4wEAYHKoZIzj0CAQYFK4EEAAgDKgAEh0DdQxgV7Xchd/gY3yH21oONN3VKl2yF
+82aHLQ8jj00GhlW5ZksFwg==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_secp160r1:ALICE_secp160r1_PUB
+
+
+PrivateKey=BOB_secp160r1
+-----BEGIN PRIVATE KEY-----
+MGECAQAwEAYHKoZIzj0CAQYFK4EEAAgESjBIAgEBBBUAsBIwvx6ZABinhsi+bGai
+CvetiuWhLAMqAAQJ2+RhpGedkUYXUiPZ/plHXFBy6R3XzMUGIKiXFGSBpwF8hGRN
+qUDy
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_secp160r1_PUB
+-----BEGIN PUBLIC KEY-----
+MD4wEAYHKoZIzj0CAQYFK4EEAAgDKgAECdvkYaRnnZFGF1Ij2f6ZR1xQcukd18zF
+BiColxRkgacBfIRkTalA8g==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_secp160r1:BOB_secp160r1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_secp160r1
+PeerKey=BOB_secp160r1_PUB
+SharedSecret=87856536b6a295ea94d3e483d69c6212d5c7afcf
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_secp160r1
+PeerKey=ALICE_secp160r1_PUB
+SharedSecret=87856536b6a295ea94d3e483d69c6212d5c7afcf
+
+# TEST CURVE secp160r2
+
+PrivateKey=ALICE_secp160r2
+-----BEGIN PRIVATE KEY-----
+MGECAQAwEAYHKoZIzj0CAQYFK4EEAB4ESjBIAgEBBBUAhmLOAJGNuSoZUCN4f0On
+LZ6rRSShLAMqAAQPSNvhJQohMEfijXq+Jlq7a9lzosQfPvuIyOg6shyzUVS43R+7
+Lgr5
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_secp160r2_PUB
+-----BEGIN PUBLIC KEY-----
+MD4wEAYHKoZIzj0CAQYFK4EEAB4DKgAED0jb4SUKITBH4o16viZau2vZc6LEHz77
+iMjoOrIcs1FUuN0fuy4K+Q==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_secp160r2:ALICE_secp160r2_PUB
+
+
+PrivateKey=BOB_secp160r2
+-----BEGIN PRIVATE KEY-----
+MGECAQAwEAYHKoZIzj0CAQYFK4EEAB4ESjBIAgEBBBUA10mjzR2Dy0CLmm/MTAHT
+b5CBenOhLAMqAARqzYAcSijzAo2vzmMuK8ta8sl/bguuCpRwFD93ACP64TzgI3re
+FhsX
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_secp160r2_PUB
+-----BEGIN PUBLIC KEY-----
+MD4wEAYHKoZIzj0CAQYFK4EEAB4DKgAEas2AHEoo8wKNr85jLivLWvLJf24LrgqU
+cBQ/dwAj+uE84CN63hYbFw==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_secp160r2:BOB_secp160r2_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_secp160r2
+PeerKey=BOB_secp160r2_PUB
+SharedSecret=5481e282c47cbd37c84873847c4fc2f31fc15a1a
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_secp160r2
+PeerKey=ALICE_secp160r2_PUB
+SharedSecret=5481e282c47cbd37c84873847c4fc2f31fc15a1a
+
+# TEST CURVE secp192k1
+
+PrivateKey=ALICE_secp192k1
+-----BEGIN PRIVATE KEY-----
+MGwCAQAwEAYHKoZIzj0CAQYFK4EEAB8EVTBTAgEBBBizF3KeHMsaV/KOR/otCmdL
+QT2qGNq3HhWhNAMyAATP+L9SGl3K6wmevkLwJnkMNHp0I5RfXulSfHuHZPp4CGrh
+i6eKNQLkpZ2OQaPIExA=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_secp192k1_PUB
+-----BEGIN PUBLIC KEY-----
+MEYwEAYHKoZIzj0CAQYFK4EEAB8DMgAEz/i/UhpdyusJnr5C8CZ5DDR6dCOUX17p
+Unx7h2T6eAhq4YunijUC5KWdjkGjyBMQ
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_secp192k1:ALICE_secp192k1_PUB
+
+
+PrivateKey=BOB_secp192k1
+-----BEGIN PRIVATE KEY-----
+MGwCAQAwEAYHKoZIzj0CAQYFK4EEAB8EVTBTAgEBBBh8BXPVGQKYCw0v7DY3wZVa
+cyhyUjIbUymhNAMyAATgI7hw2LSj6uN3yL5nvHOOkMiPtalKr+BGsFac39RYmp64
+mr+w66bDIWN3VllO6LY=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_secp192k1_PUB
+-----BEGIN PUBLIC KEY-----
+MEYwEAYHKoZIzj0CAQYFK4EEAB8DMgAE4CO4cNi0o+rjd8i+Z7xzjpDIj7WpSq/g
+RrBWnN/UWJqeuJq/sOumwyFjd1ZZTui2
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_secp192k1:BOB_secp192k1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_secp192k1
+PeerKey=BOB_secp192k1_PUB
+SharedSecret=6a4daca0412284172e8fcaafa0d9df76257d899752bf0f23
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_secp192k1
+PeerKey=ALICE_secp192k1_PUB
+SharedSecret=6a4daca0412284172e8fcaafa0d9df76257d899752bf0f23
+
+# TEST CURVE secp224k1
+
+PrivateKey=ALICE_secp224k1
+-----BEGIN PRIVATE KEY-----
+MHkCAQAwEAYHKoZIzj0CAQYFK4EEACAEYjBgAgEBBB0AhXKGJFqOI4P1PLFR3M6M
+kepT/2Dtd27I1Awzx6E8AzoABPVN/1b6VHbq7U6pWaOrUeqJ5vSgWL49u/uuD48D
+4FRf7oFdixN9VWIrxr0PRByeEYmlHw4MOEQK
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_secp224k1_PUB
+-----BEGIN PUBLIC KEY-----
+ME4wEAYHKoZIzj0CAQYFK4EEACADOgAE9U3/VvpUdurtTqlZo6tR6onm9KBYvj27
++64PjwPgVF/ugV2LE31VYivGvQ9EHJ4RiaUfDgw4RAo=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_secp224k1:ALICE_secp224k1_PUB
+
+
+PrivateKey=BOB_secp224k1
+-----BEGIN PRIVATE KEY-----
+MHkCAQAwEAYHKoZIzj0CAQYFK4EEACAEYjBgAgEBBB0AOjEXYoz8YcWokSf4U5gX
+HbjDfILPdPejlE0T/KE8AzoABGXAQ+AntX7On4cKwP+f4KzZGaJZwjBq3jCjymsr
+9A3c8VCoRXXBg+VPoKg7fDkMIgI8qPmrC95Q
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_secp224k1_PUB
+-----BEGIN PUBLIC KEY-----
+ME4wEAYHKoZIzj0CAQYFK4EEACADOgAEZcBD4Ce1fs6fhwrA/5/grNkZolnCMGre
+MKPKayv0DdzxUKhFdcGD5U+gqDt8OQwiAjyo+asL3lA=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_secp224k1:BOB_secp224k1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_secp224k1
+PeerKey=BOB_secp224k1_PUB
+SharedSecret=80b65e65fe29c779213dd31189d371ff57b0b2bf08c6458ed142399a
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_secp224k1
+PeerKey=ALICE_secp224k1_PUB
+SharedSecret=80b65e65fe29c779213dd31189d371ff57b0b2bf08c6458ed142399a
+
+# TEST CURVE secp224r1
+
+PrivateKey=ALICE_secp224r1
+-----BEGIN PRIVATE KEY-----
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBxLKkXFJXYqGUlTsmgjlesi
+kwqejrekrkSTbehyoTwDOgAEUcEh0Ggy/rD+Nj9JQozzI+qzPtiU7b2D2HtdCa4h
+fbVPXngcRH2B2xN8W+dcHoIxrxO2UFXy4xo=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_secp224r1_PUB
+-----BEGIN PUBLIC KEY-----
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEUcEh0Ggy/rD+Nj9JQozzI+qzPtiU7b2D
+2HtdCa4hfbVPXngcRH2B2xN8W+dcHoIxrxO2UFXy4xo=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_secp224r1:ALICE_secp224r1_PUB
+
+
+PrivateKey=BOB_secp224r1
+-----BEGIN PRIVATE KEY-----
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBzOHGGUR3fZYg3GSaUN6pxo
+NQtAlOzM3UclEhMzoTwDOgAEdwFklK/YoDRU6bM7X2ulNLwqx9TUETMFUM6VV9DB
+4YcvAzv6pQgVwYEU7IahmSKpX19chbPt2I0=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_secp224r1_PUB
+-----BEGIN PUBLIC KEY-----
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEdwFklK/YoDRU6bM7X2ulNLwqx9TUETMF
+UM6VV9DB4YcvAzv6pQgVwYEU7IahmSKpX19chbPt2I0=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_secp224r1:BOB_secp224r1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_secp224r1
+PeerKey=BOB_secp224r1_PUB
+SharedSecret=34ea06d16d82f0d1725de47f3639ac0c23db7d7ed68f01488539a2a5
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_secp224r1
+PeerKey=ALICE_secp224r1_PUB
+SharedSecret=34ea06d16d82f0d1725de47f3639ac0c23db7d7ed68f01488539a2a5
+
+# TEST CURVE secp256k1
+
+PrivateKey=ALICE_secp256k1
+-----BEGIN PRIVATE KEY-----
+MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgHCRzy0IcEx6CeA6ogNNK
+SOfuTlHy4fE/LNxkANUS4k+hRANCAASDBmwKklX4OcbZSJJX9mxm1Wr7TPTLpbyp
+xKcKRm0XKNxVlrZU8WQCl66GtX2DDyX+0+XiC3hbaRWcYtg7P6WO
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_secp256k1_PUB
+-----BEGIN PUBLIC KEY-----
+MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEgwZsCpJV+DnG2UiSV/ZsZtVq+0z0y6W8
+qcSnCkZtFyjcVZa2VPFkApeuhrV9gw8l/tPl4gt4W2kVnGLYOz+ljg==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_secp256k1:ALICE_secp256k1_PUB
+
+
+PrivateKey=BOB_secp256k1
+-----BEGIN PRIVATE KEY-----
+MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgChCkFvWtOcrXLmXVGqkR
+0gdntyytjGzEKue5t+IL2lihRANCAAQFQoIckey+Vyh3QwJWUUfKXNbbjWe94yZE
+AWGvI2BfqtWqigZF5VSb5aIXtTPRmwiN0cp30cd77YE5Z+e5bJHU
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_secp256k1_PUB
+-----BEGIN PUBLIC KEY-----
+MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEBUKCHJHsvlcod0MCVlFHylzW241nveMm
+RAFhryNgX6rVqooGReVUm+WiF7Uz0ZsIjdHKd9HHe+2BOWfnuWyR1A==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_secp256k1:BOB_secp256k1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_secp256k1
+PeerKey=BOB_secp256k1_PUB
+SharedSecret=af43b52790082fd87afb1d14b883c12d12bb9e554080d1f8e527920676e31f3e
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_secp256k1
+PeerKey=ALICE_secp256k1_PUB
+SharedSecret=af43b52790082fd87afb1d14b883c12d12bb9e554080d1f8e527920676e31f3e
+
+# TEST CURVE secp384r1
+
+PrivateKey=ALICE_secp384r1
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCxE7Q4m1dsK7M3Otxo
+cgY/ejX9JOKKdAtSnRiU4bnK3eFmALkMN7XIveQnWLB1PEKhZANiAAQaUsvUFr/u
+ISpAmYqYZIme4VassCtb0tNGU97s3qt4ozcogZ4z+fIzXZ4YXqfGoEa57+uQDgqr
++jNOTji7Gxopt6AqZ9EvwuVaCuunUi0pcx6cc8IuUfrwMwSFovV/7sM=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_secp384r1_PUB
+-----BEGIN PUBLIC KEY-----
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEGlLL1Ba/7iEqQJmKmGSJnuFWrLArW9LT
+RlPe7N6reKM3KIGeM/nyM12eGF6nxqBGue/rkA4Kq/ozTk44uxsaKbegKmfRL8Ll
+Wgrrp1ItKXMenHPCLlH68DMEhaL1f+7D
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_secp384r1:ALICE_secp384r1_PUB
+
+
+PrivateKey=BOB_secp384r1
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBRiGXRsb5sUq0b3/dg
+Z+pA9kbrSivBMCUCXVwxno1d/30hI/Yy0Z5PWwbBgwTFprWhZANiAASp1FeUOBJF
+mzQCNbGiOz8He0kF+KIf24UGYVO5MC7u5rV9hpoYsbcgmwxALskPN18os2ygK1Pn
+f/h+WALIsG2RknSTbiyvBYkoIhJV9cflvEDpMeaWSLF7qJ5YjEIf9PM=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_secp384r1_PUB
+-----BEGIN PUBLIC KEY-----
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEqdRXlDgSRZs0AjWxojs/B3tJBfiiH9uF
+BmFTuTAu7ua1fYaaGLG3IJsMQC7JDzdfKLNsoCtT53/4flgCyLBtkZJ0k24srwWJ
+KCISVfXH5bxA6THmlkixe6ieWIxCH/Tz
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_secp384r1:BOB_secp384r1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_secp384r1
+PeerKey=BOB_secp384r1_PUB
+SharedSecret=2006ed49acbb991b8fbf8a15c3f263542496eaefe1e2952591b72fb929463eac7a403a5419cebbfb73734918eaed59fd
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_secp384r1
+PeerKey=ALICE_secp384r1_PUB
+SharedSecret=2006ed49acbb991b8fbf8a15c3f263542496eaefe1e2952591b72fb929463eac7a403a5419cebbfb73734918eaed59fd
+
+# TEST CURVE secp521r1
+
+PrivateKey=ALICE_secp521r1
+-----BEGIN PRIVATE KEY-----
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAFBIz3FLAuX8VCWzM
+wu1f/tm8pf1QqnsdLqaIWCQAJa2W5ldpJTYfkj1gGxM44AD3qHnkXISvNLwwuxI1
+hr2+pOGhgYkDgYYABACWlOOFYk/p3AS2LxEQWBuMm6uIjo3XArjh1QrsLcUc5hhi
+82CIz6kKwKjCnYRDHq4iv1x63rVEzGGhQOM1g+cRVwHSpfbBpaxK7bMLkVFOOavv
+OdcdyRHaHsvxw2pREmdS/GwtfgT8odQrG06KMIwVeL+H08fGJSbPX0Zock0DOPCp
+aw==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_secp521r1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAlpTjhWJP6dwEti8REFgbjJuriI6N
+1wK44dUK7C3FHOYYYvNgiM+pCsCowp2EQx6uIr9cet61RMxhoUDjNYPnEVcB0qX2
+waWsSu2zC5FRTjmr7znXHckR2h7L8cNqURJnUvxsLX4E/KHUKxtOijCMFXi/h9PH
+xiUmz19GaHJNAzjwqWs=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_secp521r1:ALICE_secp521r1_PUB
+
+
+PrivateKey=BOB_secp521r1
+-----BEGIN PRIVATE KEY-----
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIA9C/sMWveRlHPr9P5
+cc3U+1L2/zB0VtHewKSQRWZ67SmS4+m7uXTqUVSLRHiQEgQid0cg77gSxXPlmV+z
+y0f3zd+hgYkDgYYABAE18N3SwDGtea3IOqUdh3j0JtnMeP41i/agEBlxK8/iEBXc
+Q61mkIrQIKcabRhoylEugXHiyNnqNQOD4DUa0bTKzAHtJ4UqqbEVno6byRmcUQwb
+mvG89eS8GLEmk5X/O2atHU4yIGTuTRQWn/BTJUCS+OgJz4FZdadscc5Z640EZqSD
+iw==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_secp521r1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBNfDd0sAxrXmtyDqlHYd49CbZzHj+
+NYv2oBAZcSvP4hAV3EOtZpCK0CCnGm0YaMpRLoFx4sjZ6jUDg+A1GtG0yswB7SeF
+KqmxFZ6Om8kZnFEMG5rxvPXkvBixJpOV/ztmrR1OMiBk7k0UFp/wUyVAkvjoCc+B
+WXWnbHHOWeuNBGakg4s=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_secp521r1:BOB_secp521r1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_secp521r1
+PeerKey=BOB_secp521r1_PUB
+SharedSecret=018c8f33e544a0fa8854dcd96bdba75b7687d1c42b2ff1bf0a06d49c424fee96d8a7f3af3119dcbfabc1c147477c50f7c72971956f9bb17ddec6d02b2187f06cf4be
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_secp521r1
+PeerKey=ALICE_secp521r1_PUB
+SharedSecret=018c8f33e544a0fa8854dcd96bdba75b7687d1c42b2ff1bf0a06d49c424fee96d8a7f3af3119dcbfabc1c147477c50f7c72971956f9bb17ddec6d02b2187f06cf4be
+
+# TEST CURVE prime192v1
+
+PrivateKey=ALICE_prime192v1
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjxfXvSFNqD2UzFVN1L
+bQrPlzop7dxQq/ehNAMyAATibpGuYzCjkT1tWLYEogpKz74WqhvbQtZPkCYQCin1
+cmZuNW+BZ0jyVEpGlpnZPMg=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_prime192v1_PUB
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE4m6RrmMwo5E9bVi2BKIKSs++Fqob
+20LWT5AmEAop9XJmbjVvgWdI8lRKRpaZ2TzI
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_prime192v1:ALICE_prime192v1_PUB
+
+
+PrivateKey=BOB_prime192v1
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhewaqXNZlYyqnmuEEE
+Y/oUXe3/jpzhmyGhNAMyAASkpwNJEP/1FuuWKCDDUm26iyqrs+zKwayZnaF77YC6
+qCtgia7yNcSl9tlWHh3gQgw=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_prime192v1_PUB
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEpKcDSRD/9Rbrliggw1Jtuosqq7Ps
+ysGsmZ2he+2AuqgrYImu8jXEpfbZVh4d4EIM
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_prime192v1:BOB_prime192v1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_prime192v1
+PeerKey=BOB_prime192v1_PUB
+SharedSecret=be2a779b587f8f5d7c9d8f006e0a6d0e996c9c63c255f861
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_prime192v1
+PeerKey=ALICE_prime192v1_PUB
+SharedSecret=be2a779b587f8f5d7c9d8f006e0a6d0e996c9c63c255f861
+
+# TEST CURVE prime192v2
+
+PrivateKey=ALICE_prime192v2
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQIEVTBTAgEBBBgtIuKqpRc7rEYuGx1a
+dDxcvso0NAZw+fWhNAMyAATMSHwJPq761VawpRbKLB3uuDSng4WeFPjhvubL6g8V
+8UqFaKRED5PUIQ0lYStVCao=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_prime192v2_PUB
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQIDMgAEzEh8CT6u+tVWsKUWyiwd7rg0p4OF
+nhT44b7my+oPFfFKhWikRA+T1CENJWErVQmq
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_prime192v2:ALICE_prime192v2_PUB
+
+
+PrivateKey=BOB_prime192v2
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQIEVTBTAgEBBBggTjqWC1/iHrvKR9/u
+1gxpL2tWJkkAMYuhNAMyAASa4nG+wLPTHxfkqiTII5PBLAKXmXUf5dMtpmApcjrj
+XjnwJIJEQr80MK9+g1raqN8=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_prime192v2_PUB
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQIDMgAEmuJxvsCz0x8X5KokyCOTwSwCl5l1
+H+XTLaZgKXI641458CSCREK/NDCvfoNa2qjf
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_prime192v2:BOB_prime192v2_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_prime192v2
+PeerKey=BOB_prime192v2_PUB
+SharedSecret=9b37033a48af7fe1825c062625f8b57d4b3ac48c12bec69c
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_prime192v2
+PeerKey=ALICE_prime192v2_PUB
+SharedSecret=9b37033a48af7fe1825c062625f8b57d4b3ac48c12bec69c
+
+# TEST CURVE prime192v3
+
+PrivateKey=ALICE_prime192v3
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQMEVTBTAgEBBBg0iDdcgise1/v2k6js
+UkgKwXPqx/uJJTehNAMyAAQ6/i0pSNHk824XO6Mv0irQfSv2yzGQy+DwWo/klZco
+kPDcXKEdU8ZmnAABH7j6UV8=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_prime192v3_PUB
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQMDMgAEOv4tKUjR5PNuFzujL9Iq0H0r9ssx
+kMvg8FqP5JWXKJDw3FyhHVPGZpwAAR+4+lFf
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_prime192v3:ALICE_prime192v3_PUB
+
+
+PrivateKey=BOB_prime192v3
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQMEVTBTAgEBBBieW1huqwVU3ev7qgpT
+LFjYEMRPONOAcaKhNAMyAASXaTjBIQX686BZJAidX+hFuvDyxbN1vBQvp40OVl0L
+CG4hoZ+5McLtPATL+osKvX8=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_prime192v3_PUB
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQMDMgAEl2k4wSEF+vOgWSQInV/oRbrw8sWz
+dbwUL6eNDlZdCwhuIaGfuTHC7TwEy/qLCr1/
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_prime192v3:BOB_prime192v3_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_prime192v3
+PeerKey=BOB_prime192v3_PUB
+SharedSecret=7133f1d99b0e03ed9c4d78d3be40598cf419cd588283ac29
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_prime192v3
+PeerKey=ALICE_prime192v3_PUB
+SharedSecret=7133f1d99b0e03ed9c4d78d3be40598cf419cd588283ac29
+
+# TEST CURVE prime239v1
+
+PrivateKey=ALICE_prime239v1
+-----BEGIN PRIVATE KEY-----
+MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEEBGcwZQIBAQQeRmiZXaqr3u11hiGK
+1cH75U/rKc1+8YMqxcXhACRkoUADPgAEfIJpVggCXUROHgX4h5h66/0Pgr/aMtMq
+ExHQP7zxWYzf3cYAP4V/t9OCT582WjMLnCmdlFnYUPD50dyU
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_prime239v1_PUB
+-----BEGIN PUBLIC KEY-----
+MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQQDPgAEfIJpVggCXUROHgX4h5h66/0Pgr/a
+MtMqExHQP7zxWYzf3cYAP4V/t9OCT582WjMLnCmdlFnYUPD50dyU
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_prime239v1:ALICE_prime239v1_PUB
+
+
+PrivateKey=BOB_prime239v1
+-----BEGIN PRIVATE KEY-----
+MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEEBGcwZQIBAQQeAbGRRoBgqHVUBFot
+5m9Ytm8RU+ISkA33VgQrHGM/oUADPgAEdRgPsL/Mi3ucJcYibvFJQxDDyLqgUH3i
+Mk266RAHFqoioiGT72TOidBhi+VrUn6NOIyna8foww2M45vR
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_prime239v1_PUB
+-----BEGIN PUBLIC KEY-----
+MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQQDPgAEdRgPsL/Mi3ucJcYibvFJQxDDyLqg
+UH3iMk266RAHFqoioiGT72TOidBhi+VrUn6NOIyna8foww2M45vR
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_prime239v1:BOB_prime239v1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_prime239v1
+PeerKey=BOB_prime239v1_PUB
+SharedSecret=2ef92070f7a5fa14c8a67a8aa3080b4c4a597eafaa81d3f698599ac0be1e
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_prime239v1
+PeerKey=ALICE_prime239v1_PUB
+SharedSecret=2ef92070f7a5fa14c8a67a8aa3080b4c4a597eafaa81d3f698599ac0be1e
+
+# TEST CURVE prime239v2
+
+PrivateKey=ALICE_prime239v2
+-----BEGIN PRIVATE KEY-----
+MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEFBGcwZQIBAQQeemq6S5puHF94ZW/W
+6BMRim+HFFM0zxVZQpWG+bf2oUADPgAELukUodCQsmwzGVR3lLEGKQ6quGd6kDXN
+DjjcMrDabBtWKDuuUrgjBGsI7NRbCQ0a5NWTo+EnWe0LXbYN
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_prime239v2_PUB
+-----BEGIN PUBLIC KEY-----
+MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQUDPgAELukUodCQsmwzGVR3lLEGKQ6quGd6
+kDXNDjjcMrDabBtWKDuuUrgjBGsI7NRbCQ0a5NWTo+EnWe0LXbYN
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_prime239v2:ALICE_prime239v2_PUB
+
+
+PrivateKey=BOB_prime239v2
+-----BEGIN PRIVATE KEY-----
+MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEFBGcwZQIBAQQeAEaCw7ulF8GZcmbj
+aDmcrw8Gex+hX0rNvwzoC7+6oUADPgAEKh0EmYUpj6XbuEGxMBaPmECT8L++ihUW
+ms4xau0RUYij4HgS1gjSMDfyvvCBUy10RIkw+goxVdUhfW2u
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_prime239v2_PUB
+-----BEGIN PUBLIC KEY-----
+MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQUDPgAEKh0EmYUpj6XbuEGxMBaPmECT8L++
+ihUWms4xau0RUYij4HgS1gjSMDfyvvCBUy10RIkw+goxVdUhfW2u
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_prime239v2:BOB_prime239v2_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_prime239v2
+PeerKey=BOB_prime239v2_PUB
+SharedSecret=5bdab282dc371ee88ade318a6aad2b329ec3ea957e0df18b7a691c1bf703
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_prime239v2
+PeerKey=ALICE_prime239v2_PUB
+SharedSecret=5bdab282dc371ee88ade318a6aad2b329ec3ea957e0df18b7a691c1bf703
+
+# TEST CURVE prime239v3
+
+PrivateKey=ALICE_prime239v3
+-----BEGIN PRIVATE KEY-----
+MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEGBGcwZQIBAQQeGlwSPAYfmiP9r2nA
+SD52VqKyZpEnU+Jmynlf2DI7oUADPgAEFlIB4Yl+5J2u4JLYv8z+itwf+XnOL/BD
+qNK3uRoYPKHYdYWJkgXxkQ1QDZwNppAQRcxSgTKnJ6V8crbp
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_prime239v3_PUB
+-----BEGIN PUBLIC KEY-----
+MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQYDPgAEFlIB4Yl+5J2u4JLYv8z+itwf+XnO
+L/BDqNK3uRoYPKHYdYWJkgXxkQ1QDZwNppAQRcxSgTKnJ6V8crbp
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_prime239v3:ALICE_prime239v3_PUB
+
+
+PrivateKey=BOB_prime239v3
+-----BEGIN PRIVATE KEY-----
+MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEGBGcwZQIBAQQeU1KIfJBGvItr8//g
+kW1zoPkveo9lvXBlnUV5/5rDoUADPgAEepc03AEEgOnI+ivpjGV4ypvn8sRQaVAb
+3QAeIEYDQLUBFOdb3kF2MvlnLKV3OCdB3GQgNfZtEHbdn0bq
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_prime239v3_PUB
+-----BEGIN PUBLIC KEY-----
+MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQYDPgAEepc03AEEgOnI+ivpjGV4ypvn8sRQ
+aVAb3QAeIEYDQLUBFOdb3kF2MvlnLKV3OCdB3GQgNfZtEHbdn0bq
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_prime239v3:BOB_prime239v3_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_prime239v3
+PeerKey=BOB_prime239v3_PUB
+SharedSecret=78e80ae760061178bd005e9e3634333971468bc6d3f82baee238c5ed32f9
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_prime239v3
+PeerKey=ALICE_prime239v3_PUB
+SharedSecret=78e80ae760061178bd005e9e3634333971468bc6d3f82baee238c5ed32f9
+
+# TEST CURVE prime256v1
+
+PrivateKey=ALICE_prime256v1
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQglUPDk8gQ8lMj38V7
+0jPBZDfQUx5pNOVSKOMTqlh04POhRANCAARq87w+K0q9b1mzJGh309kjNvYTS02m
+YkHKxAewiZwmt/5w+5uywz/+0130SdAWbXtECjaHUK94YEHzp0G/PCl5
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_prime256v1_PUB
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEavO8PitKvW9ZsyRod9PZIzb2E0tN
+pmJBysQHsImcJrf+cPubssM//tNd9EnQFm17RAo2h1CveGBB86dBvzwpeQ==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_prime256v1:ALICE_prime256v1_PUB
+
+
+PrivateKey=BOB_prime256v1
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgNsLfn/sRZfm9ZcM7
+xURiUHT7+w8Jgk9SbwTVDjpLYYmhRANCAASRmyKNgUbADGxkIOAVh9T7IXv2ZDT6
+I5YMW6wOs27VMOAD0AiNLrv7sW1TdqxkUtF17/GFpLvFOuZcbdX4p3i/
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_prime256v1_PUB
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEkZsijYFGwAxsZCDgFYfU+yF79mQ0
++iOWDFusDrNu1TDgA9AIjS67+7FtU3asZFLRde/xhaS7xTrmXG3V+Kd4vw==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_prime256v1:BOB_prime256v1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_prime256v1
+PeerKey=BOB_prime256v1_PUB
+SharedSecret=390021fbca00d959c1adaf7e9cedef0e65a582489eab9adbe739ef66bf82adb4
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_prime256v1
+PeerKey=ALICE_prime256v1_PUB
+SharedSecret=390021fbca00d959c1adaf7e9cedef0e65a582489eab9adbe739ef66bf82adb4
+
+# TEST CURVE sect113r1
+
+PrivateKey=ALICE_sect113r1
+-----BEGIN PRIVATE KEY-----
+MFECAQAwEAYHKoZIzj0CAQYFK4EEAAQEOjA4AgEBBA8AcrP9u8BlWb4knkGVZmSh
+IgMgAAQBviTf62+1V4etJb2D9LkBadAFmdmRS+rVI3spTYs=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect113r1_PUB
+-----BEGIN PUBLIC KEY-----
+MDQwEAYHKoZIzj0CAQYFK4EEAAQDIAAEAb4k3+tvtVeHrSW9g/S5AWnQBZnZkUvq
+1SN7KU2L
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect113r1:ALICE_sect113r1_PUB
+
+
+PrivateKey=BOB_sect113r1
+-----BEGIN PRIVATE KEY-----
+MFECAQAwEAYHKoZIzj0CAQYFK4EEAAQEOjA4AgEBBA8AmhEq3A9KdbKQUz1F/Myh
+IgMgAAQAuSRBNxXjIjezwrGF8VkBxWR69g0UJaBIIArpdNo=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect113r1_PUB
+-----BEGIN PUBLIC KEY-----
+MDQwEAYHKoZIzj0CAQYFK4EEAAQDIAAEALkkQTcV4yI3s8KxhfFZAcVkevYNFCWg
+SCAK6XTa
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect113r1:BOB_sect113r1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect113r1
+PeerKey=BOB_sect113r1_PUB
+SharedSecret=015405437add26b8841c62a9016c85
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect113r1
+PeerKey=ALICE_sect113r1_PUB
+SharedSecret=015405437add26b8841c62a9016c85
+
+# TEST CURVE sect113r2
+
+PrivateKey=ALICE_sect113r2
+-----BEGIN PRIVATE KEY-----
+MFECAQAwEAYHKoZIzj0CAQYFK4EEAAUEOjA4AgEBBA8ABqFZ6Z7BKKjvrzXh99Wh
+IgMgAAQBTQTHA9uSxcZ8kvsSVUUBcLQ4m45U10VwVCQ+oGQ=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect113r2_PUB
+-----BEGIN PUBLIC KEY-----
+MDQwEAYHKoZIzj0CAQYFK4EEAAUDIAAEAU0ExwPbksXGfJL7ElVFAXC0OJuOVNdF
+cFQkPqBk
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect113r2:ALICE_sect113r2_PUB
+
+
+PrivateKey=BOB_sect113r2
+-----BEGIN PRIVATE KEY-----
+MFECAQAwEAYHKoZIzj0CAQYFK4EEAAUEOjA4AgEBBA8ABPHhZ0kCp0TocQJIuiuh
+IgMgAAQBSi7u+Ur776iGyg0Ij6UAN70IzPVZxGK5zPxp6wo=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect113r2_PUB
+-----BEGIN PUBLIC KEY-----
+MDQwEAYHKoZIzj0CAQYFK4EEAAUDIAAEAUou7vlK+++ohsoNCI+lADe9CMz1WcRi
+ucz8aesK
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect113r2:BOB_sect113r2_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect113r2
+PeerKey=BOB_sect113r2_PUB
+SharedSecret=014231c5e9e28d451aa44a755407e1
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect113r2
+PeerKey=ALICE_sect113r2_PUB
+SharedSecret=014231c5e9e28d451aa44a755407e1
+
+# TEST CURVE sect131r1
+
+PrivateKey=ALICE_sect131r1
+-----BEGIN PRIVATE KEY-----
+MFcCAQAwEAYHKoZIzj0CAQYFK4EEABYEQDA+AgEBBBEAUCFDwJLLThLHiDlw/Qcn
+8aEmAyQABAAU+ywF9iPv6LDldKOLhLgXBRI7EpZnbXPXhUmkQWPhHAQ=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect131r1_PUB
+-----BEGIN PUBLIC KEY-----
+MDgwEAYHKoZIzj0CAQYFK4EEABYDJAAEABT7LAX2I+/osOV0o4uEuBcFEjsSlmdt
+c9eFSaRBY+EcBA==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect131r1:ALICE_sect131r1_PUB
+
+
+PrivateKey=BOB_sect131r1
+-----BEGIN PRIVATE KEY-----
+MFcCAQAwEAYHKoZIzj0CAQYFK4EEABYEQDA+AgEBBBEDxxMzxjxJmYfSZvWJKq+V
+vKEmAyQABAFHQ2a+h+Yn5N4Lt0IoJcVVBrf9xkZNS0xxblh+0wndq9s=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect131r1_PUB
+-----BEGIN PUBLIC KEY-----
+MDgwEAYHKoZIzj0CAQYFK4EEABYDJAAEAUdDZr6H5ifk3gu3QiglxVUGt/3GRk1L
+THFuWH7TCd2r2w==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect131r1:BOB_sect131r1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect131r1
+PeerKey=BOB_sect131r1_PUB
+SharedSecret=009e4acc8c1ba3a129a9ad83a733d7d702
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect131r1
+PeerKey=ALICE_sect131r1_PUB
+SharedSecret=009e4acc8c1ba3a129a9ad83a733d7d702
+
+# TEST CURVE sect131r2
+
+PrivateKey=ALICE_sect131r2
+-----BEGIN PRIVATE KEY-----
+MFcCAQAwEAYHKoZIzj0CAQYFK4EEABcEQDA+AgEBBBEDHPPtQCKJB8g01rMkT8Sk
+9aEmAyQABAcWl2Z/1kIc4mWCbRH4+c/2B47RC31JyifKvkxkHt05x3g=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect131r2_PUB
+-----BEGIN PUBLIC KEY-----
+MDgwEAYHKoZIzj0CAQYFK4EEABcDJAAEBxaXZn/WQhziZYJtEfj5z/YHjtELfUnK
+J8q+TGQe3TnHeA==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect131r2:ALICE_sect131r2_PUB
+
+
+PrivateKey=BOB_sect131r2
+-----BEGIN PRIVATE KEY-----
+MFcCAQAwEAYHKoZIzj0CAQYFK4EEABcEQDA+AgEBBBEDR9ez/YtS29S7/R5+rUiX
+VKEmAyQABALZHNBITDoigpOwTzczlaN9AsRk5JzMUJXYkvBEqj+YILQ=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect131r2_PUB
+-----BEGIN PUBLIC KEY-----
+MDgwEAYHKoZIzj0CAQYFK4EEABcDJAAEAtkc0EhMOiKCk7BPNzOVo30CxGTknMxQ
+ldiS8ESqP5ggtA==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect131r2:BOB_sect131r2_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect131r2
+PeerKey=BOB_sect131r2_PUB
+SharedSecret=03cbec3a3050c7f13d4801ad692d61c417
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect131r2
+PeerKey=ALICE_sect131r2_PUB
+SharedSecret=03cbec3a3050c7f13d4801ad692d61c417
+
+# TEST CURVE sect163k1
+
+PrivateKey=ALICE_sect163k1
+-----BEGIN PRIVATE KEY-----
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBxkeGOXE86PAijpk8trN/
+f3kl4UmhLgMsAAQD1hrDCJ2MSFKZ6Q11cTllX/l5HY0Hg5XZCxMFC84AaczwPtNJ
+YNCxfCk=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect163k1_PUB
+-----BEGIN PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA9YawwidjEhSmekNdXE5ZV/5eR2NB4OV
+2QsTBQvOAGnM8D7TSWDQsXwp
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect163k1:ALICE_sect163k1_PUB
+
+
+PrivateKey=BOB_sect163k1
+-----BEGIN PRIVATE KEY-----
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUCUJ5kItSfXidHXsgokcS7
+nzPFbOShLgMsAAQGrYNJ1qgdb3A9ISOmTujfS+WYFKwBXXrJEluAkeNh3jXnDq8X
++XBB0k8=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect163k1_PUB
+-----BEGIN PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBq2DSdaoHW9wPSEjpk7o30vlmBSsAV16
+yRJbgJHjYd415w6vF/lwQdJP
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect163k1:BOB_sect163k1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect163k1
+PeerKey=BOB_sect163k1_PUB
+SharedSecret=07bfdf00759b383aa7741ae4634400f8ddf2047092
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect163k1
+PeerKey=ALICE_sect163k1_PUB
+SharedSecret=07bfdf00759b383aa7741ae4634400f8ddf2047092
+
+# TEST CURVE sect163r1
+
+PrivateKey=ALICE_sect163r1
+-----BEGIN PRIVATE KEY-----
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAIETDBKAgEBBBUBl9zmlPmFF5v9h1IIENAx
+1b8tj0+hLgMsAAQE3j8Jn58CCtEDwvOZ5DwgYGBYvIECz1zN8UwPfTFSdXjTWQcr
+9gWxNMA=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect163r1_PUB
+-----BEGIN PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFK4EEAAIDLAAEBN4/CZ+fAgrRA8LzmeQ8IGBgWLyBAs9c
+zfFMD30xUnV401kHK/YFsTTA
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect163r1:ALICE_sect163r1_PUB
+
+
+PrivateKey=BOB_sect163r1
+-----BEGIN PRIVATE KEY-----
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAIETDBKAgEBBBUA/nzN5yCavvZlXyDGEihW
+rwG360+hLgMsAAQDt6XZHfzXABSTnGhzfoPtfdLZgaoGhBdeWz+318vNmC6AMJP+
+PntHzsA=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect163r1_PUB
+-----BEGIN PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFK4EEAAIDLAAEA7el2R381wAUk5xoc36D7X3S2YGqBoQX
+Xls/t9fLzZgugDCT/j57R87A
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect163r1:BOB_sect163r1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect163r1
+PeerKey=BOB_sect163r1_PUB
+SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect163r1
+PeerKey=ALICE_sect163r1_PUB
+SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4
+
+# TEST CURVE sect163r2
+
+PrivateKey=ALICE_sect163r2
+-----BEGIN PRIVATE KEY-----
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDjH2G7BkPTBM4VtljaQr8
+sXVLNOqhLgMsAAQHHqWxJWR2KrHCPp/PSjZIdK88ET0A323/UOTxhYHwsLpR7rp3
+ahq1lQ8=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect163r2_PUB
+-----BEGIN PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBx6lsSVkdiqxwj6fz0o2SHSvPBE9AN9t
+/1Dk8YWB8LC6Ue66d2oatZUP
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect163r2:ALICE_sect163r2_PUB
+
+
+PrivateKey=BOB_sect163r2
+-----BEGIN PRIVATE KEY-----
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBXOM9Tm6sKXUlRLlW0HgC
+NTDxW2ihLgMsAAQGxa8xRcC+TIcDgGtehDVEV1PoBokBwtILj16NPYC0aBZI8/nF
+F4jhgmc=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect163r2_PUB
+-----BEGIN PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBsWvMUXAvkyHA4BrXoQ1RFdT6AaJAcLS
+C49ejT2AtGgWSPP5xReI4YJn
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect163r2:BOB_sect163r2_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect163r2
+PeerKey=BOB_sect163r2_PUB
+SharedSecret=040df54e6df412790ef5c0fafbbfcba5136b872951
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect163r2
+PeerKey=ALICE_sect163r2_PUB
+SharedSecret=040df54e6df412790ef5c0fafbbfcba5136b872951
+
+# TEST CURVE sect193r1
+
+PrivateKey=ALICE_sect193r1
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEAYHKoZIzj0CAQYFK4EEABgEWDBWAgEBBBkAEQlofBlvj8zDK5o4CCfA
+aOQOmlAyTimBoTYDNAAEAKBcyRBxQDZTvpPM39ZVXYQS5aJwZfUnNwBn5T26m15R
+M4MLnYGdklcAM8oMOML999w=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect193r1_PUB
+-----BEGIN PUBLIC KEY-----
+MEgwEAYHKoZIzj0CAQYFK4EEABgDNAAEAKBcyRBxQDZTvpPM39ZVXYQS5aJwZfUn
+NwBn5T26m15RM4MLnYGdklcAM8oMOML999w=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect193r1:ALICE_sect193r1_PUB
+
+
+PrivateKey=BOB_sect193r1
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEAYHKoZIzj0CAQYFK4EEABgEWDBWAgEBBBkAnxvYLKZaw4Rj24WTRBfg
+iar5vp3R3pCJoTYDNAAEAXw0PWt3PtZT5v9aH0o6WnFtFGOBNEUpYQE/jBjzUHIC
+qMNZTHy9gT2R9yc0GBZ/Dic=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect193r1_PUB
+-----BEGIN PUBLIC KEY-----
+MEgwEAYHKoZIzj0CAQYFK4EEABgDNAAEAXw0PWt3PtZT5v9aH0o6WnFtFGOBNEUp
+YQE/jBjzUHICqMNZTHy9gT2R9yc0GBZ/Dic=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect193r1:BOB_sect193r1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect193r1
+PeerKey=BOB_sect193r1_PUB
+SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect193r1
+PeerKey=ALICE_sect193r1_PUB
+SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47
+
+# TEST CURVE sect193r2
+
+PrivateKey=ALICE_sect193r2
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEAYHKoZIzj0CAQYFK4EEABkEWDBWAgEBBBkAj54XQW+b3bnX9duvqaa+
+lPTNcvOlxRAvoTYDNAAEAHhW6xjH4TNPs/e12tsZcsGD+a92kAWkwQFc4m1ISx4o
+mtNyCVI7FXV5zNnaGWVACT4=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect193r2_PUB
+-----BEGIN PUBLIC KEY-----
+MEgwEAYHKoZIzj0CAQYFK4EEABkDNAAEAHhW6xjH4TNPs/e12tsZcsGD+a92kAWk
+wQFc4m1ISx4omtNyCVI7FXV5zNnaGWVACT4=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect193r2:ALICE_sect193r2_PUB
+
+
+PrivateKey=BOB_sect193r2
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEAYHKoZIzj0CAQYFK4EEABkEWDBWAgEBBBkAvMiVR0abk6pHoeOIBESL
+fB9B4gsZJjLsoTYDNAAEADtKDcwL660+Mm11Vl254GI3TnD+fragdwF+wY5qlMu5
+VtrUDMHuAP0q3eGQUsrzNo0=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect193r2_PUB
+-----BEGIN PUBLIC KEY-----
+MEgwEAYHKoZIzj0CAQYFK4EEABkDNAAEADtKDcwL660+Mm11Vl254GI3TnD+frag
+dwF+wY5qlMu5VtrUDMHuAP0q3eGQUsrzNo0=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect193r2:BOB_sect193r2_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect193r2
+PeerKey=BOB_sect193r2_PUB
+SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect193r2
+PeerKey=ALICE_sect193r2_PUB
+SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891
+
+# TEST CURVE sect233k1
+
+PrivateKey=ALICE_sect233k1
+-----BEGIN PRIVATE KEY-----
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1aR7qaKm1vmZWK2bGsJ1rX
+mH6BpTkW4t1L4zSf/KFAAz4ABADcDiv+bTvPVViqYLNz06VO5wodry+sGi6fnJIr
+QQCTfZ9d5whiIsbY5Thlcm7I0A/cIGoShA/6LumOVA==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect233k1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEANwOK/5tO89VWKpgs3PTpU7nCh2vL6wa
+Lp+ckitBAJN9n13nCGIixtjlOGVybsjQD9wgahKED/ou6Y5U
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect233k1:ALICE_sect233k1_PUB
+
+
+PrivateKey=BOB_sect233k1
+-----BEGIN PRIVATE KEY-----
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0oa5BrzYxm6mn51Xyphn6X
+OUjKc9oMDHCowAyHTaFAAz4ABAGKiFuFJVQeymHYRVnt2LNF2MSaTMcL9JGSPn2z
+OwBis5MS4kgEFakWQl7KpGiy3vS89wmpblvHLJ/+IQ==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect233k1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAYqIW4UlVB7KYdhFWe3Ys0XYxJpMxwv0
+kZI+fbM7AGKzkxLiSAQVqRZCXsqkaLLe9Lz3CaluW8csn/4h
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect233k1:BOB_sect233k1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect233k1
+PeerKey=BOB_sect233k1_PUB
+SharedSecret=00a5e5f2e992f4360d530dd365d14f5c6013212e14f4ea258c91c71f1512
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect233k1
+PeerKey=ALICE_sect233k1_PUB
+SharedSecret=00a5e5f2e992f4360d530dd365d14f5c6013212e14f4ea258c91c71f1512
+
+# TEST CURVE sect233r1
+
+PrivateKey=ALICE_sect233r1
+-----BEGIN PRIVATE KEY-----
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AEN6fePR2gizyXzU6kIgU
+Gijp5+IQAXoNBfKnVeChQAM+AAQB0kEwu2fwQWo1v1j7XQ8uJT3iMwRC8w+cxgxx
+GQ4B/FyjrhIUpEDWaMqfV23McZ6WdbIUe3MZ7K5pG38=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect233r1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAdJBMLtn8EFqNb9Y+10PLiU94jMEQvMP
+nMYMcRkOAfxco64SFKRA1mjKn1dtzHGelnWyFHtzGeyuaRt/
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect233r1:ALICE_sect233r1_PUB
+
+
+PrivateKey=BOB_sect233r1
+-----BEGIN PRIVATE KEY-----
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AXHWOeS6fG0XCH3FnHDuS
+IcELUeDG+AYNNeLVZd6hQAM+AAQAYRRYH017uxcaMPF3GOsL4bvodW1yZLEtL3pm
+CkcAfqJI/4niCr8uHKh0gBa2JBjBWMV1u8Mpf60uvok=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect233r1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAGEUWB9Ne7sXGjDxdxjrC+G76HVtcmSx
+LS96ZgpHAH6iSP+J4gq/LhyodIAWtiQYwVjFdbvDKX+tLr6J
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect233r1:BOB_sect233r1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect233r1
+PeerKey=BOB_sect233r1_PUB
+SharedSecret=01625f3fcd367ee7cd74c67cca02dccfce6c3b19ef07e358ed943d17a8e2
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect233r1
+PeerKey=ALICE_sect233r1_PUB
+SharedSecret=01625f3fcd367ee7cd74c67cca02dccfce6c3b19ef07e358ed943d17a8e2
+
+# TEST CURVE sect239k1
+
+PrivateKey=ALICE_sect239k1
+-----BEGIN PRIVATE KEY-----
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEAAMEZzBlAgEBBB4MhpuQTtDeLBboZgiW11d/
+KBlgUL4YvTjZ8zg4HR2hQAM+AAQafRD6X3L/7c/FN69KuA04a4bhxHZezmz1G15m
+tltwl8zlWsR5+GNToxV0OBLbStAQbXxqBa2Gg83B0oc=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect239k1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwEAYHKoZIzj0CAQYFK4EEAAMDPgAEGn0Q+l9y/+3PxTevSrgNOGuG4cR2Xs5s
+9RteZrZbcJfM5VrEefhjU6MVdDgS20rQEG18agWthoPNwdKH
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect239k1:ALICE_sect239k1_PUB
+
+
+PrivateKey=BOB_sect239k1
+-----BEGIN PRIVATE KEY-----
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEAAMEZzBlAgEBBB4FBG477KvylisppUFwbDl/
+SRGnX5FFmfw/xWIiEMehQAM+AAQFii094UX6F5m8Dk0eI/DhF3+IDUu7h81hTdyZ
+xxET0IokxFkTUf/re9WPA7LxPOCuiIPZUNVCRxRWSuU=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect239k1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwEAYHKoZIzj0CAQYFK4EEAAMDPgAEBYotPeFF+heZvA5NHiPw4Rd/iA1Lu4fN
+YU3cmccRE9CKJMRZE1H/63vVjwOy8TzgroiD2VDVQkcUVkrl
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect239k1:BOB_sect239k1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect239k1
+PeerKey=BOB_sect239k1_PUB
+SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect239k1
+PeerKey=ALICE_sect239k1_PUB
+SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8
+
+# TEST CURVE sect283k1
+
+PrivateKey=ALICE_sect283k1
+-----BEGIN PRIVATE KEY-----
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAGhnsmZ2UDKV3QKmq3k+
+33LQ6n5aCYvKXcMgiZlBS/RrVgIRoUwDSgAEBSgpOw5TMTc4O8HHhw5atJl5mrnW
+uC6oWVYRYpD1IMvPNTRsAYo4SYRmPIfgzVv/ESVcHVaD1lPNo+eq0HN1qhvRX+4r
+mGO7
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect283k1_PUB
+-----BEGIN PUBLIC KEY-----
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBSgpOw5TMTc4O8HHhw5atJl5mrnWuC6o
+WVYRYpD1IMvPNTRsAYo4SYRmPIfgzVv/ESVcHVaD1lPNo+eq0HN1qhvRX+4rmGO7
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect283k1:ALICE_sect283k1_PUB
+
+
+PrivateKey=BOB_sect283k1
+-----BEGIN PRIVATE KEY-----
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAAJXIwfWjYbiM5jEcNw8
+8/1kbEnhVjWGivO7zDPts7AuKSMkoUwDSgAEA5Ause5pdH6ks7PdyPeoPbYAkz6V
+D5v8KTV1b97PiYmZNDeoBY78FQyHRSvdSo+oRew2RacpaCAntRoiWHyN1nAdDSzj
+CN/m
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect283k1_PUB
+-----BEGIN PUBLIC KEY-----
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA5Ause5pdH6ks7PdyPeoPbYAkz6VD5v8
+KTV1b97PiYmZNDeoBY78FQyHRSvdSo+oRew2RacpaCAntRoiWHyN1nAdDSzjCN/m
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect283k1:BOB_sect283k1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect283k1
+PeerKey=BOB_sect283k1_PUB
+SharedSecret=02f2e682c2f60d7261624f3661a5e85fca920443b72aa4dd5a540082e65e552302d8f825
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect283k1
+PeerKey=ALICE_sect283k1_PUB
+SharedSecret=02f2e682c2f60d7261624f3661a5e85fca920443b72aa4dd5a540082e65e552302d8f825
+
+# TEST CURVE sect283r1
+
+PrivateKey=ALICE_sect283r1
+-----BEGIN PRIVATE KEY-----
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAi4Jrhu19kt7H8jw1FO7
+VzCxh6p0pI0ogl3q9ev5NFkufZkZoUwDSgAEAHx6cwnWw+9l3oZHpx+R8nu7SLqU
+S40TU2uL0W6VTNANIvcJB1b++3okH0FJgFAahbaotafYTyfqCoY11VaxnVqU5/aE
+7jsD
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect283r1_PUB
+-----BEGIN PUBLIC KEY-----
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAHx6cwnWw+9l3oZHpx+R8nu7SLqUS40T
+U2uL0W6VTNANIvcJB1b++3okH0FJgFAahbaotafYTyfqCoY11VaxnVqU5/aE7jsD
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect283r1:ALICE_sect283r1_PUB
+
+
+PrivateKey=BOB_sect283r1
+-----BEGIN PRIVATE KEY-----
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkACD04gJaVfVxK/Dpbxjq
+rzZWc6B76a23MK/IQD1jMlGPQzzxoUwDSgAEA13mIYMvik12DBp8JkdETMB1ewOw
+22C/xhnzLEHmgrG0ewxeANVAoIZy2uv5t0VUJIp4PYdLNaqIguN+9v6U78O4lass
+Iq5I
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect283r1_PUB
+-----BEGIN PUBLIC KEY-----
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEA13mIYMvik12DBp8JkdETMB1ewOw22C/
+xhnzLEHmgrG0ewxeANVAoIZy2uv5t0VUJIp4PYdLNaqIguN+9v6U78O4lassIq5I
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect283r1:BOB_sect283r1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect283r1
+PeerKey=BOB_sect283r1_PUB
+SharedSecret=05778bc1afcf38d7dddb2150cacbfe4d38dc588968fd8b2e859c28ae2629d3435f89f6cc
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect283r1
+PeerKey=ALICE_sect283r1_PUB
+SharedSecret=05778bc1afcf38d7dddb2150cacbfe4d38dc588968fd8b2e859c28ae2629d3435f89f6cc
+
+# TEST CURVE sect409k1
+
+PrivateKey=ALICE_sect409k1
+-----BEGIN PRIVATE KEY-----
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMg1vV7wiPe1ovX+ukz
+VfwPZoqvyj/vdif04Opi9PcjV5mPBEZgSFBg8hbutNxZJdVLrxShbANqAAQACe1I
+J5ilSk1pPLvbcjEZIE6abC9LZ9WmHuNJxM9LAW1OuLvJGi72AsGYUOGpX0WGmK6C
+AYaqZb2Qeedq/yUIljDHYi66J+26owYl7lOMpRzZ9U2QDJrZ7TYuxeMUui6re0B+
+JuZdYw==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect409k1_PUB
+-----BEGIN PUBLIC KEY-----
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAAntSCeYpUpNaTy723IxGSBOmmwvS2fV
+ph7jScTPSwFtTri7yRou9gLBmFDhqV9FhpiuggGGqmW9kHnnav8lCJYwx2Iuuift
+uqMGJe5TjKUc2fVNkAya2e02LsXjFLouq3tAfibmXWM=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect409k1:ALICE_sect409k1_PUB
+
+
+PrivateKey=BOB_sect409k1
+-----BEGIN PRIVATE KEY-----
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMIYBGZZcZz4qCdhAV9
+vqpfe8vV+vJEhjawR52JUV1rumWEBPAx0o6E+gaxHBr5hzVGkIKhbANqAAQAAQKK
+s60CTUUkltsT+lIBukjz850pkGGLltJ4eaZn4k9AtN/lFTCq6Vgqe2sDrjA3b45q
+AdWjf1vRaP0wawJ13SjApJmyXg5hQks6d0Zqz2OHYhGEGiM159VtTlStK067dVe1
+fGVDeg==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect409k1_PUB
+-----BEGIN PUBLIC KEY-----
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAAECirOtAk1FJJbbE/pSAbpI8/OdKZBh
+i5bSeHmmZ+JPQLTf5RUwqulYKntrA64wN2+OagHVo39b0Wj9MGsCdd0owKSZsl4O
+YUJLOndGas9jh2IRhBojNefVbU5UrStOu3VXtXxlQ3o=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect409k1:BOB_sect409k1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect409k1
+PeerKey=BOB_sect409k1_PUB
+SharedSecret=01523ec40ad40226a57281a4c423801ae9495dcf736eddd667023b1390977d018ce79313fb99c503f39cbee80f5c1968f3bd02e0
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect409k1
+PeerKey=ALICE_sect409k1_PUB
+SharedSecret=01523ec40ad40226a57281a4c423801ae9495dcf736eddd667023b1390977d018ce79313fb99c503f39cbee80f5c1968f3bd02e0
+
+# TEST CURVE sect409r1
+
+PrivateKey=ALICE_sect409r1
+-----BEGIN PRIVATE KEY-----
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAYTMsTpey51D2ULnd
+pN+AAWnJLy9pTerziakhjii8OyWKpUVfpDFNneCCd2oQTDcPX5vdoWwDagAEAYfk
+3ZejxpVYCG7dYHTVhhcqILEyTYoQa4YehGPxKcbmgpqW4Wev1tEDVI3JIowICYGU
+owHXXzgDXoJeR79wgb7ySAlXJXgQ8Ficr7i0CaqyAuIpFw9FWJT3jheFwnbpDTvI
+eIozlf4=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect409r1_PUB
+-----BEGIN PUBLIC KEY-----
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAYfk3ZejxpVYCG7dYHTVhhcqILEyTYoQ
+a4YehGPxKcbmgpqW4Wev1tEDVI3JIowICYGUowHXXzgDXoJeR79wgb7ySAlXJXgQ
+8Ficr7i0CaqyAuIpFw9FWJT3jheFwnbpDTvIeIozlf4=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect409r1:ALICE_sect409r1_PUB
+
+
+PrivateKey=BOB_sect409r1
+-----BEGIN PRIVATE KEY-----
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAsCs1nRgwW97TdKIH
+PRcsqmK1e8TIZ00e6rqLb3nD4sIe+Gw/fGhSUER9akQ7lAluEUnfoWwDagAEAfM2
+fvBEic+7jV4oC+v8GfsunD9Zp9rzNgMp3dJ+ZU7r6Bp+ZH3dL9Uvv8kUiB89UlDl
+LwBm/W6TlzGuh1FnzXYKVnhnXpzSlRZQsPCceKukbV46Asl8O23b2+DPJgQBGbMf
+WsgK+KA=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect409r1_PUB
+-----BEGIN PUBLIC KEY-----
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAfM2fvBEic+7jV4oC+v8GfsunD9Zp9rz
+NgMp3dJ+ZU7r6Bp+ZH3dL9Uvv8kUiB89UlDlLwBm/W6TlzGuh1FnzXYKVnhnXpzS
+lRZQsPCceKukbV46Asl8O23b2+DPJgQBGbMfWsgK+KA=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect409r1:BOB_sect409r1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect409r1
+PeerKey=BOB_sect409r1_PUB
+SharedSecret=019dc849870dc6f79978aca8e1fc6aa6836c8fcb25bbfe3d5ab41ea53eae2c7329952280efb30f9097a31a774191e476dbd842d5
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect409r1
+PeerKey=ALICE_sect409r1_PUB
+SharedSecret=019dc849870dc6f79978aca8e1fc6aa6836c8fcb25bbfe3d5ab41ea53eae2c7329952280efb30f9097a31a774191e476dbd842d5
+
+# TEST CURVE sect571k1
+
+PrivateKey=ALICE_sect571k1
+-----BEGIN PRIVATE KEY-----
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIARO8hI8j6TZ556/d
+RcdGYvdblnALD2XZCKu2c3C5yQIeA8Tidi+f8n6cCnb5FtJNTYKqP8tRfHlwAZtW
+/giXi/4yF5K2twS3oYGVA4GSAAQAtiuUbz7v6njhujnDhanD4iV84K0LQd9wP1+k
+v0Bn833nKtFrZComgrip2SwUaEYOE6IcPyCJ48vWOKvIR6fU11tWwsFRPU0Cct0S
+qVbANAJzwL1umwuKNPblJ6ZEwcBdgw7hWFL6sh+0ayAQ3a8zOizhViJPCnaKR/Oo
+AtaUpCWLSTHDF1gK4/kmlwEx+8o=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect571k1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQAtiuUbz7v6njhujnDhanD4iV84K0L
+Qd9wP1+kv0Bn833nKtFrZComgrip2SwUaEYOE6IcPyCJ48vWOKvIR6fU11tWwsFR
+PU0Cct0SqVbANAJzwL1umwuKNPblJ6ZEwcBdgw7hWFL6sh+0ayAQ3a8zOizhViJP
+CnaKR/OoAtaUpCWLSTHDF1gK4/kmlwEx+8o=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect571k1:ALICE_sect571k1_PUB
+
+
+PrivateKey=BOB_sect571k1
+-----BEGIN PRIVATE KEY-----
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAVZT4tnX9dMWS6Vd
+YCoYRl9o/j/Hz7KGqF4Ujk9n9b4+mXbJ37tobpjnpNqKlJfI04w80JPp+NxpoBR3
+8p1bcc9iL4Smh48YoYGVA4GSAAQARzAx9yVkHL8pbe1myosILIhhLLURYRDHmopO
+IijLQmTATV9pYO7CrFBPBjaKNRjPpw/cVOs89X9Jdzx/bolkGqVAsjLN1tsCrqET
+31F4mpnfsPwcM6zbp6lE4N2gL5cakKMmyPNM4d3m8xl1f6e56LBYfaxOaqcYzbXC
+Q/Aiij13H06qKhuFM4iiB/0D164=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect571k1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQARzAx9yVkHL8pbe1myosILIhhLLUR
+YRDHmopOIijLQmTATV9pYO7CrFBPBjaKNRjPpw/cVOs89X9Jdzx/bolkGqVAsjLN
+1tsCrqET31F4mpnfsPwcM6zbp6lE4N2gL5cakKMmyPNM4d3m8xl1f6e56LBYfaxO
+aqcYzbXCQ/Aiij13H06qKhuFM4iiB/0D164=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect571k1:BOB_sect571k1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect571k1
+PeerKey=BOB_sect571k1_PUB
+SharedSecret=05a423515fcc91b3171c83edd5c4085ff729a8ff0a3fa1578ebf769523ded0f5c1e387cf63109f2fbd95e117345b788b4577fdc6b6e727230bfc73eae0d4e851cb6f6e616eddb13e
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect571k1
+PeerKey=ALICE_sect571k1_PUB
+SharedSecret=05a423515fcc91b3171c83edd5c4085ff729a8ff0a3fa1578ebf769523ded0f5c1e387cf63109f2fbd95e117345b788b4577fdc6b6e727230bfc73eae0d4e851cb6f6e616eddb13e
+
+# TEST CURVE sect571r1
+
+PrivateKey=ALICE_sect571r1
+-----BEGIN PRIVATE KEY-----
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIArsi//Zp9veeURYV
+zGYHn4MlNIxNt6U6vtmTPS/NaoiaavxbOimpHgxYPCjpoPYhM33Z2VBh7pl2aoRW
+3GBepLFLoF8oiQaLoYGVA4GSAAQDRG2b7KCUKbGDTWVgW0qqNC3oYcz4f/AwTHmo
+US1mzdRZj/Sf6IU+7mITGnQ6lg1EkTas/X6TK1hNMV7tAjSeowdN75wzd8YF32SF
+HMIcWew5g56oF961qv3IvICZnRAOmWyGHeHdYwHxMBSBPNgua42QGoJz6J6dYAUe
+vE+F3N29p/tRBGNzMFIqoDdW+NA=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect571r1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDRG2b7KCUKbGDTWVgW0qqNC3oYcz4
+f/AwTHmoUS1mzdRZj/Sf6IU+7mITGnQ6lg1EkTas/X6TK1hNMV7tAjSeowdN75wz
+d8YF32SFHMIcWew5g56oF961qv3IvICZnRAOmWyGHeHdYwHxMBSBPNgua42QGoJz
+6J6dYAUevE+F3N29p/tRBGNzMFIqoDdW+NA=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect571r1:ALICE_sect571r1_PUB
+
+
+PrivateKey=BOB_sect571r1
+-----BEGIN PRIVATE KEY-----
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAYj65N5XJTQusn+h
+Z9xj/dgZ4qR1GDC1Ij7jYuow+TvGrG2wz/WT76/lLNtlCLfDW2kODDUmDAJeK/e+
+VMO7suJTXGnrGFHioYGVA4GSAAQGxykYFxqz7jZxcBbiPLYfJEhXlf2SYmMKve74
+trOT+qjIm35+uUAcg2krOzH7X/8wH6bVSn/UKG/k27wZrAnWzZ5XKd8QI70H8aHv
+LgrCoMoqOno+h6J4TgvlDq7FIGZ8fvDaM7YJ8dHPX5FC8Vyphu82TcNdnNATBqom
+6WDWc7RTFZ4sijL5ywVhovwJ1gA=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect571r1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGxykYFxqz7jZxcBbiPLYfJEhXlf2S
+YmMKve74trOT+qjIm35+uUAcg2krOzH7X/8wH6bVSn/UKG/k27wZrAnWzZ5XKd8Q
+I70H8aHvLgrCoMoqOno+h6J4TgvlDq7FIGZ8fvDaM7YJ8dHPX5FC8Vyphu82TcNd
+nNATBqom6WDWc7RTFZ4sijL5ywVhovwJ1gA=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect571r1:BOB_sect571r1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect571r1
+PeerKey=BOB_sect571r1_PUB
+SharedSecret=004b397e564055e2c7d87648183c948655ccb0ebb20bd441f9b11635cf461cb5815ff060eab33091b9f7aed67bec8ba1bb7b22437ece3c92c7cf76124408fb951595dfb4a512b2ae
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect571r1
+PeerKey=ALICE_sect571r1_PUB
+SharedSecret=004b397e564055e2c7d87648183c948655ccb0ebb20bd441f9b11635cf461cb5815ff060eab33091b9f7aed67bec8ba1bb7b22437ece3c92c7cf76124408fb951595dfb4a512b2ae
+
+# TEST CURVE c2pnb163v1
+
+PrivateKey=ALICE_c2pnb163v1
+-----BEGIN PRIVATE KEY-----
+MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAEETDBKAgEBBBUDTVBXDIdMMg5JIb6y
+ZHLpkONauzuhLgMsAAQC/TaMi2YGY4SmYVCrIVVommDnOyMHJZ1VZ4+fT+hE/qRp
+WHMMW5gOZO4=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_c2pnb163v1_PUB
+-----BEGIN PUBLIC KEY-----
+MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAEDLAAEAv02jItmBmOEpmFQqyFVaJpg5zsj
+ByWdVWePn0/oRP6kaVhzDFuYDmTu
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_c2pnb163v1:ALICE_c2pnb163v1_PUB
+
+
+PrivateKey=BOB_c2pnb163v1
+-----BEGIN PRIVATE KEY-----
+MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAEETDBKAgEBBBUC3uEAfGc3+a0FOrFh
+ftdUBtZ5BPOhLgMsAAQGojKkhnOduUQY6XT0GwQbDe1YM1wFkj3vZGkhO5OzsqG1
+QqQLkFeMwKo=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_c2pnb163v1_PUB
+-----BEGIN PUBLIC KEY-----
+MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAEDLAAEBqIypIZznblEGOl09BsEGw3tWDNc
+BZI972RpITuTs7KhtUKkC5BXjMCq
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_c2pnb163v1:BOB_c2pnb163v1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_c2pnb163v1
+PeerKey=BOB_c2pnb163v1_PUB
+SharedSecret=05939a47cb503656e684f433001e45776c7620e13b
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_c2pnb163v1
+PeerKey=ALICE_c2pnb163v1_PUB
+SharedSecret=05939a47cb503656e684f433001e45776c7620e13b
+
+# TEST CURVE c2pnb163v2
+
+PrivateKey=ALICE_c2pnb163v2
+-----BEGIN PRIVATE KEY-----
+MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAIETDBKAgEBBBUC3m3meJNbhDwwFH3C
+//L2EyOQNruhLgMsAAQBaATOiPV6c8icBYWczLXM6k+t8U4FIN57iiC8RsmIS3+V
+yM/rN3UBZaw=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_c2pnb163v2_PUB
+-----BEGIN PUBLIC KEY-----
+MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAIDLAAEAWgEzoj1enPInAWFnMy1zOpPrfFO
+BSDee4ogvEbJiEt/lcjP6zd1AWWs
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_c2pnb163v2:ALICE_c2pnb163v2_PUB
+
+
+PrivateKey=BOB_c2pnb163v2
+-----BEGIN PRIVATE KEY-----
+MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAIETDBKAgEBBBUBvd/DvKharywckSaW
+aAniKByXBwihLgMsAAQH0+FWe4mb13QrEZCPwfIS+gChEXoGhyBVubt6+SSgS5nS
+eDGgjW/36Qw=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_c2pnb163v2_PUB
+-----BEGIN PUBLIC KEY-----
+MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAIDLAAEB9PhVnuJm9d0KxGQj8HyEvoAoRF6
+BocgVbm7evkkoEuZ0ngxoI1v9+kM
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_c2pnb163v2:BOB_c2pnb163v2_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_c2pnb163v2
+PeerKey=BOB_c2pnb163v2_PUB
+SharedSecret=0779fb5f6ac7892f2f342b785d71244e0b03ca562d
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_c2pnb163v2
+PeerKey=ALICE_c2pnb163v2_PUB
+SharedSecret=0779fb5f6ac7892f2f342b785d71244e0b03ca562d
+
+# TEST CURVE c2pnb163v3
+
+PrivateKey=ALICE_c2pnb163v3
+-----BEGIN PRIVATE KEY-----
+MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAMETDBKAgEBBBUCtJ0ZQMD5T6Ym/jZx
+Fzb9tQkLOhuhLgMsAAQE26YD7hG+CY02+nBDFKIBnMvHWUQGfkiIfG9yxV+LptOM
+CdU4y9RhM+w=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_c2pnb163v3_PUB
+-----BEGIN PUBLIC KEY-----
+MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAMDLAAEBNumA+4RvgmNNvpwQxSiAZzLx1lE
+Bn5IiHxvcsVfi6bTjAnVOMvUYTPs
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_c2pnb163v3:ALICE_c2pnb163v3_PUB
+
+
+PrivateKey=BOB_c2pnb163v3
+-----BEGIN PRIVATE KEY-----
+MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAMETDBKAgEBBBUB9MnYR9NXM8OoCraO
+orQz1LXIZJChLgMsAAQH15R/xAGyrtmg+hrdAaGn9rVEfWQA7yUCn4vKR2eIy/qN
+YfbeHTIaTBY=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_c2pnb163v3_PUB
+-----BEGIN PUBLIC KEY-----
+MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAMDLAAEB9eUf8QBsq7ZoPoa3QGhp/a1RH1k
+AO8lAp+LykdniMv6jWH23h0yGkwW
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_c2pnb163v3:BOB_c2pnb163v3_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_c2pnb163v3
+PeerKey=BOB_c2pnb163v3_PUB
+SharedSecret=02bf68863a8798e72cdc9cd3b9ce731f12654bfa81
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_c2pnb163v3
+PeerKey=ALICE_c2pnb163v3_PUB
+SharedSecret=02bf68863a8798e72cdc9cd3b9ce731f12654bfa81
+
+# TEST CURVE c2pnb176v1
+
+PrivateKey=ALICE_c2pnb176v1
+-----BEGIN PRIVATE KEY-----
+MGgCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAQETjBMAgEBBBUAxXEz1PjthqsI664l
+N5LRLN8C2uyhMAMuAARD1qVJHbL5A7BhEKeHSuDeT6XeZ3ODFn9ef67qdF+tS7p3
+zgXGKt4pKMoYcg==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_c2pnb176v1_PUB
+-----BEGIN PUBLIC KEY-----
+MEUwEwYHKoZIzj0CAQYIKoZIzj0DAAQDLgAEQ9alSR2y+QOwYRCnh0rg3k+l3mdz
+gxZ/Xn+u6nRfrUu6d84FxireKSjKGHI=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_c2pnb176v1:ALICE_c2pnb176v1_PUB
+
+
+PrivateKey=BOB_c2pnb176v1
+-----BEGIN PRIVATE KEY-----
+MGgCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAQETjBMAgEBBBUAJvHHFW0v+/cjaLd7
+Xgt6FtSga5+hMAMuAASUs7rUAlv1qhppI82ikLvZ8Y0DApC356nhs7SyQYdLtHRM
++qUHBB3IzrLKdQ==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_c2pnb176v1_PUB
+-----BEGIN PUBLIC KEY-----
+MEUwEwYHKoZIzj0CAQYIKoZIzj0DAAQDLgAElLO61AJb9aoaaSPNopC72fGNAwKQ
+t+ep4bO0skGHS7R0TPqlBwQdyM6yynU=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_c2pnb176v1:BOB_c2pnb176v1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_c2pnb176v1
+PeerKey=BOB_c2pnb176v1_PUB
+SharedSecret=b204734417542df762e09013d6ba958940837a2aa25a
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_c2pnb176v1
+PeerKey=ALICE_c2pnb176v1_PUB
+SharedSecret=b204734417542df762e09013d6ba958940837a2aa25a
+
+# TEST CURVE c2tnb191v1
+
+PrivateKey=ALICE_c2tnb191v1
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAUEVTBTAgEBBBgYgpO+wgirUtuqHF00
+2o02Vc7xQjKgSzChNAMyAAQ2ae+5tDQ2CDaV5XPdC+RtLgcHS5lTOclTClr/WSpP
+TlMt2TGh/KRrD859oXg6KYY=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_c2tnb191v1_PUB
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAUDMgAENmnvubQ0Ngg2leVz3QvkbS4HB0uZ
+UznJUwpa/1kqT05TLdkxofykaw/OfaF4OimG
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_c2tnb191v1:ALICE_c2tnb191v1_PUB
+
+
+PrivateKey=BOB_c2tnb191v1
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAUEVTBTAgEBBBguzm5uFNRy/lX3OKuJ
+j8i/vH/+viMd48yhNAMyAARka5rhdTmtbqQVRMWZQjUqsHUMX43siRt5f2WQSZfg
++IQ2l/8veayyX9erUSt3gK4=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_c2tnb191v1_PUB
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAUDMgAEZGua4XU5rW6kFUTFmUI1KrB1DF+N
+7IkbeX9lkEmX4PiENpf/L3mssl/Xq1Erd4Cu
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_c2tnb191v1:BOB_c2tnb191v1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_c2tnb191v1
+PeerKey=BOB_c2tnb191v1_PUB
+SharedSecret=7a30d30acd3b067f38bb3be9e8cdef739483df26455e36e1
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_c2tnb191v1
+PeerKey=ALICE_c2tnb191v1_PUB
+SharedSecret=7a30d30acd3b067f38bb3be9e8cdef739483df26455e36e1
+
+# TEST CURVE c2tnb191v2
+
+PrivateKey=ALICE_c2tnb191v2
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAYEVTBTAgEBBBgOlslgJ0XSK3vKC5Ls
+QmYxZfr8OEKXRQ2hNAMyAAQAHivLhSwW2SJZtUPhuV1p9fQSfz7w9SJY8dJOpVf8
+9DevPUlJMPcaSGyjX+3nJZc=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_c2tnb191v2_PUB
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAYDMgAEAB4ry4UsFtkiWbVD4bldafX0En8+
+8PUiWPHSTqVX/PQ3rz1JSTD3Gkhso1/t5yWX
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_c2tnb191v2:ALICE_c2tnb191v2_PUB
+
+
+PrivateKey=BOB_c2tnb191v2
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAYEVTBTAgEBBBgK9QaS2SDU6yz7uXqO
++/+C+baTTVMAGVGhNAMyAAQiR0t9plm77ezfXvJzDNdlyYC0pWX+QmJ8EavgEElk
+ky/M+YXb5ufkFzFXIEfU9pM=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_c2tnb191v2_PUB
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAYDMgAEIkdLfaZZu+3s317ycwzXZcmAtKVl
+/kJifBGr4BBJZJMvzPmF2+bn5BcxVyBH1PaT
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_c2tnb191v2:BOB_c2tnb191v2_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_c2tnb191v2
+PeerKey=BOB_c2tnb191v2_PUB
+SharedSecret=5ec2b6ccd193620dbad302c4ad8f8909a40698bf454d7534
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_c2tnb191v2
+PeerKey=ALICE_c2tnb191v2_PUB
+SharedSecret=5ec2b6ccd193620dbad302c4ad8f8909a40698bf454d7534
+
+# TEST CURVE c2tnb191v3
+
+PrivateKey=ALICE_c2tnb191v3
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAcEVTBTAgEBBBgSaBOQyq6XX3hZVVgV
+FlRrxTuvgtv33C6hNAMyAARL+Fup8jOnixQYPx8pU/b066PHrhTXfiNerFEYA/5O
+XCKCEkdRCpuDJnyqpmaC2vw=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_c2tnb191v3_PUB
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAcDMgAES/hbqfIzp4sUGD8fKVP29Oujx64U
+134jXqxRGAP+TlwighJHUQqbgyZ8qqZmgtr8
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_c2tnb191v3:ALICE_c2tnb191v3_PUB
+
+
+PrivateKey=BOB_c2tnb191v3
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAcEVTBTAgEBBBgEE8Ls7pc1/q3/0ruR
+gMrWGhGIr4VLt4uhNAMyAAQHAZsjkAXanwGbXR3SKkoKli6rSfSiu0lU2XHDiZdt
+LaPN+Eihz4KeG2YM/p3m1do=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_c2tnb191v3_PUB
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAcDMgAEBwGbI5AF2p8Bm10d0ipKCpYuq0n0
+ortJVNlxw4mXbS2jzfhIoc+CnhtmDP6d5tXa
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_c2tnb191v3:BOB_c2tnb191v3_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_c2tnb191v3
+PeerKey=BOB_c2tnb191v3_PUB
+SharedSecret=39093dc8a2e6724a6206ed41bb99490d527d80c902c41891
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_c2tnb191v3
+PeerKey=ALICE_c2tnb191v3_PUB
+SharedSecret=39093dc8a2e6724a6206ed41bb99490d527d80c902c41891
+
+# TEST CURVE c2pnb208w1
+
+PrivateKey=ALICE_c2pnb208w1
+-----BEGIN PRIVATE KEY-----
+MHQCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAoEWjBYAgEBBBkAbfnNboX6Dk+NLoBO
+6qBB2aE1srmTgS96oTgDNgAEFLHciAu4excYB0mty8rF442ULXZfqL90IkgP5G2z
+wzY1mAlEBFMg83izeRaCJ/vRihZDJw==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_c2pnb208w1_PUB
+-----BEGIN PUBLIC KEY-----
+ME0wEwYHKoZIzj0CAQYIKoZIzj0DAAoDNgAEFLHciAu4excYB0mty8rF442ULXZf
+qL90IkgP5G2zwzY1mAlEBFMg83izeRaCJ/vRihZDJw==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_c2pnb208w1:ALICE_c2pnb208w1_PUB
+
+
+PrivateKey=BOB_c2pnb208w1
+-----BEGIN PRIVATE KEY-----
+MHQCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAoEWjBYAgEBBBkAwjGFJOPkZqQPZ+mI
+Ae3G12zpUia40tRjoTgDNgAEDxaP6u0phDLfM4RsZhgIfZy8CurR4/IPtqMGxbfz
+pPKPMZXV12F6MrWrorSFDZ8KFd58Ww==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_c2pnb208w1_PUB
+-----BEGIN PUBLIC KEY-----
+ME0wEwYHKoZIzj0CAQYIKoZIzj0DAAoDNgAEDxaP6u0phDLfM4RsZhgIfZy8CurR
+4/IPtqMGxbfzpPKPMZXV12F6MrWrorSFDZ8KFd58Ww==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_c2pnb208w1:BOB_c2pnb208w1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_c2pnb208w1
+PeerKey=BOB_c2pnb208w1_PUB
+SharedSecret=59bf3c91bd168d4d4d900d9ce155933045e0fd16dcf0511bb5af
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_c2pnb208w1
+PeerKey=ALICE_c2pnb208w1_PUB
+SharedSecret=59bf3c91bd168d4d4d900d9ce155933045e0fd16dcf0511bb5af
+
+# TEST CURVE c2tnb239v1
+
+PrivateKey=ALICE_c2tnb239v1
+-----BEGIN PRIVATE KEY-----
+MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwALBGcwZQIBAQQeE4CCwXEKsP3CfLC/
+DLSSF9lfyOaNSuQXmq9rzLqwoUADPgAEM6oQIsXJs+ANKQpF3DzBdG4FdS5DS+qp
+c5fVTsZiI4FAWCXUvzzPTRAex3wwvF/4JrYK6cKVh8i1EOrN
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_c2tnb239v1_PUB
+-----BEGIN PUBLIC KEY-----
+MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAsDPgAEM6oQIsXJs+ANKQpF3DzBdG4FdS5D
+S+qpc5fVTsZiI4FAWCXUvzzPTRAex3wwvF/4JrYK6cKVh8i1EOrN
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_c2tnb239v1:ALICE_c2tnb239v1_PUB
+
+
+PrivateKey=BOB_c2tnb239v1
+-----BEGIN PRIVATE KEY-----
+MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwALBGcwZQIBAQQeAGDYCGAXqD03x510
+h35JSzlgReW6W/T8lYPEA42doUADPgAECk6Uyh8ULkOVOxZSNZYGwtko/oy7ZLDP
+F8dbsEZTeYIBpQ6hWqZ/4Nz3RyzfoukyfCb3b8OMtpq+Qgio
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_c2tnb239v1_PUB
+-----BEGIN PUBLIC KEY-----
+MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAsDPgAECk6Uyh8ULkOVOxZSNZYGwtko/oy7
+ZLDPF8dbsEZTeYIBpQ6hWqZ/4Nz3RyzfoukyfCb3b8OMtpq+Qgio
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_c2tnb239v1:BOB_c2tnb239v1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_c2tnb239v1
+PeerKey=BOB_c2tnb239v1_PUB
+SharedSecret=78c42256900725df9a47bb042cef7dad9f639b32e3010738a144e7472d1a
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_c2tnb239v1
+PeerKey=ALICE_c2tnb239v1_PUB
+SharedSecret=78c42256900725df9a47bb042cef7dad9f639b32e3010738a144e7472d1a
+
+# TEST CURVE c2tnb239v2
+
+PrivateKey=ALICE_c2tnb239v2
+-----BEGIN PRIVATE KEY-----
+MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwAMBGcwZQIBAQQeE8kBjHLjFeC+Z2gZ
+q0snwR3UgEgWMW0xilhJNjW2oUADPgAEQ+ubIYhh82VohwKSVz70PkHsjmYWDvDU
+/SBRk8AiP71CM9D7XEKK5tnU94MtK2Kscx5nWZFc+oIh1+sY
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_c2tnb239v2_PUB
+-----BEGIN PUBLIC KEY-----
+MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAwDPgAEQ+ubIYhh82VohwKSVz70PkHsjmYW
+DvDU/SBRk8AiP71CM9D7XEKK5tnU94MtK2Kscx5nWZFc+oIh1+sY
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_c2tnb239v2:ALICE_c2tnb239v2_PUB
+
+
+PrivateKey=BOB_c2tnb239v2
+-----BEGIN PRIVATE KEY-----
+MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwAMBGcwZQIBAQQeE7bhzKZZUm780c0e
+3EBWY1GxD90Mzu7zrQMi7bAzoUADPgAEYgV7bokY6iLMzZTG10c6NDaW11plAm0T
+NKVVwzPqe3ylhsQmmm02LHKX0gN4E1dUS0uClBbMGNq2mhln
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_c2tnb239v2_PUB
+-----BEGIN PUBLIC KEY-----
+MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAwDPgAEYgV7bokY6iLMzZTG10c6NDaW11pl
+Am0TNKVVwzPqe3ylhsQmmm02LHKX0gN4E1dUS0uClBbMGNq2mhln
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_c2tnb239v2:BOB_c2tnb239v2_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_c2tnb239v2
+PeerKey=BOB_c2tnb239v2_PUB
+SharedSecret=4ba2ecfa8ec7a375594d1673886cccf96d7763c55611b3c9008a35160192
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_c2tnb239v2
+PeerKey=ALICE_c2tnb239v2_PUB
+SharedSecret=4ba2ecfa8ec7a375594d1673886cccf96d7763c55611b3c9008a35160192
+
+# TEST CURVE c2tnb239v3
+
+PrivateKey=ALICE_c2tnb239v3
+-----BEGIN PRIVATE KEY-----
+MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwANBGcwZQIBAQQeCxiC5lbHYL1QYbb2
+izZiSoLPnWCZIds811J1N7KtoUADPgAEdHMz+tsuO7VcO9IFgsSWTweLoB1ah5WI
+g6cWrtcUfmO7EGfPwNni4Bf8No7rGGMwbisW0v6Jv2pkTSM8
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_c2tnb239v3_PUB
+-----BEGIN PUBLIC KEY-----
+MFUwEwYHKoZIzj0CAQYIKoZIzj0DAA0DPgAEdHMz+tsuO7VcO9IFgsSWTweLoB1a
+h5WIg6cWrtcUfmO7EGfPwNni4Bf8No7rGGMwbisW0v6Jv2pkTSM8
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_c2tnb239v3:ALICE_c2tnb239v3_PUB
+
+
+PrivateKey=BOB_c2tnb239v3
+-----BEGIN PRIVATE KEY-----
+MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwANBGcwZQIBAQQeBBPxdeU3MohZc5Jx
+7WadLuPSeXeOg75rXC1ElexsoUADPgAEaHwiwQmoqbPij8+l6hLHVQz0AZLBT5uX
+hAh8fhTABKqI7qYShICAAX0tvu3EvQ8BQLP14grxUsSoEqAF
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_c2tnb239v3_PUB
+-----BEGIN PUBLIC KEY-----
+MFUwEwYHKoZIzj0CAQYIKoZIzj0DAA0DPgAEaHwiwQmoqbPij8+l6hLHVQz0AZLB
+T5uXhAh8fhTABKqI7qYShICAAX0tvu3EvQ8BQLP14grxUsSoEqAF
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_c2tnb239v3:BOB_c2tnb239v3_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_c2tnb239v3
+PeerKey=BOB_c2tnb239v3_PUB
+SharedSecret=47ad60e5480375fccd9246c93ab04da8e5da83e1dbf5f177f10a47cb54a0
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_c2tnb239v3
+PeerKey=ALICE_c2tnb239v3_PUB
+SharedSecret=47ad60e5480375fccd9246c93ab04da8e5da83e1dbf5f177f10a47cb54a0
+
+# TEST CURVE c2pnb272w1
+
+PrivateKey=ALICE_c2pnb272w1
+-----BEGIN PRIVATE KEY-----
+MIGMAgEAMBMGByqGSM49AgEGCCqGSM49AwAQBHIwcAIBAQQhAKMtKddENVGjzTU4
+w+hW0SgDOtIElcs52wb40S08j6gMoUgDRgAEfGvSzQo+00VXIDXV7iiGXpI16kzs
+6C8rkchA5sVBBY56nSCp0n4FpIXRzafiFQklJD9OrJzA6PXc7tp2n2XhIwvuOmI=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_c2pnb272w1_PUB
+-----BEGIN PUBLIC KEY-----
+MF0wEwYHKoZIzj0CAQYIKoZIzj0DABADRgAEfGvSzQo+00VXIDXV7iiGXpI16kzs
+6C8rkchA5sVBBY56nSCp0n4FpIXRzafiFQklJD9OrJzA6PXc7tp2n2XhIwvuOmI=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_c2pnb272w1:ALICE_c2pnb272w1_PUB
+
+
+PrivateKey=BOB_c2pnb272w1
+-----BEGIN PRIVATE KEY-----
+MIGMAgEAMBMGByqGSM49AgEGCCqGSM49AwAQBHIwcAIBAQQhAFAKPByX1wlYUpU4
+mECDAxg+VM5aFo4JPlqEzR0b9hI6oUgDRgAEL8+863IU4uxbEY8jVBjhsrG4W6AF
+MF6t+aGvoiKHtEMLQa6U158TRapDWp4eRurm6Idvv7hepCPqOMEGySDUwMECiQM=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_c2pnb272w1_PUB
+-----BEGIN PUBLIC KEY-----
+MF0wEwYHKoZIzj0CAQYIKoZIzj0DABADRgAEL8+863IU4uxbEY8jVBjhsrG4W6AF
+MF6t+aGvoiKHtEMLQa6U158TRapDWp4eRurm6Idvv7hepCPqOMEGySDUwMECiQM=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_c2pnb272w1:BOB_c2pnb272w1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_c2pnb272w1
+PeerKey=BOB_c2pnb272w1_PUB
+SharedSecret=3ae063b2bed6ba8aa28ff35e9bd2673f22ee8087860c86b89429a5b52538216632a3
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_c2pnb272w1
+PeerKey=ALICE_c2pnb272w1_PUB
+SharedSecret=3ae063b2bed6ba8aa28ff35e9bd2673f22ee8087860c86b89429a5b52538216632a3
+
+# TEST CURVE c2pnb304w1
+
+PrivateKey=ALICE_c2pnb304w1
+-----BEGIN PRIVATE KEY-----
+MIGYAgEAMBMGByqGSM49AgEGCCqGSM49AwARBH4wfAIBAQQlAOKzfcV2XOvVsSUh
+oVz3SHGzSCf0q9i+ilz5ZfBxc+5ssjK7jKFQA04ABDc4zQNFaZukj9iz3iXTYdza
+tCOYZvrfOjrbgzl/8PoFxt5q6yJTu35Vu9XVp5pTCtjpDEpywBj0xb07RRuVDEk8
+TthFP5vGeTIWLD4=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_c2pnb304w1_PUB
+-----BEGIN PUBLIC KEY-----
+MGUwEwYHKoZIzj0CAQYIKoZIzj0DABEDTgAENzjNA0Vpm6SP2LPeJdNh3Nq0I5hm
++t86OtuDOX/w+gXG3mrrIlO7flW71dWnmlMK2OkMSnLAGPTFvTtFG5UMSTxO2EU/
+m8Z5MhYsPg==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_c2pnb304w1:ALICE_c2pnb304w1_PUB
+
+
+PrivateKey=BOB_c2pnb304w1
+-----BEGIN PRIVATE KEY-----
+MIGYAgEAMBMGByqGSM49AgEGCCqGSM49AwARBH4wfAIBAQQlAPP4hz6sa+KdTJ4h
+fBeCUiJBfshcZoapkZMFrhI1vdcRY7MeAaFQA04ABMHRUzLiUY7O4nEBdmex31U4
+l6TO/dD+5MV/tVNizVsWjkTvi2fs772lZ9MeNp6QnGMZ5n5subHsa0QOJL1LpmXX
+K0UIWGbW0nQb52g=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_c2pnb304w1_PUB
+-----BEGIN PUBLIC KEY-----
+MGUwEwYHKoZIzj0CAQYIKoZIzj0DABEDTgAEwdFTMuJRjs7icQF2Z7HfVTiXpM79
+0P7kxX+1U2LNWxaORO+LZ+zvvaVn0x42npCcYxnmfmy5sexrRA4kvUumZdcrRQhY
+ZtbSdBvnaA==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_c2pnb304w1:BOB_c2pnb304w1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_c2pnb304w1
+PeerKey=BOB_c2pnb304w1_PUB
+SharedSecret=6df88b20de9f095c7632234291ea4658a9265cd2293424e11ed56705b09a069f09dc4e055eb7
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_c2pnb304w1
+PeerKey=ALICE_c2pnb304w1_PUB
+SharedSecret=6df88b20de9f095c7632234291ea4658a9265cd2293424e11ed56705b09a069f09dc4e055eb7
+
+# TEST CURVE c2tnb359v1
+
+PrivateKey=ALICE_c2tnb359v1
+-----BEGIN PRIVATE KEY-----
+MIGwAgEAMBMGByqGSM49AgEGCCqGSM49AwASBIGVMIGSAgEBBC0BeMU97SvjsIvQ
+1v+Ztf56OCL8JXHxRJDQZ5gWEa4c2b3FZXFVC4CwEPd7cB+hXgNcAAQOBgLp0TzS
+4Hf/VYbJCFuj3OlRC5JMzFV7ox41ubhl5Ij+gHIodu1bQ6cqd0YAb2/30PxwX++N
+NpFvq8u8435zhPYXsut6txOPNU5ZzCeagy2xsKacXSZc7D0=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_c2tnb359v1_PUB
+-----BEGIN PUBLIC KEY-----
+MHMwEwYHKoZIzj0CAQYIKoZIzj0DABIDXAAEDgYC6dE80uB3/1WGyQhbo9zpUQuS
+TMxVe6MeNbm4ZeSI/oByKHbtW0OnKndGAG9v99D8cF/vjTaRb6vLvON+c4T2F7Lr
+ercTjzVOWcwnmoMtsbCmnF0mXOw9
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_c2tnb359v1:ALICE_c2tnb359v1_PUB
+
+
+PrivateKey=BOB_c2tnb359v1
+-----BEGIN PRIVATE KEY-----
+MIGwAgEAMBMGByqGSM49AgEGCCqGSM49AwASBIGVMIGSAgEBBC0BRZ3IIh3mrLIX
+KBbh6Vj7TXNY5bzRuD5/ayHPlHQkJcd8K66dOqu7hgaN91GhXgNcAAQ7njbTQ2xY
+YZtkKswYr8E6P/R3Dg/XEZgQQ72B4qXnqbK/SgYsZAntFg7CRztcTkHjKAgdSz6f
+TRIc4///gwXN3Oi6D8PeswhzPJi/uLmCAHMm3GT6SUO3aTY=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_c2tnb359v1_PUB
+-----BEGIN PUBLIC KEY-----
+MHMwEwYHKoZIzj0CAQYIKoZIzj0DABIDXAAEO54200NsWGGbZCrMGK/BOj/0dw4P
+1xGYEEO9geKl56myv0oGLGQJ7RYOwkc7XE5B4ygIHUs+n00SHOP//4MFzdzoug/D
+3rMIczyYv7i5ggBzJtxk+klDt2k2
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_c2tnb359v1:BOB_c2tnb359v1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_c2tnb359v1
+PeerKey=BOB_c2tnb359v1_PUB
+SharedSecret=1d3f3396492d130caea54233c79833e90a072fe883071bb08cec671ce0319f0bc39c68dda0199952152a5c3563
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_c2tnb359v1
+PeerKey=ALICE_c2tnb359v1_PUB
+SharedSecret=1d3f3396492d130caea54233c79833e90a072fe883071bb08cec671ce0319f0bc39c68dda0199952152a5c3563
+
+# TEST CURVE c2pnb368w1
+
+PrivateKey=ALICE_c2pnb368w1
+-----BEGIN PRIVATE KEY-----
+MIGyAgEAMBMGByqGSM49AgEGCCqGSM49AwATBIGXMIGUAgEBBC0AFagbth/4/M2s
+b1G4FpxbFEVLIulioS34v0hrClpZ38/Z+PHmIhOfEFminyehYANeAAQAU42w7mII
+jkyAdnCC4qoEPdH42fh3oVyCtnaRtKUmdhUdXm0IgSM4T4SYEOsx+aQZLGIjnhHJ
+CabcaKPQ0sai3dirUr2YsNXNDJiU93T7buUr+DnRPGsfBy/nEg==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_c2pnb368w1_PUB
+-----BEGIN PUBLIC KEY-----
+MHUwEwYHKoZIzj0CAQYIKoZIzj0DABMDXgAEAFONsO5iCI5MgHZwguKqBD3R+Nn4
+d6FcgrZ2kbSlJnYVHV5tCIEjOE+EmBDrMfmkGSxiI54RyQmm3Gij0NLGot3Yq1K9
+mLDVzQyYlPd0+27lK/g50TxrHwcv5xI=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_c2pnb368w1:ALICE_c2pnb368w1_PUB
+
+
+PrivateKey=BOB_c2pnb368w1
+-----BEGIN PRIVATE KEY-----
+MIGyAgEAMBMGByqGSM49AgEGCCqGSM49AwATBIGXMIGUAgEBBC0AA/woMzOFy8k2
+zBqBkubhkOIwc7sx0u+JadM9f7V45L4P8nK7bjJasOqrHRahYANeAATKE6jcstac
+H8yWzg/qBgvGoGan2PVwTN/U+68K4WxHO7+oPHviUh1OVF7ZxYjsVSdyno83iHE3
+3sq2Ej6j26f+uVs/fuWk19t8NpAQ6+sVETZszuMDm5adqtVZRQ==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_c2pnb368w1_PUB
+-----BEGIN PUBLIC KEY-----
+MHUwEwYHKoZIzj0CAQYIKoZIzj0DABMDXgAEyhOo3LLWnB/Mls4P6gYLxqBmp9j1
+cEzf1PuvCuFsRzu/qDx74lIdTlRe2cWI7FUncp6PN4hxN97KthI+o9un/rlbP37l
+pNfbfDaQEOvrFRE2bM7jA5uWnarVWUU=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_c2pnb368w1:BOB_c2pnb368w1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_c2pnb368w1
+PeerKey=BOB_c2pnb368w1_PUB
+SharedSecret=d191710b156d1b1d14242843a7f0abf28060bbb9e655655b53852a8b0f250ef1eee37d59364d9791c8e1bc526cbb
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_c2pnb368w1
+PeerKey=ALICE_c2pnb368w1_PUB
+SharedSecret=d191710b156d1b1d14242843a7f0abf28060bbb9e655655b53852a8b0f250ef1eee37d59364d9791c8e1bc526cbb
+
+# TEST CURVE c2tnb431r1
+
+PrivateKey=ALICE_c2tnb431r1
+-----BEGIN PRIVATE KEY-----
+MIHKAgEAMBMGByqGSM49AgEGCCqGSM49AwAUBIGvMIGsAgEBBDUC18JhUt+NCIZ/
+q6kdjNZ7zX72UqpW4K6Uc2bAWu2PXK1aL573LNzu4oUlHfbvuE1BUrxNpaFwA24A
+BDrG8SG4lckR1rrvLRpXYf7Wspmh/fbql+Zpulyl896XtwQK2BkLVRkZ5ixTG4PU
+yb64OiffdSnvIaM++cb7LgJLBBgT3d5le8V1gtxWFFm0NggUyF6glmUqHQL0LuhX
+WS468O6w05KS0AL6vQ==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_c2tnb431r1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGFMBMGByqGSM49AgEGCCqGSM49AwAUA24ABDrG8SG4lckR1rrvLRpXYf7Wspmh
+/fbql+Zpulyl896XtwQK2BkLVRkZ5ixTG4PUyb64OiffdSnvIaM++cb7LgJLBBgT
+3d5le8V1gtxWFFm0NggUyF6glmUqHQL0LuhXWS468O6w05KS0AL6vQ==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_c2tnb431r1:ALICE_c2tnb431r1_PUB
+
+
+PrivateKey=BOB_c2tnb431r1
+-----BEGIN PRIVATE KEY-----
+MIHKAgEAMBMGByqGSM49AgEGCCqGSM49AwAUBIGvMIGsAgEBBDUApanyPgvpfrAu
+1jNAKGpctH71v0+P/kFF9JxdFYarpWEwBBd4tz6CxoYKmvDZ9ukOOqBbX6FwA24A
+BGh3JXuYmh6dGGEmbRhoR2T5pVD/5Mq2ZKKzfzY2NOoKiIs6rVzv2SW7S6BScYlR
+qRWiXCeZVFvT0crDY/5uodkHbcRw6B/Yo/iMN8wLI257Tjm9/C5G+JPCLopCcLIL
+gTwAJM2ZhtPnc08LyQ==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_c2tnb431r1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGFMBMGByqGSM49AgEGCCqGSM49AwAUA24ABGh3JXuYmh6dGGEmbRhoR2T5pVD/
+5Mq2ZKKzfzY2NOoKiIs6rVzv2SW7S6BScYlRqRWiXCeZVFvT0crDY/5uodkHbcRw
+6B/Yo/iMN8wLI257Tjm9/C5G+JPCLopCcLILgTwAJM2ZhtPnc08LyQ==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_c2tnb431r1:BOB_c2tnb431r1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_c2tnb431r1
+PeerKey=BOB_c2tnb431r1_PUB
+SharedSecret=4c4d7d387843ff5152f22f101b0609238819357fae2ccc9097b818e383ef6809cb46671fb514009d4d1d3d0119fba265107302e95748
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_c2tnb431r1
+PeerKey=ALICE_c2tnb431r1_PUB
+SharedSecret=4c4d7d387843ff5152f22f101b0609238819357fae2ccc9097b818e383ef6809cb46671fb514009d4d1d3d0119fba265107302e95748
+
+# TEST CURVE wap-wsg-idm-ecid-wtls1
+
+PrivateKey=ALICE_wap-wsg-idm-ecid-wtls1
+-----BEGIN PRIVATE KEY-----
+MFACAQAwEAYHKoZIzj0CAQYFZysBBAEEOTA3AgEBBA5Xu91qBwxTDmhD/30Kf6Ei
+AyAABAFQSZ0G+afa1x4KwUzBjQEWFNdZoF6UNYGkCRINyg==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_wap-wsg-idm-ecid-wtls1_PUB
+-----BEGIN PUBLIC KEY-----
+MDQwEAYHKoZIzj0CAQYFZysBBAEDIAAEAVBJnQb5p9rXHgrBTMGNARYU11mgXpQ1
+gaQJEg3K
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls1:ALICE_wap-wsg-idm-ecid-wtls1_PUB
+
+
+PrivateKey=BOB_wap-wsg-idm-ecid-wtls1
+-----BEGIN PRIVATE KEY-----
+MFACAQAwEAYHKoZIzj0CAQYFZysBBAEEOTA3AgEBBA5aU6CQ474Z1fH3xAtn/6Ei
+AyAABAFpb4GTc+5vf5nkt4zLxwGZQ6qSbYlH8pUbpvwcqA==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_wap-wsg-idm-ecid-wtls1_PUB
+-----BEGIN PUBLIC KEY-----
+MDQwEAYHKoZIzj0CAQYFZysBBAEDIAAEAWlvgZNz7m9/meS3jMvHAZlDqpJtiUfy
+lRum/Byo
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls1:BOB_wap-wsg-idm-ecid-wtls1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_wap-wsg-idm-ecid-wtls1
+PeerKey=BOB_wap-wsg-idm-ecid-wtls1_PUB
+SharedSecret=0000fc6e280987e8b9bf6e3c7fa003
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_wap-wsg-idm-ecid-wtls1
+PeerKey=ALICE_wap-wsg-idm-ecid-wtls1_PUB
+SharedSecret=0000fc6e280987e8b9bf6e3c7fa003
+
+# TEST CURVE wap-wsg-idm-ecid-wtls3
+
+PrivateKey=ALICE_wap-wsg-idm-ecid-wtls3
+-----BEGIN PRIVATE KEY-----
+MGMCAQAwEAYHKoZIzj0CAQYFZysBBAMETDBKAgEBBBUBN2FFgQiz4KPJ9GEsrj5B
+m908ifuhLgMsAAQBV21Tx3v8+1wFKq7PiloR1CxzmlUDvnyXrs4mNmc5Ns38mzPe
+NueQNo0=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_wap-wsg-idm-ecid-wtls3_PUB
+-----BEGIN PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFZysBBAMDLAAEAVdtU8d7/PtcBSquz4paEdQsc5pVA758
+l67OJjZnOTbN/Jsz3jbnkDaN
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls3:ALICE_wap-wsg-idm-ecid-wtls3_PUB
+
+
+PrivateKey=BOB_wap-wsg-idm-ecid-wtls3
+-----BEGIN PRIVATE KEY-----
+MGMCAQAwEAYHKoZIzj0CAQYFZysBBAMETDBKAgEBBBUA/0Ust7IoJ526zn2wiWBu
+rR5NeSWhLgMsAAQB7d+/zMMti4djhlVnaGqaqonbmo4Cv+iKT1cF3nzXV/KXHSJI
+p9iZeas=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_wap-wsg-idm-ecid-wtls3_PUB
+-----BEGIN PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFZysBBAMDLAAEAe3fv8zDLYuHY4ZVZ2hqmqqJ25qOAr/o
+ik9XBd5811fylx0iSKfYmXmr
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls3:BOB_wap-wsg-idm-ecid-wtls3_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_wap-wsg-idm-ecid-wtls3
+PeerKey=BOB_wap-wsg-idm-ecid-wtls3_PUB
+SharedSecret=00cf1d850f396436be68f1e5502935853ed054511f
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_wap-wsg-idm-ecid-wtls3
+PeerKey=ALICE_wap-wsg-idm-ecid-wtls3_PUB
+SharedSecret=00cf1d850f396436be68f1e5502935853ed054511f
+
+# TEST CURVE wap-wsg-idm-ecid-wtls4
+
+PrivateKey=ALICE_wap-wsg-idm-ecid-wtls4
+-----BEGIN PRIVATE KEY-----
+MFECAQAwEAYHKoZIzj0CAQYFZysBBAQEOjA4AgEBBA8AsuEGufSNSrDPu3Y1Namh
+IgMgAAQAcvPRbArskeBs6W2oOesAHMQo8Lk/FHcYKUfMOKY=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_wap-wsg-idm-ecid-wtls4_PUB
+-----BEGIN PUBLIC KEY-----
+MDQwEAYHKoZIzj0CAQYFZysBBAQDIAAEAHLz0WwK7JHgbOltqDnrABzEKPC5PxR3
+GClHzDim
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls4:ALICE_wap-wsg-idm-ecid-wtls4_PUB
+
+
+PrivateKey=BOB_wap-wsg-idm-ecid-wtls4
+-----BEGIN PRIVATE KEY-----
+MFECAQAwEAYHKoZIzj0CAQYFZysBBAQEOjA4AgEBBA8AFJwmUkKbWdmzvqv+AbWh
+IgMgAAQBriOJSyRL4ro55CbCwekBluEKwIfP64OfJCEfWTU=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_wap-wsg-idm-ecid-wtls4_PUB
+-----BEGIN PUBLIC KEY-----
+MDQwEAYHKoZIzj0CAQYFZysBBAQDIAAEAa4jiUskS+K6OeQmwsHpAZbhCsCHz+uD
+nyQhH1k1
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls4:BOB_wap-wsg-idm-ecid-wtls4_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_wap-wsg-idm-ecid-wtls4
+PeerKey=BOB_wap-wsg-idm-ecid-wtls4_PUB
+SharedSecret=01076232302ca32b5f3daf075e5213
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_wap-wsg-idm-ecid-wtls4
+PeerKey=ALICE_wap-wsg-idm-ecid-wtls4_PUB
+SharedSecret=01076232302ca32b5f3daf075e5213
+
+# TEST CURVE wap-wsg-idm-ecid-wtls5
+
+PrivateKey=ALICE_wap-wsg-idm-ecid-wtls5
+-----BEGIN PRIVATE KEY-----
+MGMCAQAwEAYHKoZIzj0CAQYFZysBBAUETDBKAgEBBBUCmngbaO2S//Ta0ZUhn/nb
+ZydTKD+hLgMsAAQA1792id3hLIu2z0KECkBCUbTSP9UFLu2FTJkLa8qP4ZIrBt5F
+XKJo2Dw=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_wap-wsg-idm-ecid-wtls5_PUB
+-----BEGIN PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFZysBBAUDLAAEANe/dond4SyLts9ChApAQlG00j/VBS7t
+hUyZC2vKj+GSKwbeRVyiaNg8
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls5:ALICE_wap-wsg-idm-ecid-wtls5_PUB
+
+
+PrivateKey=BOB_wap-wsg-idm-ecid-wtls5
+-----BEGIN PRIVATE KEY-----
+MGMCAQAwEAYHKoZIzj0CAQYFZysBBAUETDBKAgEBBBUBraa4aeYxHd9HJ0vLIoCw
+auGKd9yhLgMsAAQHzc2FgfJGasNlMcJNDDrNQElhA1cHD4izqEedmC3ueMu72/Sp
+VF2Ppig=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_wap-wsg-idm-ecid-wtls5_PUB
+-----BEGIN PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFZysBBAUDLAAEB83NhYHyRmrDZTHCTQw6zUBJYQNXBw+I
+s6hHnZgt7njLu9v0qVRdj6Yo
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls5:BOB_wap-wsg-idm-ecid-wtls5_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_wap-wsg-idm-ecid-wtls5
+PeerKey=BOB_wap-wsg-idm-ecid-wtls5_PUB
+SharedSecret=066091c591278f5b949106052b2546aacc20917c20
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_wap-wsg-idm-ecid-wtls5
+PeerKey=ALICE_wap-wsg-idm-ecid-wtls5_PUB
+SharedSecret=066091c591278f5b949106052b2546aacc20917c20
+
+# TEST CURVE wap-wsg-idm-ecid-wtls6
+
+PrivateKey=ALICE_wap-wsg-idm-ecid-wtls6
+-----BEGIN PRIVATE KEY-----
+ME4CAQAwEAYHKoZIzj0CAQYFZysBBAYENzA1AgEBBA5LJwRNrPNMwGyoBP95a6Eg
+Ax4ABMZxFi711Wl5r7tb1XJ9fJ3H1W1MKvVrYvfmNFo=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_wap-wsg-idm-ecid-wtls6_PUB
+-----BEGIN PUBLIC KEY-----
+MDIwEAYHKoZIzj0CAQYFZysBBAYDHgAExnEWLvXVaXmvu1vVcn18ncfVbUwq9Wti
+9+Y0Wg==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls6:ALICE_wap-wsg-idm-ecid-wtls6_PUB
+
+
+PrivateKey=BOB_wap-wsg-idm-ecid-wtls6
+-----BEGIN PRIVATE KEY-----
+ME4CAQAwEAYHKoZIzj0CAQYFZysBBAYENzA1AgEBBA63i1z4Kl8BEE1I3CYU9KEg
+Ax4ABG3Ft5F8wvnGimUAmGQrfqAlVJKdzhNSa3v47Kc=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_wap-wsg-idm-ecid-wtls6_PUB
+-----BEGIN PUBLIC KEY-----
+MDIwEAYHKoZIzj0CAQYFZysBBAYDHgAEbcW3kXzC+caKZQCYZCt+oCVUkp3OE1Jr
+e/jspw==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls6:BOB_wap-wsg-idm-ecid-wtls6_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_wap-wsg-idm-ecid-wtls6
+PeerKey=BOB_wap-wsg-idm-ecid-wtls6_PUB
+SharedSecret=8d184455748c56115ba2183070b0
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_wap-wsg-idm-ecid-wtls6
+PeerKey=ALICE_wap-wsg-idm-ecid-wtls6_PUB
+SharedSecret=8d184455748c56115ba2183070b0
+
+# TEST CURVE wap-wsg-idm-ecid-wtls7
+
+PrivateKey=ALICE_wap-wsg-idm-ecid-wtls7
+-----BEGIN PRIVATE KEY-----
+MGECAQAwEAYHKoZIzj0CAQYFZysBBAcESjBIAgEBBBUAueoisiN+luJEy0wdiI7j
+cALlTqChLAMqAAQ/FWsGxD8vuvEFWXfWReOqvBzqWrF9mdMeTeOE1y9r9POOIUVJ
+PNtL
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_wap-wsg-idm-ecid-wtls7_PUB
+-----BEGIN PUBLIC KEY-----
+MD4wEAYHKoZIzj0CAQYFZysBBAcDKgAEPxVrBsQ/L7rxBVl31kXjqrwc6lqxfZnT
+Hk3jhNcva/TzjiFFSTzbSw==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls7:ALICE_wap-wsg-idm-ecid-wtls7_PUB
+
+
+PrivateKey=BOB_wap-wsg-idm-ecid-wtls7
+-----BEGIN PRIVATE KEY-----
+MGECAQAwEAYHKoZIzj0CAQYFZysBBAcESjBIAgEBBBUAr42vKjbUXFak2mVzFYpu
+yhN/cDyhLAMqAASJZpuFg+n8vscuq+pqfFFPYemnfLdhdAB4JodfR3J5Bzu67hEm
+bIKQ
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_wap-wsg-idm-ecid-wtls7_PUB
+-----BEGIN PUBLIC KEY-----
+MD4wEAYHKoZIzj0CAQYFZysBBAcDKgAEiWabhYPp/L7HLqvqanxRT2Hpp3y3YXQA
+eCaHX0dyeQc7uu4RJmyCkA==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls7:BOB_wap-wsg-idm-ecid-wtls7_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_wap-wsg-idm-ecid-wtls7
+PeerKey=BOB_wap-wsg-idm-ecid-wtls7_PUB
+SharedSecret=990eda6a0406caef965018b97c94d0faa200f6e4
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_wap-wsg-idm-ecid-wtls7
+PeerKey=ALICE_wap-wsg-idm-ecid-wtls7_PUB
+SharedSecret=990eda6a0406caef965018b97c94d0faa200f6e4
+
+# TEST CURVE wap-wsg-idm-ecid-wtls8
+
+PrivateKey=ALICE_wap-wsg-idm-ecid-wtls8
+-----BEGIN PRIVATE KEY-----
+ME8CAQAwEAYHKoZIzj0CAQYFZysBBAgEODA2AgEBBA8A1m62ffl6niuM46XOUyih
+IAMeAAT4mqYAoe7NEtKfEMQs2ofInhZRZCFrFU5cjEWi
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_wap-wsg-idm-ecid-wtls8_PUB
+-----BEGIN PUBLIC KEY-----
+MDIwEAYHKoZIzj0CAQYFZysBBAgDHgAE+JqmAKHuzRLSnxDELNqHyJ4WUWQhaxVO
+XIxFog==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls8:ALICE_wap-wsg-idm-ecid-wtls8_PUB
+
+PrivateKey=BOB_wap-wsg-idm-ecid-wtls8
+-----BEGIN PRIVATE KEY-----
+ME8CAQAwEAYHKoZIzj0CAQYFZysBBAgEODA2AgEBBA8AegTrLoMRyPl4U4xOdg6h
+IAMeAATQKkyQ3jL2Eku6C+vSQazbjjSkzNe67Occqj2P
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_wap-wsg-idm-ecid-wtls8_PUB
+-----BEGIN PUBLIC KEY-----
+MDIwEAYHKoZIzj0CAQYFZysBBAgDHgAE0CpMkN4y9hJLugvr0kGs2440pMzXuuzn
+HKo9jw==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls8:BOB_wap-wsg-idm-ecid-wtls8_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_wap-wsg-idm-ecid-wtls8
+PeerKey=BOB_wap-wsg-idm-ecid-wtls8_PUB
+SharedSecret=7524c547bd6b26644ce70571cb06
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_wap-wsg-idm-ecid-wtls8
+PeerKey=ALICE_wap-wsg-idm-ecid-wtls8_PUB
+SharedSecret=7524c547bd6b26644ce70571cb06
+
+# TEST CURVE wap-wsg-idm-ecid-wtls9
+
+PrivateKey=ALICE_wap-wsg-idm-ecid-wtls9
+-----BEGIN PRIVATE KEY-----
+MGECAQAwEAYHKoZIzj0CAQYFZysBBAkESjBIAgEBBBUAE0376NvzsIXi6XadrVn4
+06obTRChLAMqAARbC1yw9f1uBOVlMf5ZFQewTgyc81Aqh2TFMSRfujCIhdvGTYgR
+tu6F
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_wap-wsg-idm-ecid-wtls9_PUB
+-----BEGIN PUBLIC KEY-----
+MD4wEAYHKoZIzj0CAQYFZysBBAkDKgAEWwtcsPX9bgTlZTH+WRUHsE4MnPNQKodk
+xTEkX7owiIXbxk2IEbbuhQ==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls9:ALICE_wap-wsg-idm-ecid-wtls9_PUB
+
+
+PrivateKey=BOB_wap-wsg-idm-ecid-wtls9
+-----BEGIN PRIVATE KEY-----
+MGECAQAwEAYHKoZIzj0CAQYFZysBBAkESjBIAgEBBBUAd2kfMclaJU2bg8ayTrjZ
+oolI82yhLAMqAAQ0NeW9TKhQeFrrTyMR9Gb55+BneCQSByAShM8Dn3V1FFYz7n0y
+bvBX
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_wap-wsg-idm-ecid-wtls9_PUB
+-----BEGIN PUBLIC KEY-----
+MD4wEAYHKoZIzj0CAQYFZysBBAkDKgAENDXlvUyoUHha608jEfRm+efgZ3gkEgcg
+EoTPA591dRRWM+59Mm7wVw==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls9:BOB_wap-wsg-idm-ecid-wtls9_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_wap-wsg-idm-ecid-wtls9
+PeerKey=BOB_wap-wsg-idm-ecid-wtls9_PUB
+SharedSecret=5ca1d9eed44def2c390fd5bbb16ca2c3a09eb7b1
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_wap-wsg-idm-ecid-wtls9
+PeerKey=ALICE_wap-wsg-idm-ecid-wtls9_PUB
+SharedSecret=5ca1d9eed44def2c390fd5bbb16ca2c3a09eb7b1
+
+# TEST CURVE wap-wsg-idm-ecid-wtls10
+
+PrivateKey=ALICE_wap-wsg-idm-ecid-wtls10
+-----BEGIN PRIVATE KEY-----
+MH0CAQAwEAYHKoZIzj0CAQYFZysBBAoEZjBkAgEBBB01TDgjIGd+gXPZ4esQnWzz
+/y1vzJniUBM5XNyPq6FAAz4ABAHVs5gYpbJzqyO8Lk3nkTwhu4BuXb4wtrgGcY2L
+TwGxkC4Zq4aqLowsexGjVa0IjGKdWz5/TfwLwGpN4A==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_wap-wsg-idm-ecid-wtls10_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwEAYHKoZIzj0CAQYFZysBBAoDPgAEAdWzmBilsnOrI7wuTeeRPCG7gG5dvjC2
+uAZxjYtPAbGQLhmrhqoujCx7EaNVrQiMYp1bPn9N/AvAak3g
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls10:ALICE_wap-wsg-idm-ecid-wtls10_PUB
+
+
+PrivateKey=BOB_wap-wsg-idm-ecid-wtls10
+-----BEGIN PRIVATE KEY-----
+MH0CAQAwEAYHKoZIzj0CAQYFZysBBAoEZjBkAgEBBB0mTqwYwByRuu4zcU1QLKcG
+m8wewuaoKqVSpp8xQaFAAz4ABAEF4xTrWAIF1EacNMqTG3kwxwartAKFFqyOle+w
+BwDi6gra7cFVedD1p5RwD4gZU4QzgCLSwa7xZbBzgg==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_wap-wsg-idm-ecid-wtls10_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwEAYHKoZIzj0CAQYFZysBBAoDPgAEAQXjFOtYAgXURpw0ypMbeTDHBqu0AoUW
+rI6V77AHAOLqCtrtwVV50PWnlHAPiBlThDOAItLBrvFlsHOC
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls10:BOB_wap-wsg-idm-ecid-wtls10_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_wap-wsg-idm-ecid-wtls10
+PeerKey=BOB_wap-wsg-idm-ecid-wtls10_PUB
+SharedSecret=0199de137bc263e25b543994d6315b5a3f1e38e7e1f60662cb5cbaab5f98
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_wap-wsg-idm-ecid-wtls10
+PeerKey=ALICE_wap-wsg-idm-ecid-wtls10_PUB
+SharedSecret=0199de137bc263e25b543994d6315b5a3f1e38e7e1f60662cb5cbaab5f98
+
+# TEST CURVE wap-wsg-idm-ecid-wtls11
+
+PrivateKey=ALICE_wap-wsg-idm-ecid-wtls11
+-----BEGIN PRIVATE KEY-----
+MH4CAQAwEAYHKoZIzj0CAQYFZysBBAsEZzBlAgEBBB4Au6lrzC3RIk3jXmtbeOAp
+LZPR0NUrr6dTf1lSCGqhQAM+AAQBl73V2TEZ8BO4QC+YiBlJ0GmW8WLc3RtS3iIr
+/oUAaDQQAGVJFD3GghjBPfI9KVBcZ2P8tUXUv5ifrWc=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_wap-wsg-idm-ecid-wtls11_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwEAYHKoZIzj0CAQYFZysBBAsDPgAEAZe91dkxGfATuEAvmIgZSdBplvFi3N0b
+Ut4iK/6FAGg0EABlSRQ9xoIYwT3yPSlQXGdj/LVF1L+Yn61n
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls11:ALICE_wap-wsg-idm-ecid-wtls11_PUB
+
+
+PrivateKey=BOB_wap-wsg-idm-ecid-wtls11
+-----BEGIN PRIVATE KEY-----
+MH4CAQAwEAYHKoZIzj0CAQYFZysBBAsEZzBlAgEBBB4AGJuGtQI1FvHfp2AsdKb3
+NVWawjpZQuyM1aelws2hQAM+AAQAdTW3xU6Ijf/Y835Z2hS4fOn6Xmp3O6iblXHr
+nKoBORuxHVRfXkfdL5TqfFpuDghzCyAS6ZMSWhjGV5o=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_wap-wsg-idm-ecid-wtls11_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwEAYHKoZIzj0CAQYFZysBBAsDPgAEAHU1t8VOiI3/2PN+WdoUuHzp+l5qdzuo
+m5Vx65yqATkbsR1UX15H3S+U6nxabg4IcwsgEumTEloYxlea
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls11:BOB_wap-wsg-idm-ecid-wtls11_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_wap-wsg-idm-ecid-wtls11
+PeerKey=BOB_wap-wsg-idm-ecid-wtls11_PUB
+SharedSecret=01ee4b517d8a64be5ee32e10152c7bbcb8cde73a3da8e9643bce173011f7
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_wap-wsg-idm-ecid-wtls11
+PeerKey=ALICE_wap-wsg-idm-ecid-wtls11_PUB
+SharedSecret=01ee4b517d8a64be5ee32e10152c7bbcb8cde73a3da8e9643bce173011f7
+
+# TEST CURVE wap-wsg-idm-ecid-wtls12
+
+PrivateKey=ALICE_wap-wsg-idm-ecid-wtls12
+-----BEGIN PRIVATE KEY-----
+MHgCAQAwEAYHKoZIzj0CAQYFZysBBAwEYTBfAgEBBByAnUvQZhZr1lgTRixSMIx0
+KHuV4t8cbXCW415soTwDOgAE3G8wIl9SJ0mAmuIMWbJpFjf9wO8gKNu6nApye39Y
+hpXeYRL/nm7G6HmiiA5O1iudWC3hDbBH0cc=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_wap-wsg-idm-ecid-wtls12_PUB
+-----BEGIN PUBLIC KEY-----
+ME4wEAYHKoZIzj0CAQYFZysBBAwDOgAE3G8wIl9SJ0mAmuIMWbJpFjf9wO8gKNu6
+nApye39YhpXeYRL/nm7G6HmiiA5O1iudWC3hDbBH0cc=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls12:ALICE_wap-wsg-idm-ecid-wtls12_PUB
+
+
+PrivateKey=BOB_wap-wsg-idm-ecid-wtls12
+-----BEGIN PRIVATE KEY-----
+MHgCAQAwEAYHKoZIzj0CAQYFZysBBAwEYTBfAgEBBBzZ7nt4CrPrk2m5iR64vpkj
+95JHOmzWf4VhRZqdoTwDOgAEukz40I4gWpUmXCM+PLmWGd0IO0XIPQa9KXzXvhbL
+dJH0yFkJ+ClSboOC26gtMTICiPhEgYjeKEQ=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_wap-wsg-idm-ecid-wtls12_PUB
+-----BEGIN PUBLIC KEY-----
+ME4wEAYHKoZIzj0CAQYFZysBBAwDOgAEukz40I4gWpUmXCM+PLmWGd0IO0XIPQa9
+KXzXvhbLdJH0yFkJ+ClSboOC26gtMTICiPhEgYjeKEQ=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls12:BOB_wap-wsg-idm-ecid-wtls12_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_wap-wsg-idm-ecid-wtls12
+PeerKey=BOB_wap-wsg-idm-ecid-wtls12_PUB
+SharedSecret=c75a8283a73312de82c8f99d41a9173a43b8f921e8161dd140131b36
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_wap-wsg-idm-ecid-wtls12
+PeerKey=ALICE_wap-wsg-idm-ecid-wtls12_PUB
+SharedSecret=c75a8283a73312de82c8f99d41a9173a43b8f921e8161dd140131b36
+
+
+Title = ECDH KATs (from RFC 5114, 5903, 7027)
+
+# Keys and shared secrets from RFC 5114
+PrivateKey=PRIME192V1_RFC5114
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBgyP6MWnY6cZZP1lHa8
+FCAAq1vg4knENCahNAMyAATNRkiez9bBBeez0yVm4rEi4kmrqt2HBhJoiHtId99R
+3U3D1v0R8KJvj9OEQxeRbpo=
+-----END PRIVATE KEY-----
+
+PublicKey=PRIME192V1_RFC5114-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEzUZIns/WwQXns9MlZuKxIuJJq6rd
+hwYSaIh7SHffUd1Nw9b9EfCib4/ThEMXkW6a
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = PRIME192V1_RFC5114:PRIME192V1_RFC5114-PUBLIC
+
+
+PrivateKey=PRIME192V1_RFC5114-Peer
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhjH5W7SmdjLJxHbu6a
+tpWrJAoEmTB/z2KhNAMyAARRmhIWgOAEVGa6Id8u7kf1lztQBXfvE9X/YTq01kzu
+OiCHW9sQ+VP2swygcsYKpX8=
+-----END PRIVATE KEY-----
+
+PublicKey=PRIME192V1_RFC5114-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEUZoSFoDgBFRmuiHfLu5H9Zc7UAV3
+7xPV/2E6tNZM7jogh1vbEPlT9rMMoHLGCqV/
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = PRIME192V1_RFC5114-Peer:PRIME192V1_RFC5114-Peer-PUBLIC
+
+
+
+Derive=PRIME192V1_RFC5114
+PeerKey=PRIME192V1_RFC5114-Peer-PUBLIC
+SharedSecret=AD420182633F8526BFE954ACDA376F05E5FF4F837F54FEBE
+
+Derive=PRIME192V1_RFC5114-Peer
+PeerKey=PRIME192V1_RFC5114-PUBLIC
+SharedSecret=AD420182633F8526BFE954ACDA376F05E5FF4F837F54FEBE
+
+PrivateKey=SECP224R1_RFC5114
+-----BEGIN PRIVATE KEY-----
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBy1WOtsKI2nB7u0+PuuKrnp
+y2LjvFx1c+IuJtN/oTwDOgAESd/vMJ+BSIwwTP9as+5aIVQ2fceDMVDgpR8+608r
+XuRXYsT2VMGgxn9Uz4iwFrUbzj18Io1XrbQ=
+-----END PRIVATE KEY-----
+
+PublicKey=SECP224R1_RFC5114-PUBLIC
+-----BEGIN PUBLIC KEY-----
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAESd/vMJ+BSIwwTP9as+5aIVQ2fceDMVDg
+pR8+608rXuRXYsT2VMGgxn9Uz4iwFrUbzj18Io1XrbQ=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = SECP224R1_RFC5114:SECP224R1_RFC5114-PUBLIC
+
+
+PrivateKey=SECP224R1_RFC5114-Peer
+-----BEGIN PRIVATE KEY-----
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBysOxrdPZdw5vanCO6fO44K
+s7SA6fJ/hciLXm0YoTwDOgAEazrJao0M3mpVmb6AMu3xDBYtCorSGVBtzUKiB9SR
+vpnCE6fRyjcG3r/jBfNhr8uzPiYJyLFhitU=
+-----END PRIVATE KEY-----
+
+PublicKey=SECP224R1_RFC5114-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEazrJao0M3mpVmb6AMu3xDBYtCorSGVBt
+zUKiB9SRvpnCE6fRyjcG3r/jBfNhr8uzPiYJyLFhitU=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = SECP224R1_RFC5114-Peer:SECP224R1_RFC5114-Peer-PUBLIC
+
+
+
+
+Derive=SECP224R1_RFC5114
+PeerKey=SECP224R1_RFC5114-Peer-PUBLIC
+SharedSecret=52272F50F46F4EDC9151569092F46DF2D96ECC3B6DC1714A4EA949FA
+
+
+Derive=SECP224R1_RFC5114-Peer
+PeerKey=SECP224R1_RFC5114-PUBLIC
+SharedSecret=52272F50F46F4EDC9151569092F46DF2D96ECC3B6DC1714A4EA949FA
+
+PrivateKey=PRIME256V1_RFC5114
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQggUJkFF8vVvLpao4z
+ehKEmT+vQypavOWehntykdUHo6+hRANCAAQq9QLzvolS8sm1qNQWDQnpcWW+ULxC
+rkpejTtLqDrrFesPr0yphsTThoGg+YctedVnlb1L/25t48D1AV7OXv2F
+-----END PRIVATE KEY-----
+
+PublicKey=PRIME256V1_RFC5114-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEKvUC876JUvLJtajUFg0J6XFlvlC8
+Qq5KXo07S6g66xXrD69MqYbE04aBoPmHLXnVZ5W9S/9ubePA9QFezl79hQ==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = PRIME256V1_RFC5114:PRIME256V1_RFC5114-PUBLIC
+
+
+PrivateKey=PRIME256V1_RFC5114-Peer
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgLOF4jsGX4JbblaIA
+zAqyahnOa8ytViuO7htZN2HPf0GhRANCAASxIN5Ko2SSeVNG6N5sLIZGrgaq6ief
+p3WzqwcV9s5RsJ8bfuziDXte2OxoX6Pwcdg3JwJwkqhBE4XDTd5XCLK2
+-----END PRIVATE KEY-----
+
+PublicKey=PRIME256V1_RFC5114-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEsSDeSqNkknlTRujebCyGRq4Gquon
+n6d1s6sHFfbOUbCfG37s4g17XtjsaF+j8HHYNycCcJKoQROFw03eVwiytg==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = PRIME256V1_RFC5114-Peer:PRIME256V1_RFC5114-Peer-PUBLIC
+
+
+
+
+Derive=PRIME256V1_RFC5114
+PeerKey=PRIME256V1_RFC5114-Peer-PUBLIC
+SharedSecret=DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788
+
+
+Derive=PRIME256V1_RFC5114-Peer
+PeerKey=PRIME256V1_RFC5114-PUBLIC
+SharedSecret=DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788
+
+PrivateKey=SECP384R1_RFC5114
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDSczXqcWZK8kTdFOn9
+EmBxXf2KeWVXHEjXCe56eWKhVtcGqQy8td8phvBf6tuTdvGhZANiAAR5MUjxeHY0
+1dpMbZB0QX0F4FerYvggVNEO5rBAPWJ5VH5qjqnR/XdCfQFv4nqLjGbGxBKUMx0j
+5vSA9PtM1AUEyUc5LpT0w/BrjzmLsp5CNo96aFkj3jtnus7SFKGh0Sg=
+-----END PRIVATE KEY-----
+
+PublicKey=SECP384R1_RFC5114-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEeTFI8Xh2NNXaTG2QdEF9BeBXq2L4IFTR
+DuawQD1ieVR+ao6p0f13Qn0Bb+J6i4xmxsQSlDMdI+b0gPT7TNQFBMlHOS6U9MPw
+a485i7KeQjaPemhZI947Z7rO0hShodEo
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = SECP384R1_RFC5114:SECP384R1_RFC5114-PUBLIC
+
+
+PrivateKey=SECP384R1_RFC5114-Peer
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBS0Xkf20tw+JwPANRW
+wvcCO2ElJiw2p98fgCMRIczj05vlLgDBlKQTLEpsdovNlNKhZANiAARc1Cq5xBtT
+R/dLjU77cIs9WzbbZZFTWbRKvBdke2uZmXidcqhIZa4vIj8StaGrwSDhcUWP6qk5
+qqOov6xGtAS9j21bNIwPpNgM7KFjVsqTMkC96HI0Fajs4DWw7fNnVd4=
+-----END PRIVATE KEY-----
+
+PublicKey=SECP384R1_RFC5114-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEXNQqucQbU0f3S41O+3CLPVs222WRU1m0
+SrwXZHtrmZl4nXKoSGWuLyI/ErWhq8Eg4XFFj+qpOaqjqL+sRrQEvY9tWzSMD6TY
+DOyhY1bKkzJAvehyNBWo7OA1sO3zZ1Xe
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = SECP384R1_RFC5114-Peer:SECP384R1_RFC5114-Peer-PUBLIC
+
+
+
+
+Derive=SECP384R1_RFC5114
+PeerKey=SECP384R1_RFC5114-Peer-PUBLIC
+SharedSecret=5EA1FC4AF7256D2055981B110575E0A8CAE53160137D904C59D926EB1B8456E427AA8A4540884C37DE159A58028ABC0E
+
+
+Derive=SECP384R1_RFC5114-Peer
+PeerKey=SECP384R1_RFC5114-PUBLIC
+SharedSecret=5EA1FC4AF7256D2055981B110575E0A8CAE53160137D904C59D926EB1B8456E427AA8A4540884C37DE159A58028ABC0E
+
+PrivateKey=SECP521R1_RFC5114
+-----BEGIN PRIVATE KEY-----
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBE/gtqCVzXj2XJ2aD
+srdCd7rSczXqcWZK8kMMxPM0WblmnueLP/ubhoMBXTRNy/72+5r0xsRwviVFFs08
+Gh+0c2KhgYkDgYYABAHrs03XVyGr+K3J2+0XiJy7l2XZCnxg8s7wB7sPKybhSIH9
+RELmidYcst0EbuMOP/0g+aRbvfZBPVg6Lb9Zkk/TXAD2tjLRlMA4jiLYQ35VjFUq
+4ZWt/RU/ktdJCDUbL4xO2pTtsJFtG1PAILXuyu0aX8OKIz5IMFh7su40ibO0KlqG
+pA==
+-----END PRIVATE KEY-----
+
+PublicKey=SECP521R1_RFC5114-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQB67NN11chq/itydvtF4icu5dl2Qp8
+YPLO8Ae7Dysm4UiB/URC5onWHLLdBG7jDj/9IPmkW732QT1YOi2/WZJP01wA9rYy
+0ZTAOI4i2EN+VYxVKuGVrf0VP5LXSQg1Gy+MTtqU7bCRbRtTwCC17srtGl/DiiM+
+SDBYe7LuNImztCpahqQ=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = SECP521R1_RFC5114:SECP521R1_RFC5114-PUBLIC
+
+
+PrivateKey=SECP521R1_RFC5114-Peer
+-----BEGIN PRIVATE KEY-----
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAzuNIDYZFoX0knyd2
+0ouuYWlS0Xkf20tw98M3hzKqGyKShEi80dwkltQ1sBBIBm6+T3KQPDYbGp3BGT3C
+ydCJG5ahgYkDgYYABAEOv6/G6F4I0kv//MGkUR2w5jS+6xtt7IxZOa5EdmIBr2IA
+QwupfIrGoOnwizPOfp/utbpO5eDYFRDCQpW4oI0CNQCkpuwwDfniV7A3K156v+8J
+NDZxmneIfrsLGM+Ambn0IStuMKFBnBjgKdNoY8ydRI9Nuk0qDmBxG+VykV+9T+8m
+lQ==
+-----END PRIVATE KEY-----
+
+PublicKey=SECP521R1_RFC5114-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBDr+vxuheCNJL//zBpFEdsOY0vusb
+beyMWTmuRHZiAa9iAEMLqXyKxqDp8Iszzn6f7rW6TuXg2BUQwkKVuKCNAjUApKbs
+MA354lewNyteer/vCTQ2cZp3iH67CxjPgJm59CErbjChQZwY4CnTaGPMnUSPTbpN
+Kg5gcRvlcpFfvU/vJpU=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = SECP521R1_RFC5114-Peer:SECP521R1_RFC5114-Peer-PUBLIC
+
+
+
+
+Derive=SECP521R1_RFC5114
+PeerKey=SECP521R1_RFC5114-Peer-PUBLIC
+SharedSecret=00CDEA89621CFA46B132F9E4CFE2261CDE2D4368EB5656634C7CC98C7A00CDE54ED1866A0DD3E6126C9D2F845DAFF82CEB1DA08F5D87521BB0EBECA77911169C20CC
+
+
+Derive=SECP521R1_RFC5114-Peer
+PeerKey=SECP521R1_RFC5114-PUBLIC
+SharedSecret=00CDEA89621CFA46B132F9E4CFE2261CDE2D4368EB5656634C7CC98C7A00CDE54ED1866A0DD3E6126C9D2F845DAFF82CEB1DA08F5D87521BB0EBECA77911169C20CC
+
+# Keys and shared secrets from RFC 5903
+PrivateKey=PRIME256V1_RFC5903
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgyI8B9RDZrD9wopLa
+ojFt5UTpqriv6EBJxiqcV4YtFDOhRANCAATa0LZTlCIc+bBR4f7KV4fQmN/mN/yQ
+ue+UXQw3clgRgFJxoEYc24JS1h8cRW+j5Zqx9FszrM9fWDieBXe4mQuz
+-----END PRIVATE KEY-----
+
+PublicKey=PRIME256V1_RFC5903-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE2tC2U5QiHPmwUeH+yleH0Jjf5jf8
+kLnvlF0MN3JYEYBScaBGHNuCUtYfHEVvo+WasfRbM6zPX1g4ngV3uJkLsw==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = PRIME256V1_RFC5903:PRIME256V1_RFC5903-PUBLIC
+
+
+PrivateKey=PRIME256V1_RFC5903-Peer
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgxu+cXXiuASoBEWSs
+s5fOIIhoXY8Gv5vgsoOrRkdr7lOhRANCAATRLftSicjU+BIItwJwOYw0IpaXCgvM
+t0xzb8dVRJS/Y1b788o2bMI+gVeFTBPFjWqsI/BGraMPg1PnTzMDmHKr
+-----END PRIVATE KEY-----
+
+PublicKey=PRIME256V1_RFC5903-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE0S37UonI1PgSCLcCcDmMNCKWlwoL
+zLdMc2/HVUSUv2NW+/PKNmzCPoFXhUwTxY1qrCPwRq2jD4NT508zA5hyqw==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = PRIME256V1_RFC5903-Peer:PRIME256V1_RFC5903-Peer-PUBLIC
+
+
+
+
+Derive=PRIME256V1_RFC5903
+PeerKey=PRIME256V1_RFC5903-Peer-PUBLIC
+SharedSecret=D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE
+
+
+Derive=PRIME256V1_RFC5903-Peer
+PeerKey=PRIME256V1_RFC5903-PUBLIC
+SharedSecret=D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE
+
+PrivateKey=SECP384R1_RFC5903
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAJnzxwNNSixpmITXOj
+daZ/diTvfGs8DxYGR7Z0FNzmVeNbU4BB5knuP674lng6sZShZANiAARmeELX0YCs
+LN5vdPN1UfVXVcdkXCDvc+MWNP5ytMVe5t46yAistL20yIcyrulfQaqUgu0fwO65
+yvxJhGJcz8I/ZQMhSeDhRK2gJBgVNaDzjuufz/PCyUfa5ptMY0VzqBw=
+-----END PRIVATE KEY-----
+
+PublicKey=SECP384R1_RFC5903-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZnhC19GArCzeb3TzdVH1V1XHZFwg73Pj
+FjT+crTFXubeOsgIrLS9tMiHMq7pX0GqlILtH8Duucr8SYRiXM/CP2UDIUng4USt
+oCQYFTWg847rn8/zwslH2uabTGNFc6gc
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = SECP384R1_RFC5903:SECP384R1_RFC5903-PUBLIC
+
+
+PrivateKey=SECP384R1_RFC5903-Peer
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBBywd5tL24XUeEZyX7
+7DyUMPq0bMjcUGCFXMm9oKopQuAwgxKRa47Slg5L1Vp0SPyhZANiAATlWNvvU+7N
+49P8z8GuoIqJqYdHXRL9lQ2Dz6QXMrxQnQ0axDoDNt75b9pB0HdKNXHc++x6rPMZ
+ZHIWnoOEMDZ/Zu6+PG5wxBbdXwxodZ3R//g/pAFCIJ3/XqrZbbnmOGw=
+-----END PRIVATE KEY-----
+
+PublicKey=SECP384R1_RFC5903-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE5Vjb71PuzePT/M/BrqCKiamHR10S/ZUN
+g8+kFzK8UJ0NGsQ6Azbe+W/aQdB3SjVx3PvseqzzGWRyFp6DhDA2f2buvjxucMQW
+3V8MaHWd0f/4P6QBQiCd/16q2W255jhs
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = SECP384R1_RFC5903-Peer:SECP384R1_RFC5903-Peer-PUBLIC
+
+
+
+Derive=SECP384R1_RFC5903
+PeerKey=SECP384R1_RFC5903-Peer-PUBLIC
+SharedSecret=11187331C279962D93D604243FD592CB9D0A926F422E47187521287E7156C5C4D603135569B9E9D09CF5D4A270F59746
+
+
+Derive=SECP384R1_RFC5903-Peer
+PeerKey=SECP384R1_RFC5903-PUBLIC
+SharedSecret=11187331C279962D93D604243FD592CB9D0A926F422E47187521287E7156C5C4D603135569B9E9D09CF5D4A270F59746
+
+PrivateKey=SECP521R1_RFC5903
+-----BEGIN PRIVATE KEY-----
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAN63pMZqJ9Nq9s+9B
+GqzMpRI8YayrV7U5Pc5HYIFyoJWqhaMP4cKVLGdx2Te6l3f1lXsmObqwckYvaMJ6
+VzgtSlKhgYkDgYYABAAVQX6E2/KMCtPCeHEzSdx98VPIl6GJG9mLq0NXyey+4eO/
+QuALjjgK6uV8LRB1ZJQYhZQq9af0YBcjxBldF2ztPgF8riC2ZB0u62lXhtjJRhRi
+OdCZ4Y4dWlFMc518tKEK2KeIAVrEBdd5ncdee31bbPImGmp/FQdDi/Ab62yjkm+V
+gg==
+-----END PRIVATE KEY-----
+
+PublicKey=SECP521R1_RFC5903-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAFUF+hNvyjArTwnhxM0ncffFTyJeh
+iRvZi6tDV8nsvuHjv0LgC444CurlfC0QdWSUGIWUKvWn9GAXI8QZXRds7T4BfK4g
+tmQdLutpV4bYyUYUYjnQmeGOHVpRTHOdfLShCtiniAFaxAXXeZ3HXnt9W2zyJhpq
+fxUHQ4vwG+tso5JvlYI=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = SECP521R1_RFC5903:SECP521R1_RFC5903-PUBLIC
+
+
+PrivateKey=SECP521R1_RFC5903-Peer
+-----BEGIN PRIVATE KEY-----
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBRbqZqEevQ3k/3Q6H
+LnzfoWvjD9x4D5e8zD8Hg4AgHpxnfWALNDdXo72/KjFj5ML4acynRYqkpO/8MR9c
+sVFoXrmhgYkDgYYABADQs5daxLeZ9b6hbV4T6a+XHV6bmEyfOXKLXlc5c1ohm5fD
+VkNq3G6VuwNS9r5kpsKRLU7y0EM87SthcWQAEtlGDwFcaCJjg5VuO9Bm55e2I8J8
+4OrC9VGhDCxyTZhSB3uHIgtlNsXECKHSrruOhtZ4rknLVwkfRzIpZXmrRPzRfw/F
+ag==
+-----END PRIVATE KEY-----
+
+PublicKey=SECP521R1_RFC5903-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQA0LOXWsS3mfW+oW1eE+mvlx1em5hM
+nzlyi15XOXNaIZuXw1ZDatxulbsDUva+ZKbCkS1O8tBDPO0rYXFkABLZRg8BXGgi
+Y4OVbjvQZueXtiPCfODqwvVRoQwsck2YUgd7hyILZTbFxAih0q67jobWeK5Jy1cJ
+H0cyKWV5q0T80X8PxWo=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = SECP521R1_RFC5903-Peer:SECP521R1_RFC5903-Peer-PUBLIC
+
+
+Derive=SECP521R1_RFC5903
+PeerKey=SECP521R1_RFC5903-Peer-PUBLIC
+SharedSecret=01144C7D79AE6956BC8EDB8E7C787C4521CB086FA64407F97894E5E6B2D79B04D1427E73CA4BAA240A34786859810C06B3C715A3A8CC3151F2BEE417996D19F3DDEA
+
+
+Derive=SECP521R1_RFC5903-Peer
+PeerKey=SECP521R1_RFC5903-PUBLIC
+SharedSecret=01144C7D79AE6956BC8EDB8E7C787C4521CB086FA64407F97894E5E6B2D79B04D1427E73CA4BAA240A34786859810C06B3C715A3A8CC3151F2BEE417996D19F3DDEA
diff --git a/test/recipes/30-test_evp_data/evppkey_ecdsa.txt b/test/recipes/30-test_evp_data/evppkey_ecdsa.txt
new file mode 100644
index 0000000000..0af8c8f144
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evppkey_ecdsa.txt
@@ -0,0 +1,110 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+# The keyword Availablein must appear before the test name if needed.
+
+# Public key algorithm tests
+
+# Private keys used for PKEY operations.
+
+# EC P-256 key
+
+PrivateKey=P-256
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgiocvtiiTxNH/xbnw
++RdYBp+DUuCPoFpJ+NuSbLVyhyWhRANCAAQsFQ9CnOcPIWwlLPXgYs4fY5zV0WXH
++JQkBywnGX14szuSDpXNtmTpkNzwz+oNlOKo5q+dDlgFbmUxBJJbn+bJ
+-----END PRIVATE KEY-----
+
+# EC public key for above
+
+PublicKey=P-256-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAELBUPQpznDyFsJSz14GLOH2Oc1dFl
+x/iUJAcsJxl9eLM7kg6VzbZk6ZDc8M/qDZTiqOavnQ5YBW5lMQSSW5/myQ==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = P-256:P-256-PUBLIC
+
+Title = ECDSA tests
+
+Verify = P-256
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1234"
+Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
+
+# Digest too long
+Verify = P-256
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF12345"
+Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
+Result = VERIFY_ERROR
+
+# Digest too short
+Verify = P-256
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF123"
+Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
+Result = VERIFY_ERROR
+
+# Digest invalid
+Verify = P-256
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1235"
+Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
+Result = VERIFY_ERROR
+
+# Invalid signature
+Verify = P-256
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1234"
+Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec7
+Result = VERIFY_ERROR
+
+# Garbage after signature
+Availablein = default
+Verify = P-256
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1234"
+Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec800
+Result = VERIFY_ERROR
+
+# BER signature
+Verify = P-256
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1234"
+Output = 3080022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec80000
+Result = VERIFY_ERROR
+
+Verify = P-256-PUBLIC
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1234"
+Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
+
+
+Title = DigestSign and DigestVerify
+
+DigestVerify = SHA256
+Key = P-256-PUBLIC
+Input = "Hello World"
+Output = 3046022100e7515177ec3817b77a4a94066ab3070817b7aa9d44a8a09f040da250116e8972022100ba59b0f631258e59a9026be5d84f60685f4cf22b9165a0c2736d5c21c8ec1862
+
+# Invalid digest
+DigestVerify = MD5
+Key = P-256-PUBLIC
+Result = DIGESTVERIFYINIT_ERROR
+
+# Oneshot tests
+OneShotDigestVerify = SHA256
+Key = P-256-PUBLIC
+Input = "Hello World"
+Output = 3046022100e7515177ec3817b77a4a94066ab3070817b7aa9d44a8a09f040da250116e8972022100ba59b0f631258e59a9026be5d84f60685f4cf22b9165a0c2736d5c21c8ec1862
diff --git a/test/recipes/30-test_evp_data/evppkey_ecx.txt b/test/recipes/30-test_evp_data/evppkey_ecx.txt
new file mode 100644
index 0000000000..e7f6c1a16f
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evppkey_ecx.txt
@@ -0,0 +1,582 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+
+# Public key algorithm tests
+
+# Private keys used for PKEY operations.
+
+Title = X25519 test vectors (from RFC7748 6.1)
+
+PrivateKey=Alice-25519
+-----BEGIN PRIVATE KEY-----
+MC4CAQAwBQYDK2VuBCIEIHcHbQpzGKV9PBbBclGyZkXfTC+H68CZKrF3+6UduSwq
+-----END PRIVATE KEY-----
+
+PublicKey=Alice-25519-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MCowBQYDK2VuAyEAhSDwCYkwp1R0i33ctD73Wg2/Og0mOBr066SpjqqbTmo=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = Alice-25519:Alice-25519-PUBLIC
+
+PrivateKey=Bob-25519
+-----BEGIN PRIVATE KEY-----
+MC4CAQAwBQYDK2VuBCIEIF2rCH5iSopLeeF/i4OADuZvO7EpJhi2/Rwviyf/iODr
+-----END PRIVATE KEY-----
+
+PublicKey=Bob-25519-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MCowBQYDK2VuAyEA3p7bfXt9wbTTW2HC7OQ1Nz+DQ8hbeGdNrfx+FG+IK08=
+-----END PUBLIC KEY-----
+
+#Raw  versions of the same keys as above
+
+PrivateKeyRaw=Alice-25519-Raw:X25519:77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a
+
+PublicKeyRaw=Alice-25519-PUBLIC-Raw:X25519:8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a
+
+PrivPubKeyPair = Alice-25519-Raw:Alice-25519-PUBLIC-Raw
+
+PrivateKeyRaw=Bob-25519-Raw:X25519:5dab087e624a8a4b79e17f8b83800ee66f3bb1292618b6fd1c2f8b27ff88e0eb
+
+PublicKeyRaw=Bob-25519-PUBLIC-Raw:X25519:de9edb7d7b7dc1b4d35b61c2ece435373f8343c85b78674dadfc7e146f882b4f
+
+PrivPubKeyPair = Bob-25519:Bob-25519-PUBLIC
+
+PrivPubKeyPair = Bob-25519-Raw:Bob-25519-PUBLIC-Raw
+
+Derive=Alice-25519
+PeerKey=Bob-25519-PUBLIC
+SharedSecret=4A5D9D5BA4CE2DE1728E3BF480350F25E07E21C947D19E3376F09B3C1E161742
+
+Derive=Bob-25519
+PeerKey=Alice-25519-PUBLIC
+SharedSecret=4A5D9D5BA4CE2DE1728E3BF480350F25E07E21C947D19E3376F09B3C1E161742
+
+Derive=Alice-25519-Raw
+PeerKey=Bob-25519-PUBLIC-Raw
+SharedSecret=4A5D9D5BA4CE2DE1728E3BF480350F25E07E21C947D19E3376F09B3C1E161742
+
+Derive=Bob-25519-Raw
+PeerKey=Alice-25519-PUBLIC-Raw
+SharedSecret=4A5D9D5BA4CE2DE1728E3BF480350F25E07E21C947D19E3376F09B3C1E161742
+
+# Illegal sign/verify operations with X25519 key
+
+Sign=Alice-25519
+Result = KEYOP_INIT_ERROR
+Reason = operation not supported for this keytype
+
+Verify=Alice-25519
+Result = KEYOP_INIT_ERROR
+Reason = operation not supported for this keytype
+
+Title = X448 test vectors (from RFC7748 6.2)
+
+PrivateKey=Alice-448
+-----BEGIN PRIVATE KEY-----
+MEYCAQAwBQYDK2VvBDoEOJqPSSXRUZ9Xdc9GsEtYANTunui66LxVZdSYwo3Zybr1
+dKlBl0SJc5EAY4Km8SerHZrC2MClmHJr
+-----END PRIVATE KEY-----
+
+PublicKey=Alice-448-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEIwBQYDK2VvAzkAmwj3zDG34+Z9ItWuoSEHSic70rg94Jxj+qc9LCLF2bvINmRy
+QdlT1AxbEtqIEg1TF3+A5TLEH6A=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = Alice-448:Alice-448-PUBLIC
+
+PrivateKey=Bob-448
+-----BEGIN PRIVATE KEY-----
+MEYCAQAwBQYDK2VvBDoEOBwwanrCoOLgmQspRHDLoznmRTdysHWBHY+tDR1pJ8Eg
+u17olysNPiE3TJySGwnRsDZvELZRc5kt
+-----END PRIVATE KEY-----
+
+PublicKey=Bob-448-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEIwBQYDK2VvAzkAPreoKbDNIPW8/AtZm2/sz22kYnEHvbDU80W0MCfYuXL8PjT7
+QjKhPKcG3LV67D2uB73BxnvzNgk=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = Bob-448:Bob-448-PUBLIC
+
+#Raw  versions of the same keys as above
+
+PrivateKeyRaw=Alice-448-Raw:X448:9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b
+
+PublicKeyRaw=Alice-448-PUBLIC-Raw:X448:9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0
+
+PrivPubKeyPair = Alice-448-Raw:Alice-448-PUBLIC-Raw
+
+PrivateKeyRaw=Bob-448-Raw:X448:1c306a7ac2a0e2e0990b294470cba339e6453772b075811d8fad0d1d6927c120bb5ee8972b0d3e21374c9c921b09d1b0366f10b65173992d
+
+PublicKeyRaw=Bob-448-PUBLIC-Raw:X448:3eb7a829b0cd20f5bcfc0b599b6feccf6da4627107bdb0d4f345b43027d8b972fc3e34fb4232a13ca706dcb57aec3dae07bdc1c67bf33609
+
+PrivPubKeyPair = Bob-448-Raw:Bob-448-PUBLIC-Raw
+
+PublicKeyRaw=Bob-448-PUBLIC-Raw-NonCanonical:X448:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
+
+Derive=Alice-448
+PeerKey=Bob-448-PUBLIC
+SharedSecret=07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d
+
+Derive=Bob-448
+PeerKey=Alice-448-PUBLIC
+SharedSecret=07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d
+
+Derive=Alice-448-Raw
+PeerKey=Bob-448-PUBLIC-Raw
+SharedSecret=07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d
+
+Derive=Bob-448-Raw
+PeerKey=Alice-448-PUBLIC-Raw
+SharedSecret=07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d
+
+# Self-generated non-canonical
+Derive=Alice-448-Raw
+PeerKey=Bob-448-PUBLIC-Raw-NonCanonical
+SharedSecret=66e2e682b1f8e68c809f1bb3e406bd826921d9c1a5bfbfcbab7ae72feecee63660eabd54934f3382061d17607f581a90bdac917a064959fb
+
+# Illegal sign/verify operations with X448 key
+
+Sign=Alice-448
+Result = KEYOP_INIT_ERROR
+Reason = operation not supported for this keytype
+
+Verify=Alice-448
+Result = KEYOP_INIT_ERROR
+Reason = operation not supported for this keytype
+
+Title = ED25519 tests from RFC8032
+
+PrivateKey=ED25519-1
+-----BEGIN PRIVATE KEY-----
+MC4CAQAwBQYDK2VwBCIEIJ1hsZ3v/VpguoRK9JLsLMREScVpezJpGXA7rAMcrn9g
+-----END PRIVATE KEY-----
+
+PrivateKey=ED25519-2
+-----BEGIN PRIVATE KEY-----
+MC4CAQAwBQYDK2VwBCIEIEzNCJso/5banbbDRuwRTg9bijGfNaumJNqM9u1PuKb7
+-----END PRIVATE KEY-----
+
+PrivateKey=ED25519-3
+-----BEGIN PRIVATE KEY-----
+MC4CAQAwBQYDK2VwBCIEIMWqjfQ/n4N77bdELzHct7Fm04U1B28JS4XOOi4LRFj3
+-----END PRIVATE KEY-----
+
+PrivateKey=ED25519-4
+-----BEGIN PRIVATE KEY-----
+MC4CAQAwBQYDK2VwBCIEIPXldnzxUzGVF2MPImh2uGyBYMxYO8ATdExr8lX1zA7l
+-----END PRIVATE KEY-----
+
+PrivateKey=ED25519-5
+-----BEGIN PRIVATE KEY-----
+MC4CAQAwBQYDK2VwBCIEIIM/5iQJI3udYux3WHUgkR6adZzsHRl1W32pAbltyj1C
+-----END PRIVATE KEY-----
+
+PublicKey=ED25519-1-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MCowBQYDK2VwAyEA11qYAYKxCrfVS/7TyWQHOg7hcvPapiMlrwIaaPcHURo=
+-----END PUBLIC KEY-----
+
+PublicKey=ED25519-2-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MCowBQYDK2VwAyEAPUAXw+hDiVqStwqnTRt+vJyYLM8uxJaMwM1V8Sr0Zgw=
+-----END PUBLIC KEY-----
+
+PublicKey=ED25519-3-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MCowBQYDK2VwAyEA/FHNjmIYoaONpH7QAjDwWAgW7RO6MwOsXeuRFUiQgCU=
+-----END PUBLIC KEY-----
+
+PublicKey=ED25519-4-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MCowBQYDK2VwAyEAJ4EX/BRMcjQPZ9DyMW6Dhs7/vyskKMnFH+98WX8dQm4=
+-----END PUBLIC KEY-----
+
+PublicKey=ED25519-5-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MCowBQYDK2VwAyEA7Bcrk61eVjv0kyxw4SRQNMNUZ+8u/U1k6/gZaDRn4r8=
+-----END PUBLIC KEY-----
+
+#Raw versions of the ED25519-1 keys
+PrivateKeyRaw=ED25519-1-Raw:ED25519:9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60
+
+PublicKeyRaw=ED25519-1-PUBLIC-Raw:ED25519:d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a
+
+PrivPubKeyPair = ED25519-1:ED25519-1-PUBLIC
+
+PrivPubKeyPair = ED25519-1-Raw:ED25519-1-PUBLIC-Raw
+
+OneShotDigestSign = NULL
+Key = ED25519-1
+Input = ""
+Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b
+
+PrivPubKeyPair = ED25519-2:ED25519-2-PUBLIC
+
+OneShotDigestSign = NULL
+Key = ED25519-2
+Input = 72
+Output = 92a009a9f0d4cab8720e820b5f642540a2b27b5416503f8fb3762223ebdb69da085ac1e43e15996e458f3613d0f11d8c387b2eaeb4302aeeb00d291612bb0c00
+
+PrivPubKeyPair = ED25519-3:ED25519-3-PUBLIC
+
+OneShotDigestSign = NULL
+Key = ED25519-3
+Input = af82
+Output = 6291d657deec24024827e69c3abe01a30ce548a284743a445e3680d7db5ac3ac18ff9b538d16f290ae67f760984dc6594a7c15e9716ed28dc027beceea1ec40a
+
+PrivPubKeyPair = ED25519-4:ED25519-4-PUBLIC
+
+OneShotDigestSign = NULL
+Key = ED25519-4
+Input = 08b8b2b733424243760fe426a4b54908632110a66c2f6591eabd3345e3e4eb98fa6e264bf09efe12ee50f8f54e9f77b1e355f6c50544e23fb1433ddf73be84d879de7c0046dc4996d9e773f4bc9efe5738829adb26c81b37c93a1b270b20329d658675fc6ea534e0810a4432826bf58c941efb65d57a338bbd2e26640f89ffbc1a858efcb8550ee3a5e1998bd177e93a7363c344fe6b199ee5d02e82d522c4feba15452f80288a821a579116ec6dad2b3b310da903401aa62100ab5d1a36553e06203b33890cc9b832f79ef80560ccb9a39ce767967ed628c6ad573cb116dbefefd75499da96bd68a8a97b928a8bbc103b6621fcde2beca1231d206be6cd9ec7aff6f6c94fcd7204ed3455c68c83f4a41da4af2b74ef5c53f1d8ac70bdcb7ed185ce81bd84359d44254d95629e9855a94a7c1958d1f8ada5d0532ed8a5aa3fb2d17ba70eb6248e594e1a2297acbbb39d502f1a8c6eb6f1ce22b3de1a1f40cc24554119a831a9aad6079cad88425de6bde1a9187ebb6092cf67bf2b13fd65f27088d78b7e883c8759d2c4f5c65adb7553878ad575f9fad878e80a0c9ba63bcbcc2732e69485bbc9c90bfbd62481d9089beccf80cfe2df16a2cf65bd92dd597b0707e0917af48bbb75fed413d238f5555a7a569d80c3414a8d0859dc65a46128bab27af87a71314f318c782b23ebfe808b82b0ce26401d2e22f04d83d1255dc51addd3b75a2b1ae0784504df543af8969be3ea7082ff7fc9888c144da2af58429ec96031dbcad3dad9af0dcbaaaf268cb8fcffead94f3c7ca495e056a9b47acdb751fb73e666c6c655ade8297297d07ad1ba5e43f1bca32301651339e22904cc8c42f58c30c04aafdb038dda0847dd988dcda6f3bfd15c4b4c4525004aa06eeff8ca61783aacec57fb3d1f92b0fe2fd1a85f6724517b65e614ad6808d6f6ee34dff7310fdc82aebfd904b01e1dc54b2927094b2db68d6f903b68401adebf5a7e08d78ff4ef5d63653a65040cf9bfd4aca7984a74d37145986780fc0b16ac451649de6188a7dbdf191f64b5fc5e2ab47b57f7f7276cd419c17a3ca8e1b939ae49e488acba6b965610b5480109c8b17b80e1b7b750dfc7598d5d5011fd2dcc5600a32ef5b52a1ecc820e308aa342721aac0943bf6686b64b2579376504ccc493d97e6aed3fb0f9cd71a43dd497f01f17c0e2cb3797aa2a2f256656168e6c496afc5fb93246f6b1116398a346f1a641f3b041e989f7914f90cc2c7fff357876e506b50d334ba77c225bc307ba537152f3f1610e4eafe595f6d9d90d11faa933a15ef1369546868a7f3a45a96768d40fd9d03412c091c6315cf4fde7cb68606937380db2eaaa707b4c4185c32eddcdd306705e4dc1ffc872eeee475a64dfac86aba41c0618983f8741c5ef68d3a101e8a3b8cac60c905c15fc910840b94c00a0b9d0
+Output = 0aab4c900501b3e24d7cdf4663326a3a87df5e4843b2cbdb67cbf6e460fec350aa5371b1508f9f4528ecea23c436d94b5e8fcd4f681e30a6ac00a9704a188a03
+
+PrivPubKeyPair = ED25519-5:ED25519-5-PUBLIC
+
+OneShotDigestSign = NULL
+Key = ED25519-5
+Input = ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f
+Output = dc2a4459e7369633a52b1bf277839a00201009a3efbf3ecb69bea2186c26b58909351fc9ac90b3ecfdfbc7c66431e0303dca179c138ac17ad9bef1177331a704
+
+# Verify test
+OneShotDigestVerify = NULL
+Key = ED25519-1-PUBLIC
+Input = ""
+Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b
+
+# Corrupted input
+OneShotDigestVerify = NULL
+Key = ED25519-1-PUBLIC
+Input = "bad"
+Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b
+Result = VERIFY_ERROR
+
+# Corrupted signature
+OneShotDigestVerify = NULL
+Key = ED25519-1-PUBLIC
+Input = ""
+Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100c
+Result = VERIFY_ERROR
+
+PrivPubKeyPair = ED25519-1:ED25519-2-PUBLIC
+Result = KEYPAIR_MISMATCH
+
+# Make sure update calls return an error
+DigestSign = NULL
+Key = ED25519-1
+Input = "Test"
+Result = DIGESTUPDATE_ERROR
+
+DigestVerify = NULL
+Key = ED25519-1-PUBLIC
+Input = "Test"
+Result = DIGESTUPDATE_ERROR
+
+# Attempt to set invalid digest
+DigestSign = SHA256
+Key = ED25519-1
+Result = DIGESTSIGNINIT_ERROR
+
+# Raw tests
+
+OneShotDigestSign = NULL
+Key = ED25519-1-Raw
+Input = ""
+Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b
+
+OneShotDigestVerify = NULL
+Key = ED25519-1-PUBLIC-Raw
+Input = ""
+Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b
+
+#Signature maleability test.
+#Same as the verify operation above but with the order added to s
+OneShotDigestVerify = NULL
+Key = ED25519-1-PUBLIC-Raw
+Input = ""
+Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901554c8c7872aa064e049dbb3013fbf29380d25bf5f0595bbe24655141438e7a101b
+Result = VERIFY_ERROR
+
+Title = ED448 tests from RFC8032
+
+PrivateKey=ED448-1
+-----BEGIN PRIVATE KEY-----
+MEcCAQAwBQYDK2VxBDsEOWyCpWLLgI0Q1jK+ichRPr9skp803fqMn2PJlg7240ij
+UoyKP8wvBE45o/xblEkvjwMudUmiAJj5Ww==
+-----END PRIVATE KEY-----
+
+PrivateKey=ED448-2
+-----BEGIN PRIVATE KEY-----
+MEcCAQAwBQYDK2VxBDsEOcTqsF01cAfGMvPbtISJkk1VKwj+DDU6DUofAKzaLEY6
+++pnxejSh3xeO8OXplmUnvgCHpVOChInTg==
+-----END PRIVATE KEY-----
+
+PrivateKey=ED448-3
+-----BEGIN PRIVATE KEY-----
+MEcCAQAwBQYDK2VxBDsEOc0j0k9xQnTnRDQyN7kykPUR9kJfmOZEWf8gPomFCD/9
+9gUAVTq8DgXNAhhL24nEzNZ+GHlRJn6zKA==
+-----END PRIVATE KEY-----
+
+PrivateKey=ED448-4
+-----BEGIN PRIVATE KEY-----
+MEcCAQAwBQYDK2VxBDsEOSWM3UraMu2cn/VOY3Vq5YL7j6sqxyHyyOZ2pydoUT2T
+n2Pd21VgkTPymt+G7Jkp3MtSwcX9L/fiGw==
+-----END PRIVATE KEY-----
+
+PrivateKey=ED448-5
+-----BEGIN PRIVATE KEY-----
+MEcCAQAwBQYDK2VxBDsEOX706EVEI2dS+7VrjzGiOhDkKBT19VygN83MEcZMmjsp
+ScG7YHADFGEXMqbC/qmO68AmahGpOXAQDg==
+-----END PRIVATE KEY-----
+
+PrivateKey=ED448-6
+-----BEGIN PRIVATE KEY-----
+MEcCAQAwBQYDK2VxBDsEOdZd80GtE+AIVnaIuu3ajp3NwX3AJJdOpbQie2Uw4zm/
+8h+Z5oymlo88ym3+D7n0+rT6E11VQuo/AQ==
+-----END PRIVATE KEY-----
+
+PrivateKey=ED448-7
+-----BEGIN PRIVATE KEY-----
+MEcCAQAwBQYDK2VxBDsEOS7F/jwXBFq9sTal5qkT4yq3WuaLU9L8FJt35QQTLTdW
+m352a6dKGb1hYjQ6IchZCqnOvKkBTGNt9Q==
+-----END PRIVATE KEY-----
+
+PrivateKey=ED448-8
+-----BEGIN PRIVATE KEY-----
+MEcCAQAwBQYDK2VxBDsEOYctCTeA9dNzDffCEmZLN7ig8k9WgQ2qg4LNT6P3djTs
+RNxU8cLtm+qG+vt2Mti+GZ6hZfWtVd2c6A==
+-----END PRIVATE KEY-----
+
+PublicKey=ED448-1-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEMwBQYDK2VxAzoAX9dEm1m0Yf0s54fsYWrUah2hNCSFpw4fig6nXYDpZ3jt8SR2
+m0bHBhvWeD3x5Q9s0foavq/oJWGA
+-----END PUBLIC KEY-----
+
+PublicKey=ED448-2-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEMwBQYDK2VxAzoAQ7oo9DDN/0Vq5TFUX37NCsg0pV2TWMA3K/oMbGeYwIZq6gHr
+AHQoArhDjqTLghacI1FgYntMOpSA
+-----END PUBLIC KEY-----
+
+PublicKey=ED448-3-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEMwBQYDK2VxAzoA3OqeePNaG/NJmoMbELhskKrAHNhLZ6AQm1WjbpMoseNl/OFh
+1xznExpUPqTLX36fHYsAaWRHABQA
+-----END PUBLIC KEY-----
+
+PublicKey=ED448-4-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEMwBQYDK2VxAzoAO6FtoMbyzB8wGHdAdW9eeY1rxfwBXXxjzJUQ7j/UStwk2Olo
+tuRub5TRm5RTYXJr114UnvCYF/WA
+-----END PUBLIC KEY-----
+
+PublicKey=ED448-5-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEMwBQYDK2VxAzoAs9oHmwqkk6V3ICnwRnuuvuWoES2dOiJTI2HaKU97s4FcXcWe
+F2tNnzgcoJOOE8bAexdL5l36V46A
+-----END PUBLIC KEY-----
+
+PublicKey=ED448-6-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEMwBQYDK2VxAzoA35cF9Y7bq4Asf4Njz+VWCrHGEywgqfHdFjSDom+KxTo51oCL
+9KHfvSYbCZuwOz+1CQbLKL2KCB8A
+-----END PUBLIC KEY-----
+
+PublicKey=ED448-7-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEMwBQYDK2VxAzoAeXVvAU3P4gefXdnnGL5BceLvJIagjyUYb2v/Q6mTa5v+EkAr
+CK5leYo9geIunsgOdpCGLvPU7ToA
+-----END PUBLIC KEY-----
+
+PublicKey=ED448-8-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEMwBQYDK2VxAzoAqBsuinClrJT/28ybrfw/6wgB8lhXi7EUrUTs4ewOeZ2gjv+4
+HF1oXAxW9k7srvjN8RzDhzeDjPQA
+-----END PUBLIC KEY-----
+
+#Raw versions of the ED448-1 keys
+PrivateKeyRaw=ED448-1-Raw:ED448:6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b
+
+PublicKeyRaw=ED448-1-PUBLIC-Raw:ED448:5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180
+
+PrivPubKeyPair = ED448-1:ED448-1-PUBLIC
+
+PrivPubKeyPair = ED448-2:ED448-2-PUBLIC
+
+PrivPubKeyPair = ED448-3:ED448-3-PUBLIC
+
+PrivPubKeyPair = ED448-4:ED448-4-PUBLIC
+
+PrivPubKeyPair = ED448-5:ED448-5-PUBLIC
+
+PrivPubKeyPair = ED448-6:ED448-6-PUBLIC
+
+PrivPubKeyPair = ED448-7:ED448-7-PUBLIC
+
+PrivPubKeyPair = ED448-8:ED448-8-PUBLIC
+
+PrivPubKeyPair = ED448-1-Raw:ED448-1-PUBLIC-Raw
+
+OneShotDigestSign = NULL
+Key = ED448-1
+Input = ""
+Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652600
+
+OneShotDigestSign = NULL
+Key = ED448-2
+Input = 03
+Output = 26b8f91727bd62897af15e41eb43c377efb9c610d48f2335cb0bd0087810f4352541b143c4b981b7e18f62de8ccdf633fc1bf037ab7cd779805e0dbcc0aae1cbcee1afb2e027df36bc04dcecbf154336c19f0af7e0a6472905e799f1953d2a0ff3348ab21aa4adafd1d234441cf807c03a00
+
+OneShotDigestSign = NULL
+Key = ED448-3
+Input = 0c3e544074ec63b0265e0c
+Output = 1f0a8888ce25e8d458a21130879b840a9089d999aaba039eaf3e3afa090a09d389dba82c4ff2ae8ac5cdfb7c55e94d5d961a29fe0109941e00b8dbdeea6d3b051068df7254c0cdc129cbe62db2dc957dbb47b51fd3f213fb8698f064774250a5028961c9bf8ffd973fe5d5c206492b140e00
+
+OneShotDigestSign = NULL
+Key = ED448-4
+Input = 64a65f3cdedcdd66811e2915
+Output = 7eeeab7c4e50fb799b418ee5e3197ff6bf15d43a14c34389b59dd1a7b1b85b4ae90438aca634bea45e3a2695f1270f07fdcdf7c62b8efeaf00b45c2c96ba457eb1a8bf075a3db28e5c24f6b923ed4ad747c3c9e03c7079efb87cb110d3a99861e72003cbae6d6b8b827e4e6c143064ff3c00
+
+OneShotDigestSign = NULL
+Key = ED448-5
+Input = 64a65f3cdedcdd66811e2915e7
+Output = 6a12066f55331b6c22acd5d5bfc5d71228fbda80ae8dec26bdd306743c5027cb4890810c162c027468675ecf645a83176c0d7323a2ccde2d80efe5a1268e8aca1d6fbc194d3f77c44986eb4ab4177919ad8bec33eb47bbb5fc6e28196fd1caf56b4e7e0ba5519234d047155ac727a1053100
+
+OneShotDigestSign = NULL
+Key = ED448-6
+Input = bd0f6a3747cd561bdddf4640a332461a4a30a12a434cd0bf40d766d9c6d458e5512204a30c17d1f50b5079631f64eb3112182da3005835461113718d1a5ef944
+Output = 554bc2480860b49eab8532d2a533b7d578ef473eeb58c98bb2d0e1ce488a98b18dfde9b9b90775e67f47d4a1c3482058efc9f40d2ca033a0801b63d45b3b722ef552bad3b4ccb667da350192b61c508cf7b6b5adadc2c8d9a446ef003fb05cba5f30e88e36ec2703b349ca229c2670833900
+
+OneShotDigestSign = NULL
+Key = ED448-7
+Input = 15777532b0bdd0d1389f636c5f6b9ba734c90af572877e2d272dd078aa1e567cfa80e12928bb542330e8409f3174504107ecd5efac61ae7504dabe2a602ede89e5cca6257a7c77e27a702b3ae39fc769fc54f2395ae6a1178cab4738e543072fc1c177fe71e92e25bf03e4ecb72f47b64d0465aaea4c7fad372536c8ba516a6039c3c2a39f0e4d832be432dfa9a706a6e5c7e19f397964ca4258002f7c0541b590316dbc5622b6b2a6fe7a4abffd96105eca76ea7b98816af0748c10df048ce012d901015a51f189f3888145c03650aa23ce894c3bd889e030d565071c59f409a9981b51878fd6fc110624dcbcde0bf7a69ccce38fabdf86f3bef6044819de11
+Output = c650ddbb0601c19ca11439e1640dd931f43c518ea5bea70d3dcde5f4191fe53f00cf966546b72bcc7d58be2b9badef28743954e3a44a23f880e8d4f1cfce2d7a61452d26da05896f0a50da66a239a8a188b6d825b3305ad77b73fbac0836ecc60987fd08527c1a8e80d5823e65cafe2a3d00
+
+OneShotDigestSign = NULL
+Key = ED448-8
+Input = 6ddf802e1aae4986935f7f981ba3f0351d6273c0a0c22c9c0e8339168e675412a3debfaf435ed651558007db4384b650fcc07e3b586a27a4f7a00ac8a6fec2cd86ae4bf1570c41e6a40c931db27b2faa15a8cedd52cff7362c4e6e23daec0fbc3a79b6806e316efcc7b68119bf46bc76a26067a53f296dafdbdc11c77f7777e972660cf4b6a9b369a6665f02e0cc9b6edfad136b4fabe723d2813db3136cfde9b6d044322fee2947952e031b73ab5c603349b307bdc27bc6cb8b8bbd7bd323219b8033a581b59eadebb09b3c4f3d2277d4f0343624acc817804728b25ab797172b4c5c21a22f9c7839d64300232eb66e53f31c723fa37fe387c7d3e50bdf9813a30e5bb12cf4cd930c40cfb4e1fc622592a49588794494d56d24ea4b40c89fc0596cc9ebb961c8cb10adde976a5d602b1c3f85b9b9a001ed3c6a4d3b1437f52096cd1956d042a597d561a596ecd3d1735a8d570ea0ec27225a2c4aaff26306d1526c1af3ca6d9cf5a2c98f47e1c46db9a33234cfd4d81f2c98538a09ebe76998d0d8fd25997c7d255c6d66ece6fa56f11144950f027795e653008f4bd7ca2dee85d8e90f3dc315130ce2a00375a318c7c3d97be2c8ce5b6db41a6254ff264fa6155baee3b0773c0f497c573f19bb4f4240281f0b1f4f7be857a4e59d416c06b4c50fa09e1810ddc6b1467baeac5a3668d11b6ecaa901440016f389f80acc4db977025e7f5924388c7e340a732e554440e76570f8dd71b7d640b3450d1fd5f0410a18f9a3494f707c717b79b4bf75c98400b096b21653b5d217cf3565c9597456f70703497a078763829bc01bb1cbc8fa04eadc9a6e3f6699587a9e75c94e5bab0036e0b2e711392cff0047d0d6b05bd2a588bc109718954259f1d86678a579a3120f19cfb2963f177aeb70f2d4844826262e51b80271272068ef5b3856fa8535aa2a88b2d41f2a0e2fda7624c2850272ac4a2f561f8f2f7a318bfd5caf9696149e4ac824ad3460538fdc25421beec2cc6818162d06bbed0c40a387192349db67a118bada6cd5ab0140ee273204f628aad1c135f770279a651e24d8c14d75a6059d76b96a6fd857def5e0b354b27ab937a5815d16b5fae407ff18222c6d1ed263be68c95f32d908bd895cd76207ae726487567f9a67dad79abec316f683b17f2d02bf07e0ac8b5bc6162cf94697b3c27cd1fea49b27f23ba2901871962506520c392da8b6ad0d99f7013fbc06c2c17a569500c8a7696481c1cd33e9b14e40b82e79a5f5db82571ba97bae3ad3e0479515bb0e2b0f3bfcd1fd33034efc6245eddd7ee2086ddae2600d8ca73e214e8c2b0bdb2b047c6a464a562ed77b73d2d841c4b34973551257713b753632efba348169abc90a68f42611a40126d7cb21b58695568186f7e569d2ff0f9e745d0487dd2eb997cafc5abf9dd102e62ff66cba87
+Output = e301345a41a39a4d72fff8df69c98075a0cc082b802fc9b2b6bc503f926b65bddf7f4c8f1cb49f6396afc8a70abe6d8aef0db478d4c6b2970076c6a0484fe76d76b3a97625d79f1ce240e7c576750d295528286f719b413de9ada3e8eb78ed573603ce30d8bb761785dc30dbc320869e1a00
+
+# Verify test
+OneShotDigestVerify = NULL
+Key = ED448-1-PUBLIC
+Input = ""
+Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652600
+
+# Corrupted input
+OneShotDigestVerify = NULL
+Key = ED448-1-PUBLIC
+Input = "bad"
+Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652600
+Result = VERIFY_ERROR
+
+# Corrupted signature
+OneShotDigestVerify = NULL
+Key = ED448-1-PUBLIC
+Input = ""
+Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652601
+Result = VERIFY_ERROR
+
+# Make sure update calls return an error
+DigestSign = NULL
+Key = ED448-1
+Input = "Test"
+Result = DIGESTUPDATE_ERROR
+
+DigestVerify = NULL
+Key = ED448-1-PUBLIC
+Input = "Test"
+Result = DIGESTUPDATE_ERROR
+
+# Attempt to set invalid digest
+DigestSign = SHA256
+Key = ED448-1
+Result = DIGESTSIGNINIT_ERROR
+
+# Raw keys
+OneShotDigestSign = NULL
+Key = ED448-1-Raw
+Input = ""
+Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652600
+
+OneShotDigestVerify = NULL
+Key = ED448-1-PUBLIC-Raw
+Input = ""
+Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652600
+
+#Signature malelability test.
+#Same as the verify operation above but with the order added to s
+OneShotDigestVerify = NULL
+Key = ED448-1-PUBLIC-Raw
+Input = ""
+Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980f25278d3667403c14bcec5f9cfde9955ebc8333c0ae78fc86e518317c5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e656600
+Result = VERIFY_ERROR
+
+
+Title = Chosen Wycheproof vectors
+
+PrivateKeyRaw = WychePRIVATE0:X25519:288796bc5aff4b81a37501757bc0753a3c21964790d38699308debc17a6eaf8d
+
+PublicKeyRaw = WychePUBLIC0:X25519:f0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f
+
+Derive=WychePRIVATE0
+PeerKey=WychePUBLIC0
+SharedSecret=b4e0dd76da7b071728b61f856771aa356e57eda78a5b1655cc3820fb5f854c5c
+
+PrivateKeyRaw = WychePRIVATE1:X25519:60887b3dc72443026ebedbbbb70665f42b87add1440e7768fbd7e8e2ce5f639d
+
+PublicKeyRaw = WychePUBLIC1:X25519:f0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
+
+Derive=WychePRIVATE1
+PeerKey=WychePUBLIC1
+SharedSecret=38d6304c4a7e6d9f7959334fb5245bd2c754525d4c91db950206926234c1f633
+
+PrivateKeyRaw = WychePRIVATE2:X25519:a0a4f130b98a5be4b1cedb7cb85584a3520e142d474dc9ccb909a073a976bf63
+
+PublicKeyRaw = WychePUBLIC2:X25519:0ab4e76380d84dde4f6833c58f2a9fb8f83bb0169b172be4b6e0592887741a36
+
+Derive=WychePRIVATE2
+PeerKey=WychePUBLIC2
+SharedSecret=0200000000000000000000000000000000000000000000000000000000000000
+
+PublicKeyRaw = WychePUBLIC3:X25519:89e10d5701b4337d2d032181538b1064bd4084401ceca1fd12663a1959388000
+
+Derive=WychePRIVATE2
+PeerKey=WychePUBLIC3
+SharedSecret=0900000000000000000000000000000000000000000000000000000000000000
+
+PublicKeyRaw = WychePUBLIC4:X25519:2b55d3aa4a8f80c8c0b2ae5f933e85af49beac36c2fa7394bab76c8933f8f81d
+
+Derive=WychePRIVATE2
+PeerKey=WychePUBLIC4
+SharedSecret=1000000000000000000000000000000000000000000000000000000000000000
+
+Title = Test keypair mismatches
+
+PrivPubKeyPair = Alice-25519:Bob-25519-PUBLIC
+Result = KEYPAIR_MISMATCH
+
+PrivPubKeyPair = Bob-25519:Alice-25519-PUBLIC
+Result = KEYPAIR_MISMATCH
+
+PrivPubKeyPair = Alice-448:Bob-448-PUBLIC
+Result = KEYPAIR_MISMATCH
+
+PrivPubKeyPair = Bob-448:Alice-448-PUBLIC
+Result = KEYPAIR_MISMATCH
diff --git a/test/recipes/30-test_evp_data/evppkey_ffdhe.txt b/test/recipes/30-test_evp_data/evppkey_ffdhe.txt
new file mode 100644
index 0000000000..183a11b1ef
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evppkey_ffdhe.txt
@@ -0,0 +1,570 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+
+Title = RFC7919 DH tests
+
+# Key generation test
+KeyGen = dhKeyAgreement
+Ctrl = dh_param:ffdhe2048
+KeyName = tmpdh
+
+# ffdhe2048-1 and ffdhe2048-2 were randomly generated and have a shared secret
+# less than 256 bytes in length (to test padding) other keys have no special
+# properties
+PrivateKey=ffdhe2048-1
+-----BEGIN PRIVATE KEY-----
+MIIBQwIBADCCARsGCSqGSIb3DQEDATCCAQwCggEBAP//////////rfhUWKK7Spqv
+3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT
+3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId
+8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu
+Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD
+/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhKFyX//////////8C
+AQICAgDhBB8CHQGUa5iGUF9rGvDjv9PDFGIvtS9OIqbbi8rqm4b6
+-----END PRIVATE KEY-----
+
+PrivateKey=ffdhe2048-2
+-----BEGIN PRIVATE KEY-----
+MIIBQwIBADCCARsGCSqGSIb3DQEDATCCAQwCggEBAP//////////rfhUWKK7Spqv
+3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT
+3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId
+8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu
+Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD
+/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhKFyX//////////8C
+AQICAgDhBB8CHQEYNZIth+/EaIgKK2gcxFutVjUTWYCaReyTKMvP
+-----END PRIVATE KEY-----
+
+PublicKey=ffdhe2048-1-pub
+-----BEGIN PUBLIC KEY-----
+MIICKTCCARsGCSqGSIb3DQEDATCCAQwCggEBAP//////////rfhUWKK7Spqv3FYg
+Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V
+1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih
+Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n
+Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb
+TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhKFyX//////////8CAQIC
+AgDhA4IBBgACggEBAOYRygvHGUKaIXLfUatc2YkYcm9Ew65H0hwpiDXG6XHAYAjJ
+bjKNJxdFRjjeCwtJEAGlyUtjSHrka6dHDfzkQfDK6u13Z+3Xmh+nCMZwPOHDNR3I
+Ep5vy3quU7suD3ADDrjwX3sVfsXensgh+JpexbrR+leHATf8aX1g8jQofFdi1Wn7
+CbE6VciU4b32L8HPwO1ePpJGib70Em45VurmUfCwNXgEUnu1N6LYRAjH9vnjB529
+C3BSp58rJnA2aslacC0CFY6YVCQfLTdN7y+F5QlGrdGd6wQmf3FXPLf9iYSiuLrm
+jW/WDFmPnwAn5A7TEgiNeNu8pwsSKPgZqdW+lyw=
+-----END PUBLIC KEY-----
+
+PublicKey=ffdhe2048-2-pub
+-----BEGIN PUBLIC KEY-----
+MIICKTCCARsGCSqGSIb3DQEDATCCAQwCggEBAP//////////rfhUWKK7Spqv3FYg
+Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V
+1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih
+Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n
+Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb
+TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhKFyX//////////8CAQIC
+AgDhA4IBBgACggEBAN5LAdrzTwa7nT7855NJQLNum5Yr1O8XZupjvwtVIrJgORvh
+L8VMKJoerEwOZ38snTsh9tuKnAWrmdIyFhnOjaHm40GlvInQGff5Lwb1itf7ib3U
+ELPOO29PajwY1RocWKX7Wfdj8n6Kd9gHhdoO5v8MyZMCkUU6Rz6y1VzaVwykdsqA
+kbMdZfK8Dkpd5PBZ8SJpJF02IEzvh5OYfjcbMN2K0lDO5ZvoMYQku7yXr6PfJebC
+CpoVOaoqH19n3g8Xni8IFi7znI83UqxKuYhyYCuMwtE+HS+9WkmkQ1coo512Gw2f
+TcY3pf9gGZ41xLFxCOdrUbR3QlieI+zl+TttLzM=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ffdhe2048-1:ffdhe2048-1-pub
+
+PrivPubKeyPair=ffdhe2048-2:ffdhe2048-2-pub
+
+Derive=ffdhe2048-1
+PeerKey=ffdhe2048-2-pub
+SharedSecret=6620DD85B56EE8540C8040CAC46B7385344A164E4DBDF521F7D99F88FA68EDD295A45E36E0BBD5FF5DE84598824E2CA52ED82ACA918CAECC6B22846D0FC6F0203E8B6963964D11E9E704F83AF1D60E9B1931139E9E9967C4665A831A75D99359A8BA80DD5921E74379AF4CA8DB453EDBC5E669AB17A5254CA6C96794CD5196BE90AF37742C8F6812515FFCC45B08F4158EFF9559F1AEF3665B3D91519DCBC6DF22CD6DA521B86613558602E73D2CA4666972F7D2CB6B46299B1DF2DA29A2A2D99D105E10CB553D6738A9B1DB2A0314C3CF30642D5C44695623D8B95C4426BEA830FB51816B4F086945E9B12A445F42DD68610E3F378A6E69A383D13D85BF
+
+Derive=ffdhe2048-2
+PeerKey=ffdhe2048-1-pub
+SharedSecret=6620DD85B56EE8540C8040CAC46B7385344A164E4DBDF521F7D99F88FA68EDD295A45E36E0BBD5FF5DE84598824E2CA52ED82ACA918CAECC6B22846D0FC6F0203E8B6963964D11E9E704F83AF1D60E9B1931139E9E9967C4665A831A75D99359A8BA80DD5921E74379AF4CA8DB453EDBC5E669AB17A5254CA6C96794CD5196BE90AF37742C8F6812515FFCC45B08F4158EFF9559F1AEF3665B3D91519DCBC6DF22CD6DA521B86613558602E73D2CA4666972F7D2CB6B46299B1DF2DA29A2A2D99D105E10CB553D6738A9B1DB2A0314C3CF30642D5C44695623D8B95C4426BEA830FB51816B4F086945E9B12A445F42DD68610E3F378A6E69A383D13D85BF
+
+Derive=ffdhe2048-1
+PeerKey=ffdhe2048-2-pub
+Ctrl = dh_pad:1
+SharedSecret=00006620DD85B56EE8540C8040CAC46B7385344A164E4DBDF521F7D99F88FA68EDD295A45E36E0BBD5FF5DE84598824E2CA52ED82ACA918CAECC6B22846D0FC6F0203E8B6963964D11E9E704F83AF1D60E9B1931139E9E9967C4665A831A75D99359A8BA80DD5921E74379AF4CA8DB453EDBC5E669AB17A5254CA6C96794CD5196BE90AF37742C8F6812515FFCC45B08F4158EFF9559F1AEF3665B3D91519DCBC6DF22CD6DA521B86613558602E73D2CA4666972F7D2CB6B46299B1DF2DA29A2A2D99D105E10CB553D6738A9B1DB2A0314C3CF30642D5C44695623D8B95C4426BEA830FB51816B4F086945E9B12A445F42DD68610E3F378A6E69A383D13D85BF
+
+PrivateKey=ffdhe3072-1
+-----BEGIN PRIVATE KEY-----
+MIIByQIBADCCAZsGCSqGSIb3DQEDATCCAYwCggGBAP//////////rfhUWKK7Spqv
+3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT
+3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId
+8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu
+Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD
+/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8
+NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0
+/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K
+vNBr+lPd7zwbIO4/1Z18JeQdK2bGLjf//////////wIBAgICARMEJQIjB8TRLx6q
+XYQJ0RAM+5ztVLhy9EXNdjY0EYODS7TFi5RZLE4=
+-----END PRIVATE KEY-----
+
+PrivateKey=ffdhe3072-2
+-----BEGIN PRIVATE KEY-----
+MIIByQIBADCCAZsGCSqGSIb3DQEDATCCAYwCggGBAP//////////rfhUWKK7Spqv
+3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT
+3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId
+8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu
+Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD
+/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8
+NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0
+/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K
+vNBr+lPd7zwbIO4/1Z18JeQdK2bGLjf//////////wIBAgICARMEJQIjBG9DysbR
+qsyURRygCXP6Z6CsUGaQR9/JD+RxbZ8P13po5PM=
+-----END PRIVATE KEY-----
+
+PublicKey=ffdhe3072-1-pub
+-----BEGIN PUBLIC KEY-----
+MIIDKTCCAZsGCSqGSIb3DQEDATCCAYwCggGBAP//////////rfhUWKK7Spqv3FYg
+Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V
+1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih
+Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n
+Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb
+TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe
++ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS
+4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr
++lPd7zwbIO4/1Z18JeQdK2bGLjf//////////wIBAgICARMDggGGAAKCAYEAmPK9
+gPzxh69NyUdmvd76E2VjitXRFhA6mZvTD9zh9Isbl66yezKJcYROUv4HK81LNonz
+RaP5je7LXA/Vj4KkQEfjP/W00gZ/uMmi2hSQ0KbBuwRd/ECYwoigs+p9bjN4ZGra
+rYmQLiX2uJz2KSkx3YpM9cMH9Q41qdskGnK0QnMntwTysZ7Sdk7yeNaKUdZ3G4sA
+lUCEUAOr7lD8tV1fPjgMLL4EVsiZEF1v3TY5mY7ydcYPIrvrKXUKqrr7UsAdxt+r
+BATWe3V+JUGpsVjDLYUgaB95PkdSQtdNa094nanx+evI3vYZE9Vm/A/DNBTJuTlV
+rogeIx+Lq3foVUsW6nuJiGKYhbwI5xqFw+WEPMqa5QiIdoUqDExXkCi1mqxyivZ0
+VW5yVac/67e9od3oMlWGU2tXvJwxIzhCBpjK8oBFxd2jFZ0BdTwBlI+Jpx5AW7oE
+la7P7Rxy1rkGTFs8ZSWM2cUdzBxsbwdWrmSZ6JjQstr8ST++TXC5F7ZBKaOu
+-----END PUBLIC KEY-----
+
+PublicKey=ffdhe3072-2-pub
+-----BEGIN PUBLIC KEY-----
+MIIDKDCCAZsGCSqGSIb3DQEDATCCAYwCggGBAP//////////rfhUWKK7Spqv3FYg
+Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V
+1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih
+Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n
+Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb
+TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe
++ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS
+4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr
++lPd7zwbIO4/1Z18JeQdK2bGLjf//////////wIBAgICARMDggGFAAKCAYAWP0Ft
+61TNzHfeUEGhr1gjw9cs3GfCGvx9Rbhql6oUA3tQdSOODxQCnLBv7KFnhRwhhh/Z
+6BRRC3rX4HYeRsLxlFeOmOzv0Ty6vhnpJnhf8648ujLXdT1r/0G53OR5v5QFTzLq
+eAIYDV86EYL1/ffONV3P+OKQqpPx/kgmtKPsmr+U01KbfJk44uFkyR3bUnHq3cXj
+wrNCxdazibp3Iqt2jZblWdsUvBzj8VGNOQmTvxySjbJHJVtLAEZsboZQzvdV9n9f
+xC4/PxxI45s9/NT6JjN2+At3CPMSup1Dr9P98NYFh01bvWcIzUVUznUkNj732M3V
+IsPpUEq6WJR8bISdnc+HTWhjULxjbAN/ptz1K1aU3JwI2aG2sHt6r0m8ug9V1y2X
+Yr2hU7ohBoHhJxxmSbcqjzoQ9wdEvenfFjY+IydQ6j09AAPvBkNYwOVFOKp8TIr4
+VZwIwf1eFAzs8mbbl+sFZENEM2aTpQL56AUv9FnGcg3AnVKs5/UJ8W0FYZw=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ffdhe3072-1:ffdhe3072-1-pub
+
+PrivPubKeyPair=ffdhe3072-2:ffdhe3072-2-pub
+
+Derive=ffdhe3072-1
+PeerKey=ffdhe3072-2-pub
+SharedSecret=59C4B72684E68BC02148DF19FE6BECE40885AD037EE83F28C6E353C87026DAD66BB469C3F252BDC7ADA9271B6AD900620ECA15696B4E85561794A26259D61CAC7B56DDAED27BE2759A4C4BED5F8940784A255635D24E0D7B2BC796142CAF256D7A979240E9C8DD7230562B5D687971C4582A488E7BCA827FA32C4068C3C8B27ACA83E43EE9D7EAB3192F0DD877BA9C25D6334D233FC5752BEFE625B3D5DAE8589122B6C7E76538619E90AF1BD8D078496214C8F740F7BB5BFA284C811BEF5F9C6C1326E396DE17FDD47BE9D979643F2141FABB8950C3CECEEECFD0BB763F4D143A5AE284535F5E29B05E7DAC609D7080B5D1325F8D9242C67AC44482F5AA51131A763C370842D757EC16DE1988DF5BB4E4B6191A03F9E200DB491906871442FA98985DC976D5007C22FD491F49B8F0AB2AFDE0BDEFA18E56A686C712F4EDE53D924AA39CFED6C827CE0AD553132A474009203421F0A9373646200D8BA75725964079CF82D8C0C50AF6EEA4ECB607C02E7DD55C7998B4F849D79BE8867C69C62A
+
+Derive=ffdhe3072-2
+PeerKey=ffdhe3072-1-pub
+SharedSecret=59C4B72684E68BC02148DF19FE6BECE40885AD037EE83F28C6E353C87026DAD66BB469C3F252BDC7ADA9271B6AD900620ECA15696B4E85561794A26259D61CAC7B56DDAED27BE2759A4C4BED5F8940784A255635D24E0D7B2BC796142CAF256D7A979240E9C8DD7230562B5D687971C4582A488E7BCA827FA32C4068C3C8B27ACA83E43EE9D7EAB3192F0DD877BA9C25D6334D233FC5752BEFE625B3D5DAE8589122B6C7E76538619E90AF1BD8D078496214C8F740F7BB5BFA284C811BEF5F9C6C1326E396DE17FDD47BE9D979643F2141FABB8950C3CECEEECFD0BB763F4D143A5AE284535F5E29B05E7DAC609D7080B5D1325F8D9242C67AC44482F5AA51131A763C370842D757EC16DE1988DF5BB4E4B6191A03F9E200DB491906871442FA98985DC976D5007C22FD491F49B8F0AB2AFDE0BDEFA18E56A686C712F4EDE53D924AA39CFED6C827CE0AD553132A474009203421F0A9373646200D8BA75725964079CF82D8C0C50AF6EEA4ECB607C02E7DD55C7998B4F849D79BE8867C69C62A
+
+PrivateKey=ffdhe4096-1
+-----BEGIN PRIVATE KEY-----
+MIICTwIBADCCAhsGCSqGSIb3DQEDATCCAgwCggIBAP//////////rfhUWKK7Spqv
+3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT
+3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId
+8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu
+Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD
+/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8
+NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0
+/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K
+vNBr+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3
+Y88dVQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJ
+KZmjM8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHG
+igB+XmVfav//////////AgECAgIBRQQrAikf6HJGrPpToTmXJq6x8ZlcUpBK/RDk
+5e93wdj9M96Bp6CK5KDTX91DPg==
+-----END PRIVATE KEY-----
+
+PrivateKey=ffdhe4096-2
+-----BEGIN PRIVATE KEY-----
+MIICTwIBADCCAhsGCSqGSIb3DQEDATCCAgwCggIBAP//////////rfhUWKK7Spqv
+3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT
+3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId
+8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu
+Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD
+/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8
+NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0
+/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K
+vNBr+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3
+Y88dVQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJ
+KZmjM8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHG
+igB+XmVfav//////////AgECAgIBRQQrAikaMtvYLrkftmq+ryrWoSoyH8fA0OXp
+jwrNxAPiOZFBxvPImUEi3lOoxA==
+-----END PRIVATE KEY-----
+
+PublicKey=ffdhe4096-1-pub
+-----BEGIN PUBLIC KEY-----
+MIIEKDCCAhsGCSqGSIb3DQEDATCCAgwCggIBAP//////////rfhUWKK7Spqv3FYg
+Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V
+1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih
+Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n
+Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb
+TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe
++ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS
+4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr
++lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3Y88d
+VQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJKZmj
+M8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHGigB+
+XmVfav//////////AgECAgIBRQOCAgUAAoICAFmvIlVGC+VP3rxxLYMoEM3h0yvn
+pO086y+sRkf97FRppQxCbHaDwz64f0Bopzq8YbJE/OM7nhwAVH/L+6iFKsdENj5l
+LLaYIy1q/GR5SGC9yWjfkHKQaeVR2gCqn8IpKj/1JK1Km+rZE5UNF1v4zxurjNYw
+FKaPDF1dTtvfEzABQmf8ZX9vNSYJmbvCAzjNArcFwypuHZCFaoTAJHxwD4grWt2m
+EJ7FCigRt3sE+o5L6ZfgdOwj2V23JANMuDPIb7F/n1TOjSChMJA+Dg0e2WMO00Et
+19ce7MWMMwpPx7/vYukIaIQXcxFVJluwJf+qXu3oplAGe+8WuIzI1OBN9SEFO2PH
+s9TG33rUeSTU0jVtJS6qSsaLWKT0QRHv7hQCtCtH0l0vDuH/WhzSJmf68adZSiRI
+RSeJgYLocyOOXleP9/+iZOJ0n5617AbR1nBLOsh82tN4H0CsMi+TeNIlLA8RbFGu
+A442i70xx5YJaccV9YwEQJzIOpBd8DuGIvzXCuyf8756cn5KKTTtKTM4Cy50DH7z
+8URTx3+0uOodKOtIYyFSMYzTQCQFluPXfelR3t1aP2uRXqfC0bziw1OYb794xYx6
+cIlLbC0e0hiBpzTXWUJHb6rjtDfh+HnHlSUGWCGFoV0H5Cx6my9t/WBEnMlbjSMW
+DMW1av+3Na95903x
+-----END PUBLIC KEY-----
+
+PublicKey=ffdhe4096-2-pub
+-----BEGIN PUBLIC KEY-----
+MIIEKTCCAhsGCSqGSIb3DQEDATCCAgwCggIBAP//////////rfhUWKK7Spqv3FYg
+Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V
+1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih
+Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n
+Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb
+TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe
++ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS
+4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr
++lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3Y88d
+VQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJKZmj
+M8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHGigB+
+XmVfav//////////AgECAgIBRQOCAgYAAoICAQCdwSzypLeaeUauw2sV4oo1aTj3
+211HYCdPsP7qdyv7u08MD6HA2LIfbsi98J9B53v+LpIITbW5axwinYahc09lbf2Q
+Dwy5AiETXKQZqhJkbypMLax1N5TDwzXzM1JxBzmATGcX6CXfrWQ7XzKHDLvjI7W4
+WEOz+OMeV8F85B8dxf/p+hbOiIrv98iG1S15PGUDsx3r1ischqfJpQ3mNEP0qF+L
+904D5S1Y7KI/jHCZlo95HgrjHOSg73cnj4VKGhnStKatscWiMgh5rWC81vYpQDZx
+mqDyJEaz2XgrU4vlJT0zd/gWdDIqPpnhcE7vjO1e5hvdOhn75hIUNZejxw7/oT81
+59jLolbd+xpX4aIwqC+Gn4jgm8c8Z+QO7vQzlgbtSBFV9srDHvagmIWqr3lDDXgQ
+Tf3G0UV3EsxGKj3OGTIw4DAe22W2d2LDUlBp3N+lFrt6OEFtcLbnXoi1b7ig0gPn
+30p6bW9AZ/qL5SCfAYbtKDcRIyaqZ6MeG9qTzUIt/V4RQfaOuD3KrAj0jjCDKS7u
+pPxWYrb9jR0O9hDLnKfZr0zAI3X+X1JdXJpW8JFU6Av2LufYpoq3V5tXHdduwJwM
+ycc1F1F0Eu3KNknFa0SsQRhNWtMVDpPe2/gfd0DmastSkCieE0QtAVd0xb360mO+
+g9yTcM3iUEcuz/oz4w==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ffdhe4096-1:ffdhe4096-1-pub
+
+PrivPubKeyPair=ffdhe4096-2:ffdhe4096-2-pub
+
+Derive=ffdhe4096-1
+PeerKey=ffdhe4096-2-pub
+SharedSecret=B92DCFD06BA13D2E740CE295BA5748F0A8BC7F2AA23E6E9CC8D5FE01A783DA5F12C2B190B77D6A3CD69FE2B340C98AA2F612CE5A3FA34C168C2B1A3067B143043F46D354C5FFD79DDAC0097A5A1375B1F41A95918D49499116CA6D39377548FF23AC2248CFDE2064106F426FB45D9A626B614C5DF54872DB3216857472406C83449BED15385839D01B6F67CC8EC7F7DA35389B01333E6E8AD2F366BA56B6DB1F3FD726AB4C7F99E2D0AB9BABC6D4B8F6244B9706D4942984E2DD046831E05C51571E3EA9B1E665D5419E89378F7315BB2DEFD258A8FF44242D6908EC2E15A48D2F61820616935A72BF18309903A492F2646DA91AE5ABD3A4B3D934FF3811415B5385A276E082B4DE960CFE82FE3EE4909C2C8847EE2D839F419365B7B2EF38646EE182EF3531CCBEEE4115E57D71BFF808C0379057805D82317176CC913F058635F2B30705F456CCB3C518905F18A0902F6A74DECC48BCCDAF0C3004FE233D2FAFB60EB79204DDA7B791F911D763A3A0FBDD0926644F7004D5AD57EFF787DD54C81C4E9828B8501B44468ABCA6189A8DC00E666F813D7EF21A472F36E5F3338405C3FF4433FFBEF867677791C848E0B62D0099EE59E3A8ACDCCA4ABDB2CD6C58A8C7E76BE37FD922BB29DCA0F5B70714BDAF3183C09982EE4716BC656A3A8D63F7B26201C5D803923D1CE7BCE2843376F02E580D91B63B2B7480BBF32E9551ED
+
+Derive=ffdhe4096-2
+PeerKey=ffdhe4096-1-pub
+SharedSecret=B92DCFD06BA13D2E740CE295BA5748F0A8BC7F2AA23E6E9CC8D5FE01A783DA5F12C2B190B77D6A3CD69FE2B340C98AA2F612CE5A3FA34C168C2B1A3067B143043F46D354C5FFD79DDAC0097A5A1375B1F41A95918D49499116CA6D39377548FF23AC2248CFDE2064106F426FB45D9A626B614C5DF54872DB3216857472406C83449BED15385839D01B6F67CC8EC7F7DA35389B01333E6E8AD2F366BA56B6DB1F3FD726AB4C7F99E2D0AB9BABC6D4B8F6244B9706D4942984E2DD046831E05C51571E3EA9B1E665D5419E89378F7315BB2DEFD258A8FF44242D6908EC2E15A48D2F61820616935A72BF18309903A492F2646DA91AE5ABD3A4B3D934FF3811415B5385A276E082B4DE960CFE82FE3EE4909C2C8847EE2D839F419365B7B2EF38646EE182EF3531CCBEEE4115E57D71BFF808C0379057805D82317176CC913F058635F2B30705F456CCB3C518905F18A0902F6A74DECC48BCCDAF0C3004FE233D2FAFB60EB79204DDA7B791F911D763A3A0FBDD0926644F7004D5AD57EFF787DD54C81C4E9828B8501B44468ABCA6189A8DC00E666F813D7EF21A472F36E5F3338405C3FF4433FFBEF867677791C848E0B62D0099EE59E3A8ACDCCA4ABDB2CD6C58A8C7E76BE37FD922BB29DCA0F5B70714BDAF3183C09982EE4716BC656A3A8D63F7B26201C5D803923D1CE7BCE2843376F02E580D91B63B2B7480BBF32E9551ED
+
+PrivateKey=ffdhe6144-1
+-----BEGIN PRIVATE KEY-----
+MIIDVQIBADCCAxsGCSqGSIb3DQEDATCCAwwCggMBAP//////////rfhUWKK7Spqv
+3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT
+3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId
+8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu
+Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD
+/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8
+NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0
+/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K
+vNBr+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3
+Y88dVQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJ
+KZmjM8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHG
+igB+Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyz
+jowzTHAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNig
+DvCSNQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLu
+qsAjKigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQ
+XcgtuFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmli
+ppUm1DFhwaQdVw15ONrUpA4ynNDkDmX//////////wIBAgICAXcEMQIvSAtU6kL4
+Q04G+z7VkF75A9mRrvM+4UWu9+nOPeAWZfTLU5OqNFUuupM+ZXHNGs8=
+-----END PRIVATE KEY-----
+
+PrivateKey=ffdhe6144-2
+-----BEGIN PRIVATE KEY-----
+MIIDVQIBADCCAxsGCSqGSIb3DQEDATCCAwwCggMBAP//////////rfhUWKK7Spqv
+3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT
+3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId
+8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu
+Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD
+/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8
+NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0
+/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K
+vNBr+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3
+Y88dVQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJ
+KZmjM8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHG
+igB+Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyz
+jowzTHAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNig
+DvCSNQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLu
+qsAjKigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQ
+XcgtuFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmli
+ppUm1DFhwaQdVw15ONrUpA4ynNDkDmX//////////wIBAgICAXcEMQIvQJ+3F7o/
+XE6oeVRpsU2/uXFpNvtD8s2NMEZqecJQLHVJetCYm1TgrIW1T9WH8Mg=
+-----END PRIVATE KEY-----
+
+PublicKey=ffdhe6144-1-pub
+-----BEGIN PUBLIC KEY-----
+MIIGKDCCAxsGCSqGSIb3DQEDATCCAwwCggMBAP//////////rfhUWKK7Spqv3FYg
+Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V
+1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih
+Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n
+Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb
+TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe
++ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS
+4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr
++lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3Y88d
+VQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJKZmj
+M8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHGigB+
+Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyzjowz
+THAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNigDvCS
+NQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLuqsAj
+Kigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQXcgt
+uFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmlippUm
+1DFhwaQdVw15ONrUpA4ynNDkDmX//////////wIBAgICAXcDggMFAAKCAwBzyuwl
+M1Ob9DJTGZFXugtmiHnnrC1Fuct0huyPoASXtbCo95FNnOqUe6VNfcMwagTmiD/t
+h3NRki3CvzchadgeJgQAJlyFzbRQr/NhwPNFkSKT08fMNe+InrVqvpz13tN6vJ7Y
+nSPJZXIwX1dHp7TgNatEFKc6sIYO2yy7WUNPVRokRtRH0F4ceXO/eMdQtjJ3coR5
+HPflfNJxPOlonygJ9Blk4tO7ngqAyifqVUVgVXqvUx1Wkpzo1t91HrG6YExrok9V
+92D8LXXS2qMfKvI66sF6avpBowyOoTj9pTvRW/z3umEmPLKzpVURzrzEa7MwDsmc
+sdNz9QWWHFCW5Jd2pPzuJnH55amZsKoEl2Bel62SrbzzjGKZBn1sxT6LyPrnJdZX
+fjiThE9E2fObPRA5A4dgxlmHsjbmMn3ERSQJdnQqaMme0PBzcZgZqLzULR3wWCh8
+r2dMoce4972VA6KvVSkxv0RfltrGhfCT+ERoaFg5Rcn/Sa2rXQEPT2wmhc1McjyU
+KMdYjstamKNurZPdfMU8pL9t/DUmWlr4ruDmgK1T9ODxyyGQHAf6/2JlCXv6cbks
+r+ZtEF3nBJ8cwLyiqaCEgMtXfoP64a/AcXeCvEnQgssq3Zot6pGRaUF162d1d+7R
+ekQ5ZIvEIVqhg/4OWhjK45jJw+MoA+tXRmXCpTyDq2sq3GMLQntWzDSns5WGBHY3
+oC7hQUSEQF3GjBiAkOgFGgSR/N4V8iL/DeRRodB/Sbo7lbJlFL8wdiZhZN0bAVyB
+bdsCUNBtCCK8gMqv4+wJBlQnZFX8XWVGahqQ3ph5WZce0IDvhOoCilLGP9PQLLHD
+sLLOfYgMB/h/UnEF+5Nmsn17EF6R48+JcBkAlfnCK5zFXlK6T9wJE2MuaBatbDLf
+TeSmUtWtEBNADNoVZHzEt0sxQimu+U8LAbuvkBmCqkZZLhlKNtEgNQYsZeOa1PSF
+Xf4grDcL+jWdbCohl06eB8gADPMFzkTxGNxf7PDNUD0qR76Y657h58CeRSw=
+-----END PUBLIC KEY-----
+
+PublicKey=ffdhe6144-2-pub
+-----BEGIN PUBLIC KEY-----
+MIIGKTCCAxsGCSqGSIb3DQEDATCCAwwCggMBAP//////////rfhUWKK7Spqv3FYg
+Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V
+1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih
+Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n
+Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb
+TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe
++ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS
+4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr
++lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3Y88d
+VQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJKZmj
+M8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHGigB+
+Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyzjowz
+THAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNigDvCS
+NQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLuqsAj
+Kigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQXcgt
+uFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmlippUm
+1DFhwaQdVw15ONrUpA4ynNDkDmX//////////wIBAgICAXcDggMGAAKCAwEApE+s
+hUrveNP2zEv2CVJjLd4J58258c5kZDsMZmWE8k2LEJ04atl0Xa0G4ftlf8A3rDEu
+r22KJNZB+F6WBqpk/rzB6RDKC276ulE9+Aa3v2KXjQZAyLimro41T+mAVh15Anb4
+1ivcwCuL70BGT4wg6+bsgwfm1x7Q63DkqARk0FrNMO9dMibI6Y7Pg1gpU0cz975G
+VsxWvFeA8EfS/eC8KaBGHiSSWwKofDz2Y5pYZOnmjgh+8b2zEuVHdyOQ8fnoreDg
+nTnvkjjYH/4Gw5Y/XtmN7slbHywGCs51ujGiIqZf0U3/1IBnA/ir2FKSfbFZYySX
+Y/i8bSx9orvz9xEmOfUmoxil0TjWpaOx+T9e1IqWijmLqnt2zleBu6FSB9/F+2RG
+f6sPqLAs7lGBsby/uIpXNwuUkYHNc1tVdGyX+9dcQWTTMD88WyC33MIPOuiU5Svu
+nGx2VSX8wtsxDp4MxkVMxBleJHzDmdBkpJZDlWb6u1Fxrok5KktLCxN1wtLpJPEB
++ZNLnI98QXYpII2sXJWebB/EpD9OCj6J0gXJ6E+jXEkzZVGPvt+7betdP8Dzpg2i
+URC/uYcwpK9cWuCnwo9jnXAlLwDLpOhSCYxileW6kDLCWDh4b/LduZnDNX/ycdcH
+zTarTiYELHBzGAhhMt/SWB8bfVIhoEY2MOHl50ipMsmw2h27LqSNSW7RTreWziTR
+uxhvz7Z+aQODz/DfnWbh3tuaNBpxr7Z93K1jdaMUcbe2pjqDhd6vK9Ez4xPxeM2V
+ELjEQ2iTT1EDr4fjhzdbIBL58rbaTK7/Q513Iq4gXDSgrf7YlXzvxlHKA/M4vYLX
+Ymd+ih12vdfj4ZF09eZJgkY9WmdrHeLEJWqAj2G9UONZFsDgXrwU9gIcmiwGaEDk
+58C/g5aQb2XPJE08E2pmeXJJTqROWHXNrkTOnJfWoHsxTHwpmjzDUkZ2jUowDhEA
+MUudIw1y4BTPvz7EIlEY+Lz9loyuGQwgMYGg8tsxvyFuOA9IsdF4DHHcjQ6W
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ffdhe6144-1:ffdhe6144-1-pub
+
+PrivPubKeyPair=ffdhe6144-2:ffdhe6144-2-pub
+
+Derive=ffdhe6144-1
+PeerKey=ffdhe6144-2-pub
+SharedSecret=02B4252E4F0F659E78A58223DE9044AD90A0CC22DB5DE4F4815BF7226B7E663AE1B548A1ADB4ED81E9AF0B62FF985BF1E9893E39BA56FD843B6A134923156DD7D51DE9811B14ABA4494EAA95DA2AF8ACAD6AB2480A96A5DB99B46456FDEBDF1083220566F5DD3EC52DD06E72558B4701B528C989C06CE245EEF6215F487CFD1580615E6FE7D036985782E9BCC7ED62D2AA5A869FBF668391A0E601C2EC7A9A2E0DB57736C54ACA751E1085ABD4A55D506EFAB6FFC51AEEA33DD5EA651AA613E5F77BC81D2489FABABC8AEEF1DE5B65C3584F4080E4324EF3722AB4BF67A8FCABAE430996E454CA985B886D1B6BB5FF2C5246A8C001D953751EB59C47DAC678EE890DE817D9A06877E86516291A170ABE2273C4ADCF638713D98283F90DA17478759537C58A5D7D6AAC54C0485CAC2407A76079625ED285444ECA18127FF42419FADBDA2EDD5300CCB5F69543BCB74005BECE1FED763B06766B05EF2E20B685B92910C16B70165D111B2F8C59C6C79E5BCAC96FD2A6A969061C6D8626E605DA70E247630CF8A1D419C0E4910A72C164117B92B651CA8C8842E79C06E0E12BF8B67C218FB7FEB0F787EBBD2562E5C88A38013133753AECA5B03ECB54328765F61A6D3B901C38EC8F6582D717C688049893129DCAE597F3888E8E8BBCD9AAC9BDBD087926EAA63592DA66C085CBC408A5EC787CF0E3CE3070918B65B089A23457D0408B626B449221B460D1FD8DCCB280744B322760A53945DCD8FAA03DB4844F27496DA00B30ACC8619679D0AD28CE4464094C6DB2F68332BAD17348637E4D72B0C1EBCBBDDE514691C744F709083A76044AC85AF1B18ACD0B1716773DDB82ED94E02B0DB26205BD683A1F4E390881D556AAC305FCEB7E00AF0E3EC80AF2CD46769ED4F471DC71B60BEF36F6361B4A82C7A7F473F61C566D5206C9EFDC112A48BDDC58691830F64C91F4FB150DC61A334B7D5C3770BDBDC91A5E14C6FB02A369A0A7D2D7B008070289EFBDBB2AFD4D62BCC095E9FF81CB8E0B4F139EFD3CF5EDF243FCC08A8FA7577AEF0548436B589C4A221BE1FCE223024619F99DC66557598F
+
+Derive=ffdhe6144-2
+PeerKey=ffdhe6144-1-pub
+SharedSecret=02B4252E4F0F659E78A58223DE9044AD90A0CC22DB5DE4F4815BF7226B7E663AE1B548A1ADB4ED81E9AF0B62FF985BF1E9893E39BA56FD843B6A134923156DD7D51DE9811B14ABA4494EAA95DA2AF8ACAD6AB2480A96A5DB99B46456FDEBDF1083220566F5DD3EC52DD06E72558B4701B528C989C06CE245EEF6215F487CFD1580615E6FE7D036985782E9BCC7ED62D2AA5A869FBF668391A0E601C2EC7A9A2E0DB57736C54ACA751E1085ABD4A55D506EFAB6FFC51AEEA33DD5EA651AA613E5F77BC81D2489FABABC8AEEF1DE5B65C3584F4080E4324EF3722AB4BF67A8FCABAE430996E454CA985B886D1B6BB5FF2C5246A8C001D953751EB59C47DAC678EE890DE817D9A06877E86516291A170ABE2273C4ADCF638713D98283F90DA17478759537C58A5D7D6AAC54C0485CAC2407A76079625ED285444ECA18127FF42419FADBDA2EDD5300CCB5F69543BCB74005BECE1FED763B06766B05EF2E20B685B92910C16B70165D111B2F8C59C6C79E5BCAC96FD2A6A969061C6D8626E605DA70E247630CF8A1D419C0E4910A72C164117B92B651CA8C8842E79C06E0E12BF8B67C218FB7FEB0F787EBBD2562E5C88A38013133753AECA5B03ECB54328765F61A6D3B901C38EC8F6582D717C688049893129DCAE597F3888E8E8BBCD9AAC9BDBD087926EAA63592DA66C085CBC408A5EC787CF0E3CE3070918B65B089A23457D0408B626B449221B460D1FD8DCCB280744B322760A53945DCD8FAA03DB4844F27496DA00B30ACC8619679D0AD28CE4464094C6DB2F68332BAD17348637E4D72B0C1EBCBBDDE514691C744F709083A76044AC85AF1B18ACD0B1716773DDB82ED94E02B0DB26205BD683A1F4E390881D556AAC305FCEB7E00AF0E3EC80AF2CD46769ED4F471DC71B60BEF36F6361B4A82C7A7F473F61C566D5206C9EFDC112A48BDDC58691830F64C91F4FB150DC61A334B7D5C3770BDBDC91A5E14C6FB02A369A0A7D2D7B008070289EFBDBB2AFD4D62BCC095E9FF81CB8E0B4F139EFD3CF5EDF243FCC08A8FA7577AEF0548436B589C4A221BE1FCE223024619F99DC66557598F
+
+PrivateKey=ffdhe8192-1
+-----BEGIN PRIVATE KEY-----
+MIIEWQIBADCCBBsGCSqGSIb3DQEDATCCBAwCggQBAP//////////rfhUWKK7Spqv
+3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT
+3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId
+8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu
+Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD
+/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8
+NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0
+/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K
+vNBr+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3
+Y88dVQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJ
+KZmjM8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHG
+igB+Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyz
+jowzTHAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNig
+DvCSNQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLu
+qsAjKigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQ
+XcgtuFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmli
+ppUm1DFhwaQdVw15ONrUpA4ynM/0aqo2rQBM9gDIOB5CWjHZUa5k/bI/zslQnUNo
+f+tp7dHMXguMw732SxDvhrYxQqOriClVWy90fJMmZcssDxzAG9cCKTiIOdKvBeRU
+UErHi3WCgihGwLo1w19cWRYMwEb9glFUH8aMnIawIrtwmYdqRg50UaipMQlwP+4c
+IX5sOCblLFGqaR4OQjz8menjFlDBIXtiSBbNrZqV+dW4AZSI2cCgof4wdaV34jGD
++B1KPy+kVx78jOC6ik/otoVd/nKwpm7e0vur++WKMPr6vhxdcah+L3Qe+MH+hv6m
+u/3lMGd/DZfRHUn3qEQ9CCLlBqn0YU4BHiqUg4/4jNaMi7fFxkJM//////////8C
+AQICAgGQBDUCMwCmIsCXuloAz6Y+lwiHSiQDK3YRde+rRZ2K2pj6HFytJCsjVp88
+9fLrPJUuRBScbgYaCQ==
+-----END PRIVATE KEY-----
+
+PrivateKey=ffdhe8192-2
+-----BEGIN PRIVATE KEY-----
+MIIEWQIBADCCBBsGCSqGSIb3DQEDATCCBAwCggQBAP//////////rfhUWKK7Spqv
+3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT
+3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId
+8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu
+Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD
+/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8
+NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0
+/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K
+vNBr+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3
+Y88dVQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJ
+KZmjM8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHG
+igB+Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyz
+jowzTHAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNig
+DvCSNQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLu
+qsAjKigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQ
+XcgtuFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmli
+ppUm1DFhwaQdVw15ONrUpA4ynM/0aqo2rQBM9gDIOB5CWjHZUa5k/bI/zslQnUNo
+f+tp7dHMXguMw732SxDvhrYxQqOriClVWy90fJMmZcssDxzAG9cCKTiIOdKvBeRU
+UErHi3WCgihGwLo1w19cWRYMwEb9glFUH8aMnIawIrtwmYdqRg50UaipMQlwP+4c
+IX5sOCblLFGqaR4OQjz8menjFlDBIXtiSBbNrZqV+dW4AZSI2cCgof4wdaV34jGD
++B1KPy+kVx78jOC6ik/otoVd/nKwpm7e0vur++WKMPr6vhxdcah+L3Qe+MH+hv6m
+u/3lMGd/DZfRHUn3qEQ9CCLlBqn0YU4BHiqUg4/4jNaMi7fFxkJM//////////8C
+AQICAgGQBDUCMwCJ64IxAZbrPx6XmQG5Jliud12CCXsepFzxQaLdGqV4VtiHzZBl
+O47nScNTRN7Ol2e1Og==
+-----END PRIVATE KEY-----
+
+PublicKey=ffdhe8192-1-pub
+-----BEGIN PUBLIC KEY-----
+MIIIKDCCBBsGCSqGSIb3DQEDATCCBAwCggQBAP//////////rfhUWKK7Spqv3FYg
+Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V
+1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih
+Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n
+Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb
+TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe
++ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS
+4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr
++lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3Y88d
+VQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJKZmj
+M8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHGigB+
+Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyzjowz
+THAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNigDvCS
+NQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLuqsAj
+Kigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQXcgt
+uFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmlippUm
+1DFhwaQdVw15ONrUpA4ynM/0aqo2rQBM9gDIOB5CWjHZUa5k/bI/zslQnUNof+tp
+7dHMXguMw732SxDvhrYxQqOriClVWy90fJMmZcssDxzAG9cCKTiIOdKvBeRUUErH
+i3WCgihGwLo1w19cWRYMwEb9glFUH8aMnIawIrtwmYdqRg50UaipMQlwP+4cIX5s
+OCblLFGqaR4OQjz8menjFlDBIXtiSBbNrZqV+dW4AZSI2cCgof4wdaV34jGD+B1K
+Py+kVx78jOC6ik/otoVd/nKwpm7e0vur++WKMPr6vhxdcah+L3Qe+MH+hv6mu/3l
+MGd/DZfRHUn3qEQ9CCLlBqn0YU4BHiqUg4/4jNaMi7fFxkJM//////////8CAQIC
+AgGQA4IEBQACggQAYZTSEWGhvKQeJkBdr/GN4zoD8oGuXpS8nxQctcjzIQfg25dA
+vl/bDaCM+PMEe47H3q6qyWN4VuAlXmnE52hqebVlUiQ/H5dfmaRE1UMxQNLfmTYW
+qpJaN1YFqbCQpng8nmVtqZBtgC6L8nRc9MkOWKgZC95e/sMyPOt0w3LvTZ6Uz9Tw
+w5PuVX6sUC8jOLiJCHFypVeTmZQtfB9+OHxUe7fYN+XYEGeZBfFt4f1b05AjH2/C
+vXO0i6tw0RG96H/nMt1OXGPEEoC6BiWZsXYFghG+n34wRGJ/0R3GVbhmLSlBxPum
+r8urHjf3lopKXVXE761YPX/pYBCWIpGiEmYdg1SQ3vd+a7qkFOR5qUfQkS0zsGAD
+ghn+9vuniOXbKBBlU6zN7qJ3+TKaGXgJWKI1d9b6DZsYmU+3x5flW78kHr+tQz3d
+/wU9qHQ/Ow5EO/CZrxntxryPrXvLOjeAMlBbxaloHKwcnWav3soqLtASZ0r1px6A
+JAjxPLEdhpWKeVhCHNum++YD2uW9IeO/IBRLyKakFzoSc5I6yLNX4pywrQi/DPa5
+1Qr5Jg1wJODCAFChLdX0+BwMz5HTSx2gseGzcsNSuTBE5VwJ9zKYxe0mpl0MPXt2
+eXf1DxmH16LvVGm4m9KJ/xPf6x2fN/+MJyGHN7DUSVt5Ke8X70KsWJj4SD5c5aN9
+JEQiPswgCiOO/L9cA3RyXV3wdn++92m0LUp8nTvQ7XP0F1DZp75JlX9B6JAVkQ4s
+1lgNPzKU3OspkRsUtihK7MD4e3Cqz11SjVQqtJLc1Lw8L7QtWFflh6rMk8U2iHgx
+eEOyVkJMa9YACuo6OFcZheobhmYvsm1R/9D766foehL4P2Q2FqijHYMg6cD9fPkB
+8ie2O+DIvo0oms/69q888J71GncJ6eE88P9ipSQKpBd1PALIDMgUKZQsmBYHyLXC
+XgGtrdspQ1sHEk/2XOaGcx11okLGv98+LkdElZtqM/48eDm5Lw58BF3R9t6druEF
+/dbsBTgNfeoWkBJaakxOUxMKXg1rxpxi1xo9+yohN0htYZeSj5NDEFn4DixuCagj
+/WP9bkB5f5LY44Z9JPF1LnI69ndlT2lc4henwZLY7kBMb3CvvjUDkE5v9gEBJA8u
+ZTpZ/VhX65+L5PLNca45BeUzq4kA72IwvP4+z0gY77/mRwtxuDSKXu5381ULKNIQ
+TY7siPrDaDCNNz5WqjaLOrQPqfopeVr4fjoXsCiGWWdIV1Q0RX5Y2uNbX4SjVvEb
+Risp2sTjgPCg1ox61zX+lD3JHvopO46qCvYHsCEgK80R3KY6MOBkdDn6XE5pN+Br
+uBBxf1k6qpOXmJ34OL4QpZBO0FHldrpRFjShtg==
+-----END PUBLIC KEY-----
+
+PublicKey=ffdhe8192-2-pub
+-----BEGIN PUBLIC KEY-----
+MIIIKDCCBBsGCSqGSIb3DQEDATCCBAwCggQBAP//////////rfhUWKK7Spqv3FYg
+Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V
+1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih
+Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n
+Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb
+TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe
++ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS
+4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr
++lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3Y88d
+VQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJKZmj
+M8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHGigB+
+Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyzjowz
+THAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNigDvCS
+NQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLuqsAj
+Kigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQXcgt
+uFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmlippUm
+1DFhwaQdVw15ONrUpA4ynM/0aqo2rQBM9gDIOB5CWjHZUa5k/bI/zslQnUNof+tp
+7dHMXguMw732SxDvhrYxQqOriClVWy90fJMmZcssDxzAG9cCKTiIOdKvBeRUUErH
+i3WCgihGwLo1w19cWRYMwEb9glFUH8aMnIawIrtwmYdqRg50UaipMQlwP+4cIX5s
+OCblLFGqaR4OQjz8menjFlDBIXtiSBbNrZqV+dW4AZSI2cCgof4wdaV34jGD+B1K
+Py+kVx78jOC6ik/otoVd/nKwpm7e0vur++WKMPr6vhxdcah+L3Qe+MH+hv6mu/3l
+MGd/DZfRHUn3qEQ9CCLlBqn0YU4BHiqUg4/4jNaMi7fFxkJM//////////8CAQIC
+AgGQA4IEBQACggQADNgThA6Ha+5i9Zm9ZCNDLMbsyzoLdM0uK3sJ+jsTn2tw+kBG
+FJo5EEk6ojw0VGasoC8e9ThX78YHiCG18vPbLteE/CD4g+jGo/KcOUfrZV3uHBwv
+Y9F9fIcZi9XTBa9Np6yntpYh/fXxClWybWscdRXVXTv9AJ0GMCGa6ebV7++AwVee
+1C3U47omYwVET7adSmqzbcjNF42dConPlB7tTMCtJR92xYHCFK07kRT17OAdVJyf
+KDdzLeW1VJBzbkdrGCAJSx3iwRp6d6ldeFdDhcUEzgQZnB/JnVmEoZDXK4i2KYc4
+b78VivuOAuZFdokC1g+RsGgWkGhDxnsGPWvPWACTzm+zTjMyENygkEyzp3moBjMm
+doXE4z11V6zm7ZoNxJ7ouzTEpLMvu7XcavKv/uVbsW7uAJqbosIsqWLdcxaDEFzG
+W54Se2EaybZj/gr2tQHGAfE01+ulSJ57fuhSPLVgtpDcS98meWgKS4ddHr9dLFe6
+886fZvAvswW1ZlND7UZihtKIl3Nx0Myn+B+YG2oJQp0vsmMh1sCGD0g007TGUe82
+3/xgRXlUjwmCDikpXCSTagm3ZKF6GqJNwJN2sxCqy6wp2LX/KM3oSErXxCBTSCZt
+/wAzGd3tDcH4D79kbzIRtCCcfLI/TqC95OW3ANR6obd3ongV2rW1HyN3mLOgzuDv
+phVP0XX4fIGGGGmz76AJdpcIhXzlzQcY1fDjH59WOuOFZylxAmfNziM6ORL/FyMZ
+YxZLSx7TrHEiiRAT431hpx4f9qE5SePhg1HXqzBPA8YJtV1WiJWjO/u4LP9H7iIl
+4eubdVZqV6k2Kaw3WB7ZgST4Jc9ybiVT/kz0nTA7AF0TXSNL/BsBrEwZz8wrKlHu
+rj5MOUpAPwRlLUln11w7gTz98lvEBSyInMSjOr+0NmW77D+IWoAwWBdrcuRE2Dod
+rjhZeWrHWdgNqPOaYKkUS+CexH01aEdX3YHFmGPyXrwOkmX0zjBns3RjRzA9Dyjk
+qgG/mKQ243smQPIUDHvbfgmdLNHOg0iOyDq1nKWk5K6X3tEgUnmxkcONQ66QXyEB
+BpXtyD1NFg0op0p0/7jNpQUsNeKx9gRsTfUC7TDS4bYnJT+vNOFYiKClVC6lgrYT
+4dBvQQx44OY4VIwrXOl5H3Z5DR3D4Gg/yMtqizXmiCffVG3I8NJSrAm3QVS/xxxv
+fj2ITAUI3nmvKJD1IGXo4T/+N5GGexEWMu1IuDO4vkcKhYWIHlyAEC1paJjOslbU
+vbRjLQvAYe0P1TBk+2mal5Agh0UQHyYsDlxMDmortsKhLDXOVjAx2AS9VV2tBbpZ
+pEt4opfkapIwZaJV+5MgtHyWMFQ6w2QF/CdUAg==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ffdhe8192-1:ffdhe8192-1-pub
+
+PrivPubKeyPair=ffdhe8192-2:ffdhe8192-2-pub
+
+Derive=ffdhe8192-1
+PeerKey=ffdhe8192-2-pub
+SharedSecret=4E48335CB2A508C3481729F42C49CFC0A9DA673F9FA4FBD968B3C5B78DBFA8695295642D1337C54229370B33068481F6A6E1B021F8B09B7C6B3E4DB581AD4C7ACF5C230A1FD4107EAE55530A8376856A65E079DE1BDA41B050E9B53A088ACADB879CCBC683A13BB925D48497BF7021FEB9DA214DD77FCBB6D0D46EC2BB9C7A9AFB93FC236E4EB61CB0F0C8E025D8CF4AF8B3B0F28B3E2CFAE6E760DC7877C71046179154FBE1A50A315C4DBA6D9E06406D389B614B1FC422C72FBB958C0A2EE21694CD32136F9CF0A1205E0D3A4B10CC9C98B3B4524A0CDC9455D3021AC44057CEF4A97E85166068769E9E644CC447095243BB90368A1CE6F0E3C69CA180F5B9D51F590A812B1375460CF10A7E718A83A2F6B00D8E28BAB45CEAB8AF0EB02988ED9221416EC061C1C4081552D3D0849D243DB473EC7B90180C3891E768DD2D7002CF505D369700CAF02A4B9DD1F2828C4ACC1F2EB47100DC2DB5620ADA971D1B0B0FAC9F9E3492B591FC85AC3DCB3826A8DA5842F4AE145FE33BFCDD0B6CD15C9836A5862EDB3D87A0CDBD724AE19A79A55D4F0BFF7870019926181933C840EACFB70FBC0EF182057DC09E06798EB4C9AAC2285F22F5D907A432C6D00CC44D07D77E77D1ACC183A174146ECFBDA26FF922CEBD2FA288EF2D23F65C0AAAD0F05DBFB6CA12446082D1F5774877483C3858442E305CF2A9637CE0EBB702DB70FF336E5B0413F3E8791960F1F0A9877C9076213D40657283D546AE52B73FF4449E60F8B6FE30D4CC0BA1ACA7A7DC155EC73C48B21477983D004261267D710D8A5E8CBD0656F1A963F248E887E8C2BF87BCAE7A0D4891BF21FCF35893584B29E18E842A23EA329ADD3D6AD994B5CBFBBFAB5A26932E8F799B2B0FA7789DE7A4A5C4B7FA81971819EA7F33B5BF6577F917BDE9C3680BCC5B15F1EAB4524A1B6DEE96B9F108A77344269A1757685D0404C832E4E0C5A29F808CFA6290316C0EBB2EF0A7431F62A5FBCDC66527AD8A04C0F10AF88C7CE1F1F22C41B71CE278BB704E88145608C28AD78402487031F6B13604CC6687161EBB78E7AF7AA0BC3CCB9AD8B00D7C01980599904B71F5DBC06A691E5638566BE36522B7FED69E24C28F8EA798BA3E9CCEB8AB8CF5651379A21A38315B05C66205616BBC6A3DD5573C9C6FBA2E3488E055E5F36857016D9300BFCE9F38D7C7CCD07FCF1EF41F8347CADCB12C400536374CF269613B05069B6D94CADA3B1F4ACBB68FA1ED175B01D840D871B3B0CDB918CDF15C79169A398C189AEA78860081DB423C89D350587E26D6D77B4C762B4F2A030345679F724CFBB08DB03E8CEB4FF0B91422BD2EB5C1C356D209049CFA2D6447F69B1E1DF0850FFBB6BB9F8D5B147765C023F76524A808456DEBF6A9134E3364DF462D4807FE6D4D036A4E59A4D56F8A30D8A27F4DFA174940B713A7E4
+
+Derive=ffdhe8192-2
+PeerKey=ffdhe8192-1-pub
+SharedSecret=4E48335CB2A508C3481729F42C49CFC0A9DA673F9FA4FBD968B3C5B78DBFA8695295642D1337C54229370B33068481F6A6E1B021F8B09B7C6B3E4DB581AD4C7ACF5C230A1FD4107EAE55530A8376856A65E079DE1BDA41B050E9B53A088ACADB879CCBC683A13BB925D48497BF7021FEB9DA214DD77FCBB6D0D46EC2BB9C7A9AFB93FC236E4EB61CB0F0C8E025D8CF4AF8B3B0F28B3E2CFAE6E760DC7877C71046179154FBE1A50A315C4DBA6D9E06406D389B614B1FC422C72FBB958C0A2EE21694CD32136F9CF0A1205E0D3A4B10CC9C98B3B4524A0CDC9455D3021AC44057CEF4A97E85166068769E9E644CC447095243BB90368A1CE6F0E3C69CA180F5B9D51F590A812B1375460CF10A7E718A83A2F6B00D8E28BAB45CEAB8AF0EB02988ED9221416EC061C1C4081552D3D0849D243DB473EC7B90180C3891E768DD2D7002CF505D369700CAF02A4B9DD1F2828C4ACC1F2EB47100DC2DB5620ADA971D1B0B0FAC9F9E3492B591FC85AC3DCB3826A8DA5842F4AE145FE33BFCDD0B6CD15C9836A5862EDB3D87A0CDBD724AE19A79A55D4F0BFF7870019926181933C840EACFB70FBC0EF182057DC09E06798EB4C9AAC2285F22F5D907A432C6D00CC44D07D77E77D1ACC183A174146ECFBDA26FF922CEBD2FA288EF2D23F65C0AAAD0F05DBFB6CA12446082D1F5774877483C3858442E305CF2A9637CE0EBB702DB70FF336E5B0413F3E8791960F1F0A9877C9076213D40657283D546AE52B73FF4449E60F8B6FE30D4CC0BA1ACA7A7DC155EC73C48B21477983D004261267D710D8A5E8CBD0656F1A963F248E887E8C2BF87BCAE7A0D4891BF21FCF35893584B29E18E842A23EA329ADD3D6AD994B5CBFBBFAB5A26932E8F799B2B0FA7789DE7A4A5C4B7FA81971819EA7F33B5BF6577F917BDE9C3680BCC5B15F1EAB4524A1B6DEE96B9F108A77344269A1757685D0404C832E4E0C5A29F808CFA6290316C0EBB2EF0A7431F62A5FBCDC66527AD8A04C0F10AF88C7CE1F1F22C41B71CE278BB704E88145608C28AD78402487031F6B13604CC6687161EBB78E7AF7AA0BC3CCB9AD8B00D7C01980599904B71F5DBC06A691E5638566BE36522B7FED69E24C28F8EA798BA3E9CCEB8AB8CF5651379A21A38315B05C66205616BBC6A3DD5573C9C6FBA2E3488E055E5F36857016D9300BFCE9F38D7C7CCD07FCF1EF41F8347CADCB12C400536374CF269613B05069B6D94CADA3B1F4ACBB68FA1ED175B01D840D871B3B0CDB918CDF15C79169A398C189AEA78860081DB423C89D350587E26D6D77B4C762B4F2A030345679F724CFBB08DB03E8CEB4FF0B91422BD2EB5C1C356D209049CFA2D6447F69B1E1DF0850FFBB6BB9F8D5B147765C023F76524A808456DEBF6A9134E3364DF462D4807FE6D4D036A4E59A4D56F8A30D8A27F4DFA174940B713A7E4
diff --git a/test/recipes/30-test_evp_data/evppkey.txt b/test/recipes/30-test_evp_data/evppkey_kas.txt
similarity index 55%
rename from test/recipes/30-test_evp_data/evppkey.txt
rename to test/recipes/30-test_evp_data/evppkey_kas.txt
index 1d5274f103..44be323f09 100644
--- a/test/recipes/30-test_evp_data/evppkey.txt
+++ b/test/recipes/30-test_evp_data/evppkey_kas.txt
@@ -9,19266 +9,11653 @@
 # Tests start with one of these keywords
 #       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
 #       PrivPubKeyPair Sign Verify VerifyRecover
-# and continue until a blank line.  Lines starting with a pound sign,
-# like this prolog, are ignored.
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+# The keyword Availablein must appear before the test name if needed.
 
-# Public key algorithm tests
 
+# Public key algorithm tests
 # Private keys used for PKEY operations.
 
-# RSA 2048 bit key.
 
-PrivateKey = RSA-2048
+# http://csrc.nist.gov/groups/STM/cavp/component-testing.html#ECCCDH   #
+# sha256sum(KAS_ECC_CDH_PrimitiveTest.txt) =                           #
+#     456068d3f8aad8ac62a03d19ed3173f00ad51f42b51aeab4753c20f30c01cf23 #
+Title = ECDH KATs (from NIST SP800-56A co-factor ECDH KATs
+
+PrivateKey=KAS-ECC-CDH_P-192_C0
 -----BEGIN PRIVATE KEY-----
-MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDNAIHqeyrh6gbV
-n3xz2f+5SglhXC5Lp8Y2zvCN01M+wxhVJbAVx2m5mnfWclv5w1Mqm25fZifV+4UW
-B2jT3anL01l0URcX3D0wnS/EfuQfl+Mq23+d2GShxHZ6Zm7NcbwarPXnUX9LOFlP
-6psF5C1a2pkSAIAT5FMWpNm7jtCGuI0odYusr5ItRqhotIXSOcm66w4rZFknEPQr
-LR6gpLSALAvsqzKPimiwBzvbVG/uqYCdKEmRKzkMFTK8finHZY+BdfrkbzQzL/h7
-yrPkBkm5hXeGnaDqcYNT8HInVIhpE2SHYNEivmduD8SD3SD/wxvalqMZZsmqLnWt
-A95H4cRPAgMBAAECggEAYCl6x5kbFnoG1rJHWLjL4gi+ubLZ7Jc4vYD5Ci41AF3X
-ziktnim6iFvTFv7x8gkTvArJDWsICLJBTYIQREHYYkozzgIzyPeApIs3Wv8C12cS
-IopwJITbP56+zM+77hcJ26GCgA2Unp5CFuC/81WDiPi9kNo3Oh2CdD7D+90UJ/0W
-glplejFpEuhpU2URfKL4RckJQF/KxV+JX8FdIDhsJu54yemQdQKaF4psHkzwwgDo
-qc+yfp0Vb4bmwq3CKxqEoc1cpbJ5CHXXlAfISzUjlcuBzD/tW7BDtp7eDAcgRVAC
-XO6MX0QBcLYSC7SOD3R7zY9SIRCFDfBDxCjf0YcFMQKBgQD2+WG0fLwDXTrt68fe
-hQqVa2Xs25z2B2QGPxWqSFU8WNly/mZ1BW413f3De/O58vYi7icTNyVoScm+8hdv
-6PfD+LuRujdN1TuvPeyBTSvewQwf3IjN0Wh28mse36PwlBl+301C/x+ylxEDuJjK
-hZxCcocIaoQqtBC7ac8tNa9r4wKBgQDUfnJKf/QQSLJwwlJKQQGHi3MVm7c9PbwY
-eyIOY1s1NPluJDoYTZP4YLa/u2txwe2aHh9FhYMCPDAelqaSwaCLU9DsnKkQEA2A
-RR47fcagG6xK7O+N95iEa8I1oIy7os9MBoBMwRIZ6VYIxxTj8UMNSR+tu6MqV1Gg
-T5d0WDTJpQKBgCHyRSu5uV39AoyRS/eZ8cp36JqV1Q08FtOE+EVfi9evnrPfo9WR
-2YQt7yNfdjCo5IwIj/ZkLhAXlFNakz4el2+oUJ/HKLLaDEoaCNf883q6rh/zABrK
-HcG7sF2d/7qhoJ9/se7zgjfZ68zHIrkzhDbd5xGREnmMJoCcGo3sQyBhAoGAH3UQ
-qmLC2N5KPFMoJ4H0HgLQ6LQCrnhDLkScSBEBYaEUA/AtAYgKjcyTgVLXlyGkcRpg
-esRHHr+WSBD5W+R6ReYEmeKfTJdzyDdzQE9gZjdyjC0DUbsDwybIu3OnIef6VEDq
-IXK7oUZfzDDcsNn4mTDoFaoff5cpqFfgDgM43VkCgYBNHw11b+d+AQmaZS9QqIt7
-aF3FvwCYHV0jdv0Mb+Kc1bY4c0R5MFpzrTwVmdOerjuuA1+9b+0Hwo3nBZM4eaBu
-SOamA2hu2OJWCl9q8fLCT69KqWDjghhvFe7c6aJJGucwaA3Uz3eLcPqoaCarMiNH
-fMkTd7GabVourqIZdgvu1Q==
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjxfT/qNnt000CFHKQn
+DcskwnH0Rb7Z1SehNAMyAASxUFNAH1coVjfsMkwc0hOeOmfeNzkjSzfyacFYY3SC
+qtZEzWkt0dPvLIp8SeOJ9/Y=
 -----END PRIVATE KEY-----
 
-# Corresponding public key
-
-PublicKey = RSA-2048-PUBLIC
+PublicKey=KAS-ECC-CDH_P-192_C0-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQCB6nsq4eoG1Z98c9n/
-uUoJYVwuS6fGNs7wjdNTPsMYVSWwFcdpuZp31nJb+cNTKptuX2Yn1fuFFgdo092p
-y9NZdFEXF9w9MJ0vxH7kH5fjKtt/ndhkocR2emZuzXG8Gqz151F/SzhZT+qbBeQt
-WtqZEgCAE+RTFqTZu47QhriNKHWLrK+SLUaoaLSF0jnJuusOK2RZJxD0Ky0eoKS0
-gCwL7Ksyj4posAc721Rv7qmAnShJkSs5DBUyvH4px2WPgXX65G80My/4e8qz5AZJ
-uYV3hp2g6nGDU/ByJ1SIaRNkh2DRIr5nbg/Eg90g/8Mb2pajGWbJqi51rQPeR+HE
-TwIDAQAB
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEsVBTQB9XKFY37DJMHNITnjpn3jc5
+I0s38mnBWGN0gqrWRM1pLdHT7yyKfEnjiff2
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = RSA-2048:RSA-2048-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C0:KAS-ECC-CDH_P-192_C0-PUBLIC
+
+
+PublicKey=KAS-ECC-CDH_P-192_C0-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEQupt2Zad0qYf6hqsf46Y7cyJbG5V
+hXzA375dfGH6yIsRgRveMo6KDRK/AanSBLUj
+-----END PUBLIC KEY-----
 
 
-# EC P-256 key
+Derive=KAS-ECC-CDH_P-192_C0
+PeerKey=KAS-ECC-CDH_P-192_C0-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=803d8ab2e5b6e6fca715737c3a82f7ce3c783124f6d51cd0
 
-PrivateKey=P-256
+PrivateKey=KAS-ECC-CDH_P-192_C1
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgiocvtiiTxNH/xbnw
-+RdYBp+DUuCPoFpJ+NuSbLVyhyWhRANCAAQsFQ9CnOcPIWwlLPXgYs4fY5zV0WXH
-+JQkBywnGX14szuSDpXNtmTpkNzwz+oNlOKo5q+dDlgFbmUxBJJbn+bJ
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhW6FM0nZb+TEQkSNrL
+fPkrt6ldz1dKm9WhNAMyAATADUNXFv/qU/2MFieSQUw3ZlGH5YJxZTmrcRxiqnGl
+oY6KPEj4ncb6UvrAEI5SqKA=
 -----END PRIVATE KEY-----
 
-# EC public key for above
-
-PublicKey=P-256-PUBLIC
+PublicKey=KAS-ECC-CDH_P-192_C1-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAELBUPQpznDyFsJSz14GLOH2Oc1dFl
-x/iUJAcsJxl9eLM7kg6VzbZk6ZDc8M/qDZTiqOavnQ5YBW5lMQSSW5/myQ==
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEwA1DVxb/6lP9jBYnkkFMN2ZRh+WC
+cWU5q3EcYqpxpaGOijxI+J3G+lL6wBCOUqig
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = P-256:P-256-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C1:KAS-ECC-CDH_P-192_C1-PUBLIC
 
-# Additional EC key for ECDH
-PrivateKey=P-256-Peer
------BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg/URzu1TDNwUFWZ3i
-dLISAZpEY0vfJ2pLB7f+Xnjyl2OhRANCAAQgBuXhSgeKpz+4piXlYSVLvy0NT+wK
-uZWUI3LqUUCV07wg+RLLMY8yNK9kjqcgZDs/cB+bet64nQq+dNnvtpxG
------END PRIVATE KEY-----
 
-PublicKey=P-256-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_P-192_C1-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEIAbl4UoHiqc/uKYl5WElS78tDU/s
-CrmVlCNy6lFAldO8IPkSyzGPMjSvZI6nIGQ7P3Afm3reuJ0KvnTZ77acRg==
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE3rVxL6AnrI0vIsRVzLc6keF7ZRK1
+4DDnfiaQoCzJsocIQxop+1S4ex8MFOARrCEl
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = P-256-Peer:P-256-Peer-PUBLIC
 
-# DSA key
-PrivateKey=DSA-1024
+Availablein = default
+Derive=KAS-ECC-CDH_P-192_C1
+PeerKey=KAS-ECC-CDH_P-192_C1-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=c208847568b98835d7312cef1f97f7aa298283152313c29d
+
+PrivateKey=KAS-ECC-CDH_P-192_C2
 -----BEGIN PRIVATE KEY-----
-MIIBSwIBADCCASwGByqGSM44BAEwggEfAoGBAO0SwRpkAeM21qSM5ch4CLEHpFk4
-19R5ve1UUr421y3HEUURsrVpxYKvyx8aOBQC/akz95cYxNN3y1JnJJMxPklhdJrJ
-f/WDYPxjMk8BqNJmeZtLuCVLKGwQomuo7ZkG955WRyLHYEdQ6uC7K2QTPKpW6psF
-YFaDYjAjSEKk2MFxAhUAykDkKLZdhPWzwM8/qYaE31VmWz0CgYEApNVF8oFK41ez
-Qci9XbSZJHyPB+3jML1YQkHxiiInaIz6GEFtjUbIUEYA/ovY+6ECNI1aIDHTd7CH
-woS0mp33oQYs43nt29B6UwbtMmbzCOQ9vGGwWVho+JtHyyPWrDuLmkvLtoQPaxYt
-6PVa3gncr2v3njcVuH+EQ6DuFR93zksEFgIUbyv6pqH+UQurernJn/7sUm2U2i0=
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjG72H+EugL9W8tP30L
+t1c5RRmQbVVQCUmhNAMyAAThhLwYJILzQDyHh7g4Qkd0Z/zQEdsPbGT50cFBQvQN
+6GOduX1Rpj0szhAHzPdzzcs=
 -----END PRIVATE KEY-----
 
-PublicKey=DSA-1024-PUBLIC
+PublicKey=KAS-ECC-CDH_P-192_C2-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIIBtzCCASwGByqGSM44BAEwggEfAoGBAO0SwRpkAeM21qSM5ch4CLEHpFk419R5
-ve1UUr421y3HEUURsrVpxYKvyx8aOBQC/akz95cYxNN3y1JnJJMxPklhdJrJf/WD
-YPxjMk8BqNJmeZtLuCVLKGwQomuo7ZkG955WRyLHYEdQ6uC7K2QTPKpW6psFYFaD
-YjAjSEKk2MFxAhUAykDkKLZdhPWzwM8/qYaE31VmWz0CgYEApNVF8oFK41ezQci9
-XbSZJHyPB+3jML1YQkHxiiInaIz6GEFtjUbIUEYA/ovY+6ECNI1aIDHTd7CHwoS0
-mp33oQYs43nt29B6UwbtMmbzCOQ9vGGwWVho+JtHyyPWrDuLmkvLtoQPaxYt6PVa
-3gncr2v3njcVuH+EQ6DuFR93zksDgYQAAoGAVXFwJ5wTuF0rQ6AWfTitm3/zUeRW
-SeKFo+Rg0GrBI+Wg2Tj+Yn6V8Xs+Xyjim1wsd2P6/BlJzCEr4nHjP9JcBICqM3vI
-9zCaT/vYsLD7/T7rF9AF/jV+LnkGJCzLbDYF04IkhtLNHOQob+Uc8PWB78e/1Lc4
-SzJw2oHciIOt+UU=
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE4YS8GCSC80A8h4e4OEJHdGf80BHb
+D2xk+dHBQUL0Dehjnbl9UaY9LM4QB8z3c83L
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = DSA-1024:DSA-1024-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C2:KAS-ECC-CDH_P-192_C2-PUBLIC
 
 
-Title = RSA tests
+PublicKey=KAS-ECC-CDH_P-192_C2-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAETtqo78Wg9A+ENmPsWBXndi3dwAjm
+Y8IPCp+Nxno+YO9tZLUiGF0D3x/Arf1CR4J5
+-----END PUBLIC KEY-----
 
-Sign = RSA-2048
-Availablein = default
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1234"
-Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
 
-Verify = RSA-2048
 Availablein = default
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1234"
-Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
+Derive=KAS-ECC-CDH_P-192_C2
+PeerKey=KAS-ECC-CDH_P-192_C2-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=87229107047a3b611920d6e3b2c0c89bea4f49412260b8dd
 
-# Truncated digest
-Sign = RSA-2048
-Availablein = default
-Ctrl = digest:SHA512-224
-Input = "0123456789ABCDEF123456789ABC"
-Output = 5f720e9488139bb21e1c2f027fd5ce5993e6d31c5a8faaee833487b3a944d66891178868ace8070cad3ee2ffbe54aa4885a15fd1a7cc5166970fe1fd8c0423e72bd3e3b56fc4a53ed80aaaeca42497f0ec3c62113edc05cd006608f5eef7ce3ad4cba1069f68731dd28a524a1f93fcdc5547112d48d45586dd943ba0d443be9635720d8a61697c54c96627f0d85c5fbeaa3b4af86a65cf2fc3800dd5de34c046985f25d0efc0bb6edccc1d08b3a4fb9c8faffe181c7e68b31e374ad1440a4a664eec9ca0dc53a9d2f5bc7d9940d866f64201bcbc63612754df45727ea24b531d7de83d1bb707444859fa35521320c33bf6f4dbeb6fb56e653adbf7af15843f17
+PrivateKey=KAS-ECC-CDH_P-192_C3
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjmdHucI7pwRPOP9+Ys
+NeQDiSD1oBY9PNqhNAMyAAQrg42+c3NfN6OaeNMZV4PSaZHob/TZLRpg00SUInRI
+n5iQOy5/k/jRl/ya5goO1To=
+-----END PRIVATE KEY-----
 
-Verify = RSA-2048
-Availablein = default
-Ctrl = digest:SHA512-224
-Input = "0123456789ABCDEF123456789ABC"
-Output = 5f720e9488139bb21e1c2f027fd5ce5993e6d31c5a8faaee833487b3a944d66891178868ace8070cad3ee2ffbe54aa4885a15fd1a7cc5166970fe1fd8c0423e72bd3e3b56fc4a53ed80aaaeca42497f0ec3c62113edc05cd006608f5eef7ce3ad4cba1069f68731dd28a524a1f93fcdc5547112d48d45586dd943ba0d443be9635720d8a61697c54c96627f0d85c5fbeaa3b4af86a65cf2fc3800dd5de34c046985f25d0efc0bb6edccc1d08b3a4fb9c8faffe181c7e68b31e374ad1440a4a664eec9ca0dc53a9d2f5bc7d9940d866f64201bcbc63612754df45727ea24b531d7de83d1bb707444859fa35521320c33bf6f4dbeb6fb56e653adbf7af15843f17
+PublicKey=KAS-ECC-CDH_P-192_C3-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEK4ONvnNzXzejmnjTGVeD0mmR6G/0
+2S0aYNNElCJ0SJ+YkDsuf5P40Zf8muYKDtU6
+-----END PUBLIC KEY-----
 
-VerifyRecover = RSA-2048
-Availablein = default
-Ctrl = digest:SHA1
-Input = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
-Output = "0123456789ABCDEF1234"
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C3:KAS-ECC-CDH_P-192_C3-PUBLIC
 
-# Leading zero in the signature
-Verify = RSA-2048
-Availablein = default
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1234"
-Output = 00c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
-Result = VERIFY_ERROR
 
-VerifyRecover = RSA-2048
-Availablein = default
-Ctrl = digest:SHA1
-Input = 00c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
-Result = KEYOP_ERROR
+PublicKey=KAS-ECC-CDH_P-192_C3-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEiIfCdu3u0+noZrRtWNiVxz+9gLY+
+OC6IBMUJe6ZkXhYgbPtw9wUmVZR91EoX8fnV
+-----END PUBLIC KEY-----
 
-# Digest too long
-Sign = RSA-2048
-Availablein = default
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF12345"
-Output = 00
-Result = KEYOP_ERROR
 
-# Digest too short
-Sign = RSA-2048
 Availablein = default
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF12345"
-Output = 00
-Result = KEYOP_ERROR
+Derive=KAS-ECC-CDH_P-192_C3
+PeerKey=KAS-ECC-CDH_P-192_C3-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=eec0bed8fc55e1feddc82158fd6dc0d48a4d796aaf47d46c
 
-# Mismatched digest
-Verify = RSA-2048
-Availablein = default
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1233"
-Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
-Result = VERIFY_ERROR
+PrivateKey=KAS-ECC-CDH_P-192_C4
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBi+q+3QFUoa/PyF1SGB
+wQ9etHrcUfZVBH2hNAMyAAQfZc9uiXjhwbwQu2Gn2zEd4xAIjIz5dov31DgWjn9C
+qxSxavU6ei9kb/QLU9dMvMc=
+-----END PRIVATE KEY-----
 
-# Corrupted signature
-Verify = RSA-2048
-Availablein = default
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1233"
-Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ae
-Result = VERIFY_ERROR
+PublicKey=KAS-ECC-CDH_P-192_C4-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEH2XPbol44cG8ELthp9sxHeMQCIyM
++XaL99Q4Fo5/QqsUsWr1OnovZG/0C1PXTLzH
+-----END PUBLIC KEY-----
 
-# parameter is not NULL
-Verify = RSA-2048
-Availablein = default
-Ctrl = digest:sha1
-Input = "0123456789ABCDEF1234"
-Output = 3ec3fc29eb6e122bd7aa361cd09fe1bcbe85311096a7b9e4799cedfb2351ce0ab7fe4e75b4f6b37f67edd9c60c800f9ab941c0c157d7d880ca9de40c951d60fd293ae220d4bc510b1572d6e85a1bbbd8605b52e05f1c64fafdae59a1c2fbed214b7844d0134619de62851d5a0522e32e556e5950f3f97b8150e3f0dffee612c924201c27cd9bc8b423a71533380c276d3d59fcba35a2e80a1a192ec266a6c2255012cd86a349fe90a542b355fa3355b04da6cdf1df77f0e7bd44a90e880e1760266d233e465226f5db1c68857847d82072861ee266ddfc2e596845b77e1803274a579835ab5e4975d81d20b7df9cec7795489e4a2bdb8c1cf6a6b359945ac92c
-Result = VERIFY_ERROR
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C4:KAS-ECC-CDH_P-192_C4-PUBLIC
 
-# embedded digest too long
-Verify = RSA-2048
-Availablein = default
-Ctrl = digest:sha1
-Input = "0123456789ABCDEF1234"
-Output = afec9a0d5330a08f54283bb4a9d4e7e7e70fc1342336c4c766fba713f66970151c6e27413c48c33864ea45a0238787004f338ed3e21b53b0fe9c1151c42c388cbc7cba5a06b706c407a5b48324fbe994dc7afc3a19fb3d2841e66222596c14cd72a0f0a7455a019d8eb554f59c0183f9552b75aa96fee8bf935945e079ca283d2bd3534a86f11351f6d6181fbf433e5b01a6d1422145c7a72214d3aacdd5d3af12b2d6bf6438f9f9a64010d8aeed801c87f0859412b236150b86a545f7239be022f4a7ad246b59df87514294cb4a4c7c5a997ee53c66054d9f38ca4e76c1f7af83c30f737ef70f83a45aebe18238ddb95e1998814ca4fc72388f1533147c169d
-Result = VERIFY_ERROR
 
-VerifyRecover = RSA-2048
-Availablein = default
-Ctrl = digest:sha1
-Input = afec9a0d5330a08f54283bb4a9d4e7e7e70fc1342336c4c766fba713f66970151c6e27413c48c33864ea45a0238787004f338ed3e21b53b0fe9c1151c42c388cbc7cba5a06b706c407a5b48324fbe994dc7afc3a19fb3d2841e66222596c14cd72a0f0a7455a019d8eb554f59c0183f9552b75aa96fee8bf935945e079ca283d2bd3534a86f11351f6d6181fbf433e5b01a6d1422145c7a72214d3aacdd5d3af12b2d6bf6438f9f9a64010d8aeed801c87f0859412b236150b86a545f7239be022f4a7ad246b59df87514294cb4a4c7c5a997ee53c66054d9f38ca4e76c1f7af83c30f737ef70f83a45aebe18238ddb95e1998814ca4fc72388f1533147c169d
-Result = KEYOP_ERROR
+PublicKey=KAS-ECC-CDH_P-192_C4-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEDQRfMCVK3B/O+opbHzG/TnOd0yfN
+GNWUVCwxTkFCfAgnigjOjXMF87W4Scctiv9z
+-----END PUBLIC KEY-----
 
-# embedded digest too short
-Verify = RSA-2048
-Availablein = default
-Ctrl = digest:sha1
-Input = "0123456789ABCDEF1234"
-Output = afec9a0d5330a08f54283bb4a9d4e7e7e70fc1342336c4c766fba713f66970151c6e27413c48c33864ea45a0238787004f338ed3e21b53b0fe9c1151c42c388cbc7cba5a06b706c407a5b48324fbe994dc7afc3a19fb3d2841e66222596c14cd72a0f0a7455a019d8eb554f59c0183f9552b75aa96fee8bf935945e079ca283d2bd3534a86f11351f6d6181fbf433e5b01a6d1422145c7a72214d3aacdd5d3af12b2d6bf6438f9f9a64010d8aeed801c87f0859412b236150b86a545f7239be022f4a7ad246b59df87514294cb4a4c7c5a997ee53c66054d9f38ca4e76c1f7af83c30f737ef70f83a45aebe18238ddb95e1998814ca4fc72388f1533147c169d
-Result = VERIFY_ERROR
 
-VerifyRecover = RSA-2048
 Availablein = default
-Ctrl = digest:sha1
-Input = afec9a0d5330a08f54283bb4a9d4e7e7e70fc1342336c4c766fba713f66970151c6e27413c48c33864ea45a0238787004f338ed3e21b53b0fe9c1151c42c388cbc7cba5a06b706c407a5b48324fbe994dc7afc3a19fb3d2841e66222596c14cd72a0f0a7455a019d8eb554f59c0183f9552b75aa96fee8bf935945e079ca283d2bd3534a86f11351f6d6181fbf433e5b01a6d1422145c7a72214d3aacdd5d3af12b2d6bf6438f9f9a64010d8aeed801c87f0859412b236150b86a545f7239be022f4a7ad246b59df87514294cb4a4c7c5a997ee53c66054d9f38ca4e76c1f7af83c30f737ef70f83a45aebe18238ddb95e1998814ca4fc72388f1533147c169d
-Result = KEYOP_ERROR
+Derive=KAS-ECC-CDH_P-192_C4
+PeerKey=KAS-ECC-CDH_P-192_C4-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=716e743b1b37a2cd8479f0a3d5a74c10ba2599be18d7e2f4
 
-# Garbage after DigestInfo
-Verify = RSA-2048
-Availablein = default
-Ctrl = digest:sha1
-Input = "0123456789ABCDEF1234"
-Output = 9ee34872d4271a7d8808af0a4052a145a6d6a8437d00da3ed14428c7f087cd39f4d43334c41af63e7fa1ba363fee7bcef401d9d36a662abbab55ce89a696e1be0dfa19a5d09ca617dd488787b6048baaefeb29bc8688b2fe3882de2b77c905b5a8b56cf9616041e5ec934ba6de863efe93acc4eef783fe7f72a00fa65d6093ed32bf98ce527e62ccb1d56317f4be18b7e0f55d7c36617d2d0678a306e3350956b662ac15df45215dd8f6b314babb9788e6c272fa461e4c9b512a11a4b92bc77c3a4c95c903fccb238794eca5c750477bf56ea6ee6a167367d881b485ae3889e7c489af8fdf38e0c0f2aed780831182e34abedd43c39281b290774bf35cc25274
-Result = VERIFY_ERROR
+PrivateKey=KAS-ECC-CDH_P-192_C5
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjPcDVCJmZzIdbiuvQJ
+meL9dMeg95P6hpmhNAMyAARfSET/zOYQBdJPc325hnXpL3tlQ662EGxUJPWYE5IV
+04m2sSuG1YAUhX8t2ttUD1E=
+-----END PRIVATE KEY-----
 
-VerifyRecover = RSA-2048
-Availablein = default
-Ctrl = digest:sha1
-Input = 9ee34872d4271a7d8808af0a4052a145a6d6a8437d00da3ed14428c7f087cd39f4d43334c41af63e7fa1ba363fee7bcef401d9d36a662abbab55ce89a696e1be0dfa19a5d09ca617dd488787b6048baaefeb29bc8688b2fe3882de2b77c905b5a8b56cf9616041e5ec934ba6de863efe93acc4eef783fe7f72a00fa65d6093ed32bf98ce527e62ccb1d56317f4be18b7e0f55d7c36617d2d0678a306e3350956b662ac15df45215dd8f6b314babb9788e6c272fa461e4c9b512a11a4b92bc77c3a4c95c903fccb238794eca5c750477bf56ea6ee6a167367d881b485ae3889e7c489af8fdf38e0c0f2aed780831182e34abedd43c39281b290774bf35cc25274
-Result = KEYOP_ERROR
+PublicKey=KAS-ECC-CDH_P-192_C5-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEX0hE/8zmEAXST3N9uYZ16S97ZUOu
+thBsVCT1mBOSFdOJtrErhtWAFIV/LdrbVA9R
+-----END PUBLIC KEY-----
 
-# invalid tag for parameter
-Verify = RSA-2048
-Availablein = default
-Ctrl = digest:sha1
-Input = "0123456789ABCDEF1234"
-Output = 49525db4d44c755e560cba980b1d85ea604b0e077fcadd4ba44072a3487bbddb835016200a7d8739cce2dc3223d9c20cbdd25059ab02277f1f21318efd18e21038ec89aa9d40680987129e8b41ba33bceb86518bdf47268b921cce2037acabca6575d832499538d6f40cdba0d40bd7f4d8ea6ca6e2eec87f294efc971407857f5d7db09f6a7b31e301f571c6d82a5e3d08d2bb3a36e673d28b910f5bec57f0fcc4d968fd7c94d0b9226dec17f5192ad8b42bcab6f26e1bea1fdc3b958199acb00f14ebcb2a352f3afcedd4c09000128a603bbeb9696dea13040445253972d46237a25c7845e3b464e6984c2348ea1f1210a9ff0b00d2d72b50db00c009bb39f9
-Result = VERIFY_ERROR
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C5:KAS-ECC-CDH_P-192_C5-PUBLIC
 
-VerifyRecover = RSA-2048
-Availablein = default
-Ctrl = digest:sha1
-Input = 49525db4d44c755e560cba980b1d85ea604b0e077fcadd4ba44072a3487bbddb835016200a7d8739cce2dc3223d9c20cbdd25059ab02277f1f21318efd18e21038ec89aa9d40680987129e8b41ba33bceb86518bdf47268b921cce2037acabca6575d832499538d6f40cdba0d40bd7f4d8ea6ca6e2eec87f294efc971407857f5d7db09f6a7b31e301f571c6d82a5e3d08d2bb3a36e673d28b910f5bec57f0fcc4d968fd7c94d0b9226dec17f5192ad8b42bcab6f26e1bea1fdc3b958199acb00f14ebcb2a352f3afcedd4c09000128a603bbeb9696dea13040445253972d46237a25c7845e3b464e6984c2348ea1f1210a9ff0b00d2d72b50db00c009bb39f9
-Result = KEYOP_ERROR
 
-# MD5/SHA-1 combination
-Verify = RSA-2048
-Availablein = default
-Ctrl = digest:MD5-SHA1
-Input = "0123456789ABCDEF0123456789ABCDEF0123"
-Output = 7b80e0d4d2a6b7f4b018ce164bc0be21a0604b1b05e91c6204372458b05a0e4dbf0b36b3f80dbf04b278ad1fcf7ff6d982d5ca5d98b13b68240d846d400b8db6675b1a5fcbe2256322c5f691378bc941785326030fa835d240e334e2a4d35b17c1149b59dbb6e6d53b44326ebfc371f754449d36bad3722c1878af1699bb0a00c28e37162f99aba550b7c333228a70c906e3701c519a460a14fac29ff164ca9413efd19b431b31a9ad2988662cdbda9cdcff85f294b4be2cf072caceb1d3f52642edafea2e1d1e495061f18b5b3a130d2242cec830e44d506590e5df69bb974879a35e6bdc1ad00e3e31b362f2f5cdeabd8a0dfddfdb66a7c43993a3e189b80d
+PublicKey=KAS-ECC-CDH_P-192_C5-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE+zXKINLpZmXFG5jo9us9eRE1CNi8
+zUUWNo7sDVv7hHch32qv8OXUjERPdL+c2KWn
+-----END PUBLIC KEY-----
 
-VerifyRecover = RSA-2048
-Availablein = default
-Ctrl = digest:MD5-SHA1
-Input = 7b80e0d4d2a6b7f4b018ce164bc0be21a0604b1b05e91c6204372458b05a0e4dbf0b36b3f80dbf04b278ad1fcf7ff6d982d5ca5d98b13b68240d846d400b8db6675b1a5fcbe2256322c5f691378bc941785326030fa835d240e334e2a4d35b17c1149b59dbb6e6d53b44326ebfc371f754449d36bad3722c1878af1699bb0a00c28e37162f99aba550b7c333228a70c906e3701c519a460a14fac29ff164ca9413efd19b431b31a9ad2988662cdbda9cdcff85f294b4be2cf072caceb1d3f52642edafea2e1d1e495061f18b5b3a130d2242cec830e44d506590e5df69bb974879a35e6bdc1ad00e3e31b362f2f5cdeabd8a0dfddfdb66a7c43993a3e189b80d
-Output = "0123456789ABCDEF0123456789ABCDEF0123"
 
-# MD5/SHA-1 combination, digest mismatch
-Verify = RSA-2048
 Availablein = default
-Ctrl = digest:MD5-SHA1
-Input = "000000000000000000000000000000000000"
-Output = 7b80e0d4d2a6b7f4b018ce164bc0be21a0604b1b05e91c6204372458b05a0e4dbf0b36b3f80dbf04b278ad1fcf7ff6d982d5ca5d98b13b68240d846d400b8db6675b1a5fcbe2256322c5f691378bc941785326030fa835d240e334e2a4d35b17c1149b59dbb6e6d53b44326ebfc371f754449d36bad3722c1878af1699bb0a00c28e37162f99aba550b7c333228a70c906e3701c519a460a14fac29ff164ca9413efd19b431b31a9ad2988662cdbda9cdcff85f294b4be2cf072caceb1d3f52642edafea2e1d1e495061f18b5b3a130d2242cec830e44d506590e5df69bb974879a35e6bdc1ad00e3e31b362f2f5cdeabd8a0dfddfdb66a7c43993a3e189b80d
-Result = VERIFY_ERROR
+Derive=KAS-ECC-CDH_P-192_C5
+PeerKey=KAS-ECC-CDH_P-192_C5-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=f67053b934459985a315cb017bf0302891798d45d0e19508
 
-# MD5/SHA-1 combination, wrong signature digest length
-Verify = RSA-2048
-Availablein = default
-Ctrl = digest:MD5-SHA1
-Input = "0123456789ABCDEF0123456789ABCDEF0123"
-Output = 6c13511f97ffb8137545fce551a43cf2b5b3dbdd5c3ceaaccd4620a6a373f3c38cc523d95bbdd810c852743b981bc4393c6b0cdfb0da5e77a8cc0108b05ff95e0f4dd7a0125b7390af1408dca6ddefac3b05b768de7b0c3df3c74e5f102f62743d67813beee1777036078da4cff5b29f49f01a6df3a2e709c37a83737108517687fe754d9ee908cb36c55e88f67c0b537108707347d16049f5dfac3d400ea367222d36627937a7f822f451c3d2c2dbc9e2202bffd3dc1b22213e17270a6b657619c6f44cbf66b077d548cfc9e1a114f8b853412470f2bf8d828f04d0d9f1aef260d216acb0911329fb5bdc48c2be3b198bf6f96e1c3fb116ad4430140d0640d4
-Result = VERIFY_ERROR
+PrivateKey=KAS-ECC-CDH_P-192_C6
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBj+lCUVI3//3XtOtcZJ
+Ce7khWoHbN8SuuKhNAMyAATmNp33myB7i4Z598hpz8JkhZ0atVqkAegfmccfgBow
+tS902m5ebbti7kxdoQkMwCA=
+-----END PRIVATE KEY-----
 
-VerifyRecover = RSA-2048
-Availablein = default
-Ctrl = digest:MD5-SHA1
-Input = 6c13511f97ffb8137545fce551a43cf2b5b3dbdd5c3ceaaccd4620a6a373f3c38cc523d95bbdd810c852743b981bc4393c6b0cdfb0da5e77a8cc0108b05ff95e0f4dd7a0125b7390af1408dca6ddefac3b05b768de7b0c3df3c74e5f102f62743d67813beee1777036078da4cff5b29f49f01a6df3a2e709c37a83737108517687fe754d9ee908cb36c55e88f67c0b537108707347d16049f5dfac3d400ea367222d36627937a7f822f451c3d2c2dbc9e2202bffd3dc1b22213e17270a6b657619c6f44cbf66b077d548cfc9e1a114f8b853412470f2bf8d828f04d0d9f1aef260d216acb0911329fb5bdc48c2be3b198bf6f96e1c3fb116ad4430140d0640d4
-Result = KEYOP_ERROR
+PublicKey=KAS-ECC-CDH_P-192_C6-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE5jad95sge4uGeffIac/CZIWdGrVa
+pAHoH5nHH4AaMLUvdNpuXm27Yu5MXaEJDMAg
+-----END PUBLIC KEY-----
 
-# MD5/SHA-1 combination, wrong input digest length
-Verify = RSA-2048
-Availablein = default
-Ctrl = digest:MD5-SHA1
-Input = "0123456789ABCDEF0123456789ABCDEF012"
-Output = 7b80e0d4d2a6b7f4b018ce164bc0be21a0604b1b05e91c6204372458b05a0e4dbf0b36b3f80dbf04b278ad1fcf7ff6d982d5ca5d98b13b68240d846d400b8db6675b1a5fcbe2256322c5f691378bc941785326030fa835d240e334e2a4d35b17c1149b59dbb6e6d53b44326ebfc371f754449d36bad3722c1878af1699bb0a00c28e37162f99aba550b7c333228a70c906e3701c519a460a14fac29ff164ca9413efd19b431b31a9ad2988662cdbda9cdcff85f294b4be2cf072caceb1d3f52642edafea2e1d1e495061f18b5b3a130d2242cec830e44d506590e5df69bb974879a35e6bdc1ad00e3e31b362f2f5cdeabd8a0dfddfdb66a7c43993a3e189b80d
-Result = VERIFY_ERROR
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C6:KAS-ECC-CDH_P-192_C6-PUBLIC
 
-# MD5/SHA-1 combination, wrong input and signature digest length
-Verify = RSA-2048
-Availablein = default
-Ctrl = digest:MD5-SHA1
-Input = "0123456789ABCDEF0123456789ABCDEF012"
-Output = 6c13511f97ffb8137545fce551a43cf2b5b3dbdd5c3ceaaccd4620a6a373f3c38cc523d95bbdd810c852743b981bc4393c6b0cdfb0da5e77a8cc0108b05ff95e0f4dd7a0125b7390af1408dca6ddefac3b05b768de7b0c3df3c74e5f102f62743d67813beee1777036078da4cff5b29f49f01a6df3a2e709c37a83737108517687fe754d9ee908cb36c55e88f67c0b537108707347d16049f5dfac3d400ea367222d36627937a7f822f451c3d2c2dbc9e2202bffd3dc1b22213e17270a6b657619c6f44cbf66b077d548cfc9e1a114f8b853412470f2bf8d828f04d0d9f1aef260d216acb0911329fb5bdc48c2be3b198bf6f96e1c3fb116ad4430140d0640d4
-Result = VERIFY_ERROR
 
-# DigestInfo-wrapped MDC-2 signature
-Verify = RSA-2048
-Availablein = default
-Availablein = legacy
-Ctrl = digest:MDC2
-Input = "0123456789ABCDEF"
-Output = 3a46e5e80635d3b5586187b44b08fd02ca0bd36a637a8afeb46a1c1eb18d05b3196e00edf85378109015bcd3d0cfcefc2919c5b8e3ac42884b360188b1395ed34df7d2749f36b91c320d290311d78b36f390481eff42ace0275385c05176d022e4b625cf0ed85082d4b25da9e8a86011f6ac1cb8d8b812cc2bbd6c240caa8445aa74f8e971c935dbf3447df0411eb9e5cdee0851d1e0fea7041916c77efc09dc54e8dd4b7ba8f8d85ef43d4f12abde99886f4ebd5f021fc1b476cc23dc6a94fbbe77c954eee496fb6b4b5c534daa4e819143ce8de511a8bcb65759750c17edaca6fb31ac271c1ca3a27705f780ae86c67009e76fcba9067dde3556ff59c44111
+PublicKey=KAS-ECC-CDH_P-192_C6-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEgkdSlgwTB+XxOoPaIceZjKi1sAuV
+SfbQvFLZHiNDY7wy7gtnePJc2MGEdRD0NIuU
+-----END PUBLIC KEY-----
 
-VerifyRecover = RSA-2048
-Availablein = default
-Availablein = legacy
-Ctrl = digest:MDC2
-Input = 3a46e5e80635d3b5586187b44b08fd02ca0bd36a637a8afeb46a1c1eb18d05b3196e00edf85378109015bcd3d0cfcefc2919c5b8e3ac42884b360188b1395ed34df7d2749f36b91c320d290311d78b36f390481eff42ace0275385c05176d022e4b625cf0ed85082d4b25da9e8a86011f6ac1cb8d8b812cc2bbd6c240caa8445aa74f8e971c935dbf3447df0411eb9e5cdee0851d1e0fea7041916c77efc09dc54e8dd4b7ba8f8d85ef43d4f12abde99886f4ebd5f021fc1b476cc23dc6a94fbbe77c954eee496fb6b4b5c534daa4e819143ce8de511a8bcb65759750c17edaca6fb31ac271c1ca3a27705f780ae86c67009e76fcba9067dde3556ff59c44111
-Output = "0123456789ABCDEF"
 
-# Legacy OCTET STRING MDC-2 signature
-Verify = RSA-2048
 Availablein = default
-Availablein = legacy
-Ctrl = digest:MDC2
-Input = "0123456789ABCDEF"
-Output = 6cde46bbfc6a3b772c3d884640709be9f2fb70fcf199c14eaff7811369ea99733f984a9c48cd372578fa37cedeef24c93286d6d64f438df051e625ab2e125a7d9974a76240873e43efc3acbcbdccc2ee63769cdbf983b334ccb982273315c222b3bbdc3e928ac8a141a7412f1f794cfcabcc069a2ae4975d7bb68bea145d789634c9e0b02d324b5efd599c9bf2b1d32d077aba59aa0ad4a82cbbb90eaa9214e4f57104cf049c4139e2ddecf6edf219cd986f4d79cf25128c58667562c9d22be0291430d6cc7dad977d56e08315fcec133ea95d8db550f89735b4d5f233eaff0c86fce2b99f3f508e920f882c31f3e13f8775a3c8fa585c4f4c69eca89f648b7e
+Derive=KAS-ECC-CDH_P-192_C6
+PeerKey=KAS-ECC-CDH_P-192_C6-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=75822971193edd472bf30151a782619c55ad0b279c9303dd
 
-VerifyRecover = RSA-2048
-Availablein = default
-Availablein = legacy
-Ctrl = digest:MDC2
-Input = 6cde46bbfc6a3b772c3d884640709be9f2fb70fcf199c14eaff7811369ea99733f984a9c48cd372578fa37cedeef24c93286d6d64f438df051e625ab2e125a7d9974a76240873e43efc3acbcbdccc2ee63769cdbf983b334ccb982273315c222b3bbdc3e928ac8a141a7412f1f794cfcabcc069a2ae4975d7bb68bea145d789634c9e0b02d324b5efd599c9bf2b1d32d077aba59aa0ad4a82cbbb90eaa9214e4f57104cf049c4139e2ddecf6edf219cd986f4d79cf25128c58667562c9d22be0291430d6cc7dad977d56e08315fcec133ea95d8db550f89735b4d5f233eaff0c86fce2b99f3f508e920f882c31f3e13f8775a3c8fa585c4f4c69eca89f648b7e
-Output = "0123456789ABCDEF"
+PrivateKey=KAS-ECC-CDH_P-192_C7
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBgz/tEEkq+lvqAzPArx
+LKyUDE0iJFW80P6hNAMyAATvCyivxBY31zf0LkyKrOrchLouC4ScoYxXeXlC5VIX
+O7oX9zJ44Cn0IzUGi9dw3fI=
+-----END PRIVATE KEY-----
 
-# Legacy OCTET STRING MDC-2 signature, digest mismatch
-Verify = RSA-2048
-Availablein = default
-Availablein = legacy
-Ctrl = digest:MDC2
-Input = "0000000000000000"
-Output = 6cde46bbfc6a3b772c3d884640709be9f2fb70fcf199c14eaff7811369ea99733f984a9c48cd372578fa37cedeef24c93286d6d64f438df051e625ab2e125a7d9974a76240873e43efc3acbcbdccc2ee63769cdbf983b334ccb982273315c222b3bbdc3e928ac8a141a7412f1f794cfcabcc069a2ae4975d7bb68bea145d789634c9e0b02d324b5efd599c9bf2b1d32d077aba59aa0ad4a82cbbb90eaa9214e4f57104cf049c4139e2ddecf6edf219cd986f4d79cf25128c58667562c9d22be0291430d6cc7dad977d56e08315fcec133ea95d8db550f89735b4d5f233eaff0c86fce2b99f3f508e920f882c31f3e13f8775a3c8fa585c4f4c69eca89f648b7e
-Result = VERIFY_ERROR
-
-# Legacy OCTET STRING MDC-2 signature, wrong input digest length
-Verify = RSA-2048
-Availablein = default
-Availablein = legacy
-Ctrl = digest:MDC2
-Input = "0123456789ABCDE"
-Output = 6cde46bbfc6a3b772c3d884640709be9f2fb70fcf199c14eaff7811369ea99733f984a9c48cd372578fa37cedeef24c93286d6d64f438df051e625ab2e125a7d9974a76240873e43efc3acbcbdccc2ee63769cdbf983b334ccb982273315c222b3bbdc3e928ac8a141a7412f1f794cfcabcc069a2ae4975d7bb68bea145d789634c9e0b02d324b5efd599c9bf2b1d32d077aba59aa0ad4a82cbbb90eaa9214e4f57104cf049c4139e2ddecf6edf219cd986f4d79cf25128c58667562c9d22be0291430d6cc7dad977d56e08315fcec133ea95d8db550f89735b4d5f233eaff0c86fce2b99f3f508e920f882c31f3e13f8775a3c8fa585c4f4c69eca89f648b7e
-Result = VERIFY_ERROR
-
-# Legacy OCTET STRING MDC-2 signature, wrong signature digest length
-Verify = RSA-2048
-Availablein = default
-Availablein = legacy
-Ctrl = digest:MDC2
-Input = "0123456789ABCDEF"
-Output = 08da512483ece70be57f28a75271612800ae30ffbadc62609bc88b80d497a1fc13c300fdfcab6dc80cf55373c10adcc249ae80479b87fa3e391a2cd4a74babd1c22a4976812d544dcd6729b161bbc48fd067cf635b05f9edaddaeb6f67f2117d6b54a23c5e6f08a246abfe0356a67d7f3929306515e6d9962f8ce205120ecdcd2d4e3783cd0b4a1f0196a1b13924d0d3649233312695c3c336ae04e0b1efddabcc878b57622db60f6f747a1124c38426dacf1425c92d304c2bb1052f987c1dd73e4cc4b20d23396d4f05f52f98cf5065c3fb7dc319425f1f6f1878b87f57afbd24fbff98909494581aadd04d80a639b85ce8684ea58409d8dbbbaacf256bb5c4
-Result = VERIFY_ERROR
-
-VerifyRecover = RSA-2048
-Availablein = default
-Availablein = legacy
-Ctrl = digest:MDC2
-Input = 08da512483ece70be57f28a75271612800ae30ffbadc62609bc88b80d497a1fc13c300fdfcab6dc80cf55373c10adcc249ae80479b87fa3e391a2cd4a74babd1c22a4976812d544dcd6729b161bbc48fd067cf635b05f9edaddaeb6f67f2117d6b54a23c5e6f08a246abfe0356a67d7f3929306515e6d9962f8ce205120ecdcd2d4e3783cd0b4a1f0196a1b13924d0d3649233312695c3c336ae04e0b1efddabcc878b57622db60f6f747a1124c38426dacf1425c92d304c2bb1052f987c1dd73e4cc4b20d23396d4f05f52f98cf5065c3fb7dc319425f1f6f1878b87f57afbd24fbff98909494581aadd04d80a639b85ce8684ea58409d8dbbbaacf256bb5c4
-Result = KEYOP_ERROR
-
-# Legacy OCTET STRING MDC-2 signature, wrong input and signature digest length
-Verify = RSA-2048
-Availablein = default
-Availablein = legacy
-Ctrl = digest:MDC2
-Input = "0123456789ABCDE"
-Output = 08da512483ece70be57f28a75271612800ae30ffbadc62609bc88b80d497a1fc13c300fdfcab6dc80cf55373c10adcc249ae80479b87fa3e391a2cd4a74babd1c22a4976812d544dcd6729b161bbc48fd067cf635b05f9edaddaeb6f67f2117d6b54a23c5e6f08a246abfe0356a67d7f3929306515e6d9962f8ce205120ecdcd2d4e3783cd0b4a1f0196a1b13924d0d3649233312695c3c336ae04e0b1efddabcc878b57622db60f6f747a1124c38426dacf1425c92d304c2bb1052f987c1dd73e4cc4b20d23396d4f05f52f98cf5065c3fb7dc319425f1f6f1878b87f57afbd24fbff98909494581aadd04d80a639b85ce8684ea58409d8dbbbaacf256bb5c4
-Result = VERIFY_ERROR
-
-# Verify using public key
-
-Verify = RSA-2048-PUBLIC
-Availablein = default
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1234"
-Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
-
-# RSA decrypt
-
-Decrypt = RSA-2048
-Input = 550AF55A2904E7B9762352F8FB7FA235A9CB053AACB2D5FCB8CA48453CB2EE3619746C701ABF2D4CC67003471A187900B05AA812BD25ED05C675DFC8C97A24A7BF49BD6214992CAD766D05A9A2B57B74F26A737E0237B8B76C45F1F226A836D7CFBC75BA999BDBE48DBC09227AA46C88F21DCCBA7840141AD5A5D71FD122E6BD6AC3E564780DFE623FC1CA9B995A6037BF0BBD43B205A84AC5444F34202C05CE9113087176432476576DE6FFFF9A52EA57C08BE3EC2F49676CB8E12F762AC71FA3C321E00AC988910C85FF52F93825666CE0D40FFAA0592078919D4493F46D95CCF76364C6D57760DD0B64805F9AFC76A2365A5575CA301D5103F0EA76CB9A78
-Output = "Hello World"
-
-# Corrupted ciphertext
-Decrypt = RSA-2048
-Input = 550AF55A2904E7B9762352F8FB7FA235A9CB053AACB2D5FCB8CA48453CB2EE3619746C701ABF2D4CC67003471A187900B05AA812BD25ED05C675DFC8C97A24A7BF49BD6214992CAD766D05A9A2B57B74F26A737E0237B8B76C45F1F226A836D7CFBC75BA999BDBE48DBC09227AA46C88F21DCCBA7840141AD5A5D71FD122E6BD6AC3E564780DFE623FC1CA9B995A6037BF0BBD43B205A84AC5444F34202C05CE9113087176432476576DE6FFFF9A52EA57C08BE3EC2F49676CB8E12F762AC71FA3C321E00AC988910C85FF52F93825666CE0D40FFAA0592078919D4493F46D95CCF76364C6D57760DD0B64805F9AFC76A2365A5575CA301D5103F0EA76CB9A79
-Output = "Hello World"
-Result = KEYOP_ERROR
-
-# OAEP padding
-Decrypt = RSA-2048
-Ctrl = rsa_padding_mode:oaep
-Input = 458708DFBD42A1297CE7A9C86C7087AB80B1754810929B89C5107CA55368587686986FCE94D86CC1595B3FB736223A656EC0F34D18BA1CC5665593610F56C58E26B272D584F3D983A5C91085700755AEBD921FB280BBA3EDA7046EC07B43E7298E52D59EDC92BE4639A8CE08B2F85976ECF6D98CC469EEB9D5D8E2A32EA8A6626EDAFE1038B3DF455668A9F3C77CAD8B92FB872E00058C3D2A7EDE1A1F03FC5622084AE04D9D24F6BF0995C58D35B93B699B9763595E123F2AB0863CC9229EB290E2EDE7715C7A8F39E0B9A3E2E1B56EBB62F1CBFBB5986FB212EBD785B83D01D968B11D1756C7337F70C1F1A63BFF03608E24F3A2FD44E67F832A8701C5D5AF
-Output = "Hello World"
-
-# OAEP padding, corrupted ciphertext
-Decrypt = RSA-2048
-Ctrl = rsa_padding_mode:oaep
-Input = 458708DFBD42A1297CE7A9C86C7087AB80B1754810929B89C5107CA55368587686986FCE94D86CC1595B3FB736223A656EC0F34D18BA1CC5665593610F56C58E26B272D584F3D983A5C91085700755AEBD921FB280BBA3EDA7046EC07B43E7298E52D59EDC92BE4639A8CE08B2F85976ECF6D98CC469EEB9D5D8E2A32EA8A6626EDAFE1038B3DF455668A9F3C77CAD8B92FB872E00058C3D2A7EDE1A1F03FC5622084AE04D9D24F6BF0995C58D35B93B699B9763595E123F2AB0863CC9229EB290E2EDE7715C7A8F39E0B9A3E2E1B56EBB62F1CBFBB5986FB212EBD785B83D01D968B11D1756C7337F70C1F1A63BFF03608E24F3A2FD44E67F832A8701C5D5AC
-Output = "Hello World"
-Result = KEYOP_ERROR
-
-# Illegal RSA key derivation
-Derive = RSA-2048
-Result = KEYOP_INIT_ERROR
-Reason = operation not supported for this keytype
-
-Sign = RSA-2048
-Availablein = default
-Ctrl = rsa_mgf1_md:sha1
-Result = PKEY_CTRL_ERROR
-Reason = invalid mgf1 md
-
-# RSA PSS key tests
-
-# PSS only key, no parameter restrictions
-PrivateKey = RSA-PSS
------BEGIN PRIVATE KEY-----
-MIIEugIBADALBgkqhkiG9w0BAQoEggSmMIIEogIBAAKCAQEAzQCB6nsq4eoG1Z98
-c9n/uUoJYVwuS6fGNs7wjdNTPsMYVSWwFcdpuZp31nJb+cNTKptuX2Yn1fuFFgdo
-092py9NZdFEXF9w9MJ0vxH7kH5fjKtt/ndhkocR2emZuzXG8Gqz151F/SzhZT+qb
-BeQtWtqZEgCAE+RTFqTZu47QhriNKHWLrK+SLUaoaLSF0jnJuusOK2RZJxD0Ky0e
-oKS0gCwL7Ksyj4posAc721Rv7qmAnShJkSs5DBUyvH4px2WPgXX65G80My/4e8qz
-5AZJuYV3hp2g6nGDU/ByJ1SIaRNkh2DRIr5nbg/Eg90g/8Mb2pajGWbJqi51rQPe
-R+HETwIDAQABAoIBAGApeseZGxZ6BtayR1i4y+IIvrmy2eyXOL2A+QouNQBd184p
-LZ4puohb0xb+8fIJE7wKyQ1rCAiyQU2CEERB2GJKM84CM8j3gKSLN1r/AtdnEiKK
-cCSE2z+evszPu+4XCduhgoANlJ6eQhbgv/NVg4j4vZDaNzodgnQ+w/vdFCf9FoJa
-ZXoxaRLoaVNlEXyi+EXJCUBfysVfiV/BXSA4bCbueMnpkHUCmheKbB5M8MIA6KnP
-sn6dFW+G5sKtwisahKHNXKWyeQh115QHyEs1I5XLgcw/7VuwQ7ae3gwHIEVQAlzu
-jF9EAXC2Egu0jg90e82PUiEQhQ3wQ8Qo39GHBTECgYEA9vlhtHy8A1067evH3oUK
-lWtl7Nuc9gdkBj8VqkhVPFjZcv5mdQVuNd39w3vzufL2Iu4nEzclaEnJvvIXb+j3
-w/i7kbo3TdU7rz3sgU0r3sEMH9yIzdFodvJrHt+j8JQZft9NQv8fspcRA7iYyoWc
-QnKHCGqEKrQQu2nPLTWva+MCgYEA1H5ySn/0EEiycMJSSkEBh4tzFZu3PT28GHsi
-DmNbNTT5biQ6GE2T+GC2v7trccHtmh4fRYWDAjwwHpamksGgi1PQ7JypEBANgEUe
-O33GoBusSuzvjfeYhGvCNaCMu6LPTAaATMESGelWCMcU4/FDDUkfrbujKldRoE+X
-dFg0yaUCgYAh8kUrubld/QKMkUv3mfHKd+ialdUNPBbThPhFX4vXr56z36PVkdmE
-Le8jX3YwqOSMCI/2ZC4QF5RTWpM+HpdvqFCfxyiy2gxKGgjX/PN6uq4f8wAayh3B
-u7Bdnf+6oaCff7Hu84I32evMxyK5M4Q23ecRkRJ5jCaAnBqN7EMgYQKBgB91EKpi
-wtjeSjxTKCeB9B4C0Oi0Aq54Qy5EnEgRAWGhFAPwLQGICo3Mk4FS15chpHEaYHrE
-Rx6/lkgQ+VvkekXmBJnin0yXc8g3c0BPYGY3cowtA1G7A8MmyLtzpyHn+lRA6iFy
-u6FGX8ww3LDZ+Jkw6BWqH3+XKahX4A4DON1ZAoGATR8NdW/nfgEJmmUvUKiLe2hd
-xb8AmB1dI3b9DG/inNW2OHNEeTBac608FZnTnq47rgNfvW/tB8KN5wWTOHmgbkjm
-pgNobtjiVgpfavHywk+vSqlg44IYbxXu3OmiSRrnMGgN1M93i3D6qGgmqzIjR3zJ
-E3exmm1aLq6iGXYL7tU=
------END PRIVATE KEY-----
-
-# PSS public key default parameters
-PublicKey = RSA-PSS-DEFAULT
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQowAAOCAQ8AMIIBCgKCAQEAzQCB6nsq4eoG1Z98c9n/
-uUoJYVwuS6fGNs7wjdNTPsMYVSWwFcdpuZp31nJb+cNTKptuX2Yn1fuFFgdo092p
-y9NZdFEXF9w9MJ0vxH7kH5fjKtt/ndhkocR2emZuzXG8Gqz151F/SzhZT+qbBeQt
-WtqZEgCAE+RTFqTZu47QhriNKHWLrK+SLUaoaLSF0jnJuusOK2RZJxD0Ky0eoKS0
-gCwL7Ksyj4posAc721Rv7qmAnShJkSs5DBUyvH4px2WPgXX65G80My/4e8qz5AZJ
-uYV3hp2g6nGDU/ByJ1SIaRNkh2DRIr5nbg/Eg90g/8Mb2pajGWbJqi51rQPeR+HE
-TwIDAQAB
------END PUBLIC KEY-----
-
-PrivPubKeyPair = RSA-PSS:RSA-PSS-DEFAULT
-
-# Key with invalid negative minimum salt length
-PublicKey = RSA-PSS-BAD
------BEGIN PUBLIC KEY-----
-MIIBJzASBgkqhkiG9w0BAQowBaIDAgH/A4IBDwAwggEKAoIBAQDNAIHqeyrh6gbV
-n3xz2f+5SglhXC5Lp8Y2zvCN01M+wxhVJbAVx2m5mnfWclv5w1Mqm25fZifV+4UW
-B2jT3anL01l0URcX3D0wnS/EfuQfl+Mq23+d2GShxHZ6Zm7NcbwarPXnUX9LOFlP
-6psF5C1a2pkSAIAT5FMWpNm7jtCGuI0odYusr5ItRqhotIXSOcm66w4rZFknEPQr
-LR6gpLSALAvsqzKPimiwBzvbVG/uqYCdKEmRKzkMFTK8finHZY+BdfrkbzQzL/h7
-yrPkBkm5hXeGnaDqcYNT8HInVIhpE2SHYNEivmduD8SD3SD/wxvalqMZZsmqLnWt
-A95H4cRPAgMBAAE=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = RSA-PSS:RSA-PSS-BAD
-
-
-# Key with minimum salt length exceeding maximum permitted value
-PublicKey = RSA-PSS-BAD2
------BEGIN PUBLIC KEY-----
-MIIBKDATBgkqhkiG9w0BAQowBqIEAgIBAAOCAQ8AMIIBCgKCAQEAzQCB6nsq4eoG
-1Z98c9n/uUoJYVwuS6fGNs7wjdNTPsMYVSWwFcdpuZp31nJb+cNTKptuX2Yn1fuF
-Fgdo092py9NZdFEXF9w9MJ0vxH7kH5fjKtt/ndhkocR2emZuzXG8Gqz151F/SzhZ
-T+qbBeQtWtqZEgCAE+RTFqTZu47QhriNKHWLrK+SLUaoaLSF0jnJuusOK2RZJxD0
-Ky0eoKS0gCwL7Ksyj4posAc721Rv7qmAnShJkSs5DBUyvH4px2WPgXX65G80My/4
-e8qz5AZJuYV3hp2g6nGDU/ByJ1SIaRNkh2DRIr5nbg/Eg90g/8Mb2pajGWbJqi51
-rQPeR+HETwIDAQAB
------END PUBLIC KEY-----
-
-PrivPubKeyPair = RSA-PSS:RSA-PSS-BAD2
-
-# Zero salt length makes output deterministic
-Sign = RSA-2048
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_pss_saltlen:0
-Ctrl = digest:sha256
-Input="0123456789ABCDEF0123456789ABCDEF"
-Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A
-
-# Verify of above signature
-Verify = RSA-2048-PUBLIC
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_pss_saltlen:0
-Ctrl = digest:sha256
-Input="0123456789ABCDEF0123456789ABCDEF"
-Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A
-
-# Verify using salt length auto detect
-Verify = RSA-2048-PUBLIC
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_pss_saltlen:auto
-Input="0123456789ABCDEF0123"
-Output = 6BF7EDC63A0BA184EEEC7F3020FEC8F5EBF38C2B76481881F48BCCE5796E7AB294548BA9AE810457C7723CABD1BDE94CF59CF7C0FC7461B22760C8ED703DD98E97BFDD61FA8D1181C411F6DEE5FF159F4850746D78EDEE385A363DC28E2CB373D5CAD7953F3BD5E639BE345732C03A1BDEA268814DA036EB1891C82D4012F3B903D86636055F87B96FC98806AD1B217685A4D754046A5DE0B0D7870664BE07902153EC85BA457BE7D7F89D7FE0F626D02A9CBBB2BB479DDA1A5CAE75247FB7BF6BFB15C1D3FD9E6B1573CCDBC72011C3B97716058BB11C7EA2E4E56ADAFE1F5DE6A7FD405AC5890100F9C3408EFFB5C73BF73F48177FF743B4B819D0699D507B
-
-# Digest too short
-Verify = RSA-2048-PUBLIC
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_pss_saltlen:0
-Ctrl = digest:sha256
-Input="0123456789ABCDEF0123456789ABCDE"
-Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A
-Result = VERIFY_ERROR
-
-# Digest too long
-Verify = RSA-2048-PUBLIC
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_pss_saltlen:0
-Ctrl = digest:sha256
-Input="0123456789ABCDEF0123456789ABCDEF0"
-Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A
-Result = VERIFY_ERROR
+PublicKey=KAS-ECC-CDH_P-192_C7-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE7wsor8QWN9c39C5Miqzq3IS6LguE
+nKGMV3l5QuVSFzu6F/cyeOAp9CM1BovXcN3y
+-----END PUBLIC KEY-----
 
-# Wrong salt length
-Verify = RSA-2048
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_pss_saltlen:2
-Ctrl = digest:sha256
-Input="0123456789ABCDEF0123456789ABCDEF"
-Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A
-Result = VERIFY_ERROR
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C7:KAS-ECC-CDH_P-192_C7-PUBLIC
 
-# Wrong MGF1 digest
-Verify = RSA-2048
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_pss_saltlen:0
-Ctrl = digest:sha256
-Ctrl = rsa_mgf1_md:sha1
-Input="0123456789ABCDEF0123456789ABCDEF"
-Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A
-Result = VERIFY_ERROR
 
+PublicKey=KAS-ECC-CDH_P-192_C7-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEELtXAgKRFBmB+DO0dJ5WEQNLMI6E
+AR0h4crNa3vRftjdtQtq7gZUw18tDt3Bz/z2
+-----END PUBLIC KEY-----
 
-# Verify using default parameters
-Verify = RSA-PSS-DEFAULT
-Availablein = default
-Input="0123456789ABCDEF0123"
-Output = 3EFE09D88509027D837BFA5F8471CF7B69E6DF395DD999BB9CA42021F15722D9AC76670507C6BCFB73F64FB2211B611B8F140E76EBDB064BD762FDBA89D019E304A0D6B274E1C2FE1DF50005598A0306AF805416094E2A5BA60BC72BDE38CE061E853ED40F14967A8B9CA4DC739B462F89558F12FDF2D8D19FBEF16AD66FE2DDDA8BEE983ECBD873064244849D8D94B5B33F45E076871A47ED653E73257A2BE2DB3C0878094B0D2B6B682C8007DFD989425FB39A1FEEC9EED5876414601A49176EC344F5E3EDEE81CA2DDD29B7364F4638112CB3A547E2BC170E28CB66BDABE863754BE8AD5BA230567B575266F4B6B4CF81F28310ABF05351CC9E2DB85D00BF
 
-# Verify using default parameters, explicitly setting parameters
-Verify = RSA-PSS-DEFAULT
 Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_pss_saltlen:20
-Ctrl = digest:sha1
-Input="0123456789ABCDEF0123"
-Output = 3EFE09D88509027D837BFA5F8471CF7B69E6DF395DD999BB9CA42021F15722D9AC76670507C6BCFB73F64FB2211B611B8F140E76EBDB064BD762FDBA89D019E304A0D6B274E1C2FE1DF50005598A0306AF805416094E2A5BA60BC72BDE38CE061E853ED40F14967A8B9CA4DC739B462F89558F12FDF2D8D19FBEF16AD66FE2DDDA8BEE983ECBD873064244849D8D94B5B33F45E076871A47ED653E73257A2BE2DB3C0878094B0D2B6B682C8007DFD989425FB39A1FEEC9EED5876414601A49176EC344F5E3EDEE81CA2DDD29B7364F4638112CB3A547E2BC170E28CB66BDABE863754BE8AD5BA230567B575266F4B6B4CF81F28310ABF05351CC9E2DB85D00BF
+Derive=KAS-ECC-CDH_P-192_C7
+PeerKey=KAS-ECC-CDH_P-192_C7-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=67cba2cbb69ee78bf1abafb0e6fbe33fa2094c128d59652d
 
-# Verify explicitly setting parameters "digest" salt length
-Verify = RSA-PSS-DEFAULT
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_pss_saltlen:digest
-Ctrl = digest:sha1
-Input="0123456789ABCDEF0123"
-Output = 3EFE09D88509027D837BFA5F8471CF7B69E6DF395DD999BB9CA42021F15722D9AC76670507C6BCFB73F64FB2211B611B8F140E76EBDB064BD762FDBA89D019E304A0D6B274E1C2FE1DF50005598A0306AF805416094E2A5BA60BC72BDE38CE061E853ED40F14967A8B9CA4DC739B462F89558F12FDF2D8D19FBEF16AD66FE2DDDA8BEE983ECBD873064244849D8D94B5B33F45E076871A47ED653E73257A2BE2DB3C0878094B0D2B6B682C8007DFD989425FB39A1FEEC9EED5876414601A49176EC344F5E3EDEE81CA2DDD29B7364F4638112CB3A547E2BC170E28CB66BDABE863754BE8AD5BA230567B575266F4B6B4CF81F28310ABF05351CC9E2DB85D00BF
+PrivateKey=KAS-ECC-CDH_P-192_C8
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjzVXxdcLTHlUlgwzVo
+d2rb6OQ2GaviaxOhNAMyAATXARLF8PCEQ4ZJSsGtmdziIUE0F26/ua/TwYegOFEK
+sx1Fnit68aOA3XV2rwYmdUg=
+-----END PRIVATE KEY-----
 
-# Verify using salt length larger than minimum
-Verify = RSA-PSS-DEFAULT
-Ctrl = rsa_pss_saltlen:30
-Input="0123456789ABCDEF0123"
-Output = 6BF7EDC63A0BA184EEEC7F3020FEC8F5EBF38C2B76481881F48BCCE5796E7AB294548BA9AE810457C7723CABD1BDE94CF59CF7C0FC7461B22760C8ED703DD98E97BFDD61FA8D1181C411F6DEE5FF159F4850746D78EDEE385A363DC28E2CB373D5CAD7953F3BD5E639BE345732C03A1BDEA268814DA036EB1891C82D4012F3B903D86636055F87B96FC98806AD1B217685A4D754046A5DE0B0D7870664BE07902153EC85BA457BE7D7F89D7FE0F626D02A9CBBB2BB479DDA1A5CAE75247FB7BF6BFB15C1D3FD9E6B1573CCDBC72011C3B97716058BB11C7EA2E4E56ADAFE1F5DE6A7FD405AC5890100F9C3408EFFB5C73BF73F48177FF743B4B819D0699D507B
+PublicKey=KAS-ECC-CDH_P-192_C8-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE1wESxfDwhEOGSUrBrZnc4iFBNBdu
+v7mv08GHoDhRCrMdRZ4revGjgN11dq8GJnVI
+-----END PUBLIC KEY-----
 
-# Verify using maximum salt length
-Verify = RSA-PSS-DEFAULT
-Availablein = default
-Ctrl = rsa_pss_saltlen:max
-Input="0123456789ABCDEF0123"
-Output = 4470DCFE812DEE2E58E4301D4ED274AB348FE040B724B2CD1D8CD0914BFF375F0B86FCB32BFA8AEA9BD22BD7C4F1ADD4F3D215A5CFCC99055BAFECFC23800E9BECE19A08C66BEBC5802122D13A732E5958FC228DCC0B49B5B4B1154F032D8FA2F3564AA949C1310CC9266B0C47F86D449AC9D2E7678347E7266E2D7C888CCE1ADF44A109A293F8516AE2BD94CE220F26E137DB8E7A66BB9FCE052CDC1D0BE24D8CEBB20D10125F26B069F117044B9E1D16FDDAABCA5340AE1702F37D0E1C08A2E93801C0A41035C6C73DA02A0E32227EAFB0B85E79107B59650D0EE7DC32A6772CCCE90F06369B2880FE87ED76997BA61F5EA818091EE88F8B0D6F24D02A3FC6
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C8:KAS-ECC-CDH_P-192_C8-PUBLIC
 
-# Attempt to change salt length below minimum
-Verify = RSA-PSS-DEFAULT
-Availablein = default
-Ctrl = rsa_pss_saltlen:0
-Result = PKEY_CTRL_ERROR
 
-# Attempt to change padding mode
-Verify = RSA-PSS-DEFAULT
-Availablein = default
-Ctrl = rsa_padding_mode:pkcs1
-Result = PKEY_CTRL_INVALID
+PublicKey=KAS-ECC-CDH_P-192_C8-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEUZL85Bhad1jqG8VuDk9Oiy3OMjSN
+Dc7RIJiZgb6q8ABtiKlueXGi+jozukYEf8e6
+-----END PUBLIC KEY-----
 
-# Attempt to change digest
-Verify = RSA-PSS-DEFAULT
 Availablein = default
-Ctrl = digest:sha256
-Result = PKEY_CTRL_ERROR
+Derive=KAS-ECC-CDH_P-192_C8
+PeerKey=KAS-ECC-CDH_P-192_C8-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=cf99a2770a386ca0137d1eca0a226e484297ac3c513f3631
 
-# Illegal decrypt
-Decrypt = RSA-PSS
-Availablein = default
-Result = KEYOP_INIT_ERROR
-Reason = operation not supported for this keytype
+PrivateKey=KAS-ECC-CDH_P-192_C9
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhYbPuhxugXZu1Sgo8X
+exvhTrvFuDNIwxGhNAMyAARYs8Y+Vr7J1pa/mojfKHNzg5H3Y2iqK0lXdnc7Jh+v
+e6L9xP5DuSwLHHov0FSkNlA=
+-----END PRIVATE KEY-----
 
-# Invalid key: rejected when we try to init
-Verify = RSA-PSS-BAD
-Availablein = default
-Result = KEYOP_INIT_ERROR
-Reason = invalid salt length
+PublicKey=KAS-ECC-CDH_P-192_C9-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEWLPGPla+ydaWv5qI3yhzc4OR92No
+qitJV3Z3OyYfr3ui/cT+Q7ksCxx6L9BUpDZQ
+-----END PUBLIC KEY-----
 
-# Invalid key: rejected when we try to init
-Verify = RSA-PSS-BAD2
-Availablein = default
-Result = KEYOP_INIT_ERROR
-Reason = invalid salt length
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C9:KAS-ECC-CDH_P-192_C9-PUBLIC
 
 
-Title = ECDSA tests
+PublicKey=KAS-ECC-CDH_P-192_C9-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEJtAZ2+J56tAe7RQ6kWAa2ibi9CIl
+scYrbKZT8IJy4DhvyUIfvVgAk9euYwG8qUR2
+-----END PUBLIC KEY-----
 
-Verify = P-256
 Availablein = default
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1234"
-Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
+Derive=KAS-ECC-CDH_P-192_C9
+PeerKey=KAS-ECC-CDH_P-192_C9-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=576331e2b4fb38a112810e1529834de8307fb0a0d2756877
 
-# Digest too long
-Verify = P-256
-Availablein = default
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF12345"
-Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
-Result = VERIFY_ERROR
+PrivateKey=KAS-ECC-CDH_P-192_C10
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjK2BAGA6T2W+CNj8ih
+t+iExf9l3rPJbZmhNAMyAAS3/MD1LHpBHtvtOeEL8Ctq4PJmFMazJaJHSDsm62d3
+beK5OrcRnVRHVzc549Vecvs=
+-----END PRIVATE KEY-----
 
-# Digest too short
-Verify = P-256
-Availablein = default
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF123"
-Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
-Result = VERIFY_ERROR
-
-# Digest invalid
-Verify = P-256
-Availablein = default
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1235"
-Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
-Result = VERIFY_ERROR
-
-# Invalid signature
-Verify = P-256
-Availablein = default
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1234"
-Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec7
-Result = VERIFY_ERROR
-
-# Garbage after signature
-Verify = P-256
-Availablein = default
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1234"
-Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec800
-Result = VERIFY_ERROR
+PublicKey=KAS-ECC-CDH_P-192_C10-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEt/zA9Sx6QR7b7TnhC/ArauDyZhTG
+syWiR0g7Jutnd23iuTq3EZ1UR1c3OePVXnL7
+-----END PUBLIC KEY-----
 
-# BER signature
-Verify = P-256
-Availablein = default
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1234"
-Output = 3080022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec80000
-Result = VERIFY_ERROR
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C10:KAS-ECC-CDH_P-192_C10-PUBLIC
 
-Verify = P-256-PUBLIC
-Availablein = default
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1234"
-Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
 
-Derive=P-256
-Availablein = default
-PeerKey=P-256-Peer-PUBLIC
-SharedSecret=E3CC07DFBDDE76A1139811DB9FF5FAF9D17EF39944F1E77D1F6A208524BF7B1B
+PublicKey=KAS-ECC-CDH_P-192_C10-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEU5vED+IKD7JniItkewPqr27CDAKh
+4fjIaQleW7e01EwyeKfua+yjl8RSRtqaNMi+
+-----END PUBLIC KEY-----
 
-Derive=P-256-Peer
 Availablein = default
-PeerKey=P-256-PUBLIC
-SharedSecret=E3CC07DFBDDE76A1139811DB9FF5FAF9D17EF39944F1E77D1F6A208524BF7B1B
-
-Title = DSA tests
-
-Verify = DSA-1024
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1234"
-Output = 302d021500942b8c5850e05b59e24495116b1e8559e51b610e0214237aedf272d91f2397f63c9fc8790e1a6cde5d87
-
-Verify = DSA-1024-PUBLIC
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1234"
-Output = 302d021500942b8c5850e05b59e24495116b1e8559e51b610e0214237aedf272d91f2397f63c9fc8790e1a6cde5d87
-
-# Modified signature
-Verify = DSA-1024-PUBLIC
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1234"
-Output = 302d021500942b8c5850e05b59e24495116b1e8559e51b610e0214237aedf272d91f2397f63c9fc8790e1a6cde5d88
-Result = VERIFY_ERROR
+Derive=KAS-ECC-CDH_P-192_C10
+PeerKey=KAS-ECC-CDH_P-192_C10-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=902f4501916a0dd945554c3a37b3d780d375a6da713197c4
 
-# Digest too short
-Verify = DSA-1024-PUBLIC
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF123"
-Output = 302d021500942b8c5850e05b59e24495116b1e8559e51b610e0214237aedf272d91f2397f63c9fc8790e1a6cde5d87
-Result = VERIFY_ERROR
+PrivateKey=KAS-ECC-CDH_P-192_C11
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBge3YecxceWGcrmxzpp
+G9WgOVwO87NW/NKhNAMyAARs5q2ywwgI9ZAEjDPf+tRSTr96X9ObdHtJZr0vPQBW
+m01MBAn716LbdS9tCbyowl8=
+-----END PRIVATE KEY-----
 
-# Digest too long
-Verify = DSA-1024-PUBLIC
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF12345"
-Output = 302d021500942b8c5850e05b59e24495116b1e8559e51b610e0214237aedf272d91f2397f63c9fc8790e1a6cde5d87
-Result = VERIFY_ERROR
+PublicKey=KAS-ECC-CDH_P-192_C11-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEbOatssMICPWQBIwz3/rUUk6/el/T
+m3R7SWa9Lz0AVptNTAQJ+9ei23UvbQm8qMJf
+-----END PUBLIC KEY-----
 
-# Garbage after signature
-Verify = DSA-1024-PUBLIC
-Input = "0123456789ABCDEF1234"
-Output = 302d021500942b8c5850e05b59e24495116b1e8559e51b610e0214237aedf272d91f2397f63c9fc8790e1a6cde5d8700
-Result = VERIFY_ERROR
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C11:KAS-ECC-CDH_P-192_C11-PUBLIC
 
-# Invalid tag
-Verify = DSA-1024-PUBLIC
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1234"
-Output = 312d021500942b8c5850e05b59e24495116b1e8559e51b610e0214237aedf272d91f2397f63c9fc8790e1a6cde5d87
-Result = VERIFY_ERROR
 
-# BER signature
-Verify = DSA-1024-PUBLIC
-Ctrl = digest:SHA1
-Input = "0123456789ABCDEF1234"
-Output = 3080021500942b8c5850e05b59e24495116b1e8559e51b610e0214237aedf272d91f2397f63c9fc8790e1a6cde5d870000
-Result = VERIFY_ERROR
+PublicKey=KAS-ECC-CDH_P-192_C11-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEXTQ925Yxj7R5TRD2xXP5n+5dDVe5
+liUPmfvfnZfdiK1BAjXaw25bks4oJLjlh6gs
+-----END PUBLIC KEY-----
 
-Title = X25519 test vectors (from RFC7748 6.1)
+Availablein = default
+Derive=KAS-ECC-CDH_P-192_C11
+PeerKey=KAS-ECC-CDH_P-192_C11-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=46e4de335054d429863218ae33636fc9b89c628b64b506c7
 
-PrivateKey=Alice-25519
+PrivateKey=KAS-ECC-CDH_P-192_C12
 -----BEGIN PRIVATE KEY-----
-MC4CAQAwBQYDK2VuBCIEIHcHbQpzGKV9PBbBclGyZkXfTC+H68CZKrF3+6UduSwq
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhGDkUic/4YJ2Ahh607
+6+5ly4RCO7T0dTehNAMyAATRvTo++r9HZ/5jgL3w2/SdUtTPDLuJQEzBUMK0yLOq
+Nfdl+Efk9/j9hwTSQaGB7pk=
 -----END PRIVATE KEY-----
 
-PublicKey=Alice-25519-PUBLIC
+PublicKey=KAS-ECC-CDH_P-192_C12-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MCowBQYDK2VuAyEAhSDwCYkwp1R0i33ctD73Wg2/Og0mOBr066SpjqqbTmo=
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE0b06Pvq/R2f+Y4C98Nv0nVLUzwy7
+iUBMwVDCtMizqjX3ZfhH5Pf4/YcE0kGhge6Z
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = Alice-25519:Alice-25519-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C12:KAS-ECC-CDH_P-192_C12-PUBLIC
 
-PrivateKey=Bob-25519
------BEGIN PRIVATE KEY-----
-MC4CAQAwBQYDK2VuBCIEIF2rCH5iSopLeeF/i4OADuZvO7EpJhi2/Rwviyf/iODr
------END PRIVATE KEY-----
 
-PublicKey=Bob-25519-PUBLIC
+PublicKey=KAS-ECC-CDH_P-192_C12-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MCowBQYDK2VuAyEA3p7bfXt9wbTTW2HC7OQ1Nz+DQ8hbeGdNrfx+FG+IK08=
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEjT25vc4Tf/v7iROIw332wMvJCqXl
+N2IgE10wtctmDu+HZP/HRPFcG11twGukQW03
 -----END PUBLIC KEY-----
 
-#Raw  versions of the same keys as above
-
-PrivateKeyRaw=Alice-25519-Raw:X25519:77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a
-
-PublicKeyRaw=Alice-25519-PUBLIC-Raw:X25519:8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a
+Availablein = default
+Derive=KAS-ECC-CDH_P-192_C12
+PeerKey=KAS-ECC-CDH_P-192_C12-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=1bfe9e5a20ac7a38d8f605b425bb9030be31ef97c101c76c
 
-PrivPubKeyPair = Alice-25519-Raw:Alice-25519-PUBLIC-Raw
+PrivateKey=KAS-ECC-CDH_P-192_C13
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBi5cDZQCEVvh1jsxaOz
+PPOuao1WgQelIWehNAMyAATBuGEMjGP41KvaCTuaEaVmBEv2XG+qiZmlvEs8oJU4
+Lpc4rulf6UebF4ebOtUpVVk=
+-----END PRIVATE KEY-----
 
-PrivateKeyRaw=Bob-25519-Raw:X25519:5dab087e624a8a4b79e17f8b83800ee66f3bb1292618b6fd1c2f8b27ff88e0eb
+PublicKey=KAS-ECC-CDH_P-192_C13-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEwbhhDIxj+NSr2gk7mhGlZgRL9lxv
+qomZpbxLPKCVOC6XOK7pX+lHmxeHmzrVKVVZ
+-----END PUBLIC KEY-----
 
-PublicKeyRaw=Bob-25519-PUBLIC-Raw:X25519:de9edb7d7b7dc1b4d35b61c2ece435373f8343c85b78674dadfc7e146f882b4f
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C13:KAS-ECC-CDH_P-192_C13-PUBLIC
 
-PrivPubKeyPair = Bob-25519:Bob-25519-PUBLIC
 
-PrivPubKeyPair = Bob-25519-Raw:Bob-25519-PUBLIC-Raw
+PublicKey=KAS-ECC-CDH_P-192_C13-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEngppSVGcf1vmjAQzxf3xMGSqE/sp
+SD3D4ci6Y+H0cdsjGF9Q2chx7eohJVs6Y7S3
+-----END PUBLIC KEY-----
 
-Derive=Alice-25519
 Availablein = default
-PeerKey=Bob-25519-PUBLIC
-SharedSecret=4A5D9D5BA4CE2DE1728E3BF480350F25E07E21C947D19E3376F09B3C1E161742
+Derive=KAS-ECC-CDH_P-192_C13
+PeerKey=KAS-ECC-CDH_P-192_C13-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=0e8c493a4adc445dc9288a3b9b272599224054592d7265b3
 
-Derive=Bob-25519
-Availablein = default
-PeerKey=Alice-25519-PUBLIC
-SharedSecret=4A5D9D5BA4CE2DE1728E3BF480350F25E07E21C947D19E3376F09B3C1E161742
+PrivateKey=KAS-ECC-CDH_P-192_C14
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhZwVuKJGTkHf5Dccf3
+2t9HCuQlVE+BE72hNAMyAAQf53b3NWe2rAsNZ2QWTebFvnUbqNH/RV5MFgvzivsr
+cfaEJhZkEVzodFU+iwWUMtI=
+-----END PRIVATE KEY-----
 
-Derive=Alice-25519-Raw
-Availablein = default
-PeerKey=Bob-25519-PUBLIC-Raw
-SharedSecret=4A5D9D5BA4CE2DE1728E3BF480350F25E07E21C947D19E3376F09B3C1E161742
+PublicKey=KAS-ECC-CDH_P-192_C14-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEH+d29zVntqwLDWdkFk3mxb51G6jR
+/0VeTBYL84r7K3H2hCYWZBFc6HRVPosFlDLS
+-----END PUBLIC KEY-----
 
-Derive=Bob-25519-Raw
-Availablein = default
-PeerKey=Alice-25519-PUBLIC-Raw
-SharedSecret=4A5D9D5BA4CE2DE1728E3BF480350F25E07E21C947D19E3376F09B3C1E161742
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C14:KAS-ECC-CDH_P-192_C14-PUBLIC
 
-# Illegal sign/verify operations with X25519 key
 
-Sign=Alice-25519
-Availablein = default
-Result = KEYOP_INIT_ERROR
-Reason = operation not supported for this keytype
+PublicKey=KAS-ECC-CDH_P-192_C14-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEvgiCOJAumTmz0FTu64SS2vS9zwmi
+q3fxWNZ0mjqSPcgEQPJmH9NbZRYX5lKUtGN1
+-----END PUBLIC KEY-----
 
-Verify=Alice-25519
 Availablein = default
-Result = KEYOP_INIT_ERROR
-Reason = operation not supported for this keytype
-
-Title = X448 test vectors (from RFC7748 6.2)
+Derive=KAS-ECC-CDH_P-192_C14
+PeerKey=KAS-ECC-CDH_P-192_C14-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=0f1991086b455ded6a1c4146f7bf59fe9b495de566ebc6bf
 
-PrivateKey=Alice-448
+PrivateKey=KAS-ECC-CDH_P-192_C15
 -----BEGIN PRIVATE KEY-----
-MEYCAQAwBQYDK2VvBDoEOJqPSSXRUZ9Xdc9GsEtYANTunui66LxVZdSYwo3Zybr1
-dKlBl0SJc5EAY4Km8SerHZrC2MClmHJr
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBim6biFxmuVnR/CcI1Z
+G20yKOSeuY9ybWGhNAMyAARjK7dlHb9J3endEl0T+yNOBmF3I77tPRv0rVIJY4SI
+OXxfRPmU3XR5gH559Ih9LnE=
 -----END PRIVATE KEY-----
 
-PublicKey=Alice-448-PUBLIC
+PublicKey=KAS-ECC-CDH_P-192_C15-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEIwBQYDK2VvAzkAmwj3zDG34+Z9ItWuoSEHSic70rg94Jxj+qc9LCLF2bvINmRy
-QdlT1AxbEtqIEg1TF3+A5TLEH6A=
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEYyu3ZR2/Sd3p3RJdE/sjTgZhdyO+
+7T0b9K1SCWOEiDl8X0T5lN10eYB+efSIfS5x
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = Alice-448:Alice-448-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C15:KAS-ECC-CDH_P-192_C15-PUBLIC
 
-PrivateKey=Bob-448
------BEGIN PRIVATE KEY-----
-MEYCAQAwBQYDK2VvBDoEOBwwanrCoOLgmQspRHDLoznmRTdysHWBHY+tDR1pJ8Eg
-u17olysNPiE3TJySGwnRsDZvELZRc5kt
------END PRIVATE KEY-----
 
-PublicKey=Bob-448-PUBLIC
+PublicKey=KAS-ECC-CDH_P-192_C15-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEIwBQYDK2VvAzkAPreoKbDNIPW8/AtZm2/sz22kYnEHvbDU80W0MCfYuXL8PjT7
-QjKhPKcG3LV67D2uB73BxnvzNgk=
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEv1rgUCXhvmF+Zm2HpBaDY4c9V2Gz
+drUD4ebjizcra+4P9bNQLYNzXjssJoJeTw/M
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = Bob-448:Bob-448-PUBLIC
-
-#Raw  versions of the same keys as above
-
-PrivateKeyRaw=Alice-448-Raw:X448:9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b
-
-PublicKeyRaw=Alice-448-PUBLIC-Raw:X448:9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0
-
-PrivPubKeyPair = Alice-448-Raw:Alice-448-PUBLIC-Raw
+Availablein = default
+Derive=KAS-ECC-CDH_P-192_C15
+PeerKey=KAS-ECC-CDH_P-192_C15-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=b30f2127c34df35aaa91dbf0bbe15798e799a03ed11698c1
 
-PrivateKeyRaw=Bob-448-Raw:X448:1c306a7ac2a0e2e0990b294470cba339e6453772b075811d8fad0d1d6927c120bb5ee8972b0d3e21374c9c921b09d1b0366f10b65173992d
+PrivateKey=KAS-ECC-CDH_P-192_C16
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBi9t1QJb/v72LDzywRs
+y3yhScTnGSBno+6hNAMyAATZwJjUIddB9vqrEW8+RzHSjFVY4Z/hEqE41NxIzNsd
+PtjTH9BnhKT4emiuwcvVsI8=
+-----END PRIVATE KEY-----
 
-PublicKeyRaw=Bob-448-PUBLIC-Raw:X448:3eb7a829b0cd20f5bcfc0b599b6feccf6da4627107bdb0d4f345b43027d8b972fc3e34fb4232a13ca706dcb57aec3dae07bdc1c67bf33609
+PublicKey=KAS-ECC-CDH_P-192_C16-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE2cCY1CHXQfb6qxFvPkcx0oxVWOGf
+4RKhONTcSMzbHT7Y0x/QZ4Sk+HporsHL1bCP
+-----END PUBLIC KEY-----
 
-PrivPubKeyPair = Bob-448-Raw:Bob-448-PUBLIC-Raw
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C16:KAS-ECC-CDH_P-192_C16-PUBLIC
 
-PublicKeyRaw=Bob-448-PUBLIC-Raw-NonCanonical:X448:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
 
-Derive=Alice-448
-Availablein = default
-PeerKey=Bob-448-PUBLIC
-SharedSecret=07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d
+PublicKey=KAS-ECC-CDH_P-192_C16-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEbMT+7YTHqw0JAF1mDtNN5pValGHE
+E40RMSJfM4ZO1I2gb6RakTtGz0JVd0LjUIXm
+-----END PUBLIC KEY-----
 
-Derive=Bob-448
 Availablein = default
-PeerKey=Alice-448-PUBLIC
-SharedSecret=07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d
+Derive=KAS-ECC-CDH_P-192_C16
+PeerKey=KAS-ECC-CDH_P-192_C16-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=64a5c246599d3e8177a2402a1110eb81e6c456ab4edb5127
 
-Derive=Alice-448-Raw
-Availablein = default
-PeerKey=Bob-448-PUBLIC-Raw
-SharedSecret=07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d
+PrivateKey=KAS-ECC-CDH_P-192_C17
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjVvPJTTa/D2Zlkx71j
+q3vRWZn+Vt2WnEKhNAMyAAT9odXSjW/g55Cdaouvp4JNtVcquS/+feYTSil8HZyL
+urJJq6zZUe0R5amfkueZFXI=
+-----END PRIVATE KEY-----
 
-Derive=Bob-448-Raw
-Availablein = default
-PeerKey=Alice-448-PUBLIC-Raw
-SharedSecret=07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d
+PublicKey=KAS-ECC-CDH_P-192_C17-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE/aHV0o1v4OeQnWqLr6eCTbVXKrkv
+/n3mE0opfB2ci7qySaus2VHtEeWpn5LnmRVy
+-----END PUBLIC KEY-----
 
-# Self-generated non-canonical
-Derive=Alice-448-Raw
-Availablein = default
-PeerKey=Bob-448-PUBLIC-Raw-NonCanonical
-SharedSecret=66e2e682b1f8e68c809f1bb3e406bd826921d9c1a5bfbfcbab7ae72feecee63660eabd54934f3382061d17607f581a90bdac917a064959fb
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C17:KAS-ECC-CDH_P-192_C17-PUBLIC
 
-# Illegal sign/verify operations with X448 key
 
-Sign=Alice-448
-Availablein = default
-Result = KEYOP_INIT_ERROR
-Reason = operation not supported for this keytype
+PublicKey=KAS-ECC-CDH_P-192_C17-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAENhVzFb7nr+3e1YxOi6FNNCHEAeUR
+NbzJN8KXynA/d8UrsGLYzpcduECXugx1OkGP
+-----END PUBLIC KEY-----
 
-Verify=Alice-448
 Availablein = default
-Result = KEYOP_INIT_ERROR
-Reason = operation not supported for this keytype
-
+Derive=KAS-ECC-CDH_P-192_C17
+PeerKey=KAS-ECC-CDH_P-192_C17-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=017b8ca53c82fab163da2ab783966a39e061b32c8cfa334d
 
-# Additional RSA-PSS and RSA-OAEP tests converted from
-# ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1-vec.zip
-Title = RSA PSS/OAEP (from RSASecurity FTP)
+PrivateKey=KAS-ECC-CDH_P-192_C18
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhD1LnfEFO+W0JoEEwC
+JE07+VlLAQtGqLKhNAMyAATDAgtwkUY9eI8fHXb3z+7ILs2zt9mcNFyadxDVF5WR
+2PPfCqEiMBdorn237uLX9YM=
+-----END PRIVATE KEY-----
 
-PublicKey=RSA-PSS-1
+PublicKey=KAS-ECC-CDH_P-192_C18-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLs
-DjatUqRN/rHmH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2V
-CAltWyuLbfXWce9jd8CSHLI8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh
-4fINDOjP+yJJvZohNwIDAQAB
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEwwILcJFGPXiPHx1298/uyC7Ns7fZ
+nDRcmncQ1ReVkdjz3wqhIjAXaK59t+7i1/WD
 -----END PUBLIC KEY-----
 
-Verify=RSA-PSS-1
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=cd8b6538cb8e8de566b68bd067569dbf1ee2718e
-Output=9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c
-
-Verify=RSA-PSS-1
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=e35befc17a1d160b9ce35fbd8eb16e7ee491d3fd
-Output=3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C18:KAS-ECC-CDH_P-192_C18-PUBLIC
 
-Verify=RSA-PSS-1
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=0652ec67bcee30f9d2699122b91c19abdba89f91
-Output=666026fba71bd3e7cf13157cc2c51a8e4aa684af9778f91849f34335d141c00154c4197621f9624a675b5abc22ee7d5baaffaae1c9baca2cc373b3f33e78e6143c395a91aa7faca664eb733afd14d8827259d99a7550faca501ef2b04e33c23aa51f4b9e8282efdb728cc0ab09405a91607c6369961bc8270d2d4f39fce612b1
 
-Verify=RSA-PSS-1
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=39c21c4cceda9c1adf839c744e1212a6437575ec
-Output=4609793b23e9d09362dc21bb47da0b4f3a7622649a47d464019b9aeafe53359c178c91cd58ba6bcb78be0346a7bc637f4b873d4bab38ee661f199634c547a1ad8442e03da015b136e543f7ab07c0c13e4225b8de8cce25d4f6eb8400f81f7e1833b7ee6e334d370964ca79fdb872b4d75223b5eeb08101591fb532d155a6de87
+PublicKey=KAS-ECC-CDH_P-192_C18-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEmEZNR/Alb4KS4CfoySWC6nfPkFH1
+zo5dRJVS73V4vpYjb+XtnQZDwLtsWpE0sBCN
+-----END PUBLIC KEY-----
 
-Verify=RSA-PSS-1
 Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=36dae913b77bd17cae6e7b09453d24544cebb33c
-Output=1d2aad221ca4d31ddf13509239019398e3d14b32dc34dc5af4aeaea3c095af73479cf0a45e5629635a53a018377615b16cb9b13b3e09d671eb71e387b8545c5960da5a64776e768e82b2c93583bf104c3fdb23512b7b4e89f633dd0063a530db4524b01c3f384c09310e315a79dcd3d684022a7f31c865a664e316978b759fad
+Derive=KAS-ECC-CDH_P-192_C18
+PeerKey=KAS-ECC-CDH_P-192_C18-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=340ef3db3dbebdd91c62c3d4e1a3da2c7c52a3338b865259
 
-Verify=RSA-PSS-1
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=45eef191f4f79c31fe5d2ede7e5098994e929d2d
-Output=2a34f6125e1f6b0bf971e84fbd41c632be8f2c2ace7de8b6926e31ff93e9af987fbc06e51e9be14f5198f91f3f953bd67da60a9df59764c3dc0fe08e1cbef0b75f868d10ad3fba749fef59fb6dac46a0d6e504369331586f58e4628f39aa278982543bc0eeb537dc61958019b394fb273f215858a0a01ac4d650b955c67f4c58
+PrivateKey=KAS-ECC-CDH_P-192_C19
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBiUysLCynFHRkAWcNlO
+2/P2d4Z7WgO+562hNAMyAASxhVSi50PvCqLwQJh8TEUQBOCW3z2A3a5uPixhj4lu
+NrpiAHdoS3CgX/t5v15sdkA=
+-----END PRIVATE KEY-----
 
-PublicKey=RSA-PSS-2
+PublicKey=KAS-ECC-CDH_P-192_C19-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQHUDBvPl6aK5829invz40+hncyk
-73WkdFQ3X5RRTYj+0Ab7gp+EGf+H1jFdpoof86CTjpq7NGQBHDA62ZGZzwx8eotH
-fc6CnohE9iWxFeXpxKWc+PgRO2g0M2ov0mibRyy7Xlyr5nQ1DFm2wX4XaHT7Qvj8
-PRdqAX7cYf0ybEszyQIDAQAB
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEsYVUoudD7wqi8ECYfExFEATglt89
+gN2ubj4sYY+Jbja6YgB3aEtwoF/7eb9ebHZA
 -----END PUBLIC KEY-----
 
-Verify=RSA-PSS-2
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=5c81a3e2a658246628cd0ee8b00bb4c012bc9739
-Output=014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3
-
-Verify=RSA-PSS-2
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=27f71611446aa6eabf037f7dedeede3203244991
-Output=010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C19:KAS-ECC-CDH_P-192_C19-PUBLIC
 
-Verify=RSA-PSS-2
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=03ecc2c33e93f05fc7224fcc0d461356cb897217
-Output=007f0030018f53cdc71f23d03659fde54d4241f758a750b42f185f87578520c30742afd84359b6e6e8d3ed959dc6fe486bedc8e2cf001f63a7abe16256a1b84df0d249fc05d3194ce5f0912742dbbf80dd174f6c51f6bad7f16cf3364eba095a06267dc3793803ac7526aebe0a475d38b8c2247ab51c4898df7047dc6adf52c6c4
 
-Verify=RSA-PSS-2
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=246c727b4b9494849dddb068d582e179ac20999c
-Output=009cd2f4edbe23e12346ae8c76dd9ad3230a62076141f16c152ba18513a48ef6f010e0e37fd3df10a1ec629a0cb5a3b5d2893007298c30936a95903b6ba85555d9ec3673a06108fd62a2fda56d1ce2e85c4db6b24a81ca3b496c36d4fd06eb7c9166d8e94877c42bea622b3bfe9251fdc21d8d5371badad78a488214796335b40b
+PublicKey=KAS-ECC-CDH_P-192_C19-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEVj62bDNM9vEjvwTHgDtIoxECFCN+
+mDv1DzURBIGRme8HyaYFHSB1jzr3kCfqZqU/
+-----END PUBLIC KEY-----
 
-Verify=RSA-PSS-2
 Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=e8617ca3ea66ce6a58ede2d11af8c3ba8a6ba912
-Output=00ec430824931ebd3baa43034dae98ba646b8c36013d1671c3cf1cf8260c374b19f8e1cc8d965012405e7e9bf7378612dfcc85fce12cda11f950bd0ba8876740436c1d2595a64a1b32efcfb74a21c873b3cc33aaf4e3dc3953de67f0674c0453b4fd9f604406d441b816098cb106fe3472bc251f815f59db2e4378a3addc181ecf
+Derive=KAS-ECC-CDH_P-192_C19
+PeerKey=KAS-ECC-CDH_P-192_C19-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=2162144921df5103d0e6a650fb13fd246f4738d0896ce92f
 
-Verify=RSA-PSS-2
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=7a6fdc1a4e434ecbc35d657ad49a2f4fafd43bc8
-Output=00475b1648f814a8dc0abdc37b5527f543b666bb6e39d30e5b49d3b876dccc58eac14e32a2d55c2616014456ad2f246fc8e3d560da3ddf379a1c0bd200f10221df078c219a151bc8d4ec9d2fc2564467811014ef15d8ea01c2ebbff8c2c8efab38096e55fcbe3285c7aa558851254faffa92c1c72b78758663ef4582843139d7a6
+PrivateKey=KAS-ECC-CDH_P-192_C20
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBgqOp4zyMwxB6n5Jlw7
+3qEgZXDob5KscBShNAMyAASnuji+G8Zp3SPM/O4GRbHw24z5Qt6vrra4LbedgM0O
+N/KNQWOtw4ne6Px3l7XJgxs=
+-----END PRIVATE KEY-----
 
-PublicKey=RSA-PSS-3
+PublicKey=KAS-ECC-CDH_P-192_C20-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQLyRu9FHtPuu5oxAgDMJYWcBI5L
-55gwKZERLraM5ttnTigNoh/t7RrnSIDKUisY2ySThQEoJ8UV8ORmof+mkdmBcFdO
-nQ6tsIdYbKSJM9o8yVPZW9DtUN4Q3ctnNhB9bIMcf2Y+gzykwJfnAM4PuUX4j7hf
-6OWncxclZbkUpHGkQwIDAQAB
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEp7o4vhvGad0jzPzuBkWx8NuM+ULe
+r662uC23nYDNDjfyjUFjrcOJ3uj8d5e1yYMb
 -----END PUBLIC KEY-----
 
-Verify=RSA-PSS-3
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=3552be69dd74bdc56d2cf8c38ef7bafe269040fe
-Output=0088b135fb1794b6b96c4a3e678197f8cac52b64b2fe907d6f27de761124964a99a01a882740ecfaed6c01a47464bb05182313c01338a8cd097214cd68ca103bd57d3bc9e816213e61d784f182467abf8a01cf253e99a156eaa8e3e1f90e3c6e4e3aa2d83ed0345b89fafc9c26077c14b6ac51454fa26e446e3a2f153b2b16797f
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C20:KAS-ECC-CDH_P-192_C20-PUBLIC
 
-Verify=RSA-PSS-3
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=609143ff7240e55c062aba8b9e4426a781919bc9
-Output=02a5f0a858a0864a4f65017a7d69454f3f973a2999839b7bbc48bf78641169179556f595fa41f6ff18e286c2783079bc0910ee9cc34f49ba681124f923dfa88f426141a368a5f5a930c628c2c3c200e18a7644721a0cbec6dd3f6279bde3e8f2be5e2d4ee56f97e7ceaf33054be7042bd91a63bb09f897bd41e81197dee99b11af
 
-Verify=RSA-PSS-3
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=0afd22f879a9cda7c584f4135f8f1c961db114c0
-Output=0244bcd1c8c16955736c803be401272e18cb990811b14f72db964124d5fa760649cbb57afb8755dbb62bf51f466cf23a0a1607576e983d778fceffa92df7548aea8ea4ecad2c29dd9f95bc07fe91ecf8bee255bfe8762fd7690aa9bfa4fa0849ef728c2c42c4532364522df2ab7f9f8a03b63f7a499175828668f5ef5a29e3802c
+PublicKey=KAS-ECC-CDH_P-192_C20-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEhoKMSskrVQdhiux4c6HU/GVDxb4z
+zzB4siynJDdUXhDW1PBSQi64mLc3pLhUPuVQ
+-----END PUBLIC KEY-----
 
-Verify=RSA-PSS-3
 Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=405dd56d395ef0f01b555c48f748cc32b210650b
-Output=0196f12a005b98129c8df13c4cb16f8aa887d3c40d96df3a88e7532ef39cd992f273abc370bc1be6f097cfebbf0118fd9ef4b927155f3df22b904d90702d1f7ba7a52bed8b8942f412cd7bd676c9d18e170391dcd345c06a730964b3f30bcce0bb20ba106f9ab0eeb39cf8a6607f75c0347f0af79f16afa081d2c92d1ee6f836b8
-
-Verify=RSA-PSS-3
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=a2c313b0440c8a0c47233b87f0a160c61af3eae7
-Output=021eca3ab4892264ec22411a752d92221076d4e01c0e6f0dde9afd26ba5acf6d739ef987545d16683e5674c9e70f1de649d7e61d48d0caeb4fb4d8b24fba84a6e3108fee7d0705973266ac524b4ad280f7ae17dc59d96d3351586b5a3bdb895d1e1f7820ac6135d8753480998382ba32b7349559608c38745290a85ef4e9f9bd83
+Derive=KAS-ECC-CDH_P-192_C20
+PeerKey=KAS-ECC-CDH_P-192_C20-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=4c69e7feed4b11159adfc16a6047a92572ea44e0740b23af
 
-Verify=RSA-PSS-3
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=f1bf6ca7b4bbdbb6bf20a4bf55728725d177154a
-Output=012fafec862f56e9e92f60ab0c77824f4299a0ca734ed26e0644d5d222c7f0bde03964f8e70a5cb65ed44e44d56ae0edf1ff86ca032cc5dd4404dbb76ab854586c44eed8336d08d457ce6c03693b45c0f1efef93624b95b8ec169c616d20e5538ebc0b6737a6f82b4bc0570924fc6b35759a3348426279f8b3d7744e2d222426ce
+PrivateKey=KAS-ECC-CDH_P-192_C21
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhKa3ipismPqOmajs4I
+7AJREl+Fxv0OKJuhNAMyAATnadu81c4tg1FLdo09LVqgvNj2avFfVQAvxtCwOeDy
+j3T77/6eiD1N1yKW5OlcrnE=
+-----END PRIVATE KEY-----
 
-PublicKey=RSA-PSS-4
-Availablein = default
+PublicKey=KAS-ECC-CDH_P-192_C21-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQVK23iGRH7+b1fgNo8Gz1KwozcH
-YNFhzvEmuRvn+JxCG2Km7B2jwxHXXtUOCrX/8/0zisw6qKTnfuJjaay4G6kA+oP1
-MAz5u2xTrR3IoXi4FdtCNamp2gwG3k5hXqEnfOVZ6cEI3ljBSoGqd/Wm+NEzVJRJ
-iEjIuVlAdAvnv3w3BQIDAQAB
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE52nbvNXOLYNRS3aNPS1aoLzY9mrx
+X1UAL8bQsDng8o90++/+nog9TdciluTpXK5x
 -----END PUBLIC KEY-----
 
-Verify=RSA-PSS-4
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=f8b0abf70fec0bca74f0accbc24f75e6e90d3bfd
-Output=0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948
-
-Verify=RSA-PSS-4
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=04a10944bfe11ab801e77889f3fd3d7f4ff0b629
-Output=049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598
-
-Verify=RSA-PSS-4
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=ba01243db223eb97fb86d746c3148adaaa0ca344
-Output=03fbc410a2ced59500fb99f9e2af2781ada74e13145624602782e2994813eefca0519ecd253b855fb626a90d771eae028b0c47a199cbd9f8e3269734af4163599090713a3fa910fa0960652721432b971036a7181a2bc0cab43b0b598bc6217461d7db305ff7e954c5b5bb231c39e791af6bcfa76b147b081321f72641482a2aad
-
-Verify=RSA-PSS-4
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=934bb0d38d6836daec9de82a9648d4593da67cd2
-Output=0486644bc66bf75d28335a6179b10851f43f09bded9fac1af33252bb9953ba4298cd6466b27539a70adaa3f89b3db3c74ab635d122f4ee7ce557a61e59b82ffb786630e5f9db53c77d9a0c12fab5958d4c2ce7daa807cd89ba2cc7fcd02ff470ca67b229fcce814c852c73cc93bea35be68459ce478e9d4655d121c8472f371d4f
-
-Verify=RSA-PSS-4
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=ec35d81abd1cceac425a935758b683465c8bd879
-Output=022a80045353904cb30cbb542d7d4990421a6eec16a8029a8422adfd22d6aff8c4cc0294af110a0c067ec86a7d364134459bb1ae8ff836d5a8a2579840996b320b19f13a13fad378d931a65625dae2739f0c53670b35d9d3cbac08e733e4ec2b83af4b9196d63e7c4ff1ddeae2a122791a125bfea8deb0de8ccf1f4ffaf6e6fb0a
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C21:KAS-ECC-CDH_P-192_C21-PUBLIC
 
-Verify=RSA-PSS-4
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=72ce251d17b04dd3970d6ff1fbe3624899e9e941
-Output=00938dcb6d583046065f69c78da7a1f1757066a7fa75125a9d2929f0b79a60b627b082f11f5b196f28eb9daa6f21c05e5140f6aef1737d2023075c05ecf04a028c686a2ab3e7d5a0664f295ce12995e890908b6ad21f0839eb65b70393a7b5afd9871de0caa0cedec5b819626756209d13ab1e7bb9546a26ff37e9a51af9fd562e
 
-PublicKey=RSA-PSS-5
+PublicKey=KAS-ECC-CDH_P-192_C21-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQ0Q9mHymUD17TmqJglm3rR4Q2ed
-K2+yWz3jcPOsfBmRY5H9JftSfr+mpLTfRaF1nZlsS7Tr0YgoxE/FLQGRhxdAUl9H
-pLDMjaMl7YqmdrDQ9ibgp38HaSFwrKyAgvQvqn3HzRI+cw4xqHmFIEyry+ZnDUOi
-3Sst3vXgU5L8ITvFBwIDAQAB
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEZwChAkN3galYHaK8Jc7Vq/QZ2pHT
+yAPfcTlsnPCLzZGFTj5uQtjGV84PJ6t3qdxL
 -----END PUBLIC KEY-----
 
-Verify=RSA-PSS-5
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=d98b7061943510bc3dd9162f7169aabdbdcd0222
-Output=0ba373f76e0921b70a8fbfe622f0bf77b28a3db98e361051c3d7cb92ad0452915a4de9c01722f6823eeb6adf7e0ca8290f5de3e549890ac2a3c5950ab217ba58590894952de96f8df111b2575215da6c161590c745be612476ee578ed384ab33e3ece97481a252f5c79a98b5532ae00cdd62f2ecc0cd1baefe80d80b962193ec1d
-
-Verify=RSA-PSS-5
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=7ae8e699f754988f4fd645e463302e49a2552072
-Output=08180de825e4b8b014a32da8ba761555921204f2f90d5f24b712908ff84f3e220ad17997c0dd6e706630ba3e84add4d5e7ab004e58074b549709565d43ad9e97b5a7a1a29e85b9f90f4aafcdf58321de8c5974ef9abf2d526f33c0f2f82e95d158ea6b81f1736db8d1af3d6ac6a83b32d18bae0ff1b2fe27de4c76ed8c7980a34e
-
-Verify=RSA-PSS-5
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=8d46c7c05534c1ba2cc7624500d48a4531604bff
-Output=05e0fdbdf6f756ef733185ccfa8ced2eb6d029d9d56e35561b5db8e70257ee6fd019d2f0bbf669fe9b9821e78df6d41e31608d58280f318ee34f559941c8df13287574bac000b7e58dc4f414ba49fb127f9d0f8936638c76e85356c994f79750f7fa3cf4fd482df75e3fb9978cd061f7abb17572e6e63e0bde12cbdcf18c68b979
-
-Verify=RSA-PSS-5
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=ee3de96783fd0a157c8b20bf5566124124dcfe65
-Output=0bc989853bc2ea86873271ce183a923ab65e8a53100e6df5d87a24c4194eb797813ee2a187c097dd872d591da60c568605dd7e742d5af4e33b11678ccb63903204a3d080b0902c89aba8868f009c0f1c0cb85810bbdd29121abb8471ff2d39e49fd92d56c655c8e037ad18fafbdc92c95863f7f61ea9efa28fea401369d19daea1
-
-Verify=RSA-PSS-5
 Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=1204df0b03c2724e2709c23fc71789a21b00ae4c
-Output=0aefa943b698b9609edf898ad22744ac28dc239497cea369cbbd84f65c95c0ad776b594740164b59a739c6ff7c2f07c7c077a86d95238fe51e1fcf33574a4ae0684b42a3f6bf677d91820ca89874467b2c23add77969c80717430d0efc1d3695892ce855cb7f7011630f4df26def8ddf36fc23905f57fa6243a485c770d5681fcd
+Derive=KAS-ECC-CDH_P-192_C21
+PeerKey=KAS-ECC-CDH_P-192_C21-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=46072acefd67bff50de355ca7a31fa6be59f26e467587259
 
-Verify=RSA-PSS-5
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=29926bc3280c841f601acd0d6f17ea38023eddbc
-Output=02802dccfa8dfaf5279bf0b4a29ba1b157611faeaaf419b8919d15941900c1339e7e92e6fae562c53e6cc8e84104b110bce03ad18525e3c49a0eadad5d3f28f244a8ed89edbafbb686277cfa8ae909714d6b28f4bf8e293aa04c41efe7c0a81266d5c061e2575be032aa464674ff71626219bd74cc45f0e7ed4e3ff96eee758e8f
+PrivateKey=KAS-ECC-CDH_P-192_C22
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjFpkkdeIRNZhfvM75r
+i9VNoiFFCIXVlQ+hNAMyAATbGyT3RmvBVOnX0sPKUtz+C/yVY8X9tvMcdPu/W9mZ
+IfGpp0T44c93C9anancrMAM=
+-----END PRIVATE KEY-----
 
-PublicKey=RSA-PSS-6
+PublicKey=KAS-ECC-CDH_P-192_C22-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgRZMoxz/YJ86DnEBsDny5P5t03UZ
-q5hZjReeF0mWWYBx9H06BFWRWNe+NzzxqlPwqm7wkDnlZ4wqTGOQBRTIxPiq7V3h
-Kl8QsJwxGvjA/7W3opfy78Y7jWsFEJMfC5jki/X8bsTnuNsf+usIw44CrbjwOkgi
-nJnpaUMfYcuMTcaY0QIDAQAB
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE2xsk90ZrwVTp19LDylLc/gv8lWPF
+/bbzHHT7v1vZmSHxqadE+OHPdwvWp2p3KzAD
 -----END PUBLIC KEY-----
 
-Verify=RSA-PSS-6
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=ab464e8cb65ae5fdea47a53fa84b234d6bfd52f6
-Output=04c0cfacec04e5badbece159a5a1103f69b3f32ba593cb4cc4b1b7ab455916a96a27cd2678ea0f46ba37f7fc9c86325f29733b389f1d97f43e7201c0f348fc45fe42892335362eee018b5b161f2f9393031225c713012a576bc88e23052489868d9010cbf033ecc568e8bc152bdc59d560e41291915d28565208e22aeec9ef85d1
-
-Verify=RSA-PSS-6
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=92d0bcae82b641f578f040f5151be8eda6d42299
-Output=0a2314250cf52b6e4e908de5b35646bcaa24361da8160fb0f9257590ab3ace42b0dc3e77ad2db7c203a20bd952fbb56b1567046ecfaa933d7b1000c3de9ff05b7d989ba46fd43bc4c2d0a3986b7ffa13471d37eb5b47d64707bd290cfd6a9f393ad08ec1e3bd71bb5792615035cdaf2d8929aed3be098379377e777ce79aaa4773
-
-Verify=RSA-PSS-6
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=3569bd8fd2e28f2443375efa94f186f6911ffc2b
-Output=086df6b500098c120f24ff8423f727d9c61a5c9007d3b6a31ce7cf8f3cbec1a26bb20e2bd4a046793299e03e37a21b40194fb045f90b18bf20a47992ccd799cf9c059c299c0526854954aade8a6ad9d97ec91a1145383f42468b231f4d72f23706d9853c3fa43ce8ace8bfe7484987a1ec6a16c8daf81f7c8bf42774707a9df456
-
-Verify=RSA-PSS-6
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=7abbb7b42de335730a0b641f1e314b6950b84f98
-Output=0b5b11ad549863ffa9c51a14a1106c2a72cc8b646e5c7262509786105a984776534ca9b54c1cc64bf2d5a44fd7e8a69db699d5ea52087a4748fd2abc1afed1e5d6f7c89025530bdaa2213d7e030fa55df6f34bcf1ce46d2edf4e3ae4f3b01891a068c9e3a44bbc43133edad6ecb9f35400c4252a5762d65744b99cb9f4c559329f
-
-Verify=RSA-PSS-6
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=55b7eb27be7a787a59eb7e5fac468db8917a7725
-Output=02d71fa9b53e4654fefb7f08385cf6b0ae3a817942ebf66c35ac67f0b069952a3ce9c7e1f1b02e480a9500836de5d64cdb7ecde04542f7a79988787e24c2ba05f5fd482c023ed5c30e04839dc44bed2a3a3a4fee01113c891a47d32eb8025c28cb050b5cdb576c70fe76ef523405c08417faf350b037a43c379339fcb18d3a356b
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C22:KAS-ECC-CDH_P-192_C22-PUBLIC
 
-Verify=RSA-PSS-6
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=de2fa0367ef49083ff89b9905d3fd646fcc12c38
-Output=0a40a16e2fe2b38d1df90546167cf9469c9e3c3681a3442b4b2c2f581deb385ce99fc6188bb02a841d56e76d301891e24560550fcc2a26b55f4ccb26d837d350a154bcaca8392d98fa67959e9727b78cad03269f56968fc56b68bd679926d83cc9cb215550645ccda31c760ff35888943d2d8a1d351e81e5d07b86182e751081ef
 
-PublicKey=RSA-PSS-7
+PublicKey=KAS-ECC-CDH_P-192_C22-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgTfJ2kpmyMQIuNon0MnXn4zLHq/B
-0v5IdG2UC3xO9d7hitEmR876oMSzGIsiHFFThnWbk/AgJLJauSQvg1fY8/1JZA7l
-5kPq9sZN7vpwiXJ8j/A5kzM5FcbvIb9ZdbblDRGLUQCOwz6fAaClRaEKg2pD3byp
-2LXF01SAItcGTqKaswIDAQAB
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEqC81TPl77l0i3GwHnykC6tRNlqj2
+FPF4plSpqooaCALyzg7ooPTr6W3uGzdGSx/y
 -----END PUBLIC KEY-----
 
-Verify=RSA-PSS-7
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=8be4afbdd76bd8d142c5f4f46dba771ee5d6d29d
-Output=187f390723c8902591f0154bae6d4ecbffe067f0e8b795476ea4f4d51ccc810520bb3ca9bca7d0b1f2ea8a17d873fa27570acd642e3808561cb9e975ccfd80b23dc5771cdb3306a5f23159dacbd3aa2db93d46d766e09ed15d900ad897a8d274dc26b47e994a27e97e2268a766533ae4b5e42a2fcaf755c1c4794b294c60555823
-
-Verify=RSA-PSS-7
 Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=402140dc605b2f5c5ec0d15bce9f9ba8857fe117
-Output=10fd89768a60a67788abb5856a787c8561f3edcf9a83e898f7dc87ab8cce79429b43e56906941a886194f137e591fe7c339555361fbbe1f24feb2d4bcdb80601f3096bc9132deea60ae13082f44f9ad41cd628936a4d51176e42fc59cb76db815ce5ab4db99a104aafea68f5d330329ebf258d4ede16064bd1d00393d5e1570eb8
+Derive=KAS-ECC-CDH_P-192_C22
+PeerKey=KAS-ECC-CDH_P-192_C22-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=ec5580eabca9f3389d2b427ddf6e49e26d629afd03fa766e
 
-Verify=RSA-PSS-7
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=3e885205892ff2b6b37c2c4eb486c4bf2f9e7f20
-Output=2b31fde99859b977aa09586d8e274662b25a2a640640b457f594051cb1e7f7a911865455242926cf88fe80dfa3a75ba9689844a11e634a82b075afbd69c12a0df9d25f84ad4945df3dc8fe90c3cefdf26e95f0534304b5bdba20d3e5640a2ebfb898aac35ae40f26fce5563c2f9f24f3042af76f3c7072d687bbfb959a88460af1
+PrivateKey=KAS-ECC-CDH_P-192_C23
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBgronA8XiP2RjxbiNw3
+KS+r0zmbXh+2fAWhNAMyAAR1QxSJBs75s3pxp8CDY83Tu6UBQtZSQaqLOmlz3o3C
+ceJ8Hq0eli/arjcQxyTarDg=
+-----END PRIVATE KEY-----
 
-Verify=RSA-PSS-7
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=1fc2201d0c442a4736cd8b2cd00c959c47a3bf42
-Output=32c7ca38ff26949a15000c4ba04b2b13b35a3810e568184d7ecabaa166b7ffabddf2b6cf4ba07124923790f2e5b1a5be040aea36fe132ec130e1f10567982d17ac3e89b8d26c3094034e762d2e031264f01170beecb3d1439e05846f25458367a7d9c02060444672671e64e877864559ca19b2074d588a281b5804d23772fbbe19
+PublicKey=KAS-ECC-CDH_P-192_C23-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEdUMUiQbO+bN6cafAg2PN07ulAULW
+UkGqizppc96NwnHifB6tHpYv2q43EMck2qw4
+-----END PUBLIC KEY-----
 
-Verify=RSA-PSS-7
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=e4351b66819e5a31501f89acc7faf57030e9aac5
-Output=07eb651d75f1b52bc263b2e198336e99fbebc4f332049a922a10815607ee2d989db3a4495b7dccd38f58a211fb7e193171a3d891132437ebca44f318b280509e52b5fa98fcce8205d9697c8ee4b7ff59d4c59c79038a1970bd2a0d451ecdc5ef11d9979c9d35f8c70a6163717607890d586a7c6dc01c79f86a8f28e85235f8c2f1
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C23:KAS-ECC-CDH_P-192_C23-PUBLIC
 
-Verify=RSA-PSS-7
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=49f6cc58365e514e1a3f301f4de16f9fb5347ff2
-Output=18da3cdcfe79bfb77fd9c32f377ad399146f0a8e810620233271a6e3ed3248903f5cdc92dc79b55d3e11615aa056a795853792a3998c349ca5c457e8ca7d29d796aa24f83491709befcfb1510ea513c92829a3f00b104f655634f320752e130ec0ccf6754ff893db302932bb025eb60e87822598fc619e0e981737a9a4c4152d33
 
-PublicKey=RSA-PSS-8
+PublicKey=KAS-ECC-CDH_P-192_C23-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgUlTcKH7GFQ8FtNjHjFjJV32K+bu
-6JDV8lUJ5Pd4qOpvu7zfhd/2Tg2XIAOrNoH7um3UH9VBgpsuWC3p8qSk4KLQkAvv
-R1PbPO4O4Gx9+uix1TtZUyGPnM7qaVsIZo7eqtztlGOx15DV6/J+kRW0bK1NmiuO
-+rBWGwgQNEc5raBzPwIDAQAB
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEPOwhsoZooSos944ajlXQ7+BlFS//
+w0cYEClVe+uk/xmSvSHCPLSCX22ucOMxj9HK
 -----END PUBLIC KEY-----
 
-Verify=RSA-PSS-8
 Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=a1dd230d8ead860199b6277c2ecfe3d95f6d9160
-Output=0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5
-
-Verify=RSA-PSS-8
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=f6e68e53c602c5c65fa67b5aa6d786e5524b12ab
-Output=2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e
+Derive=KAS-ECC-CDH_P-192_C23
+PeerKey=KAS-ECC-CDH_P-192_C23-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=7f3929dd3cbf7673bc30d859d90b880307475f800660ea32
 
-Verify=RSA-PSS-8
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=d6f9fcd3ae27f32bb2c7c93536782eba52af1f76
-Output=2ad20509d78cf26d1b6c406146086e4b0c91a91c2bd164c87b966b8faa42aa0ca446022323ba4b1a1b89706d7f4c3be57d7b69702d168ab5955ee290356b8c4a29ed467d547ec23cbadf286ccb5863c6679da467fc9324a151c7ec55aac6db4084f82726825cfe1aa421bc64049fb42f23148f9c25b2dc300437c38d428aa75f96
+PrivateKey=KAS-ECC-CDH_P-192_C24
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBiDYRjGJI+ILpFHl292
+SCbBoodVphApd9WhNAMyAAT800WpdscgyqqX3maXImglYV4Sh6nv9n5Y6kLtvur8
+qf9Ez9fymr0svedibXnkIsk=
+-----END PRIVATE KEY-----
 
-Verify=RSA-PSS-8
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=7ff2a53ce2e2d900d468e498f230a5f5dd0020de
-Output=1e24e6e58628e5175044a9eb6d837d48af1260b0520e87327de7897ee4d5b9f0df0be3e09ed4dea8c1454ff3423bb08e1793245a9df8bf6ab3968c8eddc3b5328571c77f091cc578576912dfebd164b9de5454fe0be1c1f6385b328360ce67ec7a05f6e30eb45c17c48ac70041d2cab67f0a2ae7aafdcc8d245ea3442a6300ccc7
+PublicKey=KAS-ECC-CDH_P-192_C24-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE/NNFqXbHIMqql95mlyJoJWFeEoep
+7/Z+WOpC7b7q/Kn/RM/X8pq9LL3nYm155CLJ
+-----END PUBLIC KEY-----
 
-Verify=RSA-PSS-8
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=4eb309f7022ba0b03bb78601b12931ec7c1be8d3
-Output=33341ba3576a130a50e2a5cf8679224388d5693f5accc235ac95add68e5eb1eec31666d0ca7a1cda6f70a1aa762c05752a51950cdb8af3c5379f18cfe6b5bc55a4648226a15e912ef19ad77adeea911d67cfefd69ba43fa4119135ff642117ba985a7e0100325e9519f1ca6a9216bda055b5785015291125e90dcd07a2ca9673ee
+PrivPubKeyPair = KAS-ECC-CDH_P-192_C24:KAS-ECC-CDH_P-192_C24-PUBLIC
 
-Verify=RSA-PSS-8
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=65033bc2f67d6aba7d526acb873b8d9241e5e4d9
-Output=1ed1d848fb1edb44129bd9b354795af97a069a7a00d0151048593e0c72c3517ff9ff2a41d0cb5a0ac860d736a199704f7cb6a53986a88bbd8abcc0076a2ce847880031525d449da2ac78356374c536e343faa7cba42a5aaa6506087791c06a8e989335aed19bfab2d5e67e27fb0c2875af896c21b6e8e7309d04e4f6727e69463e
 
-PublicKey=RSA-PSS-9
+PublicKey=KAS-ECC-CDH_P-192_C24-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIHfMA0GCSqGSIb3DQEBAQUAA4HNADCByQKBwQDmvWkqyWZFeQQD/dD1vri5v5Lt
-EAB/w2UEZBndBsBcW1svSOz5ieTOJpEJl5y7QLSgrSTSJIPR7jFa1MyxU0JoNSaR
-xST23Y5sKdIkzyRpc67IbFv2sUAahQ0bmtG7jLzsR7BvD4x/RdP8jzGSmcVDPdvC
-swU7R97S7NSkyu/WFIM9yLtiLzF+0Ha4BX/o3j+ESArV6D5KYZBKTySPs5cCc1fh
-0w5GMTmBXG/U/VrFuBcqRSMOy2MYoE8UVdhOWosCAwEAAQ==
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEcIJkRxW4tzH4IotRGOcnDTTRgfNh
+oiH8RkZJ1siMqJYUSIocx7hEK7Qvn7MCCj12
 -----END PUBLIC KEY-----
 
-Verify=RSA-PSS-9
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=2715a49b8b0012cd7aee84c116446e6dfe3faec0
-Output=586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e
 
-Verify=RSA-PSS-9
 Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=2dac956d53964748ac364d06595827c6b4f143cd
-Output=80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958
+Derive=KAS-ECC-CDH_P-192_C24
+PeerKey=KAS-ECC-CDH_P-192_C24-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=72e88f3ea67d46d46dbf83926e7e2a6b85b54536741e6d2c
 
-Verify=RSA-PSS-9
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=28d98c46cccafbd3bc04e72f967a54bd3ea12298
-Output=484408f3898cd5f53483f80819efbf2708c34d27a8b2a6fae8b322f9240237f981817aca1846f1084daa6d7c0795f6e5bf1af59c38e1858437ce1f7ec419b98c8736adf6dd9a00b1806d2bd3ad0a73775e05f52dfef3a59ab4b08143f0df05cd1ad9d04bececa6daa4a2129803e200cbc77787caf4c1d0663a6c5987b605952019782caf2ec1426d68fb94ed1d4be816a7ed081b77e6ab330b3ffc073820fecde3727fcbe295ee61a050a343658637c3fd659cfb63736de32d9f90d3c2f63eca
+PrivateKey=KAS-ECC-CDH_P-224_C0
+-----BEGIN PRIVATE KEY-----
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBByDRqYPxvKTyloNKvaLpx0d
+04nl5Ag3lC3z5Dy9oTwDOgAEjeLiat9yxYLWVo72OMT9WbGNoXG99QHx2SngSEpo
+ocKw+yKTDRIFVcHs5Q6pjeqEB/cb4276wN4=
+-----END PRIVATE KEY-----
 
-Verify=RSA-PSS-9
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=0866d2ff5a79f25ef668cd6f31b42dee421e4c0e
-Output=84ebeb481be59845b46468bafb471c0112e02b235d84b5d911cbd1926ee5074ae0424495cb20e82308b8ebb65f419a03fb40e72b78981d88aad143053685172c97b29c8b7bf0ae73b5b2263c403da0ed2f80ff7450af7828eb8b86f0028bd2a8b176a4d228cccea18394f238b09ff758cc00bc04301152355742f282b54e663a919e709d8da24ade5500a7b9aa50226e0ca52923e6c2d860ec50ff480fa57477e82b0565f4379f79c772d5c2da80af9fbf325ece6fc20b00961614bee89a183e
+PublicKey=KAS-ECC-CDH_P-224_C0-PUBLIC
+-----BEGIN PUBLIC KEY-----
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEjeLiat9yxYLWVo72OMT9WbGNoXG99QHx
+2SngSEpoocKw+yKTDRIFVcHs5Q6pjeqEB/cb4276wN4=
+-----END PUBLIC KEY-----
 
-Verify=RSA-PSS-9
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=6a5b4be4cd36cc97dfde9995efbf8f097a4a991a
-Output=82102df8cb91e7179919a04d26d335d64fbc2f872c44833943241de8454810274cdf3db5f42d423db152af7135f701420e39b494a67cbfd19f9119da233a23da5c6439b5ba0d2bc373eee3507001378d4a4073856b7fe2aba0b5ee93b27f4afec7d4d120921c83f606765b02c19e4d6a1a3b95fa4c422951be4f52131077ef17179729cddfbdb56950dbaceefe78cb16640a099ea56d24389eef10f8fecb31ba3ea3b227c0a86698bb89e3e9363905bf22777b2a3aa521b65b4cef76d83bde4c
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C0:KAS-ECC-CDH_P-224_C0-PUBLIC
 
-Verify=RSA-PSS-9
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=b9dfd1df76a461c51e6576c6c8ed0a923d1c50e7
-Output=a7fdb0d259165ca2c88d00bbf1028a867d337699d061193b17a9648e14ccbbaadeacaacdec815e7571294ebb8a117af205fa078b47b0712c199e3ad05135c504c24b81705115740802487992ffd511d4afc6b854491eb3f0dd523139542ff15c3101ee85543517c6a3c79417c67e2dd9aa741e9a29b06dcb593c2336b3670ae3afbac7c3e76e215473e866e338ca244de00b62624d6b9426822ceae9f8cc460895f41250073fd45c5a1e7b425c204a423a699159f6903e710b37a7bb2bc8049f
 
-PublicKey=RSA-PSS-10
+PublicKey=KAS-ECC-CDH_P-224_C0-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApd2GesTLAvkLlFfUjBSn
-cO+ZHFbDnA7GX9Ea+ok3zqV7m+esc7RcABdhW4LWIuMYdTtgJ8D9FXvhL4CQ/uKn
-rc0O73WfiLpJl8ekLVjJqhLLma4AH+UhwTu1QxRFqNWuT15MfpSKwifTYEBx8g5X
-fpBfvrFd+vBtHeWuYlPWOmohILMaXaXavJVQYA4g8n03OeJieSX+o8xQnyHf8E5u
-6kVJxUDWgJ/5MH7t6R//WHM9g4WiN9bTcFoz45GQCZIHDfet8TV89+NwDONmfeg/
-F7jfF3jbOB3OCctK0FilEQAac4GY7ifPVaE7dUU5kGWC7IsXS9WNXR89dnxhNyGu
-BQIDAQAB
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAErzPNBim8fpljIKP0A2j3TehwT6N7j6tp
+q6rigIggksy7p5MPQZqKT5uxaXi7w4OHKZklWaby4tc=
 -----END PUBLIC KEY-----
 
-Verify=RSA-PSS-10
 Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=9596bb630cf6a8d4ea4600422b9eba8b13675dd4
-Output=82c2b160093b8aa3c0f7522b19f87354066c77847abf2a9fce542d0e84e920c5afb49ffdfdace16560ee94a1369601148ebad7a0e151cf16331791a5727d05f21e74e7eb811440206935d744765a15e79f015cb66c532c87a6a05961c8bfad741a9a6657022894393e7223739796c02a77455d0f555b0ec01ddf259b6207fd0fd57614cef1a5573baaff4ec00069951659b85f24300a25160ca8522dc6e6727e57d019d7e63629b8fe5e89e25cc15beb3a647577559299280b9b28f79b0409000be25bbd96408ba3b43cc486184dd1c8e62553fa1af4040f60663de7f5e49c04388e257f1ce89c95dab48a315d9b66b1b7628233876ff2385230d070d07e1666
-
-Verify=RSA-PSS-10
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=b503319399277fd6c1c8f1033cbf04199ea21716
-Output=14ae35d9dd06ba92f7f3b897978aed7cd4bf5ff0b585a40bd46ce1b42cd2703053bb9044d64e813d8f96db2dd7007d10118f6f8f8496097ad75e1ff692341b2892ad55a633a1c55e7f0a0ad59a0e203a5b8278aec54dd8622e2831d87174f8caff43ee6c46445345d84a59659bfb92ecd4c818668695f34706f66828a89959637f2bf3e3251c24bdba4d4b7649da0022218b119c84e79a6527ec5b8a5f861c159952e23ec05e1e717346faefe8b1686825bd2b262fb2531066c0de09acde2e4231690728b5d85e115a2f6b92b79c25abc9bd9399ff8bcf825a52ea1f56ea76dd26f43baafa18bfa92a504cbd35699e26d1dcc5a2887385f3c63232f06f3244c3
-
-Verify=RSA-PSS-10
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=50aaede8536b2c307208b275a67ae2df196c7628
-Output=6e3e4d7b6b15d2fb46013b8900aa5bbb3939cf2c095717987042026ee62c74c54cffd5d7d57efbbf950a0f5c574fa09d3fc1c9f513b05b4ff50dd8df7edfa20102854c35e592180119a70ce5b085182aa02d9ea2aa90d1df03f2daae885ba2f5d05afdac97476f06b93b5bc94a1a80aa9116c4d615f333b098892b25fface266f5db5a5a3bcc10a824ed55aad35b727834fb8c07da28fcf416a5d9b2224f1f8b442b36f91e456fdea2d7cfe3367268de0307a4c74e924159ed33393d5e0655531c77327b89821bdedf880161c78cd4196b5419f7acc3f13e5ebf161b6e7c6724716ca33b85c2e25640192ac2859651d50bde7eb976e51cec828b98b6563b86bb
-
-Verify=RSA-PSS-10
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=aa0b72b8b371ddd10c8ae474425ccccf8842a294
-Output=34047ff96c4dc0dc90b2d4ff59a1a361a4754b255d2ee0af7d8bf87c9bc9e7ddeede33934c63ca1c0e3d262cb145ef932a1f2c0a997aa6a34f8eaee7477d82ccf09095a6b8acad38d4eec9fb7eab7ad02da1d11d8e54c1825e55bf58c2a23234b902be124f9e9038a8f68fa45dab72f66e0945bf1d8bacc9044c6f07098c9fcec58a3aab100c805178155f030a124c450e5acbda47d0e4f10b80a23f803e774d023b0015c20b9f9bbe7c91296338d5ecb471cafb032007b67a60be5f69504a9f01abb3cb467b260e2bce860be8d95bf92c0c8e1496ed1e528593a4abb6df462dde8a0968dffe4683116857a232f5ebf6c85be238745ad0f38f767a5fdbf486fb
-
-Verify=RSA-PSS-10
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=fad3902c9750622a2bc672622c48270cc57d3ea8
-Output=7e0935ea18f4d6c1d17ce82eb2b3836c55b384589ce19dfe743363ac9948d1f346b7bfddfe92efd78adb21faefc89ade42b10f374003fe122e67429a1cb8cbd1f8d9014564c44d120116f4990f1a6e38774c194bd1b8213286b077b0499d2e7b3f434ab12289c556684deed78131934bb3dd6537236f7c6f3dcb09d476be07721e37e1ceed9b2f7b406887bd53157305e1c8b4f84d733bc1e186fe06cc59b6edb8f4bd7ffefdf4f7ba9cfb9d570689b5a1a4109a746a690893db3799255a0cb9215d2d1cd490590e952e8c8786aa0011265252470c041dfbc3eec7c3cbf71c24869d115c0cb4a956f56d530b80ab589acfefc690751ddf36e8d383f83cedd2cc
-
-Verify=RSA-PSS-10
-Availablein = default
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_mgf1_md:sha1
-Input=122196deb5d122bd8c6fc781ff6924d7c695aade
-Output=6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f
-
-PrivateKey=RSA-OAEP-1
------BEGIN PRIVATE KEY-----
-MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKizsoSvjrULOHA0
-qGDxRsSRnzGHY81sVZjIrkgRoeCrxMfgsILWk6Xn/O1nXPRmhRJ3LAy8ZKdCxsYw
-9TPIzHL2KugzxAvyWELphLt4vb+XwBB9Vb22YvXE4Pq5hFy1FI73OS3Tqv+Trh5r
-Znuz1CR2FtT1uhDUz9Im3ojTnxb7AgMBAAECgYBTM5z9t5/IRmplXHMWrKhcVf2P
-bdiY/a8RlRfvT1Lo/Y4ljfk/7hgPoOSrKWk82DsVKlU9SsTRgSuLn6WvDn9V/nME
-30FXCSbzMR8VxNZacyxIMRbuPT0tCvNUmtm/fL+3itiE+E1b6wRyTcc2mzHe830M
-9Tnpz83T3mU3KerV0QJBANMnN+cmf/4TQbLVwNFQqBtYb7MTK+0vjVJihkqcufMK
-84vkSFmNQToXLvuALCGs8cEcUgwvJqRx3K0hLqx8o50CQQDMiFPR1U2mMPrABPRx
-8oHHuJgtgiSkkO2+sz0+PVzJPEdlcD0d15FkLx8Rag3YUr4kGbKvcr/poDDoYLAo
-i113AkAOEr8XGOnO9VmbocOIL+gEapCHTu/OjyzMIOTydB+wozo4SK7JyTBfvsvS
-12gZln1GcazGQx5AN5aNs3h45pXBAkEAlSl7D5Wi+mfQBwfWCd/U/AXIna/C721u
-pVvsdx6jM3NNklHnkILs2oZu/vE8RZ4aYxOGt+NUyJn18RLKhdcVgwJAT0VsUCST
-vcDtKrdWo6btTWc1Kml9QhbpMhKxJ6Y9VBHOb6mNXb79cyY+NygUJ0OBgWbtfdY2
-h90qjKHS9PvY4Q==
------END PRIVATE KEY-----
-
-Decrypt=RSA-OAEP-1
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=354fe67b4a126d5d35fe36c777791a3f7ba13def484e2d3908aff722fad468fb21696de95d0be911c2d3174f8afcc201035f7b6d8e69402de5451618c21a535fa9d7bfc5b8dd9fc243f8cf927db31322d6e881eaa91a996170e657a05a266426d98c88003f8477c1227094a0d9fa1e8c4024309ce1ecccb5210035d47ac72e8a
-Output=6628194e12073db03ba94cda9ef9532397d50dba79b987004afefe34
-
-Decrypt=RSA-OAEP-1
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=640db1acc58e0568fe5407e5f9b701dff8c3c91e716c536fc7fcec6cb5b71c1165988d4a279e1577d730fc7a29932e3f00c81515236d8d8e31017a7a09df4352d904cdeb79aa583adcc31ea698a4c05283daba9089be5491f67c1a4ee48dc74bbbe6643aef846679b4cb395a352d5ed115912df696ffe0702932946d71492b44
-Output=750c4047f547e8e41411856523298ac9bae245efaf1397fbe56f9dd5
-
-Decrypt=RSA-OAEP-1
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=423736ed035f6026af276c35c0b3741b365e5f76ca091b4e8c29e2f0befee603595aa8322d602d2e625e95eb81b2f1c9724e822eca76db8618cf09c5343503a4360835b5903bc637e3879fb05e0ef32685d5aec5067cd7cc96fe4b2670b6eac3066b1fcf5686b68589aafb7d629b02d8f8625ca3833624d4800fb081b1cf94eb
-Output=d94ae0832e6445ce42331cb06d531a82b1db4baad30f746dc916df24d4e3c2451fff59a6423eb0e1d02d4fe646cf699dfd818c6e97b051
-
-Decrypt=RSA-OAEP-1
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=45ead4ca551e662c9800f1aca8283b0525e6abae30be4b4aba762fa40fd3d38e22abefc69794f6ebbbc05ddbb11216247d2f412fd0fba87c6e3acd888813646fd0e48e785204f9c3f73d6d8239562722dddd8771fec48b83a31ee6f592c4cfd4bc88174f3b13a112aae3b9f7b80e0fc6f7255ba880dc7d8021e22ad6a85f0755
-Output=52e650d98e7f2a048b4f86852153b97e01dd316f346a19f67a85
-
-Decrypt=RSA-OAEP-1
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=36f6e34d94a8d34daacba33a2139d00ad85a9345a86051e73071620056b920e219005855a213a0f23897cdcd731b45257c777fe908202befdd0b58386b1244ea0cf539a05d5d10329da44e13030fd760dcd644cfef2094d1910d3f433e1c7c6dd18bc1f2df7f643d662fb9dd37ead9059190f4fa66ca39e869c4eb449cbdc439
-Output=8da89fd9e5f974a29feffb462b49180f6cf9e802
-
-Decrypt=RSA-OAEP-1
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=42cee2617b1ecea4db3f4829386fbd61dafbf038e180d837c96366df24c097b4ab0fac6bdf590d821c9f10642e681ad05b8d78b378c0f46ce2fad63f74e0ad3df06b075d7eb5f5636f8d403b9059ca761b5c62bb52aa45002ea70baace08ded243b9d8cbd62a68ade265832b56564e43a6fa42ed199a099769742df1539e8255
-Output=26521050844271
-
-PrivateKey=RSA-OAEP-2
------BEGIN PRIVATE KEY-----
-MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAZR8f86QQl9HJ55w
-hR8l1eYjFv6KHfGTcePmKOJgVD5JAe9ggfaMC4FBGQ0q6Nq6fRJQ7G22NulE7Dci
-h3x8HQpn8UsWlMXwN5RRpD5Joy3eg2cLc9qRocmbwjtDamAFXGEPC6+ZwaB5VluV
-o/FSZjLR1Npg8g7aJeZTxPACdm9FAgMBAAECgYAII/IPrbXaiQiKnQCJPiH6ShsR
-+8k8ZKO+C6rql/s7k8P/cTcEwZyWPB0Qeq6ZBUc5954C4Ybehvh6bd7+ptjM0dPI
-Gke/pyVb4gYBpKSy8IoWe14nnXFbG0Vb3X6rJFlB2XaLms77PM2llS2jzuclJbRQ
-FmOo7hXJ6ZLZJGL+OQJBAVnb3gSjPvBvtgi4CxkPTT4ivME6yOSggQM6v6QW7bCz
-OKoItXMJ6lpSQOfcblQ3jGlBTDHZfdsfQG2zdpzEGkMCQQErZS8wQDs4tAmV/W/0
-GhrMitpwNzI2tyAtObLuMM+0bbCVEfbzB8xhzCFgbBinW4pi+CLfAxug3w2v1VBv
-VovXAkBDbvUI3nNlGcLaTFgNmMgst0UqP7XvrcO5x3iaG8ZYT3la3bvTJDnHRoZV
-LstsLDB6TTr39TnuwVckjHsx8aJVAkEBKxWonz37KzkHPnPwK90MGns3ndQ18Fzd
-4u/55GKUi3zsYu6QUNXggW4HhahWtJEI3LdfNoOHTRymMpoZATBm/wJAAnDbF9WR
-SwGNdhGLJDiac1Dsg2sAY6IXISNv2O222JtR5+64e2EbcTLLfqc1bCMVHB53UVB8
-eG2e4XlBcKjI6A==
------END PRIVATE KEY-----
-
-Decrypt=RSA-OAEP-2
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=0181af8922b9fcb4d79d92ebe19815992fc0c1439d8bcd491398a0f4ad3a329a5bd9385560db532683c8b7da04e4b12aed6aacdf471c34c9cda891addcc2df3456653aa6382e9ae59b54455257eb099d562bbe10453f2b6d13c59c02e10f1f8abb5da0d0570932dacf2d0901db729d0fefcc054e70968ea540c81b04bcaefe720e
-Output=8ff00caa605c702830634d9a6c3d42c652b58cf1d92fec570beee7
-
-Decrypt=RSA-OAEP-2
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=018759ff1df63b2792410562314416a8aeaf2ac634b46f940ab82d64dbf165eee33011da749d4bab6e2fcd18129c9e49277d8453112b429a222a8471b070993998e758861c4d3f6d749d91c4290d332c7a4ab3f7ea35ff3a07d497c955ff0ffc95006b62c6d296810d9bfab024196c7934012c2df978ef299aba239940cba10245
-Output=2d
-
-Decrypt=RSA-OAEP-2
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=018802bab04c60325e81c4962311f2be7c2adce93041a00719c88f957575f2c79f1b7bc8ced115c706b311c08a2d986ca3b6a9336b147c29c6f229409ddec651bd1fdd5a0b7f610c9937fdb4a3a762364b8b3206b4ea485fd098d08f63d4aa8bb2697d027b750c32d7f74eaf5180d2e9b66b17cb2fa55523bc280da10d14be2053
-Output=74fc88c51bc90f77af9d5e9a4a70133d4b4e0b34da3c37c7ef8e
-
-Decrypt=RSA-OAEP-2
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=00a4578cbc176318a638fba7d01df15746af44d4f6cd96d7e7c495cbf425b09c649d32bf886da48fbaf989a2117187cafb1fb580317690e3ccd446920b7af82b31db5804d87d01514acbfa9156e782f867f6bed9449e0e9a2c09bcecc6aa087636965e34b3ec766f2fe2e43018a2fddeb140616a0e9d82e5331024ee0652fc7641
-Output=a7eb2a5036931d27d4e891326d99692ffadda9bf7efd3e34e622c4adc085f721dfe885072c78a203b151739be540fa8c153a10f00a
-
-Decrypt=RSA-OAEP-2
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=00ebc5f5fda77cfdad3c83641a9025e77d72d8a6fb33a810f5950f8d74c73e8d931e8634d86ab1246256ae07b6005b71b7f2fb98351218331ce69b8ffbdc9da08bbc9c704f876deb9df9fc2ec065cad87f9090b07acc17aa7f997b27aca48806e897f771d95141fe4526d8a5301b678627efab707fd40fbebd6e792a25613e7aec
-Output=2ef2b066f854c33f3bdcbb5994a435e73d6c6c
-
-Decrypt=RSA-OAEP-2
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=010839ec20c27b9052e55befb9b77e6fc26e9075d7a54378c646abdf51e445bd5715de81789f56f1803d9170764a9e93cb78798694023ee7393ce04bc5d8f8c5a52c171d43837e3aca62f609eb0aa5ffb0960ef04198dd754f57f7fbe6abf765cf118b4ca443b23b5aab266f952326ac4581100644325f8b721acd5d04ff14ef3a
-Output=8a7fb344c8b6cb2cf2ef1f643f9a3218f6e19bba89c0
-
-PrivateKey=RSA-OAEP-3
------BEGIN PRIVATE KEY-----
-MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBArWP7AOahgcApNe2
-Ri+T5s3UkRYd3XT06BC0DjwWUgBqXCd7J3TBEwWky6taeO+lfheobfej+jb8Sx0i
-SfIux8LdakYyMqzOqQbWbr6AtXBLEHKdpvgzI0q7Xv3UopLL+tM7TTP6ehS4w5e1
-bjrNISA0KLd836M6bacGs9iw/EPpAgMBAAECgYAVtIpbVoOpRnDiO1cY+BT6DhP4
-UDj1BxEYLLphUQWB89IsfiMu+TfiLlUdaLhuL4yxqti+LkiPXffv0nnj9WjU6vNv
-gM9xQazmD8yRE/tsSoQf1Qu8fFEv/L7/IUh6qBHrPKjGIAU0aobehr+h2KlI/T80
-jCLqrfMzw85s4TII/QJBAb8B0hbXNZXPAnDCvreNQKDYRH0x2pGamD9+6ngbd9hf
-43Gz6Tc+e2khfTFQoC2JWN5/rZ1VUWCVi0RUEn4Ofq8CQQGNM5llgWbbOCmBbXsp
-VBZ1npyRmH9bLYrs1jsEtIvXsvzyKbt/im3Ii6E90uOa1VttGgYWBwj5cAvoC4/T
-dEznAkAGwKJJ0gpvLudciLSU1T9qrpmqQnyIwosWOnaUReXzkM9AwnT9bqYymlzn
-x84DohWDlu4qeEV4bgniiFqXKOTlAkEA0dJ8Kf7dkthsNI7dDMv6wU90bgUc4dGB
-HfNdYfLuHJfUvygEgC9kJxh7qOkKivRCQ7QHmwNEXmAuKfpRk+ZP6QJBAIyy91a9
-iUGx07dw5a0x7jc7KKzaaf+bb0D+V4ufGvuFg2+WJ9N6z/c8J3nmNLsmARwsj38z
-Ya4qnqZe1onjY5o=
------END PRIVATE KEY-----
-
-Decrypt=RSA-OAEP-3
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=026a0485d96aebd96b4382085099b962e6a2bdec3d90c8db625e14372de85e2d5b7baab65c8faf91bb5504fb495afce5c988b3f6a52e20e1d6cbd3566c5cd1f2b8318bb542cc0ea25c4aab9932afa20760eaddec784396a07ea0ef24d4e6f4d37e5052a7a31e146aa480a111bbe926401307e00f410033842b6d82fe5ce4dfae80
-Output=087820b569e8fa8d
-
-Decrypt=RSA-OAEP-3
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=024db89c7802989be0783847863084941bf209d761987e38f97cb5f6f1bc88da72a50b73ebaf11c879c4f95df37b850b8f65d7622e25b1b889e80fe80baca2069d6e0e1d829953fc459069de98ea9798b451e557e99abf8fe3d9ccf9096ebbf3e5255d3b4e1c6d2ecadf067a359eea86405acd47d5e165517ccafd47d6dbee4bf5
-Output=4653acaf171960b01f52a7be63a3ab21dc368ec43b50d82ec3781e04
-
-Decrypt=RSA-OAEP-3
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=0239bce681032441528877d6d1c8bb28aa3bc97f1df584563618995797683844ca86664732f4bed7a0aab083aaabfb7238f582e30958c2024e44e57043b97950fd543da977c90cdde5337d618442f99e60d7783ab59ce6dd9d69c47ad1e962bec22d05895cff8d3f64ed5261d92b2678510393484990ba3f7f06818ae6ffce8a3a
-Output=d94cd0e08fa404ed89
-
-Decrypt=RSA-OAEP-3
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=02994c62afd76f498ba1fd2cf642857fca81f4373cb08f1cbaee6f025c3b512b42c3e8779113476648039dbe0493f9246292fac28950600e7c0f32edf9c81b9dec45c3bde0cc8d8847590169907b7dc5991ceb29bb0714d613d96df0f12ec5d8d3507c8ee7ae78dd83f216fa61de100363aca48a7e914ae9f42ddfbe943b09d9a0
-Output=6cc641b6b61e6f963974dad23a9013284ef1
-
-Decrypt=RSA-OAEP-3
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=0162042ff6969592a6167031811a239834ce638abf54fec8b99478122afe2ee67f8c5b18b0339805bfdbc5a4e6720b37c59cfba942464c597ff532a119821545fd2e59b114e61daf71820529f5029cf524954327c34ec5e6f5ba7efcc4de943ab8ad4ed787b1454329f70db798a3a8f4d92f8274e2b2948ade627ce8ee33e43c60
-Output=df5151832b61f4f25891fb4172f328d2eddf8371ffcfdbe997939295f30eca6918017cfda1153bf7a6af87593223
-
-Decrypt=RSA-OAEP-3
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=00112051e75d064943bc4478075e43482fd59cee0679de6893eec3a943daa490b9691c93dfc0464b6623b9f3dbd3e70083264f034b374f74164e1a00763725e574744ba0b9db83434f31df96f6e2a26f6d8eba348bd4686c2238ac07c37aac3785d1c7eea2f819fd91491798ed8e9cef5e43b781b0e0276e37c43ff9492d005730
-Output=3c3bad893c544a6d520ab022319188c8d504b7a788b850903b85972eaa18552e1134a7ad6098826254ff7ab672b3d8eb3158fac6d4cbaef1
-
-PrivateKey=RSA-OAEP-4
------BEGIN PRIVATE KEY-----
-MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBBRJAtswABPpI0BNG
-ccB4x8jew7Pi8lvCVkRnM52ziFPQa4XupbLeNTv/QqwuRryX+uaslhjalTelyPVT
-weNXYlmR1hCNzXiF+zolQT9T78rZSMs1zZua6cHGdibRE9V93kxb6na7W7felsAN
-BzculoWm11z50jn6FI1wkxtfP7A5AgMBAAECgYAEEf/KO3yl6em+f+OKhRBeNTiW
-2wXFeWrs0qclFh6zZRyGKam4YrkE17DHs3+MtaHCtUABAYoAoessr+TuTpSSw0i8
-K+2rS5678GTo7/MiuQCfjuxlOQX0DfiKPNxJ1FZ/dWJ9QaymJBKbRqC3xpjl5l8r
-e6ECx0mhATW2VA0EAQJBAnRYwZ7BY2kZ5zbJryXWCaUbj1YdGca/aUPdHuGriko/
-IyEAvUC4jezGuiNVSLbveSoRyd6CPQp5IscJW266VwECQQIQ7pszq2FxbifSUb1G
-X0s1oaIy4toAkBwpS/IjUM5JDQmfZCtTdWEttjuh8gOGSSvwTTSzwivOuQnRNEG1
-O1E5AkA5+gKLgm6IwRIbdQqLJC+po1xbZr39H6Y308xIqEpPRXoZTncn5J97zG5a
-WkEmV/xHDHMi68N0Fu9FjDB6jAkBAkEBXZmoQZWUOXn6nhviw8G2n0MvRv0D5H1b
-77u/1rHRNx2D77Mwo+AglCsv7RFeXQK+JP2SyQGdHOzW3Uzx5UzImQJBAfC3AVFw
-s/XkIiO6MDAcQabYfLtw4wy308Z9JUc9sfbL8D4/kSbj6XloJ5qGWywrQmUkz8Uq
-aD0x7TDrmEvkEro=
------END PRIVATE KEY-----
-
-Decrypt=RSA-OAEP-4
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=04cce19614845e094152a3fe18e54e3330c44e5efbc64ae16886cb1869014cc5781b1f8f9e045384d0112a135ca0d12e9c88a8e4063416deaae3844f60d6e96fe155145f4525b9a34431ca3766180f70e15a5e5d8e8b1a516ff870609f13f896935ced188279a58ed13d07114277d75c6568607e0ab092fd803a223e4a8ee0b1a8
-Output=4a86609534ee434a6cbca3f7e962e76d455e3264c19f605f6e5ff6137c65c56d7fb344cd52bc93374f3d166c9f0c6f9c506bad19330972d2
-
-Decrypt=RSA-OAEP-4
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=0097b698c6165645b303486fbf5a2a4479c0ee85889b541a6f0b858d6b6597b13b854eb4f839af03399a80d79bda6578c841f90d645715b280d37143992dd186c80b949b775cae97370e4ec97443136c6da484e970ffdb1323a20847821d3b18381de13bb49aaea66530c4a4b8271f3eae172cd366e07e6636f1019d2a28aed15e
-Output=b0adc4f3fe11da59ce992773d9059943c03046497ee9d9f9a06df1166db46d98f58d27ec074c02eee6cbe2449c8b9fc5080c5c3f4433092512ec46aa793743c8
-
-Decrypt=RSA-OAEP-4
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=0301f935e9c47abcb48acbbe09895d9f5971af14839da4ff95417ee453d1fd77319072bb7297e1b55d7561cd9d1bb24c1a9a37c619864308242804879d86ebd001dce5183975e1506989b70e5a83434154d5cbfd6a24787e60eb0c658d2ac193302d1192c6e622d4a12ad4b53923bca246df31c6395e37702c6a78ae081fb9d065
-Output=bf6d42e701707b1d0206b0c8b45a1c72641ff12889219a82bdea965b5e79a96b0d0163ed9d578ec9ada20f2fbcf1ea3c4089d83419ba81b0c60f3606da99
-
-Decrypt=RSA-OAEP-4
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=02d110ad30afb727beb691dd0cf17d0af1a1e7fa0cc040ec1a4ba26a42c59d0a796a2e22c8f357ccc98b6519aceb682e945e62cb734614a529407cd452bee3e44fece8423cc19e55548b8b994b849c7ecde4933e76037e1d0ce44275b08710c68e430130b929730ed77e09b015642c5593f04e4ffb9410798102a8e96ffdfe11e4
-Output=fb2ef112f5e766eb94019297934794f7be2f6fc1c58e
-
-Decrypt=RSA-OAEP-4
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=00dbb8a7439d90efd919a377c54fae8fe11ec58c3b858362e23ad1b8a44310799066b99347aa525691d2adc58d9b06e34f288c170390c5f0e11c0aa3645959f18ee79e8f2be8d7ac5c23d061f18dd74b8c5f2a58fcb5eb0c54f99f01a83247568292536583340948d7a8c97c4acd1e98d1e29dc320e97a260532a8aa7a758a1ec2
-Output=28ccd447bb9e85166dabb9e5b7d1adadc4b9d39f204e96d5e440ce9ad928bc1c2284
-
-Decrypt=RSA-OAEP-4
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=00a5ffa4768c8bbecaee2db77e8f2eec99595933545520835e5ba7db9493d3e17cddefe6a5f567624471908db4e2d83a0fbee60608fc84049503b2234a07dc83b27b22847ad8920ff42f674ef79b76280b00233d2b51b8cb2703a9d42bfbc8250c96ec32c051e57f1b4ba528db89c37e4c54e27e6e64ac69635ae887d9541619a9
-Output=f22242751ec6b1
-
-PrivateKey=RSA-OAEP-5
------BEGIN PRIVATE KEY-----
-MIICeQIBADANBgkqhkiG9w0BAQEFAASCAmMwggJfAgEAAoGBCq3z+cEl5diR8xrE
-SOmT3v5YD4ArRfnX8iulAh6cR1drWh5oAxup205tq+TZah1vPSZyaM/0CABfEY78
-rbmYiNHCNEZxZrKiuEmgWoicBgrA2gxfrotV8wm6YucDdC+gMm8tELARAhSJ/0l3
-cBkNiV/Tn1IpPDnv1zppi9q58Q7ZAgMBAAECgYECVutMunBn8tK+VA3N/0WCo2t9
-MdHJCZuyFLeYSEZqJo+A9YpJrATA42SJNKAgbARTfBmyNmQ6YIJzIUTfdfohdYj3
-lGgr6JFoJ23HJsXAy9uE0xu/JtCkOvSVcX99UorP7jQVYfb/PK4FxXj4Rw2WgvnA
-0HL59gaLVtWID2gr4sUCQQOw05YvbRdUnL/KESlDSNzw5+OfjCvGgk8hZLYG1oeG
-Da4eYyOTz+31EyKCKQaeL2DkrNfmM6Q2Bj+COF9ImTcHAkEC5MMuL1FyabcHIwnw
-DA4xNl984osja4KRLfI5q/OVcs8O1gSwKYLlNWTFLWoFOX3lwFKi/dwUHvcYmDY0
-auszHwJBAehLEZ0lFh+mewAlalvZtkXSsjLssFsBUYACmohiKtw/CbOurN5hYat8
-3iLCrSbneX31TgcsvTsmc4ALPkM429UCQQDrkKoaQBNbTOoHGXztyIGb4efL/yVH
-ZiEW9GWkqfSHqxLzuk/vE4IiZaZSl9mLe97ZNy4//oGjiz6WAP7QVXVPAkEBL3+B
-OPlAQGLrhaQpJFILOPW7iGoBlvSLuNzqYP2SzAJ/GOeBWKNKXF1fhgoPbAQHGn0B
-MSwGUGLx60i3nRyDyw==
------END PRIVATE KEY-----
-
-Decrypt=RSA-OAEP-5
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=036046a4a47d9ed3ba9a89139c105038eb7492b05a5d68bfd53accff4597f7a68651b47b4a4627d927e485eed7b4566420e8b409879e5d606eae251d22a5df799f7920bfc117b992572a53b1263146bcea03385cc5e853c9a101c8c3e1bda31a519807496c6cb5e5efb408823a352b8fa0661fb664efadd593deb99fff5ed000e5
-Output=af71a901e3a61d3132f0fc1fdb474f9ea6579257ffc24d164170145b3dbde8
-
-Decrypt=RSA-OAEP-5
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=03d6eb654edce615bc59f455265ed4e5a18223cbb9be4e4069b473804d5de96f54dcaaa603d049c5d94aa1470dfcd2254066b7c7b61ff1f6f6770e3215c51399fd4e34ec5082bc48f089840ad04354ae66dc0f1bd18e461a33cc1258b443a2837a6df26759aa2302334986f87380c9cc9d53be9f99605d2c9a97da7b0915a4a7ad
-Output=a3b844a08239a8ac41605af17a6cfda4d350136585903a417a79268760519a4b4ac3303ec73f0f87cfb32399
-
-Decrypt=RSA-OAEP-5
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=0770952181649f9f9f07ff626ff3a22c35c462443d905d456a9fd0bff43cac2ca7a9f554e9478b9acc3ac838b02040ffd3e1847de2e4253929f9dd9ee4044325a9b05cabb808b2ee840d34e15d105a3f1f7b27695a1a07a2d73fe08ecaaa3c9c9d4d5a89ff890d54727d7ae40c0ec1a8dd86165d8ee2c6368141016a48b55b6967
-Output=308b0ecbd2c76cb77fc6f70c5edd233fd2f20929d629f026953bb62a8f4a3a314bde195de85b5f816da2aab074d26cb6acddf323ae3b9c678ac3cf12fbdde7
-
-Decrypt=RSA-OAEP-5
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=0812b76768ebcb642d040258e5f4441a018521bd96687e6c5e899fcd6c17588ff59a82cc8ae03a4b45b31299af1788c329f7dcd285f8cf4ced82606b97612671a45bedca133442144d1617d114f802857f0f9d739751c57a3f9ee400912c61e2e6992be031a43dd48fa6ba14eef7c422b5edc4e7afa04fdd38f402d1c8bb719abf
-Output=15c5b9ee1185
-
-Decrypt=RSA-OAEP-5
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=07b60e14ec954bfd29e60d0047e789f51d57186c63589903306793ced3f68241c743529aba6a6374f92e19e0163efa33697e196f7661dfaaa47aac6bde5e51deb507c72c589a2ca1693d96b1460381249b2cdb9eac44769f2489c5d3d2f99f0ee3c7ee5bf64a5ac79c42bd433f149be8cb59548361640595513c97af7bc2509723
-Output=21026e6800c7fa728fcaaba0d196ae28d7a2ac4ffd8abce794f0985f60c8a6737277365d3fea11db8923a2029a
-
-Decrypt=RSA-OAEP-5
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=08c36d4dda33423b2ed6830d85f6411ba1dcf470a1fae0ebefee7c089f256cef74cb96ea69c38f60f39abee44129bcb4c92de7f797623b20074e3d9c2899701ed9071e1efa0bdd84d4c3e5130302d8f0240baba4b84a71cc032f2235a5ff0fae277c3e8f9112bef44c9ae20d175fc9a4058bfc930ba31b02e2e4f444483710f24a
-Output=541e37b68b6c8872b84c02
-
-PrivateKey=RSA-OAEP-6
------BEGIN PRIVATE KEY-----
-MIICeQIBADANBgkqhkiG9w0BAQEFAASCAmMwggJfAgEAAoGBErF/ba0uzRn/RtwT
-94YPCeDgz7Z3s4pSWSMFzq8CLBZtuQ0ErCnjP33RLZ+vZuCBa7Y+rSZ8x9RsF8N7
-4hS8oqItcjpk5EQHQ2tvyWVymu/CVU83bNXc6mgpN4CmK/OdAClIWhYLu55dwJct
-IaUE9S5e4CiqQWMy9RCy6c/19yKvAgMBAAECgYECleyjVgYYNpVZzs0wOqnP2vwd
-nwaVnfdf/vkpqolpYbzRkNxpl+2n9ZY+ck0HtNwR8wZeWul9loNREigLkIS7FPKi
-Hr1OiJ1BucQTLsGVb8q4uy/tBXWISTZSLF/30zJhkEgk58re5OC7Ny0kV8944r0S
-hiKP+D8QcxzmPJDP8/kCQQSmzotzWN+mm9z3QmFwBa+1OF9fOliiTvdKIqjAXLfM
-OOvUzJ2anXiaYs0PYPDLlB00I8lpLvpP463/KQxHSaOLAkEEBMmoAzcf7bTFvjnz
-wAsAnl4Ipjvh5AA1zaylARzHAc9+68uZ8P/hfP0KS/e+/S3VNqyUbbeX/bxKvo8p
-NJuR7QJBA5Ycj3YKor1RVMeq/XciWzus0BOa57WUjqMxH8zYb7lcda+nZyhLmy3l
-WVcvFdjQRMfrg6G+X63yzDd8DYR1KUsCQQIhl+BmdCGWqrwD+i/utOcLFct4fWF6
-zTG7dce8I0rXBvfEjSGC0fD/nCKNz0GWe2wLptLArREKG4V4MewkXiyxAkEEAcTA
-xT1F29tenZbQ/s9Cdd8JdLxKBza0p0wyaQU++2hqziQG4iyeBY3bSuVAYnri/bCC
-Yejn5Ly8mU2q+jBcRQ==
------END PRIVATE KEY-----
-
-Decrypt=RSA-OAEP-6
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=0630eebcd2856c24f798806e41f9e67345eda9ceda386acc9facaea1eeed06ace583709718d9d169fadf414d5c76f92996833ef305b75b1e4b95f662a20faedc3bae0c4827a8bf8a88edbd57ec203a27a841f02e43a615bab1a8cac0701de34debdef62a088089b55ec36ea7522fd3ec8d06b6a073e6df833153bc0aefd93bd1a3
-Output=4046ca8baa3347ca27f49e0d81f9cc1d71be9ba517d4
-
-Decrypt=RSA-OAEP-6
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=0ebc37376173a4fd2f89cc55c2ca62b26b11d51c3c7ce49e8845f74e7607317c436bc8d23b9667dfeb9d087234b47bc6837175ae5c0559f6b81d7d22416d3e50f4ac533d8f0812f2db9e791fe9c775ac8b6ad0f535ad9ceb23a4a02014c58ab3f8d3161499a260f39348e714ae2a1d3443208fd8b722ccfdfb393e98011f99e63f
-Output=5cc72c60231df03b3d40f9b57931bc31109f972527f28b19e7480c7288cb3c92b22512214e4be6c914792ddabdf57faa8aa7
-
-Decrypt=RSA-OAEP-6
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=0a98bf1093619394436cf68d8f38e2f158fde8ea54f3435f239b8d06b8321844202476aeed96009492480ce3a8d705498c4c8c68f01501dc81db608f60087350c8c3b0bd2e9ef6a81458b7c801b89f2e4fe99d4900ba6a4b5e5a96d865dc676c7755928794130d6280a8160a190f2df3ea7cf9aa0271d88e9e6905ecf1c5152d65
-Output=b20e651303092f4bccb43070c0f86d23049362ed96642fc5632c27db4a52e3d831f2ab068b23b149879c002f6bf3feee97591112562c
-
-Decrypt=RSA-OAEP-6
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=008e7a67cacfb5c4e24bec7dee149117f19598ce8c45808fef88c608ff9cd6e695263b9a3c0ad4b8ba4c95238e96a8422b8535629c8d5382374479ad13fa39974b242f9a759eeaf9c83ad5a8ca18940a0162ba755876df263f4bd50c6525c56090267c1f0e09ce0899a0cf359e88120abd9bf893445b3cae77d3607359ae9a52f8
-Output=684e3038c5c041f7
-
-Decrypt=RSA-OAEP-6
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=00003474416c7b68bdf961c385737944d7f1f40cb395343c693cc0b4fe63b31fedf1eaeeac9ccc0678b31dc32e0977489514c4f09085f6298a9653f01aea4045ff582ee887be26ae575b73eef7f3774921e375a3d19adda0ca31aa1849887c1f42cac9677f7a2f4e923f6e5a868b38c084ef187594dc9f7f048fea2e02955384ab
-Output=32488cb262d041d6e4dd35f987bf3ca696db1f06ac29a44693
-
-Decrypt=RSA-OAEP-6
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=0a026dda5fc8785f7bd9bf75327b63e85e2c0fdee5dadb65ebdcac9ae1de95c92c672ab433aa7a8e69ce6a6d8897fac4ac4a54de841ae5e5bbce7687879d79634cea7a30684065c714d52409b928256bbf53eabcd5231eb7259504537399bd29164b726d33a46da701360a4168a091ccab72d44a62fed246c0ffea5b1348ab5470
-Output=50ba14be8462720279c306ba
-
-PrivateKey=RSA-OAEP-7
------BEGIN PRIVATE KEY-----
-MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBMRF58Lz8m508oxXQ
-DvMNe906LPrpkRv+3LlIs6R4LQcytqtEqkvwN0GmRNwBvsPmmwGgM+Z12KzXxJJc
-axrsMRkFHf2Jdi0hXUVHX/y1n5CBSGI/NxdxVvauht16fF9D3B4fkIJUBYooSl8G
-wAIXk6h/GsX+/33K7mnF5Ro3ieNzAgMBAAECgYEHDPz/L+uCduJ0MsRd/uSPSbeR
-fWUw4fDKNGDzLgJ2F0SHxW4ipF0lANd3VJUhnX0WWpzzvZLDKvmpjY3JzCloAK3J
-SgpU+0DzQpG/hO6OoStvEJNZxtNUKlD5x2f1z/8FpoHC5lb7d8qq20vpRo2KvNTf
-mPWOhtIFP6E0n3SOIbECQQdJJiwRHNRw7CVm5rNzL8CTKUaaoZBx07nAGQZRTG8d
-JrqhS+qwlxyLfmEaT3kAnW/qd2koyiUoWw3jZD0aP4xxAkEGvB5Q6WwCv2NunuqL
-iZu+v3ZR3nfdR0w+m8I7rYGCthkEx9l9++v7HgAQiHi25n5BU5HWeULCsr+bRDX4
-iwywIwJBA7x+p/CqsUOrxs6LlxGGNqMBcuTP4CyPoN2jt7qvkPgJKYKYVSX0iL38
-tL1ybiJjmsZKMJKrf/y/HVM0z6ULW/ECQQJipqopwqPGfcU0bAY4Gv2YeqPMk8+/
-7PVP3Z+deH1/WaUj05iXnaE3ovY4H+lIAffJTaIVGNw0y0CHDEaXmUrZAkBknUwX
-tu4XIedy0DiaVZw9PN+VUNRXxGsDe3RkGx1SFmr4ohPIOWIGzfukQi8Y1vYdvLXS
-FMlxv0gq65dqc3DC
------END PRIVATE KEY-----
-
-Decrypt=RSA-OAEP-7
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=1688e4ce7794bba6cb7014169ecd559cede2a30b56a52b68d9fe18cf1973ef97b2a03153951c755f6294aa49adbdb55845ab6875fb3986c93ecf927962840d282f9e54ce8b690f7c0cb8bbd73440d9571d1b16cd9260f9eab4783cc482e5223dc60973871783ec27b0ae0fd47732cbc286a173fc92b00fb4ba6824647cd93c85c1
-Output=47aae909
-
-Decrypt=RSA-OAEP-7
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=1052ed397b2e01e1d0ee1c50bf24363f95e504f4a03434a08fd822574ed6b9736edbb5f390db10321479a8a139350e2bd4977c3778ef331f3e78ae118b268451f20a2f01d471f5d53c566937171b2dbc2d4bde459a5799f0372d6574239b2323d245d0bb81c286b63c89a361017337e4902f88a467f4c7f244bfd5ab46437ff3b6
-Output=1d9b2e2223d9bc13bfb9f162ce735db48ba7c68f6822a0a1a7b6ae165834e7
-
-Decrypt=RSA-OAEP-7
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=2155cd843ff24a4ee8badb7694260028a490813ba8b369a4cbf106ec148e5298707f5965be7d101c1049ea8584c24cd63455ad9c104d686282d3fb803a4c11c1c2e9b91c7178801d1b6640f003f5728df007b8a4ccc92bce05e41a27278d7c85018c52414313a5077789001d4f01910b72aad05d220aa14a58733a7489bc54556b
-Output=d976fc
-
-Decrypt=RSA-OAEP-7
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=0ab14c373aeb7d4328d0aaad8c094d88b9eb098b95f21054a29082522be7c27a312878b637917e3d819e6c3c568db5d843802b06d51d9e98a2be0bf40c031423b00edfbff8320efb9171bd2044653a4cb9c5122f6c65e83cda2ec3c126027a9c1a56ba874d0fea23f380b82cf240b8cf540004758c4c77d934157a74f3fc12bfac
-Output=d4738623df223aa43843df8467534c41d013e0c803c624e263666b239bde40a5f29aeb8de79e3daa61dd0370f49bd4b013834b98212aef6b1c5ee373b3cb
-
-Decrypt=RSA-OAEP-7
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=028387a318277434798b4d97f460068df5298faba5041ba11761a1cb7316b24184114ec500257e2589ed3b607a1ebbe97a6cc2e02bf1b681f42312a33b7a77d8e7855c4a6de03e3c04643f786b91a264a0d6805e2cea91e68177eb7a64d9255e4f27e713b7ccec00dc200ebd21c2ea2bb890feae4942df941dc3f97890ed347478
-Output=bb47231ca5ea1d3ad46c99345d9a8a61
-
-Decrypt=RSA-OAEP-7
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=14c678a94ad60525ef39e959b2f3ba5c097a94ff912b67dbace80535c187abd47d075420b1872152bba08f7fc31f313bbf9273c912fc4c0149a9b0cfb79807e346eb332069611bec0ff9bcd168f1f7c33e77313cea454b94e2549eecf002e2acf7f6f2d2845d4fe0aab2e5a92ddf68c480ae11247935d1f62574842216ae674115
-Output=2184827095d35c3f86f600e8e59754013296
-
-PrivateKey=RSA-OAEP-8
------BEGIN PRIVATE KEY-----
-MIICeQIBADANBgkqhkiG9w0BAQEFAASCAmMwggJfAgEAAoGBW98OMNMh3aUUf4gk
-CPppGVSA34+A0/bov1gYUE82QnypsfVUC5xlqPaXTPhEeiRNkoAgG7Sfy75jeNGU
-TNIn4jD5bj0Q+Bnc7ydsZKALKktnAefQHeX6veOx6aDfgvRjE1nNImaWR/uxcXJG
-E07XtJfP/73EK1nHOpbtkBZiEt/3AgMBAAECgYEPfR6eWqol/RPkoGY64UTg0V9c
-0YvNsJ3yzH5k48XpFa1iZFMEFh0JjHFbt6uL0B0H6vP+18ftCK8qimLvRKsWsyDh
-SvcqSPlq/iYqCuTPZeY16RB5DNTuXOp2iksmOffm9nez8Ltr4yt1dH2JCQNvAmT1
-jUAc26ExcWFXp17PYzECQQoC74RI2frYu9DQBMjCqpdR75chwbDQMjalSw35R8uu
-1aJV7p6OINSR6hcj/glHBKl2Loiv0W67WZRBLKlm3E+fAkEJLTYuftOgv9np/Q5s
-AwG23ykVnPUMyDubDPTW7qcaYeACtG4K6fLeYtJbXXRS1Ji4HJrG/FhZPUw/tPXX
-LfuwqQJBB8cUEK8QOWLbNnQE43roULqk6cKd2SFFgVKUpnx9HG3tJjqgMKm2M65Q
-MD4UA10a8BQSPrpoeCAwjY68hbaVfX0CQQCuLHU4DALAFq0FiRszAd6IHyiuEXEY
-K2ssg76nxRXsqcopjHscq1gXpZcGj8hQYN5NqKAWN4quQ8f5Z7zDeQS5AkEFmNEF
-njraT2MgdSwJ2AX/fR8a4NAXru7pzvoNfdf/d15EtXgyL2QF1iEdoZUZZmqof9xM
-2MiPa249Z+lh3Luj0A==
------END PRIVATE KEY-----
-
-Decrypt=RSA-OAEP-8
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=09b3683d8a2eb0fb295b62ed1fb9290b714457b7825319f4647872af889b30409472020ad12912bf19b11d4819f49614824ffd84d09c0a17e7d17309d12919790410aa2995699f6a86dbe3242b5acc23af45691080d6b1ae810fb3e3057087f0970092ce00be9562ff4053b6262ce0caa93e13723d2e3a5ba075d45f0d61b54b61
-Output=050b755e5e6880f7b9e9d692a74c37aae449b31bfea6deff83747a897f6c2c825bb1adbf850a3c96994b5de5b33cbc7d4a17913a7967
-
-Decrypt=RSA-OAEP-8
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=2ecf15c97c5a15b1476ae986b371b57a24284f4a162a8d0c8182e7905e792256f1812ba5f83f1f7a130e42dcc02232844edc14a31a68ee97ae564a383a3411656424c5f62ddb646093c367be1fcda426cf00a06d8acb7e57776fbbd855ac3df506fc16b1d7c3f2110f3d8068e91e186363831c8409680d8da9ecd8cf1fa20ee39d
-Output=4eb68dcd93ca9b19df111bd43608f557026fe4aa1d5cfac227a3eb5ab9548c18a06dded23f81825986b2fcd71109ecef7eff88873f075c2aa0c469f69c92bc
-
-Decrypt=RSA-OAEP-8
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=4bc89130a5b2dabb7c2fcf90eb5d0eaf9e681b7146a38f3173a3d9cfec52ea9e0a41932e648a9d69344c50da763f51a03c95762131e8052254dcd2248cba40fd31667786ce05a2b7b531ac9dac9ed584a59b677c1a8aed8c5d15d68c05569e2be780bf7db638fd2bfd2a85ab276860f3777338fca989ffd743d13ee08e0ca9893f
-Output=8604ac56328c1ab5ad917861
-
-Decrypt=RSA-OAEP-8
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=2e456847d8fc36ff0147d6993594b9397227d577752c79d0f904fcb039d4d812fea605a7b574dd82ca786f93752348438ee9f5b5454985d5f0e1699e3e7ad175a32e15f03deb042ab9fe1dd9db1bb86f8c089ccb45e7ef0c5ee7ca9b7290ca6b15bed47039788a8a93ff83e0e8d6244c71006362deef69b6f416fb3c684383fbd0
-Output=fdda5fbf6ec361a9d9a4ac68af216a0686f438b1e0e5c36b955f74e107f39c0dddcc
-
-Decrypt=RSA-OAEP-8
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=1fb9356fd5c4b1796db2ebf7d0d393cc810adf6145defc2fce714f79d93800d5e2ac211ea8bbecca4b654b94c3b18b30dd576ce34dc95436ef57a09415645923359a5d7b4171ef22c24670f1b229d3603e91f76671b7df97e7317c97734476d5f3d17d21cf82b5ba9f83df2e588d36984fd1b584468bd23b2e875f32f68953f7b2
-Output=4a5f4914bee25de3c69341de07
-
-Decrypt=RSA-OAEP-8
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=3afd9c6600147b21798d818c655a0f4c9212db26d0b0dfdc2a7594ccb3d22f5bf1d7c3e112cd73fc7d509c7a8bafdd3c274d1399009f9609ec4be6477e453f075aa33db382870c1c3409aef392d7386ae3a696b99a94b4da0589447e955d16c98b17602a59bd736279fcd8fb280c4462d590bfa9bf13fed570eafde97330a2c210
-Output=8e07d66f7b880a72563abcd3f35092bc33409fb7f88f2472be
-
-PrivateKey=RSA-OAEP-9
------BEGIN PRIVATE KEY-----
-MIIDlwIBADANBgkqhkiG9w0BAQEFAASCA4EwggN9AgEAAoHBAM8s1B40yjpyjqXL
-iv9kw20nve9TZOM2/WjTEjxaGWqMKHAT6FPVFW1Y0VGVRSD7T217F6u2gXdlkJxX
-YRllnZArGQbtiisQwVXCTRJFKNq57q43m+rGbkpBF4bcuP0AYuvAMN4SGaBMKowb
-fdMTHk1rbK7i4xpe1BrBUJsu8e4qsYNkvlaMqUHCXsyE/51kO17Bqq4QKiDXP0eb
-eA/W2pEHUhLZ6sA6BnTYmeui5DH0xEthW2uiIyvUszuu1z1iXQIDAQABAoHAGYwU
-HiNxWpK8z2oRmlvBE4lGjSgR9UjXJ+F7SrDrmG1vIR77U7cffMvqh+5px17mFQCM
-UzLetSvzkKvfv+N9cgU2gVmyY4wd4ybiHSIlHw+1hIs78VAF0qdDMPCv6RbuYszB
-NE0dg6cJ5gZ2JzhA9/N3QkpeCk2nXwGzH/doGc+cv90hUkPDkXwD7zgZkxLlZ7O/
-eu06tFfzce+KFCP0W2jG4oLsERu6KDO5h/1p+tg7wbjGE8Xh6hbBHtEl6n7BAmEA
-/I1sBL7E65qBksp5AMvlNuLotRnezzOyRZeYxpCd9PF2230jGQ/HK4hlpxiviV8b
-zZFFKYAnQjtgXnCkfPWDkKjD6I/IxI6LMuPaIQ374+iB6lZ0tqNIwh6T+eVepl79
-AmEA0gDUXniKrOpgakAdBGD4fdXBAn4S3BoNdYbok52c94m0D1GsBEKWHefSHMIe
-BcgxVcHyqpGTOHz9+VbLSNFTuicEBvm7ulN9SYfZ4vmULXoUy//+p0/s3ako0j4l
-n17hAmEA2xaAL3mi8NRfNY1p/TPkS4H66ChiLpOlQlPpl9AbB0N1naDoErSqTmyL
-6rIyjVQxlVpBimf/JqjFyAel2jVOBe8xzIz3WPRjcylQsD4mVyb7lOOdalcqJiRK
-sI23V1KtAmEAoKMXz+ffFCP4em3uhFH04rSmflSX8ptPHk6DC5+t2UARZwJvVZbl
-o5yXgX4PXxbifhnsmQLgHX6m+5qjx2Cv7h44G2neasnAdYWgatnEugC/dcitL6iY
-pHnoCuKU/tKhAmALIfM1w1M0LrRMOqJERXgMLWVblAF0yuOMfIpOZJPAup/TA3SC
-Z7CDuaemy2HkLbNiuMmJbbcGTgKtWuYVh9oVtGSckFlJCf6zfby2VL63Jo7IAeWo
-tKo5Eb69iFQvBb4=
------END PRIVATE KEY-----
-
-Decrypt=RSA-OAEP-9
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=267bcd118acab1fc8ba81c85d73003cb8610fa55c1d97da8d48a7c7f06896a4db751aa284255b9d36ad65f37653d829f1b37f97b8001942545b2fc2c55a7376ca7a1be4b1760c8e05a33e5aa2526b8d98e317088e7834c755b2a59b12631a182c05d5d43ab1779264f8456f515ce57dfdf512d5493dab7b7338dc4b7d78db9c091ac3baf537a69fc7f549d979f0eff9a94fda4169bd4d1d19a69c99e33c3b55490d501b39b1edae118ff6793a153261584d3a5f39f6e682e3d17c8cd1261fa72
-Output=f735fd55ba92592c3b52b8f9c4f69aaa1cbef8fe88add095595412467f9cf4ec0b896c59eda16210e7549c8abb10cdbc21a12ec9b6b5b8fd2f10399eb6
-
-Decrypt=RSA-OAEP-9
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=93ac9f0671ec29acbb444effc1a5741351d60fdb0e393fbf754acf0de49761a14841df7772e9bc82773966a1584c4d72baea00118f83f35cca6e537cbd4d811f5583b29783d8a6d94cd31be70d6f526c10ff09c6fa7ce069795a3fcd0511fd5fcb564bcc80ea9c78f38b80012539d8a4ddf6fe81e9cddb7f50dbbbbcc7e5d86097ccf4ec49189fb8bf318be6d5a0715d516b49af191258cd32dc833ce6eb4673c03a19bbace88cc54895f636cc0c1ec89096d11ce235a265ca1764232a689ae8
-Output=81b906605015a63aabe42ddf11e1978912f5404c7474b26dce3ed482bf961ecc818bf420c54659
-
-Decrypt=RSA-OAEP-9
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=81ebdd95054b0c822ef9ad7693f5a87adfb4b4c4ce70df2df84ed49c04da58ba5fc20a19e1a6e8b7a3900b22796dc4e869ee6b42792d15a8eceb56c09c69914e813cea8f6931e4b8ed6f421af298d595c97f4789c7caa612c7ef360984c21b93edc5401068b5af4c78a8771b984d53b8ea8adf2f6a7d4a0ba76c75e1dd9f658f20ded4a46071d46d7791b56803d8fea7f0b0f8e41ae3f09383a6f9585fe7753eaaffd2bf94563108beecc207bbb535f5fcc705f0dde9f708c62f49a9c90371d3
-Output=fd326429df9b890e09b54b18b8f34f1e24
-
-Decrypt=RSA-OAEP-9
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=bcc35f94cde66cb1136625d625b94432a35b22f3d2fa11a613ff0fca5bd57f87b902ccdc1cd0aebcb0715ee869d1d1fe395f6793003f5eca465059c88660d446ff5f0818552022557e38c08a67ead991262254f10682975ec56397768537f4977af6d5f6aaceb7fb25dec5937230231fd8978af49119a29f29e424ab8272b47562792d5c94f774b8829d0b0d9f1a8c9eddf37574d5fa248eefa9c5271fc5ec2579c81bdd61b410fa61fe36e424221c113addb275664c801d34ca8c6351e4a858
-Output=f1459b5f0c92f01a0f723a2e5662484d8f8c0a20fc29dad6acd43bb5f3effdf4e1b63e07fdfe6628d0d74ca19bf2d69e4a0abf86d293925a796772f8088e
-
-Decrypt=RSA-OAEP-9
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=232afbc927fa08c2f6a27b87d4a5cb09c07dc26fae73d73a90558839f4fd66d281b87ec734bce237ba166698ed829106a7de6942cd6cdce78fed8d2e4d81428e66490d036264cef92af941d3e35055fe3981e14d29cbb9a4f67473063baec79a1179f5a17c9c1832f2838fd7d5e59bb9659d56dce8a019edef1bb3accc697cc6cc7a778f60a064c7f6f5d529c6210262e003de583e81e3167b89971fb8c0e15d44fffef89b53d8d64dd797d159b56d2b08ea5307ea12c241bd58d4ee278a1f2e
-Output=53e6e8c729d6f9c319dd317e74b0db8e4ccca25f3c8305746e137ac63a63ef3739e7b595abb96e8d55e54f7bd41ab433378ffb911d
-
-Decrypt=RSA-OAEP-9
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=438cc7dc08a68da249e42505f8573ba60e2c2773d5b290f4cf9dff718e842081c383e67024a0f29594ea987b9d25e4b738f285970d195abb3a8c8054e3d79d6b9c9a8327ba596f1259e27126674766907d8d582ff3a8476154929adb1e6d1235b2ccb4ec8f663ba9cc670a92bebd853c8dbf69c6436d016f61add836e94732450434207f9fd4c43dec2a12a958efa01efe2669899b5e604c255c55fb7166de5589e369597bb09168c06dd5db177e06a1740eb2d5c82faeca6d92fcee9931ba9f
-Output=b6b28ea2198d0c1008bc64
-
-PrivateKey=RSA-OAEP-10
------BEGIN PRIVATE KEY-----
-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCuRe1WAc7GuMwF
-+AOTXGdN2+DXXEwJ/XlR/GsMrsMTqN85lwxRi/+6XtaPPw1/IqQCnUE/GuB+Tr6e
-QXfOI+f1QEtWnk7hvc88H7A+8ROALU+FXrm1E0tafICFrcrm+i+hQX7DdjvhcbDG
-K3YO3iPBKtkrmAiExkH1qPrCa9rUoDOBoi/ht1SIUJTIJQbUAZpTWihq/rJxu5ul
-kt4Y3PYAwq7q5W4C9895/BTPO9x82E/ru/lQypAwSyIZp6oGOu+iw8GYDlYM1kr+
-d5WFthB2V7lXhX795gEJiKt95Bf8iNjzhMTm5yw/lD4MMcDEpcw2+HnYo6ydfVmG
-Dqraa4O7AgMBAAECggEABWsEIW/l81SsdyUKS2sMhSWoXFmwvYDFZFCiLV9Djllq
-MzqodeKR3UP0jLiLnV/A1Jn5/NHDl/mvwHDNnjmMjRnmHbfHQQprJnXfv100W4BN
-IBrdUC1c4t/LCRzpmXu+vlcwbzg+TViBA/A29+hdGTTRUqMj5KjbRR1vSlsbDxAs
-wVDgL+7iuI3qStTBusyyTYQHLRTh0kpncfdAjuMFZPuG1Dk6NLzwt4hQHRkzA/E6
-IoSwAfD2Ser3kyjUrFxDCrRBSSCpRg7Rt7xA7GU+h20Jq8UJrkW1JRkBFqDCYQGE
-gphQnBw786SD5ydAVOFelwdQNumJ9gkygHtSV3UeeQKBgQDs9a7NHlUV//rL11oo
-Fsbr9JAYzftGOOGF1mpzlrb4CQ+AGMf9lcw0uFfcF/DMZRa7E0arTVgsra17QQM1
-I4e3AzjQhAR8nZU5tkliBLPdbqRCSZIHvsAflkKH/2M2w5hGWDNoRvVuRoYYgcEC
-M9IXa/FaXpbdx4C8hoqnfTznaQKBgQC8RsRk/GrEyng7DrCKPIQbdy9+my8our1Y
-iuiF4aDGHkhYoPslrCmZkPNb6FFkwlm6EXXN1xknBxNRhJkrbCm3Rt0NLKvhQoNf
-fRSMwWFSS0oJlG1IuChHPxzna2y2iGw0XAPgX0HVG1w6kKPyQHPH10pP4l2c8hx1
-lg8/w4YxgwKBgQDHNWRXHQD7FdCKPemVelCRXXEm6UQtrPQryC6GLlZz/2oAjtTS
-43RhffifF6FgtDt/2py2trdCGGCYFffUXKJjwVmqMtJy0Sf69LyMotdzeOiusZsK
-19o8s94K5zFJgPYrbUsKh10d8DwbrjnM2DPvbNfi2VKL8ITR+WnnlOn2wQKBgCZY
-s39t+cEDC+HbaBF/qdh+OeoraTt+bTovcJR0E+7GFC4Y+438tqxUXXyGoK1I+EVx
-cPDvsmvEgSbFPv0dFpIBmNwqEQfcKC22qAzTBiNguj+hP3DkMS/xps1rj8TNnFw9
-sXxtalchL3OuKfYZMnutWbFThYWFuk4otgpipF5JAoGAbzhSazklCFU07z5BWoNu
-3ouGFYosfL/sywvYNDBP7Gg7qNT0ecQz1DQW5jJpYjzqEAd22Fr/QB0//2EO5lQR
-zjsTY9Y6lwnu3kJkfOpWFJPVRXCoecGGgs2XcQuWIF7DERfXO182Ij+t1ui6kN18
-DuYdROFjJR4gx/ZuswURfLg=
------END PRIVATE KEY-----
-
-Decrypt=RSA-OAEP-10
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=53ea5dc08cd260fb3b858567287fa91552c30b2febfba213f0ae87702d068d19bab07fe574523dfb42139d68c3c5afeee0bfe4cb7969cbf382b804d6e61396144e2d0e60741f8993c3014b58b9b1957a8babcd23af854f4c356fb1662aa72bfcc7e586559dc4280d160c126785a723ebeebeff71f11594440aaef87d10793a8774a239d4a04c87fe1467b9daf85208ec6c7255794a96cc29142f9a8bd418e3c1fd67344b0cd0829df3b2bec60253196293c6b34d3f75d32f213dd45c6273d505adf4cced1057cb758fc26aeefa441255ed4e64c199ee075e7f16646182fdb464739b68ab5daff0e63e9552016824f054bf4d3c8c90a97bb6b6553284eb429fcc
-Output=8bba6bf82a6c0f86d5f1756e97956870b08953b06b4eb205bc1694ee
-
-Decrypt=RSA-OAEP-10
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=a2b1a430a9d657e2fa1c2bb5ed43ffb25c05a308fe9093c01031795f5874400110828ae58fb9b581ce9dddd3e549ae04a0985459bde6c626594e7b05dc4278b2a1465c1368408823c85e96dc66c3a30983c639664fc4569a37fe21e5a195b5776eed2df8d8d361af686e750229bbd663f161868a50615e0c337bec0ca35fec0bb19c36eb2e0bbcc0582fa1d93aacdb061063f59f2ce1ee43605e5d89eca183d2acdfe9f81011022ad3b43a3dd417dac94b4e11ea81b192966e966b182082e71964607b4f8002f36299844a11f2ae0faeac2eae70f8f4f98088acdcd0ac556e9fccc511521908fad26f04c64201450305778758b0538bf8b5bb144a828e629795
-Output=e6ad181f053b58a904f2457510373e57
-
-Decrypt=RSA-OAEP-10
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=9886c3e6764a8b9a84e84148ebd8c3b1aa8050381a78f668714c16d9cfd2a6edc56979c535d9dee3b44b85c18be8928992371711472216d95dda98d2ee8347c9b14dffdff84aa48d25ac06f7d7e65398ac967b1ce90925f67dce049b7f812db0742997a74d44fe81dbe0e7a3feaf2e5c40af888d550ddbbe3bc20657a29543f8fc2913b9bd1a61b2ab2256ec409bbd7dc0d17717ea25c43f42ed27df8738bf4afc6766ff7aff0859555ee283920f4c8a63c4a7340cbafddc339ecdb4b0515002f96c932b5b79167af699c0ad3fccfdf0f44e85a70262bf2e18fe34b850589975e867ff969d48eabf212271546cdc05a69ecb526e52870c836f307bd798780ede
-Output=510a2cf60e866fa2340553c94ea39fbc256311e83e94454b4124
-
-Decrypt=RSA-OAEP-10
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=6318e9fb5c0d05e5307e1683436e903293ac4642358aaa223d7163013aba87e2dfda8e60c6860e29a1e92686163ea0b9175f329ca3b131a1edd3a77759a8b97bad6a4f8f4396f28cf6f39ca58112e48160d6e203daa5856f3aca5ffed577af499408e3dfd233e3e604dbe34a9c4c9082de65527cac6331d29dc80e0508a0fa7122e7f329f6cca5cfa34d4d1da417805457e008bec549e478ff9e12a763c477d15bbb78f5b69bd57830fc2c4ed686d79bc72a95d85f88134c6b0afe56a8ccfbc855828bb339bd17909cf1d70de3335ae07039093e606d655365de6550b872cd6de1d440ee031b61945f629ad8a353b0d40939e96a3c450d2a8d5eee9f678093c8
-Output=bcdd190da3b7d300df9a06e22caae2a75f10c91ff667b7c16bde8b53064a2649a94045c9
-
-Decrypt=RSA-OAEP-10
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=75290872ccfd4a4505660d651f56da6daa09ca1301d890632f6a992f3d565cee464afded40ed3b5be9356714ea5aa7655f4a1366c2f17c728f6f2c5a5d1f8e28429bc4e6f8f2cff8da8dc0e0a9808e45fd09ea2fa40cb2b6ce6ffff5c0e159d11b68d90a85f7b84e103b09e682666480c657505c0929259468a314786d74eab131573cf234bf57db7d9e66cc6748192e002dc0deea930585f0831fdcd9bc33d51f79ed2ffc16bcf4d59812fcebcaa3f9069b0e445686d644c25ccf63b456ee5fa6ffe96f19cdf751fed9eaf35957754dbf4bfea5216aa1844dc507cb2d080e722eba150308c2b5ff1193620f1766ecf4481bafb943bd292877f2136ca494aba0
-Output=a7dd6c7dc24b46f9dd5f1e91ada4c3b3df947e877232a9
-
-Decrypt=RSA-OAEP-10
-Ctrl = rsa_padding_mode:oaep
-Ctrl = rsa_mgf1_md:sha1
-Input=2d207a73432a8fb4c03051b3f73b28a61764098dfa34c47a20995f8115aa6816679b557e82dbee584908c6e69782d7deb34dbd65af063d57fca76a5fd069492fd6068d9984d209350565a62e5c77f23038c12cb10c6634709b547c46f6b4a709bd85ca122d74465ef97762c29763e06dbc7a9e738c78bfca0102dc5e79d65b973f28240caab2e161a78b57d262457ed8195d53e3c7ae9da021883c6db7c24afdd2322eac972ad3c354c5fcef1e146c3a0290fb67adf007066e00428d2cec18ce58f9328698defef4b2eb5ec76918fde1c198cbb38b7afc67626a9aefec4322bfd90d2563481c9a221f78c8272c82d1b62ab914e1c69f6af6ef30ca5260db4a46
-Output=eaf1a73a1b0c4609537de69cd9228bbcfb9a8ca8c6c3efaf056fe4a7f4634ed00b7c39ec6922d7b8ea2c04ebac
-
-
-Title = ECDH tests (with random keys)
-
-# TEST CURVE secp112r1
+Derive=KAS-ECC-CDH_P-224_C0
+PeerKey=KAS-ECC-CDH_P-224_C0-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=7d96f9a3bd3c05cf5cc37feb8b9d5209d5c2597464dec3e9983743e8
 
-PrivateKey=ALICE_secp112r1
+PrivateKey=KAS-ECC-CDH_P-224_C1
 -----BEGIN PRIVATE KEY-----
-ME4CAQAwEAYHKoZIzj0CAQYFK4EEAAYENzA1AgEBBA6sqKp39AWLClus2ha5rqEg
-Ax4ABJ4NTgOR1xQAr3M6eM46WqXW2zA6FnsUMKFFwcw=
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBwEPLIW9Lcs33Yp1jcgpUru
+DJnrMtdEd9rAwvc9oTwDOgAEL5D1yOrJx97Nu5e2wvcVq3JeT+QP5tdG779OG2aJ
+c1FFT5J6MJsmnFptMTOL5MGaWs/DLPZW9Fw=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_secp112r1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C1-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDIwEAYHKoZIzj0CAQYFK4EEAAYDHgAEng1OA5HXFACvczp4zjpapdbbMDoWexQw
-oUXBzA==
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEL5D1yOrJx97Nu5e2wvcVq3JeT+QP5tdG
+779OG2aJc1FFT5J6MJsmnFptMTOL5MGaWs/DLPZW9Fw=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_secp112r1:ALICE_secp112r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C1:KAS-ECC-CDH_P-224_C1-PUBLIC
 
-PrivateKey=BOB_secp112r1
------BEGIN PRIVATE KEY-----
-ME4CAQAwEAYHKoZIzj0CAQYFK4EEAAYENzA1AgEBBA5pIbX+hEq49mFPjUl4/6Eg
-Ax4ABBsPNZHm1pcdw104ibwIycCe+r5voeRfQUZRZ3c=
------END PRIVATE KEY-----
 
-PublicKey=BOB_secp112r1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C1-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDIwEAYHKoZIzj0CAQYFK4EEAAYDHgAEGw81kebWlx3DXTiJvAjJwJ76vm+h5F9B
-RlFndw==
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEE7/NT46UQjk8q4+0a58FZsImsis3B2l2
+8GF6Ru6yQnUpsojGPC+JY8Hkc98vymyqkNUuL421bdQ=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_secp112r1:BOB_secp112r1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_secp112r1
-PeerKey=BOB_secp112r1_PUB
-SharedSecret=a6cefb5aa7a352afe818749eb401
-
-# ECDH Bob with Alice peer
-Derive=BOB_secp112r1
-PeerKey=ALICE_secp112r1_PUB
-SharedSecret=a6cefb5aa7a352afe818749eb401
-
-# TEST CURVE secp112r2
+Availablein = default
+Derive=KAS-ECC-CDH_P-224_C1
+PeerKey=KAS-ECC-CDH_P-224_C1-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=ee93ce06b89ff72009e858c68eb708e7bc79ee0300f73bed69bbca09
 
-PrivateKey=ALICE_secp112r2
+PrivateKey=KAS-ECC-CDH_P-224_C2
 -----BEGIN PRIVATE KEY-----
-ME4CAQAwEAYHKoZIzj0CAQYFK4EEAAcENzA1AgEBBA4gzzblKfE6ZwoUW0FQmaEg
-Ax4ABJJ4L7Vo50NZ5VGZ4nNkxFNcjJQwDIQb1/9IkLE=
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBxa0N1turtPPC6l/jLlYbLK
+VQgUht8sfBXJYisIoTwDOgAEAFvKRdeT5/6ZqENwTtg4MVqxSl9id1B+m8N1MUPp
+1CHhSGrliTv9I8IQ5cFA18axraWdhCyamN4=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_secp112r2_PUB
+PublicKey=KAS-ECC-CDH_P-224_C2-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDIwEAYHKoZIzj0CAQYFK4EEAAcDHgAEkngvtWjnQ1nlUZnic2TEU1yMlDAMhBvX
-/0iQsQ==
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEAFvKRdeT5/6ZqENwTtg4MVqxSl9id1B+
+m8N1MUPp1CHhSGrliTv9I8IQ5cFA18axraWdhCyamN4=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_secp112r2:ALICE_secp112r2_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C2:KAS-ECC-CDH_P-224_C2-PUBLIC
 
-PrivateKey=BOB_secp112r2
------BEGIN PRIVATE KEY-----
-ME4CAQAwEAYHKoZIzj0CAQYFK4EEAAcENzA1AgEBBA4D9oGGj+O8vjZz3OZNaqEg
-Ax4ABNZOv5gUzvVbgAHpTgu3hUhTQtB8LamTEIfaRWE=
------END PRIVATE KEY-----
 
-PublicKey=BOB_secp112r2_PUB
+PublicKey=KAS-ECC-CDH_P-224_C2-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDIwEAYHKoZIzj0CAQYFK4EEAAcDHgAE1k6/mBTO9VuAAelOC7eFSFNC0HwtqZMQ
-h9pFYQ==
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEdW3YBrnZw02JlpHstFt3GvRo7ABEhqD9
+0oNBHk0Cwsphe7LF2WE/Jd1yQT0in9KQFROqKVBO7vs=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_secp112r2:BOB_secp112r2_PUB
 
-
-# ECDH Alice with Bob peer
-Derive=ALICE_secp112r2
-Availablein = default
-PeerKey=BOB_secp112r2_PUB
-SharedSecret=6bed2c55e233e9214d5898c4c12a
-
-# ECDH Bob with Alice peer
-Derive=BOB_secp112r2
 Availablein = default
-PeerKey=ALICE_secp112r2_PUB
-SharedSecret=6bed2c55e233e9214d5898c4c12a
-
-# TEST CURVE secp128r1
+Derive=KAS-ECC-CDH_P-224_C2
+PeerKey=KAS-ECC-CDH_P-224_C2-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=3fcc01e34d4449da2a974b23fc36f9566754259d39149790cfa1ebd3
 
-PrivateKey=ALICE_secp128r1
+PrivateKey=KAS-ECC-CDH_P-224_C3
 -----BEGIN PRIVATE KEY-----
-MFQCAQAwEAYHKoZIzj0CAQYFK4EEABwEPTA7AgEBBBCP1c+lxfRT+MZWZ8uGCYYl
-oSQDIgAEH2n0icp87inv7kUYrEFjpZuHJ4DqArhHS+Zfp2XXO1A=
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBwKpv9Vpdgg78tOfRC4Reo8
+n5vF3/hhBtuFMY4ioTwDOgAEL5Z1QTHgloGYqnj76MIB3F81gceS3khzQNMkSGHo
+pc15YVIDttielJb54jb+O2vocx50PWFVGcY=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_secp128r1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C3-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDYwEAYHKoZIzj0CAQYFK4EEABwDIgAEH2n0icp87inv7kUYrEFjpZuHJ4DqArhH
-S+Zfp2XXO1A=
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEL5Z1QTHgloGYqnj76MIB3F81gceS3khz
+QNMkSGHopc15YVIDttielJb54jb+O2vocx50PWFVGcY=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_secp128r1:ALICE_secp128r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C3:KAS-ECC-CDH_P-224_C3-PUBLIC
 
-PrivateKey=BOB_secp128r1
------BEGIN PRIVATE KEY-----
-MFQCAQAwEAYHKoZIzj0CAQYFK4EEABwEPTA7AgEBBBCGbEd3Hhwr76XbQekhIrDT
-oSQDIgAENKjS0HNx/gEKYQNNab9v8zlW/D4zSjv3Ny3Ep0GVYms=
------END PRIVATE KEY-----
 
-PublicKey=BOB_secp128r1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C3-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDYwEAYHKoZIzj0CAQYFK4EEABwDIgAENKjS0HNx/gEKYQNNab9v8zlW/D4zSjv3
-Ny3Ep0GVYms=
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAED1N78cESLFVlbSXoqoQX4LRLFSauBSMU
+T5khxPebJtMOSRp3NpbMLHm08FlrxbnuuvOU0WL7hoQ=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_secp128r1:BOB_secp128r1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_secp128r1
 Availablein = default
-PeerKey=BOB_secp128r1_PUB
-SharedSecret=91ded46ac404afdbd708fdcc1cac6842
-
-# ECDH Bob with Alice peer
-Derive=BOB_secp128r1
-Availablein = default
-PeerKey=ALICE_secp128r1_PUB
-SharedSecret=91ded46ac404afdbd708fdcc1cac6842
-
-# TEST CURVE secp128r2
+Derive=KAS-ECC-CDH_P-224_C3
+PeerKey=KAS-ECC-CDH_P-224_C3-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=49129628b23afcef48139a3f6f59ff5e9811aa746aa4ff33c24bb940
 
-PrivateKey=ALICE_secp128r2
+PrivateKey=KAS-ECC-CDH_P-224_C4
 -----BEGIN PRIVATE KEY-----
-MFQCAQAwEAYHKoZIzj0CAQYFK4EEAB0EPTA7AgEBBBAgRKSjPsZ76LDGIA2it5SC
-oSQDIgAEBVdjcUpR+b6LRPm6R8fAD/6kBxV0Kl3939Wn0+nUpf8=
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBzv5ubiWv+vVMmNACq7xjKN
+oVlAWht1LjLcI5UKoTwDOgAENV6WKSC94ENpX2v/tLNVxj2m9d5mXtRvLsgX4nSO
+CVNo9i4dNk7dRhcZeTtAStvarLyt2Iki/zc=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_secp128r2_PUB
+PublicKey=KAS-ECC-CDH_P-224_C4-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDYwEAYHKoZIzj0CAQYFK4EEAB0DIgAEBVdjcUpR+b6LRPm6R8fAD/6kBxV0Kl39
-39Wn0+nUpf8=
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAENV6WKSC94ENpX2v/tLNVxj2m9d5mXtRv
+LsgX4nSOCVNo9i4dNk7dRhcZeTtAStvarLyt2Iki/zc=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_secp128r2:ALICE_secp128r2_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C4:KAS-ECC-CDH_P-224_C4-PUBLIC
 
-PrivateKey=BOB_secp128r2
------BEGIN PRIVATE KEY-----
-MFQCAQAwEAYHKoZIzj0CAQYFK4EEAB0EPTA7AgEBBBACp00jw5D7obvDmJp7wDuA
-oSQDIgAEBO3BbVrc5SvhvN+fmWShu2tWIFQap5ys5RHMCLLl098=
------END PRIVATE KEY-----
 
-PublicKey=BOB_secp128r2_PUB
+PublicKey=KAS-ECC-CDH_P-224_C4-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDYwEAYHKoZIzj0CAQYFK4EEAB0DIgAEBO3BbVrc5SvhvN+fmWShu2tWIFQap5ys
-5RHMCLLl098=
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEKzYx0rBhebMXShAPf1cTHu6olHvgeGw9
+xksiOYPeKa49rTGtwCNsbefxRWHKLqCDxScMeKLmy8A=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_secp128r2:BOB_secp128r2_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_secp128r2
-Availablein = default
-PeerKey=BOB_secp128r2_PUB
-SharedSecret=dc32faa978008a694672076b756a1e4b
-
-# ECDH Bob with Alice peer
-Derive=BOB_secp128r2
 Availablein = default
-PeerKey=ALICE_secp128r2_PUB
-SharedSecret=dc32faa978008a694672076b756a1e4b
-
-# TEST CURVE secp160k1
+Derive=KAS-ECC-CDH_P-224_C4
+PeerKey=KAS-ECC-CDH_P-224_C4-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=fcdc69a40501d308a6839653a8f04309ec00233949522902ffa5eac6
 
-PrivateKey=ALICE_secp160k1
+PrivateKey=KAS-ECC-CDH_P-224_C5
 -----BEGIN PRIVATE KEY-----
-MGECAQAwEAYHKoZIzj0CAQYFK4EEAAkESjBIAgEBBBUAudN3YOXN0uu0CL2TGZdP
-YeNU/72hLAMqAAR3Du0dK28tSyWxYSz/Es2Wqr4C+bNfJ1uiK4J3BFS5Udc48nsx
-xfjj
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBxhyykyUkAB5enu7W332ciT
+XuMyICnt16qKy/1RoTwDOgAE1Q5K2r/Zidfbx89AUlRsx8RHqXYwQ2mXrUuVNlvq
+UDRzxervlVLULECx8vfKKSczslW5u+GxIzc=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_secp160k1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C5-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MD4wEAYHKoZIzj0CAQYFK4EEAAkDKgAEdw7tHStvLUslsWEs/xLNlqq+AvmzXydb
-oiuCdwRUuVHXOPJ7McX44w==
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAE1Q5K2r/Zidfbx89AUlRsx8RHqXYwQ2mX
+rUuVNlvqUDRzxervlVLULECx8vfKKSczslW5u+GxIzc=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_secp160k1:ALICE_secp160k1_PUB
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C5:KAS-ECC-CDH_P-224_C5-PUBLIC
 
 
-PrivateKey=BOB_secp160k1
------BEGIN PRIVATE KEY-----
-MGECAQAwEAYHKoZIzj0CAQYFK4EEAAkESjBIAgEBBBUA5fNiCFVGPM1aHuwXUvuh
-xoY2yU+hLAMqAAQHlM6otmapt0/0sc+5bcPoYT6cfyARv4VUOOo6I2eBGXLIm812
-1ric
------END PRIVATE KEY-----
-
-PublicKey=BOB_secp160k1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C5-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MD4wEAYHKoZIzj0CAQYFK4EEAAkDKgAEB5TOqLZmqbdP9LHPuW3D6GE+nH8gEb+F
-VDjqOiNngRlyyJvNdta4nA==
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAERRFAPeKQWfaaR1xaal9sq+1dnwFENqjL
+cKAjOH0tG2KqBG35NA+cN6CHoGsyz38IoiP5koEqgos=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_secp160k1:BOB_secp160k1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_secp160k1
-Availablein = default
-PeerKey=BOB_secp160k1_PUB
-SharedSecret=5457d367346cc3e82031784f95ebcd856de0c735
-
-# ECDH Bob with Alice peer
-Derive=BOB_secp160k1
 Availablein = default
-PeerKey=ALICE_secp160k1_PUB
-SharedSecret=5457d367346cc3e82031784f95ebcd856de0c735
-
-# TEST CURVE secp160r1
+Derive=KAS-ECC-CDH_P-224_C5
+PeerKey=KAS-ECC-CDH_P-224_C5-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=827e9025cb62e0e837c596063f3b9b5a0f7afd8d8783200086d61ec1
 
-PrivateKey=ALICE_secp160r1
+PrivateKey=KAS-ECC-CDH_P-224_C6
 -----BEGIN PRIVATE KEY-----
-MGECAQAwEAYHKoZIzj0CAQYFK4EEAAgESjBIAgEBBBUA0KDtaiFUWd8NG0lO9TLu
-zjLWXJehLAMqAASHQN1DGBXtdyF3+BjfIfbWg403dUqXbIXzZoctDyOPTQaGVblm
-SwXC
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBByMes40cXH5Le+Y2EVHX8gu
+HRSW2oHuWPUFuYX6oTwDOgAEsajcrImsonmTILRR3xx/9Nl1Z6u2gUHA2V/CqjUk
+lQkCsVEL3Jh9hgr8J62HHOrqZpNavTwKmag=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_secp160r1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C6-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MD4wEAYHKoZIzj0CAQYFK4EEAAgDKgAEh0DdQxgV7Xchd/gY3yH21oONN3VKl2yF
-82aHLQ8jj00GhlW5ZksFwg==
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEsajcrImsonmTILRR3xx/9Nl1Z6u2gUHA
+2V/CqjUklQkCsVEL3Jh9hgr8J62HHOrqZpNavTwKmag=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_secp160r1:ALICE_secp160r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C6:KAS-ECC-CDH_P-224_C6-PUBLIC
 
-PrivateKey=BOB_secp160r1
------BEGIN PRIVATE KEY-----
-MGECAQAwEAYHKoZIzj0CAQYFK4EEAAgESjBIAgEBBBUAsBIwvx6ZABinhsi+bGai
-CvetiuWhLAMqAAQJ2+RhpGedkUYXUiPZ/plHXFBy6R3XzMUGIKiXFGSBpwF8hGRN
-qUDy
------END PRIVATE KEY-----
 
-PublicKey=BOB_secp160r1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C6-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MD4wEAYHKoZIzj0CAQYFK4EEAAgDKgAECdvkYaRnnZFGF1Ij2f6ZR1xQcukd18zF
-BiColxRkgacBfIRkTalA8g==
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEMUoLJt0xwkiEXXzBe2HK1GCCWb7YWljR
+8f/TeGbks1A1LhGe7K2jgpB/Nhn9dI6nOuSJnf1JYwI=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_secp160r1:BOB_secp160r1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_secp160r1
-Availablein = default
-PeerKey=BOB_secp160r1_PUB
-SharedSecret=87856536b6a295ea94d3e483d69c6212d5c7afcf
-
-# ECDH Bob with Alice peer
-Derive=BOB_secp160r1
 Availablein = default
-PeerKey=ALICE_secp160r1_PUB
-SharedSecret=87856536b6a295ea94d3e483d69c6212d5c7afcf
-
-# TEST CURVE secp160r2
+Derive=KAS-ECC-CDH_P-224_C6
+PeerKey=KAS-ECC-CDH_P-224_C6-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=335ba51228d94acbed851ca7821c801d5cb1c7975d7aa90a7159f8fa
 
-PrivateKey=ALICE_secp160r2
+PrivateKey=KAS-ECC-CDH_P-224_C7
 -----BEGIN PRIVATE KEY-----
-MGECAQAwEAYHKoZIzj0CAQYFK4EEAB4ESjBIAgEBBBUAhmLOAJGNuSoZUCN4f0On
-LZ6rRSShLAMqAAQPSNvhJQohMEfijXq+Jlq7a9lzosQfPvuIyOg6shyzUVS43R+7
-Lgr5
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBw4L+ubm6EPGJ2Z5xqJzf5E
+y1VM7BOiEoQJd/tooTwDOgAEq7bx43c/+PxzrqKgsQeAnOcK3O/tbkH8XLQwRalj
+iXrpBsEKBV7q25f/3W90jT5WIeX/8wTki6c=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_secp160r2_PUB
+PublicKey=KAS-ECC-CDH_P-224_C7-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MD4wEAYHKoZIzj0CAQYFK4EEAB4DKgAED0jb4SUKITBH4o16viZau2vZc6LEHz77
-iMjoOrIcs1FUuN0fuy4K+Q==
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEq7bx43c/+PxzrqKgsQeAnOcK3O/tbkH8
+XLQwRaljiXrpBsEKBV7q25f/3W90jT5WIeX/8wTki6c=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_secp160r2:ALICE_secp160r2_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C7:KAS-ECC-CDH_P-224_C7-PUBLIC
 
-PrivateKey=BOB_secp160r2
------BEGIN PRIVATE KEY-----
-MGECAQAwEAYHKoZIzj0CAQYFK4EEAB4ESjBIAgEBBBUA10mjzR2Dy0CLmm/MTAHT
-b5CBenOhLAMqAARqzYAcSijzAo2vzmMuK8ta8sl/bguuCpRwFD93ACP64TzgI3re
-FhsX
------END PRIVATE KEY-----
 
-PublicKey=BOB_secp160r2_PUB
+PublicKey=KAS-ECC-CDH_P-224_C7-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MD4wEAYHKoZIzj0CAQYFK4EEAB4DKgAEas2AHEoo8wKNr85jLivLWvLJf24LrgqU
-cBQ/dwAj+uE84CN63hYbFw==
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEq+aEO+7C/Z5ftkcw0L5NFlQ4zpIu113Y
+C0YD5Wr+hnOpbEupkArYWZXmMeQ2xsyIosK0e3xIhrg=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_secp160r2:BOB_secp160r2_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_secp160r2
 Availablein = default
-PeerKey=BOB_secp160r2_PUB
-SharedSecret=5481e282c47cbd37c84873847c4fc2f31fc15a1a
-
-# ECDH Bob with Alice peer
-Derive=BOB_secp160r2
-Availablein = default
-PeerKey=ALICE_secp160r2_PUB
-SharedSecret=5481e282c47cbd37c84873847c4fc2f31fc15a1a
-
-# TEST CURVE secp192k1
+Derive=KAS-ECC-CDH_P-224_C7
+PeerKey=KAS-ECC-CDH_P-224_C7-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=8c2e627594206b34f7356d3426eb3d79f518ef843fbe94014cceace3
 
-PrivateKey=ALICE_secp192k1
+PrivateKey=KAS-ECC-CDH_P-224_C8
 -----BEGIN PRIVATE KEY-----
-MGwCAQAwEAYHKoZIzj0CAQYFK4EEAB8EVTBTAgEBBBizF3KeHMsaV/KOR/otCmdL
-QT2qGNq3HhWhNAMyAATP+L9SGl3K6wmevkLwJnkMNHp0I5RfXulSfHuHZPp4CGrh
-i6eKNQLkpZ2OQaPIExA=
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBzg1iA1EB70h8SFxg+0UA7r
+5qMuxk2+l9vgIyxGoTwDOgAEiFN3NemyPj4OB28TWoLTP5v/tGXzq86DIqYqYrTI
+wSNnMZeHXAvRTtCXYG0zD7orkgDvZaRHZNM=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_secp192k1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C8-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEYwEAYHKoZIzj0CAQYFK4EEAB8DMgAEz/i/UhpdyusJnr5C8CZ5DDR6dCOUX17p
-Unx7h2T6eAhq4YunijUC5KWdjkGjyBMQ
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEiFN3NemyPj4OB28TWoLTP5v/tGXzq86D
+IqYqYrTIwSNnMZeHXAvRTtCXYG0zD7orkgDvZaRHZNM=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_secp192k1:ALICE_secp192k1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C8:KAS-ECC-CDH_P-224_C8-PUBLIC
 
-PrivateKey=BOB_secp192k1
------BEGIN PRIVATE KEY-----
-MGwCAQAwEAYHKoZIzj0CAQYFK4EEAB8EVTBTAgEBBBh8BXPVGQKYCw0v7DY3wZVa
-cyhyUjIbUymhNAMyAATgI7hw2LSj6uN3yL5nvHOOkMiPtalKr+BGsFac39RYmp64
-mr+w66bDIWN3VllO6LY=
------END PRIVATE KEY-----
 
-PublicKey=BOB_secp192k1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C8-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEYwEAYHKoZIzj0CAQYFK4EEAB8DMgAE4CO4cNi0o+rjd8i+Z7xzjpDIj7WpSq/g
-RrBWnN/UWJqeuJq/sOumwyFjd1ZZTui2
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEE8+dbSyaroJ0wn1Eav0MiI/91SrimaNZ
+hNT1J9y+51tRV1H47irjVeiv1d4hxiqTmmUHtTjLxK8=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_secp192k1:BOB_secp192k1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_secp192k1
-Availablein = default
-PeerKey=BOB_secp192k1_PUB
-SharedSecret=6a4daca0412284172e8fcaafa0d9df76257d899752bf0f23
-
-# ECDH Bob with Alice peer
-Derive=BOB_secp192k1
 Availablein = default
-PeerKey=ALICE_secp192k1_PUB
-SharedSecret=6a4daca0412284172e8fcaafa0d9df76257d899752bf0f23
-
-# TEST CURVE secp224k1
+Derive=KAS-ECC-CDH_P-224_C8
+PeerKey=KAS-ECC-CDH_P-224_C8-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=632abb662728dbc994508873d5c527ca5ef923c0d31fa6c47ef4c825
 
-PrivateKey=ALICE_secp224k1
+PrivateKey=KAS-ECC-CDH_P-224_C9
 -----BEGIN PRIVATE KEY-----
-MHkCAQAwEAYHKoZIzj0CAQYFK4EEACAEYjBgAgEBBB0AhXKGJFqOI4P1PLFR3M6M
-kepT/2Dtd27I1Awzx6E8AzoABPVN/1b6VHbq7U6pWaOrUeqJ5vSgWL49u/uuD48D
-4FRf7oFdixN9VWIrxr0PRByeEYmlHw4MOEQK
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBy5at5bc7pyqotuTXTXv5xY
+6WL/eOtUIofHtEuioTwDOgAEN2gpJqVPcKTBdI9U1Q1bABOKBV+STyxl5bC75Flq
+/vzdZA0pY1AVuJvd3R+MJyNobTMuegbKh5k=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_secp224k1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C9-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACADOgAE9U3/VvpUdurtTqlZo6tR6onm9KBYvj27
-+64PjwPgVF/ugV2LE31VYivGvQ9EHJ4RiaUfDgw4RAo=
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEN2gpJqVPcKTBdI9U1Q1bABOKBV+STyxl
+5bC75Flq/vzdZA0pY1AVuJvd3R+MJyNobTMuegbKh5k=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_secp224k1:ALICE_secp224k1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C9:KAS-ECC-CDH_P-224_C9-PUBLIC
 
-PrivateKey=BOB_secp224k1
------BEGIN PRIVATE KEY-----
-MHkCAQAwEAYHKoZIzj0CAQYFK4EEACAEYjBgAgEBBB0AOjEXYoz8YcWokSf4U5gX
-HbjDfILPdPejlE0T/KE8AzoABGXAQ+AntX7On4cKwP+f4KzZGaJZwjBq3jCjymsr
-9A3c8VCoRXXBg+VPoKg7fDkMIgI8qPmrC95Q
------END PRIVATE KEY-----
 
-PublicKey=BOB_secp224k1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C9-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACADOgAEZcBD4Ce1fs6fhwrA/5/grNkZolnCMGre
-MKPKayv0DdzxUKhFdcGD5U+gqDt8OQwiAjyo+asL3lA=
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAElltjfA37wM+VQDVobXD37DCSnmZOUh26
+oigGWYKlj/YbyQAZu8u1h104Y9sLwqH6NLCtTeGoP5k=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_secp224k1:BOB_secp224k1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_secp224k1
-Availablein = default
-PeerKey=BOB_secp224k1_PUB
-SharedSecret=80b65e65fe29c779213dd31189d371ff57b0b2bf08c6458ed142399a
-
-# ECDH Bob with Alice peer
-Derive=BOB_secp224k1
 Availablein = default
-PeerKey=ALICE_secp224k1_PUB
-SharedSecret=80b65e65fe29c779213dd31189d371ff57b0b2bf08c6458ed142399a
-
-# TEST CURVE secp224r1
+Derive=KAS-ECC-CDH_P-224_C9
+PeerKey=KAS-ECC-CDH_P-224_C9-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=34641141aab05ef58bd376d609345901fb8f63477c6be9097f037f1f
 
-PrivateKey=ALICE_secp224r1
+PrivateKey=KAS-ECC-CDH_P-224_C10
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBxLKkXFJXYqGUlTsmgjlesi
-kwqejrekrkSTbehyoTwDOgAEUcEh0Ggy/rD+Nj9JQozzI+qzPtiU7b2D2HtdCa4h
-fbVPXngcRH2B2xN8W+dcHoIxrxO2UFXy4xo=
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBykDX4SBJxx5lIsf/I4QiQG
+HDpFcFizEFV2VbhUoTwDOgAEOZgBJDv+DC2psKU8jKV/Lu6HqqlKjk1eAp9CyqpJ
+5tS0fO56XEq3HVpn2oTgubQlzj5w2mjIiec=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_secp224r1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C10-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEUcEh0Ggy/rD+Nj9JQozzI+qzPtiU7b2D
-2HtdCa4hfbVPXngcRH2B2xN8W+dcHoIxrxO2UFXy4xo=
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEOZgBJDv+DC2psKU8jKV/Lu6HqqlKjk1e
+Ap9CyqpJ5tS0fO56XEq3HVpn2oTgubQlzj5w2mjIiec=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_secp224r1:ALICE_secp224r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C10:KAS-ECC-CDH_P-224_C10-PUBLIC
 
-PrivateKey=BOB_secp224r1
------BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBzOHGGUR3fZYg3GSaUN6pxo
-NQtAlOzM3UclEhMzoTwDOgAEdwFklK/YoDRU6bM7X2ulNLwqx9TUETMFUM6VV9DB
-4YcvAzv6pQgVwYEU7IahmSKpX19chbPt2I0=
------END PRIVATE KEY-----
 
-PublicKey=BOB_secp224r1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C10-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEdwFklK/YoDRU6bM7X2ulNLwqx9TUETMF
-UM6VV9DB4YcvAzv6pQgVwYEU7IahmSKpX19chbPt2I0=
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEc8xkU3LKLnFjfNqUPYFI8zgqtt0PLhpJ
+2pThNN9cNVwj5uIy68O+4qsYc+4Ng+M4L45v5hP2NDw=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_secp224r1:BOB_secp224r1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_secp224r1
-Availablein = default
-PeerKey=BOB_secp224r1_PUB
-SharedSecret=34ea06d16d82f0d1725de47f3639ac0c23db7d7ed68f01488539a2a5
-
-# ECDH Bob with Alice peer
-Derive=BOB_secp224r1
 Availablein = default
-PeerKey=ALICE_secp224r1_PUB
-SharedSecret=34ea06d16d82f0d1725de47f3639ac0c23db7d7ed68f01488539a2a5
-
-# TEST CURVE secp256k1
+Derive=KAS-ECC-CDH_P-224_C10
+PeerKey=KAS-ECC-CDH_P-224_C10-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=4f74ac8507501a32bfc5a78d8271c200e835966e187e8d00011a8c75
 
-PrivateKey=ALICE_secp256k1
+PrivateKey=KAS-ECC-CDH_P-224_C11
 -----BEGIN PRIVATE KEY-----
-MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgHCRzy0IcEx6CeA6ogNNK
-SOfuTlHy4fE/LNxkANUS4k+hRANCAASDBmwKklX4OcbZSJJX9mxm1Wr7TPTLpbyp
-xKcKRm0XKNxVlrZU8WQCl66GtX2DDyX+0+XiC3hbaRWcYtg7P6WO
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBytJRm8ck1ITgKmnwUUm7BH
+cUvw9ZhvrC4iLNlGoTwDOgAE35weDvFeU7n2JuK+HL6JNjnAbz4EOe6V19Sx43pS
+pzhq3aJD79+JQQhchOMSOcq5K4AXM2dIll4=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_secp256k1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C11-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEgwZsCpJV+DnG2UiSV/ZsZtVq+0z0y6W8
-qcSnCkZtFyjcVZa2VPFkApeuhrV9gw8l/tPl4gt4W2kVnGLYOz+ljg==
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAE35weDvFeU7n2JuK+HL6JNjnAbz4EOe6V
+19Sx43pSpzhq3aJD79+JQQhchOMSOcq5K4AXM2dIll4=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_secp256k1:ALICE_secp256k1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C11:KAS-ECC-CDH_P-224_C11-PUBLIC
 
-PrivateKey=BOB_secp256k1
------BEGIN PRIVATE KEY-----
-MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgChCkFvWtOcrXLmXVGqkR
-0gdntyytjGzEKue5t+IL2lihRANCAAQFQoIckey+Vyh3QwJWUUfKXNbbjWe94yZE
-AWGvI2BfqtWqigZF5VSb5aIXtTPRmwiN0cp30cd77YE5Z+e5bJHU
------END PRIVATE KEY-----
 
-PublicKey=BOB_secp256k1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C11-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEBUKCHJHsvlcod0MCVlFHylzW241nveMm
-RAFhryNgX6rVqooGReVUm+WiF7Uz0ZsIjdHKd9HHe+2BOWfnuWyR1A==
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEVGV4IWJQNU5EniFUbdEc0cUXQjZzmsrZ
+zg9FEtKiL81m0avtx2dmgyfFy5xZkEMnYjnPPIUWryQ=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_secp256k1:BOB_secp256k1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_secp256k1
 Availablein = default
-PeerKey=BOB_secp256k1_PUB
-SharedSecret=af43b52790082fd87afb1d14b883c12d12bb9e554080d1f8e527920676e31f3e
-
-# ECDH Bob with Alice peer
-Derive=BOB_secp256k1
-Availablein = default
-PeerKey=ALICE_secp256k1_PUB
-SharedSecret=af43b52790082fd87afb1d14b883c12d12bb9e554080d1f8e527920676e31f3e
-
-# TEST CURVE secp384r1
+Derive=KAS-ECC-CDH_P-224_C11
+PeerKey=KAS-ECC-CDH_P-224_C11-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=ad09c9ae4d2324ea81bb555b200d3c003e22a6870ee03b52df49e4de
 
-PrivateKey=ALICE_secp384r1
+PrivateKey=KAS-ECC-CDH_P-224_C12
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCxE7Q4m1dsK7M3Otxo
-cgY/ejX9JOKKdAtSnRiU4bnK3eFmALkMN7XIveQnWLB1PEKhZANiAAQaUsvUFr/u
-ISpAmYqYZIme4VassCtb0tNGU97s3qt4ozcogZ4z+fIzXZ4YXqfGoEa57+uQDgqr
-+jNOTji7Gxopt6AqZ9EvwuVaCuunUi0pcx6cc8IuUfrwMwSFovV/7sM=
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBw9MSqbnY7QkUCQC7rB4JVS
+fryePGSTvPNmbjopoTwDOgAEtKAZjciBDohEJbdQkosMlgwx96mWY0ALAaF534Er
+YBv8BzgkLG+G+DDyes1jLKYYoLUoDJ1Xafc=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_secp384r1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C12-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEGlLL1Ba/7iEqQJmKmGSJnuFWrLArW9LT
-RlPe7N6reKM3KIGeM/nyM12eGF6nxqBGue/rkA4Kq/ozTk44uxsaKbegKmfRL8Ll
-Wgrrp1ItKXMenHPCLlH68DMEhaL1f+7D
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEtKAZjciBDohEJbdQkosMlgwx96mWY0AL
+AaF534ErYBv8BzgkLG+G+DDyes1jLKYYoLUoDJ1Xafc=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_secp384r1:ALICE_secp384r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C12:KAS-ECC-CDH_P-224_C12-PUBLIC
 
-PrivateKey=BOB_secp384r1
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBRiGXRsb5sUq0b3/dg
-Z+pA9kbrSivBMCUCXVwxno1d/30hI/Yy0Z5PWwbBgwTFprWhZANiAASp1FeUOBJF
-mzQCNbGiOz8He0kF+KIf24UGYVO5MC7u5rV9hpoYsbcgmwxALskPN18os2ygK1Pn
-f/h+WALIsG2RknSTbiyvBYkoIhJV9cflvEDpMeaWSLF7qJ5YjEIf9PM=
------END PRIVATE KEY-----
 
-PublicKey=BOB_secp384r1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C12-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEqdRXlDgSRZs0AjWxojs/B3tJBfiiH9uF
-BmFTuTAu7ua1fYaaGLG3IJsMQC7JDzdfKLNsoCtT53/4flgCyLBtkZJ0k24srwWJ
-KCISVfXH5bxA6THmlkixe6ieWIxCH/Tz
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEHUax3DooEjy1E0bme67FZASGhnj699Do
+sq+iKg7J5l7JfiGDc+f8EVwidNW4KaYNk/ceAdWBNsM=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_secp384r1:BOB_secp384r1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_secp384r1
-Availablein = default
-PeerKey=BOB_secp384r1_PUB
-SharedSecret=2006ed49acbb991b8fbf8a15c3f263542496eaefe1e2952591b72fb929463eac7a403a5419cebbfb73734918eaed59fd
-
-# ECDH Bob with Alice peer
-Derive=BOB_secp384r1
 Availablein = default
-PeerKey=ALICE_secp384r1_PUB
-SharedSecret=2006ed49acbb991b8fbf8a15c3f263542496eaefe1e2952591b72fb929463eac7a403a5419cebbfb73734918eaed59fd
-
-# TEST CURVE secp521r1
+Derive=KAS-ECC-CDH_P-224_C12
+PeerKey=KAS-ECC-CDH_P-224_C12-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=ef029c28c68064b8abd2965a38c404fb5e944ace57e8638daba9d3cd
 
-PrivateKey=ALICE_secp521r1
+PrivateKey=KAS-ECC-CDH_P-224_C13
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAFBIz3FLAuX8VCWzM
-wu1f/tm8pf1QqnsdLqaIWCQAJa2W5ldpJTYfkj1gGxM44AD3qHnkXISvNLwwuxI1
-hr2+pOGhgYkDgYYABACWlOOFYk/p3AS2LxEQWBuMm6uIjo3XArjh1QrsLcUc5hhi
-82CIz6kKwKjCnYRDHq4iv1x63rVEzGGhQOM1g+cRVwHSpfbBpaxK7bMLkVFOOavv
-OdcdyRHaHsvxw2pREmdS/GwtfgT8odQrG06KMIwVeL+H08fGJSbPX0Zock0DOPCp
-aw==
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBByM4IItwkwVOZV1WsNQc371
+BmQcfXUrT5MAxhLtoTwDOgAEAN/H7BN2kM1tEv2y/QuMUxRYIQh2nCtyL/s5WF7v
+PaS6RYEnNGu2QCOGi923VYouz8gTZF9M6f4=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_secp521r1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C13-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAlpTjhWJP6dwEti8REFgbjJuriI6N
-1wK44dUK7C3FHOYYYvNgiM+pCsCowp2EQx6uIr9cet61RMxhoUDjNYPnEVcB0qX2
-waWsSu2zC5FRTjmr7znXHckR2h7L8cNqURJnUvxsLX4E/KHUKxtOijCMFXi/h9PH
-xiUmz19GaHJNAzjwqWs=
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEAN/H7BN2kM1tEv2y/QuMUxRYIQh2nCty
+L/s5WF7vPaS6RYEnNGu2QCOGi923VYouz8gTZF9M6f4=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_secp521r1:ALICE_secp521r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C13:KAS-ECC-CDH_P-224_C13-PUBLIC
 
-PrivateKey=BOB_secp521r1
------BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIA9C/sMWveRlHPr9P5
-cc3U+1L2/zB0VtHewKSQRWZ67SmS4+m7uXTqUVSLRHiQEgQid0cg77gSxXPlmV+z
-y0f3zd+hgYkDgYYABAE18N3SwDGtea3IOqUdh3j0JtnMeP41i/agEBlxK8/iEBXc
-Q61mkIrQIKcabRhoylEugXHiyNnqNQOD4DUa0bTKzAHtJ4UqqbEVno6byRmcUQwb
-mvG89eS8GLEmk5X/O2atHU4yIGTuTRQWn/BTJUCS+OgJz4FZdadscc5Z640EZqSD
-iw==
------END PRIVATE KEY-----
 
-PublicKey=BOB_secp521r1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C13-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBNfDd0sAxrXmtyDqlHYd49CbZzHj+
-NYv2oBAZcSvP4hAV3EOtZpCK0CCnGm0YaMpRLoFx4sjZ6jUDg+A1GtG0yswB7SeF
-KqmxFZ6Om8kZnFEMG5rxvPXkvBixJpOV/ztmrR1OMiBk7k0UFp/wUyVAkvjoCc+B
-WXWnbHHOWeuNBGakg4s=
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEJm0DjMek/iH2yXYxjoJ7grtbj3RDpVKY
+E2UG4N8SPZinogu985Q98uNWNCL4wM901TqqvdfJc7o=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_secp521r1:BOB_secp521r1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_secp521r1
-Availablein = default
-PeerKey=BOB_secp521r1_PUB
-SharedSecret=018c8f33e544a0fa8854dcd96bdba75b7687d1c42b2ff1bf0a06d49c424fee96d8a7f3af3119dcbfabc1c147477c50f7c72971956f9bb17ddec6d02b2187f06cf4be
-
-# ECDH Bob with Alice peer
-Derive=BOB_secp521r1
 Availablein = default
-PeerKey=ALICE_secp521r1_PUB
-SharedSecret=018c8f33e544a0fa8854dcd96bdba75b7687d1c42b2ff1bf0a06d49c424fee96d8a7f3af3119dcbfabc1c147477c50f7c72971956f9bb17ddec6d02b2187f06cf4be
-
-# TEST CURVE prime192v1
+Derive=KAS-ECC-CDH_P-224_C13
+PeerKey=KAS-ECC-CDH_P-224_C13-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=f83c16661dfcbad021cc3b5a5af51d9a18db4653866b3ff90787ce3e
 
-PrivateKey=ALICE_prime192v1
+PrivateKey=KAS-ECC-CDH_P-224_C14
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjxfXvSFNqD2UzFVN1L
-bQrPlzop7dxQq/ehNAMyAATibpGuYzCjkT1tWLYEogpKz74WqhvbQtZPkCYQCin1
-cmZuNW+BZ0jyVEpGlpnZPMg=
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBwP+bSFMlq3fynnvDef7XS/
+rIWUgtoN7nUowZ2yoTwDOgAEfmA+aXbbg8NgEVCPppXRtRUkni5UtI/Lz7kCRwF5
+pgDOhq38qbG5MfpRc9YY2gnoQYA9GbAmQoY=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_prime192v1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C14-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE4m6RrmMwo5E9bVi2BKIKSs++Fqob
-20LWT5AmEAop9XJmbjVvgWdI8lRKRpaZ2TzI
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEfmA+aXbbg8NgEVCPppXRtRUkni5UtI/L
+z7kCRwF5pgDOhq38qbG5MfpRc9YY2gnoQYA9GbAmQoY=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_prime192v1:ALICE_prime192v1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C14:KAS-ECC-CDH_P-224_C14-PUBLIC
 
-PrivateKey=BOB_prime192v1
------BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhewaqXNZlYyqnmuEEE
-Y/oUXe3/jpzhmyGhNAMyAASkpwNJEP/1FuuWKCDDUm26iyqrs+zKwayZnaF77YC6
-qCtgia7yNcSl9tlWHh3gQgw=
------END PRIVATE KEY-----
 
-PublicKey=BOB_prime192v1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C14-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEpKcDSRD/9Rbrliggw1Jtuosqq7Ps
-ysGsmZ2he+2AuqgrYImu8jXEpfbZVh4d4EIM
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAE6woJ96HCNqYfWVgJ7FZw79kuRZjV5hPg
+ks39ylB4euLy8VuIvBD3tfCu4UGDc/FhU669H7pUKI0=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_prime192v1:BOB_prime192v1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_prime192v1
-Availablein = default
-PeerKey=BOB_prime192v1_PUB
-SharedSecret=be2a779b587f8f5d7c9d8f006e0a6d0e996c9c63c255f861
-
-# ECDH Bob with Alice peer
-Derive=BOB_prime192v1
 Availablein = default
-PeerKey=ALICE_prime192v1_PUB
-SharedSecret=be2a779b587f8f5d7c9d8f006e0a6d0e996c9c63c255f861
-
-# TEST CURVE prime192v2
+Derive=KAS-ECC-CDH_P-224_C14
+PeerKey=KAS-ECC-CDH_P-224_C14-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=f51258c63f232e55a66aa25ebd597b2018d1052c02eeb63866758005
 
-PrivateKey=ALICE_prime192v2
+PrivateKey=KAS-ECC-CDH_P-224_C15
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQIEVTBTAgEBBBgtIuKqpRc7rEYuGx1a
-dDxcvso0NAZw+fWhNAMyAATMSHwJPq761VawpRbKLB3uuDSng4WeFPjhvubL6g8V
-8UqFaKRED5PUIQ0lYStVCao=
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBwZz1/2MGRn8ouf4GdaQ8BY
+JVLIwS5Zznw48pKxoTwDOgAE/CDpBuYJwRLPwuD+pjA4gsXblOh+AiNzqywIKq7N
+8dqnF4K8Wia7vY1+inZJDiarwX3/x3S9c0E=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_prime192v2_PUB
+PublicKey=KAS-ECC-CDH_P-224_C15-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQIDMgAEzEh8CT6u+tVWsKUWyiwd7rg0p4OF
-nhT44b7my+oPFfFKhWikRA+T1CENJWErVQmq
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAE/CDpBuYJwRLPwuD+pjA4gsXblOh+AiNz
+qywIKq7N8dqnF4K8Wia7vY1+inZJDiarwX3/x3S9c0E=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_prime192v2:ALICE_prime192v2_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C15:KAS-ECC-CDH_P-224_C15-PUBLIC
 
-PrivateKey=BOB_prime192v2
------BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQIEVTBTAgEBBBggTjqWC1/iHrvKR9/u
-1gxpL2tWJkkAMYuhNAMyAASa4nG+wLPTHxfkqiTII5PBLAKXmXUf5dMtpmApcjrj
-XjnwJIJEQr80MK9+g1raqN8=
------END PRIVATE KEY-----
 
-PublicKey=BOB_prime192v2_PUB
+PublicKey=KAS-ECC-CDH_P-224_C15-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQIDMgAEmuJxvsCz0x8X5KokyCOTwSwCl5l1
-H+XTLaZgKXI641458CSCREK/NDCvfoNa2qjf
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEay9rGKWH9WL/xhvZsARzIihphqePH9E5
+uE98JHCWkI5GFSZr5ZpTzWVVFQVv+SNwpicaXTgj1wQ=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_prime192v2:BOB_prime192v2_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_prime192v2
 Availablein = default
-PeerKey=BOB_prime192v2_PUB
-SharedSecret=9b37033a48af7fe1825c062625f8b57d4b3ac48c12bec69c
-
-# ECDH Bob with Alice peer
-Derive=BOB_prime192v2
-Availablein = default
-PeerKey=ALICE_prime192v2_PUB
-SharedSecret=9b37033a48af7fe1825c062625f8b57d4b3ac48c12bec69c
-
-# TEST CURVE prime192v3
+Derive=KAS-ECC-CDH_P-224_C15
+PeerKey=KAS-ECC-CDH_P-224_C15-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=7fdc969a186ff18429f2a276dac43beea21182d82ce2e5a0876552b1
 
-PrivateKey=ALICE_prime192v3
+PrivateKey=KAS-ECC-CDH_P-224_C16
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQMEVTBTAgEBBBg0iDdcgise1/v2k6js
-UkgKwXPqx/uJJTehNAMyAAQ6/i0pSNHk824XO6Mv0irQfSv2yzGQy+DwWo/klZco
-kPDcXKEdU8ZmnAABH7j6UV8=
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBByQoVNo41MsCx5R5V0TlEfC
+yJvBYHGdaXKR6nwUoTwDOgAExoN9UG6XbafbOtEmfDWd/y6m+wt/f453AkxZ6Wfr
+SR0vyKUwxGUl0qiy18HfX7oa50CkZJxoPuY=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_prime192v3_PUB
+PublicKey=KAS-ECC-CDH_P-224_C16-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQMDMgAEOv4tKUjR5PNuFzujL9Iq0H0r9ssx
-kMvg8FqP5JWXKJDw3FyhHVPGZpwAAR+4+lFf
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAExoN9UG6XbafbOtEmfDWd/y6m+wt/f453
+AkxZ6WfrSR0vyKUwxGUl0qiy18HfX7oa50CkZJxoPuY=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_prime192v3:ALICE_prime192v3_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C16:KAS-ECC-CDH_P-224_C16-PUBLIC
 
-PrivateKey=BOB_prime192v3
------BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQMEVTBTAgEBBBieW1huqwVU3ev7qgpT
-LFjYEMRPONOAcaKhNAMyAASXaTjBIQX686BZJAidX+hFuvDyxbN1vBQvp40OVl0L
-CG4hoZ+5McLtPATL+osKvX8=
------END PRIVATE KEY-----
 
-PublicKey=BOB_prime192v3_PUB
+PublicKey=KAS-ECC-CDH_P-224_C16-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQMDMgAEl2k4wSEF+vOgWSQInV/oRbrw8sWz
-dbwUL6eNDlZdCwhuIaGfuTHC7TwEy/qLCr1/
------END PUBLIC KEY-----
-
-PrivPubKeyPair = BOB_prime192v3:BOB_prime192v3_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_prime192v3
-Availablein = default
-PeerKey=BOB_prime192v3_PUB
-SharedSecret=7133f1d99b0e03ed9c4d78d3be40598cf419cd588283ac29
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEMoEBuoJqzXX/nzTVV0zg28kvcJutjXoz
+xHlAwd858eqISIxV1VOBYIeLnO0YqIfqJh3XEtFAJP8=
+-----END PUBLIC KEY-----
 
-# ECDH Bob with Alice peer
-Derive=BOB_prime192v3
 Availablein = default
-PeerKey=ALICE_prime192v3_PUB
-SharedSecret=7133f1d99b0e03ed9c4d78d3be40598cf419cd588283ac29
-
-# TEST CURVE prime239v1
+Derive=KAS-ECC-CDH_P-224_C16
+PeerKey=KAS-ECC-CDH_P-224_C16-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=3d60ab6db2b3ffe2d29ccff46d056e54230cf34982e241556ed2920c
 
-PrivateKey=ALICE_prime239v1
+PrivateKey=KAS-ECC-CDH_P-224_C17
 -----BEGIN PRIVATE KEY-----
-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEEBGcwZQIBAQQeRmiZXaqr3u11hiGK
-1cH75U/rKc1+8YMqxcXhACRkoUADPgAEfIJpVggCXUROHgX4h5h66/0Pgr/aMtMq
-ExHQP7zxWYzf3cYAP4V/t9OCT582WjMLnCmdlFnYUPD50dyU
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBByOCDjgXhchSRBn4cq8LoBR
+spDiYW7sQntxIYl9oTwDOgAE6RUPdwB1YmAZ4Y+VRztx5oKAQXkdPwjT+u6qK0df
+cHNequUjCKO3Y9yI7+GKtZDrr6A19uCLABw=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_prime239v1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C17-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQQDPgAEfIJpVggCXUROHgX4h5h66/0Pgr/a
-MtMqExHQP7zxWYzf3cYAP4V/t9OCT582WjMLnCmdlFnYUPD50dyU
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAE6RUPdwB1YmAZ4Y+VRztx5oKAQXkdPwjT
++u6qK0dfcHNequUjCKO3Y9yI7+GKtZDrr6A19uCLABw=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_prime239v1:ALICE_prime239v1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C17:KAS-ECC-CDH_P-224_C17-PUBLIC
 
-PrivateKey=BOB_prime239v1
------BEGIN PRIVATE KEY-----
-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEEBGcwZQIBAQQeAbGRRoBgqHVUBFot
-5m9Ytm8RU+ISkA33VgQrHGM/oUADPgAEdRgPsL/Mi3ucJcYibvFJQxDDyLqgUH3i
-Mk266RAHFqoioiGT72TOidBhi+VrUn6NOIyna8foww2M45vR
------END PRIVATE KEY-----
 
-PublicKey=BOB_prime239v1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C17-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQQDPgAEdRgPsL/Mi3ucJcYibvFJQxDDyLqg
-UH3iMk266RAHFqoioiGT72TOidBhi+VrUn6NOIyna8foww2M45vR
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEAIHjQnCHHi672UGD9he0rhXwQW3WNP5u
+k0zzwDoenzinuQtzF9Jrn2MRBjq1iyaM9Imy5QOG1dY=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_prime239v1:BOB_prime239v1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_prime239v1
 Availablein = default
-PeerKey=BOB_prime239v1_PUB
-SharedSecret=2ef92070f7a5fa14c8a67a8aa3080b4c4a597eafaa81d3f698599ac0be1e
-
-# ECDH Bob with Alice peer
-Derive=BOB_prime239v1
-Availablein = default
-PeerKey=ALICE_prime239v1_PUB
-SharedSecret=2ef92070f7a5fa14c8a67a8aa3080b4c4a597eafaa81d3f698599ac0be1e
-
-# TEST CURVE prime239v2
+Derive=KAS-ECC-CDH_P-224_C17
+PeerKey=KAS-ECC-CDH_P-224_C17-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=9116d72786f4db5df7a8b43078c6ab9160d423513d35ea5e2559306d
 
-PrivateKey=ALICE_prime239v2
+PrivateKey=KAS-ECC-CDH_P-224_C18
 -----BEGIN PRIVATE KEY-----
-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEFBGcwZQIBAQQeemq6S5puHF94ZW/W
-6BMRim+HFFM0zxVZQpWG+bf2oUADPgAELukUodCQsmwzGVR3lLEGKQ6quGd6kDXN
-DjjcMrDabBtWKDuuUrgjBGsI7NRbCQ0a5NWTo+EnWe0LXbYN
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBw4EG6T8Wo4Gtsdcs7j2mau
+RirUu/6p7N810IFOoTwDOgAEe+bEyReCmrZX3XnoY31679L4Hw3nZU2VfpdljUMN
+ItnoQ4MQ9h4NQ/Jfo+NFhfQyuq0n2zAhvw0=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_prime239v2_PUB
+PublicKey=KAS-ECC-CDH_P-224_C18-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQUDPgAELukUodCQsmwzGVR3lLEGKQ6quGd6
-kDXNDjjcMrDabBtWKDuuUrgjBGsI7NRbCQ0a5NWTo+EnWe0LXbYN
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEe+bEyReCmrZX3XnoY31679L4Hw3nZU2V
+fpdljUMNItnoQ4MQ9h4NQ/Jfo+NFhfQyuq0n2zAhvw0=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_prime239v2:ALICE_prime239v2_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C18:KAS-ECC-CDH_P-224_C18-PUBLIC
 
-PrivateKey=BOB_prime239v2
------BEGIN PRIVATE KEY-----
-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEFBGcwZQIBAQQeAEaCw7ulF8GZcmbj
-aDmcrw8Gex+hX0rNvwzoC7+6oUADPgAEKh0EmYUpj6XbuEGxMBaPmECT8L++ihUW
-ms4xau0RUYij4HgS1gjSMDfyvvCBUy10RIkw+goxVdUhfW2u
------END PRIVATE KEY-----
 
-PublicKey=BOB_prime239v2_PUB
+PublicKey=KAS-ECC-CDH_P-224_C18-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQUDPgAEKh0EmYUpj6XbuEGxMBaPmECT8L++
-ihUWms4xau0RUYij4HgS1gjSMDfyvvCBUy10RIkw+goxVdUhfW2u
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEJiNjL98L2FaAWmmqGG1BM+9ZBOH2Valy
+1mzOByzvlyjdBvuLUBUPUptpUHbUUHmDkSWFyJvQaC4=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_prime239v2:BOB_prime239v2_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_prime239v2
-Availablein = default
-PeerKey=BOB_prime239v2_PUB
-SharedSecret=5bdab282dc371ee88ade318a6aad2b329ec3ea957e0df18b7a691c1bf703
-
-# ECDH Bob with Alice peer
-Derive=BOB_prime239v2
 Availablein = default
-PeerKey=ALICE_prime239v2_PUB
-SharedSecret=5bdab282dc371ee88ade318a6aad2b329ec3ea957e0df18b7a691c1bf703
-
-# TEST CURVE prime239v3
+Derive=KAS-ECC-CDH_P-224_C18
+PeerKey=KAS-ECC-CDH_P-224_C18-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=207c53dcefac789aaa0276d9200b3a940ce5f2296f4cb2e81a185d3d
 
-PrivateKey=ALICE_prime239v3
+PrivateKey=KAS-ECC-CDH_P-224_C19
 -----BEGIN PRIVATE KEY-----
-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEGBGcwZQIBAQQeGlwSPAYfmiP9r2nA
-SD52VqKyZpEnU+Jmynlf2DI7oUADPgAEFlIB4Yl+5J2u4JLYv8z+itwf+XnOL/BD
-qNK3uRoYPKHYdYWJkgXxkQ1QDZwNppAQRcxSgTKnJ6V8crbp
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBzl0XGEMc9Q9svRvIAZ+hZ2
+LfoSyYnlmZl3+06ioTwDOgAELqSWbn+S7X9cxh/eeSBF9jtzHW59DeJXfy2OzhxK
+ex7eb4ORYikt9CS+eOgXb7b5QqPAI5FwDzE=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_prime239v3_PUB
+PublicKey=KAS-ECC-CDH_P-224_C19-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQYDPgAEFlIB4Yl+5J2u4JLYv8z+itwf+XnO
-L/BDqNK3uRoYPKHYdYWJkgXxkQ1QDZwNppAQRcxSgTKnJ6V8crbp
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAELqSWbn+S7X9cxh/eeSBF9jtzHW59DeJX
+fy2OzhxKex7eb4ORYikt9CS+eOgXb7b5QqPAI5FwDzE=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_prime239v3:ALICE_prime239v3_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C19:KAS-ECC-CDH_P-224_C19-PUBLIC
 
-PrivateKey=BOB_prime239v3
------BEGIN PRIVATE KEY-----
-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEGBGcwZQIBAQQeU1KIfJBGvItr8//g
-kW1zoPkveo9lvXBlnUV5/5rDoUADPgAEepc03AEEgOnI+ivpjGV4ypvn8sRQaVAb
-3QAeIEYDQLUBFOdb3kF2MvlnLKV3OCdB3GQgNfZtEHbdn0bq
------END PRIVATE KEY-----
 
-PublicKey=BOB_prime239v3_PUB
+PublicKey=KAS-ECC-CDH_P-224_C19-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQYDPgAEepc03AEEgOnI+ivpjGV4ypvn8sRQ
-aVAb3QAeIEYDQLUBFOdb3kF2MvlnLKV3OCdB3GQgNfZtEHbdn0bq
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEjuTR3MMd7kv2/iHKilh3IdkQrPsSLBbC
+p3qBUk6/Mj//BOtHcGmgrGizRfaxrhNO/DGUDlE8uZ8=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_prime239v3:BOB_prime239v3_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_prime239v3
-Availablein = default
-PeerKey=BOB_prime239v3_PUB
-SharedSecret=78e80ae760061178bd005e9e3634333971468bc6d3f82baee238c5ed32f9
-
-# ECDH Bob with Alice peer
-Derive=BOB_prime239v3
 Availablein = default
-PeerKey=ALICE_prime239v3_PUB
-SharedSecret=78e80ae760061178bd005e9e3634333971468bc6d3f82baee238c5ed32f9
-
-# TEST CURVE prime256v1
+Derive=KAS-ECC-CDH_P-224_C19
+PeerKey=KAS-ECC-CDH_P-224_C19-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=10e467da34f48ad7072005bccd6da1b2ba3f71eafa1c393842f91d74
 
-PrivateKey=ALICE_prime256v1
+PrivateKey=KAS-ECC-CDH_P-224_C20
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQglUPDk8gQ8lMj38V7
-0jPBZDfQUx5pNOVSKOMTqlh04POhRANCAARq87w+K0q9b1mzJGh309kjNvYTS02m
-YkHKxAewiZwmt/5w+5uywz/+0130SdAWbXtECjaHUK94YEHzp0G/PCl5
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBw9Y1aRtiqaknxjOVHJNpyI
+Yr0hGdMJcMJkRyfWoTwDOgAEQ4u7mAUXr7IL4dZ046wrMc7wepsj+49uOODWwAvl
+8cR9WNIbbtKEI7MvWpR1DaR+3O8z6nmUKv0=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_prime256v1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C20-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEavO8PitKvW9ZsyRod9PZIzb2E0tN
-pmJBysQHsImcJrf+cPubssM//tNd9EnQFm17RAo2h1CveGBB86dBvzwpeQ==
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEQ4u7mAUXr7IL4dZ046wrMc7wepsj+49u
+OODWwAvl8cR9WNIbbtKEI7MvWpR1DaR+3O8z6nmUKv0=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_prime256v1:ALICE_prime256v1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C20:KAS-ECC-CDH_P-224_C20-PUBLIC
 
-PrivateKey=BOB_prime256v1
------BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgNsLfn/sRZfm9ZcM7
-xURiUHT7+w8Jgk9SbwTVDjpLYYmhRANCAASRmyKNgUbADGxkIOAVh9T7IXv2ZDT6
-I5YMW6wOs27VMOAD0AiNLrv7sW1TdqxkUtF17/GFpLvFOuZcbdX4p3i/
------END PRIVATE KEY-----
 
-PublicKey=BOB_prime256v1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C20-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEkZsijYFGwAxsZCDgFYfU+yF79mQ0
-+iOWDFusDrNu1TDgA9AIjS67+7FtU3asZFLRde/xhaS7xTrmXG3V+Kd4vw==
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEl9y+bSgzWIKm0ZPMVKEGPdB3XcMoVlMA
+u5nmkdrRHdXs6M/Z+XyaUm5KFQbmNVlp7oeCb8OLzSQ=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_prime256v1:BOB_prime256v1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_prime256v1
-Availablein = default
-PeerKey=BOB_prime256v1_PUB
-SharedSecret=390021fbca00d959c1adaf7e9cedef0e65a582489eab9adbe739ef66bf82adb4
-
-# ECDH Bob with Alice peer
-Derive=BOB_prime256v1
 Availablein = default
-PeerKey=ALICE_prime256v1_PUB
-SharedSecret=390021fbca00d959c1adaf7e9cedef0e65a582489eab9adbe739ef66bf82adb4
-
-# TEST CURVE sect113r1
+Derive=KAS-ECC-CDH_P-224_C20
+PeerKey=KAS-ECC-CDH_P-224_C20-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=82fd2f9c60c4f999ac00bbe64bfc11da8ff8cda2e499fced65230bb1
 
-PrivateKey=ALICE_sect113r1
+PrivateKey=KAS-ECC-CDH_P-224_C21
 -----BEGIN PRIVATE KEY-----
-MFECAQAwEAYHKoZIzj0CAQYFK4EEAAQEOjA4AgEBBA8AcrP9u8BlWb4knkGVZmSh
-IgMgAAQBviTf62+1V4etJb2D9LkBadAFmdmRS+rVI3spTYs=
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBys88hbvcN58C9eo25/D1MJ
+Wp5wRqKGhahlm/eYoTwDOgAE/3URIVxx15a9ZG6EdL5EFrkWhM4NJp729CIBO7e/
+Xnm1qTk7uepCwL2y08LcgG4acwaqWOT9vqU=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect113r1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C21-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDQwEAYHKoZIzj0CAQYFK4EEAAQDIAAEAb4k3+tvtVeHrSW9g/S5AWnQBZnZkUvq
-1SN7KU2L
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAE/3URIVxx15a9ZG6EdL5EFrkWhM4NJp72
+9CIBO7e/Xnm1qTk7uepCwL2y08LcgG4acwaqWOT9vqU=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect113r1:ALICE_sect113r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C21:KAS-ECC-CDH_P-224_C21-PUBLIC
 
-PrivateKey=BOB_sect113r1
------BEGIN PRIVATE KEY-----
-MFECAQAwEAYHKoZIzj0CAQYFK4EEAAQEOjA4AgEBBA8AmhEq3A9KdbKQUz1F/Myh
-IgMgAAQAuSRBNxXjIjezwrGF8VkBxWR69g0UJaBIIArpdNo=
------END PRIVATE KEY-----
 
-PublicKey=BOB_sect113r1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C21-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDQwEAYHKoZIzj0CAQYFK4EEAAQDIAAEALkkQTcV4yI3s8KxhfFZAcVkevYNFCWg
-SCAK6XTa
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEzpEm3VOXLeod4dEe/vkA3jS2YYWcRkjF
+wOU09+ETtvLBZZ0H8nFuZKg8GLvONE3SEh/oUWjq4IU=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect113r1:BOB_sect113r1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_sect113r1
 Availablein = default
-PeerKey=BOB_sect113r1_PUB
-SharedSecret=015405437add26b8841c62a9016c85
-
-# ECDH Bob with Alice peer
-Derive=BOB_sect113r1
-Availablein = default
-PeerKey=ALICE_sect113r1_PUB
-SharedSecret=015405437add26b8841c62a9016c85
-
-# TEST CURVE sect113r2
+Derive=KAS-ECC-CDH_P-224_C21
+PeerKey=KAS-ECC-CDH_P-224_C21-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=530f7e7fc932613b29c981f261cb036cba3f1df3864e0e1cba2685a2
 
-PrivateKey=ALICE_sect113r2
+PrivateKey=KAS-ECC-CDH_P-224_C22
 -----BEGIN PRIVATE KEY-----
-MFECAQAwEAYHKoZIzj0CAQYFK4EEAAUEOjA4AgEBBA8ABqFZ6Z7BKKjvrzXh99Wh
-IgMgAAQBTQTHA9uSxcZ8kvsSVUUBcLQ4m45U10VwVCQ+oGQ=
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBzP/WLLAKDjFj+/LDl/rclh
+ghD4a09UpnUocwXwoTwDOgAEBL9NlI9EMNGLTtbJbbr5gfoRpAPtFoh/BnVJgXwT
+JqnO9R951OeDA9YGS0WfYSWErC/fWT19XYQ=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect113r2_PUB
+PublicKey=KAS-ECC-CDH_P-224_C22-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDQwEAYHKoZIzj0CAQYFK4EEAAUDIAAEAU0ExwPbksXGfJL7ElVFAXC0OJuOVNdF
-cFQkPqBk
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEBL9NlI9EMNGLTtbJbbr5gfoRpAPtFoh/
+BnVJgXwTJqnO9R951OeDA9YGS0WfYSWErC/fWT19XYQ=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect113r2:ALICE_sect113r2_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C22:KAS-ECC-CDH_P-224_C22-PUBLIC
 
-PrivateKey=BOB_sect113r2
------BEGIN PRIVATE KEY-----
-MFECAQAwEAYHKoZIzj0CAQYFK4EEAAUEOjA4AgEBBA8ABPHhZ0kCp0TocQJIuiuh
-IgMgAAQBSi7u+Ur776iGyg0Ij6UAN70IzPVZxGK5zPxp6wo=
------END PRIVATE KEY-----
 
-PublicKey=BOB_sect113r2_PUB
+PublicKey=KAS-ECC-CDH_P-224_C22-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDQwEAYHKoZIzj0CAQYFK4EEAAUDIAAEAUou7vlK+++ohsoNCI+lADe9CMz1WcRi
-ucz8aesK
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEhEGZZ9bPrUHnWgK22mBal5SaGDqXwwbE
+tG5mpVzJsllxixvIsUT95jOolGFv/VmjptXY6ULHy7c=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect113r2:BOB_sect113r2_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_sect113r2
-Availablein = default
-PeerKey=BOB_sect113r2_PUB
-SharedSecret=014231c5e9e28d451aa44a755407e1
-
-# ECDH Bob with Alice peer
-Derive=BOB_sect113r2
 Availablein = default
-PeerKey=ALICE_sect113r2_PUB
-SharedSecret=014231c5e9e28d451aa44a755407e1
-
-# TEST CURVE sect131r1
+Derive=KAS-ECC-CDH_P-224_C22
+PeerKey=KAS-ECC-CDH_P-224_C22-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=49f6fd0139248ef4df2db05d1319bd5b1489e249827a45a8a5f12427
 
-PrivateKey=ALICE_sect131r1
+PrivateKey=KAS-ECC-CDH_P-224_C23
 -----BEGIN PRIVATE KEY-----
-MFcCAQAwEAYHKoZIzj0CAQYFK4EEABYEQDA+AgEBBBEAUCFDwJLLThLHiDlw/Qcn
-8aEmAyQABAAU+ywF9iPv6LDldKOLhLgXBRI7EpZnbXPXhUmkQWPhHAQ=
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBByF+QPkOUPRPGiTLnEOgN5S
+y8C48aFBjqTaB5KZoTwDOgAElwpKfgHUGISXzrRpVesbhC2QhYGam5JchFKdPd+i
+UmSA+DPqDtvSBOTjZf7zRyiI/n2WkcPrwJ8=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect131r1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C23-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDgwEAYHKoZIzj0CAQYFK4EEABYDJAAEABT7LAX2I+/osOV0o4uEuBcFEjsSlmdt
-c9eFSaRBY+EcBA==
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAElwpKfgHUGISXzrRpVesbhC2QhYGam5Jc
+hFKdPd+iUmSA+DPqDtvSBOTjZf7zRyiI/n2WkcPrwJ8=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect131r1:ALICE_sect131r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C23:KAS-ECC-CDH_P-224_C23-PUBLIC
 
-PrivateKey=BOB_sect131r1
------BEGIN PRIVATE KEY-----
-MFcCAQAwEAYHKoZIzj0CAQYFK4EEABYEQDA+AgEBBBEDxxMzxjxJmYfSZvWJKq+V
-vKEmAyQABAFHQ2a+h+Yn5N4Lt0IoJcVVBrf9xkZNS0xxblh+0wndq9s=
------END PRIVATE KEY-----
 
-PublicKey=BOB_sect131r1_PUB
+PublicKey=KAS-ECC-CDH_P-224_C23-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDgwEAYHKoZIzj0CAQYFK4EEABYDJAAEAUdDZr6H5ifk3gu3QiglxVUGt/3GRk1L
-THFuWH7TCd2r2w==
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEfJysNXaAY8KCf2Cn9ROI8qj0t/jNc2vW
+vDN0dynua4ScYCXVd9vMVfvRcBj07bwu8QWwBNYle80=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect131r1:BOB_sect131r1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_sect131r1
-Availablein = default
-PeerKey=BOB_sect131r1_PUB
-SharedSecret=009e4acc8c1ba3a129a9ad83a733d7d702
-
-# ECDH Bob with Alice peer
-Derive=BOB_sect131r1
 Availablein = default
-PeerKey=ALICE_sect131r1_PUB
-SharedSecret=009e4acc8c1ba3a129a9ad83a733d7d702
-
-# TEST CURVE sect131r2
+Derive=KAS-ECC-CDH_P-224_C23
+PeerKey=KAS-ECC-CDH_P-224_C23-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=8f7e34e597ae8093b98270a74a8dfcdbed457f42f43df487c5487161
 
-PrivateKey=ALICE_sect131r2
+PrivateKey=KAS-ECC-CDH_P-224_C24
 -----BEGIN PRIVATE KEY-----
-MFcCAQAwEAYHKoZIzj0CAQYFK4EEABcEQDA+AgEBBBEDHPPtQCKJB8g01rMkT8Sk
-9aEmAyQABAcWl2Z/1kIc4mWCbRH4+c/2B47RC31JyifKvkxkHt05x3g=
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBzM5kiRo9ASn+4NSpbPvnrE
+cLhelnUpBXz6MaHZoTwDOgAEprKWMtuU2iEl3Bz4DgNwJoeyrMESICL6IXR2WmFy
+Pt1z4Q2u1zd1J48ZWLpW8fydCF68K2TIT+U=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect131r2_PUB
+PublicKey=KAS-ECC-CDH_P-224_C24-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDgwEAYHKoZIzj0CAQYFK4EEABcDJAAEBxaXZn/WQhziZYJtEfj5z/YHjtELfUnK
-J8q+TGQe3TnHeA==
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEprKWMtuU2iEl3Bz4DgNwJoeyrMESICL6
+IXR2WmFyPt1z4Q2u1zd1J48ZWLpW8fydCF68K2TIT+U=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect131r2:ALICE_sect131r2_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-224_C24:KAS-ECC-CDH_P-224_C24-PUBLIC
 
-PrivateKey=BOB_sect131r2
------BEGIN PRIVATE KEY-----
-MFcCAQAwEAYHKoZIzj0CAQYFK4EEABcEQDA+AgEBBBEDR9ez/YtS29S7/R5+rUiX
-VKEmAyQABALZHNBITDoigpOwTzczlaN9AsRk5JzMUJXYkvBEqj+YILQ=
------END PRIVATE KEY-----
 
-PublicKey=BOB_sect131r2_PUB
+PublicKey=KAS-ECC-CDH_P-224_C24-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDgwEAYHKoZIzj0CAQYFK4EEABcDJAAEAtkc0EhMOiKCk7BPNzOVo30CxGTknMxQ
-ldiS8ESqP5ggtA==
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAECFp2Qq2OWbGj6HJqdUevvs/9rB2rflcj
+DGqd9PkcNtiB/puAR6NTBxNVShr0wlxajmVNzc9ony4=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect131r2:BOB_sect131r2_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_sect131r2
-Availablein = default
-PeerKey=BOB_sect131r2_PUB
-SharedSecret=03cbec3a3050c7f13d4801ad692d61c417
-
-# ECDH Bob with Alice peer
-Derive=BOB_sect131r2
 Availablein = default
-PeerKey=ALICE_sect131r2_PUB
-SharedSecret=03cbec3a3050c7f13d4801ad692d61c417
-
-# TEST CURVE sect163k1
+Derive=KAS-ECC-CDH_P-224_C24
+PeerKey=KAS-ECC-CDH_P-224_C24-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=71954e2261e8510be1a060733671d2e9d0a2d012eb4e09556d697d2a
 
-PrivateKey=ALICE_sect163k1
+PrivateKey=KAS-ECC-CDH_P-256_C0
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBxkeGOXE86PAijpk8trN/
-f3kl4UmhLgMsAAQD1hrDCJ2MSFKZ6Q11cTllX/l5HY0Hg5XZCxMFC84AaczwPtNJ
-YNCxfCk=
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgfX3F9x6yndr4DWIU
+Yy7q4D2QWK8fttIu2AuttivBpTShRANCAATq0hhZARnoh2spFG/4nKYXcMTtu/l9
+OM44XtKB2KayMCivYSgf014vpwAlI6zIWkKcsG7mZIMlOJ9Z7fzhQFFB
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect163k1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C0-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA9YawwidjEhSmekNdXE5ZV/5eR2NB4OV
-2QsTBQvOAGnM8D7TSWDQsXwp
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE6tIYWQEZ6IdrKRRv+JymF3DE7bv5
+fTjOOF7SgdimsjAor2EoH9NeL6cAJSOsyFpCnLBu5mSDJTifWe384UBRQQ==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect163k1:ALICE_sect163k1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C0:KAS-ECC-CDH_P-256_C0-PUBLIC
 
-PrivateKey=BOB_sect163k1
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUCUJ5kItSfXidHXsgokcS7
-nzPFbOShLgMsAAQGrYNJ1qgdb3A9ISOmTujfS+WYFKwBXXrJEluAkeNh3jXnDq8X
-+XBB0k8=
------END PRIVATE KEY-----
 
-PublicKey=BOB_sect163k1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C0-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBq2DSdaoHW9wPSEjpk7o30vlmBSsAV16
-yRJbgJHjYd415w6vF/lwQdJP
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEcAxI939WWExcxjLKZWQNuRtrrM46
+Tfa0LOfMg4gz0ofbceUJ4/2bBg3bILpcUdzFlI1G+/ZA3+BEF4LKuF+krA==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect163k1:BOB_sect163k1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_sect163k1
 Availablein = default
-PeerKey=BOB_sect163k1_PUB
-SharedSecret=07bfdf00759b383aa7741ae4634400f8ddf2047092
-
-# ECDH Bob with Alice peer
-Derive=BOB_sect163k1
-Availablein = default
-PeerKey=ALICE_sect163k1_PUB
-SharedSecret=07bfdf00759b383aa7741ae4634400f8ddf2047092
-
-# TEST CURVE sect163r1
+Derive=KAS-ECC-CDH_P-256_C0
+PeerKey=KAS-ECC-CDH_P-256_C0-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=46fc62106420ff012e54a434fbdd2d25ccc5852060561e68040dd7778997bd7b
 
-PrivateKey=ALICE_sect163r1
+PrivateKey=KAS-ECC-CDH_P-256_C1
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAIETDBKAgEBBBUBl9zmlPmFF5v9h1IIENAx
-1b8tj0+hLgMsAAQE3j8Jn58CCtEDwvOZ5DwgYGBYvIECz1zN8UwPfTFSdXjTWQcr
-9gWxNMA=
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgOPZdbc5HZ2BE1Yzl
+E5WC1Wj2S7FgmNF526sHdB3VyvWhRANCAAQRny8EeQJ4KrDJ4npUr/Xrm5ZIKcqZ
+wGsC3bqVsKP20I9StyZmTKw2b8mKx6ASsmgsvZYuWstURnHUG5RFcE0d
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect163r1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C1-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAIDLAAEBN4/CZ+fAgrRA8LzmeQ8IGBgWLyBAs9c
-zfFMD30xUnV401kHK/YFsTTA
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEEZ8vBHkCeCqwyeJ6VK/165uWSCnK
+mcBrAt26lbCj9tCPUrcmZkysNm/JisegErJoLL2WLlrLVEZx1BuURXBNHQ==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect163r1:ALICE_sect163r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C1:KAS-ECC-CDH_P-256_C1-PUBLIC
 
-PrivateKey=BOB_sect163r1
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAIETDBKAgEBBBUA/nzN5yCavvZlXyDGEihW
-rwG360+hLgMsAAQDt6XZHfzXABSTnGhzfoPtfdLZgaoGhBdeWz+318vNmC6AMJP+
-PntHzsA=
------END PRIVATE KEY-----
 
-PublicKey=BOB_sect163r1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C1-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAIDLAAEA7el2R381wAUk5xoc36D7X3S2YGqBoQX
-Xls/t9fLzZgugDCT/j57R87A
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEgJ8EKJxkNIwBUV6wPVznrBqMuUmP
+XKpQGX5Y1DqGp66ynYToERl/Jeuo9RlAkstv9EDibUQhARNyRh9XknHNow==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect163r1:BOB_sect163r1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_sect163r1
-Availablein = default
-PeerKey=BOB_sect163r1_PUB
-SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4
-
-# ECDH Bob with Alice peer
-Derive=BOB_sect163r1
 Availablein = default
-PeerKey=ALICE_sect163r1_PUB
-SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4
-
-# TEST CURVE sect163r2
+Derive=KAS-ECC-CDH_P-256_C1
+PeerKey=KAS-ECC-CDH_P-256_C1-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=057d636096cb80b67a8c038c890e887d1adfa4195e9b3ce241c8a778c59cda67
 
-PrivateKey=ALICE_sect163r2
+PrivateKey=KAS-ECC-CDH_P-256_C2
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDjH2G7BkPTBM4VtljaQr8
-sXVLNOqhLgMsAAQHHqWxJWR2KrHCPp/PSjZIdK88ET0A323/UOTxhYHwsLpR7rp3
-ahq1lQ8=
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgGsz68bl3Erhab1Sx
+SJhaG9xMm+wL0ljK1LPWA/SfMsihRANCAATZ8recFyhFv9tWC7sBRHyl7MBHCglR
+O2EmkCxrT40QUfgV717DISjTSHg0dkZ4cC5k4WT/cxUYXiOv9frNlte8
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect163r2_PUB
+PublicKey=KAS-ECC-CDH_P-256_C2-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBx6lsSVkdiqxwj6fz0o2SHSvPBE9AN9t
-/1Dk8YWB8LC6Ue66d2oatZUP
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE2fK3nBcoRb/bVgu7AUR8pezARwoJ
+UTthJpAsa0+NEFH4Fe9ewyEo00h4NHZGeHAuZOFk/3MVGF4jr/X6zZbXvA==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect163r2:ALICE_sect163r2_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C2:KAS-ECC-CDH_P-256_C2-PUBLIC
 
-PrivateKey=BOB_sect163r2
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBXOM9Tm6sKXUlRLlW0HgC
-NTDxW2ihLgMsAAQGxa8xRcC+TIcDgGtehDVEV1PoBokBwtILj16NPYC0aBZI8/nF
-F4jhgmc=
------END PRIVATE KEY-----
 
-PublicKey=BOB_sect163r2_PUB
+PublicKey=KAS-ECC-CDH_P-256_C2-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBsWvMUXAvkyHA4BrXoQ1RFdT6AaJAcLS
-C49ejT2AtGgWSPP5xReI4YJn
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEojOcEtSgPDNUbeUzJotK1mfev0WL
+Rk13RDY2RA7n/sPvSKOrJuICILzaLBhRB2g52uiOrpYoaaSXv3PLZvr1Ng==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect163r2:BOB_sect163r2_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_sect163r2
-Availablein = default
-PeerKey=BOB_sect163r2_PUB
-SharedSecret=040df54e6df412790ef5c0fafbbfcba5136b872951
-
-# ECDH Bob with Alice peer
-Derive=BOB_sect163r2
 Availablein = default
-PeerKey=ALICE_sect163r2_PUB
-SharedSecret=040df54e6df412790ef5c0fafbbfcba5136b872951
-
-# TEST CURVE sect193r1
+Derive=KAS-ECC-CDH_P-256_C2
+PeerKey=KAS-ECC-CDH_P-256_C2-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=2d457b78b4614132477618a5b077965ec90730a8c81a1c75d6d4ec68005d67ec
 
-PrivateKey=ALICE_sect193r1
+PrivateKey=KAS-ECC-CDH_P-256_C3
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEAYHKoZIzj0CAQYFK4EEABgEWDBWAgEBBBkAEQlofBlvj8zDK5o4CCfA
-aOQOmlAyTimBoTYDNAAEAKBcyRBxQDZTvpPM39ZVXYQS5aJwZfUnNwBn5T26m15R
-M4MLnYGdklcAM8oMOML999w=
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgIHxDp5v+4D229LlE
+9T0vt2zEnvHJxNNNUbbGXE22ky2hRANCAAQkJ3wz9FBGLcs9SAHVe5ztBRiPFsKO
+2ocyWASM0WB+DcR4l1PisfY7Mv8BTsQs1qafrIHf5tDW/Urzcq4nxG+I
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect193r1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C3-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEgwEAYHKoZIzj0CAQYFK4EEABgDNAAEAKBcyRBxQDZTvpPM39ZVXYQS5aJwZfUn
-NwBn5T26m15RM4MLnYGdklcAM8oMOML999w=
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEJCd8M/RQRi3LPUgB1Xuc7QUYjxbC
+jtqHMlgEjNFgfg3EeJdT4rH2OzL/AU7ELNamn6yB3+bQ1v1K83KuJ8RviA==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect193r1:ALICE_sect193r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C3:KAS-ECC-CDH_P-256_C3-PUBLIC
 
-PrivateKey=BOB_sect193r1
------BEGIN PRIVATE KEY-----
-MG8CAQAwEAYHKoZIzj0CAQYFK4EEABgEWDBWAgEBBBkAnxvYLKZaw4Rj24WTRBfg
-iar5vp3R3pCJoTYDNAAEAXw0PWt3PtZT5v9aH0o6WnFtFGOBNEUpYQE/jBjzUHIC
-qMNZTHy9gT2R9yc0GBZ/Dic=
------END PRIVATE KEY-----
 
-PublicKey=BOB_sect193r1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C3-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEgwEAYHKoZIzj0CAQYFK4EEABgDNAAEAXw0PWt3PtZT5v9aH0o6WnFtFGOBNEUp
-YQE/jBjzUHICqMNZTHy9gT2R9yc0GBZ/Dic=
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE3zmJufpVSVcZs89G3M0otRU/eAgZ
+HdUY7/DDz/K3Be1CIpT/RgA0Kdc5ozIGyHUlUsi6VKJw3vwG4iHg/q9qxA==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect193r1:BOB_sect193r1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_sect193r1
-Availablein = default
-PeerKey=BOB_sect193r1_PUB
-SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47
-
-# ECDH Bob with Alice peer
-Derive=BOB_sect193r1
 Availablein = default
-PeerKey=ALICE_sect193r1_PUB
-SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47
-
-# TEST CURVE sect193r2
+Derive=KAS-ECC-CDH_P-256_C3
+PeerKey=KAS-ECC-CDH_P-256_C3-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=96441259534b80f6aee3d287a6bb17b5094dd4277d9e294f8fe73e48bf2a0024
 
-PrivateKey=ALICE_sect193r2
+PrivateKey=KAS-ECC-CDH_P-256_C4
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEAYHKoZIzj0CAQYFK4EEABkEWDBWAgEBBBkAj54XQW+b3bnX9duvqaa+
-lPTNcvOlxRAvoTYDNAAEAHhW6xjH4TNPs/e12tsZcsGD+a92kAWkwQFc4m1ISx4o
-mtNyCVI7FXV5zNnaGWVACT4=
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgWRN+OBUjULGVyXGN
+OWc9UZg4BVrZCN1HVxUv2CVcCb+hRANCAASoxf3Oi2LFraWY8UGts7Js8lTCgLKF
+emPSrXg6cxFfa4BuGq/sSvgKDXhrPeRTdbUXp+W1H/ssNWU3yebvIn1K
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect193r2_PUB
+PublicKey=KAS-ECC-CDH_P-256_C4-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEgwEAYHKoZIzj0CAQYFK4EEABkDNAAEAHhW6xjH4TNPs/e12tsZcsGD+a92kAWk
-wQFc4m1ISx4omtNyCVI7FXV5zNnaGWVACT4=
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEqMX9zotixa2lmPFBrbOybPJUwoCy
+hXpj0q14OnMRX2uAbhqv7Er4Cg14az3kU3W1F6fltR/7LDVlN8nm7yJ9Sg==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect193r2:ALICE_sect193r2_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C4:KAS-ECC-CDH_P-256_C4-PUBLIC
 
-PrivateKey=BOB_sect193r2
------BEGIN PRIVATE KEY-----
-MG8CAQAwEAYHKoZIzj0CAQYFK4EEABkEWDBWAgEBBBkAvMiVR0abk6pHoeOIBESL
-fB9B4gsZJjLsoTYDNAAEADtKDcwL660+Mm11Vl254GI3TnD+fragdwF+wY5qlMu5
-VtrUDMHuAP0q3eGQUsrzNo0=
------END PRIVATE KEY-----
 
-PublicKey=BOB_sect193r2_PUB
+PublicKey=KAS-ECC-CDH_P-256_C4-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEgwEAYHKoZIzj0CAQYFK4EEABkDNAAEADtKDcwL660+Mm11Vl254GI3TnD+frag
-dwF+wY5qlMu5VtrUDMHuAP0q3eGQUsrzNo0=
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEQRktKBPnlWHmodb1PIvBpDOhmcg1
+4UGwWnSpew+uuSIa+YzEXpin4EGwHPNfRit1YigTUcjr8/+gLjOgcioTKA==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect193r2:BOB_sect193r2_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_sect193r2
 Availablein = default
-PeerKey=BOB_sect193r2_PUB
-SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891
-
-# ECDH Bob with Alice peer
-Derive=BOB_sect193r2
-Availablein = default
-PeerKey=ALICE_sect193r2_PUB
-SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891
-
-# TEST CURVE sect233k1
+Derive=KAS-ECC-CDH_P-256_C4
+PeerKey=KAS-ECC-CDH_P-256_C4-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=19d44c8d63e8e8dd12c22a87b8cd4ece27acdde04dbf47f7f27537a6999a8e62
 
-PrivateKey=ALICE_sect233k1
+PrivateKey=KAS-ECC-CDH_P-256_C5
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1aR7qaKm1vmZWK2bGsJ1rX
-mH6BpTkW4t1L4zSf/KFAAz4ABADcDiv+bTvPVViqYLNz06VO5wodry+sGi6fnJIr
-QQCTfZ9d5whiIsbY5Thlcm7I0A/cIGoShA/6LumOVA==
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg9fjgF0YQpmEneXm1
+jOXJD+5smzuzRqkKcZYlXkCxMu+hRANCAAR7hh3NKESlqDY/a4741JNkD1WHkhcY
+nYAyaq2UgN/BScRnW0XuswZAX2wzw4vGnrK97Jt1rVr0cGqrhFQ7nMY6
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect233k1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C5-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEANwOK/5tO89VWKpgs3PTpU7nCh2vL6wa
-Lp+ckitBAJN9n13nCGIixtjlOGVybsjQD9wgahKED/ou6Y5U
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEe4YdzShEpag2P2uO+NSTZA9Vh5IX
+GJ2AMmqtlIDfwUnEZ1tF7rMGQF9sM8OLxp6yveybda1a9HBqq4RUO5zGOg==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect233k1:ALICE_sect233k1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C5:KAS-ECC-CDH_P-256_C5-PUBLIC
 
-PrivateKey=BOB_sect233k1
------BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0oa5BrzYxm6mn51Xyphn6X
-OUjKc9oMDHCowAyHTaFAAz4ABAGKiFuFJVQeymHYRVnt2LNF2MSaTMcL9JGSPn2z
-OwBis5MS4kgEFakWQl7KpGiy3vS89wmpblvHLJ/+IQ==
------END PRIVATE KEY-----
 
-PublicKey=BOB_sect233k1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C5-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAYqIW4UlVB7KYdhFWe3Ys0XYxJpMxwv0
-kZI+fbM7AGKzkxLiSAQVqRZCXsqkaLLe9Lz3CaluW8csn/4h
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEM+ggkqDx+zj1ZJ1YZ/uii1AxcrcD
+VXS/jltxAKMFJ5Lyz2tgHgoFlF4zVVC/ZI14L0YYbHcsDyDTzQ1rjKFLLw==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect233k1:BOB_sect233k1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_sect233k1
-Availablein = default
-PeerKey=BOB_sect233k1_PUB
-SharedSecret=00a5e5f2e992f4360d530dd365d14f5c6013212e14f4ea258c91c71f1512
-
-# ECDH Bob with Alice peer
-Derive=BOB_sect233k1
 Availablein = default
-PeerKey=ALICE_sect233k1_PUB
-SharedSecret=00a5e5f2e992f4360d530dd365d14f5c6013212e14f4ea258c91c71f1512
-
-# TEST CURVE sect233r1
+Derive=KAS-ECC-CDH_P-256_C5
+PeerKey=KAS-ECC-CDH_P-256_C5-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=664e45d5bba4ac931cd65d52017e4be9b19a515f669bea4703542a2c525cd3d3
 
-PrivateKey=ALICE_sect233r1
+PrivateKey=KAS-ECC-CDH_P-256_C6
 -----BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AEN6fePR2gizyXzU6kIgU
-Gijp5+IQAXoNBfKnVeChQAM+AAQB0kEwu2fwQWo1v1j7XQ8uJT3iMwRC8w+cxgxx
-GQ4B/FyjrhIUpEDWaMqfV23McZ6WdbIUe3MZ7K5pG38=
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgO1ia99sDRZwjBotk
+9j8o08PGvCW1v3asBfNUgoiLUZChRANCAASfs44tWOobr3Yi6WcgEByuPN5LpsHp
++ibZsd4ImRAoY9VWG5AEBu31CALdfXPok5X4rtcvug4dG2H+HSIwImDw
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect233r1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C6-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAdJBMLtn8EFqNb9Y+10PLiU94jMEQvMP
-nMYMcRkOAfxco64SFKRA1mjKn1dtzHGelnWyFHtzGeyuaRt/
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEn7OOLVjqG692IulnIBAcrjzeS6bB
+6fom2bHeCJkQKGPVVhuQBAbt9QgC3X1z6JOV+K7XL7oOHRth/h0iMCJg8A==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect233r1:ALICE_sect233r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C6:KAS-ECC-CDH_P-256_C6-PUBLIC
 
-PrivateKey=BOB_sect233r1
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AXHWOeS6fG0XCH3FnHDuS
-IcELUeDG+AYNNeLVZd6hQAM+AAQAYRRYH017uxcaMPF3GOsL4bvodW1yZLEtL3pm
-CkcAfqJI/4niCr8uHKh0gBa2JBjBWMV1u8Mpf60uvok=
------END PRIVATE KEY-----
 
-PublicKey=BOB_sect233r1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C6-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAGEUWB9Ne7sXGjDxdxjrC+G76HVtcmSx
-LS96ZgpHAH6iSP+J4gq/LhyodIAWtiQYwVjFdbvDKX+tLr6J
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEap4MP5FuTjFckRR75XFobZBGTov5
+gdNKkLY1O8pu66dA+b6tOcLyvMJgL3W4pz7Hvf/Lzq0VnQF0xsTTxTV/BQ==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect233r1:BOB_sect233r1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_sect233r1
-Availablein = default
-PeerKey=BOB_sect233r1_PUB
-SharedSecret=01625f3fcd367ee7cd74c67cca02dccfce6c3b19ef07e358ed943d17a8e2
-
-# ECDH Bob with Alice peer
-Derive=BOB_sect233r1
 Availablein = default
-PeerKey=ALICE_sect233r1_PUB
-SharedSecret=01625f3fcd367ee7cd74c67cca02dccfce6c3b19ef07e358ed943d17a8e2
-
-# TEST CURVE sect239k1
+Derive=KAS-ECC-CDH_P-256_C6
+PeerKey=KAS-ECC-CDH_P-256_C6-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=ca342daa50dc09d61be7c196c85e60a80c5cb04931746820be548cdde055679d
 
-PrivateKey=ALICE_sect239k1
+PrivateKey=KAS-ECC-CDH_P-256_C7
 -----BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEAAMEZzBlAgEBBB4MhpuQTtDeLBboZgiW11d/
-KBlgUL4YvTjZ8zg4HR2hQAM+AAQafRD6X3L/7c/FN69KuA04a4bhxHZezmz1G15m
-tltwl8zlWsR5+GNToxV0OBLbStAQbXxqBa2Gg83B0oc=
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg2L+SmiDqdDayRhtU
+GhHIDmHYJsCkydMisx3VTn9YucihRANCAAQg8HYx5KZRKomtSHxOnWMDnlecsNel
+VsueZhzVnB5/pG3pGEaz7uil7AnCqx9B4hvYNiDM3Rvc46t+puAt0nT1
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect239k1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C7-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEAAMDPgAEGn0Q+l9y/+3PxTevSrgNOGuG4cR2Xs5s
-9RteZrZbcJfM5VrEefhjU6MVdDgS20rQEG18agWthoPNwdKH
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEIPB2MeSmUSqJrUh8Tp1jA55XnLDX
+pVbLnmYc1Zwef6Rt6RhGs+7opewJwqsfQeIb2DYgzN0b3OOrfqbgLdJ09Q==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect239k1:ALICE_sect239k1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C7:KAS-ECC-CDH_P-256_C7-PUBLIC
 
-PrivateKey=BOB_sect239k1
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEAAMEZzBlAgEBBB4FBG477KvylisppUFwbDl/
-SRGnX5FFmfw/xWIiEMehQAM+AAQFii094UX6F5m8Dk0eI/DhF3+IDUu7h81hTdyZ
-xxET0IokxFkTUf/re9WPA7LxPOCuiIPZUNVCRxRWSuU=
------END PRIVATE KEY-----
 
-PublicKey=BOB_sect239k1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C7-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEAAMDPgAEBYotPeFF+heZvA5NHiPw4Rd/iA1Lu4fN
-YU3cmccRE9CKJMRZE1H/63vVjwOy8TzgroiD2VDVQkcUVkrl
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEqcCsreVcKnPq0ahvsKlxMiPIJHV5
+HNDiELBGQSziJLv23gr6IOk+B4RnwFPSQZA+2tc0xrQDunWMK1/wTJ1CKQ==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect239k1:BOB_sect239k1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_sect239k1
-Availablein = default
-PeerKey=BOB_sect239k1_PUB
-SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8
-
-# ECDH Bob with Alice peer
-Derive=BOB_sect239k1
 Availablein = default
-PeerKey=ALICE_sect239k1_PUB
-SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8
-
-# TEST CURVE sect283k1
+Derive=KAS-ECC-CDH_P-256_C7
+PeerKey=KAS-ECC-CDH_P-256_C7-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=35aa9b52536a461bfde4e85fc756be928c7de97923f0416c7a3ac8f88b3d4489
 
-PrivateKey=ALICE_sect283k1
+PrivateKey=KAS-ECC-CDH_P-256_C8
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAGhnsmZ2UDKV3QKmq3k+
-33LQ6n5aCYvKXcMgiZlBS/RrVgIRoUwDSgAEBSgpOw5TMTc4O8HHhw5atJl5mrnW
-uC6oWVYRYpD1IMvPNTRsAYo4SYRmPIfgzVv/ESVcHVaD1lPNo+eq0HN1qhvRX+4r
-mGO7
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgD5iDug7zLudd7Q2L
+2jmlFGop8fJQezvUWNvqCyuwW02hRANCAASrthtCO+XWwm4hxgWDLJFC3B3+Wl//
+KHJnN5Nub79RbXM9JRPvWL6rICCQWG+skb8P7jHoCrM0c6sjotieWPrW
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect283k1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C8-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBSgpOw5TMTc4O8HHhw5atJl5mrnWuC6o
-WVYRYpD1IMvPNTRsAYo4SYRmPIfgzVv/ESVcHVaD1lPNo+eq0HN1qhvRX+4rmGO7
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEq7YbQjvl1sJuIcYFgyyRQtwd/lpf
+/yhyZzeTbm+/UW1zPSUT71i+qyAgkFhvrJG/D+4x6AqzNHOrI6LYnlj61g==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect283k1:ALICE_sect283k1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C8:KAS-ECC-CDH_P-256_C8-PUBLIC
 
-PrivateKey=BOB_sect283k1
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAAJXIwfWjYbiM5jEcNw8
-8/1kbEnhVjWGivO7zDPts7AuKSMkoUwDSgAEA5Ause5pdH6ks7PdyPeoPbYAkz6V
-D5v8KTV1b97PiYmZNDeoBY78FQyHRSvdSo+oRew2RacpaCAntRoiWHyN1nAdDSzj
-CN/m
------END PRIVATE KEY-----
 
-PublicKey=BOB_sect283k1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C8-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA5Ause5pdH6ks7PdyPeoPbYAkz6VD5v8
-KTV1b97PiYmZNDeoBY78FQyHRSvdSo+oRew2RacpaCAntRoiWHyN1nAdDSzjCN/m
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAElOlPFqmCVf/yuawMlZiqw1SHsyMt
+MjG9k7fbffNvnrnYBJpDV5z6kLgJOpRBbL77+TOG8Vs/bhkLbjRV/t/mmg==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect283k1:BOB_sect283k1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_sect283k1
 Availablein = default
-PeerKey=BOB_sect283k1_PUB
-SharedSecret=02f2e682c2f60d7261624f3661a5e85fca920443b72aa4dd5a540082e65e552302d8f825
-
-# ECDH Bob with Alice peer
-Derive=BOB_sect283k1
-Availablein = default
-PeerKey=ALICE_sect283k1_PUB
-SharedSecret=02f2e682c2f60d7261624f3661a5e85fca920443b72aa4dd5a540082e65e552302d8f825
-
-# TEST CURVE sect283r1
+Derive=KAS-ECC-CDH_P-256_C8
+PeerKey=KAS-ECC-CDH_P-256_C8-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=605c16178a9bc875dcbff54d63fe00df699c03e8a888e9e94dfbab90b25f39b4
 
-PrivateKey=ALICE_sect283r1
+PrivateKey=KAS-ECC-CDH_P-256_C9
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAi4Jrhu19kt7H8jw1FO7
-VzCxh6p0pI0ogl3q9ev5NFkufZkZoUwDSgAEAHx6cwnWw+9l3oZHpx+R8nu7SLqU
-S40TU2uL0W6VTNANIvcJB1b++3okH0FJgFAahbaotafYTyfqCoY11VaxnVqU5/aE
-7jsD
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgK+7bBLBcaYj2pnUA
+u4E/ryyuDVgMklO2M55KMze7bAihRANCAAQ9Y+Qpy1+olakkcSm/TkjonzXXsR3o
+FY7+s+EGoqhzlQyunkd+9B58jBBkN5u3tVTdy8rnn5gUKB8eUPBAPGHz
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect283r1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C9-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAHx6cwnWw+9l3oZHpx+R8nu7SLqUS40T
-U2uL0W6VTNANIvcJB1b++3okH0FJgFAahbaotafYTyfqCoY11VaxnVqU5/aE7jsD
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEPWPkKctfqJWpJHEpv05I6J8117Ed
+6BWO/rPhBqKoc5UMrp5HfvQefIwQZDebt7VU3cvK55+YFCgfHlDwQDxh8w==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect283r1:ALICE_sect283r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C9:KAS-ECC-CDH_P-256_C9-PUBLIC
 
-PrivateKey=BOB_sect283r1
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkACD04gJaVfVxK/Dpbxjq
-rzZWc6B76a23MK/IQD1jMlGPQzzxoUwDSgAEA13mIYMvik12DBp8JkdETMB1ewOw
-22C/xhnzLEHmgrG0ewxeANVAoIZy2uv5t0VUJIp4PYdLNaqIguN+9v6U78O4lass
-Iq5I
------END PRIVATE KEY-----
 
-PublicKey=BOB_sect283r1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C9-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEA13mIYMvik12DBp8JkdETMB1ewOw22C/
-xhnzLEHmgrG0ewxeANVAoIZy2uv5t0VUJIp4PYdLNaqIguN+9v6U78O4lassIq5I
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE4Jm/Kk1VdGC1VEQwu/baEQBNEny1
+1n9kqwfJT831J0/ZxQ2+cNcU7bXiIfTgIGEO62JwUX5ojKZPsOmMfvjBxQ==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect283r1:BOB_sect283r1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_sect283r1
-Availablein = default
-PeerKey=BOB_sect283r1_PUB
-SharedSecret=05778bc1afcf38d7dddb2150cacbfe4d38dc588968fd8b2e859c28ae2629d3435f89f6cc
-
-# ECDH Bob with Alice peer
-Derive=BOB_sect283r1
 Availablein = default
-PeerKey=ALICE_sect283r1_PUB
-SharedSecret=05778bc1afcf38d7dddb2150cacbfe4d38dc588968fd8b2e859c28ae2629d3435f89f6cc
-
-# TEST CURVE sect409k1
+Derive=KAS-ECC-CDH_P-256_C9
+PeerKey=KAS-ECC-CDH_P-256_C9-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=f96e40a1b72840854bb62bc13c40cc2795e373d4e715980b261476835a092e0b
 
-PrivateKey=ALICE_sect409k1
+PrivateKey=KAS-ECC-CDH_P-256_C10
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMg1vV7wiPe1ovX+ukz
-VfwPZoqvyj/vdif04Opi9PcjV5mPBEZgSFBg8hbutNxZJdVLrxShbANqAAQACe1I
-J5ilSk1pPLvbcjEZIE6abC9LZ9WmHuNJxM9LAW1OuLvJGi72AsGYUOGpX0WGmK6C
-AYaqZb2Qeedq/yUIljDHYi66J+26owYl7lOMpRzZ9U2QDJrZ7TYuxeMUui6re0B+
-JuZdYw==
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgd8Fdz0RhDkFpa6t1
+iUPv8UCTM+TVoRu+csj2w5Xp+EihRANCAAStXRPD21CN3NOEV+WZFDSiUb7UnPXd
+y1nN7nOGXxOMn2LOwecFiKpP38e5oJ2qZ4CBwE4SCLnWYriiIUv46Boh
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect409k1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C10-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAAntSCeYpUpNaTy723IxGSBOmmwvS2fV
-ph7jScTPSwFtTri7yRou9gLBmFDhqV9FhpiuggGGqmW9kHnnav8lCJYwx2Iuuift
-uqMGJe5TjKUc2fVNkAya2e02LsXjFLouq3tAfibmXWM=
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAErV0Tw9tQjdzThFflmRQ0olG+1Jz1
+3ctZze5zhl8TjJ9izsHnBYiqT9/HuaCdqmeAgcBOEgi51mK4oiFL+OgaIQ==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect409k1:ALICE_sect409k1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C10:KAS-ECC-CDH_P-256_C10-PUBLIC
 
-PrivateKey=BOB_sect409k1
------BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMIYBGZZcZz4qCdhAV9
-vqpfe8vV+vJEhjawR52JUV1rumWEBPAx0o6E+gaxHBr5hzVGkIKhbANqAAQAAQKK
-s60CTUUkltsT+lIBukjz850pkGGLltJ4eaZn4k9AtN/lFTCq6Vgqe2sDrjA3b45q
-AdWjf1vRaP0wawJ13SjApJmyXg5hQks6d0Zqz2OHYhGEGiM159VtTlStK067dVe1
-fGVDeg==
------END PRIVATE KEY-----
 
-PublicKey=BOB_sect409k1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C10-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAAECirOtAk1FJJbbE/pSAbpI8/OdKZBh
-i5bSeHmmZ+JPQLTf5RUwqulYKntrA64wN2+OagHVo39b0Wj9MGsCdd0owKSZsl4O
-YUJLOndGas9jh2IRhBojNefVbU5UrStOu3VXtXxlQ3o=
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE91pf5WvaNPPBOWKWYm7wEtwH5IJY
+OHeKZFyCSM/wFlgzu98bF3LYBZ31aLBh8/ESLyio2BkWfJe+RI49w/sMPA==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect409k1:BOB_sect409k1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_sect409k1
-Availablein = default
-PeerKey=BOB_sect409k1_PUB
-SharedSecret=01523ec40ad40226a57281a4c423801ae9495dcf736eddd667023b1390977d018ce79313fb99c503f39cbee80f5c1968f3bd02e0
-
-# ECDH Bob with Alice peer
-Derive=BOB_sect409k1
 Availablein = default
-PeerKey=ALICE_sect409k1_PUB
-SharedSecret=01523ec40ad40226a57281a4c423801ae9495dcf736eddd667023b1390977d018ce79313fb99c503f39cbee80f5c1968f3bd02e0
-
-# TEST CURVE sect409r1
+Derive=KAS-ECC-CDH_P-256_C10
+PeerKey=KAS-ECC-CDH_P-256_C10-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=8388fa79c4babdca02a8e8a34f9e43554976e420a4ad273c81b26e4228e9d3a3
 
-PrivateKey=ALICE_sect409r1
+PrivateKey=KAS-ECC-CDH_P-256_C11
 -----BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAYTMsTpey51D2ULnd
-pN+AAWnJLy9pTerziakhjii8OyWKpUVfpDFNneCCd2oQTDcPX5vdoWwDagAEAYfk
-3ZejxpVYCG7dYHTVhhcqILEyTYoQa4YehGPxKcbmgpqW4Wev1tEDVI3JIowICYGU
-owHXXzgDXoJeR79wgb7ySAlXJXgQ8Ficr7i0CaqyAuIpFw9FWJT3jheFwnbpDTvI
-eIozlf4=
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgQqg7mFAR0SMD2xqA
+DyYQ90qnHN8Zxn1Uzmye2VHpCT6hRANCAASrSMqmHqNfE/jtB/+moT6NsiTf7Prh
+p9+LG7brrwy5fRJ0Uwyiw4WjIYvd+8vwtAJMm63VJDv/g06/8kqGGNzL
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect409r1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C11-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAYfk3ZejxpVYCG7dYHTVhhcqILEyTYoQ
-a4YehGPxKcbmgpqW4Wev1tEDVI3JIowICYGUowHXXzgDXoJeR79wgb7ySAlXJXgQ
-8Ficr7i0CaqyAuIpFw9FWJT3jheFwnbpDTvIeIozlf4=
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEq0jKph6jXxP47Qf/pqE+jbIk3+z6
+4affixu2668MuX0SdFMMosOFoyGL3fvL8LQCTJut1SQ7/4NOv/JKhhjcyw==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect409r1:ALICE_sect409r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C11:KAS-ECC-CDH_P-256_C11-PUBLIC
 
-PrivateKey=BOB_sect409r1
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAsCs1nRgwW97TdKIH
-PRcsqmK1e8TIZ00e6rqLb3nD4sIe+Gw/fGhSUER9akQ7lAluEUnfoWwDagAEAfM2
-fvBEic+7jV4oC+v8GfsunD9Zp9rzNgMp3dJ+ZU7r6Bp+ZH3dL9Uvv8kUiB89UlDl
-LwBm/W6TlzGuh1FnzXYKVnhnXpzSlRZQsPCceKukbV46Asl8O23b2+DPJgQBGbMf
-WsgK+KA=
------END PRIVATE KEY-----
 
-PublicKey=BOB_sect409r1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C11-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAfM2fvBEic+7jV4oC+v8GfsunD9Zp9rz
-NgMp3dJ+ZU7r6Bp+ZH3dL9Uvv8kUiB89UlDlLwBm/W6TlzGuh1FnzXYKVnhnXpzS
-lRZQsPCceKukbV46Asl8O23b2+DPJgQBGbMfWsgK+KA=
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAELbRUDVAjB1YVir9h2YNXErZIbHQx
+IYPM78rvJ5e3Z01i9X8xTj80ldxOCZAS9eC6cXcPlmCh6tpUEEzf3nckPg==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect409r1:BOB_sect409r1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_sect409r1
-Availablein = default
-PeerKey=BOB_sect409r1_PUB
-SharedSecret=019dc849870dc6f79978aca8e1fc6aa6836c8fcb25bbfe3d5ab41ea53eae2c7329952280efb30f9097a31a774191e476dbd842d5
-
-# ECDH Bob with Alice peer
-Derive=BOB_sect409r1
 Availablein = default
-PeerKey=ALICE_sect409r1_PUB
-SharedSecret=019dc849870dc6f79978aca8e1fc6aa6836c8fcb25bbfe3d5ab41ea53eae2c7329952280efb30f9097a31a774191e476dbd842d5
-
-# TEST CURVE sect571k1
+Derive=KAS-ECC-CDH_P-256_C11
+PeerKey=KAS-ECC-CDH_P-256_C11-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=72877cea33ccc4715038d4bcbdfe0e43f42a9e2c0c3b017fc2370f4b9acbda4a
 
-PrivateKey=ALICE_sect571k1
+PrivateKey=KAS-ECC-CDH_P-256_C12
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIARO8hI8j6TZ556/d
-RcdGYvdblnALD2XZCKu2c3C5yQIeA8Tidi+f8n6cCnb5FtJNTYKqP8tRfHlwAZtW
-/giXi/4yF5K2twS3oYGVA4GSAAQAtiuUbz7v6njhujnDhanD4iV84K0LQd9wP1+k
-v0Bn833nKtFrZComgrip2SwUaEYOE6IcPyCJ48vWOKvIR6fU11tWwsFRPU0Cct0S
-qVbANAJzwL1umwuKNPblJ6ZEwcBdgw7hWFL6sh+0ayAQ3a8zOizhViJPCnaKR/Oo
-AtaUpCWLSTHDF1gK4/kmlwEx+8o=
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgzu01UHtck+rVmJEZ
+ubo0LP445uY4um7qNDpVR13igAuhRANCAASajNm9cucXUt+RRA93xUdQmoTfmBFO
+feTybNs5I0piXdB8/ITI4UT6soOfUYm7HXyIYx1Xm7xYAS7ZojJ9pS9i
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect571k1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C12-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQAtiuUbz7v6njhujnDhanD4iV84K0L
-Qd9wP1+kv0Bn833nKtFrZComgrip2SwUaEYOE6IcPyCJ48vWOKvIR6fU11tWwsFR
-PU0Cct0SqVbANAJzwL1umwuKNPblJ6ZEwcBdgw7hWFL6sh+0ayAQ3a8zOizhViJP
-CnaKR/OoAtaUpCWLSTHDF1gK4/kmlwEx+8o=
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEmozZvXLnF1LfkUQPd8VHUJqE35gR
+Tn3k8mzbOSNKYl3QfPyEyOFE+rKDn1GJux18iGMdV5u8WAEu2aIyfaUvYg==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect571k1:ALICE_sect571k1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C12:KAS-ECC-CDH_P-256_C12-PUBLIC
 
-PrivateKey=BOB_sect571k1
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAVZT4tnX9dMWS6Vd
-YCoYRl9o/j/Hz7KGqF4Ujk9n9b4+mXbJ37tobpjnpNqKlJfI04w80JPp+NxpoBR3
-8p1bcc9iL4Smh48YoYGVA4GSAAQARzAx9yVkHL8pbe1myosILIhhLLURYRDHmopO
-IijLQmTATV9pYO7CrFBPBjaKNRjPpw/cVOs89X9Jdzx/bolkGqVAsjLN1tsCrqET
-31F4mpnfsPwcM6zbp6lE4N2gL5cakKMmyPNM4d3m8xl1f6e56LBYfaxOaqcYzbXC
-Q/Aiij13H06qKhuFM4iiB/0D164=
------END PRIVATE KEY-----
 
-PublicKey=BOB_sect571k1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C12-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQARzAx9yVkHL8pbe1myosILIhhLLUR
-YRDHmopOIijLQmTATV9pYO7CrFBPBjaKNRjPpw/cVOs89X9Jdzx/bolkGqVAsjLN
-1tsCrqET31F4mpnfsPwcM6zbp6lE4N2gL5cakKMmyPNM4d3m8xl1f6e56LBYfaxO
-aqcYzbXCQ/Aiij13H06qKhuFM4iiB/0D164=
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEzZT8lJfomQdQMJ6ahTT9EUsKblTa
+icR5YQGJcEHRTsvD3vS1/gT67goRkyIp//VjY3v97g55xt7q9En4VAHFxA==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect571k1:BOB_sect571k1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_sect571k1
 Availablein = default
-PeerKey=BOB_sect571k1_PUB
-SharedSecret=05a423515fcc91b3171c83edd5c4085ff729a8ff0a3fa1578ebf769523ded0f5c1e387cf63109f2fbd95e117345b788b4577fdc6b6e727230bfc73eae0d4e851cb6f6e616eddb13e
-
-# ECDH Bob with Alice peer
-Derive=BOB_sect571k1
-Availablein = default
-PeerKey=ALICE_sect571k1_PUB
-SharedSecret=05a423515fcc91b3171c83edd5c4085ff729a8ff0a3fa1578ebf769523ded0f5c1e387cf63109f2fbd95e117345b788b4577fdc6b6e727230bfc73eae0d4e851cb6f6e616eddb13e
-
-# TEST CURVE sect571r1
+Derive=KAS-ECC-CDH_P-256_C12
+PeerKey=KAS-ECC-CDH_P-256_C12-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=e4e7408d85ff0e0e9c838003f28cdbd5247cdce31f32f62494b70e5f1bc36307
 
-PrivateKey=ALICE_sect571r1
+PrivateKey=KAS-ECC-CDH_P-256_C13
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIArsi//Zp9veeURYV
-zGYHn4MlNIxNt6U6vtmTPS/NaoiaavxbOimpHgxYPCjpoPYhM33Z2VBh7pl2aoRW
-3GBepLFLoF8oiQaLoYGVA4GSAAQDRG2b7KCUKbGDTWVgW0qqNC3oYcz4f/AwTHmo
-US1mzdRZj/Sf6IU+7mITGnQ6lg1EkTas/X6TK1hNMV7tAjSeowdN75wzd8YF32SF
-HMIcWew5g56oF961qv3IvICZnRAOmWyGHeHdYwHxMBSBPNgua42QGoJz6J6dYAUe
-vE+F3N29p/tRBGNzMFIqoDdW+NA=
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgQ+Dp2Vr03DZIPN0Z
+aNK37rhhH8znfzpOfQWa5D5QlgShRANCAAT5ic+O6VaoLn69mIHNv7L9lGGJsI21
+NVm8jP3UgHHrFF7/KPGhimFrBLfTN4aGefbdhPmns9e2+K8nbBlhGlQd
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect571r1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C13-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDRG2b7KCUKbGDTWVgW0qqNC3oYcz4
-f/AwTHmoUS1mzdRZj/Sf6IU+7mITGnQ6lg1EkTas/X6TK1hNMV7tAjSeowdN75wz
-d8YF32SFHMIcWew5g56oF961qv3IvICZnRAOmWyGHeHdYwHxMBSBPNgua42QGoJz
-6J6dYAUevE+F3N29p/tRBGNzMFIqoDdW+NA=
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE+YnPjulWqC5+vZiBzb+y/ZRhibCN
+tTVZvIz91IBx6xRe/yjxoYphawS30zeGhnn23YT5p7PXtvivJ2wZYRpUHQ==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect571r1:ALICE_sect571r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C13:KAS-ECC-CDH_P-256_C13-PUBLIC
 
-PrivateKey=BOB_sect571r1
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAYj65N5XJTQusn+h
-Z9xj/dgZ4qR1GDC1Ij7jYuow+TvGrG2wz/WT76/lLNtlCLfDW2kODDUmDAJeK/e+
-VMO7suJTXGnrGFHioYGVA4GSAAQGxykYFxqz7jZxcBbiPLYfJEhXlf2SYmMKve74
-trOT+qjIm35+uUAcg2krOzH7X/8wH6bVSn/UKG/k27wZrAnWzZ5XKd8QI70H8aHv
-LgrCoMoqOno+h6J4TgvlDq7FIGZ8fvDaM7YJ8dHPX5FC8Vyphu82TcNdnNATBqom
-6WDWc7RTFZ4sijL5ywVhovwJ1gA=
------END PRIVATE KEY-----
 
-PublicKey=BOB_sect571r1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C13-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGxykYFxqz7jZxcBbiPLYfJEhXlf2S
-YmMKve74trOT+qjIm35+uUAcg2krOzH7X/8wH6bVSn/UKG/k27wZrAnWzZ5XKd8Q
-I70H8aHvLgrCoMoqOno+h6J4TgvlDq7FIGZ8fvDaM7YJ8dHPX5FC8Vyphu82TcNd
-nNATBqom6WDWc7RTFZ4sijL5ywVhovwJ1gA=
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFbnkZ69NKQxBdALgQEJv5M8ja65y
+uqOS7Yl4DfzNtHHN9OkXD7kEMCuP2TqCC6jMftTv06by1rBbgLL/Ku5Odw==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect571r1:BOB_sect571r1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_sect571r1
 Availablein = default
-PeerKey=BOB_sect571r1_PUB
-SharedSecret=004b397e564055e2c7d87648183c948655ccb0ebb20bd441f9b11635cf461cb5815ff060eab33091b9f7aed67bec8ba1bb7b22437ece3c92c7cf76124408fb951595dfb4a512b2ae
-
-# ECDH Bob with Alice peer
-Derive=BOB_sect571r1
-Availablein = default
-PeerKey=ALICE_sect571r1_PUB
-SharedSecret=004b397e564055e2c7d87648183c948655ccb0ebb20bd441f9b11635cf461cb5815ff060eab33091b9f7aed67bec8ba1bb7b22437ece3c92c7cf76124408fb951595dfb4a512b2ae
-
-# TEST CURVE c2pnb163v1
+Derive=KAS-ECC-CDH_P-256_C13
+PeerKey=KAS-ECC-CDH_P-256_C13-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=ed56bcf695b734142c24ecb1fc1bb64d08f175eb243a31f37b3d9bb4407f3b96
 
-PrivateKey=ALICE_c2pnb163v1
+PrivateKey=KAS-ECC-CDH_P-256_C14
 -----BEGIN PRIVATE KEY-----
-MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAEETDBKAgEBBBUDTVBXDIdMMg5JIb6y
-ZHLpkONauzuhLgMsAAQC/TaMi2YGY4SmYVCrIVVommDnOyMHJZ1VZ4+fT+hE/qRp
-WHMMW5gOZO4=
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgsvNgDfM2jvigu4Wr
+IvQfwOX0/dVL6BZ6XDzUsI2wSQOhRANCAARpxidiWzakKcOYtFw4Z3yzXYvrHPeK
+Vx5A6Z/k6sHNToFpARKwqI8g9xNrKNfUfl+8Kto8jt2HWJvBnslZBje9
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_c2pnb163v1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C14-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAEDLAAEAv02jItmBmOEpmFQqyFVaJpg5zsj
-ByWdVWePn0/oRP6kaVhzDFuYDmTu
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEacYnYls2pCnDmLRcOGd8s12L6xz3
+ilceQOmf5OrBzU6BaQESsKiPIPcTayjX1H5fvCraPI7dh1ibwZ7JWQY3vQ==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_c2pnb163v1:ALICE_c2pnb163v1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C14:KAS-ECC-CDH_P-256_C14-PUBLIC
 
-PrivateKey=BOB_c2pnb163v1
------BEGIN PRIVATE KEY-----
-MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAEETDBKAgEBBBUC3uEAfGc3+a0FOrFh
-ftdUBtZ5BPOhLgMsAAQGojKkhnOduUQY6XT0GwQbDe1YM1wFkj3vZGkhO5OzsqG1
-QqQLkFeMwKo=
------END PRIVATE KEY-----
 
-PublicKey=BOB_c2pnb163v1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C14-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAEDLAAEBqIypIZznblEGOl09BsEGw3tWDNc
-BZI972RpITuTs7KhtUKkC5BXjMCq
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEScUDumxPpgUYLhhrXoERPwdbwR3P
+1RyTL7IelR7uL6GK9wb/CSLYez8MXk4x2LJZrrJgqSaWQ+1SChO7JdpZJA==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_c2pnb163v1:BOB_c2pnb163v1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_c2pnb163v1
-Availablein = default
-PeerKey=BOB_c2pnb163v1_PUB
-SharedSecret=05939a47cb503656e684f433001e45776c7620e13b
-
-# ECDH Bob with Alice peer
-Derive=BOB_c2pnb163v1
 Availablein = default
-PeerKey=ALICE_c2pnb163v1_PUB
-SharedSecret=05939a47cb503656e684f433001e45776c7620e13b
-
-# TEST CURVE c2pnb163v2
+Derive=KAS-ECC-CDH_P-256_C14
+PeerKey=KAS-ECC-CDH_P-256_C14-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=bc5c7055089fc9d6c89f83c1ea1ada879d9934b2ea28fcf4e4a7e984b28ad2cf
 
-PrivateKey=ALICE_c2pnb163v2
+PrivateKey=KAS-ECC-CDH_P-256_C15
 -----BEGIN PRIVATE KEY-----
-MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAIETDBKAgEBBBUC3m3meJNbhDwwFH3C
-//L2EyOQNruhLgMsAAQBaATOiPV6c8icBYWczLXM6k+t8U4FIN57iiC8RsmIS3+V
-yM/rN3UBZaw=
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgQAJTQwf4tiqb9n/2
+Qd3GD+9ZOxfDNBI56VvbPleb/cihRANCAARf6WRnExWhiqaKKm490f3n4juM5xgU
+cc+sQ8meGugCYtWCe+KC5iyE3lMbljiEuoMttdayw6JW8OYE/n5rin9y
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_c2pnb163v2_PUB
+PublicKey=KAS-ECC-CDH_P-256_C15-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAIDLAAEAWgEzoj1enPInAWFnMy1zOpPrfFO
-BSDee4ogvEbJiEt/lcjP6zd1AWWs
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEX+lkZxMVoYqmiipuPdH95+I7jOcY
+FHHPrEPJnhroAmLVgnviguYshN5TG5Y4hLqDLbXWssOiVvDmBP5+a4p/cg==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_c2pnb163v2:ALICE_c2pnb163v2_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C15:KAS-ECC-CDH_P-256_C15-PUBLIC
 
-PrivateKey=BOB_c2pnb163v2
------BEGIN PRIVATE KEY-----
-MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAIETDBKAgEBBBUBvd/DvKharywckSaW
-aAniKByXBwihLgMsAAQH0+FWe4mb13QrEZCPwfIS+gChEXoGhyBVubt6+SSgS5nS
-eDGgjW/36Qw=
------END PRIVATE KEY-----
 
-PublicKey=BOB_c2pnb163v2_PUB
+PublicKey=KAS-ECC-CDH_P-256_C15-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAIDLAAEB9PhVnuJm9d0KxGQj8HyEvoAoRF6
-BocgVbm7evkkoEuZ0ngxoI1v9+kM
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEGbON45/dL3D3CRYxpPddGZN0C6lC
+kWLCpFMSQBY2spwJrtcjKyjgYJQXQbaCi836K8ScyETzdzYRUE+Co5Clrg==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_c2pnb163v2:BOB_c2pnb163v2_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_c2pnb163v2
-Availablein = default
-PeerKey=BOB_c2pnb163v2_PUB
-SharedSecret=0779fb5f6ac7892f2f342b785d71244e0b03ca562d
-
-# ECDH Bob with Alice peer
-Derive=BOB_c2pnb163v2
 Availablein = default
-PeerKey=ALICE_c2pnb163v2_PUB
-SharedSecret=0779fb5f6ac7892f2f342b785d71244e0b03ca562d
-
-# TEST CURVE c2pnb163v3
+Derive=KAS-ECC-CDH_P-256_C15
+PeerKey=KAS-ECC-CDH_P-256_C15-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=9a4e8e657f6b0e097f47954a63c75d74fcba71a30d83651e3e5a91aa7ccd8343
 
-PrivateKey=ALICE_c2pnb163v3
+PrivateKey=KAS-ECC-CDH_P-256_C16
 -----BEGIN PRIVATE KEY-----
-MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAMETDBKAgEBBBUCtJ0ZQMD5T6Ym/jZx
-Fzb9tQkLOhuhLgMsAAQE26YD7hG+CY02+nBDFKIBnMvHWUQGfkiIfG9yxV+LptOM
-CdU4y9RhM+w=
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgTfoS3vxgMZAhtoGz
+/4ShClEZWMhQk57UVjWTS6SXkUehRANCAATJsrhJbxRAvUotHlJ1L9Nyg1s2SIXh
+VKfaxJKV8oHsfPvmuSaopN4mzMg7gCsSEkAHVL4l2fPurwCLCYcK52Mh
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_c2pnb163v3_PUB
+PublicKey=KAS-ECC-CDH_P-256_C16-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAMDLAAEBNumA+4RvgmNNvpwQxSiAZzLx1lE
-Bn5IiHxvcsVfi6bTjAnVOMvUYTPs
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEybK4SW8UQL1KLR5SdS/TcoNbNkiF
+4VSn2sSSlfKB7Hz75rkmqKTeJszIO4ArEhJAB1S+Jdnz7q8AiwmHCudjIQ==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_c2pnb163v3:ALICE_c2pnb163v3_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C16:KAS-ECC-CDH_P-256_C16-PUBLIC
 
-PrivateKey=BOB_c2pnb163v3
------BEGIN PRIVATE KEY-----
-MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAMETDBKAgEBBBUB9MnYR9NXM8OoCraO
-orQz1LXIZJChLgMsAAQH15R/xAGyrtmg+hrdAaGn9rVEfWQA7yUCn4vKR2eIy/qN
-YfbeHTIaTBY=
------END PRIVATE KEY-----
 
-PublicKey=BOB_c2pnb163v3_PUB
+PublicKey=KAS-ECC-CDH_P-256_C16-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAMDLAAEB9eUf8QBsq7ZoPoa3QGhp/a1RH1k
-AO8lAp+LykdniMv6jWH23h0yGkwW
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAELJHGHzOt/pMRyUL9v/a6RwIP7/QW
+t7tjzsE/r5sJmVRsqzGwZBnlIh/KAU+4TshwYiobErq1rkNoKqfqc+oI0A==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_c2pnb163v3:BOB_c2pnb163v3_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_c2pnb163v3
 Availablein = default
-PeerKey=BOB_c2pnb163v3_PUB
-SharedSecret=02bf68863a8798e72cdc9cd3b9ce731f12654bfa81
-
-# ECDH Bob with Alice peer
-Derive=BOB_c2pnb163v3
-Availablein = default
-PeerKey=ALICE_c2pnb163v3_PUB
-SharedSecret=02bf68863a8798e72cdc9cd3b9ce731f12654bfa81
-
-# TEST CURVE c2pnb176v1
+Derive=KAS-ECC-CDH_P-256_C16
+PeerKey=KAS-ECC-CDH_P-256_C16-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=3ca1fc7ad858fb1a6aba232542f3e2a749ffc7203a2374a3f3d3267f1fc97b78
 
-PrivateKey=ALICE_c2pnb176v1
+PrivateKey=KAS-ECC-CDH_P-256_C17
 -----BEGIN PRIVATE KEY-----
-MGgCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAQETjBMAgEBBBUAxXEz1PjthqsI664l
-N5LRLN8C2uyhMAMuAARD1qVJHbL5A7BhEKeHSuDeT6XeZ3ODFn9ef67qdF+tS7p3
-zgXGKt4pKMoYcg==
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgEzH22HSk7TvEosbp
+x0Mx0wOXljFL7uO3FS/NulVWME6hRANCAARZ4eEBUhBGrZzx0ILp0ux90iUwzOBk
+mR8eVcW89fy1kUgvT2cxdsj9qgu25ZsVo+R0VOOgQpfThjyTONmK3R83
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_c2pnb176v1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C17-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEUwEwYHKoZIzj0CAQYIKoZIzj0DAAQDLgAEQ9alSR2y+QOwYRCnh0rg3k+l3mdz
-gxZ/Xn+u6nRfrUu6d84FxireKSjKGHI=
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWeHhAVIQRq2c8dCC6dLsfdIlMMzg
+ZJkfHlXFvPX8tZFIL09nMXbI/aoLtuWbFaPkdFTjoEKX04Y8kzjZit0fNw==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_c2pnb176v1:ALICE_c2pnb176v1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C17:KAS-ECC-CDH_P-256_C17-PUBLIC
 
-PrivateKey=BOB_c2pnb176v1
------BEGIN PRIVATE KEY-----
-MGgCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAQETjBMAgEBBBUAJvHHFW0v+/cjaLd7
-Xgt6FtSga5+hMAMuAASUs7rUAlv1qhppI82ikLvZ8Y0DApC356nhs7SyQYdLtHRM
-+qUHBB3IzrLKdQ==
------END PRIVATE KEY-----
 
-PublicKey=BOB_c2pnb176v1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C17-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEUwEwYHKoZIzj0CAQYIKoZIzj0DAAQDLgAElLO61AJb9aoaaSPNopC72fGNAwKQ
-t+ep4bO0skGHS7R0TPqlBwQdyM6yynU=
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEooou31gCVmj3JKr4OlCVa3rBz7v/
+ebCMO/h9/Sgo12ffp7//1MdmuGq+r1yZtuUMuczJ2dALf/x4BLBJG2e8Aw==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_c2pnb176v1:BOB_c2pnb176v1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_c2pnb176v1
-Availablein = default
-PeerKey=BOB_c2pnb176v1_PUB
-SharedSecret=b204734417542df762e09013d6ba958940837a2aa25a
-
-# ECDH Bob with Alice peer
-Derive=BOB_c2pnb176v1
 Availablein = default
-PeerKey=ALICE_c2pnb176v1_PUB
-SharedSecret=b204734417542df762e09013d6ba958940837a2aa25a
-
-# TEST CURVE c2tnb191v1
+Derive=KAS-ECC-CDH_P-256_C17
+PeerKey=KAS-ECC-CDH_P-256_C17-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=1aaabe7ee6e4a6fa732291202433a237df1b49bc53866bfbe00db96a0f58224f
 
-PrivateKey=ALICE_c2tnb191v1
+PrivateKey=KAS-ECC-CDH_P-256_C18
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAUEVTBTAgEBBBgYgpO+wgirUtuqHF00
-2o02Vc7xQjKgSzChNAMyAAQ2ae+5tDQ2CDaV5XPdC+RtLgcHS5lTOclTClr/WSpP
-TlMt2TGh/KRrD859oXg6KYY=
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg3V6fcK50AHPKAgTf
+YHY/tgNsRXCb9Ke7TmcUEvrWXaOhRANCAAQwudsuLpd7zcmMuH3XNsvY54VSEhkl
+zxbhkzZXwvsjFGpFAogAuBKRvOXC4f7X3tZQYg675gUMbzp/DftGc6tc
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_c2tnb191v1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C18-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAUDMgAENmnvubQ0Ngg2leVz3QvkbS4HB0uZ
-UznJUwpa/1kqT05TLdkxofykaw/OfaF4OimG
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEMLnbLi6Xe83JjLh91zbL2OeFUhIZ
+Jc8W4ZM2V8L7IxRqRQKIALgSkbzlwuH+197WUGIOu+YFDG86fw37RnOrXA==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_c2tnb191v1:ALICE_c2tnb191v1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C18:KAS-ECC-CDH_P-256_C18-PUBLIC
 
-PrivateKey=BOB_c2tnb191v1
------BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAUEVTBTAgEBBBguzm5uFNRy/lX3OKuJ
-j8i/vH/+viMd48yhNAMyAARka5rhdTmtbqQVRMWZQjUqsHUMX43siRt5f2WQSZfg
-+IQ2l/8veayyX9erUSt3gK4=
------END PRIVATE KEY-----
 
-PublicKey=BOB_c2tnb191v1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C18-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAUDMgAEZGua4XU5rW6kFUTFmUI1KrB1DF+N
-7IkbeX9lkEmX4PiENpf/L3mssl/Xq1Erd4Cu
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEou+FeggfnW6yBqgcTPeKgCvfWYrj
+gMiIbs2F/cHtdkRWPEwgQZ8HvBfQU5+t4YVeNIOVFbiSwPXSZWH5f6BNGg==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_c2tnb191v1:BOB_c2tnb191v1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_c2tnb191v1
-Availablein = default
-PeerKey=BOB_c2tnb191v1_PUB
-SharedSecret=7a30d30acd3b067f38bb3be9e8cdef739483df26455e36e1
-
-# ECDH Bob with Alice peer
-Derive=BOB_c2tnb191v1
 Availablein = default
-PeerKey=ALICE_c2tnb191v1_PUB
-SharedSecret=7a30d30acd3b067f38bb3be9e8cdef739483df26455e36e1
-
-# TEST CURVE c2tnb191v2
+Derive=KAS-ECC-CDH_P-256_C18
+PeerKey=KAS-ECC-CDH_P-256_C18-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=430e6a4fba4449d700d2733e557f66a3bf3d50517c1271b1ddae1161b7ac798c
 
-PrivateKey=ALICE_c2tnb191v2
+PrivateKey=KAS-ECC-CDH_P-256_C19
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAYEVTBTAgEBBBgOlslgJ0XSK3vKC5Ls
-QmYxZfr8OEKXRQ2hNAMyAAQAHivLhSwW2SJZtUPhuV1p9fQSfz7w9SJY8dJOpVf8
-9DevPUlJMPcaSGyjX+3nJZc=
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgWuAmz8Bg1VYAcX5V
+uKEuEW0dDfNK+DGXkFdgfC2cL3ahRANCAARGyevRpKPIwLbVcrXc+6EkZ2AyCKnL
+XSrPu3M8QM9jkUbJE6J9BEGF04tGes4BHgTU2bu7jLmuJfqSqvFaWV6G
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_c2tnb191v2_PUB
+PublicKey=KAS-ECC-CDH_P-256_C19-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAYDMgAEAB4ry4UsFtkiWbVD4bldafX0En8+
-8PUiWPHSTqVX/PQ3rz1JSTD3Gkhso1/t5yWX
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAERsnr0aSjyMC21XK13PuhJGdgMgip
+y10qz7tzPEDPY5FGyROifQRBhdOLRnrOAR4E1Nm7u4y5riX6kqrxWllehg==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_c2tnb191v2:ALICE_c2tnb191v2_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C19:KAS-ECC-CDH_P-256_C19-PUBLIC
 
-PrivateKey=BOB_c2tnb191v2
------BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAYEVTBTAgEBBBgK9QaS2SDU6yz7uXqO
-+/+C+baTTVMAGVGhNAMyAAQiR0t9plm77ezfXvJzDNdlyYC0pWX+QmJ8EavgEElk
-ky/M+YXb5ufkFzFXIEfU9pM=
------END PRIVATE KEY-----
 
-PublicKey=BOB_c2tnb191v2_PUB
+PublicKey=KAS-ECC-CDH_P-256_C19-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAYDMgAEIkdLfaZZu+3s317ycwzXZcmAtKVl
-/kJifBGr4BBJZJMvzPmF2+bn5BcxVyBH1PaT
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEzNii2GvJLy4BvOTWkiz3/hYmrtBE
+aF6V4u69RkUF8B/p3dWDqWNaZnd31bio8xsPeeuhLHUCNBC1S4Vn3dwPOA==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_c2tnb191v2:BOB_c2tnb191v2_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_c2tnb191v2
-Availablein = default
-PeerKey=BOB_c2tnb191v2_PUB
-SharedSecret=5ec2b6ccd193620dbad302c4ad8f8909a40698bf454d7534
-
-# ECDH Bob with Alice peer
-Derive=BOB_c2tnb191v2
 Availablein = default
-PeerKey=ALICE_c2tnb191v2_PUB
-SharedSecret=5ec2b6ccd193620dbad302c4ad8f8909a40698bf454d7534
-
-# TEST CURVE c2tnb191v3
+Derive=KAS-ECC-CDH_P-256_C19
+PeerKey=KAS-ECC-CDH_P-256_C19-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=1ce9e6740529499f98d1f1d71329147a33df1d05e4765b539b11cf615d6974d3
 
-PrivateKey=ALICE_c2tnb191v3
+PrivateKey=KAS-ECC-CDH_P-256_C20
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAcEVTBTAgEBBBgSaBOQyq6XX3hZVVgV
-FlRrxTuvgtv33C6hNAMyAARL+Fup8jOnixQYPx8pU/b066PHrhTXfiNerFEYA/5O
-XCKCEkdRCpuDJnyqpmaC2vw=
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgtgGsQl1dv54XNcXi
+1b23nKmLPVvkos/W8ic/FQ4GTZ2hRANCAAR8npUIQdJsjd6JlDmLj11HWgIrxj3n
+dz/PjVUuAfG6CsxCuYhcmzvuD42MV9Oo9jVQFsAZxAYvoiz/LyCbXMLh
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_c2tnb191v3_PUB
+PublicKey=KAS-ECC-CDH_P-256_C20-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAcDMgAES/hbqfIzp4sUGD8fKVP29Oujx64U
-134jXqxRGAP+TlwighJHUQqbgyZ8qqZmgtr8
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEfJ6VCEHSbI3eiZQ5i49dR1oCK8Y9
+53c/z41VLgHxugrMQrmIXJs77g+NjFfTqPY1UBbAGcQGL6Is/y8gm1zC4Q==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_c2tnb191v3:ALICE_c2tnb191v3_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C20:KAS-ECC-CDH_P-256_C20-PUBLIC
 
-PrivateKey=BOB_c2tnb191v3
------BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAcEVTBTAgEBBBgEE8Ls7pc1/q3/0ruR
-gMrWGhGIr4VLt4uhNAMyAAQHAZsjkAXanwGbXR3SKkoKli6rSfSiu0lU2XHDiZdt
-LaPN+Eihz4KeG2YM/p3m1do=
------END PRIVATE KEY-----
 
-PublicKey=BOB_c2tnb191v3_PUB
+PublicKey=KAS-ECC-CDH_P-256_C20-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAcDMgAEBwGbI5AF2p8Bm10d0ipKCpYuq0n0
-ortJVNlxw4mXbS2jzfhIoc+CnhtmDP6d5tXa
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEwYj/yJR/cwH7e1PjZ0YJfCE0v5zJ
+gbp0tOnENh9ZXk6/fS8gVuckIe85PwwPKw4AEw48rEq7zAAoYWjoXsVQUQ==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_c2tnb191v3:BOB_c2tnb191v3_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_c2tnb191v3
 Availablein = default
-PeerKey=BOB_c2tnb191v3_PUB
-SharedSecret=39093dc8a2e6724a6206ed41bb99490d527d80c902c41891
-
-# ECDH Bob with Alice peer
-Derive=BOB_c2tnb191v3
-Availablein = default
-PeerKey=ALICE_c2tnb191v3_PUB
-SharedSecret=39093dc8a2e6724a6206ed41bb99490d527d80c902c41891
-
-# TEST CURVE c2pnb208w1
+Derive=KAS-ECC-CDH_P-256_C20
+PeerKey=KAS-ECC-CDH_P-256_C20-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=4690e3743c07d643f1bc183636ab2a9cb936a60a802113c49bb1b3f2d0661660
 
-PrivateKey=ALICE_c2pnb208w1
+PrivateKey=KAS-ECC-CDH_P-256_C21
 -----BEGIN PRIVATE KEY-----
-MHQCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAoEWjBYAgEBBBkAbfnNboX6Dk+NLoBO
-6qBB2aE1srmTgS96oTgDNgAEFLHciAu4excYB0mty8rF442ULXZfqL90IkgP5G2z
-wzY1mAlEBFMg83izeRaCJ/vRihZDJw==
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg/vsd2hhFMStfzmuB
+sr4gWvLzonT1ohL2bA2fwz165TWhRANCAAQ4tU24VQDLIMYQVu3T2ItqncJngKBH
+8hOm4bkA92WW62OH5OV4FXHk64rmKZGjO13DMwHFvH4SXVN5SjkWDY/Q
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_c2pnb208w1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C21-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME0wEwYHKoZIzj0CAQYIKoZIzj0DAAoDNgAEFLHciAu4excYB0mty8rF442ULXZf
-qL90IkgP5G2zwzY1mAlEBFMg83izeRaCJ/vRihZDJw==
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEOLVNuFUAyyDGEFbt09iLap3CZ4Cg
+R/ITpuG5APdllutjh+TleBVx5OuK5imRoztdwzMBxbx+El1TeUo5Fg2P0A==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_c2pnb208w1:ALICE_c2pnb208w1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C21:KAS-ECC-CDH_P-256_C21-PUBLIC
 
-PrivateKey=BOB_c2pnb208w1
------BEGIN PRIVATE KEY-----
-MHQCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAoEWjBYAgEBBBkAwjGFJOPkZqQPZ+mI
-Ae3G12zpUia40tRjoTgDNgAEDxaP6u0phDLfM4RsZhgIfZy8CurR4/IPtqMGxbfz
-pPKPMZXV12F6MrWrorSFDZ8KFd58Ww==
------END PRIVATE KEY-----
 
-PublicKey=BOB_c2pnb208w1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C21-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME0wEwYHKoZIzj0CAQYIKoZIzj0DAAoDNgAEDxaP6u0phDLfM4RsZhgIfZy8CurR
-4/IPtqMGxbfzpPKPMZXV12F6MrWrorSFDZ8KFd58Ww==
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEMX4QIP9T/M7xi/R7t/Lddwf7e3p1
+eOBPNbO+7SIqDrYJQgzloZ13xv4e5YfmpJ+6+PKA6N8DPXVAMwLlon2yrg==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_c2pnb208w1:BOB_c2pnb208w1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_c2pnb208w1
-Availablein = default
-PeerKey=BOB_c2pnb208w1_PUB
-SharedSecret=59bf3c91bd168d4d4d900d9ce155933045e0fd16dcf0511bb5af
-
-# ECDH Bob with Alice peer
-Derive=BOB_c2pnb208w1
 Availablein = default
-PeerKey=ALICE_c2pnb208w1_PUB
-SharedSecret=59bf3c91bd168d4d4d900d9ce155933045e0fd16dcf0511bb5af
-
-# TEST CURVE c2tnb239v1
+Derive=KAS-ECC-CDH_P-256_C21
+PeerKey=KAS-ECC-CDH_P-256_C21-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=30c2261bd0004e61feda2c16aa5e21ffa8d7e7f7dbf6ec379a43b48e4b36aeb0
 
-PrivateKey=ALICE_c2tnb239v1
+PrivateKey=KAS-ECC-CDH_P-256_C22
 -----BEGIN PRIVATE KEY-----
-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwALBGcwZQIBAQQeE4CCwXEKsP3CfLC/
-DLSSF9lfyOaNSuQXmq9rzLqwoUADPgAEM6oQIsXJs+ANKQpF3DzBdG4FdS5DS+qp
-c5fVTsZiI4FAWCXUvzzPTRAex3wwvF/4JrYK6cKVh8i1EOrN
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgM0rgxGk9I5Nafo4E
+PrveIeFop8uj+lB8m+QddoHgSc6hRANCAAQ/K/FYmr8wR78+VKyalTeb/5X49VQF
+9k7KNqfuvo/8p1ISqU5mxa6aiZGHL2anJyPYDsWy6SV0XEVvU3GUOzoG
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_c2tnb239v1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C22-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAsDPgAEM6oQIsXJs+ANKQpF3DzBdG4FdS5D
-S+qpc5fVTsZiI4FAWCXUvzzPTRAex3wwvF/4JrYK6cKVh8i1EOrN
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEPyvxWJq/MEe/PlSsmpU3m/+V+PVU
+BfZOyjan7r6P/KdSEqlOZsWumomRhy9mpycj2A7FsukldFxFb1NxlDs6Bg==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_c2tnb239v1:ALICE_c2tnb239v1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C22:KAS-ECC-CDH_P-256_C22-PUBLIC
 
-PrivateKey=BOB_c2tnb239v1
------BEGIN PRIVATE KEY-----
-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwALBGcwZQIBAQQeAGDYCGAXqD03x510
-h35JSzlgReW6W/T8lYPEA42doUADPgAECk6Uyh8ULkOVOxZSNZYGwtko/oy7ZLDP
-F8dbsEZTeYIBpQ6hWqZ/4Nz3RyzfoukyfCb3b8OMtpq+Qgio
------END PRIVATE KEY-----
 
-PublicKey=BOB_c2tnb239v1_PUB
+PublicKey=KAS-ECC-CDH_P-256_C22-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAsDPgAECk6Uyh8ULkOVOxZSNZYGwtko/oy7
-ZLDPF8dbsEZTeYIBpQ6hWqZ/4Nz3RyzfoukyfCb3b8OMtpq+Qgio
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAERfsCss6518ednC+pPpx5Z8L6TfV4
+n5ZAskJkseUk/LFcbo7PH30wI4k7exyh5NF4ly7iojB1fdxWT/439cWjIQ==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_c2tnb239v1:BOB_c2tnb239v1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_c2tnb239v1
-Availablein = default
-PeerKey=BOB_c2tnb239v1_PUB
-SharedSecret=78c42256900725df9a47bb042cef7dad9f639b32e3010738a144e7472d1a
-
-# ECDH Bob with Alice peer
-Derive=BOB_c2tnb239v1
 Availablein = default
-PeerKey=ALICE_c2tnb239v1_PUB
-SharedSecret=78c42256900725df9a47bb042cef7dad9f639b32e3010738a144e7472d1a
-
-# TEST CURVE c2tnb239v2
+Derive=KAS-ECC-CDH_P-256_C22
+PeerKey=KAS-ECC-CDH_P-256_C22-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=2adae4a138a239dcd93c243a3803c3e4cf96e37fe14e6a9b717be9599959b11c
 
-PrivateKey=ALICE_c2tnb239v2
+PrivateKey=KAS-ECC-CDH_P-256_C23
 -----BEGIN PRIVATE KEY-----
-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwAMBGcwZQIBAQQeE8kBjHLjFeC+Z2gZ
-q0snwR3UgEgWMW0xilhJNjW2oUADPgAEQ+ubIYhh82VohwKSVz70PkHsjmYWDvDU
-/SBRk8AiP71CM9D7XEKK5tnU94MtK2Kscx5nWZFc+oIh1+sY
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgLEveQCFPzDv8R9TP
+Q0timsvpFX+P0CglQDMd55Qs8J2hRANCAAQpwIB/EMvEL7RcmYnaUGge6tcW2qe5
+6R/TLgYvXrksoP8dbRlV1zdrLaJP4RY6JxZZE2NBvC6xGV/HBtxi5/NN
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_c2tnb239v2_PUB
+PublicKey=KAS-ECC-CDH_P-256_C23-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAwDPgAEQ+ubIYhh82VohwKSVz70PkHsjmYW
-DvDU/SBRk8AiP71CM9D7XEKK5tnU94MtK2Kscx5nWZFc+oIh1+sY
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEKcCAfxDLxC+0XJmJ2lBoHurXFtqn
+uekf0y4GL165LKD/HW0ZVdc3ay2iT+EWOicWWRNjQbwusRlfxwbcYufzTQ==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_c2tnb239v2:ALICE_c2tnb239v2_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C23:KAS-ECC-CDH_P-256_C23-PUBLIC
 
-PrivateKey=BOB_c2tnb239v2
------BEGIN PRIVATE KEY-----
-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwAMBGcwZQIBAQQeE7bhzKZZUm780c0e
-3EBWY1GxD90Mzu7zrQMi7bAzoUADPgAEYgV7bokY6iLMzZTG10c6NDaW11plAm0T
-NKVVwzPqe3ylhsQmmm02LHKX0gN4E1dUS0uClBbMGNq2mhln
------END PRIVATE KEY-----
 
-PublicKey=BOB_c2tnb239v2_PUB
+PublicKey=KAS-ECC-CDH_P-256_C23-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAwDPgAEYgV7bokY6iLMzZTG10c6NDaW11pl
-Am0TNKVVwzPqe3ylhsQmmm02LHKX0gN4E1dUS0uClBbMGNq2mhln
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEoZ73v/mK2ngYQvv8UaR6/zm1k1oc
+fZYlyNMj1RHJLebpwYTfdclV4C4C5AD/5F948znhr+bQVvsyRfRwDOYG7w==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_c2tnb239v2:BOB_c2tnb239v2_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_c2tnb239v2
-Availablein = default
-PeerKey=BOB_c2tnb239v2_PUB
-SharedSecret=4ba2ecfa8ec7a375594d1673886cccf96d7763c55611b3c9008a35160192
-
-# ECDH Bob with Alice peer
-Derive=BOB_c2tnb239v2
 Availablein = default
-PeerKey=ALICE_c2tnb239v2_PUB
-SharedSecret=4ba2ecfa8ec7a375594d1673886cccf96d7763c55611b3c9008a35160192
-
-# TEST CURVE c2tnb239v3
+Derive=KAS-ECC-CDH_P-256_C23
+PeerKey=KAS-ECC-CDH_P-256_C23-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=2e277ec30f5ea07d6ce513149b9479b96e07f4b6913b1b5c11305c1444a1bc0b
 
-PrivateKey=ALICE_c2tnb239v3
+PrivateKey=KAS-ECC-CDH_P-256_C24
 -----BEGIN PRIVATE KEY-----
-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwANBGcwZQIBAQQeCxiC5lbHYL1QYbb2
-izZiSoLPnWCZIds811J1N7KtoUADPgAEdHMz+tsuO7VcO9IFgsSWTweLoB1ah5WI
-g6cWrtcUfmO7EGfPwNni4Bf8No7rGGMwbisW0v6Jv2pkTSM8
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQghaJo+dd3L5kMNrQr
+CjMa3JK1lB3guGLV2Jo0fL+PqrChRANCAASc9LmFgcoXeUU8yBb/KLQQCvVs8b8u
+W8MS2DtrGyHTM3pVBPysUjGg0S1lghgoSGginIRKBKNFDWxzgavggL87
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_c2tnb239v3_PUB
+PublicKey=KAS-ECC-CDH_P-256_C24-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAA0DPgAEdHMz+tsuO7VcO9IFgsSWTweLoB1a
-h5WIg6cWrtcUfmO7EGfPwNni4Bf8No7rGGMwbisW0v6Jv2pkTSM8
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnPS5hYHKF3lFPMgW/yi0EAr1bPG/
+LlvDEtg7axsh0zN6VQT8rFIxoNEtZYIYKEhoIpyESgSjRQ1sc4Gr4IC/Ow==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_c2tnb239v3:ALICE_c2tnb239v3_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-256_C24:KAS-ECC-CDH_P-256_C24-PUBLIC
 
-PrivateKey=BOB_c2tnb239v3
------BEGIN PRIVATE KEY-----
-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwANBGcwZQIBAQQeBBPxdeU3MohZc5Jx
-7WadLuPSeXeOg75rXC1ElexsoUADPgAEaHwiwQmoqbPij8+l6hLHVQz0AZLBT5uX
-hAh8fhTABKqI7qYShICAAX0tvu3EvQ8BQLP14grxUsSoEqAF
------END PRIVATE KEY-----
 
-PublicKey=BOB_c2tnb239v3_PUB
+PublicKey=KAS-ECC-CDH_P-256_C24-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAA0DPgAEaHwiwQmoqbPij8+l6hLHVQz0AZLB
-T5uXhAh8fhTABKqI7qYShICAAX0tvu3EvQ8BQLP14grxUsSoEqAF
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAENWxaREwEmlL+4K3rfl2CrlqoMDC/
+/zG7+M4gls8WHEtX0SjeiypXoJTRoAHlchc/luiGauNSvynN2vkvyFsvkg==
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_c2tnb239v3:BOB_c2tnb239v3_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_c2tnb239v3
 Availablein = default
-PeerKey=BOB_c2tnb239v3_PUB
-SharedSecret=47ad60e5480375fccd9246c93ab04da8e5da83e1dbf5f177f10a47cb54a0
+Derive=KAS-ECC-CDH_P-256_C24
+PeerKey=KAS-ECC-CDH_P-256_C24-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=1e51373bd2c6044c129c436e742a55be2a668a85ae08441b6756445df5493857
 
-# ECDH Bob with Alice peer
-Derive=BOB_c2tnb239v3
-Availablein = default
-PeerKey=ALICE_c2tnb239v3_PUB
-SharedSecret=47ad60e5480375fccd9246c93ab04da8e5da83e1dbf5f177f10a47cb54a0
-
-# TEST CURVE c2pnb272w1
-
-PrivateKey=ALICE_c2pnb272w1
+PrivateKey=KAS-ECC-CDH_P-384_C0
 -----BEGIN PRIVATE KEY-----
-MIGMAgEAMBMGByqGSM49AgEGCCqGSM49AwAQBHIwcAIBAQQhAKMtKddENVGjzTU4
-w+hW0SgDOtIElcs52wb40S08j6gMoUgDRgAEfGvSzQo+00VXIDXV7iiGXpI16kzs
-6C8rkchA5sVBBY56nSCp0n4FpIXRzafiFQklJD9OrJzA6PXc7tp2n2XhIwvuOmI=
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDA8wxIqaPDZUCetOMBn
+kWug64w4iU0i4bFWGLaBimYXdK1GOyBdqIz2matNQ8nPmKGhZANiAASYA4B/L20v
+2WbN0CkL1BDAGQNS++x/9iR94TAt+G8l00/kqXvvYM/1SDVcAV27Pl+6Jspp7C9b
+XZ2tIMydpxE4Op2+NOo/paKvdbRlAmKa1U3Yt9c6irsGo6O+R9ZQzJk=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_c2pnb272w1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C0-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF0wEwYHKoZIzj0CAQYIKoZIzj0DABADRgAEfGvSzQo+00VXIDXV7iiGXpI16kzs
-6C8rkchA5sVBBY56nSCp0n4FpIXRzafiFQklJD9OrJzA6PXc7tp2n2XhIwvuOmI=
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEmAOAfy9tL9lmzdApC9QQwBkDUvvsf/Yk
+feEwLfhvJdNP5Kl772DP9Ug1XAFduz5fuibKaewvW12drSDMnacRODqdvjTqP6Wi
+r3W0ZQJimtVN2LfXOoq7BqOjvkfWUMyZ
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_c2pnb272w1:ALICE_c2pnb272w1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C0:KAS-ECC-CDH_P-384_C0-PUBLIC
 
-PrivateKey=BOB_c2pnb272w1
------BEGIN PRIVATE KEY-----
-MIGMAgEAMBMGByqGSM49AgEGCCqGSM49AwAQBHIwcAIBAQQhAFAKPByX1wlYUpU4
-mECDAxg+VM5aFo4JPlqEzR0b9hI6oUgDRgAEL8+863IU4uxbEY8jVBjhsrG4W6AF
-MF6t+aGvoiKHtEMLQa6U158TRapDWp4eRurm6Idvv7hepCPqOMEGySDUwMECiQM=
------END PRIVATE KEY-----
 
-PublicKey=BOB_c2pnb272w1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C0-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF0wEwYHKoZIzj0CAQYIKoZIzj0DABADRgAEL8+863IU4uxbEY8jVBjhsrG4W6AF
-MF6t+aGvoiKHtEMLQa6U158TRapDWp4eRurm6Idvv7hepCPqOMEGySDUwMECiQM=
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEp8drlww7X+iwXSg4rgSrR2l7nq9S52RZ
+Lv2if+dRMnJzRGa0AAka2/LWjFjgxQBmrGjxny4cuHmu1DqZabkaCDnEw4pJdJtm
+Hv7fJDRRkV7QkFoysGCZK0aMZHZvyEN6
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_c2pnb272w1:BOB_c2pnb272w1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_c2pnb272w1
-Availablein = default
-PeerKey=BOB_c2pnb272w1_PUB
-SharedSecret=3ae063b2bed6ba8aa28ff35e9bd2673f22ee8087860c86b89429a5b52538216632a3
-
-# ECDH Bob with Alice peer
-Derive=BOB_c2pnb272w1
 Availablein = default
-PeerKey=ALICE_c2pnb272w1_PUB
-SharedSecret=3ae063b2bed6ba8aa28ff35e9bd2673f22ee8087860c86b89429a5b52538216632a3
-
-# TEST CURVE c2pnb304w1
+Derive=KAS-ECC-CDH_P-384_C0
+PeerKey=KAS-ECC-CDH_P-384_C0-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=5f9d29dc5e31a163060356213669c8ce132e22f57c9a04f40ba7fcead493b457e5621e766c40a2e3d4d6a04b25e533f1
 
-PrivateKey=ALICE_c2pnb304w1
+PrivateKey=KAS-ECC-CDH_P-384_C1
 -----BEGIN PRIVATE KEY-----
-MIGYAgEAMBMGByqGSM49AgEGCCqGSM49AwARBH4wfAIBAQQlAOKzfcV2XOvVsSUh
-oVz3SHGzSCf0q9i+ilz5ZfBxc+5ssjK7jKFQA04ABDc4zQNFaZukj9iz3iXTYdza
-tCOYZvrfOjrbgzl/8PoFxt5q6yJTu35Vu9XVp5pTCtjpDEpywBj0xb07RRuVDEk8
-TthFP5vGeTIWLD4=
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCShgwhveBhZfjpAMaH
++O8KBdFPKQs/B9izqMxkBDZuXVEZzW0D+xLcWOifE9+c14OhZANiAATqQBj1owfD
+eRgL9qYv0s7O6+631N8GOmb7g4qjUkNBl5H34snUgDyTGaoOsDxBa2Zog1qRSE8F
+7wKChN9kNvuI/+urzdaasBM+ZzWhvPs3ID0Q00CoMop7aHcMp1h4oaY=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_c2pnb304w1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C1-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MGUwEwYHKoZIzj0CAQYIKoZIzj0DABEDTgAENzjNA0Vpm6SP2LPeJdNh3Nq0I5hm
-+t86OtuDOX/w+gXG3mrrIlO7flW71dWnmlMK2OkMSnLAGPTFvTtFG5UMSTxO2EU/
-m8Z5MhYsPg==
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE6kAY9aMHw3kYC/amL9LOzuvut9TfBjpm
++4OKo1JDQZeR9+LJ1IA8kxmqDrA8QWtmaINakUhPBe8CgoTfZDb7iP/rq83WmrAT
+Pmc1obz7NyA9ENNAqDKKe2h3DKdYeKGm
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_c2pnb304w1:ALICE_c2pnb304w1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C1:KAS-ECC-CDH_P-384_C1-PUBLIC
 
-PrivateKey=BOB_c2pnb304w1
------BEGIN PRIVATE KEY-----
-MIGYAgEAMBMGByqGSM49AgEGCCqGSM49AwARBH4wfAIBAQQlAPP4hz6sa+KdTJ4h
-fBeCUiJBfshcZoapkZMFrhI1vdcRY7MeAaFQA04ABMHRUzLiUY7O4nEBdmex31U4
-l6TO/dD+5MV/tVNizVsWjkTvi2fs772lZ9MeNp6QnGMZ5n5subHsa0QOJL1LpmXX
-K0UIWGbW0nQb52g=
------END PRIVATE KEY-----
 
-PublicKey=BOB_c2pnb304w1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C1-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MGUwEwYHKoZIzj0CAQYIKoZIzj0DABEDTgAEwdFTMuJRjs7icQF2Z7HfVTiXpM79
-0P7kxX+1U2LNWxaORO+LZ+zvvaVn0x42npCcYxnmfmy5sexrRA4kvUumZdcrRQhY
-ZtbSdBvnaA==
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEMPQ/zytrAN5T9iTxVDCQaBg5cX1Tx8lV
+0dae+vA0m3NjrLRHJAEBy7OvZkHOS4jgJeRsDFTwFip378wntup5IAKuK6gnFCmc
+hghXpoFTq2LlJewFMNgbWqFYl5gehYdX
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_c2pnb304w1:BOB_c2pnb304w1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_c2pnb304w1
-Availablein = default
-PeerKey=BOB_c2pnb304w1_PUB
-SharedSecret=6df88b20de9f095c7632234291ea4658a9265cd2293424e11ed56705b09a069f09dc4e055eb7
-
-# ECDH Bob with Alice peer
-Derive=BOB_c2pnb304w1
-Availablein = default
-PeerKey=ALICE_c2pnb304w1_PUB
-SharedSecret=6df88b20de9f095c7632234291ea4658a9265cd2293424e11ed56705b09a069f09dc4e055eb7
-
-# TEST CURVE c2tnb359v1
+Derive=KAS-ECC-CDH_P-384_C1
+PeerKey=KAS-ECC-CDH_P-384_C1-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=a23742a2c267d7425fda94b93f93bbcc24791ac51cd8fd501a238d40812f4cbfc59aac9520d758cf789c76300c69d2ff
 
-PrivateKey=ALICE_c2tnb359v1
+PrivateKey=KAS-ECC-CDH_P-384_C2
 -----BEGIN PRIVATE KEY-----
-MIGwAgEAMBMGByqGSM49AgEGCCqGSM49AwASBIGVMIGSAgEBBC0BeMU97SvjsIvQ
-1v+Ztf56OCL8JXHxRJDQZ5gWEa4c2b3FZXFVC4CwEPd7cB+hXgNcAAQOBgLp0TzS
-4Hf/VYbJCFuj3OlRC5JMzFV7ox41ubhl5Ij+gHIodu1bQ6cqd0YAb2/30PxwX++N
-NpFvq8u8435zhPYXsut6txOPNU5ZzCeagy2xsKacXSZc7D0=
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDASz2oiOnI1JUODDz8Y
+Uw1cs38miAoLKUSCyKjvivrQmqeLfcLyeJp4xmr10cxVOFOhZANiAAT8/OoIXoz3
+TQ3O0WILqEI2lPkDohm7+QGwtZ1qyBuq0xaiQroyvehcskgRm4Uvq2aXLjxox6tA
+LFg28qFu1FGjMSCndQpgOfP/FTiO5iK3Bl9xIr9tUa77wps3sDQEWBs=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_c2tnb359v1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C2-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHMwEwYHKoZIzj0CAQYIKoZIzj0DABIDXAAEDgYC6dE80uB3/1WGyQhbo9zpUQuS
-TMxVe6MeNbm4ZeSI/oByKHbtW0OnKndGAG9v99D8cF/vjTaRb6vLvON+c4T2F7Lr
-ercTjzVOWcwnmoMtsbCmnF0mXOw9
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE/PzqCF6M900NztFiC6hCNpT5A6IZu/kB
+sLWdasgbqtMWokK6Mr3oXLJIEZuFL6tmly48aMerQCxYNvKhbtRRozEgp3UKYDnz
+/xU4juYitwZfcSK/bVGu+8KbN7A0BFgb
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_c2tnb359v1:ALICE_c2tnb359v1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C2:KAS-ECC-CDH_P-384_C2-PUBLIC
 
-PrivateKey=BOB_c2tnb359v1
------BEGIN PRIVATE KEY-----
-MIGwAgEAMBMGByqGSM49AgEGCCqGSM49AwASBIGVMIGSAgEBBC0BRZ3IIh3mrLIX
-KBbh6Vj7TXNY5bzRuD5/ayHPlHQkJcd8K66dOqu7hgaN91GhXgNcAAQ7njbTQ2xY
-YZtkKswYr8E6P/R3Dg/XEZgQQ72B4qXnqbK/SgYsZAntFg7CRztcTkHjKAgdSz6f
-TRIc4///gwXN3Oi6D8PeswhzPJi/uLmCAHMm3GT6SUO3aTY=
------END PRIVATE KEY-----
 
-PublicKey=BOB_c2tnb359v1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C2-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHMwEwYHKoZIzj0CAQYIKoZIzj0DABIDXAAEO54200NsWGGbZCrMGK/BOj/0dw4P
-1xGYEEO9geKl56myv0oGLGQJ7RYOwkc7XE5B4ygIHUs+n00SHOP//4MFzdzoug/D
-3rMIczyYv7i5ggBzJtxk+klDt2k2
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEGu+/osbIyFWhohZ3RVC3miTNo3YHux98
+yQZlDuSzgW1o9qnHXabkJCzr+2ZS9lGAQZ0otyPrrbdlj867mtm3repnTx2j3Gtj
+l7VdoPYaPt2stKzbFEQcshSwSghEwC+j
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_c2tnb359v1:BOB_c2tnb359v1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_c2tnb359v1
-Availablein = default
-PeerKey=BOB_c2tnb359v1_PUB
-SharedSecret=1d3f3396492d130caea54233c79833e90a072fe883071bb08cec671ce0319f0bc39c68dda0199952152a5c3563
-
-# ECDH Bob with Alice peer
-Derive=BOB_c2tnb359v1
 Availablein = default
-PeerKey=ALICE_c2tnb359v1_PUB
-SharedSecret=1d3f3396492d130caea54233c79833e90a072fe883071bb08cec671ce0319f0bc39c68dda0199952152a5c3563
-
-# TEST CURVE c2pnb368w1
+Derive=KAS-ECC-CDH_P-384_C2
+PeerKey=KAS-ECC-CDH_P-384_C2-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=3d2e640f350805eed1ff43b40a72b2abed0a518bcebe8f2d15b111b6773223da3c3489121db173d414b5bd5ad7153435
 
-PrivateKey=ALICE_c2pnb368w1
+PrivateKey=KAS-ECC-CDH_P-384_C3
 -----BEGIN PRIVATE KEY-----
-MIGyAgEAMBMGByqGSM49AgEGCCqGSM49AwATBIGXMIGUAgEBBC0AFagbth/4/M2s
-b1G4FpxbFEVLIulioS34v0hrClpZ38/Z+PHmIhOfEFminyehYANeAAQAU42w7mII
-jkyAdnCC4qoEPdH42fh3oVyCtnaRtKUmdhUdXm0IgSM4T4SYEOsx+aQZLGIjnhHJ
-CabcaKPQ0sai3dirUr2YsNXNDJiU93T7buUr+DnRPGsfBy/nEg==
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCN1IBjo6BYwzS1zHpM
+4H0C5e5tjx88UaFgCWLLq0YmkK482XT7OeQLDoQ9qg/TLeGhZANiAATjjJhGJIEj
+w0IYYepNMmaae1w8CDdq0oEEOZSUyE/176OJStssbL6MPJE+8u7FvTyfqEAkoQKH
+lt+EAh97bJ0C8PS9GmEqA8v3WgvupD/viuhLSMYBcqrfCcGtAW0L884=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_c2pnb368w1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C3-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHUwEwYHKoZIzj0CAQYIKoZIzj0DABMDXgAEAFONsO5iCI5MgHZwguKqBD3R+Nn4
-d6FcgrZ2kbSlJnYVHV5tCIEjOE+EmBDrMfmkGSxiI54RyQmm3Gij0NLGot3Yq1K9
-mLDVzQyYlPd0+27lK/g50TxrHwcv5xI=
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE44yYRiSBI8NCGGHqTTJmmntcPAg3atKB
+BDmUlMhP9e+jiUrbLGy+jDyRPvLuxb08n6hAJKECh5bfhAIfe2ydAvD0vRphKgPL
+91oL7qQ/74roS0jGAXKq3wnBrQFtC/PO
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_c2pnb368w1:ALICE_c2pnb368w1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C3:KAS-ECC-CDH_P-384_C3-PUBLIC
 
-PrivateKey=BOB_c2pnb368w1
------BEGIN PRIVATE KEY-----
-MIGyAgEAMBMGByqGSM49AgEGCCqGSM49AwATBIGXMIGUAgEBBC0AA/woMzOFy8k2
-zBqBkubhkOIwc7sx0u+JadM9f7V45L4P8nK7bjJasOqrHRahYANeAATKE6jcstac
-H8yWzg/qBgvGoGan2PVwTN/U+68K4WxHO7+oPHviUh1OVF7ZxYjsVSdyno83iHE3
-3sq2Ej6j26f+uVs/fuWk19t8NpAQ6+sVETZszuMDm5adqtVZRQ==
------END PRIVATE KEY-----
 
-PublicKey=BOB_c2pnb368w1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C3-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHUwEwYHKoZIzj0CAQYIKoZIzj0DABMDXgAEyhOo3LLWnB/Mls4P6gYLxqBmp9j1
-cEzf1PuvCuFsRzu/qDx74lIdTlRe2cWI7FUncp6PN4hxN97KthI+o9un/rlbP37l
-pNfbfDaQEOvrFRE2bM7jA5uWnarVWUU=
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEi8CJMm7FW5z1mzTw63VNk1lsopD8s0RM
+g9TeOlYHA37Dl2g/jO8H6rL+NX6uNsRJ2dFs6KyFs/HpRWhSGq5TTmcTnjEOxyaT
+Umqi6Se1syLJWhoDPCKctncMlXzTFI3X
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_c2pnb368w1:BOB_c2pnb368w1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_c2pnb368w1
-Availablein = default
-PeerKey=BOB_c2pnb368w1_PUB
-SharedSecret=d191710b156d1b1d14242843a7f0abf28060bbb9e655655b53852a8b0f250ef1eee37d59364d9791c8e1bc526cbb
-
-# ECDH Bob with Alice peer
-Derive=BOB_c2pnb368w1
 Availablein = default
-PeerKey=ALICE_c2pnb368w1_PUB
-SharedSecret=d191710b156d1b1d14242843a7f0abf28060bbb9e655655b53852a8b0f250ef1eee37d59364d9791c8e1bc526cbb
-
-# TEST CURVE c2tnb431r1
+Derive=KAS-ECC-CDH_P-384_C3
+PeerKey=KAS-ECC-CDH_P-384_C3-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=6a42cfc392aba0bfd3d17b7ccf062b91fc09bbf3417612d02a90bdde62ae40c54bb2e56e167d6b70db670097eb8db854
 
-PrivateKey=ALICE_c2tnb431r1
+PrivateKey=KAS-ECC-CDH_P-384_C4
 -----BEGIN PRIVATE KEY-----
-MIHKAgEAMBMGByqGSM49AgEGCCqGSM49AwAUBIGvMIGsAgEBBDUC18JhUt+NCIZ/
-q6kdjNZ7zX72UqpW4K6Uc2bAWu2PXK1aL573LNzu4oUlHfbvuE1BUrxNpaFwA24A
-BDrG8SG4lckR1rrvLRpXYf7Wspmh/fbql+Zpulyl896XtwQK2BkLVRkZ5ixTG4PU
-yb64OiffdSnvIaM++cb7LgJLBBgT3d5le8V1gtxWFFm0NggUyF6glmUqHQL0LuhX
-WS468O6w05KS0AL6vQ==
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCE7ObMNCkwm9WyPpWX
+k+0rER7Fy0O2wYCF/K6p76BoXZimJi7g0zDuJQvIpn0Ocz+hZANiAAQyIgY6KZez
+Au5g7hlhEI/0x6zxwO8dX7DRZLhLznHEMXBcua6ppF9dc4BmVaBYvuPmH6nn++fN
+Q6v5lZaj06A56Z+p3JOwvdnK2Blm0X7q9VcGivp8eEZrtbIgMtEQD6Y=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_c2tnb431r1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C4-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGFMBMGByqGSM49AgEGCCqGSM49AwAUA24ABDrG8SG4lckR1rrvLRpXYf7Wspmh
-/fbql+Zpulyl896XtwQK2BkLVRkZ5ixTG4PUyb64OiffdSnvIaM++cb7LgJLBBgT
-3d5le8V1gtxWFFm0NggUyF6glmUqHQL0LuhXWS468O6w05KS0AL6vQ==
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEMiIGOimXswLuYO4ZYRCP9Mes8cDvHV+w
+0WS4S85xxDFwXLmuqaRfXXOAZlWgWL7j5h+p5/vnzUOr+ZWWo9OgOemfqdyTsL3Z
+ytgZZtF+6vVXBor6fHhGa7WyIDLREA+m
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_c2tnb431r1:ALICE_c2tnb431r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C4:KAS-ECC-CDH_P-384_C4-PUBLIC
 
-PrivateKey=BOB_c2tnb431r1
------BEGIN PRIVATE KEY-----
-MIHKAgEAMBMGByqGSM49AgEGCCqGSM49AwAUBIGvMIGsAgEBBDUApanyPgvpfrAu
-1jNAKGpctH71v0+P/kFF9JxdFYarpWEwBBd4tz6CxoYKmvDZ9ukOOqBbX6FwA24A
-BGh3JXuYmh6dGGEmbRhoR2T5pVD/5Mq2ZKKzfzY2NOoKiIs6rVzv2SW7S6BScYlR
-qRWiXCeZVFvT0crDY/5uodkHbcRw6B/Yo/iMN8wLI257Tjm9/C5G+JPCLopCcLIL
-gTwAJM2ZhtPnc08LyQ==
------END PRIVATE KEY-----
 
-PublicKey=BOB_c2tnb431r1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C4-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGFMBMGByqGSM49AgEGCCqGSM49AwAUA24ABGh3JXuYmh6dGGEmbRhoR2T5pVD/
-5Mq2ZKKzfzY2NOoKiIs6rVzv2SW7S6BScYlRqRWiXCeZVFvT0crDY/5uodkHbcRw
-6B/Yo/iMN8wLI257Tjm9/C5G+JPCLopCcLILgTwAJM2ZhtPnc08LyQ==
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE65UuLZrAwgxsxI+yJcKtFU9TyHULAD/T
+tO2O0dwN76xhvN3gKivP7nBn1100LtKw8YKCBbrs6C0bJn0Nf/L5yeFbaact9HBY
+qX84kQBdH7OIWPVgPehA5ZHfpPbn1Inh
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_c2tnb431r1:BOB_c2tnb431r1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_c2tnb431r1
-Availablein = default
-PeerKey=BOB_c2tnb431r1_PUB
-SharedSecret=4c4d7d387843ff5152f22f101b0609238819357fae2ccc9097b818e383ef6809cb46671fb514009d4d1d3d0119fba265107302e95748
-
-# ECDH Bob with Alice peer
-Derive=BOB_c2tnb431r1
 Availablein = default
-PeerKey=ALICE_c2tnb431r1_PUB
-SharedSecret=4c4d7d387843ff5152f22f101b0609238819357fae2ccc9097b818e383ef6809cb46671fb514009d4d1d3d0119fba265107302e95748
-
-# TEST CURVE wap-wsg-idm-ecid-wtls1
+Derive=KAS-ECC-CDH_P-384_C4
+PeerKey=KAS-ECC-CDH_P-384_C4-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=ce7ba454d4412729a32bb833a2d1fd2ae612d4667c3a900e069214818613447df8c611de66da200db7c375cf913e4405
 
-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls1
+PrivateKey=KAS-ECC-CDH_P-384_C5
 -----BEGIN PRIVATE KEY-----
-MFACAQAwEAYHKoZIzj0CAQYFZysBBAEEOTA3AgEBBA5Xu91qBwxTDmhD/30Kf6Ei
-AyAABAFQSZ0G+afa1x4KwUzBjQEWFNdZoF6UNYGkCRINyg==
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBo/OISHcOh43sQ8d3j
+Cfni4Y+sR80XcJUUUcNITNt3yxNtAOcxJgWXzChZYBwBoluhZANiAASGi+DmlIQY
+MOQk2RPY59hrhO4QIdgrDs9SPwn+iadsDJXEny37z4KcHjlwnVXvuzuRlesYNnW0
+D9kvUfN3EzF+SptPcVyKsi4Hc7G8cdOiGfBbgRYHRljuhrUuNvOJcRY=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_wap-wsg-idm-ecid-wtls1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C5-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDQwEAYHKoZIzj0CAQYFZysBBAEDIAAEAVBJnQb5p9rXHgrBTMGNARYU11mgXpQ1
-gaQJEg3K
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEhovg5pSEGDDkJNkT2OfYa4TuECHYKw7P
+Uj8J/omnbAyVxJ8t+8+CnB45cJ1V77s7kZXrGDZ1tA/ZL1HzdxMxfkqbT3FcirIu
+B3OxvHHTohnwW4EWB0ZY7oa1LjbziXEW
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls1:ALICE_wap-wsg-idm-ecid-wtls1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C5:KAS-ECC-CDH_P-384_C5-PUBLIC
 
-PrivateKey=BOB_wap-wsg-idm-ecid-wtls1
------BEGIN PRIVATE KEY-----
-MFACAQAwEAYHKoZIzj0CAQYFZysBBAEEOTA3AgEBBA5aU6CQ474Z1fH3xAtn/6Ei
-AyAABAFpb4GTc+5vf5nkt4zLxwGZQ6qSbYlH8pUbpvwcqA==
------END PRIVATE KEY-----
 
-PublicKey=BOB_wap-wsg-idm-ecid-wtls1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C5-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDQwEAYHKoZIzj0CAQYFZysBBAEDIAAEAWlvgZNz7m9/meS3jMvHAZlDqpJtiUfy
-lRum/Byo
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAERB0CniROtxaNZH1N9Q219OSXSrP9rwIq
+/wWLNpXQuMgUzIjaYoXcbfGsVcVTiFAD6AJawjpB1LHqKqRsUMbkeZRrWbbXZJfN
+kkmXfgv+SmJiYi8T1Co8Q9Zr27MEA8NF
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls1:BOB_wap-wsg-idm-ecid-wtls1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_wap-wsg-idm-ecid-wtls1
-Availablein = default
-PeerKey=BOB_wap-wsg-idm-ecid-wtls1_PUB
-SharedSecret=0000fc6e280987e8b9bf6e3c7fa003
-
-# ECDH Bob with Alice peer
-Derive=BOB_wap-wsg-idm-ecid-wtls1
 Availablein = default
-PeerKey=ALICE_wap-wsg-idm-ecid-wtls1_PUB
-SharedSecret=0000fc6e280987e8b9bf6e3c7fa003
-
-# TEST CURVE wap-wsg-idm-ecid-wtls3
+Derive=KAS-ECC-CDH_P-384_C5
+PeerKey=KAS-ECC-CDH_P-384_C5-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=ba69f0acdf3e1ca95caaac4ecaf475bbe51b54777efce01ca381f45370e486fe87f9f419b150c61e329a286d1aa265ec
 
-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls3
+PrivateKey=KAS-ECC-CDH_P-384_C6
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFZysBBAMETDBKAgEBBBUBN2FFgQiz4KPJ9GEsrj5B
-m908ifuhLgMsAAQBV21Tx3v8+1wFKq7PiloR1CxzmlUDvnyXrs4mNmc5Ns38mzPe
-NueQNo0=
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCxdkxUiX56rm3p53Uf
+LzfehJKR+I8PkQkxVbhY0cwyo6h5gPcGuGzIP5J739vq4L2hZANiAATDcSIv6qZ3
+DG8+o+DayXQN70/PghN4t/kf+TfCHgRw9w86MdXGspEhlfEJJpQrSK4EfWtNdlEj
+Vj+BEWvGZbe4zGIHgw2AX9hNp8uAWmW6p8Ev1ZLRtbXj5l2WcqnvdmI=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_wap-wsg-idm-ecid-wtls3_PUB
+PublicKey=KAS-ECC-CDH_P-384_C6-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFZysBBAMDLAAEAVdtU8d7/PtcBSquz4paEdQsc5pVA758
-l67OJjZnOTbN/Jsz3jbnkDaN
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw3EiL+qmdwxvPqPg2sl0De9Pz4ITeLf5
+H/k3wh4EcPcPOjHVxrKRIZXxCSaUK0iuBH1rTXZRI1Y/gRFrxmW3uMxiB4MNgF/Y
+TafLgFpluqfBL9WS0bW14+ZdlnKp73Zi
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls3:ALICE_wap-wsg-idm-ecid-wtls3_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C6:KAS-ECC-CDH_P-384_C6-PUBLIC
 
-PrivateKey=BOB_wap-wsg-idm-ecid-wtls3
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFZysBBAMETDBKAgEBBBUA/0Ust7IoJ526zn2wiWBu
-rR5NeSWhLgMsAAQB7d+/zMMti4djhlVnaGqaqonbmo4Cv+iKT1cF3nzXV/KXHSJI
-p9iZeas=
------END PRIVATE KEY-----
 
-PublicKey=BOB_wap-wsg-idm-ecid-wtls3_PUB
+PublicKey=KAS-ECC-CDH_P-384_C6-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFZysBBAMDLAAEAe3fv8zDLYuHY4ZVZ2hqmqqJ25qOAr/o
-ik9XBd5811fylx0iSKfYmXmr
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEPU5r8IpzQErMwWKYc0aOQmnoLZDYMuWK
+1yFCY5taBWrY01xmxg6BSfrAx5e863wvmwMI3H8ObSn4wnesvGWiHlrbg9EeaHO8
+Cgf9oJl/SCUEYC9Z4QvFy0drg9Ck915x
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls3:BOB_wap-wsg-idm-ecid-wtls3_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_wap-wsg-idm-ecid-wtls3
-Availablein = default
-PeerKey=BOB_wap-wsg-idm-ecid-wtls3_PUB
-SharedSecret=00cf1d850f396436be68f1e5502935853ed054511f
-
-# ECDH Bob with Alice peer
-Derive=BOB_wap-wsg-idm-ecid-wtls3
 Availablein = default
-PeerKey=ALICE_wap-wsg-idm-ecid-wtls3_PUB
-SharedSecret=00cf1d850f396436be68f1e5502935853ed054511f
-
-# TEST CURVE wap-wsg-idm-ecid-wtls4
+Derive=KAS-ECC-CDH_P-384_C6
+PeerKey=KAS-ECC-CDH_P-384_C6-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=1a6688ee1d6e59865d8e3ada37781d36bb0c2717eef92e61964d3927cb765c2965ea80f7f63e58c322ba0397faeaf62b
 
-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls4
+PrivateKey=KAS-ECC-CDH_P-384_C7
 -----BEGIN PRIVATE KEY-----
-MFECAQAwEAYHKoZIzj0CAQYFZysBBAQEOjA4AgEBBA8AsuEGufSNSrDPu3Y1Namh
-IgMgAAQAcvPRbArskeBs6W2oOesAHMQo8Lk/FHcYKUfMOKY=
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDw96lucNmP1aMK1kBs
+9W61typRDp8ZL1Dh+EUk2/PSQ59yh7s29aqRKnneqrSt6oKhZANiAASZyMQcsate
+CFSjRuSwilN8FwamFVM4fI2UlDqxUZbUDbqlW4IQp3pdAJFfLE6mnqtVMQZb3PF7
++zy1WgLkGlfH9pTDg60on5APvWVsIjOpPJLpM+eib1TLtW8K2HXFG7A=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_wap-wsg-idm-ecid-wtls4_PUB
+PublicKey=KAS-ECC-CDH_P-384_C7-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDQwEAYHKoZIzj0CAQYFZysBBAQDIAAEAHLz0WwK7JHgbOltqDnrABzEKPC5PxR3
-GClHzDim
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEmcjEHLGrXghUo0bksIpTfBcGphVTOHyN
+lJQ6sVGW1A26pVuCEKd6XQCRXyxOpp6rVTEGW9zxe/s8tVoC5BpXx/aUw4OtKJ+Q
+D71lbCIzqTyS6TPnom9Uy7VvCth1xRuw
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls4:ALICE_wap-wsg-idm-ecid-wtls4_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C7:KAS-ECC-CDH_P-384_C7-PUBLIC
 
-PrivateKey=BOB_wap-wsg-idm-ecid-wtls4
------BEGIN PRIVATE KEY-----
-MFECAQAwEAYHKoZIzj0CAQYFZysBBAQEOjA4AgEBBA8AFJwmUkKbWdmzvqv+AbWh
-IgMgAAQBriOJSyRL4ro55CbCwekBluEKwIfP64OfJCEfWTU=
------END PRIVATE KEY-----
 
-PublicKey=BOB_wap-wsg-idm-ecid-wtls4_PUB
+PublicKey=KAS-ECC-CDH_P-384_C7-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDQwEAYHKoZIzj0CAQYFZysBBAQDIAAEAa4jiUskS+K6OeQmwsHpAZbhCsCHz+uD
-nyQhH1k1
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE9fa+8dEQ2gO+ABfqx2DMNLJNCS9zbyN7
+xwVLOGUxKoE7y2LSl/sQpPer9UcI/i09Bv3419wDL04QAQvxnL9hWTISUv9BX7kZ
+INQ48k5n5gwusEYyBGefo1avRM6pyev1
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls4:BOB_wap-wsg-idm-ecid-wtls4_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_wap-wsg-idm-ecid-wtls4
-Availablein = default
-PeerKey=BOB_wap-wsg-idm-ecid-wtls4_PUB
-SharedSecret=01076232302ca32b5f3daf075e5213
-
-# ECDH Bob with Alice peer
-Derive=BOB_wap-wsg-idm-ecid-wtls4
 Availablein = default
-PeerKey=ALICE_wap-wsg-idm-ecid-wtls4_PUB
-SharedSecret=01076232302ca32b5f3daf075e5213
-
-# TEST CURVE wap-wsg-idm-ecid-wtls5
+Derive=KAS-ECC-CDH_P-384_C7
+PeerKey=KAS-ECC-CDH_P-384_C7-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=d06a568bf2336b90cbac325161be7695eacb2295f599500d787f072612aca313ee5d874f807ddef6c1f023fe2b6e7cd0
 
-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls5
+PrivateKey=KAS-ECC-CDH_P-384_C8
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFZysBBAUETDBKAgEBBBUCmngbaO2S//Ta0ZUhn/nb
-ZydTKD+hLgMsAAQA1792id3hLIu2z0KECkBCUbTSP9UFLu2FTJkLa8qP4ZIrBt5F
-XKJo2Dw=
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCe+4fdxh1DxIK6ZuGx
+Q672ePvQ0b68IACUH6vmd/5bcGv3j8420QCxfMeH6tdLvKKhZANiAARMNO/ujwyV
+Vl0gZdG7rCot0lrpZDIOtrzO3F86m0KogaGvyhu2uIBYT6J7AcGTzZLY+wHb980K
+OGjCa5UfOTw8VsKFjO6QH3eT/10nGSXROkH45SQJ9OuhmQ8zrLC6xmk=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_wap-wsg-idm-ecid-wtls5_PUB
+PublicKey=KAS-ECC-CDH_P-384_C8-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFZysBBAUDLAAEANe/dond4SyLts9ChApAQlG00j/VBS7t
-hUyZC2vKj+GSKwbeRVyiaNg8
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAETDTv7o8MlVZdIGXRu6wqLdJa6WQyDra8
+ztxfOptCqIGhr8obtriAWE+iewHBk82S2PsB2/fNCjhowmuVHzk8PFbChYzukB93
+k/9dJxkl0TpB+OUkCfTroZkPM6ywusZp
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls5:ALICE_wap-wsg-idm-ecid-wtls5_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C8:KAS-ECC-CDH_P-384_C8-PUBLIC
 
-PrivateKey=BOB_wap-wsg-idm-ecid-wtls5
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFZysBBAUETDBKAgEBBBUBraa4aeYxHd9HJ0vLIoCw
-auGKd9yhLgMsAAQHzc2FgfJGasNlMcJNDDrNQElhA1cHD4izqEedmC3ueMu72/Sp
-VF2Ppig=
------END PRIVATE KEY-----
 
-PublicKey=BOB_wap-wsg-idm-ecid-wtls5_PUB
+PublicKey=KAS-ECC-CDH_P-384_C8-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFZysBBAUDLAAEB83NhYHyRmrDZTHCTQw6zUBJYQNXBw+I
-s6hHnZgt7njLu9v0qVRdj6Yo
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEfN7Hfgc36jfGe4m3E3/jiBgBD0RkQ47k
+0dNaDEiMrT/eLzfQCIXTbTt5W5+T0jpnKMQu6NYCfFbPl5ukwin9sB0jSUT4rEM2
+UBEsPPDwKEToiKNWnf73goqKiEWJqgVe
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls5:BOB_wap-wsg-idm-ecid-wtls5_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_wap-wsg-idm-ecid-wtls5
-Availablein = default
-PeerKey=BOB_wap-wsg-idm-ecid-wtls5_PUB
-SharedSecret=066091c591278f5b949106052b2546aacc20917c20
-
-# ECDH Bob with Alice peer
-Derive=BOB_wap-wsg-idm-ecid-wtls5
 Availablein = default
-PeerKey=ALICE_wap-wsg-idm-ecid-wtls5_PUB
-SharedSecret=066091c591278f5b949106052b2546aacc20917c20
-
-# TEST CURVE wap-wsg-idm-ecid-wtls6
+Derive=KAS-ECC-CDH_P-384_C8
+PeerKey=KAS-ECC-CDH_P-384_C8-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=bb3b1eda9c6560d82ff5bee403339f1e80342338a991344853b56b24f109a4d94b92f654f0425edd4c205903d7586104
 
-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls6
+PrivateKey=KAS-ECC-CDH_P-384_C9
 -----BEGIN PRIVATE KEY-----
-ME4CAQAwEAYHKoZIzj0CAQYFZysBBAYENzA1AgEBBA5LJwRNrPNMwGyoBP95a6Eg
-Ax4ABMZxFi711Wl5r7tb1XJ9fJ3H1W1MKvVrYvfmNFo=
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDXh6V/3iLsZWoKUlzz
+xzizDXOvYedD6pCJPsste2Iq3S+U7iXCFxRnr7CT8/hNABihZANiAAQXFUaSO4ey
+y7rWZPAc6TK/CdamEYFoZ4RGv6nwk4YIy0ZnqY9OyKwUYihcJQj3SGL6QctNtorn
+Hx+KPok53FLC3sYag8mDvrKgK68p7EkngIiILtDPVsdLXBc7VSzPY88=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_wap-wsg-idm-ecid-wtls6_PUB
+PublicKey=KAS-ECC-CDH_P-384_C9-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDIwEAYHKoZIzj0CAQYFZysBBAYDHgAExnEWLvXVaXmvu1vVcn18ncfVbUwq9Wti
-9+Y0Wg==
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEFxVGkjuHssu61mTwHOkyvwnWphGBaGeE
+Rr+p8JOGCMtGZ6mPTsisFGIoXCUI90hi+kHLTbaK5x8fij6JOdxSwt7GGoPJg76y
+oCuvKexJJ4CIiC7Qz1bHS1wXO1Usz2PP
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls6:ALICE_wap-wsg-idm-ecid-wtls6_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C9:KAS-ECC-CDH_P-384_C9-PUBLIC
 
-PrivateKey=BOB_wap-wsg-idm-ecid-wtls6
------BEGIN PRIVATE KEY-----
-ME4CAQAwEAYHKoZIzj0CAQYFZysBBAYENzA1AgEBBA63i1z4Kl8BEE1I3CYU9KEg
-Ax4ABG3Ft5F8wvnGimUAmGQrfqAlVJKdzhNSa3v47Kc=
------END PRIVATE KEY-----
 
-PublicKey=BOB_wap-wsg-idm-ecid-wtls6_PUB
+PublicKey=KAS-ECC-CDH_P-384_C9-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDIwEAYHKoZIzj0CAQYFZysBBAYDHgAEbcW3kXzC+caKZQCYZCt+oCVUkp3OE1Jr
-e/jspw==
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEju6joxnI35n7wpy1XyQ6cg2VUJUV7lzF
+h6XFriL7vQCeYm2z6RHe8LmaT3rjBLG6c4d9yU25rd3A2aSyTol2wi1zyEQ3Dh7o
+V/jRsSmjvV9j9AyvO9BTPjil9XdwdP+e
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls6:BOB_wap-wsg-idm-ecid-wtls6_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_wap-wsg-idm-ecid-wtls6
-Availablein = default
-PeerKey=BOB_wap-wsg-idm-ecid-wtls6_PUB
-SharedSecret=8d184455748c56115ba2183070b0
-
-# ECDH Bob with Alice peer
-Derive=BOB_wap-wsg-idm-ecid-wtls6
 Availablein = default
-PeerKey=ALICE_wap-wsg-idm-ecid-wtls6_PUB
-SharedSecret=8d184455748c56115ba2183070b0
-
-# TEST CURVE wap-wsg-idm-ecid-wtls7
+Derive=KAS-ECC-CDH_P-384_C9
+PeerKey=KAS-ECC-CDH_P-384_C9-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=1e97b60add7cb35c7403dd884c0a75795b7683fff8b49f9d8672a8206bfdcf0a106b8768f983258c74167422e44e4d14
 
-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls7
+PrivateKey=KAS-ECC-CDH_P-384_C10
 -----BEGIN PRIVATE KEY-----
-MGECAQAwEAYHKoZIzj0CAQYFZysBBAcESjBIAgEBBBUAueoisiN+luJEy0wdiI7j
-cALlTqChLAMqAAQ/FWsGxD8vuvEFWXfWReOqvBzqWrF9mdMeTeOE1y9r9POOIUVJ
-PNtL
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCD1w97Fk2fTCJ8dnBG
+sg6zTfx3j1OH4y6DSx5trsIO24ylu0GSCT9UO2jmrrfOeIuhZANiAARXzXcPO7y+
+DHjHcOqwsWm8ReE5+GN4/64cKxaWZyfC8utyRXK48+sijRMNtP+GLGN+xciBO2hV
+WNg+kk8UvHGfbreuDLssR0Inxb2ohjek8mxkgXkpr5mVktpveHSQMy8=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_wap-wsg-idm-ecid-wtls7_PUB
+PublicKey=KAS-ECC-CDH_P-384_C10-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MD4wEAYHKoZIzj0CAQYFZysBBAcDKgAEPxVrBsQ/L7rxBVl31kXjqrwc6lqxfZnT
-Hk3jhNcva/TzjiFFSTzbSw==
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEV813Dzu8vgx4x3DqsLFpvEXhOfhjeP+u
+HCsWlmcnwvLrckVyuPPrIo0TDbT/hixjfsXIgTtoVVjYPpJPFLxxn263rgy7LEdC
+J8W9qIY3pPJsZIF5Ka+ZlZLab3h0kDMv
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls7:ALICE_wap-wsg-idm-ecid-wtls7_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C10:KAS-ECC-CDH_P-384_C10-PUBLIC
 
-PrivateKey=BOB_wap-wsg-idm-ecid-wtls7
------BEGIN PRIVATE KEY-----
-MGECAQAwEAYHKoZIzj0CAQYFZysBBAcESjBIAgEBBBUAr42vKjbUXFak2mVzFYpu
-yhN/cDyhLAMqAASJZpuFg+n8vscuq+pqfFFPYemnfLdhdAB4JodfR3J5Bzu67hEm
-bIKQ
------END PRIVATE KEY-----
 
-PublicKey=BOB_wap-wsg-idm-ecid-wtls7_PUB
+PublicKey=KAS-ECC-CDH_P-384_C10-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MD4wEAYHKoZIzj0CAQYFZysBBAcDKgAEiWabhYPp/L7HLqvqanxRT2Hpp3y3YXQA
-eCaHX0dyeQc7uu4RJmyCkA==
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEpyH2otRSdBGDSxPU06M8Kb64OrdoJGXG
+y69mJKym6ljDDrDyndhCiGaVQA1yVPIPFLpuJjVRCa01EpNm1eOmQK55hQWn+lWp
+aja12tM94AR09mcPUiIU3XlSFAqwp+to
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls7:BOB_wap-wsg-idm-ecid-wtls7_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_wap-wsg-idm-ecid-wtls7
-Availablein = default
-PeerKey=BOB_wap-wsg-idm-ecid-wtls7_PUB
-SharedSecret=990eda6a0406caef965018b97c94d0faa200f6e4
-
-# ECDH Bob with Alice peer
-Derive=BOB_wap-wsg-idm-ecid-wtls7
 Availablein = default
-PeerKey=ALICE_wap-wsg-idm-ecid-wtls7_PUB
-SharedSecret=990eda6a0406caef965018b97c94d0faa200f6e4
-
-# TEST CURVE wap-wsg-idm-ecid-wtls8
+Derive=KAS-ECC-CDH_P-384_C10
+PeerKey=KAS-ECC-CDH_P-384_C10-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=1023478840e54775bfc69293a3cf97f5bc914726455c66538eb5623e218feef7df4befa23e09d77145ad577db32b41f9
 
-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls8
+PrivateKey=KAS-ECC-CDH_P-384_C11
 -----BEGIN PRIVATE KEY-----
-ME8CAQAwEAYHKoZIzj0CAQYFZysBBAgEODA2AgEBBA8A1m62ffl6niuM46XOUyih
-IAMeAAT4mqYAoe7NEtKfEMQs2ofInhZRZCFrFU5cjEWi
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCPVY4FgYuI7Tg9X8qW
+LlNBPbGg5GN+2hlPdhlEy+oRSrnV2hdafVeIJVCw5DLzlamhZANiAASaL1f0hnzn
+U9crDZUZXfb5bB+uk09gLv17alRYL1Vs+lOdiQBcou2sCK2bct0fYLrZuU7oLanM
+YB80YESZi6OHruVkBNxuzIqytZBEMxnQsrYXb50OrC1EZ47VYWB9Cak=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_wap-wsg-idm-ecid-wtls8_PUB
+PublicKey=KAS-ECC-CDH_P-384_C11-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDIwEAYHKoZIzj0CAQYFZysBBAgDHgAE+JqmAKHuzRLSnxDELNqHyJ4WUWQhaxVO
-XIxFog==
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEmi9X9IZ851PXKw2VGV32+WwfrpNPYC79
+e2pUWC9VbPpTnYkAXKLtrAitm3LdH2C62blO6C2pzGAfNGBEmYujh67lZATcbsyK
+srWQRDMZ0LK2F2+dDqwtRGeO1WFgfQmp
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls8:ALICE_wap-wsg-idm-ecid-wtls8_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C11:KAS-ECC-CDH_P-384_C11-PUBLIC
 
-PrivateKey=BOB_wap-wsg-idm-ecid-wtls8
------BEGIN PRIVATE KEY-----
-ME8CAQAwEAYHKoZIzj0CAQYFZysBBAgEODA2AgEBBA8AegTrLoMRyPl4U4xOdg6h
-IAMeAATQKkyQ3jL2Eku6C+vSQazbjjSkzNe67Occqj2P
------END PRIVATE KEY-----
 
-PublicKey=BOB_wap-wsg-idm-ecid-wtls8_PUB
+PublicKey=KAS-ECC-CDH_P-384_C11-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MDIwEAYHKoZIzj0CAQYFZysBBAgDHgAE0CpMkN4y9hJLugvr0kGs2440pMzXuuzn
-HKo9jw==
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE2IKoUFwtXLm4hR/Gdmd7sAh2ga1T+s66
+Fzgoa0WCdWHn2je4gCdsZWz8OLMq3oR+NLMUvcE0V1ZUVzz/r0BEXaLmqvmH9+kT
+zUwwkVIwWJhKJdjyHagyYZJFbGoPpfYM
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls8:BOB_wap-wsg-idm-ecid-wtls8_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_wap-wsg-idm-ecid-wtls8
-Availablein = default
-PeerKey=BOB_wap-wsg-idm-ecid-wtls8_PUB
-SharedSecret=7524c547bd6b26644ce70571cb06
-
-# ECDH Bob with Alice peer
-Derive=BOB_wap-wsg-idm-ecid-wtls8
 Availablein = default
-PeerKey=ALICE_wap-wsg-idm-ecid-wtls8_PUB
-SharedSecret=7524c547bd6b26644ce70571cb06
-
-# TEST CURVE wap-wsg-idm-ecid-wtls9
+Derive=KAS-ECC-CDH_P-384_C11
+PeerKey=KAS-ECC-CDH_P-384_C11-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=6ad6b9dc8a6cf0d3691c501cbb967867f6e4bbb764b60dbff8fcff3ed42dbba39d63cf325b4b4078858495ddee75f954
 
-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls9
+PrivateKey=KAS-ECC-CDH_P-384_C12
 -----BEGIN PRIVATE KEY-----
-MGECAQAwEAYHKoZIzj0CAQYFZysBBAkESjBIAgEBBBUAE0376NvzsIXi6XadrVn4
-06obTRChLAMqAARbC1yw9f1uBOVlMf5ZFQewTgyc81Aqh2TFMSRfujCIhdvGTYgR
-tu6F
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAPXe4K/6e78jnV3/Mp
+h+u3z4T8zu1kPh08YtCzNSrsI7blrH+kEFyMsmEmrS0YksuhZANiAAQjNGvfvJ18
+fHNuAr32B2cf9ggv3SczSovHXzsjaB6+YU0Fl91hT65YZ3yDWp8LJzuCujYpDS+U
+20FHnrRatOr2eSiiMVE41Z7sybUoXf3dZxT3dVchbqRMxvwRnYJD768=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_wap-wsg-idm-ecid-wtls9_PUB
+PublicKey=KAS-ECC-CDH_P-384_C12-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MD4wEAYHKoZIzj0CAQYFZysBBAkDKgAEWwtcsPX9bgTlZTH+WRUHsE4MnPNQKodk
-xTEkX7owiIXbxk2IEbbuhQ==
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEIzRr37ydfHxzbgK99gdnH/YIL90nM0qL
+x187I2gevmFNBZfdYU+uWGd8g1qfCyc7gro2KQ0vlNtBR560WrTq9nkoojFRONWe
+7Mm1KF393WcU93VXIW6kTMb8EZ2CQ++v
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls9:ALICE_wap-wsg-idm-ecid-wtls9_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C12:KAS-ECC-CDH_P-384_C12-PUBLIC
 
-PrivateKey=BOB_wap-wsg-idm-ecid-wtls9
------BEGIN PRIVATE KEY-----
-MGECAQAwEAYHKoZIzj0CAQYFZysBBAkESjBIAgEBBBUAd2kfMclaJU2bg8ayTrjZ
-oolI82yhLAMqAAQ0NeW9TKhQeFrrTyMR9Gb55+BneCQSByAShM8Dn3V1FFYz7n0y
-bvBX
------END PRIVATE KEY-----
 
-PublicKey=BOB_wap-wsg-idm-ecid-wtls9_PUB
+PublicKey=KAS-ECC-CDH_P-384_C12-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MD4wEAYHKoZIzj0CAQYFZysBBAkDKgAENDXlvUyoUHha608jEfRm+efgZ3gkEgcg
-EoTPA591dRRWM+59Mm7wVw==
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEgVyddz2/X7ahuGeZlmJH9ABqI8kuaMVe
+nqqZixfYgy3U2E2SfYMdT2jaxnxkiCGf55JplIsmEUhFYP1JD+7Ih8tV75mktSSI
+D6dJnWoHKDquKvoz/quX3spAvGBsTYdk
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls9:BOB_wap-wsg-idm-ecid-wtls9_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_wap-wsg-idm-ecid-wtls9
-Availablein = default
-PeerKey=BOB_wap-wsg-idm-ecid-wtls9_PUB
-SharedSecret=5ca1d9eed44def2c390fd5bbb16ca2c3a09eb7b1
-
-# ECDH Bob with Alice peer
-Derive=BOB_wap-wsg-idm-ecid-wtls9
 Availablein = default
-PeerKey=ALICE_wap-wsg-idm-ecid-wtls9_PUB
-SharedSecret=5ca1d9eed44def2c390fd5bbb16ca2c3a09eb7b1
-
-# TEST CURVE wap-wsg-idm-ecid-wtls10
+Derive=KAS-ECC-CDH_P-384_C12
+PeerKey=KAS-ECC-CDH_P-384_C12-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=cc9e063566d46b357b3fcae21827377331e5e290a36e60cd7c39102b828ae0b918dc5a02216b07fe6f1958d834e42437
 
-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls10
+PrivateKey=KAS-ECC-CDH_P-384_C13
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFZysBBAoEZjBkAgEBBB01TDgjIGd+gXPZ4esQnWzz
-/y1vzJniUBM5XNyPq6FAAz4ABAHVs5gYpbJzqyO8Lk3nkTwhu4BuXb4wtrgGcY2L
-TwGxkC4Zq4aqLowsexGjVa0IjGKdWz5/TfwLwGpN4A==
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDADe2M7W4uoV8D8hWVo
+aCMuL+v1lXhxg5G4HahUGgC/5TwwrgQVGEfydJn416utjPShZANiAASIeKyKlH99
+XLK0eq0k+7ghDYYSZYU5mihx+Eqpxf3jB0rlQMa/gidcqCLQ/rhivHRjL1zS+QDC
+cRwy+JMHKOtkfTHt2NZQ+WVOfTPl7RtHVInQjaow2MvLpr/Dtg2bWjc=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_wap-wsg-idm-ecid-wtls10_PUB
+PublicKey=KAS-ECC-CDH_P-384_C13-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFZysBBAoDPgAEAdWzmBilsnOrI7wuTeeRPCG7gG5dvjC2
-uAZxjYtPAbGQLhmrhqoujCx7EaNVrQiMYp1bPn9N/AvAak3g
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEiHisipR/fVyytHqtJPu4IQ2GEmWFOZoo
+cfhKqcX94wdK5UDGv4InXKgi0P64Yrx0Yy9c0vkAwnEcMviTByjrZH0x7djWUPll
+Tn0z5e0bR1SJ0I2qMNjLy6a/w7YNm1o3
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls10:ALICE_wap-wsg-idm-ecid-wtls10_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C13:KAS-ECC-CDH_P-384_C13-PUBLIC
 
-PrivateKey=BOB_wap-wsg-idm-ecid-wtls10
------BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFZysBBAoEZjBkAgEBBB0mTqwYwByRuu4zcU1QLKcG
-m8wewuaoKqVSpp8xQaFAAz4ABAEF4xTrWAIF1EacNMqTG3kwxwartAKFFqyOle+w
-BwDi6gra7cFVedD1p5RwD4gZU4QzgCLSwa7xZbBzgg==
------END PRIVATE KEY-----
 
-PublicKey=BOB_wap-wsg-idm-ecid-wtls10_PUB
+PublicKey=KAS-ECC-CDH_P-384_C13-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFZysBBAoDPgAEAQXjFOtYAgXURpw0ypMbeTDHBqu0AoUW
-rI6V77AHAOLqCtrtwVV50PWnlHAPiBlThDOAItLBrvFlsHOC
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEHA7tp6K+AAxb3NoEeK7U23M9Kp40EiQ3
+kSOthHAw8p47Fo+hjomjwPuips4cKPw77Iwcg8EYxNvqlCcYafLYaOtl6LROIebx
+Sw9NmzjAaNrvonEUJVuaQdCEzEoa2FRW
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls10:BOB_wap-wsg-idm-ecid-wtls10_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_wap-wsg-idm-ecid-wtls10
-Availablein = default
-PeerKey=BOB_wap-wsg-idm-ecid-wtls10_PUB
-SharedSecret=0199de137bc263e25b543994d6315b5a3f1e38e7e1f60662cb5cbaab5f98
-
-# ECDH Bob with Alice peer
-Derive=BOB_wap-wsg-idm-ecid-wtls10
 Availablein = default
-PeerKey=ALICE_wap-wsg-idm-ecid-wtls10_PUB
-SharedSecret=0199de137bc263e25b543994d6315b5a3f1e38e7e1f60662cb5cbaab5f98
-
-# TEST CURVE wap-wsg-idm-ecid-wtls11
+Derive=KAS-ECC-CDH_P-384_C13
+PeerKey=KAS-ECC-CDH_P-384_C13-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=deff7f03bd09865baf945e73edff6d5122c03fb561db87dec8662e09bed4340b28a9efe118337bb7d3d4f7f568635ff9
 
-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls11
+PrivateKey=KAS-ECC-CDH_P-384_C14
 -----BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFZysBBAsEZzBlAgEBBB4Au6lrzC3RIk3jXmtbeOAp
-LZPR0NUrr6dTf1lSCGqhQAM+AAQBl73V2TEZ8BO4QC+YiBlJ0GmW8WLc3RtS3iIr
-/oUAaDQQAGVJFD3GghjBPfI9KVBcZ2P8tUXUv5ifrWc=
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDj0HEGvtzAlufZFjD/
+0wlN8seFnbjX7bsuN7SsR/QppjfQamfS+6M4OHZO8gNGSZGhZANiAATnShorhfHL
++Nu98FDPGv+KywL9ovtlkfnTz+TnnQrpOKnBSD57dfjbJFBdZQZc2xgXc+5ZGCL3
+q6qFahpgvApSA1SNvRy1AlRm7/hIG9B2FOqgShbD23aQWRPpcqW2tZ0=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_wap-wsg-idm-ecid-wtls11_PUB
+PublicKey=KAS-ECC-CDH_P-384_C14-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFZysBBAsDPgAEAZe91dkxGfATuEAvmIgZSdBplvFi3N0b
-Ut4iK/6FAGg0EABlSRQ9xoIYwT3yPSlQXGdj/LVF1L+Yn61n
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE50oaK4Xxy/jbvfBQzxr/issC/aL7ZZH5
+08/k550K6TipwUg+e3X42yRQXWUGXNsYF3PuWRgi96uqhWoaYLwKUgNUjb0ctQJU
+Zu/4SBvQdhTqoEoWw9t2kFkT6XKltrWd
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls11:ALICE_wap-wsg-idm-ecid-wtls11_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C14:KAS-ECC-CDH_P-384_C14-PUBLIC
 
-PrivateKey=BOB_wap-wsg-idm-ecid-wtls11
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFZysBBAsEZzBlAgEBBB4AGJuGtQI1FvHfp2AsdKb3
-NVWawjpZQuyM1aelws2hQAM+AAQAdTW3xU6Ijf/Y835Z2hS4fOn6Xmp3O6iblXHr
-nKoBORuxHVRfXkfdL5TqfFpuDghzCyAS6ZMSWhjGV5o=
------END PRIVATE KEY-----
 
-PublicKey=BOB_wap-wsg-idm-ecid-wtls11_PUB
+PublicKey=KAS-ECC-CDH_P-384_C14-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFZysBBAsDPgAEAHU1t8VOiI3/2PN+WdoUuHzp+l5qdzuo
-m5Vx65yqATkbsR1UX15H3S+U6nxabg4IcwsgEumTEloYxlea
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEyVwYXiVr+ZfzCzEVSK5/doo43uQ+7u9D
+CD8wd75w4r85rB1NrzYMUUyMa+YjRD0aPmOmY+r3XYp2WrK5o1UT15M/peJkIKUk
+RVDsbDtvAzuW2yrKPWrGqrBSzpKVla6l
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls11:BOB_wap-wsg-idm-ecid-wtls11_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_wap-wsg-idm-ecid-wtls11
-Availablein = default
-PeerKey=BOB_wap-wsg-idm-ecid-wtls11_PUB
-SharedSecret=01ee4b517d8a64be5ee32e10152c7bbcb8cde73a3da8e9643bce173011f7
-
-# ECDH Bob with Alice peer
-Derive=BOB_wap-wsg-idm-ecid-wtls11
 Availablein = default
-PeerKey=ALICE_wap-wsg-idm-ecid-wtls11_PUB
-SharedSecret=01ee4b517d8a64be5ee32e10152c7bbcb8cde73a3da8e9643bce173011f7
-
-# TEST CURVE wap-wsg-idm-ecid-wtls12
+Derive=KAS-ECC-CDH_P-384_C14
+PeerKey=KAS-ECC-CDH_P-384_C14-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=c8b1038f735ad3bb3e4637c3e47eab487637911a6b7950a4e461948329d3923b969e5db663675623611a457fcda35a71
 
-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls12
+PrivateKey=KAS-ECC-CDH_P-384_C15
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFZysBBAwEYTBfAgEBBByAnUvQZhZr1lgTRixSMIx0
-KHuV4t8cbXCW415soTwDOgAE3G8wIl9SJ0mAmuIMWbJpFjf9wO8gKNu6nApye39Y
-hpXeYRL/nm7G6HmiiA5O1iudWC3hDbBH0cc=
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDz+bDGWkmlBmMsikWx
+D2a1MW+e6wb64hjy2mIzP5mQURexQcdg6JdO/ErxBXBjV5GhZANiAASkrXeqfYbl
+NhEYprkhcQyCByEhBxL0w0eYX97liqTv+h4ovoChexILE5+WMA+JtJsd3yLgfgPx
+Vg2PRaSACUVg26n65/lTETDBtX67lZgkllJPMdN5d5M5b6gj8ivbQyg=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_wap-wsg-idm-ecid-wtls12_PUB
+PublicKey=KAS-ECC-CDH_P-384_C15-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFZysBBAwDOgAE3G8wIl9SJ0mAmuIMWbJpFjf9wO8gKNu6
-nApye39YhpXeYRL/nm7G6HmiiA5O1iudWC3hDbBH0cc=
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEpK13qn2G5TYRGKa5IXEMggchIQcS9MNH
+mF/e5Yqk7/oeKL6AoXsSCxOfljAPibSbHd8i4H4D8VYNj0WkgAlFYNup+uf5UxEw
+wbV+u5WYJJZSTzHTeXeTOW+oI/Ir20Mo
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls12:ALICE_wap-wsg-idm-ecid-wtls12_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C15:KAS-ECC-CDH_P-384_C15-PUBLIC
 
-PrivateKey=BOB_wap-wsg-idm-ecid-wtls12
------BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFZysBBAwEYTBfAgEBBBzZ7nt4CrPrk2m5iR64vpkj
-95JHOmzWf4VhRZqdoTwDOgAEukz40I4gWpUmXCM+PLmWGd0IO0XIPQa9KXzXvhbL
-dJH0yFkJ+ClSboOC26gtMTICiPhEgYjeKEQ=
------END PRIVATE KEY-----
 
-PublicKey=BOB_wap-wsg-idm-ecid-wtls12_PUB
+PublicKey=KAS-ECC-CDH_P-384_C15-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFZysBBAwDOgAEukz40I4gWpUmXCM+PLmWGd0IO0XIPQa9
-KXzXvhbLdJH0yFkJ+ClSboOC26gtMTICiPhEgYjeKEQ=
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAENJcjin5q0WbfLawDmqTayNF6qSXnx2Me
+s7VuOqocVF/NVNLlmFgHkQ+yArH8GR0qpJ5cSH3MeqQKjyNMl5RGBA2RdOOtNX1A
+TXdlGDGVrtP5E2QbkMgaMG6/DYkThhMW
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls12:BOB_wap-wsg-idm-ecid-wtls12_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_wap-wsg-idm-ecid-wtls12
-Availablein = default
-PeerKey=BOB_wap-wsg-idm-ecid-wtls12_PUB
-SharedSecret=c75a8283a73312de82c8f99d41a9173a43b8f921e8161dd140131b36
-
-# ECDH Bob with Alice peer
-Derive=BOB_wap-wsg-idm-ecid-wtls12
 Availablein = default
-PeerKey=ALICE_wap-wsg-idm-ecid-wtls12_PUB
-SharedSecret=c75a8283a73312de82c8f99d41a9173a43b8f921e8161dd140131b36
-
-# TEST CURVE brainpoolP160r1
+Derive=KAS-ECC-CDH_P-384_C15
+PeerKey=KAS-ECC-CDH_P-384_C15-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=d337eaa32b9f716b8747b005b97a553c59dab0c51df41a2d49039cdae705aa75c7b9e7bc0b6a0e8c578c902bc4fff23e
 
-PrivateKey=ALICE_brainpoolP160r1
+PrivateKey=KAS-ECC-CDH_P-384_C16
 -----BEGIN PRIVATE KEY-----
-MGQCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEBBEkwRwIBAQQUZTQYt6IOsZUUgr36
-WYGKTj10erShLAMqAAQkMf73t3Cov2cdezPSUt9Wn0ydhpk9+2HwZ13YufUyfcvP
-ijdJ/zFO
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBZ/Of6194ousAjBpDJ
+VxDHIOUo+aTlTTpqjNX8XF8hY3AxzhxbTj05ZH2Ny5t5RmShZANiAAScQ7+XHt8J
+QCh27nQglTgfeLG9OqObUTKvddv+fpi9eL3hD+LpA8K2N54d7uF1obCmxY7OpaR3
+uwG9VDsznxzEnxNxos2k1G605T4lBZeUI1GplmWhIv/qm94GNsN12vI=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_brainpoolP160r1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C16-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEIwFAYHKoZIzj0CAQYJKyQDAwIIAQEBAyoABCQx/ve3cKi/Zx17M9JS31afTJ2G
-mT37YfBnXdi59TJ9y8+KN0n/MU4=
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEnEO/lx7fCUAodu50IJU4H3ixvTqjm1Ey
+r3Xb/n6YvXi94Q/i6QPCtjeeHe7hdaGwpsWOzqWkd7sBvVQ7M58cxJ8TcaLNpNRu
+tOU+JQWXlCNRqZZloSL/6pveBjbDddry
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_brainpoolP160r1:ALICE_brainpoolP160r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C16:KAS-ECC-CDH_P-384_C16-PUBLIC
 
-PrivateKey=BOB_brainpoolP160r1
------BEGIN PRIVATE KEY-----
-MGQCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEBBEkwRwIBAQQUb/ulIRG4yoOOihWD
-AV4l78I2GLWhLAMqAARPjEMetPWS4FlgFCHvVfK1nTK/TLsYScHregeZAZqn8gaF
-vgq4bE8v
------END PRIVATE KEY-----
 
-PublicKey=BOB_brainpoolP160r1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C16-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEIwFAYHKoZIzj0CAQYJKyQDAwIIAQEBAyoABE+MQx609ZLgWWAUIe9V8rWdMr9M
-uxhJwet6B5kBmqfyBoW+CrhsTy8=
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEkKNHN9RbGqZfdOC9Blm8EY+OS3dLdhlE
+/6ZXPG309B3sDRG2l6vZNNOQhx1LRTJAm1kHGbszB8FJp4F741XWhIk6MHdktRLu
+/+B8tpnttab/v41gMubHnV6T6UISwqpO
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_brainpoolP160r1:BOB_brainpoolP160r1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_brainpoolP160r1
-Availablein = default
-PeerKey=BOB_brainpoolP160r1_PUB
-SharedSecret=e4fe5ae99a60d17b597f5705a719cea6709c63b9
 
-# ECDH Bob with Alice peer
-Derive=BOB_brainpoolP160r1
 Availablein = default
-PeerKey=ALICE_brainpoolP160r1_PUB
-SharedSecret=e4fe5ae99a60d17b597f5705a719cea6709c63b9
-
-# TEST CURVE brainpoolP160t1
+Derive=KAS-ECC-CDH_P-384_C16
+PeerKey=KAS-ECC-CDH_P-384_C16-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=32d292b695a4488e42a7b7922e1ae537d76a3d21a0b2e36875f60e9f6d3e8779c2afb3a413b9dd79ae18e70b47d337c1
 
-PrivateKey=ALICE_brainpoolP160t1
+PrivateKey=KAS-ECC-CDH_P-384_C17
 -----BEGIN PRIVATE KEY-----
-MGQCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQECBEkwRwIBAQQUWWAyUnMvmQyeKeHE
-bIjyrW0JzVqhLAMqAAQ/h1VSPKvn2cTPmfMq0FZ3mxypjCIWtCMav7GH9Fby+kCr
-WKA0lFVw
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDA+Sfv5UKQkxdgCKNxL
+w16fbGwMHQRECZjaCmCah3V12+Q31qXO2qLd0qGhf9ESre2hZANiAARalJWUIosa
+PW9ZnrPbDQYHD7xVHGV7WCNLoWTOP+QV+l8+uCPAjcKbjDQSGcd7az0rqtRHyMKQ
+z+0l7dkDHEHQt2khRXMn9C2zESK4HzN7vwsQOeyDDOkGGjdhlTx15Kg=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_brainpoolP160t1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C17-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEIwFAYHKoZIzj0CAQYJKyQDAwIIAQECAyoABD+HVVI8q+fZxM+Z8yrQVnebHKmM
-Iha0Ixq/sYf0VvL6QKtYoDSUVXA=
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEWpSVlCKLGj1vWZ6z2w0GBw+8VRxle1gj
+S6Fkzj/kFfpfPrgjwI3Cm4w0EhnHe2s9K6rUR8jCkM/tJe3ZAxxB0LdpIUVzJ/Qt
+sxEiuB8ze78LEDnsgwzpBho3YZU8deSo
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_brainpoolP160t1:ALICE_brainpoolP160t1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C17:KAS-ECC-CDH_P-384_C17-PUBLIC
 
-PrivateKey=BOB_brainpoolP160t1
------BEGIN PRIVATE KEY-----
-MGQCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQECBEkwRwIBAQQUDFpUx8SZ718X0cwv
-+oQaTXSK0zyhLAMqAAQIgDYhuy9cj04IFE0LforgJPt9rgcjuO81V6WR+E3LNETJ
-rYsy1X9k
------END PRIVATE KEY-----
 
-PublicKey=BOB_brainpoolP160t1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C17-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEIwFAYHKoZIzj0CAQYJKyQDAwIIAQECAyoABAiANiG7L1yPTggUTQt+iuAk+32u
-ByO47zVXpZH4Tcs0RMmtizLVf2Q=
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE3aVGrPyPkD0R4uOSBmljbUSyBorrZv8H
+qiZvADDhU1sO0CA8uKRgrJkPE5T68i8dFbuyWXkTA1+q30E0dvTHD3J5dppAyYb0
+cMQntO5JYqvfgXO7rYGHR3KSX9MvCxWf
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_brainpoolP160t1:BOB_brainpoolP160t1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_brainpoolP160t1
-Availablein = default
-PeerKey=BOB_brainpoolP160t1_PUB
-SharedSecret=199a218458b71a4e13f05a599fc17bc76f30ea2f
 
-# ECDH Bob with Alice peer
-Derive=BOB_brainpoolP160t1
 Availablein = default
-PeerKey=ALICE_brainpoolP160t1_PUB
-SharedSecret=199a218458b71a4e13f05a599fc17bc76f30ea2f
-
-# TEST CURVE brainpoolP192r1
+Derive=KAS-ECC-CDH_P-384_C17
+PeerKey=KAS-ECC-CDH_P-384_C17-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=1220e7e6cad7b25df98e5bbdcc6c0b65ca6c2a50c5ff6c41dca71e475646fd489615979ca92fb4389aeadefde79a24f1
 
-PrivateKey=ALICE_brainpoolP192r1
+PrivateKey=KAS-ECC-CDH_P-384_C18
 -----BEGIN PRIVATE KEY-----
-MHACAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEDBFUwUwIBAQQYGiIpZVR71C31b9AE
-lLiEiEyzdhRsvTbkoTQDMgAEHAovVZJfm52KWqJr9IKz7w7Ta+7HUN5Bjy+qR87k
-Oo3nP+439TLOs4iDhIvzP8j1
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBQzMH3B26S9GOOhfLb
+mOC0g+biIEySvdRApt7qBON6B8bnJ5HBkK1OTobgHvuoQmmhZANiAAR1bAffDOMs
+g52sn7RzPJwotwETpnanBXw40iPyKjqQlajVZGU69SjgTH4YJL5KZRIXws5pYsvS
+ouBmKXs51X3Zu0aA8BkdOQ9wtORhQZspcs5orUYSf92mw5GVd06obfM=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_brainpoolP192r1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C18-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEowFAYHKoZIzj0CAQYJKyQDAwIIAQEDAzIABBwKL1WSX5udilqia/SCs+8O02vu
-x1DeQY8vqkfO5DqN5z/uN/UyzrOIg4SL8z/I9Q==
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEdWwH3wzjLIOdrJ+0czycKLcBE6Z2pwV8
+ONIj8io6kJWo1WRlOvUo4Ex+GCS+SmUSF8LOaWLL0qLgZil7OdV92btGgPAZHTkP
+cLTkYUGbKXLOaK1GEn/dpsORlXdOqG3z
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_brainpoolP192r1:ALICE_brainpoolP192r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C18:KAS-ECC-CDH_P-384_C18-PUBLIC
 
-PrivateKey=BOB_brainpoolP192r1
------BEGIN PRIVATE KEY-----
-MHACAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEDBFUwUwIBAQQYkut8HljwyzxOArKA
-azilboA8yY6oy4svoTQDMgAEv/3NhrdVEA+PMFCm+muXhrC0wxX5UHvCUd/OAyda
-c2Jl7XVw2gS4hfXkTeT7MQMu
------END PRIVATE KEY-----
 
-PublicKey=BOB_brainpoolP192r1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C18-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEowFAYHKoZIzj0CAQYJKyQDAwIIAQEDAzIABL/9zYa3VRAPjzBQpvprl4awtMMV
-+VB7wlHfzgMnWnNiZe11cNoEuIX15E3k+zEDLg==
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEeIviM2xS9EVNY+6USx5Jv7YZoINxBI5t
+qS5YTq5wveHxccTfN4vR88CrAwSKI3gCRnPr2NtgTq9BcRdIurKWiiPKRHbOFE5y
+gkfwivdSkpFXtYMPHiYGdGa9+otlFFoz
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_brainpoolP192r1:BOB_brainpoolP192r1_PUB
-
 
-# ECDH Alice with Bob peer
-Derive=ALICE_brainpoolP192r1
 Availablein = default
-PeerKey=BOB_brainpoolP192r1_PUB
-SharedSecret=7ce122b49afdfd1adde6cdfaa13dc7180d6d4e70322c8773
-
-# ECDH Bob with Alice peer
-Derive=BOB_brainpoolP192r1
-Availablein = default
-PeerKey=ALICE_brainpoolP192r1_PUB
-SharedSecret=7ce122b49afdfd1adde6cdfaa13dc7180d6d4e70322c8773
-
-# TEST CURVE brainpoolP192t1
+Derive=KAS-ECC-CDH_P-384_C18
+PeerKey=KAS-ECC-CDH_P-384_C18-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=793bb9cd22a93cf468faf804a38d12b78cb12189ec679ddd2e9aa21fa9a5a0b049ab16a23574fe04c1c3c02343b91beb
 
-PrivateKey=ALICE_brainpoolP192t1
+PrivateKey=KAS-ECC-CDH_P-384_C19
 -----BEGIN PRIVATE KEY-----
-MHACAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEEBFUwUwIBAQQYCV1NuYw7DwOawqgY
-kALfFpEzFE2rjXqYoTQDMgAEmBmJ220/ZJVdxfSgHFTz3FOC2PHql2ItbG0LXs/v
-7n/qkWGWz9B7R2FBqFaLBk0L
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAG8TK3H3TYe/mYV+Hk
+NQpZTl/jVTO4iFUs7MvA2JI8kC42FB12keKGMbi8m6/l4GShZANiAAQqPMa4/1ze
+km5+OhiaG9ApybWGNRr4g49PIBy49LcO87DaBtNSyA/Ca6+PQreERZ6/mYWWAXba
+bSPHRSopVP/LvLJCSbQwGaKgI+Cz2r1GHxmtPndcNk8/Ea1J8wmUANM=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_brainpoolP192t1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C19-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEowFAYHKoZIzj0CAQYJKyQDAwIIAQEEAzIABJgZidttP2SVXcX0oBxU89xTgtjx
-6pdiLWxtC17P7+5/6pFhls/Qe0dhQahWiwZNCw==
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEKjzGuP9c3pJufjoYmhvQKcm1hjUa+IOP
+TyAcuPS3DvOw2gbTUsgPwmuvj0K3hEWev5mFlgF22m0jx0UqKVT/y7yyQkm0MBmi
+oCPgs9q9Rh8ZrT53XDZPPxGtSfMJlADT
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_brainpoolP192t1:ALICE_brainpoolP192t1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C19:KAS-ECC-CDH_P-384_C19-PUBLIC
 
-PrivateKey=BOB_brainpoolP192t1
------BEGIN PRIVATE KEY-----
-MHACAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEEBFUwUwIBAQQYmZP2vmYpfJvSnqEl
-4K0Yj0iMCr4ds9bboTQDMgAEcSuLSED2s4SIuEdomZbdDMSmNrpnezJRv/W+bCQp
-4bcnQAb20tp47ISw/yXoQSA0
------END PRIVATE KEY-----
 
-PublicKey=BOB_brainpoolP192t1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C19-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEowFAYHKoZIzj0CAQYJKyQDAwIIAQEEAzIABHEri0hA9rOEiLhHaJmW3QzEpja6
-Z3syUb/1vmwkKeG3J0AG9tLaeOyEsP8l6EEgNA==
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE0Ju4IuuZ44BglUdHyCuzJ4z5a782/s40
+APTIc4OKQME16zuruSk70QAb8+ze578m1BbbbhuHu7dCd4ijtsenqywWWx42b5YI
+31EgN1hPITpkjUfxasMm4Zquly9j/XbJ
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_brainpoolP192t1:BOB_brainpoolP192t1_PUB
 
-
-# ECDH Alice with Bob peer
-Derive=ALICE_brainpoolP192t1
-Availablein = default
-PeerKey=BOB_brainpoolP192t1_PUB
-SharedSecret=1a5444c2600d9d21d6a450d158fd25272ade262ab519790b
-
-# ECDH Bob with Alice peer
-Derive=BOB_brainpoolP192t1
 Availablein = default
-PeerKey=ALICE_brainpoolP192t1_PUB
-SharedSecret=1a5444c2600d9d21d6a450d158fd25272ade262ab519790b
-
-# TEST CURVE brainpoolP224r1
+Derive=KAS-ECC-CDH_P-384_C19
+PeerKey=KAS-ECC-CDH_P-384_C19-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=012d191cf7404a523678c6fc075de8285b243720a903047708bb33e501e0dbee5bcc40d7c3ef6c6da39ea24d830da1e8
 
-PrivateKey=ALICE_brainpoolP224r1
+PrivateKey=KAS-ECC-CDH_P-384_C20
 -----BEGIN PRIVATE KEY-----
-MHwCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEFBGEwXwIBAQQch91FmOz9tJ9Wfdyw
-krOM6UXinTuYBxjUWtU0HKE8AzoABIq0T5AJJzdDl9wbYqyxExMfTbNDt6W/ound
-ZTS6qXYvMegJ+nBcXeCi+FBI0pu6lHv8tF1ZjWLS
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDASBI67QzHsGaHiPxos
+dztmTM/pCii/uEb8Evgd/0S3RDx3ZHFkvx6eZ/0sB6Z2YkGhZANiAAS8GINrx6n9
+9UtTUvN9dSirj6jsVEqMYYBRHL/dSczjd8OeNMAxtSQNyZgFA+0vJiyAhsvjOBkQ
+gPC3oWx6/Ex7Ayb5rGb1hVLvS7nSTeNCntXTJ37Vj89I8rX2Eya+xsY=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_brainpoolP224r1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C20-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwFAYHKoZIzj0CAQYJKyQDAwIIAQEFAzoABIq0T5AJJzdDl9wbYqyxExMfTbND
-t6W/oundZTS6qXYvMegJ+nBcXeCi+FBI0pu6lHv8tF1ZjWLS
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEvBiDa8ep/fVLU1LzfXUoq4+o7FRKjGGA
+URy/3UnM43fDnjTAMbUkDcmYBQPtLyYsgIbL4zgZEIDwt6FsevxMewMm+axm9YVS
+70u50k3jQp7V0yd+1Y/PSPK19hMmvsbG
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_brainpoolP224r1:ALICE_brainpoolP224r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C20:KAS-ECC-CDH_P-384_C20-PUBLIC
 
-PrivateKey=BOB_brainpoolP224r1
------BEGIN PRIVATE KEY-----
-MHwCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEFBGEwXwIBAQQcvabkJWnrR4LuGUxf
-LO8DqDBcL4eix/a0qRWxm6E8AzoABM6qgBI9bmZwyYE0QFBJf5NpXe2phgcObKrG
-4URjdsORl4UJwlq7eLwINJLP9dPl0Qlb0Fv/gNVo
------END PRIVATE KEY-----
 
-PublicKey=BOB_brainpoolP224r1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C20-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwFAYHKoZIzj0CAQYJKyQDAwIIAQEFAzoABM6qgBI9bmZwyYE0QFBJf5NpXe2p
-hgcObKrG4URjdsORl4UJwlq7eLwINJLP9dPl0Qlb0Fv/gNVo
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEE3QSYu3lhh2tcQY9/SBLkeodO3xjHfaO
+uUmWlSfXmh3FkpXvfSvKZ0PozXewTRtYC6rq3H4Z10qKBEUaE18b4bAv4pn53AC/
+3yAeg9mVxpULzBy4nW97ML9UZWuaTaWG
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_brainpoolP224r1:BOB_brainpoolP224r1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_brainpoolP224r1
-Availablein = default
-PeerKey=BOB_brainpoolP224r1_PUB
-SharedSecret=419e446a66968fcc372126cff4d637505c848c3a9b82503f2d441215
 
-# ECDH Bob with Alice peer
-Derive=BOB_brainpoolP224r1
 Availablein = default
-PeerKey=ALICE_brainpoolP224r1_PUB
-SharedSecret=419e446a66968fcc372126cff4d637505c848c3a9b82503f2d441215
-
-# TEST CURVE brainpoolP224t1
+Derive=KAS-ECC-CDH_P-384_C20
+PeerKey=KAS-ECC-CDH_P-384_C20-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=ad0fd3ddffe8884b9263f3c15fe1f07f2a5a22ffdc7e967085eea45f0cd959f20f18f522763e28bcc925e496a52dda98
 
-PrivateKey=ALICE_brainpoolP224t1
+PrivateKey=KAS-ECC-CDH_P-384_C21
 -----BEGIN PRIVATE KEY-----
-MHwCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEGBGEwXwIBAQQcSwWCcqYuiNyxR0gY
-VCMBQ17ykfaxEgMMyByZoqE8AzoABJiVhwIZAqy+OKj8RewjsdXPPCODfm+4RGV8
-2bYLW8SqiDeEDB+RvJirYwz/a5Ri+EL5Xk9QVkQF
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDA01hppnKV2Fp/NwMx+
+ROThIh2w/mPRaFDIEEAp99SESXFLmIQyjK4YmXh1SrRgtIahZANiAASGf4EQTM1r
+Fjp5ArZw70BgQssMzn3Nxj0d/JGyxA4833WVg0v57Ot5hJ8WNvyEYvydS96Oh17E
+lpfSWNHVlGX4QxxvVTHhxZ6fnr488WSo2c4QoS8ZeSg6lZutJE3YOGM=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_brainpoolP224t1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C21-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwFAYHKoZIzj0CAQYJKyQDAwIIAQEGAzoABJiVhwIZAqy+OKj8RewjsdXPPCOD
-fm+4RGV82bYLW8SqiDeEDB+RvJirYwz/a5Ri+EL5Xk9QVkQF
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEhn+BEEzNaxY6eQK2cO9AYELLDM59zcY9
+HfyRssQOPN91lYNL+ezreYSfFjb8hGL8nUvejodexJaX0ljR1ZRl+EMcb1Ux4cWe
+n56+PPFkqNnOEKEvGXkoOpWbrSRN2Dhj
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_brainpoolP224t1:ALICE_brainpoolP224t1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C21:KAS-ECC-CDH_P-384_C21-PUBLIC
 
-PrivateKey=BOB_brainpoolP224t1
------BEGIN PRIVATE KEY-----
-MHwCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEGBGEwXwIBAQQcLK5R+idvzqC1a28G
-e9m6Eh5up82atVSTRWeXwKE8AzoABBg6ar3lkYSv0AcOM542SbPhAqxny/anS+Do
-ELViM0rofxlcvkywZiBY0T40xUvXBILDsY/0he22
------END PRIVATE KEY-----
 
-PublicKey=BOB_brainpoolP224t1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C21-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwFAYHKoZIzj0CAQYJKyQDAwIIAQEGAzoABBg6ar3lkYSv0AcOM542SbPhAqxn
-y/anS+DoELViM0rofxlcvkywZiBY0T40xUvXBILDsY/0he22
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEniLLwYZX9RaoZLN7eDNItm8aqWJs1jH0
++hvTKtiM8R21IFfGYIYNOdEfvwJPq9REaw1Tx5aBwoEW33HpzudP1WyLfwSznxGY
+zHIoTpi+lWLjWSb7T0ip++yv5ykwnotv
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_brainpoolP224t1:BOB_brainpoolP224t1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_brainpoolP224t1
-Availablein = default
-PeerKey=BOB_brainpoolP224t1_PUB
-SharedSecret=8f83465fb6353912a51c2809ea30b19b73b3e391c0422650e0f20b58
 
-# ECDH Bob with Alice peer
-Derive=BOB_brainpoolP224t1
 Availablein = default
-PeerKey=ALICE_brainpoolP224t1_PUB
-SharedSecret=8f83465fb6353912a51c2809ea30b19b73b3e391c0422650e0f20b58
-
-# TEST CURVE brainpoolP256r1
+Derive=KAS-ECC-CDH_P-384_C21
+PeerKey=KAS-ECC-CDH_P-384_C21-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=dc4ca392dc15e20185f2c6a8ea5ec31dfc96f56153a47394b3072b13d0015f5d4ae13beb3bed54d65848f9b8383e6c95
 
-PrivateKey=ALICE_brainpoolP256r1
+PrivateKey=KAS-ECC-CDH_P-384_C22
 -----BEGIN PRIVATE KEY-----
-MIGIAgEAMBQGByqGSM49AgEGCSskAwMCCAEBBwRtMGsCAQEEIBMmEFKb8UQb4oCu
-k226EiMpk/omRsx/rrRNuh9WGB/zoUQDQgAEeIYdJpIpkxneKbL9qP/vSJ2/d7cH
-Cs2ZXggcRif7KKN55Ioit7Q1sVEeGzEDFbxpRWK6A+Kgu8sFkE+LHr5BGQ==
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDcYPqHNtcCE1/xaquZ
+K7iOrDl/WXJFbHLsRHN00NjOYRU4Mb/IatWm61tgv7lqhiyhZANiAAS2m+7ehdD4
+Kf7BuJPMucPgUv9pLhO5dFN7xbD5/q97IuhPAyMWKbJIZr20uM+QiRRm+F4r/Kui
+hDKFsOFOvAfvfa//i0JEFv7mR7WYl7YZ8g7tlaYy5qQga/faQpwExWA=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_brainpoolP256r1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C22-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABHiGHSaSKZMZ3imy/aj/70idv3e3
-BwrNmV4IHEYn+yijeeSKIre0NbFRHhsxAxW8aUViugPioLvLBZBPix6+QRk=
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEtpvu3oXQ+Cn+wbiTzLnD4FL/aS4TuXRT
+e8Ww+f6veyLoTwMjFimySGa9tLjPkIkUZvheK/yrooQyhbDhTrwH732v/4tCRBb+
+5ke1mJe2GfIO7ZWmMuakIGv32kKcBMVg
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_brainpoolP256r1:ALICE_brainpoolP256r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C22:KAS-ECC-CDH_P-384_C22-PUBLIC
 
-PrivateKey=BOB_brainpoolP256r1
------BEGIN PRIVATE KEY-----
-MIGIAgEAMBQGByqGSM49AgEGCSskAwMCCAEBBwRtMGsCAQEEIKXsf2pxFfTQiwbW
-2SKwZq50UOGhJYJZYO/xY33RHuQaoUQDQgAEC/FCNhyxZ4VcHY8zBehFbg3M54AU
-w6ixJ69gI2+xoyAXBn5d+pf8tAG0D0TUqtxRtwBgPWkt6pY4YYBQMY+NOA==
------END PRIVATE KEY-----
 
-PublicKey=BOB_brainpoolP256r1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C22-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABAvxQjYcsWeFXB2PMwXoRW4NzOeA
-FMOosSevYCNvsaMgFwZ+XfqX/LQBtA9E1KrcUbcAYD1pLeqWOGGAUDGPjTg=
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAELbXaX5QOqohPTbXsITmwRp845Ob7vMUt
+8VwPfPf8sYCMdJdktr6F0v3FsW9YrV3AIuiwLc8z4bWgg4SVRfhK1eQ/d8txVG27
+rA0RvbLuIC6dOHLo0CjAiZB0bF4d3pmJ
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_brainpoolP256r1:BOB_brainpoolP256r1_PUB
-
 
-# ECDH Alice with Bob peer
-Derive=ALICE_brainpoolP256r1
 Availablein = default
-PeerKey=BOB_brainpoolP256r1_PUB
-SharedSecret=78ed4b7bb4ed808813f8c27132fe04f5d805365549b754994d83b002416b6ba0
-
-# ECDH Bob with Alice peer
-Derive=BOB_brainpoolP256r1
-Availablein = default
-PeerKey=ALICE_brainpoolP256r1_PUB
-SharedSecret=78ed4b7bb4ed808813f8c27132fe04f5d805365549b754994d83b002416b6ba0
-
-# TEST CURVE brainpoolP256t1
+Derive=KAS-ECC-CDH_P-384_C22
+PeerKey=KAS-ECC-CDH_P-384_C22-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=d765b208112d2b9ed5ad10c4046e2e3b0dbf57c469329519e239ac28b25c7d852bf757d5de0ee271cadd021d86cfd347
 
-PrivateKey=ALICE_brainpoolP256t1
+PrivateKey=KAS-ECC-CDH_P-384_C23
 -----BEGIN PRIVATE KEY-----
-MIGIAgEAMBQGByqGSM49AgEGCSskAwMCCAEBCARtMGsCAQEEIC4yFvVLhvRyF9wu
-yYJbncxLagsMCD+Sxt2vAJiKFpKdoUQDQgAEiGxl8E0yj3gE4iOyFDVe0tUYS9fN
-cNzkxEx2CiZwm09jbSNQF2pKAoCmLZQa8VBz+UZqdeXZy9Sc8UpJU3Fghg==
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBvpqHHBHMJh6pjSwUW
+qCarqMbWQR06TIl3LXpiYQJWouLyifXDRAsOwecPozniUc6hZANiAART3h/BMo6N
+4UrsqymtikDWsTdo+G99KYQz0g/seR+G+Lxz81gJiyVqKYu0iN4le/SsKJRP0n8X
+uClGwExmxB8AU9NpLyddpVzYc5qVvYzTry+W5N6Vnqg0TYlFN1kFhYs=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_brainpoolP256t1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C23-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEIA0IABIhsZfBNMo94BOIjshQ1XtLVGEvX
-zXDc5MRMdgomcJtPY20jUBdqSgKApi2UGvFQc/lGanXl2cvUnPFKSVNxYIY=
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEU94fwTKOjeFK7KsprYpA1rE3aPhvfSmE
+M9IP7Hkfhvi8c/NYCYslaimLtIjeJXv0rCiUT9J/F7gpRsBMZsQfAFPTaS8nXaVc
+2HOalb2M068vluTelZ6oNE2JRTdZBYWL
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_brainpoolP256t1:ALICE_brainpoolP256t1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C23:KAS-ECC-CDH_P-384_C23-PUBLIC
 
-PrivateKey=BOB_brainpoolP256t1
------BEGIN PRIVATE KEY-----
-MIGIAgEAMBQGByqGSM49AgEGCSskAwMCCAEBCARtMGsCAQEEIIfXus/y+3RdwUZ0
-0db3boxPCzzRcI3CgIC8ggdGDPqPoUQDQgAEdlZ2yOiBsmREPaw8TsrGNmTLL6q1
-lVz8+OQ780Xxfo9VIFeR0Qbk8CgqX0lWt5hbEbbzEbF6I2nZCJndQ9VIoA==
------END PRIVATE KEY-----
 
-PublicKey=BOB_brainpoolP256t1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C23-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEIA0IABHZWdsjogbJkRD2sPE7KxjZkyy+q
-tZVc/PjkO/NF8X6PVSBXkdEG5PAoKl9JVreYWxG28xGxeiNp2QiZ3UPVSKA=
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEMpZHuqNUIk60QUgpxTaMgteJOzmATgjL
+shgPRZvvxLNHo4mnDJGiO9nTDIO+UpXTzI9hkj+tKqjlBdbPoSa5+r1a+dzikLdW
+YO8G0cqnNoHQYInDO8QkazqjDbzSQ1sS
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_brainpoolP256t1:BOB_brainpoolP256t1_PUB
 
-
-# ECDH Alice with Bob peer
-Derive=ALICE_brainpoolP256t1
-Availablein = default
-PeerKey=BOB_brainpoolP256t1_PUB
-SharedSecret=287a8f19e6f06476b222805eb11907c536fa6ea02b8877ea6d5323f9fabccdd8
-
-# ECDH Bob with Alice peer
-Derive=BOB_brainpoolP256t1
 Availablein = default
-PeerKey=ALICE_brainpoolP256t1_PUB
-SharedSecret=287a8f19e6f06476b222805eb11907c536fa6ea02b8877ea6d5323f9fabccdd8
-
-# TEST CURVE brainpoolP320r1
+Derive=KAS-ECC-CDH_P-384_C23
+PeerKey=KAS-ECC-CDH_P-384_C23-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=d3778850aeb58804fbe9dfe6f38b9fa8e20c2ca4e0dec335aafceca0333e3f2490b53c0c1a14a831ba37c4b9d74be0f2
 
-PrivateKey=ALICE_brainpoolP320r1
+PrivateKey=KAS-ECC-CDH_P-384_C24
 -----BEGIN PRIVATE KEY-----
-MIGiAgEAMBQGByqGSM49AgEGCSskAwMCCAEBCQSBhjCBgwIBAQQoRBvhspL4HZA6
-YcfouziNWFuE1e1RcN69xlsJ8OGZEMobV29pntQlSaFUA1IABFDmVKAu6UDU1doe
-67Fzp3WeLAKNcaLjX13W0X704bqNvSU7q747RCCbd46miRYsiqYejnsX0A/A5bOi
-I1LJixCGcAgm1pnGajKeok/ecsl+
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDB0rYOGwcssoPzesx4I
+abs/SMA2r+LvEQyjAryLkQ9iHJ/MVM7DK7iex8qoTHuOVKihZANiAAQno+g8+51R
+IucxKdgBYVhX2nzAiczMnFSrMDKhngoKn2dzRuN/CKCz7Y2m5d1pEGONYORKpeD9
+MMkYRWeWrzfw5BlXkBZF5cWWxtmJ9YWbA6C9fR9Od5Nv/zx00gTlOI4=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_brainpoolP320r1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C24-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MGowFAYHKoZIzj0CAQYJKyQDAwIIAQEJA1IABFDmVKAu6UDU1doe67Fzp3WeLAKN
-caLjX13W0X704bqNvSU7q747RCCbd46miRYsiqYejnsX0A/A5bOiI1LJixCGcAgm
-1pnGajKeok/ecsl+
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEJ6PoPPudUSLnMSnYAWFYV9p8wInMzJxU
+qzAyoZ4KCp9nc0bjfwigs+2NpuXdaRBjjWDkSqXg/TDJGEVnlq838OQZV5AWReXF
+lsbZifWFmwOgvX0fTneTb/88dNIE5TiO
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_brainpoolP320r1:ALICE_brainpoolP320r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-384_C24:KAS-ECC-CDH_P-384_C24-PUBLIC
 
-PrivateKey=BOB_brainpoolP320r1
------BEGIN PRIVATE KEY-----
-MIGiAgEAMBQGByqGSM49AgEGCSskAwMCCAEBCQSBhjCBgwIBAQQoi9ghqMQp8Zdx
-xVXuOMC66tVIvTQ9EX6taWLDy82eBRAt7MItb5LaMqFUA1IABHFexsmyGSMPdLCm
-a5vzaFlbk/gAkq6yfpE+BMokI+7GXx4dJz9+sKOi8h++T4SnocW03M7I5zOQVfK+
-82Kkq/vXCzEdkVRUPU4HVls7nil0
------END PRIVATE KEY-----
 
-PublicKey=BOB_brainpoolP320r1_PUB
+PublicKey=KAS-ECC-CDH_P-384_C24-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MGowFAYHKoZIzj0CAQYJKyQDAwIIAQEJA1IABHFexsmyGSMPdLCma5vzaFlbk/gA
-kq6yfpE+BMokI+7GXx4dJz9+sKOi8h++T4SnocW03M7I5zOQVfK+82Kkq/vXCzEd
-kVRUPU4HVls7nil0
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEKdijbSIgCnW3rqG7R838sbf9Zt6WcEFD
+RyirXVM6Bg33MhMGAP5vdYUqhx+yk4454ZtT21KDld6JekUQiWdxXrjLVcP8vyM3
+k3LAhzoFjVdUSxAuzOcissyrsaYDd0/V
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_brainpoolP320r1:BOB_brainpoolP320r1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_brainpoolP320r1
-Availablein = default
-PeerKey=BOB_brainpoolP320r1_PUB
-SharedSecret=13a56c63c2dafe3e053534d5bf32c7eb4a0733bf356510725d378c5cbcf6974240719e3e53b352bb
 
-# ECDH Bob with Alice peer
-Derive=BOB_brainpoolP320r1
 Availablein = default
-PeerKey=ALICE_brainpoolP320r1_PUB
-SharedSecret=13a56c63c2dafe3e053534d5bf32c7eb4a0733bf356510725d378c5cbcf6974240719e3e53b352bb
-
-# TEST CURVE brainpoolP320t1
+Derive=KAS-ECC-CDH_P-384_C24
+PeerKey=KAS-ECC-CDH_P-384_C24-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=81e1e71575bb4505498de097350186430a6242fa6c57b85a5f984a23371123d2d1424eefbf804258392bc723e4ef1e35
 
-PrivateKey=ALICE_brainpoolP320t1
+PrivateKey=KAS-ECC-CDH_P-521_C0
 -----BEGIN PRIVATE KEY-----
-MIGiAgEAMBQGByqGSM49AgEGCSskAwMCCAEBCgSBhjCBgwIBAQQoxl+OeILawo65
-M4YbtLSARXYJsFJi4F8cUF6vfo1swRoCL6sAnV0QSaFUA1IABFN48RBqcd0PyU7N
-TRjaJsUaYXBlectX7JwhB/X/bbuNUK1YW9tZJZSZ/bBUfVfEgUhC+0qrvomc3xhy
-YBJIQeGWODwC1rHjO2H7GGvx1HmF
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBfuzAerSzKQaPumXl
+ah+IkKqTXlcTSuD/zOgCc1FR9OrGVk9u6ZdMXmiHof7+5XQ64iQb/rldXOMd3Lb5
+7bTW/EehgYkDgYYABABgL50M+eUmsp4iOBwgPEiohsKwZzAzNmMU8f+8uiQLpC9O
+84p2F0Y1+R5rTtNCdesByEZ9BcqAMVvxp7vZRfVQpQG3yF8m9dSy1zVc9rAhF2WZ
+Q3YrbR21q08dvETOeylG62x940KWKJP9OH0bc9eoZy0fI2lhFwt+s1eZU+5c3IjN
+LQ==
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_brainpoolP320t1_PUB
+PublicKey=KAS-ECC-CDH_P-521_C0-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MGowFAYHKoZIzj0CAQYJKyQDAwIIAQEKA1IABFN48RBqcd0PyU7NTRjaJsUaYXBl
-ectX7JwhB/X/bbuNUK1YW9tZJZSZ/bBUfVfEgUhC+0qrvomc3xhyYBJIQeGWODwC
-1rHjO2H7GGvx1HmF
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAYC+dDPnlJrKeIjgcIDxIqIbCsGcw
+MzZjFPH/vLokC6QvTvOKdhdGNfkea07TQnXrAchGfQXKgDFb8ae72UX1UKUBt8hf
+JvXUstc1XPawIRdlmUN2K20dtatPHbxEznspRutsfeNCliiT/Th9G3PXqGctHyNp
+YRcLfrNXmVPuXNyIzS0=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_brainpoolP320t1:ALICE_brainpoolP320t1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C0:KAS-ECC-CDH_P-521_C0-PUBLIC
 
-PrivateKey=BOB_brainpoolP320t1
------BEGIN PRIVATE KEY-----
-MIGiAgEAMBQGByqGSM49AgEGCSskAwMCCAEBCgSBhjCBgwIBAQQoMlTiH2CM3XGa
-VXPOQ5tdm+GJmnP03gbNK4POt5yQpnW8HoaHc+SS56FUA1IABLXO5ngGf17dU+ae
-QetDyXqlTTxtTrav1/NGb+i9BQUAsbIMQkdY0zWWbhksoMn56F2DBTSFwBlb1hBt
-p9fNIGUbgKqOlvtBpQHIoKXYEq3l
------END PRIVATE KEY-----
 
-PublicKey=BOB_brainpoolP320t1_PUB
+PublicKey=KAS-ECC-CDH_P-521_C0-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MGowFAYHKoZIzj0CAQYJKyQDAwIIAQEKA1IABLXO5ngGf17dU+aeQetDyXqlTTxt
-Trav1/NGb+i9BQUAsbIMQkdY0zWWbhksoMn56F2DBTSFwBlb1hBtp9fNIGUbgKqO
-lvtBpQHIoKXYEq3l
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAaFpI6Gx58PCHX3vBjSXrX8jAsH5d
+pPQ3DzqUkDQIVDNLHhuH+jlUZMYGJhJKTnDQ94VgHTfAmHDr8XZmaHeiBG0BulLF
+b8h3bZ6PXbTwzCdjbQt0G74FQAaXlC6AtzmISoO96Z4PZxaTnmMryJhvoY3M1EOj
+SLbD5SJJeVWk88MC9nY=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_brainpoolP320t1:BOB_brainpoolP320t1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_brainpoolP320t1
-Availablein = default
-PeerKey=BOB_brainpoolP320t1_PUB
-SharedSecret=170d1f5fc4248700be75499eac813fac642df1311ab005e10796cc2ef43b82f8d788eb232d580243
 
-# ECDH Bob with Alice peer
-Derive=BOB_brainpoolP320t1
 Availablein = default
-PeerKey=ALICE_brainpoolP320t1_PUB
-SharedSecret=170d1f5fc4248700be75499eac813fac642df1311ab005e10796cc2ef43b82f8d788eb232d580243
-
-# TEST CURVE brainpoolP384r1
+Derive=KAS-ECC-CDH_P-521_C0
+PeerKey=KAS-ECC-CDH_P-521_C0-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=005fc70477c3e63bc3954bd0df3ea0d1f41ee21746ed95fc5e1fdf90930d5e136672d72cc770742d1711c3c3a4c334a0ad9759436a4d3c5bf6e74b9578fac148c831
 
-PrivateKey=ALICE_brainpoolP384r1
+PrivateKey=KAS-ECC-CDH_P-521_C1
 -----BEGIN PRIVATE KEY-----
-MIG6AgEAMBQGByqGSM49AgEGCSskAwMCCAEBCwSBnjCBmwIBAQQweTbLDp3fPbIL
-8w7I+aQzU8edVXXiFtt8Ulx7HSuAvHu/uaeedCKA+sXKXe33/aoDoWQDYgAEgQEp
-8Mrclp7hd1kkTnaXCEzAyhlMUtBIXQGI8ALS3FaMoL4mjIlhAU+vNdIcI9NGBx7Q
-FRUzFIy3IAyF+VPq8fM7Yyjk0x4P8UB1N+d2odKvKFqFBQBQmd6S5h+0ijis
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAgW8ZwfsQ75TUodgc
+FW7D0d4Itmdh8D8G7ku53Ou7/h6qHtSaapkIONjtMYwU10zIcvldBdB61Q9iHOti
+DNkFz7ihgYkDgYYABADUVhXtXTf95plhCmLNQ7p2vt2Phe0xAF/gDWRQ+70QEpGr
+2W1JRai1e8c7P+n0ZxEFMJ7JtoedBVHZMNrIukXSVQFCUzKETlkrRAwAJ5cq0VJk
+McBnMt8ZzUaiQhctTdZ8LIyZ38IuSZSaVs+Qxkc2Nc6C8lszaC+xm8M72RDtjOOn
++g==
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_brainpoolP384r1_PUB
+PublicKey=KAS-ECC-CDH_P-521_C1-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABIEBKfDK3Jae4XdZJE52lwhMwMoZ
-TFLQSF0BiPAC0txWjKC+JoyJYQFPrzXSHCPTRgce0BUVMxSMtyAMhflT6vHzO2Mo
-5NMeD/FAdTfndqHSryhahQUAUJnekuYftIo4rA==
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQA1FYV7V03/eaZYQpizUO6dr7dj4Xt
+MQBf4A1kUPu9EBKRq9ltSUWotXvHOz/p9GcRBTCeybaHnQVR2TDayLpF0lUBQlMy
+hE5ZK0QMACeXKtFSZDHAZzLfGc1GokIXLU3WfCyMmd/CLkmUmlbPkMZHNjXOgvJb
+M2gvsZvDO9kQ7Yzjp/o=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_brainpoolP384r1:ALICE_brainpoolP384r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C1:KAS-ECC-CDH_P-521_C1-PUBLIC
 
-PrivateKey=BOB_brainpoolP384r1
------BEGIN PRIVATE KEY-----
-MIG6AgEAMBQGByqGSM49AgEGCSskAwMCCAEBCwSBnjCBmwIBAQQwF6ERsBKPIs2v
-YHNnkyb15eHfTIQ58qsFlF90qztOdGzhytiWZXPvOh4khzujFfdZoWQDYgAEDxy4
-ddTAt+nTw0F16nhHhmmNbns3bX3rKEcY+686v58dAvx4VWOC7vHsiwek9ZYbZSkm
-Ky6H78ndkBrmU3BBR7hFGyU7CWSDFoH5Oybk0+JzkNa0qAm8+MpAIcFqb+IY
------END PRIVATE KEY-----
 
-PublicKey=BOB_brainpoolP384r1_PUB
+PublicKey=KAS-ECC-CDH_P-521_C1-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABA8cuHXUwLfp08NBdep4R4ZpjW57
-N2196yhHGPuvOr+fHQL8eFVjgu7x7IsHpPWWG2UpJisuh+/J3ZAa5lNwQUe4RRsl
-OwlkgxaB+Tsm5NPic5DWtKgJvPjKQCHBam/iGA==
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQB3yd8FSEINJvDTVOe4M8Gsk9dNQBn
+e0RFRTzMIUCUU6r7inKgvp6+VNEicKpRs6t/MWql50qVHF5T90zZX8Ka7noBPVLz
+Op88FDhNFYf6ir567XS8M3Sa2cVwtHF3ZCLH1FBdmwqWs7+sBB5MammQrn9wDltK
+ZkAikRLer6DNi7DQibA=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_brainpoolP384r1:BOB_brainpoolP384r1_PUB
-
 
-# ECDH Alice with Bob peer
-Derive=ALICE_brainpoolP384r1
 Availablein = default
-PeerKey=BOB_brainpoolP384r1_PUB
-SharedSecret=0b3ad57e83759760d94904d9ea266b538120c6db2b5046217aa1ecd924828b949d335c8ce8a5b36bac7556bf6058c40a
-
-# ECDH Bob with Alice peer
-Derive=BOB_brainpoolP384r1
-Availablein = default
-PeerKey=ALICE_brainpoolP384r1_PUB
-SharedSecret=0b3ad57e83759760d94904d9ea266b538120c6db2b5046217aa1ecd924828b949d335c8ce8a5b36bac7556bf6058c40a
-
-# TEST CURVE brainpoolP384t1
+Derive=KAS-ECC-CDH_P-521_C1
+PeerKey=KAS-ECC-CDH_P-521_C1-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=000b3920ac830ade812c8f96805da2236e002acbbf13596a9ab254d44d0e91b6255ebf1229f366fb5a05c5884ef46032c26d42189273ca4efa4c3db6bd12a6853759
 
-PrivateKey=ALICE_brainpoolP384t1
+PrivateKey=KAS-ECC-CDH_P-521_C2
 -----BEGIN PRIVATE KEY-----
-MIG6AgEAMBQGByqGSM49AgEGCSskAwMCCAEBDASBnjCBmwIBAQQwYb/xX9O8mxEu
-tbOQwQ/pB862keq/eWxj8GW41m2OroEtOJZL1SsK/8ZwAL3BdNoyoWQDYgAENpcX
-DPQYBhU8zi4G6mQtjdgVmpdn4Iuwb0/VVmopmFAL0ISDB0qk9Hn2Lt9rmE8Nathq
-kKKlVHd/Y5FRqf06PZj8jaYHAxvz5E1J8ykrbT7rUpbj9Df2t+eop9YBbSxc
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBLy4MbZ6dEXzrlyO8
+7QLrPU7r9f7q+O4BE8zYBXsT3dQW4LdCgMLQuo7SkcRDvBsUHK+K+zpx+X9XwiXA
+Ph5NQrChgYkDgYYABABxf8s9SkDRA4ce3gRNyAPbUIqqSudLcLn7jY39hL/s+tF4
+cYeWmMKS0v1eF7T5NDY2xTGk+saKNak2ZVRrmoeGeQDz2WqGNwNpk6tdJEUA//nS
+dyESgm9kNmA9PrI0pE1cTlxXcjRnnE+d9yXuW5EY8j2KWNDMAQltr3Do3+wBKL3C
+6A==
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_brainpoolP384t1_PUB
+PublicKey=KAS-ECC-CDH_P-521_C2-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHowFAYHKoZIzj0CAQYJKyQDAwIIAQEMA2IABDaXFwz0GAYVPM4uBupkLY3YFZqX
-Z+CLsG9P1VZqKZhQC9CEgwdKpPR59i7fa5hPDWrYapCipVR3f2ORUan9Oj2Y/I2m
-BwMb8+RNSfMpK20+61KW4/Q39rfnqKfWAW0sXA==
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAcX/LPUpA0QOHHt4ETcgD21CKqkrn
+S3C5+42N/YS/7PrReHGHlpjCktL9Xhe0+TQ2NsUxpPrGijWpNmVUa5qHhnkA89lq
+hjcDaZOrXSRFAP/50nchEoJvZDZgPT6yNKRNXE5cV3I0Z5xPnfcl7luRGPI9iljQ
+zAEJba9w6N/sASi9wug=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_brainpoolP384t1:ALICE_brainpoolP384t1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C2:KAS-ECC-CDH_P-521_C2-PUBLIC
 
-PrivateKey=BOB_brainpoolP384t1
------BEGIN PRIVATE KEY-----
-MIG6AgEAMBQGByqGSM49AgEGCSskAwMCCAEBDASBnjCBmwIBAQQwbFHOFMHlMXRY
-d29dF6HzKMh09dw7OAyxEeROTqOjFsI+whaqtL4GWH5P0UgFPDAHoWQDYgAER24u
-XKoWWnFFusbCPtDzz7n9zDIWzFqMeP6YE3MOseyfRFcKIVz/omWBVwpUbd3ca6Or
-d/Mh8hThIV4tZbPUwlyzzEW2NMJtd2t5JKdja0aT7fbp7NS9IJzNIRDl7r8z
------END PRIVATE KEY-----
 
-PublicKey=BOB_brainpoolP384t1_PUB
+PublicKey=KAS-ECC-CDH_P-521_C2-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHowFAYHKoZIzj0CAQYJKyQDAwIIAQEMA2IABEduLlyqFlpxRbrGwj7Q88+5/cwy
-FsxajHj+mBNzDrHsn0RXCiFc/6JlgVcKVG3d3Gujq3fzIfIU4SFeLWWz1MJcs8xF
-tjTCbXdreSSnY2tGk+326ezUvSCczSEQ5e6/Mw==
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAktsxQlZNJ6XwAG+BmQj7obhQOKW8
+JQmQakl9qsZ/167g/C2rpOQzTurvDgAZIEtHHNiAJPghFdgUnMDPT3zhpNUBa60G
+I/UXsVjZiBhB0lce+61j+Fy+LlgZYMXWcGAaZ2AnJnWlSJliF+SrK4684x1x/KY/
+zDwI6Rwdjt2Rz2/oRfg=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_brainpoolP384t1:BOB_brainpoolP384t1_PUB
 
-
-# ECDH Alice with Bob peer
-Derive=ALICE_brainpoolP384t1
-Availablein = default
-PeerKey=BOB_brainpoolP384t1_PUB
-SharedSecret=0fde85a61157cdd898196f291802ebd57bb2e39d98c4e6ad9bb3e2e0375e1df9bf7dadb8df7db1fea32818ef2c88babc
-
-# ECDH Bob with Alice peer
-Derive=BOB_brainpoolP384t1
 Availablein = default
-PeerKey=ALICE_brainpoolP384t1_PUB
-SharedSecret=0fde85a61157cdd898196f291802ebd57bb2e39d98c4e6ad9bb3e2e0375e1df9bf7dadb8df7db1fea32818ef2c88babc
-
-# TEST CURVE brainpoolP512r1
+Derive=KAS-ECC-CDH_P-521_C2
+PeerKey=KAS-ECC-CDH_P-521_C2-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=006b380a6e95679277cfee4e8353bf96ef2a1ebdd060749f2f046fe571053740bbcc9a0b55790bc9ab56c3208aa05ddf746a10a3ad694daae00d980d944aabc6a08f
 
-PrivateKey=ALICE_brainpoolP512r1
+PrivateKey=KAS-ECC-CDH_P-521_C3
 -----BEGIN PRIVATE KEY-----
-MIHsAgEAMBQGByqGSM49AgEGCSskAwMCCAEBDQSB0DCBzQIBAQRAjMVK5PA5xYk8
-5gNs28Yo0erQSkgmildL7WwMVeT66algoISleFKT+fQkDRlfSKPXCZjK0NnKX5K9
-rkMm8w9ywKGBhQOBggAEHlj4gsnR2wN53k/hSIcAtbgHwbld5uS1/gR8RtoyaEDi
-t4Ti59/I9kRkZFEHJemhpTP2xY03j3M5rHP7vzk1NVKgYHJQ9MvMtPd6G+Fj5D0Y
-N1nnyqP3IJ8PyXmOdXBMoMHu+H50QbYZpcUFOqJhKp1T0+58xTXJdP8axl1IjtI=
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIA5UinnYsF+SO5gl0R
+tlbyIujLmLD4neHTFxhNxaaY98cRYe59wRzTH09PiuOpgeGj54veu5fXwgS5JhtO
++S4JGOChgYkDgYYABAAM6AAhftJD3RCnmtc99Xiqij+RlK9SjNEJS7/uJ6O1SBrV
+hiyIdsDD+RKUwKs6qAbZAgy6ou1yt/7NxaCaba1vMgFUPJq0WxJGkjKRjiHVo1H5
+pLnL+e+yr8xAL6mzFlC+wtZBoFxEDTUzHAiT0R+xMVEzWYizAzQTAac9xfYdV05n
+2Q==
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_brainpoolP512r1_PUB
+PublicKey=KAS-ECC-CDH_P-521_C3-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDQOBggAEHlj4gsnR2wN53k/hSIcAtbgH
-wbld5uS1/gR8RtoyaEDit4Ti59/I9kRkZFEHJemhpTP2xY03j3M5rHP7vzk1NVKg
-YHJQ9MvMtPd6G+Fj5D0YN1nnyqP3IJ8PyXmOdXBMoMHu+H50QbYZpcUFOqJhKp1T
-0+58xTXJdP8axl1IjtI=
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQADOgAIX7SQ90Qp5rXPfV4qoo/kZSv
+UozRCUu/7iejtUga1YYsiHbAw/kSlMCrOqgG2QIMuqLtcrf+zcWgmm2tbzIBVDya
+tFsSRpIykY4h1aNR+aS5y/nvsq/MQC+psxZQvsLWQaBcRA01MxwIk9EfsTFRM1mI
+swM0EwGnPcX2HVdOZ9k=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_brainpoolP512r1:ALICE_brainpoolP512r1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C3:KAS-ECC-CDH_P-521_C3-PUBLIC
 
-PrivateKey=BOB_brainpoolP512r1
------BEGIN PRIVATE KEY-----
-MIHsAgEAMBQGByqGSM49AgEGCSskAwMCCAEBDQSB0DCBzQIBAQRAZA10+k4+Esme
-vjkT9LdSX07amRwXrT7CBnEskZpHkZEoYVQa6FuE7Fai0kjL86lUCC4xoTjFbH3t
-LLrD0v7vwqGBhQOBggAEo3NAMIGp0rJxReih4nbEiTegA4pSEk84CUHHBLGuLsek
-Vo1vmj1LTnu4dVuILLf+MSZh9jjNmsWuEGSHIaZx6hniFHGdaRQ3GFODGvkE6z2d
-2kwv3Fmsq9+gu4By2OhSCfP+hpFhobXAYwWXzgaBFH+TqlF31Dyr2fuPnkL7tK4=
------END PRIVATE KEY-----
 
-PublicKey=BOB_brainpoolP512r1_PUB
+PublicKey=KAS-ECC-CDH_P-521_C3-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDQOBggAEo3NAMIGp0rJxReih4nbEiTeg
-A4pSEk84CUHHBLGuLsekVo1vmj1LTnu4dVuILLf+MSZh9jjNmsWuEGSHIaZx6hni
-FHGdaRQ3GFODGvkE6z2d2kwv3Fmsq9+gu4By2OhSCfP+hpFhobXAYwWXzgaBFH+T
-qlF31Dyr2fuPnkL7tK4=
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQA/dQNnp2XQCfLO65oIWLqwTKK1hvE
+NTxFv1r+dr9gfSiUyMziNpXZIPJGT9pHc9RpO+SzdzWEaRvbAym39MhswpkANM6s
+aj/vHD4cSUv+jYcrGDgyIZp+FNpBTU40dFc2cewZsDO+gxuRVDWQWSW0SUfFkpWZ
+RbTrfJUcO5yM9SUwuiM=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_brainpoolP512r1:BOB_brainpoolP512r1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_brainpoolP512r1
-Availablein = default
-PeerKey=BOB_brainpoolP512r1_PUB
-SharedSecret=80751feb09215a9da32f9f8c97133f53f0286a89969bd00d7f365da7f7736f45e634a35012d71b22f09bd89760ab0d2b0d426133cd9a379da9739d0f5f2e0360
 
-# ECDH Bob with Alice peer
-Derive=BOB_brainpoolP512r1
 Availablein = default
-PeerKey=ALICE_brainpoolP512r1_PUB
-SharedSecret=80751feb09215a9da32f9f8c97133f53f0286a89969bd00d7f365da7f7736f45e634a35012d71b22f09bd89760ab0d2b0d426133cd9a379da9739d0f5f2e0360
-
-# TEST CURVE brainpoolP512t1
+Derive=KAS-ECC-CDH_P-521_C3
+PeerKey=KAS-ECC-CDH_P-521_C3-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=00fbbcd0b8d05331fef6086f22a6cce4d35724ab7a2f49dd8458d0bfd57a0b8b70f246c17c4468c076874b0dff7a0336823b19e98bf1cec05e4beffb0591f97713c6
 
-PrivateKey=ALICE_brainpoolP512t1
+PrivateKey=KAS-ECC-CDH_P-521_C4
 -----BEGIN PRIVATE KEY-----
-MIHsAgEAMBQGByqGSM49AgEGCSskAwMCCAEBDgSB0DCBzQIBAQRAm8Dt1nWguxK5
-iqhf6mig/Y7ctmMgbRCWSJMMd3lw5/iM4mtP9achhaEWGImIWV6Fbryi6Jv3nitC
-BUxpqREpcqGBhQOBggAEH/z+dOHhLfxI0GLpmUjYaSlC2H380nBhe6P4GSrnpya/
-Yew0IRyDfo0p99vwgOaLh8wJIH3Joy4NMtHthg8IAFmoctAoWkQ21E0HjPjwqZbx
-mvBD0S9opVycFR8XUSaK0EHyHO7hfuVsdyYzIIjpKViP7uOOtrggsTepWzBQt9I=
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIByKrpS7ELjKT3vld7
+T7MrsjgQMsSULCT8LXU+fMXke0gzidnzuVbSDukAGx7vnyNUX3LFYCFABGg56WMx
+PD3syGShgYkDgYYABAEGoU4u6P+XCqirDHm5ejO7opWOBwt1uUc2t3u+P3dzJPpS
+hydxqoimOp6EkMM3jfTcdgzRTWK+cAd53RpDd5Q2VgAjZs45QeCyhLGqgSFdDTuX
+ePziPIzR5O1voKv2IVbJHUs+tVmZw0cb7SdenmDlqp1pDTEL+xXJxbvW9enrOWgr
+dA==
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_brainpoolP512t1_PUB
+PublicKey=KAS-ECC-CDH_P-521_C4-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDgOBggAEH/z+dOHhLfxI0GLpmUjYaSlC
-2H380nBhe6P4GSrnpya/Yew0IRyDfo0p99vwgOaLh8wJIH3Joy4NMtHthg8IAFmo
-ctAoWkQ21E0HjPjwqZbxmvBD0S9opVycFR8XUSaK0EHyHO7hfuVsdyYzIIjpKViP
-7uOOtrggsTepWzBQt9I=
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBBqFOLuj/lwqoqwx5uXozu6KVjgcL
+dblHNrd7vj93cyT6UocncaqIpjqehJDDN4303HYM0U1ivnAHed0aQ3eUNlYAI2bO
+OUHgsoSxqoEhXQ07l3j84jyM0eTtb6Cr9iFWyR1LPrVZmcNHG+0nXp5g5aqdaQ0x
+C/sVycW71vXp6zloK3Q=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_brainpoolP512t1:ALICE_brainpoolP512t1_PUB
-
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C4:KAS-ECC-CDH_P-521_C4-PUBLIC
 
-PrivateKey=BOB_brainpoolP512t1
------BEGIN PRIVATE KEY-----
-MIHsAgEAMBQGByqGSM49AgEGCSskAwMCCAEBDgSB0DCBzQIBAQRAFStrWBwOtTlY
-/pBeT2ncjTHcNzKm+ocTiIvr0RUEuX8ITd+L5x9H+ZLk44T85/8yqTPlk6cZSHby
-TG5UkPGVvaGBhQOBggAEE6EYYwpBA3NBflj/HYwxzbaxuALefTsTr5O0bLqh4J6S
-xkAwsQnlkU8PCnzEuvdBNxSwW7276VGfwDO7kFKEdZq3cnT+P41yi/XBVK7xgaL1
-R2U+vCxWsje6JLixWEdJkJ+6TqPKICdriNge1zbjvfhb01zP58E/Xsgh5/deJco=
------END PRIVATE KEY-----
 
-PublicKey=BOB_brainpoolP512t1_PUB
+PublicKey=KAS-ECC-CDH_P-521_C4-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDgOBggAEE6EYYwpBA3NBflj/HYwxzbax
-uALefTsTr5O0bLqh4J6SxkAwsQnlkU8PCnzEuvdBNxSwW7276VGfwDO7kFKEdZq3
-cnT+P41yi/XBVK7xgaL1R2U+vCxWsje6JLixWEdJkJ+6TqPKICdriNge1zbjvfhb
-01zP58E/Xsgh5/deJco=
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAmNmd7ggWVQ6E2/ztfogTf93PWBpy
+WkVQIRFf5J+Nw88jPNnqDm8DnceRnalzzc6sogXaOeC9mMgGJTbEfyWPRLUAzSJc
+h5c3G+DEKX0rRXdAEAx3QUHY8hTCO2GqK2zUgGubcHIqpJZftiL0K3OR4n5ewhxW
+ecWwa1kSc3KZfUIa3B4=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_brainpoolP512t1:BOB_brainpoolP512t1_PUB
-
-
-# ECDH Alice with Bob peer
-Derive=ALICE_brainpoolP512t1
-Availablein = default
-PeerKey=BOB_brainpoolP512t1_PUB
-SharedSecret=0afecb44d108c9bf2bc159fcc613a1429e3906d5d201d579adc2167058e972ef85fc13d837f3566a2ff3a881e47bfe36b722baf4a9f865097fe11e171189a944
 
-# ECDH Bob with Alice peer
-Derive=BOB_brainpoolP512t1
 Availablein = default
-PeerKey=ALICE_brainpoolP512t1_PUB
-SharedSecret=0afecb44d108c9bf2bc159fcc613a1429e3906d5d201d579adc2167058e972ef85fc13d837f3566a2ff3a881e47bfe36b722baf4a9f865097fe11e171189a944
-
-
-Title = ECDH KATs (from RFC 5114, 5903, 7027)
+Derive=KAS-ECC-CDH_P-521_C4
+PeerKey=KAS-ECC-CDH_P-521_C4-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=0145cfa38f25943516c96a5fd4bfebb2f645d10520117aa51971eff442808a23b4e23c187e639ff928c3725fbd1c0c2ad0d4aeb207bc1a6fb6cb6d467888dc044b3c
 
-# Keys and shared secrets from RFC 5114
-PrivateKey=PRIME192V1_RFC5114
+PrivateKey=KAS-ECC-CDH_P-521_C5
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBgyP6MWnY6cZZP1lHa8
-FCAAq1vg4knENCahNAMyAATNRkiez9bBBeez0yVm4rEi4kmrqt2HBhJoiHtId99R
-3U3D1v0R8KJvj9OEQxeRbpo=
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAmwrxN8lpbHW35t97
+cxVrstRfSC5aQhcyT0eLEM63avCXJM+Gr6MW5/iZGNMdVIJKXDMQekg8FcFblu3G
+YTQLHA6hgYkDgYYABAB0jNu4ddNfS8y2Kr4g6C0y5MFNwv61uH2i0MyxHJttS3c3
+tsRvDftNiW4tuS/PU827ripATAur1WStet6sYnPvowGYSsq42PFzMj3gu2AnSyKI
+cWCTc7sioXKH6d7HSVhzq8CaiRW1TIRVyOAvZU9gLiOiu9ep67dPMAm9ZezGUIFM
+wA==
 -----END PRIVATE KEY-----
 
-PublicKey=PRIME192V1_RFC5114-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C5-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEzUZIns/WwQXns9MlZuKxIuJJq6rd
-hwYSaIh7SHffUd1Nw9b9EfCib4/ThEMXkW6a
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAdIzbuHXTX0vMtiq+IOgtMuTBTcL+
+tbh9otDMsRybbUt3N7bEbw37TYluLbkvz1PNu64qQEwLq9VkrXrerGJz76MBmErK
+uNjxczI94LtgJ0siiHFgk3O7IqFyh+nex0lYc6vAmokVtUyEVcjgL2VPYC4jorvX
+qeu3TzAJvWXsxlCBTMA=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = PRIME192V1_RFC5114:PRIME192V1_RFC5114-PUBLIC
-
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C5:KAS-ECC-CDH_P-521_C5-PUBLIC
 
-PrivateKey=PRIME192V1_RFC5114-Peer
------BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhjH5W7SmdjLJxHbu6a
-tpWrJAoEmTB/z2KhNAMyAARRmhIWgOAEVGa6Id8u7kf1lztQBXfvE9X/YTq01kzu
-OiCHW9sQ+VP2swygcsYKpX8=
------END PRIVATE KEY-----
 
-PublicKey=PRIME192V1_RFC5114-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C5-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEUZoSFoDgBFRmuiHfLu5H9Zc7UAV3
-7xPV/2E6tNZM7jogh1vbEPlT9rMMoHLGCqV/
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAeuEVrarwQWkatrf7jJIfmdjtMtKD
+1nCE6Aua2cQMVs2YOJ+wqEnZ7PcmjCl7b5NAYRn0DjK1dz7SWiipqFxKdYgBoo4A
+Tjfurv4fTbtx8YeGlhQa86EKlpHE7ZNIchRkO3YfpLD77rJHz20/unpgaXU2rQP0
+m4Cp0csHlnNlSXfF+pQ=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = PRIME192V1_RFC5114-Peer:PRIME192V1_RFC5114-Peer-PUBLIC
 
+Availablein = default
+Derive=KAS-ECC-CDH_P-521_C5
+PeerKey=KAS-ECC-CDH_P-521_C5-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=005c5721e96c273319fd60ecc46b5962f698e974b429f28fe6962f4ac656be2eb8674c4aafc037eab48ece612953b1e8d861016b6ad0c79805784c67f73ada96f351
 
-
-Derive=PRIME192V1_RFC5114
-PeerKey=PRIME192V1_RFC5114-Peer-PUBLIC
-SharedSecret=AD420182633F8526BFE954ACDA376F05E5FF4F837F54FEBE
-
-Derive=PRIME192V1_RFC5114-Peer
-PeerKey=PRIME192V1_RFC5114-PUBLIC
-SharedSecret=AD420182633F8526BFE954ACDA376F05E5FF4F837F54FEBE
-
-PrivateKey=SECP224R1_RFC5114
+PrivateKey=KAS-ECC-CDH_P-521_C6
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBy1WOtsKI2nB7u0+PuuKrnp
-y2LjvFx1c+IuJtN/oTwDOgAESd/vMJ+BSIwwTP9as+5aIVQ2fceDMVDgpR8+608r
-XuRXYsT2VMGgxn9Uz4iwFrUbzj18Io1XrbQ=
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIB5I+qzubeyD/83pRM
+9r30zkuucnR4iOuv7kVbHpFYSXHvtJEnl2pS9BQpUvfCB+wCZfK3GM8+rZbqT2LH
+UuT3rNOhgYkDgYYABAEOsbTZFyvMI/TyDMlWD8VJKMPzTqYcADkdx2bHbtn6YIRJ
+N30eT63RI2AlQXMwtLkQhnBKzj5OZITGBuKpQ0eMhgFJQThkBpgl7h0IKNqfSpdx
+MAXpvRrbw7OMW5RpAHIalg/patLBs6RP496RVhNtRMsXy8JBVym7eC4Wv+Leswae
+Qw==
 -----END PRIVATE KEY-----
 
-PublicKey=SECP224R1_RFC5114-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C6-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAESd/vMJ+BSIwwTP9as+5aIVQ2fceDMVDg
-pR8+608rXuRXYsT2VMGgxn9Uz4iwFrUbzj18Io1XrbQ=
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBDrG02RcrzCP08gzJVg/FSSjD806m
+HAA5Hcdmx27Z+mCESTd9Hk+t0SNgJUFzMLS5EIZwSs4+TmSExgbiqUNHjIYBSUE4
+ZAaYJe4dCCjan0qXcTAF6b0a28OzjFuUaQByGpYP6WrSwbOkT+PekVYTbUTLF8vC
+QVcpu3guFr/i3rMGnkM=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = SECP224R1_RFC5114:SECP224R1_RFC5114-PUBLIC
-
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C6:KAS-ECC-CDH_P-521_C6-PUBLIC
 
-PrivateKey=SECP224R1_RFC5114-Peer
------BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBysOxrdPZdw5vanCO6fO44K
-s7SA6fJ/hciLXm0YoTwDOgAEazrJao0M3mpVmb6AMu3xDBYtCorSGVBtzUKiB9SR
-vpnCE6fRyjcG3r/jBfNhr8uzPiYJyLFhitU=
------END PRIVATE KEY-----
 
-PublicKey=SECP224R1_RFC5114-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C6-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEazrJao0M3mpVmb6AMu3xDBYtCorSGVBt
-zUKiB9SRvpnCE6fRyjcG3r/jBfNhr8uzPiYJyLFhitU=
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBJYgRXm9/e9z99X8DsWm0eXWLqv2v
+Vp0EE1mHss5hZMAqV2hetSdrXa5ildP+kGIPOLVTXG0iYMFz5h64iMqSAgMBVCwW
+nPl8JZb+Ld2EiiIuNnxffmJn68G82atdz0kVjxpI5K8pqJe35qggkcLbh02Oer8P
+WAZGkTRBVPOW267RiLY=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = SECP224R1_RFC5114-Peer:SECP224R1_RFC5114-Peer-PUBLIC
-
-
-
-Derive=SECP224R1_RFC5114
-Availablein = default
-PeerKey=SECP224R1_RFC5114-Peer-PUBLIC
-SharedSecret=52272F50F46F4EDC9151569092F46DF2D96ECC3B6DC1714A4EA949FA
 
-Derive=SECP224R1_RFC5114-Peer
 Availablein = default
-PeerKey=SECP224R1_RFC5114-PUBLIC
-SharedSecret=52272F50F46F4EDC9151569092F46DF2D96ECC3B6DC1714A4EA949FA
+Derive=KAS-ECC-CDH_P-521_C6
+PeerKey=KAS-ECC-CDH_P-521_C6-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=01736d9717429b4f412e903febe2f9e0fffd81355d6ce2c06ff3f66a3be15ceec6e65e308347593f00d7f33591da4043c30763d72749f72cdceebe825e4b34ecd570
 
-PrivateKey=PRIME256V1_RFC5114
+PrivateKey=KAS-ECC-CDH_P-521_C7
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQggUJkFF8vVvLpao4z
-ehKEmT+vQypavOWehntykdUHo6+hRANCAAQq9QLzvolS8sm1qNQWDQnpcWW+ULxC
-rkpejTtLqDrrFesPr0yphsTThoGg+YctedVnlb1L/25t48D1AV7OXv2F
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAwpqiI+qNZLSh7aJ/
+OdO8mOoBSN2Ywcvllfj9K/veEZyeAXpQ9dH8EhwIwc7zG3WIWVVus+DgQtjdaqrF
+egXKYeOhgYkDgYYABAAVEchI72DVQZqY0QIE2w/lgiQSQ3AGG8+k6SSdUGGMVr83
+IkcbJZ84Jju3soDSPK8qHuhzf5NxzbJzLNyVg2mTDAHUYWga5tjEm0xfTWAWFD+x
+vXSRVz4+0ObEi4LoIWRPh/gvDl8I/Rbx+Y+hdYYgCrAu2MYns1w/J2F+xf2S9FYg
+Pw==
 -----END PRIVATE KEY-----
 
-PublicKey=PRIME256V1_RFC5114-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C7-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEKvUC876JUvLJtajUFg0J6XFlvlC8
-Qq5KXo07S6g66xXrD69MqYbE04aBoPmHLXnVZ5W9S/9ubePA9QFezl79hQ==
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAFRHISO9g1UGamNECBNsP5YIkEkNw
+BhvPpOkknVBhjFa/NyJHGyWfOCY7t7KA0jyvKh7oc3+Tcc2ycyzclYNpkwwB1GFo
+GubYxJtMX01gFhQ/sb10kVc+PtDmxIuC6CFkT4f4Lw5fCP0W8fmPoXWGIAqwLtjG
+J7NcPydhfsX9kvRWID8=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = PRIME256V1_RFC5114:PRIME256V1_RFC5114-PUBLIC
-
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C7:KAS-ECC-CDH_P-521_C7-PUBLIC
 
-PrivateKey=PRIME256V1_RFC5114-Peer
------BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgLOF4jsGX4JbblaIA
-zAqyahnOa8ytViuO7htZN2HPf0GhRANCAASxIN5Ko2SSeVNG6N5sLIZGrgaq6ief
-p3WzqwcV9s5RsJ8bfuziDXte2OxoX6Pwcdg3JwJwkqhBE4XDTd5XCLK2
------END PRIVATE KEY-----
 
-PublicKey=PRIME256V1_RFC5114-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C7-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEsSDeSqNkknlTRujebCyGRq4Gquon
-n6d1s6sHFfbOUbCfG37s4g17XtjsaF+j8HHYNycCcJKoQROFw03eVwiytg==
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBaUkdVb0JBJ/fTCpTpmBID+5MA6BT
+hnXRzQm1u6eNrEhUPvEYoRc7P7+LIOOc4Oa4kKFjxQ+WRbPSHRy7O2Cm//QAg0lL
+Lrp2kQ/tM8dhgEUVAR+rUOOzd6vYqKBF2IbSI40sJorBtuyIvXG3unjiwzwVLkv3
+2l1WXkrL7PXpLHrWYrs=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = PRIME256V1_RFC5114-Peer:PRIME256V1_RFC5114-Peer-PUBLIC
-
-
 
-Derive=PRIME256V1_RFC5114
 Availablein = default
-PeerKey=PRIME256V1_RFC5114-Peer-PUBLIC
-SharedSecret=DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788
-
-Derive=PRIME256V1_RFC5114-Peer
-Availablein = default
-PeerKey=PRIME256V1_RFC5114-PUBLIC
-SharedSecret=DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788
+Derive=KAS-ECC-CDH_P-521_C7
+PeerKey=KAS-ECC-CDH_P-521_C7-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=018f2ae9476c771726a77780208dedfefa205488996b18fecc50bfd4c132753f5766b2cd744afa9918606de2e016effc63622e9029e76dc6e3f0c69f7aeced565c2c
 
-PrivateKey=SECP384R1_RFC5114
+PrivateKey=KAS-ECC-CDH_P-521_C8
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDSczXqcWZK8kTdFOn9
-EmBxXf2KeWVXHEjXCe56eWKhVtcGqQy8td8phvBf6tuTdvGhZANiAAR5MUjxeHY0
-1dpMbZB0QX0F4FerYvggVNEO5rBAPWJ5VH5qjqnR/XdCfQFv4nqLjGbGxBKUMx0j
-5vSA9PtM1AUEyUc5LpT0w/BrjzmLsp5CNo96aFkj3jtnus7SFKGh0Sg=
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAKGkr4r9cS0iTmEb7
+PVvOdGVLsmRuFfg4niNwihr631YVEeoNmVfQtTRTgZ1g+6j2Whj3sp3wIbG7Ac0W
+MpOsw8yhgYkDgYYABAHP3BDHmfXHnLaTCmX7o1F0jgdWeZPl5BDvTKzEzYoleEmR
+60Z05BBQ+TDHGQrIErkkX0inlztlja9AiCL+W4X2aAGA2d38mvd7nEpvAqg02xXl
+NeCzhFsszjA4gwG1HOy+MnYwfvQ5tcnmpy3C2U2Hm8OVBS27SleH0G77KAIQ+4vg
+Nw==
 -----END PRIVATE KEY-----
 
-PublicKey=SECP384R1_RFC5114-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C8-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEeTFI8Xh2NNXaTG2QdEF9BeBXq2L4IFTR
-DuawQD1ieVR+ao6p0f13Qn0Bb+J6i4xmxsQSlDMdI+b0gPT7TNQFBMlHOS6U9MPw
-a485i7KeQjaPemhZI947Z7rO0hShodEo
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBz9wQx5n1x5y2kwpl+6NRdI4HVnmT
+5eQQ70ysxM2KJXhJketGdOQQUPkwxxkKyBK5JF9Ip5c7ZY2vQIgi/luF9mgBgNnd
+/Jr3e5xKbwKoNNsV5TXgs4RbLM4wOIMBtRzsvjJ2MH70ObXJ5qctwtlNh5vDlQUt
+u0pXh9Bu+ygCEPuL4Dc=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = SECP384R1_RFC5114:SECP384R1_RFC5114-PUBLIC
-
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C8:KAS-ECC-CDH_P-521_C8-PUBLIC
 
-PrivateKey=SECP384R1_RFC5114-Peer
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBS0Xkf20tw+JwPANRW
-wvcCO2ElJiw2p98fgCMRIczj05vlLgDBlKQTLEpsdovNlNKhZANiAARc1Cq5xBtT
-R/dLjU77cIs9WzbbZZFTWbRKvBdke2uZmXidcqhIZa4vIj8StaGrwSDhcUWP6qk5
-qqOov6xGtAS9j21bNIwPpNgM7KFjVsqTMkC96HI0Fajs4DWw7fNnVd4=
------END PRIVATE KEY-----
 
-PublicKey=SECP384R1_RFC5114-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C8-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEXNQqucQbU0f3S41O+3CLPVs222WRU1m0
-SrwXZHtrmZl4nXKoSGWuLyI/ErWhq8Eg4XFFj+qpOaqjqL+sRrQEvY9tWzSMD6TY
-DOyhY1bKkzJAvehyNBWo7OA1sO3zZ1Xe
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAhBX1u9Du44fWwJ0O+KyvKcZttF1r
+oQGGCuRdPGDh4OP3JHpGJqYP3UBJZcNWbHn2RJ6FbOC/lGGfl9qNokvSz7YA/dfF
+nFjDYbxQp6XQ029yOxfE8q0rA8JNQtxQ90qMRloK/EaD8Q+rhGUt/p6SjCYmtUVk
+U+FXP/YL4VB0Z9Qx+7I=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = SECP384R1_RFC5114-Peer:SECP384R1_RFC5114-Peer-PUBLIC
-
 
-
-Derive=SECP384R1_RFC5114
-Availablein = default
-PeerKey=SECP384R1_RFC5114-Peer-PUBLIC
-SharedSecret=5EA1FC4AF7256D2055981B110575E0A8CAE53160137D904C59D926EB1B8456E427AA8A4540884C37DE159A58028ABC0E
-
-Derive=SECP384R1_RFC5114-Peer
 Availablein = default
-PeerKey=SECP384R1_RFC5114-PUBLIC
-SharedSecret=5EA1FC4AF7256D2055981B110575E0A8CAE53160137D904C59D926EB1B8456E427AA8A4540884C37DE159A58028ABC0E
+Derive=KAS-ECC-CDH_P-521_C8
+PeerKey=KAS-ECC-CDH_P-521_C8-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=0105a346988b92ed8c7a25ce4d79d21bc86cfcc7f99c6cd19dbb4a39f48ab943b79e4f0647348da0b80bd864b85c6b8d92536d6aa544dc7537a00c858f8b66319e25
 
-PrivateKey=SECP521R1_RFC5114
+PrivateKey=KAS-ECC-CDH_P-521_C9
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBE/gtqCVzXj2XJ2aD
-srdCd7rSczXqcWZK8kMMxPM0WblmnueLP/ubhoMBXTRNy/72+5r0xsRwviVFFs08
-Gh+0c2KhgYkDgYYABAHrs03XVyGr+K3J2+0XiJy7l2XZCnxg8s7wB7sPKybhSIH9
-RELmidYcst0EbuMOP/0g+aRbvfZBPVg6Lb9Zkk/TXAD2tjLRlMA4jiLYQ35VjFUq
-4ZWt/RU/ktdJCDUbL4xO2pTtsJFtG1PAILXuyu0aX8OKIz5IMFh7su40ibO0KlqG
-pA==
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBGU0e5hP1Nmy8RLUE
+0hoM9nFeIJzTWPLdXz5xzA1n0OlkFoxCoITr2nRvmGOoa6z/yBnx7fG4xyfM+zBH
+JApXxDWhgYkDgYYABAFr0VyKWNNm9/Ky8pjMh7dIXp7nDRHRJEi4N3wKgsdib2ev
+9/l756NUa/QX7u3fdak8EwGRyEEIBC6i/KF/0/gNFAFWBQLQS3T84XQ6q0d6nR6s
+k+UiaYH9uXp0eM5M5Wb/ckOTEoT62FCwwryuDd0tl3kBYMGi53w+1slezES4niY3
+/A==
 -----END PRIVATE KEY-----
 
-PublicKey=SECP521R1_RFC5114-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C9-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQB67NN11chq/itydvtF4icu5dl2Qp8
-YPLO8Ae7Dysm4UiB/URC5onWHLLdBG7jDj/9IPmkW732QT1YOi2/WZJP01wA9rYy
-0ZTAOI4i2EN+VYxVKuGVrf0VP5LXSQg1Gy+MTtqU7bCRbRtTwCC17srtGl/DiiM+
-SDBYe7LuNImztCpahqQ=
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBa9FciljTZvfysvKYzIe3SF6e5w0R
+0SRIuDd8CoLHYm9nr/f5e+ejVGv0F+7t33WpPBMBkchBCAQuovyhf9P4DRQBVgUC
+0Et0/OF0OqtHep0erJPlImmB/bl6dHjOTOVm/3JDkxKE+thQsMK8rg3dLZd5AWDB
+oud8PtbJXsxEuJ4mN/w=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = SECP521R1_RFC5114:SECP521R1_RFC5114-PUBLIC
-
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C9:KAS-ECC-CDH_P-521_C9-PUBLIC
 
-PrivateKey=SECP521R1_RFC5114-Peer
------BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAzuNIDYZFoX0knyd2
-0ouuYWlS0Xkf20tw98M3hzKqGyKShEi80dwkltQ1sBBIBm6+T3KQPDYbGp3BGT3C
-ydCJG5ahgYkDgYYABAEOv6/G6F4I0kv//MGkUR2w5jS+6xtt7IxZOa5EdmIBr2IA
-QwupfIrGoOnwizPOfp/utbpO5eDYFRDCQpW4oI0CNQCkpuwwDfniV7A3K156v+8J
-NDZxmneIfrsLGM+Ambn0IStuMKFBnBjgKdNoY8ydRI9Nuk0qDmBxG+VykV+9T+8m
-lQ==
------END PRIVATE KEY-----
 
-PublicKey=SECP521R1_RFC5114-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C9-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBDr+vxuheCNJL//zBpFEdsOY0vusb
-beyMWTmuRHZiAa9iAEMLqXyKxqDp8Iszzn6f7rW6TuXg2BUQwkKVuKCNAjUApKbs
-MA354lewNyteer/vCTQ2cZp3iH67CxjPgJm59CErbjChQZwY4CnTaGPMnUSPTbpN
-Kg5gcRvlcpFfvU/vJpU=
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBxyHuqAWly6KfNLpXWHdb4M9hYObA
+hyP1qxe/lqH/K9lCeWGk80sH/AsUyksr9oRd69WoafEk6/p6py/lZQULfxgAtuie
+sOHc8YEjb3xUj9GowWsli1LBqb/T/o8ihBsmdjJl8HTEzPLWNK6XtwGVb2ehEAbF
+LZcZfZL1hfV0i8JnLus=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = SECP521R1_RFC5114-Peer:SECP521R1_RFC5114-Peer-PUBLIC
 
-
-
-Derive=SECP521R1_RFC5114
-Availablein = default
-PeerKey=SECP521R1_RFC5114-Peer-PUBLIC
-SharedSecret=00CDEA89621CFA46B132F9E4CFE2261CDE2D4368EB5656634C7CC98C7A00CDE54ED1866A0DD3E6126C9D2F845DAFF82CEB1DA08F5D87521BB0EBECA77911169C20CC
-
-Derive=SECP521R1_RFC5114-Peer
 Availablein = default
-PeerKey=SECP521R1_RFC5114-PUBLIC
-SharedSecret=00CDEA89621CFA46B132F9E4CFE2261CDE2D4368EB5656634C7CC98C7A00CDE54ED1866A0DD3E6126C9D2F845DAFF82CEB1DA08F5D87521BB0EBECA77911169C20CC
+Derive=KAS-ECC-CDH_P-521_C9
+PeerKey=KAS-ECC-CDH_P-521_C9-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=004531b3d2c6cd12f21604c8610e6723dbf4daf80b5a459d6ba5814397d1c1f7a21d7c114be964e27376aaebe3a7bc3d6af7a7f8c7befb611afe487ff032921f750f
 
-# Keys and shared secrets from RFC 5903
-PrivateKey=PRIME256V1_RFC5903
+PrivateKey=KAS-ECC-CDH_P-521_C10
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgyI8B9RDZrD9wopLa
-ojFt5UTpqriv6EBJxiqcV4YtFDOhRANCAATa0LZTlCIc+bBR4f7KV4fQmN/mN/yQ
-ue+UXQw3clgRgFJxoEYc24JS1h8cRW+j5Zqx9FszrM9fWDieBXe4mQuz
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIB/ZDj5BbpiqPytq+n
+8782jkUa2cpb1UtbFK7i7Wcj3eUYH1CFtoFpsJ++xyE3LM9rKEcT+aY1a41WCo/3
+jKNzfIihgYkDgYYABAHr6hsQ0+O5cbfvtp/IeN4Rx/Ry5OTThMMbjWKI2AcVF6yt
+6bOXlsevUWO89xrtp3dTPzgsbPCk2bu5OMhfRLeANwFrDj4ZwplrLL0f9kcw58qQ
+7coZhPmylRMzU15XSLqjSpn2H/TV+BIHng8B6HeJ8079rYCYAV7nSk+EbdGQ0W3G
+4Q==
 -----END PRIVATE KEY-----
 
-PublicKey=PRIME256V1_RFC5903-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C10-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE2tC2U5QiHPmwUeH+yleH0Jjf5jf8
-kLnvlF0MN3JYEYBScaBGHNuCUtYfHEVvo+WasfRbM6zPX1g4ngV3uJkLsw==
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQB6+obENPjuXG377afyHjeEcf0cuTk
+04TDG41iiNgHFResremzl5bHr1FjvPca7ad3Uz84LGzwpNm7uTjIX0S3gDcBaw4+
+GcKZayy9H/ZHMOfKkO3KGYT5spUTM1NeV0i6o0qZ9h/01fgSB54PAeh3ifNO/a2A
+mAFe50pPhG3RkNFtxuE=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = PRIME256V1_RFC5903:PRIME256V1_RFC5903-PUBLIC
-
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C10:KAS-ECC-CDH_P-521_C10-PUBLIC
 
-PrivateKey=PRIME256V1_RFC5903-Peer
------BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgxu+cXXiuASoBEWSs
-s5fOIIhoXY8Gv5vgsoOrRkdr7lOhRANCAATRLftSicjU+BIItwJwOYw0IpaXCgvM
-t0xzb8dVRJS/Y1b788o2bMI+gVeFTBPFjWqsI/BGraMPg1PnTzMDmHKr
------END PRIVATE KEY-----
 
-PublicKey=PRIME256V1_RFC5903-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C10-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE0S37UonI1PgSCLcCcDmMNCKWlwoL
-zLdMc2/HVUSUv2NW+/PKNmzCPoFXhUwTxY1qrCPwRq2jD4NT508zA5hyqw==
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBw1gj5ECpNjq5jZ/Hp7wMBTLceXen
+kWVZm/GpzGTAD7OHtCzKNlKG6EMDYL+tNkO8MTVO2lDck2wyns22CQXED8sA2ef0
+M1MeRN9PbVFCAcuquwa63WeD4BERcm2BVTHSM8XNtyKJP/uyAnJZ1ZTed0OICXOB
+IMb3g5NPkmw/tptAxAk=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = PRIME256V1_RFC5903-Peer:PRIME256V1_RFC5903-Peer-PUBLIC
-
-
-
-Derive=PRIME256V1_RFC5903
-Availablein = default
-PeerKey=PRIME256V1_RFC5903-Peer-PUBLIC
-SharedSecret=D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE
 
-Derive=PRIME256V1_RFC5903-Peer
 Availablein = default
-PeerKey=PRIME256V1_RFC5903-PUBLIC
-SharedSecret=D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE
+Derive=KAS-ECC-CDH_P-521_C10
+PeerKey=KAS-ECC-CDH_P-521_C10-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=0100c8935969077bae0ba89ef0df8161d975ec5870ac811ae7e65ca5394efba4f0633d41bf79ea5e5b9496bbd7aae000b0594baa82ef8f244e6984ae87ae1ed124b7
 
-PrivateKey=SECP384R1_RFC5903
+PrivateKey=KAS-ECC-CDH_P-521_C11
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAJnzxwNNSixpmITXOj
-daZ/diTvfGs8DxYGR7Z0FNzmVeNbU4BB5knuP674lng6sZShZANiAARmeELX0YCs
-LN5vdPN1UfVXVcdkXCDvc+MWNP5ytMVe5t46yAistL20yIcyrulfQaqUgu0fwO65
-yvxJhGJcz8I/ZQMhSeDhRK2gJBgVNaDzjuufz/PCyUfa5ptMY0VzqBw=
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAkBLs/a3IXO1jCv6l
+NM3I6dGri+XzdT3PXysJtA7aZvxoWFSbw25vjfVZmM+poHA67PbEJ5nCRQEQZPUw
+wJ25g2mhgYkDgYYABAAjTjK+CpBxMdLRKKZHfgys64bwJHl0Xg/iRcszLeYxwHiH
+EWBILu71hOJ033+kEs6j4ekfcey6h4HZIF1IOGNBrQHPhkVbCbHABc/7qNdiiaN1
+lijIdL7qRi9R8wvVgeOAMTQwfe27dxszNO4Vvi4kLNecNAfS9Yk1RWxpQd2bbRVa
+Rg==
 -----END PRIVATE KEY-----
 
-PublicKey=SECP384R1_RFC5903-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C11-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZnhC19GArCzeb3TzdVH1V1XHZFwg73Pj
-FjT+crTFXubeOsgIrLS9tMiHMq7pX0GqlILtH8Duucr8SYRiXM/CP2UDIUng4USt
-oCQYFTWg847rn8/zwslH2uabTGNFc6gc
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAI04yvgqQcTHS0SimR34MrOuG8CR5
+dF4P4kXLMy3mMcB4hxFgSC7u9YTidN9/pBLOo+HpH3HsuoeB2SBdSDhjQa0Bz4ZF
+WwmxwAXP+6jXYomjdZYoyHS+6kYvUfML1YHjgDE0MH3tu3cbMzTuFb4uJCzXnDQH
+0vWJNUVsaUHdm20VWkY=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = SECP384R1_RFC5903:SECP384R1_RFC5903-PUBLIC
-
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C11:KAS-ECC-CDH_P-521_C11-PUBLIC
 
-PrivateKey=SECP384R1_RFC5903-Peer
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBBywd5tL24XUeEZyX7
-7DyUMPq0bMjcUGCFXMm9oKopQuAwgxKRa47Slg5L1Vp0SPyhZANiAATlWNvvU+7N
-49P8z8GuoIqJqYdHXRL9lQ2Dz6QXMrxQnQ0axDoDNt75b9pB0HdKNXHc++x6rPMZ
-ZHIWnoOEMDZ/Zu6+PG5wxBbdXwxodZ3R//g/pAFCIJ3/XqrZbbnmOGw=
------END PRIVATE KEY-----
 
-PublicKey=SECP384R1_RFC5903-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C11-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE5Vjb71PuzePT/M/BrqCKiamHR10S/ZUN
-g8+kFzK8UJ0NGsQ6Azbe+W/aQdB3SjVx3PvseqzzGWRyFp6DhDA2f2buvjxucMQW
-3V8MaHWd0f/4P6QBQiCd/16q2W255jhs
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQACTBX+4YvKtLoLlgbrrMyTnsylG8r
+qEWpvu7YfWmV9UkY7GYZuZMZVdWonU10rfEEa7NiGS8u9r0+PS0E3R+HBUoAqj+y
+RIM19pTjzaSuDMcbGy8qIG+oAtcmLxmYPERnT+FTJ6yqwfpAQkw5WmVWy4FnMSUn
++uWGXs/8FLvcF9p4zc8=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = SECP384R1_RFC5903-Peer:SECP384R1_RFC5903-Peer-PUBLIC
-
-
 
-Derive=SECP384R1_RFC5903
 Availablein = default
-PeerKey=SECP384R1_RFC5903-Peer-PUBLIC
-SharedSecret=11187331C279962D93D604243FD592CB9D0A926F422E47187521287E7156C5C4D603135569B9E9D09CF5D4A270F59746
-
-Derive=SECP384R1_RFC5903-Peer
-Availablein = default
-PeerKey=SECP384R1_RFC5903-PUBLIC
-SharedSecret=11187331C279962D93D604243FD592CB9D0A926F422E47187521287E7156C5C4D603135569B9E9D09CF5D4A270F59746
+Derive=KAS-ECC-CDH_P-521_C11
+PeerKey=KAS-ECC-CDH_P-521_C11-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=017f36af19303841d13a389d95ec0b801c7f9a679a823146c75c17bc44256e9ad422a4f8b31f14647b2c7d317b933f7c2946c4b8abd1d56d620fab1b5ff1a3adc71f
 
-PrivateKey=SECP521R1_RFC5903
+PrivateKey=KAS-ECC-CDH_P-521_C12
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAN63pMZqJ9Nq9s+9B
-GqzMpRI8YayrV7U5Pc5HYIFyoJWqhaMP4cKVLGdx2Te6l3f1lXsmObqwckYvaMJ6
-VzgtSlKhgYkDgYYABAAVQX6E2/KMCtPCeHEzSdx98VPIl6GJG9mLq0NXyey+4eO/
-QuALjjgK6uV8LRB1ZJQYhZQq9af0YBcjxBldF2ztPgF8riC2ZB0u62lXhtjJRhRi
-OdCZ4Y4dWlFMc518tKEK2KeIAVrEBdd5ncdee31bbPImGmp/FQdDi/Ab62yjkm+V
-gg==
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBtf+Ef47/ILiM+tQs
+BuWMN0Ly+PH9/WS1ObpIwlkmkmvV4zK0VknAsYT3clXp1Y/or6Gm2Wjiyx1GN3dx
+IMdlwSihgYkDgYYABAHePckmO8jElp3GhL4O7FS+/ZqfPboZTYZYp4k0G/DXjYTa
+ZzUifK+vCTUZUWkRl1c8jDYKEeUoVxK4u99ayRuXfACBLeWM0JXsLlqbJH6z7UHY
+vvaurOGUp6BbZapdKJ+8mxdw7IS7a+DCxkzDfB1Up/XXE3eprb4g8m9vK1RKgh6o
+MQ==
 -----END PRIVATE KEY-----
 
-PublicKey=SECP521R1_RFC5903-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C12-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAFUF+hNvyjArTwnhxM0ncffFTyJeh
-iRvZi6tDV8nsvuHjv0LgC444CurlfC0QdWSUGIWUKvWn9GAXI8QZXRds7T4BfK4g
-tmQdLutpV4bYyUYUYjnQmeGOHVpRTHOdfLShCtiniAFaxAXXeZ3HXnt9W2zyJhpq
-fxUHQ4vwG+tso5JvlYI=
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQB3j3JJjvIxJadxoS+DuxUvv2anz26
+GU2GWKeJNBvw142E2mc1Inyvrwk1GVFpEZdXPIw2ChHlKFcSuLvfWskbl3wAgS3l
+jNCV7C5amyR+s+1B2L72rqzhlKegW2WqXSifvJsXcOyEu2vgwsZMw3wdVKf11xN3
+qa2+IPJvbytUSoIeqDE=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = SECP521R1_RFC5903:SECP521R1_RFC5903-PUBLIC
-
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C12:KAS-ECC-CDH_P-521_C12-PUBLIC
 
-PrivateKey=SECP521R1_RFC5903-Peer
------BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBRbqZqEevQ3k/3Q6H
-LnzfoWvjD9x4D5e8zD8Hg4AgHpxnfWALNDdXo72/KjFj5ML4acynRYqkpO/8MR9c
-sVFoXrmhgYkDgYYABADQs5daxLeZ9b6hbV4T6a+XHV6bmEyfOXKLXlc5c1ohm5fD
-VkNq3G6VuwNS9r5kpsKRLU7y0EM87SthcWQAEtlGDwFcaCJjg5VuO9Bm55e2I8J8
-4OrC9VGhDCxyTZhSB3uHIgtlNsXECKHSrruOhtZ4rknLVwkfRzIpZXmrRPzRfw/F
-ag==
------END PRIVATE KEY-----
 
-PublicKey=SECP521R1_RFC5903-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C12-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQA0LOXWsS3mfW+oW1eE+mvlx1em5hM
-nzlyi15XOXNaIZuXw1ZDatxulbsDUva+ZKbCkS1O8tBDPO0rYXFkABLZRg8BXGgi
-Y4OVbjvQZueXtiPCfODqwvVRoQwsck2YUgd7hyILZTbFxAih0q67jobWeK5Jy1cJ
-H0cyKWV5q0T80X8PxWo=
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAgxku0LHLMfdYF3lJN/Zq2Rz3RVLN
+UQztuf1kExBCKvXQnyIcrSSe6BTRbdeshN7Z6s3Cg0D8/JwMBqvjCi/CjNgAIhLt
+hoyboPsskeLDm6k5lqPk6/RfKFLQkoxIkw6HXMe0KNDn8/TVA+XWDGjLSbE8JIDN
+SGvtkgDK3a3f5P+ONWI=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = SECP521R1_RFC5903-Peer:SECP521R1_RFC5903-Peer-PUBLIC
-
 
-
-Derive=SECP521R1_RFC5903
-Availablein = default
-PeerKey=SECP521R1_RFC5903-Peer-PUBLIC
-SharedSecret=01144C7D79AE6956BC8EDB8E7C787C4521CB086FA64407F97894E5E6B2D79B04D1427E73CA4BAA240A34786859810C06B3C715A3A8CC3151F2BEE417996D19F3DDEA
-
-Derive=SECP521R1_RFC5903-Peer
 Availablein = default
-PeerKey=SECP521R1_RFC5903-PUBLIC
-SharedSecret=01144C7D79AE6956BC8EDB8E7C787C4521CB086FA64407F97894E5E6B2D79B04D1427E73CA4BAA240A34786859810C06B3C715A3A8CC3151F2BEE417996D19F3DDEA
+Derive=KAS-ECC-CDH_P-521_C12
+PeerKey=KAS-ECC-CDH_P-521_C12-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=00062f9fc29ae1a68b2ee0dcf956cbd38c88ae5f645eaa546b00ebe87a7260bf724be20d34b9d02076655c933d056b21e304c24ddb1dedf1dd76de611fc4a2340336
 
-# Keys and shared secrets from RFC 7027
-PrivateKey=BRAINPOOLP256R1_RFC7027
+PrivateKey=KAS-ECC-CDH_P-521_C13
 -----BEGIN PRIVATE KEY-----
-MIGIAgEAMBQGByqGSM49AgEGCSskAwMCCAEBBwRtMGsCAQEEIIHbHuEAFQ/y6jON
-cIJxvjgwDLVCQdeZUPd7BjA5gE8doUQDQgAERBBukT+SvAKhcF2ZU6hBTbleGqpJ
-6B2ehfkpqOMQC+WKtIRvEcrMtzzknL3RIPWpAKaf0ywnIiP3ie8Q6wib3A==
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBGmNH1OgByRkjSINU
+zFM+fjX934H/D7f1a7Bybgwp7l3NxfOUulTPVyaQSKq24FWJXI2iS4sGOadCMUOQ
+zAQZDtahgYkDgYYABAD+MCZ/M7pc3vwly7PJMg2tnMsdfTdmRGIMpPre5WJqPO3i
+WtJUYk3vcnpwSPcUX3YWKqmAQvmxI7IHb46M9Zs/3wARRdxmMZU7bilF6UMB1suw
+mP5LBPfumwlBHfEE3ILX157EagHtDy0+fbbraAaUvesQfBB4rsbKvZ6+49NC/n5U
+3w==
 -----END PRIVATE KEY-----
 
-PublicKey=BRAINPOOLP256R1_RFC7027-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C13-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABEQQbpE/krwCoXBdmVOoQU25Xhqq
-SegdnoX5KajjEAvlirSEbxHKzLc85Jy90SD1qQCmn9MsJyIj94nvEOsIm9w=
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQA/jAmfzO6XN78JcuzyTINrZzLHX03
+ZkRiDKT63uViajzt4lrSVGJN73J6cEj3FF92FiqpgEL5sSOyB2+OjPWbP98AEUXc
+ZjGVO24pRelDAdbLsJj+SwT37psJQR3xBNyC19eexGoB7Q8tPn2262gGlL3rEHwQ
+eK7Gyr2evuPTQv5+VN8=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BRAINPOOLP256R1_RFC7027:BRAINPOOLP256R1_RFC7027-PUBLIC
-
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C13:KAS-ECC-CDH_P-521_C13-PUBLIC
 
-PrivateKey=BRAINPOOLP256R1_RFC7027-Peer
------BEGIN PRIVATE KEY-----
-MIGIAgEAMBQGByqGSM49AgEGCSskAwMCCAEBBwRtMGsCAQEEIFXkC8QeN+PirSXD
-xmVFEf+oR0qRoAMgh1k4UtPn12vToUQDQgAEjS1ojGz5PhFgrQTMRCkRfcLEGCXh
-6fygrd005vGzn3uZDFdSCBK+USZB5HA0gyEGvH0+jdDkx/ETbXAGVHzsag==
------END PRIVATE KEY-----
 
-PublicKey=BRAINPOOLP256R1_RFC7027-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C13-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABI0taIxs+T4RYK0EzEQpEX3CxBgl
-4en8oK3dNObxs597mQxXUggSvlEmQeRwNIMhBrx9Po3Q5MfxE21wBlR87Go=
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBqJtjapPl0rpsIpK/IwM6hPBqOsEi
+DqcegGr74JeoBMxn6bqlFM+2wSyRlL4wISv3quf99tN2whLwVU5lZGP/q34Bgu/K
+9w/EEtM2YC4BTaRyVqC2BvKt3M6AU7+Beshla7TkLxTIy/Kmj0iKs13N9kBWJx3u
+H2BqRAukvU5aEbi45U8=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BRAINPOOLP256R1_RFC7027-Peer:BRAINPOOLP256R1_RFC7027-Peer-PUBLIC
-
-
-
-Derive=BRAINPOOLP256R1_RFC7027
-Availablein = default
-PeerKey=BRAINPOOLP256R1_RFC7027-Peer-PUBLIC
-SharedSecret=89AFC39D41D3B327814B80940B042590F96556EC91E6AE7939BCE31F3A18BF2B
 
-Derive=BRAINPOOLP256R1_RFC7027-Peer
 Availablein = default
-PeerKey=BRAINPOOLP256R1_RFC7027-PUBLIC
-SharedSecret=89AFC39D41D3B327814B80940B042590F96556EC91E6AE7939BCE31F3A18BF2B
+Derive=KAS-ECC-CDH_P-521_C13
+PeerKey=KAS-ECC-CDH_P-521_C13-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=0128ab09bfec5406799e610f772ba17e892249fa8e0e7b18a04b9197034b250b48294f1867fb9641518f92766066a07a8b917b0e76879e1011e51ccbd9f540c54d4f
 
-PrivateKey=BRAINPOOLP384R1_RFC7027
+PrivateKey=KAS-ECC-CDH_P-521_C14
 -----BEGIN PRIVATE KEY-----
-MIG6AgEAMBQGByqGSM49AgEGCSskAwMCCAEBCwSBnjCBmwIBAQQwHiD14EiliG8f
-FXx06RveK5jItS1Y5QA9VwU/xLC9ZdbxXrXR7hYQ34cHlRQ2J9BCoWQDYgAEaLZl
-3ZHBlYAGUM3TY8Yl9OdC6BNGZ7dnsbR2eTWI+IWraYyFLUpud6JS1jgPyvBoVbyR
-o5yewB3uNgF7fWc6kxI20vH1yDlC0Enj+iBgdJPg0Dj/L9MMKrZ9Fchff6pZ
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAIrbSoi1x36qBHS2f
+nzH77Sfy4fPSOVON3z5MyMOaMwJm2yW3vAqXBPF73n81kr9fHy1LVgE6rMPY0bwC
+8A0xRsyhgYkDgYYABAC6OM+/n9JRij9h1DVJ56am0osr5X/9Pg+s62NrNO0X4ESp
+8kna6PwTLpN+LZNJzS7Xe7EEnOtpKi7FsXrWFQKmTAAeyR0wWFc/psBWSgKhoBAW
+DDE7x8c1ENyYPlRhaCtb4A285+LGgq1z8pyoIs3BEfaPq+M6ezhKZINCw8258FC8
+2w==
 -----END PRIVATE KEY-----
 
-PublicKey=BRAINPOOLP384R1_RFC7027-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C14-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABGi2Zd2RwZWABlDN02PGJfTnQugT
-Rme3Z7G0dnk1iPiFq2mMhS1KbneiUtY4D8rwaFW8kaOcnsAd7jYBe31nOpMSNtLx
-9cg5QtBJ4/ogYHST4NA4/y/TDCq2fRXIX3+qWQ==
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAujjPv5/SUYo/YdQ1SeemptKLK+V/
+/T4PrOtjazTtF+BEqfJJ2uj8Ey6Tfi2TSc0u13uxBJzraSouxbF61hUCpkwAHskd
+MFhXP6bAVkoCoaAQFgwxO8fHNRDcmD5UYWgrW+ANvOfixoKtc/KcqCLNwRH2j6vj
+Ons4SmSDQsPNufBQvNs=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BRAINPOOLP384R1_RFC7027:BRAINPOOLP384R1_RFC7027-PUBLIC
-
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C14:KAS-ECC-CDH_P-521_C14-PUBLIC
 
-PrivateKey=BRAINPOOLP384R1_RFC7027-Peer
------BEGIN PRIVATE KEY-----
-MIG6AgEAMBQGByqGSM49AgEGCSskAwMCCAEBCwSBnjCBmwIBAQQwAyZAvGADxZJg
-9yUMPbWM5kf5jhJgrM5KzaPdhp904B+LpeAyQwnbapgxSXq6yWZwoWQDYgAETUQy
-byaaWXpbWLulZdpVVu1/2aip63bCX0bbadGdyM5q0Y5ASxVziyCG3zfnHR60YtaS
-E23lbL6Tv1+jGI71i8ijoOxsHhUaIQOKQukYUym1snWQPRkvjU4fMv6cx4xI
------END PRIVATE KEY-----
 
-PublicKey=BRAINPOOLP384R1_RFC7027-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C14-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABE1EMm8mmll6W1i7pWXaVVbtf9mo
-qet2wl9G22nRncjOatGOQEsVc4sght835x0etGLWkhNt5Wy+k79foxiO9YvIo6Ds
-bB4VGiEDikLpGFMptbJ1kD0ZL41OHzL+nMeMSA==
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBcgCz8Wpoy67Sv3i6jN37bP+sJiu6
+APvCX53HKgfOWTcpBImfNkxEyyZMCXtkfUQSvuPlGYktU02RKfiij3UA/ucAurqN
+ZypPSjtj3ki5b1bhjfXWj31w1RCYM/Q3cNZzLgazmtYNk+W0Pbh4nx7Aq6RyhqOe
+pYQjWs6nV9vxPVO1g2Q=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BRAINPOOLP384R1_RFC7027-Peer:BRAINPOOLP384R1_RFC7027-Peer-PUBLIC
-
-
-
-Derive=BRAINPOOLP384R1_RFC7027
-Availablein = default
-PeerKey=BRAINPOOLP384R1_RFC7027-Peer-PUBLIC
-SharedSecret=0BD9D3A7EA0B3D519D09D8E48D0785FB744A6B355E6304BC51C229FBBCE239BBADF6403715C35D4FB2A5444F575D4F42
 
-Derive=BRAINPOOLP384R1_RFC7027-Peer
 Availablein = default
-PeerKey=BRAINPOOLP384R1_RFC7027-PUBLIC
-SharedSecret=0BD9D3A7EA0B3D519D09D8E48D0785FB744A6B355E6304BC51C229FBBCE239BBADF6403715C35D4FB2A5444F575D4F42
+Derive=KAS-ECC-CDH_P-521_C14
+PeerKey=KAS-ECC-CDH_P-521_C14-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=0101e462e9d9159968f6440e956f11dcf2227ae4aea81667122b6af9239a291eb5d6cf5a4087f358525fcacfa46bb2db01a75af1ba519b2d31da33eda87a9d565748
 
-PrivateKey=BRAINPOOLP512R1_RFC7027
+PrivateKey=KAS-ECC-CDH_P-521_C15
 -----BEGIN PRIVATE KEY-----
-MIHsAgEAMBQGByqGSM49AgEGCSskAwMCCAEBDQSB0DCBzQIBAQRAFjAv8Nu7Wo1z
-PatxQcG0WsvIcVk5Z39qVoUKOL2HvVmwnoAnlgn/Mz651MBhIx+yb5LusEmCpfHR
-dkytV2ZUIqGBhQOBggAECkIFF+QGqsCs3OkPzXFIdxjTuVPv1/vsX38n4oxhSZmT
-l+keAp4GRX2y0+ZAZos5LCp+c3p/C/BENtEWQP0J/XLmiC6NsoqtNiN80l1YDbI3
-g5YcjcUt+i7BOK1HKg/O84h89itiOyqH3lxYgwHqPl/CabNztgck9egqatFH/ec=
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAW6z/8mis9lU8PFg7
+Rk6jah014rJXpdSes0GdWglQh8L7TRXPW/WvgW0PP/dYZJDM093BqYs5zmN0nGKI
+zg29rH2hgYkDgYYABAA25IjadYFHKp2OYoxY1q1ycxG35qP2rjOoVE80sJKAJJAg
+vnGWkW+v2Q4uxUtmtUaNI2G5m1b6ANesN6u4xvFmUwEe25+4rbakP09fX9wUIcn+
+BPyLpGybZjNOOvknyL77QwcQTymazsTjD4Etk0XJcg0Zhp2//9TKPn0nE+tfw/Qm
+FQ==
 -----END PRIVATE KEY-----
 
-PublicKey=BRAINPOOLP512R1_RFC7027-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C15-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDQOBggAECkIFF+QGqsCs3OkPzXFIdxjT
-uVPv1/vsX38n4oxhSZmTl+keAp4GRX2y0+ZAZos5LCp+c3p/C/BENtEWQP0J/XLm
-iC6NsoqtNiN80l1YDbI3g5YcjcUt+i7BOK1HKg/O84h89itiOyqH3lxYgwHqPl/C
-abNztgck9egqatFH/ec=
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQANuSI2nWBRyqdjmKMWNatcnMRt+aj
+9q4zqFRPNLCSgCSQIL5xlpFvr9kOLsVLZrVGjSNhuZtW+gDXrDeruMbxZlMBHtuf
+uK22pD9PX1/cFCHJ/gT8i6Rsm2YzTjr5J8i++0MHEE8pms7E4w+BLZNFyXINGYad
+v//Uyj59JxPrX8P0JhU=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BRAINPOOLP512R1_RFC7027:BRAINPOOLP512R1_RFC7027-PUBLIC
-
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C15:KAS-ECC-CDH_P-521_C15-PUBLIC
 
-PrivateKey=BRAINPOOLP512R1_RFC7027-Peer
------BEGIN PRIVATE KEY-----
-MIHsAgEAMBQGByqGSM49AgEGCSskAwMCCAEBDQSB0DCBzQIBAQRAIw4Y4bzIijYv
-pU5Oo5AgCSkvf4AzYk/UcbXYrOSdEs+rvBmWPauOLx66AL/7KeTXLRPyIkVi9AXL
-gFA2ZrJUKaGBhQOBggAEnUX2beXWfi5ttuk6Wc4LtIEGCX/3iggd54HNsx/OjMuq
-6o3UMgxBGfHpzUN6Lqs3MfqWaKsmjYcd7aVaVHMZny/cMTCVvN1fs6kWNvB6lZyO
-hrVjah6TDoOWBJy0gZYdNlzBFFOgbHGYNUdbEstS/Dw4O8414n7xlFErcYdihfo=
------END PRIVATE KEY-----
 
-PublicKey=BRAINPOOLP512R1_RFC7027-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C15-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDQOBggAEnUX2beXWfi5ttuk6Wc4LtIEG
-CX/3iggd54HNsx/OjMuq6o3UMgxBGfHpzUN6Lqs3MfqWaKsmjYcd7aVaVHMZny/c
-MTCVvN1fs6kWNvB6lZyOhrVjah6TDoOWBJy0gZYdNlzBFFOgbHGYNUdbEstS/Dw4
-O8414n7xlFErcYdihfo=
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQATv1dvS+Xnjgxzpj4I1XWyhSldXhC
+h1iCmQq4Wrm3NS3WubL06poelcOIDWXR82AvnKZT3DRvrIWGWNdWJvTU+wgAYc8V
+29qn8xWJyYQANz2ihFBtcMifB07SYqnigUB5a3I2wu75kBYIXnFVL/SIxytzOf77
+eRXDhFnLIKuFrsTkUFI=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BRAINPOOLP512R1_RFC7027-Peer:BRAINPOOLP512R1_RFC7027-Peer-PUBLIC
-
-
 
-Derive=BRAINPOOLP512R1_RFC7027
 Availablein = default
-PeerKey=BRAINPOOLP512R1_RFC7027-Peer-PUBLIC
-SharedSecret=A7927098655F1F9976FA50A9D566865DC530331846381C87256BAF3226244B76D36403C024D7BBF0AA0803EAFF405D3D24F11A9B5C0BEF679FE1454B21C4CD1F
-
-Derive=BRAINPOOLP512R1_RFC7027-Peer
-Availablein = default
-PeerKey=BRAINPOOLP512R1_RFC7027-PUBLIC
-SharedSecret=A7927098655F1F9976FA50A9D566865DC530331846381C87256BAF3226244B76D36403C024D7BBF0AA0803EAFF405D3D24F11A9B5C0BEF679FE1454B21C4CD1F
-
-
-# http://csrc.nist.gov/groups/STM/cavp/component-testing.html#ECCCDH   #
-# sha256sum(KAS_ECC_CDH_PrimitiveTest.txt) =                           #
-#     456068d3f8aad8ac62a03d19ed3173f00ad51f42b51aeab4753c20f30c01cf23 #
-Title = ECDH KATs (from NIST SP800-56A co-factor ECDH KATs
+Derive=KAS-ECC-CDH_P-521_C15
+PeerKey=KAS-ECC-CDH_P-521_C15-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=0141d6a4b719ab67eaf04a92c0a41e2dda78f4354fb90bdc35202cc7699b9b04d49616f82255debf7bbec045ae58f982a66905fcfae69d689785e38c868eb4a27e7b
 
-PrivateKey=KAS-ECC-CDH_P-192_C0
+PrivateKey=KAS-ECC-CDH_P-521_C16
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjxfT/qNnt000CFHKQn
-DcskwnH0Rb7Z1SehNAMyAASxUFNAH1coVjfsMkwc0hOeOmfeNzkjSzfyacFYY3SC
-qtZEzWkt0dPvLIp8SeOJ9/Y=
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAjiyTxUI4diI6Y3yt
+NnyFidppotD8aGEvMZI65QIZ3yRS58ySYVtn8XtX/9L1KxkVS7QNdxUzZCD94uif
+7iRPWdyhgYkDgYYABAD6OzURjWxCJXD3JKJvkLKDOxkjkXTOoIHFMTP2TbYNaUDq
+EmEpnATB9Fh82wxMOWFkecG7DBRnmaEYAy3PmPiZwABp8EAikAYVH6MrUfZ5yIFv
+fBdQa0A4Cdx3zViirsQw2U0TtskW3pnzVapF/PvGhT1obHG+SWoGfSS/rqSBj8Uf
+dQ==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C0-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C16-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEsVBTQB9XKFY37DJMHNITnjpn3jc5
-I0s38mnBWGN0gqrWRM1pLdHT7yyKfEnjiff2
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQA+js1EY1sQiVw9ySib5CygzsZI5F0
+zqCBxTEz9k22DWlA6hJhKZwEwfRYfNsMTDlhZHnBuwwUZ5mhGAMtz5j4mcAAafBA
+IpAGFR+jK1H2eciBb3wXUGtAOAncd81Yoq7EMNlNE7bJFt6Z81WqRfz7xoU9aGxx
+vklqBn0kv66kgY/FH3U=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C0:KAS-ECC-CDH_P-192_C0-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C16:KAS-ECC-CDH_P-521_C16-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C0-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C16-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEQupt2Zad0qYf6hqsf46Y7cyJbG5V
-hXzA375dfGH6yIsRgRveMo6KDRK/AanSBLUj
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBKYkd4M88+C6MLPG/kLspb+AKsIyk
+W7eJLg4ielBP3QXSOBpESLaK3/nEFTyH6st4Mw2L1SUV+fmgtY6F9Ea7ThAAnt1n
+lpbT0dDvMn8gA4MlP2QTaD2eT8yHuzXxEsLxEAmNFeVwHXzu5BYpH/X+2F5of3Jz
+iLmv4mpPb+7VYLIY5rs=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C0
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C0-Peer-PUBLIC
+Derive=KAS-ECC-CDH_P-521_C16
+PeerKey=KAS-ECC-CDH_P-521_C16-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=803d8ab2e5b6e6fca715737c3a82f7ce3c783124f6d51cd0
+SharedSecret=00345e26e0abb1aac12b75f3a9cf41efe1c336396dffa4a067a4c2cfeb878c68b2b045faa4e5b4e6fa4678f5b603c351903b14bf9a6a70c439257199a640890b61d1
 
-PrivateKey=KAS-ECC-CDH_P-192_C1
+PrivateKey=KAS-ECC-CDH_P-521_C17
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhW6FM0nZb+TEQkSNrL
-fPkrt6ldz1dKm9WhNAMyAATADUNXFv/qU/2MFieSQUw3ZlGH5YJxZTmrcRxiqnGl
-oY6KPEj4ncb6UvrAEI5SqKA=
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIABNSdOdQNgRG/FtKM
+WTZVQyaxlzU+67z0dUU5O8jTqvmPFPW+cHS/s45syXuYl1QHTa3bMEX05M50Vmn9
+s+wNX6ihgYkDgYYABAEuwibQUM4Hx5s99NDwiR+fet9GLoyY28GioU9eU6P1rYlE
+M1h8xCmovp6h2E+jOxgDaQ2uBNpyGNMAJhV/yZXPUgBIN9+/NCb1e1x5MmkTCrua
+OPYYUyIRkxFU207rmu3ojlcpD4QuoPLqml90xiA6OSD+TjBfYRj2drFU4ddbnLXr
+iA==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C1-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C17-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEwA1DVxb/6lP9jBYnkkFMN2ZRh+WC
-cWU5q3EcYqpxpaGOijxI+J3G+lL6wBCOUqig
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBLsIm0FDOB8ebPfTQ8Ikfn3rfRi6M
+mNvBoqFPXlOj9a2JRDNYfMQpqL6eodhPozsYA2kNrgTachjTACYVf8mVz1IASDff
+vzQm9XtceTJpEwq7mjj2GFMiEZMRVNtO65rt6I5XKQ+ELqDy6ppfdMYgOjkg/k4w
+X2EY9naxVOHXW5y164g=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C1:KAS-ECC-CDH_P-192_C1-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C17:KAS-ECC-CDH_P-521_C17-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C1-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C17-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE3rVxL6AnrI0vIsRVzLc6keF7ZRK1
-4DDnfiaQoCzJsocIQxop+1S4ex8MFOARrCEl
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBo8ICQOWfW3o+F8J10jFLoXQSEK1Y
+txA2+Mg8wfaw9Anf3ZET6Utn7DnDKRQmwj/8xEcFRnDSkI/4/mfcIwYDTFwB0oJb
+/Tr4seEyBXgME3/pOPhP3kAYjmHqAs6tgbrf20JcKffX+wMk3rrcELu5PeaPYsNQ
+aSaCg/UmWGXbV6efe/c=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C1
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C1-Peer-PUBLIC
+Derive=KAS-ECC-CDH_P-521_C17
+PeerKey=KAS-ECC-CDH_P-521_C17-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=c208847568b98835d7312cef1f97f7aa298283152313c29d
+SharedSecret=006fe9de6fb8e672e7fd150fdc5e617fabb0d43906354ccfd224757c7276f7a1010091b17ed072074f8d10a5ec971eb35a5cb7076603b7bc38d432cbc059f80f9488
 
-PrivateKey=KAS-ECC-CDH_P-192_C2
+PrivateKey=KAS-ECC-CDH_P-521_C18
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjG72H+EugL9W8tP30L
-t1c5RRmQbVVQCUmhNAMyAAThhLwYJILzQDyHh7g4Qkd0Z/zQEdsPbGT50cFBQvQN
-6GOduX1Rpj0szhAHzPdzzcs=
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBGl0cx5zSv3PqEG8O
+YKWs4iCBO1Pie3OYZDNKB8AzZ+/aekYZ+m7vOpdGSSKDs8RFYQoCOpzEm/RZEUA4
+T8pci7WhgYkDgYYABADrB8czLu230wNgWdNffSKI1Dd9X0IzetOWQHn7EgzNTIvT
+hLWFYhBVIXAjrNmpT8s7llv7OUZ154it5Bod5z5iDABJGoNd4ubn3rfgkPShHyxG
+DAsfPV6U7o11EBTccgeE/TtUUAyG667xhCnwno6HbV0VOJaKAw13Fd3pnw2PBuKd
+WQ==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C2-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C18-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE4YS8GCSC80A8h4e4OEJHdGf80BHb
-D2xk+dHBQUL0Dehjnbl9UaY9LM4QB8z3c83L
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQA6wfHMy7tt9MDYFnTX30iiNQ3fV9C
+M3rTlkB5+xIMzUyL04S1hWIQVSFwI6zZqU/LO5Zb+zlGdeeIreQaHec+YgwASRqD
+XeLm59634JD0oR8sRgwLHz1elO6NdRAU3HIHhP07VFAMhuuu8YQp8J6Oh21dFTiW
+igMNdxXd6Z8NjwbinVk=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C2:KAS-ECC-CDH_P-192_C2-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C18:KAS-ECC-CDH_P-521_C18-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C2-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C18-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAETtqo78Wg9A+ENmPsWBXndi3dwAjm
-Y8IPCp+Nxno+YO9tZLUiGF0D3x/Arf1CR4J5
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAfi0Tjygy40Wuj/ZZV+QOXscWPwFr
+320koiQ9qmMdh4pKFng5kMciOCEw+eUfDBvW/1rJZ4Dki2j13slfQuYUS7UAsN5c
+iWeR9SiGsPCZE+JueN0LaXmPxN9tlePKcI7Ly8zhwYlfVWG7q6rjcunmfm4aO+YO
+GbRwzfZz7B/Dk9NCbiA=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C2
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C2-Peer-PUBLIC
+Derive=KAS-ECC-CDH_P-521_C18
+PeerKey=KAS-ECC-CDH_P-521_C18-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=87229107047a3b611920d6e3b2c0c89bea4f49412260b8dd
+SharedSecret=01e4e759ecedce1013baf73e6fcc0b92451d03bdd50489b78871c333114990c9ba6a9b2fc7b1a2d9a1794c1b60d9279af6f146f0bbfb0683140403bfa4ccdb524a29
 
-PrivateKey=KAS-ECC-CDH_P-192_C3
+PrivateKey=KAS-ECC-CDH_P-521_C19
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjmdHucI7pwRPOP9+Ys
-NeQDiSD1oBY9PNqhNAMyAAQrg42+c3NfN6OaeNMZV4PSaZHob/TZLRpg00SUInRI
-n5iQOy5/k/jRl/ya5goO1To=
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBDJCMrxvnTGFrYl/I
+wfUURGpq7IO1k3FB1q+7Cox2Zqd0b6H3pmZKISPozfbNi/g2xW08Dr3MmA5DoYb5
+OPOniuehgYkDgYYABAAxiQ9Mer7D9yM2IoXXfSY2+HaBfbO7yIsB53NZe5af9vAT
+6kcMhUq0p3OQBOuMvqabgt3zasrdQGhxeY7LKsOqfwDYtCmuMlAma5ZDwMdlpg3B
+AVW8JTHPhicpb0l4tmQKnmAOGdADfVhQP6gHmVRqgU10eKVQqpDl6+sFJSf6rq5d
+CA==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C3-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C19-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEK4ONvnNzXzejmnjTGVeD0mmR6G/0
-2S0aYNNElCJ0SJ+YkDsuf5P40Zf8muYKDtU6
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAMYkPTHq+w/cjNiKF130mNvh2gX2z
+u8iLAedzWXuWn/bwE+pHDIVKtKdzkATrjL6mm4Ld82rK3UBocXmOyyrDqn8A2LQp
+rjJQJmuWQ8DHZaYNwQFVvCUxz4YnKW9JeLZkCp5gDhnQA31YUD+oB5lUaoFNdHil
+UKqQ5evrBSUn+q6uXQg=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C3:KAS-ECC-CDH_P-192_C3-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C19:KAS-ECC-CDH_P-521_C19-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C3-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C19-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEiIfCdu3u0+noZrRtWNiVxz+9gLY+
-OC6IBMUJe6ZkXhYgbPtw9wUmVZR91EoX8fnV
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAEYw2AiIJsa+OutGhK1ZvxIdEV24R
+mf6A3hzfhRzfA+W5CRqPfgeeg7f4JyWbaR0MIu4p1r33Pse7/XRvLNl6NX0A2l/0
+kEVIo0Li57pqH07l+EBBGpbPY+b+Yi8iwT5hTgqEfBGhqz8dEsyFDDLglWFMqPfi
+chR3tIbp/0A3KXfD9lw=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C3
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C3-Peer-PUBLIC
+Derive=KAS-ECC-CDH_P-521_C19
+PeerKey=KAS-ECC-CDH_P-521_C19-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=eec0bed8fc55e1feddc82158fd6dc0d48a4d796aaf47d46c
+SharedSecret=0163c9191d651039a5fe985a0eea1eba018a40ab1937fcd2b61220820ee8f2302e9799f6edfc3f5174f369d672d377ea8954a8d0c8b851e81a56fda95212a6578f0e
 
-PrivateKey=KAS-ECC-CDH_P-192_C4
+PrivateKey=KAS-ECC-CDH_P-521_C20
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBi+q+3QFUoa/PyF1SGB
-wQ9etHrcUfZVBH2hNAMyAAQfZc9uiXjhwbwQu2Gn2zEd4xAIjIz5dov31DgWjn9C
-qxSxavU6ei9kb/QLU9dMvMc=
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBs31rcojeZxNgQl0+
+WsHMshgVB52Nc0Mem3Sm8OeuAEo1dXWxGtZmQs6Ld1WT66nZi/Jcde8LTTogmLvG
+QfWaK3ehgYkDgYYABAAYml7jTefjWu/q7vkiDBgHG0wppMO9nZVEWL0+gqejTaNM
+/1V5uBAcBlsfL1J89FgVAeKO9WcYc+ZSZ3M9ADUgrwHrS8UKe01Fmdfj+nc9256y
+UsmzQihy5US991x79g9RZt3BHrCPp8MIItq67jc6tGjrLZIuSE4qUn//LruAS32a
+Nw==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C4-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C20-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEH2XPbol44cG8ELthp9sxHeMQCIyM
-+XaL99Q4Fo5/QqsUsWr1OnovZG/0C1PXTLzH
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAGJpe403n41rv6u75IgwYBxtMKaTD
+vZ2VRFi9PoKno02jTP9VebgQHAZbHy9SfPRYFQHijvVnGHPmUmdzPQA1IK8B60vF
+CntNRZnX4/p3PdueslLJs0IocuVEvfdce/YPUWbdwR6wj6fDCCLauu43OrRo6y2S
+LkhOKlJ//y67gEt9mjc=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C4:KAS-ECC-CDH_P-192_C4-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C20:KAS-ECC-CDH_P-521_C20-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C4-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C20-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEDQRfMCVK3B/O+opbHzG/TnOd0yfN
-GNWUVCwxTkFCfAgnigjOjXMF87W4Scctiv9z
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBeA7f8cocA8++WT7cbASbyyhgKUqS
+w1VInZr7LnAgda3hyVOJWkViMKDN6QXeSj84Vz2/zM1nrW5+k/C1WB6Sal0ApUgZ
+YskWKWLn8OveyTaTXQ6qgT6CJtQNf2EZv9lAYCOAyGch5h2xgw9R4TnyEAALzsDY
+7dOeVNc6mhKflc1fqXk=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C4
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C4-Peer-PUBLIC
+Derive=KAS-ECC-CDH_P-521_C20
+PeerKey=KAS-ECC-CDH_P-521_C20-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=716e743b1b37a2cd8479f0a3d5a74c10ba2599be18d7e2f4
+SharedSecret=015d613e267a36342e0d125cdad643d80d97ed0600afb9e6b9545c9e64a98cc6da7c5aaa3a8da0bdd9dd3b97e9788218a80abafc106ef065c8f1c4e1119ef58d298b
 
-PrivateKey=KAS-ECC-CDH_P-192_C5
+PrivateKey=KAS-ECC-CDH_P-521_C21
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjPcDVCJmZzIdbiuvQJ
-meL9dMeg95P6hpmhNAMyAARfSET/zOYQBdJPc325hnXpL3tlQ662EGxUJPWYE5IV
-04m2sSuG1YAUhX8t2ttUD1E=
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIA8mYax2L2DF//I75d
+lpzNTsb5jk5yYY0Svc25tBAhYjM3iMC65Z+RzfwXLHoWge5E2WqyE1puXzQV67zV
+UWWxr7ChgYkDgYYABACo4lppAtaHtHh83JTDZKx87MXElUg+02PcCqle4r1znExN
+RrFwBscosHY1DX1+VMaCL1L0cWKiUQmqq6aQyraW7AFo0vCP4Z5Nye56GVsDyff+
+Znb59SC2JwVXUE5yykOUosaRhiXhWsDFG4+VzVYBI2U/uOjubblh4sTGLMVOkuKi
+qQ==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C5-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C21-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEX0hE/8zmEAXST3N9uYZ16S97ZUOu
-thBsVCT1mBOSFdOJtrErhtWAFIV/LdrbVA9R
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAqOJaaQLWh7R4fNyUw2SsfOzFxJVI
+PtNj3AqpXuK9c5xMTUaxcAbHKLB2NQ19flTGgi9S9HFiolEJqqumkMq2luwBaNLw
+j+GeTcnuehlbA8n3/mZ2+fUgticFV1BOcspDlKLGkYYl4VrAxRuPlc1WASNlP7jo
+7m25YeLExizFTpLioqk=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C5:KAS-ECC-CDH_P-192_C5-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C21:KAS-ECC-CDH_P-521_C21-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C5-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C21-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE+zXKINLpZmXFG5jo9us9eRE1CNi8
-zUUWNo7sDVv7hHch32qv8OXUjERPdL+c2KWn
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBbaz/oYPlMDCDozT3Zd5yTsXslAIC
+bUeXiEqYKKDTIajPrHSrc3/iCn1r78/HO2o1wcewHTc+MavBktSKQkGjWAMBHlMn
+ysItMF5xVuVZF24Zvufk8vWehvGp0LZgO2p98Qab3mOH/rcVh7j/zlsmbhuuht4p
+N4o05cdLZyTE1ApxmSM=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C5
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C5-Peer-PUBLIC
+Derive=KAS-ECC-CDH_P-521_C21
+PeerKey=KAS-ECC-CDH_P-521_C21-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=f67053b934459985a315cb017bf0302891798d45d0e19508
+SharedSecret=014d6082a3b5ced1ab8ca265a8106f302146c4acb8c30bb14a4c991e3c82a9731288bdb91e0e85bda313912d06384fc44f2153fb13506fa9cf43c9aab5750988c943
 
-PrivateKey=KAS-ECC-CDH_P-192_C6
+PrivateKey=KAS-ECC-CDH_P-521_C22
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBj+lCUVI3//3XtOtcZJ
-Ce7khWoHbN8SuuKhNAMyAATmNp33myB7i4Z598hpz8JkhZ0atVqkAegfmccfgBow
-tS902m5ebbti7kxdoQkMwCA=
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIA9DDKEmHwloGpKC6e
+lwqSNCJ7HV5Y1VjDzG7/RNG99T3hatXuKxi5LWL8eVhhFrDvwV95NA+36vXObEQ0
+Hc+N3iehgYkDgYYABABsHZteyofeH7hxoKMvgHxyWtzN6bOWdFOnE0fWCPDAMM0J
+4zjN7L9KAgFbyKbo0+JZX+dz/8L8TkpV0LGizAAyOwEUGyEJ5/SYHJUqqBiiufb1
+xB/szbenpFubS2cpN3cbAIyuX5NN/j/tENODqx84dpySzojZvlQUgX7LBzoxqzaM
+yw==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C6-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C22-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE5jad95sge4uGeffIac/CZIWdGrVa
-pAHoH5nHH4AaMLUvdNpuXm27Yu5MXaEJDMAg
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAbB2bXsqH3h+4caCjL4B8clrczemz
+lnRTpxNH1gjwwDDNCeM4zey/SgIBW8im6NPiWV/nc//C/E5KVdCxoswAMjsBFBsh
+Cef0mByVKqgYorn29cQf7M23p6Rbm0tnKTd3GwCMrl+TTf4/7RDTg6sfOHacks6I
+2b5UFIF+ywc6Mas2jMs=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C6:KAS-ECC-CDH_P-192_C6-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C22:KAS-ECC-CDH_P-521_C22-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C6-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C22-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEgkdSlgwTB+XxOoPaIceZjKi1sAuV
-SfbQvFLZHiNDY7wy7gtnePJc2MGEdRD0NIuU
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAoJFCHTcD47NB6fHn1Y+M9729F5jQ
+AZZ7gB0c7CfmBcWAsjh8HLRk9VznrIAzQQKrA8+4bYivdsn0EpwBvt07v8QAjJxX
+eo5vxEaBXp1AuqZgJfFdrihfGetmjuYK6cmOfs2/Kypo4ikoBZ9n2xiABxYdPs85
+fgiD8MTrfq94J6YiBcw=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C6
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C6-Peer-PUBLIC
+Derive=KAS-ECC-CDH_P-521_C22
+PeerKey=KAS-ECC-CDH_P-521_C22-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=75822971193edd472bf30151a782619c55ad0b279c9303dd
+SharedSecret=0020c00747cb8d492fd497e0fec54644bf027d418ab686381f109712a99cabe328b9743d2225836f9ad66e5d7fed1de247e0da92f60d5b31f9e47672e57f710598f4
 
-PrivateKey=KAS-ECC-CDH_P-192_C7
+PrivateKey=KAS-ECC-CDH_P-521_C23
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBgz/tEEkq+lvqAzPArx
-LKyUDE0iJFW80P6hNAMyAATvCyivxBY31zf0LkyKrOrchLouC4ScoYxXeXlC5VIX
-O7oX9zJ44Cn0IzUGi9dw3fI=
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAXcM67aA8LrIzAU7k
+aN/3U7cvc7AJkQQ+o1OCiuadTND63tp7sni1NdfFdAb/Lm5HOlpP+Y6Q+Q1trdJR
+AOjYVmahgYkDgYYABADIJbowc3POyN0kmO74LiH9mGIWjb/rg1k5gMqfgodTM4mf
+6U8Tfa8cQYnrUCk3w6Nn6nlR7YsPM3f83ykiAh1GpQFriiVA1eZUk4iLwzcknmfA
+pod08+jYHjtFdKASUWXwvVi4r53nSzWDJTn5XDzZ8bdZQIVgqmhRrjrHVVNHsNOx
+Ow==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C7-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C23-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE7wsor8QWN9c39C5Miqzq3IS6LguE
-nKGMV3l5QuVSFzu6F/cyeOAp9CM1BovXcN3y
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAyCW6MHNzzsjdJJju+C4h/ZhiFo2/
+64NZOYDKn4KHUzOJn+lPE32vHEGJ61ApN8OjZ+p5Ue2LDzN3/N8pIgIdRqUBa4ol
+QNXmVJOIi8M3JJ5nwKaHdPPo2B47RXSgElFl8L1YuK+d50s1gyU5+Vw82fG3WUCF
+YKpoUa46x1VTR7DTsTs=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C7:KAS-ECC-CDH_P-192_C7-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C23:KAS-ECC-CDH_P-521_C23-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C7-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C23-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEELtXAgKRFBmB+DO0dJ5WEQNLMI6E
-AR0h4crNa3vRftjdtQtq7gZUw18tDt3Bz/z2
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQATziBZoF3EonODLg6Ximhqwb8kfeG
+mUsjcI/wigig9nW4Ca6Z6fmWfrGknxlgV9aeUNbe203S2agcAr3Mj39RhGAAnvsk
+TIuRCH3h7tdmUA8OgVMHUtRpJW73n2uWXYoiMqDC28To4dCSFLqzhIW+bjV8QgDQ
+c7UvBOShb8b1JHGHrss=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C7
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C7-Peer-PUBLIC
+Derive=KAS-ECC-CDH_P-521_C23
+PeerKey=KAS-ECC-CDH_P-521_C23-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=67cba2cbb69ee78bf1abafb0e6fbe33fa2094c128d59652d
+SharedSecret=00c2bfafcd7fbd3e2fd1c750fdea61e70bd4787a7e68468c574ee99ebc47eedef064e8944a73bcb7913dbab5d93dca660d216c553622362794f7a2acc71022bdb16f
 
-PrivateKey=KAS-ECC-CDH_P-192_C8
+PrivateKey=KAS-ECC-CDH_P-521_C24
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjzVXxdcLTHlUlgwzVo
-d2rb6OQ2GaviaxOhNAMyAATXARLF8PCEQ4ZJSsGtmdziIUE0F26/ua/TwYegOFEK
-sx1Fnit68aOA3XV2rwYmdUg=
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIA3xSx8UMqew+wU5Zf
+2GQ6/uJrJFHstqilOmVdX74W5MZM6GRyJesR5/3LI2J0cd/8XCUjvSromVfLo6V6
+I5M+WnihgYkDgYYABABOhYO7uy7Nk/BxTDMt/1qzvGOW5i88VgIpZkMpuqUTjDux
+w2Qoq9TiPRf8t6LPzCJLLnNMiUH28SFyLXtrlBVFdgHPCHTyBLA2PwIIZGcvrb+H
+yIEesUd1iyVLdLFPrnQhWfD2caAYISu/JbhRnhJtTK13jP/1DSiP05zrDKxjWxde
+wA==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C8-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C24-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE1wESxfDwhEOGSUrBrZnc4iFBNBdu
-v7mv08GHoDhRCrMdRZ4revGjgN11dq8GJnVI
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAToWDu7suzZPwcUwzLf9as7xjluYv
+PFYCKWZDKbqlE4w7scNkKKvU4j0X/Leiz8wiSy5zTIlB9vEhci17a5QVRXYBzwh0
+8gSwNj8CCGRnL62/h8iBHrFHdYslS3SxT650IVnw9nGgGCErvyW4UZ4SbUytd4z/
+9Q0oj9Oc6wysY1sXXsA=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C8:KAS-ECC-CDH_P-192_C8-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_P-521_C24:KAS-ECC-CDH_P-521_C24-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C8-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_P-521_C24-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEUZL85Bhad1jqG8VuDk9Oiy3OMjSN
-Dc7RIJiZgb6q8ABtiKlueXGi+jozukYEf8e6
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBoyCZsCwL2FNx9gsN0giQ5sevBIyB
+eYkP2jCLNZ27wreoMruMZSbEr5mn6j8LPLlq4et2hBMnlcR4rW+WLkpvRG0Bdic1
+eznp12MqE3Cz6Twa+1yFG5EOtOrQydOH32fN6FAD4OQnVS8c0JBZqtAmLiNczl+6
+jO3E/cFGPadtzUttGkY=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C8
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C8-Peer-PUBLIC
+Derive=KAS-ECC-CDH_P-521_C24
+PeerKey=KAS-ECC-CDH_P-521_C24-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=cf99a2770a386ca0137d1eca0a226e484297ac3c513f3631
+SharedSecret=01aaf24e5d47e4080c18c55ea35581cd8da30f1a079565045d2008d51b12d0abb4411cda7a0785b15d149ed301a3697062f42da237aa7f07e0af3fd00eb1800d9c41
 
-PrivateKey=KAS-ECC-CDH_P-192_C9
+PrivateKey=KAS-ECC-CDH_K-163_C0
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhYbPuhxugXZu1Sgo8X
-exvhTrvFuDNIwxGhNAMyAARYs8Y+Vr7J1pa/mojfKHNzg5H3Y2iqK0lXdnc7Jh+v
-e6L9xP5DuSwLHHov0FSkNlA=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUAZlO2B3OY+tx79eYBWBcB
+SMPcRSehLgMsAAQHH4sod9YCfZwa3kJE8t6hJpLvI9UFwV7ndiIccrhLNHzjg/OA
+Z7icPpo=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C9-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C0-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEWLPGPla+ydaWv5qI3yhzc4OR92No
-qitJV3Z3OyYfr3ui/cT+Q7ksCxx6L9BUpDZQ
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBx+LKHfWAn2cGt5CRPLeoSaS7yPVBcFe
+53YiHHK4SzR844PzgGe4nD6a
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C9:KAS-ECC-CDH_P-192_C9-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C0:KAS-ECC-CDH_K-163_C0-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C9-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C0-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEJtAZ2+J56tAe7RQ6kWAa2ibi9CIl
-scYrbKZT8IJy4DhvyUIfvVgAk9euYwG8qUR2
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBXQjbxQoxDITCUZ4Ols6q7bCfqXWB5CM
+JRuNoCHLrCgfEj969PrFs9u4
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C9
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C9-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C0
+PeerKey=KAS-ECC-CDH_K-163_C0-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=576331e2b4fb38a112810e1529834de8307fb0a0d2756877
+SharedSecret=04325bff38f1b0c83c27f554a6c972a80f14bc23bc
 
-PrivateKey=KAS-ECC-CDH_P-192_C10
+PrivateKey=KAS-ECC-CDH_K-163_C1
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjK2BAGA6T2W+CNj8ih
-t+iExf9l3rPJbZmhNAMyAAS3/MD1LHpBHtvtOeEL8Ctq4PJmFMazJaJHSDsm62d3
-beK5OrcRnVRHVzc549Vecvs=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDrvRHVNDKl9QrTpeqkhVi
+Y8DgePahLgMsAAQBsBCMeGv000DwUFvfx9RbUUYRrZQCLJw51fuUVriiIhzqTwWP
+ao0s2Eo=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C10-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C1-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEt/zA9Sx6QR7b7TnhC/ArauDyZhTG
-syWiR0g7Jutnd23iuTq3EZ1UR1c3OePVXnL7
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAbAQjHhr9NNA8FBb38fUW1FGEa2UAiyc
+OdX7lFa4oiIc6k8Fj2qNLNhK
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C10:KAS-ECC-CDH_P-192_C10-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C1:KAS-ECC-CDH_K-163_C1-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C10-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C1-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEU5vED+IKD7JniItkewPqr27CDAKh
-4fjIaQleW7e01EwyeKfua+yjl8RSRtqaNMi+
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAWmXRAkv4rX+fsv2mHt66goG/SywA13k
+Qd+UCNkfDgId+PBSa4BjAxSV
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C10
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C10-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C1
+PeerKey=KAS-ECC-CDH_K-163_C1-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=902f4501916a0dd945554c3a37b3d780d375a6da713197c4
+SharedSecret=05f9ac3a3dd88429600958386c55bef4b1aa5f0c24
 
-PrivateKey=KAS-ECC-CDH_P-192_C11
+PrivateKey=KAS-ECC-CDH_K-163_C2
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBge3YecxceWGcrmxzpp
-G9WgOVwO87NW/NKhNAMyAARs5q2ywwgI9ZAEjDPf+tRSTr96X9ObdHtJZr0vPQBW
-m01MBAn716LbdS9tCbyowl8=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDEXI0Lm03zB4GKkSUw5y6
+SPmtmoyhLgMsAAQDon7K7Ctm/qwgQPaJASi9AFjTGSQBQAfjIJttcSew85Pl5YsV
+kLn0C+I=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C11-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C2-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEbOatssMICPWQBIwz3/rUUk6/el/T
-m3R7SWa9Lz0AVptNTAQJ+9ei23UvbQm8qMJf
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA6J+yuwrZv6sIED2iQEovQBY0xkkAUAH
+4yCbbXEnsPOT5eWLFZC59Avi
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C11:KAS-ECC-CDH_P-192_C11-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C2:KAS-ECC-CDH_K-163_C2-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C11-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C2-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEXTQ925Yxj7R5TRD2xXP5n+5dDVe5
-liUPmfvfnZfdiK1BAjXaw25bks4oJLjlh6gs
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEApZdsVkXH1y356G8xhYRrqyoxSybBocd
+Hpwf6EUmgHaplYA6bUnNB1VU
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C11
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C11-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C2
+PeerKey=KAS-ECC-CDH_K-163_C2-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=46e4de335054d429863218ae33636fc9b89c628b64b506c7
+SharedSecret=022e0290eda5d348894129f7455d1c766d32d5c2c2
 
-PrivateKey=KAS-ECC-CDH_P-192_C12
+PrivateKey=KAS-ECC-CDH_K-163_C3
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhGDkUic/4YJ2Ahh607
-6+5ly4RCO7T0dTehNAMyAATRvTo++r9HZ/5jgL3w2/SdUtTPDLuJQEzBUMK0yLOq
-Nfdl+Efk9/j9hwTSQaGB7pk=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDKlEc3NS/xWfOrIwk7QTo
+iU33jd+hLgMsAAQGl42sqkfY87yQtB7H9Piseaht3QcH+LDvQnB2A3a8LV+u2D2n
+hyYx0J8=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C12-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C3-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE0b06Pvq/R2f+Y4C98Nv0nVLUzwy7
-iUBMwVDCtMizqjX3ZfhH5Pf4/YcE0kGhge6Z
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBpeNrKpH2PO8kLQex/T4rHmobd0HB/iw
+70JwdgN2vC1frtg9p4cmMdCf
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C12:KAS-ECC-CDH_P-192_C12-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C3:KAS-ECC-CDH_K-163_C3-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C12-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C3-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEjT25vc4Tf/v7iROIw332wMvJCqXl
-N2IgE10wtctmDu+HZP/HRPFcG11twGukQW03
------END PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBVtowMLCRv4PLNVIS1iBTGUhPqVBBTnB
+HSWSovY5O26GxU35Cblf4NWo
+-----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C12
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C12-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C3
+PeerKey=KAS-ECC-CDH_K-163_C3-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=1bfe9e5a20ac7a38d8f605b425bb9030be31ef97c101c76c
+SharedSecret=037f659f430009fcdae4e9f6e6316b0f5dbb268212
 
-PrivateKey=KAS-ECC-CDH_P-192_C13
+PrivateKey=KAS-ECC-CDH_K-163_C4
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBi5cDZQCEVvh1jsxaOz
-PPOuao1WgQelIWehNAMyAATBuGEMjGP41KvaCTuaEaVmBEv2XG+qiZmlvEs8oJU4
-Lpc4rulf6UebF4ebOtUpVVk=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUCxvZP5gnrjutbU/q2MIiY
+5j/y4/ahLgMsAAQFSeGoLsKEv3fVKGJ+Utgy4jbJKtMBmIOqm0WLNb1UTWiCgSFQ
+wUl9MdQ=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C13-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C4-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEwbhhDIxj+NSr2gk7mhGlZgRL9lxv
-qomZpbxLPKCVOC6XOK7pX+lHmxeHmzrVKVVZ
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBUnhqC7ChL931ShiflLYMuI2ySrTAZiD
+qptFizW9VE1ogoEhUMFJfTHU
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C13:KAS-ECC-CDH_P-192_C13-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C4:KAS-ECC-CDH_K-163_C4-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C13-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C4-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEngppSVGcf1vmjAQzxf3xMGSqE/sp
-SD3D4ci6Y+H0cdsjGF9Q2chx7eohJVs6Y7S3
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBrjvWmLTtjalp2v+se+P9Niz2eL8BnWn
+VyZnGDmNivZtKXF5hHji830o
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C13
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C13-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C4
+PeerKey=KAS-ECC-CDH_K-163_C4-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0e8c493a4adc445dc9288a3b9b272599224054592d7265b3
+SharedSecret=00503bbb9b62f50ae7a8dfd74a1741826f09290651
 
-PrivateKey=KAS-ECC-CDH_P-192_C14
+PrivateKey=KAS-ECC-CDH_K-163_C5
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhZwVuKJGTkHf5Dccf3
-2t9HCuQlVE+BE72hNAMyAAQf53b3NWe2rAsNZ2QWTebFvnUbqNH/RV5MFgvzivsr
-cfaEJhZkEVzodFU+iwWUMtI=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUCalaGdRPd2MqU15I7qh9/
+sA2qOPqhLgMsAAQGwopA3E5VA9LEuKsLa3BG6OJawJ8BIZEWVKWDYAXYA22XZYX/
+HYMeWHs=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C14-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C5-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEH+d29zVntqwLDWdkFk3mxb51G6jR
-/0VeTBYL84r7K3H2hCYWZBFc6HRVPosFlDLS
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBsKKQNxOVQPSxLirC2twRujiWsCfASGR
+FlSlg2AF2ANtl2WF/x2DHlh7
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C14:KAS-ECC-CDH_P-192_C14-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C5:KAS-ECC-CDH_K-163_C5-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C14-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C5-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEvgiCOJAumTmz0FTu64SS2vS9zwmi
-q3fxWNZ0mjqSPcgEQPJmH9NbZRYX5lKUtGN1
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBWxKNYassDCZ1Sss1KxZJpz1G4cwAkJl
+YcvZ2hsjpgA94OX3xKBlpcK4
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C14
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C14-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C5
+PeerKey=KAS-ECC-CDH_K-163_C5-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0f1991086b455ded6a1c4146f7bf59fe9b495de566ebc6bf
+SharedSecret=012cf17799fdefa2940b18d56e80d44414c5b13884
 
-PrivateKey=KAS-ECC-CDH_P-192_C15
+PrivateKey=KAS-ECC-CDH_K-163_C6
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBim6biFxmuVnR/CcI1Z
-G20yKOSeuY9ybWGhNAMyAARjK7dlHb9J3endEl0T+yNOBmF3I77tPRv0rVIJY4SI
-OXxfRPmU3XR5gH559Ih9LnE=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDhoEQecgCHC159N6VLLLl
+mcQuGe2hLgMsAAQGCqQqYuIe6jfjYrTT3oN/DEnTrBMGmyDW/RbROxiD3wVimsfR
+uCOGs0Q=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C15-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C6-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEYyu3ZR2/Sd3p3RJdE/sjTgZhdyO+
-7T0b9K1SCWOEiDl8X0T5lN10eYB+efSIfS5x
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBgqkKmLiHuo342K0096DfwxJ06wTBpsg
+1v0W0TsYg98FYprH0bgjhrNE
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C15:KAS-ECC-CDH_P-192_C15-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C6:KAS-ECC-CDH_K-163_C6-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C15-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C6-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEv1rgUCXhvmF+Zm2HpBaDY4c9V2Gz
-drUD4ebjizcra+4P9bNQLYNzXjssJoJeTw/M
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEB0HGmk7bOGyU+BnRtd3QKB5P8pdlANMv
+lyq6yRvoWnCeugf10WIVrmAt
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C15
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C15-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C6
+PeerKey=KAS-ECC-CDH_K-163_C6-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=b30f2127c34df35aaa91dbf0bbe15798e799a03ed11698c1
+SharedSecret=062a2f926ab435ac14e05d44c27b46b6820b713aee
 
-PrivateKey=KAS-ECC-CDH_P-192_C16
+PrivateKey=KAS-ECC-CDH_K-163_C7
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBi9t1QJb/v72LDzywRs
-y3yhScTnGSBno+6hNAMyAATZwJjUIddB9vqrEW8+RzHSjFVY4Z/hEqE41NxIzNsd
-PtjTH9BnhKT4emiuwcvVsI8=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUA5G6cllJoZH8gSEdMexpU
+3/5yjx+hLgMsAAQHqYTq1EAxDO8uEziXL/Ld22XKw9IDM8GpNCf+asUCdgt3eImK
+i7akCtk=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C16-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C7-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE2cCY1CHXQfb6qxFvPkcx0oxVWOGf
-4RKhONTcSMzbHT7Y0x/QZ4Sk+HporsHL1bCP
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEB6mE6tRAMQzvLhM4ly/y3dtlysPSAzPB
+qTQn/mrFAnYLd3iJiou2pArZ
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C16:KAS-ECC-CDH_P-192_C16-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C7:KAS-ECC-CDH_K-163_C7-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C16-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C7-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEbMT+7YTHqw0JAF1mDtNN5pValGHE
-E40RMSJfM4ZO1I2gb6RakTtGz0JVd0LjUIXm
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAe9HeV+w44BAWrXoje/DztmpJRSmAL5h
+gdf8A8qL/fEYac6ijPoOX19k
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C16
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C16-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C7
+PeerKey=KAS-ECC-CDH_K-163_C7-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=64a5c246599d3e8177a2402a1110eb81e6c456ab4edb5127
+SharedSecret=0399b9294e895486bdefbaad7a729353ce09586357
 
-PrivateKey=KAS-ECC-CDH_P-192_C17
+PrivateKey=KAS-ECC-CDH_K-163_C8
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjVvPJTTa/D2Zlkx71j
-q3vRWZn+Vt2WnEKhNAMyAAT9odXSjW/g55Cdaouvp4JNtVcquS/+feYTSil8HZyL
-urJJq6zZUe0R5amfkueZFXI=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUCczSXFAWwRhw+3mfyujNn
+NEUag3ihLgMsAAQHZ8Me6TA7GyzTBZ+BUH7zBOvTECwCUeDUMNw/Y/Oje6seepV2
+Us9n4iw=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C17-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C8-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE/aHV0o1v4OeQnWqLr6eCTbVXKrkv
-/n3mE0opfB2ci7qySaus2VHtEeWpn5LnmRVy
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEB2fDHukwOxss0wWfgVB+8wTr0xAsAlHg
+1DDcP2Pzo3urHnqVdlLPZ+Is
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C17:KAS-ECC-CDH_P-192_C17-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C8:KAS-ECC-CDH_K-163_C8-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C17-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C8-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAENhVzFb7nr+3e1YxOi6FNNCHEAeUR
-NbzJN8KXynA/d8UrsGLYzpcduECXugx1OkGP
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA3TX+bqM2opo3nJ50/+GdAMv1HwCA+3p
+lcOk6Kb+Ic0eTNTKOBLA1pKl
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C17
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C17-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C8
+PeerKey=KAS-ECC-CDH_K-163_C8-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=017b8ca53c82fab163da2ab783966a39e061b32c8cfa334d
+SharedSecret=022325a9a769a902c2e64c80a1d35429ced42ae0a4
 
-PrivateKey=KAS-ECC-CDH_P-192_C18
+PrivateKey=KAS-ECC-CDH_K-163_C9
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhD1LnfEFO+W0JoEEwC
-JE07+VlLAQtGqLKhNAMyAATDAgtwkUY9eI8fHXb3z+7ILs2zt9mcNFyadxDVF5WR
-2PPfCqEiMBdorn237uLX9YM=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBm7SAc5ARI1xtXG501qe7
+TyD2G3qhLgMsAAQAk1SQdXBNedrncjF91lJE+nclaesCqKKCHdOdfnZTynHPwant
+hXgBo5s=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C18-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C9-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEwwILcJFGPXiPHx1298/uyC7Ns7fZ
-nDRcmncQ1ReVkdjz3wqhIjAXaK59t+7i1/WD
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAJNUkHVwTXna53IxfdZSRPp3JWnrAqii
+gh3TnX52U8pxz8Gp7YV4AaOb
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C18:KAS-ECC-CDH_P-192_C18-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C9:KAS-ECC-CDH_K-163_C9-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C18-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C9-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEmEZNR/Alb4KS4CfoySWC6nfPkFH1
-zo5dRJVS73V4vpYjb+XtnQZDwLtsWpE0sBCN
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBld99U4Rx+diAvlPVk5hN7I85uRBBok2
+YAqtyyX9QCTtPoRbK7+AcoDm
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C18
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C18-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C9
+PeerKey=KAS-ECC-CDH_K-163_C9-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=340ef3db3dbebdd91c62c3d4e1a3da2c7c52a3338b865259
+SharedSecret=051392d5377016358405030b48744003db66440a2d
 
-PrivateKey=KAS-ECC-CDH_P-192_C19
+PrivateKey=KAS-ECC-CDH_K-163_C10
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBiUysLCynFHRkAWcNlO
-2/P2d4Z7WgO+562hNAMyAASxhVSi50PvCqLwQJh8TEUQBOCW3z2A3a5uPixhj4lu
-NrpiAHdoS3CgX/t5v15sdkA=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUA9O21i8w9bp0xcilCCnMy
+gezP8c+hLgMsAAQCcYNgm3WTsYRTZcCB1F/2bJq143AGm5gSNv6TCUe2t383QoKh
+jkvpk8s=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C19-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C10-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEsYVUoudD7wqi8ECYfExFEATglt89
-gN2ubj4sYY+Jbja6YgB3aEtwoF/7eb9ebHZA
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAnGDYJt1k7GEU2XAgdRf9myateNwBpuY
+Ejb+kwlHtrd/N0KCoY5L6ZPL
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C19:KAS-ECC-CDH_P-192_C19-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C10:KAS-ECC-CDH_K-163_C10-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C19-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C10-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEVj62bDNM9vEjvwTHgDtIoxECFCN+
-mDv1DzURBIGRme8HyaYFHSB1jzr3kCfqZqU/
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAmHRU0XOtJIimo10WX59/RmutoSKARSh
+Is4oyhViD3tAofJrQjTJVr3B
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C19
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C19-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C10
+PeerKey=KAS-ECC-CDH_K-163_C10-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=2162144921df5103d0e6a650fb13fd246f4738d0896ce92f
+SharedSecret=045dac076e79de2fc631315465d3ef6245f26647e5
 
-PrivateKey=KAS-ECC-CDH_P-192_C20
+PrivateKey=KAS-ECC-CDH_K-163_C11
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBgqOp4zyMwxB6n5Jlw7
-3qEgZXDob5KscBShNAMyAASnuji+G8Zp3SPM/O4GRbHw24z5Qt6vrra4LbedgM0O
-N/KNQWOtw4ne6Px3l7XJgxs=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBuZBJGhL97iMaoqEW4ePB
+yR0P1HihLgMsAAQD2oadCcTkVFrBaJ/HIxYBJjLQq9kCyCD0AxDl/9L4v0Ofuoeb
+su9iGyo=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C20-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C11-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEp7o4vhvGad0jzPzuBkWx8NuM+ULe
-r662uC23nYDNDjfyjUFjrcOJ3uj8d5e1yYMb
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA9qGnQnE5FRawWifxyMWASYy0KvZAsgg
+9AMQ5f/S+L9Dn7qHm7LvYhsq
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C20:KAS-ECC-CDH_P-192_C20-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C11:KAS-ECC-CDH_K-163_C11-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C20-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C11-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEhoKMSskrVQdhiux4c6HU/GVDxb4z
-zzB4siynJDdUXhDW1PBSQi64mLc3pLhUPuVQ
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBw44D0k3CgAnlUpOqIC8GSmyjFMpBG/j
+tFSvlCCoEfHhX3dNpa4aQLRZ
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C20
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C20-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C11
+PeerKey=KAS-ECC-CDH_K-163_C11-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=4c69e7feed4b11159adfc16a6047a92572ea44e0740b23af
+SharedSecret=014f7a46847ed6a7ff605b0e52c616e4ad3f0d5029
 
-PrivateKey=KAS-ECC-CDH_P-192_C21
+PrivateKey=KAS-ECC-CDH_K-163_C12
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhKa3ipismPqOmajs4I
-7AJREl+Fxv0OKJuhNAMyAATnadu81c4tg1FLdo09LVqgvNj2avFfVQAvxtCwOeDy
-j3T77/6eiD1N1yKW5OlcrnE=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUA6Cm5lC/ZZIf2ASkI/gT2
+2OqvGWahLgMsAAQFqyB0wE31cWAWdzX3/C2PYp00/xgBLp2m0Fuz4qy+W6SvtKDd
+ctsH1qw=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C21-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C12-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE52nbvNXOLYNRS3aNPS1aoLzY9mrx
-X1UAL8bQsDng8o90++/+nog9TdciluTpXK5x
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBasgdMBN9XFgFnc19/wtj2KdNP8YAS6d
+ptBbs+Ksvlukr7Sg3XLbB9as
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C21:KAS-ECC-CDH_P-192_C21-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C12:KAS-ECC-CDH_K-163_C12-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C21-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C12-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEZwChAkN3galYHaK8Jc7Vq/QZ2pHT
-yAPfcTlsnPCLzZGFTj5uQtjGV84PJ6t3qdxL
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBuYK93QZuf4PxcecoaIqEBFAJAW2BpvK
+NABbV4zXp6aSm9P2zimUO17Z
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C21
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C21-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C12
+PeerKey=KAS-ECC-CDH_K-163_C12-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=46072acefd67bff50de355ca7a31fa6be59f26e467587259
+SharedSecret=00eacabc34555956995623e60482e5c118e34e2094
 
-PrivateKey=KAS-ECC-CDH_P-192_C22
+PrivateKey=KAS-ECC-CDH_K-163_C13
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjFpkkdeIRNZhfvM75r
-i9VNoiFFCIXVlQ+hNAMyAATbGyT3RmvBVOnX0sPKUtz+C/yVY8X9tvMcdPu/W9mZ
-IfGpp0T44c93C9anancrMAM=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBV86PC2zpLkJuyZ8iOtgn
+Y+S9P/OhLgMsAAQF05icykrnMt6TZyslySYIYbTA3OMENqMx6tJPKAe1UmD53D3m
+aM+/67c=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C22-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C13-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE2xsk90ZrwVTp19LDylLc/gv8lWPF
-/bbzHHT7v1vZmSHxqadE+OHPdwvWp2p3KzAD
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBdOYnMpK5zLek2crJckmCGG0wNzjBDaj
+MerSTygHtVJg+dw95mjPv+u3
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C22:KAS-ECC-CDH_P-192_C22-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C13:KAS-ECC-CDH_K-163_C13-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C22-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C13-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEqC81TPl77l0i3GwHnykC6tRNlqj2
-FPF4plSpqooaCALyzg7ooPTr6W3uGzdGSx/y
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBPdQ4nUA4Q8KF2uD8UvCbWvXHr10A55Q
+CQZ8DuLI9Vt+hNp6OR8Ir3UE
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C22
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C22-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C13
+PeerKey=KAS-ECC-CDH_K-163_C13-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=ec5580eabca9f3389d2b427ddf6e49e26d629afd03fa766e
+SharedSecret=0414a622645107f115576f51cdf39d1393a2d7851f
 
-PrivateKey=KAS-ECC-CDH_P-192_C23
+PrivateKey=KAS-ECC-CDH_K-163_C14
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBgronA8XiP2RjxbiNw3
-KS+r0zmbXh+2fAWhNAMyAAR1QxSJBs75s3pxp8CDY83Tu6UBQtZSQaqLOmlz3o3C
-ceJ8Hq0eli/arjcQxyTarDg=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDeYhfRfLXB74cEdhsQbra
+STsqVgOhLgMsAAQFrjHLKbMdJPX5TDDpwC8H84v/CsgE2Njjm/h/BYVD3ImQqRIU
+2kFsxVg=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C23-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C14-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEdUMUiQbO+bN6cafAg2PN07ulAULW
-UkGqizppc96NwnHifB6tHpYv2q43EMck2qw4
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBa4xyymzHST1+Uww6cAvB/OL/wrIBNjY
+45v4fwWFQ9yJkKkSFNpBbMVY
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C23:KAS-ECC-CDH_P-192_C23-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C14:KAS-ECC-CDH_K-163_C14-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C23-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C14-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEPOwhsoZooSos944ajlXQ7+BlFS//
-w0cYEClVe+uk/xmSvSHCPLSCX22ucOMxj9HK
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAqufW6lBAtIacGdh6sAJIZDxza0EBK3d
+d+GZwTLRisVBsRd0jSMZ23/l
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C23
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C23-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C14
+PeerKey=KAS-ECC-CDH_K-163_C14-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=7f3929dd3cbf7673bc30d859d90b880307475f800660ea32
+SharedSecret=056be002daff11c4066e10acd046a85e170fa4c122
 
-PrivateKey=KAS-ECC-CDH_P-192_C24
+PrivateKey=KAS-ECC-CDH_K-163_C15
 -----BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBiDYRjGJI+ILpFHl292
-SCbBoodVphApd9WhNAMyAAT800WpdscgyqqX3maXImglYV4Sh6nv9n5Y6kLtvur8
-qf9Ez9fymr0svedibXnkIsk=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUAuoxYZNs+/XaLk3b8K2wf
+hfRvavKhLgMsAAQGL2IhSYI/JVtPhpBmZvOjVWrwgOoCdMoywQ+a3WGgJtIK061W
+sX+wakY=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-192_C24-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C15-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE/NNFqXbHIMqql95mlyJoJWFeEoep
-7/Z+WOpC7b7q/Kn/RM/X8pq9LL3nYm155CLJ
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBi9iIUmCPyVbT4aQZmbzo1Vq8IDqAnTK
+MsEPmt1hoCbSCtOtVrF/sGpG
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-192_C24:KAS-ECC-CDH_P-192_C24-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C15:KAS-ECC-CDH_K-163_C15-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-192_C24-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C15-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEcIJkRxW4tzH4IotRGOcnDTTRgfNh
-oiH8RkZJ1siMqJYUSIocx7hEK7Qvn7MCCj12
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBD0l0t6Sk7hNNRozyxpS9ZMKTIt2A9JZ
+2CNunI1kN/QebVRhHFIjj+LV
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-192_C24
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-192_C24-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C15
+PeerKey=KAS-ECC-CDH_K-163_C15-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=72e88f3ea67d46d46dbf83926e7e2a6b85b54536741e6d2c
+SharedSecret=021fef8e473daeda8ef6bf07814d7b9b613e3076a3
 
-PrivateKey=KAS-ECC-CDH_P-224_C0
+PrivateKey=KAS-ECC-CDH_K-163_C16
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBByDRqYPxvKTyloNKvaLpx0d
-04nl5Ag3lC3z5Dy9oTwDOgAEjeLiat9yxYLWVo72OMT9WbGNoXG99QHx2SngSEpo
-ocKw+yKTDRIFVcHs5Q6pjeqEB/cb4276wN4=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUD5QgEhNNzCyJIzMSCYNS9
+GFdgWtGhLgMsAAQFiupuQLjLJeZiKnvk/wG3nJLecqUEP2d2tt7/PSm0xwOJnXBc
+f+z1JcQ=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C0-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C16-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEjeLiat9yxYLWVo72OMT9WbGNoXG99QHx
-2SngSEpoocKw+yKTDRIFVcHs5Q6pjeqEB/cb4276wN4=
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBYrqbkC4yyXmYip75P8Bt5yS3nKlBD9n
+drbe/z0ptMcDiZ1wXH/s9SXE
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C0:KAS-ECC-CDH_P-224_C0-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C16:KAS-ECC-CDH_K-163_C16-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C0-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C16-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAErzPNBim8fpljIKP0A2j3TehwT6N7j6tp
-q6rigIggksy7p5MPQZqKT5uxaXi7w4OHKZklWaby4tc=
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAFYOGkIYZRGL6hbNrWtnq6OE7zh7BYsh
+PsKrOUL49q1gqVaVW1iQZrhW
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C0
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C0-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C16
+PeerKey=KAS-ECC-CDH_K-163_C16-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=7d96f9a3bd3c05cf5cc37feb8b9d5209d5c2597464dec3e9983743e8
+SharedSecret=03a287fd1cca68db47a3c74c12627fc3728568dd66
 
-PrivateKey=KAS-ECC-CDH_P-224_C1
+PrivateKey=KAS-ECC-CDH_K-163_C17
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBwEPLIW9Lcs33Yp1jcgpUru
-DJnrMtdEd9rAwvc9oTwDOgAEL5D1yOrJx97Nu5e2wvcVq3JeT+QP5tdG779OG2aJ
-c1FFT5J6MJsmnFptMTOL5MGaWs/DLPZW9Fw=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUAXQUroavqckl4yu8YeSRW
+ctWu+JGhLgMsAAQDa4Snczep3lwd1648iZOBOC8P/6QFbUrDn+iB/bjmDUVZZYqq
+3kVmPuU=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C1-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C17-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEL5D1yOrJx97Nu5e2wvcVq3JeT+QP5tdG
-779OG2aJc1FFT5J6MJsmnFptMTOL5MGaWs/DLPZW9Fw=
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA2uEp3M3qd5cHdeuPImTgTgvD/+kBW1K
+w5/ogf245g1FWWWKqt5FZj7l
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C1:KAS-ECC-CDH_P-224_C1-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C17:KAS-ECC-CDH_K-163_C17-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C1-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C17-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEE7/NT46UQjk8q4+0a58FZsImsis3B2l2
-8GF6Ru6yQnUpsojGPC+JY8Hkc98vymyqkNUuL421bdQ=
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA45IXekuQfHKymwOudgRpayom/NFAzGh
+Z3xGpo6WSBGpzF5OU+px4jEp
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C1
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C1-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C17
+PeerKey=KAS-ECC-CDH_K-163_C17-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=ee93ce06b89ff72009e858c68eb708e7bc79ee0300f73bed69bbca09
+SharedSecret=029558b41b8b92387bc22c868f51bb7acb6e4ee2e3
 
-PrivateKey=KAS-ECC-CDH_P-224_C2
+PrivateKey=KAS-ECC-CDH_K-163_C18
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBxa0N1turtPPC6l/jLlYbLK
-VQgUht8sfBXJYisIoTwDOgAEAFvKRdeT5/6ZqENwTtg4MVqxSl9id1B+m8N1MUPp
-1CHhSGrliTv9I8IQ5cFA18axraWdhCyamN4=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDkYAYep7dzzjcJk8FWwfS
+C5+ai8ShLgMsAAQEspLR+gnfxeajrZn9Av63TUgONPIG4YiACaCgSRwL5qv6yUPT
+d/C0hjs=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C2-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C18-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEAFvKRdeT5/6ZqENwTtg4MVqxSl9id1B+
-m8N1MUPp1CHhSGrliTv9I8IQ5cFA18axraWdhCyamN4=
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBLKS0foJ38Xmo62Z/QL+t01IDjTyBuGI
+gAmgoEkcC+ar+slD03fwtIY7
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C2:KAS-ECC-CDH_P-224_C2-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C18:KAS-ECC-CDH_K-163_C18-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C2-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C18-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEdW3YBrnZw02JlpHstFt3GvRo7ABEhqD9
-0oNBHk0Cwsphe7LF2WE/Jd1yQT0in9KQFROqKVBO7vs=
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBkJZ5QBHbdo+l+JeSR1GbCt5WL1JA8Ll
+MoE5NkGlGNHc7/q+6LKb3hQC
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C2
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C2-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C18
+PeerKey=KAS-ECC-CDH_K-163_C18-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=3fcc01e34d4449da2a974b23fc36f9566754259d39149790cfa1ebd3
+SharedSecret=0530020c8f6362312bfbe5c1c605b40dc2e032e81c
 
-PrivateKey=KAS-ECC-CDH_P-224_C3
+PrivateKey=KAS-ECC-CDH_K-163_C19
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBwKpv9Vpdgg78tOfRC4Reo8
-n5vF3/hhBtuFMY4ioTwDOgAEL5Z1QTHgloGYqnj76MIB3F81gceS3khzQNMkSGHo
-pc15YVIDttielJb54jb+O2vocx50PWFVGcY=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBbTeGKxlXY8agHV45uUWa
+MlB8KyGhLgMsAAQDNEDkYMR18gWKdn7EZsoYvOQfgw4Dcq7jI9Bj+omsv/v1UCSu
+JOSSnxk=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C3-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C19-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEL5Z1QTHgloGYqnj76MIB3F81gceS3khz
-QNMkSGHopc15YVIDttielJb54jb+O2vocx50PWFVGcY=
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAzRA5GDEdfIFinZ+xGbKGLzkH4MOA3Ku
+4yPQY/qJrL/79VAkriTkkp8Z
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C3:KAS-ECC-CDH_P-224_C3-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C19:KAS-ECC-CDH_K-163_C19-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C3-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C19-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAED1N78cESLFVlbSXoqoQX4LRLFSauBSMU
-T5khxPebJtMOSRp3NpbMLHm08FlrxbnuuvOU0WL7hoQ=
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA3FCdpl7RHji2LWa9fLmPiK8TDHkBnPy
+jZYqv+3uYuq0fDtFeaHlFoM2
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C3
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C3-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C19
+PeerKey=KAS-ECC-CDH_K-163_C19-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=49129628b23afcef48139a3f6f59ff5e9811aa746aa4ff33c24bb940
+SharedSecret=0521673006a1d9608911d54536e122d809e919d804
 
-PrivateKey=KAS-ECC-CDH_P-224_C4
+PrivateKey=KAS-ECC-CDH_K-163_C20
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBzv5ubiWv+vVMmNACq7xjKN
-oVlAWht1LjLcI5UKoTwDOgAENV6WKSC94ENpX2v/tLNVxj2m9d5mXtRvLsgX4nSO
-CVNo9i4dNk7dRhcZeTtAStvarLyt2Iki/zc=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUAbGWHlLA5yCCosDMAj6is
+dVa8rsOhLgMsAAQEy/soZpHkFQgaF4Xsawqs2x0jHR0F3WrP6R1oqOwjaGR4wO6M
+iSd67xQ=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C4-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C20-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAENV6WKSC94ENpX2v/tLNVxj2m9d5mXtRv
-LsgX4nSOCVNo9i4dNk7dRhcZeTtAStvarLyt2Iki/zc=
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBMv7KGaR5BUIGheF7GsKrNsdIx0dBd1q
+z+kdaKjsI2hkeMDujIkneu8U
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C4:KAS-ECC-CDH_P-224_C4-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C20:KAS-ECC-CDH_K-163_C20-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C4-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C20-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEKzYx0rBhebMXShAPf1cTHu6olHvgeGw9
-xksiOYPeKa49rTGtwCNsbefxRWHKLqCDxScMeKLmy8A=
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAnXsFfJ90tpuRN/mI1Ry1b06JQL4BY/Q
+ImKyfBhd3iayx31aT01Q3Jko
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C4
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C4-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C20
+PeerKey=KAS-ECC-CDH_K-163_C20-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=fcdc69a40501d308a6839653a8f04309ec00233949522902ffa5eac6
+SharedSecret=0460579beca16cccce314ff3040de4785336fc358c
 
-PrivateKey=KAS-ECC-CDH_P-224_C5
+PrivateKey=KAS-ECC-CDH_K-163_C21
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBxhyykyUkAB5enu7W332ciT
-XuMyICnt16qKy/1RoTwDOgAE1Q5K2r/Zidfbx89AUlRsx8RHqXYwQ2mXrUuVNlvq
-UDRzxervlVLULECx8vfKKSczslW5u+GxIzc=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBacjaIsNahVSVBHoQS+AL
+FXW2UquhLgMsAAQEXv7ZyL0qTkKViPNE9J0eY+ZovQECXRr4WsIdWYItffjw5L66
+3ztdRAE=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C5-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C21-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAE1Q5K2r/Zidfbx89AUlRsx8RHqXYwQ2mX
-rUuVNlvqUDRzxervlVLULECx8vfKKSczslW5u+GxIzc=
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBF7+2ci9Kk5ClYjzRPSdHmPmaL0BAl0a
++FrCHVmCLX348OS+ut87XUQB
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C5:KAS-ECC-CDH_P-224_C5-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C21:KAS-ECC-CDH_K-163_C21-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C5-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C21-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAERRFAPeKQWfaaR1xaal9sq+1dnwFENqjL
-cKAjOH0tG2KqBG35NA+cN6CHoGsyz38IoiP5koEqgos=
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAjOvNhAwOSJvQW3SLhomtz+Qk9OKBzQl
+ihdcl3aKn3K4JLmakfXPjj2W
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C5
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C5-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C21
+PeerKey=KAS-ECC-CDH_K-163_C21-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=827e9025cb62e0e837c596063f3b9b5a0f7afd8d8783200086d61ec1
+SharedSecret=05ba66964483fe473ccbd00c37ad3ba40cc5969f62
 
-PrivateKey=KAS-ECC-CDH_P-224_C6
+PrivateKey=KAS-ECC-CDH_K-163_C22
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBByMes40cXH5Le+Y2EVHX8gu
-HRSW2oHuWPUFuYX6oTwDOgAEsajcrImsonmTILRR3xx/9Nl1Z6u2gUHA2V/CqjUk
-lQkCsVEL3Jh9hgr8J62HHOrqZpNavTwKmag=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUAAy/HkIZGMmMMSaKemtD7
+bRDytYyhLgMsAAQHec+z4XyQKiWE7TOCqL7YJi25hCQASvJzh1+KKrmpSsDR5KIz
+kLK7UFw=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C6-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C22-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEsajcrImsonmTILRR3xx/9Nl1Z6u2gUHA
-2V/CqjUklQkCsVEL3Jh9hgr8J62HHOrqZpNavTwKmag=
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEB3nPs+F8kColhO0zgqi+2CYtuYQkAEry
+c4dfiiq5qUrA0eSiM5Cyu1Bc
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C6:KAS-ECC-CDH_P-224_C6-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C22:KAS-ECC-CDH_K-163_C22-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C6-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C22-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEMUoLJt0xwkiEXXzBe2HK1GCCWb7YWljR
-8f/TeGbks1A1LhGe7K2jgpB/Nhn9dI6nOuSJnf1JYwI=
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBtAyFSJA8ovn90349tKkUMEimlqVB6ra
+x3zERImF0XlGNrwdWC89EBoz
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C6
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C6-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C22
+PeerKey=KAS-ECC-CDH_K-163_C22-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=335ba51228d94acbed851ca7821c801d5cb1c7975d7aa90a7159f8fa
+SharedSecret=0277c4a76e1613b2ede699a675c1645a786075009e
 
-PrivateKey=KAS-ECC-CDH_P-224_C7
+PrivateKey=KAS-ECC-CDH_K-163_C23
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBw4L+ubm6EPGJ2Z5xqJzf5E
-y1VM7BOiEoQJd/tooTwDOgAEq7bx43c/+PxzrqKgsQeAnOcK3O/tbkH8XLQwRalj
-iXrpBsEKBV7q25f/3W90jT5WIeX/8wTki6c=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDwd5btA5wkz7X24TOLLRo
+y7opmzqhLgMsAAQF/+DxYBi9S97l9zv9rQTXE/Ihb1AEI2HIgfAIHLBUTvqww7NP
+Weqt7sQ=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C7-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C23-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEq7bx43c/+PxzrqKgsQeAnOcK3O/tbkH8
-XLQwRaljiXrpBsEKBV7q25f/3W90jT5WIeX/8wTki6c=
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBf/g8WAYvUve5fc7/a0E1xPyIW9QBCNh
+yIHwCBywVE76sMOzT1nqre7E
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C7:KAS-ECC-CDH_P-224_C7-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C23:KAS-ECC-CDH_K-163_C23-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C7-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C23-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEq+aEO+7C/Z5ftkcw0L5NFlQ4zpIu113Y
-C0YD5Wr+hnOpbEupkArYWZXmMeQ2xsyIosK0e3xIhrg=
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAfhYHsYd8UCSJ6q3oBXyxx0p43FsAcH1
+HMQYW2iiYOMbSwDAOkQD9lwl
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C7
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C7-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C23
+PeerKey=KAS-ECC-CDH_K-163_C23-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=8c2e627594206b34f7356d3426eb3d79f518ef843fbe94014cceace3
+SharedSecret=03c6481dac387af39e8c09a553068ac496eea03691
 
-PrivateKey=KAS-ECC-CDH_P-224_C8
+PrivateKey=KAS-ECC-CDH_K-163_C24
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBzg1iA1EB70h8SFxg+0UA7r
-5qMuxk2+l9vgIyxGoTwDOgAEiFN3NemyPj4OB28TWoLTP5v/tGXzq86DIqYqYrTI
-wSNnMZeHXAvRTtCXYG0zD7orkgDvZaRHZNM=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDiBJ1uki+oL7MAhGQNGf1
+0KrjIaqhLgMsAAQHduQP5xSZhTN+8bbJuDDLNgh1KqYFjm7LsnsLLTzQ46e6U43j
+V2/VufY=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C8-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C24-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEiFN3NemyPj4OB28TWoLTP5v/tGXzq86D
-IqYqYrTIwSNnMZeHXAvRTtCXYG0zD7orkgDvZaRHZNM=
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEB3bkD+cUmYUzfvG2ybgwyzYIdSqmBY5u
+y7J7Cy080OOnulON41dv1bn2
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C8:KAS-ECC-CDH_P-224_C8-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-163_C24:KAS-ECC-CDH_K-163_C24-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C8-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-163_C24-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEE8+dbSyaroJ0wn1Eav0MiI/91SrimaNZ
-hNT1J9y+51tRV1H47irjVeiv1d4hxiqTmmUHtTjLxK8=
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAroi+9qqqAbIVw8UrUyIKmEMy42EBtRD
+jlKMqIewW9JWTfk775v2YNp4
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C8
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C8-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-163_C24
+PeerKey=KAS-ECC-CDH_K-163_C24-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=632abb662728dbc994508873d5c527ca5ef923c0d31fa6c47ef4c825
+SharedSecret=07b5d096d06d41c3ad6458cc93417e6facc99bc7b8
 
-PrivateKey=KAS-ECC-CDH_P-224_C9
+PrivateKey=KAS-ECC-CDH_K-233_C0
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBy5at5bc7pyqotuTXTXv5xY
-6WL/eOtUIofHtEuioTwDOgAEN2gpJqVPcKTBdI9U1Q1bABOKBV+STyxl5bC75Flq
-/vzdZA0pY1AVuJvd3R+MJyNobTMuegbKh5k=
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0TWluMPOBH+8XfJid9O/g6
+wz3a21z0oFDKgr5I8KFAAz4ABAGlPlwTiz2DkF1WOqHbASdGM8mGtS94IlqS4z55
+UgDsq9Pi4mcpqWVgTlYO1EmKIrMcOWQuHPmbHd4+xw==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C9-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C0-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEN2gpJqVPcKTBdI9U1Q1bABOKBV+STyxl
-5bC75Flq/vzdZA0pY1AVuJvd3R+MJyNobTMuegbKh5k=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAaU+XBOLPYOQXVY6odsBJ0YzyYa1L3gi
+WpLjPnlSAOyr0+LiZympZWBOVg7USYoisxw5ZC4c+Zsd3j7H
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C9:KAS-ECC-CDH_P-224_C9-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C0:KAS-ECC-CDH_K-233_C0-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C9-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C0-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAElltjfA37wM+VQDVobXD37DCSnmZOUh26
-oigGWYKlj/YbyQAZu8u1h104Y9sLwqH6NLCtTeGoP5k=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAfQONLPtShstQMBW+3XyrVQ8iXz9gvVC
+z3RqDyAvAMEwoavpK8TJd8gAd3mWzMULkN+ZGi6B3VFcGIWZ
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C9
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C9-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C0
+PeerKey=KAS-ECC-CDH_K-233_C0-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=34641141aab05ef58bd376d609345901fb8f63477c6be9097f037f1f
+SharedSecret=00a822b141ca1f5ad32899e68c54d1fec3df8100df485ebf1c5868a9ac89
 
-PrivateKey=KAS-ECC-CDH_P-224_C10
+PrivateKey=KAS-ECC-CDH_K-233_C1
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBykDX4SBJxx5lIsf/I4QiQG
-HDpFcFizEFV2VbhUoTwDOgAEOZgBJDv+DC2psKU8jKV/Lu6HqqlKjk1eAp9CyqpJ
-5tS0fO56XEq3HVpn2oTgubQlzj5w2mjIiec=
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1Rvm+81IeMVUObC8u+Xqjo
+S8nbiecKjo6/NHgtqKFAAz4ABAHFoeXT7lFuPt5yP6LVzTRWsRYyYwPF7kknOlYE
+xABWjQ/nEwKVVBv6JlB0FHVG6XM3NroAdVnXFtjglA==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C10-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C1-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEOZgBJDv+DC2psKU8jKV/Lu6HqqlKjk1e
-Ap9CyqpJ5tS0fO56XEq3HVpn2oTgubQlzj5w2mjIiec=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAcWh5dPuUW4+3nI/otXNNFaxFjJjA8Xu
+SSc6VgTEAFaND+cTApVUG/omUHQUdUbpczc2ugB1WdcW2OCU
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C10:KAS-ECC-CDH_P-224_C10-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C1:KAS-ECC-CDH_K-233_C1-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C10-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C1-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEc8xkU3LKLnFjfNqUPYFI8zgqtt0PLhpJ
-2pThNN9cNVwj5uIy68O+4qsYc+4Ng+M4L45v5hP2NDw=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAMhkwqRiqTY6SsPYGCEbygNpRy0YYoii
+dWdDO9pFAGidTQAG66BU3Gn8wHhngPtfdNOYkhNQTi9uZmmA
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C10
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C10-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C1
+PeerKey=KAS-ECC-CDH_K-233_C1-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=4f74ac8507501a32bfc5a78d8271c200e835966e187e8d00011a8c75
+SharedSecret=01662682bec2dfae05e38587c8e6a4d18aef4cb3416989c47c11bbe2810f
 
-PrivateKey=KAS-ECC-CDH_P-224_C11
+PrivateKey=KAS-ECC-CDH_K-233_C2
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBytJRm8ck1ITgKmnwUUm7BH
-cUvw9ZhvrC4iLNlGoTwDOgAE35weDvFeU7n2JuK+HL6JNjnAbz4EOe6V19Sx43pS
-pzhq3aJD79+JQQhchOMSOcq5K4AXM2dIll4=
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0uzKWV5V5shcWveMWVQP23
+SQA/9Ow2HDi0jn2mvKFAAz4ABABaSPrEdsMcrQxo5k5l5oeuRBj7XTtLsqu5kN0N
+5AAtmt1wZibyhZ7OEQ3y3eifrz6KrEM+JZXiPCdAgg==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C11-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C2-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAE35weDvFeU7n2JuK+HL6JNjnAbz4EOe6V
-19Sx43pSpzhq3aJD79+JQQhchOMSOcq5K4AXM2dIll4=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAFpI+sR2wxytDGjmTmXmh65EGPtdO0uy
+q7mQ3Q3kAC2a3XBmJvKFns4RDfLd6J+vPoqsQz4lleI8J0CC
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C11:KAS-ECC-CDH_P-224_C11-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C2:KAS-ECC-CDH_K-233_C2-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C11-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C2-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEVGV4IWJQNU5EniFUbdEc0cUXQjZzmsrZ
-zg9FEtKiL81m0avtx2dmgyfFy5xZkEMnYjnPPIUWryQ=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAXgtgvzSEcAkfIfmV+/MXS/2sF65NTMK
+U5A/s7+jAMzoMKUV1pCrmBSVea00gThIWeVl0H+mH1Dr1mmi
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C11
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C11-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C2
+PeerKey=KAS-ECC-CDH_K-233_C2-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=ad09c9ae4d2324ea81bb555b200d3c003e22a6870ee03b52df49e4de
+SharedSecret=00215d511cb95e0e073ee999908a7a844afd75c9acb7a9d724f7fd322b01
 
-PrivateKey=KAS-ECC-CDH_P-224_C12
+PrivateKey=KAS-ECC-CDH_K-233_C3
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBw9MSqbnY7QkUCQC7rB4JVS
-fryePGSTvPNmbjopoTwDOgAEtKAZjciBDohEJbdQkosMlgwx96mWY0ALAaF534Er
-YBv8BzgkLG+G+DDyes1jLKYYoLUoDJ1Xafc=
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1qfAOJLfGE1Wzcy51emhZI
+OmyTiK4hKqkmyP37XqFAAz4ABAFKr4gOgdtpq6K0A7vafzYeMzm0g84mmfML9Sge
+rQG3FVm9fZOE5Re4fxE4ppb7zrNRDYxBwhWNSqPlsg==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C12-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C3-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEtKAZjciBDohEJbdQkosMlgwx96mWY0AL
-AaF534ErYBv8BzgkLG+G+DDyes1jLKYYoLUoDJ1Xafc=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAUqviA6B22mrorQDu9p/Nh4zObSDziaZ
+8wv1KB6tAbcVWb19k4TlF7h/ETimlvvOs1ENjEHCFY1Ko+Wy
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C12:KAS-ECC-CDH_P-224_C12-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C3:KAS-ECC-CDH_K-233_C3-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C12-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C3-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEHUax3DooEjy1E0bme67FZASGhnj699Do
-sq+iKg7J5l7JfiGDc+f8EVwidNW4KaYNk/ceAdWBNsM=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAI2ADTdnq/VzFpV1TuiCm4WP9OtgSkSK
+1mSQtJwZAbwPAzlkmtTXt8/z/KnpZaOGJej0W8lgKjPAeYoz
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C12
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C12-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C3
+PeerKey=KAS-ECC-CDH_K-233_C3-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=ef029c28c68064b8abd2965a38c404fb5e944ace57e8638daba9d3cd
+SharedSecret=01394e02c70104f2a5308b2d101b02c70ef2d13540602b8e8f82dc6d569f
 
-PrivateKey=KAS-ECC-CDH_P-224_C13
+PrivateKey=KAS-ECC-CDH_K-233_C4
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBByM4IItwkwVOZV1WsNQc371
-BmQcfXUrT5MAxhLtoTwDOgAEAN/H7BN2kM1tEv2y/QuMUxRYIQh2nCtyL/s5WF7v
-PaS6RYEnNGu2QCOGi923VYouz8gTZF9M6f4=
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0uL/h5G8ZMAPOw8dXVz7nd
+s7GTgUWZ99vd7e/Po6FAAz4ABAGARcyeZfbideMipiwY7+LQDPk5lf61NWEnOj8T
+BgFk4Ac8DUs+EuIvg3vT/sQh47sJ4MDdmXQigw9kAw==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C13-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C4-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEAN/H7BN2kM1tEv2y/QuMUxRYIQh2nCty
-L/s5WF7vPaS6RYEnNGu2QCOGi923VYouz8gTZF9M6f4=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAYBFzJ5l9uJ14yKmLBjv4tAM+TmV/rU1
+YSc6PxMGAWTgBzwNSz4S4i+De9P+xCHjuwngwN2ZdCKDD2QD
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C13:KAS-ECC-CDH_P-224_C13-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C4:KAS-ECC-CDH_K-233_C4-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C13-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C4-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEJm0DjMek/iH2yXYxjoJ7grtbj3RDpVKY
-E2UG4N8SPZinogu985Q98uNWNCL4wM901TqqvdfJc7o=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAUo+EhrdelJn9crSBLP0khUIR4ayP42U
+2f2gLg8ZADlP6hddrZs01SVDRlTQyGY3kmysOjKSouSlFLX1
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C13
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C13-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C4
+PeerKey=KAS-ECC-CDH_K-233_C4-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=f83c16661dfcbad021cc3b5a5af51d9a18db4653866b3ff90787ce3e
+SharedSecret=008556a4c3a8906ddbcb946099ca5dbe7bdb6cd8f37fbb50c96fcefed32d
 
-PrivateKey=KAS-ECC-CDH_P-224_C14
+PrivateKey=KAS-ECC-CDH_K-233_C5
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBwP+bSFMlq3fynnvDef7XS/
-rIWUgtoN7nUowZ2yoTwDOgAEfmA+aXbbg8NgEVCPppXRtRUkni5UtI/Lz7kCRwF5
-pgDOhq38qbG5MfpRc9YY2gnoQYA9GbAmQoY=
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1mly5xVmdG8vdsh3k3dAVO
+onXip+J6t8LQXF8kEqFAAz4ABAAgIm3XPjGOT8jUndQ+WeJgGT0bskjL5MBrTWuD
+iQDtEqTziWlqsxyT6j7E2Orxi+CX/JFS4sQrc/9FKA==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C14-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C5-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEfmA+aXbbg8NgEVCPppXRtRUkni5UtI/L
-z7kCRwF5pgDOhq38qbG5MfpRc9YY2gnoQYA9GbAmQoY=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEACAibdc+MY5PyNSd1D5Z4mAZPRuySMvk
+wGtNa4OJAO0SpPOJaWqzHJPqPsTY6vGL4Jf8kVLixCtz/0Uo
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C14:KAS-ECC-CDH_P-224_C14-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C5:KAS-ECC-CDH_K-233_C5-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C14-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C5-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAE6woJ96HCNqYfWVgJ7FZw79kuRZjV5hPg
-ks39ylB4euLy8VuIvBD3tfCu4UGDc/FhU669H7pUKI0=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAIlmeIj4QlxaYjE0Yi8eqdmvNt+XcsQQ
+1uMfK024AIRDD6RxZNHA65cEKkTL70ALu1RfrqTvSbpeO+9C
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C14
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C14-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C5
+PeerKey=KAS-ECC-CDH_K-233_C5-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=f51258c63f232e55a66aa25ebd597b2018d1052c02eeb63866758005
+SharedSecret=004ea6e0e34ec7c9bbad47f0f6f8ec0608e736d91e0e56cf3e5cffe8c370
 
-PrivateKey=KAS-ECC-CDH_P-224_C15
+PrivateKey=KAS-ECC-CDH_K-233_C6
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBwZz1/2MGRn8ouf4GdaQ8BY
-JVLIwS5Zznw48pKxoTwDOgAE/CDpBuYJwRLPwuD+pjA4gsXblOh+AiNzqywIKq7N
-8dqnF4K8Wia7vY1+inZJDiarwX3/x3S9c0E=
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0eU7qha8AmK1MppxGw6xiK
+G8p+9LXIUGEiXUHUqaFAAz4ABAB9bXhfoyMXTrnN5bcFQo5AGSRINbyUcC8oDCX/
+5QGaoO9DMHTEhNFOYRNy8D74kS8agkbOsekMgX2z2w==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C15-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C6-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAE/CDpBuYJwRLPwuD+pjA4gsXblOh+AiNz
-qywIKq7N8dqnF4K8Wia7vY1+inZJDiarwX3/x3S9c0E=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAH1teF+jIxdOuc3ltwVCjkAZJEg1vJRw
+LygMJf/lAZqg70MwdMSE0U5hE3LwPviRLxqCRs6x6QyBfbPb
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C15:KAS-ECC-CDH_P-224_C15-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C6:KAS-ECC-CDH_K-233_C6-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C15-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C6-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEay9rGKWH9WL/xhvZsARzIihphqePH9E5
-uE98JHCWkI5GFSZr5ZpTzWVVFQVv+SNwpicaXTgj1wQ=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAWTaCZIl6zxkH8g8dyBKOW6rlJWxKiL2
+jnpLg5nVAM2Y8nBMdJTm0gN150UoyPVvhn6d12MpgULqAXJL
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C15
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C15-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C6
+PeerKey=KAS-ECC-CDH_K-233_C6-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=7fdc969a186ff18429f2a276dac43beea21182d82ce2e5a0876552b1
+SharedSecret=0160d0b9b92a4acd089738fd489ae39734551e888fd05a020ce26498270a
 
-PrivateKey=KAS-ECC-CDH_P-224_C16
+PrivateKey=KAS-ECC-CDH_K-233_C7
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBByQoVNo41MsCx5R5V0TlEfC
-yJvBYHGdaXKR6nwUoTwDOgAExoN9UG6XbafbOtEmfDWd/y6m+wt/f453AkxZ6Wfr
-SR0vyKUwxGUl0qiy18HfX7oa50CkZJxoPuY=
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1CqAMqEdFld1XEnkdwM7DT
+Qdov6ZOkV3tBpAzuGqFAAz4ABAH2YpaX2mINWX/B9RyDN0IT836VL8EX7mWp52au
++wArNt7ceHrJUdKHnXJBTaLnV1ps18QuD6ILMtRh9w==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C16-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C7-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAExoN9UG6XbafbOtEmfDWd/y6m+wt/f453
-AkxZ6WfrSR0vyKUwxGUl0qiy18HfX7oa50CkZJxoPuY=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAfZilpfaYg1Zf8H1HIM3QhPzfpUvwRfu
+ZannZq77ACs23tx4eslR0oedckFNoudXWmzXxC4Pogsy1GH3
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C16:KAS-ECC-CDH_P-224_C16-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C7:KAS-ECC-CDH_K-233_C7-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C16-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C7-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEMoEBuoJqzXX/nzTVV0zg28kvcJutjXoz
-xHlAwd858eqISIxV1VOBYIeLnO0YqIfqJh3XEtFAJP8=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEADOosIo8M8NDAyztHA9egm+TLe6HnsFg
+eir11GKYAGxPJ6SbUaifbQlgFguluP7AjdLNS8kJpJCuvk97
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C16
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C16-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C7
+PeerKey=KAS-ECC-CDH_K-233_C7-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=3d60ab6db2b3ffe2d29ccff46d056e54230cf34982e241556ed2920c
+SharedSecret=0038381b342efaa70bb79adb76ceb775de5f45f863559ecaee1ddbbd0313
 
-PrivateKey=KAS-ECC-CDH_P-224_C17
+PrivateKey=KAS-ECC-CDH_K-233_C8
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBByOCDjgXhchSRBn4cq8LoBR
-spDiYW7sQntxIYl9oTwDOgAE6RUPdwB1YmAZ4Y+VRztx5oKAQXkdPwjT+u6qK0df
-cHNequUjCKO3Y9yI7+GKtZDrr6A19uCLABw=
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1D5XcJeBlfkXFS8Fe6H7AV
+bYlNMui7VMf2L3NApqFAAz4ABAFIfR/avM19idolaFsEKYCrFwruPBHzEYDjt8UK
+SgF+OD3WWh7IpAkAf3UDXlsWEzXZx3Vu2XBJD70XGg==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C17-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C8-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAE6RUPdwB1YmAZ4Y+VRztx5oKAQXkdPwjT
-+u6qK0dfcHNequUjCKO3Y9yI7+GKtZDrr6A19uCLABw=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAUh9H9q8zX2J2iVoWwQpgKsXCu48EfMR
+gOO3xQpKAX44PdZaHsikCQB/dQNeWxYTNdnHdW7ZcEkPvRca
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C17:KAS-ECC-CDH_P-224_C17-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C8:KAS-ECC-CDH_K-233_C8-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C17-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C8-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEAIHjQnCHHi672UGD9he0rhXwQW3WNP5u
-k0zzwDoenzinuQtzF9Jrn2MRBjq1iyaM9Imy5QOG1dY=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAM/hX4YaoBU0hfOKwDPfnI2BKv3hZ7iR
+i7lKCNljAb6/Bn+FEm0RSTIWIWQgGxN0vxhAqhHV4lBjnQYI
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C17
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C17-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C8
+PeerKey=KAS-ECC-CDH_K-233_C8-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=9116d72786f4db5df7a8b43078c6ab9160d423513d35ea5e2559306d
+SharedSecret=0122169f1dff445ec663270375dfe914016c38ce6c2d40d0b8098abc60ac
 
-PrivateKey=KAS-ECC-CDH_P-224_C18
+PrivateKey=KAS-ECC-CDH_K-233_C9
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBw4EG6T8Wo4Gtsdcs7j2mau
-RirUu/6p7N810IFOoTwDOgAEe+bEyReCmrZX3XnoY31679L4Hw3nZU2VfpdljUMN
-ItnoQ4MQ9h4NQ/Jfo+NFhfQyuq0n2zAhvw0=
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1MZ8YQPmISRgCg2ekj3CF6
+Ai9Xxv6yGccDM0/zOaFAAz4ABAAjUv6TQeYsYJ/BU44CcEBecAHXR7h1AOZEoRLF
+2QBB87FbcUpvfvZH4jZl6lMO/L4ZsHQENs2oEug5OQ==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C18-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C9-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEe+bEyReCmrZX3XnoY31679L4Hw3nZU2V
-fpdljUMNItnoQ4MQ9h4NQ/Jfo+NFhfQyuq0n2zAhvw0=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEACNS/pNB5ixgn8FTjgJwQF5wAddHuHUA
+5kShEsXZAEHzsVtxSm9+9kfiNmXqUw78vhmwdAQ2zagS6Dk5
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C18:KAS-ECC-CDH_P-224_C18-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C9:KAS-ECC-CDH_K-233_C9-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C18-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C9-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEJiNjL98L2FaAWmmqGG1BM+9ZBOH2Valy
-1mzOByzvlyjdBvuLUBUPUptpUHbUUHmDkSWFyJvQaC4=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAHY+KGvlB0C3+L14+nC8rIgN89c3HrM/
+2iRTs+0jAFe+bF99mQt1Q5hoM5rjJ68EoEmzi5IzK5y4yyfZ
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C18
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C18-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C9
+PeerKey=KAS-ECC-CDH_K-233_C9-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=207c53dcefac789aaa0276d9200b3a940ce5f2296f4cb2e81a185d3d
+SharedSecret=0054d47c9d0a9fee258122326be25daf35f0ba0b8449e16b4623a8c0fd7e
 
-PrivateKey=KAS-ECC-CDH_P-224_C19
+PrivateKey=KAS-ECC-CDH_K-233_C10
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBzl0XGEMc9Q9svRvIAZ+hZ2
-LfoSyYnlmZl3+06ioTwDOgAELqSWbn+S7X9cxh/eeSBF9jtzHW59DeJXfy2OzhxK
-ex7eb4ORYikt9CS+eOgXb7b5QqPAI5FwDzE=
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0Z5U2ocples9zczFBBjsNR
+QAiJ+udaC6Tc/yXx+aFAAz4ABAFeZ+rr5Sujf1tzoZnZUIEs7BAS/UEFgURLvyPg
+yAAiBV74Id8zBC+4MW3a12SF29JZDi9UmKkU5PCtOQ==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C19-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C10-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAELqSWbn+S7X9cxh/eeSBF9jtzHW59DeJX
-fy2OzhxKex7eb4ORYikt9CS+eOgXb7b5QqPAI5FwDzE=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAV5n6uvlK6N/W3OhmdlQgSzsEBL9QQWB
+REu/I+DIACIFXvgh3zMEL7gxbdrXZIXb0lkOL1SYqRTk8K05
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C19:KAS-ECC-CDH_P-224_C19-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C10:KAS-ECC-CDH_K-233_C10-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C19-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C10-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEjuTR3MMd7kv2/iHKilh3IdkQrPsSLBbC
-p3qBUk6/Mj//BOtHcGmgrGizRfaxrhNO/DGUDlE8uZ8=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEALyKca1METTe8Cbkcj4xAiP7LFhZvHWU
+BUyJTaVSAMNlBWNQVTUDPHpsRI1zv6CPuDcCNMf9usGzTaoi
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C19
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C19-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C10
+PeerKey=KAS-ECC-CDH_K-233_C10-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=10e467da34f48ad7072005bccd6da1b2ba3f71eafa1c393842f91d74
+SharedSecret=0071aed39f5c44a7ff72db3e0f8284da39dfb2d894f278d2006f9d2686e3
 
-PrivateKey=KAS-ECC-CDH_P-224_C20
+PrivateKey=KAS-ECC-CDH_K-233_C11
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBw9Y1aRtiqaknxjOVHJNpyI
-Yr0hGdMJcMJkRyfWoTwDOgAEQ4u7mAUXr7IL4dZ046wrMc7wepsj+49uOODWwAvl
-8cR9WNIbbtKEI7MvWpR1DaR+3O8z6nmUKv0=
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0Tpf/JoPcGnBxmFIaZYS5c
++rfiv3syVfGBoCJxkqFAAz4ABAGN5NxPak3lw2OOu6JNxwZJg7FZ9VsTnHaAocuQ
+0QE1Uy2BSK8+In1KiWDnaMVl9ywawKHJp70YXPmU0A==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C20-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C11-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEQ4u7mAUXr7IL4dZ046wrMc7wepsj+49u
-OODWwAvl8cR9WNIbbtKEI7MvWpR1DaR+3O8z6nmUKv0=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAY3k3E9qTeXDY467ok3HBkmDsVn1WxOc
+doChy5DRATVTLYFIrz4ifUqJYOdoxWX3LBrAocmnvRhc+ZTQ
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C20:KAS-ECC-CDH_P-224_C20-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C11:KAS-ECC-CDH_K-233_C11-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C20-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C11-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEl9y+bSgzWIKm0ZPMVKEGPdB3XcMoVlMA
-u5nmkdrRHdXs6M/Z+XyaUm5KFQbmNVlp7oeCb8OLzSQ=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAWzBrhP7NIJSSTAhzWFG1THwtyKEKkTH
+l5aJ8f84AYwJY/8Oo3BIyfb0dkTyp8jFA4Y8J88h7m4KMiTq
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C20
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C20-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C11
+PeerKey=KAS-ECC-CDH_K-233_C11-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=82fd2f9c60c4f999ac00bbe64bfc11da8ff8cda2e499fced65230bb1
+SharedSecret=01ca68ead4eddc8847a3a661cc6628e076bdd4b45047ece72245d094dd3b
 
-PrivateKey=KAS-ECC-CDH_P-224_C21
+PrivateKey=KAS-ECC-CDH_K-233_C12
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBys88hbvcN58C9eo25/D1MJ
-Wp5wRqKGhahlm/eYoTwDOgAE/3URIVxx15a9ZG6EdL5EFrkWhM4NJp729CIBO7e/
-Xnm1qTk7uepCwL2y08LcgG4acwaqWOT9vqU=
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0vXSp+CHekyZBzcyOG6NWX
+NKI91/Dff81U2UHnYKFAAz4ABAFHmAlGgMvTL7HuncqmuHOaVWMFI1kz+ycVfTGe
+VwHIVfDUU8H/tfZosyqLPjCeDoEBvDm22+feIUAV4w==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C21-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C12-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAE/3URIVxx15a9ZG6EdL5EFrkWhM4NJp72
-9CIBO7e/Xnm1qTk7uepCwL2y08LcgG4acwaqWOT9vqU=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAUeYCUaAy9Mvse6dyqa4c5pVYwUjWTP7
+JxV9MZ5XAchV8NRTwf+19mizKos+MJ4OgQG8Obbb594hQBXj
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C21:KAS-ECC-CDH_P-224_C21-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C12:KAS-ECC-CDH_K-233_C12-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C21-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C12-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEzpEm3VOXLeod4dEe/vkA3jS2YYWcRkjF
-wOU09+ETtvLBZZ0H8nFuZKg8GLvONE3SEh/oUWjq4IU=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAOSeGCrF2TK+iwX+NA6Mty3zVkfezWea
+jFm12Pv6AYG5WpZavRbsJDDCbdBxmE6FSpZ/8RTueDG9MUsq
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C21
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C21-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C12
+PeerKey=KAS-ECC-CDH_K-233_C12-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=530f7e7fc932613b29c981f261cb036cba3f1df3864e0e1cba2685a2
+SharedSecret=017a893b2e090780ff8daaf3588f9dfc0ac4dfe1f1e263697a9d1f398ab3
 
-PrivateKey=KAS-ECC-CDH_P-224_C22
+PrivateKey=KAS-ECC-CDH_K-233_C13
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBzP/WLLAKDjFj+/LDl/rclh
-ghD4a09UpnUocwXwoTwDOgAEBL9NlI9EMNGLTtbJbbr5gfoRpAPtFoh/BnVJgXwT
-JqnO9R951OeDA9YGS0WfYSWErC/fWT19XYQ=
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1lKhH2wxF/Eyb6aHdAXOxz
+McTxRql/dKsMRN4Bt6FAAz4ABAAs1tTB0sxeNCBerblPTP01u1adpyLE2bGbjVzC
+3gDqMATlsJMN9/i9oxTIvBFFRj62ACLNLc9sDIJOUA==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C22-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C13-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEBL9NlI9EMNGLTtbJbbr5gfoRpAPtFoh/
-BnVJgXwTJqnO9R951OeDA9YGS0WfYSWErC/fWT19XYQ=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEACzW1MHSzF40IF6tuU9M/TW7Vp2nIsTZ
+sZuNXMLeAOowBOWwkw33+L2jFMi8EUVGPrYAIs0tz2wMgk5Q
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C22:KAS-ECC-CDH_P-224_C22-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C13:KAS-ECC-CDH_K-233_C13-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C22-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C13-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEhEGZZ9bPrUHnWgK22mBal5SaGDqXwwbE
-tG5mpVzJsllxixvIsUT95jOolGFv/VmjptXY6ULHy7c=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAVmLL9tb8aOVH7nsAW7LTSj2bC6dE1ln
+hlk1hdcZAe9lyvFXldFKC+icrHxoAyO8WYA7qHTLKWhnLLip
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C22
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C22-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C13
+PeerKey=KAS-ECC-CDH_K-233_C13-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=49f6fd0139248ef4df2db05d1319bd5b1489e249827a45a8a5f12427
+SharedSecret=0041fa5fdf495b885699249b7746334b76c59e1c917bfc1ae371b96941f4
 
-PrivateKey=KAS-ECC-CDH_P-224_C23
+PrivateKey=KAS-ECC-CDH_K-233_C14
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBByF+QPkOUPRPGiTLnEOgN5S
-y8C48aFBjqTaB5KZoTwDOgAElwpKfgHUGISXzrRpVesbhC2QhYGam5JchFKdPd+i
-UmSA+DPqDtvSBOTjZf7zRyiI/n2WkcPrwJ8=
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0q1fccY4SvYmibNcJMTd+z
+Ws+BBssMGVAsLKGEr6FAAz4ABAD+G1JAinEoQb1i8O5RMH8mMx1AK8w6WrBAXRxe
+gAEKcxp9ampPW0Cy6qgQwZAtsnso0pe8BfNxTKyvwA==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-224_C23-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C14-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAElwpKfgHUGISXzrRpVesbhC2QhYGam5Jc
-hFKdPd+iUmSA+DPqDtvSBOTjZf7zRyiI/n2WkcPrwJ8=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAP4bUkCKcShBvWLw7lEwfyYzHUArzDpa
+sEBdHF6AAQpzGn1qak9bQLLqqBDBkC2yeyjSl7wF83FMrK/A
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C23:KAS-ECC-CDH_P-224_C23-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C14:KAS-ECC-CDH_K-233_C14-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C23-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C14-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEfJysNXaAY8KCf2Cn9ROI8qj0t/jNc2vW
-vDN0dynua4ScYCXVd9vMVfvRcBj07bwu8QWwBNYle80=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAbbP87f6IV43hgXJP4b1zThF9F+96L4H
+newpvIhiAWYiLvpdup6FjCRdu12maCOatbpyhhj7hakN3HYK
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C23
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C23-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C14
+PeerKey=KAS-ECC-CDH_K-233_C14-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=8f7e34e597ae8093b98270a74a8dfcdbed457f42f43df487c5487161
+SharedSecret=015f5adba59d1ee01696cecce4b63e78e68508303ee496ff5abcea25ad3b
 
-PrivateKey=KAS-ECC-CDH_P-224_C24
+PrivateKey=KAS-ECC-CDH_K-233_C15
 -----BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBzM5kiRo9ASn+4NSpbPvnrE
-cLhelnUpBXz6MaHZoTwDOgAEprKWMtuU2iEl3Bz4DgNwJoeyrMESICL6IXR2WmFy
-Pt1z4Q2u1zd1J48ZWLpW8fydCF68K2TIT+U=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_P-224_C24-PUBLIC
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1vActUeBy9ptiN61mEOuCD
+axr2g+/HVlC+hPIIp6FAAz4ABABNAKjwgg2pCX/lDo5979rClgfdTLHdiB1OYfHn
+iwCKSo6cgRtEQ2eVJ1KrjCpRmO+yj77b8/vXAahXqQ==
+-----END PRIVATE KEY-----
+
+PublicKey=KAS-ECC-CDH_K-233_C15-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEprKWMtuU2iEl3Bz4DgNwJoeyrMESICL6
-IXR2WmFyPt1z4Q2u1zd1J48ZWLpW8fydCF68K2TIT+U=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAE0AqPCCDakJf+UOjn3v2sKWB91Msd2I
+HU5h8eeLAIpKjpyBG0RDZ5UnUquMKlGY77KPvtvz+9cBqFep
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-224_C24:KAS-ECC-CDH_P-224_C24-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C15:KAS-ECC-CDH_K-233_C15-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-224_C24-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C15-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAECFp2Qq2OWbGj6HJqdUevvs/9rB2rflcj
-DGqd9PkcNtiB/puAR6NTBxNVShr0wlxajmVNzc9ony4=
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAM9AKuvD5CR6mrQ9qXVRdqgQ4BH5/Zd9
+4b4v1TT7AbrEX6QtYFrTR5x8Q+ckkQcWc3lTzIUErxTzMdNP
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-224_C24
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-224_C24-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C15
+PeerKey=KAS-ECC-CDH_K-233_C15-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=71954e2261e8510be1a060733671d2e9d0a2d012eb4e09556d697d2a
+SharedSecret=003d5c29b3753e89ce5064575393392b377ca657a0b73872c82165fc43ae
 
-PrivateKey=KAS-ECC-CDH_P-256_C0
+PrivateKey=KAS-ECC-CDH_K-233_C16
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgfX3F9x6yndr4DWIU
-Yy7q4D2QWK8fttIu2AuttivBpTShRANCAATq0hhZARnoh2spFG/4nKYXcMTtu/l9
-OM44XtKB2KayMCivYSgf014vpwAlI6zIWkKcsG7mZIMlOJ9Z7fzhQFFB
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1dwboYOfXR/qhas2FMVanF
+/mAIU8caYZg8fcgt4qFAAz4ABAC2y2/6Ti6rz3uYfrtSAWWo7Joipvn/sQDzgXKg
++wDTmBThhSR25W6JzozdZDcoQMAVcKhpQKziS7nPag==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C0-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C16-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE6tIYWQEZ6IdrKRRv+JymF3DE7bv5
-fTjOOF7SgdimsjAor2EoH9NeL6cAJSOsyFpCnLBu5mSDJTifWe384UBRQQ==
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEALbLb/pOLqvPe5h+u1IBZajsmiKm+f+x
+APOBcqD7ANOYFOGFJHblbonOjN1kNyhAwBVwqGlArOJLuc9q
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C0:KAS-ECC-CDH_P-256_C0-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C16:KAS-ECC-CDH_K-233_C16-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C0-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C16-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEcAxI939WWExcxjLKZWQNuRtrrM46
-Tfa0LOfMg4gz0ofbceUJ4/2bBg3bILpcUdzFlI1G+/ZA3+BEF4LKuF+krA==
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAPOMzM8I5b3/O7NffnW9ztaNN5Hc94Q8
+qI/wkhNtAV7XaXpLjJnQFHgo9shh/8nPsPM9zp0UsHMeHaJi
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C0
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C0-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C16
+PeerKey=KAS-ECC-CDH_K-233_C16-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=46fc62106420ff012e54a434fbdd2d25ccc5852060561e68040dd7778997bd7b
+SharedSecret=007c01f906caa590898a09f46b6f5383658e7fee656aca0f111f22939960
 
-PrivateKey=KAS-ECC-CDH_P-256_C1
+PrivateKey=KAS-ECC-CDH_K-233_C17
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgOPZdbc5HZ2BE1Yzl
-E5WC1Wj2S7FgmNF526sHdB3VyvWhRANCAAQRny8EeQJ4KrDJ4npUr/Xrm5ZIKcqZ
-wGsC3bqVsKP20I9StyZmTKw2b8mKx6ASsmgsvZYuWstURnHUG5RFcE0d
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0kHh31WHAx3drhlokcKIIc
+x4ea01gyrnGPbnkuZqFAAz4ABAHBcs7it2UD602Qs53azoJbI8Mjdcto6uzXNISQ
+owDCRu+cbi+trHfHPundWt7oKLeRhBc5W1mXvhoCeA==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C1-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C17-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEEZ8vBHkCeCqwyeJ6VK/165uWSCnK
-mcBrAt26lbCj9tCPUrcmZkysNm/JisegErJoLL2WLlrLVEZx1BuURXBNHQ==
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAcFyzuK3ZQPrTZCzndrOglsjwyN1y2jq
+7Nc0hJCjAMJG75xuL62sd8c+6d1a3ugot5GEFzlbWZe+GgJ4
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C1:KAS-ECC-CDH_P-256_C1-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C17:KAS-ECC-CDH_K-233_C17-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C1-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C17-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEgJ8EKJxkNIwBUV6wPVznrBqMuUmP
-XKpQGX5Y1DqGp66ynYToERl/Jeuo9RlAkstv9EDibUQhARNyRh9XknHNow==
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAeMoVx35M6z9TJbzxL3nHpF1y81iruzX
+Y4R0Sg8/AZ/0iq4MJS7ajTQLJcTdoBovIaqjXTm68DZpahEB
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C1
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C1-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C17
+PeerKey=KAS-ECC-CDH_K-233_C17-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=057d636096cb80b67a8c038c890e887d1adfa4195e9b3ce241c8a778c59cda67
+SharedSecret=019eece7d3fafc9274d361c6fafd9efd9ee485cbacb3baaf6834feb4df6a
 
-PrivateKey=KAS-ECC-CDH_P-256_C2
+PrivateKey=KAS-ECC-CDH_K-233_C18
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgGsz68bl3Erhab1Sx
-SJhaG9xMm+wL0ljK1LPWA/SfMsihRANCAATZ8recFyhFv9tWC7sBRHyl7MBHCglR
-O2EmkCxrT40QUfgV717DISjTSHg0dkZ4cC5k4WT/cxUYXiOv9frNlte8
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0ESsVakTqMf37X/FZ59S9H
+y7lzAyW+IbeZN3nRh6FAAz4ABACXlIYQF7Pevv8wLkJTJ/4mnXh1O3O8G/s6d/cW
+3AACWBpJwSafXsho3G1/XC2OdJYy1Hq22eaNutmF8A==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C2-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C18-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE2fK3nBcoRb/bVgu7AUR8pezARwoJ
-UTthJpAsa0+NEFH4Fe9ewyEo00h4NHZGeHAuZOFk/3MVGF4jr/X6zZbXvA==
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAJeUhhAXs96+/zAuQlMn/iadeHU7c7wb
++zp39xbcAAJYGknBJp9eyGjcbX9cLY50ljLUerbZ5o262YXw
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C2:KAS-ECC-CDH_P-256_C2-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C18:KAS-ECC-CDH_K-233_C18-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C2-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C18-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEojOcEtSgPDNUbeUzJotK1mfev0WL
-Rk13RDY2RA7n/sPvSKOrJuICILzaLBhRB2g52uiOrpYoaaSXv3PLZvr1Ng==
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAPSqf5NAqdpGxPBnKHU6Stxa9TpNy0Z/
+cLSHPaeFAH8yHivE4pporCPHfO3Tu83gv3uSon/6dklpiJgd
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C2
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C2-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C18
+PeerKey=KAS-ECC-CDH_K-233_C18-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=2d457b78b4614132477618a5b077965ec90730a8c81a1c75d6d4ec68005d67ec
+SharedSecret=01e4b7e89fb1b51179b8792f5cd581c3917e11246d3846f6344ee82eed66
 
-PrivateKey=KAS-ECC-CDH_P-256_C3
+PrivateKey=KAS-ECC-CDH_K-233_C19
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgIHxDp5v+4D229LlE
-9T0vt2zEnvHJxNNNUbbGXE22ky2hRANCAAQkJ3wz9FBGLcs9SAHVe5ztBRiPFsKO
-2ocyWASM0WB+DcR4l1PisfY7Mv8BTsQs1qafrIHf5tDW/Urzcq4nxG+I
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0rwTZ3hTEInaXC+rPK7sJW
+xUsLNfwsZfe47mFhw6FAAz4ABAH7JYox0Wa++c1mTNe2bNjBhucCXHfwuucxWH6e
+9gBg39TkdekoBdGTXQOC3BdnBnkVzADtOyT2U4LSGg==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C3-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C19-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEJCd8M/RQRi3LPUgB1Xuc7QUYjxbC
-jtqHMlgEjNFgfg3EeJdT4rH2OzL/AU7ELNamn6yB3+bQ1v1K83KuJ8RviA==
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAfslijHRZr75zWZM17Zs2MGG5wJcd/C6
+5zFYfp72AGDf1OR16SgF0ZNdA4LcF2cGeRXMAO07JPZTgtIa
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C3:KAS-ECC-CDH_P-256_C3-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C19:KAS-ECC-CDH_K-233_C19-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C3-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C19-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE3zmJufpVSVcZs89G3M0otRU/eAgZ
-HdUY7/DDz/K3Be1CIpT/RgA0Kdc5ozIGyHUlUsi6VKJw3vwG4iHg/q9qxA==
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAGjZ5V56EFt7tEsh1mm7DvZXqRQ3rYS/
+bVhTJwyYABQ8i+21TbB9+PZwg8WaCqfNig76QvQv1i5ELgti
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C3
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C3-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C19
+PeerKey=KAS-ECC-CDH_K-233_C19-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=96441259534b80f6aee3d287a6bb17b5094dd4277d9e294f8fe73e48bf2a0024
+SharedSecret=0145710c3ab0780ec233424d4e28b38d29f886965bbcac49fa300e1ed886
 
-PrivateKey=KAS-ECC-CDH_P-256_C4
+PrivateKey=KAS-ECC-CDH_K-233_C20
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgWRN+OBUjULGVyXGN
-OWc9UZg4BVrZCN1HVxUv2CVcCb+hRANCAASoxf3Oi2LFraWY8UGts7Js8lTCgLKF
-emPSrXg6cxFfa4BuGq/sSvgKDXhrPeRTdbUXp+W1H/ssNWU3yebvIn1K
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0NVllUcUNdlf7DffYi8Y7n
+2rskN5yCu/cUxavF46FAAz4ABAGlKUCkUqr0ILN7XzLCwzcwaJSogv7qet2twBkn
+7gB3G59ioqb6iSUDIlJ1SQOIuL/C33ffPoBr7bp9iA==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C4-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C20-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEqMX9zotixa2lmPFBrbOybPJUwoCy
-hXpj0q14OnMRX2uAbhqv7Er4Cg14az3kU3W1F6fltR/7LDVlN8nm7yJ9Sg==
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAaUpQKRSqvQgs3tfMsLDNzBolKiC/up6
+3a3AGSfuAHcbn2KipvqJJQMiUnVJA4i4v8Lfd98+gGvtun2I
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C4:KAS-ECC-CDH_P-256_C4-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C20:KAS-ECC-CDH_K-233_C20-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C4-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C20-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEQRktKBPnlWHmodb1PIvBpDOhmcg1
-4UGwWnSpew+uuSIa+YzEXpin4EGwHPNfRit1YigTUcjr8/+gLjOgcioTKA==
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAJnrkc2phiAQPDIF1kieaK1+V9ClHcUC
+1uMFiPQYAD+/gpkp7dKOkG9Y+Hq+1tbRd/Q28N2UDdol6vGI
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C4
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C4-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C20
+PeerKey=KAS-ECC-CDH_K-233_C20-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=19d44c8d63e8e8dd12c22a87b8cd4ece27acdde04dbf47f7f27537a6999a8e62
+SharedSecret=006941a2a531083563dd886b06c0860770a4724bb04a4ebb2afb1ba2636b
 
-PrivateKey=KAS-ECC-CDH_P-256_C5
+PrivateKey=KAS-ECC-CDH_K-233_C21
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg9fjgF0YQpmEneXm1
-jOXJD+5smzuzRqkKcZYlXkCxMu+hRANCAAR7hh3NKESlqDY/a4741JNkD1WHkhcY
-nYAyaq2UgN/BScRnW0XuswZAX2wzw4vGnrK97Jt1rVr0cGqrhFQ7nMY6
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0ZyKsrMvLuk78v9rxEN4tg
+hyva62ula1FMjziLp6FAAz4ABACDUw+j3zFah0CsUvTTlLgMSl8hC6ugttwiBeEk
+kwA3udAu1D6dQdDbuEA7kCG00sG9Ng7lPDHCe0kgBQ==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C5-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C21-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEe4YdzShEpag2P2uO+NSTZA9Vh5IX
-GJ2AMmqtlIDfwUnEZ1tF7rMGQF9sM8OLxp6yveybda1a9HBqq4RUO5zGOg==
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAINTD6PfMVqHQKxS9NOUuAxKXyELq6C2
+3CIF4SSTADe50C7UPp1B0Nu4QDuQIbTSwb02DuU8McJ7SSAF
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C5:KAS-ECC-CDH_P-256_C5-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C21:KAS-ECC-CDH_K-233_C21-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C5-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C21-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEM+ggkqDx+zj1ZJ1YZ/uii1AxcrcD
-VXS/jltxAKMFJ5Lyz2tgHgoFlF4zVVC/ZI14L0YYbHcsDyDTzQ1rjKFLLw==
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEANzKoitDOR3AUll6470HxuXwIfOemHdW
+9lSBce6UASjv1JrzprMtwWeXqXjwrUqw22arq9atVnL0+BLJ
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C5
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C5-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C21
+PeerKey=KAS-ECC-CDH_K-233_C21-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=664e45d5bba4ac931cd65d52017e4be9b19a515f669bea4703542a2c525cd3d3
+SharedSecret=001d754ee5351d4582974734072abac23376e24348370934e7b864db0f52
 
-PrivateKey=KAS-ECC-CDH_P-256_C6
+PrivateKey=KAS-ECC-CDH_K-233_C22
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgO1ia99sDRZwjBotk
-9j8o08PGvCW1v3asBfNUgoiLUZChRANCAASfs44tWOobr3Yi6WcgEByuPN5LpsHp
-+ibZsd4ImRAoY9VWG5AEBu31CALdfXPok5X4rtcvug4dG2H+HSIwImDw
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1QMWAQTYigwPY5VufDu6cC
+lj+fG1P8EZpZLu6k9aFAAz4ABAFGPHjkmKvzQDPsPh2XPcElCeLSNPuRQDcV5C9h
+9wCt56u5igMIiGaWNTqtM8Bbq1zzwNTpacv0xM7skw==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C6-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C22-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEn7OOLVjqG692IulnIBAcrjzeS6bB
-6fom2bHeCJkQKGPVVhuQBAbt9QgC3X1z6JOV+K7XL7oOHRth/h0iMCJg8A==
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAUY8eOSYq/NAM+w+HZc9wSUJ4tI0+5FA
+NxXkL2H3AK3nq7mKAwiIZpY1Oq0zwFurXPPA1Olpy/TEzuyT
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C6:KAS-ECC-CDH_P-256_C6-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C22:KAS-ECC-CDH_K-233_C22-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C6-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C22-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEap4MP5FuTjFckRR75XFobZBGTov5
-gdNKkLY1O8pu66dA+b6tOcLyvMJgL3W4pz7Hvf/Lzq0VnQF0xsTTxTV/BQ==
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAXCRezOze46v8kYeX5648Hl7E6q9kVpg
+cGzU8yy2AHZR4HQsDYPUtoVS6ber7DZEupdVz/5tTlaUOmub
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C6
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C6-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C22
+PeerKey=KAS-ECC-CDH_K-233_C22-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=ca342daa50dc09d61be7c196c85e60a80c5cb04931746820be548cdde055679d
+SharedSecret=011346b83791e4bea7f6ba6b1265e5050895d84027c106f77353418f75d7
 
-PrivateKey=KAS-ECC-CDH_P-256_C7
+PrivateKey=KAS-ECC-CDH_K-233_C23
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg2L+SmiDqdDayRhtU
-GhHIDmHYJsCkydMisx3VTn9YucihRANCAAQg8HYx5KZRKomtSHxOnWMDnlecsNel
-VsueZhzVnB5/pG3pGEaz7uil7AnCqx9B4hvYNiDM3Rvc46t+puAt0nT1
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1FR+r5vhzlrxOG4xEEbsgy
+YLhKLKkQVfYGaLlG4KFAAz4ABAFQSTjBZ2gK+4ttWFjPqhkcQBlvxOUAxmLFNG7M
+kAE30bqUIija5oxFCxoDOiyBCplZcfAcJAieSm/cxQ==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C7-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C23-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEIPB2MeSmUSqJrUh8Tp1jA55XnLDX
-pVbLnmYc1Zwef6Rt6RhGs+7opewJwqsfQeIb2DYgzN0b3OOrfqbgLdJ09Q==
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAVBJOMFnaAr7i21YWM+qGRxAGW/E5QDG
+YsU0bsyQATfRupQiKNrmjEULGgM6LIEKmVlx8BwkCJ5Kb9zF
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C7:KAS-ECC-CDH_P-256_C7-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C23:KAS-ECC-CDH_K-233_C23-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C7-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C23-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEqcCsreVcKnPq0ahvsKlxMiPIJHV5
-HNDiELBGQSziJLv23gr6IOk+B4RnwFPSQZA+2tc0xrQDunWMK1/wTJ1CKQ==
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEANjtMYOCuFwlJaAsIsZ/W/NmM12Udn61
+y0VzlmTFAX2P3nu8Vo/cgCo+NFXzzzVgLfcGhMis3aFloCZW
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C7
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C7-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C23
+PeerKey=KAS-ECC-CDH_K-233_C23-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=35aa9b52536a461bfde4e85fc756be928c7de97923f0416c7a3ac8f88b3d4489
+SharedSecret=00b4938ed1ed012a9a53892ed9949397cdc4e4a612d54dcf80cdb039f47b
 
-PrivateKey=KAS-ECC-CDH_P-256_C8
+PrivateKey=KAS-ECC-CDH_K-233_C24
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgD5iDug7zLudd7Q2L
-2jmlFGop8fJQezvUWNvqCyuwW02hRANCAASrthtCO+XWwm4hxgWDLJFC3B3+Wl//
-KHJnN5Nub79RbXM9JRPvWL6rICCQWG+skb8P7jHoCrM0c6sjotieWPrW
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_P-256_C8-PUBLIC
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1C++VUhi81lRhKRVEMpT35
+fEUXVYS10t4EJyM1jqFAAz4ABAExuNYbnPsFNsWIIU5FiI6+SDke7stNf7W+jv9K
+zwFl2klVegqp1F3TeNX4mScsxpdoInaukdLAtnXEaQ==
+-----END PRIVATE KEY-----
+
+PublicKey=KAS-ECC-CDH_K-233_C24-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEq7YbQjvl1sJuIcYFgyyRQtwd/lpf
-/yhyZzeTbm+/UW1zPSUT71i+qyAgkFhvrJG/D+4x6AqzNHOrI6LYnlj61g==
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEATG41huc+wU2xYghTkWIjr5IOR7uy01/
+tb6O/0rPAWXaSVV6CqnUXdN41fiZJyzGl2gidq6R0sC2dcRp
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C8:KAS-ECC-CDH_P-256_C8-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-233_C24:KAS-ECC-CDH_K-233_C24-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C8-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-233_C24-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAElOlPFqmCVf/yuawMlZiqw1SHsyMt
-MjG9k7fbffNvnrnYBJpDV5z6kLgJOpRBbL77+TOG8Vs/bhkLbjRV/t/mmg==
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAX+H8T9t/uYIG7XMpTL+JownHSdWsxvf
+ZDKXz2lbAPOnRpVeEt0LcZGe2/I7IyLKsyjdCb34e8r9zSiE
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C8
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C8-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-233_C24
+PeerKey=KAS-ECC-CDH_K-233_C24-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=605c16178a9bc875dcbff54d63fe00df699c03e8a888e9e94dfbab90b25f39b4
+SharedSecret=01b3d2578bde3066a253db5322c85cf9487ce77b67ece955e281b0d7d0e7
 
-PrivateKey=KAS-ECC-CDH_P-256_C9
+PrivateKey=KAS-ECC-CDH_K-283_C0
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgK+7bBLBcaYj2pnUA
-u4E/ryyuDVgMklO2M55KMze7bAihRANCAAQ9Y+Qpy1+olakkcSm/TkjonzXXsR3o
-FY7+s+EGoqhzlQyunkd+9B58jBBkN5u3tVTdy8rnn5gUKB8eUPBAPGHz
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAV/eSbgCVCpSxwsjoLF4
+Tl+HgLVoU/ml+MOlJm6HJ9zpfUoXoUwDSgAEBhHtwEXb5D7MTvazJM1R9w/j1934
+d+xot5iQnDxFYXVqow5fAIM7JVEXBK8Jti2ffLrFmBTnW7ucc19VU4SR2/pgweAR
+Xv5C
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C9-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C0-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEPWPkKctfqJWpJHEpv05I6J8117Ed
-6BWO/rPhBqKoc5UMrp5HfvQefIwQZDebt7VU3cvK55+YFCgfHlDwQDxh8w==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBhHtwEXb5D7MTvazJM1R9w/j1934d+xo
+t5iQnDxFYXVqow5fAIM7JVEXBK8Jti2ffLrFmBTnW7ucc19VU4SR2/pgweARXv5C
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C9:KAS-ECC-CDH_P-256_C9-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C0:KAS-ECC-CDH_K-283_C0-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C9-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C0-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE4Jm/Kk1VdGC1VEQwu/baEQBNEny1
-1n9kqwfJT831J0/ZxQ2+cNcU7bXiIfTgIGEO62JwUX5ojKZPsOmMfvjBxQ==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA/B1wkw1qdyZUr5v0yt2Hc5j9HIKIkCO
+OhS70JfgErVpTCKgBnWCW0AgLpW+fatagmFH4EuMUaCbADRXfB8x+MFqcMjhyFuJ
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C9
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C9-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C0
+PeerKey=KAS-ECC-CDH_K-283_C0-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=f96e40a1b72840854bb62bc13c40cc2795e373d4e715980b261476835a092e0b
+SharedSecret=0745552817b5d729310b7dbebae687648714a9ae695dad20ca1ab6111c3d054670f21132
 
-PrivateKey=KAS-ECC-CDH_P-256_C10
+PrivateKey=KAS-ECC-CDH_K-283_C1
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgd8Fdz0RhDkFpa6t1
-iUPv8UCTM+TVoRu+csj2w5Xp+EihRANCAAStXRPD21CN3NOEV+WZFDSiUb7UnPXd
-y1nN7nOGXxOMn2LOwecFiKpP38e5oJ2qZ4CBwE4SCLnWYriiIUv46Boh
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkATuRH2LzqohDVGNFR+5i
+KAfV0QYCAzCuK5eYwMTNDq2xC6lIoUwDSgAEB40uzU2QIzK2s8e9S6fSAPw0xF7a
+MJmLYCXtR7H0+OaPMoYkBNXlNkfd3y/MyIFtrIvHDCmAdiLMlVOacqo6myMModJe
+57UW
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C10-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C1-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAErV0Tw9tQjdzThFflmRQ0olG+1Jz1
-3ctZze5zhl8TjJ9izsHnBYiqT9/HuaCdqmeAgcBOEgi51mK4oiFL+OgaIQ==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB40uzU2QIzK2s8e9S6fSAPw0xF7aMJmL
+YCXtR7H0+OaPMoYkBNXlNkfd3y/MyIFtrIvHDCmAdiLMlVOacqo6myMModJe57UW
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C10:KAS-ECC-CDH_P-256_C10-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C1:KAS-ECC-CDH_K-283_C1-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C10-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C1-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE91pf5WvaNPPBOWKWYm7wEtwH5IJY
-OHeKZFyCSM/wFlgzu98bF3LYBZ31aLBh8/ESLyio2BkWfJe+RI49w/sMPA==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB5m0MOkjIP/qvy1syHOZ4wwKqEQg/466
+Iwm5lIe3Qtci6LelAhc2KAH9bS0oblzfN1zQrlabcAAFMS436ONbFZLvubXq9Hs6
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C10
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C10-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C1
+PeerKey=KAS-ECC-CDH_K-283_C1-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=8388fa79c4babdca02a8e8a34f9e43554976e420a4ad273c81b26e4228e9d3a3
+SharedSecret=02eb0c1ceb6179232e91cff91fc8a30553c6ed7e0a71deb1bda0a10735a84593dd903636
 
-PrivateKey=KAS-ECC-CDH_P-256_C11
+PrivateKey=KAS-ECC-CDH_K-283_C2
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgQqg7mFAR0SMD2xqA
-DyYQ90qnHN8Zxn1Uzmye2VHpCT6hRANCAASrSMqmHqNfE/jtB/+moT6NsiTf7Prh
-p9+LG7brrwy5fRJ0Uwyiw4WjIYvd+8vwtAJMm63VJDv/g06/8kqGGNzL
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAXdjK2nn7do88AcwdQQ0
+PMIWIyb2IBfL3fNgqHbck7gfBMWOoUwDSgAEA4FatkgOStJKZignXvLuDOfVhpkj
+nbziMziEK8WMQsypTSQSAt6DPMZkyskNMPvqxgPvu86SdtTxarHEbn4RyBqaqeJc
+gpaa
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C11-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C2-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEq0jKph6jXxP47Qf/pqE+jbIk3+z6
-4affixu2668MuX0SdFMMosOFoyGL3fvL8LQCTJut1SQ7/4NOv/JKhhjcyw==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA4FatkgOStJKZignXvLuDOfVhpkjnbzi
+MziEK8WMQsypTSQSAt6DPMZkyskNMPvqxgPvu86SdtTxarHEbn4RyBqaqeJcgpaa
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C11:KAS-ECC-CDH_P-256_C11-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C2:KAS-ECC-CDH_K-283_C2-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C11-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C2-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAELbRUDVAjB1YVir9h2YNXErZIbHQx
-IYPM78rvJ5e3Z01i9X8xTj80ldxOCZAS9eC6cXcPlmCh6tpUEEzf3nckPg==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAM5Hp0PUi4b+/WtcAvKpeydiov5X4L34
+XB1qKd6IYsTJntU6AyLllgafkWVoyiSM7Vfv6QU0r0qfkKT0D3l+RSlnAxcmv0HX
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C11
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C11-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C2
+PeerKey=KAS-ECC-CDH_K-283_C2-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=72877cea33ccc4715038d4bcbdfe0e43f42a9e2c0c3b017fc2370f4b9acbda4a
+SharedSecret=04a9dd2cf5076814e5329c518c4f27b429dbe01d46682d476e7e78880de368b064236ba9
 
-PrivateKey=KAS-ECC-CDH_P-256_C12
+PrivateKey=KAS-ECC-CDH_K-283_C3
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgzu01UHtck+rVmJEZ
-ubo0LP445uY4um7qNDpVR13igAuhRANCAASajNm9cucXUt+RRA93xUdQmoTfmBFO
-feTybNs5I0piXdB8/ITI4UT6soOfUYm7HXyIYx1Xm7xYAS7ZojJ9pS9i
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkADv+mhyYU4bluisxVTpV
+FR543cOPB0MrXEKhzS2ieP0LaOBHoUwDSgAEAdnDM32pXsblpL/xzJJ4OYm2bJIw
+EHhw1KV4aZM4446y2S7/AM2q19DrD0Rap2Ol37jzj1U1V3fOJPdTta09PLqxJfSR
+aY1W
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C12-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C3-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEmozZvXLnF1LfkUQPd8VHUJqE35gR
-Tn3k8mzbOSNKYl3QfPyEyOFE+rKDn1GJux18iGMdV5u8WAEu2aIyfaUvYg==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAdnDM32pXsblpL/xzJJ4OYm2bJIwEHhw
+1KV4aZM4446y2S7/AM2q19DrD0Rap2Ol37jzj1U1V3fOJPdTta09PLqxJfSRaY1W
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C12:KAS-ECC-CDH_P-256_C12-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C3:KAS-ECC-CDH_K-283_C3-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C12-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C3-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEzZT8lJfomQdQMJ6ahTT9EUsKblTa
-icR5YQGJcEHRTsvD3vS1/gT67goRkyIp//VjY3v97g55xt7q9En4VAHFxA==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEByiXWDm0LGIDanr/+t3vwwJLclhAe+1W
+XK6pOb4z0WrJREXHB3EmMHkLBa4E2NfZ8jZdrprSTExhs+sgwKeYfmpMSw9ZjDcf
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C12
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C12-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C3
+PeerKey=KAS-ECC-CDH_K-283_C3-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=e4e7408d85ff0e0e9c838003f28cdbd5247cdce31f32f62494b70e5f1bc36307
+SharedSecret=044e2cd2bc164d21cf4b9833c0aa62ed059282e62b82f4500aeb422d17e1f6e7e8bbd500
 
-PrivateKey=KAS-ECC-CDH_P-256_C13
+PrivateKey=KAS-ECC-CDH_K-283_C4
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgQ+Dp2Vr03DZIPN0Z
-aNK37rhhH8znfzpOfQWa5D5QlgShRANCAAT5ic+O6VaoLn69mIHNv7L9lGGJsI21
-NVm8jP3UgHHrFF7/KPGhimFrBLfTN4aGefbdhPmns9e2+K8nbBlhGlQd
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkANla9SpwjmktAmd7IQMv
+eurWAD8STnIBPzfAbgu8IONTKzzqoUwDSgAEBuSH+R5zvdNE+4vI9MH0ducn+yZx
+6dbI+9d18aqiTK8umjb1BmPhz/gJl1e7n/G4eJAoOqSc/w97Ev4YTtKkKDddJ5bN
+gd6R
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C13-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C4-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE+YnPjulWqC5+vZiBzb+y/ZRhibCN
-tTVZvIz91IBx6xRe/yjxoYphawS30zeGhnn23YT5p7PXtvivJ2wZYRpUHQ==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBuSH+R5zvdNE+4vI9MH0ducn+yZx6dbI
++9d18aqiTK8umjb1BmPhz/gJl1e7n/G4eJAoOqSc/w97Ev4YTtKkKDddJ5bNgd6R
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C13:KAS-ECC-CDH_P-256_C13-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C4:KAS-ECC-CDH_K-283_C4-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C13-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C4-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFbnkZ69NKQxBdALgQEJv5M8ja65y
-uqOS7Yl4DfzNtHHN9OkXD7kEMCuP2TqCC6jMftTv06by1rBbgLL/Ku5Odw==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBVZy1zmYRRCJ4rfHEEtCJH3d0TLUCtCH
+tYjWo4XaZPWi9Gg4ArTLFYH54rN463pPZPWn1DILLKPTR0cm9nDDiDu42kfz10W+
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C13
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C13-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C4
+PeerKey=KAS-ECC-CDH_K-283_C4-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=ed56bcf695b734142c24ecb1fc1bb64d08f175eb243a31f37b3d9bb4407f3b96
+SharedSecret=04d4f04d2fcf1bcd8150eaded90e467d3d38f753b6fb54eed8f9d29cd3dcc7be2c83de11
 
-PrivateKey=KAS-ECC-CDH_P-256_C14
+PrivateKey=KAS-ECC-CDH_K-283_C5
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgsvNgDfM2jvigu4Wr
-IvQfwOX0/dVL6BZ6XDzUsI2wSQOhRANCAARpxidiWzakKcOYtFw4Z3yzXYvrHPeK
-Vx5A6Z/k6sHNToFpARKwqI8g9xNrKNfUfl+8Kto8jt2HWJvBnslZBje9
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAMcz2QlAMsx67WxUqM7X
+U+rypIiCKFo7TH5gIfJr7OByKECtoUwDSgAEAmiWsDnXBo2YoyZxDrt6l4vUdmEV
+RkWuMM2D1gU1Bn4FFRzLANg6Jjvb2Mir8DEL+/yDkXqGsNjEvgsVWre54scFYFYo
+u83Z
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C14-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C5-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEacYnYls2pCnDmLRcOGd8s12L6xz3
-ilceQOmf5OrBzU6BaQESsKiPIPcTayjX1H5fvCraPI7dh1ibwZ7JWQY3vQ==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAmiWsDnXBo2YoyZxDrt6l4vUdmEVRkWu
+MM2D1gU1Bn4FFRzLANg6Jjvb2Mir8DEL+/yDkXqGsNjEvgsVWre54scFYFYou83Z
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C14:KAS-ECC-CDH_P-256_C14-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C5:KAS-ECC-CDH_K-283_C5-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C14-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C5-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEScUDumxPpgUYLhhrXoERPwdbwR3P
-1RyTL7IelR7uL6GK9wb/CSLYez8MXk4x2LJZrrJgqSaWQ+1SChO7JdpZJA==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAswopMt20UfZjfpnfcoU4XcTR7loHGXN
+tUDyLJB2E/3MsMjaB9QGX5kMj8N9EA7OOPv1dM5ETcNzVeBwK4DR6xvdZwmX6PJx
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C14
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C14-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C5
+PeerKey=KAS-ECC-CDH_K-283_C5-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=bc5c7055089fc9d6c89f83c1ea1ada879d9934b2ea28fcf4e4a7e984b28ad2cf
+SharedSecret=01c343540541604f68ddbd63c483760d824ded5c18be7e56e6d36a9ac6d25772afb0a90a
 
-PrivateKey=KAS-ECC-CDH_P-256_C15
+PrivateKey=KAS-ECC-CDH_K-283_C6
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgQAJTQwf4tiqb9n/2
-Qd3GD+9ZOxfDNBI56VvbPleb/cihRANCAARf6WRnExWhiqaKKm490f3n4juM5xgU
-cc+sQ8meGugCYtWCe+KC5iyE3lMbljiEuoMttdayw6JW8OYE/n5rin9y
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkANs511Ngctw0SM19IWDl
+DIEfZINY6w2x1UKOgap6aGt4Za39oUwDSgAEA6chkGrRPcFcMR/U5VLzvIe32Szu
+7bsMMWqVJ4W6Ron8C6JwApUU84c7vDueIXBh96YmH9xiaGhfllbx1e6kcswttajB
+Yubp
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C15-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C6-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEX+lkZxMVoYqmiipuPdH95+I7jOcY
-FHHPrEPJnhroAmLVgnviguYshN5TG5Y4hLqDLbXWssOiVvDmBP5+a4p/cg==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA6chkGrRPcFcMR/U5VLzvIe32Szu7bsM
+MWqVJ4W6Ron8C6JwApUU84c7vDueIXBh96YmH9xiaGhfllbx1e6kcswttajBYubp
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C15:KAS-ECC-CDH_P-256_C15-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C6:KAS-ECC-CDH_K-283_C6-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C15-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C6-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEGbON45/dL3D3CRYxpPddGZN0C6lC
-kWLCpFMSQBY2spwJrtcjKyjgYJQXQbaCi836K8ScyETzdzYRUE+Co5Clrg==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBjiA61OMcnXsuk21PZtowof7N3i+9RSX
+TR5+MamuNlohgUFfBK+fLPklQuH/j/KPjnyOgJWE4kOkkClJp2WihJhsdQsbBsia
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C15
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C15-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C6
+PeerKey=KAS-ECC-CDH_K-283_C6-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=9a4e8e657f6b0e097f47954a63c75d74fcba71a30d83651e3e5a91aa7ccd8343
+SharedSecret=05e38079815477b8a79096ce339c4a255f8b213be74715ea61ef7dd0c0b5f161d9de7521
 
-PrivateKey=KAS-ECC-CDH_P-256_C16
+PrivateKey=KAS-ECC-CDH_K-283_C7
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgTfoS3vxgMZAhtoGz
-/4ShClEZWMhQk57UVjWTS6SXkUehRANCAATJsrhJbxRAvUotHlJ1L9Nyg1s2SIXh
-VKfaxJKV8oHsfPvmuSaopN4mzMg7gCsSEkAHVL4l2fPurwCLCYcK52Mh
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAGZJv9ZB2r8bnUmdT7BL
+6wmUddCqFdXvaEi3NNLUEwCLYEMIoUwDSgAEAI9ldtYq/8cYNtGa27w9UEIQ8S77
+YcQgV4JFFSkMUC8uCbbYACFkO+h65uVJsNX7tVjBMD0UsczXdwPsdPlgLzXKjXpR
+Obzn
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C16-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C7-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEybK4SW8UQL1KLR5SdS/TcoNbNkiF
-4VSn2sSSlfKB7Hz75rkmqKTeJszIO4ArEhJAB1S+Jdnz7q8AiwmHCudjIQ==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAI9ldtYq/8cYNtGa27w9UEIQ8S77YcQg
+V4JFFSkMUC8uCbbYACFkO+h65uVJsNX7tVjBMD0UsczXdwPsdPlgLzXKjXpRObzn
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C16:KAS-ECC-CDH_P-256_C16-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C7:KAS-ECC-CDH_K-283_C7-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C16-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C7-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAELJHGHzOt/pMRyUL9v/a6RwIP7/QW
-t7tjzsE/r5sJmVRsqzGwZBnlIh/KAU+4TshwYiobErq1rkNoKqfqc+oI0A==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBb/SiVouZjZtt6g3iMcrzkj3m1yVJKCK
+4nPHjOs5rpdVnVrDBKKwpV+AFVoaMw/ebLbZft2wqdy2bEmzkpBKvos4H5EJDbsh
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C16
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C16-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C7
+PeerKey=KAS-ECC-CDH_K-283_C7-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=3ca1fc7ad858fb1a6aba232542f3e2a749ffc7203a2374a3f3d3267f1fc97b78
+SharedSecret=0531ccf51d1096982f7c2ec513a92bf51c7ac5069cb15c5e2a053ceae7e5550908a19101
 
-PrivateKey=KAS-ECC-CDH_P-256_C17
+PrivateKey=KAS-ECC-CDH_K-283_C8
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgEzH22HSk7TvEosbp
-x0Mx0wOXljFL7uO3FS/NulVWME6hRANCAARZ4eEBUhBGrZzx0ILp0ux90iUwzOBk
-mR8eVcW89fy1kUgvT2cxdsj9qgu25ZsVo+R0VOOgQpfThjyTONmK3R83
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAIGGCmU9bZREbXdmFk/5
+LGxcFUXHNTBLOtTVF4yLFNAYHpRxoUwDSgAEBraIFbuDaR0WdJxL4WEl4qbW2ulC
+UnObp78NsNUBmOov5D3fA54NkwGKRhJWIPb/rKWgZoNDxXAlpgwxqdblEZHKsziZ
+O0a1
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C17-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C8-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWeHhAVIQRq2c8dCC6dLsfdIlMMzg
-ZJkfHlXFvPX8tZFIL09nMXbI/aoLtuWbFaPkdFTjoEKX04Y8kzjZit0fNw==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBraIFbuDaR0WdJxL4WEl4qbW2ulCUnOb
+p78NsNUBmOov5D3fA54NkwGKRhJWIPb/rKWgZoNDxXAlpgwxqdblEZHKsziZO0a1
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C17:KAS-ECC-CDH_P-256_C17-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C8:KAS-ECC-CDH_K-283_C8-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C17-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C8-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEooou31gCVmj3JKr4OlCVa3rBz7v/
-ebCMO/h9/Sgo12ffp7//1MdmuGq+r1yZtuUMuczJ2dALf/x4BLBJG2e8Aw==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBjVH91cL1pWXM8A9LmxMiJcfMUrc8ovI
+UdxS7U6MGk6gb4cCASLTdzsJNOkA+6fr/hrV7VvsD7Gp3c9O62HL7QQAdDE8CzFw
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C17
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C17-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C8
+PeerKey=KAS-ECC-CDH_K-283_C8-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=1aaabe7ee6e4a6fa732291202433a237df1b49bc53866bfbe00db96a0f58224f
+SharedSecret=06ffe79d2b7664ee2d8303ffe0ceca8c49a581fcdb49c4af6a060ff204eea74f4cf39cef
 
-PrivateKey=KAS-ECC-CDH_P-256_C18
+PrivateKey=KAS-ECC-CDH_K-283_C9
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg3V6fcK50AHPKAgTf
-YHY/tgNsRXCb9Ke7TmcUEvrWXaOhRANCAAQwudsuLpd7zcmMuH3XNsvY54VSEhkl
-zxbhkzZXwvsjFGpFAogAuBKRvOXC4f7X3tZQYg675gUMbzp/DftGc6tc
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkACJD6JGb16l87w6c3mPH
+bU4QcVApT8+N12dkUco7+lxe25ZMoUwDSgAEA+Q54+vfp6I6nesJ3hQZBcZTxPIC
+7fLPXwn674i6MRNwHknwBx0HG4btD0aPxgGd4j/kuiyztQAyvjXpLS5a9A3nBqtS
+ToKr
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C18-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C9-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEMLnbLi6Xe83JjLh91zbL2OeFUhIZ
-Jc8W4ZM2V8L7IxRqRQKIALgSkbzlwuH+197WUGIOu+YFDG86fw37RnOrXA==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA+Q54+vfp6I6nesJ3hQZBcZTxPIC7fLP
+Xwn674i6MRNwHknwBx0HG4btD0aPxgGd4j/kuiyztQAyvjXpLS5a9A3nBqtSToKr
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C18:KAS-ECC-CDH_P-256_C18-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C9:KAS-ECC-CDH_K-283_C9-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C18-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C9-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEou+FeggfnW6yBqgcTPeKgCvfWYrj
-gMiIbs2F/cHtdkRWPEwgQZ8HvBfQU5+t4YVeNIOVFbiSwPXSZWH5f6BNGg==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAJBH99dzl9tw45/p5Lqdl6mVp+4Gbs9T
+gXnpN6yGys2sUQlQAHzYdRZ/BqL7moGeLL2s78Fsrg7vLLsLLUm+rhCdt1PJUGFw
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C18
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C18-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C9
+PeerKey=KAS-ECC-CDH_K-283_C9-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=430e6a4fba4449d700d2733e557f66a3bf3d50517c1271b1ddae1161b7ac798c
+SharedSecret=0311c430db78b6203e27b52988e1e9dae890c655dac4acefa7ee9612bec32e3e5f52be55
 
-PrivateKey=KAS-ECC-CDH_P-256_C19
+PrivateKey=KAS-ECC-CDH_K-283_C10
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgWuAmz8Bg1VYAcX5V
-uKEuEW0dDfNK+DGXkFdgfC2cL3ahRANCAARGyevRpKPIwLbVcrXc+6EkZ2AyCKnL
-XSrPu3M8QM9jkUbJE6J9BEGF04tGes4BHgTU2bu7jLmuJfqSqvFaWV6G
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAFEqQoQeEif8n+1RwiaH
+MWhBNvIlz79FZImH4kU6cYb2p+3voUwDSgAEAi925atxT994Vx6EwrbqOhfxKZm+
+SDvGfhuEPSCb3+wDR6Q+Au7B/A6F8zDFPa17/0hi2K//iqFPlHVulbjwH9fuuPxU
+UneH
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C19-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C10-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAERsnr0aSjyMC21XK13PuhJGdgMgip
-y10qz7tzPEDPY5FGyROifQRBhdOLRnrOAR4E1Nm7u4y5riX6kqrxWllehg==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAi925atxT994Vx6EwrbqOhfxKZm+SDvG
+fhuEPSCb3+wDR6Q+Au7B/A6F8zDFPa17/0hi2K//iqFPlHVulbjwH9fuuPxUUneH
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C19:KAS-ECC-CDH_P-256_C19-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C10:KAS-ECC-CDH_K-283_C10-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C19-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C10-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEzNii2GvJLy4BvOTWkiz3/hYmrtBE
-aF6V4u69RkUF8B/p3dWDqWNaZnd31bio8xsPeeuhLHUCNBC1S4Vn3dwPOA==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBL3sGTAMiv3u2GSZ0nA5It9Xsv/sN+Rc
+A6XikJ3jwzO9BqXhAapPQIRPJBPx/L3tADsdFcnx33VI3iorv3G1FmV62NjHfPct
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C19
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C19-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C10
+PeerKey=KAS-ECC-CDH_K-283_C10-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=1ce9e6740529499f98d1f1d71329147a33df1d05e4765b539b11cf615d6974d3
+SharedSecret=0701d92ed8687138014b4379f1c34677e1744f6ae8c89958a5962f14408d587b95472db3
 
-PrivateKey=KAS-ECC-CDH_P-256_C20
+PrivateKey=KAS-ECC-CDH_K-283_C11
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgtgGsQl1dv54XNcXi
-1b23nKmLPVvkos/W8ic/FQ4GTZ2hRANCAAR8npUIQdJsjd6JlDmLj11HWgIrxj3n
-dz/PjVUuAfG6CsxCuYhcmzvuD42MV9Oo9jVQFsAZxAYvoiz/LyCbXMLh
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkACqK9JfRo9rAcyo5Pe33
+U5Sj9RnOB/rtP3fcDmafOhscbdrboUwDSgAEBXHwyH+IiI7Ac4lhg0AhdlzE9cjb
+Kx+eqbj+mEf4lkNJ/cRPBO98gESmCWlHRsyq/of8f58aeNAPg1T12n7i9dpyNawa
+1LV8
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C20-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C11-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEfJ6VCEHSbI3eiZQ5i49dR1oCK8Y9
-53c/z41VLgHxugrMQrmIXJs77g+NjFfTqPY1UBbAGcQGL6Is/y8gm1zC4Q==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBXHwyH+IiI7Ac4lhg0AhdlzE9cjbKx+e
+qbj+mEf4lkNJ/cRPBO98gESmCWlHRsyq/of8f58aeNAPg1T12n7i9dpyNawa1LV8
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C20:KAS-ECC-CDH_P-256_C20-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C11:KAS-ECC-CDH_K-283_C11-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C20-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C11-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEwYj/yJR/cwH7e1PjZ0YJfCE0v5zJ
-gbp0tOnENh9ZXk6/fS8gVuckIe85PwwPKw4AEw48rEq7zAAoYWjoXsVQUQ==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBhH1OvS0iJkOelLlxzhWoedCebsPNtOr
+GYmyzNmTkbbGs6E9BU6pWiNPZYlxlbyXsD+m0kbqWrX0HaIsCO2BeqfASt83KYKz
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C20
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C20-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C11
+PeerKey=KAS-ECC-CDH_K-283_C11-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=4690e3743c07d643f1bc183636ab2a9cb936a60a802113c49bb1b3f2d0661660
+SharedSecret=04f2301ed85a5c91c31a7fd125854904340a55e34976a20743bd33d95e476450f301ee62
 
-PrivateKey=KAS-ECC-CDH_P-256_C21
+PrivateKey=KAS-ECC-CDH_K-283_C12
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg/vsd2hhFMStfzmuB
-sr4gWvLzonT1ohL2bA2fwz165TWhRANCAAQ4tU24VQDLIMYQVu3T2ItqncJngKBH
-8hOm4bkA92WW62OH5OV4FXHk64rmKZGjO13DMwHFvH4SXVN5SjkWDY/Q
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAd6fukqyTQbnSuWtNq4Z
+XCNgxyjrOMUO9TMynnDFrhn0ibbVoUwDSgAEBI1h4Lm4BkvMqM5A1PnmiyNoQTdy
+akTqdcjy+IUPAzP76YXmBfyro41R4hEra5805necEMDFWcPs0VYCKWbPkqjH9lAg
+p569
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C21-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C12-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEOLVNuFUAyyDGEFbt09iLap3CZ4Cg
-R/ITpuG5APdllutjh+TleBVx5OuK5imRoztdwzMBxbx+El1TeUo5Fg2P0A==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBI1h4Lm4BkvMqM5A1PnmiyNoQTdyakTq
+dcjy+IUPAzP76YXmBfyro41R4hEra5805necEMDFWcPs0VYCKWbPkqjH9lAgp569
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C21:KAS-ECC-CDH_P-256_C21-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C12:KAS-ECC-CDH_K-283_C12-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C21-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C12-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEMX4QIP9T/M7xi/R7t/Lddwf7e3p1
-eOBPNbO+7SIqDrYJQgzloZ13xv4e5YfmpJ+6+PKA6N8DPXVAMwLlon2yrg==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAScG7AoOdkJdirTg1VkwpEFuTdChr22X
+mHJSmI2grJYnV3y+BCFehxUSnMdjAXkXAdxf4avNZytqoZukx+Uy7nqRPupg28nQ
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C21
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C21-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C12
+PeerKey=KAS-ECC-CDH_K-283_C12-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=30c2261bd0004e61feda2c16aa5e21ffa8d7e7f7dbf6ec379a43b48e4b36aeb0
+SharedSecret=0643900f337ed362815f181e0628ed5184dad3e66a1f030e947f116696312d835f7f6e7b
 
-PrivateKey=KAS-ECC-CDH_P-256_C22
+PrivateKey=KAS-ECC-CDH_K-283_C13
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgM0rgxGk9I5Nafo4E
-PrveIeFop8uj+lB8m+QddoHgSc6hRANCAAQ/K/FYmr8wR78+VKyalTeb/5X49VQF
-9k7KNqfuvo/8p1ISqU5mxa6aiZGHL2anJyPYDsWy6SV0XEVvU3GUOzoG
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAV06Ii1XCcsznZPNKWUG
+ZPOb8yAcXR6G067495W5/d9H2MSooUwDSgAEAeK4jeN3KwnGPQNuDbukNSRph0l7
+YoPauMzxACSG3gcwJ3tDA84YK38M6iGgah1N6HIsv8WbnZ15vHYLnRfYVnFWGuqt
+1UlB
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C22-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C13-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEPyvxWJq/MEe/PlSsmpU3m/+V+PVU
-BfZOyjan7r6P/KdSEqlOZsWumomRhy9mpycj2A7FsukldFxFb1NxlDs6Bg==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAeK4jeN3KwnGPQNuDbukNSRph0l7YoPa
+uMzxACSG3gcwJ3tDA84YK38M6iGgah1N6HIsv8WbnZ15vHYLnRfYVnFWGuqt1UlB
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C22:KAS-ECC-CDH_P-256_C22-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C13:KAS-ECC-CDH_K-283_C13-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C22-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C13-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAERfsCss6518ednC+pPpx5Z8L6TfV4
-n5ZAskJkseUk/LFcbo7PH30wI4k7exyh5NF4ly7iojB1fdxWT/439cWjIQ==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBbsgvqT9hdAWJonFUAVAAUCbbHEtNWpS
+95PXiqLYJhpDxbbeAxvlyvyKrvGbhhUDQTp7c7YLN7AYBJPYLpQm9Htlhzk9CN4I
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C22
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C22-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C13
+PeerKey=KAS-ECC-CDH_K-283_C13-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=2adae4a138a239dcd93c243a3803c3e4cf96e37fe14e6a9b717be9599959b11c
+SharedSecret=063b1a3db331f91abd0af837db9d5f040620d1ddd7fccf8b58e0df43698351ea1942548e
 
-PrivateKey=KAS-ECC-CDH_P-256_C23
+PrivateKey=KAS-ECC-CDH_K-283_C14
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgLEveQCFPzDv8R9TP
-Q0timsvpFX+P0CglQDMd55Qs8J2hRANCAAQpwIB/EMvEL7RcmYnaUGge6tcW2qe5
-6R/TLgYvXrksoP8dbRlV1zdrLaJP4RY6JxZZE2NBvC6xGV/HBtxi5/NN
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAJjFcGZnku/aZfyeeQmT
+EVjf1Ed76TMy5JPWmGa2YCxJUd5voUwDSgAEBNxndP5Gqw7Sdo03nnVko3xrsd0b
+/FVXJ62Uwg9HMsq/KiyCBsbPD0IfkfyiK0hxIWqfH+OHjweRTpaulKx3C2di+dzg
+j/ot
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C23-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C14-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEKcCAfxDLxC+0XJmJ2lBoHurXFtqn
-uekf0y4GL165LKD/HW0ZVdc3ay2iT+EWOicWWRNjQbwusRlfxwbcYufzTQ==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBNxndP5Gqw7Sdo03nnVko3xrsd0b/FVX
+J62Uwg9HMsq/KiyCBsbPD0IfkfyiK0hxIWqfH+OHjweRTpaulKx3C2di+dzgj/ot
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C23:KAS-ECC-CDH_P-256_C23-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C14:KAS-ECC-CDH_K-283_C14-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C23-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C14-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEoZ73v/mK2ngYQvv8UaR6/zm1k1oc
-fZYlyNMj1RHJLebpwYTfdclV4C4C5AD/5F948znhr+bQVvsyRfRwDOYG7w==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAQo8okNbE1/+oIeSt/GbTuGBIHwpvhzh
+/erNtppmn5zd6RgaAkkIJ0semMbRl+0ng8PJU8Gzs0+kOosvV0JYTjf+pAcmm0O/
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C23
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C23-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C14
+PeerKey=KAS-ECC-CDH_K-283_C14-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=2e277ec30f5ea07d6ce513149b9479b96e07f4b6913b1b5c11305c1444a1bc0b
+SharedSecret=0516da1d64bc4b25ce4763e6438257d62fb1ffdeae16d68701d63b603ad53e8587927669
 
-PrivateKey=KAS-ECC-CDH_P-256_C24
+PrivateKey=KAS-ECC-CDH_K-283_C15
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQghaJo+dd3L5kMNrQr
-CjMa3JK1lB3guGLV2Jo0fL+PqrChRANCAASc9LmFgcoXeUU8yBb/KLQQCvVs8b8u
-W8MS2DtrGyHTM3pVBPysUjGg0S1lghgoSGginIRKBKNFDWxzgavggL87
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAPS220qHzdMAKcw76J5A
+ubywFNAQqRolLFbLKGcfNUqATLTYoUwDSgAEBm3fBIMf0ccrxItwkGHBrqqtGcna
+PYwVBvp3XU9aVBLu4ChtA6odExRv8ZJ5K3SlxkrTFQ+uNE+oMOD0RzPYZ/TgrgU1
+JsYr
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-256_C24-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C15-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnPS5hYHKF3lFPMgW/yi0EAr1bPG/
-LlvDEtg7axsh0zN6VQT8rFIxoNEtZYIYKEhoIpyESgSjRQ1sc4Gr4IC/Ow==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBm3fBIMf0ccrxItwkGHBrqqtGcnaPYwV
+Bvp3XU9aVBLu4ChtA6odExRv8ZJ5K3SlxkrTFQ+uNE+oMOD0RzPYZ/TgrgU1JsYr
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-256_C24:KAS-ECC-CDH_P-256_C24-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C15:KAS-ECC-CDH_K-283_C15-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-256_C24-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C15-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAENWxaREwEmlL+4K3rfl2CrlqoMDC/
-/zG7+M4gls8WHEtX0SjeiypXoJTRoAHlchc/luiGauNSvynN2vkvyFsvkg==
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBToN1hNeQ6EU5QAK7EC6JwmzphNzDxzC
+AGtEaTXiN7/Mw5TYA7Zs5s8BUH1GLu7/9iEb1MVgcBFsaQdGj3x2/gEUC/DV+3t5
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-256_C24
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-256_C24-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C15
+PeerKey=KAS-ECC-CDH_K-283_C15-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=1e51373bd2c6044c129c436e742a55be2a668a85ae08441b6756445df5493857
+SharedSecret=049c68c333b96705eee4a3def0d568b0d4faf24df2fc2f1bf40da0af0946240c38e97f74
 
-PrivateKey=KAS-ECC-CDH_P-384_C0
+PrivateKey=KAS-ECC-CDH_K-283_C16
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDA8wxIqaPDZUCetOMBn
-kWug64w4iU0i4bFWGLaBimYXdK1GOyBdqIz2matNQ8nPmKGhZANiAASYA4B/L20v
-2WbN0CkL1BDAGQNS++x/9iR94TAt+G8l00/kqXvvYM/1SDVcAV27Pl+6Jspp7C9b
-XZ2tIMydpxE4Op2+NOo/paKvdbRlAmKa1U3Yt9c6irsGo6O+R9ZQzJk=
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAauCxaYq5H7LzPZmzDMj
+s1EoxS0XvhG68721YAbl1Wi6rYu8oUwDSgAEAKBK16WDZmpAQ3+WiwLKx5RnRbTK
+lJAhxUQ963AYP4jhd4/gArtZHDLw2zQwNC8ON8RUScKTxU9rffb3l8CZLCgphYto
+Dyvc
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C0-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C16-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEmAOAfy9tL9lmzdApC9QQwBkDUvvsf/Yk
-feEwLfhvJdNP5Kl772DP9Ug1XAFduz5fuibKaewvW12drSDMnacRODqdvjTqP6Wi
-r3W0ZQJimtVN2LfXOoq7BqOjvkfWUMyZ
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAKBK16WDZmpAQ3+WiwLKx5RnRbTKlJAh
+xUQ963AYP4jhd4/gArtZHDLw2zQwNC8ON8RUScKTxU9rffb3l8CZLCgphYtoDyvc
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C0:KAS-ECC-CDH_P-384_C0-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C16:KAS-ECC-CDH_K-283_C16-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C0-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C16-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEp8drlww7X+iwXSg4rgSrR2l7nq9S52RZ
-Lv2if+dRMnJzRGa0AAka2/LWjFjgxQBmrGjxny4cuHmu1DqZabkaCDnEw4pJdJtm
-Hv7fJDRRkV7QkFoysGCZK0aMZHZvyEN6
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBtSm8+h7bYxJy+UXqXXSq4xjORNVltaz
+DMZcyAwShFCPSXibApY7NW8kNOwkm8tlie3k3jbOzTRQ5vXkd7/NwpraSu8PRaxT
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C0
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C0-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C16
+PeerKey=KAS-ECC-CDH_K-283_C16-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=5f9d29dc5e31a163060356213669c8ce132e22f57c9a04f40ba7fcead493b457e5621e766c40a2e3d4d6a04b25e533f1
+SharedSecret=04dd44c1a30edac2e39a5bc9902625880a18516385c90a9cc6b94c4f111e0260863ccab2
 
-PrivateKey=KAS-ECC-CDH_P-384_C1
+PrivateKey=KAS-ECC-CDH_K-283_C17
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCShgwhveBhZfjpAMaH
-+O8KBdFPKQs/B9izqMxkBDZuXVEZzW0D+xLcWOifE9+c14OhZANiAATqQBj1owfD
-eRgL9qYv0s7O6+631N8GOmb7g4qjUkNBl5H34snUgDyTGaoOsDxBa2Zog1qRSE8F
-7wKChN9kNvuI/+urzdaasBM+ZzWhvPs3ID0Q00CoMop7aHcMp1h4oaY=
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkABJUrxeRzHVpTOWQu1GK
+dwp1BEYXGjDt1sA4KhfmiAoa6luBoUwDSgAEArdmyZOzmNJCanoKSenQAQedD8Mh
+lxgcVurBgF5Ph8nfBV3qA257vTvpE51NQ6hlXvfVGgYtmUfRpIAQ7x6hDu3rJ/DR
+/+dl
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C1-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C17-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE6kAY9aMHw3kYC/amL9LOzuvut9TfBjpm
-+4OKo1JDQZeR9+LJ1IA8kxmqDrA8QWtmaINakUhPBe8CgoTfZDb7iP/rq83WmrAT
-Pmc1obz7NyA9ENNAqDKKe2h3DKdYeKGm
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEArdmyZOzmNJCanoKSenQAQedD8Mhlxgc
+VurBgF5Ph8nfBV3qA257vTvpE51NQ6hlXvfVGgYtmUfRpIAQ7x6hDu3rJ/DR/+dl
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C1:KAS-ECC-CDH_P-384_C1-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C17:KAS-ECC-CDH_K-283_C17-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C1-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C17-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEMPQ/zytrAN5T9iTxVDCQaBg5cX1Tx8lV
-0dae+vA0m3NjrLRHJAEBy7OvZkHOS4jgJeRsDFTwFip378wntup5IAKuK6gnFCmc
-hghXpoFTq2LlJewFMNgbWqFYl5gehYdX
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB2RS4Z16ELiFEj1QP10EM+Fj3xNP/7hV
+j4rCbPswYp+M+wk+BrOiSypLB3dw05a78VSvQe7jUDVzpt6a/g9tGLAvyXYcoWQ9
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C1
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C1-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C17
+PeerKey=KAS-ECC-CDH_K-283_C17-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=a23742a2c267d7425fda94b93f93bbcc24791ac51cd8fd501a238d40812f4cbfc59aac9520d758cf789c76300c69d2ff
+SharedSecret=0049c165339e9aeb2b516684b442921f1fef3091cf781e03fb3f56e93af1f3d6e500c81f
 
-PrivateKey=KAS-ECC-CDH_P-384_C2
+PrivateKey=KAS-ECC-CDH_K-283_C18
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDASz2oiOnI1JUODDz8Y
-Uw1cs38miAoLKUSCyKjvivrQmqeLfcLyeJp4xmr10cxVOFOhZANiAAT8/OoIXoz3
-TQ3O0WILqEI2lPkDohm7+QGwtZ1qyBuq0xaiQroyvehcskgRm4Uvq2aXLjxox6tA
-LFg28qFu1FGjMSCndQpgOfP/FTiO5iK3Bl9xIr9tUa77wps3sDQEWBs=
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkASAXuaBZn78TzuEIUKj4
+vQbMwAvSmsZ3nxvZM0ayLJgyfg+noUwDSgAEBCHGLcq1S6gA6vrCMvxzDOcPbVzF
+P/U9NxJpzwRtrq9FGzPnA9Y19VIz2jxJCpWcbmOpT82+Rx+/yhnSxaP9ErBNs4DD
+yJXM
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C2-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C18-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE/PzqCF6M900NztFiC6hCNpT5A6IZu/kB
-sLWdasgbqtMWokK6Mr3oXLJIEZuFL6tmly48aMerQCxYNvKhbtRRozEgp3UKYDnz
-/xU4juYitwZfcSK/bVGu+8KbN7A0BFgb
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBCHGLcq1S6gA6vrCMvxzDOcPbVzFP/U9
+NxJpzwRtrq9FGzPnA9Y19VIz2jxJCpWcbmOpT82+Rx+/yhnSxaP9ErBNs4DDyJXM
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C2:KAS-ECC-CDH_P-384_C2-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C18:KAS-ECC-CDH_K-283_C18-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C2-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C18-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEGu+/osbIyFWhohZ3RVC3miTNo3YHux98
-yQZlDuSzgW1o9qnHXabkJCzr+2ZS9lGAQZ0otyPrrbdlj867mtm3repnTx2j3Gtj
-l7VdoPYaPt2stKzbFEQcshSwSghEwC+j
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAY4Lt1FtLELp3ZbKr/XyC/3fPoYj/JR9
+TXBJFTZ5C4dBzdNyAywP/72i+oY8udFcNlRQINW7JNkw2vL+pFVffCTWrvuywB2S
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C2
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C2-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C18
+PeerKey=KAS-ECC-CDH_K-283_C18-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=3d2e640f350805eed1ff43b40a72b2abed0a518bcebe8f2d15b111b6773223da3c3489121db173d414b5bd5ad7153435
+SharedSecret=0645d7f4c5479baff5bc0cba654a3dcfda56c0e9d19f50f9d8d8c6357c09a140effbf223
 
-PrivateKey=KAS-ECC-CDH_P-384_C3
+PrivateKey=KAS-ECC-CDH_K-283_C19
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCN1IBjo6BYwzS1zHpM
-4H0C5e5tjx88UaFgCWLLq0YmkK482XT7OeQLDoQ9qg/TLeGhZANiAATjjJhGJIEj
-w0IYYepNMmaae1w8CDdq0oEEOZSUyE/176OJStssbL6MPJE+8u7FvTyfqEAkoQKH
-lt+EAh97bJ0C8PS9GmEqA8v3WgvupD/viuhLSMYBcqrfCcGtAW0L884=
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAE8ZfIVDLLQqF3ckmuQR
+70uyZXukutNa5ThjWhUcjWpWT5zKoUwDSgAEBAyIkk1aJKhT+uQIrqWzvIJ9cxX7
+tY5uofamVnfdTE0wS9dfBUuChpraRDP3II+FcPJPBstkBG6KwIasV9Nwf8iCxjUn
+M9/2
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C3-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C19-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE44yYRiSBI8NCGGHqTTJmmntcPAg3atKB
-BDmUlMhP9e+jiUrbLGy+jDyRPvLuxb08n6hAJKECh5bfhAIfe2ydAvD0vRphKgPL
-91oL7qQ/74roS0jGAXKq3wnBrQFtC/PO
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBAyIkk1aJKhT+uQIrqWzvIJ9cxX7tY5u
+ofamVnfdTE0wS9dfBUuChpraRDP3II+FcPJPBstkBG6KwIasV9Nwf8iCxjUnM9/2
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C3:KAS-ECC-CDH_P-384_C3-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C19:KAS-ECC-CDH_K-283_C19-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C3-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C19-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEi8CJMm7FW5z1mzTw63VNk1lsopD8s0RM
-g9TeOlYHA37Dl2g/jO8H6rL+NX6uNsRJ2dFs6KyFs/HpRWhSGq5TTmcTnjEOxyaT
-Umqi6Se1syLJWhoDPCKctncMlXzTFI3X
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAkq7FV5JEkKC6jLltURiGum1E6oEdto7
+3bdSYNX1+i57iYmHAb37CgeaVbz84cqLzjAZy8rmFkADOEFm67sLtzNTlWWtxEbz
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C3
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C3-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C19
+PeerKey=KAS-ECC-CDH_K-283_C19-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=6a42cfc392aba0bfd3d17b7ccf062b91fc09bbf3417612d02a90bdde62ae40c54bb2e56e167d6b70db670097eb8db854
+SharedSecret=028017c2a0240fd746ee72a0bcae1e53e05b7af254298094c381e735523854ea5fdd4f5c
 
-PrivateKey=KAS-ECC-CDH_P-384_C4
+PrivateKey=KAS-ECC-CDH_K-283_C20
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCE7ObMNCkwm9WyPpWX
-k+0rER7Fy0O2wYCF/K6p76BoXZimJi7g0zDuJQvIpn0Ocz+hZANiAAQyIgY6KZez
-Au5g7hlhEI/0x6zxwO8dX7DRZLhLznHEMXBcua6ppF9dc4BmVaBYvuPmH6nn++fN
-Q6v5lZaj06A56Z+p3JOwvdnK2Blm0X7q9VcGivp8eEZrtbIgMtEQD6Y=
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAU6JNIPR2LdiHPSL0kvI
+oblbtAoIwWwyh0plK1miJSE5Qo2soUwDSgAEAVdOF84mMRxAq/MkP0iJournSoNB
+qng4VRBW9DlbjwK9wye+AIbln5hTSPP415U4ALHXXhQVISScQ/4GFpE9tdHUvVQA
+q85V
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C4-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C20-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEMiIGOimXswLuYO4ZYRCP9Mes8cDvHV+w
-0WS4S85xxDFwXLmuqaRfXXOAZlWgWL7j5h+p5/vnzUOr+ZWWo9OgOemfqdyTsL3Z
-ytgZZtF+6vVXBor6fHhGa7WyIDLREA+m
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAVdOF84mMRxAq/MkP0iJournSoNBqng4
+VRBW9DlbjwK9wye+AIbln5hTSPP415U4ALHXXhQVISScQ/4GFpE9tdHUvVQAq85V
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C4:KAS-ECC-CDH_P-384_C4-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C20:KAS-ECC-CDH_K-283_C20-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C4-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C20-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE65UuLZrAwgxsxI+yJcKtFU9TyHULAD/T
-tO2O0dwN76xhvN3gKivP7nBn1100LtKw8YKCBbrs6C0bJn0Nf/L5yeFbaact9HBY
-qX84kQBdH7OIWPVgPehA5ZHfpPbn1Inh
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB1J1EryTSTjMUkDOcO9lIi24XBPJYcHz
+H5FCBQZ9ZLGkyFMUAqq9uB/+0sABrLtNC3vlOTBOMuQx4C34sZKtdO0bSwYGv8kL
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C4
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C4-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C20
+PeerKey=KAS-ECC-CDH_K-283_C20-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=ce7ba454d4412729a32bb833a2d1fd2ae612d4667c3a900e069214818613447df8c611de66da200db7c375cf913e4405
+SharedSecret=02603c00998deba52db12814b1f77b2120cbc1dca59009c0d6ea40dcbcabca32c50380d8
 
-PrivateKey=KAS-ECC-CDH_P-384_C5
+PrivateKey=KAS-ECC-CDH_K-283_C21
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBo/OISHcOh43sQ8d3j
-Cfni4Y+sR80XcJUUUcNITNt3yxNtAOcxJgWXzChZYBwBoluhZANiAASGi+DmlIQY
-MOQk2RPY59hrhO4QIdgrDs9SPwn+iadsDJXEny37z4KcHjlwnVXvuzuRlesYNnW0
-D9kvUfN3EzF+SptPcVyKsi4Hc7G8cdOiGfBbgRYHRljuhrUuNvOJcRY=
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAetvbJGogKVGIYXGpwDo
+Y3uPRH0J0bJRRg/lfxv0Yu/d3a7AoUwDSgAEAxswJhBDiDdM+3x7TvZCEaR+ILlW
+Gju8pTUWBAt72ig3MJRUAk+K6yOjXhwiIllnx5EYaMhO/dhz27zLx2Pq1n5yojJK
+pMby
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C5-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C21-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEhovg5pSEGDDkJNkT2OfYa4TuECHYKw7P
-Uj8J/omnbAyVxJ8t+8+CnB45cJ1V77s7kZXrGDZ1tA/ZL1HzdxMxfkqbT3FcirIu
-B3OxvHHTohnwW4EWB0ZY7oa1LjbziXEW
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAxswJhBDiDdM+3x7TvZCEaR+ILlWGju8
+pTUWBAt72ig3MJRUAk+K6yOjXhwiIllnx5EYaMhO/dhz27zLx2Pq1n5yojJKpMby
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C5:KAS-ECC-CDH_P-384_C5-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C21:KAS-ECC-CDH_K-283_C21-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C5-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C21-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAERB0CniROtxaNZH1N9Q219OSXSrP9rwIq
-/wWLNpXQuMgUzIjaYoXcbfGsVcVTiFAD6AJawjpB1LHqKqRsUMbkeZRrWbbXZJfN
-kkmXfgv+SmJiYi8T1Co8Q9Zr27MEA8NF
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB+wp2i8wTOuo1eJJ62BUpOT1lTTuWdJc
+HcDhLMOPdouD2v/uARLH1KN/7IQicaCoItN2N+btVRkHEwAa7+EbBvfh004A/N7L
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C5
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C5-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C21
+PeerKey=KAS-ECC-CDH_K-283_C21-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=ba69f0acdf3e1ca95caaac4ecaf475bbe51b54777efce01ca381f45370e486fe87f9f419b150c61e329a286d1aa265ec
+SharedSecret=026a719bff31da4b4ebaed7bd043064f9c3930b5774c4a99809332c808aacba4b9e3733a
 
-PrivateKey=KAS-ECC-CDH_P-384_C6
+PrivateKey=KAS-ECC-CDH_K-283_C22
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCxdkxUiX56rm3p53Uf
-LzfehJKR+I8PkQkxVbhY0cwyo6h5gPcGuGzIP5J739vq4L2hZANiAATDcSIv6qZ3
-DG8+o+DayXQN70/PghN4t/kf+TfCHgRw9w86MdXGspEhlfEJJpQrSK4EfWtNdlEj
-Vj+BEWvGZbe4zGIHgw2AX9hNp8uAWmW6p8Ev1ZLRtbXj5l2WcqnvdmI=
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAUe+TjhmfjKmphq5gM7Z
+LkJpWSWxE8aUp5YK7eouHVcaQtPeoUwDSgAEBvWZ8MFJRXoy8aL/q9Tf+RYlk4KR
+K2QCtQzfXCNf3Rt5Dl6vBMzx2KS/63f/MpDmWsYB7luX/BsYaaLrnwt2J36AZsCG
+d2xA
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C6-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C22-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw3EiL+qmdwxvPqPg2sl0De9Pz4ITeLf5
-H/k3wh4EcPcPOjHVxrKRIZXxCSaUK0iuBH1rTXZRI1Y/gRFrxmW3uMxiB4MNgF/Y
-TafLgFpluqfBL9WS0bW14+ZdlnKp73Zi
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBvWZ8MFJRXoy8aL/q9Tf+RYlk4KRK2QC
+tQzfXCNf3Rt5Dl6vBMzx2KS/63f/MpDmWsYB7luX/BsYaaLrnwt2J36AZsCGd2xA
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C6:KAS-ECC-CDH_P-384_C6-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C22:KAS-ECC-CDH_K-283_C22-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C6-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C22-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEPU5r8IpzQErMwWKYc0aOQmnoLZDYMuWK
-1yFCY5taBWrY01xmxg6BSfrAx5e863wvmwMI3H8ObSn4wnesvGWiHlrbg9EeaHO8
-Cgf9oJl/SCUEYC9Z4QvFy0drg9Ck915x
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBh71k4nt+PgnOmYqQZVBHpRIuxt3+wgA
+vlJetaagOxlmVxmpApaG+Ed/tcdp77CCyz8aDHnbVcsmTiESwOd557VY9wBFgWoQ
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C6
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C6-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C22
+PeerKey=KAS-ECC-CDH_K-283_C22-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=1a6688ee1d6e59865d8e3ada37781d36bb0c2717eef92e61964d3927cb765c2965ea80f7f63e58c322ba0397faeaf62b
+SharedSecret=048c48c993040619536f45482c494a39b32e75fe69e478ba06e376228b79eb83d3ff9168
 
-PrivateKey=KAS-ECC-CDH_P-384_C7
+PrivateKey=KAS-ECC-CDH_K-283_C23
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDw96lucNmP1aMK1kBs
-9W61typRDp8ZL1Dh+EUk2/PSQ59yh7s29aqRKnneqrSt6oKhZANiAASZyMQcsate
-CFSjRuSwilN8FwamFVM4fI2UlDqxUZbUDbqlW4IQp3pdAJFfLE6mnqtVMQZb3PF7
-+zy1WgLkGlfH9pTDg60on5APvWVsIjOpPJLpM+eib1TLtW8K2HXFG7A=
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAeGQC+Ya235VVZ2ZoLfZ
+NURW9RUeL9e4PABbELFgBOvodsBooUwDSgAEBC7Mmf9ItT9mGbSEr4+lmyNKmByc
+PpEHu9HNqszoGIXQbgKpAYPaDX/ufz5w4Rfw6KSnQsrRCu/NxKq5uzFFgjdoavtP
+rPOp
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C7-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C23-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEmcjEHLGrXghUo0bksIpTfBcGphVTOHyN
-lJQ6sVGW1A26pVuCEKd6XQCRXyxOpp6rVTEGW9zxe/s8tVoC5BpXx/aUw4OtKJ+Q
-D71lbCIzqTyS6TPnom9Uy7VvCth1xRuw
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBC7Mmf9ItT9mGbSEr4+lmyNKmBycPpEH
+u9HNqszoGIXQbgKpAYPaDX/ufz5w4Rfw6KSnQsrRCu/NxKq5uzFFgjdoavtPrPOp
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C7:KAS-ECC-CDH_P-384_C7-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C23:KAS-ECC-CDH_K-283_C23-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C7-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C23-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE9fa+8dEQ2gO+ABfqx2DMNLJNCS9zbyN7
-xwVLOGUxKoE7y2LSl/sQpPer9UcI/i09Bv3419wDL04QAQvxnL9hWTISUv9BX7kZ
-INQ48k5n5gwusEYyBGefo1avRM6pyev1
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB51XYO5u+XhRi7zlNrAxxlWorPVgRJe6
+Q94L62h3pUfD7dRYBCGzBR3TY5bSD/zXzzT8oCJRbdS/+sc/yZWunqgUzg5AJ/fG
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C7
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C7-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C23
+PeerKey=KAS-ECC-CDH_K-283_C23-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=d06a568bf2336b90cbac325161be7695eacb2295f599500d787f072612aca313ee5d874f807ddef6c1f023fe2b6e7cd0
+SharedSecret=05d85b16bb2a0d32c73d1402838bdfa512d744fa88c74d3d90cf714c2480e03363d5c6ec
 
-PrivateKey=KAS-ECC-CDH_P-384_C8
+PrivateKey=KAS-ECC-CDH_K-283_C24
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCe+4fdxh1DxIK6ZuGx
-Q672ePvQ0b68IACUH6vmd/5bcGv3j8420QCxfMeH6tdLvKKhZANiAARMNO/ujwyV
-Vl0gZdG7rCot0lrpZDIOtrzO3F86m0KogaGvyhu2uIBYT6J7AcGTzZLY+wHb980K
-OGjCa5UfOTw8VsKFjO6QH3eT/10nGSXROkH45SQJ9OuhmQ8zrLC6xmk=
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAHfkGrLQnDTFiKvHbUMS
+YC5x9gAZAnuYbg3tNyU1wrapM6UzoUwDSgAEApIzI/FwB0Ii06aih62v09H+EnFd
+V7kbH/R2orT8w4XeJh7MBMxJjWfGJnzHxMLUClbNwqbnFe3YsqlhTusz0Lb9Fiy7
+hacU
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C8-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C24-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAETDTv7o8MlVZdIGXRu6wqLdJa6WQyDra8
-ztxfOptCqIGhr8obtriAWE+iewHBk82S2PsB2/fNCjhowmuVHzk8PFbChYzukB93
-k/9dJxkl0TpB+OUkCfTroZkPM6ywusZp
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEApIzI/FwB0Ii06aih62v09H+EnFdV7kb
+H/R2orT8w4XeJh7MBMxJjWfGJnzHxMLUClbNwqbnFe3YsqlhTusz0Lb9Fiy7hacU
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C8:KAS-ECC-CDH_P-384_C8-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-283_C24:KAS-ECC-CDH_K-283_C24-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C8-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-283_C24-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEfN7Hfgc36jfGe4m3E3/jiBgBD0RkQ47k
-0dNaDEiMrT/eLzfQCIXTbTt5W5+T0jpnKMQu6NYCfFbPl5ukwin9sB0jSUT4rEM2
-UBEsPPDwKEToiKNWnf73goqKiEWJqgVe
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAkeE09PV6AIf/tiicJqfVNU5XZj6RCpl
+WgXdlCYrYDWW+L/xA+jjngjM5V4b7S3+DS+MFBsGQB26A37LOEdEkwyBeNFGQWMk
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C8
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C8-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-283_C24
+PeerKey=KAS-ECC-CDH_K-283_C24-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=bb3b1eda9c6560d82ff5bee403339f1e80342338a991344853b56b24f109a4d94b92f654f0425edd4c205903d7586104
+SharedSecret=066abb838b5f12b6fc15ceb745600686bc2d5773e53469c2ee920cfba5459a1cab20d153
 
-PrivateKey=KAS-ECC-CDH_P-384_C9
+PrivateKey=KAS-ECC-CDH_K-409_C0
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDXh6V/3iLsZWoKUlzz
-xzizDXOvYedD6pCJPsste2Iq3S+U7iXCFxRnr7CT8/hNABihZANiAAQXFUaSO4ey
-y7rWZPAc6TK/CdamEYFoZ4RGv6nwk4YIy0ZnqY9OyKwUYihcJQj3SGL6QctNtorn
-Hx+KPok53FLC3sYag8mDvrKgK68p7EkngIiILtDPVsdLXBc7VSzPY88=
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMIS3EePGCCLnD6aCi1
+q/sORIiIs1sMi7CfgGYW3B7PIt2GI32TfBv95it1rmVZU/xrL36hbANqAAQAaKP4
+sS4C0Q4vUglVJrxASLj2rDqEUxdyhweJk48a7/gT4F5QnqlYfSt+SqFDRLrD7Ebw
+ANHOtAx9XzKX4pVfDz6xQis+a7v79+tRi5wXro1A/rhKrzb15b2WB1srTb5TisAR
+lirHBQ==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C9-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C0-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEFxVGkjuHssu61mTwHOkyvwnWphGBaGeE
-Rr+p8JOGCMtGZ6mPTsisFGIoXCUI90hi+kHLTbaK5x8fij6JOdxSwt7GGoPJg76y
-oCuvKexJJ4CIiC7Qz1bHS1wXO1Usz2PP
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAGij+LEuAtEOL1IJVSa8QEi49qw6hFMX
+cocHiZOPGu/4E+BeUJ6pWH0rfkqhQ0S6w+xG8ADRzrQMfV8yl+KVXw8+sUIrPmu7
++/frUYucF66NQP64Sq829eW9lgdbK02+U4rAEZYqxwU=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C9:KAS-ECC-CDH_P-384_C9-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C0:KAS-ECC-CDH_K-409_C0-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C9-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C0-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEju6joxnI35n7wpy1XyQ6cg2VUJUV7lzF
-h6XFriL7vQCeYm2z6RHe8LmaT3rjBLG6c4d9yU25rd3A2aSyTol2wi1zyEQ3Dh7o
-V/jRsSmjvV9j9AyvO9BTPjil9XdwdP+e
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAXf3NvYRYyDK+7W03sIC1AUIGC/gERib
+geHzmY9UCGB6RrsVCsR7yqr95HuKe3L0eLwi0gHfTvSzfgEk5Vtn81ht4kqIpsXZ
+iFQAfUsMS0zNaNUfr6dji75VXWC3Te8hfGpjxbQGj7c=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C9
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C9-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C0
+PeerKey=KAS-ECC-CDH_K-409_C0-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=1e97b60add7cb35c7403dd884c0a75795b7683fff8b49f9d8672a8206bfdcf0a106b8768f983258c74167422e44e4d14
+SharedSecret=0176bc5c4036ce5125493a58dd265f04d190f028366f7799f70aedf29ac67b5b37c37238593377a47944f5b639f43856dbd560ec
 
-PrivateKey=KAS-ECC-CDH_P-384_C10
+PrivateKey=KAS-ECC-CDH_K-409_C1
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCD1w97Fk2fTCJ8dnBG
-sg6zTfx3j1OH4y6DSx5trsIO24ylu0GSCT9UO2jmrrfOeIuhZANiAARXzXcPO7y+
-DHjHcOqwsWm8ReE5+GN4/64cKxaWZyfC8utyRXK48+sijRMNtP+GLGN+xciBO2hV
-WNg+kk8UvHGfbreuDLssR0Inxb2ohjek8mxkgXkpr5mVktpveHSQMy8=
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNlGIu3eW5FH0RyehoG
+dEQN0z0litL9x7mPr2SxHn6M5ejCHnmfH/L9KdTJSqFYliBopZ+hbANqAAQAMsV2
+hFLzwfO8VIeTea1CCJEmd0Kzf7CW7nuMIc7tAEHpRwzsO+3LeZ6QvbsxGSCD/wNE
+APnGEikn+4JCRtHcHOD95xpoSagtQQZdodhSVqmxl5v38oY2b8izJIk+vjTlnARg
+BzmUFA==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C10-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C1-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEV813Dzu8vgx4x3DqsLFpvEXhOfhjeP+u
-HCsWlmcnwvLrckVyuPPrIo0TDbT/hixjfsXIgTtoVVjYPpJPFLxxn263rgy7LEdC
-J8W9qIY3pPJsZIF5Ka+ZlZLab3h0kDMv
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEADLFdoRS88HzvFSHk3mtQgiRJndCs3+w
+lu57jCHO7QBB6UcM7Dvty3mekL27MRkgg/8DRAD5xhIpJ/uCQkbR3Bzg/ecaaEmo
+LUEGXaHYUlapsZeb9/KGNm/IsySJPr405ZwEYAc5lBQ=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C10:KAS-ECC-CDH_P-384_C10-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C1:KAS-ECC-CDH_K-409_C1-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C10-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C1-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEpyH2otRSdBGDSxPU06M8Kb64OrdoJGXG
-y69mJKym6ljDDrDyndhCiGaVQA1yVPIPFLpuJjVRCa01EpNm1eOmQK55hQWn+lWp
-aja12tM94AR09mcPUiIU3XlSFAqwp+to
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAQxMaKnxpioyZVa22XennNnER2wFsa3U
+os/TBoJJo8OSOCJCjTUsXXTl1krM7tvapu++TACGaulA3TG15uPyCztNh6agLHgX
+PICqUQpu3/hSxinmBk3118YA/Zjljo6MZiu0uWyLqQU=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C10
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C10-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C1
+PeerKey=KAS-ECC-CDH_K-409_C1-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=1023478840e54775bfc69293a3cf97f5bc914726455c66538eb5623e218feef7df4befa23e09d77145ad577db32b41f9
+SharedSecret=00575d9e7f70a4a1c5c807b6b5d6b7330bdd764db2aa60f3bfe497e6bfe90f038fb4f6acf7ac06efc3d157c3dc907b2ae093c6a2
 
-PrivateKey=KAS-ECC-CDH_P-384_C11
+PrivateKey=KAS-ECC-CDH_K-409_C2
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCPVY4FgYuI7Tg9X8qW
-LlNBPbGg5GN+2hlPdhlEy+oRSrnV2hdafVeIJVCw5DLzlamhZANiAASaL1f0hnzn
-U9crDZUZXfb5bB+uk09gLv17alRYL1Vs+lOdiQBcou2sCK2bct0fYLrZuU7oLanM
-YB80YESZi6OHruVkBNxuzIqytZBEMxnQsrYXb50OrC1EZ47VYWB9Cak=
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNssXw/whq0jlw3F8eR
+EY1HYeLFGYa/FHlCVU3FoYv5u2xnvbupCKHouo53kPWaOXE09oOhbANqAAQAK4kE
+GK/FeXyXRqRMoFk2euBmO88FgVaGDGE+4F4R2j8veZxwpo/nL9XawkadqhgQcCne
+ATVpBLGXv54GV/Q0nSUruzdcZiBvwNgxJZm9vv7oYI7JSNzkhoB7qlNe0GrayceX
+Y0cRqw==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C11-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C2-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEmi9X9IZ851PXKw2VGV32+WwfrpNPYC79
-e2pUWC9VbPpTnYkAXKLtrAitm3LdH2C62blO6C2pzGAfNGBEmYujh67lZATcbsyK
-srWQRDMZ0LK2F2+dDqwtRGeO1WFgfQmp
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEACuJBBivxXl8l0akTKBZNnrgZjvPBYFW
+hgxhPuBeEdo/L3mccKaP5y/V2sJGnaoYEHAp3gE1aQSxl7+eBlf0NJ0lK7s3XGYg
+b8DYMSWZvb7+6GCOyUjc5IaAe6pTXtBq2snHl2NHEas=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C11:KAS-ECC-CDH_P-384_C11-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C2:KAS-ECC-CDH_K-409_C2-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C11-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C2-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE2IKoUFwtXLm4hR/Gdmd7sAh2ga1T+s66
-Fzgoa0WCdWHn2je4gCdsZWz8OLMq3oR+NLMUvcE0V1ZUVzz/r0BEXaLmqvmH9+kT
-zUwwkVIwWJhKJdjyHagyYZJFbGoPpfYM
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAeTVgNXprYFnHGzWYtVWm6/k11qk9Emu
+1WvYAGGVIMnzLE4jDE2RscQR+QhtUpG6E3AUogAMj/tCOS/zl7vUZ5cvPtJR1aB5
+ll2gsdKjzBbDHSVdzpiGk3styUHqsNi+i7zRWqbtltY=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C11
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C11-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C2
+PeerKey=KAS-ECC-CDH_K-409_C2-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=6ad6b9dc8a6cf0d3691c501cbb967867f6e4bbb764b60dbff8fcff3ed42dbba39d63cf325b4b4078858495ddee75f954
+SharedSecret=00ce87aa5e7700384df59d3f1075d282c1aa511391c42ef609b8de1264eca8f7737df91565c73ee884ea882d47c56d979141f0f2
 
-PrivateKey=KAS-ECC-CDH_P-384_C12
+PrivateKey=KAS-ECC-CDH_K-409_C3
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAPXe4K/6e78jnV3/Mp
-h+u3z4T8zu1kPh08YtCzNSrsI7blrH+kEFyMsmEmrS0YksuhZANiAAQjNGvfvJ18
-fHNuAr32B2cf9ggv3SczSovHXzsjaB6+YU0Fl91hT65YZ3yDWp8LJzuCujYpDS+U
-20FHnrRatOr2eSiiMVE41Z7sybUoXf3dZxT3dVchbqRMxvwRnYJD768=
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMR1DvAjanOXe/JS075
+DZMk3ggDR/9N+GZF0yVgOi3/0o7K8HdexTyvWlVOr4toSH34hlShbANqAAQBJXtq
+vUcNKUtZ3a7azVRdz0OAiviQ9XYoiAM0L8Yes5b1YK90NC4Qu5TSJMJNjlkA5bly
+AdzK2X7O9Dh6HPUSsW3VvHq2FfvFCHrBnV/Cdi9hW0kE6jk0O7sYXbZKGff3Ds8N
+VXsV6A==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C12-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C3-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEIzRr37ydfHxzbgK99gdnH/YIL90nM0qL
-x187I2gevmFNBZfdYU+uWGd8g1qfCyc7gro2KQ0vlNtBR560WrTq9nkoojFRONWe
-7Mm1KF393WcU93VXIW6kTMb8EZ2CQ++v
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEASV7ar1HDSlLWd2u2s1UXc9DgIr4kPV2
+KIgDNC/GHrOW9WCvdDQuELuU0iTCTY5ZAOW5cgHcytl+zvQ4ehz1ErFt1bx6thX7
+xQh6wZ1fwnYvYVtJBOo5NDu7GF22Shn39w7PDVV7Feg=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C12:KAS-ECC-CDH_P-384_C12-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C3:KAS-ECC-CDH_K-409_C3-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C12-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C3-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEgVyddz2/X7ahuGeZlmJH9ABqI8kuaMVe
-nqqZixfYgy3U2E2SfYMdT2jaxnxkiCGf55JplIsmEUhFYP1JD+7Ih8tV75mktSSI
-D6dJnWoHKDquKvoz/quX3spAvGBsTYdk
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEALfRk1TK3MlHCCZ67Ysj5ITjKgOBSwJq
+gA9boB6SBMQwUuTUfG/NkjKWVODpAVsBL3k0SgF5lcFXlsWuk+CiB6JwcAT7saSa
+DUf9QE8S1XhJ2Dl81NLG0rS5D4ZEA9Ss0Woyt/9Id7Q=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C12
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C12-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C3
+PeerKey=KAS-ECC-CDH_K-409_C3-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=cc9e063566d46b357b3fcae21827377331e5e290a36e60cd7c39102b828ae0b918dc5a02216b07fe6f1958d834e42437
+SharedSecret=00691dd6b5177702d6a0b1f8b07f3b018478680de7ee079272ff75659335c96afcea7650caa01f996aa37946b78e14a83e579fb4
 
-PrivateKey=KAS-ECC-CDH_P-384_C13
+PrivateKey=KAS-ECC-CDH_K-409_C4
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDADe2M7W4uoV8D8hWVo
-aCMuL+v1lXhxg5G4HahUGgC/5TwwrgQVGEfydJn416utjPShZANiAASIeKyKlH99
-XLK0eq0k+7ghDYYSZYU5mihx+Eqpxf3jB0rlQMa/gidcqCLQ/rhivHRjL1zS+QDC
-cRwy+JMHKOtkfTHt2NZQ+WVOfTPl7RtHVInQjaow2MvLpr/Dtg2bWjc=
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMNayWWVtUmd33ttSRq
+GS8MBccnCjtOZKnWyHfNBtKWKhrITsLYl2X5Z/YETy36VpAxB/OhbANqAAQBk6+h
+O9Hggc7l3xKG/kSik7fRsQwpCl8q574tAnNgCaJtg6qqkBeoyL9g76Ffzq0Hdn1I
+AdAv1mp4BsTIRF+mFSVP8yu5wdhaOQT5OcEGHiUNPrZBMTCipVcJlHlTEOltw6/z
+uCGK0w==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C13-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C4-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEiHisipR/fVyytHqtJPu4IQ2GEmWFOZoo
-cfhKqcX94wdK5UDGv4InXKgi0P64Yrx0Yy9c0vkAwnEcMviTByjrZH0x7djWUPll
-Tn0z5e0bR1SJ0I2qMNjLy6a/w7YNm1o3
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAZOvoTvR4IHO5d8Shv5EopO30bEMKQpf
+Kue+LQJzYAmibYOqqpAXqMi/YO+hX86tB3Z9SAHQL9ZqeAbEyERfphUlT/MrucHY
+WjkE+TnBBh4lDT62QTEwoqVXCZR5UxDpbcOv87ghitM=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C13:KAS-ECC-CDH_P-384_C13-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C4:KAS-ECC-CDH_K-409_C4-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C13-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C4-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEHA7tp6K+AAxb3NoEeK7U23M9Kp40EiQ3
-kSOthHAw8p47Fo+hjomjwPuips4cKPw77Iwcg8EYxNvqlCcYafLYaOtl6LROIebx
-Sw9NmzjAaNrvonEUJVuaQdCEzEoa2FRW
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAPKhHM06U8leqY8xRPt31KaE+aH0I+uB
+46i/viK2gPIYcPWMrraUbGs7hzaZz/0xQGP0CAD98m7t5sunJIJAcgkGzgdsxDIt
+GLx2g9IkC6aEds55AieAsvpU4PfHZSi3f6Yx/lq7W5U=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C13
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C13-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C4
+PeerKey=KAS-ECC-CDH_K-409_C4-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=deff7f03bd09865baf945e73edff6d5122c03fb561db87dec8662e09bed4340b28a9efe118337bb7d3d4f7f568635ff9
+SharedSecret=0136f5c04cf9a56db24ad99bd286feb800aea38d44f819be1c2a9dba15c635c4e122893570233a4c5754a41499eafa39a35aa57e
 
-PrivateKey=KAS-ECC-CDH_P-384_C14
+PrivateKey=KAS-ECC-CDH_K-409_C5
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDj0HEGvtzAlufZFjD/
-0wlN8seFnbjX7bsuN7SsR/QppjfQamfS+6M4OHZO8gNGSZGhZANiAATnShorhfHL
-+Nu98FDPGv+KywL9ovtlkfnTz+TnnQrpOKnBSD57dfjbJFBdZQZc2xgXc+5ZGCL3
-q6qFahpgvApSA1SNvRy1AlRm7/hIG9B2FOqgShbD23aQWRPpcqW2tZ0=
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNL9zUbGVh10B9jBsoS
+fbihpfWXcZwNEOHWj11IVb8HYFeQaR/NDYtdsTfT/CZ53nWgZ4GhbANqAAQB04Zk
+WqpI4v0JUOaprOnf9iyPXpTNukW9c8a+a/e3Y6LJqAeEYxLaOrghwEmsCGH4Izfw
+ACpkNu+KEmGuzDjIIdp3Sjkf3Md1DJQ32d/mTIIzUIE5mfD9Twfx1tmAdAmGErxS
+BEJJ1A==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C14-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C5-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE50oaK4Xxy/jbvfBQzxr/issC/aL7ZZH5
-08/k550K6TipwUg+e3X42yRQXWUGXNsYF3PuWRgi96uqhWoaYLwKUgNUjb0ctQJU
-Zu/4SBvQdhTqoEoWw9t2kFkT6XKltrWd
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAdOGZFqqSOL9CVDmqazp3/Ysj16UzbpF
+vXPGvmv3t2OiyagHhGMS2jq4IcBJrAhh+CM38AAqZDbvihJhrsw4yCHad0o5H9zH
+dQyUN9nf5kyCM1CBOZnw/U8H8dbZgHQJhhK8UgRCSdQ=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C14:KAS-ECC-CDH_P-384_C14-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C5:KAS-ECC-CDH_K-409_C5-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C14-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C5-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEyVwYXiVr+ZfzCzEVSK5/doo43uQ+7u9D
-CD8wd75w4r85rB1NrzYMUUyMa+YjRD0aPmOmY+r3XYp2WrK5o1UT15M/peJkIKUk
-RVDsbDtvAzuW2yrKPWrGqrBSzpKVla6l
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEARdEn76mstX06OTTmnIoQkzwb0Vr8645
+vB+yqZ5Bg7cW4ZT8UHRlZk0AnVvO46QmupMsEAEUbTK3DwnmX89p65rmYWLRC9BD
+ad6OgYf6nD0bXdom8QtGnNSSXKN+CZRBV1fmiV5YgUU=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C14
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C14-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C5
+PeerKey=KAS-ECC-CDH_K-409_C5-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=c8b1038f735ad3bb3e4637c3e47eab487637911a6b7950a4e461948329d3923b969e5db663675623611a457fcda35a71
+SharedSecret=004f684f9d559d16485f0023bf012006265ed81f06fbc1441334a559e5500a3f77603565013694023e0d8f44fd12dcf69eb8d654
 
-PrivateKey=KAS-ECC-CDH_P-384_C15
+PrivateKey=KAS-ECC-CDH_K-409_C6
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDz+bDGWkmlBmMsikWx
-D2a1MW+e6wb64hjy2mIzP5mQURexQcdg6JdO/ErxBXBjV5GhZANiAASkrXeqfYbl
-NhEYprkhcQyCByEhBxL0w0eYX97liqTv+h4ovoChexILE5+WMA+JtJsd3yLgfgPx
-Vg2PRaSACUVg26n65/lTETDBtX67lZgkllJPMdN5d5M5b6gj8ivbQyg=
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNp2mWQEDRcaQD97LMd
++bq+2+QlM5gpCzQBL7E0vFkUdXLmKmD1yszth7D40f98BJ3+lpKhbANqAAQAOGhw
+GffCGd3ZVnsg9eoeilBFHdQL9bZfey4TPebzbko/j6L5d+/pIPhF0XbIpXAjzFXC
+AUk5f7xCus+FxZ4EU13x1ScVdh7qmX1P+HIEhmzcPUpUwkJa0hSnoN1ZL0qZGrdo
+yPQEvg==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C15-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C6-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEpK13qn2G5TYRGKa5IXEMggchIQcS9MNH
-mF/e5Yqk7/oeKL6AoXsSCxOfljAPibSbHd8i4H4D8VYNj0WkgAlFYNup+uf5UxEw
-wbV+u5WYJJZSTzHTeXeTOW+oI/Ir20Mo
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEADhocBn3whnd2VZ7IPXqHopQRR3UC/W2
+X3suEz3m825KP4+i+Xfv6SD4RdF2yKVwI8xVwgFJOX+8QrrPhcWeBFNd8dUnFXYe
+6pl9T/hyBIZs3D1KVMJCWtIUp6DdWS9KmRq3aMj0BL4=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C15:KAS-ECC-CDH_P-384_C15-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C6:KAS-ECC-CDH_K-409_C6-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C15-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C6-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAENJcjin5q0WbfLawDmqTayNF6qSXnx2Me
-s7VuOqocVF/NVNLlmFgHkQ+yArH8GR0qpJ5cSH3MeqQKjyNMl5RGBA2RdOOtNX1A
-TXdlGDGVrtP5E2QbkMgaMG6/DYkThhMW
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEARmYDxEUne5eLC0AVh08JqQqWkTodHZd
+3aTYGOpwTtu6I6vtXgi+ktZV155VxbxUeHtN1AE2az3aPph5xEgd3DZ+UcHAVBlF
+lkY21QIWh8KFxH1A55/38LtWqTrFYL6Ny5cPWLI7EKc=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C15
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C15-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C6
+PeerKey=KAS-ECC-CDH_K-409_C6-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=d337eaa32b9f716b8747b005b97a553c59dab0c51df41a2d49039cdae705aa75c7b9e7bc0b6a0e8c578c902bc4fff23e
+SharedSecret=00137894f637460a63576824536944cddb42dfe63169c84040a0345ad7516ec4f1ad00bb4de20ea6ea43824b9b0f74dfa6881cfc
 
-PrivateKey=KAS-ECC-CDH_P-384_C16
+PrivateKey=KAS-ECC-CDH_K-409_C7
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBZ/Of6194ousAjBpDJ
-VxDHIOUo+aTlTTpqjNX8XF8hY3AxzhxbTj05ZH2Ny5t5RmShZANiAAScQ7+XHt8J
-QCh27nQglTgfeLG9OqObUTKvddv+fpi9eL3hD+LpA8K2N54d7uF1obCmxY7OpaR3
-uwG9VDsznxzEnxNxos2k1G605T4lBZeUI1GplmWhIv/qm94GNsN12vI=
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMG39qzyhsqKCHO/bWH
+K7lfAjFhrk4tVJ0PsfOCVjQTWESRZX2xAcMjUUgyw2P2NqnmnoOhbANqAAQAPpqb
+XyggZuIzhw3LAMSu0tc6Mx951JyNXC2TkIsO9ecrdIgU0biEBkLXW3qaVTAbHnyC
+AQhfV2keBK+sbohOL9vY34AvTUNbzmESMasydHYerV4uajRKU/M8D6FW4xMgYvcr
+zaP8DA==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C16-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C7-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEnEO/lx7fCUAodu50IJU4H3ixvTqjm1Ey
-r3Xb/n6YvXi94Q/i6QPCtjeeHe7hdaGwpsWOzqWkd7sBvVQ7M58cxJ8TcaLNpNRu
-tOU+JQWXlCNRqZZloSL/6pveBjbDddry
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAD6am18oIGbiM4cNywDErtLXOjMfedSc
+jVwtk5CLDvXnK3SIFNG4hAZC11t6mlUwGx58ggEIX1dpHgSvrG6ITi/b2N+AL01D
+W85hEjGrMnR2Hq1eLmo0SlPzPA+hVuMTIGL3K82j/Aw=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C16:KAS-ECC-CDH_P-384_C16-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C7:KAS-ECC-CDH_K-409_C7-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C16-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C7-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEkKNHN9RbGqZfdOC9Blm8EY+OS3dLdhlE
-/6ZXPG309B3sDRG2l6vZNNOQhx1LRTJAm1kHGbszB8FJp4F741XWhIk6MHdktRLu
-/+B8tpnttab/v41gMubHnV6T6UISwqpO
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAfo5tdM3XUMkeslQAGHr/3oMFbjF3+nH
+UXhDhsmBhg3m4blYTaD0IRlBfzIzgpCRCpolngAr3s1QK6ZKbyHQj6QlA4nUJwMk
+RW6UQWV0lccq12D7NIMl+Jt6VASiwhwqoHcRvPXzBBI=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C16
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C16-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C7
+PeerKey=KAS-ECC-CDH_K-409_C7-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=32d292b695a4488e42a7b7922e1ae537d76a3d21a0b2e36875f60e9f6d3e8779c2afb3a413b9dd79ae18e70b47d337c1
+SharedSecret=00f03b0b43a351311689eb1d3fc457013f294a7d02ad850c72e4ff9b64ce68a47beb49bc5bcbdc828534f8c8a5e13de5fe522eb0
 
-PrivateKey=KAS-ECC-CDH_P-384_C17
+PrivateKey=KAS-ECC-CDH_K-409_C8
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDA+Sfv5UKQkxdgCKNxL
-w16fbGwMHQRECZjaCmCah3V12+Q31qXO2qLd0qGhf9ESre2hZANiAARalJWUIosa
-PW9ZnrPbDQYHD7xVHGV7WCNLoWTOP+QV+l8+uCPAjcKbjDQSGcd7az0rqtRHyMKQ
-z+0l7dkDHEHQt2khRXMn9C2zESK4HzN7vwsQOeyDDOkGGjdhlTx15Kg=
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMpsvyzCFlql1xbTNHn
+UmfFQk4Ad0EU7CBRpXGymXZhifrSTpL5bj1SdzbqSANnvb3QUw6hbANqAAQBTHVz
+mb4gHgiv2LSmcefTttf4hESYq1kuG/aTFTR86C29eF1FkiZg1NDSf6KwrGLnB/zs
+AJjwdz0+/pwpCpkuygWHXTRj8HNrLf70r/2f8A+WreUzmZF96gdMeY/FNXOPDFaJ
+okR/hg==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C17-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C8-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEWpSVlCKLGj1vWZ6z2w0GBw+8VRxle1gj
-S6Fkzj/kFfpfPrgjwI3Cm4w0EhnHe2s9K6rUR8jCkM/tJe3ZAxxB0LdpIUVzJ/Qt
-sxEiuB8ze78LEDnsgwzpBho3YZU8deSo
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAUx1c5m+IB4Ir9i0pnHn07bX+IREmKtZ
+Lhv2kxU0fOgtvXhdRZImYNTQ0n+isKxi5wf87ACY8Hc9Pv6cKQqZLsoFh100Y/Bz
+ay3+9K/9n/APlq3lM5mRfeoHTHmPxTVzjwxWiaJEf4Y=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C17:KAS-ECC-CDH_P-384_C17-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C8:KAS-ECC-CDH_K-409_C8-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C17-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C8-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE3aVGrPyPkD0R4uOSBmljbUSyBorrZv8H
-qiZvADDhU1sO0CA8uKRgrJkPE5T68i8dFbuyWXkTA1+q30E0dvTHD3J5dppAyYb0
-cMQntO5JYqvfgXO7rYGHR3KSX9MvCxWf
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAbJV1bt10llwMB3p4OOVmhIgXVEfjmTw
+QqAclQ20cbHW1YR/dWae6wvxh/FVnbOyKu7AlgF+WQz6hVNJE2GYwt3YpSEIgkc8
+ndWRwC4gLKBAS7yfY5HXOuAR2smWUVXSZQE5/i5U7Gc=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C17
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C17-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C8
+PeerKey=KAS-ECC-CDH_K-409_C8-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=1220e7e6cad7b25df98e5bbdcc6c0b65ca6c2a50c5ff6c41dca71e475646fd489615979ca92fb4389aeadefde79a24f1
+SharedSecret=018f55b81f15f862aed042f37433050ac61718c9939d432b2a20e12d647f99753b8dd5127cf8963247fe7e1d5ade1442229bc646
 
-PrivateKey=KAS-ECC-CDH_P-384_C18
+PrivateKey=KAS-ECC-CDH_K-409_C9
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBQzMH3B26S9GOOhfLb
-mOC0g+biIEySvdRApt7qBON6B8bnJ5HBkK1OTobgHvuoQmmhZANiAAR1bAffDOMs
-g52sn7RzPJwotwETpnanBXw40iPyKjqQlajVZGU69SjgTH4YJL5KZRIXws5pYsvS
-ouBmKXs51X3Zu0aA8BkdOQ9wtORhQZspcs5orUYSf92mw5GVd06obfM=
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMbmAFcAgLqFkF5caNz
+BCUIOb1qbl2DSX9/k/D3Ryoh/OS+W+d26QlZ28QaDoXtIlg36NWhbANqAAQB/sCf
+lFcWFOfNjpWOvNei/NjCSNQIzbo1ljBUXDE4OSJ3TTsk4gWR2LQelU4WZU/oXLrK
+ADHg6x3RzkZ6i3jRDSW53pLP3Cdzgx5uKKFS0CripaUQmUzAEEYiVEQepBEhwGd/
+tBeL2g==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C18-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C9-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEdWwH3wzjLIOdrJ+0czycKLcBE6Z2pwV8
-ONIj8io6kJWo1WRlOvUo4Ex+GCS+SmUSF8LOaWLL0qLgZil7OdV92btGgPAZHTkP
-cLTkYUGbKXLOaK1GEn/dpsORlXdOqG3z
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAf7An5RXFhTnzY6VjrzXovzYwkjUCM26
+NZYwVFwxODkid007JOIFkdi0HpVOFmVP6Fy6ygAx4Osd0c5Geot40Q0lud6Sz9wn
+c4MebiihUtAq4qWlEJlMwBBGIlREHqQRIcBnf7QXi9o=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C18:KAS-ECC-CDH_P-384_C18-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C9:KAS-ECC-CDH_K-409_C9-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C18-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C9-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEeIviM2xS9EVNY+6USx5Jv7YZoINxBI5t
-qS5YTq5wveHxccTfN4vR88CrAwSKI3gCRnPr2NtgTq9BcRdIurKWiiPKRHbOFE5y
-gkfwivdSkpFXtYMPHiYGdGa9+otlFFoz
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAOz3Bk9Sj62uOAyzgphIEQR6DX3ZqN6O
+dvgXiqYAaed6lIrPp00sd6doUWWamBlwVNqNRAC5jhNJf3dgcnEcQsGNv8jrjIUj
+/2M6+Yih8kLtPDxWXRjPIk+HUfKULjYLoW4PWDCVKRk=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C18
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C18-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C9
+PeerKey=KAS-ECC-CDH_K-409_C9-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=793bb9cd22a93cf468faf804a38d12b78cb12189ec679ddd2e9aa21fa9a5a0b049ab16a23574fe04c1c3c02343b91beb
+SharedSecret=002b560d1949297dc7e1bbe8ce49a595762924afcf0271e9c493c18ad5cbfcea5f3900c7b793ae5dd44f48884b0bc3b52c66e05a
 
-PrivateKey=KAS-ECC-CDH_P-384_C19
+PrivateKey=KAS-ECC-CDH_K-409_C10
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAG8TK3H3TYe/mYV+Hk
-NQpZTl/jVTO4iFUs7MvA2JI8kC42FB12keKGMbi8m6/l4GShZANiAAQqPMa4/1ze
-km5+OhiaG9ApybWGNRr4g49PIBy49LcO87DaBtNSyA/Ca6+PQreERZ6/mYWWAXba
-bSPHRSopVP/LvLJCSbQwGaKgI+Cz2r1GHxmtPndcNk8/Ea1J8wmUANM=
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNHO87LE3cR5eiXY6QP
+d9vi6owlCdIJBk45z5Ba+qkBCF+OeVybgBfJpdChuWgSwSSj/7+hbANqAAQByOmt
+xIFuZgb//14afUinhUw1qvBV0xgz8Mq96LvE0kWOPNPIKkr4B0X1lbO6Evi1wM6Q
+APxD8ZO1WJruYphXNeNig3TdRahqYbqveMIfpueHhW6muLiDFlQFcYJYZc5rhXit
+1fqmnw==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C19-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C10-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEKjzGuP9c3pJufjoYmhvQKcm1hjUa+IOP
-TyAcuPS3DvOw2gbTUsgPwmuvj0K3hEWev5mFlgF22m0jx0UqKVT/y7yyQkm0MBmi
-oCPgs9q9Rh8ZrT53XDZPPxGtSfMJlADT
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAcjprcSBbmYG//9eGn1Ip4VMNarwVdMY
+M/DKvei7xNJFjjzTyCpK+AdF9ZWzuhL4tcDOkAD8Q/GTtVia7mKYVzXjYoN03UWo
+amG6r3jCH6bnh4Vupri4gxZUBXGCWGXOa4V4rdX6pp8=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C19:KAS-ECC-CDH_P-384_C19-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C10:KAS-ECC-CDH_K-409_C10-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C19-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C10-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE0Ju4IuuZ44BglUdHyCuzJ4z5a782/s40
-APTIc4OKQME16zuruSk70QAb8+ze578m1BbbbhuHu7dCd4ijtsenqywWWx42b5YI
-31EgN1hPITpkjUfxasMm4Zquly9j/XbJ
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAE4Fw02sRObhsIzfrmNXwg23pUTcJT3/
+HCPU26hxuWeBtqYWONc4Zdr+CpRDw+wyiFfSPgEibEJ3eLsiRiTNIVST16TzKk8U
+GXkjZAlQXYz1jYHf08eT5ZVDp4AxTzzY7hdmTcLkY54=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C19
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C19-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C10
+PeerKey=KAS-ECC-CDH_K-409_C10-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=012d191cf7404a523678c6fc075de8285b243720a903047708bb33e501e0dbee5bcc40d7c3ef6c6da39ea24d830da1e8
+SharedSecret=000b43cb539bb4bb42f195ffdbcdeb482b69301c0155a840cd381f55c465a8e57ec51d6555871537b56bf84a1544cae2b2b8eb38
 
-PrivateKey=KAS-ECC-CDH_P-384_C20
+PrivateKey=KAS-ECC-CDH_K-409_C11
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDASBI67QzHsGaHiPxos
-dztmTM/pCii/uEb8Evgd/0S3RDx3ZHFkvx6eZ/0sB6Z2YkGhZANiAAS8GINrx6n9
-9UtTUvN9dSirj6jsVEqMYYBRHL/dSczjd8OeNMAxtSQNyZgFA+0vJiyAhsvjOBkQ
-gPC3oWx6/Ex7Ayb5rGb1hVLvS7nSTeNCntXTJ37Vj89I8rX2Eya+xsY=
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMg3d1nE0pBg3i6oN38
+kRHAou1JKyiVad0AYb8SJtI1vapSA9Pvor0BQdKs4nw66Oba8R+hbANqAAQBZ9V3
+sqQ8wafYimvog8KNv0jD4fvyGtg+en49dT+wttP4DNE3b9mL4mD0lHV83AYyVtWy
+AV7XADt9K9XgNZMDZgrdCQBJA5z33zlpieoYxwL3BMRc9v3nrQctMSU9HVKV6cXR
+1cYsOw==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C20-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C11-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEvBiDa8ep/fVLU1LzfXUoq4+o7FRKjGGA
-URy/3UnM43fDnjTAMbUkDcmYBQPtLyYsgIbL4zgZEIDwt6FsevxMewMm+axm9YVS
-70u50k3jQp7V0yd+1Y/PSPK19hMmvsbG
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAWfVd7KkPMGn2Ipr6IPCjb9Iw+H78hrY
+Pnp+PXU/sLbT+AzRN2/Zi+Jg9JR1fNwGMlbVsgFe1wA7fSvV4DWTA2YK3QkASQOc
+9985aYnqGMcC9wTEXPb9560HLTElPR1SlenF0dXGLDs=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C20:KAS-ECC-CDH_P-384_C20-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C11:KAS-ECC-CDH_K-409_C11-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C20-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C11-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEE3QSYu3lhh2tcQY9/SBLkeodO3xjHfaO
-uUmWlSfXmh3FkpXvfSvKZ0PozXewTRtYC6rq3H4Z10qKBEUaE18b4bAv4pn53AC/
-3yAeg9mVxpULzBy4nW97ML9UZWuaTaWG
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAW9pYP0jV9L3C193i+XgqnFVa50vTM6x
+T3gS2oWKuHKBi0YQ1BqPZiALQ0NCIifZ/d9xLgCq9ZKnJedzg4iJa5vp94wcPWly
+ufmQNNAswPl3ap9sL5t9UB91vhhZmwiMTFiBxmFG5bk=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C20
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C20-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C11
+PeerKey=KAS-ECC-CDH_K-409_C11-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=ad0fd3ddffe8884b9263f3c15fe1f07f2a5a22ffdc7e967085eea45f0cd959f20f18f522763e28bcc925e496a52dda98
+SharedSecret=0113dd2cf8732ceb8a893e149f13d52026e5d829322d0f1233a624fd6b74d56e7e6374d70942a25152ce5073831660333fb3e070
 
-PrivateKey=KAS-ECC-CDH_P-384_C21
+PrivateKey=KAS-ECC-CDH_K-409_C12
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDA01hppnKV2Fp/NwMx+
-ROThIh2w/mPRaFDIEEAp99SESXFLmIQyjK4YmXh1SrRgtIahZANiAASGf4EQTM1r
-Fjp5ArZw70BgQssMzn3Nxj0d/JGyxA4833WVg0v57Ot5hJ8WNvyEYvydS96Oh17E
-lpfSWNHVlGX4QxxvVTHhxZ6fnr488WSo2c4QoS8ZeSg6lZutJE3YOGM=
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNgelplMhd7UvI0knF9
+0Keyr5jgSIT3cHXkYEQQxQRKCEYezzfE76PtwstmfIS4ZBWTa3ChbANqAAQAClZ3
+rGwA0mRgVNvr/FNtsKmzUaJAinPgg61i0YL7h8uAMixTlVPs28ITzoTGbd+NwdI0
+ATJ6CjdpJA/aRflLsHNhx0qoyNEZQUp7VmbiWjq2iBl1OWMlp39UGhuiaAEqgsUR
+DSpJ4g==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C21-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C12-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEhn+BEEzNaxY6eQK2cO9AYELLDM59zcY9
-HfyRssQOPN91lYNL+ezreYSfFjb8hGL8nUvejodexJaX0ljR1ZRl+EMcb1Ux4cWe
-n56+PPFkqNnOEKEvGXkoOpWbrSRN2Dhj
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAApWd6xsANJkYFTb6/xTbbCps1GiQIpz
+4IOtYtGC+4fLgDIsU5VT7NvCE86Exm3fjcHSNAEyego3aSQP2kX5S7BzYcdKqMjR
+GUFKe1Zm4lo6togZdTljJad/VBobomgBKoLFEQ0qSeI=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C21:KAS-ECC-CDH_P-384_C21-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C12:KAS-ECC-CDH_K-409_C12-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C21-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C12-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEniLLwYZX9RaoZLN7eDNItm8aqWJs1jH0
-+hvTKtiM8R21IFfGYIYNOdEfvwJPq9REaw1Tx5aBwoEW33HpzudP1WyLfwSznxGY
-zHIoTpi+lWLjWSb7T0ip++yv5ykwnotv
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAPVJxH3I6S/s04tXUIlYgORJ8eMavgux
+6syEKY+DYQjlowjMuVeNy9S+YXd1LrIx548BHACTZj7D/LVNZ2iXv8ldteVK1u6h
+7HtGykvz0lNYOfEByz5tXxG2o2v0A2PDHJ+IE3hiZ08=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C21
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C21-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C12
+PeerKey=KAS-ECC-CDH_K-409_C12-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=dc4ca392dc15e20185f2c6a8ea5ec31dfc96f56153a47394b3072b13d0015f5d4ae13beb3bed54d65848f9b8383e6c95
+SharedSecret=00c8e62ac25c11e86b98642e4ec7adde9d9436f9337369fb065abc9ea784f90b8b8bebae35da92185486191dd9f49370b1148ce6
 
-PrivateKey=KAS-ECC-CDH_P-384_C22
+PrivateKey=KAS-ECC-CDH_K-409_C13
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDcYPqHNtcCE1/xaquZ
-K7iOrDl/WXJFbHLsRHN00NjOYRU4Mb/IatWm61tgv7lqhiyhZANiAAS2m+7ehdD4
-Kf7BuJPMucPgUv9pLhO5dFN7xbD5/q97IuhPAyMWKbJIZr20uM+QiRRm+F4r/Kui
-hDKFsOFOvAfvfa//i0JEFv7mR7WYl7YZ8g7tlaYy5qQga/faQpwExWA=
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDM02ppFNxHwSgseobmv
+cB4Nw6Vc3VheQ+Ps9B6TTsr4gP8WFNzlzJkqaa3fxAja4bCbjQWhbANqAAQB97/0
+NVR6iVFtAX0b2sTNo2BBoNPf0DJYVisuKPQM1k9q4rcEV3c/lnXP/EDAIeRwKwjW
+ABPFmnLwyD9buQoL/ueYlS+5HuMpyYxLWRT0Ra58hIN2cFK19SmXRiFUXdzWN39e
+OH1XPA==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C22-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C13-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEtpvu3oXQ+Cn+wbiTzLnD4FL/aS4TuXRT
-e8Ww+f6veyLoTwMjFimySGa9tLjPkIkUZvheK/yrooQyhbDhTrwH732v/4tCRBb+
-5ke1mJe2GfIO7ZWmMuakIGv32kKcBMVg
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAfe/9DVUeolRbQF9G9rEzaNgQaDT39Ay
+WFYrLij0DNZPauK3BFd3P5Z1z/xAwCHkcCsI1gATxZpy8Mg/W7kKC/7nmJUvuR7j
+KcmMS1kU9EWufISDdnBStfUpl0YhVF3c1jd/Xjh9Vzw=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C22:KAS-ECC-CDH_P-384_C22-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C13:KAS-ECC-CDH_K-409_C13-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C22-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C13-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAELbXaX5QOqohPTbXsITmwRp845Ob7vMUt
-8VwPfPf8sYCMdJdktr6F0v3FsW9YrV3AIuiwLc8z4bWgg4SVRfhK1eQ/d8txVG27
-rA0RvbLuIC6dOHLo0CjAiZB0bF4d3pmJ
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAEEeXUyW413ptUHaX6xpEzZGLIgtjozk
+1utxIUF+cJUMTZUC9kVl1abPpzXJDu+Dx7hh4gCWuQTjfKHC21mlRhVifhwzVhYP
+4XUoSq3DsvoGugswqqB8hOZOSGUuX+swNZUGbg+EaPc=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C22
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C22-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C13
+PeerKey=KAS-ECC-CDH_K-409_C13-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=d765b208112d2b9ed5ad10c4046e2e3b0dbf57c469329519e239ac28b25c7d852bf757d5de0ee271cadd021d86cfd347
+SharedSecret=012505746f1a40ef75f950595211ce04f87f1daffffdf8c12600a9e2994c8c1d8b19c0e0559adf9a94762cb983569de6d0d8baca
 
-PrivateKey=KAS-ECC-CDH_P-384_C23
+PrivateKey=KAS-ECC-CDH_K-409_C14
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBvpqHHBHMJh6pjSwUW
-qCarqMbWQR06TIl3LXpiYQJWouLyifXDRAsOwecPozniUc6hZANiAART3h/BMo6N
-4UrsqymtikDWsTdo+G99KYQz0g/seR+G+Lxz81gJiyVqKYu0iN4le/SsKJRP0n8X
-uClGwExmxB8AU9NpLyddpVzYc5qVvYzTry+W5N6Vnqg0TYlFN1kFhYs=
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMxQa+7qLTZ8MvoKX82
+WHMZZzlGXj4gqJr5/fiwHRlaoQUuYXa1+thWE2trMg7r/AjBzQGhbANqAAQBgF/8
+V26KRfBil7IzXQOryK39Fa03522A07QYDV9y78kPPysDas2Bf0D9SQZKol6jg8gu
+AfItprUKxWKJQ/BbFBSTyswPArzfO//bQ1gjQ7aGFXYaGAvX0asd3BX1N0qPZl0T
+tLkScg==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C23-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C14-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEU94fwTKOjeFK7KsprYpA1rE3aPhvfSmE
-M9IP7Hkfhvi8c/NYCYslaimLtIjeJXv0rCiUT9J/F7gpRsBMZsQfAFPTaS8nXaVc
-2HOalb2M068vluTelZ6oNE2JRTdZBYWL
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAYBf/FduikXwYpeyM10Dq8it/RWtN+dt
+gNO0GA1fcu/JDz8rA2rNgX9A/UkGSqJeo4PILgHyLaa1CsViiUPwWxQUk8rMDwK8
+3zv/20NYI0O2hhV2GhgL19GrHdwV9TdKj2ZdE7S5EnI=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C23:KAS-ECC-CDH_P-384_C23-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C14:KAS-ECC-CDH_K-409_C14-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C23-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C14-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEMpZHuqNUIk60QUgpxTaMgteJOzmATgjL
-shgPRZvvxLNHo4mnDJGiO9nTDIO+UpXTzI9hkj+tKqjlBdbPoSa5+r1a+dzikLdW
-YO8G0cqnNoHQYInDO8QkazqjDbzSQ1sS
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAA+oJD8ACjOYgIofiP/Fo0KWj+5ceyap
+4f+ibvqIXnThxWICfZXbCMwVvSWj/BGrTcE8ogD+1ofHGX/xrrmA5yo6fDGBQgUs
+I4mwhm2zuH5cgCXnm7T0+Zb6Y1KrnLIBcu941v/KkG8=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C23
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C23-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C14
+PeerKey=KAS-ECC-CDH_K-409_C14-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=d3778850aeb58804fbe9dfe6f38b9fa8e20c2ca4e0dec335aafceca0333e3f2490b53c0c1a14a831ba37c4b9d74be0f2
+SharedSecret=019a71ab576546e2351aa92b6075e8229813e6a2cb3647147b192b4597f1217223e7197d846c0d65ea0d4aa4c503bd000ba312ba
 
-PrivateKey=KAS-ECC-CDH_P-384_C24
+PrivateKey=KAS-ECC-CDH_K-409_C15
 -----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDB0rYOGwcssoPzesx4I
-abs/SMA2r+LvEQyjAryLkQ9iHJ/MVM7DK7iex8qoTHuOVKihZANiAAQno+g8+51R
-IucxKdgBYVhX2nzAiczMnFSrMDKhngoKn2dzRuN/CKCz7Y2m5d1pEGONYORKpeD9
-MMkYRWeWrzfw5BlXkBZF5cWWxtmJ9YWbA6C9fR9Od5Nv/zx00gTlOI4=
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNOUXeWysnXx1MW615o
+lj/mMkeB+rmG6UAgDnEd2/mILZmmIKl2NS4klnSM+2Hcy/bWWcyhbANqAAQAVqRS
++x1VgHnD6RvyL4aITKiXiIBv59bWykC1SFB5133EPkZqcSWXksZf9qtyBAZsDmeo
+AfKbcj2ffU3mzML5cIB5xdMK5dlg5ip8T23Ji/yVtPUx8ZfDlIZwVDJZQgPCUUcV
+bf1bXA==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-384_C24-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C15-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEJ6PoPPudUSLnMSnYAWFYV9p8wInMzJxU
-qzAyoZ4KCp9nc0bjfwigs+2NpuXdaRBjjWDkSqXg/TDJGEVnlq838OQZV5AWReXF
-lsbZifWFmwOgvX0fTneTb/88dNIE5TiO
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAFakUvsdVYB5w+kb8i+GiEyol4iAb+fW
+1spAtUhQedd9xD5GanEll5LGX/arcgQGbA5nqAHym3I9n31N5szC+XCAecXTCuXZ
+YOYqfE9tyYv8lbT1MfGXw5SGcFQyWUIDwlFHFW39W1w=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-384_C24:KAS-ECC-CDH_P-384_C24-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C15:KAS-ECC-CDH_K-409_C15-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-384_C24-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C15-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEKdijbSIgCnW3rqG7R838sbf9Zt6WcEFD
-RyirXVM6Bg33MhMGAP5vdYUqhx+yk4454ZtT21KDld6JekUQiWdxXrjLVcP8vyM3
-k3LAhzoFjVdUSxAuzOcissyrsaYDd0/V
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAL59WAQyY6svQiUtQbWC2GLCskPOGFdg
+gb1u3S9j8BZPNlyuZyaNIn85RGd+HBRq+GS4rgGkvLxkFthll6FIyk1hDuZWoAAm
+zmBHvZ+9QNiVMBlqRpOuWV1plWUDudKrSqvnyVihTGk=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-384_C24
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-384_C24-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C15
+PeerKey=KAS-ECC-CDH_K-409_C15-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=81e1e71575bb4505498de097350186430a6242fa6c57b85a5f984a23371123d2d1424eefbf804258392bc723e4ef1e35
+SharedSecret=014f4b7ea93c9dd846d2228c2b6a8dfe616057232b7af845a570cb6cacf9feef2d8ef4fafb285b38e63cce0a09b4d82dbe43a390
 
-PrivateKey=KAS-ECC-CDH_P-521_C0
+PrivateKey=KAS-ECC-CDH_K-409_C16
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBfuzAerSzKQaPumXl
-ah+IkKqTXlcTSuD/zOgCc1FR9OrGVk9u6ZdMXmiHof7+5XQ64iQb/rldXOMd3Lb5
-7bTW/EehgYkDgYYABABgL50M+eUmsp4iOBwgPEiohsKwZzAzNmMU8f+8uiQLpC9O
-84p2F0Y1+R5rTtNCdesByEZ9BcqAMVvxp7vZRfVQpQG3yF8m9dSy1zVc9rAhF2WZ
-Q3YrbR21q08dvETOeylG62x940KWKJP9OH0bc9eoZy0fI2lhFwt+s1eZU+5c3IjN
-LQ==
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMcgLZNUegCVpnnvixL
+mDz6S36RsRLi7KX50Mt+PU+Fr/ezOpIeqhJMtwAuq2KXPWXha8mhbANqAAQB/Q5O
+r7JsCMn450fUmR9GjHa0hkFm43ZCtYPbKFpLxMM5eZF9kSmpHLCnXBrufNT7q3PO
+AEaO+rz0SPzOgh896B6ZTXmn2Z6piayB+hNfesiLFUx2eQnGgffkjACy5mu664+G
+iPRGcg==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C0-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C16-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAYC+dDPnlJrKeIjgcIDxIqIbCsGcw
-MzZjFPH/vLokC6QvTvOKdhdGNfkea07TQnXrAchGfQXKgDFb8ae72UX1UKUBt8hf
-JvXUstc1XPawIRdlmUN2K20dtatPHbxEznspRutsfeNCliiT/Th9G3PXqGctHyNp
-YRcLfrNXmVPuXNyIzS0=
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAf0OTq+ybAjJ+OdH1JkfRox2tIZBZuN2
+QrWD2yhaS8TDOXmRfZEpqRywp1wa7nzU+6tzzgBGjvq89Ej8zoIfPegemU15p9me
+qYmsgfoTX3rIixVMdnkJxoH35IwAsuZruuuPhoj0RnI=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C0:KAS-ECC-CDH_P-521_C0-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C16:KAS-ECC-CDH_K-409_C16-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C0-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C16-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAaFpI6Gx58PCHX3vBjSXrX8jAsH5d
-pPQ3DzqUkDQIVDNLHhuH+jlUZMYGJhJKTnDQ94VgHTfAmHDr8XZmaHeiBG0BulLF
-b8h3bZ6PXbTwzCdjbQt0G74FQAaXlC6AtzmISoO96Z4PZxaTnmMryJhvoY3M1EOj
-SLbD5SJJeVWk88MC9nY=
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAR/qWNnjbPjtTvO0L3fM6pO/VCrJIUHc
+LAlAYZhfPfeG0ZKle+4HJVCzAlg/D5QoMBsbdgGz3MG4o1RSZEJzhjKeuB/pkmVA
+QGlHgcDYsnweSUQrmbq5Pvlmb+oU1IQ+5LxbBFrFDBE=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C0
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C0-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C16
+PeerKey=KAS-ECC-CDH_K-409_C16-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=005fc70477c3e63bc3954bd0df3ea0d1f41ee21746ed95fc5e1fdf90930d5e136672d72cc770742d1711c3c3a4c334a0ad9759436a4d3c5bf6e74b9578fac148c831
+SharedSecret=001fe2ed30ad4143c5eeb0b7622e6aa49e4e4d51c1ddc467b3fc54215dae931be0b6b6443e716895acb6570cdc21fcbdae46e5d6
 
-PrivateKey=KAS-ECC-CDH_P-521_C1
+PrivateKey=KAS-ECC-CDH_K-409_C17
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAgW8ZwfsQ75TUodgc
-FW7D0d4Itmdh8D8G7ku53Ou7/h6qHtSaapkIONjtMYwU10zIcvldBdB61Q9iHOti
-DNkFz7ihgYkDgYYABADUVhXtXTf95plhCmLNQ7p2vt2Phe0xAF/gDWRQ+70QEpGr
-2W1JRai1e8c7P+n0ZxEFMJ7JtoedBVHZMNrIukXSVQFCUzKETlkrRAwAJ5cq0VJk
-McBnMt8ZzUaiQhctTdZ8LIyZ38IuSZSaVs+Qxkc2Nc6C8lszaC+xm8M72RDtjOOn
-+g==
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNDyWwyz2SLA2ESQhrb
+qpJc1UF1q6055Wgb/J60sbZJrsHIduwexGEPGzsGUUpI5up6SiWhbANqAAQA3hge
+gbnnd21HRpSi0STQuHbZVI8g7jOGMElF2RMfkEV9m5ON8JiwNb7ar4DtbZeUBPxw
+AYGjUW2+qdqX1uzs2xD5bVRGnSc6s2bomkD9ztzxvag31cFL0QwLaiqcikeBASXH
+ZN017w==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C1-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C17-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQA1FYV7V03/eaZYQpizUO6dr7dj4Xt
-MQBf4A1kUPu9EBKRq9ltSUWotXvHOz/p9GcRBTCeybaHnQVR2TDayLpF0lUBQlMy
-hE5ZK0QMACeXKtFSZDHAZzLfGc1GokIXLU3WfCyMmd/CLkmUmlbPkMZHNjXOgvJb
-M2gvsZvDO9kQ7Yzjp/o=
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAN4YHoG553dtR0aUotEk0Lh22VSPIO4z
+hjBJRdkTH5BFfZuTjfCYsDW+2q+A7W2XlAT8cAGBo1Ftvqnal9bs7NsQ+W1URp0n
+OrNm6JpA/c7c8b2oN9XBS9EMC2oqnIpHgQElx2TdNe8=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C1:KAS-ECC-CDH_P-521_C1-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C17:KAS-ECC-CDH_K-409_C17-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C1-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C17-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQB3yd8FSEINJvDTVOe4M8Gsk9dNQBn
-e0RFRTzMIUCUU6r7inKgvp6+VNEicKpRs6t/MWql50qVHF5T90zZX8Ka7noBPVLz
-Op88FDhNFYf6ir567XS8M3Sa2cVwtHF3ZCLH1FBdmwqWs7+sBB5MammQrn9wDltK
-ZkAikRLer6DNi7DQibA=
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAMqAk0C9EzVLYHHQc+Zbmw0rrILiKr/K
+x+cK/Z0iSFLw4hKXbl7II+uJUOArx1ns9W95qAAxKB6JdkAaq1j6jq+GNv6wExcL
+yrV4G+CijScznpRw4WbH9oXy6pFDMQ3KGzq44cjmBZI=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C1
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C1-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C17
+PeerKey=KAS-ECC-CDH_K-409_C17-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=000b3920ac830ade812c8f96805da2236e002acbbf13596a9ab254d44d0e91b6255ebf1229f366fb5a05c5884ef46032c26d42189273ca4efa4c3db6bd12a6853759
+SharedSecret=01610efb48fd22261921f7484ed6382fceb6bdf28f3bc2340a175b7971b93ed5ff357ed55e5307bbf42e40a5b3fabdaed0ce19a2
 
-PrivateKey=KAS-ECC-CDH_P-521_C2
+PrivateKey=KAS-ECC-CDH_K-409_C18
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBLy4MbZ6dEXzrlyO8
-7QLrPU7r9f7q+O4BE8zYBXsT3dQW4LdCgMLQuo7SkcRDvBsUHK+K+zpx+X9XwiXA
-Ph5NQrChgYkDgYYABABxf8s9SkDRA4ce3gRNyAPbUIqqSudLcLn7jY39hL/s+tF4
-cYeWmMKS0v1eF7T5NDY2xTGk+saKNak2ZVRrmoeGeQDz2WqGNwNpk6tdJEUA//nS
-dyESgm9kNmA9PrI0pE1cTlxXcjRnnE+d9yXuW5EY8j2KWNDMAQltr3Do3+wBKL3C
-6A==
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDM2NoVLjuAlS7LQ6+3H
+ILZrIBKaIfGk/jkRjP3U0Tfb5eVw6+LEin+awhz/PlrfR0NGl9uhbANqAAQB78DN
+GobOdUTyX0TmOgkTwR/WsIvAmtjNgvOvfjKnp+ys1W4lUmWJMTh51Kf9Q4LUEU5K
+AFo073QDWZwvg/PoMplSSJPyQY/5XWwv3Ao9uXDmL93PTNoYKqeLVP2MLoGPse4t
+0ndnYw==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C2-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C18-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAcX/LPUpA0QOHHt4ETcgD21CKqkrn
-S3C5+42N/YS/7PrReHGHlpjCktL9Xhe0+TQ2NsUxpPrGijWpNmVUa5qHhnkA89lq
-hjcDaZOrXSRFAP/50nchEoJvZDZgPT6yNKRNXE5cV3I0Z5xPnfcl7luRGPI9iljQ
-zAEJba9w6N/sASi9wug=
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAe/AzRqGznVE8l9E5joJE8Ef1rCLwJrY
+zYLzr34yp6fsrNVuJVJliTE4edSn/UOC1BFOSgBaNO90A1mcL4Pz6DKZUkiT8kGP
++V1sL9wKPblw5i/dz0zaGCqni1T9jC6Bj7HuLdJ3Z2M=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C2:KAS-ECC-CDH_P-521_C2-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C18:KAS-ECC-CDH_K-409_C18-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C2-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C18-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAktsxQlZNJ6XwAG+BmQj7obhQOKW8
-JQmQakl9qsZ/167g/C2rpOQzTurvDgAZIEtHHNiAJPghFdgUnMDPT3zhpNUBa60G
-I/UXsVjZiBhB0lce+61j+Fy+LlgZYMXWcGAaZ2AnJnWlSJliF+SrK4684x1x/KY/
-zDwI6Rwdjt2Rz2/oRfg=
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAHR5WwqcoHBJH7VKO8JJmB3vvsA35AQP
+dmVkKLFTi5eFA/gfgK2e+XxeEnulHsBAWEuaIAA+zifz2u/nvf/fpyeyr5WvhZGv
+lGzd/jfoVkO40XnKi5UpEG+cXzqVqIGSJfnX1Kcw/SI=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C2
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C2-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C18
+PeerKey=KAS-ECC-CDH_K-409_C18-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=006b380a6e95679277cfee4e8353bf96ef2a1ebdd060749f2f046fe571053740bbcc9a0b55790bc9ab56c3208aa05ddf746a10a3ad694daae00d980d944aabc6a08f
+SharedSecret=008d990982aac8d5371b867de21e09064fef30e73321337dc24f19ad5ddb6c4ad217136b7c61e360a73fa7571d526c8f514a06d4
 
-PrivateKey=KAS-ECC-CDH_P-521_C3
+PrivateKey=KAS-ECC-CDH_K-409_C19
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIA5UinnYsF+SO5gl0R
-tlbyIujLmLD4neHTFxhNxaaY98cRYe59wRzTH09PiuOpgeGj54veu5fXwgS5JhtO
-+S4JGOChgYkDgYYABAAM6AAhftJD3RCnmtc99Xiqij+RlK9SjNEJS7/uJ6O1SBrV
-hiyIdsDD+RKUwKs6qAbZAgy6ou1yt/7NxaCaba1vMgFUPJq0WxJGkjKRjiHVo1H5
-pLnL+e+yr8xAL6mzFlC+wtZBoFxEDTUzHAiT0R+xMVEzWYizAzQTAac9xfYdV05n
-2Q==
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNJmKBioyFwuzWJVNLC
+SW2ohiAIJ/oTVmg2ribjjVGSbKPSAlife/on6iLTmZc9tvn96fShbANqAAQA9xWQ
+sEKQtfPNm6DjlKO+WhUU9F5TSX9s3tv4OXKOAogTXXaeSyiTLIdYI/4lbokZl8R2
+AJ0WunJqWp4JEDvJSgnYB5rI7fI0EMhGn3n1XzNVz7OtcDYk7G117OrjiB2iCQPH
+HeH1rA==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C3-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C19-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQADOgAIX7SQ90Qp5rXPfV4qoo/kZSv
-UozRCUu/7iejtUga1YYsiHbAw/kSlMCrOqgG2QIMuqLtcrf+zcWgmm2tbzIBVDya
-tFsSRpIykY4h1aNR+aS5y/nvsq/MQC+psxZQvsLWQaBcRA01MxwIk9EfsTFRM1mI
-swM0EwGnPcX2HVdOZ9k=
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAPcVkLBCkLXzzZug45SjvloVFPReU0l/
+bN7b+DlyjgKIE112nksokyyHWCP+JW6JGZfEdgCdFrpyalqeCRA7yUoJ2AeayO3y
+NBDIRp959V8zVc+zrXA2JOxtdezq44gdogkDxx3h9aw=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C3:KAS-ECC-CDH_P-521_C3-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C19:KAS-ECC-CDH_K-409_C19-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C3-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C19-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQA/dQNnp2XQCfLO65oIWLqwTKK1hvE
-NTxFv1r+dr9gfSiUyMziNpXZIPJGT9pHc9RpO+SzdzWEaRvbAym39MhswpkANM6s
-aj/vHD4cSUv+jYcrGDgyIZp+FNpBTU40dFc2cewZsDO+gxuRVDWQWSW0SUfFkpWZ
-RbTrfJUcO5yM9SUwuiM=
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAR62TtQknhGVstEwejWlFNZtKbpvkET5
+wCtLLTyz49TAzcVInN37liJsnOPjb7j/Lu8gjACZiAsNDUPFxXmtd92uaPLJF/Sw
+YuqNd3uc30Zcu1kQfnCZJxToy/rHYpbV7emcSNOKiXM=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C3
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C3-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C19
+PeerKey=KAS-ECC-CDH_K-409_C19-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00fbbcd0b8d05331fef6086f22a6cce4d35724ab7a2f49dd8458d0bfd57a0b8b70f246c17c4468c076874b0dff7a0336823b19e98bf1cec05e4beffb0591f97713c6
+SharedSecret=0155dc98729c8c1bc65eb8a3ec09135f46bfa313bf56aa3169e312db8991abda338f8ac7a75bce42884068efb7e6e625939d2b88
 
-PrivateKey=KAS-ECC-CDH_P-521_C4
+PrivateKey=KAS-ECC-CDH_K-409_C20
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIByKrpS7ELjKT3vld7
-T7MrsjgQMsSULCT8LXU+fMXke0gzidnzuVbSDukAGx7vnyNUX3LFYCFABGg56WMx
-PD3syGShgYkDgYYABAEGoU4u6P+XCqirDHm5ejO7opWOBwt1uUc2t3u+P3dzJPpS
-hydxqoimOp6EkMM3jfTcdgzRTWK+cAd53RpDd5Q2VgAjZs45QeCyhLGqgSFdDTuX
-ePziPIzR5O1voKv2IVbJHUs+tVmZw0cb7SdenmDlqp1pDTEL+xXJxbvW9enrOWgr
-dA==
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNaP4Bf48Mmb+s+C7fa
+Z2G7EXYYvFevNXtT8Znm5MvBKBl1MhQD6m3mGOwy6GuMoeENfEOhbANqAAQBrkYO
+EkhQTTPWftdQ8dYY5Tco1V45DfwY2UtW27PTwL3JbJLKHsqfRPuKWM823PzAWIy+
+APcBH8Mh72JY3Pwf3CwKTlTIbsk5vJzspsKRdQwf9UCzSkGHk4QqLFyrYGHbvptb
+4/phFQ==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C4-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C20-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBBqFOLuj/lwqoqwx5uXozu6KVjgcL
-dblHNrd7vj93cyT6UocncaqIpjqehJDDN4303HYM0U1ivnAHed0aQ3eUNlYAI2bO
-OUHgsoSxqoEhXQ07l3j84jyM0eTtb6Cr9iFWyR1LPrVZmcNHG+0nXp5g5aqdaQ0x
-C/sVycW71vXp6zloK3Q=
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAa5GDhJIUE0z1n7XUPHWGOU3KNVeOQ38
+GNlLVtuz08C9yWySyh7Kn0T7iljPNtz8wFiMvgD3AR/DIe9iWNz8H9wsCk5UyG7J
+Obyc7KbCkXUMH/VAs0pBh5OEKixcq2Bh276bW+P6YRU=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C4:KAS-ECC-CDH_P-521_C4-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C20:KAS-ECC-CDH_K-409_C20-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C4-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C20-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAmNmd7ggWVQ6E2/ztfogTf93PWBpy
-WkVQIRFf5J+Nw88jPNnqDm8DnceRnalzzc6sogXaOeC9mMgGJTbEfyWPRLUAzSJc
-h5c3G+DEKX0rRXdAEAx3QUHY8hTCO2GqK2zUgGubcHIqpJZftiL0K3OR4n5ewhxW
-ecWwa1kSc3KZfUIa3B4=
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAKFelqd26tuPigthNgM1y1AX19lxFkiT
+QemVFX8a3xeOVii60+gwvuVEMxGRZIhttcNGVABVHKVgXkrgU0U0oKs0PQOaO6eh
+zOgyxNZeJrrnq45fnHSz1CGlKOVZd4qye1mq4akW1Os=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C4
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C4-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C20
+PeerKey=KAS-ECC-CDH_K-409_C20-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0145cfa38f25943516c96a5fd4bfebb2f645d10520117aa51971eff442808a23b4e23c187e639ff928c3725fbd1c0c2ad0d4aeb207bc1a6fb6cb6d467888dc044b3c
+SharedSecret=0109e85c684d027a625ec5e6df952e2f20a14ed5b092d1b1b38435251303844d230fffc53d84b923555e1e1cbebe20b5d68c3bc6
 
-PrivateKey=KAS-ECC-CDH_P-521_C5
+PrivateKey=KAS-ECC-CDH_K-409_C21
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAmwrxN8lpbHW35t97
-cxVrstRfSC5aQhcyT0eLEM63avCXJM+Gr6MW5/iZGNMdVIJKXDMQekg8FcFblu3G
-YTQLHA6hgYkDgYYABAB0jNu4ddNfS8y2Kr4g6C0y5MFNwv61uH2i0MyxHJttS3c3
-tsRvDftNiW4tuS/PU827ripATAur1WStet6sYnPvowGYSsq42PFzMj3gu2AnSyKI
-cWCTc7sioXKH6d7HSVhzq8CaiRW1TIRVyOAvZU9gLiOiu9ep67dPMAm9ZezGUIFM
-wA==
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNVkB6bZYa38zcmYOvP
+6QJJkAyQLXxjKo0X+uIdP94wNzJbV3XqxaF0oe4rP/K8XOadjMGhbANqAAQAupUi
+M1Mbamx63m8zjST8ZXd7XTBSl+ZtMssbxQbFvKIofTrNM/4ZZT1siKBuyjcSzpyq
+AHFr6xTwIjNjDzRgPjCb9uJXLwt5HfpMWCr2o3q83WTo14WpXd/1m7xvvht/xzVy
+Xvzwug==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C5-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C21-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAdIzbuHXTX0vMtiq+IOgtMuTBTcL+
-tbh9otDMsRybbUt3N7bEbw37TYluLbkvz1PNu64qQEwLq9VkrXrerGJz76MBmErK
-uNjxczI94LtgJ0siiHFgk3O7IqFyh+nex0lYc6vAmokVtUyEVcjgL2VPYC4jorvX
-qeu3TzAJvWXsxlCBTMA=
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEALqVIjNTG2pset5vM40k/GV3e10wUpfm
+bTLLG8UGxbyiKH06zTP+GWU9bIigbso3Es6cqgBxa+sU8CIzYw80YD4wm/biVy8L
+eR36TFgq9qN6vN1k6NeFqV3f9Zu8b74bf8c1cl788Lo=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C5:KAS-ECC-CDH_P-521_C5-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C21:KAS-ECC-CDH_K-409_C21-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C5-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C21-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAeuEVrarwQWkatrf7jJIfmdjtMtKD
-1nCE6Aua2cQMVs2YOJ+wqEnZ7PcmjCl7b5NAYRn0DjK1dz7SWiipqFxKdYgBoo4A
-Tjfurv4fTbtx8YeGlhQa86EKlpHE7ZNIchRkO3YfpLD77rJHz20/unpgaXU2rQP0
-m4Cp0csHlnNlSXfF+pQ=
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAWQn5yvFfSapEKZyLqwsePuoq//MvBGp
++Dd7/iE+2a1kveKuhof4/x39sptdzs0CJpgowgCtT5q8IdoNMfGWWc07DBhVgUNq
+wIsVwLSKesOe7QPg7pfhZM+qWrx3RBLL//lKnqKpY2o=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C5
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C5-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C21
+PeerKey=KAS-ECC-CDH_K-409_C21-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=005c5721e96c273319fd60ecc46b5962f698e974b429f28fe6962f4ac656be2eb8674c4aafc037eab48ece612953b1e8d861016b6ad0c79805784c67f73ada96f351
+SharedSecret=01ae814e02c4684c21dd7e58a65ec51ec68c37e59e299ce65608186c0acce08e41c8320b1941a611fe66b1921b558d7f402d0eb0
 
-PrivateKey=KAS-ECC-CDH_P-521_C6
+PrivateKey=KAS-ECC-CDH_K-409_C22
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIB5I+qzubeyD/83pRM
-9r30zkuucnR4iOuv7kVbHpFYSXHvtJEnl2pS9BQpUvfCB+wCZfK3GM8+rZbqT2LH
-UuT3rNOhgYkDgYYABAEOsbTZFyvMI/TyDMlWD8VJKMPzTqYcADkdx2bHbtn6YIRJ
-N30eT63RI2AlQXMwtLkQhnBKzj5OZITGBuKpQ0eMhgFJQThkBpgl7h0IKNqfSpdx
-MAXpvRrbw7OMW5RpAHIalg/patLBs6RP496RVhNtRMsXy8JBVym7eC4Wv+Leswae
-Qw==
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMESuQ70kfnWvp72Nwo
+51vbnd2Z31ZmjIMUVNwo8+mkTs/Ue6hCCihvHvNy/SmzZd+bgvGhbANqAAQAICaU
+83jXCWXUKCitXzcTe/i2POwsDRWOW6lMqx+OYeWjAJhro0mzrfPvwF5lZwr4jNPW
+ALrw2krtuXL4iiFd+/9k5CkPrcJdo/DYPzXmW8QXfTAl1x2O65xBRw88cZ4A7x+3
+VS5qiQ==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C6-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C22-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBDrG02RcrzCP08gzJVg/FSSjD806m
-HAA5Hcdmx27Z+mCESTd9Hk+t0SNgJUFzMLS5EIZwSs4+TmSExgbiqUNHjIYBSUE4
-ZAaYJe4dCCjan0qXcTAF6b0a28OzjFuUaQByGpYP6WrSwbOkT+PekVYTbUTLF8vC
-QVcpu3guFr/i3rMGnkM=
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEACAmlPN41wll1CgorV83E3v4tjzsLA0V
+jlupTKsfjmHlowCYa6NJs63z78BeZWcK+IzT1gC68NpK7bly+IohXfv/ZOQpD63C
+XaPw2D815lvEF30wJdcdjuucQUcPPHGeAO8ft1Uuaok=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C6:KAS-ECC-CDH_P-521_C6-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C22:KAS-ECC-CDH_K-409_C22-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C6-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C22-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBJYgRXm9/e9z99X8DsWm0eXWLqv2v
-Vp0EE1mHss5hZMAqV2hetSdrXa5ildP+kGIPOLVTXG0iYMFz5h64iMqSAgMBVCwW
-nPl8JZb+Ld2EiiIuNnxffmJn68G82atdz0kVjxpI5K8pqJe35qggkcLbh02Oer8P
-WAZGkTRBVPOW267RiLY=
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAS6J3M35dYUazPApTPS94SWckHptOs72
+nxk5tVjE0hFSLk6qxhPjrISRyT3rbTRKn4esvgGlJgjq0J0tsSOg3Hgqsg3beT1b
+twrJXFjmIUa+tiu2aP1X+SA45Fhc3h+R7oxSUmr+sbU=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C6
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C6-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C22
+PeerKey=KAS-ECC-CDH_K-409_C22-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01736d9717429b4f412e903febe2f9e0fffd81355d6ce2c06ff3f66a3be15ceec6e65e308347593f00d7f33591da4043c30763d72749f72cdceebe825e4b34ecd570
+SharedSecret=0140e7db3f6415d884822ccc7316a329dfed177b76c0117abd722feca889bee4e14e65d26c6cc935c0e94205f05fc1a7abfb0348
 
-PrivateKey=KAS-ECC-CDH_P-521_C7
+PrivateKey=KAS-ECC-CDH_K-409_C23
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAwpqiI+qNZLSh7aJ/
-OdO8mOoBSN2Ywcvllfj9K/veEZyeAXpQ9dH8EhwIwc7zG3WIWVVus+DgQtjdaqrF
-egXKYeOhgYkDgYYABAAVEchI72DVQZqY0QIE2w/lgiQSQ3AGG8+k6SSdUGGMVr83
-IkcbJZ84Jju3soDSPK8qHuhzf5NxzbJzLNyVg2mTDAHUYWga5tjEm0xfTWAWFD+x
-vXSRVz4+0ObEi4LoIWRPh/gvDl8I/Rbx+Y+hdYYgCrAu2MYns1w/J2F+xf2S9FYg
-Pw==
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNW1zcwdTracP2AHHSc
+Lx8aYe9b1uy3lqnhXv6bvmFY9mlUJ4c1D01kO9pvPoxkI7gXtTChbANqAAQAJaBr
+caCuJS8vkFIhmD6/ziGtlhIaXA3MXvDQ/sMB7HfvS5FYGP7c2n8/1zPH+eUpB5y2
+AAJokNUwO2Gcf4H2D7grJrC5jY8kxFyrQaRO6zo6MSlE6Im0A14ENgswUEPjDQy5
+BBqJ3g==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C7-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C23-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAFRHISO9g1UGamNECBNsP5YIkEkNw
-BhvPpOkknVBhjFa/NyJHGyWfOCY7t7KA0jyvKh7oc3+Tcc2ycyzclYNpkwwB1GFo
-GubYxJtMX01gFhQ/sb10kVc+PtDmxIuC6CFkT4f4Lw5fCP0W8fmPoXWGIAqwLtjG
-J7NcPydhfsX9kvRWID8=
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEACWga3GgriUvL5BSIZg+v84hrZYSGlwN
+zF7w0P7DAex370uRWBj+3Np/P9czx/nlKQectgACaJDVMDthnH+B9g+4KyawuY2P
+JMRcq0GkTus6OjEpROiJtANeBDYLMFBD4w0MuQQaid4=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C7:KAS-ECC-CDH_P-521_C7-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C23:KAS-ECC-CDH_K-409_C23-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C7-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C23-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBaUkdVb0JBJ/fTCpTpmBID+5MA6BT
-hnXRzQm1u6eNrEhUPvEYoRc7P7+LIOOc4Oa4kKFjxQ+WRbPSHRy7O2Cm//QAg0lL
-Lrp2kQ/tM8dhgEUVAR+rUOOzd6vYqKBF2IbSI40sJorBtuyIvXG3unjiwzwVLkv3
-2l1WXkrL7PXpLHrWYrs=
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAKupOuHRVSiAsx9QP8S+n5HRAkfxTIFg
+Ff+yutKauBgOe1CicUTgHCHmPD2vzSUTCLrHaADkq2blFL0Cq+rhxxI3iKaSWE3b
+SpCaIX+zXeZliCM9re9wNv+dnyTro3cuL6MDe7rmPP4=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C7
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C7-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C23
+PeerKey=KAS-ECC-CDH_K-409_C23-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=018f2ae9476c771726a77780208dedfefa205488996b18fecc50bfd4c132753f5766b2cd744afa9918606de2e016effc63622e9029e76dc6e3f0c69f7aeced565c2c
+SharedSecret=002ec4deac3e83d60ad39969f2f93b49f31875831ecd51ea5c37ca48de081c0c8cc660edc53a222f3043447f9cb752763be7494a
 
-PrivateKey=KAS-ECC-CDH_P-521_C8
+PrivateKey=KAS-ECC-CDH_K-409_C24
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAKGkr4r9cS0iTmEb7
-PVvOdGVLsmRuFfg4niNwihr631YVEeoNmVfQtTRTgZ1g+6j2Whj3sp3wIbG7Ac0W
-MpOsw8yhgYkDgYYABAHP3BDHmfXHnLaTCmX7o1F0jgdWeZPl5BDvTKzEzYoleEmR
-60Z05BBQ+TDHGQrIErkkX0inlztlja9AiCL+W4X2aAGA2d38mvd7nEpvAqg02xXl
-NeCzhFsszjA4gwG1HOy+MnYwfvQ5tcnmpy3C2U2Hm8OVBS27SleH0G77KAIQ+4vg
-Nw==
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNisCbUlyBmDPak9Wm+
+mN+hCMjroII0rpqH88iLbGWTS5loFTIqFvmqvtEzF793Jb6lgI6hbANqAAQAD1KS
+U5TLUrwzDgY5DAwKLhDtl5cUn7zIjYD7yuwXPiSgXa75hAHV5H87dlvtu4JGMShW
+AT2ZwXEIBdX8fbclmsnhNLQR0A1z+wdi49IRzcVr9/cUUS0EpjDIcyVR7nNCh0ds
+9RHoNg==
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C8-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C24-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBz9wQx5n1x5y2kwpl+6NRdI4HVnmT
-5eQQ70ysxM2KJXhJketGdOQQUPkwxxkKyBK5JF9Ip5c7ZY2vQIgi/luF9mgBgNnd
-/Jr3e5xKbwKoNNsV5TXgs4RbLM4wOIMBtRzsvjJ2MH70ObXJ5qctwtlNh5vDlQUt
-u0pXh9Bu+ygCEPuL4Dc=
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAA9SklOUy1K8Mw4GOQwMCi4Q7ZeXFJ+8
+yI2A+8rsFz4koF2u+YQB1eR/O3Zb7buCRjEoVgE9mcFxCAXV/H23JZrJ4TS0EdAN
+c/sHYuPSEc3Fa/f3FFEtBKYwyHMlUe5zQodHbPUR6DY=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C8:KAS-ECC-CDH_P-521_C8-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-409_C24:KAS-ECC-CDH_K-409_C24-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C8-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-409_C24-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAhBX1u9Du44fWwJ0O+KyvKcZttF1r
-oQGGCuRdPGDh4OP3JHpGJqYP3UBJZcNWbHn2RJ6FbOC/lGGfl9qNokvSz7YA/dfF
-nFjDYbxQp6XQ029yOxfE8q0rA8JNQtxQ90qMRloK/EaD8Q+rhGUt/p6SjCYmtUVk
-U+FXP/YL4VB0Z9Qx+7I=
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAKpOuJhEPM4+0sBy2Fh3WsIhwk4z7Kbz
+FXlmNUS7M6SgaKhtE/FntlMExffyX4lfZbL0KACDze0wIRtm8a3xcxi23lDXckwF
+hJleBotyRwOuCO1xoyszSYensx1sJjcVKRcyfTeszTM=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C8
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C8-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-409_C24
+PeerKey=KAS-ECC-CDH_K-409_C24-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0105a346988b92ed8c7a25ce4d79d21bc86cfcc7f99c6cd19dbb4a39f48ab943b79e4f0647348da0b80bd864b85c6b8d92536d6aa544dc7537a00c858f8b66319e25
+SharedSecret=01c9cc05d19f96c4d233039cfbc43ab68d657bb507f46a353091fe98fc0f422a8e7593c195d326977a2be6bbd2cb44eb1fe81650
 
-PrivateKey=KAS-ECC-CDH_P-521_C9
+PrivateKey=KAS-ECC-CDH_K-571_C0
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBGU0e5hP1Nmy8RLUE
-0hoM9nFeIJzTWPLdXz5xzA1n0OlkFoxCoITr2nRvmGOoa6z/yBnx7fG4xyfM+zBH
-JApXxDWhgYkDgYYABAFr0VyKWNNm9/Ky8pjMh7dIXp7nDRHRJEi4N3wKgsdib2ev
-9/l756NUa/QX7u3fdak8EwGRyEEIBC6i/KF/0/gNFAFWBQLQS3T84XQ6q0d6nR6s
-k+UiaYH9uXp0eM5M5Wb/ckOTEoT62FCwwryuDd0tl3kBYMGi53w+1slezES4niY3
-/A==
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAXPNFjHhjs4Btzs1
+cv+qdJXEvIH0B4rlDWnLHjOKzxNGkRcRKSEWbd8tKfOp+OEMZ+iMmpkgOoNFZb52
+rFkSZDZzmmr6ApzFoYGVA4GSAAQD+/u8+6YJFX9oojEm2AX3x177Gb77WV46l14I
+/0a9NMi4e5ZFwOhuoK2RVGXVyFbGm7m3IrDRe/l62VxGAt6hfGtRIFTLItgHHBbf
+ceG3G0vT2ZOIJ9OVkJO52x/4a+1zlEpC3LZ8wzEC4owdDpgEpkUGVvS/M61y7Pe7
+g70oLN5LwV1OSAZKqK0vApefXz8=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C9-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C0-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBa9FciljTZvfysvKYzIe3SF6e5w0R
-0SRIuDd8CoLHYm9nr/f5e+ejVGv0F+7t33WpPBMBkchBCAQuovyhf9P4DRQBVgUC
-0Et0/OF0OqtHep0erJPlImmB/bl6dHjOTOVm/3JDkxKE+thQsMK8rg3dLZd5AWDB
-oud8PtbJXsxEuJ4mN/w=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQD+/u8+6YJFX9oojEm2AX3x177Gb77
+WV46l14I/0a9NMi4e5ZFwOhuoK2RVGXVyFbGm7m3IrDRe/l62VxGAt6hfGtRIFTL
+ItgHHBbfceG3G0vT2ZOIJ9OVkJO52x/4a+1zlEpC3LZ8wzEC4owdDpgEpkUGVvS/
+M61y7Pe7g70oLN5LwV1OSAZKqK0vApefXz8=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C9:KAS-ECC-CDH_P-521_C9-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C0:KAS-ECC-CDH_K-571_C0-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C9-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C0-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBxyHuqAWly6KfNLpXWHdb4M9hYObA
-hyP1qxe/lqH/K9lCeWGk80sH/AsUyksr9oRd69WoafEk6/p6py/lZQULfxgAtuie
-sOHc8YEjb3xUj9GowWsli1LBqb/T/o8ihBsmdjJl8HTEzPLWNK6XtwGVb2ehEAbF
-LZcZfZL1hfV0i8JnLus=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDEGpcHZI6CZDqjGAIw2w2a1PlYiuY
+RkBEdB+8eEAoTbi79gKGbDDMv1+bflnMHZv8xblw+mJNqbFfbLM29d2n5rmSTV3O
+RUMAXFx7vVp4msTGKD3rDQ03xIUrqlfWvCsKxjN/6wlwTETRs4W3DMOU+iNdg+bn
+EReH5X0JAsDLEyoZCm5i85hRHAwsTNUNRXA=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C9
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C9-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C0
+PeerKey=KAS-ECC-CDH_K-571_C0-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=004531b3d2c6cd12f21604c8610e6723dbf4daf80b5a459d6ba5814397d1c1f7a21d7c114be964e27376aaebe3a7bc3d6af7a7f8c7befb611afe487ff032921f750f
+SharedSecret=003198a6b5d6cce847e24348a6a6ceff7a89ed3794d7acedc4e858c80ad04a74dbc02c7038e05ab26b2a299ec92ee0d2c7e66a81872a5157fbc5d4d37ad598d6ddee995ed28a2d74
 
-PrivateKey=KAS-ECC-CDH_P-521_C10
+PrivateKey=KAS-ECC-CDH_K-571_C1
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIB/ZDj5BbpiqPytq+n
-8782jkUa2cpb1UtbFK7i7Wcj3eUYH1CFtoFpsJ++xyE3LM9rKEcT+aY1a41WCo/3
-jKNzfIihgYkDgYYABAHr6hsQ0+O5cbfvtp/IeN4Rx/Ry5OTThMMbjWKI2AcVF6yt
-6bOXlsevUWO89xrtp3dTPzgsbPCk2bu5OMhfRLeANwFrDj4ZwplrLL0f9kcw58qQ
-7coZhPmylRMzU15XSLqjSpn2H/TV+BIHng8B6HeJ8079rYCYAV7nSk+EbdGQ0W3G
-4Q==
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAJN+2zqilWPSJIWR
+yftEiYUJX5E6dFgxVZPPzofmj7DxpSW3MQoQEXbjTUXBAEU4lU4gRFQ4F8qw1WPf
+bLDV6GF7u6FQ51XhoYGVA4GSAAQCNjzFYksG3xlWvvpZfUx1fMKxABo+FUTSRAgp
+D2lId0VbqS5WCIRi8P+svTk8+DW1a3BGoV1Lck3Gw1c8sVbA3ymKqLElXLgECfdz
+uY1e3Cc02DWVMoG4KsDhXZAtiHp8a6dWKaN2cbEB0Y3f3EGT2YsYVRQUxJFzAEUw
+95dtJ8Jzpz3buJj8tfrenAu3iD8=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C10-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C1-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQB6+obENPjuXG377afyHjeEcf0cuTk
-04TDG41iiNgHFResremzl5bHr1FjvPca7ad3Uz84LGzwpNm7uTjIX0S3gDcBaw4+
-GcKZayy9H/ZHMOfKkO3KGYT5spUTM1NeV0i6o0qZ9h/01fgSB54PAeh3ifNO/a2A
-mAFe50pPhG3RkNFtxuE=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQCNjzFYksG3xlWvvpZfUx1fMKxABo+
+FUTSRAgpD2lId0VbqS5WCIRi8P+svTk8+DW1a3BGoV1Lck3Gw1c8sVbA3ymKqLEl
+XLgECfdzuY1e3Cc02DWVMoG4KsDhXZAtiHp8a6dWKaN2cbEB0Y3f3EGT2YsYVRQU
+xJFzAEUw95dtJ8Jzpz3buJj8tfrenAu3iD8=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C10:KAS-ECC-CDH_P-521_C10-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C1:KAS-ECC-CDH_K-571_C1-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C10-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C1-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBw1gj5ECpNjq5jZ/Hp7wMBTLceXen
-kWVZm/GpzGTAD7OHtCzKNlKG6EMDYL+tNkO8MTVO2lDck2wyns22CQXED8sA2ef0
-M1MeRN9PbVFCAcuquwa63WeD4BERcm2BVTHSM8XNtyKJP/uyAnJZ1ZTed0OICXOB
-IMb3g5NPkmw/tptAxAk=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQCESI8S3KbIGvgH4CFqZfh3eXNsnwE
+iSWic2m8ymo+L7/GVjfx7OsTO+dJZ5oXsc5Ygh9GvRhEqJzwBCyAQ8sQXgGj/JSN
+JmMCsewubiwjdbRksKUCxQU7WzSL0IF4xyxgMQXQRoGWpGldwmfW4QnxsSdEU7bv
+8U3fN4OWnoglZI3rwhav/5JY9kTXfs2ZEc8=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C10
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C10-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C1
+PeerKey=KAS-ECC-CDH_K-571_C1-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0100c8935969077bae0ba89ef0df8161d975ec5870ac811ae7e65ca5394efba4f0633d41bf79ea5e5b9496bbd7aae000b0594baa82ef8f244e6984ae87ae1ed124b7
+SharedSecret=00577147459262e5ad42f222827f20ed574b2118924205bcdbd339ce20cfb085d072fd70f4ca1f5768fafaeb5710f7ccbea4fc2ae5377b0cff20a889a2201739139bf788a9bf2d7d
 
-PrivateKey=KAS-ECC-CDH_P-521_C11
+PrivateKey=KAS-ECC-CDH_K-571_C2
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAkBLs/a3IXO1jCv6l
-NM3I6dGri+XzdT3PXysJtA7aZvxoWFSbw25vjfVZmM+poHA67PbEJ5nCRQEQZPUw
-wJ25g2mhgYkDgYYABAAjTjK+CpBxMdLRKKZHfgys64bwJHl0Xg/iRcszLeYxwHiH
-EWBILu71hOJ033+kEs6j4ekfcey6h4HZIF1IOGNBrQHPhkVbCbHABc/7qNdiiaN1
-lijIdL7qRi9R8wvVgeOAMTQwfe27dxszNO4Vvi4kLNecNAfS9Yk1RWxpQd2bbRVa
-Rg==
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIADQJmwdz8CHuDT3R
+hccEtRWKlDKNqgl2j61YBN8dovwGcZDPECjDAje/KkjaE6uuNaJcPmOH05k/m1aD
+Bbi/CBj/Un3YIF30oYGVA4GSAAQGdNzE91XET9q9wHhIgQe7ZKRgupMsfhhUhMzS
+f6hwAxEH6ZVSBLBjC5tNNgjZqpMdfHZswuRYeOttjNlr33EbL+i0e40jPtUF2Wvm
+t+K6dMgDKvGcovKznS/U6MibFWtrJcLqT3H3SgLKfaKkY6zXYF1TUP0WqckFJTTn
+6B1kjkBgorAcRZwmDLZWfaH8UxQ=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C11-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C2-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAI04yvgqQcTHS0SimR34MrOuG8CR5
-dF4P4kXLMy3mMcB4hxFgSC7u9YTidN9/pBLOo+HpH3HsuoeB2SBdSDhjQa0Bz4ZF
-WwmxwAXP+6jXYomjdZYoyHS+6kYvUfML1YHjgDE0MH3tu3cbMzTuFb4uJCzXnDQH
-0vWJNUVsaUHdm20VWkY=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGdNzE91XET9q9wHhIgQe7ZKRgupMs
+fhhUhMzSf6hwAxEH6ZVSBLBjC5tNNgjZqpMdfHZswuRYeOttjNlr33EbL+i0e40j
+PtUF2Wvmt+K6dMgDKvGcovKznS/U6MibFWtrJcLqT3H3SgLKfaKkY6zXYF1TUP0W
+qckFJTTn6B1kjkBgorAcRZwmDLZWfaH8UxQ=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C11:KAS-ECC-CDH_P-521_C11-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C2:KAS-ECC-CDH_K-571_C2-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C11-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C2-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQACTBX+4YvKtLoLlgbrrMyTnsylG8r
-qEWpvu7YfWmV9UkY7GYZuZMZVdWonU10rfEEa7NiGS8u9r0+PS0E3R+HBUoAqj+y
-RIM19pTjzaSuDMcbGy8qIG+oAtcmLxmYPERnT+FTJ6yqwfpAQkw5WmVWy4FnMSUn
-+uWGXs/8FLvcF9p4zc8=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQATUi+WZ67HtYCRy16h/TNIID0TsKI
+Vf7MOpzd4lVReHq9J8wdp+d4F+lMnAKJwAWg4247z7DTgejMloS2990FF38W9j+H
+IcoGLPca8KL441xNf5MSvTSoRqOA9j8NxylMGIdxAzV+INHw7v8xKpk96yoez8gK
+6galtx5Pi5zvrrzTJiaRkGT4ivQW2G4+evM=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C11
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C11-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C2
+PeerKey=KAS-ECC-CDH_K-571_C2-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=017f36af19303841d13a389d95ec0b801c7f9a679a823146c75c17bc44256e9ad422a4f8b31f14647b2c7d317b933f7c2946c4b8abd1d56d620fab1b5ff1a3adc71f
+SharedSecret=014662b261d0bc2168642bfa4f80c4b3fe8176f604ad3703f443ec7aaa3dcf3c5465b869a8fcea60b8f55ce7118806c5d28a04848bd961db0061209b59bc02979acce9324d7c0c31
 
-PrivateKey=KAS-ECC-CDH_P-521_C12
+PrivateKey=KAS-ECC-CDH_K-571_C3
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBtf+Ef47/ILiM+tQs
-BuWMN0Ly+PH9/WS1ObpIwlkmkmvV4zK0VknAsYT3clXp1Y/or6Gm2Wjiyx1GN3dx
-IMdlwSihgYkDgYYABAHePckmO8jElp3GhL4O7FS+/ZqfPboZTYZYp4k0G/DXjYTa
-ZzUifK+vCTUZUWkRl1c8jDYKEeUoVxK4u99ayRuXfACBLeWM0JXsLlqbJH6z7UHY
-vvaurOGUp6BbZapdKJ+8mxdw7IS7a+DCxkzDfB1Up/XXE3eprb4g8m9vK1RKgh6o
-MQ==
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIABVHQ433b8teKuaS
+WEW7+wO0++glVhbsf72XtI8RJpIhn08SdebSRT1bzzusQQbwFhuBGfSH2ItfjI4I
+s6oXuD/gEQLXY5LToYGVA4GSAAQEJ+LcEe5SI72cPZQYx5EUaC+R3aBufYjDOafl
+bg37Y2tuY/3oo4EUbstwXKIC0rc99AhFF2PFFmBmqX/05PMvC0zJQjRLCy0HYMij
+iOLuon72g4x9RQUuOMvuIJbL6J93R3QTQHZljfkMYsfcDj/emV16mQkJkwCatsU1
+Z329s3bxg+tQktLLaog3tr6jXc0=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C12-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C3-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQB3j3JJjvIxJadxoS+DuxUvv2anz26
-GU2GWKeJNBvw142E2mc1Inyvrwk1GVFpEZdXPIw2ChHlKFcSuLvfWskbl3wAgS3l
-jNCV7C5amyR+s+1B2L72rqzhlKegW2WqXSifvJsXcOyEu2vgwsZMw3wdVKf11xN3
-qa2+IPJvbytUSoIeqDE=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQEJ+LcEe5SI72cPZQYx5EUaC+R3aBu
+fYjDOaflbg37Y2tuY/3oo4EUbstwXKIC0rc99AhFF2PFFmBmqX/05PMvC0zJQjRL
+Cy0HYMijiOLuon72g4x9RQUuOMvuIJbL6J93R3QTQHZljfkMYsfcDj/emV16mQkJ
+kwCatsU1Z329s3bxg+tQktLLaog3tr6jXc0=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C12:KAS-ECC-CDH_P-521_C12-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C3:KAS-ECC-CDH_K-571_C3-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C12-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C3-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAgxku0LHLMfdYF3lJN/Zq2Rz3RVLN
-UQztuf1kExBCKvXQnyIcrSSe6BTRbdeshN7Z6s3Cg0D8/JwMBqvjCi/CjNgAIhLt
-hoyboPsskeLDm6k5lqPk6/RfKFLQkoxIkw6HXMe0KNDn8/TVA+XWDGjLSbE8JIDN
-SGvtkgDK3a3f5P+ONWI=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGvyUuYsmWkXGpcXZx2g9wMulSCkl+
+yDH03HdqyH4BlK+ZVGxB0IBI6gbakjXPE2nD6lPmuMu3p/1CljVFSNRO30Y/d600
+GwIClNX35zbc2JkBmOTg8LOYuKxqh3ZK9gFZYjSi4WLJxmfkfrPZh++66wO142ma
+OO+VPHT7KP19ik7Fo2MZzMRKGaqIIB3ay/g=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C12
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C12-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C3
+PeerKey=KAS-ECC-CDH_K-571_C3-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00062f9fc29ae1a68b2ee0dcf956cbd38c88ae5f645eaa546b00ebe87a7260bf724be20d34b9d02076655c933d056b21e304c24ddb1dedf1dd76de611fc4a2340336
+SharedSecret=051ec4db0622b7b1c798366453c70f959376ea3942aed2e931ff62a4019eb12ba5ff119214c8bfd8bdb66e62b562400f2d3d48a84b1b3baad3667f735ad4d0f183bdb91aaedcf1f1
 
-PrivateKey=KAS-ECC-CDH_P-521_C13
+PrivateKey=KAS-ECC-CDH_K-571_C4
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBGmNH1OgByRkjSINU
-zFM+fjX934H/D7f1a7Bybgwp7l3NxfOUulTPVyaQSKq24FWJXI2iS4sGOadCMUOQ
-zAQZDtahgYkDgYYABAD+MCZ/M7pc3vwly7PJMg2tnMsdfTdmRGIMpPre5WJqPO3i
-WtJUYk3vcnpwSPcUX3YWKqmAQvmxI7IHb46M9Zs/3wARRdxmMZU7bilF6UMB1suw
-mP5LBPfumwlBHfEE3ILX157EagHtDy0+fbbraAaUvesQfBB4rsbKvZ6+49NC/n5U
-3w==
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAMe0JSypsZLF/qqa
+IQ/YTi5IMgJx8Q9n6p6zCw3oCG1Z2uBCWf0SsIbYkOItRdJ9fIRV3Petp5bjXjox
+ODQsxza8PtN4HEEZoYGVA4GSAAQDJWI4OOixjYG2gGBzQlTrArjrsiZFVvyYUMNt
+MDVEmqdk81Hbr3u8qbmtsR8nzIihrG+3GqEO+NDQk5Kwyn6qelzBQHjMGLsAmPx2
+VtneOlGSPbopDsvkE++NlR8k6SSMtVIwn5cSf7lCns9t0Htt6JTharYOM7TucwJM
+y+hm3l4X8bR43HcnobtCNxggsS0=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C13-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C4-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQA/jAmfzO6XN78JcuzyTINrZzLHX03
-ZkRiDKT63uViajzt4lrSVGJN73J6cEj3FF92FiqpgEL5sSOyB2+OjPWbP98AEUXc
-ZjGVO24pRelDAdbLsJj+SwT37psJQR3xBNyC19eexGoB7Q8tPn2262gGlL3rEHwQ
-eK7Gyr2evuPTQv5+VN8=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDJWI4OOixjYG2gGBzQlTrArjrsiZF
+VvyYUMNtMDVEmqdk81Hbr3u8qbmtsR8nzIihrG+3GqEO+NDQk5Kwyn6qelzBQHjM
+GLsAmPx2VtneOlGSPbopDsvkE++NlR8k6SSMtVIwn5cSf7lCns9t0Htt6JTharYO
+M7TucwJMy+hm3l4X8bR43HcnobtCNxggsS0=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C13:KAS-ECC-CDH_P-521_C13-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C4:KAS-ECC-CDH_K-571_C4-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C13-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C4-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBqJtjapPl0rpsIpK/IwM6hPBqOsEi
-DqcegGr74JeoBMxn6bqlFM+2wSyRlL4wISv3quf99tN2whLwVU5lZGP/q34Bgu/K
-9w/EEtM2YC4BTaRyVqC2BvKt3M6AU7+Beshla7TkLxTIy/Kmj0iKs13N9kBWJx3u
-H2BqRAukvU5aEbi45U8=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQFcB5jsBwWxOsZk4JluhNMrHMWJ44v
+HrQKBHdUSL3tl+ejfQH+2KTgtD/026IaR3WczUW/lnHdIu7GW0r/i424nf4+SQwK
+ydYC3Ze2QVruKwHP6zzSoDV4q/7Zyoe+mibYmVlah7y9lydI+moL5OtVfmnG0o4r
+uhWA3HTidR18zZGMRrS+aHWk5MKQ2VnCPBI=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C13
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C13-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C4
+PeerKey=KAS-ECC-CDH_K-571_C4-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0128ab09bfec5406799e610f772ba17e892249fa8e0e7b18a04b9197034b250b48294f1867fb9641518f92766066a07a8b917b0e76879e1011e51ccbd9f540c54d4f
+SharedSecret=05b355eb5c47d8027b6c5301d2463b99c636db207792e2975ab1a53c1cbb131280288432a79a3b47271d6a2bd777298baf8a675f66be9dc72c3588d299df8b52e7840322b43c2071
 
-PrivateKey=KAS-ECC-CDH_P-521_C14
+PrivateKey=KAS-ECC-CDH_K-571_C5
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAIrbSoi1x36qBHS2f
-nzH77Sfy4fPSOVON3z5MyMOaMwJm2yW3vAqXBPF73n81kr9fHy1LVgE6rMPY0bwC
-8A0xRsyhgYkDgYYABAC6OM+/n9JRij9h1DVJ56am0osr5X/9Pg+s62NrNO0X4ESp
-8kna6PwTLpN+LZNJzS7Xe7EEnOtpKi7FsXrWFQKmTAAeyR0wWFc/psBWSgKhoBAW
-DDE7x8c1ENyYPlRhaCtb4A285+LGgq1z8pyoIs3BEfaPq+M6ezhKZINCw8258FC8
-2w==
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAGbMUZgNOFG0iMLB
+gUlsg1BfuVex7EqE3x4QXjDQAry5eLbQvcO3ZE7T37wzymv+Q2LNjMVBdAsN6M8u
+3M5FkuNPoRrCbskioYGVA4GSAAQHcfop5ZMNbf0206nnFZZ1/SPQteH9muZFSsqe
+gSfx5+P1MitcFrCVVzsyZtCPDcMwQ/+z17COTgUu0/A0mjKQJepv8+FmhUcCL5lP
+mXRpLbtuWMx65fkGUu4jHgo5YVadxkbRFFIqN3dBDBs1LWaAefgAELtUDkwoQIZl
+gQ/mH9YOcNMMaI6rj94ENk3uXJs=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C14-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C5-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAujjPv5/SUYo/YdQ1SeemptKLK+V/
-/T4PrOtjazTtF+BEqfJJ2uj8Ey6Tfi2TSc0u13uxBJzraSouxbF61hUCpkwAHskd
-MFhXP6bAVkoCoaAQFgwxO8fHNRDcmD5UYWgrW+ANvOfixoKtc/KcqCLNwRH2j6vj
-Ons4SmSDQsPNufBQvNs=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHcfop5ZMNbf0206nnFZZ1/SPQteH9
+muZFSsqegSfx5+P1MitcFrCVVzsyZtCPDcMwQ/+z17COTgUu0/A0mjKQJepv8+Fm
+hUcCL5lPmXRpLbtuWMx65fkGUu4jHgo5YVadxkbRFFIqN3dBDBs1LWaAefgAELtU
+DkwoQIZlgQ/mH9YOcNMMaI6rj94ENk3uXJs=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C14:KAS-ECC-CDH_P-521_C14-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C5:KAS-ECC-CDH_K-571_C5-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C14-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C5-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBcgCz8Wpoy67Sv3i6jN37bP+sJiu6
-APvCX53HKgfOWTcpBImfNkxEyyZMCXtkfUQSvuPlGYktU02RKfiij3UA/ucAurqN
-ZypPSjtj3ki5b1bhjfXWj31w1RCYM/Q3cNZzLgazmtYNk+W0Pbh4nx7Aq6RyhqOe
-pYQjWs6nV9vxPVO1g2Q=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDL6GBb9IxfBa1sZol1G+l5FqxXuny
+sdEnTCoGAjmU2zCfrVb2CzzlfzLfx9BFqEt9gFIyvjTH51lRTDCiUge6gAIVsgYP
+BMIEFGlZPVdIByuayP3gIwlSibzfZasb/AhW+D6a4GyJcwO9FvXkWCPWX+yDEP1D
+MrZc/0enma9PfIY44tf4WUjEPxBTTJgMy2I=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C14
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C14-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C5
+PeerKey=KAS-ECC-CDH_K-571_C5-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0101e462e9d9159968f6440e956f11dcf2227ae4aea81667122b6af9239a291eb5d6cf5a4087f358525fcacfa46bb2db01a75af1ba519b2d31da33eda87a9d565748
+SharedSecret=052bd78bf1326c6d91840a351d4874d36b147139882356c595b8607f9998773092a99adf70adeed19e122d4d2fec16285f000161145135d96355cba039a96335e7716724c249f88b
 
-PrivateKey=KAS-ECC-CDH_P-521_C15
+PrivateKey=KAS-ECC-CDH_K-571_C6
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAW6z/8mis9lU8PFg7
-Rk6jah014rJXpdSes0GdWglQh8L7TRXPW/WvgW0PP/dYZJDM093BqYs5zmN0nGKI
-zg29rH2hgYkDgYYABAA25IjadYFHKp2OYoxY1q1ycxG35qP2rjOoVE80sJKAJJAg
-vnGWkW+v2Q4uxUtmtUaNI2G5m1b6ANesN6u4xvFmUwEe25+4rbakP09fX9wUIcn+
-BPyLpGybZjNOOvknyL77QwcQTymazsTjD4Etk0XJcg0Zhp2//9TKPn0nE+tfw/Qm
-FQ==
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAZkNFfosyQ54PUMi
+AXhLq1a20p0fJmWnbNAT65b2MA7Y92K3ilWWrH6MHnYWfxB8IEQ7GscyEB6fCsoS
+VRpTbRUt8rPbDyDeoYGVA4GSAAQHbD1y8OcV8kkbydmSeKjvPDkLOpbpmXs35be9
+il8Hr2j44O44krY/8RKnOoSfDoSngtT7Qm618vFa2szp5UdqbazPOn+popEFQKdj
+gjWZ4MhgJ7rMjLsw46JGcnb8T35f1O04XfxviD/te8pp3yGgZotV69KS2o/WNWo+
+xc0cdiwBRzqgZwBMrO2tVk/gaRA=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C15-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C6-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQANuSI2nWBRyqdjmKMWNatcnMRt+aj
-9q4zqFRPNLCSgCSQIL5xlpFvr9kOLsVLZrVGjSNhuZtW+gDXrDeruMbxZlMBHtuf
-uK22pD9PX1/cFCHJ/gT8i6Rsm2YzTjr5J8i++0MHEE8pms7E4w+BLZNFyXINGYad
-v//Uyj59JxPrX8P0JhU=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHbD1y8OcV8kkbydmSeKjvPDkLOpbp
+mXs35be9il8Hr2j44O44krY/8RKnOoSfDoSngtT7Qm618vFa2szp5UdqbazPOn+p
+opEFQKdjgjWZ4MhgJ7rMjLsw46JGcnb8T35f1O04XfxviD/te8pp3yGgZotV69KS
+2o/WNWo+xc0cdiwBRzqgZwBMrO2tVk/gaRA=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C15:KAS-ECC-CDH_P-521_C15-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C6:KAS-ECC-CDH_K-571_C6-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C15-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C6-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQATv1dvS+Xnjgxzpj4I1XWyhSldXhC
-h1iCmQq4Wrm3NS3WubL06poelcOIDWXR82AvnKZT3DRvrIWGWNdWJvTU+wgAYc8V
-29qn8xWJyYQANz2ihFBtcMifB07SYqnigUB5a3I2wu75kBYIXnFVL/SIxytzOf77
-eRXDhFnLIKuFrsTkUFI=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQD5j3UyYwVE2HJkCt2OuMvLW3nWVP6
+PWg4wdYT1Ej8pzvzAtMCEqltMrlUnhfFzzlcVlGR9qItrE2nweGp2brobr+3LILq
+GZoEFgmrnBLBXlEnAF6+/2/R9ztpEu0HCvh/X/wh35A93h1xVYLdL2mQQCAARc26
+ns11isTQhNTI14IZ9vrZTTQa132szau1Sis=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C15
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C15-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C6
+PeerKey=KAS-ECC-CDH_K-571_C6-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0141d6a4b719ab67eaf04a92c0a41e2dda78f4354fb90bdc35202cc7699b9b04d49616f82255debf7bbec045ae58f982a66905fcfae69d689785e38c868eb4a27e7b
+SharedSecret=0226c28e5a6bc735935f9df2c1b02d096d4dee41ffb95a67905aab8de1b2d8c66e2bb471293091438d3f05df7e48003e58a958b72f839f7f2e2c54287fa3cadcd41a2542ae4ec03a
 
-PrivateKey=KAS-ECC-CDH_P-521_C16
+PrivateKey=KAS-ECC-CDH_K-571_C7
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAjiyTxUI4diI6Y3yt
-NnyFidppotD8aGEvMZI65QIZ3yRS58ySYVtn8XtX/9L1KxkVS7QNdxUzZCD94uif
-7iRPWdyhgYkDgYYABAD6OzURjWxCJXD3JKJvkLKDOxkjkXTOoIHFMTP2TbYNaUDq
-EmEpnATB9Fh82wxMOWFkecG7DBRnmaEYAy3PmPiZwABp8EAikAYVH6MrUfZ5yIFv
-fBdQa0A4Cdx3zViirsQw2U0TtskW3pnzVapF/PvGhT1obHG+SWoGfSS/rqSBj8Uf
-dQ==
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIACsJN+cx9Z3d3w6U
++6krsabOuBnnZZvPbt1LSvScLvJcW2A5JW+Sg2PhhASxZT05mAVMLCWj+DoMVUih
+OePmoYB1Z0bNNO4poYGVA4GSAAQCcMTADeJwkBDHzwR6DOabh/QdykjTW3H7pLJY
+iG1zrkLe+4ZTlRwb0+tM4OYXWpRsZ6+md1NHXFH9UlsP2fWiba/KMZ+qXhUGaAu9
+woFQX10/vil0SpmeB/9hJXaZP2+L4xE9se5s8jeZhnu8gKFAN2qbYydFH5i/j9Hb
+RvnZzAXohwTVcS1FZ+HfQNOeme8=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C16-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C7-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQA+js1EY1sQiVw9ySib5CygzsZI5F0
-zqCBxTEz9k22DWlA6hJhKZwEwfRYfNsMTDlhZHnBuwwUZ5mhGAMtz5j4mcAAafBA
-IpAGFR+jK1H2eciBb3wXUGtAOAncd81Yoq7EMNlNE7bJFt6Z81WqRfz7xoU9aGxx
-vklqBn0kv66kgY/FH3U=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQCcMTADeJwkBDHzwR6DOabh/QdykjT
+W3H7pLJYiG1zrkLe+4ZTlRwb0+tM4OYXWpRsZ6+md1NHXFH9UlsP2fWiba/KMZ+q
+XhUGaAu9woFQX10/vil0SpmeB/9hJXaZP2+L4xE9se5s8jeZhnu8gKFAN2qbYydF
+H5i/j9HbRvnZzAXohwTVcS1FZ+HfQNOeme8=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C16:KAS-ECC-CDH_P-521_C16-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C7:KAS-ECC-CDH_K-571_C7-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C16-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C7-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBKYkd4M88+C6MLPG/kLspb+AKsIyk
-W7eJLg4ielBP3QXSOBpESLaK3/nEFTyH6st4Mw2L1SUV+fmgtY6F9Ea7ThAAnt1n
-lpbT0dDvMn8gA4MlP2QTaD2eT8yHuzXxEsLxEAmNFeVwHXzu5BYpH/X+2F5of3Jz
-iLmv4mpPb+7VYLIY5rs=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQG+Rp84Rupvy3h/gcPnchDu3F8MG2c
+Y7UHjSoRMj8gycDXt3Q9MR3azc9d0A9JixmWcseK4l5oZNYr3BaTXW+42tIILTZ2
+6/MEWTxbrRLD1lXGYRx8qXEfnjKij+5Us7gkOWKjxV1B8sGF5MWLeimY6XgCG5W3
+JGNdrMvX/DDSByB5e8KRNixVsCSssr3PPVk=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C16
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C16-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C7
+PeerKey=KAS-ECC-CDH_K-571_C7-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00345e26e0abb1aac12b75f3a9cf41efe1c336396dffa4a067a4c2cfeb878c68b2b045faa4e5b4e6fa4678f5b603c351903b14bf9a6a70c439257199a640890b61d1
+SharedSecret=051a3deb052d3e99bb6ab6c6b284db2c998e9bee543e02e57f1b13fe9fafbfe53a89658c58eb947dbd178aea2f6cb28e305c9867bd65bb26f71793f90c984ca11113e1a8dbc8f7d1
 
-PrivateKey=KAS-ECC-CDH_P-521_C17
+PrivateKey=KAS-ECC-CDH_K-571_C8
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIABNSdOdQNgRG/FtKM
-WTZVQyaxlzU+67z0dUU5O8jTqvmPFPW+cHS/s45syXuYl1QHTa3bMEX05M50Vmn9
-s+wNX6ihgYkDgYYABAEuwibQUM4Hx5s99NDwiR+fet9GLoyY28GioU9eU6P1rYlE
-M1h8xCmovp6h2E+jOxgDaQ2uBNpyGNMAJhV/yZXPUgBIN9+/NCb1e1x5MmkTCrua
-OPYYUyIRkxFU207rmu3ojlcpD4QuoPLqml90xiA6OSD+TjBfYRj2drFU4ddbnLXr
-iA==
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAc1Bz/diQCqDTn4K
+uQj8VJQPaXtQAipN/tjPCxPX4O5SP78z7paTiV+RjZThWwhGVdYbIpTKUcQSP+Xg
+ho6dDRysITjwV3oXoYGVA4GSAAQGEHl7vG2RMRgK5Uq2bmeAhJJYNpdBRw4HbPBe
+B4W7TnkAuQjTjY2rO5QnuVKt0g77dYz/gK62QcTd4e7aVQnzhtVlhVlgnO8GjSUV
+9CWg4wN1RzQvG2/5MXY/UFLlNupPeDd7XJQUWcjCIBSCr8882nOQ6eXTGUUYZMoD
+aDVBqyzXep2I/XphDKhF7lzT1Jg=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C17-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C8-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBLsIm0FDOB8ebPfTQ8Ikfn3rfRi6M
-mNvBoqFPXlOj9a2JRDNYfMQpqL6eodhPozsYA2kNrgTachjTACYVf8mVz1IASDff
-vzQm9XtceTJpEwq7mjj2GFMiEZMRVNtO65rt6I5XKQ+ELqDy6ppfdMYgOjkg/k4w
-X2EY9naxVOHXW5y164g=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGEHl7vG2RMRgK5Uq2bmeAhJJYNpdB
+Rw4HbPBeB4W7TnkAuQjTjY2rO5QnuVKt0g77dYz/gK62QcTd4e7aVQnzhtVlhVlg
+nO8GjSUV9CWg4wN1RzQvG2/5MXY/UFLlNupPeDd7XJQUWcjCIBSCr8882nOQ6eXT
+GUUYZMoDaDVBqyzXep2I/XphDKhF7lzT1Jg=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C17:KAS-ECC-CDH_P-521_C17-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C8:KAS-ECC-CDH_K-571_C8-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C17-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C8-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBo8ICQOWfW3o+F8J10jFLoXQSEK1Y
-txA2+Mg8wfaw9Anf3ZET6Utn7DnDKRQmwj/8xEcFRnDSkI/4/mfcIwYDTFwB0oJb
-/Tr4seEyBXgME3/pOPhP3kAYjmHqAs6tgbrf20JcKffX+wMk3rrcELu5PeaPYsNQ
-aSaCg/UmWGXbV6efe/c=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQFqyp/EKyJ+YxAlYCrwRrZDJM2Dmqy
+gpILWdMWyp8rI661CHbLG8vo7prmtVM/3NEa1PhtiRjWY4nah8mL8dYyO9CUfYCZ
+CDsGieGUcnZ5HcuVJxg+MqCAcrfgPcrRdf48/Xvu/ISNzvSDOAxgBUEThccCfJpS
+tgpuU3qHU4DSW8R8e/I2TdaKZvIdD1eGakI=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C17
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C17-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C8
+PeerKey=KAS-ECC-CDH_K-571_C8-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=006fe9de6fb8e672e7fd150fdc5e617fabb0d43906354ccfd224757c7276f7a1010091b17ed072074f8d10a5ec971eb35a5cb7076603b7bc38d432cbc059f80f9488
+SharedSecret=00697c751ddbca7034fb4d3fc1b2618daf78cdae464e8332d1215020c8f896f4864c7a6f2c61a363f730f58fd3bdb4f78a90b40aeb83b4fbc1d8d37cf6a27a6f722c68a82979fa16
 
-PrivateKey=KAS-ECC-CDH_P-521_C18
+PrivateKey=KAS-ECC-CDH_K-571_C9
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBGl0cx5zSv3PqEG8O
-YKWs4iCBO1Pie3OYZDNKB8AzZ+/aekYZ+m7vOpdGSSKDs8RFYQoCOpzEm/RZEUA4
-T8pci7WhgYkDgYYABADrB8czLu230wNgWdNffSKI1Dd9X0IzetOWQHn7EgzNTIvT
-hLWFYhBVIXAjrNmpT8s7llv7OUZ154it5Bod5z5iDABJGoNd4ubn3rfgkPShHyxG
-DAsfPV6U7o11EBTccgeE/TtUUAyG667xhCnwno6HbV0VOJaKAw13Fd3pnw2PBuKd
-WQ==
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAZ3/DXKosELE6S8d
+rnQHv0oQbNpWTbdQjlp2sDEwyR1eXLzy9XjC6d7kOEn5Edd3PUwmfigsJ3tzH4im
+7w7t3VIPV+dD6/lloYGVA4GSAAQFu2Cl/o47Fzz4QT6vQToyhqWnqjePIURsYQV2
+lgEnRtAtEKgx94XJyWVh/8atT57N9JN//9jmmECOZg/olvftRK9rO0LqhJ8Dfjo1
+5Iqma9hRxZ+FHUof8zTg5YnawwmGrNBtbrjOI28qlojyeKFNz+BmC1+g6X7Pzrv1
+tA09P1FQpVRay6YjnABBmsctwsw=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C18-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C9-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQA6wfHMy7tt9MDYFnTX30iiNQ3fV9C
-M3rTlkB5+xIMzUyL04S1hWIQVSFwI6zZqU/LO5Zb+zlGdeeIreQaHec+YgwASRqD
-XeLm59634JD0oR8sRgwLHz1elO6NdRAU3HIHhP07VFAMhuuu8YQp8J6Oh21dFTiW
-igMNdxXd6Z8NjwbinVk=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQFu2Cl/o47Fzz4QT6vQToyhqWnqjeP
+IURsYQV2lgEnRtAtEKgx94XJyWVh/8atT57N9JN//9jmmECOZg/olvftRK9rO0Lq
+hJ8Dfjo15Iqma9hRxZ+FHUof8zTg5YnawwmGrNBtbrjOI28qlojyeKFNz+BmC1+g
+6X7Pzrv1tA09P1FQpVRay6YjnABBmsctwsw=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C18:KAS-ECC-CDH_P-521_C18-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C9:KAS-ECC-CDH_K-571_C9-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C18-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C9-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAfi0Tjygy40Wuj/ZZV+QOXscWPwFr
-320koiQ9qmMdh4pKFng5kMciOCEw+eUfDBvW/1rJZ4Dki2j13slfQuYUS7UAsN5c
-iWeR9SiGsPCZE+JueN0LaXmPxN9tlePKcI7Ly8zhwYlfVWG7q6rjcunmfm4aO+YO
-GbRwzfZz7B/Dk9NCbiA=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQANAkcOsb8UpnfGPFi6veiB/wVQ6pJ
+jnJy4VqSdy9XdyIpBpRW4hnJwocr1TeDsPsTRfXoRnTENEEpoxQUa3Aw/HUZeiDF
+iKoEnjo/XuZYdeFAEImXBji4B9+XVopZlcj+L1Akc7g/WMVWxfIU7W8D747OAUAa
+ITS8BB9mki/MTjk44MbTAutCIAZ4qXE58pE=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C18
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C18-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C9
+PeerKey=KAS-ECC-CDH_K-571_C9-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01e4e759ecedce1013baf73e6fcc0b92451d03bdd50489b78871c333114990c9ba6a9b2fc7b1a2d9a1794c1b60d9279af6f146f0bbfb0683140403bfa4ccdb524a29
+SharedSecret=0322517da30e010aeaa2ec9bad2745d8e67f906294ecd6b1d16808be3837f79070d0e1bbbd617f4b8b031d3b51ea2acc59de408a130138c78571f8800fa907caf550d23323d1c818
 
-PrivateKey=KAS-ECC-CDH_P-521_C19
+PrivateKey=KAS-ECC-CDH_K-571_C10
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBDJCMrxvnTGFrYl/I
-wfUURGpq7IO1k3FB1q+7Cox2Zqd0b6H3pmZKISPozfbNi/g2xW08Dr3MmA5DoYb5
-OPOniuehgYkDgYYABAAxiQ9Mer7D9yM2IoXXfSY2+HaBfbO7yIsB53NZe5af9vAT
-6kcMhUq0p3OQBOuMvqabgt3zasrdQGhxeY7LKsOqfwDYtCmuMlAma5ZDwMdlpg3B
-AVW8JTHPhicpb0l4tmQKnmAOGdADfVhQP6gHmVRqgU10eKVQqpDl6+sFJSf6rq5d
-CA==
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAeFBbUKZJsq+pUe7
+J3ZxClL3EwOTCBAgMSs5Yhletu0XxtQ2vEaltHp6qs+PgRf+o8r6FmZcwYRbDslP
+r2h1ebHBFroYPoJfoYGVA4GSAAQGVmClhoihZYipwWuCcgQKMK/jFQYwZ2Aj/hZW
+ht+9pk/IWZXdwYycWwKb/71N/6j2KYnGOaaGI+yngAnLCI7hy0LEhVt50wIEksOG
+fxN78nh6erBWjTB5uNmh4LC6XSnQx7phbQuydyXaLKa8Z78IT6tSWZ7UKw70h0NC
+PLxvQTVpLDCa4mMMxKU5C+k/J0s=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C19-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C10-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAMYkPTHq+w/cjNiKF130mNvh2gX2z
-u8iLAedzWXuWn/bwE+pHDIVKtKdzkATrjL6mm4Ld82rK3UBocXmOyyrDqn8A2LQp
-rjJQJmuWQ8DHZaYNwQFVvCUxz4YnKW9JeLZkCp5gDhnQA31YUD+oB5lUaoFNdHil
-UKqQ5evrBSUn+q6uXQg=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGVmClhoihZYipwWuCcgQKMK/jFQYw
+Z2Aj/hZWht+9pk/IWZXdwYycWwKb/71N/6j2KYnGOaaGI+yngAnLCI7hy0LEhVt5
+0wIEksOGfxN78nh6erBWjTB5uNmh4LC6XSnQx7phbQuydyXaLKa8Z78IT6tSWZ7U
+Kw70h0NCPLxvQTVpLDCa4mMMxKU5C+k/J0s=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C19:KAS-ECC-CDH_P-521_C19-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C10:KAS-ECC-CDH_K-571_C10-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C19-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C10-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAEYw2AiIJsa+OutGhK1ZvxIdEV24R
-mf6A3hzfhRzfA+W5CRqPfgeeg7f4JyWbaR0MIu4p1r33Pse7/XRvLNl6NX0A2l/0
-kEVIo0Li57pqH07l+EBBGpbPY+b+Yi8iwT5hTgqEfBGhqz8dEsyFDDLglWFMqPfi
-chR3tIbp/0A3KXfD9lw=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQFe3xlvFHoe9rTfCtNrmf7AIznH9MH
+LkG3fFYtfEF0iHKiC++FF7pL6JY33emOK6GzsB9jlAcT4oI9jatopcx4Vh3hQIXk
+z4cAundDClVgCJ36xPaLTzSTejhN1ge8u1+rVnen+uCe0Hz63jmeh86f3ZOXxoGq
+M3jOO8grAH9t5PfLltrfVaTIc0o385pcLyU=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C19
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C19-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C10
+PeerKey=KAS-ECC-CDH_K-571_C10-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0163c9191d651039a5fe985a0eea1eba018a40ab1937fcd2b61220820ee8f2302e9799f6edfc3f5174f369d672d377ea8954a8d0c8b851e81a56fda95212a6578f0e
+SharedSecret=000911ec1cf82a22c849b401dfe56453a06f4af32644ea8b63135b68a979236d05968eeadca7f0cd339d295cc58967a7f38cfad6e947a71295733e42ca3c1ba9b4ff6195607bb530
 
-PrivateKey=KAS-ECC-CDH_P-521_C20
+PrivateKey=KAS-ECC-CDH_K-571_C11
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBs31rcojeZxNgQl0+
-WsHMshgVB52Nc0Mem3Sm8OeuAEo1dXWxGtZmQs6Ld1WT66nZi/Jcde8LTTogmLvG
-QfWaK3ehgYkDgYYABAAYml7jTefjWu/q7vkiDBgHG0wppMO9nZVEWL0+gqejTaNM
-/1V5uBAcBlsfL1J89FgVAeKO9WcYc+ZSZ3M9ADUgrwHrS8UKe01Fmdfj+nc9256y
-UsmzQihy5US991x79g9RZt3BHrCPp8MIItq67jc6tGjrLZIuSE4qUn//LruAS32a
-Nw==
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAZY2Pu8aDlvpfY92
+Af5A/0AQ9JSfAWkIqQbtXNrxIh06WTs6Rna+r9H6FLwPfFM7FwhvIH+cSEz8L7w9
+sr5BI6jobztJEczjoYGVA4GSAAQBsS44kU7gB1qIjW1hzcdXDFEdkKnjoOJzjDqZ
+gauauppsYUYLrQeaKEKaUgfSyAGvL9zto2ZEChFoZ2Xpunf3prxVAS1MlRAHDt5Y
+d2Zf1jatz9ByINdF7XrAqbAgIVn0UMn2wbg3GSpp7mrZVTJ+uc0yagWItZcj206P
+0lixHbiIpT6xTyvghRJogykFmJI=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C20-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C11-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAGJpe403n41rv6u75IgwYBxtMKaTD
-vZ2VRFi9PoKno02jTP9VebgQHAZbHy9SfPRYFQHijvVnGHPmUmdzPQA1IK8B60vF
-CntNRZnX4/p3PdueslLJs0IocuVEvfdce/YPUWbdwR6wj6fDCCLauu43OrRo6y2S
-LkhOKlJ//y67gEt9mjc=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQBsS44kU7gB1qIjW1hzcdXDFEdkKnj
+oOJzjDqZgauauppsYUYLrQeaKEKaUgfSyAGvL9zto2ZEChFoZ2Xpunf3prxVAS1M
+lRAHDt5Yd2Zf1jatz9ByINdF7XrAqbAgIVn0UMn2wbg3GSpp7mrZVTJ+uc0yagWI
+tZcj206P0lixHbiIpT6xTyvghRJogykFmJI=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C20:KAS-ECC-CDH_P-521_C20-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C11:KAS-ECC-CDH_K-571_C11-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C20-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C11-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBeA7f8cocA8++WT7cbASbyyhgKUqS
-w1VInZr7LnAgda3hyVOJWkViMKDN6QXeSj84Vz2/zM1nrW5+k/C1WB6Sal0ApUgZ
-YskWKWLn8OveyTaTXQ6qgT6CJtQNf2EZv9lAYCOAyGch5h2xgw9R4TnyEAALzsDY
-7dOeVNc6mhKflc1fqXk=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQG+nR37exfHnQogfjXsq9WN1ET6ZK3
+l/04frW1PDPGunI2QXssfm40YmfxuMbXhX1uCPmmDobeI9pLNoQk+wA/lrTIn10k
+SnQHPh/t9i6MgSg2IrU+ss2ye2TDwd142gyQ3Ww8d2rRRjAuQ6ulQTebyPO93C4Z
+/xXZZmTOLQnrb7WxOEioKzG0UtjoTaO4Uxg=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C20
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C20-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C11
+PeerKey=KAS-ECC-CDH_K-571_C11-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=015d613e267a36342e0d125cdad643d80d97ed0600afb9e6b9545c9e64a98cc6da7c5aaa3a8da0bdd9dd3b97e9788218a80abafc106ef065c8f1c4e1119ef58d298b
+SharedSecret=0724c979affb3ab8d307529759bae5fa67319d441851e5817fef014350e3014e068428c9dac395c5e7b9e5b8877457b3e4625ef49ede4ae3626755eefc3fb3cf09c23e8a5a9f8c25
 
-PrivateKey=KAS-ECC-CDH_P-521_C21
+PrivateKey=KAS-ECC-CDH_K-571_C12
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIA8mYax2L2DF//I75d
-lpzNTsb5jk5yYY0Svc25tBAhYjM3iMC65Z+RzfwXLHoWge5E2WqyE1puXzQV67zV
-UWWxr7ChgYkDgYYABACo4lppAtaHtHh83JTDZKx87MXElUg+02PcCqle4r1znExN
-RrFwBscosHY1DX1+VMaCL1L0cWKiUQmqq6aQyraW7AFo0vCP4Z5Nye56GVsDyff+
-Znb59SC2JwVXUE5yykOUosaRhiXhWsDFG4+VzVYBI2U/uOjubblh4sTGLMVOkuKi
-qQ==
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAKGaDt9Qg0f0QCzs
+vOEn3GQQsZZ9P4nms7oItIqtCM1speXRIozcxBocOA8q6QUtc9t1UOejwdhXBWyY
+lH9bLHHDPE7rwSEMoYGVA4GSAAQGKfcFWDCHCOaSmxrQ/jEoqK9/llkbR8uOosNF
+QSCm05PtmJ0TIxxmGWajeLln76ZNPAk46cC4sWyZ1zSb3Vni1EgE+P7h+0cGpeUP
+1QJNiVPjIkKCMlDpmMpgK1JZlAUSlzWodOgzs71z16ncU63qCSuo0kIH9epWV6KZ
+GbiKbWP9CpQ7Vt3kyEeEgbV3I+Q=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C21-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C12-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAqOJaaQLWh7R4fNyUw2SsfOzFxJVI
-PtNj3AqpXuK9c5xMTUaxcAbHKLB2NQ19flTGgi9S9HFiolEJqqumkMq2luwBaNLw
-j+GeTcnuehlbA8n3/mZ2+fUgticFV1BOcspDlKLGkYYl4VrAxRuPlc1WASNlP7jo
-7m25YeLExizFTpLioqk=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGKfcFWDCHCOaSmxrQ/jEoqK9/llkb
+R8uOosNFQSCm05PtmJ0TIxxmGWajeLln76ZNPAk46cC4sWyZ1zSb3Vni1EgE+P7h
++0cGpeUP1QJNiVPjIkKCMlDpmMpgK1JZlAUSlzWodOgzs71z16ncU63qCSuo0kIH
+9epWV6KZGbiKbWP9CpQ7Vt3kyEeEgbV3I+Q=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C21:KAS-ECC-CDH_P-521_C21-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C12:KAS-ECC-CDH_K-571_C12-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C21-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C12-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBbaz/oYPlMDCDozT3Zd5yTsXslAIC
-bUeXiEqYKKDTIajPrHSrc3/iCn1r78/HO2o1wcewHTc+MavBktSKQkGjWAMBHlMn
-ysItMF5xVuVZF24Zvufk8vWehvGp0LZgO2p98Qab3mOH/rcVh7j/zlsmbhuuht4p
-N4o05cdLZyTE1ApxmSM=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQBi7bL/L+67UaFZLNo8LCrw/vKR9zB
+nyyEa/ooc3DhuRL2tw4IUZ9XfwysMlt5/Wa2sjqh4q4mK80ueossLZjZ7XelTHKV
++Y0Fvpu9kXcrtCJmq6nIk+VmcM+2bK++RAHKLLV2W0aVBISFl8f0RumYFHRnhxWK
+g+v443loVzY6jgT4dCoJ1+yhY4bWD9fIWN8=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C21
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C21-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C12
+PeerKey=KAS-ECC-CDH_K-571_C12-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=014d6082a3b5ced1ab8ca265a8106f302146c4acb8c30bb14a4c991e3c82a9731288bdb91e0e85bda313912d06384fc44f2153fb13506fa9cf43c9aab5750988c943
+SharedSecret=005a526588a3a2ce08b20925e83987eb0a1e68f997102df7f9af83823ac8e06abbd29c04cb1f974ba9c9ac49b48b5af37679a39b532d359cdec3d41b3f80a1ee12c80276256b738d
 
-PrivateKey=KAS-ECC-CDH_P-521_C22
+PrivateKey=KAS-ECC-CDH_K-571_C13
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIA9DDKEmHwloGpKC6e
-lwqSNCJ7HV5Y1VjDzG7/RNG99T3hatXuKxi5LWL8eVhhFrDvwV95NA+36vXObEQ0
-Hc+N3iehgYkDgYYABABsHZteyofeH7hxoKMvgHxyWtzN6bOWdFOnE0fWCPDAMM0J
-4zjN7L9KAgFbyKbo0+JZX+dz/8L8TkpV0LGizAAyOwEUGyEJ5/SYHJUqqBiiufb1
-xB/szbenpFubS2cpN3cbAIyuX5NN/j/tENODqx84dpySzojZvlQUgX7LBzoxqzaM
-yw==
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAEysP8wAc0RCzdgO
+r4JEEsIOqe6wPUO5mdSd5hhzYCAgorPEeWX29FO5G3osHZPhOolURTPjWhIs/IYS
+yGkLabt6VXh1+WCyoYGVA4GSAAQD4hHDtJhpJ8Q4jRaAy0dw3ubHgmZyRYLGbMxQ
+xssoI5R01SH6zHIGr2uynM7XM+27wNILkmTOY9lDcYjj0xwOC8Pp+diEKeQDenxZ
+ASqC1ZzB4vD9T9dR5XN6y3fyoHmeCvOJlqteEQkKY5bMSA5vKqvY+tRGEWkeWCIR
+X9SdKgAMm0nR9JZOJNQ/u4H6h58=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C22-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C13-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAbB2bXsqH3h+4caCjL4B8clrczemz
-lnRTpxNH1gjwwDDNCeM4zey/SgIBW8im6NPiWV/nc//C/E5KVdCxoswAMjsBFBsh
-Cef0mByVKqgYorn29cQf7M23p6Rbm0tnKTd3GwCMrl+TTf4/7RDTg6sfOHacks6I
-2b5UFIF+ywc6Mas2jMs=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQD4hHDtJhpJ8Q4jRaAy0dw3ubHgmZy
+RYLGbMxQxssoI5R01SH6zHIGr2uynM7XM+27wNILkmTOY9lDcYjj0xwOC8Pp+diE
+KeQDenxZASqC1ZzB4vD9T9dR5XN6y3fyoHmeCvOJlqteEQkKY5bMSA5vKqvY+tRG
+EWkeWCIRX9SdKgAMm0nR9JZOJNQ/u4H6h58=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C22:KAS-ECC-CDH_P-521_C22-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C13:KAS-ECC-CDH_K-571_C13-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C22-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C13-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAoJFCHTcD47NB6fHn1Y+M9729F5jQ
-AZZ7gB0c7CfmBcWAsjh8HLRk9VznrIAzQQKrA8+4bYivdsn0EpwBvt07v8QAjJxX
-eo5vxEaBXp1AuqZgJfFdrihfGetmjuYK6cmOfs2/Kypo4ikoBZ9n2xiABxYdPs85
-fgiD8MTrfq94J6YiBcw=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDIYS2hj4stbxxuv9ba1ehBZSDHMEa
+nl7t7EgE4gFuPdBkz/0Soe6g9pMpEd7TRazlwf8lC5ZI2TuVM4ba6bVijDxiUnuJ
+BRkH94PgNBqHHmJW2jSeu1OfiHZ9fawVEePD5NQ7D9MdXdLC8PF26sVEqHH0K5g/
+j7pN9nq2ojm335lyJjBLcxZdli9OHS0Y3p8=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C22
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C22-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C13
+PeerKey=KAS-ECC-CDH_K-571_C13-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0020c00747cb8d492fd497e0fec54644bf027d418ab686381f109712a99cabe328b9743d2225836f9ad66e5d7fed1de247e0da92f60d5b31f9e47672e57f710598f4
+SharedSecret=049db68dc9fb4cfbad8247ca4fe7c573c0640abead8f319194d665ecaf4f04b61f84f5df0d8a6386f6df04ca1a685a7394567eba5deb9f739b1e623ed6507021593f0e22e2dfc3f6
 
-PrivateKey=KAS-ECC-CDH_P-521_C23
+PrivateKey=KAS-ECC-CDH_K-571_C14
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAXcM67aA8LrIzAU7k
-aN/3U7cvc7AJkQQ+o1OCiuadTND63tp7sni1NdfFdAb/Lm5HOlpP+Y6Q+Q1trdJR
-AOjYVmahgYkDgYYABADIJbowc3POyN0kmO74LiH9mGIWjb/rg1k5gMqfgodTM4mf
-6U8Tfa8cQYnrUCk3w6Nn6nlR7YsPM3f83ykiAh1GpQFriiVA1eZUk4iLwzcknmfA
-pod08+jYHjtFdKASUWXwvVi4r53nSzWDJTn5XDzZ8bdZQIVgqmhRrjrHVVNHsNOx
-Ow==
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIANUUFE1FSLz8vPVw
+Cffo7hBLFUVvSRgmvf2bpn6HH9vY/ISQ7LyyaQkfx1KeXlVxOoHeIMDtAeyzFZrm
+FCS9vFZTcyWH0elPoYGVA4GSAAQD7l+He3N9rkC6+R4MxYHf6NKR+MRR1b/AtpDf
+cCWHXZVp1SAhs7aJDgGiupWJnikoqQLNXcgUPAfqJnSanJQGi1w0xZawlD4Fjhul
+FqgYyumzcIYofgiAg+K0If7wtZuoFqsDE3XQnXr31XhmdEaHvju0HOInbTo4+Xu7
+n7WfJKkvAIWwTuXtGsDvpnE5T3M=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C23-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C14-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAyCW6MHNzzsjdJJju+C4h/ZhiFo2/
-64NZOYDKn4KHUzOJn+lPE32vHEGJ61ApN8OjZ+p5Ue2LDzN3/N8pIgIdRqUBa4ol
-QNXmVJOIi8M3JJ5nwKaHdPPo2B47RXSgElFl8L1YuK+d50s1gyU5+Vw82fG3WUCF
-YKpoUa46x1VTR7DTsTs=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQD7l+He3N9rkC6+R4MxYHf6NKR+MRR
+1b/AtpDfcCWHXZVp1SAhs7aJDgGiupWJnikoqQLNXcgUPAfqJnSanJQGi1w0xZaw
+lD4FjhulFqgYyumzcIYofgiAg+K0If7wtZuoFqsDE3XQnXr31XhmdEaHvju0HOIn
+bTo4+Xu7n7WfJKkvAIWwTuXtGsDvpnE5T3M=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C23:KAS-ECC-CDH_P-521_C23-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C14:KAS-ECC-CDH_K-571_C14-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C23-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C14-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQATziBZoF3EonODLg6Ximhqwb8kfeG
-mUsjcI/wigig9nW4Ca6Z6fmWfrGknxlgV9aeUNbe203S2agcAr3Mj39RhGAAnvsk
-TIuRCH3h7tdmUA8OgVMHUtRpJW73n2uWXYoiMqDC28To4dCSFLqzhIW+bjV8QgDQ
-c7UvBOShb8b1JHGHrss=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHHhZ+WeKnCev0vj2D+53GntdJ46uK
+VOICw1+NRd6qK9qGwq+hsKBHVNGImPzdmxhfHYui4YCkesKRu0qtj5l/c7FCO81+
+m5IFcRkIW8fLICPSP4gQFCD59Qjw25T4377dXL6IzsgKnccI32zM34FddbFGKA18
+0uuXzxp91VC+Ujgk+TKnd2efLun2bUJY3aY=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C23
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C23-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C14
+PeerKey=KAS-ECC-CDH_K-571_C14-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00c2bfafcd7fbd3e2fd1c750fdea61e70bd4787a7e68468c574ee99ebc47eedef064e8944a73bcb7913dbab5d93dca660d216c553622362794f7a2acc71022bdb16f
+SharedSecret=0343c45daab4f91e02ef9bd6e1cd157b00ab0ab0a3e0d9734918a1d896cdf7cc1212bf74d7bb9bf96bd4abf42df325756c407217f44a5950c2b66af820692742ed7ebe14e48d2d88
 
-PrivateKey=KAS-ECC-CDH_P-521_C24
+PrivateKey=KAS-ECC-CDH_K-571_C15
 -----BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIA3xSx8UMqew+wU5Zf
-2GQ6/uJrJFHstqilOmVdX74W5MZM6GRyJesR5/3LI2J0cd/8XCUjvSromVfLo6V6
-I5M+WnihgYkDgYYABABOhYO7uy7Nk/BxTDMt/1qzvGOW5i88VgIpZkMpuqUTjDux
-w2Qoq9TiPRf8t6LPzCJLLnNMiUH28SFyLXtrlBVFdgHPCHTyBLA2PwIIZGcvrb+H
-yIEesUd1iyVLdLFPrnQhWfD2caAYISu/JbhRnhJtTK13jP/1DSiP05zrDKxjWxde
-wA==
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAMzG3KWphVg84AgS
+w9B4IvY0HHnXjBay565Lv1v/rBrNneq2eBk/j4mw4qrlLjAxFETdESU/ltYts6v7
+F+Qj8N3w6ZEIEVTDoYGVA4GSAAQDgmIVNDz9Stlo1XK6st7iJ5+ejv+g/4Cw313S
+6oIrUCJ05QfIfSQp3Yu9um64q0M7HuHK06l8fSRBlP2aQ/Ph/zMUTi24CGQHD0UI
+rjkc4kFUs4hzrwCC2ViVrJL9GqMhupO+70BKY/exr6H+7Jl4hVI6ZoitqU3UXrMs
+p/G7h+Y8Tel0kxlsO1PPg9IY3Dc=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_P-521_C24-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C15-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAToWDu7suzZPwcUwzLf9as7xjluYv
-PFYCKWZDKbqlE4w7scNkKKvU4j0X/Leiz8wiSy5zTIlB9vEhci17a5QVRXYBzwh0
-8gSwNj8CCGRnL62/h8iBHrFHdYslS3SxT650IVnw9nGgGCErvyW4UZ4SbUytd4z/
-9Q0oj9Oc6wysY1sXXsA=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDgmIVNDz9Stlo1XK6st7iJ5+ejv+g
+/4Cw313S6oIrUCJ05QfIfSQp3Yu9um64q0M7HuHK06l8fSRBlP2aQ/Ph/zMUTi24
+CGQHD0UIrjkc4kFUs4hzrwCC2ViVrJL9GqMhupO+70BKY/exr6H+7Jl4hVI6Zoit
+qU3UXrMsp/G7h+Y8Tel0kxlsO1PPg9IY3Dc=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_P-521_C24:KAS-ECC-CDH_P-521_C24-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C15:KAS-ECC-CDH_K-571_C15-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_P-521_C24-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C15-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBoyCZsCwL2FNx9gsN0giQ5sevBIyB
-eYkP2jCLNZ27wreoMruMZSbEr5mn6j8LPLlq4et2hBMnlcR4rW+WLkpvRG0Bdic1
-eznp12MqE3Cz6Twa+1yFG5EOtOrQydOH32fN6FAD4OQnVS8c0JBZqtAmLiNczl+6
-jO3E/cFGPadtzUttGkY=
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHTxp7XPsO7vHhXmNRLHMYja++iOjp
+xCBzsrZSufAoIU8L7HkULYiJQWq/eoPin0eee8PKZX7woQwuo63jEXwNNp2swjOd
+HBIA6JkqVAdnUwKfLA6djBZua6hIlqR4X//1mMSCPlRh/wBUkLt/tth4rDT0J/2d
+tIy98S65gm1o/SzxcdTWHD8nXUSUfU30x1I=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_P-521_C24
 Availablein = default
-PeerKey=KAS-ECC-CDH_P-521_C24-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C15
+PeerKey=KAS-ECC-CDH_K-571_C15-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01aaf24e5d47e4080c18c55ea35581cd8da30f1a079565045d2008d51b12d0abb4411cda7a0785b15d149ed301a3697062f42da237aa7f07e0af3fd00eb1800d9c41
+SharedSecret=04a565cb3e15236a7f6c413afeb419c082427b10a6d07ff87e81740716433c06b3254414381e4ff9860340dd6201ab6621d162cd12047a5515ab1d65f20c97eb3d7132642f8ad58a
 
-PrivateKey=KAS-ECC-CDH_K-163_C0
+PrivateKey=KAS-ECC-CDH_K-571_C16
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUAZlO2B3OY+tx79eYBWBcB
-SMPcRSehLgMsAAQHH4sod9YCfZwa3kJE8t6hJpLvI9UFwV7ndiIccrhLNHzjg/OA
-Z7icPpo=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAYhiE2WL0X59wzTd
+gAOSakR8NKGX7l1tC7xG6F7Bz6aAKFjRw2cnbKVyuieqel0eIWkCQWtIr25Cd5Re
+Rl19hA3/FDhUPKpGoYGVA4GSAAQEf2zEIQfEDBaNxnmoZPlptT91YlcRO3UCeW76
+VM3M5wS5NE7kv5ZHUtaJECYr0mq2s0cIRASygwbKNCXymJTOb9QpPFlzUi8GDP21
+RnZ1p4mSO+lzxmRdvibQCjnU6BJVIXKRo4gs+o+R9KqCFNNSTJXvaiTkezudDvVf
+ZwdWrkpNnGXwdfQXCy0YqvvKAmU=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C0-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C16-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBx+LKHfWAn2cGt5CRPLeoSaS7yPVBcFe
-53YiHHK4SzR844PzgGe4nD6a
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQEf2zEIQfEDBaNxnmoZPlptT91YlcR
+O3UCeW76VM3M5wS5NE7kv5ZHUtaJECYr0mq2s0cIRASygwbKNCXymJTOb9QpPFlz
+Ui8GDP21RnZ1p4mSO+lzxmRdvibQCjnU6BJVIXKRo4gs+o+R9KqCFNNSTJXvaiTk
+ezudDvVfZwdWrkpNnGXwdfQXCy0YqvvKAmU=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C0:KAS-ECC-CDH_K-163_C0-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C16:KAS-ECC-CDH_K-571_C16-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C0-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C16-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBXQjbxQoxDITCUZ4Ols6q7bCfqXWB5CM
-JRuNoCHLrCgfEj969PrFs9u4
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQAS1Szzv1BX16qykrk5drPvOIMuhky
+ovUFSbzTFjABetIUdd8VT/N74TymGkxgM2sz0P/HYqqenp/G5v0XJQteQCK1UUHS
+P78Fb3yNZcVo3pW9FmT/9xQp7HOJh2l/IX3lrfNtFKgLb+WF5GheA8gYOKvt/cBa
+HgFAevSrmJ/B0Sc7qKGCxGGFbV7/5wXX3+U=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C0
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C0-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C16
+PeerKey=KAS-ECC-CDH_K-571_C16-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=04325bff38f1b0c83c27f554a6c972a80f14bc23bc
+SharedSecret=047265831f1f589b5f30806e2fb80aa7844cbf32b6993384beaac7d992b327b97dfd0bb89ca09e711507e846ed4ad003e7115fa8843b23d38f320e43b5eb506bde48fbd7af4983b9
 
-PrivateKey=KAS-ECC-CDH_K-163_C1
+PrivateKey=KAS-ECC-CDH_K-571_C17
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDrvRHVNDKl9QrTpeqkhVi
-Y8DgePahLgMsAAQBsBCMeGv000DwUFvfx9RbUUYRrZQCLJw51fuUVriiIhzqTwWP
-ao0s2Eo=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAEwN03FeiIjcIiIG
+nn9hGAFoUUAwPha4tENDPV4YpLGAPVaAQWrr2nrn6USRVL40an3LNsHbInRGc/s7
+JF5YRAeH7T3sbT21oYGVA4GSAAQC+yQessKKGwZ1tXYP5WY++mA+sFkIQvRVlz8F
+c+FIpH5j+X6N+aVwsGVdWvxCAZ/pX+RP2wKmgnHYLfWAAQ+R3/DLPZvaiZIDP5Op
+3DnYdAO2qU3AYy3sZ1eELQqvitjEHrtjcFi/wRwZo6mr3fIEIB70+W/pYpIzpQcK
+CHlNFEcAkeMM3Ydqr2VAdicjMjQ=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C1-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C17-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAbAQjHhr9NNA8FBb38fUW1FGEa2UAiyc
-OdX7lFa4oiIc6k8Fj2qNLNhK
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQC+yQessKKGwZ1tXYP5WY++mA+sFkI
+QvRVlz8Fc+FIpH5j+X6N+aVwsGVdWvxCAZ/pX+RP2wKmgnHYLfWAAQ+R3/DLPZva
+iZIDP5Op3DnYdAO2qU3AYy3sZ1eELQqvitjEHrtjcFi/wRwZo6mr3fIEIB70+W/p
+YpIzpQcKCHlNFEcAkeMM3Ydqr2VAdicjMjQ=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C1:KAS-ECC-CDH_K-163_C1-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C17:KAS-ECC-CDH_K-571_C17-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C1-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C17-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAWmXRAkv4rX+fsv2mHt66goG/SywA13k
-Qd+UCNkfDgId+PBSa4BjAxSV
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQH7HG+oIEZCpxM3/gJ7Stlp3gAzRs7
+7/0eQATRJqw1LSQjXHl6WlZ9rvc5PSdmOBMup/D2HlUNwlHTQfZhAvlsKr9+43wP
+ye0A78KshwWy+cnAapEKMExCsa1TEBrrDRRjGdwkgVx8wZg7HK2R1fnG1e7xZ3of
+LSvddaH7TFeWpMVpZKo+Q/PaJsc37dnLCRA=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C1
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C1-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C17
+PeerKey=KAS-ECC-CDH_K-571_C17-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=05f9ac3a3dd88429600958386c55bef4b1aa5f0c24
+SharedSecret=059b62c25c96955b8fb4deddcf90ebe6845ee71ea357739273d6d67f21a0c47d154add9d5d4d2b657fe1988ad614b0b4902faa92fe999abd754ad33cd6b92fe2f6a68a6f2c1eeb27
 
-PrivateKey=KAS-ECC-CDH_K-163_C2
+PrivateKey=KAS-ECC-CDH_K-571_C18
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDEXI0Lm03zB4GKkSUw5y6
-SPmtmoyhLgMsAAQDon7K7Ctm/qwgQPaJASi9AFjTGSQBQAfjIJttcSew85Pl5YsV
-kLn0C+I=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAH1UGU/CJsw59kDT
+0XublbcLUfmK1coZkVZhCNg543fiG6SMv0QVMLM0HdxhsKWBQaqmZTAkH6UpUF1w
+gEslYMW+SBMQuZYtoYGVA4GSAAQC7V86LvpKsPnbX87XsTAN5NRXqa0IJ0V+XhxL
+wV69GDd13ktzwfgg3UAzNmEA5ItBZNBOn7bPGkvbVRIqhgBfvQvSzdvJX6cDJ/5l
+TvaFY8yIiKzKhRY8KxVPtwsPSitYw2OIoMJfgKTIh5d9RgANxNhulc/Y+QZcAOso
+ZTyPtHe7tcY91HuDyl4Phx6e7T0=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C2-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C18-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA6J+yuwrZv6sIED2iQEovQBY0xkkAUAH
-4yCbbXEnsPOT5eWLFZC59Avi
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQC7V86LvpKsPnbX87XsTAN5NRXqa0I
+J0V+XhxLwV69GDd13ktzwfgg3UAzNmEA5ItBZNBOn7bPGkvbVRIqhgBfvQvSzdvJ
+X6cDJ/5lTvaFY8yIiKzKhRY8KxVPtwsPSitYw2OIoMJfgKTIh5d9RgANxNhulc/Y
++QZcAOsoZTyPtHe7tcY91HuDyl4Phx6e7T0=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C2:KAS-ECC-CDH_K-163_C2-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C18:KAS-ECC-CDH_K-571_C18-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C2-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C18-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEApZdsVkXH1y356G8xhYRrqyoxSybBocd
-Hpwf6EUmgHaplYA6bUnNB1VU
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGcIaGtPWtL+xFeq1axKPcSGekd+tU
+/A1JNRG1Vh6hUd1Mr11DEZg1ALSMgEOvCeP0BC1aB+vwUKToAdru8zF74JOVUCBF
+KykFJchoJYO1X37OxZuSCEb3XRHQIen/sgAYY59quTAiRywZLTmOFQzcYwoR/PlC
+5dI4zWwUsw9Eok0vhD7F0TXdx6vaVgR6vCE=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C2
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C2-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C18
+PeerKey=KAS-ECC-CDH_K-571_C18-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=022e0290eda5d348894129f7455d1c766d32d5c2c2
+SharedSecret=02777c72853b76b29f69d3aa27a1659789a025af0633d833b22b57bf328d231ebd128bf96a4c8a7ffd2ee7a51e5ebb7a8e5bca20e4ad49671a2123dfbc0d6c40594e04765186de06
 
-PrivateKey=KAS-ECC-CDH_K-163_C3
+PrivateKey=KAS-ECC-CDH_K-571_C19
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDKlEc3NS/xWfOrIwk7QTo
-iU33jd+hLgMsAAQGl42sqkfY87yQtB7H9Piseaht3QcH+LDvQnB2A3a8LV+u2D2n
-hyYx0J8=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAQdAuVgoUkIEXNU1
+jX/5Iyt9fUE69+IFwoX4hJLvJ6L7hQ4FZ+wkxIDHWtMvcDQgJchiZ9vk/4CixQnl
+uaRRMOmefHzIzG7OoYGVA4GSAAQD8/WFyv1GpmO2z4uDI++RWdUZXTEY8+3zhzLK
+D/c7LQZdnmmuHjl4ss5txhUA97i79vanC0e7ZMxP0ZW7pqyTK3C+r+F0FIoAsVZv
+5hnyzACroF4kpszLyRM4su71U9oNR31sjArExlbhNNvPMf+xXGfVib0pGPEXSQnl
+QoxxyQ44xOEbViNqv6HeaoV5600=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C3-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C19-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBpeNrKpH2PO8kLQex/T4rHmobd0HB/iw
-70JwdgN2vC1frtg9p4cmMdCf
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQD8/WFyv1GpmO2z4uDI++RWdUZXTEY
+8+3zhzLKD/c7LQZdnmmuHjl4ss5txhUA97i79vanC0e7ZMxP0ZW7pqyTK3C+r+F0
+FIoAsVZv5hnyzACroF4kpszLyRM4su71U9oNR31sjArExlbhNNvPMf+xXGfVib0p
+GPEXSQnlQoxxyQ44xOEbViNqv6HeaoV5600=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C3:KAS-ECC-CDH_K-163_C3-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C19:KAS-ECC-CDH_K-571_C19-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C3-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C19-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBVtowMLCRv4PLNVIS1iBTGUhPqVBBTnB
-HSWSovY5O26GxU35Cblf4NWo
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHznZ0QD38YoldceKrWHznNfJ58S99
+8xYTNb5D/CkI6nNvb1i5MteTr/ZvMyc11NOPBcsDzydcoOANofVzgeCL/rUBeHc0
+InIH1mSfPZHnv1+N5hG9lxgYEG3y43k1u0ZM2edGlinGrn5/KyJAJ2yw7tt6JtDH
+03f0AJod1Ip5PMmT+w1KBNsdutRJMwS8XA4=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C3
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C3-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C19
+PeerKey=KAS-ECC-CDH_K-571_C19-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=037f659f430009fcdae4e9f6e6316b0f5dbb268212
+SharedSecret=02c2ec1632e83416182a9a438f7360b88061bab84f5bded3dd8a0c87baf44507df94fdcf99353b107e61cfcfc8af071b3aa8cec7b34a542bf2ab8ea0bd9db67d66b428c9a6c14458
 
-PrivateKey=KAS-ECC-CDH_K-163_C4
+PrivateKey=KAS-ECC-CDH_K-571_C20
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUCxvZP5gnrjutbU/q2MIiY
-5j/y4/ahLgMsAAQFSeGoLsKEv3fVKGJ+Utgy4jbJKtMBmIOqm0WLNb1UTWiCgSFQ
-wUl9MdQ=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAMheXS3tW8O2tVP+
+CgIxG3K8XNyOlt8XnOV1EcJqyehz/B92zd6afY5Sp+m+XHdTYgMx6Jd6mJArSK6Y
+mc6KamY2YRJ2riODoYGVA4GSAAQCiapSCf57Gte5xeDmMLpeApKeobHxFNMKBkgB
+K/Ap4GZFPy0o4dUDZl3Qgz8Lo35Fg7Q03ZlWEAoa5uVPltk0fYBnQdOnbjEDOv6H
+sp7e9Ef/WgLmP2SQW19TrIVs/XdVrVQoEuzdVo6K4fnTL+oPAgGNz9DhbWpqJ5e3
+49yFW/22sNCyUl4UNnjVOb+MBnI=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C4-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C20-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBUnhqC7ChL931ShiflLYMuI2ySrTAZiD
-qptFizW9VE1ogoEhUMFJfTHU
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQCiapSCf57Gte5xeDmMLpeApKeobHx
+FNMKBkgBK/Ap4GZFPy0o4dUDZl3Qgz8Lo35Fg7Q03ZlWEAoa5uVPltk0fYBnQdOn
+bjEDOv6Hsp7e9Ef/WgLmP2SQW19TrIVs/XdVrVQoEuzdVo6K4fnTL+oPAgGNz9Dh
+bWpqJ5e349yFW/22sNCyUl4UNnjVOb+MBnI=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C4:KAS-ECC-CDH_K-163_C4-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C20:KAS-ECC-CDH_K-571_C20-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C4-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C20-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBrjvWmLTtjalp2v+se+P9Niz2eL8BnWn
-VyZnGDmNivZtKXF5hHji830o
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQEg61zguNIr8fycdUNjTm4FLfW3AxW
+KmulVlaARb0tYgkGqxEG+RN/9yWJLoQ2qM17iIkqMvGasmnirTDX8OwA46BS+7xG
+YwcEHMSw8ZXcc8So4QYF8qOCkjq9I4HyTkq71AHgh8UNGPbasBol236J3/9oxmNJ
+T7TQh6gWuFRE2IK+wqwl5C/eeOvMp5pv3fA=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C4
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C4-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C20
+PeerKey=KAS-ECC-CDH_K-571_C20-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00503bbb9b62f50ae7a8dfd74a1741826f09290651
+SharedSecret=07e1d202a54d34020939f7aed56931f21b206761e4fc79b9a7b320f81077be322ae7809446b5b3ea701618ecdb0a1796ab80407a281bdbcb4d580131b61f8743bfef7a4d9c5941f1
 
-PrivateKey=KAS-ECC-CDH_K-163_C5
+PrivateKey=KAS-ECC-CDH_K-571_C21
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUCalaGdRPd2MqU15I7qh9/
-sA2qOPqhLgMsAAQGwopA3E5VA9LEuKsLa3BG6OJawJ8BIZEWVKWDYAXYA22XZYX/
-HYMeWHs=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAFOkjP2o7iMs6jVJ
+knsi83XWCWVgAl4hMWHUPu0C0HNl2e3nyT1FfqUeojaeh0Y+3b8loGux8ID7R2MH
+SoKD3T1p8d6GUpXjoYGVA4GSAAQEeQ+dtgC5oKV+A9J0o9I6VaoNhrLW+gf6/jyd
+TDOTdx3eiccKZHCjG60QXCHUhEzXv8O1lzj51sUoxBTVJPiODIYuThev9FQF3BLb
+BOJInbikbN7/n42dLgDQJPZWx4HrTS2xZ2JLOnCt2qoVjKAGAdTK0GWRe+vnZpEv
+q6mYf8xfyKeN0hZDqmUOakp+IGE=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C5-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C21-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBsKKQNxOVQPSxLirC2twRujiWsCfASGR
-FlSlg2AF2ANtl2WF/x2DHlh7
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQEeQ+dtgC5oKV+A9J0o9I6VaoNhrLW
++gf6/jydTDOTdx3eiccKZHCjG60QXCHUhEzXv8O1lzj51sUoxBTVJPiODIYuThev
+9FQF3BLbBOJInbikbN7/n42dLgDQJPZWx4HrTS2xZ2JLOnCt2qoVjKAGAdTK0GWR
+e+vnZpEvq6mYf8xfyKeN0hZDqmUOakp+IGE=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C5:KAS-ECC-CDH_K-163_C5-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C21:KAS-ECC-CDH_K-571_C21-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C5-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C21-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBWxKNYassDCZ1Sss1KxZJpz1G4cwAkJl
-YcvZ2hsjpgA94OX3xKBlpcK4
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHpejrSWhJehG5DGDhPV88YcaGhXOm
+ttt8IIqFbVTnT0No4oEAueC/SfwxBOFG+9p4RiOjbZ8B8j6636sE1/SP9mUGxpi+
+3REBPblo/HzTOMuOMEKhcfowb5q29shl3cW6X+mUow2PwfoScZHwjk4UuaoIalL7
+yqRtIhB/1t9TEItT/gu5a8l0wDqMZSj5eS0=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C5
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C5-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C21
+PeerKey=KAS-ECC-CDH_K-571_C21-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=012cf17799fdefa2940b18d56e80d44414c5b13884
+SharedSecret=07f49ee5d822b17e3f1ec9946fad8d0a0a6b327242afe675806b3e6b7541745e21cd1b70df926af057a9f8deae4cb9a1edc782014426152e8aa4cf6a4080dad4678dc8ff0d9e1af9
 
-PrivateKey=KAS-ECC-CDH_K-163_C6
+PrivateKey=KAS-ECC-CDH_K-571_C22
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDhoEQecgCHC159N6VLLLl
-mcQuGe2hLgMsAAQGCqQqYuIe6jfjYrTT3oN/DEnTrBMGmyDW/RbROxiD3wVimsfR
-uCOGs0Q=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAVpeWUb+LJyubUEs
+YYwb0HckQysvHe2xMn2Kmc6DDmsDD0AlwUtOPRkS6pp4KQoc/H0BiaMMYUAQyHMU
+ahgvY5GTopEu3NBKoYGVA4GSAAQDFAiH6HA5eXhp9dnbUNkbpp0L/cWmd8cAYQVi
+9oDZUaXgUXyy+WY2fUjkI7BG205ovBxLMYPcgL7hJuiQFJlM34PEMSo+XqcHuNcG
+liyxkvDtFMTacQ0bGwc/2MpJepQ3mnRUycPUzm5f0uY4aFKnfFQ1q7I1NtzIOYbO
+3UUSdS8pXKUA8FX0YnY8KftnjKo=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C6-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C22-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBgqkKmLiHuo342K0096DfwxJ06wTBpsg
-1v0W0TsYg98FYprH0bgjhrNE
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDFAiH6HA5eXhp9dnbUNkbpp0L/cWm
+d8cAYQVi9oDZUaXgUXyy+WY2fUjkI7BG205ovBxLMYPcgL7hJuiQFJlM34PEMSo+
+XqcHuNcGliyxkvDtFMTacQ0bGwc/2MpJepQ3mnRUycPUzm5f0uY4aFKnfFQ1q7I1
+NtzIOYbO3UUSdS8pXKUA8FX0YnY8KftnjKo=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C6:KAS-ECC-CDH_K-163_C6-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C22:KAS-ECC-CDH_K-571_C22-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C6-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C22-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEB0HGmk7bOGyU+BnRtd3QKB5P8pdlANMv
-lyq6yRvoWnCeugf10WIVrmAt
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQBPKr4zi4jIc8lbytkqomt1paMKYYk
+oivTjvlN6zpw6kTOh6lI6la/DulAcTT4yXsXsfVFYf93R+P2tlb4DWB3jQW4xMu7
+zzwAR6Lco+tnVLCp/Rawgfykl7Kd0uyeanWW0GsFnCqxiQD8xYcVJHJ245DfHbqy
+a6gSNaTcZzgjf879OBK3q0NskmxQxgDm6Qc=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C6
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C6-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C22
+PeerKey=KAS-ECC-CDH_K-571_C22-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=062a2f926ab435ac14e05d44c27b46b6820b713aee
+SharedSecret=058cd5608dd9d64d4d822baeca123358a4d7e56d3777ecdf569a149c2f85ed35479eaeaababd0b026dc3b56aedafedfc8491040413f85b669d8512a3ef7bc8fe8706b5c7585370aa
 
-PrivateKey=KAS-ECC-CDH_K-163_C7
+PrivateKey=KAS-ECC-CDH_K-571_C23
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUA5G6cllJoZH8gSEdMexpU
-3/5yjx+hLgMsAAQHqYTq1EAxDO8uEziXL/Ld22XKw9IDM8GpNCf+asUCdgt3eImK
-i7akCtk=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAL1Y4ZwF336ZvZYg
+cOC0x1dgQoWER+AjtBuyl0Womkh03+MloV040vuehw9BndFfSqrGXbvFrCxUD1fN
+sORbyGYhcm2SLRSqoYGVA4GSAAQB5LKid93Xjy8RnAW2rh6noqdElh4IlA9lae6I
+CMU7x6EhOAZO1cjCIu7yd05wwovOOmwF86ZU4SEAarYryUOB0Byg0bCCNNYH7tjN
+eoo1SbDZ74eGh579ycD0zpCzmRozy7sdNwTbk1ExOLGaUOysiA5XjeIQRvA6IABI
+GAiEvELPmq/ljMHq9TbW0l8VQdg=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C7-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C23-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEB6mE6tRAMQzvLhM4ly/y3dtlysPSAzPB
-qTQn/mrFAnYLd3iJiou2pArZ
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQB5LKid93Xjy8RnAW2rh6noqdElh4I
+lA9lae6ICMU7x6EhOAZO1cjCIu7yd05wwovOOmwF86ZU4SEAarYryUOB0Byg0bCC
+NNYH7tjNeoo1SbDZ74eGh579ycD0zpCzmRozy7sdNwTbk1ExOLGaUOysiA5XjeIQ
+RvA6IABIGAiEvELPmq/ljMHq9TbW0l8VQdg=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C7:KAS-ECC-CDH_K-163_C7-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C23:KAS-ECC-CDH_K-571_C23-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C7-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C23-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAe9HeV+w44BAWrXoje/DztmpJRSmAL5h
-gdf8A8qL/fEYac6ijPoOX19k
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHQ7PJZag+6fa9uZAaHcwfeBllRKiL
+nPgRf4ntFXTlxdgE/EUREsJXh34SsKZsaTxmVcErukU12Z1iQF9Knc68BW2LfLut
+oSAD76WKo6jGok9DxVgf7AQUQq6VUnXbwdRtEBVgWdJje5qCmUsCSiR9KmZyS6kN
+Anh7FosfofS2dJZFQGxDj40xbWcPHg2LAwE=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C7
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C7-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C23
+PeerKey=KAS-ECC-CDH_K-571_C23-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0399b9294e895486bdefbaad7a729353ce09586357
+SharedSecret=03bf7a59bbdd688682c45664d20c19cb2d24fcca6772120cbeed1cde762d449ebf22855627eb6b2be6e7f7c0f0034d02686f2a4488549f8cb198e02b46972bcb88914bea66dd6400
 
-PrivateKey=KAS-ECC-CDH_K-163_C8
+PrivateKey=KAS-ECC-CDH_K-571_C24
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUCczSXFAWwRhw+3mfyujNn
-NEUag3ihLgMsAAQHZ8Me6TA7GyzTBZ+BUH7zBOvTECwCUeDUMNw/Y/Oje6seepV2
-Us9n4iw=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIARRjBw/LSii+Tipn
+wpx/pIpMWFowdAXQahoGeOkJ3W6vuJhmLN2LzAGd6xTl2S0XK6HEOO8PZNgBB8fo
+5oAp9OCqgUoQmco4oYGVA4GSAAQAk5OY5GOIbw27SKdPVzoSFQAGaOELV5idwwCy
++ajAjNQ9bLt/Rux3wcKUsj+GKZAn0rk/1usYIQqCML9G45IfGCySYMMIR6sD1I7G
+M7naFlDqdiZWs+MfJq7Afnymqvwe18tGbqrzmT4EZwSMlnux6bSuBzojDB4vdOLm
+GGZs9WoG8rZew5Vbb/uwapCM9hY=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C8-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C24-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEB2fDHukwOxss0wWfgVB+8wTr0xAsAlHg
-1DDcP2Pzo3urHnqVdlLPZ+Is
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQAk5OY5GOIbw27SKdPVzoSFQAGaOEL
+V5idwwCy+ajAjNQ9bLt/Rux3wcKUsj+GKZAn0rk/1usYIQqCML9G45IfGCySYMMI
+R6sD1I7GM7naFlDqdiZWs+MfJq7Afnymqvwe18tGbqrzmT4EZwSMlnux6bSuBzoj
+DB4vdOLmGGZs9WoG8rZew5Vbb/uwapCM9hY=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C8:KAS-ECC-CDH_K-163_C8-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_K-571_C24:KAS-ECC-CDH_K-571_C24-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C8-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_K-571_C24-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA3TX+bqM2opo3nJ50/+GdAMv1HwCA+3p
-lcOk6Kb+Ic0eTNTKOBLA1pKl
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHIvHnoGB3UNri1ixdPUcPAGwyVFWO
+qqKU7u28qNML9Ku5Vd62LkF5kl9sut87+HdvFdyuNVat33lxBad7f29xIGyg5uqR
+4YgDXRCMoNYgyrlrfL9hfRtawG43eSYpiGVk/RR8WOVeQjNE/08fukrw/jQVKzhL
+doXKrRXTvCcOQ0Iq2HTnHkCKcabIqQ0q2Xg=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C8
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C8-Peer-PUBLIC
+Derive=KAS-ECC-CDH_K-571_C24
+PeerKey=KAS-ECC-CDH_K-571_C24-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=022325a9a769a902c2e64c80a1d35429ced42ae0a4
+SharedSecret=06d410e9ba6b8b87b00d0f676de8ba27f6afe7e308c2e992f318fc14cba0a447316ad86e8e6c1d3345d8e4035735232c2c597e760b8800a89a521567b09408f9c7be279c137c963f
 
-PrivateKey=KAS-ECC-CDH_K-163_C9
+PrivateKey=KAS-ECC-CDH_B-163_C0
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBm7SAc5ARI1xtXG501qe7
-TyD2G3qhLgMsAAQAk1SQdXBNedrncjF91lJE+nclaesCqKKCHdOdfnZTynHPwant
-hXgBo5s=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUD7a4XPej6DPBBLWp73IH9
+vQYXrfihLgMsAAQDVGZwHQsAMNCYtu0jQ9NVwkyQcnEA2LwC80HSYYYN+2Xwy38L
+SI2Clsw=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C9-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C0-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAJNUkHVwTXna53IxfdZSRPp3JWnrAqii
-gh3TnX52U8pxz8Gp7YV4AaOb
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEA1RmcB0LADDQmLbtI0PTVcJMkHJxANi8
+AvNB0mGGDftl8Mt/C0iNgpbM
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C9:KAS-ECC-CDH_K-163_C9-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C0:KAS-ECC-CDH_B-163_C0-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C9-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C0-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBld99U4Rx+diAvlPVk5hN7I85uRBBok2
-YAqtyyX9QCTtPoRbK7+AcoDm
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEA6ZHujLaxx7GeAsGOKcM0k/DvUyOAuae
+lhVBhEpKozdpp7znEPZkClYM
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C9
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C9-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C0
+PeerKey=KAS-ECC-CDH_B-163_C0-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=051392d5377016358405030b48744003db66440a2d
+SharedSecret=0100fb42d177ffe6c31378e2e04e0da7376ffe8765
 
-PrivateKey=KAS-ECC-CDH_K-163_C10
+PrivateKey=KAS-ECC-CDH_B-163_C1
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUA9O21i8w9bp0xcilCCnMy
-gezP8c+hLgMsAAQCcYNgm3WTsYRTZcCB1F/2bJq143AGm5gSNv6TCUe2t383QoKh
-jkvpk8s=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBeNzIIWQl1L9xyPKSXdGv
+htwEomihLgMsAAQBHklDDN0G8udluPLMBnzUJOLnVIUAg68VsizX39Hf9zlr8/MD
+j1BSSZE=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C10-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C1-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAnGDYJt1k7GEU2XAgdRf9myateNwBpuY
-Ejb+kwlHtrd/N0KCoY5L6ZPL
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAR5JQwzdBvLnZbjyzAZ81CTi51SFAIOv
+FbIs19/R3/c5a/PzA49QUkmR
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C10:KAS-ECC-CDH_K-163_C10-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C1:KAS-ECC-CDH_B-163_C1-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C10-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C1-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAmHRU0XOtJIimo10WX59/RmutoSKARSh
-Is4oyhViD3tAofJrQjTJVr3B
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEASgomJNkhtwuPNFYXzLVVEJk4ZHkBenp
+i7dJm/iV93+PyDAdbhx6n2GR
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C10
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C10-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C1
+PeerKey=KAS-ECC-CDH_B-163_C1-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=045dac076e79de2fc631315465d3ef6245f26647e5
+SharedSecret=0681c9e59eb7eba769f5b6f2b06ddf1efd12997995
 
-PrivateKey=KAS-ECC-CDH_K-163_C11
+PrivateKey=KAS-ECC-CDH_B-163_C2
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBuZBJGhL97iMaoqEW4ePB
-yR0P1HihLgMsAAQD2oadCcTkVFrBaJ/HIxYBJjLQq9kCyCD0AxDl/9L4v0Ofuoeb
-su9iGyo=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUD6h555SoHCJjWo8TnSOla
+yHENd/ahLgMsAAQBN4YLo0WK8Twir4Il9WHgEzHNh6gHcgNW4V3HP5/uehwCH+yp
+fNQSBOM=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C11-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C2-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA9qGnQnE5FRawWifxyMWASYy0KvZAsgg
-9AMQ5f/S+L9Dn7qHm7LvYhsq
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEATeGC6NFivE8Iq+CJfVh4BMxzYeoB3ID
+VuFdxz+f7nocAh/sqXzUEgTj
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C11:KAS-ECC-CDH_K-163_C11-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C2:KAS-ECC-CDH_B-163_C2-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C11-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C2-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBw44D0k3CgAnlUpOqIC8GSmyjFMpBG/j
-tFSvlCCoEfHhX3dNpa4aQLRZ
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBYdPzIxITAFBcxAty3DGJO5hCNMdAElp
+P07ccUsNC6pb/F2LxqwECJ3k
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C11
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C11-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C2
+PeerKey=KAS-ECC-CDH_B-163_C2-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=014f7a46847ed6a7ff605b0e52c616e4ad3f0d5029
+SharedSecret=01e0749a21fc508f76dade85435bbbe12c448bd8c4
 
-PrivateKey=KAS-ECC-CDH_K-163_C12
+PrivateKey=KAS-ECC-CDH_B-163_C3
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUA6Cm5lC/ZZIf2ASkI/gT2
-2OqvGWahLgMsAAQFqyB0wE31cWAWdzX3/C2PYp00/xgBLp2m0Fuz4qy+W6SvtKDd
-ctsH1qw=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBrVypq8i83MSCmVrRqXfk
+cnFQuzahLgMsAAQCWueDEbD882lWajGfiYSVRq6uwwUGQOsP31IEgK++ufJnT+sd
+bfSC1/U=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C12-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C3-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBasgdMBN9XFgFnc19/wtj2KdNP8YAS6d
-ptBbs+Ksvlukr7Sg3XLbB9as
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAlrngxGw/PNpVmoxn4mElUaursMFBkDr
+D99SBICvvrnyZ0/rHW30gtf1
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C12:KAS-ECC-CDH_K-163_C12-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C3:KAS-ECC-CDH_B-163_C3-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C12-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C3-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBuYK93QZuf4PxcecoaIqEBFAJAW2BpvK
-NABbV4zXp6aSm9P2zimUO17Z
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEADdI15jxQCaPHnGLOyOqKswDM8B0AMQq
+knq1eWlhIwlVdayUmwen0dS8
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C12
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C12-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C3
+PeerKey=KAS-ECC-CDH_B-163_C3-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00eacabc34555956995623e60482e5c118e34e2094
+SharedSecret=0320398f7acf791e0d602d7b94742cce58e9fddbac
 
-PrivateKey=KAS-ECC-CDH_K-163_C13
+PrivateKey=KAS-ECC-CDH_B-163_C4
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBV86PC2zpLkJuyZ8iOtgn
-Y+S9P/OhLgMsAAQF05icykrnMt6TZyslySYIYbTA3OMENqMx6tJPKAe1UmD53D3m
-aM+/67c=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUC0oqKodifo+Xllv/RgIJU
+7heg0PqhLgMsAAQG5sUklKtjyJyXiFVvcWZ387SAQqAE6YJYucVvAtPttMpbCu6q
+naqm/g8=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C13-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C4-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBdOYnMpK5zLek2crJckmCGG0wNzjBDaj
-MerSTygHtVJg+dw95mjPv+u3
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBubFJJSrY8icl4hVb3Fmd/O0gEKgBOmC
+WLnFbwLT7bTKWwruqp2qpv4P
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C13:KAS-ECC-CDH_K-163_C13-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C4:KAS-ECC-CDH_B-163_C4-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C13-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C4-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBPdQ4nUA4Q8KF2uD8UvCbWvXHr10A55Q
-CQZ8DuLI9Vt+hNp6OR8Ir3UE
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEA4DbPfKxwBVKjoyzBK7NWB018xXNBxU0
+7C6LNX2eBp1/H6mL1E7YsGgm
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C13
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C13-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C4
+PeerKey=KAS-ECC-CDH_B-163_C4-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0414a622645107f115576f51cdf39d1393a2d7851f
+SharedSecret=03e4de43de85223d818e5be6549c29cdfa1afe1782
 
-PrivateKey=KAS-ECC-CDH_K-163_C14
+PrivateKey=KAS-ECC-CDH_B-163_C5
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDeYhfRfLXB74cEdhsQbra
-STsqVgOhLgMsAAQFrjHLKbMdJPX5TDDpwC8H84v/CsgE2Njjm/h/BYVD3ImQqRIU
-2kFsxVg=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUC4XD39NwVL+Rwb5nZviKe
+ExfYK72hLgMsAAQHkA2sJR3oqUTPChvy6y7+7hRnbpsAkeffZ/d2InKdWbfjS5Rx
+J+f6Ll0=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C14-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C5-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBa4xyymzHST1+Uww6cAvB/OL/wrIBNjY
-45v4fwWFQ9yJkKkSFNpBbMVY
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB5ANrCUd6KlEzwob8usu/u4UZ26bAJHn
+32f3diJynVm340uUcSfn+i5d
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C14:KAS-ECC-CDH_K-163_C14-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C5:KAS-ECC-CDH_B-163_C5-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C14-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C5-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAqufW6lBAtIacGdh6sAJIZDxza0EBK3d
-d+GZwTLRisVBsRd0jSMZ23/l
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEATbg0FtPOYuCfhmARhSLL0FXP8B8BzmT
+TOwQVyhS4fYZIi4vXsTg+lqm
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C14
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C14-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C5
+PeerKey=KAS-ECC-CDH_B-163_C5-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=056be002daff11c4066e10acd046a85e170fa4c122
+SharedSecret=037b178aab014d5abab305e37deed7f4798cdb862c
 
-PrivateKey=KAS-ECC-CDH_K-163_C15
+PrivateKey=KAS-ECC-CDH_B-163_C6
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUAuoxYZNs+/XaLk3b8K2wf
-hfRvavKhLgMsAAQGL2IhSYI/JVtPhpBmZvOjVWrwgOoCdMoywQ+a3WGgJtIK061W
-sX+wakY=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUCkj0sgCzsQt7yYz3r3KdZ
+1ZdE0+ihLgMsAAQCzctPke19F3aNuAvis6yeCVax2XEDJDP0VabNJT6RWC0vb1px
+JlXaHWk=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C15-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C6-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBi9iIUmCPyVbT4aQZmbzo1Vq8IDqAnTK
-MsEPmt1hoCbSCtOtVrF/sGpG
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAs3LT5HtfRd2jbgL4rOsnglWsdlxAyQz
+9FWmzSU+kVgtL29acSZV2h1p
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C15:KAS-ECC-CDH_K-163_C15-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C6:KAS-ECC-CDH_B-163_C6-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C15-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C6-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBD0l0t6Sk7hNNRozyxpS9ZMKTIt2A9JZ
-2CNunI1kN/QebVRhHFIjj+LV
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB2w65KeBZzYn0Om8thX2JqFgpV3aBYwO
+yPJknC3c2cJLZDQzsU2QfFkD
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C15
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C15-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C6
+PeerKey=KAS-ECC-CDH_B-163_C6-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=021fef8e473daeda8ef6bf07814d7b9b613e3076a3
+SharedSecret=00958b2aaa6061222dd248a6b9700fb6839dacdc99
 
-PrivateKey=KAS-ECC-CDH_K-163_C16
+PrivateKey=KAS-ECC-CDH_B-163_C7
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUD5QgEhNNzCyJIzMSCYNS9
-GFdgWtGhLgMsAAQFiupuQLjLJeZiKnvk/wG3nJLecqUEP2d2tt7/PSm0xwOJnXBc
-f+z1JcQ=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUCWxe9bkIH2fsaOvAv1dsm
+r4NIrrChLgMsAAQG9vWx87GPRdtPs3d+aED7WlthqRQHN84UrrJOBZFYWnQXuJJW
+dJ9GHeY=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C16-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C7-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBYrqbkC4yyXmYip75P8Bt5yS3nKlBD9n
-drbe/z0ptMcDiZ1wXH/s9SXE
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBvb1sfOxj0XbT7N3fmhA+1pbYakUBzfO
+FK6yTgWRWFp0F7iSVnSfRh3m
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C16:KAS-ECC-CDH_K-163_C16-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C7:KAS-ECC-CDH_B-163_C7-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C16-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C7-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAFYOGkIYZRGL6hbNrWtnq6OE7zh7BYsh
-PsKrOUL49q1gqVaVW1iQZrhW
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEANZfBRbBs+7ZIg5Zs9BJ3RFTF5rFAgv+
+EHqJpzYM0uIXU01t8pjMS8RY
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C16
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C16-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C7
+PeerKey=KAS-ECC-CDH_B-163_C7-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=03a287fd1cca68db47a3c74c12627fc3728568dd66
+SharedSecret=0393387e1dab35748f20d506a0e2b4dc0ee6c3ff39
 
-PrivateKey=KAS-ECC-CDH_K-163_C17
+PrivateKey=KAS-ECC-CDH_B-163_C8
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUAXQUroavqckl4yu8YeSRW
-ctWu+JGhLgMsAAQDa4Snczep3lwd1648iZOBOC8P/6QFbUrDn+iB/bjmDUVZZYqq
-3kVmPuU=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUAE36BMq0oiSPmSBHpIpj1
+wNzJVwWhLgMsAAQG8s3R1jDdcx7Xf5Acew5zVRXibU4BBi8vcVxNKvl7sb6LbPou
+PuMUJT4=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C17-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C8-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA2uEp3M3qd5cHdeuPImTgTgvD/+kBW1K
-w5/ogf245g1FWWWKqt5FZj7l
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBvLN0dYw3XMe13+QHHsOc1UV4m1OAQYv
+L3FcTSr5e7G+i2z6Lj7jFCU+
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C17:KAS-ECC-CDH_K-163_C17-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C8:KAS-ECC-CDH_B-163_C8-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C17-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C8-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA45IXekuQfHKymwOudgRpayom/NFAzGh
-Z3xGpo6WSBGpzF5OU+px4jEp
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBA2QPOKzD3CmoDhJsOF1j++Ih70xBKvY
+vbfBMnyZszgg2+GK4RT7Q1lJ
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C17
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C17-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C8
+PeerKey=KAS-ECC-CDH_B-163_C8-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=029558b41b8b92387bc22c868f51bb7acb6e4ee2e3
+SharedSecret=0212358d3f8bce69b662447333b3edbbc9b2f7e805
 
-PrivateKey=KAS-ECC-CDH_K-163_C18
+PrivateKey=KAS-ECC-CDH_B-163_C9
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDkYAYep7dzzjcJk8FWwfS
-C5+ai8ShLgMsAAQEspLR+gnfxeajrZn9Av63TUgONPIG4YiACaCgSRwL5qv6yUPT
-d/C0hjs=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBxIxQt9Ps3zuQG60O78Pj
+gm486p+hLgMsAAQBkXVXMRfdhR5u6/2fseWohOv+/uUDrfN+Te1SVz+lfIyyv8ps
+ZcNnRGI=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C18-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C9-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBLKS0foJ38Xmo62Z/QL+t01IDjTyBuGI
-gAmgoEkcC+ar+slD03fwtIY7
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAZF1VzEX3YUebuv9n7HlqITr/v7lA63z
+fk3tUlc/pXyMsr/KbGXDZ0Ri
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C18:KAS-ECC-CDH_K-163_C18-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C9:KAS-ECC-CDH_B-163_C9-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C18-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C9-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBkJZ5QBHbdo+l+JeSR1GbCt5WL1JA8Ll
-MoE5NkGlGNHc7/q+6LKb3hQC
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAi7SRkPwzsaMjkrRqixDadiqA/WUBczK
+YrbdHTFt7b0PHVML7W5VazrY
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C18
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C18-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C9
+PeerKey=KAS-ECC-CDH_B-163_C9-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0530020c8f6362312bfbe5c1c605b40dc2e032e81c
+SharedSecret=023472fa59846f7be07cf060cdd69a9fbb27d4fe44
 
-PrivateKey=KAS-ECC-CDH_K-163_C19
+PrivateKey=KAS-ECC-CDH_B-163_C10
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBbTeGKxlXY8agHV45uUWa
-MlB8KyGhLgMsAAQDNEDkYMR18gWKdn7EZsoYvOQfgw4Dcq7jI9Bj+omsv/v1UCSu
-JOSSnxk=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBFi2e06ZgRV6MAV0eRdFR
+V0mj3NKhLgMsAAQEKD6w5QhdGYs3j8lfb7TDGYtNPHgBB6EWjy9HuWPks6kCTgw1
+el69+Sw=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C19-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C10-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAzRA5GDEdfIFinZ+xGbKGLzkH4MOA3Ku
-4yPQY/qJrL/79VAkriTkkp8Z
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBCg+sOUIXRmLN4/JX2+0wxmLTTx4AQeh
+Fo8vR7lj5LOpAk4MNXpevfks
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C19:KAS-ECC-CDH_K-163_C19-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C10:KAS-ECC-CDH_B-163_C10-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C19-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C10-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA3FCdpl7RHji2LWa9fLmPiK8TDHkBnPy
-jZYqv+3uYuq0fDtFeaHlFoM2
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB5P0sxFy7uZvJ2nrMF0DtcP3z/+LAfPs
+7Gu9qb3opNoU2z5f+TS5g1sX
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C19
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C19-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C10
+PeerKey=KAS-ECC-CDH_B-163_C10-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0521673006a1d9608911d54536e122d809e919d804
+SharedSecret=0173a056c4c9ef6707cd23928999c4680f42b71f7c
 
-PrivateKey=KAS-ECC-CDH_K-163_C20
+PrivateKey=KAS-ECC-CDH_B-163_C11
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUAbGWHlLA5yCCosDMAj6is
-dVa8rsOhLgMsAAQEy/soZpHkFQgaF4Xsawqs2x0jHR0F3WrP6R1oqOwjaGR4wO6M
-iSd67xQ=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBmh0W9KVy88G1HqKs5pKA
+5xN7j4yhLgMsAAQFzt6Wpw9xTNaJY/LWyiNiaak48xEGza3VS29zPICTR4fijCzP
+WLEie8A=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C20-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C11-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBMv7KGaR5BUIGheF7GsKrNsdIx0dBd1q
-z+kdaKjsI2hkeMDujIkneu8U
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBc7elqcPcUzWiWPy1sojYmmpOPMRBs2t
+1UtvczyAk0eH4owsz1ixInvA
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C20:KAS-ECC-CDH_K-163_C20-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C11:KAS-ECC-CDH_B-163_C11-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C20-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C11-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAnXsFfJ90tpuRN/mI1Ry1b06JQL4BY/Q
-ImKyfBhd3iayx31aT01Q3Jko
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAup6UINGAvES9t0ObSXwZPnQXv8mAb8/
+adFKzIMzUzqIwuiCSGOkeuAn
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C20
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C20-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C11
+PeerKey=KAS-ECC-CDH_B-163_C11-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0460579beca16cccce314ff3040de4785336fc358c
+SharedSecret=03d34f411a297d7c990fa4a83b5f54759607f9d33f
 
-PrivateKey=KAS-ECC-CDH_K-163_C21
+PrivateKey=KAS-ECC-CDH_B-163_C12
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBacjaIsNahVSVBHoQS+AL
-FXW2UquhLgMsAAQEXv7ZyL0qTkKViPNE9J0eY+ZovQECXRr4WsIdWYItffjw5L66
-3ztdRAE=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUC79RADa08+tjRY3+pKQxL
+dYowFbahLgMsAAQFExMbS8ty72irBD7oT8jLA7bY8YcBILfVdyu7F+yxyegMNvgI
+/VSpOq4=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C21-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C12-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBF7+2ci9Kk5ClYjzRPSdHmPmaL0BAl0a
-+FrCHVmCLX348OS+ut87XUQB
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBRMTG0vLcu9oqwQ+6E/IywO22PGHASC3
+1XcruxfsscnoDDb4CP1UqTqu
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C21:KAS-ECC-CDH_K-163_C21-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C12:KAS-ECC-CDH_B-163_C12-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C21-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C12-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAjOvNhAwOSJvQW3SLhomtz+Qk9OKBzQl
-ihdcl3aKn3K4JLmakfXPjj2W
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBt0TBTSeiqCAIAc6DeWvxdwbamLTA0l+
+t79Aie8CzQpd0Phr2HmKRMVs
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C21
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C21-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C12
+PeerKey=KAS-ECC-CDH_B-163_C12-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=05ba66964483fe473ccbd00c37ad3ba40cc5969f62
+SharedSecret=06120aed8d4c1e506710e2cfb98ca2022e642ca89f
 
-PrivateKey=KAS-ECC-CDH_K-163_C22
+PrivateKey=KAS-ECC-CDH_B-163_C13
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUAAy/HkIZGMmMMSaKemtD7
-bRDytYyhLgMsAAQHec+z4XyQKiWE7TOCqL7YJi25hCQASvJzh1+KKrmpSsDR5KIz
-kLK7UFw=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBKw1kl3z8E7SDRe9wctGj
+iQ6vuVuhLgMsAAQBuTY89Ic1Z2h42AzhSBuFiGg/dEQHaPpzJ81yUsj2lu1JR4aJ
+Fa2h+10=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C22-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C13-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEB3nPs+F8kColhO0zgqi+2CYtuYQkAEry
-c4dfiiq5qUrA0eSiM5Cyu1Bc
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAbk2PPSHNWdoeNgM4UgbhYhoP3REB2j6
+cyfNclLI9pbtSUeGiRWtoftd
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C22:KAS-ECC-CDH_K-163_C22-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C13:KAS-ECC-CDH_B-163_C13-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C22-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C13-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBtAyFSJA8ovn90349tKkUMEimlqVB6ra
-x3zERImF0XlGNrwdWC89EBoz
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBaDjQRGOaYJ9an+CgvvwuUQA8IJABCO5
+k9Q2f79PZQTZ4JpkEjo7U9Eo
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C22
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C22-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C13
+PeerKey=KAS-ECC-CDH_B-163_C13-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0277c4a76e1613b2ede699a675c1645a786075009e
+SharedSecret=021a58087968c5df57afd7c343a4cfa2ee8e7073f1
 
-PrivateKey=KAS-ECC-CDH_K-163_C23
+PrivateKey=KAS-ECC-CDH_B-163_C14
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDwd5btA5wkz7X24TOLLRo
-y7opmzqhLgMsAAQF/+DxYBi9S97l9zv9rQTXE/Ihb1AEI2HIgfAIHLBUTvqww7NP
-Weqt7sQ=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDOslTgD0ERrPNpOvQcbTr
+AnwRv9ihLgMsAAQFxEbpiWykTMpzPp9OW2Sv3cBTchEGutGyUiaS+XCzi+aTXcfR
+wJ3NIG8=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C23-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C14-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBf/g8WAYvUve5fc7/a0E1xPyIW9QBCNh
-yIHwCBywVE76sMOzT1nqre7E
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBcRG6YlspEzKcz6fTltkr93AU3IRBrrR
+slImkvlws4vmk13H0cCdzSBv
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C23:KAS-ECC-CDH_K-163_C23-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C14:KAS-ECC-CDH_B-163_C14-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C23-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C14-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAfhYHsYd8UCSJ6q3oBXyxx0p43FsAcH1
-HMQYW2iiYOMbSwDAOkQD9lwl
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEABqSPWGRY0MGEkweJnMJsH26Mt7LBaNR
+f1Qmo0Eacn7dwpo+wilVg2jR
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C23
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C23-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C14
+PeerKey=KAS-ECC-CDH_B-163_C14-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=03c6481dac387af39e8c09a553068ac496eea03691
+SharedSecret=03da9c0879219e48c3df56174898fab9ee5b0a6bcd
 
-PrivateKey=KAS-ECC-CDH_K-163_C24
+PrivateKey=KAS-ECC-CDH_B-163_C15
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDiBJ1uki+oL7MAhGQNGf1
-0KrjIaqhLgMsAAQHduQP5xSZhTN+8bbJuDDLNgh1KqYFjm7LsnsLLTzQ46e6U43j
-V2/VufY=
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBvXkUWuf0LGsl0cOJZewI
+/SdTOnqhLgMsAAQA6dj8OgJpJcit1Qj5IPouX/UoJogFt79jElmsfTaTbBMP8gbY
+ILE73oE=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-163_C24-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C15-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEB3bkD+cUmYUzfvG2ybgwyzYIdSqmBY5u
-y7J7Cy080OOnulON41dv1bn2
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAOnY/DoCaSXIrdUI+SD6Ll/1KCaIBbe/
+YxJZrH02k2wTD/IG2CCxO96B
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-163_C24:KAS-ECC-CDH_K-163_C24-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C15:KAS-ECC-CDH_B-163_C15-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-163_C24-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C15-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAroi+9qqqAbIVw8UrUyIKmEMy42EBtRD
-jlKMqIewW9JWTfk775v2YNp4
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAvqLrw1hKK3ZuQKqGByB4kKYRR4uArk9
+H2kTkU/+FVnHwRTGMbtrKWF+
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-163_C24
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-163_C24-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C15
+PeerKey=KAS-ECC-CDH_B-163_C15-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=07b5d096d06d41c3ad6458cc93417e6facc99bc7b8
+SharedSecret=05b33fe3874d32aed99919265cc0074902e538fe54
 
-PrivateKey=KAS-ECC-CDH_K-233_C0
+PrivateKey=KAS-ECC-CDH_B-163_C16
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0TWluMPOBH+8XfJid9O/g6
-wz3a21z0oFDKgr5I8KFAAz4ABAGlPlwTiz2DkF1WOqHbASdGM8mGtS94IlqS4z55
-UgDsq9Pi4mcpqWVgTlYO1EmKIrMcOWQuHPmbHd4+xw==
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDMMofWtd9embYdCMygCDJ
+HsefN2ShLgMsAAQFujfTaZfE8qvmA9/gQiMnOOgrCzoHPIzZUARJcqAFxvGvjkMG
+4MzvuUY=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C0-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C16-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAaU+XBOLPYOQXVY6odsBJ0YzyYa1L3gi
-WpLjPnlSAOyr0+LiZympZWBOVg7USYoisxw5ZC4c+Zsd3j7H
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBbo302mXxPKr5gPf4EIjJzjoKws6BzyM
+2VAESXKgBcbxr45DBuDM77lG
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C0:KAS-ECC-CDH_K-233_C0-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C16:KAS-ECC-CDH_B-163_C16-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C0-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C16-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAfQONLPtShstQMBW+3XyrVQ8iXz9gvVC
-z3RqDyAvAMEwoavpK8TJd8gAd3mWzMULkN+ZGi6B3VFcGIWZ
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEA1Pi2kWrfEkwKAw+20upABLVbfYvAmkx
+4wuX/173uswN5NlJBwhSLjsr
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C0
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C0-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C16
+PeerKey=KAS-ECC-CDH_B-163_C16-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00a822b141ca1f5ad32899e68c54d1fec3df8100df485ebf1c5868a9ac89
+SharedSecret=053dbce9826af4d290036feb46875e975b7848a9c4
 
-PrivateKey=KAS-ECC-CDH_K-233_C1
+PrivateKey=KAS-ECC-CDH_B-163_C17
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1Rvm+81IeMVUObC8u+Xqjo
-S8nbiecKjo6/NHgtqKFAAz4ABAHFoeXT7lFuPt5yP6LVzTRWsRYyYwPF7kknOlYE
-xABWjQ/nEwKVVBv6JlB0FHVG6XM3NroAdVnXFtjglA==
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUC0jFAB01u3dW8CZsX3hKv
+ud3y7L6hLgMsAAQG4GzHww9e1+aGw6daHUQld3BgHLIDDcQUxK+zkO1GevRxqpvS
+t18y39g=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C1-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C17-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAcWh5dPuUW4+3nI/otXNNFaxFjJjA8Xu
-SSc6VgTEAFaND+cTApVUG/omUHQUdUbpczc2ugB1WdcW2OCU
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBuBsx8MPXtfmhsOnWh1EJXdwYByyAw3E
+FMSvs5DtRnr0caqb0rdfMt/Y
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C1:KAS-ECC-CDH_K-233_C1-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C17:KAS-ECC-CDH_B-163_C17-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C1-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C17-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAMhkwqRiqTY6SsPYGCEbygNpRy0YYoii
-dWdDO9pFAGidTQAG66BU3Gn8wHhngPtfdNOYkhNQTi9uZmmA
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEByFnCITaqM1idjjskPNEjvsPJIm6BPhK
+mDvsayiJyCEb8jEUm1vrzHXg
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C1
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C1-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C17
+PeerKey=KAS-ECC-CDH_B-163_C17-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01662682bec2dfae05e38587c8e6a4d18aef4cb3416989c47c11bbe2810f
+SharedSecret=00d49b971cab937f40908913fe259849679ca076d9
 
-PrivateKey=KAS-ECC-CDH_K-233_C2
+PrivateKey=KAS-ECC-CDH_B-163_C18
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0uzKWV5V5shcWveMWVQP23
-SQA/9Ow2HDi0jn2mvKFAAz4ABABaSPrEdsMcrQxo5k5l5oeuRBj7XTtLsqu5kN0N
-5AAtmt1wZibyhZ7OEQ3y3eifrz6KrEM+JZXiPCdAgg==
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUCRJwbn/CeepoDsX9f9GER
+X18/Gn+hLgMsAAQHP53d3EZQkz3szJVG05KjXbvGanYE3nVY3eZJ9yMis54xyOKc
+5vWZSF4=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C2-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C18-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAFpI+sR2wxytDGjmTmXmh65EGPtdO0uy
-q7mQ3Q3kAC2a3XBmJvKFns4RDfLd6J+vPoqsQz4lleI8J0CC
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBz+d3dxGUJM97MyVRtOSo127xmp2BN51
+WN3mSfcjIrOeMcjinOb1mUhe
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C2:KAS-ECC-CDH_K-233_C2-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C18:KAS-ECC-CDH_B-163_C18-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C2-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C18-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAXgtgvzSEcAkfIfmV+/MXS/2sF65NTMK
-U5A/s7+jAMzoMKUV1pCrmBSVea00gThIWeVl0H+mH1Dr1mmi
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAdYxnsLcXAjwJhrtAjFBjW3D0M2nA45k
+lT982scdBS5VhVdGtD1EGBuR
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C2
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C2-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C18
+PeerKey=KAS-ECC-CDH_B-163_C18-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00215d511cb95e0e073ee999908a7a844afd75c9acb7a9d724f7fd322b01
+SharedSecret=0483ad0b7f8a716273f624b8979c19126705266e4b
 
-PrivateKey=KAS-ECC-CDH_K-233_C3
+PrivateKey=KAS-ECC-CDH_B-163_C19
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1qfAOJLfGE1Wzcy51emhZI
-OmyTiK4hKqkmyP37XqFAAz4ABAFKr4gOgdtpq6K0A7vafzYeMzm0g84mmfML9Sge
-rQG3FVm9fZOE5Re4fxE4ppb7zrNRDYxBwhWNSqPlsg==
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUA0IuV2aTOck7EYszhJwH9
+jD1T/c2hLgMsAAQAJqdw2G4cibp6hq72Sbp+qG/H1bIB2xAg4Pdk31SlPCPJOM7J
+jZp3rR0=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C3-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C19-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAUqviA6B22mrorQDu9p/Nh4zObSDziaZ
-8wv1KB6tAbcVWb19k4TlF7h/ETimlvvOs1ENjEHCFY1Ko+Wy
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEACancNhuHIm6eoau9km6fqhvx9WyAdsQ
+IOD3ZN9UpTwjyTjOyY2ad60d
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C3:KAS-ECC-CDH_K-233_C3-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C19:KAS-ECC-CDH_B-163_C19-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C3-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C19-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAI2ADTdnq/VzFpV1TuiCm4WP9OtgSkSK
-1mSQtJwZAbwPAzlkmtTXt8/z/KnpZaOGJej0W8lgKjPAeYoz
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBPFnkHv0uY6Gltgdp9LBBW76DcFMBsua
+tlFDgyuc79XZzmnsTbLt0Geq
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C3
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C3-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C19
+PeerKey=KAS-ECC-CDH_B-163_C19-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01394e02c70104f2a5308b2d101b02c70ef2d13540602b8e8f82dc6d569f
+SharedSecret=00f69dcb547119fc9b8c454335aab184c3ada5f1c6
 
-PrivateKey=KAS-ECC-CDH_K-233_C4
+PrivateKey=KAS-ECC-CDH_B-163_C20
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0uL/h5G8ZMAPOw8dXVz7nd
-s7GTgUWZ99vd7e/Po6FAAz4ABAGARcyeZfbideMipiwY7+LQDPk5lf61NWEnOj8T
-BgFk4Ac8DUs+EuIvg3vT/sQh47sJ4MDdmXQigw9kAw==
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDgI7+atUNJQ2HGS4WSZzj
+JZQo87ihLgMsAAQAE6AuJfySeHWvpVe9Zz9lhwRZ5nEEA4265cXlQIRwiiS8P9By
+52nBI3c=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C4-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C20-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAYBFzJ5l9uJ14yKmLBjv4tAM+TmV/rU1
-YSc6PxMGAWTgBzwNSz4S4i+De9P+xCHjuwngwN2ZdCKDD2QD
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEABOgLiX8knh1r6VXvWc/ZYcEWeZxBAON
+uuXF5UCEcIokvD/QcudpwSN3
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C4:KAS-ECC-CDH_K-233_C4-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C20:KAS-ECC-CDH_B-163_C20-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C4-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C20-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAUo+EhrdelJn9crSBLP0khUIR4ayP42U
-2f2gLg8ZADlP6hddrZs01SVDRlTQyGY3kmysOjKSouSlFLX1
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB5ttFMdDJxQC0TI2AyFf6zxosURVBOOQ
+VoalOMJaAr6pL0IYQCG16iWT
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C4
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C4-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C20
+PeerKey=KAS-ECC-CDH_B-163_C20-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=008556a4c3a8906ddbcb946099ca5dbe7bdb6cd8f37fbb50c96fcefed32d
+SharedSecret=01bc5ee5261b2bba55b10cbaa6cc3c97b98d00ffea
 
-PrivateKey=KAS-ECC-CDH_K-233_C5
+PrivateKey=KAS-ECC-CDH_B-163_C21
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1mly5xVmdG8vdsh3k3dAVO
-onXip+J6t8LQXF8kEqFAAz4ABAAgIm3XPjGOT8jUndQ+WeJgGT0bskjL5MBrTWuD
-iQDtEqTziWlqsxyT6j7E2Orxi+CX/JFS4sQrc/9FKA==
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUCrSMqekHmzCSVU42HsCPN
+7HtuHyOhLgMsAAQFSeMHgNk/eW/c9pGQVXXYXGZFO9sCFiqIW+oxNEVD9dBhkTad
+7G5w6Wc=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C5-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C21-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEACAibdc+MY5PyNSd1D5Z4mAZPRuySMvk
-wGtNa4OJAO0SpPOJaWqzHJPqPsTY6vGL4Jf8kVLixCtz/0Uo
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBUnjB4DZP3lv3PaRkFV12FxmRTvbAhYq
+iFvqMTRFQ/XQYZE2nexucOln
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C5:KAS-ECC-CDH_K-233_C5-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C21:KAS-ECC-CDH_B-163_C21-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C5-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C21-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAIlmeIj4QlxaYjE0Yi8eqdmvNt+XcsQQ
-1uMfK024AIRDD6RxZNHA65cEKkTL70ALu1RfrqTvSbpeO+9C
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB3L0LScqBX3g/5Jsn5RgXGZ10hUmBgLn
+5TJV3pv1jAV+77ebzkMbXDgI
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C5
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C5-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C21
+PeerKey=KAS-ECC-CDH_B-163_C21-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=004ea6e0e34ec7c9bbad47f0f6f8ec0608e736d91e0e56cf3e5cffe8c370
+SharedSecret=008574d838d3de87965fc1b4343fe4f078588c4ea1
 
-PrivateKey=KAS-ECC-CDH_K-233_C6
+PrivateKey=KAS-ECC-CDH_B-163_C22
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0eU7qha8AmK1MppxGw6xiK
-G8p+9LXIUGEiXUHUqaFAAz4ABAB9bXhfoyMXTrnN5bcFQo5AGSRINbyUcC8oDCX/
-5QGaoO9DMHTEhNFOYRNy8D74kS8agkbOsekMgX2z2w==
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUA3Jmxnz2IR4dRkOlYiyu9
+gw29OpWhLgMsAAQA9l2YTXHcwYvxcqvk05k84PfPMkwAG0nmos8Rc6raw69sCelm
+8xFBq9k=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C6-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C22-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAH1teF+jIxdOuc3ltwVCjkAZJEg1vJRw
-LygMJf/lAZqg70MwdMSE0U5hE3LwPviRLxqCRs6x6QyBfbPb
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAPZdmE1x3MGL8XKr5NOZPOD3zzJMABtJ
+5qLPEXOq2sOvbAnpZvMRQavZ
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C6:KAS-ECC-CDH_K-233_C6-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C22:KAS-ECC-CDH_B-163_C22-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C6-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C22-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAWTaCZIl6zxkH8g8dyBKOW6rlJWxKiL2
-jnpLg5nVAM2Y8nBMdJTm0gN150UoyPVvhn6d12MpgULqAXJL
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBQskKUYJcXOanW1WcLxtdZ5WVnaLBJK8
+LT9jjUl45MpYylpO8ZxezOqN
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C6
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C6-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C22
+PeerKey=KAS-ECC-CDH_B-163_C22-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0160d0b9b92a4acd089738fd489ae39734551e888fd05a020ce26498270a
+SharedSecret=04579b477a92ed961cfdb2014407e88e7716452a4b
 
-PrivateKey=KAS-ECC-CDH_K-233_C7
+PrivateKey=KAS-ECC-CDH_B-163_C23
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1CqAMqEdFld1XEnkdwM7DT
-Qdov6ZOkV3tBpAzuGqFAAz4ABAH2YpaX2mINWX/B9RyDN0IT836VL8EX7mWp52au
-+wArNt7ceHrJUdKHnXJBTaLnV1ps18QuD6ILMtRh9w==
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDVquFsE0IUbj2a0p5ZSbT
+8+OIKEShLgMsAAQHdqLhr5MtdFGQcL+pQeqpPp/16XoFq+ntRiRf0BRiUNKlY8Ru
+v3rNI0I=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C7-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C23-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAfZilpfaYg1Zf8H1HIM3QhPzfpUvwRfu
-ZannZq77ACs23tx4eslR0oedckFNoudXWmzXxC4Pogsy1GH3
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB3ai4a+TLXRRkHC/qUHqqT6f9el6Bavp
+7UYkX9AUYlDSpWPEbr96zSNC
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C7:KAS-ECC-CDH_K-233_C7-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C23:KAS-ECC-CDH_B-163_C23-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C7-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C23-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEADOosIo8M8NDAyztHA9egm+TLe6HnsFg
-eir11GKYAGxPJ6SbUaifbQlgFguluP7AjdLNS8kJpJCuvk97
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAX1SEW8MlVh/G3sGx26Y2ZyC3PIMAk6i
+K92ZC9eeY+c1shKCrhtepmZI
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C7
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C7-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C23
+PeerKey=KAS-ECC-CDH_B-163_C23-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0038381b342efaa70bb79adb76ceb775de5f45f863559ecaee1ddbbd0313
+SharedSecret=035a8c10e64403c52ef8d17c5f4dead0df81fb1f21
 
-PrivateKey=KAS-ECC-CDH_K-233_C8
+PrivateKey=KAS-ECC-CDH_B-163_C24
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1D5XcJeBlfkXFS8Fe6H7AV
-bYlNMui7VMf2L3NApqFAAz4ABAFIfR/avM19idolaFsEKYCrFwruPBHzEYDjt8UK
-SgF+OD3WWh7IpAkAf3UDXlsWEzXZx3Vu2XBJD70XGg==
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUAentUdVDHWKnefwbi845V
+9enkTOahLgMsAAQEWVLAtRfmhcqwlHAyf51LISdRsEkESkKabvsEvOoCQKtYBd50
+CqYfmU4=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C8-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C24-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAUh9H9q8zX2J2iVoWwQpgKsXCu48EfMR
-gOO3xQpKAX44PdZaHsikCQB/dQNeWxYTNdnHdW7ZcEkPvRca
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBFlSwLUX5oXKsJRwMn+dSyEnUbBJBEpC
+mm77BLzqAkCrWAXedAqmH5lO
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C8:KAS-ECC-CDH_K-233_C8-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-163_C24:KAS-ECC-CDH_B-163_C24-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C8-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-163_C24-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAM/hX4YaoBU0hfOKwDPfnI2BKv3hZ7iR
-i7lKCNljAb6/Bn+FEm0RSTIWIWQgGxN0vxhAqhHV4lBjnQYI
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEA6fqELodaqVFcAtAtzeVGp5zbfoMBPk1
+L7KsJETpKHVONlX9YuOkJWTo
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C8
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C8-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-163_C24
+PeerKey=KAS-ECC-CDH_B-163_C24-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0122169f1dff445ec663270375dfe914016c38ce6c2d40d0b8098abc60ac
+SharedSecret=000142615e3607ac148c4de8f334be849235d01cdb
 
-PrivateKey=KAS-ECC-CDH_K-233_C9
+PrivateKey=KAS-ECC-CDH_B-233_C0
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1MZ8YQPmISRgCg2ekj3CF6
-Ai9Xxv6yGccDM0/zOaFAAz4ABAAjUv6TQeYsYJ/BU44CcEBecAHXR7h1AOZEoRLF
-2QBB87FbcUpvfvZH4jZl6lMO/L4ZsHQENs2oEug5OQ==
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4APD7kdKwNC8HfVn48NfX3
+ZsUzKy1nMP8OTY51rtuhQAM+AAQAYeiptRf9BaAm7DdmFiKf2GOaH6dt7+U5gCL5
+2cgAcGtcsIc4qUVS/uWEsTcv6tSveQQJCfz29QCEu/o=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C9-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C0-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEACNS/pNB5ixgn8FTjgJwQF5wAddHuHUA
-5kShEsXZAEHzsVtxSm9+9kfiNmXqUw78vhmwdAQ2zagS6Dk5
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAGHoqbUX/QWgJuw3ZhYin9hjmh+nbe/l
+OYAi+dnIAHBrXLCHOKlFUv7lhLE3L+rUr3kECQn89vUAhLv6
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C9:KAS-ECC-CDH_K-233_C9-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C0:KAS-ECC-CDH_B-233_C0-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C9-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C0-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAHY+KGvlB0C3+L14+nC8rIgN89c3HrM/
-2iRTs+0jAFe+bF99mQt1Q5hoM5rjJ68EoEmzi5IzK5y4yyfZ
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAEdWut3vw9wzerJ7VFLrEK/9njH1tVwz
+DpDw9oaiASp59lIyMIohyYwBVVzK/H3OFcj+0wJadgy9bCMn
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C9
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C9-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C0
+PeerKey=KAS-ECC-CDH_B-233_C0-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0054d47c9d0a9fee258122326be25daf35f0ba0b8449e16b4623a8c0fd7e
+SharedSecret=00e9f3d8c4f1bec0f920e763ea1bb7415899f01734609e7547dc425ec946
 
-PrivateKey=KAS-ECC-CDH_K-233_C10
+PrivateKey=KAS-ECC-CDH_B-233_C1
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0Z5U2ocples9zczFBBjsNR
-QAiJ+udaC6Tc/yXx+aFAAz4ABAFeZ+rr5Sujf1tzoZnZUIEs7BAS/UEFgURLvyPg
-yAAiBV74Id8zBC+4MW3a12SF29JZDi9UmKkU5PCtOQ==
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AqkGloBpOZqZ5l7C+FvVr
+FgsFYa0H868pZDhkYdChQAM+AAQALZFAJEZVcGjED8B13uk5FrDxqTkuR+VrdHEl
+rh8BOrCRXkrPd5UWgm+h3BiFoGq8XQgJySJAzPnD2KQ=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C10-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C1-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAV5n6uvlK6N/W3OhmdlQgSzsEBL9QQWB
-REu/I+DIACIFXvgh3zMEL7gxbdrXZIXb0lkOL1SYqRTk8K05
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAC2RQCRGVXBoxA/Add7pORaw8ak5Lkfl
+a3RxJa4fATqwkV5Kz3eVFoJvodwYhaBqvF0ICckiQMz5w9ik
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C10:KAS-ECC-CDH_K-233_C10-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C1:KAS-ECC-CDH_B-233_C1-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C10-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C1-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEALyKca1METTe8Cbkcj4xAiP7LFhZvHWU
-BUyJTaVSAMNlBWNQVTUDPHpsRI1zv6CPuDcCNMf9usGzTaoi
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEARhqAo+aGNuSf2MlPCA+smqjq6DUCxo6
+vGTkeiKtAMvYuV+J5CESi8c6Q8XMJU44ZwlquJ14iy7TuQqW
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C10
-Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C10-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C1
+PeerKey=KAS-ECC-CDH_B-233_C1-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0071aed39f5c44a7ff72db3e0f8284da39dfb2d894f278d2006f9d2686e3
+SharedSecret=00f1fbecfadb158d62eb1109c085124fad67a8795b58815eb396c95db4b9
 
-PrivateKey=KAS-ECC-CDH_K-233_C11
+PrivateKey=KAS-ECC-CDH_B-233_C2
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0Tpf/JoPcGnBxmFIaZYS5c
-+rfiv3syVfGBoCJxkqFAAz4ABAGN5NxPak3lw2OOu6JNxwZJg7FZ9VsTnHaAocuQ
-0QE1Uy2BSK8+In1KiWDnaMVl9ywawKHJp70YXPmU0A==
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4Axmd8KAaLRi40hizmydit
+jBs8fv6Ay6tB2kGSeOShQAM+AAQAQssxHc/ySCos7OaWwetkxprCqlmSCaXBh2Oj
+FQoBsDKfNsE10ALwi+Pj/6naGMXWpww2D0+HHxK/P5U=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C11-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C2-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAY3k3E9qTeXDY467ok3HBkmDsVn1WxOc
-doChy5DRATVTLYFIrz4ifUqJYOdoxWX3LBrAocmnvRhc+ZTQ
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAELLMR3P8kgqLOzmlsHrZMaawqpZkgml
+wYdjoxUKAbAynzbBNdAC8Ivj4/+p2hjF1qcMNg9Phx8Svz+V
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C11:KAS-ECC-CDH_K-233_C11-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C2:KAS-ECC-CDH_B-233_C2-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C11-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C2-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAWzBrhP7NIJSSTAhzWFG1THwtyKEKkTH
-l5aJ8f84AYwJY/8Oo3BIyfb0dkTyp8jFA4Y8J88h7m4KMiTq
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAJO/hWIWAiOOmNCcmIKNUaSUYDYsI8UU
+HT0bI1KWAISXFSGHqLOylYodCi7s/0SSJRgHy/0D1fJoW8o3
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C11
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C11-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C2
+PeerKey=KAS-ECC-CDH_B-233_C2-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01ca68ead4eddc8847a3a661cc6628e076bdd4b45047ece72245d094dd3b
+SharedSecret=019ea831c51d88a7cf754495a1c474082ed481c8eb83190a77defb09d479
 
-PrivateKey=KAS-ECC-CDH_K-233_C12
+PrivateKey=KAS-ECC-CDH_B-233_C3
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0vXSp+CHekyZBzcyOG6NWX
-NKI91/Dff81U2UHnYKFAAz4ABAFHmAlGgMvTL7HuncqmuHOaVWMFI1kz+ycVfTGe
-VwHIVfDUU8H/tfZosyqLPjCeDoEBvDm22+feIUAV4w==
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AnGECSz3/IZs38b5nAYBK
+3yR0FESN0PDcUSk6yROhQAM+AAQAEkEg2ECYUOceM8ni2cQOoyvtEdd4BHhumwdo
+kqsAba4bpIFylv9jBzusnOBl1DMboaXImcwcB0Bdrj4=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C12-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C3-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAUeYCUaAy9Mvse6dyqa4c5pVYwUjWTP7
-JxV9MZ5XAchV8NRTwf+19mizKos+MJ4OgQG8Obbb594hQBXj
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEABJBINhAmFDnHjPJ4tnEDqMr7RHXeAR4
+bpsHaJKrAG2uG6SBcpb/Ywc7rJzgZdQzG6GlyJnMHAdAXa4+
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C12:KAS-ECC-CDH_K-233_C12-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C3:KAS-ECC-CDH_B-233_C3-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C12-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C3-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAOSeGCrF2TK+iwX+NA6Mty3zVkfezWea
-jFm12Pv6AYG5WpZavRbsJDDCbdBxmE6FSpZ/8RTueDG9MUsq
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAEVJZIaSr5XYjk4dSRTYyXaaraxaD3V4
+MmXz65ZXAbCUtIAvOXZj0OaC+r8clMTiFOSDJ7le78uSt3H9
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C12
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C12-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C3
+PeerKey=KAS-ECC-CDH_B-233_C3-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=017a893b2e090780ff8daaf3588f9dfc0ac4dfe1f1e263697a9d1f398ab3
+SharedSecret=00088425fb04c2ce408f08d81385a322703a077bf00ba0791e4e79b80419
 
-PrivateKey=KAS-ECC-CDH_K-233_C13
+PrivateKey=KAS-ECC-CDH_B-233_C4
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1lKhH2wxF/Eyb6aHdAXOxz
-McTxRql/dKsMRN4Bt6FAAz4ABAAs1tTB0sxeNCBerblPTP01u1adpyLE2bGbjVzC
-3gDqMATlsJMN9/i9oxTIvBFFRj62ACLNLc9sDIJOUA==
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AbmnQZNvZp5T2jmmaDpQb
+3aalOhzso7PbgpJbb4uhQAM+AAQAxX1h/LH+6Q1djJfL8YjI74JZsK4lh+zx/4zS
+4voAuK2GxoBaSrRFE9u6L1CYuenB4Ftnn1KTeuzisYI=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C13-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C4-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEACzW1MHSzF40IF6tuU9M/TW7Vp2nIsTZ
-sZuNXMLeAOowBOWwkw33+L2jFMi8EUVGPrYAIs0tz2wMgk5Q
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAMV9Yfyx/ukNXYyXy/GIyO+CWbCuJYfs
+8f+M0uL6ALithsaAWkq0RRPbui9QmLnpweBbZ59Sk3rs4rGC
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C13:KAS-ECC-CDH_K-233_C13-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C4:KAS-ECC-CDH_B-233_C4-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C13-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C4-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAVmLL9tb8aOVH7nsAW7LTSj2bC6dE1ln
-hlk1hdcZAe9lyvFXldFKC+icrHxoAyO8WYA7qHTLKWhnLLip
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAHPFz0oB0J47QbXnd4xrm6Utr4j8QE+O
+L9CdtAJ+AHA5Htqnbw45cDlMrAM4BhBYhYw8c9XLUS5TJjBP
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C13
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C13-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C4
+PeerKey=KAS-ECC-CDH_B-233_C4-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0041fa5fdf495b885699249b7746334b76c59e1c917bfc1ae371b96941f4
+SharedSecret=019b5efb23bc18a4f18c22fe2fd5cdbd02372cabde5e5c9f4b4f9a49438f
 
-PrivateKey=KAS-ECC-CDH_K-233_C14
+PrivateKey=KAS-ECC-CDH_B-233_C5
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0q1fccY4SvYmibNcJMTd+z
-Ws+BBssMGVAsLKGEr6FAAz4ABAD+G1JAinEoQb1i8O5RMH8mMx1AK8w6WrBAXRxe
-gAEKcxp9ampPW0Cy6qgQwZAtsnso0pe8BfNxTKyvwA==
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AWuXeMMfDFxgTot0+PqLF
+zqoEc8OUV+mSkHHhpCChQAM+AAQBfPn8oF1KVeS2j+56O9Q/BHMD8qJm2Bu14ex+
+JVgAOwr0PeBQAzl94dSyeCetL81nXL9hpEWh7EClabY=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C14-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C5-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAP4bUkCKcShBvWLw7lEwfyYzHUArzDpa
-sEBdHF6AAQpzGn1qak9bQLLqqBDBkC2yeyjSl7wF83FMrK/A
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAXz5/KBdSlXkto/uejvUPwRzA/KiZtgb
+teHsfiVYADsK9D3gUAM5feHUsngnrS/NZ1y/YaRFoexApWm2
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C14:KAS-ECC-CDH_K-233_C14-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C5:KAS-ECC-CDH_B-233_C5-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C14-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C5-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAbbP87f6IV43hgXJP4b1zThF9F+96L4H
-newpvIhiAWYiLvpdup6FjCRdu12maCOatbpyhhj7hakN3HYK
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEASOmsIGnYehsBC4ZFK9H8JOyZVVD5WRY
+S2BkJTmpAFGO48GuVGQE3x7M1pqmhWQx0ciIHPBXjP9OuMEb
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C14
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C14-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C5
+PeerKey=KAS-ECC-CDH_B-233_C5-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=015f5adba59d1ee01696cecce4b63e78e68508303ee496ff5abcea25ad3b
+SharedSecret=01f36d9519c3d47f030eeac3338db583b96fefa551a4b56cc5567f2d9d7a
 
-PrivateKey=KAS-ECC-CDH_K-233_C15
+PrivateKey=KAS-ECC-CDH_B-233_C6
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1vActUeBy9ptiN61mEOuCD
-axr2g+/HVlC+hPIIp6FAAz4ABABNAKjwgg2pCX/lDo5979rClgfdTLHdiB1OYfHn
-iwCKSo6cgRtEQ2eVJ1KrjCpRmO+yj77b8/vXAahXqQ==
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AxoeWlVtotfiCfjisB4Kx
+rCxFUsrvDGCVhGfNhcGhQAM+AAQANHifvGDxCGA0yPLOhv1KozUZTJFGiQNX3EdW
+meQB0395Yyf3HsMVEEaEY9CykFSIpKYCZ4cN/uVnwlA=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C15-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C6-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAE0AqPCCDakJf+UOjn3v2sKWB91Msd2I
-HU5h8eeLAIpKjpyBG0RDZ5UnUquMKlGY77KPvtvz+9cBqFep
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEADR4n7xg8QhgNMjyzob9SqM1GUyRRokD
+V9xHVpnkAdN/eWMn9x7DFRBGhGPQspBUiKSmAmeHDf7lZ8JQ
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C15:KAS-ECC-CDH_K-233_C15-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C6:KAS-ECC-CDH_B-233_C6-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C15-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C6-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAM9AKuvD5CR6mrQ9qXVRdqgQ4BH5/Zd9
-4b4v1TT7AbrEX6QtYFrTR5x8Q+ckkQcWc3lTzIUErxTzMdNP
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAUH7vys2HCyM5e2r+iKqR1VYHlsaZmAD
+YqDue8V0Aa6jysID+MeAR1omCbKXDMhvlupAEcNI2oJiszSq
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C15
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C15-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C6
+PeerKey=KAS-ECC-CDH_B-233_C6-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=003d5c29b3753e89ce5064575393392b377ca657a0b73872c82165fc43ae
+SharedSecret=00e54b1c916ff3ba1aa0b2b99f0ebde4f1a4cc6a10d959bb2f7f4c777b84
 
-PrivateKey=KAS-ECC-CDH_K-233_C16
+PrivateKey=KAS-ECC-CDH_B-233_C7
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1dwboYOfXR/qhas2FMVanF
-/mAIU8caYZg8fcgt4qFAAz4ABAC2y2/6Ti6rz3uYfrtSAWWo7Joipvn/sQDzgXKg
-+wDTmBThhSR25W6JzozdZDcoQMAVcKhpQKziS7nPag==
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AdCRcyX3UUJNWieo/ynsL
+MMHWfObovhfLEZJXXK+hQAM+AAQB4cVwrMZTxwb9d0AZSlVN5/N5mhK4INapQRl/
+dh0B4iJejQ1ByAj26tevMg+yX+0pqZCYoPDhHNhp5Tw=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C16-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C7-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEALbLb/pOLqvPe5h+u1IBZajsmiKm+f+x
-APOBcqD7ANOYFOGFJHblbonOjN1kNyhAwBVwqGlArOJLuc9q
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAeHFcKzGU8cG/XdAGUpVTefzeZoSuCDW
+qUEZf3YdAeIiXo0NQcgI9urXrzIPsl/tKamQmKDw4RzYaeU8
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C16:KAS-ECC-CDH_K-233_C16-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C7:KAS-ECC-CDH_B-233_C7-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C16-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C7-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAPOMzM8I5b3/O7NffnW9ztaNN5Hc94Q8
-qI/wkhNtAV7XaXpLjJnQFHgo9shh/8nPsPM9zp0UsHMeHaJi
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAJag0/Nuj3U3kQdM6ml7JHFifgyeeilK
+ApqdO5QpALdnF0opILYvHwL6eQl4RdUdk+DIEEQQgxot1Vw8
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C16
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C16-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C7
+PeerKey=KAS-ECC-CDH_B-233_C7-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=007c01f906caa590898a09f46b6f5383658e7fee656aca0f111f22939960
+SharedSecret=00bc0dcf7585753cc79aa412d2740b4b2d1c644fc9755cb0550286bcf68e
 
-PrivateKey=KAS-ECC-CDH_K-233_C17
+PrivateKey=KAS-ECC-CDH_B-233_C8
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0kHh31WHAx3drhlokcKIIc
-x4ea01gyrnGPbnkuZqFAAz4ABAHBcs7it2UD602Qs53azoJbI8Mjdcto6uzXNISQ
-owDCRu+cbi+trHfHPundWt7oKLeRhBc5W1mXvhoCeA==
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4Al77tS3OKYgXMnqBGtEi1
+IxKLkxAaAtlkQ16xeAahQAM+AAQBg1jalAeacAoQsgojJdM9gOletPxKmBAcMSY1
+k5wADE9ELQBxx70dIXzyNf0DHewwnoXqIBTmi1D8K6A=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C17-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C8-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAcFyzuK3ZQPrTZCzndrOglsjwyN1y2jq
-7Nc0hJCjAMJG75xuL62sd8c+6d1a3ugot5GEFzlbWZe+GgJ4
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAYNY2pQHmnAKELIKIyXTPYDpXrT8SpgQ
+HDEmNZOcAAxPRC0Acce9HSF88jX9Ax3sMJ6F6iAU5otQ/Cug
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C17:KAS-ECC-CDH_K-233_C17-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C8:KAS-ECC-CDH_B-233_C8-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C17-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C8-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAeMoVx35M6z9TJbzxL3nHpF1y81iruzX
-Y4R0Sg8/AZ/0iq4MJS7ajTQLJcTdoBovIaqjXTm68DZpahEB
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAWa+JCazv45tBaJNfR8sDjKeQSDPyOb/
+UkhvCVWGAHNx4ogUX8JaWpy18qOGA08vMoxuqiTIsJboqx8M
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C17
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C17-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C8
+PeerKey=KAS-ECC-CDH_B-233_C8-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=019eece7d3fafc9274d361c6fafd9efd9ee485cbacb3baaf6834feb4df6a
+SharedSecret=01b7ef3148be331115321b1c2a68832fdfb991b26224a60dddce3e060d27
 
-PrivateKey=KAS-ECC-CDH_K-233_C18
+PrivateKey=KAS-ECC-CDH_B-233_C9
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0ESsVakTqMf37X/FZ59S9H
-y7lzAyW+IbeZN3nRh6FAAz4ABACXlIYQF7Pevv8wLkJTJ/4mnXh1O3O8G/s6d/cW
-3AACWBpJwSafXsho3G1/XC2OdJYy1Hq22eaNutmF8A==
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AdZxV2lXh/bW6f4uJOrqu
+WSW5sIGEo9VUlXrPPsChQAM+AAQAKvJfgQ4YqBtp2iVKZbimx6uA3cJ8hWIuI0it
+0TIBKLdT5LIajDrPhaq5Kpqmp7M/LLadcCS6+OiwcUI=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C18-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C9-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAJeUhhAXs96+/zAuQlMn/iadeHU7c7wb
-+zp39xbcAAJYGknBJp9eyGjcbX9cLY50ljLUerbZ5o262YXw
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEACryX4EOGKgbadolSmW4psergN3CfIVi
+LiNIrdEyASi3U+SyGow6z4WquSqapqezPyy2nXAkuvjosHFC
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C18:KAS-ECC-CDH_K-233_C18-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C9:KAS-ECC-CDH_B-233_C9-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C18-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C9-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAPSqf5NAqdpGxPBnKHU6Stxa9TpNy0Z/
-cLSHPaeFAH8yHivE4pporCPHfO3Tu83gv3uSon/6dklpiJgd
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAYHzuwsJdxMnfF87Rs7wKqnL4pq5XHbp
+tgofelHlAC4vtnLXK/ePfP7cQNNybGtPtYVBfHR2tlXjK707
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C18
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C18-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C9
+PeerKey=KAS-ECC-CDH_B-233_C9-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01e4b7e89fb1b51179b8792f5cd581c3917e11246d3846f6344ee82eed66
+SharedSecret=0041249865c913b287a253150b207e2682efd96057cb0709e9bbb48c0fc9
 
-PrivateKey=KAS-ECC-CDH_K-233_C19
+PrivateKey=KAS-ECC-CDH_B-233_C10
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0rwTZ3hTEInaXC+rPK7sJW
-xUsLNfwsZfe47mFhw6FAAz4ABAH7JYox0Wa++c1mTNe2bNjBhucCXHfwuucxWH6e
-9gBg39TkdekoBdGTXQOC3BdnBnkVzADtOyT2U4LSGg==
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A7mOdifDkM8B14u9XzCQ1
+gelbJh+Kk7jvb16/gBWhQAM+AAQABmOPa82FBDOV0B12f/d+nWd/N+9ADy4W/uht
+uvIAbBJJYmbeux2DQ7loTifF9xKcFwJKjmcEZypfPWM=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C19-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C10-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAfslijHRZr75zWZM17Zs2MGG5wJcd/C6
-5zFYfp72AGDf1OR16SgF0ZNdA4LcF2cGeRXMAO07JPZTgtIa
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAAZjj2vNhQQzldAddn/3fp1nfzfvQA8u
+Fv7obbryAGwSSWJm3rsdg0O5aE4nxfcSnBcCSo5nBGcqXz1j
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C19:KAS-ECC-CDH_K-233_C19-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C10:KAS-ECC-CDH_B-233_C10-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C19-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C10-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAGjZ5V56EFt7tEsh1mm7DvZXqRQ3rYS/
-bVhTJwyYABQ8i+21TbB9+PZwg8WaCqfNig76QvQv1i5ELgti
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAGWqQRXlnmBFqvme4b7KH6uSO73JGSBu
+CTFiC6mWASjQC3dYmaWKWbyyq3nWCeLc2pjmUju2cWhVT4Tm
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C19
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C19-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C10
+PeerKey=KAS-ECC-CDH_B-233_C10-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0145710c3ab0780ec233424d4e28b38d29f886965bbcac49fa300e1ed886
+SharedSecret=01cf480fbc2be2c2c4448c88890972c7ff9cbe08a75e26c3809596b8b5c0
 
-PrivateKey=KAS-ECC-CDH_K-233_C20
+PrivateKey=KAS-ECC-CDH_B-233_C11
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0NVllUcUNdlf7DffYi8Y7n
-2rskN5yCu/cUxavF46FAAz4ABAGlKUCkUqr0ILN7XzLCwzcwaJSogv7qet2twBkn
-7gB3G59ioqb6iSUDIlJ1SQOIuL/C33ffPoBr7bp9iA==
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AkpsJtnspqk/xXWd5oXMw
+ZQSfrrLCJwEsSfJ37VGhQAM+AAQAygQD2V2F8MsK5NKurhjhh7ecIB7WjBStJO0A
+OSIAz2sKUCspDQru6CBmGsz26ll2h8Rcf5Onc9JfYqY=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C20-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C11-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAaUpQKRSqvQgs3tfMsLDNzBolKiC/up6
-3a3AGSfuAHcbn2KipvqJJQMiUnVJA4i4v8Lfd98+gGvtun2I
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAMoEA9ldhfDLCuTSrq4Y4Ye3nCAe1owU
+rSTtADkiAM9rClArKQ0K7uggZhrM9upZdofEXH+Tp3PSX2Km
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C20:KAS-ECC-CDH_K-233_C20-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C11:KAS-ECC-CDH_B-233_C11-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C20-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C11-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAJnrkc2phiAQPDIF1kieaK1+V9ClHcUC
-1uMFiPQYAD+/gpkp7dKOkG9Y+Hq+1tbRd/Q28N2UDdol6vGI
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEATV25wDzY2f7dBhC8jGInzaCKqspM8JF
+7tV7naytAXkQ6QcaPkLn8hs2Pw5ofSiYEKTsKcNuzhSFTh3R
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C20
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C20-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C11
+PeerKey=KAS-ECC-CDH_B-233_C11-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=006941a2a531083563dd886b06c0860770a4724bb04a4ebb2afb1ba2636b
+SharedSecret=01ce8abf3c8ccfa30e5f35ddb75f5e106aab1e67086156a1ededa1717b77
 
-PrivateKey=KAS-ECC-CDH_K-233_C21
+PrivateKey=KAS-ECC-CDH_B-233_C12
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0ZyKsrMvLuk78v9rxEN4tg
-hyva62ula1FMjziLp6FAAz4ABACDUw+j3zFah0CsUvTTlLgMSl8hC6ugttwiBeEk
-kwA3udAu1D6dQdDbuEA7kCG00sG9Ng7lPDHCe0kgBQ==
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A4nrwTv4thv/tbs33GPwL
+jgSe0iLnYAw84xzk6XqhQAM+AAQBRewNtf5iuSVHeSASJoryG6koqP2Y0KHe49j7
+JVkBCgMc6laxg+kwkwCKtwXMkJnltlxctEBzJLlv7pA=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C21-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C12-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAINTD6PfMVqHQKxS9NOUuAxKXyELq6C2
-3CIF4SSTADe50C7UPp1B0Nu4QDuQIbTSwb02DuU8McJ7SSAF
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAUXsDbX+YrklR3kgEiaK8hupKKj9mNCh
+3uPY+yVZAQoDHOpWsYPpMJMAircFzJCZ5bZcXLRAcyS5b+6Q
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C21:KAS-ECC-CDH_K-233_C21-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C12:KAS-ECC-CDH_B-233_C12-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C21-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C12-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEANzKoitDOR3AUll6470HxuXwIfOemHdW
-9lSBce6UASjv1JrzprMtwWeXqXjwrUqw22arq9atVnL0+BLJ
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAOn7pxpkq7F3+kNsuXOcn2jAFVrciXE5
+wb89+ZpTAZrxExvkfeCIcINdoUlG/tcwNBefgJKY0BSbFt02
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C21
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C21-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C12
+PeerKey=KAS-ECC-CDH_B-233_C12-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=001d754ee5351d4582974734072abac23376e24348370934e7b864db0f52
+SharedSecret=0025df759a20312361b9f6767efe8e8d69979e34639469a91fed9fce04f8
 
-PrivateKey=KAS-ECC-CDH_K-233_C22
+PrivateKey=KAS-ECC-CDH_B-233_C13
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1QMWAQTYigwPY5VufDu6cC
-lj+fG1P8EZpZLu6k9aFAAz4ABAFGPHjkmKvzQDPsPh2XPcElCeLSNPuRQDcV5C9h
-9wCt56u5igMIiGaWNTqtM8Bbq1zzwNTpacv0xM7skw==
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AGnJte5koaR6wFJyo8O3u
+R70Mc0ETq2ADJB7hk96hQAM+AAQAdCa/qIeP5ZsWqbjGORCh4vvGsHuplboEwxQC
+ES4AlE6WFmdssvx/oPnhuHo1h0gkPoD7YiZChGRaak0=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C22-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C13-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAUY8eOSYq/NAM+w+HZc9wSUJ4tI0+5FA
-NxXkL2H3AK3nq7mKAwiIZpY1Oq0zwFurXPPA1Olpy/TEzuyT
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAHQmv6iHj+WbFqm4xjkQoeL7xrB7qZW6
+BMMUAhEuAJROlhZnbLL8f6D54bh6NYdIJD6A+2ImQoRkWmpN
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C22:KAS-ECC-CDH_K-233_C22-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C13:KAS-ECC-CDH_B-233_C13-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C22-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C13-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAXCRezOze46v8kYeX5648Hl7E6q9kVpg
-cGzU8yy2AHZR4HQsDYPUtoVS6ber7DZEupdVz/5tTlaUOmub
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAR+ZSkFswZkLjGF2ej1o++pzr3tItlXk
+dHD8zHkfAV3piINdaBLwvdcAeolZceGgb00izhMDyfVe/mR8
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C22
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C22-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C13
+PeerKey=KAS-ECC-CDH_B-233_C13-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=011346b83791e4bea7f6ba6b1265e5050895d84027c106f77353418f75d7
+SharedSecret=00437ab4a53756ff678a1f580c0fd1f33b23021d62060808453b4aabe627
 
-PrivateKey=KAS-ECC-CDH_K-233_C23
+PrivateKey=KAS-ECC-CDH_B-233_C14
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1FR+r5vhzlrxOG4xEEbsgy
-YLhKLKkQVfYGaLlG4KFAAz4ABAFQSTjBZ2gK+4ttWFjPqhkcQBlvxOUAxmLFNG7M
-kAE30bqUIija5oxFCxoDOiyBCplZcfAcJAieSm/cxQ==
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A9FnHZyFpwSWeThmTM5ZM
+H/+851rTDd4SZPXLhtGhQAM+AAQBtEqBiV0hBfoWpuCVJsCa5/bL284hCHD04z24
+tvQAseByxiomQpdfBsaHxkZ9opXvk/BNHFSUpiRoPIA=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C23-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C14-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAVBJOMFnaAr7i21YWM+qGRxAGW/E5QDG
-YsU0bsyQATfRupQiKNrmjEULGgM6LIEKmVlx8BwkCJ5Kb9zF
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAbRKgYldIQX6FqbglSbAmuf2y9vOIQhw
+9OM9uLb0ALHgcsYqJkKXXwbGh8ZGfaKV75PwTRxUlKYkaDyA
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C23:KAS-ECC-CDH_K-233_C23-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C14:KAS-ECC-CDH_B-233_C14-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C23-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C14-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEANjtMYOCuFwlJaAsIsZ/W/NmM12Udn61
-y0VzlmTFAX2P3nu8Vo/cgCo+NFXzzzVgLfcGhMis3aFloCZW
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAQUTYgruDQR4hyQ46Zsj6kkAFT+TZusX
+1hvfNaoZARNt+8hAG72g1nXKBqDP9r3UZ8CsmpeCkzAHKOfc
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C23
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C23-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C14
+PeerKey=KAS-ECC-CDH_B-233_C14-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00b4938ed1ed012a9a53892ed9949397cdc4e4a612d54dcf80cdb039f47b
+SharedSecret=01ebd55823c57d1fc7b36cf1ed2051ead64db6d114014d3407186f50d957
 
-PrivateKey=KAS-ECC-CDH_K-233_C24
+PrivateKey=KAS-ECC-CDH_B-233_C15
 -----BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1C++VUhi81lRhKRVEMpT35
-fEUXVYS10t4EJyM1jqFAAz4ABAExuNYbnPsFNsWIIU5FiI6+SDke7stNf7W+jv9K
-zwFl2klVegqp1F3TeNX4mScsxpdoInaukdLAtnXEaQ==
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AZWpHuHcrCLHZB8gj+2xF
+xl+fGPi0Pzph5sdGEeGhQAM+AAQBU8262S640g2gwceq1G0IM2y8l26Nb4OUfk9N
+ZhYByXe5el4SBcpmVF3zpSa24yXgh8DgcIOf5+we54g=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-233_C24-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C15-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEATG41huc+wU2xYghTkWIjr5IOR7uy01/
-tb6O/0rPAWXaSVV6CqnUXdN41fiZJyzGl2gidq6R0sC2dcRp
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAVPNutkuuNINoMHHqtRtCDNsvJdujW+D
+lH5PTWYWAcl3uXpeEgXKZlRd86UmtuMl4IfA4HCDn+fsHueI
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-233_C24:KAS-ECC-CDH_K-233_C24-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C15:KAS-ECC-CDH_B-233_C15-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-233_C24-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C15-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAX+H8T9t/uYIG7XMpTL+JownHSdWsxvf
-ZDKXz2lbAPOnRpVeEt0LcZGe2/I7IyLKsyjdCb34e8r9zSiE
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEADXf/skRftcWdieiSj693Umj9F2RrRhA
+HT1Emy/vAZMXVM5c9Vehwazt/l6aewuR+BZD2oWGpoZYhfBC
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-233_C24
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-233_C24-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C15
+PeerKey=KAS-ECC-CDH_B-233_C15-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01b3d2578bde3066a253db5322c85cf9487ce77b67ece955e281b0d7d0e7
+SharedSecret=006d07f6e08b11a060ccec43b07ca7d9eaf6c3ece06f4785519284bf6f0a
 
-PrivateKey=KAS-ECC-CDH_K-283_C0
+PrivateKey=KAS-ECC-CDH_B-233_C16
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAV/eSbgCVCpSxwsjoLF4
-Tl+HgLVoU/ml+MOlJm6HJ9zpfUoXoUwDSgAEBhHtwEXb5D7MTvazJM1R9w/j1934
-d+xot5iQnDxFYXVqow5fAIM7JVEXBK8Jti2ffLrFmBTnW7ucc19VU4SR2/pgweAR
-Xv5C
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A8U9exO+vhuQ/7OZfF/+R
+sajWG+NBbu64hPTi0U6hQAM+AAQB2fjAHpwg9hUOx2IKdeOelvkke+zhN7A2W+xU
+JUwAYAg3O54IeAUpTa2uAIlGZ/259rik0WKV5bnSGm0=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C0-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C16-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBhHtwEXb5D7MTvazJM1R9w/j1934d+xo
-t5iQnDxFYXVqow5fAIM7JVEXBK8Jti2ffLrFmBTnW7ucc19VU4SR2/pgweARXv5C
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAdn4wB6cIPYVDsdiCnXjnpb5JHvs4Tew
+NlvsVCVMAGAINzueCHgFKU2trgCJRmf9ufa4pNFileW50hpt
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C0:KAS-ECC-CDH_K-283_C0-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C16:KAS-ECC-CDH_B-233_C16-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C0-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C16-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA/B1wkw1qdyZUr5v0yt2Hc5j9HIKIkCO
-OhS70JfgErVpTCKgBnWCW0AgLpW+fatagmFH4EuMUaCbADRXfB8x+MFqcMjhyFuJ
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAEhFzmYbHq40wWmfG/443IfvKLiwp3cf
+82bcIdhjAQlrGVSwbqpwc+2TmAGqKXTaHWDWbpfDHfD2h2+v
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C0
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C0-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C16
+PeerKey=KAS-ECC-CDH_B-233_C16-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0745552817b5d729310b7dbebae687648714a9ae695dad20ca1ab6111c3d054670f21132
+SharedSecret=00aea594f092b4052f7564b2e5651bcf43ef7e336a064d6bfb1a89cf5e51
 
-PrivateKey=KAS-ECC-CDH_K-283_C1
+PrivateKey=KAS-ECC-CDH_B-233_C17
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkATuRH2LzqohDVGNFR+5i
-KAfV0QYCAzCuK5eYwMTNDq2xC6lIoUwDSgAEB40uzU2QIzK2s8e9S6fSAPw0xF7a
-MJmLYCXtR7H0+OaPMoYkBNXlNkfd3y/MyIFtrIvHDCmAdiLMlVOacqo6myMModJe
-57UW
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AH6XL2IoUb2zPX3nfvHCG
+j9m7TIEVl2yWJw/3vF6hQAM+AAQBTSdvQoHLUKJrKeyB/O2W0OkJmUsihUM4VSVt
+WNsArEeSr2Kg3E/U7sOE+/P7uCyDR0hrwesTOLx/OrA=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C1-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C17-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB40uzU2QIzK2s8e9S6fSAPw0xF7aMJmL
-YCXtR7H0+OaPMoYkBNXlNkfd3y/MyIFtrIvHDCmAdiLMlVOacqo6myMModJe57UW
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAU0nb0KBy1CiaynsgfztltDpCZlLIoVD
+OFUlbVjbAKxHkq9ioNxP1O7DhPvz+7gsg0dIa8HrEzi8fzqw
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C1:KAS-ECC-CDH_K-283_C1-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C17:KAS-ECC-CDH_B-233_C17-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C1-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C17-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB5m0MOkjIP/qvy1syHOZ4wwKqEQg/466
-Iwm5lIe3Qtci6LelAhc2KAH9bS0oblzfN1zQrlabcAAFMS436ONbFZLvubXq9Hs6
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAUc0GSFlyW+9t5TKseLR7xEeGiCnIF2w
+GqgDoDKiAezfw5QLfQYYzWMVRBdR9mPfdNNWSS75NLS6KyrR
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C1
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C1-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C17
+PeerKey=KAS-ECC-CDH_B-233_C17-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=02eb0c1ceb6179232e91cff91fc8a30553c6ed7e0a71deb1bda0a10735a84593dd903636
+SharedSecret=0099d6d076e14ccfee15ed7e7ef384bfee12deba8c9ae8f6cca3486a1494
 
-PrivateKey=KAS-ECC-CDH_K-283_C2
+PrivateKey=KAS-ECC-CDH_B-233_C18
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAXdjK2nn7do88AcwdQQ0
-PMIWIyb2IBfL3fNgqHbck7gfBMWOoUwDSgAEA4FatkgOStJKZignXvLuDOfVhpkj
-nbziMziEK8WMQsypTSQSAt6DPMZkyskNMPvqxgPvu86SdtTxarHEbn4RyBqaqeJc
-gpaa
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A9YaE6hSmj++4zCayZ6E0
+GcYtcmG60U5TaKmBmhihQAM+AAQAmmWoU5QHD+DloQgWTrKJzD137QhI/VfzhOYs
+qiAA5/VvLCe+T66yDidMJgTG3C2IWXAwrSFk+tA8uQQ=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C2-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C18-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA4FatkgOStJKZignXvLuDOfVhpkjnbzi
-MziEK8WMQsypTSQSAt6DPMZkyskNMPvqxgPvu86SdtTxarHEbn4RyBqaqeJcgpaa
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAJplqFOUBw/g5aEIFk6yicw9d+0ISP1X
+84TmLKogAOf1bywnvk+usg4nTCYExtwtiFlwMK0hZPrQPLkE
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C2:KAS-ECC-CDH_K-283_C2-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C18:KAS-ECC-CDH_B-233_C18-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C2-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C18-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAM5Hp0PUi4b+/WtcAvKpeydiov5X4L34
-XB1qKd6IYsTJntU6AyLllgafkWVoyiSM7Vfv6QU0r0qfkKT0D3l+RSlnAxcmv0HX
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAH4fMlHioKpt4fjfhrhe2dEdpetxNq3U
+XqfSXIZ8ANligeB1benapV0u9lc7sv4t0Jtx2RGRpaBDuuDz
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C2
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C2-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C18
+PeerKey=KAS-ECC-CDH_B-233_C18-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=04a9dd2cf5076814e5329c518c4f27b429dbe01d46682d476e7e78880de368b064236ba9
+SharedSecret=01b1e977c43afd203132c085b95db0e2046a4b6ac2c046ee9ad665050578
 
-PrivateKey=KAS-ECC-CDH_K-283_C3
+PrivateKey=KAS-ECC-CDH_B-233_C19
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkADv+mhyYU4bluisxVTpV
-FR543cOPB0MrXEKhzS2ieP0LaOBHoUwDSgAEAdnDM32pXsblpL/xzJJ4OYm2bJIw
-EHhw1KV4aZM4446y2S7/AM2q19DrD0Rap2Ol37jzj1U1V3fOJPdTta09PLqxJfSR
-aY1W
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A7vskeJsytDbOOWIsEUw5
+ps0eWOyUQ8iHDl7i+AGhQAM+AAQBP7HKntcJuzhvugLMeGL9bGThCHvl9h6nM5Rs
+FjQBy0CX5EpzBwDev+gUP7+byjo9bEaYWifNUEOyylo=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C3-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C19-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAdnDM32pXsblpL/xzJJ4OYm2bJIwEHhw
-1KV4aZM4446y2S7/AM2q19DrD0Rap2Ol37jzj1U1V3fOJPdTta09PLqxJfSRaY1W
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAT+xyp7XCbs4b7oCzHhi/Wxk4Qh75fYe
+pzOUbBY0ActAl+RKcwcA3r/oFD+/m8o6PWxGmFonzVBDsspa
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C3:KAS-ECC-CDH_K-283_C3-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C19:KAS-ECC-CDH_B-233_C19-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C3-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C19-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEByiXWDm0LGIDanr/+t3vwwJLclhAe+1W
-XK6pOb4z0WrJREXHB3EmMHkLBa4E2NfZ8jZdrprSTExhs+sgwKeYfmpMSw9ZjDcf
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAL4e51DycSsqyyDEXpc1fFDbO+iVsz+D
+DHG8n089AV/sgQzbF5/NHOjk3BokmeQN6KSkmpQg8A5WEQz0
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C3
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C3-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C19
+PeerKey=KAS-ECC-CDH_B-233_C19-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=044e2cd2bc164d21cf4b9833c0aa62ed059282e62b82f4500aeb422d17e1f6e7e8bbd500
+SharedSecret=000e4cb704355cba1b40cee3da102cb048519a91b4c789b3757cfdd933aa
 
-PrivateKey=KAS-ECC-CDH_K-283_C4
+PrivateKey=KAS-ECC-CDH_B-233_C20
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkANla9SpwjmktAmd7IQMv
-eurWAD8STnIBPzfAbgu8IONTKzzqoUwDSgAEBuSH+R5zvdNE+4vI9MH0ducn+yZx
-6dbI+9d18aqiTK8umjb1BmPhz/gJl1e7n/G4eJAoOqSc/w97Ev4YTtKkKDddJ5bN
-gd6R
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AF1JNUGYWvSBcs5eLx146
+NHYjPkm23CBvlxFpdVehQAM+AAQBUKFzJ4Ree8edjs4Skw3Ct3ZUyqEIK1ewz44F
+sawAFRx2gi2N9e/9jGlDOVtqjVOEMdQuhG6f+N5+ruY=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C4-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C20-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBuSH+R5zvdNE+4vI9MH0ducn+yZx6dbI
-+9d18aqiTK8umjb1BmPhz/gJl1e7n/G4eJAoOqSc/w97Ev4YTtKkKDddJ5bNgd6R
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAVChcyeEXnvHnY7OEpMNwrd2VMqhCCtX
+sM+OBbGsABUcdoItjfXv/YxpQzlbao1ThDHULoRun/jefq7m
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C4:KAS-ECC-CDH_K-283_C4-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C20:KAS-ECC-CDH_B-233_C20-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C4-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C20-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBVZy1zmYRRCJ4rfHEEtCJH3d0TLUCtCH
-tYjWo4XaZPWi9Gg4ArTLFYH54rN463pPZPWn1DILLKPTR0cm9nDDiDu42kfz10W+
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAVwuLOC8cizqTLx8M1LL4NKLWwAuRNk3
+BYldeRr8AU9haYOtCOdFMVxHZ7CuIab9imKcJYznrvpMF6jg
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C4
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C4-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C20
+PeerKey=KAS-ECC-CDH_B-233_C20-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=04d4f04d2fcf1bcd8150eaded90e467d3d38f753b6fb54eed8f9d29cd3dcc7be2c83de11
+SharedSecret=00d8c13bc5e819c6101daef3f6fb5be6bccecf233c4b7fc65054e8e8d3bc
 
-PrivateKey=KAS-ECC-CDH_K-283_C5
+PrivateKey=KAS-ECC-CDH_B-233_C21
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAMcz2QlAMsx67WxUqM7X
-U+rypIiCKFo7TH5gIfJr7OByKECtoUwDSgAEAmiWsDnXBo2YoyZxDrt6l4vUdmEV
-RkWuMM2D1gU1Bn4FFRzLANg6Jjvb2Mir8DEL+/yDkXqGsNjEvgsVWre54scFYFYo
-u83Z
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AprBdMKcD8ReagPioZLNM
+oVxFPoKAihCV5DXpusuhQAM+AAQAk7MlIlH9nW2cgdeM8fE0zdVU1jwqHi8a+hTi
+1OQAiusKirP/Xk+wI/fhkX8BCIkK8Rq8p9oCf62sw7Q=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C5-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C21-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAmiWsDnXBo2YoyZxDrt6l4vUdmEVRkWu
-MM2D1gU1Bn4FFRzLANg6Jjvb2Mir8DEL+/yDkXqGsNjEvgsVWre54scFYFYou83Z
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAJOzJSJR/Z1tnIHXjPHxNM3VVNY8Kh4v
+GvoU4tTkAIrrCoqz/15PsCP34ZF/AQiJCvEavKfaAn+trMO0
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C5:KAS-ECC-CDH_K-283_C5-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C21:KAS-ECC-CDH_B-233_C21-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C5-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C21-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAswopMt20UfZjfpnfcoU4XcTR7loHGXN
-tUDyLJB2E/3MsMjaB9QGX5kMj8N9EA7OOPv1dM5ETcNzVeBwK4DR6xvdZwmX6PJx
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEALr6m7qScl7vDEoK/L1CY+VfUVVkW1xY
+qWvD6ellANGz0ONdYX4J4HjFcaX0HqIt/REtZ6lNjfu6Zump
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C5
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C5-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C21
+PeerKey=KAS-ECC-CDH_B-233_C21-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01c343540541604f68ddbd63c483760d824ded5c18be7e56e6d36a9ac6d25772afb0a90a
+SharedSecret=0129af50fa085133771753f297a313bba0d2f5882e7634b7ef5adce760ff
 
-PrivateKey=KAS-ECC-CDH_K-283_C6
+PrivateKey=KAS-ECC-CDH_B-233_C22
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkANs511Ngctw0SM19IWDl
-DIEfZINY6w2x1UKOgap6aGt4Za39oUwDSgAEA6chkGrRPcFcMR/U5VLzvIe32Szu
-7bsMMWqVJ4W6Ron8C6JwApUU84c7vDueIXBh96YmH9xiaGhfllbx1e6kcswttajB
-Yubp
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AFo0JgJ659qzzETTrXrGv
+lm4hK5tr5oz9IkAUJemhQAM+AAQBcQoF8CtVBXKVFrGsc9RfPPCPHFE00vc9ElcC
+Q8kBhhGxDatQdYPyvhD9Qpb1N9SvCVdvlpefHq3+KRw=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C6-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C22-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA6chkGrRPcFcMR/U5VLzvIe32Szu7bsM
-MWqVJ4W6Ron8C6JwApUU84c7vDueIXBh96YmH9xiaGhfllbx1e6kcswttajBYubp
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAXEKBfArVQVylRaxrHPUXzzwjxxRNNL3
+PRJXAkPJAYYRsQ2rUHWD8r4Q/UKW9TfUrwlXb5aXnx6t/ikc
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C6:KAS-ECC-CDH_K-283_C6-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C22:KAS-ECC-CDH_B-233_C22-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C6-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C22-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBjiA61OMcnXsuk21PZtowof7N3i+9RSX
-TR5+MamuNlohgUFfBK+fLPklQuH/j/KPjnyOgJWE4kOkkClJp2WihJhsdQsbBsia
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAHmL9at2G7as/tDO8c1xs+9G8lBDI8r8
+QIFZLdb2AWJ3rrPhysASGwfZN4o6DLxlZ7SEI5KeNtyFXp0a
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C6
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C6-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C22
+PeerKey=KAS-ECC-CDH_B-233_C22-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=05e38079815477b8a79096ce339c4a255f8b213be74715ea61ef7dd0c0b5f161d9de7521
+SharedSecret=0077c4ea1095fadc4cb4190a3fd530c7d15325e5d79b8e8a2b708e2344cf
 
-PrivateKey=KAS-ECC-CDH_K-283_C7
+PrivateKey=KAS-ECC-CDH_B-233_C23
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAGZJv9ZB2r8bnUmdT7BL
-6wmUddCqFdXvaEi3NNLUEwCLYEMIoUwDSgAEAI9ldtYq/8cYNtGa27w9UEIQ8S77
-YcQgV4JFFSkMUC8uCbbYACFkO+h65uVJsNX7tVjBMD0UsczXdwPsdPlgLzXKjXpR
-Obzn
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AOCT3HsMlW70DZC14LMZ5
+Th5Uqo+l8qMx7hP3hFChQAM+AAQBpONajDJxfyqqPu7xd4SOWA4P7WyAloaPasxO
+HAkBNydgToHTqdk9JD/nni24pEIzSo6hhSufg8rhvD4=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C7-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C23-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAI9ldtYq/8cYNtGa27w9UEIQ8S77YcQg
-V4JFFSkMUC8uCbbYACFkO+h65uVJsNX7tVjBMD0UsczXdwPsdPlgLzXKjXpRObzn
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAaTjWowycX8qqj7u8XeEjlgOD+1sgJaG
+j2rMThwJATcnYE6B06nZPSQ/554tuKRCM0qOoYUrn4PK4bw+
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C7:KAS-ECC-CDH_K-283_C7-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C23:KAS-ECC-CDH_B-233_C23-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C7-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C23-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBb/SiVouZjZtt6g3iMcrzkj3m1yVJKCK
-4nPHjOs5rpdVnVrDBKKwpV+AFVoaMw/ebLbZft2wqdy2bEmzkpBKvos4H5EJDbsh
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAV9yPamjjC2lBiwX0Lg3Ui98aceT95wX
++2ll1EoDATKxd2CsLiu5+BPtd5DFzTqg04q2Ti4nLd9KTCwa
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C7
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C7-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C23
+PeerKey=KAS-ECC-CDH_B-233_C23-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0531ccf51d1096982f7c2ec513a92bf51c7ac5069cb15c5e2a053ceae7e5550908a19101
+SharedSecret=00d9eb3c79cf442595dad03ed4a38daf358b97d5dfc01cb61ff200a47958
 
-PrivateKey=KAS-ECC-CDH_K-283_C8
+PrivateKey=KAS-ECC-CDH_B-233_C24
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAIGGCmU9bZREbXdmFk/5
-LGxcFUXHNTBLOtTVF4yLFNAYHpRxoUwDSgAEBraIFbuDaR0WdJxL4WEl4qbW2ulC
-UnObp78NsNUBmOov5D3fA54NkwGKRhJWIPb/rKWgZoNDxXAlpgwxqdblEZHKsziZ
-O0a1
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AkK3Asgfa44FiLPkuBLzn
+R5GA7G4XcWYvXDF5vZmhQAM+AAQBBq2/m7/bMINZin9tsukdLnwXT3BfwhZjG30F
+7fIBkNhMpvRpX9vKQNJqdJmKBcPXYdvwiYG2RcDqI54=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C8-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C24-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBraIFbuDaR0WdJxL4WEl4qbW2ulCUnOb
-p78NsNUBmOov5D3fA54NkwGKRhJWIPb/rKWgZoNDxXAlpgwxqdblEZHKsziZO0a1
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAQatv5u/2zCDWYp/bbLpHS58F09wX8IW
+Yxt9Be3yAZDYTKb0aV/bykDSanSZigXD12Hb8ImBtkXA6iOe
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C8:KAS-ECC-CDH_K-283_C8-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-233_C24:KAS-ECC-CDH_B-233_C24-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C8-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-233_C24-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBjVH91cL1pWXM8A9LmxMiJcfMUrc8ovI
-UdxS7U6MGk6gb4cCASLTdzsJNOkA+6fr/hrV7VvsD7Gp3c9O62HL7QQAdDE8CzFw
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAFG3C7i44jQbhoIdVLl0tpa9pEOst+pl
+ll0n0qxwAMd4Tu+InEccnSaz4N4krStL+Lu6b+GPUaQSGIBY
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C8
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C8-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-233_C24
+PeerKey=KAS-ECC-CDH_B-233_C24-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=06ffe79d2b7664ee2d8303ffe0ceca8c49a581fcdb49c4af6a060ff204eea74f4cf39cef
+SharedSecret=0124c19cffc0b9549bfa378a548e8ce11ee7fca28d2d898de49ae1f2ff61
 
-PrivateKey=KAS-ECC-CDH_K-283_C9
+PrivateKey=KAS-ECC-CDH_B-283_C0
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkACJD6JGb16l87w6c3mPH
-bU4QcVApT8+N12dkUco7+lxe25ZMoUwDSgAEA+Q54+vfp6I6nesJ3hQZBcZTxPIC
-7fLPXwn674i6MRNwHknwBx0HG4btD0aPxgGd4j/kuiyztQAyvjXpLS5a9A3nBqtS
-ToKr
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAvQ0VYQiRqLMjsBo6dbG
+5BYPa6Tjtdgx2Twdqo/T1almDHuxoUwDSgAEBWHklVYwGBaYBNTI4kNbSv2F2jdt
+kUtp05JG+OBhE6oy5kLSB4Gn9Z3n9C9fnWw0gfM/xd6zV8bs9MdY43DSQ13j2O5z
+dwP0
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C9-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C0-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA+Q54+vfp6I6nesJ3hQZBcZTxPIC7fLP
-Xwn674i6MRNwHknwBx0HG4btD0aPxgGd4j/kuiyztQAyvjXpLS5a9A3nBqtSToKr
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBWHklVYwGBaYBNTI4kNbSv2F2jdtkUtp
+05JG+OBhE6oy5kLSB4Gn9Z3n9C9fnWw0gfM/xd6zV8bs9MdY43DSQ13j2O5zdwP0
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C9:KAS-ECC-CDH_K-283_C9-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C0:KAS-ECC-CDH_B-283_C0-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C9-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C0-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAJBH99dzl9tw45/p5Lqdl6mVp+4Gbs9T
-gXnpN6yGys2sUQlQAHzYdRZ/BqL7moGeLL2s78Fsrg7vLLsLLUm+rhCdt1PJUGFw
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAlBOGheBnTnwEKSmmgVoKZQCtY+USjhM
+fRpiyck+pNH/MA4TAmUTL3tMZLdLkXntDy4hH0Mo1iVAUCL1VBcNqTK4D998GqsS
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C9
-Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C9-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C0
+PeerKey=KAS-ECC-CDH_B-283_C0-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0311c430db78b6203e27b52988e1e9dae890c655dac4acefa7ee9612bec32e3e5f52be55
+SharedSecret=065194e26090e74047ee75f13f9769d20e1b52189650011e283daa090732cc53755dc366
 
-PrivateKey=KAS-ECC-CDH_K-283_C10
+PrivateKey=KAS-ECC-CDH_B-283_C1
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAFEqQoQeEif8n+1RwiaH
-MWhBNvIlz79FZImH4kU6cYb2p+3voUwDSgAEAi925atxT994Vx6EwrbqOhfxKZm+
-SDvGfhuEPSCb3+wDR6Q+Au7B/A6F8zDFPa17/0hi2K//iqFPlHVulbjwH9fuuPxU
-UneH
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkArlB5pLgqYTF/6iDyfn4
+JWpDqx/RrZeCpC5CmpTpEOSCuRwjoUwDSgAEB7kK8Ra3N9kAjkwY9q1TnSnuF5AA
+ih2vLoVvpnLspKr8lspjBqr3jQ8gZXt3uXzKMOq3m2eaOqqQsQkH+XnN6YjOcYSR
+AQwq
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C10-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C1-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAi925atxT994Vx6EwrbqOhfxKZm+SDvG
-fhuEPSCb3+wDR6Q+Au7B/A6F8zDFPa17/0hi2K//iqFPlHVulbjwH9fuuPxUUneH
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEB7kK8Ra3N9kAjkwY9q1TnSnuF5AAih2v
+LoVvpnLspKr8lspjBqr3jQ8gZXt3uXzKMOq3m2eaOqqQsQkH+XnN6YjOcYSRAQwq
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C10:KAS-ECC-CDH_K-283_C10-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C1:KAS-ECC-CDH_B-283_C1-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C10-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C1-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBL3sGTAMiv3u2GSZ0nA5It9Xsv/sN+Rc
-A6XikJ3jwzO9BqXhAapPQIRPJBPx/L3tADsdFcnx33VI3iorv3G1FmV62NjHfPct
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAWI6lnXoxANm4mEx5Hsa8GyLM6z16S9U
+ZEgW3LhEOCyUTMIfAp0oD01MDF/XD34kCVlQEovqPK48pG9qX3C3Of4amQJogE44
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C10
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C10-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C1
+PeerKey=KAS-ECC-CDH_B-283_C1-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0701d92ed8687138014b4379f1c34677e1744f6ae8c89958a5962f14408d587b95472db3
+SharedSecret=075c535cc70de19c92d7314afa2f33200903431f6990ad40ac31dadaf4e492a799b75b05
 
-PrivateKey=KAS-ECC-CDH_K-283_C11
+PrivateKey=KAS-ECC-CDH_B-283_C2
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkACqK9JfRo9rAcyo5Pe33
-U5Sj9RnOB/rtP3fcDmafOhscbdrboUwDSgAEBXHwyH+IiI7Ac4lhg0AhdlzE9cjb
-Kx+eqbj+mEf4lkNJ/cRPBO98gESmCWlHRsyq/of8f58aeNAPg1T12n7i9dpyNawa
-1LV8
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAofeFyulDzJ7/H1ajAFW
+0lofC59x04mFLy47WHQGy3TvO9BBoUwDSgAEAKA0kHZfyQwjVTwOK3nfojK1GnPy
+FVTl6xjaTJlNkl+O0rvvAwT/1BxbCrKnC4IYjo8VeNarfTzjzjT6RdzDIgfxY+kc
+XWgU
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C11-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C2-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBXHwyH+IiI7Ac4lhg0AhdlzE9cjbKx+e
-qbj+mEf4lkNJ/cRPBO98gESmCWlHRsyq/of8f58aeNAPg1T12n7i9dpyNawa1LV8
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAKA0kHZfyQwjVTwOK3nfojK1GnPyFVTl
+6xjaTJlNkl+O0rvvAwT/1BxbCrKnC4IYjo8VeNarfTzjzjT6RdzDIgfxY+kcXWgU
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C11:KAS-ECC-CDH_K-283_C11-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C2:KAS-ECC-CDH_B-283_C2-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C11-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C2-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBhH1OvS0iJkOelLlxzhWoedCebsPNtOr
-GYmyzNmTkbbGs6E9BU6pWiNPZYlxlbyXsD+m0kbqWrX0HaIsCO2BeqfASt83KYKz
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEB7g2lyhDL3Uo0+7IpniOac0uuIFixHUS
+dC7g8CfMtBV6KKIjBZhut/EJqh+FVuuivciOSRO2Xv+5ROrmOWNsun4B3DcYvLNh
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C11
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C11-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C2
+PeerKey=KAS-ECC-CDH_B-283_C2-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=04f2301ed85a5c91c31a7fd125854904340a55e34976a20743bd33d95e476450f301ee62
+SharedSecret=02956f63d48a49a330e2068955cc2886dbfd5bf72a81b10ed83f2d758dd315eca172927d
 
-PrivateKey=KAS-ECC-CDH_K-283_C12
+PrivateKey=KAS-ECC-CDH_B-283_C3
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAd6fukqyTQbnSuWtNq4Z
-XCNgxyjrOMUO9TMynnDFrhn0ibbVoUwDSgAEBI1h4Lm4BkvMqM5A1PnmiyNoQTdy
-akTqdcjy+IUPAzP76YXmBfyro41R4hEra5805necEMDFWcPs0VYCKWbPkqjH9lAg
-p569
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAVO7uKPOShuZlg9WGGq1
+Agf1iPMMlL7vKECEI7pE/IdfrzjYoUwDSgAEBPLCRUiZYjrxO2WCCroUVzhAf3cY
+arr6UtJLNb/fWAj/6uB2ARH0SEYK0kMKrseI3ikVSEdaHlg22sUg2OSTyfYBJ15w
+6inS
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C12-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C3-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBI1h4Lm4BkvMqM5A1PnmiyNoQTdyakTq
-dcjy+IUPAzP76YXmBfyro41R4hEra5805necEMDFWcPs0VYCKWbPkqjH9lAgp569
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBPLCRUiZYjrxO2WCCroUVzhAf3cYarr6
+UtJLNb/fWAj/6uB2ARH0SEYK0kMKrseI3ikVSEdaHlg22sUg2OSTyfYBJ15w6inS
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C12:KAS-ECC-CDH_K-283_C12-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C3:KAS-ECC-CDH_B-283_C3-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C12-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C3-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAScG7AoOdkJdirTg1VkwpEFuTdChr22X
-mHJSmI2grJYnV3y+BCFehxUSnMdjAXkXAdxf4avNZytqoZukx+Uy7nqRPupg28nQ
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBzsJKipNfJoXu4jnW0Cp5OQ7mYE89haC
+1JuSkFwt1gZ5Cu05BWatRSotjvCjJ86OKFYUb+yvCeRDHMwEJWoHf2BwHORHa22s
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C12
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C12-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C3
+PeerKey=KAS-ECC-CDH_B-283_C3-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0643900f337ed362815f181e0628ed5184dad3e66a1f030e947f116696312d835f7f6e7b
+SharedSecret=068a3f6938c44b797524377508585842c6a7f1af5ffe9131dd3ff786ae56e1739345d3d7
 
-PrivateKey=KAS-ECC-CDH_K-283_C13
+PrivateKey=KAS-ECC-CDH_B-283_C4
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAV06Ii1XCcsznZPNKWUG
-ZPOb8yAcXR6G067495W5/d9H2MSooUwDSgAEAeK4jeN3KwnGPQNuDbukNSRph0l7
-YoPauMzxACSG3gcwJ3tDA84YK38M6iGgah1N6HIsv8WbnZ15vHYLnRfYVnFWGuqt
-1UlB
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAyrA3LmqOXJAH59YhF7X
+Zdo2t9b3c1V3m/skOYJ/81VqdXgcoUwDSgAEBxWchrnGrbIWDCjYYRj4RWSpDBSe
+3igylGNnekyHcp+JfC+YAIp4Fn4WkGJZkrDvwuDvb21h6Bg3yOzf2rUdFTQON+fY
+0FEg
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C13-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C4-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAeK4jeN3KwnGPQNuDbukNSRph0l7YoPa
-uMzxACSG3gcwJ3tDA84YK38M6iGgah1N6HIsv8WbnZ15vHYLnRfYVnFWGuqt1UlB
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBxWchrnGrbIWDCjYYRj4RWSpDBSe3igy
+lGNnekyHcp+JfC+YAIp4Fn4WkGJZkrDvwuDvb21h6Bg3yOzf2rUdFTQON+fY0FEg
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C13:KAS-ECC-CDH_K-283_C13-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C4:KAS-ECC-CDH_B-283_C4-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C13-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C4-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBbsgvqT9hdAWJonFUAVAAUCbbHEtNWpS
-95PXiqLYJhpDxbbeAxvlyvyKrvGbhhUDQTp7c7YLN7AYBJPYLpQm9Htlhzk9CN4I
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBFXoe8Iwzn/FhjEt0gfFKeR+PHTMDOXQ
+c/v0sclX+Mu9kRO8Ah/79i+yUx2znvLQvc4NnBQckunNymJ8qjm1k/xKAhDo7kgf
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C13
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C13-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C4
+PeerKey=KAS-ECC-CDH_B-283_C4-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=063b1a3db331f91abd0af837db9d5f040620d1ddd7fccf8b58e0df43698351ea1942548e
+SharedSecret=019b48d5eeaeb05b58801ae8f345ad9bacb91daac885e506949b849ebc67bcbfa308aab7
 
-PrivateKey=KAS-ECC-CDH_K-283_C14
+PrivateKey=KAS-ECC-CDH_B-283_C5
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAJjFcGZnku/aZfyeeQmT
-EVjf1Ed76TMy5JPWmGa2YCxJUd5voUwDSgAEBNxndP5Gqw7Sdo03nnVko3xrsd0b
-/FVXJ62Uwg9HMsq/KiyCBsbPD0IfkfyiK0hxIWqfH+OHjweRTpaulKx3C2di+dzg
-j/ot
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAmib8hR10y/nGnNV79mn
+eHyqlUXr64U+UYTOQhUkKQUfQMvEoUwDSgAEANflvPrFePzXKBgGRRdtfgiLaNMw
+ognxi5aGYv7RY0KzkhogBvdQs7XpjgCZtpWWWqHRZHXRB0+SMRJ+1wPiaW1LVq/e
+u86q
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C14-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C5-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBNxndP5Gqw7Sdo03nnVko3xrsd0b/FVX
-J62Uwg9HMsq/KiyCBsbPD0IfkfyiK0hxIWqfH+OHjweRTpaulKx3C2di+dzgj/ot
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEANflvPrFePzXKBgGRRdtfgiLaNMwognx
+i5aGYv7RY0KzkhogBvdQs7XpjgCZtpWWWqHRZHXRB0+SMRJ+1wPiaW1LVq/eu86q
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C14:KAS-ECC-CDH_K-283_C14-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C5:KAS-ECC-CDH_B-283_C5-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C14-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C5-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAQo8okNbE1/+oIeSt/GbTuGBIHwpvhzh
-/erNtppmn5zd6RgaAkkIJ0semMbRl+0ng8PJU8Gzs0+kOosvV0JYTjf+pAcmm0O/
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBlLMyJIfQ5r0KiMBI2tYQ6QvH9mez+G0
+E0w94BTNx2A1NHzAAzQdgHSfGl7J96xiUjhP79OLbyu83Bj+vobBYPXnjAA/Bm4G
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C14
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C14-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C5
+PeerKey=KAS-ECC-CDH_B-283_C5-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0516da1d64bc4b25ce4763e6438257d62fb1ffdeae16d68701d63b603ad53e8587927669
+SharedSecret=061b3bef1766460f6296ed47d39ebf5a710d202d2b7e7cac0f0d3b235405eece99aa30d7
 
-PrivateKey=KAS-ECC-CDH_K-283_C15
+PrivateKey=KAS-ECC-CDH_B-283_C6
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAPS220qHzdMAKcw76J5A
-ubywFNAQqRolLFbLKGcfNUqATLTYoUwDSgAEBm3fBIMf0ccrxItwkGHBrqqtGcna
-PYwVBvp3XU9aVBLu4ChtA6odExRv8ZJ5K3SlxkrTFQ+uNE+oMOD0RzPYZ/TgrgU1
-JsYr
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAQUgQpiN3fRw0KLjb/9b
+k+xp9NJAqON8BkzE1ZlGe6J688nxoUwDSgAEAMfJ/3fgGLiAG934hnAlVrEmptmh
+gxofYPNYcuUkwTTVU+SkADXXZ7WLSZ2ftUViw4MEEa9Z5wiKSjMz1dx/5bD38eHF
+46wr
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C15-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C6-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBm3fBIMf0ccrxItwkGHBrqqtGcnaPYwV
-Bvp3XU9aVBLu4ChtA6odExRv8ZJ5K3SlxkrTFQ+uNE+oMOD0RzPYZ/TgrgU1JsYr
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAMfJ/3fgGLiAG934hnAlVrEmptmhgxof
+YPNYcuUkwTTVU+SkADXXZ7WLSZ2ftUViw4MEEa9Z5wiKSjMz1dx/5bD38eHF46wr
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C15:KAS-ECC-CDH_K-283_C15-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C6:KAS-ECC-CDH_B-283_C6-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C15-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C6-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBToN1hNeQ6EU5QAK7EC6JwmzphNzDxzC
-AGtEaTXiN7/Mw5TYA7Zs5s8BUH1GLu7/9iEb1MVgcBFsaQdGj3x2/gEUC/DV+3t5
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBiMxuTOvtDhPo6TSJFUa6BILxV/H6nPy
+vnSeIXr8ThunnnYPAr9RxE+DYcMFTK1kD5JEb+OCCwY89LsiyhfAonT9RvUFBPvs
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C15
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C15-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C6
+PeerKey=KAS-ECC-CDH_B-283_C6-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=049c68c333b96705eee4a3def0d568b0d4faf24df2fc2f1bf40da0af0946240c38e97f74
+SharedSecret=055d579458860a3dd92ac6570847632f04460755c22a4c432cf4dde9611d2ce1608ca185
 
-PrivateKey=KAS-ECC-CDH_K-283_C16
+PrivateKey=KAS-ECC-CDH_B-283_C7
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAauCxaYq5H7LzPZmzDMj
-s1EoxS0XvhG68721YAbl1Wi6rYu8oUwDSgAEAKBK16WDZmpAQ3+WiwLKx5RnRbTK
-lJAhxUQ963AYP4jhd4/gArtZHDLw2zQwNC8ON8RUScKTxU9rffb3l8CZLCgphYto
-Dyvc
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkA7ua1fpVLTjRp3y1U8Yx
+4tCUDbawTwvXAR6nNb5Q0EXampwdoUwDSgAEBocHGAXCWn0LFzn3z2gbLylcT52J
+NzUdIdHUP2NOmlcQW/EnBjO6IYcuN5xQ5Eg3KxwOZehdB+3XEtfcBvppopn2A33s
+5mDc
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C16-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C7-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAKBK16WDZmpAQ3+WiwLKx5RnRbTKlJAh
-xUQ963AYP4jhd4/gArtZHDLw2zQwNC8ON8RUScKTxU9rffb3l8CZLCgphYtoDyvc
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBocHGAXCWn0LFzn3z2gbLylcT52JNzUd
+IdHUP2NOmlcQW/EnBjO6IYcuN5xQ5Eg3KxwOZehdB+3XEtfcBvppopn2A33s5mDc
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C16:KAS-ECC-CDH_K-283_C16-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C7:KAS-ECC-CDH_B-283_C7-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C16-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C7-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBtSm8+h7bYxJy+UXqXXSq4xjORNVltaz
-DMZcyAwShFCPSXibApY7NW8kNOwkm8tlie3k3jbOzTRQ5vXkd7/NwpraSu8PRaxT
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAh6C1q9tMhGYF2/4mGwrx4agCBMmzIXw
+JrcbMqwGwLrmtMuiAelzP6nSmWEmlCDbJO3A1a4oXXjJrhSzixAZ8TZS8ZAnfcR/
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C16
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C16-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C7
+PeerKey=KAS-ECC-CDH_B-283_C7-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=04dd44c1a30edac2e39a5bc9902625880a18516385c90a9cc6b94c4f111e0260863ccab2
+SharedSecret=054fa7c6c84fb89e5892d9194540860ea31ae2b6e37a86971344230ea512a3f6c0569216
 
-PrivateKey=KAS-ECC-CDH_K-283_C17
+PrivateKey=KAS-ECC-CDH_B-283_C8
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkABJUrxeRzHVpTOWQu1GK
-dwp1BEYXGjDt1sA4KhfmiAoa6luBoUwDSgAEArdmyZOzmNJCanoKSenQAQedD8Mh
-lxgcVurBgF5Ph8nfBV3qA257vTvpE51NQ6hlXvfVGgYtmUfRpIAQ7x6hDu3rJ/DR
-/+dl
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkATOqRF3IDX1aCX0doR1R
+DmVxp4O0+yNUAnF9aLqP0UVOazGfoUwDSgAEAtJuRqbtn88dL4nGPYDgFy3ttPWu
+3f8JKDaqyFmQlIhVV+rZB9ZxOXRwHBYK7eyPlOZEa/fTx5DL/4cCzHhAp4GOW2Ji
+cfcj
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C17-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C8-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEArdmyZOzmNJCanoKSenQAQedD8Mhlxgc
-VurBgF5Ph8nfBV3qA257vTvpE51NQ6hlXvfVGgYtmUfRpIAQ7x6hDu3rJ/DR/+dl
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAtJuRqbtn88dL4nGPYDgFy3ttPWu3f8J
+KDaqyFmQlIhVV+rZB9ZxOXRwHBYK7eyPlOZEa/fTx5DL/4cCzHhAp4GOW2Jicfcj
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C17:KAS-ECC-CDH_K-283_C17-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C8:KAS-ECC-CDH_B-283_C8-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C17-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C8-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB2RS4Z16ELiFEj1QP10EM+Fj3xNP/7hV
-j4rCbPswYp+M+wk+BrOiSypLB3dw05a78VSvQe7jUDVzpt6a/g9tGLAvyXYcoWQ9
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBF1i0B217xc9DP8xWpKpoQXRrXhP+bCO
+ch81gOBiZf9TihlLBrdkwf92mFSWuURRt1bE8w/fxjjYmQMSu+zL+9c+jFqFWtt1
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C17
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C17-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C8
+PeerKey=KAS-ECC-CDH_B-283_C8-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0049c165339e9aeb2b516684b442921f1fef3091cf781e03fb3f56e93af1f3d6e500c81f
+SharedSecret=0353ff03afda3772984aadc4000e1275656607154b06c3a59c664945fa6fde1c255ffa86
 
-PrivateKey=KAS-ECC-CDH_K-283_C18
+PrivateKey=KAS-ECC-CDH_B-283_C9
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkASAXuaBZn78TzuEIUKj4
-vQbMwAvSmsZ3nxvZM0ayLJgyfg+noUwDSgAEBCHGLcq1S6gA6vrCMvxzDOcPbVzF
-P/U9NxJpzwRtrq9FGzPnA9Y19VIz2jxJCpWcbmOpT82+Rx+/yhnSxaP9ErBNs4DD
-yJXM
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAEZh8QeptXAEXduwc4q2
+mxwXqazBHaXax/2GSz38NqJSgtaqoUwDSgAEBhurvv7lIRxJF1Bs5fn549HlKyUG
+84ygluG2U8qftp9GEFcCABS/0u8ii1oD4mIwweiXrQgacEATzuVRZspG3jlfxS9d
+ISA6
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C18-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C9-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBCHGLcq1S6gA6vrCMvxzDOcPbVzFP/U9
-NxJpzwRtrq9FGzPnA9Y19VIz2jxJCpWcbmOpT82+Rx+/yhnSxaP9ErBNs4DDyJXM
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBhurvv7lIRxJF1Bs5fn549HlKyUG84yg
+luG2U8qftp9GEFcCABS/0u8ii1oD4mIwweiXrQgacEATzuVRZspG3jlfxS9dISA6
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C18:KAS-ECC-CDH_K-283_C18-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C9:KAS-ECC-CDH_B-283_C9-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C18-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C9-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAY4Lt1FtLELp3ZbKr/XyC/3fPoYj/JR9
-TXBJFTZ5C4dBzdNyAywP/72i+oY8udFcNlRQINW7JNkw2vL+pFVffCTWrvuywB2S
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBKVhtRhK3tnHvZho8wQ7Xi3lGQj5wD1e
+awijCIvMUO4yA+JjBYFbV5/13sb6yXe6cIizM79MAjHaAhh07gDXH+JdP01QpXrD
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C18
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C18-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C9
+PeerKey=KAS-ECC-CDH_B-283_C9-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0645d7f4c5479baff5bc0cba654a3dcfda56c0e9d19f50f9d8d8c6357c09a140effbf223
+SharedSecret=050795ba093d2e02398c358951f20c9e3b4f60628a96a4d0c46cb8fc0005e5331b38a09a
 
-PrivateKey=KAS-ECC-CDH_K-283_C19
+PrivateKey=KAS-ECC-CDH_B-283_C10
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAE8ZfIVDLLQqF3ckmuQR
-70uyZXukutNa5ThjWhUcjWpWT5zKoUwDSgAEBAyIkk1aJKhT+uQIrqWzvIJ9cxX7
-tY5uofamVnfdTE0wS9dfBUuChpraRDP3II+FcPJPBstkBG6KwIasV9Nwf8iCxjUn
-M9/2
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkADa9IfhKudtvS93JRjXx
+n4CssoE9pTmeB3eDLC/r3HGGKr4zoUwDSgAEBo7jJFdU1R33eABGrzmstAfEmYxi
+C/+U+zdPr0tJgAbuoM+IA2akSfCez7rsxJ2IAwf1ckbBHFvqAK9CcYZ3qN7xXlkm
+2hgi
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C19-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C10-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBAyIkk1aJKhT+uQIrqWzvIJ9cxX7tY5u
-ofamVnfdTE0wS9dfBUuChpraRDP3II+FcPJPBstkBG6KwIasV9Nwf8iCxjUnM9/2
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBo7jJFdU1R33eABGrzmstAfEmYxiC/+U
++zdPr0tJgAbuoM+IA2akSfCez7rsxJ2IAwf1ckbBHFvqAK9CcYZ3qN7xXlkm2hgi
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C19:KAS-ECC-CDH_K-283_C19-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C10:KAS-ECC-CDH_B-283_C10-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C19-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C10-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAkq7FV5JEkKC6jLltURiGum1E6oEdto7
-3bdSYNX1+i57iYmHAb37CgeaVbz84cqLzjAZy8rmFkADOEFm67sLtzNTlWWtxEbz
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAdfXU2zYOD4cCxuKrgK6qf0sTmiyGAjB
+dU0LFRNhFX+BJFkwBzA02kFnl9qVo4Nu7yex+icfWaQ0hI6YC60v3VP/0eNm/2kX
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C19
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C19-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C10
+PeerKey=KAS-ECC-CDH_B-283_C10-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=028017c2a0240fd746ee72a0bcae1e53e05b7af254298094c381e735523854ea5fdd4f5c
+SharedSecret=02ab08d63cdb4be2502558e67eab27570f2d029e7f981d153b973080585d01e42f7187d9
 
-PrivateKey=KAS-ECC-CDH_K-283_C20
+PrivateKey=KAS-ECC-CDH_B-283_C11
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAU6JNIPR2LdiHPSL0kvI
-oblbtAoIwWwyh0plK1miJSE5Qo2soUwDSgAEAVdOF84mMRxAq/MkP0iJournSoNB
-qng4VRBW9DlbjwK9wye+AIbln5hTSPP415U4ALHXXhQVISScQ/4GFpE9tdHUvVQA
-q85V
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAWWXrm5J550GkDSXKmNS
+Wjw+LSwlO54d0/N4FoEs9UrWXFRqoUwDSgAEBQ6gc1ItvlFAj4Xwpghr1Mjv5XL4
+Cq2t1+cOu0tyi/2/1PG8B9pSABfHrSkWonGbhViVj3fHEtNSz/nArZn7yYoOBl63
+rH/r
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C20-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C11-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAVdOF84mMRxAq/MkP0iJournSoNBqng4
-VRBW9DlbjwK9wye+AIbln5hTSPP415U4ALHXXhQVISScQ/4GFpE9tdHUvVQAq85V
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBQ6gc1ItvlFAj4Xwpghr1Mjv5XL4Cq2t
+1+cOu0tyi/2/1PG8B9pSABfHrSkWonGbhViVj3fHEtNSz/nArZn7yYoOBl63rH/r
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C20:KAS-ECC-CDH_K-283_C20-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C11:KAS-ECC-CDH_B-283_C11-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C20-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C11-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB1J1EryTSTjMUkDOcO9lIi24XBPJYcHz
-H5FCBQZ9ZLGkyFMUAqq9uB/+0sABrLtNC3vlOTBOMuQx4C34sZKtdO0bSwYGv8kL
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAgQvWj/l49MzW7e8253L2HFu0Y1/wv9C
+l7wf63zKMQAi4iE9B767bA4EbVr9v6h+qYyn9V6c27BV0MxUm0RY1pmL27NFF3OI
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C20
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C20-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C11
+PeerKey=KAS-ECC-CDH_B-283_C11-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=02603c00998deba52db12814b1f77b2120cbc1dca59009c0d6ea40dcbcabca32c50380d8
+SharedSecret=0599757e3ffeb484b32d3b47828b6823d46786d35477082ceacf3a5a11552394fe58f53b
 
-PrivateKey=KAS-ECC-CDH_K-283_C21
+PrivateKey=KAS-ECC-CDH_B-283_C12
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAetvbJGogKVGIYXGpwDo
-Y3uPRH0J0bJRRg/lfxv0Yu/d3a7AoUwDSgAEAxswJhBDiDdM+3x7TvZCEaR+ILlW
-Gju8pTUWBAt72ig3MJRUAk+K6yOjXhwiIllnx5EYaMhO/dhz27zLx2Pq1n5yojJK
-pMby
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAV6oVnx7grSD+jZejmgc
+CmNfVjocgUcLTf5E8ZT6ket4QhgeoUwDSgAEB6/isitU/olcJCwgwFSYn6gE5ZGX
+DdqKfOEJ1r0xttqo8vx0BgczvVpOqbXqcJCs/ukYEGt/JScvP3yzbto4us0hN1YQ
+zeko
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C21-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C12-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAxswJhBDiDdM+3x7TvZCEaR+ILlWGju8
-pTUWBAt72ig3MJRUAk+K6yOjXhwiIllnx5EYaMhO/dhz27zLx2Pq1n5yojJKpMby
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEB6/isitU/olcJCwgwFSYn6gE5ZGXDdqK
+fOEJ1r0xttqo8vx0BgczvVpOqbXqcJCs/ukYEGt/JScvP3yzbto4us0hN1YQzeko
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C21:KAS-ECC-CDH_K-283_C21-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C12:KAS-ECC-CDH_B-283_C12-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C21-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C12-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB+wp2i8wTOuo1eJJ62BUpOT1lTTuWdJc
-HcDhLMOPdouD2v/uARLH1KN/7IQicaCoItN2N+btVRkHEwAa7+EbBvfh004A/N7L
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBnr994j49IMcPH12BNB6W9xZ2kLZMnMf
+r16vB1MoCWaraTeQABs50dhytl4xJRwfWE5P4+111TrZDoNv6QyNuU/nfO8LynIE
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C21
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C21-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C12
+PeerKey=KAS-ECC-CDH_B-283_C12-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=026a719bff31da4b4ebaed7bd043064f9c3930b5774c4a99809332c808aacba4b9e3733a
+SharedSecret=005e331af55e96153d8a7b906a4a19016a26381977b49f80b9d70db099053c6a3b8e80d5
 
-PrivateKey=KAS-ECC-CDH_K-283_C22
+PrivateKey=KAS-ECC-CDH_B-283_C13
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAUe+TjhmfjKmphq5gM7Z
-LkJpWSWxE8aUp5YK7eouHVcaQtPeoUwDSgAEBvWZ8MFJRXoy8aL/q9Tf+RYlk4KR
-K2QCtQzfXCNf3Rt5Dl6vBMzx2KS/63f/MpDmWsYB7luX/BsYaaLrnwt2J36AZsCG
-d2xA
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkACkR2TjZUIrsy5h34SfR
+sUYaza7QNfIOD3RMd08ccnA7XEtJoUwDSgAEA4a/3+YDc74RS0F8Tc60QyI/3mfA
+/vKe0PhntaFfXqDMtNzKAvrDjshJTPdXYjPsgoLeOEtn8MqASAhCAQOdGUyL2k9u
+Cv8+
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C22-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C13-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBvWZ8MFJRXoy8aL/q9Tf+RYlk4KRK2QC
-tQzfXCNf3Rt5Dl6vBMzx2KS/63f/MpDmWsYB7luX/BsYaaLrnwt2J36AZsCGd2xA
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEA4a/3+YDc74RS0F8Tc60QyI/3mfA/vKe
+0PhntaFfXqDMtNzKAvrDjshJTPdXYjPsgoLeOEtn8MqASAhCAQOdGUyL2k9uCv8+
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C22:KAS-ECC-CDH_K-283_C22-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C13:KAS-ECC-CDH_B-283_C13-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C22-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C13-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBh71k4nt+PgnOmYqQZVBHpRIuxt3+wgA
-vlJetaagOxlmVxmpApaG+Ed/tcdp77CCyz8aDHnbVcsmTiESwOd557VY9wBFgWoQ
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAYhmpPovfCU05WOikd6HGoswUqZ09dvC
+O53qDozv2garwyyPBY3Ezxv5hdG1ZpcIR8umuKT0DH5ipYCLByC7uM3ztFMeOAvn
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C22
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C22-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C13
+PeerKey=KAS-ECC-CDH_B-283_C13-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=048c48c993040619536f45482c494a39b32e75fe69e478ba06e376228b79eb83d3ff9168
+SharedSecret=07e132ea71a16c7cc261b9d6ff6fc52cc490da616b07d92f9e591fc1e630d3442572338f
 
-PrivateKey=KAS-ECC-CDH_K-283_C23
+PrivateKey=KAS-ECC-CDH_B-283_C14
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAeGQC+Ya235VVZ2ZoLfZ
-NURW9RUeL9e4PABbELFgBOvodsBooUwDSgAEBC7Mmf9ItT9mGbSEr4+lmyNKmByc
-PpEHu9HNqszoGIXQbgKpAYPaDX/ufz5w4Rfw6KSnQsrRCu/NxKq5uzFFgjdoavtP
-rPOp
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAWYvVUhWwCCKMbGVFI+C
+jgtckqTqTAMySL6/lXtYa0Ce1ZhQoUwDSgAEBwVSZMPeOmItJv561wC96gRdSzzn
+GPTmrkTPN2w6lqJlCzIhAPRcwROGaK3IFQ03wHK7QkVmDBh4VoPHsXqh+4WRumza
+I2V6
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C23-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C14-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBC7Mmf9ItT9mGbSEr4+lmyNKmBycPpEH
-u9HNqszoGIXQbgKpAYPaDX/ufz5w4Rfw6KSnQsrRCu/NxKq5uzFFgjdoavtPrPOp
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBwVSZMPeOmItJv561wC96gRdSzznGPTm
+rkTPN2w6lqJlCzIhAPRcwROGaK3IFQ03wHK7QkVmDBh4VoPHsXqh+4WRumzaI2V6
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C23:KAS-ECC-CDH_K-283_C23-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C14:KAS-ECC-CDH_B-283_C14-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C23-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C14-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB51XYO5u+XhRi7zlNrAxxlWorPVgRJe6
-Q94L62h3pUfD7dRYBCGzBR3TY5bSD/zXzzT8oCJRbdS/+sc/yZWunqgUzg5AJ/fG
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAAVx177wVgiRcvE0I6WFq5efS49351LA
+QsDGUmO0dpgeXzFXBEvKaT6dOxp/pq1C2382saZXEtCe87txXiZAoYL0NmIGhsCk
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C23
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C23-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C14
+PeerKey=KAS-ECC-CDH_B-283_C14-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=05d85b16bb2a0d32c73d1402838bdfa512d744fa88c74d3d90cf714c2480e03363d5c6ec
+SharedSecret=010f26817098ce1bbd6743784d6fb65e60699c14933a2c8d854027aa58b58db9e66a53a7
 
-PrivateKey=KAS-ECC-CDH_K-283_C24
+PrivateKey=KAS-ECC-CDH_B-283_C15
 -----BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAHfkGrLQnDTFiKvHbUMS
-YC5x9gAZAnuYbg3tNyU1wrapM6UzoUwDSgAEApIzI/FwB0Ii06aih62v09H+EnFd
-V7kbH/R2orT8w4XeJh7MBMxJjWfGJnzHxMLUClbNwqbnFe3YsqlhTusz0Lb9Fiy7
-hacU
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkASwBAKmWPuF9es9N344C
+2K5187mRFPU2avtKAK3po8DuOaiHoUwDSgAEB3lPoZxrENOZ4PUtNvSDx4UYSOYr
+rPlbWvUeygmtRF7hnvNNBhQNLuFs0KbLGWBQmnzMZkvpdkSpWuFvShc9moZwFfCD
+fwVg
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-283_C24-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C15-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEApIzI/FwB0Ii06aih62v09H+EnFdV7kb
-H/R2orT8w4XeJh7MBMxJjWfGJnzHxMLUClbNwqbnFe3YsqlhTusz0Lb9Fiy7hacU
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEB3lPoZxrENOZ4PUtNvSDx4UYSOYrrPlb
+WvUeygmtRF7hnvNNBhQNLuFs0KbLGWBQmnzMZkvpdkSpWuFvShc9moZwFfCDfwVg
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-283_C24:KAS-ECC-CDH_K-283_C24-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C15:KAS-ECC-CDH_B-283_C15-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-283_C24-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C15-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAkeE09PV6AIf/tiicJqfVNU5XZj6RCpl
-WgXdlCYrYDWW+L/xA+jjngjM5V4b7S3+DS+MFBsGQB26A37LOEdEkwyBeNFGQWMk
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAW60u7PDhuD0L7A3vuR4xMDb++Vcxo4z
+/bApueXnJK/0/Yv2AlFDL4RWikSXHoarcV04eeYU4Qclc174+2ZS0HnHkI8RvR8B
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-283_C24
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-283_C24-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C15
+PeerKey=KAS-ECC-CDH_B-283_C15-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=066abb838b5f12b6fc15ceb745600686bc2d5773e53469c2ee920cfba5459a1cab20d153
+SharedSecret=00bdd8ccd1b40c5bc2efc1c105999350fefaf784710914ff639582f1277678699491140c
 
-PrivateKey=KAS-ECC-CDH_K-409_C0
+PrivateKey=KAS-ECC-CDH_B-283_C16
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMIS3EePGCCLnD6aCi1
-q/sORIiIs1sMi7CfgGYW3B7PIt2GI32TfBv95it1rmVZU/xrL36hbANqAAQAaKP4
-sS4C0Q4vUglVJrxASLj2rDqEUxdyhweJk48a7/gT4F5QnqlYfSt+SqFDRLrD7Ebw
-ANHOtAx9XzKX4pVfDz6xQis+a7v79+tRi5wXro1A/rhKrzb15b2WB1srTb5TisAR
-lirHBQ==
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkA0XCdrBezp58hoEfjIr0
+iyLbQdQGYnUAlhG4gNfSzvMpxQ6CoUwDSgAEAHr//PoxwRCqs7s5RTCkHEFq9Wa/
+uo8Vn5hEN+eZ3dqvjN/SBl+zxoRGp0BourfjargOmEcH45pKFD9aRtZGNC+fEvJq
+Mikb
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C0-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C16-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAGij+LEuAtEOL1IJVSa8QEi49qw6hFMX
-cocHiZOPGu/4E+BeUJ6pWH0rfkqhQ0S6w+xG8ADRzrQMfV8yl+KVXw8+sUIrPmu7
-+/frUYucF66NQP64Sq829eW9lgdbK02+U4rAEZYqxwU=
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAHr//PoxwRCqs7s5RTCkHEFq9Wa/uo8V
+n5hEN+eZ3dqvjN/SBl+zxoRGp0BourfjargOmEcH45pKFD9aRtZGNC+fEvJqMikb
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C0:KAS-ECC-CDH_K-409_C0-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C16:KAS-ECC-CDH_B-283_C16-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C0-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C16-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAXf3NvYRYyDK+7W03sIC1AUIGC/gERib
-geHzmY9UCGB6RrsVCsR7yqr95HuKe3L0eLwi0gHfTvSzfgEk5Vtn81ht4kqIpsXZ
-iFQAfUsMS0zNaNUfr6dji75VXWC3Te8hfGpjxbQGj7c=
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAkF8ZWlNhQx8hm9+EWOaX4cYypqrs5L6
+hhDi1dfdozdaYH+bBRM5ONyZFE0W6nUlw/5OMuMg7QdbllJ+E7KpnJ8nrenvnty2
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C0
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C0-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C16
+PeerKey=KAS-ECC-CDH_B-283_C16-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0176bc5c4036ce5125493a58dd265f04d190f028366f7799f70aedf29ac67b5b37c37238593377a47944f5b639f43856dbd560ec
+SharedSecret=014a83e747c90aec6101c0a752d92eef7475b00051ecad3d7c2e50cf4eba1ef3c80b8c94
 
-PrivateKey=KAS-ECC-CDH_K-409_C1
+PrivateKey=KAS-ECC-CDH_B-283_C17
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNlGIu3eW5FH0RyehoG
-dEQN0z0litL9x7mPr2SxHn6M5ejCHnmfH/L9KdTJSqFYliBopZ+hbANqAAQAMsV2
-hFLzwfO8VIeTea1CCJEmd0Kzf7CW7nuMIc7tAEHpRwzsO+3LeZ6QvbsxGSCD/wNE
-APnGEikn+4JCRtHcHOD95xpoSagtQQZdodhSVqmxl5v38oY2b8izJIk+vjTlnARg
-BzmUFA==
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_K-409_C1-PUBLIC
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkA6/Vr/o0a1JZaX2SF5Uq
+/NA93+wEYxvZlcEKwlg7DKjSRh9doUwDSgAEBrTCw2FbJmVD3hiciWz/d7VVfHgs
+IVlhrHMkGF/JqBCY8uvqBH/vGWBzmuCu45o//bguiQ1CNvwi2tOV1JC8Ol7qWOjN
+A+27
+-----END PRIVATE KEY-----
+
+PublicKey=KAS-ECC-CDH_B-283_C17-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEADLFdoRS88HzvFSHk3mtQgiRJndCs3+w
-lu57jCHO7QBB6UcM7Dvty3mekL27MRkgg/8DRAD5xhIpJ/uCQkbR3Bzg/ecaaEmo
-LUEGXaHYUlapsZeb9/KGNm/IsySJPr405ZwEYAc5lBQ=
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBrTCw2FbJmVD3hiciWz/d7VVfHgsIVlh
+rHMkGF/JqBCY8uvqBH/vGWBzmuCu45o//bguiQ1CNvwi2tOV1JC8Ol7qWOjNA+27
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C1:KAS-ECC-CDH_K-409_C1-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C17:KAS-ECC-CDH_B-283_C17-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C1-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C17-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAQxMaKnxpioyZVa22XennNnER2wFsa3U
-os/TBoJJo8OSOCJCjTUsXXTl1krM7tvapu++TACGaulA3TG15uPyCztNh6agLHgX
-PICqUQpu3/hSxinmBk3118YA/Zjljo6MZiu0uWyLqQU=
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAMXWFJ+HF0ujf0wcb2f2kFq7MZ9Sa3qh
+vh3SBd+TCrHJG7H4AMLiHhIGzUu1tiKr6Xyj8lLLxo0FSnf466utWT+xhjMGkov3
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C1
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C1-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C17
+PeerKey=KAS-ECC-CDH_B-283_C17-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00575d9e7f70a4a1c5c807b6b5d6b7330bdd764db2aa60f3bfe497e6bfe90f038fb4f6acf7ac06efc3d157c3dc907b2ae093c6a2
+SharedSecret=00afd29e352779a39021536ea50c24fa264c599f8f8fe8f2ccf0615a6547a064d7c1a150
 
-PrivateKey=KAS-ECC-CDH_K-409_C2
+PrivateKey=KAS-ECC-CDH_B-283_C18
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNssXw/whq0jlw3F8eR
-EY1HYeLFGYa/FHlCVU3FoYv5u2xnvbupCKHouo53kPWaOXE09oOhbANqAAQAK4kE
-GK/FeXyXRqRMoFk2euBmO88FgVaGDGE+4F4R2j8veZxwpo/nL9XawkadqhgQcCne
-ATVpBLGXv54GV/Q0nSUruzdcZiBvwNgxJZm9vv7oYI7JSNzkhoB7qlNe0GrayceX
-Y0cRqw==
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkA9V3H4SFw7i+YqVvOTZR
+PjtjGlYalCYT35UUD0cyFN9hfExOoUwDSgAEBZBsxFKbIgIo77sFRb9V7APIb4fi
+9OOjy/QE4HtzpbGl9SjNAWWI5IDEhWzS7pqvHjAoEvvAsz9SfCm3fOD0h46gidAl
+pEDA
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C2-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C18-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEACuJBBivxXl8l0akTKBZNnrgZjvPBYFW
-hgxhPuBeEdo/L3mccKaP5y/V2sJGnaoYEHAp3gE1aQSxl7+eBlf0NJ0lK7s3XGYg
-b8DYMSWZvb7+6GCOyUjc5IaAe6pTXtBq2snHl2NHEas=
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBZBsxFKbIgIo77sFRb9V7APIb4fi9OOj
+y/QE4HtzpbGl9SjNAWWI5IDEhWzS7pqvHjAoEvvAsz9SfCm3fOD0h46gidAlpEDA
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C2:KAS-ECC-CDH_K-409_C2-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C18:KAS-ECC-CDH_B-283_C18-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C2-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C18-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAeTVgNXprYFnHGzWYtVWm6/k11qk9Emu
-1WvYAGGVIMnzLE4jDE2RscQR+QhtUpG6E3AUogAMj/tCOS/zl7vUZ5cvPtJR1aB5
-ll2gsdKjzBbDHSVdzpiGk3styUHqsNi+i7zRWqbtltY=
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAXMETlvmOZfXkl5DG78ATPDwuoWqKVo0
+Ho9YV6EgvonXdlPpBzfMBJaQ+XCCSnsMICJDloLJ2C9PI+SOXwf+qWJnyjvU1zCl
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C2
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C2-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C18
+PeerKey=KAS-ECC-CDH_B-283_C18-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00ce87aa5e7700384df59d3f1075d282c1aa511391c42ef609b8de1264eca8f7737df91565c73ee884ea882d47c56d979141f0f2
+SharedSecret=0477990f17d65589289c28e54a56a83bc05ef4ea6863c5ebe840925c9fbef64ccd6e69a4
 
-PrivateKey=KAS-ECC-CDH_K-409_C3
+PrivateKey=KAS-ECC-CDH_B-283_C19
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMR1DvAjanOXe/JS075
-DZMk3ggDR/9N+GZF0yVgOi3/0o7K8HdexTyvWlVOr4toSH34hlShbANqAAQBJXtq
-vUcNKUtZ3a7azVRdz0OAiviQ9XYoiAM0L8Yes5b1YK90NC4Qu5TSJMJNjlkA5bly
-AdzK2X7O9Dh6HPUSsW3VvHq2FfvFCHrBnV/Cdi9hW0kE6jk0O7sYXbZKGff3Ds8N
-VXsV6A==
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAOLAxgL7EyOZ7p8xAINl
+6iLMEmD3n+OuYQibim+kVZyska7IoUwDSgAEBubjGMDEwLZh39PnIgkOzTL9yco9
+Fo2ccXTB1Arbss5nLZJSBAvcHbx7Fj98lVH0faqClKwtxP4NRyxOLyz+/JXVI/9Z
+4OiA
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C3-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C19-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEASV7ar1HDSlLWd2u2s1UXc9DgIr4kPV2
-KIgDNC/GHrOW9WCvdDQuELuU0iTCTY5ZAOW5cgHcytl+zvQ4ehz1ErFt1bx6thX7
-xQh6wZ1fwnYvYVtJBOo5NDu7GF22Shn39w7PDVV7Feg=
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBubjGMDEwLZh39PnIgkOzTL9yco9Fo2c
+cXTB1Arbss5nLZJSBAvcHbx7Fj98lVH0faqClKwtxP4NRyxOLyz+/JXVI/9Z4OiA
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C3:KAS-ECC-CDH_K-409_C3-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C19:KAS-ECC-CDH_B-283_C19-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C3-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C19-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEALfRk1TK3MlHCCZ67Ysj5ITjKgOBSwJq
-gA9boB6SBMQwUuTUfG/NkjKWVODpAVsBL3k0SgF5lcFXlsWuk+CiB6JwcAT7saSa
-DUf9QE8S1XhJ2Dl81NLG0rS5D4ZEA9Ss0Woyt/9Id7Q=
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBoWH5p3t30tVrFHyoX3Yv9b5TnIQAyFC
+Fb+ySySCgedaPGWUBE7unHArxMHiEMfMIUUkWSVorA+f1n1uoCtNw++0LPuyJj2s
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C3
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C3-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C19
+PeerKey=KAS-ECC-CDH_B-283_C19-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00691dd6b5177702d6a0b1f8b07f3b018478680de7ee079272ff75659335c96afcea7650caa01f996aa37946b78e14a83e579fb4
+SharedSecret=067a661346fe052ca27f3f03e75bbdfc8fe6d0d85c62c8f79525252aa241ae9de97d56c3
 
-PrivateKey=KAS-ECC-CDH_K-409_C4
+PrivateKey=KAS-ECC-CDH_B-283_C20
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMNayWWVtUmd33ttSRq
-GS8MBccnCjtOZKnWyHfNBtKWKhrITsLYl2X5Z/YETy36VpAxB/OhbANqAAQBk6+h
-O9Hggc7l3xKG/kSik7fRsQwpCl8q574tAnNgCaJtg6qqkBeoyL9g76Ffzq0Hdn1I
-AdAv1mp4BsTIRF+mFSVP8yu5wdhaOQT5OcEGHiUNPrZBMTCipVcJlHlTEOltw6/z
-uCGK0w==
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAy1XP964Wk2iKXiWYxQU
+UY1LoH3E3XL3MXKIkNC0TTbyMJwOoUwDSgAEBvb/6gqHvZ7rU5xIo/y/OIFZhiJZ
+x/eEDmSAn77bAag4EsDGB8eVuPKEf8OfpWwt4ebLv0lFCHyy47kZ3HdrTMHIPksc
+ebi6
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C4-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C20-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAZOvoTvR4IHO5d8Shv5EopO30bEMKQpf
-Kue+LQJzYAmibYOqqpAXqMi/YO+hX86tB3Z9SAHQL9ZqeAbEyERfphUlT/MrucHY
-WjkE+TnBBh4lDT62QTEwoqVXCZR5UxDpbcOv87ghitM=
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBvb/6gqHvZ7rU5xIo/y/OIFZhiJZx/eE
+DmSAn77bAag4EsDGB8eVuPKEf8OfpWwt4ebLv0lFCHyy47kZ3HdrTMHIPkscebi6
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C4:KAS-ECC-CDH_K-409_C4-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C20:KAS-ECC-CDH_B-283_C20-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C4-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C20-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAPKhHM06U8leqY8xRPt31KaE+aH0I+uB
-46i/viK2gPIYcPWMrraUbGs7hzaZz/0xQGP0CAD98m7t5sunJIJAcgkGzgdsxDIt
-GLx2g9IkC6aEds55AieAsvpU4PfHZSi3f6Yx/lq7W5U=
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEA/EibYAsV1+HGiE7gVD3gYu9YlZjtz5y
+CnN/BxiWCG2gsUzZB9HLDOGcmKY6r3sxTx9XIOMohwUzhKwPXrabbEcajj09Fudv
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C4
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C4-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C20
+PeerKey=KAS-ECC-CDH_B-283_C20-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0136f5c04cf9a56db24ad99bd286feb800aea38d44f819be1c2a9dba15c635c4e122893570233a4c5754a41499eafa39a35aa57e
+SharedSecret=06476b0620eef165941a4507e6d798d6f150ab29333c0552281b629170d3291b2f9b3f41
 
-PrivateKey=KAS-ECC-CDH_K-409_C5
+PrivateKey=KAS-ECC-CDH_B-283_C21
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNL9zUbGVh10B9jBsoS
-fbihpfWXcZwNEOHWj11IVb8HYFeQaR/NDYtdsTfT/CZ53nWgZ4GhbANqAAQB04Zk
-WqpI4v0JUOaprOnf9iyPXpTNukW9c8a+a/e3Y6LJqAeEYxLaOrghwEmsCGH4Izfw
-ACpkNu+KEmGuzDjIIdp3Sjkf3Md1DJQ32d/mTIIzUIE5mfD9Twfx1tmAdAmGErxS
-BEJJ1A==
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAKaqy13T6DWBT0UtggfR
+WlM2OPcOlPh8Bhlu/4g41I7tLiZ0oUwDSgAEAt0Ak6jUGYMfNLrGxgpXDFHQjmmb
+GByWS2Z9DRftcqSRGazZAakZdr5dXgN/IjUNZ6t7+rUbvE+mAm00fSj7RAe8zEDd
+EKAO
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C5-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C21-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAdOGZFqqSOL9CVDmqazp3/Ysj16UzbpF
-vXPGvmv3t2OiyagHhGMS2jq4IcBJrAhh+CM38AAqZDbvihJhrsw4yCHad0o5H9zH
-dQyUN9nf5kyCM1CBOZnw/U8H8dbZgHQJhhK8UgRCSdQ=
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAt0Ak6jUGYMfNLrGxgpXDFHQjmmbGByW
+S2Z9DRftcqSRGazZAakZdr5dXgN/IjUNZ6t7+rUbvE+mAm00fSj7RAe8zEDdEKAO
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C5:KAS-ECC-CDH_K-409_C5-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C21:KAS-ECC-CDH_B-283_C21-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C5-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C21-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEARdEn76mstX06OTTmnIoQkzwb0Vr8645
-vB+yqZ5Bg7cW4ZT8UHRlZk0AnVvO46QmupMsEAEUbTK3DwnmX89p65rmYWLRC9BD
-ad6OgYf6nD0bXdom8QtGnNSSXKN+CZRBV1fmiV5YgUU=
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAqkR5+bS/HcNHqvH33AbsRkISmhZANIt
+UtWY/h0o/IkbMbSHAbjcZxPKRT6RsuxOTR+DSwjuvH6IhsOkWOcJJSQsSyK/CyBT
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C5
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C5-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C21
+PeerKey=KAS-ECC-CDH_B-283_C21-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=004f684f9d559d16485f0023bf012006265ed81f06fbc1441334a559e5500a3f77603565013694023e0d8f44fd12dcf69eb8d654
+SharedSecret=0746719f2ad08f8a8d6d6fbf15723f336285ce75d3a2fcbd5a0c54c577517a22bc264161
 
-PrivateKey=KAS-ECC-CDH_K-409_C6
+PrivateKey=KAS-ECC-CDH_B-283_C22
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNp2mWQEDRcaQD97LMd
-+bq+2+QlM5gpCzQBL7E0vFkUdXLmKmD1yszth7D40f98BJ3+lpKhbANqAAQAOGhw
-GffCGd3ZVnsg9eoeilBFHdQL9bZfey4TPebzbko/j6L5d+/pIPhF0XbIpXAjzFXC
-AUk5f7xCus+FxZ4EU13x1ScVdh7qmX1P+HIEhmzcPUpUwkJa0hSnoN1ZL0qZGrdo
-yPQEvg==
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkABEvsqtWRDdlZ2oeQbPL
+kesaZ5DpZO6QDPySlWNrpMb6h6rSoUwDSgAEA/UH2ZzCSY4sf1T7PJwDLzglSOLj
+Fo+hQBJaUmBIVo87s+WhBScN9378fWxV+SWbyCJzyba982duE8NgGxswIrli3hEp
+yzsU
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C6-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C22-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEADhocBn3whnd2VZ7IPXqHopQRR3UC/W2
-X3suEz3m825KP4+i+Xfv6SD4RdF2yKVwI8xVwgFJOX+8QrrPhcWeBFNd8dUnFXYe
-6pl9T/hyBIZs3D1KVMJCWtIUp6DdWS9KmRq3aMj0BL4=
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEA/UH2ZzCSY4sf1T7PJwDLzglSOLjFo+h
+QBJaUmBIVo87s+WhBScN9378fWxV+SWbyCJzyba982duE8NgGxswIrli3hEpyzsU
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C6:KAS-ECC-CDH_K-409_C6-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C22:KAS-ECC-CDH_B-283_C22-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C6-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C22-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEARmYDxEUne5eLC0AVh08JqQqWkTodHZd
-3aTYGOpwTtu6I6vtXgi+ktZV155VxbxUeHtN1AE2az3aPph5xEgd3DZ+UcHAVBlF
-lkY21QIWh8KFxH1A55/38LtWqTrFYL6Ny5cPWLI7EKc=
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEB1QapR1zAuK7VXwn7BXX+cOuO3bsL4bL
+lejerX+ga1eDl/HxAX6iL2tUdPD18PTq1UFyBkBRU40+IypTDfyl8qDcZ3Rsi7Ha
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C6
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C6-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C22
+PeerKey=KAS-ECC-CDH_B-283_C22-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00137894f637460a63576824536944cddb42dfe63169c84040a0345ad7516ec4f1ad00bb4de20ea6ea43824b9b0f74dfa6881cfc
+SharedSecret=03cda4b5f44b5d3dc248310f994419fbcbd665115d1876046652251ad4aeeb1dcf184288
 
-PrivateKey=KAS-ECC-CDH_K-409_C7
+PrivateKey=KAS-ECC-CDH_B-283_C23
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMG39qzyhsqKCHO/bWH
-K7lfAjFhrk4tVJ0PsfOCVjQTWESRZX2xAcMjUUgyw2P2NqnmnoOhbANqAAQAPpqb
-XyggZuIzhw3LAMSu0tc6Mx951JyNXC2TkIsO9ecrdIgU0biEBkLXW3qaVTAbHnyC
-AQhfV2keBK+sbohOL9vY34AvTUNbzmESMasydHYerV4uajRKU/M8D6FW4xMgYvcr
-zaP8DA==
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkA+TxxPMOKo1v1Vn3/ogg
+6IaUneh8AdjrZMe0DxVIy2F6kmAzoUwDSgAEBeP8VuwWKIXBKR5K6cGcjrK7VZ63
+7NWBdUm1ouo6ZtlRiAqmBMAE8q5NtPdItDe8EV4G6iAXqHeYKY3WAEYW/P/cx+wt
+/W25
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C7-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C23-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAD6am18oIGbiM4cNywDErtLXOjMfedSc
-jVwtk5CLDvXnK3SIFNG4hAZC11t6mlUwGx58ggEIX1dpHgSvrG6ITi/b2N+AL01D
-W85hEjGrMnR2Hq1eLmo0SlPzPA+hVuMTIGL3K82j/Aw=
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBeP8VuwWKIXBKR5K6cGcjrK7VZ637NWB
+dUm1ouo6ZtlRiAqmBMAE8q5NtPdItDe8EV4G6iAXqHeYKY3WAEYW/P/cx+wt/W25
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C7:KAS-ECC-CDH_K-409_C7-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C23:KAS-ECC-CDH_B-283_C23-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C7-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C23-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAfo5tdM3XUMkeslQAGHr/3oMFbjF3+nH
-UXhDhsmBhg3m4blYTaD0IRlBfzIzgpCRCpolngAr3s1QK6ZKbyHQj6QlA4nUJwMk
-RW6UQWV0lccq12D7NIMl+Jt6VASiwhwqoHcRvPXzBBI=
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAh+xTlLNQkOlIPYwIpsd1pYcSb2W9D+p
+yuN63YTaeuctwweOAN1ji/kFP61qpP8tMwuKSiC/4wIPQLlpIwLQsKPC2HeFbsRq
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C7
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C7-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-283_C23
+PeerKey=KAS-ECC-CDH_B-283_C23-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00f03b0b43a351311689eb1d3fc457013f294a7d02ad850c72e4ff9b64ce68a47beb49bc5bcbdc828534f8c8a5e13de5fe522eb0
+SharedSecret=015c892f95768a96ab5a4f9523b7fd466e101f63b88ad8f1fecb3027cd70aa00735dcc90
 
-PrivateKey=KAS-ECC-CDH_K-409_C8
+PrivateKey=KAS-ECC-CDH_B-283_C24
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMpsvyzCFlql1xbTNHn
-UmfFQk4Ad0EU7CBRpXGymXZhifrSTpL5bj1SdzbqSANnvb3QUw6hbANqAAQBTHVz
-mb4gHgiv2LSmcefTttf4hESYq1kuG/aTFTR86C29eF1FkiZg1NDSf6KwrGLnB/zs
-AJjwdz0+/pwpCpkuygWHXTRj8HNrLf70r/2f8A+WreUzmZF96gdMeY/FNXOPDFaJ
-okR/hg==
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAK5+s9QDVPn4/tGPIWLe
+44FWyuBTW1U3DaNjjwFmiuz5cIvmoUwDSgAEBh6IWONo2ckX8SnZMt3EzKUh/0Gf
+HXQjDoqlsbPpzmf0HEtMArDX+9xjajvDS73SqJKRtWew+yrzI4OGi9QNS6TKyYgM
+JUC4
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C8-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C24-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAUx1c5m+IB4Ir9i0pnHn07bX+IREmKtZ
-Lhv2kxU0fOgtvXhdRZImYNTQ0n+isKxi5wf87ACY8Hc9Pv6cKQqZLsoFh100Y/Bz
-ay3+9K/9n/APlq3lM5mRfeoHTHmPxTVzjwxWiaJEf4Y=
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBh6IWONo2ckX8SnZMt3EzKUh/0GfHXQj
+DoqlsbPpzmf0HEtMArDX+9xjajvDS73SqJKRtWew+yrzI4OGi9QNS6TKyYgMJUC4
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C8:KAS-ECC-CDH_K-409_C8-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-283_C24:KAS-ECC-CDH_B-283_C24-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C8-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-283_C24-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAbJV1bt10llwMB3p4OOVmhIgXVEfjmTw
-QqAclQ20cbHW1YR/dWae6wvxh/FVnbOyKu7AlgF+WQz6hVNJE2GYwt3YpSEIgkc8
-ndWRwC4gLKBAS7yfY5HXOuAR2smWUVXSZQE5/i5U7Gc=
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEANCO04VqvvfUpiJDyS1uZwzrOvMjV/25
+05wZF1oQ0curNs54BdufrX/Ir+eci5zkjmL/oNRrgFqeWCHidhwlwO26krEgsGPy
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C8
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C8-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=018f55b81f15f862aed042f37433050ac61718c9939d432b2a20e12d647f99753b8dd5127cf8963247fe7e1d5ade1442229bc646
+Derive=KAS-ECC-CDH_B-283_C24
+PeerKey=KAS-ECC-CDH_B-283_C24-Peer-PUBLIC
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=01adf5a96358e18d69fd383b4dc7b20dd646b68a5c9f1417bcf426240ca22b8f32bdf1a4
 
-PrivateKey=KAS-ECC-CDH_K-409_C9
+PrivateKey=KAS-ECC-CDH_B-409_C0
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMbmAFcAgLqFkF5caNz
-BCUIOb1qbl2DSX9/k/D3Ryoh/OS+W+d26QlZ28QaDoXtIlg36NWhbANqAAQB/sCf
-lFcWFOfNjpWOvNei/NjCSNQIzbo1ljBUXDE4OSJ3TTsk4gWR2LQelU4WZU/oXLrK
-ADHg6x3RzkZ6i3jRDSW53pLP3Cdzgx5uKKFS0CripaUQmUzAEEYiVEQepBEhwGd/
-tBeL2g==
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQArOkhA//iYqwXrUKk
+bUNm9MtMWA7/OrHd5r3f27c3SBHVKx+pkyC0r11OkgjBTrjvqJFsoWwDagAEAE68
+TUrPm0BNq8OvPoy+qLiLMpmdPst/NnsS6zpigLhAA44iaBY3p9FkNuAU9pYWq/cu
+RQCeJBCVQcgCQhfpqyyWP6njc2QAlabCWibu+sWOQ0LAyFRIsnCVkqEkAv4raKeT
+xVjOjNY=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C9-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C0-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAf7An5RXFhTnzY6VjrzXovzYwkjUCM26
-NZYwVFwxODkid007JOIFkdi0HpVOFmVP6Fy6ygAx4Osd0c5Geot40Q0lud6Sz9wn
-c4MebiihUtAq4qWlEJlMwBBGIlREHqQRIcBnf7QXi9o=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAE68TUrPm0BNq8OvPoy+qLiLMpmdPst/
+NnsS6zpigLhAA44iaBY3p9FkNuAU9pYWq/cuRQCeJBCVQcgCQhfpqyyWP6njc2QA
+labCWibu+sWOQ0LAyFRIsnCVkqEkAv4raKeTxVjOjNY=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C9:KAS-ECC-CDH_K-409_C9-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C0:KAS-ECC-CDH_B-409_C0-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C9-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C0-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAOz3Bk9Sj62uOAyzgphIEQR6DX3ZqN6O
-dvgXiqYAaed6lIrPp00sd6doUWWamBlwVNqNRAC5jhNJf3dgcnEcQsGNv8jrjIUj
-/2M6+Yih8kLtPDxWXRjPIk+HUfKULjYLoW4PWDCVKRk=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAUaYmlApe+Nz3WZcRUVaKuTCIdpc1CQA
+e9l/no6Eb5Z0Dz+ljDyUEpZxzdTX6mUKKq3p1wG0K//ahDlGoUrWCA+VuPxrfhc1
+KNCO02/mQKr4WqAPte3VkFo4s8eWG3cit3uNy0S7JfU=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C9
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C9-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C0
+PeerKey=KAS-ECC-CDH_B-409_C0-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=002b560d1949297dc7e1bbe8ce49a595762924afcf0271e9c493c18ad5cbfcea5f3900c7b793ae5dd44f48884b0bc3b52c66e05a
+SharedSecret=01d48a586be9285fa38dd3e70b0330b0ffebd327ceefef88fdc1521ef2fd61cbc9124e03b0c926e70fa56acb3edb54c3c48fab2b
 
-PrivateKey=KAS-ECC-CDH_K-409_C10
+PrivateKey=KAS-ECC-CDH_B-409_C1
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNHO87LE3cR5eiXY6QP
-d9vi6owlCdIJBk45z5Ba+qkBCF+OeVybgBfJpdChuWgSwSSj/7+hbANqAAQByOmt
-xIFuZgb//14afUinhUw1qvBV0xgz8Mq96LvE0kWOPNPIKkr4B0X1lbO6Evi1wM6Q
-APxD8ZO1WJruYphXNeNig3TdRahqYbqveMIfpueHhW6muLiDFlQFcYJYZc5rhXit
-1fqmnw==
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAP/IvfXwEmYmkPg6j
+9dYXmBWcF4qnktedH/6/+Ntw7h/eBApLXx7TP7P/I8ROfGshsGI7oWwDagAEAdXJ
+Jg5z6jbk3qqkuPRUH2eAZraQdxqG8NrcWA/biVmB5t0C3SZO2fnBdjvVSmBSotPb
+pwEacGgmNl7OKOOLM2ILygFtLZM4UY39aGg3BHbay0HjuUdGV2nr6BtiBzFnNXb3
+dFHQ/hQ=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C10-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C1-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAcjprcSBbmYG//9eGn1Ip4VMNarwVdMY
-M/DKvei7xNJFjjzTyCpK+AdF9ZWzuhL4tcDOkAD8Q/GTtVia7mKYVzXjYoN03UWo
-amG6r3jCH6bnh4Vupri4gxZUBXGCWGXOa4V4rdX6pp8=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAdXJJg5z6jbk3qqkuPRUH2eAZraQdxqG
+8NrcWA/biVmB5t0C3SZO2fnBdjvVSmBSotPbpwEacGgmNl7OKOOLM2ILygFtLZM4
+UY39aGg3BHbay0HjuUdGV2nr6BtiBzFnNXb3dFHQ/hQ=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C10:KAS-ECC-CDH_K-409_C10-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C1:KAS-ECC-CDH_B-409_C1-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C10-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C1-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAE4Fw02sRObhsIzfrmNXwg23pUTcJT3/
-HCPU26hxuWeBtqYWONc4Zdr+CpRDw+wyiFfSPgEibEJ3eLsiRiTNIVST16TzKk8U
-GXkjZAlQXYz1jYHf08eT5ZVDp4AxTzzY7hdmTcLkY54=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAX6fAbHW5XAjKDMNIyod0/LFksxAn2yu
+8HCEQIN/NZdRDxEZVKpR5WRsz0fv8fB6T4rhywA3FPbqH9FDznUeLYW69UxVI5dh
+CO1IL9auEDdDExynFgJrFqHkliMfmRzcj220R/X5X44=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C10
-Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C10-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C1
+PeerKey=KAS-ECC-CDH_B-409_C1-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=000b43cb539bb4bb42f195ffdbcdeb482b69301c0155a840cd381f55c465a8e57ec51d6555871537b56bf84a1544cae2b2b8eb38
+SharedSecret=01856c92b46d671d8a7f6cc468efb60a61093d006c95bb931c1fccc336d4a8490fe17fe163c972bac39fe728f24534a0c34d2d21
 
-PrivateKey=KAS-ECC-CDH_K-409_C11
+PrivateKey=KAS-ECC-CDH_B-409_C2
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMg3d1nE0pBg3i6oN38
-kRHAou1JKyiVad0AYb8SJtI1vapSA9Pvor0BQdKs4nw66Oba8R+hbANqAAQBZ9V3
-sqQ8wafYimvog8KNv0jD4fvyGtg+en49dT+wttP4DNE3b9mL4mD0lHV83AYyVtWy
-AV7XADt9K9XgNZMDZgrdCQBJA5z33zlpieoYxwL3BMRc9v3nrQctMSU9HVKV6cXR
-1cYsOw==
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAlt4sOSnECF+cwdN3
+jC2/Pbfw9357p7vE5AjH1l4si4iwdV8WC621JOdpfFDmDI2Z5W2koWwDagAEAZxH
+15kUyL2udU7F7B6ByP8ympOOaXHu48lFxOv0ieFLFeYTVhbImMgLewa4r2cGHHaa
+tQAAiAIrT7DnVOxPq4z0/GNiVUJnVfqZtWgFwV6sBDJRVdzL+kFF4WHEDxib26o9
+0+DD1sk=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C11-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C2-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAWfVd7KkPMGn2Ipr6IPCjb9Iw+H78hrY
-Pnp+PXU/sLbT+AzRN2/Zi+Jg9JR1fNwGMlbVsgFe1wA7fSvV4DWTA2YK3QkASQOc
-9985aYnqGMcC9wTEXPb9560HLTElPR1SlenF0dXGLDs=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAZxH15kUyL2udU7F7B6ByP8ympOOaXHu
+48lFxOv0ieFLFeYTVhbImMgLewa4r2cGHHaatQAAiAIrT7DnVOxPq4z0/GNiVUJn
+VfqZtWgFwV6sBDJRVdzL+kFF4WHEDxib26o90+DD1sk=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C11:KAS-ECC-CDH_K-409_C11-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C2:KAS-ECC-CDH_B-409_C2-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C11-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C2-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAW9pYP0jV9L3C193i+XgqnFVa50vTM6x
-T3gS2oWKuHKBi0YQ1BqPZiALQ0NCIifZ/d9xLgCq9ZKnJedzg4iJa5vp94wcPWly
-ufmQNNAswPl3ap9sL5t9UB91vhhZmwiMTFiBxmFG5bk=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAYPuNVqTzROv8XVqCOWOIZWoJimNQ/bQ
+e7HDgrTlaNAICTkmAAnGr8vtDyMlLgHW0UxtjwGyMJs4GcJFSkitJTrJe848ebUf
+UO1oA88FRkt0paHeIhE+I8AYxc7ZGG3bmBxini6ds+4=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C11
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C11-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C2
+PeerKey=KAS-ECC-CDH_B-409_C2-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0113dd2cf8732ceb8a893e149f13d52026e5d829322d0f1233a624fd6b74d56e7e6374d70942a25152ce5073831660333fb3e070
+SharedSecret=01972e225e08b47512e92c0da9a1bdddb1802be402222cac5788b322e101feeb06b66b2fe726c1cd8aec92e02f37d15f4c97e64d
 
-PrivateKey=KAS-ECC-CDH_K-409_C12
+PrivateKey=KAS-ECC-CDH_B-409_C3
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNgelplMhd7UvI0knF9
-0Keyr5jgSIT3cHXkYEQQxQRKCEYezzfE76PtwstmfIS4ZBWTa3ChbANqAAQAClZ3
-rGwA0mRgVNvr/FNtsKmzUaJAinPgg61i0YL7h8uAMixTlVPs28ITzoTGbd+NwdI0
-ATJ6CjdpJA/aRflLsHNhx0qoyNEZQUp7VmbiWjq2iBl1OWMlp39UGhuiaAEqgsUR
-DSpJ4g==
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAq9XWHN4xGAMBwmnV
+KvhWuqObifXvRTZ/VRkhDHHXezGNBT7AwvSb9G3gXKvyPH0r19I/oWwDagAEAafv
+PRfDAehmG6ZsHN7oKptE1xaQnjZjtCPcBu9r5PYWzReTIc56Vy2kvKLom3aO3IRZ
+swDfdDhJogvDAmBitCDTlC8Y4tbFMH5uGVXjOwnVlR3FmzGisdWMIz4siW4tnMqo
+7rjo8RM=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C12-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C3-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAApWd6xsANJkYFTb6/xTbbCps1GiQIpz
-4IOtYtGC+4fLgDIsU5VT7NvCE86Exm3fjcHSNAEyego3aSQP2kX5S7BzYcdKqMjR
-GUFKe1Zm4lo6togZdTljJad/VBobomgBKoLFEQ0qSeI=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAafvPRfDAehmG6ZsHN7oKptE1xaQnjZj
+tCPcBu9r5PYWzReTIc56Vy2kvKLom3aO3IRZswDfdDhJogvDAmBitCDTlC8Y4tbF
+MH5uGVXjOwnVlR3FmzGisdWMIz4siW4tnMqo7rjo8RM=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C12:KAS-ECC-CDH_K-409_C12-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C3:KAS-ECC-CDH_B-409_C3-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C12-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C3-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAPVJxH3I6S/s04tXUIlYgORJ8eMavgux
-6syEKY+DYQjlowjMuVeNy9S+YXd1LrIx548BHACTZj7D/LVNZ2iXv8ldteVK1u6h
-7HtGykvz0lNYOfEByz5tXxG2o2v0A2PDHJ+IE3hiZ08=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAOhd6dY+NOXHu6b/mxb0yE2V8R3+khB7
+H77K6Yzm7/PblthpAL/SLNQj284eVya+jll5MwC3FBdx98gW1V7IxTgi0uehkvpU
+oX5bmbLZCWG1Spn+1Tq6S9oaQHStPSP5yREgV5W1RQs=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C12
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C12-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C3
+PeerKey=KAS-ECC-CDH_B-409_C3-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00c8e62ac25c11e86b98642e4ec7adde9d9436f9337369fb065abc9ea784f90b8b8bebae35da92185486191dd9f49370b1148ce6
+SharedSecret=00b6661a866abbf1843dea8f220e360fe7cd7d9e85c316138fd2532a57d7d2a6bfe6e5518019c603a2d0e338ac6a8690093c2883
 
-PrivateKey=KAS-ECC-CDH_K-409_C13
+PrivateKey=KAS-ECC-CDH_B-409_C4
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDM02ppFNxHwSgseobmv
-cB4Nw6Vc3VheQ+Ps9B6TTsr4gP8WFNzlzJkqaa3fxAja4bCbjQWhbANqAAQB97/0
-NVR6iVFtAX0b2sTNo2BBoNPf0DJYVisuKPQM1k9q4rcEV3c/lnXP/EDAIeRwKwjW
-ABPFmnLwyD9buQoL/ueYlS+5HuMpyYxLWRT0Ra58hIN2cFK19SmXRiFUXdzWN39e
-OH1XPA==
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQA8yPI7kM8m6FdNwgG
+mDSsxNk3vlAX4dGC7HZGarooLHO14+lv4QYUNkFALHLGJIS6HxLyoWwDagAEALdP
+UlIBGfwIU2zqWEIg3psGJAHmT/Y1kwXC5rDASpX3e69T4jwyau52IRSVwwssFQuS
+dQFUBYji/VaI0bNXY5CMH4I+7sqJQvYhbOBM72btaZHfaiL7dEEbE9BlE6ZbZOYo
+Fe4CBpc=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C13-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C4-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAfe/9DVUeolRbQF9G9rEzaNgQaDT39Ay
-WFYrLij0DNZPauK3BFd3P5Z1z/xAwCHkcCsI1gATxZpy8Mg/W7kKC/7nmJUvuR7j
-KcmMS1kU9EWufISDdnBStfUpl0YhVF3c1jd/Xjh9Vzw=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEALdPUlIBGfwIU2zqWEIg3psGJAHmT/Y1
+kwXC5rDASpX3e69T4jwyau52IRSVwwssFQuSdQFUBYji/VaI0bNXY5CMH4I+7sqJ
+QvYhbOBM72btaZHfaiL7dEEbE9BlE6ZbZOYoFe4CBpc=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C13:KAS-ECC-CDH_K-409_C13-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C4:KAS-ECC-CDH_B-409_C4-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C13-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C4-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAEEeXUyW413ptUHaX6xpEzZGLIgtjozk
-1utxIUF+cJUMTZUC9kVl1abPpzXJDu+Dx7hh4gCWuQTjfKHC21mlRhVifhwzVhYP
-4XUoSq3DsvoGugswqqB8hOZOSGUuX+swNZUGbg+EaPc=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAMqHCsvk6zrmXt2V1pROsJDg5VBxK+Ox
+Np5HMgP1Kxg4ZU96Q0K9gwlwT+1pM66dFizNfQF5bMKGvz1TrWNpdzdPg1bkVzC3
+qkOAX7UoAfc74+mzKAiYSq677Xvl455RM1sN/zR4KUg=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C13
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C13-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C4
+PeerKey=KAS-ECC-CDH_B-409_C4-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=012505746f1a40ef75f950595211ce04f87f1daffffdf8c12600a9e2994c8c1d8b19c0e0559adf9a94762cb983569de6d0d8baca
+SharedSecret=010889037c707d90b833d03256ff2e8a5ffce16fb3613486221494a4fee82e74625a93d966c2028d0930115494f9456cec4d2b6d
 
-PrivateKey=KAS-ECC-CDH_K-409_C14
+PrivateKey=KAS-ECC-CDH_B-409_C5
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMxQa+7qLTZ8MvoKX82
-WHMZZzlGXj4gqJr5/fiwHRlaoQUuYXa1+thWE2trMg7r/AjBzQGhbANqAAQBgF/8
-V26KRfBil7IzXQOryK39Fa03522A07QYDV9y78kPPysDas2Bf0D9SQZKol6jg8gu
-AfItprUKxWKJQ/BbFBSTyswPArzfO//bQ1gjQ7aGFXYaGAvX0asd3BX1N0qPZl0T
-tLkScg==
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAEz2iulSzYkTIBC8O
+LaNxjlbb0oSO9Ce92yQXf2JEdbU0AK/csYh56P5rRgmk97vCFSsToWwDagAEAOOi
+9OY8+8HuhEdFqz4eW+VzIEYJrs5eKLj7iriuBomEZ6lae1nAiYpBSr/ycDzLzcCS
+CQENc8Q7YwFwOVEErK1sGlY9MpZjIzKhSB3cLDGDa9Gj7hpzZNf1uClduVo3RbS7
+vrgJW8I=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C14-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C5-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAYBf/FduikXwYpeyM10Dq8it/RWtN+dt
-gNO0GA1fcu/JDz8rA2rNgX9A/UkGSqJeo4PILgHyLaa1CsViiUPwWxQUk8rMDwK8
-3zv/20NYI0O2hhV2GhgL19GrHdwV9TdKj2ZdE7S5EnI=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAOOi9OY8+8HuhEdFqz4eW+VzIEYJrs5e
+KLj7iriuBomEZ6lae1nAiYpBSr/ycDzLzcCSCQENc8Q7YwFwOVEErK1sGlY9MpZj
+IzKhSB3cLDGDa9Gj7hpzZNf1uClduVo3RbS7vrgJW8I=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C14:KAS-ECC-CDH_K-409_C14-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C5:KAS-ECC-CDH_B-409_C5-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C14-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C5-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAA+oJD8ACjOYgIofiP/Fo0KWj+5ceyap
-4f+ibvqIXnThxWICfZXbCMwVvSWj/BGrTcE8ogD+1ofHGX/xrrmA5yo6fDGBQgUs
-I4mwhm2zuH5cgCXnm7T0+Zb6Y1KrnLIBcu941v/KkG8=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAH62Hf3fw8DQg/4iE5Z5hjgdnjDmhK/f
+K6yPGjYujG1jWN+VkwYAQn38HrFBGP0SObZ7aQFbqH+YEUzsiyy0W7o9zwBrKH4H
+477x2ifOCNqeT0i9JB9ZofnJPIN4hHFXUPQIX5E/T3o=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C14
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C14-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C5
+PeerKey=KAS-ECC-CDH_B-409_C5-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=019a71ab576546e2351aa92b6075e8229813e6a2cb3647147b192b4597f1217223e7197d846c0d65ea0d4aa4c503bd000ba312ba
+SharedSecret=010a8aafbb243fc9466bf381eae173c01be95d88a9c131b07ed54d2f117cd3af4019ffb196ebe8290b1269622f9df26763ffa211
 
-PrivateKey=KAS-ECC-CDH_K-409_C15
+PrivateKey=KAS-ECC-CDH_B-409_C6
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNOUXeWysnXx1MW615o
-lj/mMkeB+rmG6UAgDnEd2/mILZmmIKl2NS4klnSM+2Hcy/bWWcyhbANqAAQAVqRS
-+x1VgHnD6RvyL4aITKiXiIBv59bWykC1SFB5133EPkZqcSWXksZf9qtyBAZsDmeo
-AfKbcj2ffU3mzML5cIB5xdMK5dlg5ip8T23Ji/yVtPUx8ZfDlIZwVDJZQgPCUUcV
-bf1bXA==
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQA33VUwBMv1OSiuSF4
+dfmSSlXKsxm3anwXnPAiKTdXmZbPlJILr9RT5S9dL8SAATKfvXjEoWwDagAEAWCF
+HP+UfOcqEYqrTa1M4sPOm8Mwzh0G761/Yw5Fu883CX2UBR2dMQq/+o2W7SKoR8vm
+kwB5o93eY2vGKvQebsDgc/5kYuOK1Lnjo27MgROixjlM7SGr3I7Flp5Y4AnqE9vp
+KalnCco=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C15-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C6-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAFakUvsdVYB5w+kb8i+GiEyol4iAb+fW
-1spAtUhQedd9xD5GanEll5LGX/arcgQGbA5nqAHym3I9n31N5szC+XCAecXTCuXZ
-YOYqfE9tyYv8lbT1MfGXw5SGcFQyWUIDwlFHFW39W1w=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAWCFHP+UfOcqEYqrTa1M4sPOm8Mwzh0G
+761/Yw5Fu883CX2UBR2dMQq/+o2W7SKoR8vmkwB5o93eY2vGKvQebsDgc/5kYuOK
+1Lnjo27MgROixjlM7SGr3I7Flp5Y4AnqE9vpKalnCco=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C15:KAS-ECC-CDH_K-409_C15-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C6:KAS-ECC-CDH_B-409_C6-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C15-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C6-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAL59WAQyY6svQiUtQbWC2GLCskPOGFdg
-gb1u3S9j8BZPNlyuZyaNIn85RGd+HBRq+GS4rgGkvLxkFthll6FIyk1hDuZWoAAm
-zmBHvZ+9QNiVMBlqRpOuWV1plWUDudKrSqvnyVihTGk=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAILxSOw00dCLJueeN3LhLWWVmLc7b/8L
+qxhF6aW1BxRJ7ydZ/tY6qAYkuDprLp1zm4P22wEJzqBIpyC6dJ/FIsha9f54N1HD
+n+jQUVug8NPc0Z8Ywi2jkJ8C14c1qhGy/roPjTMMVwM=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C15
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C15-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C6
+PeerKey=KAS-ECC-CDH_B-409_C6-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=014f4b7ea93c9dd846d2228c2b6a8dfe616057232b7af845a570cb6cacf9feef2d8ef4fafb285b38e63cce0a09b4d82dbe43a390
+SharedSecret=01e17b8844c4c757553a628d6f4c48f3a337ed2bbb6e4047dbfcfbfd02bb81c6e096f8ccbb7f2e5d10ee9cbcc960e3a99e79bd09
 
-PrivateKey=KAS-ECC-CDH_K-409_C16
+PrivateKey=KAS-ECC-CDH_B-409_C7
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMcgLZNUegCVpnnvixL
-mDz6S36RsRLi7KX50Mt+PU+Fr/ezOpIeqhJMtwAuq2KXPWXha8mhbANqAAQB/Q5O
-r7JsCMn450fUmR9GjHa0hkFm43ZCtYPbKFpLxMM5eZF9kSmpHLCnXBrufNT7q3PO
-AEaO+rz0SPzOgh896B6ZTXmn2Z6piayB+hNfesiLFUx2eQnGgffkjACy5mu664+G
-iPRGcg==
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAMnNd1/EY0p+fPKs6
+By24yIbUL6Xee+plA27TyNRKEej5b04abyVIiMqyFDBRkaJt0drRoWwDagAEAC05
+4PifuHUVHuOzVPjqFZ5/um8j+Kdk1J4H70PxjTz4bhuqrgrXnUAAcJpQJS8c42Ax
+NQDORKm3dbA89CsxAklmB5TCXgQisDrZurqiNhBhMlH+DlQEbgT5IQQ23TdgA9GP
+mN/a4Yk=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C16-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C7-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAf0OTq+ybAjJ+OdH1JkfRox2tIZBZuN2
-QrWD2yhaS8TDOXmRfZEpqRywp1wa7nzU+6tzzgBGjvq89Ej8zoIfPegemU15p9me
-qYmsgfoTX3rIixVMdnkJxoH35IwAsuZruuuPhoj0RnI=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAC054PifuHUVHuOzVPjqFZ5/um8j+Kdk
+1J4H70PxjTz4bhuqrgrXnUAAcJpQJS8c42AxNQDORKm3dbA89CsxAklmB5TCXgQi
+sDrZurqiNhBhMlH+DlQEbgT5IQQ23TdgA9GPmN/a4Yk=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C16:KAS-ECC-CDH_K-409_C16-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C7:KAS-ECC-CDH_B-409_C7-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C16-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C7-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAR/qWNnjbPjtTvO0L3fM6pO/VCrJIUHc
-LAlAYZhfPfeG0ZKle+4HJVCzAlg/D5QoMBsbdgGz3MG4o1RSZEJzhjKeuB/pkmVA
-QGlHgcDYsnweSUQrmbq5Pvlmb+oU1IQ+5LxbBFrFDBE=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAIPKBN+EWOXmzm4TuTfatJhSHYJvuVQS
+NFZ+mV8Gg8gPQ4UW7v8M+JGKX4tSYszco5l0FwBfizwg4/4lWe/g6FoSJ235Iu8P
+Qlf+cDviUp9u/7bymaGiUcAeONQ8pspXbvHgvrbJEh4=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C16
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C16-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C7
+PeerKey=KAS-ECC-CDH_B-409_C7-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=001fe2ed30ad4143c5eeb0b7622e6aa49e4e4d51c1ddc467b3fc54215dae931be0b6b6443e716895acb6570cdc21fcbdae46e5d6
+SharedSecret=01167edf7a3c50e13be126eb2caf6b5f8f761cc8dba413246423b877df74a3aa3f48144b44cd133ad9f2d05ef97a08f7ca511d7f
 
-PrivateKey=KAS-ECC-CDH_K-409_C17
+PrivateKey=KAS-ECC-CDH_B-409_C8
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNDyWwyz2SLA2ESQhrb
-qpJc1UF1q6055Wgb/J60sbZJrsHIduwexGEPGzsGUUpI5up6SiWhbANqAAQA3hge
-gbnnd21HRpSi0STQuHbZVI8g7jOGMElF2RMfkEV9m5ON8JiwNb7ar4DtbZeUBPxw
-AYGjUW2+qdqX1uzs2xD5bVRGnSc6s2bomkD9ztzxvag31cFL0QwLaiqcikeBASXH
-ZN017w==
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAsE8ztoeZYw1i9EM3
+x3xaa24Pdga1yHJEqk59ppjMj/HTMRtI7nyaaBK6+QVDea62HAwToWwDagAEAcWU
+DC3is3NYJK4plMFQhvqVh1Dk2DEjrwR+mzwmR0bJtdkZ2iFTVdjCiygIo30MxfL2
+oQAKv+bxUQoYLv943YAum6IeZorqVzLHMt38XfkwH1iZ8CuugPgoJgHvPu/kFO8s
+cm/gAlg=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C17-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C8-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAN4YHoG553dtR0aUotEk0Lh22VSPIO4z
-hjBJRdkTH5BFfZuTjfCYsDW+2q+A7W2XlAT8cAGBo1Ftvqnal9bs7NsQ+W1URp0n
-OrNm6JpA/c7c8b2oN9XBS9EMC2oqnIpHgQElx2TdNe8=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAcWUDC3is3NYJK4plMFQhvqVh1Dk2DEj
+rwR+mzwmR0bJtdkZ2iFTVdjCiygIo30MxfL2oQAKv+bxUQoYLv943YAum6IeZorq
+VzLHMt38XfkwH1iZ8CuugPgoJgHvPu/kFO8scm/gAlg=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C17:KAS-ECC-CDH_K-409_C17-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C8:KAS-ECC-CDH_B-409_C8-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C17-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C8-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAMqAk0C9EzVLYHHQc+Zbmw0rrILiKr/K
-x+cK/Z0iSFLw4hKXbl7II+uJUOArx1ns9W95qAAxKB6JdkAaq1j6jq+GNv6wExcL
-yrV4G+CijScznpRw4WbH9oXy6pFDMQ3KGzq44cjmBZI=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEATEVNql0W3R15sL9ckwj2epmgDoTm0fj
+riY7D7fkLjMWJ5u/YiriYlMbLiKD7MGmEnybCQHUjMx4HwvewxMJEARLdpCamr1/
+yxhAfcQvY5EvomZyCAA6stKBAq3PuT3cBTdg5Twtqng=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C17
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C17-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C8
+PeerKey=KAS-ECC-CDH_B-409_C8-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01610efb48fd22261921f7484ed6382fceb6bdf28f3bc2340a175b7971b93ed5ff357ed55e5307bbf42e40a5b3fabdaed0ce19a2
+SharedSecret=015c0d202bfdee2dfbd4be91625171992e6c6b1a1d06cc1b2b66ed64c9d928bd4f062912900d3f89045c7190f513d3b019a634f5
 
-PrivateKey=KAS-ECC-CDH_K-409_C18
+PrivateKey=KAS-ECC-CDH_B-409_C9
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDM2NoVLjuAlS7LQ6+3H
-ILZrIBKaIfGk/jkRjP3U0Tfb5eVw6+LEin+awhz/PlrfR0NGl9uhbANqAAQB78DN
-GobOdUTyX0TmOgkTwR/WsIvAmtjNgvOvfjKnp+ys1W4lUmWJMTh51Kf9Q4LUEU5K
-AFo073QDWZwvg/PoMplSSJPyQY/5XWwv3Ao9uXDmL93PTNoYKqeLVP2MLoGPse4t
-0ndnYw==
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQA1OvDHJpl7jsavZ1u
+ZJV4DFTmM/WiqfYchAjXZ9CRbZHLVM/Nk3U435LPxFk44zt31yTyoWwDagAEAU36
+qnBRjzZ838qJeVoNs3S7e0B6WMqsJLpGgk3OeFAQZ9fgRn0wueH9uwp+rOFfsMII
+zwGdYr4rEqF6ePbJ9+cDZpdl92PGI1/nr3jyUETpnEsbkGU2QLPwrkgaVdR9HrF7
+hsW62hs=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C18-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C9-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAe/AzRqGznVE8l9E5joJE8Ef1rCLwJrY
-zYLzr34yp6fsrNVuJVJliTE4edSn/UOC1BFOSgBaNO90A1mcL4Pz6DKZUkiT8kGP
-+V1sL9wKPblw5i/dz0zaGCqni1T9jC6Bj7HuLdJ3Z2M=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAU36qnBRjzZ838qJeVoNs3S7e0B6WMqs
+JLpGgk3OeFAQZ9fgRn0wueH9uwp+rOFfsMIIzwGdYr4rEqF6ePbJ9+cDZpdl92PG
+I1/nr3jyUETpnEsbkGU2QLPwrkgaVdR9HrF7hsW62hs=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C18:KAS-ECC-CDH_K-409_C18-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C9:KAS-ECC-CDH_B-409_C9-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C18-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C9-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAHR5WwqcoHBJH7VKO8JJmB3vvsA35AQP
-dmVkKLFTi5eFA/gfgK2e+XxeEnulHsBAWEuaIAA+zifz2u/nvf/fpyeyr5WvhZGv
-lGzd/jfoVkO40XnKi5UpEG+cXzqVqIGSJfnX1Kcw/SI=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAQwnNTD1T+F0u71cJ3GlWkLmQFDDvyUj
+5ggq9HbrAleHaW7fbkON0Fa1mPUABjPCZP17pQBEPnLak7DHgl9CI8eWgm/RMiNF
+6iWt898aLGlYkIwP2bE+k8wAX07LFVov/3rFT6gYB4U=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C18
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C18-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C9
+PeerKey=KAS-ECC-CDH_B-409_C9-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=008d990982aac8d5371b867de21e09064fef30e73321337dc24f19ad5ddb6c4ad217136b7c61e360a73fa7571d526c8f514a06d4
+SharedSecret=007c32383aae80e1111207894c8cc5be66fe538af4a19195742a94a4c3f5c765d9776a56177c485ddb53c038b70478959d374627
 
-PrivateKey=KAS-ECC-CDH_K-409_C19
+PrivateKey=KAS-ECC-CDH_B-409_C10
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNJmKBioyFwuzWJVNLC
-SW2ohiAIJ/oTVmg2ribjjVGSbKPSAlife/on6iLTmZc9tvn96fShbANqAAQA9xWQ
-sEKQtfPNm6DjlKO+WhUU9F5TSX9s3tv4OXKOAogTXXaeSyiTLIdYI/4lbokZl8R2
-AJ0WunJqWp4JEDvJSgnYB5rI7fI0EMhGn3n1XzNVz7OtcDYk7G117OrjiB2iCQPH
-HeH1rA==
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAJhdqr5imQzVm8dzB
+kZ6URT6cvzyX4Gm0oXQmRJFn9qEImsFqECpLPkMql4v7RiVdxD0aoWwDagAEAVNf
+yUm0kDAwi8Dal5PVcIh2asjPIujWwnbY8/dlDzATXh9sADAME0Ti8DBuoOJwsJqA
+rwC4/D+mHcIsVVAfKmspRJRtmfe7/vvses9PsgDBAC4yLDkXLsCits4IB/Hj67Hq
+NAA1MUM=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C19-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C10-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAPcVkLBCkLXzzZug45SjvloVFPReU0l/
-bN7b+DlyjgKIE112nksokyyHWCP+JW6JGZfEdgCdFrpyalqeCRA7yUoJ2AeayO3y
-NBDIRp959V8zVc+zrXA2JOxtdezq44gdogkDxx3h9aw=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAVNfyUm0kDAwi8Dal5PVcIh2asjPIujW
+wnbY8/dlDzATXh9sADAME0Ti8DBuoOJwsJqArwC4/D+mHcIsVVAfKmspRJRtmfe7
+/vvses9PsgDBAC4yLDkXLsCits4IB/Hj67HqNAA1MUM=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C19:KAS-ECC-CDH_K-409_C19-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C10:KAS-ECC-CDH_B-409_C10-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C19-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C10-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAR62TtQknhGVstEwejWlFNZtKbpvkET5
-wCtLLTyz49TAzcVInN37liJsnOPjb7j/Lu8gjACZiAsNDUPFxXmtd92uaPLJF/Sw
-YuqNd3uc30Zcu1kQfnCZJxToy/rHYpbV7emcSNOKiXM=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEATvrjTbR5/U9gL7qM+/D4AmN6uqheXfa
+j5qunFdueSDo9tpVogkwzmD9SQtPsBVNSSd9mQEdwdh/NS4SvbQaG3ofHlFmKe0y
+PF1bJj/wNvAj8P9fci0FbCSkEfU7NH0HhthPe+h5EFo=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C19
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C19-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C10
+PeerKey=KAS-ECC-CDH_B-409_C10-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0155dc98729c8c1bc65eb8a3ec09135f46bfa313bf56aa3169e312db8991abda338f8ac7a75bce42884068efb7e6e625939d2b88
+SharedSecret=01166107ab98db1dbe22c5888a70c992af4faf4623ef593802aedfe433809c53ef4ab0b2dc4dc2546488b356ef3265356055d8f5
 
-PrivateKey=KAS-ECC-CDH_K-409_C20
+PrivateKey=KAS-ECC-CDH_B-409_C11
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNaP4Bf48Mmb+s+C7fa
-Z2G7EXYYvFevNXtT8Znm5MvBKBl1MhQD6m3mGOwy6GuMoeENfEOhbANqAAQBrkYO
-EkhQTTPWftdQ8dYY5Tco1V45DfwY2UtW27PTwL3JbJLKHsqfRPuKWM823PzAWIy+
-APcBH8Mh72JY3Pwf3CwKTlTIbsk5vJzspsKRdQwf9UCzSkGHk4QqLFyrYGHbvptb
-4/phFQ==
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAvz5zlccqqEwJYOXG
+kCLOOQZ0BFNEc8THgpQk+B8dRLMfIOK5guJRz5/7Mnp9g09Z0ZSKoWwDagAEARy8
+TtkDaifv/In/1V+h4+rQ+5O6z6Cni8r+ORSrGpeGD+wTNMqroHJDWRYD5neRrqS8
+twEBB0xERidjCtClJY4kQ41x8mq5TQW7R9Grl4WMS5LG/xy5vma5hP6OFuRPOT5j
++dZCgcg=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C20-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C11-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAa5GDhJIUE0z1n7XUPHWGOU3KNVeOQ38
-GNlLVtuz08C9yWySyh7Kn0T7iljPNtz8wFiMvgD3AR/DIe9iWNz8H9wsCk5UyG7J
-Obyc7KbCkXUMH/VAs0pBh5OEKixcq2Bh276bW+P6YRU=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEARy8TtkDaifv/In/1V+h4+rQ+5O6z6Cn
+i8r+ORSrGpeGD+wTNMqroHJDWRYD5neRrqS8twEBB0xERidjCtClJY4kQ41x8mq5
+TQW7R9Grl4WMS5LG/xy5vma5hP6OFuRPOT5j+dZCgcg=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C20:KAS-ECC-CDH_K-409_C20-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C11:KAS-ECC-CDH_B-409_C11-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C20-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C11-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAKFelqd26tuPigthNgM1y1AX19lxFkiT
-QemVFX8a3xeOVii60+gwvuVEMxGRZIhttcNGVABVHKVgXkrgU0U0oKs0PQOaO6eh
-zOgyxNZeJrrnq45fnHSz1CGlKOVZd4qye1mq4akW1Os=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAWkMdGSekuHBAE9D/W5GkL5ZWQTFbSrN
+haSa8KF9NDaMh2jQOe3pySrSayYwa1/973v9GQCBJ19+L/BopsG5LdOMA0JW7XMi
+sCdwKZTHT1uBgSTTShkJh/1liJL8meesuYd71v6UaRk=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C20
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C20-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C11
+PeerKey=KAS-ECC-CDH_B-409_C11-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0109e85c684d027a625ec5e6df952e2f20a14ed5b092d1b1b38435251303844d230fffc53d84b923555e1e1cbebe20b5d68c3bc6
+SharedSecret=007e7a249094eb52bee0115b8bd5545f81bf0b7d66998fe124c9a3dd3c5715d03b2f973d47c19af5108a2ae005fcca65e61f337d
 
-PrivateKey=KAS-ECC-CDH_K-409_C21
+PrivateKey=KAS-ECC-CDH_B-409_C12
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNVkB6bZYa38zcmYOvP
-6QJJkAyQLXxjKo0X+uIdP94wNzJbV3XqxaF0oe4rP/K8XOadjMGhbANqAAQAupUi
-M1Mbamx63m8zjST8ZXd7XTBSl+ZtMssbxQbFvKIofTrNM/4ZZT1siKBuyjcSzpyq
-AHFr6xTwIjNjDzRgPjCb9uJXLwt5HfpMWCr2o3q83WTo14WpXd/1m7xvvht/xzVy
-Xvzwug==
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAltQDsPpgHJp1qn3p
+/p4R1C76k9lt01EC2gXTrIB+RBlOGOeci1vhHF+znIvU4xIyWvryoWwDagAEAAmD
+OUYpTUruzbb3JUykicD/E68txuLKViaDXV3SIkFEDDemNpDNEYZ1gf9htyUtB6+4
+/wBhg/7m9NbvW3I8U8lsXB7N2EZS43nJN4eNdm+DNwUAQSNZwi1HeL34B7PITluD
+NQkQoak=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C21-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C12-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEALqVIjNTG2pset5vM40k/GV3e10wUpfm
-bTLLG8UGxbyiKH06zTP+GWU9bIigbso3Es6cqgBxa+sU8CIzYw80YD4wm/biVy8L
-eR36TFgq9qN6vN1k6NeFqV3f9Zu8b74bf8c1cl788Lo=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAAmDOUYpTUruzbb3JUykicD/E68txuLK
+ViaDXV3SIkFEDDemNpDNEYZ1gf9htyUtB6+4/wBhg/7m9NbvW3I8U8lsXB7N2EZS
+43nJN4eNdm+DNwUAQSNZwi1HeL34B7PITluDNQkQoak=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C21:KAS-ECC-CDH_K-409_C21-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C12:KAS-ECC-CDH_B-409_C12-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C21-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C12-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAWQn5yvFfSapEKZyLqwsePuoq//MvBGp
-+Dd7/iE+2a1kveKuhof4/x39sptdzs0CJpgowgCtT5q8IdoNMfGWWc07DBhVgUNq
-wIsVwLSKesOe7QPg7pfhZM+qWrx3RBLL//lKnqKpY2o=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAFwk9K2b3LFGBoWiLaVNvd0VB+9t5Gna
+QXDOMBR1eaVJRduxvOnwLkcAM7sV/Bpw+DHnmwF8qTK5CgjKLj9VxQzA4T0nnXvJ
+EZxXPD90FBC7fBytEHbDukKu0c5p1WIosIL7beDu+2g=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C21
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C21-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C12
+PeerKey=KAS-ECC-CDH_B-409_C12-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01ae814e02c4684c21dd7e58a65ec51ec68c37e59e299ce65608186c0acce08e41c8320b1941a611fe66b1921b558d7f402d0eb0
+SharedSecret=00b9d8b68642b2729340d8b7c5ed3b3a8913c4a3f6b947473017c0e105bc7edc60daa9b0732772220f93eca4878085f756e3adad
 
-PrivateKey=KAS-ECC-CDH_K-409_C22
+PrivateKey=KAS-ECC-CDH_B-409_C13
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMESuQ70kfnWvp72Nwo
-51vbnd2Z31ZmjIMUVNwo8+mkTs/Ue6hCCihvHvNy/SmzZd+bgvGhbANqAAQAICaU
-83jXCWXUKCitXzcTe/i2POwsDRWOW6lMqx+OYeWjAJhro0mzrfPvwF5lZwr4jNPW
-ALrw2krtuXL4iiFd+/9k5CkPrcJdo/DYPzXmW8QXfTAl1x2O65xBRw88cZ4A7x+3
-VS5qiQ==
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAZxJewwmrXcfqVo+I
+FaKzDPrDNmu08BYNU3OKuZXOdWgfzV5JLzqXJbTPdbpDAaeGBJNCoWwDagAEAfHR
+ruX8WUykoiuButcH2CG+8yU5ZvXXeVYVdIOWFpb0xgR2pCtFK4nB7LNhVHXsnJbc
+hwB1XF71WIm0Fc76DogaPvyb6G82xnYVQjtFLqtM1WEa70GY3bMa7LQ07u7BLt0F
+kTrxn8Q=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C22-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C13-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEACAmlPN41wll1CgorV83E3v4tjzsLA0V
-jlupTKsfjmHlowCYa6NJs63z78BeZWcK+IzT1gC68NpK7bly+IohXfv/ZOQpD63C
-XaPw2D815lvEF30wJdcdjuucQUcPPHGeAO8ft1Uuaok=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAfHRruX8WUykoiuButcH2CG+8yU5ZvXX
+eVYVdIOWFpb0xgR2pCtFK4nB7LNhVHXsnJbchwB1XF71WIm0Fc76DogaPvyb6G82
+xnYVQjtFLqtM1WEa70GY3bMa7LQ07u7BLt0FkTrxn8Q=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C22:KAS-ECC-CDH_K-409_C22-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C13:KAS-ECC-CDH_B-409_C13-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C22-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C13-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAS6J3M35dYUazPApTPS94SWckHptOs72
-nxk5tVjE0hFSLk6qxhPjrISRyT3rbTRKn4esvgGlJgjq0J0tsSOg3Hgqsg3beT1b
-twrJXFjmIUa+tiu2aP1X+SA45Fhc3h+R7oxSUmr+sbU=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAKq/aquz6Q+VbXAE/8iTxw+OkM3DH8DH
+qI8WMgVB1YRDrzlAXYiNlnZVfN05SyfcVEn5RQEn8m26BsM/j7RdlVz9tc7dqT3Y
+pF20LuC5JkoFTBaoe+2tRcDZoPNbvGqnoSlWIug+vos=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C22
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C22-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C13
+PeerKey=KAS-ECC-CDH_B-409_C13-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0140e7db3f6415d884822ccc7316a329dfed177b76c0117abd722feca889bee4e14e65d26c6cc935c0e94205f05fc1a7abfb0348
+SharedSecret=017d60394c7ee64ba73db91484713370daa821255807349c237e5849411bf0bab3a1b353be3cd07eeddc5c2ffc74336225dae6f7
 
-PrivateKey=KAS-ECC-CDH_K-409_C23
+PrivateKey=KAS-ECC-CDH_B-409_C14
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNW1zcwdTracP2AHHSc
-Lx8aYe9b1uy3lqnhXv6bvmFY9mlUJ4c1D01kO9pvPoxkI7gXtTChbANqAAQAJaBr
-caCuJS8vkFIhmD6/ziGtlhIaXA3MXvDQ/sMB7HfvS5FYGP7c2n8/1zPH+eUpB5y2
-AAJokNUwO2Gcf4H2D7grJrC5jY8kxFyrQaRO6zo6MSlE6Im0A14ENgswUEPjDQy5
-BBqJ3g==
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAayzCOH9pr9Q5eLf2
+a9F2ZiVwgbpNZu5qmoK3yHxKxfDrprwtmByh2p/yArpyy3/pwGzwoWwDagAEAIak
+TW7k6MUNHhDX0dETqWEHUCEGeeDkyrjGImeEKTitXZM8mA7vnUZEeRu/01u6xknS
+EwEdpjISYxYF/qDpP1gmsZKbK9HblQYV/LBetHvZy2nq4DscM9ep5HszWkBJgjj+
+24mZsE0=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C23-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C14-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEACWga3GgriUvL5BSIZg+v84hrZYSGlwN
-zF7w0P7DAex370uRWBj+3Np/P9czx/nlKQectgACaJDVMDthnH+B9g+4KyawuY2P
-JMRcq0GkTus6OjEpROiJtANeBDYLMFBD4w0MuQQaid4=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAIakTW7k6MUNHhDX0dETqWEHUCEGeeDk
+yrjGImeEKTitXZM8mA7vnUZEeRu/01u6xknSEwEdpjISYxYF/qDpP1gmsZKbK9Hb
+lQYV/LBetHvZy2nq4DscM9ep5HszWkBJgjj+24mZsE0=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C23:KAS-ECC-CDH_K-409_C23-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C14:KAS-ECC-CDH_B-409_C14-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C23-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C14-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAKupOuHRVSiAsx9QP8S+n5HRAkfxTIFg
-Ff+yutKauBgOe1CicUTgHCHmPD2vzSUTCLrHaADkq2blFL0Cq+rhxxI3iKaSWE3b
-SpCaIX+zXeZliCM9re9wNv+dnyTro3cuL6MDe7rmPP4=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAB9P+/IvZ8FZGwp3DlY8Crpm/gFWHF4i
+flIrXd4jx0jKz49KAikN4mtHdn04ilyDbT7/SwAtJz8uhRblCDiPjtIBXsn+Z8Zv
+gyzysmHfrVhWEoBC+0phqRo3s0HeQpbUv2O/Z6NFinQ=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C23
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C23-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C14
+PeerKey=KAS-ECC-CDH_B-409_C14-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=002ec4deac3e83d60ad39969f2f93b49f31875831ecd51ea5c37ca48de081c0c8cc660edc53a222f3043447f9cb752763be7494a
+SharedSecret=00b19e052edd44421ee2f5ba845911fed9183d885da85d51dc819ca565ce574f7db257509876377b40c5a08349019563b60e13e9
 
-PrivateKey=KAS-ECC-CDH_K-409_C24
+PrivateKey=KAS-ECC-CDH_B-409_C15
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNisCbUlyBmDPak9Wm+
-mN+hCMjroII0rpqH88iLbGWTS5loFTIqFvmqvtEzF793Jb6lgI6hbANqAAQAD1KS
-U5TLUrwzDgY5DAwKLhDtl5cUn7zIjYD7yuwXPiSgXa75hAHV5H87dlvtu4JGMShW
-AT2ZwXEIBdX8fbclmsnhNLQR0A1z+wdi49IRzcVr9/cUUS0EpjDIcyVR7nNCh0ds
-9RHoNg==
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAPgmPPxleidpx1jZw
+APgEB5rcoydbLnk+jTEsjkAs8NDOUzF0L4dRX03ZzGaCRhlLlXK2oWwDagAEAQr0
+rjNLpAvWU44PCVqlb2GivStfOOlUt2F9kroQYDzcyoNlVNAkLds31eFXawvmnw7s
+5wGzNVIa7DBfMU1/I+0ozAxNI/M6Z4X8bG3pPl+rzicTAvlVf20q53xScg7aWi4V
+Q2RD39I=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-409_C24-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C15-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAA9SklOUy1K8Mw4GOQwMCi4Q7ZeXFJ+8
-yI2A+8rsFz4koF2u+YQB1eR/O3Zb7buCRjEoVgE9mcFxCAXV/H23JZrJ4TS0EdAN
-c/sHYuPSEc3Fa/f3FFEtBKYwyHMlUe5zQodHbPUR6DY=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAQr0rjNLpAvWU44PCVqlb2GivStfOOlU
+t2F9kroQYDzcyoNlVNAkLds31eFXawvmnw7s5wGzNVIa7DBfMU1/I+0ozAxNI/M6
+Z4X8bG3pPl+rzicTAvlVf20q53xScg7aWi4VQ2RD39I=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-409_C24:KAS-ECC-CDH_K-409_C24-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C15:KAS-ECC-CDH_B-409_C15-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-409_C24-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C15-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAKpOuJhEPM4+0sBy2Fh3WsIhwk4z7Kbz
-FXlmNUS7M6SgaKhtE/FntlMExffyX4lfZbL0KACDze0wIRtm8a3xcxi23lDXckwF
-hJleBotyRwOuCO1xoyszSYensx1sJjcVKRcyfTeszTM=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAbCDPrNEBFDj+lFIwlwt8uACBibyQHQi
+IX5Oy4vYp1GnK6suxWQq6Q/SnYxNeenMGRtbpQAjB4kFtqMwCf/qGhl325Q1ea++
+uHGXAFlpaynvkN2EYXdrNDoJyFOlOOTyL9+FT8vztzQ=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-409_C24
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-409_C24-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C15
+PeerKey=KAS-ECC-CDH_B-409_C15-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01c9cc05d19f96c4d233039cfbc43ab68d657bb507f46a353091fe98fc0f422a8e7593c195d326977a2be6bbd2cb44eb1fe81650
+SharedSecret=01697512676ae56ff5ab778c411042d217ad24a24ea05bbc253e4395fecc8a07fe77ae0ca4ed977459f1a14d9b83931bccf46107
 
-PrivateKey=KAS-ECC-CDH_K-571_C0
+PrivateKey=KAS-ECC-CDH_B-409_C16
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAXPNFjHhjs4Btzs1
-cv+qdJXEvIH0B4rlDWnLHjOKzxNGkRcRKSEWbd8tKfOp+OEMZ+iMmpkgOoNFZb52
-rFkSZDZzmmr6ApzFoYGVA4GSAAQD+/u8+6YJFX9oojEm2AX3x177Gb77WV46l14I
-/0a9NMi4e5ZFwOhuoK2RVGXVyFbGm7m3IrDRe/l62VxGAt6hfGtRIFTLItgHHBbf
-ceG3G0vT2ZOIJ9OVkJO52x/4a+1zlEpC3LZ8wzEC4owdDpgEpkUGVvS/M61y7Pe7
-g70oLN5LwV1OSAZKqK0vApefXz8=
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAfYSTE8ZJna5HKwvd
+t23sRYBvguCYcjMB3zO2u7l/eUvyaHn8M8KXP4bBVRVJZBqBm1cRoWwDagAEAEgS
+rxk3YwuOp9D/cjy7BbeidA/Eyb55LbIE+SlnTDLkfYXkdwuQPTKQptYsJ0yyV7do
+NwCMb2FxF4a/XFTrDBsxJtZBskpmYrZ7JXMCqaYaqM1QOEa8uxsU+lyXRUNotsJ9
+0t4q6As=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C0-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C16-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQD+/u8+6YJFX9oojEm2AX3x177Gb77
-WV46l14I/0a9NMi4e5ZFwOhuoK2RVGXVyFbGm7m3IrDRe/l62VxGAt6hfGtRIFTL
-ItgHHBbfceG3G0vT2ZOIJ9OVkJO52x/4a+1zlEpC3LZ8wzEC4owdDpgEpkUGVvS/
-M61y7Pe7g70oLN5LwV1OSAZKqK0vApefXz8=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAEgSrxk3YwuOp9D/cjy7BbeidA/Eyb55
+LbIE+SlnTDLkfYXkdwuQPTKQptYsJ0yyV7doNwCMb2FxF4a/XFTrDBsxJtZBskpm
+YrZ7JXMCqaYaqM1QOEa8uxsU+lyXRUNotsJ90t4q6As=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C0:KAS-ECC-CDH_K-571_C0-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C16:KAS-ECC-CDH_B-409_C16-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C0-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C16-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDEGpcHZI6CZDqjGAIw2w2a1PlYiuY
-RkBEdB+8eEAoTbi79gKGbDDMv1+bflnMHZv8xblw+mJNqbFfbLM29d2n5rmSTV3O
-RUMAXFx7vVp4msTGKD3rDQ03xIUrqlfWvCsKxjN/6wlwTETRs4W3DMOU+iNdg+bn
-EReH5X0JAsDLEyoZCm5i85hRHAwsTNUNRXA=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAXS9Iz+GHHuFPMqPWjg1dISe8s127yK8
+DhWfcTodBzh8QgOxH0wzm2aWdPzx2sGZcDvrBwHix3jMpklj2HMp5XyLyW0PZzcE
+H9CH2vwH3WcOLOclVH4aJhxD+8VOFMNHPr27Mf2oRzo=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C0
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C0-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C16
+PeerKey=KAS-ECC-CDH_B-409_C16-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=003198a6b5d6cce847e24348a6a6ceff7a89ed3794d7acedc4e858c80ad04a74dbc02c7038e05ab26b2a299ec92ee0d2c7e66a81872a5157fbc5d4d37ad598d6ddee995ed28a2d74
+SharedSecret=015960ea8b92bd77d52874e3ea82ed1763440189d68728d3974d4c01d6aafdbb5274648f6f3eaa4faf3fc72d09892ab038cb2fb7
 
-PrivateKey=KAS-ECC-CDH_K-571_C1
+PrivateKey=KAS-ECC-CDH_B-409_C17
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAJN+2zqilWPSJIWR
-yftEiYUJX5E6dFgxVZPPzofmj7DxpSW3MQoQEXbjTUXBAEU4lU4gRFQ4F8qw1WPf
-bLDV6GF7u6FQ51XhoYGVA4GSAAQCNjzFYksG3xlWvvpZfUx1fMKxABo+FUTSRAgp
-D2lId0VbqS5WCIRi8P+svTk8+DW1a3BGoV1Lck3Gw1c8sVbA3ymKqLElXLgECfdz
-uY1e3Cc02DWVMoG4KsDhXZAtiHp8a6dWKaN2cbEB0Y3f3EGT2YsYVRQUxJFzAEUw
-95dtJ8Jzpz3buJj8tfrenAu3iD8=
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAv6WUhWxnwoNrf7Fx
+tnx6Qa5D7zRQiYAkqTE2VPzzHh4fusetUrK8Q1iXWlxhq59OPk6eoWwDagAEAOG1
+MJpEgAqRatik0ZuCpYsA7gSCSAUKbtbDPOG8lwFUfpPXyQQvhJBlS3OizX1z9zPA
+vwGAsgM4dGNR+sz7mjcRpOE4RXVQu/WDFgNMbyFqU3SSY9/+I1m93NyJ7GRGqaSp
+9O+QyG0=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C1-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C17-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQCNjzFYksG3xlWvvpZfUx1fMKxABo+
-FUTSRAgpD2lId0VbqS5WCIRi8P+svTk8+DW1a3BGoV1Lck3Gw1c8sVbA3ymKqLEl
-XLgECfdzuY1e3Cc02DWVMoG4KsDhXZAtiHp8a6dWKaN2cbEB0Y3f3EGT2YsYVRQU
-xJFzAEUw95dtJ8Jzpz3buJj8tfrenAu3iD8=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAOG1MJpEgAqRatik0ZuCpYsA7gSCSAUK
+btbDPOG8lwFUfpPXyQQvhJBlS3OizX1z9zPAvwGAsgM4dGNR+sz7mjcRpOE4RXVQ
+u/WDFgNMbyFqU3SSY9/+I1m93NyJ7GRGqaSp9O+QyG0=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C1:KAS-ECC-CDH_K-571_C1-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C17:KAS-ECC-CDH_B-409_C17-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C1-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C17-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQCESI8S3KbIGvgH4CFqZfh3eXNsnwE
-iSWic2m8ymo+L7/GVjfx7OsTO+dJZ5oXsc5Ygh9GvRhEqJzwBCyAQ8sQXgGj/JSN
-JmMCsewubiwjdbRksKUCxQU7WzSL0IF4xyxgMQXQRoGWpGldwmfW4QnxsSdEU7bv
-8U3fN4OWnoglZI3rwhav/5JY9kTXfs2ZEc8=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAMHctzfSUwNbuR0qSoXzfQAUK+gfySeM
+sjpNHXnSfI08RECyyEK8HiH2kk4U3IMbCr+4RQAMc9VoewSQzMB/ZUEBrN2zbNDC
+7szhZd8nb4O+IR0B0w/1wkPwkAVy7m3wf1Od9qRomws=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C1
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C1-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C17
+PeerKey=KAS-ECC-CDH_B-409_C17-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00577147459262e5ad42f222827f20ed574b2118924205bcdbd339ce20cfb085d072fd70f4ca1f5768fafaeb5710f7ccbea4fc2ae5377b0cff20a889a2201739139bf788a9bf2d7d
+SharedSecret=01127491ff33a67ffc4757416cd02a081cafb723aff52af35b069b89963e8e3ef5bc19c5a093ccf511e3c3c19be789280e986809
 
-PrivateKey=KAS-ECC-CDH_K-571_C2
+PrivateKey=KAS-ECC-CDH_B-409_C18
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIADQJmwdz8CHuDT3R
-hccEtRWKlDKNqgl2j61YBN8dovwGcZDPECjDAje/KkjaE6uuNaJcPmOH05k/m1aD
-Bbi/CBj/Un3YIF30oYGVA4GSAAQGdNzE91XET9q9wHhIgQe7ZKRgupMsfhhUhMzS
-f6hwAxEH6ZVSBLBjC5tNNgjZqpMdfHZswuRYeOttjNlr33EbL+i0e40jPtUF2Wvm
-t+K6dMgDKvGcovKznS/U6MibFWtrJcLqT3H3SgLKfaKkY6zXYF1TUP0WqckFJTTn
-6B1kjkBgorAcRZwmDLZWfaH8UxQ=
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQASgIOBsQA7ySYwRHN
+4VCHzaSKb7LswB2YW1fw05IZIOksQ/OraIEp3AGtKfwx1o6WIjGboWwDagAEAWci
+f2KElZTtY/JH94Cy0R3ZosLHG9a3EpTPi1nOaQv+ANqbwduNHarJv/jADnvfBx/g
+0wE2w+p30JPZc5++aJExixSVl3hZm9Hn1al7/IL/6F/VqaAbgvcuEfrZbS9ctXmP
+We/qFe0=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C2-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C18-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGdNzE91XET9q9wHhIgQe7ZKRgupMs
-fhhUhMzSf6hwAxEH6ZVSBLBjC5tNNgjZqpMdfHZswuRYeOttjNlr33EbL+i0e40j
-PtUF2Wvmt+K6dMgDKvGcovKznS/U6MibFWtrJcLqT3H3SgLKfaKkY6zXYF1TUP0W
-qckFJTTn6B1kjkBgorAcRZwmDLZWfaH8UxQ=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAWcif2KElZTtY/JH94Cy0R3ZosLHG9a3
+EpTPi1nOaQv+ANqbwduNHarJv/jADnvfBx/g0wE2w+p30JPZc5++aJExixSVl3hZ
+m9Hn1al7/IL/6F/VqaAbgvcuEfrZbS9ctXmPWe/qFe0=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C2:KAS-ECC-CDH_K-571_C2-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C18:KAS-ECC-CDH_B-409_C18-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C2-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C18-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQATUi+WZ67HtYCRy16h/TNIID0TsKI
-Vf7MOpzd4lVReHq9J8wdp+d4F+lMnAKJwAWg4247z7DTgejMloS2990FF38W9j+H
-IcoGLPca8KL441xNf5MSvTSoRqOA9j8NxylMGIdxAzV+INHw7v8xKpk96yoez8gK
-6galtx5Pi5zvrrzTJiaRkGT4ivQW2G4+evM=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAT2WomfRoqnqg66xsB2KziLiUcgvX1/D
+71mXowEadKEBFd9g6Y0TnN02DnTXb6Ui7rVvSwFrZVq3zQ059Yj77+xU5PRQR2ZM
+izvo5XqxE3cPX+DGIwD0oJ+iiZ5zu8mCMmX1XVz0rhg=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C2
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C2-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C18
+PeerKey=KAS-ECC-CDH_B-409_C18-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=014662b261d0bc2168642bfa4f80c4b3fe8176f604ad3703f443ec7aaa3dcf3c5465b869a8fcea60b8f55ce7118806c5d28a04848bd961db0061209b59bc02979acce9324d7c0c31
+SharedSecret=01254508553eab09fbc2fafe13fa9b324d9217d7d0ba4cedbe5dc869ad68de4f87774dd17d6428ed242c71956f252969e6bd5837
 
-PrivateKey=KAS-ECC-CDH_K-571_C3
+PrivateKey=KAS-ECC-CDH_B-409_C19
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIABVHQ433b8teKuaS
-WEW7+wO0++glVhbsf72XtI8RJpIhn08SdebSRT1bzzusQQbwFhuBGfSH2ItfjI4I
-s6oXuD/gEQLXY5LToYGVA4GSAAQEJ+LcEe5SI72cPZQYx5EUaC+R3aBufYjDOafl
-bg37Y2tuY/3oo4EUbstwXKIC0rc99AhFF2PFFmBmqX/05PMvC0zJQjRLCy0HYMij
-iOLuon72g4x9RQUuOMvuIJbL6J93R3QTQHZljfkMYsfcDj/emV16mQkJkwCatsU1
-Z329s3bxg+tQktLLaog3tr6jXc0=
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAwZs5FmX1A1NUf8cs
+ntAZ9TEWkO5B58iVqn75LGD7nzRU36xXUkWmhp8f3sdF1j6lbIkioWwDagAEAFOn
+piqLQES2Cvdu+ltEQpv2X2WYfWoGIWPdVfCNyakbi7m2Jw+KAmEj+Z65NyzL3SfK
+OwCt1G9+pwkvSN2qL+uWyyS/ktJij7bk983fUj5fhAEc+Kq6vWAJoT8ppjtrfuZk
+xm84KfM=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C3-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C19-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQEJ+LcEe5SI72cPZQYx5EUaC+R3aBu
-fYjDOaflbg37Y2tuY/3oo4EUbstwXKIC0rc99AhFF2PFFmBmqX/05PMvC0zJQjRL
-Cy0HYMijiOLuon72g4x9RQUuOMvuIJbL6J93R3QTQHZljfkMYsfcDj/emV16mQkJ
-kwCatsU1Z329s3bxg+tQktLLaog3tr6jXc0=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAFOnpiqLQES2Cvdu+ltEQpv2X2WYfWoG
+IWPdVfCNyakbi7m2Jw+KAmEj+Z65NyzL3SfKOwCt1G9+pwkvSN2qL+uWyyS/ktJi
+j7bk983fUj5fhAEc+Kq6vWAJoT8ppjtrfuZkxm84KfM=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C3:KAS-ECC-CDH_K-571_C3-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C19:KAS-ECC-CDH_B-409_C19-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C3-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C19-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGvyUuYsmWkXGpcXZx2g9wMulSCkl+
-yDH03HdqyH4BlK+ZVGxB0IBI6gbakjXPE2nD6lPmuMu3p/1CljVFSNRO30Y/d600
-GwIClNX35zbc2JkBmOTg8LOYuKxqh3ZK9gFZYjSi4WLJxmfkfrPZh++66wO142ma
-OO+VPHT7KP19ik7Fo2MZzMRKGaqIIB3ay/g=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAXh7MLOyBOKYaQudcR/+7xZ63FeSBotc
+jUIuyQ+Uwr3ShM2/i+5kL3C9e+LakGue27ws0QBDB4+RIRApChPZAWDw5xWC+jnA
+512BkOuBHUUCIARMxtaA2VapiGDm/IW7htZZkKFgxbg=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C3
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C3-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C19
+PeerKey=KAS-ECC-CDH_B-409_C19-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=051ec4db0622b7b1c798366453c70f959376ea3942aed2e931ff62a4019eb12ba5ff119214c8bfd8bdb66e62b562400f2d3d48a84b1b3baad3667f735ad4d0f183bdb91aaedcf1f1
+SharedSecret=004b9accc21d7122835fc21410ed1d83767c47a54ffee5f0c180fc55f3d0e8484af3ad38020294be92f02f0ba7e2b4f4eb1db07f
 
-PrivateKey=KAS-ECC-CDH_K-571_C4
+PrivateKey=KAS-ECC-CDH_B-409_C20
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAMe0JSypsZLF/qqa
-IQ/YTi5IMgJx8Q9n6p6zCw3oCG1Z2uBCWf0SsIbYkOItRdJ9fIRV3Petp5bjXjox
-ODQsxza8PtN4HEEZoYGVA4GSAAQDJWI4OOixjYG2gGBzQlTrArjrsiZFVvyYUMNt
-MDVEmqdk81Hbr3u8qbmtsR8nzIihrG+3GqEO+NDQk5Kwyn6qelzBQHjMGLsAmPx2
-VtneOlGSPbopDsvkE++NlR8k6SSMtVIwn5cSf7lCns9t0Htt6JTharYOM7TucwJM
-y+hm3l4X8bR43HcnobtCNxggsS0=
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAbJCYtT0Q8qwChKmZ
+AmWPZn6kyrKGmK8/oHAGobtGNjsQPEqkySwcP+dTkJf6cLik+kbFoWwDagAEANPt
+9lL0P5yakqLk00uoP11+lQwoNGoqaFG/dVRwUBQKTpwcG1AOHSrTZMMGuaRK9QOm
+IQCZsmxkNn8ZA9qV31FWLSUELAGhrdp1u6WL2w2KqzULUuz76YSIwmGd4BzXD14A
+iVO8pUc=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C4-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C20-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDJWI4OOixjYG2gGBzQlTrArjrsiZF
-VvyYUMNtMDVEmqdk81Hbr3u8qbmtsR8nzIihrG+3GqEO+NDQk5Kwyn6qelzBQHjM
-GLsAmPx2VtneOlGSPbopDsvkE++NlR8k6SSMtVIwn5cSf7lCns9t0Htt6JTharYO
-M7TucwJMy+hm3l4X8bR43HcnobtCNxggsS0=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEANPt9lL0P5yakqLk00uoP11+lQwoNGoq
+aFG/dVRwUBQKTpwcG1AOHSrTZMMGuaRK9QOmIQCZsmxkNn8ZA9qV31FWLSUELAGh
+rdp1u6WL2w2KqzULUuz76YSIwmGd4BzXD14AiVO8pUc=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C4:KAS-ECC-CDH_K-571_C4-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C20:KAS-ECC-CDH_B-409_C20-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C4-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C20-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQFcB5jsBwWxOsZk4JluhNMrHMWJ44v
-HrQKBHdUSL3tl+ejfQH+2KTgtD/026IaR3WczUW/lnHdIu7GW0r/i424nf4+SQwK
-ydYC3Ze2QVruKwHP6zzSoDV4q/7Zyoe+mibYmVlah7y9lydI+moL5OtVfmnG0o4r
-uhWA3HTidR18zZGMRrS+aHWk5MKQ2VnCPBI=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAenaCtGhWsPEMfIglU7S5QKve3RsP9V7
+Ls63dIZYAgoJVmSHg1TfCqGB5X5erSyYWtMCPQCcznOlRwg0i0j48/Z0u3ZU9EHy
+g9TopOyPhZLvUjlfJMES1ZQtOuCP/o2Znv3jmYiKfPM=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C4
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C4-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C20
+PeerKey=KAS-ECC-CDH_B-409_C20-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=05b355eb5c47d8027b6c5301d2463b99c636db207792e2975ab1a53c1cbb131280288432a79a3b47271d6a2bd777298baf8a675f66be9dc72c3588d299df8b52e7840322b43c2071
+SharedSecret=0093e2581c159d74d11f8667ee03399208b5c1a4ee5b20070ce8d97d251ef1236dc81dd688b2f07a730e6b8aeca0c193a28b178f
 
-PrivateKey=KAS-ECC-CDH_K-571_C5
+PrivateKey=KAS-ECC-CDH_B-409_C21
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAGbMUZgNOFG0iMLB
-gUlsg1BfuVex7EqE3x4QXjDQAry5eLbQvcO3ZE7T37wzymv+Q2LNjMVBdAsN6M8u
-3M5FkuNPoRrCbskioYGVA4GSAAQHcfop5ZMNbf0206nnFZZ1/SPQteH9muZFSsqe
-gSfx5+P1MitcFrCVVzsyZtCPDcMwQ/+z17COTgUu0/A0mjKQJepv8+FmhUcCL5lP
-mXRpLbtuWMx65fkGUu4jHgo5YVadxkbRFFIqN3dBDBs1LWaAefgAELtUDkwoQIZl
-gQ/mH9YOcNMMaI6rj94ENk3uXJs=
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAp/o4qKuAMNa0l6I7
+3l5QB+OdFNqfgtxWSuPNtK9fz0G8/vetrbWRcebX09PDrGf3vnBzoWwDagAEABO7
+O6kdXSSIr1ctmVzvj/+x/YXRE0IejSwMOql824qTP8DT8F9GRs6EHr3PGphgS/+j
+3wHy4E6hagEtSGTPLKdWSEbec6M/JFeNxNIhNZxPL4bKgjywWWv+R2Dp6ty0rVCK
+saFx7L0=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C5-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C21-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHcfop5ZMNbf0206nnFZZ1/SPQteH9
-muZFSsqegSfx5+P1MitcFrCVVzsyZtCPDcMwQ/+z17COTgUu0/A0mjKQJepv8+Fm
-hUcCL5lPmXRpLbtuWMx65fkGUu4jHgo5YVadxkbRFFIqN3dBDBs1LWaAefgAELtU
-DkwoQIZlgQ/mH9YOcNMMaI6rj94ENk3uXJs=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEABO7O6kdXSSIr1ctmVzvj/+x/YXRE0Ie
+jSwMOql824qTP8DT8F9GRs6EHr3PGphgS/+j3wHy4E6hagEtSGTPLKdWSEbec6M/
+JFeNxNIhNZxPL4bKgjywWWv+R2Dp6ty0rVCKsaFx7L0=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C5:KAS-ECC-CDH_K-571_C5-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C21:KAS-ECC-CDH_B-409_C21-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C5-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C21-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDL6GBb9IxfBa1sZol1G+l5FqxXuny
-sdEnTCoGAjmU2zCfrVb2CzzlfzLfx9BFqEt9gFIyvjTH51lRTDCiUge6gAIVsgYP
-BMIEFGlZPVdIByuayP3gIwlSibzfZasb/AhW+D6a4GyJcwO9FvXkWCPWX+yDEP1D
-MrZc/0enma9PfIY44tf4WUjEPxBTTJgMy2I=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAMSSlPtxKUIiGiUAMkr3vYx+wc0bgJTe
+0brAAQqGlgg/fvrsqlED1nYkmeG+SFfTIAMCgQBWT6ERCzk5Jd+7JLqaazNz9GJO
+y8PhL5cG86sFQpktjbbI2Lsl+gYU1Ib20ayfPZi57f4=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C5
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C5-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C21
+PeerKey=KAS-ECC-CDH_B-409_C21-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=052bd78bf1326c6d91840a351d4874d36b147139882356c595b8607f9998773092a99adf70adeed19e122d4d2fec16285f000161145135d96355cba039a96335e7716724c249f88b
+SharedSecret=008e2f1c4bad19c46a5134afccf7f4ec14ab591c8b8ea48d9c3d1e7354ab43ba20aa39a65fd92cdc176cf3dedecbf9da49a8d855
 
-PrivateKey=KAS-ECC-CDH_K-571_C6
+PrivateKey=KAS-ECC-CDH_B-409_C22
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAZkNFfosyQ54PUMi
-AXhLq1a20p0fJmWnbNAT65b2MA7Y92K3ilWWrH6MHnYWfxB8IEQ7GscyEB6fCsoS
-VRpTbRUt8rPbDyDeoYGVA4GSAAQHbD1y8OcV8kkbydmSeKjvPDkLOpbpmXs35be9
-il8Hr2j44O44krY/8RKnOoSfDoSngtT7Qm618vFa2szp5UdqbazPOn+popEFQKdj
-gjWZ4MhgJ7rMjLsw46JGcnb8T35f1O04XfxviD/te8pp3yGgZotV69KS2o/WNWo+
-xc0cdiwBRzqgZwBMrO2tVk/gaRA=
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAzp+Ce9JMAUw+5Z7e
+90cXjWwDDBlmmtjnGLoTAr70ta0sEjNEj1J1spqJbAsuew2pIGi+oWwDagAEAXbj
+EBLZxgSy0aGSKijYpXTwYMw2OIsoFtL4EX2iDAaZqwoI92+6pHbwqcQkv0yVK0dU
+/QEf7cPo+Ogo4P+/Av2F0pwCAf0PU78mFMEK5RzLWMvEkAw4zEyaUthtifm4wt5O
+In9OIo4=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C6-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C22-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHbD1y8OcV8kkbydmSeKjvPDkLOpbp
-mXs35be9il8Hr2j44O44krY/8RKnOoSfDoSngtT7Qm618vFa2szp5UdqbazPOn+p
-opEFQKdjgjWZ4MhgJ7rMjLsw46JGcnb8T35f1O04XfxviD/te8pp3yGgZotV69KS
-2o/WNWo+xc0cdiwBRzqgZwBMrO2tVk/gaRA=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAXbjEBLZxgSy0aGSKijYpXTwYMw2OIso
+FtL4EX2iDAaZqwoI92+6pHbwqcQkv0yVK0dU/QEf7cPo+Ogo4P+/Av2F0pwCAf0P
+U78mFMEK5RzLWMvEkAw4zEyaUthtifm4wt5OIn9OIo4=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C6:KAS-ECC-CDH_K-571_C6-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C22:KAS-ECC-CDH_B-409_C22-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C6-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C22-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQD5j3UyYwVE2HJkCt2OuMvLW3nWVP6
-PWg4wdYT1Ej8pzvzAtMCEqltMrlUnhfFzzlcVlGR9qItrE2nweGp2brobr+3LILq
-GZoEFgmrnBLBXlEnAF6+/2/R9ztpEu0HCvh/X/wh35A93h1xVYLdL2mQQCAARc26
-ns11isTQhNTI14IZ9vrZTTQa132szau1Sis=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEATSt0sSZFy33ktlKmziV4kW4QHPDJSY6
+hYwen3zzCkTyaNP4NYQR3AqcqrUFwKvAFhML9QAxwjaxQ8oDbIg2Qff5uVf095ij
+FmfEFWA0Ann84JYqIb2LtS+iPbcahPNaV5TvXgdZct0=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C6
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C6-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C22
+PeerKey=KAS-ECC-CDH_B-409_C22-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0226c28e5a6bc735935f9df2c1b02d096d4dee41ffb95a67905aab8de1b2d8c66e2bb471293091438d3f05df7e48003e58a958b72f839f7f2e2c54287fa3cadcd41a2542ae4ec03a
+SharedSecret=0190a1693eebe287ec980236d8762804d23fdb6f222763a0efc364f9280fdd53394c2badcc51ff09557f3b97cae7f70d790bf9df
 
-PrivateKey=KAS-ECC-CDH_K-571_C7
+PrivateKey=KAS-ECC-CDH_B-409_C23
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIACsJN+cx9Z3d3w6U
-+6krsabOuBnnZZvPbt1LSvScLvJcW2A5JW+Sg2PhhASxZT05mAVMLCWj+DoMVUih
-OePmoYB1Z0bNNO4poYGVA4GSAAQCcMTADeJwkBDHzwR6DOabh/QdykjTW3H7pLJY
-iG1zrkLe+4ZTlRwb0+tM4OYXWpRsZ6+md1NHXFH9UlsP2fWiba/KMZ+qXhUGaAu9
-woFQX10/vil0SpmeB/9hJXaZP2+L4xE9se5s8jeZhnu8gKFAN2qbYydFH5i/j9Hb
-RvnZzAXohwTVcS1FZ+HfQNOeme8=
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQA4287mhNBmVsT/nC8
+VF0nnm2xSCySsTzozA2hwQDqL6qAOmSljMfrHP0WdXCDXFIvZZNHoWwDagAEANHK
+gjk7jVC9GJipCb85Mz7KO96YsLDc7Wb4KGMOaebrEot87CPwcmAEcHMmCnZTMd1v
+VwBsU1/5Q6D+dQ/Gw5kEppEroevA9GwbCCPkATx3R16imz8ySBlm8bFlvtumwXoU
+lPttTz0=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C7-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C23-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQCcMTADeJwkBDHzwR6DOabh/QdykjT
-W3H7pLJYiG1zrkLe+4ZTlRwb0+tM4OYXWpRsZ6+md1NHXFH9UlsP2fWiba/KMZ+q
-XhUGaAu9woFQX10/vil0SpmeB/9hJXaZP2+L4xE9se5s8jeZhnu8gKFAN2qbYydF
-H5i/j9HbRvnZzAXohwTVcS1FZ+HfQNOeme8=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEANHKgjk7jVC9GJipCb85Mz7KO96YsLDc
+7Wb4KGMOaebrEot87CPwcmAEcHMmCnZTMd1vVwBsU1/5Q6D+dQ/Gw5kEppEroevA
+9GwbCCPkATx3R16imz8ySBlm8bFlvtumwXoUlPttTz0=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C7:KAS-ECC-CDH_K-571_C7-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C23:KAS-ECC-CDH_B-409_C23-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C7-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C23-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQG+Rp84Rupvy3h/gcPnchDu3F8MG2c
-Y7UHjSoRMj8gycDXt3Q9MR3azc9d0A9JixmWcseK4l5oZNYr3BaTXW+42tIILTZ2
-6/MEWTxbrRLD1lXGYRx8qXEfnjKij+5Us7gkOWKjxV1B8sGF5MWLeimY6XgCG5W3
-JGNdrMvX/DDSByB5e8KRNixVsCSssr3PPVk=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAPDsly3J/f0IzY38unKYtN8tvYDCCyiJ
+5mOsWMw0jL+Pn/0x/7UGGNbDjXKpnVxdLqzAAQC7C0iJPNuRXmXNXXl4BIAgF6KV
+NDZUJGo3/jpg196YfmqaEKrwY9lrEBhGEszSZAfX4D4=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C7
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C7-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C23
+PeerKey=KAS-ECC-CDH_B-409_C23-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=051a3deb052d3e99bb6ab6c6b284db2c998e9bee543e02e57f1b13fe9fafbfe53a89658c58eb947dbd178aea2f6cb28e305c9867bd65bb26f71793f90c984ca11113e1a8dbc8f7d1
+SharedSecret=001469dabcf2210aa7de0040b201221eb4d1a4725431fb5a93212a66ddea4187e078f5e3d82606f6cdfc0ffe6b69574d1d0ba643
 
-PrivateKey=KAS-ECC-CDH_K-571_C8
+PrivateKey=KAS-ECC-CDH_B-409_C24
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAc1Bz/diQCqDTn4K
-uQj8VJQPaXtQAipN/tjPCxPX4O5SP78z7paTiV+RjZThWwhGVdYbIpTKUcQSP+Xg
-ho6dDRysITjwV3oXoYGVA4GSAAQGEHl7vG2RMRgK5Uq2bmeAhJJYNpdBRw4HbPBe
-B4W7TnkAuQjTjY2rO5QnuVKt0g77dYz/gK62QcTd4e7aVQnzhtVlhVlgnO8GjSUV
-9CWg4wN1RzQvG2/5MXY/UFLlNupPeDd7XJQUWcjCIBSCr8882nOQ6eXTGUUYZMoD
-aDVBqyzXep2I/XphDKhF7lzT1Jg=
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQACKBnFu1vTPco+QGZ
+KPNnx3qQUkkLmouoelnNyoTnfGopmFP1SW/r5lL0ujM1AcT88rovoWwDagAEAKBF
+tea7t5UElfbV1kWit9cgBnJdAiPH/3VTQCLJJgqw0tjTM3iaPcz8OolQLKUAvQwf
+YQHsVW4bFiHsGJNlThmNWSPjEUeKi9L//ygMkJL/wHNyiamXSStunr+TGUdjTvf0
+O0Kc82o=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C8-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C24-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGEHl7vG2RMRgK5Uq2bmeAhJJYNpdB
-Rw4HbPBeB4W7TnkAuQjTjY2rO5QnuVKt0g77dYz/gK62QcTd4e7aVQnzhtVlhVlg
-nO8GjSUV9CWg4wN1RzQvG2/5MXY/UFLlNupPeDd7XJQUWcjCIBSCr8882nOQ6eXT
-GUUYZMoDaDVBqyzXep2I/XphDKhF7lzT1Jg=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAKBFtea7t5UElfbV1kWit9cgBnJdAiPH
+/3VTQCLJJgqw0tjTM3iaPcz8OolQLKUAvQwfYQHsVW4bFiHsGJNlThmNWSPjEUeK
+i9L//ygMkJL/wHNyiamXSStunr+TGUdjTvf0O0Kc82o=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C8:KAS-ECC-CDH_K-571_C8-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-409_C24:KAS-ECC-CDH_B-409_C24-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C8-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-409_C24-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQFqyp/EKyJ+YxAlYCrwRrZDJM2Dmqy
-gpILWdMWyp8rI661CHbLG8vo7prmtVM/3NEa1PhtiRjWY4nah8mL8dYyO9CUfYCZ
-CDsGieGUcnZ5HcuVJxg+MqCAcrfgPcrRdf48/Xvu/ISNzvSDOAxgBUEThccCfJpS
-tgpuU3qHU4DSW8R8e/I2TdaKZvIdD1eGakI=
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEATeERODe7P867Fq2506BI7qY2LkaUHz8
+oNhQl6rZRMFbT9icjL4sdFHY7GQQRUIbS/aXiwFkR8ITyQNd57zCm91h1u5u1Vec
+Nr7Fa8a0T5KGv56Z+sl/NWcIzQMQ2/Yzj5r417E1kQI=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C8
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C8-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-409_C24
+PeerKey=KAS-ECC-CDH_B-409_C24-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00697c751ddbca7034fb4d3fc1b2618daf78cdae464e8332d1215020c8f896f4864c7a6f2c61a363f730f58fd3bdb4f78a90b40aeb83b4fbc1d8d37cf6a27a6f722c68a82979fa16
+SharedSecret=005c701a93d7790322aa7c67440fdd9ee8057a0dae86d1e856ae89e7893da178bd67777f86db2be5c8e31dc50ed8a440aabc342d
 
-PrivateKey=KAS-ECC-CDH_K-571_C9
+PrivateKey=KAS-ECC-CDH_B-571_C0
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAZ3/DXKosELE6S8d
-rnQHv0oQbNpWTbdQjlp2sDEwyR1eXLzy9XjC6d7kOEn5Edd3PUwmfigsJ3tzH4im
-7w7t3VIPV+dD6/lloYGVA4GSAAQFu2Cl/o47Fzz4QT6vQToyhqWnqjePIURsYQV2
-lgEnRtAtEKgx94XJyWVh/8atT57N9JN//9jmmECOZg/olvftRK9rO0LqhJ8Dfjo1
-5Iqma9hRxZ+FHUof8zTg5YnawwmGrNBtbrjOI28qlojyeKFNz+BmC1+g6X7Pzrv1
-tA09P1FQpVRay6YjnABBmsctwsw=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIA0TyK+h5mblbIof2
+dDDqj+ZGxi/ji3zmHx+VZZfCe93ZkC4g1ENqvzvr2CQ+wpoASBqKLBn1UOmWQbXx
+Sq+7W9qVOnVZ+GU6oYGVA4GSAAQGr3H87BopBBFv4Uh4Zjdkwex0hw5dLVORnwtj
+WRLbgN1UYNnmmUWP+ElMW/x0+6jTsS9l8BXo3vEN4z8YABkfTLUC0hk4uVEBlYQX
+exicZkH/tni214M9jUuyXe5QGN2k5MDSGQSMAc0Nqer/40bVPPGgezOz291Lw6yr
+5IMvmYHv8mYJkarIUhR5he6jpR4=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C9-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C0-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQFu2Cl/o47Fzz4QT6vQToyhqWnqjeP
-IURsYQV2lgEnRtAtEKgx94XJyWVh/8atT57N9JN//9jmmECOZg/olvftRK9rO0Lq
-hJ8Dfjo15Iqma9hRxZ+FHUof8zTg5YnawwmGrNBtbrjOI28qlojyeKFNz+BmC1+g
-6X7Pzrv1tA09P1FQpVRay6YjnABBmsctwsw=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGr3H87BopBBFv4Uh4Zjdkwex0hw5d
+LVORnwtjWRLbgN1UYNnmmUWP+ElMW/x0+6jTsS9l8BXo3vEN4z8YABkfTLUC0hk4
+uVEBlYQXexicZkH/tni214M9jUuyXe5QGN2k5MDSGQSMAc0Nqer/40bVPPGgezOz
+291Lw6yr5IMvmYHv8mYJkarIUhR5he6jpR4=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C9:KAS-ECC-CDH_K-571_C9-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C0:KAS-ECC-CDH_B-571_C0-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C9-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C0-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQANAkcOsb8UpnfGPFi6veiB/wVQ6pJ
-jnJy4VqSdy9XdyIpBpRW4hnJwocr1TeDsPsTRfXoRnTENEEpoxQUa3Aw/HUZeiDF
-iKoEnjo/XuZYdeFAEImXBji4B9+XVopZlcj+L1Akc7g/WMVWxfIU7W8D747OAUAa
-ITS8BB9mki/MTjk44MbTAutCIAZ4qXE58pE=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDtj9foRKua18RPHZRRP5MvWAg4m1A
+DBFgmjpjS5oyX0FrDj0yFXNMaKHCyPrR0Lues5OaQa8iQh9oeB5+sGZLnfXOpEje
+qjsAjmzHe83cgW6Ez8H2JoJPok09X9M9gJPL/h/E2IG2O0lBI7x1lnDtyxiHuzud
+WotRa8UDgoFjcJ1NrLWU0nehWpLAZOV3DRs=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C9
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C9-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C0
+PeerKey=KAS-ECC-CDH_B-571_C0-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0322517da30e010aeaa2ec9bad2745d8e67f906294ecd6b1d16808be3837f79070d0e1bbbd617f4b8b031d3b51ea2acc59de408a130138c78571f8800fa907caf550d23323d1c818
+SharedSecret=06775e1b99a236e02b020bc73666e5751c1210dcb6e9b02a69f4075376e49f7a1476d2209e861abb73f5e3ad189d268e035b1de93d47b3a64de5783c9a09bc223e1cc612f26dcdf1
 
-PrivateKey=KAS-ECC-CDH_K-571_C10
+PrivateKey=KAS-ECC-CDH_B-571_C1
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAeFBbUKZJsq+pUe7
-J3ZxClL3EwOTCBAgMSs5Yhletu0XxtQ2vEaltHp6qs+PgRf+o8r6FmZcwYRbDslP
-r2h1ebHBFroYPoJfoYGVA4GSAAQGVmClhoihZYipwWuCcgQKMK/jFQYwZ2Aj/hZW
-ht+9pk/IWZXdwYycWwKb/71N/6j2KYnGOaaGI+yngAnLCI7hy0LEhVt50wIEksOG
-fxN78nh6erBWjTB5uNmh4LC6XSnQx7phbQuydyXaLKa8Z78IT6tSWZ7UKw70h0NC
-PLxvQTVpLDCa4mMMxKU5C+k/J0s=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAvTSt+Y2YObCCUng
+bcZwvoqvglMOC26v4hAR/p0PRAfIVJUVc0UozaKZ6fz3OKl/v0PEu6JnRLMnUxtA
+FD4Vi8hkWQnqiIRWoYGVA4GSAAQG6nEYJ62O1Ym3Ce819qnNRiV5i9iH5f5ZxR8P
+QcMot+zfhHNsQ/tw45hu5eX5huAJ9kEVinXM5rOfU6i/BoKDAZTkAHFI3u8Exrny
+pgmfwDZ/qWCTlMMiGtjG+xEdK9xDBQU4BHiNMur3ZDFAbnaKRIy1yONMgSJe7JAV
+q72SclwAJxLtMZLYB7Nq/qhT9yI=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C10-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C1-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGVmClhoihZYipwWuCcgQKMK/jFQYw
-Z2Aj/hZWht+9pk/IWZXdwYycWwKb/71N/6j2KYnGOaaGI+yngAnLCI7hy0LEhVt5
-0wIEksOGfxN78nh6erBWjTB5uNmh4LC6XSnQx7phbQuydyXaLKa8Z78IT6tSWZ7U
-Kw70h0NCPLxvQTVpLDCa4mMMxKU5C+k/J0s=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQG6nEYJ62O1Ym3Ce819qnNRiV5i9iH
+5f5ZxR8PQcMot+zfhHNsQ/tw45hu5eX5huAJ9kEVinXM5rOfU6i/BoKDAZTkAHFI
+3u8ExrnypgmfwDZ/qWCTlMMiGtjG+xEdK9xDBQU4BHiNMur3ZDFAbnaKRIy1yONM
+gSJe7JAVq72SclwAJxLtMZLYB7Nq/qhT9yI=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C10:KAS-ECC-CDH_K-571_C10-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C1:KAS-ECC-CDH_B-571_C1-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C10-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C1-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQFe3xlvFHoe9rTfCtNrmf7AIznH9MH
-LkG3fFYtfEF0iHKiC++FF7pL6JY33emOK6GzsB9jlAcT4oI9jatopcx4Vh3hQIXk
-z4cAundDClVgCJ36xPaLTzSTejhN1ge8u1+rVnen+uCe0Hz63jmeh86f3ZOXxoGq
-M3jOO8grAH9t5PfLltrfVaTIc0o385pcLyU=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFdcuwWfQjMJ+ZO2wGrHHXvMXR5qGa
+/nKBHLYSpiOMnMwzHmfaDBC4jMKl8e8v9ta3RAZdJC9ZjaLWM11MO+z1w5U5QMYO
+/McGtDNlLjo2oHAYqorT0v8x7Xhc5WAXFu/3cQ/BPG/5/3XH83AdRZ/Y/nDAtK/O
+2ghoFxfbmCHYyFj9OeJ0/zd3L46EhW5wZ0U=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C10
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C10-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C1
+PeerKey=KAS-ECC-CDH_B-571_C1-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=000911ec1cf82a22c849b401dfe56453a06f4af32644ea8b63135b68a979236d05968eeadca7f0cd339d295cc58967a7f38cfad6e947a71295733e42ca3c1ba9b4ff6195607bb530
+SharedSecret=03a80ea8cfecb858f9b77bdb46b6cda26320ee8c561a2fd6b7e0a2b62201fbfe60f577780c75a98a11a69de4c4ee911930d2200b6972bc3123d7f278615ecc65984a59fe352a1cec
 
-PrivateKey=KAS-ECC-CDH_K-571_C11
+PrivateKey=KAS-ECC-CDH_B-571_C2
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAZY2Pu8aDlvpfY92
-Af5A/0AQ9JSfAWkIqQbtXNrxIh06WTs6Rna+r9H6FLwPfFM7FwhvIH+cSEz8L7w9
-sr5BI6jobztJEczjoYGVA4GSAAQBsS44kU7gB1qIjW1hzcdXDFEdkKnjoOJzjDqZ
-gauauppsYUYLrQeaKEKaUgfSyAGvL9zto2ZEChFoZ2Xpunf3prxVAS1MlRAHDt5Y
-d2Zf1jatz9ByINdF7XrAqbAgIVn0UMn2wbg3GSpp7mrZVTJ+uc0yagWItZcj206P
-0lixHbiIpT6xTyvghRJogykFmJI=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAStjE7VoU8+NAnME
+nPftKrjmMuWSVu0EM2aFdkjz8qlnTK62+w/NX7qwu6u84XoPxKeBSEmcOJr1dIY3
+RkFpWw6FLzFS7sckoYGVA4GSAAQECnh2PRcEWd00tcBOx4LmmMvpA6WjSFUcUkjZ
+2s8ZvLmkmOoF6A4tbMHz6lujpDhVuAHIwDVv4+Ke4iS7kfTtDIVng3m3JUIB/0nO
+CmLp7a5qpjqYSORPGFQS0P60a4f5FCS9r/7VFoMh7XbyNfddM2Z/bX1qnIV7tPhU
+QvxA+aIMBK4GNipG7O6hXEXWm+s=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C11-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C2-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQBsS44kU7gB1qIjW1hzcdXDFEdkKnj
-oOJzjDqZgauauppsYUYLrQeaKEKaUgfSyAGvL9zto2ZEChFoZ2Xpunf3prxVAS1M
-lRAHDt5Yd2Zf1jatz9ByINdF7XrAqbAgIVn0UMn2wbg3GSpp7mrZVTJ+uc0yagWI
-tZcj206P0lixHbiIpT6xTyvghRJogykFmJI=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQECnh2PRcEWd00tcBOx4LmmMvpA6Wj
+SFUcUkjZ2s8ZvLmkmOoF6A4tbMHz6lujpDhVuAHIwDVv4+Ke4iS7kfTtDIVng3m3
+JUIB/0nOCmLp7a5qpjqYSORPGFQS0P60a4f5FCS9r/7VFoMh7XbyNfddM2Z/bX1q
+nIV7tPhUQvxA+aIMBK4GNipG7O6hXEXWm+s=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C11:KAS-ECC-CDH_K-571_C11-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C2:KAS-ECC-CDH_B-571_C2-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C11-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C2-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQG+nR37exfHnQogfjXsq9WN1ET6ZK3
-l/04frW1PDPGunI2QXssfm40YmfxuMbXhX1uCPmmDobeI9pLNoQk+wA/lrTIn10k
-SnQHPh/t9i6MgSg2IrU+ss2ye2TDwd142gyQ3Ww8d2rRRjAuQ6ulQTebyPO93C4Z
-/xXZZmTOLQnrb7WxOEioKzG0UtjoTaO4Uxg=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGSqZoMP9EMkpnroqQeJaJe1B1Zs9S
+3+E+Otux55NmXStxg1h1Tv6AnkSWIYUC/rVgTb+8BKEQfKnsTq3H0QqdbRR0zt9X
+gUUG9j9p+MGLZ/EQUbPTAjahokkIiyvKtc/4MM256z51wehyUuXY5huxpmNI+2ge
+li1lq8VNXeot1yxVRZB0AHT3xmxLjf0wdWE=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C11
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C11-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C2
+PeerKey=KAS-ECC-CDH_B-571_C2-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0724c979affb3ab8d307529759bae5fa67319d441851e5817fef014350e3014e068428c9dac395c5e7b9e5b8877457b3e4625ef49ede4ae3626755eefc3fb3cf09c23e8a5a9f8c25
+SharedSecret=03edea7e47ded7c2ab1115f4ebcbb42677c7fba6e0cfd811602896251ada1d5a0b461aaf4e000f4d4231b96d8dee7630d9f1b7860e6418dac8c3b07b66af6fd1acdb44b2683b29b4
 
-PrivateKey=KAS-ECC-CDH_K-571_C12
+PrivateKey=KAS-ECC-CDH_B-571_C3
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAKGaDt9Qg0f0QCzs
-vOEn3GQQsZZ9P4nms7oItIqtCM1speXRIozcxBocOA8q6QUtc9t1UOejwdhXBWyY
-lH9bLHHDPE7rwSEMoYGVA4GSAAQGKfcFWDCHCOaSmxrQ/jEoqK9/llkbR8uOosNF
-QSCm05PtmJ0TIxxmGWajeLln76ZNPAk46cC4sWyZ1zSb3Vni1EgE+P7h+0cGpeUP
-1QJNiVPjIkKCMlDpmMpgK1JZlAUSlzWodOgzs71z16ncU63qCSuo0kIH9epWV6KZ
-GbiKbWP9CpQ7Vt3kyEeEgbV3I+Q=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAhmXtUgcDPbPQ2v+
+Ngw7EZueTdVvPChHr/sgIcusS1fcGPUHXWeK8rpunu+8QTjYGAU/LfMqEOiuXWQJ
+9bLx88q/NvgI/cB8oYGVA4GSAAQFYM+RMowmu6E/ccm13d0FwYWWnYi9Dp00o2B6
+kjsjpbZ1RSFnADri8K3VFB6kvkHrrpHTpqoVw5Pb9YWtbJIUsmnoa08FS/UC4y7C
+QEGKmk+QF+Yy+Kd4l6IjPW8fRbj3qoGPhH3bPOq1paEsdU/OjVewMgoHa1NEHc+f
+Ze8yBOCJGR7xVv92IpSJenL8qTI=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C12-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C3-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGKfcFWDCHCOaSmxrQ/jEoqK9/llkb
-R8uOosNFQSCm05PtmJ0TIxxmGWajeLln76ZNPAk46cC4sWyZ1zSb3Vni1EgE+P7h
-+0cGpeUP1QJNiVPjIkKCMlDpmMpgK1JZlAUSlzWodOgzs71z16ncU63qCSuo0kIH
-9epWV6KZGbiKbWP9CpQ7Vt3kyEeEgbV3I+Q=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFYM+RMowmu6E/ccm13d0FwYWWnYi9
+Dp00o2B6kjsjpbZ1RSFnADri8K3VFB6kvkHrrpHTpqoVw5Pb9YWtbJIUsmnoa08F
+S/UC4y7CQEGKmk+QF+Yy+Kd4l6IjPW8fRbj3qoGPhH3bPOq1paEsdU/OjVewMgoH
+a1NEHc+fZe8yBOCJGR7xVv92IpSJenL8qTI=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C12:KAS-ECC-CDH_K-571_C12-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C3:KAS-ECC-CDH_B-571_C3-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C12-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C3-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQBi7bL/L+67UaFZLNo8LCrw/vKR9zB
-nyyEa/ooc3DhuRL2tw4IUZ9XfwysMlt5/Wa2sjqh4q4mK80ueossLZjZ7XelTHKV
-+Y0Fvpu9kXcrtCJmq6nIk+VmcM+2bK++RAHKLLV2W0aVBISFl8f0RumYFHRnhxWK
-g+v443loVzY6jgT4dCoJ1+yhY4bWD9fIWN8=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFBnGvZcvvkvMF5frLQojMBKTGl4o7
+eK/kBJxqmV/ow8C7YJq+SdFSse7WxxTSVP5u/xWanr0krRaRnvdvRHAFfrfCZaS9
+lugFHQjiHSZNjk28c0CIQqtXzXjTI+fetiWzdBmUuK/+Aa9EYWIttBmv7q0EWEX2
+w9ttmC9FtpK+oRzyXRiso8g77IQMdYKnBi0=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C12
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C12-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C3
+PeerKey=KAS-ECC-CDH_B-571_C3-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=005a526588a3a2ce08b20925e83987eb0a1e68f997102df7f9af83823ac8e06abbd29c04cb1f974ba9c9ac49b48b5af37679a39b532d359cdec3d41b3f80a1ee12c80276256b738d
+SharedSecret=005b640015330f8416f2bbbf8b5660e01a7abba8b0197a29e52bb535d62f89ad0443e08b6e0d1d15f4eb03c0fe35e3e43bd7739cb692092698a2cd13126cee4432831ec7423b3434
 
-PrivateKey=KAS-ECC-CDH_K-571_C13
+PrivateKey=KAS-ECC-CDH_B-571_C4
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAEysP8wAc0RCzdgO
-r4JEEsIOqe6wPUO5mdSd5hhzYCAgorPEeWX29FO5G3osHZPhOolURTPjWhIs/IYS
-yGkLabt6VXh1+WCyoYGVA4GSAAQD4hHDtJhpJ8Q4jRaAy0dw3ubHgmZyRYLGbMxQ
-xssoI5R01SH6zHIGr2uynM7XM+27wNILkmTOY9lDcYjj0xwOC8Pp+diEKeQDenxZ
-ASqC1ZzB4vD9T9dR5XN6y3fyoHmeCvOJlqteEQkKY5bMSA5vKqvY+tRGEWkeWCIR
-X9SdKgAMm0nR9JZOJNQ/u4H6h58=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIArU5rMdwdYeZ9Dln
+Dq6Fubo0qLTzccyTWiDOjFZlIe7NjE9a/xFq4Nsq1urhozhENMWZN5ghrQXYGtoF
+SCmd/ZjP1tPxVzUkoYGVA4GSAAQG2uU4yCBEOXdBXO9OeZdLp2K2m0NIECAMxv/z
+JqI0TNIb4ZwVNkLfgqPlelUxqL8Zdn4ZldJyj8tmHVjsVh7yOjTYYHlxSQ0FBCQ8
+eSuQMYTqclqUfKiSGMqcj6Hgmn3WjeiOrpD5vSqN9BTdaaiysaLe0sbX9RTIkHmX
+Yk6wvJ6pM6LUdO+Pg7rqMkODTeI=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C13-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C4-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQD4hHDtJhpJ8Q4jRaAy0dw3ubHgmZy
-RYLGbMxQxssoI5R01SH6zHIGr2uynM7XM+27wNILkmTOY9lDcYjj0xwOC8Pp+diE
-KeQDenxZASqC1ZzB4vD9T9dR5XN6y3fyoHmeCvOJlqteEQkKY5bMSA5vKqvY+tRG
-EWkeWCIRX9SdKgAMm0nR9JZOJNQ/u4H6h58=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQG2uU4yCBEOXdBXO9OeZdLp2K2m0NI
+ECAMxv/zJqI0TNIb4ZwVNkLfgqPlelUxqL8Zdn4ZldJyj8tmHVjsVh7yOjTYYHlx
+SQ0FBCQ8eSuQMYTqclqUfKiSGMqcj6Hgmn3WjeiOrpD5vSqN9BTdaaiysaLe0sbX
+9RTIkHmXYk6wvJ6pM6LUdO+Pg7rqMkODTeI=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C13:KAS-ECC-CDH_K-571_C13-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C4:KAS-ECC-CDH_B-571_C4-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C13-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C4-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDIYS2hj4stbxxuv9ba1ehBZSDHMEa
-nl7t7EgE4gFuPdBkz/0Soe6g9pMpEd7TRazlwf8lC5ZI2TuVM4ba6bVijDxiUnuJ
-BRkH94PgNBqHHmJW2jSeu1OfiHZ9fawVEePD5NQ7D9MdXdLC8PF26sVEqHH0K5g/
-j7pN9nq2ojm335lyJjBLcxZdli9OHS0Y3p8=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDmsnpGvWUB03NM42k9SQFdPAeQTpJ
+uSJGuj1t6FXj3t9uf97amrf3+Edudwzpu8OppeuYRUPcw39fEb5uKKHRCQkx9cW1
+o1EHgNMtuxNImb2i6YhIlBh4OHq6ZmX9JCUhYM4xI/aPm1vY8lSji4TsU2Ul/gB6
+hjtvzEifk3oFpf2UbWKCUyign4Ony6J/6l4=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C13
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C13-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C4
+PeerKey=KAS-ECC-CDH_B-571_C4-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=049db68dc9fb4cfbad8247ca4fe7c573c0640abead8f319194d665ecaf4f04b61f84f5df0d8a6386f6df04ca1a685a7394567eba5deb9f739b1e623ed6507021593f0e22e2dfc3f6
+SharedSecret=027af05ecd0332784d64b0b1bdb45c310fd445c5a6d6b34f35f4eaa3fa3e171ab98763d243a1dedf46aa29864620a47d05eeaefd748186bcbcf187c01e7ce36e2a53ded071036b59
 
-PrivateKey=KAS-ECC-CDH_K-571_C14
+PrivateKey=KAS-ECC-CDH_B-571_C5
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIANUUFE1FSLz8vPVw
-Cffo7hBLFUVvSRgmvf2bpn6HH9vY/ISQ7LyyaQkfx1KeXlVxOoHeIMDtAeyzFZrm
-FCS9vFZTcyWH0elPoYGVA4GSAAQD7l+He3N9rkC6+R4MxYHf6NKR+MRR1b/AtpDf
-cCWHXZVp1SAhs7aJDgGiupWJnikoqQLNXcgUPAfqJnSanJQGi1w0xZawlD4Fjhul
-FqgYyumzcIYofgiAg+K0If7wtZuoFqsDE3XQnXr31XhmdEaHvju0HOInbTo4+Xu7
-n7WfJKkvAIWwTuXtGsDvpnE5T3M=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAxipbjgngtRHbxvr
+9pehB28i4dLshHR/n8QlBdVUfaqgjYFHIXWWWZWGhc9OpLuhL/+2avCfZpRSHxHA
+m2YmyK5S+/szalKhoYGVA4GSAAQGdw8vzS6bf4vFwpLSg6uthRVQcf4373zoTzTH
+YW2j2+G9zpqwTOp7xLwljF0qt3I509CEVost/3eZiCiNn8a7Nk9RnQ6FWtME9qH0
+5f4A/pol2EWbiIA5iO8r8v71oj8T56fn80Wav8PVwAMDq8xQgPq4GwnVvgMg75kF
+GaBq8TwpVi7pVXFagswNrvLF4Os=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C14-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C5-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQD7l+He3N9rkC6+R4MxYHf6NKR+MRR
-1b/AtpDfcCWHXZVp1SAhs7aJDgGiupWJnikoqQLNXcgUPAfqJnSanJQGi1w0xZaw
-lD4FjhulFqgYyumzcIYofgiAg+K0If7wtZuoFqsDE3XQnXr31XhmdEaHvju0HOIn
-bTo4+Xu7n7WfJKkvAIWwTuXtGsDvpnE5T3M=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGdw8vzS6bf4vFwpLSg6uthRVQcf43
+73zoTzTHYW2j2+G9zpqwTOp7xLwljF0qt3I509CEVost/3eZiCiNn8a7Nk9RnQ6F
+WtME9qH05f4A/pol2EWbiIA5iO8r8v71oj8T56fn80Wav8PVwAMDq8xQgPq4GwnV
+vgMg75kFGaBq8TwpVi7pVXFagswNrvLF4Os=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C14:KAS-ECC-CDH_K-571_C14-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C5:KAS-ECC-CDH_B-571_C5-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C14-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C5-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHHhZ+WeKnCev0vj2D+53GntdJ46uK
-VOICw1+NRd6qK9qGwq+hsKBHVNGImPzdmxhfHYui4YCkesKRu0qtj5l/c7FCO81+
-m5IFcRkIW8fLICPSP4gQFCD59Qjw25T4377dXL6IzsgKnccI32zM34FddbFGKA18
-0uuXzxp91VC+Ujgk+TKnd2efLun2bUJY3aY=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQG9liEkQYKHogUjkve44vGdHE/44TX
+z9v1vZDJ27bhWH5Fnc5uDWm4ss/rUFW+5WpzwTQ2BgGYrUdQ2uglPqg5ouJG1UFF
+l3UFthuPfY1sgWKiJp5yh9RZA0uPqsA2D8+Z+yHaNKMU5nNTGbnQNia5JoNpNF86
+YkrK2yGbIHGI0OlFy8Z8mCBo0yYT/CH4sPQ=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C14
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C14-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C5
+PeerKey=KAS-ECC-CDH_B-571_C5-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0343c45daab4f91e02ef9bd6e1cd157b00ab0ab0a3e0d9734918a1d896cdf7cc1212bf74d7bb9bf96bd4abf42df325756c407217f44a5950c2b66af820692742ed7ebe14e48d2d88
+SharedSecret=0763c0d659a7c080912005a2afd60ce57e610619b388ef3d5dd3c9386ab12069c6ef3a8e72eb741cba2da5c6f9267f6c09fada6459690ed4e432445d6f0f72dbcb059c87df36f665
 
-PrivateKey=KAS-ECC-CDH_K-571_C15
+PrivateKey=KAS-ECC-CDH_B-571_C6
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAMzG3KWphVg84AgS
-w9B4IvY0HHnXjBay565Lv1v/rBrNneq2eBk/j4mw4qrlLjAxFETdESU/ltYts6v7
-F+Qj8N3w6ZEIEVTDoYGVA4GSAAQDgmIVNDz9Stlo1XK6st7iJ5+ejv+g/4Cw313S
-6oIrUCJ05QfIfSQp3Yu9um64q0M7HuHK06l8fSRBlP2aQ/Ph/zMUTi24CGQHD0UI
-rjkc4kFUs4hzrwCC2ViVrJL9GqMhupO+70BKY/exr6H+7Jl4hVI6ZoitqU3UXrMs
-p/G7h+Y8Tel0kxlsO1PPg9IY3Dc=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAotDGetwVM/2OCgg
+xS+cMy6uZw0fB8/I8UcukmD15Ho4V2gBbNIAZwDKe9xdHVZ9kkYK98KkJd0NeK7u
+PRX7KNcRZ+ZIa4HEoYGVA4GSAAQFsbEUzvE6pd8wbOdBl9aA+bjJ2PZ1OgnbiEZq
+a7BOrx64c4NgItdQT0X66FqOSlQX7dfOOg5eueeSZIhO14NXez/FLYJfC1cBjjIm
+42tLM2eZxGhLulBemE3IgZFm8XzrhA42ElsoOoyGNd3353BAbZhW2Cs3z/H7zF0/
+XPS1XspB7hMfIep7yxnOBfZWQkU=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C15-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C6-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDgmIVNDz9Stlo1XK6st7iJ5+ejv+g
-/4Cw313S6oIrUCJ05QfIfSQp3Yu9um64q0M7HuHK06l8fSRBlP2aQ/Ph/zMUTi24
-CGQHD0UIrjkc4kFUs4hzrwCC2ViVrJL9GqMhupO+70BKY/exr6H+7Jl4hVI6Zoit
-qU3UXrMsp/G7h+Y8Tel0kxlsO1PPg9IY3Dc=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFsbEUzvE6pd8wbOdBl9aA+bjJ2PZ1
+OgnbiEZqa7BOrx64c4NgItdQT0X66FqOSlQX7dfOOg5eueeSZIhO14NXez/FLYJf
+C1cBjjIm42tLM2eZxGhLulBemE3IgZFm8XzrhA42ElsoOoyGNd3353BAbZhW2Cs3
+z/H7zF0/XPS1XspB7hMfIep7yxnOBfZWQkU=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C15:KAS-ECC-CDH_K-571_C15-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C6:KAS-ECC-CDH_B-571_C6-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C15-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C6-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHTxp7XPsO7vHhXmNRLHMYja++iOjp
-xCBzsrZSufAoIU8L7HkULYiJQWq/eoPin0eee8PKZX7woQwuo63jEXwNNp2swjOd
-HBIA6JkqVAdnUwKfLA6djBZua6hIlqR4X//1mMSCPlRh/wBUkLt/tth4rDT0J/2d
-tIy98S65gm1o/SzxcdTWHD8nXUSUfU30x1I=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFpSzr9oEDyrAmbPLGicSPCAVJ//xw
+25gJwqRvkItyib5ZcynznuHkzKOYZk/6m9zwEpP0NZPRiOEkEdV+VZs/ajDpVUhp
+8EkBThNxZfsNUw6GU9fLKoRhjdOvz6PwhWAXkUKq6XJ5DOdGov1EadQVWHRDeMZA
+rnOkibt/gc3KaxuxZ8eUwm1iOKDSVq/DuiE=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C15
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C15-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C6
+PeerKey=KAS-ECC-CDH_B-571_C6-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=04a565cb3e15236a7f6c413afeb419c082427b10a6d07ff87e81740716433c06b3254414381e4ff9860340dd6201ab6621d162cd12047a5515ab1d65f20c97eb3d7132642f8ad58a
+SharedSecret=0428413f2d2aad4d5288885c2edc8b976321ae1dd4fc6b41275fb88b8c5e7776165effce79025163538a0e83c919220a407ead6cefd616b4b05294488c2ef5d30ab8caa55ccbd1b1
 
-PrivateKey=KAS-ECC-CDH_K-571_C16
+PrivateKey=KAS-ECC-CDH_B-571_C7
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAYhiE2WL0X59wzTd
-gAOSakR8NKGX7l1tC7xG6F7Bz6aAKFjRw2cnbKVyuieqel0eIWkCQWtIr25Cd5Re
-Rl19hA3/FDhUPKpGoYGVA4GSAAQEf2zEIQfEDBaNxnmoZPlptT91YlcRO3UCeW76
-VM3M5wS5NE7kv5ZHUtaJECYr0mq2s0cIRASygwbKNCXymJTOb9QpPFlzUi8GDP21
-RnZ1p4mSO+lzxmRdvibQCjnU6BJVIXKRo4gs+o+R9KqCFNNSTJXvaiTkezudDvVf
-ZwdWrkpNnGXwdfQXCy0YqvvKAmU=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAgEV0X5B4TF4tCoA
+TAHV5O8cdiQQScfTG/DqhdbgcKLiuSCA5h3lRvzL1NmRI2uzYO8/IG7hbYhDoN3I
+A0Y2ZKjM3C2HoQJ3oYGVA4GSAAQGyKw0NkrK4148QXFgMz5IZBho/MoEwNV3vgb1
+irClX9fbd5/nN3edoz0An1e1utSXAurPV1rLryffgzBwzYk6eSR3DJLv86AGG4Ll
+RdQcYv7waLNM2/ATlhFdKhQX+XGUg9JphrbVL49t4Gg3eV9tndfNCVdBEUMYxuim
+IGs97u8BTw5EsNxmhOEA5Kw2FlA=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C16-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C7-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQEf2zEIQfEDBaNxnmoZPlptT91YlcR
-O3UCeW76VM3M5wS5NE7kv5ZHUtaJECYr0mq2s0cIRASygwbKNCXymJTOb9QpPFlz
-Ui8GDP21RnZ1p4mSO+lzxmRdvibQCjnU6BJVIXKRo4gs+o+R9KqCFNNSTJXvaiTk
-ezudDvVfZwdWrkpNnGXwdfQXCy0YqvvKAmU=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGyKw0NkrK4148QXFgMz5IZBho/MoE
+wNV3vgb1irClX9fbd5/nN3edoz0An1e1utSXAurPV1rLryffgzBwzYk6eSR3DJLv
+86AGG4LlRdQcYv7waLNM2/ATlhFdKhQX+XGUg9JphrbVL49t4Gg3eV9tndfNCVdB
+EUMYxuimIGs97u8BTw5EsNxmhOEA5Kw2FlA=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C16:KAS-ECC-CDH_K-571_C16-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C7:KAS-ECC-CDH_B-571_C7-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C16-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C7-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQAS1Szzv1BX16qykrk5drPvOIMuhky
-ovUFSbzTFjABetIUdd8VT/N74TymGkxgM2sz0P/HYqqenp/G5v0XJQteQCK1UUHS
-P78Fb3yNZcVo3pW9FmT/9xQp7HOJh2l/IX3lrfNtFKgLb+WF5GheA8gYOKvt/cBa
-HgFAevSrmJ/B0Sc7qKGCxGGFbV7/5wXX3+U=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCbi8e5k55WOkCVHp9sKHhSGbz0sAS
+fCu5sJ7iMtPZUY7kSuj1u0M6CIBp+jhs1ciQJxG3YqwNo6ejQgRyxH6FD5iN1gpj
+bX0Gd/9RAFLU9GCEn7jvDU81Gc0jjk4caItzbPbjdZVQ0TSh5so8tHnWi03F0Luh
+ruF4vW/hXsGW+x9ifYcHk5T294VOBTIo3uU=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C16
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C16-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C7
+PeerKey=KAS-ECC-CDH_B-571_C7-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=047265831f1f589b5f30806e2fb80aa7844cbf32b6993384beaac7d992b327b97dfd0bb89ca09e711507e846ed4ad003e7115fa8843b23d38f320e43b5eb506bde48fbd7af4983b9
+SharedSecret=031bd2a84369e93dfa00581446d52762100d985cc7bb91c4fa8be7472e2e8e9781c52b19a54330442441bacae23f4bdc76486eb475d51f26aafbfb272a5ab5db184a4d3c3006e5d1
 
-PrivateKey=KAS-ECC-CDH_K-571_C17
+PrivateKey=KAS-ECC-CDH_B-571_C8
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAEwN03FeiIjcIiIG
-nn9hGAFoUUAwPha4tENDPV4YpLGAPVaAQWrr2nrn6USRVL40an3LNsHbInRGc/s7
-JF5YRAeH7T3sbT21oYGVA4GSAAQC+yQessKKGwZ1tXYP5WY++mA+sFkIQvRVlz8F
-c+FIpH5j+X6N+aVwsGVdWvxCAZ/pX+RP2wKmgnHYLfWAAQ+R3/DLPZvaiZIDP5Op
-3DnYdAO2qU3AYy3sZ1eELQqvitjEHrtjcFi/wRwZo6mr3fIEIB70+W/pYpIzpQcK
-CHlNFEcAkeMM3Ydqr2VAdicjMjQ=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_K-571_C17-PUBLIC
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAIR7VF70lhVnHwi+
+c6SRRwYxhEkzQBEepNzhPC+SHwe/rP/IRB9MfJ0EefV/OhP0wzxj7UfDpD+y8G0G
+qXgOXAs6wwQQrcSRoYGVA4GSAAQGmU3cWuLFtvRdwytxDxpJORpH86D4wteEZVL+
+SH7wHMoEMRVbtUUzsGeinoNnNzr5XWp/C/mNhptwj0j5XxuIoVMP4iVH6X4E9iiN
+TXBPM6iYAx59AEb78eNKcsivGQ9NMxYzQ8iXugwNivioYjahw7ZVuXncRSLTPWam
+ZbO2UBVw8HYyKvCtK7qqBOoumV0=
+-----END PRIVATE KEY-----
+
+PublicKey=KAS-ECC-CDH_B-571_C8-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQC+yQessKKGwZ1tXYP5WY++mA+sFkI
-QvRVlz8Fc+FIpH5j+X6N+aVwsGVdWvxCAZ/pX+RP2wKmgnHYLfWAAQ+R3/DLPZva
-iZIDP5Op3DnYdAO2qU3AYy3sZ1eELQqvitjEHrtjcFi/wRwZo6mr3fIEIB70+W/p
-YpIzpQcKCHlNFEcAkeMM3Ydqr2VAdicjMjQ=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGmU3cWuLFtvRdwytxDxpJORpH86D4
+wteEZVL+SH7wHMoEMRVbtUUzsGeinoNnNzr5XWp/C/mNhptwj0j5XxuIoVMP4iVH
+6X4E9iiNTXBPM6iYAx59AEb78eNKcsivGQ9NMxYzQ8iXugwNivioYjahw7ZVuXnc
+RSLTPWamZbO2UBVw8HYyKvCtK7qqBOoumV0=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C17:KAS-ECC-CDH_K-571_C17-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C8:KAS-ECC-CDH_B-571_C8-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C17-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C8-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQH7HG+oIEZCpxM3/gJ7Stlp3gAzRs7
-7/0eQATRJqw1LSQjXHl6WlZ9rvc5PSdmOBMup/D2HlUNwlHTQfZhAvlsKr9+43wP
-ye0A78KshwWy+cnAapEKMExCsa1TEBrrDRRjGdwkgVx8wZg7HK2R1fnG1e7xZ3of
-LSvddaH7TFeWpMVpZKo+Q/PaJsc37dnLCRA=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCPuT57CTe4gOs+2WGMTE8etQ5TEfx
+eU0ItZn/wV8OXaspEdl+Aw3ffLS7rfilvOBcNTWPvQz5XT1cf/PNjua1TjedjQEj
+k5sGBr4j58V0bb04QE/WB/t/J47iSdyOJ0DPG7mxwHsc9+ClCkMlZ9GGl5moAxIl
+ENtDeYGiqhJuuarzx74FqA+sFJXhxAyhwQY=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C17
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C17-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C8
+PeerKey=KAS-ECC-CDH_B-571_C8-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=059b62c25c96955b8fb4deddcf90ebe6845ee71ea357739273d6d67f21a0c47d154add9d5d4d2b657fe1988ad614b0b4902faa92fe999abd754ad33cd6b92fe2f6a68a6f2c1eeb27
+SharedSecret=04df20154fa49a1d6e04dc2ba6e55a7f2ae575de5e2c6e4091a4d2c36aa93ca9699b890f0ee4df53aa75d0d9babad68605bc027ec67c187a6826aac0f4bc596baae788b376110216
 
-PrivateKey=KAS-ECC-CDH_K-571_C18
+PrivateKey=KAS-ECC-CDH_B-571_C9
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAH1UGU/CJsw59kDT
-0XublbcLUfmK1coZkVZhCNg543fiG6SMv0QVMLM0HdxhsKWBQaqmZTAkH6UpUF1w
-gEslYMW+SBMQuZYtoYGVA4GSAAQC7V86LvpKsPnbX87XsTAN5NRXqa0IJ0V+XhxL
-wV69GDd13ktzwfgg3UAzNmEA5ItBZNBOn7bPGkvbVRIqhgBfvQvSzdvJX6cDJ/5l
-TvaFY8yIiKzKhRY8KxVPtwsPSitYw2OIoMJfgKTIh5d9RgANxNhulc/Y+QZcAOso
-ZTyPtHe7tcY91HuDyl4Phx6e7T0=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIA0wkWDArQ4V/Eq2L
+2ah1I3ZBoh4hyjz5oJVtPP7e2WpeH1M9gntSj7tYbak+77tm0HeLGbGn+28Xu/nn
+m5rO/N17lgXniY8moYGVA4GSAAQDLTp6QJnwif6pGJIR9zZvLtxKv7MWxcBZSNje
+V/ygI7+2oRsQLqQSC6YhksDfYQvY0vY/xXcn9Ka2QKv40pn6xWxMeviDSeoE5jmf
+HO0madOlUG016ivr/M8M7IS8lzg6rcO0g0f2KWJuYJb4kENeWTNnUEj9zvze3j7W
+FuZWDULp4XxUkuMLwt5GicBZLss=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C18-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C9-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQC7V86LvpKsPnbX87XsTAN5NRXqa0I
-J0V+XhxLwV69GDd13ktzwfgg3UAzNmEA5ItBZNBOn7bPGkvbVRIqhgBfvQvSzdvJ
-X6cDJ/5lTvaFY8yIiKzKhRY8KxVPtwsPSitYw2OIoMJfgKTIh5d9RgANxNhulc/Y
-+QZcAOsoZTyPtHe7tcY91HuDyl4Phx6e7T0=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDLTp6QJnwif6pGJIR9zZvLtxKv7MW
+xcBZSNjeV/ygI7+2oRsQLqQSC6YhksDfYQvY0vY/xXcn9Ka2QKv40pn6xWxMeviD
+SeoE5jmfHO0madOlUG016ivr/M8M7IS8lzg6rcO0g0f2KWJuYJb4kENeWTNnUEj9
+zvze3j7WFuZWDULp4XxUkuMLwt5GicBZLss=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C18:KAS-ECC-CDH_K-571_C18-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C9:KAS-ECC-CDH_B-571_C9-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C18-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C9-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGcIaGtPWtL+xFeq1axKPcSGekd+tU
-/A1JNRG1Vh6hUd1Mr11DEZg1ALSMgEOvCeP0BC1aB+vwUKToAdru8zF74JOVUCBF
-KykFJchoJYO1X37OxZuSCEb3XRHQIen/sgAYY59quTAiRywZLTmOFQzcYwoR/PlC
-5dI4zWwUsw9Eok0vhD7F0TXdx6vaVgR6vCE=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQA1KCxHBc5vtCU5y16aSODaDbZIVdG
+xyzGgARaNtga314lOU8mmiraHZQ568M7uTHW+llaJSYcJEoeF7BG+xD7VLsxIojP
+Lo0HUgT1DTKrimq7/5gtH+NyuMVBW7W3JrNGqk8IvjL4yigsHvbhUkIzYNl7cooH
+Tms887kScYsWks2YMBl0GiVBgkI0vcjDI/k=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C18
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C18-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C9
+PeerKey=KAS-ECC-CDH_B-571_C9-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=02777c72853b76b29f69d3aa27a1659789a025af0633d833b22b57bf328d231ebd128bf96a4c8a7ffd2ee7a51e5ebb7a8e5bca20e4ad49671a2123dfbc0d6c40594e04765186de06
+SharedSecret=037a380f525590582658e2dd272a32de67fc0cf5390b37f4d33c1359f075d4461ea38a55027317892a3d1d22f5ea333ad437667d2f3eb8781c39504036ae33e4b0a26b6894722f0b
 
-PrivateKey=KAS-ECC-CDH_K-571_C19
+PrivateKey=KAS-ECC-CDH_B-571_C10
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAQdAuVgoUkIEXNU1
-jX/5Iyt9fUE69+IFwoX4hJLvJ6L7hQ4FZ+wkxIDHWtMvcDQgJchiZ9vk/4CixQnl
-uaRRMOmefHzIzG7OoYGVA4GSAAQD8/WFyv1GpmO2z4uDI++RWdUZXTEY8+3zhzLK
-D/c7LQZdnmmuHjl4ss5txhUA97i79vanC0e7ZMxP0ZW7pqyTK3C+r+F0FIoAsVZv
-5hnyzACroF4kpszLyRM4su71U9oNR31sjArExlbhNNvPMf+xXGfVib0pGPEXSQnl
-QoxxyQ44xOEbViNqv6HeaoV5600=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAS23haA8Jr46bppY
+LlwyqJVwrUMItxPOVHHqGT3sHzLWi0/N+xYA/bHstnaeJqDgV4Etu/DtSVWSZl5r
+jpqXN4owtcZg+63BoYGVA4GSAAQH7ffuDsd/Wmw8nsTtj9PLgUo0LpzGRwtUeB7W
+wUHiEVyG29e6J5k+t+vteji+SI+W/d+pgvNpGqHCppf3cGv/PRrdc5YGYZQHs4JL
+f3smb6Qv5Tatwqx5udHltAjnIXs6md3rmS8xI/8tFod00wCoGKMmkuJlr8b29XjZ
+vTEhEytZeYQfei0GDolIkB1lfBw=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C19-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C10-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQD8/WFyv1GpmO2z4uDI++RWdUZXTEY
-8+3zhzLKD/c7LQZdnmmuHjl4ss5txhUA97i79vanC0e7ZMxP0ZW7pqyTK3C+r+F0
-FIoAsVZv5hnyzACroF4kpszLyRM4su71U9oNR31sjArExlbhNNvPMf+xXGfVib0p
-GPEXSQnlQoxxyQ44xOEbViNqv6HeaoV5600=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQH7ffuDsd/Wmw8nsTtj9PLgUo0LpzG
+RwtUeB7WwUHiEVyG29e6J5k+t+vteji+SI+W/d+pgvNpGqHCppf3cGv/PRrdc5YG
+YZQHs4JLf3smb6Qv5Tatwqx5udHltAjnIXs6md3rmS8xI/8tFod00wCoGKMmkuJl
+r8b29XjZvTEhEytZeYQfei0GDolIkB1lfBw=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C19:KAS-ECC-CDH_K-571_C19-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C10:KAS-ECC-CDH_B-571_C10-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C19-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C10-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHznZ0QD38YoldceKrWHznNfJ58S99
-8xYTNb5D/CkI6nNvb1i5MteTr/ZvMyc11NOPBcsDzydcoOANofVzgeCL/rUBeHc0
-InIH1mSfPZHnv1+N5hG9lxgYEG3y43k1u0ZM2edGlinGrn5/KyJAJ2yw7tt6JtDH
-03f0AJod1Ip5PMmT+w1KBNsdutRJMwS8XA4=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDu4QDK3//zieszzVLid3fZGzctWY0
+3w+FIKdzD4q+sF+ZM9ikNS0cd2fMP5uAzv/N0Ms6l7WSg/0KZ03E/SQDM/AgyCtI
+BMUHRJkzasOoBUMHiZAnaCUgJrUm7OVKwo6MyHjxi6+fq0K6TONOSWiqwe5qC7Fc
+mnCYgqU3KvVuoLNoFzhfu/6sS5BgaeU/v7o=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C19
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C19-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C10
+PeerKey=KAS-ECC-CDH_B-571_C10-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=02c2ec1632e83416182a9a438f7360b88061bab84f5bded3dd8a0c87baf44507df94fdcf99353b107e61cfcfc8af071b3aa8cec7b34a542bf2ab8ea0bd9db67d66b428c9a6c14458
+SharedSecret=0420de313bddce87d07321e3f0af404d9d13e5369b79506e807178711153c9b1837cd055562eff3aadfc5954a221eeebb1bec1696d3df1cccfb8b61172a50d83cee95f4140ba070b
 
-PrivateKey=KAS-ECC-CDH_K-571_C20
+PrivateKey=KAS-ECC-CDH_B-571_C11
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAMheXS3tW8O2tVP+
-CgIxG3K8XNyOlt8XnOV1EcJqyehz/B92zd6afY5Sp+m+XHdTYgMx6Jd6mJArSK6Y
-mc6KamY2YRJ2riODoYGVA4GSAAQCiapSCf57Gte5xeDmMLpeApKeobHxFNMKBkgB
-K/Ap4GZFPy0o4dUDZl3Qgz8Lo35Fg7Q03ZlWEAoa5uVPltk0fYBnQdOnbjEDOv6H
-sp7e9Ef/WgLmP2SQW19TrIVs/XdVrVQoEuzdVo6K4fnTL+oPAgGNz9DhbWpqJ5e3
-49yFW/22sNCyUl4UNnjVOb+MBnI=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAgJgana2oT1uKSgL
+wWE+EVAldwskX1Vh1Yg+E14VnMQ3sck1Wy7uKzur7yKf5UWqsrzKFV6JcklfGXS9
+sewOYMTmx5xI8mpGoYGVA4GSAAQG5026TgcC8YbTNNPEniV44e36xWRkXdqMSliB
+WPjXo+9jJDZTwNUHQnc0+0zIet9KNr1avKH5ILm9bjv6UckW1XEIhFlOlIUFuSFH
+ottIo4MMz6KJUaK36OuEMTuZsKmQMceDTGM/hlovmESVJSiuXe4CQoqCTN+34gko
+/8U0IN846tC0JA0GWdWtsf8uLcs=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C20-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C11-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQCiapSCf57Gte5xeDmMLpeApKeobHx
-FNMKBkgBK/Ap4GZFPy0o4dUDZl3Qgz8Lo35Fg7Q03ZlWEAoa5uVPltk0fYBnQdOn
-bjEDOv6Hsp7e9Ef/WgLmP2SQW19TrIVs/XdVrVQoEuzdVo6K4fnTL+oPAgGNz9Dh
-bWpqJ5e349yFW/22sNCyUl4UNnjVOb+MBnI=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQG5026TgcC8YbTNNPEniV44e36xWRk
+XdqMSliBWPjXo+9jJDZTwNUHQnc0+0zIet9KNr1avKH5ILm9bjv6UckW1XEIhFlO
+lIUFuSFHottIo4MMz6KJUaK36OuEMTuZsKmQMceDTGM/hlovmESVJSiuXe4CQoqC
+TN+34gko/8U0IN846tC0JA0GWdWtsf8uLcs=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C20:KAS-ECC-CDH_K-571_C20-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C11:KAS-ECC-CDH_B-571_C11-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C20-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C11-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQEg61zguNIr8fycdUNjTm4FLfW3AxW
-KmulVlaARb0tYgkGqxEG+RN/9yWJLoQ2qM17iIkqMvGasmnirTDX8OwA46BS+7xG
-YwcEHMSw8ZXcc8So4QYF8qOCkjq9I4HyTkq71AHgh8UNGPbasBol236J3/9oxmNJ
-T7TQh6gWuFRE2IK+wqwl5C/eeOvMp5pv3fA=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGVWpMyYRmeUqT0DOIU2d296SzNEw9
+xOuWCkpkWPx4ac1ORbLxQMRop9TruoTJSCM3oqitqsiKmmKdoD3SR1JmQrCrcft6
+jHAFS5fZUrGfdChW2s9OUN8MMQO68lP03mWj2crOY/6CkG0sjoozEvtTXgD5tcpp
++H28f6P32H/gJFNmBKr+RkBZPMz+9vrAKKY=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C20
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C20-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C11
+PeerKey=KAS-ECC-CDH_B-571_C11-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=07e1d202a54d34020939f7aed56931f21b206761e4fc79b9a7b320f81077be322ae7809446b5b3ea701618ecdb0a1796ab80407a281bdbcb4d580131b61f8743bfef7a4d9c5941f1
+SharedSecret=0606228f5a05077aeefbefac23c0d5bac7a6062bfc2b02ce8bba6698ea96b456b1f0d32c6e05dbb9be61a83090428eedea18c74f41238edede9e3a12e28722d2f314613c2e84d6db
 
-PrivateKey=KAS-ECC-CDH_K-571_C21
+PrivateKey=KAS-ECC-CDH_B-571_C12
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAFOkjP2o7iMs6jVJ
-knsi83XWCWVgAl4hMWHUPu0C0HNl2e3nyT1FfqUeojaeh0Y+3b8loGux8ID7R2MH
-SoKD3T1p8d6GUpXjoYGVA4GSAAQEeQ+dtgC5oKV+A9J0o9I6VaoNhrLW+gf6/jyd
-TDOTdx3eiccKZHCjG60QXCHUhEzXv8O1lzj51sUoxBTVJPiODIYuThev9FQF3BLb
-BOJInbikbN7/n42dLgDQJPZWx4HrTS2xZ2JLOnCt2qoVjKAGAdTK0GWRe+vnZpEv
-q6mYf8xfyKeN0hZDqmUOakp+IGE=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAEhng0isM7kvLFln
+cQPqQJlGtVk9EF/EmDNRxO3pKcS5O/xpWHZVXjrOQXuCrAW4Mmdqwj4pVaCe5kog
+pfmOYkmfQ7p/f8jhoYGVA4GSAAQDHdSAjSs0G4iB9eUKLczjjfg5AJ+SGFl439mm
+DNruAFzbqCZVZHc21AevuQxnzdsTuisBYY9F6KJ0MX4C93D4Dvh7u8GxEFYFCgZx
+ycDOV6SU5pEfE3bPH8M5OIW6jCb23cu1Nhh2hgo1r8H0Vg8pcMMNs/HIF9vIrysC
+Xa7TqdoS0vrp1xTOrYBEXmoKCBM=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C21-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C12-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQEeQ+dtgC5oKV+A9J0o9I6VaoNhrLW
-+gf6/jydTDOTdx3eiccKZHCjG60QXCHUhEzXv8O1lzj51sUoxBTVJPiODIYuThev
-9FQF3BLbBOJInbikbN7/n42dLgDQJPZWx4HrTS2xZ2JLOnCt2qoVjKAGAdTK0GWR
-e+vnZpEvq6mYf8xfyKeN0hZDqmUOakp+IGE=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDHdSAjSs0G4iB9eUKLczjjfg5AJ+S
+GFl439mmDNruAFzbqCZVZHc21AevuQxnzdsTuisBYY9F6KJ0MX4C93D4Dvh7u8Gx
+EFYFCgZxycDOV6SU5pEfE3bPH8M5OIW6jCb23cu1Nhh2hgo1r8H0Vg8pcMMNs/HI
+F9vIrysCXa7TqdoS0vrp1xTOrYBEXmoKCBM=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C21:KAS-ECC-CDH_K-571_C21-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C12:KAS-ECC-CDH_B-571_C12-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C21-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C12-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHpejrSWhJehG5DGDhPV88YcaGhXOm
-ttt8IIqFbVTnT0No4oEAueC/SfwxBOFG+9p4RiOjbZ8B8j6636sE1/SP9mUGxpi+
-3REBPblo/HzTOMuOMEKhcfowb5q29shl3cW6X+mUow2PwfoScZHwjk4UuaoIalL7
-yqRtIhB/1t9TEItT/gu5a8l0wDqMZSj5eS0=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBAFGCsCmkhSju9f/QIhrYcIWrrGpy
+cFIDo8Fomru8DhKSel6Ds1Khutl3BhAfRKECLMwNVSLcXRyhQz3gOiuh34ZIdfUi
+vmEBiwKpjws+TM9EqWk5ogg6sfKgTa/Vvc7jz/Q4uwi/8SBDqhksX8804TtcKXQs
+XYZLnKxGvqbpbfKxvkSTrPlQIk1xc3+ZBlg=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C21
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C21-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C12
+PeerKey=KAS-ECC-CDH_B-571_C12-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=07f49ee5d822b17e3f1ec9946fad8d0a0a6b327242afe675806b3e6b7541745e21cd1b70df926af057a9f8deae4cb9a1edc782014426152e8aa4cf6a4080dad4678dc8ff0d9e1af9
+SharedSecret=052669336019db5eddef5eab2336abeb60bbc7295e4bb663ab43e373fb6d888d7433ec89a487a91d4a59c289a9509ddd1bab33cd02a7bf37aaad78dbedf0b4ae5f2f35d15cb4e628
 
-PrivateKey=KAS-ECC-CDH_K-571_C22
+PrivateKey=KAS-ECC-CDH_B-571_C13
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAVpeWUb+LJyubUEs
-YYwb0HckQysvHe2xMn2Kmc6DDmsDD0AlwUtOPRkS6pp4KQoc/H0BiaMMYUAQyHMU
-ahgvY5GTopEu3NBKoYGVA4GSAAQDFAiH6HA5eXhp9dnbUNkbpp0L/cWmd8cAYQVi
-9oDZUaXgUXyy+WY2fUjkI7BG205ovBxLMYPcgL7hJuiQFJlM34PEMSo+XqcHuNcG
-liyxkvDtFMTacQ0bGwc/2MpJepQ3mnRUycPUzm5f0uY4aFKnfFQ1q7I1NtzIOYbO
-3UUSdS8pXKUA8FX0YnY8KftnjKo=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIABe6ty14j4t4ub/E
+kShjxaSJIv5p6KTPXm6Rdj79VHehzUOd7dCv6lBOOzr2gj6jCJwDdO2a7iSohRbI
+zzr6vplbm5Z187WroYGVA4GSAAQBYcFLvITkLsdneow3cAZezR8PROrIJCpxWmGX
+Hn5P//eP9Xob8blcv8LtlX0RlfnqUICXFcJDnHVD5XNSATVCbUdTW4v8hTMBJTYz
+0CJRRk7cxT7Z6KntkykyDvXurzXWTFm5c1yW4H8aYuwXvO5PBM2ahaPrUEqvN7s4
+jGx9CNkKoLaFVrXAaOy/ClmERg0=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C22-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C13-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDFAiH6HA5eXhp9dnbUNkbpp0L/cWm
-d8cAYQVi9oDZUaXgUXyy+WY2fUjkI7BG205ovBxLMYPcgL7hJuiQFJlM34PEMSo+
-XqcHuNcGliyxkvDtFMTacQ0bGwc/2MpJepQ3mnRUycPUzm5f0uY4aFKnfFQ1q7I1
-NtzIOYbO3UUSdS8pXKUA8FX0YnY8KftnjKo=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBYcFLvITkLsdneow3cAZezR8PROrI
+JCpxWmGXHn5P//eP9Xob8blcv8LtlX0RlfnqUICXFcJDnHVD5XNSATVCbUdTW4v8
+hTMBJTYz0CJRRk7cxT7Z6KntkykyDvXurzXWTFm5c1yW4H8aYuwXvO5PBM2ahaPr
+UEqvN7s4jGx9CNkKoLaFVrXAaOy/ClmERg0=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C22:KAS-ECC-CDH_K-571_C22-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C13:KAS-ECC-CDH_B-571_C13-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C22-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C13-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQBPKr4zi4jIc8lbytkqomt1paMKYYk
-oivTjvlN6zpw6kTOh6lI6la/DulAcTT4yXsXsfVFYf93R+P2tlb4DWB3jQW4xMu7
-zzwAR6Lco+tnVLCp/Rawgfykl7Kd0uyeanWW0GsFnCqxiQD8xYcVJHJ245DfHbqy
-a6gSNaTcZzgjf879OBK3q0NskmxQxgDm6Qc=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQH+rTlkyjHAPdGSb2Qp9Uf8olY/nIN
+qqsyjPybACqnBs6zmTTbnM+B3uyVaJzox3a0/GVCqCNYzFHrvG2OUyLLP6bkaV4X
+D8EFrNRc/6Kd2zTuQudBACZ5jjeo0anOn5KU2lGYFktpAQxoxTKBzL/EB9FBCX2h
+N+eEnyKP3BoHqimL4myncfR6xP6ycj1aZmY=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C22
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C22-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C13
+PeerKey=KAS-ECC-CDH_B-571_C13-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=058cd5608dd9d64d4d822baeca123358a4d7e56d3777ecdf569a149c2f85ed35479eaeaababd0b026dc3b56aedafedfc8491040413f85b669d8512a3ef7bc8fe8706b5c7585370aa
+SharedSecret=062de5aa98b440c6cb7a1428f6b5e47452b30454eec4d651982b531121febbd5a3833b180017f7ddb5ce38d7bb1c842de1a8a8fc7fc981e24733b7662813fd010a4e757ca4ea5c28
 
-PrivateKey=KAS-ECC-CDH_K-571_C23
+PrivateKey=KAS-ECC-CDH_B-571_C14
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAL1Y4ZwF336ZvZYg
-cOC0x1dgQoWER+AjtBuyl0Womkh03+MloV040vuehw9BndFfSqrGXbvFrCxUD1fN
-sORbyGYhcm2SLRSqoYGVA4GSAAQB5LKid93Xjy8RnAW2rh6noqdElh4IlA9lae6I
-CMU7x6EhOAZO1cjCIu7yd05wwovOOmwF86ZU4SEAarYryUOB0Byg0bCCNNYH7tjN
-eoo1SbDZ74eGh579ycD0zpCzmRozy7sdNwTbk1ExOLGaUOysiA5XjeIQRvA6IABI
-GAiEvELPmq/ljMHq9TbW0l8VQdg=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_K-571_C23-PUBLIC
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAqstQwJ7CPir+jWY
+7wFEOZpgtgN7F6OuQT1CLvohZ+nqTxnX7KmNhcZ8H+hfvLwfErr6MKhdvfVCRmiJ
+MV8VMt78XRgVCfAIoYGVA4GSAAQDKMDWf9VS6hDlvfe4fVC/TcujTcpWmuuGnFx9
+x9gyzjD+7TLiWnI3k/l8VX4vl4xeE0nmm3PvmRYAH/sNbNssY0PjRTg4bm4B0VG0
+btAEJjzZpcDUaoQNAyImMfkv+SgOlaNXRs28r9n+1oEcdhS51Qqigo3HonWznT1B
+ijSd0eK3MhH03po0tC/KEbl2Dso=
+-----END PRIVATE KEY-----
+
+PublicKey=KAS-ECC-CDH_B-571_C14-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQB5LKid93Xjy8RnAW2rh6noqdElh4I
-lA9lae6ICMU7x6EhOAZO1cjCIu7yd05wwovOOmwF86ZU4SEAarYryUOB0Byg0bCC
-NNYH7tjNeoo1SbDZ74eGh579ycD0zpCzmRozy7sdNwTbk1ExOLGaUOysiA5XjeIQ
-RvA6IABIGAiEvELPmq/ljMHq9TbW0l8VQdg=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDKMDWf9VS6hDlvfe4fVC/TcujTcpW
+muuGnFx9x9gyzjD+7TLiWnI3k/l8VX4vl4xeE0nmm3PvmRYAH/sNbNssY0PjRTg4
+bm4B0VG0btAEJjzZpcDUaoQNAyImMfkv+SgOlaNXRs28r9n+1oEcdhS51Qqigo3H
+onWznT1BijSd0eK3MhH03po0tC/KEbl2Dso=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C23:KAS-ECC-CDH_K-571_C23-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C14:KAS-ECC-CDH_B-571_C14-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C23-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C14-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHQ7PJZag+6fa9uZAaHcwfeBllRKiL
-nPgRf4ntFXTlxdgE/EUREsJXh34SsKZsaTxmVcErukU12Z1iQF9Knc68BW2LfLut
-oSAD76WKo6jGok9DxVgf7AQUQq6VUnXbwdRtEBVgWdJje5qCmUsCSiR9KmZyS6kN
-Anh7FosfofS2dJZFQGxDj40xbWcPHg2LAwE=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQHJnYwKtGHMbdiArxRQp6/fsz2Ml9O
+CEwvkuMojtKQSIueNnIOKdqi2xmTp9F86O+djM7GHeikBxduJnTCXVe/8sRlljWL
+NgUDwAItUyKQkeFK8PdFDeyhy124IecVkGCP4Jhtc+iMkV5e6N/ryJVZE9kWT5kv
+VjlKZi7xHIIU6K2oXfGxewuXQUzdZi0Yi10=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C23
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C23-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C14
+PeerKey=KAS-ECC-CDH_B-571_C14-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=03bf7a59bbdd688682c45664d20c19cb2d24fcca6772120cbeed1cde762d449ebf22855627eb6b2be6e7f7c0f0034d02686f2a4488549f8cb198e02b46972bcb88914bea66dd6400
+SharedSecret=07c7eb4892816cc3388ebcdfb412984e05910c112dd15b8e5481719401701aceba22fcf35aab0c3b040096161011f6177097c505395d9d6d8a713f6a5100fb476adbe7b9cdf4b68b
 
-PrivateKey=KAS-ECC-CDH_K-571_C24
+PrivateKey=KAS-ECC-CDH_B-571_C15
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIARRjBw/LSii+Tipn
-wpx/pIpMWFowdAXQahoGeOkJ3W6vuJhmLN2LzAGd6xTl2S0XK6HEOO8PZNgBB8fo
-5oAp9OCqgUoQmco4oYGVA4GSAAQAk5OY5GOIbw27SKdPVzoSFQAGaOELV5idwwCy
-+ajAjNQ9bLt/Rux3wcKUsj+GKZAn0rk/1usYIQqCML9G45IfGCySYMMIR6sD1I7G
-M7naFlDqdiZWs+MfJq7Afnymqvwe18tGbqrzmT4EZwSMlnux6bSuBzojDB4vdOLm
-GGZs9WoG8rZew5Vbb/uwapCM9hY=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAEnG5MBaGXskr9Jw
+ckP/v9VbAIj9M9h9rk0hBI918rhiVjB1JB0vNv3Q6UBatCqlXL8gldq8Pa7frp3r
+kiIgeD6Fkc/WdgCxoYGVA4GSAAQAH+KaTC3QALvtEpEhuI7btcObNAA/FwrBn6mo
+XF/lh6q4ITYfSWNEDyWstJdYgQVS8Gtxmp60O3IOm3rW751BJI1fM1+ZUVoBSZ25
+WAjHGdJOsFxjPbiwXPlpygv2VkNbH98bCSgpD2pr+ICtuf1TyG7Hbg9izonL60wm
+b2Sodtd4IxoAMMOKoA1mxr1oB4U=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_K-571_C24-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C15-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQAk5OY5GOIbw27SKdPVzoSFQAGaOEL
-V5idwwCy+ajAjNQ9bLt/Rux3wcKUsj+GKZAn0rk/1usYIQqCML9G45IfGCySYMMI
-R6sD1I7GM7naFlDqdiZWs+MfJq7Afnymqvwe18tGbqrzmT4EZwSMlnux6bSuBzoj
-DB4vdOLmGGZs9WoG8rZew5Vbb/uwapCM9hY=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQAH+KaTC3QALvtEpEhuI7btcObNAA/
+FwrBn6moXF/lh6q4ITYfSWNEDyWstJdYgQVS8Gtxmp60O3IOm3rW751BJI1fM1+Z
+UVoBSZ25WAjHGdJOsFxjPbiwXPlpygv2VkNbH98bCSgpD2pr+ICtuf1TyG7Hbg9i
+zonL60wmb2Sodtd4IxoAMMOKoA1mxr1oB4U=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_K-571_C24:KAS-ECC-CDH_K-571_C24-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C15:KAS-ECC-CDH_B-571_C15-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_K-571_C24-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C15-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHIvHnoGB3UNri1ixdPUcPAGwyVFWO
-qqKU7u28qNML9Ku5Vd62LkF5kl9sut87+HdvFdyuNVat33lxBad7f29xIGyg5uqR
-4YgDXRCMoNYgyrlrfL9hfRtawG43eSYpiGVk/RR8WOVeQjNE/08fukrw/jQVKzhL
-doXKrRXTvCcOQ0Iq2HTnHkCKcabIqQ0q2Xg=
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGzXkx/PGTX4HzAUee2a0Mb5oFvs9O
+Vzov9Am6/EQuwZX34/39COWBYdTg/Tf2KpaUIbGc1I/oSKXX90uBN6fHJqnL03os
+87QEtbLNg7J4lXUcNNOsW5YKEz7BiwOcLhKNNEHbT3bot1BkCUYZsSLl+y8cJ5ZV
+mtlTxxHjMNx79V7fKfCVyuRVV7fI1YQ9ib0=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_K-571_C24
 Availablein = default
-PeerKey=KAS-ECC-CDH_K-571_C24-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C15
+PeerKey=KAS-ECC-CDH_B-571_C15-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=06d410e9ba6b8b87b00d0f676de8ba27f6afe7e308c2e992f318fc14cba0a447316ad86e8e6c1d3345d8e4035735232c2c597e760b8800a89a521567b09408f9c7be279c137c963f
+SharedSecret=05c638349000ec30881cd190c067e7f12b6b42d5842a8285a8ff0dc7e9c9eaf483309e48314fdc2ce7f9da6a468e549c8e70a50b68d07aee29708a98172209e5cd2e8c09cb66d982
 
-PrivateKey=KAS-ECC-CDH_B-163_C0
+PrivateKey=KAS-ECC-CDH_B-571_C16
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUD7a4XPej6DPBBLWp73IH9
-vQYXrfihLgMsAAQDVGZwHQsAMNCYtu0jQ9NVwkyQcnEA2LwC80HSYYYN+2Xwy38L
-SI2Clsw=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAYazHOSQx/KPJ5MH
+WkrmRayznnH/6UTuYr+CWH8cPL4ojOYCTY0DXxB9mk+u1Xp7Ie4dbnEpoJgATyLM
+1SdAwDSm3ze1PQcyoYGVA4GSAAQGsV8ahZ49gJJGEbIMG5Tf9r0FdP74GTfx5U0U
+jS0x+MIbDqnOAxyUVXBvCFpp/UkkGFWMfemq3CyamW5+0f7aMpx9dgm7ayIDKRBU
+TLE24sKaozVyqmw0caUuvKayKL7nSfqf/ikpakpbaqDG3J8JUhbnsVE9gcugB5Sj
+9Vj3ShtUHHOyMI9PjnQCi1wrzfM=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_B-163_C0-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C16-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEA1RmcB0LADDQmLbtI0PTVcJMkHJxANi8
-AvNB0mGGDftl8Mt/C0iNgpbM
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGsV8ahZ49gJJGEbIMG5Tf9r0FdP74
+GTfx5U0UjS0x+MIbDqnOAxyUVXBvCFpp/UkkGFWMfemq3CyamW5+0f7aMpx9dgm7
+ayIDKRBUTLE24sKaozVyqmw0caUuvKayKL7nSfqf/ikpakpbaqDG3J8JUhbnsVE9
+gcugB5Sj9Vj3ShtUHHOyMI9PjnQCi1wrzfM=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C0:KAS-ECC-CDH_B-163_C0-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C16:KAS-ECC-CDH_B-571_C16-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_B-163_C0-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C16-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEA6ZHujLaxx7GeAsGOKcM0k/DvUyOAuae
-lhVBhEpKozdpp7znEPZkClYM
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCmEtlMHTDaiWa2VbVVWUSwscx+lDy
+AF0ASanZd95cALegVMlgzdcHiWMhSQvkM71e/9RMVk6qLVAhF1BQxb/BY82x6B3x
+M1oBp4bSkJizNPXBxK6GpBvydcxnh9pyBpFlV6T0MxkhQQNFZ+BB1V15SncHx6ry
+iELVyPWQN1pDZWkYqoDlWwKFNHzOj/4fFeg=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_B-163_C0
 Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C0-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C16
+PeerKey=KAS-ECC-CDH_B-571_C16-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0100fb42d177ffe6c31378e2e04e0da7376ffe8765
+SharedSecret=007a40a59b6632156a43158565a4eeaf80618e501c5ac5afdab4ce3cb76ac99a0bcd17e9eec549373ace8c96aac78e2af6600483a2c49ec81298a083d5237118de96a953999beb26
 
-PrivateKey=KAS-ECC-CDH_B-163_C1
+PrivateKey=KAS-ECC-CDH_B-571_C17
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBeNzIIWQl1L9xyPKSXdGv
-htwEomihLgMsAAQBHklDDN0G8udluPLMBnzUJOLnVIUAg68VsizX39Hf9zlr8/MD
-j1BSSZE=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIA0H46GGC3k/D9DhX
+JQqSmkGZTTMdoVTAJJ+g0cJqbeDoNfoIqMxSTj2sKGOD+QvS9NLHUULx04EI2cBi
+FDyObtu9oK+Hp2rVoYGVA4GSAAQCxcXrcydAJnJXPDe0kokDQ6tCK1G8ZbYAdm7B
+0HkI/wO8/edpTYMrzeUpRjOd8Kq0B0rgeon4IfWhEw0rc9sMQjrnoCOuLBgEdu09
+vZNtHDaYekNRLI8FYuMWEi0Fp+3U5CSJhMEfbrhSFdWqoCYqlfIGZsnb9FJIrhd9
+Lf/6OmqVBTMpi1w/Shti2h6vzVE=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_B-163_C1-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C17-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAR5JQwzdBvLnZbjyzAZ81CTi51SFAIOv
-FbIs19/R3/c5a/PzA49QUkmR
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCxcXrcydAJnJXPDe0kokDQ6tCK1G8
+ZbYAdm7B0HkI/wO8/edpTYMrzeUpRjOd8Kq0B0rgeon4IfWhEw0rc9sMQjrnoCOu
+LBgEdu09vZNtHDaYekNRLI8FYuMWEi0Fp+3U5CSJhMEfbrhSFdWqoCYqlfIGZsnb
+9FJIrhd9Lf/6OmqVBTMpi1w/Shti2h6vzVE=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C1:KAS-ECC-CDH_B-163_C1-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C17:KAS-ECC-CDH_B-571_C17-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_B-163_C1-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C17-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEASgomJNkhtwuPNFYXzLVVEJk4ZHkBenp
-i7dJm/iV93+PyDAdbhx6n2GR
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBqGguCezNGGjaICkWpWHuhRPA1zRw
+zTQa7nntk1VqOm58eyAwLsdKDFFwqON9eKm10N45AOsqZjpyR895Q/04HZWzqv0V
+YWcFL+zGj3aV1OQaCAxHZQ0gKHTaFjoXSOVQNzlY4xvQquUgmW0w84RzD0hU9eVO
+aMwklYrcUuKkxAc1ZRTz6nFmBW3Gfk0Rj6g=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_B-163_C1
 Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C1-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C17
+PeerKey=KAS-ECC-CDH_B-571_C17-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0681c9e59eb7eba769f5b6f2b06ddf1efd12997995
+SharedSecret=021fd2726973405fc30d2a1f2115907cbd0de90bb6bcb0496452e389b1b10ccf38e2400617040cf0dbb188f345337678b0ad8603dcfe926582d4321f384daec0943e2cd267f48343
 
-PrivateKey=KAS-ECC-CDH_B-163_C2
+PrivateKey=KAS-ECC-CDH_B-571_C18
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUD6h555SoHCJjWo8TnSOla
-yHENd/ahLgMsAAQBN4YLo0WK8Twir4Il9WHgEzHNh6gHcgNW4V3HP5/uehwCH+yp
-fNQSBOM=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAgenOC2KIlcSJuDA
+bCaB0JvKGbXbfnu/wTrCCDid+BaNd2FeMMqGEDk25T3ZrwHN/iT1COxgk5l3XOhM
+hon41flvZS4BTg3ooYGVA4GSAAQEYI3AUSvFXHNM1WKsWCX3yji3k/js6bmBzBxA
+Mt3YA5Fk0MZGtCsv1FO1odOnSuI8MsfVhAB948004zEhuQ+rOtpmIbOsl4UGqp/7
+/WXFCTcIRnB2dKxyPawkpvM6Hgu834skujLPe97I/ckjO3V7wHPWTe30hMb6Ae8o
+6HT7DTT1iw4ysYZFwwvctRbuOEE=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_B-163_C2-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C18-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEATeGC6NFivE8Iq+CJfVh4BMxzYeoB3ID
-VuFdxz+f7nocAh/sqXzUEgTj
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQEYI3AUSvFXHNM1WKsWCX3yji3k/js
+6bmBzBxAMt3YA5Fk0MZGtCsv1FO1odOnSuI8MsfVhAB948004zEhuQ+rOtpmIbOs
+l4UGqp/7/WXFCTcIRnB2dKxyPawkpvM6Hgu834skujLPe97I/ckjO3V7wHPWTe30
+hMb6Ae8o6HT7DTT1iw4ysYZFwwvctRbuOEE=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C2:KAS-ECC-CDH_B-163_C2-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C18:KAS-ECC-CDH_B-571_C18-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_B-163_C2-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C18-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBYdPzIxITAFBcxAty3DGJO5hCNMdAElp
-P07ccUsNC6pb/F2LxqwECJ3k
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCza8TmgzaKADWESj/5NcyOzSg/PSM
+lABHn/TIKRy/RvFsQeRAmq7fFLxgpkKy17qs3o4AUd2K4Bv1rS5uZJDHfNQGqZnF
+ZeYHjt0p22o7h6EVBbV8VD/7dGpbQPuD1yBhgPOun8siLFQRp3R2Zgx7MRtkYxCQ
+WImpWg8v3DXTD8YcxVYKKRQjLWKtNjhrkXk=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_B-163_C2
 Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C2-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C18
+PeerKey=KAS-ECC-CDH_B-571_C18-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01e0749a21fc508f76dade85435bbbe12c448bd8c4
+SharedSecret=07a47bdc7d54ecd391672f131b3214d0efc4d40195db1ec993a62fe9da875efff5403bd708fa491a01a94f4bddc7d516baffff9fbdd213ca1a4905f9aa679d65da25c0f1fd2afb0a
 
-PrivateKey=KAS-ECC-CDH_B-163_C3
+PrivateKey=KAS-ECC-CDH_B-571_C19
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBrVypq8i83MSCmVrRqXfk
-cnFQuzahLgMsAAQCWueDEbD882lWajGfiYSVRq6uwwUGQOsP31IEgK++ufJnT+sd
-bfSC1/U=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAGuo8SzG4OeN+Mxi
+mISKdAAl5yxi0JnpJYSsdvWVrB/HJMsGqFoH8NRED6893qLyZfIBXdBZoWoDopkV
+uHMdYEUSzu8iuEHzoYGVA4GSAAQGNvQ16AYAZmEIc3MAdzqO1v+o6/gwfIH/X0Q1
+PpG60IYzG4/v8/HNuG4GG95fccX7k48RfiImqX0rZrCY6f9SUYLIFucCxqkBwb2K
++uapQQj8LHVdXeP6Kks0cfwqXN9K3aaFKb8YD/KNsVSrQxEkezkuk6M1u+h5Zgi7
+1gE/Q83MhG7CImdCPDz9os6KPZY=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_B-163_C3-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C19-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAlrngxGw/PNpVmoxn4mElUaursMFBkDr
-D99SBICvvrnyZ0/rHW30gtf1
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGNvQ16AYAZmEIc3MAdzqO1v+o6/gw
+fIH/X0Q1PpG60IYzG4/v8/HNuG4GG95fccX7k48RfiImqX0rZrCY6f9SUYLIFucC
+xqkBwb2K+uapQQj8LHVdXeP6Kks0cfwqXN9K3aaFKb8YD/KNsVSrQxEkezkuk6M1
+u+h5Zgi71gE/Q83MhG7CImdCPDz9os6KPZY=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C3:KAS-ECC-CDH_B-163_C3-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C19:KAS-ECC-CDH_B-571_C19-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_B-163_C3-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C19-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEADdI15jxQCaPHnGLOyOqKswDM8B0AMQq
-knq1eWlhIwlVdayUmwen0dS8
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQABRUS5KDbxTXJe+EP+nQldYOCiDBA
+RmYB1TkbyzWCwRUlKTJJ8kSXzIByFrNMksHgdXgcg5HD9tPRT4ih1Q6p/HX/jVHM
++TMDnaRsrIZqs0dhesWotPFlcDTjuN22a8QnPi4c4BZB7OY2l53oskktxp6IU3w2
+scOtDTUif4Z+Q9+ciRfc6fjB7zujy1youlI=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_B-163_C3
 Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C3-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C19
+PeerKey=KAS-ECC-CDH_B-571_C19-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0320398f7acf791e0d602d7b94742cce58e9fddbac
+SharedSecret=07326196a7decc92c81ae5a0779c9a42f53d94cfa4c3a13f19dbb554138e0e864eee6bc93e39214e2f74705a4b172aab510444c93b5b3e62517bbb7279337102db1c61de349d9747
 
-PrivateKey=KAS-ECC-CDH_B-163_C4
+PrivateKey=KAS-ECC-CDH_B-571_C20
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUC0oqKodifo+Xllv/RgIJU
-7heg0PqhLgMsAAQG5sUklKtjyJyXiFVvcWZ387SAQqAE6YJYucVvAtPttMpbCu6q
-naqm/g8=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAQcW8ud08n9C3j9s
+lpTY7KIXmCMJHSAvK6FikZOhyYcAaTOY/8gxV/fOSFjnU145kNIZvCSd4WRVjKyA
+fuFZd4oBLaGeUBK/oYGVA4GSAAQBULOt3hYqfwk1Daz0YEGf6GuZ3NlPRCg/uj5D
+0oG5O7VCgoEs5SJlqUg4lo1nqdbs3BtstkzxWUUhxHSepD2OTsBF5kX/I4sHtDMh
+thGLh8Rse1IojfXdHPfaYYPs5WM7TBfK42LYIRkffVeSOSgzmq332F9/Gd6UhnCe
+TS3e9CxVu012o8tQytKgmOrVlSo=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_B-163_C4-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C20-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBubFJJSrY8icl4hVb3Fmd/O0gEKgBOmC
-WLnFbwLT7bTKWwruqp2qpv4P
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBULOt3hYqfwk1Daz0YEGf6GuZ3NlP
+RCg/uj5D0oG5O7VCgoEs5SJlqUg4lo1nqdbs3BtstkzxWUUhxHSepD2OTsBF5kX/
+I4sHtDMhthGLh8Rse1IojfXdHPfaYYPs5WM7TBfK42LYIRkffVeSOSgzmq332F9/
+Gd6UhnCeTS3e9CxVu012o8tQytKgmOrVlSo=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C4:KAS-ECC-CDH_B-163_C4-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C20:KAS-ECC-CDH_B-571_C20-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_B-163_C4-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C20-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEA4DbPfKxwBVKjoyzBK7NWB018xXNBxU0
-7C6LNX2eBp1/H6mL1E7YsGgm
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQATC3lZCQxvMbrgu/UNVVAqLXSOxKw
+330xrWlCW5RUmHdEPujdfAnPu+2G8TZlkx1LKiF1nDPhC0rPxjuh72GsqqGMlOPP
+yTMBdlt6N+uAbUMZbSkx2hoZU3QtPg2nzLZ+Df26XgNJFMzj7mOTv95AZw9AYZYG
+faiyk8aENZPdIhyJv5eWNna9BE6MirjnF60=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_B-163_C4
 Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C4-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C20
+PeerKey=KAS-ECC-CDH_B-571_C20-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=03e4de43de85223d818e5be6549c29cdfa1afe1782
+SharedSecret=059052d3e1c66efa4b7dd39e74299e886367d8fe49d7cab90e4f051bec10316438fb29b1290dfdaec169decd622a1010cf0a0275008814f4861b4d83ba78515a8768d978be430011
 
-PrivateKey=KAS-ECC-CDH_B-163_C5
+PrivateKey=KAS-ECC-CDH_B-571_C21
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUC4XD39NwVL+Rwb5nZviKe
-ExfYK72hLgMsAAQHkA2sJR3oqUTPChvy6y7+7hRnbpsAkeffZ/d2InKdWbfjS5Rx
-J+f6Ll0=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-163_C5-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB5ANrCUd6KlEzwob8usu/u4UZ26bAJHn
-32f3diJynVm340uUcSfn+i5d
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C5:KAS-ECC-CDH_B-163_C5-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-163_C5-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEATbg0FtPOYuCfhmARhSLL0FXP8B8BzmT
-TOwQVyhS4fYZIi4vXsTg+lqm
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-163_C5
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C5-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=037b178aab014d5abab305e37deed7f4798cdb862c
-
-PrivateKey=KAS-ECC-CDH_B-163_C6
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUCkj0sgCzsQt7yYz3r3KdZ
-1ZdE0+ihLgMsAAQCzctPke19F3aNuAvis6yeCVax2XEDJDP0VabNJT6RWC0vb1px
-JlXaHWk=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-163_C6-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAs3LT5HtfRd2jbgL4rOsnglWsdlxAyQz
-9FWmzSU+kVgtL29acSZV2h1p
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C6:KAS-ECC-CDH_B-163_C6-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-163_C6-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB2w65KeBZzYn0Om8thX2JqFgpV3aBYwO
-yPJknC3c2cJLZDQzsU2QfFkD
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-163_C6
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C6-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00958b2aaa6061222dd248a6b9700fb6839dacdc99
-
-PrivateKey=KAS-ECC-CDH_B-163_C7
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUCWxe9bkIH2fsaOvAv1dsm
-r4NIrrChLgMsAAQG9vWx87GPRdtPs3d+aED7WlthqRQHN84UrrJOBZFYWnQXuJJW
-dJ9GHeY=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-163_C7-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBvb1sfOxj0XbT7N3fmhA+1pbYakUBzfO
-FK6yTgWRWFp0F7iSVnSfRh3m
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C7:KAS-ECC-CDH_B-163_C7-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-163_C7-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEANZfBRbBs+7ZIg5Zs9BJ3RFTF5rFAgv+
-EHqJpzYM0uIXU01t8pjMS8RY
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-163_C7
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C7-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0393387e1dab35748f20d506a0e2b4dc0ee6c3ff39
-
-PrivateKey=KAS-ECC-CDH_B-163_C8
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUAE36BMq0oiSPmSBHpIpj1
-wNzJVwWhLgMsAAQG8s3R1jDdcx7Xf5Acew5zVRXibU4BBi8vcVxNKvl7sb6LbPou
-PuMUJT4=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-163_C8-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBvLN0dYw3XMe13+QHHsOc1UV4m1OAQYv
-L3FcTSr5e7G+i2z6Lj7jFCU+
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C8:KAS-ECC-CDH_B-163_C8-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-163_C8-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBA2QPOKzD3CmoDhJsOF1j++Ih70xBKvY
-vbfBMnyZszgg2+GK4RT7Q1lJ
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-163_C8
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C8-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0212358d3f8bce69b662447333b3edbbc9b2f7e805
-
-PrivateKey=KAS-ECC-CDH_B-163_C9
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBxIxQt9Ps3zuQG60O78Pj
-gm486p+hLgMsAAQBkXVXMRfdhR5u6/2fseWohOv+/uUDrfN+Te1SVz+lfIyyv8ps
-ZcNnRGI=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAdAQP8eUivEH5R9N
+LMA5K2aAgFnR8my6Bb5qOB9SLUy4VBN5NKzNHOozYJSOQG0xCMlDdp3HALTJzAzB
+2EurWKNeJ+skBHXwoYGVA4GSAAQBK9qN7T7X6LbTm1hVpY1yW2XjhXwqZ0mW6zk6
+Pj+RWVu/qHJTpW66wrEO1Aavnb/1OyImX761p2nKzitgtF2/l87tKwoE21ACZFSC
+fv4psySuPy1MDco6OpVJFRHFMWRaz1RbRe9qxKUMCdPSHyE8p2uW+xgkLsvgivaH
+Vd5OEHcXNHWCbqq+0mp1w2nNew8=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_B-163_C9-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C21-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAZF1VzEX3YUebuv9n7HlqITr/v7lA63z
-fk3tUlc/pXyMsr/KbGXDZ0Ri
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBK9qN7T7X6LbTm1hVpY1yW2XjhXwq
+Z0mW6zk6Pj+RWVu/qHJTpW66wrEO1Aavnb/1OyImX761p2nKzitgtF2/l87tKwoE
+21ACZFSCfv4psySuPy1MDco6OpVJFRHFMWRaz1RbRe9qxKUMCdPSHyE8p2uW+xgk
+LsvgivaHVd5OEHcXNHWCbqq+0mp1w2nNew8=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C9:KAS-ECC-CDH_B-163_C9-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C21:KAS-ECC-CDH_B-571_C21-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_B-163_C9-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C21-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAi7SRkPwzsaMjkrRqixDadiqA/WUBczK
-YrbdHTFt7b0PHVML7W5VazrY
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCUDig5yrowW424+O1BO1zQe9wm5/s
+i+kBdzRtdsp7xxM9DsKArPBmAFxcwQtSqmVDNf6CCmYX5WDicJA/8cLMivE5jyTf
+4rADEHTKOTGAGmrLdltukUQXLtgdmZ7Z6DW9NVJrA+8qE/eDdgMrDrgUbCMTI2X8
+4Xany9ykSzWqN5hZ9oisJtxkyBSaQyLQg9E=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_B-163_C9
 Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C9-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C21
+PeerKey=KAS-ECC-CDH_B-571_C21-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=023472fa59846f7be07cf060cdd69a9fbb27d4fe44
+SharedSecret=03acfa4b3d1c2a6b62af23bdff6a215a416d4437ce6cc114d17dc4201195987a5d7301da11b913254702d7172e31d64e59b24deaa3270f20445e51dc484f7a2b8c3cbeb0bb9efb28
 
-PrivateKey=KAS-ECC-CDH_B-163_C10
+PrivateKey=KAS-ECC-CDH_B-571_C22
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBFi2e06ZgRV6MAV0eRdFR
-V0mj3NKhLgMsAAQEKD6w5QhdGYs3j8lfb7TDGYtNPHgBB6EWjy9HuWPks6kCTgw1
-el69+Sw=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAy0vVX/ke40oD2gu
+JP2mJ916WOmwCCKjqvbregFPR2wXlBrcXiI4owgNcG8eFqRRt+kpQneZMMVnCkcy
+gcrHi4WNHxzJmwr/oYGVA4GSAAQEDzEw50scjrJl58TmkhQR65cUGCZ+jeqHnC6L
+Vjhk8jphsjQiyaBvoXiooVXj54RXWXWH8+NbefGdDC4YWu9G25WBnL4SexAByR0n
+wq5xE+sDvpjpTTrW3seR+sL+DSyMmLcTcbBYpkn6nD+jzNu6kyOVwnr/og2VrAQb
+yZeOP1MIKaLGTImxvM6sBoVPuQM=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_B-163_C10-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C22-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBCg+sOUIXRmLN4/JX2+0wxmLTTx4AQeh
-Fo8vR7lj5LOpAk4MNXpevfks
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQEDzEw50scjrJl58TmkhQR65cUGCZ+
+jeqHnC6LVjhk8jphsjQiyaBvoXiooVXj54RXWXWH8+NbefGdDC4YWu9G25WBnL4S
+exAByR0nwq5xE+sDvpjpTTrW3seR+sL+DSyMmLcTcbBYpkn6nD+jzNu6kyOVwnr/
+og2VrAQbyZeOP1MIKaLGTImxvM6sBoVPuQM=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C10:KAS-ECC-CDH_B-163_C10-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C22:KAS-ECC-CDH_B-571_C22-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_B-163_C10-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C22-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB5P0sxFy7uZvJ2nrMF0DtcP3z/+LAfPs
-7Gu9qb3opNoU2z5f+TS5g1sX
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBvf/9acLgj7A8hT7y69CI5o0jP9uV
+8LJG3nlV1hUHff0LD/AsZNAd55M1kJa4XgV7G3+fWSYtwnV/GCQ+GC4aC/6dy7An
+1osCGL59lWAp8TnBnS2jRnc7FtevyFirjctg1+SErs7DCcs/6pavOQNjfl2022eL
+tdubCxjYPPnrwbGq8k9DZ+xTNoTOnVZYLUM=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_B-163_C10
 Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C10-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C22
+PeerKey=KAS-ECC-CDH_B-571_C22-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0173a056c4c9ef6707cd23928999c4680f42b71f7c
+SharedSecret=067a58e5b3287bb9aa83ed9ca2d718cf7165fb574b6a446c3019849cd1584673d561b574bc8f68419437c5e8113e060847cad3b5ddc2f67ad75bc1e3f04554e63a5e4945cfcb65f5
 
-PrivateKey=KAS-ECC-CDH_B-163_C11
+PrivateKey=KAS-ECC-CDH_B-571_C23
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBmh0W9KVy88G1HqKs5pKA
-5xN7j4yhLgMsAAQFzt6Wpw9xTNaJY/LWyiNiaak48xEGza3VS29zPICTR4fijCzP
-WLEie8A=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIA+7ikZaovnDrOjEE
+ZAWcwMTELxNIerGgdiwsvjBOvmNQPmxwaKf0vBl/gfZbQpXBSyEPPLI3i2dAH89S
+vsAsE7YbbeFOG35boYGVA4GSAAQBd6zF/p9C9N4tJ6ub9vfg6s4wPCZv+LNGkIKr
+qTZ+ZkQL1rG9i24a7JK2XjWuqPAH8J1M1n7qXWAAc2yru53MyUPrtWVqBYYHFvGJ
+jiqMJzGd56JpjyHV3likuLjdArXkMxENOXf+6OxcCJ0XCvAqStPB+rRLDR4qO+up
+4HGc2L+DZEeNaGxONfdFfSTQIdY=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_B-163_C11-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C23-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBc7elqcPcUzWiWPy1sojYmmpOPMRBs2t
-1UtvczyAk0eH4owsz1ixInvA
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBd6zF/p9C9N4tJ6ub9vfg6s4wPCZv
++LNGkIKrqTZ+ZkQL1rG9i24a7JK2XjWuqPAH8J1M1n7qXWAAc2yru53MyUPrtWVq
+BYYHFvGJjiqMJzGd56JpjyHV3likuLjdArXkMxENOXf+6OxcCJ0XCvAqStPB+rRL
+DR4qO+up4HGc2L+DZEeNaGxONfdFfSTQIdY=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C11:KAS-ECC-CDH_B-163_C11-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C23:KAS-ECC-CDH_B-571_C23-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_B-163_C11-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C23-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAup6UINGAvES9t0ObSXwZPnQXv8mAb8/
-adFKzIMzUzqIwuiCSGOkeuAn
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQAj8O0FPNBK0A/AcJTvSImFQIl3aqz
+TSAQifSdeeXcwuO2ghb6pm2sRFKcf+O6TSjYFbCII1lVcTu3chODUztdlCIbTtHh
+YrgCsyIB3icrGzK2pqWOoiQRxI9dxc8PlYcuZ1HtYizuzqIqVWl13mADhpriCvOb
+QrqIcXicgujzrTz2AG9DvEx9QQIDLEP495c=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_B-163_C11
 Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C11-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C23
+PeerKey=KAS-ECC-CDH_B-571_C23-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=03d34f411a297d7c990fa4a83b5f54759607f9d33f
+SharedSecret=06b272ca3330c0cdfbe60a1746bc0ddea6257536cdd8e976f2517eb541460a3f0e6ea7fec2b495e0f57712c8cac35e8a7d64d876c29851bbfeb6fe726d57e0be43dc76a584ef9c93
 
-PrivateKey=KAS-ECC-CDH_B-163_C12
+PrivateKey=KAS-ECC-CDH_B-571_C24
 -----BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUC79RADa08+tjRY3+pKQxL
-dYowFbahLgMsAAQFExMbS8ty72irBD7oT8jLA7bY8YcBILfVdyu7F+yxyegMNvgI
-/VSpOq4=
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAWmi2HWGlEwxc7+a
+InXjCAAD22SMLR4cVuLDfODXzZ+Bjqa3u6ND93TvDzNOpcEu8L51k9BO2UVFjXHh
+cRLrAdkEHSEzsTRzoYGVA4GSAAQFHlIXZCZa9/AbzZw/0CLf2y1KLFizsj0uVQMC
+xCqt1X0d9vwY5GW9mEQkle7SLz/WcAKEyfp4M7UWUUm44akeDgmaClcy1cIBmOfn
+0JTiB1KMWDhl0mKpGPwqOSYelcB9y9BE79OYGJkHivPrlzmCAaRlDw3Mvxn5Isjb
+w4Ob9r4AU/hFMccYQ6nmoQKrWNY=
 -----END PRIVATE KEY-----
 
-PublicKey=KAS-ECC-CDH_B-163_C12-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C24-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBRMTG0vLcu9oqwQ+6E/IywO22PGHASC3
-1XcruxfsscnoDDb4CP1UqTqu
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFHlIXZCZa9/AbzZw/0CLf2y1KLFiz
+sj0uVQMCxCqt1X0d9vwY5GW9mEQkle7SLz/WcAKEyfp4M7UWUUm44akeDgmaClcy
+1cIBmOfn0JTiB1KMWDhl0mKpGPwqOSYelcB9y9BE79OYGJkHivPrlzmCAaRlDw3M
+vxn5Isjbw4Ob9r4AU/hFMccYQ6nmoQKrWNY=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C12:KAS-ECC-CDH_B-163_C12-PUBLIC
+PrivPubKeyPair = KAS-ECC-CDH_B-571_C24:KAS-ECC-CDH_B-571_C24-PUBLIC
 
 
-PublicKey=KAS-ECC-CDH_B-163_C12-Peer-PUBLIC
+PublicKey=KAS-ECC-CDH_B-571_C24-Peer-PUBLIC
 -----BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBt0TBTSeiqCAIAc6DeWvxdwbamLTA0l+
-t79Aie8CzQpd0Phr2HmKRMVs
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFZagplNfm9T7ra/Z1I+5oD/t3ARhn
+PD4VwyAObI0fJsq68AwdpI5jdDFkl8ul8Z8XQg8mdjP0DlsGNieJv/Ea31ltWxz3
+aO8Bay1Nqsqca+2XayBk71Q1KliuNDZ4NaYhDhV4KRwd6NZ8ILw9b/piDIezCYor
+nzq7jSys1bLuK2g5nqxOj2XOvdZjAP0Em1s=
 -----END PUBLIC KEY-----
 
 
-Derive=KAS-ECC-CDH_B-163_C12
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C12-Peer-PUBLIC
+Derive=KAS-ECC-CDH_B-571_C24
+PeerKey=KAS-ECC-CDH_B-571_C24-Peer-PUBLIC
 Ctrl=ecdh_cofactor_mode:1
-SharedSecret=06120aed8d4c1e506710e2cfb98ca2022e642ca89f
-
-PrivateKey=KAS-ECC-CDH_B-163_C13
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBKw1kl3z8E7SDRe9wctGj
-iQ6vuVuhLgMsAAQBuTY89Ic1Z2h42AzhSBuFiGg/dEQHaPpzJ81yUsj2lu1JR4aJ
-Fa2h+10=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-163_C13-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAbk2PPSHNWdoeNgM4UgbhYhoP3REB2j6
-cyfNclLI9pbtSUeGiRWtoftd
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C13:KAS-ECC-CDH_B-163_C13-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-163_C13-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBaDjQRGOaYJ9an+CgvvwuUQA8IJABCO5
-k9Q2f79PZQTZ4JpkEjo7U9Eo
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-163_C13
-PeerKey=KAS-ECC-CDH_B-163_C13-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=021a58087968c5df57afd7c343a4cfa2ee8e7073f1
-
-PrivateKey=KAS-ECC-CDH_B-163_C14
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDOslTgD0ERrPNpOvQcbTr
-AnwRv9ihLgMsAAQFxEbpiWykTMpzPp9OW2Sv3cBTchEGutGyUiaS+XCzi+aTXcfR
-wJ3NIG8=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-163_C14-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBcRG6YlspEzKcz6fTltkr93AU3IRBrrR
-slImkvlws4vmk13H0cCdzSBv
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C14:KAS-ECC-CDH_B-163_C14-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-163_C14-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEABqSPWGRY0MGEkweJnMJsH26Mt7LBaNR
-f1Qmo0Eacn7dwpo+wilVg2jR
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-163_C14
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C14-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=03da9c0879219e48c3df56174898fab9ee5b0a6bcd
-
-PrivateKey=KAS-ECC-CDH_B-163_C15
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBvXkUWuf0LGsl0cOJZewI
-/SdTOnqhLgMsAAQA6dj8OgJpJcit1Qj5IPouX/UoJogFt79jElmsfTaTbBMP8gbY
-ILE73oE=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-163_C15-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAOnY/DoCaSXIrdUI+SD6Ll/1KCaIBbe/
-YxJZrH02k2wTD/IG2CCxO96B
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C15:KAS-ECC-CDH_B-163_C15-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-163_C15-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAvqLrw1hKK3ZuQKqGByB4kKYRR4uArk9
-H2kTkU/+FVnHwRTGMbtrKWF+
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-163_C15
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C15-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=05b33fe3874d32aed99919265cc0074902e538fe54
-
-PrivateKey=KAS-ECC-CDH_B-163_C16
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDMMofWtd9embYdCMygCDJ
-HsefN2ShLgMsAAQFujfTaZfE8qvmA9/gQiMnOOgrCzoHPIzZUARJcqAFxvGvjkMG
-4MzvuUY=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-163_C16-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBbo302mXxPKr5gPf4EIjJzjoKws6BzyM
-2VAESXKgBcbxr45DBuDM77lG
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C16:KAS-ECC-CDH_B-163_C16-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-163_C16-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEA1Pi2kWrfEkwKAw+20upABLVbfYvAmkx
-4wuX/173uswN5NlJBwhSLjsr
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-163_C16
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C16-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=053dbce9826af4d290036feb46875e975b7848a9c4
-
-PrivateKey=KAS-ECC-CDH_B-163_C17
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUC0jFAB01u3dW8CZsX3hKv
-ud3y7L6hLgMsAAQG4GzHww9e1+aGw6daHUQld3BgHLIDDcQUxK+zkO1GevRxqpvS
-t18y39g=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-163_C17-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBuBsx8MPXtfmhsOnWh1EJXdwYByyAw3E
-FMSvs5DtRnr0caqb0rdfMt/Y
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C17:KAS-ECC-CDH_B-163_C17-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-163_C17-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEByFnCITaqM1idjjskPNEjvsPJIm6BPhK
-mDvsayiJyCEb8jEUm1vrzHXg
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-163_C17
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C17-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00d49b971cab937f40908913fe259849679ca076d9
-
-PrivateKey=KAS-ECC-CDH_B-163_C18
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUCRJwbn/CeepoDsX9f9GER
-X18/Gn+hLgMsAAQHP53d3EZQkz3szJVG05KjXbvGanYE3nVY3eZJ9yMis54xyOKc
-5vWZSF4=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-163_C18-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBz+d3dxGUJM97MyVRtOSo127xmp2BN51
-WN3mSfcjIrOeMcjinOb1mUhe
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C18:KAS-ECC-CDH_B-163_C18-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-163_C18-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAdYxnsLcXAjwJhrtAjFBjW3D0M2nA45k
-lT982scdBS5VhVdGtD1EGBuR
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-163_C18
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C18-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0483ad0b7f8a716273f624b8979c19126705266e4b
-
-PrivateKey=KAS-ECC-CDH_B-163_C19
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUA0IuV2aTOck7EYszhJwH9
-jD1T/c2hLgMsAAQAJqdw2G4cibp6hq72Sbp+qG/H1bIB2xAg4Pdk31SlPCPJOM7J
-jZp3rR0=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-163_C19-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEACancNhuHIm6eoau9km6fqhvx9WyAdsQ
-IOD3ZN9UpTwjyTjOyY2ad60d
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C19:KAS-ECC-CDH_B-163_C19-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-163_C19-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBPFnkHv0uY6Gltgdp9LBBW76DcFMBsua
-tlFDgyuc79XZzmnsTbLt0Geq
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-163_C19
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C19-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00f69dcb547119fc9b8c454335aab184c3ada5f1c6
-
-PrivateKey=KAS-ECC-CDH_B-163_C20
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDgI7+atUNJQ2HGS4WSZzj
-JZQo87ihLgMsAAQAE6AuJfySeHWvpVe9Zz9lhwRZ5nEEA4265cXlQIRwiiS8P9By
-52nBI3c=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-163_C20-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEABOgLiX8knh1r6VXvWc/ZYcEWeZxBAON
-uuXF5UCEcIokvD/QcudpwSN3
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C20:KAS-ECC-CDH_B-163_C20-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-163_C20-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB5ttFMdDJxQC0TI2AyFf6zxosURVBOOQ
-VoalOMJaAr6pL0IYQCG16iWT
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-163_C20
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C20-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01bc5ee5261b2bba55b10cbaa6cc3c97b98d00ffea
-
-PrivateKey=KAS-ECC-CDH_B-163_C21
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUCrSMqekHmzCSVU42HsCPN
-7HtuHyOhLgMsAAQFSeMHgNk/eW/c9pGQVXXYXGZFO9sCFiqIW+oxNEVD9dBhkTad
-7G5w6Wc=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-163_C21-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBUnjB4DZP3lv3PaRkFV12FxmRTvbAhYq
-iFvqMTRFQ/XQYZE2nexucOln
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C21:KAS-ECC-CDH_B-163_C21-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-163_C21-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB3L0LScqBX3g/5Jsn5RgXGZ10hUmBgLn
-5TJV3pv1jAV+77ebzkMbXDgI
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-163_C21
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C21-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=008574d838d3de87965fc1b4343fe4f078588c4ea1
-
-PrivateKey=KAS-ECC-CDH_B-163_C22
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUA3Jmxnz2IR4dRkOlYiyu9
-gw29OpWhLgMsAAQA9l2YTXHcwYvxcqvk05k84PfPMkwAG0nmos8Rc6raw69sCelm
-8xFBq9k=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-163_C22-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAPZdmE1x3MGL8XKr5NOZPOD3zzJMABtJ
-5qLPEXOq2sOvbAnpZvMRQavZ
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C22:KAS-ECC-CDH_B-163_C22-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-163_C22-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBQskKUYJcXOanW1WcLxtdZ5WVnaLBJK8
-LT9jjUl45MpYylpO8ZxezOqN
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-163_C22
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C22-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=04579b477a92ed961cfdb2014407e88e7716452a4b
-
-PrivateKey=KAS-ECC-CDH_B-163_C23
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDVquFsE0IUbj2a0p5ZSbT
-8+OIKEShLgMsAAQHdqLhr5MtdFGQcL+pQeqpPp/16XoFq+ntRiRf0BRiUNKlY8Ru
-v3rNI0I=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-163_C23-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB3ai4a+TLXRRkHC/qUHqqT6f9el6Bavp
-7UYkX9AUYlDSpWPEbr96zSNC
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C23:KAS-ECC-CDH_B-163_C23-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-163_C23-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAX1SEW8MlVh/G3sGx26Y2ZyC3PIMAk6i
-K92ZC9eeY+c1shKCrhtepmZI
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-163_C23
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C23-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=035a8c10e64403c52ef8d17c5f4dead0df81fb1f21
-
-PrivateKey=KAS-ECC-CDH_B-163_C24
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUAentUdVDHWKnefwbi845V
-9enkTOahLgMsAAQEWVLAtRfmhcqwlHAyf51LISdRsEkESkKabvsEvOoCQKtYBd50
-CqYfmU4=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-163_C24-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBFlSwLUX5oXKsJRwMn+dSyEnUbBJBEpC
-mm77BLzqAkCrWAXedAqmH5lO
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-163_C24:KAS-ECC-CDH_B-163_C24-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-163_C24-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEA6fqELodaqVFcAtAtzeVGp5zbfoMBPk1
-L7KsJETpKHVONlX9YuOkJWTo
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-163_C24
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-163_C24-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=000142615e3607ac148c4de8f334be849235d01cdb
-
-PrivateKey=KAS-ECC-CDH_B-233_C0
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4APD7kdKwNC8HfVn48NfX3
-ZsUzKy1nMP8OTY51rtuhQAM+AAQAYeiptRf9BaAm7DdmFiKf2GOaH6dt7+U5gCL5
-2cgAcGtcsIc4qUVS/uWEsTcv6tSveQQJCfz29QCEu/o=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C0-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAGHoqbUX/QWgJuw3ZhYin9hjmh+nbe/l
-OYAi+dnIAHBrXLCHOKlFUv7lhLE3L+rUr3kECQn89vUAhLv6
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C0:KAS-ECC-CDH_B-233_C0-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C0-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAEdWut3vw9wzerJ7VFLrEK/9njH1tVwz
-DpDw9oaiASp59lIyMIohyYwBVVzK/H3OFcj+0wJadgy9bCMn
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C0
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C0-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00e9f3d8c4f1bec0f920e763ea1bb7415899f01734609e7547dc425ec946
-
-PrivateKey=KAS-ECC-CDH_B-233_C1
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AqkGloBpOZqZ5l7C+FvVr
-FgsFYa0H868pZDhkYdChQAM+AAQALZFAJEZVcGjED8B13uk5FrDxqTkuR+VrdHEl
-rh8BOrCRXkrPd5UWgm+h3BiFoGq8XQgJySJAzPnD2KQ=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C1-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAC2RQCRGVXBoxA/Add7pORaw8ak5Lkfl
-a3RxJa4fATqwkV5Kz3eVFoJvodwYhaBqvF0ICckiQMz5w9ik
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C1:KAS-ECC-CDH_B-233_C1-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C1-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEARhqAo+aGNuSf2MlPCA+smqjq6DUCxo6
-vGTkeiKtAMvYuV+J5CESi8c6Q8XMJU44ZwlquJ14iy7TuQqW
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C1
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C1-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00f1fbecfadb158d62eb1109c085124fad67a8795b58815eb396c95db4b9
-
-PrivateKey=KAS-ECC-CDH_B-233_C2
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4Axmd8KAaLRi40hizmydit
-jBs8fv6Ay6tB2kGSeOShQAM+AAQAQssxHc/ySCos7OaWwetkxprCqlmSCaXBh2Oj
-FQoBsDKfNsE10ALwi+Pj/6naGMXWpww2D0+HHxK/P5U=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C2-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAELLMR3P8kgqLOzmlsHrZMaawqpZkgml
-wYdjoxUKAbAynzbBNdAC8Ivj4/+p2hjF1qcMNg9Phx8Svz+V
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C2:KAS-ECC-CDH_B-233_C2-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C2-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAJO/hWIWAiOOmNCcmIKNUaSUYDYsI8UU
-HT0bI1KWAISXFSGHqLOylYodCi7s/0SSJRgHy/0D1fJoW8o3
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C2
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C2-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=019ea831c51d88a7cf754495a1c474082ed481c8eb83190a77defb09d479
-
-PrivateKey=KAS-ECC-CDH_B-233_C3
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AnGECSz3/IZs38b5nAYBK
-3yR0FESN0PDcUSk6yROhQAM+AAQAEkEg2ECYUOceM8ni2cQOoyvtEdd4BHhumwdo
-kqsAba4bpIFylv9jBzusnOBl1DMboaXImcwcB0Bdrj4=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C3-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEABJBINhAmFDnHjPJ4tnEDqMr7RHXeAR4
-bpsHaJKrAG2uG6SBcpb/Ywc7rJzgZdQzG6GlyJnMHAdAXa4+
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C3:KAS-ECC-CDH_B-233_C3-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C3-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAEVJZIaSr5XYjk4dSRTYyXaaraxaD3V4
-MmXz65ZXAbCUtIAvOXZj0OaC+r8clMTiFOSDJ7le78uSt3H9
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C3
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C3-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00088425fb04c2ce408f08d81385a322703a077bf00ba0791e4e79b80419
-
-PrivateKey=KAS-ECC-CDH_B-233_C4
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AbmnQZNvZp5T2jmmaDpQb
-3aalOhzso7PbgpJbb4uhQAM+AAQAxX1h/LH+6Q1djJfL8YjI74JZsK4lh+zx/4zS
-4voAuK2GxoBaSrRFE9u6L1CYuenB4Ftnn1KTeuzisYI=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C4-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAMV9Yfyx/ukNXYyXy/GIyO+CWbCuJYfs
-8f+M0uL6ALithsaAWkq0RRPbui9QmLnpweBbZ59Sk3rs4rGC
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C4:KAS-ECC-CDH_B-233_C4-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C4-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAHPFz0oB0J47QbXnd4xrm6Utr4j8QE+O
-L9CdtAJ+AHA5Htqnbw45cDlMrAM4BhBYhYw8c9XLUS5TJjBP
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C4
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C4-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=019b5efb23bc18a4f18c22fe2fd5cdbd02372cabde5e5c9f4b4f9a49438f
-
-PrivateKey=KAS-ECC-CDH_B-233_C5
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AWuXeMMfDFxgTot0+PqLF
-zqoEc8OUV+mSkHHhpCChQAM+AAQBfPn8oF1KVeS2j+56O9Q/BHMD8qJm2Bu14ex+
-JVgAOwr0PeBQAzl94dSyeCetL81nXL9hpEWh7EClabY=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C5-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAXz5/KBdSlXkto/uejvUPwRzA/KiZtgb
-teHsfiVYADsK9D3gUAM5feHUsngnrS/NZ1y/YaRFoexApWm2
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C5:KAS-ECC-CDH_B-233_C5-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C5-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEASOmsIGnYehsBC4ZFK9H8JOyZVVD5WRY
-S2BkJTmpAFGO48GuVGQE3x7M1pqmhWQx0ciIHPBXjP9OuMEb
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C5
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C5-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01f36d9519c3d47f030eeac3338db583b96fefa551a4b56cc5567f2d9d7a
-
-PrivateKey=KAS-ECC-CDH_B-233_C6
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AxoeWlVtotfiCfjisB4Kx
-rCxFUsrvDGCVhGfNhcGhQAM+AAQANHifvGDxCGA0yPLOhv1KozUZTJFGiQNX3EdW
-meQB0395Yyf3HsMVEEaEY9CykFSIpKYCZ4cN/uVnwlA=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C6-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEADR4n7xg8QhgNMjyzob9SqM1GUyRRokD
-V9xHVpnkAdN/eWMn9x7DFRBGhGPQspBUiKSmAmeHDf7lZ8JQ
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C6:KAS-ECC-CDH_B-233_C6-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C6-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAUH7vys2HCyM5e2r+iKqR1VYHlsaZmAD
-YqDue8V0Aa6jysID+MeAR1omCbKXDMhvlupAEcNI2oJiszSq
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C6
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C6-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00e54b1c916ff3ba1aa0b2b99f0ebde4f1a4cc6a10d959bb2f7f4c777b84
-
-PrivateKey=KAS-ECC-CDH_B-233_C7
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AdCRcyX3UUJNWieo/ynsL
-MMHWfObovhfLEZJXXK+hQAM+AAQB4cVwrMZTxwb9d0AZSlVN5/N5mhK4INapQRl/
-dh0B4iJejQ1ByAj26tevMg+yX+0pqZCYoPDhHNhp5Tw=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C7-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAeHFcKzGU8cG/XdAGUpVTefzeZoSuCDW
-qUEZf3YdAeIiXo0NQcgI9urXrzIPsl/tKamQmKDw4RzYaeU8
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C7:KAS-ECC-CDH_B-233_C7-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C7-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAJag0/Nuj3U3kQdM6ml7JHFifgyeeilK
-ApqdO5QpALdnF0opILYvHwL6eQl4RdUdk+DIEEQQgxot1Vw8
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C7
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C7-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00bc0dcf7585753cc79aa412d2740b4b2d1c644fc9755cb0550286bcf68e
-
-PrivateKey=KAS-ECC-CDH_B-233_C8
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4Al77tS3OKYgXMnqBGtEi1
-IxKLkxAaAtlkQ16xeAahQAM+AAQBg1jalAeacAoQsgojJdM9gOletPxKmBAcMSY1
-k5wADE9ELQBxx70dIXzyNf0DHewwnoXqIBTmi1D8K6A=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C8-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAYNY2pQHmnAKELIKIyXTPYDpXrT8SpgQ
-HDEmNZOcAAxPRC0Acce9HSF88jX9Ax3sMJ6F6iAU5otQ/Cug
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C8:KAS-ECC-CDH_B-233_C8-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C8-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAWa+JCazv45tBaJNfR8sDjKeQSDPyOb/
-UkhvCVWGAHNx4ogUX8JaWpy18qOGA08vMoxuqiTIsJboqx8M
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C8
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C8-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01b7ef3148be331115321b1c2a68832fdfb991b26224a60dddce3e060d27
-
-PrivateKey=KAS-ECC-CDH_B-233_C9
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AdZxV2lXh/bW6f4uJOrqu
-WSW5sIGEo9VUlXrPPsChQAM+AAQAKvJfgQ4YqBtp2iVKZbimx6uA3cJ8hWIuI0it
-0TIBKLdT5LIajDrPhaq5Kpqmp7M/LLadcCS6+OiwcUI=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C9-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEACryX4EOGKgbadolSmW4psergN3CfIVi
-LiNIrdEyASi3U+SyGow6z4WquSqapqezPyy2nXAkuvjosHFC
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C9:KAS-ECC-CDH_B-233_C9-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C9-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAYHzuwsJdxMnfF87Rs7wKqnL4pq5XHbp
-tgofelHlAC4vtnLXK/ePfP7cQNNybGtPtYVBfHR2tlXjK707
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C9
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C9-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0041249865c913b287a253150b207e2682efd96057cb0709e9bbb48c0fc9
-
-PrivateKey=KAS-ECC-CDH_B-233_C10
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A7mOdifDkM8B14u9XzCQ1
-gelbJh+Kk7jvb16/gBWhQAM+AAQABmOPa82FBDOV0B12f/d+nWd/N+9ADy4W/uht
-uvIAbBJJYmbeux2DQ7loTifF9xKcFwJKjmcEZypfPWM=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C10-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAAZjj2vNhQQzldAddn/3fp1nfzfvQA8u
-Fv7obbryAGwSSWJm3rsdg0O5aE4nxfcSnBcCSo5nBGcqXz1j
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C10:KAS-ECC-CDH_B-233_C10-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C10-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAGWqQRXlnmBFqvme4b7KH6uSO73JGSBu
-CTFiC6mWASjQC3dYmaWKWbyyq3nWCeLc2pjmUju2cWhVT4Tm
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C10
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C10-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01cf480fbc2be2c2c4448c88890972c7ff9cbe08a75e26c3809596b8b5c0
-
-PrivateKey=KAS-ECC-CDH_B-233_C11
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AkpsJtnspqk/xXWd5oXMw
-ZQSfrrLCJwEsSfJ37VGhQAM+AAQAygQD2V2F8MsK5NKurhjhh7ecIB7WjBStJO0A
-OSIAz2sKUCspDQru6CBmGsz26ll2h8Rcf5Onc9JfYqY=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C11-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAMoEA9ldhfDLCuTSrq4Y4Ye3nCAe1owU
-rSTtADkiAM9rClArKQ0K7uggZhrM9upZdofEXH+Tp3PSX2Km
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C11:KAS-ECC-CDH_B-233_C11-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C11-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEATV25wDzY2f7dBhC8jGInzaCKqspM8JF
-7tV7naytAXkQ6QcaPkLn8hs2Pw5ofSiYEKTsKcNuzhSFTh3R
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C11
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C11-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01ce8abf3c8ccfa30e5f35ddb75f5e106aab1e67086156a1ededa1717b77
-
-PrivateKey=KAS-ECC-CDH_B-233_C12
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A4nrwTv4thv/tbs33GPwL
-jgSe0iLnYAw84xzk6XqhQAM+AAQBRewNtf5iuSVHeSASJoryG6koqP2Y0KHe49j7
-JVkBCgMc6laxg+kwkwCKtwXMkJnltlxctEBzJLlv7pA=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C12-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAUXsDbX+YrklR3kgEiaK8hupKKj9mNCh
-3uPY+yVZAQoDHOpWsYPpMJMAircFzJCZ5bZcXLRAcyS5b+6Q
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C12:KAS-ECC-CDH_B-233_C12-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C12-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAOn7pxpkq7F3+kNsuXOcn2jAFVrciXE5
-wb89+ZpTAZrxExvkfeCIcINdoUlG/tcwNBefgJKY0BSbFt02
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C12
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C12-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0025df759a20312361b9f6767efe8e8d69979e34639469a91fed9fce04f8
-
-PrivateKey=KAS-ECC-CDH_B-233_C13
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AGnJte5koaR6wFJyo8O3u
-R70Mc0ETq2ADJB7hk96hQAM+AAQAdCa/qIeP5ZsWqbjGORCh4vvGsHuplboEwxQC
-ES4AlE6WFmdssvx/oPnhuHo1h0gkPoD7YiZChGRaak0=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C13-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAHQmv6iHj+WbFqm4xjkQoeL7xrB7qZW6
-BMMUAhEuAJROlhZnbLL8f6D54bh6NYdIJD6A+2ImQoRkWmpN
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C13:KAS-ECC-CDH_B-233_C13-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C13-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAR+ZSkFswZkLjGF2ej1o++pzr3tItlXk
-dHD8zHkfAV3piINdaBLwvdcAeolZceGgb00izhMDyfVe/mR8
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C13
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C13-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00437ab4a53756ff678a1f580c0fd1f33b23021d62060808453b4aabe627
-
-PrivateKey=KAS-ECC-CDH_B-233_C14
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A9FnHZyFpwSWeThmTM5ZM
-H/+851rTDd4SZPXLhtGhQAM+AAQBtEqBiV0hBfoWpuCVJsCa5/bL284hCHD04z24
-tvQAseByxiomQpdfBsaHxkZ9opXvk/BNHFSUpiRoPIA=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C14-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAbRKgYldIQX6FqbglSbAmuf2y9vOIQhw
-9OM9uLb0ALHgcsYqJkKXXwbGh8ZGfaKV75PwTRxUlKYkaDyA
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C14:KAS-ECC-CDH_B-233_C14-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C14-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAQUTYgruDQR4hyQ46Zsj6kkAFT+TZusX
-1hvfNaoZARNt+8hAG72g1nXKBqDP9r3UZ8CsmpeCkzAHKOfc
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C14
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C14-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01ebd55823c57d1fc7b36cf1ed2051ead64db6d114014d3407186f50d957
-
-PrivateKey=KAS-ECC-CDH_B-233_C15
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AZWpHuHcrCLHZB8gj+2xF
-xl+fGPi0Pzph5sdGEeGhQAM+AAQBU8262S640g2gwceq1G0IM2y8l26Nb4OUfk9N
-ZhYByXe5el4SBcpmVF3zpSa24yXgh8DgcIOf5+we54g=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C15-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAVPNutkuuNINoMHHqtRtCDNsvJdujW+D
-lH5PTWYWAcl3uXpeEgXKZlRd86UmtuMl4IfA4HCDn+fsHueI
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C15:KAS-ECC-CDH_B-233_C15-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C15-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEADXf/skRftcWdieiSj693Umj9F2RrRhA
-HT1Emy/vAZMXVM5c9Vehwazt/l6aewuR+BZD2oWGpoZYhfBC
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C15
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C15-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=006d07f6e08b11a060ccec43b07ca7d9eaf6c3ece06f4785519284bf6f0a
-
-PrivateKey=KAS-ECC-CDH_B-233_C16
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A8U9exO+vhuQ/7OZfF/+R
-sajWG+NBbu64hPTi0U6hQAM+AAQB2fjAHpwg9hUOx2IKdeOelvkke+zhN7A2W+xU
-JUwAYAg3O54IeAUpTa2uAIlGZ/259rik0WKV5bnSGm0=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C16-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAdn4wB6cIPYVDsdiCnXjnpb5JHvs4Tew
-NlvsVCVMAGAINzueCHgFKU2trgCJRmf9ufa4pNFileW50hpt
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C16:KAS-ECC-CDH_B-233_C16-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C16-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAEhFzmYbHq40wWmfG/443IfvKLiwp3cf
-82bcIdhjAQlrGVSwbqpwc+2TmAGqKXTaHWDWbpfDHfD2h2+v
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C16
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C16-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00aea594f092b4052f7564b2e5651bcf43ef7e336a064d6bfb1a89cf5e51
-
-PrivateKey=KAS-ECC-CDH_B-233_C17
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AH6XL2IoUb2zPX3nfvHCG
-j9m7TIEVl2yWJw/3vF6hQAM+AAQBTSdvQoHLUKJrKeyB/O2W0OkJmUsihUM4VSVt
-WNsArEeSr2Kg3E/U7sOE+/P7uCyDR0hrwesTOLx/OrA=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C17-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAU0nb0KBy1CiaynsgfztltDpCZlLIoVD
-OFUlbVjbAKxHkq9ioNxP1O7DhPvz+7gsg0dIa8HrEzi8fzqw
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C17:KAS-ECC-CDH_B-233_C17-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C17-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAUc0GSFlyW+9t5TKseLR7xEeGiCnIF2w
-GqgDoDKiAezfw5QLfQYYzWMVRBdR9mPfdNNWSS75NLS6KyrR
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C17
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C17-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0099d6d076e14ccfee15ed7e7ef384bfee12deba8c9ae8f6cca3486a1494
-
-PrivateKey=KAS-ECC-CDH_B-233_C18
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A9YaE6hSmj++4zCayZ6E0
-GcYtcmG60U5TaKmBmhihQAM+AAQAmmWoU5QHD+DloQgWTrKJzD137QhI/VfzhOYs
-qiAA5/VvLCe+T66yDidMJgTG3C2IWXAwrSFk+tA8uQQ=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C18-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAJplqFOUBw/g5aEIFk6yicw9d+0ISP1X
-84TmLKogAOf1bywnvk+usg4nTCYExtwtiFlwMK0hZPrQPLkE
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C18:KAS-ECC-CDH_B-233_C18-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C18-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAH4fMlHioKpt4fjfhrhe2dEdpetxNq3U
-XqfSXIZ8ANligeB1benapV0u9lc7sv4t0Jtx2RGRpaBDuuDz
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C18
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C18-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01b1e977c43afd203132c085b95db0e2046a4b6ac2c046ee9ad665050578
-
-PrivateKey=KAS-ECC-CDH_B-233_C19
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A7vskeJsytDbOOWIsEUw5
-ps0eWOyUQ8iHDl7i+AGhQAM+AAQBP7HKntcJuzhvugLMeGL9bGThCHvl9h6nM5Rs
-FjQBy0CX5EpzBwDev+gUP7+byjo9bEaYWifNUEOyylo=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C19-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAT+xyp7XCbs4b7oCzHhi/Wxk4Qh75fYe
-pzOUbBY0ActAl+RKcwcA3r/oFD+/m8o6PWxGmFonzVBDsspa
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C19:KAS-ECC-CDH_B-233_C19-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C19-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAL4e51DycSsqyyDEXpc1fFDbO+iVsz+D
-DHG8n089AV/sgQzbF5/NHOjk3BokmeQN6KSkmpQg8A5WEQz0
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C19
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C19-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=000e4cb704355cba1b40cee3da102cb048519a91b4c789b3757cfdd933aa
-
-PrivateKey=KAS-ECC-CDH_B-233_C20
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AF1JNUGYWvSBcs5eLx146
-NHYjPkm23CBvlxFpdVehQAM+AAQBUKFzJ4Ree8edjs4Skw3Ct3ZUyqEIK1ewz44F
-sawAFRx2gi2N9e/9jGlDOVtqjVOEMdQuhG6f+N5+ruY=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C20-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAVChcyeEXnvHnY7OEpMNwrd2VMqhCCtX
-sM+OBbGsABUcdoItjfXv/YxpQzlbao1ThDHULoRun/jefq7m
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C20:KAS-ECC-CDH_B-233_C20-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C20-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAVwuLOC8cizqTLx8M1LL4NKLWwAuRNk3
-BYldeRr8AU9haYOtCOdFMVxHZ7CuIab9imKcJYznrvpMF6jg
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C20
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C20-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00d8c13bc5e819c6101daef3f6fb5be6bccecf233c4b7fc65054e8e8d3bc
-
-PrivateKey=KAS-ECC-CDH_B-233_C21
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AprBdMKcD8ReagPioZLNM
-oVxFPoKAihCV5DXpusuhQAM+AAQAk7MlIlH9nW2cgdeM8fE0zdVU1jwqHi8a+hTi
-1OQAiusKirP/Xk+wI/fhkX8BCIkK8Rq8p9oCf62sw7Q=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C21-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAJOzJSJR/Z1tnIHXjPHxNM3VVNY8Kh4v
-GvoU4tTkAIrrCoqz/15PsCP34ZF/AQiJCvEavKfaAn+trMO0
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C21:KAS-ECC-CDH_B-233_C21-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C21-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEALr6m7qScl7vDEoK/L1CY+VfUVVkW1xY
-qWvD6ellANGz0ONdYX4J4HjFcaX0HqIt/REtZ6lNjfu6Zump
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C21
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C21-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0129af50fa085133771753f297a313bba0d2f5882e7634b7ef5adce760ff
-
-PrivateKey=KAS-ECC-CDH_B-233_C22
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AFo0JgJ659qzzETTrXrGv
-lm4hK5tr5oz9IkAUJemhQAM+AAQBcQoF8CtVBXKVFrGsc9RfPPCPHFE00vc9ElcC
-Q8kBhhGxDatQdYPyvhD9Qpb1N9SvCVdvlpefHq3+KRw=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C22-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAXEKBfArVQVylRaxrHPUXzzwjxxRNNL3
-PRJXAkPJAYYRsQ2rUHWD8r4Q/UKW9TfUrwlXb5aXnx6t/ikc
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C22:KAS-ECC-CDH_B-233_C22-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C22-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAHmL9at2G7as/tDO8c1xs+9G8lBDI8r8
-QIFZLdb2AWJ3rrPhysASGwfZN4o6DLxlZ7SEI5KeNtyFXp0a
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C22
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C22-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0077c4ea1095fadc4cb4190a3fd530c7d15325e5d79b8e8a2b708e2344cf
-
-PrivateKey=KAS-ECC-CDH_B-233_C23
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AOCT3HsMlW70DZC14LMZ5
-Th5Uqo+l8qMx7hP3hFChQAM+AAQBpONajDJxfyqqPu7xd4SOWA4P7WyAloaPasxO
-HAkBNydgToHTqdk9JD/nni24pEIzSo6hhSufg8rhvD4=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C23-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAaTjWowycX8qqj7u8XeEjlgOD+1sgJaG
-j2rMThwJATcnYE6B06nZPSQ/554tuKRCM0qOoYUrn4PK4bw+
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C23:KAS-ECC-CDH_B-233_C23-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C23-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAV9yPamjjC2lBiwX0Lg3Ui98aceT95wX
-+2ll1EoDATKxd2CsLiu5+BPtd5DFzTqg04q2Ti4nLd9KTCwa
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C23
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C23-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00d9eb3c79cf442595dad03ed4a38daf358b97d5dfc01cb61ff200a47958
-
-PrivateKey=KAS-ECC-CDH_B-233_C24
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AkK3Asgfa44FiLPkuBLzn
-R5GA7G4XcWYvXDF5vZmhQAM+AAQBBq2/m7/bMINZin9tsukdLnwXT3BfwhZjG30F
-7fIBkNhMpvRpX9vKQNJqdJmKBcPXYdvwiYG2RcDqI54=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-233_C24-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAQatv5u/2zCDWYp/bbLpHS58F09wX8IW
-Yxt9Be3yAZDYTKb0aV/bykDSanSZigXD12Hb8ImBtkXA6iOe
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-233_C24:KAS-ECC-CDH_B-233_C24-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-233_C24-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAFG3C7i44jQbhoIdVLl0tpa9pEOst+pl
-ll0n0qxwAMd4Tu+InEccnSaz4N4krStL+Lu6b+GPUaQSGIBY
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-233_C24
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-233_C24-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0124c19cffc0b9549bfa378a548e8ce11ee7fca28d2d898de49ae1f2ff61
-
-PrivateKey=KAS-ECC-CDH_B-283_C0
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAvQ0VYQiRqLMjsBo6dbG
-5BYPa6Tjtdgx2Twdqo/T1almDHuxoUwDSgAEBWHklVYwGBaYBNTI4kNbSv2F2jdt
-kUtp05JG+OBhE6oy5kLSB4Gn9Z3n9C9fnWw0gfM/xd6zV8bs9MdY43DSQ13j2O5z
-dwP0
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C0-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBWHklVYwGBaYBNTI4kNbSv2F2jdtkUtp
-05JG+OBhE6oy5kLSB4Gn9Z3n9C9fnWw0gfM/xd6zV8bs9MdY43DSQ13j2O5zdwP0
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C0:KAS-ECC-CDH_B-283_C0-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C0-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAlBOGheBnTnwEKSmmgVoKZQCtY+USjhM
-fRpiyck+pNH/MA4TAmUTL3tMZLdLkXntDy4hH0Mo1iVAUCL1VBcNqTK4D998GqsS
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C0
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C0-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=065194e26090e74047ee75f13f9769d20e1b52189650011e283daa090732cc53755dc366
-
-PrivateKey=KAS-ECC-CDH_B-283_C1
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkArlB5pLgqYTF/6iDyfn4
-JWpDqx/RrZeCpC5CmpTpEOSCuRwjoUwDSgAEB7kK8Ra3N9kAjkwY9q1TnSnuF5AA
-ih2vLoVvpnLspKr8lspjBqr3jQ8gZXt3uXzKMOq3m2eaOqqQsQkH+XnN6YjOcYSR
-AQwq
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C1-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEB7kK8Ra3N9kAjkwY9q1TnSnuF5AAih2v
-LoVvpnLspKr8lspjBqr3jQ8gZXt3uXzKMOq3m2eaOqqQsQkH+XnN6YjOcYSRAQwq
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C1:KAS-ECC-CDH_B-283_C1-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C1-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAWI6lnXoxANm4mEx5Hsa8GyLM6z16S9U
-ZEgW3LhEOCyUTMIfAp0oD01MDF/XD34kCVlQEovqPK48pG9qX3C3Of4amQJogE44
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C1
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C1-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=075c535cc70de19c92d7314afa2f33200903431f6990ad40ac31dadaf4e492a799b75b05
-
-PrivateKey=KAS-ECC-CDH_B-283_C2
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAofeFyulDzJ7/H1ajAFW
-0lofC59x04mFLy47WHQGy3TvO9BBoUwDSgAEAKA0kHZfyQwjVTwOK3nfojK1GnPy
-FVTl6xjaTJlNkl+O0rvvAwT/1BxbCrKnC4IYjo8VeNarfTzjzjT6RdzDIgfxY+kc
-XWgU
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C2-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAKA0kHZfyQwjVTwOK3nfojK1GnPyFVTl
-6xjaTJlNkl+O0rvvAwT/1BxbCrKnC4IYjo8VeNarfTzjzjT6RdzDIgfxY+kcXWgU
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C2:KAS-ECC-CDH_B-283_C2-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C2-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEB7g2lyhDL3Uo0+7IpniOac0uuIFixHUS
-dC7g8CfMtBV6KKIjBZhut/EJqh+FVuuivciOSRO2Xv+5ROrmOWNsun4B3DcYvLNh
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C2
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C2-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=02956f63d48a49a330e2068955cc2886dbfd5bf72a81b10ed83f2d758dd315eca172927d
-
-PrivateKey=KAS-ECC-CDH_B-283_C3
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAVO7uKPOShuZlg9WGGq1
-Agf1iPMMlL7vKECEI7pE/IdfrzjYoUwDSgAEBPLCRUiZYjrxO2WCCroUVzhAf3cY
-arr6UtJLNb/fWAj/6uB2ARH0SEYK0kMKrseI3ikVSEdaHlg22sUg2OSTyfYBJ15w
-6inS
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C3-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBPLCRUiZYjrxO2WCCroUVzhAf3cYarr6
-UtJLNb/fWAj/6uB2ARH0SEYK0kMKrseI3ikVSEdaHlg22sUg2OSTyfYBJ15w6inS
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C3:KAS-ECC-CDH_B-283_C3-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C3-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBzsJKipNfJoXu4jnW0Cp5OQ7mYE89haC
-1JuSkFwt1gZ5Cu05BWatRSotjvCjJ86OKFYUb+yvCeRDHMwEJWoHf2BwHORHa22s
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C3
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C3-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=068a3f6938c44b797524377508585842c6a7f1af5ffe9131dd3ff786ae56e1739345d3d7
-
-PrivateKey=KAS-ECC-CDH_B-283_C4
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAyrA3LmqOXJAH59YhF7X
-Zdo2t9b3c1V3m/skOYJ/81VqdXgcoUwDSgAEBxWchrnGrbIWDCjYYRj4RWSpDBSe
-3igylGNnekyHcp+JfC+YAIp4Fn4WkGJZkrDvwuDvb21h6Bg3yOzf2rUdFTQON+fY
-0FEg
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C4-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBxWchrnGrbIWDCjYYRj4RWSpDBSe3igy
-lGNnekyHcp+JfC+YAIp4Fn4WkGJZkrDvwuDvb21h6Bg3yOzf2rUdFTQON+fY0FEg
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C4:KAS-ECC-CDH_B-283_C4-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C4-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBFXoe8Iwzn/FhjEt0gfFKeR+PHTMDOXQ
-c/v0sclX+Mu9kRO8Ah/79i+yUx2znvLQvc4NnBQckunNymJ8qjm1k/xKAhDo7kgf
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C4
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C4-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=019b48d5eeaeb05b58801ae8f345ad9bacb91daac885e506949b849ebc67bcbfa308aab7
-
-PrivateKey=KAS-ECC-CDH_B-283_C5
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAmib8hR10y/nGnNV79mn
-eHyqlUXr64U+UYTOQhUkKQUfQMvEoUwDSgAEANflvPrFePzXKBgGRRdtfgiLaNMw
-ognxi5aGYv7RY0KzkhogBvdQs7XpjgCZtpWWWqHRZHXRB0+SMRJ+1wPiaW1LVq/e
-u86q
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C5-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEANflvPrFePzXKBgGRRdtfgiLaNMwognx
-i5aGYv7RY0KzkhogBvdQs7XpjgCZtpWWWqHRZHXRB0+SMRJ+1wPiaW1LVq/eu86q
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C5:KAS-ECC-CDH_B-283_C5-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C5-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBlLMyJIfQ5r0KiMBI2tYQ6QvH9mez+G0
-E0w94BTNx2A1NHzAAzQdgHSfGl7J96xiUjhP79OLbyu83Bj+vobBYPXnjAA/Bm4G
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C5
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C5-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=061b3bef1766460f6296ed47d39ebf5a710d202d2b7e7cac0f0d3b235405eece99aa30d7
-
-PrivateKey=KAS-ECC-CDH_B-283_C6
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAQUgQpiN3fRw0KLjb/9b
-k+xp9NJAqON8BkzE1ZlGe6J688nxoUwDSgAEAMfJ/3fgGLiAG934hnAlVrEmptmh
-gxofYPNYcuUkwTTVU+SkADXXZ7WLSZ2ftUViw4MEEa9Z5wiKSjMz1dx/5bD38eHF
-46wr
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C6-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAMfJ/3fgGLiAG934hnAlVrEmptmhgxof
-YPNYcuUkwTTVU+SkADXXZ7WLSZ2ftUViw4MEEa9Z5wiKSjMz1dx/5bD38eHF46wr
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C6:KAS-ECC-CDH_B-283_C6-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C6-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBiMxuTOvtDhPo6TSJFUa6BILxV/H6nPy
-vnSeIXr8ThunnnYPAr9RxE+DYcMFTK1kD5JEb+OCCwY89LsiyhfAonT9RvUFBPvs
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C6
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C6-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=055d579458860a3dd92ac6570847632f04460755c22a4c432cf4dde9611d2ce1608ca185
-
-PrivateKey=KAS-ECC-CDH_B-283_C7
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkA7ua1fpVLTjRp3y1U8Yx
-4tCUDbawTwvXAR6nNb5Q0EXampwdoUwDSgAEBocHGAXCWn0LFzn3z2gbLylcT52J
-NzUdIdHUP2NOmlcQW/EnBjO6IYcuN5xQ5Eg3KxwOZehdB+3XEtfcBvppopn2A33s
-5mDc
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C7-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBocHGAXCWn0LFzn3z2gbLylcT52JNzUd
-IdHUP2NOmlcQW/EnBjO6IYcuN5xQ5Eg3KxwOZehdB+3XEtfcBvppopn2A33s5mDc
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C7:KAS-ECC-CDH_B-283_C7-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C7-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAh6C1q9tMhGYF2/4mGwrx4agCBMmzIXw
-JrcbMqwGwLrmtMuiAelzP6nSmWEmlCDbJO3A1a4oXXjJrhSzixAZ8TZS8ZAnfcR/
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C7
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C7-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=054fa7c6c84fb89e5892d9194540860ea31ae2b6e37a86971344230ea512a3f6c0569216
-
-PrivateKey=KAS-ECC-CDH_B-283_C8
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkATOqRF3IDX1aCX0doR1R
-DmVxp4O0+yNUAnF9aLqP0UVOazGfoUwDSgAEAtJuRqbtn88dL4nGPYDgFy3ttPWu
-3f8JKDaqyFmQlIhVV+rZB9ZxOXRwHBYK7eyPlOZEa/fTx5DL/4cCzHhAp4GOW2Ji
-cfcj
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C8-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAtJuRqbtn88dL4nGPYDgFy3ttPWu3f8J
-KDaqyFmQlIhVV+rZB9ZxOXRwHBYK7eyPlOZEa/fTx5DL/4cCzHhAp4GOW2Jicfcj
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C8:KAS-ECC-CDH_B-283_C8-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C8-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBF1i0B217xc9DP8xWpKpoQXRrXhP+bCO
-ch81gOBiZf9TihlLBrdkwf92mFSWuURRt1bE8w/fxjjYmQMSu+zL+9c+jFqFWtt1
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C8
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C8-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0353ff03afda3772984aadc4000e1275656607154b06c3a59c664945fa6fde1c255ffa86
-
-PrivateKey=KAS-ECC-CDH_B-283_C9
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAEZh8QeptXAEXduwc4q2
-mxwXqazBHaXax/2GSz38NqJSgtaqoUwDSgAEBhurvv7lIRxJF1Bs5fn549HlKyUG
-84ygluG2U8qftp9GEFcCABS/0u8ii1oD4mIwweiXrQgacEATzuVRZspG3jlfxS9d
-ISA6
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C9-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBhurvv7lIRxJF1Bs5fn549HlKyUG84yg
-luG2U8qftp9GEFcCABS/0u8ii1oD4mIwweiXrQgacEATzuVRZspG3jlfxS9dISA6
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C9:KAS-ECC-CDH_B-283_C9-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C9-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBKVhtRhK3tnHvZho8wQ7Xi3lGQj5wD1e
-awijCIvMUO4yA+JjBYFbV5/13sb6yXe6cIizM79MAjHaAhh07gDXH+JdP01QpXrD
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C9
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C9-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=050795ba093d2e02398c358951f20c9e3b4f60628a96a4d0c46cb8fc0005e5331b38a09a
-
-PrivateKey=KAS-ECC-CDH_B-283_C10
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkADa9IfhKudtvS93JRjXx
-n4CssoE9pTmeB3eDLC/r3HGGKr4zoUwDSgAEBo7jJFdU1R33eABGrzmstAfEmYxi
-C/+U+zdPr0tJgAbuoM+IA2akSfCez7rsxJ2IAwf1ckbBHFvqAK9CcYZ3qN7xXlkm
-2hgi
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C10-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBo7jJFdU1R33eABGrzmstAfEmYxiC/+U
-+zdPr0tJgAbuoM+IA2akSfCez7rsxJ2IAwf1ckbBHFvqAK9CcYZ3qN7xXlkm2hgi
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C10:KAS-ECC-CDH_B-283_C10-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C10-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAdfXU2zYOD4cCxuKrgK6qf0sTmiyGAjB
-dU0LFRNhFX+BJFkwBzA02kFnl9qVo4Nu7yex+icfWaQ0hI6YC60v3VP/0eNm/2kX
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C10
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C10-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=02ab08d63cdb4be2502558e67eab27570f2d029e7f981d153b973080585d01e42f7187d9
-
-PrivateKey=KAS-ECC-CDH_B-283_C11
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAWWXrm5J550GkDSXKmNS
-Wjw+LSwlO54d0/N4FoEs9UrWXFRqoUwDSgAEBQ6gc1ItvlFAj4Xwpghr1Mjv5XL4
-Cq2t1+cOu0tyi/2/1PG8B9pSABfHrSkWonGbhViVj3fHEtNSz/nArZn7yYoOBl63
-rH/r
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C11-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBQ6gc1ItvlFAj4Xwpghr1Mjv5XL4Cq2t
-1+cOu0tyi/2/1PG8B9pSABfHrSkWonGbhViVj3fHEtNSz/nArZn7yYoOBl63rH/r
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C11:KAS-ECC-CDH_B-283_C11-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C11-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAgQvWj/l49MzW7e8253L2HFu0Y1/wv9C
-l7wf63zKMQAi4iE9B767bA4EbVr9v6h+qYyn9V6c27BV0MxUm0RY1pmL27NFF3OI
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C11
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C11-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0599757e3ffeb484b32d3b47828b6823d46786d35477082ceacf3a5a11552394fe58f53b
-
-PrivateKey=KAS-ECC-CDH_B-283_C12
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAV6oVnx7grSD+jZejmgc
-CmNfVjocgUcLTf5E8ZT6ket4QhgeoUwDSgAEB6/isitU/olcJCwgwFSYn6gE5ZGX
-DdqKfOEJ1r0xttqo8vx0BgczvVpOqbXqcJCs/ukYEGt/JScvP3yzbto4us0hN1YQ
-zeko
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C12-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEB6/isitU/olcJCwgwFSYn6gE5ZGXDdqK
-fOEJ1r0xttqo8vx0BgczvVpOqbXqcJCs/ukYEGt/JScvP3yzbto4us0hN1YQzeko
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C12:KAS-ECC-CDH_B-283_C12-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C12-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBnr994j49IMcPH12BNB6W9xZ2kLZMnMf
-r16vB1MoCWaraTeQABs50dhytl4xJRwfWE5P4+111TrZDoNv6QyNuU/nfO8LynIE
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C12
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C12-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=005e331af55e96153d8a7b906a4a19016a26381977b49f80b9d70db099053c6a3b8e80d5
-
-PrivateKey=KAS-ECC-CDH_B-283_C13
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkACkR2TjZUIrsy5h34SfR
-sUYaza7QNfIOD3RMd08ccnA7XEtJoUwDSgAEA4a/3+YDc74RS0F8Tc60QyI/3mfA
-/vKe0PhntaFfXqDMtNzKAvrDjshJTPdXYjPsgoLeOEtn8MqASAhCAQOdGUyL2k9u
-Cv8+
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C13-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEA4a/3+YDc74RS0F8Tc60QyI/3mfA/vKe
-0PhntaFfXqDMtNzKAvrDjshJTPdXYjPsgoLeOEtn8MqASAhCAQOdGUyL2k9uCv8+
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C13:KAS-ECC-CDH_B-283_C13-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C13-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAYhmpPovfCU05WOikd6HGoswUqZ09dvC
-O53qDozv2garwyyPBY3Ezxv5hdG1ZpcIR8umuKT0DH5ipYCLByC7uM3ztFMeOAvn
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C13
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C13-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=07e132ea71a16c7cc261b9d6ff6fc52cc490da616b07d92f9e591fc1e630d3442572338f
-
-PrivateKey=KAS-ECC-CDH_B-283_C14
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAWYvVUhWwCCKMbGVFI+C
-jgtckqTqTAMySL6/lXtYa0Ce1ZhQoUwDSgAEBwVSZMPeOmItJv561wC96gRdSzzn
-GPTmrkTPN2w6lqJlCzIhAPRcwROGaK3IFQ03wHK7QkVmDBh4VoPHsXqh+4WRumza
-I2V6
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C14-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBwVSZMPeOmItJv561wC96gRdSzznGPTm
-rkTPN2w6lqJlCzIhAPRcwROGaK3IFQ03wHK7QkVmDBh4VoPHsXqh+4WRumzaI2V6
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C14:KAS-ECC-CDH_B-283_C14-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C14-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAAVx177wVgiRcvE0I6WFq5efS49351LA
-QsDGUmO0dpgeXzFXBEvKaT6dOxp/pq1C2382saZXEtCe87txXiZAoYL0NmIGhsCk
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C14
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C14-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=010f26817098ce1bbd6743784d6fb65e60699c14933a2c8d854027aa58b58db9e66a53a7
-
-PrivateKey=KAS-ECC-CDH_B-283_C15
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkASwBAKmWPuF9es9N344C
-2K5187mRFPU2avtKAK3po8DuOaiHoUwDSgAEB3lPoZxrENOZ4PUtNvSDx4UYSOYr
-rPlbWvUeygmtRF7hnvNNBhQNLuFs0KbLGWBQmnzMZkvpdkSpWuFvShc9moZwFfCD
-fwVg
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C15-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEB3lPoZxrENOZ4PUtNvSDx4UYSOYrrPlb
-WvUeygmtRF7hnvNNBhQNLuFs0KbLGWBQmnzMZkvpdkSpWuFvShc9moZwFfCDfwVg
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C15:KAS-ECC-CDH_B-283_C15-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C15-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAW60u7PDhuD0L7A3vuR4xMDb++Vcxo4z
-/bApueXnJK/0/Yv2AlFDL4RWikSXHoarcV04eeYU4Qclc174+2ZS0HnHkI8RvR8B
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C15
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C15-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00bdd8ccd1b40c5bc2efc1c105999350fefaf784710914ff639582f1277678699491140c
-
-PrivateKey=KAS-ECC-CDH_B-283_C16
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkA0XCdrBezp58hoEfjIr0
-iyLbQdQGYnUAlhG4gNfSzvMpxQ6CoUwDSgAEAHr//PoxwRCqs7s5RTCkHEFq9Wa/
-uo8Vn5hEN+eZ3dqvjN/SBl+zxoRGp0BourfjargOmEcH45pKFD9aRtZGNC+fEvJq
-Mikb
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C16-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAHr//PoxwRCqs7s5RTCkHEFq9Wa/uo8V
-n5hEN+eZ3dqvjN/SBl+zxoRGp0BourfjargOmEcH45pKFD9aRtZGNC+fEvJqMikb
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C16:KAS-ECC-CDH_B-283_C16-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C16-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAkF8ZWlNhQx8hm9+EWOaX4cYypqrs5L6
-hhDi1dfdozdaYH+bBRM5ONyZFE0W6nUlw/5OMuMg7QdbllJ+E7KpnJ8nrenvnty2
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C16
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C16-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=014a83e747c90aec6101c0a752d92eef7475b00051ecad3d7c2e50cf4eba1ef3c80b8c94
-
-PrivateKey=KAS-ECC-CDH_B-283_C17
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkA6/Vr/o0a1JZaX2SF5Uq
-/NA93+wEYxvZlcEKwlg7DKjSRh9doUwDSgAEBrTCw2FbJmVD3hiciWz/d7VVfHgs
-IVlhrHMkGF/JqBCY8uvqBH/vGWBzmuCu45o//bguiQ1CNvwi2tOV1JC8Ol7qWOjN
-A+27
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C17-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBrTCw2FbJmVD3hiciWz/d7VVfHgsIVlh
-rHMkGF/JqBCY8uvqBH/vGWBzmuCu45o//bguiQ1CNvwi2tOV1JC8Ol7qWOjNA+27
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C17:KAS-ECC-CDH_B-283_C17-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C17-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAMXWFJ+HF0ujf0wcb2f2kFq7MZ9Sa3qh
-vh3SBd+TCrHJG7H4AMLiHhIGzUu1tiKr6Xyj8lLLxo0FSnf466utWT+xhjMGkov3
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C17
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C17-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00afd29e352779a39021536ea50c24fa264c599f8f8fe8f2ccf0615a6547a064d7c1a150
-
-PrivateKey=KAS-ECC-CDH_B-283_C18
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkA9V3H4SFw7i+YqVvOTZR
-PjtjGlYalCYT35UUD0cyFN9hfExOoUwDSgAEBZBsxFKbIgIo77sFRb9V7APIb4fi
-9OOjy/QE4HtzpbGl9SjNAWWI5IDEhWzS7pqvHjAoEvvAsz9SfCm3fOD0h46gidAl
-pEDA
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C18-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBZBsxFKbIgIo77sFRb9V7APIb4fi9OOj
-y/QE4HtzpbGl9SjNAWWI5IDEhWzS7pqvHjAoEvvAsz9SfCm3fOD0h46gidAlpEDA
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C18:KAS-ECC-CDH_B-283_C18-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C18-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAXMETlvmOZfXkl5DG78ATPDwuoWqKVo0
-Ho9YV6EgvonXdlPpBzfMBJaQ+XCCSnsMICJDloLJ2C9PI+SOXwf+qWJnyjvU1zCl
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C18
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C18-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0477990f17d65589289c28e54a56a83bc05ef4ea6863c5ebe840925c9fbef64ccd6e69a4
-
-PrivateKey=KAS-ECC-CDH_B-283_C19
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAOLAxgL7EyOZ7p8xAINl
-6iLMEmD3n+OuYQibim+kVZyska7IoUwDSgAEBubjGMDEwLZh39PnIgkOzTL9yco9
-Fo2ccXTB1Arbss5nLZJSBAvcHbx7Fj98lVH0faqClKwtxP4NRyxOLyz+/JXVI/9Z
-4OiA
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C19-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBubjGMDEwLZh39PnIgkOzTL9yco9Fo2c
-cXTB1Arbss5nLZJSBAvcHbx7Fj98lVH0faqClKwtxP4NRyxOLyz+/JXVI/9Z4OiA
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C19:KAS-ECC-CDH_B-283_C19-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C19-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBoWH5p3t30tVrFHyoX3Yv9b5TnIQAyFC
-Fb+ySySCgedaPGWUBE7unHArxMHiEMfMIUUkWSVorA+f1n1uoCtNw++0LPuyJj2s
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C19
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C19-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=067a661346fe052ca27f3f03e75bbdfc8fe6d0d85c62c8f79525252aa241ae9de97d56c3
-
-PrivateKey=KAS-ECC-CDH_B-283_C20
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAy1XP964Wk2iKXiWYxQU
-UY1LoH3E3XL3MXKIkNC0TTbyMJwOoUwDSgAEBvb/6gqHvZ7rU5xIo/y/OIFZhiJZ
-x/eEDmSAn77bAag4EsDGB8eVuPKEf8OfpWwt4ebLv0lFCHyy47kZ3HdrTMHIPksc
-ebi6
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C20-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBvb/6gqHvZ7rU5xIo/y/OIFZhiJZx/eE
-DmSAn77bAag4EsDGB8eVuPKEf8OfpWwt4ebLv0lFCHyy47kZ3HdrTMHIPkscebi6
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C20:KAS-ECC-CDH_B-283_C20-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C20-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEA/EibYAsV1+HGiE7gVD3gYu9YlZjtz5y
-CnN/BxiWCG2gsUzZB9HLDOGcmKY6r3sxTx9XIOMohwUzhKwPXrabbEcajj09Fudv
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C20
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C20-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=06476b0620eef165941a4507e6d798d6f150ab29333c0552281b629170d3291b2f9b3f41
-
-PrivateKey=KAS-ECC-CDH_B-283_C21
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAKaqy13T6DWBT0UtggfR
-WlM2OPcOlPh8Bhlu/4g41I7tLiZ0oUwDSgAEAt0Ak6jUGYMfNLrGxgpXDFHQjmmb
-GByWS2Z9DRftcqSRGazZAakZdr5dXgN/IjUNZ6t7+rUbvE+mAm00fSj7RAe8zEDd
-EKAO
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C21-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAt0Ak6jUGYMfNLrGxgpXDFHQjmmbGByW
-S2Z9DRftcqSRGazZAakZdr5dXgN/IjUNZ6t7+rUbvE+mAm00fSj7RAe8zEDdEKAO
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C21:KAS-ECC-CDH_B-283_C21-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C21-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAqkR5+bS/HcNHqvH33AbsRkISmhZANIt
-UtWY/h0o/IkbMbSHAbjcZxPKRT6RsuxOTR+DSwjuvH6IhsOkWOcJJSQsSyK/CyBT
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C21
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C21-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0746719f2ad08f8a8d6d6fbf15723f336285ce75d3a2fcbd5a0c54c577517a22bc264161
-
-PrivateKey=KAS-ECC-CDH_B-283_C22
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkABEvsqtWRDdlZ2oeQbPL
-kesaZ5DpZO6QDPySlWNrpMb6h6rSoUwDSgAEA/UH2ZzCSY4sf1T7PJwDLzglSOLj
-Fo+hQBJaUmBIVo87s+WhBScN9378fWxV+SWbyCJzyba982duE8NgGxswIrli3hEp
-yzsU
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C22-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEA/UH2ZzCSY4sf1T7PJwDLzglSOLjFo+h
-QBJaUmBIVo87s+WhBScN9378fWxV+SWbyCJzyba982duE8NgGxswIrli3hEpyzsU
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C22:KAS-ECC-CDH_B-283_C22-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C22-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEB1QapR1zAuK7VXwn7BXX+cOuO3bsL4bL
-lejerX+ga1eDl/HxAX6iL2tUdPD18PTq1UFyBkBRU40+IypTDfyl8qDcZ3Rsi7Ha
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C22
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C22-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=03cda4b5f44b5d3dc248310f994419fbcbd665115d1876046652251ad4aeeb1dcf184288
-
-PrivateKey=KAS-ECC-CDH_B-283_C23
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkA+TxxPMOKo1v1Vn3/ogg
-6IaUneh8AdjrZMe0DxVIy2F6kmAzoUwDSgAEBeP8VuwWKIXBKR5K6cGcjrK7VZ63
-7NWBdUm1ouo6ZtlRiAqmBMAE8q5NtPdItDe8EV4G6iAXqHeYKY3WAEYW/P/cx+wt
-/W25
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C23-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBeP8VuwWKIXBKR5K6cGcjrK7VZ637NWB
-dUm1ouo6ZtlRiAqmBMAE8q5NtPdItDe8EV4G6iAXqHeYKY3WAEYW/P/cx+wt/W25
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C23:KAS-ECC-CDH_B-283_C23-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C23-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAh+xTlLNQkOlIPYwIpsd1pYcSb2W9D+p
-yuN63YTaeuctwweOAN1ji/kFP61qpP8tMwuKSiC/4wIPQLlpIwLQsKPC2HeFbsRq
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C23
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C23-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=015c892f95768a96ab5a4f9523b7fd466e101f63b88ad8f1fecb3027cd70aa00735dcc90
-
-PrivateKey=KAS-ECC-CDH_B-283_C24
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAK5+s9QDVPn4/tGPIWLe
-44FWyuBTW1U3DaNjjwFmiuz5cIvmoUwDSgAEBh6IWONo2ckX8SnZMt3EzKUh/0Gf
-HXQjDoqlsbPpzmf0HEtMArDX+9xjajvDS73SqJKRtWew+yrzI4OGi9QNS6TKyYgM
-JUC4
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-283_C24-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBh6IWONo2ckX8SnZMt3EzKUh/0GfHXQj
-DoqlsbPpzmf0HEtMArDX+9xjajvDS73SqJKRtWew+yrzI4OGi9QNS6TKyYgMJUC4
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-283_C24:KAS-ECC-CDH_B-283_C24-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-283_C24-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEANCO04VqvvfUpiJDyS1uZwzrOvMjV/25
-05wZF1oQ0curNs54BdufrX/Ir+eci5zkjmL/oNRrgFqeWCHidhwlwO26krEgsGPy
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-283_C24
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-283_C24-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01adf5a96358e18d69fd383b4dc7b20dd646b68a5c9f1417bcf426240ca22b8f32bdf1a4
-
-PrivateKey=KAS-ECC-CDH_B-409_C0
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQArOkhA//iYqwXrUKk
-bUNm9MtMWA7/OrHd5r3f27c3SBHVKx+pkyC0r11OkgjBTrjvqJFsoWwDagAEAE68
-TUrPm0BNq8OvPoy+qLiLMpmdPst/NnsS6zpigLhAA44iaBY3p9FkNuAU9pYWq/cu
-RQCeJBCVQcgCQhfpqyyWP6njc2QAlabCWibu+sWOQ0LAyFRIsnCVkqEkAv4raKeT
-xVjOjNY=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C0-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAE68TUrPm0BNq8OvPoy+qLiLMpmdPst/
-NnsS6zpigLhAA44iaBY3p9FkNuAU9pYWq/cuRQCeJBCVQcgCQhfpqyyWP6njc2QA
-labCWibu+sWOQ0LAyFRIsnCVkqEkAv4raKeTxVjOjNY=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C0:KAS-ECC-CDH_B-409_C0-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C0-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAUaYmlApe+Nz3WZcRUVaKuTCIdpc1CQA
-e9l/no6Eb5Z0Dz+ljDyUEpZxzdTX6mUKKq3p1wG0K//ahDlGoUrWCA+VuPxrfhc1
-KNCO02/mQKr4WqAPte3VkFo4s8eWG3cit3uNy0S7JfU=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C0
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C0-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01d48a586be9285fa38dd3e70b0330b0ffebd327ceefef88fdc1521ef2fd61cbc9124e03b0c926e70fa56acb3edb54c3c48fab2b
-
-PrivateKey=KAS-ECC-CDH_B-409_C1
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAP/IvfXwEmYmkPg6j
-9dYXmBWcF4qnktedH/6/+Ntw7h/eBApLXx7TP7P/I8ROfGshsGI7oWwDagAEAdXJ
-Jg5z6jbk3qqkuPRUH2eAZraQdxqG8NrcWA/biVmB5t0C3SZO2fnBdjvVSmBSotPb
-pwEacGgmNl7OKOOLM2ILygFtLZM4UY39aGg3BHbay0HjuUdGV2nr6BtiBzFnNXb3
-dFHQ/hQ=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C1-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAdXJJg5z6jbk3qqkuPRUH2eAZraQdxqG
-8NrcWA/biVmB5t0C3SZO2fnBdjvVSmBSotPbpwEacGgmNl7OKOOLM2ILygFtLZM4
-UY39aGg3BHbay0HjuUdGV2nr6BtiBzFnNXb3dFHQ/hQ=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C1:KAS-ECC-CDH_B-409_C1-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C1-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAX6fAbHW5XAjKDMNIyod0/LFksxAn2yu
-8HCEQIN/NZdRDxEZVKpR5WRsz0fv8fB6T4rhywA3FPbqH9FDznUeLYW69UxVI5dh
-CO1IL9auEDdDExynFgJrFqHkliMfmRzcj220R/X5X44=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C1
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C1-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01856c92b46d671d8a7f6cc468efb60a61093d006c95bb931c1fccc336d4a8490fe17fe163c972bac39fe728f24534a0c34d2d21
-
-PrivateKey=KAS-ECC-CDH_B-409_C2
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAlt4sOSnECF+cwdN3
-jC2/Pbfw9357p7vE5AjH1l4si4iwdV8WC621JOdpfFDmDI2Z5W2koWwDagAEAZxH
-15kUyL2udU7F7B6ByP8ympOOaXHu48lFxOv0ieFLFeYTVhbImMgLewa4r2cGHHaa
-tQAAiAIrT7DnVOxPq4z0/GNiVUJnVfqZtWgFwV6sBDJRVdzL+kFF4WHEDxib26o9
-0+DD1sk=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C2-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAZxH15kUyL2udU7F7B6ByP8ympOOaXHu
-48lFxOv0ieFLFeYTVhbImMgLewa4r2cGHHaatQAAiAIrT7DnVOxPq4z0/GNiVUJn
-VfqZtWgFwV6sBDJRVdzL+kFF4WHEDxib26o90+DD1sk=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C2:KAS-ECC-CDH_B-409_C2-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C2-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAYPuNVqTzROv8XVqCOWOIZWoJimNQ/bQ
-e7HDgrTlaNAICTkmAAnGr8vtDyMlLgHW0UxtjwGyMJs4GcJFSkitJTrJe848ebUf
-UO1oA88FRkt0paHeIhE+I8AYxc7ZGG3bmBxini6ds+4=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C2
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C2-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01972e225e08b47512e92c0da9a1bdddb1802be402222cac5788b322e101feeb06b66b2fe726c1cd8aec92e02f37d15f4c97e64d
-
-PrivateKey=KAS-ECC-CDH_B-409_C3
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAq9XWHN4xGAMBwmnV
-KvhWuqObifXvRTZ/VRkhDHHXezGNBT7AwvSb9G3gXKvyPH0r19I/oWwDagAEAafv
-PRfDAehmG6ZsHN7oKptE1xaQnjZjtCPcBu9r5PYWzReTIc56Vy2kvKLom3aO3IRZ
-swDfdDhJogvDAmBitCDTlC8Y4tbFMH5uGVXjOwnVlR3FmzGisdWMIz4siW4tnMqo
-7rjo8RM=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C3-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAafvPRfDAehmG6ZsHN7oKptE1xaQnjZj
-tCPcBu9r5PYWzReTIc56Vy2kvKLom3aO3IRZswDfdDhJogvDAmBitCDTlC8Y4tbF
-MH5uGVXjOwnVlR3FmzGisdWMIz4siW4tnMqo7rjo8RM=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C3:KAS-ECC-CDH_B-409_C3-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C3-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAOhd6dY+NOXHu6b/mxb0yE2V8R3+khB7
-H77K6Yzm7/PblthpAL/SLNQj284eVya+jll5MwC3FBdx98gW1V7IxTgi0uehkvpU
-oX5bmbLZCWG1Spn+1Tq6S9oaQHStPSP5yREgV5W1RQs=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C3
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C3-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00b6661a866abbf1843dea8f220e360fe7cd7d9e85c316138fd2532a57d7d2a6bfe6e5518019c603a2d0e338ac6a8690093c2883
-
-PrivateKey=KAS-ECC-CDH_B-409_C4
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQA8yPI7kM8m6FdNwgG
-mDSsxNk3vlAX4dGC7HZGarooLHO14+lv4QYUNkFALHLGJIS6HxLyoWwDagAEALdP
-UlIBGfwIU2zqWEIg3psGJAHmT/Y1kwXC5rDASpX3e69T4jwyau52IRSVwwssFQuS
-dQFUBYji/VaI0bNXY5CMH4I+7sqJQvYhbOBM72btaZHfaiL7dEEbE9BlE6ZbZOYo
-Fe4CBpc=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C4-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEALdPUlIBGfwIU2zqWEIg3psGJAHmT/Y1
-kwXC5rDASpX3e69T4jwyau52IRSVwwssFQuSdQFUBYji/VaI0bNXY5CMH4I+7sqJ
-QvYhbOBM72btaZHfaiL7dEEbE9BlE6ZbZOYoFe4CBpc=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C4:KAS-ECC-CDH_B-409_C4-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C4-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAMqHCsvk6zrmXt2V1pROsJDg5VBxK+Ox
-Np5HMgP1Kxg4ZU96Q0K9gwlwT+1pM66dFizNfQF5bMKGvz1TrWNpdzdPg1bkVzC3
-qkOAX7UoAfc74+mzKAiYSq677Xvl455RM1sN/zR4KUg=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C4
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C4-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=010889037c707d90b833d03256ff2e8a5ffce16fb3613486221494a4fee82e74625a93d966c2028d0930115494f9456cec4d2b6d
-
-PrivateKey=KAS-ECC-CDH_B-409_C5
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAEz2iulSzYkTIBC8O
-LaNxjlbb0oSO9Ce92yQXf2JEdbU0AK/csYh56P5rRgmk97vCFSsToWwDagAEAOOi
-9OY8+8HuhEdFqz4eW+VzIEYJrs5eKLj7iriuBomEZ6lae1nAiYpBSr/ycDzLzcCS
-CQENc8Q7YwFwOVEErK1sGlY9MpZjIzKhSB3cLDGDa9Gj7hpzZNf1uClduVo3RbS7
-vrgJW8I=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C5-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAOOi9OY8+8HuhEdFqz4eW+VzIEYJrs5e
-KLj7iriuBomEZ6lae1nAiYpBSr/ycDzLzcCSCQENc8Q7YwFwOVEErK1sGlY9MpZj
-IzKhSB3cLDGDa9Gj7hpzZNf1uClduVo3RbS7vrgJW8I=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C5:KAS-ECC-CDH_B-409_C5-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C5-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAH62Hf3fw8DQg/4iE5Z5hjgdnjDmhK/f
-K6yPGjYujG1jWN+VkwYAQn38HrFBGP0SObZ7aQFbqH+YEUzsiyy0W7o9zwBrKH4H
-477x2ifOCNqeT0i9JB9ZofnJPIN4hHFXUPQIX5E/T3o=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C5
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C5-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=010a8aafbb243fc9466bf381eae173c01be95d88a9c131b07ed54d2f117cd3af4019ffb196ebe8290b1269622f9df26763ffa211
-
-PrivateKey=KAS-ECC-CDH_B-409_C6
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQA33VUwBMv1OSiuSF4
-dfmSSlXKsxm3anwXnPAiKTdXmZbPlJILr9RT5S9dL8SAATKfvXjEoWwDagAEAWCF
-HP+UfOcqEYqrTa1M4sPOm8Mwzh0G761/Yw5Fu883CX2UBR2dMQq/+o2W7SKoR8vm
-kwB5o93eY2vGKvQebsDgc/5kYuOK1Lnjo27MgROixjlM7SGr3I7Flp5Y4AnqE9vp
-KalnCco=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C6-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAWCFHP+UfOcqEYqrTa1M4sPOm8Mwzh0G
-761/Yw5Fu883CX2UBR2dMQq/+o2W7SKoR8vmkwB5o93eY2vGKvQebsDgc/5kYuOK
-1Lnjo27MgROixjlM7SGr3I7Flp5Y4AnqE9vpKalnCco=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C6:KAS-ECC-CDH_B-409_C6-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C6-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAILxSOw00dCLJueeN3LhLWWVmLc7b/8L
-qxhF6aW1BxRJ7ydZ/tY6qAYkuDprLp1zm4P22wEJzqBIpyC6dJ/FIsha9f54N1HD
-n+jQUVug8NPc0Z8Ywi2jkJ8C14c1qhGy/roPjTMMVwM=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C6
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C6-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01e17b8844c4c757553a628d6f4c48f3a337ed2bbb6e4047dbfcfbfd02bb81c6e096f8ccbb7f2e5d10ee9cbcc960e3a99e79bd09
-
-PrivateKey=KAS-ECC-CDH_B-409_C7
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAMnNd1/EY0p+fPKs6
-By24yIbUL6Xee+plA27TyNRKEej5b04abyVIiMqyFDBRkaJt0drRoWwDagAEAC05
-4PifuHUVHuOzVPjqFZ5/um8j+Kdk1J4H70PxjTz4bhuqrgrXnUAAcJpQJS8c42Ax
-NQDORKm3dbA89CsxAklmB5TCXgQisDrZurqiNhBhMlH+DlQEbgT5IQQ23TdgA9GP
-mN/a4Yk=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C7-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAC054PifuHUVHuOzVPjqFZ5/um8j+Kdk
-1J4H70PxjTz4bhuqrgrXnUAAcJpQJS8c42AxNQDORKm3dbA89CsxAklmB5TCXgQi
-sDrZurqiNhBhMlH+DlQEbgT5IQQ23TdgA9GPmN/a4Yk=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C7:KAS-ECC-CDH_B-409_C7-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C7-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAIPKBN+EWOXmzm4TuTfatJhSHYJvuVQS
-NFZ+mV8Gg8gPQ4UW7v8M+JGKX4tSYszco5l0FwBfizwg4/4lWe/g6FoSJ235Iu8P
-Qlf+cDviUp9u/7bymaGiUcAeONQ8pspXbvHgvrbJEh4=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C7
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C7-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01167edf7a3c50e13be126eb2caf6b5f8f761cc8dba413246423b877df74a3aa3f48144b44cd133ad9f2d05ef97a08f7ca511d7f
-
-PrivateKey=KAS-ECC-CDH_B-409_C8
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAsE8ztoeZYw1i9EM3
-x3xaa24Pdga1yHJEqk59ppjMj/HTMRtI7nyaaBK6+QVDea62HAwToWwDagAEAcWU
-DC3is3NYJK4plMFQhvqVh1Dk2DEjrwR+mzwmR0bJtdkZ2iFTVdjCiygIo30MxfL2
-oQAKv+bxUQoYLv943YAum6IeZorqVzLHMt38XfkwH1iZ8CuugPgoJgHvPu/kFO8s
-cm/gAlg=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C8-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAcWUDC3is3NYJK4plMFQhvqVh1Dk2DEj
-rwR+mzwmR0bJtdkZ2iFTVdjCiygIo30MxfL2oQAKv+bxUQoYLv943YAum6IeZorq
-VzLHMt38XfkwH1iZ8CuugPgoJgHvPu/kFO8scm/gAlg=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C8:KAS-ECC-CDH_B-409_C8-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C8-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEATEVNql0W3R15sL9ckwj2epmgDoTm0fj
-riY7D7fkLjMWJ5u/YiriYlMbLiKD7MGmEnybCQHUjMx4HwvewxMJEARLdpCamr1/
-yxhAfcQvY5EvomZyCAA6stKBAq3PuT3cBTdg5Twtqng=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C8
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C8-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=015c0d202bfdee2dfbd4be91625171992e6c6b1a1d06cc1b2b66ed64c9d928bd4f062912900d3f89045c7190f513d3b019a634f5
-
-PrivateKey=KAS-ECC-CDH_B-409_C9
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQA1OvDHJpl7jsavZ1u
-ZJV4DFTmM/WiqfYchAjXZ9CRbZHLVM/Nk3U435LPxFk44zt31yTyoWwDagAEAU36
-qnBRjzZ838qJeVoNs3S7e0B6WMqsJLpGgk3OeFAQZ9fgRn0wueH9uwp+rOFfsMII
-zwGdYr4rEqF6ePbJ9+cDZpdl92PGI1/nr3jyUETpnEsbkGU2QLPwrkgaVdR9HrF7
-hsW62hs=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C9-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAU36qnBRjzZ838qJeVoNs3S7e0B6WMqs
-JLpGgk3OeFAQZ9fgRn0wueH9uwp+rOFfsMIIzwGdYr4rEqF6ePbJ9+cDZpdl92PG
-I1/nr3jyUETpnEsbkGU2QLPwrkgaVdR9HrF7hsW62hs=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C9:KAS-ECC-CDH_B-409_C9-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C9-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAQwnNTD1T+F0u71cJ3GlWkLmQFDDvyUj
-5ggq9HbrAleHaW7fbkON0Fa1mPUABjPCZP17pQBEPnLak7DHgl9CI8eWgm/RMiNF
-6iWt898aLGlYkIwP2bE+k8wAX07LFVov/3rFT6gYB4U=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C9
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C9-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=007c32383aae80e1111207894c8cc5be66fe538af4a19195742a94a4c3f5c765d9776a56177c485ddb53c038b70478959d374627
-
-PrivateKey=KAS-ECC-CDH_B-409_C10
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAJhdqr5imQzVm8dzB
-kZ6URT6cvzyX4Gm0oXQmRJFn9qEImsFqECpLPkMql4v7RiVdxD0aoWwDagAEAVNf
-yUm0kDAwi8Dal5PVcIh2asjPIujWwnbY8/dlDzATXh9sADAME0Ti8DBuoOJwsJqA
-rwC4/D+mHcIsVVAfKmspRJRtmfe7/vvses9PsgDBAC4yLDkXLsCits4IB/Hj67Hq
-NAA1MUM=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C10-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAVNfyUm0kDAwi8Dal5PVcIh2asjPIujW
-wnbY8/dlDzATXh9sADAME0Ti8DBuoOJwsJqArwC4/D+mHcIsVVAfKmspRJRtmfe7
-/vvses9PsgDBAC4yLDkXLsCits4IB/Hj67HqNAA1MUM=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C10:KAS-ECC-CDH_B-409_C10-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C10-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEATvrjTbR5/U9gL7qM+/D4AmN6uqheXfa
-j5qunFdueSDo9tpVogkwzmD9SQtPsBVNSSd9mQEdwdh/NS4SvbQaG3ofHlFmKe0y
-PF1bJj/wNvAj8P9fci0FbCSkEfU7NH0HhthPe+h5EFo=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C10
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C10-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01166107ab98db1dbe22c5888a70c992af4faf4623ef593802aedfe433809c53ef4ab0b2dc4dc2546488b356ef3265356055d8f5
-
-PrivateKey=KAS-ECC-CDH_B-409_C11
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAvz5zlccqqEwJYOXG
-kCLOOQZ0BFNEc8THgpQk+B8dRLMfIOK5guJRz5/7Mnp9g09Z0ZSKoWwDagAEARy8
-TtkDaifv/In/1V+h4+rQ+5O6z6Cni8r+ORSrGpeGD+wTNMqroHJDWRYD5neRrqS8
-twEBB0xERidjCtClJY4kQ41x8mq5TQW7R9Grl4WMS5LG/xy5vma5hP6OFuRPOT5j
-+dZCgcg=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C11-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEARy8TtkDaifv/In/1V+h4+rQ+5O6z6Cn
-i8r+ORSrGpeGD+wTNMqroHJDWRYD5neRrqS8twEBB0xERidjCtClJY4kQ41x8mq5
-TQW7R9Grl4WMS5LG/xy5vma5hP6OFuRPOT5j+dZCgcg=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C11:KAS-ECC-CDH_B-409_C11-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C11-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAWkMdGSekuHBAE9D/W5GkL5ZWQTFbSrN
-haSa8KF9NDaMh2jQOe3pySrSayYwa1/973v9GQCBJ19+L/BopsG5LdOMA0JW7XMi
-sCdwKZTHT1uBgSTTShkJh/1liJL8meesuYd71v6UaRk=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C11
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C11-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=007e7a249094eb52bee0115b8bd5545f81bf0b7d66998fe124c9a3dd3c5715d03b2f973d47c19af5108a2ae005fcca65e61f337d
-
-PrivateKey=KAS-ECC-CDH_B-409_C12
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAltQDsPpgHJp1qn3p
-/p4R1C76k9lt01EC2gXTrIB+RBlOGOeci1vhHF+znIvU4xIyWvryoWwDagAEAAmD
-OUYpTUruzbb3JUykicD/E68txuLKViaDXV3SIkFEDDemNpDNEYZ1gf9htyUtB6+4
-/wBhg/7m9NbvW3I8U8lsXB7N2EZS43nJN4eNdm+DNwUAQSNZwi1HeL34B7PITluD
-NQkQoak=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C12-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAAmDOUYpTUruzbb3JUykicD/E68txuLK
-ViaDXV3SIkFEDDemNpDNEYZ1gf9htyUtB6+4/wBhg/7m9NbvW3I8U8lsXB7N2EZS
-43nJN4eNdm+DNwUAQSNZwi1HeL34B7PITluDNQkQoak=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C12:KAS-ECC-CDH_B-409_C12-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C12-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAFwk9K2b3LFGBoWiLaVNvd0VB+9t5Gna
-QXDOMBR1eaVJRduxvOnwLkcAM7sV/Bpw+DHnmwF8qTK5CgjKLj9VxQzA4T0nnXvJ
-EZxXPD90FBC7fBytEHbDukKu0c5p1WIosIL7beDu+2g=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C12
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C12-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00b9d8b68642b2729340d8b7c5ed3b3a8913c4a3f6b947473017c0e105bc7edc60daa9b0732772220f93eca4878085f756e3adad
-
-PrivateKey=KAS-ECC-CDH_B-409_C13
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAZxJewwmrXcfqVo+I
-FaKzDPrDNmu08BYNU3OKuZXOdWgfzV5JLzqXJbTPdbpDAaeGBJNCoWwDagAEAfHR
-ruX8WUykoiuButcH2CG+8yU5ZvXXeVYVdIOWFpb0xgR2pCtFK4nB7LNhVHXsnJbc
-hwB1XF71WIm0Fc76DogaPvyb6G82xnYVQjtFLqtM1WEa70GY3bMa7LQ07u7BLt0F
-kTrxn8Q=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C13-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAfHRruX8WUykoiuButcH2CG+8yU5ZvXX
-eVYVdIOWFpb0xgR2pCtFK4nB7LNhVHXsnJbchwB1XF71WIm0Fc76DogaPvyb6G82
-xnYVQjtFLqtM1WEa70GY3bMa7LQ07u7BLt0FkTrxn8Q=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C13:KAS-ECC-CDH_B-409_C13-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C13-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAKq/aquz6Q+VbXAE/8iTxw+OkM3DH8DH
-qI8WMgVB1YRDrzlAXYiNlnZVfN05SyfcVEn5RQEn8m26BsM/j7RdlVz9tc7dqT3Y
-pF20LuC5JkoFTBaoe+2tRcDZoPNbvGqnoSlWIug+vos=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C13
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C13-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=017d60394c7ee64ba73db91484713370daa821255807349c237e5849411bf0bab3a1b353be3cd07eeddc5c2ffc74336225dae6f7
-
-PrivateKey=KAS-ECC-CDH_B-409_C14
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAayzCOH9pr9Q5eLf2
-a9F2ZiVwgbpNZu5qmoK3yHxKxfDrprwtmByh2p/yArpyy3/pwGzwoWwDagAEAIak
-TW7k6MUNHhDX0dETqWEHUCEGeeDkyrjGImeEKTitXZM8mA7vnUZEeRu/01u6xknS
-EwEdpjISYxYF/qDpP1gmsZKbK9HblQYV/LBetHvZy2nq4DscM9ep5HszWkBJgjj+
-24mZsE0=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C14-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAIakTW7k6MUNHhDX0dETqWEHUCEGeeDk
-yrjGImeEKTitXZM8mA7vnUZEeRu/01u6xknSEwEdpjISYxYF/qDpP1gmsZKbK9Hb
-lQYV/LBetHvZy2nq4DscM9ep5HszWkBJgjj+24mZsE0=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C14:KAS-ECC-CDH_B-409_C14-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C14-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAB9P+/IvZ8FZGwp3DlY8Crpm/gFWHF4i
-flIrXd4jx0jKz49KAikN4mtHdn04ilyDbT7/SwAtJz8uhRblCDiPjtIBXsn+Z8Zv
-gyzysmHfrVhWEoBC+0phqRo3s0HeQpbUv2O/Z6NFinQ=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C14
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C14-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00b19e052edd44421ee2f5ba845911fed9183d885da85d51dc819ca565ce574f7db257509876377b40c5a08349019563b60e13e9
-
-PrivateKey=KAS-ECC-CDH_B-409_C15
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAPgmPPxleidpx1jZw
-APgEB5rcoydbLnk+jTEsjkAs8NDOUzF0L4dRX03ZzGaCRhlLlXK2oWwDagAEAQr0
-rjNLpAvWU44PCVqlb2GivStfOOlUt2F9kroQYDzcyoNlVNAkLds31eFXawvmnw7s
-5wGzNVIa7DBfMU1/I+0ozAxNI/M6Z4X8bG3pPl+rzicTAvlVf20q53xScg7aWi4V
-Q2RD39I=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C15-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAQr0rjNLpAvWU44PCVqlb2GivStfOOlU
-t2F9kroQYDzcyoNlVNAkLds31eFXawvmnw7s5wGzNVIa7DBfMU1/I+0ozAxNI/M6
-Z4X8bG3pPl+rzicTAvlVf20q53xScg7aWi4VQ2RD39I=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C15:KAS-ECC-CDH_B-409_C15-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C15-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAbCDPrNEBFDj+lFIwlwt8uACBibyQHQi
-IX5Oy4vYp1GnK6suxWQq6Q/SnYxNeenMGRtbpQAjB4kFtqMwCf/qGhl325Q1ea++
-uHGXAFlpaynvkN2EYXdrNDoJyFOlOOTyL9+FT8vztzQ=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C15
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C15-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01697512676ae56ff5ab778c411042d217ad24a24ea05bbc253e4395fecc8a07fe77ae0ca4ed977459f1a14d9b83931bccf46107
-
-PrivateKey=KAS-ECC-CDH_B-409_C16
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAfYSTE8ZJna5HKwvd
-t23sRYBvguCYcjMB3zO2u7l/eUvyaHn8M8KXP4bBVRVJZBqBm1cRoWwDagAEAEgS
-rxk3YwuOp9D/cjy7BbeidA/Eyb55LbIE+SlnTDLkfYXkdwuQPTKQptYsJ0yyV7do
-NwCMb2FxF4a/XFTrDBsxJtZBskpmYrZ7JXMCqaYaqM1QOEa8uxsU+lyXRUNotsJ9
-0t4q6As=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C16-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAEgSrxk3YwuOp9D/cjy7BbeidA/Eyb55
-LbIE+SlnTDLkfYXkdwuQPTKQptYsJ0yyV7doNwCMb2FxF4a/XFTrDBsxJtZBskpm
-YrZ7JXMCqaYaqM1QOEa8uxsU+lyXRUNotsJ90t4q6As=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C16:KAS-ECC-CDH_B-409_C16-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C16-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAXS9Iz+GHHuFPMqPWjg1dISe8s127yK8
-DhWfcTodBzh8QgOxH0wzm2aWdPzx2sGZcDvrBwHix3jMpklj2HMp5XyLyW0PZzcE
-H9CH2vwH3WcOLOclVH4aJhxD+8VOFMNHPr27Mf2oRzo=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C16
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C16-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=015960ea8b92bd77d52874e3ea82ed1763440189d68728d3974d4c01d6aafdbb5274648f6f3eaa4faf3fc72d09892ab038cb2fb7
-
-PrivateKey=KAS-ECC-CDH_B-409_C17
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAv6WUhWxnwoNrf7Fx
-tnx6Qa5D7zRQiYAkqTE2VPzzHh4fusetUrK8Q1iXWlxhq59OPk6eoWwDagAEAOG1
-MJpEgAqRatik0ZuCpYsA7gSCSAUKbtbDPOG8lwFUfpPXyQQvhJBlS3OizX1z9zPA
-vwGAsgM4dGNR+sz7mjcRpOE4RXVQu/WDFgNMbyFqU3SSY9/+I1m93NyJ7GRGqaSp
-9O+QyG0=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C17-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAOG1MJpEgAqRatik0ZuCpYsA7gSCSAUK
-btbDPOG8lwFUfpPXyQQvhJBlS3OizX1z9zPAvwGAsgM4dGNR+sz7mjcRpOE4RXVQ
-u/WDFgNMbyFqU3SSY9/+I1m93NyJ7GRGqaSp9O+QyG0=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C17:KAS-ECC-CDH_B-409_C17-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C17-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAMHctzfSUwNbuR0qSoXzfQAUK+gfySeM
-sjpNHXnSfI08RECyyEK8HiH2kk4U3IMbCr+4RQAMc9VoewSQzMB/ZUEBrN2zbNDC
-7szhZd8nb4O+IR0B0w/1wkPwkAVy7m3wf1Od9qRomws=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C17
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C17-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01127491ff33a67ffc4757416cd02a081cafb723aff52af35b069b89963e8e3ef5bc19c5a093ccf511e3c3c19be789280e986809
-
-PrivateKey=KAS-ECC-CDH_B-409_C18
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQASgIOBsQA7ySYwRHN
-4VCHzaSKb7LswB2YW1fw05IZIOksQ/OraIEp3AGtKfwx1o6WIjGboWwDagAEAWci
-f2KElZTtY/JH94Cy0R3ZosLHG9a3EpTPi1nOaQv+ANqbwduNHarJv/jADnvfBx/g
-0wE2w+p30JPZc5++aJExixSVl3hZm9Hn1al7/IL/6F/VqaAbgvcuEfrZbS9ctXmP
-We/qFe0=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C18-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAWcif2KElZTtY/JH94Cy0R3ZosLHG9a3
-EpTPi1nOaQv+ANqbwduNHarJv/jADnvfBx/g0wE2w+p30JPZc5++aJExixSVl3hZ
-m9Hn1al7/IL/6F/VqaAbgvcuEfrZbS9ctXmPWe/qFe0=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C18:KAS-ECC-CDH_B-409_C18-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C18-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAT2WomfRoqnqg66xsB2KziLiUcgvX1/D
-71mXowEadKEBFd9g6Y0TnN02DnTXb6Ui7rVvSwFrZVq3zQ059Yj77+xU5PRQR2ZM
-izvo5XqxE3cPX+DGIwD0oJ+iiZ5zu8mCMmX1XVz0rhg=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C18
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C18-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01254508553eab09fbc2fafe13fa9b324d9217d7d0ba4cedbe5dc869ad68de4f87774dd17d6428ed242c71956f252969e6bd5837
-
-PrivateKey=KAS-ECC-CDH_B-409_C19
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAwZs5FmX1A1NUf8cs
-ntAZ9TEWkO5B58iVqn75LGD7nzRU36xXUkWmhp8f3sdF1j6lbIkioWwDagAEAFOn
-piqLQES2Cvdu+ltEQpv2X2WYfWoGIWPdVfCNyakbi7m2Jw+KAmEj+Z65NyzL3SfK
-OwCt1G9+pwkvSN2qL+uWyyS/ktJij7bk983fUj5fhAEc+Kq6vWAJoT8ppjtrfuZk
-xm84KfM=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C19-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAFOnpiqLQES2Cvdu+ltEQpv2X2WYfWoG
-IWPdVfCNyakbi7m2Jw+KAmEj+Z65NyzL3SfKOwCt1G9+pwkvSN2qL+uWyyS/ktJi
-j7bk983fUj5fhAEc+Kq6vWAJoT8ppjtrfuZkxm84KfM=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C19:KAS-ECC-CDH_B-409_C19-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C19-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAXh7MLOyBOKYaQudcR/+7xZ63FeSBotc
-jUIuyQ+Uwr3ShM2/i+5kL3C9e+LakGue27ws0QBDB4+RIRApChPZAWDw5xWC+jnA
-512BkOuBHUUCIARMxtaA2VapiGDm/IW7htZZkKFgxbg=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C19
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C19-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=004b9accc21d7122835fc21410ed1d83767c47a54ffee5f0c180fc55f3d0e8484af3ad38020294be92f02f0ba7e2b4f4eb1db07f
-
-PrivateKey=KAS-ECC-CDH_B-409_C20
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAbJCYtT0Q8qwChKmZ
-AmWPZn6kyrKGmK8/oHAGobtGNjsQPEqkySwcP+dTkJf6cLik+kbFoWwDagAEANPt
-9lL0P5yakqLk00uoP11+lQwoNGoqaFG/dVRwUBQKTpwcG1AOHSrTZMMGuaRK9QOm
-IQCZsmxkNn8ZA9qV31FWLSUELAGhrdp1u6WL2w2KqzULUuz76YSIwmGd4BzXD14A
-iVO8pUc=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C20-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEANPt9lL0P5yakqLk00uoP11+lQwoNGoq
-aFG/dVRwUBQKTpwcG1AOHSrTZMMGuaRK9QOmIQCZsmxkNn8ZA9qV31FWLSUELAGh
-rdp1u6WL2w2KqzULUuz76YSIwmGd4BzXD14AiVO8pUc=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C20:KAS-ECC-CDH_B-409_C20-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C20-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAenaCtGhWsPEMfIglU7S5QKve3RsP9V7
-Ls63dIZYAgoJVmSHg1TfCqGB5X5erSyYWtMCPQCcznOlRwg0i0j48/Z0u3ZU9EHy
-g9TopOyPhZLvUjlfJMES1ZQtOuCP/o2Znv3jmYiKfPM=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C20
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C20-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0093e2581c159d74d11f8667ee03399208b5c1a4ee5b20070ce8d97d251ef1236dc81dd688b2f07a730e6b8aeca0c193a28b178f
-
-PrivateKey=KAS-ECC-CDH_B-409_C21
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAp/o4qKuAMNa0l6I7
-3l5QB+OdFNqfgtxWSuPNtK9fz0G8/vetrbWRcebX09PDrGf3vnBzoWwDagAEABO7
-O6kdXSSIr1ctmVzvj/+x/YXRE0IejSwMOql824qTP8DT8F9GRs6EHr3PGphgS/+j
-3wHy4E6hagEtSGTPLKdWSEbec6M/JFeNxNIhNZxPL4bKgjywWWv+R2Dp6ty0rVCK
-saFx7L0=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C21-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEABO7O6kdXSSIr1ctmVzvj/+x/YXRE0Ie
-jSwMOql824qTP8DT8F9GRs6EHr3PGphgS/+j3wHy4E6hagEtSGTPLKdWSEbec6M/
-JFeNxNIhNZxPL4bKgjywWWv+R2Dp6ty0rVCKsaFx7L0=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C21:KAS-ECC-CDH_B-409_C21-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C21-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAMSSlPtxKUIiGiUAMkr3vYx+wc0bgJTe
-0brAAQqGlgg/fvrsqlED1nYkmeG+SFfTIAMCgQBWT6ERCzk5Jd+7JLqaazNz9GJO
-y8PhL5cG86sFQpktjbbI2Lsl+gYU1Ib20ayfPZi57f4=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C21
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C21-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=008e2f1c4bad19c46a5134afccf7f4ec14ab591c8b8ea48d9c3d1e7354ab43ba20aa39a65fd92cdc176cf3dedecbf9da49a8d855
-
-PrivateKey=KAS-ECC-CDH_B-409_C22
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAzp+Ce9JMAUw+5Z7e
-90cXjWwDDBlmmtjnGLoTAr70ta0sEjNEj1J1spqJbAsuew2pIGi+oWwDagAEAXbj
-EBLZxgSy0aGSKijYpXTwYMw2OIsoFtL4EX2iDAaZqwoI92+6pHbwqcQkv0yVK0dU
-/QEf7cPo+Ogo4P+/Av2F0pwCAf0PU78mFMEK5RzLWMvEkAw4zEyaUthtifm4wt5O
-In9OIo4=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C22-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAXbjEBLZxgSy0aGSKijYpXTwYMw2OIso
-FtL4EX2iDAaZqwoI92+6pHbwqcQkv0yVK0dU/QEf7cPo+Ogo4P+/Av2F0pwCAf0P
-U78mFMEK5RzLWMvEkAw4zEyaUthtifm4wt5OIn9OIo4=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C22:KAS-ECC-CDH_B-409_C22-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C22-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEATSt0sSZFy33ktlKmziV4kW4QHPDJSY6
-hYwen3zzCkTyaNP4NYQR3AqcqrUFwKvAFhML9QAxwjaxQ8oDbIg2Qff5uVf095ij
-FmfEFWA0Ann84JYqIb2LtS+iPbcahPNaV5TvXgdZct0=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C22
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C22-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0190a1693eebe287ec980236d8762804d23fdb6f222763a0efc364f9280fdd53394c2badcc51ff09557f3b97cae7f70d790bf9df
-
-PrivateKey=KAS-ECC-CDH_B-409_C23
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQA4287mhNBmVsT/nC8
-VF0nnm2xSCySsTzozA2hwQDqL6qAOmSljMfrHP0WdXCDXFIvZZNHoWwDagAEANHK
-gjk7jVC9GJipCb85Mz7KO96YsLDc7Wb4KGMOaebrEot87CPwcmAEcHMmCnZTMd1v
-VwBsU1/5Q6D+dQ/Gw5kEppEroevA9GwbCCPkATx3R16imz8ySBlm8bFlvtumwXoU
-lPttTz0=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C23-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEANHKgjk7jVC9GJipCb85Mz7KO96YsLDc
-7Wb4KGMOaebrEot87CPwcmAEcHMmCnZTMd1vVwBsU1/5Q6D+dQ/Gw5kEppEroevA
-9GwbCCPkATx3R16imz8ySBlm8bFlvtumwXoUlPttTz0=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C23:KAS-ECC-CDH_B-409_C23-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C23-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAPDsly3J/f0IzY38unKYtN8tvYDCCyiJ
-5mOsWMw0jL+Pn/0x/7UGGNbDjXKpnVxdLqzAAQC7C0iJPNuRXmXNXXl4BIAgF6KV
-NDZUJGo3/jpg196YfmqaEKrwY9lrEBhGEszSZAfX4D4=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C23
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C23-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=001469dabcf2210aa7de0040b201221eb4d1a4725431fb5a93212a66ddea4187e078f5e3d82606f6cdfc0ffe6b69574d1d0ba643
-
-PrivateKey=KAS-ECC-CDH_B-409_C24
------BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQACKBnFu1vTPco+QGZ
-KPNnx3qQUkkLmouoelnNyoTnfGopmFP1SW/r5lL0ujM1AcT88rovoWwDagAEAKBF
-tea7t5UElfbV1kWit9cgBnJdAiPH/3VTQCLJJgqw0tjTM3iaPcz8OolQLKUAvQwf
-YQHsVW4bFiHsGJNlThmNWSPjEUeKi9L//ygMkJL/wHNyiamXSStunr+TGUdjTvf0
-O0Kc82o=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-409_C24-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAKBFtea7t5UElfbV1kWit9cgBnJdAiPH
-/3VTQCLJJgqw0tjTM3iaPcz8OolQLKUAvQwfYQHsVW4bFiHsGJNlThmNWSPjEUeK
-i9L//ygMkJL/wHNyiamXSStunr+TGUdjTvf0O0Kc82o=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-409_C24:KAS-ECC-CDH_B-409_C24-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-409_C24-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEATeERODe7P867Fq2506BI7qY2LkaUHz8
-oNhQl6rZRMFbT9icjL4sdFHY7GQQRUIbS/aXiwFkR8ITyQNd57zCm91h1u5u1Vec
-Nr7Fa8a0T5KGv56Z+sl/NWcIzQMQ2/Yzj5r417E1kQI=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-409_C24
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-409_C24-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=005c701a93d7790322aa7c67440fdd9ee8057a0dae86d1e856ae89e7893da178bd67777f86db2be5c8e31dc50ed8a440aabc342d
-
-PrivateKey=KAS-ECC-CDH_B-571_C0
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIA0TyK+h5mblbIof2
-dDDqj+ZGxi/ji3zmHx+VZZfCe93ZkC4g1ENqvzvr2CQ+wpoASBqKLBn1UOmWQbXx
-Sq+7W9qVOnVZ+GU6oYGVA4GSAAQGr3H87BopBBFv4Uh4Zjdkwex0hw5dLVORnwtj
-WRLbgN1UYNnmmUWP+ElMW/x0+6jTsS9l8BXo3vEN4z8YABkfTLUC0hk4uVEBlYQX
-exicZkH/tni214M9jUuyXe5QGN2k5MDSGQSMAc0Nqer/40bVPPGgezOz291Lw6yr
-5IMvmYHv8mYJkarIUhR5he6jpR4=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C0-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGr3H87BopBBFv4Uh4Zjdkwex0hw5d
-LVORnwtjWRLbgN1UYNnmmUWP+ElMW/x0+6jTsS9l8BXo3vEN4z8YABkfTLUC0hk4
-uVEBlYQXexicZkH/tni214M9jUuyXe5QGN2k5MDSGQSMAc0Nqer/40bVPPGgezOz
-291Lw6yr5IMvmYHv8mYJkarIUhR5he6jpR4=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C0:KAS-ECC-CDH_B-571_C0-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C0-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDtj9foRKua18RPHZRRP5MvWAg4m1A
-DBFgmjpjS5oyX0FrDj0yFXNMaKHCyPrR0Lues5OaQa8iQh9oeB5+sGZLnfXOpEje
-qjsAjmzHe83cgW6Ez8H2JoJPok09X9M9gJPL/h/E2IG2O0lBI7x1lnDtyxiHuzud
-WotRa8UDgoFjcJ1NrLWU0nehWpLAZOV3DRs=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C0
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C0-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=06775e1b99a236e02b020bc73666e5751c1210dcb6e9b02a69f4075376e49f7a1476d2209e861abb73f5e3ad189d268e035b1de93d47b3a64de5783c9a09bc223e1cc612f26dcdf1
-
-PrivateKey=KAS-ECC-CDH_B-571_C1
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAvTSt+Y2YObCCUng
-bcZwvoqvglMOC26v4hAR/p0PRAfIVJUVc0UozaKZ6fz3OKl/v0PEu6JnRLMnUxtA
-FD4Vi8hkWQnqiIRWoYGVA4GSAAQG6nEYJ62O1Ym3Ce819qnNRiV5i9iH5f5ZxR8P
-QcMot+zfhHNsQ/tw45hu5eX5huAJ9kEVinXM5rOfU6i/BoKDAZTkAHFI3u8Exrny
-pgmfwDZ/qWCTlMMiGtjG+xEdK9xDBQU4BHiNMur3ZDFAbnaKRIy1yONMgSJe7JAV
-q72SclwAJxLtMZLYB7Nq/qhT9yI=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C1-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQG6nEYJ62O1Ym3Ce819qnNRiV5i9iH
-5f5ZxR8PQcMot+zfhHNsQ/tw45hu5eX5huAJ9kEVinXM5rOfU6i/BoKDAZTkAHFI
-3u8ExrnypgmfwDZ/qWCTlMMiGtjG+xEdK9xDBQU4BHiNMur3ZDFAbnaKRIy1yONM
-gSJe7JAVq72SclwAJxLtMZLYB7Nq/qhT9yI=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C1:KAS-ECC-CDH_B-571_C1-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C1-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFdcuwWfQjMJ+ZO2wGrHHXvMXR5qGa
-/nKBHLYSpiOMnMwzHmfaDBC4jMKl8e8v9ta3RAZdJC9ZjaLWM11MO+z1w5U5QMYO
-/McGtDNlLjo2oHAYqorT0v8x7Xhc5WAXFu/3cQ/BPG/5/3XH83AdRZ/Y/nDAtK/O
-2ghoFxfbmCHYyFj9OeJ0/zd3L46EhW5wZ0U=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C1
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C1-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=03a80ea8cfecb858f9b77bdb46b6cda26320ee8c561a2fd6b7e0a2b62201fbfe60f577780c75a98a11a69de4c4ee911930d2200b6972bc3123d7f278615ecc65984a59fe352a1cec
-
-PrivateKey=KAS-ECC-CDH_B-571_C2
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAStjE7VoU8+NAnME
-nPftKrjmMuWSVu0EM2aFdkjz8qlnTK62+w/NX7qwu6u84XoPxKeBSEmcOJr1dIY3
-RkFpWw6FLzFS7sckoYGVA4GSAAQECnh2PRcEWd00tcBOx4LmmMvpA6WjSFUcUkjZ
-2s8ZvLmkmOoF6A4tbMHz6lujpDhVuAHIwDVv4+Ke4iS7kfTtDIVng3m3JUIB/0nO
-CmLp7a5qpjqYSORPGFQS0P60a4f5FCS9r/7VFoMh7XbyNfddM2Z/bX1qnIV7tPhU
-QvxA+aIMBK4GNipG7O6hXEXWm+s=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C2-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQECnh2PRcEWd00tcBOx4LmmMvpA6Wj
-SFUcUkjZ2s8ZvLmkmOoF6A4tbMHz6lujpDhVuAHIwDVv4+Ke4iS7kfTtDIVng3m3
-JUIB/0nOCmLp7a5qpjqYSORPGFQS0P60a4f5FCS9r/7VFoMh7XbyNfddM2Z/bX1q
-nIV7tPhUQvxA+aIMBK4GNipG7O6hXEXWm+s=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C2:KAS-ECC-CDH_B-571_C2-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C2-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGSqZoMP9EMkpnroqQeJaJe1B1Zs9S
-3+E+Otux55NmXStxg1h1Tv6AnkSWIYUC/rVgTb+8BKEQfKnsTq3H0QqdbRR0zt9X
-gUUG9j9p+MGLZ/EQUbPTAjahokkIiyvKtc/4MM256z51wehyUuXY5huxpmNI+2ge
-li1lq8VNXeot1yxVRZB0AHT3xmxLjf0wdWE=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C2
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C2-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=03edea7e47ded7c2ab1115f4ebcbb42677c7fba6e0cfd811602896251ada1d5a0b461aaf4e000f4d4231b96d8dee7630d9f1b7860e6418dac8c3b07b66af6fd1acdb44b2683b29b4
-
-PrivateKey=KAS-ECC-CDH_B-571_C3
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAhmXtUgcDPbPQ2v+
-Ngw7EZueTdVvPChHr/sgIcusS1fcGPUHXWeK8rpunu+8QTjYGAU/LfMqEOiuXWQJ
-9bLx88q/NvgI/cB8oYGVA4GSAAQFYM+RMowmu6E/ccm13d0FwYWWnYi9Dp00o2B6
-kjsjpbZ1RSFnADri8K3VFB6kvkHrrpHTpqoVw5Pb9YWtbJIUsmnoa08FS/UC4y7C
-QEGKmk+QF+Yy+Kd4l6IjPW8fRbj3qoGPhH3bPOq1paEsdU/OjVewMgoHa1NEHc+f
-Ze8yBOCJGR7xVv92IpSJenL8qTI=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C3-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFYM+RMowmu6E/ccm13d0FwYWWnYi9
-Dp00o2B6kjsjpbZ1RSFnADri8K3VFB6kvkHrrpHTpqoVw5Pb9YWtbJIUsmnoa08F
-S/UC4y7CQEGKmk+QF+Yy+Kd4l6IjPW8fRbj3qoGPhH3bPOq1paEsdU/OjVewMgoH
-a1NEHc+fZe8yBOCJGR7xVv92IpSJenL8qTI=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C3:KAS-ECC-CDH_B-571_C3-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C3-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFBnGvZcvvkvMF5frLQojMBKTGl4o7
-eK/kBJxqmV/ow8C7YJq+SdFSse7WxxTSVP5u/xWanr0krRaRnvdvRHAFfrfCZaS9
-lugFHQjiHSZNjk28c0CIQqtXzXjTI+fetiWzdBmUuK/+Aa9EYWIttBmv7q0EWEX2
-w9ttmC9FtpK+oRzyXRiso8g77IQMdYKnBi0=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C3
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C3-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=005b640015330f8416f2bbbf8b5660e01a7abba8b0197a29e52bb535d62f89ad0443e08b6e0d1d15f4eb03c0fe35e3e43bd7739cb692092698a2cd13126cee4432831ec7423b3434
-
-PrivateKey=KAS-ECC-CDH_B-571_C4
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIArU5rMdwdYeZ9Dln
-Dq6Fubo0qLTzccyTWiDOjFZlIe7NjE9a/xFq4Nsq1urhozhENMWZN5ghrQXYGtoF
-SCmd/ZjP1tPxVzUkoYGVA4GSAAQG2uU4yCBEOXdBXO9OeZdLp2K2m0NIECAMxv/z
-JqI0TNIb4ZwVNkLfgqPlelUxqL8Zdn4ZldJyj8tmHVjsVh7yOjTYYHlxSQ0FBCQ8
-eSuQMYTqclqUfKiSGMqcj6Hgmn3WjeiOrpD5vSqN9BTdaaiysaLe0sbX9RTIkHmX
-Yk6wvJ6pM6LUdO+Pg7rqMkODTeI=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C4-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQG2uU4yCBEOXdBXO9OeZdLp2K2m0NI
-ECAMxv/zJqI0TNIb4ZwVNkLfgqPlelUxqL8Zdn4ZldJyj8tmHVjsVh7yOjTYYHlx
-SQ0FBCQ8eSuQMYTqclqUfKiSGMqcj6Hgmn3WjeiOrpD5vSqN9BTdaaiysaLe0sbX
-9RTIkHmXYk6wvJ6pM6LUdO+Pg7rqMkODTeI=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C4:KAS-ECC-CDH_B-571_C4-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C4-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDmsnpGvWUB03NM42k9SQFdPAeQTpJ
-uSJGuj1t6FXj3t9uf97amrf3+Edudwzpu8OppeuYRUPcw39fEb5uKKHRCQkx9cW1
-o1EHgNMtuxNImb2i6YhIlBh4OHq6ZmX9JCUhYM4xI/aPm1vY8lSji4TsU2Ul/gB6
-hjtvzEifk3oFpf2UbWKCUyign4Ony6J/6l4=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C4
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C4-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=027af05ecd0332784d64b0b1bdb45c310fd445c5a6d6b34f35f4eaa3fa3e171ab98763d243a1dedf46aa29864620a47d05eeaefd748186bcbcf187c01e7ce36e2a53ded071036b59
-
-PrivateKey=KAS-ECC-CDH_B-571_C5
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAxipbjgngtRHbxvr
-9pehB28i4dLshHR/n8QlBdVUfaqgjYFHIXWWWZWGhc9OpLuhL/+2avCfZpRSHxHA
-m2YmyK5S+/szalKhoYGVA4GSAAQGdw8vzS6bf4vFwpLSg6uthRVQcf4373zoTzTH
-YW2j2+G9zpqwTOp7xLwljF0qt3I509CEVost/3eZiCiNn8a7Nk9RnQ6FWtME9qH0
-5f4A/pol2EWbiIA5iO8r8v71oj8T56fn80Wav8PVwAMDq8xQgPq4GwnVvgMg75kF
-GaBq8TwpVi7pVXFagswNrvLF4Os=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C5-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGdw8vzS6bf4vFwpLSg6uthRVQcf43
-73zoTzTHYW2j2+G9zpqwTOp7xLwljF0qt3I509CEVost/3eZiCiNn8a7Nk9RnQ6F
-WtME9qH05f4A/pol2EWbiIA5iO8r8v71oj8T56fn80Wav8PVwAMDq8xQgPq4GwnV
-vgMg75kFGaBq8TwpVi7pVXFagswNrvLF4Os=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C5:KAS-ECC-CDH_B-571_C5-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C5-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQG9liEkQYKHogUjkve44vGdHE/44TX
-z9v1vZDJ27bhWH5Fnc5uDWm4ss/rUFW+5WpzwTQ2BgGYrUdQ2uglPqg5ouJG1UFF
-l3UFthuPfY1sgWKiJp5yh9RZA0uPqsA2D8+Z+yHaNKMU5nNTGbnQNia5JoNpNF86
-YkrK2yGbIHGI0OlFy8Z8mCBo0yYT/CH4sPQ=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C5
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C5-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0763c0d659a7c080912005a2afd60ce57e610619b388ef3d5dd3c9386ab12069c6ef3a8e72eb741cba2da5c6f9267f6c09fada6459690ed4e432445d6f0f72dbcb059c87df36f665
-
-PrivateKey=KAS-ECC-CDH_B-571_C6
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAotDGetwVM/2OCgg
-xS+cMy6uZw0fB8/I8UcukmD15Ho4V2gBbNIAZwDKe9xdHVZ9kkYK98KkJd0NeK7u
-PRX7KNcRZ+ZIa4HEoYGVA4GSAAQFsbEUzvE6pd8wbOdBl9aA+bjJ2PZ1OgnbiEZq
-a7BOrx64c4NgItdQT0X66FqOSlQX7dfOOg5eueeSZIhO14NXez/FLYJfC1cBjjIm
-42tLM2eZxGhLulBemE3IgZFm8XzrhA42ElsoOoyGNd3353BAbZhW2Cs3z/H7zF0/
-XPS1XspB7hMfIep7yxnOBfZWQkU=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C6-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFsbEUzvE6pd8wbOdBl9aA+bjJ2PZ1
-OgnbiEZqa7BOrx64c4NgItdQT0X66FqOSlQX7dfOOg5eueeSZIhO14NXez/FLYJf
-C1cBjjIm42tLM2eZxGhLulBemE3IgZFm8XzrhA42ElsoOoyGNd3353BAbZhW2Cs3
-z/H7zF0/XPS1XspB7hMfIep7yxnOBfZWQkU=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C6:KAS-ECC-CDH_B-571_C6-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C6-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFpSzr9oEDyrAmbPLGicSPCAVJ//xw
-25gJwqRvkItyib5ZcynznuHkzKOYZk/6m9zwEpP0NZPRiOEkEdV+VZs/ajDpVUhp
-8EkBThNxZfsNUw6GU9fLKoRhjdOvz6PwhWAXkUKq6XJ5DOdGov1EadQVWHRDeMZA
-rnOkibt/gc3KaxuxZ8eUwm1iOKDSVq/DuiE=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C6
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C6-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0428413f2d2aad4d5288885c2edc8b976321ae1dd4fc6b41275fb88b8c5e7776165effce79025163538a0e83c919220a407ead6cefd616b4b05294488c2ef5d30ab8caa55ccbd1b1
-
-PrivateKey=KAS-ECC-CDH_B-571_C7
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAgEV0X5B4TF4tCoA
-TAHV5O8cdiQQScfTG/DqhdbgcKLiuSCA5h3lRvzL1NmRI2uzYO8/IG7hbYhDoN3I
-A0Y2ZKjM3C2HoQJ3oYGVA4GSAAQGyKw0NkrK4148QXFgMz5IZBho/MoEwNV3vgb1
-irClX9fbd5/nN3edoz0An1e1utSXAurPV1rLryffgzBwzYk6eSR3DJLv86AGG4Ll
-RdQcYv7waLNM2/ATlhFdKhQX+XGUg9JphrbVL49t4Gg3eV9tndfNCVdBEUMYxuim
-IGs97u8BTw5EsNxmhOEA5Kw2FlA=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C7-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGyKw0NkrK4148QXFgMz5IZBho/MoE
-wNV3vgb1irClX9fbd5/nN3edoz0An1e1utSXAurPV1rLryffgzBwzYk6eSR3DJLv
-86AGG4LlRdQcYv7waLNM2/ATlhFdKhQX+XGUg9JphrbVL49t4Gg3eV9tndfNCVdB
-EUMYxuimIGs97u8BTw5EsNxmhOEA5Kw2FlA=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C7:KAS-ECC-CDH_B-571_C7-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C7-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCbi8e5k55WOkCVHp9sKHhSGbz0sAS
-fCu5sJ7iMtPZUY7kSuj1u0M6CIBp+jhs1ciQJxG3YqwNo6ejQgRyxH6FD5iN1gpj
-bX0Gd/9RAFLU9GCEn7jvDU81Gc0jjk4caItzbPbjdZVQ0TSh5so8tHnWi03F0Luh
-ruF4vW/hXsGW+x9ifYcHk5T294VOBTIo3uU=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C7
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C7-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=031bd2a84369e93dfa00581446d52762100d985cc7bb91c4fa8be7472e2e8e9781c52b19a54330442441bacae23f4bdc76486eb475d51f26aafbfb272a5ab5db184a4d3c3006e5d1
-
-PrivateKey=KAS-ECC-CDH_B-571_C8
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAIR7VF70lhVnHwi+
-c6SRRwYxhEkzQBEepNzhPC+SHwe/rP/IRB9MfJ0EefV/OhP0wzxj7UfDpD+y8G0G
-qXgOXAs6wwQQrcSRoYGVA4GSAAQGmU3cWuLFtvRdwytxDxpJORpH86D4wteEZVL+
-SH7wHMoEMRVbtUUzsGeinoNnNzr5XWp/C/mNhptwj0j5XxuIoVMP4iVH6X4E9iiN
-TXBPM6iYAx59AEb78eNKcsivGQ9NMxYzQ8iXugwNivioYjahw7ZVuXncRSLTPWam
-ZbO2UBVw8HYyKvCtK7qqBOoumV0=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C8-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGmU3cWuLFtvRdwytxDxpJORpH86D4
-wteEZVL+SH7wHMoEMRVbtUUzsGeinoNnNzr5XWp/C/mNhptwj0j5XxuIoVMP4iVH
-6X4E9iiNTXBPM6iYAx59AEb78eNKcsivGQ9NMxYzQ8iXugwNivioYjahw7ZVuXnc
-RSLTPWamZbO2UBVw8HYyKvCtK7qqBOoumV0=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C8:KAS-ECC-CDH_B-571_C8-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C8-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCPuT57CTe4gOs+2WGMTE8etQ5TEfx
-eU0ItZn/wV8OXaspEdl+Aw3ffLS7rfilvOBcNTWPvQz5XT1cf/PNjua1TjedjQEj
-k5sGBr4j58V0bb04QE/WB/t/J47iSdyOJ0DPG7mxwHsc9+ClCkMlZ9GGl5moAxIl
-ENtDeYGiqhJuuarzx74FqA+sFJXhxAyhwQY=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C8
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C8-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=04df20154fa49a1d6e04dc2ba6e55a7f2ae575de5e2c6e4091a4d2c36aa93ca9699b890f0ee4df53aa75d0d9babad68605bc027ec67c187a6826aac0f4bc596baae788b376110216
-
-PrivateKey=KAS-ECC-CDH_B-571_C9
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIA0wkWDArQ4V/Eq2L
-2ah1I3ZBoh4hyjz5oJVtPP7e2WpeH1M9gntSj7tYbak+77tm0HeLGbGn+28Xu/nn
-m5rO/N17lgXniY8moYGVA4GSAAQDLTp6QJnwif6pGJIR9zZvLtxKv7MWxcBZSNje
-V/ygI7+2oRsQLqQSC6YhksDfYQvY0vY/xXcn9Ka2QKv40pn6xWxMeviDSeoE5jmf
-HO0madOlUG016ivr/M8M7IS8lzg6rcO0g0f2KWJuYJb4kENeWTNnUEj9zvze3j7W
-FuZWDULp4XxUkuMLwt5GicBZLss=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C9-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDLTp6QJnwif6pGJIR9zZvLtxKv7MW
-xcBZSNjeV/ygI7+2oRsQLqQSC6YhksDfYQvY0vY/xXcn9Ka2QKv40pn6xWxMeviD
-SeoE5jmfHO0madOlUG016ivr/M8M7IS8lzg6rcO0g0f2KWJuYJb4kENeWTNnUEj9
-zvze3j7WFuZWDULp4XxUkuMLwt5GicBZLss=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C9:KAS-ECC-CDH_B-571_C9-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C9-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQA1KCxHBc5vtCU5y16aSODaDbZIVdG
-xyzGgARaNtga314lOU8mmiraHZQ568M7uTHW+llaJSYcJEoeF7BG+xD7VLsxIojP
-Lo0HUgT1DTKrimq7/5gtH+NyuMVBW7W3JrNGqk8IvjL4yigsHvbhUkIzYNl7cooH
-Tms887kScYsWks2YMBl0GiVBgkI0vcjDI/k=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C9
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C9-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=037a380f525590582658e2dd272a32de67fc0cf5390b37f4d33c1359f075d4461ea38a55027317892a3d1d22f5ea333ad437667d2f3eb8781c39504036ae33e4b0a26b6894722f0b
-
-PrivateKey=KAS-ECC-CDH_B-571_C10
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAS23haA8Jr46bppY
-LlwyqJVwrUMItxPOVHHqGT3sHzLWi0/N+xYA/bHstnaeJqDgV4Etu/DtSVWSZl5r
-jpqXN4owtcZg+63BoYGVA4GSAAQH7ffuDsd/Wmw8nsTtj9PLgUo0LpzGRwtUeB7W
-wUHiEVyG29e6J5k+t+vteji+SI+W/d+pgvNpGqHCppf3cGv/PRrdc5YGYZQHs4JL
-f3smb6Qv5Tatwqx5udHltAjnIXs6md3rmS8xI/8tFod00wCoGKMmkuJlr8b29XjZ
-vTEhEytZeYQfei0GDolIkB1lfBw=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C10-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQH7ffuDsd/Wmw8nsTtj9PLgUo0LpzG
-RwtUeB7WwUHiEVyG29e6J5k+t+vteji+SI+W/d+pgvNpGqHCppf3cGv/PRrdc5YG
-YZQHs4JLf3smb6Qv5Tatwqx5udHltAjnIXs6md3rmS8xI/8tFod00wCoGKMmkuJl
-r8b29XjZvTEhEytZeYQfei0GDolIkB1lfBw=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C10:KAS-ECC-CDH_B-571_C10-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C10-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDu4QDK3//zieszzVLid3fZGzctWY0
-3w+FIKdzD4q+sF+ZM9ikNS0cd2fMP5uAzv/N0Ms6l7WSg/0KZ03E/SQDM/AgyCtI
-BMUHRJkzasOoBUMHiZAnaCUgJrUm7OVKwo6MyHjxi6+fq0K6TONOSWiqwe5qC7Fc
-mnCYgqU3KvVuoLNoFzhfu/6sS5BgaeU/v7o=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C10
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C10-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0420de313bddce87d07321e3f0af404d9d13e5369b79506e807178711153c9b1837cd055562eff3aadfc5954a221eeebb1bec1696d3df1cccfb8b61172a50d83cee95f4140ba070b
-
-PrivateKey=KAS-ECC-CDH_B-571_C11
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAgJgana2oT1uKSgL
-wWE+EVAldwskX1Vh1Yg+E14VnMQ3sck1Wy7uKzur7yKf5UWqsrzKFV6JcklfGXS9
-sewOYMTmx5xI8mpGoYGVA4GSAAQG5026TgcC8YbTNNPEniV44e36xWRkXdqMSliB
-WPjXo+9jJDZTwNUHQnc0+0zIet9KNr1avKH5ILm9bjv6UckW1XEIhFlOlIUFuSFH
-ottIo4MMz6KJUaK36OuEMTuZsKmQMceDTGM/hlovmESVJSiuXe4CQoqCTN+34gko
-/8U0IN846tC0JA0GWdWtsf8uLcs=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C11-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQG5026TgcC8YbTNNPEniV44e36xWRk
-XdqMSliBWPjXo+9jJDZTwNUHQnc0+0zIet9KNr1avKH5ILm9bjv6UckW1XEIhFlO
-lIUFuSFHottIo4MMz6KJUaK36OuEMTuZsKmQMceDTGM/hlovmESVJSiuXe4CQoqC
-TN+34gko/8U0IN846tC0JA0GWdWtsf8uLcs=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C11:KAS-ECC-CDH_B-571_C11-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C11-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGVWpMyYRmeUqT0DOIU2d296SzNEw9
-xOuWCkpkWPx4ac1ORbLxQMRop9TruoTJSCM3oqitqsiKmmKdoD3SR1JmQrCrcft6
-jHAFS5fZUrGfdChW2s9OUN8MMQO68lP03mWj2crOY/6CkG0sjoozEvtTXgD5tcpp
-+H28f6P32H/gJFNmBKr+RkBZPMz+9vrAKKY=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C11
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C11-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0606228f5a05077aeefbefac23c0d5bac7a6062bfc2b02ce8bba6698ea96b456b1f0d32c6e05dbb9be61a83090428eedea18c74f41238edede9e3a12e28722d2f314613c2e84d6db
-
-PrivateKey=KAS-ECC-CDH_B-571_C12
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAEhng0isM7kvLFln
-cQPqQJlGtVk9EF/EmDNRxO3pKcS5O/xpWHZVXjrOQXuCrAW4Mmdqwj4pVaCe5kog
-pfmOYkmfQ7p/f8jhoYGVA4GSAAQDHdSAjSs0G4iB9eUKLczjjfg5AJ+SGFl439mm
-DNruAFzbqCZVZHc21AevuQxnzdsTuisBYY9F6KJ0MX4C93D4Dvh7u8GxEFYFCgZx
-ycDOV6SU5pEfE3bPH8M5OIW6jCb23cu1Nhh2hgo1r8H0Vg8pcMMNs/HIF9vIrysC
-Xa7TqdoS0vrp1xTOrYBEXmoKCBM=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C12-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDHdSAjSs0G4iB9eUKLczjjfg5AJ+S
-GFl439mmDNruAFzbqCZVZHc21AevuQxnzdsTuisBYY9F6KJ0MX4C93D4Dvh7u8Gx
-EFYFCgZxycDOV6SU5pEfE3bPH8M5OIW6jCb23cu1Nhh2hgo1r8H0Vg8pcMMNs/HI
-F9vIrysCXa7TqdoS0vrp1xTOrYBEXmoKCBM=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C12:KAS-ECC-CDH_B-571_C12-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C12-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBAFGCsCmkhSju9f/QIhrYcIWrrGpy
-cFIDo8Fomru8DhKSel6Ds1Khutl3BhAfRKECLMwNVSLcXRyhQz3gOiuh34ZIdfUi
-vmEBiwKpjws+TM9EqWk5ogg6sfKgTa/Vvc7jz/Q4uwi/8SBDqhksX8804TtcKXQs
-XYZLnKxGvqbpbfKxvkSTrPlQIk1xc3+ZBlg=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C12
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C12-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=052669336019db5eddef5eab2336abeb60bbc7295e4bb663ab43e373fb6d888d7433ec89a487a91d4a59c289a9509ddd1bab33cd02a7bf37aaad78dbedf0b4ae5f2f35d15cb4e628
-
-PrivateKey=KAS-ECC-CDH_B-571_C13
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIABe6ty14j4t4ub/E
-kShjxaSJIv5p6KTPXm6Rdj79VHehzUOd7dCv6lBOOzr2gj6jCJwDdO2a7iSohRbI
-zzr6vplbm5Z187WroYGVA4GSAAQBYcFLvITkLsdneow3cAZezR8PROrIJCpxWmGX
-Hn5P//eP9Xob8blcv8LtlX0RlfnqUICXFcJDnHVD5XNSATVCbUdTW4v8hTMBJTYz
-0CJRRk7cxT7Z6KntkykyDvXurzXWTFm5c1yW4H8aYuwXvO5PBM2ahaPrUEqvN7s4
-jGx9CNkKoLaFVrXAaOy/ClmERg0=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C13-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBYcFLvITkLsdneow3cAZezR8PROrI
-JCpxWmGXHn5P//eP9Xob8blcv8LtlX0RlfnqUICXFcJDnHVD5XNSATVCbUdTW4v8
-hTMBJTYz0CJRRk7cxT7Z6KntkykyDvXurzXWTFm5c1yW4H8aYuwXvO5PBM2ahaPr
-UEqvN7s4jGx9CNkKoLaFVrXAaOy/ClmERg0=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C13:KAS-ECC-CDH_B-571_C13-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C13-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQH+rTlkyjHAPdGSb2Qp9Uf8olY/nIN
-qqsyjPybACqnBs6zmTTbnM+B3uyVaJzox3a0/GVCqCNYzFHrvG2OUyLLP6bkaV4X
-D8EFrNRc/6Kd2zTuQudBACZ5jjeo0anOn5KU2lGYFktpAQxoxTKBzL/EB9FBCX2h
-N+eEnyKP3BoHqimL4myncfR6xP6ycj1aZmY=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C13
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C13-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=062de5aa98b440c6cb7a1428f6b5e47452b30454eec4d651982b531121febbd5a3833b180017f7ddb5ce38d7bb1c842de1a8a8fc7fc981e24733b7662813fd010a4e757ca4ea5c28
-
-PrivateKey=KAS-ECC-CDH_B-571_C14
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAqstQwJ7CPir+jWY
-7wFEOZpgtgN7F6OuQT1CLvohZ+nqTxnX7KmNhcZ8H+hfvLwfErr6MKhdvfVCRmiJ
-MV8VMt78XRgVCfAIoYGVA4GSAAQDKMDWf9VS6hDlvfe4fVC/TcujTcpWmuuGnFx9
-x9gyzjD+7TLiWnI3k/l8VX4vl4xeE0nmm3PvmRYAH/sNbNssY0PjRTg4bm4B0VG0
-btAEJjzZpcDUaoQNAyImMfkv+SgOlaNXRs28r9n+1oEcdhS51Qqigo3HonWznT1B
-ijSd0eK3MhH03po0tC/KEbl2Dso=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C14-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDKMDWf9VS6hDlvfe4fVC/TcujTcpW
-muuGnFx9x9gyzjD+7TLiWnI3k/l8VX4vl4xeE0nmm3PvmRYAH/sNbNssY0PjRTg4
-bm4B0VG0btAEJjzZpcDUaoQNAyImMfkv+SgOlaNXRs28r9n+1oEcdhS51Qqigo3H
-onWznT1BijSd0eK3MhH03po0tC/KEbl2Dso=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C14:KAS-ECC-CDH_B-571_C14-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C14-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQHJnYwKtGHMbdiArxRQp6/fsz2Ml9O
-CEwvkuMojtKQSIueNnIOKdqi2xmTp9F86O+djM7GHeikBxduJnTCXVe/8sRlljWL
-NgUDwAItUyKQkeFK8PdFDeyhy124IecVkGCP4Jhtc+iMkV5e6N/ryJVZE9kWT5kv
-VjlKZi7xHIIU6K2oXfGxewuXQUzdZi0Yi10=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C14
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C14-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=07c7eb4892816cc3388ebcdfb412984e05910c112dd15b8e5481719401701aceba22fcf35aab0c3b040096161011f6177097c505395d9d6d8a713f6a5100fb476adbe7b9cdf4b68b
-
-PrivateKey=KAS-ECC-CDH_B-571_C15
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAEnG5MBaGXskr9Jw
-ckP/v9VbAIj9M9h9rk0hBI918rhiVjB1JB0vNv3Q6UBatCqlXL8gldq8Pa7frp3r
-kiIgeD6Fkc/WdgCxoYGVA4GSAAQAH+KaTC3QALvtEpEhuI7btcObNAA/FwrBn6mo
-XF/lh6q4ITYfSWNEDyWstJdYgQVS8Gtxmp60O3IOm3rW751BJI1fM1+ZUVoBSZ25
-WAjHGdJOsFxjPbiwXPlpygv2VkNbH98bCSgpD2pr+ICtuf1TyG7Hbg9izonL60wm
-b2Sodtd4IxoAMMOKoA1mxr1oB4U=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C15-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQAH+KaTC3QALvtEpEhuI7btcObNAA/
-FwrBn6moXF/lh6q4ITYfSWNEDyWstJdYgQVS8Gtxmp60O3IOm3rW751BJI1fM1+Z
-UVoBSZ25WAjHGdJOsFxjPbiwXPlpygv2VkNbH98bCSgpD2pr+ICtuf1TyG7Hbg9i
-zonL60wmb2Sodtd4IxoAMMOKoA1mxr1oB4U=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C15:KAS-ECC-CDH_B-571_C15-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C15-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGzXkx/PGTX4HzAUee2a0Mb5oFvs9O
-Vzov9Am6/EQuwZX34/39COWBYdTg/Tf2KpaUIbGc1I/oSKXX90uBN6fHJqnL03os
-87QEtbLNg7J4lXUcNNOsW5YKEz7BiwOcLhKNNEHbT3bot1BkCUYZsSLl+y8cJ5ZV
-mtlTxxHjMNx79V7fKfCVyuRVV7fI1YQ9ib0=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C15
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C15-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=05c638349000ec30881cd190c067e7f12b6b42d5842a8285a8ff0dc7e9c9eaf483309e48314fdc2ce7f9da6a468e549c8e70a50b68d07aee29708a98172209e5cd2e8c09cb66d982
-
-PrivateKey=KAS-ECC-CDH_B-571_C16
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAYazHOSQx/KPJ5MH
-WkrmRayznnH/6UTuYr+CWH8cPL4ojOYCTY0DXxB9mk+u1Xp7Ie4dbnEpoJgATyLM
-1SdAwDSm3ze1PQcyoYGVA4GSAAQGsV8ahZ49gJJGEbIMG5Tf9r0FdP74GTfx5U0U
-jS0x+MIbDqnOAxyUVXBvCFpp/UkkGFWMfemq3CyamW5+0f7aMpx9dgm7ayIDKRBU
-TLE24sKaozVyqmw0caUuvKayKL7nSfqf/ikpakpbaqDG3J8JUhbnsVE9gcugB5Sj
-9Vj3ShtUHHOyMI9PjnQCi1wrzfM=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C16-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGsV8ahZ49gJJGEbIMG5Tf9r0FdP74
-GTfx5U0UjS0x+MIbDqnOAxyUVXBvCFpp/UkkGFWMfemq3CyamW5+0f7aMpx9dgm7
-ayIDKRBUTLE24sKaozVyqmw0caUuvKayKL7nSfqf/ikpakpbaqDG3J8JUhbnsVE9
-gcugB5Sj9Vj3ShtUHHOyMI9PjnQCi1wrzfM=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C16:KAS-ECC-CDH_B-571_C16-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C16-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCmEtlMHTDaiWa2VbVVWUSwscx+lDy
-AF0ASanZd95cALegVMlgzdcHiWMhSQvkM71e/9RMVk6qLVAhF1BQxb/BY82x6B3x
-M1oBp4bSkJizNPXBxK6GpBvydcxnh9pyBpFlV6T0MxkhQQNFZ+BB1V15SncHx6ry
-iELVyPWQN1pDZWkYqoDlWwKFNHzOj/4fFeg=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C16
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C16-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=007a40a59b6632156a43158565a4eeaf80618e501c5ac5afdab4ce3cb76ac99a0bcd17e9eec549373ace8c96aac78e2af6600483a2c49ec81298a083d5237118de96a953999beb26
-
-PrivateKey=KAS-ECC-CDH_B-571_C17
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIA0H46GGC3k/D9DhX
-JQqSmkGZTTMdoVTAJJ+g0cJqbeDoNfoIqMxSTj2sKGOD+QvS9NLHUULx04EI2cBi
-FDyObtu9oK+Hp2rVoYGVA4GSAAQCxcXrcydAJnJXPDe0kokDQ6tCK1G8ZbYAdm7B
-0HkI/wO8/edpTYMrzeUpRjOd8Kq0B0rgeon4IfWhEw0rc9sMQjrnoCOuLBgEdu09
-vZNtHDaYekNRLI8FYuMWEi0Fp+3U5CSJhMEfbrhSFdWqoCYqlfIGZsnb9FJIrhd9
-Lf/6OmqVBTMpi1w/Shti2h6vzVE=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C17-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCxcXrcydAJnJXPDe0kokDQ6tCK1G8
-ZbYAdm7B0HkI/wO8/edpTYMrzeUpRjOd8Kq0B0rgeon4IfWhEw0rc9sMQjrnoCOu
-LBgEdu09vZNtHDaYekNRLI8FYuMWEi0Fp+3U5CSJhMEfbrhSFdWqoCYqlfIGZsnb
-9FJIrhd9Lf/6OmqVBTMpi1w/Shti2h6vzVE=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C17:KAS-ECC-CDH_B-571_C17-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C17-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBqGguCezNGGjaICkWpWHuhRPA1zRw
-zTQa7nntk1VqOm58eyAwLsdKDFFwqON9eKm10N45AOsqZjpyR895Q/04HZWzqv0V
-YWcFL+zGj3aV1OQaCAxHZQ0gKHTaFjoXSOVQNzlY4xvQquUgmW0w84RzD0hU9eVO
-aMwklYrcUuKkxAc1ZRTz6nFmBW3Gfk0Rj6g=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C17
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C17-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=021fd2726973405fc30d2a1f2115907cbd0de90bb6bcb0496452e389b1b10ccf38e2400617040cf0dbb188f345337678b0ad8603dcfe926582d4321f384daec0943e2cd267f48343
-
-PrivateKey=KAS-ECC-CDH_B-571_C18
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAgenOC2KIlcSJuDA
-bCaB0JvKGbXbfnu/wTrCCDid+BaNd2FeMMqGEDk25T3ZrwHN/iT1COxgk5l3XOhM
-hon41flvZS4BTg3ooYGVA4GSAAQEYI3AUSvFXHNM1WKsWCX3yji3k/js6bmBzBxA
-Mt3YA5Fk0MZGtCsv1FO1odOnSuI8MsfVhAB948004zEhuQ+rOtpmIbOsl4UGqp/7
-/WXFCTcIRnB2dKxyPawkpvM6Hgu834skujLPe97I/ckjO3V7wHPWTe30hMb6Ae8o
-6HT7DTT1iw4ysYZFwwvctRbuOEE=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C18-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQEYI3AUSvFXHNM1WKsWCX3yji3k/js
-6bmBzBxAMt3YA5Fk0MZGtCsv1FO1odOnSuI8MsfVhAB948004zEhuQ+rOtpmIbOs
-l4UGqp/7/WXFCTcIRnB2dKxyPawkpvM6Hgu834skujLPe97I/ckjO3V7wHPWTe30
-hMb6Ae8o6HT7DTT1iw4ysYZFwwvctRbuOEE=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C18:KAS-ECC-CDH_B-571_C18-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C18-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCza8TmgzaKADWESj/5NcyOzSg/PSM
-lABHn/TIKRy/RvFsQeRAmq7fFLxgpkKy17qs3o4AUd2K4Bv1rS5uZJDHfNQGqZnF
-ZeYHjt0p22o7h6EVBbV8VD/7dGpbQPuD1yBhgPOun8siLFQRp3R2Zgx7MRtkYxCQ
-WImpWg8v3DXTD8YcxVYKKRQjLWKtNjhrkXk=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C18
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C18-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=07a47bdc7d54ecd391672f131b3214d0efc4d40195db1ec993a62fe9da875efff5403bd708fa491a01a94f4bddc7d516baffff9fbdd213ca1a4905f9aa679d65da25c0f1fd2afb0a
-
-PrivateKey=KAS-ECC-CDH_B-571_C19
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAGuo8SzG4OeN+Mxi
-mISKdAAl5yxi0JnpJYSsdvWVrB/HJMsGqFoH8NRED6893qLyZfIBXdBZoWoDopkV
-uHMdYEUSzu8iuEHzoYGVA4GSAAQGNvQ16AYAZmEIc3MAdzqO1v+o6/gwfIH/X0Q1
-PpG60IYzG4/v8/HNuG4GG95fccX7k48RfiImqX0rZrCY6f9SUYLIFucCxqkBwb2K
-+uapQQj8LHVdXeP6Kks0cfwqXN9K3aaFKb8YD/KNsVSrQxEkezkuk6M1u+h5Zgi7
-1gE/Q83MhG7CImdCPDz9os6KPZY=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C19-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGNvQ16AYAZmEIc3MAdzqO1v+o6/gw
-fIH/X0Q1PpG60IYzG4/v8/HNuG4GG95fccX7k48RfiImqX0rZrCY6f9SUYLIFucC
-xqkBwb2K+uapQQj8LHVdXeP6Kks0cfwqXN9K3aaFKb8YD/KNsVSrQxEkezkuk6M1
-u+h5Zgi71gE/Q83MhG7CImdCPDz9os6KPZY=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C19:KAS-ECC-CDH_B-571_C19-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C19-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQABRUS5KDbxTXJe+EP+nQldYOCiDBA
-RmYB1TkbyzWCwRUlKTJJ8kSXzIByFrNMksHgdXgcg5HD9tPRT4ih1Q6p/HX/jVHM
-+TMDnaRsrIZqs0dhesWotPFlcDTjuN22a8QnPi4c4BZB7OY2l53oskktxp6IU3w2
-scOtDTUif4Z+Q9+ciRfc6fjB7zujy1youlI=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C19
-PeerKey=KAS-ECC-CDH_B-571_C19-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=07326196a7decc92c81ae5a0779c9a42f53d94cfa4c3a13f19dbb554138e0e864eee6bc93e39214e2f74705a4b172aab510444c93b5b3e62517bbb7279337102db1c61de349d9747
-
-PrivateKey=KAS-ECC-CDH_B-571_C20
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAQcW8ud08n9C3j9s
-lpTY7KIXmCMJHSAvK6FikZOhyYcAaTOY/8gxV/fOSFjnU145kNIZvCSd4WRVjKyA
-fuFZd4oBLaGeUBK/oYGVA4GSAAQBULOt3hYqfwk1Daz0YEGf6GuZ3NlPRCg/uj5D
-0oG5O7VCgoEs5SJlqUg4lo1nqdbs3BtstkzxWUUhxHSepD2OTsBF5kX/I4sHtDMh
-thGLh8Rse1IojfXdHPfaYYPs5WM7TBfK42LYIRkffVeSOSgzmq332F9/Gd6UhnCe
-TS3e9CxVu012o8tQytKgmOrVlSo=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C20-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBULOt3hYqfwk1Daz0YEGf6GuZ3NlP
-RCg/uj5D0oG5O7VCgoEs5SJlqUg4lo1nqdbs3BtstkzxWUUhxHSepD2OTsBF5kX/
-I4sHtDMhthGLh8Rse1IojfXdHPfaYYPs5WM7TBfK42LYIRkffVeSOSgzmq332F9/
-Gd6UhnCeTS3e9CxVu012o8tQytKgmOrVlSo=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C20:KAS-ECC-CDH_B-571_C20-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C20-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQATC3lZCQxvMbrgu/UNVVAqLXSOxKw
-330xrWlCW5RUmHdEPujdfAnPu+2G8TZlkx1LKiF1nDPhC0rPxjuh72GsqqGMlOPP
-yTMBdlt6N+uAbUMZbSkx2hoZU3QtPg2nzLZ+Df26XgNJFMzj7mOTv95AZw9AYZYG
-faiyk8aENZPdIhyJv5eWNna9BE6MirjnF60=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C20
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C20-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=059052d3e1c66efa4b7dd39e74299e886367d8fe49d7cab90e4f051bec10316438fb29b1290dfdaec169decd622a1010cf0a0275008814f4861b4d83ba78515a8768d978be430011
-
-PrivateKey=KAS-ECC-CDH_B-571_C21
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAdAQP8eUivEH5R9N
-LMA5K2aAgFnR8my6Bb5qOB9SLUy4VBN5NKzNHOozYJSOQG0xCMlDdp3HALTJzAzB
-2EurWKNeJ+skBHXwoYGVA4GSAAQBK9qN7T7X6LbTm1hVpY1yW2XjhXwqZ0mW6zk6
-Pj+RWVu/qHJTpW66wrEO1Aavnb/1OyImX761p2nKzitgtF2/l87tKwoE21ACZFSC
-fv4psySuPy1MDco6OpVJFRHFMWRaz1RbRe9qxKUMCdPSHyE8p2uW+xgkLsvgivaH
-Vd5OEHcXNHWCbqq+0mp1w2nNew8=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C21-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBK9qN7T7X6LbTm1hVpY1yW2XjhXwq
-Z0mW6zk6Pj+RWVu/qHJTpW66wrEO1Aavnb/1OyImX761p2nKzitgtF2/l87tKwoE
-21ACZFSCfv4psySuPy1MDco6OpVJFRHFMWRaz1RbRe9qxKUMCdPSHyE8p2uW+xgk
-LsvgivaHVd5OEHcXNHWCbqq+0mp1w2nNew8=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C21:KAS-ECC-CDH_B-571_C21-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C21-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCUDig5yrowW424+O1BO1zQe9wm5/s
-i+kBdzRtdsp7xxM9DsKArPBmAFxcwQtSqmVDNf6CCmYX5WDicJA/8cLMivE5jyTf
-4rADEHTKOTGAGmrLdltukUQXLtgdmZ7Z6DW9NVJrA+8qE/eDdgMrDrgUbCMTI2X8
-4Xany9ykSzWqN5hZ9oisJtxkyBSaQyLQg9E=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C21
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C21-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=03acfa4b3d1c2a6b62af23bdff6a215a416d4437ce6cc114d17dc4201195987a5d7301da11b913254702d7172e31d64e59b24deaa3270f20445e51dc484f7a2b8c3cbeb0bb9efb28
-
-PrivateKey=KAS-ECC-CDH_B-571_C22
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAy0vVX/ke40oD2gu
-JP2mJ916WOmwCCKjqvbregFPR2wXlBrcXiI4owgNcG8eFqRRt+kpQneZMMVnCkcy
-gcrHi4WNHxzJmwr/oYGVA4GSAAQEDzEw50scjrJl58TmkhQR65cUGCZ+jeqHnC6L
-Vjhk8jphsjQiyaBvoXiooVXj54RXWXWH8+NbefGdDC4YWu9G25WBnL4SexAByR0n
-wq5xE+sDvpjpTTrW3seR+sL+DSyMmLcTcbBYpkn6nD+jzNu6kyOVwnr/og2VrAQb
-yZeOP1MIKaLGTImxvM6sBoVPuQM=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C22-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQEDzEw50scjrJl58TmkhQR65cUGCZ+
-jeqHnC6LVjhk8jphsjQiyaBvoXiooVXj54RXWXWH8+NbefGdDC4YWu9G25WBnL4S
-exAByR0nwq5xE+sDvpjpTTrW3seR+sL+DSyMmLcTcbBYpkn6nD+jzNu6kyOVwnr/
-og2VrAQbyZeOP1MIKaLGTImxvM6sBoVPuQM=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C22:KAS-ECC-CDH_B-571_C22-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C22-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBvf/9acLgj7A8hT7y69CI5o0jP9uV
-8LJG3nlV1hUHff0LD/AsZNAd55M1kJa4XgV7G3+fWSYtwnV/GCQ+GC4aC/6dy7An
-1osCGL59lWAp8TnBnS2jRnc7FtevyFirjctg1+SErs7DCcs/6pavOQNjfl2022eL
-tdubCxjYPPnrwbGq8k9DZ+xTNoTOnVZYLUM=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C22
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C22-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=067a58e5b3287bb9aa83ed9ca2d718cf7165fb574b6a446c3019849cd1584673d561b574bc8f68419437c5e8113e060847cad3b5ddc2f67ad75bc1e3f04554e63a5e4945cfcb65f5
-
-PrivateKey=KAS-ECC-CDH_B-571_C23
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIA+7ikZaovnDrOjEE
-ZAWcwMTELxNIerGgdiwsvjBOvmNQPmxwaKf0vBl/gfZbQpXBSyEPPLI3i2dAH89S
-vsAsE7YbbeFOG35boYGVA4GSAAQBd6zF/p9C9N4tJ6ub9vfg6s4wPCZv+LNGkIKr
-qTZ+ZkQL1rG9i24a7JK2XjWuqPAH8J1M1n7qXWAAc2yru53MyUPrtWVqBYYHFvGJ
-jiqMJzGd56JpjyHV3likuLjdArXkMxENOXf+6OxcCJ0XCvAqStPB+rRLDR4qO+up
-4HGc2L+DZEeNaGxONfdFfSTQIdY=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C23-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBd6zF/p9C9N4tJ6ub9vfg6s4wPCZv
-+LNGkIKrqTZ+ZkQL1rG9i24a7JK2XjWuqPAH8J1M1n7qXWAAc2yru53MyUPrtWVq
-BYYHFvGJjiqMJzGd56JpjyHV3likuLjdArXkMxENOXf+6OxcCJ0XCvAqStPB+rRL
-DR4qO+up4HGc2L+DZEeNaGxONfdFfSTQIdY=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C23:KAS-ECC-CDH_B-571_C23-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C23-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQAj8O0FPNBK0A/AcJTvSImFQIl3aqz
-TSAQifSdeeXcwuO2ghb6pm2sRFKcf+O6TSjYFbCII1lVcTu3chODUztdlCIbTtHh
-YrgCsyIB3icrGzK2pqWOoiQRxI9dxc8PlYcuZ1HtYizuzqIqVWl13mADhpriCvOb
-QrqIcXicgujzrTz2AG9DvEx9QQIDLEP495c=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C23
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C23-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=06b272ca3330c0cdfbe60a1746bc0ddea6257536cdd8e976f2517eb541460a3f0e6ea7fec2b495e0f57712c8cac35e8a7d64d876c29851bbfeb6fe726d57e0be43dc76a584ef9c93
-
-PrivateKey=KAS-ECC-CDH_B-571_C24
------BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAWmi2HWGlEwxc7+a
-InXjCAAD22SMLR4cVuLDfODXzZ+Bjqa3u6ND93TvDzNOpcEu8L51k9BO2UVFjXHh
-cRLrAdkEHSEzsTRzoYGVA4GSAAQFHlIXZCZa9/AbzZw/0CLf2y1KLFizsj0uVQMC
-xCqt1X0d9vwY5GW9mEQkle7SLz/WcAKEyfp4M7UWUUm44akeDgmaClcy1cIBmOfn
-0JTiB1KMWDhl0mKpGPwqOSYelcB9y9BE79OYGJkHivPrlzmCAaRlDw3Mvxn5Isjb
-w4Ob9r4AU/hFMccYQ6nmoQKrWNY=
------END PRIVATE KEY-----
-
-PublicKey=KAS-ECC-CDH_B-571_C24-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFHlIXZCZa9/AbzZw/0CLf2y1KLFiz
-sj0uVQMCxCqt1X0d9vwY5GW9mEQkle7SLz/WcAKEyfp4M7UWUUm44akeDgmaClcy
-1cIBmOfn0JTiB1KMWDhl0mKpGPwqOSYelcB9y9BE79OYGJkHivPrlzmCAaRlDw3M
-vxn5Isjbw4Ob9r4AU/hFMccYQ6nmoQKrWNY=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = KAS-ECC-CDH_B-571_C24:KAS-ECC-CDH_B-571_C24-PUBLIC
-
-
-PublicKey=KAS-ECC-CDH_B-571_C24-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFZagplNfm9T7ra/Z1I+5oD/t3ARhn
-PD4VwyAObI0fJsq68AwdpI5jdDFkl8ul8Z8XQg8mdjP0DlsGNieJv/Ea31ltWxz3
-aO8Bay1Nqsqca+2XayBk71Q1KliuNDZ4NaYhDhV4KRwd6NZ8ILw9b/piDIezCYor
-nzq7jSys1bLuK2g5nqxOj2XOvdZjAP0Em1s=
------END PUBLIC KEY-----
-
-
-Derive=KAS-ECC-CDH_B-571_C24
-Availablein = default
-PeerKey=KAS-ECC-CDH_B-571_C24-Peer-PUBLIC
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=02da266a269bdc8d8b2a0c6bb5762f102fc801c8d5394a9271539136bd81d4b69cfbb7525cd0a983fb7f7e9deec583b8f8e574c6184b2d79831ec770649e484dc006fa35b0bffd0b
-
-# for cofactor-order points, ECC CDH (co-factor ECDH) should fail. Test that.
-
-PrivateKey=ALICE_cf_sect283k1
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAHtPwRfQZ9pWgSctyHdt
-xt3pd8ESMI3ugVx8MDLkiVB8GkCRoUwDSgAEA+xpY5sDcgM2yYxoWOrzH7WUH+b3
-n68A32kODgcKu8PXRYEKBH8Xzbr974982ZJW1sGrDs+P81sIFH8tdp45Jkr+OtfM
-8uKr
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_sect283k1_PUB
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA+xpY5sDcgM2yYxoWOrzH7WUH+b3n68A
-32kODgcKu8PXRYEKBH8Xzbr974982ZJW1sGrDs+P81sIFH8tdp45Jkr+OtfM8uKr
------END PUBLIC KEY-----
-
-PublicKey=BOB_cf_sect283k1_PUB
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB
------END PUBLIC KEY-----
-
-PrivPubKeyPair = ALICE_cf_sect283k1:ALICE_cf_sect283k1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_sect283k1
-Availablein = default
-PeerKey=BOB_cf_sect283k1_PUB
-Ctrl=ecdh_cofactor_mode:1
-Result = DERIVE_ERROR
-Reason=point at infinity
-
-Title = Test keypair mismatches
-
-PrivPubKeyPair = Alice-25519:Bob-25519-PUBLIC
-Result = KEYPAIR_MISMATCH
-
-PrivPubKeyPair = Bob-25519:Alice-25519-PUBLIC
-Result = KEYPAIR_MISMATCH
-
-PrivPubKeyPair = Alice-448:Bob-448-PUBLIC
-Result = KEYPAIR_MISMATCH
-
-PrivPubKeyPair = Bob-448:Alice-448-PUBLIC
-Result = KEYPAIR_MISMATCH
-
-PrivPubKeyPair = Alice-25519:P-256-PUBLIC
-Result = KEYPAIR_TYPE_MISMATCH
-
-PrivPubKeyPair = Alice-448:P-256-PUBLIC
-Result = KEYPAIR_TYPE_MISMATCH
-
-PrivPubKeyPair = RSA-2048:P-256-PUBLIC
-Result = KEYPAIR_TYPE_MISMATCH
-
-PrivPubKeyPair = RSA-2048:KAS-ECC-CDH_K-163_C0-PUBLIC
-Result = KEYPAIR_TYPE_MISMATCH
-
-PrivPubKeyPair = Alice-25519:KAS-ECC-CDH_K-163_C0-PUBLIC
-Result = KEYPAIR_TYPE_MISMATCH
-
-PrivateKey = RSA-2048-BIS
------BEGIN PRIVATE KEY-----
-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCytEHg4qzeBrqu
-1haSf0xOttQeyburRKC4N4KJIbtQbooYS6M7C9mvXdz4vA7PtgXS6L4gDTH2Bpa5
-qvbAYQ7CbmssmkciN/bqxMqecsuN49uMRF2Yy40UYCKv+wv6fGbCsrczDc5kfRu2
-XzKHewAKF9EZYkKLNfLjT+jQAogdfmnShDQPWus7t+9RbuZPrg/iz/urQGfTEarW
-8yFl6jJd88cjASrGCCxTCL2BLuimLrSauF/Na9K1Jmxst+lqXKhf4YYtf5ARgDBn
-oOfZl24ts9twBXD6hjfhVh3wOPJL3+EKOORBclHixQ47Kx9ermb6hQDv0AyRoXyp
-6Jy7gkLxAgMBAAECggEAeDWjXxh7+nqCV5ux4Wf6N7Tqqa9AK6xlhKXqjD6Bl1BU
-WpV+vvhwvXOhcjxmpjimYEKpqjvWEM5L06d6htyDJi1KsN0y3oTQ9wnb1owX+2F8
-TTWr1F2QkFU+4Cw62YuXQH8hlxlBbf1uh9Yv0kzeMOvmf3HGm4h104zsaghZ8aP4
-Tmmeqnc+ty3iQkjDLIXEaHYIZ1AZ7fzc/rc6kbkWGkVAgCP1CDIm3q586OZDQz0E
-hgLhWHgJQ5Z2m9Qw/hROJeesKHtq19GFafIBANDelB/yG8p+dCqPQsg6nm24jAHO
-pT1EipOWwLnsTBsa9BlcCYeBpqNIPV4ST+X4Que59QKBgQDjublne/+/i7dQLpCT
-01fzbkDEIV2s7jVpEz0imzT6HXIeHBpOmS7GHlurN7WLUcbB5QUEgzNxA08x80o1
-oU9b/jUpFBJRudyIKX8aSBVSInOXw1eQNjkqBZdUVN1ADeS/HYRYnPhIB4w31XgJ
-ujc9udPtn2GqWfKXrG5abfXfdwKBgQDI5GJ/8kh4nxtC7SvcJNfbRtC/03f0vJQj
-600vCU8X+wkk1EMtnHU/A/oOhZey/zdc03h3UuwznOER8KWLB8/XidRZnT9NgMGb
-sO7sNPyTfMep+jLcolv1SAThjQxAVxCkvl87GFGvGnBCTtLWMEWpazl8XH+aHgyn
-1NU/VJqa1wKBgD5Nb6YaTKwRA4QSWUe4SJW3Ek0We9R2D3LB6rXvFJ1hNPl74s6i
-JiPZ5mZ/hVGqe+BMUgUcCBThPOeDkkf97AJVGCI29ZQab3VpNPbxxbOE7W8V6Hzx
-+M3AXdiapzWBF5YZ8z1zJJJATmJwKrkukzJ2Br86HbRHi5FngYGIF/6dAoGAE/32
-d3krESX0VpK3vK7F9IJ1n8FxvJ9Ptsth4P5yKpbG8C1XiiB54o2Iww00bZHMdqZs
-5KMR8oj4NQrXzqA2ZOLIiSqG9DWODupqvIMBZ8QRMq89hIt7z0sdgTzCLVz8wQhY
-/c6LwntFFLQ3cy1WoWeUTvX9lN7Mr58UobrPr/0CgYEA31WYhr/TH7sBG5tlUvuK
-1KYMRwh1HR3lMnuCzAFOEtIJhSG/GtWyPtlYzYWvYGEukBO5+QSoB9K+jNEm6tNw
-mRsMet399ylSQMkmPIfXldQvDF/9AvXBCR+EttZDr2Dw0Haeu4PGwT3WgqGHDWz5
-vOpxAsEe+k0AI8MnJvlO8uw=
------END PRIVATE KEY-----
-
-PublicKey = RSA-2048-BIS-PUBLIC
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrRB4OKs3ga6rtYWkn9M
-TrbUHsm7q0SguDeCiSG7UG6KGEujOwvZr13c+LwOz7YF0ui+IA0x9gaWuar2wGEO
-wm5rLJpHIjf26sTKnnLLjePbjERdmMuNFGAir/sL+nxmwrK3Mw3OZH0btl8yh3sA
-ChfRGWJCizXy40/o0AKIHX5p0oQ0D1rrO7fvUW7mT64P4s/7q0Bn0xGq1vMhZeoy
-XfPHIwEqxggsUwi9gS7opi60mrhfzWvStSZsbLfpalyoX+GGLX+QEYAwZ6Dn2Zdu
-LbPbcAVw+oY34VYd8DjyS9/hCjjkQXJR4sUOOysfXq5m+oUA79AMkaF8qeicu4JC
-8QIDAQAB
------END PUBLIC KEY-----
-
-PrivPubKeyPair = RSA-2048-BIS:RSA-2048-BIS-PUBLIC
-
-PrivPubKeyPair = RSA-2048-BIS:RSA-2048-PUBLIC
-Result = KEYPAIR_MISMATCH
-
-PrivateKey = DSA-1024-BIS
------BEGIN PRIVATE KEY-----
-MIIBSwIBADCCASwGByqGSM44BAEwggEfAoGBAO0SwRpkAeM21qSM5ch4CLEHpFk419R5ve1UUr42
-1y3HEUURsrVpxYKvyx8aOBQC/akz95cYxNN3y1JnJJMxPklhdJrJf/WDYPxjMk8BqNJmeZtLuCVL
-KGwQomuo7ZkG955WRyLHYEdQ6uC7K2QTPKpW6psFYFaDYjAjSEKk2MFxAhUAykDkKLZdhPWzwM8/
-qYaE31VmWz0CgYEApNVF8oFK41ezQci9XbSZJHyPB+3jML1YQkHxiiInaIz6GEFtjUbIUEYA/ovY
-+6ECNI1aIDHTd7CHwoS0mp33oQYs43nt29B6UwbtMmbzCOQ9vGGwWVho+JtHyyPWrDuLmkvLtoQP
-axYt6PVa3gncr2v3njcVuH+EQ6DuFR93zksEFgIUFQFshP0hj7i6ClXkSPYoFW6KrIY=
------END PRIVATE KEY-----
-
-PublicKey = DSA-1024-BIS-PUBLIC
------BEGIN PUBLIC KEY-----
-MIIBtzCCASwGByqGSM44BAEwggEfAoGBAO0SwRpkAeM21qSM5ch4CLEHpFk419R5
-ve1UUr421y3HEUURsrVpxYKvyx8aOBQC/akz95cYxNN3y1JnJJMxPklhdJrJf/WD
-YPxjMk8BqNJmeZtLuCVLKGwQomuo7ZkG955WRyLHYEdQ6uC7K2QTPKpW6psFYFaD
-YjAjSEKk2MFxAhUAykDkKLZdhPWzwM8/qYaE31VmWz0CgYEApNVF8oFK41ezQci9
-XbSZJHyPB+3jML1YQkHxiiInaIz6GEFtjUbIUEYA/ovY+6ECNI1aIDHTd7CHwoS0
-mp33oQYs43nt29B6UwbtMmbzCOQ9vGGwWVho+JtHyyPWrDuLmkvLtoQPaxYt6PVa
-3gncr2v3njcVuH+EQ6DuFR93zksDgYQAAoGAdZCPYZ9WvtKW7dFvbEjl0HHBxLNX
-8kV1/FAxsDrQd+c8mWdruNzcmwsZJklJuTK9czKnXgLmkRHR20I4oNrJ/bptV8lV
-iDvJBJlmZ1aGh6yLIHzYBbgbgia3lBrFlO5qUxNmbNeiC+HIqUvlVBmQOLN6+Xjn
-Q4A0wDK8dmF2dFI=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = DSA-1024-BIS:DSA-1024-BIS-PUBLIC
-
-PrivPubKeyPair = DSA-1024:DSA-1024-BIS-PUBLIC
-Result = KEYPAIR_MISMATCH
-
-PrivPubKeyPair = DSA-1024-BIS:DSA-1024-PUBLIC
-Result = KEYPAIR_MISMATCH
-
-Title = DigestSign and DigestVerify
-
-DigestSign = SHA1
-Availablein = default
-Key = RSA-2048
-Input = "Hello World"
-Output = 3da3ca2bdd1b23a231b0e3c49d95d5959f9398c27a1e534c7e6baf1d2682304d3b6b229385b1edf483f5ef6f9b35bf10c519a302bb2f79c564e1a59ba71aa2fa36df96c942c43e8d9bd4702b5f61c12a078ae2b34d0de221fc8f9f936b79a67c89d11ba5da8c63a1370d0e824c6b661123e9b58b143ff533cf362cbdad70e65b419a6d45723bf22db3c76bb8f5337c5c5c93cb6f38b30d0c835b54c23405ca4217dd0b755f3712ebad285d9e0c02655f6ce5ce6fed78f3c81843de325f628055eef57f280dee0c3170050137ee599b9ab7f2b5d3c5f831777ea05a5eb097c70bad1a7214dadae12d7960bb9425390c7d25a79985e1e3c28ad422ff93c808f4b5
-
-DigestSign = SHA256
-Availablein = default
-Key = RSA-2048
-Input = "Hello World"
-Output = ba8c24b86f18633767ed1778ef12d283a508d0bef32dd50b4a67cbd6b75df0f4ef6e69bfafbc809b01b93ab34aad9a33908644efca6eca04db1afda1016d1c1603183d2263597cf85ce5b7acd6a4872cbcc401b90b221d85aa0a2d0e1f159fc0843e0a55c47dc108c3f207d000e954605fabbb8c938050f280e29653aa1438109d02e53dfbdcb8cb9b46d372dd39ba7317a3f4c0020dba1ddd247b3d58addb1df7208785a62a8e3e4372c1fa6d24a17cd6413f7f5c046ba40a881c21875fde848b3b56fea7264430eca15b27c5c3b72fedcbcc124f8d939ffc11e6d3172c7eb491d378902093fcc3bf3a2835a1fcfabf457c13abf7b37f08595ed72332e27034
-
-DigestSign = SHA256
-Availablein = default
-Key = RSA-2048
-Input = "Hello "
-Input = "World"
-Output = ba8c24b86f18633767ed1778ef12d283a508d0bef32dd50b4a67cbd6b75df0f4ef6e69bfafbc809b01b93ab34aad9a33908644efca6eca04db1afda1016d1c1603183d2263597cf85ce5b7acd6a4872cbcc401b90b221d85aa0a2d0e1f159fc0843e0a55c47dc108c3f207d000e954605fabbb8c938050f280e29653aa1438109d02e53dfbdcb8cb9b46d372dd39ba7317a3f4c0020dba1ddd247b3d58addb1df7208785a62a8e3e4372c1fa6d24a17cd6413f7f5c046ba40a881c21875fde848b3b56fea7264430eca15b27c5c3b72fedcbcc124f8d939ffc11e6d3172c7eb491d378902093fcc3bf3a2835a1fcfabf457c13abf7b37f08595ed72332e27034
-
-DigestSign = SHA256
-Availablein = default
-Key = RSA-2048
-Input = "Hello "
-Input = "World"
-Ctrl = rsa_padding_mode:pss
-Ctrl = rsa_pss_saltlen:0
-Output = 4a35cc7623f176c997696213045024f1b1121a6ec4a5755d206c20fc4a7c5259566d19730f6f1a75ac00878c6290e6757510588d740da3633b09a1d899c7dfba2031cfcae6a490e995c87f4750ea88948009cbed6c80cebb9ebfab7d04805e7a2140373fb888b5e6151d1c4eb7f505c4e0a584c17c6ca71e552ba13e1f20101796fe0d1af0cde661fc47d904b5d3f127073471fe6dc7e78f5cd2a049d67e0c7c92184e2bf97f8e16b50b8385daa1f8882e8f6c8683720903454b35356058f2f0136cad7689105167bacbe0dbad466ff2a298e41e5a65caecac4cde08529b7ea8717258e19b0732c966b34f5d52e4ec3073da78757471086553a3ff6c5460bcda
-
-DigestVerify = SHA256
-Availablein = default
-Key = RSA-2048-PUBLIC
-Input = "Hello "
-Input = "World"
-Output = ba8c24b86f18633767ed1778ef12d283a508d0bef32dd50b4a67cbd6b75df0f4ef6e69bfafbc809b01b93ab34aad9a33908644efca6eca04db1afda1016d1c1603183d2263597cf85ce5b7acd6a4872cbcc401b90b221d85aa0a2d0e1f159fc0843e0a55c47dc108c3f207d000e954605fabbb8c938050f280e29653aa1438109d02e53dfbdcb8cb9b46d372dd39ba7317a3f4c0020dba1ddd247b3d58addb1df7208785a62a8e3e4372c1fa6d24a17cd6413f7f5c046ba40a881c21875fde848b3b56fea7264430eca15b27c5c3b72fedcbcc124f8d939ffc11e6d3172c7eb491d378902093fcc3bf3a2835a1fcfabf457c13abf7b37f08595ed72332e27034
-
-DigestVerify = SHA256
-Availablein = default
-Key = RSA-2048-PUBLIC
-Input = "Hello"
-Input = "World"
-Output = ba8c24b86f18633767ed1778ef12d283a508d0bef32dd50b4a67cbd6b75df0f4ef6e69bfafbc809b01b93ab34aad9a33908644efca6eca04db1afda1016d1c1603183d2263597cf85ce5b7acd6a4872cbcc401b90b221d85aa0a2d0e1f159fc0843e0a55c47dc108c3f207d000e954605fabbb8c938050f280e29653aa1438109d02e53dfbdcb8cb9b46d372dd39ba7317a3f4c0020dba1ddd247b3d58addb1df7208785a62a8e3e4372c1fa6d24a17cd6413f7f5c046ba40a881c21875fde848b3b56fea7264430eca15b27c5c3b72fedcbcc124f8d939ffc11e6d3172c7eb491d378902093fcc3bf3a2835a1fcfabf457c13abf7b37f08595ed72332e27034
-Result = VERIFY_ERROR
-
-DigestVerify = SHA256
-Availablein = default
-Key = P-256-PUBLIC
-Input = "Hello World"
-Output = 3046022100e7515177ec3817b77a4a94066ab3070817b7aa9d44a8a09f040da250116e8972022100ba59b0f631258e59a9026be5d84f60685f4cf22b9165a0c2736d5c21c8ec1862
-
-# Invalid digest
-DigestVerify = MD5
-Availablein = default
-Key = P-256-PUBLIC
-Result = DIGESTVERIFYINIT_ERROR
-
-# Oneshot tests
-OneShotDigestVerify = SHA256
-Availablein = default
-Key = P-256-PUBLIC
-Input = "Hello World"
-Output = 3046022100e7515177ec3817b77a4a94066ab3070817b7aa9d44a8a09f040da250116e8972022100ba59b0f631258e59a9026be5d84f60685f4cf22b9165a0c2736d5c21c8ec1862
-
-OneShotDigestSign = SHA1
-Availablein = default
-Key = RSA-2048
-Input = "Hello World"
-Output = 3da3ca2bdd1b23a231b0e3c49d95d5959f9398c27a1e534c7e6baf1d2682304d3b6b229385b1edf483f5ef6f9b35bf10c519a302bb2f79c564e1a59ba71aa2fa36df96c942c43e8d9bd4702b5f61c12a078ae2b34d0de221fc8f9f936b79a67c89d11ba5da8c63a1370d0e824c6b661123e9b58b143ff533cf362cbdad70e65b419a6d45723bf22db3c76bb8f5337c5c5c93cb6f38b30d0c835b54c23405ca4217dd0b755f3712ebad285d9e0c02655f6ce5ce6fed78f3c81843de325f628055eef57f280dee0c3170050137ee599b9ab7f2b5d3c5f831777ea05a5eb097c70bad1a7214dadae12d7960bb9425390c7d25a79985e1e3c28ad422ff93c808f4b5
-
-Title = ED25519 tests from RFC8032
-
-PrivateKey=ED25519-1
------BEGIN PRIVATE KEY-----
-MC4CAQAwBQYDK2VwBCIEIJ1hsZ3v/VpguoRK9JLsLMREScVpezJpGXA7rAMcrn9g
------END PRIVATE KEY-----
-
-PrivateKey=ED25519-2
------BEGIN PRIVATE KEY-----
-MC4CAQAwBQYDK2VwBCIEIEzNCJso/5banbbDRuwRTg9bijGfNaumJNqM9u1PuKb7
------END PRIVATE KEY-----
-
-PrivateKey=ED25519-3
------BEGIN PRIVATE KEY-----
-MC4CAQAwBQYDK2VwBCIEIMWqjfQ/n4N77bdELzHct7Fm04U1B28JS4XOOi4LRFj3
------END PRIVATE KEY-----
-
-PrivateKey=ED25519-4
------BEGIN PRIVATE KEY-----
-MC4CAQAwBQYDK2VwBCIEIPXldnzxUzGVF2MPImh2uGyBYMxYO8ATdExr8lX1zA7l
------END PRIVATE KEY-----
-
-PrivateKey=ED25519-5
------BEGIN PRIVATE KEY-----
-MC4CAQAwBQYDK2VwBCIEIIM/5iQJI3udYux3WHUgkR6adZzsHRl1W32pAbltyj1C
------END PRIVATE KEY-----
-
-PublicKey=ED25519-1-PUBLIC
------BEGIN PUBLIC KEY-----
-MCowBQYDK2VwAyEA11qYAYKxCrfVS/7TyWQHOg7hcvPapiMlrwIaaPcHURo=
------END PUBLIC KEY-----
-
-PublicKey=ED25519-2-PUBLIC
------BEGIN PUBLIC KEY-----
-MCowBQYDK2VwAyEAPUAXw+hDiVqStwqnTRt+vJyYLM8uxJaMwM1V8Sr0Zgw=
------END PUBLIC KEY-----
-
-PublicKey=ED25519-3-PUBLIC
------BEGIN PUBLIC KEY-----
-MCowBQYDK2VwAyEA/FHNjmIYoaONpH7QAjDwWAgW7RO6MwOsXeuRFUiQgCU=
------END PUBLIC KEY-----
-
-PublicKey=ED25519-4-PUBLIC
------BEGIN PUBLIC KEY-----
-MCowBQYDK2VwAyEAJ4EX/BRMcjQPZ9DyMW6Dhs7/vyskKMnFH+98WX8dQm4=
------END PUBLIC KEY-----
-
-PublicKey=ED25519-5-PUBLIC
------BEGIN PUBLIC KEY-----
-MCowBQYDK2VwAyEA7Bcrk61eVjv0kyxw4SRQNMNUZ+8u/U1k6/gZaDRn4r8=
------END PUBLIC KEY-----
-
-#Raw versions of the ED25519-1 keys
-PrivateKeyRaw=ED25519-1-Raw:ED25519:9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60
-
-PublicKeyRaw=ED25519-1-PUBLIC-Raw:ED25519:d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a
-
-PrivPubKeyPair = ED25519-1:ED25519-1-PUBLIC
-
-PrivPubKeyPair = ED25519-1-Raw:ED25519-1-PUBLIC-Raw
-
-OneShotDigestSign = NULL
-Availablein = default
-Key = ED25519-1
-Input = ""
-Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b
-
-PrivPubKeyPair = ED25519-2:ED25519-2-PUBLIC
-
-OneShotDigestSign = NULL
-Availablein = default
-Key = ED25519-2
-Input = 72
-Output = 92a009a9f0d4cab8720e820b5f642540a2b27b5416503f8fb3762223ebdb69da085ac1e43e15996e458f3613d0f11d8c387b2eaeb4302aeeb00d291612bb0c00
-
-PrivPubKeyPair = ED25519-3:ED25519-3-PUBLIC
-
-OneShotDigestSign = NULL
-Key = ED25519-3
-Input = af82
-Output = 6291d657deec24024827e69c3abe01a30ce548a284743a445e3680d7db5ac3ac18ff9b538d16f290ae67f760984dc6594a7c15e9716ed28dc027beceea1ec40a
-
-PrivPubKeyPair = ED25519-4:ED25519-4-PUBLIC
-
-OneShotDigestSign = NULL
-Availablein = default
-Key = ED25519-4
-Input = 08b8b2b733424243760fe426a4b54908632110a66c2f6591eabd3345e3e4eb98fa6e264bf09efe12ee50f8f54e9f77b1e355f6c50544e23fb1433ddf73be84d879de7c0046dc4996d9e773f4bc9efe5738829adb26c81b37c93a1b270b20329d658675fc6ea534e0810a4432826bf58c941efb65d57a338bbd2e26640f89ffbc1a858efcb8550ee3a5e1998bd177e93a7363c344fe6b199ee5d02e82d522c4feba15452f80288a821a579116ec6dad2b3b310da903401aa62100ab5d1a36553e06203b33890cc9b832f79ef80560ccb9a39ce767967ed628c6ad573cb116dbefefd75499da96bd68a8a97b928a8bbc103b6621fcde2beca1231d206be6cd9ec7aff6f6c94fcd7204ed3455c68c83f4a41da4af2b74ef5c53f1d8ac70bdcb7ed185ce81bd84359d44254d95629e9855a94a7c1958d1f8ada5d0532ed8a5aa3fb2d17ba70eb6248e594e1a2297acbbb39d502f1a8c6eb6f1ce22b3de1a1f40cc24554119a831a9aad6079cad88425de6bde1a9187ebb6092cf67bf2b13fd65f27088d78b7e883c8759d2c4f5c65adb7553878ad575f9fad878e80a0c9ba63bcbcc2732e69485bbc9c90bfbd62481d9089beccf80cfe2df16a2cf65bd92dd597b0707e0917af48bbb75fed413d238f5555a7a569d80c3414a8d0859dc65a46128bab27af87a71314f318c782b23ebfe808b82b0ce26401d2e22f04d83d1255dc51addd3b75a2b1ae0784504df543af8969be3ea7082ff7fc9888c144da2af58429ec96031dbcad3dad9af0dcbaaaf268cb8fcffead94f3c7ca495e056a9b47acdb751fb73e666c6c655ade8297297d07ad1ba5e43f1bca32301651339e22904cc8c42f58c30c04aafdb038dda0847dd988dcda6f3bfd15c4b4c4525004aa06eeff8ca61783aacec57fb3d1f92b0fe2fd1a85f6724517b65e614ad6808d6f6ee34dff7310fdc82aebfd904b01e1dc54b2927094b2db68d6f903b68401adebf5a7e08d78ff4ef5d63653a65040cf9bfd4aca7984a74d37145986780fc0b16ac451649de6188a7dbdf191f64b5fc5e2ab47b57f7f7276cd419c17a3ca8e1b939ae49e488acba6b965610b5480109c8b17b80e1b7b750dfc7598d5d5011fd2dcc5600a32ef5b52a1ecc820e308aa342721aac0943bf6686b64b2579376504ccc493d97e6aed3fb0f9cd71a43dd497f01f17c0e2cb3797aa2a2f256656168e6c496afc5fb93246f6b1116398a346f1a641f3b041e989f7914f90cc2c7fff357876e506b50d334ba77c225bc307ba537152f3f1610e4eafe595f6d9d90d11faa933a15ef1369546868a7f3a45a96768d40fd9d03412c091c6315cf4fde7cb68606937380db2eaaa707b4c4185c32eddcdd306705e4dc1ffc872eeee475a64dfac86aba41c0618983f8741c5ef68d3a101e8a3b8cac60c905c15fc910840b94c00a0b9d0
-Output = 0aab4c900501b3e24d7cdf4663326a3a87df5e4843b2cbdb67cbf6e460fec350aa5371b1508f9f4528ecea23c436d94b5e8fcd4f681e30a6ac00a9704a188a03
-
-PrivPubKeyPair = ED25519-5:ED25519-5-PUBLIC
-
-OneShotDigestSign = NULL
-Availablein = default
-Key = ED25519-5
-Input = ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f
-Output = dc2a4459e7369633a52b1bf277839a00201009a3efbf3ecb69bea2186c26b58909351fc9ac90b3ecfdfbc7c66431e0303dca179c138ac17ad9bef1177331a704
-
-# Verify test
-OneShotDigestVerify = NULL
-Availablein = default
-Key = ED25519-1-PUBLIC
-Input = ""
-Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b
-
-# Corrupted input
-OneShotDigestVerify = NULL
-Availablein = default
-Key = ED25519-1-PUBLIC
-Input = "bad"
-Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b
-Result = VERIFY_ERROR
-
-# Corrupted signature
-OneShotDigestVerify = NULL
-Availablein = default
-Key = ED25519-1-PUBLIC
-Input = ""
-Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100c
-Result = VERIFY_ERROR
-
-PrivPubKeyPair = ED25519-1:ED25519-2-PUBLIC
-Result = KEYPAIR_MISMATCH
-
-# Make sure update calls return an error
-DigestSign = NULL
-Availablein = default
-Key = ED25519-1
-Input = "Test"
-Result = DIGESTUPDATE_ERROR
-
-DigestVerify = NULL
-Availablein = default
-Key = ED25519-1-PUBLIC
-Input = "Test"
-Result = DIGESTUPDATE_ERROR
-
-# Attempt to set invalid digest
-DigestSign = SHA256
-Availablein = default
-Key = ED25519-1
-Result = DIGESTSIGNINIT_ERROR
-
-# Raw tests
-
-OneShotDigestSign = NULL
-Availablein = default
-Key = ED25519-1-Raw
-Input = ""
-Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b
-
-OneShotDigestVerify = NULL
-Availablein = default
-Key = ED25519-1-PUBLIC-Raw
-Input = ""
-Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b
-
-#Signature maleability test.
-#Same as the verify operation above but with the order added to s
-OneShotDigestVerify = NULL
-Availablein = default
-Key = ED25519-1-PUBLIC-Raw
-Input = ""
-Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901554c8c7872aa064e049dbb3013fbf29380d25bf5f0595bbe24655141438e7a101b
-Result = VERIFY_ERROR
-
-Title = ED448 tests from RFC8032
-
-PrivateKey=ED448-1
------BEGIN PRIVATE KEY-----
-MEcCAQAwBQYDK2VxBDsEOWyCpWLLgI0Q1jK+ichRPr9skp803fqMn2PJlg7240ij
-UoyKP8wvBE45o/xblEkvjwMudUmiAJj5Ww==
------END PRIVATE KEY-----
-
-PrivateKey=ED448-2
------BEGIN PRIVATE KEY-----
-MEcCAQAwBQYDK2VxBDsEOcTqsF01cAfGMvPbtISJkk1VKwj+DDU6DUofAKzaLEY6
-++pnxejSh3xeO8OXplmUnvgCHpVOChInTg==
------END PRIVATE KEY-----
-
-PrivateKey=ED448-3
------BEGIN PRIVATE KEY-----
-MEcCAQAwBQYDK2VxBDsEOc0j0k9xQnTnRDQyN7kykPUR9kJfmOZEWf8gPomFCD/9
-9gUAVTq8DgXNAhhL24nEzNZ+GHlRJn6zKA==
------END PRIVATE KEY-----
-
-PrivateKey=ED448-4
------BEGIN PRIVATE KEY-----
-MEcCAQAwBQYDK2VxBDsEOSWM3UraMu2cn/VOY3Vq5YL7j6sqxyHyyOZ2pydoUT2T
-n2Pd21VgkTPymt+G7Jkp3MtSwcX9L/fiGw==
------END PRIVATE KEY-----
-
-PrivateKey=ED448-5
------BEGIN PRIVATE KEY-----
-MEcCAQAwBQYDK2VxBDsEOX706EVEI2dS+7VrjzGiOhDkKBT19VygN83MEcZMmjsp
-ScG7YHADFGEXMqbC/qmO68AmahGpOXAQDg==
------END PRIVATE KEY-----
-
-PrivateKey=ED448-6
------BEGIN PRIVATE KEY-----
-MEcCAQAwBQYDK2VxBDsEOdZd80GtE+AIVnaIuu3ajp3NwX3AJJdOpbQie2Uw4zm/
-8h+Z5oymlo88ym3+D7n0+rT6E11VQuo/AQ==
------END PRIVATE KEY-----
-
-PrivateKey=ED448-7
------BEGIN PRIVATE KEY-----
-MEcCAQAwBQYDK2VxBDsEOS7F/jwXBFq9sTal5qkT4yq3WuaLU9L8FJt35QQTLTdW
-m352a6dKGb1hYjQ6IchZCqnOvKkBTGNt9Q==
------END PRIVATE KEY-----
-
-PrivateKey=ED448-8
------BEGIN PRIVATE KEY-----
-MEcCAQAwBQYDK2VxBDsEOYctCTeA9dNzDffCEmZLN7ig8k9WgQ2qg4LNT6P3djTs
-RNxU8cLtm+qG+vt2Mti+GZ6hZfWtVd2c6A==
------END PRIVATE KEY-----
-
-PublicKey=ED448-1-PUBLIC
------BEGIN PUBLIC KEY-----
-MEMwBQYDK2VxAzoAX9dEm1m0Yf0s54fsYWrUah2hNCSFpw4fig6nXYDpZ3jt8SR2
-m0bHBhvWeD3x5Q9s0foavq/oJWGA
------END PUBLIC KEY-----
-
-PublicKey=ED448-2-PUBLIC
------BEGIN PUBLIC KEY-----
-MEMwBQYDK2VxAzoAQ7oo9DDN/0Vq5TFUX37NCsg0pV2TWMA3K/oMbGeYwIZq6gHr
-AHQoArhDjqTLghacI1FgYntMOpSA
------END PUBLIC KEY-----
-
-PublicKey=ED448-3-PUBLIC
------BEGIN PUBLIC KEY-----
-MEMwBQYDK2VxAzoA3OqeePNaG/NJmoMbELhskKrAHNhLZ6AQm1WjbpMoseNl/OFh
-1xznExpUPqTLX36fHYsAaWRHABQA
------END PUBLIC KEY-----
-
-PublicKey=ED448-4-PUBLIC
------BEGIN PUBLIC KEY-----
-MEMwBQYDK2VxAzoAO6FtoMbyzB8wGHdAdW9eeY1rxfwBXXxjzJUQ7j/UStwk2Olo
-tuRub5TRm5RTYXJr114UnvCYF/WA
------END PUBLIC KEY-----
-
-PublicKey=ED448-5-PUBLIC
------BEGIN PUBLIC KEY-----
-MEMwBQYDK2VxAzoAs9oHmwqkk6V3ICnwRnuuvuWoES2dOiJTI2HaKU97s4FcXcWe
-F2tNnzgcoJOOE8bAexdL5l36V46A
------END PUBLIC KEY-----
-
-PublicKey=ED448-6-PUBLIC
------BEGIN PUBLIC KEY-----
-MEMwBQYDK2VxAzoA35cF9Y7bq4Asf4Njz+VWCrHGEywgqfHdFjSDom+KxTo51oCL
-9KHfvSYbCZuwOz+1CQbLKL2KCB8A
------END PUBLIC KEY-----
-
-PublicKey=ED448-7-PUBLIC
------BEGIN PUBLIC KEY-----
-MEMwBQYDK2VxAzoAeXVvAU3P4gefXdnnGL5BceLvJIagjyUYb2v/Q6mTa5v+EkAr
-CK5leYo9geIunsgOdpCGLvPU7ToA
------END PUBLIC KEY-----
-
-PublicKey=ED448-8-PUBLIC
------BEGIN PUBLIC KEY-----
-MEMwBQYDK2VxAzoAqBsuinClrJT/28ybrfw/6wgB8lhXi7EUrUTs4ewOeZ2gjv+4
-HF1oXAxW9k7srvjN8RzDhzeDjPQA
------END PUBLIC KEY-----
-
-#Raw versions of the ED448-1 keys
-PrivateKeyRaw=ED448-1-Raw:ED448:6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b
-
-PublicKeyRaw=ED448-1-PUBLIC-Raw:ED448:5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180
-
-PrivPubKeyPair = ED448-1:ED448-1-PUBLIC
-Availablein = default
-
-PrivPubKeyPair = ED448-2:ED448-2-PUBLIC
-Availablein = default
-
-PrivPubKeyPair = ED448-3:ED448-3-PUBLIC
-Availablein = default
-
-PrivPubKeyPair = ED448-4:ED448-4-PUBLIC
-Availablein = default
-
-PrivPubKeyPair = ED448-5:ED448-5-PUBLIC
-Availablein = default
-
-PrivPubKeyPair = ED448-6:ED448-6-PUBLIC
-Availablein = default
-
-PrivPubKeyPair = ED448-7:ED448-7-PUBLIC
-Availablein = default
-
-PrivPubKeyPair = ED448-8:ED448-8-PUBLIC
-Availablein = default
-
-PrivPubKeyPair = ED448-1-Raw:ED448-1-PUBLIC-Raw
-Availablein = default
-
-OneShotDigestSign = NULL
-Availablein = default
-Key = ED448-1
-Input = ""
-Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652600
-
-OneShotDigestSign = NULL
-Availablein = default
-Key = ED448-2
-Input = 03
-Output = 26b8f91727bd62897af15e41eb43c377efb9c610d48f2335cb0bd0087810f4352541b143c4b981b7e18f62de8ccdf633fc1bf037ab7cd779805e0dbcc0aae1cbcee1afb2e027df36bc04dcecbf154336c19f0af7e0a6472905e799f1953d2a0ff3348ab21aa4adafd1d234441cf807c03a00
-
-OneShotDigestSign = NULL
-Availablein = default
-Key = ED448-3
-Input = 0c3e544074ec63b0265e0c
-Output = 1f0a8888ce25e8d458a21130879b840a9089d999aaba039eaf3e3afa090a09d389dba82c4ff2ae8ac5cdfb7c55e94d5d961a29fe0109941e00b8dbdeea6d3b051068df7254c0cdc129cbe62db2dc957dbb47b51fd3f213fb8698f064774250a5028961c9bf8ffd973fe5d5c206492b140e00
-
-OneShotDigestSign = NULL
-Availablein = default
-Key = ED448-4
-Input = 64a65f3cdedcdd66811e2915
-Output = 7eeeab7c4e50fb799b418ee5e3197ff6bf15d43a14c34389b59dd1a7b1b85b4ae90438aca634bea45e3a2695f1270f07fdcdf7c62b8efeaf00b45c2c96ba457eb1a8bf075a3db28e5c24f6b923ed4ad747c3c9e03c7079efb87cb110d3a99861e72003cbae6d6b8b827e4e6c143064ff3c00
-
-OneShotDigestSign = NULL
-Availablein = default
-Key = ED448-5
-Input = 64a65f3cdedcdd66811e2915e7
-Output = 6a12066f55331b6c22acd5d5bfc5d71228fbda80ae8dec26bdd306743c5027cb4890810c162c027468675ecf645a83176c0d7323a2ccde2d80efe5a1268e8aca1d6fbc194d3f77c44986eb4ab4177919ad8bec33eb47bbb5fc6e28196fd1caf56b4e7e0ba5519234d047155ac727a1053100
-
-OneShotDigestSign = NULL
-Availablein = default
-Key = ED448-6
-Input = bd0f6a3747cd561bdddf4640a332461a4a30a12a434cd0bf40d766d9c6d458e5512204a30c17d1f50b5079631f64eb3112182da3005835461113718d1a5ef944
-Output = 554bc2480860b49eab8532d2a533b7d578ef473eeb58c98bb2d0e1ce488a98b18dfde9b9b90775e67f47d4a1c3482058efc9f40d2ca033a0801b63d45b3b722ef552bad3b4ccb667da350192b61c508cf7b6b5adadc2c8d9a446ef003fb05cba5f30e88e36ec2703b349ca229c2670833900
-
-OneShotDigestSign = NULL
-Availablein = default
-Key = ED448-7
-Input = 15777532b0bdd0d1389f636c5f6b9ba734c90af572877e2d272dd078aa1e567cfa80e12928bb542330e8409f3174504107ecd5efac61ae7504dabe2a602ede89e5cca6257a7c77e27a702b3ae39fc769fc54f2395ae6a1178cab4738e543072fc1c177fe71e92e25bf03e4ecb72f47b64d0465aaea4c7fad372536c8ba516a6039c3c2a39f0e4d832be432dfa9a706a6e5c7e19f397964ca4258002f7c0541b590316dbc5622b6b2a6fe7a4abffd96105eca76ea7b98816af0748c10df048ce012d901015a51f189f3888145c03650aa23ce894c3bd889e030d565071c59f409a9981b51878fd6fc110624dcbcde0bf7a69ccce38fabdf86f3bef6044819de11
-Output = c650ddbb0601c19ca11439e1640dd931f43c518ea5bea70d3dcde5f4191fe53f00cf966546b72bcc7d58be2b9badef28743954e3a44a23f880e8d4f1cfce2d7a61452d26da05896f0a50da66a239a8a188b6d825b3305ad77b73fbac0836ecc60987fd08527c1a8e80d5823e65cafe2a3d00
-
-OneShotDigestSign = NULL
-Availablein = default
-Key = ED448-8
-Input = 6ddf802e1aae4986935f7f981ba3f0351d6273c0a0c22c9c0e8339168e675412a3debfaf435ed651558007db4384b650fcc07e3b586a27a4f7a00ac8a6fec2cd86ae4bf1570c41e6a40c931db27b2faa15a8cedd52cff7362c4e6e23daec0fbc3a79b6806e316efcc7b68119bf46bc76a26067a53f296dafdbdc11c77f7777e972660cf4b6a9b369a6665f02e0cc9b6edfad136b4fabe723d2813db3136cfde9b6d044322fee2947952e031b73ab5c603349b307bdc27bc6cb8b8bbd7bd323219b8033a581b59eadebb09b3c4f3d2277d4f0343624acc817804728b25ab797172b4c5c21a22f9c7839d64300232eb66e53f31c723fa37fe387c7d3e50bdf9813a30e5bb12cf4cd930c40cfb4e1fc622592a49588794494d56d24ea4b40c89fc0596cc9ebb961c8cb10adde976a5d602b1c3f85b9b9a001ed3c6a4d3b1437f52096cd1956d042a597d561a596ecd3d1735a8d570ea0ec27225a2c4aaff26306d1526c1af3ca6d9cf5a2c98f47e1c46db9a33234cfd4d81f2c98538a09ebe76998d0d8fd25997c7d255c6d66ece6fa56f11144950f027795e653008f4bd7ca2dee85d8e90f3dc315130ce2a00375a318c7c3d97be2c8ce5b6db41a6254ff264fa6155baee3b0773c0f497c573f19bb4f4240281f0b1f4f7be857a4e59d416c06b4c50fa09e1810ddc6b1467baeac5a3668d11b6ecaa901440016f389f80acc4db977025e7f5924388c7e340a732e554440e76570f8dd71b7d640b3450d1fd5f0410a18f9a3494f707c717b79b4bf75c98400b096b21653b5d217cf3565c9597456f70703497a078763829bc01bb1cbc8fa04eadc9a6e3f6699587a9e75c94e5bab0036e0b2e711392cff0047d0d6b05bd2a588bc109718954259f1d86678a579a3120f19cfb2963f177aeb70f2d4844826262e51b80271272068ef5b3856fa8535aa2a88b2d41f2a0e2fda7624c2850272ac4a2f561f8f2f7a318bfd5caf9696149e4ac824ad3460538fdc25421beec2cc6818162d06bbed0c40a387192349db67a118bada6cd5ab0140ee273204f628aad1c135f770279a651e24d8c14d75a6059d76b96a6fd857def5e0b354b27ab937a5815d16b5fae407ff18222c6d1ed263be68c95f32d908bd895cd76207ae726487567f9a67dad79abec316f683b17f2d02bf07e0ac8b5bc6162cf94697b3c27cd1fea49b27f23ba2901871962506520c392da8b6ad0d99f7013fbc06c2c17a569500c8a7696481c1cd33e9b14e40b82e79a5f5db82571ba97bae3ad3e0479515bb0e2b0f3bfcd1fd33034efc6245eddd7ee2086ddae2600d8ca73e214e8c2b0bdb2b047c6a464a562ed77b73d2d841c4b34973551257713b753632efba348169abc90a68f42611a40126d7cb21b58695568186f7e569d2ff0f9e745d0487dd2eb997cafc5abf9dd102e62ff66cba87
-Output = e301345a41a39a4d72fff8df69c98075a0cc082b802fc9b2b6bc503f926b65bddf7f4c8f1cb49f6396afc8a70abe6d8aef0db478d4c6b2970076c6a0484fe76d76b3a97625d79f1ce240e7c576750d295528286f719b413de9ada3e8eb78ed573603ce30d8bb761785dc30dbc320869e1a00
-
-# Verify test
-OneShotDigestVerify = NULL
-Availablein = default
-Key = ED448-1-PUBLIC
-Input = ""
-Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652600
-
-# Corrupted input
-OneShotDigestVerify = NULL
-Availablein = default
-Key = ED448-1-PUBLIC
-Input = "bad"
-Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652600
-Result = VERIFY_ERROR
-
-# Corrupted signature
-OneShotDigestVerify = NULL
-Availablein = default
-Key = ED448-1-PUBLIC
-Input = ""
-Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652601
-Result = VERIFY_ERROR
-
-# Make sure update calls return an error
-DigestSign = NULL
-Availablein = default
-Key = ED448-1
-Input = "Test"
-Result = DIGESTUPDATE_ERROR
-
-DigestVerify = NULL
-Availablein = default
-Key = ED448-1-PUBLIC
-Input = "Test"
-Result = DIGESTUPDATE_ERROR
-
-# Attempt to set invalid digest
-DigestSign = SHA256
-Availablein = default
-Key = ED448-1
-Result = DIGESTSIGNINIT_ERROR
-
-# Raw keys
-OneShotDigestSign = NULL
-Availablein = default
-Key = ED448-1-Raw
-Input = ""
-Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652600
-
-OneShotDigestVerify = NULL
-Availablein = default
-Key = ED448-1-PUBLIC-Raw
-Input = ""
-Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652600
-
-#Signature malelability test.
-#Same as the verify operation above but with the order added to s
-OneShotDigestVerify = NULL
-Availablein = default
-Key = ED448-1-PUBLIC-Raw
-Input = ""
-Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980f25278d3667403c14bcec5f9cfde9955ebc8333c0ae78fc86e518317c5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e656600
-Result = VERIFY_ERROR
-
-# Key generation tests
-KeyGen = rsaEncryption
-Availablein = default
-Ctrl = rsa_keygen_bits:128
-KeyName = tmprsa
-Result = KEYGEN_GENERATE_ERROR
-Reason = key size too small
-
-# RSA-PSS with restrictions, should succeed.
-KeyGen = RSASSA-PSS
-Availablein = default
-KeyName = tmppss
-Ctrl = rsa_pss_keygen_md:sha256
-Ctrl = rsa_pss_keygen_mgf1_md:sha512
-
-# Check MGF1 restrictions
-DigestVerify = SHA256
-Availablein = default
-Key = tmppss
-Ctrl = rsa_mgf1_md:sha256
-Result = PKEY_CTRL_ERROR
-
-# Test valid digest and MGF1 parameters. Verify will fail
-DigestVerify = SHA256
-Availablein = default
-Key = tmppss
-Ctrl = rsa_mgf1_md:sha512
-Input = ""
-Output = ""
-Result = VERIFY_ERROR
-
-# Check caching of key MGF1 digest restriction
-DigestVerify = SHA256
-Availablein = default
-Key = tmppss
-Ctrl = rsa_mgf1_md:sha1
-Result = PKEY_CTRL_ERROR
-
-Title = RFC7919 DH tests
-
-# Key generation test
-KeyGen = dhKeyAgreement
-Availablein = default
-Ctrl = dh_param:ffdhe2048
-KeyName = tmpdh
-
-# ffdhe2048-1 and ffdhe2048-2 were randomly generated and have a shared secret
-# less than 256 bytes in length (to test padding) other keys have no special
-# properties
-PrivateKey=ffdhe2048-1
------BEGIN PRIVATE KEY-----
-MIIBQwIBADCCARsGCSqGSIb3DQEDATCCAQwCggEBAP//////////rfhUWKK7Spqv
-3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT
-3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId
-8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu
-Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD
-/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhKFyX//////////8C
-AQICAgDhBB8CHQGUa5iGUF9rGvDjv9PDFGIvtS9OIqbbi8rqm4b6
------END PRIVATE KEY-----
-
-PrivateKey=ffdhe2048-2
------BEGIN PRIVATE KEY-----
-MIIBQwIBADCCARsGCSqGSIb3DQEDATCCAQwCggEBAP//////////rfhUWKK7Spqv
-3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT
-3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId
-8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu
-Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD
-/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhKFyX//////////8C
-AQICAgDhBB8CHQEYNZIth+/EaIgKK2gcxFutVjUTWYCaReyTKMvP
------END PRIVATE KEY-----
-
-PublicKey=ffdhe2048-1-pub
------BEGIN PUBLIC KEY-----
-MIICKTCCARsGCSqGSIb3DQEDATCCAQwCggEBAP//////////rfhUWKK7Spqv3FYg
-Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V
-1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih
-Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n
-Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb
-TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhKFyX//////////8CAQIC
-AgDhA4IBBgACggEBAOYRygvHGUKaIXLfUatc2YkYcm9Ew65H0hwpiDXG6XHAYAjJ
-bjKNJxdFRjjeCwtJEAGlyUtjSHrka6dHDfzkQfDK6u13Z+3Xmh+nCMZwPOHDNR3I
-Ep5vy3quU7suD3ADDrjwX3sVfsXensgh+JpexbrR+leHATf8aX1g8jQofFdi1Wn7
-CbE6VciU4b32L8HPwO1ePpJGib70Em45VurmUfCwNXgEUnu1N6LYRAjH9vnjB529
-C3BSp58rJnA2aslacC0CFY6YVCQfLTdN7y+F5QlGrdGd6wQmf3FXPLf9iYSiuLrm
-jW/WDFmPnwAn5A7TEgiNeNu8pwsSKPgZqdW+lyw=
------END PUBLIC KEY-----
-
-PublicKey=ffdhe2048-2-pub
------BEGIN PUBLIC KEY-----
-MIICKTCCARsGCSqGSIb3DQEDATCCAQwCggEBAP//////////rfhUWKK7Spqv3FYg
-Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V
-1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih
-Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n
-Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb
-TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhKFyX//////////8CAQIC
-AgDhA4IBBgACggEBAN5LAdrzTwa7nT7855NJQLNum5Yr1O8XZupjvwtVIrJgORvh
-L8VMKJoerEwOZ38snTsh9tuKnAWrmdIyFhnOjaHm40GlvInQGff5Lwb1itf7ib3U
-ELPOO29PajwY1RocWKX7Wfdj8n6Kd9gHhdoO5v8MyZMCkUU6Rz6y1VzaVwykdsqA
-kbMdZfK8Dkpd5PBZ8SJpJF02IEzvh5OYfjcbMN2K0lDO5ZvoMYQku7yXr6PfJebC
-CpoVOaoqH19n3g8Xni8IFi7znI83UqxKuYhyYCuMwtE+HS+9WkmkQ1coo512Gw2f
-TcY3pf9gGZ41xLFxCOdrUbR3QlieI+zl+TttLzM=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ffdhe2048-1:ffdhe2048-1-pub
-
-PrivPubKeyPair=ffdhe2048-2:ffdhe2048-2-pub
-
-Derive=ffdhe2048-1
-Availablein = default
-PeerKey=ffdhe2048-2-pub
-SharedSecret=6620DD85B56EE8540C8040CAC46B7385344A164E4DBDF521F7D99F88FA68EDD295A45E36E0BBD5FF5DE84598824E2CA52ED82ACA918CAECC6B22846D0FC6F0203E8B6963964D11E9E704F83AF1D60E9B1931139E9E9967C4665A831A75D99359A8BA80DD5921E74379AF4CA8DB453EDBC5E669AB17A5254CA6C96794CD5196BE90AF37742C8F6812515FFCC45B08F4158EFF9559F1AEF3665B3D91519DCBC6DF22CD6DA521B86613558602E73D2CA4666972F7D2CB6B46299B1DF2DA29A2A2D99D105E10CB553D6738A9B1DB2A0314C3CF30642D5C44695623D8B95C4426BEA830FB51816B4F086945E9B12A445F42DD68610E3F378A6E69A383D13D85BF
-
-Derive=ffdhe2048-2
-Availablein = default
-PeerKey=ffdhe2048-1-pub
-SharedSecret=6620DD85B56EE8540C8040CAC46B7385344A164E4DBDF521F7D99F88FA68EDD295A45E36E0BBD5FF5DE84598824E2CA52ED82ACA918CAECC6B22846D0FC6F0203E8B6963964D11E9E704F83AF1D60E9B1931139E9E9967C4665A831A75D99359A8BA80DD5921E74379AF4CA8DB453EDBC5E669AB17A5254CA6C96794CD5196BE90AF37742C8F6812515FFCC45B08F4158EFF9559F1AEF3665B3D91519DCBC6DF22CD6DA521B86613558602E73D2CA4666972F7D2CB6B46299B1DF2DA29A2A2D99D105E10CB553D6738A9B1DB2A0314C3CF30642D5C44695623D8B95C4426BEA830FB51816B4F086945E9B12A445F42DD68610E3F378A6E69A383D13D85BF
-
-Derive=ffdhe2048-1
-Availablein = default
-PeerKey=ffdhe2048-2-pub
-Ctrl = dh_pad:1
-SharedSecret=00006620DD85B56EE8540C8040CAC46B7385344A164E4DBDF521F7D99F88FA68EDD295A45E36E0BBD5FF5DE84598824E2CA52ED82ACA918CAECC6B22846D0FC6F0203E8B6963964D11E9E704F83AF1D60E9B1931139E9E9967C4665A831A75D99359A8BA80DD5921E74379AF4CA8DB453EDBC5E669AB17A5254CA6C96794CD5196BE90AF37742C8F6812515FFCC45B08F4158EFF9559F1AEF3665B3D91519DCBC6DF22CD6DA521B86613558602E73D2CA4666972F7D2CB6B46299B1DF2DA29A2A2D99D105E10CB553D6738A9B1DB2A0314C3CF30642D5C44695623D8B95C4426BEA830FB51816B4F086945E9B12A445F42DD68610E3F378A6E69A383D13D85BF
-
-PrivateKey=ffdhe3072-1
------BEGIN PRIVATE KEY-----
-MIIByQIBADCCAZsGCSqGSIb3DQEDATCCAYwCggGBAP//////////rfhUWKK7Spqv
-3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT
-3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId
-8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu
-Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD
-/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8
-NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0
-/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K
-vNBr+lPd7zwbIO4/1Z18JeQdK2bGLjf//////////wIBAgICARMEJQIjB8TRLx6q
-XYQJ0RAM+5ztVLhy9EXNdjY0EYODS7TFi5RZLE4=
------END PRIVATE KEY-----
-
-PrivateKey=ffdhe3072-2
------BEGIN PRIVATE KEY-----
-MIIByQIBADCCAZsGCSqGSIb3DQEDATCCAYwCggGBAP//////////rfhUWKK7Spqv
-3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT
-3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId
-8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu
-Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD
-/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8
-NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0
-/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K
-vNBr+lPd7zwbIO4/1Z18JeQdK2bGLjf//////////wIBAgICARMEJQIjBG9DysbR
-qsyURRygCXP6Z6CsUGaQR9/JD+RxbZ8P13po5PM=
------END PRIVATE KEY-----
-
-PublicKey=ffdhe3072-1-pub
------BEGIN PUBLIC KEY-----
-MIIDKTCCAZsGCSqGSIb3DQEDATCCAYwCggGBAP//////////rfhUWKK7Spqv3FYg
-Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V
-1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih
-Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n
-Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb
-TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe
-+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS
-4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr
-+lPd7zwbIO4/1Z18JeQdK2bGLjf//////////wIBAgICARMDggGGAAKCAYEAmPK9
-gPzxh69NyUdmvd76E2VjitXRFhA6mZvTD9zh9Isbl66yezKJcYROUv4HK81LNonz
-RaP5je7LXA/Vj4KkQEfjP/W00gZ/uMmi2hSQ0KbBuwRd/ECYwoigs+p9bjN4ZGra
-rYmQLiX2uJz2KSkx3YpM9cMH9Q41qdskGnK0QnMntwTysZ7Sdk7yeNaKUdZ3G4sA
-lUCEUAOr7lD8tV1fPjgMLL4EVsiZEF1v3TY5mY7ydcYPIrvrKXUKqrr7UsAdxt+r
-BATWe3V+JUGpsVjDLYUgaB95PkdSQtdNa094nanx+evI3vYZE9Vm/A/DNBTJuTlV
-rogeIx+Lq3foVUsW6nuJiGKYhbwI5xqFw+WEPMqa5QiIdoUqDExXkCi1mqxyivZ0
-VW5yVac/67e9od3oMlWGU2tXvJwxIzhCBpjK8oBFxd2jFZ0BdTwBlI+Jpx5AW7oE
-la7P7Rxy1rkGTFs8ZSWM2cUdzBxsbwdWrmSZ6JjQstr8ST++TXC5F7ZBKaOu
------END PUBLIC KEY-----
-
-PublicKey=ffdhe3072-2-pub
------BEGIN PUBLIC KEY-----
-MIIDKDCCAZsGCSqGSIb3DQEDATCCAYwCggGBAP//////////rfhUWKK7Spqv3FYg
-Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V
-1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih
-Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n
-Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb
-TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe
-+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS
-4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr
-+lPd7zwbIO4/1Z18JeQdK2bGLjf//////////wIBAgICARMDggGFAAKCAYAWP0Ft
-61TNzHfeUEGhr1gjw9cs3GfCGvx9Rbhql6oUA3tQdSOODxQCnLBv7KFnhRwhhh/Z
-6BRRC3rX4HYeRsLxlFeOmOzv0Ty6vhnpJnhf8648ujLXdT1r/0G53OR5v5QFTzLq
-eAIYDV86EYL1/ffONV3P+OKQqpPx/kgmtKPsmr+U01KbfJk44uFkyR3bUnHq3cXj
-wrNCxdazibp3Iqt2jZblWdsUvBzj8VGNOQmTvxySjbJHJVtLAEZsboZQzvdV9n9f
-xC4/PxxI45s9/NT6JjN2+At3CPMSup1Dr9P98NYFh01bvWcIzUVUznUkNj732M3V
-IsPpUEq6WJR8bISdnc+HTWhjULxjbAN/ptz1K1aU3JwI2aG2sHt6r0m8ug9V1y2X
-Yr2hU7ohBoHhJxxmSbcqjzoQ9wdEvenfFjY+IydQ6j09AAPvBkNYwOVFOKp8TIr4
-VZwIwf1eFAzs8mbbl+sFZENEM2aTpQL56AUv9FnGcg3AnVKs5/UJ8W0FYZw=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ffdhe3072-1:ffdhe3072-1-pub
-
-PrivPubKeyPair=ffdhe3072-2:ffdhe3072-2-pub
-
-Derive=ffdhe3072-1
-Availablein = default
-PeerKey=ffdhe3072-2-pub
-SharedSecret=59C4B72684E68BC02148DF19FE6BECE40885AD037EE83F28C6E353C87026DAD66BB469C3F252BDC7ADA9271B6AD900620ECA15696B4E85561794A26259D61CAC7B56DDAED27BE2759A4C4BED5F8940784A255635D24E0D7B2BC796142CAF256D7A979240E9C8DD7230562B5D687971C4582A488E7BCA827FA32C4068C3C8B27ACA83E43EE9D7EAB3192F0DD877BA9C25D6334D233FC5752BEFE625B3D5DAE8589122B6C7E76538619E90AF1BD8D078496214C8F740F7BB5BFA284C811BEF5F9C6C1326E396DE17FDD47BE9D979643F2141FABB8950C3CECEEECFD0BB763F4D143A5AE284535F5E29B05E7DAC609D7080B5D1325F8D9242C67AC44482F5AA51131A763C370842D757EC16DE1988DF5BB4E4B6191A03F9E200DB491906871442FA98985DC976D5007C22FD491F49B8F0AB2AFDE0BDEFA18E56A686C712F4EDE53D924AA39CFED6C827CE0AD553132A474009203421F0A9373646200D8BA75725964079CF82D8C0C50AF6EEA4ECB607C02E7DD55C7998B4F849D79BE8867C69C62A
-
-Derive=ffdhe3072-2
-Availablein = default
-PeerKey=ffdhe3072-1-pub
-SharedSecret=59C4B72684E68BC02148DF19FE6BECE40885AD037EE83F28C6E353C87026DAD66BB469C3F252BDC7ADA9271B6AD900620ECA15696B4E85561794A26259D61CAC7B56DDAED27BE2759A4C4BED5F8940784A255635D24E0D7B2BC796142CAF256D7A979240E9C8DD7230562B5D687971C4582A488E7BCA827FA32C4068C3C8B27ACA83E43EE9D7EAB3192F0DD877BA9C25D6334D233FC5752BEFE625B3D5DAE8589122B6C7E76538619E90AF1BD8D078496214C8F740F7BB5BFA284C811BEF5F9C6C1326E396DE17FDD47BE9D979643F2141FABB8950C3CECEEECFD0BB763F4D143A5AE284535F5E29B05E7DAC609D7080B5D1325F8D9242C67AC44482F5AA51131A763C370842D757EC16DE1988DF5BB4E4B6191A03F9E200DB491906871442FA98985DC976D5007C22FD491F49B8F0AB2AFDE0BDEFA18E56A686C712F4EDE53D924AA39CFED6C827CE0AD553132A474009203421F0A9373646200D8BA75725964079CF82D8C0C50AF6EEA4ECB607C02E7DD55C7998B4F849D79BE8867C69C62A
-
-PrivateKey=ffdhe4096-1
------BEGIN PRIVATE KEY-----
-MIICTwIBADCCAhsGCSqGSIb3DQEDATCCAgwCggIBAP//////////rfhUWKK7Spqv
-3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT
-3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId
-8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu
-Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD
-/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8
-NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0
-/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K
-vNBr+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3
-Y88dVQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJ
-KZmjM8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHG
-igB+XmVfav//////////AgECAgIBRQQrAikf6HJGrPpToTmXJq6x8ZlcUpBK/RDk
-5e93wdj9M96Bp6CK5KDTX91DPg==
------END PRIVATE KEY-----
-
-PrivateKey=ffdhe4096-2
------BEGIN PRIVATE KEY-----
-MIICTwIBADCCAhsGCSqGSIb3DQEDATCCAgwCggIBAP//////////rfhUWKK7Spqv
-3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT
-3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId
-8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu
-Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD
-/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8
-NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0
-/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K
-vNBr+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3
-Y88dVQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJ
-KZmjM8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHG
-igB+XmVfav//////////AgECAgIBRQQrAikaMtvYLrkftmq+ryrWoSoyH8fA0OXp
-jwrNxAPiOZFBxvPImUEi3lOoxA==
------END PRIVATE KEY-----
-
-PublicKey=ffdhe4096-1-pub
------BEGIN PUBLIC KEY-----
-MIIEKDCCAhsGCSqGSIb3DQEDATCCAgwCggIBAP//////////rfhUWKK7Spqv3FYg
-Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V
-1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih
-Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n
-Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb
-TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe
-+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS
-4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr
-+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3Y88d
-VQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJKZmj
-M8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHGigB+
-XmVfav//////////AgECAgIBRQOCAgUAAoICAFmvIlVGC+VP3rxxLYMoEM3h0yvn
-pO086y+sRkf97FRppQxCbHaDwz64f0Bopzq8YbJE/OM7nhwAVH/L+6iFKsdENj5l
-LLaYIy1q/GR5SGC9yWjfkHKQaeVR2gCqn8IpKj/1JK1Km+rZE5UNF1v4zxurjNYw
-FKaPDF1dTtvfEzABQmf8ZX9vNSYJmbvCAzjNArcFwypuHZCFaoTAJHxwD4grWt2m
-EJ7FCigRt3sE+o5L6ZfgdOwj2V23JANMuDPIb7F/n1TOjSChMJA+Dg0e2WMO00Et
-19ce7MWMMwpPx7/vYukIaIQXcxFVJluwJf+qXu3oplAGe+8WuIzI1OBN9SEFO2PH
-s9TG33rUeSTU0jVtJS6qSsaLWKT0QRHv7hQCtCtH0l0vDuH/WhzSJmf68adZSiRI
-RSeJgYLocyOOXleP9/+iZOJ0n5617AbR1nBLOsh82tN4H0CsMi+TeNIlLA8RbFGu
-A442i70xx5YJaccV9YwEQJzIOpBd8DuGIvzXCuyf8756cn5KKTTtKTM4Cy50DH7z
-8URTx3+0uOodKOtIYyFSMYzTQCQFluPXfelR3t1aP2uRXqfC0bziw1OYb794xYx6
-cIlLbC0e0hiBpzTXWUJHb6rjtDfh+HnHlSUGWCGFoV0H5Cx6my9t/WBEnMlbjSMW
-DMW1av+3Na95903x
------END PUBLIC KEY-----
-
-PublicKey=ffdhe4096-2-pub
------BEGIN PUBLIC KEY-----
-MIIEKTCCAhsGCSqGSIb3DQEDATCCAgwCggIBAP//////////rfhUWKK7Spqv3FYg
-Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V
-1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih
-Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n
-Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb
-TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe
-+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS
-4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr
-+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3Y88d
-VQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJKZmj
-M8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHGigB+
-XmVfav//////////AgECAgIBRQOCAgYAAoICAQCdwSzypLeaeUauw2sV4oo1aTj3
-211HYCdPsP7qdyv7u08MD6HA2LIfbsi98J9B53v+LpIITbW5axwinYahc09lbf2Q
-Dwy5AiETXKQZqhJkbypMLax1N5TDwzXzM1JxBzmATGcX6CXfrWQ7XzKHDLvjI7W4
-WEOz+OMeV8F85B8dxf/p+hbOiIrv98iG1S15PGUDsx3r1ischqfJpQ3mNEP0qF+L
-904D5S1Y7KI/jHCZlo95HgrjHOSg73cnj4VKGhnStKatscWiMgh5rWC81vYpQDZx
-mqDyJEaz2XgrU4vlJT0zd/gWdDIqPpnhcE7vjO1e5hvdOhn75hIUNZejxw7/oT81
-59jLolbd+xpX4aIwqC+Gn4jgm8c8Z+QO7vQzlgbtSBFV9srDHvagmIWqr3lDDXgQ
-Tf3G0UV3EsxGKj3OGTIw4DAe22W2d2LDUlBp3N+lFrt6OEFtcLbnXoi1b7ig0gPn
-30p6bW9AZ/qL5SCfAYbtKDcRIyaqZ6MeG9qTzUIt/V4RQfaOuD3KrAj0jjCDKS7u
-pPxWYrb9jR0O9hDLnKfZr0zAI3X+X1JdXJpW8JFU6Av2LufYpoq3V5tXHdduwJwM
-ycc1F1F0Eu3KNknFa0SsQRhNWtMVDpPe2/gfd0DmastSkCieE0QtAVd0xb360mO+
-g9yTcM3iUEcuz/oz4w==
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ffdhe4096-1:ffdhe4096-1-pub
-
-PrivPubKeyPair=ffdhe4096-2:ffdhe4096-2-pub
-
-Derive=ffdhe4096-1
-Availablein = default
-PeerKey=ffdhe4096-2-pub
-SharedSecret=B92DCFD06BA13D2E740CE295BA5748F0A8BC7F2AA23E6E9CC8D5FE01A783DA5F12C2B190B77D6A3CD69FE2B340C98AA2F612CE5A3FA34C168C2B1A3067B143043F46D354C5FFD79DDAC0097A5A1375B1F41A95918D49499116CA6D39377548FF23AC2248CFDE2064106F426FB45D9A626B614C5DF54872DB3216857472406C83449BED15385839D01B6F67CC8EC7F7DA35389B01333E6E8AD2F366BA56B6DB1F3FD726AB4C7F99E2D0AB9BABC6D4B8F6244B9706D4942984E2DD046831E05C51571E3EA9B1E665D5419E89378F7315BB2DEFD258A8FF44242D6908EC2E15A48D2F61820616935A72BF18309903A492F2646DA91AE5ABD3A4B3D934FF3811415B5385A276E082B4DE960CFE82FE3EE4909C2C8847EE2D839F419365B7B2EF38646EE182EF3531CCBEEE4115E57D71BFF808C0379057805D82317176CC913F058635F2B30705F456CCB3C518905F18A0902F6A74DECC48BCCDAF0C3004FE233D2FAFB60EB79204DDA7B791F911D763A3A0FBDD0926644F7004D5AD57EFF787DD54C81C4E9828B8501B44468ABCA6189A8DC00E666F813D7EF21A472F36E5F3338405C3FF4433FFBEF867677791C848E0B62D0099EE59E3A8ACDCCA4ABDB2CD6C58A8C7E76BE37FD922BB29DCA0F5B70714BDAF3183C09982EE4716BC656A3A8D63F7B26201C5D803923D1CE7BCE2843376F02E580D91B63B2B7480BBF32E9551ED
-
-Derive=ffdhe4096-2
-Availablein = default
-PeerKey=ffdhe4096-1-pub
-SharedSecret=B92DCFD06BA13D2E740CE295BA5748F0A8BC7F2AA23E6E9CC8D5FE01A783DA5F12C2B190B77D6A3CD69FE2B340C98AA2F612CE5A3FA34C168C2B1A3067B143043F46D354C5FFD79DDAC0097A5A1375B1F41A95918D49499116CA6D39377548FF23AC2248CFDE2064106F426FB45D9A626B614C5DF54872DB3216857472406C83449BED15385839D01B6F67CC8EC7F7DA35389B01333E6E8AD2F366BA56B6DB1F3FD726AB4C7F99E2D0AB9BABC6D4B8F6244B9706D4942984E2DD046831E05C51571E3EA9B1E665D5419E89378F7315BB2DEFD258A8FF44242D6908EC2E15A48D2F61820616935A72BF18309903A492F2646DA91AE5ABD3A4B3D934FF3811415B5385A276E082B4DE960CFE82FE3EE4909C2C8847EE2D839F419365B7B2EF38646EE182EF3531CCBEEE4115E57D71BFF808C0379057805D82317176CC913F058635F2B30705F456CCB3C518905F18A0902F6A74DECC48BCCDAF0C3004FE233D2FAFB60EB79204DDA7B791F911D763A3A0FBDD0926644F7004D5AD57EFF787DD54C81C4E9828B8501B44468ABCA6189A8DC00E666F813D7EF21A472F36E5F3338405C3FF4433FFBEF867677791C848E0B62D0099EE59E3A8ACDCCA4ABDB2CD6C58A8C7E76BE37FD922BB29DCA0F5B70714BDAF3183C09982EE4716BC656A3A8D63F7B26201C5D803923D1CE7BCE2843376F02E580D91B63B2B7480BBF32E9551ED
-
-PrivateKey=ffdhe6144-1
------BEGIN PRIVATE KEY-----
-MIIDVQIBADCCAxsGCSqGSIb3DQEDATCCAwwCggMBAP//////////rfhUWKK7Spqv
-3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT
-3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId
-8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu
-Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD
-/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8
-NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0
-/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K
-vNBr+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3
-Y88dVQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJ
-KZmjM8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHG
-igB+Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyz
-jowzTHAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNig
-DvCSNQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLu
-qsAjKigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQ
-XcgtuFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmli
-ppUm1DFhwaQdVw15ONrUpA4ynNDkDmX//////////wIBAgICAXcEMQIvSAtU6kL4
-Q04G+z7VkF75A9mRrvM+4UWu9+nOPeAWZfTLU5OqNFUuupM+ZXHNGs8=
------END PRIVATE KEY-----
-
-PrivateKey=ffdhe6144-2
------BEGIN PRIVATE KEY-----
-MIIDVQIBADCCAxsGCSqGSIb3DQEDATCCAwwCggMBAP//////////rfhUWKK7Spqv
-3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT
-3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId
-8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu
-Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD
-/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8
-NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0
-/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K
-vNBr+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3
-Y88dVQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJ
-KZmjM8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHG
-igB+Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyz
-jowzTHAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNig
-DvCSNQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLu
-qsAjKigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQ
-XcgtuFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmli
-ppUm1DFhwaQdVw15ONrUpA4ynNDkDmX//////////wIBAgICAXcEMQIvQJ+3F7o/
-XE6oeVRpsU2/uXFpNvtD8s2NMEZqecJQLHVJetCYm1TgrIW1T9WH8Mg=
------END PRIVATE KEY-----
-
-PublicKey=ffdhe6144-1-pub
------BEGIN PUBLIC KEY-----
-MIIGKDCCAxsGCSqGSIb3DQEDATCCAwwCggMBAP//////////rfhUWKK7Spqv3FYg
-Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V
-1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih
-Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n
-Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb
-TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe
-+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS
-4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr
-+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3Y88d
-VQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJKZmj
-M8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHGigB+
-Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyzjowz
-THAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNigDvCS
-NQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLuqsAj
-Kigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQXcgt
-uFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmlippUm
-1DFhwaQdVw15ONrUpA4ynNDkDmX//////////wIBAgICAXcDggMFAAKCAwBzyuwl
-M1Ob9DJTGZFXugtmiHnnrC1Fuct0huyPoASXtbCo95FNnOqUe6VNfcMwagTmiD/t
-h3NRki3CvzchadgeJgQAJlyFzbRQr/NhwPNFkSKT08fMNe+InrVqvpz13tN6vJ7Y
-nSPJZXIwX1dHp7TgNatEFKc6sIYO2yy7WUNPVRokRtRH0F4ceXO/eMdQtjJ3coR5
-HPflfNJxPOlonygJ9Blk4tO7ngqAyifqVUVgVXqvUx1Wkpzo1t91HrG6YExrok9V
-92D8LXXS2qMfKvI66sF6avpBowyOoTj9pTvRW/z3umEmPLKzpVURzrzEa7MwDsmc
-sdNz9QWWHFCW5Jd2pPzuJnH55amZsKoEl2Bel62SrbzzjGKZBn1sxT6LyPrnJdZX
-fjiThE9E2fObPRA5A4dgxlmHsjbmMn3ERSQJdnQqaMme0PBzcZgZqLzULR3wWCh8
-r2dMoce4972VA6KvVSkxv0RfltrGhfCT+ERoaFg5Rcn/Sa2rXQEPT2wmhc1McjyU
-KMdYjstamKNurZPdfMU8pL9t/DUmWlr4ruDmgK1T9ODxyyGQHAf6/2JlCXv6cbks
-r+ZtEF3nBJ8cwLyiqaCEgMtXfoP64a/AcXeCvEnQgssq3Zot6pGRaUF162d1d+7R
-ekQ5ZIvEIVqhg/4OWhjK45jJw+MoA+tXRmXCpTyDq2sq3GMLQntWzDSns5WGBHY3
-oC7hQUSEQF3GjBiAkOgFGgSR/N4V8iL/DeRRodB/Sbo7lbJlFL8wdiZhZN0bAVyB
-bdsCUNBtCCK8gMqv4+wJBlQnZFX8XWVGahqQ3ph5WZce0IDvhOoCilLGP9PQLLHD
-sLLOfYgMB/h/UnEF+5Nmsn17EF6R48+JcBkAlfnCK5zFXlK6T9wJE2MuaBatbDLf
-TeSmUtWtEBNADNoVZHzEt0sxQimu+U8LAbuvkBmCqkZZLhlKNtEgNQYsZeOa1PSF
-Xf4grDcL+jWdbCohl06eB8gADPMFzkTxGNxf7PDNUD0qR76Y657h58CeRSw=
------END PUBLIC KEY-----
-
-PublicKey=ffdhe6144-2-pub
------BEGIN PUBLIC KEY-----
-MIIGKTCCAxsGCSqGSIb3DQEDATCCAwwCggMBAP//////////rfhUWKK7Spqv3FYg
-Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V
-1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih
-Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n
-Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb
-TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe
-+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS
-4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr
-+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3Y88d
-VQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJKZmj
-M8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHGigB+
-Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyzjowz
-THAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNigDvCS
-NQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLuqsAj
-Kigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQXcgt
-uFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmlippUm
-1DFhwaQdVw15ONrUpA4ynNDkDmX//////////wIBAgICAXcDggMGAAKCAwEApE+s
-hUrveNP2zEv2CVJjLd4J58258c5kZDsMZmWE8k2LEJ04atl0Xa0G4ftlf8A3rDEu
-r22KJNZB+F6WBqpk/rzB6RDKC276ulE9+Aa3v2KXjQZAyLimro41T+mAVh15Anb4
-1ivcwCuL70BGT4wg6+bsgwfm1x7Q63DkqARk0FrNMO9dMibI6Y7Pg1gpU0cz975G
-VsxWvFeA8EfS/eC8KaBGHiSSWwKofDz2Y5pYZOnmjgh+8b2zEuVHdyOQ8fnoreDg
-nTnvkjjYH/4Gw5Y/XtmN7slbHywGCs51ujGiIqZf0U3/1IBnA/ir2FKSfbFZYySX
-Y/i8bSx9orvz9xEmOfUmoxil0TjWpaOx+T9e1IqWijmLqnt2zleBu6FSB9/F+2RG
-f6sPqLAs7lGBsby/uIpXNwuUkYHNc1tVdGyX+9dcQWTTMD88WyC33MIPOuiU5Svu
-nGx2VSX8wtsxDp4MxkVMxBleJHzDmdBkpJZDlWb6u1Fxrok5KktLCxN1wtLpJPEB
-+ZNLnI98QXYpII2sXJWebB/EpD9OCj6J0gXJ6E+jXEkzZVGPvt+7betdP8Dzpg2i
-URC/uYcwpK9cWuCnwo9jnXAlLwDLpOhSCYxileW6kDLCWDh4b/LduZnDNX/ycdcH
-zTarTiYELHBzGAhhMt/SWB8bfVIhoEY2MOHl50ipMsmw2h27LqSNSW7RTreWziTR
-uxhvz7Z+aQODz/DfnWbh3tuaNBpxr7Z93K1jdaMUcbe2pjqDhd6vK9Ez4xPxeM2V
-ELjEQ2iTT1EDr4fjhzdbIBL58rbaTK7/Q513Iq4gXDSgrf7YlXzvxlHKA/M4vYLX
-Ymd+ih12vdfj4ZF09eZJgkY9WmdrHeLEJWqAj2G9UONZFsDgXrwU9gIcmiwGaEDk
-58C/g5aQb2XPJE08E2pmeXJJTqROWHXNrkTOnJfWoHsxTHwpmjzDUkZ2jUowDhEA
-MUudIw1y4BTPvz7EIlEY+Lz9loyuGQwgMYGg8tsxvyFuOA9IsdF4DHHcjQ6W
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ffdhe6144-1:ffdhe6144-1-pub
-
-PrivPubKeyPair=ffdhe6144-2:ffdhe6144-2-pub
-
-Derive=ffdhe6144-1
-Availablein = default
-PeerKey=ffdhe6144-2-pub
-SharedSecret=02B4252E4F0F659E78A58223DE9044AD90A0CC22DB5DE4F4815BF7226B7E663AE1B548A1ADB4ED81E9AF0B62FF985BF1E9893E39BA56FD843B6A134923156DD7D51DE9811B14ABA4494EAA95DA2AF8ACAD6AB2480A96A5DB99B46456FDEBDF1083220566F5DD3EC52DD06E72558B4701B528C989C06CE245EEF6215F487CFD1580615E6FE7D036985782E9BCC7ED62D2AA5A869FBF668391A0E601C2EC7A9A2E0DB57736C54ACA751E1085ABD4A55D506EFAB6FFC51AEEA33DD5EA651AA613E5F77BC81D2489FABABC8AEEF1DE5B65C3584F4080E4324EF3722AB4BF67A8FCABAE430996E454CA985B886D1B6BB5FF2C5246A8C001D953751EB59C47DAC678EE890DE817D9A06877E86516291A170ABE2273C4ADCF638713D98283F90DA17478759537C58A5D7D6AAC54C0485CAC2407A76079625ED285444ECA18127FF42419FADBDA2EDD5300CCB5F69543BCB74005BECE1FED763B06766B05EF2E20B685B92910C16B70165D111B2F8C59C6C79E5BCAC96FD2A6A969061C6D8626E605DA70E247630CF8A1D419C0E4910A72C164117B92B651CA8C8842E79C06E0E12BF8B67C218FB7FEB0F787EBBD2562E5C88A38013133753AECA5B03ECB54328765F61A6D3B901C38EC8F6582D717C688049893129DCAE597F3888E8E8BBCD9AAC9BDBD087926EAA63592DA66C085CBC408A5EC787CF0E3CE3070918B65B089A23457D0408B626B449221B460D1FD8DCCB280744B322760A53945DCD8FAA03DB4844F27496DA00B30ACC8619679D0AD28CE4464094C6DB2F68332BAD17348637E4D72B0C1EBCBBDDE514691C744F709083A76044AC85AF1B18ACD0B1716773DDB82ED94E02B0DB26205BD683A1F4E390881D556AAC305FCEB7E00AF0E3EC80AF2CD46769ED4F471DC71B60BEF36F6361B4A82C7A7F473F61C566D5206C9EFDC112A48BDDC58691830F64C91F4FB150DC61A334B7D5C3770BDBDC91A5E14C6FB02A369A0A7D2D7B008070289EFBDBB2AFD4D62BCC095E9FF81CB8E0B4F139EFD3CF5EDF243FCC08A8FA7577AEF0548436B589C4A221BE1FCE223024619F99DC66557598F
-
-Derive=ffdhe6144-2
-Availablein = default
-PeerKey=ffdhe6144-1-pub
-SharedSecret=02B4252E4F0F659E78A58223DE9044AD90A0CC22DB5DE4F4815BF7226B7E663AE1B548A1ADB4ED81E9AF0B62FF985BF1E9893E39BA56FD843B6A134923156DD7D51DE9811B14ABA4494EAA95DA2AF8ACAD6AB2480A96A5DB99B46456FDEBDF1083220566F5DD3EC52DD06E72558B4701B528C989C06CE245EEF6215F487CFD1580615E6FE7D036985782E9BCC7ED62D2AA5A869FBF668391A0E601C2EC7A9A2E0DB57736C54ACA751E1085ABD4A55D506EFAB6FFC51AEEA33DD5EA651AA613E5F77BC81D2489FABABC8AEEF1DE5B65C3584F4080E4324EF3722AB4BF67A8FCABAE430996E454CA985B886D1B6BB5FF2C5246A8C001D953751EB59C47DAC678EE890DE817D9A06877E86516291A170ABE2273C4ADCF638713D98283F90DA17478759537C58A5D7D6AAC54C0485CAC2407A76079625ED285444ECA18127FF42419FADBDA2EDD5300CCB5F69543BCB74005BECE1FED763B06766B05EF2E20B685B92910C16B70165D111B2F8C59C6C79E5BCAC96FD2A6A969061C6D8626E605DA70E247630CF8A1D419C0E4910A72C164117B92B651CA8C8842E79C06E0E12BF8B67C218FB7FEB0F787EBBD2562E5C88A38013133753AECA5B03ECB54328765F61A6D3B901C38EC8F6582D717C688049893129DCAE597F3888E8E8BBCD9AAC9BDBD087926EAA63592DA66C085CBC408A5EC787CF0E3CE3070918B65B089A23457D0408B626B449221B460D1FD8DCCB280744B322760A53945DCD8FAA03DB4844F27496DA00B30ACC8619679D0AD28CE4464094C6DB2F68332BAD17348637E4D72B0C1EBCBBDDE514691C744F709083A76044AC85AF1B18ACD0B1716773DDB82ED94E02B0DB26205BD683A1F4E390881D556AAC305FCEB7E00AF0E3EC80AF2CD46769ED4F471DC71B60BEF36F6361B4A82C7A7F473F61C566D5206C9EFDC112A48BDDC58691830F64C91F4FB150DC61A334B7D5C3770BDBDC91A5E14C6FB02A369A0A7D2D7B008070289EFBDBB2AFD4D62BCC095E9FF81CB8E0B4F139EFD3CF5EDF243FCC08A8FA7577AEF0548436B589C4A221BE1FCE223024619F99DC66557598F
-
-PrivateKey=ffdhe8192-1
------BEGIN PRIVATE KEY-----
-MIIEWQIBADCCBBsGCSqGSIb3DQEDATCCBAwCggQBAP//////////rfhUWKK7Spqv
-3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT
-3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId
-8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu
-Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD
-/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8
-NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0
-/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K
-vNBr+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3
-Y88dVQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJ
-KZmjM8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHG
-igB+Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyz
-jowzTHAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNig
-DvCSNQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLu
-qsAjKigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQ
-XcgtuFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmli
-ppUm1DFhwaQdVw15ONrUpA4ynM/0aqo2rQBM9gDIOB5CWjHZUa5k/bI/zslQnUNo
-f+tp7dHMXguMw732SxDvhrYxQqOriClVWy90fJMmZcssDxzAG9cCKTiIOdKvBeRU
-UErHi3WCgihGwLo1w19cWRYMwEb9glFUH8aMnIawIrtwmYdqRg50UaipMQlwP+4c
-IX5sOCblLFGqaR4OQjz8menjFlDBIXtiSBbNrZqV+dW4AZSI2cCgof4wdaV34jGD
-+B1KPy+kVx78jOC6ik/otoVd/nKwpm7e0vur++WKMPr6vhxdcah+L3Qe+MH+hv6m
-u/3lMGd/DZfRHUn3qEQ9CCLlBqn0YU4BHiqUg4/4jNaMi7fFxkJM//////////8C
-AQICAgGQBDUCMwCmIsCXuloAz6Y+lwiHSiQDK3YRde+rRZ2K2pj6HFytJCsjVp88
-9fLrPJUuRBScbgYaCQ==
------END PRIVATE KEY-----
-
-PrivateKey=ffdhe8192-2
------BEGIN PRIVATE KEY-----
-MIIEWQIBADCCBBsGCSqGSIb3DQEDATCCBAwCggQBAP//////////rfhUWKK7Spqv
-3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT
-3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId
-8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu
-Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD
-/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8
-NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0
-/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K
-vNBr+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3
-Y88dVQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJ
-KZmjM8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHG
-igB+Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyz
-jowzTHAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNig
-DvCSNQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLu
-qsAjKigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQ
-XcgtuFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmli
-ppUm1DFhwaQdVw15ONrUpA4ynM/0aqo2rQBM9gDIOB5CWjHZUa5k/bI/zslQnUNo
-f+tp7dHMXguMw732SxDvhrYxQqOriClVWy90fJMmZcssDxzAG9cCKTiIOdKvBeRU
-UErHi3WCgihGwLo1w19cWRYMwEb9glFUH8aMnIawIrtwmYdqRg50UaipMQlwP+4c
-IX5sOCblLFGqaR4OQjz8menjFlDBIXtiSBbNrZqV+dW4AZSI2cCgof4wdaV34jGD
-+B1KPy+kVx78jOC6ik/otoVd/nKwpm7e0vur++WKMPr6vhxdcah+L3Qe+MH+hv6m
-u/3lMGd/DZfRHUn3qEQ9CCLlBqn0YU4BHiqUg4/4jNaMi7fFxkJM//////////8C
-AQICAgGQBDUCMwCJ64IxAZbrPx6XmQG5Jliud12CCXsepFzxQaLdGqV4VtiHzZBl
-O47nScNTRN7Ol2e1Og==
------END PRIVATE KEY-----
-
-PublicKey=ffdhe8192-1-pub
------BEGIN PUBLIC KEY-----
-MIIIKDCCBBsGCSqGSIb3DQEDATCCBAwCggQBAP//////////rfhUWKK7Spqv3FYg
-Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V
-1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih
-Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n
-Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb
-TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe
-+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS
-4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr
-+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3Y88d
-VQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJKZmj
-M8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHGigB+
-Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyzjowz
-THAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNigDvCS
-NQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLuqsAj
-Kigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQXcgt
-uFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmlippUm
-1DFhwaQdVw15ONrUpA4ynM/0aqo2rQBM9gDIOB5CWjHZUa5k/bI/zslQnUNof+tp
-7dHMXguMw732SxDvhrYxQqOriClVWy90fJMmZcssDxzAG9cCKTiIOdKvBeRUUErH
-i3WCgihGwLo1w19cWRYMwEb9glFUH8aMnIawIrtwmYdqRg50UaipMQlwP+4cIX5s
-OCblLFGqaR4OQjz8menjFlDBIXtiSBbNrZqV+dW4AZSI2cCgof4wdaV34jGD+B1K
-Py+kVx78jOC6ik/otoVd/nKwpm7e0vur++WKMPr6vhxdcah+L3Qe+MH+hv6mu/3l
-MGd/DZfRHUn3qEQ9CCLlBqn0YU4BHiqUg4/4jNaMi7fFxkJM//////////8CAQIC
-AgGQA4IEBQACggQAYZTSEWGhvKQeJkBdr/GN4zoD8oGuXpS8nxQctcjzIQfg25dA
-vl/bDaCM+PMEe47H3q6qyWN4VuAlXmnE52hqebVlUiQ/H5dfmaRE1UMxQNLfmTYW
-qpJaN1YFqbCQpng8nmVtqZBtgC6L8nRc9MkOWKgZC95e/sMyPOt0w3LvTZ6Uz9Tw
-w5PuVX6sUC8jOLiJCHFypVeTmZQtfB9+OHxUe7fYN+XYEGeZBfFt4f1b05AjH2/C
-vXO0i6tw0RG96H/nMt1OXGPEEoC6BiWZsXYFghG+n34wRGJ/0R3GVbhmLSlBxPum
-r8urHjf3lopKXVXE761YPX/pYBCWIpGiEmYdg1SQ3vd+a7qkFOR5qUfQkS0zsGAD
-ghn+9vuniOXbKBBlU6zN7qJ3+TKaGXgJWKI1d9b6DZsYmU+3x5flW78kHr+tQz3d
-/wU9qHQ/Ow5EO/CZrxntxryPrXvLOjeAMlBbxaloHKwcnWav3soqLtASZ0r1px6A
-JAjxPLEdhpWKeVhCHNum++YD2uW9IeO/IBRLyKakFzoSc5I6yLNX4pywrQi/DPa5
-1Qr5Jg1wJODCAFChLdX0+BwMz5HTSx2gseGzcsNSuTBE5VwJ9zKYxe0mpl0MPXt2
-eXf1DxmH16LvVGm4m9KJ/xPf6x2fN/+MJyGHN7DUSVt5Ke8X70KsWJj4SD5c5aN9
-JEQiPswgCiOO/L9cA3RyXV3wdn++92m0LUp8nTvQ7XP0F1DZp75JlX9B6JAVkQ4s
-1lgNPzKU3OspkRsUtihK7MD4e3Cqz11SjVQqtJLc1Lw8L7QtWFflh6rMk8U2iHgx
-eEOyVkJMa9YACuo6OFcZheobhmYvsm1R/9D766foehL4P2Q2FqijHYMg6cD9fPkB
-8ie2O+DIvo0oms/69q888J71GncJ6eE88P9ipSQKpBd1PALIDMgUKZQsmBYHyLXC
-XgGtrdspQ1sHEk/2XOaGcx11okLGv98+LkdElZtqM/48eDm5Lw58BF3R9t6druEF
-/dbsBTgNfeoWkBJaakxOUxMKXg1rxpxi1xo9+yohN0htYZeSj5NDEFn4DixuCagj
-/WP9bkB5f5LY44Z9JPF1LnI69ndlT2lc4henwZLY7kBMb3CvvjUDkE5v9gEBJA8u
-ZTpZ/VhX65+L5PLNca45BeUzq4kA72IwvP4+z0gY77/mRwtxuDSKXu5381ULKNIQ
-TY7siPrDaDCNNz5WqjaLOrQPqfopeVr4fjoXsCiGWWdIV1Q0RX5Y2uNbX4SjVvEb
-Risp2sTjgPCg1ox61zX+lD3JHvopO46qCvYHsCEgK80R3KY6MOBkdDn6XE5pN+Br
-uBBxf1k6qpOXmJ34OL4QpZBO0FHldrpRFjShtg==
------END PUBLIC KEY-----
-
-PublicKey=ffdhe8192-2-pub
------BEGIN PUBLIC KEY-----
-MIIIKDCCBBsGCSqGSIb3DQEDATCCBAwCggQBAP//////////rfhUWKK7Spqv3FYg
-Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V
-1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih
-Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n
-Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb
-TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe
-+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS
-4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr
-+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3Y88d
-VQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJKZmj
-M8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHGigB+
-Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyzjowz
-THAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNigDvCS
-NQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLuqsAj
-Kigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQXcgt
-uFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmlippUm
-1DFhwaQdVw15ONrUpA4ynM/0aqo2rQBM9gDIOB5CWjHZUa5k/bI/zslQnUNof+tp
-7dHMXguMw732SxDvhrYxQqOriClVWy90fJMmZcssDxzAG9cCKTiIOdKvBeRUUErH
-i3WCgihGwLo1w19cWRYMwEb9glFUH8aMnIawIrtwmYdqRg50UaipMQlwP+4cIX5s
-OCblLFGqaR4OQjz8menjFlDBIXtiSBbNrZqV+dW4AZSI2cCgof4wdaV34jGD+B1K
-Py+kVx78jOC6ik/otoVd/nKwpm7e0vur++WKMPr6vhxdcah+L3Qe+MH+hv6mu/3l
-MGd/DZfRHUn3qEQ9CCLlBqn0YU4BHiqUg4/4jNaMi7fFxkJM//////////8CAQIC
-AgGQA4IEBQACggQADNgThA6Ha+5i9Zm9ZCNDLMbsyzoLdM0uK3sJ+jsTn2tw+kBG
-FJo5EEk6ojw0VGasoC8e9ThX78YHiCG18vPbLteE/CD4g+jGo/KcOUfrZV3uHBwv
-Y9F9fIcZi9XTBa9Np6yntpYh/fXxClWybWscdRXVXTv9AJ0GMCGa6ebV7++AwVee
-1C3U47omYwVET7adSmqzbcjNF42dConPlB7tTMCtJR92xYHCFK07kRT17OAdVJyf
-KDdzLeW1VJBzbkdrGCAJSx3iwRp6d6ldeFdDhcUEzgQZnB/JnVmEoZDXK4i2KYc4
-b78VivuOAuZFdokC1g+RsGgWkGhDxnsGPWvPWACTzm+zTjMyENygkEyzp3moBjMm
-doXE4z11V6zm7ZoNxJ7ouzTEpLMvu7XcavKv/uVbsW7uAJqbosIsqWLdcxaDEFzG
-W54Se2EaybZj/gr2tQHGAfE01+ulSJ57fuhSPLVgtpDcS98meWgKS4ddHr9dLFe6
-886fZvAvswW1ZlND7UZihtKIl3Nx0Myn+B+YG2oJQp0vsmMh1sCGD0g007TGUe82
-3/xgRXlUjwmCDikpXCSTagm3ZKF6GqJNwJN2sxCqy6wp2LX/KM3oSErXxCBTSCZt
-/wAzGd3tDcH4D79kbzIRtCCcfLI/TqC95OW3ANR6obd3ongV2rW1HyN3mLOgzuDv
-phVP0XX4fIGGGGmz76AJdpcIhXzlzQcY1fDjH59WOuOFZylxAmfNziM6ORL/FyMZ
-YxZLSx7TrHEiiRAT431hpx4f9qE5SePhg1HXqzBPA8YJtV1WiJWjO/u4LP9H7iIl
-4eubdVZqV6k2Kaw3WB7ZgST4Jc9ybiVT/kz0nTA7AF0TXSNL/BsBrEwZz8wrKlHu
-rj5MOUpAPwRlLUln11w7gTz98lvEBSyInMSjOr+0NmW77D+IWoAwWBdrcuRE2Dod
-rjhZeWrHWdgNqPOaYKkUS+CexH01aEdX3YHFmGPyXrwOkmX0zjBns3RjRzA9Dyjk
-qgG/mKQ243smQPIUDHvbfgmdLNHOg0iOyDq1nKWk5K6X3tEgUnmxkcONQ66QXyEB
-BpXtyD1NFg0op0p0/7jNpQUsNeKx9gRsTfUC7TDS4bYnJT+vNOFYiKClVC6lgrYT
-4dBvQQx44OY4VIwrXOl5H3Z5DR3D4Gg/yMtqizXmiCffVG3I8NJSrAm3QVS/xxxv
-fj2ITAUI3nmvKJD1IGXo4T/+N5GGexEWMu1IuDO4vkcKhYWIHlyAEC1paJjOslbU
-vbRjLQvAYe0P1TBk+2mal5Agh0UQHyYsDlxMDmortsKhLDXOVjAx2AS9VV2tBbpZ
-pEt4opfkapIwZaJV+5MgtHyWMFQ6w2QF/CdUAg==
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ffdhe8192-1:ffdhe8192-1-pub
-
-PrivPubKeyPair=ffdhe8192-2:ffdhe8192-2-pub
-
-Derive=ffdhe8192-1
-Availablein = default
-PeerKey=ffdhe8192-2-pub
-SharedSecret=4E48335CB2A508C3481729F42C49CFC0A9DA673F9FA4FBD968B3C5B78DBFA8695295642D1337C54229370B33068481F6A6E1B021F8B09B7C6B3E4DB581AD4C7ACF5C230A1FD4107EAE55530A8376856A65E079DE1BDA41B050E9B53A088ACADB879CCBC683A13BB925D48497BF7021FEB9DA214DD77FCBB6D0D46EC2BB9C7A9AFB93FC236E4EB61CB0F0C8E025D8CF4AF8B3B0F28B3E2CFAE6E760DC7877C71046179154FBE1A50A315C4DBA6D9E06406D389B614B1FC422C72FBB958C0A2EE21694CD32136F9CF0A1205E0D3A4B10CC9C98B3B4524A0CDC9455D3021AC44057CEF4A97E85166068769E9E644CC447095243BB90368A1CE6F0E3C69CA180F5B9D51F590A812B1375460CF10A7E718A83A2F6B00D8E28BAB45CEAB8AF0EB02988ED9221416EC061C1C4081552D3D0849D243DB473EC7B90180C3891E768DD2D7002CF505D369700CAF02A4B9DD1F2828C4ACC1F2EB47100DC2DB5620ADA971D1B0B0FAC9F9E3492B591FC85AC3DCB3826A8DA5842F4AE145FE33BFCDD0B6CD15C9836A5862EDB3D87A0CDBD724AE19A79A55D4F0BFF7870019926181933C840EACFB70FBC0EF182057DC09E06798EB4C9AAC2285F22F5D907A432C6D00CC44D07D77E77D1ACC183A174146ECFBDA26FF922CEBD2FA288EF2D23F65C0AAAD0F05DBFB6CA12446082D1F5774877483C3858442E305CF2A9637CE0EBB702DB70FF336E5B0413F3E8791960F1F0A9877C9076213D40657283D546AE52B73FF4449E60F8B6FE30D4CC0BA1ACA7A7DC155EC73C48B21477983D004261267D710D8A5E8CBD0656F1A963F248E887E8C2BF87BCAE7A0D4891BF21FCF35893584B29E18E842A23EA329ADD3D6AD994B5CBFBBFAB5A26932E8F799B2B0FA7789DE7A4A5C4B7FA81971819EA7F33B5BF6577F917BDE9C3680BCC5B15F1EAB4524A1B6DEE96B9F108A77344269A1757685D0404C832E4E0C5A29F808CFA6290316C0EBB2EF0A7431F62A5FBCDC66527AD8A04C0F10AF88C7CE1F1F22C41B71CE278BB704E88145608C28AD78402487031F6B13604CC6687161EBB78E7AF7AA0BC3CCB9AD8B00D7C01980599904B71F5DBC06A691E5638566BE36522B7FED69E24C28F8EA798BA3E9CCEB8AB8CF5651379A21A38315B05C66205616BBC6A3DD5573C9C6FBA2E3488E055E5F36857016D9300BFCE9F38D7C7CCD07FCF1EF41F8347CADCB12C400536374CF269613B05069B6D94CADA3B1F4ACBB68FA1ED175B01D840D871B3B0CDB918CDF15C79169A398C189AEA78860081DB423C89D350587E26D6D77B4C762B4F2A030345679F724CFBB08DB03E8CEB4FF0B91422BD2EB5C1C356D209049CFA2D6447F69B1E1DF0850FFBB6BB9F8D5B147765C023F76524A808456DEBF6A9134E3364DF462D4807FE6D4D036A4E59A4D56F8A30D8A27F4DFA174940B713A7E4
-
-Derive=ffdhe8192-2
-Availablein = default
-PeerKey=ffdhe8192-1-pub
-SharedSecret=4E48335CB2A508C3481729F42C49CFC0A9DA673F9FA4FBD968B3C5B78DBFA8695295642D1337C54229370B33068481F6A6E1B021F8B09B7C6B3E4DB581AD4C7ACF5C230A1FD4107EAE55530A8376856A65E079DE1BDA41B050E9B53A088ACADB879CCBC683A13BB925D48497BF7021FEB9DA214DD77FCBB6D0D46EC2BB9C7A9AFB93FC236E4EB61CB0F0C8E025D8CF4AF8B3B0F28B3E2CFAE6E760DC7877C71046179154FBE1A50A315C4DBA6D9E06406D389B614B1FC422C72FBB958C0A2EE21694CD32136F9CF0A1205E0D3A4B10CC9C98B3B4524A0CDC9455D3021AC44057CEF4A97E85166068769E9E644CC447095243BB90368A1CE6F0E3C69CA180F5B9D51F590A812B1375460CF10A7E718A83A2F6B00D8E28BAB45CEAB8AF0EB02988ED9221416EC061C1C4081552D3D0849D243DB473EC7B90180C3891E768DD2D7002CF505D369700CAF02A4B9DD1F2828C4ACC1F2EB47100DC2DB5620ADA971D1B0B0FAC9F9E3492B591FC85AC3DCB3826A8DA5842F4AE145FE33BFCDD0B6CD15C9836A5862EDB3D87A0CDBD724AE19A79A55D4F0BFF7870019926181933C840EACFB70FBC0EF182057DC09E06798EB4C9AAC2285F22F5D907A432C6D00CC44D07D77E77D1ACC183A174146ECFBDA26FF922CEBD2FA288EF2D23F65C0AAAD0F05DBFB6CA12446082D1F5774877483C3858442E305CF2A9637CE0EBB702DB70FF336E5B0413F3E8791960F1F0A9877C9076213D40657283D546AE52B73FF4449E60F8B6FE30D4CC0BA1ACA7A7DC155EC73C48B21477983D004261267D710D8A5E8CBD0656F1A963F248E887E8C2BF87BCAE7A0D4891BF21FCF35893584B29E18E842A23EA329ADD3D6AD994B5CBFBBFAB5A26932E8F799B2B0FA7789DE7A4A5C4B7FA81971819EA7F33B5BF6577F917BDE9C3680BCC5B15F1EAB4524A1B6DEE96B9F108A77344269A1757685D0404C832E4E0C5A29F808CFA6290316C0EBB2EF0A7431F62A5FBCDC66527AD8A04C0F10AF88C7CE1F1F22C41B71CE278BB704E88145608C28AD78402487031F6B13604CC6687161EBB78E7AF7AA0BC3CCB9AD8B00D7C01980599904B71F5DBC06A691E5638566BE36522B7FED69E24C28F8EA798BA3E9CCEB8AB8CF5651379A21A38315B05C66205616BBC6A3DD5573C9C6FBA2E3488E055E5F36857016D9300BFCE9F38D7C7CCD07FCF1EF41F8347CADCB12C400536374CF269613B05069B6D94CADA3B1F4ACBB68FA1ED175B01D840D871B3B0CDB918CDF15C79169A398C189AEA78860081DB423C89D350587E26D6D77B4C762B4F2A030345679F724CFBB08DB03E8CEB4FF0B91422BD2EB5C1C356D209049CFA2D6447F69B1E1DF0850FFBB6BB9F8D5B147765C023F76524A808456DEBF6A9134E3364DF462D4807FE6D4D036A4E59A4D56F8A30D8A27F4DFA174940B713A7E4
-
-Title = SM2 tests
-
-PrivateKey=SM2_key1
------BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqBHM9VAYItBG0wawIBAQQg0JFWczAXva2An9m7
-2MaT9gIwWTFptvlKrxyO4TjMmbWhRANCAAQ5OirZ4n5DrKqrhaGdO4VZHhRAYVcX
-Wt3Te/d/8Mr57Tf886i09VwDhSMmH8pmNq/mp6+ioUgqYG9cs6GLLioe
------END PRIVATE KEY-----
-
-Verify = SM2_key1
-Availablein = default
-Ctrl = digest:SM3
-Input = D7AD397F6FFA5D4F7F11E7217F241607DC30618C236D2C09C1B9EA8FDADEE2E8
-Output = 3046022100AB1DB64DE7C40EDBDE6651C9B8EBDB804673DB836E5D5C7FE15DCF9ED2725037022100EBA714451FF69B0BB930B379E192E7CD5FA6E3C41C7FBD8303B799AB54A54621
-
-Verify = SM2_key1
-Availablein = default
-Ctrl = digest:SM3
-Input = B1139602C6ECC9E15E2F3F9C635A1AFE737058BC15387479C1EA0D0B3D90E9E5
-Output = 3045022100E6E0414EBD3A656C35602AF14AB20287DBF30D57AF75C49A188ED4B42391F22402202F54F277C606F4605E1CE9514947FFDDF94C67A539804A4ED17F852288BDBE2E
-
-Verify = SM2_key1
-Availablein = default
-Ctrl = digest:SHA512
-Input = 40AA1B203C9D8EE150B21C3C7CDA8261492E5420C5F2B9F7380700E094C303B48E62F319C1DA0E32EB40D113C5F1749CC61AEB499167890AB82F2CC9BB706971
-Output = 3046022100AE018933B9BA041784380069F2DDF609694DCD299FDBF23D09F4B711FBC103EC0221008440BB1A48C132DE4FB91BE9F43B958142FDD29FB9DABE01B17514023A2F638C
-
-Decrypt = SM2_key1
-Availablein = default
-Input = 30818A0220466BE2EF5C11782EC77864A0055417F407A5AFC11D653C6BCE69E417BB1D05B6022062B572E21FF0DDF5C726BD3F9FF2EAE56E6294713A607E9B9525628965F62CC804203C1B5713B5DB2728EB7BF775E44F4689FC32668BDC564F52EA45B09E8DF2A5F40422084A9D0CC2997092B7D3C404FCE95956EB604D732B2307A8E5B8900ED6608CA5B197
-Output = "The floofy bunnies hop at midnight"
-
-# This is a "fake" test as it does only verify that the SM2 EVP_PKEY interface
-# is capable of creating a signature without failing, but it does not say
-# anything about the generated signature being valid, nor does it test the
-# correct implementation of the cryptosystem.
-Sign = SM2_key1
-Availablein = default
-Ctrl = digest:SM3
-Input = D7AD397F6FFA5D4F7F11E7217F241607DC30618C236D2C09C1B9EA8FDADEE2E8
-Output = 3045022100f11bf36e75bb304f094fb42a4ca22377d0cc768637c5011cd59fb9ed4b130c98022035545ffe2c2efb3abee4fee661468946d886004fae8ea5311593e48f7fe21b91
-Result = KEYOP_MISMATCH
-
-Title = Chosen Wycheproof vectors
-
-PrivateKeyRaw = WychePRIVATE0:X25519:288796bc5aff4b81a37501757bc0753a3c21964790d38699308debc17a6eaf8d
-
-PublicKeyRaw = WychePUBLIC0:X25519:f0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f
-
-Derive=WychePRIVATE0
-Availablein = default
-PeerKey=WychePUBLIC0
-SharedSecret=b4e0dd76da7b071728b61f856771aa356e57eda78a5b1655cc3820fb5f854c5c
-
-PrivateKeyRaw = WychePRIVATE1:X25519:60887b3dc72443026ebedbbbb70665f42b87add1440e7768fbd7e8e2ce5f639d
-
-PublicKeyRaw = WychePUBLIC1:X25519:f0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
-
-Derive=WychePRIVATE1
-Availablein = default
-PeerKey=WychePUBLIC1
-SharedSecret=38d6304c4a7e6d9f7959334fb5245bd2c754525d4c91db950206926234c1f633
-
-PrivateKeyRaw = WychePRIVATE2:X25519:a0a4f130b98a5be4b1cedb7cb85584a3520e142d474dc9ccb909a073a976bf63
-
-PublicKeyRaw = WychePUBLIC2:X25519:0ab4e76380d84dde4f6833c58f2a9fb8f83bb0169b172be4b6e0592887741a36
-
-Derive=WychePRIVATE2
-Availablein = default
-PeerKey=WychePUBLIC2
-SharedSecret=0200000000000000000000000000000000000000000000000000000000000000
-
-PublicKeyRaw = WychePUBLIC3:X25519:89e10d5701b4337d2d032181538b1064bd4084401ceca1fd12663a1959388000
-
-Derive=WychePRIVATE2
-Availablein = default
-PeerKey=WychePUBLIC3
-SharedSecret=0900000000000000000000000000000000000000000000000000000000000000
-
-PublicKeyRaw = WychePUBLIC4:X25519:2b55d3aa4a8f80c8c0b2ae5f933e85af49beac36c2fa7394bab76c8933f8f81d
-
-Derive=WychePRIVATE2
-Availablein = default
-PeerKey=WychePUBLIC4
-SharedSecret=1000000000000000000000000000000000000000000000000000000000000000
+SharedSecret=02da266a269bdc8d8b2a0c6bb5762f102fc801c8d5394a9271539136bd81d4b69cfbb7525cd0a983fb7f7e9deec583b8f8e574c6184b2d79831ec770649e484dc006fa35b0bffd0b
diff --git a/test/recipes/30-test_evp_data/evppkey_kdf.txt b/test/recipes/30-test_evp_data/evppkey_kdf_hkdf.txt
similarity index 62%
rename from test/recipes/30-test_evp_data/evppkey_kdf.txt
rename to test/recipes/30-test_evp_data/evppkey_kdf_hkdf.txt
index c619efdcc4..1a0277594b 100644
--- a/test/recipes/30-test_evp_data/evppkey_kdf.txt
+++ b/test/recipes/30-test_evp_data/evppkey_kdf_hkdf.txt
@@ -1,5 +1,5 @@
 #
-# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the Apache License 2.0 (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -7,69 +7,11 @@
 # https://www.openssl.org/source/license.html
 
 # Tests start with one of these keywords
-#       Cipher Decrypt Derive Digest Encoding KDF PKEYKDF MAC PBE
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
 #       PrivPubKeyPair Sign Verify VerifyRecover
-# and continue until a blank line.  Lines starting with a pound sign,
-# like this prolog, are ignored.
+# and continue until a blank line. Lines starting with a pound sign are ignored.
 
-Title = TLS1 PRF tests (from NIST test vectors)
-
-PKEYKDF=TLS1-PRF
-Ctrl.md = md:MD5-SHA1
-Ctrl.Secret = hexsecret:bded7fa5c1699c010be23dd06ada3a48349f21e5f86263d512c0c5cc379f0e780ec55d9844b2f1db02a96453513568d0
-Ctrl.label = seed:master secret
-Ctrl.client_random = hexseed:e5acaf549cd25c22d964c0d930fa4b5261d2507fad84c33715b7b9a864020693
-Ctrl.server_random = hexseed:135e4d557fdf3aa6406d82975d5c606a9734c9334b42136e96990fbd5358cdb2
-Output = 2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62
-
-PKEYKDF=TLS1-PRF
-Ctrl.md = md:MD5-SHA1
-Ctrl.Secret = hexsecret:2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62
-Ctrl.label = seed:key expansion
-Ctrl.server_random = hexseed:67267e650eb32444119d222a368c191af3082888dc35afe8368e638c828874be
-Ctrl.client_random = hexseed:d58a7b1cd4fedaa232159df652ce188f9d997e061b9bf48e83b62990440931f6
-Output = 3088825988e77fce68d19f756e18e43eb7fe672433504feaf99b3c503d9091b164f166db301d70c9fc0870b4a94563907bee1a61fb786cb717576890bcc51cb9ead97e01d0a2fea99c953377b195205ff07b369589178796edc963fd80fdbe518a2fc1c35c18ae8d
-
-PKEYKDF=TLS1-PRF
-Ctrl.md = md:SHA256
-Ctrl.Secret = hexsecret:f8938ecc9edebc5030c0c6a441e213cd24e6f770a50dda07876f8d55da062bcadb386b411fd4fe4313a604fce6c17fbc
-Ctrl.label = seed:master secret
-Ctrl.client_random = hexseed:36c129d01a3200894b9179faac589d9835d58775f9b5ea3587cb8fd0364cae8c
-Ctrl.server_random = hexseed:f6c9575ed7ddd73e1f7d16eca115415812a43c2b747daaaae043abfb50053fce
-Output = 202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf
-
-PKEYKDF=TLS1-PRF
-Ctrl.md = md:SHA256
-Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf
-Ctrl.label = seed:key expansion
-Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868
-Ctrl.client_random = hexseed:62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616
-Output = d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928
-
-# As above but use long name for KDF
-PKEYKDF=tls1-prf
-Ctrl.md = md:SHA256
-Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf
-Ctrl.label = seed:key expansion
-Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868
-Ctrl.client_random = hexseed:62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616
-Output = d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928
-
-# Missing digest.
-PKEYKDF=TLS1-PRF
-Ctrl.Secret = hexsecret:01
-Ctrl.Seed = hexseed:02
-Output = 03
-Result = KDF_DERIVE_ERROR
-
-# Missing secret.
-PKEYKDF=TLS1-PRF
-Ctrl.md = md:MD5-SHA1
-Ctrl.Seed = hexseed:02
-Output = 03
-Result = KDF_DERIVE_ERROR
-
-Title = HKDF tests (from RFC5869 test vectors)
+Title = HKDF tests (from RFC5869 test vectors) using PKEYKDF
 
 PKEYKDF = HKDF
 Ctrl.md = md:SHA256
@@ -251,55 +193,3 @@ Ctrl.md = md:SHA1
 Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
 Ctrl.salt = salt:
 Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48
-
-Title = id-scrypt tests (from draft-josefsson-id-scrypt-kdf-03 and others)
-
-PKEYKDF = scrypt
-Ctrl.pass = pass:
-Ctrl.salt = salt:
-Ctrl.N = N:16
-Ctrl.r = r:1
-Ctrl.p = p:1
-Output = 77d6576238657b203b19ca42c18a0497f16b4844e3074ae8dfdffa3fede21442fcd0069ded0948f8326a753a0fc81f17e8d3e0fb2e0d3628cf35e20c38d18906
-
-PKEYKDF = scrypt
-Ctrl.pass = pass:password
-Ctrl.salt = salt:NaCl
-Ctrl.N = N:1024
-Ctrl.r = r:8
-Ctrl.p = p:16
-Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640
-
-PKEYKDF = scrypt
-Ctrl.hexpass = hexpass:70617373776f7264
-Ctrl.salt = salt:NaCl
-Ctrl.N = N:1024
-Ctrl.r = r:8
-Ctrl.p = p:16
-Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640
-
-PKEYKDF = scrypt
-Ctrl.pass = pass:password
-Ctrl.hexsalt = hexsalt:4e61436c
-Ctrl.N = N:1024
-Ctrl.r = r:8
-Ctrl.p = p:16
-Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640
-
-PKEYKDF = scrypt
-Ctrl.pass = pass:pleaseletmein
-Ctrl.salt = salt:SodiumChloride
-Ctrl.N = N:16384
-Ctrl.r = r:8
-Ctrl.p = p:1
-Output = 7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887
-
-# Out of memory
-PKEYKDF = scrypt
-Ctrl.pass = pass:pleaseletmein
-Ctrl.salt = salt:SodiumChloride
-Ctrl.N = N:1048576
-Ctrl.r = r:8
-Ctrl.p = p:1
-Result = INTERNAL_ERROR
-
diff --git a/test/recipes/30-test_evp_data/evppkey_kdf_scrypt.txt b/test/recipes/30-test_evp_data/evppkey_kdf_scrypt.txt
new file mode 100644
index 0000000000..086451a44c
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evppkey_kdf_scrypt.txt
@@ -0,0 +1,63 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title = id-scrypt tests (from draft-josefsson-id-scrypt-kdf-03 and others)
+
+PKEYKDF = scrypt
+Ctrl.pass = pass:
+Ctrl.salt = salt:
+Ctrl.N = N:16
+Ctrl.r = r:1
+Ctrl.p = p:1
+Output = 77d6576238657b203b19ca42c18a0497f16b4844e3074ae8dfdffa3fede21442fcd0069ded0948f8326a753a0fc81f17e8d3e0fb2e0d3628cf35e20c38d18906
+
+PKEYKDF = scrypt
+Ctrl.pass = pass:password
+Ctrl.salt = salt:NaCl
+Ctrl.N = N:1024
+Ctrl.r = r:8
+Ctrl.p = p:16
+Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640
+
+PKEYKDF = scrypt
+Ctrl.hexpass = hexpass:70617373776f7264
+Ctrl.salt = salt:NaCl
+Ctrl.N = N:1024
+Ctrl.r = r:8
+Ctrl.p = p:16
+Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640
+
+PKEYKDF = scrypt
+Ctrl.pass = pass:password
+Ctrl.hexsalt = hexsalt:4e61436c
+Ctrl.N = N:1024
+Ctrl.r = r:8
+Ctrl.p = p:16
+Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640
+
+PKEYKDF = scrypt
+Ctrl.pass = pass:pleaseletmein
+Ctrl.salt = salt:SodiumChloride
+Ctrl.N = N:16384
+Ctrl.r = r:8
+Ctrl.p = p:1
+Output = 7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887
+
+# Out of memory
+PKEYKDF = scrypt
+Ctrl.pass = pass:pleaseletmein
+Ctrl.salt = salt:SodiumChloride
+Ctrl.N = N:1048576
+Ctrl.r = r:8
+Ctrl.p = p:1
+Result = INTERNAL_ERROR
diff --git a/test/recipes/30-test_evp_data/evppkey_kdf_tls1_prf.txt b/test/recipes/30-test_evp_data/evppkey_kdf_tls1_prf.txt
new file mode 100644
index 0000000000..17a8dab6f7
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evppkey_kdf_tls1_prf.txt
@@ -0,0 +1,71 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title = TLS1 PRF tests (from NIST test vectors)
+
+PKEYKDF = TLS1-PRF
+Ctrl.md = md:MD5-SHA1
+Ctrl.Secret = hexsecret:bded7fa5c1699c010be23dd06ada3a48349f21e5f86263d512c0c5cc379f0e780ec55d9844b2f1db02a96453513568d0
+Ctrl.label = seed:master secret
+Ctrl.client_random = hexseed:e5acaf549cd25c22d964c0d930fa4b5261d2507fad84c33715b7b9a864020693
+Ctrl.server_random = hexseed:135e4d557fdf3aa6406d82975d5c606a9734c9334b42136e96990fbd5358cdb2
+Output = 2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62
+
+PKEYKDF = TLS1-PRF
+Ctrl.md = md:MD5-SHA1
+Ctrl.Secret = hexsecret:2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62
+Ctrl.label = seed:key expansion
+Ctrl.server_random = hexseed:67267e650eb32444119d222a368c191af3082888dc35afe8368e638c828874be
+Ctrl.client_random = hexseed:d58a7b1cd4fedaa232159df652ce188f9d997e061b9bf48e83b62990440931f6
+Output = 3088825988e77fce68d19f756e18e43eb7fe672433504feaf99b3c503d9091b164f166db301d70c9fc0870b4a94563907bee1a61fb786cb717576890bcc51cb9ead97e01d0a2fea99c953377b195205ff07b369589178796edc963fd80fdbe518a2fc1c35c18ae8d
+
+# Missing secret.
+PKEYKDF = TLS1-PRF
+Ctrl.md = md:MD5-SHA1
+Ctrl.Seed = hexseed:02
+Output = 03
+Result = KDF_DERIVE_ERROR
+
+# PKEYKDF variants.
+
+PKEYKDF = TLS1-PRF
+Ctrl.md = md:SHA256
+Ctrl.Secret = hexsecret:f8938ecc9edebc5030c0c6a441e213cd24e6f770a50dda07876f8d55da062bcadb386b411fd4fe4313a604fce6c17fbc
+Ctrl.label = seed:master secret
+Ctrl.client_random = hexseed:36c129d01a3200894b9179faac589d9835d58775f9b5ea3587cb8fd0364cae8c
+Ctrl.server_random = hexseed:f6c9575ed7ddd73e1f7d16eca115415812a43c2b747daaaae043abfb50053fce
+Output = 202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf
+
+PKEYKDF = TLS1-PRF
+Ctrl.md = md:SHA256
+Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf
+Ctrl.label = seed:key expansion
+Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868
+Ctrl.client_random = hexseed:62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616
+Output = d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928
+
+# As above but use long name for KDF
+PKEYKDF = tls1-prf
+Ctrl.md = md:SHA256
+Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf
+Ctrl.label = seed:key expansion
+Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868
+Ctrl.client_random = hexseed:62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616
+Output = d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928
+
+# Missing digest.
+PKEYKDF = TLS1-PRF
+Ctrl.Secret = hexsecret:01
+Ctrl.Seed = hexseed:02
+Output = 03
+Result = KDF_DERIVE_ERROR
diff --git a/test/recipes/30-test_evp_data/evppkey_mismatch.txt b/test/recipes/30-test_evp_data/evppkey_mismatch.txt
new file mode 100644
index 0000000000..ebbd4d4b39
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evppkey_mismatch.txt
@@ -0,0 +1,85 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+
+# Public / Private keys from other tests used for keypair testing.
+
+PrivateKey=Alice-25519
+-----BEGIN PRIVATE KEY-----
+MC4CAQAwBQYDK2VuBCIEIHcHbQpzGKV9PBbBclGyZkXfTC+H68CZKrF3+6UduSwq
+-----END PRIVATE KEY-----
+
+PrivateKey=Alice-448
+-----BEGIN PRIVATE KEY-----
+MEYCAQAwBQYDK2VvBDoEOJqPSSXRUZ9Xdc9GsEtYANTunui66LxVZdSYwo3Zybr1
+dKlBl0SJc5EAY4Km8SerHZrC2MClmHJr
+-----END PRIVATE KEY-----
+
+PublicKey=P-256-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAELBUPQpznDyFsJSz14GLOH2Oc1dFl
+x/iUJAcsJxl9eLM7kg6VzbZk6ZDc8M/qDZTiqOavnQ5YBW5lMQSSW5/myQ==
+-----END PUBLIC KEY-----
+
+PublicKey=KAS-ECC-CDH_K-163_C0-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBx+LKHfWAn2cGt5CRPLeoSaS7yPVBcFe
+53YiHHK4SzR844PzgGe4nD6a
+-----END PUBLIC KEY-----
+
+PrivateKey = RSA-2048
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDNAIHqeyrh6gbV
+n3xz2f+5SglhXC5Lp8Y2zvCN01M+wxhVJbAVx2m5mnfWclv5w1Mqm25fZifV+4UW
+B2jT3anL01l0URcX3D0wnS/EfuQfl+Mq23+d2GShxHZ6Zm7NcbwarPXnUX9LOFlP
+6psF5C1a2pkSAIAT5FMWpNm7jtCGuI0odYusr5ItRqhotIXSOcm66w4rZFknEPQr
+LR6gpLSALAvsqzKPimiwBzvbVG/uqYCdKEmRKzkMFTK8finHZY+BdfrkbzQzL/h7
+yrPkBkm5hXeGnaDqcYNT8HInVIhpE2SHYNEivmduD8SD3SD/wxvalqMZZsmqLnWt
+A95H4cRPAgMBAAECggEAYCl6x5kbFnoG1rJHWLjL4gi+ubLZ7Jc4vYD5Ci41AF3X
+ziktnim6iFvTFv7x8gkTvArJDWsICLJBTYIQREHYYkozzgIzyPeApIs3Wv8C12cS
+IopwJITbP56+zM+77hcJ26GCgA2Unp5CFuC/81WDiPi9kNo3Oh2CdD7D+90UJ/0W
+glplejFpEuhpU2URfKL4RckJQF/KxV+JX8FdIDhsJu54yemQdQKaF4psHkzwwgDo
+qc+yfp0Vb4bmwq3CKxqEoc1cpbJ5CHXXlAfISzUjlcuBzD/tW7BDtp7eDAcgRVAC
+XO6MX0QBcLYSC7SOD3R7zY9SIRCFDfBDxCjf0YcFMQKBgQD2+WG0fLwDXTrt68fe
+hQqVa2Xs25z2B2QGPxWqSFU8WNly/mZ1BW413f3De/O58vYi7icTNyVoScm+8hdv
+6PfD+LuRujdN1TuvPeyBTSvewQwf3IjN0Wh28mse36PwlBl+301C/x+ylxEDuJjK
+hZxCcocIaoQqtBC7ac8tNa9r4wKBgQDUfnJKf/QQSLJwwlJKQQGHi3MVm7c9PbwY
+eyIOY1s1NPluJDoYTZP4YLa/u2txwe2aHh9FhYMCPDAelqaSwaCLU9DsnKkQEA2A
+RR47fcagG6xK7O+N95iEa8I1oIy7os9MBoBMwRIZ6VYIxxTj8UMNSR+tu6MqV1Gg
+T5d0WDTJpQKBgCHyRSu5uV39AoyRS/eZ8cp36JqV1Q08FtOE+EVfi9evnrPfo9WR
+2YQt7yNfdjCo5IwIj/ZkLhAXlFNakz4el2+oUJ/HKLLaDEoaCNf883q6rh/zABrK
+HcG7sF2d/7qhoJ9/se7zgjfZ68zHIrkzhDbd5xGREnmMJoCcGo3sQyBhAoGAH3UQ
+qmLC2N5KPFMoJ4H0HgLQ6LQCrnhDLkScSBEBYaEUA/AtAYgKjcyTgVLXlyGkcRpg
+esRHHr+WSBD5W+R6ReYEmeKfTJdzyDdzQE9gZjdyjC0DUbsDwybIu3OnIef6VEDq
+IXK7oUZfzDDcsNn4mTDoFaoff5cpqFfgDgM43VkCgYBNHw11b+d+AQmaZS9QqIt7
+aF3FvwCYHV0jdv0Mb+Kc1bY4c0R5MFpzrTwVmdOerjuuA1+9b+0Hwo3nBZM4eaBu
+SOamA2hu2OJWCl9q8fLCT69KqWDjghhvFe7c6aJJGucwaA3Uz3eLcPqoaCarMiNH
+fMkTd7GabVourqIZdgvu1Q==
+-----END PRIVATE KEY-----
+
+Title = Test keypair mismatches
+
+PrivPubKeyPair = Alice-25519:P-256-PUBLIC
+Result = KEYPAIR_TYPE_MISMATCH
+
+PrivPubKeyPair = Alice-448:P-256-PUBLIC
+Result = KEYPAIR_TYPE_MISMATCH
+
+PrivPubKeyPair = RSA-2048:P-256-PUBLIC
+Result = KEYPAIR_TYPE_MISMATCH
+
+PrivPubKeyPair = RSA-2048:KAS-ECC-CDH_K-163_C0-PUBLIC
+Result = KEYPAIR_TYPE_MISMATCH
+
+PrivPubKeyPair = Alice-25519:KAS-ECC-CDH_K-163_C0-PUBLIC
+Result = KEYPAIR_TYPE_MISMATCH
diff --git a/test/recipes/30-test_evp_data/evppkey_rsa.txt b/test/recipes/30-test_evp_data/evppkey_rsa.txt
new file mode 100644
index 0000000000..34310be740
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evppkey_rsa.txt
@@ -0,0 +1,1693 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+# The keyword Availablein must appear before the test name if needed.
+
+# Private keys used for PKEY operations.
+
+# RSA 2048 bit key.
+
+PrivateKey = RSA-2048
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDNAIHqeyrh6gbV
+n3xz2f+5SglhXC5Lp8Y2zvCN01M+wxhVJbAVx2m5mnfWclv5w1Mqm25fZifV+4UW
+B2jT3anL01l0URcX3D0wnS/EfuQfl+Mq23+d2GShxHZ6Zm7NcbwarPXnUX9LOFlP
+6psF5C1a2pkSAIAT5FMWpNm7jtCGuI0odYusr5ItRqhotIXSOcm66w4rZFknEPQr
+LR6gpLSALAvsqzKPimiwBzvbVG/uqYCdKEmRKzkMFTK8finHZY+BdfrkbzQzL/h7
+yrPkBkm5hXeGnaDqcYNT8HInVIhpE2SHYNEivmduD8SD3SD/wxvalqMZZsmqLnWt
+A95H4cRPAgMBAAECggEAYCl6x5kbFnoG1rJHWLjL4gi+ubLZ7Jc4vYD5Ci41AF3X
+ziktnim6iFvTFv7x8gkTvArJDWsICLJBTYIQREHYYkozzgIzyPeApIs3Wv8C12cS
+IopwJITbP56+zM+77hcJ26GCgA2Unp5CFuC/81WDiPi9kNo3Oh2CdD7D+90UJ/0W
+glplejFpEuhpU2URfKL4RckJQF/KxV+JX8FdIDhsJu54yemQdQKaF4psHkzwwgDo
+qc+yfp0Vb4bmwq3CKxqEoc1cpbJ5CHXXlAfISzUjlcuBzD/tW7BDtp7eDAcgRVAC
+XO6MX0QBcLYSC7SOD3R7zY9SIRCFDfBDxCjf0YcFMQKBgQD2+WG0fLwDXTrt68fe
+hQqVa2Xs25z2B2QGPxWqSFU8WNly/mZ1BW413f3De/O58vYi7icTNyVoScm+8hdv
+6PfD+LuRujdN1TuvPeyBTSvewQwf3IjN0Wh28mse36PwlBl+301C/x+ylxEDuJjK
+hZxCcocIaoQqtBC7ac8tNa9r4wKBgQDUfnJKf/QQSLJwwlJKQQGHi3MVm7c9PbwY
+eyIOY1s1NPluJDoYTZP4YLa/u2txwe2aHh9FhYMCPDAelqaSwaCLU9DsnKkQEA2A
+RR47fcagG6xK7O+N95iEa8I1oIy7os9MBoBMwRIZ6VYIxxTj8UMNSR+tu6MqV1Gg
+T5d0WDTJpQKBgCHyRSu5uV39AoyRS/eZ8cp36JqV1Q08FtOE+EVfi9evnrPfo9WR
+2YQt7yNfdjCo5IwIj/ZkLhAXlFNakz4el2+oUJ/HKLLaDEoaCNf883q6rh/zABrK
+HcG7sF2d/7qhoJ9/se7zgjfZ68zHIrkzhDbd5xGREnmMJoCcGo3sQyBhAoGAH3UQ
+qmLC2N5KPFMoJ4H0HgLQ6LQCrnhDLkScSBEBYaEUA/AtAYgKjcyTgVLXlyGkcRpg
+esRHHr+WSBD5W+R6ReYEmeKfTJdzyDdzQE9gZjdyjC0DUbsDwybIu3OnIef6VEDq
+IXK7oUZfzDDcsNn4mTDoFaoff5cpqFfgDgM43VkCgYBNHw11b+d+AQmaZS9QqIt7
+aF3FvwCYHV0jdv0Mb+Kc1bY4c0R5MFpzrTwVmdOerjuuA1+9b+0Hwo3nBZM4eaBu
+SOamA2hu2OJWCl9q8fLCT69KqWDjghhvFe7c6aJJGucwaA3Uz3eLcPqoaCarMiNH
+fMkTd7GabVourqIZdgvu1Q==
+-----END PRIVATE KEY-----
+
+# Corresponding public key
+
+PublicKey = RSA-2048-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQCB6nsq4eoG1Z98c9n/
+uUoJYVwuS6fGNs7wjdNTPsMYVSWwFcdpuZp31nJb+cNTKptuX2Yn1fuFFgdo092p
+y9NZdFEXF9w9MJ0vxH7kH5fjKtt/ndhkocR2emZuzXG8Gqz151F/SzhZT+qbBeQt
+WtqZEgCAE+RTFqTZu47QhriNKHWLrK+SLUaoaLSF0jnJuusOK2RZJxD0Ky0eoKS0
+gCwL7Ksyj4posAc721Rv7qmAnShJkSs5DBUyvH4px2WPgXX65G80My/4e8qz5AZJ
+uYV3hp2g6nGDU/ByJ1SIaRNkh2DRIr5nbg/Eg90g/8Mb2pajGWbJqi51rQPeR+HE
+TwIDAQAB
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = RSA-2048:RSA-2048-PUBLIC
+
+Title = RSA tests
+
+Sign = RSA-2048
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1234"
+Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
+
+Verify = RSA-2048
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1234"
+Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
+
+# Truncated digest
+Sign = RSA-2048
+Ctrl = digest:SHA512-224
+Input = "0123456789ABCDEF123456789ABC"
+Output = 5f720e9488139bb21e1c2f027fd5ce5993e6d31c5a8faaee833487b3a944d66891178868ace8070cad3ee2ffbe54aa4885a15fd1a7cc5166970fe1fd8c0423e72bd3e3b56fc4a53ed80aaaeca42497f0ec3c62113edc05cd006608f5eef7ce3ad4cba1069f68731dd28a524a1f93fcdc5547112d48d45586dd943ba0d443be9635720d8a61697c54c96627f0d85c5fbeaa3b4af86a65cf2fc3800dd5de34c046985f25d0efc0bb6edccc1d08b3a4fb9c8faffe181c7e68b31e374ad1440a4a664eec9ca0dc53a9d2f5bc7d9940d866f64201bcbc63612754df45727ea24b531d7de83d1bb707444859fa35521320c33bf6f4dbeb6fb56e653adbf7af15843f17
+
+Verify = RSA-2048
+Ctrl = digest:SHA512-224
+Input = "0123456789ABCDEF123456789ABC"
+Output = 5f720e9488139bb21e1c2f027fd5ce5993e6d31c5a8faaee833487b3a944d66891178868ace8070cad3ee2ffbe54aa4885a15fd1a7cc5166970fe1fd8c0423e72bd3e3b56fc4a53ed80aaaeca42497f0ec3c62113edc05cd006608f5eef7ce3ad4cba1069f68731dd28a524a1f93fcdc5547112d48d45586dd943ba0d443be9635720d8a61697c54c96627f0d85c5fbeaa3b4af86a65cf2fc3800dd5de34c046985f25d0efc0bb6edccc1d08b3a4fb9c8faffe181c7e68b31e374ad1440a4a664eec9ca0dc53a9d2f5bc7d9940d866f64201bcbc63612754df45727ea24b531d7de83d1bb707444859fa35521320c33bf6f4dbeb6fb56e653adbf7af15843f17
+
+VerifyRecover = RSA-2048
+Ctrl = digest:SHA1
+Input = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
+Output = "0123456789ABCDEF1234"
+
+# Leading zero in the signature
+Verify = RSA-2048
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1234"
+Output = 00c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
+Result = VERIFY_ERROR
+
+VerifyRecover = RSA-2048
+Ctrl = digest:SHA1
+Input = 00c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
+Result = KEYOP_ERROR
+
+# Digest too long
+Sign = RSA-2048
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF12345"
+Output = 00
+Result = KEYOP_ERROR
+
+# Digest too short
+Sign = RSA-2048
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF12345"
+Output = 00
+Result = KEYOP_ERROR
+
+# Mismatched digest
+Verify = RSA-2048
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1233"
+Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
+Result = VERIFY_ERROR
+
+# Corrupted signature
+Verify = RSA-2048
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1233"
+Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ae
+Result = VERIFY_ERROR
+
+# parameter is not NULLt
+Verify = RSA-2048
+Ctrl = digest:sha1
+Input = "0123456789ABCDEF1234"
+Output = 3ec3fc29eb6e122bd7aa361cd09fe1bcbe85311096a7b9e4799cedfb2351ce0ab7fe4e75b4f6b37f67edd9c60c800f9ab941c0c157d7d880ca9de40c951d60fd293ae220d4bc510b1572d6e85a1bbbd8605b52e05f1c64fafdae59a1c2fbed214b7844d0134619de62851d5a0522e32e556e5950f3f97b8150e3f0dffee612c924201c27cd9bc8b423a71533380c276d3d59fcba35a2e80a1a192ec266a6c2255012cd86a349fe90a542b355fa3355b04da6cdf1df77f0e7bd44a90e880e1760266d233e465226f5db1c68857847d82072861ee266ddfc2e596845b77e1803274a579835ab5e4975d81d20b7df9cec7795489e4a2bdb8c1cf6a6b359945ac92c
+Result = VERIFY_ERROR
+
+# embedded digest too long
+Verify = RSA-2048
+Ctrl = digest:sha1
+Input = "0123456789ABCDEF1234"
+Output = afec9a0d5330a08f54283bb4a9d4e7e7e70fc1342336c4c766fba713f66970151c6e27413c48c33864ea45a0238787004f338ed3e21b53b0fe9c1151c42c388cbc7cba5a06b706c407a5b48324fbe994dc7afc3a19fb3d2841e66222596c14cd72a0f0a7455a019d8eb554f59c0183f9552b75aa96fee8bf935945e079ca283d2bd3534a86f11351f6d6181fbf433e5b01a6d1422145c7a72214d3aacdd5d3af12b2d6bf6438f9f9a64010d8aeed801c87f0859412b236150b86a545f7239be022f4a7ad246b59df87514294cb4a4c7c5a997ee53c66054d9f38ca4e76c1f7af83c30f737ef70f83a45aebe18238ddb95e1998814ca4fc72388f1533147c169d
+Result = VERIFY_ERROR
+
+VerifyRecover = RSA-2048
+Ctrl = digest:sha1
+Input = afec9a0d5330a08f54283bb4a9d4e7e7e70fc1342336c4c766fba713f66970151c6e27413c48c33864ea45a0238787004f338ed3e21b53b0fe9c1151c42c388cbc7cba5a06b706c407a5b48324fbe994dc7afc3a19fb3d2841e66222596c14cd72a0f0a7455a019d8eb554f59c0183f9552b75aa96fee8bf935945e079ca283d2bd3534a86f11351f6d6181fbf433e5b01a6d1422145c7a72214d3aacdd5d3af12b2d6bf6438f9f9a64010d8aeed801c87f0859412b236150b86a545f7239be022f4a7ad246b59df87514294cb4a4c7c5a997ee53c66054d9f38ca4e76c1f7af83c30f737ef70f83a45aebe18238ddb95e1998814ca4fc72388f1533147c169d
+Result = KEYOP_ERROR
+
+# embedded digest too short
+Verify = RSA-2048
+Ctrl = digest:sha1
+Input = "0123456789ABCDEF1234"
+Output = afec9a0d5330a08f54283bb4a9d4e7e7e70fc1342336c4c766fba713f66970151c6e27413c48c33864ea45a0238787004f338ed3e21b53b0fe9c1151c42c388cbc7cba5a06b706c407a5b48324fbe994dc7afc3a19fb3d2841e66222596c14cd72a0f0a7455a019d8eb554f59c0183f9552b75aa96fee8bf935945e079ca283d2bd3534a86f11351f6d6181fbf433e5b01a6d1422145c7a72214d3aacdd5d3af12b2d6bf6438f9f9a64010d8aeed801c87f0859412b236150b86a545f7239be022f4a7ad246b59df87514294cb4a4c7c5a997ee53c66054d9f38ca4e76c1f7af83c30f737ef70f83a45aebe18238ddb95e1998814ca4fc72388f1533147c169d
+Result = VERIFY_ERROR
+
+VerifyRecover = RSA-2048
+Ctrl = digest:sha1
+Input = afec9a0d5330a08f54283bb4a9d4e7e7e70fc1342336c4c766fba713f66970151c6e27413c48c33864ea45a0238787004f338ed3e21b53b0fe9c1151c42c388cbc7cba5a06b706c407a5b48324fbe994dc7afc3a19fb3d2841e66222596c14cd72a0f0a7455a019d8eb554f59c0183f9552b75aa96fee8bf935945e079ca283d2bd3534a86f11351f6d6181fbf433e5b01a6d1422145c7a72214d3aacdd5d3af12b2d6bf6438f9f9a64010d8aeed801c87f0859412b236150b86a545f7239be022f4a7ad246b59df87514294cb4a4c7c5a997ee53c66054d9f38ca4e76c1f7af83c30f737ef70f83a45aebe18238ddb95e1998814ca4fc72388f1533147c169d
+Result = KEYOP_ERROR
+
+# Garbage after DigestInfo
+Verify = RSA-2048
+Ctrl = digest:sha1
+Input = "0123456789ABCDEF1234"
+Output = 9ee34872d4271a7d8808af0a4052a145a6d6a8437d00da3ed14428c7f087cd39f4d43334c41af63e7fa1ba363fee7bcef401d9d36a662abbab55ce89a696e1be0dfa19a5d09ca617dd488787b6048baaefeb29bc8688b2fe3882de2b77c905b5a8b56cf9616041e5ec934ba6de863efe93acc4eef783fe7f72a00fa65d6093ed32bf98ce527e62ccb1d56317f4be18b7e0f55d7c36617d2d0678a306e3350956b662ac15df45215dd8f6b314babb9788e6c272fa461e4c9b512a11a4b92bc77c3a4c95c903fccb238794eca5c750477bf56ea6ee6a167367d881b485ae3889e7c489af8fdf38e0c0f2aed780831182e34abedd43c39281b290774bf35cc25274
+Result = VERIFY_ERROR
+
+VerifyRecover = RSA-2048
+Ctrl = digest:sha1
+Input = 9ee34872d4271a7d8808af0a4052a145a6d6a8437d00da3ed14428c7f087cd39f4d43334c41af63e7fa1ba363fee7bcef401d9d36a662abbab55ce89a696e1be0dfa19a5d09ca617dd488787b6048baaefeb29bc8688b2fe3882de2b77c905b5a8b56cf9616041e5ec934ba6de863efe93acc4eef783fe7f72a00fa65d6093ed32bf98ce527e62ccb1d56317f4be18b7e0f55d7c36617d2d0678a306e3350956b662ac15df45215dd8f6b314babb9788e6c272fa461e4c9b512a11a4b92bc77c3a4c95c903fccb238794eca5c750477bf56ea6ee6a167367d881b485ae3889e7c489af8fdf38e0c0f2aed780831182e34abedd43c39281b290774bf35cc25274
+Result = KEYOP_ERROR
+
+# invalid tag for parameter
+Verify = RSA-2048
+Ctrl = digest:sha1
+Input = "0123456789ABCDEF1234"
+Output = 49525db4d44c755e560cba980b1d85ea604b0e077fcadd4ba44072a3487bbddb835016200a7d8739cce2dc3223d9c20cbdd25059ab02277f1f21318efd18e21038ec89aa9d40680987129e8b41ba33bceb86518bdf47268b921cce2037acabca6575d832499538d6f40cdba0d40bd7f4d8ea6ca6e2eec87f294efc971407857f5d7db09f6a7b31e301f571c6d82a5e3d08d2bb3a36e673d28b910f5bec57f0fcc4d968fd7c94d0b9226dec17f5192ad8b42bcab6f26e1bea1fdc3b958199acb00f14ebcb2a352f3afcedd4c09000128a603bbeb9696dea13040445253972d46237a25c7845e3b464e6984c2348ea1f1210a9ff0b00d2d72b50db00c009bb39f9
+Result = VERIFY_ERROR
+
+Availablein = default
+VerifyRecover = RSA-2048
+Ctrl = digest:sha1
+Input = 49525db4d44c755e560cba980b1d85ea604b0e077fcadd4ba44072a3487bbddb835016200a7d8739cce2dc3223d9c20cbdd25059ab02277f1f21318efd18e21038ec89aa9d40680987129e8b41ba33bceb86518bdf47268b921cce2037acabca6575d832499538d6f40cdba0d40bd7f4d8ea6ca6e2eec87f294efc971407857f5d7db09f6a7b31e301f571c6d82a5e3d08d2bb3a36e673d28b910f5bec57f0fcc4d968fd7c94d0b9226dec17f5192ad8b42bcab6f26e1bea1fdc3b958199acb00f14ebcb2a352f3afcedd4c09000128a603bbeb9696dea13040445253972d46237a25c7845e3b464e6984c2348ea1f1210a9ff0b00d2d72b50db00c009bb39f9
+Result = KEYOP_ERROR
+
+# MD5/SHA-1 combination
+Availablein = default
+Verify = RSA-2048
+Ctrl = digest:MD5-SHA1
+Input = "0123456789ABCDEF0123456789ABCDEF0123"
+Output = 7b80e0d4d2a6b7f4b018ce164bc0be21a0604b1b05e91c6204372458b05a0e4dbf0b36b3f80dbf04b278ad1fcf7ff6d982d5ca5d98b13b68240d846d400b8db6675b1a5fcbe2256322c5f691378bc941785326030fa835d240e334e2a4d35b17c1149b59dbb6e6d53b44326ebfc371f754449d36bad3722c1878af1699bb0a00c28e37162f99aba550b7c333228a70c906e3701c519a460a14fac29ff164ca9413efd19b431b31a9ad2988662cdbda9cdcff85f294b4be2cf072caceb1d3f52642edafea2e1d1e495061f18b5b3a130d2242cec830e44d506590e5df69bb974879a35e6bdc1ad00e3e31b362f2f5cdeabd8a0dfddfdb66a7c43993a3e189b80d
+
+Availablein = default
+VerifyRecover = RSA-2048
+Ctrl = digest:MD5-SHA1
+Input = 7b80e0d4d2a6b7f4b018ce164bc0be21a0604b1b05e91c6204372458b05a0e4dbf0b36b3f80dbf04b278ad1fcf7ff6d982d5ca5d98b13b68240d846d400b8db6675b1a5fcbe2256322c5f691378bc941785326030fa835d240e334e2a4d35b17c1149b59dbb6e6d53b44326ebfc371f754449d36bad3722c1878af1699bb0a00c28e37162f99aba550b7c333228a70c906e3701c519a460a14fac29ff164ca9413efd19b431b31a9ad2988662cdbda9cdcff85f294b4be2cf072caceb1d3f52642edafea2e1d1e495061f18b5b3a130d2242cec830e44d506590e5df69bb974879a35e6bdc1ad00e3e31b362f2f5cdeabd8a0dfddfdb66a7c43993a3e189b80d
+Output = "0123456789ABCDEF0123456789ABCDEF0123"
+
+# MD5/SHA-1 combination, digest mismatch
+Availablein = default
+Verify = RSA-2048
+Ctrl = digest:MD5-SHA1
+Input = "000000000000000000000000000000000000"
+Output = 7b80e0d4d2a6b7f4b018ce164bc0be21a0604b1b05e91c6204372458b05a0e4dbf0b36b3f80dbf04b278ad1fcf7ff6d982d5ca5d98b13b68240d846d400b8db6675b1a5fcbe2256322c5f691378bc941785326030fa835d240e334e2a4d35b17c1149b59dbb6e6d53b44326ebfc371f754449d36bad3722c1878af1699bb0a00c28e37162f99aba550b7c333228a70c906e3701c519a460a14fac29ff164ca9413efd19b431b31a9ad2988662cdbda9cdcff85f294b4be2cf072caceb1d3f52642edafea2e1d1e495061f18b5b3a130d2242cec830e44d506590e5df69bb974879a35e6bdc1ad00e3e31b362f2f5cdeabd8a0dfddfdb66a7c43993a3e189b80d
+Result = VERIFY_ERROR
+
+# MD5/SHA-1 combination, wrong signature digest length
+Availablein = default
+Verify = RSA-2048
+Ctrl = digest:MD5-SHA1
+Input = "0123456789ABCDEF0123456789ABCDEF0123"
+Output = 6c13511f97ffb8137545fce551a43cf2b5b3dbdd5c3ceaaccd4620a6a373f3c38cc523d95bbdd810c852743b981bc4393c6b0cdfb0da5e77a8cc0108b05ff95e0f4dd7a0125b7390af1408dca6ddefac3b05b768de7b0c3df3c74e5f102f62743d67813beee1777036078da4cff5b29f49f01a6df3a2e709c37a83737108517687fe754d9ee908cb36c55e88f67c0b537108707347d16049f5dfac3d400ea367222d36627937a7f822f451c3d2c2dbc9e2202bffd3dc1b22213e17270a6b657619c6f44cbf66b077d548cfc9e1a114f8b853412470f2bf8d828f04d0d9f1aef260d216acb0911329fb5bdc48c2be3b198bf6f96e1c3fb116ad4430140d0640d4
+Result = VERIFY_ERROR
+
+Availablein = default
+VerifyRecover = RSA-2048
+Ctrl = digest:MD5-SHA1
+Input = 6c13511f97ffb8137545fce551a43cf2b5b3dbdd5c3ceaaccd4620a6a373f3c38cc523d95bbdd810c852743b981bc4393c6b0cdfb0da5e77a8cc0108b05ff95e0f4dd7a0125b7390af1408dca6ddefac3b05b768de7b0c3df3c74e5f102f62743d67813beee1777036078da4cff5b29f49f01a6df3a2e709c37a83737108517687fe754d9ee908cb36c55e88f67c0b537108707347d16049f5dfac3d400ea367222d36627937a7f822f451c3d2c2dbc9e2202bffd3dc1b22213e17270a6b657619c6f44cbf66b077d548cfc9e1a114f8b853412470f2bf8d828f04d0d9f1aef260d216acb0911329fb5bdc48c2be3b198bf6f96e1c3fb116ad4430140d0640d4
+Result = KEYOP_ERROR
+
+# MD5/SHA-1 combination, wrong input digest length
+Availablein = default
+Verify = RSA-2048
+Ctrl = digest:MD5-SHA1
+Input = "0123456789ABCDEF0123456789ABCDEF012"
+Output = 7b80e0d4d2a6b7f4b018ce164bc0be21a0604b1b05e91c6204372458b05a0e4dbf0b36b3f80dbf04b278ad1fcf7ff6d982d5ca5d98b13b68240d846d400b8db6675b1a5fcbe2256322c5f691378bc941785326030fa835d240e334e2a4d35b17c1149b59dbb6e6d53b44326ebfc371f754449d36bad3722c1878af1699bb0a00c28e37162f99aba550b7c333228a70c906e3701c519a460a14fac29ff164ca9413efd19b431b31a9ad2988662cdbda9cdcff85f294b4be2cf072caceb1d3f52642edafea2e1d1e495061f18b5b3a130d2242cec830e44d506590e5df69bb974879a35e6bdc1ad00e3e31b362f2f5cdeabd8a0dfddfdb66a7c43993a3e189b80d
+Result = VERIFY_ERROR
+
+# MD5/SHA-1 combination, wrong input and signature digest length
+Availablein = default
+Verify = RSA-2048
+Ctrl = digest:MD5-SHA1
+Input = "0123456789ABCDEF0123456789ABCDEF012"
+Output = 6c13511f97ffb8137545fce551a43cf2b5b3dbdd5c3ceaaccd4620a6a373f3c38cc523d95bbdd810c852743b981bc4393c6b0cdfb0da5e77a8cc0108b05ff95e0f4dd7a0125b7390af1408dca6ddefac3b05b768de7b0c3df3c74e5f102f62743d67813beee1777036078da4cff5b29f49f01a6df3a2e709c37a83737108517687fe754d9ee908cb36c55e88f67c0b537108707347d16049f5dfac3d400ea367222d36627937a7f822f451c3d2c2dbc9e2202bffd3dc1b22213e17270a6b657619c6f44cbf66b077d548cfc9e1a114f8b853412470f2bf8d828f04d0d9f1aef260d216acb0911329fb5bdc48c2be3b198bf6f96e1c3fb116ad4430140d0640d4
+Result = VERIFY_ERROR
+
+# DigestInfo-wrapped MDC-2 signature
+Availablein = default
+Availablein = legacy
+Verify = RSA-2048
+Ctrl = digest:MDC2
+Input = "0123456789ABCDEF"
+Output = 3a46e5e80635d3b5586187b44b08fd02ca0bd36a637a8afeb46a1c1eb18d05b3196e00edf85378109015bcd3d0cfcefc2919c5b8e3ac42884b360188b1395ed34df7d2749f36b91c320d290311d78b36f390481eff42ace0275385c05176d022e4b625cf0ed85082d4b25da9e8a86011f6ac1cb8d8b812cc2bbd6c240caa8445aa74f8e971c935dbf3447df0411eb9e5cdee0851d1e0fea7041916c77efc09dc54e8dd4b7ba8f8d85ef43d4f12abde99886f4ebd5f021fc1b476cc23dc6a94fbbe77c954eee496fb6b4b5c534daa4e819143ce8de511a8bcb65759750c17edaca6fb31ac271c1ca3a27705f780ae86c67009e76fcba9067dde3556ff59c44111
+
+Availablein = default
+Availablein = legacy
+VerifyRecover = RSA-2048
+Ctrl = digest:MDC2
+Input = 3a46e5e80635d3b5586187b44b08fd02ca0bd36a637a8afeb46a1c1eb18d05b3196e00edf85378109015bcd3d0cfcefc2919c5b8e3ac42884b360188b1395ed34df7d2749f36b91c320d290311d78b36f390481eff42ace0275385c05176d022e4b625cf0ed85082d4b25da9e8a86011f6ac1cb8d8b812cc2bbd6c240caa8445aa74f8e971c935dbf3447df0411eb9e5cdee0851d1e0fea7041916c77efc09dc54e8dd4b7ba8f8d85ef43d4f12abde99886f4ebd5f021fc1b476cc23dc6a94fbbe77c954eee496fb6b4b5c534daa4e819143ce8de511a8bcb65759750c17edaca6fb31ac271c1ca3a27705f780ae86c67009e76fcba9067dde3556ff59c44111
+Output = "0123456789ABCDEF"
+
+# Legacy OCTET STRING MDC-2 signature
+Availablein = default
+Availablein = legacy
+Verify = RSA-2048
+Ctrl = digest:MDC2
+Input = "0123456789ABCDEF"
+Output = 6cde46bbfc6a3b772c3d884640709be9f2fb70fcf199c14eaff7811369ea99733f984a9c48cd372578fa37cedeef24c93286d6d64f438df051e625ab2e125a7d9974a76240873e43efc3acbcbdccc2ee63769cdbf983b334ccb982273315c222b3bbdc3e928ac8a141a7412f1f794cfcabcc069a2ae4975d7bb68bea145d789634c9e0b02d324b5efd599c9bf2b1d32d077aba59aa0ad4a82cbbb90eaa9214e4f57104cf049c4139e2ddecf6edf219cd986f4d79cf25128c58667562c9d22be0291430d6cc7dad977d56e08315fcec133ea95d8db550f89735b4d5f233eaff0c86fce2b99f3f508e920f882c31f3e13f8775a3c8fa585c4f4c69eca89f648b7e
+
+Availablein = default
+Availablein = legacy
+VerifyRecover = RSA-2048
+Ctrl = digest:MDC2
+Input = 6cde46bbfc6a3b772c3d884640709be9f2fb70fcf199c14eaff7811369ea99733f984a9c48cd372578fa37cedeef24c93286d6d64f438df051e625ab2e125a7d9974a76240873e43efc3acbcbdccc2ee63769cdbf983b334ccb982273315c222b3bbdc3e928ac8a141a7412f1f794cfcabcc069a2ae4975d7bb68bea145d789634c9e0b02d324b5efd599c9bf2b1d32d077aba59aa0ad4a82cbbb90eaa9214e4f57104cf049c4139e2ddecf6edf219cd986f4d79cf25128c58667562c9d22be0291430d6cc7dad977d56e08315fcec133ea95d8db550f89735b4d5f233eaff0c86fce2b99f3f508e920f882c31f3e13f8775a3c8fa585c4f4c69eca89f648b7e
+Output = "0123456789ABCDEF"
+
+# Legacy OCTET STRING MDC-2 signature, digest mismatch
+Availablein = default
+Availablein = legacy
+Verify = RSA-2048
+Ctrl = digest:MDC2
+Input = "0000000000000000"
+Output = 6cde46bbfc6a3b772c3d884640709be9f2fb70fcf199c14eaff7811369ea99733f984a9c48cd372578fa37cedeef24c93286d6d64f438df051e625ab2e125a7d9974a76240873e43efc3acbcbdccc2ee63769cdbf983b334ccb982273315c222b3bbdc3e928ac8a141a7412f1f794cfcabcc069a2ae4975d7bb68bea145d789634c9e0b02d324b5efd599c9bf2b1d32d077aba59aa0ad4a82cbbb90eaa9214e4f57104cf049c4139e2ddecf6edf219cd986f4d79cf25128c58667562c9d22be0291430d6cc7dad977d56e08315fcec133ea95d8db550f89735b4d5f233eaff0c86fce2b99f3f508e920f882c31f3e13f8775a3c8fa585c4f4c69eca89f648b7e
+Result = VERIFY_ERROR
+
+# Legacy OCTET STRING MDC-2 signature, wrong input digest length
+Availablein = default
+Availablein = legacy
+Verify = RSA-2048
+Ctrl = digest:MDC2
+Input = "0123456789ABCDE"
+Output = 6cde46bbfc6a3b772c3d884640709be9f2fb70fcf199c14eaff7811369ea99733f984a9c48cd372578fa37cedeef24c93286d6d64f438df051e625ab2e125a7d9974a76240873e43efc3acbcbdccc2ee63769cdbf983b334ccb982273315c222b3bbdc3e928ac8a141a7412f1f794cfcabcc069a2ae4975d7bb68bea145d789634c9e0b02d324b5efd599c9bf2b1d32d077aba59aa0ad4a82cbbb90eaa9214e4f57104cf049c4139e2ddecf6edf219cd986f4d79cf25128c58667562c9d22be0291430d6cc7dad977d56e08315fcec133ea95d8db550f89735b4d5f233eaff0c86fce2b99f3f508e920f882c31f3e13f8775a3c8fa585c4f4c69eca89f648b7e
+Result = VERIFY_ERROR
+
+# Legacy OCTET STRING MDC-2 signature, wrong signature digest length
+Availablein = default
+Availablein = legacy
+Verify = RSA-2048
+Ctrl = digest:MDC2
+Input = "0123456789ABCDEF"
+Output = 08da512483ece70be57f28a75271612800ae30ffbadc62609bc88b80d497a1fc13c300fdfcab6dc80cf55373c10adcc249ae80479b87fa3e391a2cd4a74babd1c22a4976812d544dcd6729b161bbc48fd067cf635b05f9edaddaeb6f67f2117d6b54a23c5e6f08a246abfe0356a67d7f3929306515e6d9962f8ce205120ecdcd2d4e3783cd0b4a1f0196a1b13924d0d3649233312695c3c336ae04e0b1efddabcc878b57622db60f6f747a1124c38426dacf1425c92d304c2bb1052f987c1dd73e4cc4b20d23396d4f05f52f98cf5065c3fb7dc319425f1f6f1878b87f57afbd24fbff98909494581aadd04d80a639b85ce8684ea58409d8dbbbaacf256bb5c4
+Result = VERIFY_ERROR
+
+Availablein = default
+Availablein = legacy
+VerifyRecover = RSA-2048
+Ctrl = digest:MDC2
+Input = 08da512483ece70be57f28a75271612800ae30ffbadc62609bc88b80d497a1fc13c300fdfcab6dc80cf55373c10adcc249ae80479b87fa3e391a2cd4a74babd1c22a4976812d544dcd6729b161bbc48fd067cf635b05f9edaddaeb6f67f2117d6b54a23c5e6f08a246abfe0356a67d7f3929306515e6d9962f8ce205120ecdcd2d4e3783cd0b4a1f0196a1b13924d0d3649233312695c3c336ae04e0b1efddabcc878b57622db60f6f747a1124c38426dacf1425c92d304c2bb1052f987c1dd73e4cc4b20d23396d4f05f52f98cf5065c3fb7dc319425f1f6f1878b87f57afbd24fbff98909494581aadd04d80a639b85ce8684ea58409d8dbbbaacf256bb5c4
+Result = KEYOP_ERROR
+
+# Legacy OCTET STRING MDC-2 signature, wrong input and signature digest length
+Availablein = default
+Availablein = legacy
+Verify = RSA-2048
+Ctrl = digest:MDC2
+Input = "0123456789ABCDE"
+Output = 08da512483ece70be57f28a75271612800ae30ffbadc62609bc88b80d497a1fc13c300fdfcab6dc80cf55373c10adcc249ae80479b87fa3e391a2cd4a74babd1c22a4976812d544dcd6729b161bbc48fd067cf635b05f9edaddaeb6f67f2117d6b54a23c5e6f08a246abfe0356a67d7f3929306515e6d9962f8ce205120ecdcd2d4e3783cd0b4a1f0196a1b13924d0d3649233312695c3c336ae04e0b1efddabcc878b57622db60f6f747a1124c38426dacf1425c92d304c2bb1052f987c1dd73e4cc4b20d23396d4f05f52f98cf5065c3fb7dc319425f1f6f1878b87f57afbd24fbff98909494581aadd04d80a639b85ce8684ea58409d8dbbbaacf256bb5c4
+Result = VERIFY_ERROR
+
+# Verify using public key
+
+Verify = RSA-2048-PUBLIC
+Ctrl = digest:SHA1
+Input = "0123456789ABCDEF1234"
+Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad
+
+# RSA decrypt
+
+Decrypt = RSA-2048
+Input = 550AF55A2904E7B9762352F8FB7FA235A9CB053AACB2D5FCB8CA48453CB2EE3619746C701ABF2D4CC67003471A187900B05AA812BD25ED05C675DFC8C97A24A7BF49BD6214992CAD766D05A9A2B57B74F26A737E0237B8B76C45F1F226A836D7CFBC75BA999BDBE48DBC09227AA46C88F21DCCBA7840141AD5A5D71FD122E6BD6AC3E564780DFE623FC1CA9B995A6037BF0BBD43B205A84AC5444F34202C05CE9113087176432476576DE6FFFF9A52EA57C08BE3EC2F49676CB8E12F762AC71FA3C321E00AC988910C85FF52F93825666CE0D40FFAA0592078919D4493F46D95CCF76364C6D57760DD0B64805F9AFC76A2365A5575CA301D5103F0EA76CB9A78
+Output = "Hello World"
+
+# Corrupted ciphertext
+Decrypt = RSA-2048
+Input = 550AF55A2904E7B9762352F8FB7FA235A9CB053AACB2D5FCB8CA48453CB2EE3619746C701ABF2D4CC67003471A187900B05AA812BD25ED05C675DFC8C97A24A7BF49BD6214992CAD766D05A9A2B57B74F26A737E0237B8B76C45F1F226A836D7CFBC75BA999BDBE48DBC09227AA46C88F21DCCBA7840141AD5A5D71FD122E6BD6AC3E564780DFE623FC1CA9B995A6037BF0BBD43B205A84AC5444F34202C05CE9113087176432476576DE6FFFF9A52EA57C08BE3EC2F49676CB8E12F762AC71FA3C321E00AC988910C85FF52F93825666CE0D40FFAA0592078919D4493F46D95CCF76364C6D57760DD0B64805F9AFC76A2365A5575CA301D5103F0EA76CB9A79
+Output = "Hello World"
+Result = KEYOP_ERROR
+
+# OAEP padding
+Decrypt = RSA-2048
+Ctrl = rsa_padding_mode:oaep
+Input = 458708DFBD42A1297CE7A9C86C7087AB80B1754810929B89C5107CA55368587686986FCE94D86CC1595B3FB736223A656EC0F34D18BA1CC5665593610F56C58E26B272D584F3D983A5C91085700755AEBD921FB280BBA3EDA7046EC07B43E7298E52D59EDC92BE4639A8CE08B2F85976ECF6D98CC469EEB9D5D8E2A32EA8A6626EDAFE1038B3DF455668A9F3C77CAD8B92FB872E00058C3D2A7EDE1A1F03FC5622084AE04D9D24F6BF0995C58D35B93B699B9763595E123F2AB0863CC9229EB290E2EDE7715C7A8F39E0B9A3E2E1B56EBB62F1CBFBB5986FB212EBD785B83D01D968B11D1756C7337F70C1F1A63BFF03608E24F3A2FD44E67F832A8701C5D5AF
+Output = "Hello World"
+
+# OAEP padding, corrupted ciphertext
+Decrypt = RSA-2048
+Ctrl = rsa_padding_mode:oaep
+Input = 458708DFBD42A1297CE7A9C86C7087AB80B1754810929B89C5107CA55368587686986FCE94D86CC1595B3FB736223A656EC0F34D18BA1CC5665593610F56C58E26B272D584F3D983A5C91085700755AEBD921FB280BBA3EDA7046EC07B43E7298E52D59EDC92BE4639A8CE08B2F85976ECF6D98CC469EEB9D5D8E2A32EA8A6626EDAFE1038B3DF455668A9F3C77CAD8B92FB872E00058C3D2A7EDE1A1F03FC5622084AE04D9D24F6BF0995C58D35B93B699B9763595E123F2AB0863CC9229EB290E2EDE7715C7A8F39E0B9A3E2E1B56EBB62F1CBFBB5986FB212EBD785B83D01D968B11D1756C7337F70C1F1A63BFF03608E24F3A2FD44E67F832A8701C5D5AC
+Output = "Hello World"
+Result = KEYOP_ERROR
+
+# Illegal RSA key derivation
+Derive = RSA-2048
+Result = KEYOP_INIT_ERROR
+Reason = operation not supported for this keytype
+
+Sign = RSA-2048
+Ctrl = rsa_mgf1_md:sha1
+Result = PKEY_CTRL_ERROR
+Reason = invalid mgf1 md
+
+# RSA PSS key tests
+
+# PSS only key, no parameter restrictions
+PrivateKey = RSA-PSS
+-----BEGIN PRIVATE KEY-----
+MIIEugIBADALBgkqhkiG9w0BAQoEggSmMIIEogIBAAKCAQEAzQCB6nsq4eoG1Z98
+c9n/uUoJYVwuS6fGNs7wjdNTPsMYVSWwFcdpuZp31nJb+cNTKptuX2Yn1fuFFgdo
+092py9NZdFEXF9w9MJ0vxH7kH5fjKtt/ndhkocR2emZuzXG8Gqz151F/SzhZT+qb
+BeQtWtqZEgCAE+RTFqTZu47QhriNKHWLrK+SLUaoaLSF0jnJuusOK2RZJxD0Ky0e
+oKS0gCwL7Ksyj4posAc721Rv7qmAnShJkSs5DBUyvH4px2WPgXX65G80My/4e8qz
+5AZJuYV3hp2g6nGDU/ByJ1SIaRNkh2DRIr5nbg/Eg90g/8Mb2pajGWbJqi51rQPe
+R+HETwIDAQABAoIBAGApeseZGxZ6BtayR1i4y+IIvrmy2eyXOL2A+QouNQBd184p
+LZ4puohb0xb+8fIJE7wKyQ1rCAiyQU2CEERB2GJKM84CM8j3gKSLN1r/AtdnEiKK
+cCSE2z+evszPu+4XCduhgoANlJ6eQhbgv/NVg4j4vZDaNzodgnQ+w/vdFCf9FoJa
+ZXoxaRLoaVNlEXyi+EXJCUBfysVfiV/BXSA4bCbueMnpkHUCmheKbB5M8MIA6KnP
+sn6dFW+G5sKtwisahKHNXKWyeQh115QHyEs1I5XLgcw/7VuwQ7ae3gwHIEVQAlzu
+jF9EAXC2Egu0jg90e82PUiEQhQ3wQ8Qo39GHBTECgYEA9vlhtHy8A1067evH3oUK
+lWtl7Nuc9gdkBj8VqkhVPFjZcv5mdQVuNd39w3vzufL2Iu4nEzclaEnJvvIXb+j3
+w/i7kbo3TdU7rz3sgU0r3sEMH9yIzdFodvJrHt+j8JQZft9NQv8fspcRA7iYyoWc
+QnKHCGqEKrQQu2nPLTWva+MCgYEA1H5ySn/0EEiycMJSSkEBh4tzFZu3PT28GHsi
+DmNbNTT5biQ6GE2T+GC2v7trccHtmh4fRYWDAjwwHpamksGgi1PQ7JypEBANgEUe
+O33GoBusSuzvjfeYhGvCNaCMu6LPTAaATMESGelWCMcU4/FDDUkfrbujKldRoE+X
+dFg0yaUCgYAh8kUrubld/QKMkUv3mfHKd+ialdUNPBbThPhFX4vXr56z36PVkdmE
+Le8jX3YwqOSMCI/2ZC4QF5RTWpM+HpdvqFCfxyiy2gxKGgjX/PN6uq4f8wAayh3B
+u7Bdnf+6oaCff7Hu84I32evMxyK5M4Q23ecRkRJ5jCaAnBqN7EMgYQKBgB91EKpi
+wtjeSjxTKCeB9B4C0Oi0Aq54Qy5EnEgRAWGhFAPwLQGICo3Mk4FS15chpHEaYHrE
+Rx6/lkgQ+VvkekXmBJnin0yXc8g3c0BPYGY3cowtA1G7A8MmyLtzpyHn+lRA6iFy
+u6FGX8ww3LDZ+Jkw6BWqH3+XKahX4A4DON1ZAoGATR8NdW/nfgEJmmUvUKiLe2hd
+xb8AmB1dI3b9DG/inNW2OHNEeTBac608FZnTnq47rgNfvW/tB8KN5wWTOHmgbkjm
+pgNobtjiVgpfavHywk+vSqlg44IYbxXu3OmiSRrnMGgN1M93i3D6qGgmqzIjR3zJ
+E3exmm1aLq6iGXYL7tU=
+-----END PRIVATE KEY-----
+
+# PSS public key default parameters
+PublicKey = RSA-PSS-DEFAULT
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQowAAOCAQ8AMIIBCgKCAQEAzQCB6nsq4eoG1Z98c9n/
+uUoJYVwuS6fGNs7wjdNTPsMYVSWwFcdpuZp31nJb+cNTKptuX2Yn1fuFFgdo092p
+y9NZdFEXF9w9MJ0vxH7kH5fjKtt/ndhkocR2emZuzXG8Gqz151F/SzhZT+qbBeQt
+WtqZEgCAE+RTFqTZu47QhriNKHWLrK+SLUaoaLSF0jnJuusOK2RZJxD0Ky0eoKS0
+gCwL7Ksyj4posAc721Rv7qmAnShJkSs5DBUyvH4px2WPgXX65G80My/4e8qz5AZJ
+uYV3hp2g6nGDU/ByJ1SIaRNkh2DRIr5nbg/Eg90g/8Mb2pajGWbJqi51rQPeR+HE
+TwIDAQAB
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = RSA-PSS:RSA-PSS-DEFAULT
+
+# Key with invalid negative minimum salt length
+PublicKey = RSA-PSS-BAD
+-----BEGIN PUBLIC KEY-----
+MIIBJzASBgkqhkiG9w0BAQowBaIDAgH/A4IBDwAwggEKAoIBAQDNAIHqeyrh6gbV
+n3xz2f+5SglhXC5Lp8Y2zvCN01M+wxhVJbAVx2m5mnfWclv5w1Mqm25fZifV+4UW
+B2jT3anL01l0URcX3D0wnS/EfuQfl+Mq23+d2GShxHZ6Zm7NcbwarPXnUX9LOFlP
+6psF5C1a2pkSAIAT5FMWpNm7jtCGuI0odYusr5ItRqhotIXSOcm66w4rZFknEPQr
+LR6gpLSALAvsqzKPimiwBzvbVG/uqYCdKEmRKzkMFTK8finHZY+BdfrkbzQzL/h7
+yrPkBkm5hXeGnaDqcYNT8HInVIhpE2SHYNEivmduD8SD3SD/wxvalqMZZsmqLnWt
+A95H4cRPAgMBAAE=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = RSA-PSS:RSA-PSS-BAD
+
+
+# Key with minimum salt length exceeding maximum permitted value
+PublicKey = RSA-PSS-BAD2
+-----BEGIN PUBLIC KEY-----
+MIIBKDATBgkqhkiG9w0BAQowBqIEAgIBAAOCAQ8AMIIBCgKCAQEAzQCB6nsq4eoG
+1Z98c9n/uUoJYVwuS6fGNs7wjdNTPsMYVSWwFcdpuZp31nJb+cNTKptuX2Yn1fuF
+Fgdo092py9NZdFEXF9w9MJ0vxH7kH5fjKtt/ndhkocR2emZuzXG8Gqz151F/SzhZ
+T+qbBeQtWtqZEgCAE+RTFqTZu47QhriNKHWLrK+SLUaoaLSF0jnJuusOK2RZJxD0
+Ky0eoKS0gCwL7Ksyj4posAc721Rv7qmAnShJkSs5DBUyvH4px2WPgXX65G80My/4
+e8qz5AZJuYV3hp2g6nGDU/ByJ1SIaRNkh2DRIr5nbg/Eg90g/8Mb2pajGWbJqi51
+rQPeR+HETwIDAQAB
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = RSA-PSS:RSA-PSS-BAD2
+
+# Zero salt length makes output deterministic
+Sign = RSA-2048
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_pss_saltlen:0
+Ctrl = digest:sha256
+Input="0123456789ABCDEF0123456789ABCDEF"
+Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A
+
+# Verify of above signature
+Verify = RSA-2048-PUBLIC
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_pss_saltlen:0
+Ctrl = digest:sha256
+Input="0123456789ABCDEF0123456789ABCDEF"
+Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A
+
+# Verify using salt length auto detect
+Verify = RSA-2048-PUBLIC
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_pss_saltlen:auto
+Input="0123456789ABCDEF0123"
+Output = 6BF7EDC63A0BA184EEEC7F3020FEC8F5EBF38C2B76481881F48BCCE5796E7AB294548BA9AE810457C7723CABD1BDE94CF59CF7C0FC7461B22760C8ED703DD98E97BFDD61FA8D1181C411F6DEE5FF159F4850746D78EDEE385A363DC28E2CB373D5CAD7953F3BD5E639BE345732C03A1BDEA268814DA036EB1891C82D4012F3B903D86636055F87B96FC98806AD1B217685A4D754046A5DE0B0D7870664BE07902153EC85BA457BE7D7F89D7FE0F626D02A9CBBB2BB479DDA1A5CAE75247FB7BF6BFB15C1D3FD9E6B1573CCDBC72011C3B97716058BB11C7EA2E4E56ADAFE1F5DE6A7FD405AC5890100F9C3408EFFB5C73BF73F48177FF743B4B819D0699D507B
+
+# Digest too short
+Verify = RSA-2048-PUBLIC
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_pss_saltlen:0
+Ctrl = digest:sha256
+Input="0123456789ABCDEF0123456789ABCDE"
+Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A
+Result = VERIFY_ERROR
+
+# Digest too long
+Verify = RSA-2048-PUBLIC
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_pss_saltlen:0
+Ctrl = digest:sha256
+Input="0123456789ABCDEF0123456789ABCDEF0"
+Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A
+Result = VERIFY_ERROR
+
+# Wrong salt length
+Verify = RSA-2048
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_pss_saltlen:2
+Ctrl = digest:sha256
+Input="0123456789ABCDEF0123456789ABCDEF"
+Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A
+Result = VERIFY_ERROR
+
+# Wrong MGF1 digest
+Verify = RSA-2048
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_pss_saltlen:0
+Ctrl = digest:sha256
+Ctrl = rsa_mgf1_md:sha1
+Input="0123456789ABCDEF0123456789ABCDEF"
+Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A
+Result = VERIFY_ERROR
+
+# Verify using default parameters
+Availablein = default
+Verify = RSA-PSS-DEFAULT
+Input="0123456789ABCDEF0123"
+Output = 3EFE09D88509027D837BFA5F8471CF7B69E6DF395DD999BB9CA42021F15722D9AC76670507C6BCFB73F64FB2211B611B8F140E76EBDB064BD762FDBA89D019E304A0D6B274E1C2FE1DF50005598A0306AF805416094E2A5BA60BC72BDE38CE061E853ED40F14967A8B9CA4DC739B462F89558F12FDF2D8D19FBEF16AD66FE2DDDA8BEE983ECBD873064244849D8D94B5B33F45E076871A47ED653E73257A2BE2DB3C0878094B0D2B6B682C8007DFD989425FB39A1FEEC9EED5876414601A49176EC344F5E3EDEE81CA2DDD29B7364F4638112CB3A547E2BC170E28CB66BDABE863754BE8AD5BA230567B575266F4B6B4CF81F28310ABF05351CC9E2DB85D00BF
+
+# Verify using default parameters, explicitly setting parameters
+Verify = RSA-PSS-DEFAULT
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_pss_saltlen:20
+Ctrl = digest:sha1
+Input="0123456789ABCDEF0123"
+Output = 3EFE09D88509027D837BFA5F8471CF7B69E6DF395DD999BB9CA42021F15722D9AC76670507C6BCFB73F64FB2211B611B8F140E76EBDB064BD762FDBA89D019E304A0D6B274E1C2FE1DF50005598A0306AF805416094E2A5BA60BC72BDE38CE061E853ED40F14967A8B9CA4DC739B462F89558F12FDF2D8D19FBEF16AD66FE2DDDA8BEE983ECBD873064244849D8D94B5B33F45E076871A47ED653E73257A2BE2DB3C0878094B0D2B6B682C8007DFD989425FB39A1FEEC9EED5876414601A49176EC344F5E3EDEE81CA2DDD29B7364F4638112CB3A547E2BC170E28CB66BDABE863754BE8AD5BA230567B575266F4B6B4CF81F28310ABF05351CC9E2DB85D00BF
+
+# Verify explicitly setting parameters "digest" salt length
+Verify = RSA-PSS-DEFAULT
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_pss_saltlen:digest
+Ctrl = digest:sha1
+Input="0123456789ABCDEF0123"
+Output = 3EFE09D88509027D837BFA5F8471CF7B69E6DF395DD999BB9CA42021F15722D9AC76670507C6BCFB73F64FB2211B611B8F140E76EBDB064BD762FDBA89D019E304A0D6B274E1C2FE1DF50005598A0306AF805416094E2A5BA60BC72BDE38CE061E853ED40F14967A8B9CA4DC739B462F89558F12FDF2D8D19FBEF16AD66FE2DDDA8BEE983ECBD873064244849D8D94B5B33F45E076871A47ED653E73257A2BE2DB3C0878094B0D2B6B682C8007DFD989425FB39A1FEEC9EED5876414601A49176EC344F5E3EDEE81CA2DDD29B7364F4638112CB3A547E2BC170E28CB66BDABE863754BE8AD5BA230567B575266F4B6B4CF81F28310ABF05351CC9E2DB85D00BF
+
+# Verify using salt length larger than minimum
+Verify = RSA-PSS-DEFAULT
+Ctrl = rsa_pss_saltlen:30
+Input="0123456789ABCDEF0123"
+Output = 6BF7EDC63A0BA184EEEC7F3020FEC8F5EBF38C2B76481881F48BCCE5796E7AB294548BA9AE810457C7723CABD1BDE94CF59CF7C0FC7461B22760C8ED703DD98E97BFDD61FA8D1181C411F6DEE5FF159F4850746D78EDEE385A363DC28E2CB373D5CAD7953F3BD5E639BE345732C03A1BDEA268814DA036EB1891C82D4012F3B903D86636055F87B96FC98806AD1B217685A4D754046A5DE0B0D7870664BE07902153EC85BA457BE7D7F89D7FE0F626D02A9CBBB2BB479DDA1A5CAE75247FB7BF6BFB15C1D3FD9E6B1573CCDBC72011C3B97716058BB11C7EA2E4E56ADAFE1F5DE6A7FD405AC5890100F9C3408EFFB5C73BF73F48177FF743B4B819D0699D507B
+
+# Verify using maximum salt length
+Verify = RSA-PSS-DEFAULT
+Ctrl = rsa_pss_saltlen:max
+Input="0123456789ABCDEF0123"
+Output = 4470DCFE812DEE2E58E4301D4ED274AB348FE040B724B2CD1D8CD0914BFF375F0B86FCB32BFA8AEA9BD22BD7C4F1ADD4F3D215A5CFCC99055BAFECFC23800E9BECE19A08C66BEBC5802122D13A732E5958FC228DCC0B49B5B4B1154F032D8FA2F3564AA949C1310CC9266B0C47F86D449AC9D2E7678347E7266E2D7C888CCE1ADF44A109A293F8516AE2BD94CE220F26E137DB8E7A66BB9FCE052CDC1D0BE24D8CEBB20D10125F26B069F117044B9E1D16FDDAABCA5340AE1702F37D0E1C08A2E93801C0A41035C6C73DA02A0E32227EAFB0B85E79107B59650D0EE7DC32A6772CCCE90F06369B2880FE87ED76997BA61F5EA818091EE88F8B0D6F24D02A3FC6
+
+# Attempt to change salt length below minimum
+Verify = RSA-PSS-DEFAULT
+Ctrl = rsa_pss_saltlen:0
+Result = PKEY_CTRL_ERROR
+
+# Attempt to change padding mode
+# Note this used to return PKEY_CTRL_INVALID
+# but it is limited because setparams only returns 0 or 1.
+Verify = RSA-PSS-DEFAULT
+Ctrl = rsa_padding_mode:pkcs1
+Result = PKEY_CTRL_ERROR
+
+# Attempt to change digest
+Verify = RSA-PSS-DEFAULT
+Ctrl = digest:sha256
+Result = PKEY_CTRL_ERROR
+
+# Illegal decrypt
+Availablein = default
+Decrypt = RSA-PSS
+Result = KEYOP_INIT_ERROR
+Reason = operation not supported for this keytype
+
+# Invalid key: rejected when we try to init
+Verify = RSA-PSS-BAD
+Result = KEYOP_INIT_ERROR
+Reason = invalid salt length
+
+# Invalid key: rejected when we try to init
+Verify = RSA-PSS-BAD2
+Result = KEYOP_INIT_ERROR
+Reason = invalid salt length
+
+
+# Additional RSA-PSS and RSA-OAEP tests converted from
+# ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1-vec.zip
+Title = RSA PSS/OAEP (from RSASecurity FTP)
+
+PublicKey=RSA-PSS-1
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLs
+DjatUqRN/rHmH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2V
+CAltWyuLbfXWce9jd8CSHLI8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh
+4fINDOjP+yJJvZohNwIDAQAB
+-----END PUBLIC KEY-----
+
+Verify=RSA-PSS-1
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=cd8b6538cb8e8de566b68bd067569dbf1ee2718e
+Output=9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c
+
+Verify=RSA-PSS-1
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=e35befc17a1d160b9ce35fbd8eb16e7ee491d3fd
+Output=3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843
+
+Verify=RSA-PSS-1
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=0652ec67bcee30f9d2699122b91c19abdba89f91
+Output=666026fba71bd3e7cf13157cc2c51a8e4aa684af9778f91849f34335d141c00154c4197621f9624a675b5abc22ee7d5baaffaae1c9baca2cc373b3f33e78e6143c395a91aa7faca664eb733afd14d8827259d99a7550faca501ef2b04e33c23aa51f4b9e8282efdb728cc0ab09405a91607c6369961bc8270d2d4f39fce612b1
+
+Verify=RSA-PSS-1
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=39c21c4cceda9c1adf839c744e1212a6437575ec
+Output=4609793b23e9d09362dc21bb47da0b4f3a7622649a47d464019b9aeafe53359c178c91cd58ba6bcb78be0346a7bc637f4b873d4bab38ee661f199634c547a1ad8442e03da015b136e543f7ab07c0c13e4225b8de8cce25d4f6eb8400f81f7e1833b7ee6e334d370964ca79fdb872b4d75223b5eeb08101591fb532d155a6de87
+
+Verify=RSA-PSS-1
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=36dae913b77bd17cae6e7b09453d24544cebb33c
+Output=1d2aad221ca4d31ddf13509239019398e3d14b32dc34dc5af4aeaea3c095af73479cf0a45e5629635a53a018377615b16cb9b13b3e09d671eb71e387b8545c5960da5a64776e768e82b2c93583bf104c3fdb23512b7b4e89f633dd0063a530db4524b01c3f384c09310e315a79dcd3d684022a7f31c865a664e316978b759fad
+
+Verify=RSA-PSS-1
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=45eef191f4f79c31fe5d2ede7e5098994e929d2d
+Output=2a34f6125e1f6b0bf971e84fbd41c632be8f2c2ace7de8b6926e31ff93e9af987fbc06e51e9be14f5198f91f3f953bd67da60a9df59764c3dc0fe08e1cbef0b75f868d10ad3fba749fef59fb6dac46a0d6e504369331586f58e4628f39aa278982543bc0eeb537dc61958019b394fb273f215858a0a01ac4d650b955c67f4c58
+
+PublicKey=RSA-PSS-2
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQHUDBvPl6aK5829invz40+hncyk
+73WkdFQ3X5RRTYj+0Ab7gp+EGf+H1jFdpoof86CTjpq7NGQBHDA62ZGZzwx8eotH
+fc6CnohE9iWxFeXpxKWc+PgRO2g0M2ov0mibRyy7Xlyr5nQ1DFm2wX4XaHT7Qvj8
+PRdqAX7cYf0ybEszyQIDAQAB
+-----END PUBLIC KEY-----
+
+Verify=RSA-PSS-2
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=5c81a3e2a658246628cd0ee8b00bb4c012bc9739
+Output=014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3
+
+Verify=RSA-PSS-2
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=27f71611446aa6eabf037f7dedeede3203244991
+Output=010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea
+
+Verify=RSA-PSS-2
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=03ecc2c33e93f05fc7224fcc0d461356cb897217
+Output=007f0030018f53cdc71f23d03659fde54d4241f758a750b42f185f87578520c30742afd84359b6e6e8d3ed959dc6fe486bedc8e2cf001f63a7abe16256a1b84df0d249fc05d3194ce5f0912742dbbf80dd174f6c51f6bad7f16cf3364eba095a06267dc3793803ac7526aebe0a475d38b8c2247ab51c4898df7047dc6adf52c6c4
+
+Verify=RSA-PSS-2
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=246c727b4b9494849dddb068d582e179ac20999c
+Output=009cd2f4edbe23e12346ae8c76dd9ad3230a62076141f16c152ba18513a48ef6f010e0e37fd3df10a1ec629a0cb5a3b5d2893007298c30936a95903b6ba85555d9ec3673a06108fd62a2fda56d1ce2e85c4db6b24a81ca3b496c36d4fd06eb7c9166d8e94877c42bea622b3bfe9251fdc21d8d5371badad78a488214796335b40b
+
+Verify=RSA-PSS-2
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=e8617ca3ea66ce6a58ede2d11af8c3ba8a6ba912
+Output=00ec430824931ebd3baa43034dae98ba646b8c36013d1671c3cf1cf8260c374b19f8e1cc8d965012405e7e9bf7378612dfcc85fce12cda11f950bd0ba8876740436c1d2595a64a1b32efcfb74a21c873b3cc33aaf4e3dc3953de67f0674c0453b4fd9f604406d441b816098cb106fe3472bc251f815f59db2e4378a3addc181ecf
+
+Verify=RSA-PSS-2
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=7a6fdc1a4e434ecbc35d657ad49a2f4fafd43bc8
+Output=00475b1648f814a8dc0abdc37b5527f543b666bb6e39d30e5b49d3b876dccc58eac14e32a2d55c2616014456ad2f246fc8e3d560da3ddf379a1c0bd200f10221df078c219a151bc8d4ec9d2fc2564467811014ef15d8ea01c2ebbff8c2c8efab38096e55fcbe3285c7aa558851254faffa92c1c72b78758663ef4582843139d7a6
+
+PublicKey=RSA-PSS-3
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQLyRu9FHtPuu5oxAgDMJYWcBI5L
+55gwKZERLraM5ttnTigNoh/t7RrnSIDKUisY2ySThQEoJ8UV8ORmof+mkdmBcFdO
+nQ6tsIdYbKSJM9o8yVPZW9DtUN4Q3ctnNhB9bIMcf2Y+gzykwJfnAM4PuUX4j7hf
+6OWncxclZbkUpHGkQwIDAQAB
+-----END PUBLIC KEY-----
+
+Verify=RSA-PSS-3
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=3552be69dd74bdc56d2cf8c38ef7bafe269040fe
+Output=0088b135fb1794b6b96c4a3e678197f8cac52b64b2fe907d6f27de761124964a99a01a882740ecfaed6c01a47464bb05182313c01338a8cd097214cd68ca103bd57d3bc9e816213e61d784f182467abf8a01cf253e99a156eaa8e3e1f90e3c6e4e3aa2d83ed0345b89fafc9c26077c14b6ac51454fa26e446e3a2f153b2b16797f
+
+Verify=RSA-PSS-3
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=609143ff7240e55c062aba8b9e4426a781919bc9
+Output=02a5f0a858a0864a4f65017a7d69454f3f973a2999839b7bbc48bf78641169179556f595fa41f6ff18e286c2783079bc0910ee9cc34f49ba681124f923dfa88f426141a368a5f5a930c628c2c3c200e18a7644721a0cbec6dd3f6279bde3e8f2be5e2d4ee56f97e7ceaf33054be7042bd91a63bb09f897bd41e81197dee99b11af
+
+Verify=RSA-PSS-3
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=0afd22f879a9cda7c584f4135f8f1c961db114c0
+Output=0244bcd1c8c16955736c803be401272e18cb990811b14f72db964124d5fa760649cbb57afb8755dbb62bf51f466cf23a0a1607576e983d778fceffa92df7548aea8ea4ecad2c29dd9f95bc07fe91ecf8bee255bfe8762fd7690aa9bfa4fa0849ef728c2c42c4532364522df2ab7f9f8a03b63f7a499175828668f5ef5a29e3802c
+
+Verify=RSA-PSS-3
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=405dd56d395ef0f01b555c48f748cc32b210650b
+Output=0196f12a005b98129c8df13c4cb16f8aa887d3c40d96df3a88e7532ef39cd992f273abc370bc1be6f097cfebbf0118fd9ef4b927155f3df22b904d90702d1f7ba7a52bed8b8942f412cd7bd676c9d18e170391dcd345c06a730964b3f30bcce0bb20ba106f9ab0eeb39cf8a6607f75c0347f0af79f16afa081d2c92d1ee6f836b8
+
+Verify=RSA-PSS-3
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=a2c313b0440c8a0c47233b87f0a160c61af3eae7
+Output=021eca3ab4892264ec22411a752d92221076d4e01c0e6f0dde9afd26ba5acf6d739ef987545d16683e5674c9e70f1de649d7e61d48d0caeb4fb4d8b24fba84a6e3108fee7d0705973266ac524b4ad280f7ae17dc59d96d3351586b5a3bdb895d1e1f7820ac6135d8753480998382ba32b7349559608c38745290a85ef4e9f9bd83
+
+Verify=RSA-PSS-3
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=f1bf6ca7b4bbdbb6bf20a4bf55728725d177154a
+Output=012fafec862f56e9e92f60ab0c77824f4299a0ca734ed26e0644d5d222c7f0bde03964f8e70a5cb65ed44e44d56ae0edf1ff86ca032cc5dd4404dbb76ab854586c44eed8336d08d457ce6c03693b45c0f1efef93624b95b8ec169c616d20e5538ebc0b6737a6f82b4bc0570924fc6b35759a3348426279f8b3d7744e2d222426ce
+
+PublicKey=RSA-PSS-4
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQVK23iGRH7+b1fgNo8Gz1KwozcH
+YNFhzvEmuRvn+JxCG2Km7B2jwxHXXtUOCrX/8/0zisw6qKTnfuJjaay4G6kA+oP1
+MAz5u2xTrR3IoXi4FdtCNamp2gwG3k5hXqEnfOVZ6cEI3ljBSoGqd/Wm+NEzVJRJ
+iEjIuVlAdAvnv3w3BQIDAQAB
+-----END PUBLIC KEY-----
+
+Verify=RSA-PSS-4
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=f8b0abf70fec0bca74f0accbc24f75e6e90d3bfd
+Output=0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948
+
+Verify=RSA-PSS-4
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=04a10944bfe11ab801e77889f3fd3d7f4ff0b629
+Output=049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598
+
+Verify=RSA-PSS-4
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=ba01243db223eb97fb86d746c3148adaaa0ca344
+Output=03fbc410a2ced59500fb99f9e2af2781ada74e13145624602782e2994813eefca0519ecd253b855fb626a90d771eae028b0c47a199cbd9f8e3269734af4163599090713a3fa910fa0960652721432b971036a7181a2bc0cab43b0b598bc6217461d7db305ff7e954c5b5bb231c39e791af6bcfa76b147b081321f72641482a2aad
+
+Verify=RSA-PSS-4
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=934bb0d38d6836daec9de82a9648d4593da67cd2
+Output=0486644bc66bf75d28335a6179b10851f43f09bded9fac1af33252bb9953ba4298cd6466b27539a70adaa3f89b3db3c74ab635d122f4ee7ce557a61e59b82ffb786630e5f9db53c77d9a0c12fab5958d4c2ce7daa807cd89ba2cc7fcd02ff470ca67b229fcce814c852c73cc93bea35be68459ce478e9d4655d121c8472f371d4f
+
+Verify=RSA-PSS-4
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=ec35d81abd1cceac425a935758b683465c8bd879
+Output=022a80045353904cb30cbb542d7d4990421a6eec16a8029a8422adfd22d6aff8c4cc0294af110a0c067ec86a7d364134459bb1ae8ff836d5a8a2579840996b320b19f13a13fad378d931a65625dae2739f0c53670b35d9d3cbac08e733e4ec2b83af4b9196d63e7c4ff1ddeae2a122791a125bfea8deb0de8ccf1f4ffaf6e6fb0a
+
+Availablein = default
+Verify=RSA-PSS-4
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=72ce251d17b04dd3970d6ff1fbe3624899e9e941
+Output=00938dcb6d583046065f69c78da7a1f1757066a7fa75125a9d2929f0b79a60b627b082f11f5b196f28eb9daa6f21c05e5140f6aef1737d2023075c05ecf04a028c686a2ab3e7d5a0664f295ce12995e890908b6ad21f0839eb65b70393a7b5afd9871de0caa0cedec5b819626756209d13ab1e7bb9546a26ff37e9a51af9fd562e
+
+PublicKey=RSA-PSS-5
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQ0Q9mHymUD17TmqJglm3rR4Q2ed
+K2+yWz3jcPOsfBmRY5H9JftSfr+mpLTfRaF1nZlsS7Tr0YgoxE/FLQGRhxdAUl9H
+pLDMjaMl7YqmdrDQ9ibgp38HaSFwrKyAgvQvqn3HzRI+cw4xqHmFIEyry+ZnDUOi
+3Sst3vXgU5L8ITvFBwIDAQAB
+-----END PUBLIC KEY-----
+
+Verify=RSA-PSS-5
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=d98b7061943510bc3dd9162f7169aabdbdcd0222
+Output=0ba373f76e0921b70a8fbfe622f0bf77b28a3db98e361051c3d7cb92ad0452915a4de9c01722f6823eeb6adf7e0ca8290f5de3e549890ac2a3c5950ab217ba58590894952de96f8df111b2575215da6c161590c745be612476ee578ed384ab33e3ece97481a252f5c79a98b5532ae00cdd62f2ecc0cd1baefe80d80b962193ec1d
+
+Verify=RSA-PSS-5
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=7ae8e699f754988f4fd645e463302e49a2552072
+Output=08180de825e4b8b014a32da8ba761555921204f2f90d5f24b712908ff84f3e220ad17997c0dd6e706630ba3e84add4d5e7ab004e58074b549709565d43ad9e97b5a7a1a29e85b9f90f4aafcdf58321de8c5974ef9abf2d526f33c0f2f82e95d158ea6b81f1736db8d1af3d6ac6a83b32d18bae0ff1b2fe27de4c76ed8c7980a34e
+
+Verify=RSA-PSS-5
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=8d46c7c05534c1ba2cc7624500d48a4531604bff
+Output=05e0fdbdf6f756ef733185ccfa8ced2eb6d029d9d56e35561b5db8e70257ee6fd019d2f0bbf669fe9b9821e78df6d41e31608d58280f318ee34f559941c8df13287574bac000b7e58dc4f414ba49fb127f9d0f8936638c76e85356c994f79750f7fa3cf4fd482df75e3fb9978cd061f7abb17572e6e63e0bde12cbdcf18c68b979
+
+Verify=RSA-PSS-5
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=ee3de96783fd0a157c8b20bf5566124124dcfe65
+Output=0bc989853bc2ea86873271ce183a923ab65e8a53100e6df5d87a24c4194eb797813ee2a187c097dd872d591da60c568605dd7e742d5af4e33b11678ccb63903204a3d080b0902c89aba8868f009c0f1c0cb85810bbdd29121abb8471ff2d39e49fd92d56c655c8e037ad18fafbdc92c95863f7f61ea9efa28fea401369d19daea1
+
+Verify=RSA-PSS-5
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=1204df0b03c2724e2709c23fc71789a21b00ae4c
+Output=0aefa943b698b9609edf898ad22744ac28dc239497cea369cbbd84f65c95c0ad776b594740164b59a739c6ff7c2f07c7c077a86d95238fe51e1fcf33574a4ae0684b42a3f6bf677d91820ca89874467b2c23add77969c80717430d0efc1d3695892ce855cb7f7011630f4df26def8ddf36fc23905f57fa6243a485c770d5681fcd
+
+Verify=RSA-PSS-5
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=29926bc3280c841f601acd0d6f17ea38023eddbc
+Output=02802dccfa8dfaf5279bf0b4a29ba1b157611faeaaf419b8919d15941900c1339e7e92e6fae562c53e6cc8e84104b110bce03ad18525e3c49a0eadad5d3f28f244a8ed89edbafbb686277cfa8ae909714d6b28f4bf8e293aa04c41efe7c0a81266d5c061e2575be032aa464674ff71626219bd74cc45f0e7ed4e3ff96eee758e8f
+
+PublicKey=RSA-PSS-6
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgRZMoxz/YJ86DnEBsDny5P5t03UZ
+q5hZjReeF0mWWYBx9H06BFWRWNe+NzzxqlPwqm7wkDnlZ4wqTGOQBRTIxPiq7V3h
+Kl8QsJwxGvjA/7W3opfy78Y7jWsFEJMfC5jki/X8bsTnuNsf+usIw44CrbjwOkgi
+nJnpaUMfYcuMTcaY0QIDAQAB
+-----END PUBLIC KEY-----
+
+Verify=RSA-PSS-6
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=ab464e8cb65ae5fdea47a53fa84b234d6bfd52f6
+Output=04c0cfacec04e5badbece159a5a1103f69b3f32ba593cb4cc4b1b7ab455916a96a27cd2678ea0f46ba37f7fc9c86325f29733b389f1d97f43e7201c0f348fc45fe42892335362eee018b5b161f2f9393031225c713012a576bc88e23052489868d9010cbf033ecc568e8bc152bdc59d560e41291915d28565208e22aeec9ef85d1
+
+Verify=RSA-PSS-6
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=92d0bcae82b641f578f040f5151be8eda6d42299
+Output=0a2314250cf52b6e4e908de5b35646bcaa24361da8160fb0f9257590ab3ace42b0dc3e77ad2db7c203a20bd952fbb56b1567046ecfaa933d7b1000c3de9ff05b7d989ba46fd43bc4c2d0a3986b7ffa13471d37eb5b47d64707bd290cfd6a9f393ad08ec1e3bd71bb5792615035cdaf2d8929aed3be098379377e777ce79aaa4773
+
+Verify=RSA-PSS-6
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=3569bd8fd2e28f2443375efa94f186f6911ffc2b
+Output=086df6b500098c120f24ff8423f727d9c61a5c9007d3b6a31ce7cf8f3cbec1a26bb20e2bd4a046793299e03e37a21b40194fb045f90b18bf20a47992ccd799cf9c059c299c0526854954aade8a6ad9d97ec91a1145383f42468b231f4d72f23706d9853c3fa43ce8ace8bfe7484987a1ec6a16c8daf81f7c8bf42774707a9df456
+
+Verify=RSA-PSS-6
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=7abbb7b42de335730a0b641f1e314b6950b84f98
+Output=0b5b11ad549863ffa9c51a14a1106c2a72cc8b646e5c7262509786105a984776534ca9b54c1cc64bf2d5a44fd7e8a69db699d5ea52087a4748fd2abc1afed1e5d6f7c89025530bdaa2213d7e030fa55df6f34bcf1ce46d2edf4e3ae4f3b01891a068c9e3a44bbc43133edad6ecb9f35400c4252a5762d65744b99cb9f4c559329f
+
+Verify=RSA-PSS-6
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=55b7eb27be7a787a59eb7e5fac468db8917a7725
+Output=02d71fa9b53e4654fefb7f08385cf6b0ae3a817942ebf66c35ac67f0b069952a3ce9c7e1f1b02e480a9500836de5d64cdb7ecde04542f7a79988787e24c2ba05f5fd482c023ed5c30e04839dc44bed2a3a3a4fee01113c891a47d32eb8025c28cb050b5cdb576c70fe76ef523405c08417faf350b037a43c379339fcb18d3a356b
+
+Verify=RSA-PSS-6
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=de2fa0367ef49083ff89b9905d3fd646fcc12c38
+Output=0a40a16e2fe2b38d1df90546167cf9469c9e3c3681a3442b4b2c2f581deb385ce99fc6188bb02a841d56e76d301891e24560550fcc2a26b55f4ccb26d837d350a154bcaca8392d98fa67959e9727b78cad03269f56968fc56b68bd679926d83cc9cb215550645ccda31c760ff35888943d2d8a1d351e81e5d07b86182e751081ef
+
+PublicKey=RSA-PSS-7
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgTfJ2kpmyMQIuNon0MnXn4zLHq/B
+0v5IdG2UC3xO9d7hitEmR876oMSzGIsiHFFThnWbk/AgJLJauSQvg1fY8/1JZA7l
+5kPq9sZN7vpwiXJ8j/A5kzM5FcbvIb9ZdbblDRGLUQCOwz6fAaClRaEKg2pD3byp
+2LXF01SAItcGTqKaswIDAQAB
+-----END PUBLIC KEY-----
+
+Verify=RSA-PSS-7
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=8be4afbdd76bd8d142c5f4f46dba771ee5d6d29d
+Output=187f390723c8902591f0154bae6d4ecbffe067f0e8b795476ea4f4d51ccc810520bb3ca9bca7d0b1f2ea8a17d873fa27570acd642e3808561cb9e975ccfd80b23dc5771cdb3306a5f23159dacbd3aa2db93d46d766e09ed15d900ad897a8d274dc26b47e994a27e97e2268a766533ae4b5e42a2fcaf755c1c4794b294c60555823
+
+Verify=RSA-PSS-7
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=402140dc605b2f5c5ec0d15bce9f9ba8857fe117
+Output=10fd89768a60a67788abb5856a787c8561f3edcf9a83e898f7dc87ab8cce79429b43e56906941a886194f137e591fe7c339555361fbbe1f24feb2d4bcdb80601f3096bc9132deea60ae13082f44f9ad41cd628936a4d51176e42fc59cb76db815ce5ab4db99a104aafea68f5d330329ebf258d4ede16064bd1d00393d5e1570eb8
+
+Verify=RSA-PSS-7
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=3e885205892ff2b6b37c2c4eb486c4bf2f9e7f20
+Output=2b31fde99859b977aa09586d8e274662b25a2a640640b457f594051cb1e7f7a911865455242926cf88fe80dfa3a75ba9689844a11e634a82b075afbd69c12a0df9d25f84ad4945df3dc8fe90c3cefdf26e95f0534304b5bdba20d3e5640a2ebfb898aac35ae40f26fce5563c2f9f24f3042af76f3c7072d687bbfb959a88460af1
+
+Verify=RSA-PSS-7
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=1fc2201d0c442a4736cd8b2cd00c959c47a3bf42
+Output=32c7ca38ff26949a15000c4ba04b2b13b35a3810e568184d7ecabaa166b7ffabddf2b6cf4ba07124923790f2e5b1a5be040aea36fe132ec130e1f10567982d17ac3e89b8d26c3094034e762d2e031264f01170beecb3d1439e05846f25458367a7d9c02060444672671e64e877864559ca19b2074d588a281b5804d23772fbbe19
+
+Verify=RSA-PSS-7
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=e4351b66819e5a31501f89acc7faf57030e9aac5
+Output=07eb651d75f1b52bc263b2e198336e99fbebc4f332049a922a10815607ee2d989db3a4495b7dccd38f58a211fb7e193171a3d891132437ebca44f318b280509e52b5fa98fcce8205d9697c8ee4b7ff59d4c59c79038a1970bd2a0d451ecdc5ef11d9979c9d35f8c70a6163717607890d586a7c6dc01c79f86a8f28e85235f8c2f1
+
+Verify=RSA-PSS-7
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=49f6cc58365e514e1a3f301f4de16f9fb5347ff2
+Output=18da3cdcfe79bfb77fd9c32f377ad399146f0a8e810620233271a6e3ed3248903f5cdc92dc79b55d3e11615aa056a795853792a3998c349ca5c457e8ca7d29d796aa24f83491709befcfb1510ea513c92829a3f00b104f655634f320752e130ec0ccf6754ff893db302932bb025eb60e87822598fc619e0e981737a9a4c4152d33
+
+PublicKey=RSA-PSS-8
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgUlTcKH7GFQ8FtNjHjFjJV32K+bu
+6JDV8lUJ5Pd4qOpvu7zfhd/2Tg2XIAOrNoH7um3UH9VBgpsuWC3p8qSk4KLQkAvv
+R1PbPO4O4Gx9+uix1TtZUyGPnM7qaVsIZo7eqtztlGOx15DV6/J+kRW0bK1NmiuO
++rBWGwgQNEc5raBzPwIDAQAB
+-----END PUBLIC KEY-----
+
+Verify=RSA-PSS-8
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=a1dd230d8ead860199b6277c2ecfe3d95f6d9160
+Output=0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5
+
+Verify=RSA-PSS-8
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=f6e68e53c602c5c65fa67b5aa6d786e5524b12ab
+Output=2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e
+
+Verify=RSA-PSS-8
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=d6f9fcd3ae27f32bb2c7c93536782eba52af1f76
+Output=2ad20509d78cf26d1b6c406146086e4b0c91a91c2bd164c87b966b8faa42aa0ca446022323ba4b1a1b89706d7f4c3be57d7b69702d168ab5955ee290356b8c4a29ed467d547ec23cbadf286ccb5863c6679da467fc9324a151c7ec55aac6db4084f82726825cfe1aa421bc64049fb42f23148f9c25b2dc300437c38d428aa75f96
+
+Verify=RSA-PSS-8
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=7ff2a53ce2e2d900d468e498f230a5f5dd0020de
+Output=1e24e6e58628e5175044a9eb6d837d48af1260b0520e87327de7897ee4d5b9f0df0be3e09ed4dea8c1454ff3423bb08e1793245a9df8bf6ab3968c8eddc3b5328571c77f091cc578576912dfebd164b9de5454fe0be1c1f6385b328360ce67ec7a05f6e30eb45c17c48ac70041d2cab67f0a2ae7aafdcc8d245ea3442a6300ccc7
+
+Verify=RSA-PSS-8
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=4eb309f7022ba0b03bb78601b12931ec7c1be8d3
+Output=33341ba3576a130a50e2a5cf8679224388d5693f5accc235ac95add68e5eb1eec31666d0ca7a1cda6f70a1aa762c05752a51950cdb8af3c5379f18cfe6b5bc55a4648226a15e912ef19ad77adeea911d67cfefd69ba43fa4119135ff642117ba985a7e0100325e9519f1ca6a9216bda055b5785015291125e90dcd07a2ca9673ee
+
+Verify=RSA-PSS-8
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=65033bc2f67d6aba7d526acb873b8d9241e5e4d9
+Output=1ed1d848fb1edb44129bd9b354795af97a069a7a00d0151048593e0c72c3517ff9ff2a41d0cb5a0ac860d736a199704f7cb6a53986a88bbd8abcc0076a2ce847880031525d449da2ac78356374c536e343faa7cba42a5aaa6506087791c06a8e989335aed19bfab2d5e67e27fb0c2875af896c21b6e8e7309d04e4f6727e69463e
+
+PublicKey=RSA-PSS-9
+-----BEGIN PUBLIC KEY-----
+MIHfMA0GCSqGSIb3DQEBAQUAA4HNADCByQKBwQDmvWkqyWZFeQQD/dD1vri5v5Lt
+EAB/w2UEZBndBsBcW1svSOz5ieTOJpEJl5y7QLSgrSTSJIPR7jFa1MyxU0JoNSaR
+xST23Y5sKdIkzyRpc67IbFv2sUAahQ0bmtG7jLzsR7BvD4x/RdP8jzGSmcVDPdvC
+swU7R97S7NSkyu/WFIM9yLtiLzF+0Ha4BX/o3j+ESArV6D5KYZBKTySPs5cCc1fh
+0w5GMTmBXG/U/VrFuBcqRSMOy2MYoE8UVdhOWosCAwEAAQ==
+-----END PUBLIC KEY-----
+
+Verify=RSA-PSS-9
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=2715a49b8b0012cd7aee84c116446e6dfe3faec0
+Output=586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e
+
+Verify=RSA-PSS-9
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=2dac956d53964748ac364d06595827c6b4f143cd
+Output=80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958
+
+Verify=RSA-PSS-9
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=28d98c46cccafbd3bc04e72f967a54bd3ea12298
+Output=484408f3898cd5f53483f80819efbf2708c34d27a8b2a6fae8b322f9240237f981817aca1846f1084daa6d7c0795f6e5bf1af59c38e1858437ce1f7ec419b98c8736adf6dd9a00b1806d2bd3ad0a73775e05f52dfef3a59ab4b08143f0df05cd1ad9d04bececa6daa4a2129803e200cbc77787caf4c1d0663a6c5987b605952019782caf2ec1426d68fb94ed1d4be816a7ed081b77e6ab330b3ffc073820fecde3727fcbe295ee61a050a343658637c3fd659cfb63736de32d9f90d3c2f63eca
+
+Verify=RSA-PSS-9
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=0866d2ff5a79f25ef668cd6f31b42dee421e4c0e
+Output=84ebeb481be59845b46468bafb471c0112e02b235d84b5d911cbd1926ee5074ae0424495cb20e82308b8ebb65f419a03fb40e72b78981d88aad143053685172c97b29c8b7bf0ae73b5b2263c403da0ed2f80ff7450af7828eb8b86f0028bd2a8b176a4d228cccea18394f238b09ff758cc00bc04301152355742f282b54e663a919e709d8da24ade5500a7b9aa50226e0ca52923e6c2d860ec50ff480fa57477e82b0565f4379f79c772d5c2da80af9fbf325ece6fc20b00961614bee89a183e
+
+Verify=RSA-PSS-9
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=6a5b4be4cd36cc97dfde9995efbf8f097a4a991a
+Output=82102df8cb91e7179919a04d26d335d64fbc2f872c44833943241de8454810274cdf3db5f42d423db152af7135f701420e39b494a67cbfd19f9119da233a23da5c6439b5ba0d2bc373eee3507001378d4a4073856b7fe2aba0b5ee93b27f4afec7d4d120921c83f606765b02c19e4d6a1a3b95fa4c422951be4f52131077ef17179729cddfbdb56950dbaceefe78cb16640a099ea56d24389eef10f8fecb31ba3ea3b227c0a86698bb89e3e9363905bf22777b2a3aa521b65b4cef76d83bde4c
+
+Verify=RSA-PSS-9
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=b9dfd1df76a461c51e6576c6c8ed0a923d1c50e7
+Output=a7fdb0d259165ca2c88d00bbf1028a867d337699d061193b17a9648e14ccbbaadeacaacdec815e7571294ebb8a117af205fa078b47b0712c199e3ad05135c504c24b81705115740802487992ffd511d4afc6b854491eb3f0dd523139542ff15c3101ee85543517c6a3c79417c67e2dd9aa741e9a29b06dcb593c2336b3670ae3afbac7c3e76e215473e866e338ca244de00b62624d6b9426822ceae9f8cc460895f41250073fd45c5a1e7b425c204a423a699159f6903e710b37a7bb2bc8049f
+
+PublicKey=RSA-PSS-10
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApd2GesTLAvkLlFfUjBSn
+cO+ZHFbDnA7GX9Ea+ok3zqV7m+esc7RcABdhW4LWIuMYdTtgJ8D9FXvhL4CQ/uKn
+rc0O73WfiLpJl8ekLVjJqhLLma4AH+UhwTu1QxRFqNWuT15MfpSKwifTYEBx8g5X
+fpBfvrFd+vBtHeWuYlPWOmohILMaXaXavJVQYA4g8n03OeJieSX+o8xQnyHf8E5u
+6kVJxUDWgJ/5MH7t6R//WHM9g4WiN9bTcFoz45GQCZIHDfet8TV89+NwDONmfeg/
+F7jfF3jbOB3OCctK0FilEQAac4GY7ifPVaE7dUU5kGWC7IsXS9WNXR89dnxhNyGu
+BQIDAQAB
+-----END PUBLIC KEY-----
+
+Verify=RSA-PSS-10
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=9596bb630cf6a8d4ea4600422b9eba8b13675dd4
+Output=82c2b160093b8aa3c0f7522b19f87354066c77847abf2a9fce542d0e84e920c5afb49ffdfdace16560ee94a1369601148ebad7a0e151cf16331791a5727d05f21e74e7eb811440206935d744765a15e79f015cb66c532c87a6a05961c8bfad741a9a6657022894393e7223739796c02a77455d0f555b0ec01ddf259b6207fd0fd57614cef1a5573baaff4ec00069951659b85f24300a25160ca8522dc6e6727e57d019d7e63629b8fe5e89e25cc15beb3a647577559299280b9b28f79b0409000be25bbd96408ba3b43cc486184dd1c8e62553fa1af4040f60663de7f5e49c04388e257f1ce89c95dab48a315d9b66b1b7628233876ff2385230d070d07e1666
+
+Verify=RSA-PSS-10
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=b503319399277fd6c1c8f1033cbf04199ea21716
+Output=14ae35d9dd06ba92f7f3b897978aed7cd4bf5ff0b585a40bd46ce1b42cd2703053bb9044d64e813d8f96db2dd7007d10118f6f8f8496097ad75e1ff692341b2892ad55a633a1c55e7f0a0ad59a0e203a5b8278aec54dd8622e2831d87174f8caff43ee6c46445345d84a59659bfb92ecd4c818668695f34706f66828a89959637f2bf3e3251c24bdba4d4b7649da0022218b119c84e79a6527ec5b8a5f861c159952e23ec05e1e717346faefe8b1686825bd2b262fb2531066c0de09acde2e4231690728b5d85e115a2f6b92b79c25abc9bd9399ff8bcf825a52ea1f56ea76dd26f43baafa18bfa92a504cbd35699e26d1dcc5a2887385f3c63232f06f3244c3
+
+Verify=RSA-PSS-10
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=50aaede8536b2c307208b275a67ae2df196c7628
+Output=6e3e4d7b6b15d2fb46013b8900aa5bbb3939cf2c095717987042026ee62c74c54cffd5d7d57efbbf950a0f5c574fa09d3fc1c9f513b05b4ff50dd8df7edfa20102854c35e592180119a70ce5b085182aa02d9ea2aa90d1df03f2daae885ba2f5d05afdac97476f06b93b5bc94a1a80aa9116c4d615f333b098892b25fface266f5db5a5a3bcc10a824ed55aad35b727834fb8c07da28fcf416a5d9b2224f1f8b442b36f91e456fdea2d7cfe3367268de0307a4c74e924159ed33393d5e0655531c77327b89821bdedf880161c78cd4196b5419f7acc3f13e5ebf161b6e7c6724716ca33b85c2e25640192ac2859651d50bde7eb976e51cec828b98b6563b86bb
+
+Verify=RSA-PSS-10
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=aa0b72b8b371ddd10c8ae474425ccccf8842a294
+Output=34047ff96c4dc0dc90b2d4ff59a1a361a4754b255d2ee0af7d8bf87c9bc9e7ddeede33934c63ca1c0e3d262cb145ef932a1f2c0a997aa6a34f8eaee7477d82ccf09095a6b8acad38d4eec9fb7eab7ad02da1d11d8e54c1825e55bf58c2a23234b902be124f9e9038a8f68fa45dab72f66e0945bf1d8bacc9044c6f07098c9fcec58a3aab100c805178155f030a124c450e5acbda47d0e4f10b80a23f803e774d023b0015c20b9f9bbe7c91296338d5ecb471cafb032007b67a60be5f69504a9f01abb3cb467b260e2bce860be8d95bf92c0c8e1496ed1e528593a4abb6df462dde8a0968dffe4683116857a232f5ebf6c85be238745ad0f38f767a5fdbf486fb
+
+Verify=RSA-PSS-10
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=fad3902c9750622a2bc672622c48270cc57d3ea8
+Output=7e0935ea18f4d6c1d17ce82eb2b3836c55b384589ce19dfe743363ac9948d1f346b7bfddfe92efd78adb21faefc89ade42b10f374003fe122e67429a1cb8cbd1f8d9014564c44d120116f4990f1a6e38774c194bd1b8213286b077b0499d2e7b3f434ab12289c556684deed78131934bb3dd6537236f7c6f3dcb09d476be07721e37e1ceed9b2f7b406887bd53157305e1c8b4f84d733bc1e186fe06cc59b6edb8f4bd7ffefdf4f7ba9cfb9d570689b5a1a4109a746a690893db3799255a0cb9215d2d1cd490590e952e8c8786aa0011265252470c041dfbc3eec7c3cbf71c24869d115c0cb4a956f56d530b80ab589acfefc690751ddf36e8d383f83cedd2cc
+
+Verify=RSA-PSS-10
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_mgf1_md:sha1
+Input=122196deb5d122bd8c6fc781ff6924d7c695aade
+Output=6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f
+
+PrivateKey=RSA-OAEP-1
+-----BEGIN PRIVATE KEY-----
+MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKizsoSvjrULOHA0
+qGDxRsSRnzGHY81sVZjIrkgRoeCrxMfgsILWk6Xn/O1nXPRmhRJ3LAy8ZKdCxsYw
+9TPIzHL2KugzxAvyWELphLt4vb+XwBB9Vb22YvXE4Pq5hFy1FI73OS3Tqv+Trh5r
+Znuz1CR2FtT1uhDUz9Im3ojTnxb7AgMBAAECgYBTM5z9t5/IRmplXHMWrKhcVf2P
+bdiY/a8RlRfvT1Lo/Y4ljfk/7hgPoOSrKWk82DsVKlU9SsTRgSuLn6WvDn9V/nME
+30FXCSbzMR8VxNZacyxIMRbuPT0tCvNUmtm/fL+3itiE+E1b6wRyTcc2mzHe830M
+9Tnpz83T3mU3KerV0QJBANMnN+cmf/4TQbLVwNFQqBtYb7MTK+0vjVJihkqcufMK
+84vkSFmNQToXLvuALCGs8cEcUgwvJqRx3K0hLqx8o50CQQDMiFPR1U2mMPrABPRx
+8oHHuJgtgiSkkO2+sz0+PVzJPEdlcD0d15FkLx8Rag3YUr4kGbKvcr/poDDoYLAo
+i113AkAOEr8XGOnO9VmbocOIL+gEapCHTu/OjyzMIOTydB+wozo4SK7JyTBfvsvS
+12gZln1GcazGQx5AN5aNs3h45pXBAkEAlSl7D5Wi+mfQBwfWCd/U/AXIna/C721u
+pVvsdx6jM3NNklHnkILs2oZu/vE8RZ4aYxOGt+NUyJn18RLKhdcVgwJAT0VsUCST
+vcDtKrdWo6btTWc1Kml9QhbpMhKxJ6Y9VBHOb6mNXb79cyY+NygUJ0OBgWbtfdY2
+h90qjKHS9PvY4Q==
+-----END PRIVATE KEY-----
+
+Decrypt=RSA-OAEP-1
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=354fe67b4a126d5d35fe36c777791a3f7ba13def484e2d3908aff722fad468fb21696de95d0be911c2d3174f8afcc201035f7b6d8e69402de5451618c21a535fa9d7bfc5b8dd9fc243f8cf927db31322d6e881eaa91a996170e657a05a266426d98c88003f8477c1227094a0d9fa1e8c4024309ce1ecccb5210035d47ac72e8a
+Output=6628194e12073db03ba94cda9ef9532397d50dba79b987004afefe34
+
+Decrypt=RSA-OAEP-1
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=640db1acc58e0568fe5407e5f9b701dff8c3c91e716c536fc7fcec6cb5b71c1165988d4a279e1577d730fc7a29932e3f00c81515236d8d8e31017a7a09df4352d904cdeb79aa583adcc31ea698a4c05283daba9089be5491f67c1a4ee48dc74bbbe6643aef846679b4cb395a352d5ed115912df696ffe0702932946d71492b44
+Output=750c4047f547e8e41411856523298ac9bae245efaf1397fbe56f9dd5
+
+Decrypt=RSA-OAEP-1
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=423736ed035f6026af276c35c0b3741b365e5f76ca091b4e8c29e2f0befee603595aa8322d602d2e625e95eb81b2f1c9724e822eca76db8618cf09c5343503a4360835b5903bc637e3879fb05e0ef32685d5aec5067cd7cc96fe4b2670b6eac3066b1fcf5686b68589aafb7d629b02d8f8625ca3833624d4800fb081b1cf94eb
+Output=d94ae0832e6445ce42331cb06d531a82b1db4baad30f746dc916df24d4e3c2451fff59a6423eb0e1d02d4fe646cf699dfd818c6e97b051
+
+Decrypt=RSA-OAEP-1
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=45ead4ca551e662c9800f1aca8283b0525e6abae30be4b4aba762fa40fd3d38e22abefc69794f6ebbbc05ddbb11216247d2f412fd0fba87c6e3acd888813646fd0e48e785204f9c3f73d6d8239562722dddd8771fec48b83a31ee6f592c4cfd4bc88174f3b13a112aae3b9f7b80e0fc6f7255ba880dc7d8021e22ad6a85f0755
+Output=52e650d98e7f2a048b4f86852153b97e01dd316f346a19f67a85
+
+Decrypt=RSA-OAEP-1
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=36f6e34d94a8d34daacba33a2139d00ad85a9345a86051e73071620056b920e219005855a213a0f23897cdcd731b45257c777fe908202befdd0b58386b1244ea0cf539a05d5d10329da44e13030fd760dcd644cfef2094d1910d3f433e1c7c6dd18bc1f2df7f643d662fb9dd37ead9059190f4fa66ca39e869c4eb449cbdc439
+Output=8da89fd9e5f974a29feffb462b49180f6cf9e802
+
+Decrypt=RSA-OAEP-1
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=42cee2617b1ecea4db3f4829386fbd61dafbf038e180d837c96366df24c097b4ab0fac6bdf590d821c9f10642e681ad05b8d78b378c0f46ce2fad63f74e0ad3df06b075d7eb5f5636f8d403b9059ca761b5c62bb52aa45002ea70baace08ded243b9d8cbd62a68ade265832b56564e43a6fa42ed199a099769742df1539e8255
+Output=26521050844271
+
+PrivateKey=RSA-OAEP-2
+-----BEGIN PRIVATE KEY-----
+MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAZR8f86QQl9HJ55w
+hR8l1eYjFv6KHfGTcePmKOJgVD5JAe9ggfaMC4FBGQ0q6Nq6fRJQ7G22NulE7Dci
+h3x8HQpn8UsWlMXwN5RRpD5Joy3eg2cLc9qRocmbwjtDamAFXGEPC6+ZwaB5VluV
+o/FSZjLR1Npg8g7aJeZTxPACdm9FAgMBAAECgYAII/IPrbXaiQiKnQCJPiH6ShsR
++8k8ZKO+C6rql/s7k8P/cTcEwZyWPB0Qeq6ZBUc5954C4Ybehvh6bd7+ptjM0dPI
+Gke/pyVb4gYBpKSy8IoWe14nnXFbG0Vb3X6rJFlB2XaLms77PM2llS2jzuclJbRQ
+FmOo7hXJ6ZLZJGL+OQJBAVnb3gSjPvBvtgi4CxkPTT4ivME6yOSggQM6v6QW7bCz
+OKoItXMJ6lpSQOfcblQ3jGlBTDHZfdsfQG2zdpzEGkMCQQErZS8wQDs4tAmV/W/0
+GhrMitpwNzI2tyAtObLuMM+0bbCVEfbzB8xhzCFgbBinW4pi+CLfAxug3w2v1VBv
+VovXAkBDbvUI3nNlGcLaTFgNmMgst0UqP7XvrcO5x3iaG8ZYT3la3bvTJDnHRoZV
+LstsLDB6TTr39TnuwVckjHsx8aJVAkEBKxWonz37KzkHPnPwK90MGns3ndQ18Fzd
+4u/55GKUi3zsYu6QUNXggW4HhahWtJEI3LdfNoOHTRymMpoZATBm/wJAAnDbF9WR
+SwGNdhGLJDiac1Dsg2sAY6IXISNv2O222JtR5+64e2EbcTLLfqc1bCMVHB53UVB8
+eG2e4XlBcKjI6A==
+-----END PRIVATE KEY-----
+
+Decrypt=RSA-OAEP-2
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=0181af8922b9fcb4d79d92ebe19815992fc0c1439d8bcd491398a0f4ad3a329a5bd9385560db532683c8b7da04e4b12aed6aacdf471c34c9cda891addcc2df3456653aa6382e9ae59b54455257eb099d562bbe10453f2b6d13c59c02e10f1f8abb5da0d0570932dacf2d0901db729d0fefcc054e70968ea540c81b04bcaefe720e
+Output=8ff00caa605c702830634d9a6c3d42c652b58cf1d92fec570beee7
+
+Decrypt=RSA-OAEP-2
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=018759ff1df63b2792410562314416a8aeaf2ac634b46f940ab82d64dbf165eee33011da749d4bab6e2fcd18129c9e49277d8453112b429a222a8471b070993998e758861c4d3f6d749d91c4290d332c7a4ab3f7ea35ff3a07d497c955ff0ffc95006b62c6d296810d9bfab024196c7934012c2df978ef299aba239940cba10245
+Output=2d
+
+Decrypt=RSA-OAEP-2
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=018802bab04c60325e81c4962311f2be7c2adce93041a00719c88f957575f2c79f1b7bc8ced115c706b311c08a2d986ca3b6a9336b147c29c6f229409ddec651bd1fdd5a0b7f610c9937fdb4a3a762364b8b3206b4ea485fd098d08f63d4aa8bb2697d027b750c32d7f74eaf5180d2e9b66b17cb2fa55523bc280da10d14be2053
+Output=74fc88c51bc90f77af9d5e9a4a70133d4b4e0b34da3c37c7ef8e
+
+Decrypt=RSA-OAEP-2
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=00a4578cbc176318a638fba7d01df15746af44d4f6cd96d7e7c495cbf425b09c649d32bf886da48fbaf989a2117187cafb1fb580317690e3ccd446920b7af82b31db5804d87d01514acbfa9156e782f867f6bed9449e0e9a2c09bcecc6aa087636965e34b3ec766f2fe2e43018a2fddeb140616a0e9d82e5331024ee0652fc7641
+Output=a7eb2a5036931d27d4e891326d99692ffadda9bf7efd3e34e622c4adc085f721dfe885072c78a203b151739be540fa8c153a10f00a
+
+Decrypt=RSA-OAEP-2
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=00ebc5f5fda77cfdad3c83641a9025e77d72d8a6fb33a810f5950f8d74c73e8d931e8634d86ab1246256ae07b6005b71b7f2fb98351218331ce69b8ffbdc9da08bbc9c704f876deb9df9fc2ec065cad87f9090b07acc17aa7f997b27aca48806e897f771d95141fe4526d8a5301b678627efab707fd40fbebd6e792a25613e7aec
+Output=2ef2b066f854c33f3bdcbb5994a435e73d6c6c
+
+Decrypt=RSA-OAEP-2
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=010839ec20c27b9052e55befb9b77e6fc26e9075d7a54378c646abdf51e445bd5715de81789f56f1803d9170764a9e93cb78798694023ee7393ce04bc5d8f8c5a52c171d43837e3aca62f609eb0aa5ffb0960ef04198dd754f57f7fbe6abf765cf118b4ca443b23b5aab266f952326ac4581100644325f8b721acd5d04ff14ef3a
+Output=8a7fb344c8b6cb2cf2ef1f643f9a3218f6e19bba89c0
+
+PrivateKey=RSA-OAEP-3
+-----BEGIN PRIVATE KEY-----
+MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBArWP7AOahgcApNe2
+Ri+T5s3UkRYd3XT06BC0DjwWUgBqXCd7J3TBEwWky6taeO+lfheobfej+jb8Sx0i
+SfIux8LdakYyMqzOqQbWbr6AtXBLEHKdpvgzI0q7Xv3UopLL+tM7TTP6ehS4w5e1
+bjrNISA0KLd836M6bacGs9iw/EPpAgMBAAECgYAVtIpbVoOpRnDiO1cY+BT6DhP4
+UDj1BxEYLLphUQWB89IsfiMu+TfiLlUdaLhuL4yxqti+LkiPXffv0nnj9WjU6vNv
+gM9xQazmD8yRE/tsSoQf1Qu8fFEv/L7/IUh6qBHrPKjGIAU0aobehr+h2KlI/T80
+jCLqrfMzw85s4TII/QJBAb8B0hbXNZXPAnDCvreNQKDYRH0x2pGamD9+6ngbd9hf
+43Gz6Tc+e2khfTFQoC2JWN5/rZ1VUWCVi0RUEn4Ofq8CQQGNM5llgWbbOCmBbXsp
+VBZ1npyRmH9bLYrs1jsEtIvXsvzyKbt/im3Ii6E90uOa1VttGgYWBwj5cAvoC4/T
+dEznAkAGwKJJ0gpvLudciLSU1T9qrpmqQnyIwosWOnaUReXzkM9AwnT9bqYymlzn
+x84DohWDlu4qeEV4bgniiFqXKOTlAkEA0dJ8Kf7dkthsNI7dDMv6wU90bgUc4dGB
+HfNdYfLuHJfUvygEgC9kJxh7qOkKivRCQ7QHmwNEXmAuKfpRk+ZP6QJBAIyy91a9
+iUGx07dw5a0x7jc7KKzaaf+bb0D+V4ufGvuFg2+WJ9N6z/c8J3nmNLsmARwsj38z
+Ya4qnqZe1onjY5o=
+-----END PRIVATE KEY-----
+
+Decrypt=RSA-OAEP-3
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=026a0485d96aebd96b4382085099b962e6a2bdec3d90c8db625e14372de85e2d5b7baab65c8faf91bb5504fb495afce5c988b3f6a52e20e1d6cbd3566c5cd1f2b8318bb542cc0ea25c4aab9932afa20760eaddec784396a07ea0ef24d4e6f4d37e5052a7a31e146aa480a111bbe926401307e00f410033842b6d82fe5ce4dfae80
+Output=087820b569e8fa8d
+
+Decrypt=RSA-OAEP-3
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=024db89c7802989be0783847863084941bf209d761987e38f97cb5f6f1bc88da72a50b73ebaf11c879c4f95df37b850b8f65d7622e25b1b889e80fe80baca2069d6e0e1d829953fc459069de98ea9798b451e557e99abf8fe3d9ccf9096ebbf3e5255d3b4e1c6d2ecadf067a359eea86405acd47d5e165517ccafd47d6dbee4bf5
+Output=4653acaf171960b01f52a7be63a3ab21dc368ec43b50d82ec3781e04
+
+Decrypt=RSA-OAEP-3
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=0239bce681032441528877d6d1c8bb28aa3bc97f1df584563618995797683844ca86664732f4bed7a0aab083aaabfb7238f582e30958c2024e44e57043b97950fd543da977c90cdde5337d618442f99e60d7783ab59ce6dd9d69c47ad1e962bec22d05895cff8d3f64ed5261d92b2678510393484990ba3f7f06818ae6ffce8a3a
+Output=d94cd0e08fa404ed89
+
+Decrypt=RSA-OAEP-3
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=02994c62afd76f498ba1fd2cf642857fca81f4373cb08f1cbaee6f025c3b512b42c3e8779113476648039dbe0493f9246292fac28950600e7c0f32edf9c81b9dec45c3bde0cc8d8847590169907b7dc5991ceb29bb0714d613d96df0f12ec5d8d3507c8ee7ae78dd83f216fa61de100363aca48a7e914ae9f42ddfbe943b09d9a0
+Output=6cc641b6b61e6f963974dad23a9013284ef1
+
+Decrypt=RSA-OAEP-3
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=0162042ff6969592a6167031811a239834ce638abf54fec8b99478122afe2ee67f8c5b18b0339805bfdbc5a4e6720b37c59cfba942464c597ff532a119821545fd2e59b114e61daf71820529f5029cf524954327c34ec5e6f5ba7efcc4de943ab8ad4ed787b1454329f70db798a3a8f4d92f8274e2b2948ade627ce8ee33e43c60
+Output=df5151832b61f4f25891fb4172f328d2eddf8371ffcfdbe997939295f30eca6918017cfda1153bf7a6af87593223
+
+Decrypt=RSA-OAEP-3
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=00112051e75d064943bc4478075e43482fd59cee0679de6893eec3a943daa490b9691c93dfc0464b6623b9f3dbd3e70083264f034b374f74164e1a00763725e574744ba0b9db83434f31df96f6e2a26f6d8eba348bd4686c2238ac07c37aac3785d1c7eea2f819fd91491798ed8e9cef5e43b781b0e0276e37c43ff9492d005730
+Output=3c3bad893c544a6d520ab022319188c8d504b7a788b850903b85972eaa18552e1134a7ad6098826254ff7ab672b3d8eb3158fac6d4cbaef1
+
+PrivateKey=RSA-OAEP-4
+-----BEGIN PRIVATE KEY-----
+MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBBRJAtswABPpI0BNG
+ccB4x8jew7Pi8lvCVkRnM52ziFPQa4XupbLeNTv/QqwuRryX+uaslhjalTelyPVT
+weNXYlmR1hCNzXiF+zolQT9T78rZSMs1zZua6cHGdibRE9V93kxb6na7W7felsAN
+BzculoWm11z50jn6FI1wkxtfP7A5AgMBAAECgYAEEf/KO3yl6em+f+OKhRBeNTiW
+2wXFeWrs0qclFh6zZRyGKam4YrkE17DHs3+MtaHCtUABAYoAoessr+TuTpSSw0i8
+K+2rS5678GTo7/MiuQCfjuxlOQX0DfiKPNxJ1FZ/dWJ9QaymJBKbRqC3xpjl5l8r
+e6ECx0mhATW2VA0EAQJBAnRYwZ7BY2kZ5zbJryXWCaUbj1YdGca/aUPdHuGriko/
+IyEAvUC4jezGuiNVSLbveSoRyd6CPQp5IscJW266VwECQQIQ7pszq2FxbifSUb1G
+X0s1oaIy4toAkBwpS/IjUM5JDQmfZCtTdWEttjuh8gOGSSvwTTSzwivOuQnRNEG1
+O1E5AkA5+gKLgm6IwRIbdQqLJC+po1xbZr39H6Y308xIqEpPRXoZTncn5J97zG5a
+WkEmV/xHDHMi68N0Fu9FjDB6jAkBAkEBXZmoQZWUOXn6nhviw8G2n0MvRv0D5H1b
+77u/1rHRNx2D77Mwo+AglCsv7RFeXQK+JP2SyQGdHOzW3Uzx5UzImQJBAfC3AVFw
+s/XkIiO6MDAcQabYfLtw4wy308Z9JUc9sfbL8D4/kSbj6XloJ5qGWywrQmUkz8Uq
+aD0x7TDrmEvkEro=
+-----END PRIVATE KEY-----
+
+Decrypt=RSA-OAEP-4
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=04cce19614845e094152a3fe18e54e3330c44e5efbc64ae16886cb1869014cc5781b1f8f9e045384d0112a135ca0d12e9c88a8e4063416deaae3844f60d6e96fe155145f4525b9a34431ca3766180f70e15a5e5d8e8b1a516ff870609f13f896935ced188279a58ed13d07114277d75c6568607e0ab092fd803a223e4a8ee0b1a8
+Output=4a86609534ee434a6cbca3f7e962e76d455e3264c19f605f6e5ff6137c65c56d7fb344cd52bc93374f3d166c9f0c6f9c506bad19330972d2
+
+Decrypt=RSA-OAEP-4
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=0097b698c6165645b303486fbf5a2a4479c0ee85889b541a6f0b858d6b6597b13b854eb4f839af03399a80d79bda6578c841f90d645715b280d37143992dd186c80b949b775cae97370e4ec97443136c6da484e970ffdb1323a20847821d3b18381de13bb49aaea66530c4a4b8271f3eae172cd366e07e6636f1019d2a28aed15e
+Output=b0adc4f3fe11da59ce992773d9059943c03046497ee9d9f9a06df1166db46d98f58d27ec074c02eee6cbe2449c8b9fc5080c5c3f4433092512ec46aa793743c8
+
+Decrypt=RSA-OAEP-4
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=0301f935e9c47abcb48acbbe09895d9f5971af14839da4ff95417ee453d1fd77319072bb7297e1b55d7561cd9d1bb24c1a9a37c619864308242804879d86ebd001dce5183975e1506989b70e5a83434154d5cbfd6a24787e60eb0c658d2ac193302d1192c6e622d4a12ad4b53923bca246df31c6395e37702c6a78ae081fb9d065
+Output=bf6d42e701707b1d0206b0c8b45a1c72641ff12889219a82bdea965b5e79a96b0d0163ed9d578ec9ada20f2fbcf1ea3c4089d83419ba81b0c60f3606da99
+
+Decrypt=RSA-OAEP-4
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=02d110ad30afb727beb691dd0cf17d0af1a1e7fa0cc040ec1a4ba26a42c59d0a796a2e22c8f357ccc98b6519aceb682e945e62cb734614a529407cd452bee3e44fece8423cc19e55548b8b994b849c7ecde4933e76037e1d0ce44275b08710c68e430130b929730ed77e09b015642c5593f04e4ffb9410798102a8e96ffdfe11e4
+Output=fb2ef112f5e766eb94019297934794f7be2f6fc1c58e
+
+Decrypt=RSA-OAEP-4
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=00dbb8a7439d90efd919a377c54fae8fe11ec58c3b858362e23ad1b8a44310799066b99347aa525691d2adc58d9b06e34f288c170390c5f0e11c0aa3645959f18ee79e8f2be8d7ac5c23d061f18dd74b8c5f2a58fcb5eb0c54f99f01a83247568292536583340948d7a8c97c4acd1e98d1e29dc320e97a260532a8aa7a758a1ec2
+Output=28ccd447bb9e85166dabb9e5b7d1adadc4b9d39f204e96d5e440ce9ad928bc1c2284
+
+Decrypt=RSA-OAEP-4
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=00a5ffa4768c8bbecaee2db77e8f2eec99595933545520835e5ba7db9493d3e17cddefe6a5f567624471908db4e2d83a0fbee60608fc84049503b2234a07dc83b27b22847ad8920ff42f674ef79b76280b00233d2b51b8cb2703a9d42bfbc8250c96ec32c051e57f1b4ba528db89c37e4c54e27e6e64ac69635ae887d9541619a9
+Output=f22242751ec6b1
+
+PrivateKey=RSA-OAEP-5
+-----BEGIN PRIVATE KEY-----
+MIICeQIBADANBgkqhkiG9w0BAQEFAASCAmMwggJfAgEAAoGBCq3z+cEl5diR8xrE
+SOmT3v5YD4ArRfnX8iulAh6cR1drWh5oAxup205tq+TZah1vPSZyaM/0CABfEY78
+rbmYiNHCNEZxZrKiuEmgWoicBgrA2gxfrotV8wm6YucDdC+gMm8tELARAhSJ/0l3
+cBkNiV/Tn1IpPDnv1zppi9q58Q7ZAgMBAAECgYECVutMunBn8tK+VA3N/0WCo2t9
+MdHJCZuyFLeYSEZqJo+A9YpJrATA42SJNKAgbARTfBmyNmQ6YIJzIUTfdfohdYj3
+lGgr6JFoJ23HJsXAy9uE0xu/JtCkOvSVcX99UorP7jQVYfb/PK4FxXj4Rw2WgvnA
+0HL59gaLVtWID2gr4sUCQQOw05YvbRdUnL/KESlDSNzw5+OfjCvGgk8hZLYG1oeG
+Da4eYyOTz+31EyKCKQaeL2DkrNfmM6Q2Bj+COF9ImTcHAkEC5MMuL1FyabcHIwnw
+DA4xNl984osja4KRLfI5q/OVcs8O1gSwKYLlNWTFLWoFOX3lwFKi/dwUHvcYmDY0
+auszHwJBAehLEZ0lFh+mewAlalvZtkXSsjLssFsBUYACmohiKtw/CbOurN5hYat8
+3iLCrSbneX31TgcsvTsmc4ALPkM429UCQQDrkKoaQBNbTOoHGXztyIGb4efL/yVH
+ZiEW9GWkqfSHqxLzuk/vE4IiZaZSl9mLe97ZNy4//oGjiz6WAP7QVXVPAkEBL3+B
+OPlAQGLrhaQpJFILOPW7iGoBlvSLuNzqYP2SzAJ/GOeBWKNKXF1fhgoPbAQHGn0B
+MSwGUGLx60i3nRyDyw==
+-----END PRIVATE KEY-----
+
+Decrypt=RSA-OAEP-5
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=036046a4a47d9ed3ba9a89139c105038eb7492b05a5d68bfd53accff4597f7a68651b47b4a4627d927e485eed7b4566420e8b409879e5d606eae251d22a5df799f7920bfc117b992572a53b1263146bcea03385cc5e853c9a101c8c3e1bda31a519807496c6cb5e5efb408823a352b8fa0661fb664efadd593deb99fff5ed000e5
+Output=af71a901e3a61d3132f0fc1fdb474f9ea6579257ffc24d164170145b3dbde8
+
+Decrypt=RSA-OAEP-5
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=03d6eb654edce615bc59f455265ed4e5a18223cbb9be4e4069b473804d5de96f54dcaaa603d049c5d94aa1470dfcd2254066b7c7b61ff1f6f6770e3215c51399fd4e34ec5082bc48f089840ad04354ae66dc0f1bd18e461a33cc1258b443a2837a6df26759aa2302334986f87380c9cc9d53be9f99605d2c9a97da7b0915a4a7ad
+Output=a3b844a08239a8ac41605af17a6cfda4d350136585903a417a79268760519a4b4ac3303ec73f0f87cfb32399
+
+Decrypt=RSA-OAEP-5
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=0770952181649f9f9f07ff626ff3a22c35c462443d905d456a9fd0bff43cac2ca7a9f554e9478b9acc3ac838b02040ffd3e1847de2e4253929f9dd9ee4044325a9b05cabb808b2ee840d34e15d105a3f1f7b27695a1a07a2d73fe08ecaaa3c9c9d4d5a89ff890d54727d7ae40c0ec1a8dd86165d8ee2c6368141016a48b55b6967
+Output=308b0ecbd2c76cb77fc6f70c5edd233fd2f20929d629f026953bb62a8f4a3a314bde195de85b5f816da2aab074d26cb6acddf323ae3b9c678ac3cf12fbdde7
+
+Decrypt=RSA-OAEP-5
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=0812b76768ebcb642d040258e5f4441a018521bd96687e6c5e899fcd6c17588ff59a82cc8ae03a4b45b31299af1788c329f7dcd285f8cf4ced82606b97612671a45bedca133442144d1617d114f802857f0f9d739751c57a3f9ee400912c61e2e6992be031a43dd48fa6ba14eef7c422b5edc4e7afa04fdd38f402d1c8bb719abf
+Output=15c5b9ee1185
+
+Decrypt=RSA-OAEP-5
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=07b60e14ec954bfd29e60d0047e789f51d57186c63589903306793ced3f68241c743529aba6a6374f92e19e0163efa33697e196f7661dfaaa47aac6bde5e51deb507c72c589a2ca1693d96b1460381249b2cdb9eac44769f2489c5d3d2f99f0ee3c7ee5bf64a5ac79c42bd433f149be8cb59548361640595513c97af7bc2509723
+Output=21026e6800c7fa728fcaaba0d196ae28d7a2ac4ffd8abce794f0985f60c8a6737277365d3fea11db8923a2029a
+
+Decrypt=RSA-OAEP-5
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=08c36d4dda33423b2ed6830d85f6411ba1dcf470a1fae0ebefee7c089f256cef74cb96ea69c38f60f39abee44129bcb4c92de7f797623b20074e3d9c2899701ed9071e1efa0bdd84d4c3e5130302d8f0240baba4b84a71cc032f2235a5ff0fae277c3e8f9112bef44c9ae20d175fc9a4058bfc930ba31b02e2e4f444483710f24a
+Output=541e37b68b6c8872b84c02
+
+PrivateKey=RSA-OAEP-6
+-----BEGIN PRIVATE KEY-----
+MIICeQIBADANBgkqhkiG9w0BAQEFAASCAmMwggJfAgEAAoGBErF/ba0uzRn/RtwT
+94YPCeDgz7Z3s4pSWSMFzq8CLBZtuQ0ErCnjP33RLZ+vZuCBa7Y+rSZ8x9RsF8N7
+4hS8oqItcjpk5EQHQ2tvyWVymu/CVU83bNXc6mgpN4CmK/OdAClIWhYLu55dwJct
+IaUE9S5e4CiqQWMy9RCy6c/19yKvAgMBAAECgYECleyjVgYYNpVZzs0wOqnP2vwd
+nwaVnfdf/vkpqolpYbzRkNxpl+2n9ZY+ck0HtNwR8wZeWul9loNREigLkIS7FPKi
+Hr1OiJ1BucQTLsGVb8q4uy/tBXWISTZSLF/30zJhkEgk58re5OC7Ny0kV8944r0S
+hiKP+D8QcxzmPJDP8/kCQQSmzotzWN+mm9z3QmFwBa+1OF9fOliiTvdKIqjAXLfM
+OOvUzJ2anXiaYs0PYPDLlB00I8lpLvpP463/KQxHSaOLAkEEBMmoAzcf7bTFvjnz
+wAsAnl4Ipjvh5AA1zaylARzHAc9+68uZ8P/hfP0KS/e+/S3VNqyUbbeX/bxKvo8p
+NJuR7QJBA5Ycj3YKor1RVMeq/XciWzus0BOa57WUjqMxH8zYb7lcda+nZyhLmy3l
+WVcvFdjQRMfrg6G+X63yzDd8DYR1KUsCQQIhl+BmdCGWqrwD+i/utOcLFct4fWF6
+zTG7dce8I0rXBvfEjSGC0fD/nCKNz0GWe2wLptLArREKG4V4MewkXiyxAkEEAcTA
+xT1F29tenZbQ/s9Cdd8JdLxKBza0p0wyaQU++2hqziQG4iyeBY3bSuVAYnri/bCC
+Yejn5Ly8mU2q+jBcRQ==
+-----END PRIVATE KEY-----
+
+Decrypt=RSA-OAEP-6
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=0630eebcd2856c24f798806e41f9e67345eda9ceda386acc9facaea1eeed06ace583709718d9d169fadf414d5c76f92996833ef305b75b1e4b95f662a20faedc3bae0c4827a8bf8a88edbd57ec203a27a841f02e43a615bab1a8cac0701de34debdef62a088089b55ec36ea7522fd3ec8d06b6a073e6df833153bc0aefd93bd1a3
+Output=4046ca8baa3347ca27f49e0d81f9cc1d71be9ba517d4
+
+Decrypt=RSA-OAEP-6
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=0ebc37376173a4fd2f89cc55c2ca62b26b11d51c3c7ce49e8845f74e7607317c436bc8d23b9667dfeb9d087234b47bc6837175ae5c0559f6b81d7d22416d3e50f4ac533d8f0812f2db9e791fe9c775ac8b6ad0f535ad9ceb23a4a02014c58ab3f8d3161499a260f39348e714ae2a1d3443208fd8b722ccfdfb393e98011f99e63f
+Output=5cc72c60231df03b3d40f9b57931bc31109f972527f28b19e7480c7288cb3c92b22512214e4be6c914792ddabdf57faa8aa7
+
+Decrypt=RSA-OAEP-6
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=0a98bf1093619394436cf68d8f38e2f158fde8ea54f3435f239b8d06b8321844202476aeed96009492480ce3a8d705498c4c8c68f01501dc81db608f60087350c8c3b0bd2e9ef6a81458b7c801b89f2e4fe99d4900ba6a4b5e5a96d865dc676c7755928794130d6280a8160a190f2df3ea7cf9aa0271d88e9e6905ecf1c5152d65
+Output=b20e651303092f4bccb43070c0f86d23049362ed96642fc5632c27db4a52e3d831f2ab068b23b149879c002f6bf3feee97591112562c
+
+Decrypt=RSA-OAEP-6
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=008e7a67cacfb5c4e24bec7dee149117f19598ce8c45808fef88c608ff9cd6e695263b9a3c0ad4b8ba4c95238e96a8422b8535629c8d5382374479ad13fa39974b242f9a759eeaf9c83ad5a8ca18940a0162ba755876df263f4bd50c6525c56090267c1f0e09ce0899a0cf359e88120abd9bf893445b3cae77d3607359ae9a52f8
+Output=684e3038c5c041f7
+
+Decrypt=RSA-OAEP-6
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=00003474416c7b68bdf961c385737944d7f1f40cb395343c693cc0b4fe63b31fedf1eaeeac9ccc0678b31dc32e0977489514c4f09085f6298a9653f01aea4045ff582ee887be26ae575b73eef7f3774921e375a3d19adda0ca31aa1849887c1f42cac9677f7a2f4e923f6e5a868b38c084ef187594dc9f7f048fea2e02955384ab
+Output=32488cb262d041d6e4dd35f987bf3ca696db1f06ac29a44693
+
+Decrypt=RSA-OAEP-6
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=0a026dda5fc8785f7bd9bf75327b63e85e2c0fdee5dadb65ebdcac9ae1de95c92c672ab433aa7a8e69ce6a6d8897fac4ac4a54de841ae5e5bbce7687879d79634cea7a30684065c714d52409b928256bbf53eabcd5231eb7259504537399bd29164b726d33a46da701360a4168a091ccab72d44a62fed246c0ffea5b1348ab5470
+Output=50ba14be8462720279c306ba
+
+PrivateKey=RSA-OAEP-7
+-----BEGIN PRIVATE KEY-----
+MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBMRF58Lz8m508oxXQ
+DvMNe906LPrpkRv+3LlIs6R4LQcytqtEqkvwN0GmRNwBvsPmmwGgM+Z12KzXxJJc
+axrsMRkFHf2Jdi0hXUVHX/y1n5CBSGI/NxdxVvauht16fF9D3B4fkIJUBYooSl8G
+wAIXk6h/GsX+/33K7mnF5Ro3ieNzAgMBAAECgYEHDPz/L+uCduJ0MsRd/uSPSbeR
+fWUw4fDKNGDzLgJ2F0SHxW4ipF0lANd3VJUhnX0WWpzzvZLDKvmpjY3JzCloAK3J
+SgpU+0DzQpG/hO6OoStvEJNZxtNUKlD5x2f1z/8FpoHC5lb7d8qq20vpRo2KvNTf
+mPWOhtIFP6E0n3SOIbECQQdJJiwRHNRw7CVm5rNzL8CTKUaaoZBx07nAGQZRTG8d
+JrqhS+qwlxyLfmEaT3kAnW/qd2koyiUoWw3jZD0aP4xxAkEGvB5Q6WwCv2NunuqL
+iZu+v3ZR3nfdR0w+m8I7rYGCthkEx9l9++v7HgAQiHi25n5BU5HWeULCsr+bRDX4
+iwywIwJBA7x+p/CqsUOrxs6LlxGGNqMBcuTP4CyPoN2jt7qvkPgJKYKYVSX0iL38
+tL1ybiJjmsZKMJKrf/y/HVM0z6ULW/ECQQJipqopwqPGfcU0bAY4Gv2YeqPMk8+/
+7PVP3Z+deH1/WaUj05iXnaE3ovY4H+lIAffJTaIVGNw0y0CHDEaXmUrZAkBknUwX
+tu4XIedy0DiaVZw9PN+VUNRXxGsDe3RkGx1SFmr4ohPIOWIGzfukQi8Y1vYdvLXS
+FMlxv0gq65dqc3DC
+-----END PRIVATE KEY-----
+
+Decrypt=RSA-OAEP-7
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=1688e4ce7794bba6cb7014169ecd559cede2a30b56a52b68d9fe18cf1973ef97b2a03153951c755f6294aa49adbdb55845ab6875fb3986c93ecf927962840d282f9e54ce8b690f7c0cb8bbd73440d9571d1b16cd9260f9eab4783cc482e5223dc60973871783ec27b0ae0fd47732cbc286a173fc92b00fb4ba6824647cd93c85c1
+Output=47aae909
+
+Decrypt=RSA-OAEP-7
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=1052ed397b2e01e1d0ee1c50bf24363f95e504f4a03434a08fd822574ed6b9736edbb5f390db10321479a8a139350e2bd4977c3778ef331f3e78ae118b268451f20a2f01d471f5d53c566937171b2dbc2d4bde459a5799f0372d6574239b2323d245d0bb81c286b63c89a361017337e4902f88a467f4c7f244bfd5ab46437ff3b6
+Output=1d9b2e2223d9bc13bfb9f162ce735db48ba7c68f6822a0a1a7b6ae165834e7
+
+Decrypt=RSA-OAEP-7
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=2155cd843ff24a4ee8badb7694260028a490813ba8b369a4cbf106ec148e5298707f5965be7d101c1049ea8584c24cd63455ad9c104d686282d3fb803a4c11c1c2e9b91c7178801d1b6640f003f5728df007b8a4ccc92bce05e41a27278d7c85018c52414313a5077789001d4f01910b72aad05d220aa14a58733a7489bc54556b
+Output=d976fc
+
+Decrypt=RSA-OAEP-7
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=0ab14c373aeb7d4328d0aaad8c094d88b9eb098b95f21054a29082522be7c27a312878b637917e3d819e6c3c568db5d843802b06d51d9e98a2be0bf40c031423b00edfbff8320efb9171bd2044653a4cb9c5122f6c65e83cda2ec3c126027a9c1a56ba874d0fea23f380b82cf240b8cf540004758c4c77d934157a74f3fc12bfac
+Output=d4738623df223aa43843df8467534c41d013e0c803c624e263666b239bde40a5f29aeb8de79e3daa61dd0370f49bd4b013834b98212aef6b1c5ee373b3cb
+
+Decrypt=RSA-OAEP-7
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=028387a318277434798b4d97f460068df5298faba5041ba11761a1cb7316b24184114ec500257e2589ed3b607a1ebbe97a6cc2e02bf1b681f42312a33b7a77d8e7855c4a6de03e3c04643f786b91a264a0d6805e2cea91e68177eb7a64d9255e4f27e713b7ccec00dc200ebd21c2ea2bb890feae4942df941dc3f97890ed347478
+Output=bb47231ca5ea1d3ad46c99345d9a8a61
+
+Decrypt=RSA-OAEP-7
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=14c678a94ad60525ef39e959b2f3ba5c097a94ff912b67dbace80535c187abd47d075420b1872152bba08f7fc31f313bbf9273c912fc4c0149a9b0cfb79807e346eb332069611bec0ff9bcd168f1f7c33e77313cea454b94e2549eecf002e2acf7f6f2d2845d4fe0aab2e5a92ddf68c480ae11247935d1f62574842216ae674115
+Output=2184827095d35c3f86f600e8e59754013296
+
+PrivateKey=RSA-OAEP-8
+-----BEGIN PRIVATE KEY-----
+MIICeQIBADANBgkqhkiG9w0BAQEFAASCAmMwggJfAgEAAoGBW98OMNMh3aUUf4gk
+CPppGVSA34+A0/bov1gYUE82QnypsfVUC5xlqPaXTPhEeiRNkoAgG7Sfy75jeNGU
+TNIn4jD5bj0Q+Bnc7ydsZKALKktnAefQHeX6veOx6aDfgvRjE1nNImaWR/uxcXJG
+E07XtJfP/73EK1nHOpbtkBZiEt/3AgMBAAECgYEPfR6eWqol/RPkoGY64UTg0V9c
+0YvNsJ3yzH5k48XpFa1iZFMEFh0JjHFbt6uL0B0H6vP+18ftCK8qimLvRKsWsyDh
+SvcqSPlq/iYqCuTPZeY16RB5DNTuXOp2iksmOffm9nez8Ltr4yt1dH2JCQNvAmT1
+jUAc26ExcWFXp17PYzECQQoC74RI2frYu9DQBMjCqpdR75chwbDQMjalSw35R8uu
+1aJV7p6OINSR6hcj/glHBKl2Loiv0W67WZRBLKlm3E+fAkEJLTYuftOgv9np/Q5s
+AwG23ykVnPUMyDubDPTW7qcaYeACtG4K6fLeYtJbXXRS1Ji4HJrG/FhZPUw/tPXX
+LfuwqQJBB8cUEK8QOWLbNnQE43roULqk6cKd2SFFgVKUpnx9HG3tJjqgMKm2M65Q
+MD4UA10a8BQSPrpoeCAwjY68hbaVfX0CQQCuLHU4DALAFq0FiRszAd6IHyiuEXEY
+K2ssg76nxRXsqcopjHscq1gXpZcGj8hQYN5NqKAWN4quQ8f5Z7zDeQS5AkEFmNEF
+njraT2MgdSwJ2AX/fR8a4NAXru7pzvoNfdf/d15EtXgyL2QF1iEdoZUZZmqof9xM
+2MiPa249Z+lh3Luj0A==
+-----END PRIVATE KEY-----
+
+Decrypt=RSA-OAEP-8
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=09b3683d8a2eb0fb295b62ed1fb9290b714457b7825319f4647872af889b30409472020ad12912bf19b11d4819f49614824ffd84d09c0a17e7d17309d12919790410aa2995699f6a86dbe3242b5acc23af45691080d6b1ae810fb3e3057087f0970092ce00be9562ff4053b6262ce0caa93e13723d2e3a5ba075d45f0d61b54b61
+Output=050b755e5e6880f7b9e9d692a74c37aae449b31bfea6deff83747a897f6c2c825bb1adbf850a3c96994b5de5b33cbc7d4a17913a7967
+
+Decrypt=RSA-OAEP-8
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=2ecf15c97c5a15b1476ae986b371b57a24284f4a162a8d0c8182e7905e792256f1812ba5f83f1f7a130e42dcc02232844edc14a31a68ee97ae564a383a3411656424c5f62ddb646093c367be1fcda426cf00a06d8acb7e57776fbbd855ac3df506fc16b1d7c3f2110f3d8068e91e186363831c8409680d8da9ecd8cf1fa20ee39d
+Output=4eb68dcd93ca9b19df111bd43608f557026fe4aa1d5cfac227a3eb5ab9548c18a06dded23f81825986b2fcd71109ecef7eff88873f075c2aa0c469f69c92bc
+
+Decrypt=RSA-OAEP-8
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=4bc89130a5b2dabb7c2fcf90eb5d0eaf9e681b7146a38f3173a3d9cfec52ea9e0a41932e648a9d69344c50da763f51a03c95762131e8052254dcd2248cba40fd31667786ce05a2b7b531ac9dac9ed584a59b677c1a8aed8c5d15d68c05569e2be780bf7db638fd2bfd2a85ab276860f3777338fca989ffd743d13ee08e0ca9893f
+Output=8604ac56328c1ab5ad917861
+
+Decrypt=RSA-OAEP-8
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=2e456847d8fc36ff0147d6993594b9397227d577752c79d0f904fcb039d4d812fea605a7b574dd82ca786f93752348438ee9f5b5454985d5f0e1699e3e7ad175a32e15f03deb042ab9fe1dd9db1bb86f8c089ccb45e7ef0c5ee7ca9b7290ca6b15bed47039788a8a93ff83e0e8d6244c71006362deef69b6f416fb3c684383fbd0
+Output=fdda5fbf6ec361a9d9a4ac68af216a0686f438b1e0e5c36b955f74e107f39c0dddcc
+
+Decrypt=RSA-OAEP-8
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=1fb9356fd5c4b1796db2ebf7d0d393cc810adf6145defc2fce714f79d93800d5e2ac211ea8bbecca4b654b94c3b18b30dd576ce34dc95436ef57a09415645923359a5d7b4171ef22c24670f1b229d3603e91f76671b7df97e7317c97734476d5f3d17d21cf82b5ba9f83df2e588d36984fd1b584468bd23b2e875f32f68953f7b2
+Output=4a5f4914bee25de3c69341de07
+
+Decrypt=RSA-OAEP-8
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=3afd9c6600147b21798d818c655a0f4c9212db26d0b0dfdc2a7594ccb3d22f5bf1d7c3e112cd73fc7d509c7a8bafdd3c274d1399009f9609ec4be6477e453f075aa33db382870c1c3409aef392d7386ae3a696b99a94b4da0589447e955d16c98b17602a59bd736279fcd8fb280c4462d590bfa9bf13fed570eafde97330a2c210
+Output=8e07d66f7b880a72563abcd3f35092bc33409fb7f88f2472be
+
+PrivateKey=RSA-OAEP-9
+-----BEGIN PRIVATE KEY-----
+MIIDlwIBADANBgkqhkiG9w0BAQEFAASCA4EwggN9AgEAAoHBAM8s1B40yjpyjqXL
+iv9kw20nve9TZOM2/WjTEjxaGWqMKHAT6FPVFW1Y0VGVRSD7T217F6u2gXdlkJxX
+YRllnZArGQbtiisQwVXCTRJFKNq57q43m+rGbkpBF4bcuP0AYuvAMN4SGaBMKowb
+fdMTHk1rbK7i4xpe1BrBUJsu8e4qsYNkvlaMqUHCXsyE/51kO17Bqq4QKiDXP0eb
+eA/W2pEHUhLZ6sA6BnTYmeui5DH0xEthW2uiIyvUszuu1z1iXQIDAQABAoHAGYwU
+HiNxWpK8z2oRmlvBE4lGjSgR9UjXJ+F7SrDrmG1vIR77U7cffMvqh+5px17mFQCM
+UzLetSvzkKvfv+N9cgU2gVmyY4wd4ybiHSIlHw+1hIs78VAF0qdDMPCv6RbuYszB
+NE0dg6cJ5gZ2JzhA9/N3QkpeCk2nXwGzH/doGc+cv90hUkPDkXwD7zgZkxLlZ7O/
+eu06tFfzce+KFCP0W2jG4oLsERu6KDO5h/1p+tg7wbjGE8Xh6hbBHtEl6n7BAmEA
+/I1sBL7E65qBksp5AMvlNuLotRnezzOyRZeYxpCd9PF2230jGQ/HK4hlpxiviV8b
+zZFFKYAnQjtgXnCkfPWDkKjD6I/IxI6LMuPaIQ374+iB6lZ0tqNIwh6T+eVepl79
+AmEA0gDUXniKrOpgakAdBGD4fdXBAn4S3BoNdYbok52c94m0D1GsBEKWHefSHMIe
+BcgxVcHyqpGTOHz9+VbLSNFTuicEBvm7ulN9SYfZ4vmULXoUy//+p0/s3ako0j4l
+n17hAmEA2xaAL3mi8NRfNY1p/TPkS4H66ChiLpOlQlPpl9AbB0N1naDoErSqTmyL
+6rIyjVQxlVpBimf/JqjFyAel2jVOBe8xzIz3WPRjcylQsD4mVyb7lOOdalcqJiRK
+sI23V1KtAmEAoKMXz+ffFCP4em3uhFH04rSmflSX8ptPHk6DC5+t2UARZwJvVZbl
+o5yXgX4PXxbifhnsmQLgHX6m+5qjx2Cv7h44G2neasnAdYWgatnEugC/dcitL6iY
+pHnoCuKU/tKhAmALIfM1w1M0LrRMOqJERXgMLWVblAF0yuOMfIpOZJPAup/TA3SC
+Z7CDuaemy2HkLbNiuMmJbbcGTgKtWuYVh9oVtGSckFlJCf6zfby2VL63Jo7IAeWo
+tKo5Eb69iFQvBb4=
+-----END PRIVATE KEY-----
+
+Decrypt=RSA-OAEP-9
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=267bcd118acab1fc8ba81c85d73003cb8610fa55c1d97da8d48a7c7f06896a4db751aa284255b9d36ad65f37653d829f1b37f97b8001942545b2fc2c55a7376ca7a1be4b1760c8e05a33e5aa2526b8d98e317088e7834c755b2a59b12631a182c05d5d43ab1779264f8456f515ce57dfdf512d5493dab7b7338dc4b7d78db9c091ac3baf537a69fc7f549d979f0eff9a94fda4169bd4d1d19a69c99e33c3b55490d501b39b1edae118ff6793a153261584d3a5f39f6e682e3d17c8cd1261fa72
+Output=f735fd55ba92592c3b52b8f9c4f69aaa1cbef8fe88add095595412467f9cf4ec0b896c59eda16210e7549c8abb10cdbc21a12ec9b6b5b8fd2f10399eb6
+
+Decrypt=RSA-OAEP-9
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=93ac9f0671ec29acbb444effc1a5741351d60fdb0e393fbf754acf0de49761a14841df7772e9bc82773966a1584c4d72baea00118f83f35cca6e537cbd4d811f5583b29783d8a6d94cd31be70d6f526c10ff09c6fa7ce069795a3fcd0511fd5fcb564bcc80ea9c78f38b80012539d8a4ddf6fe81e9cddb7f50dbbbbcc7e5d86097ccf4ec49189fb8bf318be6d5a0715d516b49af191258cd32dc833ce6eb4673c03a19bbace88cc54895f636cc0c1ec89096d11ce235a265ca1764232a689ae8
+Output=81b906605015a63aabe42ddf11e1978912f5404c7474b26dce3ed482bf961ecc818bf420c54659
+
+Decrypt=RSA-OAEP-9
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=81ebdd95054b0c822ef9ad7693f5a87adfb4b4c4ce70df2df84ed49c04da58ba5fc20a19e1a6e8b7a3900b22796dc4e869ee6b42792d15a8eceb56c09c69914e813cea8f6931e4b8ed6f421af298d595c97f4789c7caa612c7ef360984c21b93edc5401068b5af4c78a8771b984d53b8ea8adf2f6a7d4a0ba76c75e1dd9f658f20ded4a46071d46d7791b56803d8fea7f0b0f8e41ae3f09383a6f9585fe7753eaaffd2bf94563108beecc207bbb535f5fcc705f0dde9f708c62f49a9c90371d3
+Output=fd326429df9b890e09b54b18b8f34f1e24
+
+Decrypt=RSA-OAEP-9
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=bcc35f94cde66cb1136625d625b94432a35b22f3d2fa11a613ff0fca5bd57f87b902ccdc1cd0aebcb0715ee869d1d1fe395f6793003f5eca465059c88660d446ff5f0818552022557e38c08a67ead991262254f10682975ec56397768537f4977af6d5f6aaceb7fb25dec5937230231fd8978af49119a29f29e424ab8272b47562792d5c94f774b8829d0b0d9f1a8c9eddf37574d5fa248eefa9c5271fc5ec2579c81bdd61b410fa61fe36e424221c113addb275664c801d34ca8c6351e4a858
+Output=f1459b5f0c92f01a0f723a2e5662484d8f8c0a20fc29dad6acd43bb5f3effdf4e1b63e07fdfe6628d0d74ca19bf2d69e4a0abf86d293925a796772f8088e
+
+Decrypt=RSA-OAEP-9
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=232afbc927fa08c2f6a27b87d4a5cb09c07dc26fae73d73a90558839f4fd66d281b87ec734bce237ba166698ed829106a7de6942cd6cdce78fed8d2e4d81428e66490d036264cef92af941d3e35055fe3981e14d29cbb9a4f67473063baec79a1179f5a17c9c1832f2838fd7d5e59bb9659d56dce8a019edef1bb3accc697cc6cc7a778f60a064c7f6f5d529c6210262e003de583e81e3167b89971fb8c0e15d44fffef89b53d8d64dd797d159b56d2b08ea5307ea12c241bd58d4ee278a1f2e
+Output=53e6e8c729d6f9c319dd317e74b0db8e4ccca25f3c8305746e137ac63a63ef3739e7b595abb96e8d55e54f7bd41ab433378ffb911d
+
+Decrypt=RSA-OAEP-9
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=438cc7dc08a68da249e42505f8573ba60e2c2773d5b290f4cf9dff718e842081c383e67024a0f29594ea987b9d25e4b738f285970d195abb3a8c8054e3d79d6b9c9a8327ba596f1259e27126674766907d8d582ff3a8476154929adb1e6d1235b2ccb4ec8f663ba9cc670a92bebd853c8dbf69c6436d016f61add836e94732450434207f9fd4c43dec2a12a958efa01efe2669899b5e604c255c55fb7166de5589e369597bb09168c06dd5db177e06a1740eb2d5c82faeca6d92fcee9931ba9f
+Output=b6b28ea2198d0c1008bc64
+
+PrivateKey=RSA-OAEP-10
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCuRe1WAc7GuMwF
++AOTXGdN2+DXXEwJ/XlR/GsMrsMTqN85lwxRi/+6XtaPPw1/IqQCnUE/GuB+Tr6e
+QXfOI+f1QEtWnk7hvc88H7A+8ROALU+FXrm1E0tafICFrcrm+i+hQX7DdjvhcbDG
+K3YO3iPBKtkrmAiExkH1qPrCa9rUoDOBoi/ht1SIUJTIJQbUAZpTWihq/rJxu5ul
+kt4Y3PYAwq7q5W4C9895/BTPO9x82E/ru/lQypAwSyIZp6oGOu+iw8GYDlYM1kr+
+d5WFthB2V7lXhX795gEJiKt95Bf8iNjzhMTm5yw/lD4MMcDEpcw2+HnYo6ydfVmG
+Dqraa4O7AgMBAAECggEABWsEIW/l81SsdyUKS2sMhSWoXFmwvYDFZFCiLV9Djllq
+MzqodeKR3UP0jLiLnV/A1Jn5/NHDl/mvwHDNnjmMjRnmHbfHQQprJnXfv100W4BN
+IBrdUC1c4t/LCRzpmXu+vlcwbzg+TViBA/A29+hdGTTRUqMj5KjbRR1vSlsbDxAs
+wVDgL+7iuI3qStTBusyyTYQHLRTh0kpncfdAjuMFZPuG1Dk6NLzwt4hQHRkzA/E6
+IoSwAfD2Ser3kyjUrFxDCrRBSSCpRg7Rt7xA7GU+h20Jq8UJrkW1JRkBFqDCYQGE
+gphQnBw786SD5ydAVOFelwdQNumJ9gkygHtSV3UeeQKBgQDs9a7NHlUV//rL11oo
+Fsbr9JAYzftGOOGF1mpzlrb4CQ+AGMf9lcw0uFfcF/DMZRa7E0arTVgsra17QQM1
+I4e3AzjQhAR8nZU5tkliBLPdbqRCSZIHvsAflkKH/2M2w5hGWDNoRvVuRoYYgcEC
+M9IXa/FaXpbdx4C8hoqnfTznaQKBgQC8RsRk/GrEyng7DrCKPIQbdy9+my8our1Y
+iuiF4aDGHkhYoPslrCmZkPNb6FFkwlm6EXXN1xknBxNRhJkrbCm3Rt0NLKvhQoNf
+fRSMwWFSS0oJlG1IuChHPxzna2y2iGw0XAPgX0HVG1w6kKPyQHPH10pP4l2c8hx1
+lg8/w4YxgwKBgQDHNWRXHQD7FdCKPemVelCRXXEm6UQtrPQryC6GLlZz/2oAjtTS
+43RhffifF6FgtDt/2py2trdCGGCYFffUXKJjwVmqMtJy0Sf69LyMotdzeOiusZsK
+19o8s94K5zFJgPYrbUsKh10d8DwbrjnM2DPvbNfi2VKL8ITR+WnnlOn2wQKBgCZY
+s39t+cEDC+HbaBF/qdh+OeoraTt+bTovcJR0E+7GFC4Y+438tqxUXXyGoK1I+EVx
+cPDvsmvEgSbFPv0dFpIBmNwqEQfcKC22qAzTBiNguj+hP3DkMS/xps1rj8TNnFw9
+sXxtalchL3OuKfYZMnutWbFThYWFuk4otgpipF5JAoGAbzhSazklCFU07z5BWoNu
+3ouGFYosfL/sywvYNDBP7Gg7qNT0ecQz1DQW5jJpYjzqEAd22Fr/QB0//2EO5lQR
+zjsTY9Y6lwnu3kJkfOpWFJPVRXCoecGGgs2XcQuWIF7DERfXO182Ij+t1ui6kN18
+DuYdROFjJR4gx/ZuswURfLg=
+-----END PRIVATE KEY-----
+
+Decrypt=RSA-OAEP-10
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=53ea5dc08cd260fb3b858567287fa91552c30b2febfba213f0ae87702d068d19bab07fe574523dfb42139d68c3c5afeee0bfe4cb7969cbf382b804d6e61396144e2d0e60741f8993c3014b58b9b1957a8babcd23af854f4c356fb1662aa72bfcc7e586559dc4280d160c126785a723ebeebeff71f11594440aaef87d10793a8774a239d4a04c87fe1467b9daf85208ec6c7255794a96cc29142f9a8bd418e3c1fd67344b0cd0829df3b2bec60253196293c6b34d3f75d32f213dd45c6273d505adf4cced1057cb758fc26aeefa441255ed4e64c199ee075e7f16646182fdb464739b68ab5daff0e63e9552016824f054bf4d3c8c90a97bb6b6553284eb429fcc
+Output=8bba6bf82a6c0f86d5f1756e97956870b08953b06b4eb205bc1694ee
+
+Decrypt=RSA-OAEP-10
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=a2b1a430a9d657e2fa1c2bb5ed43ffb25c05a308fe9093c01031795f5874400110828ae58fb9b581ce9dddd3e549ae04a0985459bde6c626594e7b05dc4278b2a1465c1368408823c85e96dc66c3a30983c639664fc4569a37fe21e5a195b5776eed2df8d8d361af686e750229bbd663f161868a50615e0c337bec0ca35fec0bb19c36eb2e0bbcc0582fa1d93aacdb061063f59f2ce1ee43605e5d89eca183d2acdfe9f81011022ad3b43a3dd417dac94b4e11ea81b192966e966b182082e71964607b4f8002f36299844a11f2ae0faeac2eae70f8f4f98088acdcd0ac556e9fccc511521908fad26f04c64201450305778758b0538bf8b5bb144a828e629795
+Output=e6ad181f053b58a904f2457510373e57
+
+Decrypt=RSA-OAEP-10
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=9886c3e6764a8b9a84e84148ebd8c3b1aa8050381a78f668714c16d9cfd2a6edc56979c535d9dee3b44b85c18be8928992371711472216d95dda98d2ee8347c9b14dffdff84aa48d25ac06f7d7e65398ac967b1ce90925f67dce049b7f812db0742997a74d44fe81dbe0e7a3feaf2e5c40af888d550ddbbe3bc20657a29543f8fc2913b9bd1a61b2ab2256ec409bbd7dc0d17717ea25c43f42ed27df8738bf4afc6766ff7aff0859555ee283920f4c8a63c4a7340cbafddc339ecdb4b0515002f96c932b5b79167af699c0ad3fccfdf0f44e85a70262bf2e18fe34b850589975e867ff969d48eabf212271546cdc05a69ecb526e52870c836f307bd798780ede
+Output=510a2cf60e866fa2340553c94ea39fbc256311e83e94454b4124
+
+Decrypt=RSA-OAEP-10
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=6318e9fb5c0d05e5307e1683436e903293ac4642358aaa223d7163013aba87e2dfda8e60c6860e29a1e92686163ea0b9175f329ca3b131a1edd3a77759a8b97bad6a4f8f4396f28cf6f39ca58112e48160d6e203daa5856f3aca5ffed577af499408e3dfd233e3e604dbe34a9c4c9082de65527cac6331d29dc80e0508a0fa7122e7f329f6cca5cfa34d4d1da417805457e008bec549e478ff9e12a763c477d15bbb78f5b69bd57830fc2c4ed686d79bc72a95d85f88134c6b0afe56a8ccfbc855828bb339bd17909cf1d70de3335ae07039093e606d655365de6550b872cd6de1d440ee031b61945f629ad8a353b0d40939e96a3c450d2a8d5eee9f678093c8
+Output=bcdd190da3b7d300df9a06e22caae2a75f10c91ff667b7c16bde8b53064a2649a94045c9
+
+Decrypt=RSA-OAEP-10
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=75290872ccfd4a4505660d651f56da6daa09ca1301d890632f6a992f3d565cee464afded40ed3b5be9356714ea5aa7655f4a1366c2f17c728f6f2c5a5d1f8e28429bc4e6f8f2cff8da8dc0e0a9808e45fd09ea2fa40cb2b6ce6ffff5c0e159d11b68d90a85f7b84e103b09e682666480c657505c0929259468a314786d74eab131573cf234bf57db7d9e66cc6748192e002dc0deea930585f0831fdcd9bc33d51f79ed2ffc16bcf4d59812fcebcaa3f9069b0e445686d644c25ccf63b456ee5fa6ffe96f19cdf751fed9eaf35957754dbf4bfea5216aa1844dc507cb2d080e722eba150308c2b5ff1193620f1766ecf4481bafb943bd292877f2136ca494aba0
+Output=a7dd6c7dc24b46f9dd5f1e91ada4c3b3df947e877232a9
+
+Decrypt=RSA-OAEP-10
+Ctrl = rsa_padding_mode:oaep
+Ctrl = rsa_mgf1_md:sha1
+Input=2d207a73432a8fb4c03051b3f73b28a61764098dfa34c47a20995f8115aa6816679b557e82dbee584908c6e69782d7deb34dbd65af063d57fca76a5fd069492fd6068d9984d209350565a62e5c77f23038c12cb10c6634709b547c46f6b4a709bd85ca122d74465ef97762c29763e06dbc7a9e738c78bfca0102dc5e79d65b973f28240caab2e161a78b57d262457ed8195d53e3c7ae9da021883c6db7c24afdd2322eac972ad3c354c5fcef1e146c3a0290fb67adf007066e00428d2cec18ce58f9328698defef4b2eb5ec76918fde1c198cbb38b7afc67626a9aefec4322bfd90d2563481c9a221f78c8272c82d1b62ab914e1c69f6af6ef30ca5260db4a46
+Output=eaf1a73a1b0c4609537de69cd9228bbcfb9a8ca8c6c3efaf056fe4a7f4634ed00b7c39ec6922d7b8ea2c04ebac
+
+Title = RSA DigestSign and DigestVerify
+
+DigestSign = SHA1
+Key = RSA-2048
+Input = "Hello World"
+Output = 3da3ca2bdd1b23a231b0e3c49d95d5959f9398c27a1e534c7e6baf1d2682304d3b6b229385b1edf483f5ef6f9b35bf10c519a302bb2f79c564e1a59ba71aa2fa36df96c942c43e8d9bd4702b5f61c12a078ae2b34d0de221fc8f9f936b79a67c89d11ba5da8c63a1370d0e824c6b661123e9b58b143ff533cf362cbdad70e65b419a6d45723bf22db3c76bb8f5337c5c5c93cb6f38b30d0c835b54c23405ca4217dd0b755f3712ebad285d9e0c02655f6ce5ce6fed78f3c81843de325f628055eef57f280dee0c3170050137ee599b9ab7f2b5d3c5f831777ea05a5eb097c70bad1a7214dadae12d7960bb9425390c7d25a79985e1e3c28ad422ff93c808f4b5
+
+DigestSign = SHA256
+Key = RSA-2048
+Input = "Hello World"
+Output = ba8c24b86f18633767ed1778ef12d283a508d0bef32dd50b4a67cbd6b75df0f4ef6e69bfafbc809b01b93ab34aad9a33908644efca6eca04db1afda1016d1c1603183d2263597cf85ce5b7acd6a4872cbcc401b90b221d85aa0a2d0e1f159fc0843e0a55c47dc108c3f207d000e954605fabbb8c938050f280e29653aa1438109d02e53dfbdcb8cb9b46d372dd39ba7317a3f4c0020dba1ddd247b3d58addb1df7208785a62a8e3e4372c1fa6d24a17cd6413f7f5c046ba40a881c21875fde848b3b56fea7264430eca15b27c5c3b72fedcbcc124f8d939ffc11e6d3172c7eb491d378902093fcc3bf3a2835a1fcfabf457c13abf7b37f08595ed72332e27034
+
+DigestSign = SHA256
+Key = RSA-2048
+Input = "Hello "
+Input = "World"
+Output = ba8c24b86f18633767ed1778ef12d283a508d0bef32dd50b4a67cbd6b75df0f4ef6e69bfafbc809b01b93ab34aad9a33908644efca6eca04db1afda1016d1c1603183d2263597cf85ce5b7acd6a4872cbcc401b90b221d85aa0a2d0e1f159fc0843e0a55c47dc108c3f207d000e954605fabbb8c938050f280e29653aa1438109d02e53dfbdcb8cb9b46d372dd39ba7317a3f4c0020dba1ddd247b3d58addb1df7208785a62a8e3e4372c1fa6d24a17cd6413f7f5c046ba40a881c21875fde848b3b56fea7264430eca15b27c5c3b72fedcbcc124f8d939ffc11e6d3172c7eb491d378902093fcc3bf3a2835a1fcfabf457c13abf7b37f08595ed72332e27034
+
+DigestSign = SHA256
+Key = RSA-2048
+Input = "Hello "
+Input = "World"
+Ctrl = rsa_padding_mode:pss
+Ctrl = rsa_pss_saltlen:0
+Output = 4a35cc7623f176c997696213045024f1b1121a6ec4a5755d206c20fc4a7c5259566d19730f6f1a75ac00878c6290e6757510588d740da3633b09a1d899c7dfba2031cfcae6a490e995c87f4750ea88948009cbed6c80cebb9ebfab7d04805e7a2140373fb888b5e6151d1c4eb7f505c4e0a584c17c6ca71e552ba13e1f20101796fe0d1af0cde661fc47d904b5d3f127073471fe6dc7e78f5cd2a049d67e0c7c92184e2bf97f8e16b50b8385daa1f8882e8f6c8683720903454b35356058f2f0136cad7689105167bacbe0dbad466ff2a298e41e5a65caecac4cde08529b7ea8717258e19b0732c966b34f5d52e4ec3073da78757471086553a3ff6c5460bcda
+
+DigestVerify = SHA256
+Key = RSA-2048-PUBLIC
+Input = "Hello "
+Input = "World"
+Output = ba8c24b86f18633767ed1778ef12d283a508d0bef32dd50b4a67cbd6b75df0f4ef6e69bfafbc809b01b93ab34aad9a33908644efca6eca04db1afda1016d1c1603183d2263597cf85ce5b7acd6a4872cbcc401b90b221d85aa0a2d0e1f159fc0843e0a55c47dc108c3f207d000e954605fabbb8c938050f280e29653aa1438109d02e53dfbdcb8cb9b46d372dd39ba7317a3f4c0020dba1ddd247b3d58addb1df7208785a62a8e3e4372c1fa6d24a17cd6413f7f5c046ba40a881c21875fde848b3b56fea7264430eca15b27c5c3b72fedcbcc124f8d939ffc11e6d3172c7eb491d378902093fcc3bf3a2835a1fcfabf457c13abf7b37f08595ed72332e27034
+
+DigestVerify = SHA256
+Key = RSA-2048-PUBLIC
+Input = "Hello"
+Input = "World"
+Output = ba8c24b86f18633767ed1778ef12d283a508d0bef32dd50b4a67cbd6b75df0f4ef6e69bfafbc809b01b93ab34aad9a33908644efca6eca04db1afda1016d1c1603183d2263597cf85ce5b7acd6a4872cbcc401b90b221d85aa0a2d0e1f159fc0843e0a55c47dc108c3f207d000e954605fabbb8c938050f280e29653aa1438109d02e53dfbdcb8cb9b46d372dd39ba7317a3f4c0020dba1ddd247b3d58addb1df7208785a62a8e3e4372c1fa6d24a17cd6413f7f5c046ba40a881c21875fde848b3b56fea7264430eca15b27c5c3b72fedcbcc124f8d939ffc11e6d3172c7eb491d378902093fcc3bf3a2835a1fcfabf457c13abf7b37f08595ed72332e27034
+Result = VERIFY_ERROR
+
+# Oneshot test
+OneShotDigestSign = SHA1
+Key = RSA-2048
+Input = "Hello World"
+Output = 3da3ca2bdd1b23a231b0e3c49d95d5959f9398c27a1e534c7e6baf1d2682304d3b6b229385b1edf483f5ef6f9b35bf10c519a302bb2f79c564e1a59ba71aa2fa36df96c942c43e8d9bd4702b5f61c12a078ae2b34d0de221fc8f9f936b79a67c89d11ba5da8c63a1370d0e824c6b661123e9b58b143ff533cf362cbdad70e65b419a6d45723bf22db3c76bb8f5337c5c5c93cb6f38b30d0c835b54c23405ca4217dd0b755f3712ebad285d9e0c02655f6ce5ce6fed78f3c81843de325f628055eef57f280dee0c3170050137ee599b9ab7f2b5d3c5f831777ea05a5eb097c70bad1a7214dadae12d7960bb9425390c7d25a79985e1e3c28ad422ff93c808f4b5
+
+Title = Test RSA keypair mismatches
+
+PrivateKey = RSA-2048-BIS
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCytEHg4qzeBrqu
+1haSf0xOttQeyburRKC4N4KJIbtQbooYS6M7C9mvXdz4vA7PtgXS6L4gDTH2Bpa5
+qvbAYQ7CbmssmkciN/bqxMqecsuN49uMRF2Yy40UYCKv+wv6fGbCsrczDc5kfRu2
+XzKHewAKF9EZYkKLNfLjT+jQAogdfmnShDQPWus7t+9RbuZPrg/iz/urQGfTEarW
+8yFl6jJd88cjASrGCCxTCL2BLuimLrSauF/Na9K1Jmxst+lqXKhf4YYtf5ARgDBn
+oOfZl24ts9twBXD6hjfhVh3wOPJL3+EKOORBclHixQ47Kx9ermb6hQDv0AyRoXyp
+6Jy7gkLxAgMBAAECggEAeDWjXxh7+nqCV5ux4Wf6N7Tqqa9AK6xlhKXqjD6Bl1BU
+WpV+vvhwvXOhcjxmpjimYEKpqjvWEM5L06d6htyDJi1KsN0y3oTQ9wnb1owX+2F8
+TTWr1F2QkFU+4Cw62YuXQH8hlxlBbf1uh9Yv0kzeMOvmf3HGm4h104zsaghZ8aP4
+Tmmeqnc+ty3iQkjDLIXEaHYIZ1AZ7fzc/rc6kbkWGkVAgCP1CDIm3q586OZDQz0E
+hgLhWHgJQ5Z2m9Qw/hROJeesKHtq19GFafIBANDelB/yG8p+dCqPQsg6nm24jAHO
+pT1EipOWwLnsTBsa9BlcCYeBpqNIPV4ST+X4Que59QKBgQDjublne/+/i7dQLpCT
+01fzbkDEIV2s7jVpEz0imzT6HXIeHBpOmS7GHlurN7WLUcbB5QUEgzNxA08x80o1
+oU9b/jUpFBJRudyIKX8aSBVSInOXw1eQNjkqBZdUVN1ADeS/HYRYnPhIB4w31XgJ
+ujc9udPtn2GqWfKXrG5abfXfdwKBgQDI5GJ/8kh4nxtC7SvcJNfbRtC/03f0vJQj
+600vCU8X+wkk1EMtnHU/A/oOhZey/zdc03h3UuwznOER8KWLB8/XidRZnT9NgMGb
+sO7sNPyTfMep+jLcolv1SAThjQxAVxCkvl87GFGvGnBCTtLWMEWpazl8XH+aHgyn
+1NU/VJqa1wKBgD5Nb6YaTKwRA4QSWUe4SJW3Ek0We9R2D3LB6rXvFJ1hNPl74s6i
+JiPZ5mZ/hVGqe+BMUgUcCBThPOeDkkf97AJVGCI29ZQab3VpNPbxxbOE7W8V6Hzx
++M3AXdiapzWBF5YZ8z1zJJJATmJwKrkukzJ2Br86HbRHi5FngYGIF/6dAoGAE/32
+d3krESX0VpK3vK7F9IJ1n8FxvJ9Ptsth4P5yKpbG8C1XiiB54o2Iww00bZHMdqZs
+5KMR8oj4NQrXzqA2ZOLIiSqG9DWODupqvIMBZ8QRMq89hIt7z0sdgTzCLVz8wQhY
+/c6LwntFFLQ3cy1WoWeUTvX9lN7Mr58UobrPr/0CgYEA31WYhr/TH7sBG5tlUvuK
+1KYMRwh1HR3lMnuCzAFOEtIJhSG/GtWyPtlYzYWvYGEukBO5+QSoB9K+jNEm6tNw
+mRsMet399ylSQMkmPIfXldQvDF/9AvXBCR+EttZDr2Dw0Haeu4PGwT3WgqGHDWz5
+vOpxAsEe+k0AI8MnJvlO8uw=
+-----END PRIVATE KEY-----
+
+PublicKey = RSA-2048-BIS-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrRB4OKs3ga6rtYWkn9M
+TrbUHsm7q0SguDeCiSG7UG6KGEujOwvZr13c+LwOz7YF0ui+IA0x9gaWuar2wGEO
+wm5rLJpHIjf26sTKnnLLjePbjERdmMuNFGAir/sL+nxmwrK3Mw3OZH0btl8yh3sA
+ChfRGWJCizXy40/o0AKIHX5p0oQ0D1rrO7fvUW7mT64P4s/7q0Bn0xGq1vMhZeoy
+XfPHIwEqxggsUwi9gS7opi60mrhfzWvStSZsbLfpalyoX+GGLX+QEYAwZ6Dn2Zdu
+LbPbcAVw+oY34VYd8DjyS9/hCjjkQXJR4sUOOysfXq5m+oUA79AMkaF8qeicu4JC
+8QIDAQAB
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = RSA-2048-BIS:RSA-2048-BIS-PUBLIC
+
+PrivPubKeyPair = RSA-2048-BIS:RSA-2048-PUBLIC
+Result = KEYPAIR_MISMATCH
+
+Title = Test RSA keygen
+
+# Key generation tests
+
+Availablein = default
+KeyGen = rsaEncryption
+Ctrl = rsa_keygen_bits:128
+KeyName = tmprsa
+Result = KEYGEN_GENERATE_ERROR
+Reason = key size too small
+
+# RSA-PSS with restrictions, should succeed.
+KeyGen = RSASSA-PSS
+KeyName = tmppss
+Ctrl = rsa_pss_keygen_md:sha256
+Ctrl = rsa_pss_keygen_mgf1_md:sha512
+
+# Check MGF1 restrictions
+DigestVerify = SHA256
+Key = tmppss
+Ctrl = rsa_mgf1_md:sha256
+Result = PKEY_CTRL_ERROR
+
+# Test valid digest and MGF1 parameters. Verify will fail
+DigestVerify = SHA256
+Key = tmppss
+Ctrl = rsa_mgf1_md:sha512
+Input = ""
+Output = ""
+Result = VERIFY_ERROR
+
+# Check caching of key MGF1 digest restriction
+DigestVerify = SHA256
+Key = tmppss
+Ctrl = rsa_mgf1_md:sha1
+Result = PKEY_CTRL_ERROR
diff --git a/test/recipes/30-test_evp_data/evppkey_sm2.txt b/test/recipes/30-test_evp_data/evppkey_sm2.txt
new file mode 100644
index 0000000000..b5b36dea3d
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evppkey_sm2.txt
@@ -0,0 +1,57 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+
+# Public key algorithm tests
+
+# Private keys used for PKEY operations.
+
+Title = SM2 tests
+
+PrivateKey=SM2_key1
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqBHM9VAYItBG0wawIBAQQg0JFWczAXva2An9m7
+2MaT9gIwWTFptvlKrxyO4TjMmbWhRANCAAQ5OirZ4n5DrKqrhaGdO4VZHhRAYVcX
+Wt3Te/d/8Mr57Tf886i09VwDhSMmH8pmNq/mp6+ioUgqYG9cs6GLLioe
+-----END PRIVATE KEY-----
+
+Verify = SM2_key1
+Ctrl = digest:SM3
+Input = D7AD397F6FFA5D4F7F11E7217F241607DC30618C236D2C09C1B9EA8FDADEE2E8
+Output = 3046022100AB1DB64DE7C40EDBDE6651C9B8EBDB804673DB836E5D5C7FE15DCF9ED2725037022100EBA714451FF69B0BB930B379E192E7CD5FA6E3C41C7FBD8303B799AB54A54621
+
+Verify = SM2_key1
+Ctrl = digest:SM3
+Input = B1139602C6ECC9E15E2F3F9C635A1AFE737058BC15387479C1EA0D0B3D90E9E5
+Output = 3045022100E6E0414EBD3A656C35602AF14AB20287DBF30D57AF75C49A188ED4B42391F22402202F54F277C606F4605E1CE9514947FFDDF94C67A539804A4ED17F852288BDBE2E
+
+Verify = SM2_key1
+Ctrl = digest:SHA512
+Input = 40AA1B203C9D8EE150B21C3C7CDA8261492E5420C5F2B9F7380700E094C303B48E62F319C1DA0E32EB40D113C5F1749CC61AEB499167890AB82F2CC9BB706971
+Output = 3046022100AE018933B9BA041784380069F2DDF609694DCD299FDBF23D09F4B711FBC103EC0221008440BB1A48C132DE4FB91BE9F43B958142FDD29FB9DABE01B17514023A2F638C
+
+Availablein = default
+Decrypt = SM2_key1
+Ctrl = digest:SM3
+Input = 30818A0220466BE2EF5C11782EC77864A0055417F407A5AFC11D653C6BCE69E417BB1D05B6022062B572E21FF0DDF5C726BD3F9FF2EAE56E6294713A607E9B9525628965F62CC804203C1B5713B5DB2728EB7BF775E44F4689FC32668BDC564F52EA45B09E8DF2A5F40422084A9D0CC2997092B7D3C404FCE95956EB604D732B2307A8E5B8900ED6608CA5B197
+Output = "The floofy bunnies hop at midnight"
+
+# This is a "fake" test as it does only verify that the SM2 EVP_PKEY interface
+# is capable of creating a signature without failing, but it does not say
+# anything about the generated signature being valid, nor does it test the
+# correct implementation of the cryptosystem.
+Sign = SM2_key1
+Ctrl = digest:SM3
+Input = D7AD397F6FFA5D4F7F11E7217F241607DC30618C236D2C09C1B9EA8FDADEE2E8
+Output = 3045022100f11bf36e75bb304f094fb42a4ca22377d0cc768637c5011cd59fb9ed4b130c98022035545ffe2c2efb3abee4fee661468946d886004fae8ea5311593e48f7fe21b91
+Result = KEYOP_MISMATCH
diff --git a/test/recipes/30-test_evp_data/evprand.txt b/test/recipes/30-test_evp_data/evprand.txt
index bce86b7db4..b91f5483ae 100644
--- a/test/recipes/30-test_evp_data/evprand.txt
+++ b/test/recipes/30-test_evp_data/evprand.txt
@@ -3545,8 +3545,8 @@ AdditionalInputA.14 = 84922c0335a0ead609e5a92cfc4a225bd3c7c01ab4580b786338e1caa3
 AdditionalInputB.14 = 34b034ca643bbfd2fcc57c9b53e0f9b3fd6a73454f1823dfe7b7076ec73fd956
 Output.14 = 6caa4475189ee00ddc54910f8723b0e5b8d3d0c321ce7f2ac7194d134a0a31d96b102dd58e092e08f8a008f05c4f2afb2901c6e29549d3a720aa2b1d1f461bb9
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -3581,8 +3581,8 @@ Output.13 = e2b531ea43c513a1564fa65e9a68d43c875137773102941d0ef544c84e3689b82eac
 Entropy.14 = 727c0ac75a99bb1a318e4fe2fe0f2e312b3b61d82b2e5071acfb4a36bc8258c1
 Output.14 = f595ee1af437fe1bed8d451088b788f1cd599f2b0c47feac1fb5c6efbf7a14a8ab0ea11a3569a3c23b2a9702b415bda355c15afd275c0d67b38bcfb54ab13f70
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -3647,8 +3647,8 @@ AdditionalInputA.14 = 170a92d093d30f939b3eac628a18bab5faf86b3a5d91f30cfd0beafdec
 AdditionalInputB.14 = fd0349af015037cdbb52983155c89fc59f37d512543559c3ee6589f7b93861f6
 Output.14 = 0273a1317f3dd36877a505ca2e440445094d3c702c4ff5f4a07daa3f810d8d7a4f4b9c54dce169a1307fbdc5d197e6a3edc3ea737bedc1c9857aa0e9f87943e2
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -3698,8 +3698,8 @@ Entropy.14 = 22d1d8c8bde76a239d032804717face16d77b51170d0f53ccbcca4eaff4fb315
 PersonalisationString.14 = 5d3a7d40fdf95b98454bca03c6fcbf6abf3807de75171b55bab2db5a3f5f12f2
 Output.14 = 1007e11f48e3c4813fddd67310db56d67a49fe93e45e61b37ba81485df6a62ee57ca41fa1d987f467c2939790a20421c2b4f70b28fb0b90bbeab1ac0ae884f1a
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -3779,8 +3779,8 @@ AdditionalInputA.14 = 1eed7463c004c94b600245f4967af955919d0f325a2baf2e9c5f6e1504
 AdditionalInputB.14 = 6eace0fdabf1bc84d08eaa4afcbebd502f1d83847d2e86a1e68147b3b15a76cf
 Output.14 = da59c09259ecc1d61e05d3198f349904df1468ffaf85f5d6cc57489e2785e54e710413674bd2ac41896ce9010d9588446e7540b35519c4689a5818ace7dbe0a8
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -3815,8 +3815,8 @@ Output.13 = 78b32d396f5a919f5ccb9be2afaf5f6212d75bf084e99357e28ccc98d433696455b1
 Entropy.14 = 42cb183d2a04c89c69efbcec08bee2003b9a1cd56878a774f0162bf70f2c708f
 Output.14 = cb4afdec033b42949ebbb27245fd33c1503c1278027e11a1f050e04080abe4850821b71ed5a6bd83da6bde8e56c5faed49da26887028bab807d1ad055e2a8a27
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -3881,8 +3881,8 @@ AdditionalInputA.14 = eb2888119b0020cff3ac53cbb81d8576457a863fb087f91c795c297f68
 AdditionalInputB.14 = ad80f4ecff758da0a5beed20a9d851fcca2ad4ea0d54af619470e3cf3033a04a
 Output.14 = e2105e60f2f2fceb27c882caebb0c1eca543c359947c4319c503efa82ed5cb63640f627c82217260f0203220435c842d7993623a2b05e26e1ed1d03f68ab3cb1
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -3932,8 +3932,8 @@ Entropy.14 = 3acd2c23bbae4d02cc9e4bb548e264f43e35764b446595bfe1e45165d42c770a
 PersonalisationString.14 = afb8203d4f7900c35d7bb454a83c5f2667ab506a68b710011c0be67055dfc3eb
 Output.14 = 02664c0570c4d3c468d16cc7c8b99da7a7f1752249e30f2833b1b7cd32a4df3c23454621d79119a9aaccc52d3f9055dbde98e773c26d4dace09ce9be1f1f61b2
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -4013,8 +4013,8 @@ AdditionalInputA.14 = f57cf314188b397797caa30733cdabd5ab2a90562cab9be5f812bbd482
 AdditionalInputB.14 = 93839acaa271af55ec6c8464ac2ba8bc1c61584008b5d908b200d8048edc0562
 Output.14 = 38a3dd584a68bd037c5d5be4a103083e1d4bbd8a845ac1832e4c545e942bb5232ccec9df2abaaf0870d1f75d3bf85aa9323b5eedc26a73ade2ddade69fcaf6d4
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -4049,8 +4049,8 @@ Output.13 = e6e345a50ced3cc68ae24ed9ad8cdb482815284e66f9b0151fdd75d13c9758663c4d
 Entropy.14 = ab875886827197b784b137726f1f5862c016e2c8780452fe98f4eeb68f71aca5
 Output.14 = b6634452661b019afbf2e9b6e20b8be7d9cab739383de8636404c275dc495f54fbf23205dbf843afebbc4e88c6ee126f729cc407ccbbe792e3319230f23023d1
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -4115,8 +4115,8 @@ AdditionalInputA.14 = dacdc1a5c9b4215da6b1520c227724ffc888945a3cf1db2d2ff5c48266
 AdditionalInputB.14 = f291eac0295f5e0936542010df7ca9c417cd78f7a109655e9050fd502ad91d4c
 Output.14 = 70b881acd434f90da8788bfe77226132c8a3f2544293b0ef7408559575ff0e52a17aff11b9601a4765e2ab0cc90f19f69fb4485554ec0b17ceabde960a56655d
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -4166,8 +4166,8 @@ Entropy.14 = 0c4564ba254455b6557aec1cfee2b2b726d2c4f45379267f0e27d11c6f1edc7f
 PersonalisationString.14 = 46aefb024c6acdc9297d5019109310de558f6afcca730c8414c54f4e574fab1e
 Output.14 = c94894d56985d73ac516c1249cea3d8e79b67dcdb2bf24b830d52f9e1fbdd8bdb37a546c4ffe13186ceb0a230a14ee1be0e409eb19eef018e54f79c3ddd4fbd4
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -4247,8 +4247,8 @@ AdditionalInputA.14 = 959a1aed8c1b0af637b8c0d0dfd600b0d5dcbcac12bc8cb160a2a0ee7f
 AdditionalInputB.14 = fdbb472c9f368a44f92bab4bd993c7f39d4e61c6503f69c205191d86bc1b2944
 Output.14 = fa2f2a566b99ae810b2b95092da67bb16fa185013ad0c83a845b48cf4fa55f7017ed944d08b57d6813700fb60a30a2a2f976f8b9761516ef137e3e3a078312f9
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -4283,8 +4283,8 @@ Output.13 = 9ab8f2730cd5039a1c78f837ccaf7747b27ca425b07728933e61bc39b5c09fd63a0f
 Entropy.14 = 397427acb3683af13636a70fa2d9ff5b6d032f9fc6197d62ce1027517cb66268
 Output.14 = 2c6b5c5682187740fb566ca60644052b2e0bc3285a399e8127ae53fafa3d5286680416772e552a2cbce4a523f26e7e7e45827a291b61a8b6fc7836e3a14e694a
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -4349,8 +4349,8 @@ AdditionalInputA.14 = 534589895777f502aa3712aeed8013d343a824584774d92f9b0668201d
 AdditionalInputB.14 = a97742c1e0c816626e67ebc81ba3987378499b75212b194bb56a6746029866b0
 Output.14 = 8057f97b49700edc8ebf7bbc798e6eae639a443e4c8e935cd06ebf9e9bdb803cd3121a0602b32f088e7906abaa68b28b942e84bb09d13d565490d20295c520a6
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -4400,8 +4400,8 @@ Entropy.14 = 315bbe530ecfa44eb27250f6d20f4b6c648e42c61f6faed6fe483f26f6f8427f
 PersonalisationString.14 = efa10fa5bc1e445c031620ebb37e7552c2dfa08307dfe53c1b8e74ec55050356
 Output.14 = c592d9e7b67415d09dfc46d3039b3afc1ce66afa98e8793437cfcb5ab3a122c636f0a84edc04099d3819d7fa30d196880d9199de17f7170de725f3650ef34b19
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -4481,8 +4481,8 @@ AdditionalInputA.14 = 36551ef09232d2199547aaefecaaad217443d616433d9d169bd8cd3eae
 AdditionalInputB.14 = 9e57a4e96ace483dbc3c226d2723c9258063278140d220c4fd023c77fb20b84c
 Output.14 = ca43dcecdab689549bc4493a38a6a017f6048270e5d70d0d7576a2ab764d922bc346e30f42dc5a73ea6a210d2eba9bee5b5afe3c66867a68ab3fe0d08f511101
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -4517,8 +4517,8 @@ Output.13 = 20d734ab5611a39d6ccaf8941d254804c36ba8bf206bf10d82f721ba9548b9f7cc10
 Entropy.14 = 8dc5a9e8e9458f841dae788d24bb5fb192ef1ffaccd991f89f2b5d3ba57c1471612496c7d9cdd174
 Output.14 = fd74a7b15c9af2ea140a2d0e353c3387b389144dda5779c69f299917dfb19de6ad60dd440c14c010ca161436243bf9d33a6649339a3543b8e71789621da7ab7b
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -4583,8 +4583,8 @@ AdditionalInputA.14 = 79b75fe104f0d7c86bbe311585198f82350a13c4a7e450cfb86e440c00
 AdditionalInputB.14 = 6f20134564e79c7eb530727f5b649996c89d7bd54ebac095c19a162348fce468782f0324f2138c84
 Output.14 = d00f784a9613677023d27a4350efc4cc28f95a3928c4c8da67063ee59de5d2da13a3090f580e61fff1af27a8f4ba9418e07d856a996e836a89062064bac7a9cc
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -4634,8 +4634,8 @@ Entropy.14 = 0ac627692b28d31e347179c8ee9e508e2b3ffbedae4009414b3b72e76a3739f0292
 PersonalisationString.14 = 946fb7e5c3cbf3d198f19135b1a71a241ee892ac5a0316f57eae7076a4d99bf0e77fe23e81258cca
 Output.14 = 00007f407f75335a351d31d2754366f8f220ef2f9688a87e9d6aac59fa9f36be824b9bc7409ea991d3e0a7c411854b3701c84abdd7a696406dd13331e2785455
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -4715,8 +4715,8 @@ AdditionalInputA.14 = 1564d70c91a7f72151a4483b9eba35b52c196656ff96875d7c59c6d116
 AdditionalInputB.14 = c2731fd38e65f8e724378ad4e01359512cb473dd9854fc2303e61c2d197caad69b12fde14aed66b6
 Output.14 = c68d3e5697f36c9db2535b05226aa118e00fdab95ca2cdbd37421298d46d2054e900b82ccb63227a23380e4a2e93327718cca3b9f5fc9c3949adabd723bd4313
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -4751,8 +4751,8 @@ Output.13 = ba6649f527ef2d09cacf926d81abd456d4b43800dbf77de69bb9e2229cb6e3ac29c7
 Entropy.14 = 62efa359ebd31d3c499353a5ab5f3b70a34c5f39c508231eae5f3ee20e17834b88fb804a32a268a1
 Output.14 = 20dbd757317220a9a5b2394b495efe5e12cc7b759c877bfeed6425cd64146ee90c455c50b2243972b43015f69a015f1a4953e84a089d38171f9a6fd47b8d4870
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -4817,8 +4817,8 @@ AdditionalInputA.14 = 612b0fa86e20fcfaafb14424d1ea3092c9be131efaddff1bd9bf0c9f53
 AdditionalInputB.14 = afc244f8c93dd4578bd193226d7ed321f96dfeafe8b491684e53a0fa7d5cfb95dc3cb7739df80279
 Output.14 = 64806feb8e212b2b5def3375d83075a0cccecf2a8f0fd38a8ff4700a3152d2044b65e555f5a6171b10d72b6b6139ecd29309dd09e132ae88fa9a6adb500a03db
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -4868,8 +4868,8 @@ Entropy.14 = a59c31d7354eec799ecaba8193466aaa928025b162ff442ad2a4e0f9b65409f105d
 PersonalisationString.14 = 7b56fc016f55fe0ba21f9cc53b962e215e4ecd3dff487af67b275a19cde4afa74724a747358fd1fb
 Output.14 = aacfaf0360c415de87b92d74381be991f4a41bdd61175bccdd7c8dd19cd3f7076b485e95b1e9ae60ffb9b778f6470e5fe3a54092c6db3b909a4d9e5a8cb96ef5
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -4949,8 +4949,8 @@ AdditionalInputA.14 = 6cff7528b843b2efb40336bdcaa9629be2720bfa509a330430c36d5935
 AdditionalInputB.14 = e0843ca3385ed55f56d51343dd718dbd1a3705d7b8a3a5cb7b955c9070ef1faf74382a9130a6803c
 Output.14 = 9052a75eb225ac7522cb141245e0592a334cdc8e194f5249a5843e6efb6398db1b8ae97a15829efa4685cb4f1435d022424cc7854d34743bb2d861866fff51c1
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -4985,8 +4985,8 @@ Output.13 = 2cb651524a6b094c93e8d1caf33bef269d267eaae0849c359b52d34640f14ad4a7fe
 Entropy.14 = 689f2f61670360472b24f8ad360fe08e249b59ec0cc4675b08ac0793dae6956db8f63108574ef0c2
 Output.14 = 0897856129a42d785b60d770836a68198bc76e29840abb0802ba9d471acf8b8bff3f02e1a1c34015ad51ce85969b12ea65236bc12d349c03f2031fde19cb22c2
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -5051,8 +5051,8 @@ AdditionalInputA.14 = a0c8fb5bc632cec6f7f7a385587f27ee3ef3dfeb5aa13d978049c3d4a8
 AdditionalInputB.14 = d2c1ec49b1b0f810ae9a71fe5d93ffa4004e05cf8ffb1e1eacc146c37b3af5258b4e46222cf33914
 Output.14 = f3ef4c192e85dccd2df5b1c5f791daca65363d5f79bd490b7d9232b19c6059aaebc494dea3615295f407aec1af3b867a6d94abdcc41f68d2d9afbee19647f748
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -5102,8 +5102,8 @@ Entropy.14 = 2d0c45bdccac3a972fe401601379d5e5f6173edea823d53186829f343c0d1c843a6
 PersonalisationString.14 = 9345dc1ee7c428a961f2b787e6f9487f938062afd5fe3b3ceb04ba8445b1118a8e2e30b3f0bcc299
 Output.14 = 3d6f9140fdb46cc1a04ae987dda91a18a7eb59240c6b4292f64c8445f27f1f72a2d80e8463da01409cbf28416986ed8a85e8b9c4caa4541688aede1b6905b384
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -5183,8 +5183,8 @@ AdditionalInputA.14 = 28cb3cecec5705c020d8a3edb8079e004050d480efee70faec7e1b00e2
 AdditionalInputB.14 = bf2d138b18cd6f6c698901db8b605b598b0c3ec9fb0b14f9b586b791ab6976717fcdda68e42e083c
 Output.14 = febe358e4daf7e1938d8c0756ae39531b1bc497e603f91c7aa2203327604144eb442ad2efee1fe9b1bbcf33a5eafa94c3c04d583631b91fe550daf227d5cc05d
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -5219,8 +5219,8 @@ Output.13 = 0ad3c8e5ad0cd1f3308f882f9aa0aa5f290d93b4a2045ceb867991f2640c5276156b
 Entropy.14 = 1f5f78458959b3cabd57a556a8e70c364bab260ad5572fca41fc2bb64335fb888a31cdb37deef5d1
 Output.14 = 0c4436f75415d0eec411f5ba0d96fe333161c2d6faa30f6d806dc457b4123b7b2b65cf7bd8f4e699c563ec0c6f45ee37c31b3c6c11c28927b77d53053b0057a7
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -5285,8 +5285,8 @@ AdditionalInputA.14 = 320c3202d710d62b04bed6cc1d45b6a3fa306522b94cb7037ae7ed6609
 AdditionalInputB.14 = bf6b78f3552fab90333117fd2fcfac3af10c5e4dc0dedc581b0b15b6aa579e576fd8b10a099d05e1
 Output.14 = e9690cf3a6a69e92e56b8f793c2a27d2ed3c321e61c2e59b99b8aebae74aeb9f810348529386037ff4f1a9f525aff494f8817b087d67817c9a7547e56109224a
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -5336,8 +5336,8 @@ Entropy.14 = cf9477ba033c5d2324dd97b69cfe59d66ae7f7327aa928ed1ad36c2d9d63be731ff
 PersonalisationString.14 = 215a3e638fa6a74d91592b07fa08f8d4983c6ad0820a908ba735ac5bcee68c3f670f6fcf4d05b25c
 Output.14 = acade190508f25724a3c7dd4d960bee088cb6152f31a537295a8ff4b85af94a0ff006be9ce2f541b8237f6a7fc62a4bb8e41ac6979a6f112b57158aa6eca347f
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -5417,8 +5417,8 @@ AdditionalInputA.14 = 8b981ec9ca88b1493e7ff3b90c02da6f478bfa573f5a0354941dfedb86
 AdditionalInputB.14 = 829e75a58edd00d86269ef332e6744723b289f7df8f1c0bbf70222b542b9014e2d0cdd6aaec8c194
 Output.14 = 8c4aa794af3d7d4d684006808c98c11d8146b11fd062c69cac019f1913c457b49d423b5ec683f19143eab372079a6df551fc686d9d6f9ce5f64ef619186f816b
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -5453,8 +5453,8 @@ Output.13 = a0ea3af0cc95103ba3e89e5e4a6b792bfb19eef9580255ed76e71ed0e5325848497d
 Entropy.14 = b7f7e4e68356b2ac2c2c0075c0ef5ec6f5a6f225a18db00830261a95765771eba739a7cf8a1126c58994c43b2d28024a
 Output.14 = a15e8cc437a600a51dcfb778afa23d577d0e56b004f56eeb286e6c949d982bdb9353cbc63d33d7d397ceb4fea51a6df0b4d6d4cd32b9065bc4110d790c610e44
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -5519,8 +5519,8 @@ AdditionalInputA.14 = 67cd37e14222e5966d243bb44aabb32b0750220f75546953981631b948
 AdditionalInputB.14 = 1c0f67ce459099f3993bc8ee4a4550d3e7dec1a5225280ecdb00ac68e17c7cf40afc5e6794208e5742c0012e87d5711c
 Output.14 = 26167ff9820aa23ab61f7872e007dd25d58c7f82eacb9474280731a550c8b899e08074d910d576939f87e90018987e0bff48da03aaabaa9b7faeaddd65fdf5e2
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -5570,8 +5570,8 @@ Entropy.14 = 4e37ee8649a86dd0bab8785a1e3acbd2c3a57ca346d0e31476490e49b588b928232
 PersonalisationString.14 = 61334cdc8735332925221a6318987403a4c1c936c0a8066cbfbb1a84510bac2bb37ea52d6ba9f4e1a93269473f4566cb
 Output.14 = 8bf9c263c12a19c50525fb70cfe56980b26957e5c295f7546244ce6b7b1b90b24ce3cffc5536e96d973b192a77f878eb5e6987e1055475a0abd00312d7a65dd3
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -5651,8 +5651,8 @@ AdditionalInputA.14 = 781c2441577ac05fc069f0f988e150d7e983bbb49810eeac8b5d98fc5d
 AdditionalInputB.14 = 7598eabea8e516eb2d111441e94a98bb37916f291e3107dd991e7798ed896dc99b1a405443f7c781b98adc8ba9750696
 Output.14 = eae935bf9ea3174c0d7da0359c175cc6bbb91ecf9357e7748011fba02fd52205df0a87a44eb4ccb6015b266ed3bb9be4d0d403838bacd42757cd34216d71989f
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -5687,8 +5687,8 @@ Output.13 = d39cb66ae64219a8de99b4f63daa8536defeaa53a055a66ec3de18c41673fc926b1a
 Entropy.14 = 100e176574bd55438477f0153ed04b6cf221bf6c1fcd7141aba10c80d71eb2e16bc8213aed689f44ef57807334dc3d12
 Output.14 = b4315cc4470d4c50a15836f218b21c96668d32eafc1649cf6c92b96f0716aa54582a31a1c5f597b80f62102622369e422d98c34d1498cb9bc01d418a4d232074
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -5753,8 +5753,8 @@ AdditionalInputA.14 = cd4cb3a8e0f1f8a67577d71339e6c4f40a291cdd22d5a19aafe0f7c99e
 AdditionalInputB.14 = 0203e75cce2d2e81ec441ba73b3129c6ae5067733bc0031614cbc8fc92d599523ad30da2ea253c06c48293befb14ab71
 Output.14 = 927c1e64d9f3acfdd74e7afeb9ab2280f37ce9c1839f8cec8c32db7676fab057620144d34c8382bcb904e85af45d348e10bb2e5708268343595ffc08dd258c00
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -5804,8 +5804,8 @@ Entropy.14 = 4e6768b663b1838fbd56c78b002c08c28121662238456ea93c4b286f4a1d6aa2a1f
 PersonalisationString.14 = 47c24038732c32baf7e1e71fb0b74b74ec055adb88f8cf111fc27598ea74872fde608266a8f49105282c2ca7093acea2
 Output.14 = b1ce96d86e77a251c4fffe5de31e9199a19fa242b03b005cf0b6a23ea3a0c5b87edcbc77d0019f24d8c0594a4edba054b32d2c9e5e2f0893c424b11887b0be48
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -5885,8 +5885,8 @@ AdditionalInputA.14 = 0e2ec484d8866adc065b4f11d3760b4d276e2cf9c066b226311e7c7806
 AdditionalInputB.14 = 9fdfcb7460ce5b9913ffb9889696df7abe28aad40eba3b675d7508cca1c98faaa27dd5f52997dd6f251a68e86f966fb1
 Output.14 = 66d6b1693a3ca1cb6169858390741bae3285e0c28604d064b57f3aa2ef9a569bec22884ccc5cd315d3f3847c680c3481bcae423cb105ea47956f62cf8c2c5d29
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -5921,8 +5921,8 @@ Output.13 = 47b6dc1f9fc7ba68973e15b489e46b94b4ba58e23d6691a6e8311dd82a6187252e10
 Entropy.14 = 80ffeccaddab35221cba00ff374728dab8f91f3e5498622704c050e3e13a2b0bdd2f913672e896a979974c52067e2a05
 Output.14 = 0292bdaf725f469307e76e3ef5bed03470f6bdfc22e4d7f0661bd1b87696c9da201bbbdca6a22344ea88ffc7325370863b4cfb105740165eaed9c6e73b06a4e8
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -5987,8 +5987,8 @@ AdditionalInputA.14 = 8ca625e0daf65ecb70ccc63bbe88720ece7a415b12542c59db488bd056
 AdditionalInputB.14 = e511e77b98df72d3e4c175b58b7182fa729a61649659ff117d9b4c514cf694fea2731b170d0babbf6b6bf8198be6d932
 Output.14 = d9d3ac1480323439e9f8f09a54b3668684890fad51ad314c8e14bf0fdb429738b8955e3d2d928f2403f20caca2065795c0adaa30a5c4683a08d83074633be8f2
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -6038,8 +6038,8 @@ Entropy.14 = 409bc372b8738c80ac35721bbb8e806ddc93e816c8fab98d1d0f2a053f959601667
 PersonalisationString.14 = 975da7439df9a5b76f8ae5201da35692fd46d277787f8a73b08201e6547ba72de26ba7725ad44a11f742e6c2b57c0e9f
 Output.14 = 01fe7c18b85ede519740ed4068af24b4baaaa7d727b05241af481ec843c20bfce41e4bb131cf03a504aecd5409d03f6b5b84d22f0e1042b66e5d99d4339742fd
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -6119,8 +6119,8 @@ AdditionalInputA.14 = b0bf3ae2cfe4d3fae5573781456b3725a59598d52ffdd081b412106481
 AdditionalInputB.14 = b94a9134257079c16192066b6e3e50d63d58dec6632524114e6bce3415db5abfe0c89108cf2fd6478a97079f5190f1c5
 Output.14 = ac7c1a00228f6a7a0620d00dca7dd38e53c71d31aace470703e4d8911b071b5ae517af60ff9f2aa570b18d35b2dcf8af0ee14ba646f2be35571c7cec44ec88d4
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -6155,8 +6155,8 @@ Output.13 = dbeb1de34b0e6f1c96cf4afd1e1230e434bcb1a5497f797871e16aa3f60f8dbcb4b3
 Entropy.14 = c1fdb2167e6db331a3e796c83c8b10352650c20cdcc41b859f8b0059f2638bdceca6120928c3311b6b8d764a67b47192
 Output.14 = b9ec753ca46bdc1058f5b77a9d1d9d7090d0b70f8b9995658b8d5abcb68462a09c59cf404bc4a625037b52ba10e336c2bbd049a507fdb95e32d09904a2482f97
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -6221,8 +6221,8 @@ AdditionalInputA.14 = c839973b79c3eea5db7107ca7cae1c012cdd59a50e58b7461ed7921178
 AdditionalInputB.14 = 3cde5a2f6e19fb4a4493830016cd86afcb7a8db49a2abf6077ebb5314dd12a2d1fe9d3601c125c41c3e9af4603ee8f8b
 Output.14 = e61a4d439b4bb1ccdc810ef7a0019e5e88321ab6687f6564d5f70c0afb1633d50da63d6d1b1919b724b57ee926d63a80ac20f1ff06c4932456c70e8b64db43f8
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -6272,8 +6272,8 @@ Entropy.14 = 7ce9977cb80634f0503deee2afb8230c57408c83bf5bf41d2d62d4daa4c492fa60b
 PersonalisationString.14 = d862039cc2c297d63529a33f38a6e5660a06919a044c7e746ff238b65321d2a233a9a9c7b3534c932a8881ad38d31f65
 Output.14 = f17b61f1c3caae331160b714504b9c058ac345f07a5a26034dbfd7fef5013b52cae3e2cd357095b623065ec5cb557001887b17f9b6f9476d5449ac7d81d5abd3
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -27207,8 +27207,8 @@ AdditionalInputA.14 = 639824768081b8f8d09b9b4eb51c0bd1ea5666067ade2628d45e727213
 AdditionalInputB.14 = 7492ada1c96f7b2de329cd54651bde17b4fc69471280931180bbdecaa2889435
 Output.14 = 5c37c829eee0a9acf2ec0af816c7974a09994e744c070f58d4fcc216491a35be0d32854cc4bf6956ea5c43370c02084dd30a66fda089f5c47b4975d59a01a022
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -27258,8 +27258,8 @@ Entropy.14 = 8ecdbf1cba26eae45f70ccfec0e42d6139be57f131ff60898a3b63968acf28ac
 ReseedEntropy.14 = 8d860dcf67fbee47f33ed5273ff81956335d9152085f184f8427ad4234f95661
 Output.14 = 8049f3fe2e62883f71cc43873b9775bf60a97c070370f9757c51488b050c00959d085ddd8f8e3702aa4cd6ff19b6c62685afb7792eb003c07bbcc9f4a026d138
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -27354,8 +27354,8 @@ AdditionalInputA.14 = 9e0abd6fee611320de52bc48e56f5f17bf180e596d258031e3666066bc
 AdditionalInputB.14 = 5612694e4260dc91ba87ee97656f1436cec1f711536bdbf61064026673bb398b
 Output.14 = 02bb0c1e3abb2993383cc9cf2f32c148d785dde27df3a8dbd3ecc73ea4e884cd427061423e0736a95dd3202e6336cfac40311b8f08aaa88a90baa2f93999694b
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -27420,8 +27420,8 @@ PersonalisationString.14 = 48882b0a263582f0c6bb8288ba894d7141e665aa0c084c7d99eaa
 ReseedEntropy.14 = 34cc10a3d71398efec3c5854ef82a77a0b6bfcaf841ad9a1d5c7bf05aeed9082
 Output.14 = cac26b07204eea9a41e4289302d0da8f36ea200dacd2435f1bb1c1235cb362497eeb87aea2889aa1093d13d2cee25eb11e28229c39acdf894122425b5948cae2
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -27531,8 +27531,8 @@ AdditionalInputA.14 = 1550ac6da1742834c705b4dad61c37fc33e7d786f76b553ab324bf543f
 AdditionalInputB.14 = 77ef7c3f819de78c243351a71bbb460936064738fcb75acfc214c884ff172311
 Output.14 = 1030bfc7cc645d6e2d6b2a3f2e97979ab999d70252c15504d71d02c5842c34cf63b94c512e162726acfb1492ccb525ea56e4ca1b54daaac2284e558cb4936931
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -27582,8 +27582,8 @@ Entropy.14 = ac5668ac054f732d2bcd88561642c5a7ca98c68e341cf0cf18873fea93ef33fe
 ReseedEntropy.14 = 4a4d088beb9843e4622cdb0c5a6851587f2b472dc5d734211409bacec7b2ac06
 Output.14 = b2013a363f3ee01ab8573f3e3eed32285108c3ed3bf231c066176ed901e4d6ffaaf0cfd12d63d7c19f6c460baf434a1d6a552c62274bcb7469f7009c0beab972
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -27678,8 +27678,8 @@ AdditionalInputA.14 = cc92f09a3b12f29d9e73253c261e828196fa540a9024632665c6c25a41
 AdditionalInputB.14 = 53113703a3362b3eefb0c12587fa25a620e09e0cb63acb3f7b74471618cc0d05
 Output.14 = eef4850d91b63508bdf3257c4b66c8c022a6869cc8d9473e5f579d103c67225c04e3994f14c31ff0e328c1adddc8d8f6b1f2e70409325a353eec19c420352b7c
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -27744,8 +27744,8 @@ PersonalisationString.14 = a48f64c672f37649b12630157e15b9364ee7548984d94171b2a29
 ReseedEntropy.14 = c4933f8a2af99389732cbd0120b697b9ad99e4821f4610b66c18d9da0e28bd00
 Output.14 = 77dc9c1b636acd5b76a3453b168479ce947f4fc1401ccad4dc61d4630370ce21d29017244cee50644e3654e702b623e20ff49861890781a6bdb68e5cf3a7216b
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -27855,8 +27855,8 @@ AdditionalInputA.14 = 2537ee73b566f7febc51963ea96691994fdb150d42db58204f95be45b4
 AdditionalInputB.14 = 2f4dd1698f26af2a921d4f4aceda1c15ac71fff62ff7bb5ea6a993a29a8dc199
 Output.14 = f1b46b0276bbd75eec0792e9998ce83022c8ff2f00ee9947760c6b2bed3f6a19bff58a0a92093a57b5ac949cc4028fe31e2a6262125994e6e30dbb4b7faa6d4a
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -27906,8 +27906,8 @@ Entropy.14 = d083e222d8159740044707c76bd9ec4436202ac778f63646e5b1e88f21ddc13f
 ReseedEntropy.14 = b7b714550798c888a5026b0b7801c0923ae60a2858cabb6d6972d66115f40eda
 Output.14 = 227a88583bb137f082967af04c27cb464a6332720b759b435d4a7e26349f56f4bb447695c06295e838a6c86fc3867006217c94bb5cc99b3c44bfe541fc77503c
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -28002,8 +28002,8 @@ AdditionalInputA.14 = ee0d3e9c178d53f9957ec0877ac719694197e8bdffedf8fe59c57a0cf6
 AdditionalInputB.14 = 2545d30f8b974a21fa54146a14a566bc0156a015bdde60f3f2b9e186f6181f5d
 Output.14 = 7cd2003034f235e209cb0d73ab442234016a04c830752721998146c2f6f27d92300b47fa3ee72b46378092feb175583894b6f7004362f724ef145fe03c941d42
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -28068,8 +28068,8 @@ PersonalisationString.14 = 41b9b8e2d9a7945ffcf2631bf7d668648993c0f4859ea22de4279
 ReseedEntropy.14 = cecd9d0ac5cb7ea4cda4566b873bcefc2db068ee41774a6861a21bc69cbe1814
 Output.14 = 9d7209b625d5df31a949fbf15bf6e4515e42e6eb03909dd6d7ff4e001a8408c704901ca2b2121c079e36c28aed7a786aa356b6f3c75b87d4c78a2d06371de356
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -28179,8 +28179,8 @@ AdditionalInputA.14 = adc0707f3a06e767ea80f0882ebc015b79f0228547d22eb5a635b244a7
 AdditionalInputB.14 = 8372a1277f0eb84cadd53df4a6cc619cfca029f84d9bea48beca8cc8060528cc
 Output.14 = 86cde22dae3a1af947d76cd15e4df0c83a11769d34610d1991945350acd4f0aaef9ef70b5bbd57fab74fac6be8cbc028b9bab63aa5de62d9f1f95d949e9d093e
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -28230,8 +28230,8 @@ Entropy.14 = e3d8fcb8c049e442d2bd07104c46f0602a1f60f87bdc02dbecdcfcf4006b5b0a
 ReseedEntropy.14 = e25327867ff27456eff9f4ae4375c7a85788b400dcae03ae8c892472c8a05221
 Output.14 = 754063c679269931fdab8f90deaa967969f20b1805d93fe5b1928512cd2fe98984974b0bb1d7494d81f53e073f1a3a9378ea27307a154dc8a1fb1d3e17998f85
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -28326,8 +28326,8 @@ AdditionalInputA.14 = ff296cd83f439529d436254c490013f26fac4ab407e158a06b3c9d4e9e
 AdditionalInputB.14 = 63dee758f80f00738dee68e5f8a361cbbb371bcfa1b67ffb073c45e3c84b85fb
 Output.14 = 295446b08f879c3e46f0c57dac85767d94805fcdf7beb1eee75d40f643254691adef0e8300cf27deb90a72805cce91a4433d263ecacee0583b222b81c0bbe401
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -28392,8 +28392,8 @@ PersonalisationString.14 = 345b74cf00947dc1eedbbacd5e4030d5639f5e3c0b9fb986fdc0c
 ReseedEntropy.14 = 3150b6ab1fb005ceb8323c6982fc3af3092077241dcf4993fe91696bd5b8b747
 Output.14 = bff83f45e0a4223489b08409497471427e7b82f834082137497bc552127446a8a3f52a730914650cd753098162f7d253bbd625983430d1f16fcdb0f78a1348a8
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -28503,8 +28503,8 @@ AdditionalInputA.14 = b643013474a37b208a6f6c44cc56b1caea69e1289d8897d53f40423d9a
 AdditionalInputB.14 = b1e07a0f9740c49335ab5244e3b7aa567c7234e01253fa1c31372ac43b1d6519
 Output.14 = 6e5fb213d4bef40b3f274f956960a1e0d28e5399bfcf2709fe98de2b54ff26766835b6ed538b887cc617529d057f6005db0227dae7627728504cb8cf3530eb2e
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -28554,8 +28554,8 @@ Entropy.14 = ac8e24b8704e2011076ff9175fa1c12d9beeed66c9a975037ef6f1f519efa2230ca
 ReseedEntropy.14 = cbe05b235ab45735f0fa0ed945ec38ec3801f2caed0bd8f96dfb34cc75ef1a6a4122f5a8305f915e
 Output.14 = 91c49803af71477a06a6a493b75aa36817aa15b58afe7598750b2fe4d663f05ecf0b8c1b5737cd611e2d56ce95a029bc4fbc307f5478f0b796b259e01a48920b
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -28650,8 +28650,8 @@ AdditionalInputA.14 = a491fa45d161efa71ccdb405d6ef3153700b28966582e1052cea992218
 AdditionalInputB.14 = 4a0cd52d005056df60803fb353728f3b3fd27964e5c96965ac472ff8bb4dedc4dd7d1ca04b124f0a
 Output.14 = 0f78e45be38a6a46c2914449beb9df52394067b720f390225f930c3313916f00293c7f7f173cd89d2c30c72bc07482f066708bda7a29af420490821c98c995f4
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -28716,8 +28716,8 @@ PersonalisationString.14 = a35f706fe78dab179bdb83495408764805175744bc020388a8a60
 ReseedEntropy.14 = 4d632ef30482e6d5949cf52407d42caea7cd745e70d76d3449852a7ddb3f92e19840cd0217e1112f
 Output.14 = 3340cd5e74c52918b391156702851b25327072f075e16b8c9378972b081b2ca8cfa7665b7052cc44f480f0c188342357cc6c8cb616a0dadefc4e1ed40ba42b0a
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -28827,8 +28827,8 @@ AdditionalInputA.14 = 5f7205d87d0a9868234eeb8c4ae42cd47c03983b77dfaa84637b4080df
 AdditionalInputB.14 = fb6d486fd7586036003ffce8865e479498fe530f9ae29e01f98d4a2f7b665b6a9329450b0fb6ffb1
 Output.14 = 0d3d8c9ff86fb56bf362787f474f838066fa7483a958c23f752be6e21cb42fee11d8dc53396508f9fd5122d04e41d0e0c949d50c46d51d0ac824b6f46b5df088
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -28878,8 +28878,8 @@ Entropy.14 = 0e681f881afa243f5de75a046205f733a32a1bb39e2abd057c07d8d5e81589d537e
 ReseedEntropy.14 = cb16a4907b39f647eec2b388704d6a2b89836cdd8d1c0c7ff27cddbbb0d01e306dbd01ec58334700
 Output.14 = e48aab2c01335ba4f6d377c3c993932d4fe2ef60254eff315491b81acd1c22b3a33c59b8b78c479b7cd4fdd31f7d15864a48ac706e32174de36f9239aba4b6ad
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -28974,8 +28974,8 @@ AdditionalInputA.14 = 37ab678301ab45deca791b4c5b1a792c5422f2e3be57bcf77d92468e25
 AdditionalInputB.14 = cb7a6611c7fd8ffb884ab41766bf4a57878f187dbb09d7b0e77db4ed2ccfbcf3c640a9348dec4e1f
 Output.14 = b194fd786cfab66885cfe7b03daf642dc60efd7399f6c48d3df50337b40c40349b94ca509053451c34d6b838ce1905b5cddbcf5df1be2a9783404bd0b72b523d
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -29040,8 +29040,8 @@ PersonalisationString.14 = 003b5e534bb565f4e1eacb22f2a2a65093dd0c782a27805f0c4c4
 ReseedEntropy.14 = f2c16713da96ef435d96c63fbbc57d49c44d99c679c1af53a12cadea98d31981a7d06991efeec73f
 Output.14 = 67c409157d60f8703da237c4c8b4f124298bc95f68cd5510304c2167145fb7c4beeadbc6d7ff9b261b420e93cf9fb135d9946d5f4c4829557e7dcd713143115b
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -29151,8 +29151,8 @@ AdditionalInputA.14 = 6f6d6ab0d0c02ecfbaa3ba6d8f38a8acb08699d08f3035ce7fd03343b7
 AdditionalInputB.14 = fba0d6f6ca8f1a587782c5319766209059a23cb3e7476b2d060ad06f2db9e09728cdbe0f8a86c14c
 Output.14 = 9e88544b8486d3445c0bf47d0f55bb8d3f2abf5d5b2816df7abcf3f419dc37ca332bc00fb8c40152750b4c46054e8a281190f6e3007b844c63f6cbd1dd9acb01
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -29202,8 +29202,8 @@ Entropy.14 = 8f5235da708cb15781db85ddc141eacc654d93f8c211ae718df22ed7bae7ba5f2d5
 ReseedEntropy.14 = e6cf01b0cf9931ded0ae50bd0e1092cf79221397f2850d31390db33ae05072ad0e67cde6f3c438ba
 Output.14 = 7a00675e1a9b524dadc1b356b22c46c6747147ed736639739bbf761ed9b917670238ec001387b7cf3c91a58a81ec09c1487313058b6c26ce61d5785269a1d8e3
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -29298,8 +29298,8 @@ AdditionalInputA.14 = 18a09894ed824809e66ee447f9413505035c8e85db5b9c6e597bf6a2e3
 AdditionalInputB.14 = 75ec329e54639306dc853b73498dbc002abceadb355e12ae69fea16cc3ae892272544990d2938be9
 Output.14 = 4c08126a7fe978f25982672ee2044a9dfe31919a2003853a74d9132b46a2278547af5980d037401275ff86528bff41fa80180e823bb88cda6029e06d2b009e81
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -29364,8 +29364,8 @@ PersonalisationString.14 = d811d476960f2d5032cc3fb7002be155c6314e03ae7788dc886d0
 ReseedEntropy.14 = 8fad4aec11507a394be8bf8cf24c4f2442c45948b5ddf28ebe33f9643ae5d21337ec8dedc9b23e1a
 Output.14 = 6d353a66b4cd16ffc5469b1c16951ba00b075db4f1282df1cba7267b9e191e21f604dda9eb48921f927f1d7b4548d5bcc580829c422ef0d5b2127d5eff4b020c
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -29475,8 +29475,8 @@ AdditionalInputA.14 = eb4fa0ae2bd5ff9ab19545d30350fab09719db12f428ccc3fea36da4a0
 AdditionalInputB.14 = f1d0853fc6fecca6730079b5e64840bdcbc2ccf4a9e20aa08e8ee2e48c785838b154c66845e2423b
 Output.14 = a29949eb92716b0682cd27f62ca00cfbad717fc976c55dddd854ded44a53ea2cd0dc0a97db8b6011d583f8fcb522b7f8c3d2fdd68ebdc083e23d5f5737dfb572
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -29526,8 +29526,8 @@ Entropy.14 = 963fe575c96b319a3418cc7548484ab827df1f7ba56b0da8131fd19f7712add1d29
 ReseedEntropy.14 = e1470ee367e55bd8dd82dea6f7fbd905b98d596306807f8aae529807b36aa0655bd260e1e2bab75c
 Output.14 = a1e6286529fab40e3db9b57741bf6e5b4904590d05569a7d571baf77842065be742e2c26c14e8599e46a520fa39b81ebe32dd857556d9f55e4bd37c1952afc0d
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -29622,8 +29622,8 @@ AdditionalInputA.14 = bf76973791b52d9387e2a36f3ab3620bb983dcd2399fef3cc6bf4cf86c
 AdditionalInputB.14 = 2089acf7aca43a77d8459d4f384919575ed88c7c4759b9dd7033a132a85c2ec6c71025c166083bc7
 Output.14 = 81309a10ac3f02d3fee049a5ddb9f02f64dff3d6b75259d561921a8349b30054059b2af81c6f7d50189a0bb6d360da06bcbdc944997d6f8b051f23998c8c36ae
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -29688,8 +29688,8 @@ PersonalisationString.14 = a477a42a221cd2cbcf790ca70fb6a5f18a91c297617561acd1bc5
 ReseedEntropy.14 = 108f6f37621ace418e2155f70dda4c2b5d6aafa9269f6aa98a5455e3a1d188e64ec022c454c68620
 Output.14 = 05e4896494b02861a51357463f705e812a14f57eb8630cf1fb025c42ec9dd54de3f5fa1b38d1f3d890aad74d5ad1683d0b5981da4d3a939d05fd5435b1d50f38
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -29799,8 +29799,8 @@ AdditionalInputA.14 = 6aec5f8c3dc54924104e04635ab80b1f782869bc5c1557f7d89daa1e1b
 AdditionalInputB.14 = 668d732a98f7ae8cdc9235d63e705955c09600a490021a19a34c1befba8cb613ee7d8e4c5774aba4
 Output.14 = 1dfb0a6bf411580aa55044f26c598d2620965fc94a769001f10b1909228616146bc9d02f749d094786805e3db859da9e6a572833af5cefdb147873ec6023b028
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -29850,8 +29850,8 @@ Entropy.14 = 1accff5a19861164c5d2cf542cf41a789f143c7956518ae158d4449ff0c257a0096
 ReseedEntropy.14 = f2fa58209759d84bf38a1656bae655669767a902ade22a830df56b32ef9e1c992335eb4cb27eeb142bfd21b5d31451de
 Output.14 = f214b4055d182cb258d9e9b61251bebc9bf090db662c4e36023cc156964fbbe1cedf691cd0c3d7db4262fb65a5d34b942f909b0f31fc18009766413523dcaf40
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -29946,8 +29946,8 @@ AdditionalInputA.14 = e33d181f3159fb0874eff5ef8ddd2b51a60b13ccf046f7e637ed27bed8
 AdditionalInputB.14 = 3ecf6233820e6cceddac7b024c490c5ee14c73d5b598c92cda30940471b6ed450019120689aaf157fd87b71b13afea25
 Output.14 = 9d793dd96b870dfa0267623bd1c2d8bd3e2c63e9f211340f630fea01358011394154145a10659c4d98274a525c48a90da0126a99b85ed5b4b903195f0dddc762
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -30012,8 +30012,8 @@ PersonalisationString.14 = 8c40c5317f29b64da7f4025cda90ae3e99ba1ed350482048f8411
 ReseedEntropy.14 = cb7933c3c803644d4ab7c35b941319bebf6784f98c04754c69359e10c9693b57ae12e38b08ca8a9f0f15142c4476f0bc
 Output.14 = e95d375c7b3354190721d598e8fde7aef16fb2a9dc963ed76eef6a12abe2001622725a8e1545c73c9a85995e6b07806e2ac39b179b595bcfd96b2189b5d10497
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -30123,8 +30123,8 @@ AdditionalInputA.14 = 588eb722d4066ce1e9148d2e7a6d43d1d8b4886bd97f36f24599dcdedb
 AdditionalInputB.14 = 1b4e904a6b861201028506075d7d7fecb81158ea3749421d4d4710ba0fcb157b5019dbca199c8302d34745cb0c2330b1
 Output.14 = d155941b54ab48dc1866641c034b117d6dd8a7d068d29201105d845315dbc747afd8fb1f9ba5c976c75ff8c7052aff7b342c1489bc0c9f8a7d898b88ed0d5746
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -30174,8 +30174,8 @@ Entropy.14 = 68e91e73623fa6a3ce22f424e9db971459dfbe06601ccff96f1726fa18e61d5cdc1
 ReseedEntropy.14 = 249b56dcdc4c5c8eaf796c8685a740fd4ea2455c135e0d7b8e50532fd87c95b781c8f3775c213c2714eecef140125b78
 Output.14 = a15d3d61408ddea3b9753c854c693ca1a91cf49d172160bf15f512f345bb1bda9aa7bc4fcce177fdfebb3fea4cc6404c6024527ea662669a5eb78753822bfdd3
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -30270,8 +30270,8 @@ AdditionalInputA.14 = ed3f47e59a12b36a42616b338c7a77a18e333d38abb9da4e36914b69f3
 AdditionalInputB.14 = 6e39b249f1b8111ff12fa24f9f2320df2dc8752e1541f556b5cedfff409b6a858490c27e052a63504c7131b438f44356
 Output.14 = 650bee69393d5d7793c8a5a40cae79bd470d15fdacab7b51b251f51dc5d3e383d28d808c7f9e018c71eccc80371a9e0267ba4053ec0e4c071d110942c43149c0
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -30336,8 +30336,8 @@ PersonalisationString.14 = 531b64be5d25937f30bed886f2021855db1b63777febe6695eb4f
 ReseedEntropy.14 = 350112071b8315afa26fa3d9be6b6dec59ba7fed2387556cdec43ab8def92050d2f0fd34ef0c837c022c337f227b2169
 Output.14 = 47ad3d7ef4e7bc4696d039b6e424669200b5f6c687f813c270483793518adf6698aa40a781208878017bf77afeb2f98794d21578623888eb98135ef0e5121c57
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -30447,8 +30447,8 @@ AdditionalInputA.14 = 02a4bfd4a825e4d811770127c6f5a568deff4d7989300a0bd23220a586
 AdditionalInputB.14 = f9775f8fb1b767c4639e2c3fe9f0820e03e28780641ecbf832451baea5e1ef83cf9e078cc325b1fc7a8a14bf07cc4ff5
 Output.14 = ba473979f23358b95ff49610a7b91936b7d1da44bf8891cc19ac6ceb9f0241a8c3771a2efb403275bf599aad30b9e4604e90729241763801387ab239ae543625
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -30498,8 +30498,8 @@ Entropy.14 = e23a7f95c3cf3fddddec66cb16e1fbc38495ebe98b3e14d8f351e58bc457cd38b79
 ReseedEntropy.14 = 36410abe456d7a51948098897ec205f75f22ee09cfcc94ca88fbaff8d159fc779a8e420d11fc1ac09518237bfdb74462
 Output.14 = 3c14a63a9c74dd02051c0147637401649a68452c28af90e9628f1ac87df1d27671397ba34f493997ef634284b74b3b28b2e7d4171eb025e470f39dfd12636a5f
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -30594,8 +30594,8 @@ AdditionalInputA.14 = aff406d3d514ec118c9a8f470db34922b8bb262f78c1ee6ecbc647eaa2
 AdditionalInputB.14 = 50d8e7887df0785c331a381b6f11057ed720abaece80b7f8358386fabf5da24a912b8f1563301fbcd7ad240c03a5e444
 Output.14 = be0045c0bee70daf5a57e5b449fde2e9320a0e0d429950ec3b8ec14ca2acdd7ca2a365bebf11f45f356c34f7e52a8c39ac2e141815134bab3b79ce3dc1d2a44f
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -30660,8 +30660,8 @@ PersonalisationString.14 = cfbbe01cda290c89b2841f37952cfc1d9a4222fb425e9453de307
 ReseedEntropy.14 = dc9c22b1006462af08615eca5998ea81a81411be226a241c38d480e7ae0ab5bb34721f0ab9226633d655675ffd953420
 Output.14 = e544668dbca5b35bb59ab04945649cead8d822a1d8ce125e3ae5db8b23e3bcc05bf6921ce95b85766b92c13c59ae83d908471e03e020fdeb59e5cea817a48802
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -30771,8 +30771,8 @@ AdditionalInputA.14 = bd203cdd94307bab1a53734a3a451f0b038614892186b26877b2c1c849
 AdditionalInputB.14 = 631cf0317b713d07ce74f7b05ff4e7a158c769993d357325f8e9d16b25076bc9b0febbbd66bf23fbc9c27286dc1663e7
 Output.14 = 401176185d33ef08d0b65a5b853d57583250dd2efaf44ca0f987b45f89eafeb52d2f4346bf9b9d0b7dd4f7126e7d89dd32f53b737cef79ab5dd0794fb8a4c89d
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -30822,8 +30822,8 @@ Entropy.14 = 91fa80b727040295b850119e9fb7e4cce4551ae234f29616af15572557d1555de04
 ReseedEntropy.14 = 9937f776ddae1dd4a6ed76cc1795d450e14d1e462c30a9e1a85334b3ca148451b94e00055b3ed227f0a2fc247db4db6d
 Output.14 = e659a7de7a1b1b15a56170a1d6334dec91b6fffc47fb7ae1f2b3af03cbc25f7bec0cb6afadb76af9d36216825ee0e13aa3915bc515325c27270858654175a81d
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -30918,8 +30918,8 @@ AdditionalInputA.14 = 54dd28543c859fd4dc1e4f0a44ec9aa2b758d51379c0a9c75805356793
 AdditionalInputB.14 = 3803a58e41fb766847b9f568ecd7f1993091c4689fcf70f754d345ec7a3f45d1fecbfcc52cd60b47b5a486acb155e213
 Output.14 = 3cfb2eda22c4f01893b4760b785d330cb771938ed6f2f929030fe625780fb91fc2f9952409b99f011cb5e7e0b4a7d461be80e94e91111ace0604a7a41719f3b3
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -30984,8 +30984,8 @@ PersonalisationString.14 = e7a492e06f2079eb6428f4d39fb18aa0ece5d1edc5f2e1403737b
 ReseedEntropy.14 = 17837fdc7d5600fa487fa07331c4db6e3d65d522537aae0715a5936f5cb81953965fdda82e5f2b0a1f20dc8beb76beca
 Output.14 = 2cf0d9cfb60234b23086dc1649e6fa99c4104de9853d19508105535c960468777a936543f6b31ed0d3c52d135671a23d3ea08fb7f29c9dcb3f151163587c39db
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 0
 GenerateBits = 512
@@ -52309,8 +52309,8 @@ AdditionalInputB.14 = 373b7d3c6e3c07907a45e6292da02991c252b4f368ac894e44fe2741d6
 EntropyPredictionResistanceB.14 = 72901d3c6324cb6eea7e62879721c4ab437fcac453cc43f179388851b6d160f3
 Output.14 = effddd2d7c39df20550e03ad21ccba6f6775a92726af567a80bcc91523f3646ec156cbaabd4fdb13c63105f2b771f94fbdec6a2670f8fb263cdec3ac1b775774
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -52375,8 +52375,8 @@ EntropyPredictionResistanceA.14 = 43d53e48de3c247857132224a448147672dec7cffe1016
 EntropyPredictionResistanceB.14 = de28c574f0d771f2211acb54b43a60ef79973081f06da6819219612c67bd94b7
 Output.14 = 3e6e82f2edb3fcd74559b46d319b09cfc3441c06bac7a1260647ed7f9327485d553873d8b58c08410574161e0ff9d5bb2ed4cfea533bdbcd47ec627ac405d3f6
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -52471,8 +52471,8 @@ AdditionalInputB.14 = f298b8789db7c5b8e0354764d0b30013453c3c5c77bfec04264203d767
 EntropyPredictionResistanceB.14 = 9a4dfac99270a67b45256a4da4ac0df15693a4a19fb68d08c0a2061a9e190749
 Output.14 = a7746e689fbe9eeed34b0ba524851742a5fefe1ff5ab84c6b9a118da64a8ad8fc9ff601ccbe6a5b7e90c5da8cdc8d9fba741d22a0aa1d8ce4fb9cd6148eb06da
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -52552,8 +52552,8 @@ EntropyPredictionResistanceA.14 = 9dfd31e3adc822b675c0a9c8702df12de4c3354ccdb538
 EntropyPredictionResistanceB.14 = 2a1b1519d22d40ef4ec23c6d97dc148cfe171fb5f8b1c305ec6d8e83a1ef9064
 Output.14 = ac054570b081cf53b39b0a2faa21ee9b554c05ff9055843ac0eb9031d1de324701ad4cf2875623e0bf4184de4aea20070be1cb586880ac87fbb7e414b4b128d0
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -52663,8 +52663,8 @@ AdditionalInputB.14 = 6fd46ca18d10326f5734d0160163bc42d3daa55e3c74a2e0fc7380fd84
 EntropyPredictionResistanceB.14 = 16f3bd62634368535da170a7f117bbf8b896ba1bfac5ab682247b1b55452e844
 Output.14 = f84c05b144b114fbd2f80a21862a44f3641fbe980957e3fab736976db37b8bca823d7f848f32f4aca60268c020a2e85a5ee0f31fb746f0dff066b83d32563df9
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -52729,8 +52729,8 @@ EntropyPredictionResistanceA.14 = 8090391380ed44d3423fdf8d47891a2027110da4c2334e
 EntropyPredictionResistanceB.14 = 8288a190ae9118c57b033808bb3f895d4dfbf2dc7ce9b9016e339548fee10a6f
 Output.14 = 73d122b8854f2610a833a78af28baf4a2dae48dd1ed685e4f98947092e3aaa56a65fdc9acd8a875c16b2a91c757ff7cd6ee777292fbcb0220795c9519cf44052
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -52825,8 +52825,8 @@ AdditionalInputB.14 = 440e9b55a68dd27df4ef8d0dfeb8c2156c2250cc1ab574432c2b62baca
 EntropyPredictionResistanceB.14 = 3cd2f704ace560337fcbcc07d2b027c37380b35b26b26e40b9d62dd654e44193
 Output.14 = e55b536cca2b2148af20e887ad6b1c6ab5c285fe5271e188c5fe5f7f037bab8d6d2502ab71d768d4f05b1bef7f27440ce8f64311ff7147dbb55719bf7371bbd4
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -52906,8 +52906,8 @@ EntropyPredictionResistanceA.14 = d0caa71a0c2e2f218bdded7a08864addea822aaab598b5
 EntropyPredictionResistanceB.14 = 31fcf2f4f7580ea3b79e738830d42a218935ac5c6583febabc14bb5463fe4609
 Output.14 = ae6cbc3e108ba64b18244ac14eefb670caa16784e175ffc1f41126cdbe791e0e3de26d58123aae6843613b478b9ed94173fa27c7400bb071e0a9829b9a8fca19
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -53017,8 +53017,8 @@ AdditionalInputB.14 = 55156a604966212f7cf20379b79cdfee41a9fe462c9f7e17e5a082c5dc
 EntropyPredictionResistanceB.14 = c64dc7f4e7fc14ada0905e271e0de491a7b8e4931d26823e572132329e00652a
 Output.14 = 7d96dfe0f6fe3eac2de3a3a8729d36afb1767aeae2ac3c79db0c523226cacac3cac6d5a87d4f152e8e7274069cc9f12bb7edb293f04e9bbd5a8f0ab142fc373b
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -53083,8 +53083,8 @@ EntropyPredictionResistanceA.14 = 25aeb73bc04139a647b60a0e506db2109581f58b704f00
 EntropyPredictionResistanceB.14 = a2e5839c59fc255576a2fd462c719895314a033823f11f419446d02702bf004f
 Output.14 = fb833a40a658217ad75391aa8311b3e872bbc2e1cb150da87cc6e3494423c5a992593b68f609d30387a0384f64079236a1038969d011bea6f8adb052c5b57eec
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -53179,8 +53179,8 @@ AdditionalInputB.14 = 4e6c1d082917ac9eda7f032c61867736b5be7b3045555f6ef10c584875
 EntropyPredictionResistanceB.14 = bcad225d779bd3653a616a8d667030c556117b2adb88e4a6a4e0d0561ae94f42
 Output.14 = 14cf6fa5cfb8f9c74add5b2dca5e30395a1045ed1e1cf4e91ccbdf8ab80d1c0f1d93481651535e4089638b04fdf95f52aec1fff6565b21d8a2a32ea814952411
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -53260,8 +53260,8 @@ EntropyPredictionResistanceA.14 = 24e9ce22a727e4540d7d85e056bf6448063d5f13dae559
 EntropyPredictionResistanceB.14 = 9a5f15c36078cfa0c768868816d5bd0b1d33c492fa9554498b6625639a293dcc
 Output.14 = 54c02aa8e6ccc1f109a5f215f488fe9ca7c7ceb3d1b0d9e9256ac4f5d4195cc8c36f8d8ddff55ea10f86d0eb5bdb5b116339b9c0229eb7e96814012a2ed5eb0a
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -53371,8 +53371,8 @@ AdditionalInputB.14 = 34e517ff4f40e3c0c699710134cdeed029baea8e142db0bac9c5aba6a0
 EntropyPredictionResistanceB.14 = 09d8b16346fbf20ca073688ab3e917602686e07dff338142841410068e640296
 Output.14 = c1d0095376ac846921d2bba5f4d50d231851311792c66d125d5701d6cc466e181c893dfc9999c21063f69f0cdb9850c3a34755926c67e3af75e801e7c21f3da9
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -53437,8 +53437,8 @@ EntropyPredictionResistanceA.14 = c52074e8343f57c0f56c9aa4bc3a6bcc9dff30b21905ae
 EntropyPredictionResistanceB.14 = f09a47309a1ddfeb54eea6dfa7b15ab0e6f183e2478a3889de89091c2bac0c25
 Output.14 = efd931fe77e202d2aba86f6407126a859c881abc86c8f8342deeabf527ed6dc679e5dfcdd212ddc3f2e779d043f058893d7b23c6b69334ba0132db6ce82a167c
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -53533,8 +53533,8 @@ AdditionalInputB.14 = 0bf212302b4d20c6d2b799c9fd692b14b5672897fc45b416addaf55501
 EntropyPredictionResistanceB.14 = d0b9c12bd6b178f89a238afb0fce43d45dfd2467b3a1cf9b1aa31960179f125c
 Output.14 = 7e5720126ce4ef83b785d9649915cf76ed6ef318422950b6540cef9a0ca90c40203b3a365b8a5c40d63475f7b37f5366b7f2ed6e18885e361ba89d46350028e4
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -53614,8 +53614,8 @@ EntropyPredictionResistanceA.14 = 3695bd2e5b30b1d3957dd0a116bddba53a24dbe647dea6
 EntropyPredictionResistanceB.14 = 4079d6610bbc715e62777ab699e3ac6b6c4d097aad4debf668a54d15744d9ec1
 Output.14 = d0aaa51fb084825f8bf0476c703f1133829a93dee1f8061222f3502ff1bdfd550edfdc275f3aec8a8fc5f9e5f71246362fdbcc65a00e7cc52ff353cfa3b3759a
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-128-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -53725,8 +53725,8 @@ AdditionalInputB.14 = b44a499fdf9330170ebede64cf8fb19f4a8317596d80d8f9c9d1009322
 EntropyPredictionResistanceB.14 = a4341ae5155601af7ccfd9bc573968f99ff82ae2605a462af7e6ed6fd5f2cab6
 Output.14 = de6541dae09137dfe17fa3bc785c8f45d3d36cb621d76c53f9031b2853ee0657a1edba0f6f06dade6a5a62faec54cf69bbf15db2244909114b0486f75da3cf16
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -53791,8 +53791,8 @@ EntropyPredictionResistanceA.14 = ddcd35394681d6f0170aa6bd8932b602745f41117eecb8
 EntropyPredictionResistanceB.14 = 09a5d5925616379b5221b347659afa11da4326b630b57f3b78db9812e667ed3fbad25fcce6307486
 Output.14 = e04e5432f671015350f0cc912f5e83e969e00584c6178cc82394cf85ce3dee6ca87b6cb02e27a21e03f83c24c761f521830645fefd4474c634e1124a4d93da30
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -53887,8 +53887,8 @@ AdditionalInputB.14 = cc7df42c7f93a63b8a8389c66a336519cf27cc6e61a06a67c33077c954
 EntropyPredictionResistanceB.14 = 1c59550710b2efa9f009e44c0aa724ad3451da29323f60d68d025693510fc01670c282b38bff3249
 Output.14 = de2abced63a11a9c7c034fae31d8fd57239a76a8d8382d9a507e5230c1b0c5bf063a99f00cd4428db196597427900f56ac2ff8d556d3af3d119a590b594c2e90
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -53968,8 +53968,8 @@ EntropyPredictionResistanceA.14 = 756f29305af9f4d3ceca4399594d07636df0b2ecfaa064
 EntropyPredictionResistanceB.14 = 1880252ad93c994dff31fb2a10fab8c265cf6f6a36f010fc35e4d858bbb783e3a682afc3fb98fe6d
 Output.14 = 2f7872a704eb276afad3efb131e67c4b9508fffdbb704e8c85c07e6132745941a8889ffc37baa637a1b7b7b0b84fbfdb8fbc00e7f1eff50baf2d062d8434bba2
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -54079,8 +54079,8 @@ AdditionalInputB.14 = 3d91e9e7ca5683312545bdb4613dba83182b0c906f3a1d65a2610709e8
 EntropyPredictionResistanceB.14 = c9255e2fabf84b9edd45737f5de13e5661acc03623a3f9268efcaf7f5562cf839bcceda229e06f11
 Output.14 = 28ac3acb17dfdba1d5abb3e2515dc16b42bd207d2743c51b3a2e5edceb0021d964fadd50d499e2df1623c2832a9e552331e915395d65e95f3d523d40d1d8a15c
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -54145,8 +54145,8 @@ EntropyPredictionResistanceA.14 = ea4ffce516fba5a28325206d639d1b3a0f7c61798947a5
 EntropyPredictionResistanceB.14 = d7e649cdf563e960640b50927a92abcaa306d4e1315eadb0316bb65d7f9166577bab34bf012a6f9c
 Output.14 = e92c34e544c5342445228ae6740616889856eda4ce82fb7f1c15d1951953f5509ae754624ad9f159dd5e1908da3c97d2a66945b8a8746634dc70b7f31718c4ab
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -54241,8 +54241,8 @@ AdditionalInputB.14 = 16d262848510e407c7680cfcd3fcc27b8647fcc0155426b3e7b54bc473
 EntropyPredictionResistanceB.14 = f6d98f69302da7ad42b8e580a9d755e929fe39fb0436140388fc7160d94f6167c0e150566fe5310f
 Output.14 = 9c7766b3ebb27f65539f3dd6001ae45c85bba6d6c09e600f0b9cf5e02f30b0f8584e696c2fee0239d5e4d5b623700ca98c94e7ca82fbb8b4643549f29d2df244
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -54322,8 +54322,8 @@ EntropyPredictionResistanceA.14 = 828357ad5c99f114394f578f56cd7e9a5da671636bce00
 EntropyPredictionResistanceB.14 = 6f256e9f5f7a84ba4fd6eb19b6ae20b27c26660e51982bc4cf8e28a2dc43cdb723cc8a727c2ea91d
 Output.14 = c176910a6a7c96982841c0b603b423b2fa67c267b5388d858a4d8dcd69d6b67cb96816892162147e38cc602afa459fc5623da0862b74f1e8f569bf3b1024d881
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -54433,8 +54433,8 @@ AdditionalInputB.14 = 205f0f79d140c6ffef742bf3cda512a3fb84af66d058e5a34752cfd0e4
 EntropyPredictionResistanceB.14 = 1989becc20da39682e67b961dc4a2f10a73b037b21cf055f1f12e8f59f047200dab4907e5e8b96aa
 Output.14 = fa20e0054f9edef75b34aa4e76b16dd6d9d54de5e350c879e16541cb80a4e64c3f392a0108c792ec8fcec84721cd71ccae15de31f3eff57e09f024506857c3e9
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -54499,8 +54499,8 @@ EntropyPredictionResistanceA.14 = fcab2000ecec66a23af1381d36e1df97a4341c329f375b
 EntropyPredictionResistanceB.14 = d75022692bbe5beeca5d81942443cf0dd78b770b7542cb8fd1be65e4908816ea43fa903a7a66fe0b
 Output.14 = d5f91235a90cafc96e39e2a1e636d9a2386c5214d8616941bb9f4c2fd375da49d33fabec2faca971d6520bab482e33f6f2752b2d054f9c3bb1f50d072978ea2f
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -54595,8 +54595,8 @@ AdditionalInputB.14 = 1a72cab51be3633be268e4533fe4ad482e5178cb3b15c6d8090ae9e888
 EntropyPredictionResistanceB.14 = 6587fd55057566c3fcdbd85aa2b693d885234144a6ac9000b8640c8530da8e2e72abfca6980d7119
 Output.14 = a0496a05e5238f171f18870973c9e7b9b3fff44df1fc1ccfa398ef73aeb41829a39339fd032591abcce4cd9402297f7c2e38fd2486eaa8c20134fc0122af978f
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -54676,8 +54676,8 @@ EntropyPredictionResistanceA.14 = b459eeb404a1480b64e7d572bced365bf822878085363d
 EntropyPredictionResistanceB.14 = a057871a394e93e58ba191c239e21858a3127a6b748a4505eda487dc6a5293304aad36d52da132b6
 Output.14 = 96b24ef7b19370cb3ec40a4763de926977ecbe6af2fba201e983e7bbd71b23fa95bd315933ce2fb5a10f4a121cc56b125233f09ff920cc380df7ab5513403457
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -54787,8 +54787,8 @@ AdditionalInputB.14 = 02a318a1579714ddac239f968564fa2768d5099c237237ac15aba9bddc
 EntropyPredictionResistanceB.14 = 0d18ee1fdb9dc23c66aea587fa59cc9c65da7690a7a780bc64727fa3fb22602301911ed3f99fd712
 Output.14 = 992397ec168448c4521560085f3956d2fc583bda1924b29fddd081dfcc056a0dcaaf3edd1a84158b6b7e5737d37535fbbd6258319b7458c5524cd0061a8850e8
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -54853,8 +54853,8 @@ EntropyPredictionResistanceA.14 = ad927a71c6390c5613a7c14780abe6d266b2d126aa49f2
 EntropyPredictionResistanceB.14 = 152ec7c0d26eab6de29d3d2ef321281297bd2591be887318712ccdbbd3ecfc1c9250f99a226fc9b8
 Output.14 = 0ad1101454cfe091f1456383eeb1e7a968328da150f1166b89e7c202daf5e42324314c43fd1da6de3feb9ffcf82cf217bbcdf5c96864c227246306f0c975c4c8
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -54949,8 +54949,8 @@ AdditionalInputB.14 = 3f5221732e417fe4234626d8b4fe5dce8d0974a7551c4e7b9eb827f32c
 EntropyPredictionResistanceB.14 = 1d81b5e14e9f995cf19771d54877e97b2d4f551c36033874fcf3a4814312d7064acc2556ea5e0fdc
 Output.14 = c6d9cb21922398c6a63e4d17f0f69f1d4c1b4998d73828d43ea1f69acad5b1d94800a6976c09a8b5befa2b0c82877874eaed15027f9f7dad3bffa005e49758a0
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -55030,8 +55030,8 @@ EntropyPredictionResistanceA.14 = 21db28b5cb9724d93c58f787b155f0131c39b5606e6a96
 EntropyPredictionResistanceB.14 = 4aa587edcb940c3a9328a0ef2f195effc1cf027b549ff1ec5d5cac0e996196eacd16108498b27366
 Output.14 = 69dc6c36459e005275e344886624ca61a42cba3387dcee79392ae96a311313dc7e33283605fb46aa1d881bccaec6336a61545dac52166cbf8174b8dca3ebfbc6
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-192-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -55141,8 +55141,8 @@ AdditionalInputB.14 = 3dc3ef9447ffddf64c3ca0569afcf8e5d491a9571b9a1fa251e0684d3a
 EntropyPredictionResistanceB.14 = 140636342e9ebb2bae8a87b5d8193a59b75b12318e7094975bed5ce2d23a58b4a021496e820a1b35
 Output.14 = b72e486984d1273fa7865a2a43a830b625e394cccf169610ad2714b5b64ef6473f53e62aaffc85bfa2b155bf81830abfc528a80c17f2e325bb7ac9197e5a1099
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -55207,8 +55207,8 @@ EntropyPredictionResistanceA.14 = 6f16ff94cb8ade7a928b9a59af32ea79944e6890a003b0
 EntropyPredictionResistanceB.14 = c73fe23a8ba2bb780178342598252e9ce3de907c4fc1cd632b353cf959ff610f23a8a2b0424ad137aec7da42f8c9f2da
 Output.14 = 8f7261edf6d10824218ad0b10881e3c1251637bbb71d0f35280caec7de254e07147f33288b5c60794060b59e6f5cc2938e4c29de1e4d5d4d3bde3f27c3fab92d
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -55303,8 +55303,8 @@ AdditionalInputB.14 = da29846d4d48e3eeac71ab07fae9b9dbb6c5d83cffb75c67be10bb15e6
 EntropyPredictionResistanceB.14 = 0d9037cf745b3cf41628eb1538bb71b59116da1049ecd36d12d344c5a17e471c8c4e72cfdc7ca0538c81085952241d68
 Output.14 = 7a7ed6e632630ffcf32f0373deb2c67c6dcb77f04f1991f89d5d25a3a8c390ac8ac373b66c5da990c3fe28cd93f3a4f8e5594cae25498ed73f5f001b83179b0c
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -55384,8 +55384,8 @@ EntropyPredictionResistanceA.14 = 2b3877ed4d1b3174d36e784ad7b6b7991dd52979ca5b1c
 EntropyPredictionResistanceB.14 = 91d421c3eb04de94099a7467254bad70e236d5c27616f766e85b4de3965001db854e61a80bfec2eacb4ff93ecafb8b83
 Output.14 = ed703d9273bb9462ac400ee8d587ea3c4d6c27aa014defcb6ca6fe885272bcb4b6ba0822f42941071bf635b41d997c631b680d91b23ee48351041dc274900821
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -55495,8 +55495,8 @@ AdditionalInputB.14 = 4f23641093342d946d3a956c456dba18bd42de21cb2494f6310da7d20a
 EntropyPredictionResistanceB.14 = 843e7cac38b659a611dc4af4bd228ebc0cd9073ee98350d04da61f77db66c0c70872153d9fa2af4bc583ac2cf79d506e
 Output.14 = 6754a72f7fe23ea607ef0ae61a61eb3afc562c5227670572b7ff2dcecf3dcb4194829d29fcf9b100412aa0ee87611ab534896f80f47cff40b7f76e0ea46b3d41
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -55561,8 +55561,8 @@ EntropyPredictionResistanceA.14 = b8ef0d478028f0c55dd13861281489e6c124870f0f28c8
 EntropyPredictionResistanceB.14 = c12649a0f249c7f5ddb550eb527a0f720e5eaf04e6e3b96dc24881eba10ce466f67e3fe51a0342cb1a2192a555798169
 Output.14 = d8c63ecb23f16ee925282b7744e8cc2c2c1deb56581cf27152118b5790cdbe682a34d91523bf0c7be4ff263aba2ffdda35e4d36a5122461b89b43069932b30a9
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -55657,8 +55657,8 @@ AdditionalInputB.14 = e97f7fc9e287ae947d3e937d60ece684f0c8dd9e133cbd7265b2b3e073
 EntropyPredictionResistanceB.14 = 94904fbdfaf6b1d8931c15a37277814dcacc6343d48b80a1c624f8aa3733e05a52bf1f1266e2b90da5d562d7ffcbc274
 Output.14 = ef2fcb4a9113e062d6cd37f51a9944645c3cce0b06e2d11a2c778bdb559a2f627c8a0e7f419660f461456064c3508df1db945af6085abaf7719e868a912df8dd
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -55738,8 +55738,8 @@ EntropyPredictionResistanceA.14 = c436b73aae532ffb950c6ed83753aa6df0571f11fd8e0a
 EntropyPredictionResistanceB.14 = d3ed7671eb3c2e0c115ec9d6d684964d39533d767413b63e0bf7c956b47205f8d5001a9650e7a1c7381f110c9ecfe92c
 Output.14 = f99b7d88ccfe1c84c9949c3548630ea2a9ec033543c693c5bf72a82f404c5eec5b2a09afb6c95f10b48fe4608092e7213285af83ba1304acfef846060a1cf860
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -55849,8 +55849,8 @@ AdditionalInputB.14 = 58a98d14625f59f7adf6a703b2e1ee21fb83f22f3694f7f06548c85804
 EntropyPredictionResistanceB.14 = aec90f26f7c7853f3917de516f1ee0f85a0f3d0eb4967f6d2694552a93a25ca7fbdb4554de8acc0e60af0c5b0829cb9a
 Output.14 = 18d3f2396fa92b0b9e6bc7a5c0f9f8e10857c0063b4fdd8ee76d12e1205eb5e4fbe1b07ffc0ec5045eaaad608a558d1107f931c0290392166bed2d09849880a5
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -55915,8 +55915,8 @@ EntropyPredictionResistanceA.14 = 1e5191f18e3c049b3aa304604a42b13e87b61ab808a1f2
 EntropyPredictionResistanceB.14 = a04435fab8cffaaef34f6738f2682adef4790e8e2655d5943bd5370009ede99a6da3c9ca4dc7105a1352f9bd295be419
 Output.14 = 31b0234431f4ff22f0c1f5c220a5890c7efabc06974357a1ab8a79d1caa66b46b62f0b5a5b0d8010923dd86ced2f039effa2031619aafbb3d7dc9362ef04bdf3
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -56011,8 +56011,8 @@ AdditionalInputB.14 = b1e3c770adbc772d94edef6188d0f07ea1c25fb41dd20eefb552dead33
 EntropyPredictionResistanceB.14 = ffd6fd3031397d33e382f40b6338e7e3640b9b35800d890581fad4784366a1533f38398f255dc316bde222850794e46a
 Output.14 = 826dc7b1c39fb4955f614fab27697ed5fa1ed8686c701ef5e03776a814bbcdf9afe49343cb53944241c30b201be6d181edd20d55fe0374a43d68205d8ef758ff
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -56092,8 +56092,8 @@ EntropyPredictionResistanceA.14 = 83acc7bc2f89de95c84a4450d509e7de3512ad839f832b
 EntropyPredictionResistanceB.14 = 95a26a2f946c03f51012bc6cda0797af89a8500394cc7f11866a861608eb97fcd2e37df3f681dc3c1b3f48bdeae119cd
 Output.14 = a7b6c0c8bebd7eca9357a2be02063a603c103d68a793e792497ecf66592835f1f9607dae7b98be1049514ec5ea4cdd0b41d5cbf986a3a04314515b341f0924ab
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -56203,8 +56203,8 @@ AdditionalInputB.14 = c0e16d4fc85cfb1c3a4f69806041c5a270d4af742292dcebeccba75e1b
 EntropyPredictionResistanceB.14 = a52c99a12f63c6ae4bc101ff221d7fd1b4dd79df76e38992ba3fdf380bdbad5e6aa15d0ab638e90874d81bdb2e983aba
 Output.14 = e728957b292565f906de0cee5bf91fbe2e189857ca5d5efefb5953a8e9f46630756ea01abf8e6fc499bc8e2e5c29c62669bc07ccfbdc7951215f8ba7f1bc815e
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -56269,8 +56269,8 @@ EntropyPredictionResistanceA.14 = cd66ebf08c99f9c04c1effc078717b4f24422f111591a0
 EntropyPredictionResistanceB.14 = 60c6f9f07f75f1a80188b32d07c2895872c4e8b92a19ac6c2a29bc807f99fb4af75b6aed8e6f75c9a6b1559b48f128e9
 Output.14 = 2d20709ea0ff7a624ea1e37d80c65c25eaed85af45ef1a092ea7b97c49c912a0f0fc62d29ff4e4182c6bb12676cab3711c2b8db265cd9f81569a300b99fac43e
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -56365,8 +56365,8 @@ AdditionalInputB.14 = dbe91ffe3bfb719bebbb0e3bb60aa907ca6e0411c05a7ded766674cd4d
 EntropyPredictionResistanceB.14 = ca5099749aa7f195e0fde5262c56ad35c1d52069001fbb6580d478f50d1d69f6941d7ea4fa66e4741cad701a67f92933
 Output.14 = a135641f33e2aa5975a3be70b05e0b8c48372ef7c6768eed8e6c2b4e91d9153eead217ea47bf96b1412af4e08c3114d2c85f2e29fbe93c26014677bd14266ecf
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 1
 GenerateBits = 512
@@ -56446,8 +56446,8 @@ EntropyPredictionResistanceA.14 = c3444261962386b57d6c5f125dc3043678afe1962d55d9
 EntropyPredictionResistanceB.14 = 1fd895068aec8df2684784007949e0370578676c6537a09dd90567b95f6138809e70bcc9fc9efc03dfd83f0367784bde
 Output.14 = 894f3bc0fcbdb76b01df80f05d0ca636bd51438f5ee28250f27e8e47968c9c86a847970090d51b0a60984ebb5079017a5c5bac394e9644befc566edd4768d919
 
-RAND = CTR-DRBG
 Availablein = default
+RAND = CTR-DRBG
 Cipher = AES-256-CTR
 PredictionResistance = 1
 GenerateBits = 512

From builds at travis-ci.com  Fri Aug  7 04:46:30 2020
From: builds at travis-ci.com (Travis CI)
Date: Fri, 07 Aug 2020 04:46:30 +0000
Subject: Still Failing: openssl/openssl#36541 (master - 6ce6ad3)
In-Reply-To: <openssl/openssl+178828575+still failing@travis-ci.com>
Message-ID: <5f2cdc916c50f_13f9c47db58d087422@travis-pro-tasks-69dfd88564-h256z.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36541
Status: Still Failing

Duration: 1 hr, 18 mins, and 2 secs
Commit: 6ce6ad3 (master)
Author: Richard Levitte
Message: RSA: Be less strict on PSS parameters when exporting to provider

We have a key in test/recipes/30-test_evp_data/evppkey.txt with bad
PSS parameters (RSA-PSS-BAD), which is supposed to trigger signature
computation faults.  However, if this key needs to be exported to the
RSA provider implementation, the result would be an earlier error,
giving the computation that's supposed to be checked n chance to even
be reached.

Either way, the legacy to provider export is no place to validate the
values of the key.

We also ensure that the provider implementation can handle and detect
signed (negative) saltlen values.

Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12583)

View the changeset: https://github.com/openssl/openssl/compare/5f6a0b2ff055...6ce6ad39fe85

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178828575?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200807/a46d6d7b/attachment.html>

From builds at travis-ci.com  Fri Aug  7 04:54:20 2020
From: builds at travis-ci.com (Travis CI)
Date: Fri, 07 Aug 2020 04:54:20 +0000
Subject: Still Failing: openssl/openssl#36542 (master - a7922e2)
In-Reply-To: <openssl/openssl+178835141+still failing@travis-ci.com>
Message-ID: <5f2cde6a874ae_13fecc6cacf6837070@travis-pro-tasks-69dfd88564-rlmsf.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36542
Status: Still Failing

Duration: 15 mins and 50 secs
Commit: a7922e2 (master)
Author: Richard Levitte
Message: TEST: Adjust the serdes test to include MSBLOB and PVK

Because PVK uses RC4, we must ensure that default + legacy providers
are active.

Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12574)

View the changeset: https://github.com/openssl/openssl/compare/6ce6ad39fe85...a7922e208ddf

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178835141?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200807/3caef452/attachment-0001.html>

From openssl at openssl.org  Fri Aug  7 05:08:33 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 07 Aug 2020 05:08:33 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-posix-io
Message-ID: <1596776913.166090.13501.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-posix-io

Commit log since last time:

914f97eecc Fix provider cipher reinit after init/update with a partial update block.
c5b356d5d6 Mark an argument of an inline function as unused
ebc1e8fc4e openssl-cmp.pod.in: Update and extend example using Insta Demo CA
4c525cb5b6 DESERIALIZER: Fix EVP_PKEY construction by export
aff8c0a411 Fix error message on setting cert validity period in apps/cmp.c
57c05c57c3 apps: Correct and extend diagnostics of parse_name()
02ae130e3d Add 'section=...' info in error output of X509V3_EXT_nconf() as far as appropriate
1ac658ac9d Rename misleading X509V3_R_INVALID_NULL_NAME to X509V3_R_INVALID_EMPTY_NAME
c90c469376 Correct confusing X509V3 conf error output by removing needless 'section:<NULL>' etc.
b516a4b139 Correct misleading diagnostics of OBJ_txt2obj on unknown object name
8f7e897995 apps/cmp.c: Defer diagnostic output on server+proxy to be contacted
b5b6669fb6 PROV: Make the DER to KEY deserializer decode parameters too
19b4e6f8fe Coverity Fixes for issue #12531
e5b2cd5899 Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo
37d898df34 Add CHANGES.md entry for SSL_set1_host()/SSL_add1_host() taking IP literals
892a9e4c99 Disallow setting more than one IP address with SSL_add1_host()
396e720965 Fix certificate validation for IPv6 literals in sconnect demo
c832840e89 Make SSL_set1_host() and SSL_add1_host() take IP addresses
a677190779 81-test_cmp_cli.t: Skip tests with mock server if server cannot be started

Build log ended with (last 100 lines):

rm -f doc/html/man1/CA.pl.html doc/html/man1/openssl-asn1parse.html doc/html/man1/openssl-ca.html doc/html/man1/openssl-ciphers.html doc/html/man1/openssl-cmds.html doc/html/man1/openssl-cmp.html doc/html/man1/openssl-cms.html doc/html/man1/openssl-crl.html doc/html/man1/openssl-crl2pkcs7.html doc/html/man1/openssl-dgst.html doc/html/man1/openssl-dhparam.html doc/html/man1/openssl-dsa.html doc/html/man1/openssl-dsaparam.html doc/html/man1/openssl-ec.html doc/html/man1/openssl-ecparam.html doc/html/man1/openssl-enc.html doc/html/man1/openssl-engine.html doc/html/man1/openssl-errstr.html doc/html/man1/openssl-fipsinstall.html doc/html/man1/openssl-gendsa.html doc/html/man1/openssl-genpkey.html doc/html/man1/openssl-genrsa.html doc/html/man1/openssl-info.html doc/html/man1/openssl-kdf.html doc/html/man1/openssl-list.html doc/html/man1/openssl-mac.html doc/html/man1/openssl-nseq.html doc/html/man1/openssl-ocsp.html doc/html/man1/openssl-passwd.html doc/html/man1/openssl-pkcs12.html doc/html/man1/openssl-pkcs7.html doc/html/man1/openssl-pkcs8.html doc/html/man1/openssl-pkey.html doc/html/man1/openssl-pkeyparam.html doc/html/man1/openssl-pkeyutl.html doc/html/man1/openssl-prime.html doc/html/man1/openssl-provider.html doc/html/man1/openssl-rand.html doc/html/man1/openssl-rehash.html doc/html/man1/openssl-req.html doc/html/man1/openssl-rsa.html doc/html/man1/openssl-rsautl.html doc/html/man1/openssl-s_client.html doc/html/man1/openssl-s_server.html doc/html/man1/openssl-s_time.html doc/html/man1/openssl-sess_id.html doc/html/man1/openssl-smime.html doc/html/man1/openssl-speed.html doc/html/man1/openssl-spkac.html doc/html/man1/openssl-srp.html doc/html/man1/openssl-storeutl.html doc/html/man1/openssl-ts.html doc/html/man1/openssl-verify.html doc/html/man1/openssl-version.html doc/html/man1/openssl-x509.html doc/html/man1/openssl.html doc/html/man1/tsget.html doc/html/man3/ADMISSIONS.html doc/html/man3/ASN1_INTEGER_get_int64.html doc/html/man3/ASN1_INTEGER_new.html doc/html/man3/ASN1_ITEM_lookup.html doc/html/man3/ASN1_OBJECT_new.html doc/html/man3/ASN1_STRING_TABLE_add.html doc/html/man3/ASN1_STRING_length.html doc/html/man3/ASN1_STRING_new.html doc/html/man3/ASN1_STRING_print_ex.html doc/html/man3/ASN1_TIME_set.html doc/html/man3/ASN1_TYPE_get.html doc/html/man3/ASN1_generate_nconf.html doc/html/man3/ASYNC_WAIT_CTX_new.html doc/html/man3/ASYNC_start_job.html doc/html/man3/BF_encrypt.html doc/html/man3/BIO_ADDR.html doc/html/man3/BIO_ADDRINFO.html doc/html/man3/BIO_connect.html doc/html/man3/BIO_ctrl.html doc/html/man3/BIO_f_base64.html doc/html/man3/BIO_f_buffer.html doc/html/man3/BIO_f_cipher.html doc/html/man3/BIO_f_md.html doc/html/man3/BIO_f_null.html doc/html/man3/BIO_f_prefix.html doc/html/man3/BIO_f_ssl.html doc/html/man3/BIO_find_type.html doc/html/man3/BIO_get_data.html doc/html/man3/BIO_get_ex_new_index.html doc/html/man3/BIO_meth_new.html doc/html/man3/BIO_new.html doc/html/man3/BIO_new_CMS.html doc/html/man3/BIO_parse_hostserv.html doc/html/man3/BIO_printf.html doc/html/man3/BIO_push.html doc/html/man3/BIO_read.html doc/html/man3/BIO_s_accept.html doc/html/man3/BIO_s_bio.html doc/html/man3/BIO_s_connect.html doc/html/man3/BIO_s_fd.html doc/html/man3/BIO_s_file.html doc/html/man3/BIO_s_mem.html doc/html/man3/BIO_s_null.html doc/html/man3/BIO_s_socket.html doc/html/man3/BIO_set_callback.html doc/html/man3/BIO_should_retry.html doc/html/man3/BIO_socket_wait.html doc/html/man3/BN_BLINDING_new.html doc/html/man3/BN_CTX_new.html doc/html/man3/BN_CTX_start.html doc/html/man3/BN_add.html doc/html/man3/BN_add_word.html doc/html/man3/BN_bn2bin.html doc/html/man3/BN_cmp.html doc/html/man3/BN_copy.html doc/html/man3/BN_generate_prime.html doc/html/man3/BN_mod_inverse.html doc/html/man3/BN_mod_mul_montgomery.html doc/html/man3/BN_mod_mul_reciprocal.html doc/html/man3/BN_new.html doc/html/man3/BN_num_bytes.html doc/html/man3/BN_rand.html doc/html/man3/BN_security_bits.html doc/html/man3/BN_set_bit.html doc/html/man3/BN_swap.html doc/html/man3/BN_zero.html doc/html/man3/BUF_MEM_new.html doc/html/man3/CMS_EnvelopedData_create.html doc/html/man3/CMS_add0_cert.html doc/html/man3/CMS_add1_recipient_cert.html doc/html/man3/CMS_add1_signer.html doc/html/man3/CMS_compress.html doc/html/man3/CMS_decrypt.html doc/html/man3/CMS_encrypt.html doc/html/man3/CMS_final.html doc/html/man3/CMS_get0_RecipientInfos.html doc/html/man3/CMS_get0_SignerInfos.html doc/html/man3/CMS_get0_type.html doc/html/man3/CMS_get1_ReceiptRequest.html doc/html/man3/CMS_sign.html doc/html/man3/CMS_sign_receipt.html doc/html/man3/CMS_uncompress.html doc/html/man3/CMS_verify.html doc/html/man3/CMS_verify_receipt.html doc/html/man3/CONF_modules_free.html doc/html/man3/CONF_modules_load_file.html doc/html/man3/CRYPTO_THREAD_run_once.html doc/html/man3/CRYPTO_get_ex_new_index.html doc/html/man3/CRYPTO_memcmp.html doc/html/man3/CTLOG_STORE_get0_log_by_id.html doc/html/man3/CTLOG_STORE_new.html doc/html/man3/CTLOG_new.html doc/html/man3/CT_POLICY_EVAL_CTX_new.html doc/html/man3/DEFINE_STACK_OF.html doc/html/man3/DES_random_key.html doc/html/man3/DH_generate_key.html doc/html/man3/DH_generate_parameters.html doc/html/man3/DH_get0_pqg.html doc/html/man3/DH_get_1024_160.html doc/html/man3/DH_meth_new.html doc/html/man3/DH_new.html doc/html/man3/DH_new_by_nid.html doc/html/man3/DH_set_method.html doc/html/man3/DH_size.html doc/html/man3/DSA_SIG_new.html doc/html/man3/DSA_do_sign.html doc/html/man3/DSA_dup_DH.html doc/html/man3/DSA_generate_key.html doc/html/man3/DSA_generate_parameters.html doc/html/man3/DSA_get0_pqg.html doc/html/man3/DSA_meth_new.html doc/html/man3/DSA_new.html doc/html/man3/DSA_set_method.html doc/html/man3/DSA_sign.html doc/html/man3/DSA_size.html doc/html/man3/DTLS_get_data_mtu.html doc/html/man3/DTLS_set_timer_cb.html doc/html/man3/DTLSv1_listen.html doc/html/man3/ECDSA_SIG_new.html doc/html/man3/ECPKParameters_print.html doc/html/man3/EC_GFp_simple_method.html doc/html/man3/EC_GROUP_copy.html doc/html/man3/EC_GROUP_new.html doc/html/man3/EC_KEY_get_enc_flags.html doc/html/man3/EC_KEY_new.html doc/html/man3/EC_POINT_add.html doc/html/man3/EC_POINT_new.html doc/html/man3/ENGINE_add.html doc/html/man3/ERR_GET_LIB.html doc/html/man3/ERR_clear_error.html doc/html/man3/ERR_error_string.html doc/html/man3/ERR_get_error.html doc/html/man3/ERR_load_crypto_strings.html doc/html/man3/ERR_load_strings.html doc/html/man3/ERR_new.html doc/html/man3/ERR_print_errors.html doc/html/man3/ERR_put_error.html doc/html/man3/ERR_remove_state.html doc/html/man3/ERR_set_mark.html doc/html/man3/EVP_ASYM_CIPHER_free.html doc/html/man3/EVP_BytesToKey.html doc/html/man3/EVP_CIPHER_CTX_get_cipher_data.html doc/html/man3/EVP_CIPHER_meth_new.html doc/html/man3/EVP_DigestInit.html doc/html/man3/EVP_DigestSignInit.html doc/html/man3/EVP_DigestVerifyInit.html doc/html/man3/EVP_EncodeInit.html doc/html/man3/EVP_EncryptInit.html doc/html/man3/EVP_KDF.html doc/html/man3/EVP_KEYEXCH_free.html doc/html/man3/EVP_KEYMGMT.html doc/html/man3/EVP_MAC.html doc/html/man3/EVP_MD_meth_new.html doc/html/man3/EVP_OpenInit.html doc/html/man3/EVP_PKEY_ASN1_METHOD.html doc/html/man3/EVP_PKEY_CTX_ctrl.html doc/html/man3/EVP_PKEY_CTX_new.html doc/html/man3/EVP_PKEY_CTX_set1_pbe_pass.html doc/html/man3/EVP_PKEY_CTX_set_hkdf_md.html doc/html/man3/EVP_PKEY_CTX_set_params.html doc/html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.html doc/html/man3/EVP_PKEY_CTX_set_scrypt_N.html doc/html/man3/EVP_PKEY_CTX_set_tls1_prf_md.html doc/html/man3/EVP_PKEY_asn1_get_count.html doc/html/man3/EVP_PKEY_check.html doc/html/man3/EVP_PKEY_copy_parameters.html doc/html/man3/EVP_PKEY_decrypt.html doc/html/man3/EVP_PKEY_derive.html doc/html/man3/EVP_PKEY_encrypt.html doc/html/man3/EVP_PKEY_fromdata.html doc/html/man3/EVP_PKEY_gen.html doc/html/man3/EVP_PKEY_get_default_digest_nid.html doc/html/man3/EVP_PKEY_gettable_params.html doc/html/man3/EVP_PKEY_is_a.html doc/html/man3/EVP_PKEY_meth_get_count.html doc/html/man3/EVP_PKEY_meth_new.html doc/html/man3/EVP_PKEY_new.html doc/html/man3/EVP_PKEY_print_private.html doc/html/man3/EVP_PKEY_set1_RSA.html doc/html/man3/EVP_PKEY_set_type.html doc/html/man3/EVP_PKEY_sign.html doc/html/man3/EVP_PKEY_size.html doc/html/man3/EVP_PKEY_supports_digest_nid.html doc/html/man3/EVP_PKEY_verify.html doc/html/man3/EVP_PKEY_verify_recover.html doc/html/man3/EVP_RAND.html doc/html/man3/EVP_SIGNATURE_free.html doc/html/man3/EVP_SealInit.html doc/html/man3/EVP_SignInit.html doc/html/man3/EVP_VerifyInit.html doc/html/man3/EVP_aes_128_gcm.html doc/html/man3/EVP_aria_128_gcm.html doc/html/man3/EVP_bf_cbc.html doc/html/man3/EVP_blake2b512.html doc/html/man3/EVP_camellia_128_ecb.html doc/html/man3/EVP_cast5_cbc.html doc/html/man3/EVP_chacha20.html doc/html/man3/EVP_des_cbc.html doc/html/man3/EVP_desx_cbc.html doc/html/man3/EVP_idea_cbc.html doc/html/man3/EVP_md2.html doc/html/man3/EVP_md4.html doc/html/man3/EVP_md5.html doc/html/man3/EVP_mdc2.html doc/html/man3/EVP_rc2_cbc.html doc/html/man3/EVP_rc4.html doc/html/man3/EVP_rc5_32_12_16_cbc.html doc/html/man3/EVP_ripemd160.html doc/html/man3/EVP_seed_cbc.html doc/html/man3/EVP_set_default_properties.html doc/html/man3/EVP_sha1.html doc/html/man3/EVP_sha224.html doc/html/man3/EVP_sha3_224.html doc/html/man3/EVP_sm3.html doc/html/man3/EVP_sm4_cbc.html doc/html/man3/EVP_whirlpool.html doc/html/man3/HMAC.html doc/html/man3/MD5.html doc/html/man3/MDC2_Init.html doc/html/man3/NCONF_new_with_libctx.html doc/html/man3/OBJ_nid2obj.html doc/html/man3/OCSP_REQUEST_new.html doc/html/man3/OCSP_cert_to_id.html doc/html/man3/OCSP_request_add1_nonce.html doc/html/man3/OCSP_resp_find_status.html doc/html/man3/OCSP_response_status.html doc/html/man3/OCSP_sendreq_new.html doc/html/man3/OPENSSL_Applink.html doc/html/man3/OPENSSL_CTX.html doc/html/man3/OPENSSL_FILE.html doc/html/man3/OPENSSL_LH_COMPFUNC.html doc/html/man3/OPENSSL_LH_stats.html doc/html/man3/OPENSSL_config.html doc/html/man3/OPENSSL_fork_prepare.html doc/html/man3/OPENSSL_hexchar2int.html doc/html/man3/OPENSSL_ia32cap.html doc/html/man3/OPENSSL_init_crypto.html doc/html/man3/OPENSSL_init_ssl.html doc/html/man3/OPENSSL_instrument_bus.html doc/html/man3/OPENSSL_load_builtin_modules.html doc/html/man3/OPENSSL_malloc.html doc/html/man3/OPENSSL_s390xcap.html doc/html/man3/OPENSSL_secure_malloc.html doc/html/man3/OSSL_CMP_CTX_new.html doc/html/man3/OSSL_CMP_HDR_get0_transactionID.html doc/html/man3/OSSL_CMP_ITAV_set0.html doc/html/man3/OSSL_CMP_MSG_get0_header.html doc/html/man3/OSSL_CMP_MSG_http_perform.html doc/html/man3/OSSL_CMP_SRV_CTX_new.html doc/html/man3/OSSL_CMP_STATUSINFO_new.html doc/html/man3/OSSL_CMP_exec_certreq.html doc/html/man3/OSSL_CMP_log_open.html doc/html/man3/OSSL_CMP_validate_msg.html doc/html/man3/OSSL_CRMF_MSG_get0_tmpl.html doc/html/man3/OSSL_CRMF_MSG_set0_validity.html doc/html/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.html doc/html/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.html doc/html/man3/OSSL_CRMF_pbmp_new.html doc/html/man3/OSSL_DESERIALIZER.html doc/html/man3/OSSL_DESERIALIZER_CTX.html doc/html/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.html doc/html/man3/OSSL_DESERIALIZER_from_bio.html doc/html/man3/OSSL_HTTP_transfer.html doc/html/man3/OSSL_PARAM.html doc/html/man3/OSSL_PARAM_BLD.html doc/html/man3/OSSL_PARAM_allocate_from_text.html doc/html/man3/OSSL_PARAM_int.html doc/html/man3/OSSL_PROVIDER.html doc/html/man3/OSSL_SELF_TEST_new.html doc/html/man3/OSSL_SELF_TEST_set_callback.html doc/html/man3/OSSL_SERIALIZER.html doc/html/man3/OSSL_SERIALIZER_CTX.html doc/html/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.html doc/html/man3/OSSL_SERIALIZER_to_bio.html doc/html/man3/OSSL_STORE_INFO.html doc/html/man3/OSSL_STORE_LOADER.html doc/html/man3/OSSL_STORE_SEARCH.html doc/html/man3/OSSL_STORE_attach.html doc/html/man3/OSSL_STORE_expect.html doc/html/man3/OSSL_STORE_open.html doc/html/man3/OSSL_trace_enabled.html doc/html/man3/OSSL_trace_get_category_num.html doc/html/man3/OSSL_trace_set_channel.html doc/html/man3/OpenSSL_add_all_algorithms.html doc/html/man3/OpenSSL_version.html doc/html/man3/PEM_X509_INFO_read_bio_with_libctx.html doc/html/man3/PEM_bytes_read_bio.html doc/html/man3/PEM_read.html doc/html/man3/PEM_read_CMS.html doc/html/man3/PEM_read_bio_PrivateKey.html doc/html/man3/PEM_read_bio_ex.html doc/html/man3/PEM_write_bio_CMS_stream.html doc/html/man3/PEM_write_bio_PKCS7_stream.html doc/html/man3/PKCS12_SAFEBAG_get0_attrs.html doc/html/man3/PKCS12_add_CSPName_asc.html doc/html/man3/PKCS12_add_friendlyname_asc.html doc/html/man3/PKCS12_add_localkeyid.html doc/html/man3/PKCS12_create.html doc/html/man3/PKCS12_get_friendlyname.html doc/html/man3/PKCS12_newpass.html doc/html/man3/PKCS12_parse.html doc/html/man3/PKCS5_PBKDF2_HMAC.html doc/html/man3/PKCS7_decrypt.html doc/html/man3/PKCS7_encrypt.html doc/html/man3/PKCS7_sign.html doc/html/man3/PKCS7_sign_add_signer.html doc/html/man3/PKCS7_verify.html doc/html/man3/PKCS8_pkey_add1_attr.html doc/html/man3/RAND_DRBG_generate.html doc/html/man3/RAND_DRBG_get0_public.html doc/html/man3/RAND_DRBG_new.html doc/html/man3/RAND_DRBG_reseed.html doc/html/man3/RAND_DRBG_set_callbacks.html doc/html/man3/RAND_add.html doc/html/man3/RAND_bytes.html doc/html/man3/RAND_cleanup.html doc/html/man3/RAND_egd.html doc/html/man3/RAND_load_file.html doc/html/man3/RAND_set_rand_method.html doc/html/man3/RC4_set_key.html doc/html/man3/RIPEMD160_Init.html doc/html/man3/RSA_blinding_on.html doc/html/man3/RSA_check_key.html doc/html/man3/RSA_generate_key.html doc/html/man3/RSA_get0_key.html doc/html/man3/RSA_meth_new.html doc/html/man3/RSA_new.html doc/html/man3/RSA_padding_add_PKCS1_type_1.html doc/html/man3/RSA_print.html doc/html/man3/RSA_private_encrypt.html doc/html/man3/RSA_public_encrypt.html doc/html/man3/RSA_set_method.html doc/html/man3/RSA_sign.html doc/html/man3/RSA_sign_ASN1_OCTET_STRING.html doc/html/man3/RSA_size.html doc/html/man3/SCT_new.html doc/html/man3/SCT_print.html doc/html/man3/SCT_validate.html doc/html/man3/SHA256_Init.html doc/html/man3/SMIME_read_CMS.html doc/html/man3/SMIME_read_PKCS7.html doc/html/man3/SMIME_write_CMS.html doc/html/man3/SMIME_write_PKCS7.html doc/html/man3/SRP_Calc_B.html doc/html/man3/SRP_VBASE_new.html doc/html/man3/SRP_create_verifier.html doc/html/man3/SRP_user_pwd_new.html doc/html/man3/SSL_CIPHER_get_name.html doc/html/man3/SSL_COMP_add_compression_method.html doc/html/man3/SSL_CONF_CTX_new.html doc/html/man3/SSL_CONF_CTX_set1_prefix.html doc/html/man3/SSL_CONF_CTX_set_flags.html doc/html/man3/SSL_CONF_CTX_set_ssl_ctx.html doc/html/man3/SSL_CONF_cmd.html doc/html/man3/SSL_CONF_cmd_argv.html doc/html/man3/SSL_CTX_add1_chain_cert.html doc/html/man3/SSL_CTX_add_extra_chain_cert.html doc/html/man3/SSL_CTX_add_session.html doc/html/man3/SSL_CTX_config.html doc/html/man3/SSL_CTX_ctrl.html doc/html/man3/SSL_CTX_dane_enable.html doc/html/man3/SSL_CTX_flush_sessions.html doc/html/man3/SSL_CTX_free.html doc/html/man3/SSL_CTX_get0_param.html doc/html/man3/SSL_CTX_get_verify_mode.html doc/html/man3/SSL_CTX_has_client_custom_ext.html doc/html/man3/SSL_CTX_load_verify_locations.html doc/html/man3/SSL_CTX_new.html doc/html/man3/SSL_CTX_sess_number.html doc/html/man3/SSL_CTX_sess_set_cache_size.html doc/html/man3/SSL_CTX_sess_set_get_cb.html doc/html/man3/SSL_CTX_sessions.html doc/html/man3/SSL_CTX_set0_CA_list.html doc/html/man3/SSL_CTX_set1_curves.html doc/html/man3/SSL_CTX_set1_sigalgs.html doc/html/man3/SSL_CTX_set1_verify_cert_store.html doc/html/man3/SSL_CTX_set_alpn_select_cb.html doc/html/man3/SSL_CTX_set_cert_cb.html doc/html/man3/SSL_CTX_set_cert_store.html doc/html/man3/SSL_CTX_set_cert_verify_callback.html doc/html/man3/SSL_CTX_set_cipher_list.html doc/html/man3/SSL_CTX_set_client_cert_cb.html doc/html/man3/SSL_CTX_set_client_hello_cb.html doc/html/man3/SSL_CTX_set_ct_validation_callback.html doc/html/man3/SSL_CTX_set_ctlog_list_file.html doc/html/man3/SSL_CTX_set_default_passwd_cb.html doc/html/man3/SSL_CTX_set_generate_session_id.html doc/html/man3/SSL_CTX_set_info_callback.html doc/html/man3/SSL_CTX_set_keylog_callback.html doc/html/man3/SSL_CTX_set_max_cert_list.html doc/html/man3/SSL_CTX_set_min_proto_version.html doc/html/man3/SSL_CTX_set_mode.html doc/html/man3/SSL_CTX_set_msg_callback.html doc/html/man3/SSL_CTX_set_num_tickets.html doc/html/man3/SSL_CTX_set_options.html doc/html/man3/SSL_CTX_set_psk_client_callback.html doc/html/man3/SSL_CTX_set_quiet_shutdown.html doc/html/man3/SSL_CTX_set_read_ahead.html doc/html/man3/SSL_CTX_set_record_padding_callback.html doc/html/man3/SSL_CTX_set_security_level.html doc/html/man3/SSL_CTX_set_session_cache_mode.html doc/html/man3/SSL_CTX_set_session_id_context.html doc/html/man3/SSL_CTX_set_session_ticket_cb.html doc/html/man3/SSL_CTX_set_split_send_fragment.html doc/html/man3/SSL_CTX_set_srp_password.html doc/html/man3/SSL_CTX_set_ssl_version.html doc/html/man3/SSL_CTX_set_stateless_cookie_generate_cb.html doc/html/man3/SSL_CTX_set_timeout.html doc/html/man3/SSL_CTX_set_tlsext_servername_callback.html doc/html/man3/SSL_CTX_set_tlsext_status_cb.html doc/html/man3/SSL_CTX_set_tlsext_ticket_key_cb.html doc/html/man3/SSL_CTX_set_tlsext_use_srtp.html doc/html/man3/SSL_CTX_set_tmp_dh_callback.html doc/html/man3/SSL_CTX_set_tmp_ecdh.html doc/html/man3/SSL_CTX_set_verify.html doc/html/man3/SSL_CTX_use_certificate.html doc/html/man3/SSL_CTX_use_psk_identity_hint.html doc/html/man3/SSL_CTX_use_serverinfo.html doc/html/man3/SSL_SESSION_free.html doc/html/man3/SSL_SESSION_get0_cipher.html doc/html/man3/SSL_SESSION_get0_hostname.html doc/html/man3/SSL_SESSION_get0_id_context.html doc/html/man3/SSL_SESSION_get0_peer.html doc/html/man3/SSL_SESSION_get_compress_id.html doc/html/man3/SSL_SESSION_get_protocol_version.html doc/html/man3/SSL_SESSION_get_time.html doc/html/man3/SSL_SESSION_has_ticket.html doc/html/man3/SSL_SESSION_is_resumable.html doc/html/man3/SSL_SESSION_print.html doc/html/man3/SSL_SESSION_set1_id.html doc/html/man3/SSL_accept.html doc/html/man3/SSL_alert_type_string.html doc/html/man3/SSL_alloc_buffers.html doc/html/man3/SSL_check_chain.html doc/html/man3/SSL_clear.html doc/html/man3/SSL_connect.html doc/html/man3/SSL_do_handshake.html doc/html/man3/SSL_export_keying_material.html doc/html/man3/SSL_extension_supported.html doc/html/man3/SSL_free.html doc/html/man3/SSL_get0_peer_scts.html doc/html/man3/SSL_get_SSL_CTX.html doc/html/man3/SSL_get_all_async_fds.html doc/html/man3/SSL_get_ciphers.html doc/html/man3/SSL_get_client_random.html doc/html/man3/SSL_get_current_cipher.html doc/html/man3/SSL_get_default_timeout.html doc/html/man3/SSL_get_error.html doc/html/man3/SSL_get_extms_support.html doc/html/man3/SSL_get_fd.html doc/html/man3/SSL_get_peer_cert_chain.html doc/html/man3/SSL_get_peer_certificate.html doc/html/man3/SSL_get_peer_signature_nid.html doc/html/man3/SSL_get_peer_tmp_key.html doc/html/man3/SSL_get_psk_identity.html doc/html/man3/SSL_get_rbio.html doc/html/man3/SSL_get_session.html doc/html/man3/SSL_get_shared_sigalgs.html doc/html/man3/SSL_get_verify_result.html doc/html/man3/SSL_get_version.html doc/html/man3/SSL_in_init.html doc/html/man3/SSL_key_update.html doc/html/man3/SSL_library_init.html doc/html/man3/SSL_load_client_CA_file.html doc/html/man3/SSL_new.html doc/html/man3/SSL_pending.html doc/html/man3/SSL_read.html doc/html/man3/SSL_read_early_data.html doc/html/man3/SSL_rstate_string.html doc/html/man3/SSL_session_reused.html doc/html/man3/SSL_set1_host.html doc/html/man3/SSL_set_async_callback.html doc/html/man3/SSL_set_bio.html doc/html/man3/SSL_set_connect_state.html doc/html/man3/SSL_set_fd.html doc/html/man3/SSL_set_session.html doc/html/man3/SSL_set_shutdown.html doc/html/man3/SSL_set_verify_result.html doc/html/man3/SSL_shutdown.html doc/html/man3/SSL_state_string.html doc/html/man3/SSL_want.html doc/html/man3/SSL_write.html doc/html/man3/TS_VERIFY_CTX_set_certs.html doc/html/man3/UI_STRING.html doc/html/man3/UI_UTIL_read_pw.html doc/html/man3/UI_create_method.html doc/html/man3/UI_new.html doc/html/man3/X509V3_get_d2i.html doc/html/man3/X509_ALGOR_dup.html doc/html/man3/X509_CRL_get0_by_serial.html doc/html/man3/X509_EXTENSION_set_object.html doc/html/man3/X509_LOOKUP.html doc/html/man3/X509_LOOKUP_hash_dir.html doc/html/man3/X509_LOOKUP_meth_new.html doc/html/man3/X509_NAME_ENTRY_get_object.html doc/html/man3/X509_NAME_add_entry_by_txt.html doc/html/man3/X509_NAME_get0_der.html doc/html/man3/X509_NAME_get_index_by_NID.html doc/html/man3/X509_NAME_print_ex.html doc/html/man3/X509_PUBKEY_new.html doc/html/man3/X509_SIG_get0.html doc/html/man3/X509_STORE_CTX_get_error.html doc/html/man3/X509_STORE_CTX_new.html doc/html/man3/X509_STORE_CTX_set_verify_cb.html doc/html/man3/X509_STORE_add_cert.html doc/html/man3/X509_STORE_get0_param.html doc/html/man3/X509_STORE_new.html doc/html/man3/X509_STORE_set_verify_cb_func.html doc/html/man3/X509_VERIFY_PARAM_set_flags.html doc/html/man3/X509_check_ca.html doc/html/man3/X509_check_host.html doc/html/man3/X509_check_issued.html doc/html/man3/X509_check_private_key.html doc/html/man3/X509_check_purpose.html doc/html/man3/X509_cmp.html doc/html/man3/X509_cmp_time.html doc/html/man3/X509_digest.html doc/html/man3/X509_dup.html doc/html/man3/X509_get0_distinguishing_id.html doc/html/man3/X509_get0_notBefore.html doc/html/man3/X509_get0_signature.html doc/html/man3/X509_get0_uids.html doc/html/man3/X509_get_extension_flags.html doc/html/man3/X509_get_pubkey.html doc/html/man3/X509_get_serialNumber.html doc/html/man3/X509_get_subject_name.html doc/html/man3/X509_get_version.html doc/html/man3/X509_load_http.html doc/html/man3/X509_new.html doc/html/man3/X509_sign.html doc/html/man3/X509_verify.html doc/html/man3/X509_verify_cert.html doc/html/man3/X509v3_get_ext_by_NID.html doc/html/man3/d2i_DHparams.html doc/html/man3/d2i_PKCS8PrivateKey_bio.html doc/html/man3/d2i_PrivateKey.html doc/html/man3/d2i_SSL_SESSION.html doc/html/man3/d2i_X509.html doc/html/man3/i2d_CMS_bio_stream.html doc/html/man3/i2d_PKCS7_bio_stream.html doc/html/man3/i2d_re_X509_tbs.html doc/html/man3/o2i_SCT_LIST.html doc/html/man3/s2i_ASN1_IA5STRING.html doc/html/man5/config.html doc/html/man5/fips_config.html doc/html/man5/x509v3_config.html doc/html/man7/EVP_KDF-HKDF.html doc/html/man7/EVP_KDF-KB.html doc/html/man7/EVP_KDF-KRB5KDF.html doc/html/man7/EVP_KDF-PBKDF2.html doc/html/man7/EVP_KDF-SCRYPT.html doc/html/man7/EVP_KDF-SS.html doc/html/man7/EVP_KDF-SSHKDF.html doc/html/man7/EVP_KDF-TLS1_PRF.html doc/html/man7/EVP_KDF-X942.html doc/html/man7/EVP_KDF-X963.html doc/html/man7/EVP_KEYEXCH-DH.html doc/html/man7/EVP_KEYEXCH-ECDH.html doc/html/man7/EVP_KEYEXCH-X25519.html doc/html/man7/EVP_MAC-BLAKE2.html doc/html/man7/EVP_MAC-CMAC.html doc/html/man7/EVP_MAC-GMAC.html doc/html/man7/EVP_MAC-HMAC.html doc/html/man7/EVP_MAC-KMAC.html doc/html/man7/EVP_MAC-Poly1305.html doc/html/man7/EVP_MAC-Siphash.html doc/html/man7/EVP_MD-BLAKE2.html doc/html/man7/EVP_MD-MD2.html doc/html/man7/EVP_MD-MD4.html doc/html/man7/EVP_MD-MD5-SHA1.html doc/html/man7/EVP_MD-MD5.html doc/html/man7/EVP_MD-MDC2.html doc/html/man7/EVP_MD-RIPEMD160.html doc/html/man7/EVP_MD-SHA1.html doc/html/man7/EVP_MD-SHA2.html doc/html/man7/EVP_MD-SHA3.html doc/html/man7/EVP_MD-SHAKE.html doc/html/man7/EVP_MD-SM3.html doc/html/man7/EVP_MD-WHIRLPOOL.html doc/html/man7/EVP_MD-common.html doc/html/man7/EVP_PKEY-DH.html doc/html/man7/EVP_PKEY-DSA.html doc/html/man7/EVP_PKEY-EC.html doc/html/man7/EVP_PKEY-FFC.html doc/html/man7/EVP_PKEY-RSA.html doc/html/man7/EVP_PKEY-X25519.html doc/html/man7/EVP_RAND-CTR-DRBG.html doc/html/man7/EVP_RAND-HASH-DRBG.html doc/html/man7/EVP_RAND-HMAC-DRBG.html doc/html/man7/EVP_RAND-TEST-RAND.html doc/html/man7/EVP_SIGNATURE-DSA.html doc/html/man7/EVP_SIGNATURE-ECDSA.html doc/html/man7/EVP_SIGNATURE-ED25519.html doc/html/man7/EVP_SIGNATURE-RSA.html doc/html/man7/OSSL_PROVIDER-FIPS.html doc/html/man7/OSSL_PROVIDER-base.html doc/html/man7/OSSL_PROVIDER-default.html doc/html/man7/OSSL_PROVIDER-legacy.html doc/html/man7/OSSL_PROVIDER-null.html doc/html/man7/RAND.html doc/html/man7/RAND_DRBG.html doc/html/man7/RSA-PSS.html doc/html/man7/SM2.html doc/html/man7/X25519.html doc/html/man7/bio.html doc/html/man7/crypto.html doc/html/man7/ct.html doc/html/man7/des_modes.html doc/html/man7/evp.html doc/html/man7/openssl-core.h.html doc/html/man7/openssl-core_dispatch.h.html doc/html/man7/openssl-core_names.h.html doc/html/man7/openssl-env.html doc/html/man7/openssl_user_macros.html doc/html/man7/ossl_store-file.html doc/html/man7/ossl_store.html doc/html/man7/passphrase-encoding.html doc/html/man7/property.html doc/html/man7/provider-asym_cipher.html doc/html/man7/provider-base.html doc/html/man7/provider-cipher.html doc/html/man7/provider-digest.html doc/html/man7/provider-keyexch.html doc/html/man7/provider-keymgmt.html doc/html/man7/provider-mac.html doc/html/man7/provider-rand.html doc/html/man7/provider-serializer.html doc/html/man7/provider-signature.html doc/html/man7/provider.html doc/html/man7/proxy-certificates.html doc/html/man7/ssl.html doc/html/man7/x509.html
rm -f doc/man/man1/CA.pl.1 doc/man/man1/openssl-asn1parse.1 doc/man/man1/openssl-ca.1 doc/man/man1/openssl-ciphers.1 doc/man/man1/openssl-cmds.1 doc/man/man1/openssl-cmp.1 doc/man/man1/openssl-cms.1 doc/man/man1/openssl-crl.1 doc/man/man1/openssl-crl2pkcs7.1 doc/man/man1/openssl-dgst.1 doc/man/man1/openssl-dhparam.1 doc/man/man1/openssl-dsa.1 doc/man/man1/openssl-dsaparam.1 doc/man/man1/openssl-ec.1 doc/man/man1/openssl-ecparam.1 doc/man/man1/openssl-enc.1 doc/man/man1/openssl-engine.1 doc/man/man1/openssl-errstr.1 doc/man/man1/openssl-fipsinstall.1 doc/man/man1/openssl-gendsa.1 doc/man/man1/openssl-genpkey.1 doc/man/man1/openssl-genrsa.1 doc/man/man1/openssl-info.1 doc/man/man1/openssl-kdf.1 doc/man/man1/openssl-list.1 doc/man/man1/openssl-mac.1 doc/man/man1/openssl-nseq.1 doc/man/man1/openssl-ocsp.1 doc/man/man1/openssl-passwd.1 doc/man/man1/openssl-pkcs12.1 doc/man/man1/openssl-pkcs7.1 doc/man/man1/openssl-pkcs8.1 doc/man/man1/openssl-pkey.1 doc/man/man1/openssl-pkeyparam.1 doc/man/man1/openssl-pkeyutl.1 doc/man/man1/openssl-prime.1 doc/man/man1/openssl-provider.1 doc/man/man1/openssl-rand.1 doc/man/man1/openssl-rehash.1 doc/man/man1/openssl-req.1 doc/man/man1/openssl-rsa.1 doc/man/man1/openssl-rsautl.1 doc/man/man1/openssl-s_client.1 doc/man/man1/openssl-s_server.1 doc/man/man1/openssl-s_time.1 doc/man/man1/openssl-sess_id.1 doc/man/man1/openssl-smime.1 doc/man/man1/openssl-speed.1 doc/man/man1/openssl-spkac.1 doc/man/man1/openssl-srp.1 doc/man/man1/openssl-storeutl.1 doc/man/man1/openssl-ts.1 doc/man/man1/openssl-verify.1 doc/man/man1/openssl-version.1 doc/man/man1/openssl-x509.1 doc/man/man1/openssl.1 doc/man/man1/tsget.1 doc/man/man3/ADMISSIONS.3 doc/man/man3/ASN1_INTEGER_get_int64.3 doc/man/man3/ASN1_INTEGER_new.3 doc/man/man3/ASN1_ITEM_lookup.3 doc/man/man3/ASN1_OBJECT_new.3 doc/man/man3/ASN1_STRING_TABLE_add.3 doc/man/man3/ASN1_STRING_length.3 doc/man/man3/ASN1_STRING_new.3 doc/man/man3/ASN1_STRING_print_ex.3 doc/man/man3/ASN1_TIME_set.3 doc/man/man3/ASN1_TYPE_get.3 doc/man/man3/ASN1_generate_nconf.3 doc/man/man3/ASYNC_WAIT_CTX_new.3 doc/man/man3/ASYNC_start_job.3 doc/man/man3/BF_encrypt.3 doc/man/man3/BIO_ADDR.3 doc/man/man3/BIO_ADDRINFO.3 doc/man/man3/BIO_connect.3 doc/man/man3/BIO_ctrl.3 doc/man/man3/BIO_f_base64.3 doc/man/man3/BIO_f_buffer.3 doc/man/man3/BIO_f_cipher.3 doc/man/man3/BIO_f_md.3 doc/man/man3/BIO_f_null.3 doc/man/man3/BIO_f_prefix.3 doc/man/man3/BIO_f_ssl.3 doc/man/man3/BIO_find_type.3 doc/man/man3/BIO_get_data.3 doc/man/man3/BIO_get_ex_new_index.3 doc/man/man3/BIO_meth_new.3 doc/man/man3/BIO_new.3 doc/man/man3/BIO_new_CMS.3 doc/man/man3/BIO_parse_hostserv.3 doc/man/man3/BIO_printf.3 doc/man/man3/BIO_push.3 doc/man/man3/BIO_read.3 doc/man/man3/BIO_s_accept.3 doc/man/man3/BIO_s_bio.3 doc/man/man3/BIO_s_connect.3 doc/man/man3/BIO_s_fd.3 doc/man/man3/BIO_s_file.3 doc/man/man3/BIO_s_mem.3 doc/man/man3/BIO_s_null.3 doc/man/man3/BIO_s_socket.3 doc/man/man3/BIO_set_callback.3 doc/man/man3/BIO_should_retry.3 doc/man/man3/BIO_socket_wait.3 doc/man/man3/BN_BLINDING_new.3 doc/man/man3/BN_CTX_new.3 doc/man/man3/BN_CTX_start.3 doc/man/man3/BN_add.3 doc/man/man3/BN_add_word.3 doc/man/man3/BN_bn2bin.3 doc/man/man3/BN_cmp.3 doc/man/man3/BN_copy.3 doc/man/man3/BN_generate_prime.3 doc/man/man3/BN_mod_inverse.3 doc/man/man3/BN_mod_mul_montgomery.3 doc/man/man3/BN_mod_mul_reciprocal.3 doc/man/man3/BN_new.3 doc/man/man3/BN_num_bytes.3 doc/man/man3/BN_rand.3 doc/man/man3/BN_security_bits.3 doc/man/man3/BN_set_bit.3 doc/man/man3/BN_swap.3 doc/man/man3/BN_zero.3 doc/man/man3/BUF_MEM_new.3 doc/man/man3/CMS_EnvelopedData_create.3 doc/man/man3/CMS_add0_cert.3 doc/man/man3/CMS_add1_recipient_cert.3 doc/man/man3/CMS_add1_signer.3 doc/man/man3/CMS_compress.3 doc/man/man3/CMS_decrypt.3 doc/man/man3/CMS_encrypt.3 doc/man/man3/CMS_final.3 doc/man/man3/CMS_get0_RecipientInfos.3 doc/man/man3/CMS_get0_SignerInfos.3 doc/man/man3/CMS_get0_type.3 doc/man/man3/CMS_get1_ReceiptRequest.3 doc/man/man3/CMS_sign.3 doc/man/man3/CMS_sign_receipt.3 doc/man/man3/CMS_uncompress.3 doc/man/man3/CMS_verify.3 doc/man/man3/CMS_verify_receipt.3 doc/man/man3/CONF_modules_free.3 doc/man/man3/CONF_modules_load_file.3 doc/man/man3/CRYPTO_THREAD_run_once.3 doc/man/man3/CRYPTO_get_ex_new_index.3 doc/man/man3/CRYPTO_memcmp.3 doc/man/man3/CTLOG_STORE_get0_log_by_id.3 doc/man/man3/CTLOG_STORE_new.3 doc/man/man3/CTLOG_new.3 doc/man/man3/CT_POLICY_EVAL_CTX_new.3 doc/man/man3/DEFINE_STACK_OF.3 doc/man/man3/DES_random_key.3 doc/man/man3/DH_generate_key.3 doc/man/man3/DH_generate_parameters.3 doc/man/man3/DH_get0_pqg.3 doc/man/man3/DH_get_1024_160.3 doc/man/man3/DH_meth_new.3 doc/man/man3/DH_new.3 doc/man/man3/DH_new_by_nid.3 doc/man/man3/DH_set_method.3 doc/man/man3/DH_size.3 doc/man/man3/DSA_SIG_new.3 doc/man/man3/DSA_do_sign.3 doc/man/man3/DSA_dup_DH.3 doc/man/man3/DSA_generate_key.3 doc/man/man3/DSA_generate_parameters.3 doc/man/man3/DSA_get0_pqg.3 doc/man/man3/DSA_meth_new.3 doc/man/man3/DSA_new.3 doc/man/man3/DSA_set_method.3 doc/man/man3/DSA_sign.3 doc/man/man3/DSA_size.3 doc/man/man3/DTLS_get_data_mtu.3 doc/man/man3/DTLS_set_timer_cb.3 doc/man/man3/DTLSv1_listen.3 doc/man/man3/ECDSA_SIG_new.3 doc/man/man3/ECPKParameters_print.3 doc/man/man3/EC_GFp_simple_method.3 doc/man/man3/EC_GROUP_copy.3 doc/man/man3/EC_GROUP_new.3 doc/man/man3/EC_KEY_get_enc_flags.3 doc/man/man3/EC_KEY_new.3 doc/man/man3/EC_POINT_add.3 doc/man/man3/EC_POINT_new.3 doc/man/man3/ENGINE_add.3 doc/man/man3/ERR_GET_LIB.3 doc/man/man3/ERR_clear_error.3 doc/man/man3/ERR_error_string.3 doc/man/man3/ERR_get_error.3 doc/man/man3/ERR_load_crypto_strings.3 doc/man/man3/ERR_load_strings.3 doc/man/man3/ERR_new.3 doc/man/man3/ERR_print_errors.3 doc/man/man3/ERR_put_error.3 doc/man/man3/ERR_remove_state.3 doc/man/man3/ERR_set_mark.3 doc/man/man3/EVP_ASYM_CIPHER_free.3 doc/man/man3/EVP_BytesToKey.3 doc/man/man3/EVP_CIPHER_CTX_get_cipher_data.3 doc/man/man3/EVP_CIPHER_meth_new.3 doc/man/man3/EVP_DigestInit.3 doc/man/man3/EVP_DigestSignInit.3 doc/man/man3/EVP_DigestVerifyInit.3 doc/man/man3/EVP_EncodeInit.3 doc/man/man3/EVP_EncryptInit.3 doc/man/man3/EVP_KDF.3 doc/man/man3/EVP_KEYEXCH_free.3 doc/man/man3/EVP_KEYMGMT.3 doc/man/man3/EVP_MAC.3 doc/man/man3/EVP_MD_meth_new.3 doc/man/man3/EVP_OpenInit.3 doc/man/man3/EVP_PKEY_ASN1_METHOD.3 doc/man/man3/EVP_PKEY_CTX_ctrl.3 doc/man/man3/EVP_PKEY_CTX_new.3 doc/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3 doc/man/man3/EVP_PKEY_CTX_set_hkdf_md.3 doc/man/man3/EVP_PKEY_CTX_set_params.3 doc/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3 doc/man/man3/EVP_PKEY_CTX_set_scrypt_N.3 doc/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3 doc/man/man3/EVP_PKEY_asn1_get_count.3 doc/man/man3/EVP_PKEY_check.3 doc/man/man3/EVP_PKEY_copy_parameters.3 doc/man/man3/EVP_PKEY_decrypt.3 doc/man/man3/EVP_PKEY_derive.3 doc/man/man3/EVP_PKEY_encrypt.3 doc/man/man3/EVP_PKEY_fromdata.3 doc/man/man3/EVP_PKEY_gen.3 doc/man/man3/EVP_PKEY_get_default_digest_nid.3 doc/man/man3/EVP_PKEY_gettable_params.3 doc/man/man3/EVP_PKEY_is_a.3 doc/man/man3/EVP_PKEY_meth_get_count.3 doc/man/man3/EVP_PKEY_meth_new.3 doc/man/man3/EVP_PKEY_new.3 doc/man/man3/EVP_PKEY_print_private.3 doc/man/man3/EVP_PKEY_set1_RSA.3 doc/man/man3/EVP_PKEY_set_type.3 doc/man/man3/EVP_PKEY_sign.3 doc/man/man3/EVP_PKEY_size.3 doc/man/man3/EVP_PKEY_supports_digest_nid.3 doc/man/man3/EVP_PKEY_verify.3 doc/man/man3/EVP_PKEY_verify_recover.3 doc/man/man3/EVP_RAND.3 doc/man/man3/EVP_SIGNATURE_free.3 doc/man/man3/EVP_SealInit.3 doc/man/man3/EVP_SignInit.3 doc/man/man3/EVP_VerifyInit.3 doc/man/man3/EVP_aes_128_gcm.3 doc/man/man3/EVP_aria_128_gcm.3 doc/man/man3/EVP_bf_cbc.3 doc/man/man3/EVP_blake2b512.3 doc/man/man3/EVP_camellia_128_ecb.3 doc/man/man3/EVP_cast5_cbc.3 doc/man/man3/EVP_chacha20.3 doc/man/man3/EVP_des_cbc.3 doc/man/man3/EVP_desx_cbc.3 doc/man/man3/EVP_idea_cbc.3 doc/man/man3/EVP_md2.3 doc/man/man3/EVP_md4.3 doc/man/man3/EVP_md5.3 doc/man/man3/EVP_mdc2.3 doc/man/man3/EVP_rc2_cbc.3 doc/man/man3/EVP_rc4.3 doc/man/man3/EVP_rc5_32_12_16_cbc.3 doc/man/man3/EVP_ripemd160.3 doc/man/man3/EVP_seed_cbc.3 doc/man/man3/EVP_set_default_properties.3 doc/man/man3/EVP_sha1.3 doc/man/man3/EVP_sha224.3 doc/man/man3/EVP_sha3_224.3 doc/man/man3/EVP_sm3.3 doc/man/man3/EVP_sm4_cbc.3 doc/man/man3/EVP_whirlpool.3 doc/man/man3/HMAC.3 doc/man/man3/MD5.3 doc/man/man3/MDC2_Init.3 doc/man/man3/NCONF_new_with_libctx.3 doc/man/man3/OBJ_nid2obj.3 doc/man/man3/OCSP_REQUEST_new.3 doc/man/man3/OCSP_cert_to_id.3 doc/man/man3/OCSP_request_add1_nonce.3 doc/man/man3/OCSP_resp_find_status.3 doc/man/man3/OCSP_response_status.3 doc/man/man3/OCSP_sendreq_new.3 doc/man/man3/OPENSSL_Applink.3 doc/man/man3/OPENSSL_CTX.3 doc/man/man3/OPENSSL_FILE.3 doc/man/man3/OPENSSL_LH_COMPFUNC.3 doc/man/man3/OPENSSL_LH_stats.3 doc/man/man3/OPENSSL_config.3 doc/man/man3/OPENSSL_fork_prepare.3 doc/man/man3/OPENSSL_hexchar2int.3 doc/man/man3/OPENSSL_ia32cap.3 doc/man/man3/OPENSSL_init_crypto.3 doc/man/man3/OPENSSL_init_ssl.3 doc/man/man3/OPENSSL_instrument_bus.3 doc/man/man3/OPENSSL_load_builtin_modules.3 doc/man/man3/OPENSSL_malloc.3 doc/man/man3/OPENSSL_s390xcap.3 doc/man/man3/OPENSSL_secure_malloc.3 doc/man/man3/OSSL_CMP_CTX_new.3 doc/man/man3/OSSL_CMP_HDR_get0_transactionID.3 doc/man/man3/OSSL_CMP_ITAV_set0.3 doc/man/man3/OSSL_CMP_MSG_get0_header.3 doc/man/man3/OSSL_CMP_MSG_http_perform.3 doc/man/man3/OSSL_CMP_SRV_CTX_new.3 doc/man/man3/OSSL_CMP_STATUSINFO_new.3 doc/man/man3/OSSL_CMP_exec_certreq.3 doc/man/man3/OSSL_CMP_log_open.3 doc/man/man3/OSSL_CMP_validate_msg.3 doc/man/man3/OSSL_CRMF_MSG_get0_tmpl.3 doc/man/man3/OSSL_CRMF_MSG_set0_validity.3 doc/man/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.3 doc/man/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.3 doc/man/man3/OSSL_CRMF_pbmp_new.3 doc/man/man3/OSSL_DESERIALIZER.3 doc/man/man3/OSSL_DESERIALIZER_CTX.3 doc/man/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_DESERIALIZER_from_bio.3 doc/man/man3/OSSL_HTTP_transfer.3 doc/man/man3/OSSL_PARAM.3 doc/man/man3/OSSL_PARAM_BLD.3 doc/man/man3/OSSL_PARAM_allocate_from_text.3 doc/man/man3/OSSL_PARAM_int.3 doc/man/man3/OSSL_PROVIDER.3 doc/man/man3/OSSL_SELF_TEST_new.3 doc/man/man3/OSSL_SELF_TEST_set_callback.3 doc/man/man3/OSSL_SERIALIZER.3 doc/man/man3/OSSL_SERIALIZER_CTX.3 doc/man/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_SERIALIZER_to_bio.3 doc/man/man3/OSSL_STORE_INFO.3 doc/man/man3/OSSL_STORE_LOADER.3 doc/man/man3/OSSL_STORE_SEARCH.3 doc/man/man3/OSSL_STORE_attach.3 doc/man/man3/OSSL_STORE_expect.3 doc/man/man3/OSSL_STORE_open.3 doc/man/man3/OSSL_trace_enabled.3 doc/man/man3/OSSL_trace_get_category_num.3 doc/man/man3/OSSL_trace_set_channel.3 doc/man/man3/OpenSSL_add_all_algorithms.3 doc/man/man3/OpenSSL_version.3 doc/man/man3/PEM_X509_INFO_read_bio_with_libctx.3 doc/man/man3/PEM_bytes_read_bio.3 doc/man/man3/PEM_read.3 doc/man/man3/PEM_read_CMS.3 doc/man/man3/PEM_read_bio_PrivateKey.3 doc/man/man3/PEM_read_bio_ex.3 doc/man/man3/PEM_write_bio_CMS_stream.3 doc/man/man3/PEM_write_bio_PKCS7_stream.3 doc/man/man3/PKCS12_SAFEBAG_get0_attrs.3 doc/man/man3/PKCS12_add_CSPName_asc.3 doc/man/man3/PKCS12_add_friendlyname_asc.3 doc/man/man3/PKCS12_add_localkeyid.3 doc/man/man3/PKCS12_create.3 doc/man/man3/PKCS12_get_friendlyname.3 doc/man/man3/PKCS12_newpass.3 doc/man/man3/PKCS12_parse.3 doc/man/man3/PKCS5_PBKDF2_HMAC.3 doc/man/man3/PKCS7_decrypt.3 doc/man/man3/PKCS7_encrypt.3 doc/man/man3/PKCS7_sign.3 doc/man/man3/PKCS7_sign_add_signer.3 doc/man/man3/PKCS7_verify.3 doc/man/man3/PKCS8_pkey_add1_attr.3 doc/man/man3/RAND_DRBG_generate.3 doc/man/man3/RAND_DRBG_get0_public.3 doc/man/man3/RAND_DRBG_new.3 doc/man/man3/RAND_DRBG_reseed.3 doc/man/man3/RAND_DRBG_set_callbacks.3 doc/man/man3/RAND_add.3 doc/man/man3/RAND_bytes.3 doc/man/man3/RAND_cleanup.3 doc/man/man3/RAND_egd.3 doc/man/man3/RAND_load_file.3 doc/man/man3/RAND_set_rand_method.3 doc/man/man3/RC4_set_key.3 doc/man/man3/RIPEMD160_Init.3 doc/man/man3/RSA_blinding_on.3 doc/man/man3/RSA_check_key.3 doc/man/man3/RSA_generate_key.3 doc/man/man3/RSA_get0_key.3 doc/man/man3/RSA_meth_new.3 doc/man/man3/RSA_new.3 doc/man/man3/RSA_padding_add_PKCS1_type_1.3 doc/man/man3/RSA_print.3 doc/man/man3/RSA_private_encrypt.3 doc/man/man3/RSA_public_encrypt.3 doc/man/man3/RSA_set_method.3 doc/man/man3/RSA_sign.3 doc/man/man3/RSA_sign_ASN1_OCTET_STRING.3 doc/man/man3/RSA_size.3 doc/man/man3/SCT_new.3 doc/man/man3/SCT_print.3 doc/man/man3/SCT_validate.3 doc/man/man3/SHA256_Init.3 doc/man/man3/SMIME_read_CMS.3 doc/man/man3/SMIME_read_PKCS7.3 doc/man/man3/SMIME_write_CMS.3 doc/man/man3/SMIME_write_PKCS7.3 doc/man/man3/SRP_Calc_B.3 doc/man/man3/SRP_VBASE_new.3 doc/man/man3/SRP_create_verifier.3 doc/man/man3/SRP_user_pwd_new.3 doc/man/man3/SSL_CIPHER_get_name.3 doc/man/man3/SSL_COMP_add_compression_method.3 doc/man/man3/SSL_CONF_CTX_new.3 doc/man/man3/SSL_CONF_CTX_set1_prefix.3 doc/man/man3/SSL_CONF_CTX_set_flags.3 doc/man/man3/SSL_CONF_CTX_set_ssl_ctx.3 doc/man/man3/SSL_CONF_cmd.3 doc/man/man3/SSL_CONF_cmd_argv.3 doc/man/man3/SSL_CTX_add1_chain_cert.3 doc/man/man3/SSL_CTX_add_extra_chain_cert.3 doc/man/man3/SSL_CTX_add_session.3 doc/man/man3/SSL_CTX_config.3 doc/man/man3/SSL_CTX_ctrl.3 doc/man/man3/SSL_CTX_dane_enable.3 doc/man/man3/SSL_CTX_flush_sessions.3 doc/man/man3/SSL_CTX_free.3 doc/man/man3/SSL_CTX_get0_param.3 doc/man/man3/SSL_CTX_get_verify_mode.3 doc/man/man3/SSL_CTX_has_client_custom_ext.3 doc/man/man3/SSL_CTX_load_verify_locations.3 doc/man/man3/SSL_CTX_new.3 doc/man/man3/SSL_CTX_sess_number.3 doc/man/man3/SSL_CTX_sess_set_cache_size.3 doc/man/man3/SSL_CTX_sess_set_get_cb.3 doc/man/man3/SSL_CTX_sessions.3 doc/man/man3/SSL_CTX_set0_CA_list.3 doc/man/man3/SSL_CTX_set1_curves.3 doc/man/man3/SSL_CTX_set1_sigalgs.3 doc/man/man3/SSL_CTX_set1_verify_cert_store.3 doc/man/man3/SSL_CTX_set_alpn_select_cb.3 doc/man/man3/SSL_CTX_set_cert_cb.3 doc/man/man3/SSL_CTX_set_cert_store.3 doc/man/man3/SSL_CTX_set_cert_verify_callback.3 doc/man/man3/SSL_CTX_set_cipher_list.3 doc/man/man3/SSL_CTX_set_client_cert_cb.3 doc/man/man3/SSL_CTX_set_client_hello_cb.3 doc/man/man3/SSL_CTX_set_ct_validation_callback.3 doc/man/man3/SSL_CTX_set_ctlog_list_file.3 doc/man/man3/SSL_CTX_set_default_passwd_cb.3 doc/man/man3/SSL_CTX_set_generate_session_id.3 doc/man/man3/SSL_CTX_set_info_callback.3 doc/man/man3/SSL_CTX_set_keylog_callback.3 doc/man/man3/SSL_CTX_set_max_cert_list.3 doc/man/man3/SSL_CTX_set_min_proto_version.3 doc/man/man3/SSL_CTX_set_mode.3 doc/man/man3/SSL_CTX_set_msg_callback.3 doc/man/man3/SSL_CTX_set_num_tickets.3 doc/man/man3/SSL_CTX_set_options.3 doc/man/man3/SSL_CTX_set_psk_client_callback.3 doc/man/man3/SSL_CTX_set_quiet_shutdown.3 doc/man/man3/SSL_CTX_set_read_ahead.3 doc/man/man3/SSL_CTX_set_record_padding_callback.3 doc/man/man3/SSL_CTX_set_security_level.3 doc/man/man3/SSL_CTX_set_session_cache_mode.3 doc/man/man3/SSL_CTX_set_session_id_context.3 doc/man/man3/SSL_CTX_set_session_ticket_cb.3 doc/man/man3/SSL_CTX_set_split_send_fragment.3 doc/man/man3/SSL_CTX_set_srp_password.3 doc/man/man3/SSL_CTX_set_ssl_version.3 doc/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3 doc/man/man3/SSL_CTX_set_timeout.3 doc/man/man3/SSL_CTX_set_tlsext_servername_callback.3 doc/man/man3/SSL_CTX_set_tlsext_status_cb.3 doc/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3 doc/man/man3/SSL_CTX_set_tlsext_use_srtp.3 doc/man/man3/SSL_CTX_set_tmp_dh_callback.3 doc/man/man3/SSL_CTX_set_tmp_ecdh.3 doc/man/man3/SSL_CTX_set_verify.3 doc/man/man3/SSL_CTX_use_certificate.3 doc/man/man3/SSL_CTX_use_psk_identity_hint.3 doc/man/man3/SSL_CTX_use_serverinfo.3 doc/man/man3/SSL_SESSION_free.3 doc/man/man3/SSL_SESSION_get0_cipher.3 doc/man/man3/SSL_SESSION_get0_hostname.3 doc/man/man3/SSL_SESSION_get0_id_context.3 doc/man/man3/SSL_SESSION_get0_peer.3 doc/man/man3/SSL_SESSION_get_compress_id.3 doc/man/man3/SSL_SESSION_get_protocol_version.3 doc/man/man3/SSL_SESSION_get_time.3 doc/man/man3/SSL_SESSION_has_ticket.3 doc/man/man3/SSL_SESSION_is_resumable.3 doc/man/man3/SSL_SESSION_print.3 doc/man/man3/SSL_SESSION_set1_id.3 doc/man/man3/SSL_accept.3 doc/man/man3/SSL_alert_type_string.3 doc/man/man3/SSL_alloc_buffers.3 doc/man/man3/SSL_check_chain.3 doc/man/man3/SSL_clear.3 doc/man/man3/SSL_connect.3 doc/man/man3/SSL_do_handshake.3 doc/man/man3/SSL_export_keying_material.3 doc/man/man3/SSL_extension_supported.3 doc/man/man3/SSL_free.3 doc/man/man3/SSL_get0_peer_scts.3 doc/man/man3/SSL_get_SSL_CTX.3 doc/man/man3/SSL_get_all_async_fds.3 doc/man/man3/SSL_get_ciphers.3 doc/man/man3/SSL_get_client_random.3 doc/man/man3/SSL_get_current_cipher.3 doc/man/man3/SSL_get_default_timeout.3 doc/man/man3/SSL_get_error.3 doc/man/man3/SSL_get_extms_support.3 doc/man/man3/SSL_get_fd.3 doc/man/man3/SSL_get_peer_cert_chain.3 doc/man/man3/SSL_get_peer_certificate.3 doc/man/man3/SSL_get_peer_signature_nid.3 doc/man/man3/SSL_get_peer_tmp_key.3 doc/man/man3/SSL_get_psk_identity.3 doc/man/man3/SSL_get_rbio.3 doc/man/man3/SSL_get_session.3 doc/man/man3/SSL_get_shared_sigalgs.3 doc/man/man3/SSL_get_verify_result.3 doc/man/man3/SSL_get_version.3 doc/man/man3/SSL_in_init.3 doc/man/man3/SSL_key_update.3 doc/man/man3/SSL_library_init.3 doc/man/man3/SSL_load_client_CA_file.3 doc/man/man3/SSL_new.3 doc/man/man3/SSL_pending.3 doc/man/man3/SSL_read.3 doc/man/man3/SSL_read_early_data.3 doc/man/man3/SSL_rstate_string.3 doc/man/man3/SSL_session_reused.3 doc/man/man3/SSL_set1_host.3 doc/man/man3/SSL_set_async_callback.3 doc/man/man3/SSL_set_bio.3 doc/man/man3/SSL_set_connect_state.3 doc/man/man3/SSL_set_fd.3 doc/man/man3/SSL_set_session.3 doc/man/man3/SSL_set_shutdown.3 doc/man/man3/SSL_set_verify_result.3 doc/man/man3/SSL_shutdown.3 doc/man/man3/SSL_state_string.3 doc/man/man3/SSL_want.3 doc/man/man3/SSL_write.3 doc/man/man3/TS_VERIFY_CTX_set_certs.3 doc/man/man3/UI_STRING.3 doc/man/man3/UI_UTIL_read_pw.3 doc/man/man3/UI_create_method.3 doc/man/man3/UI_new.3 doc/man/man3/X509V3_get_d2i.3 doc/man/man3/X509_ALGOR_dup.3 doc/man/man3/X509_CRL_get0_by_serial.3 doc/man/man3/X509_EXTENSION_set_object.3 doc/man/man3/X509_LOOKUP.3 doc/man/man3/X509_LOOKUP_hash_dir.3 doc/man/man3/X509_LOOKUP_meth_new.3 doc/man/man3/X509_NAME_ENTRY_get_object.3 doc/man/man3/X509_NAME_add_entry_by_txt.3 doc/man/man3/X509_NAME_get0_der.3 doc/man/man3/X509_NAME_get_index_by_NID.3 doc/man/man3/X509_NAME_print_ex.3 doc/man/man3/X509_PUBKEY_new.3 doc/man/man3/X509_SIG_get0.3 doc/man/man3/X509_STORE_CTX_get_error.3 doc/man/man3/X509_STORE_CTX_new.3 doc/man/man3/X509_STORE_CTX_set_verify_cb.3 doc/man/man3/X509_STORE_add_cert.3 doc/man/man3/X509_STORE_get0_param.3 doc/man/man3/X509_STORE_new.3 doc/man/man3/X509_STORE_set_verify_cb_func.3 doc/man/man3/X509_VERIFY_PARAM_set_flags.3 doc/man/man3/X509_check_ca.3 doc/man/man3/X509_check_host.3 doc/man/man3/X509_check_issued.3 doc/man/man3/X509_check_private_key.3 doc/man/man3/X509_check_purpose.3 doc/man/man3/X509_cmp.3 doc/man/man3/X509_cmp_time.3 doc/man/man3/X509_digest.3 doc/man/man3/X509_dup.3 doc/man/man3/X509_get0_distinguishing_id.3 doc/man/man3/X509_get0_notBefore.3 doc/man/man3/X509_get0_signature.3 doc/man/man3/X509_get0_uids.3 doc/man/man3/X509_get_extension_flags.3 doc/man/man3/X509_get_pubkey.3 doc/man/man3/X509_get_serialNumber.3 doc/man/man3/X509_get_subject_name.3 doc/man/man3/X509_get_version.3 doc/man/man3/X509_load_http.3 doc/man/man3/X509_new.3 doc/man/man3/X509_sign.3 doc/man/man3/X509_verify.3 doc/man/man3/X509_verify_cert.3 doc/man/man3/X509v3_get_ext_by_NID.3 doc/man/man3/d2i_DHparams.3 doc/man/man3/d2i_PKCS8PrivateKey_bio.3 doc/man/man3/d2i_PrivateKey.3 doc/man/man3/d2i_SSL_SESSION.3 doc/man/man3/d2i_X509.3 doc/man/man3/i2d_CMS_bio_stream.3 doc/man/man3/i2d_PKCS7_bio_stream.3 doc/man/man3/i2d_re_X509_tbs.3 doc/man/man3/o2i_SCT_LIST.3 doc/man/man3/s2i_ASN1_IA5STRING.3 doc/man/man5/config.5 doc/man/man5/fips_config.5 doc/man/man5/x509v3_config.5 doc/man/man7/EVP_KDF-HKDF.7 doc/man/man7/EVP_KDF-KB.7 doc/man/man7/EVP_KDF-KRB5KDF.7 doc/man/man7/EVP_KDF-PBKDF2.7 doc/man/man7/EVP_KDF-SCRYPT.7 doc/man/man7/EVP_KDF-SS.7 doc/man/man7/EVP_KDF-SSHKDF.7 doc/man/man7/EVP_KDF-TLS1_PRF.7 doc/man/man7/EVP_KDF-X942.7 doc/man/man7/EVP_KDF-X963.7 doc/man/man7/EVP_KEYEXCH-DH.7 doc/man/man7/EVP_KEYEXCH-ECDH.7 doc/man/man7/EVP_KEYEXCH-X25519.7 doc/man/man7/EVP_MAC-BLAKE2.7 doc/man/man7/EVP_MAC-CMAC.7 doc/man/man7/EVP_MAC-GMAC.7 doc/man/man7/EVP_MAC-HMAC.7 doc/man/man7/EVP_MAC-KMAC.7 doc/man/man7/EVP_MAC-Poly1305.7 doc/man/man7/EVP_MAC-Siphash.7 doc/man/man7/EVP_MD-BLAKE2.7 doc/man/man7/EVP_MD-MD2.7 doc/man/man7/EVP_MD-MD4.7 doc/man/man7/EVP_MD-MD5-SHA1.7 doc/man/man7/EVP_MD-MD5.7 doc/man/man7/EVP_MD-MDC2.7 doc/man/man7/EVP_MD-RIPEMD160.7 doc/man/man7/EVP_MD-SHA1.7 doc/man/man7/EVP_MD-SHA2.7 doc/man/man7/EVP_MD-SHA3.7 doc/man/man7/EVP_MD-SHAKE.7 doc/man/man7/EVP_MD-SM3.7 doc/man/man7/EVP_MD-WHIRLPOOL.7 doc/man/man7/EVP_MD-common.7 doc/man/man7/EVP_PKEY-DH.7 doc/man/man7/EVP_PKEY-DSA.7 doc/man/man7/EVP_PKEY-EC.7 doc/man/man7/EVP_PKEY-FFC.7 doc/man/man7/EVP_PKEY-RSA.7 doc/man/man7/EVP_PKEY-X25519.7 doc/man/man7/EVP_RAND-CTR-DRBG.7 doc/man/man7/EVP_RAND-HASH-DRBG.7 doc/man/man7/EVP_RAND-HMAC-DRBG.7 doc/man/man7/EVP_RAND-TEST-RAND.7 doc/man/man7/EVP_SIGNATURE-DSA.7 doc/man/man7/EVP_SIGNATURE-ECDSA.7 doc/man/man7/EVP_SIGNATURE-ED25519.7 doc/man/man7/EVP_SIGNATURE-RSA.7 doc/man/man7/OSSL_PROVIDER-FIPS.7 doc/man/man7/OSSL_PROVIDER-base.7 doc/man/man7/OSSL_PROVIDER-default.7 doc/man/man7/OSSL_PROVIDER-legacy.7 doc/man/man7/OSSL_PROVIDER-null.7 doc/man/man7/RAND.7 doc/man/man7/RAND_DRBG.7 doc/man/man7/RSA-PSS.7 doc/man/man7/SM2.7 doc/man/man7/X25519.7 doc/man/man7/bio.7 doc/man/man7/crypto.7 doc/man/man7/ct.7 doc/man/man7/des_modes.7 doc/man/man7/evp.7 doc/man/man7/openssl-core.h.7 doc/man/man7/openssl-core_dispatch.h.7 doc/man/man7/openssl-core_names.h.7 doc/man/man7/openssl-env.7 doc/man/man7/openssl_user_macros.7 doc/man/man7/ossl_store-file.7 doc/man/man7/ossl_store.7 doc/man/man7/passphrase-encoding.7 doc/man/man7/property.7 doc/man/man7/provider-asym_cipher.7 doc/man/man7/provider-base.7 doc/man/man7/provider-cipher.7 doc/man/man7/provider-digest.7 doc/man/man7/provider-keyexch.7 doc/man/man7/provider-keymgmt.7 doc/man/man7/provider-mac.7 doc/man/man7/provider-rand.7 doc/man/man7/provider-serializer.7 doc/man/man7/provider-signature.7 doc/man/man7/provider.7 doc/man/man7/proxy-certificates.7 doc/man/man7/ssl.7 doc/man/man7/x509.7
rm -f apps/openssl fuzz/asn1-test fuzz/asn1parse-test fuzz/bignum-test fuzz/bndiv-test fuzz/client-test fuzz/cmp-test fuzz/cms-test fuzz/conf-test fuzz/crl-test fuzz/ct-test fuzz/server-test fuzz/x509-test test/aborttest test/acvp_test test/aesgcmtest test/afalgtest test/asn1_decode_test test/asn1_dsa_internal_test test/asn1_encode_test test/asn1_internal_test test/asn1_string_table_test test/asn1_time_test test/asynciotest test/asynctest test/bad_dtls_test test/bftest test/bio_callback_test test/bio_enc_test test/bio_memleak_test test/bio_prefix_text test/bioprinttest test/bn_internal_test test/bntest test/buildtest_c_aes test/buildtest_c_asn1 test/buildtest_c_asn1t test/buildtest_c_async test/buildtest_c_bio test/buildtest_c_blowfish test/buildtest_c_bn test/buildtest_c_buffer test/buildtest_c_camellia test/buildtest_c_cast test/buildtest_c_cmac test/buildtest_c_cmp test/buildtest_c_cmp_util test/buildtest_c_cms test/buildtest_c_comp test/buildtest_c_conf test/buildtest_c_conf_api test/buildtest_c_core test/buildtest_c_core_dispatch test/buildtest_c_core_names test/buildtest_c_crmf test/buildtest_c_crypto test/buildtest_c_ct test/buildtest_c_des test/buildtest_c_deserializer test/buildtest_c_dh test/buildtest_c_dsa test/buildtest_c_dtls1 test/buildtest_c_e_os2 test/buildtest_c_ebcdic test/buildtest_c_ec test/buildtest_c_ecdh test/buildtest_c_ecdsa test/buildtest_c_engine test/buildtest_c_ess test/buildtest_c_evp test/buildtest_c_fips_names test/buildtest_c_hmac test/buildtest_c_http test/buildtest_c_idea test/buildtest_c_kdf test/buildtest_c_lhash test/buildtest_c_macros test/buildtest_c_md4 test/buildtest_c_md5 test/buildtest_c_mdc2 test/buildtest_c_modes test/buildtest_c_obj_mac test/buildtest_c_objects test/buildtest_c_ocsp test/buildtest_c_ossl_typ test/buildtest_c_param_build test/buildtest_c_params test/buildtest_c_pem test/buildtest_c_pem2 test/buildtest_c_pkcs12 test/buildtest_c_pkcs7 test/buildtest_c_provider test/buildtest_c_rand test/buildtest_c_rand_drbg test/buildtest_c_rc2 test/buildtest_c_rc4 test/buildtest_c_ripemd test/buildtest_c_rsa test/buildtest_c_safestack test/buildtest_c_seed test/buildtest_c_self_test test/buildtest_c_serializer test/buildtest_c_sha test/buildtest_c_srp test/buildtest_c_srtp test/buildtest_c_ssl test/buildtest_c_ssl2 test/buildtest_c_stack test/buildtest_c_store test/buildtest_c_symhacks test/buildtest_c_tls1 test/buildtest_c_ts test/buildtest_c_txt_db test/buildtest_c_types test/buildtest_c_ui test/buildtest_c_whrlpool test/buildtest_c_x509 test/buildtest_c_x509_vfy test/buildtest_c_x509v3 test/casttest test/chacha_internal_test test/cipher_overhead_test test/cipherbytes_test test/cipherlist_test test/ciphername_test test/clienthellotest test/cmactest test/cmp_asn_test test/cmp_client_test test/cmp_ctx_test test/cmp_hdr_test test/cmp_msg_test test/cmp_protect_test test/cmp_server_test test/cmp_status_test test/cmp_vfy_test test/cmsapitest test/conf_include_test test/confdump test/constant_time_test test/context_internal_test test/crltest test/ct_test test/ctype_internal_test test/curve448_internal_test test/d2i_test test/danetest test/destest test/dhtest test/drbg_cavs_test test/drbg_extra_test test/drbgtest test/dsa_no_digest_size_test test/dsatest test/dtls_mtu_test test/dtlstest test/dtlsv1listentest test/ec_internal_test test/ecdsatest test/ecstresstest test/ectest test/enginetest test/errtest test/evp_extra_test test/evp_extra_test2 test/evp_fetch_prov_test test/evp_kdf_test test/evp_libctx_test test/evp_pkey_dparams_test test/evp_pkey_provided_test test/evp_test test/exdatatest test/exptest test/fatalerrtest test/ffc_internal_test test/gmdifftest test/gosttest test/hexstr_test test/hmactest test/http_test test/ideatest test/igetest test/keymgmt_internal_test test/lhash_test test/mdc2_internal_test test/mdc2test test/memleaktest test/modes_internal_test test/namemap_internal_test test/ocspapitest test/packettest test/param_build_test test/params_api_test test/params_conversion_test test/params_test test/pbelutest test/pemtest test/pkey_meth_kdf_test test/pkey_meth_test test/poly1305_internal_test test/property_test test/provider_fallback_test test/provider_internal_test test/provider_test test/rc2test test/rc4test test/rc5test test/rdrand_sanitytest test/recordlentest test/rsa_complex test/rsa_mp_test test/rsa_sp800_56b_test test/rsa_test test/sanitytest test/secmemtest test/serdes_test test/servername_test test/shlibloadtest test/siphash_internal_test test/sm2_internal_test test/sm4_internal_test test/sparse_array_test test/srptest test/ssl_cert_table_internal_test test/ssl_ctx_test test/ssl_test test/ssl_test_ctx_test test/sslapitest test/sslbuffertest test/sslcorrupttest test/ssltest_old test/stack_test test/sysdefaulttest test/test_test test/threadstest test/time_offset_test test/tls13ccstest test/tls13encryptiontest test/tls13secretstest test/uitest test/v3ext test/v3nametest test/verify_extra_test test/versions test/wpackettest test/x509_check_cert_pkey_test test/x509_dup_cert_test test/x509_internal_test test/x509_time_test test/x509aux  engines/afalg.so engines/capi.so engines/dasync.so engines/ossltest.so engines/padlock.so providers/fips.so providers/legacy.so test/p_test.so apps/CA.pl apps/tsget.pl tools/c_rehash util/shlib_wrap.sh
rm -f doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod include/crypto/bn_conf.h include/crypto/dso_conf.h include/openssl/configuration.h include/openssl/fipskey.h include/openssl/opensslv.h test/provider_internal_test.cnf apps/CA.pl apps/progs.c apps/progs.h apps/tsget.pl crypto/aes/aes-x86_64.s crypto/aes/aesni-mb-x86_64.s crypto/aes/aesni-sha1-x86_64.s crypto/aes/aesni-sha256-x86_64.s crypto/aes/aesni-x86_64.s crypto/aes/bsaes-x86_64.s crypto/aes/vpaes-x86_64.s crypto/bn/rsaz-avx2.s crypto/bn/rsaz-x86_64.s crypto/bn/x86_64-gf2m.s crypto/bn/x86_64-mont.s crypto/bn/x86_64-mont5.s crypto/buildinf.h crypto/camellia/cmll-x86_64.s crypto/chacha/chacha-x86_64.s crypto/ec/ecp_nistz256-x86_64.s crypto/ec/x25519-x86_64.s crypto/md5/md5-x86_64.s crypto/modes/aesni-gcm-x86_64.s crypto/modes/ghash-x86_64.s crypto/poly1305/poly1305-x86_64.s crypto/rc4/rc4-md5-x86_64.s crypto/rc4/rc4-x86_64.s crypto/sha/keccak1600-x86_64.s crypto/sha/sha1-mb-x86_64.s crypto/sha/sha1-x86_64.s crypto/sha/sha256-mb-x86_64.s crypto/sha/sha256-x86_64.s crypto/sha/sha512-x86_64.s crypto/whrlpool/wp-x86_64.s crypto/x86_64cpuid.s doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod engines/afalg.ld engines/capi.ld engines/dasync.ld engines/e_padlock-x86_64.s engines/ossltest.ld engines/padlock.ld libcrypto.ld libssl.ld providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_rsa_gen.c providers/common/der/der_wrap_gen.c providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_wrap.h providers/fips.ld providers/legacy.ld test/buildtest_aes.c test/buildtest_asn1.c test/buildtest_asn1t.c test/buildtest_async.c test/buildtest_bio.c test/buildtest_blowfish.c test/buildtest_bn.c test/buildtest_buffer.c test/buildtest_camellia.c test/buildtest_cast.c test/buildtest_cmac.c test/buildtest_cmp.c test/buildtest_cmp_util.c test/buildtest_cms.c test/buildtest_comp.c test/buildtest_conf.c test/buildtest_conf_api.c test/buildtest_core.c test/buildtest_core_dispatch.c test/buildtest_core_names.c test/buildtest_crmf.c test/buildtest_crypto.c test/buildtest_ct.c test/buildtest_des.c test/buildtest_deserializer.c test/buildtest_dh.c test/buildtest_dsa.c test/buildtest_dtls1.c test/buildtest_e_os2.c test/buildtest_ebcdic.c test/buildtest_ec.c test/buildtest_ecdh.c test/buildtest_ecdsa.c test/buildtest_engine.c test/buildtest_ess.c test/buildtest_evp.c test/buildtest_fips_names.c test/buildtest_hmac.c test/buildtest_http.c test/buildtest_idea.c test/buildtest_kdf.c test/buildtest_lhash.c test/buildtest_macros.c test/buildtest_md4.c test/buildtest_md5.c test/buildtest_mdc2.c test/buildtest_modes.c test/buildtest_obj_mac.c test/buildtest_objects.c test/buildtest_ocsp.c test/buildtest_ossl_typ.c test/buildtest_param_build.c test/buildtest_params.c test/buildtest_pem.c test/buildtest_pem2.c test/buildtest_pkcs12.c test/buildtest_pkcs7.c test/buildtest_provider.c test/buildtest_rand.c test/buildtest_rand_drbg.c test/buildtest_rc2.c test/buildtest_rc4.c test/buildtest_ripemd.c test/buildtest_rsa.c test/buildtest_safestack.c test/buildtest_seed.c test/buildtest_self_test.c test/buildtest_serializer.c test/buildtest_sha.c test/buildtest_srp.c test/buildtest_srtp.c test/buildtest_ssl.c test/buildtest_ssl2.c test/buildtest_stack.c test/buildtest_store.c test/buildtest_symhacks.c test/buildtest_tls1.c test/buildtest_ts.c test/buildtest_txt_db.c test/buildtest_types.c test/buildtest_ui.c test/buildtest_whrlpool.c test/buildtest_x509.c test/buildtest_x509_vfy.c test/buildtest_x509v3.c test/p_test.ld tools/c_rehash util/shlib_wrap.sh
rm -f `find . -name '*.d' \! -name '.*' \! -type d -print`
rm -f `find . -name '*.o' \! -name '.*' \! -type d -print`
rm -f core
rm -f tags TAGS doc-nits cmd-nits md-nits
rm -f -r test/test-runs
rm -f openssl.pc libcrypto.pc libssl.pc
rm -f `find . -type l \! -name '.*' -print`
rm -f ../openssl-3.0.0-alpha6-dev.tar
$ make depend
$ LDCMD= make -j4
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-asn1parse.pod.in > doc/man1/openssl-asn1parse.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ca.pod.in > doc/man1/openssl-ca.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ciphers.pod.in > doc/man1/openssl-ciphers.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmds.pod.in > doc/man1/openssl-cmds.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmp.pod.in > doc/man1/openssl-cmp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cms.pod.in > doc/man1/openssl-cms.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl.pod.in > doc/man1/openssl-crl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-provider.pod.in > doc/man1/openssl-provider.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf
make depend && make _build_sw
make[1]: Entering directory '/home/openssl/run-checker/no-posix-io'
make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io'
make[1]: Entering directory '/home/openssl/run-checker/no-posix-io'
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c
../openssl/apps/lib/http_server.c:27:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations]
int multi = 0; /* run multiple responder processes */
    ^
1 error generated.
Makefile:4160: recipe for target 'apps/lib/libapps-lib-http_server.o' failed
make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io'
Makefile:3129: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From builds at travis-ci.com  Fri Aug  7 05:09:56 2020
From: builds at travis-ci.com (Travis CI)
Date: Fri, 07 Aug 2020 05:09:56 +0000
Subject: Still Failing: openssl/openssl#36543 (master - 90ef39f)
In-Reply-To: <openssl/openssl+178835248+still failing@travis-ci.com>
Message-ID: <5f2ce209b1c20_13f9c47db46d8114455@travis-pro-tasks-69dfd88564-h256z.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36543
Status: Still Failing

Duration: 20 mins and 9 secs
Commit: 90ef39f (master)
Author: Richard Levitte
Message: EVP: Fix the returned value for ASN1_PKEY_CTRL_DEFAULT_MD_NID

Trust the returned value from EVP_PKEY_get_default_digest_name()!  It
mimics exactly the values that EVP_PKEY_get_default_digest_nid() is
supposed to return, and that value should simply be passed unchanged.
Callers depend on it.

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12586)

View the changeset: https://github.com/openssl/openssl/compare/a7922e208ddf...90ef39f43ad5

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178835248?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200807/1c449a81/attachment.html>

From no-reply at appveyor.com  Fri Aug  7 06:43:09 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 07 Aug 2020 06:43:09 +0000
Subject: Build failed: openssl master.36017
Message-ID: <20200807064309.1.E9CA1B87998CD6FE@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200807/4bc52e70/attachment.html>

From builds at travis-ci.com  Fri Aug  7 07:26:48 2020
From: builds at travis-ci.com (Travis CI)
Date: Fri, 07 Aug 2020 07:26:48 +0000
Subject: Still Failing: openssl/openssl#36548 (master - 4df0d37)
In-Reply-To: <openssl/openssl+178838267+still failing@travis-ci.com>
Message-ID: <5f2d0237a272d_13fecc6cadd7813236@travis-pro-tasks-69dfd88564-rlmsf.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36548
Status: Still Failing

Duration: 1 hr, 20 mins, and 27 secs
Commit: 4df0d37 (master)
Author: Richard Levitte
Message: PROV: Fix MSBLOB / PVK deserializer

Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12601)

View the changeset: https://github.com/openssl/openssl/compare/90ef39f43ad5...4df0d37ff6cc

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178838267?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200807/1fc636ec/attachment-0001.html>

From matt at openssl.org  Fri Aug  7 08:50:47 2020
From: matt at openssl.org (Matt Caswell)
Date: Fri, 07 Aug 2020 08:50:47 +0000
Subject: [openssl]  openssl-3.0.0-alpha6 create
Message-ID: <1596790247.579549.28459.nullmailer@dev.openssl.org>

The annotated tag openssl-3.0.0-alpha6 has been created
        at  ac5406985bb7d130814a755c793d00995c2c23e7 (tag)
   tagging  e3ec8020b433f9bccebb547889e43c4691eb8713 (commit)
  replaces  openssl-3.0.0-alpha5
 tagged by  Matt Caswell
        on  Thu Aug 6 14:00:24 2020 +0100

- Log -----------------------------------------------------------------
OpenSSL 3.0.0-alpha6 release tag
-----BEGIN PGP SIGNATURE-----

iQFFBAABCAAvFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAl8r/ugRHG1hdHRAb3Bl
bnNzbC5vcmcACgkQ2cTSbQ5gRJEucwgAjfgFIjhx+0bTh2kNXmk+7DJyHWd9eao3
w3auRIJ0LGC0G4gbygBtD+wS9Bj9+B55uWagVKG8c/jmi0jL6GMC25wQiLiD7Uy5
Oqc6pFgky5wzYyTIwoF76RLolDUgOccJm2OZbmJySoYSZKejPEzc+2eHQWNsGc9A
EluHWqPq3K+QeAicGC4cn4H20qnziw8VmhWmxTGck5HfnL2SIJmRXvVGXdHjpHhc
amY5ZFRTS1yh3zoD6pXeQT0iu0g/l7BXcM8IOsJhG7VBlFug8FzKd98SqSic7rtx
GbnmCGN50SCa2f5Lb5V90mIsoINI5w7OCMjzeRZ9cm3k0YHMvRG+NQ==
=vP2T
-----END PGP SIGNATURE-----

David Woodhouse (4):
      Make SSL_set1_host() and SSL_add1_host() take IP addresses
      Fix certificate validation for IPv6 literals in sconnect demo
      Disallow setting more than one IP address with SSL_add1_host()
      Add CHANGES.md entry for SSL_set1_host()/SSL_add1_host() taking IP literals

Dimitri John Ledkov (1):
      man3: Drop warning about using security levels higher than 1.

Dr. David von Oheimb (27):
      Constify X509_check_akid and prefer using X509_get0_serialNumber over X509_get_serialNumber
      x509_vfy.c: Improve key usage checks in internal_verify() of cert chains
      test/run_tests.pl: In parallel runs, start those tests first that run longest
      99-test_fuzz.t: Clean up and re-organize such that sub-tests could be split easily
      check-format.pl: Allow comment start '/*' after opening '(','[','{'
      check-format.pl: Add check for multiples essentially empty lines in a row
      check-format.pl: Add check for essentially empty line at beginning of file
      check-format.pl: Report empty lines only if -s (--sloppy-spc) is not used
      check-format.pl: Add an entry about it to NEWS.md and to CHANGES.md
      Skip test_cmp_cli if 'lsof' or 'kill' command is not available
      81-test_cmp_cli.t: Avoid using 'tail', 'awk', and the '-s' option of 'lsof'
      Fix UI method setup, which should be independent of (deprecated) engine use
      Deprecate -nodes in favor of -noenc in pkcs12 and req app
      Streamline the CMP request session API, adding the generalized OSSL_CMP_exec_certreq()
      Export crm_new() of cmp_msg.c under the name OSSL_CMP_CTX_setup_CRM()
      apps/cmp.c: Improve documentation of -recipient option
      Export ossl_cmp_msg_load() as OSSL_CMP_MSG_read(), use it in apps/cmp.c
      Add OSSL_CMP_MSG_write(), use it in apps/cmp.c
      81-test_cmp_cli.t: Skip tests with mock server if server cannot be started
      apps/cmp.c: Defer diagnostic output on server+proxy to be contacted
      Correct misleading diagnostics of OBJ_txt2obj on unknown object name
      Correct confusing X509V3 conf error output by removing needless 'section:<NULL>' etc.
      Rename misleading X509V3_R_INVALID_NULL_NAME to X509V3_R_INVALID_EMPTY_NAME
      Add 'section=...' info in error output of X509V3_EXT_nconf() as far as appropriate
      apps: Correct and extend diagnostics of parse_name()
      Fix error message on setting cert validity period in apps/cmp.c
      openssl-cmp.pod.in: Update and extend example using Insta Demo CA

Dr. Matthias St. Pierre (3):
      test/drbgtest.c: Remove error check for large generate requests
      test/drbgtest.c: set the correct counter to trigger reseeding
      Fix: uninstantiation breaks the RAND_DRBG callback mechanism

Gustaf Neumann (1):
      Align documentation with recommendations of Linux Documentation Project

Jean-Christophe Fillion-Robin (1):
      Fix linking against non-system zlib on macOS

Matt Caswell (8):
      Fix no-dh and no-dsa
      Fix no-ec2m
      Fix a test_verify failure
      Don't fallback to legacy in DigestSignInit/DigestVerifyInit too easily
      Fix test_cmp_cli for extended tests
      Fix an ENGINE leak in asn1_item_digest_with_libctx
      Update copyright year
      Prepare for release of 3.0 alpha 6

Nicola Tuveri (2):
      [test] Vertically test explicit EC params API patterns
      [test][ectest] Minor touches to custom_generator_test

Nihal Jere (1):
      fixed swapped parameter descriptions for x509

Norman Ashley (1):
      Coverity Fixes for issue #12531

Pauli (13):
      rand: detect if FIPS approved randomness sources are being used.
      install: add notes about ignored seed sources in the FIPS provider.
      doc: Fix documentation of EVP_EncryptUpdate().
      mac: always pass a non-NULL output size pointer to providers.
      evp_test: use correct deallocation for EVP_MD
      evp_test: use correct deallocation for EVP_CIPHER
      engines: fixed to work with EVP_*_meth calls deprecated
      EVP: deprecate the EVP_X_meth_ functions.
      document the deprecation of the '-public-key-methods' option to list
      namemap: fix threading issue
      unify spelling of serialize
      serialisation: Add a built-in base provider.
      deserialisation: add deserialisation to the base provider

Peter Eisentraut (1):
      Mark an argument of an inline function as unused

Read Hughes (1):
      Update EVP_EncodeInit.pod

Richard Levitte (39):
      Prepare for 3.0 alpha 6
      Remove util/openssl-update-copyright
      Fix typo for SSL_get_peer_certificate()
      util/find-doc-nits: read full declarations as one line in name_synopsis()
      util/find-doc-nits: relax some SYNOPSIS checks
      PROV: Move bio_prov.c from libcommon.a to libfips.a / libnonfips.a
      util/find-doc-nits: Relax check of function declarations in name_synopsis()
      DOC: Fix SSL_CTX_set_cert_cb.pod and SSL_CTX_set_client_cert_cb.pod
      EVP KEYMGMT utils: Make a few more utility functions available
      KEYMGMT: Add key loading function OSSL_FUNC_keymgmt_load()
      DESERIALIZER: Add foundation for deserializers
      SERIALIZER: Add functions to deserialize into an EVP_PKEY
      CORE: Add upcalls for BIO_gets() and BIO_puts()
      PROV: Implement DER to RSA deserializer
      PROV: Implement PEM to DER deserializer
      TEST: Add new serializer and deserializer test
      SERIALIZER: No enc argument for OSSL_SERIALIZER_CTX_set_passphrase_cb()
      DESERIALIZER: Implement decryption of password protected objects
      PROV: Update the DER to RSA deserializer to handle encrypted PKCS#8
      TEST: Update the serialization/deserialization test with encryption
      PROV: Update the PEM to DER deserializer to handle encrypted legacy PEM
      TEST: Update the serialization/deserialization test with legacy PEM encryption
      EVP: Fix key type check logic in evp_pkey_cmp_any()
      DER to RSA deserializer: fix inclusion
      EVP, PROV: Add misc missing bits for RSA-PSS
      PROV: Add a DER to RSA-PSS deserializer implementation
      TEST: Add RSA-PSS cases in test/serdes_test.c
      PROV: Fix small logic error in ec_kmgmt.c matching function
      DER writer: Make context-specific tags constructed (i.e. explicit)
      RSA: Better synchronisation between ASN1 PSS params and RSA_PSS_PARAMS_30
      DESERIALIZER: Rethink password handling
      DESERIALIZER: Make it possible to deserialize public keys too
      DESERIALIZER: Add deserializers for the rest of our asymmetric key types
      TEST: Add testutil tests to compare unterminated strings of different lengths
      DESERIALIZER: Refactor the constructor setting API
      DESERIALIZER: Make OSSL_DESERIALIZER_from_{bio,fp} use BIO_tell() / BIO_seek()
      DESERIALIZER: Small bugfix in the deser_process()
      PROV: Make the DER to KEY deserializer decode parameters too
      DESERIALIZER: Fix EVP_PKEY construction by export

Shane Lontis (10):
      Fix trailing whitespace mismatch error when running 02-test_errstr.
      Added missing ';' after methods in the synopsis section of pod files
      Fix API rename issue in shim layer that calls EVP_MAC_CTX_set_params
      Add ERR_raise() errors to fips OSSL_provider_init and self tests.
      Fix provider cipher reinit issue
      Cleanup fips provider init
      Test RSA oaep in fips mode
      Add X509 related libctx changes.
      Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo
      Fix provider cipher reinit after init/update with a partial update block.

Viktor Dukhovni (1):
      Avoid errors with a priori inapplicable protocol bounds

Vitezslav Cizek (2):
      test/drbgtest.c: Fix error check test
      Fix DRBG reseed counter condition.

gujinqiang (1):
      Specific the engine pointer

-----------------------------------------------------------------------

From openssl at openssl.org  Fri Aug  7 10:08:31 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 07 Aug 2020 10:08:31 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-sock
Message-ID: <1596794911.483596.21886.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-sock

Commit log since last time:

914f97eecc Fix provider cipher reinit after init/update with a partial update block.
c5b356d5d6 Mark an argument of an inline function as unused
ebc1e8fc4e openssl-cmp.pod.in: Update and extend example using Insta Demo CA
4c525cb5b6 DESERIALIZER: Fix EVP_PKEY construction by export
aff8c0a411 Fix error message on setting cert validity period in apps/cmp.c
57c05c57c3 apps: Correct and extend diagnostics of parse_name()
02ae130e3d Add 'section=...' info in error output of X509V3_EXT_nconf() as far as appropriate
1ac658ac9d Rename misleading X509V3_R_INVALID_NULL_NAME to X509V3_R_INVALID_EMPTY_NAME
c90c469376 Correct confusing X509V3 conf error output by removing needless 'section:<NULL>' etc.
b516a4b139 Correct misleading diagnostics of OBJ_txt2obj on unknown object name
8f7e897995 apps/cmp.c: Defer diagnostic output on server+proxy to be contacted
b5b6669fb6 PROV: Make the DER to KEY deserializer decode parameters too
19b4e6f8fe Coverity Fixes for issue #12531
e5b2cd5899 Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo
37d898df34 Add CHANGES.md entry for SSL_set1_host()/SSL_add1_host() taking IP literals
892a9e4c99 Disallow setting more than one IP address with SSL_add1_host()
396e720965 Fix certificate validation for IPv6 literals in sconnect demo
c832840e89 Make SSL_set1_host() and SSL_add1_host() take IP addresses
a677190779 81-test_cmp_cli.t: Skip tests with mock server if server cannot be started

Build log ended with (last 100 lines):

rm -f doc/html/man1/CA.pl.html doc/html/man1/openssl-asn1parse.html doc/html/man1/openssl-ca.html doc/html/man1/openssl-ciphers.html doc/html/man1/openssl-cmds.html doc/html/man1/openssl-cmp.html doc/html/man1/openssl-cms.html doc/html/man1/openssl-crl.html doc/html/man1/openssl-crl2pkcs7.html doc/html/man1/openssl-dgst.html doc/html/man1/openssl-dhparam.html doc/html/man1/openssl-dsa.html doc/html/man1/openssl-dsaparam.html doc/html/man1/openssl-ec.html doc/html/man1/openssl-ecparam.html doc/html/man1/openssl-enc.html doc/html/man1/openssl-engine.html doc/html/man1/openssl-errstr.html doc/html/man1/openssl-fipsinstall.html doc/html/man1/openssl-gendsa.html doc/html/man1/openssl-genpkey.html doc/html/man1/openssl-genrsa.html doc/html/man1/openssl-info.html doc/html/man1/openssl-kdf.html doc/html/man1/openssl-list.html doc/html/man1/openssl-mac.html doc/html/man1/openssl-nseq.html doc/html/man1/openssl-ocsp.html doc/html/man1/openssl-passwd.html doc/html/man1/openssl-pkcs12.html doc/html/man1/openssl-pkcs7.html doc/html/man1/openssl-pkcs8.html doc/html/man1/openssl-pkey.html doc/html/man1/openssl-pkeyparam.html doc/html/man1/openssl-pkeyutl.html doc/html/man1/openssl-prime.html doc/html/man1/openssl-provider.html doc/html/man1/openssl-rand.html doc/html/man1/openssl-rehash.html doc/html/man1/openssl-req.html doc/html/man1/openssl-rsa.html doc/html/man1/openssl-rsautl.html doc/html/man1/openssl-s_client.html doc/html/man1/openssl-s_server.html doc/html/man1/openssl-s_time.html doc/html/man1/openssl-sess_id.html doc/html/man1/openssl-smime.html doc/html/man1/openssl-speed.html doc/html/man1/openssl-spkac.html doc/html/man1/openssl-srp.html doc/html/man1/openssl-storeutl.html doc/html/man1/openssl-ts.html doc/html/man1/openssl-verify.html doc/html/man1/openssl-version.html doc/html/man1/openssl-x509.html doc/html/man1/openssl.html doc/html/man1/tsget.html doc/html/man3/ADMISSIONS.html doc/html/man3/ASN1_INTEGER_get_int64.html doc/html/man3/ASN1_INTEGER_new.html doc/html/man3/ASN1_ITEM_lookup.html doc/html/man3/ASN1_OBJECT_new.html doc/html/man3/ASN1_STRING_TABLE_add.html doc/html/man3/ASN1_STRING_length.html doc/html/man3/ASN1_STRING_new.html doc/html/man3/ASN1_STRING_print_ex.html doc/html/man3/ASN1_TIME_set.html doc/html/man3/ASN1_TYPE_get.html doc/html/man3/ASN1_generate_nconf.html doc/html/man3/ASYNC_WAIT_CTX_new.html doc/html/man3/ASYNC_start_job.html doc/html/man3/BF_encrypt.html doc/html/man3/BIO_ADDR.html doc/html/man3/BIO_ADDRINFO.html doc/html/man3/BIO_connect.html doc/html/man3/BIO_ctrl.html doc/html/man3/BIO_f_base64.html doc/html/man3/BIO_f_buffer.html doc/html/man3/BIO_f_cipher.html doc/html/man3/BIO_f_md.html doc/html/man3/BIO_f_null.html doc/html/man3/BIO_f_prefix.html doc/html/man3/BIO_f_ssl.html doc/html/man3/BIO_find_type.html doc/html/man3/BIO_get_data.html doc/html/man3/BIO_get_ex_new_index.html doc/html/man3/BIO_meth_new.html doc/html/man3/BIO_new.html doc/html/man3/BIO_new_CMS.html doc/html/man3/BIO_parse_hostserv.html doc/html/man3/BIO_printf.html doc/html/man3/BIO_push.html doc/html/man3/BIO_read.html doc/html/man3/BIO_s_accept.html doc/html/man3/BIO_s_bio.html doc/html/man3/BIO_s_connect.html doc/html/man3/BIO_s_fd.html doc/html/man3/BIO_s_file.html doc/html/man3/BIO_s_mem.html doc/html/man3/BIO_s_null.html doc/html/man3/BIO_s_socket.html doc/html/man3/BIO_set_callback.html doc/html/man3/BIO_should_retry.html doc/html/man3/BIO_socket_wait.html doc/html/man3/BN_BLINDING_new.html doc/html/man3/BN_CTX_new.html doc/html/man3/BN_CTX_start.html doc/html/man3/BN_add.html doc/html/man3/BN_add_word.html doc/html/man3/BN_bn2bin.html doc/html/man3/BN_cmp.html doc/html/man3/BN_copy.html doc/html/man3/BN_generate_prime.html doc/html/man3/BN_mod_inverse.html doc/html/man3/BN_mod_mul_montgomery.html doc/html/man3/BN_mod_mul_reciprocal.html doc/html/man3/BN_new.html doc/html/man3/BN_num_bytes.html doc/html/man3/BN_rand.html doc/html/man3/BN_security_bits.html doc/html/man3/BN_set_bit.html doc/html/man3/BN_swap.html doc/html/man3/BN_zero.html doc/html/man3/BUF_MEM_new.html doc/html/man3/CMS_EnvelopedData_create.html doc/html/man3/CMS_add0_cert.html doc/html/man3/CMS_add1_recipient_cert.html doc/html/man3/CMS_add1_signer.html doc/html/man3/CMS_compress.html doc/html/man3/CMS_decrypt.html doc/html/man3/CMS_encrypt.html doc/html/man3/CMS_final.html doc/html/man3/CMS_get0_RecipientInfos.html doc/html/man3/CMS_get0_SignerInfos.html doc/html/man3/CMS_get0_type.html doc/html/man3/CMS_get1_ReceiptRequest.html doc/html/man3/CMS_sign.html doc/html/man3/CMS_sign_receipt.html doc/html/man3/CMS_uncompress.html doc/html/man3/CMS_verify.html doc/html/man3/CMS_verify_receipt.html doc/html/man3/CONF_modules_free.html doc/html/man3/CONF_modules_load_file.html doc/html/man3/CRYPTO_THREAD_run_once.html doc/html/man3/CRYPTO_get_ex_new_index.html doc/html/man3/CRYPTO_memcmp.html doc/html/man3/CTLOG_STORE_get0_log_by_id.html doc/html/man3/CTLOG_STORE_new.html doc/html/man3/CTLOG_new.html doc/html/man3/CT_POLICY_EVAL_CTX_new.html doc/html/man3/DEFINE_STACK_OF.html doc/html/man3/DES_random_key.html doc/html/man3/DH_generate_key.html doc/html/man3/DH_generate_parameters.html doc/html/man3/DH_get0_pqg.html doc/html/man3/DH_get_1024_160.html doc/html/man3/DH_meth_new.html doc/html/man3/DH_new.html doc/html/man3/DH_new_by_nid.html doc/html/man3/DH_set_method.html doc/html/man3/DH_size.html doc/html/man3/DSA_SIG_new.html doc/html/man3/DSA_do_sign.html doc/html/man3/DSA_dup_DH.html doc/html/man3/DSA_generate_key.html doc/html/man3/DSA_generate_parameters.html doc/html/man3/DSA_get0_pqg.html doc/html/man3/DSA_meth_new.html doc/html/man3/DSA_new.html doc/html/man3/DSA_set_method.html doc/html/man3/DSA_sign.html doc/html/man3/DSA_size.html doc/html/man3/DTLS_get_data_mtu.html doc/html/man3/DTLS_set_timer_cb.html doc/html/man3/DTLSv1_listen.html doc/html/man3/ECDSA_SIG_new.html doc/html/man3/ECPKParameters_print.html doc/html/man3/EC_GFp_simple_method.html doc/html/man3/EC_GROUP_copy.html doc/html/man3/EC_GROUP_new.html doc/html/man3/EC_KEY_get_enc_flags.html doc/html/man3/EC_KEY_new.html doc/html/man3/EC_POINT_add.html doc/html/man3/EC_POINT_new.html doc/html/man3/ENGINE_add.html doc/html/man3/ERR_GET_LIB.html doc/html/man3/ERR_clear_error.html doc/html/man3/ERR_error_string.html doc/html/man3/ERR_get_error.html doc/html/man3/ERR_load_crypto_strings.html doc/html/man3/ERR_load_strings.html doc/html/man3/ERR_new.html doc/html/man3/ERR_print_errors.html doc/html/man3/ERR_put_error.html doc/html/man3/ERR_remove_state.html doc/html/man3/ERR_set_mark.html doc/html/man3/EVP_ASYM_CIPHER_free.html doc/html/man3/EVP_BytesToKey.html doc/html/man3/EVP_CIPHER_CTX_get_cipher_data.html doc/html/man3/EVP_CIPHER_meth_new.html doc/html/man3/EVP_DigestInit.html doc/html/man3/EVP_DigestSignInit.html doc/html/man3/EVP_DigestVerifyInit.html doc/html/man3/EVP_EncodeInit.html doc/html/man3/EVP_EncryptInit.html doc/html/man3/EVP_KDF.html doc/html/man3/EVP_KEYEXCH_free.html doc/html/man3/EVP_KEYMGMT.html doc/html/man3/EVP_MAC.html doc/html/man3/EVP_MD_meth_new.html doc/html/man3/EVP_OpenInit.html doc/html/man3/EVP_PKEY_ASN1_METHOD.html doc/html/man3/EVP_PKEY_CTX_ctrl.html doc/html/man3/EVP_PKEY_CTX_new.html doc/html/man3/EVP_PKEY_CTX_set1_pbe_pass.html doc/html/man3/EVP_PKEY_CTX_set_hkdf_md.html doc/html/man3/EVP_PKEY_CTX_set_params.html doc/html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.html doc/html/man3/EVP_PKEY_CTX_set_scrypt_N.html doc/html/man3/EVP_PKEY_CTX_set_tls1_prf_md.html doc/html/man3/EVP_PKEY_asn1_get_count.html doc/html/man3/EVP_PKEY_check.html doc/html/man3/EVP_PKEY_copy_parameters.html doc/html/man3/EVP_PKEY_decrypt.html doc/html/man3/EVP_PKEY_derive.html doc/html/man3/EVP_PKEY_encrypt.html doc/html/man3/EVP_PKEY_fromdata.html doc/html/man3/EVP_PKEY_gen.html doc/html/man3/EVP_PKEY_get_default_digest_nid.html doc/html/man3/EVP_PKEY_gettable_params.html doc/html/man3/EVP_PKEY_is_a.html doc/html/man3/EVP_PKEY_meth_get_count.html doc/html/man3/EVP_PKEY_meth_new.html doc/html/man3/EVP_PKEY_new.html doc/html/man3/EVP_PKEY_print_private.html doc/html/man3/EVP_PKEY_set1_RSA.html doc/html/man3/EVP_PKEY_set_type.html doc/html/man3/EVP_PKEY_sign.html doc/html/man3/EVP_PKEY_size.html doc/html/man3/EVP_PKEY_supports_digest_nid.html doc/html/man3/EVP_PKEY_verify.html doc/html/man3/EVP_PKEY_verify_recover.html doc/html/man3/EVP_RAND.html doc/html/man3/EVP_SIGNATURE_free.html doc/html/man3/EVP_SealInit.html doc/html/man3/EVP_SignInit.html doc/html/man3/EVP_VerifyInit.html doc/html/man3/EVP_aes_128_gcm.html doc/html/man3/EVP_aria_128_gcm.html doc/html/man3/EVP_bf_cbc.html doc/html/man3/EVP_blake2b512.html doc/html/man3/EVP_camellia_128_ecb.html doc/html/man3/EVP_cast5_cbc.html doc/html/man3/EVP_chacha20.html doc/html/man3/EVP_des_cbc.html doc/html/man3/EVP_desx_cbc.html doc/html/man3/EVP_idea_cbc.html doc/html/man3/EVP_md2.html doc/html/man3/EVP_md4.html doc/html/man3/EVP_md5.html doc/html/man3/EVP_mdc2.html doc/html/man3/EVP_rc2_cbc.html doc/html/man3/EVP_rc4.html doc/html/man3/EVP_rc5_32_12_16_cbc.html doc/html/man3/EVP_ripemd160.html doc/html/man3/EVP_seed_cbc.html doc/html/man3/EVP_set_default_properties.html doc/html/man3/EVP_sha1.html doc/html/man3/EVP_sha224.html doc/html/man3/EVP_sha3_224.html doc/html/man3/EVP_sm3.html doc/html/man3/EVP_sm4_cbc.html doc/html/man3/EVP_whirlpool.html doc/html/man3/HMAC.html doc/html/man3/MD5.html doc/html/man3/MDC2_Init.html doc/html/man3/NCONF_new_with_libctx.html doc/html/man3/OBJ_nid2obj.html doc/html/man3/OCSP_REQUEST_new.html doc/html/man3/OCSP_cert_to_id.html doc/html/man3/OCSP_request_add1_nonce.html doc/html/man3/OCSP_resp_find_status.html doc/html/man3/OCSP_response_status.html doc/html/man3/OCSP_sendreq_new.html doc/html/man3/OPENSSL_Applink.html doc/html/man3/OPENSSL_CTX.html doc/html/man3/OPENSSL_FILE.html doc/html/man3/OPENSSL_LH_COMPFUNC.html doc/html/man3/OPENSSL_LH_stats.html doc/html/man3/OPENSSL_config.html doc/html/man3/OPENSSL_fork_prepare.html doc/html/man3/OPENSSL_hexchar2int.html doc/html/man3/OPENSSL_ia32cap.html doc/html/man3/OPENSSL_init_crypto.html doc/html/man3/OPENSSL_init_ssl.html doc/html/man3/OPENSSL_instrument_bus.html doc/html/man3/OPENSSL_load_builtin_modules.html doc/html/man3/OPENSSL_malloc.html doc/html/man3/OPENSSL_s390xcap.html doc/html/man3/OPENSSL_secure_malloc.html doc/html/man3/OSSL_CMP_CTX_new.html doc/html/man3/OSSL_CMP_HDR_get0_transactionID.html doc/html/man3/OSSL_CMP_ITAV_set0.html doc/html/man3/OSSL_CMP_MSG_get0_header.html doc/html/man3/OSSL_CMP_MSG_http_perform.html doc/html/man3/OSSL_CMP_SRV_CTX_new.html doc/html/man3/OSSL_CMP_STATUSINFO_new.html doc/html/man3/OSSL_CMP_exec_certreq.html doc/html/man3/OSSL_CMP_log_open.html doc/html/man3/OSSL_CMP_validate_msg.html doc/html/man3/OSSL_CRMF_MSG_get0_tmpl.html doc/html/man3/OSSL_CRMF_MSG_set0_validity.html doc/html/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.html doc/html/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.html doc/html/man3/OSSL_CRMF_pbmp_new.html doc/html/man3/OSSL_DESERIALIZER.html doc/html/man3/OSSL_DESERIALIZER_CTX.html doc/html/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.html doc/html/man3/OSSL_DESERIALIZER_from_bio.html doc/html/man3/OSSL_HTTP_transfer.html doc/html/man3/OSSL_PARAM.html doc/html/man3/OSSL_PARAM_BLD.html doc/html/man3/OSSL_PARAM_allocate_from_text.html doc/html/man3/OSSL_PARAM_int.html doc/html/man3/OSSL_PROVIDER.html doc/html/man3/OSSL_SELF_TEST_new.html doc/html/man3/OSSL_SELF_TEST_set_callback.html doc/html/man3/OSSL_SERIALIZER.html doc/html/man3/OSSL_SERIALIZER_CTX.html doc/html/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.html doc/html/man3/OSSL_SERIALIZER_to_bio.html doc/html/man3/OSSL_STORE_INFO.html doc/html/man3/OSSL_STORE_LOADER.html doc/html/man3/OSSL_STORE_SEARCH.html doc/html/man3/OSSL_STORE_attach.html doc/html/man3/OSSL_STORE_expect.html doc/html/man3/OSSL_STORE_open.html doc/html/man3/OSSL_trace_enabled.html doc/html/man3/OSSL_trace_get_category_num.html doc/html/man3/OSSL_trace_set_channel.html doc/html/man3/OpenSSL_add_all_algorithms.html doc/html/man3/OpenSSL_version.html doc/html/man3/PEM_X509_INFO_read_bio_with_libctx.html doc/html/man3/PEM_bytes_read_bio.html doc/html/man3/PEM_read.html doc/html/man3/PEM_read_CMS.html doc/html/man3/PEM_read_bio_PrivateKey.html doc/html/man3/PEM_read_bio_ex.html doc/html/man3/PEM_write_bio_CMS_stream.html doc/html/man3/PEM_write_bio_PKCS7_stream.html doc/html/man3/PKCS12_SAFEBAG_get0_attrs.html doc/html/man3/PKCS12_add_CSPName_asc.html doc/html/man3/PKCS12_add_friendlyname_asc.html doc/html/man3/PKCS12_add_localkeyid.html doc/html/man3/PKCS12_create.html doc/html/man3/PKCS12_get_friendlyname.html doc/html/man3/PKCS12_newpass.html doc/html/man3/PKCS12_parse.html doc/html/man3/PKCS5_PBKDF2_HMAC.html doc/html/man3/PKCS7_decrypt.html doc/html/man3/PKCS7_encrypt.html doc/html/man3/PKCS7_sign.html doc/html/man3/PKCS7_sign_add_signer.html doc/html/man3/PKCS7_verify.html doc/html/man3/PKCS8_pkey_add1_attr.html doc/html/man3/RAND_DRBG_generate.html doc/html/man3/RAND_DRBG_get0_public.html doc/html/man3/RAND_DRBG_new.html doc/html/man3/RAND_DRBG_reseed.html doc/html/man3/RAND_DRBG_set_callbacks.html doc/html/man3/RAND_add.html doc/html/man3/RAND_bytes.html doc/html/man3/RAND_cleanup.html doc/html/man3/RAND_egd.html doc/html/man3/RAND_load_file.html doc/html/man3/RAND_set_rand_method.html doc/html/man3/RC4_set_key.html doc/html/man3/RIPEMD160_Init.html doc/html/man3/RSA_blinding_on.html doc/html/man3/RSA_check_key.html doc/html/man3/RSA_generate_key.html doc/html/man3/RSA_get0_key.html doc/html/man3/RSA_meth_new.html doc/html/man3/RSA_new.html doc/html/man3/RSA_padding_add_PKCS1_type_1.html doc/html/man3/RSA_print.html doc/html/man3/RSA_private_encrypt.html doc/html/man3/RSA_public_encrypt.html doc/html/man3/RSA_set_method.html doc/html/man3/RSA_sign.html doc/html/man3/RSA_sign_ASN1_OCTET_STRING.html doc/html/man3/RSA_size.html doc/html/man3/SCT_new.html doc/html/man3/SCT_print.html doc/html/man3/SCT_validate.html doc/html/man3/SHA256_Init.html doc/html/man3/SMIME_read_CMS.html doc/html/man3/SMIME_read_PKCS7.html doc/html/man3/SMIME_write_CMS.html doc/html/man3/SMIME_write_PKCS7.html doc/html/man3/SRP_Calc_B.html doc/html/man3/SRP_VBASE_new.html doc/html/man3/SRP_create_verifier.html doc/html/man3/SRP_user_pwd_new.html doc/html/man3/SSL_CIPHER_get_name.html doc/html/man3/SSL_COMP_add_compression_method.html doc/html/man3/SSL_CONF_CTX_new.html doc/html/man3/SSL_CONF_CTX_set1_prefix.html doc/html/man3/SSL_CONF_CTX_set_flags.html doc/html/man3/SSL_CONF_CTX_set_ssl_ctx.html doc/html/man3/SSL_CONF_cmd.html doc/html/man3/SSL_CONF_cmd_argv.html doc/html/man3/SSL_CTX_add1_chain_cert.html doc/html/man3/SSL_CTX_add_extra_chain_cert.html doc/html/man3/SSL_CTX_add_session.html doc/html/man3/SSL_CTX_config.html doc/html/man3/SSL_CTX_ctrl.html doc/html/man3/SSL_CTX_dane_enable.html doc/html/man3/SSL_CTX_flush_sessions.html doc/html/man3/SSL_CTX_free.html doc/html/man3/SSL_CTX_get0_param.html doc/html/man3/SSL_CTX_get_verify_mode.html doc/html/man3/SSL_CTX_has_client_custom_ext.html doc/html/man3/SSL_CTX_load_verify_locations.html doc/html/man3/SSL_CTX_new.html doc/html/man3/SSL_CTX_sess_number.html doc/html/man3/SSL_CTX_sess_set_cache_size.html doc/html/man3/SSL_CTX_sess_set_get_cb.html doc/html/man3/SSL_CTX_sessions.html doc/html/man3/SSL_CTX_set0_CA_list.html doc/html/man3/SSL_CTX_set1_curves.html doc/html/man3/SSL_CTX_set1_sigalgs.html doc/html/man3/SSL_CTX_set1_verify_cert_store.html doc/html/man3/SSL_CTX_set_alpn_select_cb.html doc/html/man3/SSL_CTX_set_cert_cb.html doc/html/man3/SSL_CTX_set_cert_store.html doc/html/man3/SSL_CTX_set_cert_verify_callback.html doc/html/man3/SSL_CTX_set_cipher_list.html doc/html/man3/SSL_CTX_set_client_cert_cb.html doc/html/man3/SSL_CTX_set_client_hello_cb.html doc/html/man3/SSL_CTX_set_ct_validation_callback.html doc/html/man3/SSL_CTX_set_ctlog_list_file.html doc/html/man3/SSL_CTX_set_default_passwd_cb.html doc/html/man3/SSL_CTX_set_generate_session_id.html doc/html/man3/SSL_CTX_set_info_callback.html doc/html/man3/SSL_CTX_set_keylog_callback.html doc/html/man3/SSL_CTX_set_max_cert_list.html doc/html/man3/SSL_CTX_set_min_proto_version.html doc/html/man3/SSL_CTX_set_mode.html doc/html/man3/SSL_CTX_set_msg_callback.html doc/html/man3/SSL_CTX_set_num_tickets.html doc/html/man3/SSL_CTX_set_options.html doc/html/man3/SSL_CTX_set_psk_client_callback.html doc/html/man3/SSL_CTX_set_quiet_shutdown.html doc/html/man3/SSL_CTX_set_read_ahead.html doc/html/man3/SSL_CTX_set_record_padding_callback.html doc/html/man3/SSL_CTX_set_security_level.html doc/html/man3/SSL_CTX_set_session_cache_mode.html doc/html/man3/SSL_CTX_set_session_id_context.html doc/html/man3/SSL_CTX_set_session_ticket_cb.html doc/html/man3/SSL_CTX_set_split_send_fragment.html doc/html/man3/SSL_CTX_set_srp_password.html doc/html/man3/SSL_CTX_set_ssl_version.html doc/html/man3/SSL_CTX_set_stateless_cookie_generate_cb.html doc/html/man3/SSL_CTX_set_timeout.html doc/html/man3/SSL_CTX_set_tlsext_servername_callback.html doc/html/man3/SSL_CTX_set_tlsext_status_cb.html doc/html/man3/SSL_CTX_set_tlsext_ticket_key_cb.html doc/html/man3/SSL_CTX_set_tlsext_use_srtp.html doc/html/man3/SSL_CTX_set_tmp_dh_callback.html doc/html/man3/SSL_CTX_set_tmp_ecdh.html doc/html/man3/SSL_CTX_set_verify.html doc/html/man3/SSL_CTX_use_certificate.html doc/html/man3/SSL_CTX_use_psk_identity_hint.html doc/html/man3/SSL_CTX_use_serverinfo.html doc/html/man3/SSL_SESSION_free.html doc/html/man3/SSL_SESSION_get0_cipher.html doc/html/man3/SSL_SESSION_get0_hostname.html doc/html/man3/SSL_SESSION_get0_id_context.html doc/html/man3/SSL_SESSION_get0_peer.html doc/html/man3/SSL_SESSION_get_compress_id.html doc/html/man3/SSL_SESSION_get_protocol_version.html doc/html/man3/SSL_SESSION_get_time.html doc/html/man3/SSL_SESSION_has_ticket.html doc/html/man3/SSL_SESSION_is_resumable.html doc/html/man3/SSL_SESSION_print.html doc/html/man3/SSL_SESSION_set1_id.html doc/html/man3/SSL_accept.html doc/html/man3/SSL_alert_type_string.html doc/html/man3/SSL_alloc_buffers.html doc/html/man3/SSL_check_chain.html doc/html/man3/SSL_clear.html doc/html/man3/SSL_connect.html doc/html/man3/SSL_do_handshake.html doc/html/man3/SSL_export_keying_material.html doc/html/man3/SSL_extension_supported.html doc/html/man3/SSL_free.html doc/html/man3/SSL_get0_peer_scts.html doc/html/man3/SSL_get_SSL_CTX.html doc/html/man3/SSL_get_all_async_fds.html doc/html/man3/SSL_get_ciphers.html doc/html/man3/SSL_get_client_random.html doc/html/man3/SSL_get_current_cipher.html doc/html/man3/SSL_get_default_timeout.html doc/html/man3/SSL_get_error.html doc/html/man3/SSL_get_extms_support.html doc/html/man3/SSL_get_fd.html doc/html/man3/SSL_get_peer_cert_chain.html doc/html/man3/SSL_get_peer_certificate.html doc/html/man3/SSL_get_peer_signature_nid.html doc/html/man3/SSL_get_peer_tmp_key.html doc/html/man3/SSL_get_psk_identity.html doc/html/man3/SSL_get_rbio.html doc/html/man3/SSL_get_session.html doc/html/man3/SSL_get_shared_sigalgs.html doc/html/man3/SSL_get_verify_result.html doc/html/man3/SSL_get_version.html doc/html/man3/SSL_in_init.html doc/html/man3/SSL_key_update.html doc/html/man3/SSL_library_init.html doc/html/man3/SSL_load_client_CA_file.html doc/html/man3/SSL_new.html doc/html/man3/SSL_pending.html doc/html/man3/SSL_read.html doc/html/man3/SSL_read_early_data.html doc/html/man3/SSL_rstate_string.html doc/html/man3/SSL_session_reused.html doc/html/man3/SSL_set1_host.html doc/html/man3/SSL_set_async_callback.html doc/html/man3/SSL_set_bio.html doc/html/man3/SSL_set_connect_state.html doc/html/man3/SSL_set_fd.html doc/html/man3/SSL_set_session.html doc/html/man3/SSL_set_shutdown.html doc/html/man3/SSL_set_verify_result.html doc/html/man3/SSL_shutdown.html doc/html/man3/SSL_state_string.html doc/html/man3/SSL_want.html doc/html/man3/SSL_write.html doc/html/man3/TS_VERIFY_CTX_set_certs.html doc/html/man3/UI_STRING.html doc/html/man3/UI_UTIL_read_pw.html doc/html/man3/UI_create_method.html doc/html/man3/UI_new.html doc/html/man3/X509V3_get_d2i.html doc/html/man3/X509_ALGOR_dup.html doc/html/man3/X509_CRL_get0_by_serial.html doc/html/man3/X509_EXTENSION_set_object.html doc/html/man3/X509_LOOKUP.html doc/html/man3/X509_LOOKUP_hash_dir.html doc/html/man3/X509_LOOKUP_meth_new.html doc/html/man3/X509_NAME_ENTRY_get_object.html doc/html/man3/X509_NAME_add_entry_by_txt.html doc/html/man3/X509_NAME_get0_der.html doc/html/man3/X509_NAME_get_index_by_NID.html doc/html/man3/X509_NAME_print_ex.html doc/html/man3/X509_PUBKEY_new.html doc/html/man3/X509_SIG_get0.html doc/html/man3/X509_STORE_CTX_get_error.html doc/html/man3/X509_STORE_CTX_new.html doc/html/man3/X509_STORE_CTX_set_verify_cb.html doc/html/man3/X509_STORE_add_cert.html doc/html/man3/X509_STORE_get0_param.html doc/html/man3/X509_STORE_new.html doc/html/man3/X509_STORE_set_verify_cb_func.html doc/html/man3/X509_VERIFY_PARAM_set_flags.html doc/html/man3/X509_check_ca.html doc/html/man3/X509_check_host.html doc/html/man3/X509_check_issued.html doc/html/man3/X509_check_private_key.html doc/html/man3/X509_check_purpose.html doc/html/man3/X509_cmp.html doc/html/man3/X509_cmp_time.html doc/html/man3/X509_digest.html doc/html/man3/X509_dup.html doc/html/man3/X509_get0_distinguishing_id.html doc/html/man3/X509_get0_notBefore.html doc/html/man3/X509_get0_signature.html doc/html/man3/X509_get0_uids.html doc/html/man3/X509_get_extension_flags.html doc/html/man3/X509_get_pubkey.html doc/html/man3/X509_get_serialNumber.html doc/html/man3/X509_get_subject_name.html doc/html/man3/X509_get_version.html doc/html/man3/X509_load_http.html doc/html/man3/X509_new.html doc/html/man3/X509_sign.html doc/html/man3/X509_verify.html doc/html/man3/X509_verify_cert.html doc/html/man3/X509v3_get_ext_by_NID.html doc/html/man3/d2i_DHparams.html doc/html/man3/d2i_PKCS8PrivateKey_bio.html doc/html/man3/d2i_PrivateKey.html doc/html/man3/d2i_SSL_SESSION.html doc/html/man3/d2i_X509.html doc/html/man3/i2d_CMS_bio_stream.html doc/html/man3/i2d_PKCS7_bio_stream.html doc/html/man3/i2d_re_X509_tbs.html doc/html/man3/o2i_SCT_LIST.html doc/html/man3/s2i_ASN1_IA5STRING.html doc/html/man5/config.html doc/html/man5/fips_config.html doc/html/man5/x509v3_config.html doc/html/man7/EVP_KDF-HKDF.html doc/html/man7/EVP_KDF-KB.html doc/html/man7/EVP_KDF-KRB5KDF.html doc/html/man7/EVP_KDF-PBKDF2.html doc/html/man7/EVP_KDF-SCRYPT.html doc/html/man7/EVP_KDF-SS.html doc/html/man7/EVP_KDF-SSHKDF.html doc/html/man7/EVP_KDF-TLS1_PRF.html doc/html/man7/EVP_KDF-X942.html doc/html/man7/EVP_KDF-X963.html doc/html/man7/EVP_KEYEXCH-DH.html doc/html/man7/EVP_KEYEXCH-ECDH.html doc/html/man7/EVP_KEYEXCH-X25519.html doc/html/man7/EVP_MAC-BLAKE2.html doc/html/man7/EVP_MAC-CMAC.html doc/html/man7/EVP_MAC-GMAC.html doc/html/man7/EVP_MAC-HMAC.html doc/html/man7/EVP_MAC-KMAC.html doc/html/man7/EVP_MAC-Poly1305.html doc/html/man7/EVP_MAC-Siphash.html doc/html/man7/EVP_MD-BLAKE2.html doc/html/man7/EVP_MD-MD2.html doc/html/man7/EVP_MD-MD4.html doc/html/man7/EVP_MD-MD5-SHA1.html doc/html/man7/EVP_MD-MD5.html doc/html/man7/EVP_MD-MDC2.html doc/html/man7/EVP_MD-RIPEMD160.html doc/html/man7/EVP_MD-SHA1.html doc/html/man7/EVP_MD-SHA2.html doc/html/man7/EVP_MD-SHA3.html doc/html/man7/EVP_MD-SHAKE.html doc/html/man7/EVP_MD-SM3.html doc/html/man7/EVP_MD-WHIRLPOOL.html doc/html/man7/EVP_MD-common.html doc/html/man7/EVP_PKEY-DH.html doc/html/man7/EVP_PKEY-DSA.html doc/html/man7/EVP_PKEY-EC.html doc/html/man7/EVP_PKEY-FFC.html doc/html/man7/EVP_PKEY-RSA.html doc/html/man7/EVP_PKEY-X25519.html doc/html/man7/EVP_RAND-CTR-DRBG.html doc/html/man7/EVP_RAND-HASH-DRBG.html doc/html/man7/EVP_RAND-HMAC-DRBG.html doc/html/man7/EVP_RAND-TEST-RAND.html doc/html/man7/EVP_SIGNATURE-DSA.html doc/html/man7/EVP_SIGNATURE-ECDSA.html doc/html/man7/EVP_SIGNATURE-ED25519.html doc/html/man7/EVP_SIGNATURE-RSA.html doc/html/man7/OSSL_PROVIDER-FIPS.html doc/html/man7/OSSL_PROVIDER-base.html doc/html/man7/OSSL_PROVIDER-default.html doc/html/man7/OSSL_PROVIDER-legacy.html doc/html/man7/OSSL_PROVIDER-null.html doc/html/man7/RAND.html doc/html/man7/RAND_DRBG.html doc/html/man7/RSA-PSS.html doc/html/man7/SM2.html doc/html/man7/X25519.html doc/html/man7/bio.html doc/html/man7/crypto.html doc/html/man7/ct.html doc/html/man7/des_modes.html doc/html/man7/evp.html doc/html/man7/openssl-core.h.html doc/html/man7/openssl-core_dispatch.h.html doc/html/man7/openssl-core_names.h.html doc/html/man7/openssl-env.html doc/html/man7/openssl_user_macros.html doc/html/man7/ossl_store-file.html doc/html/man7/ossl_store.html doc/html/man7/passphrase-encoding.html doc/html/man7/property.html doc/html/man7/provider-asym_cipher.html doc/html/man7/provider-base.html doc/html/man7/provider-cipher.html doc/html/man7/provider-digest.html doc/html/man7/provider-keyexch.html doc/html/man7/provider-keymgmt.html doc/html/man7/provider-mac.html doc/html/man7/provider-rand.html doc/html/man7/provider-serializer.html doc/html/man7/provider-signature.html doc/html/man7/provider.html doc/html/man7/proxy-certificates.html doc/html/man7/ssl.html doc/html/man7/x509.html
rm -f doc/man/man1/CA.pl.1 doc/man/man1/openssl-asn1parse.1 doc/man/man1/openssl-ca.1 doc/man/man1/openssl-ciphers.1 doc/man/man1/openssl-cmds.1 doc/man/man1/openssl-cmp.1 doc/man/man1/openssl-cms.1 doc/man/man1/openssl-crl.1 doc/man/man1/openssl-crl2pkcs7.1 doc/man/man1/openssl-dgst.1 doc/man/man1/openssl-dhparam.1 doc/man/man1/openssl-dsa.1 doc/man/man1/openssl-dsaparam.1 doc/man/man1/openssl-ec.1 doc/man/man1/openssl-ecparam.1 doc/man/man1/openssl-enc.1 doc/man/man1/openssl-engine.1 doc/man/man1/openssl-errstr.1 doc/man/man1/openssl-fipsinstall.1 doc/man/man1/openssl-gendsa.1 doc/man/man1/openssl-genpkey.1 doc/man/man1/openssl-genrsa.1 doc/man/man1/openssl-info.1 doc/man/man1/openssl-kdf.1 doc/man/man1/openssl-list.1 doc/man/man1/openssl-mac.1 doc/man/man1/openssl-nseq.1 doc/man/man1/openssl-ocsp.1 doc/man/man1/openssl-passwd.1 doc/man/man1/openssl-pkcs12.1 doc/man/man1/openssl-pkcs7.1 doc/man/man1/openssl-pkcs8.1 doc/man/man1/openssl-pkey.1 doc/man/man1/openssl-pkeyparam.1 doc/man/man1/openssl-pkeyutl.1 doc/man/man1/openssl-prime.1 doc/man/man1/openssl-provider.1 doc/man/man1/openssl-rand.1 doc/man/man1/openssl-rehash.1 doc/man/man1/openssl-req.1 doc/man/man1/openssl-rsa.1 doc/man/man1/openssl-rsautl.1 doc/man/man1/openssl-s_client.1 doc/man/man1/openssl-s_server.1 doc/man/man1/openssl-s_time.1 doc/man/man1/openssl-sess_id.1 doc/man/man1/openssl-smime.1 doc/man/man1/openssl-speed.1 doc/man/man1/openssl-spkac.1 doc/man/man1/openssl-srp.1 doc/man/man1/openssl-storeutl.1 doc/man/man1/openssl-ts.1 doc/man/man1/openssl-verify.1 doc/man/man1/openssl-version.1 doc/man/man1/openssl-x509.1 doc/man/man1/openssl.1 doc/man/man1/tsget.1 doc/man/man3/ADMISSIONS.3 doc/man/man3/ASN1_INTEGER_get_int64.3 doc/man/man3/ASN1_INTEGER_new.3 doc/man/man3/ASN1_ITEM_lookup.3 doc/man/man3/ASN1_OBJECT_new.3 doc/man/man3/ASN1_STRING_TABLE_add.3 doc/man/man3/ASN1_STRING_length.3 doc/man/man3/ASN1_STRING_new.3 doc/man/man3/ASN1_STRING_print_ex.3 doc/man/man3/ASN1_TIME_set.3 doc/man/man3/ASN1_TYPE_get.3 doc/man/man3/ASN1_generate_nconf.3 doc/man/man3/ASYNC_WAIT_CTX_new.3 doc/man/man3/ASYNC_start_job.3 doc/man/man3/BF_encrypt.3 doc/man/man3/BIO_ADDR.3 doc/man/man3/BIO_ADDRINFO.3 doc/man/man3/BIO_connect.3 doc/man/man3/BIO_ctrl.3 doc/man/man3/BIO_f_base64.3 doc/man/man3/BIO_f_buffer.3 doc/man/man3/BIO_f_cipher.3 doc/man/man3/BIO_f_md.3 doc/man/man3/BIO_f_null.3 doc/man/man3/BIO_f_prefix.3 doc/man/man3/BIO_f_ssl.3 doc/man/man3/BIO_find_type.3 doc/man/man3/BIO_get_data.3 doc/man/man3/BIO_get_ex_new_index.3 doc/man/man3/BIO_meth_new.3 doc/man/man3/BIO_new.3 doc/man/man3/BIO_new_CMS.3 doc/man/man3/BIO_parse_hostserv.3 doc/man/man3/BIO_printf.3 doc/man/man3/BIO_push.3 doc/man/man3/BIO_read.3 doc/man/man3/BIO_s_accept.3 doc/man/man3/BIO_s_bio.3 doc/man/man3/BIO_s_connect.3 doc/man/man3/BIO_s_fd.3 doc/man/man3/BIO_s_file.3 doc/man/man3/BIO_s_mem.3 doc/man/man3/BIO_s_null.3 doc/man/man3/BIO_s_socket.3 doc/man/man3/BIO_set_callback.3 doc/man/man3/BIO_should_retry.3 doc/man/man3/BIO_socket_wait.3 doc/man/man3/BN_BLINDING_new.3 doc/man/man3/BN_CTX_new.3 doc/man/man3/BN_CTX_start.3 doc/man/man3/BN_add.3 doc/man/man3/BN_add_word.3 doc/man/man3/BN_bn2bin.3 doc/man/man3/BN_cmp.3 doc/man/man3/BN_copy.3 doc/man/man3/BN_generate_prime.3 doc/man/man3/BN_mod_inverse.3 doc/man/man3/BN_mod_mul_montgomery.3 doc/man/man3/BN_mod_mul_reciprocal.3 doc/man/man3/BN_new.3 doc/man/man3/BN_num_bytes.3 doc/man/man3/BN_rand.3 doc/man/man3/BN_security_bits.3 doc/man/man3/BN_set_bit.3 doc/man/man3/BN_swap.3 doc/man/man3/BN_zero.3 doc/man/man3/BUF_MEM_new.3 doc/man/man3/CMS_EnvelopedData_create.3 doc/man/man3/CMS_add0_cert.3 doc/man/man3/CMS_add1_recipient_cert.3 doc/man/man3/CMS_add1_signer.3 doc/man/man3/CMS_compress.3 doc/man/man3/CMS_decrypt.3 doc/man/man3/CMS_encrypt.3 doc/man/man3/CMS_final.3 doc/man/man3/CMS_get0_RecipientInfos.3 doc/man/man3/CMS_get0_SignerInfos.3 doc/man/man3/CMS_get0_type.3 doc/man/man3/CMS_get1_ReceiptRequest.3 doc/man/man3/CMS_sign.3 doc/man/man3/CMS_sign_receipt.3 doc/man/man3/CMS_uncompress.3 doc/man/man3/CMS_verify.3 doc/man/man3/CMS_verify_receipt.3 doc/man/man3/CONF_modules_free.3 doc/man/man3/CONF_modules_load_file.3 doc/man/man3/CRYPTO_THREAD_run_once.3 doc/man/man3/CRYPTO_get_ex_new_index.3 doc/man/man3/CRYPTO_memcmp.3 doc/man/man3/CTLOG_STORE_get0_log_by_id.3 doc/man/man3/CTLOG_STORE_new.3 doc/man/man3/CTLOG_new.3 doc/man/man3/CT_POLICY_EVAL_CTX_new.3 doc/man/man3/DEFINE_STACK_OF.3 doc/man/man3/DES_random_key.3 doc/man/man3/DH_generate_key.3 doc/man/man3/DH_generate_parameters.3 doc/man/man3/DH_get0_pqg.3 doc/man/man3/DH_get_1024_160.3 doc/man/man3/DH_meth_new.3 doc/man/man3/DH_new.3 doc/man/man3/DH_new_by_nid.3 doc/man/man3/DH_set_method.3 doc/man/man3/DH_size.3 doc/man/man3/DSA_SIG_new.3 doc/man/man3/DSA_do_sign.3 doc/man/man3/DSA_dup_DH.3 doc/man/man3/DSA_generate_key.3 doc/man/man3/DSA_generate_parameters.3 doc/man/man3/DSA_get0_pqg.3 doc/man/man3/DSA_meth_new.3 doc/man/man3/DSA_new.3 doc/man/man3/DSA_set_method.3 doc/man/man3/DSA_sign.3 doc/man/man3/DSA_size.3 doc/man/man3/DTLS_get_data_mtu.3 doc/man/man3/DTLS_set_timer_cb.3 doc/man/man3/DTLSv1_listen.3 doc/man/man3/ECDSA_SIG_new.3 doc/man/man3/ECPKParameters_print.3 doc/man/man3/EC_GFp_simple_method.3 doc/man/man3/EC_GROUP_copy.3 doc/man/man3/EC_GROUP_new.3 doc/man/man3/EC_KEY_get_enc_flags.3 doc/man/man3/EC_KEY_new.3 doc/man/man3/EC_POINT_add.3 doc/man/man3/EC_POINT_new.3 doc/man/man3/ENGINE_add.3 doc/man/man3/ERR_GET_LIB.3 doc/man/man3/ERR_clear_error.3 doc/man/man3/ERR_error_string.3 doc/man/man3/ERR_get_error.3 doc/man/man3/ERR_load_crypto_strings.3 doc/man/man3/ERR_load_strings.3 doc/man/man3/ERR_new.3 doc/man/man3/ERR_print_errors.3 doc/man/man3/ERR_put_error.3 doc/man/man3/ERR_remove_state.3 doc/man/man3/ERR_set_mark.3 doc/man/man3/EVP_ASYM_CIPHER_free.3 doc/man/man3/EVP_BytesToKey.3 doc/man/man3/EVP_CIPHER_CTX_get_cipher_data.3 doc/man/man3/EVP_CIPHER_meth_new.3 doc/man/man3/EVP_DigestInit.3 doc/man/man3/EVP_DigestSignInit.3 doc/man/man3/EVP_DigestVerifyInit.3 doc/man/man3/EVP_EncodeInit.3 doc/man/man3/EVP_EncryptInit.3 doc/man/man3/EVP_KDF.3 doc/man/man3/EVP_KEYEXCH_free.3 doc/man/man3/EVP_KEYMGMT.3 doc/man/man3/EVP_MAC.3 doc/man/man3/EVP_MD_meth_new.3 doc/man/man3/EVP_OpenInit.3 doc/man/man3/EVP_PKEY_ASN1_METHOD.3 doc/man/man3/EVP_PKEY_CTX_ctrl.3 doc/man/man3/EVP_PKEY_CTX_new.3 doc/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3 doc/man/man3/EVP_PKEY_CTX_set_hkdf_md.3 doc/man/man3/EVP_PKEY_CTX_set_params.3 doc/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3 doc/man/man3/EVP_PKEY_CTX_set_scrypt_N.3 doc/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3 doc/man/man3/EVP_PKEY_asn1_get_count.3 doc/man/man3/EVP_PKEY_check.3 doc/man/man3/EVP_PKEY_copy_parameters.3 doc/man/man3/EVP_PKEY_decrypt.3 doc/man/man3/EVP_PKEY_derive.3 doc/man/man3/EVP_PKEY_encrypt.3 doc/man/man3/EVP_PKEY_fromdata.3 doc/man/man3/EVP_PKEY_gen.3 doc/man/man3/EVP_PKEY_get_default_digest_nid.3 doc/man/man3/EVP_PKEY_gettable_params.3 doc/man/man3/EVP_PKEY_is_a.3 doc/man/man3/EVP_PKEY_meth_get_count.3 doc/man/man3/EVP_PKEY_meth_new.3 doc/man/man3/EVP_PKEY_new.3 doc/man/man3/EVP_PKEY_print_private.3 doc/man/man3/EVP_PKEY_set1_RSA.3 doc/man/man3/EVP_PKEY_set_type.3 doc/man/man3/EVP_PKEY_sign.3 doc/man/man3/EVP_PKEY_size.3 doc/man/man3/EVP_PKEY_supports_digest_nid.3 doc/man/man3/EVP_PKEY_verify.3 doc/man/man3/EVP_PKEY_verify_recover.3 doc/man/man3/EVP_RAND.3 doc/man/man3/EVP_SIGNATURE_free.3 doc/man/man3/EVP_SealInit.3 doc/man/man3/EVP_SignInit.3 doc/man/man3/EVP_VerifyInit.3 doc/man/man3/EVP_aes_128_gcm.3 doc/man/man3/EVP_aria_128_gcm.3 doc/man/man3/EVP_bf_cbc.3 doc/man/man3/EVP_blake2b512.3 doc/man/man3/EVP_camellia_128_ecb.3 doc/man/man3/EVP_cast5_cbc.3 doc/man/man3/EVP_chacha20.3 doc/man/man3/EVP_des_cbc.3 doc/man/man3/EVP_desx_cbc.3 doc/man/man3/EVP_idea_cbc.3 doc/man/man3/EVP_md2.3 doc/man/man3/EVP_md4.3 doc/man/man3/EVP_md5.3 doc/man/man3/EVP_mdc2.3 doc/man/man3/EVP_rc2_cbc.3 doc/man/man3/EVP_rc4.3 doc/man/man3/EVP_rc5_32_12_16_cbc.3 doc/man/man3/EVP_ripemd160.3 doc/man/man3/EVP_seed_cbc.3 doc/man/man3/EVP_set_default_properties.3 doc/man/man3/EVP_sha1.3 doc/man/man3/EVP_sha224.3 doc/man/man3/EVP_sha3_224.3 doc/man/man3/EVP_sm3.3 doc/man/man3/EVP_sm4_cbc.3 doc/man/man3/EVP_whirlpool.3 doc/man/man3/HMAC.3 doc/man/man3/MD5.3 doc/man/man3/MDC2_Init.3 doc/man/man3/NCONF_new_with_libctx.3 doc/man/man3/OBJ_nid2obj.3 doc/man/man3/OCSP_REQUEST_new.3 doc/man/man3/OCSP_cert_to_id.3 doc/man/man3/OCSP_request_add1_nonce.3 doc/man/man3/OCSP_resp_find_status.3 doc/man/man3/OCSP_response_status.3 doc/man/man3/OCSP_sendreq_new.3 doc/man/man3/OPENSSL_Applink.3 doc/man/man3/OPENSSL_CTX.3 doc/man/man3/OPENSSL_FILE.3 doc/man/man3/OPENSSL_LH_COMPFUNC.3 doc/man/man3/OPENSSL_LH_stats.3 doc/man/man3/OPENSSL_config.3 doc/man/man3/OPENSSL_fork_prepare.3 doc/man/man3/OPENSSL_hexchar2int.3 doc/man/man3/OPENSSL_ia32cap.3 doc/man/man3/OPENSSL_init_crypto.3 doc/man/man3/OPENSSL_init_ssl.3 doc/man/man3/OPENSSL_instrument_bus.3 doc/man/man3/OPENSSL_load_builtin_modules.3 doc/man/man3/OPENSSL_malloc.3 doc/man/man3/OPENSSL_s390xcap.3 doc/man/man3/OPENSSL_secure_malloc.3 doc/man/man3/OSSL_CMP_CTX_new.3 doc/man/man3/OSSL_CMP_HDR_get0_transactionID.3 doc/man/man3/OSSL_CMP_ITAV_set0.3 doc/man/man3/OSSL_CMP_MSG_get0_header.3 doc/man/man3/OSSL_CMP_MSG_http_perform.3 doc/man/man3/OSSL_CMP_SRV_CTX_new.3 doc/man/man3/OSSL_CMP_STATUSINFO_new.3 doc/man/man3/OSSL_CMP_exec_certreq.3 doc/man/man3/OSSL_CMP_log_open.3 doc/man/man3/OSSL_CMP_validate_msg.3 doc/man/man3/OSSL_CRMF_MSG_get0_tmpl.3 doc/man/man3/OSSL_CRMF_MSG_set0_validity.3 doc/man/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.3 doc/man/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.3 doc/man/man3/OSSL_CRMF_pbmp_new.3 doc/man/man3/OSSL_DESERIALIZER.3 doc/man/man3/OSSL_DESERIALIZER_CTX.3 doc/man/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_DESERIALIZER_from_bio.3 doc/man/man3/OSSL_HTTP_transfer.3 doc/man/man3/OSSL_PARAM.3 doc/man/man3/OSSL_PARAM_BLD.3 doc/man/man3/OSSL_PARAM_allocate_from_text.3 doc/man/man3/OSSL_PARAM_int.3 doc/man/man3/OSSL_PROVIDER.3 doc/man/man3/OSSL_SELF_TEST_new.3 doc/man/man3/OSSL_SELF_TEST_set_callback.3 doc/man/man3/OSSL_SERIALIZER.3 doc/man/man3/OSSL_SERIALIZER_CTX.3 doc/man/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_SERIALIZER_to_bio.3 doc/man/man3/OSSL_STORE_INFO.3 doc/man/man3/OSSL_STORE_LOADER.3 doc/man/man3/OSSL_STORE_SEARCH.3 doc/man/man3/OSSL_STORE_attach.3 doc/man/man3/OSSL_STORE_expect.3 doc/man/man3/OSSL_STORE_open.3 doc/man/man3/OSSL_trace_enabled.3 doc/man/man3/OSSL_trace_get_category_num.3 doc/man/man3/OSSL_trace_set_channel.3 doc/man/man3/OpenSSL_add_all_algorithms.3 doc/man/man3/OpenSSL_version.3 doc/man/man3/PEM_X509_INFO_read_bio_with_libctx.3 doc/man/man3/PEM_bytes_read_bio.3 doc/man/man3/PEM_read.3 doc/man/man3/PEM_read_CMS.3 doc/man/man3/PEM_read_bio_PrivateKey.3 doc/man/man3/PEM_read_bio_ex.3 doc/man/man3/PEM_write_bio_CMS_stream.3 doc/man/man3/PEM_write_bio_PKCS7_stream.3 doc/man/man3/PKCS12_SAFEBAG_get0_attrs.3 doc/man/man3/PKCS12_add_CSPName_asc.3 doc/man/man3/PKCS12_add_friendlyname_asc.3 doc/man/man3/PKCS12_add_localkeyid.3 doc/man/man3/PKCS12_create.3 doc/man/man3/PKCS12_get_friendlyname.3 doc/man/man3/PKCS12_newpass.3 doc/man/man3/PKCS12_parse.3 doc/man/man3/PKCS5_PBKDF2_HMAC.3 doc/man/man3/PKCS7_decrypt.3 doc/man/man3/PKCS7_encrypt.3 doc/man/man3/PKCS7_sign.3 doc/man/man3/PKCS7_sign_add_signer.3 doc/man/man3/PKCS7_verify.3 doc/man/man3/PKCS8_pkey_add1_attr.3 doc/man/man3/RAND_DRBG_generate.3 doc/man/man3/RAND_DRBG_get0_public.3 doc/man/man3/RAND_DRBG_new.3 doc/man/man3/RAND_DRBG_reseed.3 doc/man/man3/RAND_DRBG_set_callbacks.3 doc/man/man3/RAND_add.3 doc/man/man3/RAND_bytes.3 doc/man/man3/RAND_cleanup.3 doc/man/man3/RAND_egd.3 doc/man/man3/RAND_load_file.3 doc/man/man3/RAND_set_rand_method.3 doc/man/man3/RC4_set_key.3 doc/man/man3/RIPEMD160_Init.3 doc/man/man3/RSA_blinding_on.3 doc/man/man3/RSA_check_key.3 doc/man/man3/RSA_generate_key.3 doc/man/man3/RSA_get0_key.3 doc/man/man3/RSA_meth_new.3 doc/man/man3/RSA_new.3 doc/man/man3/RSA_padding_add_PKCS1_type_1.3 doc/man/man3/RSA_print.3 doc/man/man3/RSA_private_encrypt.3 doc/man/man3/RSA_public_encrypt.3 doc/man/man3/RSA_set_method.3 doc/man/man3/RSA_sign.3 doc/man/man3/RSA_sign_ASN1_OCTET_STRING.3 doc/man/man3/RSA_size.3 doc/man/man3/SCT_new.3 doc/man/man3/SCT_print.3 doc/man/man3/SCT_validate.3 doc/man/man3/SHA256_Init.3 doc/man/man3/SMIME_read_CMS.3 doc/man/man3/SMIME_read_PKCS7.3 doc/man/man3/SMIME_write_CMS.3 doc/man/man3/SMIME_write_PKCS7.3 doc/man/man3/SRP_Calc_B.3 doc/man/man3/SRP_VBASE_new.3 doc/man/man3/SRP_create_verifier.3 doc/man/man3/SRP_user_pwd_new.3 doc/man/man3/SSL_CIPHER_get_name.3 doc/man/man3/SSL_COMP_add_compression_method.3 doc/man/man3/SSL_CONF_CTX_new.3 doc/man/man3/SSL_CONF_CTX_set1_prefix.3 doc/man/man3/SSL_CONF_CTX_set_flags.3 doc/man/man3/SSL_CONF_CTX_set_ssl_ctx.3 doc/man/man3/SSL_CONF_cmd.3 doc/man/man3/SSL_CONF_cmd_argv.3 doc/man/man3/SSL_CTX_add1_chain_cert.3 doc/man/man3/SSL_CTX_add_extra_chain_cert.3 doc/man/man3/SSL_CTX_add_session.3 doc/man/man3/SSL_CTX_config.3 doc/man/man3/SSL_CTX_ctrl.3 doc/man/man3/SSL_CTX_dane_enable.3 doc/man/man3/SSL_CTX_flush_sessions.3 doc/man/man3/SSL_CTX_free.3 doc/man/man3/SSL_CTX_get0_param.3 doc/man/man3/SSL_CTX_get_verify_mode.3 doc/man/man3/SSL_CTX_has_client_custom_ext.3 doc/man/man3/SSL_CTX_load_verify_locations.3 doc/man/man3/SSL_CTX_new.3 doc/man/man3/SSL_CTX_sess_number.3 doc/man/man3/SSL_CTX_sess_set_cache_size.3 doc/man/man3/SSL_CTX_sess_set_get_cb.3 doc/man/man3/SSL_CTX_sessions.3 doc/man/man3/SSL_CTX_set0_CA_list.3 doc/man/man3/SSL_CTX_set1_curves.3 doc/man/man3/SSL_CTX_set1_sigalgs.3 doc/man/man3/SSL_CTX_set1_verify_cert_store.3 doc/man/man3/SSL_CTX_set_alpn_select_cb.3 doc/man/man3/SSL_CTX_set_cert_cb.3 doc/man/man3/SSL_CTX_set_cert_store.3 doc/man/man3/SSL_CTX_set_cert_verify_callback.3 doc/man/man3/SSL_CTX_set_cipher_list.3 doc/man/man3/SSL_CTX_set_client_cert_cb.3 doc/man/man3/SSL_CTX_set_client_hello_cb.3 doc/man/man3/SSL_CTX_set_ct_validation_callback.3 doc/man/man3/SSL_CTX_set_ctlog_list_file.3 doc/man/man3/SSL_CTX_set_default_passwd_cb.3 doc/man/man3/SSL_CTX_set_generate_session_id.3 doc/man/man3/SSL_CTX_set_info_callback.3 doc/man/man3/SSL_CTX_set_keylog_callback.3 doc/man/man3/SSL_CTX_set_max_cert_list.3 doc/man/man3/SSL_CTX_set_min_proto_version.3 doc/man/man3/SSL_CTX_set_mode.3 doc/man/man3/SSL_CTX_set_msg_callback.3 doc/man/man3/SSL_CTX_set_num_tickets.3 doc/man/man3/SSL_CTX_set_options.3 doc/man/man3/SSL_CTX_set_psk_client_callback.3 doc/man/man3/SSL_CTX_set_quiet_shutdown.3 doc/man/man3/SSL_CTX_set_read_ahead.3 doc/man/man3/SSL_CTX_set_record_padding_callback.3 doc/man/man3/SSL_CTX_set_security_level.3 doc/man/man3/SSL_CTX_set_session_cache_mode.3 doc/man/man3/SSL_CTX_set_session_id_context.3 doc/man/man3/SSL_CTX_set_session_ticket_cb.3 doc/man/man3/SSL_CTX_set_split_send_fragment.3 doc/man/man3/SSL_CTX_set_srp_password.3 doc/man/man3/SSL_CTX_set_ssl_version.3 doc/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3 doc/man/man3/SSL_CTX_set_timeout.3 doc/man/man3/SSL_CTX_set_tlsext_servername_callback.3 doc/man/man3/SSL_CTX_set_tlsext_status_cb.3 doc/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3 doc/man/man3/SSL_CTX_set_tlsext_use_srtp.3 doc/man/man3/SSL_CTX_set_tmp_dh_callback.3 doc/man/man3/SSL_CTX_set_tmp_ecdh.3 doc/man/man3/SSL_CTX_set_verify.3 doc/man/man3/SSL_CTX_use_certificate.3 doc/man/man3/SSL_CTX_use_psk_identity_hint.3 doc/man/man3/SSL_CTX_use_serverinfo.3 doc/man/man3/SSL_SESSION_free.3 doc/man/man3/SSL_SESSION_get0_cipher.3 doc/man/man3/SSL_SESSION_get0_hostname.3 doc/man/man3/SSL_SESSION_get0_id_context.3 doc/man/man3/SSL_SESSION_get0_peer.3 doc/man/man3/SSL_SESSION_get_compress_id.3 doc/man/man3/SSL_SESSION_get_protocol_version.3 doc/man/man3/SSL_SESSION_get_time.3 doc/man/man3/SSL_SESSION_has_ticket.3 doc/man/man3/SSL_SESSION_is_resumable.3 doc/man/man3/SSL_SESSION_print.3 doc/man/man3/SSL_SESSION_set1_id.3 doc/man/man3/SSL_accept.3 doc/man/man3/SSL_alert_type_string.3 doc/man/man3/SSL_alloc_buffers.3 doc/man/man3/SSL_check_chain.3 doc/man/man3/SSL_clear.3 doc/man/man3/SSL_connect.3 doc/man/man3/SSL_do_handshake.3 doc/man/man3/SSL_export_keying_material.3 doc/man/man3/SSL_extension_supported.3 doc/man/man3/SSL_free.3 doc/man/man3/SSL_get0_peer_scts.3 doc/man/man3/SSL_get_SSL_CTX.3 doc/man/man3/SSL_get_all_async_fds.3 doc/man/man3/SSL_get_ciphers.3 doc/man/man3/SSL_get_client_random.3 doc/man/man3/SSL_get_current_cipher.3 doc/man/man3/SSL_get_default_timeout.3 doc/man/man3/SSL_get_error.3 doc/man/man3/SSL_get_extms_support.3 doc/man/man3/SSL_get_fd.3 doc/man/man3/SSL_get_peer_cert_chain.3 doc/man/man3/SSL_get_peer_certificate.3 doc/man/man3/SSL_get_peer_signature_nid.3 doc/man/man3/SSL_get_peer_tmp_key.3 doc/man/man3/SSL_get_psk_identity.3 doc/man/man3/SSL_get_rbio.3 doc/man/man3/SSL_get_session.3 doc/man/man3/SSL_get_shared_sigalgs.3 doc/man/man3/SSL_get_verify_result.3 doc/man/man3/SSL_get_version.3 doc/man/man3/SSL_in_init.3 doc/man/man3/SSL_key_update.3 doc/man/man3/SSL_library_init.3 doc/man/man3/SSL_load_client_CA_file.3 doc/man/man3/SSL_new.3 doc/man/man3/SSL_pending.3 doc/man/man3/SSL_read.3 doc/man/man3/SSL_read_early_data.3 doc/man/man3/SSL_rstate_string.3 doc/man/man3/SSL_session_reused.3 doc/man/man3/SSL_set1_host.3 doc/man/man3/SSL_set_async_callback.3 doc/man/man3/SSL_set_bio.3 doc/man/man3/SSL_set_connect_state.3 doc/man/man3/SSL_set_fd.3 doc/man/man3/SSL_set_session.3 doc/man/man3/SSL_set_shutdown.3 doc/man/man3/SSL_set_verify_result.3 doc/man/man3/SSL_shutdown.3 doc/man/man3/SSL_state_string.3 doc/man/man3/SSL_want.3 doc/man/man3/SSL_write.3 doc/man/man3/TS_VERIFY_CTX_set_certs.3 doc/man/man3/UI_STRING.3 doc/man/man3/UI_UTIL_read_pw.3 doc/man/man3/UI_create_method.3 doc/man/man3/UI_new.3 doc/man/man3/X509V3_get_d2i.3 doc/man/man3/X509_ALGOR_dup.3 doc/man/man3/X509_CRL_get0_by_serial.3 doc/man/man3/X509_EXTENSION_set_object.3 doc/man/man3/X509_LOOKUP.3 doc/man/man3/X509_LOOKUP_hash_dir.3 doc/man/man3/X509_LOOKUP_meth_new.3 doc/man/man3/X509_NAME_ENTRY_get_object.3 doc/man/man3/X509_NAME_add_entry_by_txt.3 doc/man/man3/X509_NAME_get0_der.3 doc/man/man3/X509_NAME_get_index_by_NID.3 doc/man/man3/X509_NAME_print_ex.3 doc/man/man3/X509_PUBKEY_new.3 doc/man/man3/X509_SIG_get0.3 doc/man/man3/X509_STORE_CTX_get_error.3 doc/man/man3/X509_STORE_CTX_new.3 doc/man/man3/X509_STORE_CTX_set_verify_cb.3 doc/man/man3/X509_STORE_add_cert.3 doc/man/man3/X509_STORE_get0_param.3 doc/man/man3/X509_STORE_new.3 doc/man/man3/X509_STORE_set_verify_cb_func.3 doc/man/man3/X509_VERIFY_PARAM_set_flags.3 doc/man/man3/X509_check_ca.3 doc/man/man3/X509_check_host.3 doc/man/man3/X509_check_issued.3 doc/man/man3/X509_check_private_key.3 doc/man/man3/X509_check_purpose.3 doc/man/man3/X509_cmp.3 doc/man/man3/X509_cmp_time.3 doc/man/man3/X509_digest.3 doc/man/man3/X509_dup.3 doc/man/man3/X509_get0_distinguishing_id.3 doc/man/man3/X509_get0_notBefore.3 doc/man/man3/X509_get0_signature.3 doc/man/man3/X509_get0_uids.3 doc/man/man3/X509_get_extension_flags.3 doc/man/man3/X509_get_pubkey.3 doc/man/man3/X509_get_serialNumber.3 doc/man/man3/X509_get_subject_name.3 doc/man/man3/X509_get_version.3 doc/man/man3/X509_load_http.3 doc/man/man3/X509_new.3 doc/man/man3/X509_sign.3 doc/man/man3/X509_verify.3 doc/man/man3/X509_verify_cert.3 doc/man/man3/X509v3_get_ext_by_NID.3 doc/man/man3/d2i_DHparams.3 doc/man/man3/d2i_PKCS8PrivateKey_bio.3 doc/man/man3/d2i_PrivateKey.3 doc/man/man3/d2i_SSL_SESSION.3 doc/man/man3/d2i_X509.3 doc/man/man3/i2d_CMS_bio_stream.3 doc/man/man3/i2d_PKCS7_bio_stream.3 doc/man/man3/i2d_re_X509_tbs.3 doc/man/man3/o2i_SCT_LIST.3 doc/man/man3/s2i_ASN1_IA5STRING.3 doc/man/man5/config.5 doc/man/man5/fips_config.5 doc/man/man5/x509v3_config.5 doc/man/man7/EVP_KDF-HKDF.7 doc/man/man7/EVP_KDF-KB.7 doc/man/man7/EVP_KDF-KRB5KDF.7 doc/man/man7/EVP_KDF-PBKDF2.7 doc/man/man7/EVP_KDF-SCRYPT.7 doc/man/man7/EVP_KDF-SS.7 doc/man/man7/EVP_KDF-SSHKDF.7 doc/man/man7/EVP_KDF-TLS1_PRF.7 doc/man/man7/EVP_KDF-X942.7 doc/man/man7/EVP_KDF-X963.7 doc/man/man7/EVP_KEYEXCH-DH.7 doc/man/man7/EVP_KEYEXCH-ECDH.7 doc/man/man7/EVP_KEYEXCH-X25519.7 doc/man/man7/EVP_MAC-BLAKE2.7 doc/man/man7/EVP_MAC-CMAC.7 doc/man/man7/EVP_MAC-GMAC.7 doc/man/man7/EVP_MAC-HMAC.7 doc/man/man7/EVP_MAC-KMAC.7 doc/man/man7/EVP_MAC-Poly1305.7 doc/man/man7/EVP_MAC-Siphash.7 doc/man/man7/EVP_MD-BLAKE2.7 doc/man/man7/EVP_MD-MD2.7 doc/man/man7/EVP_MD-MD4.7 doc/man/man7/EVP_MD-MD5-SHA1.7 doc/man/man7/EVP_MD-MD5.7 doc/man/man7/EVP_MD-MDC2.7 doc/man/man7/EVP_MD-RIPEMD160.7 doc/man/man7/EVP_MD-SHA1.7 doc/man/man7/EVP_MD-SHA2.7 doc/man/man7/EVP_MD-SHA3.7 doc/man/man7/EVP_MD-SHAKE.7 doc/man/man7/EVP_MD-SM3.7 doc/man/man7/EVP_MD-WHIRLPOOL.7 doc/man/man7/EVP_MD-common.7 doc/man/man7/EVP_PKEY-DH.7 doc/man/man7/EVP_PKEY-DSA.7 doc/man/man7/EVP_PKEY-EC.7 doc/man/man7/EVP_PKEY-FFC.7 doc/man/man7/EVP_PKEY-RSA.7 doc/man/man7/EVP_PKEY-X25519.7 doc/man/man7/EVP_RAND-CTR-DRBG.7 doc/man/man7/EVP_RAND-HASH-DRBG.7 doc/man/man7/EVP_RAND-HMAC-DRBG.7 doc/man/man7/EVP_RAND-TEST-RAND.7 doc/man/man7/EVP_SIGNATURE-DSA.7 doc/man/man7/EVP_SIGNATURE-ECDSA.7 doc/man/man7/EVP_SIGNATURE-ED25519.7 doc/man/man7/EVP_SIGNATURE-RSA.7 doc/man/man7/OSSL_PROVIDER-FIPS.7 doc/man/man7/OSSL_PROVIDER-base.7 doc/man/man7/OSSL_PROVIDER-default.7 doc/man/man7/OSSL_PROVIDER-legacy.7 doc/man/man7/OSSL_PROVIDER-null.7 doc/man/man7/RAND.7 doc/man/man7/RAND_DRBG.7 doc/man/man7/RSA-PSS.7 doc/man/man7/SM2.7 doc/man/man7/X25519.7 doc/man/man7/bio.7 doc/man/man7/crypto.7 doc/man/man7/ct.7 doc/man/man7/des_modes.7 doc/man/man7/evp.7 doc/man/man7/openssl-core.h.7 doc/man/man7/openssl-core_dispatch.h.7 doc/man/man7/openssl-core_names.h.7 doc/man/man7/openssl-env.7 doc/man/man7/openssl_user_macros.7 doc/man/man7/ossl_store-file.7 doc/man/man7/ossl_store.7 doc/man/man7/passphrase-encoding.7 doc/man/man7/property.7 doc/man/man7/provider-asym_cipher.7 doc/man/man7/provider-base.7 doc/man/man7/provider-cipher.7 doc/man/man7/provider-digest.7 doc/man/man7/provider-keyexch.7 doc/man/man7/provider-keymgmt.7 doc/man/man7/provider-mac.7 doc/man/man7/provider-rand.7 doc/man/man7/provider-serializer.7 doc/man/man7/provider-signature.7 doc/man/man7/provider.7 doc/man/man7/proxy-certificates.7 doc/man/man7/ssl.7 doc/man/man7/x509.7
rm -f apps/openssl fuzz/asn1-test fuzz/asn1parse-test fuzz/bignum-test fuzz/bndiv-test fuzz/client-test fuzz/cmp-test fuzz/cms-test fuzz/conf-test fuzz/crl-test fuzz/ct-test fuzz/server-test fuzz/x509-test test/aborttest test/acvp_test test/aesgcmtest test/afalgtest test/asn1_decode_test test/asn1_dsa_internal_test test/asn1_encode_test test/asn1_internal_test test/asn1_string_table_test test/asn1_time_test test/asynciotest test/asynctest test/bad_dtls_test test/bftest test/bio_callback_test test/bio_enc_test test/bio_memleak_test test/bio_prefix_text test/bioprinttest test/bn_internal_test test/bntest test/buildtest_c_aes test/buildtest_c_asn1 test/buildtest_c_asn1t test/buildtest_c_async test/buildtest_c_bio test/buildtest_c_blowfish test/buildtest_c_bn test/buildtest_c_buffer test/buildtest_c_camellia test/buildtest_c_cast test/buildtest_c_cmac test/buildtest_c_cmp test/buildtest_c_cmp_util test/buildtest_c_cms test/buildtest_c_comp test/buildtest_c_conf test/buildtest_c_conf_api test/buildtest_c_core test/buildtest_c_core_dispatch test/buildtest_c_core_names test/buildtest_c_crmf test/buildtest_c_crypto test/buildtest_c_ct test/buildtest_c_des test/buildtest_c_deserializer test/buildtest_c_dh test/buildtest_c_dsa test/buildtest_c_e_os2 test/buildtest_c_ebcdic test/buildtest_c_ec test/buildtest_c_ecdh test/buildtest_c_ecdsa test/buildtest_c_engine test/buildtest_c_ess test/buildtest_c_evp test/buildtest_c_fips_names test/buildtest_c_hmac test/buildtest_c_http test/buildtest_c_idea test/buildtest_c_kdf test/buildtest_c_lhash test/buildtest_c_macros test/buildtest_c_md4 test/buildtest_c_md5 test/buildtest_c_mdc2 test/buildtest_c_modes test/buildtest_c_obj_mac test/buildtest_c_objects test/buildtest_c_ocsp test/buildtest_c_ossl_typ test/buildtest_c_param_build test/buildtest_c_params test/buildtest_c_pem test/buildtest_c_pem2 test/buildtest_c_pkcs12 test/buildtest_c_pkcs7 test/buildtest_c_provider test/buildtest_c_rand test/buildtest_c_rand_drbg test/buildtest_c_rc2 test/buildtest_c_rc4 test/buildtest_c_ripemd test/buildtest_c_rsa test/buildtest_c_safestack test/buildtest_c_seed test/buildtest_c_self_test test/buildtest_c_serializer test/buildtest_c_sha test/buildtest_c_srp test/buildtest_c_srtp test/buildtest_c_ssl test/buildtest_c_ssl2 test/buildtest_c_stack test/buildtest_c_store test/buildtest_c_symhacks test/buildtest_c_tls1 test/buildtest_c_ts test/buildtest_c_txt_db test/buildtest_c_types test/buildtest_c_ui test/buildtest_c_whrlpool test/buildtest_c_x509 test/buildtest_c_x509_vfy test/buildtest_c_x509v3 test/casttest test/chacha_internal_test test/cipher_overhead_test test/cipherbytes_test test/cipherlist_test test/ciphername_test test/clienthellotest test/cmactest test/cmp_asn_test test/cmp_client_test test/cmp_ctx_test test/cmp_hdr_test test/cmp_msg_test test/cmp_protect_test test/cmp_server_test test/cmp_status_test test/cmp_vfy_test test/cmsapitest test/conf_include_test test/confdump test/constant_time_test test/context_internal_test test/crltest test/ct_test test/ctype_internal_test test/curve448_internal_test test/d2i_test test/danetest test/destest test/dhtest test/drbg_cavs_test test/drbg_extra_test test/drbgtest test/dsa_no_digest_size_test test/dsatest test/dtls_mtu_test test/dtlstest test/dtlsv1listentest test/ec_internal_test test/ecdsatest test/ecstresstest test/ectest test/enginetest test/errtest test/evp_extra_test test/evp_extra_test2 test/evp_fetch_prov_test test/evp_kdf_test test/evp_libctx_test test/evp_pkey_dparams_test test/evp_pkey_provided_test test/evp_test test/exdatatest test/exptest test/fatalerrtest test/ffc_internal_test test/gmdifftest test/gosttest test/hexstr_test test/hmactest test/http_test test/ideatest test/igetest test/keymgmt_internal_test test/lhash_test test/mdc2_internal_test test/mdc2test test/memleaktest test/modes_internal_test test/namemap_internal_test test/ocspapitest test/packettest test/param_build_test test/params_api_test test/params_conversion_test test/params_test test/pbelutest test/pemtest test/pkey_meth_kdf_test test/pkey_meth_test test/poly1305_internal_test test/property_test test/provider_fallback_test test/provider_internal_test test/provider_test test/rc2test test/rc4test test/rc5test test/rdrand_sanitytest test/recordlentest test/rsa_complex test/rsa_mp_test test/rsa_sp800_56b_test test/rsa_test test/sanitytest test/secmemtest test/serdes_test test/servername_test test/shlibloadtest test/siphash_internal_test test/sm2_internal_test test/sm4_internal_test test/sparse_array_test test/srptest test/ssl_cert_table_internal_test test/ssl_ctx_test test/ssl_test test/ssl_test_ctx_test test/sslapitest test/sslbuffertest test/sslcorrupttest test/ssltest_old test/stack_test test/sysdefaulttest test/test_test test/threadstest test/time_offset_test test/tls13ccstest test/tls13encryptiontest test/tls13secretstest test/uitest test/v3ext test/v3nametest test/verify_extra_test test/versions test/wpackettest test/x509_check_cert_pkey_test test/x509_dup_cert_test test/x509_internal_test test/x509_time_test test/x509aux  engines/afalg.so engines/capi.so engines/dasync.so engines/ossltest.so engines/padlock.so providers/fips.so providers/legacy.so test/p_test.so apps/CA.pl apps/tsget.pl tools/c_rehash util/shlib_wrap.sh
rm -f doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod include/crypto/bn_conf.h include/crypto/dso_conf.h include/openssl/configuration.h include/openssl/fipskey.h include/openssl/opensslv.h test/provider_internal_test.cnf apps/CA.pl apps/progs.c apps/progs.h apps/tsget.pl crypto/aes/aes-x86_64.s crypto/aes/aesni-mb-x86_64.s crypto/aes/aesni-sha1-x86_64.s crypto/aes/aesni-sha256-x86_64.s crypto/aes/aesni-x86_64.s crypto/aes/bsaes-x86_64.s crypto/aes/vpaes-x86_64.s crypto/bn/rsaz-avx2.s crypto/bn/rsaz-x86_64.s crypto/bn/x86_64-gf2m.s crypto/bn/x86_64-mont.s crypto/bn/x86_64-mont5.s crypto/buildinf.h crypto/camellia/cmll-x86_64.s crypto/chacha/chacha-x86_64.s crypto/ec/ecp_nistz256-x86_64.s crypto/ec/x25519-x86_64.s crypto/md5/md5-x86_64.s crypto/modes/aesni-gcm-x86_64.s crypto/modes/ghash-x86_64.s crypto/poly1305/poly1305-x86_64.s crypto/rc4/rc4-md5-x86_64.s crypto/rc4/rc4-x86_64.s crypto/sha/keccak1600-x86_64.s crypto/sha/sha1-mb-x86_64.s crypto/sha/sha1-x86_64.s crypto/sha/sha256-mb-x86_64.s crypto/sha/sha256-x86_64.s crypto/sha/sha512-x86_64.s crypto/whrlpool/wp-x86_64.s crypto/x86_64cpuid.s doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod engines/afalg.ld engines/capi.ld engines/dasync.ld engines/e_padlock-x86_64.s engines/ossltest.ld engines/padlock.ld libcrypto.ld libssl.ld providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_rsa_gen.c providers/common/der/der_wrap_gen.c providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_wrap.h providers/fips.ld providers/legacy.ld test/buildtest_aes.c test/buildtest_asn1.c test/buildtest_asn1t.c test/buildtest_async.c test/buildtest_bio.c test/buildtest_blowfish.c test/buildtest_bn.c test/buildtest_buffer.c test/buildtest_camellia.c test/buildtest_cast.c test/buildtest_cmac.c test/buildtest_cmp.c test/buildtest_cmp_util.c test/buildtest_cms.c test/buildtest_comp.c test/buildtest_conf.c test/buildtest_conf_api.c test/buildtest_core.c test/buildtest_core_dispatch.c test/buildtest_core_names.c test/buildtest_crmf.c test/buildtest_crypto.c test/buildtest_ct.c test/buildtest_des.c test/buildtest_deserializer.c test/buildtest_dh.c test/buildtest_dsa.c test/buildtest_e_os2.c test/buildtest_ebcdic.c test/buildtest_ec.c test/buildtest_ecdh.c test/buildtest_ecdsa.c test/buildtest_engine.c test/buildtest_ess.c test/buildtest_evp.c test/buildtest_fips_names.c test/buildtest_hmac.c test/buildtest_http.c test/buildtest_idea.c test/buildtest_kdf.c test/buildtest_lhash.c test/buildtest_macros.c test/buildtest_md4.c test/buildtest_md5.c test/buildtest_mdc2.c test/buildtest_modes.c test/buildtest_obj_mac.c test/buildtest_objects.c test/buildtest_ocsp.c test/buildtest_ossl_typ.c test/buildtest_param_build.c test/buildtest_params.c test/buildtest_pem.c test/buildtest_pem2.c test/buildtest_pkcs12.c test/buildtest_pkcs7.c test/buildtest_provider.c test/buildtest_rand.c test/buildtest_rand_drbg.c test/buildtest_rc2.c test/buildtest_rc4.c test/buildtest_ripemd.c test/buildtest_rsa.c test/buildtest_safestack.c test/buildtest_seed.c test/buildtest_self_test.c test/buildtest_serializer.c test/buildtest_sha.c test/buildtest_srp.c test/buildtest_srtp.c test/buildtest_ssl.c test/buildtest_ssl2.c test/buildtest_stack.c test/buildtest_store.c test/buildtest_symhacks.c test/buildtest_tls1.c test/buildtest_ts.c test/buildtest_txt_db.c test/buildtest_types.c test/buildtest_ui.c test/buildtest_whrlpool.c test/buildtest_x509.c test/buildtest_x509_vfy.c test/buildtest_x509v3.c test/p_test.ld tools/c_rehash util/shlib_wrap.sh
rm -f `find . -name '*.d' \! -name '.*' \! -type d -print`
rm -f `find . -name '*.o' \! -name '.*' \! -type d -print`
rm -f core
rm -f tags TAGS doc-nits cmd-nits md-nits
rm -f -r test/test-runs
rm -f openssl.pc libcrypto.pc libssl.pc
rm -f `find . -type l \! -name '.*' -print`
rm -f ../openssl-3.0.0-alpha6-dev.tar
$ make depend
$ LDCMD= make -j4
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-asn1parse.pod.in > doc/man1/openssl-asn1parse.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ca.pod.in > doc/man1/openssl-ca.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ciphers.pod.in > doc/man1/openssl-ciphers.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmds.pod.in > doc/man1/openssl-cmds.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmp.pod.in > doc/man1/openssl-cmp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cms.pod.in > doc/man1/openssl-cms.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl.pod.in > doc/man1/openssl-crl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-provider.pod.in > doc/man1/openssl-provider.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf
make depend && make _build_sw
make[1]: Entering directory '/home/openssl/run-checker/no-sock'
make[1]: Leaving directory '/home/openssl/run-checker/no-sock'
make[1]: Entering directory '/home/openssl/run-checker/no-sock'
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c
../openssl/apps/lib/http_server.c:27:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations]
int multi = 0; /* run multiple responder processes */
    ^
1 error generated.
Makefile:4140: recipe for target 'apps/lib/libapps-lib-http_server.o' failed
make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-sock'
Makefile:3109: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From pauli at openssl.org  Fri Aug  7 13:17:35 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Fri, 07 Aug 2020 13:17:35 +0000
Subject: [openssl]  master update
Message-ID: <1596806255.010163.20821.nullmailer@dev.openssl.org>

The branch master has been updated
       via  97a8878c5d7ff59a315b975252fef97d3ab6ac41 (commit)
      from  5ccada09aae0cf846d3381a161d3eb20d4d9abfd (commit)


- Log -----------------------------------------------------------------
commit 97a8878c5d7ff59a315b975252fef97d3ab6ac41
Author: Kelvin Lee <kiyolee at gmail.com>
Date:   Thu Aug 6 15:07:39 2020 +1000

    Use .cnf for config files, not .conf
    
    CLA: trivial
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12592)

-----------------------------------------------------------------------

Summary of changes:
 test/recipes/03-test_fipsinstall.t | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/test/recipes/03-test_fipsinstall.t b/test/recipes/03-test_fipsinstall.t
index 1d7a1ff6ae..ca516539b0 100644
--- a/test/recipes/03-test_fipsinstall.t
+++ b/test/recipes/03-test_fipsinstall.t
@@ -203,7 +203,7 @@ SKIP: {
     skip "Skipping KAS DH corruption test because of no dh in this build", 1
         if disabled("dh");
 
-    ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips.conf', '-module', $infile,
+    ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips.cnf', '-module', $infile,
                 '-provider_name', 'fips', '-mac_name', 'HMAC',
                 '-macopt', 'digest:SHA256', '-macopt', "hexkey:$fipskey",
                 '-section_name', 'fips_sect',
@@ -216,7 +216,7 @@ SKIP: {
 SKIP: {
     skip "Skipping Signature DSA corruption test because of no dsa in this build", 1
         if disabled("dsa");
-    ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips.conf', '-module', $infile,
+    ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips.cnf', '-module', $infile,
                 '-provider_name', 'fips', '-mac_name', 'HMAC',
                 '-macopt', 'digest:SHA256', '-macopt', "hexkey:$fipskey",
                 '-section_name', 'fips_sect',

From openssl at openssl.org  Fri Aug  7 13:54:42 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 07 Aug 2020 13:54:42 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT
 -fno-sanitize=alignment
Message-ID: <1596808482.580245.8448.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment

Commit log since last time:

914f97eecc Fix provider cipher reinit after init/update with a partial update block.
c5b356d5d6 Mark an argument of an inline function as unused
ebc1e8fc4e openssl-cmp.pod.in: Update and extend example using Insta Demo CA
4c525cb5b6 DESERIALIZER: Fix EVP_PKEY construction by export
aff8c0a411 Fix error message on setting cert validity period in apps/cmp.c
57c05c57c3 apps: Correct and extend diagnostics of parse_name()
02ae130e3d Add 'section=...' info in error output of X509V3_EXT_nconf() as far as appropriate
1ac658ac9d Rename misleading X509V3_R_INVALID_NULL_NAME to X509V3_R_INVALID_EMPTY_NAME
c90c469376 Correct confusing X509V3 conf error output by removing needless 'section:<NULL>' etc.
b516a4b139 Correct misleading diagnostics of OBJ_txt2obj on unknown object name
8f7e897995 apps/cmp.c: Defer diagnostic output on server+proxy to be contacted
b5b6669fb6 PROV: Make the DER to KEY deserializer decode parameters too
19b4e6f8fe Coverity Fixes for issue #12531
e5b2cd5899 Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo
37d898df34 Add CHANGES.md entry for SSL_set1_host()/SSL_add1_host() taking IP literals
892a9e4c99 Disallow setting more than one IP address with SSL_add1_host()
396e720965 Fix certificate validation for IPv6 literals in sconnect demo
c832840e89 Make SSL_set1_host() and SSL_add1_host() take IP addresses
a677190779 81-test_cmp_cli.t: Skip tests with mock server if server cannot be started

Build log ended with (last 100 lines):

            # Server sent alert unexpected_message but client received no alert.
            # 4027DF5FF87F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:318:
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1
    not ok 6 - running ssl_test 25-cipher.cnf
# ------------------------------------------------------------------------------
    # Looks like you failed 2 tests of 9.
not ok 26 - Test configuration 25-cipher.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok

        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #2, ECDHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 40A7FC5E1B7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #3, DHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 40A7FC5E1B7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 4 - iteration 4
# ------------------------------------------------------------------------------
    not ok 1 - test_ssl_corrupt
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1
not ok 1 - running sslcorrupttest
# ------------------------------------------------------------------------------
#   Failed test 'running sslcorrupttest'
#   at ../openssl/test/recipes/80-test_sslcorrupt.t line 19.
# Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests 
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls_mtu.t               (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  26
  Non-zero exit status: 1
80-test_sslcorrupt.t             (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=207, Tests=3250, 1730 wallclock secs (13.37 usr  1.39 sys + 1646.65 cusr 83.15 csys = 1744.56 CPU)
Result: FAIL
Makefile:3138: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-ubsan'
Makefile:3136: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Fri Aug  7 14:19:04 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 07 Aug 2020 14:19:04 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-ui
Message-ID: <1596809944.820379.26715.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ui

Commit log since last time:

914f97eecc Fix provider cipher reinit after init/update with a partial update block.
c5b356d5d6 Mark an argument of an inline function as unused
ebc1e8fc4e openssl-cmp.pod.in: Update and extend example using Insta Demo CA
4c525cb5b6 DESERIALIZER: Fix EVP_PKEY construction by export
aff8c0a411 Fix error message on setting cert validity period in apps/cmp.c
57c05c57c3 apps: Correct and extend diagnostics of parse_name()
02ae130e3d Add 'section=...' info in error output of X509V3_EXT_nconf() as far as appropriate
1ac658ac9d Rename misleading X509V3_R_INVALID_NULL_NAME to X509V3_R_INVALID_EMPTY_NAME
c90c469376 Correct confusing X509V3 conf error output by removing needless 'section:<NULL>' etc.
b516a4b139 Correct misleading diagnostics of OBJ_txt2obj on unknown object name
8f7e897995 apps/cmp.c: Defer diagnostic output on server+proxy to be contacted
b5b6669fb6 PROV: Make the DER to KEY deserializer decode parameters too
19b4e6f8fe Coverity Fixes for issue #12531
e5b2cd5899 Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo
37d898df34 Add CHANGES.md entry for SSL_set1_host()/SSL_add1_host() taking IP literals
892a9e4c99 Disallow setting more than one IP address with SSL_add1_host()
396e720965 Fix certificate validation for IPv6 literals in sconnect demo
c832840e89 Make SSL_set1_host() and SSL_add1_host() take IP addresses
a677190779 81-test_cmp_cli.t: Skip tests with mock server if server cannot be started

Build log ended with (last 100 lines):

    #   Failed test 'p10cr csr empty file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -csr wrong.csr.pem => 139
    not ok 78 - p10cr wrong csr
# ------------------------------------------------------------------------------
    #   Failed test 'p10cr wrong csr'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -revreason 5 => 139
    not ok 79 - ir + ignored revocation
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 139
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 139
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 139
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' => 139
    not ok 86 - kur newkey is directory
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139
    not ok 89 - kur oldcert is directory
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert is directory'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139
    not ok 90 - kur oldcert not existing
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert not existing'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139
    not ok 91 - kur empty oldcert file
# ------------------------------------------------------------------------------
    #   Failed test 'kur empty oldcert file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139
    not ok 92 - kur command without cert and oldcert
# ------------------------------------------------------------------------------
    #   Failed test 'kur command without cert and oldcert'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 65 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-ui/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=207, Tests=3250, 886 wallclock secs (12.44 usr  1.16 sys + 787.57 cusr 59.99 csys = 861.16 CPU)
Result: FAIL
Makefile:3163: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-ui'
Makefile:3161: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Fri Aug  7 17:06:45 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 07 Aug 2020 17:06:45 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls
Message-ID: <1596820005.172661.19354.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls

Commit log since last time:

914f97eecc Fix provider cipher reinit after init/update with a partial update block.
c5b356d5d6 Mark an argument of an inline function as unused
ebc1e8fc4e openssl-cmp.pod.in: Update and extend example using Insta Demo CA
4c525cb5b6 DESERIALIZER: Fix EVP_PKEY construction by export
aff8c0a411 Fix error message on setting cert validity period in apps/cmp.c
57c05c57c3 apps: Correct and extend diagnostics of parse_name()
02ae130e3d Add 'section=...' info in error output of X509V3_EXT_nconf() as far as appropriate
1ac658ac9d Rename misleading X509V3_R_INVALID_NULL_NAME to X509V3_R_INVALID_EMPTY_NAME
c90c469376 Correct confusing X509V3 conf error output by removing needless 'section:<NULL>' etc.
b516a4b139 Correct misleading diagnostics of OBJ_txt2obj on unknown object name
8f7e897995 apps/cmp.c: Defer diagnostic output on server+proxy to be contacted
b5b6669fb6 PROV: Make the DER to KEY deserializer decode parameters too
19b4e6f8fe Coverity Fixes for issue #12531
e5b2cd5899 Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo
37d898df34 Add CHANGES.md entry for SSL_set1_host()/SSL_add1_host() taking IP literals
892a9e4c99 Disallow setting more than one IP address with SSL_add1_host()
396e720965 Fix certificate validation for IPv6 literals in sconnect demo
c832840e89 Make SSL_set1_host() and SSL_add1_host() take IP addresses
a677190779 81-test_cmp_cli.t: Skip tests with mock server if server cannot be started

Build log ended with (last 100 lines):


# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build
80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok

            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 7 - iteration 7
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 8 - iteration 8
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 10 - iteration 10
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 11 - iteration 11
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 12 - iteration 12
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips.cnf => 1
    not ok 9 - running ssl_test 04-client_auth.cnf
# ------------------------------------------------------------------------------
    #   Failed test 'running ssl_test 04-client_auth.cnf'
    #   at ../openssl/test/recipes/80-test_ssl_new.t line 173.
    # Looks like you failed 1 test of 9.
not ok 5 - Test configuration 04-client_auth.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  5
  Non-zero exit status: 1
Files=207, Tests=3247, 871 wallclock secs (12.29 usr  1.40 sys + 811.17 cusr 60.23 csys = 885.09 CPU)
Result: FAIL
Makefile:3171: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls'
Makefile:3169: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Fri Aug  7 17:06:46 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 07 Aug 2020 17:06:46 +0000
Subject: Build failed: openssl master.36033
Message-ID: <20200807170646.1.947CCDAFA309B108@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200807/3fc37f91/attachment.html>

From no-reply at appveyor.com  Fri Aug  7 17:38:12 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 07 Aug 2020 17:38:12 +0000
Subject: Build completed: openssl master.36034
Message-ID: <20200807173812.1.44BF9482477AB90F@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200807/704a7321/attachment.html>

From builds at travis-ci.com  Fri Aug  7 17:40:47 2020
From: builds at travis-ci.com (Travis CI)
Date: Fri, 07 Aug 2020 17:40:47 +0000
Subject: Errored: openssl/openssl#36559 (master - 64827f4)
In-Reply-To: <openssl/openssl+178842107+errored@travis-ci.com>
Message-ID: <5f2d921da2fe9_13fcce6b2e9fc1891d1@travis-pro-tasks-77d5d5b48-wftrx.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36559
Status: Errored

Duration: 7 hrs, 11 mins, and 10 secs
Commit: 64827f4 (master)
Author: Pauli
Message: drbgtest: avoid a memory leak

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12509)

View the changeset: https://github.com/openssl/openssl/compare/4df0d37ff6cc...64827f407b0b

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178842107?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200807/cb20ffab/attachment.html>

From no-reply at appveyor.com  Fri Aug  7 18:04:05 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 07 Aug 2020 18:04:05 +0000
Subject: Build failed: openssl master.36035
Message-ID: <20200807180405.1.DAFB21279F6F9516@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200807/30d10e87/attachment-0001.html>

From no-reply at appveyor.com  Fri Aug  7 18:36:22 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 07 Aug 2020 18:36:22 +0000
Subject: Build completed: openssl master.36036
Message-ID: <20200807183622.1.B57CAFF66B64A8F4@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200807/e41639ef/attachment.html>

From no-reply at appveyor.com  Fri Aug  7 18:59:12 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 07 Aug 2020 18:59:12 +0000
Subject: Build failed: openssl master.36037
Message-ID: <20200807185912.1.86FD032E84D8FFE3@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200807/c5825663/attachment.html>

From builds at travis-ci.com  Fri Aug  7 19:40:40 2020
From: builds at travis-ci.com (Travis CI)
Date: Fri, 07 Aug 2020 19:40:40 +0000
Subject: Errored: openssl/openssl#36561 (master - 5ccada0)
In-Reply-To: <openssl/openssl+178843533+errored@travis-ci.com>
Message-ID: <5f2dae37bbb44_13fcce52aa7643781ef@travis-pro-tasks-77d5d5b48-wftrx.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36561
Status: Errored

Duration: 7 hrs, 17 mins, and 20 secs
Commit: 5ccada0 (master)
Author: Shane Lontis
Message: Add evp_test fixes.

Changed many tests so they also test fips (and removed 'availablein = default' from some tests).
Seperated the monolithic evppkey.txt file into smaller maintainable groups.
Changed the availablein option so it must be first - this then skips the entire test before any fetching happens.
Changed the code so that all the OPENSSL_NO_XXXX tests are done in code via methods such as is_cipher_disabled(alg),
before the fetch happens.
Added missing libctx's found by adding a libctx to test_evp.
Broke up large data files for cipher, kdf's and mac's into smaller pieces so they no longer need 'AvailableIn = default'
Added missing algorithm aliases for cipher/digests to the providers.

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12236)

View the changeset: https://github.com/openssl/openssl/compare/64827f407b0b...5ccada09aae0

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178843533?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200807/4fbca5e7/attachment.html>

From openssl at openssl.org  Fri Aug  7 19:49:59 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 07 Aug 2020 19:49:59 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls1_2
Message-ID: <1596829799.368150.4844.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2

Commit log since last time:

914f97eecc Fix provider cipher reinit after init/update with a partial update block.
c5b356d5d6 Mark an argument of an inline function as unused
ebc1e8fc4e openssl-cmp.pod.in: Update and extend example using Insta Demo CA
4c525cb5b6 DESERIALIZER: Fix EVP_PKEY construction by export
aff8c0a411 Fix error message on setting cert validity period in apps/cmp.c
57c05c57c3 apps: Correct and extend diagnostics of parse_name()
02ae130e3d Add 'section=...' info in error output of X509V3_EXT_nconf() as far as appropriate
1ac658ac9d Rename misleading X509V3_R_INVALID_NULL_NAME to X509V3_R_INVALID_EMPTY_NAME
c90c469376 Correct confusing X509V3 conf error output by removing needless 'section:<NULL>' etc.
b516a4b139 Correct misleading diagnostics of OBJ_txt2obj on unknown object name
8f7e897995 apps/cmp.c: Defer diagnostic output on server+proxy to be contacted
b5b6669fb6 PROV: Make the DER to KEY deserializer decode parameters too
19b4e6f8fe Coverity Fixes for issue #12531
e5b2cd5899 Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo
37d898df34 Add CHANGES.md entry for SSL_set1_host()/SSL_add1_host() taking IP literals
892a9e4c99 Disallow setting more than one IP address with SSL_add1_host()
396e720965 Fix certificate validation for IPv6 literals in sconnect demo
c832840e89 Make SSL_set1_host() and SSL_add1_host() take IP addresses
a677190779 81-test_cmp_cli.t: Skip tests with mock server if server cannot be started

Build log ended with (last 100 lines):

    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0C0BA709E7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0C0BA709E7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0C0BA709E7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6749
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/B0N54Jnyjr default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C0B046A9EF7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0B046A9EF7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:846
    # false
    not ok 3 - test_large_message_dtls
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C0B046A9EF7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0B046A9EF7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0B046A9EF7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0B046A9EF7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6749
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/B0N54Jnyjr fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls.t                   (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 1024 Tests: 31 Failed: 4)
  Failed tests:  5, 8, 17, 19
  Non-zero exit status: 4
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=207, Tests=3249, 878 wallclock secs (13.49 usr  1.37 sys + 810.57 cusr 61.98 csys = 887.41 CPU)
Result: FAIL
Makefile:3164: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2'
Makefile:3162: recipe for target 'tests' failed
make: *** [tests] Error 2

From beldmit at gmail.com  Fri Aug  7 20:13:57 2020
From: beldmit at gmail.com (beldmit at gmail.com)
Date: Fri, 07 Aug 2020 20:13:57 +0000
Subject: [openssl]  master update
Message-ID: <1596831237.479277.23053.nullmailer@dev.openssl.org>

The branch master has been updated
       via  378b163e4954d0f94106bd23f1fb6062ee1c326b (commit)
      from  97a8878c5d7ff59a315b975252fef97d3ab6ac41 (commit)


- Log -----------------------------------------------------------------
commit 378b163e4954d0f94106bd23f1fb6062ee1c326b
Author: Dmitry Belyavskiy <beldmit at gmail.com>
Date:   Thu Aug 6 18:24:48 2020 +0300

    Update gost-engine to fix API rename
    
    [extended tests]
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12599)

-----------------------------------------------------------------------

Summary of changes:
 gost-engine | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gost-engine b/gost-engine
index 30860f9403..b008f2a0ff 160000
--- a/gost-engine
+++ b/gost-engine
@@ -1 +1 @@
-Subproject commit 30860f940321eb4762d6449ffef48fc93ad2d2e8
+Subproject commit b008f2a0ffa1797943c3d08c3b3eee31229a56d3

From no-reply at appveyor.com  Fri Aug  7 21:31:38 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 07 Aug 2020 21:31:38 +0000
Subject: Build completed: openssl master.36038
Message-ID: <20200807213138.1.622D86CC02DBE3B9@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200807/f6182235/attachment.html>

From openssl at openssl.org  Fri Aug  7 22:10:43 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 07 Aug 2020 22:10:43 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls1_2-method
Message-ID: <1596838243.729399.10568.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method

Commit log since last time:

914f97eecc Fix provider cipher reinit after init/update with a partial update block.
c5b356d5d6 Mark an argument of an inline function as unused
ebc1e8fc4e openssl-cmp.pod.in: Update and extend example using Insta Demo CA
4c525cb5b6 DESERIALIZER: Fix EVP_PKEY construction by export
aff8c0a411 Fix error message on setting cert validity period in apps/cmp.c
57c05c57c3 apps: Correct and extend diagnostics of parse_name()
02ae130e3d Add 'section=...' info in error output of X509V3_EXT_nconf() as far as appropriate
1ac658ac9d Rename misleading X509V3_R_INVALID_NULL_NAME to X509V3_R_INVALID_EMPTY_NAME
c90c469376 Correct confusing X509V3 conf error output by removing needless 'section:<NULL>' etc.
b516a4b139 Correct misleading diagnostics of OBJ_txt2obj on unknown object name
8f7e897995 apps/cmp.c: Defer diagnostic output on server+proxy to be contacted
b5b6669fb6 PROV: Make the DER to KEY deserializer decode parameters too
19b4e6f8fe Coverity Fixes for issue #12531
e5b2cd5899 Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo
37d898df34 Add CHANGES.md entry for SSL_set1_host()/SSL_add1_host() taking IP literals
892a9e4c99 Disallow setting more than one IP address with SSL_add1_host()
396e720965 Fix certificate validation for IPv6 literals in sconnect demo
c832840e89 Make SSL_set1_host() and SSL_add1_host() take IP addresses
a677190779 81-test_cmp_cli.t: Skip tests with mock server if server cannot be started

Build log ended with (last 100 lines):

    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C04063BA677F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C04063BA677F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C04063BA677F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6749
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/T74yj2uLO4 default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C00069390D7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C00069390D7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:846
    # false
    not ok 3 - test_large_message_dtls
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C00069390D7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C00069390D7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C00069390D7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C00069390D7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6749
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/T74yj2uLO4 fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls.t                   (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 1024 Tests: 31 Failed: 4)
  Failed tests:  5, 8, 17, 19
  Non-zero exit status: 4
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=207, Tests=3249, 875 wallclock secs (12.83 usr  1.42 sys + 806.10 cusr 61.89 csys = 882.24 CPU)
Result: FAIL
Makefile:3148: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method'
Makefile:3146: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Fri Aug  7 22:58:28 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 07 Aug 2020 22:58:28 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-tls1_3
Message-ID: <1596841108.832974.10405.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_3

Commit log since last time:

914f97eecc Fix provider cipher reinit after init/update with a partial update block.
c5b356d5d6 Mark an argument of an inline function as unused
ebc1e8fc4e openssl-cmp.pod.in: Update and extend example using Insta Demo CA
4c525cb5b6 DESERIALIZER: Fix EVP_PKEY construction by export
aff8c0a411 Fix error message on setting cert validity period in apps/cmp.c
57c05c57c3 apps: Correct and extend diagnostics of parse_name()
02ae130e3d Add 'section=...' info in error output of X509V3_EXT_nconf() as far as appropriate
1ac658ac9d Rename misleading X509V3_R_INVALID_NULL_NAME to X509V3_R_INVALID_EMPTY_NAME
c90c469376 Correct confusing X509V3 conf error output by removing needless 'section:<NULL>' etc.
b516a4b139 Correct misleading diagnostics of OBJ_txt2obj on unknown object name
8f7e897995 apps/cmp.c: Defer diagnostic output on server+proxy to be contacted
b5b6669fb6 PROV: Make the DER to KEY deserializer decode parameters too
19b4e6f8fe Coverity Fixes for issue #12531
e5b2cd5899 Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo
37d898df34 Add CHANGES.md entry for SSL_set1_host()/SSL_add1_host() taking IP literals
892a9e4c99 Disallow setting more than one IP address with SSL_add1_host()
396e720965 Fix certificate validation for IPv6 literals in sconnect demo
c832840e89 Make SSL_set1_host() and SSL_add1_host() take IP addresses
a677190779 81-test_cmp_cli.t: Skip tests with mock server if server cannot be started

Build log ended with (last 100 lines):

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok

        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0C0BA61B17F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:415:
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0C0BA61B17F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8202
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0C0BA61B17F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:415:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0C0BA61B17F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8202
        # false
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
    not ok 37 - test_sigalgs_available
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/iVWasPMp51 default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C090A438177F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:415:
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C090A438177F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8202
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C090A438177F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:415:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C090A438177F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8202
        # false
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
    not ok 37 - test_sigalgs_available
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/iVWasPMp51 fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build
90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=207, Tests=3171, 825 wallclock secs (11.74 usr  1.31 sys + 759.96 cusr 58.31 csys = 831.32 CPU)
Result: FAIL
Makefile:3152: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-tls1_3'
Makefile:3150: recipe for target 'tests' failed
make: *** [tests] Error 2

From builds at travis-ci.com  Sat Aug  8 03:40:37 2020
From: builds at travis-ci.com (Travis CI)
Date: Sat, 08 Aug 2020 03:40:37 +0000
Subject: Errored: openssl/openssl#36565 (openssl-3.0.0-alpha6 - e3ec802)
In-Reply-To: <openssl/openssl+178866547+errored@travis-ci.com>
Message-ID: <5f2e1eb53f4f_13fd8525b821c2230a2@travis-pro-tasks-74c47bc76-57kxr.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36565
Status: Errored

Duration: 7 hrs, 22 mins, and 5 secs
Commit: e3ec802 (openssl-3.0.0-alpha6)
Author: Matt Caswell
Message: Prepare for release of 3.0 alpha 6

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>

View the changeset: https://github.com/openssl/openssl/compare/openssl-3.0.0-alpha6

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178866547?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200808/02669196/attachment-0001.html>

From builds at travis-ci.com  Sat Aug  8 12:40:58 2020
From: builds at travis-ci.com (Travis CI)
Date: Sat, 08 Aug 2020 12:40:58 +0000
Subject: Errored: openssl/openssl#36571 (master - 97a8878)
In-Reply-To: <openssl/openssl+178897138+errored@travis-ci.com>
Message-ID: <5f2e9d5a1c19b_13f85d04b8328276db@travis-pro-tasks-7546554bbd-28vfm.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36571
Status: Errored

Duration: 8 hrs, 0 mins, and 23 secs
Commit: 97a8878 (master)
Author: Kelvin Lee
Message: Use .cnf for config files, not .conf

CLA: trivial

Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12592)

View the changeset: https://github.com/openssl/openssl/compare/5ccada09aae0...97a8878c5d7f

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178897138?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200808/a5a8cb78/attachment.html>

From no-reply at appveyor.com  Sat Aug  8 14:31:19 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sat, 08 Aug 2020 14:31:19 +0000
Subject: Build failed: openssl master.36041
Message-ID: <20200808143119.1.CFAA01F85D99E0E2@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200808/289f4800/attachment.html>

From matthias.st.pierre at ncp-e.com  Sat Aug  8 21:52:37 2020
From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com)
Date: Sat, 08 Aug 2020 21:52:37 +0000
Subject: [openssl]  master update
Message-ID: <1596923557.456741.24884.nullmailer@dev.openssl.org>

The branch master has been updated
       via  82a7b2fb001e2ff50389d0894c276880b3bad336 (commit)
      from  378b163e4954d0f94106bd23f1fb6062ee1c326b (commit)


- Log -----------------------------------------------------------------
commit 82a7b2fb001e2ff50389d0894c276880b3bad336
Author: Dr. Matthias St. Pierre <matthias.st.pierre at ncp-e.com>
Date:   Fri Aug 7 17:48:29 2020 +0200

    rand: fix typo in parameter name
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    Reviewed-by: Ben Kaduk <kaduk at mit.edu>
    (Merged from https://github.com/openssl/openssl/pull/12608)

-----------------------------------------------------------------------

Summary of changes:
 providers/implementations/rands/drbg_ctr.c   | 4 ++--
 providers/implementations/rands/drbg_hash.c  | 4 ++--
 providers/implementations/rands/drbg_hmac.c  | 4 ++--
 providers/implementations/rands/drbg_local.h | 4 ++--
 providers/implementations/rands/test_rng.c   | 4 ++--
 5 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/providers/implementations/rands/drbg_ctr.c b/providers/implementations/rands/drbg_ctr.c
index 42362f988f..18737a07f1 100644
--- a/providers/implementations/rands/drbg_ctr.c
+++ b/providers/implementations/rands/drbg_ctr.c
@@ -638,7 +638,7 @@ static int drbg_ctr_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
 static const OSSL_PARAM *drbg_ctr_gettable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
-        OSSL_PARAM_DRBG_GETABLE_CTX_COMMON,
+        OSSL_PARAM_DRBG_GETTABLE_CTX_COMMON,
         OSSL_PARAM_END
     };
     return known_gettable_ctx_params;
@@ -714,7 +714,7 @@ static const OSSL_PARAM *drbg_ctr_settable_ctx_params(void *provctx)
          */
         OSSL_PARAM_int(OSSL_DRBG_PARAM_USE_DF, NULL),
 #endif
-        OSSL_PARAM_DRBG_SETABLE_CTX_COMMON,
+        OSSL_PARAM_DRBG_SETTABLE_CTX_COMMON,
         OSSL_PARAM_END
     };
     return known_settable_ctx_params;
diff --git a/providers/implementations/rands/drbg_hash.c b/providers/implementations/rands/drbg_hash.c
index bec996f084..b4e1e8036e 100644
--- a/providers/implementations/rands/drbg_hash.c
+++ b/providers/implementations/rands/drbg_hash.c
@@ -435,7 +435,7 @@ static int drbg_hash_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
 static const OSSL_PARAM *drbg_hash_gettable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
-        OSSL_PARAM_DRBG_GETABLE_CTX_COMMON,
+        OSSL_PARAM_DRBG_GETTABLE_CTX_COMMON,
         OSSL_PARAM_END
     };
     return known_gettable_ctx_params;
@@ -481,7 +481,7 @@ static const OSSL_PARAM *drbg_hash_settable_ctx_params(void *provctx)
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_PROPERTIES, NULL, 0),
         OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_DIGEST, NULL, 0),
-        OSSL_PARAM_DRBG_SETABLE_CTX_COMMON,
+        OSSL_PARAM_DRBG_SETTABLE_CTX_COMMON,
         OSSL_PARAM_END
     };
     return known_settable_ctx_params;
diff --git a/providers/implementations/rands/drbg_hmac.c b/providers/implementations/rands/drbg_hmac.c
index 041b6cbb07..def38dd27f 100644
--- a/providers/implementations/rands/drbg_hmac.c
+++ b/providers/implementations/rands/drbg_hmac.c
@@ -332,7 +332,7 @@ static int drbg_hmac_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
 static const OSSL_PARAM *drbg_hmac_gettable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
-        OSSL_PARAM_DRBG_GETABLE_CTX_COMMON,
+        OSSL_PARAM_DRBG_GETTABLE_CTX_COMMON,
         OSSL_PARAM_END
     };
     return known_gettable_ctx_params;
@@ -384,7 +384,7 @@ static const OSSL_PARAM *drbg_hmac_settable_ctx_params(void *provctx)
         OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_PROPERTIES, NULL, 0),
         OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_DIGEST, NULL, 0),
         OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_MAC, NULL, 0),
-        OSSL_PARAM_DRBG_SETABLE_CTX_COMMON,
+        OSSL_PARAM_DRBG_SETTABLE_CTX_COMMON,
         OSSL_PARAM_END
     };
     return known_settable_ctx_params;
diff --git a/providers/implementations/rands/drbg_local.h b/providers/implementations/rands/drbg_local.h
index f5950967c5..3129bba11d 100644
--- a/providers/implementations/rands/drbg_local.h
+++ b/providers/implementations/rands/drbg_local.h
@@ -238,11 +238,11 @@ OSSL_FUNC_rand_unlock_fn drbg_unlock;
 int drbg_get_ctx_params(PROV_DRBG *drbg, OSSL_PARAM params[]);
 int drbg_set_ctx_params(PROV_DRBG *drbg, const OSSL_PARAM params[]);
 
-#define OSSL_PARAM_DRBG_SETABLE_CTX_COMMON                                      \
+#define OSSL_PARAM_DRBG_SETTABLE_CTX_COMMON                                      \
     OSSL_PARAM_uint(OSSL_DRBG_PARAM_RESEED_REQUESTS, NULL),             \
     OSSL_PARAM_uint64(OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL, NULL)
 
-#define OSSL_PARAM_DRBG_GETABLE_CTX_COMMON                              \
+#define OSSL_PARAM_DRBG_GETTABLE_CTX_COMMON                              \
     OSSL_PARAM_int(OSSL_RAND_PARAM_STATE, NULL),                        \
     OSSL_PARAM_uint(OSSL_RAND_PARAM_STRENGTH, NULL),                    \
     OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MAX_REQUEST, NULL),               \
diff --git a/providers/implementations/rands/test_rng.c b/providers/implementations/rands/test_rng.c
index ec3e9368c5..3b9d9ca81c 100644
--- a/providers/implementations/rands/test_rng.c
+++ b/providers/implementations/rands/test_rng.c
@@ -189,7 +189,7 @@ static int test_rng_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
 static const OSSL_PARAM *test_rng_gettable_ctx_params(void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
-        OSSL_PARAM_DRBG_GETABLE_CTX_COMMON,
+        OSSL_PARAM_DRBG_GETTABLE_CTX_COMMON,
         OSSL_PARAM_END
     };
     return known_gettable_ctx_params;
@@ -279,7 +279,7 @@ static const OSSL_PARAM *test_rng_settable_ctx_params(void *provctx)
         OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MAX_ADINLEN, NULL),
         OSSL_PARAM_uint(OSSL_DRBG_PARAM_RESEED_CTR, NULL),
         OSSL_PARAM_time_t(OSSL_DRBG_PARAM_RESEED_TIME, NULL),
-        OSSL_PARAM_DRBG_SETABLE_CTX_COMMON,
+        OSSL_PARAM_DRBG_SETTABLE_CTX_COMMON,
         OSSL_PARAM_END
     };
     return known_settable_ctx_params;

From no-reply at appveyor.com  Sat Aug  8 22:59:43 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sat, 08 Aug 2020 22:59:43 +0000
Subject: Build completed: openssl master.36042
Message-ID: <20200808225943.1.1421377F56E27BBE@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200808/bb6120ce/attachment.html>

From builds at travis-ci.com  Sun Aug  9 01:40:35 2020
From: builds at travis-ci.com (Travis CI)
Date: Sun, 09 Aug 2020 01:40:35 +0000
Subject: Errored: openssl/openssl#36579 (master - 378b163)
In-Reply-To: <openssl/openssl+178944975+errored@travis-ci.com>
Message-ID: <5f2f54135a188_13fdbae9aa6a4515a4@travis-pro-tasks-c9fd5bd8f-krmnw.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36579
Status: Errored

Duration: 7 hrs, 32 mins, and 48 secs
Commit: 378b163 (master)
Author: Dmitry Belyavskiy
Message: Update gost-engine to fix API rename

[extended tests]

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12599)

View the changeset: https://github.com/openssl/openssl/compare/97a8878c5d7f...378b163e4954

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178944975?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200809/cecd6fa5/attachment.html>

From shane.lontis at oracle.com  Sun Aug  9 07:42:40 2020
From: shane.lontis at oracle.com (shane.lontis at oracle.com)
Date: Sun, 09 Aug 2020 07:42:40 +0000
Subject: [openssl]  master update
Message-ID: <1596958960.840323.21115.nullmailer@dev.openssl.org>

The branch master has been updated
       via  dda4e259e51aeaf05a2417ef577accf778c9f6f6 (commit)
       via  28ba642779ec5c320fc95515bce17bda5e531105 (commit)
       via  0ab18e7924727f7b613edc187f3a5074d0ce9bc6 (commit)
       via  11eef7e766ad76158be8da497fba2bc048b02ca1 (commit)
       via  831564543a706fbeff580789d02a3e2e85ae7f2a (commit)
       via  57e8420609b54cc9723dec2c8e770feb157ebbdc (commit)
       via  90a1f2d76f53effefafbae31e2f425a3508bda45 (commit)
       via  45b22d6a35678ac3f22a18302a2647bfd9cb244c (commit)
       via  dcc679cd99835560d75a84719ab73a70a952f035 (commit)
       via  c1669f41eab0e2d9a8c2498718d06b4cd48a9890 (commit)
      from  82a7b2fb001e2ff50389d0894c276880b3bad336 (commit)


- Log -----------------------------------------------------------------
commit dda4e259e51aeaf05a2417ef577accf778c9f6f6
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Thu Aug 6 13:56:57 2020 +1000

    Add some of the missing CMS API documentation
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/11884)

commit 28ba642779ec5c320fc95515bce17bda5e531105
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Sun Jul 26 17:36:33 2020 +1000

    Change CMS tests to use a library context.
    
    A DHX related test has been commented out and TODO(3) added, until DHX is added correctly to a provider.
    Added generated files.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/11884)

commit 0ab18e7924727f7b613edc187f3a5074d0ce9bc6
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Sun Jul 26 17:32:05 2020 +1000

    Add EVP signature with libctx methods.
    
    -Added EVP_SignFinal_with_libctx() and EVP_VerifyFinal_with_libctx()
    -Renamed EVP_DigestSignInit_ex() and EVP_DigestVerifyInit_with_libctx() to
      EVP_DigestSignInit_with_libctx() and EVP_DigestVerifyInit_with_libctx()
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/11884)

commit 11eef7e766ad76158be8da497fba2bc048b02ca1
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Sun Jul 26 17:26:43 2020 +1000

    Use libctx for EVP_CIPHER_CTX_rand_key() method.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/11884)

commit 831564543a706fbeff580789d02a3e2e85ae7f2a
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Sun Jul 26 17:23:41 2020 +1000

    Add libctx to ecdh_KDF_X9_63.
    
    Code is now correctly included in the fips provider.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/11884)

commit 57e8420609b54cc9723dec2c8e770feb157ebbdc
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Sat Jul 25 19:28:14 2020 +1000

    Fix EVP_PKEY_CTX_get_rsa_oaep_md() & EVP_PKEY_CTX_get_rsa_mgf1_md() so they use a libctx to retrieve the digest
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/11884)

commit 90a1f2d76f53effefafbae31e2f425a3508bda45
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Sat Jul 25 19:11:03 2020 +1000

    Add libctx support to PKCS7.
    
    -Public PKCS7 methods that create a PKCS7 object now have variants that also add a libctx and propq.
     This includes PKCS7_new_with_libctx(), PKCS7_sign_with_libctx() and PKCS7_encrypt_with_libctx()
    -Added SMIME_read_PKCS7_ex() so that a created PKCS7 object can be passed to the read.
    -d2i_PKCS7_bio() has been modified so that after it loads the PKCS7 object it then resolves any subobjects that require
     the libctx/propq (such as objects containing X509 certificates).
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/11884)

commit 45b22d6a35678ac3f22a18302a2647bfd9cb244c
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Sat Jul 25 18:59:28 2020 +1000

    Add libctx to SMIME ASN1
    
    Added SMIME_write_ASN1_with_libctx() since it fetches rand internally.
    Added SMIME_read_CMS_ex() so that a created object (CMS_ContentInfo) can be passed to the read.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/11884)

commit dcc679cd99835560d75a84719ab73a70a952f035
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Sat Jul 25 18:44:25 2020 +1000

    Add internal method x509_set0_libctx().
    
    This should only be called during (or right after) using d2iXXX on a object that contains embedded certificate(s)
    that require a non default library context. X509_new_with_libctx() should be used if possible.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/11884)

commit c1669f41eab0e2d9a8c2498718d06b4cd48a9890
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Sat Jul 25 18:04:55 2020 +1000

    Add libctx support to CMS.
    
    -Public CMS methods that create a CMS_ContentInfo object now have variants that also add a libctx and propq.
     This includes CMS_ContentInfo_new_with_libctx(), CMS_sign_with_libctx(), CMS_data_create_with_libctx(),
     CMS_digest_create_with_libctx(), CMS_EncryptedData_encrypt_with_libctx(), CMS_EnvelopedData_create_with_libctx().
    -Added CMS_ReceiptRequest_create0_with_libctx().
    -Added SMIME_read_CMS_ex() so that a new CMS_ContentInfo object (created using CMS_ContentInfo_new_with_libctx()) can
    be passed to the read.
    -d2i_CMS_bio() has been modified so that after it loads the CMS_ContentInfo() it then resolves any subobjects that require
     the libctx/propq (such as objects containing X509 certificates).
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/11884)

-----------------------------------------------------------------------

Summary of changes:
 apps/cms.c                                     | 123 +++++++-----
 apps/pkcs7.c                                   |  17 +-
 apps/smime.c                                   |  32 ++-
 crypto/asn1/asn_mime.c                         |  55 ++++--
 crypto/cms/cms_cd.c                            |   7 +-
 crypto/cms/cms_dd.c                            |  12 +-
 crypto/cms/cms_enc.c                           |  38 ++--
 crypto/cms/cms_env.c                           | 126 ++++++++----
 crypto/cms/cms_ess.c                           |  47 +++--
 crypto/cms/cms_io.c                            |  33 +++-
 crypto/cms/cms_kari.c                          |  52 +++--
 crypto/cms/cms_lib.c                           | 116 ++++++++++-
 crypto/cms/cms_local.h                         |  49 ++++-
 crypto/cms/cms_pwri.c                          |  32 +--
 crypto/cms/cms_sd.c                            | 137 +++++++++----
 crypto/cms/cms_smime.c                         | 214 +++++++++++++-------
 crypto/ct/ct_vfy.c                             |   5 +-
 crypto/ec/build.info                           |   4 +-
 crypto/ec/ec_ameth.c                           |  29 ++-
 crypto/evp/digest.c                            |   5 +-
 crypto/evp/evp_enc.c                           |  17 +-
 crypto/evp/m_sigver.c                          |  27 +--
 crypto/evp/p_sign.c                            |  16 +-
 crypto/evp/p_verify.c                          |  16 +-
 crypto/pkcs7/pk7_asn1.c                        |  48 ++++-
 crypto/pkcs7/pk7_doit.c                        | 101 +++++++---
 crypto/pkcs7/pk7_lib.c                         |  69 +++++++
 crypto/pkcs7/pk7_local.h                       |  14 ++
 crypto/pkcs7/pk7_mime.c                        |  24 ++-
 crypto/pkcs7/pk7_smime.c                       |  85 ++++----
 crypto/rsa/rsa_lib.c                           |   4 +-
 crypto/x509/x_all.c                            |  15 +-
 crypto/x509/x_x509.c                           |  14 ++
 doc/man1/openssl-cms.pod.in                    |   3 +
 doc/man1/openssl-smime.pod.in                  |   3 +
 doc/man3/CMS_EncryptedData_decrypt.pod         |  49 +++++
 doc/man3/CMS_EncryptedData_encrypt.pod         |  65 ++++++
 doc/man3/CMS_EnvelopedData_create.pod          |  22 ++-
 doc/man3/CMS_data_create.pod                   |  55 ++++++
 doc/man3/CMS_digest_create.pod                 |  58 ++++++
 doc/man3/CMS_encrypt.pod                       |  26 ++-
 doc/man3/CMS_get1_ReceiptRequest.pod           |  44 +++--
 doc/man3/CMS_sign.pod                          |  31 ++-
 doc/man3/EVP_DigestSignInit.pod                |  48 ++---
 doc/man3/EVP_DigestVerifyInit.pod              |  43 ++--
 doc/man3/EVP_SignInit.pod                      |  28 ++-
 doc/man3/EVP_VerifyInit.pod                    |  36 ++--
 doc/man3/PKCS7_encrypt.pod                     |  25 ++-
 doc/man3/PKCS7_sign.pod                        |  25 ++-
 doc/man3/SMIME_read_ASN1.pod                   |  77 ++++++++
 doc/man3/SMIME_read_CMS.pod                    |  23 ++-
 doc/man3/SMIME_read_PKCS7.pod                  |  18 +-
 doc/man3/SMIME_write_ASN1.pod                  |  82 ++++++++
 doc/man3/X509_dup.pod                          |  15 +-
 include/crypto/pkcs7.h                         |  10 +
 include/crypto/x509.h                          |   1 +
 include/openssl/asn1.h                         |   7 +
 include/openssl/cms.h                          |  48 ++++-
 include/openssl/evp.h                          |  22 ++-
 include/openssl/pkcs7.h                        |  17 ++
 providers/implementations/exchange/ecdh_exch.c |   6 -
 ssl/statem/extensions.c                        |   5 +-
 ssl/statem/extensions_srvr.c                   |   9 +-
 ssl/statem/statem_clnt.c                       |   7 +-
 ssl/statem/statem_lib.c                        |  14 +-
 ssl/statem/statem_srvr.c                       |   7 +-
 ssl/t1_enc.c                                   |   6 +-
 test/acvp_test.c                               |  15 +-
 test/evp_extra_test.c                          |   5 +-
 test/evp_test.c                                |  10 +-
 test/recipes/80-test_cms.t                     | 264 ++++++++++++++-----------
 util/libcrypto.num                             |  23 ++-
 util/missingcrypto.txt                         |   6 -
 73 files changed, 2116 insertions(+), 725 deletions(-)
 create mode 100644 crypto/pkcs7/pk7_local.h
 create mode 100644 doc/man3/CMS_EncryptedData_decrypt.pod
 create mode 100644 doc/man3/CMS_EncryptedData_encrypt.pod
 create mode 100644 doc/man3/CMS_data_create.pod
 create mode 100644 doc/man3/CMS_digest_create.pod
 create mode 100644 doc/man3/SMIME_read_ASN1.pod
 create mode 100644 doc/man3/SMIME_write_ASN1.pod
 create mode 100644 include/crypto/pkcs7.h

diff --git a/apps/cms.c b/apps/cms.c
index 2cb92ab85f..7e48cc1c82 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -32,9 +32,9 @@ DEFINE_STACK_OF_STRING()
 static int save_certs(char *signerfile, STACK_OF(X509) *signers);
 static int cms_cb(int ok, X509_STORE_CTX *ctx);
 static void receipt_request_print(CMS_ContentInfo *cms);
-static CMS_ReceiptRequest *make_receipt_request(STACK_OF(OPENSSL_STRING)
-                                                *rr_to, int rr_allorfirst, STACK_OF(OPENSSL_STRING)
-                                                *rr_from);
+static CMS_ReceiptRequest *make_receipt_request(
+    STACK_OF(OPENSSL_STRING) *rr_to, int rr_allorfirst,
+    STACK_OF(OPENSSL_STRING) *rr_from, OPENSSL_CTX *libctx, const char *propq);
 static int cms_set_pkey_param(EVP_PKEY_CTX *pctx,
                               STACK_OF(OPENSSL_STRING) *param);
 
@@ -89,7 +89,7 @@ typedef enum OPTION_choice {
     OPT_RR_TO, OPT_AES128_WRAP, OPT_AES192_WRAP, OPT_AES256_WRAP,
     OPT_3DES_WRAP, OPT_WRAP, OPT_ENGINE,
     OPT_R_ENUM,
-    OPT_PROV_ENUM,
+    OPT_PROV_ENUM, OPT_CONFIG,
     OPT_V_ENUM,
     OPT_CIPHER,
     OPT_ORIGINATOR
@@ -124,6 +124,7 @@ const OPTIONS cms_options[] = {
 # ifndef OPENSSL_NO_ENGINE
     {"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"},
 # endif
+    OPT_CONFIG_OPTION,
 
     OPT_SECTION("Action"),
     {"encrypt", OPT_ENCRYPT, '-', "Encrypt message"},
@@ -236,8 +237,44 @@ const OPTIONS cms_options[] = {
     {NULL}
 };
 
+static CMS_ContentInfo *load_content_info(int informat, BIO *in, BIO **indata,
+                                          const char *name,
+                                          OPENSSL_CTX *libctx, const char *propq)
+{
+    CMS_ContentInfo *ret, *ci;
+
+    ret = CMS_ContentInfo_new_with_libctx(libctx, propq);
+    if (ret == NULL) {
+        BIO_printf(bio_err, "Error allocating CMS_contentinfo\n");
+        return NULL;
+    }
+    switch (informat) {
+    case FORMAT_SMIME:
+        ci = SMIME_read_CMS_ex(in, indata, &ret);
+        break;
+    case FORMAT_PEM:
+        ci = PEM_read_bio_CMS(in, &ret, NULL, NULL);
+        break;
+    case FORMAT_ASN1:
+        ci = d2i_CMS_bio(in, &ret);
+        break;
+    default:
+        BIO_printf(bio_err, "Bad input format for %s\n", name);
+        goto err;
+    }
+    if (ci == NULL) {
+        BIO_printf(bio_err, "Error reading %s Content Info\n", name);
+        goto err;
+    }
+    return ret;
+err:
+    CMS_ContentInfo_free(ret);
+    return NULL;
+}
+
 int cms_main(int argc, char **argv)
 {
+    CONF *conf = NULL;
     ASN1_OBJECT *econtent_type = NULL;
     BIO *in = NULL, *out = NULL, *indata = NULL, *rctin = NULL;
     CMS_ContentInfo *cms = NULL, *rcms = NULL;
@@ -270,6 +307,8 @@ int cms_main(int argc, char **argv)
     long ltmp;
     const char *mime_eol = "\n";
     OPTION_CHOICE o;
+    OPENSSL_CTX *libctx = app_get0_libctx();
+    const char *propq = app_get0_propq();
 
     if ((vpm = X509_VERIFY_PARAM_new()) == NULL)
         return 1;
@@ -417,14 +456,14 @@ int cms_main(int argc, char **argv)
             rr_allorfirst = 1;
             break;
         case OPT_RCTFORM:
-            if (rctformat == FORMAT_SMIME)
-                rcms = SMIME_read_CMS(rctin, NULL);
-            else if (rctformat == FORMAT_PEM)
-                rcms = PEM_read_bio_CMS(rctin, NULL, NULL, NULL);
-            else if (rctformat == FORMAT_ASN1)
+            if (rctformat == FORMAT_ASN1) {
                 if (!opt_format(opt_arg(),
                                 OPT_FMT_PEMDER | OPT_FMT_SMIME, &rctformat))
                     goto opthelp;
+            } else {
+                rcms = load_content_info(rctformat, rctin, NULL, "recipient",
+                                         libctx, propq);
+            }
             break;
         case OPT_CERTFILE:
             certfile = opt_arg();
@@ -639,6 +678,11 @@ int cms_main(int argc, char **argv)
             if (!opt_provider(o))
                 goto end;
             break;
+        case OPT_CONFIG:
+            conf = app_load_config_modules(opt_arg());
+            if (conf == NULL)
+                goto end;
+            break;
         case OPT_3DES_WRAP:
 # ifndef OPENSSL_NO_DES
             wrap_cipher = EVP_des_ede3_wrap();
@@ -830,21 +874,9 @@ int cms_main(int argc, char **argv)
         goto end;
 
     if (operation & SMIME_IP) {
-        if (informat == FORMAT_SMIME) {
-            cms = SMIME_read_CMS(in, &indata);
-        } else if (informat == FORMAT_PEM) {
-            cms = PEM_read_bio_CMS(in, NULL, NULL, NULL);
-        } else if (informat == FORMAT_ASN1) {
-            cms = d2i_CMS_bio(in, NULL);
-        } else {
-            BIO_printf(bio_err, "Bad input format for CMS file\n");
-            goto end;
-        }
-
-        if (cms == NULL) {
-            BIO_printf(bio_err, "Error reading S/MIME message\n");
+        cms = load_content_info(informat, in, &indata, "SMIME", libctx, propq);
+        if (cms == NULL)
             goto end;
-        }
         if (contfile != NULL) {
             BIO_free(indata);
             if ((indata = BIO_new_file(contfile, "rb")) == NULL) {
@@ -872,21 +904,10 @@ int cms_main(int argc, char **argv)
             goto end;
         }
 
-        if (rctformat == FORMAT_SMIME) {
-            rcms = SMIME_read_CMS(rctin, NULL);
-        } else if (rctformat == FORMAT_PEM) {
-            rcms = PEM_read_bio_CMS(rctin, NULL, NULL, NULL);
-        } else if (rctformat == FORMAT_ASN1) {
-            rcms = d2i_CMS_bio(rctin, NULL);
-        } else {
-            BIO_printf(bio_err, "Bad input format for receipt\n");
-            goto end;
-        }
-
-        if (rcms == NULL) {
-            BIO_printf(bio_err, "Error reading receipt\n");
+        rcms = load_content_info(rctformat, rctin, NULL, "recipient", libctx,
+                                 propq);
+        if (rcms == NULL)
             goto end;
-        }
     }
 
     out = bio_open_default(outfile, 'w', outformat);
@@ -905,15 +926,15 @@ int cms_main(int argc, char **argv)
     ret = 3;
 
     if (operation == SMIME_DATA_CREATE) {
-        cms = CMS_data_create(in, flags);
+        cms = CMS_data_create_with_libctx(in, flags, libctx, propq);
     } else if (operation == SMIME_DIGEST_CREATE) {
-        cms = CMS_digest_create(in, sign_md, flags);
+        cms = CMS_digest_create_with_libctx(in, sign_md, flags, libctx, propq);
     } else if (operation == SMIME_COMPRESS) {
         cms = CMS_compress(in, -1, flags);
     } else if (operation == SMIME_ENCRYPT) {
         int i;
         flags |= CMS_PARTIAL;
-        cms = CMS_encrypt(NULL, in, cipher, flags);
+        cms = CMS_encrypt_with_libctx(NULL, in, cipher, flags, libctx, propq);
         if (cms == NULL)
             goto end;
         for (i = 0; i < sk_X509_num(encerts); i++) {
@@ -978,8 +999,9 @@ int cms_main(int argc, char **argv)
                 goto end;
         }
     } else if (operation == SMIME_ENCRYPTED_ENCRYPT) {
-        cms = CMS_EncryptedData_encrypt(in, cipher,
-                                        secret_key, secret_keylen, flags);
+        cms = CMS_EncryptedData_encrypt_with_libctx(in, cipher, secret_key,
+                                                    secret_keylen, flags,
+                                                    libctx, propq);
 
     } else if (operation == SMIME_SIGN_RECEIPT) {
         CMS_ContentInfo *srcms = NULL;
@@ -1007,14 +1029,15 @@ int cms_main(int argc, char **argv)
                     flags |= CMS_STREAM;
             }
             flags |= CMS_PARTIAL;
-            cms = CMS_sign(NULL, NULL, other, in, flags);
+            cms = CMS_sign_with_libctx(NULL, NULL, other, in, flags, libctx, propq);
             if (cms == NULL)
                 goto end;
             if (econtent_type != NULL)
                 CMS_set1_eContentType(cms, econtent_type);
 
             if (rr_to != NULL) {
-                rr = make_receipt_request(rr_to, rr_allorfirst, rr_from);
+                rr = make_receipt_request(rr_to, rr_allorfirst, rr_from, libctx,
+                                          propq);
                 if (rr == NULL) {
                     BIO_puts(bio_err,
                              "Signed Receipt Request Creation Error\n");
@@ -1231,6 +1254,7 @@ int cms_main(int argc, char **argv)
     BIO_free(indata);
     BIO_free_all(out);
     OPENSSL_free(passin);
+    NCONF_free(conf);
     return ret;
 }
 
@@ -1367,9 +1391,10 @@ static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK_OF(OPENSSL_STRING) *ns)
     return NULL;
 }
 
-static CMS_ReceiptRequest *make_receipt_request(STACK_OF(OPENSSL_STRING)
-                                                *rr_to, int rr_allorfirst, STACK_OF(OPENSSL_STRING)
-                                                *rr_from)
+static CMS_ReceiptRequest *make_receipt_request(
+   STACK_OF(OPENSSL_STRING) *rr_to, int rr_allorfirst,
+   STACK_OF(OPENSSL_STRING) *rr_from,
+   OPENSSL_CTX *libctx, const char *propq)
 {
     STACK_OF(GENERAL_NAMES) *rct_to = NULL, *rct_from = NULL;
     CMS_ReceiptRequest *rr;
@@ -1383,8 +1408,8 @@ static CMS_ReceiptRequest *make_receipt_request(STACK_OF(OPENSSL_STRING)
     } else {
         rct_from = NULL;
     }
-    rr = CMS_ReceiptRequest_create0(NULL, -1, rr_allorfirst, rct_from,
-                                    rct_to);
+    rr = CMS_ReceiptRequest_create0_with_libctx(NULL, -1, rr_allorfirst,
+                                                rct_from, rct_to, libctx, propq);
     return rr;
  err:
     sk_GENERAL_NAMES_pop_free(rct_to, GENERAL_NAMES_free);
diff --git a/apps/pkcs7.c b/apps/pkcs7.c
index 2416584dd6..95d3ca0845 100644
--- a/apps/pkcs7.c
+++ b/apps/pkcs7.c
@@ -57,12 +57,14 @@ const OPTIONS pkcs7_options[] = {
 int pkcs7_main(int argc, char **argv)
 {
     ENGINE *e = NULL;
-    PKCS7 *p7 = NULL;
+    PKCS7 *p7 = NULL, *p7i;
     BIO *in = NULL, *out = NULL;
     int informat = FORMAT_PEM, outformat = FORMAT_PEM;
     char *infile = NULL, *outfile = NULL, *prog;
     int i, print_certs = 0, text = 0, noout = 0, p7_print = 0, ret = 1;
     OPTION_CHOICE o;
+    OPENSSL_CTX *libctx = app_get0_libctx();
+    const char *propq = app_get0_propq();
 
     prog = opt_init(argc, argv, pkcs7_options);
     while ((o = opt_next()) != OPT_EOF) {
@@ -119,11 +121,18 @@ int pkcs7_main(int argc, char **argv)
     if (in == NULL)
         goto end;
 
+    p7 = PKCS7_new_with_libctx(libctx, propq);
+    if (p7 == NULL) {
+        BIO_printf(bio_err, "unable to allocate PKCS7 object\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
     if (informat == FORMAT_ASN1)
-        p7 = d2i_PKCS7_bio(in, NULL);
+        p7i = d2i_PKCS7_bio(in, &p7);
     else
-        p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
-    if (p7 == NULL) {
+        p7i = PEM_read_bio_PKCS7(in, &p7, NULL, NULL);
+    if (p7i == NULL) {
         BIO_printf(bio_err, "unable to load PKCS7 object\n");
         ERR_print_errors(bio_err);
         goto end;
diff --git a/apps/smime.c b/apps/smime.c
index 6b7d51b76a..4dfc80d440 100644
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -45,7 +45,7 @@ typedef enum OPTION_choice {
     OPT_TO, OPT_FROM, OPT_SUBJECT, OPT_SIGNER, OPT_RECIP, OPT_MD,
     OPT_CIPHER, OPT_INKEY, OPT_KEYFORM, OPT_CERTFILE, OPT_CAFILE,
     OPT_CAPATH, OPT_CASTORE, OPT_NOCAFILE, OPT_NOCAPATH, OPT_NOCASTORE,
-    OPT_R_ENUM, OPT_PROV_ENUM,
+    OPT_R_ENUM, OPT_PROV_ENUM, OPT_CONFIG,
     OPT_V_ENUM,
     OPT_IN, OPT_INFORM, OPT_OUT,
     OPT_OUTFORM, OPT_CONTENT
@@ -70,6 +70,7 @@ const OPTIONS smime_options[] = {
     {"stream", OPT_STREAM, '-', "Enable CMS streaming" },
     {"indef", OPT_INDEF, '-', "Same as -stream" },
     {"noindef", OPT_NOINDEF, '-', "Disable CMS streaming"},
+    OPT_CONFIG_OPTION,
 
     OPT_SECTION("Action"),
     {"encrypt", OPT_ENCRYPT, '-', "Encrypt message"},
@@ -133,6 +134,7 @@ const OPTIONS smime_options[] = {
 
 int smime_main(int argc, char **argv)
 {
+    CONF *conf = NULL;
     BIO *in = NULL, *out = NULL, *indata = NULL;
     EVP_PKEY *key = NULL;
     PKCS7 *p7 = NULL;
@@ -155,6 +157,8 @@ int smime_main(int argc, char **argv)
     int vpmtouched = 0, rv = 0;
     ENGINE *e = NULL;
     const char *mime_eol = "\n";
+    OPENSSL_CTX *libctx = app_get0_libctx();
+    const char *propq = app_get0_propq();
 
     if ((vpm = X509_VERIFY_PARAM_new()) == NULL)
         return 1;
@@ -252,6 +256,11 @@ int smime_main(int argc, char **argv)
             if (!opt_provider(o))
                 goto end;
             break;
+        case OPT_CONFIG:
+            conf = app_load_config_modules(opt_arg());
+            if (conf == NULL)
+                goto end;
+            break;
         case OPT_ENGINE:
             e = setup_engine(opt_arg(), 0);
             break;
@@ -476,18 +485,25 @@ int smime_main(int argc, char **argv)
         goto end;
 
     if (operation & SMIME_IP) {
+        PKCS7 *p7_in = NULL;
+
+        p7 = PKCS7_new_with_libctx(libctx, propq);
+        if (p7 == NULL) {
+            BIO_printf(bio_err, "Error allocating PKCS7 object\n");
+            goto end;
+        }
         if (informat == FORMAT_SMIME) {
-            p7 = SMIME_read_PKCS7(in, &indata);
+            p7_in = SMIME_read_PKCS7_ex(in, &indata, &p7);
         } else if (informat == FORMAT_PEM) {
-            p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
+            p7_in = PEM_read_bio_PKCS7(in, &p7, NULL, NULL);
         } else if (informat == FORMAT_ASN1) {
-            p7 = d2i_PKCS7_bio(in, NULL);
+            p7_in = d2i_PKCS7_bio(in, &p7);
         } else {
             BIO_printf(bio_err, "Bad input format for PKCS#7 file\n");
             goto end;
         }
 
-        if (p7 == NULL) {
+        if (p7_in == NULL) {
             BIO_printf(bio_err, "Error reading S/MIME message\n");
             goto end;
         }
@@ -518,7 +534,7 @@ int smime_main(int argc, char **argv)
     if (operation == SMIME_ENCRYPT) {
         if (indef)
             flags |= PKCS7_STREAM;
-        p7 = PKCS7_encrypt(encerts, in, cipher, flags);
+        p7 = PKCS7_encrypt_with_libctx(encerts, in, cipher, flags, libctx, propq);
     } else if (operation & SMIME_SIGNERS) {
         int i;
         /*
@@ -533,7 +549,8 @@ int smime_main(int argc, char **argv)
                 flags |= PKCS7_STREAM;
             }
             flags |= PKCS7_PARTIAL;
-            p7 = PKCS7_sign(NULL, NULL, other, in, flags);
+            p7 = PKCS7_sign_with_libctx(NULL, NULL, other, in, flags, libctx,
+                                        propq);
             if (p7 == NULL)
                 goto end;
             if (flags & PKCS7_NOCERTS) {
@@ -643,6 +660,7 @@ int smime_main(int argc, char **argv)
     BIO_free(indata);
     BIO_free_all(out);
     OPENSSL_free(passin);
+    NCONF_free(conf);
     return ret;
 }
 
diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c
index dab89e57d5..461ffbb332 100644
--- a/crypto/asn1/asn_mime.c
+++ b/crypto/asn1/asn_mime.c
@@ -14,6 +14,7 @@
 #include <openssl/x509.h>
 #include <openssl/asn1.h>
 #include <openssl/asn1t.h>
+#include <openssl/cms.h>
 #include "crypto/evp.h"
 #include "internal/bio.h"
 #include "asn1_local.h"
@@ -132,7 +133,7 @@ int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
     return r;
 }
 
-static ASN1_VALUE *b64_read_asn1(BIO *bio, const ASN1_ITEM *it)
+static ASN1_VALUE *b64_read_asn1(BIO *bio, const ASN1_ITEM *it, ASN1_VALUE **x)
 {
     BIO *b64;
     ASN1_VALUE *val;
@@ -142,7 +143,7 @@ static ASN1_VALUE *b64_read_asn1(BIO *bio, const ASN1_ITEM *it)
         return 0;
     }
     bio = BIO_push(b64, bio);
-    val = ASN1_item_d2i_bio(it, bio, NULL);
+    val = ASN1_item_d2i_bio(it, bio, x);
     if (!val)
         ASN1err(ASN1_F_B64_READ_ASN1, ASN1_R_DECODE_ERROR);
     (void)BIO_flush(bio);
@@ -231,14 +232,17 @@ static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
 
 /* SMIME sender */
 
-int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
-                     int ctype_nid, int econt_nid,
-                     STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it)
+int SMIME_write_ASN1_with_libctx(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
+                                 int ctype_nid, int econt_nid,
+                                 STACK_OF(X509_ALGOR) *mdalgs,
+                                 const ASN1_ITEM *it,
+                                 OPENSSL_CTX *libctx, const char *propq)
 {
     char bound[33], c;
     int i;
     const char *mime_prefix, *mime_eol, *cname = "smime.p7m";
     const char *msg_type = NULL;
+
     if (flags & SMIME_OLDMIME)
         mime_prefix = "application/x-pkcs7-";
     else
@@ -251,7 +255,7 @@ int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
     if ((flags & SMIME_DETACHED) && data) {
         /* We want multipart/signed */
         /* Generate a random boundary */
-        if (RAND_bytes((unsigned char *)bound, 32) <= 0)
+        if (RAND_bytes_ex(libctx, (unsigned char *)bound, 32) <= 0)
             return 0;
         for (i = 0; i < 32; i++) {
             c = bound[i] & 0xf;
@@ -321,6 +325,14 @@ int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
     return 1;
 }
 
+int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
+                     int ctype_nid, int econt_nid,
+                     STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it)
+{
+    return SMIME_write_ASN1_with_libctx(bio, val, data, flags, ctype_nid,
+                                        econt_nid, mdalgs, it, NULL, NULL);
+}
+
 /* Handle output of ASN1 data */
 
 /* cannot constify val because of CMS_dataFinal() */
@@ -380,7 +392,8 @@ static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
  * opaque this is set to NULL
  */
 
-ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
+ASN1_VALUE *SMIME_read_ASN1_ex(BIO *bio, BIO **bcont, const ASN1_ITEM *it,
+                               ASN1_VALUE **x)
 {
     BIO *asnin;
     STACK_OF(MIME_HEADER) *headers = NULL;
@@ -394,14 +407,14 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
         *bcont = NULL;
 
     if ((headers = mime_parse_hdr(bio)) == NULL) {
-        ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_MIME_PARSE_ERROR);
+        ASN1err(0, ASN1_R_MIME_PARSE_ERROR);
         return NULL;
     }
 
     if ((hdr = mime_hdr_find(headers, "content-type")) == NULL
         || hdr->value == NULL) {
         sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-        ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_CONTENT_TYPE);
+        ASN1err(0, ASN1_R_NO_CONTENT_TYPE);
         return NULL;
     }
 
@@ -412,13 +425,13 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
         prm = mime_param_find(hdr, "boundary");
         if (prm == NULL || prm->param_value == NULL) {
             sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-            ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_MULTIPART_BOUNDARY);
+            ASN1err(0, ASN1_R_NO_MULTIPART_BOUNDARY);
             return NULL;
         }
         ret = multi_split(bio, prm->param_value, &parts);
         sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
         if (!ret || (sk_BIO_num(parts) != 2)) {
-            ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_MULTIPART_BODY_FAILURE);
+            ASN1err(0, ASN1_R_NO_MULTIPART_BODY_FAILURE);
             sk_BIO_pop_free(parts, BIO_vfree);
             return NULL;
         }
@@ -427,7 +440,7 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
         asnin = sk_BIO_value(parts, 1);
 
         if ((headers = mime_parse_hdr(asnin)) == NULL) {
-            ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_MIME_SIG_PARSE_ERROR);
+            ASN1err(0, ASN1_R_MIME_SIG_PARSE_ERROR);
             sk_BIO_pop_free(parts, BIO_vfree);
             return NULL;
         }
@@ -437,14 +450,14 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
         if ((hdr = mime_hdr_find(headers, "content-type")) == NULL
             || hdr->value == NULL) {
             sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-            ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_SIG_CONTENT_TYPE);
+            ASN1err(0, ASN1_R_NO_SIG_CONTENT_TYPE);
             sk_BIO_pop_free(parts, BIO_vfree);
             return NULL;
         }
 
         if (strcmp(hdr->value, "application/x-pkcs7-signature") &&
             strcmp(hdr->value, "application/pkcs7-signature")) {
-            ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_SIG_INVALID_MIME_TYPE);
+            ASN1err(0, ASN1_R_SIG_INVALID_MIME_TYPE);
             ERR_add_error_data(2, "type: ", hdr->value);
             sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
             sk_BIO_pop_free(parts, BIO_vfree);
@@ -452,8 +465,8 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
         }
         sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
         /* Read in ASN1 */
-        if ((val = b64_read_asn1(asnin, it)) == NULL) {
-            ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_ASN1_SIG_PARSE_ERROR);
+        if ((val = b64_read_asn1(asnin, it, x)) == NULL) {
+            ASN1err(0, ASN1_R_ASN1_SIG_PARSE_ERROR);
             sk_BIO_pop_free(parts, BIO_vfree);
             return NULL;
         }
@@ -471,7 +484,7 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
 
     if (strcmp(hdr->value, "application/x-pkcs7-mime") &&
         strcmp(hdr->value, "application/pkcs7-mime")) {
-        ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_INVALID_MIME_TYPE);
+        ASN1err(0, ASN1_R_INVALID_MIME_TYPE);
         ERR_add_error_data(2, "type: ", hdr->value);
         sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
         return NULL;
@@ -479,12 +492,16 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
 
     sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
 
-    if ((val = b64_read_asn1(bio, it)) == NULL) {
-        ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_ASN1_PARSE_ERROR);
+    if ((val = b64_read_asn1(bio, it, x)) == NULL) {
+        ASN1err(0, ASN1_R_ASN1_PARSE_ERROR);
         return NULL;
     }
     return val;
+}
 
+ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
+{
+    return SMIME_read_ASN1_ex(bio, bcont, it, NULL);
 }
 
 /* Copy text from one BIO to another making the output CRLF at EOL */
diff --git a/crypto/cms/cms_cd.c b/crypto/cms/cms_cd.c
index ac40275b63..c596eab2c2 100644
--- a/crypto/cms/cms_cd.c
+++ b/crypto/cms/cms_cd.c
@@ -21,10 +21,12 @@
 
 /* CMS CompressedData Utilities */
 
-CMS_ContentInfo *cms_CompressedData_create(int comp_nid)
+CMS_ContentInfo *cms_CompressedData_create(int comp_nid, OPENSSL_CTX *libctx,
+                                           const char *propq)
 {
     CMS_ContentInfo *cms;
     CMS_CompressedData *cd;
+
     /*
      * Will need something cleverer if there is ever more than one
      * compression algorithm or parameters have some meaning...
@@ -34,7 +36,7 @@ CMS_ContentInfo *cms_CompressedData_create(int comp_nid)
                CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
         return NULL;
     }
-    cms = CMS_ContentInfo_new();
+    cms = CMS_ContentInfo_new_with_libctx(libctx, propq);
     if (cms == NULL)
         return NULL;
 
@@ -64,6 +66,7 @@ BIO *cms_CompressedData_init_bio(const CMS_ContentInfo *cms)
 {
     CMS_CompressedData *cd;
     const ASN1_OBJECT *compoid;
+
     if (OBJ_obj2nid(cms->contentType) != NID_id_smime_ct_compressedData) {
         CMSerr(CMS_F_CMS_COMPRESSEDDATA_INIT_BIO,
                CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA);
diff --git a/crypto/cms/cms_dd.c b/crypto/cms/cms_dd.c
index 9da26476e0..2b2d970acd 100644
--- a/crypto/cms/cms_dd.c
+++ b/crypto/cms/cms_dd.c
@@ -17,11 +17,13 @@
 
 /* CMS DigestedData Utilities */
 
-CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md)
+CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md,
+                                         OPENSSL_CTX *libctx, const char *propq)
 {
     CMS_ContentInfo *cms;
     CMS_DigestedData *dd;
-    cms = CMS_ContentInfo_new();
+
+    cms = CMS_ContentInfo_new_with_libctx(libctx, propq);
     if (cms == NULL)
         return NULL;
 
@@ -47,9 +49,9 @@ CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md)
 
 BIO *cms_DigestedData_init_bio(const CMS_ContentInfo *cms)
 {
-    CMS_DigestedData *dd;
-    dd = cms->d.digestedData;
-    return cms_DigestAlgorithm_init_bio(dd->digestAlgorithm);
+    CMS_DigestedData *dd = cms->d.digestedData;
+
+    return cms_DigestAlgorithm_init_bio(dd->digestAlgorithm, cms_get0_cmsctx(cms));
 }
 
 int cms_DigestedData_do_final(const CMS_ContentInfo *cms, BIO *chain, int verify)
diff --git a/crypto/cms/cms_enc.c b/crypto/cms/cms_enc.c
index 3eb2f41a6a..e25453ec9c 100644
--- a/crypto/cms/cms_enc.c
+++ b/crypto/cms/cms_enc.c
@@ -20,19 +20,19 @@
 
 /* Return BIO based on EncryptedContentInfo and key */
 
-BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
+BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec,
+                                   const CMS_CTX *cms_ctx)
 {
     BIO *b;
     EVP_CIPHER_CTX *ctx;
-    const EVP_CIPHER *ciph;
+    EVP_CIPHER *fetched_ciph = NULL;
+    const EVP_CIPHER *cipher = NULL;
     X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
     unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL;
     unsigned char *tkey = NULL;
     int len;
     size_t tkeylen = 0;
-
     int ok = 0;
-
     int enc, keep_key = 0;
 
     enc = ec->cipher ? 1 : 0;
@@ -46,26 +46,29 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
     BIO_get_cipher_ctx(b, &ctx);
 
     if (enc) {
-        ciph = ec->cipher;
+        cipher = ec->cipher;
         /*
          * If not keeping key set cipher to NULL so subsequent calls decrypt.
          */
-        if (ec->key)
+        if (ec->key != NULL)
             ec->cipher = NULL;
     } else {
-        ciph = EVP_get_cipherbyobj(calg->algorithm);
-
-        if (!ciph) {
+        cipher = EVP_get_cipherbyobj(calg->algorithm);
+    }
+    if (cipher != NULL) {
+        fetched_ciph = EVP_CIPHER_fetch(cms_ctx->libctx, EVP_CIPHER_name(cipher),
+                                        cms_ctx->propq);
+        if (fetched_ciph == NULL) {
             CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, CMS_R_UNKNOWN_CIPHER);
             goto err;
         }
     }
-
-    if (EVP_CipherInit_ex(ctx, ciph, NULL, NULL, NULL, enc) <= 0) {
+    if (EVP_CipherInit_ex(ctx, fetched_ciph, NULL, NULL, NULL, enc) <= 0) {
         CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
                CMS_R_CIPHER_INITIALISATION_ERROR);
         goto err;
     }
+    EVP_CIPHER_free(fetched_ciph);
 
     if (enc) {
         int ivlen;
@@ -73,7 +76,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
         /* Generate a random IV if we need one */
         ivlen = EVP_CIPHER_CTX_iv_length(ctx);
         if (ivlen > 0) {
-            if (RAND_bytes(iv, ivlen) <= 0)
+            if (RAND_bytes_ex(cms_ctx->libctx, iv, ivlen) <= 0)
                 goto err;
             piv = iv;
         }
@@ -169,7 +172,8 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
 
 int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
                               const EVP_CIPHER *cipher,
-                              const unsigned char *key, size_t keylen)
+                              const unsigned char *key, size_t keylen,
+                              const CMS_CTX *cms_ctx)
 {
     ec->cipher = cipher;
     if (key) {
@@ -180,7 +184,7 @@ int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
         memcpy(ec->key, key, keylen);
     }
     ec->keylen = keylen;
-    if (cipher)
+    if (cipher != NULL)
         ec->contentType = OBJ_nid2obj(NID_pkcs7_data);
     return 1;
 }
@@ -189,6 +193,7 @@ int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
                                const unsigned char *key, size_t keylen)
 {
     CMS_EncryptedContentInfo *ec;
+
     if (!key || !keylen) {
         CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY, CMS_R_NO_KEY);
         return 0;
@@ -206,7 +211,7 @@ int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
         return 0;
     }
     ec = cms->d.encryptedData->encryptedContentInfo;
-    return cms_EncryptedContent_init(ec, ciph, key, keylen);
+    return cms_EncryptedContent_init(ec, ciph, key, keylen, cms_get0_cmsctx(cms));
 }
 
 BIO *cms_EncryptedData_init_bio(const CMS_ContentInfo *cms)
@@ -214,5 +219,6 @@ BIO *cms_EncryptedData_init_bio(const CMS_ContentInfo *cms)
     CMS_EncryptedData *enc = cms->d.encryptedData;
     if (enc->encryptedContentInfo->cipher && enc->unprotectedAttrs)
         enc->version = 2;
-    return cms_EncryptedContent_init_bio(enc->encryptedContentInfo);
+    return cms_EncryptedContent_init_bio(enc->encryptedContentInfo,
+                                         cms_get0_cmsctx(cms));
 }
diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c
index a5ef2ddee5..94961cd038 100644
--- a/crypto/cms/cms_env.c
+++ b/crypto/cms/cms_env.c
@@ -14,9 +14,10 @@
 #include <openssl/err.h>
 #include <openssl/cms.h>
 #include <openssl/evp.h>
-#include "cms_local.h"
 #include "crypto/asn1.h"
 #include "crypto/evp.h"
+#include "crypto/x509.h"
+#include "cms_local.h"
 
 DEFINE_STACK_OF(CMS_RecipientInfo)
 DEFINE_STACK_OF(CMS_RevocationInfoChoice)
@@ -94,6 +95,37 @@ STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms)
     return env->recipientInfos;
 }
 
+void cms_RecipientInfos_set_cmsctx(CMS_ContentInfo *cms)
+{
+    int i;
+    CMS_RecipientInfo *ri;
+    const CMS_CTX *ctx = cms_get0_cmsctx(cms);
+    STACK_OF(CMS_RecipientInfo) *rinfos = CMS_get0_RecipientInfos(cms);
+
+    for (i = 0; i < sk_CMS_RecipientInfo_num(rinfos); i++) {
+        ri = sk_CMS_RecipientInfo_value(rinfos, i);
+        if (ri != NULL) {
+            switch (ri->type) {
+            case CMS_RECIPINFO_AGREE:
+                ri->d.kari->cms_ctx = ctx;
+                break;
+            case CMS_RECIPINFO_TRANS:
+                ri->d.ktri->cms_ctx = ctx;
+                x509_set0_libctx(ri->d.ktri->recip, ctx->libctx, ctx->propq);
+                break;
+            case CMS_RECIPINFO_KEK:
+                ri->d.kekri->cms_ctx = ctx;
+                break;
+            case CMS_RECIPINFO_PASS:
+                ri->d.pwri->cms_ctx = ctx;
+                break;
+            default:
+                break;
+            }
+        }
+    }
+}
+
 int CMS_RecipientInfo_type(CMS_RecipientInfo *ri)
 {
     return ri->type;
@@ -108,26 +140,35 @@ EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri)
     return NULL;
 }
 
-CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher)
+CMS_ContentInfo *CMS_EnvelopedData_create_with_libctx(const EVP_CIPHER *cipher,
+                                                      OPENSSL_CTX *libctx,
+                                                      const char *propq)
 {
     CMS_ContentInfo *cms;
     CMS_EnvelopedData *env;
-    cms = CMS_ContentInfo_new();
+
+    cms = CMS_ContentInfo_new_with_libctx(libctx, propq);
     if (cms == NULL)
         goto merr;
     env = cms_enveloped_data_init(cms);
     if (env == NULL)
         goto merr;
-    if (!cms_EncryptedContent_init(env->encryptedContentInfo,
-                                   cipher, NULL, 0))
+
+    if (!cms_EncryptedContent_init(env->encryptedContentInfo, cipher, NULL, 0,
+                                   cms_get0_cmsctx(cms)))
         goto merr;
     return cms;
  merr:
     CMS_ContentInfo_free(cms);
-    CMSerr(CMS_F_CMS_ENVELOPEDDATA_CREATE, ERR_R_MALLOC_FAILURE);
+    CMSerr(0, ERR_R_MALLOC_FAILURE);
     return NULL;
 }
 
+CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher)
+{
+    return CMS_EnvelopedData_create_with_libctx(cipher, NULL, NULL);
+}
+
 int cms_EnvelopedData_final(CMS_ContentInfo *cms, BIO *chain)
 {
     CMS_EnvelopedData *env = NULL;
@@ -174,7 +215,8 @@ int cms_EnvelopedData_final(CMS_ContentInfo *cms, BIO *chain)
 /* Initialise a ktri based on passed certificate and key */
 
 static int cms_RecipientInfo_ktri_init(CMS_RecipientInfo *ri, X509 *recip,
-                                       EVP_PKEY *pk, unsigned int flags)
+                                       EVP_PKEY *pk, unsigned int flags,
+                                       const CMS_CTX *ctx)
 {
     CMS_KeyTransRecipientInfo *ktri;
     int idtype;
@@ -185,6 +227,7 @@ static int cms_RecipientInfo_ktri_init(CMS_RecipientInfo *ri, X509 *recip,
     ri->type = CMS_RECIPINFO_TRANS;
 
     ktri = ri->d.ktri;
+    ktri->cms_ctx = ctx;
 
     if (flags & CMS_USE_KEYID) {
         ktri->version = 2;
@@ -199,7 +242,7 @@ static int cms_RecipientInfo_ktri_init(CMS_RecipientInfo *ri, X509 *recip,
      * structure.
      */
 
-    if (!cms_set1_SignerIdentifier(ktri->rid, recip, idtype))
+    if (!cms_set1_SignerIdentifier(ktri->rid, recip, idtype, ctx))
         return 0;
 
     X509_up_ref(recip);
@@ -209,7 +252,8 @@ static int cms_RecipientInfo_ktri_init(CMS_RecipientInfo *ri, X509 *recip,
     ktri->recip = recip;
 
     if (flags & CMS_KEY_PARAM) {
-        ktri->pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL);
+        ktri->pctx = EVP_PKEY_CTX_new_from_pkey(ctx->libctx, ktri->pkey,
+                                                ctx->propq);
         if (ktri->pctx == NULL)
             return 0;
         if (EVP_PKEY_encrypt_init(ktri->pctx) <= 0)
@@ -230,6 +274,8 @@ CMS_RecipientInfo *CMS_add1_recipient(CMS_ContentInfo *cms, X509 *recip,
     CMS_RecipientInfo *ri = NULL;
     CMS_EnvelopedData *env;
     EVP_PKEY *pk = NULL;
+    const CMS_CTX *ctx = cms_get0_cmsctx(cms);
+
     env = cms_get0_enveloped(cms);
     if (!env)
         goto err;
@@ -248,12 +294,13 @@ CMS_RecipientInfo *CMS_add1_recipient(CMS_ContentInfo *cms, X509 *recip,
     switch (cms_pkey_get_ri_type(pk)) {
 
     case CMS_RECIPINFO_TRANS:
-        if (!cms_RecipientInfo_ktri_init(ri, recip, pk, flags))
+        if (!cms_RecipientInfo_ktri_init(ri, recip, pk, flags, ctx))
             goto err;
         break;
 
     case CMS_RECIPINFO_AGREE:
-        if (!cms_RecipientInfo_kari_init(ri, recip, pk, originator, originatorPrivKey, flags))
+        if (!cms_RecipientInfo_kari_init(ri, recip, pk, originator,
+                                         originatorPrivKey, flags, ctx))
             goto err;
         break;
 
@@ -352,6 +399,7 @@ static int cms_RecipientInfo_ktri_encrypt(const CMS_ContentInfo *cms,
     EVP_PKEY_CTX *pctx;
     unsigned char *ek = NULL;
     size_t eklen;
+    const CMS_CTX *ctx = cms_get0_cmsctx(cms);
 
     int ret = 0;
 
@@ -368,7 +416,7 @@ static int cms_RecipientInfo_ktri_encrypt(const CMS_ContentInfo *cms,
         if (!cms_env_asn1_ctrl(ri, 0))
             goto err;
     } else {
-        pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL);
+        pctx = EVP_PKEY_CTX_new_from_pkey(ctx->libctx, ktri->pkey, ctx->propq);
         if (pctx == NULL)
             return 0;
 
@@ -405,7 +453,6 @@ static int cms_RecipientInfo_ktri_encrypt(const CMS_ContentInfo *cms,
     ktri->pctx = NULL;
     OPENSSL_free(ek);
     return ret;
-
 }
 
 /* Decrypt content key from KTRI */
@@ -419,7 +466,10 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
     size_t eklen;
     int ret = 0;
     size_t fixlen = 0;
+    EVP_CIPHER *ciph = NULL;
     CMS_EncryptedContentInfo *ec;
+    const CMS_CTX *ctx = cms_get0_cmsctx(cms);
+
     ec = cms->d.envelopedData->encryptedContentInfo;
 
     if (ktri->pkey == NULL) {
@@ -430,19 +480,21 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
     if (cms->d.envelopedData->encryptedContentInfo->havenocert
             && !cms->d.envelopedData->encryptedContentInfo->debug) {
         X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
-        const EVP_CIPHER *ciph = EVP_get_cipherbyobj(calg->algorithm);
+        const char *name = OBJ_nid2sn(OBJ_obj2nid(calg->algorithm));
 
+        ciph = EVP_CIPHER_fetch(ctx->libctx, name, ctx->propq);
         if (ciph == NULL) {
             CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_UNKNOWN_CIPHER);
             return 0;
         }
 
         fixlen = EVP_CIPHER_key_length(ciph);
+        EVP_CIPHER_free(ciph);
     }
 
-    ktri->pctx = EVP_PKEY_CTX_new(pkey, NULL);
+    ktri->pctx = EVP_PKEY_CTX_new_from_pkey(ctx->libctx, pkey, ctx->propq);
     if (ktri->pctx == NULL)
-        return 0;
+        goto err;
 
     if (EVP_PKEY_decrypt_init(ktri->pctx) <= 0)
         goto err;
@@ -627,7 +679,6 @@ CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
  err:
     M_ASN1_free_of(ri, CMS_RecipientInfo);
     return NULL;
-
 }
 
 int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri,
@@ -679,20 +730,24 @@ int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
     return 1;
 }
 
-static const EVP_CIPHER *cms_get_key_wrap_cipher(size_t keylen)
+static EVP_CIPHER *cms_get_key_wrap_cipher(size_t keylen, const CMS_CTX *ctx)
 {
+    const char *alg = NULL;
+
     switch(keylen) {
     case 16:
-        return EVP_aes_128_wrap();
-
+        alg = "AES-128-WRAP";
+        break;
     case 24:
-        return EVP_aes_192_wrap();
-
+        alg = "AES-192-WRAP";
+        break;
     case 32:
-        return EVP_aes_256_wrap();
+        alg = "AES-256-WRAP";
+        break;
+    default:
+        return NULL;
     }
-
-    return NULL;
+    return EVP_CIPHER_fetch(ctx->libctx, alg, ctx->propq);
 }
 
 
@@ -706,9 +761,10 @@ static int cms_RecipientInfo_kekri_encrypt(const CMS_ContentInfo *cms,
     unsigned char *wkey = NULL;
     int wkeylen;
     int r = 0;
-    const EVP_CIPHER *cipher = NULL;
+    EVP_CIPHER *cipher = NULL;
     int outlen = 0;
     EVP_CIPHER_CTX *ctx = NULL;
+    const CMS_CTX *cms_ctx = cms_get0_cmsctx(cms);
 
     ec = cms->d.envelopedData->encryptedContentInfo;
 
@@ -719,7 +775,7 @@ static int cms_RecipientInfo_kekri_encrypt(const CMS_ContentInfo *cms,
         return 0;
     }
 
-    cipher = cms_get_key_wrap_cipher(kekri->keylen);
+    cipher = cms_get_key_wrap_cipher(kekri->keylen, cms_ctx);
     if (cipher == NULL) {
         CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, CMS_R_INVALID_KEY_LENGTH);
         goto err;
@@ -756,12 +812,12 @@ static int cms_RecipientInfo_kekri_encrypt(const CMS_ContentInfo *cms,
     r = 1;
 
  err:
+    EVP_CIPHER_free(cipher);
     if (!r)
         OPENSSL_free(wkey);
     EVP_CIPHER_CTX_free(ctx);
 
     return r;
-
 }
 
 /* Decrypt content key in KEK recipient info */
@@ -774,9 +830,10 @@ static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms,
     unsigned char *ukey = NULL;
     int ukeylen;
     int r = 0, wrap_nid;
-    const EVP_CIPHER *cipher = NULL;
+    EVP_CIPHER *cipher = NULL;
     int outlen = 0;
     EVP_CIPHER_CTX *ctx = NULL;
+    const CMS_CTX *cms_ctx = cms_get0_cmsctx(cms);
 
     ec = cms->d.envelopedData->encryptedContentInfo;
 
@@ -802,7 +859,7 @@ static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms,
         goto err;
     }
 
-    cipher = cms_get_key_wrap_cipher(kekri->keylen);
+    cipher = cms_get_key_wrap_cipher(kekri->keylen, cms_ctx);
     if (cipher == NULL) {
         CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, CMS_R_INVALID_KEY_LENGTH);
         goto err;
@@ -836,12 +893,12 @@ static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms,
     r = 1;
 
  err:
+    EVP_CIPHER_free(cipher);
     if (!r)
         OPENSSL_free(ukey);
     EVP_CIPHER_CTX_free(ctx);
 
     return r;
-
 }
 
 int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
@@ -951,7 +1008,7 @@ static void cms_env_set_version(CMS_EnvelopedData *env)
 static BIO *cms_EnvelopedData_Decryption_init_bio(CMS_ContentInfo *cms)
 {
     CMS_EncryptedContentInfo *ec = cms->d.envelopedData->encryptedContentInfo;
-    BIO *contentBio = cms_EncryptedContent_init_bio(ec);
+    BIO *contentBio = cms_EncryptedContent_init_bio(ec, cms_get0_cmsctx(cms));
     EVP_CIPHER_CTX *ctx = NULL;
 
     if (contentBio == NULL)
@@ -986,7 +1043,7 @@ static BIO *cms_EnvelopedData_Encryption_init_bio(CMS_ContentInfo *cms)
     /* Get BIO first to set up key */
 
     ec = cms->d.envelopedData->encryptedContentInfo;
-    ret = cms_EncryptedContent_init_bio(ec);
+    ret = cms_EncryptedContent_init_bio(ec, cms_get0_cmsctx(cms));
 
     /* If error end of processing */
     if (!ret)
@@ -1051,7 +1108,8 @@ int cms_pkey_is_ri_type_supported(EVP_PKEY *pk, int ri_type)
     if (pk->ameth != NULL && pk->ameth->pkey_ctrl != NULL) {
         int i, r;
 
-        i = pk->ameth->pkey_ctrl(pk, ASN1_PKEY_CTRL_CMS_IS_RI_TYPE_SUPPORTED, ri_type, &r);
+        i = pk->ameth->pkey_ctrl(pk, ASN1_PKEY_CTRL_CMS_IS_RI_TYPE_SUPPORTED,
+                                 ri_type, &r);
         if (i > 0)
             return r;
     }
diff --git a/crypto/cms/cms_ess.c b/crypto/cms/cms_ess.c
index e3604f7db8..3e545b7add 100644
--- a/crypto/cms/cms_ess.c
+++ b/crypto/cms/cms_ess.c
@@ -15,9 +15,10 @@
 #include <openssl/err.h>
 #include <openssl/cms.h>
 #include <openssl/ess.h>
-#include "cms_local.h"
 #include "crypto/ess.h"
 #include "crypto/cms.h"
+#include "crypto/x509.h"
+#include "cms_local.h"
 
 DEFINE_STACK_OF(GENERAL_NAMES)
 DEFINE_STACK_OF(CMS_SignerInfo)
@@ -119,11 +120,10 @@ int ess_check_signing_certs(CMS_SignerInfo *si, STACK_OF(X509) *chain)
     return ret;
 }
 
-CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
-                                               int allorfirst,
-                                               STACK_OF(GENERAL_NAMES)
-                                               *receiptList, STACK_OF(GENERAL_NAMES)
-                                               *receiptsTo)
+CMS_ReceiptRequest *CMS_ReceiptRequest_create0_with_libctx(
+    unsigned char *id, int idlen, int allorfirst,
+    STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo,
+    OPENSSL_CTX *libctx, const char *propq)
 {
     CMS_ReceiptRequest *rr;
 
@@ -135,14 +135,14 @@ CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
     else {
         if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))
             goto merr;
-        if (RAND_bytes(rr->signedContentIdentifier->data, 32) <= 0)
+        if (RAND_bytes_ex(libctx, rr->signedContentIdentifier->data, 32) <= 0)
             goto err;
     }
 
     sk_GENERAL_NAMES_pop_free(rr->receiptsTo, GENERAL_NAMES_free);
     rr->receiptsTo = receiptsTo;
 
-    if (receiptList) {
+    if (receiptList != NULL) {
         rr->receiptsFrom->type = 1;
         rr->receiptsFrom->d.receiptList = receiptList;
     } else {
@@ -153,7 +153,7 @@ CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
     return rr;
 
  merr:
-    CMSerr(CMS_F_CMS_RECEIPTREQUEST_CREATE0, ERR_R_MALLOC_FAILURE);
+    CMSerr(0, ERR_R_MALLOC_FAILURE);
 
  err:
     CMS_ReceiptRequest_free(rr);
@@ -161,6 +161,15 @@ CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
 
 }
 
+CMS_ReceiptRequest *CMS_ReceiptRequest_create0(
+    unsigned char *id, int idlen, int allorfirst,
+    STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo)
+{
+    return CMS_ReceiptRequest_create0_with_libctx(id, idlen, allorfirst,
+                                                  receiptList, receiptsTo,
+                                                  NULL, NULL);
+}
+
 int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr)
 {
     unsigned char *rrder = NULL;
@@ -192,20 +201,20 @@ void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
                                     STACK_OF(GENERAL_NAMES) **plist,
                                     STACK_OF(GENERAL_NAMES) **prto)
 {
-    if (pcid)
+    if (pcid != NULL)
         *pcid = rr->signedContentIdentifier;
     if (rr->receiptsFrom->type == 0) {
-        if (pallorfirst)
+        if (pallorfirst != NULL)
             *pallorfirst = (int)rr->receiptsFrom->d.allOrFirstTier;
-        if (plist)
+        if (plist != NULL)
             *plist = NULL;
     } else {
-        if (pallorfirst)
+        if (pallorfirst != NULL)
             *pallorfirst = -1;
-        if (plist)
+        if (plist != NULL)
             *plist = rr->receiptsFrom->d.receiptList;
     }
-    if (prto)
+    if (prto != NULL)
         *prto = rr->receiptsTo;
 }
 
@@ -214,13 +223,13 @@ void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
 static int cms_msgSigDigest(CMS_SignerInfo *si,
                             unsigned char *dig, unsigned int *diglen)
 {
-    const EVP_MD *md;
+    const EVP_MD *md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
 
-    md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
     if (md == NULL)
         return 0;
-    if (!ASN1_item_digest(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,
-                          si->signedAttrs, dig, diglen))
+    if (!asn1_item_digest_with_libctx(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,
+                                      si->signedAttrs, dig, diglen,
+                                      si->cms_ctx->libctx, si->cms_ctx->propq))
         return 0;
     return 1;
 }
diff --git a/crypto/cms/cms_io.c b/crypto/cms/cms_io.c
index ef72164181..70a7c652e9 100644
--- a/crypto/cms/cms_io.c
+++ b/crypto/cms/cms_io.c
@@ -35,7 +35,12 @@ int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms)
 
 CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms)
 {
-    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(CMS_ContentInfo), bp, cms);
+    CMS_ContentInfo *ci;
+
+    ci = ASN1_item_d2i_bio(ASN1_ITEM_rptr(CMS_ContentInfo), bp, cms);
+    if (ci != NULL && cms != NULL)
+        cms_resolve_libctx(ci);
+    return ci;
 }
 
 int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms)
@@ -71,19 +76,33 @@ int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags)
     STACK_OF(X509_ALGOR) *mdalgs;
     int ctype_nid = OBJ_obj2nid(cms->contentType);
     int econt_nid = OBJ_obj2nid(CMS_get0_eContentType(cms));
+    const CMS_CTX *ctx = cms_get0_cmsctx(cms);
+
     if (ctype_nid == NID_pkcs7_signed)
         mdalgs = cms->d.signedData->digestAlgorithms;
     else
         mdalgs = NULL;
 
-    return SMIME_write_ASN1(bio, (ASN1_VALUE *)cms, data, flags,
-                            ctype_nid, econt_nid, mdalgs,
-                            ASN1_ITEM_rptr(CMS_ContentInfo));
+    return SMIME_write_ASN1_with_libctx(bio, (ASN1_VALUE *)cms, data, flags,
+                                        ctype_nid, econt_nid, mdalgs,
+                                        ASN1_ITEM_rptr(CMS_ContentInfo),
+                                        cms_ctx_get0_libctx(ctx),
+                                        cms_ctx_get0_propq(ctx));
+}
+
+CMS_ContentInfo *SMIME_read_CMS_ex(BIO *bio, BIO **bcont, CMS_ContentInfo **cms)
+{
+    CMS_ContentInfo *ci;
+
+    ci = (CMS_ContentInfo *)SMIME_read_ASN1_ex(bio, bcont,
+                                               ASN1_ITEM_rptr(CMS_ContentInfo),
+                                               (ASN1_VALUE **)cms);
+    if (ci != NULL && cms != NULL)
+        cms_resolve_libctx(ci);
+    return ci;
 }
 
 CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont)
 {
-    return (CMS_ContentInfo *)SMIME_read_ASN1(bio, bcont,
-                                              ASN1_ITEM_rptr
-                                              (CMS_ContentInfo));
+    return SMIME_read_CMS_ex(bio, bcont, NULL);
 }
diff --git a/crypto/cms/cms_kari.c b/crypto/cms/cms_kari.c
index 30d38b5fd6..97b601b3bc 100644
--- a/crypto/cms/cms_kari.c
+++ b/crypto/cms/cms_kari.c
@@ -64,6 +64,7 @@ int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri,
                                         ASN1_INTEGER **sno)
 {
     CMS_OriginatorIdentifierOrKey *oik;
+
     if (ri->type != CMS_RECIPINFO_AGREE) {
         CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID,
                CMS_R_NOT_KEY_AGREEMENT);
@@ -101,6 +102,7 @@ int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri,
 int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert)
 {
     CMS_OriginatorIdentifierOrKey *oik;
+
     if (ri->type != CMS_RECIPINFO_AGREE) {
         CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP,
                CMS_R_NOT_KEY_AGREEMENT);
@@ -121,6 +123,7 @@ int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek,
                                       X509_NAME **issuer, ASN1_INTEGER **sno)
 {
     CMS_KeyAgreeRecipientIdentifier *rid = rek->rid;
+
     if (rid->type == CMS_REK_ISSUER_SERIAL) {
         if (issuer)
             *issuer = rid->d.issuerAndSerialNumber->issuer;
@@ -152,6 +155,7 @@ int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek,
                                        X509 *cert)
 {
     CMS_KeyAgreeRecipientIdentifier *rid = rek->rid;
+
     if (rid->type == CMS_REK_ISSUER_SERIAL)
         return cms_ias_cert_cmp(rid->d.issuerAndSerialNumber, cert);
     else if (rid->type == CMS_REK_KEYIDENTIFIER)
@@ -170,7 +174,8 @@ int CMS_RecipientInfo_kari_set0_pkey_and_peer(CMS_RecipientInfo *ri, EVP_PKEY *p
     if (pk == NULL)
         return 1;
 
-    pctx = EVP_PKEY_CTX_new(pk, NULL);
+    pctx = EVP_PKEY_CTX_new_from_pkey(kari->cms_ctx->libctx, pk,
+                                      kari->cms_ctx->propq);
     if (pctx == NULL || EVP_PKEY_derive_init(pctx) <= 0)
         goto err;
 
@@ -215,6 +220,7 @@ static int cms_kek_cipher(unsigned char **pout, size_t *poutlen,
     int rv = 0;
     unsigned char *out = NULL;
     int outlen;
+
     keklen = EVP_CIPHER_CTX_key_length(kari->ctx);
     if (keklen > EVP_MAX_KEY_LENGTH)
         return 0;
@@ -303,8 +309,9 @@ static int cms_kari_create_ephemeral_key(CMS_KeyAgreeRecipientInfo *kari,
     EVP_PKEY_CTX *pctx = NULL;
     EVP_PKEY *ekey = NULL;
     int rv = 0;
+    const CMS_CTX *ctx = kari->cms_ctx;
 
-    pctx = EVP_PKEY_CTX_new(pk, NULL);
+    pctx = EVP_PKEY_CTX_new_from_pkey(ctx->libctx, pk, ctx->propq);
     if (pctx == NULL)
         goto err;
     if (EVP_PKEY_keygen_init(pctx) <= 0)
@@ -312,7 +319,7 @@ static int cms_kari_create_ephemeral_key(CMS_KeyAgreeRecipientInfo *kari,
     if (EVP_PKEY_keygen(pctx, &ekey) <= 0)
         goto err;
     EVP_PKEY_CTX_free(pctx);
-    pctx = EVP_PKEY_CTX_new(ekey, NULL);
+    pctx = EVP_PKEY_CTX_new_from_pkey(ctx->libctx, ekey, ctx->propq);
     if (pctx == NULL)
         goto err;
     if (EVP_PKEY_derive_init(pctx) <= 0)
@@ -327,12 +334,14 @@ static int cms_kari_create_ephemeral_key(CMS_KeyAgreeRecipientInfo *kari,
 }
 
 /* Set originator private key and initialise context based on it */
-static int cms_kari_set_originator_private_key(CMS_KeyAgreeRecipientInfo *kari, EVP_PKEY *originatorPrivKey )
+static int cms_kari_set_originator_private_key(CMS_KeyAgreeRecipientInfo *kari,
+                                               EVP_PKEY *originatorPrivKey )
 {
     EVP_PKEY_CTX *pctx = NULL;
     int rv = 0;
+    const CMS_CTX *ctx = kari->cms_ctx;
 
-    pctx = EVP_PKEY_CTX_new(originatorPrivKey, NULL);
+    pctx = EVP_PKEY_CTX_new_from_pkey(ctx->libctx, originatorPrivKey, ctx->propq);
     if (pctx == NULL)
         goto err;
     if (EVP_PKEY_derive_init(pctx) <= 0)
@@ -348,18 +357,22 @@ static int cms_kari_set_originator_private_key(CMS_KeyAgreeRecipientInfo *kari,
 
 /* Initialise a kari based on passed certificate and key */
 
-int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri,  X509 *recip, EVP_PKEY *recipPubKey, X509 * originator, EVP_PKEY *originatorPrivKey, unsigned int flags)
+int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri,  X509 *recip,
+                                EVP_PKEY *recipPubKey, X509 *originator,
+                                EVP_PKEY *originatorPrivKey, unsigned int flags,
+                                const CMS_CTX *ctx)
 {
     CMS_KeyAgreeRecipientInfo *kari;
     CMS_RecipientEncryptedKey *rek = NULL;
 
     ri->d.kari = M_ASN1_new_of(CMS_KeyAgreeRecipientInfo);
-    if (!ri->d.kari)
+    if (ri->d.kari == NULL)
         return 0;
     ri->type = CMS_RECIPINFO_AGREE;
 
     kari = ri->d.kari;
     kari->version = 3;
+    kari->cms_ctx = ctx;
 
     rek = M_ASN1_new_of(CMS_RecipientEncryptedKey);
     if (rek == NULL)
@@ -419,8 +432,11 @@ int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri,  X509 *recip, EVP_PKEY *r
 static int cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari,
                          const EVP_CIPHER *cipher)
 {
+    const CMS_CTX *cms_ctx = kari->cms_ctx;
     EVP_CIPHER_CTX *ctx = kari->ctx;
     const EVP_CIPHER *kekcipher;
+    EVP_CIPHER *fetched_kekcipher;
+    const char *kekcipher_name;
     int keylen;
     int ret;
 
@@ -444,8 +460,8 @@ static int cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari,
         if (kekcipher != NULL) {
              if (EVP_CIPHER_mode(kekcipher) != EVP_CIPH_WRAP_MODE)
                  return 0;
-
-             return EVP_EncryptInit_ex(ctx, kekcipher, NULL, NULL, NULL);
+             kekcipher_name = EVP_CIPHER_name(kekcipher);
+             goto enc;
         }
     }
 
@@ -455,16 +471,23 @@ static int cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari,
      */
 #ifndef OPENSSL_NO_DES
     if (EVP_CIPHER_type(cipher) == NID_des_ede3_cbc)
-        kekcipher = EVP_des_ede3_wrap();
+        kekcipher_name = SN_id_smime_alg_CMS3DESwrap;
     else
 #endif
     if (keylen <= 16)
-        kekcipher = EVP_aes_128_wrap();
+        kekcipher_name = SN_id_aes128_wrap;
     else if (keylen <= 24)
-        kekcipher = EVP_aes_192_wrap();
+        kekcipher_name = SN_id_aes192_wrap;
     else
-        kekcipher = EVP_aes_256_wrap();
-    return EVP_EncryptInit_ex(ctx, kekcipher, NULL, NULL, NULL);
+        kekcipher_name = SN_id_aes256_wrap;
+enc:
+    fetched_kekcipher = EVP_CIPHER_fetch(cms_ctx->libctx, kekcipher_name,
+                                         cms_ctx->propq);
+    if (fetched_kekcipher == NULL)
+        return 0;
+    ret = EVP_EncryptInit_ex(ctx, fetched_kekcipher, NULL, NULL, NULL);
+    EVP_CIPHER_free(fetched_kekcipher);
+    return ret;
 }
 
 /* Encrypt content key in key agreement recipient info */
@@ -542,5 +565,4 @@ int cms_RecipientInfo_kari_encrypt(const CMS_ContentInfo *cms,
     }
 
     return 1;
-
 }
diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c
index 6e2a20c4b3..61f965c6dc 100644
--- a/crypto/cms/cms_lib.c
+++ b/crypto/cms/cms_lib.c
@@ -14,24 +14,118 @@
 #include <openssl/bio.h>
 #include <openssl/asn1.h>
 #include <openssl/cms.h>
+#include <openssl/cms.h>
+#include "crypto/x509.h"
 #include "cms_local.h"
 
+static STACK_OF(CMS_CertificateChoices)
+**cms_get0_certificate_choices(CMS_ContentInfo *cms);
+
 DEFINE_STACK_OF(CMS_RevocationInfoChoice)
 DEFINE_STACK_OF(X509)
 DEFINE_STACK_OF(X509_CRL)
 
-IMPLEMENT_ASN1_FUNCTIONS(CMS_ContentInfo)
 IMPLEMENT_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
 
+CMS_ContentInfo *d2i_CMS_ContentInfo(CMS_ContentInfo **a,
+                                     const unsigned char **in, long len)
+{
+    CMS_ContentInfo *ci;
+
+    ci = (CMS_ContentInfo *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
+                                          (CMS_ContentInfo_it()));
+    if (ci != NULL && a != NULL)
+        cms_resolve_libctx(ci);
+    return ci;
+}
+
+int i2d_CMS_ContentInfo(const CMS_ContentInfo *a, unsigned char **out)
+{
+    return ASN1_item_i2d((const ASN1_VALUE *)a, out, (CMS_ContentInfo_it()));
+}
+
+CMS_ContentInfo *CMS_ContentInfo_new_with_libctx(OPENSSL_CTX *libctx,
+                                                 const char *propq)
+{
+    CMS_ContentInfo *ci;
+
+    ci = (CMS_ContentInfo *)ASN1_item_new(ASN1_ITEM_rptr(CMS_ContentInfo));
+    if (ci != NULL) {
+        ci->ctx.libctx = libctx;
+        ci->ctx.propq = NULL;
+        if (propq != NULL) {
+            ci->ctx.propq = OPENSSL_strdup(propq);
+            if (ci->ctx.propq == NULL) {
+                CMS_ContentInfo_free(ci);
+                ci = NULL;
+                ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+            }
+        }
+    }
+    return ci;
+}
+
+CMS_ContentInfo *CMS_ContentInfo_new(void)
+{
+    return CMS_ContentInfo_new_with_libctx(NULL, NULL);
+}
+
+void CMS_ContentInfo_free(CMS_ContentInfo *cms)
+{
+    if (cms != NULL) {
+        OPENSSL_free(cms->ctx.propq);
+        ASN1_item_free((ASN1_VALUE *)cms, ASN1_ITEM_rptr(CMS_ContentInfo));
+    }
+}
+
+const CMS_CTX *cms_get0_cmsctx(const CMS_ContentInfo *cms)
+{
+    return cms != NULL ? &cms->ctx : NULL;
+}
+
+OPENSSL_CTX *cms_ctx_get0_libctx(const CMS_CTX *ctx)
+{
+    return ctx->libctx;
+}
+
+const char *cms_ctx_get0_propq(const CMS_CTX *ctx)
+{
+    return ctx->propq;
+}
+
+void cms_resolve_libctx(CMS_ContentInfo *ci)
+{
+    int i;
+    CMS_CertificateChoices *cch;
+    STACK_OF(CMS_CertificateChoices) **pcerts;
+    const CMS_CTX *ctx;
+
+    if (ci == NULL)
+        return;
+
+    ctx = cms_get0_cmsctx(ci);
+    cms_SignerInfos_set_cmsctx(ci);
+    cms_RecipientInfos_set_cmsctx(ci);
+
+    pcerts = cms_get0_certificate_choices(ci);
+    if (pcerts != NULL) {
+        for (i = 0; i < sk_CMS_CertificateChoices_num(*pcerts); i++) {
+            cch = sk_CMS_CertificateChoices_value(*pcerts, i);
+            if (cch->type == CMS_CERTCHOICE_CERT)
+                x509_set0_libctx(cch->d.certificate, ctx->libctx, ctx->propq);
+        }
+    }
+}
+
 const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms)
 {
     return cms->contentType;
 }
 
-CMS_ContentInfo *cms_Data_create(void)
+CMS_ContentInfo *cms_Data_create(OPENSSL_CTX *libctx, const char *propq)
 {
-    CMS_ContentInfo *cms;
-    cms = CMS_ContentInfo_new();
+    CMS_ContentInfo *cms = CMS_ContentInfo_new_with_libctx(libctx, propq);
+
     if (cms != NULL) {
         cms->contentType = OBJ_nid2obj(NID_pkcs7_data);
         /* Never detached */
@@ -295,14 +389,18 @@ int CMS_set_detached(CMS_ContentInfo *cms, int detached)
 
 /* Create a digest BIO from an X509_ALGOR structure */
 
-BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm)
+BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm,
+                                  const CMS_CTX *ctx)
 {
     BIO *mdbio = NULL;
     const ASN1_OBJECT *digestoid;
-    const EVP_MD *digest;
+    EVP_MD *digest = NULL;
+    const char *alg;
+
     X509_ALGOR_get0(&digestoid, NULL, NULL, digestAlgorithm);
-    digest = EVP_get_digestbyobj(digestoid);
-    if (!digest) {
+    alg = OBJ_nid2sn(OBJ_obj2nid(digestoid));
+    digest = EVP_MD_fetch(ctx->libctx, alg, ctx->propq);
+    if (digest == NULL) {
         CMSerr(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO,
                CMS_R_UNKNOWN_DIGEST_ALGORITHM);
         goto err;
@@ -312,8 +410,10 @@ BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm)
         CMSerr(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO, CMS_R_MD_BIO_INIT_ERROR);
         goto err;
     }
+    EVP_MD_free(digest);
     return mdbio;
  err:
+    EVP_MD_free(digest);
     BIO_free(mdbio);
     return NULL;
 }
diff --git a/crypto/cms/cms_local.h b/crypto/cms/cms_local.h
index 68c885622b..4e85459a54 100644
--- a/crypto/cms/cms_local.h
+++ b/crypto/cms/cms_local.h
@@ -43,6 +43,12 @@ typedef struct CMS_KEKRecipientInfo_st CMS_KEKRecipientInfo;
 typedef struct CMS_PasswordRecipientInfo_st CMS_PasswordRecipientInfo;
 typedef struct CMS_OtherRecipientInfo_st CMS_OtherRecipientInfo;
 typedef struct CMS_ReceiptsFrom_st CMS_ReceiptsFrom;
+typedef struct CMS_CTX_st CMS_CTX;
+
+struct CMS_CTX_st {
+    OPENSSL_CTX *libctx;
+    char *propq;
+};
 
 struct CMS_ContentInfo_st {
     ASN1_OBJECT *contentType;
@@ -58,6 +64,7 @@ struct CMS_ContentInfo_st {
         /* Other types ... */
         void *otherData;
     } d;
+    CMS_CTX ctx;
 };
 
 DEFINE_STACK_OF(CMS_CertificateChoices)
@@ -92,6 +99,7 @@ struct CMS_SignerInfo_st {
     /* Digest and public key context for alternative parameters */
     EVP_MD_CTX *mctx;
     EVP_PKEY_CTX *pctx;
+    const CMS_CTX *cms_ctx;
 };
 
 struct CMS_SignerIdentifier_st {
@@ -152,6 +160,7 @@ struct CMS_KeyTransRecipientInfo_st {
     EVP_PKEY *pkey;
     /* Public key context for this operation */
     EVP_PKEY_CTX *pctx;
+    const CMS_CTX *cms_ctx;
 };
 
 struct CMS_KeyAgreeRecipientInfo_st {
@@ -164,6 +173,7 @@ struct CMS_KeyAgreeRecipientInfo_st {
     EVP_PKEY_CTX *pctx;
     /* Cipher context for CEK wrapping */
     EVP_CIPHER_CTX *ctx;
+    const CMS_CTX *cms_ctx;
 };
 
 struct CMS_OriginatorIdentifierOrKey_st {
@@ -209,6 +219,7 @@ struct CMS_KEKRecipientInfo_st {
     /* Extra info: symmetric key to use */
     unsigned char *key;
     size_t keylen;
+    const CMS_CTX *cms_ctx;
 };
 
 struct CMS_KEKIdentifier_st {
@@ -225,6 +236,7 @@ struct CMS_PasswordRecipientInfo_st {
     /* Extra info: password to use */
     unsigned char *pass;
     size_t passlen;
+    const CMS_CTX *cms_ctx;
 };
 
 struct CMS_OtherRecipientInfo_st {
@@ -363,27 +375,34 @@ DECLARE_ASN1_ALLOC_FUNCTIONS(CMS_IssuerAndSerialNumber)
 # define CMS_OIK_PUBKEY                  2
 
 BIO *cms_content_bio(CMS_ContentInfo *cms);
+const CMS_CTX *cms_get0_cmsctx(const CMS_ContentInfo *cms);
+OPENSSL_CTX *cms_ctx_get0_libctx(const CMS_CTX *ctx);
+const char *cms_ctx_get0_propq(const CMS_CTX *ctx);
+void cms_resolve_libctx(CMS_ContentInfo *ci);
 
-CMS_ContentInfo *cms_Data_create(void);
+CMS_ContentInfo *cms_Data_create(OPENSSL_CTX *ctx, const char *propq);
 
-CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md);
+CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md,
+                                         OPENSSL_CTX *libctx, const char *propq);
 BIO *cms_DigestedData_init_bio(const CMS_ContentInfo *cms);
 int cms_DigestedData_do_final(const CMS_ContentInfo *cms, BIO *chain, int verify);
 
 BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms);
 int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain);
 int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert,
-                              int type);
+                              int type, const CMS_CTX *ctx);
 int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
                                         ASN1_OCTET_STRING **keyid,
                                         X509_NAME **issuer,
                                         ASN1_INTEGER **sno);
 int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert);
 
-CMS_ContentInfo *cms_CompressedData_create(int comp_nid);
+CMS_ContentInfo *cms_CompressedData_create(int comp_nid, OPENSSL_CTX *libctx,
+                                           const char *propq);
 BIO *cms_CompressedData_init_bio(const CMS_ContentInfo *cms);
 
-BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm);
+BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm,
+                                  const CMS_CTX *ctx);
 int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
                                  X509_ALGOR *mdalg);
 
@@ -392,11 +411,13 @@ int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert);
 int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert);
 int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert);
 
-BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec);
+BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec,
+                                   const CMS_CTX *ctx);
 BIO *cms_EncryptedData_init_bio(const CMS_ContentInfo *cms);
 int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
                               const EVP_CIPHER *cipher,
-                              const unsigned char *key, size_t keylen);
+                              const unsigned char *key, size_t keylen,
+                              const CMS_CTX *ctx);
 
 int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms);
 int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src);
@@ -405,21 +426,29 @@ ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si);
 BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms);
 int cms_EnvelopedData_final(CMS_ContentInfo *cms, BIO *chain);
 CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms);
+
+/* RecipientInfo routines */
 int cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd);
 int cms_pkey_get_ri_type(EVP_PKEY *pk);
 int cms_pkey_is_ri_type_supported(EVP_PKEY *pk, int ri_type);
+
+void cms_RecipientInfos_set_cmsctx(CMS_ContentInfo *cms);
+
 /* KARI routines */
 int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
                                 EVP_PKEY *recipPubKey, X509 *originator,
-                                EVP_PKEY *originatorPrivKey, unsigned int flags);
+                                EVP_PKEY *originatorPrivKey, unsigned int flags,
+                                const CMS_CTX *ctx);
 int cms_RecipientInfo_kari_encrypt(const CMS_ContentInfo *cms,
                                    CMS_RecipientInfo *ri);
 
 /* PWRI routines */
-int cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
-                                 int en_de);
+int cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms,
+                                 CMS_RecipientInfo *ri, int en_de);
 /* SignerInfo routines */
 int CMS_si_check_attributes(const CMS_SignerInfo *si);
+void cms_SignerInfos_set_cmsctx(CMS_ContentInfo *cms);
+
 
 /* ESS routines */
 int ess_check_signing_certs(CMS_SignerInfo *si, STACK_OF(X509) *chain);
diff --git a/crypto/cms/cms_pwri.c b/crypto/cms/cms_pwri.c
index 4726165234..1ca5a7ee07 100644
--- a/crypto/cms/cms_pwri.c
+++ b/crypto/cms/cms_pwri.c
@@ -51,6 +51,7 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
     X509_ALGOR *encalg = NULL;
     unsigned char iv[EVP_MAX_IV_LENGTH];
     int ivlen;
+    const CMS_CTX *cms_ctx = cms_get0_cmsctx(cms);
 
     env = cms_get0_enveloped(cms);
     if (!env)
@@ -91,7 +92,7 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
     ivlen = EVP_CIPHER_CTX_iv_length(ctx);
 
     if (ivlen > 0) {
-        if (RAND_bytes(iv, ivlen) <= 0)
+        if (RAND_bytes_ex(cms_ctx->libctx, iv, ivlen) <= 0)
             goto err;
         if (EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv) <= 0) {
             CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB);
@@ -125,6 +126,7 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
     ri->type = CMS_RECIPINFO_PASS;
 
     pwri = ri->d.pwri;
+    pwri->cms_ctx = cms_ctx;
     /* Since this is overwritten, free up empty structure already there */
     X509_ALGOR_free(pwri->keyEncryptionAlgorithm);
     pwri->keyEncryptionAlgorithm = X509_ALGOR_new();
@@ -232,7 +234,7 @@ static int kek_unwrap_key(unsigned char *out, size_t *outlen,
 
 static int kek_wrap_key(unsigned char *out, size_t *outlen,
                         const unsigned char *in, size_t inlen,
-                        EVP_CIPHER_CTX *ctx)
+                        EVP_CIPHER_CTX *ctx, const CMS_CTX *cms_ctx)
 {
     size_t blocklen = EVP_CIPHER_CTX_block_size(ctx);
     size_t olen;
@@ -260,7 +262,8 @@ static int kek_wrap_key(unsigned char *out, size_t *outlen,
         memcpy(out + 4, in, inlen);
         /* Add random padding to end */
         if (olen > inlen + 4
-            && RAND_bytes(out + 4 + inlen, olen - 4 - inlen) <= 0)
+            && RAND_bytes_ex(cms_ctx->libctx, out + 4 + inlen,
+                             olen - 4 - inlen) <= 0)
             return 0;
         /* Encrypt twice */
         if (!EVP_EncryptUpdate(ctx, out, &dummy, out, olen)
@@ -275,17 +278,19 @@ static int kek_wrap_key(unsigned char *out, size_t *outlen,
 
 /* Encrypt/Decrypt content key in PWRI recipient info */
 
-int cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
-                                 int en_de)
+int cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms,
+                                 CMS_RecipientInfo *ri, int en_de)
 {
     CMS_EncryptedContentInfo *ec;
     CMS_PasswordRecipientInfo *pwri;
     int r = 0;
     X509_ALGOR *algtmp, *kekalg = NULL;
     EVP_CIPHER_CTX *kekctx = NULL;
-    const EVP_CIPHER *kekcipher;
+    const char *name;
+    EVP_CIPHER *kekcipher;
     unsigned char *key = NULL;
     size_t keylen;
+    const CMS_CTX *cms_ctx = cms_get0_cmsctx(cms);
 
     ec = cms->d.envelopedData->encryptedContentInfo;
 
@@ -312,17 +317,18 @@ int cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms, CMS_RecipientInfo *
         return 0;
     }
 
-    kekcipher = EVP_get_cipherbyobj(kekalg->algorithm);
+    name = OBJ_nid2sn(OBJ_obj2nid(kekalg->algorithm));
+    kekcipher = EVP_CIPHER_fetch(cms_ctx->libctx, name, cms_ctx->propq);
 
-    if (!kekcipher) {
+    if (kekcipher == NULL) {
         CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_UNKNOWN_CIPHER);
-        return 0;
+        goto err;
     }
 
     kekctx = EVP_CIPHER_CTX_new();
     if (kekctx == NULL) {
         CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, ERR_R_MALLOC_FAILURE);
-        return 0;
+        goto err;
     }
     /* Fixup cipher based on AlgorithmIdentifier to set IV etc */
     if (!EVP_CipherInit_ex(kekctx, kekcipher, NULL, NULL, NULL, en_de))
@@ -349,7 +355,7 @@ int cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms, CMS_RecipientInfo *
 
     if (en_de) {
 
-        if (!kek_wrap_key(NULL, &keylen, ec->key, ec->keylen, kekctx))
+        if (!kek_wrap_key(NULL, &keylen, ec->key, ec->keylen, kekctx, cms_ctx))
             goto err;
 
         key = OPENSSL_malloc(keylen);
@@ -357,7 +363,7 @@ int cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms, CMS_RecipientInfo *
         if (key == NULL)
             goto err;
 
-        if (!kek_wrap_key(key, &keylen, ec->key, ec->keylen, kekctx))
+        if (!kek_wrap_key(key, &keylen, ec->key, ec->keylen, kekctx, cms_ctx))
             goto err;
         pwri->encryptedKey->data = key;
         pwri->encryptedKey->length = keylen;
@@ -384,7 +390,7 @@ int cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms, CMS_RecipientInfo *
     r = 1;
 
  err:
-
+    EVP_CIPHER_free(kekcipher);
     EVP_CIPHER_CTX_free(kekctx);
 
     if (!r)
diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c
index 54a836028f..9b345de553 100644
--- a/crypto/cms/cms_sd.c
+++ b/crypto/cms/cms_sd.c
@@ -67,6 +67,7 @@ int CMS_SignedData_init(CMS_ContentInfo *cms)
         return 0;
 }
 
+
 /* Check structures and fixup version numbers (if necessary) */
 
 static void cms_sd_set_version(CMS_SignedData *sd)
@@ -146,9 +147,11 @@ static int cms_copy_messageDigest(CMS_ContentInfo *cms, CMS_SignerInfo *si)
     STACK_OF(CMS_SignerInfo) *sinfos;
     CMS_SignerInfo *sitmp;
     int i;
+
     sinfos = CMS_get0_SignerInfos(cms);
     for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
         ASN1_OCTET_STRING *messageDigest;
+
         sitmp = sk_CMS_SignerInfo_value(sinfos, i);
         if (sitmp == si)
             continue;
@@ -178,7 +181,8 @@ static int cms_copy_messageDigest(CMS_ContentInfo *cms, CMS_SignerInfo *si)
     return 0;
 }
 
-int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type)
+int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type,
+                              const CMS_CTX *ctx)
 {
     switch (type) {
     case CMS_SIGNERINFO_ISSUER_SERIAL:
@@ -233,6 +237,7 @@ static int cms_sd_asn1_ctrl(CMS_SignerInfo *si, int cmd)
 {
     EVP_PKEY *pkey = si->pkey;
     int i;
+
     if (pkey->ameth == NULL || pkey->ameth->pkey_ctrl == NULL)
         return 1;
     i = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_CMS_SIGN, cmd, si);
@@ -255,6 +260,8 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
     CMS_SignerInfo *si = NULL;
     X509_ALGOR *alg;
     int i, type;
+    const CMS_CTX *ctx = cms_get0_cmsctx(cms);
+
     if (!X509_check_private_key(signer, pk)) {
         CMSerr(CMS_F_CMS_ADD1_SIGNER,
                CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
@@ -272,6 +279,7 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
     X509_up_ref(signer);
     EVP_PKEY_up_ref(pk);
 
+    si->cms_ctx = ctx;
     si->pkey = pk;
     si->signer = signer;
     si->mctx = EVP_MD_CTX_new();
@@ -292,7 +300,7 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
         si->version = 1;
     }
 
-    if (!cms_set1_SignerIdentifier(si->sid, signer, type))
+    if (!cms_set1_SignerIdentifier(si->sid, signer, type, ctx))
         goto err;
 
     if (md == NULL) {
@@ -311,6 +319,11 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
         goto err;
     }
 
+    if (md == NULL) {
+        CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_NO_DIGEST_SET);
+        goto err;
+    }
+
     X509_ALGOR_set_md(si->digestAlgorithm, md);
 
     /* See if digest is present in digestAlgorithms */
@@ -395,15 +408,20 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
 
     if (flags & CMS_KEY_PARAM) {
         if (flags & CMS_NOATTR) {
-            si->pctx = EVP_PKEY_CTX_new(si->pkey, NULL);
+            si->pctx = EVP_PKEY_CTX_new_from_pkey(ctx->libctx, si->pkey,
+                                                  ctx->propq);
             if (si->pctx == NULL)
                 goto err;
             if (EVP_PKEY_sign_init(si->pctx) <= 0)
                 goto err;
             if (EVP_PKEY_CTX_set_signature_md(si->pctx, md) <= 0)
                 goto err;
-        } else if (EVP_DigestSignInit(si->mctx, &si->pctx, md, NULL, pk) <= 0)
+        } else if (EVP_DigestSignInit_with_libctx(si->mctx, &si->pctx,
+                                                  EVP_MD_name(md),
+                                                  ctx->libctx, ctx->propq,
+                                                  pk) <= 0) {
             goto err;
+        }
     }
 
     if (!sd->signerInfos)
@@ -421,16 +439,31 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
 
 }
 
+void cms_SignerInfos_set_cmsctx(CMS_ContentInfo *cms)
+{
+    int i;
+    CMS_SignerInfo *si;
+    STACK_OF(CMS_SignerInfo) *sinfos = CMS_get0_SignerInfos(cms);
+    const CMS_CTX *ctx = cms_get0_cmsctx(cms);
+
+    for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
+        si = sk_CMS_SignerInfo_value(sinfos, i);
+        if (si != NULL)
+            si->cms_ctx = ctx;
+    }
+}
+
 static int cms_add1_signingTime(CMS_SignerInfo *si, ASN1_TIME *t)
 {
     ASN1_TIME *tt;
     int r = 0;
-    if (t)
+
+    if (t != NULL)
         tt = t;
     else
         tt = X509_gmtime_adj(NULL, 0);
 
-    if (!tt)
+    if (tt == NULL)
         goto merr;
 
     if (CMS_signed_add1_attr_by_NID(si, NID_pkcs9_signingTime,
@@ -438,10 +471,8 @@ static int cms_add1_signingTime(CMS_SignerInfo *si, ASN1_TIME *t)
         goto merr;
 
     r = 1;
-
  merr:
-
-    if (!t)
+    if (t == NULL)
         ASN1_TIME_free(tt);
 
     if (!r)
@@ -463,11 +494,9 @@ EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si)
 
 STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms)
 {
-    CMS_SignedData *sd;
-    sd = cms_get0_signed(cms);
-    if (!sd)
-        return NULL;
-    return sd->signerInfos;
+    CMS_SignedData *sd = cms_get0_signed(cms);
+
+    return sd != NULL ? sd->signerInfos : NULL;
 }
 
 STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms)
@@ -476,13 +505,14 @@ STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms)
     STACK_OF(CMS_SignerInfo) *sinfos;
     CMS_SignerInfo *si;
     int i;
+
     sinfos = CMS_get0_SignerInfos(cms);
     for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
         si = sk_CMS_SignerInfo_value(sinfos, i);
-        if (si->signer) {
-            if (!signers) {
+        if (si->signer != NULL) {
+            if (signers == NULL) {
                 signers = sk_X509_new_null();
-                if (!signers)
+                if (signers == NULL)
                     return NULL;
             }
             if (!sk_X509_push(signers, si->signer)) {
@@ -496,7 +526,7 @@ STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms)
 
 void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer)
 {
-    if (signer) {
+    if (signer != NULL) {
         X509_up_ref(signer);
         EVP_PKEY_free(si->pkey);
         si->pkey = X509_get_pubkey(signer);
@@ -527,13 +557,14 @@ int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *scerts,
     X509 *x;
     int i, j;
     int ret = 0;
+
     sd = cms_get0_signed(cms);
-    if (!sd)
+    if (sd == NULL)
         return -1;
     certs = sd->certificates;
     for (i = 0; i < sk_CMS_SignerInfo_num(sd->signerInfos); i++) {
         si = sk_CMS_SignerInfo_value(sd->signerInfos, i);
-        if (si->signer)
+        if (si->signer != NULL)
             continue;
 
         for (j = 0; j < sk_X509_num(scerts); j++) {
@@ -545,7 +576,7 @@ int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *scerts,
             }
         }
 
-        if (si->signer || (flags & CMS_NOINTERN))
+        if (si->signer != NULL || (flags & CMS_NOINTERN))
             continue;
 
         for (j = 0; j < sk_CMS_CertificateChoices_num(certs); j++) {
@@ -567,13 +598,13 @@ void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk,
                               X509 **signer, X509_ALGOR **pdig,
                               X509_ALGOR **psig)
 {
-    if (pk)
+    if (pk != NULL)
         *pk = si->pkey;
-    if (signer)
+    if (signer != NULL)
         *signer = si->signer;
-    if (pdig)
+    if (pdig != NULL)
         *pdig = si->digestAlgorithm;
-    if (psig)
+    if (psig != NULL)
         *psig = si->signatureAlgorithm;
 }
 
@@ -588,13 +619,14 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
     EVP_MD_CTX *mctx = EVP_MD_CTX_new();
     int r = 0;
     EVP_PKEY_CTX *pctx = NULL;
+    const CMS_CTX *ctx = cms_get0_cmsctx(cms);
 
     if (mctx == NULL) {
         CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, ERR_R_MALLOC_FAILURE);
         return 0;
     }
 
-    if (!si->pkey) {
+    if (si->pkey == NULL) {
         CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_NO_PRIVATE_KEY);
         goto err;
     }
@@ -612,6 +644,7 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
     if (CMS_signed_get_attr_count(si) >= 0) {
         unsigned char md[EVP_MAX_MD_SIZE];
         unsigned int mdlen;
+
         if (!EVP_DigestFinal_ex(mctx, md, &mdlen))
             goto err;
         if (!CMS_signed_add1_attr_by_NID(si, NID_pkcs9_messageDigest,
@@ -628,6 +661,7 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
         size_t siglen;
         unsigned char md[EVP_MAX_MD_SIZE];
         unsigned int mdlen;
+
         pctx = si->pctx;
         if (!EVP_DigestFinal_ex(mctx, md, &mdlen))
             goto err;
@@ -645,12 +679,14 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
     } else {
         unsigned char *sig;
         unsigned int siglen;
+
         sig = OPENSSL_malloc(EVP_PKEY_size(si->pkey));
         if (sig == NULL) {
             CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, ERR_R_MALLOC_FAILURE);
             goto err;
         }
-        if (!EVP_SignFinal(mctx, sig, &siglen, si->pkey)) {
+        if (!EVP_SignFinal_with_libctx(mctx, sig, &siglen, si->pkey,
+                                       ctx->libctx, ctx->propq)) {
             CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_SIGNFINAL_ERROR);
             OPENSSL_free(sig);
             goto err;
@@ -672,6 +708,7 @@ int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain)
     STACK_OF(CMS_SignerInfo) *sinfos;
     CMS_SignerInfo *si;
     int i;
+
     sinfos = CMS_get0_SignerInfos(cms);
     for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
         si = sk_CMS_SignerInfo_value(sinfos, i);
@@ -689,10 +726,10 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si)
     unsigned char *abuf = NULL;
     int alen;
     size_t siglen;
-    const EVP_MD *md = NULL;
+    const CMS_CTX *ctx = si->cms_ctx;
+    const char *md_name = OBJ_nid2sn(OBJ_obj2nid(si->digestAlgorithm->algorithm));
 
-    md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
-    if (md == NULL)
+    if (md_name == NULL)
         return 0;
 
     if (CMS_signed_get_attr_by_NID(si, NID_pkcs9_signingTime, -1) < 0) {
@@ -707,7 +744,9 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si)
         pctx = si->pctx;
     else {
         EVP_MD_CTX_reset(mctx);
-        if (EVP_DigestSignInit(mctx, &pctx, md, NULL, si->pkey) <= 0)
+        if (EVP_DigestSignInit_with_libctx(mctx, &pctx,
+                                           md_name, ctx->libctx, ctx->propq,
+                                           si->pkey) <= 0)
             goto err;
         si->pctx = pctx;
     }
@@ -780,9 +819,11 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si)
     EVP_MD_CTX *mctx = NULL;
     unsigned char *abuf = NULL;
     int alen, r = -1;
-    const EVP_MD *md = NULL;
+    const char *name;
+    EVP_MD *md = NULL;
+    const CMS_CTX *ctx = si->cms_ctx;
 
-    if (!si->pkey) {
+    if (si->pkey == NULL) {
         CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, CMS_R_NO_PUBLIC_KEY);
         return -1;
     }
@@ -790,15 +831,18 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si)
     if (!CMS_si_check_attributes(si))
         return -1;
 
-    md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
+    name = OBJ_nid2sn(OBJ_obj2nid(si->digestAlgorithm->algorithm));
+    md = EVP_MD_fetch(ctx->libctx, name, ctx->propq);
     if (md == NULL)
         return -1;
     if (si->mctx == NULL && (si->mctx = EVP_MD_CTX_new()) == NULL) {
         CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, ERR_R_MALLOC_FAILURE);
-        return -1;
+        goto err;
     }
     mctx = si->mctx;
-    if (EVP_DigestVerifyInit(mctx, &si->pctx, md, NULL, si->pkey) <= 0)
+    if (EVP_DigestVerifyInit_with_libctx(mctx, &si->pctx,
+                                         EVP_MD_name(md), ctx->libctx, NULL,
+                                         si->pkey) <= 0)
         goto err;
 
     if (!cms_sd_asn1_ctrl(si, 1))
@@ -819,6 +863,7 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si)
     if (r <= 0)
         CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, CMS_R_VERIFICATION_FAILURE);
  err:
+    EVP_MD_free(md);
     EVP_MD_CTX_reset(mctx);
     return r;
 }
@@ -830,19 +875,21 @@ BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms)
     int i;
     CMS_SignedData *sd;
     BIO *chain = NULL;
+
     sd = cms_get0_signed(cms);
-    if (!sd)
+    if (sd == NULL)
         return NULL;
     if (cms->d.signedData->encapContentInfo->partial)
         cms_sd_set_version(sd);
     for (i = 0; i < sk_X509_ALGOR_num(sd->digestAlgorithms); i++) {
         X509_ALGOR *digestAlgorithm;
         BIO *mdbio;
+
         digestAlgorithm = sk_X509_ALGOR_value(sd->digestAlgorithms, i);
-        mdbio = cms_DigestAlgorithm_init_bio(digestAlgorithm);
-        if (!mdbio)
+        mdbio = cms_DigestAlgorithm_init_bio(digestAlgorithm, cms_get0_cmsctx(cms));
+        if (mdbio == NULL)
             goto err;
-        if (chain)
+        if (chain != NULL)
             BIO_push(chain, mdbio);
         else
             chain = mdbio;
@@ -871,7 +918,7 @@ int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
         os = CMS_signed_get0_data_by_OBJ(si,
                                          OBJ_nid2obj(NID_pkcs9_messageDigest),
                                          -3, V_ASN1_OCTET_STRING);
-        if (!os) {
+        if (os == NULL) {
             CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
                    CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE);
             goto err;
@@ -889,7 +936,7 @@ int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
 
     /* If messageDigest found compare it */
 
-    if (os) {
+    if (os != NULL) {
         if (mlen != (unsigned int)os->length) {
             CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
                    CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH);
@@ -904,7 +951,9 @@ int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
             r = 1;
     } else {
         const EVP_MD *md = EVP_MD_CTX_md(mctx);
-        pkctx = EVP_PKEY_CTX_new(si->pkey, NULL);
+        const CMS_CTX *ctx = si->cms_ctx;
+
+        pkctx = EVP_PKEY_CTX_new_from_pkey(ctx->libctx, si->pkey, ctx->propq);
         if (pkctx == NULL)
             goto err;
         if (EVP_PKEY_verify_init(pkctx) <= 0)
@@ -934,6 +983,7 @@ int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs)
 {
     unsigned char *smder = NULL;
     int smderlen, r;
+
     smderlen = i2d_X509_ALGORS(algs, &smder);
     if (smderlen <= 0)
         return 0;
@@ -948,6 +998,7 @@ int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
 {
     X509_ALGOR *alg;
     ASN1_INTEGER *key = NULL;
+
     if (keysize > 0) {
         key = ASN1_INTEGER_new();
         if (key == NULL || !ASN1_INTEGER_set(key, keysize)) {
diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c
index a83edce0f7..11c9fed1a8 100644
--- a/crypto/cms/cms_smime.c
+++ b/crypto/cms/cms_smime.c
@@ -25,6 +25,7 @@ DEFINE_STACK_OF(CMS_RecipientInfo)
 static BIO *cms_get_text_bio(BIO *out, unsigned int flags)
 {
     BIO *rbio;
+
     if (out == NULL)
         rbio = BIO_new(BIO_s_null());
     else if (flags & CMS_TEXT) {
@@ -61,7 +62,7 @@ static int cms_copy_content(BIO *out, BIO *in, unsigned int flags)
             break;
         }
 
-        if (tmpout && (BIO_write(tmpout, buf, i) != i))
+        if (tmpout != NULL && (BIO_write(tmpout, buf, i) != i))
             goto err;
     }
 
@@ -73,7 +74,6 @@ static int cms_copy_content(BIO *out, BIO *in, unsigned int flags)
     }
 
     r = 1;
-
  err:
     if (tmpout != out)
         BIO_free(tmpout);
@@ -96,62 +96,73 @@ static void do_free_upto(BIO *f, BIO *upto)
 {
     if (upto != NULL) {
         BIO *tbio;
+
         do {
             tbio = BIO_pop(f);
             BIO_free(f);
             f = tbio;
         } while (f != NULL && f != upto);
-    } else
+    } else {
         BIO_free_all(f);
+    }
 }
 
 int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags)
 {
     BIO *cont;
     int r;
+
     if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_data) {
         CMSerr(CMS_F_CMS_DATA, CMS_R_TYPE_NOT_DATA);
         return 0;
     }
     cont = CMS_dataInit(cms, NULL);
-    if (!cont)
+    if (cont == NULL)
         return 0;
     r = cms_copy_content(out, cont, flags);
     BIO_free_all(cont);
     return r;
 }
 
-CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags)
+CMS_ContentInfo *CMS_data_create_with_libctx(BIO *in, unsigned int flags,
+                                             OPENSSL_CTX *libctx,
+                                             const char *propq)
 {
-    CMS_ContentInfo *cms;
-    cms = cms_Data_create();
-    if (!cms)
+    CMS_ContentInfo *cms = cms_Data_create(libctx, propq);
+
+    if (cms == NULL)
         return NULL;
 
     if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags))
         return cms;
 
     CMS_ContentInfo_free(cms);
-
     return NULL;
 }
 
+CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags)
+{
+    return CMS_data_create_with_libctx(in, flags, NULL, NULL);
+}
+
 int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
                       unsigned int flags)
 {
     BIO *cont;
     int r;
+
     if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_digest) {
         CMSerr(CMS_F_CMS_DIGEST_VERIFY, CMS_R_TYPE_NOT_DIGESTED_DATA);
         return 0;
     }
 
-    if (!dcont && !check_content(cms))
+    if (dcont == NULL && !check_content(cms))
         return 0;
 
     cont = CMS_dataInit(cms, dcont);
-    if (!cont)
+    if (cont == NULL)
         return 0;
+
     r = cms_copy_content(out, cont, flags);
     if (r)
         r = cms_DigestedData_do_final(cms, cont, 1);
@@ -159,14 +170,18 @@ int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
     return r;
 }
 
-CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
-                                   unsigned int flags)
+CMS_ContentInfo *CMS_digest_create_with_libctx(BIO *in,
+                                               const EVP_MD *md,
+                                               unsigned int flags,
+                                               OPENSSL_CTX *ctx,
+                                               const char *propq)
 {
     CMS_ContentInfo *cms;
-    if (!md)
+
+    if (md == NULL)
         md = EVP_sha1();
-    cms = cms_DigestedData_create(md);
-    if (!cms)
+    cms = cms_DigestedData_create(md, ctx, propq);
+    if (cms == NULL)
         return NULL;
 
     if (!(flags & CMS_DETACHED))
@@ -179,41 +194,53 @@ CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
     return NULL;
 }
 
+CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
+                                   unsigned int flags)
+{
+    return CMS_digest_create_with_libctx(in, md, flags, NULL, NULL);
+}
+
 int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
                               const unsigned char *key, size_t keylen,
                               BIO *dcont, BIO *out, unsigned int flags)
 {
     BIO *cont;
     int r;
+
     if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_encrypted) {
         CMSerr(CMS_F_CMS_ENCRYPTEDDATA_DECRYPT,
                CMS_R_TYPE_NOT_ENCRYPTED_DATA);
         return 0;
     }
 
-    if (!dcont && !check_content(cms))
+    if (dcont == NULL && !check_content(cms))
         return 0;
 
     if (CMS_EncryptedData_set1_key(cms, NULL, key, keylen) <= 0)
         return 0;
     cont = CMS_dataInit(cms, dcont);
-    if (!cont)
+    if (cont == NULL)
         return 0;
     r = cms_copy_content(out, cont, flags);
     do_free_upto(cont, dcont);
     return r;
 }
 
-CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
-                                           const unsigned char *key,
-                                           size_t keylen, unsigned int flags)
+CMS_ContentInfo *CMS_EncryptedData_encrypt_with_libctx(BIO *in,
+                                                       const EVP_CIPHER *cipher,
+                                                       const unsigned char *key,
+                                                       size_t keylen,
+                                                       unsigned int flags,
+                                                       OPENSSL_CTX *libctx,
+                                                       const char *propq)
 {
     CMS_ContentInfo *cms;
-    if (!cipher) {
-        CMSerr(CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT, CMS_R_NO_CIPHER);
+
+    if (cipher == NULL) {
+        CMSerr(0, CMS_R_NO_CIPHER);
         return NULL;
     }
-    cms = CMS_ContentInfo_new();
+    cms = CMS_ContentInfo_new_with_libctx(libctx, propq);
     if (cms == NULL)
         return NULL;
     if (!CMS_EncryptedData_set1_key(cms, cipher, key, keylen))
@@ -230,16 +257,26 @@ CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
     return NULL;
 }
 
+CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
+                                           const unsigned char *key,
+                                           size_t keylen, unsigned int flags)
+{
+    return CMS_EncryptedData_encrypt_with_libctx(in, cipher, key, keylen, flags,
+                                                 NULL, NULL);
+}
+
 static int cms_signerinfo_verify_cert(CMS_SignerInfo *si,
                                       X509_STORE *store,
                                       STACK_OF(X509) *certs,
                                       STACK_OF(X509_CRL) *crls,
-                                      STACK_OF(X509) **chain)
+                                      STACK_OF(X509) **chain,
+                                      const CMS_CTX *cms_ctx)
 {
-    X509_STORE_CTX *ctx = X509_STORE_CTX_new();
+    X509_STORE_CTX *ctx;
     X509 *signer;
     int i, j, r = 0;
 
+    ctx = X509_STORE_CTX_new_with_libctx(cms_ctx->libctx, cms_ctx->propq);
     if (ctx == NULL) {
         CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
         goto err;
@@ -250,7 +287,7 @@ static int cms_signerinfo_verify_cert(CMS_SignerInfo *si,
         goto err;
     }
     X509_STORE_CTX_set_default(ctx, "smime_sign");
-    if (crls)
+    if (crls != NULL)
         X509_STORE_CTX_set0_crls(ctx, crls);
 
     i = X509_verify_cert(ctx);
@@ -285,11 +322,13 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
     int i, scount = 0, ret = 0;
     BIO *cmsbio = NULL, *tmpin = NULL, *tmpout = NULL;
     int cadesVerify = (flags & CMS_CADES) != 0;
+    const CMS_CTX *ctx = cms_get0_cmsctx(cms);
 
-    if (!dcont && !check_content(cms))
+    if (dcont == NULL && !check_content(cms))
         return 0;
-    if (dcont && !(flags & CMS_BINARY)) {
+    if (dcont != NULL && !(flags & CMS_BINARY)) {
         const ASN1_OBJECT *coid = CMS_get0_eContentType(cms);
+
         if (OBJ_obj2nid(coid) == NID_id_ct_asciiTextWithCRLF)
             flags |= CMS_ASCIICRLF;
     }
@@ -337,7 +376,8 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
             si = sk_CMS_SignerInfo_value(sinfos, i);
 
             if (!cms_signerinfo_verify_cert(si, store, cms_certs, crls,
-                                            si_chains ? &si_chains[i] : NULL))
+                                            si_chains ? &si_chains[i] : NULL,
+                                            ctx))
                 goto err;
         }
     }
@@ -367,17 +407,19 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
      * reading from a read write memory BIO when signatures are calculated.
      */
 
-    if (dcont && (BIO_method_type(dcont) == BIO_TYPE_MEM)) {
+    if (dcont != NULL && (BIO_method_type(dcont) == BIO_TYPE_MEM)) {
         char *ptr;
         long len;
+
         len = BIO_get_mem_data(dcont, &ptr);
         tmpin = BIO_new_mem_buf(ptr, len);
         if (tmpin == NULL) {
             CMSerr(CMS_F_CMS_VERIFY, ERR_R_MALLOC_FAILURE);
             goto err2;
         }
-    } else
+    } else {
         tmpin = dcont;
+    }
     /*
      * If not binary mode and detached generate digests by *writing* through
      * the BIO. That makes it possible to canonicalise the input.
@@ -388,12 +430,12 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
          * included content doesn't override detached content.
          */
         tmpout = cms_get_text_bio(out, flags);
-        if (!tmpout) {
+        if (tmpout == NULL) {
             CMSerr(CMS_F_CMS_VERIFY, ERR_R_MALLOC_FAILURE);
             goto err;
         }
         cmsbio = CMS_dataInit(cms, tmpout);
-        if (!cmsbio)
+        if (cmsbio == NULL)
             goto err;
         /*
          * Don't use SMIME_TEXT for verify: it adds headers and we want to
@@ -409,7 +451,7 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
         }
     } else {
         cmsbio = CMS_dataInit(cms, tmpin);
-        if (!cmsbio)
+        if (cmsbio == NULL)
             goto err;
 
         if (!cms_copy_content(out, cmsbio, flags))
@@ -427,7 +469,6 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
     }
 
     ret = 1;
-
  err:
     if (!(flags & SMIME_BINARY) && dcont) {
         do_free_upto(cmsbio, tmpout);
@@ -460,6 +501,7 @@ int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
                        X509_STORE *store, unsigned int flags)
 {
     int r;
+
     flags &= ~(CMS_DETACHED | CMS_TEXT);
     r = CMS_verify(rcms, certs, store, NULL, NULL, flags);
     if (r <= 0)
@@ -467,14 +509,15 @@ int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
     return cms_Receipt_verify(rcms, ocms);
 }
 
-CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
-                          STACK_OF(X509) *certs, BIO *data,
-                          unsigned int flags)
+CMS_ContentInfo *CMS_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey,
+                                      STACK_OF(X509) *certs, BIO *data,
+                                      unsigned int flags,
+                                      OPENSSL_CTX *libctx, const char *propq)
 {
     CMS_ContentInfo *cms;
     int i;
 
-    cms = CMS_ContentInfo_new();
+    cms = CMS_ContentInfo_new_with_libctx(libctx, propq);
     if (cms == NULL || !CMS_SignedData_init(cms))
         goto merr;
     if (flags & CMS_ASCIICRLF
@@ -482,13 +525,14 @@ CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
                                   OBJ_nid2obj(NID_id_ct_asciiTextWithCRLF)))
         goto err;
 
-    if (pkey && !CMS_add1_signer(cms, signcert, pkey, NULL, flags)) {
-        CMSerr(CMS_F_CMS_SIGN, CMS_R_ADD_SIGNER_ERROR);
+    if (pkey != NULL && !CMS_add1_signer(cms, signcert, pkey, NULL, flags)) {
+        CMSerr(0, CMS_R_ADD_SIGNER_ERROR);
         goto err;
     }
 
     for (i = 0; i < sk_X509_num(certs); i++) {
         X509 *x = sk_X509_value(certs, i);
+
         if (!CMS_add1_cert(cms, x))
             goto merr;
     }
@@ -503,13 +547,19 @@ CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
         goto err;
 
  merr:
-    CMSerr(CMS_F_CMS_SIGN, ERR_R_MALLOC_FAILURE);
+    CMSerr(0, ERR_R_MALLOC_FAILURE);
 
  err:
     CMS_ContentInfo_free(cms);
     return NULL;
 }
 
+CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
+                          BIO *data, unsigned int flags)
+{
+    return CMS_sign_with_libctx(signcert, pkey, certs, data, flags, NULL, NULL);
+}
+
 CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
                                   X509 *signcert, EVP_PKEY *pkey,
                                   STACK_OF(X509) *certs, unsigned int flags)
@@ -519,6 +569,7 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
     ASN1_OCTET_STRING **pos, *os;
     BIO *rct_cont = NULL;
     int r = 0;
+    const CMS_CTX *ctx = si->cms_ctx;
 
     flags &= ~(CMS_STREAM | CMS_TEXT);
     /* Not really detached but avoids content being allocated */
@@ -530,8 +581,9 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
 
     /* Initialize signed data */
 
-    cms = CMS_sign(NULL, NULL, certs, NULL, flags);
-    if (!cms)
+    cms = CMS_sign_with_libctx(NULL, NULL, certs, NULL, flags,
+                               ctx->libctx, ctx->propq);
+    if (cms == NULL)
         goto err;
 
     /* Set inner content type to signed receipt */
@@ -545,13 +597,12 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
     }
 
     os = cms_encode_Receipt(si);
-
-    if (!os)
+    if (os == NULL)
         goto err;
 
     /* Set content to digest */
     rct_cont = BIO_new_mem_buf(os->data, os->length);
-    if (!rct_cont)
+    if (rct_cont == NULL)
         goto err;
 
     /* Add msgSigDigest attribute */
@@ -578,19 +629,22 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
 
 }
 
-CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *data,
-                             const EVP_CIPHER *cipher, unsigned int flags)
+CMS_ContentInfo *CMS_encrypt_with_libctx(STACK_OF(X509) *certs,
+                                         BIO *data, const EVP_CIPHER *cipher,
+                                         unsigned int flags,
+                                         OPENSSL_CTX *libctx, const char *propq)
 {
     CMS_ContentInfo *cms;
     int i;
     X509 *recip;
-    cms = CMS_EnvelopedData_create(cipher);
-    if (!cms)
+
+    cms = CMS_EnvelopedData_create_with_libctx(cipher, libctx, propq);
+    if (cms == NULL)
         goto merr;
     for (i = 0; i < sk_X509_num(certs); i++) {
         recip = sk_X509_value(certs, i);
         if (!CMS_add1_recipient_cert(cms, recip, flags)) {
-            CMSerr(CMS_F_CMS_ENCRYPT, CMS_R_RECIPIENT_ERROR);
+            CMSerr(0, CMS_R_RECIPIENT_ERROR);
             goto err;
         }
     }
@@ -605,13 +659,20 @@ CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *data,
         goto err;
 
  merr:
-    CMSerr(CMS_F_CMS_ENCRYPT, ERR_R_MALLOC_FAILURE);
+    CMSerr(0, ERR_R_MALLOC_FAILURE);
  err:
     CMS_ContentInfo_free(cms);
     return NULL;
 }
 
-static int cms_kari_set1_pkey_and_peer(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
+CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *data,
+                             const EVP_CIPHER *cipher, unsigned int flags)
+{
+    return CMS_encrypt_with_libctx(certs, data, cipher, flags, NULL, NULL);
+}
+
+static int cms_kari_set1_pkey_and_peer(CMS_ContentInfo *cms,
+                                       CMS_RecipientInfo *ri,
                                        EVP_PKEY *pk, X509 *cert, X509 *peer)
 {
     int i;
@@ -621,6 +682,7 @@ static int cms_kari_set1_pkey_and_peer(CMS_ContentInfo *cms, CMS_RecipientInfo *
     reks = CMS_RecipientInfo_kari_get0_reks(ri);
     for (i = 0; i < sk_CMS_RecipientEncryptedKey_num(reks); i++) {
         int rv;
+
         rek = sk_CMS_RecipientEncryptedKey_value(reks, i);
         if (cert != NULL && CMS_RecipientEncryptedKey_cert_cmp(rek, cert))
             continue;
@@ -639,14 +701,16 @@ int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
      return CMS_decrypt_set1_pkey_and_peer(cms, pk, cert, NULL);
 }
 
-int CMS_decrypt_set1_pkey_and_peer(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert, X509 *peer)
+int CMS_decrypt_set1_pkey_and_peer(CMS_ContentInfo *cms, EVP_PKEY *pk,
+                                   X509 *cert, X509 *peer)
 {
     STACK_OF(CMS_RecipientInfo) *ris;
     CMS_RecipientInfo *ri;
     int i, r, cms_pkey_ri_type;
     int debug = 0, match_ri = 0;
+
     ris = CMS_get0_RecipientInfos(cms);
-    if (ris)
+    if (ris != NULL)
         debug = cms->d.envelopedData->encryptedContentInfo->debug;
 
     cms_pkey_ri_type = cms_pkey_get_ri_type(pk);
@@ -675,12 +739,12 @@ int CMS_decrypt_set1_pkey_and_peer(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cer
          * If we have a cert try matching RecipientInfo otherwise try them
          * all.
          */
-        else if (!cert || !CMS_RecipientInfo_ktri_cert_cmp(ri, cert)) {
+        else if (cert == NULL|| !CMS_RecipientInfo_ktri_cert_cmp(ri, cert)) {
             EVP_PKEY_up_ref(pk);
             CMS_RecipientInfo_set0_pkey(ri, pk);
             r = CMS_RecipientInfo_decrypt(cms, ri);
             CMS_RecipientInfo_set0_pkey(ri, NULL);
-            if (cert) {
+            if (cert != NULL) {
                 /*
                  * If not debugging clear any error and return success to
                  * avoid leaking of information useful to MMA
@@ -704,7 +768,10 @@ int CMS_decrypt_set1_pkey_and_peer(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cer
         }
     }
     /* If no cert, key transport and not debugging always return success */
-    if (cert == NULL && cms_pkey_ri_type == CMS_RECIPINFO_TRANS && match_ri && !debug) {
+    if (cert == NULL
+        && cms_pkey_ri_type == CMS_RECIPINFO_TRANS
+        && match_ri
+        && !debug) {
         ERR_clear_error();
         return 1;
     }
@@ -721,6 +788,7 @@ int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
     STACK_OF(CMS_RecipientInfo) *ris;
     CMS_RecipientInfo *ri;
     int i, r;
+
     ris = CMS_get0_RecipientInfos(cms);
     for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) {
         ri = sk_CMS_RecipientInfo_value(ris, i);
@@ -731,13 +799,13 @@ int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
          * If we have an id try matching RecipientInfo otherwise try them
          * all.
          */
-        if (!id || (CMS_RecipientInfo_kekri_id_cmp(ri, id, idlen) == 0)) {
+        if (id == NULL || (CMS_RecipientInfo_kekri_id_cmp(ri, id, idlen) == 0)) {
             CMS_RecipientInfo_set0_key(ri, key, keylen);
             r = CMS_RecipientInfo_decrypt(cms, ri);
             CMS_RecipientInfo_set0_key(ri, NULL, 0);
             if (r > 0)
                 return 1;
-            if (id) {
+            if (id != NULL) {
                 CMSerr(CMS_F_CMS_DECRYPT_SET1_KEY, CMS_R_DECRYPT_ERROR);
                 return 0;
             }
@@ -756,6 +824,7 @@ int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
     STACK_OF(CMS_RecipientInfo) *ris;
     CMS_RecipientInfo *ri;
     int i, r;
+
     ris = CMS_get0_RecipientInfos(cms);
     for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) {
         ri = sk_CMS_RecipientInfo_value(ris, i);
@@ -783,13 +852,13 @@ int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert,
         CMSerr(CMS_F_CMS_DECRYPT, CMS_R_TYPE_NOT_ENVELOPED_DATA);
         return 0;
     }
-    if (!dcont && !check_content(cms))
+    if (dcont == NULL && !check_content(cms))
         return 0;
     if (flags & CMS_DEBUG_DECRYPT)
         cms->d.envelopedData->encryptedContentInfo->debug = 1;
     else
         cms->d.envelopedData->encryptedContentInfo->debug = 0;
-    if (!cert)
+    if (cert == NULL)
         cms->d.envelopedData->encryptedContentInfo->havenocert = 1;
     else
         cms->d.envelopedData->encryptedContentInfo->havenocert = 0;
@@ -815,7 +884,7 @@ int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags)
         return 0;
     }
 
-    SMIME_crlf_copy(data, cmsbio, flags);
+    ret = SMIME_crlf_copy(data, cmsbio, flags);
 
     (void)BIO_flush(cmsbio);
 
@@ -823,10 +892,7 @@ int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags)
         CMSerr(CMS_F_CMS_FINAL, CMS_R_CMS_DATAFINAL_ERROR);
         goto err;
     }
-
-    ret = 1;
-
- err:
+err:
     do_free_upto(cmsbio, dcont);
 
     return ret;
@@ -840,16 +906,17 @@ int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
 {
     BIO *cont;
     int r;
+
     if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_id_smime_ct_compressedData) {
         CMSerr(CMS_F_CMS_UNCOMPRESS, CMS_R_TYPE_NOT_COMPRESSED_DATA);
         return 0;
     }
 
-    if (!dcont && !check_content(cms))
+    if (dcont == NULL && !check_content(cms))
         return 0;
 
     cont = CMS_dataInit(cms, dcont);
-    if (!cont)
+    if (cont == NULL)
         return 0;
     r = cms_copy_content(out, cont, flags);
     do_free_upto(cont, dcont);
@@ -859,10 +926,11 @@ int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
 CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags)
 {
     CMS_ContentInfo *cms;
+
     if (comp_nid <= 0)
         comp_nid = NID_zlib_compression;
-    cms = cms_CompressedData_create(comp_nid);
-    if (!cms)
+    cms = cms_CompressedData_create(comp_nid, NULL, NULL);
+    if (cms == NULL)
         return NULL;
 
     if (!(flags & CMS_DETACHED))
diff --git a/crypto/ct/ct_vfy.c b/crypto/ct/ct_vfy.c
index f270e4378a..b05e77b8a1 100644
--- a/crypto/ct/ct_vfy.c
+++ b/crypto/ct/ct_vfy.c
@@ -122,8 +122,9 @@ int SCT_CTX_verify(const SCT_CTX *sctx, const SCT *sct)
     if (ctx == NULL)
         goto end;
 
-    if (!EVP_DigestVerifyInit_ex(ctx, NULL, "SHA2-256", sctx->propq, sctx->pkey,
-                                 sctx->libctx))
+    if (!EVP_DigestVerifyInit_with_libctx(ctx, NULL,
+                                          "SHA2-256", sctx->libctx, sctx->propq,
+                                          sctx->pkey))
         goto end;
 
     if (!sct_ctx_update(ctx, sctx, sct))
diff --git a/crypto/ec/build.info b/crypto/ec/build.info
index 8e4a6a9f4b..496a932e4c 100644
--- a/crypto/ec/build.info
+++ b/crypto/ec/build.info
@@ -50,14 +50,14 @@ $COMMON=ec_lib.c ecp_smpl.c ecp_mont.c ecp_nist.c ec_cvt.c ec_mult.c \
         ecdsa_ossl.c ecdsa_sign.c ecdsa_vrf.c curve25519.c \
         curve448/arch_32/f_impl.c curve448/f_generic.c curve448/scalar.c \
         curve448/curve448_tables.c curve448/eddsa.c curve448/curve448.c \
-        $ECASM ec_backend.c ecx_backend.c
+        $ECASM ec_backend.c ecx_backend.c ecdh_kdf.c
 
 IF[{- !$disabled{'ec_nistp_64_gcc_128'} -}]
   $COMMON=$COMMON ecp_nistp224.c ecp_nistp256.c ecp_nistp521.c ecp_nistputil.c
 ENDIF
 
 SOURCE[../../libcrypto]=$COMMON ec_ameth.c ec_pmeth.c ecx_meth.c ecx_key.c \
-                        ec_err.c ecdh_kdf.c eck_prn.c ec_ctrl.c
+                        ec_err.c eck_prn.c ec_ctrl.c
 SOURCE[../../providers/libfips.a]=$COMMON
 
 # Implementations are now spread across several libraries, so the defines
diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c
index 8a33b3232c..f8251a6de2 100644
--- a/crypto/ec/ec_ameth.c
+++ b/crypto/ec/ec_ameth.c
@@ -35,6 +35,7 @@ static int eckey_param2type(int *pptype, void **ppval, const EC_KEY *ec_key)
 {
     const EC_GROUP *group;
     int nid;
+
     if (ec_key == NULL || (group = EC_KEY_get0_group(ec_key)) == NULL) {
         ECerr(EC_F_ECKEY_PARAM2TYPE, EC_R_MISSING_PARAMETERS);
         return 0;
@@ -192,6 +193,7 @@ static int eckey_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
     const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec);
     const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec),
         *pb = EC_KEY_get0_public_key(b->pkey.ec);
+
     if (group == NULL || pa == NULL || pb == NULL)
         return -2;
     r = EC_POINT_cmp(group, pa, pb, NULL);
@@ -299,6 +301,7 @@ static int ec_bits(const EVP_PKEY *pkey)
 static int ec_security_bits(const EVP_PKEY *pkey)
 {
     int ecbits = ec_bits(pkey);
+
     if (ecbits >= 512)
         return 256;
     if (ecbits >= 384)
@@ -343,6 +346,7 @@ static int ec_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
 {
     const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec),
         *group_b = EC_KEY_get0_group(b->pkey.ec);
+
     if (group_a == NULL || group_b == NULL)
         return -2;
     if (EC_GROUP_cmp(group_a, group_b, NULL))
@@ -486,6 +490,7 @@ static int ec_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
         if (arg1 == 0) {
             int snid, hnid;
             X509_ALGOR *alg1, *alg2;
+
             PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
             if (alg1 == NULL || alg1->algorithm == NULL)
                 return -1;
@@ -626,7 +631,8 @@ int ecparams_to_params(const EC_KEY *eckey, OSSL_PARAM_BLD *tmpl)
         if ((curve_name = OBJ_nid2sn(curve_nid)) == NULL)
             return 0;
 
-        if (!OSSL_PARAM_BLD_push_utf8_string(tmpl, OSSL_PKEY_PARAM_GROUP_NAME, curve_name, 0))
+        if (!OSSL_PARAM_BLD_push_utf8_string(tmpl, OSSL_PKEY_PARAM_GROUP_NAME,
+                                             curve_name, 0))
             return 0;
     }
 
@@ -878,6 +884,7 @@ static int ecdh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
     EC_KEY *ecpeer = NULL;
     const unsigned char *p;
     int plen;
+
     X509_ALGOR_get0(&aoid, &atype, &aval, alg);
     if (OBJ_obj2nid(aoid) != NID_X9_62_id_ecPublicKey)
         goto err;
@@ -961,8 +968,9 @@ static int ecdh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri)
     const unsigned char *p;
     unsigned char *der = NULL;
     int plen, keylen;
-    const EVP_CIPHER *kekcipher;
+    EVP_CIPHER *kekcipher = NULL;
     EVP_CIPHER_CTX *kekctx;
+    const char *name;
 
     if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm))
         return 0;
@@ -978,13 +986,14 @@ static int ecdh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri)
     p = alg->parameter->value.sequence->data;
     plen = alg->parameter->value.sequence->length;
     kekalg = d2i_X509_ALGOR(NULL, &p, plen);
-    if (!kekalg)
+    if (kekalg == NULL)
         goto err;
     kekctx = CMS_RecipientInfo_kari_get0_ctx(ri);
-    if (!kekctx)
+    if (kekctx == NULL)
         goto err;
-    kekcipher = EVP_get_cipherbyobj(kekalg->algorithm);
-    if (!kekcipher || EVP_CIPHER_mode(kekcipher) != EVP_CIPH_WRAP_MODE)
+    name = OBJ_nid2sn(OBJ_obj2nid(kekalg->algorithm));
+    kekcipher = EVP_CIPHER_fetch(pctx->libctx, name, NULL);
+    if (kekcipher == NULL || EVP_CIPHER_mode(kekcipher) != EVP_CIPH_WRAP_MODE)
         goto err;
     if (!EVP_EncryptInit_ex(kekctx, kekcipher, NULL, NULL, NULL))
         goto err;
@@ -1006,6 +1015,7 @@ static int ecdh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri)
 
     rv = 1;
  err:
+    EVP_CIPHER_free(kekcipher);
     X509_ALGOR_free(kekalg);
     OPENSSL_free(der);
     return rv;
@@ -1014,13 +1024,15 @@ static int ecdh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri)
 static int ecdh_cms_decrypt(CMS_RecipientInfo *ri)
 {
     EVP_PKEY_CTX *pctx;
+
     pctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
-    if (!pctx)
+    if (pctx == NULL)
         return 0;
     /* See if we need to set peer key */
     if (!EVP_PKEY_CTX_get0_peerkey(pctx)) {
         X509_ALGOR *alg;
         ASN1_BIT_STRING *pubkey;
+
         if (!CMS_RecipientInfo_kari_get0_orig_id(ri, &alg, &pubkey,
                                                  NULL, NULL, NULL))
             return 0;
@@ -1055,8 +1067,9 @@ static int ecdh_cms_encrypt(CMS_RecipientInfo *ri)
     int rv = 0;
     int ecdh_nid, kdf_type, kdf_nid, wrap_nid;
     const EVP_MD *kdf_md;
+
     pctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
-    if (!pctx)
+    if (pctx == NULL)
         return 0;
     /* Get ephemeral key */
     pkey = EVP_PKEY_CTX_get0_pkey(pctx);
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 58cd160502..7476efd9bc 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -295,8 +295,9 @@ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
          * Prior to OpenSSL 3.0 EVP_DigestSignUpdate() and
          * EVP_DigestVerifyUpdate() were just macros for EVP_DigestUpdate().
          * Some code calls EVP_DigestUpdate() directly even when initialised
-         * with EVP_DigestSignInit_ex() or EVP_DigestVerifyInit_ex(), so we
-         * detect that and redirect to the correct EVP_Digest*Update() function
+         * with EVP_DigestSignInit_with_libctx() or
+         * EVP_DigestVerifyInit_with_libctx(), so we detect that and redirect to
+         * the correct EVP_Digest*Update() function
          */
         if (ctx->pctx->operation == EVP_PKEY_OP_SIGNCTX)
             return EVP_DigestSignUpdate(ctx, data, count);
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 2f00f9a13b..74d4afdac4 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -1180,6 +1180,20 @@ const OSSL_PARAM *EVP_CIPHER_gettable_ctx_params(const EVP_CIPHER *cipher)
     return NULL;
 }
 
+#ifndef FIPS_MODULE
+static OPENSSL_CTX *EVP_CIPHER_CTX_get_libctx(EVP_CIPHER_CTX *ctx)
+{
+    const EVP_CIPHER *cipher = ctx->cipher;
+    const OSSL_PROVIDER *prov;
+
+    if (cipher == NULL)
+        return NULL;
+
+    prov = EVP_CIPHER_provider(cipher);
+    return ossl_provider_library_context(prov);
+}
+#endif
+
 int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
 {
     if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
@@ -1190,9 +1204,10 @@ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
 #else
     {
         int kl;
+        OPENSSL_CTX *libctx = EVP_CIPHER_CTX_get_libctx(ctx);
 
         kl = EVP_CIPHER_CTX_key_length(ctx);
-        if (kl <= 0 || RAND_priv_bytes(key, kl) <= 0)
+        if (kl <= 0 || RAND_priv_bytes_ex(libctx, key, kl) <= 0)
             return 0;
         return 1;
     }
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
index 8d37f19d6c..04ac121e25 100644
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@@ -38,8 +38,8 @@ static const char *canon_mdname(const char *mdname)
 
 static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
                           const EVP_MD *type, const char *mdname,
-                          const char *props, ENGINE *e, EVP_PKEY *pkey,
-                          OPENSSL_CTX *libctx, int ver)
+                          OPENSSL_CTX *libctx, const char *props,
+                          ENGINE *e, EVP_PKEY *pkey, int ver)
 {
     EVP_PKEY_CTX *locpctx = NULL;
     EVP_SIGNATURE *signature = NULL;
@@ -285,31 +285,32 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
     return 1;
 }
 
-int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
-                          const char *mdname, const char *props, EVP_PKEY *pkey,
-                          OPENSSL_CTX *libctx)
+int EVP_DigestSignInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+                                   const char *mdname,
+                                   OPENSSL_CTX *libctx, const char *props,
+                                   EVP_PKEY *pkey)
 {
-    return do_sigver_init(ctx, pctx, NULL, mdname, props, NULL, pkey, libctx,
-                          0);
+    return do_sigver_init(ctx, pctx, NULL, mdname, libctx, props, NULL, pkey, 0);
 }
 
 int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
                        const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
 {
-    return do_sigver_init(ctx, pctx, type, NULL, NULL, e, pkey, NULL, 0);
+    return do_sigver_init(ctx, pctx, type, NULL, NULL, NULL, e, pkey, 0);
 }
 
-int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
-                            const char *mdname, const char *props,
-                            EVP_PKEY *pkey, OPENSSL_CTX *libctx)
+int EVP_DigestVerifyInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+                                     const char *mdname,
+                                     OPENSSL_CTX *libctx, const char *props,
+                                     EVP_PKEY *pkey)
 {
-    return do_sigver_init(ctx, pctx, NULL, mdname, props, NULL, pkey, libctx, 1);
+    return do_sigver_init(ctx, pctx, NULL, mdname, libctx, props, NULL, pkey, 1);
 }
 
 int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
                          const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
 {
-    return do_sigver_init(ctx, pctx, type, NULL, NULL, e, pkey, NULL, 1);
+    return do_sigver_init(ctx, pctx, type, NULL, NULL, NULL, e, pkey, 1);
 }
 #endif /* FIPS_MDOE */
 
diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c
index 44a69083b2..2c4f49a528 100644
--- a/crypto/evp/p_sign.c
+++ b/crypto/evp/p_sign.c
@@ -14,8 +14,9 @@
 #include <openssl/x509.h>
 #include "crypto/evp.h"
 
-int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
-                  unsigned int *siglen, EVP_PKEY *pkey)
+int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *sigret,
+                              unsigned int *siglen, EVP_PKEY *pkey,
+                              OPENSSL_CTX *libctx, const char *propq)
 {
     unsigned char m[EVP_MAX_MD_SIZE];
     unsigned int m_len = 0;
@@ -30,8 +31,9 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
     } else {
         int rv = 0;
         EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new();
+
         if (tmp_ctx == NULL) {
-            EVPerr(EVP_F_EVP_SIGNFINAL, ERR_R_MALLOC_FAILURE);
+            EVPerr(0, ERR_R_MALLOC_FAILURE);
             return 0;
         }
         rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx);
@@ -44,7 +46,7 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
 
     sltmp = (size_t)EVP_PKEY_size(pkey);
     i = 0;
-    pkctx = EVP_PKEY_CTX_new(pkey, NULL);
+    pkctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq);
     if (pkctx == NULL)
         goto err;
     if (EVP_PKEY_sign_init(pkctx) <= 0)
@@ -59,3 +61,9 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
     EVP_PKEY_CTX_free(pkctx);
     return i;
 }
+
+int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
+                  unsigned int *siglen, EVP_PKEY *pkey)
+{
+    return EVP_SignFinal_with_libctx(ctx, sigret, siglen, pkey, NULL, NULL);
+}
diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c
index fe4b7b568d..db14866af0 100644
--- a/crypto/evp/p_verify.c
+++ b/crypto/evp/p_verify.c
@@ -14,8 +14,9 @@
 #include <openssl/x509.h>
 #include "crypto/evp.h"
 
-int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
-                    unsigned int siglen, EVP_PKEY *pkey)
+int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
+                                unsigned int siglen, EVP_PKEY *pkey,
+                                OPENSSL_CTX *libctx, const char *propq)
 {
     unsigned char m[EVP_MAX_MD_SIZE];
     unsigned int m_len = 0;
@@ -28,8 +29,9 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
     } else {
         int rv = 0;
         EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new();
+
         if (tmp_ctx == NULL) {
-            EVPerr(EVP_F_EVP_VERIFYFINAL, ERR_R_MALLOC_FAILURE);
+            EVPerr(0, ERR_R_MALLOC_FAILURE);
             return 0;
         }
         rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx);
@@ -41,7 +43,7 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
     }
 
     i = -1;
-    pkctx = EVP_PKEY_CTX_new(pkey, NULL);
+    pkctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq);
     if (pkctx == NULL)
         goto err;
     if (EVP_PKEY_verify_init(pkctx) <= 0)
@@ -53,3 +55,9 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
     EVP_PKEY_CTX_free(pkctx);
     return i;
 }
+
+int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
+                    unsigned int siglen, EVP_PKEY *pkey)
+{
+    return EVP_VerifyFinal_with_libctx(ctx, sigbuf, siglen, pkey, NULL, NULL);
+}
diff --git a/crypto/pkcs7/pk7_asn1.c b/crypto/pkcs7/pk7_asn1.c
index 08852418cc..f04e4b34ce 100644
--- a/crypto/pkcs7/pk7_asn1.c
+++ b/crypto/pkcs7/pk7_asn1.c
@@ -12,6 +12,7 @@
 #include <openssl/asn1t.h>
 #include <openssl/pkcs7.h>
 #include <openssl/x509.h>
+#include "pk7_local.h"
 
 /* PKCS#7 ASN1 module */
 
@@ -62,7 +63,52 @@ ASN1_NDEF_SEQUENCE_cb(PKCS7, pk7_cb) = {
         ASN1_ADB_OBJECT(PKCS7)
 }ASN1_NDEF_SEQUENCE_END_cb(PKCS7, PKCS7)
 
-IMPLEMENT_ASN1_FUNCTIONS(PKCS7)
+PKCS7 *d2i_PKCS7(PKCS7 **a, const unsigned char **in, long len)
+{
+    PKCS7 *ret;
+
+    ret = (PKCS7 *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, (PKCS7_it()));
+    if (ret != NULL && a != NULL)
+        pkcs7_resolve_libctx(ret);
+    return ret;
+}
+
+int i2d_PKCS7(const PKCS7 *a, unsigned char **out)
+{
+    return ASN1_item_i2d((const ASN1_VALUE *)a, out, (PKCS7_it()));\
+}
+
+PKCS7 *PKCS7_new(void)
+{
+    return (PKCS7 *)ASN1_item_new(ASN1_ITEM_rptr(PKCS7));
+}
+
+PKCS7 *PKCS7_new_with_libctx(OPENSSL_CTX *libctx, const char *propq)
+{
+    PKCS7 *pkcs7 = PKCS7_new();
+
+    if (pkcs7 != NULL) {
+        pkcs7->ctx.libctx = libctx;
+        pkcs7->ctx.propq = NULL;
+        if (propq != NULL) {
+            pkcs7->ctx.propq = OPENSSL_strdup(propq);
+            if (pkcs7->ctx.propq == NULL) {
+                PKCS7_free(pkcs7);
+                pkcs7 = NULL;
+                ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+            }
+        }
+    }
+    return pkcs7;
+}
+
+void PKCS7_free(PKCS7 *p7)
+{
+    if (p7 != NULL) {
+        OPENSSL_free(p7->ctx.propq);
+        ASN1_item_free((ASN1_VALUE *)p7, ASN1_ITEM_rptr(PKCS7));
+    }
+}
 
 IMPLEMENT_ASN1_NDEF_FUNCTION(PKCS7)
 
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index b815a4a77b..1d2a1eb898 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -14,6 +14,7 @@
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 #include <openssl/err.h>
+#include "pk7_local.h"
 
 DEFINE_STACK_OF(X509_ALGOR)
 DEFINE_STACK_OF(X509_ATTRIBUTE)
@@ -57,22 +58,27 @@ static ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7)
     return NULL;
 }
 
-static int PKCS7_bio_add_digest(BIO **pbio, X509_ALGOR *alg)
+static int pkcs7_bio_add_digest(BIO **pbio, X509_ALGOR *alg,
+                                const PKCS7_CTX *ctx)
 {
     BIO *btmp;
-    const EVP_MD *md;
+    const char *name;
+    EVP_MD *fetched = NULL;
+
     if ((btmp = BIO_new(BIO_f_md())) == NULL) {
         PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST, ERR_R_BIO_LIB);
         goto err;
     }
 
-    md = EVP_get_digestbyobj(alg->algorithm);
-    if (md == NULL) {
+    name = OBJ_nid2sn(OBJ_obj2nid(alg->algorithm));
+    fetched = EVP_MD_fetch(ctx->libctx, name, ctx->propq);
+    if (fetched == NULL) {
         PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST, PKCS7_R_UNKNOWN_DIGEST_TYPE);
         goto err;
     }
 
-    BIO_set_md(btmp, md);
+    BIO_set_md(btmp, fetched);
+    EVP_MD_free(fetched);
     if (*pbio == NULL)
         *pbio = btmp;
     else if (!BIO_push(*pbio, btmp)) {
@@ -86,7 +92,6 @@ static int PKCS7_bio_add_digest(BIO **pbio, X509_ALGOR *alg)
  err:
     BIO_free(btmp);
     return 0;
-
 }
 
 static int pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri,
@@ -97,12 +102,13 @@ static int pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri,
     unsigned char *ek = NULL;
     int ret = 0;
     size_t eklen;
+    const PKCS7_CTX *ctx = ri->ctx;
 
     pkey = X509_get0_pubkey(ri->cert);
     if (pkey == NULL)
         return 0;
 
-    pctx = EVP_PKEY_CTX_new(pkey, NULL);
+    pctx = EVP_PKEY_CTX_new_from_pkey(ctx->libctx, pkey, ctx->propq);
     if (pctx == NULL)
         return 0;
 
@@ -148,8 +154,9 @@ static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen,
     unsigned char *ek = NULL;
     size_t eklen;
     int ret = -1;
+    const PKCS7_CTX *ctx = ri->ctx;
 
-    pctx = EVP_PKEY_CTX_new(pkey, NULL);
+    pctx = EVP_PKEY_CTX_new_from_pkey(ctx->libctx, pkey, ctx->propq);
     if (pctx == NULL)
         return -1;
 
@@ -201,17 +208,21 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
     int i;
     BIO *out = NULL, *btmp = NULL;
     X509_ALGOR *xa = NULL;
+    EVP_CIPHER *fetched_cipher = NULL;
     const EVP_CIPHER *evp_cipher = NULL;
     STACK_OF(X509_ALGOR) *md_sk = NULL;
     STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;
     X509_ALGOR *xalg = NULL;
     PKCS7_RECIP_INFO *ri = NULL;
     ASN1_OCTET_STRING *os = NULL;
+    const PKCS7_CTX *p7_ctx;
 
     if (p7 == NULL) {
         PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_INVALID_NULL_POINTER);
         return NULL;
     }
+    p7_ctx = pkcs7_get0_ctx(p7);
+
     /*
      * The content field in the PKCS7 ContentInfo is optional, but that really
      * only applies to inner content (precisely, detached signatures).
@@ -266,10 +277,10 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
     }
 
     for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++)
-        if (!PKCS7_bio_add_digest(&out, sk_X509_ALGOR_value(md_sk, i)))
+        if (!pkcs7_bio_add_digest(&out, sk_X509_ALGOR_value(md_sk, i), p7_ctx))
             goto err;
 
-    if (xa && !PKCS7_bio_add_digest(&out, xa))
+    if (xa && !pkcs7_bio_add_digest(&out, xa, p7_ctx))
         goto err;
 
     if (evp_cipher != NULL) {
@@ -287,10 +298,21 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
         ivlen = EVP_CIPHER_iv_length(evp_cipher);
         xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher));
         if (ivlen > 0)
-            if (RAND_bytes(iv, ivlen) <= 0)
+            if (RAND_bytes_ex(p7_ctx->libctx, iv, ivlen) <= 0)
                 goto err;
-        if (EVP_CipherInit_ex(ctx, evp_cipher, NULL, NULL, NULL, 1) <= 0)
+
+        fetched_cipher = EVP_CIPHER_fetch(p7_ctx->libctx,
+                                          EVP_CIPHER_name(evp_cipher),
+                                          p7_ctx->propq);
+        if (fetched_cipher == NULL)
             goto err;
+
+        if (EVP_CipherInit_ex(ctx, fetched_cipher, NULL, NULL, NULL, 1) <= 0)
+            goto err;
+
+        EVP_CIPHER_free(fetched_cipher);
+        fetched_cipher = NULL;
+
         if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
             goto err;
         if (EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, 1) <= 0)
@@ -342,6 +364,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
     return out;
 
  err:
+    EVP_CIPHER_free(fetched_cipher);
     BIO_free_all(out);
     BIO_free_all(btmp);
     return NULL;
@@ -361,12 +384,12 @@ static int pkcs7_cmp_ri(PKCS7_RECIP_INFO *ri, X509 *pcert)
 /* int */
 BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
 {
-    int i, j, len;
+    int i, len;
     BIO *out = NULL, *btmp = NULL, *etmp = NULL, *bio = NULL;
     X509_ALGOR *xa;
     ASN1_OCTET_STRING *data_body = NULL;
-    const EVP_MD *evp_md;
-    const EVP_CIPHER *evp_cipher = NULL;
+    EVP_MD *evp_md = NULL;
+    EVP_CIPHER *evp_cipher = NULL;
     EVP_CIPHER_CTX *evp_ctx = NULL;
     X509_ALGOR *enc_alg = NULL;
     STACK_OF(X509_ALGOR) *md_sk = NULL;
@@ -374,12 +397,16 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
     PKCS7_RECIP_INFO *ri = NULL;
     unsigned char *ek = NULL, *tkey = NULL;
     int eklen = 0, tkeylen = 0;
+    const char *name;
+    const PKCS7_CTX *p7_ctx;
 
     if (p7 == NULL) {
         PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_INVALID_NULL_POINTER);
         return NULL;
     }
 
+    p7_ctx = pkcs7_get0_ctx(p7);
+
     if (p7->d.ptr == NULL) {
         PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT);
         return NULL;
@@ -410,7 +437,9 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
         /* data_body is NULL if the optional EncryptedContent is missing. */
         data_body = p7->d.signed_and_enveloped->enc_data->enc_data;
         enc_alg = p7->d.signed_and_enveloped->enc_data->algorithm;
-        evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm);
+
+        name = OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm));
+        evp_cipher = EVP_CIPHER_fetch(p7_ctx->libctx, name, p7_ctx->propq);
         if (evp_cipher == NULL) {
             PKCS7err(PKCS7_F_PKCS7_DATADECODE,
                      PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
@@ -422,7 +451,8 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
         enc_alg = p7->d.enveloped->enc_data->algorithm;
         /* data_body is NULL if the optional EncryptedContent is missing. */
         data_body = p7->d.enveloped->enc_data->enc_data;
-        evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm);
+        name = OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm));
+        evp_cipher = EVP_CIPHER_fetch(p7_ctx->libctx, name, p7_ctx->propq);
         if (evp_cipher == NULL) {
             PKCS7err(PKCS7_F_PKCS7_DATADECODE,
                      PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
@@ -449,8 +479,8 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
                 goto err;
             }
 
-            j = OBJ_obj2nid(xa->algorithm);
-            evp_md = EVP_get_digestbynid(j);
+            name = OBJ_nid2sn(OBJ_obj2nid(xa->algorithm));
+            evp_md = EVP_MD_fetch(p7_ctx->libctx, name, p7_ctx->propq);
             if (evp_md == NULL) {
                 PKCS7err(PKCS7_F_PKCS7_DATADECODE,
                          PKCS7_R_UNKNOWN_DIGEST_TYPE);
@@ -458,6 +488,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
             }
 
             BIO_set_md(btmp, evp_md);
+            EVP_MD_free(evp_md);
             if (out == NULL)
                 out = btmp;
             else
@@ -504,13 +535,14 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
              */
             for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
                 ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
-
+                ri->ctx = p7_ctx;
                 if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey,
                         EVP_CIPHER_key_length(evp_cipher)) < 0)
                     goto err;
                 ERR_clear_error();
             }
         } else {
+            ri->ctx = p7_ctx;
             /* Only exit on fatal errors, not decrypt failure */
             if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey, 0) < 0)
                 goto err;
@@ -585,9 +617,11 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
     }
     BIO_push(out, bio);
     bio = NULL;
+    EVP_CIPHER_free(evp_cipher);
     return out;
 
  err:
+    EVP_CIPHER_free(evp_cipher);
     OPENSSL_clear_free(ek, eklen);
     OPENSSL_clear_free(tkey, tkeylen);
     BIO_free_all(out);
@@ -658,12 +692,15 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
     STACK_OF(X509_ATTRIBUTE) *sk;
     STACK_OF(PKCS7_SIGNER_INFO) *si_sk = NULL;
     ASN1_OCTET_STRING *os = NULL;
+    const PKCS7_CTX *p7_ctx;
 
     if (p7 == NULL) {
         PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_INVALID_NULL_POINTER);
         return 0;
     }
 
+    p7_ctx = pkcs7_get0_ctx(p7);
+
     if (p7->d.ptr == NULL) {
         PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_NO_CONTENT);
         return 0;
@@ -771,7 +808,8 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
                 if (abuf == NULL)
                     goto err;
 
-                if (!EVP_SignFinal(ctx_tmp, abuf, &abuflen, si->pkey)) {
+                if (!EVP_SignFinal_with_libctx(ctx_tmp, abuf, &abuflen, si->pkey,
+                                               p7_ctx->libctx, p7_ctx->propq)) {
                     OPENSSL_free(abuf);
                     PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_EVP_LIB);
                     goto err;
@@ -830,6 +868,7 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
     int alen;
     size_t siglen;
     const EVP_MD *md = NULL;
+    const PKCS7_CTX *ctx = si->ctx;
 
     md = EVP_get_digestbyobj(si->digest_alg->algorithm);
     if (md == NULL)
@@ -837,11 +876,13 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
 
     mctx = EVP_MD_CTX_new();
     if (mctx == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, ERR_R_MALLOC_FAILURE);
+        PKCS7err(0, ERR_R_MALLOC_FAILURE);
         goto err;
     }
 
-    if (EVP_DigestSignInit(mctx, &pctx, md, NULL, si->pkey) <= 0)
+    if (EVP_DigestSignInit_with_libctx(mctx, &pctx,
+                                       EVP_MD_name(md), ctx->libctx, ctx->propq,
+                                       si->pkey) <= 0)
         goto err;
 
     /*
@@ -863,7 +904,7 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
 #if 0
     if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
                           EVP_PKEY_CTRL_PKCS7_SIGN, 0, si) <= 0) {
-        PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR);
+        PKCS7err(0, PKCS7_R_CTRL_ERROR);
         goto err;
     }
 #endif
@@ -903,7 +944,7 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
 #if 0
     if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
                           EVP_PKEY_CTRL_PKCS7_SIGN, 1, si) <= 0) {
-        PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR);
+        PKCS7err(0, PKCS7_R_CTRL_ERROR);
         goto err;
     }
 #endif
@@ -918,7 +959,6 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
     OPENSSL_free(abuf);
     EVP_MD_CTX_free(mctx);
     return 0;
-
 }
 
 int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio,
@@ -983,11 +1023,13 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
 {
     ASN1_OCTET_STRING *os;
     EVP_MD_CTX *mdc_tmp, *mdc;
+    EVP_MD *fetched_md = NULL;
     int ret = 0, i;
     int md_type;
     STACK_OF(X509_ATTRIBUTE) *sk;
     BIO *btmp;
     EVP_PKEY *pkey;
+    const PKCS7_CTX *ctx = pkcs7_get0_ctx(p7);
 
     mdc_tmp = EVP_MD_CTX_new();
     if (mdc_tmp == NULL) {
@@ -1055,7 +1097,8 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
             goto err;
         }
 
-        if (!EVP_VerifyInit_ex(mdc_tmp, EVP_get_digestbynid(md_type), NULL))
+        fetched_md = EVP_MD_fetch(ctx->libctx, OBJ_nid2sn(md_type), ctx->propq);
+        if (fetched_md == NULL || !EVP_VerifyInit_ex(mdc_tmp, fetched_md, NULL))
             goto err;
 
         alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf,
@@ -1078,7 +1121,8 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
         goto err;
     }
 
-    i = EVP_VerifyFinal(mdc_tmp, os->data, os->length, pkey);
+    i = EVP_VerifyFinal_with_libctx(mdc_tmp, os->data, os->length, pkey,
+                                    ctx->libctx, ctx->propq);
     if (i <= 0) {
         PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_SIGNATURE_FAILURE);
         ret = -1;
@@ -1087,6 +1131,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
     ret = 1;
  err:
     EVP_MD_CTX_free(mdc_tmp);
+    EVP_MD_free(fetched_md);
     return ret;
 }
 
diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c
index cb8c67b65a..abe3570c68 100644
--- a/crypto/pkcs7/pk7_lib.c
+++ b/crypto/pkcs7/pk7_lib.c
@@ -13,6 +13,8 @@
 #include <openssl/x509.h>
 #include "crypto/asn1.h"
 #include "crypto/evp.h"
+#include "crypto/x509.h"
+#include "pk7_local.h"
 
 DEFINE_STACK_OF(X509)
 DEFINE_STACK_OF(X509_CRL)
@@ -236,6 +238,7 @@ int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi)
         }
     }
 
+    psi->ctx = pkcs7_get0_ctx(p7);
     if (!sk_PKCS7_SIGNER_INFO_push(signer_sk, psi))
         return 0;
     return 1;
@@ -380,6 +383,70 @@ PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey,
     return NULL;
 }
 
+static STACK_OF(X509) *pkcs7_get_signer_certs(const PKCS7 *p7)
+{
+    if (PKCS7_type_is_signed(p7))
+        return p7->d.sign->cert;
+    if (PKCS7_type_is_signedAndEnveloped(p7))
+        return p7->d.signed_and_enveloped->cert;
+    return NULL;
+}
+
+static STACK_OF(PKCS7_RECIP_INFO) *pkcs7_get_recipient_info(const PKCS7 *p7)
+{
+    if (PKCS7_type_is_signedAndEnveloped(p7))
+        return p7->d.signed_and_enveloped->recipientinfo;
+    if (PKCS7_type_is_enveloped(p7))
+        return p7->d.enveloped->recipientinfo;
+    return NULL;
+}
+
+/*
+ * Set up the library context into any loaded structure that needs it.
+ * i.e loaded X509 objects.
+ */
+void pkcs7_resolve_libctx(PKCS7 *p7)
+{
+    int i;
+    const PKCS7_CTX *ctx = pkcs7_get0_ctx(p7);
+    STACK_OF(PKCS7_RECIP_INFO) *rinfos = pkcs7_get_recipient_info(p7);
+    STACK_OF(PKCS7_SIGNER_INFO) *sinfos = PKCS7_get_signer_info(p7);
+    STACK_OF(X509) *certs = pkcs7_get_signer_certs(p7);
+
+    if (ctx == NULL)
+        return;
+
+    for (i = 0; i < sk_X509_num(certs); i++)
+        x509_set0_libctx(sk_X509_value(certs, i), ctx->libctx, ctx->propq);
+
+    for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rinfos); i++) {
+        PKCS7_RECIP_INFO *ri = sk_PKCS7_RECIP_INFO_value(rinfos, i);
+
+        x509_set0_libctx(ri->cert, ctx->libctx, ctx->propq);
+    }
+
+    for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) {
+        PKCS7_SIGNER_INFO *si = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
+
+        if (si != NULL)
+            si->ctx = ctx;
+    }
+}
+
+const PKCS7_CTX *pkcs7_get0_ctx(const PKCS7 *p7)
+{
+    return p7 != NULL ? &p7->ctx : NULL;
+}
+
+OPENSSL_CTX *pkcs7_ctx_get0_libctx(const PKCS7_CTX *ctx)
+{
+    return ctx != NULL ? ctx->libctx : NULL;
+}
+const char *pkcs7_ctx_get0_propq(const PKCS7_CTX *ctx)
+{
+    return ctx != NULL ? ctx->propq : NULL;
+}
+
 int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md)
 {
     if (PKCS7_type_is_digest(p7)) {
@@ -435,6 +502,7 @@ PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509)
         goto err;
     if (!PKCS7_add_recipient_info(p7, ri))
         goto err;
+    ri->ctx = pkcs7_get0_ctx(p7);
     return ri;
  err:
     PKCS7_RECIP_INFO_free(ri);
@@ -547,6 +615,7 @@ int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
     }
 
     ec->cipher = cipher;
+    ec->ctx = pkcs7_get0_ctx(p7);
     return 1;
 }
 
diff --git a/crypto/pkcs7/pk7_local.h b/crypto/pkcs7/pk7_local.h
new file mode 100644
index 0000000000..b9f9c35340
--- /dev/null
+++ b/crypto/pkcs7/pk7_local.h
@@ -0,0 +1,14 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "crypto/pkcs7.h"
+
+const PKCS7_CTX *pkcs7_get0_ctx(const PKCS7 *p7);
+OPENSSL_CTX *pkcs7_ctx_get0_libctx(const PKCS7_CTX *ctx);
+const char *pkcs7_ctx_get0_propq(const PKCS7_CTX *ctx);
diff --git a/crypto/pkcs7/pk7_mime.c b/crypto/pkcs7/pk7_mime.c
index 6f3981ec6b..2099e8d9ef 100644
--- a/crypto/pkcs7/pk7_mime.c
+++ b/crypto/pkcs7/pk7_mime.c
@@ -11,6 +11,7 @@
 #include "internal/cryptlib.h"
 #include <openssl/x509.h>
 #include <openssl/asn1.h>
+#include "pk7_local.h"
 
 /* PKCS#7 wrappers round generalised stream and MIME routines */
 
@@ -30,6 +31,8 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
 {
     STACK_OF(X509_ALGOR) *mdalgs;
     int ctype_nid = OBJ_obj2nid(p7->type);
+    const PKCS7_CTX *ctx = pkcs7_get0_ctx(p7);
+
     if (ctype_nid == NID_pkcs7_signed)
         mdalgs = p7->d.sign->md_algs;
     else
@@ -37,12 +40,25 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
 
     flags ^= SMIME_OLDMIME;
 
-    return SMIME_write_ASN1(bio, (ASN1_VALUE *)p7, data, flags,
-                            ctype_nid, NID_undef, mdalgs,
-                            ASN1_ITEM_rptr(PKCS7));
+    return SMIME_write_ASN1_with_libctx(bio, (ASN1_VALUE *)p7, data, flags,
+                                        ctype_nid, NID_undef, mdalgs,
+                                        ASN1_ITEM_rptr(PKCS7),
+                                        pkcs7_ctx_get0_libctx(ctx),
+                                        pkcs7_ctx_get0_propq(ctx));
+}
+
+PKCS7 *SMIME_read_PKCS7_ex(BIO *bio, BIO **bcont, PKCS7 **p7)
+{
+    PKCS7 *ret;
+
+    ret = (PKCS7 *)SMIME_read_ASN1_ex(bio, bcont, ASN1_ITEM_rptr(PKCS7),
+                                      (ASN1_VALUE **)p7);
+    if (ret != NULL && p7 != NULL)
+        pkcs7_resolve_libctx(ret);
+    return ret;
 }
 
 PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont)
 {
-    return (PKCS7 *)SMIME_read_ASN1(bio, bcont, ASN1_ITEM_rptr(PKCS7));
+    return SMIME_read_PKCS7_ex(bio, bcont, NULL);
 }
diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c
index 385b4af42e..1dfdd69e51 100644
--- a/crypto/pkcs7/pk7_smime.c
+++ b/crypto/pkcs7/pk7_smime.c
@@ -13,6 +13,7 @@
 #include "internal/cryptlib.h"
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
+#include "pk7_local.h"
 
 #define BUFFERSIZE 4096
 
@@ -23,14 +24,15 @@ DEFINE_STACK_OF(PKCS7_SIGNER_INFO)
 
 static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
 
-PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
-                  BIO *data, int flags)
+PKCS7 *PKCS7_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey,
+                              STACK_OF(X509) *certs, BIO *data, int flags,
+                              OPENSSL_CTX *libctx, const char *propq)
 {
     PKCS7 *p7;
     int i;
 
-    if ((p7 = PKCS7_new()) == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_SIGN, ERR_R_MALLOC_FAILURE);
+    if ((p7 = PKCS7_new_with_libctx(libctx, propq)) == NULL) {
+        PKCS7err(0, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
 
@@ -41,7 +43,7 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
         goto err;
 
     if (pkey && !PKCS7_sign_add_signer(p7, signcert, pkey, NULL, flags)) {
-        PKCS7err(PKCS7_F_PKCS7_SIGN, PKCS7_R_PKCS7_ADD_SIGNER_ERROR);
+        PKCS7err(0, PKCS7_R_PKCS7_ADD_SIGNER_ERROR);
         goto err;
     }
 
@@ -66,6 +68,13 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
     return NULL;
 }
 
+PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
+                  BIO *data, int flags)
+{
+    return PKCS7_sign_with_libctx(signcert, pkey, certs, data, flags, NULL, NULL);
+}
+
+
 int PKCS7_final(PKCS7 *p7, BIO *data, int flags)
 {
     BIO *p7bio;
@@ -84,10 +93,8 @@ int PKCS7_final(PKCS7 *p7, BIO *data, int flags)
         PKCS7err(PKCS7_F_PKCS7_FINAL, PKCS7_R_PKCS7_DATASIGN);
         goto err;
     }
-
     ret = 1;
-
- err:
+err:
     BIO_free_all(p7bio);
 
     return ret;
@@ -116,6 +123,7 @@ PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert,
 {
     PKCS7_SIGNER_INFO *si = NULL;
     STACK_OF(X509_ALGOR) *smcap = NULL;
+
     if (!X509_check_private_key(signcert, pkey)) {
         PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER,
                  PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
@@ -128,6 +136,7 @@ PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert,
         return NULL;
     }
 
+    si->ctx = pkcs7_get0_ctx(p7);
     if (!(flags & PKCS7_NOCERTS)) {
         if (!PKCS7_add_certificate(p7, signcert))
             goto err;
@@ -162,7 +171,8 @@ PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert,
         if (flags & PKCS7_REUSE_DIGEST) {
             if (!pkcs7_copy_existing_digest(p7, si))
                 goto err;
-            if (!(flags & PKCS7_PARTIAL) && !PKCS7_SIGNER_INFO_sign(si))
+            if (!(flags & PKCS7_PARTIAL)
+                && !PKCS7_SIGNER_INFO_sign(si))
                 goto err;
         }
     }
@@ -197,7 +207,7 @@ static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si)
 
     }
 
-    if (osdig)
+    if (osdig != NULL)
         return PKCS7_add1_attrib_digest(si, osdig->data, osdig->length);
 
     PKCS7err(PKCS7_F_PKCS7_COPY_EXISTING_DIGEST,
@@ -217,20 +227,21 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
     int i, j = 0, k, ret = 0;
     BIO *p7bio = NULL;
     BIO *tmpin = NULL, *tmpout = NULL;
+    const PKCS7_CTX *p7_ctx;
 
     if (p7 == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_INVALID_NULL_POINTER);
+        PKCS7err(0, PKCS7_R_INVALID_NULL_POINTER);
         return 0;
     }
 
     if (!PKCS7_type_is_signed(p7)) {
-        PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_WRONG_CONTENT_TYPE);
+        PKCS7err(0, PKCS7_R_WRONG_CONTENT_TYPE);
         return 0;
     }
 
     /* Check for no data and no content: no data to verify signature */
     if (PKCS7_get_detached(p7) && !indata) {
-        PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_CONTENT);
+        PKCS7err(0, PKCS7_R_NO_CONTENT);
         return 0;
     }
 
@@ -243,7 +254,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
          * process is different, but the existing PKCs7 verification works.
          */
         if (!PKCS7_get_detached(p7) && indata) {
-            PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_CONTENT_AND_DATA_PRESENT);
+            PKCS7err(0, PKCS7_R_CONTENT_AND_DATA_PRESENT);
             return 0;
         }
     }
@@ -251,17 +262,17 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
     sinfos = PKCS7_get_signer_info(p7);
 
     if (!sinfos || !sk_PKCS7_SIGNER_INFO_num(sinfos)) {
-        PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_SIGNATURES_ON_DATA);
+        PKCS7err(0, PKCS7_R_NO_SIGNATURES_ON_DATA);
         return 0;
     }
 
     signers = PKCS7_get0_signers(p7, certs, flags);
-    if (!signers)
+    if (signers == NULL)
         return 0;
 
     /* Now verify the certificates */
-
-    cert_ctx = X509_STORE_CTX_new();
+    p7_ctx = pkcs7_get0_ctx(p7);
+    cert_ctx = X509_STORE_CTX_new_with_libctx(p7_ctx->libctx, p7_ctx->propq);
     if (cert_ctx == NULL)
         goto err;
     if (!(flags & PKCS7_NOVERIFY))
@@ -270,12 +281,12 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
             if (!(flags & PKCS7_NOCHAIN)) {
                 if (!X509_STORE_CTX_init(cert_ctx, store, signer,
                                          p7->d.sign->cert)) {
-                    PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_X509_LIB);
+                    PKCS7err(0, ERR_R_X509_LIB);
                     goto err;
                 }
                 X509_STORE_CTX_set_default(cert_ctx, "smime_sign");
             } else if (!X509_STORE_CTX_init(cert_ctx, store, signer, NULL)) {
-                PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_X509_LIB);
+                PKCS7err(0, ERR_R_X509_LIB);
                 goto err;
             }
             if (!(flags & PKCS7_NOCRL))
@@ -285,8 +296,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
                 j = X509_STORE_CTX_get_error(cert_ctx);
             X509_STORE_CTX_cleanup(cert_ctx);
             if (i <= 0) {
-                PKCS7err(PKCS7_F_PKCS7_VERIFY,
-                         PKCS7_R_CERTIFICATE_VERIFY_ERROR);
+                PKCS7err(0, PKCS7_R_CERTIFICATE_VERIFY_ERROR);
                 ERR_add_error_data(2, "Verify error:",
                                    X509_verify_cert_error_string(j));
                 goto err;
@@ -307,7 +317,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
         len = BIO_get_mem_data(indata, &ptr);
         tmpin = BIO_new_mem_buf(ptr, len);
         if (tmpin == NULL) {
-            PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_MALLOC_FAILURE);
+            PKCS7err(0, ERR_R_MALLOC_FAILURE);
             goto err;
         }
     } else
@@ -318,7 +328,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
 
     if (flags & PKCS7_TEXT) {
         if ((tmpout = BIO_new(BIO_s_mem())) == NULL) {
-            PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_MALLOC_FAILURE);
+            PKCS7err(0, ERR_R_MALLOC_FAILURE);
             goto err;
         }
         BIO_set_mem_eof_return(tmpout, 0);
@@ -327,7 +337,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
 
     /* We now have to 'read' from p7bio to calculate digests etc. */
     if ((buf = OPENSSL_malloc(BUFFERSIZE)) == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_MALLOC_FAILURE);
+        PKCS7err(0, ERR_R_MALLOC_FAILURE);
         goto err;
     }
     for (;;) {
@@ -340,7 +350,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
 
     if (flags & PKCS7_TEXT) {
         if (!SMIME_text(tmpout, out)) {
-            PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_SMIME_TEXT_ERROR);
+            PKCS7err(0, PKCS7_R_SMIME_TEXT_ERROR);
             BIO_free(tmpout);
             goto err;
         }
@@ -354,7 +364,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
             signer = sk_X509_value(signers, i);
             j = PKCS7_signatureVerify(p7bio, p7, si, signer);
             if (j <= 0) {
-                PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_SIGNATURE_FAILURE);
+                PKCS7err(0, PKCS7_R_SIGNATURE_FAILURE);
                 goto err;
             }
         }
@@ -437,29 +447,31 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs,
 
 /* Build a complete PKCS#7 enveloped data */
 
-PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
-                     int flags)
+PKCS7 *PKCS7_encrypt_with_libctx(STACK_OF(X509) *certs, BIO *in,
+                                 const EVP_CIPHER *cipher, int flags,
+                                 OPENSSL_CTX *libctx, const char *propq)
 {
     PKCS7 *p7;
     BIO *p7bio = NULL;
     int i;
     X509 *x509;
-    if ((p7 = PKCS7_new()) == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_ENCRYPT, ERR_R_MALLOC_FAILURE);
+
+    if ((p7 = PKCS7_new_with_libctx(libctx, propq)) == NULL) {
+        PKCS7err(0, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
 
     if (!PKCS7_set_type(p7, NID_pkcs7_enveloped))
         goto err;
     if (!PKCS7_set_cipher(p7, cipher)) {
-        PKCS7err(PKCS7_F_PKCS7_ENCRYPT, PKCS7_R_ERROR_SETTING_CIPHER);
+        PKCS7err(0, PKCS7_R_ERROR_SETTING_CIPHER);
         goto err;
     }
 
     for (i = 0; i < sk_X509_num(certs); i++) {
         x509 = sk_X509_value(certs, i);
         if (!PKCS7_add_recipient(p7, x509)) {
-            PKCS7err(PKCS7_F_PKCS7_ENCRYPT, PKCS7_R_ERROR_ADDING_RECIPIENT);
+            PKCS7err(0, PKCS7_R_ERROR_ADDING_RECIPIENT);
             goto err;
         }
     }
@@ -478,6 +490,13 @@ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
 
 }
 
+PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
+                     int flags)
+{
+    return PKCS7_encrypt_with_libctx(certs, in, cipher, flags, NULL, NULL);
+}
+
+
 int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags)
 {
     BIO *tmpmem;
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index 428cd145fa..858d3d72c8 100644
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -1006,7 +1006,7 @@ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md)
         return -1;
 
     /* May be NULL meaning "unknown" */
-    *md = EVP_get_digestbyname(name);
+    *md = evp_get_digestbyname_ex(ctx->libctx, name);
 
     return 1;
 }
@@ -1159,7 +1159,7 @@ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md)
         return -1;
 
     /* May be NULL meaning "unknown" */
-    *md = EVP_get_digestbyname(name);
+    *md = evp_get_digestbyname_ex(ctx->libctx, name);
 
     return 1;
 }
diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c
index b06828f718..868b187c5d 100644
--- a/crypto/x509/x_all.c
+++ b/crypto/x509/x_all.c
@@ -24,6 +24,7 @@
 #include <openssl/dsa.h>
 #include <openssl/x509v3.h>
 #include "crypto/asn1.h"
+#include "crypto/pkcs7.h"
 #include "crypto/x509.h"
 
 static void clean_id_ctx(EVP_MD_CTX *ctx)
@@ -232,7 +233,12 @@ int i2d_X509_CRL_bio(BIO *bp, const X509_CRL *crl)
 #ifndef OPENSSL_NO_STDIO
 PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7)
 {
-    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
+    PKCS7 *ret;
+
+    ret = ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
+    if (ret != NULL && p7 != NULL)
+        pkcs7_resolve_libctx(ret);
+    return ret;
 }
 
 int i2d_PKCS7_fp(FILE *fp, const PKCS7 *p7)
@@ -243,7 +249,12 @@ int i2d_PKCS7_fp(FILE *fp, const PKCS7 *p7)
 
 PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7)
 {
-    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
+    PKCS7 *ret;
+
+    ret = ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
+    if (ret != NULL && p7 != NULL)
+        pkcs7_resolve_libctx(ret);
+    return ret;
 }
 
 int i2d_PKCS7_bio(BIO *bp, const PKCS7 *p7)
diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c
index 9358c46a7f..64bf5faa83 100644
--- a/crypto/x509/x_x509.c
+++ b/crypto/x509/x_x509.c
@@ -133,6 +133,20 @@ int i2d_X509(const X509 *a, unsigned char **out)
     return ASN1_item_i2d((const ASN1_VALUE *)a, out, (X509_it()));
 }
 
+/*
+ * This should only be used if the X509 object was embedded inside another
+ * asn1 object and it needs a libctx to operate.
+ * Use X509_new_with_libctx() instead if possible.
+ */
+int x509_set0_libctx(X509 *x, OPENSSL_CTX *libctx, const char *propq)
+{
+    if (x != NULL) {
+        x->libctx = libctx;
+        x->propq = propq;
+    }
+    return 1;
+}
+
 X509 *X509_new_with_libctx(OPENSSL_CTX *libctx, const char *propq)
 {
     X509 *cert = NULL;
diff --git a/doc/man1/openssl-cms.pod.in b/doc/man1/openssl-cms.pod.in
index 6ee411d550..a72b4c9fa0 100644
--- a/doc/man1/openssl-cms.pod.in
+++ b/doc/man1/openssl-cms.pod.in
@@ -83,6 +83,7 @@ B<openssl> B<cms>
 {- $OpenSSL::safe::opt_r_synopsis -}
 {- $OpenSSL::safe::opt_engine_synopsis -}
 {- $OpenSSL::safe::opt_provider_synopsis -}
+{- $OpenSSL::safe::opt_config_synopsis -}
 [I<recipient-cert> ...]
 
 =for openssl ifdef des-wrap engine
@@ -501,6 +502,8 @@ Any verification errors cause the command to exit.
 
 {- $OpenSSL::safe::opt_provider_item -}
 
+{- $OpenSSL::safe::opt_config_item -}
+
 =item I<recipient-cert> ...
 
 One or more certificates of message recipients: used when encrypting
diff --git a/doc/man1/openssl-smime.pod.in b/doc/man1/openssl-smime.pod.in
index b15be731c0..9f42c0c1fe 100644
--- a/doc/man1/openssl-smime.pod.in
+++ b/doc/man1/openssl-smime.pod.in
@@ -50,6 +50,7 @@ B<openssl> B<smime>
 {- $OpenSSL::safe::opt_r_synopsis -}
 {- $OpenSSL::safe::opt_v_synopsis -}
 {- $OpenSSL::safe::opt_provider_synopsis -}
+{- $OpenSSL::safe::opt_config_synopsis -}
 I<recipcert> ...
 
 =for openssl ifdef engine
@@ -292,6 +293,8 @@ Any verification errors cause the command to exit.
 
 {- $OpenSSL::safe::opt_provider_item -}
 
+{- $OpenSSL::safe::opt_config_item -}
+
 =item I<recipcert> ...
 
 One or more certificates of message recipients, used when encrypting
diff --git a/doc/man3/CMS_EncryptedData_decrypt.pod b/doc/man3/CMS_EncryptedData_decrypt.pod
new file mode 100644
index 0000000000..17850a98af
--- /dev/null
+++ b/doc/man3/CMS_EncryptedData_decrypt.pod
@@ -0,0 +1,49 @@
+=pod
+
+=head1 NAME
+
+CMS_EncryptedData_decrypt
+- Decrypt CMS EncryptedData
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
+                               const unsigned char *key, size_t keylen,
+                               BIO *dcont, BIO *out, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_EncryptedData_decrypt() decrypts a I<cms> EncryptedData object using the
+symmetric I<key> of size I<keylen> bytes. I<out> is a BIO to write the content
+to and I<flags> is an optional set of flags.
+I<dcont> is used in the rare case where the encrypted content is detached. It
+will normally be set to NULL.
+
+The following flags can be passed in the B<flags> parameter.
+
+If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are deleted
+from the content. If the content is not of type B<text/plain> then an error is
+returned.
+
+=head1 RETURN VALUES
+
+CMS_EncryptedData_decrypt() returns 0 if an error occurred otherwise it
+returns 1.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)>, L<CMS_EncryptedData_encrypt(3)>
+
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man3/CMS_EncryptedData_encrypt.pod b/doc/man3/CMS_EncryptedData_encrypt.pod
new file mode 100644
index 0000000000..cb2672f629
--- /dev/null
+++ b/doc/man3/CMS_EncryptedData_encrypt.pod
@@ -0,0 +1,65 @@
+=pod
+
+=head1 NAME
+
+CMS_EncryptedData_encrypt_with_libctx, CMS_EncryptedData_encrypt
+- Create CMS EncryptedData
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ContentInfo *CMS_EncryptedData_encrypt_with_libctx(BIO *in,
+     const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen,
+     unsigned int flags, OPENSSL_CTX *ctx, const char *propq);
+
+ CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in,
+     const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen,
+     unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_EncryptedData_encrypt_with_libctx() creates a B<CMS_ContentInfo> structure
+with a type B<NID_pkcs7_encrypted>. I<in> is a BIO containing the data to
+encrypt using I<cipher> and the encryption key I<key> of size I<keylen> bytes.
+The library context I<libctx> and the property query I<propq> are used when
+retrieving algorithms from providers. I<flags> is a set of optional flags.
+
+The I<flags> field supports the options B<CMS_DETACHED>, B<CMS_STREAM> and
+B<CMS_PARTIAL>. Internally CMS_final() is called unless B<CMS_STREAM> and/or
+B<CMS_PARTIAL> is specified.
+
+The algorithm passed in the I<cipher> parameter must support ASN1 encoding of
+its parameters.
+
+The B<CMS_ContentInfo> structure can be freed using L<CMS_ContentInfo_free(3)>.
+
+CMS_EncryptedData_encrypt() is similar to CMS_EncryptedData_encrypt_with_libctx()
+but uses default values of NULL for the library context I<libctx> and the
+property query I<propq>.
+
+=head1 RETURN VALUES
+
+If the allocation fails, CMS_EncryptedData_encrypt_with_libctx() and
+CMS_EncryptedData_encrypt() return NULL and set an error code that can be
+obtained by L<ERR_get_error(3)>. Otherwise they return a pointer to the newly
+allocated structure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)>, L<CMS_final(3)>, L<CMS_EncryptedData_decrypt(3)>
+
+head1 HISTORY
+
+The CMS_EncryptedData_encrypt_with_libctx() method was added in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man3/CMS_EnvelopedData_create.pod b/doc/man3/CMS_EnvelopedData_create.pod
index 625daa8029..e6903ea3f8 100644
--- a/doc/man3/CMS_EnvelopedData_create.pod
+++ b/doc/man3/CMS_EnvelopedData_create.pod
@@ -2,20 +2,26 @@
 
 =head1 NAME
 
-CMS_EnvelopedData_create - Create CMS envelope
+CMS_EnvelopedData_create_with_libctx, CMS_EnvelopedData_create
+- Create CMS envelope
 
 =head1 SYNOPSIS
 
  #include <openssl/cms.h>
 
+ CMS_ContentInfo *CMS_EnvelopedData_create_with_libctx(const EVP_CIPHER *cipher,
+                                                       OPENSSL_CTX *libctx,
+                                                       const char *propq);
  CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
 
 =head1 DESCRIPTION
 
-CMS_EnvelopedData_create() creates a B<CMS_ContentInfo> structure with
-a type B<NID_pkcs7_enveloped>. B<cipher> is the symmetric cipher to use.
+CMS_EnvelopedData_create_with_libctx() creates a B<CMS_ContentInfo> structure with
+a type B<NID_pkcs7_enveloped>. I<cipher> is the symmetric cipher to use. The
+library context I<libctx> and the property query I<propq> are used when
+retrieving algorithms from providers.
 
-The algorithm passed in the B<cipher> parameter must support ASN1 encoding of
+The algorithm passed in the I<cipher> parameter must support ASN1 encoding of
 its parameters.
 
 The recipients can be added later using L<CMS_add1_recipient_cert(3)> or
@@ -24,6 +30,10 @@ L<CMS_add0_recipient_key(3)>.
 The B<CMS_ContentInfo> structure needs to be finalized using L<CMS_final(3)>
 and then freed using L<CMS_ContentInfo_free(3)>.
 
+CMS_EnvelopedData_create() is similar to CMS_EnvelopedData_create_with_libctx()
+but uses default values of NULL for the library context I<libctx> and the
+property query I<propq>.
+
 =head1 NOTES
 
 Although CMS_EnvelopedData_create() allocates a new B<CMS_ContentInfo>
@@ -40,6 +50,10 @@ Otherwise it returns a pointer to the newly allocated structure.
 
 L<ERR_get_error(3)>, L<CMS_encrypt(3)>, L<CMS_decrypt(3)>, L<CMS_final(3)>
 
+head1 HISTORY
+
+The CMS_EnvelopedData_create_with_libctx() method was added in OpenSSL 3.0.
+
 =head1 COPYRIGHT
 
 Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/doc/man3/CMS_data_create.pod b/doc/man3/CMS_data_create.pod
new file mode 100644
index 0000000000..b64a7a1d46
--- /dev/null
+++ b/doc/man3/CMS_data_create.pod
@@ -0,0 +1,55 @@
+=pod
+
+=head1 NAME
+
+CMS_data_create_with_libctx, CMS_data_create
+- Create CMS Data object
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ContentInfo *CMS_data_create_with_libctx(BIO *in, unsigned int flags,
+                                              OPENSSL_CTX *libctx,
+                                              const char *propq);
+ CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_data_create_with_libctx() creates a B<CMS_ContentInfo> structure
+with a type B<NID_pkcs7_data>. The data is supplied via the I<in> BIO.
+The library context I<libctx> and the property query I<propq> are used when
+retrieving algorithms from providers. The I<flags> field supports the
+B<CMS_STREAM> flag. Internally CMS_final() is called unless B<CMS_STREAM> is
+specified.
+
+The B<CMS_ContentInfo> structure can be freed using L<CMS_ContentInfo_free(3)>.
+
+CMS_data_create() is similar to CMS_data_create_with_libctx()
+but uses default values of NULL for the library context I<libctx> and the
+property query I<propq>.
+
+=head1 RETURN VALUES
+
+If the allocation fails, CMS_data_create_with_libctx() and CMS_data_create()
+return NULL and set an error code that can be obtained by L<ERR_get_error(3)>.
+Otherwise they return a pointer to the newly allocated structure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)>, L<CMS_final(3)>
+
+head1 HISTORY
+
+The CMS_data_create_with_libctx() method was added in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man3/CMS_digest_create.pod b/doc/man3/CMS_digest_create.pod
new file mode 100644
index 0000000000..0eba22cfe6
--- /dev/null
+++ b/doc/man3/CMS_digest_create.pod
@@ -0,0 +1,58 @@
+=pod
+
+=head1 NAME
+
+CMS_digest_create_with_libctx, CMS_digest_create
+- Create CMS DigestedData object
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ContentInfo *CMS_digest_create_with_libctx(BIO *in,
+     const EVP_MD *md, unsigned int flags,
+     OPENSSL_CTX *ctx, const char *propq);
+
+ CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
+                                    unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_digest_create_with_libctx() creates a B<CMS_ContentInfo> structure
+with a type B<NID_pkcs7_digest>. The data supplied via the I<in> BIO is digested
+using I<md>. The library context I<libctx> and the property query I<propq> are
+used when retrieving algorithms from providers.
+The I<flags> field supports the B<CMS_DETACHED> and B<CMS_STREAM> flags,
+Internally CMS_final() is called unless B<CMS_STREAM> is specified.
+
+The B<CMS_ContentInfo> structure can be freed using L<CMS_ContentInfo_free(3)>.
+
+CMS_digest_create() is similar to CMS_digest_create_with_libctx()
+but uses default values of NULL for the library context I<libctx> and the
+property query I<propq>.
+
+
+=head1 RETURN VALUES
+
+If the allocation fails, CMS_digest_create_with_libctx() and CMS_digest_create()
+return NULL and set an error code that can be obtained by L<ERR_get_error(3)>.
+Otherwise they return a pointer to the newly allocated structure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)>, L<CMS_final(3)>>
+
+head1 HISTORY
+
+The CMS_digest_create_with_libctx() method was added in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man3/CMS_encrypt.pod b/doc/man3/CMS_encrypt.pod
index 1bc9fd041d..211ec18d36 100644
--- a/doc/man3/CMS_encrypt.pod
+++ b/doc/man3/CMS_encrypt.pod
@@ -2,20 +2,26 @@
 
 =head1 NAME
 
-CMS_encrypt - create a CMS envelopedData structure
+CMS_encrypt_with_libctx, CMS_encrypt - create a CMS envelopedData structure
 
 =head1 SYNOPSIS
 
  #include <openssl/cms.h>
 
+ CMS_ContentInfo *CMS_encrypt_with_libctx(STACK_OF(X509) *certs,
+                                          BIO *in, const EVP_CIPHER *cipher,
+                                          unsigned int flags,
+                                          OPENSSL_CTX *libctx, const char *propq);
  CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
                               const EVP_CIPHER *cipher, unsigned int flags);
 
 =head1 DESCRIPTION
 
-CMS_encrypt() creates and returns a CMS EnvelopedData structure. B<certs>
-is a list of recipient certificates. B<in> is the content to be encrypted.
-B<cipher> is the symmetric cipher to use. B<flags> is an optional set of flags.
+CMS_encrypt_with_libctx() creates and returns a CMS EnvelopedData structure.
+I<certs> is a list of recipient certificates. I<in> is the content to be
+encrypted. I<cipher> is the symmetric cipher to use. I<flags> is an optional set
+of flags. The library context I<libctx> and the property query I<propq> are used
+internally when retrieving algorithms from providers.
 
 Only certificates carrying RSA, Diffie-Hellman or EC keys are supported by this
 function.
@@ -75,10 +81,14 @@ and CMS_add0_recipient_key().
 The parameter B<certs> may be NULL if B<CMS_PARTIAL> is set and recipients
 added later using CMS_add1_recipient_cert() or CMS_add0_recipient_key().
 
+CMS_encrypt() is similar to CMS_encrypt_with_libctx() but uses default values of
+NULL for the library context I<libctx> and the property query I<propq>.
+
 =head1 RETURN VALUES
 
-CMS_encrypt() returns either a CMS_ContentInfo structure or NULL if an error
-occurred. The error can be obtained from ERR_get_error(3).
+CMS_encrypt_with_libctx() and CMS_encrypt() return either a CMS_ContentInfo
+structure or NULL if an error occurred. The error can be obtained from
+ERR_get_error(3).
 
 =head1 SEE ALSO
 
@@ -86,11 +96,13 @@ L<ERR_get_error(3)>, L<CMS_decrypt(3)>
 
 =head1 HISTORY
 
+The function CMS_encrypt_with_libctx() was added in OpenSSL 3.0.
+
 The B<CMS_STREAM> flag was first supported in OpenSSL 1.0.0.
 
 =head1 COPYRIGHT
 
-Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/CMS_get1_ReceiptRequest.pod b/doc/man3/CMS_get1_ReceiptRequest.pod
index d9a4796dac..704d4bac01 100644
--- a/doc/man3/CMS_get1_ReceiptRequest.pod
+++ b/doc/man3/CMS_get1_ReceiptRequest.pod
@@ -2,16 +2,21 @@
 
 =head1 NAME
 
-CMS_ReceiptRequest_create0, CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values - CMS signed receipt request functions
+CMS_ReceiptRequest_create0_with_libctx, CMS_ReceiptRequest_create0,
+CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values
+- CMS signed receipt request functions
 
 =head1 SYNOPSIS
 
  #include <openssl/cms.h>
 
- CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
-                                                int allorfirst,
-                                                STACK_OF(GENERAL_NAMES) *receiptList,
-                                                STACK_OF(GENERAL_NAMES) *receiptsTo);
+ CMS_ReceiptRequest *CMS_ReceiptRequest_create0_with_libctx(
+     unsigned char *id, int idlen, int allorfirst,
+     STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo,
+     OPENSSL_CTX *libctx, const char *propq);
+ CMS_ReceiptRequest *CMS_ReceiptRequest_create0(
+     unsigned char *id, int idlen, int allorfirst,
+     STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo);
  int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
  int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
  void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, ASN1_STRING **pcid,
@@ -21,13 +26,18 @@ CMS_ReceiptRequest_create0, CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CM
 
 =head1 DESCRIPTION
 
-CMS_ReceiptRequest_create0() creates a signed receipt request structure. The
-B<signedContentIdentifier> field is set using B<id> and B<idlen>, or it is set
-to 32 bytes of pseudo random data if B<id> is NULL. If B<receiptList> is NULL
-the allOrFirstTier option in B<receiptsFrom> is used and set to the value of
-the B<allorfirst> parameter. If B<receiptList> is not NULL the B<receiptList>
-option in B<receiptsFrom> is used. The B<receiptsTo> parameter specifies the
-B<receiptsTo> field value.
+CMS_ReceiptRequest_create0_with_libctx() creates a signed receipt request
+structure. The B<signedContentIdentifier> field is set using I<id> and I<idlen>,
+or it is set to 32 bytes of pseudo random data if I<id> is NULL.
+If I<receiptList> is NULL the allOrFirstTier option in I<receiptsFrom> is used
+and set to the value of the I<allorfirst> parameter. If I<receiptList> is not
+NULL the I<receiptList> option in I<receiptsFrom> is used. The I<receiptsTo>
+parameter specifies the I<receiptsTo> field value. The library context I<libctx>
+and the property query I<propq> are used when retrieving algorithms from providers.
+
+CMS_ReceiptRequest_create0() is similar to
+CMS_ReceiptRequest_create0_with_libctx() but uses default values of NULL for the
+library context I<libctx> and the property query I<propq>.
 
 The CMS_add1_ReceiptRequest() function adds a signed receipt request B<rr>
 to SignerInfo structure B<si>.
@@ -51,8 +61,8 @@ CMS_verify().
 
 =head1 RETURN VALUES
 
-CMS_ReceiptRequest_create0() returns a signed receipt request structure or
-NULL if an error occurred.
+CMS_ReceiptRequest_create0_with_libctx() and CMS_ReceiptRequest_create0() return
+a signed receipt request structure or NULL if an error occurred.
 
 CMS_add1_ReceiptRequest() returns 1 for success or 0 if an error occurred.
 
@@ -66,9 +76,13 @@ L<ERR_get_error(3)>, L<CMS_sign(3)>,
 L<CMS_sign_receipt(3)>, L<CMS_verify(3)>
 L<CMS_verify_receipt(3)>
 
+=head1 HISTORY
+
+The function CMS_ReceiptRequest_create0_with_libctx() was added in OpenSSL 3.0.
+
 =head1 COPYRIGHT
 
-Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/CMS_sign.pod b/doc/man3/CMS_sign.pod
index cc20f8f003..cf92d35303 100644
--- a/doc/man3/CMS_sign.pod
+++ b/doc/man3/CMS_sign.pod
@@ -2,27 +2,36 @@
 
 =head1 NAME
 
-CMS_sign - create a CMS SignedData structure
+CMS_sign, CMS_sign_with_libctx - create a CMS SignedData structure
 
 =head1 SYNOPSIS
 
  #include <openssl/cms.h>
 
+ CMS_ContentInfo *CMS_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey,
+                                       STACK_OF(X509) *certs, BIO *data,
+                                       unsigned int flags,
+                                       OPENSSL_CTX *ctx, const char *propq);
  CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
                            BIO *data, unsigned int flags);
 
 =head1 DESCRIPTION
 
-CMS_sign() creates and returns a CMS SignedData structure. B<signcert> is
-the certificate to sign with, B<pkey> is the corresponding private key.
-B<certs> is an optional additional set of certificates to include in the CMS
-structure (for example any intermediate CAs in the chain). Any or all of
-these parameters can be B<NULL>, see B<NOTES> below.
+CMS_sign_with_libctx() creates and returns a CMS SignedData structure.
+I<signcert> is the certificate to sign with, I<pkey> is the corresponding
+private key. I<certs> is an optional additional set of certificates to include
+in the CMS structure (for example any intermediate CAs in the chain). The
+library context I<libctx> and the property query I<propq> are used when
+retrieving algorithms from providers. Any or all of these parameters can be
+B<NULL>, see B<NOTES> below.
 
 The data to be signed is read from BIO B<data>.
 
 B<flags> is an optional set of flags.
 
+CMS_sign() is similar to CMS_sign_with_libctx() but uses default values of NULL
+for the library context I<libctx> and the property query I<propq>.
+
 =head1 NOTES
 
 Any of the following flags (ored together) can be passed in the B<flags>
@@ -57,7 +66,8 @@ omitted.
 If present the SMIMECapabilities attribute indicates support for the following
 algorithms in preference order: 256 bit AES, Gost R3411-94, Gost 28147-89, 192
 bit AES, 128 bit AES, triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2.
-If any of these algorithms is not available then it will not be included: for example the GOST algorithms will not be included if the GOST ENGINE is
+If any of these algorithms is not available then it will not be included:
+for example the GOST algorithms will not be included if the GOST ENGINE is
 not loaded.
 
 OpenSSL will by default identify signing certificates using issuer name
@@ -105,8 +115,9 @@ Some attributes such as counter signatures are not supported.
 
 =head1 RETURN VALUES
 
-CMS_sign() returns either a valid CMS_ContentInfo structure or NULL if an error
-occurred. The error can be obtained from ERR_get_error(3).
+CMS_sign_with_libctx() and CMS_sign() return either a valid CMS_ContentInfo
+structure or NULL if an error occurred. The error can be obtained from
+ERR_get_error(3).
 
 =head1 SEE ALSO
 
@@ -117,6 +128,8 @@ L<ERR_get_error(3)>, L<CMS_verify(3)>
 The B<CMS_STREAM> flag is only supported for detached data in OpenSSL 0.9.8,
 it is supported for embedded data in OpenSSL 1.0.0 and later.
 
+The CMS_sign_with_libctx() method was added in OpenSSL 3.0.
+
 =head1 COPYRIGHT
 
 Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/doc/man3/EVP_DigestSignInit.pod b/doc/man3/EVP_DigestSignInit.pod
index 69dec1c74d..923de31a31 100644
--- a/doc/man3/EVP_DigestSignInit.pod
+++ b/doc/man3/EVP_DigestSignInit.pod
@@ -2,16 +2,17 @@
 
 =head1 NAME
 
-EVP_DigestSignInit_ex, EVP_DigestSignInit, EVP_DigestSignUpdate,
+EVP_DigestSignInit_with_libctx, EVP_DigestSignInit, EVP_DigestSignUpdate,
 EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions
 
 =head1 SYNOPSIS
 
  #include <openssl/evp.h>
 
- int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
-                           const char *mdname, const char *props,
-                           EVP_PKEY *pkey, OPENSSL_CTX *libctx);
+ int EVP_DigestSignInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+                                    const char *mdname,
+                                    OPENSSL_CTX *libctx, const char *props,
+                                    EVP_PKEY *pkey);
  int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
                         const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
  int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
@@ -26,12 +27,12 @@ EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions
 The EVP signature routines are a high-level interface to digital signatures.
 Input data is digested first before the signing takes place.
 
-EVP_DigestSignInit_ex() sets up signing context I<ctx> to use a digest with the
-name I<mdname> and private key I<pkey>. The name of the digest to be used is
-passed to the provider of the signature algorithm in use. How that provider
-interprets the digest name is provider specific. The provider may implement
-that digest directly itself or it may (optionally) choose to fetch it (which
-could result in a digest from a different provider being selected). If the
+EVP_DigestSignInit_with_libctx() sets up signing context I<ctx> to use a digest
+with the name I<mdname> and private key I<pkey>. The name of the digest to be
+used is passed to the provider of the signature algorithm in use. How that
+provider interprets the digest name is provider specific. The provider may
+implement that digest directly itself or it may (optionally) choose to fetch it
+(which could result in a digest from a different provider being selected). If the
 provider supports fetching the digest then it may use the I<props> argument for
 the properties to be used during the fetch.
 
@@ -49,18 +50,19 @@ I<pctx> is not NULL, the EVP_PKEY_CTX of the signing operation will be written
 to I<*pctx>: this can be used to set alternative signing options. Note that any
 existing value in I<*pctx> is overwritten. The EVP_PKEY_CTX value returned must
 not be freed directly by the application if I<ctx> is not assigned an
-EVP_PKEY_CTX value before being passed to EVP_DigestSignInit_ex() (which means
-the EVP_PKEY_CTX is created inside EVP_DigestSignInit_ex() and it will be freed
-automatically when the EVP_MD_CTX is freed). If the EVP_PKEY_CTX to be used is
-created by EVP_DigestSignInit_ex then it will use the B<OPENSSL_CTX> specified
-in I<libctx> and the property query string specified in I<props>.
+EVP_PKEY_CTX value before being passed to EVP_DigestSignInit_with_libctx()
+(which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit_with_libctx()
+and it will be freed automatically when the EVP_MD_CTX is freed). If the
+EVP_PKEY_CTX to be used is created by EVP_DigestSignInit_with_libctx then it
+will use the B<OPENSSL_CTX> specified in I<libctx> and the property query string
+specified in I<props>.
 
 The digest I<mdname> may be NULL if the signing algorithm supports it. The
 I<props> argument can always be NULL.
 
-No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit_ex() if the passed
-I<ctx> has already been assigned one via L<EVP_MD_CTX_set_pkey_ctx(3)>. See also
-L<SM2(7)>.
+No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit_with_libctx() if the
+passed I<ctx> has already been assigned one via L<EVP_MD_CTX_set_pkey_ctx(3)>.
+See also L<SM2(7)>.
 
 Only EVP_PKEY types that support signing can be used with these functions. This
 includes MAC algorithms where the MAC generation is considered as a form of
@@ -108,10 +110,10 @@ Will ignore any digest provided.
 
 If RSA-PSS is used and restrictions apply then the digest must match.
 
-EVP_DigestSignInit() works in the same way as EVP_DigestSignInit_ex() except
-that the I<mdname> parameter will be inferred from the supplied digest I<type>,
-and I<props> will be NULL. Where supplied the ENGINE I<e> will be used for the
-signing and digest algorithm implementations. I<e> may be NULL.
+EVP_DigestSignInit() works in the same way as EVP_DigestSignInit_with_libctx()
+except that the I<mdname> parameter will be inferred from the supplied
+digest I<type>, and I<props> will be NULL. Where supplied the ENGINE I<e> will
+be used for the signing and digest algorithm implementations. I<e> may be NULL.
 
 EVP_DigestSignUpdate() hashes I<cnt> bytes of data at I<d> into the
 signature context I<ctx>. This function can be called several times on the
@@ -182,7 +184,7 @@ L<RAND(7)>
 EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal()
 were added in OpenSSL 1.0.0.
 
-EVP_DigestSignInit_ex() was added in OpenSSL 3.0.
+EVP_DigestSignInit_with_libctx() was added in OpenSSL 3.0.
 
 EVP_DigestSignUpdate() was converted from a macro to a function in OpenSSL 3.0.
 
diff --git a/doc/man3/EVP_DigestVerifyInit.pod b/doc/man3/EVP_DigestVerifyInit.pod
index 9ea0014a5a..f0061f4548 100644
--- a/doc/man3/EVP_DigestVerifyInit.pod
+++ b/doc/man3/EVP_DigestVerifyInit.pod
@@ -2,16 +2,17 @@
 
 =head1 NAME
 
-EVP_DigestVerifyInit_ex, EVP_DigestVerifyInit, EVP_DigestVerifyUpdate,
+EVP_DigestVerifyInit_with_libctx, EVP_DigestVerifyInit, EVP_DigestVerifyUpdate,
 EVP_DigestVerifyFinal, EVP_DigestVerify - EVP signature verification functions
 
 =head1 SYNOPSIS
 
  #include <openssl/evp.h>
 
- int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
-                             const char *mdname, const char *props,
-                             EVP_PKEY *pkey, OPENSSL_CTX *libctx);
+ int EVP_DigestVerifyInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+                                      const char *mdname,
+                                      OPENSSL_CTX *libctx, const char *props,
+                                      EVP_PKEY *pkey);
  int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
                           const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
  int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
@@ -25,9 +26,9 @@ EVP_DigestVerifyFinal, EVP_DigestVerify - EVP signature verification functions
 The EVP signature routines are a high-level interface to digital signatures.
 Input data is digested first before the signature verification takes place.
 
-EVP_DigestVerifyInit_ex() sets up verification context B<ctx> to use a digest
-with the name B<mdname> and public key B<pkey>. The name of the digest to be
-used is passed to the provider of the signature algorithm in use. How that
+EVP_DigestVerifyInit_with_libctx() sets up verification context B<ctx> to use a
+digest with the name B<mdname> and public key B<pkey>. The name of the digest to
+be used is passed to the provider of the signature algorithm in use. How that
 provider interprets the digest name is provider specific. The provider may
 implement that digest directly itself or it may (optionally) choose to fetch it
 (which could result in a digest from a different provider being selected). If
@@ -48,15 +49,16 @@ B<pctx> is not NULL, the EVP_PKEY_CTX of the verification operation will be
 written to B<*pctx>: this can be used to set alternative verification options.
 Note that any existing value in B<*pctx> is overwritten. The EVP_PKEY_CTX value
 returned must not be freed directly by the application if B<ctx> is not assigned
-an EVP_PKEY_CTX value before being passed to EVP_DigestVerifyInit_ex() (which
-means the EVP_PKEY_CTX is created inside EVP_DigestVerifyInit_ex() and it will
-be freed automatically when the EVP_MD_CTX is freed). If the EVP_PKEY_CTX to be
-used is created by EVP_DigestVerifyInit_ex then it will use the B<OPENSSL_CTX>
-specified in I<libctx> and the property query string specified in I<props>.
+an EVP_PKEY_CTX value before being passed to EVP_DigestVerifyInit_with_libctx()
+(which means the EVP_PKEY_CTX is created inside
+EVP_DigestVerifyInit_with_libctx() and it will be freed automatically when the
+EVP_MD_CTX is freed). If the EVP_PKEY_CTX to be used is created by
+EVP_DigestVerifyInit_with_libctx then it will use the B<OPENSSL_CTX> specified
+in I<libctx> and the property query string specified in I<props>.
 
-No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit_ex() if the passed
-B<ctx> has already been assigned one via L<EVP_MD_CTX_set_pkey_ctx(3)>. See also
-L<SM2(7)>.
+No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit_with_libctx() if the
+passed B<ctx> has already been assigned one via L<EVP_MD_CTX_set_pkey_ctx(3)>.
+See also L<SM2(7)>.
 
 Not all digests can be used for all key types. The following combinations apply.
 
@@ -99,10 +101,11 @@ Will ignore any digest provided.
 
 If RSA-PSS is used and restrictions apply then the digest must match.
 
-EVP_DigestVerifyInit() works in the same way as EVP_DigestVerifyInit_ex() except
-that the B<mdname> parameter will be inferred from the supplied digest B<type>,
-and B<props> will be NULL. Where supplied the ENGINE B<e> will be used for the
-signature verification and digest algorithm implementations. B<e> may be NULL.
+EVP_DigestVerifyInit() works in the same way as
+EVP_DigestVerifyInit_with_libctx() except that the B<mdname> parameter will be
+inferred from the supplied digest B<type>, and B<props> will be NULL. Where
+supplied the ENGINE B<e> will be used for the signature verification and digest
+algorithm implementations. B<e> may be NULL.
 
 EVP_DigestVerifyUpdate() hashes B<cnt> bytes of data at B<d> into the
 verification context B<ctx>. This function can be called several times on the
@@ -170,7 +173,7 @@ L<RAND(7)>
 EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal()
 were added in OpenSSL 1.0.0.
 
-EVP_DigestVerifyInit_ex() was added in OpenSSL 3.0.
+EVP_DigestVerifyInit_with_libctx() was added in OpenSSL 3.0.
 
 EVP_DigestVerifyUpdate() was converted from a macro to a function in OpenSSL
 3.0.
diff --git a/doc/man3/EVP_SignInit.pod b/doc/man3/EVP_SignInit.pod
index 13bba5b507..f6165f0468 100644
--- a/doc/man3/EVP_SignInit.pod
+++ b/doc/man3/EVP_SignInit.pod
@@ -2,7 +2,8 @@
 
 =head1 NAME
 
-EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate, EVP_SignFinal
+EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate,
+EVP_SignFinal_with_libctx, EVP_SignFinal
 - EVP signing functions
 
 =head1 SYNOPSIS
@@ -11,7 +12,11 @@ EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate, EVP_SignFinal
 
  int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
  int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
- int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s, EVP_PKEY *pkey);
+ int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *md,
+                               unsigned int *s, EVP_PKEY *pkey,
+                               OPENSSL_CTX *libctx, const char *propq);
+ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s,
+                   EVP_PKEY *pkey);
 
  void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type);
 
@@ -28,20 +33,25 @@ EVP_SignUpdate() hashes I<cnt> bytes of data at I<d> into the
 signature context I<ctx>. This function can be called several times on the
 same I<ctx> to include additional data.
 
-EVP_SignFinal() signs the data in I<ctx> using the private key I<pkey> and
-places the signature in I<sig>. I<sig> must be at least C<EVP_PKEY_size(pkey)>
-bytes in size. I<s> is an OUT parameter, and not used as an IN parameter.
+EVP_SignFinal_with_libctx() signs the data in I<ctx> using the private key
+I<pkey> and places the signature in I<sig>. The library context I<libctx> and
+property query I<propq> are used when creating a context to use with the key
+I<pkey>. I<sig> must be at least C<EVP_PKEY_size(pkey)> bytes in size. I<s> is
+an OUT parameter, and not used as an IN parameter.
 The number of bytes of data written (i.e. the length of the signature)
 will be written to the integer at I<s>, at most C<EVP_PKEY_size(pkey)> bytes
 will be written.
 
+EVP_SignFinal() is similar to EVP_SignFinal_with_libctx() but uses default
+values of NULL for the library context I<libctx> and the property query I<propq>.
+
 EVP_SignInit() initializes a signing context I<ctx> to use the default
 implementation of digest I<type>.
 
 =head1 RETURN VALUES
 
-EVP_SignInit_ex(), EVP_SignUpdate() and EVP_SignFinal() return 1
-for success and 0 for failure.
+EVP_SignInit_ex(), EVP_SignUpdate(), EVP_SignFinal_with_libctx() and
+EVP_SignFinal() return 1 for success and 0 for failure.
 
 The error codes can be obtained by L<ERR_get_error(3)>.
 
@@ -87,6 +97,10 @@ L<evp(7)>, L<HMAC(3)>, L<MD2(3)>,
 L<MD5(3)>, L<MDC2(3)>, L<RIPEMD160(3)>,
 L<SHA1(3)>, L<openssl-dgst(1)>
 
+=head1 HISTORY
+
+The function EVP_SignFinal_with_libctx() was added in OpenSSL 3.0.
+
 =head1 COPYRIGHT
 
 Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/doc/man3/EVP_VerifyInit.pod b/doc/man3/EVP_VerifyInit.pod
index 3686980b2f..be5332a55d 100644
--- a/doc/man3/EVP_VerifyInit.pod
+++ b/doc/man3/EVP_VerifyInit.pod
@@ -3,7 +3,7 @@
 =head1 NAME
 
 EVP_VerifyInit_ex,
-EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal
+EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal_with_libctx, EVP_VerifyFinal
 - EVP signature verification functions
 
 =head1 SYNOPSIS
@@ -12,6 +12,9 @@ EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal
 
  int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
  int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
+                                 unsigned int siglen, EVP_PKEY *pkey,
+                                 OPENSSL_CTX *libctx, const char *propq);
  int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, unsigned int siglen,
                      EVP_PKEY *pkey);
 
@@ -22,27 +25,32 @@ EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal
 The EVP signature verification routines are a high-level interface to digital
 signatures.
 
-EVP_VerifyInit_ex() sets up verification context B<ctx> to use digest
-B<type> from ENGINE B<impl>. B<ctx> must be created by calling
+EVP_VerifyInit_ex() sets up verification context I<ctx> to use digest
+I<type> from ENGINE I<impl>. I<ctx> must be created by calling
 EVP_MD_CTX_new() before calling this function.
 
-EVP_VerifyUpdate() hashes B<cnt> bytes of data at B<d> into the
-verification context B<ctx>. This function can be called several times on the
-same B<ctx> to include additional data.
+EVP_VerifyUpdate() hashes I<cnt> bytes of data at I<d> into the
+verification context I<ctx>. This function can be called several times on the
+same I<ctx> to include additional data.
 
-EVP_VerifyFinal() verifies the data in B<ctx> using the public key B<pkey>
-and against the B<siglen> bytes at B<sigbuf>.
+EVP_VerifyFinal_with_libctx() verifies the data in I<ctx> using the public key
+I<pkey> and I<siglen> bytes in I<sigbuf>.
+The library context I<libctx> and property query I<propq> are used when creating
+a context to use with the key I<pkey>.
 
-EVP_VerifyInit() initializes verification context B<ctx> to use the default
-implementation of digest B<type>.
+EVP_VerifyFinal() is similar to EVP_VerifyFinal_with_libctx() but uses default
+values of NULL for the library context I<libctx> and the property query I<propq>.
+
+EVP_VerifyInit() initializes verification context I<ctx> to use the default
+implementation of digest I<type>.
 
 =head1 RETURN VALUES
 
 EVP_VerifyInit_ex() and EVP_VerifyUpdate() return 1 for success and 0 for
 failure.
 
-EVP_VerifyFinal() returns 1 for a correct signature, 0 for failure and -1 if some
-other error occurred.
+EVP_VerifyFinal()_with_libctx() and EVP_VerifyFinal() return 1 for a correct
+signature, 0 for failure and -1 if some other error occurred.
 
 The error codes can be obtained by L<ERR_get_error(3)>.
 
@@ -83,6 +91,10 @@ L<evp(7)>, L<HMAC(3)>, L<MD2(3)>,
 L<MD5(3)>, L<MDC2(3)>, L<RIPEMD160(3)>,
 L<SHA1(3)>, L<openssl-dgst(1)>
 
+head1 HISTORY
+
+The function EVP_VerifyFinal_with_libctx() was added in OpenSSL 3.0.
+
 =head1 COPYRIGHT
 
 Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/doc/man3/PKCS7_encrypt.pod b/doc/man3/PKCS7_encrypt.pod
index b2d07e8e15..36d638c8c6 100644
--- a/doc/man3/PKCS7_encrypt.pod
+++ b/doc/man3/PKCS7_encrypt.pod
@@ -2,20 +2,26 @@
 
 =head1 NAME
 
-PKCS7_encrypt - create a PKCS#7 envelopedData structure
+PKCS7_encrypt_with_libctx, PKCS7_encrypt
+- create a PKCS#7 envelopedData structure
 
 =head1 SYNOPSIS
 
  #include <openssl/pkcs7.h>
 
+ PKCS7 *PKCS7_encrypt_with_libctx(STACK_OF(X509) *certs, BIO *in,
+                                  const EVP_CIPHER *cipher, int flags,
+                                  OPENSSL_CTX *libctx, const char *propq);
  PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
                       int flags);
 
 =head1 DESCRIPTION
 
-PKCS7_encrypt() creates and returns a PKCS#7 envelopedData structure. B<certs>
-is a list of recipient certificates. B<in> is the content to be encrypted.
-B<cipher> is the symmetric cipher to use. B<flags> is an optional set of flags.
+PKCS7_encrypt_with_libctx() creates and returns a PKCS#7 envelopedData structure.
+I<certs> is a list of recipient certificates. I<in> is the content to be
+encrypted. I<cipher> is the symmetric cipher to use. I<flags> is an optional set
+of flags. The library context I<libctx> and the property query I<propq> are used
+when retrieving algorithms from providers.
 
 Only RSA keys are supported in PKCS#7 and envelopedData so the recipient
 certificates supplied to this function must all contain RSA public keys, though
@@ -60,10 +66,13 @@ PEM_write_bio_PKCS7_stream() finalize the structure. Alternatively finalization
 can be performed by obtaining the streaming ASN1 B<BIO> directly using
 BIO_new_PKCS7().
 
+PKCS7_encrypt() is similar to PKCS7_encrypt_with_libctx() but uses default
+values of NULL for the library context I<libctx> and the property query I<propq>.
+
 =head1 RETURN VALUES
 
-PKCS7_encrypt() returns either a PKCS7 structure or NULL if an error occurred.
-The error can be obtained from ERR_get_error(3).
+PKCS7_encrypt_with_libctx() and PKCS7_encrypt() return either a PKCS7 structure
+or NULL if an error occurred. The error can be obtained from ERR_get_error(3).
 
 =head1 SEE ALSO
 
@@ -71,11 +80,13 @@ L<ERR_get_error(3)>, L<PKCS7_decrypt(3)>
 
 =head1 HISTORY
 
+The function PKCS7_encrypt_with_libctx() was added in OpenSSL 3.0.
+
 The B<PKCS7_STREAM> flag was added in OpenSSL 1.0.0.
 
 =head1 COPYRIGHT
 
-Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/PKCS7_sign.pod b/doc/man3/PKCS7_sign.pod
index f53e7b4c17..c5d6fd73c3 100644
--- a/doc/man3/PKCS7_sign.pod
+++ b/doc/man3/PKCS7_sign.pod
@@ -2,21 +2,27 @@
 
 =head1 NAME
 
-PKCS7_sign - create a PKCS#7 signedData structure
+PKCS7_sign_with_libctx, PKCS7_sign
+- create a PKCS#7 signedData structure
 
 =head1 SYNOPSIS
 
  #include <openssl/pkcs7.h>
 
+ PKCS7 *PKCS7_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey,
+                               STACK_OF(X509) *certs, BIO *data, int flags,
+                               OPENSSL_CTX *libctx, const char *propq);
  PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
                    BIO *data, int flags);
 
 =head1 DESCRIPTION
 
-PKCS7_sign() creates and returns a PKCS#7 signedData structure. B<signcert> is
-the certificate to sign with, B<pkey> is the corresponding private key.
-B<certs> is an optional additional set of certificates to include in the PKCS#7
-structure (for example any intermediate CAs in the chain).
+PKCS7_sign_with_libctx() creates and returns a PKCS#7 signedData structure.
+I<igncert> is the certificate to sign with, Ipkey> is the corresponding
+private key. I<certs> is an optional additional set of certificates to include
+in the PKCS#7 structure (for example any intermediate CAs in the chain). The
+library context I<libctx> and property query I<propq> are used when
+retrieving algorithms from providers.
 
 The data to be signed is read from BIO B<data>.
 
@@ -88,14 +94,17 @@ PKCS#7 structure is output.
 In versions of OpenSSL before 1.0.0 the B<signcert> and B<pkey> parameters must
 B<NOT> be NULL.
 
+PKCS7_sign() is similar to PKCS7_sign_with_libctx() but uses default values of
+NULL for the library context I<libctx> and the property query I<propq>.
+
 =head1 BUGS
 
 Some advanced attributes such as counter signatures are not supported.
 
 =head1 RETURN VALUES
 
-PKCS7_sign() returns either a valid PKCS7 structure or NULL if an error
-occurred.  The error can be obtained from ERR_get_error(3).
+PKCS7_sign_with_libctx() and PKCS7_sign() return either a valid PKCS7 structure
+or NULL if an error occurred.  The error can be obtained from ERR_get_error(3).
 
 =head1 SEE ALSO
 
@@ -103,6 +112,8 @@ L<ERR_get_error(3)>, L<PKCS7_verify(3)>
 
 =head1 HISTORY
 
+The function PKCS7_sign_with_libctx() was added in OpenSSL 3.0.
+
 The B<PKCS7_PARTIAL> flag, and the ability for B<certs>, B<signcert>,
 and B<pkey> parameters to be B<NULL> were added in OpenSSL 1.0.0.
 
diff --git a/doc/man3/SMIME_read_ASN1.pod b/doc/man3/SMIME_read_ASN1.pod
new file mode 100644
index 0000000000..5b995f1aee
--- /dev/null
+++ b/doc/man3/SMIME_read_ASN1.pod
@@ -0,0 +1,77 @@
+=pod
+
+=head1 NAME
+
+SMIME_read_ASN1_ex, SMIME_read_ASN1
+- parse S/MIME message
+
+=head1 SYNOPSIS
+
+ #include <openssl/asn1.h>
+
+ ASN1_VALUE *SMIME_read_ASN1_ex(BIO *in, BIO **bcont, const ASN1_ITEM *it,
+                                ASN1_VALUE **x);
+ ASN1_VALUE *SMIME_read_ASN1(BIO *in, BIO **bcont, const ASN1_ITEM *it);
+
+=head1 DESCRIPTION
+
+SMIME_read_ASN1_ex() parses a message in S/MIME format.
+
+I<in> is a BIO to read the message from. I<x> can be used to optionally supply
+a previously created I<it> ASN1_VALUE object (such as CMS_ContentInfo or PKCS7),
+it can be set to NULL. Valid values that can be used by ASN.1 structure I<it>
+are ASN1_ITEM_rptr(PKCS7) or ASN1_ITEM_rptr(CMS_ContentInfo).
+
+If cleartext signing is used then the content is saved in a memory bio which is
+written to I<*bcont>, otherwise I<*bcont> is set to NULL.
+
+The parsed ASN1_VALUE structure is returned or NULL if an error occurred.
+
+SMIME_read_ASN1() is similar to SMIME_read_ASN1_ex() but sets the value of I<x>
+to NULL.
+
+=head1 NOTES
+
+The higher level functions L<SMIME_read_CMS_ex(3)> and
+L<SMIME_read_PKCS7_ex(3)> should be used instead of SMIME_read_ASN1_ex().
+
+To support future functionality if I<bcont> is not NULL I<*bcont> should be
+initialized to NULL.
+
+=head1 BUGS
+
+The MIME parser used by SMIME_read_ASN1_ex() is somewhat primitive. While it will
+handle most S/MIME messages more complex compound formats may not work.
+
+The use of a memory BIO to hold the signed content limits the size of message
+which can be processed due to memory restraints: a streaming single pass option
+should be available.
+
+=head1 RETURN VALUES
+
+SMIME_read_ASN1_ex() and SMIME_read_ASN1() return a valid B<ASN1_VALUE>
+structure or B<NULL> if an error occurred. The error can be obtained from
+ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)>,
+L<SMIME_read_CMS_ex(3)>,
+L<SMIME_read_PKCS7_ex(3)>,
+L<SMIME_write_ASN1(3)>,
+L<SMIME_write_ASN1_with_libctx(3)>
+
+=head1 HISTORY
+
+The function SMIME_read_ASN1_ex() was added in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man3/SMIME_read_CMS.pod b/doc/man3/SMIME_read_CMS.pod
index 136bfd8f0a..c7ca845eee 100644
--- a/doc/man3/SMIME_read_CMS.pod
+++ b/doc/man3/SMIME_read_CMS.pod
@@ -2,12 +2,14 @@
 
 =head1 NAME
 
-SMIME_read_CMS - parse S/MIME message
+SMIME_read_CMS_ex, SMIME_read_CMS - parse S/MIME message
 
 =head1 SYNOPSIS
 
  #include <openssl/cms.h>
 
+ CMS_ContentInfo *SMIME_read_CMS_ex(BIO *bio, BIO **bcont,
+                                    CMS_ContentInfo **cms);
  CMS_ContentInfo *SMIME_read_CMS(BIO *in, BIO **bcont);
 
 =head1 DESCRIPTION
@@ -22,6 +24,11 @@ written to B<*bcont>, otherwise B<*bcont> is set to NULL.
 The parsed CMS_ContentInfo structure is returned or NULL if an
 error occurred.
 
+SMIME_read_CMS_ex() is similar to SMIME_read_CMS() but can optionally supply a
+previously created I<cms> CMS_ContentInfo object. If I<cms> is NULL then it is
+identical to SMIME_read_CMS().
+To create a I<cms> object use L<CMS_ContentInfo_new_with_libctx(3)>.
+
 =head1 NOTES
 
 If B<*bcont> is not NULL then the message is clear text signed. B<*bcont> can
@@ -53,16 +60,22 @@ should be available.
 
 =head1 RETURN VALUES
 
-SMIME_read_CMS() returns a valid B<CMS_ContentInfo> structure or B<NULL>
-if an error occurred. The error can be obtained from ERR_get_error(3).
+SMIME_read_CMS_ex() and SMIME_read_CMS() return a valid B<CMS_ContentInfo>
+structure or B<NULL> if an error occurred. The error can be obtained from
+ERR_get_error(3).
 
 =head1 SEE ALSO
 
 L<ERR_get_error(3)>,
-L<SMIME_read_CMS(3)>, L<CMS_sign(3)>,
-L<CMS_verify(3)>, L<CMS_encrypt(3)>,
+L<CMS_sign(3)>,
+L<CMS_verify(3)>,
+L<CMS_encrypt(3)>,
 L<CMS_decrypt(3)>
 
+=head1 HISTORY
+
+The function SMIME_read_CMS_ex() was added in OpenSSL 3.0.
+
 =head1 COPYRIGHT
 
 Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/doc/man3/SMIME_read_PKCS7.pod b/doc/man3/SMIME_read_PKCS7.pod
index 4b03f641e3..791c49ff75 100644
--- a/doc/man3/SMIME_read_PKCS7.pod
+++ b/doc/man3/SMIME_read_PKCS7.pod
@@ -2,12 +2,13 @@
 
 =head1 NAME
 
-SMIME_read_PKCS7 - parse S/MIME message
+SMIME_read_PKCS7_ex, SMIME_read_PKCS7 - parse S/MIME message
 
 =head1 SYNOPSIS
 
  #include <openssl/pkcs7.h>
 
+ PKCS7 *SMIME_read_PKCS7_ex(BIO *bio, BIO **bcont, PKCS7 **p7);
  PKCS7 *SMIME_read_PKCS7(BIO *in, BIO **bcont);
 
 =head1 DESCRIPTION
@@ -23,6 +24,11 @@ B<*bcont> is set to B<NULL>.
 The parsed PKCS#7 structure is returned or B<NULL> if an
 error occurred.
 
+SMIME_read_PKCS7_ex() is similar to SMIME_read_PKCS7() but can optionally supply
+a previously created I<p7> PKCS#7 object. If I<p7> is NULL then it is identical
+to SMIME_read_PKCS7().
+To create a I<p7> object use L<PKCS7_new_with_libctx(3)>.
+
 =head1 NOTES
 
 If B<*bcont> is not B<NULL> then the message is clear text
@@ -56,8 +62,8 @@ streaming single pass option should be available.
 
 =head1 RETURN VALUES
 
-SMIME_read_PKCS7() returns a valid B<PKCS7> structure or B<NULL>
-if an error occurred. The error can be obtained from ERR_get_error(3).
+SMIME_read_PKCS7_ex() and SMIME_read_PKCS7() return a valid B<PKCS7> structure
+or B<NULL> if an error occurred. The error can be obtained from ERR_get_error(3).
 
 =head1 SEE ALSO
 
@@ -66,9 +72,13 @@ L<SMIME_read_PKCS7(3)>, L<PKCS7_sign(3)>,
 L<PKCS7_verify(3)>, L<PKCS7_encrypt(3)>
 L<PKCS7_decrypt(3)>
 
+=head1 HISTORY
+
+The function SMIME_read_PKCS7_ex() was added in OpenSSL 3.0.
+
 =head1 COPYRIGHT
 
-Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/SMIME_write_ASN1.pod b/doc/man3/SMIME_write_ASN1.pod
new file mode 100644
index 0000000000..5f46ce1b45
--- /dev/null
+++ b/doc/man3/SMIME_write_ASN1.pod
@@ -0,0 +1,82 @@
+=pod
+
+=head1 NAME
+
+SMIME_write_ASN1_with_libctx, SMIME_write_ASN1
+- convert structure to S/MIME format
+
+=head1 SYNOPSIS
+
+ #include <openssl/asn1.h>
+
+ int SMIME_write_ASN1_with_libctx(BIO *out,
+     ASN1_VALUE *val, BIO *data, int flags, int ctype_nid, int econt_nid,
+     STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it,
+     OPENSSL_CTX *libctx, const char *propq);
+
+ int SMIME_write_ASN1(BIO *out,
+     ASN1_VALUE *val, BIO *data, int flags, int ctype_nid, int econt_nid,
+     STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it);
+
+=head1 DESCRIPTION
+
+SMIME_write_ASN1_with_libctx() adds the appropriate MIME headers to an object
+structure to produce an S/MIME message.
+
+I<out> is the BIO to write the data to. I<value> is the appropriate ASN1_VALUE
+structure (either CMS_ContentInfo or PKCS7). If streaming is enabled then the
+content must be supplied via I<data>.
+I<flags> is an optional set of flags. I<ctype_nid> is the NID of the content
+type, I<econt_nid> is the NID of the embedded content type and I<mdalgs> is a
+list of signed data digestAlgorithms. Valid values that can be used by the
+ASN.1 structure I<it> are ASN1_ITEM_rptr(PKCS7) or ASN1_ITEM_rptr(CMS_ContentInfo).
+The library context I<libctx> and the property query I<propq> are used when
+retrieving algorithms from providers.
+
+=head1 NOTES
+
+The higher level functions L<SMIME_write_CMS(3)> and
+L<SMIME_write_PKCS7(3)> should be used instead of SMIME_write_ASN1().
+
+The following flags can be passed in the B<flags> parameter.
+
+If B<CMS_DETACHED> is set then cleartext signing will be used, this option only
+makes sense for SignedData where B<CMS_DETACHED> is also set when the sign()
+method is called.
+
+If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are added to
+the content, this only makes sense if B<CMS_DETACHED> is also set.
+
+If the B<CMS_STREAM> flag is set streaming is performed. This flag should only
+be set if B<CMS_STREAM> was also set in the previous call to a CMS_ContentInfo
+or PKCS7 creation function.
+
+If cleartext signing is being used and B<CMS_STREAM> not set then the data must
+be read twice: once to compute the signature in sign method and once to output
+the S/MIME message.
+
+If streaming is performed the content is output in BER format using indefinite
+length constructed encoding except in the case of signed data with detached
+content where the content is absent and DER format is used.
+
+=head1 RETURN VALUES
+
+SMIME_write_ASN1_with_libctx() and SMIME_write_ASN1() return 1 for success or
+0 for failure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)>,
+L<SMIME_write_CMS(3)>,
+L<SMIME_write_PKCS7(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man3/X509_dup.pod b/doc/man3/X509_dup.pod
index 18ba40cee6..76b77c1195 100644
--- a/doc/man3/X509_dup.pod
+++ b/doc/man3/X509_dup.pod
@@ -29,6 +29,7 @@ CERTIFICATEPOLICIES_free,
 CERTIFICATEPOLICIES_new,
 CMS_ContentInfo_free,
 CMS_ContentInfo_new,
+CMS_ContentInfo_new_with_libctx,
 CMS_ContentInfo_print_ctx,
 CMS_ReceiptRequest_free,
 CMS_ReceiptRequest_new,
@@ -201,6 +202,7 @@ PKCS7_SIGN_ENVELOPE_free,
 PKCS7_SIGN_ENVELOPE_new,
 PKCS7_dup,
 PKCS7_free,
+PKCS7_new_with_libctx,
 PKCS7_new,
 PKCS7_print_ctx,
 PKCS8_PRIV_KEY_INFO_free,
@@ -335,6 +337,10 @@ to generate the function bodies.
 B<I<TYPE>_new>() allocates an empty object of the indicated type.
 The object returned must be released by calling B<I<TYPE>_free>().
 
+B<I<TYPE>_new_with_libctx>() is similiar to B<I<TYPE>_new>() but also passes the
+library context I<libctx> and the property query I<propq> to use when retrieving
+algorithms from providers.
+
 B<I<TYPE>_dup>() copies an existing object, leaving it untouched.
 
 B<I<TYPE>_free>() releases the object and all pointers and sub-objects
@@ -348,11 +354,16 @@ user-defined, then pass in any I<pctx> down to any nested calls.
 
 =head1 RETURN VALUES
 
-B<I<TYPE>_new>() and B<I<TYPE>_dup>() return a pointer to the object or NULL on
-failure.
+B<I<TYPE>_new>(), B<I<TYPE>_new_ex>() and B<I<TYPE>_dup>() return a pointer to
+the object or NULL on failure.
 
 B<I<TYPE>_print_ctx>() returns 1 on success or zero on failure.
 
+=head1 HISTORY
+
+The functions PKCS7_new_with_libctx() and CMS_ContentInfo_new_with_libctx() were
+added in OpenSSL 3.0.
+
 =head1 COPYRIGHT
 
 Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/include/crypto/pkcs7.h b/include/crypto/pkcs7.h
new file mode 100644
index 0000000000..60e01e5c39
--- /dev/null
+++ b/include/crypto/pkcs7.h
@@ -0,0 +1,10 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+void pkcs7_resolve_libctx(PKCS7 *p7);
diff --git a/include/crypto/x509.h b/include/crypto/x509.h
index 71a67df650..712aa1cc86 100644
--- a/include/crypto/x509.h
+++ b/include/crypto/x509.h
@@ -299,6 +299,7 @@ int a2i_ipadd(unsigned char *ipout, const char *ipasc);
 int x509_set1_time(ASN1_TIME **ptm, const ASN1_TIME *tm);
 int x509_print_ex_brief(BIO *bio, X509 *cert, unsigned long neg_cflags);
 int x509v3_cache_extensions(X509 *x);
+int x509_set0_libctx(X509 *x, OPENSSL_CTX *libctx, const char *propq);
 
 void x509_init_sig_info(X509 *x);
 
diff --git a/include/openssl/asn1.h b/include/openssl/asn1.h
index c9917492d5..a62d4d7755 100644
--- a/include/openssl/asn1.h
+++ b/include/openssl/asn1.h
@@ -845,7 +845,14 @@ int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
 int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
                      int ctype_nid, int econt_nid,
                      STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it);
+int SMIME_write_ASN1_with_libctx(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
+                                 int ctype_nid, int econt_nid,
+                                 STACK_OF(X509_ALGOR) *mdalgs,
+                                 const ASN1_ITEM *it,
+                                 OPENSSL_CTX *libctx, const char *propq);
 ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it);
+ASN1_VALUE *SMIME_read_ASN1_ex(BIO *bio, BIO **bcont, const ASN1_ITEM *it,
+                               ASN1_VALUE **x);
 int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
 int SMIME_text(BIO *in, BIO *out);
 
diff --git a/include/openssl/cms.h b/include/openssl/cms.h
index a0f4b6a0ec..7397008fcb 100644
--- a/include/openssl/cms.h
+++ b/include/openssl/cms.h
@@ -45,6 +45,9 @@ DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
 DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
 DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
 
+CMS_ContentInfo *CMS_ContentInfo_new_with_libctx(OPENSSL_CTX *libctx,
+                                                 const char *propq);
+
 # define CMS_SIGNERINFO_ISSUER_SERIAL    0
 # define CMS_SIGNERINFO_KEYIDENTIFIER    1
 
@@ -104,6 +107,7 @@ int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
 int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in,
                              int flags);
 CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont);
+CMS_ContentInfo *SMIME_read_CMS_ex(BIO *bio, BIO **bcont, CMS_ContentInfo **ci);
 int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags);
 
 int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont,
@@ -112,6 +116,10 @@ int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont,
 CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
                           STACK_OF(X509) *certs, BIO *data,
                           unsigned int flags);
+CMS_ContentInfo *CMS_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey,
+                                      STACK_OF(X509) *certs, BIO *data,
+                                      unsigned int flags,
+                                      OPENSSL_CTX *ctx, const char *propq);
 
 CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
                                   X509 *signcert, EVP_PKEY *pkey,
@@ -119,11 +127,18 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
 
 int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags);
 CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
+CMS_ContentInfo *CMS_data_create_with_libctx(BIO *in, unsigned int flags,
+                                             OPENSSL_CTX *ctx,
+                                             const char *propq);
 
 int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
                       unsigned int flags);
 CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
                                    unsigned int flags);
+CMS_ContentInfo *CMS_digest_create_with_libctx(BIO *in, const EVP_MD *md,
+                                               unsigned int flags,
+                                               OPENSSL_CTX *ctx,
+                                               const char *propq);
 
 int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
                               const unsigned char *key, size_t keylen,
@@ -132,6 +147,13 @@ int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
 CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
                                            const unsigned char *key,
                                            size_t keylen, unsigned int flags);
+CMS_ContentInfo *CMS_EncryptedData_encrypt_with_libctx(BIO *in,
+                                                       const EVP_CIPHER *cipher,
+                                                       const unsigned char *key,
+                                                       size_t keylen,
+                                                       unsigned int flags,
+                                                       OPENSSL_CTX *ctx,
+                                                       const char *propq);
 
 int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
                                const unsigned char *key, size_t keylen);
@@ -147,12 +169,17 @@ STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
 
 CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
                              const EVP_CIPHER *cipher, unsigned int flags);
+CMS_ContentInfo *CMS_encrypt_with_libctx(STACK_OF(X509) *certs,
+                                         BIO *in, const EVP_CIPHER *cipher,
+                                         unsigned int flags,
+                                         OPENSSL_CTX *ctx, const char *propq);
 
 int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
                 BIO *dcont, BIO *out, unsigned int flags);
 
 int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
-int CMS_decrypt_set1_pkey_and_peer(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert, X509 *peer);
+int CMS_decrypt_set1_pkey_and_peer(CMS_ContentInfo *cms, EVP_PKEY *pk,
+                                   X509 *cert, X509 *peer);
 int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
                          unsigned char *key, size_t keylen,
                          const unsigned char *id, size_t idlen);
@@ -163,6 +190,10 @@ STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
 int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
 EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri);
 CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
+CMS_ContentInfo *CMS_EnvelopedData_create_with_libctx(const EVP_CIPHER *cipher,
+                                                      OPENSSL_CTX *ctx,
+                                                      const char *propq);
+
 CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
                                            X509 *recip, unsigned int flags);
 CMS_RecipientInfo *CMS_add1_recipient(CMS_ContentInfo *cms, X509 *recip,
@@ -297,11 +328,16 @@ void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
                                     int lastpos, int type);
 
 int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
-CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
-                                               int allorfirst,
-                                               STACK_OF(GENERAL_NAMES)
-                                               *receiptList, STACK_OF(GENERAL_NAMES)
-                                               *receiptsTo);
+CMS_ReceiptRequest *CMS_ReceiptRequest_create0(
+    unsigned char *id, int idlen, int allorfirst,
+    STACK_OF(GENERAL_NAMES) *receiptList,
+    STACK_OF(GENERAL_NAMES) *receiptsTo);
+CMS_ReceiptRequest *CMS_ReceiptRequest_create0_with_libctx(
+    unsigned char *id, int idlen, int allorfirst,
+    STACK_OF(GENERAL_NAMES) *receiptList,
+    STACK_OF(GENERAL_NAMES) *receiptsTo,
+    OPENSSL_CTX *ctx, const char *propq);
+
 int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
 void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
                                     ASN1_STRING **pcid,
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 0d21c035fe..6ff1e5602e 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -637,6 +637,7 @@ __owur int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md,
 
 __owur EVP_MD *EVP_MD_fetch(OPENSSL_CTX *ctx, const char *algorithm,
                             const char *properties);
+
 int EVP_MD_up_ref(EVP_MD *md);
 void EVP_MD_free(EVP_MD *md);
 
@@ -697,6 +698,9 @@ __owur int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
 
 __owur int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s,
                          EVP_PKEY *pkey);
+__owur int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *md,
+                                     unsigned int *s, EVP_PKEY *pkey,
+                                     OPENSSL_CTX *libctx, const char *propq);
 
 __owur int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret,
                           size_t *siglen, const unsigned char *tbs,
@@ -704,14 +708,19 @@ __owur int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret,
 
 __owur int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
                            unsigned int siglen, EVP_PKEY *pkey);
+__owur int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, EVP_PKEY *pkey,
+                                       OPENSSL_CTX *libctx, const char *propq);
 
 __owur int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret,
                             size_t siglen, const unsigned char *tbs,
                             size_t tbslen);
 
-int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
-                          const char *mdname, const char *props, EVP_PKEY *pkey,
-                          OPENSSL_CTX *libctx);
+int EVP_DigestSignInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+                                   const char *mdname,
+                                   OPENSSL_CTX *libctx, const char *props,
+                                   EVP_PKEY *pkey);
 /*__owur*/ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
                                   const EVP_MD *type, ENGINE *e,
                                   EVP_PKEY *pkey);
@@ -719,9 +728,10 @@ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize);
 __owur int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
                                size_t *siglen);
 
-int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
-                            const char *mdname, const char *props,
-                            EVP_PKEY *pkey, OPENSSL_CTX *libctx);
+int EVP_DigestVerifyInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+                                     const char *mdname,
+                                     OPENSSL_CTX *libctx, const char *props,
+                                     EVP_PKEY *pkey);
 __owur int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
                                 const EVP_MD *type, ENGINE *e,
                                 EVP_PKEY *pkey);
diff --git a/include/openssl/pkcs7.h b/include/openssl/pkcs7.h
index 0e1c50032f..f4b75cca36 100644
--- a/include/openssl/pkcs7.h
+++ b/include/openssl/pkcs7.h
@@ -36,6 +36,11 @@ Digest_Encryption_ID    rsaEncryption
 Key_Encryption_ID       rsaEncryption
 */
 
+typedef struct PKCS7_CTX_st {
+    OPENSSL_CTX *libctx;
+    char *propq;
+} PKCS7_CTX;
+
 typedef struct pkcs7_issuer_and_serial_st {
     X509_NAME *issuer;
     ASN1_INTEGER *serial;
@@ -51,6 +56,7 @@ typedef struct pkcs7_signer_info_st {
     STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */
     /* The private key to sign with */
     EVP_PKEY *pkey;
+    const PKCS7_CTX *ctx;
 } PKCS7_SIGNER_INFO;
 DEFINE_OR_DECLARE_STACK_OF(PKCS7_SIGNER_INFO)
 
@@ -60,6 +66,7 @@ typedef struct pkcs7_recip_info_st {
     X509_ALGOR *key_enc_algor;
     ASN1_OCTET_STRING *enc_key;
     X509 *cert;                 /* get the pub-key from this */
+    const PKCS7_CTX *ctx;
 } PKCS7_RECIP_INFO;
 DEFINE_OR_DECLARE_STACK_OF(PKCS7_RECIP_INFO)
 
@@ -82,6 +89,7 @@ typedef struct pkcs7_enc_content_st {
     X509_ALGOR *algorithm;
     ASN1_OCTET_STRING *enc_data; /* [ 0 ] */
     const EVP_CIPHER *cipher;
+    const PKCS7_CTX *ctx;
 } PKCS7_ENC_CONTENT;
 
 typedef struct pkcs7_enveloped_st {
@@ -147,6 +155,7 @@ typedef struct pkcs7_st {
         /* Anything else */
         ASN1_TYPE *other;
     } d;
+    PKCS7_CTX ctx;
 } PKCS7;
 DEFINE_OR_DECLARE_STACK_OF(PKCS7)
 
@@ -231,6 +240,7 @@ DECLARE_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE)
 DECLARE_ASN1_FUNCTIONS(PKCS7_DIGEST)
 DECLARE_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
 DECLARE_ASN1_FUNCTIONS(PKCS7)
+PKCS7 *PKCS7_new_with_libctx(OPENSSL_CTX *libctx, const char *propq);
 
 DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN)
 DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY)
@@ -289,6 +299,9 @@ int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,
 
 PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
                   BIO *data, int flags);
+PKCS7 *PKCS7_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey,
+                              STACK_OF(X509) *certs, BIO *data, int flags,
+                              OPENSSL_CTX *libctx, const char *propq);
 
 PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7,
                                          X509 *signcert, EVP_PKEY *pkey,
@@ -301,6 +314,9 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs,
                                    int flags);
 PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
                      int flags);
+PKCS7 *PKCS7_encrypt_with_libctx(STACK_OF(X509) *certs, BIO *in,
+                                 const EVP_CIPHER *cipher, int flags,
+                                 OPENSSL_CTX *libctx, const char *propq);
 int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data,
                   int flags);
 
@@ -315,6 +331,7 @@ int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si,
                              const unsigned char *md, int mdlen);
 
 int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags);
+PKCS7 *SMIME_read_PKCS7_ex(BIO *bio, BIO **bcont, PKCS7 **p7);
 PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont);
 
 BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7);
diff --git a/providers/implementations/exchange/ecdh_exch.c b/providers/implementations/exchange/ecdh_exch.c
index 08fb0cf224..a93f67b0b5 100644
--- a/providers/implementations/exchange/ecdh_exch.c
+++ b/providers/implementations/exchange/ecdh_exch.c
@@ -458,7 +458,6 @@ int ecdh_plain_derive(void *vpecdhctx, unsigned char *secret,
     return ret;
 }
 
-#ifndef FIPS_MODULE
 static ossl_inline
 int ecdh_X9_63_kdf_derive(void *vpecdhctx, unsigned char *secret,
                           size_t *psecretlen, size_t outlen)
@@ -499,7 +498,6 @@ int ecdh_X9_63_kdf_derive(void *vpecdhctx, unsigned char *secret,
     OPENSSL_secure_clear_free(stmp, stmplen);
     return ret;
 }
-#endif /* FIPS_MODULE */
 
 static
 int ecdh_derive(void *vpecdhctx, unsigned char *secret,
@@ -510,15 +508,11 @@ int ecdh_derive(void *vpecdhctx, unsigned char *secret,
     switch (pecdhctx->kdf_type) {
         case PROV_ECDH_KDF_NONE:
             return ecdh_plain_derive(vpecdhctx, secret, psecretlen, outlen);
-#ifndef FIPS_MODULE
         case PROV_ECDH_KDF_X9_63:
             return ecdh_X9_63_kdf_derive(vpecdhctx, secret, psecretlen, outlen);
-
-#endif /* FIPS_MODULE */
         default:
             break;
     }
-
     return 0;
 }
 
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index 9086348618..1a8e3cf829 100644
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -1610,8 +1610,9 @@ int tls_psk_do_binder(SSL *s, const EVP_MD *md, const unsigned char *msgstart,
         binderout = tmpbinder;
 
     bindersize = hashsize;
-    if (EVP_DigestSignInit_ex(mctx, NULL, EVP_MD_name(md), s->ctx->propq,
-                              mackey, s->ctx->libctx) <= 0
+    if (EVP_DigestSignInit_with_libctx(mctx, NULL, EVP_MD_name(md),
+                                       s->ctx->libctx, s->ctx->propq,
+                                       mackey) <= 0
             || EVP_DigestSignUpdate(mctx, hash, hashsize) <= 0
             || EVP_DigestSignFinal(mctx, binderout, &bindersize) <= 0
             || bindersize != hashsize) {
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index 27ddef9aaf..3eeafef828 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -784,8 +784,8 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
     }
 
     hmaclen = SHA256_DIGEST_LENGTH;
-    if (EVP_DigestSignInit_ex(hctx, NULL, "SHA2-256", s->ctx->propq, pkey,
-                              s->ctx->libctx) <= 0
+    if (EVP_DigestSignInit_with_libctx(hctx, NULL, "SHA2-256",
+                                       s->ctx->libctx, s->ctx->propq, pkey) <= 0
             || EVP_DigestSign(hctx, hmac, &hmaclen, data,
                               rawlen - SHA256_DIGEST_LENGTH) <= 0
             || hmaclen != SHA256_DIGEST_LENGTH) {
@@ -1873,8 +1873,9 @@ EXT_RETURN tls_construct_stoc_cookie(SSL *s, WPACKET *pkt, unsigned int context,
         goto err;
     }
 
-    if (EVP_DigestSignInit_ex(hctx, NULL, "SHA2-256", s->ctx->propq, pkey,
-                              s->ctx->libctx) <= 0
+    if (EVP_DigestSignInit_with_libctx(hctx, NULL, "SHA2-256",
+                                       s->ctx->libctx, s->ctx->propq,
+                                       pkey) <= 0
             || EVP_DigestSign(hctx, hmac, &hmaclen, cookie,
                               totcookielen) <= 0) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE,
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 4cd85ef609..ff48759436 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2377,9 +2377,10 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
             goto err;
         }
 
-        if (EVP_DigestVerifyInit_ex(md_ctx, &pctx,
-                                    md == NULL ? NULL : EVP_MD_name(md),
-                                    s->ctx->propq, pkey, s->ctx->libctx) <= 0) {
+        if (EVP_DigestVerifyInit_with_libctx(md_ctx, &pctx,
+                                             md == NULL ? NULL : EVP_MD_name(md),
+                                             s->ctx->libctx, s->ctx->propq,
+                                             pkey) <= 0) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_KEY_EXCHANGE,
                      ERR_R_EVP_LIB);
             goto err;
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index d8aab20e92..39ec4a92fd 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -277,9 +277,10 @@ int tls_construct_cert_verify(SSL *s, WPACKET *pkt)
         goto err;
     }
 
-    if (EVP_DigestSignInit_ex(mctx, &pctx,
-                              md == NULL ? NULL : EVP_MD_name(md),
-                              s->ctx->propq, pkey, s->ctx->libctx) <= 0) {
+    if (EVP_DigestSignInit_with_libctx(mctx, &pctx,
+                                       md == NULL ? NULL : EVP_MD_name(md),
+                                       s->ctx->libctx, s->ctx->propq,
+                                       pkey) <= 0) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CERT_VERIFY,
                  ERR_R_EVP_LIB);
         goto err;
@@ -472,9 +473,10 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
     OSSL_TRACE1(TLS, "Using client verify alg %s\n",
                 md == NULL ? "n/a" : EVP_MD_name(md));
 
-    if (EVP_DigestVerifyInit_ex(mctx, &pctx,
-                                md == NULL ? NULL : EVP_MD_name(md),
-                                s->ctx->propq, pkey, s->ctx->libctx) <= 0) {
+    if (EVP_DigestVerifyInit_with_libctx(mctx, &pctx,
+                                         md == NULL ? NULL : EVP_MD_name(md),
+                                         s->ctx->libctx, s->ctx->propq,
+                                         pkey) <= 0) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY,
                  ERR_R_EVP_LIB);
         goto err;
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index b329e89379..c46254c858 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -2807,9 +2807,10 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
             goto err;
         }
 
-        if (EVP_DigestSignInit_ex(md_ctx, &pctx,
-                                  md == NULL ? NULL : EVP_MD_name(md),
-                                  s->ctx->propq, pkey, s->ctx->libctx) <= 0) {
+        if (EVP_DigestSignInit_with_libctx(md_ctx, &pctx,
+                                           md == NULL ? NULL : EVP_MD_name(md),
+                                           s->ctx->libctx, s->ctx->propq,
+                                           pkey) <= 0) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                      SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE,
                      ERR_R_INTERNAL_ERROR);
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 11eea82fff..8285e5cd27 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -380,9 +380,9 @@ int tls1_change_cipher_state(SSL *s, int which)
         mac_key = EVP_PKEY_new_mac_key(mac_type, NULL, mac_secret,
                                                (int)*mac_secret_size);
         if (mac_key == NULL
-            || EVP_DigestSignInit_ex(mac_ctx, NULL,
-                                     EVP_MD_name(m), s->ctx->propq,
-                                     mac_key, s->ctx->libctx) <= 0) {
+            || EVP_DigestSignInit_with_libctx(mac_ctx, NULL, EVP_MD_name(m),
+                                              s->ctx->libctx, s->ctx->propq,
+                                              mac_key) <= 0) {
             EVP_PKEY_free(mac_key);
             SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_CHANGE_CIPHER_STATE,
                      ERR_R_INTERNAL_ERROR);
diff --git a/test/acvp_test.c b/test/acvp_test.c
index 737d2c61bb..b33881d4db 100644
--- a/test/acvp_test.c
+++ b/test/acvp_test.c
@@ -92,8 +92,9 @@ static int sig_gen(EVP_PKEY *pkey, OSSL_PARAM *params, const char *digest_name,
 
     if (!TEST_ptr(sig = OPENSSL_malloc(sz))
         || !TEST_ptr(md_ctx = EVP_MD_CTX_new())
-        || !TEST_int_eq(EVP_DigestSignInit_ex(md_ctx, NULL, digest_name, NULL,
-                                              pkey, libctx), 1)
+        || !TEST_int_eq(EVP_DigestSignInit_with_libctx(md_ctx, NULL,
+                                                       digest_name, libctx, NULL,
+                                                       pkey), 1)
         || !TEST_int_gt(EVP_DigestSign(md_ctx, sig, &sig_len, msg, msg_len), 0))
         goto err;
     *sig_out = sig;
@@ -296,8 +297,9 @@ static int ecdsa_sigver_test(int id)
 
     ret = TEST_int_gt((sig_len = i2d_ECDSA_SIG(sign, &sig)), 0)
           && TEST_ptr(md_ctx = EVP_MD_CTX_new())
-          && TEST_true(EVP_DigestVerifyInit_ex(md_ctx, NULL, tst->digest_alg,
-                                               NULL, pkey, libctx)
+          && TEST_true(EVP_DigestVerifyInit_with_libctx(md_ctx, NULL,
+                                                        tst->digest_alg,
+                                                        libctx, NULL, pkey)
           && TEST_int_eq(EVP_DigestVerify(md_ctx, sig, sig_len,
                                           tst->msg, tst->msg_len), tst->pass));
 err:
@@ -1238,8 +1240,9 @@ static int rsa_sigver_test(int id)
         || !TEST_true(rsa_create_pkey(&pkey, tst->n, tst->n_len,
                                       tst->e, tst->e_len, NULL, 0, bn_ctx))
         || !TEST_ptr(md_ctx = EVP_MD_CTX_new())
-        || !TEST_true(EVP_DigestVerifyInit_ex(md_ctx, &pkey_ctx, tst->digest_alg,
-                                              NULL, pkey, libctx)
+        || !TEST_true(EVP_DigestVerifyInit_with_libctx(md_ctx, &pkey_ctx,
+                                                       tst->digest_alg,
+                                                       libctx, NULL, pkey)
         || !TEST_true(EVP_PKEY_CTX_set_params(pkey_ctx, params))
         || !TEST_int_eq(EVP_DigestVerify(md_ctx, tst->sig, tst->sig_len,
                                          tst->msg, tst->msg_len), tst->pass)))
diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c
index 51b517fb95..de615c80ab 100644
--- a/test/evp_extra_test.c
+++ b/test/evp_extra_test.c
@@ -1461,8 +1461,9 @@ static int test_EVP_PKEY_CTX_get_set_params(EVP_PKEY *pkey)
      */
     mdctx = EVP_MD_CTX_new();
     if (!TEST_ptr(mdctx)
-        || !TEST_true(EVP_DigestSignInit_ex(mdctx, NULL, "SHA1", NULL, pkey,
-                                            NULL)))
+        || !TEST_true(EVP_DigestSignInit_with_libctx(mdctx, NULL,
+                                                     "SHA1", NULL, NULL,
+                                                     pkey)))
         goto err;
 
     /*
diff --git a/test/evp_test.c b/test/evp_test.c
index 30a0aa11ef..bff1ecb558 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -1183,7 +1183,7 @@ static int mac_test_run_pkey(EVP_TEST *t)
         t->err = "INTERNAL_ERROR";
         goto err;
     }
-    if (!EVP_DigestSignInit_ex(mctx, &pctx, mdname, NULL, key, libctx)) {
+    if (!EVP_DigestSignInit_with_libctx(mctx, &pctx, mdname, libctx, NULL, key)) {
         t->err = "DIGESTSIGNINIT_ERROR";
         goto err;
     }
@@ -2899,13 +2899,13 @@ static int digestsigver_test_parse(EVP_TEST *t,
             return 1;
         }
         if (mdata->is_verify) {
-            if (!EVP_DigestVerifyInit_ex(mdata->ctx, &mdata->pctx,
-                                         name, NULL, pkey, libctx))
+            if (!EVP_DigestVerifyInit_with_libctx(mdata->ctx, &mdata->pctx,
+                                                  name, libctx, NULL, pkey))
                 t->err = "DIGESTVERIFYINIT_ERROR";
             return 1;
         }
-        if (!EVP_DigestSignInit_ex(mdata->ctx, &mdata->pctx,
-                                   name, NULL, pkey, libctx))
+        if (!EVP_DigestSignInit_with_libctx(mdata->ctx, &mdata->pctx,
+                                            name, libctx, NULL, pkey))
             t->err = "DIGESTSIGNINIT_ERROR";
         return 1;
     }
diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t
index 76342481fb..38028c291a 100644
--- a/test/recipes/80-test_cms.t
+++ b/test/recipes/80-test_cms.t
@@ -13,16 +13,34 @@ use warnings;
 use POSIX;
 use File::Spec::Functions qw/catfile/;
 use File::Compare qw/compare_text/;
-use OpenSSL::Test qw/:DEFAULT srctop_dir srctop_file bldtop_dir/;
+use OpenSSL::Test qw/:DEFAULT srctop_dir srctop_file bldtop_dir bldtop_file/;
+
 use OpenSSL::Test::Utils;
 
-setup("test_cms");
+BEGIN {
+    setup("test_cms");
+}
+
+use lib srctop_dir('Configurations');
+use lib bldtop_dir('.');
+use platform;
+
+my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
 
 plan skip_all => "CMS is not supported by this OpenSSL build"
     if disabled("cms");
 
 my $provpath = bldtop_dir("providers");
-my @prov = ("-provider_path", $provpath, "-provider", "default", "-provider", "legacy");
+
+# Some tests require legacy algorithms to be included.
+my @legacyprov = ("-provider_path", $provpath,
+                  "-provider", "default",
+                  "-provider", "legacy" );
+my @defaultprov = ("-provider_path", $provpath,
+                   "-provider", "default");
+
+my @config = ( );
+my $provname = 'default';
 
 my $datadir = srctop_dir("test", "recipes", "80-test_cms_data");
 my $smdir    = srctop_dir("test", "smime-certs");
@@ -30,173 +48,191 @@ my $smcont   = srctop_file("test", "smcont.txt");
 my ($no_des, $no_dh, $no_dsa, $no_ec, $no_ec2m, $no_rc2, $no_zlib)
     = disabled qw/des dh dsa ec ec2m rc2 zlib/;
 
-plan tests => 10;
+plan tests =>
+    ($no_fips ? 0 : 1)          # FIPS install test
+    + 10;
+
+unless ($no_fips) {
+    my $infile = bldtop_file('providers', platform->dso('fips'));
+
+    ok(run(app(['openssl', 'fipsinstall',
+                '-out', bldtop_file('providers', 'fipsmodule.cnf'),
+                '-module', $infile])),
+       "fipsinstall");
+    @config = ( "-config", srctop_file("test", "fips.cnf") );
+    $provname = 'fips';
+}
+
+$ENV{OPENSSL_TEST_LIBCTX} = "1";
+my @prov = ("-provider_path", $provpath,
+            @config,
+            "-provider", $provname);
 
 my @smime_pkcs7_tests = (
 
     [ "signed content DER format, RSA key",
-      [ "{cmd1}", "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
+      [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
         "-certfile", catfile($smdir, "smroot.pem"),
         "-signer", catfile($smdir, "smrsa1.pem"), "-out", "{output}.cms" ],
-      [ "{cmd2}", "-verify", "-in", "{output}.cms", "-inform", "DER",
+      [ "{cmd2}",  @prov, "-verify", "-in", "{output}.cms", "-inform", "DER",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "signed detached content DER format, RSA key",
-      [ "{cmd1}", "-sign", "-in", $smcont, "-outform", "DER",
+      [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER",
         "-signer", catfile($smdir, "smrsa1.pem"), "-out", "{output}.cms" ],
-      [ "{cmd2}", "-verify", "-in", "{output}.cms", "-inform", "DER",
+      [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "DER",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt",
         "-content", $smcont ],
       \&final_compare
     ],
 
     [ "signed content test streaming BER format, RSA",
-      [ "{cmd1}", "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
+      [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
         "-stream",
         "-signer", catfile($smdir, "smrsa1.pem"), "-out", "{output}.cms" ],
-      [ "{cmd2}", "-verify", "-in", "{output}.cms", "-inform", "DER",
+      [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "DER",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "signed content DER format, DSA key",
-      [ "{cmd1}", "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
+      [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
         "-signer", catfile($smdir, "smdsa1.pem"), "-out", "{output}.cms" ],
-      [ "{cmd2}", "-verify", "-in", "{output}.cms", "-inform", "DER",
+      [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "DER",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "signed detached content DER format, DSA key",
-      [ "{cmd1}", "-sign", "-in", $smcont, "-outform", "DER",
+      [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER",
         "-signer", catfile($smdir, "smdsa1.pem"), "-out", "{output}.cms" ],
-      [ "{cmd2}", "-verify", "-in", "{output}.cms", "-inform", "DER",
+      [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "DER",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt",
         "-content", $smcont ],
       \&final_compare
     ],
 
     [ "signed detached content DER format, add RSA signer (with DSA existing)",
-      [ "{cmd1}", "-sign", "-in", $smcont, "-outform", "DER",
+      [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER",
         "-signer", catfile($smdir, "smdsa1.pem"), "-out", "{output}.cms" ],
-      [ "{cmd1}", "-resign", "-in", "{output}.cms", "-inform", "DER", "-outform", "DER",
+      [ "{cmd1}", @prov, "-resign", "-in", "{output}.cms", "-inform", "DER", "-outform", "DER",
         "-signer", catfile($smdir, "smrsa1.pem"), "-out", "{output}2.cms" ],
-      [ "{cmd2}", "-verify", "-in", "{output}2.cms", "-inform", "DER",
+      [ "{cmd2}", @prov, "-verify", "-in", "{output}2.cms", "-inform", "DER",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt",
         "-content", $smcont ],
       \&final_compare
     ],
 
     [ "signed content test streaming BER format, DSA key",
-      [ "{cmd1}", "-sign", "-in", $smcont, "-outform", "DER",
+      [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER",
         "-nodetach", "-stream",
         "-signer", catfile($smdir, "smdsa1.pem"), "-out", "{output}.cms" ],
-      [ "{cmd2}", "-verify", "-in", "{output}.cms", "-inform", "DER",
+      [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "DER",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "signed content test streaming BER format, 2 DSA and 2 RSA keys",
-      [ "{cmd1}", "-sign", "-in", $smcont, "-outform", "DER",
+      [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER",
         "-nodetach", "-stream",
         "-signer", catfile($smdir, "smrsa1.pem"),
         "-signer", catfile($smdir, "smrsa2.pem"),
         "-signer", catfile($smdir, "smdsa1.pem"),
         "-signer", catfile($smdir, "smdsa2.pem"),
         "-out", "{output}.cms" ],
-      [ "{cmd2}", "-verify", "-in", "{output}.cms", "-inform", "DER",
+      [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "DER",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes",
-      [ "{cmd1}", "-sign", "-in", $smcont, "-outform", "DER",
+      [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER",
         "-noattr", "-nodetach", "-stream",
         "-signer", catfile($smdir, "smrsa1.pem"),
         "-signer", catfile($smdir, "smrsa2.pem"),
         "-signer", catfile($smdir, "smdsa1.pem"),
         "-signer", catfile($smdir, "smdsa2.pem"),
         "-out", "{output}.cms" ],
-      [ "{cmd2}", "-verify", "-in", "{output}.cms", "-inform", "DER",
+      [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "DER",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "signed content S/MIME format, RSA key SHA1",
-      [ "{cmd1}", "-sign", "-in", $smcont, "-md", "sha1",
+      [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-md", "sha1",
         "-certfile", catfile($smdir, "smroot.pem"),
         "-signer", catfile($smdir, "smrsa1.pem"), "-out", "{output}.cms" ],
-      [ "{cmd2}", "-verify", "-in", "{output}.cms",
+      [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "signed content test streaming S/MIME format, 2 DSA and 2 RSA keys",
-      [ "{cmd1}", "-sign", "-in", $smcont, "-nodetach",
+      [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-nodetach",
         "-signer", catfile($smdir, "smrsa1.pem"),
         "-signer", catfile($smdir, "smrsa2.pem"),
         "-signer", catfile($smdir, "smdsa1.pem"),
         "-signer", catfile($smdir, "smdsa2.pem"),
         "-stream", "-out", "{output}.cms" ],
-      [ "{cmd2}", "-verify", "-in", "{output}.cms",
+      [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys",
-      [ "{cmd1}", "-sign", "-in", $smcont,
+      [ "{cmd1}", @prov, "-sign", "-in", $smcont,
         "-signer", catfile($smdir, "smrsa1.pem"),
         "-signer", catfile($smdir, "smrsa2.pem"),
         "-signer", catfile($smdir, "smdsa1.pem"),
         "-signer", catfile($smdir, "smdsa2.pem"),
         "-stream", "-out", "{output}.cms" ],
-      [ "{cmd2}", "-verify", "-in", "{output}.cms",
+      [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "enveloped content test streaming S/MIME format, DES, 3 recipients",
-      [ "{cmd1}", "-encrypt", "-in", $smcont,
+      [ "{cmd1}", @defaultprov, "-encrypt", "-in", $smcont,
         "-stream", "-out", "{output}.cms",
         catfile($smdir, "smrsa1.pem"),
         catfile($smdir, "smrsa2.pem"),
         catfile($smdir, "smrsa3.pem") ],
-      [ "{cmd2}", "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
+      [ "{cmd2}", @defaultprov, "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
         "-in", "{output}.cms", "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "enveloped content test streaming S/MIME format, DES, 3 recipients, 3rd used",
-      [ "{cmd1}", "-encrypt", "-in", $smcont,
+      [ "{cmd1}", @defaultprov, "-encrypt", "-in", $smcont,
         "-stream", "-out", "{output}.cms",
         catfile($smdir, "smrsa1.pem"),
         catfile($smdir, "smrsa2.pem"),
         catfile($smdir, "smrsa3.pem") ],
-      [ "{cmd2}", "-decrypt", "-recip", catfile($smdir, "smrsa3.pem"),
+      [ "{cmd2}", @defaultprov, "-decrypt", "-recip", catfile($smdir, "smrsa3.pem"),
         "-in", "{output}.cms", "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "enveloped content test streaming S/MIME format, DES, 3 recipients, key only used",
-      [ "{cmd1}", "-encrypt", "-in", $smcont,
+      [ "{cmd1}", @defaultprov, "-encrypt", "-in", $smcont,
         "-stream", "-out", "{output}.cms",
         catfile($smdir, "smrsa1.pem"),
         catfile($smdir, "smrsa2.pem"),
         catfile($smdir, "smrsa3.pem") ],
-      [ "{cmd2}", "-decrypt", "-inkey", catfile($smdir, "smrsa3.pem"),
+      [ "{cmd2}", @defaultprov, "-decrypt", "-inkey", catfile($smdir, "smrsa3.pem"),
         "-in", "{output}.cms", "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients",
-      [ "{cmd1}", "-encrypt", "-in", $smcont,
+      [ "{cmd1}", @prov, "-encrypt", "-in", $smcont,
         "-aes256", "-stream", "-out", "{output}.cms",
         catfile($smdir, "smrsa1.pem"),
         catfile($smdir, "smrsa2.pem"),
         catfile($smdir, "smrsa3.pem") ],
-      [ "{cmd2}", "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
+      [ "{cmd2}", @prov, "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
         "-in", "{output}.cms", "-out", "{output}.txt" ],
       \&final_compare
     ],
@@ -206,68 +242,68 @@ my @smime_pkcs7_tests = (
 my @smime_cms_tests = (
 
     [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid",
-      [ "{cmd1}", "-sign", "-in", $smcont, "-outform", "DER",
+      [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER",
         "-nodetach", "-keyid",
         "-signer", catfile($smdir, "smrsa1.pem"),
         "-signer", catfile($smdir, "smrsa2.pem"),
         "-signer", catfile($smdir, "smdsa1.pem"),
         "-signer", catfile($smdir, "smdsa2.pem"),
         "-stream", "-out", "{output}.cms" ],
-      [ "{cmd2}", "-verify", "-in", "{output}.cms", "-inform", "DER",
+      [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "DER",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "signed content test streaming PEM format, 2 DSA and 2 RSA keys",
-      [ "{cmd1}", "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
+      [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
         "-signer", catfile($smdir, "smrsa1.pem"),
         "-signer", catfile($smdir, "smrsa2.pem"),
         "-signer", catfile($smdir, "smdsa1.pem"),
         "-signer", catfile($smdir, "smdsa2.pem"),
         "-stream", "-out", "{output}.cms" ],
-      [ "{cmd2}", "-verify", "-in", "{output}.cms", "-inform", "PEM",
+      [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "PEM",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "signed content MIME format, RSA key, signed receipt request",
-      [ "{cmd1}", "-sign", "-in", $smcont, "-nodetach",
+      [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-nodetach",
         "-signer", catfile($smdir, "smrsa1.pem"),
         "-receipt_request_to", "test\@openssl.org", "-receipt_request_all",
         "-out", "{output}.cms" ],
-      [ "{cmd2}", "-verify", "-in", "{output}.cms",
+      [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "signed receipt MIME format, RSA key",
-      [ "{cmd1}", "-sign", "-in", $smcont, "-nodetach",
+      [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-nodetach",
         "-signer", catfile($smdir, "smrsa1.pem"),
         "-receipt_request_to", "test\@openssl.org", "-receipt_request_all",
         "-out", "{output}.cms" ],
-      [ "{cmd1}", "-sign_receipt", "-in", "{output}.cms",
+      [ "{cmd1}", @prov, "-sign_receipt", "-in", "{output}.cms",
         "-signer", catfile($smdir, "smrsa2.pem"), "-out", "{output}2.cms" ],
-      [ "{cmd2}", "-verify_receipt", "{output}2.cms", "-in", "{output}.cms",
+      [ "{cmd2}", @prov, "-verify_receipt", "{output}2.cms", "-in", "{output}.cms",
         "-CAfile", catfile($smdir, "smroot.pem") ]
     ],
 
     [ "enveloped content test streaming S/MIME format, DES, 3 recipients, keyid",
-      [ "{cmd1}", "-encrypt", "-in", $smcont,
+      [ "{cmd1}", @defaultprov, "-encrypt", "-in", $smcont,
         "-stream", "-out", "{output}.cms", "-keyid",
         catfile($smdir, "smrsa1.pem"),
         catfile($smdir, "smrsa2.pem"),
         catfile($smdir, "smrsa3.pem") ],
-      [ "{cmd2}", "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
+      [ "{cmd2}", @defaultprov, "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
         "-in", "{output}.cms", "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "enveloped content test streaming PEM format, KEK",
-      [ "{cmd1}", "-encrypt", "-in", $smcont, "-outform", "PEM", "-aes128",
+      [ "{cmd1}", @prov, "-encrypt", "-in", $smcont, "-outform", "PEM", "-aes128",
         "-stream", "-out", "{output}.cms",
         "-secretkey", "000102030405060708090A0B0C0D0E0F",
         "-secretkeyid", "C0FEE0" ],
-      [ "{cmd2}", "-decrypt", "-in", "{output}.cms", "-out", "{output}.txt",
+      [ "{cmd2}", @prov, "-decrypt", "-in", "{output}.cms", "-out", "{output}.txt",
         "-inform", "PEM",
         "-secretkey", "000102030405060708090A0B0C0D0E0F",
         "-secretkeyid", "C0FEE0" ],
@@ -275,30 +311,30 @@ my @smime_cms_tests = (
     ],
 
     [ "enveloped content test streaming PEM format, KEK, key only",
-      [ "{cmd1}", "-encrypt", "-in", $smcont, "-outform", "PEM", "-aes128",
+      [ "{cmd1}", @prov, "-encrypt", "-in", $smcont, "-outform", "PEM", "-aes128",
         "-stream", "-out", "{output}.cms",
         "-secretkey", "000102030405060708090A0B0C0D0E0F",
         "-secretkeyid", "C0FEE0" ],
-      [ "{cmd2}", "-decrypt", "-in", "{output}.cms", "-out", "{output}.txt",
+      [ "{cmd2}", @prov, "-decrypt", "-in", "{output}.cms", "-out", "{output}.txt",
         "-inform", "PEM",
         "-secretkey", "000102030405060708090A0B0C0D0E0F" ],
       \&final_compare
     ],
 
     [ "data content test streaming PEM format",
-      [ "{cmd1}", "-data_create", "-in", $smcont, "-outform", "PEM",
+      [ "{cmd1}", @prov, "-data_create", "-in", $smcont, "-outform", "PEM",
         "-nodetach", "-stream", "-out", "{output}.cms" ],
-      [ "{cmd2}", "-data_out", "-in", "{output}.cms", "-inform", "PEM",
+      [ "{cmd2}", @prov, "-data_out", "-in", "{output}.cms", "-inform", "PEM",
         "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "encrypted content test streaming PEM format, 128 bit RC2 key",
-      [ "{cmd1}", @prov, "-EncryptedData_encrypt",
+      [ "{cmd1}", @legacyprov, "-EncryptedData_encrypt",
         "-in", $smcont, "-outform", "PEM",
         "-rc2", "-secretkey", "000102030405060708090A0B0C0D0E0F",
         "-stream", "-out", "{output}.cms" ],
-      [ "{cmd2}", @prov, "-EncryptedData_decrypt", "-in", "{output}.cms",
+      [ "{cmd2}", @legacyprov, "-EncryptedData_decrypt", "-in", "{output}.cms",
         "-inform", "PEM",
         "-secretkey", "000102030405060708090A0B0C0D0E0F",
         "-out", "{output}.txt" ],
@@ -306,21 +342,21 @@ my @smime_cms_tests = (
     ],
 
     [ "encrypted content test streaming PEM format, 40 bit RC2 key",
-      [ "{cmd1}", @prov, "-EncryptedData_encrypt",
+      [ "{cmd1}", @legacyprov, "-EncryptedData_encrypt",
         "-in", $smcont, "-outform", "PEM",
         "-rc2", "-secretkey", "0001020304",
         "-stream", "-out", "{output}.cms" ],
-      [ "{cmd2}", @prov, "-EncryptedData_decrypt", "-in", "{output}.cms",
+      [ "{cmd2}", @legacyprov, "-EncryptedData_decrypt", "-in", "{output}.cms",
         "-inform", "PEM",
         "-secretkey", "0001020304", "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "encrypted content test streaming PEM format, triple DES key",
-      [ "{cmd1}", "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
+      [ "{cmd1}", @prov, "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
         "-des3", "-secretkey", "000102030405060708090A0B0C0D0E0F1011121314151617",
         "-stream", "-out", "{output}.cms" ],
-      [ "{cmd2}", "-EncryptedData_decrypt", "-in", "{output}.cms",
+      [ "{cmd2}", @prov, "-EncryptedData_decrypt", "-in", "{output}.cms",
         "-inform", "PEM",
         "-secretkey", "000102030405060708090A0B0C0D0E0F1011121314151617",
         "-out", "{output}.txt" ],
@@ -328,10 +364,10 @@ my @smime_cms_tests = (
     ],
 
     [ "encrypted content test streaming PEM format, 128 bit AES key",
-      [ "{cmd1}", "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
+      [ "{cmd1}", @prov, "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM",
         "-aes128", "-secretkey", "000102030405060708090A0B0C0D0E0F",
         "-stream", "-out", "{output}.cms" ],
-      [ "{cmd2}", "-EncryptedData_decrypt", "-in", "{output}.cms",
+      [ "{cmd2}", @prov, "-EncryptedData_decrypt", "-in", "{output}.cms",
         "-inform", "PEM",
         "-secretkey", "000102030405060708090A0B0C0D0E0F",
         "-out", "{output}.txt" ],
@@ -343,57 +379,57 @@ my @smime_cms_tests = (
 my @smime_cms_cades_tests = (
 
     [ "signed content DER format, RSA key, CAdES-BES compatible",
-      [ "{cmd1}", "-sign", "-cades", "-in", $smcont, "-outform", "DER",
+      [ "{cmd1}", @prov, "-sign", "-cades", "-in", $smcont, "-outform", "DER",
          "-nodetach",
         "-certfile", catfile($smdir, "smroot.pem"),
         "-signer", catfile($smdir, "smrsa1.pem"), "-out", "{output}.cms" ],
-      [ "{cmd2}", "-verify", "-cades", "-in", "{output}.cms", "-inform", "DER",
+      [ "{cmd2}", @prov, "-verify", "-cades", "-in", "{output}.cms", "-inform", "DER",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "signed content DER format, RSA key, SHA256 md, CAdES-BES compatible",
-      [ "{cmd1}", "-sign", "-cades", "-md", "sha256", "-in", $smcont, "-outform",
+      [ "{cmd1}", @prov, "-sign", "-cades", "-md", "sha256", "-in", $smcont, "-outform",
         "DER", "-nodetach", "-certfile", catfile($smdir, "smroot.pem"),
         "-signer", catfile($smdir, "smrsa1.pem"), "-out", "{output}.cms" ],
-      [ "{cmd2}", "-verify", "-cades", "-in", "{output}.cms", "-inform", "DER",
+      [ "{cmd2}", @prov, "-verify", "-cades", "-in", "{output}.cms", "-inform", "DER",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "signed content DER format, RSA key, SHA512 md, CAdES-BES compatible",
-      [ "{cmd1}", "-sign", "-cades", "-md", "sha512", "-in", $smcont, "-outform",
+      [ "{cmd1}", @prov, "-sign", "-cades", "-md", "sha512", "-in", $smcont, "-outform",
         "DER", "-nodetach", "-certfile", catfile($smdir, "smroot.pem"),
         "-signer", catfile($smdir, "smrsa1.pem"), "-out", "{output}.cms" ],
-      [ "{cmd2}", "-verify", "-cades", "-in", "{output}.cms", "-inform", "DER",
+      [ "{cmd2}", @prov, "-verify", "-cades", "-in", "{output}.cms", "-inform", "DER",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "signed content DER format, RSA key, SHA256 md, CAdES-BES compatible",
-      [ "{cmd1}", "-sign", "-cades", "-binary",  "-nodetach", "-nosmimecap", "-md", "sha256",
+      [ "{cmd1}", @prov, "-sign", "-cades", "-binary",  "-nodetach", "-nosmimecap", "-md", "sha256",
         "-in", $smcont, "-outform", "DER", 
         "-certfile", catfile($smdir, "smroot.pem"),
         "-signer", catfile($smdir, "smrsa1.pem"),
         "-outform", "DER", "-out", "{output}.cms"  ],
-      [ "{cmd2}", "-verify", "-cades", "-in", "{output}.cms", "-inform", "DER",
+      [ "{cmd2}", @prov, "-verify", "-cades", "-in", "{output}.cms", "-inform", "DER",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "resigned content DER format, RSA key, SHA256 md, CAdES-BES compatible",
-      [ "{cmd1}", "-sign", "-cades", "-binary",  "-nodetach", "-nosmimecap", "-md", "sha256",
+      [ "{cmd1}", @prov, "-sign", "-cades", "-binary",  "-nodetach", "-nosmimecap", "-md", "sha256",
         "-in", $smcont, "-outform", "DER", 
         "-certfile", catfile($smdir, "smroot.pem"),
         "-signer", catfile($smdir, "smrsa1.pem"),
         "-outform", "DER", "-out", "{output}.cms"  ],
-      [ "{cmd1}", "-resign", "-cades", "-binary", "-nodetach", "-nosmimecap", "-md", "sha256",
+      [ "{cmd1}", @prov, "-resign", "-cades", "-binary", "-nodetach", "-nosmimecap", "-md", "sha256",
         "-inform", "DER", "-in", "{output}.cms",
         "-certfile", catfile($smdir, "smroot.pem"),
         "-signer", catfile($smdir, "smrsa2.pem"),
         "-outform", "DER", "-out", "{output}2.cms" ],
 
-      [ "{cmd2}", "-verify", "-cades", "-in", "{output}2.cms", "-inform", "DER",
+      [ "{cmd2}", @prov, "-verify", "-cades", "-in", "{output}2.cms", "-inform", "DER",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ],
@@ -401,10 +437,10 @@ my @smime_cms_cades_tests = (
 
 my @smime_cms_cades_ko_tests = (
     [ "signed content DER format, RSA key, but verified as CAdES-BES compatible",
-      [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
+      [ @prov, "-sign", "-in", $smcont, "-outform", "DER", "-nodetach",
         "-certfile", catfile($smdir, "smroot.pem"),
         "-signer", catfile($smdir, "smrsa1.pem"), "-out", "{output}.cms" ],
-      [ "-verify", "-cades", "-in", "{output}.cms", "-inform", "DER",
+      [ @prov, "-verify", "-cades", "-in", "{output}.cms", "-inform", "DER",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ]
@@ -424,9 +460,9 @@ my @smime_cms_cades_invalid_option_tests = (
 my @smime_cms_comp_tests = (
 
     [ "compressed content test streaming PEM format",
-      [ "{cmd1}", "-compress", "-in", $smcont, "-outform", "PEM", "-nodetach",
+      [ "{cmd1}", @prov, "-compress", "-in", $smcont, "-outform", "PEM", "-nodetach",
         "-stream", "-out", "{output}.cms" ],
-      [ "{cmd2}", "-uncompress", "-in", "{output}.cms", "-inform", "PEM",
+      [ "{cmd2}", @prov, "-uncompress", "-in", "{output}.cms", "-inform", "PEM",
         "-out", "{output}.txt" ],
       \&final_compare
     ]
@@ -435,137 +471,139 @@ my @smime_cms_comp_tests = (
 
 my @smime_cms_param_tests = (
     [ "signed content test streaming PEM format, RSA keys, PSS signature",
-      [ "{cmd1}", "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
+      [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
         "-signer", catfile($smdir, "smrsa1.pem"),
         "-keyopt", "rsa_padding_mode:pss",
         "-out", "{output}.cms" ],
-      [ "{cmd2}", "-verify", "-in", "{output}.cms", "-inform", "PEM",
+      [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "PEM",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "signed content test streaming PEM format, RSA keys, PSS signature, saltlen=max",
-      [ "{cmd1}", "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
+      [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
         "-signer", catfile($smdir, "smrsa1.pem"),
         "-keyopt", "rsa_padding_mode:pss", "-keyopt", "rsa_pss_saltlen:max",
         "-out", "{output}.cms" ],
-      [ "{cmd2}", "-verify", "-in", "{output}.cms", "-inform", "PEM",
+      [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "PEM",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "signed content test streaming PEM format, RSA keys, PSS signature, no attributes",
-      [ "{cmd1}", "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
+      [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
         "-noattr",
         "-signer", catfile($smdir, "smrsa1.pem"),
         "-keyopt", "rsa_padding_mode:pss",
         "-out", "{output}.cms" ],
-      [ "{cmd2}", "-verify", "-in", "{output}.cms", "-inform", "PEM",
+      [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "PEM",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "signed content test streaming PEM format, RSA keys, PSS signature, SHA384 MGF1",
-      [ "{cmd1}", "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
+      [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach",
         "-signer", catfile($smdir, "smrsa1.pem"),
         "-keyopt", "rsa_padding_mode:pss", "-keyopt", "rsa_mgf1_md:sha384",
         "-out", "{output}.cms" ],
-      [ "{cmd2}", "-verify", "-in", "{output}.cms", "-inform", "PEM",
+      [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "PEM",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "enveloped content test streaming S/MIME format, DES, OAEP default parameters",
-      [ "{cmd1}", "-encrypt", "-in", $smcont,
+      [ "{cmd1}", @defaultprov, "-encrypt", "-in", $smcont,
         "-stream", "-out", "{output}.cms",
         "-recip", catfile($smdir, "smrsa1.pem"),
         "-keyopt", "rsa_padding_mode:oaep" ],
-      [ "{cmd2}", "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
+      [ "{cmd2}", @defaultprov, "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
         "-in", "{output}.cms", "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "enveloped content test streaming S/MIME format, DES, OAEP SHA256",
-      [ "{cmd1}", "-encrypt", "-in", $smcont,
+      [ "{cmd1}", @defaultprov, "-encrypt", "-in", $smcont,
         "-stream", "-out", "{output}.cms",
         "-recip", catfile($smdir, "smrsa1.pem"),
         "-keyopt", "rsa_padding_mode:oaep",
         "-keyopt", "rsa_oaep_md:sha256" ],
-      [ "{cmd2}", "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
+      [ "{cmd2}", @defaultprov, "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"),
         "-in", "{output}.cms", "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "enveloped content test streaming S/MIME format, DES, ECDH",
-      [ "{cmd1}", "-encrypt", "-in", $smcont,
+      [ "{cmd1}", @defaultprov, "-encrypt", "-in", $smcont,
         "-stream", "-out", "{output}.cms",
         "-recip", catfile($smdir, "smec1.pem") ],
-      [ "{cmd2}", "-decrypt", "-recip", catfile($smdir, "smec1.pem"),
+      [ "{cmd2}", @defaultprov, "-decrypt", "-recip", catfile($smdir, "smec1.pem"),
         "-in", "{output}.cms", "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "enveloped content test streaming S/MIME format, DES, ECDH, 2 recipients, key only used",
-      [ "{cmd1}", "-encrypt", "-in", $smcont,
+      [ "{cmd1}", @defaultprov, "-encrypt", "-in", $smcont,
         "-stream", "-out", "{output}.cms",
         catfile($smdir, "smec1.pem"),
         catfile($smdir, "smec3.pem") ],
-      [ "{cmd2}", "-decrypt", "-inkey", catfile($smdir, "smec3.pem"),
+      [ "{cmd2}", @defaultprov, "-decrypt", "-inkey", catfile($smdir, "smec3.pem"),
         "-in", "{output}.cms", "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "enveloped content test streaming S/MIME format, ECDH, DES, key identifier",
-      [ "{cmd1}", "-encrypt", "-keyid", "-in", $smcont,
+      [ "{cmd1}", @defaultprov, "-encrypt", "-keyid", "-in", $smcont,
         "-stream", "-out", "{output}.cms",
         "-recip", catfile($smdir, "smec1.pem") ],
-      [ "{cmd2}", "-decrypt", "-recip", catfile($smdir, "smec1.pem"),
+      [ "{cmd2}", @defaultprov, "-decrypt", "-recip", catfile($smdir, "smec1.pem"),
         "-in", "{output}.cms", "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "enveloped content test streaming S/MIME format, ECDH, AES128, SHA256 KDF",
-      [ "{cmd1}", "-encrypt", "-in", $smcont,
+      [ "{cmd1}", @prov, "-encrypt", "-in", $smcont,
         "-stream", "-out", "{output}.cms",
         "-recip", catfile($smdir, "smec1.pem"), "-aes128",
         "-keyopt", "ecdh_kdf_md:sha256" ],
-      [ "{cmd2}", "-decrypt", "-recip", catfile($smdir, "smec1.pem"),
+      [ "{cmd2}", @prov, "-decrypt", "-recip", catfile($smdir, "smec1.pem"),
         "-in", "{output}.cms", "-out", "{output}.txt" ],
       \&final_compare
     ],
 
     [ "enveloped content test streaming S/MIME format, ECDH, K-283, cofactor DH",
-      [ "{cmd1}", "-encrypt", "-in", $smcont,
+      [ "{cmd1}", @prov, "-encrypt", "-in", $smcont,
         "-stream", "-out", "{output}.cms",
         "-recip", catfile($smdir, "smec2.pem"), "-aes128",
         "-keyopt", "ecdh_kdf_md:sha256", "-keyopt", "ecdh_cofactor_mode:1" ],
-      [ "{cmd2}", "-decrypt", "-recip", catfile($smdir, "smec2.pem"),
-        "-in", "{output}.cms", "-out", "{output}.txt" ],
-      \&final_compare
-    ],
-
-    [ "enveloped content test streaming S/MIME format, X9.42 DH",
-      [ "{cmd1}", "-encrypt", "-in", $smcont,
-        "-stream", "-out", "{output}.cms",
-        "-recip", catfile($smdir, "smdh.pem"), "-aes128" ],
-      [ "{cmd2}", "-decrypt", "-recip", catfile($smdir, "smdh.pem"),
+      [ "{cmd2}", @prov, "-decrypt", "-recip", catfile($smdir, "smec2.pem"),
         "-in", "{output}.cms", "-out", "{output}.txt" ],
       \&final_compare
     ]
+
+    # TODO(3.0) Add this test back in when "dhpublicnumber" is supported
+    # in the keymanger.
+    #[ "enveloped content test streaming S/MIME format, X9.42 DH",
+    #  [ "{cmd1}", @prov, "-encrypt", "-in", $smcont,
+    #    "-stream", "-out", "{output}.cms",
+    #    "-recip", catfile($smdir, "smdh.pem"), "-aes128" ],
+    #  [ "{cmd2}", "-decrypt", "-recip", catfile($smdir, "smdh.pem"),
+    #    "-in", "{output}.cms", "-out", "{output}.txt" ],
+    #  \&final_compare
+    #]
 );
 
 my @contenttype_cms_test = (
     [ "signed content test - check that content type is added to additional signerinfo, RSA keys",
-      [ "{cmd1}", "-sign", "-binary", "-nodetach", "-stream", "-in", $smcont,
+      [ "{cmd1}", @prov, "-sign", "-binary", "-nodetach", "-stream", "-in", $smcont,
         "-outform", "DER",
         "-signer", catfile($smdir, "smrsa1.pem"), "-md", "SHA256",
         "-out", "{output}.cms" ],
-      [ "{cmd1}", "-resign", "-binary", "-nodetach", "-in", "{output}.cms",
+      [ "{cmd1}", @prov, "-resign", "-binary", "-nodetach", "-in", "{output}.cms",
         "-inform", "DER", "-outform", "DER",
         "-signer", catfile($smdir, "smrsa2.pem"), "-md", "SHA256",
         "-out", "{output}2.cms" ],
       sub { my %opts = @_; contentType_matches("$opts{output}2.cms") == 2; },
-      [ "{cmd2}", "-verify", "-in", "{output}2.cms", "-inform", "DER",
+      [ "{cmd2}", @prov, "-verify", "-in", "{output}2.cms", "-inform", "DER",
         "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ]
     ],
 );
@@ -690,7 +728,7 @@ subtest "CMS Check that bad attributes fail when verifying signers\n" => sub {
     foreach my $name (@incorrect_attribute_cms_test) {
         my $out = "incorrect-$cnt.txt";
 
-        ok(!run(app(["openssl", "cms", "-verify", "-in",
+        ok(!run(app(["openssl", "cms", @prov, "-verify", "-in",
                      catfile($datadir, $name), "-inform", "DER", "-CAfile",
                      catfile($smdir, "smroot.pem"), "-out", $out ])),
             $name);
@@ -706,7 +744,7 @@ subtest "CMS Decrypt message encrypted with OpenSSL 1.1.1\n" => sub {
 
         my $out = "smtst.txt";
 
-        ok(run(app(["openssl", "cms", "-decrypt",
+        ok(run(app(["openssl", "cms", @defaultprov, "-decrypt",
                     "-inkey", catfile($smdir, "smec3.pem"),
                     "-in", catfile($datadir, "ciphertext_from_1_1_1.cms"),
                     "-out", $out ]))
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 813c86b4c1..8cfe55f4fa 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4806,9 +4806,9 @@ OSSL_CMP_print_to_bio                   ?	3_0_0	EXIST::FUNCTION:CMP
 OSSL_CMP_print_errors_cb                ?	3_0_0	EXIST::FUNCTION:CMP
 OSSL_CRMF_CERTID_get0_issuer            ?	3_0_0	EXIST::FUNCTION:CRMF
 OSSL_CRMF_CERTID_get0_serialNumber      ?	3_0_0	EXIST::FUNCTION:CRMF
-EVP_DigestSignInit_ex                   ?	3_0_0	EXIST::FUNCTION:
+EVP_DigestSignInit_ex                   ?	3_0_0	NOEXIST::FUNCTION:
 EVP_DigestSignUpdate                    ?	3_0_0	EXIST::FUNCTION:
-EVP_DigestVerifyInit_ex                 ?	3_0_0	EXIST::FUNCTION:
+EVP_DigestVerifyInit_ex                 ?	3_0_0	NOEXIST::FUNCTION:
 EVP_DigestVerifyUpdate                  ?	3_0_0	EXIST::FUNCTION:
 BN_check_prime                          ?	3_0_0	EXIST::FUNCTION:
 EVP_KEYMGMT_is_a                        ?	3_0_0	EXIST::FUNCTION:
@@ -5206,3 +5206,22 @@ PKCS12_SAFEBAG_create_secret            ?	3_0_0	EXIST::FUNCTION:
 PKCS12_add1_attr_by_NID                 ?	3_0_0	EXIST::FUNCTION:
 PKCS12_add1_attr_by_txt                 ?	3_0_0	EXIST::FUNCTION:
 PKCS12_add_secret                       ?	3_0_0	EXIST::FUNCTION:
+SMIME_write_ASN1_with_libctx            ?	3_0_0	EXIST::FUNCTION:
+SMIME_read_ASN1_ex                      ?	3_0_0	EXIST::FUNCTION:
+CMS_ContentInfo_new_with_libctx         ?	3_0_0	EXIST::FUNCTION:CMS
+SMIME_read_CMS_ex                       ?	3_0_0	EXIST::FUNCTION:CMS
+CMS_sign_with_libctx                    ?	3_0_0	EXIST::FUNCTION:CMS
+CMS_data_create_with_libctx             ?	3_0_0	EXIST::FUNCTION:CMS
+CMS_digest_create_with_libctx           ?	3_0_0	EXIST::FUNCTION:CMS
+CMS_EncryptedData_encrypt_with_libctx   ?	3_0_0	EXIST::FUNCTION:CMS
+CMS_encrypt_with_libctx                 ?	3_0_0	EXIST::FUNCTION:CMS
+CMS_EnvelopedData_create_with_libctx    ?	3_0_0	EXIST::FUNCTION:CMS
+CMS_ReceiptRequest_create0_with_libctx  ?	3_0_0	EXIST::FUNCTION:CMS
+EVP_SignFinal_with_libctx               ?	3_0_0	EXIST::FUNCTION:
+EVP_VerifyFinal_with_libctx             ?	3_0_0	EXIST::FUNCTION:
+EVP_DigestSignInit_with_libctx          ?	3_0_0	EXIST::FUNCTION:
+EVP_DigestVerifyInit_with_libctx        ?	3_0_0	EXIST::FUNCTION:
+PKCS7_new_with_libctx                   ?	3_0_0	EXIST::FUNCTION:
+PKCS7_sign_with_libctx                  ?	3_0_0	EXIST::FUNCTION:
+PKCS7_encrypt_with_libctx               ?	3_0_0	EXIST::FUNCTION:
+SMIME_read_PKCS7_ex                     ?	3_0_0	EXIST::FUNCTION:
diff --git a/util/missingcrypto.txt b/util/missingcrypto.txt
index 0e5bb35878..3e8c62c610 100644
--- a/util/missingcrypto.txt
+++ b/util/missingcrypto.txt
@@ -309,8 +309,6 @@ CMAC_Init(3)
 CMAC_Update(3)
 CMAC_resume(3)
 CMS_ContentInfo_it(3)
-CMS_EncryptedData_decrypt(3)
-CMS_EncryptedData_encrypt(3)
 CMS_EncryptedData_set1_key(3)
 CMS_ReceiptRequest_it(3)
 CMS_RecipientEncryptedKey_cert_cmp(3)
@@ -340,10 +338,8 @@ CMS_add_standard_smimecap(3)
 CMS_data(3)
 CMS_dataFinal(3)
 CMS_dataInit(3)
-CMS_data_create(3)
 CMS_decrypt_set1_key(3)
 CMS_decrypt_set1_password(3)
-CMS_digest_create(3)
 CMS_digest_verify(3)
 CMS_is_detached(3)
 CMS_set1_signers_certs(3)
@@ -1119,9 +1115,7 @@ SHA1_Transform(3)
 SHA256_Transform(3)
 SHA512_Transform(3)
 SMIME_crlf_copy(3)
-SMIME_read_ASN1(3)
 SMIME_text(3)
-SMIME_write_ASN1(3)
 SRP_Verify_A_mod_N(3)
 SRP_Verify_B_mod_N(3)
 SSL_CTX_set0_ctlog_store(3)

From scan-admin at coverity.com  Sun Aug  9 07:53:41 2020
From: scan-admin at coverity.com (scan-admin at coverity.com)
Date: Sun, 09 Aug 2020 07:53:41 +0000 (UTC)
Subject: Coverity Scan: Analysis completed for OpenSSL-1.0.2
Message-ID: <5f2fab85fa22_4bdab2b0e4f99ef70365e9@prd-scan-dashboard-0.mail>


    Your request for analysis of OpenSSL-1.0.2 has been completed successfully.
    The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7Hlun-2FGpeF2rhqKLKnzox0Gkw-3D-3Di12g_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeHx5tm5F-2BnnQ3hpl4cKeeMd4LPEOx3ZW3Fa5FdGk7tSPJOYaensSN9zLpS-2BqHYTgABTUGNO-2FAjKxq68S2gPTgs8OBYvvKrjE8PmbqDsK6Uev536BKmwyb1eOAG6JvqiLlKiLQPHzPxcHJWYj7Uav7X0ySkmLmFtFPirSGJJrwNVH83zRcFIm2288hTbiu7f6DU-3D

    Build ID: 331752

    Analysis Summary:
       New defects found: 0
       Defects eliminated: 0


From scan-admin at coverity.com  Sun Aug  9 07:55:37 2020
From: scan-admin at coverity.com (scan-admin at coverity.com)
Date: Sun, 09 Aug 2020 07:55:37 +0000 (UTC)
Subject: Coverity Scan: Analysis completed for openssl/openssl
Message-ID: <5f2fabf956368_4beb52b0e4f99ef70365ac@prd-scan-dashboard-0.mail>


    Your request for analysis of openssl/openssl has been completed successfully.
    The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3DXXZY_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeE4wMOI6EcHTN5jhVXiP2EKVWvRfyA28fJNqoKl11j7cjQUJcqr8F6KNeOH8uKZ2rc8tcb-2BqFmY2F9zQSgnCMxPZ7SihvDbKgXy7dWT-2BnQfGfADpXZbdCKmvkPZesyRl3DJ22Z6WANr2rKEn9Doas1QzgDaAgnPPtl25JFy1zht9d8T3mWQ1t35ODmgecjoojg-3D

    Build ID: 331750

    Analysis Summary:
       New defects found: 8
       Defects eliminated: 4

    If you have difficulty understanding any defects, email us at scan-admin at coverity.com,
    or post your question to StackOverflow
    at https://u15810271.ct.sendgrid.net/ls/click?upn=CTPegkVN6peWFCMEieYYmPWIi1E4yUS9EoqKFcNAiqhRq8qmgeBE-2Bdt3uvFRAFXd-2FlwX83-2FVVdybfzIMOby0qA-3D-3DvU_q_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeE4wMOI6EcHTN5jhVXiP2EKVWvRfyA28fJNqoKl11j7cnOavcq1fRb3Z-2F68hPzzObHCXkhbVToiSQJnPQnDy6edVMwx7S1cp7fBDBSc5XU6l4w7FoceTC5DYenP-2BTRp5y0s4u3kEG5LQRzB0o7x3ebGSdQvCU1qCs5uBvtgMtMo59IArE5EknV07Y59xb8cbzk-3D

From shane.lontis at oracle.com  Sun Aug  9 08:08:16 2020
From: shane.lontis at oracle.com (shane.lontis at oracle.com)
Date: Sun, 09 Aug 2020 08:08:16 +0000
Subject: [openssl]  master update
Message-ID: <1596960496.823252.22971.nullmailer@dev.openssl.org>

The branch master has been updated
       via  04cb5ec0b74896fe806625ac4d87e3396890f246 (commit)
      from  dda4e259e51aeaf05a2417ef577accf778c9f6f6 (commit)


- Log -----------------------------------------------------------------
commit 04cb5ec0b74896fe806625ac4d87e3396890f246
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Sun Aug 9 18:06:52 2020 +1000

    Add 'on demand self test' and status test to providers
    
    The default and legacy providers currently return 1 for status and self test checks.
    Added test to show the 3 different stages the self test can be run (for installation, loading and on demand).
    
    For the fips provider:
      - If the on demand self test fails, then any subsequent fetches should also fail. To implement this the
        cached algorithms are flushed on failure.
      - getting the self test callback in the fips provider is a bit complicated since the callback hangs off the core
        libctx (as it is set by the application) not the actual fips library context. Also the callback can be set at
        any time not just during the OSSL_provider_init() so it is calculated each time before doing any self test.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/11752)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/evp_fetch.c                             |  11 +-
 crypto/property/property.c                         |  21 ++-
 crypto/provider.c                                  |   6 +
 crypto/provider_core.c                             |  19 ++-
 crypto/sparse_array.c                              |   2 +-
 doc/man3/OSSL_PROVIDER.pod                         |  14 +-
 doc/man7/provider-base.pod                         |  11 ++
 include/crypto/evp.h                               |   1 +
 include/internal/property.h                        |   3 +-
 include/internal/provider.h                        |   1 +
 include/openssl/core_dispatch.h                    |   2 +
 include/openssl/core_names.h                       |   1 +
 include/openssl/provider.h                         |   1 +
 providers/defltprov.c                              |   4 +-
 providers/fips/fipsprov.c                          |  56 +++++--
 providers/fips/self_test.c                         |   7 +
 providers/fips/self_test.h                         |   1 +
 providers/legacyprov.c                             |   4 +-
 test/build.info                                    |   6 +-
 test/provider_status_test.c                        | 185 +++++++++++++++++++++
 .../{30-test_acvp.t => 30-test_provider_status.t}  |  26 +--
 util/libcrypto.num                                 |   1 +
 22 files changed, 338 insertions(+), 45 deletions(-)
 create mode 100644 test/provider_status_test.c
 copy test/recipes/{30-test_acvp.t => 30-test_provider_status.t} (59%)

diff --git a/crypto/evp/evp_fetch.c b/crypto/evp/evp_fetch.c
index 5cb59d98fc..4c3992ab40 100644
--- a/crypto/evp/evp_fetch.c
+++ b/crypto/evp/evp_fetch.c
@@ -17,6 +17,7 @@
 #include "internal/core.h"
 #include "internal/provider.h"
 #include "internal/namemap.h"
+#include "internal/property.h"
 #include "crypto/evp.h"    /* evp_local.h needs it */
 #include "evp_local.h"
 
@@ -368,6 +369,14 @@ void *evp_generic_fetch_by_number(OPENSSL_CTX *libctx, int operation_id,
     return ret;
 }
 
+void evp_method_store_flush(OPENSSL_CTX *libctx)
+{
+    OSSL_METHOD_STORE *store = get_evp_method_store(libctx);
+
+    if (store != NULL)
+        ossl_method_store_flush_cache(store, 1);
+}
+
 static int evp_set_default_properties(OPENSSL_CTX *libctx,
                                       OSSL_PROPERTY_LIST *def_prop)
 {
@@ -378,7 +387,7 @@ static int evp_set_default_properties(OPENSSL_CTX *libctx,
         ossl_property_free(*plp);
         *plp = def_prop;
         if (store != NULL)
-            ossl_method_store_flush_cache(store);
+            ossl_method_store_flush_cache(store, 0);
         return 1;
     }
     EVPerr(0, ERR_R_INTERNAL_ERROR);
diff --git a/crypto/property/property.c b/crypto/property/property.c
index 645e361b0a..cb82f8956b 100644
--- a/crypto/property/property.c
+++ b/crypto/property/property.c
@@ -394,10 +394,19 @@ fin:
     return ret;
 }
 
-static void impl_cache_flush_alg(ossl_uintmax_t idx, ALGORITHM *alg)
+static void impl_cache_flush_alg(ossl_uintmax_t idx, ALGORITHM *alg, void *arg)
 {
+    SPARSE_ARRAY_OF(ALGORITHM) *algs = arg;
+
     lh_QUERY_doall(alg->cache, &impl_cache_free);
-    lh_QUERY_flush(alg->cache);
+    if (algs != NULL) {
+        sk_IMPLEMENTATION_pop_free(alg->impls, &impl_free);
+        lh_QUERY_free(alg->cache);
+        OPENSSL_free(alg);
+        ossl_sa_ALGORITHM_set(algs, idx, NULL);
+    } else {
+        lh_QUERY_flush(alg->cache);
+    }
 }
 
 static void ossl_method_cache_flush(OSSL_METHOD_STORE *store, int nid)
@@ -406,14 +415,16 @@ static void ossl_method_cache_flush(OSSL_METHOD_STORE *store, int nid)
 
     if (alg != NULL) {
         store->nelem -= lh_QUERY_num_items(alg->cache);
-        impl_cache_flush_alg(0, alg);
+        impl_cache_flush_alg(0, alg, NULL);
     }
 }
 
-void ossl_method_store_flush_cache(OSSL_METHOD_STORE *store)
+void ossl_method_store_flush_cache(OSSL_METHOD_STORE *store, int all)
 {
+    void *arg = (all != 0 ? store->algs : NULL);
+
     ossl_property_write_lock(store);
-    ossl_sa_ALGORITHM_doall(store->algs, &impl_cache_flush_alg);
+    ossl_sa_ALGORITHM_doall_arg(store->algs, &impl_cache_flush_alg, arg);
     store->nelem = 0;
     ossl_property_unlock(store);
 }
diff --git a/crypto/provider.c b/crypto/provider.c
index 8646aef771..40c837d8c0 100644
--- a/crypto/provider.c
+++ b/crypto/provider.c
@@ -10,6 +10,7 @@
 #include <openssl/err.h>
 #include <openssl/cryptoerr.h>
 #include <openssl/provider.h>
+#include <openssl/core_names.h>
 #include "internal/provider.h"
 
 OSSL_PROVIDER *OSSL_PROVIDER_load(OPENSSL_CTX *libctx, const char *name)
@@ -69,6 +70,11 @@ void *OSSL_PROVIDER_get0_provider_ctx(const OSSL_PROVIDER *prov)
     return ossl_provider_prov_ctx(prov);
 }
 
+int OSSL_PROVIDER_self_test(const OSSL_PROVIDER *prov)
+{
+    return ossl_provider_self_test(prov);
+}
+
 int OSSL_PROVIDER_get_capabilities(const OSSL_PROVIDER *prov,
                                    const char *capability,
                                    OSSL_CALLBACK *cb,
diff --git a/crypto/provider_core.c b/crypto/provider_core.c
index 79c330383c..4b5b013608 100644
--- a/crypto/provider_core.c
+++ b/crypto/provider_core.c
@@ -14,6 +14,7 @@
 #include <openssl/params.h>
 #include <openssl/opensslv.h>
 #include "crypto/cryptlib.h"
+#include "crypto/evp.h" /* evp_method_store_flush */
 #include "internal/nelem.h"
 #include "internal/thread_once.h"
 #include "internal/provider.h"
@@ -71,6 +72,7 @@ struct ossl_provider_st {
     OSSL_FUNC_provider_gettable_params_fn *gettable_params;
     OSSL_FUNC_provider_get_params_fn *get_params;
     OSSL_FUNC_provider_get_capabilities_fn *get_capabilities;
+    OSSL_FUNC_provider_self_test_fn *self_test;
     OSSL_FUNC_provider_query_operation_fn *query_operation;
 
     /*
@@ -544,6 +546,10 @@ static int provider_activate(OSSL_PROVIDER *prov)
             prov->get_params =
                 OSSL_FUNC_provider_get_params(provider_dispatch);
             break;
+        case OSSL_FUNC_PROVIDER_SELF_TEST:
+            prov->self_test =
+                OSSL_FUNC_provider_self_test(provider_dispatch);
+            break;
         case OSSL_FUNC_PROVIDER_GET_CAPABILITIES:
             prov->get_capabilities =
                 OSSL_FUNC_provider_get_capabilities(provider_dispatch);
@@ -824,6 +830,18 @@ int ossl_provider_get_params(const OSSL_PROVIDER *prov, OSSL_PARAM params[])
         ? 0 : prov->get_params(prov->provctx, params);
 }
 
+int ossl_provider_self_test(const OSSL_PROVIDER *prov)
+{
+    int ret;
+
+    if (prov->self_test == NULL)
+        return 1;
+    ret = prov->self_test(prov->provctx);
+    if (ret == 0)
+        evp_method_store_flush(ossl_provider_library_context(prov));
+    return ret;
+}
+
 int ossl_provider_get_capabilities(const OSSL_PROVIDER *prov,
                                    const char *capability,
                                    OSSL_CALLBACK *cb,
@@ -833,7 +851,6 @@ int ossl_provider_get_capabilities(const OSSL_PROVIDER *prov,
         ? 1 : prov->get_capabilities(prov->provctx, capability, cb, arg);
 }
 
-
 const OSSL_ALGORITHM *ossl_provider_query_operation(const OSSL_PROVIDER *prov,
                                                     int operation_id,
                                                     int *no_cache)
diff --git a/crypto/sparse_array.c b/crypto/sparse_array.c
index 9d444739f5..69a56db01c 100644
--- a/crypto/sparse_array.c
+++ b/crypto/sparse_array.c
@@ -162,7 +162,7 @@ void *OPENSSL_SA_get(const OPENSSL_SA *sa, ossl_uintmax_t n)
     int level;
     void **p, *r = NULL;
 
-    if (sa == NULL)
+    if (sa == NULL || sa->nelem == 0)
         return NULL;
 
     if (n <= sa->top) {
diff --git a/doc/man3/OSSL_PROVIDER.pod b/doc/man3/OSSL_PROVIDER.pod
index 63633842fa..6a1fdd204e 100644
--- a/doc/man3/OSSL_PROVIDER.pod
+++ b/doc/man3/OSSL_PROVIDER.pod
@@ -8,7 +8,8 @@ OSSL_PROVIDER_available, OSSL_PROVIDER_do_all,
 OSSL_PROVIDER_gettable_params, OSSL_PROVIDER_get_params,
 OSSL_PROVIDER_query_operation, OSSL_PROVIDER_get0_provider_ctx,
 OSSL_PROVIDER_add_builtin, OSSL_PROVIDER_name,
-OSSL_PROVIDER_get_capabilities - provider routines
+OSSL_PROVIDER_get_capabilities, OSSL_PROVIDER_self_test
+- provider routines
 
 =head1 SYNOPSIS
 
@@ -43,7 +44,7 @@ OSSL_PROVIDER_get_capabilities - provider routines
                                     const char *capability,
                                     OSSL_CALLBACK *cb,
                                     void *arg);
-
+ int OSSL_PROVIDER_self_test(const OSSL_PROVIDER *prov);
 
 =head1 DESCRIPTION
 
@@ -95,6 +96,11 @@ The caller must prepare the B<OSSL_PARAM> array before calling this
 function, and the variables acting as buffers for this parameter array
 should be filled with data when it returns successfully.
 
+OSSL_PROVIDER_self_test() is used to run a provider's self tests on demand.
+If the self tests fail then the provider will fail to provide any further
+services and algorithms. L<OSSL_SELF_TEST_set_callback(3)> may be called
+beforehand in order to display diagnostics for the running self tests.
+
 OSSL_PROVIDER_query_operation() calls the provider's I<query_operation>
 function (see L<provider(7)>), if the provider has one. It returns an
 array of I<OSSL_ALGORITHM> for the given I<operation_id> terminated by an all
@@ -133,11 +139,13 @@ otherwise 0.
 OSSL_PROVIDER_gettable_params() returns a pointer to an array
 of constant B<OSSL_PARAM>, or NULL if none is provided.
 
-OSSL_PROVIDER_get_params() returns 1 on success, or 0 on error.
+OSSL_PROVIDER_get_params() and returns 1 on success, or 0 on error.
 
 OSSL_PROVIDER_query_operation() returns an array of OSSL_ALGORITHM or NULL on
 error.
 
+OSSL_PROVIDER_self_test() returns 1 if the self tests pass, or 0 on error.
+
 =head1 EXAMPLES
 
 This demonstrates how to load the provider module "foo" and ask for
diff --git a/doc/man7/provider-base.pod b/doc/man7/provider-base.pod
index d61645f961..efec869e25 100644
--- a/doc/man7/provider-base.pod
+++ b/doc/man7/provider-base.pod
@@ -139,6 +139,7 @@ F<libcrypto>):
  provider_query_operation       OSSL_FUNC_PROVIDER_QUERY_OPERATION
  provider_get_reason_strings    OSSL_FUNC_PROVIDER_GET_REASON_STRINGS
  provider_get_capabilities      OSSL_FUNC_PROVIDER_GET_CAPABILITIES
+ provider_self_test             OSSL_FUNC_PROVIDER_SELF_TEST
 
 =head2 Core functions
 
@@ -241,6 +242,11 @@ callback multiple times (one for each capability). Capabilities can be useful fo
 describing the services that a provider can offer. For further details see the
 L</CAPABILITIES> section below. It should return 1 on success or 0 on error.
 
+The provider_self_test() function should perform known answer tests on a subset
+of the algorithms that it uses, and may also verify the integrity of the
+provider module. It should return 1 on success or 0 on error. It will return 1
+if this function is not used.
+
 None of these functions are mandatory, but a provider is fairly
 useless without at least provider_query_operation(), and
 provider_gettable_params() is fairly useless if not accompanied by
@@ -268,6 +274,11 @@ This points to a string that is a build information associated with this provide
 OpenSSL in-built providers use OPENSSL_FULL_VERSION_STR, but this may be
 different for any third party provider.
 
+=item "status" (B<OSSL_PROV_PARAM_STATUS>) <unsigned integer>
+
+This returns 0 if the provider has entered an error state, otherwise it returns
+1.
+
 =back 
 
 provider_gettable_params() should return the above parameters.
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
index f60ae9bc09..07e9ef4bb3 100644
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -778,3 +778,4 @@ int evp_pkey_ctx_get_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params);
 EVP_PKEY *evp_pkcs82pkey_int(const PKCS8_PRIV_KEY_INFO *p8, OPENSSL_CTX *libctx,
                              const char *propq);
 #endif /* !defined(FIPS_MODULE) */
+void evp_method_store_flush(OPENSSL_CTX *libctx);
diff --git a/include/internal/property.h b/include/internal/property.h
index d8ff3582eb..ca1d1e055c 100644
--- a/include/internal/property.h
+++ b/include/internal/property.h
@@ -54,7 +54,8 @@ int ossl_method_store_cache_set(OSSL_METHOD_STORE *store, int nid,
                                 const char *prop_query, void *result,
                                 int (*method_up_ref)(void *),
                                 void (*method_destruct)(void *));
-void ossl_method_store_flush_cache(OSSL_METHOD_STORE *store);
+
+void ossl_method_store_flush_cache(OSSL_METHOD_STORE *store, int all);
 
 /* Merge two property queries together */
 OSSL_PROPERTY_LIST *ossl_property_merge(const OSSL_PROPERTY_LIST *a,
diff --git a/include/internal/provider.h b/include/internal/provider.h
index dcd57708ba..38bbd3bbef 100644
--- a/include/internal/provider.h
+++ b/include/internal/provider.h
@@ -75,6 +75,7 @@ int ossl_provider_get_capabilities(const OSSL_PROVIDER *prov,
                                    const char *capability,
                                    OSSL_CALLBACK *cb,
                                    void *arg);
+int ossl_provider_self_test(const OSSL_PROVIDER *prov);
 const OSSL_ALGORITHM *ossl_provider_query_operation(const OSSL_PROVIDER *prov,
                                                     int operation_id,
                                                     int *no_cache);
diff --git a/include/openssl/core_dispatch.h b/include/openssl/core_dispatch.h
index a3f5107aff..55144f126b 100644
--- a/include/openssl/core_dispatch.h
+++ b/include/openssl/core_dispatch.h
@@ -176,6 +176,8 @@ OSSL_CORE_MAKE_FUNC(const OSSL_ITEM *,provider_get_reason_strings,
 # define OSSL_FUNC_PROVIDER_GET_CAPABILITIES   1029
 OSSL_CORE_MAKE_FUNC(int, provider_get_capabilities, (void *provctx,
                     const char *capability, OSSL_CALLBACK *cb, void *arg))
+# define OSSL_FUNC_PROVIDER_SELF_TEST          1030
+OSSL_CORE_MAKE_FUNC(int, provider_self_test, (void *provctx))
 
 /* Operations */
 
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
index 9ce4115a89..b511571fb3 100644
--- a/include/openssl/core_names.h
+++ b/include/openssl/core_names.h
@@ -23,6 +23,7 @@ extern "C" {
 #define OSSL_PROV_PARAM_NAME            "name"                /* utf8_string */
 #define OSSL_PROV_PARAM_VERSION         "version"             /* utf8_string */
 #define OSSL_PROV_PARAM_BUILDINFO       "buildinfo"           /* utf8_string */
+#define OSSL_PROV_PARAM_STATUS          "status"              /* uint */
 
 /* Self test callback parameters */
 #define OSSL_PROV_PARAM_SELF_TEST_PHASE  "st-phase" /* utf8_string */
diff --git a/include/openssl/provider.h b/include/openssl/provider.h
index cb5fc9f8bf..5470984e13 100644
--- a/include/openssl/provider.h
+++ b/include/openssl/provider.h
@@ -29,6 +29,7 @@ int OSSL_PROVIDER_do_all(OPENSSL_CTX *ctx,
 
 const OSSL_PARAM *OSSL_PROVIDER_gettable_params(const OSSL_PROVIDER *prov);
 int OSSL_PROVIDER_get_params(const OSSL_PROVIDER *prov, OSSL_PARAM params[]);
+int OSSL_PROVIDER_self_test(const OSSL_PROVIDER *prov);
 int OSSL_PROVIDER_get_capabilities(const OSSL_PROVIDER *prov,
                                    const char *capability,
                                    OSSL_CALLBACK *cb,
diff --git a/providers/defltprov.c b/providers/defltprov.c
index 0ee717acac..4ab39e6531 100644
--- a/providers/defltprov.c
+++ b/providers/defltprov.c
@@ -62,7 +62,9 @@ static int deflt_get_params(void *provctx, OSSL_PARAM params[])
     p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_BUILDINFO);
     if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_FULL_VERSION_STR))
         return 0;
-
+    p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_STATUS);
+    if (p != NULL && !OSSL_PARAM_set_uint(p, 1))
+        return 0;
     return 1;
 }
 
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index 73bba5b3a9..e39c306e48 100644
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -69,6 +69,8 @@ static OSSL_FUNC_CRYPTO_secure_free_fn *c_CRYPTO_secure_free;
 static OSSL_FUNC_CRYPTO_secure_clear_free_fn *c_CRYPTO_secure_clear_free;
 static OSSL_FUNC_CRYPTO_secure_allocated_fn *c_CRYPTO_secure_allocated;
 static OSSL_FUNC_BIO_vsnprintf_fn *c_BIO_vsnprintf;
+static OSSL_FUNC_self_test_cb_fn *c_stcbfn = NULL;
+static OSSL_FUNC_core_get_library_context_fn *c_get_libctx = NULL;
 
 typedef struct fips_global_st {
     const OSSL_CORE_HANDLE *handle;
@@ -97,6 +99,7 @@ static const OSSL_PARAM fips_param_types[] = {
     OSSL_PARAM_DEFN(OSSL_PROV_PARAM_NAME, OSSL_PARAM_UTF8_PTR, NULL, 0),
     OSSL_PARAM_DEFN(OSSL_PROV_PARAM_VERSION, OSSL_PARAM_UTF8_PTR, NULL, 0),
     OSSL_PARAM_DEFN(OSSL_PROV_PARAM_BUILDINFO, OSSL_PARAM_UTF8_PTR, NULL, 0),
+    OSSL_PARAM_DEFN(OSSL_PROV_PARAM_STATUS, OSSL_PARAM_UNSIGNED_INTEGER, NULL, 0),
     OSSL_PARAM_END
 };
 
@@ -144,10 +147,29 @@ static int fips_get_params(void *provctx, OSSL_PARAM params[])
     p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_BUILDINFO);
     if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_FULL_VERSION_STR))
         return 0;
-
+    p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_STATUS);
+    if (p != NULL && !OSSL_PARAM_set_uint(p, FIPS_is_running()))
+        return 0;
     return 1;
 }
 
+static void set_self_test_cb(const OSSL_CORE_HANDLE *handle)
+{
+    if (c_stcbfn != NULL && c_get_libctx != NULL) {
+        c_stcbfn(c_get_libctx(handle), &selftest_params.cb,
+                              &selftest_params.cb_arg);
+    } else {
+        selftest_params.cb = NULL;
+        selftest_params.cb_arg = NULL;
+    }
+}
+
+static int fips_self_test(void *provctx)
+{
+    set_self_test_cb(FIPS_get_core_handle(selftest_params.libctx));
+    return SELF_TEST_post(&selftest_params, 1) ? 1 : 0;
+}
+
 /* FIPS specific version of the function of the same name in provlib.c */
 /* TODO(3.0) - Is this function needed ? */
 const char *ossl_prov_util_nid_to_name(int nid)
@@ -444,6 +466,10 @@ static const OSSL_ALGORITHM *fips_query(void *provctx, int operation_id,
                                         int *no_cache)
 {
     *no_cache = 0;
+
+    if (!FIPS_is_running())
+        return NULL;
+
     switch (operation_id) {
     case OSSL_OP_DIGEST:
         return fips_digests;
@@ -489,7 +515,9 @@ static const OSSL_DISPATCH fips_dispatch_table[] = {
     { OSSL_FUNC_PROVIDER_GETTABLE_PARAMS, (void (*)(void))fips_gettable_params },
     { OSSL_FUNC_PROVIDER_GET_PARAMS, (void (*)(void))fips_get_params },
     { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fips_query },
-    { OSSL_FUNC_PROVIDER_GET_CAPABILITIES, (void (*)(void))provider_get_capabilities },
+    { OSSL_FUNC_PROVIDER_GET_CAPABILITIES,
+      (void (*)(void))provider_get_capabilities },
+    { OSSL_FUNC_PROVIDER_SELF_TEST, (void (*)(void))fips_self_test },
     { 0, NULL }
 };
 
@@ -500,7 +528,6 @@ static const OSSL_DISPATCH intern_dispatch_table[] = {
     { 0, NULL }
 };
 
-
 int OSSL_provider_init(const OSSL_CORE_HANDLE *handle,
                        const OSSL_DISPATCH *in,
                        const OSSL_DISPATCH **out,
@@ -508,8 +535,6 @@ int OSSL_provider_init(const OSSL_CORE_HANDLE *handle,
 {
     FIPS_GLOBAL *fgbl;
     OPENSSL_CTX *libctx = NULL;
-    OSSL_FUNC_self_test_cb_fn *stcbfn = NULL;
-    OSSL_FUNC_core_get_library_context_fn *c_get_libctx = NULL;
 
     for (; in->function_id != 0; in++) {
         switch (in->function_id) {
@@ -592,7 +617,7 @@ int OSSL_provider_init(const OSSL_CORE_HANDLE *handle,
             c_BIO_vsnprintf = OSSL_FUNC_BIO_vsnprintf(in);
             break;
         case OSSL_FUNC_SELF_TEST_CB: {
-            stcbfn = OSSL_FUNC_self_test_cb(in);
+            c_stcbfn = OSSL_FUNC_self_test_cb(in);
             break;
         }
         default:
@@ -601,14 +626,7 @@ int OSSL_provider_init(const OSSL_CORE_HANDLE *handle,
         }
     }
 
-    if (stcbfn != NULL && c_get_libctx != NULL) {
-        stcbfn(c_get_libctx(handle), &selftest_params.cb,
-               &selftest_params.cb_arg);
-    }
-    else {
-        selftest_params.cb = NULL;
-        selftest_params.cb_arg = NULL;
-    }
+    set_self_test_cb(handle);
 
     if (!c_get_params(handle, core_params)) {
         ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
@@ -665,29 +683,31 @@ int fips_intern_provider_init(const OSSL_CORE_HANDLE *handle,
                               const OSSL_DISPATCH **out,
                               void **provctx)
 {
-    OSSL_FUNC_core_get_library_context_fn *c_get_libctx = NULL;
+    OSSL_FUNC_core_get_library_context_fn *c_internal_get_libctx = NULL;
 
     for (; in->function_id != 0; in++) {
         switch (in->function_id) {
         case OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT:
-            c_get_libctx = OSSL_FUNC_core_get_library_context(in);
+            c_internal_get_libctx = OSSL_FUNC_core_get_library_context(in);
             break;
         default:
             break;
         }
     }
 
-    if (c_get_libctx == NULL)
+    if (c_internal_get_libctx == NULL)
         return 0;
 
     if ((*provctx = PROV_CTX_new()) == NULL)
         return 0;
+
     /*
      * Using the parent library context only works because we are a built-in
      * internal provider. This is not something that most providers would be
      * able to do.
      */
-    PROV_CTX_set0_library_context(*provctx, (OPENSSL_CTX *)c_get_libctx(handle));
+    PROV_CTX_set0_library_context(*provctx,
+                                  (OPENSSL_CTX *)c_internal_get_libctx(handle));
     PROV_CTX_set0_handle(*provctx, handle);
 
     *out = intern_dispatch_table;
diff --git a/providers/fips/self_test.c b/providers/fips/self_test.c
index 8902510b44..978440adf1 100644
--- a/providers/fips/self_test.c
+++ b/providers/fips/self_test.c
@@ -305,3 +305,10 @@ end:
 
     return ok;
 }
+
+
+unsigned int FIPS_is_running(void)
+{
+    return FIPS_state == FIPS_STATE_RUNNING
+           || FIPS_state == FIPS_STATE_SELFTEST;
+}
diff --git a/providers/fips/self_test.h b/providers/fips/self_test.h
index 20f8a12472..f40788581c 100644
--- a/providers/fips/self_test.h
+++ b/providers/fips/self_test.h
@@ -34,3 +34,4 @@ typedef struct self_test_post_params_st {
 
 int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test);
 int SELF_TEST_kats(OSSL_SELF_TEST *event, OPENSSL_CTX *libctx);
+unsigned int FIPS_is_running(void);
diff --git a/providers/legacyprov.c b/providers/legacyprov.c
index 40d24873a2..549906a68a 100644
--- a/providers/legacyprov.c
+++ b/providers/legacyprov.c
@@ -61,7 +61,9 @@ static int legacy_get_params(void *provctx, OSSL_PARAM params[])
     p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_BUILDINFO);
     if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_FULL_VERSION_STR))
         return 0;
-
+    p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_STATUS);
+    if (p != NULL && !OSSL_PARAM_set_uint(p, 1))
+        return 0;
     return 1;
 }
 
diff --git a/test/build.info b/test/build.info
index d8a585e615..1dd3db7c79 100644
--- a/test/build.info
+++ b/test/build.info
@@ -57,7 +57,7 @@ IF[{- !$disabled{tests} -}]
           http_test servername_test ocspapitest fatalerrtest tls13ccstest \
           sysdefaulttest errtest ssl_ctx_test gosttest \
           context_internal_test aesgcmtest params_test evp_pkey_dparams_test \
-          keymgmt_internal_test hexstr_test
+          keymgmt_internal_test hexstr_test provider_status_test
 
   IF[{- !$disabled{'deprecated-3.0'} -}]
     PROGRAMS{noinst}=enginetest
@@ -166,6 +166,10 @@ IF[{- !$disabled{tests} -}]
     DEPEND[acvp_test]=../libcrypto.a libtestutil.a
   ENDIF
 
+  SOURCE[provider_status_test]=provider_status_test.c
+  INCLUDE[provider_status_test]=../include ../apps/include
+  DEPEND[provider_status_test]=../libcrypto.a libtestutil.a
+
   IF[{- !$disabled{'deprecated-3.0'} -}]
     PROGRAMS{noinst}=igetest bftest casttest
 
diff --git a/test/provider_status_test.c b/test/provider_status_test.c
new file mode 100644
index 0000000000..83572e81f8
--- /dev/null
+++ b/test/provider_status_test.c
@@ -0,0 +1,185 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stddef.h>
+#include <string.h>
+#include <openssl/provider.h>
+#include <openssl/params.h>
+#include <openssl/core_names.h>
+#include <openssl/self_test.h>
+#include <openssl/evp.h>
+#include "testutil.h"
+
+typedef enum OPTION_choice {
+    OPT_ERR = -1,
+    OPT_EOF = 0,
+    OPT_PROVIDER_NAME,
+    OPT_CONFIG_FILE,
+    OPT_TEST_ENUM
+} OPTION_CHOICE;
+
+struct self_test_arg {
+    int count;
+};
+
+static OPENSSL_CTX *libctx = NULL;
+static char *provider_name = NULL;
+static struct self_test_arg self_test_args = { 0 };
+
+const OPTIONS *test_get_options(void)
+{
+    static const OPTIONS test_options[] = {
+        OPT_TEST_OPTIONS_DEFAULT_USAGE,
+        { "provider_name", OPT_PROVIDER_NAME, 's',
+          "The name of the provider to load" },
+        { "config", OPT_CONFIG_FILE, '<',
+          "The configuration file to use for the libctx" },
+        { NULL }
+    };
+    return test_options;
+}
+
+static int self_test_events(const OSSL_PARAM params[], void *arg,
+                            const char *title, int corrupt)
+{
+    struct self_test_arg *args = arg;
+    const OSSL_PARAM *p = NULL;
+    const char *phase = NULL, *type = NULL, *desc = NULL;
+    int ret = 0;
+
+    if (args->count == 0)
+        BIO_printf(bio_out, "\n%s\n", title);
+    args->count++;
+
+    p = OSSL_PARAM_locate_const(params, OSSL_PROV_PARAM_SELF_TEST_PHASE);
+    if (p == NULL || p->data_type != OSSL_PARAM_UTF8_STRING)
+        goto err;
+    phase = (const char *)p->data;
+
+    p = OSSL_PARAM_locate_const(params, OSSL_PROV_PARAM_SELF_TEST_DESC);
+    if (p == NULL || p->data_type != OSSL_PARAM_UTF8_STRING)
+        goto err;
+    desc = (const char *)p->data;
+
+    p = OSSL_PARAM_locate_const(params, OSSL_PROV_PARAM_SELF_TEST_TYPE);
+    if (p == NULL || p->data_type != OSSL_PARAM_UTF8_STRING)
+        goto err;
+    type = (const char *)p->data;
+
+    if (strcmp(phase, OSSL_SELF_TEST_PHASE_START) == 0)
+        BIO_printf(bio_out, "%s : (%s) : ", desc, type);
+    else if (strcmp(phase, OSSL_SELF_TEST_PHASE_PASS) == 0
+             || strcmp(phase, OSSL_SELF_TEST_PHASE_FAIL) == 0)
+        BIO_printf(bio_out, "%s\n", phase);
+    /*
+     * The self test code will internally corrupt the KAT test result if an
+     * error is returned during the corrupt phase.
+     */
+    if (corrupt && strcmp(phase, OSSL_SELF_TEST_PHASE_CORRUPT) == 0)
+        goto err;
+    ret = 1;
+err:
+    return ret;
+}
+
+static int self_test_on_demand_fail(const OSSL_PARAM params[], void *arg)
+{
+    return self_test_events(params, arg, "On Demand Failure", 1);
+}
+
+static int self_test_on_demand(const OSSL_PARAM params[], void *arg)
+{
+    return self_test_events(params, arg, "On Demand", 0);
+}
+
+static int self_test_on_load(const OSSL_PARAM params[], void *arg)
+{
+    return self_test_events(params, arg, "On Loading", 0);
+}
+
+static int test_provider_status(void)
+{
+    int ret = 0;
+    unsigned int status = 0;
+    OSSL_PROVIDER *prov = NULL;
+    OSSL_PARAM params[2];
+    EVP_MD *fetch = NULL;
+
+    if (!TEST_ptr(prov = OSSL_PROVIDER_load(libctx, provider_name)))
+        goto err;
+
+    /* Test that the provider status is ok */
+    params[0] = OSSL_PARAM_construct_uint(OSSL_PROV_PARAM_STATUS, &status);
+    params[1] = OSSL_PARAM_construct_end();
+    if (!TEST_true(OSSL_PROVIDER_get_params(prov, params))
+        || !TEST_true(status == 1))
+        goto err;
+    if (!TEST_ptr(fetch = EVP_MD_fetch(libctx, "SHA256", NULL)))
+        goto err;
+    EVP_MD_free(fetch);
+    fetch = NULL;
+
+    /* Test that the provider self test is ok */
+    self_test_args.count = 0;
+    OSSL_SELF_TEST_set_callback(libctx, self_test_on_demand, &self_test_args);
+    if (!TEST_true(OSSL_PROVIDER_self_test(prov)))
+        goto err;
+
+    /* Setup a callback that corrupts the self tests and causes status failures */
+    self_test_args.count = 0;
+    OSSL_SELF_TEST_set_callback(libctx, self_test_on_demand_fail, &self_test_args);
+    if (!TEST_false(OSSL_PROVIDER_self_test(prov)))
+        goto err;
+    if (!TEST_true(OSSL_PROVIDER_get_params(prov, params))
+        || !TEST_uint_eq(status, 0))
+        goto err;
+    if (!TEST_ptr_null(fetch = EVP_MD_fetch(libctx, "SHA256", NULL)))
+        goto err;
+
+    ret = 1;
+err:
+    EVP_MD_free(fetch);
+    OSSL_PROVIDER_unload(prov);
+    return ret;
+}
+
+int setup_tests(void)
+{
+    OPTION_CHOICE o;
+    char *config_file = NULL;
+
+    while ((o = opt_next()) != OPT_EOF) {
+        switch (o) {
+        case OPT_CONFIG_FILE:
+            config_file = opt_arg();
+            break;
+        case OPT_PROVIDER_NAME:
+            provider_name = opt_arg();
+            break;
+        case OPT_TEST_CASES:
+           break;
+        default:
+        case OPT_ERR:
+            return 0;
+        }
+    }
+
+    libctx = OPENSSL_CTX_new();
+    if (libctx == NULL)
+        return 0;
+    self_test_args.count = 0;
+    OSSL_SELF_TEST_set_callback(libctx, self_test_on_load, &self_test_args);
+
+    if (!OPENSSL_CTX_load_config(libctx, config_file)) {
+        opt_printf_stderr("Failed to load config\n");
+        return 0;
+    }
+    ADD_TEST(test_provider_status);
+    return 1;
+}
diff --git a/test/recipes/30-test_acvp.t b/test/recipes/30-test_provider_status.t
similarity index 59%
copy from test/recipes/30-test_acvp.t
copy to test/recipes/30-test_provider_status.t
index 8cfc07ecf7..03304ba4a2 100644
--- a/test/recipes/30-test_acvp.t
+++ b/test/recipes/30-test_provider_status.t
@@ -6,33 +6,35 @@
 # in the file LICENSE in the source distribution or at
 # https://www.openssl.org/source/license.html
 
+
 use strict;
 use warnings;
 
-use OpenSSL::Test qw(:DEFAULT bldtop_dir srctop_dir srctop_file bldtop_file);
+use OpenSSL::Test qw(:DEFAULT data_file bldtop_dir srctop_file srctop_dir bldtop_file);
 use OpenSSL::Test::Utils;
 
 BEGIN {
-setup("test_acvp");
+setup("test_provider_status");
 }
 
-my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
-
-plan skip_all => "ACVP is not supported by this test"
-    if $no_fips || disabled("acvp_tests");
-
 use lib srctop_dir('Configurations');
 use lib bldtop_dir('.');
 use platform;
 
-my $infile = bldtop_file('providers', platform->dso('fips'));
+my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
+
+plan skip_all => "provider_status is not supported by this test"
+    if $no_fips;
 
 plan tests => 2;
 
+my $infile = bldtop_file('providers', platform->dso('fips'));
+
 ok(run(app(['openssl', 'fipsinstall',
-           '-out', bldtop_file('providers', 'fipsmodule.cnf'),
-           '-module', $infile])),
+            '-out', bldtop_file('providers', 'fipsmodule.cnf'),
+            '-module', $infile])),
    "fipsinstall");
 
-ok(run(test(["acvp_test", "-config", srctop_file("test","fips.cnf")])),
-   "running acvp_test");
+ok(run(test(["provider_status_test", "-config", srctop_file("test","fips.cnf"),
+             "-provider_name", "fips"])),
+   "running provider_status_test");
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 8cfe55f4fa..fe875f188d 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5225,3 +5225,4 @@ PKCS7_new_with_libctx                   ?	3_0_0	EXIST::FUNCTION:
 PKCS7_sign_with_libctx                  ?	3_0_0	EXIST::FUNCTION:
 PKCS7_encrypt_with_libctx               ?	3_0_0	EXIST::FUNCTION:
 SMIME_read_PKCS7_ex                     ?	3_0_0	EXIST::FUNCTION:
+OSSL_PROVIDER_self_test                 ?	3_0_0	EXIST::FUNCTION:

From builds at travis-ci.com  Sun Aug  9 09:40:47 2020
From: builds at travis-ci.com (Travis CI)
Date: Sun, 09 Aug 2020 09:40:47 +0000
Subject: Errored: openssl/openssl#36583 (master - 82a7b2f)
In-Reply-To: <openssl/openssl+179005119+errored@travis-ci.com>
Message-ID: <5f2fc49dae06a_13fd62b5aa140954a8@travis-pro-tasks-77588f5cc8-5v4mm.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36583
Status: Errored

Duration: 7 hrs, 36 mins, and 42 secs
Commit: 82a7b2f (master)
Author: Dr. Matthias St. Pierre
Message: rand: fix typo in parameter name

Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Paul Dale <paul.dale at oracle.com>
Reviewed-by: Ben Kaduk <kaduk at mit.edu>
(Merged from https://github.com/openssl/openssl/pull/12608)

View the changeset: https://github.com/openssl/openssl/compare/378b163e4954...82a7b2fb001e

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179005119?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200809/b1438224/attachment.html>

From builds at travis-ci.com  Sun Aug  9 15:40:33 2020
From: builds at travis-ci.com (Travis CI)
Date: Sun, 09 Aug 2020 15:40:33 +0000
Subject: Errored: openssl/openssl#36585 (master - dda4e25)
In-Reply-To: <openssl/openssl+179019530+errored@travis-ci.com>
Message-ID: <5f3018f160eeb_13f90868b4cb82203e5@travis-pro-tasks-574d7d7f55-b5hsh.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36585
Status: Errored

Duration: 7 hrs, 1 min, and 19 secs
Commit: dda4e25 (master)
Author: Shane Lontis
Message: Add some of the missing CMS API documentation

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11884)

View the changeset: https://github.com/openssl/openssl/compare/82a7b2fb001e...dda4e259e51a

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179019530?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200809/d7afad1d/attachment-0001.html>

From builds at travis-ci.com  Sun Aug  9 18:40:35 2020
From: builds at travis-ci.com (Travis CI)
Date: Sun, 09 Aug 2020 18:40:35 +0000
Subject: Errored: openssl/openssl#36587 (master - 04cb5ec)
In-Reply-To: <openssl/openssl+179020240+errored@travis-ci.com>
Message-ID: <5f30432356ec8_13fcd15ac38d0246760@travis-pro-tasks-647b9d4bb6-nqjkw.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36587
Status: Errored

Duration: 7 hrs, 26 mins, and 54 secs
Commit: 04cb5ec (master)
Author: Shane Lontis
Message: Add 'on demand self test' and status test to providers

The default and legacy providers currently return 1 for status and self test checks.
Added test to show the 3 different stages the self test can be run (for installation, loading and on demand).

For the fips provider:
  - If the on demand self test fails, then any subsequent fetches should also fail. To implement this the
    cached algorithms are flushed on failure.
  - getting the self test callback in the fips provider is a bit complicated since the callback hangs off the core
    libctx (as it is set by the application) not the actual fips library context. Also the callback can be set at
    any time not just during the OSSL_provider_init() so it is calculated each time before doing any self test.

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11752)

View the changeset: https://github.com/openssl/openssl/compare/dda4e259e51a...04cb5ec0b748

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179020240?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200809/94ea9d2d/attachment.html>

From openssl at openssl.org  Sun Aug  9 23:55:08 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Sun, 09 Aug 2020 23:55:08 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT
Message-ID: <1597017308.381307.10348.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT

Commit log since last time:

04cb5ec0b7 Add 'on demand self test' and status test to providers
dda4e259e5 Add some of the missing CMS API documentation
28ba642779 Change CMS tests to use a library context.
0ab18e7924 Add EVP signature with libctx methods.
11eef7e766 Use libctx for EVP_CIPHER_CTX_rand_key() method.
831564543a Add libctx to ecdh_KDF_X9_63.
57e8420609 Fix EVP_PKEY_CTX_get_rsa_oaep_md() & EVP_PKEY_CTX_get_rsa_mgf1_md() so they use a libctx to retrieve the digest
90a1f2d76f Add libctx support to PKCS7.
45b22d6a35 Add libctx to SMIME ASN1
dcc679cd99 Add internal method x509_set0_libctx().
c1669f41ea Add libctx support to CMS.
82a7b2fb00 rand: fix typo in parameter name
378b163e49 Update gost-engine to fix API rename
97a8878c5d Use .cnf for config files, not .conf
5ccada09aa Add evp_test fixes.
64827f407b drbgtest: avoid a memory leak
7d615e2178 rand_drbg: remove RAND_DRBG.
4df0d37ff6 PROV: Fix MSBLOB / PVK deserializer
90ef39f43a EVP: Fix the returned value for ASN1_PKEY_CTRL_DEFAULT_MD_NID
a7922e208d TEST: Adjust the serdes test to include MSBLOB and PVK
dca51418b0 PEM: Fix i2b_PvK to use EVP_Encrypt calls consistently
37d398c180 PROV: Add MSBLOB and PVK to DSA and RSA deserializers
fb89000897 DESERIALIZER: Adjust to allow the use several deserializers with same name
413835f5d1 PEM: Make general MSBLOB reader functions exposed internally
6ce6ad39fe RSA: Be less strict on PSS parameters when exporting to provider
5f6a0b2ff0 mac: add some consistency to setting the XXX_final output length.
992492f5e8 gettables: documentation changes to pass the provider context.
132b61604b gettables: test changes to pass the provider context.
af5e1e852d gettables: provider changes to pass the provider context.
18ec26babc gettables: core changes to pass the provider context.
c5ec6dcf0b Add new APIs to get PKCS12 secretBag OID and value
15c9aa3aef apps/pkcs12: Change defaults from RC2 to PBES2 with PBKDF2
1b2873e4a1 Prepare for 3.0 alpha 7
e3ec8020b4 Prepare for release of 3.0 alpha 6
0f84cbc3e2 Update copyright year

Build log ended with (last 100 lines):

# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1
    not ok 6 - running ssl_test 25-cipher.cnf
# ------------------------------------------------------------------------------
    # Looks like you failed 2 tests of 9.
not ok 26 - Test configuration 25-cipher.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok

        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #2, ECDHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 80374B7EA47F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #3, DHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 80374B7EA47F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 4 - iteration 4
# ------------------------------------------------------------------------------
    not ok 1 - test_ssl_corrupt
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1
not ok 1 - running sslcorrupttest
# ------------------------------------------------------------------------------
#   Failed test 'running sslcorrupttest'
#   at ../openssl/test/recipes/80-test_sslcorrupt.t line 19.
# Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests 
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ skipped: Test only supported in a shared build
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
05-test_rand.t                   (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_dtls_mtu.t               (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  26
  Non-zero exit status: 1
80-test_sslcorrupt.t             (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=208, Tests=3101, 1711 wallclock secs (12.39 usr  1.53 sys + 1540.55 cusr 155.88 csys = 1710.35 CPU)
Result: FAIL
Makefile:2537: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-asan'
Makefile:2535: recipe for target 'tests' failed
make: *** [tests] Error 2

From shane.lontis at oracle.com  Mon Aug 10 00:53:33 2020
From: shane.lontis at oracle.com (shane.lontis at oracle.com)
Date: Mon, 10 Aug 2020 00:53:33 +0000
Subject: [openssl]  master update
Message-ID: <1597020813.952623.16183.nullmailer@dev.openssl.org>

The branch master has been updated
       via  c23add3676634ced6662929d60f266a9f5062e7b (commit)
      from  04cb5ec0b74896fe806625ac4d87e3396890f246 (commit)


- Log -----------------------------------------------------------------
commit c23add3676634ced6662929d60f266a9f5062e7b
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Sun Aug 9 17:26:39 2020 +1000

    Fix memory leak in drbgtest
    
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
    (Merged from https://github.com/openssl/openssl/pull/12613)

-----------------------------------------------------------------------

Summary of changes:
 test/drbgtest.c | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/test/drbgtest.c b/test/drbgtest.c
index c6c8438e98..fbe5c78c58 100644
--- a/test/drbgtest.c
+++ b/test/drbgtest.c
@@ -531,10 +531,10 @@ static EVP_RAND_CTX *new_drbg(EVP_RAND_CTX *parent)
     if (!TEST_ptr(rand = EVP_RAND_fetch(NULL, "CTR-DRBG", NULL))
             || !TEST_ptr(drbg = EVP_RAND_CTX_new(rand, parent))
             || !TEST_true(EVP_RAND_set_ctx_params(drbg, params))) {
-        EVP_RAND_CTX_rand(drbg);
-        EVP_RAND_free(rand);
+        EVP_RAND_CTX_free(drbg);
         drbg = NULL;
     }
+    EVP_RAND_free(rand);
     return drbg;
 }
 
@@ -627,13 +627,6 @@ err:
 
 int setup_tests(void)
 {
-    /*
-     * TODO(3.0): figure out why and fix.
-     * Create the primary DRBG here to avoid a memory leak if it is done in
-     * the test cases.
-     */
-    if (RAND_get0_primary(NULL) == NULL)
-        return 0;
     ADD_TEST(test_rand_drbg_reseed);
     ADD_TEST(test_rand_drbg_prediction_resistance);
 #if defined(OPENSSL_THREADS)

From openssl at openssl.org  Mon Aug 10 01:48:39 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 10 Aug 2020 01:48:39 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-autoerrinit
Message-ID: <1597024119.025818.9512.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit

Commit log since last time:

04cb5ec0b7 Add 'on demand self test' and status test to providers
dda4e259e5 Add some of the missing CMS API documentation
28ba642779 Change CMS tests to use a library context.
0ab18e7924 Add EVP signature with libctx methods.
11eef7e766 Use libctx for EVP_CIPHER_CTX_rand_key() method.
831564543a Add libctx to ecdh_KDF_X9_63.
57e8420609 Fix EVP_PKEY_CTX_get_rsa_oaep_md() & EVP_PKEY_CTX_get_rsa_mgf1_md() so they use a libctx to retrieve the digest
90a1f2d76f Add libctx support to PKCS7.
45b22d6a35 Add libctx to SMIME ASN1
dcc679cd99 Add internal method x509_set0_libctx().
c1669f41ea Add libctx support to CMS.
82a7b2fb00 rand: fix typo in parameter name
378b163e49 Update gost-engine to fix API rename
97a8878c5d Use .cnf for config files, not .conf
5ccada09aa Add evp_test fixes.
64827f407b drbgtest: avoid a memory leak
7d615e2178 rand_drbg: remove RAND_DRBG.
4df0d37ff6 PROV: Fix MSBLOB / PVK deserializer
90ef39f43a EVP: Fix the returned value for ASN1_PKEY_CTRL_DEFAULT_MD_NID
a7922e208d TEST: Adjust the serdes test to include MSBLOB and PVK
dca51418b0 PEM: Fix i2b_PvK to use EVP_Encrypt calls consistently
37d398c180 PROV: Add MSBLOB and PVK to DSA and RSA deserializers
fb89000897 DESERIALIZER: Adjust to allow the use several deserializers with same name
413835f5d1 PEM: Make general MSBLOB reader functions exposed internally
6ce6ad39fe RSA: Be less strict on PSS parameters when exporting to provider
5f6a0b2ff0 mac: add some consistency to setting the XXX_final output length.
992492f5e8 gettables: documentation changes to pass the provider context.
132b61604b gettables: test changes to pass the provider context.
af5e1e852d gettables: provider changes to pass the provider context.
18ec26babc gettables: core changes to pass the provider context.
c5ec6dcf0b Add new APIs to get PKCS12 secretBag OID and value
15c9aa3aef apps/pkcs12: Change defaults from RC2 to PBES2 with PBKDF2
1b2873e4a1 Prepare for 3.0 alpha 7
e3ec8020b4 Prepare for release of 3.0 alpha 6
0f84cbc3e2 Update copyright year

Build log ended with (last 100 lines):

65-test_cmp_status.t ............... ok
65-test_cmp_vfy.t .................. ok
70-test_asyncio.t .................. ok
70-test_bad_dtls.t ................. ok
70-test_clienthello.t .............. ok
70-test_comp.t ..................... ok
70-test_key_share.t ................ ok
70-test_packet.t ................... ok
70-test_recordlen.t ................ ok
70-test_renegotiation.t ............ ok
70-test_servername.t ............... ok
70-test_sslcbcpadding.t ............ ok
70-test_sslcertstatus.t ............ ok
70-test_sslextension.t ............. ok
70-test_sslmessages.t .............. ok
70-test_sslrecords.t ............... ok
70-test_sslsessiontick.t ........... ok
70-test_sslsigalgs.t ............... ok
70-test_sslsignature.t ............. ok
70-test_sslskewith0p.t ............. ok
70-test_sslversions.t .............. ok
70-test_sslvertol.t ................ ok
70-test_tls13alerts.t .............. ok
70-test_tls13cookie.t .............. ok
70-test_tls13downgrade.t ........... ok
70-test_tls13hrr.t ................. ok
70-test_tls13kexmodes.t ............ ok
70-test_tls13messages.t ............ ok
70-test_tls13psk.t ................. ok
70-test_tlsextms.t ................. ok
70-test_verify_extra.t ............. ok
70-test_wpacket.t .................. ok
71-test_ssl_ctx.t .................. ok
80-test_ca.t ....................... ok
80-test_cipherbytes.t .............. ok
80-test_cipherlist.t ............... ok
80-test_ciphername.t ............... ok

# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... ok
80-test_dtls_mtu.t ................. ok
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok
80-test_ssl_new.t .................. ok
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
04-test_err.t                    (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=208, Tests=3170, 875 wallclock secs (13.65 usr  1.28 sys + 807.91 cusr 60.24 csys = 883.08 CPU)
Result: FAIL
Makefile:3172: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit'
Makefile:3170: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Mon Aug 10 04:36:47 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 10 Aug 2020 04:36:47 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-cms
Message-ID: <1597034207.799805.18876.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-cms

Commit log since last time:

04cb5ec0b7 Add 'on demand self test' and status test to providers
dda4e259e5 Add some of the missing CMS API documentation
28ba642779 Change CMS tests to use a library context.
0ab18e7924 Add EVP signature with libctx methods.
11eef7e766 Use libctx for EVP_CIPHER_CTX_rand_key() method.
831564543a Add libctx to ecdh_KDF_X9_63.
57e8420609 Fix EVP_PKEY_CTX_get_rsa_oaep_md() & EVP_PKEY_CTX_get_rsa_mgf1_md() so they use a libctx to retrieve the digest
90a1f2d76f Add libctx support to PKCS7.
45b22d6a35 Add libctx to SMIME ASN1
dcc679cd99 Add internal method x509_set0_libctx().
c1669f41ea Add libctx support to CMS.
82a7b2fb00 rand: fix typo in parameter name
378b163e49 Update gost-engine to fix API rename
97a8878c5d Use .cnf for config files, not .conf
5ccada09aa Add evp_test fixes.
64827f407b drbgtest: avoid a memory leak
7d615e2178 rand_drbg: remove RAND_DRBG.
4df0d37ff6 PROV: Fix MSBLOB / PVK deserializer
90ef39f43a EVP: Fix the returned value for ASN1_PKEY_CTRL_DEFAULT_MD_NID
a7922e208d TEST: Adjust the serdes test to include MSBLOB and PVK
dca51418b0 PEM: Fix i2b_PvK to use EVP_Encrypt calls consistently
37d398c180 PROV: Add MSBLOB and PVK to DSA and RSA deserializers
fb89000897 DESERIALIZER: Adjust to allow the use several deserializers with same name
413835f5d1 PEM: Make general MSBLOB reader functions exposed internally
6ce6ad39fe RSA: Be less strict on PSS parameters when exporting to provider
5f6a0b2ff0 mac: add some consistency to setting the XXX_final output length.
992492f5e8 gettables: documentation changes to pass the provider context.
132b61604b gettables: test changes to pass the provider context.
af5e1e852d gettables: provider changes to pass the provider context.
18ec26babc gettables: core changes to pass the provider context.
c5ec6dcf0b Add new APIs to get PKCS12 secretBag OID and value
15c9aa3aef apps/pkcs12: Change defaults from RC2 to PBES2 with PBKDF2
1b2873e4a1 Prepare for 3.0 alpha 7
e3ec8020b4 Prepare for release of 3.0 alpha 6
0f84cbc3e2 Update copyright year

Build log ended with (last 100 lines):

clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.d.tmp -MT test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o -c -o test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o ../openssl/test/ssl_cert_table_internal_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_ctx_test-bin-ssl_ctx_test.d.tmp -MT test/ssl_ctx_test-bin-ssl_ctx_test.o -c -o test/ssl_ctx_test-bin-ssl_ctx_test.o ../openssl/test/ssl_ctx_test.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test-bin-handshake_helper.d.tmp -MT test/ssl_test-bin-handshake_helper.o -c -o test/ssl_test-bin-handshake_helper.o ../openssl/test/handshake_helper.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test-bin-ssl_test.d.tmp -MT test/ssl_test-bin-ssl_test.o -c -o test/ssl_test-bin-ssl_test.o ../openssl/test/ssl_test.c
clang  -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test-bin-ssl_test_ctx.o -c -o test/ssl_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c
clang  -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx_test.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o ../openssl/test/ssl_test_ctx_test.c
clang  -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-filterprov.d.tmp -MT test/sslapitest-bin-filterprov.o -c -o test/sslapitest-bin-filterprov.o ../openssl/test/filterprov.c
clang  -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-sslapitest.d.tmp -MT test/sslapitest-bin-sslapitest.o -c -o test/sslapitest-bin-sslapitest.o ../openssl/test/sslapitest.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-ssltestlib.d.tmp -MT test/sslapitest-bin-ssltestlib.o -c -o test/sslapitest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-tls-provider.d.tmp -MT test/sslapitest-bin-tls-provider.o -c -o test/sslapitest-bin-tls-provider.o ../openssl/test/tls-provider.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslbuffertest-bin-sslbuffertest.d.tmp -MT test/sslbuffertest-bin-sslbuffertest.o -c -o test/sslbuffertest-bin-sslbuffertest.o ../openssl/test/sslbuffertest.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslbuffertest-bin-ssltestlib.d.tmp -MT test/sslbuffertest-bin-ssltestlib.o -c -o test/sslbuffertest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslcorrupttest-bin-sslcorrupttest.d.tmp -MT test/sslcorrupttest-bin-sslcorrupttest.o -c -o test/sslcorrupttest-bin-sslcorrupttest.o ../openssl/test/sslcorrupttest.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslcorrupttest-bin-ssltestlib.d.tmp -MT test/sslcorrupttest-bin-ssltestlib.o -c -o test/sslcorrupttest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssltest_old-bin-ssltest_old.d.tmp -MT test/ssltest_old-bin-ssltest_old.o -c -o test/ssltest_old-bin-ssltest_old.o ../openssl/test/ssltest_old.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/stack_test-bin-stack_test.d.tmp -MT test/stack_test-bin-stack_test.o -c -o test/stack_test-bin-stack_test.o ../openssl/test/stack_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sysdefaulttest-bin-sysdefaulttest.d.tmp -MT test/sysdefaulttest-bin-sysdefaulttest.o -c -o test/sysdefaulttest-bin-sysdefaulttest.o ../openssl/test/sysdefaulttest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/test_test-bin-test_test.d.tmp -MT test/test_test-bin-test_test.o -c -o test/test_test-bin-test_test.o ../openssl/test/test_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/threadstest-bin-threadstest.d.tmp -MT test/threadstest-bin-threadstest.o -c -o test/threadstest-bin-threadstest.o ../openssl/test/threadstest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/time_offset_test-bin-time_offset_test.d.tmp -MT test/time_offset_test-bin-time_offset_test.o -c -o test/time_offset_test-bin-time_offset_test.o ../openssl/test/time_offset_test.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13ccstest-bin-ssltestlib.d.tmp -MT test/tls13ccstest-bin-ssltestlib.o -c -o test/tls13ccstest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13ccstest-bin-tls13ccstest.d.tmp -MT test/tls13ccstest-bin-tls13ccstest.o -c -o test/tls13ccstest-bin-tls13ccstest.o ../openssl/test/tls13ccstest.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13encryptiontest-bin-tls13encryptiontest.d.tmp -MT test/tls13encryptiontest-bin-tls13encryptiontest.o -c -o test/tls13encryptiontest-bin-tls13encryptiontest.o ../openssl/test/tls13encryptiontest.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/tls13secretstest-bin-packet.d.tmp -MT crypto/tls13secretstest-bin-packet.o -c -o crypto/tls13secretstest-bin-packet.o ../openssl/crypto/packet.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF ssl/tls13secretstest-bin-tls13_enc.d.tmp -MT ssl/tls13secretstest-bin-tls13_enc.o -c -o ssl/tls13secretstest-bin-tls13_enc.o ../openssl/ssl/tls13_enc.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13secretstest-bin-tls13secretstest.d.tmp -MT test/tls13secretstest-bin-tls13secretstest.o -c -o test/tls13secretstest-bin-tls13secretstest.o ../openssl/test/tls13secretstest.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/uitest-bin-apps_ui.d.tmp -MT apps/lib/uitest-bin-apps_ui.o -c -o apps/lib/uitest-bin-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/uitest-bin-uitest.d.tmp -MT test/uitest-bin-uitest.o -c -o test/uitest-bin-uitest.o ../openssl/test/uitest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/v3ext-bin-v3ext.d.tmp -MT test/v3ext-bin-v3ext.o -c -o test/v3ext-bin-v3ext.o ../openssl/test/v3ext.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/v3nametest-bin-v3nametest.d.tmp -MT test/v3nametest-bin-v3nametest.o -c -o test/v3nametest-bin-v3nametest.o ../openssl/test/v3nametest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/verify_extra_test-bin-verify_extra_test.d.tmp -MT test/verify_extra_test-bin-verify_extra_test.o -c -o test/verify_extra_test-bin-verify_extra_test.o ../openssl/test/verify_extra_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/versions-bin-versions.d.tmp -MT test/versions-bin-versions.o -c -o test/versions-bin-versions.o ../openssl/test/versions.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/wpackettest-bin-wpackettest.d.tmp -MT test/wpackettest-bin-wpackettest.o -c -o test/wpackettest-bin-wpackettest.o ../openssl/test/wpackettest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.d.tmp -MT test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o -c -o test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o ../openssl/test/x509_check_cert_pkey_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_dup_cert_test-bin-x509_dup_cert_test.d.tmp -MT test/x509_dup_cert_test-bin-x509_dup_cert_test.o -c -o test/x509_dup_cert_test-bin-x509_dup_cert_test.o ../openssl/test/x509_dup_cert_test.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_internal_test-bin-x509_internal_test.d.tmp -MT test/x509_internal_test-bin-x509_internal_test.o -c -o test/x509_internal_test-bin-x509_internal_test.o ../openssl/test/x509_internal_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_time_test-bin-x509_time_test.d.tmp -MT test/x509_time_test-bin-x509_time_test.o -c -o test/x509_time_test-bin-x509_time_test.o ../openssl/test/x509_time_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509aux-bin-x509aux.d.tmp -MT test/x509aux-bin-x509aux.o -c -o test/x509aux-bin-x509aux.o ../openssl/test/x509aux.c
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/apps/CA.pl.in > "apps/CA.pl"
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/apps/tsget.in > "apps/tsget.pl"
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/tools/c_rehash.in > "tools/c_rehash"
chmod a+x apps/CA.pl
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/util/shlib_wrap.sh.in > "util/shlib_wrap.sh"
chmod a+x apps/tsget.pl
ar r apps/libapps.a apps/lib/libapps-lib-app_params.o apps/lib/libapps-lib-app_provider.o apps/lib/libapps-lib-app_rand.o apps/lib/libapps-lib-app_x509.o apps/lib/libapps-lib-apps.o apps/lib/libapps-lib-apps_ui.o apps/lib/libapps-lib-columns.o apps/lib/libapps-lib-fmt.o apps/lib/libapps-lib-http_server.o apps/lib/libapps-lib-names.o apps/lib/libapps-lib-opt.o apps/lib/libapps-lib-s_cb.o apps/lib/libapps-lib-s_socket.o
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aes-x86_64.o crypto/aes/aes-x86_64.s
ar: creating apps/libapps.a
ranlib apps/libapps.a || echo Never mind.
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-mb-x86_64.o crypto/aes/aesni-mb-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-sha1-x86_64.o crypto/aes/aesni-sha1-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-sha256-x86_64.o crypto/aes/aesni-sha256-x86_64.s
chmod a+x tools/c_rehash
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-x86_64.o crypto/aes/aesni-x86_64.s
chmod a+x util/shlib_wrap.sh
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-bsaes-x86_64.o crypto/aes/bsaes-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-vpaes-x86_64.o crypto/aes/vpaes-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-rsaz-avx2.o crypto/bn/rsaz-avx2.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-rsaz-x86_64.o crypto/bn/rsaz-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-x86_64-gf2m.o crypto/bn/x86_64-gf2m.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-x86_64-mont.o crypto/bn/x86_64-mont.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-x86_64-mont5.o crypto/bn/x86_64-mont5.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/camellia/libcrypto-lib-cmll-x86_64.o crypto/camellia/cmll-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/chacha/libcrypto-lib-chacha-x86_64.o crypto/chacha/chacha-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/ec/libcrypto-lib-ecp_nistz256-x86_64.o crypto/ec/ecp_nistz256-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/ec/libcrypto-lib-x25519-x86_64.o crypto/ec/x25519-x86_64.s
clang  -Icrypto -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/libcrypto-lib-cversion.d.tmp -MT crypto/libcrypto-lib-cversion.o -c -o crypto/libcrypto-lib-cversion.o ../openssl/crypto/cversion.c
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/libcrypto-lib-x86_64cpuid.o crypto/x86_64cpuid.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/md5/libcrypto-lib-md5-x86_64.o crypto/md5/md5-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/modes/libcrypto-lib-aesni-gcm-x86_64.o crypto/modes/aesni-gcm-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/modes/libcrypto-lib-ghash-x86_64.o crypto/modes/ghash-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/poly1305/libcrypto-lib-poly1305-x86_64.o crypto/poly1305/poly1305-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/rc4/libcrypto-lib-rc4-md5-x86_64.o crypto/rc4/rc4-md5-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/rc4/libcrypto-lib-rc4-x86_64.o crypto/rc4/rc4-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-keccak1600-x86_64.o crypto/sha/keccak1600-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha1-mb-x86_64.o crypto/sha/sha1-mb-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha1-x86_64.o crypto/sha/sha1-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha256-mb-x86_64.o crypto/sha/sha256-mb-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha256-x86_64.o crypto/sha/sha256-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha512-x86_64.o crypto/sha/sha512-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/whrlpool/libcrypto-lib-wp-x86_64.o crypto/whrlpool/wp-x86_64.s
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/implementations/kdfs/libimplementations-lib-x942kdf.d.tmp -MT providers/implementations/kdfs/libimplementations-lib-x942kdf.o -c -o providers/implementations/kdfs/libimplementations-lib-x942kdf.o ../openssl/providers/implementations/kdfs/x942kdf.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/implementations/serializers/libimplementations-lib-serializer_rsa.d.tmp -MT providers/implementations/serializers/libimplementations-lib-serializer_rsa.o -c -o providers/implementations/serializers/libimplementations-lib-serializer_rsa.o ../openssl/providers/implementations/serializers/serializer_rsa.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/implementations/signature/libimplementations-lib-dsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-dsa.o -c -o providers/implementations/signature/libimplementations-lib-dsa.o ../openssl/providers/implementations/signature/dsa.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/common/der/libnonfips-lib-der_digests_gen.d.tmp -MT providers/common/der/libnonfips-lib-der_digests_gen.o -c -o providers/common/der/libnonfips-lib-der_digests_gen.o providers/common/der/der_digests_gen.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/common/der/libnonfips-lib-der_dsa_gen.d.tmp -MT providers/common/der/libnonfips-lib-der_dsa_gen.o -c -o providers/common/der/libnonfips-lib-der_dsa_gen.o providers/common/der/der_dsa_gen.c
../openssl/providers/implementations/kdfs/x942kdf.c:438:21: error: no previous extern declaration for non-static variable 'kdf_x942_kdf_functions' [-Werror,-Wmissing-variable-declarations]
const OSSL_DISPATCH kdf_x942_kdf_functions[] = {
                    ^
1 error generated.
Makefile:21245: recipe for target 'providers/implementations/kdfs/libimplementations-lib-x942kdf.o' failed
make[1]: *** [providers/implementations/kdfs/libimplementations-lib-x942kdf.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-cms'
Makefile:3116: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From builds at travis-ci.com  Mon Aug 10 06:54:56 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 10 Aug 2020 06:54:56 +0000
Subject: Canceled: openssl/openssl#36561 (master - 5ccada0)
In-Reply-To: <openssl/openssl+178843533+canceled@travis-ci.com>
Message-ID: <5f30ef405a664_13fddc37b49b4213075@travis-pro-tasks-854d7dcf4b-rp89l.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36561
Status: Canceled

Duration: 7 hrs, 17 mins, and 20 secs
Commit: 5ccada0 (master)
Author: Shane Lontis
Message: Add evp_test fixes.

Changed many tests so they also test fips (and removed 'availablein = default' from some tests).
Seperated the monolithic evppkey.txt file into smaller maintainable groups.
Changed the availablein option so it must be first - this then skips the entire test before any fetching happens.
Changed the code so that all the OPENSSL_NO_XXXX tests are done in code via methods such as is_cipher_disabled(alg),
before the fetch happens.
Added missing libctx's found by adding a libctx to test_evp.
Broke up large data files for cipher, kdf's and mac's into smaller pieces so they no longer need 'AvailableIn = default'
Added missing algorithm aliases for cipher/digests to the providers.

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12236)

View the changeset: https://github.com/openssl/openssl/compare/64827f407b0b...5ccada09aae0

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178843533?utm_medium=notification&utm_source=email

  Restart your build: https://travis-ci.com/github/openssl/openssl/builds/178843533?utm_medium=notification&utm_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200810/24a4973a/attachment-0001.html>

From builds at travis-ci.com  Mon Aug 10 06:54:51 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 10 Aug 2020 06:54:51 +0000
Subject: Canceled: openssl/openssl#36559 (master - 64827f4)
In-Reply-To: <openssl/openssl+178842107+canceled@travis-ci.com>
Message-ID: <5f30ef3abee10_13fddc37b4428212043@travis-pro-tasks-854d7dcf4b-rp89l.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36559
Status: Canceled

Duration: 7 hrs, 11 mins, and 10 secs
Commit: 64827f4 (master)
Author: Pauli
Message: drbgtest: avoid a memory leak

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12509)

View the changeset: https://github.com/openssl/openssl/compare/4df0d37ff6cc...64827f407b0b

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178842107?utm_medium=notification&utm_source=email

  Restart your build: https://travis-ci.com/github/openssl/openssl/builds/178842107?utm_medium=notification&utm_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200810/61d9c016/attachment-0001.html>

From builds at travis-ci.com  Mon Aug 10 06:55:15 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 10 Aug 2020 06:55:15 +0000
Subject: Canceled: openssl/openssl#36565 (openssl-3.0.0-alpha6 - e3ec802)
In-Reply-To: <openssl/openssl+178866547+canceled@travis-ci.com>
Message-ID: <5f30ef5226c67_13fbbd76bfecc120230@travis-pro-tasks-854d7dcf4b-dtb78.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36565
Status: Canceled

Duration: 7 hrs, 22 mins, and 5 secs
Commit: e3ec802 (openssl-3.0.0-alpha6)
Author: Matt Caswell
Message: Prepare for release of 3.0 alpha 6

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>

View the changeset: https://github.com/openssl/openssl/compare/openssl-3.0.0-alpha6

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178866547?utm_medium=notification&utm_source=email

  Restart your build: https://travis-ci.com/github/openssl/openssl/builds/178866547?utm_medium=notification&utm_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200810/09bccf8d/attachment.html>

From builds at travis-ci.com  Mon Aug 10 06:55:32 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 10 Aug 2020 06:55:32 +0000
Subject: Canceled: openssl/openssl#36571 (master - 97a8878)
In-Reply-To: <openssl/openssl+178897138+canceled@travis-ci.com>
Message-ID: <5f30ef629f88f_13fbbd76ac0d4122495@travis-pro-tasks-854d7dcf4b-dtb78.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36571
Status: Canceled

Duration: 8 hrs, 0 mins, and 23 secs
Commit: 97a8878 (master)
Author: Kelvin Lee
Message: Use .cnf for config files, not .conf

CLA: trivial

Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12592)

View the changeset: https://github.com/openssl/openssl/compare/5ccada09aae0...97a8878c5d7f

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178897138?utm_medium=notification&utm_source=email

  Restart your build: https://travis-ci.com/github/openssl/openssl/builds/178897138?utm_medium=notification&utm_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200810/f85a8e0f/attachment-0001.html>

From builds at travis-ci.com  Mon Aug 10 06:55:42 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 10 Aug 2020 06:55:42 +0000
Subject: Canceled: openssl/openssl#36579 (master - 378b163)
In-Reply-To: <openssl/openssl+178944975+canceled@travis-ci.com>
Message-ID: <5f30ef6b75427_13fddc51e56bc221539@travis-pro-tasks-854d7dcf4b-rp89l.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36579
Status: Canceled

Duration: 7 hrs, 32 mins, and 48 secs
Commit: 378b163 (master)
Author: Dmitry Belyavskiy
Message: Update gost-engine to fix API rename

[extended tests]

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12599)

View the changeset: https://github.com/openssl/openssl/compare/97a8878c5d7f...378b163e4954

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/178944975?utm_medium=notification&utm_source=email

  Restart your build: https://travis-ci.com/github/openssl/openssl/builds/178944975?utm_medium=notification&utm_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200810/f5daa9f3/attachment.html>

From builds at travis-ci.com  Mon Aug 10 06:55:50 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 10 Aug 2020 06:55:50 +0000
Subject: Canceled: openssl/openssl#36583 (master - 82a7b2f)
In-Reply-To: <openssl/openssl+179005119+canceled@travis-ci.com>
Message-ID: <5f30ef73d483d_13fddc37b591822478d@travis-pro-tasks-854d7dcf4b-rp89l.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36583
Status: Canceled

Duration: 7 hrs, 36 mins, and 42 secs
Commit: 82a7b2f (master)
Author: Dr. Matthias St. Pierre
Message: rand: fix typo in parameter name

Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Paul Dale <paul.dale at oracle.com>
Reviewed-by: Ben Kaduk <kaduk at mit.edu>
(Merged from https://github.com/openssl/openssl/pull/12608)

View the changeset: https://github.com/openssl/openssl/compare/378b163e4954...82a7b2fb001e

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179005119?utm_medium=notification&utm_source=email

  Restart your build: https://travis-ci.com/github/openssl/openssl/builds/179005119?utm_medium=notification&utm_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200810/d70aa68d/attachment-0001.html>

From builds at travis-ci.com  Mon Aug 10 06:55:53 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 10 Aug 2020 06:55:53 +0000
Subject: Canceled: openssl/openssl#36585 (master - dda4e25)
In-Reply-To: <openssl/openssl+179019530+canceled@travis-ci.com>
Message-ID: <5f30ef76bc39f_13fbbd76bfcec1250f9@travis-pro-tasks-854d7dcf4b-dtb78.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36585
Status: Canceled

Duration: 7 hrs, 1 min, and 19 secs
Commit: dda4e25 (master)
Author: Shane Lontis
Message: Add some of the missing CMS API documentation

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11884)

View the changeset: https://github.com/openssl/openssl/compare/82a7b2fb001e...dda4e259e51a

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179019530?utm_medium=notification&utm_source=email

  Restart your build: https://travis-ci.com/github/openssl/openssl/builds/179019530?utm_medium=notification&utm_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200810/014c358a/attachment-0001.html>

From builds at travis-ci.com  Mon Aug 10 06:55:53 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 10 Aug 2020 06:55:53 +0000
Subject: Canceled: openssl/openssl#36587 (master - 04cb5ec)
In-Reply-To: <openssl/openssl+179020240+canceled@travis-ci.com>
Message-ID: <5f30ef784146d_13fddc37b48c4225650@travis-pro-tasks-854d7dcf4b-rp89l.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36587
Status: Canceled

Duration: 7 hrs, 26 mins, and 54 secs
Commit: 04cb5ec (master)
Author: Shane Lontis
Message: Add 'on demand self test' and status test to providers

The default and legacy providers currently return 1 for status and self test checks.
Added test to show the 3 different stages the self test can be run (for installation, loading and on demand).

For the fips provider:
  - If the on demand self test fails, then any subsequent fetches should also fail. To implement this the
    cached algorithms are flushed on failure.
  - getting the self test callback in the fips provider is a bit complicated since the callback hangs off the core
    libctx (as it is set by the application) not the actual fips library context. Also the callback can be set at
    any time not just during the OSSL_provider_init() so it is calculated each time before doing any self test.

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11752)

View the changeset: https://github.com/openssl/openssl/compare/dda4e259e51a...04cb5ec0b748

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179020240?utm_medium=notification&utm_source=email

  Restart your build: https://travis-ci.com/github/openssl/openssl/builds/179020240?utm_medium=notification&utm_source=email

--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200810/468b8893/attachment-0001.html>

From openssl at openssl.org  Mon Aug 10 07:02:14 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 10 Aug 2020 07:02:14 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-des
Message-ID: <1597042934.135274.24368.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-des

Commit log since last time:

04cb5ec0b7 Add 'on demand self test' and status test to providers
dda4e259e5 Add some of the missing CMS API documentation
28ba642779 Change CMS tests to use a library context.
0ab18e7924 Add EVP signature with libctx methods.
11eef7e766 Use libctx for EVP_CIPHER_CTX_rand_key() method.
831564543a Add libctx to ecdh_KDF_X9_63.
57e8420609 Fix EVP_PKEY_CTX_get_rsa_oaep_md() & EVP_PKEY_CTX_get_rsa_mgf1_md() so they use a libctx to retrieve the digest
90a1f2d76f Add libctx support to PKCS7.
45b22d6a35 Add libctx to SMIME ASN1
dcc679cd99 Add internal method x509_set0_libctx().
c1669f41ea Add libctx support to CMS.
82a7b2fb00 rand: fix typo in parameter name
378b163e49 Update gost-engine to fix API rename
97a8878c5d Use .cnf for config files, not .conf
5ccada09aa Add evp_test fixes.
64827f407b drbgtest: avoid a memory leak
7d615e2178 rand_drbg: remove RAND_DRBG.
4df0d37ff6 PROV: Fix MSBLOB / PVK deserializer
90ef39f43a EVP: Fix the returned value for ASN1_PKEY_CTRL_DEFAULT_MD_NID
a7922e208d TEST: Adjust the serdes test to include MSBLOB and PVK
dca51418b0 PEM: Fix i2b_PvK to use EVP_Encrypt calls consistently
37d398c180 PROV: Add MSBLOB and PVK to DSA and RSA deserializers
fb89000897 DESERIALIZER: Adjust to allow the use several deserializers with same name
413835f5d1 PEM: Make general MSBLOB reader functions exposed internally
6ce6ad39fe RSA: Be less strict on PSS parameters when exporting to provider
5f6a0b2ff0 mac: add some consistency to setting the XXX_final output length.
992492f5e8 gettables: documentation changes to pass the provider context.
132b61604b gettables: test changes to pass the provider context.
af5e1e852d gettables: provider changes to pass the provider context.
18ec26babc gettables: core changes to pass the provider context.
c5ec6dcf0b Add new APIs to get PKCS12 secretBag OID and value
15c9aa3aef apps/pkcs12: Change defaults from RC2 to PBES2 with PBKDF2
1b2873e4a1 Prepare for 3.0 alpha 7
e3ec8020b4 Prepare for release of 3.0 alpha 6
0f84cbc3e2 Update copyright year

Build log ended with (last 100 lines):

C06062E66A7F0000:error::asn1 encoding routines:d2i_PrivateKey_ex:ASN1 lib:../openssl/crypto/asn1/d2i_pr.c:67:
C06062E66A7F0000:error::asn1 encoding routines:asn1_check_tlen:wrong tag:../openssl/crypto/asn1/tasn_dec.c:1135:
C06062E66A7F0000:error::asn1 encoding routines:asn1_d2i_ex_primitive:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:698:
C06062E66A7F0000:error::asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:630:Field=pkey, Type=PKCS8_PRIV_KEY_INFO
C06062E66A7F0000:error::asn1 encoding routines:asn1_check_tlen:wrong tag:../openssl/crypto/asn1/tasn_dec.c:1135:
C06062E66A7F0000:error::asn1 encoding routines:asn1_d2i_ex_primitive:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:698:
C06062E66A7F0000:error::asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:630:Field=pkey, Type=PKCS8_PRIV_KEY_INFO
OPENSSL_FUNC:../openssl/apps/cmp.c:3039:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2881:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -proxy option is empty string, resetting option
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 1
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
Could not open file or uri test.cert.pem for loading CMP client certificate (and optionally extra certs)
C0209F6A377F0000:error::system library:file_open_with_libctx:No such file or directory:../openssl/crypto/store/loader_file.c:928:calling stat(test.cert.pem)
Unable to load CMP client certificate (and optionally extra certs)
OPENSSL_FUNC:../openssl/apps/cmp.c:3039:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2881:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2119:CMP warning: -subject '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=leaf' given, which overrides the subject of 'test.cert.pem' in KUR
# OPENSSL_FUNC:../openssl/apps/cmp.c:826:CMP warning: can load only one certificate in DER format from test.cert.pem
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 1
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
Could not open file or uri test.cert.pem for loading CMP client certificate (and optionally extra certs)
C0F0090E507F0000:error::system library:file_open_with_libctx:No such file or directory:../openssl/crypto/store/loader_file.c:928:calling stat(test.cert.pem)
Unable to load CMP client certificate (and optionally extra certs)
OPENSSL_FUNC:../openssl/apps/cmp.c:3039:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2881:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -subject option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -secret option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:826:CMP warning: can load only one certificate in DER format from test.cert.pem
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 1
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
    # Looks like you failed 31 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-des/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
30-test_evp.t                    (Wstat: 768 Tests: 85 Failed: 3)
  Failed tests:  12, 37, 71
  Non-zero exit status: 3
30-test_evp_kdf.t                (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=208, Tests=3205, 855 wallclock secs (13.78 usr  1.36 sys + 784.72 cusr 58.65 csys = 858.51 CPU)
Result: FAIL
Makefile:3129: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-des'
Makefile:3127: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Mon Aug 10 07:26:13 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 10 Aug 2020 07:26:13 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dgram
Message-ID: <1597044373.615510.9228.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dgram

Commit log since last time:

04cb5ec0b7 Add 'on demand self test' and status test to providers
dda4e259e5 Add some of the missing CMS API documentation
28ba642779 Change CMS tests to use a library context.
0ab18e7924 Add EVP signature with libctx methods.
11eef7e766 Use libctx for EVP_CIPHER_CTX_rand_key() method.
831564543a Add libctx to ecdh_KDF_X9_63.
57e8420609 Fix EVP_PKEY_CTX_get_rsa_oaep_md() & EVP_PKEY_CTX_get_rsa_mgf1_md() so they use a libctx to retrieve the digest
90a1f2d76f Add libctx support to PKCS7.
45b22d6a35 Add libctx to SMIME ASN1
dcc679cd99 Add internal method x509_set0_libctx().
c1669f41ea Add libctx support to CMS.
82a7b2fb00 rand: fix typo in parameter name
378b163e49 Update gost-engine to fix API rename
97a8878c5d Use .cnf for config files, not .conf
5ccada09aa Add evp_test fixes.
64827f407b drbgtest: avoid a memory leak
7d615e2178 rand_drbg: remove RAND_DRBG.
4df0d37ff6 PROV: Fix MSBLOB / PVK deserializer
90ef39f43a EVP: Fix the returned value for ASN1_PKEY_CTRL_DEFAULT_MD_NID
a7922e208d TEST: Adjust the serdes test to include MSBLOB and PVK
dca51418b0 PEM: Fix i2b_PvK to use EVP_Encrypt calls consistently
37d398c180 PROV: Add MSBLOB and PVK to DSA and RSA deserializers
fb89000897 DESERIALIZER: Adjust to allow the use several deserializers with same name
413835f5d1 PEM: Make general MSBLOB reader functions exposed internally
6ce6ad39fe RSA: Be less strict on PSS parameters when exporting to provider
5f6a0b2ff0 mac: add some consistency to setting the XXX_final output length.
992492f5e8 gettables: documentation changes to pass the provider context.
132b61604b gettables: test changes to pass the provider context.
af5e1e852d gettables: provider changes to pass the provider context.
18ec26babc gettables: core changes to pass the provider context.
c5ec6dcf0b Add new APIs to get PKCS12 secretBag OID and value
15c9aa3aef apps/pkcs12: Change defaults from RC2 to PBES2 with PBKDF2
1b2873e4a1 Prepare for 3.0 alpha 7
e3ec8020b4 Prepare for release of 3.0 alpha 6
0f84cbc3e2 Update copyright year

Build log ended with (last 100 lines):


# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build
80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok

            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 7 - iteration 7
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 8 - iteration 8
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 10 - iteration 10
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 11 - iteration 11
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 12 - iteration 12
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips.cnf => 1
    not ok 9 - running ssl_test 04-client_auth.cnf
# ------------------------------------------------------------------------------
    #   Failed test 'running ssl_test 04-client_auth.cnf'
    #   at ../openssl/test/recipes/80-test_ssl_new.t line 173.
    # Looks like you failed 1 test of 9.
not ok 5 - Test configuration 04-client_auth.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  5
  Non-zero exit status: 1
Files=208, Tests=3304, 853 wallclock secs (13.02 usr  1.20 sys + 791.70 cusr 61.95 csys = 867.87 CPU)
Result: FAIL
Makefile:3179: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dgram'
Makefile:3177: recipe for target 'tests' failed
make: *** [tests] Error 2

From matt at openssl.org  Mon Aug 10 08:21:21 2020
From: matt at openssl.org (Matt Caswell)
Date: Mon, 10 Aug 2020 08:21:21 +0000
Subject: [openssl]  master update
Message-ID: <1597047681.811594.30439.nullmailer@dev.openssl.org>

The branch master has been updated
       via  23f04372f45f8c9e3865c3bcfee3f77a9cc10673 (commit)
      from  c23add3676634ced6662929d60f266a9f5062e7b (commit)


- Log -----------------------------------------------------------------
commit 23f04372f45f8c9e3865c3bcfee3f77a9cc10673
Author: C.W. Betts <computers57 at hotmail.com>
Date:   Wed Aug 5 02:08:07 2020 -0600

    Initial Apple Silicon support.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12591)

-----------------------------------------------------------------------

Summary of changes:
 Configurations/10-main.conf | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf
index fc9f3bbea6..d7580bf3e1 100644
--- a/Configurations/10-main.conf
+++ b/Configurations/10-main.conf
@@ -1615,6 +1615,16 @@ my %targets = (
         asm_arch         => 'x86_64',
         perlasm_scheme   => "macosx",
     },
+    "darwin64-arm64-cc" => { inherit_from => [ "darwin64-arm64" ] }, # "Historic" alias
+    "darwin64-arm64" => {
+        inherit_from     => [ "darwin-common" ],
+        CFLAGS           => add("-Wall"),
+        cflags           => add("-arch arm64"),
+        lib_cppflags     => add("-DL_ENDIAN"),
+        bn_ops           => "SIXTY_FOUR_BIT_LONG",
+        asm_arch         => 'aarch64_asm',
+        perlasm_scheme   => "ios64",
+    },
 
 ##### GNU Hurd
     "hurd-x86" => {

From builds at travis-ci.com  Mon Aug 10 08:27:31 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 10 Aug 2020 08:27:31 +0000
Subject: Failed: openssl/openssl#36597 (master - c23add3)
In-Reply-To: <openssl/openssl+179056896+failed@travis-ci.com>
Message-ID: <5f3104f0e6cc2_13fdc609b986826870@travis-pro-tasks-76b74cf944-fq6r6.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36597
Status: Failed

Duration: 27 mins and 7 secs
Commit: c23add3 (master)
Author: Shane Lontis
Message: Fix memory leak in drbgtest

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12613)

View the changeset: https://github.com/openssl/openssl/compare/04cb5ec0b748...c23add367663

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179056896?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200810/99e22eb3/attachment-0001.html>

From no-reply at appveyor.com  Mon Aug 10 08:31:25 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 10 Aug 2020 08:31:25 +0000
Subject: Build failed: openssl master.36062
Message-ID: <20200810083125.1.AF0D67EA4065F945@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200810/dd7dcd08/attachment.html>

From no-reply at appveyor.com  Mon Aug 10 09:50:49 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 10 Aug 2020 09:50:49 +0000
Subject: Build completed: openssl master.36063
Message-ID: <20200810095049.1.826C5DD70B433CA4@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200810/f153b2bd/attachment.html>

From openssl at openssl.org  Mon Aug 10 12:36:29 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 10 Aug 2020 12:36:29 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-err
Message-ID: <1597062989.574477.1736.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-err

Commit log since last time:

04cb5ec0b7 Add 'on demand self test' and status test to providers
dda4e259e5 Add some of the missing CMS API documentation
28ba642779 Change CMS tests to use a library context.
0ab18e7924 Add EVP signature with libctx methods.
11eef7e766 Use libctx for EVP_CIPHER_CTX_rand_key() method.
831564543a Add libctx to ecdh_KDF_X9_63.
57e8420609 Fix EVP_PKEY_CTX_get_rsa_oaep_md() & EVP_PKEY_CTX_get_rsa_mgf1_md() so they use a libctx to retrieve the digest
90a1f2d76f Add libctx support to PKCS7.
45b22d6a35 Add libctx to SMIME ASN1
dcc679cd99 Add internal method x509_set0_libctx().
c1669f41ea Add libctx support to CMS.
82a7b2fb00 rand: fix typo in parameter name
378b163e49 Update gost-engine to fix API rename
97a8878c5d Use .cnf for config files, not .conf
5ccada09aa Add evp_test fixes.
64827f407b drbgtest: avoid a memory leak
7d615e2178 rand_drbg: remove RAND_DRBG.
4df0d37ff6 PROV: Fix MSBLOB / PVK deserializer
90ef39f43a EVP: Fix the returned value for ASN1_PKEY_CTRL_DEFAULT_MD_NID
a7922e208d TEST: Adjust the serdes test to include MSBLOB and PVK
dca51418b0 PEM: Fix i2b_PvK to use EVP_Encrypt calls consistently
37d398c180 PROV: Add MSBLOB and PVK to DSA and RSA deserializers
fb89000897 DESERIALIZER: Adjust to allow the use several deserializers with same name
413835f5d1 PEM: Make general MSBLOB reader functions exposed internally
6ce6ad39fe RSA: Be less strict on PSS parameters when exporting to provider
5f6a0b2ff0 mac: add some consistency to setting the XXX_final output length.
992492f5e8 gettables: documentation changes to pass the provider context.
132b61604b gettables: test changes to pass the provider context.
af5e1e852d gettables: provider changes to pass the provider context.
18ec26babc gettables: core changes to pass the provider context.
c5ec6dcf0b Add new APIs to get PKCS12 secretBag OID and value
15c9aa3aef apps/pkcs12: Change defaults from RC2 to PBES2 with PBKDF2
1b2873e4a1 Prepare for 3.0 alpha 7
e3ec8020b4 Prepare for release of 3.0 alpha 6
0f84cbc3e2 Update copyright year

Build log ended with (last 100 lines):

65-test_cmp_status.t ............... ok
65-test_cmp_vfy.t .................. ok
70-test_asyncio.t .................. ok
70-test_bad_dtls.t ................. ok
70-test_clienthello.t .............. ok
70-test_comp.t ..................... ok
70-test_key_share.t ................ ok
70-test_packet.t ................... ok
70-test_recordlen.t ................ ok
70-test_renegotiation.t ............ ok
70-test_servername.t ............... ok
70-test_sslcbcpadding.t ............ ok
70-test_sslcertstatus.t ............ ok
70-test_sslextension.t ............. ok
70-test_sslmessages.t .............. ok
70-test_sslrecords.t ............... ok
70-test_sslsessiontick.t ........... ok
70-test_sslsigalgs.t ............... ok
70-test_sslsignature.t ............. ok
70-test_sslskewith0p.t ............. ok
70-test_sslversions.t .............. ok
70-test_sslvertol.t ................ ok
70-test_tls13alerts.t .............. ok
70-test_tls13cookie.t .............. ok
70-test_tls13downgrade.t ........... ok
70-test_tls13hrr.t ................. ok
70-test_tls13kexmodes.t ............ ok
70-test_tls13messages.t ............ ok
70-test_tls13psk.t ................. ok
70-test_tlsextms.t ................. ok
70-test_verify_extra.t ............. ok
70-test_wpacket.t .................. ok
71-test_ssl_ctx.t .................. ok
80-test_ca.t ....................... ok
80-test_cipherbytes.t .............. ok
80-test_cipherlist.t ............... ok
80-test_ciphername.t ............... ok

# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... ok
80-test_dtls_mtu.t ................. ok
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok
80-test_ssl_new.t .................. ok
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
04-test_err.t                    (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=208, Tests=3170, 868 wallclock secs (12.97 usr  1.28 sys + 804.76 cusr 60.34 csys = 879.35 CPU)
Result: FAIL
Makefile:3169: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-err'
Makefile:3167: recipe for target 'tests' failed
make: *** [tests] Error 2

From builds at travis-ci.com  Mon Aug 10 13:11:18 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 10 Aug 2020 13:11:18 +0000
Subject: Failed: openssl/openssl#36604 (master - 23f0437)
In-Reply-To: <openssl/openssl+179088737+failed@travis-ci.com>
Message-ID: <5f314775874eb_13fe03e9aa674212859@travis-pro-tasks-77bf4fb5d4-2qwxh.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36604
Status: Failed

Duration: 1 hr, 26 mins, and 27 secs
Commit: 23f0437 (master)
Author: C.W. Betts
Message: Initial Apple Silicon support.

Reviewed-by: Paul Dale <paul.dale at oracle.com>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12591)

View the changeset: https://github.com/openssl/openssl/compare/c23add367663...23f04372f45f

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179088737?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200810/52debbae/attachment-0001.html>

From matt at openssl.org  Mon Aug 10 14:04:07 2020
From: matt at openssl.org (Matt Caswell)
Date: Mon, 10 Aug 2020 14:04:07 +0000
Subject: [openssl]  master update
Message-ID: <1597068247.924084.30970.nullmailer@dev.openssl.org>

The branch master has been updated
       via  711ae5d359d9fa89a9aef90ac197ba26c8de3330 (commit)
       via  cd0a4998a006f00d1e5c271cfcd8e1fd1f0b3c41 (commit)
       via  9d1ae03caaa690d96652a73888f091892ce115a2 (commit)
       via  74fc579a128f79dd3105b27de50d9e889b5bc9f3 (commit)
       via  1704752be6fc48ff2272c816df2c675e79aef4c0 (commit)
       via  194de849ccb269272b71994edf988dc1cdbafc0d (commit)
       via  05d2f72e79cdb1736681726dcd9a325491acf002 (commit)
       via  ac2d58c72b4dc4a8c74eef893000306bf78a30fd (commit)
      from  23f04372f45f8c9e3865c3bcfee3f77a9cc10673 (commit)


- Log -----------------------------------------------------------------
commit 711ae5d359d9fa89a9aef90ac197ba26c8de3330
Author: Matt Caswell <matt at openssl.org>
Date:   Fri Aug 7 12:23:07 2020 +0100

    Remove a TODO from evp_test
    
    Now that the EVP_PKEY KDF bridge is based on provider code a TODO item
    can be removed from evp_test.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12573)

commit cd0a4998a006f00d1e5c271cfcd8e1fd1f0b3c41
Author: Matt Caswell <matt at openssl.org>
Date:   Fri Aug 7 12:22:29 2020 +0100

    Extend the EVP_PKEY KDF to KDF provider bridge to the FIPS provider
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12573)

commit 9d1ae03caaa690d96652a73888f091892ce115a2
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Aug 4 14:43:11 2020 +0100

    Minimise the size of the macros in kdf_exch.c
    
    Use proper functions with just a macro wrapper around them to minimise
    the amount of code inside the macros. We also update the "settable"
    functions now that they take a "provctx" parameter.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12573)

commit 74fc579a128f79dd3105b27de50d9e889b5bc9f3
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Aug 4 14:34:07 2020 +0100

    Update KDF documentation
    
    Following the previous commits where we moved the KDF bridge into
    provider side code, we need to update the documentation accordingly.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12573)

commit 1704752be6fc48ff2272c816df2c675e79aef4c0
Author: Matt Caswell <matt at openssl.org>
Date:   Fri Jul 31 16:43:04 2020 +0100

    Delete old KDF bridge EVP_PKEY_METHODS
    
    The KDF bridge is now done provider side so the old EVP_PKEY_METHODS for
    this are no longer required.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12573)

commit 194de849ccb269272b71994edf988dc1cdbafc0d
Author: Matt Caswell <matt at openssl.org>
Date:   Fri Jul 31 15:05:57 2020 +0100

    Extend the EVP_PKEY KDF to KDF provider bridge to also support Scrypt
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12573)

commit 05d2f72e79cdb1736681726dcd9a325491acf002
Author: Matt Caswell <matt at openssl.org>
Date:   Mon Jul 20 18:06:55 2020 +0100

    Extend the EVP_PKEY KDF to KDF provider bridge to also support HKDF
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12573)

commit ac2d58c72b4dc4a8c74eef893000306bf78a30fd
Author: Matt Caswell <matt at openssl.org>
Date:   Fri Jul 3 16:18:03 2020 +0100

    Implement a EVP_PKEY KDF to KDF provider bridge
    
    Some KDF implementations were available before the current EVP_KDF API.
    They were used via EVP_PKEY_derive. There exists a bridge between the old
    API and the EVP_KDF API however this bridge itself uses a legacy
    EVP_PKEY_METHOD. This commit implements a provider side bridge without
    having to use any legacy code.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12573)

-----------------------------------------------------------------------

Summary of changes:
 crypto/err/openssl.txt                             |   4 +
 crypto/evp/build.info                              |   2 +-
 crypto/evp/evp_err.c                               |   6 +
 crypto/evp/exchange.c                              |  26 +-
 crypto/evp/pkey_kdf.c                              | 413 ---------------------
 crypto/evp/pmeth_lib.c                             | 302 +++++++++++++--
 doc/man3/EVP_PKEY_CTX_set1_pbe_pass.pod            |   9 +-
 doc/man3/EVP_PKEY_CTX_set_hkdf_md.pod              |   7 +-
 doc/man3/EVP_PKEY_CTX_set_scrypt_N.pod             |   7 +-
 doc/man3/EVP_PKEY_CTX_set_tls1_prf_md.pod          |   7 +-
 include/crypto/evp.h                               |   3 -
 include/openssl/evperr.h                           |   4 +
 include/openssl/kdf.h                              |  64 ++--
 providers/defltprov.c                              |   6 +
 providers/fips/fipsprov.c                          |   4 +
 providers/implementations/exchange/build.info      |   3 +
 providers/implementations/exchange/kdf_exch.c      | 174 +++++++++
 .../implementations/include/prov/implementations.h |   4 +
 .../implementations/include/prov/kdfexchange.h     |  24 ++
 providers/implementations/kdfs/tls1_prf.c          |   3 -
 providers/implementations/keymgmt/build.info       |   3 +
 .../implementations/keymgmt/kdf_legacy_kmgmt.c     |  90 +++++
 test/evp_test.c                                    |  17 +-
 test/pkey_meth_kdf_test.c                          |  17 +-
 util/libcrypto.num                                 |  14 +
 25 files changed, 688 insertions(+), 525 deletions(-)
 delete mode 100644 crypto/evp/pkey_kdf.c
 create mode 100644 providers/implementations/exchange/kdf_exch.c
 create mode 100644 providers/implementations/include/prov/kdfexchange.h
 create mode 100644 providers/implementations/keymgmt/kdf_legacy_kmgmt.c

diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index af19ab26cd..cca13cc78f 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2554,10 +2554,14 @@ EVP_R_INVALID_FIPS_MODE:168:invalid fips mode
 EVP_R_INVALID_IV_LENGTH:194:invalid iv length
 EVP_R_INVALID_KEY:163:invalid key
 EVP_R_INVALID_KEY_LENGTH:130:invalid key length
+EVP_R_INVALID_LENGTH:221:invalid length
 EVP_R_INVALID_NULL_ALGORITHM:218:invalid null algorithm
 EVP_R_INVALID_OPERATION:148:invalid operation
 EVP_R_INVALID_PROVIDER_FUNCTIONS:193:invalid provider functions
 EVP_R_INVALID_SALT_LENGTH:186:invalid salt length
+EVP_R_INVALID_SECRET_LENGTH:223:invalid secret length
+EVP_R_INVALID_SEED_LENGTH:220:invalid seed length
+EVP_R_INVALID_VALUE:222:invalid value
 EVP_R_KEYGEN_FAILURE:120:keygen failure
 EVP_R_KEYMGMT_EXPORT_FAILURE:205:keymgmt export failure
 EVP_R_KEY_SETUP_FAILED:180:key setup failed
diff --git a/crypto/evp/build.info b/crypto/evp/build.info
index ccd8357453..81c660051b 100644
--- a/crypto/evp/build.info
+++ b/crypto/evp/build.info
@@ -13,7 +13,7 @@ SOURCE[../../libcrypto]=$COMMON\
         bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
         c_allc.c c_alld.c bio_ok.c \
         evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c pbe_scrypt.c \
-        pkey_kdf.c pmeth_fn.c\
+        pmeth_fn.c\
         e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_rc4_hmac_md5.c \
         e_chacha20_poly1305.c \
         pkey_mac.c \
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index d13cd05faa..09351f2434 100644
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -90,6 +90,7 @@ static const ERR_STRING_DATA EVP_str_reasons[] = {
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_IV_LENGTH), "invalid iv length"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_KEY), "invalid key"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_KEY_LENGTH), "invalid key length"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_LENGTH), "invalid length"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_NULL_ALGORITHM),
     "invalid null algorithm"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_OPERATION), "invalid operation"},
@@ -97,6 +98,11 @@ static const ERR_STRING_DATA EVP_str_reasons[] = {
     "invalid provider functions"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_SALT_LENGTH),
     "invalid salt length"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_SECRET_LENGTH),
+    "invalid secret length"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_SEED_LENGTH),
+    "invalid seed length"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_VALUE), "invalid value"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_KEYGEN_FAILURE), "keygen failure"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_KEYMGMT_EXPORT_FAILURE),
     "keymgmt export failure"},
diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c
index 28e1f88db9..a47a0f0367 100644
--- a/crypto/evp/exchange.c
+++ b/crypto/evp/exchange.c
@@ -202,11 +202,31 @@ int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
 
     /*
      * Ensure that the key is provided, either natively, or as a cached export.
-     *  If not, go legacy
+     * If not, goto legacy
      */
     tmp_keymgmt = ctx->keymgmt;
-    provkey = evp_pkey_export_to_provider(ctx->pkey, ctx->libctx,
-                                          &tmp_keymgmt, ctx->propquery);
+    if (ctx->pkey == NULL) {
+        /*
+         * Some algorithms (e.g. legacy KDFs) don't have a pkey - so we create
+         * a blank one.
+         */
+        EVP_PKEY *pkey = EVP_PKEY_new();
+
+        if (pkey == NULL || !EVP_PKEY_set_type_by_keymgmt(pkey, tmp_keymgmt)) {
+            ERR_clear_last_mark();
+            EVP_PKEY_free(pkey);
+            ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
+            goto err;
+        }
+        provkey = pkey->keydata = evp_keymgmt_newdata(tmp_keymgmt);
+        if (provkey == NULL)
+            EVP_PKEY_free(pkey);
+        else
+            ctx->pkey = pkey;
+    } else {
+        provkey = evp_pkey_export_to_provider(ctx->pkey, ctx->libctx,
+                                            &tmp_keymgmt, ctx->propquery);
+    }
     if (provkey == NULL)
         goto legacy;
     if (!EVP_KEYMGMT_up_ref(tmp_keymgmt)) {
diff --git a/crypto/evp/pkey_kdf.c b/crypto/evp/pkey_kdf.c
deleted file mode 100644
index a2d25a925f..0000000000
--- a/crypto/evp/pkey_kdf.c
+++ /dev/null
@@ -1,413 +0,0 @@
-/*
- * Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved.
- * Copyright (c) 2018, Oracle and/or its affiliates.  All rights reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <string.h>
-#include <openssl/evp.h>
-#include <openssl/err.h>
-#include <openssl/buffer.h>
-#include <openssl/kdf.h>
-#include <openssl/core.h>
-#include <openssl/core_names.h>
-#include <openssl/params.h>
-#include "internal/numbers.h"
-#include "crypto/evp.h"
-
-#define MAX_PARAM   20
-
-typedef struct {
-    EVP_KDF_CTX *kctx;
-    /*
-     * EVP_PKEY implementations collect bits of certain data
-     */
-    BUF_MEM *collected_seed;
-    BUF_MEM *collected_info;
-} EVP_PKEY_KDF_CTX;
-
-static void pkey_kdf_free_collected(EVP_PKEY_KDF_CTX *pkctx)
-{
-    BUF_MEM_free(pkctx->collected_seed);
-    pkctx->collected_seed = NULL;
-    BUF_MEM_free(pkctx->collected_info);
-    pkctx->collected_info = NULL;
-}
-
-static int pkey_kdf_init(EVP_PKEY_CTX *ctx)
-{
-    EVP_PKEY_KDF_CTX *pkctx;
-    EVP_KDF_CTX *kctx;
-    const char *kdf_name = OBJ_nid2sn(ctx->pmeth->pkey_id);
-    EVP_KDF *kdf;
-
-    pkctx = OPENSSL_zalloc(sizeof(*pkctx));
-    if (pkctx == NULL)
-        return 0;
-
-    kdf = EVP_KDF_fetch(ctx->libctx, kdf_name, ctx->propquery);
-    kctx = EVP_KDF_CTX_new(kdf);
-    EVP_KDF_free(kdf);
-    if (kctx == NULL) {
-        OPENSSL_free(pkctx);
-        return 0;
-    }
-
-    pkctx->kctx = kctx;
-    ctx->data = pkctx;
-    return 1;
-}
-
-static void pkey_kdf_cleanup(EVP_PKEY_CTX *ctx)
-{
-    EVP_PKEY_KDF_CTX *pkctx = ctx->data;
-
-    EVP_KDF_CTX_free(pkctx->kctx);
-    pkey_kdf_free_collected(pkctx);
-    OPENSSL_free(pkctx);
-}
-
-static int collect(BUF_MEM **collector, void *data, size_t datalen)
-{
-    size_t i;
-
-    if (*collector == NULL)
-        *collector = BUF_MEM_new();
-    if (*collector == NULL) {
-        ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-
-    if (data != NULL && datalen > 0) {
-        i = (*collector)->length; /* BUF_MEM_grow() changes it! */
-
-        if (!BUF_MEM_grow(*collector, i + datalen))
-            return 0;
-        memcpy((*collector)->data + i, data, datalen);
-    }
-    return 1;
-}
-
-static int pkey_kdf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
-{
-    EVP_PKEY_KDF_CTX *pkctx = ctx->data;
-    EVP_KDF_CTX *kctx = pkctx->kctx;
-    enum { T_OCTET_STRING, T_UINT64, T_DIGEST, T_INT } cmd;
-    const char *name, *mdname;
-    BUF_MEM **collector = NULL;
-    OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
-
-    switch (type) {
-    case EVP_PKEY_CTRL_PASS:
-        cmd = T_OCTET_STRING;
-        name = OSSL_KDF_PARAM_PASSWORD;
-        break;
-    case EVP_PKEY_CTRL_HKDF_SALT:
-    case EVP_PKEY_CTRL_SCRYPT_SALT:
-        cmd = T_OCTET_STRING;
-        name = OSSL_KDF_PARAM_SALT;
-        break;
-    case EVP_PKEY_CTRL_TLS_MD:
-    case EVP_PKEY_CTRL_HKDF_MD:
-        cmd = T_DIGEST;
-        name = OSSL_KDF_PARAM_DIGEST;
-        break;
-    case EVP_PKEY_CTRL_TLS_SECRET:
-        cmd = T_OCTET_STRING;
-        name = OSSL_KDF_PARAM_SECRET;
-        /*
-         * Perform the semantics described in
-         * EVP_PKEY_CTX_add1_tls1_prf_seed(3)
-         */
-        if (ctx->pmeth->pkey_id == NID_tls1_prf) {
-            BUF_MEM_free(pkctx->collected_seed);
-            pkctx->collected_seed = NULL;
-        }
-        break;
-    case EVP_PKEY_CTRL_TLS_SEED:
-        cmd = T_OCTET_STRING;
-        name = OSSL_KDF_PARAM_SEED;
-        collector = &pkctx->collected_seed;
-        break;
-    case EVP_PKEY_CTRL_HKDF_KEY:
-        cmd = T_OCTET_STRING;
-        name = OSSL_KDF_PARAM_KEY;
-        break;
-    case EVP_PKEY_CTRL_HKDF_INFO:
-        cmd = T_OCTET_STRING;
-        name = OSSL_KDF_PARAM_INFO;
-        collector = &pkctx->collected_info;
-        break;
-    case EVP_PKEY_CTRL_HKDF_MODE:
-        cmd = T_INT;
-        name = OSSL_KDF_PARAM_MODE;
-        break;
-    case EVP_PKEY_CTRL_SCRYPT_N:
-        cmd = T_UINT64;
-        name = OSSL_KDF_PARAM_SCRYPT_N;
-        break;
-    case EVP_PKEY_CTRL_SCRYPT_R:
-        cmd = T_UINT64; /* Range checking occurs on the provider side */
-        name = OSSL_KDF_PARAM_SCRYPT_R;
-        break;
-    case EVP_PKEY_CTRL_SCRYPT_P:
-        cmd = T_UINT64; /* Range checking occurs on the provider side */
-        name = OSSL_KDF_PARAM_SCRYPT_P;
-        break;
-    case EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES:
-        cmd = T_UINT64;
-        name = OSSL_KDF_PARAM_SCRYPT_MAXMEM;
-        break;
-    default:
-        return -2;
-    }
-
-    if (collector != NULL) {
-        switch (cmd) {
-        case T_OCTET_STRING:
-            return collect(collector, p2, p1);
-        default:
-            OPENSSL_assert("You shouldn't be here");
-            break;
-        }
-        return 1;
-    }
-
-    switch (cmd) {
-    case T_OCTET_STRING:
-        params[0] =
-            OSSL_PARAM_construct_octet_string(name, (unsigned char *)p2,
-                                              (size_t)p1);
-        break;
-
-    case T_DIGEST:
-        mdname = EVP_MD_name((const EVP_MD *)p2);
-        params[0] = OSSL_PARAM_construct_utf8_string(name, (char *)mdname, 0);
-        break;
-
-        /*
-         * These are special because the helper macros pass a pointer to the
-         * stack, so a local copy is required.
-         */
-    case T_INT:
-        params[0] = OSSL_PARAM_construct_int(name, &p1);
-        break;
-
-    case T_UINT64:
-        params[0] = OSSL_PARAM_construct_uint64(name, (uint64_t *)p2);
-        break;
-    }
-
-    return EVP_KDF_CTX_set_params(kctx, params);
-}
-
-static int pkey_kdf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
-                             const char *value)
-{
-    EVP_PKEY_KDF_CTX *pkctx = ctx->data;
-    EVP_KDF_CTX *kctx = pkctx->kctx;
-    const EVP_KDF *kdf = EVP_KDF_CTX_kdf(kctx);
-    BUF_MEM **collector = NULL;
-    const OSSL_PARAM *defs = EVP_KDF_settable_ctx_params(kdf);
-    OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
-    int ok = 0;
-
-    /* Deal with ctrl name aliasing */
-    if (strcmp(type, "md") == 0)
-        type = OSSL_KDF_PARAM_DIGEST;
-    /* scrypt uses 'N', params uses 'n' */
-    if (strcmp(type, "N") == 0)
-        type = OSSL_KDF_PARAM_SCRYPT_N;
-
-    if (!OSSL_PARAM_allocate_from_text(&params[0], defs, type,
-                                       value, strlen(value), NULL))
-        return 0;
-
-    /*
-     * We do the same special casing of seed and info here as in
-     * pkey_kdf_ctrl()
-     */
-    if (strcmp(params[0].key, OSSL_KDF_PARAM_SEED) == 0)
-        collector = &pkctx->collected_seed;
-    else if (strcmp(params[0].key, OSSL_KDF_PARAM_INFO) == 0)
-        collector = &pkctx->collected_info;
-
-    if (collector != NULL)
-        ok = collect(collector, params[0].data, params[0].data_size);
-    else
-        ok = EVP_KDF_CTX_set_params(kctx, params);
-    OPENSSL_free(params[0].data);
-    return ok;
-}
-
-static int pkey_kdf_derive_init(EVP_PKEY_CTX *ctx)
-{
-    EVP_PKEY_KDF_CTX *pkctx = ctx->data;
-
-    pkey_kdf_free_collected(pkctx);
-    if (pkctx->kctx != NULL)
-        EVP_KDF_reset(pkctx->kctx);
-    return 1;
-}
-
-/*
- * For fixed-output algorithms the keylen parameter is an "out" parameter
- * otherwise it is an "in" parameter.
- */
-static int pkey_kdf_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
-                           size_t *keylen)
-{
-    EVP_PKEY_KDF_CTX *pkctx = ctx->data;
-    EVP_KDF_CTX *kctx = pkctx->kctx;
-    size_t outlen = EVP_KDF_size(kctx);
-    int r;
-
-    if (pkctx->collected_seed != NULL) {
-        OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
-
-        params[0] =
-            OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SEED,
-                                              pkctx->collected_seed->data,
-                                              pkctx->collected_seed->length);
-
-        r = EVP_KDF_CTX_set_params(kctx, params);
-        pkey_kdf_free_collected(pkctx);
-        if (!r)
-            return 0;
-    }
-    if (pkctx->collected_info != NULL) {
-        OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
-
-        params[0] =
-            OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO,
-                                              pkctx->collected_info->data,
-                                              pkctx->collected_info->length);
-
-        r = EVP_KDF_CTX_set_params(kctx, params);
-        pkey_kdf_free_collected(pkctx);
-        if (!r)
-            return 0;
-    }
-    if (outlen == 0 || outlen == SIZE_MAX) {
-        /* Variable-output algorithm */
-        if (key == NULL)
-            return 0;
-    } else {
-        /* Fixed-output algorithm */
-        *keylen = outlen;
-        if (key == NULL)
-            return 1;
-    }
-    return EVP_KDF_derive(kctx, key, *keylen);
-}
-
-#ifndef OPENSSL_NO_SCRYPT
-static const EVP_PKEY_METHOD scrypt_pkey_meth = {
-    EVP_PKEY_SCRYPT,
-    0,
-    pkey_kdf_init,
-    0,
-    pkey_kdf_cleanup,
-
-    0, 0,
-    0, 0,
-
-    0,
-    0,
-
-    0,
-    0,
-
-    0, 0,
-
-    0, 0, 0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    pkey_kdf_derive_init,
-    pkey_kdf_derive,
-    pkey_kdf_ctrl,
-    pkey_kdf_ctrl_str
-};
-
-const EVP_PKEY_METHOD *scrypt_pkey_method(void)
-{
-    return &scrypt_pkey_meth;
-}
-#endif
-
-static const EVP_PKEY_METHOD tls1_prf_pkey_meth = {
-    EVP_PKEY_TLS1_PRF,
-    0,
-    pkey_kdf_init,
-    0,
-    pkey_kdf_cleanup,
-
-    0, 0,
-    0, 0,
-
-    0,
-    0,
-
-    0,
-    0,
-
-    0, 0,
-
-    0, 0, 0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    pkey_kdf_derive_init,
-    pkey_kdf_derive,
-    pkey_kdf_ctrl,
-    pkey_kdf_ctrl_str
-};
-
-const EVP_PKEY_METHOD *tls1_prf_pkey_method(void)
-{
-    return &tls1_prf_pkey_meth;
-}
-
-static const EVP_PKEY_METHOD hkdf_pkey_meth = {
-    EVP_PKEY_HKDF,
-    0,
-    pkey_kdf_init,
-    0,
-    pkey_kdf_cleanup,
-
-    0, 0,
-    0, 0,
-
-    0,
-    0,
-
-    0,
-    0,
-
-    0, 0,
-
-    0, 0, 0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    pkey_kdf_derive_init,
-    pkey_kdf_derive,
-    pkey_kdf_ctrl,
-    pkey_kdf_ctrl_str
-};
-
-const EVP_PKEY_METHOD *hkdf_pkey_method(void)
-{
-    return &hkdf_pkey_meth;
-}
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 17e73e05ba..6f2f52912b 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -21,6 +21,7 @@
 #include <openssl/core_names.h>
 #include <openssl/dh.h>
 #include <openssl/rsa.h>
+#include <openssl/kdf.h>
 #include "internal/cryptlib.h"
 #include "crypto/asn1.h"
 #include "crypto/evp.h"
@@ -61,15 +62,10 @@ static pmeth_fn standard_methods[] = {
 # ifndef OPENSSL_NO_DH
     dhx_pkey_method,
 # endif
-# ifndef OPENSSL_NO_SCRYPT
-    scrypt_pkey_method,
-# endif
-    tls1_prf_pkey_method,
 # ifndef OPENSSL_NO_EC
     ecx25519_pkey_method,
     ecx448_pkey_method,
 # endif
-    hkdf_pkey_method,
 # ifndef OPENSSL_NO_POLY1305
     poly1305_pkey_method,
 # endif
@@ -155,9 +151,6 @@ static int is_legacy_alg(int id, const char *keytype)
      */
     case EVP_PKEY_SM2:
     case EVP_PKEY_DHX:
-    case EVP_PKEY_SCRYPT:
-    case EVP_PKEY_TLS1_PRF:
-    case EVP_PKEY_HKDF:
     case EVP_PKEY_CMAC:
     case EVP_PKEY_HMAC:
     case EVP_PKEY_SIPHASH:
@@ -241,19 +234,25 @@ static EVP_PKEY_CTX *int_ctx_new(OPENSSL_CTX *libctx,
      * If an ENGINE handled this method look it up. Otherwise use internal
      * tables.
      */
-    if (e)
+    if (e != NULL) {
         pmeth = ENGINE_get_pkey_meth(e, id);
-    else
+        /*
+         * We are supposed to use an engine, so no point in looking for a
+         * provided implementation. If pmeth is NULL here we just fail.
+         */
+        if (pmeth == NULL) {
+            ENGINE_finish(e);
+            EVPerr(EVP_F_INT_CTX_NEW, EVP_R_UNSUPPORTED_ALGORITHM);
+            return NULL;
+        }
+    } else
 # endif
         pmeth = EVP_PKEY_meth_find(id);
+        /*
+         * if pmeth is NULL here we can keep trying to see if we have a provided
+         * implementation below.
+         */
 
-    if (pmeth == NULL) {
-# ifndef OPENSSL_NO_ENGINE
-        ENGINE_finish(e);
-# endif
-        EVPerr(EVP_F_INT_CTX_NEW, EVP_R_UNSUPPORTED_ALGORITHM);
-        return NULL;
-    }
     /* END legacy */
 #endif /* FIPS_MODULE */
  common:
@@ -759,7 +758,7 @@ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad)
 
 int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **md)
 {
-    OSSL_PARAM sig_md_params[3], *p = sig_md_params;
+    OSSL_PARAM sig_md_params[2], *p = sig_md_params;
     /* 80 should be big enough */
     char name[80] = "";
     const EVP_MD *tmp;
@@ -778,7 +777,7 @@ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **md)
     *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
                                             name,
                                             sizeof(name));
-    *p++ = OSSL_PARAM_construct_end();
+    *p = OSSL_PARAM_construct_end();
 
     if (!EVP_PKEY_CTX_get_params(ctx, sig_md_params))
         return 0;
@@ -792,21 +791,22 @@ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **md)
     return 1;
 }
 
-int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
+static int evp_pkey_ctx_set_md(EVP_PKEY_CTX *ctx, const EVP_MD *md,
+                               int fallback, const char *param, int op,
+                               int ctrl)
 {
-    OSSL_PARAM sig_md_params[2], *p = sig_md_params;
+    OSSL_PARAM md_params[2], *p = md_params;
     const char *name;
 
-    if (ctx == NULL || !EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)) {
+    if (ctx == NULL || (ctx->operation & op) == 0) {
         ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
         /* Uses the same return values as EVP_PKEY_CTX_ctrl */
         return -2;
     }
 
     /* TODO(3.0): Remove this eventually when no more legacy */
-    if (ctx->op.sig.sigprovctx == NULL)
-        return EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG,
-                                 EVP_PKEY_CTRL_MD, 0, (void *)(md));
+    if (fallback)
+        return EVP_PKEY_CTX_ctrl(ctx, -1, op, ctrl, 0, (void *)(md));
 
     if (md == NULL) {
         name = "";
@@ -814,15 +814,218 @@ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
         name = EVP_MD_name(md);
     }
 
-    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
+    *p++ = OSSL_PARAM_construct_utf8_string(param,
                                             /*
                                              * Cast away the const. This is read
                                              * only so should be safe
                                              */
                                             (char *)name, 0);
-    *p++ = OSSL_PARAM_construct_end();
+    *p = OSSL_PARAM_construct_end();
+
+    return EVP_PKEY_CTX_set_params(ctx, md_params);
+}
 
-    return EVP_PKEY_CTX_set_params(ctx, sig_md_params);
+int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
+{
+    return evp_pkey_ctx_set_md(ctx, md, ctx->op.sig.sigprovctx == NULL,
+                               OSSL_SIGNATURE_PARAM_DIGEST,
+                               EVP_PKEY_OP_TYPE_SIG, EVP_PKEY_CTRL_MD);
+}
+
+int EVP_PKEY_CTX_set_tls1_prf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
+{
+    return evp_pkey_ctx_set_md(ctx, md, ctx->op.kex.exchprovctx == NULL,
+                               OSSL_KDF_PARAM_DIGEST,
+                               EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_TLS_MD);
+}
+
+static int evp_pkey_ctx_set1_octet_string(EVP_PKEY_CTX *ctx, int fallback,
+                                          const char *param, int op, int ctrl,
+                                          const unsigned char *data,
+                                          int datalen)
+{
+    OSSL_PARAM octet_string_params[2], *p = octet_string_params;
+
+    if (ctx == NULL || !EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
+        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
+        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
+        return -2;
+    }
+
+    /* TODO(3.0): Remove this eventually when no more legacy */
+    if (fallback)
+        return EVP_PKEY_CTX_ctrl(ctx, -1, op, ctrl, datalen, (void *)(data));
+
+    if (datalen < 0) {
+        ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_LENGTH);
+        return 0;
+    }
+
+    *p++ = OSSL_PARAM_construct_octet_string(param,
+                                            /*
+                                             * Cast away the const. This is read
+                                             * only so should be safe
+                                             */
+                                            (unsigned char *)data,
+                                            (size_t)datalen);
+    *p = OSSL_PARAM_construct_end();
+
+    return EVP_PKEY_CTX_set_params(ctx, octet_string_params);
+}
+
+int EVP_PKEY_CTX_set1_tls1_prf_secret(EVP_PKEY_CTX *ctx,
+                                      const unsigned char *sec, int seclen)
+{
+    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.exchprovctx == NULL,
+                                          OSSL_KDF_PARAM_SECRET,
+                                          EVP_PKEY_OP_DERIVE,
+                                          EVP_PKEY_CTRL_TLS_SECRET,
+                                          sec, seclen);
+}
+
+int EVP_PKEY_CTX_add1_tls1_prf_seed(EVP_PKEY_CTX *ctx,
+                                    const unsigned char *seed, int seedlen)
+{
+    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.exchprovctx == NULL,
+                                          OSSL_KDF_PARAM_SEED,
+                                          EVP_PKEY_OP_DERIVE,
+                                          EVP_PKEY_CTRL_TLS_SEED,
+                                          seed, seedlen);
+}
+
+int EVP_PKEY_CTX_set_hkdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
+{
+    return evp_pkey_ctx_set_md(ctx, md, ctx->op.kex.exchprovctx == NULL,
+                               OSSL_KDF_PARAM_DIGEST,
+                               EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_HKDF_MD);
+}
+
+int EVP_PKEY_CTX_set1_hkdf_salt(EVP_PKEY_CTX *ctx,
+                                const unsigned char *salt, int saltlen)
+{
+    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.exchprovctx == NULL,
+                                          OSSL_KDF_PARAM_SALT,
+                                          EVP_PKEY_OP_DERIVE,
+                                          EVP_PKEY_CTRL_HKDF_SALT,
+                                          salt, saltlen);
+}
+
+int EVP_PKEY_CTX_set1_hkdf_key(EVP_PKEY_CTX *ctx,
+                                      const unsigned char *key, int keylen)
+{
+    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.exchprovctx == NULL,
+                                          OSSL_KDF_PARAM_KEY,
+                                          EVP_PKEY_OP_DERIVE,
+                                          EVP_PKEY_CTRL_HKDF_KEY,
+                                          key, keylen);
+}
+
+int EVP_PKEY_CTX_add1_hkdf_info(EVP_PKEY_CTX *ctx,
+                                      const unsigned char *info, int infolen)
+{
+    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.exchprovctx == NULL,
+                                          OSSL_KDF_PARAM_INFO,
+                                          EVP_PKEY_OP_DERIVE,
+                                          EVP_PKEY_CTRL_HKDF_INFO,
+                                          info, infolen);
+}
+
+int EVP_PKEY_CTX_hkdf_mode(EVP_PKEY_CTX *ctx, int mode)
+{
+    OSSL_PARAM int_params[2], *p = int_params;
+
+    if (ctx == NULL || !EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
+        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
+        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
+        return -2;
+    }
+
+    /* TODO(3.0): Remove this eventually when no more legacy */
+    if (ctx->op.kex.exchprovctx == NULL)
+        return EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_DERIVE,
+                                 EVP_PKEY_CTRL_HKDF_MODE, mode, NULL);
+
+
+    if (mode < 0) {
+        ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE);
+        return 0;
+    }
+
+    *p++ = OSSL_PARAM_construct_int(OSSL_KDF_PARAM_MODE, &mode);
+    *p = OSSL_PARAM_construct_end();
+
+    return EVP_PKEY_CTX_set_params(ctx, int_params);
+}
+
+int EVP_PKEY_CTX_set1_pbe_pass(EVP_PKEY_CTX *ctx, const char *pass,
+                               int passlen)
+{
+    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.exchprovctx == NULL,
+                                          OSSL_KDF_PARAM_PASSWORD,
+                                          EVP_PKEY_OP_DERIVE,
+                                          EVP_PKEY_CTRL_PASS,
+                                          (const unsigned char *)pass, passlen);
+}
+
+int EVP_PKEY_CTX_set1_scrypt_salt(EVP_PKEY_CTX *ctx,
+                                  const unsigned char *salt, int saltlen)
+{
+    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.exchprovctx == NULL,
+                                          OSSL_KDF_PARAM_SALT,
+                                          EVP_PKEY_OP_DERIVE,
+                                          EVP_PKEY_CTRL_SCRYPT_SALT,
+                                          salt, saltlen);
+}
+
+static int evp_pkey_ctx_set_uint64(EVP_PKEY_CTX *ctx, const char *param,
+                                   int op, int ctrl, uint64_t val)
+{
+    OSSL_PARAM uint64_params[2], *p = uint64_params;
+
+    if (ctx == NULL || !EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
+        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
+        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
+        return -2;
+    }
+
+    /* TODO(3.0): Remove this eventually when no more legacy */
+    if (ctx->op.kex.exchprovctx == NULL)
+        return EVP_PKEY_CTX_ctrl_uint64(ctx, -1, op, ctrl, val);
+
+    *p++ = OSSL_PARAM_construct_uint64(param, &val);
+    *p = OSSL_PARAM_construct_end();
+
+    return EVP_PKEY_CTX_set_params(ctx, uint64_params);
+}
+
+int EVP_PKEY_CTX_set_scrypt_N(EVP_PKEY_CTX *ctx, uint64_t n)
+{
+    return evp_pkey_ctx_set_uint64(ctx, OSSL_KDF_PARAM_SCRYPT_N,
+                                   EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_SCRYPT_N,
+                                   n);
+}
+
+int EVP_PKEY_CTX_set_scrypt_r(EVP_PKEY_CTX *ctx, uint64_t r)
+{
+    return evp_pkey_ctx_set_uint64(ctx, OSSL_KDF_PARAM_SCRYPT_R,
+                                   EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_SCRYPT_R,
+                                   r);
+}
+
+int EVP_PKEY_CTX_set_scrypt_p(EVP_PKEY_CTX *ctx, uint64_t p)
+{
+    return evp_pkey_ctx_set_uint64(ctx, OSSL_KDF_PARAM_SCRYPT_P,
+                                   EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_SCRYPT_P,
+                                   p);
+}
+
+int EVP_PKEY_CTX_set_scrypt_maxmem_bytes(EVP_PKEY_CTX *ctx,
+                                         uint64_t maxmem_bytes)
+{
+    return evp_pkey_ctx_set_uint64(ctx, OSSL_KDF_PARAM_SCRYPT_MAXMEM,
+                                   EVP_PKEY_OP_DERIVE,
+                                   EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES,
+                                   maxmem_bytes);
 }
 
 static int legacy_ctrl_to_param(EVP_PKEY_CTX *ctx, int keytype, int optype,
@@ -926,6 +1129,43 @@ static int legacy_ctrl_to_param(EVP_PKEY_CTX *ctx, int keytype, int optype,
      * or for generic controls that are the same across multiple key types.
      */
     if (keytype == -1) {
+        if (optype == EVP_PKEY_OP_DERIVE) {
+            switch (cmd) {
+            /* TLS1-PRF */
+            case EVP_PKEY_CTRL_TLS_MD:
+                return EVP_PKEY_CTX_set_tls1_prf_md(ctx, p2);
+            case EVP_PKEY_CTRL_TLS_SECRET:
+                return EVP_PKEY_CTX_set1_tls1_prf_secret(ctx, p2, p1);
+            case EVP_PKEY_CTRL_TLS_SEED:
+                return EVP_PKEY_CTX_add1_tls1_prf_seed(ctx, p2, p1);
+
+            /* HKDF */
+            case EVP_PKEY_CTRL_HKDF_MD:
+                return EVP_PKEY_CTX_set_hkdf_md(ctx, p2);
+            case EVP_PKEY_CTRL_HKDF_SALT :
+                return EVP_PKEY_CTX_set1_hkdf_salt(ctx, p2, p1);
+            case EVP_PKEY_CTRL_HKDF_KEY:
+                return EVP_PKEY_CTX_set1_hkdf_key(ctx, p2, p1);
+            case EVP_PKEY_CTRL_HKDF_INFO:
+                return EVP_PKEY_CTX_add1_hkdf_info(ctx, p2, p1);
+            case EVP_PKEY_CTRL_HKDF_MODE:
+                return EVP_PKEY_CTX_hkdf_mode(ctx, p1);
+
+            /* Scrypt */
+            case EVP_PKEY_CTRL_PASS:
+                return EVP_PKEY_CTX_set1_pbe_pass(ctx, p2, p1);
+            case EVP_PKEY_CTRL_SCRYPT_SALT:
+                return EVP_PKEY_CTX_set1_scrypt_salt(ctx, p2, p1);
+            case EVP_PKEY_CTRL_SCRYPT_N:
+                return EVP_PKEY_CTX_set_scrypt_N(ctx, p1);
+            case EVP_PKEY_CTRL_SCRYPT_R:
+                return EVP_PKEY_CTX_set_scrypt_r(ctx, p1);
+            case EVP_PKEY_CTRL_SCRYPT_P:
+                return EVP_PKEY_CTX_set_scrypt_p(ctx, p1);
+            case EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES:
+                return EVP_PKEY_CTX_set_scrypt_maxmem_bytes(ctx, p1);
+            }
+        }
         switch (cmd) {
         case EVP_PKEY_CTRL_MD:
             return EVP_PKEY_CTX_set_signature_md(ctx, p2);
@@ -1034,7 +1274,9 @@ static int legacy_ctrl_str_to_param(EVP_PKEY_CTX *ctx, const char *name,
     }
 # endif
 
-    if (strcmp(name, "rsa_padding_mode") == 0)
+    if (strcmp(name, "md") == 0)
+        name = OSSL_ALG_PARAM_DIGEST;
+    else if (strcmp(name, "rsa_padding_mode") == 0)
         name = OSSL_ASYM_CIPHER_PARAM_PAD_MODE;
     else if (strcmp(name, "rsa_mgf1_md") == 0)
         name = OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST;
@@ -1090,6 +1332,8 @@ static int legacy_ctrl_str_to_param(EVP_PKEY_CTX *ctx, const char *name,
     else if (strcmp(name, "ecdh_kdf_md") == 0)
         name = OSSL_EXCHANGE_PARAM_KDF_DIGEST;
 # endif
+    else if (strcmp(name, "N") == 0)
+        name = OSSL_KDF_PARAM_SCRYPT_N;
 
     {
         /*
diff --git a/doc/man3/EVP_PKEY_CTX_set1_pbe_pass.pod b/doc/man3/EVP_PKEY_CTX_set1_pbe_pass.pod
index 959a95f810..d0c521adbf 100644
--- a/doc/man3/EVP_PKEY_CTX_set1_pbe_pass.pod
+++ b/doc/man3/EVP_PKEY_CTX_set1_pbe_pass.pod
@@ -42,10 +42,6 @@ supported by the algorithms that use them.
 
 =end comment
 
-=head1 NOTES
-
-All these functions are implemented as macros.
-
 =head1 RETURN VALUES
 
 All these functions return 1 for success and 0 or a negative value for failure.
@@ -58,6 +54,11 @@ L<EVP_PKEY_CTX_new(3)>,
 L<EVP_PKEY_CTX_ctrl_str(3)>,
 L<EVP_PKEY_derive(3)>
 
+=head1 HISTORY
+
+EVP_PKEY_CTX_set1_pbe_pass() was converted from a macro to a function in
+OpenSSL 3.0.
+
 =head1 COPYRIGHT
 
 Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/doc/man3/EVP_PKEY_CTX_set_hkdf_md.pod b/doc/man3/EVP_PKEY_CTX_set_hkdf_md.pod
index 7fc833e056..6fcecbe4f2 100644
--- a/doc/man3/EVP_PKEY_CTX_set_hkdf_md.pod
+++ b/doc/man3/EVP_PKEY_CTX_set_hkdf_md.pod
@@ -95,8 +95,6 @@ string which is converted to binary.
 
 =head1 NOTES
 
-All these functions are implemented as macros.
-
 A context for HKDF can be obtained by calling:
 
  EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
@@ -154,6 +152,11 @@ L<EVP_PKEY_CTX_new(3)>,
 L<EVP_PKEY_CTX_ctrl_str(3)>,
 L<EVP_PKEY_derive(3)>
 
+=head1 HISTORY
+
+All of the functions described here were converted from macros to functions in
+OpenSSL 3.0.
+
 =head1 COPYRIGHT
 
 Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/doc/man3/EVP_PKEY_CTX_set_scrypt_N.pod b/doc/man3/EVP_PKEY_CTX_set_scrypt_N.pod
index 70d5eb6d0c..1057f41e6a 100644
--- a/doc/man3/EVP_PKEY_CTX_set_scrypt_N.pod
+++ b/doc/man3/EVP_PKEY_CTX_set_scrypt_N.pod
@@ -61,8 +61,6 @@ The scrypt KDF also uses EVP_PKEY_CTX_set1_pbe_pass() as well as
 the value from the string controls "pass" and "hexpass".
 See L<EVP_PKEY_CTX_set1_pbe_pass(3)>.
 
-All the functions described here are implemented as macros.
-
 =head1 RETURN VALUES
 
 All these functions return 1 for success and 0 or a negative value for
@@ -77,6 +75,11 @@ L<EVP_PKEY_CTX_new(3)>,
 L<EVP_PKEY_CTX_ctrl_str(3)>,
 L<EVP_PKEY_derive(3)>
 
+=head1 HISTORY
+
+All of the functions described here were converted from macros to functions in
+OpenSSL 3.0.
+
 =head1 COPYRIGHT
 
 Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/doc/man3/EVP_PKEY_CTX_set_tls1_prf_md.pod b/doc/man3/EVP_PKEY_CTX_set_tls1_prf_md.pod
index e0629accc7..4cc79886bc 100644
--- a/doc/man3/EVP_PKEY_CTX_set_tls1_prf_md.pod
+++ b/doc/man3/EVP_PKEY_CTX_set_tls1_prf_md.pod
@@ -46,8 +46,6 @@ which is converted to binary.
 
 =head1 NOTES
 
-All these functions are implemented as macros.
-
 A context for the TLS PRF can be obtained by calling:
 
  EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL);
@@ -97,6 +95,11 @@ L<EVP_PKEY_CTX_new(3)>,
 L<EVP_PKEY_CTX_ctrl_str(3)>,
 L<EVP_PKEY_derive(3)>
 
+=head1 HISTORY
+
+All of the functions described here were converted from macros to functions in
+OpenSSL 3.0.
+
 =head1 COPYRIGHT
 
 Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
index 07e9ef4bb3..9ded000c10 100644
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -144,9 +144,6 @@ const EVP_PKEY_METHOD *ed448_pkey_method(void);
 const EVP_PKEY_METHOD *hmac_pkey_method(void);
 const EVP_PKEY_METHOD *rsa_pkey_method(void);
 const EVP_PKEY_METHOD *rsa_pss_pkey_method(void);
-const EVP_PKEY_METHOD *scrypt_pkey_method(void);
-const EVP_PKEY_METHOD *tls1_prf_pkey_method(void);
-const EVP_PKEY_METHOD *hkdf_pkey_method(void);
 const EVP_PKEY_METHOD *poly1305_pkey_method(void);
 const EVP_PKEY_METHOD *siphash_pkey_method(void);
 
diff --git a/include/openssl/evperr.h b/include/openssl/evperr.h
index 5aa002815a..ef74c10243 100644
--- a/include/openssl/evperr.h
+++ b/include/openssl/evperr.h
@@ -206,10 +206,14 @@ int ERR_load_EVP_strings(void);
 # define EVP_R_INVALID_IV_LENGTH                          194
 # define EVP_R_INVALID_KEY                                163
 # define EVP_R_INVALID_KEY_LENGTH                         130
+# define EVP_R_INVALID_LENGTH                             221
 # define EVP_R_INVALID_NULL_ALGORITHM                     218
 # define EVP_R_INVALID_OPERATION                          148
 # define EVP_R_INVALID_PROVIDER_FUNCTIONS                 193
 # define EVP_R_INVALID_SALT_LENGTH                        186
+# define EVP_R_INVALID_SECRET_LENGTH                      223
+# define EVP_R_INVALID_SEED_LENGTH                        220
+# define EVP_R_INVALID_VALUE                              222
 # define EVP_R_KEYGEN_FAILURE                             120
 # define EVP_R_KEYMGMT_EXPORT_FAILURE                     205
 # define EVP_R_KEY_SETUP_FAILED                           180
diff --git a/include/openssl/kdf.h b/include/openssl/kdf.h
index b3dee525dc..b761113956 100644
--- a/include/openssl/kdf.h
+++ b/include/openssl/kdf.h
@@ -115,61 +115,41 @@ void EVP_KDF_names_do_all(const EVP_KDF *kdf,
 # define EVP_PKEY_HKDEF_MODE_EXPAND_ONLY        \
             EVP_KDF_HKDF_MODE_EXPAND_ONLY
 
-# define EVP_PKEY_CTX_set_tls1_prf_md(pctx, md) \
-            EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
-                              EVP_PKEY_CTRL_TLS_MD, 0, (void *)(md))
+int EVP_PKEY_CTX_set_tls1_prf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
 
-# define EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, sec, seclen) \
-            EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
-                              EVP_PKEY_CTRL_TLS_SECRET, seclen, (void *)(sec))
+int EVP_PKEY_CTX_set1_tls1_prf_secret(EVP_PKEY_CTX *pctx,
+                                      const unsigned char *sec, int seclen);
 
-# define EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, seed, seedlen) \
-            EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
-                              EVP_PKEY_CTRL_TLS_SEED, seedlen, (void *)(seed))
+int EVP_PKEY_CTX_add1_tls1_prf_seed(EVP_PKEY_CTX *pctx,
+                                    const unsigned char *seed, int seedlen);
 
-# define EVP_PKEY_CTX_set_hkdf_md(pctx, md) \
-            EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
-                              EVP_PKEY_CTRL_HKDF_MD, 0, (void *)(md))
+int EVP_PKEY_CTX_set_hkdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
 
-# define EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, saltlen) \
-            EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
-                              EVP_PKEY_CTRL_HKDF_SALT, saltlen, (void *)(salt))
+int EVP_PKEY_CTX_set1_hkdf_salt(EVP_PKEY_CTX *ctx,
+                                const unsigned char *salt, int saltlen);
 
-# define EVP_PKEY_CTX_set1_hkdf_key(pctx, key, keylen) \
-            EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
-                              EVP_PKEY_CTRL_HKDF_KEY, keylen, (void *)(key))
+int EVP_PKEY_CTX_set1_hkdf_key(EVP_PKEY_CTX *ctx,
+                               const unsigned char *key, int keylen);
 
-# define EVP_PKEY_CTX_add1_hkdf_info(pctx, info, infolen) \
-            EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
-                              EVP_PKEY_CTRL_HKDF_INFO, infolen, (void *)(info))
+int EVP_PKEY_CTX_add1_hkdf_info(EVP_PKEY_CTX *ctx,
+                                const unsigned char *info, int infolen);
 
-# define EVP_PKEY_CTX_hkdf_mode(pctx, mode) \
-            EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
-                              EVP_PKEY_CTRL_HKDF_MODE, mode, NULL)
+int EVP_PKEY_CTX_hkdf_mode(EVP_PKEY_CTX *ctx, int mode);
 
-# define EVP_PKEY_CTX_set1_pbe_pass(pctx, pass, passlen) \
-            EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
-                            EVP_PKEY_CTRL_PASS, passlen, (void *)(pass))
+int EVP_PKEY_CTX_set1_pbe_pass(EVP_PKEY_CTX *ctx, const char *pass,
+                               int passlen);
 
-# define EVP_PKEY_CTX_set1_scrypt_salt(pctx, salt, saltlen) \
-            EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
-                            EVP_PKEY_CTRL_SCRYPT_SALT, saltlen, (void *)(salt))
+int EVP_PKEY_CTX_set1_scrypt_salt(EVP_PKEY_CTX *ctx,
+                                  const unsigned char *salt, int saltlen);
 
-# define EVP_PKEY_CTX_set_scrypt_N(pctx, n) \
-            EVP_PKEY_CTX_ctrl_uint64(pctx, -1, EVP_PKEY_OP_DERIVE, \
-                            EVP_PKEY_CTRL_SCRYPT_N, n)
+int EVP_PKEY_CTX_set_scrypt_N(EVP_PKEY_CTX *ctx, uint64_t n);
 
-# define EVP_PKEY_CTX_set_scrypt_r(pctx, r) \
-            EVP_PKEY_CTX_ctrl_uint64(pctx, -1, EVP_PKEY_OP_DERIVE, \
-                            EVP_PKEY_CTRL_SCRYPT_R, r)
+int EVP_PKEY_CTX_set_scrypt_r(EVP_PKEY_CTX *ctx, uint64_t r);
 
-# define EVP_PKEY_CTX_set_scrypt_p(pctx, p) \
-            EVP_PKEY_CTX_ctrl_uint64(pctx, -1, EVP_PKEY_OP_DERIVE, \
-                            EVP_PKEY_CTRL_SCRYPT_P, p)
+int EVP_PKEY_CTX_set_scrypt_p(EVP_PKEY_CTX *ctx, uint64_t p);
 
-# define EVP_PKEY_CTX_set_scrypt_maxmem_bytes(pctx, maxmem_bytes) \
-            EVP_PKEY_CTX_ctrl_uint64(pctx, -1, EVP_PKEY_OP_DERIVE, \
-                            EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES, maxmem_bytes)
+int EVP_PKEY_CTX_set_scrypt_maxmem_bytes(EVP_PKEY_CTX *ctx,
+                                         uint64_t maxmem_bytes);
 
 
 # ifdef __cplusplus
diff --git a/providers/defltprov.c b/providers/defltprov.c
index 4ab39e6531..00d1800c24 100644
--- a/providers/defltprov.c
+++ b/providers/defltprov.c
@@ -339,6 +339,9 @@ static const OSSL_ALGORITHM deflt_keyexch[] = {
     { "X25519", "provider=default", x25519_keyexch_functions },
     { "X448", "provider=default", x448_keyexch_functions },
 #endif
+    { "TLS1-PRF", "provider=default", kdf_tls1_prf_keyexch_functions },
+    { "HKDF", "provider=default", kdf_hkdf_keyexch_functions },
+    { "SCRYPT:id-scrypt", "provider=default", kdf_scrypt_keyexch_functions },
     { NULL, NULL, NULL }
 };
 
@@ -384,6 +387,9 @@ static const OSSL_ALGORITHM deflt_keymgmt[] = {
     { "ED25519", "provider=default", ed25519_keymgmt_functions },
     { "ED448", "provider=default", ed448_keymgmt_functions },
 #endif
+    { "TLS1-PRF", "provider=default", kdf_keymgmt_functions },
+    { "HKDF", "provider=default", kdf_keymgmt_functions },
+    { "SCRYPT:id-scrypt", "provider=default", kdf_keymgmt_functions },
     { NULL, NULL, NULL }
 };
 
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index e39c306e48..4711a99b01 100644
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -421,6 +421,8 @@ static const OSSL_ALGORITHM fips_keyexch[] = {
     { "X25519", FIPS_DEFAULT_PROPERTIES, x25519_keyexch_functions },
     { "X448", FIPS_DEFAULT_PROPERTIES, x448_keyexch_functions },
 #endif
+    { "TLS1-PRF", FIPS_DEFAULT_PROPERTIES, kdf_tls1_prf_keyexch_functions },
+    { "HKDF", FIPS_DEFAULT_PROPERTIES, kdf_hkdf_keyexch_functions },
     { NULL, NULL, NULL }
 };
 
@@ -459,6 +461,8 @@ static const OSSL_ALGORITHM fips_keymgmt[] = {
     { "ED25519", FIPS_DEFAULT_PROPERTIES, ed25519_keymgmt_functions },
     { "ED448", FIPS_DEFAULT_PROPERTIES, ed448_keymgmt_functions },
 #endif
+    { "TLS1-PRF", FIPS_DEFAULT_PROPERTIES, kdf_keymgmt_functions },
+    { "HKDF", FIPS_DEFAULT_PROPERTIES, kdf_keymgmt_functions },
     { NULL, NULL, NULL }
 };
 
diff --git a/providers/implementations/exchange/build.info b/providers/implementations/exchange/build.info
index 3127f9a3e7..92932b9d28 100644
--- a/providers/implementations/exchange/build.info
+++ b/providers/implementations/exchange/build.info
@@ -4,6 +4,7 @@
 $DH_GOAL=../../libimplementations.a
 $ECX_GOAL=../../libimplementations.a
 $ECDH_GOAL=../../libimplementations.a
+$KDF_GOAL=../../libimplementations.a
 
 IF[{- !$disabled{dh} -}]
   SOURCE[$DH_GOAL]=dh_exch.c
@@ -25,3 +26,5 @@ IF[{- !$disabled{ec} -}]
   SOURCE[../../libfips.a]=ecdh_exch.c
   SOURCE[../../libnonfips.a]=ecdh_exch.c
 ENDIF
+
+SOURCE[$KDF_GOAL]=kdf_exch.c
diff --git a/providers/implementations/exchange/kdf_exch.c b/providers/implementations/exchange/kdf_exch.c
new file mode 100644
index 0000000000..80164e10c6
--- /dev/null
+++ b/providers/implementations/exchange/kdf_exch.c
@@ -0,0 +1,174 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/crypto.h>
+#include <openssl/kdf.h>
+#include <openssl/core_dispatch.h>
+#include <openssl/core_names.h>
+#include <openssl/params.h>
+#include "prov/implementations.h"
+#include "prov/provider_ctx.h"
+#include "prov/kdfexchange.h"
+
+static OSSL_FUNC_keyexch_newctx_fn kdf_tls1_prf_newctx;
+static OSSL_FUNC_keyexch_newctx_fn kdf_hkdf_newctx;
+static OSSL_FUNC_keyexch_newctx_fn kdf_scrypt_newctx;
+static OSSL_FUNC_keyexch_init_fn kdf_init;
+static OSSL_FUNC_keyexch_derive_fn kdf_derive;
+static OSSL_FUNC_keyexch_freectx_fn kdf_freectx;
+static OSSL_FUNC_keyexch_dupctx_fn kdf_dupctx;
+static OSSL_FUNC_keyexch_set_ctx_params_fn kdf_set_ctx_params;
+static OSSL_FUNC_keyexch_settable_ctx_params_fn kdf_tls1_prf_settable_ctx_params;
+static OSSL_FUNC_keyexch_settable_ctx_params_fn kdf_hkdf_settable_ctx_params;
+static OSSL_FUNC_keyexch_settable_ctx_params_fn kdf_scrypt_settable_ctx_params;
+
+typedef struct {
+    void *provctx;
+    EVP_KDF_CTX *kdfctx;
+    KDF_DATA *kdfdata;
+} PROV_KDF_CTX;
+
+static void *kdf_newctx(const char *kdfname, void *provctx)
+{
+    PROV_KDF_CTX *kdfctx = OPENSSL_zalloc(sizeof(PROV_KDF_CTX));
+    EVP_KDF *kdf = NULL;
+
+    if (kdfctx == NULL)
+        return NULL;
+
+    kdfctx->provctx = provctx;
+
+    kdf = EVP_KDF_fetch(PROV_LIBRARY_CONTEXT_OF(provctx), kdfname, NULL);
+    if (kdf == NULL)
+        goto err;
+    kdfctx->kdfctx = EVP_KDF_CTX_new(kdf);
+    EVP_KDF_free(kdf);
+
+    if (kdfctx->kdfctx == NULL)
+        goto err;
+
+    return kdfctx;
+err:
+    OPENSSL_free(kdfctx);
+    return NULL;
+}
+
+#define KDF_NEWCTX(funcname, kdfname) \
+    static void *kdf_##funcname##_newctx(void *provctx) \
+    { \
+        return kdf_newctx(kdfname, provctx); \
+    }
+
+KDF_NEWCTX(tls1_prf, "TLS1-PRF")
+KDF_NEWCTX(hkdf, "HKDF")
+KDF_NEWCTX(scrypt, "SCRYPT")
+
+static int kdf_init(void *vpkdfctx, void *vkdf)
+{
+    PROV_KDF_CTX *pkdfctx = (PROV_KDF_CTX *)vpkdfctx;
+
+    if (pkdfctx == NULL || vkdf == NULL || !kdf_data_up_ref(vkdf))
+        return 0;
+    pkdfctx->kdfdata = vkdf;
+
+    return 1;
+}
+
+static int kdf_derive(void *vpkdfctx, unsigned char *secret, size_t *secretlen,
+                      size_t outlen)
+{
+    PROV_KDF_CTX *pkdfctx = (PROV_KDF_CTX *)vpkdfctx;
+
+    return EVP_KDF_derive(pkdfctx->kdfctx, secret, *secretlen);
+}
+
+static void kdf_freectx(void *vpkdfctx)
+{
+    PROV_KDF_CTX *pkdfctx = (PROV_KDF_CTX *)vpkdfctx;
+
+    EVP_KDF_CTX_free(pkdfctx->kdfctx);
+    kdf_data_free(pkdfctx->kdfdata);
+
+    OPENSSL_free(pkdfctx);
+}
+
+static void *kdf_dupctx(void *vpkdfctx)
+{
+    PROV_KDF_CTX *srcctx = (PROV_KDF_CTX *)vpkdfctx;
+    PROV_KDF_CTX *dstctx;
+
+    dstctx = OPENSSL_zalloc(sizeof(*srcctx));
+    if (dstctx == NULL)
+        return NULL;
+
+    *dstctx = *srcctx;
+
+    dstctx->kdfctx = EVP_KDF_CTX_dup(srcctx->kdfctx);
+    if (dstctx->kdfctx == NULL) {
+        OPENSSL_free(dstctx);
+        return NULL;
+    }
+    if (!kdf_data_up_ref(dstctx->kdfdata)) {
+        EVP_KDF_CTX_free(dstctx->kdfctx);
+        OPENSSL_free(dstctx);
+        return NULL;
+    }
+
+    return dstctx;
+}
+
+static int kdf_set_ctx_params(void *vpkdfctx, const OSSL_PARAM params[])
+{
+    PROV_KDF_CTX *pkdfctx = (PROV_KDF_CTX *)vpkdfctx;
+
+    return EVP_KDF_CTX_set_params(pkdfctx->kdfctx, params);
+}
+
+static const OSSL_PARAM *kdf_settable_ctx_params(void *provctx,
+                                                 const char *kdfname)
+{
+    EVP_KDF *kdf = EVP_KDF_fetch(PROV_LIBRARY_CONTEXT_OF(provctx), kdfname,
+                                 NULL);
+    const OSSL_PARAM *params;
+
+    if (kdf == NULL)
+        return NULL;
+
+    params = EVP_KDF_settable_ctx_params(kdf);
+    EVP_KDF_free(kdf);
+
+    return params;
+}
+
+#define KDF_SETTABLE_CTX_PARAMS(funcname, kdfname) \
+    static const OSSL_PARAM *kdf_##funcname##_settable_ctx_params(void *provctx) \
+    { \
+        return kdf_settable_ctx_params(provctx, kdfname); \
+    }
+
+KDF_SETTABLE_CTX_PARAMS(tls1_prf, "TLS1-PRF")
+KDF_SETTABLE_CTX_PARAMS(hkdf, "HKDF")
+KDF_SETTABLE_CTX_PARAMS(scrypt, "SCRYPT")
+
+#define KDF_KEYEXCH_FUNCTIONS(funcname) \
+    const OSSL_DISPATCH kdf_##funcname##_keyexch_functions[] = { \
+        { OSSL_FUNC_KEYEXCH_NEWCTX, (void (*)(void))kdf_##funcname##_newctx }, \
+        { OSSL_FUNC_KEYEXCH_INIT, (void (*)(void))kdf_init }, \
+        { OSSL_FUNC_KEYEXCH_DERIVE, (void (*)(void))kdf_derive }, \
+        { OSSL_FUNC_KEYEXCH_FREECTX, (void (*)(void))kdf_freectx }, \
+        { OSSL_FUNC_KEYEXCH_DUPCTX, (void (*)(void))kdf_dupctx }, \
+        { OSSL_FUNC_KEYEXCH_SET_CTX_PARAMS, (void (*)(void))kdf_set_ctx_params }, \
+        { OSSL_FUNC_KEYEXCH_SETTABLE_CTX_PARAMS, \
+        (void (*)(void))kdf_##funcname##_settable_ctx_params }, \
+        { 0, NULL } \
+    };
+
+KDF_KEYEXCH_FUNCTIONS(tls1_prf)
+KDF_KEYEXCH_FUNCTIONS(hkdf)
+KDF_KEYEXCH_FUNCTIONS(scrypt)
diff --git a/providers/implementations/include/prov/implementations.h b/providers/implementations/include/prov/implementations.h
index 7e470044cd..9e3ef4d79c 100644
--- a/providers/implementations/include/prov/implementations.h
+++ b/providers/implementations/include/prov/implementations.h
@@ -275,12 +275,16 @@ extern const OSSL_DISPATCH x448_keymgmt_functions[];
 extern const OSSL_DISPATCH ed25519_keymgmt_functions[];
 extern const OSSL_DISPATCH ed448_keymgmt_functions[];
 extern const OSSL_DISPATCH ec_keymgmt_functions[];
+extern const OSSL_DISPATCH kdf_keymgmt_functions[];
 
 /* Key Exchange */
 extern const OSSL_DISPATCH dh_keyexch_functions[];
 extern const OSSL_DISPATCH x25519_keyexch_functions[];
 extern const OSSL_DISPATCH x448_keyexch_functions[];
 extern const OSSL_DISPATCH ecdh_keyexch_functions[];
+extern const OSSL_DISPATCH kdf_tls1_prf_keyexch_functions[];
+extern const OSSL_DISPATCH kdf_hkdf_keyexch_functions[];
+extern const OSSL_DISPATCH kdf_scrypt_keyexch_functions[];
 
 /* Signature */
 extern const OSSL_DISPATCH dsa_signature_functions[];
diff --git a/providers/implementations/include/prov/kdfexchange.h b/providers/implementations/include/prov/kdfexchange.h
new file mode 100644
index 0000000000..5c817bb929
--- /dev/null
+++ b/providers/implementations/include/prov/kdfexchange.h
@@ -0,0 +1,24 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stdlib.h>
+#include <openssl/crypto.h>
+#include "internal/refcount.h"
+
+struct kdf_data_st {
+    OPENSSL_CTX *libctx;
+    CRYPTO_REF_COUNT refcnt;
+    CRYPTO_RWLOCK *lock;
+};
+
+typedef struct kdf_data_st KDF_DATA;
+
+KDF_DATA *kdf_data_new(void *provctx);
+void kdf_data_free(KDF_DATA *kdfdata);
+int kdf_data_up_ref(KDF_DATA *kdfdata);
diff --git a/providers/implementations/kdfs/tls1_prf.c b/providers/implementations/kdfs/tls1_prf.c
index bc7d7fd721..46a1253ee8 100644
--- a/providers/implementations/kdfs/tls1_prf.c
+++ b/providers/implementations/kdfs/tls1_prf.c
@@ -183,9 +183,6 @@ static int kdf_tls1_prf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     }
     /* The seed fields concatenate, so process them all */
     if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SEED)) != NULL) {
-        OPENSSL_cleanse(ctx->seed, ctx->seedlen);
-        ctx->seedlen = 0;
-
         for (; p != NULL; p = OSSL_PARAM_locate_const(p + 1,
                                                       OSSL_KDF_PARAM_SEED)) {
             const void *q = ctx->seed + ctx->seedlen;
diff --git a/providers/implementations/keymgmt/build.info b/providers/implementations/keymgmt/build.info
index 73597c7cea..53c84ac3d4 100644
--- a/providers/implementations/keymgmt/build.info
+++ b/providers/implementations/keymgmt/build.info
@@ -5,6 +5,7 @@ $DH_GOAL=../../libimplementations.a
 $DSA_GOAL=../../libimplementations.a
 $EC_GOAL=../../libimplementations.a
 $ECX_GOAL=../../libimplementations.a
+$KDF_GOAL=../../libimplementations.a
 
 IF[{- !$disabled{dh} -}]
   SOURCE[$DH_GOAL]=dh_kmgmt.c
@@ -33,3 +34,5 @@ ENDIF
 
 SOURCE[../../libfips.a]=rsa_kmgmt.c
 SOURCE[../../libnonfips.a]=rsa_kmgmt.c
+
+SOURCE[$KDF_GOAL]=kdf_legacy_kmgmt.c
diff --git a/providers/implementations/keymgmt/kdf_legacy_kmgmt.c b/providers/implementations/keymgmt/kdf_legacy_kmgmt.c
new file mode 100644
index 0000000000..33cf87e350
--- /dev/null
+++ b/providers/implementations/keymgmt/kdf_legacy_kmgmt.c
@@ -0,0 +1,90 @@
+/*
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/*
+ * This implemments a dummy key manager for legacy KDFs that still support the
+ * old way of performing a KDF via EVP_PKEY_derive(). New KDFs should not be
+ * implemented this way. In reality there is no key data for such KDFs, so this
+ * key manager does very little.
+ */
+
+#include <openssl/core_dispatch.h>
+#include <openssl/core_names.h>
+#include <openssl/err.h>
+#include "prov/implementations.h"
+#include "prov/providercommon.h"
+#include "prov/provider_ctx.h"
+#include "prov/kdfexchange.h"
+
+static OSSL_FUNC_keymgmt_new_fn kdf_newdata;
+static OSSL_FUNC_keymgmt_free_fn kdf_freedata;
+static OSSL_FUNC_keymgmt_has_fn kdf_has;
+
+KDF_DATA *kdf_data_new(void *provctx)
+{
+    KDF_DATA *kdfdata = OPENSSL_zalloc(sizeof(*kdfdata));
+
+    if (kdfdata == NULL)
+        return NULL;
+
+    kdfdata->lock = CRYPTO_THREAD_lock_new();
+    if (kdfdata->lock == NULL) {
+        OPENSSL_free(kdfdata);
+        return NULL;
+    }
+    kdfdata->libctx = PROV_LIBRARY_CONTEXT_OF(provctx);
+    kdfdata->refcnt = 1;
+
+    return kdfdata;
+}
+
+void kdf_data_free(KDF_DATA *kdfdata)
+{
+    int ref = 0;
+
+    if (kdfdata == NULL)
+        return;
+
+    CRYPTO_DOWN_REF(&kdfdata->refcnt, &ref, kdfdata->lock);
+    if (ref > 0)
+        return;
+
+    CRYPTO_THREAD_lock_free(kdfdata->lock);
+    OPENSSL_free(kdfdata);
+}
+
+int kdf_data_up_ref(KDF_DATA *kdfdata)
+{
+    int ref = 0;
+
+    CRYPTO_UP_REF(&kdfdata->refcnt, &ref, kdfdata->lock);
+    return 1;
+}
+
+static void *kdf_newdata(void *provctx)
+{
+    return kdf_data_new(provctx);
+}
+
+static void kdf_freedata(void *kdfdata)
+{
+    kdf_data_free(kdfdata);
+}
+
+static int kdf_has(void *keydata, int selection)
+{
+    return 0;
+}
+
+const OSSL_DISPATCH kdf_keymgmt_functions[] = {
+    { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))kdf_newdata },
+    { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))kdf_freedata },
+    { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))kdf_has },
+    { 0, NULL }
+};
diff --git a/test/evp_test.c b/test/evp_test.c
index bff1ecb558..f384a8d863 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -2494,9 +2494,7 @@ typedef struct pkey_kdf_data_st {
  */
 static int pkey_kdf_test_init(EVP_TEST *t, const char *name)
 {
-    OPENSSL_CTX *save_libctx = NULL;
     PKEY_KDF_DATA *kdata = NULL;
-    int kdf_nid = OBJ_sn2nid(name);
 
     if (is_kdf_disabled(name)) {
         TEST_info("skipping, '%s' is disabled", name);
@@ -2504,28 +2502,17 @@ static int pkey_kdf_test_init(EVP_TEST *t, const char *name)
         return 1;
     }
 
-    if (kdf_nid == NID_undef)
-        kdf_nid = OBJ_ln2nid(name);
-
     if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata))))
         return 0;
-    /*
-     * TODO(3.0): This should be using EVP_PKEY_CTX_new_from_name(),
-     * but it does not currently since the PKEY_KDF is using legacy paths.
-     * Internally it still uses fetches with the legacy path,
-     * So for now we hack in the library context.
-     */
-    save_libctx = OPENSSL_CTX_set0_default(libctx);
-    kdata->ctx = EVP_PKEY_CTX_new_id(kdf_nid, NULL);
+
+    kdata->ctx = EVP_PKEY_CTX_new_from_name(libctx, name, NULL);
     if (kdata->ctx == NULL
         || EVP_PKEY_derive_init(kdata->ctx) <= 0)
         goto err;
 
-    OPENSSL_CTX_set0_default(save_libctx);
     t->data = kdata;
     return 1;
 err:
-    OPENSSL_CTX_set0_default(save_libctx);
     EVP_PKEY_CTX_free(kdata->ctx);
     OPENSSL_free(kdata);
     return 0;
diff --git a/test/pkey_meth_kdf_test.c b/test/pkey_meth_kdf_test.c
index cdc3d9f61a..1d3e9eca3c 100644
--- a/test/pkey_meth_kdf_test.c
+++ b/test/pkey_meth_kdf_test.c
@@ -35,11 +35,13 @@ static int test_kdf_tls1_prf(void)
         TEST_error("EVP_PKEY_CTX_set_tls1_prf_md");
         goto err;
     }
-    if (EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, "secret", 6) <= 0) {
+    if (EVP_PKEY_CTX_set1_tls1_prf_secret(pctx,
+                                          (unsigned char *)"secret", 6) <= 0) {
         TEST_error("EVP_PKEY_CTX_set1_tls1_prf_secret");
         goto err;
     }
-    if (EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, "seed", 4) <= 0) {
+    if (EVP_PKEY_CTX_add1_tls1_prf_seed(pctx,
+                                        (unsigned char *)"seed", 4) <= 0) {
         TEST_error("EVP_PKEY_CTX_add1_tls1_prf_seed");
         goto err;
     }
@@ -82,15 +84,18 @@ static int test_kdf_hkdf(void)
         TEST_error("EVP_PKEY_CTX_set_hkdf_md");
         goto err;
     }
-    if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, "salt", 4) <= 0) {
+    if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, (const unsigned char *)"salt", 4)
+            <= 0) {
         TEST_error("EVP_PKEY_CTX_set1_hkdf_salt");
         goto err;
     }
-    if (EVP_PKEY_CTX_set1_hkdf_key(pctx, "secret", 6) <= 0) {
+    if (EVP_PKEY_CTX_set1_hkdf_key(pctx, (const unsigned char *)"secret", 6)
+            <= 0) {
         TEST_error("EVP_PKEY_CTX_set1_hkdf_key");
         goto err;
     }
-    if (EVP_PKEY_CTX_add1_hkdf_info(pctx, "label", 5) <= 0) {
+    if (EVP_PKEY_CTX_add1_hkdf_info(pctx, (const unsigned char *)"label", 5)
+            <= 0) {
         TEST_error("EVP_PKEY_CTX_set1_hkdf_info");
         goto err;
     }
@@ -133,7 +138,7 @@ static int test_kdf_scrypt(void)
         TEST_error("EVP_PKEY_CTX_set1_pbe_pass");
         goto err;
     }
-    if (EVP_PKEY_CTX_set1_scrypt_salt(pctx, "NaCl", 4) <= 0) {
+    if (EVP_PKEY_CTX_set1_scrypt_salt(pctx, (unsigned char *)"NaCl", 4) <= 0) {
         TEST_error("EVP_PKEY_CTX_set1_scrypt_salt");
         goto err;
     }
diff --git a/util/libcrypto.num b/util/libcrypto.num
index fe875f188d..a3fd0ddc31 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5226,3 +5226,17 @@ PKCS7_sign_with_libctx                  ?	3_0_0	EXIST::FUNCTION:
 PKCS7_encrypt_with_libctx               ?	3_0_0	EXIST::FUNCTION:
 SMIME_read_PKCS7_ex                     ?	3_0_0	EXIST::FUNCTION:
 OSSL_PROVIDER_self_test                 ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_CTX_set_tls1_prf_md            ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_CTX_set1_tls1_prf_secret       ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_CTX_add1_tls1_prf_seed         ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_CTX_set_hkdf_md                ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_CTX_set1_hkdf_salt             ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_CTX_set1_hkdf_key              ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_CTX_add1_hkdf_info             ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_CTX_hkdf_mode                  ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_CTX_set1_pbe_pass              ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_CTX_set1_scrypt_salt           ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_CTX_set_scrypt_N               ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_CTX_set_scrypt_r               ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_CTX_set_scrypt_p               ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_CTX_set_scrypt_maxmem_bytes    ?	3_0_0	EXIST::FUNCTION:

From builds at travis-ci.com  Mon Aug 10 15:51:36 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 10 Aug 2020 15:51:36 +0000
Subject: Still Failing: openssl/openssl#36606 (master - 711ae5d)
In-Reply-To: <openssl/openssl+179128243+still failing@travis-ci.com>
Message-ID: <5f316d06ba6ea_13ff5ec2fabe4406382@travis-pro-tasks-77bf4fb5d4-l7fl7.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36606
Status: Still Failing

Duration: 1 hr, 31 mins, and 47 secs
Commit: 711ae5d (master)
Author: Matt Caswell
Message: Remove a TODO from evp_test

Now that the EVP_PKEY KDF bridge is based on provider code a TODO item
can be removed from evp_test.

Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12573)

View the changeset: https://github.com/openssl/openssl/compare/23f04372f45f...711ae5d359d9

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179128243?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200810/9b221147/attachment.html>

From no-reply at appveyor.com  Mon Aug 10 19:58:04 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 10 Aug 2020 19:58:04 +0000
Subject: Build failed: openssl master.36067
Message-ID: <20200810195804.1.E06C3C3746675694@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200810/32f04b7f/attachment.html>

From openssl at openssl.org  Mon Aug 10 20:32:11 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 10 Aug 2020 20:32:11 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-ui-console
Message-ID: <1597091531.359407.9556.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ui-console

Commit log since last time:

04cb5ec0b7 Add 'on demand self test' and status test to providers
dda4e259e5 Add some of the missing CMS API documentation
28ba642779 Change CMS tests to use a library context.
0ab18e7924 Add EVP signature with libctx methods.
11eef7e766 Use libctx for EVP_CIPHER_CTX_rand_key() method.
831564543a Add libctx to ecdh_KDF_X9_63.
57e8420609 Fix EVP_PKEY_CTX_get_rsa_oaep_md() & EVP_PKEY_CTX_get_rsa_mgf1_md() so they use a libctx to retrieve the digest
90a1f2d76f Add libctx support to PKCS7.
45b22d6a35 Add libctx to SMIME ASN1
dcc679cd99 Add internal method x509_set0_libctx().
c1669f41ea Add libctx support to CMS.
82a7b2fb00 rand: fix typo in parameter name
378b163e49 Update gost-engine to fix API rename
97a8878c5d Use .cnf for config files, not .conf
5ccada09aa Add evp_test fixes.
64827f407b drbgtest: avoid a memory leak
7d615e2178 rand_drbg: remove RAND_DRBG.
4df0d37ff6 PROV: Fix MSBLOB / PVK deserializer
90ef39f43a EVP: Fix the returned value for ASN1_PKEY_CTRL_DEFAULT_MD_NID
a7922e208d TEST: Adjust the serdes test to include MSBLOB and PVK
dca51418b0 PEM: Fix i2b_PvK to use EVP_Encrypt calls consistently
37d398c180 PROV: Add MSBLOB and PVK to DSA and RSA deserializers
fb89000897 DESERIALIZER: Adjust to allow the use several deserializers with same name
413835f5d1 PEM: Make general MSBLOB reader functions exposed internally
6ce6ad39fe RSA: Be less strict on PSS parameters when exporting to provider
5f6a0b2ff0 mac: add some consistency to setting the XXX_final output length.
992492f5e8 gettables: documentation changes to pass the provider context.
132b61604b gettables: test changes to pass the provider context.
af5e1e852d gettables: provider changes to pass the provider context.
18ec26babc gettables: core changes to pass the provider context.
c5ec6dcf0b Add new APIs to get PKCS12 secretBag OID and value
15c9aa3aef apps/pkcs12: Change defaults from RC2 to PBES2 with PBKDF2
1b2873e4a1 Prepare for 3.0 alpha 7
e3ec8020b4 Prepare for release of 3.0 alpha 6
0f84cbc3e2 Update copyright year

Build log ended with (last 100 lines):

    #   Failed test 'p10cr csr empty file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -csr wrong.csr.pem => 139
    not ok 78 - p10cr wrong csr
# ------------------------------------------------------------------------------
    #   Failed test 'p10cr wrong csr'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -revreason 5 => 139
    not ok 79 - ir + ignored revocation
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 139
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 139
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 139
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' => 139
    not ok 86 - kur newkey is directory
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139
    not ok 89 - kur oldcert is directory
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert is directory'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139
    not ok 90 - kur oldcert not existing
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert not existing'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139
    not ok 91 - kur empty oldcert file
# ------------------------------------------------------------------------------
    #   Failed test 'kur empty oldcert file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139
    not ok 92 - kur command without cert and oldcert
# ------------------------------------------------------------------------------
    #   Failed test 'kur command without cert and oldcert'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 65 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-ui-console/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=208, Tests=3307, 893 wallclock secs (13.02 usr  1.23 sys + 791.87 cusr 60.67 csys = 866.79 CPU)
Result: FAIL
Makefile:3183: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-ui-console'
Makefile:3181: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Mon Aug 10 20:46:11 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 10 Aug 2020 20:46:11 +0000
Subject: Build completed: openssl master.36068
Message-ID: <20200810204611.1.248F1B5AE1F62323@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200810/c3702575/attachment.html>

From pauli at openssl.org  Mon Aug 10 22:09:34 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Mon, 10 Aug 2020 22:09:34 +0000
Subject: [openssl]  master update
Message-ID: <1597097374.063892.28524.nullmailer@dev.openssl.org>

The branch master has been updated
       via  33b4f731451bcd7321ddae002c7945cd83d52f78 (commit)
      from  711ae5d359d9fa89a9aef90ac197ba26c8de3330 (commit)


- Log -----------------------------------------------------------------
commit 33b4f731451bcd7321ddae002c7945cd83d52f78
Author: Pauli <paul.dale at oracle.com>
Date:   Fri Aug 7 12:59:49 2020 +1000

    conf: add an error if the openssl_conf section isn't found.
    
    Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
    (Merged from https://github.com/openssl/openssl/pull/12602)

-----------------------------------------------------------------------

Summary of changes:
 crypto/conf/conf_err.c    | 4 +++-
 crypto/conf/conf_mod.c    | 7 ++++++-
 crypto/err/openssl.txt    | 2 ++
 include/openssl/conferr.h | 1 +
 4 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/crypto/conf/conf_err.c b/crypto/conf/conf_err.c
index daf2320a19..9c3c2d6878 100644
--- a/crypto/conf/conf_err.c
+++ b/crypto/conf/conf_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -36,6 +36,8 @@ static const ERR_STRING_DATA CONF_str_reasons[] = {
     {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_NO_SUCH_FILE), "no such file"},
     {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_NO_VALUE), "no value"},
     {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_NUMBER_TOO_LARGE), "number too large"},
+    {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_OPENSSL_CONF_REFERENCES_MISSING_SECTION),
+    "openssl conf references missing section"},
     {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_RECURSIVE_DIRECTORY_INCLUDE),
     "recursive directory include"},
     {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_SSL_COMMAND_SECTION_EMPTY),
diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c
index 64473417e9..aebf38292a 100644
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@@ -107,8 +107,13 @@ int CONF_modules_load(const CONF *cnf, const char *appname,
     OSSL_TRACE1(CONF, "Configuration in section %s\n", vsection);
     values = NCONF_get_section(cnf, vsection);
 
-    if (!values)
+    if (values == NULL) {
+        if (!(flags & CONF_MFLAGS_SILENT)) {
+            CONFerr(0, CONF_R_OPENSSL_CONF_REFERENCES_MISSING_SECTION);
+            ERR_add_error_data(2, "openssl_conf=", vsection);
+        }
         return 0;
+    }
 
     for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
         vl = sk_CONF_VALUE_value(values, i);
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index cca13cc78f..2fa2af529a 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2276,6 +2276,8 @@ CONF_R_NO_SECTION:107:no section
 CONF_R_NO_SUCH_FILE:114:no such file
 CONF_R_NO_VALUE:108:no value
 CONF_R_NUMBER_TOO_LARGE:121:number too large
+CONF_R_OPENSSL_CONF_REFERENCES_MISSING_SECTION:124:\
+	openssl conf references missing section
 CONF_R_RECURSIVE_DIRECTORY_INCLUDE:111:recursive directory include
 CONF_R_SSL_COMMAND_SECTION_EMPTY:117:ssl command section empty
 CONF_R_SSL_COMMAND_SECTION_NOT_FOUND:118:ssl command section not found
diff --git a/include/openssl/conferr.h b/include/openssl/conferr.h
index 1afa12bd56..80bf53f365 100644
--- a/include/openssl/conferr.h
+++ b/include/openssl/conferr.h
@@ -68,6 +68,7 @@ int ERR_load_CONF_strings(void);
 # define CONF_R_NO_SUCH_FILE                              114
 # define CONF_R_NO_VALUE                                  108
 # define CONF_R_NUMBER_TOO_LARGE                          121
+# define CONF_R_OPENSSL_CONF_REFERENCES_MISSING_SECTION   124
 # define CONF_R_RECURSIVE_DIRECTORY_INCLUDE               111
 # define CONF_R_SSL_COMMAND_SECTION_EMPTY                 117
 # define CONF_R_SSL_COMMAND_SECTION_NOT_FOUND             118

From openssl at openssl.org  Mon Aug 10 22:55:35 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 10 Aug 2020 22:55:35 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 enable-fuzz-afl no-shared no-module
Message-ID: <1597100135.622854.23751.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module

Commit log since last time:

04cb5ec0b7 Add 'on demand self test' and status test to providers
dda4e259e5 Add some of the missing CMS API documentation
28ba642779 Change CMS tests to use a library context.
0ab18e7924 Add EVP signature with libctx methods.
11eef7e766 Use libctx for EVP_CIPHER_CTX_rand_key() method.
831564543a Add libctx to ecdh_KDF_X9_63.
57e8420609 Fix EVP_PKEY_CTX_get_rsa_oaep_md() & EVP_PKEY_CTX_get_rsa_mgf1_md() so they use a libctx to retrieve the digest
90a1f2d76f Add libctx support to PKCS7.
45b22d6a35 Add libctx to SMIME ASN1
dcc679cd99 Add internal method x509_set0_libctx().
c1669f41ea Add libctx support to CMS.
82a7b2fb00 rand: fix typo in parameter name
378b163e49 Update gost-engine to fix API rename
97a8878c5d Use .cnf for config files, not .conf
5ccada09aa Add evp_test fixes.
64827f407b drbgtest: avoid a memory leak
7d615e2178 rand_drbg: remove RAND_DRBG.
4df0d37ff6 PROV: Fix MSBLOB / PVK deserializer
90ef39f43a EVP: Fix the returned value for ASN1_PKEY_CTRL_DEFAULT_MD_NID
a7922e208d TEST: Adjust the serdes test to include MSBLOB and PVK
dca51418b0 PEM: Fix i2b_PvK to use EVP_Encrypt calls consistently
37d398c180 PROV: Add MSBLOB and PVK to DSA and RSA deserializers
fb89000897 DESERIALIZER: Adjust to allow the use several deserializers with same name
413835f5d1 PEM: Make general MSBLOB reader functions exposed internally
6ce6ad39fe RSA: Be less strict on PSS parameters when exporting to provider
5f6a0b2ff0 mac: add some consistency to setting the XXX_final output length.
992492f5e8 gettables: documentation changes to pass the provider context.
132b61604b gettables: test changes to pass the provider context.
af5e1e852d gettables: provider changes to pass the provider context.
18ec26babc gettables: core changes to pass the provider context.
c5ec6dcf0b Add new APIs to get PKCS12 secretBag OID and value
15c9aa3aef apps/pkcs12: Change defaults from RC2 to PBES2 with PBKDF2
1b2873e4a1 Prepare for 3.0 alpha 7
e3ec8020b4 Prepare for release of 3.0 alpha 6
0f84cbc3e2 Update copyright year

Build log ended with (last 100 lines):

../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock credentials' -proxy '' -no_proxy 127.0.0.1 -cert "" -key "" -keypass "" -unprotected_requests => 0
    not ok 38 - unprotected request
# ------------------------------------------------------------------------------
    #   Failed test 'unprotected request'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 3 tests of 38.
not ok 5 - CMP app CLI Mock credentials
# ------------------------------------------------------------------------------
OPENSSL_FUNC:../openssl/apps/cmp.c:3105:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2881:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2218:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2262:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 43 - popo RAVERIFIED
# ------------------------------------------------------------------------------
OPENSSL_FUNC:../openssl/apps/cmp.c:3105:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2881:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2218:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2262:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 47 - popo NONE
# ------------------------------------------------------------------------------
    #   Failed test 'popo NONE'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
OPENSSL_FUNC:../openssl/apps/cmp.c:3105:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2881:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2487:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2218:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2262:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 2 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 48 - popo KEYENC not supported
# ------------------------------------------------------------------------------
    # Looks like you failed 3 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/enable-fuzz-afl/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 3 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 3 (wstat 768, 0x300)
Failed 3/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ skipped: Test only supported in a shared build
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 768 Tests: 7 Failed: 3)
  Failed tests:  4-5, 7
  Non-zero exit status: 3
Files=208, Tests=2994, 770 wallclock secs (10.16 usr  1.40 sys + 708.66 cusr 51.77 csys = 771.99 CPU)
Result: FAIL
Makefile:2396: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-fuzz-afl'
Makefile:2394: recipe for target 'tests' failed
make: *** [tests] Error 2

From builds at travis-ci.com  Tue Aug 11 00:04:06 2020
From: builds at travis-ci.com (Travis CI)
Date: Tue, 11 Aug 2020 00:04:06 +0000
Subject: Still Failing: openssl/openssl#36613 (master - 33b4f73)
In-Reply-To: <openssl/openssl+179190071+still failing@travis-ci.com>
Message-ID: <5f31e0761d12_13fe3101b86a8496737@travis-pro-tasks-5d8f9ccbff-wx8bj.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36613
Status: Still Failing

Duration: 59 mins and 7 secs
Commit: 33b4f73 (master)
Author: Pauli
Message: conf: add an error if the openssl_conf section isn't found.

Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12602)

View the changeset: https://github.com/openssl/openssl/compare/711ae5d359d9...33b4f731451b

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179190071?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200811/b7f82ee2/attachment-0001.html>

From no-reply at appveyor.com  Tue Aug 11 02:29:14 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Tue, 11 Aug 2020 02:29:14 +0000
Subject: Build failed: openssl master.36079
Message-ID: <20200811022914.1.0DB8E4542B650806@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200811/bb9febe8/attachment.html>

From openssl at openssl.org  Tue Aug 11 05:10:23 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 11 Aug 2020 05:10:23 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-posix-io
Message-ID: <1597122623.086021.11401.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-posix-io

Commit log since last time:

04cb5ec0b7 Add 'on demand self test' and status test to providers
dda4e259e5 Add some of the missing CMS API documentation
28ba642779 Change CMS tests to use a library context.
0ab18e7924 Add EVP signature with libctx methods.
11eef7e766 Use libctx for EVP_CIPHER_CTX_rand_key() method.
831564543a Add libctx to ecdh_KDF_X9_63.
57e8420609 Fix EVP_PKEY_CTX_get_rsa_oaep_md() & EVP_PKEY_CTX_get_rsa_mgf1_md() so they use a libctx to retrieve the digest
90a1f2d76f Add libctx support to PKCS7.
45b22d6a35 Add libctx to SMIME ASN1
dcc679cd99 Add internal method x509_set0_libctx().
c1669f41ea Add libctx support to CMS.
82a7b2fb00 rand: fix typo in parameter name
378b163e49 Update gost-engine to fix API rename
97a8878c5d Use .cnf for config files, not .conf
5ccada09aa Add evp_test fixes.
64827f407b drbgtest: avoid a memory leak
7d615e2178 rand_drbg: remove RAND_DRBG.
4df0d37ff6 PROV: Fix MSBLOB / PVK deserializer
90ef39f43a EVP: Fix the returned value for ASN1_PKEY_CTRL_DEFAULT_MD_NID
a7922e208d TEST: Adjust the serdes test to include MSBLOB and PVK
dca51418b0 PEM: Fix i2b_PvK to use EVP_Encrypt calls consistently
37d398c180 PROV: Add MSBLOB and PVK to DSA and RSA deserializers
fb89000897 DESERIALIZER: Adjust to allow the use several deserializers with same name
413835f5d1 PEM: Make general MSBLOB reader functions exposed internally
6ce6ad39fe RSA: Be less strict on PSS parameters when exporting to provider
5f6a0b2ff0 mac: add some consistency to setting the XXX_final output length.
992492f5e8 gettables: documentation changes to pass the provider context.
132b61604b gettables: test changes to pass the provider context.
af5e1e852d gettables: provider changes to pass the provider context.
18ec26babc gettables: core changes to pass the provider context.
c5ec6dcf0b Add new APIs to get PKCS12 secretBag OID and value
15c9aa3aef apps/pkcs12: Change defaults from RC2 to PBES2 with PBKDF2
1b2873e4a1 Prepare for 3.0 alpha 7
e3ec8020b4 Prepare for release of 3.0 alpha 6
0f84cbc3e2 Update copyright year

Build log ended with (last 100 lines):

rm -f doc/man/man1/CA.pl.1 doc/man/man1/openssl-asn1parse.1 doc/man/man1/openssl-ca.1 doc/man/man1/openssl-ciphers.1 doc/man/man1/openssl-cmds.1 doc/man/man1/openssl-cmp.1 doc/man/man1/openssl-cms.1 doc/man/man1/openssl-crl.1 doc/man/man1/openssl-crl2pkcs7.1 doc/man/man1/openssl-dgst.1 doc/man/man1/openssl-dhparam.1 doc/man/man1/openssl-dsa.1 doc/man/man1/openssl-dsaparam.1 doc/man/man1/openssl-ec.1 doc/man/man1/openssl-ecparam.1 doc/man/man1/openssl-enc.1 doc/man/man1/openssl-engine.1 doc/man/man1/openssl-errstr.1 doc/man/man1/openssl-fipsinstall.1 doc/man/man1/openssl-gendsa.1 doc/man/man1/openssl-genpkey.1 doc/man/man1/openssl-genrsa.1 doc/man/man1/openssl-info.1 doc/man/man1/openssl-kdf.1 doc/man/man1/openssl-list.1 doc/man/man1/openssl-mac.1 doc/man/man1/openssl-nseq.1 doc/man/man1/openssl-ocsp.1 doc/man/man1/openssl-passwd.1 doc/man/man1/openssl-pkcs12.1 doc/man/man1/openssl-pkcs7.1 doc/man/man1/openssl-pkcs8.1 doc/man/man1/openssl-pkey.1 doc/man/man1/openssl-pkeyparam.1 doc/man/man1/openssl-pkeyutl.1 doc/man/man1/openssl-prime.1 doc/man/man1/openssl-provider.1 doc/man/man1/openssl-rand.1 doc/man/man1/openssl-rehash.1 doc/man/man1/openssl-req.1 doc/man/man1/openssl-rsa.1 doc/man/man1/openssl-rsautl.1 doc/man/man1/openssl-s_client.1 doc/man/man1/openssl-s_server.1 doc/man/man1/openssl-s_time.1 doc/man/man1/openssl-sess_id.1 doc/man/man1/openssl-smime.1 doc/man/man1/openssl-speed.1 doc/man/man1/openssl-spkac.1 doc/man/man1/openssl-srp.1 doc/man/man1/openssl-storeutl.1 doc/man/man1/openssl-ts.1 doc/man/man1/openssl-verify.1 doc/man/man1/openssl-version.1 doc/man/man1/openssl-x509.1 doc/man/man1/openssl.1 doc/man/man1/tsget.1 doc/man/man3/ADMISSIONS.3 doc/man/man3/ASN1_INTEGER_get_int64.3 doc/man/man3/ASN1_INTEGER_new.3 doc/man/man3/ASN1_ITEM_lookup.3 doc/man/man3/ASN1_OBJECT_new.3 doc/man/man3/ASN1_STRING_TABLE_add.3 doc/man/man3/ASN1_STRING_length.3 doc/man/man3/ASN1_STRING_new.3 doc/man/man3/ASN1_STRING_print_ex.3 doc/man/man3/ASN1_TIME_set.3 doc/man/man3/ASN1_TYPE_get.3 doc/man/man3/ASN1_generate_nconf.3 doc/man/man3/ASYNC_WAIT_CTX_new.3 doc/man/man3/ASYNC_start_job.3 doc/man/man3/BF_encrypt.3 doc/man/man3/BIO_ADDR.3 doc/man/man3/BIO_ADDRINFO.3 doc/man/man3/BIO_connect.3 doc/man/man3/BIO_ctrl.3 doc/man/man3/BIO_f_base64.3 doc/man/man3/BIO_f_buffer.3 doc/man/man3/BIO_f_cipher.3 doc/man/man3/BIO_f_md.3 doc/man/man3/BIO_f_null.3 doc/man/man3/BIO_f_prefix.3 doc/man/man3/BIO_f_ssl.3 doc/man/man3/BIO_find_type.3 doc/man/man3/BIO_get_data.3 doc/man/man3/BIO_get_ex_new_index.3 doc/man/man3/BIO_meth_new.3 doc/man/man3/BIO_new.3 doc/man/man3/BIO_new_CMS.3 doc/man/man3/BIO_parse_hostserv.3 doc/man/man3/BIO_printf.3 doc/man/man3/BIO_push.3 doc/man/man3/BIO_read.3 doc/man/man3/BIO_s_accept.3 doc/man/man3/BIO_s_bio.3 doc/man/man3/BIO_s_connect.3 doc/man/man3/BIO_s_fd.3 doc/man/man3/BIO_s_file.3 doc/man/man3/BIO_s_mem.3 doc/man/man3/BIO_s_null.3 doc/man/man3/BIO_s_socket.3 doc/man/man3/BIO_set_callback.3 doc/man/man3/BIO_should_retry.3 doc/man/man3/BIO_socket_wait.3 doc/man/man3/BN_BLINDING_new.3 doc/man/man3/BN_CTX_new.3 doc/man/man3/BN_CTX_start.3 doc/man/man3/BN_add.3 doc/man/man3/BN_add_word.3 doc/man/man3/BN_bn2bin.3 doc/man/man3/BN_cmp.3 doc/man/man3/BN_copy.3 doc/man/man3/BN_generate_prime.3 doc/man/man3/BN_mod_inverse.3 doc/man/man3/BN_mod_mul_montgomery.3 doc/man/man3/BN_mod_mul_reciprocal.3 doc/man/man3/BN_new.3 doc/man/man3/BN_num_bytes.3 doc/man/man3/BN_rand.3 doc/man/man3/BN_security_bits.3 doc/man/man3/BN_set_bit.3 doc/man/man3/BN_swap.3 doc/man/man3/BN_zero.3 doc/man/man3/BUF_MEM_new.3 doc/man/man3/CMS_EncryptedData_decrypt.3 doc/man/man3/CMS_EncryptedData_encrypt.3 doc/man/man3/CMS_EnvelopedData_create.3 doc/man/man3/CMS_add0_cert.3 doc/man/man3/CMS_add1_recipient_cert.3 doc/man/man3/CMS_add1_signer.3 doc/man/man3/CMS_compress.3 doc/man/man3/CMS_data_create.3 doc/man/man3/CMS_decrypt.3 doc/man/man3/CMS_digest_create.3 doc/man/man3/CMS_encrypt.3 doc/man/man3/CMS_final.3 doc/man/man3/CMS_get0_RecipientInfos.3 doc/man/man3/CMS_get0_SignerInfos.3 doc/man/man3/CMS_get0_type.3 doc/man/man3/CMS_get1_ReceiptRequest.3 doc/man/man3/CMS_sign.3 doc/man/man3/CMS_sign_receipt.3 doc/man/man3/CMS_uncompress.3 doc/man/man3/CMS_verify.3 doc/man/man3/CMS_verify_receipt.3 doc/man/man3/CONF_modules_free.3 doc/man/man3/CONF_modules_load_file.3 doc/man/man3/CRYPTO_THREAD_run_once.3 doc/man/man3/CRYPTO_get_ex_new_index.3 doc/man/man3/CRYPTO_memcmp.3 doc/man/man3/CTLOG_STORE_get0_log_by_id.3 doc/man/man3/CTLOG_STORE_new.3 doc/man/man3/CTLOG_new.3 doc/man/man3/CT_POLICY_EVAL_CTX_new.3 doc/man/man3/DEFINE_STACK_OF.3 doc/man/man3/DES_random_key.3 doc/man/man3/DH_generate_key.3 doc/man/man3/DH_generate_parameters.3 doc/man/man3/DH_get0_pqg.3 doc/man/man3/DH_get_1024_160.3 doc/man/man3/DH_meth_new.3 doc/man/man3/DH_new.3 doc/man/man3/DH_new_by_nid.3 doc/man/man3/DH_set_method.3 doc/man/man3/DH_size.3 doc/man/man3/DSA_SIG_new.3 doc/man/man3/DSA_do_sign.3 doc/man/man3/DSA_dup_DH.3 doc/man/man3/DSA_generate_key.3 doc/man/man3/DSA_generate_parameters.3 doc/man/man3/DSA_get0_pqg.3 doc/man/man3/DSA_meth_new.3 doc/man/man3/DSA_new.3 doc/man/man3/DSA_set_method.3 doc/man/man3/DSA_sign.3 doc/man/man3/DSA_size.3 doc/man/man3/DTLS_get_data_mtu.3 doc/man/man3/DTLS_set_timer_cb.3 doc/man/man3/DTLSv1_listen.3 doc/man/man3/ECDSA_SIG_new.3 doc/man/man3/ECPKParameters_print.3 doc/man/man3/EC_GFp_simple_method.3 doc/man/man3/EC_GROUP_copy.3 doc/man/man3/EC_GROUP_new.3 doc/man/man3/EC_KEY_get_enc_flags.3 doc/man/man3/EC_KEY_new.3 doc/man/man3/EC_POINT_add.3 doc/man/man3/EC_POINT_new.3 doc/man/man3/ENGINE_add.3 doc/man/man3/ERR_GET_LIB.3 doc/man/man3/ERR_clear_error.3 doc/man/man3/ERR_error_string.3 doc/man/man3/ERR_get_error.3 doc/man/man3/ERR_load_crypto_strings.3 doc/man/man3/ERR_load_strings.3 doc/man/man3/ERR_new.3 doc/man/man3/ERR_print_errors.3 doc/man/man3/ERR_put_error.3 doc/man/man3/ERR_remove_state.3 doc/man/man3/ERR_set_mark.3 doc/man/man3/EVP_ASYM_CIPHER_free.3 doc/man/man3/EVP_BytesToKey.3 doc/man/man3/EVP_CIPHER_CTX_get_cipher_data.3 doc/man/man3/EVP_CIPHER_meth_new.3 doc/man/man3/EVP_DigestInit.3 doc/man/man3/EVP_DigestSignInit.3 doc/man/man3/EVP_DigestVerifyInit.3 doc/man/man3/EVP_EncodeInit.3 doc/man/man3/EVP_EncryptInit.3 doc/man/man3/EVP_KDF.3 doc/man/man3/EVP_KEYEXCH_free.3 doc/man/man3/EVP_KEYMGMT.3 doc/man/man3/EVP_MAC.3 doc/man/man3/EVP_MD_meth_new.3 doc/man/man3/EVP_OpenInit.3 doc/man/man3/EVP_PKEY_ASN1_METHOD.3 doc/man/man3/EVP_PKEY_CTX_ctrl.3 doc/man/man3/EVP_PKEY_CTX_new.3 doc/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3 doc/man/man3/EVP_PKEY_CTX_set_hkdf_md.3 doc/man/man3/EVP_PKEY_CTX_set_params.3 doc/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3 doc/man/man3/EVP_PKEY_CTX_set_scrypt_N.3 doc/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3 doc/man/man3/EVP_PKEY_asn1_get_count.3 doc/man/man3/EVP_PKEY_check.3 doc/man/man3/EVP_PKEY_copy_parameters.3 doc/man/man3/EVP_PKEY_decrypt.3 doc/man/man3/EVP_PKEY_derive.3 doc/man/man3/EVP_PKEY_encrypt.3 doc/man/man3/EVP_PKEY_fromdata.3 doc/man/man3/EVP_PKEY_gen.3 doc/man/man3/EVP_PKEY_get_default_digest_nid.3 doc/man/man3/EVP_PKEY_gettable_params.3 doc/man/man3/EVP_PKEY_is_a.3 doc/man/man3/EVP_PKEY_meth_get_count.3 doc/man/man3/EVP_PKEY_meth_new.3 doc/man/man3/EVP_PKEY_new.3 doc/man/man3/EVP_PKEY_print_private.3 doc/man/man3/EVP_PKEY_set1_RSA.3 doc/man/man3/EVP_PKEY_set_type.3 doc/man/man3/EVP_PKEY_sign.3 doc/man/man3/EVP_PKEY_size.3 doc/man/man3/EVP_PKEY_supports_digest_nid.3 doc/man/man3/EVP_PKEY_verify.3 doc/man/man3/EVP_PKEY_verify_recover.3 doc/man/man3/EVP_RAND.3 doc/man/man3/EVP_SIGNATURE_free.3 doc/man/man3/EVP_SealInit.3 doc/man/man3/EVP_SignInit.3 doc/man/man3/EVP_VerifyInit.3 doc/man/man3/EVP_aes_128_gcm.3 doc/man/man3/EVP_aria_128_gcm.3 doc/man/man3/EVP_bf_cbc.3 doc/man/man3/EVP_blake2b512.3 doc/man/man3/EVP_camellia_128_ecb.3 doc/man/man3/EVP_cast5_cbc.3 doc/man/man3/EVP_chacha20.3 doc/man/man3/EVP_des_cbc.3 doc/man/man3/EVP_desx_cbc.3 doc/man/man3/EVP_idea_cbc.3 doc/man/man3/EVP_md2.3 doc/man/man3/EVP_md4.3 doc/man/man3/EVP_md5.3 doc/man/man3/EVP_mdc2.3 doc/man/man3/EVP_rc2_cbc.3 doc/man/man3/EVP_rc4.3 doc/man/man3/EVP_rc5_32_12_16_cbc.3 doc/man/man3/EVP_ripemd160.3 doc/man/man3/EVP_seed_cbc.3 doc/man/man3/EVP_set_default_properties.3 doc/man/man3/EVP_sha1.3 doc/man/man3/EVP_sha224.3 doc/man/man3/EVP_sha3_224.3 doc/man/man3/EVP_sm3.3 doc/man/man3/EVP_sm4_cbc.3 doc/man/man3/EVP_whirlpool.3 doc/man/man3/HMAC.3 doc/man/man3/MD5.3 doc/man/man3/MDC2_Init.3 doc/man/man3/NCONF_new_with_libctx.3 doc/man/man3/OBJ_nid2obj.3 doc/man/man3/OCSP_REQUEST_new.3 doc/man/man3/OCSP_cert_to_id.3 doc/man/man3/OCSP_request_add1_nonce.3 doc/man/man3/OCSP_resp_find_status.3 doc/man/man3/OCSP_response_status.3 doc/man/man3/OCSP_sendreq_new.3 doc/man/man3/OPENSSL_Applink.3 doc/man/man3/OPENSSL_CTX.3 doc/man/man3/OPENSSL_FILE.3 doc/man/man3/OPENSSL_LH_COMPFUNC.3 doc/man/man3/OPENSSL_LH_stats.3 doc/man/man3/OPENSSL_config.3 doc/man/man3/OPENSSL_fork_prepare.3 doc/man/man3/OPENSSL_hexchar2int.3 doc/man/man3/OPENSSL_ia32cap.3 doc/man/man3/OPENSSL_init_crypto.3 doc/man/man3/OPENSSL_init_ssl.3 doc/man/man3/OPENSSL_instrument_bus.3 doc/man/man3/OPENSSL_load_builtin_modules.3 doc/man/man3/OPENSSL_malloc.3 doc/man/man3/OPENSSL_s390xcap.3 doc/man/man3/OPENSSL_secure_malloc.3 doc/man/man3/OSSL_CMP_CTX_new.3 doc/man/man3/OSSL_CMP_HDR_get0_transactionID.3 doc/man/man3/OSSL_CMP_ITAV_set0.3 doc/man/man3/OSSL_CMP_MSG_get0_header.3 doc/man/man3/OSSL_CMP_MSG_http_perform.3 doc/man/man3/OSSL_CMP_SRV_CTX_new.3 doc/man/man3/OSSL_CMP_STATUSINFO_new.3 doc/man/man3/OSSL_CMP_exec_certreq.3 doc/man/man3/OSSL_CMP_log_open.3 doc/man/man3/OSSL_CMP_validate_msg.3 doc/man/man3/OSSL_CRMF_MSG_get0_tmpl.3 doc/man/man3/OSSL_CRMF_MSG_set0_validity.3 doc/man/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.3 doc/man/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.3 doc/man/man3/OSSL_CRMF_pbmp_new.3 doc/man/man3/OSSL_DESERIALIZER.3 doc/man/man3/OSSL_DESERIALIZER_CTX.3 doc/man/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_DESERIALIZER_from_bio.3 doc/man/man3/OSSL_HTTP_transfer.3 doc/man/man3/OSSL_PARAM.3 doc/man/man3/OSSL_PARAM_BLD.3 doc/man/man3/OSSL_PARAM_allocate_from_text.3 doc/man/man3/OSSL_PARAM_int.3 doc/man/man3/OSSL_PROVIDER.3 doc/man/man3/OSSL_SELF_TEST_new.3 doc/man/man3/OSSL_SELF_TEST_set_callback.3 doc/man/man3/OSSL_SERIALIZER.3 doc/man/man3/OSSL_SERIALIZER_CTX.3 doc/man/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_SERIALIZER_to_bio.3 doc/man/man3/OSSL_STORE_INFO.3 doc/man/man3/OSSL_STORE_LOADER.3 doc/man/man3/OSSL_STORE_SEARCH.3 doc/man/man3/OSSL_STORE_attach.3 doc/man/man3/OSSL_STORE_expect.3 doc/man/man3/OSSL_STORE_open.3 doc/man/man3/OSSL_trace_enabled.3 doc/man/man3/OSSL_trace_get_category_num.3 doc/man/man3/OSSL_trace_set_channel.3 doc/man/man3/OpenSSL_add_all_algorithms.3 doc/man/man3/OpenSSL_version.3 doc/man/man3/PEM_X509_INFO_read_bio_with_libctx.3 doc/man/man3/PEM_bytes_read_bio.3 doc/man/man3/PEM_read.3 doc/man/man3/PEM_read_CMS.3 doc/man/man3/PEM_read_bio_PrivateKey.3 doc/man/man3/PEM_read_bio_ex.3 doc/man/man3/PEM_write_bio_CMS_stream.3 doc/man/man3/PEM_write_bio_PKCS7_stream.3 doc/man/man3/PKCS12_SAFEBAG_create_cert.3 doc/man/man3/PKCS12_SAFEBAG_get0_attrs.3 doc/man/man3/PKCS12_SAFEBAG_get1_cert.3 doc/man/man3/PKCS12_add1_attr_by_NID.3 doc/man/man3/PKCS12_add_CSPName_asc.3 doc/man/man3/PKCS12_add_cert.3 doc/man/man3/PKCS12_add_friendlyname_asc.3 doc/man/man3/PKCS12_add_localkeyid.3 doc/man/man3/PKCS12_add_safe.3 doc/man/man3/PKCS12_create.3 doc/man/man3/PKCS12_get_friendlyname.3 doc/man/man3/PKCS12_newpass.3 doc/man/man3/PKCS12_parse.3 doc/man/man3/PKCS5_PBKDF2_HMAC.3 doc/man/man3/PKCS7_decrypt.3 doc/man/man3/PKCS7_encrypt.3 doc/man/man3/PKCS7_sign.3 doc/man/man3/PKCS7_sign_add_signer.3 doc/man/man3/PKCS7_verify.3 doc/man/man3/PKCS8_pkey_add1_attr.3 doc/man/man3/RAND_add.3 doc/man/man3/RAND_bytes.3 doc/man/man3/RAND_cleanup.3 doc/man/man3/RAND_egd.3 doc/man/man3/RAND_get0_primary.3 doc/man/man3/RAND_load_file.3 doc/man/man3/RAND_set_rand_method.3 doc/man/man3/RC4_set_key.3 doc/man/man3/RIPEMD160_Init.3 doc/man/man3/RSA_blinding_on.3 doc/man/man3/RSA_check_key.3 doc/man/man3/RSA_generate_key.3 doc/man/man3/RSA_get0_key.3 doc/man/man3/RSA_meth_new.3 doc/man/man3/RSA_new.3 doc/man/man3/RSA_padding_add_PKCS1_type_1.3 doc/man/man3/RSA_print.3 doc/man/man3/RSA_private_encrypt.3 doc/man/man3/RSA_public_encrypt.3 doc/man/man3/RSA_set_method.3 doc/man/man3/RSA_sign.3 doc/man/man3/RSA_sign_ASN1_OCTET_STRING.3 doc/man/man3/RSA_size.3 doc/man/man3/SCT_new.3 doc/man/man3/SCT_print.3 doc/man/man3/SCT_validate.3 doc/man/man3/SHA256_Init.3 doc/man/man3/SMIME_read_ASN1.3 doc/man/man3/SMIME_read_CMS.3 doc/man/man3/SMIME_read_PKCS7.3 doc/man/man3/SMIME_write_ASN1.3 doc/man/man3/SMIME_write_CMS.3 doc/man/man3/SMIME_write_PKCS7.3 doc/man/man3/SRP_Calc_B.3 doc/man/man3/SRP_VBASE_new.3 doc/man/man3/SRP_create_verifier.3 doc/man/man3/SRP_user_pwd_new.3 doc/man/man3/SSL_CIPHER_get_name.3 doc/man/man3/SSL_COMP_add_compression_method.3 doc/man/man3/SSL_CONF_CTX_new.3 doc/man/man3/SSL_CONF_CTX_set1_prefix.3 doc/man/man3/SSL_CONF_CTX_set_flags.3 doc/man/man3/SSL_CONF_CTX_set_ssl_ctx.3 doc/man/man3/SSL_CONF_cmd.3 doc/man/man3/SSL_CONF_cmd_argv.3 doc/man/man3/SSL_CTX_add1_chain_cert.3 doc/man/man3/SSL_CTX_add_extra_chain_cert.3 doc/man/man3/SSL_CTX_add_session.3 doc/man/man3/SSL_CTX_config.3 doc/man/man3/SSL_CTX_ctrl.3 doc/man/man3/SSL_CTX_dane_enable.3 doc/man/man3/SSL_CTX_flush_sessions.3 doc/man/man3/SSL_CTX_free.3 doc/man/man3/SSL_CTX_get0_param.3 doc/man/man3/SSL_CTX_get_verify_mode.3 doc/man/man3/SSL_CTX_has_client_custom_ext.3 doc/man/man3/SSL_CTX_load_verify_locations.3 doc/man/man3/SSL_CTX_new.3 doc/man/man3/SSL_CTX_sess_number.3 doc/man/man3/SSL_CTX_sess_set_cache_size.3 doc/man/man3/SSL_CTX_sess_set_get_cb.3 doc/man/man3/SSL_CTX_sessions.3 doc/man/man3/SSL_CTX_set0_CA_list.3 doc/man/man3/SSL_CTX_set1_curves.3 doc/man/man3/SSL_CTX_set1_sigalgs.3 doc/man/man3/SSL_CTX_set1_verify_cert_store.3 doc/man/man3/SSL_CTX_set_alpn_select_cb.3 doc/man/man3/SSL_CTX_set_cert_cb.3 doc/man/man3/SSL_CTX_set_cert_store.3 doc/man/man3/SSL_CTX_set_cert_verify_callback.3 doc/man/man3/SSL_CTX_set_cipher_list.3 doc/man/man3/SSL_CTX_set_client_cert_cb.3 doc/man/man3/SSL_CTX_set_client_hello_cb.3 doc/man/man3/SSL_CTX_set_ct_validation_callback.3 doc/man/man3/SSL_CTX_set_ctlog_list_file.3 doc/man/man3/SSL_CTX_set_default_passwd_cb.3 doc/man/man3/SSL_CTX_set_generate_session_id.3 doc/man/man3/SSL_CTX_set_info_callback.3 doc/man/man3/SSL_CTX_set_keylog_callback.3 doc/man/man3/SSL_CTX_set_max_cert_list.3 doc/man/man3/SSL_CTX_set_min_proto_version.3 doc/man/man3/SSL_CTX_set_mode.3 doc/man/man3/SSL_CTX_set_msg_callback.3 doc/man/man3/SSL_CTX_set_num_tickets.3 doc/man/man3/SSL_CTX_set_options.3 doc/man/man3/SSL_CTX_set_psk_client_callback.3 doc/man/man3/SSL_CTX_set_quiet_shutdown.3 doc/man/man3/SSL_CTX_set_read_ahead.3 doc/man/man3/SSL_CTX_set_record_padding_callback.3 doc/man/man3/SSL_CTX_set_security_level.3 doc/man/man3/SSL_CTX_set_session_cache_mode.3 doc/man/man3/SSL_CTX_set_session_id_context.3 doc/man/man3/SSL_CTX_set_session_ticket_cb.3 doc/man/man3/SSL_CTX_set_split_send_fragment.3 doc/man/man3/SSL_CTX_set_srp_password.3 doc/man/man3/SSL_CTX_set_ssl_version.3 doc/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3 doc/man/man3/SSL_CTX_set_timeout.3 doc/man/man3/SSL_CTX_set_tlsext_servername_callback.3 doc/man/man3/SSL_CTX_set_tlsext_status_cb.3 doc/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3 doc/man/man3/SSL_CTX_set_tlsext_use_srtp.3 doc/man/man3/SSL_CTX_set_tmp_dh_callback.3 doc/man/man3/SSL_CTX_set_tmp_ecdh.3 doc/man/man3/SSL_CTX_set_verify.3 doc/man/man3/SSL_CTX_use_certificate.3 doc/man/man3/SSL_CTX_use_psk_identity_hint.3 doc/man/man3/SSL_CTX_use_serverinfo.3 doc/man/man3/SSL_SESSION_free.3 doc/man/man3/SSL_SESSION_get0_cipher.3 doc/man/man3/SSL_SESSION_get0_hostname.3 doc/man/man3/SSL_SESSION_get0_id_context.3 doc/man/man3/SSL_SESSION_get0_peer.3 doc/man/man3/SSL_SESSION_get_compress_id.3 doc/man/man3/SSL_SESSION_get_protocol_version.3 doc/man/man3/SSL_SESSION_get_time.3 doc/man/man3/SSL_SESSION_has_ticket.3 doc/man/man3/SSL_SESSION_is_resumable.3 doc/man/man3/SSL_SESSION_print.3 doc/man/man3/SSL_SESSION_set1_id.3 doc/man/man3/SSL_accept.3 doc/man/man3/SSL_alert_type_string.3 doc/man/man3/SSL_alloc_buffers.3 doc/man/man3/SSL_check_chain.3 doc/man/man3/SSL_clear.3 doc/man/man3/SSL_connect.3 doc/man/man3/SSL_do_handshake.3 doc/man/man3/SSL_export_keying_material.3 doc/man/man3/SSL_extension_supported.3 doc/man/man3/SSL_free.3 doc/man/man3/SSL_get0_peer_scts.3 doc/man/man3/SSL_get_SSL_CTX.3 doc/man/man3/SSL_get_all_async_fds.3 doc/man/man3/SSL_get_ciphers.3 doc/man/man3/SSL_get_client_random.3 doc/man/man3/SSL_get_current_cipher.3 doc/man/man3/SSL_get_default_timeout.3 doc/man/man3/SSL_get_error.3 doc/man/man3/SSL_get_extms_support.3 doc/man/man3/SSL_get_fd.3 doc/man/man3/SSL_get_peer_cert_chain.3 doc/man/man3/SSL_get_peer_certificate.3 doc/man/man3/SSL_get_peer_signature_nid.3 doc/man/man3/SSL_get_peer_tmp_key.3 doc/man/man3/SSL_get_psk_identity.3 doc/man/man3/SSL_get_rbio.3 doc/man/man3/SSL_get_session.3 doc/man/man3/SSL_get_shared_sigalgs.3 doc/man/man3/SSL_get_verify_result.3 doc/man/man3/SSL_get_version.3 doc/man/man3/SSL_in_init.3 doc/man/man3/SSL_key_update.3 doc/man/man3/SSL_library_init.3 doc/man/man3/SSL_load_client_CA_file.3 doc/man/man3/SSL_new.3 doc/man/man3/SSL_pending.3 doc/man/man3/SSL_read.3 doc/man/man3/SSL_read_early_data.3 doc/man/man3/SSL_rstate_string.3 doc/man/man3/SSL_session_reused.3 doc/man/man3/SSL_set1_host.3 doc/man/man3/SSL_set_async_callback.3 doc/man/man3/SSL_set_bio.3 doc/man/man3/SSL_set_connect_state.3 doc/man/man3/SSL_set_fd.3 doc/man/man3/SSL_set_session.3 doc/man/man3/SSL_set_shutdown.3 doc/man/man3/SSL_set_verify_result.3 doc/man/man3/SSL_shutdown.3 doc/man/man3/SSL_state_string.3 doc/man/man3/SSL_want.3 doc/man/man3/SSL_write.3 doc/man/man3/TS_VERIFY_CTX_set_certs.3 doc/man/man3/UI_STRING.3 doc/man/man3/UI_UTIL_read_pw.3 doc/man/man3/UI_create_method.3 doc/man/man3/UI_new.3 doc/man/man3/X509V3_get_d2i.3 doc/man/man3/X509_ALGOR_dup.3 doc/man/man3/X509_CRL_get0_by_serial.3 doc/man/man3/X509_EXTENSION_set_object.3 doc/man/man3/X509_LOOKUP.3 doc/man/man3/X509_LOOKUP_hash_dir.3 doc/man/man3/X509_LOOKUP_meth_new.3 doc/man/man3/X509_NAME_ENTRY_get_object.3 doc/man/man3/X509_NAME_add_entry_by_txt.3 doc/man/man3/X509_NAME_get0_der.3 doc/man/man3/X509_NAME_get_index_by_NID.3 doc/man/man3/X509_NAME_print_ex.3 doc/man/man3/X509_PUBKEY_new.3 doc/man/man3/X509_SIG_get0.3 doc/man/man3/X509_STORE_CTX_get_error.3 doc/man/man3/X509_STORE_CTX_new.3 doc/man/man3/X509_STORE_CTX_set_verify_cb.3 doc/man/man3/X509_STORE_add_cert.3 doc/man/man3/X509_STORE_get0_param.3 doc/man/man3/X509_STORE_new.3 doc/man/man3/X509_STORE_set_verify_cb_func.3 doc/man/man3/X509_VERIFY_PARAM_set_flags.3 doc/man/man3/X509_check_ca.3 doc/man/man3/X509_check_host.3 doc/man/man3/X509_check_issued.3 doc/man/man3/X509_check_private_key.3 doc/man/man3/X509_check_purpose.3 doc/man/man3/X509_cmp.3 doc/man/man3/X509_cmp_time.3 doc/man/man3/X509_digest.3 doc/man/man3/X509_dup.3 doc/man/man3/X509_get0_distinguishing_id.3 doc/man/man3/X509_get0_notBefore.3 doc/man/man3/X509_get0_signature.3 doc/man/man3/X509_get0_uids.3 doc/man/man3/X509_get_extension_flags.3 doc/man/man3/X509_get_pubkey.3 doc/man/man3/X509_get_serialNumber.3 doc/man/man3/X509_get_subject_name.3 doc/man/man3/X509_get_version.3 doc/man/man3/X509_load_http.3 doc/man/man3/X509_new.3 doc/man/man3/X509_sign.3 doc/man/man3/X509_verify.3 doc/man/man3/X509_verify_cert.3 doc/man/man3/X509v3_get_ext_by_NID.3 doc/man/man3/d2i_DHparams.3 doc/man/man3/d2i_PKCS8PrivateKey_bio.3 doc/man/man3/d2i_PrivateKey.3 doc/man/man3/d2i_SSL_SESSION.3 doc/man/man3/d2i_X509.3 doc/man/man3/i2d_CMS_bio_stream.3 doc/man/man3/i2d_PKCS7_bio_stream.3 doc/man/man3/i2d_re_X509_tbs.3 doc/man/man3/o2i_SCT_LIST.3 doc/man/man3/s2i_ASN1_IA5STRING.3 doc/man/man5/config.5 doc/man/man5/fips_config.5 doc/man/man5/x509v3_config.5 doc/man/man7/EVP_KDF-HKDF.7 doc/man/man7/EVP_KDF-KB.7 doc/man/man7/EVP_KDF-KRB5KDF.7 doc/man/man7/EVP_KDF-PBKDF2.7 doc/man/man7/EVP_KDF-SCRYPT.7 doc/man/man7/EVP_KDF-SS.7 doc/man/man7/EVP_KDF-SSHKDF.7 doc/man/man7/EVP_KDF-TLS1_PRF.7 doc/man/man7/EVP_KDF-X942.7 doc/man/man7/EVP_KDF-X963.7 doc/man/man7/EVP_KEYEXCH-DH.7 doc/man/man7/EVP_KEYEXCH-ECDH.7 doc/man/man7/EVP_KEYEXCH-X25519.7 doc/man/man7/EVP_MAC-BLAKE2.7 doc/man/man7/EVP_MAC-CMAC.7 doc/man/man7/EVP_MAC-GMAC.7 doc/man/man7/EVP_MAC-HMAC.7 doc/man/man7/EVP_MAC-KMAC.7 doc/man/man7/EVP_MAC-Poly1305.7 doc/man/man7/EVP_MAC-Siphash.7 doc/man/man7/EVP_MD-BLAKE2.7 doc/man/man7/EVP_MD-MD2.7 doc/man/man7/EVP_MD-MD4.7 doc/man/man7/EVP_MD-MD5-SHA1.7 doc/man/man7/EVP_MD-MD5.7 doc/man/man7/EVP_MD-MDC2.7 doc/man/man7/EVP_MD-RIPEMD160.7 doc/man/man7/EVP_MD-SHA1.7 doc/man/man7/EVP_MD-SHA2.7 doc/man/man7/EVP_MD-SHA3.7 doc/man/man7/EVP_MD-SHAKE.7 doc/man/man7/EVP_MD-SM3.7 doc/man/man7/EVP_MD-WHIRLPOOL.7 doc/man/man7/EVP_MD-common.7 doc/man/man7/EVP_PKEY-DH.7 doc/man/man7/EVP_PKEY-DSA.7 doc/man/man7/EVP_PKEY-EC.7 doc/man/man7/EVP_PKEY-FFC.7 doc/man/man7/EVP_PKEY-RSA.7 doc/man/man7/EVP_PKEY-X25519.7 doc/man/man7/EVP_RAND-CTR-DRBG.7 doc/man/man7/EVP_RAND-HASH-DRBG.7 doc/man/man7/EVP_RAND-HMAC-DRBG.7 doc/man/man7/EVP_RAND-TEST-RAND.7 doc/man/man7/EVP_RAND.7 doc/man/man7/EVP_SIGNATURE-DSA.7 doc/man/man7/EVP_SIGNATURE-ECDSA.7 doc/man/man7/EVP_SIGNATURE-ED25519.7 doc/man/man7/EVP_SIGNATURE-RSA.7 doc/man/man7/OSSL_PROVIDER-FIPS.7 doc/man/man7/OSSL_PROVIDER-base.7 doc/man/man7/OSSL_PROVIDER-default.7 doc/man/man7/OSSL_PROVIDER-legacy.7 doc/man/man7/OSSL_PROVIDER-null.7 doc/man/man7/RAND.7 doc/man/man7/RSA-PSS.7 doc/man/man7/SM2.7 doc/man/man7/X25519.7 doc/man/man7/bio.7 doc/man/man7/crypto.7 doc/man/man7/ct.7 doc/man/man7/des_modes.7 doc/man/man7/evp.7 doc/man/man7/openssl-core.h.7 doc/man/man7/openssl-core_dispatch.h.7 doc/man/man7/openssl-core_names.h.7 doc/man/man7/openssl-env.7 doc/man/man7/openssl_user_macros.7 doc/man/man7/ossl_store-file.7 doc/man/man7/ossl_store.7 doc/man/man7/passphrase-encoding.7 doc/man/man7/property.7 doc/man/man7/provider-asym_cipher.7 doc/man/man7/provider-base.7 doc/man/man7/provider-cipher.7 doc/man/man7/provider-digest.7 doc/man/man7/provider-keyexch.7 doc/man/man7/provider-keymgmt.7 doc/man/man7/provider-mac.7 doc/man/man7/provider-rand.7 doc/man/man7/provider-serializer.7 doc/man/man7/provider-signature.7 doc/man/man7/provider.7 doc/man/man7/proxy-certificates.7 doc/man/man7/ssl.7 doc/man/man7/x509.7
rm -f apps/openssl fuzz/asn1-test fuzz/asn1parse-test fuzz/bignum-test fuzz/bndiv-test fuzz/client-test fuzz/cmp-test fuzz/cms-test fuzz/conf-test fuzz/crl-test fuzz/ct-test fuzz/server-test fuzz/x509-test test/aborttest test/acvp_test test/aesgcmtest test/afalgtest test/asn1_decode_test test/asn1_dsa_internal_test test/asn1_encode_test test/asn1_internal_test test/asn1_string_table_test test/asn1_time_test test/asynciotest test/asynctest test/bad_dtls_test test/bftest test/bio_callback_test test/bio_enc_test test/bio_memleak_test test/bio_prefix_text test/bioprinttest test/bn_internal_test test/bntest test/buildtest_c_aes test/buildtest_c_asn1 test/buildtest_c_asn1t test/buildtest_c_async test/buildtest_c_bio test/buildtest_c_blowfish test/buildtest_c_bn test/buildtest_c_buffer test/buildtest_c_camellia test/buildtest_c_cast test/buildtest_c_cmac test/buildtest_c_cmp test/buildtest_c_cmp_util test/buildtest_c_cms test/buildtest_c_comp test/buildtest_c_conf test/buildtest_c_conf_api test/buildtest_c_core test/buildtest_c_core_dispatch test/buildtest_c_core_names test/buildtest_c_crmf test/buildtest_c_crypto test/buildtest_c_ct test/buildtest_c_des test/buildtest_c_deserializer test/buildtest_c_dh test/buildtest_c_dsa test/buildtest_c_dtls1 test/buildtest_c_e_os2 test/buildtest_c_ebcdic test/buildtest_c_ec test/buildtest_c_ecdh test/buildtest_c_ecdsa test/buildtest_c_engine test/buildtest_c_ess test/buildtest_c_evp test/buildtest_c_fips_names test/buildtest_c_hmac test/buildtest_c_http test/buildtest_c_idea test/buildtest_c_kdf test/buildtest_c_lhash test/buildtest_c_macros test/buildtest_c_md4 test/buildtest_c_md5 test/buildtest_c_mdc2 test/buildtest_c_modes test/buildtest_c_obj_mac test/buildtest_c_objects test/buildtest_c_ocsp test/buildtest_c_ossl_typ test/buildtest_c_param_build test/buildtest_c_params test/buildtest_c_pem test/buildtest_c_pem2 test/buildtest_c_pkcs12 test/buildtest_c_pkcs7 test/buildtest_c_provider test/buildtest_c_rand test/buildtest_c_rc2 test/buildtest_c_rc4 test/buildtest_c_ripemd test/buildtest_c_rsa test/buildtest_c_safestack test/buildtest_c_seed test/buildtest_c_self_test test/buildtest_c_serializer test/buildtest_c_sha test/buildtest_c_srp test/buildtest_c_srtp test/buildtest_c_ssl test/buildtest_c_ssl2 test/buildtest_c_stack test/buildtest_c_store test/buildtest_c_symhacks test/buildtest_c_tls1 test/buildtest_c_ts test/buildtest_c_txt_db test/buildtest_c_types test/buildtest_c_ui test/buildtest_c_whrlpool test/buildtest_c_x509 test/buildtest_c_x509_vfy test/buildtest_c_x509v3 test/casttest test/chacha_internal_test test/cipher_overhead_test test/cipherbytes_test test/cipherlist_test test/ciphername_test test/clienthellotest test/cmactest test/cmp_asn_test test/cmp_client_test test/cmp_ctx_test test/cmp_hdr_test test/cmp_msg_test test/cmp_protect_test test/cmp_server_test test/cmp_status_test test/cmp_vfy_test test/cmsapitest test/conf_include_test test/confdump test/constant_time_test test/context_internal_test test/crltest test/ct_test test/ctype_internal_test test/curve448_internal_test test/d2i_test test/danetest test/destest test/dhtest test/drbgtest test/dsa_no_digest_size_test test/dsatest test/dtls_mtu_test test/dtlstest test/dtlsv1listentest test/ec_internal_test test/ecdsatest test/ecstresstest test/ectest test/enginetest test/errtest test/evp_extra_test test/evp_extra_test2 test/evp_fetch_prov_test test/evp_kdf_test test/evp_libctx_test test/evp_pkey_dparams_test test/evp_pkey_provided_test test/evp_test test/exdatatest test/exptest test/fatalerrtest test/ffc_internal_test test/gmdifftest test/gosttest test/hexstr_test test/hmactest test/http_test test/ideatest test/igetest test/keymgmt_internal_test test/lhash_test test/mdc2_internal_test test/mdc2test test/memleaktest test/modes_internal_test test/namemap_internal_test test/ocspapitest test/packettest test/param_build_test test/params_api_test test/params_conversion_test test/params_test test/pbelutest test/pemtest test/pkcs12_format_test test/pkey_meth_kdf_test test/pkey_meth_test test/poly1305_internal_test test/property_test test/provider_fallback_test test/provider_internal_test test/provider_status_test test/provider_test test/rc2test test/rc4test test/rc5test test/rdrand_sanitytest test/recordlentest test/rsa_complex test/rsa_mp_test test/rsa_sp800_56b_test test/rsa_test test/sanitytest test/secmemtest test/serdes_test test/servername_test test/shlibloadtest test/siphash_internal_test test/sm2_internal_test test/sm4_internal_test test/sparse_array_test test/srptest test/ssl_cert_table_internal_test test/ssl_ctx_test test/ssl_test test/ssl_test_ctx_test test/sslapitest test/sslbuffertest test/sslcorrupttest test/ssltest_old test/stack_test test/sysdefaulttest test/test_test test/threadstest test/time_offset_test test/tls13ccstest test/tls13encryptiontest test/tls13secretstest test/uitest test/v3ext test/v3nametest test/verify_extra_test test/versions test/wpackettest test/x509_check_cert_pkey_test test/x509_dup_cert_test test/x509_internal_test test/x509_time_test test/x509aux  engines/afalg.so engines/capi.so engines/dasync.so engines/ossltest.so engines/padlock.so providers/fips.so providers/legacy.so test/p_test.so apps/CA.pl apps/tsget.pl tools/c_rehash util/shlib_wrap.sh
rm -f doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod include/crypto/bn_conf.h include/crypto/dso_conf.h include/openssl/configuration.h include/openssl/fipskey.h include/openssl/opensslv.h test/provider_internal_test.cnf apps/CA.pl apps/progs.c apps/progs.h apps/tsget.pl crypto/aes/aes-x86_64.s crypto/aes/aesni-mb-x86_64.s crypto/aes/aesni-sha1-x86_64.s crypto/aes/aesni-sha256-x86_64.s crypto/aes/aesni-x86_64.s crypto/aes/bsaes-x86_64.s crypto/aes/vpaes-x86_64.s crypto/bn/rsaz-avx2.s crypto/bn/rsaz-x86_64.s crypto/bn/x86_64-gf2m.s crypto/bn/x86_64-mont.s crypto/bn/x86_64-mont5.s crypto/buildinf.h crypto/camellia/cmll-x86_64.s crypto/chacha/chacha-x86_64.s crypto/ec/ecp_nistz256-x86_64.s crypto/ec/x25519-x86_64.s crypto/md5/md5-x86_64.s crypto/modes/aesni-gcm-x86_64.s crypto/modes/ghash-x86_64.s crypto/poly1305/poly1305-x86_64.s crypto/rc4/rc4-md5-x86_64.s crypto/rc4/rc4-x86_64.s crypto/sha/keccak1600-x86_64.s crypto/sha/sha1-mb-x86_64.s crypto/sha/sha1-x86_64.s crypto/sha/sha256-mb-x86_64.s crypto/sha/sha256-x86_64.s crypto/sha/sha512-x86_64.s crypto/whrlpool/wp-x86_64.s crypto/x86_64cpuid.s doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod engines/afalg.ld engines/capi.ld engines/dasync.ld engines/e_padlock-x86_64.s engines/ossltest.ld engines/padlock.ld libcrypto.ld libssl.ld providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_rsa_gen.c providers/common/der/der_wrap_gen.c providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_wrap.h providers/fips.ld providers/legacy.ld test/buildtest_aes.c test/buildtest_asn1.c test/buildtest_asn1t.c test/buildtest_async.c test/buildtest_bio.c test/buildtest_blowfish.c test/buildtest_bn.c test/buildtest_buffer.c test/buildtest_camellia.c test/buildtest_cast.c test/buildtest_cmac.c test/buildtest_cmp.c test/buildtest_cmp_util.c test/buildtest_cms.c test/buildtest_comp.c test/buildtest_conf.c test/buildtest_conf_api.c test/buildtest_core.c test/buildtest_core_dispatch.c test/buildtest_core_names.c test/buildtest_crmf.c test/buildtest_crypto.c test/buildtest_ct.c test/buildtest_des.c test/buildtest_deserializer.c test/buildtest_dh.c test/buildtest_dsa.c test/buildtest_dtls1.c test/buildtest_e_os2.c test/buildtest_ebcdic.c test/buildtest_ec.c test/buildtest_ecdh.c test/buildtest_ecdsa.c test/buildtest_engine.c test/buildtest_ess.c test/buildtest_evp.c test/buildtest_fips_names.c test/buildtest_hmac.c test/buildtest_http.c test/buildtest_idea.c test/buildtest_kdf.c test/buildtest_lhash.c test/buildtest_macros.c test/buildtest_md4.c test/buildtest_md5.c test/buildtest_mdc2.c test/buildtest_modes.c test/buildtest_obj_mac.c test/buildtest_objects.c test/buildtest_ocsp.c test/buildtest_ossl_typ.c test/buildtest_param_build.c test/buildtest_params.c test/buildtest_pem.c test/buildtest_pem2.c test/buildtest_pkcs12.c test/buildtest_pkcs7.c test/buildtest_provider.c test/buildtest_rand.c test/buildtest_rc2.c test/buildtest_rc4.c test/buildtest_ripemd.c test/buildtest_rsa.c test/buildtest_safestack.c test/buildtest_seed.c test/buildtest_self_test.c test/buildtest_serializer.c test/buildtest_sha.c test/buildtest_srp.c test/buildtest_srtp.c test/buildtest_ssl.c test/buildtest_ssl2.c test/buildtest_stack.c test/buildtest_store.c test/buildtest_symhacks.c test/buildtest_tls1.c test/buildtest_ts.c test/buildtest_txt_db.c test/buildtest_types.c test/buildtest_ui.c test/buildtest_whrlpool.c test/buildtest_x509.c test/buildtest_x509_vfy.c test/buildtest_x509v3.c test/p_test.ld tools/c_rehash util/shlib_wrap.sh
rm -f `find . -name '*.d' \! -name '.*' \! -type d -print`
rm -f `find . -name '*.o' \! -name '.*' \! -type d -print`
rm -f core
rm -f tags TAGS doc-nits cmd-nits md-nits
rm -f -r test/test-runs
rm -f openssl.pc libcrypto.pc libssl.pc
rm -f `find . -type l \! -name '.*' -print`
rm -f ../openssl-3.0.0-alpha7-dev.tar
$ make depend
$ LDCMD= make -j4
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-asn1parse.pod.in > doc/man1/openssl-asn1parse.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ca.pod.in > doc/man1/openssl-ca.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ciphers.pod.in > doc/man1/openssl-ciphers.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmds.pod.in > doc/man1/openssl-cmds.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmp.pod.in > doc/man1/openssl-cmp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cms.pod.in > doc/man1/openssl-cms.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl.pod.in > doc/man1/openssl-crl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-provider.pod.in > doc/man1/openssl-provider.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf
make depend && make _build_sw
make[1]: Entering directory '/home/openssl/run-checker/no-posix-io'
make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io'
make[1]: Entering directory '/home/openssl/run-checker/no-posix-io'
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c
../openssl/apps/lib/http_server.c:27:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations]
int multi = 0; /* run multiple responder processes */
    ^
1 error generated.
Makefile:4152: recipe for target 'apps/lib/libapps-lib-http_server.o' failed
make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io'
Makefile:3122: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From openssl at openssl.org  Tue Aug 11 10:11:43 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 11 Aug 2020 10:11:43 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-sock
Message-ID: <1597140703.539109.24580.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-sock

Commit log since last time:

04cb5ec0b7 Add 'on demand self test' and status test to providers
dda4e259e5 Add some of the missing CMS API documentation
28ba642779 Change CMS tests to use a library context.
0ab18e7924 Add EVP signature with libctx methods.
11eef7e766 Use libctx for EVP_CIPHER_CTX_rand_key() method.
831564543a Add libctx to ecdh_KDF_X9_63.
57e8420609 Fix EVP_PKEY_CTX_get_rsa_oaep_md() & EVP_PKEY_CTX_get_rsa_mgf1_md() so they use a libctx to retrieve the digest
90a1f2d76f Add libctx support to PKCS7.
45b22d6a35 Add libctx to SMIME ASN1
dcc679cd99 Add internal method x509_set0_libctx().
c1669f41ea Add libctx support to CMS.
82a7b2fb00 rand: fix typo in parameter name
378b163e49 Update gost-engine to fix API rename
97a8878c5d Use .cnf for config files, not .conf
5ccada09aa Add evp_test fixes.
64827f407b drbgtest: avoid a memory leak
7d615e2178 rand_drbg: remove RAND_DRBG.
4df0d37ff6 PROV: Fix MSBLOB / PVK deserializer
90ef39f43a EVP: Fix the returned value for ASN1_PKEY_CTRL_DEFAULT_MD_NID
a7922e208d TEST: Adjust the serdes test to include MSBLOB and PVK
dca51418b0 PEM: Fix i2b_PvK to use EVP_Encrypt calls consistently
37d398c180 PROV: Add MSBLOB and PVK to DSA and RSA deserializers
fb89000897 DESERIALIZER: Adjust to allow the use several deserializers with same name
413835f5d1 PEM: Make general MSBLOB reader functions exposed internally
6ce6ad39fe RSA: Be less strict on PSS parameters when exporting to provider
5f6a0b2ff0 mac: add some consistency to setting the XXX_final output length.
992492f5e8 gettables: documentation changes to pass the provider context.
132b61604b gettables: test changes to pass the provider context.
af5e1e852d gettables: provider changes to pass the provider context.
18ec26babc gettables: core changes to pass the provider context.
c5ec6dcf0b Add new APIs to get PKCS12 secretBag OID and value
15c9aa3aef apps/pkcs12: Change defaults from RC2 to PBES2 with PBKDF2
1b2873e4a1 Prepare for 3.0 alpha 7
e3ec8020b4 Prepare for release of 3.0 alpha 6
0f84cbc3e2 Update copyright year

Build log ended with (last 100 lines):

rm -f doc/man/man1/CA.pl.1 doc/man/man1/openssl-asn1parse.1 doc/man/man1/openssl-ca.1 doc/man/man1/openssl-ciphers.1 doc/man/man1/openssl-cmds.1 doc/man/man1/openssl-cmp.1 doc/man/man1/openssl-cms.1 doc/man/man1/openssl-crl.1 doc/man/man1/openssl-crl2pkcs7.1 doc/man/man1/openssl-dgst.1 doc/man/man1/openssl-dhparam.1 doc/man/man1/openssl-dsa.1 doc/man/man1/openssl-dsaparam.1 doc/man/man1/openssl-ec.1 doc/man/man1/openssl-ecparam.1 doc/man/man1/openssl-enc.1 doc/man/man1/openssl-engine.1 doc/man/man1/openssl-errstr.1 doc/man/man1/openssl-fipsinstall.1 doc/man/man1/openssl-gendsa.1 doc/man/man1/openssl-genpkey.1 doc/man/man1/openssl-genrsa.1 doc/man/man1/openssl-info.1 doc/man/man1/openssl-kdf.1 doc/man/man1/openssl-list.1 doc/man/man1/openssl-mac.1 doc/man/man1/openssl-nseq.1 doc/man/man1/openssl-ocsp.1 doc/man/man1/openssl-passwd.1 doc/man/man1/openssl-pkcs12.1 doc/man/man1/openssl-pkcs7.1 doc/man/man1/openssl-pkcs8.1 doc/man/man1/openssl-pkey.1 doc/man/man1/openssl-pkeyparam.1 doc/man/man1/openssl-pkeyutl.1 doc/man/man1/openssl-prime.1 doc/man/man1/openssl-provider.1 doc/man/man1/openssl-rand.1 doc/man/man1/openssl-rehash.1 doc/man/man1/openssl-req.1 doc/man/man1/openssl-rsa.1 doc/man/man1/openssl-rsautl.1 doc/man/man1/openssl-s_client.1 doc/man/man1/openssl-s_server.1 doc/man/man1/openssl-s_time.1 doc/man/man1/openssl-sess_id.1 doc/man/man1/openssl-smime.1 doc/man/man1/openssl-speed.1 doc/man/man1/openssl-spkac.1 doc/man/man1/openssl-srp.1 doc/man/man1/openssl-storeutl.1 doc/man/man1/openssl-ts.1 doc/man/man1/openssl-verify.1 doc/man/man1/openssl-version.1 doc/man/man1/openssl-x509.1 doc/man/man1/openssl.1 doc/man/man1/tsget.1 doc/man/man3/ADMISSIONS.3 doc/man/man3/ASN1_INTEGER_get_int64.3 doc/man/man3/ASN1_INTEGER_new.3 doc/man/man3/ASN1_ITEM_lookup.3 doc/man/man3/ASN1_OBJECT_new.3 doc/man/man3/ASN1_STRING_TABLE_add.3 doc/man/man3/ASN1_STRING_length.3 doc/man/man3/ASN1_STRING_new.3 doc/man/man3/ASN1_STRING_print_ex.3 doc/man/man3/ASN1_TIME_set.3 doc/man/man3/ASN1_TYPE_get.3 doc/man/man3/ASN1_generate_nconf.3 doc/man/man3/ASYNC_WAIT_CTX_new.3 doc/man/man3/ASYNC_start_job.3 doc/man/man3/BF_encrypt.3 doc/man/man3/BIO_ADDR.3 doc/man/man3/BIO_ADDRINFO.3 doc/man/man3/BIO_connect.3 doc/man/man3/BIO_ctrl.3 doc/man/man3/BIO_f_base64.3 doc/man/man3/BIO_f_buffer.3 doc/man/man3/BIO_f_cipher.3 doc/man/man3/BIO_f_md.3 doc/man/man3/BIO_f_null.3 doc/man/man3/BIO_f_prefix.3 doc/man/man3/BIO_f_ssl.3 doc/man/man3/BIO_find_type.3 doc/man/man3/BIO_get_data.3 doc/man/man3/BIO_get_ex_new_index.3 doc/man/man3/BIO_meth_new.3 doc/man/man3/BIO_new.3 doc/man/man3/BIO_new_CMS.3 doc/man/man3/BIO_parse_hostserv.3 doc/man/man3/BIO_printf.3 doc/man/man3/BIO_push.3 doc/man/man3/BIO_read.3 doc/man/man3/BIO_s_accept.3 doc/man/man3/BIO_s_bio.3 doc/man/man3/BIO_s_connect.3 doc/man/man3/BIO_s_fd.3 doc/man/man3/BIO_s_file.3 doc/man/man3/BIO_s_mem.3 doc/man/man3/BIO_s_null.3 doc/man/man3/BIO_s_socket.3 doc/man/man3/BIO_set_callback.3 doc/man/man3/BIO_should_retry.3 doc/man/man3/BIO_socket_wait.3 doc/man/man3/BN_BLINDING_new.3 doc/man/man3/BN_CTX_new.3 doc/man/man3/BN_CTX_start.3 doc/man/man3/BN_add.3 doc/man/man3/BN_add_word.3 doc/man/man3/BN_bn2bin.3 doc/man/man3/BN_cmp.3 doc/man/man3/BN_copy.3 doc/man/man3/BN_generate_prime.3 doc/man/man3/BN_mod_inverse.3 doc/man/man3/BN_mod_mul_montgomery.3 doc/man/man3/BN_mod_mul_reciprocal.3 doc/man/man3/BN_new.3 doc/man/man3/BN_num_bytes.3 doc/man/man3/BN_rand.3 doc/man/man3/BN_security_bits.3 doc/man/man3/BN_set_bit.3 doc/man/man3/BN_swap.3 doc/man/man3/BN_zero.3 doc/man/man3/BUF_MEM_new.3 doc/man/man3/CMS_EncryptedData_decrypt.3 doc/man/man3/CMS_EncryptedData_encrypt.3 doc/man/man3/CMS_EnvelopedData_create.3 doc/man/man3/CMS_add0_cert.3 doc/man/man3/CMS_add1_recipient_cert.3 doc/man/man3/CMS_add1_signer.3 doc/man/man3/CMS_compress.3 doc/man/man3/CMS_data_create.3 doc/man/man3/CMS_decrypt.3 doc/man/man3/CMS_digest_create.3 doc/man/man3/CMS_encrypt.3 doc/man/man3/CMS_final.3 doc/man/man3/CMS_get0_RecipientInfos.3 doc/man/man3/CMS_get0_SignerInfos.3 doc/man/man3/CMS_get0_type.3 doc/man/man3/CMS_get1_ReceiptRequest.3 doc/man/man3/CMS_sign.3 doc/man/man3/CMS_sign_receipt.3 doc/man/man3/CMS_uncompress.3 doc/man/man3/CMS_verify.3 doc/man/man3/CMS_verify_receipt.3 doc/man/man3/CONF_modules_free.3 doc/man/man3/CONF_modules_load_file.3 doc/man/man3/CRYPTO_THREAD_run_once.3 doc/man/man3/CRYPTO_get_ex_new_index.3 doc/man/man3/CRYPTO_memcmp.3 doc/man/man3/CTLOG_STORE_get0_log_by_id.3 doc/man/man3/CTLOG_STORE_new.3 doc/man/man3/CTLOG_new.3 doc/man/man3/CT_POLICY_EVAL_CTX_new.3 doc/man/man3/DEFINE_STACK_OF.3 doc/man/man3/DES_random_key.3 doc/man/man3/DH_generate_key.3 doc/man/man3/DH_generate_parameters.3 doc/man/man3/DH_get0_pqg.3 doc/man/man3/DH_get_1024_160.3 doc/man/man3/DH_meth_new.3 doc/man/man3/DH_new.3 doc/man/man3/DH_new_by_nid.3 doc/man/man3/DH_set_method.3 doc/man/man3/DH_size.3 doc/man/man3/DSA_SIG_new.3 doc/man/man3/DSA_do_sign.3 doc/man/man3/DSA_dup_DH.3 doc/man/man3/DSA_generate_key.3 doc/man/man3/DSA_generate_parameters.3 doc/man/man3/DSA_get0_pqg.3 doc/man/man3/DSA_meth_new.3 doc/man/man3/DSA_new.3 doc/man/man3/DSA_set_method.3 doc/man/man3/DSA_sign.3 doc/man/man3/DSA_size.3 doc/man/man3/DTLS_get_data_mtu.3 doc/man/man3/DTLS_set_timer_cb.3 doc/man/man3/DTLSv1_listen.3 doc/man/man3/ECDSA_SIG_new.3 doc/man/man3/ECPKParameters_print.3 doc/man/man3/EC_GFp_simple_method.3 doc/man/man3/EC_GROUP_copy.3 doc/man/man3/EC_GROUP_new.3 doc/man/man3/EC_KEY_get_enc_flags.3 doc/man/man3/EC_KEY_new.3 doc/man/man3/EC_POINT_add.3 doc/man/man3/EC_POINT_new.3 doc/man/man3/ENGINE_add.3 doc/man/man3/ERR_GET_LIB.3 doc/man/man3/ERR_clear_error.3 doc/man/man3/ERR_error_string.3 doc/man/man3/ERR_get_error.3 doc/man/man3/ERR_load_crypto_strings.3 doc/man/man3/ERR_load_strings.3 doc/man/man3/ERR_new.3 doc/man/man3/ERR_print_errors.3 doc/man/man3/ERR_put_error.3 doc/man/man3/ERR_remove_state.3 doc/man/man3/ERR_set_mark.3 doc/man/man3/EVP_ASYM_CIPHER_free.3 doc/man/man3/EVP_BytesToKey.3 doc/man/man3/EVP_CIPHER_CTX_get_cipher_data.3 doc/man/man3/EVP_CIPHER_meth_new.3 doc/man/man3/EVP_DigestInit.3 doc/man/man3/EVP_DigestSignInit.3 doc/man/man3/EVP_DigestVerifyInit.3 doc/man/man3/EVP_EncodeInit.3 doc/man/man3/EVP_EncryptInit.3 doc/man/man3/EVP_KDF.3 doc/man/man3/EVP_KEYEXCH_free.3 doc/man/man3/EVP_KEYMGMT.3 doc/man/man3/EVP_MAC.3 doc/man/man3/EVP_MD_meth_new.3 doc/man/man3/EVP_OpenInit.3 doc/man/man3/EVP_PKEY_ASN1_METHOD.3 doc/man/man3/EVP_PKEY_CTX_ctrl.3 doc/man/man3/EVP_PKEY_CTX_new.3 doc/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3 doc/man/man3/EVP_PKEY_CTX_set_hkdf_md.3 doc/man/man3/EVP_PKEY_CTX_set_params.3 doc/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3 doc/man/man3/EVP_PKEY_CTX_set_scrypt_N.3 doc/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3 doc/man/man3/EVP_PKEY_asn1_get_count.3 doc/man/man3/EVP_PKEY_check.3 doc/man/man3/EVP_PKEY_copy_parameters.3 doc/man/man3/EVP_PKEY_decrypt.3 doc/man/man3/EVP_PKEY_derive.3 doc/man/man3/EVP_PKEY_encrypt.3 doc/man/man3/EVP_PKEY_fromdata.3 doc/man/man3/EVP_PKEY_gen.3 doc/man/man3/EVP_PKEY_get_default_digest_nid.3 doc/man/man3/EVP_PKEY_gettable_params.3 doc/man/man3/EVP_PKEY_is_a.3 doc/man/man3/EVP_PKEY_meth_get_count.3 doc/man/man3/EVP_PKEY_meth_new.3 doc/man/man3/EVP_PKEY_new.3 doc/man/man3/EVP_PKEY_print_private.3 doc/man/man3/EVP_PKEY_set1_RSA.3 doc/man/man3/EVP_PKEY_set_type.3 doc/man/man3/EVP_PKEY_sign.3 doc/man/man3/EVP_PKEY_size.3 doc/man/man3/EVP_PKEY_supports_digest_nid.3 doc/man/man3/EVP_PKEY_verify.3 doc/man/man3/EVP_PKEY_verify_recover.3 doc/man/man3/EVP_RAND.3 doc/man/man3/EVP_SIGNATURE_free.3 doc/man/man3/EVP_SealInit.3 doc/man/man3/EVP_SignInit.3 doc/man/man3/EVP_VerifyInit.3 doc/man/man3/EVP_aes_128_gcm.3 doc/man/man3/EVP_aria_128_gcm.3 doc/man/man3/EVP_bf_cbc.3 doc/man/man3/EVP_blake2b512.3 doc/man/man3/EVP_camellia_128_ecb.3 doc/man/man3/EVP_cast5_cbc.3 doc/man/man3/EVP_chacha20.3 doc/man/man3/EVP_des_cbc.3 doc/man/man3/EVP_desx_cbc.3 doc/man/man3/EVP_idea_cbc.3 doc/man/man3/EVP_md2.3 doc/man/man3/EVP_md4.3 doc/man/man3/EVP_md5.3 doc/man/man3/EVP_mdc2.3 doc/man/man3/EVP_rc2_cbc.3 doc/man/man3/EVP_rc4.3 doc/man/man3/EVP_rc5_32_12_16_cbc.3 doc/man/man3/EVP_ripemd160.3 doc/man/man3/EVP_seed_cbc.3 doc/man/man3/EVP_set_default_properties.3 doc/man/man3/EVP_sha1.3 doc/man/man3/EVP_sha224.3 doc/man/man3/EVP_sha3_224.3 doc/man/man3/EVP_sm3.3 doc/man/man3/EVP_sm4_cbc.3 doc/man/man3/EVP_whirlpool.3 doc/man/man3/HMAC.3 doc/man/man3/MD5.3 doc/man/man3/MDC2_Init.3 doc/man/man3/NCONF_new_with_libctx.3 doc/man/man3/OBJ_nid2obj.3 doc/man/man3/OCSP_REQUEST_new.3 doc/man/man3/OCSP_cert_to_id.3 doc/man/man3/OCSP_request_add1_nonce.3 doc/man/man3/OCSP_resp_find_status.3 doc/man/man3/OCSP_response_status.3 doc/man/man3/OCSP_sendreq_new.3 doc/man/man3/OPENSSL_Applink.3 doc/man/man3/OPENSSL_CTX.3 doc/man/man3/OPENSSL_FILE.3 doc/man/man3/OPENSSL_LH_COMPFUNC.3 doc/man/man3/OPENSSL_LH_stats.3 doc/man/man3/OPENSSL_config.3 doc/man/man3/OPENSSL_fork_prepare.3 doc/man/man3/OPENSSL_hexchar2int.3 doc/man/man3/OPENSSL_ia32cap.3 doc/man/man3/OPENSSL_init_crypto.3 doc/man/man3/OPENSSL_init_ssl.3 doc/man/man3/OPENSSL_instrument_bus.3 doc/man/man3/OPENSSL_load_builtin_modules.3 doc/man/man3/OPENSSL_malloc.3 doc/man/man3/OPENSSL_s390xcap.3 doc/man/man3/OPENSSL_secure_malloc.3 doc/man/man3/OSSL_CMP_CTX_new.3 doc/man/man3/OSSL_CMP_HDR_get0_transactionID.3 doc/man/man3/OSSL_CMP_ITAV_set0.3 doc/man/man3/OSSL_CMP_MSG_get0_header.3 doc/man/man3/OSSL_CMP_MSG_http_perform.3 doc/man/man3/OSSL_CMP_SRV_CTX_new.3 doc/man/man3/OSSL_CMP_STATUSINFO_new.3 doc/man/man3/OSSL_CMP_exec_certreq.3 doc/man/man3/OSSL_CMP_log_open.3 doc/man/man3/OSSL_CMP_validate_msg.3 doc/man/man3/OSSL_CRMF_MSG_get0_tmpl.3 doc/man/man3/OSSL_CRMF_MSG_set0_validity.3 doc/man/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.3 doc/man/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.3 doc/man/man3/OSSL_CRMF_pbmp_new.3 doc/man/man3/OSSL_DESERIALIZER.3 doc/man/man3/OSSL_DESERIALIZER_CTX.3 doc/man/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_DESERIALIZER_from_bio.3 doc/man/man3/OSSL_HTTP_transfer.3 doc/man/man3/OSSL_PARAM.3 doc/man/man3/OSSL_PARAM_BLD.3 doc/man/man3/OSSL_PARAM_allocate_from_text.3 doc/man/man3/OSSL_PARAM_int.3 doc/man/man3/OSSL_PROVIDER.3 doc/man/man3/OSSL_SELF_TEST_new.3 doc/man/man3/OSSL_SELF_TEST_set_callback.3 doc/man/man3/OSSL_SERIALIZER.3 doc/man/man3/OSSL_SERIALIZER_CTX.3 doc/man/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_SERIALIZER_to_bio.3 doc/man/man3/OSSL_STORE_INFO.3 doc/man/man3/OSSL_STORE_LOADER.3 doc/man/man3/OSSL_STORE_SEARCH.3 doc/man/man3/OSSL_STORE_attach.3 doc/man/man3/OSSL_STORE_expect.3 doc/man/man3/OSSL_STORE_open.3 doc/man/man3/OSSL_trace_enabled.3 doc/man/man3/OSSL_trace_get_category_num.3 doc/man/man3/OSSL_trace_set_channel.3 doc/man/man3/OpenSSL_add_all_algorithms.3 doc/man/man3/OpenSSL_version.3 doc/man/man3/PEM_X509_INFO_read_bio_with_libctx.3 doc/man/man3/PEM_bytes_read_bio.3 doc/man/man3/PEM_read.3 doc/man/man3/PEM_read_CMS.3 doc/man/man3/PEM_read_bio_PrivateKey.3 doc/man/man3/PEM_read_bio_ex.3 doc/man/man3/PEM_write_bio_CMS_stream.3 doc/man/man3/PEM_write_bio_PKCS7_stream.3 doc/man/man3/PKCS12_SAFEBAG_create_cert.3 doc/man/man3/PKCS12_SAFEBAG_get0_attrs.3 doc/man/man3/PKCS12_SAFEBAG_get1_cert.3 doc/man/man3/PKCS12_add1_attr_by_NID.3 doc/man/man3/PKCS12_add_CSPName_asc.3 doc/man/man3/PKCS12_add_cert.3 doc/man/man3/PKCS12_add_friendlyname_asc.3 doc/man/man3/PKCS12_add_localkeyid.3 doc/man/man3/PKCS12_add_safe.3 doc/man/man3/PKCS12_create.3 doc/man/man3/PKCS12_get_friendlyname.3 doc/man/man3/PKCS12_newpass.3 doc/man/man3/PKCS12_parse.3 doc/man/man3/PKCS5_PBKDF2_HMAC.3 doc/man/man3/PKCS7_decrypt.3 doc/man/man3/PKCS7_encrypt.3 doc/man/man3/PKCS7_sign.3 doc/man/man3/PKCS7_sign_add_signer.3 doc/man/man3/PKCS7_verify.3 doc/man/man3/PKCS8_pkey_add1_attr.3 doc/man/man3/RAND_add.3 doc/man/man3/RAND_bytes.3 doc/man/man3/RAND_cleanup.3 doc/man/man3/RAND_egd.3 doc/man/man3/RAND_get0_primary.3 doc/man/man3/RAND_load_file.3 doc/man/man3/RAND_set_rand_method.3 doc/man/man3/RC4_set_key.3 doc/man/man3/RIPEMD160_Init.3 doc/man/man3/RSA_blinding_on.3 doc/man/man3/RSA_check_key.3 doc/man/man3/RSA_generate_key.3 doc/man/man3/RSA_get0_key.3 doc/man/man3/RSA_meth_new.3 doc/man/man3/RSA_new.3 doc/man/man3/RSA_padding_add_PKCS1_type_1.3 doc/man/man3/RSA_print.3 doc/man/man3/RSA_private_encrypt.3 doc/man/man3/RSA_public_encrypt.3 doc/man/man3/RSA_set_method.3 doc/man/man3/RSA_sign.3 doc/man/man3/RSA_sign_ASN1_OCTET_STRING.3 doc/man/man3/RSA_size.3 doc/man/man3/SCT_new.3 doc/man/man3/SCT_print.3 doc/man/man3/SCT_validate.3 doc/man/man3/SHA256_Init.3 doc/man/man3/SMIME_read_ASN1.3 doc/man/man3/SMIME_read_CMS.3 doc/man/man3/SMIME_read_PKCS7.3 doc/man/man3/SMIME_write_ASN1.3 doc/man/man3/SMIME_write_CMS.3 doc/man/man3/SMIME_write_PKCS7.3 doc/man/man3/SRP_Calc_B.3 doc/man/man3/SRP_VBASE_new.3 doc/man/man3/SRP_create_verifier.3 doc/man/man3/SRP_user_pwd_new.3 doc/man/man3/SSL_CIPHER_get_name.3 doc/man/man3/SSL_COMP_add_compression_method.3 doc/man/man3/SSL_CONF_CTX_new.3 doc/man/man3/SSL_CONF_CTX_set1_prefix.3 doc/man/man3/SSL_CONF_CTX_set_flags.3 doc/man/man3/SSL_CONF_CTX_set_ssl_ctx.3 doc/man/man3/SSL_CONF_cmd.3 doc/man/man3/SSL_CONF_cmd_argv.3 doc/man/man3/SSL_CTX_add1_chain_cert.3 doc/man/man3/SSL_CTX_add_extra_chain_cert.3 doc/man/man3/SSL_CTX_add_session.3 doc/man/man3/SSL_CTX_config.3 doc/man/man3/SSL_CTX_ctrl.3 doc/man/man3/SSL_CTX_dane_enable.3 doc/man/man3/SSL_CTX_flush_sessions.3 doc/man/man3/SSL_CTX_free.3 doc/man/man3/SSL_CTX_get0_param.3 doc/man/man3/SSL_CTX_get_verify_mode.3 doc/man/man3/SSL_CTX_has_client_custom_ext.3 doc/man/man3/SSL_CTX_load_verify_locations.3 doc/man/man3/SSL_CTX_new.3 doc/man/man3/SSL_CTX_sess_number.3 doc/man/man3/SSL_CTX_sess_set_cache_size.3 doc/man/man3/SSL_CTX_sess_set_get_cb.3 doc/man/man3/SSL_CTX_sessions.3 doc/man/man3/SSL_CTX_set0_CA_list.3 doc/man/man3/SSL_CTX_set1_curves.3 doc/man/man3/SSL_CTX_set1_sigalgs.3 doc/man/man3/SSL_CTX_set1_verify_cert_store.3 doc/man/man3/SSL_CTX_set_alpn_select_cb.3 doc/man/man3/SSL_CTX_set_cert_cb.3 doc/man/man3/SSL_CTX_set_cert_store.3 doc/man/man3/SSL_CTX_set_cert_verify_callback.3 doc/man/man3/SSL_CTX_set_cipher_list.3 doc/man/man3/SSL_CTX_set_client_cert_cb.3 doc/man/man3/SSL_CTX_set_client_hello_cb.3 doc/man/man3/SSL_CTX_set_ct_validation_callback.3 doc/man/man3/SSL_CTX_set_ctlog_list_file.3 doc/man/man3/SSL_CTX_set_default_passwd_cb.3 doc/man/man3/SSL_CTX_set_generate_session_id.3 doc/man/man3/SSL_CTX_set_info_callback.3 doc/man/man3/SSL_CTX_set_keylog_callback.3 doc/man/man3/SSL_CTX_set_max_cert_list.3 doc/man/man3/SSL_CTX_set_min_proto_version.3 doc/man/man3/SSL_CTX_set_mode.3 doc/man/man3/SSL_CTX_set_msg_callback.3 doc/man/man3/SSL_CTX_set_num_tickets.3 doc/man/man3/SSL_CTX_set_options.3 doc/man/man3/SSL_CTX_set_psk_client_callback.3 doc/man/man3/SSL_CTX_set_quiet_shutdown.3 doc/man/man3/SSL_CTX_set_read_ahead.3 doc/man/man3/SSL_CTX_set_record_padding_callback.3 doc/man/man3/SSL_CTX_set_security_level.3 doc/man/man3/SSL_CTX_set_session_cache_mode.3 doc/man/man3/SSL_CTX_set_session_id_context.3 doc/man/man3/SSL_CTX_set_session_ticket_cb.3 doc/man/man3/SSL_CTX_set_split_send_fragment.3 doc/man/man3/SSL_CTX_set_srp_password.3 doc/man/man3/SSL_CTX_set_ssl_version.3 doc/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3 doc/man/man3/SSL_CTX_set_timeout.3 doc/man/man3/SSL_CTX_set_tlsext_servername_callback.3 doc/man/man3/SSL_CTX_set_tlsext_status_cb.3 doc/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3 doc/man/man3/SSL_CTX_set_tlsext_use_srtp.3 doc/man/man3/SSL_CTX_set_tmp_dh_callback.3 doc/man/man3/SSL_CTX_set_tmp_ecdh.3 doc/man/man3/SSL_CTX_set_verify.3 doc/man/man3/SSL_CTX_use_certificate.3 doc/man/man3/SSL_CTX_use_psk_identity_hint.3 doc/man/man3/SSL_CTX_use_serverinfo.3 doc/man/man3/SSL_SESSION_free.3 doc/man/man3/SSL_SESSION_get0_cipher.3 doc/man/man3/SSL_SESSION_get0_hostname.3 doc/man/man3/SSL_SESSION_get0_id_context.3 doc/man/man3/SSL_SESSION_get0_peer.3 doc/man/man3/SSL_SESSION_get_compress_id.3 doc/man/man3/SSL_SESSION_get_protocol_version.3 doc/man/man3/SSL_SESSION_get_time.3 doc/man/man3/SSL_SESSION_has_ticket.3 doc/man/man3/SSL_SESSION_is_resumable.3 doc/man/man3/SSL_SESSION_print.3 doc/man/man3/SSL_SESSION_set1_id.3 doc/man/man3/SSL_accept.3 doc/man/man3/SSL_alert_type_string.3 doc/man/man3/SSL_alloc_buffers.3 doc/man/man3/SSL_check_chain.3 doc/man/man3/SSL_clear.3 doc/man/man3/SSL_connect.3 doc/man/man3/SSL_do_handshake.3 doc/man/man3/SSL_export_keying_material.3 doc/man/man3/SSL_extension_supported.3 doc/man/man3/SSL_free.3 doc/man/man3/SSL_get0_peer_scts.3 doc/man/man3/SSL_get_SSL_CTX.3 doc/man/man3/SSL_get_all_async_fds.3 doc/man/man3/SSL_get_ciphers.3 doc/man/man3/SSL_get_client_random.3 doc/man/man3/SSL_get_current_cipher.3 doc/man/man3/SSL_get_default_timeout.3 doc/man/man3/SSL_get_error.3 doc/man/man3/SSL_get_extms_support.3 doc/man/man3/SSL_get_fd.3 doc/man/man3/SSL_get_peer_cert_chain.3 doc/man/man3/SSL_get_peer_certificate.3 doc/man/man3/SSL_get_peer_signature_nid.3 doc/man/man3/SSL_get_peer_tmp_key.3 doc/man/man3/SSL_get_psk_identity.3 doc/man/man3/SSL_get_rbio.3 doc/man/man3/SSL_get_session.3 doc/man/man3/SSL_get_shared_sigalgs.3 doc/man/man3/SSL_get_verify_result.3 doc/man/man3/SSL_get_version.3 doc/man/man3/SSL_in_init.3 doc/man/man3/SSL_key_update.3 doc/man/man3/SSL_library_init.3 doc/man/man3/SSL_load_client_CA_file.3 doc/man/man3/SSL_new.3 doc/man/man3/SSL_pending.3 doc/man/man3/SSL_read.3 doc/man/man3/SSL_read_early_data.3 doc/man/man3/SSL_rstate_string.3 doc/man/man3/SSL_session_reused.3 doc/man/man3/SSL_set1_host.3 doc/man/man3/SSL_set_async_callback.3 doc/man/man3/SSL_set_bio.3 doc/man/man3/SSL_set_connect_state.3 doc/man/man3/SSL_set_fd.3 doc/man/man3/SSL_set_session.3 doc/man/man3/SSL_set_shutdown.3 doc/man/man3/SSL_set_verify_result.3 doc/man/man3/SSL_shutdown.3 doc/man/man3/SSL_state_string.3 doc/man/man3/SSL_want.3 doc/man/man3/SSL_write.3 doc/man/man3/TS_VERIFY_CTX_set_certs.3 doc/man/man3/UI_STRING.3 doc/man/man3/UI_UTIL_read_pw.3 doc/man/man3/UI_create_method.3 doc/man/man3/UI_new.3 doc/man/man3/X509V3_get_d2i.3 doc/man/man3/X509_ALGOR_dup.3 doc/man/man3/X509_CRL_get0_by_serial.3 doc/man/man3/X509_EXTENSION_set_object.3 doc/man/man3/X509_LOOKUP.3 doc/man/man3/X509_LOOKUP_hash_dir.3 doc/man/man3/X509_LOOKUP_meth_new.3 doc/man/man3/X509_NAME_ENTRY_get_object.3 doc/man/man3/X509_NAME_add_entry_by_txt.3 doc/man/man3/X509_NAME_get0_der.3 doc/man/man3/X509_NAME_get_index_by_NID.3 doc/man/man3/X509_NAME_print_ex.3 doc/man/man3/X509_PUBKEY_new.3 doc/man/man3/X509_SIG_get0.3 doc/man/man3/X509_STORE_CTX_get_error.3 doc/man/man3/X509_STORE_CTX_new.3 doc/man/man3/X509_STORE_CTX_set_verify_cb.3 doc/man/man3/X509_STORE_add_cert.3 doc/man/man3/X509_STORE_get0_param.3 doc/man/man3/X509_STORE_new.3 doc/man/man3/X509_STORE_set_verify_cb_func.3 doc/man/man3/X509_VERIFY_PARAM_set_flags.3 doc/man/man3/X509_check_ca.3 doc/man/man3/X509_check_host.3 doc/man/man3/X509_check_issued.3 doc/man/man3/X509_check_private_key.3 doc/man/man3/X509_check_purpose.3 doc/man/man3/X509_cmp.3 doc/man/man3/X509_cmp_time.3 doc/man/man3/X509_digest.3 doc/man/man3/X509_dup.3 doc/man/man3/X509_get0_distinguishing_id.3 doc/man/man3/X509_get0_notBefore.3 doc/man/man3/X509_get0_signature.3 doc/man/man3/X509_get0_uids.3 doc/man/man3/X509_get_extension_flags.3 doc/man/man3/X509_get_pubkey.3 doc/man/man3/X509_get_serialNumber.3 doc/man/man3/X509_get_subject_name.3 doc/man/man3/X509_get_version.3 doc/man/man3/X509_load_http.3 doc/man/man3/X509_new.3 doc/man/man3/X509_sign.3 doc/man/man3/X509_verify.3 doc/man/man3/X509_verify_cert.3 doc/man/man3/X509v3_get_ext_by_NID.3 doc/man/man3/d2i_DHparams.3 doc/man/man3/d2i_PKCS8PrivateKey_bio.3 doc/man/man3/d2i_PrivateKey.3 doc/man/man3/d2i_SSL_SESSION.3 doc/man/man3/d2i_X509.3 doc/man/man3/i2d_CMS_bio_stream.3 doc/man/man3/i2d_PKCS7_bio_stream.3 doc/man/man3/i2d_re_X509_tbs.3 doc/man/man3/o2i_SCT_LIST.3 doc/man/man3/s2i_ASN1_IA5STRING.3 doc/man/man5/config.5 doc/man/man5/fips_config.5 doc/man/man5/x509v3_config.5 doc/man/man7/EVP_KDF-HKDF.7 doc/man/man7/EVP_KDF-KB.7 doc/man/man7/EVP_KDF-KRB5KDF.7 doc/man/man7/EVP_KDF-PBKDF2.7 doc/man/man7/EVP_KDF-SCRYPT.7 doc/man/man7/EVP_KDF-SS.7 doc/man/man7/EVP_KDF-SSHKDF.7 doc/man/man7/EVP_KDF-TLS1_PRF.7 doc/man/man7/EVP_KDF-X942.7 doc/man/man7/EVP_KDF-X963.7 doc/man/man7/EVP_KEYEXCH-DH.7 doc/man/man7/EVP_KEYEXCH-ECDH.7 doc/man/man7/EVP_KEYEXCH-X25519.7 doc/man/man7/EVP_MAC-BLAKE2.7 doc/man/man7/EVP_MAC-CMAC.7 doc/man/man7/EVP_MAC-GMAC.7 doc/man/man7/EVP_MAC-HMAC.7 doc/man/man7/EVP_MAC-KMAC.7 doc/man/man7/EVP_MAC-Poly1305.7 doc/man/man7/EVP_MAC-Siphash.7 doc/man/man7/EVP_MD-BLAKE2.7 doc/man/man7/EVP_MD-MD2.7 doc/man/man7/EVP_MD-MD4.7 doc/man/man7/EVP_MD-MD5-SHA1.7 doc/man/man7/EVP_MD-MD5.7 doc/man/man7/EVP_MD-MDC2.7 doc/man/man7/EVP_MD-RIPEMD160.7 doc/man/man7/EVP_MD-SHA1.7 doc/man/man7/EVP_MD-SHA2.7 doc/man/man7/EVP_MD-SHA3.7 doc/man/man7/EVP_MD-SHAKE.7 doc/man/man7/EVP_MD-SM3.7 doc/man/man7/EVP_MD-WHIRLPOOL.7 doc/man/man7/EVP_MD-common.7 doc/man/man7/EVP_PKEY-DH.7 doc/man/man7/EVP_PKEY-DSA.7 doc/man/man7/EVP_PKEY-EC.7 doc/man/man7/EVP_PKEY-FFC.7 doc/man/man7/EVP_PKEY-RSA.7 doc/man/man7/EVP_PKEY-X25519.7 doc/man/man7/EVP_RAND-CTR-DRBG.7 doc/man/man7/EVP_RAND-HASH-DRBG.7 doc/man/man7/EVP_RAND-HMAC-DRBG.7 doc/man/man7/EVP_RAND-TEST-RAND.7 doc/man/man7/EVP_RAND.7 doc/man/man7/EVP_SIGNATURE-DSA.7 doc/man/man7/EVP_SIGNATURE-ECDSA.7 doc/man/man7/EVP_SIGNATURE-ED25519.7 doc/man/man7/EVP_SIGNATURE-RSA.7 doc/man/man7/OSSL_PROVIDER-FIPS.7 doc/man/man7/OSSL_PROVIDER-base.7 doc/man/man7/OSSL_PROVIDER-default.7 doc/man/man7/OSSL_PROVIDER-legacy.7 doc/man/man7/OSSL_PROVIDER-null.7 doc/man/man7/RAND.7 doc/man/man7/RSA-PSS.7 doc/man/man7/SM2.7 doc/man/man7/X25519.7 doc/man/man7/bio.7 doc/man/man7/crypto.7 doc/man/man7/ct.7 doc/man/man7/des_modes.7 doc/man/man7/evp.7 doc/man/man7/openssl-core.h.7 doc/man/man7/openssl-core_dispatch.h.7 doc/man/man7/openssl-core_names.h.7 doc/man/man7/openssl-env.7 doc/man/man7/openssl_user_macros.7 doc/man/man7/ossl_store-file.7 doc/man/man7/ossl_store.7 doc/man/man7/passphrase-encoding.7 doc/man/man7/property.7 doc/man/man7/provider-asym_cipher.7 doc/man/man7/provider-base.7 doc/man/man7/provider-cipher.7 doc/man/man7/provider-digest.7 doc/man/man7/provider-keyexch.7 doc/man/man7/provider-keymgmt.7 doc/man/man7/provider-mac.7 doc/man/man7/provider-rand.7 doc/man/man7/provider-serializer.7 doc/man/man7/provider-signature.7 doc/man/man7/provider.7 doc/man/man7/proxy-certificates.7 doc/man/man7/ssl.7 doc/man/man7/x509.7
rm -f apps/openssl fuzz/asn1-test fuzz/asn1parse-test fuzz/bignum-test fuzz/bndiv-test fuzz/client-test fuzz/cmp-test fuzz/cms-test fuzz/conf-test fuzz/crl-test fuzz/ct-test fuzz/server-test fuzz/x509-test test/aborttest test/acvp_test test/aesgcmtest test/afalgtest test/asn1_decode_test test/asn1_dsa_internal_test test/asn1_encode_test test/asn1_internal_test test/asn1_string_table_test test/asn1_time_test test/asynciotest test/asynctest test/bad_dtls_test test/bftest test/bio_callback_test test/bio_enc_test test/bio_memleak_test test/bio_prefix_text test/bioprinttest test/bn_internal_test test/bntest test/buildtest_c_aes test/buildtest_c_asn1 test/buildtest_c_asn1t test/buildtest_c_async test/buildtest_c_bio test/buildtest_c_blowfish test/buildtest_c_bn test/buildtest_c_buffer test/buildtest_c_camellia test/buildtest_c_cast test/buildtest_c_cmac test/buildtest_c_cmp test/buildtest_c_cmp_util test/buildtest_c_cms test/buildtest_c_comp test/buildtest_c_conf test/buildtest_c_conf_api test/buildtest_c_core test/buildtest_c_core_dispatch test/buildtest_c_core_names test/buildtest_c_crmf test/buildtest_c_crypto test/buildtest_c_ct test/buildtest_c_des test/buildtest_c_deserializer test/buildtest_c_dh test/buildtest_c_dsa test/buildtest_c_e_os2 test/buildtest_c_ebcdic test/buildtest_c_ec test/buildtest_c_ecdh test/buildtest_c_ecdsa test/buildtest_c_engine test/buildtest_c_ess test/buildtest_c_evp test/buildtest_c_fips_names test/buildtest_c_hmac test/buildtest_c_http test/buildtest_c_idea test/buildtest_c_kdf test/buildtest_c_lhash test/buildtest_c_macros test/buildtest_c_md4 test/buildtest_c_md5 test/buildtest_c_mdc2 test/buildtest_c_modes test/buildtest_c_obj_mac test/buildtest_c_objects test/buildtest_c_ocsp test/buildtest_c_ossl_typ test/buildtest_c_param_build test/buildtest_c_params test/buildtest_c_pem test/buildtest_c_pem2 test/buildtest_c_pkcs12 test/buildtest_c_pkcs7 test/buildtest_c_provider test/buildtest_c_rand test/buildtest_c_rc2 test/buildtest_c_rc4 test/buildtest_c_ripemd test/buildtest_c_rsa test/buildtest_c_safestack test/buildtest_c_seed test/buildtest_c_self_test test/buildtest_c_serializer test/buildtest_c_sha test/buildtest_c_srp test/buildtest_c_srtp test/buildtest_c_ssl test/buildtest_c_ssl2 test/buildtest_c_stack test/buildtest_c_store test/buildtest_c_symhacks test/buildtest_c_tls1 test/buildtest_c_ts test/buildtest_c_txt_db test/buildtest_c_types test/buildtest_c_ui test/buildtest_c_whrlpool test/buildtest_c_x509 test/buildtest_c_x509_vfy test/buildtest_c_x509v3 test/casttest test/chacha_internal_test test/cipher_overhead_test test/cipherbytes_test test/cipherlist_test test/ciphername_test test/clienthellotest test/cmactest test/cmp_asn_test test/cmp_client_test test/cmp_ctx_test test/cmp_hdr_test test/cmp_msg_test test/cmp_protect_test test/cmp_server_test test/cmp_status_test test/cmp_vfy_test test/cmsapitest test/conf_include_test test/confdump test/constant_time_test test/context_internal_test test/crltest test/ct_test test/ctype_internal_test test/curve448_internal_test test/d2i_test test/danetest test/destest test/dhtest test/drbgtest test/dsa_no_digest_size_test test/dsatest test/dtls_mtu_test test/dtlstest test/dtlsv1listentest test/ec_internal_test test/ecdsatest test/ecstresstest test/ectest test/enginetest test/errtest test/evp_extra_test test/evp_extra_test2 test/evp_fetch_prov_test test/evp_kdf_test test/evp_libctx_test test/evp_pkey_dparams_test test/evp_pkey_provided_test test/evp_test test/exdatatest test/exptest test/fatalerrtest test/ffc_internal_test test/gmdifftest test/gosttest test/hexstr_test test/hmactest test/http_test test/ideatest test/igetest test/keymgmt_internal_test test/lhash_test test/mdc2_internal_test test/mdc2test test/memleaktest test/modes_internal_test test/namemap_internal_test test/ocspapitest test/packettest test/param_build_test test/params_api_test test/params_conversion_test test/params_test test/pbelutest test/pemtest test/pkcs12_format_test test/pkey_meth_kdf_test test/pkey_meth_test test/poly1305_internal_test test/property_test test/provider_fallback_test test/provider_internal_test test/provider_status_test test/provider_test test/rc2test test/rc4test test/rc5test test/rdrand_sanitytest test/recordlentest test/rsa_complex test/rsa_mp_test test/rsa_sp800_56b_test test/rsa_test test/sanitytest test/secmemtest test/serdes_test test/servername_test test/shlibloadtest test/siphash_internal_test test/sm2_internal_test test/sm4_internal_test test/sparse_array_test test/srptest test/ssl_cert_table_internal_test test/ssl_ctx_test test/ssl_test test/ssl_test_ctx_test test/sslapitest test/sslbuffertest test/sslcorrupttest test/ssltest_old test/stack_test test/sysdefaulttest test/test_test test/threadstest test/time_offset_test test/tls13ccstest test/tls13encryptiontest test/tls13secretstest test/uitest test/v3ext test/v3nametest test/verify_extra_test test/versions test/wpackettest test/x509_check_cert_pkey_test test/x509_dup_cert_test test/x509_internal_test test/x509_time_test test/x509aux  engines/afalg.so engines/capi.so engines/dasync.so engines/ossltest.so engines/padlock.so providers/fips.so providers/legacy.so test/p_test.so apps/CA.pl apps/tsget.pl tools/c_rehash util/shlib_wrap.sh
rm -f doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod include/crypto/bn_conf.h include/crypto/dso_conf.h include/openssl/configuration.h include/openssl/fipskey.h include/openssl/opensslv.h test/provider_internal_test.cnf apps/CA.pl apps/progs.c apps/progs.h apps/tsget.pl crypto/aes/aes-x86_64.s crypto/aes/aesni-mb-x86_64.s crypto/aes/aesni-sha1-x86_64.s crypto/aes/aesni-sha256-x86_64.s crypto/aes/aesni-x86_64.s crypto/aes/bsaes-x86_64.s crypto/aes/vpaes-x86_64.s crypto/bn/rsaz-avx2.s crypto/bn/rsaz-x86_64.s crypto/bn/x86_64-gf2m.s crypto/bn/x86_64-mont.s crypto/bn/x86_64-mont5.s crypto/buildinf.h crypto/camellia/cmll-x86_64.s crypto/chacha/chacha-x86_64.s crypto/ec/ecp_nistz256-x86_64.s crypto/ec/x25519-x86_64.s crypto/md5/md5-x86_64.s crypto/modes/aesni-gcm-x86_64.s crypto/modes/ghash-x86_64.s crypto/poly1305/poly1305-x86_64.s crypto/rc4/rc4-md5-x86_64.s crypto/rc4/rc4-x86_64.s crypto/sha/keccak1600-x86_64.s crypto/sha/sha1-mb-x86_64.s crypto/sha/sha1-x86_64.s crypto/sha/sha256-mb-x86_64.s crypto/sha/sha256-x86_64.s crypto/sha/sha512-x86_64.s crypto/whrlpool/wp-x86_64.s crypto/x86_64cpuid.s doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod engines/afalg.ld engines/capi.ld engines/dasync.ld engines/e_padlock-x86_64.s engines/ossltest.ld engines/padlock.ld libcrypto.ld libssl.ld providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_rsa_gen.c providers/common/der/der_wrap_gen.c providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_wrap.h providers/fips.ld providers/legacy.ld test/buildtest_aes.c test/buildtest_asn1.c test/buildtest_asn1t.c test/buildtest_async.c test/buildtest_bio.c test/buildtest_blowfish.c test/buildtest_bn.c test/buildtest_buffer.c test/buildtest_camellia.c test/buildtest_cast.c test/buildtest_cmac.c test/buildtest_cmp.c test/buildtest_cmp_util.c test/buildtest_cms.c test/buildtest_comp.c test/buildtest_conf.c test/buildtest_conf_api.c test/buildtest_core.c test/buildtest_core_dispatch.c test/buildtest_core_names.c test/buildtest_crmf.c test/buildtest_crypto.c test/buildtest_ct.c test/buildtest_des.c test/buildtest_deserializer.c test/buildtest_dh.c test/buildtest_dsa.c test/buildtest_e_os2.c test/buildtest_ebcdic.c test/buildtest_ec.c test/buildtest_ecdh.c test/buildtest_ecdsa.c test/buildtest_engine.c test/buildtest_ess.c test/buildtest_evp.c test/buildtest_fips_names.c test/buildtest_hmac.c test/buildtest_http.c test/buildtest_idea.c test/buildtest_kdf.c test/buildtest_lhash.c test/buildtest_macros.c test/buildtest_md4.c test/buildtest_md5.c test/buildtest_mdc2.c test/buildtest_modes.c test/buildtest_obj_mac.c test/buildtest_objects.c test/buildtest_ocsp.c test/buildtest_ossl_typ.c test/buildtest_param_build.c test/buildtest_params.c test/buildtest_pem.c test/buildtest_pem2.c test/buildtest_pkcs12.c test/buildtest_pkcs7.c test/buildtest_provider.c test/buildtest_rand.c test/buildtest_rc2.c test/buildtest_rc4.c test/buildtest_ripemd.c test/buildtest_rsa.c test/buildtest_safestack.c test/buildtest_seed.c test/buildtest_self_test.c test/buildtest_serializer.c test/buildtest_sha.c test/buildtest_srp.c test/buildtest_srtp.c test/buildtest_ssl.c test/buildtest_ssl2.c test/buildtest_stack.c test/buildtest_store.c test/buildtest_symhacks.c test/buildtest_tls1.c test/buildtest_ts.c test/buildtest_txt_db.c test/buildtest_types.c test/buildtest_ui.c test/buildtest_whrlpool.c test/buildtest_x509.c test/buildtest_x509_vfy.c test/buildtest_x509v3.c test/p_test.ld tools/c_rehash util/shlib_wrap.sh
rm -f `find . -name '*.d' \! -name '.*' \! -type d -print`
rm -f `find . -name '*.o' \! -name '.*' \! -type d -print`
rm -f core
rm -f tags TAGS doc-nits cmd-nits md-nits
rm -f -r test/test-runs
rm -f openssl.pc libcrypto.pc libssl.pc
rm -f `find . -type l \! -name '.*' -print`
rm -f ../openssl-3.0.0-alpha7-dev.tar
$ make depend
$ LDCMD= make -j4
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-asn1parse.pod.in > doc/man1/openssl-asn1parse.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ca.pod.in > doc/man1/openssl-ca.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ciphers.pod.in > doc/man1/openssl-ciphers.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmds.pod.in > doc/man1/openssl-cmds.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmp.pod.in > doc/man1/openssl-cmp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cms.pod.in > doc/man1/openssl-cms.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl.pod.in > doc/man1/openssl-crl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-provider.pod.in > doc/man1/openssl-provider.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf
make depend && make _build_sw
make[1]: Entering directory '/home/openssl/run-checker/no-sock'
make[1]: Leaving directory '/home/openssl/run-checker/no-sock'
make[1]: Entering directory '/home/openssl/run-checker/no-sock'
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c
../openssl/apps/lib/http_server.c:27:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations]
int multi = 0; /* run multiple responder processes */
    ^
1 error generated.
Makefile:4168: recipe for target 'apps/lib/libapps-lib-http_server.o' failed
make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-sock'
Makefile:3138: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From matthias.st.pierre at ncp-e.com  Tue Aug 11 10:29:32 2020
From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com)
Date: Tue, 11 Aug 2020 10:29:32 +0000
Subject: [openssl]  master update
Message-ID: <1597141772.020169.14633.nullmailer@dev.openssl.org>

The branch master has been updated
       via  36b778fbb785ef19dc2476798ccb8233a8a16075 (commit)
       via  0799b79a455336c2d5575745af4fa8a057c35a6e (commit)
      from  33b4f731451bcd7321ddae002c7945cd83d52f78 (commit)


- Log -----------------------------------------------------------------
commit 36b778fbb785ef19dc2476798ccb8233a8a16075
Author: Dr. Matthias St. Pierre <matthias.st.pierre at ncp-e.com>
Date:   Thu Jul 2 20:04:44 2020 +0200

    README.md: remove incorrect link to openssl.github.io
    
    The link to the OpenSSL Project Pages <openssl.github.io>
    actually points to an unfinished draft <mspncp.github.io>.
    
    The original intention of this pet project of mine was to
    have a website dedicated to describing the OpenSSL workflow
    on GitHub and to answer frequently asked questions related
    to pull requests and the review process.
    
    The progress on that project has stalled and I'm not so sure
    anymore whether it is good idea to have yet another project
    website. In particular since the OpenSSL Wiki has seen some
    revival and increased activity caused by the upcoming
    OpenSSL 3.0 release.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12361)

commit 0799b79a455336c2d5575745af4fa8a057c35a6e
Author: Dr. Matthias St. Pierre <matthias.st.pierre at ncp-e.com>
Date:   Thu Jul 2 20:00:03 2020 +0200

    README.md: replace incorrect access token for the AppVeyor badge
    
    The AppVeyor badge was still showing the build state for
    the mspncp/openssl fork.
    
    This commit fixes a forgotten todo from #10545.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12361)

-----------------------------------------------------------------------

Summary of changes:
 README.md | 18 +-----------------
 1 file changed, 1 insertion(+), 17 deletions(-)

diff --git a/README.md b/README.md
index c126116ed8..ba8efb17b7 100644
--- a/README.md
+++ b/README.md
@@ -156,11 +156,6 @@ Contributing
 If you are interested and willing to contribute to the OpenSSL project,
 please take a look at the [CONTRIBUTING](CONTRIBUTING.md) file.
 
-Since 2016, development takes place in public on the GitHub open source
-platform. The OpenSSL Project Pages at [openssl.github.io][] are a
-valuable source of information if you want to get familiar with our
-development process on GitHub.
-
 Legalities
 ==========
 
@@ -195,10 +190,6 @@ All rights reserved.
     <https://github.com/openssl/openssl>
     "OpenSSL GitHub Mirror"
 
-[openssl.github.io]:
-    <https://mspncp.github.io>
-    "OpenSSL Project Pages"
-
 [wiki.openssl.org]:
     <https://wiki.openssl.org>
     "OpenSSL Wiki"
@@ -207,13 +198,6 @@ All rights reserved.
      <https://tools.ietf.org/html/rfc8446>
 
 <!-- Logos and Badges -->
-<!--
-  Note: The security token for the appveyor badge (the random number in
-  the URL below) was obtained for the mspncp/openssl project.
-  It needs to be replaced by the correct token by some core member
-  (@levitte, @mattcaswell?). It can be obtained for project members at
-  https://ci.appveyor.com/project/openssl/openssl/settings/badges.
--->
 
 [openssl logo]:
     doc/images/openssl.svg
@@ -228,7 +212,7 @@ All rights reserved.
     "Travis Jobs"
 
 [appveyor badge]:
-    <https://ci.appveyor.com/api/projects/status/ikn2l4u1xsume63u/branch/master?svg=true>
+    <https://ci.appveyor.com/api/projects/status/8e10o7xfrg73v98f/branch/master?svg=true>
     "AppVeyor Build Status"
 
 [appveyor jobs]:

From shane.lontis at oracle.com  Tue Aug 11 10:42:10 2020
From: shane.lontis at oracle.com (shane.lontis at oracle.com)
Date: Tue, 11 Aug 2020 10:42:10 +0000
Subject: [openssl]  master update
Message-ID: <1597142530.522226.17703.nullmailer@dev.openssl.org>

The branch master has been updated
       via  31d2daecb384475da13c4bf7c76a2dde0077b2f2 (commit)
       via  116d2510f7e95d1e6f4a6b9db2df1ec8d11b61fb (commit)
       via  627c220311bcd3bd6f4f745b76ce6a548bed4629 (commit)
      from  36b778fbb785ef19dc2476798ccb8233a8a16075 (commit)


- Log -----------------------------------------------------------------
commit 31d2daecb384475da13c4bf7c76a2dde0077b2f2
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 4 11:39:49 2020 +1000

    Add DHX serialization
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12575)

commit 116d2510f7e95d1e6f4a6b9db2df1ec8d11b61fb
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 4 11:21:21 2020 +1000

    Add dh_kdf support to provider
    
    Similiar to ecdh this supports the legacy kdf inside the provider dh key exchange.
    The supporting EVP_PKEY_CTX macros have been changed into mehtods and moved into dh_ctrl.c
    New kdfs such as SSKDF should be done as a seperate pass after doing the derive.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12575)

commit 627c220311bcd3bd6f4f745b76ce6a548bed4629
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 4 11:15:18 2020 +1000

    Add DHX support to keymanager
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12575)

-----------------------------------------------------------------------

Summary of changes:
 crypto/dh/build.info                               |   5 +-
 crypto/dh/dh_ameth.c                               |  41 +-
 crypto/dh/dh_ctrl.c                                | 566 +++++++++++++++++++++
 crypto/dh/dh_kdf.c                                 |  74 +--
 crypto/dh/dh_lib.c                                 | 192 -------
 crypto/evp/p_lib.c                                 |   2 +
 crypto/evp/pmeth_lib.c                             |  23 +-
 doc/man3/EVP_PKEY_CTX_ctrl.pod                     | 124 ++---
 include/crypto/dh.h                                |   6 +
 include/openssl/dh.h                               |  53 +-
 providers/defltprov.c                              |   1 +
 providers/deserializers.inc                        |   1 +
 providers/fips/fipsprov.c                          |   1 +
 providers/implementations/exchange/dh_exch.c       | 302 ++++++++++-
 .../implementations/include/prov/implementations.h |   2 +
 providers/implementations/keymgmt/dh_kmgmt.c       |  72 ++-
 .../serializers/deserialize_der2key.c              |   1 +
 .../implementations/serializers/serializer_dh.c    |   5 +
 .../serializers/serializer_dh_priv.c               |   6 +-
 .../serializers/serializer_dh_pub.c                |   6 +-
 .../implementations/serializers/serializer_local.h |   1 +
 providers/serializers.inc                          |  10 +
 test/evp_libctx_test.c                             |  88 ++++
 test/serdes_test.c                                 |   5 +
 util/libcrypto.num                                 |  10 +
 25 files changed, 1246 insertions(+), 351 deletions(-)
 create mode 100644 crypto/dh/dh_ctrl.c

diff --git a/crypto/dh/build.info b/crypto/dh/build.info
index 656e6ea828..887ef78b0b 100644
--- a/crypto/dh/build.info
+++ b/crypto/dh/build.info
@@ -1,10 +1,11 @@
 LIBS=../../libcrypto
 
-$COMMON=dh_lib.c dh_key.c dh_group_params.c dh_check.c dh_backend.c dh_gen.c
+$COMMON=dh_lib.c dh_key.c dh_group_params.c dh_check.c dh_backend.c dh_gen.c \
+        dh_kdf.c
 
 SOURCE[../../libcrypto]=$COMMON\
         dh_asn1.c dh_err.c \
-        dh_ameth.c dh_pmeth.c dh_prn.c dh_rfc5114.c dh_kdf.c dh_meth.c
+        dh_ameth.c dh_pmeth.c dh_prn.c dh_rfc5114.c dh_meth.c dh_ctrl.c
 IF[{- !$disabled{'deprecated-0.9.8'} -}]
   SOURCE[../../libcrypto]=dh_depr.c
 ENDIF
diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c
index d5e5f72517..011bc5ad03 100644
--- a/crypto/dh/dh_ameth.c
+++ b/crypto/dh/dh_ameth.c
@@ -35,9 +35,19 @@
 static DH *d2i_dhp(const EVP_PKEY *pkey, const unsigned char **pp,
                    long length)
 {
-    if (pkey->ameth == &dhx_asn1_meth)
-        return d2i_DHxparams(NULL, pp, length);
-    return d2i_DHparams(NULL, pp, length);
+    DH *dh = NULL;
+    int is_dhx = (pkey->ameth == &dhx_asn1_meth);
+
+    if (is_dhx)
+        dh = d2i_DHxparams(NULL, pp, length);
+    else
+        dh = d2i_DHparams(NULL, pp, length);
+
+    if (dh != NULL) {
+        DH_clear_flags(dh, DH_FLAG_TYPE_MASK);
+        DH_set_flags(dh, is_dhx ? DH_FLAG_TYPE_DHX : DH_FLAG_TYPE_DH);
+    }
+    return dh;
 }
 
 static int i2d_dhp(const EVP_PKEY *pkey, const DH *a, unsigned char **pp)
@@ -101,7 +111,6 @@ static int dh_pub_decode(EVP_PKEY *pkey, const X509_PUBKEY *pubkey)
     ASN1_INTEGER_free(public_key);
     DH_free(dh);
     return 0;
-
 }
 
 static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
@@ -548,12 +557,16 @@ err:
     return rv;
 }
 
-static int dh_pkey_import_from(const OSSL_PARAM params[], void *vpctx)
+static int dh_pkey_import_from_type(const OSSL_PARAM params[], void *vpctx,
+                                    int type)
 {
     EVP_PKEY_CTX *pctx = vpctx;
     EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx);
     DH *dh = dh_new_with_libctx(pctx->libctx);
 
+    DH_clear_flags(dh, DH_FLAG_TYPE_MASK);
+    DH_set_flags(dh, type == EVP_PKEY_DH ? DH_FLAG_TYPE_DH : DH_FLAG_TYPE_DHX);
+
     if (dh == NULL) {
         ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE);
         return 0;
@@ -561,13 +574,23 @@ static int dh_pkey_import_from(const OSSL_PARAM params[], void *vpctx)
 
     if (!dh_ffc_params_fromdata(dh, params)
         || !dh_key_fromdata(dh, params)
-        || !EVP_PKEY_assign_DH(pkey, dh)) {
+        || !EVP_PKEY_assign(pkey, type, dh)) {
         DH_free(dh);
         return 0;
     }
     return 1;
 }
 
+static int dh_pkey_import_from(const OSSL_PARAM params[], void *vpctx)
+{
+    return dh_pkey_import_from_type(params, vpctx, EVP_PKEY_DH);
+}
+
+static int dhx_pkey_import_from(const OSSL_PARAM params[], void *vpctx)
+{
+    return dh_pkey_import_from_type(params, vpctx, EVP_PKEY_DHX);
+}
+
 const EVP_PKEY_ASN1_METHOD dh_asn1_meth = {
     EVP_PKEY_DH,
     EVP_PKEY_DH,
@@ -649,7 +672,11 @@ const EVP_PKEY_ASN1_METHOD dhx_asn1_meth = {
 
     0,
     dh_pkey_public_check,
-    dh_pkey_param_check
+    dh_pkey_param_check,
+    0, 0, 0, 0,
+    dh_pkey_dirty_cnt,
+    dh_pkey_export_to,
+    dhx_pkey_import_from,
 };
 
 #ifndef OPENSSL_NO_CMS
diff --git a/crypto/dh/dh_ctrl.c b/crypto/dh/dh_ctrl.c
new file mode 100644
index 0000000000..6fddd271a8
--- /dev/null
+++ b/crypto/dh/dh_ctrl.c
@@ -0,0 +1,566 @@
+/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
+#include <stdio.h>
+#include "crypto/evp.h"
+#include <openssl/bn.h>
+#include <openssl/engine.h>
+#include <openssl/obj_mac.h>
+#include <openssl/core_names.h>
+#include "internal/cryptlib.h"
+#include "internal/refcount.h"
+#include "crypto/dh.h"
+#include "dh_local.h"
+
+static int dh_paramgen_check(EVP_PKEY_CTX *ctx)
+{
+    if (ctx == NULL || !EVP_PKEY_CTX_IS_GEN_OP(ctx)) {
+        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
+        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
+        return -2;
+    }
+    /* If key type not DH return error */
+    if (ctx->pmeth != NULL
+        && ctx->pmeth->pkey_id != EVP_PKEY_DH
+        && ctx->pmeth->pkey_id != EVP_PKEY_DHX)
+        return -1;
+    return 1;
+}
+
+static int dh_param_derive_check(EVP_PKEY_CTX *ctx)
+{
+    if (ctx == NULL || !EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
+        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
+        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
+        return -2;
+    }
+    /* If key type not DH return error */
+    if (ctx->pmeth != NULL
+        && ctx->pmeth->pkey_id != EVP_PKEY_DH
+        && ctx->pmeth->pkey_id != EVP_PKEY_DHX)
+        return -1;
+    return 1;
+}
+
+int EVP_PKEY_CTX_set_dh_paramgen_gindex(EVP_PKEY_CTX *ctx, int gindex)
+{
+    int ret;
+    OSSL_PARAM params[2], *p = params;
+
+    if ((ret = dh_paramgen_check(ctx)) <= 0)
+        return ret;
+
+    *p++ = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_FFC_GINDEX, &gindex);
+    *p = OSSL_PARAM_construct_end();
+
+    return EVP_PKEY_CTX_set_params(ctx, params);
+}
+
+int EVP_PKEY_CTX_set_dh_paramgen_seed(EVP_PKEY_CTX *ctx,
+                                      const unsigned char *seed,
+                                      size_t seedlen)
+{
+    int ret;
+    OSSL_PARAM params[2], *p = params;
+
+    if ((ret = dh_paramgen_check(ctx)) <= 0)
+        return ret;
+
+    *p++ = OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_FFC_SEED,
+                                             (void *)seed, seedlen);
+    *p = OSSL_PARAM_construct_end();
+
+    return EVP_PKEY_CTX_set_params(ctx, params);
+}
+
+int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int typ)
+{
+    int ret;
+    OSSL_PARAM params[2], *p = params;
+    const char *name;
+
+    if ((ret = dh_paramgen_check(ctx)) <= 0)
+        return ret;
+
+    /* TODO(3.0): Remove this eventually when no more legacy */
+    if (ctx->op.keymgmt.genctx == NULL)
+        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN,
+                                 EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, typ, NULL);
+
+    name = dh_gen_type_id2name(typ);
+    if (name == NULL)
+        return 0;
+    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_FFC_TYPE,
+                                            (char *) name, 0);
+    *p = OSSL_PARAM_construct_end();
+
+    return EVP_PKEY_CTX_set_params(ctx, params);
+}
+
+int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int pbits)
+{
+    int ret;
+    OSSL_PARAM params[2], *p = params;
+    size_t bits = pbits;
+
+    if ((ret = dh_paramgen_check(ctx)) <= 0)
+        return ret;
+
+    /* TODO(3.0): Remove this eventually when no more legacy */
+    if (ctx->op.keymgmt.genctx == NULL)
+        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN,
+                                 EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, pbits,
+                                 NULL);
+    *p++ = OSSL_PARAM_construct_size_t(OSSL_PKEY_PARAM_FFC_PBITS, &bits);
+    *p = OSSL_PARAM_construct_end();
+    return EVP_PKEY_CTX_set_params(ctx, params);
+}
+
+int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int qbits)
+{
+    int ret;
+    OSSL_PARAM params[2], *p = params;
+    size_t bits2 = qbits;
+
+    if ((ret = dh_paramgen_check(ctx)) <= 0)
+        return ret;
+
+    /* TODO(3.0): Remove this eventually when no more legacy */
+    if (ctx->op.keymgmt.genctx == NULL)
+        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN,
+                                 EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, qbits,
+                                 NULL);
+    *p++ = OSSL_PARAM_construct_size_t(OSSL_PKEY_PARAM_FFC_QBITS, &bits2);
+    *p = OSSL_PARAM_construct_end();
+
+    return EVP_PKEY_CTX_set_params(ctx, params);
+}
+
+int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen)
+{
+    int ret;
+    OSSL_PARAM params[2], *p = params;
+
+    if ((ret = dh_paramgen_check(ctx)) <= 0)
+        return ret;
+
+    /* TODO(3.0): Remove this eventually when no more legacy */
+    if (ctx->op.keymgmt.genctx == NULL)
+        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN,
+                                 EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL);
+    *p++ = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_DH_GENERATOR, &gen);
+    *p = OSSL_PARAM_construct_end();
+
+    return EVP_PKEY_CTX_set_params(ctx, params);
+}
+
+int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int gen)
+{
+    int ret;
+    OSSL_PARAM params[2], *p = params;
+    const char *name;
+
+    if ((ret = dh_paramgen_check(ctx)) <= 0)
+        return ret;
+
+    /* TODO(3.0): Remove this eventually when no more legacy */
+    if (ctx->op.keymgmt.genctx == NULL)
+        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN,
+                                 EVP_PKEY_CTRL_DH_RFC5114, gen, NULL);
+    name = ffc_named_group_from_uid(gen);
+    if (name == NULL)
+        return 0;
+
+    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
+                                            (void *)name, 0);
+    *p = OSSL_PARAM_construct_end();
+    return EVP_PKEY_CTX_set_params(ctx, params);
+}
+
+int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int gen)
+{
+    return EVP_PKEY_CTX_set_dh_rfc5114(ctx, gen);
+}
+
+int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid)
+{
+    int ret;
+    OSSL_PARAM params[2], *p = params;
+    const char *name;
+
+    if ((ret = dh_paramgen_check(ctx)) <= 0)
+        return ret;
+
+    /* TODO(3.0): Remove this eventually when no more legacy */
+    if (ctx->op.keymgmt.genctx == NULL)
+        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH,
+                                 EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
+                                 EVP_PKEY_CTRL_DH_NID, nid, NULL);
+    name = ffc_named_group_from_uid(nid);
+    if (name == NULL)
+        return 0;
+
+    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
+                                            (void *)name, 0);
+    *p = OSSL_PARAM_construct_end();
+    return EVP_PKEY_CTX_set_params(ctx, params);
+}
+
+int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf)
+{
+    int ret;
+    const char *kdf_type;
+    OSSL_PARAM params[2], *p = params;
+
+    ret = dh_param_derive_check(ctx);
+    if (ret != 1)
+        return ret;
+
+    /* TODO(3.0): Remove this eventually when no more legacy */
+    if (ctx->op.kex.exchprovctx == NULL)
+        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE,
+                                 EVP_PKEY_CTRL_DH_KDF_TYPE, kdf, NULL);
+    switch (kdf) {
+        case EVP_PKEY_DH_KDF_NONE:
+            kdf_type = "";
+            break;
+        case EVP_PKEY_DH_KDF_X9_42:
+            kdf_type = OSSL_KDF_NAME_X942KDF;
+            break;
+        default:
+            return -2;
+    }
+    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_TYPE,
+                                            /*
+                                             * Cast away the const. This is read
+                                             * only so should be safe
+                                             */
+                                            (char *)kdf_type, 0);
+    *p = OSSL_PARAM_construct_end();
+
+    ret = evp_pkey_ctx_set_params_strict(ctx, params);
+    if (ret == -2) {
+        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
+        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
+        return -2;
+    }
+
+    return ret;
+}
+
+int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx)
+{
+    int ret;
+    char kdf_type[80]; /* 80 should be big enough */
+    OSSL_PARAM params[2], *p = params;
+
+    ret = dh_param_derive_check(ctx);
+    if (ret != 1)
+        return ret;
+
+    /* TODO(3.0): Remove this eventually when no more legacy */
+    if (ctx->op.kex.exchprovctx == NULL)
+        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE,
+                                 EVP_PKEY_CTRL_DH_KDF_TYPE, -2, NULL);
+    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_TYPE,
+                                            kdf_type, sizeof(kdf_type));
+    *p = OSSL_PARAM_construct_end();
+
+    ret = evp_pkey_ctx_get_params_strict(ctx, params);
+    if (ret == -2) {
+        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
+        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
+        return -2;
+    } else if (ret != 1) {
+        return -1;
+    }
+
+    if (kdf_type[0] == '\0')
+        return EVP_PKEY_DH_KDF_NONE;
+    else if (strcmp(kdf_type, OSSL_KDF_NAME_X942KDF) == 0)
+        return EVP_PKEY_DH_KDF_X9_42;
+
+    return -1;
+}
+
+int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid)
+{
+    int ret;
+    OSSL_PARAM params[2], *p = params;
+    const char *oid_name;
+
+    ret = dh_param_derive_check(ctx);
+    if (ret != 1)
+        return ret;
+
+    /* TODO(3.0): Remove this eventually when no more legacy */
+    if (ctx->op.kex.exchprovctx == NULL)
+        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE,
+                                 EVP_PKEY_CTRL_DH_KDF_OID, 0, (void *)(oid));
+    oid_name = OBJ_nid2sn(OBJ_obj2nid(oid));
+
+    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CEK_ALG,
+                                            (char *)oid_name, 0);
+    *p = OSSL_PARAM_construct_end();
+    ret = evp_pkey_ctx_set_params_strict(ctx, params);
+    if (ret == -2) {
+        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
+        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
+        return -2;
+    }
+
+    return ret;
+}
+
+int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid)
+{
+    int ret, nid;
+    OSSL_PARAM params[2], *p = params;
+    char oid_name[80]; /* 80 should be big enough */
+
+    ret = dh_param_derive_check(ctx);
+    if (ret != 1)
+        return ret;
+
+    /* TODO(3.0): Remove this eventually when no more legacy */
+    if (ctx->op.kex.exchprovctx == NULL)
+        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE,
+                                 EVP_PKEY_CTRL_GET_DH_KDF_OID, 0, (void *)(oid));
+    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CEK_ALG,
+                                            oid_name, sizeof(oid_name));
+    *p = OSSL_PARAM_construct_end();
+
+    ret = evp_pkey_ctx_get_params_strict(ctx, params);
+    if (ret == -2) {
+        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
+        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
+        return -2;
+    } else if (ret != 1) {
+        return -1;
+    }
+    nid = OBJ_sn2nid(oid_name);
+    if (nid == NID_undef)
+        nid = OBJ_ln2nid(oid_name);
+    *oid = (nid == NID_undef ? NULL : OBJ_nid2obj(nid));
+    return *oid != NULL;
+}
+
+int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
+{
+    int ret;
+    OSSL_PARAM params[2], *p = params;
+    const char *md_name = NULL;
+
+    ret = dh_param_derive_check(ctx);
+    if (ret != 1)
+        return ret;
+
+    /* TODO(3.0): Remove this eventually when no more legacy */
+    if (ctx->op.kex.exchprovctx == NULL)
+        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE,
+                                 EVP_PKEY_CTRL_DH_KDF_MD, 0, (void *)(md));
+    md_name = (md == NULL) ? "" : EVP_MD_name(md);
+
+    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST,
+                                            /*
+                                             * Cast away the const. This is read
+                                             * only so should be safe
+                                             */
+                                            (char *)md_name, 0);
+    *p = OSSL_PARAM_construct_end();
+
+    ret = evp_pkey_ctx_set_params_strict(ctx, params);
+    if (ret == -2) {
+        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
+        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
+        return -2;
+    }
+    return ret;
+}
+
+int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd)
+{
+    int ret;
+    char name[80] = "";  /* 80 should be big enough */
+    OSSL_PARAM params[2], *p = params;
+
+    ret = dh_param_derive_check(ctx);
+    if (ret != 1)
+        return ret;
+
+    /* TODO(3.0): Remove this eventually when no more legacy */
+    if (ctx->op.kex.exchprovctx == NULL)
+        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE,
+                                 EVP_PKEY_CTRL_GET_DH_KDF_MD, 0, (void *)(pmd));
+    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST,
+                                            name, sizeof(name));
+    *p = OSSL_PARAM_construct_end();
+
+    ret = evp_pkey_ctx_get_params_strict(ctx, params);
+    if (ret == -2) {
+        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
+        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
+        return -2;
+    } else if (ret != 1) {
+        return -1;
+    }
+
+    /* May be NULL meaning "unknown" */
+    *pmd = EVP_get_digestbyname(name);
+
+    return 1;
+}
+
+int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int inlen)
+{
+    int ret;
+    size_t len = inlen;
+    OSSL_PARAM params[2], *p = params;
+
+    ret = dh_param_derive_check(ctx);
+    if (ret != 1)
+        return ret;
+
+    /* TODO(3.0): Remove this eventually when no more legacy */
+    if (ctx->op.kex.exchprovctx == NULL)
+        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE,
+                                 EVP_PKEY_CTRL_DH_KDF_OUTLEN, inlen, NULL);
+    if (inlen <= 0) {
+        /*
+         * This would ideally be -1 or 0, but we have to retain compatibility
+         * with legacy behaviour of EVP_PKEY_CTX_ctrl() which returned -2 if
+         * in <= 0
+         */
+        return -2;
+    }
+
+    *p++ = OSSL_PARAM_construct_size_t(OSSL_EXCHANGE_PARAM_KDF_OUTLEN,
+                                       &len);
+    *p = OSSL_PARAM_construct_end();
+
+    ret = evp_pkey_ctx_set_params_strict(ctx, params);
+    if (ret == -2) {
+        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
+        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
+        return -2;
+    }
+    return ret;
+}
+
+int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *plen)
+{
+    int ret;
+    size_t len = UINT_MAX;
+    OSSL_PARAM params[2], *p = params;
+
+    ret = dh_param_derive_check(ctx);
+    if (ret != 1)
+        return ret;
+
+    /* TODO(3.0): Remove this eventually when no more legacy */
+    if (ctx->op.kex.exchprovctx == NULL)
+        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE,
+                                 EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, 0,
+                                 (void *)(plen));
+    *p++ = OSSL_PARAM_construct_size_t(OSSL_EXCHANGE_PARAM_KDF_OUTLEN,
+                                       &len);
+    *p = OSSL_PARAM_construct_end();
+
+    ret = evp_pkey_ctx_get_params_strict(ctx, params);
+    if (ret == -2) {
+        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
+        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
+        return -2;
+    } else if (ret != 1) {
+        return -1;
+    }
+
+    if (len > INT_MAX)
+        return -1;
+
+    *plen = (int)len;
+
+    return 1;
+}
+
+int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len)
+{
+    int ret;
+    OSSL_PARAM params[2], *p = params;
+
+    ret = dh_param_derive_check(ctx);
+    if (ret != 1)
+        return ret;
+
+    /* TODO(3.0): Remove this eventually when no more legacy */
+    if (ctx->op.kex.exchprovctx == NULL)
+        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE,
+                                 EVP_PKEY_CTRL_DH_KDF_UKM, len, (void *)(ukm));
+
+    *p++ = OSSL_PARAM_construct_octet_string(OSSL_EXCHANGE_PARAM_KDF_UKM,
+                                            /*
+                                             * Cast away the const. This is read
+                                             * only so should be safe
+                                             */
+                                            (void *)ukm,
+                                            (size_t)len);
+    *p = OSSL_PARAM_construct_end();
+
+    ret = evp_pkey_ctx_set_params_strict(ctx, params);
+    if (ret == -2) {
+        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
+        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
+        return -2;
+    }
+    if (ret == 1)
+        OPENSSL_free(ukm);
+    return ret;
+}
+
+int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **pukm)
+{
+    int ret;
+    size_t ukmlen;
+    OSSL_PARAM params[3], *p = params;
+
+    ret = dh_param_derive_check(ctx);
+    if (ret != 1)
+        return ret;
+
+    /* TODO(3.0): Remove this eventually when no more legacy */
+    if (ctx->op.kex.exchprovctx == NULL)
+        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE,
+                                 EVP_PKEY_CTRL_GET_DH_KDF_UKM, 0, (void *)(pukm));
+
+    *p++ = OSSL_PARAM_construct_octet_ptr(OSSL_EXCHANGE_PARAM_KDF_UKM,
+                                          (void **)pukm, 0);
+    *p++ = OSSL_PARAM_construct_size_t(OSSL_EXCHANGE_PARAM_KDF_UKM_LEN,
+                                       &ukmlen);
+    *p = OSSL_PARAM_construct_end();
+
+    ret = evp_pkey_ctx_get_params_strict(ctx, params);
+    if (ret == -2) {
+        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
+        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
+        return -2;
+    } else if (ret != 1) {
+        return -1;
+    }
+
+    if (ukmlen > INT_MAX)
+        return -1;
+
+    return (int)ukmlen;
+}
diff --git a/crypto/dh/dh_kdf.c b/crypto/dh/dh_kdf.c
index 1b8a320db1..0b1e5881c3 100644
--- a/crypto/dh/dh_kdf.c
+++ b/crypto/dh/dh_kdf.c
@@ -14,40 +14,34 @@
 #include "internal/deprecated.h"
 
 #include "e_os.h"
+#include "e_os.h"
+#include <string.h>
+#include <openssl/core_names.h>
+#include <openssl/dh.h>
+#include <openssl/evp.h>
+#include <openssl/asn1.h>
+#include <openssl/kdf.h>
+#include <internal/provider.h>
+#include <crypto/dh.h>
 
-#ifndef OPENSSL_NO_CMS
-# include <string.h>
-# include <openssl/core_names.h>
-# include <openssl/dh.h>
-# include <openssl/evp.h>
-# include <openssl/asn1.h>
-# include <openssl/kdf.h>
-# include <internal/provider.h>
-
-int DH_KDF_X9_42(unsigned char *out, size_t outlen,
-                 const unsigned char *Z, size_t Zlen,
-                 ASN1_OBJECT *key_oid,
-                 const unsigned char *ukm, size_t ukmlen, const EVP_MD *md)
+/* Key derivation function from X9.63/SECG */
+int dh_KDF_X9_42_asn1(unsigned char *out, size_t outlen,
+                      const unsigned char *Z, size_t Zlen,
+                      const char *cek_alg,
+                      const unsigned char *ukm, size_t ukmlen, const EVP_MD *md,
+                      OPENSSL_CTX *libctx, const char *propq)
 {
-    int ret = 0, nid;
+    int ret = 0;
     EVP_KDF_CTX *kctx = NULL;
     EVP_KDF *kdf = NULL;
-    const char *oid_sn;
     OSSL_PARAM params[5], *p = params;
     const char *mdname = EVP_MD_name(md);
-    const OSSL_PROVIDER *prov = EVP_MD_provider(md);
-    OPENSSL_CTX *provctx = ossl_provider_library_context(prov);
 
-    nid = OBJ_obj2nid(key_oid);
-    if (nid == NID_undef)
-        return 0;
-    oid_sn = OBJ_nid2sn(nid);
-    if (oid_sn == NULL)
-        return 0;
-
-    kdf = EVP_KDF_fetch(provctx, OSSL_KDF_NAME_X942KDF, NULL);
-    if ((kctx = EVP_KDF_CTX_new(kdf)) == NULL)
+    kdf = EVP_KDF_fetch(libctx, OSSL_KDF_NAME_X942KDF, propq);
+    kctx = EVP_KDF_CTX_new(kdf);
+    if (kctx == NULL)
         goto err;
+
     *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
                                             (char *)mdname, 0);
     *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
@@ -56,13 +50,35 @@ int DH_KDF_X9_42(unsigned char *out, size_t outlen,
         *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_UKM,
                                                  (unsigned char *)ukm, ukmlen);
     *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CEK_ALG,
-                                            (char *)oid_sn, 0);
+                                            (char *)cek_alg, 0);
     *p = OSSL_PARAM_construct_end();
     ret = EVP_KDF_CTX_set_params(kctx, params) > 0
-        && EVP_KDF_derive(kctx, out, outlen) > 0;
+          && EVP_KDF_derive(kctx, out, outlen) > 0;
 err:
     EVP_KDF_CTX_free(kctx);
     EVP_KDF_free(kdf);
     return ret;
 }
-#endif /* OPENSSL_NO_CMS */
+
+#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_CMS)
+int DH_KDF_X9_42(unsigned char *out, size_t outlen,
+                 const unsigned char *Z, size_t Zlen,
+                 ASN1_OBJECT *key_oid,
+                 const unsigned char *ukm, size_t ukmlen, const EVP_MD *md)
+{
+    int nid;
+    const char *key_alg = NULL;
+    const OSSL_PROVIDER *prov = EVP_MD_provider(md);
+    OPENSSL_CTX *libctx = ossl_provider_library_context(prov);
+
+    nid = OBJ_obj2nid(key_oid);
+    if (nid == NID_undef)
+        return 0;
+    key_alg = OBJ_nid2sn(nid);
+    if (key_alg == NULL)
+        return 0;
+
+    return dh_KDF_X9_42_asn1(out, outlen, Z, Zlen, key_alg,
+                             ukm, ukmlen, md, libctx, NULL);
+}
+#endif /* !defined(FIPS_MODULE) && !defined(OPENSSL_NO_CMS) */
diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c
index 2a3921a137..a6f4e64137 100644
--- a/crypto/dh/dh_lib.c
+++ b/crypto/dh/dh_lib.c
@@ -344,195 +344,3 @@ int dh_ffc_params_fromdata(DH *dh, const OSSL_PARAM params[])
     }
     return ret;
 }
-
-static int dh_paramgen_check(EVP_PKEY_CTX *ctx)
-{
-    if (ctx == NULL || !EVP_PKEY_CTX_IS_GEN_OP(ctx)) {
-        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
-        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
-        return -2;
-    }
-    /* If key type not DH return error */
-    if (ctx->pmeth != NULL
-        && ctx->pmeth->pkey_id != EVP_PKEY_DH
-        && ctx->pmeth->pkey_id != EVP_PKEY_DHX)
-        return -1;
-    return 1;
-}
-
-int EVP_PKEY_CTX_set_dh_paramgen_gindex(EVP_PKEY_CTX *ctx, int gindex)
-{
-    int ret;
-    OSSL_PARAM params[2], *p = params;
-
-    if ((ret = dh_paramgen_check(ctx)) <= 0)
-        return ret;
-
-    *p++ = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_FFC_GINDEX, &gindex);
-    *p++ = OSSL_PARAM_construct_end();
-
-    return EVP_PKEY_CTX_set_params(ctx, params);
-}
-
-int EVP_PKEY_CTX_set_dh_paramgen_seed(EVP_PKEY_CTX *ctx,
-                                      const unsigned char *seed,
-                                      size_t seedlen)
-{
-    int ret;
-    OSSL_PARAM params[2], *p = params;
-
-    if ((ret = dh_paramgen_check(ctx)) <= 0)
-        return ret;
-
-    *p++ = OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_FFC_SEED,
-                                             (void *)seed, seedlen);
-    *p++ = OSSL_PARAM_construct_end();
-
-    return EVP_PKEY_CTX_set_params(ctx, params);
-}
-
-int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int typ)
-{
-    int ret;
-    OSSL_PARAM params[2], *p = params;
-    const char *name;
-
-    if ((ret = dh_paramgen_check(ctx)) <= 0)
-        return ret;
-
-#if !defined(FIPS_MODULE)
-    /* TODO(3.0): Remove this eventually when no more legacy */
-    if (ctx->op.keymgmt.genctx == NULL)
-        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN,
-                                 EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, typ, NULL);
-#endif
-
-    name = dh_gen_type_id2name(typ);
-    if (name == NULL)
-        return 0;
-    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_FFC_TYPE,
-                                            (char *) name, 0);
-    *p++ = OSSL_PARAM_construct_end();
-
-    return EVP_PKEY_CTX_set_params(ctx, params);
-}
-
-int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int pbits)
-{
-    int ret;
-    OSSL_PARAM params[2], *p = params;
-    size_t bits = pbits;
-
-    if ((ret = dh_paramgen_check(ctx)) <= 0)
-        return ret;
-
-#if !defined(FIPS_MODULE)
-    /* TODO(3.0): Remove this eventually when no more legacy */
-    if (ctx->op.keymgmt.genctx == NULL)
-        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN,
-                                 EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, pbits,
-                                 NULL);
-#endif
-    *p++ = OSSL_PARAM_construct_size_t(OSSL_PKEY_PARAM_FFC_PBITS, &bits);
-    *p++ = OSSL_PARAM_construct_end();
-    return EVP_PKEY_CTX_set_params(ctx, params);
-}
-
-int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int qbits)
-{
-    int ret;
-    OSSL_PARAM params[2], *p = params;
-    size_t bits2 = qbits;
-
-    if ((ret = dh_paramgen_check(ctx)) <= 0)
-        return ret;
-
-#if !defined(FIPS_MODULE)
-    /* TODO(3.0): Remove this eventually when no more legacy */
-    if (ctx->op.keymgmt.genctx == NULL)
-        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN,
-                                 EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, qbits,
-                                 NULL);
-#endif
-    *p++ = OSSL_PARAM_construct_size_t(OSSL_PKEY_PARAM_FFC_QBITS, &bits2);
-    *p++ = OSSL_PARAM_construct_end();
-
-    return EVP_PKEY_CTX_set_params(ctx, params);
-}
-
-int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen)
-{
-    int ret;
-    OSSL_PARAM params[2], *p = params;
-
-    if ((ret = dh_paramgen_check(ctx)) <= 0)
-        return ret;
-
-#if !defined(FIPS_MODULE)
-    /* TODO(3.0): Remove this eventually when no more legacy */
-    if (ctx->op.keymgmt.genctx == NULL)
-        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN,
-                                 EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL);
-#endif
-
-    *p++ = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_DH_GENERATOR, &gen);
-    *p++ = OSSL_PARAM_construct_end();
-
-    return EVP_PKEY_CTX_set_params(ctx, params);
-}
-
-int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int gen)
-{
-    int ret;
-    OSSL_PARAM params[2], *p = params;
-    const char *name;
-
-    if ((ret = dh_paramgen_check(ctx)) <= 0)
-        return ret;
-
-#if !defined(FIPS_MODULE)
-    /* TODO(3.0): Remove this eventually when no more legacy */
-    if (ctx->op.keymgmt.genctx == NULL)
-        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN,
-                                 EVP_PKEY_CTRL_DH_RFC5114, gen, NULL);
-#endif
-    name = ffc_named_group_from_uid(gen);
-    if (name == NULL)
-        return 0;
-
-    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
-                                            (void *)name, 0);
-    *p++ = OSSL_PARAM_construct_end();
-    return EVP_PKEY_CTX_set_params(ctx, params);
-}
-
-int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int gen)
-{
-    return EVP_PKEY_CTX_set_dh_rfc5114(ctx, gen);
-}
-
-int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid)
-{
-    int ret;
-    OSSL_PARAM params[2], *p = params;
-    const char *name;
-
-    if ((ret = dh_paramgen_check(ctx)) <= 0)
-        return ret;
-
-#if !defined(FIPS_MODULE)
-    /* TODO(3.0): Remove this eventually when no more legacy */
-    if (ctx->op.keymgmt.genctx == NULL)
-        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH,
-                                 EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
-                                 EVP_PKEY_CTRL_DH_NID, nid, NULL);
-#endif
-    name = ffc_named_group_from_uid(nid);
-    if (name == NULL)
-        return 0;
-
-    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
-                                            (void *)name, 0);
-    *p++ = OSSL_PARAM_construct_end();
-    return EVP_PKEY_CTX_set_params(ctx, params);
-}
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index 2563cd97ca..b057669a2d 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -1001,6 +1001,8 @@ int EVP_PKEY_is_a(const EVP_PKEY *pkey, const char *name)
 #ifndef OPENSSL_NO_DH
         else if (strcasecmp(name, "DH") == 0)
             type = EVP_PKEY_DH;
+        else if (strcasecmp(name, "X9.42 DH") == 0)
+            type = EVP_PKEY_DHX;
 #endif
 #ifndef OPENSSL_NO_DSA
         else if (strcasecmp(name, "DSA") == 0)
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 6f2f52912b..ba85a8c143 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -150,7 +150,6 @@ static int is_legacy_alg(int id, const char *keytype)
      * support
      */
     case EVP_PKEY_SM2:
-    case EVP_PKEY_DHX:
     case EVP_PKEY_CMAC:
     case EVP_PKEY_HMAC:
     case EVP_PKEY_SIPHASH:
@@ -1040,6 +1039,28 @@ static int legacy_ctrl_to_param(EVP_PKEY_CTX *ctx, int keytype, int optype,
         return -2;
 
 # ifndef OPENSSL_NO_DH
+    if (keytype == EVP_PKEY_DHX) {
+        switch (cmd) {
+        case EVP_PKEY_CTRL_DH_KDF_TYPE:
+            return EVP_PKEY_CTX_set_dh_kdf_type(ctx, p1);
+        case EVP_PKEY_CTRL_DH_KDF_MD:
+            return EVP_PKEY_CTX_set_dh_kdf_md(ctx, p2);
+        case EVP_PKEY_CTRL_DH_KDF_OUTLEN:
+            return EVP_PKEY_CTX_set_dh_kdf_outlen(ctx, p1);
+        case EVP_PKEY_CTRL_DH_KDF_UKM:
+            return EVP_PKEY_CTX_set0_dh_kdf_ukm(ctx, p2, p1);
+        case EVP_PKEY_CTRL_DH_KDF_OID:
+            return EVP_PKEY_CTX_set0_dh_kdf_oid(ctx, p2);
+        case EVP_PKEY_CTRL_GET_DH_KDF_MD:
+            return EVP_PKEY_CTX_get_dh_kdf_md(ctx, p2);
+        case EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN:
+            return EVP_PKEY_CTX_get_dh_kdf_outlen(ctx, p2);
+        case EVP_PKEY_CTRL_GET_DH_KDF_UKM:
+            return EVP_PKEY_CTX_get0_dh_kdf_ukm(ctx, p2);
+        case EVP_PKEY_CTRL_GET_DH_KDF_OID:
+            return EVP_PKEY_CTX_get0_dh_kdf_oid(ctx, p2);
+        }
+    }
     if (keytype == EVP_PKEY_DH) {
         switch (cmd) {
             case EVP_PKEY_CTRL_DH_PAD:
diff --git a/doc/man3/EVP_PKEY_CTX_ctrl.pod b/doc/man3/EVP_PKEY_CTX_ctrl.pod
index bd98a2f1d7..9e6b6de443 100644
--- a/doc/man3/EVP_PKEY_CTX_ctrl.pod
+++ b/doc/man3/EVP_PKEY_CTX_ctrl.pod
@@ -369,41 +369,39 @@ negotiated protocol version. Otherwise it should be left unset.
 
 =head2 DSA parameters
 
-The EVP_PKEY_CTX_set_dsa_paramgen_bits() method sets the number of bits used
-for DSA parameter generation to I<nbits>. If not specified, 2048 is used.
+EVP_PKEY_CTX_set_dsa_paramgen_bits() sets the number of bits used for DSA
+parameter generation to B<nbits>. If not specified, 2048 is used.
 
-The EVP_PKEY_CTX_set_dsa_paramgen_q_bits() method sets the number of bits in the
-subprime parameter I<q> for DSA parameter generation to I<qbits>. If not
-specified, 224 is used. If a digest function is specified below, this parameter
-is ignored and instead, the number of bits in I<q> matches the size of the
-digest.
+EVP_PKEY_CTX_set_dsa_paramgen_q_bits() sets the number of bits in the subprime
+parameter I<q> for DSA parameter generation to I<qbits>. If not specified, 224
+is used. If a digest function is specified below, this parameter is ignored and
+instead, the number of bits in I<q> matches the size of the digest.
 
-The EVP_PKEY_CTX_set_dsa_paramgen_md() method sets the digest function used for
-DSA parameter generation to I<md>. If not specified, one of SHA-1, SHA-224, or
+EVP_PKEY_CTX_set_dsa_paramgen_md() sets the digest function used for DSA
+parameter generation to I<md>. If not specified, one of SHA-1, SHA-224, or
 SHA-256 is selected to match the bit length of I<q> above.
 
-The EVP_PKEY_CTX_set_dsa_paramgen_md_props() method sets the digest function
-used for DSA parameter generation using I<md_name> and I<md_properties> to
-retrieve the digest from a provider.
+EVP_PKEY_CTX_set_dsa_paramgen_md_props() sets the digest function used for DSA
+parameter generation using I<md_name> and I<md_properties> to retrieve the
+digest from a provider.
 If not specified, I<md_name> will be set to one of SHA-1, SHA-224, or
 SHA-256 depending on the bit length of I<q> above. I<md_properties> is a
 property query string that has a default value of '' if not specified.
 
-The EVP_PKEY_CTX_set_dsa_paramgen_gindex() method sets the I<gindex> used by
-the generator G. The default value is -1 which uses unverifiable g, otherwise
-a positive value uses verifiable g. This value must be saved if key validation
-of g is required, since it is not part of a persisted key.
+EVP_PKEY_CTX_set_dsa_paramgen_gindex() sets the I<gindex> used by the generator
+G. The default value is -1 which uses unverifiable g, otherwise a positive value
+uses verifiable g. This value must be saved if key validation of g is required,
+since it is not part of a persisted key.
 
-The EVP_PKEY_CTX_set_dsa_paramgen_seed() method sets the I<seed> to use for
-generation rather than using a randomly generated value for the seed. This is
-useful for testing purposes only and can fail if the seed does not produce
-primes for both p & q on its first iteration. This value must be saved if
-key validation of p, q, and verifiable g are required, since it is not part of
-a persisted key.
+EVP_PKEY_CTX_set_dsa_paramgen_seed() sets the I<seed> to use for generation
+rather than using a randomly generated value for the seed. This is useful for
+testing purposes only and can fail if the seed does not produce primes for both
+p & q on its first iteration. This value must be saved if key validation of
+p, q, and verifiable g are required, since it is not part of a persisted key.
 
-The EVP_PKEY_CTX_set_dsa_paramgen_type() method sets the generation type to
-use FIPS186-4 generation if I<name> is "fips186_4", or FIPS186-2 generation if
-I<name> is "fips186_2". The default value is "fips186_4".
+EVP_PKEY_CTX_set_dsa_paramgen_type() sets the generation type to use FIPS186-4
+generation if I<name> is "fips186_4", or FIPS186-2 generation if I<name> is
+"fips186_2". The default value is "fips186_4".
 
 =head2 DH parameters
 
@@ -445,17 +443,16 @@ Uses a safe prime generator g (PKCS#3 format).
 
 The default is B<DH_PARAMGEN_TYPE_GENERATOR>.
 
-The EVP_PKEY_CTX_set_dh_paramgen_gindex() method sets the I<gindex> used by
-the generator G. The default value is -1 which uses unverifiable g, otherwise
-a positive value uses verifiable g. This value must be saved if key validation
-of g is required, since it is not part of a persisted key.
+EVP_PKEY_CTX_set_dh_paramgen_gindex() sets the I<gindex> used by the generator G.
+The default value is -1 which uses unverifiable g, otherwise a positive value
+uses verifiable g. This value must be saved if key validation of g is required,
+since it is not part of a persisted key.
 
-The EVP_PKEY_CTX_set_dh_paramgen_seed() method sets the I<seed> to use for
-generation rather than using a randomly generated value for the seed. This is
-useful for testing purposes only and can fail if the seed does not produce
-primes for both p & q on its first iteration. This value must be saved if
-key validation of p, q, and verifiable g are required, since it is not part of
-a persisted key.
+EVP_PKEY_CTX_set_dh_paramgen_seed() sets the I<seed> to use for generation
+rather than using a randomly generated value for the seed. This is useful for
+testing purposes only and can fail if the seed does not produce primes for both
+p & q on its first iteration. This value must be saved if key validation of p, q,
+and verifiable g are required, since it is not part of a persisted key.
 
 The EVP_PKEY_CTX_set_dh_pad() function sets the DH padding mode.
 If I<pad> is 1 the shared secret is padded with zeros up to the size of the DH
@@ -486,47 +483,47 @@ EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret.
 The KDF output is typically used as a Key Encryption Key (KEK) that in turn
 encrypts a Content Encryption Key (CEK).
 
-The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type
-to I<kdf> for DH key derivation. Possible values are B<EVP_PKEY_DH_KDF_NONE>
-and B<EVP_PKEY_DH_KDF_X9_42> which uses the key derivation specified in RFC2631
+EVP_PKEY_CTX_set_dh_kdf_type() sets the key derivation function type to I<kdf>
+for DH key derivation. Possible values are B<EVP_PKEY_DH_KDF_NONE> and
+B<EVP_PKEY_DH_KDF_X9_42> which uses the key derivation specified in RFC2631
 (based on the keying algorithm described in X9.42). When using key derivation,
 the I<kdf_oid>, I<kdf_md> and I<kdf_outlen> parameters must also be specified.
 
-The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type
-for I<ctx> used for DH key derivation. Possible values are B<EVP_PKEY_DH_KDF_NONE>
-and B<EVP_PKEY_DH_KDF_X9_42>.
+EVP_PKEY_CTX_get_dh_kdf_type() gets the key derivation function type for I<ctx>
+used for DH key derivation. Possible values are B<EVP_PKEY_DH_KDF_NONE> and
+B<EVP_PKEY_DH_KDF_X9_42>.
 
-The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function
-object identifier to I<oid> for DH key derivation. This OID should identify
-the algorithm to be used with the Content Encryption Key.
+EVP_PKEY_CTX_set0_dh_kdf_oid() sets the key derivation function object
+identifier to I<oid> for DH key derivation. This OID should identify the
+algorithm to be used with the Content Encryption Key.
 The library takes ownership of the object identifier so the caller should not
 free the original memory pointed to by I<oid>.
 
-The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid
-for I<ctx> used for DH key derivation. The resulting pointer is owned by the
-library and should not be freed by the caller.
+EVP_PKEY_CTX_get0_dh_kdf_oid() gets the key derivation function oid for I<ctx>
+used for DH key derivation. The resulting pointer is owned by the library and
+should not be freed by the caller.
 
-The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function
-message digest to I<md> for DH key derivation. Note that RFC2631 specifies
-that this digest should be SHA1 but OpenSSL tolerates other digests.
+EVP_PKEY_CTX_set_dh_kdf_md() sets the key derivation function message digest to
+I<md> for DH key derivation. Note that RFC2631 specifies that this digest should
+be SHA1 but OpenSSL tolerates other digests.
 
-The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function
-message digest for I<ctx> used for DH key derivation.
+EVP_PKEY_CTX_get_dh_kdf_md() gets the key derivation function message digest for
+I<ctx> used for DH key derivation.
 
-The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function
-output length to I<len> for DH key derivation.
+EVP_PKEY_CTX_set_dh_kdf_outlen() sets the key derivation function output length
+to I<len> for DH key derivation.
 
-The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function
-output length for I<ctx> used for DH key derivation.
+EVP_PKEY_CTX_get_dh_kdf_outlen() gets the key derivation function output length
+for I<ctx> used for DH key derivation.
 
-The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to
-I<ukm> and its length to I<len> for DH key derivation. This parameter is optional
-and corresponds to the partyAInfo field in RFC2631 terms. The specification
+EVP_PKEY_CTX_set0_dh_kdf_ukm() sets the user key material to I<ukm> and its
+length to I<len> for DH key derivation. This parameter is optional and
+corresponds to the partyAInfo field in RFC2631 terms. The specification
 requires that it is 512 bits long but this is not enforced by OpenSSL.
 The library takes ownership of the user key material so the caller should not
 free the original memory pointed to by I<ukm>.
 
-The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for I<ctx>.
+EVP_PKEY_CTX_get0_dh_kdf_ukm() gets the user key material for I<ctx>.
 The return value is the user key material length. The resulting pointer is owned
 by the library and should not be freed by the caller.
 
@@ -641,7 +638,12 @@ EVP_PKEY_CTX_set_rsa_mgf1_md(), EVP_PKEY_CTX_set_rsa_oaep_md(),
 EVP_PKEY_CTX_get_rsa_oaep_md(), EVP_PKEY_CTX_set0_rsa_oaep_label(),
 EVP_PKEY_CTX_get0_rsa_oaep_label(), EVP_PKEY_CTX_set_rsa_pss_saltlen(),
 EVP_PKEY_CTX_get_rsa_pss_saltlen(), EVP_PKEY_CTX_set_dsa_paramgen_bits(),
-EVP_PKEY_CTX_set_dsa_paramgen_q_bits() and EVP_PKEY_CTX_set_dsa_paramgen_md()
+EVP_PKEY_CTX_set_dsa_paramgen_q_bits(), EVP_PKEY_CTX_set_dsa_paramgen_md().
+EVP_PKEY_CTX_set_dh_kdf_type(), EVP_PKEY_CTX_get_dh_kdf_type(),
+EVP_PKEY_CTX_set0_dh_kdf_oid(), EVP_PKEY_CTX_get0_dh_kdf_oid(),
+EVP_PKEY_CTX_set_dh_kdf_md(), EVP_PKEY_CTX_get_dh_kdf_md(),
+EVP_PKEY_CTX_set_dh_kdf_outlen(), EVP_PKEY_CTX_get_dh_kdf_outlen(),
+EVP_PKEY_CTX_set0_dh_kdf_ukm() and EVP_PKEY_CTX_get0_dh_kdf_ukm()
 were macros in OpenSSL 1.1.1 and below.
 From OpenSSL 3.0 they are functions.
 
diff --git a/include/crypto/dh.h b/include/crypto/dh.h
index 22847dd1e0..fa0d70dbd4 100644
--- a/include/crypto/dh.h
+++ b/include/crypto/dh.h
@@ -35,3 +35,9 @@ const DH_METHOD *dh_get_method(const DH *dh);
 
 int dh_buf2key(DH *key, const unsigned char *buf, size_t len);
 size_t dh_key2buf(const DH *dh, unsigned char **pbuf, size_t size, int alloc);
+
+int dh_KDF_X9_42_asn1(unsigned char *out, size_t outlen,
+                      const unsigned char *Z, size_t Zlen,
+                      const char *cek_alg,
+                      const unsigned char *ukm, size_t ukmlen, const EVP_MD *md,
+                      OPENSSL_CTX *libctx, const char *propq);
diff --git a/include/openssl/dh.h b/include/openssl/dh.h
index 4907bc6567..4b456cff16 100644
--- a/include/openssl/dh.h
+++ b/include/openssl/dh.h
@@ -40,6 +40,10 @@ extern "C" {
 
 #  define DH_FLAG_CACHE_MONT_P     0x01
 
+#  define DH_FLAG_TYPE_MASK             0xF000
+#  define DH_FLAG_TYPE_DH               0x0000
+#  define DH_FLAG_TYPE_DHX              0x1000
+
 #  ifndef OPENSSL_NO_DEPRECATED_1_1_0
 /*
  * Does nothing. Previously this switched off constant time behaviour.
@@ -282,45 +286,16 @@ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int gen);
 int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int gen);
 int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
 
-#  define EVP_PKEY_CTX_set_dh_kdf_type(ctx, kdf) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
-                          EVP_PKEY_CTRL_DH_KDF_TYPE, kdf, NULL)
-
-#  define EVP_PKEY_CTX_get_dh_kdf_type(ctx) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
-                          EVP_PKEY_CTRL_DH_KDF_TYPE, -2, NULL)
-
-#  define EVP_PKEY_CTX_set0_dh_kdf_oid(ctx, oid) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
-                          EVP_PKEY_CTRL_DH_KDF_OID, 0, (void *)(oid))
-
-#  define EVP_PKEY_CTX_get0_dh_kdf_oid(ctx, poid) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX,  EVP_PKEY_OP_DERIVE, \
-                          EVP_PKEY_CTRL_GET_DH_KDF_OID, 0, (void *)(poid))
-
-#  define EVP_PKEY_CTX_set_dh_kdf_md(ctx, md) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
-                          EVP_PKEY_CTRL_DH_KDF_MD, 0, (void *)(md))
-
-#  define EVP_PKEY_CTX_get_dh_kdf_md(ctx, pmd) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
-                          EVP_PKEY_CTRL_GET_DH_KDF_MD, 0, (void *)(pmd))
-
-#  define EVP_PKEY_CTX_set_dh_kdf_outlen(ctx, len) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
-                          EVP_PKEY_CTRL_DH_KDF_OUTLEN, len, NULL)
-
-#  define EVP_PKEY_CTX_get_dh_kdf_outlen(ctx, plen) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
-                          EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, 0, (void *)(plen))
-
-#  define EVP_PKEY_CTX_set0_dh_kdf_ukm(ctx, p, plen) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX,  EVP_PKEY_OP_DERIVE, \
-                          EVP_PKEY_CTRL_DH_KDF_UKM, plen, (void *)(p))
-
-#  define EVP_PKEY_CTX_get0_dh_kdf_ukm(ctx, p) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX,  EVP_PKEY_OP_DERIVE, \
-                          EVP_PKEY_CTRL_GET_DH_KDF_UKM, 0, (void *)(p))
+int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
 
 #  define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN     (EVP_PKEY_ALG_CTRL + 1)
 #  define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR     (EVP_PKEY_ALG_CTRL + 2)
diff --git a/providers/defltprov.c b/providers/defltprov.c
index 00d1800c24..c34c539726 100644
--- a/providers/defltprov.c
+++ b/providers/defltprov.c
@@ -374,6 +374,7 @@ static const OSSL_ALGORITHM deflt_asym_cipher[] = {
 static const OSSL_ALGORITHM deflt_keymgmt[] = {
 #ifndef OPENSSL_NO_DH
     { "DH:dhKeyAgreement", "provider=default", dh_keymgmt_functions },
+    { "DHX:X9.42 DH:dhpublicnumber", "provider=default", dhx_keymgmt_functions },
 #endif
 #ifndef OPENSSL_NO_DSA
     { "DSA:dsaEncryption", "provider=default", dsa_keymgmt_functions },
diff --git a/providers/deserializers.inc b/providers/deserializers.inc
index e11056ee9e..2e363143b8 100644
--- a/providers/deserializers.inc
+++ b/providers/deserializers.inc
@@ -13,6 +13,7 @@
 
 #ifndef OPENSSL_NO_DH
     DESER("DH", "yes", "der", der_to_dh_deserializer_functions),
+    DESER("DHX", "yes", "der", der_to_dhx_deserializer_functions),
 #endif
 #ifndef OPENSSL_NO_DSA
     DESER("DSA", "yes", "der", der_to_dsa_deserializer_functions),
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index 4711a99b01..b29cae509c 100644
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -447,6 +447,7 @@ static const OSSL_ALGORITHM fips_asym_cipher[] = {
 static const OSSL_ALGORITHM fips_keymgmt[] = {
 #ifndef OPENSSL_NO_DH
     { "DH:dhKeyAgreement", FIPS_DEFAULT_PROPERTIES, dh_keymgmt_functions },
+    { "DHX:X9.42 DH:dhpublicnumber", FIPS_DEFAULT_PROPERTIES, dhx_keymgmt_functions },
 #endif
 #ifndef OPENSSL_NO_DSA
     { "DSA", FIPS_DEFAULT_PROPERTIES, dsa_keymgmt_functions },
diff --git a/providers/implementations/exchange/dh_exch.c b/providers/implementations/exchange/dh_exch.c
index c0cb378c12..3c3bd4dd38 100644
--- a/providers/implementations/exchange/dh_exch.c
+++ b/providers/implementations/exchange/dh_exch.c
@@ -13,10 +13,12 @@
  */
 #include "internal/deprecated.h"
 
+#include <string.h>
 #include <openssl/crypto.h>
 #include <openssl/core_dispatch.h>
 #include <openssl/core_names.h>
 #include <openssl/dh.h>
+#include <openssl/err.h>
 #include <openssl/params.h>
 #include "prov/implementations.h"
 #include "prov/provider_ctx.h"
@@ -30,6 +32,23 @@ static OSSL_FUNC_keyexch_freectx_fn dh_freectx;
 static OSSL_FUNC_keyexch_dupctx_fn dh_dupctx;
 static OSSL_FUNC_keyexch_set_ctx_params_fn dh_set_ctx_params;
 static OSSL_FUNC_keyexch_settable_ctx_params_fn dh_settable_ctx_params;
+static OSSL_FUNC_keyexch_get_ctx_params_fn dh_get_ctx_params;
+static OSSL_FUNC_keyexch_gettable_ctx_params_fn dh_gettable_ctx_params;
+
+/*
+ * This type is only really used to handle some legacy related functionality.
+ * If you need to use other KDF's (such as SSKDF) just use PROV_DH_KDF_NONE
+ * here and then create and run a KDF after the key is derived.
+ * Note that X942 has 2 variants of key derivation:
+ *   (1) DH_KDF_X9_42_ASN1 - which contains an ANS1 encoded object that has
+ *   the counter embedded in it.
+ *   (2) DH_KDF_X941_CONCAT - which is the same as ECDH_X963_KDF (which can be
+ *       done by creating a "X963KDF".
+ */
+enum kdf_type {
+    PROV_DH_KDF_NONE = 0,
+    PROV_DH_KDF_X9_42_ASN1
+};
 
 /*
  * What's passed as an actual key is defined by the KEYMGMT interface.
@@ -42,6 +61,18 @@ typedef struct {
     DH *dh;
     DH *dhpeer;
     unsigned int pad : 1;
+
+    /* DH KDF */
+    /* KDF (if any) to use for DH */
+    enum kdf_type kdf_type;
+    /* Message digest to use for key derivation */
+    EVP_MD *kdf_md;
+    /* User key material */
+    unsigned char *kdf_ukm;
+    size_t kdf_ukmlen;
+    /* KDF output length */
+    size_t kdf_outlen;
+    char *kdf_cekalg;
 } PROV_DH_CTX;
 
 static void *dh_newctx(void *provctx)
@@ -51,6 +82,7 @@ static void *dh_newctx(void *provctx)
     if (pdhctx == NULL)
         return NULL;
     pdhctx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx);
+    pdhctx->kdf_type = PROV_DH_KDF_NONE;
     return pdhctx;
 }
 
@@ -62,6 +94,7 @@ static int dh_init(void *vpdhctx, void *vdh)
         return 0;
     DH_free(pdhctx->dh);
     pdhctx->dh = vdh;
+    pdhctx->kdf_type = PROV_DH_KDF_NONE;
     return 1;
 }
 
@@ -76,8 +109,9 @@ static int dh_set_peer(void *vpdhctx, void *vdh)
     return 1;
 }
 
-static int dh_derive(void *vpdhctx, unsigned char *secret, size_t *secretlen,
-                     size_t outlen)
+static int dh_plain_derive(void *vpdhctx,
+                           unsigned char *secret, size_t *secretlen,
+                           size_t outlen)
 {
     PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;
     int ret;
@@ -108,12 +142,74 @@ static int dh_derive(void *vpdhctx, unsigned char *secret, size_t *secretlen,
     return 1;
 }
 
+static int dh_X9_42_kdf_derive(void *vpdhctx, unsigned char *secret,
+                               size_t *secretlen, size_t outlen)
+{
+    PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;
+    unsigned char *stmp = NULL;
+    size_t stmplen;
+    int ret = 0;
+
+    if (secret == NULL) {
+        *secretlen = pdhctx->kdf_outlen;
+        return 1;
+    }
+
+    if (pdhctx->kdf_outlen > outlen)
+        return 0;
+    if (!dh_plain_derive(pdhctx, NULL, &stmplen, 0))
+        return 0;
+    if ((stmp = OPENSSL_secure_malloc(stmplen)) == NULL) {
+        ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    if (!dh_plain_derive(pdhctx, stmp, &stmplen, stmplen))
+        goto err;
+
+    /* Do KDF stuff */
+    if (pdhctx->kdf_type == PROV_DH_KDF_X9_42_ASN1) {
+        if (!dh_KDF_X9_42_asn1(secret, pdhctx->kdf_outlen,
+                               stmp, stmplen,
+                               pdhctx->kdf_cekalg,
+                               pdhctx->kdf_ukm,
+                               pdhctx->kdf_ukmlen,
+                               pdhctx->kdf_md,
+                               pdhctx->libctx, NULL))
+            goto err;
+    }
+    *secretlen = pdhctx->kdf_outlen;
+    ret = 1;
+err:
+    OPENSSL_secure_clear_free(stmp, stmplen);
+    return ret;
+}
+
+static int dh_derive(void *vpdhctx, unsigned char *secret,
+                     size_t *psecretlen, size_t outlen)
+{
+    PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;
+
+    switch (pdhctx->kdf_type) {
+        case PROV_DH_KDF_NONE:
+            return dh_plain_derive(pdhctx, secret, psecretlen, outlen);
+        case PROV_DH_KDF_X9_42_ASN1:
+            return dh_X9_42_kdf_derive(pdhctx, secret, psecretlen, outlen);
+        default:
+            break;
+    }
+    return 0;
+}
+
+
 static void dh_freectx(void *vpdhctx)
 {
     PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;
 
+    OPENSSL_free(pdhctx->kdf_cekalg);
     DH_free(pdhctx->dh);
     DH_free(pdhctx->dhpeer);
+    EVP_MD_free(pdhctx->kdf_md);
+    OPENSSL_clear_free(pdhctx->kdf_ukm, pdhctx->kdf_ukmlen);
 
     OPENSSL_free(pdhctx);
 }
@@ -128,18 +224,40 @@ static void *dh_dupctx(void *vpdhctx)
         return NULL;
 
     *dstctx = *srcctx;
-    if (dstctx->dh != NULL && !DH_up_ref(dstctx->dh)) {
-        OPENSSL_free(dstctx);
-        return NULL;
-    }
+    dstctx->dh = NULL;
+    dstctx->dhpeer = NULL;
+    dstctx->kdf_md = NULL;
+    dstctx->kdf_ukm = NULL;
+    dstctx->kdf_cekalg = NULL;
 
-    if (dstctx->dhpeer != NULL && !DH_up_ref(dstctx->dhpeer)) {
-        DH_free(dstctx->dh);
-        OPENSSL_free(dstctx);
-        return NULL;
+    if (dstctx->dh != NULL && !DH_up_ref(srcctx->dh))
+        goto err;
+    else
+        dstctx->dh = srcctx->dh;
+
+    if (dstctx->dhpeer != NULL && !DH_up_ref(srcctx->dhpeer))
+        goto err;
+    else
+        dstctx->dhpeer = srcctx->dhpeer;
+
+    if (srcctx->kdf_md != NULL && !EVP_MD_up_ref(srcctx->kdf_md))
+        goto err;
+    else
+        dstctx->kdf_md = srcctx->kdf_md;
+
+    /* Duplicate UKM data if present */
+    if (srcctx->kdf_ukm != NULL && srcctx->kdf_ukmlen > 0) {
+        dstctx->kdf_ukm = OPENSSL_memdup(srcctx->kdf_ukm,
+                                         srcctx->kdf_ukmlen);
+        if (dstctx->kdf_ukm == NULL)
+            goto err;
     }
+    dstctx->kdf_cekalg = OPENSSL_strdup(srcctx->kdf_cekalg);
 
     return dstctx;
+err:
+    dh_freectx(dstctx);
+    return NULL;
 }
 
 static int dh_set_ctx_params(void *vpdhctx, const OSSL_PARAM params[])
@@ -147,27 +265,180 @@ static int dh_set_ctx_params(void *vpdhctx, const OSSL_PARAM params[])
     PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;
     const OSSL_PARAM *p;
     unsigned int pad;
+    char name[80] = { '\0' }; /* should be big enough */
+    char *str = NULL;
 
     if (pdhctx == NULL || params == NULL)
         return 0;
 
+    p = OSSL_PARAM_locate_const(params, OSSL_EXCHANGE_PARAM_KDF_TYPE);
+    if (p != NULL) {
+        str = name;
+        if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(name)))
+            return 0;
+
+        if (name[0] == '\0')
+            pdhctx->kdf_type = PROV_DH_KDF_NONE;
+        else if (strcmp(name, OSSL_KDF_NAME_X942KDF) == 0)
+            pdhctx->kdf_type = PROV_DH_KDF_X9_42_ASN1;
+        else
+            return 0;
+    }
+    p = OSSL_PARAM_locate_const(params, OSSL_EXCHANGE_PARAM_KDF_DIGEST);
+    if (p != NULL) {
+        char mdprops[80] = { '\0' }; /* should be big enough */
+
+        str = name;
+        if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(name)))
+            return 0;
+
+        str = mdprops;
+        p = OSSL_PARAM_locate_const(params,
+                                    OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS);
+
+        if (p != NULL) {
+            if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(mdprops)))
+                return 0;
+        }
+
+        EVP_MD_free(pdhctx->kdf_md);
+        pdhctx->kdf_md = EVP_MD_fetch(pdhctx->libctx, name, mdprops);
+
+        if (pdhctx->kdf_md == NULL)
+            return 0;
+    }
+
+    p = OSSL_PARAM_locate_const(params, OSSL_EXCHANGE_PARAM_KDF_OUTLEN);
+    if (p != NULL) {
+        size_t outlen;
+
+        if (!OSSL_PARAM_get_size_t(p, &outlen))
+            return 0;
+        pdhctx->kdf_outlen = outlen;
+    }
+
+    p = OSSL_PARAM_locate_const(params, OSSL_EXCHANGE_PARAM_KDF_UKM);
+    if (p != NULL) {
+        void *tmp_ukm = NULL;
+        size_t tmp_ukmlen;
+
+        OPENSSL_free(pdhctx->kdf_ukm);
+        pdhctx->kdf_ukm = NULL;
+        pdhctx->kdf_ukmlen = 0;
+        /* ukm is an optional field so it can be NULL */
+        if (p->data != NULL && p->data_size != 0) {
+            if (!OSSL_PARAM_get_octet_string(p, &tmp_ukm, 0, &tmp_ukmlen))
+                return 0;
+            pdhctx->kdf_ukm = tmp_ukm;
+            pdhctx->kdf_ukmlen = tmp_ukmlen;
+        }
+    }
+
     p = OSSL_PARAM_locate_const(params, OSSL_EXCHANGE_PARAM_PAD);
-    if (p == NULL || !OSSL_PARAM_get_uint(p, &pad))
-        return 0;
-    pdhctx->pad = pad ? 1 : 0;
+    if (p != NULL) {
+        if (!OSSL_PARAM_get_uint(p, &pad))
+            return 0;
+        pdhctx->pad = pad ? 1 : 0;
+    }
+
+    p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_CEK_ALG);
+    if (p != NULL) {
+        str = name;
+        if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(name)))
+            return 0;
+        pdhctx->kdf_cekalg = OPENSSL_strdup(name);
+    }
     return 1;
 }
 
 static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_int(OSSL_EXCHANGE_PARAM_PAD, NULL),
+    OSSL_PARAM_utf8_string(OSSL_EXCHANGE_PARAM_KDF_TYPE, NULL, 0),
+    OSSL_PARAM_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST, NULL, 0),
+    OSSL_PARAM_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS, NULL, 0),
+    OSSL_PARAM_size_t(OSSL_EXCHANGE_PARAM_KDF_OUTLEN, NULL),
+    OSSL_PARAM_octet_string(OSSL_EXCHANGE_PARAM_KDF_UKM, NULL, 0),
+    OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_CEK_ALG, NULL, 0),
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *dh_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *dh_settable_ctx_params(ossl_unused void *provctx)
 {
     return known_settable_ctx_params;
 }
 
+static const OSSL_PARAM known_gettable_ctx_params[] = {
+    OSSL_PARAM_int(OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE, NULL),
+    OSSL_PARAM_utf8_string(OSSL_EXCHANGE_PARAM_KDF_TYPE, NULL, 0),
+    OSSL_PARAM_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST, NULL, 0),
+    OSSL_PARAM_size_t(OSSL_EXCHANGE_PARAM_KDF_OUTLEN, NULL),
+    OSSL_PARAM_DEFN(OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_PTR,
+                    NULL, 0),
+    OSSL_PARAM_size_t(OSSL_EXCHANGE_PARAM_KDF_UKM_LEN, NULL),
+    OSSL_PARAM_END
+};
+
+static const OSSL_PARAM *dh_gettable_ctx_params(ossl_unused void *provctx)
+{
+    return known_gettable_ctx_params;
+}
+
+static int dh_get_ctx_params(void *vpdhctx, OSSL_PARAM params[])
+{
+    PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;
+    OSSL_PARAM *p;
+
+    if (pdhctx == NULL || params == NULL)
+        return 0;
+
+    p = OSSL_PARAM_locate(params, OSSL_EXCHANGE_PARAM_KDF_TYPE);
+    if (p != NULL) {
+        const char *kdf_type = NULL;
+
+        switch (pdhctx->kdf_type) {
+            case PROV_DH_KDF_NONE:
+                kdf_type = "";
+                break;
+            case PROV_DH_KDF_X9_42_ASN1:
+                kdf_type = OSSL_KDF_NAME_X942KDF;
+                break;
+            default:
+                return 0;
+        }
+
+        if (!OSSL_PARAM_set_utf8_string(p, kdf_type))
+            return 0;
+    }
+
+    p = OSSL_PARAM_locate(params, OSSL_EXCHANGE_PARAM_KDF_DIGEST);
+    if (p != NULL
+            && !OSSL_PARAM_set_utf8_string(p, pdhctx->kdf_md == NULL
+                                           ? ""
+                                           : EVP_MD_name(pdhctx->kdf_md))){
+        return 0;
+    }
+
+    p = OSSL_PARAM_locate(params, OSSL_EXCHANGE_PARAM_KDF_OUTLEN);
+    if (p != NULL && !OSSL_PARAM_set_size_t(p, pdhctx->kdf_outlen))
+        return 0;
+
+    p = OSSL_PARAM_locate(params, OSSL_EXCHANGE_PARAM_KDF_UKM);
+    if (p != NULL && !OSSL_PARAM_set_octet_ptr(p, pdhctx->kdf_ukm, 0))
+        return 0;
+
+    p = OSSL_PARAM_locate(params, OSSL_EXCHANGE_PARAM_KDF_UKM_LEN);
+    if (p != NULL && !OSSL_PARAM_set_size_t(p, pdhctx->kdf_ukmlen))
+        return 0;
+
+    p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_CEK_ALG);
+    if (p != NULL
+            && !OSSL_PARAM_set_utf8_string(p, pdhctx->kdf_cekalg == NULL
+                                           ? "" :  pdhctx->kdf_cekalg))
+        return 0;
+
+    return 1;
+}
+
 const OSSL_DISPATCH dh_keyexch_functions[] = {
     { OSSL_FUNC_KEYEXCH_NEWCTX, (void (*)(void))dh_newctx },
     { OSSL_FUNC_KEYEXCH_INIT, (void (*)(void))dh_init },
@@ -178,5 +449,8 @@ const OSSL_DISPATCH dh_keyexch_functions[] = {
     { OSSL_FUNC_KEYEXCH_SET_CTX_PARAMS, (void (*)(void))dh_set_ctx_params },
     { OSSL_FUNC_KEYEXCH_SETTABLE_CTX_PARAMS,
       (void (*)(void))dh_settable_ctx_params },
+    { OSSL_FUNC_KEYEXCH_GET_CTX_PARAMS, (void (*)(void))dh_get_ctx_params },
+    { OSSL_FUNC_KEYEXCH_GETTABLE_CTX_PARAMS,
+      (void (*)(void))dh_gettable_ctx_params },
     { 0, NULL }
 };
diff --git a/providers/implementations/include/prov/implementations.h b/providers/implementations/include/prov/implementations.h
index 9e3ef4d79c..76053e22b0 100644
--- a/providers/implementations/include/prov/implementations.h
+++ b/providers/implementations/include/prov/implementations.h
@@ -267,6 +267,7 @@ extern const OSSL_DISPATCH crngt_functions[];
 
 /* Key management */
 extern const OSSL_DISPATCH dh_keymgmt_functions[];
+extern const OSSL_DISPATCH dhx_keymgmt_functions[];
 extern const OSSL_DISPATCH dsa_keymgmt_functions[];
 extern const OSSL_DISPATCH rsa_keymgmt_functions[];
 extern const OSSL_DISPATCH rsapss_keymgmt_functions[];
@@ -364,6 +365,7 @@ extern const OSSL_DISPATCH ec_pub_pem_serializer_functions[];
 extern const OSSL_DISPATCH ec_param_pem_serializer_functions[];
 
 extern const OSSL_DISPATCH der_to_dh_deserializer_functions[];
+extern const OSSL_DISPATCH der_to_dhx_deserializer_functions[];
 extern const OSSL_DISPATCH der_to_dsa_deserializer_functions[];
 extern const OSSL_DISPATCH msblob_to_dsa_deserializer_functions[];
 extern const OSSL_DISPATCH pvk_to_dsa_deserializer_functions[];
diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c
index 73fcb3fc41..0ea6ce7784 100644
--- a/providers/implementations/keymgmt/dh_kmgmt.c
+++ b/providers/implementations/keymgmt/dh_kmgmt.c
@@ -29,6 +29,7 @@
 static OSSL_FUNC_keymgmt_new_fn dh_newdata;
 static OSSL_FUNC_keymgmt_free_fn dh_freedata;
 static OSSL_FUNC_keymgmt_gen_init_fn dh_gen_init;
+static OSSL_FUNC_keymgmt_gen_init_fn dhx_gen_init;
 static OSSL_FUNC_keymgmt_gen_set_template_fn dh_gen_set_template;
 static OSSL_FUNC_keymgmt_gen_set_params_fn dh_gen_set_params;
 static OSSL_FUNC_keymgmt_gen_settable_params_fn dh_gen_settable_params;
@@ -73,6 +74,7 @@ struct dh_gen_ctx {
     const char *mdprops;
     OSSL_CALLBACK *cb;
     void *cbarg;
+    int dh_type;
 };
 
 typedef struct dh_name2id_st{
@@ -131,7 +133,26 @@ static int dh_key_todata(DH *dh, OSSL_PARAM_BLD *bld, OSSL_PARAM params[])
 
 static void *dh_newdata(void *provctx)
 {
-    return dh_new_with_libctx(PROV_LIBRARY_CONTEXT_OF(provctx));
+    DH *dh = NULL;
+
+    dh = dh_new_with_libctx(PROV_LIBRARY_CONTEXT_OF(provctx));
+    if (dh != NULL) {
+        DH_clear_flags(dh, DH_FLAG_TYPE_MASK);
+        DH_set_flags(dh, DH_FLAG_TYPE_DH);
+    }
+    return dh;
+}
+
+static void *dhx_newdata(void *provctx)
+{
+    DH *dh = NULL;
+
+    dh = dh_new_with_libctx(PROV_LIBRARY_CONTEXT_OF(provctx));
+    if (dh != NULL) {
+        DH_clear_flags(dh, DH_FLAG_TYPE_MASK);
+        DH_set_flags(dh, DH_FLAG_TYPE_DHX);
+    }
+    return dh;
 }
 
 static void dh_freedata(void *keydata)
@@ -399,7 +420,7 @@ static int dh_validate(void *keydata, int selection)
     return ok;
 }
 
-static void *dh_gen_init(void *provctx, int selection)
+static void *dh_gen_init_base(void *provctx, int selection, int type)
 {
     OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(provctx);
     struct dh_gen_ctx *gctx = NULL;
@@ -419,10 +440,21 @@ static void *dh_gen_init(void *provctx, int selection)
         gctx->hindex = 0;
         gctx->pcounter = -1;
         gctx->generator = DH_GENERATOR_2;
+        gctx->dh_type = type;
     }
     return gctx;
 }
 
+static void *dh_gen_init(void *provctx, int selection)
+{
+    return dh_gen_init_base(provctx, selection, DH_FLAG_TYPE_DH);
+}
+
+static void *dhx_gen_init(void *provctx, int selection)
+{
+   return dh_gen_init_base(provctx, selection, DH_FLAG_TYPE_DHX);
+}
+
 static int dh_gen_set_template(void *genctx, void *templ)
 {
     struct dh_gen_ctx *gctx = genctx;
@@ -624,6 +656,9 @@ static void *dh_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
         if (DH_generate_key(dh) <= 0)
             goto end;
     }
+    DH_clear_flags(dh, DH_FLAG_TYPE_MASK);
+    DH_set_flags(dh, gctx->dh_type);
+
     ret = 1;
 end:
     if (ret <= 0) {
@@ -683,3 +718,36 @@ const OSSL_DISPATCH dh_keymgmt_functions[] = {
     { OSSL_FUNC_KEYMGMT_EXPORT_TYPES, (void (*)(void))dh_export_types },
     { 0, NULL }
 };
+
+/* For any DH key, we use the "DH" algorithms regardless of sub-type. */
+static const char *dhx_query_operation_name(int operation_id)
+{
+    return "DH";
+}
+
+const OSSL_DISPATCH dhx_keymgmt_functions[] = {
+    { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))dhx_newdata },
+    { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))dhx_gen_init },
+    { OSSL_FUNC_KEYMGMT_GEN_SET_TEMPLATE, (void (*)(void))dh_gen_set_template },
+    { OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS, (void (*)(void))dh_gen_set_params },
+    { OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS,
+      (void (*)(void))dh_gen_settable_params },
+    { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))dh_gen },
+    { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))dh_gen_cleanup },
+    { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))dh_load },
+    { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))dh_freedata },
+    { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))dh_get_params },
+    { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))dh_gettable_params },
+    { OSSL_FUNC_KEYMGMT_SET_PARAMS, (void (*) (void))dh_set_params },
+    { OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS, (void (*) (void))dh_settable_params },
+    { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))dh_has },
+    { OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))dh_match },
+    { OSSL_FUNC_KEYMGMT_VALIDATE, (void (*)(void))dh_validate },
+    { OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))dh_import },
+    { OSSL_FUNC_KEYMGMT_IMPORT_TYPES, (void (*)(void))dh_import_types },
+    { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))dh_export },
+    { OSSL_FUNC_KEYMGMT_EXPORT_TYPES, (void (*)(void))dh_export_types },
+    { OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME,
+      (void (*)(void))dhx_query_operation_name },
+    { 0, NULL }
+};
diff --git a/providers/implementations/serializers/deserialize_der2key.c b/providers/implementations/serializers/deserialize_der2key.c
index d765ad8fab..702119b74c 100644
--- a/providers/implementations/serializers/deserialize_der2key.c
+++ b/providers/implementations/serializers/deserialize_der2key.c
@@ -221,6 +221,7 @@ static int der2key_export_object(void *vctx,
 
 #ifndef OPENSSL_NO_DH
 IMPLEMENT_NEWCTX("DH", DH, dh, EVP_PKEY_get1_DH, DH_free);
+IMPLEMENT_NEWCTX("DHX", DHX, dhx, EVP_PKEY_get1_DH, DH_free);
 #endif
 #ifndef OPENSSL_NO_DSA
 IMPLEMENT_NEWCTX("DSA", DSA, dsa, EVP_PKEY_get1_DSA, DSA_free);
diff --git a/providers/implementations/serializers/serializer_dh.c b/providers/implementations/serializers/serializer_dh.c
index 03bb874a64..d63c8402f9 100644
--- a/providers/implementations/serializers/serializer_dh.c
+++ b/providers/implementations/serializers/serializer_dh.c
@@ -149,3 +149,8 @@ int ossl_prov_dh_priv_to_der(const void *dh, unsigned char **pder)
     return ret;
 }
 
+
+int ossl_prov_dh_type_to_evp(const DH *dh)
+{
+    return DH_test_flags(dh, DH_FLAG_TYPE_DHX) ? EVP_PKEY_DHX : EVP_PKEY_DH;
+}
diff --git a/providers/implementations/serializers/serializer_dh_priv.c b/providers/implementations/serializers/serializer_dh_priv.c
index fe11834c28..185f836110 100644
--- a/providers/implementations/serializers/serializer_dh_priv.c
+++ b/providers/implementations/serializers/serializer_dh_priv.c
@@ -153,7 +153,8 @@ static int dh_priv_der(void *vctx, void *dh, OSSL_CORE_BIO *cout,
     ctx->sc.cb = cb;
     ctx->sc.cbarg = cbarg;
 
-    ret = ossl_prov_write_priv_der_from_obj(out, dh, EVP_PKEY_DH,
+    ret = ossl_prov_write_priv_der_from_obj(out, dh,
+                                            ossl_prov_dh_type_to_evp(dh),
                                             ossl_prov_prepare_dh_params,
                                             ossl_prov_dh_priv_to_der,
                                             &ctx->sc);
@@ -198,7 +199,8 @@ static int dh_pem_priv(void *vctx, void *dh, OSSL_CORE_BIO *cout,
     ctx->sc.cb = cb;
     ctx->sc.cbarg = cbarg;
 
-    ret = ossl_prov_write_priv_pem_from_obj(out, dh, EVP_PKEY_DH,
+    ret = ossl_prov_write_priv_pem_from_obj(out, dh,
+                                            ossl_prov_dh_type_to_evp(dh),
                                             ossl_prov_prepare_dh_params,
                                             ossl_prov_dh_priv_to_der,
                                             &ctx->sc);
diff --git a/providers/implementations/serializers/serializer_dh_pub.c b/providers/implementations/serializers/serializer_dh_pub.c
index 6ca79c9444..b79f1df216 100644
--- a/providers/implementations/serializers/serializer_dh_pub.c
+++ b/providers/implementations/serializers/serializer_dh_pub.c
@@ -80,7 +80,8 @@ static int dh_pub_der(void *ctx, void *dh, OSSL_CORE_BIO *cout,
     if (out == NULL)
         return 0;
 
-    ret = ossl_prov_write_pub_der_from_obj(out, dh, EVP_PKEY_DH,
+    ret = ossl_prov_write_pub_der_from_obj(out, dh,
+                                           ossl_prov_dh_type_to_evp(dh),
                                            ossl_prov_prepare_dh_params,
                                            ossl_prov_dh_pub_to_der);
     BIO_free(out);
@@ -120,7 +121,8 @@ static int dh_pub_pem(void *ctx, void *dh, OSSL_CORE_BIO *cout,
     if (out == NULL)
         return 0;
 
-    ret = ossl_prov_write_pub_pem_from_obj(out, dh, EVP_PKEY_DH,
+    ret = ossl_prov_write_pub_pem_from_obj(out, dh,
+                                           ossl_prov_dh_type_to_evp(dh),
                                            ossl_prov_prepare_dh_params,
                                            ossl_prov_dh_pub_to_der);
     BIO_free(out);
diff --git a/providers/implementations/serializers/serializer_local.h b/providers/implementations/serializers/serializer_local.h
index 49ec8882c6..14c6073246 100644
--- a/providers/implementations/serializers/serializer_local.h
+++ b/providers/implementations/serializers/serializer_local.h
@@ -64,6 +64,7 @@ int ossl_prov_prepare_dh_params(const void *dh, int nid,
                                 void **pstr, int *pstrtype);
 int ossl_prov_dh_pub_to_der(const void *dh, unsigned char **pder);
 int ossl_prov_dh_priv_to_der(const void *dh, unsigned char **pder);
+int ossl_prov_dh_type_to_evp(const DH *dh);
 
 #ifndef OPENSSL_NO_EC
 void ecx_get_new_free_import(ECX_KEY_TYPE type,
diff --git a/providers/serializers.inc b/providers/serializers.inc
index 3143ebbec5..749c1bbb67 100644
--- a/providers/serializers.inc
+++ b/providers/serializers.inc
@@ -35,6 +35,16 @@
     SER("DH", "yes", "pem", "private", dh_priv_pem_serializer_functions),
     SER("DH", "yes", "pem", "public", dh_pub_pem_serializer_functions),
     SER("DH", "yes", "pem", "parameters", dh_param_pem_serializer_functions),
+
+    SER("DHX", "yes", "text", "private", dh_priv_text_serializer_functions),
+    SER("DHX", "yes", "text", "public", dh_pub_text_serializer_functions),
+    SER("DHX", "yes", "text", "parameters", dh_param_text_serializer_functions),
+    SER("DHX", "yes", "der", "private", dh_priv_der_serializer_functions),
+    SER("DHX", "yes", "der", "public", dh_pub_der_serializer_functions),
+    SER("DHX", "yes", "der", "parameters", dh_param_der_serializer_functions),
+    SER("DHX", "yes", "pem", "private", dh_priv_pem_serializer_functions),
+    SER("DHX", "yes", "pem", "public", dh_pub_pem_serializer_functions),
+    SER("DHX", "yes", "pem", "parameters", dh_param_pem_serializer_functions),
 #endif
 
 #ifndef OPENSSL_NO_DSA
diff --git a/test/evp_libctx_test.c b/test/evp_libctx_test.c
index 7421e1e3ca..3b20dad74b 100644
--- a/test/evp_libctx_test.c
+++ b/test/evp_libctx_test.c
@@ -25,6 +25,7 @@
 #include <openssl/dsa.h>
 #include <openssl/dh.h>
 #include <openssl/safestack.h>
+#include <openssl/x509.h>
 #include "testutil.h"
 #include "internal/nelem.h"
 #include "crypto/bn_dh.h"   /* _bignum_ffdhe2048_p */
@@ -203,6 +204,92 @@ static int test_dh_safeprime_param_keygen(int tstid)
     };
     return do_dh_param_keygen(tstid, bn);
 }
+
+static int dhx_cert_load(void)
+{
+    int ret = 0;
+    X509 *cert = NULL;
+    BIO *bio = NULL;
+
+    static const unsigned char dhx_cert[] = {
+        0x30,0x82,0x03,0xff,0x30,0x82,0x02,0xe7,0xa0,0x03,0x02,0x01,0x02,0x02,0x09,0x00,
+        0xdb,0xf5,0x4d,0x22,0xa0,0x7a,0x67,0xa6,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,
+        0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x30,0x44,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,
+        0x04,0x06,0x13,0x02,0x55,0x4b,0x31,0x16,0x30,0x14,0x06,0x03,0x55,0x04,0x0a,0x0c,
+        0x0d,0x4f,0x70,0x65,0x6e,0x53,0x53,0x4c,0x20,0x47,0x72,0x6f,0x75,0x70,0x31,0x1d,
+        0x30,0x1b,0x06,0x03,0x55,0x04,0x03,0x0c,0x14,0x54,0x65,0x73,0x74,0x20,0x53,0x2f,
+        0x4d,0x49,0x4d,0x45,0x20,0x52,0x53,0x41,0x20,0x52,0x6f,0x6f,0x74,0x30,0x1e,0x17,
+        0x0d,0x31,0x33,0x30,0x38,0x30,0x32,0x31,0x34,0x34,0x39,0x32,0x39,0x5a,0x17,0x0d,
+        0x32,0x33,0x30,0x36,0x31,0x31,0x31,0x34,0x34,0x39,0x32,0x39,0x5a,0x30,0x44,0x31,
+        0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x4b,0x31,0x16,0x30,0x14,
+        0x06,0x03,0x55,0x04,0x0a,0x0c,0x0d,0x4f,0x70,0x65,0x6e,0x53,0x53,0x4c,0x20,0x47,
+        0x72,0x6f,0x75,0x70,0x31,0x1d,0x30,0x1b,0x06,0x03,0x55,0x04,0x03,0x0c,0x14,0x54,
+        0x65,0x73,0x74,0x20,0x53,0x2f,0x4d,0x49,0x4d,0x45,0x20,0x45,0x45,0x20,0x44,0x48,
+        0x20,0x23,0x31,0x30,0x82,0x01,0xb6,0x30,0x82,0x01,0x2b,0x06,0x07,0x2a,0x86,0x48,
+        0xce,0x3e,0x02,0x01,0x30,0x82,0x01,0x1e,0x02,0x81,0x81,0x00,0xd4,0x0c,0x4a,0x0c,
+        0x04,0x72,0x71,0x19,0xdf,0x59,0x19,0xc5,0xaf,0x44,0x7f,0xca,0x8e,0x2b,0xf0,0x09,
+        0xf5,0xd3,0x25,0xb1,0x73,0x16,0x55,0x89,0xdf,0xfd,0x07,0xaf,0x19,0xd3,0x7f,0xd0,
+        0x07,0xa2,0xfe,0x3f,0x5a,0xf1,0x01,0xc6,0xf8,0x2b,0xef,0x4e,0x6d,0x03,0x38,0x42,
+        0xa1,0x37,0xd4,0x14,0xb4,0x00,0x4a,0xb1,0x86,0x5a,0x83,0xce,0xb9,0x08,0x0e,0xc1,
+        0x99,0x27,0x47,0x8d,0x0b,0x85,0xa8,0x82,0xed,0xcc,0x0d,0xb9,0xb0,0x32,0x7e,0xdf,
+        0xe8,0xe4,0xf6,0xf6,0xec,0xb3,0xee,0x7a,0x11,0x34,0x65,0x97,0xfc,0x1a,0xb0,0x95,
+        0x4b,0x19,0xb9,0xa6,0x1c,0xd9,0x01,0x32,0xf7,0x35,0x7c,0x2d,0x5d,0xfe,0xc1,0x85,
+        0x70,0x49,0xf8,0xcc,0x99,0xd0,0xbe,0xf1,0x5a,0x78,0xc8,0x03,0x02,0x81,0x80,0x69,
+        0x00,0xfd,0x66,0xf2,0xfc,0x15,0x8b,0x09,0xb8,0xdc,0x4d,0xea,0xaa,0x79,0x55,0xf9,
+        0xdf,0x46,0xa6,0x2f,0xca,0x2d,0x8f,0x59,0x2a,0xad,0x44,0xa3,0xc6,0x18,0x2f,0x95,
+        0xb6,0x16,0x20,0xe3,0xd3,0xd1,0x8f,0x03,0xce,0x71,0x7c,0xef,0x3a,0xc7,0x44,0x39,
+        0x0e,0xe2,0x1f,0xd8,0xd3,0x89,0x2b,0xe7,0x51,0xdc,0x12,0x48,0x4c,0x18,0x4d,0x99,
+        0x12,0x06,0xe4,0x17,0x02,0x03,0x8c,0x24,0x05,0x8e,0xa6,0x85,0xf2,0x69,0x1b,0xe1,
+        0x6a,0xdc,0xe2,0x04,0x3a,0x01,0x9d,0x64,0xbe,0xfe,0x45,0xf9,0x44,0x18,0x71,0xbd,
+        0x2d,0x3e,0x7a,0x6f,0x72,0x7d,0x1a,0x80,0x42,0x57,0xae,0x18,0x6f,0x91,0xd6,0x61,
+        0x03,0x8a,0x1c,0x89,0x73,0xc7,0x56,0x41,0x03,0xd3,0xf8,0xed,0x65,0xe2,0x85,0x02,
+        0x15,0x00,0x89,0x94,0xab,0x10,0x67,0x45,0x41,0xad,0x63,0xc6,0x71,0x40,0x8d,0x6b,
+        0x9e,0x19,0x5b,0xa4,0xc7,0xf5,0x03,0x81,0x84,0x00,0x02,0x81,0x80,0x2f,0x5b,0xde,
+        0x72,0x02,0x36,0x6b,0x00,0x5e,0x24,0x7f,0x14,0x2c,0x18,0x52,0x42,0x97,0x4b,0xdb,
+        0x6e,0x15,0x50,0x3c,0x45,0x3e,0x25,0xf3,0xb7,0xc5,0x6e,0xe5,0x52,0xe7,0xc4,0xfb,
+        0xf4,0xa5,0xf0,0x39,0x12,0x7f,0xbc,0x54,0x1c,0x93,0xb9,0x5e,0xee,0xe9,0x14,0xb0,
+        0xdf,0xfe,0xfc,0x36,0xe4,0xf2,0xaf,0xfb,0x13,0xc8,0xdf,0x18,0x94,0x1d,0x40,0xb9,
+        0x71,0xdd,0x4c,0x9c,0xa7,0x03,0x52,0x02,0xb5,0xed,0x71,0x80,0x3e,0x23,0xda,0x28,
+        0xe5,0xab,0xe7,0x6f,0xf2,0x0a,0x0e,0x00,0x5b,0x7d,0xc6,0x4b,0xd7,0xc7,0xb2,0xc3,
+        0xba,0x62,0x7f,0x70,0x28,0xa0,0x9d,0x71,0x13,0x70,0xd1,0x9f,0x32,0x2f,0x3e,0xd2,
+        0xcd,0x1b,0xa4,0xc6,0x72,0xa0,0x74,0x5d,0x71,0xef,0x03,0x43,0x6e,0xa3,0x60,0x30,
+        0x5e,0x30,0x0c,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x02,0x30,0x00,0x30,
+        0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01,0xff,0x04,0x04,0x03,0x02,0x05,0xe0,0x30,
+        0x1d,0x06,0x03,0x55,0x1d,0x0e,0x04,0x16,0x04,0x14,0x0b,0x5a,0x4d,0x5f,0x7d,0x25,
+        0xc7,0xf2,0x9d,0xc1,0xaa,0xb7,0x63,0x82,0x2f,0xfa,0x8f,0x32,0xe7,0xc0,0x30,0x1f,
+        0x06,0x03,0x55,0x1d,0x23,0x04,0x18,0x30,0x16,0x80,0x14,0xdf,0x7e,0x5e,0x88,0x05,
+        0x24,0x33,0x08,0xdd,0x22,0x81,0x02,0x97,0xcc,0x9a,0xb7,0xb1,0x33,0x27,0x30,0x30,
+        0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x82,
+        0x01,0x01,0x00,0x5a,0xf2,0x63,0xef,0xd3,0x16,0xd7,0xf5,0xaa,0xdd,0x12,0x00,0x36,
+        0x00,0x21,0xa2,0x7b,0x08,0xd6,0x3b,0x9f,0x62,0xac,0x53,0x1f,0xed,0x4c,0xd1,0x15,
+        0x34,0x65,0x71,0xee,0x96,0x07,0xa6,0xef,0xb2,0xde,0xd8,0xbb,0x35,0x6e,0x2c,0xe2,
+        0xd1,0x26,0xef,0x7e,0x94,0xe2,0x88,0x51,0xa4,0x6c,0xaa,0x27,0x2a,0xd3,0xb6,0xc2,
+        0xf7,0xea,0xc3,0x0b,0xa9,0xb5,0x28,0x37,0xa2,0x63,0x08,0xe4,0x88,0xc0,0x1b,0x16,
+        0x1b,0xca,0xfd,0x8a,0x07,0x32,0x29,0xa7,0x53,0xb5,0x2d,0x30,0xe4,0xf5,0x16,0xc3,
+        0xe3,0xc2,0x4c,0x30,0x5d,0x35,0x80,0x1c,0xa2,0xdb,0xe3,0x4b,0x51,0x0d,0x4c,0x60,
+        0x5f,0xb9,0x46,0xac,0xa8,0x46,0xa7,0x32,0xa7,0x9c,0x76,0xf8,0xe9,0xb5,0x19,0xe2,
+        0x0c,0xe1,0x0f,0xc6,0x46,0xe2,0x38,0xa7,0x87,0x72,0x6d,0x6c,0xbc,0x88,0x2f,0x9d,
+        0x2d,0xe5,0xd0,0x7d,0x1e,0xc7,0x5d,0xf8,0x7e,0xb4,0x0b,0xa6,0xf9,0x6c,0xe3,0x7c,
+        0xb2,0x70,0x6e,0x75,0x9b,0x1e,0x63,0xe1,0x4d,0xb2,0x81,0xd3,0x55,0x38,0x94,0x1a,
+        0x7a,0xfa,0xbf,0x01,0x18,0x70,0x2d,0x35,0xd3,0xe3,0x10,0x7a,0x9a,0xa7,0x8f,0xf3,
+        0xbd,0x56,0x55,0x5e,0xd8,0xbd,0x4e,0x16,0x76,0xd0,0x48,0x4c,0xf9,0x51,0x54,0xdf,
+        0x2d,0xb0,0xc9,0xaa,0x5e,0x42,0x38,0x50,0xbf,0x0f,0xc0,0xd9,0x84,0x44,0x4b,0x42,
+        0x24,0xec,0x14,0xa3,0xde,0x11,0xdf,0x58,0x7f,0xc2,0x4d,0xb2,0xd5,0x42,0x78,0x6e,
+        0x52,0x3e,0xad,0xc3,0x5f,0x04,0xc4,0xe6,0x31,0xaa,0x81,0x06,0x8b,0x13,0x4b,0x3c,
+        0x0e,0x6a,0xb1
+    };
+
+    if (!TEST_ptr(bio = BIO_new_mem_buf(dhx_cert, sizeof(dhx_cert)))
+        || !TEST_ptr(cert = X509_new_with_libctx(libctx, NULL))
+        || !TEST_ptr(d2i_X509_bio(bio, &cert)))
+        goto err;
+    ret = 1;
+err:
+    X509_free(cert);
+    BIO_free(bio);
+    return ret;
+}
+
 #endif /* OPENSSL_NO_DH */
 
 static int test_cipher_reinit(int test_id)
@@ -401,6 +488,7 @@ int setup_tests(void)
 #endif
 #ifndef OPENSSL_NO_DH
     ADD_ALL_TESTS(test_dh_safeprime_param_keygen, 3 * 3 * 3);
+    ADD_TEST(dhx_cert_load);
 #endif
 
     if (!TEST_ptr(cipher_names = sk_OPENSSL_CSTRING_new(name_cmp)))
diff --git a/test/serdes_test.c b/test/serdes_test.c
index 43d64155f5..f4afe53eac 100644
--- a/test/serdes_test.c
+++ b/test/serdes_test.c
@@ -740,6 +740,8 @@ static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key)
 #ifndef OPENSSL_NO_DH
 DOMAIN_KEYS(DH);
 IMPLEMENT_TEST_SUITE(DH, "DH")
+DOMAIN_KEYS(DHX);
+IMPLEMENT_TEST_SUITE(DHX, "X9.42 DH")
 #endif
 #ifndef OPENSSL_NO_DSA
 DOMAIN_KEYS(DSA);
@@ -804,6 +806,7 @@ int setup_tests(void)
     TEST_info("Generating keys...");
 #ifndef OPENSSL_NO_DH
     MAKE_DOMAIN_KEYS(DH, "DH", NULL);
+    MAKE_DOMAIN_KEYS(DHX, "X9.42 DH", NULL);
 #endif
 #ifndef OPENSSL_NO_DSA
     MAKE_DOMAIN_KEYS(DSA, "DSA", DSA_params);
@@ -822,6 +825,7 @@ int setup_tests(void)
     if (ok) {
 #ifndef OPENSSL_NO_DH
         ADD_TEST_SUITE(DH);
+        ADD_TEST_SUITE(DHX);
 #endif
 #ifndef OPENSSL_NO_DSA
         ADD_TEST_SUITE(DSA);
@@ -854,6 +858,7 @@ void cleanup_tests(void)
 {
 #ifndef OPENSSL_NO_DH
     FREE_DOMAIN_KEYS(DH);
+    FREE_DOMAIN_KEYS(DHX);
 #endif
 #ifndef OPENSSL_NO_DSA
     FREE_DOMAIN_KEYS(DSA);
diff --git a/util/libcrypto.num b/util/libcrypto.num
index a3fd0ddc31..f441232582 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5240,3 +5240,13 @@ EVP_PKEY_CTX_set_scrypt_N               ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_CTX_set_scrypt_r               ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_CTX_set_scrypt_p               ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_CTX_set_scrypt_maxmem_bytes    ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_CTX_set_dh_kdf_type            ?	3_0_0	EXIST::FUNCTION:DH
+EVP_PKEY_CTX_get_dh_kdf_type            ?	3_0_0	EXIST::FUNCTION:DH
+EVP_PKEY_CTX_set0_dh_kdf_oid            ?	3_0_0	EXIST::FUNCTION:DH
+EVP_PKEY_CTX_get0_dh_kdf_oid            ?	3_0_0	EXIST::FUNCTION:DH
+EVP_PKEY_CTX_set_dh_kdf_md              ?	3_0_0	EXIST::FUNCTION:DH
+EVP_PKEY_CTX_get_dh_kdf_md              ?	3_0_0	EXIST::FUNCTION:DH
+EVP_PKEY_CTX_set_dh_kdf_outlen          ?	3_0_0	EXIST::FUNCTION:DH
+EVP_PKEY_CTX_get_dh_kdf_outlen          ?	3_0_0	EXIST::FUNCTION:DH
+EVP_PKEY_CTX_set0_dh_kdf_ukm            ?	3_0_0	EXIST::FUNCTION:DH
+EVP_PKEY_CTX_get0_dh_kdf_ukm            ?	3_0_0	EXIST::FUNCTION:DH

From openssl at openssl.org  Tue Aug 11 14:02:21 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 11 Aug 2020 14:02:21 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT
 -fno-sanitize=alignment
Message-ID: <1597154541.238160.13726.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment

Commit log since last time:

04cb5ec0b7 Add 'on demand self test' and status test to providers
dda4e259e5 Add some of the missing CMS API documentation
28ba642779 Change CMS tests to use a library context.
0ab18e7924 Add EVP signature with libctx methods.
11eef7e766 Use libctx for EVP_CIPHER_CTX_rand_key() method.
831564543a Add libctx to ecdh_KDF_X9_63.
57e8420609 Fix EVP_PKEY_CTX_get_rsa_oaep_md() & EVP_PKEY_CTX_get_rsa_mgf1_md() so they use a libctx to retrieve the digest
90a1f2d76f Add libctx support to PKCS7.
45b22d6a35 Add libctx to SMIME ASN1
dcc679cd99 Add internal method x509_set0_libctx().
c1669f41ea Add libctx support to CMS.
82a7b2fb00 rand: fix typo in parameter name
378b163e49 Update gost-engine to fix API rename
97a8878c5d Use .cnf for config files, not .conf
5ccada09aa Add evp_test fixes.
64827f407b drbgtest: avoid a memory leak
7d615e2178 rand_drbg: remove RAND_DRBG.
4df0d37ff6 PROV: Fix MSBLOB / PVK deserializer
90ef39f43a EVP: Fix the returned value for ASN1_PKEY_CTRL_DEFAULT_MD_NID
a7922e208d TEST: Adjust the serdes test to include MSBLOB and PVK
dca51418b0 PEM: Fix i2b_PvK to use EVP_Encrypt calls consistently
37d398c180 PROV: Add MSBLOB and PVK to DSA and RSA deserializers
fb89000897 DESERIALIZER: Adjust to allow the use several deserializers with same name
413835f5d1 PEM: Make general MSBLOB reader functions exposed internally
6ce6ad39fe RSA: Be less strict on PSS parameters when exporting to provider
5f6a0b2ff0 mac: add some consistency to setting the XXX_final output length.
992492f5e8 gettables: documentation changes to pass the provider context.
132b61604b gettables: test changes to pass the provider context.
af5e1e852d gettables: provider changes to pass the provider context.
18ec26babc gettables: core changes to pass the provider context.
c5ec6dcf0b Add new APIs to get PKCS12 secretBag OID and value
15c9aa3aef apps/pkcs12: Change defaults from RC2 to PBES2 with PBKDF2
1b2873e4a1 Prepare for 3.0 alpha 7
e3ec8020b4 Prepare for release of 3.0 alpha 6
0f84cbc3e2 Update copyright year

Build log ended with (last 100 lines):

            # Server sent alert unexpected_message but client received no alert.
            # 40F7AB5BCC7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:318:
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1
    not ok 6 - running ssl_test 25-cipher.cnf
# ------------------------------------------------------------------------------
    # Looks like you failed 2 tests of 9.
not ok 26 - Test configuration 25-cipher.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok

        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #2, ECDHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 405781A18F7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #3, DHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 405781A18F7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 4 - iteration 4
# ------------------------------------------------------------------------------
    not ok 1 - test_ssl_corrupt
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1
not ok 1 - running sslcorrupttest
# ------------------------------------------------------------------------------
#   Failed test 'running sslcorrupttest'
#   at ../openssl/test/recipes/80-test_sslcorrupt.t line 19.
# Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests 
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls_mtu.t               (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  26
  Non-zero exit status: 1
80-test_sslcorrupt.t             (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=208, Tests=3307, 1811 wallclock secs (14.01 usr  1.45 sys + 1719.44 cusr 88.21 csys = 1823.11 CPU)
Result: FAIL
Makefile:3168: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-ubsan'
Makefile:3166: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Tue Aug 11 14:26:58 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 11 Aug 2020 14:26:58 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-ui
Message-ID: <1597156018.190996.31345.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ui

Commit log since last time:

04cb5ec0b7 Add 'on demand self test' and status test to providers
dda4e259e5 Add some of the missing CMS API documentation
28ba642779 Change CMS tests to use a library context.
0ab18e7924 Add EVP signature with libctx methods.
11eef7e766 Use libctx for EVP_CIPHER_CTX_rand_key() method.
831564543a Add libctx to ecdh_KDF_X9_63.
57e8420609 Fix EVP_PKEY_CTX_get_rsa_oaep_md() & EVP_PKEY_CTX_get_rsa_mgf1_md() so they use a libctx to retrieve the digest
90a1f2d76f Add libctx support to PKCS7.
45b22d6a35 Add libctx to SMIME ASN1
dcc679cd99 Add internal method x509_set0_libctx().
c1669f41ea Add libctx support to CMS.
82a7b2fb00 rand: fix typo in parameter name
378b163e49 Update gost-engine to fix API rename
97a8878c5d Use .cnf for config files, not .conf
5ccada09aa Add evp_test fixes.
64827f407b drbgtest: avoid a memory leak
7d615e2178 rand_drbg: remove RAND_DRBG.
4df0d37ff6 PROV: Fix MSBLOB / PVK deserializer
90ef39f43a EVP: Fix the returned value for ASN1_PKEY_CTRL_DEFAULT_MD_NID
a7922e208d TEST: Adjust the serdes test to include MSBLOB and PVK
dca51418b0 PEM: Fix i2b_PvK to use EVP_Encrypt calls consistently
37d398c180 PROV: Add MSBLOB and PVK to DSA and RSA deserializers
fb89000897 DESERIALIZER: Adjust to allow the use several deserializers with same name
413835f5d1 PEM: Make general MSBLOB reader functions exposed internally
6ce6ad39fe RSA: Be less strict on PSS parameters when exporting to provider
5f6a0b2ff0 mac: add some consistency to setting the XXX_final output length.
992492f5e8 gettables: documentation changes to pass the provider context.
132b61604b gettables: test changes to pass the provider context.
af5e1e852d gettables: provider changes to pass the provider context.
18ec26babc gettables: core changes to pass the provider context.
c5ec6dcf0b Add new APIs to get PKCS12 secretBag OID and value
15c9aa3aef apps/pkcs12: Change defaults from RC2 to PBES2 with PBKDF2
1b2873e4a1 Prepare for 3.0 alpha 7
e3ec8020b4 Prepare for release of 3.0 alpha 6
0f84cbc3e2 Update copyright year

Build log ended with (last 100 lines):

    #   Failed test 'p10cr csr empty file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -csr wrong.csr.pem => 139
    not ok 78 - p10cr wrong csr
# ------------------------------------------------------------------------------
    #   Failed test 'p10cr wrong csr'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -revreason 5 => 139
    not ok 79 - ir + ignored revocation
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 139
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 139
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 139
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' => 139
    not ok 86 - kur newkey is directory
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139
    not ok 89 - kur oldcert is directory
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert is directory'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139
    not ok 90 - kur oldcert not existing
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert not existing'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139
    not ok 91 - kur empty oldcert file
# ------------------------------------------------------------------------------
    #   Failed test 'kur empty oldcert file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139
    not ok 92 - kur command without cert and oldcert
# ------------------------------------------------------------------------------
    #   Failed test 'kur command without cert and oldcert'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 65 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-ui/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=208, Tests=3307, 893 wallclock secs (13.28 usr  1.16 sys + 792.66 cusr 61.87 csys = 868.97 CPU)
Result: FAIL
Makefile:3192: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-ui'
Makefile:3190: recipe for target 'tests' failed
make: *** [tests] Error 2

From kaduk at mit.edu  Tue Aug 11 14:27:02 2020
From: kaduk at mit.edu (kaduk at mit.edu)
Date: Tue, 11 Aug 2020 14:27:02 +0000
Subject: [openssl]  master update
Message-ID: <1597156022.973882.788.nullmailer@dev.openssl.org>

The branch master has been updated
       via  520150151bc5993194ba34464220454d8135099d (commit)
       via  bdc0df8ab5f3096aafd54d170c85887366920c4b (commit)
       via  f43c947dd924cfb1f69c800648f80881bb542027 (commit)
       via  2f5c405a1694220cca7be8cd96958c1c1245f0ed (commit)
       via  d91f902d73689c8a8c1bf684ff9d244197f8c7b3 (commit)
       via  acb30f4b593bbd1bdaa6495d0f641da7ef702b95 (commit)
       via  1453d736b5bb8abaa18482652828096b44c4bf3a (commit)
       via  c4d21d2f71363e9f6d4a0e377789555e655d96f4 (commit)
       via  36025d3b8716f6f8cadc983295398ccdd734a17b (commit)
       via  2c533a71c63ef223615fe4f6a0a89ffaffbd739a (commit)
       via  ddce5c29f535ce5f61013563732f80647d2c6977 (commit)
       via  d3308027e9bda451e43b52c36064fd70337e02a8 (commit)
       via  18a49e168f8b6917e2b013897392cf357bb15ded (commit)
       via  9197c226ea0b1c231a4141dcac055daddcb11466 (commit)
       via  37322687b0fb4c5c0bb637acd3e9785ffc71fa35 (commit)
       via  c76ffc78a513660b5f62bc32a64f44c62edede74 (commit)
       via  ef58f9af93cdd75b9798cdb177319995dc7a7d50 (commit)
       via  440b852a0f79ac4a7e101606a7c32d212e06d203 (commit)
       via  79f4417ed940793fe7d48d613c9b903d00630b69 (commit)
       via  8489026850b38447d8e3e68c4d4260585b7e8e3a (commit)
      from  31d2daecb384475da13c4bf7c76a2dde0077b2f2 (commit)


- Log -----------------------------------------------------------------
commit 520150151bc5993194ba34464220454d8135099d
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Tue Jul 21 16:23:19 2020 -0700

    Expose S390x HW ciphers' IV state to provider layer
    
    The S390x hardware-accelerated cipher implementations keep their IV
    state in an internal structure tied to the underlying implementation.
    However, the provider itself needs to be able to expose the IV state
    to libcrypto when processing the "iv-state" parameter.  In the absence
    of a S390x hardware-specific get_ctx_params() implementation,  be sure
    to copy the IV state from the hw-specific structure back to the
    generic PROV_CIPHER_CTX object after each cipher operation in order to
    synchronize the internal and fetchable state.
    
    [extended tests]
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12233)

commit bdc0df8ab5f3096aafd54d170c85887366920c4b
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Thu Jul 9 14:29:33 2020 -0700

    Avoid deprecated API in evp_test.c
    
    Use EVP_CIPHER_CTX_get_iv_state() in cipher_test_enc() rather than
    the deprecated EVP_CIPHER_CTX_iv().
    
    [extended tests]
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12233)

commit f43c947dd924cfb1f69c800648f80881bb542027
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Thu Jul 2 16:27:03 2020 -0700

    Avoid deprecated function in evp_lib.c
    
    Use EVP_CIPHER_CTX_get_iv() to implement EVP_CIPHER_set_asn1_iv(),
    rather than the deprecated EVP_CIPHER_CTX_original_iv().
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12233)

commit 2f5c405a1694220cca7be8cd96958c1c1245f0ed
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Thu Jul 2 14:12:33 2020 -0700

    Use local IV storage in EVP BLOCK_* macros
    
    Inline the pre-13273237a65d46186b6bea0b51aec90670d4598a versions
    of EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
    EVP_CIPHER_CTX_iv_noconst() in evp.h.
    
    These macros are internal-only, used to implement legacy libcrypto
    EVP ciphers, with no real provider involvement.  Accordingly, just use the
    EVP_CIPHER_CTX storage directly and don't try to reach into a provider-side
    context.
    
    This does necessitate including evp_local.h in several more files.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12233)

commit d91f902d73689c8a8c1bf684ff9d244197f8c7b3
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Thu Jul 2 14:12:33 2020 -0700

    Use local IV storage in e_rc2.c
    
    Inline the pre-13273237a65d46186b6bea0b51aec90670d4598a versions
    of EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
    EVP_CIPHER_CTX_iv_noconst() in e_rc2.c.
    
    For the legacy implementations, there's no need to use an
    in-provider storage for the IV, when the crypto operations
    themselves will be performed outside of the provider.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12233)

commit acb30f4b593bbd1bdaa6495d0f641da7ef702b95
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Thu Jul 2 14:12:33 2020 -0700

    Use local IV storage in e_xcbc_d.c
    
    Inline the pre-13273237a65d46186b6bea0b51aec90670d4598a versions
    of EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
    EVP_CIPHER_CTX_iv_noconst() in e_xcbc_d.c.
    
    For the legacy implementations, there's no need to use an
    in-provider storage for the IV, when the crypto operations
    themselves will be performed outside of the provider.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12233)

commit 1453d736b5bb8abaa18482652828096b44c4bf3a
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Thu Jul 2 14:12:33 2020 -0700

    Use local IV storage in e_sm4.c
    
    Inline the pre-13273237a65d46186b6bea0b51aec90670d4598a versions
    of EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
    EVP_CIPHER_CTX_iv_noconst() in e_sm4.c.
    
    For the legacy implementations, there's no need to use an
    in-provider storage for the IV, when the crypto operations
    themselves will be performed outside of the provider.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12233)

commit c4d21d2f71363e9f6d4a0e377789555e655d96f4
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Thu Jul 2 14:12:33 2020 -0700

    Use local IV storage in e_des3.c
    
    Inline the pre-13273237a65d46186b6bea0b51aec90670d4598a versions
    of EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
    EVP_CIPHER_CTX_iv_noconst() in e_des3.c.
    
    For the legacy implementations, there's no need to use an
    in-provider storage for the IV, when the crypto operations
    themselves will be performed outside of the provider.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12233)

commit 36025d3b8716f6f8cadc983295398ccdd734a17b
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Thu Jul 2 14:12:33 2020 -0700

    Use local IV storage in e_des.c
    
    Inline the pre-13273237a65d46186b6bea0b51aec90670d4598a versions
    of EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
    EVP_CIPHER_CTX_iv_noconst() in e_des.c.
    
    For the legacy implementations, there's no need to use an
    in-provider storage for the IV, when the crypto operations
    themselves will be performed outside of the provider.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12233)

commit 2c533a71c63ef223615fe4f6a0a89ffaffbd739a
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Thu Jul 2 14:12:33 2020 -0700

    Use local IV storage in e_camellia.c
    
    Inline the pre-13273237a65d46186b6bea0b51aec90670d4598a versions
    of EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
    EVP_CIPHER_CTX_iv_noconst() in e_camellia.c.
    
    For the legacy implementations, there's no need to use an
    in-provider storage for the IV, when the crypto operations
    themselves will be performed outside of the provider.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12233)

commit ddce5c29f535ce5f61013563732f80647d2c6977
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Thu Jul 2 14:12:33 2020 -0700

    Use local IV storage in e_aria.c
    
    Inline the pre-13273237a65d46186b6bea0b51aec90670d4598a versions
    of EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
    EVP_CIPHER_CTX_iv_noconst() in e_aria.c.
    
    For the legacy implementations, there's no need to use an
    in-provider storage for the IV, when the crypto operations
    themselves will be performed outside of the provider.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12233)

commit d3308027e9bda451e43b52c36064fd70337e02a8
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Thu Jul 2 14:12:33 2020 -0700

    Use local IV storage in e_aes_ebc_hmac_sha256.c
    
    Inline the pre-13273237a65d46186b6bea0b51aec90670d4598a versions
    of EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
    EVP_CIPHER_CTX_iv_noconst() in e_aes_cbc_hmac_sha256.c.
    
    For the legacy implementations, there's no need to use an
    in-provider storage for the IV, when the crypto operations
    themselves will be performed outside of the provider.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12233)

commit 18a49e168f8b6917e2b013897392cf357bb15ded
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Thu Jul 2 14:12:33 2020 -0700

    Use local IV storage in e_aes_ebc_hmac_sha1.c
    
    Inline the pre-13273237a65d46186b6bea0b51aec90670d4598a versions
    of EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
    EVP_CIPHER_CTX_iv_noconst() in e_aes_cbc_hmac_sha1.c.
    
    For the legacy implementations, there's no need to use an
    in-provider storage for the IV, when the crypto operations
    themselves will be performed outside of the provider.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12233)

commit 9197c226ea0b1c231a4141dcac055daddcb11466
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Thu Jul 2 14:12:33 2020 -0700

    Use local IV storage in e_aes.c
    
    Inline the pre-13273237a65d46186b6bea0b51aec90670d4598a versions
    of EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
    EVP_CIPHER_CTX_iv_noconst() in e_aes.c.
    
    For the legacy implementations, there's no need to use an
    in-provider storage for the IV, when the crypto operations
    themselves will be performed outside of the provider.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12233)

commit 37322687b0fb4c5c0bb637acd3e9785ffc71fa35
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Thu Jul 2 13:03:58 2020 -0700

    Retire EVP_CTRL_GET_IV
    
    It is superseded by EVP_CIPHER_CTX_get_iv(), is only present on master,
    and had only a couple of in-tree callers that are easy to convert.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12233)

commit c76ffc78a513660b5f62bc32a64f44c62edede74
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Mon Jun 22 11:37:31 2020 -0700

    Document EVP_CIPHER_CTX IV accessors
    
    Including the ones that were added in commit
    83b06347023a573433b6aa23c8042f89df869f9e with a note that they "may go
    away" and are now deprecated.
    
    Remove the missingcrypto.txt entries for the now-deprecated functions.
    
    [extended tests]
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12233)

commit ef58f9af93cdd75b9798cdb177319995dc7a7d50
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Fri Jun 19 22:31:41 2020 -0700

    Make GCM providers more generous about fetching IVs
    
    The current check for iv_gen and iv_gen_rand only lets you fetch
    the IV for the case when it was set internally.  It might also make
    sense to fetch the IV if one was set at cipher-context creation time,
    so switch to checking the iv_state, which should be enough to ensure
    that there is valid data in the context to be copied out.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12233)

commit 440b852a0f79ac4a7e101606a7c32d212e06d203
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Fri Jun 19 20:42:29 2020 -0700

    Add tests for new EVP_CIPHER_CTX IV accessors
    
    Test that EVP_CIPHER_CTX_get_iv() returns the same IV that was
    given at initialization time, and that EVP_CIPHER_CTX_get_iv_state()
    returns the expected value after performing an encryption operation
    (which will differ from the previous value for CBC and OFB modes),
    for various modes of AES.
    
    Do this both for the implicit fetch and explicit fetch paths,
    at the cost of a slightly more complicated switch statement.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12233)

commit 79f4417ed940793fe7d48d613c9b903d00630b69
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Fri Jun 19 18:43:58 2020 -0700

    Deprecate and replace EVP_CIPHER_CTX_iv()/etc.
    
    The EVP_CIPHER_CTX_iv() family of functions are incompatible with
    the libcrypto/provider separation, since the implied API contract
    (they are undocumented) involves a pointer into the active cipher
    context structure.  However, the active IV data in a provider-side
    context need not even be in the same address space as libcrypto,
    so a replacement API is needed.
    
    The existing functions for accessing the (even the "original") IV had
    remained undocumented for quite some time, presumably due to unease
    about exposing the internals of the cipher state in such a manner.
    
    Provide more maintainable new APIs for accessing the initial ("oiv") and
    current-state ("iv") IV data, that copy the value into a caller-provided
    array, eliminating the need to provide a pointer into the internal
    cipher context, which accordingly no longer provides the ability to
    write to the internal cipher state.
    
    Unfortunately, in order to maintain API compatibility with OpenSSL
    1.1.1, the old functionality is still available, but is marked as
    deprecated for future removal.  This would entail removing the "octet
    pointer" parameter access, leaving only the "octet string" parameter
    type.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12233)

commit 8489026850b38447d8e3e68c4d4260585b7e8e3a
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Fri Jun 19 13:50:22 2020 -0700

    Support cipher provider "iv state"
    
    Some modes (e.g., CBC and OFB) update the effective IV with each
    block-cipher invocation, making the "IV" stored in the (historically)
    EVP_CIPHER_CTX or (current) PROV_CIPHER_CTX distinct from the initial
    IV passed in at cipher initialization time.  The latter is stored in
    the "oiv" (original IV) field, and has historically been accessible
    via the EVP_CIPHER_CTX_original_iv() API.  The "effective IV" has
    also historically been accessible, via both EVP_CIPHER_CTX_iv()
    and EVP_CIPHER_CTX_iv_noconst(), the latter of which allows for
    *write* access to the internal cipher state.  This is particularly
    problematic given that provider-internal cipher state need not, in
    general, even be accessible from the same address space as libcrypto,
    so these APIs are not sustainable in the long term.  However, it still
    remains necessary to provide access to the contents of the "IV state"
    (e.g., when serializing cipher state for in-kernel TLS); a subsequent
    reinitialization of a cipher context using the "IV state" as the
    input IV will be able to resume processing of data in a compatible
    manner.
    
    This problem was introduced in commit
    089cb623be76b88a1eea6fcd135101037661bbc3, which effectively caused
    all IV queries to return the "original IV", removing access to the
    current IV state of the cipher.
    
    These functions for accessing the (even the "original") IV had remained
    undocumented for quite some time, presumably due to unease about
    exposing the internals of the cipher state in such a manner.
    
    Note that this also as a side effect "fixes" some "bugs" where things
    had been referring to the 'iv' field that should have been using the
    'oiv' field.  It also fixes the EVP_CTRL_GET_IV cipher control,
    which was clearly intended to expose the non-original IV, for
    use exporting the cipher state into the kernel for kTLS.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12233)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/e_aes.c                                 | 114 +++++++++------------
 crypto/evp/e_aes_cbc_hmac_sha1.c                   |  14 +--
 crypto/evp/e_aes_cbc_hmac_sha256.c                 |  10 +-
 crypto/evp/e_aria.c                                |  27 +++--
 crypto/evp/e_bf.c                                  |   1 +
 crypto/evp/e_camellia.c                            |  35 +++----
 crypto/evp/e_cast.c                                |   1 +
 crypto/evp/e_des.c                                 |  22 ++--
 crypto/evp/e_des3.c                                |  37 +++----
 crypto/evp/e_idea.c                                |   1 +
 crypto/evp/e_rc2.c                                 |   5 +-
 crypto/evp/e_seed.c                                |   1 +
 crypto/evp/e_sm4.c                                 |   4 +-
 crypto/evp/e_xcbc_d.c                              |   5 +-
 crypto/evp/evp_enc.c                               |   5 -
 crypto/evp/evp_lib.c                               |  29 +++++-
 doc/man3/EVP_CIPHER_CTX_get_iv.pod                 |  66 ++++++++++++
 doc/man7/provider-cipher.pod                       |   9 +-
 include/crypto/evp.h                               |  10 +-
 include/internal/ktls.h                            |   7 +-
 include/openssl/core_names.h                       |   1 +
 include/openssl/evp.h                              |  11 +-
 .../ciphers/cipher_aes_cbc_hmac_sha.c              |   7 ++
 .../ciphers/cipher_aes_hw_s390x.inc                |   3 +
 providers/implementations/ciphers/cipher_aes_ocb.c |  13 +++
 providers/implementations/ciphers/ciphercommon.c   |   8 ++
 .../implementations/ciphers/ciphercommon_ccm.c     |  13 +++
 .../implementations/ciphers/ciphercommon_gcm.c     |  17 ++-
 .../implementations/include/prov/ciphercommon.h    |   3 +-
 test/aesgcmtest.c                                  |   2 +-
 test/evp_extra_test.c                              | 113 ++++++++++++++++++++
 test/evp_test.c                                    |  16 +--
 util/libcrypto.num                                 |   8 +-
 util/missingcrypto.txt                             |   3 -
 34 files changed, 428 insertions(+), 193 deletions(-)
 create mode 100644 doc/man3/EVP_CIPHER_CTX_get_iv.pod

diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index c037090695..08abd5fb09 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -179,8 +179,7 @@ static int aesni_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                             const unsigned char *in, size_t len)
 {
     aesni_cbc_encrypt(in, out, len, &EVP_C_DATA(EVP_AES_KEY,ctx)->ks.ks,
-                      EVP_CIPHER_CTX_iv_noconst(ctx),
-                      EVP_CIPHER_CTX_encrypting(ctx));
+                      ctx->iv, EVP_CIPHER_CTX_encrypting(ctx));
 
     return 1;
 }
@@ -300,7 +299,7 @@ static int aesni_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 
     if (iv) {
         xctx->xts.key2 = &xctx->ks2;
-        memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 16);
+        memcpy(ctx->iv, iv, 16);
     }
 
     return 1;
@@ -326,7 +325,7 @@ static int aesni_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
         cctx->key_set = 1;
     }
     if (iv) {
-        memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 15 - cctx->L);
+        memcpy(ctx->iv, iv, 15 - cctx->L);
         cctx->iv_set = 1;
     }
     return 1;
@@ -651,7 +650,7 @@ static int aes_t4_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 
     if (iv) {
         xctx->xts.key2 = &xctx->ks2;
-        memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 16);
+        memcpy(ctx->iv, iv, 16);
     }
 
     return 1;
@@ -676,7 +675,7 @@ static int aes_t4_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
         cctx->key_set = 1;
     }
     if (iv) {
-        memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 15 - cctx->L);
+        memcpy(ctx->iv, iv, 15 - cctx->L);
         cctx->iv_set = 1;
     }
     return 1;
@@ -986,7 +985,7 @@ static int s390x_aes_ofb_init_key(EVP_CIPHER_CTX *ctx,
                                   const unsigned char *ivec, int enc)
 {
     S390X_AES_OFB_CTX *cctx = EVP_C_DATA(S390X_AES_OFB_CTX, ctx);
-    const unsigned char *iv = EVP_CIPHER_CTX_original_iv(ctx);
+    const unsigned char *iv = ctx->oiv;
     const int keylen = EVP_CIPHER_CTX_key_length(ctx);
     const int ivlen = EVP_CIPHER_CTX_iv_length(ctx);
 
@@ -1041,7 +1040,7 @@ static int s390x_aes_cfb_init_key(EVP_CIPHER_CTX *ctx,
                                   const unsigned char *ivec, int enc)
 {
     S390X_AES_CFB_CTX *cctx = EVP_C_DATA(S390X_AES_CFB_CTX, ctx);
-    const unsigned char *iv = EVP_CIPHER_CTX_original_iv(ctx);
+    const unsigned char *iv = ctx->oiv;
     const int keylen = EVP_CIPHER_CTX_key_length(ctx);
     const int ivlen = EVP_CIPHER_CTX_iv_length(ctx);
 
@@ -1107,7 +1106,7 @@ static int s390x_aes_cfb8_init_key(EVP_CIPHER_CTX *ctx,
                                    const unsigned char *ivec, int enc)
 {
     S390X_AES_CFB_CTX *cctx = EVP_C_DATA(S390X_AES_CFB_CTX, ctx);
-    const unsigned char *iv = EVP_CIPHER_CTX_original_iv(ctx);
+    const unsigned char *iv = ctx->oiv;
     const int keylen = EVP_CIPHER_CTX_key_length(ctx);
     const int ivlen = EVP_CIPHER_CTX_iv_length(ctx);
 
@@ -1333,17 +1332,16 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
     S390X_AES_GCM_CTX *gctx = EVP_C_DATA(S390X_AES_GCM_CTX, c);
     S390X_AES_GCM_CTX *gctx_out;
     EVP_CIPHER_CTX *out;
-    unsigned char *buf, *iv;
+    unsigned char *buf;
     int ivlen, enc, len;
 
     switch (type) {
     case EVP_CTRL_INIT:
         ivlen = EVP_CIPHER_iv_length(c->cipher);
-        iv = EVP_CIPHER_CTX_iv_noconst(c);
         gctx->key_set = 0;
         gctx->iv_set = 0;
         gctx->ivlen = ivlen;
-        gctx->iv = iv;
+        gctx->iv = c->iv;
         gctx->taglen = -1;
         gctx->iv_gen = 0;
         gctx->tls_aad_len = -1;
@@ -1358,12 +1356,11 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
             return 0;
 
         if (arg != 12) {
-            iv = EVP_CIPHER_CTX_iv_noconst(c);
             len = S390X_gcm_ivpadlen(arg);
 
             /* Allocate memory for iv if needed. */
             if (gctx->ivlen == 12 || len > S390X_gcm_ivpadlen(gctx->ivlen)) {
-                if (gctx->iv != iv)
+                if (gctx->iv != c->iv)
                     OPENSSL_free(gctx->iv);
 
                 if ((gctx->iv = OPENSSL_malloc(len)) == NULL) {
@@ -1479,10 +1476,9 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
     case EVP_CTRL_COPY:
         out = ptr;
         gctx_out = EVP_C_DATA(S390X_AES_GCM_CTX, out);
-        iv = EVP_CIPHER_CTX_iv_noconst(c);
 
-        if (gctx->iv == iv) {
-            gctx_out->iv = EVP_CIPHER_CTX_iv_noconst(out);
+        if (gctx->iv == c->iv) {
+            gctx_out->iv = out->iv;
         } else {
             len = S390X_gcm_ivpadlen(gctx->ivlen);
 
@@ -1657,13 +1653,11 @@ static int s390x_aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 static int s390x_aes_gcm_cleanup(EVP_CIPHER_CTX *c)
 {
     S390X_AES_GCM_CTX *gctx = EVP_C_DATA(S390X_AES_GCM_CTX, c);
-    const unsigned char *iv;
 
     if (gctx == NULL)
         return 0;
 
-    iv = EVP_CIPHER_CTX_iv(c);
-    if (iv != gctx->iv)
+    if (gctx->iv != c->iv)
         OPENSSL_free(gctx->iv);
 
     OPENSSL_cleanse(gctx, sizeof(*gctx));
@@ -1862,7 +1856,7 @@ static int s390x_aes_ccm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                                     const unsigned char *in, size_t len)
 {
     S390X_AES_CCM_CTX *cctx = EVP_C_DATA(S390X_AES_CCM_CTX, ctx);
-    unsigned char *ivec = EVP_CIPHER_CTX_iv_noconst(ctx);
+    unsigned char *ivec = ctx->iv;
     unsigned char *buf = EVP_CIPHER_CTX_buf_noconst(ctx);
     const int enc = EVP_CIPHER_CTX_encrypting(ctx);
 
@@ -1916,7 +1910,6 @@ static int s390x_aes_ccm_init_key(EVP_CIPHER_CTX *ctx,
                                   const unsigned char *iv, int enc)
 {
     S390X_AES_CCM_CTX *cctx = EVP_C_DATA(S390X_AES_CCM_CTX, ctx);
-    unsigned char *ivec;
     int keylen;
 
     if (iv == NULL && key == NULL)
@@ -1938,8 +1931,7 @@ static int s390x_aes_ccm_init_key(EVP_CIPHER_CTX *ctx,
     }
 
     if (iv != NULL) {
-        ivec = EVP_CIPHER_CTX_iv_noconst(ctx);
-        memcpy(ivec, iv, 15 - cctx->aes.ccm.l);
+        memcpy(ctx->iv, iv, 15 - cctx->aes.ccm.l);
 
         cctx->aes.ccm.iv_set = 1;
     }
@@ -1959,7 +1951,7 @@ static int s390x_aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     S390X_AES_CCM_CTX *cctx = EVP_C_DATA(S390X_AES_CCM_CTX, ctx);
     const int enc = EVP_CIPHER_CTX_encrypting(ctx);
     int rv;
-    unsigned char *buf, *ivec;
+    unsigned char *buf;
 
     if (!cctx->aes.ccm.key_set)
         return -1;
@@ -1981,8 +1973,7 @@ static int s390x_aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     if (out == NULL) {
         /* Update(): Pass message length. */
         if (in == NULL) {
-            ivec = EVP_CIPHER_CTX_iv_noconst(ctx);
-            s390x_aes_ccm_setiv(cctx, ivec, len);
+            s390x_aes_ccm_setiv(cctx, ctx->iv, len);
 
             cctx->aes.ccm.len_set = 1;
             return len;
@@ -2007,8 +1998,7 @@ static int s390x_aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
          * In case message length was not previously set explicitly via
          * Update(), set it now.
          */
-        ivec = EVP_CIPHER_CTX_iv_noconst(ctx);
-        s390x_aes_ccm_setiv(cctx, ivec, len);
+        s390x_aes_ccm_setiv(cctx, ctx->iv, len);
 
         cctx->aes.ccm.len_set = 1;
     }
@@ -2047,7 +2037,7 @@ static int s390x_aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 static int s390x_aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
 {
     S390X_AES_CCM_CTX *cctx = EVP_C_DATA(S390X_AES_CCM_CTX, c);
-    unsigned char *buf, *iv;
+    unsigned char *buf;
     int enc, len;
 
     switch (type) {
@@ -2101,8 +2091,7 @@ static int s390x_aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
             return 0;
 
         /* Copy to first part of the iv. */
-        iv = EVP_CIPHER_CTX_iv_noconst(c);
-        memcpy(iv, ptr, arg);
+        memcpy(c->iv, ptr, arg);
         return 1;
 
     case EVP_CTRL_AEAD_SET_IVLEN:
@@ -2404,15 +2393,14 @@ static int aes_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     EVP_AES_KEY *dat = EVP_C_DATA(EVP_AES_KEY,ctx);
 
     if (dat->stream.cbc)
-        (*dat->stream.cbc) (in, out, len, &dat->ks,
-                            EVP_CIPHER_CTX_iv_noconst(ctx),
+        (*dat->stream.cbc) (in, out, len, &dat->ks, ctx->iv,
                             EVP_CIPHER_CTX_encrypting(ctx));
     else if (EVP_CIPHER_CTX_encrypting(ctx))
-        CRYPTO_cbc128_encrypt(in, out, len, &dat->ks,
-                              EVP_CIPHER_CTX_iv_noconst(ctx), dat->block);
+        CRYPTO_cbc128_encrypt(in, out, len, &dat->ks, ctx->iv,
+                              dat->block);
     else
         CRYPTO_cbc128_decrypt(in, out, len, &dat->ks,
-                              EVP_CIPHER_CTX_iv_noconst(ctx), dat->block);
+                              ctx->iv, dat->block);
 
     return 1;
 }
@@ -2440,7 +2428,7 @@ static int aes_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 
     int num = EVP_CIPHER_CTX_num(ctx);
     CRYPTO_ofb128_encrypt(in, out, len, &dat->ks,
-                          EVP_CIPHER_CTX_iv_noconst(ctx), &num, dat->block);
+                          ctx->iv, &num, dat->block);
     EVP_CIPHER_CTX_set_num(ctx, num);
     return 1;
 }
@@ -2452,7 +2440,7 @@ static int aes_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 
     int num = EVP_CIPHER_CTX_num(ctx);
     CRYPTO_cfb128_encrypt(in, out, len, &dat->ks,
-                          EVP_CIPHER_CTX_iv_noconst(ctx), &num,
+                          ctx->iv, &num,
                           EVP_CIPHER_CTX_encrypting(ctx), dat->block);
     EVP_CIPHER_CTX_set_num(ctx, num);
     return 1;
@@ -2465,7 +2453,7 @@ static int aes_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 
     int num = EVP_CIPHER_CTX_num(ctx);
     CRYPTO_cfb128_8_encrypt(in, out, len, &dat->ks,
-                            EVP_CIPHER_CTX_iv_noconst(ctx), &num,
+                            ctx->iv, &num,
                             EVP_CIPHER_CTX_encrypting(ctx), dat->block);
     EVP_CIPHER_CTX_set_num(ctx, num);
     return 1;
@@ -2479,7 +2467,7 @@ static int aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     if (EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS)) {
         int num = EVP_CIPHER_CTX_num(ctx);
         CRYPTO_cfb128_1_encrypt(in, out, len, &dat->ks,
-                                EVP_CIPHER_CTX_iv_noconst(ctx), &num,
+                                ctx->iv, &num,
                                 EVP_CIPHER_CTX_encrypting(ctx), dat->block);
         EVP_CIPHER_CTX_set_num(ctx, num);
         return 1;
@@ -2488,7 +2476,7 @@ static int aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     while (len >= MAXBITCHUNK) {
         int num = EVP_CIPHER_CTX_num(ctx);
         CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks,
-                                EVP_CIPHER_CTX_iv_noconst(ctx), &num,
+                                ctx->iv, &num,
                                 EVP_CIPHER_CTX_encrypting(ctx), dat->block);
         EVP_CIPHER_CTX_set_num(ctx, num);
         len -= MAXBITCHUNK;
@@ -2498,7 +2486,7 @@ static int aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     if (len) {
         int num = EVP_CIPHER_CTX_num(ctx);
         CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks,
-                                EVP_CIPHER_CTX_iv_noconst(ctx), &num,
+                                ctx->iv, &num,
                                 EVP_CIPHER_CTX_encrypting(ctx), dat->block);
         EVP_CIPHER_CTX_set_num(ctx, num);
     }
@@ -2514,12 +2502,12 @@ static int aes_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 
     if (dat->stream.ctr)
         CRYPTO_ctr128_encrypt_ctr32(in, out, len, &dat->ks,
-                                    EVP_CIPHER_CTX_iv_noconst(ctx),
+                                    ctx->iv,
                                     EVP_CIPHER_CTX_buf_noconst(ctx),
                                     &num, dat->stream.ctr);
     else
         CRYPTO_ctr128_encrypt(in, out, len, &dat->ks,
-                              EVP_CIPHER_CTX_iv_noconst(ctx),
+                              ctx->iv,
                               EVP_CIPHER_CTX_buf_noconst(ctx), &num,
                               dat->block);
     EVP_CIPHER_CTX_set_num(ctx, num);
@@ -2536,7 +2524,7 @@ static int aes_gcm_cleanup(EVP_CIPHER_CTX *c)
     if (gctx == NULL)
         return 0;
     OPENSSL_cleanse(&gctx->gcm, sizeof(gctx->gcm));
-    if (gctx->iv != EVP_CIPHER_CTX_iv_noconst(c))
+    if (gctx->iv != c->iv)
         OPENSSL_free(gctx->iv);
     return 1;
 }
@@ -2588,14 +2576,6 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
         memcpy(ptr, c->buf, arg);
         return 1;
 
-    case EVP_CTRL_GET_IV:
-        if (gctx->iv_gen != 1 && gctx->iv_gen_rand != 1)
-            return 0;
-        if (gctx->ivlen != arg)
-            return 0;
-        memcpy(ptr, gctx->iv, arg);
-        return 1;
-
     case EVP_CTRL_GCM_SET_IV_FIXED:
         /* Special case: -1 length restores whole IV */
         if (arg == -1) {
@@ -3213,7 +3193,7 @@ static int aes_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 
     if (iv) {
         xctx->xts.key2 = &xctx->ks2;
-        memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 16);
+        memcpy(ctx->iv, iv, 16);
     }
 
     return 1;
@@ -3245,9 +3225,8 @@ static int aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     if (xctx->stream)
         (*xctx->stream) (in, out, len,
                          xctx->xts.key1, xctx->xts.key2,
-                         EVP_CIPHER_CTX_iv_noconst(ctx));
-    else if (CRYPTO_xts128_encrypt(&xctx->xts, EVP_CIPHER_CTX_iv_noconst(ctx),
-                                   in, out, len,
+                         ctx->iv);
+    else if (CRYPTO_xts128_encrypt(&xctx->xts, ctx->iv, in, out, len,
                                    EVP_CIPHER_CTX_encrypting(ctx)))
         return 0;
     return 1;
@@ -3311,7 +3290,7 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
         if (arg != EVP_CCM_TLS_FIXED_IV_LEN)
             return 0;
         /* Just copy to first part of IV */
-        memcpy(EVP_CIPHER_CTX_iv_noconst(c), ptr, arg);
+        memcpy(c->iv, ptr, arg);
         return 1;
 
     case EVP_CTRL_AEAD_SET_IVLEN:
@@ -3402,7 +3381,7 @@ static int aes_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
             cctx->key_set = 1;
         } while (0);
     if (iv) {
-        memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 15 - cctx->L);
+        memcpy(ctx->iv, iv, 15 - cctx->L);
         cctx->iv_set = 1;
     }
     return 1;
@@ -3421,11 +3400,11 @@ static int aes_ccm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         memcpy(out, EVP_CIPHER_CTX_buf_noconst(ctx),
                EVP_CCM_TLS_EXPLICIT_IV_LEN);
     /* Get rest of IV from explicit IV */
-    memcpy(EVP_CIPHER_CTX_iv_noconst(ctx) + EVP_CCM_TLS_FIXED_IV_LEN, in,
+    memcpy(ctx->iv + EVP_CCM_TLS_FIXED_IV_LEN, in,
            EVP_CCM_TLS_EXPLICIT_IV_LEN);
     /* Correct length value */
     len -= EVP_CCM_TLS_EXPLICIT_IV_LEN + cctx->M;
-    if (CRYPTO_ccm128_setiv(ccm, EVP_CIPHER_CTX_iv_noconst(ctx), 15 - cctx->L,
+    if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L,
                             len))
             return -1;
     /* Use saved AAD */
@@ -3477,7 +3456,7 @@ static int aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 
     if (!out) {
         if (!in) {
-            if (CRYPTO_ccm128_setiv(ccm, EVP_CIPHER_CTX_iv_noconst(ctx),
+            if (CRYPTO_ccm128_setiv(ccm, ctx->iv,
                                     15 - cctx->L, len))
                 return -1;
             cctx->len_set = 1;
@@ -3496,8 +3475,7 @@ static int aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 
     /* If not set length yet do it */
     if (!cctx->len_set) {
-        if (CRYPTO_ccm128_setiv(ccm, EVP_CIPHER_CTX_iv_noconst(ctx),
-                                15 - cctx->L, len))
+        if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L, len))
             return -1;
         cctx->len_set = 1;
     }
@@ -3564,8 +3542,8 @@ static int aes_wrap_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
             wctx->iv = NULL;
     }
     if (iv) {
-        memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, EVP_CIPHER_CTX_iv_length(ctx));
-        wctx->iv = EVP_CIPHER_CTX_iv_noconst(ctx);
+        memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+        wctx->iv = ctx->iv;
     }
     return 1;
 }
@@ -3729,7 +3707,7 @@ static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
         octx->key_set = 0;
         octx->iv_set = 0;
         octx->ivlen = EVP_CIPHER_iv_length(c->cipher);
-        octx->iv = EVP_CIPHER_CTX_iv_noconst(c);
+        octx->iv = c->iv;
         octx->taglen = 16;
         octx->data_buf_len = 0;
         octx->aad_buf_len = 0;
diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c
index aa3b9d354e..f787d014d2 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha1.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha1.c
@@ -26,6 +26,7 @@
 #include "crypto/modes.h"
 #include "crypto/evp.h"
 #include "internal/constant_time.h"
+#include "evp_local.h"
 
 typedef struct {
     AES_KEY ks;
@@ -438,8 +439,7 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
             && (blocks = (plen - (sha_off + iv)) / SHA_CBLOCK)) {
             SHA1_Update(&key->md, in + iv, sha_off);
 
-            aesni_cbc_sha1_enc(in, out, blocks, &key->ks,
-                               EVP_CIPHER_CTX_iv_noconst(ctx),
+            aesni_cbc_sha1_enc(in, out, blocks, &key->ks, ctx->iv,
                                &key->md, in + iv + sha_off);
             blocks *= SHA_CBLOCK;
             aes_off += blocks;
@@ -471,10 +471,10 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                 out[plen] = l;
             /* encrypt HMAC|padding at once */
             aesni_cbc_encrypt(out + aes_off, out + aes_off, len - aes_off,
-                              &key->ks, EVP_CIPHER_CTX_iv_noconst(ctx), 1);
+                              &key->ks, ctx->iv, 1);
         } else {
             aesni_cbc_encrypt(in + aes_off, out + aes_off, len - aes_off,
-                              &key->ks, EVP_CIPHER_CTX_iv_noconst(ctx), 1);
+                              &key->ks, ctx->iv, 1);
         }
     } else {
         union {
@@ -504,7 +504,7 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                     return 0;
 
                 /* omit explicit iv */
-                memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), in, AES_BLOCK_SIZE);
+                memcpy(ctx->iv, in, AES_BLOCK_SIZE);
 
                 in += AES_BLOCK_SIZE;
                 out += AES_BLOCK_SIZE;
@@ -525,7 +525,7 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 # endif
                 /* decrypt HMAC|padding at once */
                 aesni_cbc_encrypt(in, out, len, &key->ks,
-                                  EVP_CIPHER_CTX_iv_noconst(ctx), 0);
+                                  ctx->iv, 0);
 
             /* figure out payload length */
             pad = out[len - 1];
@@ -761,7 +761,7 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 # endif
                 /* decrypt HMAC|padding at once */
                 aesni_cbc_encrypt(in, out, len, &key->ks,
-                                  EVP_CIPHER_CTX_iv_noconst(ctx), 0);
+                                  ctx->iv, 0);
 
             SHA1_Update(&key->md, out, len);
         }
diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c b/crypto/evp/e_aes_cbc_hmac_sha256.c
index 72508c9851..6227002395 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha256.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha256.c
@@ -26,6 +26,7 @@
 #include "crypto/modes.h"
 #include "internal/constant_time.h"
 #include "crypto/evp.h"
+#include "evp_local.h"
 
 typedef struct {
     AES_KEY ks;
@@ -468,8 +469,7 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx,
             SHA256_Update(&key->md, in + iv, sha_off);
 
             (void)aesni_cbc_sha256_enc(in, out, blocks, &key->ks,
-                                       EVP_CIPHER_CTX_iv_noconst(ctx),
-                                       &key->md, in + iv + sha_off);
+                                       ctx->iv, &key->md, in + iv + sha_off);
             blocks *= SHA256_CBLOCK;
             aes_off += blocks;
             sha_off += blocks;
@@ -500,10 +500,10 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx,
                 out[plen] = l;
             /* encrypt HMAC|padding at once */
             aesni_cbc_encrypt(out + aes_off, out + aes_off, len - aes_off,
-                              &key->ks, EVP_CIPHER_CTX_iv_noconst(ctx), 1);
+                              &key->ks, ctx->iv, 1);
         } else {
             aesni_cbc_encrypt(in + aes_off, out + aes_off, len - aes_off,
-                              &key->ks, EVP_CIPHER_CTX_iv_noconst(ctx), 1);
+                              &key->ks, ctx->iv, 1);
         }
     } else {
         union {
@@ -516,7 +516,7 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx,
 
         /* decrypt HMAC|padding at once */
         aesni_cbc_encrypt(in, out, len, &key->ks,
-                          EVP_CIPHER_CTX_iv_noconst(ctx), 0);
+                          ctx->iv, 0);
 
         if (plen != NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */
             size_t inp_len, mask, j, i;
diff --git a/crypto/evp/e_aria.c b/crypto/evp/e_aria.c
index ba654f6b94..438693265d 100644
--- a/crypto/evp/e_aria.c
+++ b/crypto/evp/e_aria.c
@@ -173,8 +173,7 @@ static int aria_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     unsigned int num = EVP_CIPHER_CTX_num(ctx);
     EVP_ARIA_KEY *dat = EVP_C_DATA(EVP_ARIA_KEY,ctx);
 
-    CRYPTO_ctr128_encrypt(in, out, len, &dat->ks,
-                          EVP_CIPHER_CTX_iv_noconst(ctx),
+    CRYPTO_ctr128_encrypt(in, out, len, &dat->ks, ctx->iv,
                           EVP_CIPHER_CTX_buf_noconst(ctx), &num,
                           (block128_f) aria_encrypt);
     EVP_CIPHER_CTX_set_num(ctx, num);
@@ -252,7 +251,7 @@ static int aria_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
         gctx->key_set = 0;
         gctx->iv_set = 0;
         gctx->ivlen = EVP_CIPHER_iv_length(c->cipher);
-        gctx->iv = EVP_CIPHER_CTX_iv_noconst(c);
+        gctx->iv = c->iv;
         gctx->taglen = -1;
         gctx->iv_gen = 0;
         gctx->tls_aad_len = -1;
@@ -267,7 +266,7 @@ static int aria_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
             return 0;
         /* Allocate memory for IV if needed */
         if ((arg > EVP_MAX_IV_LENGTH) && (arg > gctx->ivlen)) {
-            if (gctx->iv != EVP_CIPHER_CTX_iv_noconst(c))
+            if (gctx->iv != c->iv)
                 OPENSSL_free(gctx->iv);
             if ((gctx->iv = OPENSSL_malloc(arg)) == NULL) {
                 EVPerr(EVP_F_ARIA_GCM_CTRL, ERR_R_MALLOC_FAILURE);
@@ -371,8 +370,8 @@ static int aria_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
                     return 0;
                 gctx_out->gcm.key = &gctx_out->ks;
             }
-            if (gctx->iv == EVP_CIPHER_CTX_iv_noconst(c))
-                gctx_out->iv = EVP_CIPHER_CTX_iv_noconst(out);
+            if (gctx->iv == c->iv)
+                gctx_out->iv = out->iv;
             else {
                 if ((gctx_out->iv = OPENSSL_malloc(gctx->ivlen)) == NULL) {
                     EVPerr(EVP_F_ARIA_GCM_CTRL, ERR_R_MALLOC_FAILURE);
@@ -493,7 +492,7 @@ static int aria_gcm_cleanup(EVP_CIPHER_CTX *ctx)
 {
     EVP_ARIA_GCM_CTX *gctx = EVP_C_DATA(EVP_ARIA_GCM_CTX, ctx);
 
-    if (gctx->iv != EVP_CIPHER_CTX_iv_noconst(ctx))
+    if (gctx->iv != ctx->iv)
         OPENSSL_free(gctx->iv);
 
     return 1;
@@ -521,7 +520,7 @@ static int aria_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
         cctx->key_set = 1;
     }
     if (iv) {
-        memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 15 - cctx->L);
+        memcpy(ctx->iv, iv, 15 - cctx->L);
         cctx->iv_set = 1;
     }
     return 1;
@@ -577,7 +576,7 @@ static int aria_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
         if (arg != EVP_CCM_TLS_FIXED_IV_LEN)
             return 0;
         /* Just copy to first part of IV */
-        memcpy(EVP_CIPHER_CTX_iv_noconst(c), ptr, arg);
+        memcpy(c->iv, ptr, arg);
         return 1;
 
     case EVP_CTRL_AEAD_SET_IVLEN:
@@ -641,11 +640,11 @@ static int aria_ccm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         memcpy(out, EVP_CIPHER_CTX_buf_noconst(ctx),
                EVP_CCM_TLS_EXPLICIT_IV_LEN);
     /* Get rest of IV from explicit IV */
-    memcpy(EVP_CIPHER_CTX_iv_noconst(ctx) + EVP_CCM_TLS_FIXED_IV_LEN, in,
+    memcpy(ctx->iv + EVP_CCM_TLS_FIXED_IV_LEN, in,
            EVP_CCM_TLS_EXPLICIT_IV_LEN);
     /* Correct length value */
     len -= EVP_CCM_TLS_EXPLICIT_IV_LEN + cctx->M;
-    if (CRYPTO_ccm128_setiv(ccm, EVP_CIPHER_CTX_iv_noconst(ctx), 15 - cctx->L,
+    if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L,
                             len))
             return -1;
     /* Use saved AAD */
@@ -696,8 +695,7 @@ static int aria_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 
     if (!out) {
         if (!in) {
-            if (CRYPTO_ccm128_setiv(ccm, EVP_CIPHER_CTX_iv_noconst(ctx),
-                                    15 - cctx->L, len))
+            if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L, len))
                 return -1;
             cctx->len_set = 1;
             return len;
@@ -715,8 +713,7 @@ static int aria_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 
     /* If not set length yet do it */
     if (!cctx->len_set) {
-        if (CRYPTO_ccm128_setiv(ccm, EVP_CIPHER_CTX_iv_noconst(ctx),
-                                15 - cctx->L, len))
+        if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L, len))
             return -1;
         cctx->len_set = 1;
     }
diff --git a/crypto/evp/e_bf.c b/crypto/evp/e_bf.c
index c9ca56dc70..9e240d1124 100644
--- a/crypto/evp/e_bf.c
+++ b/crypto/evp/e_bf.c
@@ -20,6 +20,7 @@
 # include "crypto/evp.h"
 # include <openssl/objects.h>
 # include <openssl/blowfish.h>
+# include "evp_local.h"
 
 static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                        const unsigned char *iv, int enc);
diff --git a/crypto/evp/e_camellia.c b/crypto/evp/e_camellia.c
index e9a29930fc..79ac163e3a 100644
--- a/crypto/evp/e_camellia.c
+++ b/crypto/evp/e_camellia.c
@@ -23,6 +23,7 @@
 #include "crypto/evp.h"
 #include "crypto/modes.h"
 #include "crypto/cmll_platform.h"
+#include "evp_local.h"
 
 static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                              const unsigned char *iv, int enc);
@@ -219,15 +220,12 @@ static int camellia_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
 
     if (dat->stream.cbc)
-        (*dat->stream.cbc) (in, out, len, &dat->ks,
-                            EVP_CIPHER_CTX_iv_noconst(ctx),
+        (*dat->stream.cbc) (in, out, len, &dat->ks, ctx->iv,
                             EVP_CIPHER_CTX_encrypting(ctx));
     else if (EVP_CIPHER_CTX_encrypting(ctx))
-        CRYPTO_cbc128_encrypt(in, out, len, &dat->ks,
-                              EVP_CIPHER_CTX_iv_noconst(ctx), dat->block);
+        CRYPTO_cbc128_encrypt(in, out, len, &dat->ks, ctx->iv, dat->block);
     else
-        CRYPTO_cbc128_decrypt(in, out, len, &dat->ks,
-                              EVP_CIPHER_CTX_iv_noconst(ctx), dat->block);
+        CRYPTO_cbc128_decrypt(in, out, len, &dat->ks, ctx->iv, dat->block);
 
     return 1;
 }
@@ -254,8 +252,7 @@ static int camellia_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
 
     int num = EVP_CIPHER_CTX_num(ctx);
-    CRYPTO_ofb128_encrypt(in, out, len, &dat->ks,
-                          EVP_CIPHER_CTX_iv_noconst(ctx), &num, dat->block);
+    CRYPTO_ofb128_encrypt(in, out, len, &dat->ks, ctx->iv, &num, dat->block);
     EVP_CIPHER_CTX_set_num(ctx, num);
     return 1;
 }
@@ -266,8 +263,8 @@ static int camellia_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
 
     int num = EVP_CIPHER_CTX_num(ctx);
-    CRYPTO_cfb128_encrypt(in, out, len, &dat->ks,
-                          EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
+    CRYPTO_cfb128_encrypt(in, out, len, &dat->ks, ctx->iv, &num,
+                          EVP_CIPHER_CTX_encrypting(ctx), dat->block);
     EVP_CIPHER_CTX_set_num(ctx, num);
     return 1;
 }
@@ -278,8 +275,8 @@ static int camellia_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
 
     int num = EVP_CIPHER_CTX_num(ctx);
-    CRYPTO_cfb128_8_encrypt(in, out, len, &dat->ks,
-                            EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
+    CRYPTO_cfb128_8_encrypt(in, out, len, &dat->ks, ctx->iv, &num,
+                            EVP_CIPHER_CTX_encrypting(ctx), dat->block);
     EVP_CIPHER_CTX_set_num(ctx, num);
     return 1;
 }
@@ -291,8 +288,8 @@ static int camellia_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 
     if (EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS)) {
         int num = EVP_CIPHER_CTX_num(ctx);
-        CRYPTO_cfb128_1_encrypt(in, out, len, &dat->ks,
-                                EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
+        CRYPTO_cfb128_1_encrypt(in, out, len, &dat->ks, ctx->iv, &num,
+                                EVP_CIPHER_CTX_encrypting(ctx), dat->block);
         EVP_CIPHER_CTX_set_num(ctx, num);
         return 1;
     }
@@ -300,7 +297,7 @@ static int camellia_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     while (len >= MAXBITCHUNK) {
         int num = EVP_CIPHER_CTX_num(ctx);
         CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks,
-                                EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
+                                ctx->iv, &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
         EVP_CIPHER_CTX_set_num(ctx, num);
         len -= MAXBITCHUNK;
         out += MAXBITCHUNK;
@@ -309,7 +306,7 @@ static int camellia_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     if (len) {
         int num = EVP_CIPHER_CTX_num(ctx);
         CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks,
-                                EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
+                                ctx->iv, &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
         EVP_CIPHER_CTX_set_num(ctx, num);
     }
 
@@ -323,13 +320,11 @@ static int camellia_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
 
     if (dat->stream.ctr)
-        CRYPTO_ctr128_encrypt_ctr32(in, out, len, &dat->ks,
-                                    EVP_CIPHER_CTX_iv_noconst(ctx),
+        CRYPTO_ctr128_encrypt_ctr32(in, out, len, &dat->ks, ctx->iv,
                                     EVP_CIPHER_CTX_buf_noconst(ctx), &num,
                                     dat->stream.ctr);
     else
-        CRYPTO_ctr128_encrypt(in, out, len, &dat->ks,
-                              EVP_CIPHER_CTX_iv_noconst(ctx),
+        CRYPTO_ctr128_encrypt(in, out, len, &dat->ks, ctx->iv,
                               EVP_CIPHER_CTX_buf_noconst(ctx), &num,
                               dat->block);
     EVP_CIPHER_CTX_set_num(ctx, num);
diff --git a/crypto/evp/e_cast.c b/crypto/evp/e_cast.c
index 9ee06d060b..8325a5f8d2 100644
--- a/crypto/evp/e_cast.c
+++ b/crypto/evp/e_cast.c
@@ -21,6 +21,7 @@
 # include <openssl/objects.h>
 # include "crypto/evp.h"
 # include <openssl/cast.h>
+# include "evp_local.h"
 
 static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                          const unsigned char *iv, int enc);
diff --git a/crypto/evp/e_des.c b/crypto/evp/e_des.c
index 9d8af99d92..d3b2206bb7 100644
--- a/crypto/evp/e_des.c
+++ b/crypto/evp/e_des.c
@@ -21,6 +21,7 @@
 # include "crypto/evp.h"
 # include <openssl/des.h>
 # include <openssl/rand.h>
+# include "evp_local.h"
 
 typedef struct {
     union {
@@ -75,7 +76,7 @@ static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         int num = EVP_CIPHER_CTX_num(ctx);
         DES_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK,
                           EVP_CIPHER_CTX_get_cipher_data(ctx),
-                          (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), &num);
+                          (DES_cblock *)ctx->iv, &num);
         EVP_CIPHER_CTX_set_num(ctx, num);
         inl -= EVP_MAXCHUNK;
         in += EVP_MAXCHUNK;
@@ -85,7 +86,7 @@ static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         int num = EVP_CIPHER_CTX_num(ctx);
         DES_ofb64_encrypt(in, out, (long)inl,
                           EVP_CIPHER_CTX_get_cipher_data(ctx),
-                          (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), &num);
+                          (DES_cblock *)ctx->iv, &num);
         EVP_CIPHER_CTX_set_num(ctx, num);
     }
     return 1;
@@ -97,14 +98,13 @@ static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     EVP_DES_KEY *dat = (EVP_DES_KEY *) EVP_CIPHER_CTX_get_cipher_data(ctx);
 
     if (dat->stream.cbc != NULL) {
-        (*dat->stream.cbc) (in, out, inl, &dat->ks.ks,
-                            EVP_CIPHER_CTX_iv_noconst(ctx));
+        (*dat->stream.cbc) (in, out, inl, &dat->ks.ks, ctx->iv);
         return 1;
     }
     while (inl >= EVP_MAXCHUNK) {
         DES_ncbc_encrypt(in, out, (long)EVP_MAXCHUNK,
                          EVP_CIPHER_CTX_get_cipher_data(ctx),
-                         (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx),
+                         (DES_cblock *)ctx->iv,
                          EVP_CIPHER_CTX_encrypting(ctx));
         inl -= EVP_MAXCHUNK;
         in += EVP_MAXCHUNK;
@@ -113,7 +113,7 @@ static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     if (inl)
         DES_ncbc_encrypt(in, out, (long)inl,
                          EVP_CIPHER_CTX_get_cipher_data(ctx),
-                         (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx),
+                         (DES_cblock *)ctx->iv,
                          EVP_CIPHER_CTX_encrypting(ctx));
     return 1;
 }
@@ -125,7 +125,7 @@ static int des_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         int num = EVP_CIPHER_CTX_num(ctx);
         DES_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK,
                           EVP_CIPHER_CTX_get_cipher_data(ctx),
-                          (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), &num,
+                          (DES_cblock *)ctx->iv, &num,
                           EVP_CIPHER_CTX_encrypting(ctx));
         EVP_CIPHER_CTX_set_num(ctx, num);
         inl -= EVP_MAXCHUNK;
@@ -136,7 +136,7 @@ static int des_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         int num = EVP_CIPHER_CTX_num(ctx);
         DES_cfb64_encrypt(in, out, (long)inl,
                           EVP_CIPHER_CTX_get_cipher_data(ctx),
-                          (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx), &num,
+                          (DES_cblock *)ctx->iv, &num,
                           EVP_CIPHER_CTX_encrypting(ctx));
         EVP_CIPHER_CTX_set_num(ctx, num);
     }
@@ -160,7 +160,7 @@ static int des_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         for (n = 0; n < chunk * 8; ++n) {
             c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
             DES_cfb_encrypt(c, d, 1, 1, EVP_CIPHER_CTX_get_cipher_data(ctx),
-                            (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx),
+                            (DES_cblock *)ctx->iv,
                             EVP_CIPHER_CTX_encrypting(ctx));
             out[n / 8] =
                 (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8))) |
@@ -182,7 +182,7 @@ static int des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     while (inl >= EVP_MAXCHUNK) {
         DES_cfb_encrypt(in, out, 8, (long)EVP_MAXCHUNK,
                         EVP_CIPHER_CTX_get_cipher_data(ctx),
-                        (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx),
+                        (DES_cblock *)ctx->iv,
                         EVP_CIPHER_CTX_encrypting(ctx));
         inl -= EVP_MAXCHUNK;
         in += EVP_MAXCHUNK;
@@ -191,7 +191,7 @@ static int des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     if (inl)
         DES_cfb_encrypt(in, out, 8, (long)inl,
                         EVP_CIPHER_CTX_get_cipher_data(ctx),
-                        (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx),
+                        (DES_cblock *)ctx->iv,
                         EVP_CIPHER_CTX_encrypting(ctx));
     return 1;
 }
diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c
index 3f7802ef1f..be4030895a 100644
--- a/crypto/evp/e_des3.c
+++ b/crypto/evp/e_des3.c
@@ -87,7 +87,7 @@ static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         DES_ede3_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK,
                                &data(ctx)->ks1, &data(ctx)->ks2,
                                &data(ctx)->ks3,
-                               (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx),
+                               (DES_cblock *)ctx->iv,
                                &num);
         EVP_CIPHER_CTX_set_num(ctx, num);
         inl -= EVP_MAXCHUNK;
@@ -99,7 +99,7 @@ static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         DES_ede3_ofb64_encrypt(in, out, (long)inl,
                                &data(ctx)->ks1, &data(ctx)->ks2,
                                &data(ctx)->ks3,
-                               (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx),
+                               (DES_cblock *)ctx->iv,
                                &num);
         EVP_CIPHER_CTX_set_num(ctx, num);
     }
@@ -113,14 +113,14 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 
     if (dat->stream.cbc != NULL) {
         (*dat->stream.cbc) (in, out, inl, dat->ks.ks,
-                            EVP_CIPHER_CTX_iv_noconst(ctx));
+                            ctx->iv);
         return 1;
     }
 
     while (inl >= EVP_MAXCHUNK) {
         DES_ede3_cbc_encrypt(in, out, (long)EVP_MAXCHUNK,
                              &dat->ks1, &dat->ks2, &dat->ks3,
-                             (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx),
+                             (DES_cblock *)ctx->iv,
                              EVP_CIPHER_CTX_encrypting(ctx));
         inl -= EVP_MAXCHUNK;
         in += EVP_MAXCHUNK;
@@ -129,7 +129,7 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     if (inl)
         DES_ede3_cbc_encrypt(in, out, (long)inl,
                              &dat->ks1, &dat->ks2, &dat->ks3,
-                             (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx),
+                             (DES_cblock *)ctx->iv,
                              EVP_CIPHER_CTX_encrypting(ctx));
     return 1;
 }
@@ -141,8 +141,7 @@ static int des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         int num = EVP_CIPHER_CTX_num(ctx);
         DES_ede3_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK,
                                &data(ctx)->ks1, &data(ctx)->ks2,
-                               &data(ctx)->ks3,
-                               (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx),
+                               &data(ctx)->ks3, (DES_cblock *)ctx->iv,
                                &num, EVP_CIPHER_CTX_encrypting(ctx));
         EVP_CIPHER_CTX_set_num(ctx, num);
         inl -= EVP_MAXCHUNK;
@@ -153,8 +152,7 @@ static int des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         int num = EVP_CIPHER_CTX_num(ctx);
         DES_ede3_cfb64_encrypt(in, out, (long)inl,
                                &data(ctx)->ks1, &data(ctx)->ks2,
-                               &data(ctx)->ks3,
-                               (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx),
+                               &data(ctx)->ks3, (DES_cblock *)ctx->iv,
                                &num, EVP_CIPHER_CTX_encrypting(ctx));
         EVP_CIPHER_CTX_set_num(ctx, num);
     }
@@ -177,8 +175,7 @@ static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
         DES_ede3_cfb_encrypt(c, d, 1, 1,
                              &data(ctx)->ks1, &data(ctx)->ks2,
-                             &data(ctx)->ks3,
-                             (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx),
+                             &data(ctx)->ks3, (DES_cblock *)ctx->iv,
                              EVP_CIPHER_CTX_encrypting(ctx));
         out[n / 8] = (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8)))
             | ((d[0] & 0x80) >> (unsigned int)(n % 8));
@@ -193,8 +190,7 @@ static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     while (inl >= EVP_MAXCHUNK) {
         DES_ede3_cfb_encrypt(in, out, 8, (long)EVP_MAXCHUNK,
                              &data(ctx)->ks1, &data(ctx)->ks2,
-                             &data(ctx)->ks3,
-                             (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx),
+                             &data(ctx)->ks3, (DES_cblock *)ctx->iv,
                              EVP_CIPHER_CTX_encrypting(ctx));
         inl -= EVP_MAXCHUNK;
         in += EVP_MAXCHUNK;
@@ -203,8 +199,7 @@ static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     if (inl)
         DES_ede3_cfb_encrypt(in, out, 8, (long)inl,
                              &data(ctx)->ks1, &data(ctx)->ks2,
-                             &data(ctx)->ks3,
-                             (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx),
+                             &data(ctx)->ks3, (DES_cblock *)ctx->iv,
                              EVP_CIPHER_CTX_encrypting(ctx));
     return 1;
 }
@@ -330,7 +325,7 @@ static int des_ede3_unwrap(EVP_CIPHER_CTX *ctx, unsigned char *out,
         return -1;
     if (out == NULL)
         return inl - 16;
-    memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), wrap_iv, 8);
+    memcpy(ctx->iv, wrap_iv, 8);
     /* Decrypt first block which will end up as icv */
     des_ede_cbc_cipher(ctx, icv, in, 8);
     /* Decrypt central blocks */
@@ -348,7 +343,7 @@ static int des_ede3_unwrap(EVP_CIPHER_CTX *ctx, unsigned char *out,
     /* Reverse order of everything */
     BUF_reverse(icv, NULL, 8);
     BUF_reverse(out, NULL, inl - 16);
-    BUF_reverse(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 8);
+    BUF_reverse(ctx->iv, iv, 8);
     /* Decrypt again using new IV */
     des_ede_cbc_cipher(ctx, out, out, inl - 16);
     des_ede_cbc_cipher(ctx, icv, icv, 8);
@@ -360,7 +355,7 @@ static int des_ede3_unwrap(EVP_CIPHER_CTX *ctx, unsigned char *out,
     OPENSSL_cleanse(icv, 8);
     OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH);
     OPENSSL_cleanse(iv, 8);
-    OPENSSL_cleanse(EVP_CIPHER_CTX_iv_noconst(ctx), 8);
+    OPENSSL_cleanse(ctx->iv, 8);
     if (rv == -1)
         OPENSSL_cleanse(out, inl - 16);
 
@@ -380,13 +375,13 @@ static int des_ede3_wrap(EVP_CIPHER_CTX *ctx, unsigned char *out,
     memcpy(out + inl + 8, sha1tmp, 8);
     OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH);
     /* Generate random IV */
-    if (RAND_bytes(EVP_CIPHER_CTX_iv_noconst(ctx), 8) <= 0)
+    if (RAND_bytes(ctx->iv, 8) <= 0)
         return -1;
-    memcpy(out, EVP_CIPHER_CTX_iv_noconst(ctx), 8);
+    memcpy(out, ctx->iv, 8);
     /* Encrypt everything after IV in place */
     des_ede_cbc_cipher(ctx, out + 8, out + 8, inl + 8);
     BUF_reverse(out, NULL, inl + 16);
-    memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), wrap_iv, 8);
+    memcpy(ctx->iv, wrap_iv, 8);
     des_ede_cbc_cipher(ctx, out, out, inl + 16);
     return inl + 16;
 }
diff --git a/crypto/evp/e_idea.c b/crypto/evp/e_idea.c
index 43665887da..a4778a2c05 100644
--- a/crypto/evp/e_idea.c
+++ b/crypto/evp/e_idea.c
@@ -22,6 +22,7 @@
 # include <openssl/objects.h>
 # include "crypto/evp.h"
 # include <openssl/idea.h>
+# include "evp_local.h"
 
 /* Can't use IMPLEMENT_BLOCK_CIPHER because IDEA_ecb_encrypt is different */
 
diff --git a/crypto/evp/e_rc2.c b/crypto/evp/e_rc2.c
index 88d8e524cc..a8fb18e72d 100644
--- a/crypto/evp/e_rc2.c
+++ b/crypto/evp/e_rc2.c
@@ -22,6 +22,7 @@
 # include <openssl/objects.h>
 # include "crypto/evp.h"
 # include <openssl/rc2.h>
+# include "evp_local.h"
 
 static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                         const unsigned char *iv, int enc);
@@ -159,9 +160,7 @@ static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
     if (type != NULL) {
         num = rc2_meth_to_magic(c);
         j = EVP_CIPHER_CTX_iv_length(c);
-        i = ASN1_TYPE_set_int_octetstring(type, num,
-                                          (unsigned char *)EVP_CIPHER_CTX_original_iv(c),
-                                          j);
+        i = ASN1_TYPE_set_int_octetstring(type, num, c->oiv, j);
     }
     return i;
 }
diff --git a/crypto/evp/e_seed.c b/crypto/evp/e_seed.c
index 3f223ce936..98c7385f61 100644
--- a/crypto/evp/e_seed.c
+++ b/crypto/evp/e_seed.c
@@ -20,6 +20,7 @@
 #include <assert.h>
 #include <openssl/seed.h>
 #include "crypto/evp.h"
+#include "evp_local.h"
 
 static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                          const unsigned char *iv, int enc);
diff --git a/crypto/evp/e_sm4.c b/crypto/evp/e_sm4.c
index 4653c10a14..96c50cf13f 100644
--- a/crypto/evp/e_sm4.c
+++ b/crypto/evp/e_sm4.c
@@ -15,6 +15,7 @@
 # include <openssl/modes.h>
 # include "crypto/sm4.h"
 # include "crypto/evp.h"
+# include "evp_local.h"
 
 typedef struct {
     SM4_KEY ks;
@@ -74,8 +75,7 @@ static int sm4_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     unsigned int num = EVP_CIPHER_CTX_num(ctx);
     EVP_SM4_KEY *dat = EVP_C_DATA(EVP_SM4_KEY, ctx);
 
-    CRYPTO_ctr128_encrypt(in, out, len, &dat->ks,
-                          EVP_CIPHER_CTX_iv_noconst(ctx),
+    CRYPTO_ctr128_encrypt(in, out, len, &dat->ks, ctx->iv,
                           EVP_CIPHER_CTX_buf_noconst(ctx), &num,
                           (block128_f)SM4_encrypt);
     EVP_CIPHER_CTX_set_num(ctx, num);
diff --git a/crypto/evp/e_xcbc_d.c b/crypto/evp/e_xcbc_d.c
index f2b540e7cf..20756211b0 100644
--- a/crypto/evp/e_xcbc_d.c
+++ b/crypto/evp/e_xcbc_d.c
@@ -22,6 +22,7 @@
 # include <openssl/objects.h>
 # include "crypto/evp.h"
 # include <openssl/des.h>
+# include "evp_local.h"
 
 static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                              const unsigned char *iv, int enc);
@@ -72,7 +73,7 @@ static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 {
     while (inl >= EVP_MAXCHUNK) {
         DES_xcbc_encrypt(in, out, (long)EVP_MAXCHUNK, &data(ctx)->ks,
-                         (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx),
+                         (DES_cblock *)ctx->iv,
                          &data(ctx)->inw, &data(ctx)->outw,
                          EVP_CIPHER_CTX_encrypting(ctx));
         inl -= EVP_MAXCHUNK;
@@ -81,7 +82,7 @@ static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     }
     if (inl)
         DES_xcbc_encrypt(in, out, (long)inl, &data(ctx)->ks,
-                         (DES_cblock *)EVP_CIPHER_CTX_iv_noconst(ctx),
+                         (DES_cblock *)ctx->iv,
                          &data(ctx)->inw, &data(ctx)->outw,
                          EVP_CIPHER_CTX_encrypting(ctx));
     return 1;
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 74d4afdac4..71b5386232 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -971,11 +971,6 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
     case EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS: /* Used by DASYNC */
     default:
         goto end;
-    case EVP_CTRL_GET_IV:
-        set_params = 0;
-        params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV,
-                                                      ptr, sz);
-        break;
     case EVP_CTRL_AEAD_SET_IVLEN:
         if (arg < 0)
             return 0;
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index 9f2165dc59..c4d41518ef 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -203,10 +203,9 @@ int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
 {
     int i = 0;
     unsigned int j;
-    unsigned char *oiv = NULL;
+    unsigned char oiv[EVP_MAX_IV_LENGTH];
 
-    if (type != NULL) {
-        oiv = (unsigned char *)EVP_CIPHER_CTX_original_iv(c);
+    if (type != NULL && EVP_CIPHER_CTX_get_iv(c, oiv, sizeof(oiv))) {
         j = EVP_CIPHER_CTX_iv_length(c);
         OPENSSL_assert(j <= sizeof(c->iv));
         i = ASN1_TYPE_set_octetstring(type, oiv, j);
@@ -436,6 +435,7 @@ int EVP_CIPHER_CTX_tag_length(const EVP_CIPHER_CTX *ctx)
     return ret == 1 ? (int)v : 0;
 }
 
+#ifndef OPENSSL_NO_DEPRECATED_3_0
 const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx)
 {
     int ok;
@@ -460,7 +460,7 @@ const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx)
     OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
 
     params[0] =
-        OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV, (void **)&v,
+        OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV_STATE, (void **)&v,
                                        sizeof(ctx->iv));
     ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
 
@@ -474,12 +474,31 @@ unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx)
     OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
 
     params[0] =
-        OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV, (void **)&v,
+        OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV_STATE, (void **)&v,
                                        sizeof(ctx->iv));
     ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
 
     return ok != 0 ? v : NULL;
 }
+#endif /* OPENSSL_NO_DEPRECATED_3_0_0 */
+
+int EVP_CIPHER_CTX_get_iv_state(EVP_CIPHER_CTX *ctx, void *buf, size_t len)
+{
+    OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+
+    params[0] =
+        OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV_STATE, buf, len);
+    return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+}
+
+int EVP_CIPHER_CTX_get_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len)
+{
+    OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+
+    params[0] =
+        OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV, buf, len);
+    return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+}
 
 unsigned char *EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx)
 {
diff --git a/doc/man3/EVP_CIPHER_CTX_get_iv.pod b/doc/man3/EVP_CIPHER_CTX_get_iv.pod
new file mode 100644
index 0000000000..e099d96dec
--- /dev/null
+++ b/doc/man3/EVP_CIPHER_CTX_get_iv.pod
@@ -0,0 +1,66 @@
+=pod
+
+=head1 NAME
+
+EVP_CIPHER_CTX_get_iv, EVP_CIPHER_CTX_get_iv_state, EVP_CIPHER_CTX_iv, EVP_CIPHER_CTX_original_iv, EVP_CIPHER_CTX_iv_noconst - Routines to inspect EVP_CIPHER_CTX IV data
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_CIPHER_CTX_get_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len);
+ int EVP_CIPHER_CTX_get_iv_state(EVP_CIPHER_CTX *ctx, void *buf, size_t len);
+ const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx);
+ const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx);
+ unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx);
+
+=head1 DESCRIPTION
+
+EVP_CIPHER_CTX_get_iv() and EVP_CIPHER_CTX_get_iv_state() copy initialization
+vector (IV) information from the B<EVP_CIPHER_CTX> into the caller-supplied
+buffer.  L<EVP_CIPHER_CTX_iv_length(3)> can be used to determine an
+appropriate buffer size, and if the supplied buffer is too small, an error
+will be returned (and no data copied).  EVP_CIPHER_CTX_get_iv() accesses the
+("original") IV that was supplied when the B<EVP_CIPHER_CTX> was created, and
+EVP_CIPHER_CTX_get_iv_state() accesses the current "IV state" of the cipher,
+which is updated during cipher operation for certain cipher modes (e.g., CBC
+and OFB).
+
+The functions EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
+EVP_CIPHER_CTX_iv_noconst() are deprecated functions that provide similar (at
+a conceptual level) functionality.  EVP_CIPHER_CTX_iv() returns a pointer to
+the beginning of the "IV state" as maintained internally in the
+B<EVP_CIPHER_CTX>; EVP_CIPHER_CTX_original_iv() returns a pointer to the
+beginning of the ("original") IV, as maintained by the B<EVP_CIPHER_CTX>, that
+was provided when the B<EVP_CIPHER_CTX> was initialized; and
+EVP_CIPHER_CTX_get_iv_noconst() is the same as EVP_CIPHER_CTX_iv() but has a
+different return type for the pointer.
+
+=head1 RETURN VALUES
+
+EVP_CIPHER_CTX_get_iv() and EVP_CIPHER_CTX_get_iv_state() return 1 on success
+and 0 on failure.
+
+The functions EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
+EVP_CIPHER_CTX_iv_noconst() return a pointer to an IV as an array of bytes on
+success, and NULL on failure.
+
+=head1 HISTORY
+
+EVP_CIPHER_CTX_get_iv() and EVP_CIPHER_CTX_get_iv_state() were added in
+OpenSSL 3.0.0.
+
+EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
+EVP_CIPHER_CTX_iv_noconst() were added in OpenSSL 1.1.0, and were deprecated
+in OpenSSL 3.0.0.
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/provider-cipher.pod b/doc/man7/provider-cipher.pod
index ee159ff7eb..d6d544c0ba 100644
--- a/doc/man7/provider-cipher.pod
+++ b/doc/man7/provider-cipher.pod
@@ -240,7 +240,14 @@ The length of the "ivlen" parameter should not exceed that of a B<size_t>.
 
 =item "iv" (B<OSSL_CIPHER_PARAM_IV>) <octet string OR octet ptr>
 
-Gets the IV for the associated cipher ctx.
+Gets the IV used to initialize the associated cipher ctx.
+
+=item "iv-state" (B<OSSL_CIPHER_PARAM_IV_STATE>) <octet string OR octet ptr>
+
+Gets the current pseudo-IV state for the associated cipher ctx, e.g.,
+the previous ciphertext block for CBC mode or the iteratively encrypted IV
+value for OFB mode.  Note that octet pointer access is deprecated and is
+provided only for backwards compatibility with historical libcrypto APIs.
 
 =item "num" (B<OSSL_CIPHER_PARAM_NUM>) <unsigned integer>
 
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
index 9ded000c10..07f7ee15ea 100644
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -311,7 +311,7 @@ static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const uns
 {\
         while(inl>=EVP_MAXCHUNK) {\
             int num = EVP_CIPHER_CTX_num(ctx);\
-            cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \
+            cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, ctx->iv, &num); \
             EVP_CIPHER_CTX_set_num(ctx, num);\
             inl-=EVP_MAXCHUNK;\
             in +=EVP_MAXCHUNK;\
@@ -319,7 +319,7 @@ static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const uns
         }\
         if (inl) {\
             int num = EVP_CIPHER_CTX_num(ctx);\
-            cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \
+            cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, ctx->iv, &num); \
             EVP_CIPHER_CTX_set_num(ctx, num);\
         }\
         return 1;\
@@ -330,13 +330,13 @@ static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const uns
 {\
         while(inl>=EVP_MAXCHUNK) \
             {\
-            cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\
+            cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, ctx->iv, EVP_CIPHER_CTX_encrypting(ctx));\
             inl-=EVP_MAXCHUNK;\
             in +=EVP_MAXCHUNK;\
             out+=EVP_MAXCHUNK;\
             }\
         if (inl)\
-            cprefix##_cbc_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\
+            cprefix##_cbc_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, ctx->iv, EVP_CIPHER_CTX_encrypting(ctx));\
         return 1;\
 }
 
@@ -353,7 +353,7 @@ static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
             ((cbits == 1) \
                 && !EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS) \
                 ? chunk*8 : chunk), \
-            &EVP_C_DATA(kstruct, ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx),\
+            &EVP_C_DATA(kstruct, ctx)->ksched, ctx->iv,\
             &num, EVP_CIPHER_CTX_encrypting(ctx));\
         EVP_CIPHER_CTX_set_num(ctx, num);\
         inl -= chunk;\
diff --git a/include/internal/ktls.h b/include/internal/ktls.h
index 9212bb4343..535e563479 100644
--- a/include/internal/ktls.h
+++ b/include/internal/ktls.h
@@ -346,9 +346,10 @@ static ossl_inline int ktls_configure_crypto(const EVP_CIPHER *c, int tls_versio
 
     if (tls_version == TLS1_2_VERSION &&
         EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) {
-        EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_GET_IV,
-                            EVP_GCM_TLS_FIXED_IV_LEN + EVP_GCM_TLS_EXPLICIT_IV_LEN,
-                            geniv);
+        if (!EVP_CIPHER_CTX_get_iv_state(dd, geniv,
+                                         EVP_GCM_TLS_FIXED_IV_LEN
+                                         + EVP_GCM_TLS_EXPLICIT_IV_LEN))
+            return 0;
         iiv = geniv;
     }
 
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
index b511571fb3..53e68e778b 100644
--- a/include/openssl/core_names.h
+++ b/include/openssl/core_names.h
@@ -53,6 +53,7 @@ extern "C" {
 #define OSSL_CIPHER_PARAM_KEYLEN               "keylen"       /* size_t */
 #define OSSL_CIPHER_PARAM_IVLEN                "ivlen"        /* size_t */
 #define OSSL_CIPHER_PARAM_IV                   "iv"           /* octet_string OR octet_ptr */
+#define OSSL_CIPHER_PARAM_IV_STATE             "iv-state"     /* octet_string OR octet_ptr */
 #define OSSL_CIPHER_PARAM_NUM                  "num"          /* uint */
 #define OSSL_CIPHER_PARAM_ROUNDS               "rounds"       /* uint */
 #define OSSL_CIPHER_PARAM_AEAD_TAG             "tag"          /* octet_string */
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 6ff1e5602e..76e5565f36 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -386,8 +386,7 @@ DEPRECATEDIN_3_0(int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))
 # define         EVP_CTRL_SET_PIPELINE_INPUT_LENS        0x24
 /* Get the IV length used by the cipher */
 # define         EVP_CTRL_GET_IVLEN                      0x25
-/* Get the IV used by the cipher */
-# define         EVP_CTRL_GET_IV                         0x26
+/* 0x26 is unused */
 /* Tell the cipher it's doing a speed test (SIV disallows multiple ops) */
 # define         EVP_CTRL_SET_SPEED                      0x27
 /* Get the unprotectedAttrs from cipher ctx */
@@ -545,9 +544,11 @@ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
 int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
 int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
 int EVP_CIPHER_CTX_tag_length(const EVP_CIPHER_CTX *ctx);
-const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx);
-const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx);
-unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx);
+DEPRECATEDIN_3_0(const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx))
+DEPRECATEDIN_3_0(const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx))
+DEPRECATEDIN_3_0(unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx))
+int EVP_CIPHER_CTX_get_iv_state(EVP_CIPHER_CTX *ctx, void *buf, size_t len);
+int EVP_CIPHER_CTX_get_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len);
 unsigned char *EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx);
 int EVP_CIPHER_CTX_num(const EVP_CIPHER_CTX *ctx);
 int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num);
diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c
index 6cf6a1b111..8f731228d9 100644
--- a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c
+++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c
@@ -234,6 +234,12 @@ static int aes_get_ctx_params(void *vctx, OSSL_PARAM params[])
         ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
         return 0;
     }
+    p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV_STATE);
+    if (p != NULL
+        && !OSSL_PARAM_set_octet_string(p, ctx->base.iv, ctx->base.ivlen)) {
+        ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
+        return 0;
+    }
     return 1;
 }
 
@@ -248,6 +254,7 @@ static const OSSL_PARAM cipher_aes_known_gettable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
     OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL),
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0),
+    OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV_STATE, NULL, 0),
     OSSL_PARAM_END
 };
 const OSSL_PARAM *aes_gettable_ctx_params(void *provctx)
diff --git a/providers/implementations/ciphers/cipher_aes_hw_s390x.inc b/providers/implementations/ciphers/cipher_aes_hw_s390x.inc
index 56e2dc9e38..523e869c79 100644
--- a/providers/implementations/ciphers/cipher_aes_hw_s390x.inc
+++ b/providers/implementations/ciphers/cipher_aes_hw_s390x.inc
@@ -99,6 +99,7 @@ static int s390x_aes_ofb128_cipher_hw(PROV_CIPHER_CTX *dat, unsigned char *out,
         }
     }
 
+    memcpy(dat->iv, adat->plat.s390x.param.kmo_kmf.cv, dat->ivlen);
     adat->plat.s390x.res = n;
     return 1;
 }
@@ -161,6 +162,7 @@ static int s390x_aes_cfb128_cipher_hw(PROV_CIPHER_CTX *dat, unsigned char *out,
         }
     }
 
+    memcpy(dat->iv, adat->plat.s390x.param.kmo_kmf.cv, dat->ivlen);
     adat->plat.s390x.res = n;
     return 1;
 }
@@ -187,6 +189,7 @@ static int s390x_aes_cfb8_cipher_hw(PROV_CIPHER_CTX *dat, unsigned char *out,
 
     s390x_kmf(in, len, out, adat->plat.s390x.fc,
               &adat->plat.s390x.param.kmo_kmf);
+    memcpy(dat->iv, adat->plat.s390x.param.kmo_kmf.cv, dat->ivlen);
     return 1;
 }
 
diff --git a/providers/implementations/ciphers/cipher_aes_ocb.c b/providers/implementations/ciphers/cipher_aes_ocb.c
index 162945f922..7be5c7f5e8 100644
--- a/providers/implementations/ciphers/cipher_aes_ocb.c
+++ b/providers/implementations/ciphers/cipher_aes_ocb.c
@@ -416,6 +416,18 @@ static int aes_ocb_get_ctx_params(void *vctx, OSSL_PARAM params[])
             return 0;
         }
     }
+    p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV_STATE);
+    if (p != NULL) {
+        if (ctx->base.ivlen > p->data_size) {
+            ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH);
+            return 0;
+        }
+        if (!OSSL_PARAM_set_octet_string(p, ctx->base.iv, ctx->base.ivlen)
+            && !OSSL_PARAM_set_octet_ptr(p, &ctx->base.iv, ctx->base.ivlen)) {
+            ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
+            return 0;
+        }
+    }
     p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAG);
     if (p != NULL) {
         if (p->data_type != OSSL_PARAM_OCTET_STRING) {
@@ -436,6 +448,7 @@ static const OSSL_PARAM cipher_ocb_known_gettable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL),
     OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, NULL),
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0),
+    OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV_STATE, NULL, 0),
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
     OSSL_PARAM_END
 };
diff --git a/providers/implementations/ciphers/ciphercommon.c b/providers/implementations/ciphers/ciphercommon.c
index dd25f00db4..a5de18ab3b 100644
--- a/providers/implementations/ciphers/ciphercommon.c
+++ b/providers/implementations/ciphers/ciphercommon.c
@@ -112,6 +112,7 @@ static const OSSL_PARAM cipher_aead_known_gettable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL),
     OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, NULL),
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0),
+    OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV_STATE, NULL, 0),
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
     OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL),
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_GET_IV_GEN, NULL, 0),
@@ -478,6 +479,13 @@ int cipher_generic_get_ctx_params(void *vctx, OSSL_PARAM params[])
         ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
         return 0;
     }
+    p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV_STATE);
+    if (p != NULL
+        && !OSSL_PARAM_set_octet_ptr(p, &ctx->iv, ctx->ivlen)
+        && !OSSL_PARAM_set_octet_string(p, &ctx->iv, ctx->ivlen)) {
+        ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
+        return 0;
+    }
     p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_NUM);
     if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->num)) {
         ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
diff --git a/providers/implementations/ciphers/ciphercommon_ccm.c b/providers/implementations/ciphers/ciphercommon_ccm.c
index 2b9a0687e3..bdbfa74d40 100644
--- a/providers/implementations/ciphers/ciphercommon_ccm.c
+++ b/providers/implementations/ciphers/ciphercommon_ccm.c
@@ -171,6 +171,19 @@ int ccm_get_ctx_params(void *vctx, OSSL_PARAM params[])
         }
     }
 
+    p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV_STATE);
+    if (p != NULL) {
+        if (ccm_get_ivlen(ctx) > p->data_size) {
+            ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN);
+            return 0;
+        }
+        if (!OSSL_PARAM_set_octet_string(p, ctx->iv, p->data_size)
+            && !OSSL_PARAM_set_octet_ptr(p, &ctx->iv, p->data_size)) {
+            ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
+            return 0;
+        }
+    }
+
     p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN);
     if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->keylen)) {
         ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
diff --git a/providers/implementations/ciphers/ciphercommon_gcm.c b/providers/implementations/ciphers/ciphercommon_gcm.c
index 080fcc9bc2..06649b3dc3 100644
--- a/providers/implementations/ciphers/ciphercommon_gcm.c
+++ b/providers/implementations/ciphers/ciphercommon_gcm.c
@@ -154,7 +154,22 @@ int gcm_get_ctx_params(void *vctx, OSSL_PARAM params[])
 
     p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV);
     if (p != NULL) {
-        if (ctx->iv_gen != 1 && ctx->iv_gen_rand != 1)
+        if (ctx->iv_state == IV_STATE_UNINITIALISED)
+            return 0;
+        if (ctx->ivlen > p->data_size) {
+            ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH);
+            return 0;
+        }
+        if (!OSSL_PARAM_set_octet_string(p, ctx->iv, ctx->ivlen)
+            && !OSSL_PARAM_set_octet_ptr(p, &ctx->iv, ctx->ivlen)) {
+            ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
+            return 0;
+        }
+    }
+
+    p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV_STATE);
+    if (p != NULL) {
+        if (ctx->iv_state == IV_STATE_UNINITIALISED)
             return 0;
         if (ctx->ivlen > p->data_size) {
             ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH);
diff --git a/providers/implementations/include/prov/ciphercommon.h b/providers/implementations/include/prov/ciphercommon.h
index 43cec3cc2b..90f6d39d39 100644
--- a/providers/implementations/include/prov/ciphercommon.h
+++ b/providers/implementations/include/prov/ciphercommon.h
@@ -314,7 +314,8 @@ static const OSSL_PARAM name##_known_gettable_ctx_params[] = {                 \
     OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL),                          \
     OSSL_PARAM_uint(OSSL_CIPHER_PARAM_PADDING, NULL),                          \
     OSSL_PARAM_uint(OSSL_CIPHER_PARAM_NUM, NULL),                              \
-    OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0),
+    OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0),                    \
+    OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV_STATE, NULL, 0),
 
 #define CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(name)                           \
     OSSL_PARAM_END                                                             \
diff --git a/test/aesgcmtest.c b/test/aesgcmtest.c
index bacbb8f114..a68ec74d3a 100644
--- a/test/aesgcmtest.c
+++ b/test/aesgcmtest.c
@@ -58,7 +58,7 @@ static int do_encrypt(unsigned char *iv_gen, unsigned char *ct, int *ct_len,
           && TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16,
                                            tag) > 0)
           && TEST_true(iv_gen == NULL
-                  || EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_IV, 12, iv_gen) > 0);
+                  || EVP_CIPHER_CTX_get_iv(ctx, iv_gen, 12));
     EVP_CIPHER_CTX_free(ctx);
     return ret;
 }
diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c
index de615c80ab..4da65a2400 100644
--- a/test/evp_extra_test.c
+++ b/test/evp_extra_test.c
@@ -1813,6 +1813,118 @@ static int test_rand_agglomeration(void)
     return res;
 }
 
+/*
+ * Test that we correctly return the original or "running" IV after
+ * an encryption operation.
+ * Run multiple times for some different relevant algorithms/modes.
+ */
+static int test_evp_iv(int idx)
+{
+    int ret = 0;
+    EVP_CIPHER_CTX *ctx = NULL;
+    unsigned char key[16] = {0x4c, 0x43, 0xdb, 0xdd, 0x42, 0x73, 0x47, 0xd1,
+                             0xe5, 0x62, 0x7d, 0xcd, 0x4d, 0x76, 0x4d, 0x57};
+    unsigned char init_iv[EVP_MAX_IV_LENGTH] =
+        {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b, 0x98, 0x82,
+         0x5a, 0x55, 0x91, 0x81, 0x42, 0xa8, 0x89, 0x34};
+    static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8,
+                                         9, 10, 11, 12, 13, 14, 15, 16 };
+    unsigned char ciphertext[32], oiv[16], iv[16];
+    unsigned char *ref_iv;
+    unsigned char cbc_state[16] = {0x10, 0x2f, 0x05, 0xcc, 0xc2, 0x55, 0x72, 0xb9,
+                                   0x88, 0xe6, 0x4a, 0x17, 0x10, 0x74, 0x22, 0x5e};
+
+    unsigned char ofb_state[16] = {0x76, 0xe6, 0x66, 0x61, 0xd0, 0x8a, 0xe4, 0x64,
+                                   0xdd, 0x66, 0xbf, 0x00, 0xf0, 0xe3, 0x6f, 0xfd};
+    unsigned char gcm_state[12] = {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b,
+                                   0x98, 0x82, 0x5a, 0x55, 0x91, 0x81};
+    unsigned char ccm_state[7] = {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b, 0x98};
+#ifndef OPENSSL_NO_OCB
+    unsigned char ocb_state[12] = {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b,
+                                   0x98, 0x82, 0x5a, 0x55, 0x91, 0x81};
+#endif
+    int len = sizeof(ciphertext);
+    size_t ivlen, ref_len;
+    const EVP_CIPHER *type = NULL;
+
+    switch(idx) {
+    case 0:
+        type = EVP_aes_128_cbc();
+        /* FALLTHROUGH */
+    case 5:
+        type = (type != NULL) ? type :
+                                EVP_CIPHER_fetch(testctx, "aes-128-cbc", NULL);
+        ref_iv = cbc_state;
+        ref_len = sizeof(cbc_state);
+        break;
+    case 1:
+        type = EVP_aes_128_ofb();
+        /* FALLTHROUGH */
+    case 6:
+        type = (type != NULL) ? type :
+                                EVP_CIPHER_fetch(testctx, "aes-128-ofb", NULL);
+        ref_iv = ofb_state;
+        ref_len = sizeof(ofb_state);
+        break;
+    case 2:
+        type = EVP_aes_128_gcm();
+        /* FALLTHROUGH */
+    case 7:
+        type = (type != NULL) ? type :
+                                EVP_CIPHER_fetch(testctx, "aes-128-gcm", NULL);
+        ref_iv = gcm_state;
+        ref_len = sizeof(gcm_state);
+        break;
+    case 3:
+        type = EVP_aes_128_ccm();
+        /* FALLTHROUGH */
+    case 8:
+        type = (type != NULL) ? type :
+                                EVP_CIPHER_fetch(testctx, "aes-128-ccm", NULL);
+        ref_iv = ccm_state;
+        ref_len = sizeof(ccm_state);
+        break;
+#ifdef OPENSSL_NO_OCB
+    case 4:
+    case 9:
+        return 1;
+#else
+    case 4:
+        type = EVP_aes_128_ocb();
+        /* FALLTHROUGH */
+    case 9:
+        type = (type != NULL) ? type :
+                                EVP_CIPHER_fetch(testctx, "aes-128-ocb", NULL);
+        ref_iv = ocb_state;
+        ref_len = sizeof(ocb_state);
+        break;
+#endif
+    default:
+        return 0;
+    }
+
+    if (!TEST_ptr(type)
+            || !TEST_ptr((ctx = EVP_CIPHER_CTX_new()))
+            || !TEST_true(EVP_EncryptInit_ex(ctx, type, NULL, key, init_iv))
+            || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext, &len, msg,
+                          (int)sizeof(msg)))
+            || !TEST_true(EVP_CIPHER_CTX_get_iv(ctx, oiv, sizeof(oiv)))
+            || !TEST_true(EVP_CIPHER_CTX_get_iv_state(ctx, iv, sizeof(iv)))
+            || !TEST_true(EVP_EncryptFinal_ex(ctx, ciphertext, &len)))
+        goto err;
+    ivlen = EVP_CIPHER_CTX_iv_length(ctx);
+    if (!TEST_mem_eq(init_iv, ivlen, oiv, ivlen)
+            || !TEST_mem_eq(ref_iv, ref_len, iv, ivlen))
+        goto err;
+
+    ret = 1;
+err:
+    EVP_CIPHER_CTX_free(ctx);
+    if (idx >= 5)
+        EVP_CIPHER_free((EVP_CIPHER *)type);
+    return ret;
+}
+
 int setup_tests(void)
 {
     testctx = OPENSSL_CTX_new();
@@ -1869,6 +1981,7 @@ int setup_tests(void)
     ADD_ALL_TESTS(test_pkey_ctx_fail_without_provider, 2);
 
     ADD_TEST(test_rand_agglomeration);
+    ADD_ALL_TESTS(test_evp_iv, 10);
 
     return 1;
 }
diff --git a/test/evp_test.c b/test/evp_test.c
index f384a8d863..b980abc944 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -760,12 +760,16 @@ static int cipher_test_enc(EVP_TEST *t, int enc,
     }
 
     /* Check that we get the same IV back */
-    if (expected->iv != NULL
-        && (EVP_CIPHER_flags(expected->cipher) & EVP_CIPH_CUSTOM_IV) == 0
-        && !TEST_mem_eq(expected->iv, expected->iv_len,
-                        EVP_CIPHER_CTX_iv(ctx_base), expected->iv_len)) {
-        t->err = "INVALID_IV";
-        goto err;
+    if (expected->iv != NULL) {
+        /* Some (e.g., GCM) tests use IVs longer than EVP_MAX_IV_LENGTH. */
+        unsigned char iv[128];
+        if (!TEST_true(EVP_CIPHER_CTX_get_iv_state(ctx_base, iv, sizeof(iv)))
+                || ((EVP_CIPHER_flags(expected->cipher) & EVP_CIPH_CUSTOM_IV) == 0
+                    && !TEST_mem_eq(expected->iv, expected->iv_len, iv,
+                                    expected->iv_len))) {
+            t->err = "INVALID_IV";
+            goto err;
+        }
     }
 
     /* Test that the cipher dup functions correctly if it is supported */
diff --git a/util/libcrypto.num b/util/libcrypto.num
index f441232582..d5f7d9826c 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -2004,7 +2004,7 @@ PEM_read_bio_RSA_PUBKEY                 2050	3_0_0	EXIST::FUNCTION:RSA
 OCSP_SINGLERESP_new                     2051	3_0_0	EXIST::FUNCTION:OCSP
 ASN1_SCTX_free                          2052	3_0_0	EXIST::FUNCTION:
 i2d_ECPrivateKey_fp                     2053	3_0_0	EXIST::FUNCTION:EC,STDIO
-EVP_CIPHER_CTX_original_iv              2054	3_0_0	EXIST::FUNCTION:
+EVP_CIPHER_CTX_original_iv              2054	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0
 PKCS7_SIGNED_free                       2055	3_0_0	EXIST::FUNCTION:
 X509_TRUST_get0_name                    2056	3_0_0	EXIST::FUNCTION:
 ENGINE_get_load_pubkey_function         2057	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE
@@ -2046,7 +2046,7 @@ CMS_SignerInfo_cert_cmp                 2092	3_0_0	EXIST::FUNCTION:CMS
 PEM_read                                2093	3_0_0	EXIST::FUNCTION:STDIO
 X509_STORE_set_depth                    2094	3_0_0	EXIST::FUNCTION:
 EC_KEY_METHOD_get_sign                  2095	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,EC
-EVP_CIPHER_CTX_iv                       2096	3_0_0	EXIST::FUNCTION:
+EVP_CIPHER_CTX_iv                       2096	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0
 i2d_ESS_SIGNING_CERT                    2097	3_0_0	EXIST::FUNCTION:
 TS_RESP_set_tst_info                    2098	3_0_0	EXIST::FUNCTION:TS
 EVP_PKEY_CTX_set_data                   2099	3_0_0	EXIST::FUNCTION:
@@ -2840,7 +2840,7 @@ EVP_PKEY_encrypt_init                   2901	3_0_0	EXIST::FUNCTION:
 i2d_RSAPrivateKey_fp                    2902	3_0_0	EXIST::FUNCTION:RSA,STDIO
 X509_REQ_print                          2903	3_0_0	EXIST::FUNCTION:
 RSA_size                                2904	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
-EVP_CIPHER_CTX_iv_noconst               2905	3_0_0	EXIST::FUNCTION:
+EVP_CIPHER_CTX_iv_noconst               2905	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0
 DH_set_default_method                   2906	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
 X509_ALGOR_new                          2907	3_0_0	EXIST::FUNCTION:
 EVP_aes_192_ofb                         2908	3_0_0	EXIST::FUNCTION:
@@ -5250,3 +5250,5 @@ EVP_PKEY_CTX_set_dh_kdf_outlen          ?	3_0_0	EXIST::FUNCTION:DH
 EVP_PKEY_CTX_get_dh_kdf_outlen          ?	3_0_0	EXIST::FUNCTION:DH
 EVP_PKEY_CTX_set0_dh_kdf_ukm            ?	3_0_0	EXIST::FUNCTION:DH
 EVP_PKEY_CTX_get0_dh_kdf_ukm            ?	3_0_0	EXIST::FUNCTION:DH
+EVP_CIPHER_CTX_get_iv_state             ?	3_0_0	EXIST::FUNCTION:
+EVP_CIPHER_CTX_get_iv                   ?	3_0_0	EXIST::FUNCTION:
diff --git a/util/missingcrypto.txt b/util/missingcrypto.txt
index 3e8c62c610..3aa3b5065b 100644
--- a/util/missingcrypto.txt
+++ b/util/missingcrypto.txt
@@ -650,10 +650,7 @@ EVP_CIPHER_CTX_buf_noconst(3)
 EVP_CIPHER_CTX_clear_flags(3)
 EVP_CIPHER_CTX_copy(3)
 EVP_CIPHER_CTX_encrypting(3)
-EVP_CIPHER_CTX_iv(3)
-EVP_CIPHER_CTX_iv_noconst(3)
 EVP_CIPHER_CTX_num(3)
-EVP_CIPHER_CTX_original_iv(3)
 EVP_CIPHER_CTX_rand_key(3)
 EVP_CIPHER_CTX_set_flags(3)
 EVP_CIPHER_CTX_set_num(3)

From openssl at openssl.org  Tue Aug 11 17:15:28 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 11 Aug 2020 17:15:28 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls
Message-ID: <1597166128.521587.27009.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls

Commit log since last time:

04cb5ec0b7 Add 'on demand self test' and status test to providers
dda4e259e5 Add some of the missing CMS API documentation
28ba642779 Change CMS tests to use a library context.
0ab18e7924 Add EVP signature with libctx methods.
11eef7e766 Use libctx for EVP_CIPHER_CTX_rand_key() method.
831564543a Add libctx to ecdh_KDF_X9_63.
57e8420609 Fix EVP_PKEY_CTX_get_rsa_oaep_md() & EVP_PKEY_CTX_get_rsa_mgf1_md() so they use a libctx to retrieve the digest
90a1f2d76f Add libctx support to PKCS7.
45b22d6a35 Add libctx to SMIME ASN1
dcc679cd99 Add internal method x509_set0_libctx().
c1669f41ea Add libctx support to CMS.
82a7b2fb00 rand: fix typo in parameter name
378b163e49 Update gost-engine to fix API rename
97a8878c5d Use .cnf for config files, not .conf
5ccada09aa Add evp_test fixes.
64827f407b drbgtest: avoid a memory leak
7d615e2178 rand_drbg: remove RAND_DRBG.
4df0d37ff6 PROV: Fix MSBLOB / PVK deserializer
90ef39f43a EVP: Fix the returned value for ASN1_PKEY_CTRL_DEFAULT_MD_NID
a7922e208d TEST: Adjust the serdes test to include MSBLOB and PVK
dca51418b0 PEM: Fix i2b_PvK to use EVP_Encrypt calls consistently
37d398c180 PROV: Add MSBLOB and PVK to DSA and RSA deserializers
fb89000897 DESERIALIZER: Adjust to allow the use several deserializers with same name
413835f5d1 PEM: Make general MSBLOB reader functions exposed internally
6ce6ad39fe RSA: Be less strict on PSS parameters when exporting to provider
5f6a0b2ff0 mac: add some consistency to setting the XXX_final output length.
992492f5e8 gettables: documentation changes to pass the provider context.
132b61604b gettables: test changes to pass the provider context.
af5e1e852d gettables: provider changes to pass the provider context.
18ec26babc gettables: core changes to pass the provider context.
c5ec6dcf0b Add new APIs to get PKCS12 secretBag OID and value
15c9aa3aef apps/pkcs12: Change defaults from RC2 to PBES2 with PBKDF2
1b2873e4a1 Prepare for 3.0 alpha 7
e3ec8020b4 Prepare for release of 3.0 alpha 6
0f84cbc3e2 Update copyright year

Build log ended with (last 100 lines):


# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build
80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok

            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 7 - iteration 7
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 8 - iteration 8
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 10 - iteration 10
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 11 - iteration 11
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 12 - iteration 12
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips.cnf => 1
    not ok 9 - running ssl_test 04-client_auth.cnf
# ------------------------------------------------------------------------------
    #   Failed test 'running ssl_test 04-client_auth.cnf'
    #   at ../openssl/test/recipes/80-test_ssl_new.t line 173.
    # Looks like you failed 1 test of 9.
not ok 5 - Test configuration 04-client_auth.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  5
  Non-zero exit status: 1
Files=208, Tests=3304, 875 wallclock secs (12.77 usr  1.24 sys + 810.81 cusr 63.59 csys = 888.41 CPU)
Result: FAIL
Makefile:3178: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls'
Makefile:3176: recipe for target 'tests' failed
make: *** [tests] Error 2

From builds at travis-ci.com  Tue Aug 11 19:03:43 2020
From: builds at travis-ci.com (Travis CI)
Date: Tue, 11 Aug 2020 19:03:43 +0000
Subject: Errored: openssl/openssl#36630 (master - 36b778f)
In-Reply-To: <openssl/openssl+179247725+errored@travis-ci.com>
Message-ID: <5f32eb8f3c4a4_13f7e74db81205813c7@travis-pro-tasks-5b745db759-k5ngx.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36630
Status: Errored

Duration: ?
Commit: 36b778f (master)
Author: Dr. Matthias St. Pierre
Message: README.md: remove incorrect link to openssl.github.io

The link to the OpenSSL Project Pages <openssl.github.io>
actually points to an unfinished draft <mspncp.github.io>.

The original intention of this pet project of mine was to
have a website dedicated to describing the OpenSSL workflow
on GitHub and to answer frequently asked questions related
to pull requests and the review process.

The progress on that project has stalled and I'm not so sure
anymore whether it is good idea to have yet another project
website. In particular since the OpenSSL Wiki has seen some
revival and increased activity caused by the upcoming
OpenSSL 3.0 release.

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12361)

View the changeset: https://github.com/openssl/openssl/compare/33b4f731451b...36b778fbb785

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179247725?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200811/7b32a30e/attachment-0001.html>

From builds at travis-ci.com  Tue Aug 11 19:49:08 2020
From: builds at travis-ci.com (Travis CI)
Date: Tue, 11 Aug 2020 19:49:08 +0000
Subject: Errored: openssl/openssl#36631 (master - 31d2dae)
In-Reply-To: <openssl/openssl+179249142+errored@travis-ci.com>
Message-ID: <5f32f63370bd4_13f7e779fba70709459@travis-pro-tasks-5b745db759-k5ngx.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36631
Status: Errored

Duration: 31 mins and 21 secs
Commit: 31d2dae (master)
Author: Shane Lontis
Message: Add DHX serialization

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12575)

View the changeset: https://github.com/openssl/openssl/compare/36b778fbb785...31d2daecb384

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179249142?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200811/43b889f0/attachment.html>

From openssl at openssl.org  Tue Aug 11 19:58:57 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 11 Aug 2020 19:58:57 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls1_2
Message-ID: <1597175937.791693.14959.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2

Commit log since last time:

04cb5ec0b7 Add 'on demand self test' and status test to providers
dda4e259e5 Add some of the missing CMS API documentation
28ba642779 Change CMS tests to use a library context.
0ab18e7924 Add EVP signature with libctx methods.
11eef7e766 Use libctx for EVP_CIPHER_CTX_rand_key() method.
831564543a Add libctx to ecdh_KDF_X9_63.
57e8420609 Fix EVP_PKEY_CTX_get_rsa_oaep_md() & EVP_PKEY_CTX_get_rsa_mgf1_md() so they use a libctx to retrieve the digest
90a1f2d76f Add libctx support to PKCS7.
45b22d6a35 Add libctx to SMIME ASN1
dcc679cd99 Add internal method x509_set0_libctx().
c1669f41ea Add libctx support to CMS.
82a7b2fb00 rand: fix typo in parameter name
378b163e49 Update gost-engine to fix API rename
97a8878c5d Use .cnf for config files, not .conf
5ccada09aa Add evp_test fixes.
64827f407b drbgtest: avoid a memory leak
7d615e2178 rand_drbg: remove RAND_DRBG.
4df0d37ff6 PROV: Fix MSBLOB / PVK deserializer
90ef39f43a EVP: Fix the returned value for ASN1_PKEY_CTRL_DEFAULT_MD_NID
a7922e208d TEST: Adjust the serdes test to include MSBLOB and PVK
dca51418b0 PEM: Fix i2b_PvK to use EVP_Encrypt calls consistently
37d398c180 PROV: Add MSBLOB and PVK to DSA and RSA deserializers
fb89000897 DESERIALIZER: Adjust to allow the use several deserializers with same name
413835f5d1 PEM: Make general MSBLOB reader functions exposed internally
6ce6ad39fe RSA: Be less strict on PSS parameters when exporting to provider
5f6a0b2ff0 mac: add some consistency to setting the XXX_final output length.
992492f5e8 gettables: documentation changes to pass the provider context.
132b61604b gettables: test changes to pass the provider context.
af5e1e852d gettables: provider changes to pass the provider context.
18ec26babc gettables: core changes to pass the provider context.
c5ec6dcf0b Add new APIs to get PKCS12 secretBag OID and value
15c9aa3aef apps/pkcs12: Change defaults from RC2 to PBES2 with PBKDF2
1b2873e4a1 Prepare for 3.0 alpha 7
e3ec8020b4 Prepare for release of 3.0 alpha 6
0f84cbc3e2 Update copyright year

Build log ended with (last 100 lines):

    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0709D8B2F7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0709D8B2F7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0709D8B2F7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6749
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/e8ue1f_goL default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C030D7E4FC7E0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C030D7E4FC7E0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:846
    # false
    not ok 3 - test_large_message_dtls
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C030D7E4FC7E0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C030D7E4FC7E0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C030D7E4FC7E0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C030D7E4FC7E0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6749
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/e8ue1f_goL fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls.t                   (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 1024 Tests: 31 Failed: 4)
  Failed tests:  5, 8, 17, 19
  Non-zero exit status: 4
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=208, Tests=3306, 883 wallclock secs (13.01 usr  1.25 sys + 821.07 cusr 62.86 csys = 898.19 CPU)
Result: FAIL
Makefile:3172: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2'
Makefile:3170: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Tue Aug 11 22:22:21 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 11 Aug 2020 22:22:21 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls1_2-method
Message-ID: <1597184541.501635.24113.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method

Commit log since last time:

04cb5ec0b7 Add 'on demand self test' and status test to providers
dda4e259e5 Add some of the missing CMS API documentation
28ba642779 Change CMS tests to use a library context.
0ab18e7924 Add EVP signature with libctx methods.
11eef7e766 Use libctx for EVP_CIPHER_CTX_rand_key() method.
831564543a Add libctx to ecdh_KDF_X9_63.
57e8420609 Fix EVP_PKEY_CTX_get_rsa_oaep_md() & EVP_PKEY_CTX_get_rsa_mgf1_md() so they use a libctx to retrieve the digest
90a1f2d76f Add libctx support to PKCS7.
45b22d6a35 Add libctx to SMIME ASN1
dcc679cd99 Add internal method x509_set0_libctx().
c1669f41ea Add libctx support to CMS.
82a7b2fb00 rand: fix typo in parameter name
378b163e49 Update gost-engine to fix API rename
97a8878c5d Use .cnf for config files, not .conf
5ccada09aa Add evp_test fixes.
64827f407b drbgtest: avoid a memory leak
7d615e2178 rand_drbg: remove RAND_DRBG.
4df0d37ff6 PROV: Fix MSBLOB / PVK deserializer
90ef39f43a EVP: Fix the returned value for ASN1_PKEY_CTRL_DEFAULT_MD_NID
a7922e208d TEST: Adjust the serdes test to include MSBLOB and PVK
dca51418b0 PEM: Fix i2b_PvK to use EVP_Encrypt calls consistently
37d398c180 PROV: Add MSBLOB and PVK to DSA and RSA deserializers
fb89000897 DESERIALIZER: Adjust to allow the use several deserializers with same name
413835f5d1 PEM: Make general MSBLOB reader functions exposed internally
6ce6ad39fe RSA: Be less strict on PSS parameters when exporting to provider
5f6a0b2ff0 mac: add some consistency to setting the XXX_final output length.
992492f5e8 gettables: documentation changes to pass the provider context.
132b61604b gettables: test changes to pass the provider context.
af5e1e852d gettables: provider changes to pass the provider context.
18ec26babc gettables: core changes to pass the provider context.
c5ec6dcf0b Add new APIs to get PKCS12 secretBag OID and value
15c9aa3aef apps/pkcs12: Change defaults from RC2 to PBES2 with PBKDF2
1b2873e4a1 Prepare for 3.0 alpha 7
e3ec8020b4 Prepare for release of 3.0 alpha 6
0f84cbc3e2 Update copyright year

Build log ended with (last 100 lines):

    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0706E190F7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0706E190F7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0706E190F7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6749
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/2T57MQu4Bt default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C070D10C1C7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C070D10C1C7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:846
    # false
    not ok 3 - test_large_message_dtls
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C070D10C1C7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C070D10C1C7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C070D10C1C7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C070D10C1C7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6749
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/2T57MQu4Bt fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls.t                   (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 1024 Tests: 31 Failed: 4)
  Failed tests:  5, 8, 17, 19
  Non-zero exit status: 4
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=208, Tests=3306, 865 wallclock secs (13.01 usr  1.26 sys + 801.43 cusr 62.63 csys = 878.33 CPU)
Result: FAIL
Makefile:3178: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method'
Makefile:3176: recipe for target 'tests' failed
make: *** [tests] Error 2

From pauli at openssl.org  Tue Aug 11 22:45:22 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Tue, 11 Aug 2020 22:45:22 +0000
Subject: [openssl]  master update
Message-ID: <1597185922.734547.19776.nullmailer@dev.openssl.org>

The branch master has been updated
       via  1017ab21e478b18dd2d9266955dee7e418932a3c (commit)
      from  520150151bc5993194ba34464220454d8135099d (commit)


- Log -----------------------------------------------------------------
commit 1017ab21e478b18dd2d9266955dee7e418932a3c
Author: Pauli <paul.dale at oracle.com>
Date:   Fri Aug 7 13:20:18 2020 +1000

    provider: add the unused paramater tag to the gettable and settable functions
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12603)

-----------------------------------------------------------------------

Summary of changes:
 providers/implementations/asymciphers/rsa_enc.c              | 4 ++--
 providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c  | 4 ++--
 providers/implementations/ciphers/cipher_aes_ocb.c           | 4 ++--
 providers/implementations/ciphers/cipher_aes_siv.c           | 4 ++--
 providers/implementations/ciphers/cipher_aes_xts.c           | 2 +-
 providers/implementations/ciphers/cipher_chacha20.c          | 4 ++--
 providers/implementations/ciphers/cipher_chacha20_poly1305.c | 3 ++-
 providers/implementations/ciphers/cipher_null.c              | 4 ++--
 providers/implementations/ciphers/cipher_rc4_hmac_md5.c      | 4 ++--
 providers/implementations/ciphers/ciphercommon.c             | 4 ++--
 providers/implementations/digests/md5_sha1_prov.c            | 2 +-
 providers/implementations/digests/mdc2_prov.c                | 2 +-
 providers/implementations/digests/sha2_prov.c                | 2 +-
 providers/implementations/digests/sha3_prov.c                | 2 +-
 providers/implementations/exchange/ecdh_exch.c               | 4 ++--
 providers/implementations/kdfs/hkdf.c                        | 4 ++--
 providers/implementations/kdfs/kbkdf.c                       | 4 ++--
 providers/implementations/kdfs/krb5kdf.c                     | 4 ++--
 providers/implementations/kdfs/pbkdf2.c                      | 4 ++--
 providers/implementations/kdfs/scrypt.c                      | 4 ++--
 providers/implementations/kdfs/sshkdf.c                      | 4 ++--
 providers/implementations/kdfs/sskdf.c                       | 4 ++--
 providers/implementations/kdfs/tls1_prf.c                    | 4 ++--
 providers/implementations/kdfs/x942kdf.c                     | 4 ++--
 providers/implementations/macs/blake2_mac_impl.c             | 4 ++--
 providers/implementations/macs/cmac_prov.c                   | 4 ++--
 providers/implementations/macs/gmac_prov.c                   | 2 +-
 providers/implementations/macs/hmac_prov.c                   | 4 ++--
 providers/implementations/macs/kmac_prov.c                   | 4 ++--
 providers/implementations/macs/poly1305_prov.c               | 2 +-
 providers/implementations/macs/siphash_prov.c                | 2 +-
 providers/implementations/rands/drbg_ctr.c                   | 4 ++--
 providers/implementations/rands/drbg_hash.c                  | 4 ++--
 providers/implementations/rands/drbg_hmac.c                  | 4 ++--
 providers/implementations/rands/test_rng.c                   | 4 ++--
 providers/implementations/serializers/serializer_dh_priv.c   | 2 +-
 providers/implementations/serializers/serializer_dsa_priv.c  | 2 +-
 providers/implementations/serializers/serializer_ec_priv.c   | 2 +-
 providers/implementations/serializers/serializer_ecx_priv.c  | 2 +-
 providers/implementations/serializers/serializer_rsa_priv.c  | 2 +-
 providers/implementations/signature/dsa.c                    | 4 ++--
 providers/implementations/signature/ecdsa.c                  | 4 ++--
 providers/implementations/signature/rsa.c                    | 4 ++--
 43 files changed, 73 insertions(+), 72 deletions(-)

diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c
index 2528cd2dc4..817f705b53 100644
--- a/providers/implementations/asymciphers/rsa_enc.c
+++ b/providers/implementations/asymciphers/rsa_enc.c
@@ -382,7 +382,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *rsa_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *rsa_gettable_ctx_params(ossl_unused void *provctx)
 {
     return known_gettable_ctx_params;
 }
@@ -526,7 +526,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *rsa_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *rsa_settable_ctx_params(ossl_unused void *provctx)
 {
     return known_settable_ctx_params;
 }
diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c
index 8f731228d9..ae853b7eb9 100644
--- a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c
+++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c
@@ -59,7 +59,7 @@ static const OSSL_PARAM cipher_aes_known_settable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
     OSSL_PARAM_END
 };
-const OSSL_PARAM *aes_settable_ctx_params(void *provctx)
+const OSSL_PARAM *aes_settable_ctx_params(ossl_unused void *provctx)
 {
     return cipher_aes_known_settable_ctx_params;
 }
@@ -257,7 +257,7 @@ static const OSSL_PARAM cipher_aes_known_gettable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV_STATE, NULL, 0),
     OSSL_PARAM_END
 };
-const OSSL_PARAM *aes_gettable_ctx_params(void *provctx)
+const OSSL_PARAM *aes_gettable_ctx_params(ossl_unused void *provctx)
 {
     return cipher_aes_known_gettable_ctx_params;
 }
diff --git a/providers/implementations/ciphers/cipher_aes_ocb.c b/providers/implementations/ciphers/cipher_aes_ocb.c
index 7be5c7f5e8..d6190695a2 100644
--- a/providers/implementations/ciphers/cipher_aes_ocb.c
+++ b/providers/implementations/ciphers/cipher_aes_ocb.c
@@ -452,7 +452,7 @@ static const OSSL_PARAM cipher_ocb_known_gettable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *cipher_ocb_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *cipher_ocb_gettable_ctx_params(ossl_unused void *p_ctx)
 {
     return cipher_ocb_known_gettable_ctx_params;
 }
@@ -463,7 +463,7 @@ static const OSSL_PARAM cipher_ocb_known_settable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *cipher_ocb_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *cipher_ocb_settable_ctx_params(ossl_unused void *p_ctx)
 {
     return cipher_ocb_known_settable_ctx_params;
 }
diff --git a/providers/implementations/ciphers/cipher_aes_siv.c b/providers/implementations/ciphers/cipher_aes_siv.c
index 2432c6a280..b2e07bc228 100644
--- a/providers/implementations/ciphers/cipher_aes_siv.c
+++ b/providers/implementations/ciphers/cipher_aes_siv.c
@@ -166,7 +166,7 @@ static const OSSL_PARAM aes_siv_known_gettable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *aes_siv_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *aes_siv_gettable_ctx_params(ossl_unused void *provctx)
 {
     return aes_siv_known_gettable_ctx_params;
 }
@@ -216,7 +216,7 @@ static const OSSL_PARAM aes_siv_known_settable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *aes_siv_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *aes_siv_settable_ctx_params(ossl_unused void *provctx)
 {
     return aes_siv_known_settable_ctx_params;
 }
diff --git a/providers/implementations/ciphers/cipher_aes_xts.c b/providers/implementations/ciphers/cipher_aes_xts.c
index 5430b6da1b..33d8c7fbb5 100644
--- a/providers/implementations/ciphers/cipher_aes_xts.c
+++ b/providers/implementations/ciphers/cipher_aes_xts.c
@@ -211,7 +211,7 @@ static const OSSL_PARAM aes_xts_known_settable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *aes_xts_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *aes_xts_settable_ctx_params(ossl_unused void *provctx)
 {
     return aes_xts_known_settable_ctx_params;
 }
diff --git a/providers/implementations/ciphers/cipher_chacha20.c b/providers/implementations/ciphers/cipher_chacha20.c
index 5d5e62870d..4e02ce9493 100644
--- a/providers/implementations/ciphers/cipher_chacha20.c
+++ b/providers/implementations/ciphers/cipher_chacha20.c
@@ -91,7 +91,7 @@ static const OSSL_PARAM chacha20_known_gettable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL),
     OSSL_PARAM_END
 };
-const OSSL_PARAM *chacha20_gettable_ctx_params(void *provctx)
+const OSSL_PARAM *chacha20_gettable_ctx_params(ossl_unused void *provctx)
 {
     return chacha20_known_gettable_ctx_params;
 }
@@ -131,7 +131,7 @@ static const OSSL_PARAM chacha20_known_settable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL),
     OSSL_PARAM_END
 };
-const OSSL_PARAM *chacha20_settable_ctx_params(void *provctx)
+const OSSL_PARAM *chacha20_settable_ctx_params(ossl_unused void *provctx)
 {
     return chacha20_known_settable_ctx_params;
 }
diff --git a/providers/implementations/ciphers/cipher_chacha20_poly1305.c b/providers/implementations/ciphers/cipher_chacha20_poly1305.c
index 0174337c81..90ff4ce1f5 100644
--- a/providers/implementations/ciphers/cipher_chacha20_poly1305.c
+++ b/providers/implementations/ciphers/cipher_chacha20_poly1305.c
@@ -135,7 +135,8 @@ static const OSSL_PARAM chacha20_poly1305_known_gettable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *chacha20_poly1305_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *chacha20_poly1305_gettable_ctx_params
+    (ossl_unused void *provctx)
 {
     return chacha20_poly1305_known_gettable_ctx_params;
 }
diff --git a/providers/implementations/ciphers/cipher_null.c b/providers/implementations/ciphers/cipher_null.c
index c524a83f4a..3cf64c2271 100644
--- a/providers/implementations/ciphers/cipher_null.c
+++ b/providers/implementations/ciphers/cipher_null.c
@@ -95,7 +95,7 @@ static const OSSL_PARAM null_known_gettable_ctx_params[] = {
 };
 
 static OSSL_FUNC_cipher_gettable_ctx_params_fn null_gettable_ctx_params;
-static const OSSL_PARAM *null_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *null_gettable_ctx_params(ossl_unused void *provctx)
 {
     return null_known_gettable_ctx_params;
 }
@@ -131,7 +131,7 @@ static const OSSL_PARAM null_known_settable_ctx_params[] = {
 };
 
 static OSSL_FUNC_cipher_settable_ctx_params_fn null_settable_ctx_params;
-static const OSSL_PARAM *null_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *null_settable_ctx_params(ossl_unused void *provctx)
 {
     return null_known_settable_ctx_params;
 }
diff --git a/providers/implementations/ciphers/cipher_rc4_hmac_md5.c b/providers/implementations/ciphers/cipher_rc4_hmac_md5.c
index e17584a0ab..736857ec13 100644
--- a/providers/implementations/ciphers/cipher_rc4_hmac_md5.c
+++ b/providers/implementations/ciphers/cipher_rc4_hmac_md5.c
@@ -72,7 +72,7 @@ static const OSSL_PARAM rc4_hmac_md5_known_gettable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL),
     OSSL_PARAM_END
 };
-const OSSL_PARAM *rc4_hmac_md5_gettable_ctx_params(void *provctx)
+const OSSL_PARAM *rc4_hmac_md5_gettable_ctx_params(ossl_unused void *provctx)
 {
     return rc4_hmac_md5_known_gettable_ctx_params;
 }
@@ -107,7 +107,7 @@ static const OSSL_PARAM rc4_hmac_md5_known_settable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, NULL, 0),
     OSSL_PARAM_END
 };
-const OSSL_PARAM *rc4_hmac_md5_settable_ctx_params(void *provctx)
+const OSSL_PARAM *rc4_hmac_md5_settable_ctx_params(ossl_unused void *provctx)
 {
     return rc4_hmac_md5_known_settable_ctx_params;
 }
diff --git a/providers/implementations/ciphers/ciphercommon.c b/providers/implementations/ciphers/ciphercommon.c
index a5de18ab3b..b49f27f29d 100644
--- a/providers/implementations/ciphers/ciphercommon.c
+++ b/providers/implementations/ciphers/ciphercommon.c
@@ -118,7 +118,7 @@ static const OSSL_PARAM cipher_aead_known_gettable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_GET_IV_GEN, NULL, 0),
     OSSL_PARAM_END
 };
-const OSSL_PARAM *cipher_aead_gettable_ctx_params(void *provctx)
+const OSSL_PARAM *cipher_aead_gettable_ctx_params(ossl_unused void *provctx)
 {
     return cipher_aead_known_gettable_ctx_params;
 }
@@ -131,7 +131,7 @@ static const OSSL_PARAM cipher_aead_known_settable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_SET_IV_INV, NULL, 0),
     OSSL_PARAM_END
 };
-const OSSL_PARAM *cipher_aead_settable_ctx_params(void *provctx)
+const OSSL_PARAM *cipher_aead_settable_ctx_params(ossl_unused void *provctx)
 {
     return cipher_aead_known_settable_ctx_params;
 }
diff --git a/providers/implementations/digests/md5_sha1_prov.c b/providers/implementations/digests/md5_sha1_prov.c
index 632fb4a8d0..a65cbbd55c 100644
--- a/providers/implementations/digests/md5_sha1_prov.c
+++ b/providers/implementations/digests/md5_sha1_prov.c
@@ -30,7 +30,7 @@ static const OSSL_PARAM known_md5_sha1_settable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *md5_sha1_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *md5_sha1_settable_ctx_params(ossl_unused void *provctx)
 {
     return known_md5_sha1_settable_ctx_params;
 }
diff --git a/providers/implementations/digests/mdc2_prov.c b/providers/implementations/digests/mdc2_prov.c
index b1d3b5c0ff..613be655bc 100644
--- a/providers/implementations/digests/mdc2_prov.c
+++ b/providers/implementations/digests/mdc2_prov.c
@@ -30,7 +30,7 @@ static const OSSL_PARAM known_mdc2_settable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *mdc2_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *mdc2_settable_ctx_params(ossl_unused void *provctx)
 {
     return known_mdc2_settable_ctx_params;
 }
diff --git a/providers/implementations/digests/sha2_prov.c b/providers/implementations/digests/sha2_prov.c
index 94ec269728..fe2f82dc48 100644
--- a/providers/implementations/digests/sha2_prov.c
+++ b/providers/implementations/digests/sha2_prov.c
@@ -31,7 +31,7 @@ static const OSSL_PARAM known_sha1_settable_ctx_params[] = {
     {OSSL_DIGEST_PARAM_SSL3_MS, OSSL_PARAM_OCTET_STRING, NULL, 0, 0},
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *sha1_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *sha1_settable_ctx_params(ossl_unused void *provctx)
 {
     return known_sha1_settable_ctx_params;
 }
diff --git a/providers/implementations/digests/sha3_prov.c b/providers/implementations/digests/sha3_prov.c
index 0703dbe9e0..8cd9c95ab9 100644
--- a/providers/implementations/digests/sha3_prov.c
+++ b/providers/implementations/digests/sha3_prov.c
@@ -250,7 +250,7 @@ static const OSSL_PARAM known_shake_settable_ctx_params[] = {
     {OSSL_DIGEST_PARAM_XOFLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL, 0, 0},
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *shake_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *shake_settable_ctx_params(ossl_unused void *provctx)
 {
     return known_shake_settable_ctx_params;
 }
diff --git a/providers/implementations/exchange/ecdh_exch.c b/providers/implementations/exchange/ecdh_exch.c
index a93f67b0b5..88f9c7c9bf 100644
--- a/providers/implementations/exchange/ecdh_exch.c
+++ b/providers/implementations/exchange/ecdh_exch.c
@@ -279,7 +279,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
 };
 
 static
-const OSSL_PARAM *ecdh_settable_ctx_params(void *provctx)
+const OSSL_PARAM *ecdh_settable_ctx_params(ossl_unused void *provctx)
 {
     return known_settable_ctx_params;
 }
@@ -360,7 +360,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
 };
 
 static
-const OSSL_PARAM *ecdh_gettable_ctx_params(void *provctx)
+const OSSL_PARAM *ecdh_gettable_ctx_params(ossl_unused void *provctx)
 {
     return known_gettable_ctx_params;
 }
diff --git a/providers/implementations/kdfs/hkdf.c b/providers/implementations/kdfs/hkdf.c
index fa1e1bcad0..32c0fdabef 100644
--- a/providers/implementations/kdfs/hkdf.c
+++ b/providers/implementations/kdfs/hkdf.c
@@ -225,7 +225,7 @@ static int kdf_hkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return 1;
 }
 
-static const OSSL_PARAM *kdf_hkdf_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *kdf_hkdf_settable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_MODE, NULL, 0),
@@ -250,7 +250,7 @@ static int kdf_hkdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
     return -2;
 }
 
-static const OSSL_PARAM *kdf_hkdf_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *kdf_hkdf_gettable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
diff --git a/providers/implementations/kdfs/kbkdf.c b/providers/implementations/kdfs/kbkdf.c
index 2801f25a7f..f3122ac1bd 100644
--- a/providers/implementations/kdfs/kbkdf.c
+++ b/providers/implementations/kdfs/kbkdf.c
@@ -298,7 +298,7 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return 1;
 }
 
-static const OSSL_PARAM *kbkdf_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *kbkdf_settable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_octet_string(OSSL_KDF_PARAM_INFO, NULL, 0),
@@ -328,7 +328,7 @@ static int kbkdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
     return OSSL_PARAM_set_size_t(p, SIZE_MAX);
 }
 
-static const OSSL_PARAM *kbkdf_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *kbkdf_gettable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] =
         { OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL), OSSL_PARAM_END };
diff --git a/providers/implementations/kdfs/krb5kdf.c b/providers/implementations/kdfs/krb5kdf.c
index 052c3b33d3..9a4cf57bc2 100644
--- a/providers/implementations/kdfs/krb5kdf.c
+++ b/providers/implementations/kdfs/krb5kdf.c
@@ -140,7 +140,7 @@ static int krb5kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return 1;
 }
 
-static const OSSL_PARAM *krb5kdf_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *krb5kdf_settable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0),
@@ -170,7 +170,7 @@ static int krb5kdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
     return -2;
 }
 
-static const OSSL_PARAM *krb5kdf_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *krb5kdf_gettable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
diff --git a/providers/implementations/kdfs/pbkdf2.c b/providers/implementations/kdfs/pbkdf2.c
index 1bacfc8ab5..a71758169a 100644
--- a/providers/implementations/kdfs/pbkdf2.c
+++ b/providers/implementations/kdfs/pbkdf2.c
@@ -200,7 +200,7 @@ static int kdf_pbkdf2_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return 1;
 }
 
-static const OSSL_PARAM *kdf_pbkdf2_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *kdf_pbkdf2_settable_ctx_params(ossl_unused void *p_ctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0),
@@ -223,7 +223,7 @@ static int kdf_pbkdf2_get_ctx_params(void *vctx, OSSL_PARAM params[])
     return -2;
 }
 
-static const OSSL_PARAM *kdf_pbkdf2_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *kdf_pbkdf2_gettable_ctx_params(ossl_unused void *p_ctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
diff --git a/providers/implementations/kdfs/scrypt.c b/providers/implementations/kdfs/scrypt.c
index 5650d1cd5e..76b0a58e1f 100644
--- a/providers/implementations/kdfs/scrypt.c
+++ b/providers/implementations/kdfs/scrypt.c
@@ -194,7 +194,7 @@ static int kdf_scrypt_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return 1;
 }
 
-static const OSSL_PARAM *kdf_scrypt_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *kdf_scrypt_settable_ctx_params(ossl_unused void *p_ctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_octet_string(OSSL_KDF_PARAM_PASSWORD, NULL, 0),
@@ -217,7 +217,7 @@ static int kdf_scrypt_get_ctx_params(void *vctx, OSSL_PARAM params[])
     return -2;
 }
 
-static const OSSL_PARAM *kdf_scrypt_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *kdf_scrypt_gettable_ctx_params(ossl_unused void *p_ctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
diff --git a/providers/implementations/kdfs/sshkdf.c b/providers/implementations/kdfs/sshkdf.c
index 4fe3e4467f..84338e1a1f 100644
--- a/providers/implementations/kdfs/sshkdf.c
+++ b/providers/implementations/kdfs/sshkdf.c
@@ -160,7 +160,7 @@ static int kdf_sshkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return 1;
 }
 
-static const OSSL_PARAM *kdf_sshkdf_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *kdf_sshkdf_settable_ctx_params(ossl_unused void *p_ctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0),
@@ -183,7 +183,7 @@ static int kdf_sshkdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
     return -2;
 }
 
-static const OSSL_PARAM *kdf_sshkdf_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *kdf_sshkdf_gettable_ctx_params(ossl_unused void *p_ctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
diff --git a/providers/implementations/kdfs/sskdf.c b/providers/implementations/kdfs/sskdf.c
index 5415c72f4f..bad372cc5e 100644
--- a/providers/implementations/kdfs/sskdf.c
+++ b/providers/implementations/kdfs/sskdf.c
@@ -478,7 +478,7 @@ static int sskdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return 1;
 }
 
-static const OSSL_PARAM *sskdf_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *sskdf_settable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_octet_string(OSSL_KDF_PARAM_SECRET, NULL, 0),
@@ -504,7 +504,7 @@ static int sskdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
     return -2;
 }
 
-static const OSSL_PARAM *sskdf_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *sskdf_gettable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
diff --git a/providers/implementations/kdfs/tls1_prf.c b/providers/implementations/kdfs/tls1_prf.c
index 46a1253ee8..191041db5b 100644
--- a/providers/implementations/kdfs/tls1_prf.c
+++ b/providers/implementations/kdfs/tls1_prf.c
@@ -200,7 +200,7 @@ static int kdf_tls1_prf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return 1;
 }
 
-static const OSSL_PARAM *kdf_tls1_prf_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *kdf_tls1_prf_settable_ctx_params(ossl_unused void *ctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0),
@@ -221,7 +221,7 @@ static int kdf_tls1_prf_get_ctx_params(void *vctx, OSSL_PARAM params[])
     return -2;
 }
 
-static const OSSL_PARAM *kdf_tls1_prf_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *kdf_tls1_prf_gettable_ctx_params(ossl_unused void *ctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
diff --git a/providers/implementations/kdfs/x942kdf.c b/providers/implementations/kdfs/x942kdf.c
index 9790700bf0..3ca87cddc2 100644
--- a/providers/implementations/kdfs/x942kdf.c
+++ b/providers/implementations/kdfs/x942kdf.c
@@ -402,7 +402,7 @@ static int x942kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return 1;
 }
 
-static const OSSL_PARAM *x942kdf_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *x942kdf_settable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0),
@@ -426,7 +426,7 @@ static int x942kdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
     return -2;
 }
 
-static const OSSL_PARAM *x942kdf_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *x942kdf_gettable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
diff --git a/providers/implementations/macs/blake2_mac_impl.c b/providers/implementations/macs/blake2_mac_impl.c
index d4e61e44a4..b567369f58 100644
--- a/providers/implementations/macs/blake2_mac_impl.c
+++ b/providers/implementations/macs/blake2_mac_impl.c
@@ -109,7 +109,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *blake2_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *blake2_gettable_ctx_params(ossl_unused void *provctx)
 {
     return known_gettable_ctx_params;
 }
@@ -131,7 +131,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_MAC_PARAM_SALT, NULL, 0),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *blake2_mac_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *blake2_mac_settable_ctx_params(ossl_unused void *p_ctx)
 {
     return known_settable_ctx_params;
 }
diff --git a/providers/implementations/macs/cmac_prov.c b/providers/implementations/macs/cmac_prov.c
index c02031a92c..df73b0c11b 100644
--- a/providers/implementations/macs/cmac_prov.c
+++ b/providers/implementations/macs/cmac_prov.c
@@ -125,7 +125,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *cmac_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *cmac_gettable_ctx_params(ossl_unused void *provctx)
 {
     return known_gettable_ctx_params;
 }
@@ -146,7 +146,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *cmac_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *cmac_settable_ctx_params(ossl_unused void *provctx)
 {
     return known_settable_ctx_params;
 }
diff --git a/providers/implementations/macs/gmac_prov.c b/providers/implementations/macs/gmac_prov.c
index 5a69afe89e..f0c152d48f 100644
--- a/providers/implementations/macs/gmac_prov.c
+++ b/providers/implementations/macs/gmac_prov.c
@@ -158,7 +158,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_MAC_PARAM_IV, NULL, 0),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *gmac_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *gmac_settable_ctx_params(ossl_unused void *provctx)
 {
     return known_settable_ctx_params;
 }
diff --git a/providers/implementations/macs/hmac_prov.c b/providers/implementations/macs/hmac_prov.c
index af2a2098cd..b30de6c4a3 100644
--- a/providers/implementations/macs/hmac_prov.c
+++ b/providers/implementations/macs/hmac_prov.c
@@ -138,7 +138,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *hmac_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *hmac_gettable_ctx_params(ossl_unused void *provctx)
 {
     return known_gettable_ctx_params;
 }
@@ -160,7 +160,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_int(OSSL_MAC_PARAM_FLAGS, NULL),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *hmac_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *hmac_settable_ctx_params(ossl_unused void *provctx)
 {
     return known_settable_ctx_params;
 }
diff --git a/providers/implementations/macs/kmac_prov.c b/providers/implementations/macs/kmac_prov.c
index 792bc6c5bb..ce3247baa2 100644
--- a/providers/implementations/macs/kmac_prov.c
+++ b/providers/implementations/macs/kmac_prov.c
@@ -306,7 +306,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *kmac_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *kmac_gettable_ctx_params(ossl_unused void *provctx)
 {
     return known_gettable_ctx_params;
 }
@@ -328,7 +328,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_MAC_PARAM_CUSTOM, NULL, 0),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *kmac_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *kmac_settable_ctx_params(ossl_unused void *provctx)
 {
     return known_settable_ctx_params;
 }
diff --git a/providers/implementations/macs/poly1305_prov.c b/providers/implementations/macs/poly1305_prov.c
index 748cafbaca..08eb81ee0d 100644
--- a/providers/implementations/macs/poly1305_prov.c
+++ b/providers/implementations/macs/poly1305_prov.c
@@ -121,7 +121,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *poly1305_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *poly1305_settable_ctx_params(ossl_unused void *provctx)
 {
     return known_settable_ctx_params;
 }
diff --git a/providers/implementations/macs/siphash_prov.c b/providers/implementations/macs/siphash_prov.c
index 17137e946b..8797241e33 100644
--- a/providers/implementations/macs/siphash_prov.c
+++ b/providers/implementations/macs/siphash_prov.c
@@ -112,7 +112,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
     OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
     OSSL_PARAM_END
 };
-static const OSSL_PARAM *siphash_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *siphash_gettable_ctx_params(ossl_unused void *provctx)
 {
     return known_gettable_ctx_params;
 }
diff --git a/providers/implementations/rands/drbg_ctr.c b/providers/implementations/rands/drbg_ctr.c
index 18737a07f1..609981b9e8 100644
--- a/providers/implementations/rands/drbg_ctr.c
+++ b/providers/implementations/rands/drbg_ctr.c
@@ -635,7 +635,7 @@ static int drbg_ctr_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
     return drbg_get_ctx_params(drbg, params);
 }
 
-static const OSSL_PARAM *drbg_ctr_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *drbg_ctr_gettable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_DRBG_GETTABLE_CTX_COMMON,
@@ -701,7 +701,7 @@ static int drbg_ctr_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return drbg_set_ctx_params(ctx, params);
 }
 
-static const OSSL_PARAM *drbg_ctr_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *drbg_ctr_settable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_PROPERTIES, NULL, 0),
diff --git a/providers/implementations/rands/drbg_hash.c b/providers/implementations/rands/drbg_hash.c
index b4e1e8036e..ca2f8bb0c6 100644
--- a/providers/implementations/rands/drbg_hash.c
+++ b/providers/implementations/rands/drbg_hash.c
@@ -432,7 +432,7 @@ static int drbg_hash_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
     return drbg_get_ctx_params(drbg, params);
 }
 
-static const OSSL_PARAM *drbg_hash_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *drbg_hash_gettable_ctx_params(ossl_unused void *p_ctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_DRBG_GETTABLE_CTX_COMMON,
@@ -476,7 +476,7 @@ static int drbg_hash_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return drbg_set_ctx_params(ctx, params);
 }
 
-static const OSSL_PARAM *drbg_hash_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *drbg_hash_settable_ctx_params(ossl_unused void *p_ctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_PROPERTIES, NULL, 0),
diff --git a/providers/implementations/rands/drbg_hmac.c b/providers/implementations/rands/drbg_hmac.c
index def38dd27f..fb232de519 100644
--- a/providers/implementations/rands/drbg_hmac.c
+++ b/providers/implementations/rands/drbg_hmac.c
@@ -329,7 +329,7 @@ static int drbg_hmac_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
     return drbg_get_ctx_params(drbg, params);
 }
 
-static const OSSL_PARAM *drbg_hmac_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *drbg_hmac_gettable_ctx_params(ossl_unused void *p_ctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_DRBG_GETTABLE_CTX_COMMON,
@@ -378,7 +378,7 @@ static int drbg_hmac_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     return drbg_set_ctx_params(ctx, params);
 }
 
-static const OSSL_PARAM *drbg_hmac_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *drbg_hmac_settable_ctx_params(ossl_unused void *p_ctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_PROPERTIES, NULL, 0),
diff --git a/providers/implementations/rands/test_rng.c b/providers/implementations/rands/test_rng.c
index 3b9d9ca81c..a0507f4d92 100644
--- a/providers/implementations/rands/test_rng.c
+++ b/providers/implementations/rands/test_rng.c
@@ -186,7 +186,7 @@ static int test_rng_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
     return drbg_get_ctx_params(drbg, params);
 }
 
-static const OSSL_PARAM *test_rng_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *test_rng_gettable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM known_gettable_ctx_params[] = {
         OSSL_PARAM_DRBG_GETTABLE_CTX_COMMON,
@@ -264,7 +264,7 @@ static int test_rng_set_ctx_params(void *vdrbg, const OSSL_PARAM params[])
     return drbg_set_ctx_params(drbg, params);
 }
 
-static const OSSL_PARAM *test_rng_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *test_rng_settable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY, NULL, 0),
diff --git a/providers/implementations/serializers/serializer_dh_priv.c b/providers/implementations/serializers/serializer_dh_priv.c
index 185f836110..0e974ac401 100644
--- a/providers/implementations/serializers/serializer_dh_priv.c
+++ b/providers/implementations/serializers/serializer_dh_priv.c
@@ -71,7 +71,7 @@ static void dh_priv_freectx(void *vctx)
     OPENSSL_free(ctx);
 }
 
-static const OSSL_PARAM *dh_priv_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *dh_priv_settable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM settables[] = {
         OSSL_PARAM_utf8_string(OSSL_SERIALIZER_PARAM_CIPHER, NULL, 0),
diff --git a/providers/implementations/serializers/serializer_dsa_priv.c b/providers/implementations/serializers/serializer_dsa_priv.c
index ca8b4e5c9c..0db3ef49e4 100644
--- a/providers/implementations/serializers/serializer_dsa_priv.c
+++ b/providers/implementations/serializers/serializer_dsa_priv.c
@@ -71,7 +71,7 @@ static void dsa_priv_freectx(void *vctx)
     OPENSSL_free(ctx);
 }
 
-static const OSSL_PARAM *dsa_priv_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *dsa_priv_settable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM settables[] = {
         OSSL_PARAM_utf8_string(OSSL_SERIALIZER_PARAM_CIPHER, NULL, 0),
diff --git a/providers/implementations/serializers/serializer_ec_priv.c b/providers/implementations/serializers/serializer_ec_priv.c
index 6e37b9b3c5..acc6cf7081 100644
--- a/providers/implementations/serializers/serializer_ec_priv.c
+++ b/providers/implementations/serializers/serializer_ec_priv.c
@@ -65,7 +65,7 @@ static void ec_priv_freectx(void *vctx)
     OPENSSL_free(ctx);
 }
 
-static const OSSL_PARAM *ec_priv_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *ec_priv_settable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM settables[] = {
         OSSL_PARAM_utf8_string(OSSL_SERIALIZER_PARAM_CIPHER, NULL, 0),
diff --git a/providers/implementations/serializers/serializer_ecx_priv.c b/providers/implementations/serializers/serializer_ecx_priv.c
index 904a8559c8..7df1e01fd5 100644
--- a/providers/implementations/serializers/serializer_ecx_priv.c
+++ b/providers/implementations/serializers/serializer_ecx_priv.c
@@ -88,7 +88,7 @@ static void ecx_priv_freectx(void *vctx)
     OPENSSL_free(ctx);
 }
 
-static const OSSL_PARAM *ecx_priv_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *ecx_priv_settable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM settables[] = {
         OSSL_PARAM_utf8_string(OSSL_SERIALIZER_PARAM_CIPHER, NULL, 0),
diff --git a/providers/implementations/serializers/serializer_rsa_priv.c b/providers/implementations/serializers/serializer_rsa_priv.c
index c11ec786fa..5a589ae020 100644
--- a/providers/implementations/serializers/serializer_rsa_priv.c
+++ b/providers/implementations/serializers/serializer_rsa_priv.c
@@ -73,7 +73,7 @@ static void rsa_priv_freectx(void *vctx)
     OPENSSL_free(ctx);
 }
 
-static const OSSL_PARAM *rsa_priv_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *rsa_priv_settable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM settables[] = {
         OSSL_PARAM_utf8_string(OSSL_SERIALIZER_PARAM_CIPHER, NULL, 0),
diff --git a/providers/implementations/signature/dsa.c b/providers/implementations/signature/dsa.c
index 76c65ceaa8..0b29ad6368 100644
--- a/providers/implementations/signature/dsa.c
+++ b/providers/implementations/signature/dsa.c
@@ -412,7 +412,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *dsa_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *dsa_gettable_ctx_params(ossl_unused void *provctx)
 {
     return known_gettable_ctx_params;
 }
@@ -454,7 +454,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *dsa_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *dsa_settable_ctx_params(ossl_unused void *provctx)
 {
     /*
      * TODO(3.0): Should this function return a different set of settable ctx
diff --git a/providers/implementations/signature/ecdsa.c b/providers/implementations/signature/ecdsa.c
index 729a2b39ad..d60a996a83 100644
--- a/providers/implementations/signature/ecdsa.c
+++ b/providers/implementations/signature/ecdsa.c
@@ -399,7 +399,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *ecdsa_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *ecdsa_gettable_ctx_params(ossl_unused void *provctx)
 {
     return known_gettable_ctx_params;
 }
@@ -451,7 +451,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *ecdsa_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *ecdsa_settable_ctx_params(ossl_unused void *provctx)
 {
     /*
      * TODO(3.0): Should this function return a different set of settable ctx
diff --git a/providers/implementations/signature/rsa.c b/providers/implementations/signature/rsa.c
index 491c72d990..05c47dfb65 100644
--- a/providers/implementations/signature/rsa.c
+++ b/providers/implementations/signature/rsa.c
@@ -983,7 +983,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *rsa_gettable_ctx_params(void *provctx)
+static const OSSL_PARAM *rsa_gettable_ctx_params(ossl_unused void *provctx)
 {
     return known_gettable_ctx_params;
 }
@@ -1233,7 +1233,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
-static const OSSL_PARAM *rsa_settable_ctx_params(void *provctx)
+static const OSSL_PARAM *rsa_settable_ctx_params(ossl_unused void *provctx)
 {
     /*
      * TODO(3.0): Should this function return a different set of settable ctx

From openssl at openssl.org  Tue Aug 11 23:10:24 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 11 Aug 2020 23:10:24 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-tls1_3
Message-ID: <1597187424.186998.25934.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_3

Commit log since last time:

04cb5ec0b7 Add 'on demand self test' and status test to providers
dda4e259e5 Add some of the missing CMS API documentation
28ba642779 Change CMS tests to use a library context.
0ab18e7924 Add EVP signature with libctx methods.
11eef7e766 Use libctx for EVP_CIPHER_CTX_rand_key() method.
831564543a Add libctx to ecdh_KDF_X9_63.
57e8420609 Fix EVP_PKEY_CTX_get_rsa_oaep_md() & EVP_PKEY_CTX_get_rsa_mgf1_md() so they use a libctx to retrieve the digest
90a1f2d76f Add libctx support to PKCS7.
45b22d6a35 Add libctx to SMIME ASN1
dcc679cd99 Add internal method x509_set0_libctx().
c1669f41ea Add libctx support to CMS.
82a7b2fb00 rand: fix typo in parameter name
378b163e49 Update gost-engine to fix API rename
97a8878c5d Use .cnf for config files, not .conf
5ccada09aa Add evp_test fixes.
64827f407b drbgtest: avoid a memory leak
7d615e2178 rand_drbg: remove RAND_DRBG.
4df0d37ff6 PROV: Fix MSBLOB / PVK deserializer
90ef39f43a EVP: Fix the returned value for ASN1_PKEY_CTRL_DEFAULT_MD_NID
a7922e208d TEST: Adjust the serdes test to include MSBLOB and PVK
dca51418b0 PEM: Fix i2b_PvK to use EVP_Encrypt calls consistently
37d398c180 PROV: Add MSBLOB and PVK to DSA and RSA deserializers
fb89000897 DESERIALIZER: Adjust to allow the use several deserializers with same name
413835f5d1 PEM: Make general MSBLOB reader functions exposed internally
6ce6ad39fe RSA: Be less strict on PSS parameters when exporting to provider
5f6a0b2ff0 mac: add some consistency to setting the XXX_final output length.
992492f5e8 gettables: documentation changes to pass the provider context.
132b61604b gettables: test changes to pass the provider context.
af5e1e852d gettables: provider changes to pass the provider context.
18ec26babc gettables: core changes to pass the provider context.
c5ec6dcf0b Add new APIs to get PKCS12 secretBag OID and value
15c9aa3aef apps/pkcs12: Change defaults from RC2 to PBES2 with PBKDF2
1b2873e4a1 Prepare for 3.0 alpha 7
e3ec8020b4 Prepare for release of 3.0 alpha 6
0f84cbc3e2 Update copyright year

Build log ended with (last 100 lines):

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok

        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C060085C657F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:415:
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C060085C657F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8202
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C060085C657F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:415:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C060085C657F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8202
        # false
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
    not ok 37 - test_sigalgs_available
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/08DZ9veZgl default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C06022E7E77F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:415:
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C06022E7E77F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8202
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C06022E7E77F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:415:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C06022E7E77F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8202
        # false
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
    not ok 37 - test_sigalgs_available
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/08DZ9veZgl fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build
90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=208, Tests=3228, 835 wallclock secs (11.81 usr  1.12 sys + 769.92 cusr 60.24 csys = 843.09 CPU)
Result: FAIL
Makefile:3169: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-tls1_3'
Makefile:3167: recipe for target 'tests' failed
make: *** [tests] Error 2

From builds at travis-ci.com  Tue Aug 11 23:20:43 2020
From: builds at travis-ci.com (Travis CI)
Date: Tue, 11 Aug 2020 23:20:43 +0000
Subject: Still Failing: openssl/openssl#36635 (master - 5201501)
In-Reply-To: <openssl/openssl+179277789+still failing@travis-ci.com>
Message-ID: <5f3327caa818b_13fa760ac6d80446879@travis-pro-tasks-65bfc4dd67-46xlc.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36635
Status: Still Failing

Duration: 1 hr, 6 mins, and 51 secs
Commit: 5201501 (master)
Author: Benjamin Kaduk
Message: Expose S390x HW ciphers' IV state to provider layer

The S390x hardware-accelerated cipher implementations keep their IV
state in an internal structure tied to the underlying implementation.
However, the provider itself needs to be able to expose the IV state
to libcrypto when processing the "iv-state" parameter.  In the absence
of a S390x hardware-specific get_ctx_params() implementation,  be sure
to copy the IV state from the hw-specific structure back to the
generic PROV_CIPHER_CTX object after each cipher operation in order to
synchronize the internal and fetchable state.

[extended tests]

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12233)

View the changeset: https://github.com/openssl/openssl/compare/31d2daecb384...520150151bc5

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179277789?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200811/1eaa012a/attachment-0001.html>

From builds at travis-ci.com  Wed Aug 12 00:43:27 2020
From: builds at travis-ci.com (Travis CI)
Date: Wed, 12 Aug 2020 00:43:27 +0000
Subject: Failed: openssl/openssl#36638 (master - 1017ab2)
In-Reply-To: <openssl/openssl+179347585+failed@travis-ci.com>
Message-ID: <5f333b2e65b2f_13fb0d31c5fac495c3@travis-pro-tasks-79d59dbd64-52zdm.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36638
Status: Failed

Duration: 1 hr, 3 mins, and 53 secs
Commit: 1017ab2 (master)
Author: Pauli
Message: provider: add the unused paramater tag to the gettable and settable functions

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12603)

View the changeset: https://github.com/openssl/openssl/compare/520150151bc5...1017ab21e478

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179347585?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200812/b487b8b4/attachment.html>

From shane.lontis at oracle.com  Wed Aug 12 01:47:40 2020
From: shane.lontis at oracle.com (shane.lontis at oracle.com)
Date: Wed, 12 Aug 2020 01:47:40 +0000
Subject: [openssl]  master update
Message-ID: <1597196860.516234.9320.nullmailer@dev.openssl.org>

The branch master has been updated
       via  af88e64a98a6402dabd41ac2de194444dd285b49 (commit)
       via  7c9a7cf12715ac3e906b8d55466f19285fc59e78 (commit)
      from  1017ab21e478b18dd2d9266955dee7e418932a3c (commit)


- Log -----------------------------------------------------------------
commit af88e64a98a6402dabd41ac2de194444dd285b49
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Mon Aug 10 10:16:26 2020 +1000

    Fix serializer_EVP_PKEY_to_bio so that that the key is exported if the serializer provider does not match the key provider.
    
    RSA keys in the 'base' provider are different from a fips provider RSA key (since they have different object structures).
    To use a fips provider key in the base serializer the key needs to be exported.
    The fix was suggested by @levitte.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12162)

commit 7c9a7cf12715ac3e906b8d55466f19285fc59e78
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Jun 16 13:04:57 2020 +1000

    Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072
    
    Fixes #11863
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12162)

-----------------------------------------------------------------------

Summary of changes:
 apps/dgst.c                         |  2 +-
 apps/genpkey.c                      | 57 ++++++++++++++++++++++++-------------
 apps/genrsa.c                       |  2 +-
 apps/include/apps.h                 |  3 +-
 crypto/bn/bn_rsa_fips186_4.c        |  4 +--
 crypto/serializer/serializer_pkey.c |  3 +-
 doc/man1/openssl-genpkey.pod.in     |  3 ++
 test/recipes/15-test_genrsa.t       | 40 ++++++++++++++++++++++++--
 8 files changed, 86 insertions(+), 28 deletions(-)

diff --git a/apps/dgst.c b/apps/dgst.c
index da162e6ed6..0654d4c8b9 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -293,7 +293,7 @@ int dgst_main(int argc, char **argv)
     if (mac_name != NULL) {
         EVP_PKEY_CTX *mac_ctx = NULL;
         int r = 0;
-        if (!init_gen_str(&mac_ctx, mac_name, impl, 0))
+        if (!init_gen_str(&mac_ctx, mac_name, impl, 0, NULL, NULL))
             goto mac_end;
         if (macopts != NULL) {
             char *macopt;
diff --git a/apps/genpkey.c b/apps/genpkey.c
index 389f0e620c..9da5b556e8 100644
--- a/apps/genpkey.c
+++ b/apps/genpkey.c
@@ -21,13 +21,15 @@
 # include <openssl/engine.h>
 #endif
 
-static int init_keygen_file(EVP_PKEY_CTX **pctx, const char *file, ENGINE *e);
+static int init_keygen_file(EVP_PKEY_CTX **pctx, const char *file, ENGINE *e,
+                            OPENSSL_CTX *libctx, const char *propq);
 static int genpkey_cb(EVP_PKEY_CTX *ctx);
 
 typedef enum OPTION_choice {
     OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
     OPT_ENGINE, OPT_OUTFORM, OPT_OUT, OPT_PASS, OPT_PARAMFILE,
     OPT_ALGORITHM, OPT_PKEYOPT, OPT_GENPARAM, OPT_TEXT, OPT_CIPHER,
+    OPT_CONFIG,
     OPT_PROV_ENUM
 } OPTION_CHOICE;
 
@@ -41,6 +43,7 @@ const OPTIONS genpkey_options[] = {
     {"algorithm", OPT_ALGORITHM, 's', "The public key algorithm"},
     {"pkeyopt", OPT_PKEYOPT, 's',
      "Set the public key algorithm option as opt:value"},
+     OPT_CONFIG_OPTION,
 
     OPT_SECTION("Output"),
     {"out", OPT_OUT, '>', "Output file"},
@@ -60,6 +63,7 @@ const OPTIONS genpkey_options[] = {
 
 int genpkey_main(int argc, char **argv)
 {
+    CONF *conf = NULL;
     BIO *in = NULL, *out = NULL;
     ENGINE *e = NULL;
     EVP_PKEY *pkey = NULL;
@@ -69,6 +73,8 @@ int genpkey_main(int argc, char **argv)
     OPTION_CHOICE o;
     int outformat = FORMAT_PEM, text = 0, ret = 1, rv, do_param = 0;
     int private = 0;
+    OPENSSL_CTX *libctx = app_get0_libctx();
+    const char *propq = app_get0_propq();
 
     prog = opt_init(argc, argv, genpkey_options);
     while ((o = opt_next()) != OPT_EOF) {
@@ -98,11 +104,11 @@ int genpkey_main(int argc, char **argv)
         case OPT_PARAMFILE:
             if (do_param == 1)
                 goto opthelp;
-            if (!init_keygen_file(&ctx, opt_arg(), e))
+            if (!init_keygen_file(&ctx, opt_arg(), e, libctx, propq))
                 goto end;
             break;
         case OPT_ALGORITHM:
-            if (!init_gen_str(&ctx, opt_arg(), e, do_param))
+            if (!init_gen_str(&ctx, opt_arg(), e, do_param, libctx, propq))
                 goto end;
             break;
         case OPT_PKEYOPT:
@@ -138,6 +144,11 @@ int genpkey_main(int argc, char **argv)
                 goto end;
             }
             break;
+        case OPT_CONFIG:
+            conf = app_load_config_modules(opt_arg());
+            if (conf == NULL)
+                goto end;
+            break;
         case OPT_PROV_CASES:
             if (!opt_provider(o))
                 goto end;
@@ -220,10 +231,12 @@ int genpkey_main(int argc, char **argv)
     BIO_free(in);
     release_engine(e);
     OPENSSL_free(pass);
+    NCONF_free(conf);
     return ret;
 }
 
-static int init_keygen_file(EVP_PKEY_CTX **pctx, const char *file, ENGINE *e)
+static int init_keygen_file(EVP_PKEY_CTX **pctx, const char *file, ENGINE *e,
+                            OPENSSL_CTX *libctx, const char *propq)
 {
     BIO *pbio;
     EVP_PKEY *pkey = NULL;
@@ -247,7 +260,10 @@ static int init_keygen_file(EVP_PKEY_CTX **pctx, const char *file, ENGINE *e)
         return 0;
     }
 
-    ctx = EVP_PKEY_CTX_new(pkey, e);
+    if (e != NULL)
+        ctx = EVP_PKEY_CTX_new(pkey, e);
+    else
+        ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq);
     if (ctx == NULL)
         goto err;
     if (EVP_PKEY_keygen_init(ctx) <= 0)
@@ -266,7 +282,8 @@ static int init_keygen_file(EVP_PKEY_CTX **pctx, const char *file, ENGINE *e)
 }
 
 int init_gen_str(EVP_PKEY_CTX **pctx,
-                 const char *algname, ENGINE *e, int do_param)
+                 const char *algname, ENGINE *e, int do_param,
+                 OPENSSL_CTX *libctx, const char *propq)
 {
     EVP_PKEY_CTX *ctx = NULL;
     const EVP_PKEY_ASN1_METHOD *ameth;
@@ -278,25 +295,27 @@ int init_gen_str(EVP_PKEY_CTX **pctx,
         return 0;
     }
 
-    ameth = EVP_PKEY_asn1_find_str(&tmpeng, algname, -1);
+    if (libctx == NULL || e != NULL) {
+        ameth = EVP_PKEY_asn1_find_str(&tmpeng, algname, -1);
 
 #if !defined(OPENSSL_NO_ENGINE) && !defined(OPENSSL_NO_DEPRECATED_3_0)
-    if (!ameth && e)
-        ameth = ENGINE_get_pkey_asn1_meth_str(e, algname, -1);
+        if (ameth == NULL && e != NULL)
+            ameth = ENGINE_get_pkey_asn1_meth_str(e, algname, -1);
 #endif
+        if (ameth == NULL) {
+            BIO_printf(bio_err, "Algorithm %s not found\n", algname);
+            return 0;
+        }
+        ERR_clear_error();
 
-    if (!ameth) {
-        BIO_printf(bio_err, "Algorithm %s not found\n", algname);
-        return 0;
-    }
-
-    ERR_clear_error();
-
-    EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth);
+        EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth);
 #if !defined(OPENSSL_NO_ENGINE) && !defined(OPENSSL_NO_DEPRECATED_3_0)
-    ENGINE_finish(tmpeng);
+        ENGINE_finish(tmpeng);
 #endif
-    ctx = EVP_PKEY_CTX_new_id(pkey_id, e);
+        ctx = EVP_PKEY_CTX_new_id(pkey_id, e);
+    } else {
+        ctx = EVP_PKEY_CTX_new_from_name(libctx, algname, propq);
+    }
 
     if (!ctx)
         goto err;
diff --git a/apps/genrsa.c b/apps/genrsa.c
index 9a9130125e..4f589e98c1 100644
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -169,7 +169,7 @@ opthelp:
     if (out == NULL)
         goto end;
 
-    if (!init_gen_str(&ctx, "RSA", eng, 0))
+    if (!init_gen_str(&ctx, "RSA", eng, 0, NULL, NULL))
         goto end;
 
     EVP_PKEY_CTX_set_cb(ctx, genrsa_cb);
diff --git a/apps/include/apps.h b/apps/include/apps.h
index 554d33e1c9..0ee8e070cd 100644
--- a/apps/include/apps.h
+++ b/apps/include/apps.h
@@ -209,7 +209,8 @@ int pkey_ctrl_string(EVP_PKEY_CTX *ctx, const char *value);
 int x509_ctrl_string(X509 *x, const char *value);
 int x509_req_ctrl_string(X509_REQ *x, const char *value);
 int init_gen_str(EVP_PKEY_CTX **pctx,
-                 const char *algname, ENGINE *e, int do_param);
+                 const char *algname, ENGINE *e, int do_param,
+                 OPENSSL_CTX *libctx, const char *propq);
 int do_X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md,
                  STACK_OF(OPENSSL_STRING) *sigopts);
 int do_X509_verify(X509 *x, EVP_PKEY *pkey, STACK_OF(OPENSSL_STRING) *vfyopts);
diff --git a/crypto/bn/bn_rsa_fips186_4.c b/crypto/bn/bn_rsa_fips186_4.c
index a8b0a69aee..ab1e1f14ae 100644
--- a/crypto/bn/bn_rsa_fips186_4.c
+++ b/crypto/bn/bn_rsa_fips186_4.c
@@ -65,7 +65,7 @@ static int bn_rsa_fips186_4_aux_prime_min_size(int nbits)
 {
     if (nbits >= 3072)
         return 171;
-    if (nbits == 2048)
+    if (nbits >= 2048)
         return 141;
     return 0;
 }
@@ -83,7 +83,7 @@ static int bn_rsa_fips186_4_aux_prime_max_sum_size_for_prob_primes(int nbits)
 {
     if (nbits >= 3072)
         return 1518;
-    if (nbits == 2048)
+    if (nbits >= 2048)
         return 1007;
     return 0;
 }
diff --git a/crypto/serializer/serializer_pkey.c b/crypto/serializer/serializer_pkey.c
index 6e24ed73f0..d31b3cce8b 100644
--- a/crypto/serializer/serializer_pkey.c
+++ b/crypto/serializer/serializer_pkey.c
@@ -150,7 +150,8 @@ static int serializer_EVP_PKEY_to_bio(OSSL_SERIALIZER_CTX *ctx, BIO *out)
     if (ctx->ser == NULL)
         return 0;
 
-    if (ctx->ser->serialize_object == NULL) {
+    if (ctx->ser->serialize_object == NULL
+        || OSSL_SERIALIZER_provider(ctx->ser) != EVP_KEYMGMT_provider(keymgmt)) {
         struct serializer_write_data_st write_data;
 
         write_data.ctx = ctx;
diff --git a/doc/man1/openssl-genpkey.pod.in b/doc/man1/openssl-genpkey.pod.in
index 4334d0c3c1..f3937400b7 100644
--- a/doc/man1/openssl-genpkey.pod.in
+++ b/doc/man1/openssl-genpkey.pod.in
@@ -24,6 +24,7 @@ B<openssl> B<genpkey>
 [B<-text>]
 {- $OpenSSL::safe::opt_engine_synopsis -}
 {- $OpenSSL::safe::opt_provider_synopsis -}
+{- $OpenSSL::safe::opt_config_synopsis -}
 
 =for openssl ifdef engine
 
@@ -107,6 +108,8 @@ parameters along with the PEM or DER structure.
 
 {- $OpenSSL::safe::opt_provider_item -}
 
+{- $OpenSSL::safe::opt_config_item -}
+
 =back
 
 =head1 KEY GENERATION OPTIONS
diff --git a/test/recipes/15-test_genrsa.t b/test/recipes/15-test_genrsa.t
index 17b0cbc1a0..b206267aad 100644
--- a/test/recipes/15-test_genrsa.t
+++ b/test/recipes/15-test_genrsa.t
@@ -11,12 +11,22 @@ use strict;
 use warnings;
 
 use File::Spec;
-use OpenSSL::Test qw/:DEFAULT srctop_file/;
+use OpenSSL::Test qw/:DEFAULT srctop_file srctop_dir bldtop_dir bldtop_file/;
 use OpenSSL::Test::Utils;
 
-setup("test_genrsa");
+BEGIN {
+    setup("test_genrsa");
+}
+
+use lib srctop_dir('Configurations');
+use lib bldtop_dir('.');
+use platform;
 
-plan tests => 12;
+my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
+
+plan tests =>
+    ($no_fips ? 0 : 2)          # FIPS install test + fips related test
+    + 12;
 
 # We want to know that an absurdly small number of bits isn't support
 if (disabled("deprecated-3.0")) {
@@ -105,3 +115,27 @@ ok(!run(app([ 'openssl', 'genpkey', '-algorithm', 'RSA',
     ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout' ])),
        "rsa -check");
 }
+
+unless ($no_fips) {
+    my $provconf = srctop_file("test", "fips.cnf");
+    my $provpath = bldtop_dir("providers");
+    my @prov = ( "-provider_path", $provpath,
+                 "-provider", "base",
+                 "-config", $provconf);
+    my $infile = bldtop_file('providers', platform->dso('fips'));
+
+    ok(run(app(['openssl', 'fipsinstall',
+                '-out', bldtop_file('providers', 'fipsmodule.cnf'),
+                '-module', $infile,
+                '-provider_name', 'fips', '-mac_name', 'HMAC',
+                '-section_name', 'fips_sect'])),
+       "fipsinstall");
+
+    $ENV{OPENSSL_TEST_LIBCTX} = "1";
+    ok(run(app(['openssl', 'genpkey',
+                @prov,
+               '-algorithm', 'RSA',
+               '-pkeyopt', 'bits:2080',
+               '-out', 'genrsatest2080.pem'])),
+       "Generating RSA key with > 2048 bits and < 3072 bits");
+}

From shane.lontis at oracle.com  Wed Aug 12 02:25:13 2020
From: shane.lontis at oracle.com (shane.lontis at oracle.com)
Date: Wed, 12 Aug 2020 02:25:13 +0000
Subject: [openssl]  master update
Message-ID: <1597199113.656441.31016.nullmailer@dev.openssl.org>

The branch master has been updated
       via  e3efe7a53299dff3cd2222542b6a999b1360d626 (commit)
      from  af88e64a98a6402dabd41ac2de194444dd285b49 (commit)


- Log -----------------------------------------------------------------
commit e3efe7a53299dff3cd2222542b6a999b1360d626
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Wed Aug 12 11:59:43 2020 +1000

    Add public API for gettables and settables for keymanagement, signatures and key exchange.
    
    The openssl provider app will now display these params.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12396)

-----------------------------------------------------------------------

Summary of changes:
 apps/lib/app_params.c                     |  2 +-
 apps/provider.c                           | 67 +++++++++++++++++--------------
 crypto/evp/exchange.c                     | 21 ++++++++++
 crypto/evp/keymgmt_meth.c                 |  7 ++--
 crypto/evp/p_lib.c                        |  2 +-
 crypto/evp/pmeth_lib.c                    |  2 +-
 crypto/evp/signature.c                    | 22 ++++++++++
 doc/internal/man3/evp_keymgmt_newdata.pod | 12 ++----
 doc/man3/EVP_KEYEXCH_free.pod             | 15 ++++++-
 doc/man3/EVP_KEYMGMT.pod                  | 24 ++++++++++-
 doc/man3/EVP_SIGNATURE_free.pod           | 15 ++++++-
 include/crypto/evp.h                      |  5 ---
 include/openssl/evp.h                     |  7 ++++
 util/libcrypto.num                        |  7 ++++
 14 files changed, 152 insertions(+), 56 deletions(-)

diff --git a/apps/lib/app_params.c b/apps/lib/app_params.c
index ba50707926..3305b1e922 100644
--- a/apps/lib/app_params.c
+++ b/apps/lib/app_params.c
@@ -75,7 +75,7 @@ static int describe_param_type(char *buf, size_t bufsz, const OSSL_PARAM *param)
 int print_param_types(const char *thing, const OSSL_PARAM *pdefs, int indent)
 {
     if (pdefs == NULL) {
-        BIO_printf(bio_out, "%*sNo declared %s\n", indent, "", thing);
+        return 1;
     } else if (pdefs->key == NULL) {
         /*
          * An empty list?  This shouldn't happen, but let's just make sure to
diff --git a/apps/provider.c b/apps/provider.c
index 83fb2f3aee..7d3581153b 100644
--- a/apps/provider.c
+++ b/apps/provider.c
@@ -52,8 +52,10 @@ struct info_st {
     void (*collect_names_fn)(void *method, STACK_OF(OPENSSL_CSTRING) *names);
     void *method;
     const OSSL_PARAM *gettable_params;
+    const OSSL_PARAM *settable_params;
     const OSSL_PARAM *gettable_ctx_params;
     const OSSL_PARAM *settable_ctx_params;
+    const OSSL_PARAM *gen_settable_params;
 };
 
 struct meta_st {
@@ -134,12 +136,16 @@ static void print_caps(META *meta, INFO *info)
         BIO_printf(bio_out, "%*s%s ", meta->indent, "", meta->label);
         print_method_names(bio_out, info);
         BIO_printf(bio_out, "\n");
+        print_param_types("settable keygen parameters",
+                          info->gen_settable_params, meta->subindent);
+        print_param_types("settable algorithm parameters",
+                          info->settable_params, meta->subindent);
         print_param_types("retrievable algorithm parameters",
                           info->gettable_params, meta->subindent);
-        print_param_types("retrievable operation parameters",
-                          info->gettable_ctx_params, meta->subindent);
         print_param_types("settable operation parameters",
                           info->settable_ctx_params, meta->subindent);
+        print_param_types("retrievable operation parameters",
+                          info->gettable_ctx_params, meta->subindent);
         break;
     }
     meta->first = 0;
@@ -155,6 +161,7 @@ static void do_method(void *method,
 {
     INFO info;
 
+    memset(&info, 0, sizeof(info));
     info.collect_names_fn = collect_names_fn;
     info.method = method;
     info.gettable_params = gettable_params;
@@ -164,6 +171,27 @@ static void do_method(void *method,
     meta->total++;
 }
 
+static void do_keymgmt_method(void *method,
+                              void (*collect_names_fn)(void *method,
+                                                       STACK_OF(OPENSSL_CSTRING)
+                                                       *names),
+                              const OSSL_PARAM *gettable_params,
+                              const OSSL_PARAM *settable_params,
+                              const OSSL_PARAM *gen_settable_params,
+                              META *meta)
+{
+    INFO info;
+
+    memset(&info, 0, sizeof(info));
+    info.collect_names_fn = collect_names_fn;
+    info.method = method;
+    info.gettable_params = gettable_params;
+    info.settable_params = settable_params;
+    info.gen_settable_params = gen_settable_params;
+    meta->fn(meta, &info);
+    meta->total++;
+}
+
 static void do_cipher(EVP_CIPHER *cipher, void *meta)
 {
     do_method(cipher, collect_cipher_names,
@@ -193,49 +221,28 @@ static void do_mac(EVP_MAC *mac, void *meta)
 
 static void do_keymgmt(EVP_KEYMGMT *keymgmt, void *meta)
 {
-    do_method(keymgmt, collect_keymgmt_names,
-/*
- * TODO(3.0) Enable when KEYMGMT and KEYEXCH have gettables and settables
- */
-#if 0
-              EVP_KEYMGMT_gettable_params(keymgmt),
-              EVP_KEYMGMT_gettable_ctx_params(keymgmt),
-              EVP_KEYMGMT_settable_ctx_params(keymgmt),
-#else
-              NULL, NULL, NULL,
-#endif
-              meta);
+    do_keymgmt_method(keymgmt, collect_keymgmt_names,
+                      EVP_KEYMGMT_gettable_params(keymgmt),
+                      EVP_KEYMGMT_settable_params(keymgmt),
+                      EVP_KEYMGMT_gen_settable_params(keymgmt),
+                      meta);
 }
 
 static void do_keyexch(EVP_KEYEXCH *keyexch, void *meta)
 {
     do_method(keyexch, collect_keyexch_names,
-/*
- * TODO(3.0) Enable when KEYMGMT and KEYEXCH have gettables and settables
- */
-#if 0
-              EVP_KEYEXCH_gettable_params(keyexch),
+              NULL,
               EVP_KEYEXCH_gettable_ctx_params(keyexch),
               EVP_KEYEXCH_settable_ctx_params(keyexch),
-#else
-              NULL, NULL, NULL,
-#endif
               meta);
 }
 
 static void do_signature(EVP_SIGNATURE *signature, void *meta)
 {
     do_method(signature, collect_signature_names,
-/*
- * TODO(3.0) Enable when KEYMGMT and SIGNATURE have gettables and settables
- */
-#if 0
-              EVP_SIGNATURE_gettable_params(signature),
+              NULL,
               EVP_SIGNATURE_gettable_ctx_params(signature),
               EVP_SIGNATURE_settable_ctx_params(signature),
-#else
-              NULL, NULL, NULL,
-#endif
               meta);
 }
 
diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c
index a47a0f0367..ccd75099ad 100644
--- a/crypto/evp/exchange.c
+++ b/crypto/evp/exchange.c
@@ -474,3 +474,24 @@ void EVP_KEYEXCH_names_do_all(const EVP_KEYEXCH *keyexch,
     if (keyexch->prov != NULL)
         evp_names_do_all(keyexch->prov, keyexch->name_id, fn, data);
 }
+
+const OSSL_PARAM *EVP_KEYEXCH_gettable_ctx_params(const EVP_KEYEXCH *keyexch)
+{
+    void *provctx;
+
+    if (keyexch == NULL || keyexch->gettable_ctx_params == NULL)
+        return NULL;
+
+    provctx = ossl_provider_ctx(EVP_KEYEXCH_provider(keyexch));
+    return keyexch->gettable_ctx_params(provctx);
+}
+
+const OSSL_PARAM *EVP_KEYEXCH_settable_ctx_params(const EVP_KEYEXCH *keyexch)
+{
+    void *provctx;
+
+    if (keyexch == NULL || keyexch->settable_ctx_params == NULL)
+        return NULL;
+    provctx = ossl_provider_ctx(EVP_KEYEXCH_provider(keyexch));
+    return keyexch->settable_ctx_params(provctx);
+}
diff --git a/crypto/evp/keymgmt_meth.c b/crypto/evp/keymgmt_meth.c
index 99d9504251..1459b64f0e 100644
--- a/crypto/evp/keymgmt_meth.c
+++ b/crypto/evp/keymgmt_meth.c
@@ -16,7 +16,6 @@
 #include "crypto/evp.h"
 #include "evp_local.h"
 
-
 static void *keymgmt_new(void)
 {
     EVP_KEYMGMT *keymgmt = NULL;
@@ -328,7 +327,7 @@ int evp_keymgmt_gen_set_params(const EVP_KEYMGMT *keymgmt, void *genctx,
     return keymgmt->gen_set_params(genctx, params);
 }
 
-const OSSL_PARAM *evp_keymgmt_gen_settable_params(const EVP_KEYMGMT *keymgmt)
+const OSSL_PARAM *EVP_KEYMGMT_gen_settable_params(const EVP_KEYMGMT *keymgmt)
 {
     void *provctx = ossl_provider_ctx(EVP_KEYMGMT_provider(keymgmt));
 
@@ -367,7 +366,7 @@ int evp_keymgmt_get_params(const EVP_KEYMGMT *keymgmt, void *keydata,
     return keymgmt->get_params(keydata, params);
 }
 
-const OSSL_PARAM *evp_keymgmt_gettable_params(const EVP_KEYMGMT *keymgmt)
+const OSSL_PARAM *EVP_KEYMGMT_gettable_params(const EVP_KEYMGMT *keymgmt)
 {
     void *provctx = ossl_provider_ctx(EVP_KEYMGMT_provider(keymgmt));
 
@@ -384,7 +383,7 @@ int evp_keymgmt_set_params(const EVP_KEYMGMT *keymgmt, void *keydata,
     return keymgmt->set_params(keydata, params);
 }
 
-const OSSL_PARAM *evp_keymgmt_settable_params(const EVP_KEYMGMT *keymgmt)
+const OSSL_PARAM *EVP_KEYMGMT_settable_params(const EVP_KEYMGMT *keymgmt)
 {
     void *provctx = ossl_provider_ctx(EVP_KEYMGMT_provider(keymgmt));
 
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index b057669a2d..145c5286ce 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -1883,7 +1883,7 @@ const OSSL_PARAM *EVP_PKEY_gettable_params(EVP_PKEY *pkey)
         || pkey->keymgmt == NULL
         || pkey->keydata == NULL)
         return 0;
-    return evp_keymgmt_gettable_params(pkey->keymgmt);
+    return EVP_KEYMGMT_gettable_params(pkey->keymgmt);
 }
 
 int EVP_PKEY_get_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM **bn)
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index ba85a8c143..fe2cc689f6 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -680,7 +680,7 @@ const OSSL_PARAM *EVP_PKEY_CTX_settable_params(EVP_PKEY_CTX *ctx)
     }
     if (EVP_PKEY_CTX_IS_GEN_OP(ctx)
             && ctx->keymgmt != NULL)
-        return evp_keymgmt_gen_settable_params(ctx->keymgmt);
+        return EVP_KEYMGMT_gen_settable_params(ctx->keymgmt);
 
     return NULL;
 }
diff --git a/crypto/evp/signature.c b/crypto/evp/signature.c
index 03fd8582f8..67242f59be 100644
--- a/crypto/evp/signature.c
+++ b/crypto/evp/signature.c
@@ -337,6 +337,28 @@ void EVP_SIGNATURE_names_do_all(const EVP_SIGNATURE *signature,
         evp_names_do_all(signature->prov, signature->name_id, fn, data);
 }
 
+const OSSL_PARAM *EVP_SIGNATURE_gettable_ctx_params(const EVP_SIGNATURE *sig)
+{
+    void *provctx;
+
+    if (sig == NULL || sig->gettable_ctx_params == NULL)
+        return NULL;
+
+    provctx = ossl_provider_ctx(EVP_SIGNATURE_provider(sig));
+    return sig->gettable_ctx_params(provctx);
+}
+
+const OSSL_PARAM *EVP_SIGNATURE_settable_ctx_params(const EVP_SIGNATURE *sig)
+{
+    void *provctx;
+
+    if (sig == NULL || sig->settable_ctx_params == NULL)
+        return NULL;
+
+    provctx = ossl_provider_ctx(EVP_SIGNATURE_provider(sig));
+    return sig->settable_ctx_params(provctx);
+}
+
 static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, int operation)
 {
     int ret = 0;
diff --git a/doc/internal/man3/evp_keymgmt_newdata.pod b/doc/internal/man3/evp_keymgmt_newdata.pod
index 0f75e7936b..9b3f2c55f1 100644
--- a/doc/internal/man3/evp_keymgmt_newdata.pod
+++ b/doc/internal/man3/evp_keymgmt_newdata.pod
@@ -3,7 +3,7 @@
 =head1 NAME
 
 evp_keymgmt_newdata, evp_keymgmt_freedata,
-evp_keymgmt_get_params, evp_keymgmt_gettable_params,
+evp_keymgmt_get_params,
 evp_keymgmt_has, evp_keymgmt_validate,
 evp_keymgmt_import, evp_keymgmt_import_types,
 evp_keymgmt_export, evp_keymgmt_export_types
@@ -17,7 +17,6 @@ evp_keymgmt_export, evp_keymgmt_export_types
  void evp_keymgmt_freedata(const EVP_KEYMGMT *keymgmt, void *keyddata);
  int evp_keymgmt_get_params(const EVP_KEYMGMT *keymgmt,
                             void *keydata, OSSL_PARAM params[]);
- const OSSL_PARAM *evp_keymgmt_gettable_params(const EVP_KEYMGMT *keymgmt);
 
  int evp_keymgmt_has(const EVP_KEYMGMT *keymgmt, void *keyddata, int selection);
  int evp_keymgmt_validate(const EVP_KEYMGMT *keymgmt, void *keydata,
@@ -50,9 +49,6 @@ evp_keymgmt_newdata() was chosen for consistency)
 
 evp_keymgmt_get_params() calls the method's get_params() function.
 
-evp_keymgmt_gettable_params() calls the method's gettable_params()
-function.
-
 evp_keymgmt_has() calls the method's has() function.
 
 evp_keymgmt_validate() calls the method's validate() function.
@@ -70,9 +66,9 @@ evp_keymgmt_export_types() calls the method's export_types() function.
 evp_keymgmt_newdata() returns a pointer to a provider side key object,
 or NULL on error.
 
-evp_keymgmt_gettable_params(), evp_keymgmt_import_types(), and
-evp_keymgmt_export_types() return parameter descriptor for importing
-and exporting key data, or NULL if there are no such descriptors.
+evp_keymgmt_import_types(), and evp_keymgmt_export_types() return a parameter
+descriptor for importing and exporting key data, or NULL if there are no such
+descriptors.
 
 All other functions return 1 on success and 0 on error.
 
diff --git a/doc/man3/EVP_KEYEXCH_free.pod b/doc/man3/EVP_KEYEXCH_free.pod
index deb9b9999b..1f5356b97a 100644
--- a/doc/man3/EVP_KEYEXCH_free.pod
+++ b/doc/man3/EVP_KEYEXCH_free.pod
@@ -4,7 +4,8 @@
 
 EVP_KEYEXCH_fetch, EVP_KEYEXCH_free, EVP_KEYEXCH_up_ref, EVP_KEYEXCH_provider,
 EVP_KEYEXCH_is_a, EVP_KEYEXCH_do_all_provided,
-EVP_KEYEXCH_number, EVP_KEYEXCH_names_do_all
+EVP_KEYEXCH_number, EVP_KEYEXCH_names_do_all,
+EVP_KEYEXCH_gettable_ctx_params, EVP_KEYEXCH_settable_ctx_params
 - Functions to manage EVP_KEYEXCH algorithm objects
 
 =head1 SYNOPSIS
@@ -24,6 +25,8 @@ EVP_KEYEXCH_number, EVP_KEYEXCH_names_do_all
  void EVP_KEYEXCH_names_do_all(const EVP_KEYEXCH *exchange,
                                void (*fn)(const char *name, void *data),
                                void *data);
+ const OSSL_PARAM *EVP_KEYEXCH_gettable_ctx_params(const EVP_KEYEXCH *keyexch);
+ const OSSL_PARAM *EVP_KEYEXCH_settable_ctx_params(const EVP_KEYEXCH *keyexch);
 
 =head1 DESCRIPTION
 
@@ -58,6 +61,11 @@ all activated providers in the library context I<libctx>, and for each
 of the implementations, calls I<fn> with the implementation method and
 I<data> as arguments.
 
+EVP_KEYEXCH_gettable_ctx_params() and EVP_KEYEXCH_settable_ctx_params() return
+a constant B<OSSL_PARAM> array that describes the names and types of key
+parameters that can be retrieved or set by a key exchange algorithm using
+L<EVP_PKEY_CTX_get_params(3)> and L<EVP_PKEY_CTX_set_params(3)>.
+
 =head1 RETURN VALUES
 
 EVP_KEYEXCH_fetch() returns a pointer to a B<EVP_KEYEXCH> for success
@@ -70,6 +78,9 @@ otherwise 0.
 
 EVP_KEYEXCH_number() returns an integer.
 
+EVP_KEYEXCH_gettable_ctx_params() and EVP_KEYEXCH_settable_ctx_params() return
+a constant B<OSSL_PARAM> array or NULL on error.
+
 =head1 SEE ALSO
 
 L<provider(7)/Fetching algorithms>, L<OSSL_PROVIDER(3)>
@@ -80,7 +91,7 @@ The functions described here were added in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/EVP_KEYMGMT.pod b/doc/man3/EVP_KEYMGMT.pod
index 853a15f089..8e7afc6a22 100644
--- a/doc/man3/EVP_KEYMGMT.pod
+++ b/doc/man3/EVP_KEYMGMT.pod
@@ -10,7 +10,10 @@ EVP_KEYMGMT_provider,
 EVP_KEYMGMT_is_a,
 EVP_KEYMGMT_number,
 EVP_KEYMGMT_do_all_provided,
-EVP_KEYMGMT_names_do_all
+EVP_KEYMGMT_names_do_all,
+EVP_KEYMGMT_gettable_params,
+EVP_KEYMGMT_settable_params,
+EVP_KEYMGMT_gen_settable_params
 - EVP key management routines
 
 =head1 SYNOPSIS
@@ -32,6 +35,9 @@ EVP_KEYMGMT_names_do_all
  void EVP_KEYMGMT_names_do_all(const EVP_KEYMGMT *keymgmt,
                                void (*fn)(const char *name, void *data),
                                void *data);
+ const OSSL_PARAM *EVP_KEYMGMT_gettable_params(const EVP_KEYMGMT *keymgmt);
+ const OSSL_PARAM *EVP_KEYMGMT_settable_params(const EVP_KEYMGMT *keymgmt);
+ const OSSL_PARAM *EVP_KEYMGMT_gen_settable_params(const EVP_KEYMGMT *keymgmt);
 
 =head1 DESCRIPTION
 
@@ -71,6 +77,16 @@ all activated providers in the library context I<libctx>, and for each
 of the implementations, calls I<fn> with the implementation method and
 I<data> as arguments.
 
+EVP_KEYMGMT_gettable_params() and EVP_KEYMGMT_settable_params() return a
+constant B<OSSL_PARAM> array that describes the names and types of key
+parameters that can be retrieved or set.
+EVP_KEYMGMT_gettable_params() is used by L<EVP_PKEY_gettable_params(3)>.
+See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as a parameter descriptor.
+
+EVP_KEYMGMT_gen_settable_params() returns a constant B<OSSL_PARAM> array that
+describes the names and types of key generation parameters that can be set via
+L<EVP_PKEY_CTX_set_params(3)>.
+
 =head1 NOTES
 
 EVP_KEYMGMT_fetch() may be called implicitly by other fetching
@@ -95,6 +111,10 @@ otherwise 0.
 
 EVP_KEYMGMT_number() returns an integer.
 
+EVP_KEYMGMT_gettable_params(), EVP_KEYMGMT_settable_params() and
+EVP_KEYMGMT_gen_settable_params() return a constant B<OSSL_PARAM> array or
+NULL on error.
+
 =head1 SEE ALSO
 
 L<EVP_MD_fetch(3)>, L<OPENSSL_CTX(3)>
@@ -105,7 +125,7 @@ The functions described here were added in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/EVP_SIGNATURE_free.pod b/doc/man3/EVP_SIGNATURE_free.pod
index 70a0ee72dc..6c5724bf54 100644
--- a/doc/man3/EVP_SIGNATURE_free.pod
+++ b/doc/man3/EVP_SIGNATURE_free.pod
@@ -4,7 +4,8 @@
 
 EVP_SIGNATURE_fetch, EVP_SIGNATURE_free, EVP_SIGNATURE_up_ref,
 EVP_SIGNATURE_number, EVP_SIGNATURE_is_a, EVP_SIGNATURE_provider,
-EVP_SIGNATURE_do_all_provided, EVP_SIGNATURE_names_do_all
+EVP_SIGNATURE_do_all_provided, EVP_SIGNATURE_names_do_all,
+EVP_SIGNATURE_gettable_ctx_params, EVP_SIGNATURE_settable_ctx_params
 - Functions to manage EVP_SIGNATURE algorithm objects
 
 =head1 SYNOPSIS
@@ -25,6 +26,8 @@ EVP_SIGNATURE_do_all_provided, EVP_SIGNATURE_names_do_all
  void EVP_SIGNATURE_names_do_all(const EVP_SIGNATURE *signature,
                                  void (*fn)(const char *name, void *data),
                                  void *data);
+ const OSSL_PARAM *EVP_SIGNATURE_gettable_ctx_params(const EVP_SIGNATURE *sig);
+ const OSSL_PARAM *EVP_SIGNATURE_settable_ctx_params(const EVP_SIGNATURE *sig);
 
 =head1 DESCRIPTION
 
@@ -61,6 +64,11 @@ I<signature>.
 EVP_SIGNATURE_names_do_all() traverses all names for I<signature>, and calls
 I<fn> with each name and I<data>.
 
+EVP_SIGNATURE_gettable_ctx_params() and EVP_SIGNATURE_settable_ctx_params()
+return a constant B<OSSL_PARAM> array that describes the names and types of key
+parameters that can be retrieved or set by a signature algorithm using
+L<EVP_PKEY_CTX_get_params(3)> and L<EVP_PKEY_CTX_set_params(3)>.
+
 =head1 RETURN VALUES
 
 EVP_SIGNATURE_fetch() returns a pointer to an B<EVP_SIGNATURE> for success
@@ -68,6 +76,9 @@ or B<NULL> for failure.
 
 EVP_SIGNATURE_up_ref() returns 1 for success or 0 otherwise.
 
+EVP_SIGNATURE_gettable_ctx_params() and EVP_SIGNATURE_settable_ctx_params()
+return a constant B<OSSL_PARAM> array or NULL on error.
+
 =head1 SEE ALSO
 
 L<provider(7)/Fetching algorithms>, L<OSSL_PROVIDER(3)>
@@ -78,7 +89,7 @@ The functions described here were added in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
index 07f7ee15ea..f170e59324 100644
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -694,18 +694,13 @@ void *evp_keymgmt_newdata(const EVP_KEYMGMT *keymgmt);
 void evp_keymgmt_freedata(const EVP_KEYMGMT *keymgmt, void *keyddata);
 int evp_keymgmt_get_params(const EVP_KEYMGMT *keymgmt,
                            void *keydata, OSSL_PARAM params[]);
-const OSSL_PARAM *evp_keymgmt_gettable_params(const EVP_KEYMGMT *keymgmt);
 int evp_keymgmt_set_params(const EVP_KEYMGMT *keymgmt,
                            void *keydata, const OSSL_PARAM params[]);
-const OSSL_PARAM *evp_keymgmt_settable_params(const EVP_KEYMGMT *keymgmt);
-
 void *evp_keymgmt_gen_init(const EVP_KEYMGMT *keymgmt, int selection);
 int evp_keymgmt_gen_set_template(const EVP_KEYMGMT *keymgmt, void *genctx,
                                  void *template);
 int evp_keymgmt_gen_set_params(const EVP_KEYMGMT *keymgmt, void *genctx,
                                const OSSL_PARAM params[]);
-const OSSL_PARAM *
-evp_keymgmt_gen_settable_params(const EVP_KEYMGMT *keymgmt);
 void *evp_keymgmt_gen(const EVP_KEYMGMT *keymgmt, void *genctx,
                       OSSL_CALLBACK *cb, void *cbarg);
 void evp_keymgmt_gen_cleanup(const EVP_KEYMGMT *keymgmt, void *genctx);
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 76e5565f36..189112efaa 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -1588,6 +1588,9 @@ void EVP_KEYMGMT_do_all_provided(OPENSSL_CTX *libctx,
 void EVP_KEYMGMT_names_do_all(const EVP_KEYMGMT *keymgmt,
                               void (*fn)(const char *name, void *data),
                               void *data);
+const OSSL_PARAM *EVP_KEYMGMT_gettable_params(const EVP_KEYMGMT *keymgmt);
+const OSSL_PARAM *EVP_KEYMGMT_settable_params(const EVP_KEYMGMT *keymgmt);
+const OSSL_PARAM *EVP_KEYMGMT_gen_settable_params(const EVP_KEYMGMT *keymgmt);
 
 EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
 EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
@@ -1667,6 +1670,8 @@ void EVP_SIGNATURE_do_all_provided(OPENSSL_CTX *libctx,
 void EVP_SIGNATURE_names_do_all(const EVP_SIGNATURE *signature,
                                 void (*fn)(const char *name, void *data),
                                 void *data);
+const OSSL_PARAM *EVP_SIGNATURE_gettable_ctx_params(const EVP_SIGNATURE *sig);
+const OSSL_PARAM *EVP_SIGNATURE_settable_ctx_params(const EVP_SIGNATURE *sig);
 
 void EVP_ASYM_CIPHER_free(EVP_ASYM_CIPHER *cipher);
 int EVP_ASYM_CIPHER_up_ref(EVP_ASYM_CIPHER *cipher);
@@ -1939,6 +1944,8 @@ void EVP_KEYEXCH_do_all_provided(OPENSSL_CTX *libctx,
 void EVP_KEYEXCH_names_do_all(const EVP_KEYEXCH *keyexch,
                               void (*fn)(const char *name, void *data),
                               void *data);
+const OSSL_PARAM *EVP_KEYEXCH_gettable_ctx_params(const EVP_KEYEXCH *keyexch);
+const OSSL_PARAM *EVP_KEYEXCH_settable_ctx_params(const EVP_KEYEXCH *keyexch);
 
 void EVP_add_alg_module(void);
 
diff --git a/util/libcrypto.num b/util/libcrypto.num
index d5f7d9826c..2a573cae7a 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5252,3 +5252,10 @@ EVP_PKEY_CTX_set0_dh_kdf_ukm            ?	3_0_0	EXIST::FUNCTION:DH
 EVP_PKEY_CTX_get0_dh_kdf_ukm            ?	3_0_0	EXIST::FUNCTION:DH
 EVP_CIPHER_CTX_get_iv_state             ?	3_0_0	EXIST::FUNCTION:
 EVP_CIPHER_CTX_get_iv                   ?	3_0_0	EXIST::FUNCTION:
+EVP_KEYMGMT_gettable_params             ?	3_0_0	EXIST::FUNCTION:
+EVP_KEYMGMT_settable_params             ?	3_0_0	EXIST::FUNCTION:
+EVP_KEYMGMT_gen_settable_params         ?	3_0_0	EXIST::FUNCTION:
+EVP_SIGNATURE_gettable_ctx_params       ?	3_0_0	EXIST::FUNCTION:
+EVP_SIGNATURE_settable_ctx_params       ?	3_0_0	EXIST::FUNCTION:
+EVP_KEYEXCH_gettable_ctx_params         ?	3_0_0	EXIST::FUNCTION:
+EVP_KEYEXCH_settable_ctx_params         ?	3_0_0	EXIST::FUNCTION:

From builds at travis-ci.com  Wed Aug 12 03:38:56 2020
From: builds at travis-ci.com (Travis CI)
Date: Wed, 12 Aug 2020 03:38:56 +0000
Subject: Still Failing: openssl/openssl#36641 (master - af88e64)
In-Reply-To: <openssl/openssl+179358899+still failing@travis-ci.com>
Message-ID: <5f3364507cdb7_13fb0d31c4ddc132267@travis-pro-tasks-79d59dbd64-52zdm.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36641
Status: Still Failing

Duration: 1 hr, 3 mins, and 4 secs
Commit: af88e64 (master)
Author: Shane Lontis
Message: Fix serializer_EVP_PKEY_to_bio so that that the key is exported if the serializer provider does not match the key provider.

RSA keys in the 'base' provider are different from a fips provider RSA key (since they have different object structures).
To use a fips provider key in the base serializer the key needs to be exported.
The fix was suggested by @levitte.

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12162)

View the changeset: https://github.com/openssl/openssl/compare/1017ab21e478...af88e64a98a6

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179358899?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200812/bbcb1594/attachment-0001.html>

From builds at travis-ci.com  Wed Aug 12 05:09:05 2020
From: builds at travis-ci.com (Travis CI)
Date: Wed, 12 Aug 2020 05:09:05 +0000
Subject: Still Failing: openssl/openssl#36643 (master - e3efe7a)
In-Reply-To: <openssl/openssl+179362653+still failing@travis-ci.com>
Message-ID: <5f337971298ec_13fac792ab90c12190@travis-pro-tasks-b97b5954c-2579s.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36643
Status: Still Failing

Duration: 1 hr, 6 mins, and 7 secs
Commit: e3efe7a (master)
Author: Shane Lontis
Message: Add public API for gettables and settables for keymanagement, signatures and key exchange.

The openssl provider app will now display these params.

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12396)

View the changeset: https://github.com/openssl/openssl/compare/af88e64a98a6...e3efe7a53299

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179362653?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200812/57acc21d/attachment.html>

From dev at ddvo.net  Wed Aug 12 12:01:50 2020
From: dev at ddvo.net (dev at ddvo.net)
Date: Wed, 12 Aug 2020 12:01:50 +0000
Subject: [openssl]  master update
Message-ID: <1597233710.127514.17472.nullmailer@dev.openssl.org>

The branch master has been updated
       via  eeccc237239d6f2b6fbc557be7062bfe2ab836be (commit)
      from  e3efe7a53299dff3cd2222542b6a999b1360d626 (commit)


- Log -----------------------------------------------------------------
commit eeccc237239d6f2b6fbc557be7062bfe2ab836be
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Sun Apr 26 18:30:45 2020 +0200

    Introduce X509_add_cert[s] simplifying various additions to cert lists
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12615)

-----------------------------------------------------------------------

Summary of changes:
 apps/cmp.c                                         | 56 ++-----------------
 crypto/cmp/cmp_ctx.c                               |  3 +-
 crypto/cmp/cmp_local.h                             |  6 +-
 crypto/cmp/cmp_msg.c                               |  3 +-
 crypto/cmp/cmp_protect.c                           | 14 +++--
 crypto/cmp/cmp_util.c                              | 61 ++-------------------
 crypto/cmp/cmp_vfy.c                               | 21 +++++--
 crypto/cms/cms_lib.c                               |  9 +--
 crypto/cms/cms_sd.c                                |  9 +--
 crypto/ocsp/ocsp_cl.c                              |  9 +--
 crypto/ocsp/ocsp_local.h                           |  2 +
 crypto/ocsp/ocsp_srv.c                             |  9 +--
 crypto/ocsp/ocsp_vfy.c                             |  9 +--
 crypto/pkcs12/p12_kiss.c                           |  9 +--
 crypto/pkcs7/pk7_lib.c                             | 15 +----
 crypto/ts/ts_conf.c                                |  9 ++-
 crypto/x509/x509_cmp.c                             | 56 +++++++++++++++++++
 crypto/x509/x509_lu.c                              | 19 ++-----
 crypto/x509/x509_vfy.c                             | 39 ++-----------
 ...cert.pod => ossl_cmp_X509_STORE_add1_certs.pod} | 22 +-------
 doc/man3/X509_add_cert.pod                         | 64 ++++++++++++++++++++++
 include/crypto/x509.h                              |  3 +-
 include/openssl/x509.h                             |  8 +++
 test/cmp_vfy_test.c                                |  4 +-
 util/libcrypto.num                                 |  2 +
 25 files changed, 209 insertions(+), 252 deletions(-)
 rename doc/internal/man3/{ossl_cmp_sk_X509_add1_cert.pod => ossl_cmp_X509_STORE_add1_certs.pod} (53%)
 create mode 100644 doc/man3/X509_add_cert.pod

diff --git a/apps/cmp.c b/apps/cmp.c
index 01c5394344..f0b3148714 100644
--- a/apps/cmp.c
+++ b/apps/cmp.c
@@ -603,54 +603,6 @@ static int print_to_bio_out(const char *func, const char *file, int line,
     return OSSL_CMP_print_to_bio(bio_out, func, file, line, level, msg);
 }
 
-/* code duplicated from crypto/cmp/cmp_util.c */
-static int sk_X509_add1_cert(STACK_OF(X509) *sk, X509 *cert,
-                             int no_dup, int prepend)
-{
-    if (no_dup) {
-        /*
-         * not using sk_X509_set_cmp_func() and sk_X509_find()
-         * because this re-orders the certs on the stack
-         */
-        int i;
-
-        for (i = 0; i < sk_X509_num(sk); i++) {
-            if (X509_cmp(sk_X509_value(sk, i), cert) == 0)
-                return 1;
-        }
-    }
-    if (!X509_up_ref(cert))
-        return 0;
-    if (!sk_X509_insert(sk, cert, prepend ? 0 : -1)) {
-        X509_free(cert);
-        return 0;
-    }
-    return 1;
-}
-
-/* code duplicated from crypto/cmp/cmp_util.c */
-static int sk_X509_add1_certs(STACK_OF(X509) *sk, STACK_OF(X509) *certs,
-                              int no_self_signed, int no_dups, int prepend)
-/* compiler would allow 'const' for the list of certs, yet they are up-ref'ed */
-{
-    int i;
-
-    if (sk == NULL)
-        return 0;
-    if (certs == NULL)
-        return 1;
-    for (i = 0; i < sk_X509_num(certs); i++) {
-        X509 *cert = sk_X509_value(certs, i);
-
-        if (!no_self_signed || X509_check_issued(cert, cert) != X509_V_OK) {
-            if (!sk_X509_add1_cert(sk, cert, no_dups, prepend))
-                return 0;
-        }
-    }
-    return 1;
-}
-
-/* TODO potentially move to apps/lib/apps.c */
 static char *next_item(char *opt) /* in list separated by comma and/or space */
 {
     /* advance to separator (comma or whitespace), if any */
@@ -1210,7 +1162,8 @@ static STACK_OF(X509) *load_certs_multifile(char *files,
 
         if (!load_certs_autofmt(files, &certs, 0, pass, desc))
             goto err;
-        if (!sk_X509_add1_certs(result, certs, 0, 1 /* no dups */, 0))
+        if (!X509_add_certs(result, certs,
+                            X509_ADD_FLAG_UP_REF | X509_ADD_FLAG_NO_DUP))
             goto oom;
         sk_X509_pop_free(certs, X509_free);
         certs = NULL;
@@ -1787,8 +1740,9 @@ static int setup_protection_ctx(OSSL_CMP_CTX *ctx, ENGINE *engine)
             /* add any remaining certs to the list of untrusted certs */
             STACK_OF(X509) *untrusted = OSSL_CMP_CTX_get0_untrusted_certs(ctx);
             ok = untrusted != NULL ?
-                sk_X509_add1_certs(untrusted, certs, 0, 1 /* no dups */, 0) :
-                OSSL_CMP_CTX_set1_untrusted_certs(ctx, certs);
+                X509_add_certs(untrusted, certs,
+                               X509_ADD_FLAG_UP_REF | X509_ADD_FLAG_NO_DUP)
+                : OSSL_CMP_CTX_set1_untrusted_certs(ctx, certs);
         }
         sk_X509_pop_free(certs, X509_free);
         if (!ok)
diff --git a/crypto/cmp/cmp_ctx.c b/crypto/cmp/cmp_ctx.c
index 558414bb5c..3081dfcc21 100644
--- a/crypto/cmp/cmp_ctx.c
+++ b/crypto/cmp/cmp_ctx.c
@@ -78,7 +78,8 @@ int OSSL_CMP_CTX_set1_untrusted_certs(OSSL_CMP_CTX *ctx, STACK_OF(X509) *certs)
     }
     if ((untrusted_certs = sk_X509_new_null()) == NULL)
         return 0;
-    if (ossl_cmp_sk_X509_add1_certs(untrusted_certs, certs, 0, 1, 0) != 1)
+    if (X509_add_certs(untrusted_certs, certs,
+                       X509_ADD_FLAG_UP_REF | X509_ADD_FLAG_NO_DUP) != 1)
         goto err;
     sk_X509_pop_free(ctx->untrusted_certs, X509_free);
     ctx->untrusted_certs = untrusted_certs;
diff --git a/crypto/cmp/cmp_local.h b/crypto/cmp/cmp_local.h
index 4e33fd339c..84309cc1af 100644
--- a/crypto/cmp/cmp_local.h
+++ b/crypto/cmp/cmp_local.h
@@ -732,11 +732,7 @@ const char *ossl_cmp_log_parse_metadata(const char *buf,
                                         char **file, int *line);
 # define ossl_cmp_add_error_data(txt) ERR_add_error_txt(" : ", txt)
 # define ossl_cmp_add_error_line(txt) ERR_add_error_txt("\n", txt)
-/* functions manipulating lists of certificates etc could be generally useful */
-int ossl_cmp_sk_X509_add1_cert(STACK_OF(X509) *sk, X509 *cert,
-                               int no_dup, int prepend);
-int ossl_cmp_sk_X509_add1_certs(STACK_OF(X509) *sk, STACK_OF(X509) *certs,
-                                int no_self_issued, int no_dups, int prepend);
+/* The two functions manipulating X509_STORE could be generally useful */
 int ossl_cmp_X509_STORE_add1_certs(X509_STORE *store, STACK_OF(X509) *certs,
                                    int only_self_issued);
 STACK_OF(X509) *ossl_cmp_X509_STORE_get1_certs(X509_STORE *store);
diff --git a/crypto/cmp/cmp_msg.c b/crypto/cmp/cmp_msg.c
index 6d6e3bd2b6..d506e7b22b 100644
--- a/crypto/cmp/cmp_msg.c
+++ b/crypto/cmp/cmp_msg.c
@@ -440,7 +440,8 @@ OSSL_CMP_MSG *ossl_cmp_certrep_new(OSSL_CMP_CTX *ctx, int bodytype,
     if (sk_X509_num(chain) > 0) {
         msg->extraCerts = sk_X509_new_reserve(NULL, sk_X509_num(chain));
         if (msg->extraCerts == NULL
-            || !ossl_cmp_sk_X509_add1_certs(msg->extraCerts, chain, 0, 1, 0))
+                || !X509_add_certs(msg->extraCerts, chain,
+                                   X509_ADD_FLAG_UP_REF | X509_ADD_FLAG_NO_DUP))
         goto err;
     }
 
diff --git a/crypto/cmp/cmp_protect.c b/crypto/cmp/cmp_protect.c
index 880051d3dd..0f70c29953 100644
--- a/crypto/cmp/cmp_protect.c
+++ b/crypto/cmp/cmp_protect.c
@@ -147,15 +147,17 @@ int ossl_cmp_msg_add_extraCerts(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg)
 
     if (ctx->cert != NULL && ctx->pkey != NULL) {
         /* make sure that our own cert is included in the first position */
-        if (!ossl_cmp_sk_X509_add1_cert(msg->extraCerts, ctx->cert, 1, 1))
+        if (!X509_add_cert(msg->extraCerts, ctx->cert,
+                           X509_ADD_FLAG_UP_REF | X509_ADD_FLAG_NO_DUP
+                           | X509_ADD_FLAG_PREPEND))
             return 0;
         /* if we have untrusted certs, try to add intermediate certs */
         if (ctx->untrusted_certs != NULL) {
             STACK_OF(X509) *chain =
                 ossl_cmp_build_cert_chain(ctx->untrusted_certs, ctx->cert);
-            int res = ossl_cmp_sk_X509_add1_certs(msg->extraCerts, chain,
-                                                  1 /* no self-issued */,
-                                                  1 /* no duplicates */, 0);
+            int res = X509_add_certs(msg->extraCerts, chain,
+                                     X509_ADD_FLAG_UP_REF | X509_ADD_FLAG_NO_DUP
+                                     | X509_ADD_FLAG_NO_SS);
 
             sk_X509_pop_free(chain, X509_free);
             if (res == 0)
@@ -164,8 +166,8 @@ int ossl_cmp_msg_add_extraCerts(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg)
     }
 
     /* add any additional certificates from ctx->extraCertsOut */
-    if (!ossl_cmp_sk_X509_add1_certs(msg->extraCerts, ctx->extraCertsOut, 0,
-                                     1 /* no duplicates */, 0))
+    if (!X509_add_certs(msg->extraCerts, ctx->extraCertsOut,
+                        X509_ADD_FLAG_UP_REF | X509_ADD_FLAG_NO_DUP))
         return 0;
 
     /* if none was found avoid empty ASN.1 sequence */
diff --git a/crypto/cmp/cmp_util.c b/crypto/cmp/cmp_util.c
index d1128d7e66..0ec69d0bb5 100644
--- a/crypto/cmp/cmp_util.c
+++ b/crypto/cmp/cmp_util.c
@@ -184,60 +184,6 @@ void OSSL_CMP_print_errors_cb(OSSL_CMP_log_cb_t log_fn)
     }
 }
 
-/*
- * functions manipulating lists of certificates etc.
- * these functions could be generally useful.
- */
-
-int ossl_cmp_sk_X509_add1_cert(STACK_OF(X509) *sk, X509 *cert,
-                               int no_dup, int prepend)
-{
-    if (sk == NULL) {
-        CMPerr(0, CMP_R_NULL_ARGUMENT);
-        return 0;
-    }
-    if (no_dup) {
-        /*
-         * not using sk_X509_set_cmp_func() and sk_X509_find()
-         * because this re-orders the certs on the stack
-         */
-        int i;
-
-        for (i = 0; i < sk_X509_num(sk); i++) {
-            if (X509_cmp(sk_X509_value(sk, i), cert) == 0)
-                return 1;
-        }
-    }
-    if (!X509_up_ref(cert))
-        return 0;
-    if (!sk_X509_insert(sk, cert, prepend ? 0 : -1)) {
-        X509_free(cert);
-        return 0;
-    }
-    return 1;
-}
-
-int ossl_cmp_sk_X509_add1_certs(STACK_OF(X509) *sk, STACK_OF(X509) *certs,
-                                int no_self_signed, int no_dups, int prepend)
-/* compiler would allow 'const' for the list of certs, yet they are up-ref'ed */
-{
-    int i;
-
-    if (sk == NULL) {
-        CMPerr(0, CMP_R_NULL_ARGUMENT);
-        return 0;
-    }
-    for (i = 0; i < sk_X509_num(certs); i++) { /* certs may be NULL */
-        X509 *cert = sk_X509_value(certs, i);
-
-        if (!no_self_signed || X509_self_signed(cert, 0) != 1) {
-            if (!ossl_cmp_sk_X509_add1_cert(sk, cert, no_dups, prepend))
-                return 0;
-        }
-    }
-    return 1;
-}
-
 int ossl_cmp_X509_STORE_add1_certs(X509_STORE *store, STACK_OF(X509) *certs,
                                    int only_self_signed)
 {
@@ -310,11 +256,12 @@ STACK_OF(X509) *ossl_cmp_build_cert_chain(STACK_OF(X509) *certs, X509 *cert)
 
     chain = X509_STORE_CTX_get0_chain(csc);
 
-    /* result list to store the up_ref'ed not self-issued certificates */
+    /* result list to store the up_ref'ed not self-signed certificates */
     if ((result = sk_X509_new_null()) == NULL)
         goto err;
-    if (!ossl_cmp_sk_X509_add1_certs(result, chain, 1 /* no self-issued */,
-                                     1 /* no duplicates */, 0)) {
+    if (!X509_add_certs(result, chain,
+                        X509_ADD_FLAG_UP_REF | X509_ADD_FLAG_NO_DUP
+                        | X509_ADD_FLAG_NO_SS)) {
         sk_X509_free(result);
         result = NULL;
     }
diff --git a/crypto/cmp/cmp_vfy.c b/crypto/cmp/cmp_vfy.c
index c702b2ec16..27dc612baf 100644
--- a/crypto/cmp/cmp_vfy.c
+++ b/crypto/cmp/cmp_vfy.c
@@ -695,9 +695,10 @@ int ossl_cmp_msg_check_update(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg,
      * extraCerts because they do not belong to the protected msg part anyway.
      * For efficiency, the extraCerts are prepended so they get used first.
      */
-    if (!ossl_cmp_sk_X509_add1_certs(ctx->untrusted_certs, msg->extraCerts,
-                                     0 /* this allows self-issued certs */,
-                                     1 /* no_dups */, 1 /* prepend */))
+    if (!X509_add_certs(ctx->untrusted_certs, msg->extraCerts,
+                        /* this allows self-signed certs */
+                        X509_ADD_FLAG_UP_REF | X509_ADD_FLAG_NO_DUP
+                        | X509_ADD_FLAG_PREPEND))
         return 0;
 
     /* validate message protection */
@@ -768,7 +769,19 @@ int ossl_cmp_msg_check_update(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg,
     /* if not yet present, learn transactionID */
     if (ctx->transactionID == NULL
         && !OSSL_CMP_CTX_set1_transactionID(ctx, hdr->transactionID))
-        return 0;
+        return -1;
+
+    /*
+     * Store any provided extraCerts in ctx for future use,
+     * such that they are available to ctx->certConf_cb and
+     * the peer does not need to send them again in the same transaction.
+     * For efficiency, the extraCerts are prepended so they get used first.
+     */
+    if (!X509_add_certs(ctx->untrusted_certs, msg->extraCerts,
+                        /* this allows self-signed certs */
+                        X509_ADD_FLAG_UP_REF | X509_ADD_FLAG_NO_DUP
+                        | X509_ADD_FLAG_PREPEND))
+        return -1;
 
     if (ossl_cmp_hdr_get_protection_nid(hdr) == NID_id_PasswordBasedMAC) {
         /*
diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c
index 61f965c6dc..92321dfc33 100644
--- a/crypto/cms/cms_lib.c
+++ b/crypto/cms/cms_lib.c
@@ -603,16 +603,11 @@ STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms)
     for (i = 0; i < sk_CMS_CertificateChoices_num(*pcerts); i++) {
         cch = sk_CMS_CertificateChoices_value(*pcerts, i);
         if (cch->type == 0) {
-            if (!certs) {
-                certs = sk_X509_new_null();
-                if (!certs)
-                    return NULL;
-            }
-            if (!sk_X509_push(certs, cch->d.certificate)) {
+            if (!X509_add_cert_new(&certs, cch->d.certificate,
+                                   X509_ADD_FLAG_UP_REF)) {
                 sk_X509_pop_free(certs, X509_free);
                 return NULL;
             }
-            X509_up_ref(cch->d.certificate);
         }
     }
     return certs;
diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c
index 9b345de553..4fac4e6182 100644
--- a/crypto/cms/cms_sd.c
+++ b/crypto/cms/cms_sd.c
@@ -20,6 +20,7 @@
 #include "crypto/evp.h"
 #include "crypto/cms.h"
 #include "crypto/ess.h"
+#include "crypto/x509.h" /* for X509_add_cert_new() */
 
 DEFINE_STACK_OF(CMS_RevocationInfoChoice)
 DEFINE_STACK_OF(CMS_SignerInfo)
@@ -510,12 +511,8 @@ STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms)
     for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
         si = sk_CMS_SignerInfo_value(sinfos, i);
         if (si->signer != NULL) {
-            if (signers == NULL) {
-                signers = sk_X509_new_null();
-                if (signers == NULL)
-                    return NULL;
-            }
-            if (!sk_X509_push(signers, si->signer)) {
+            if (!X509_add_cert_new(&signers, si->signer,
+                                   X509_ADD_FLAG_DEFAULT)) {
                 sk_X509_free(signers);
                 return NULL;
             }
diff --git a/crypto/ocsp/ocsp_cl.c b/crypto/ocsp/ocsp_cl.c
index 95b16dce55..f45bf1d6dc 100644
--- a/crypto/ocsp/ocsp_cl.c
+++ b/crypto/ocsp/ocsp_cl.c
@@ -81,14 +81,7 @@ int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert)
         return 0;
     if (cert == NULL)
         return 1;
-    if (sig->certs == NULL
-        && (sig->certs = sk_X509_new_null()) == NULL)
-        return 0;
-
-    if (!sk_X509_push(sig->certs, cert))
-        return 0;
-    X509_up_ref(cert);
-    return 1;
+    return X509_add_cert_new(&sig->certs, cert, X509_ADD_FLAG_UP_REF);
 }
 
 /*
diff --git a/crypto/ocsp/ocsp_local.h b/crypto/ocsp/ocsp_local.h
index 3ae337faeb..d354197d4b 100644
--- a/crypto/ocsp/ocsp_local.h
+++ b/crypto/ocsp/ocsp_local.h
@@ -7,6 +7,8 @@
  * https://www.openssl.org/source/license.html
  */
 
+#include "crypto/x509.h" /* for X509_add_cert_new() */
+
 /*-  CertID ::= SEQUENCE {
  *       hashAlgorithm            AlgorithmIdentifier,
  *       issuerNameHash     OCTET STRING, -- Hash of Issuer's DN
diff --git a/crypto/ocsp/ocsp_srv.c b/crypto/ocsp/ocsp_srv.c
index 3cfe3649cc..d20a714855 100644
--- a/crypto/ocsp/ocsp_srv.c
+++ b/crypto/ocsp/ocsp_srv.c
@@ -162,14 +162,7 @@ OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp,
 
 int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert)
 {
-    if (resp->certs == NULL
-        && (resp->certs = sk_X509_new_null()) == NULL)
-        return 0;
-
-    if (!sk_X509_push(resp->certs, cert))
-        return 0;
-    X509_up_ref(cert);
-    return 1;
+    return X509_add_cert_new(&resp->certs, cert, X509_ADD_FLAG_UP_REF);
 }
 
 /*
diff --git a/crypto/ocsp/ocsp_vfy.c b/crypto/ocsp/ocsp_vfy.c
index 0dccb24eb5..33cd236af7 100644
--- a/crypto/ocsp/ocsp_vfy.c
+++ b/crypto/ocsp/ocsp_vfy.c
@@ -67,16 +67,13 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
     }
     if (!(flags & OCSP_NOVERIFY)) {
         int init_res;
+
         if (flags & OCSP_NOCHAIN) {
             untrusted = NULL;
         } else if (bs->certs && certs) {
             untrusted = sk_X509_dup(bs->certs);
-            for (i = 0; i < sk_X509_num(certs); i++) {
-                if (!sk_X509_push(untrusted, sk_X509_value(certs, i))) {
-                    OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, ERR_R_MALLOC_FAILURE);
-                    goto f_err;
-                }
-            }
+            if (!X509_add_certs(untrusted, certs, X509_ADD_FLAG_DEFAULT))
+                goto f_err;
         } else if (certs != NULL) {
             untrusted = certs;
         } else {
diff --git a/crypto/pkcs12/p12_kiss.c b/crypto/pkcs12/p12_kiss.c
index 88925f76d9..eaf6501c1c 100644
--- a/crypto/pkcs12/p12_kiss.c
+++ b/crypto/pkcs12/p12_kiss.c
@@ -10,6 +10,7 @@
 #include <stdio.h>
 #include "internal/cryptlib.h"
 #include <openssl/pkcs12.h>
+#include "crypto/x509.h" /* for X509_add_cert_new() */
 
 DEFINE_STACK_OF(X509)
 DEFINE_STACK_OF(PKCS7)
@@ -99,12 +100,8 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
             ERR_pop_to_mark();
         }
 
-        if (ca && x) {
-            if (*ca == NULL)
-                *ca = sk_X509_new_null();
-            if (*ca == NULL)
-                goto err;
-            if (!sk_X509_push(*ca, x))
+        if (ca != NULL && x != NULL) {
+            if (!X509_add_cert_new(ca, x, X509_ADD_FLAG_DEFAULT))
                 goto err;
             x = NULL;
         }
diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c
index abe3570c68..797d1d2c25 100644
--- a/crypto/pkcs7/pk7_lib.c
+++ b/crypto/pkcs7/pk7_lib.c
@@ -13,7 +13,7 @@
 #include <openssl/x509.h>
 #include "crypto/asn1.h"
 #include "crypto/evp.h"
-#include "crypto/x509.h"
+#include "crypto/x509.h" /* for sk_X509_add1_cert() */
 #include "pk7_local.h"
 
 DEFINE_STACK_OF(X509)
@@ -262,18 +262,7 @@ int PKCS7_add_certificate(PKCS7 *p7, X509 *x509)
         return 0;
     }
 
-    if (*sk == NULL)
-        *sk = sk_X509_new_null();
-    if (*sk == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    X509_up_ref(x509);
-    if (!sk_X509_push(*sk, x509)) {
-        X509_free(x509);
-        return 0;
-    }
-    return 1;
+    return X509_add_cert_new(sk, x509, X509_ADD_FLAG_UP_REF);
 }
 
 int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl)
diff --git a/crypto/ts/ts_conf.c b/crypto/ts/ts_conf.c
index 199a3b82e3..71664fa091 100644
--- a/crypto/ts/ts_conf.c
+++ b/crypto/ts/ts_conf.c
@@ -78,8 +78,13 @@ STACK_OF(X509) *TS_CONF_load_certs(const char *file)
     allcerts = PEM_X509_INFO_read_bio(certs, NULL, NULL, NULL);
     for (i = 0; i < sk_X509_INFO_num(allcerts); i++) {
         X509_INFO *xi = sk_X509_INFO_value(allcerts, i);
-        if (xi->x509) {
-            sk_X509_push(othercerts, xi->x509);
+
+        if (xi->x509 != NULL) {
+            if (!X509_add_cert(othercerts, xi->x509, X509_ADD_FLAG_DEFAULT)) {
+                sk_X509_pop_free(othercerts, X509_free);
+                othercerts = NULL;
+                goto end;
+            }
             xi->x509 = NULL;
         }
     }
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index 25f72e057e..0e770de11d 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -163,6 +163,62 @@ int X509_cmp(const X509 *a, const X509 *b)
     return rv;
 }
 
+int X509_add_cert_new(STACK_OF(X509) **sk, X509 *cert, int flags)
+{
+    if (*sk == NULL
+            && (*sk = sk_X509_new_null()) == NULL) {
+        X509err(0, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    return X509_add_cert(*sk, cert, flags);
+}
+
+int X509_add_cert(STACK_OF(X509) *sk, X509 *cert, int flags)
+{
+    if (sk == NULL) {
+        X509err(0, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    if ((flags & X509_ADD_FLAG_NO_DUP) != 0) {
+        /*
+         * not using sk_X509_set_cmp_func() and sk_X509_find()
+         * because this re-orders the certs on the stack
+         */
+        int i;
+
+        for (i = 0; i < sk_X509_num(sk); i++) {
+            if (X509_cmp(sk_X509_value(sk, i), cert) == 0)
+                return 1;
+        }
+    }
+    if ((flags & X509_ADD_FLAG_NO_SS) != 0 && X509_self_signed(cert, 0))
+        return 1;
+    if (!sk_X509_insert(sk, cert,
+                        (flags & X509_ADD_FLAG_PREPEND) != 0 ? 0 : -1)) {
+        X509err(0, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    if ((flags & X509_ADD_FLAG_UP_REF) != 0)
+        (void)X509_up_ref(cert);
+    return 1;
+}
+
+int X509_add_certs(STACK_OF(X509) *sk, STACK_OF(X509) *certs, int flags)
+/* compiler would allow 'const' for the list of certs, yet they are up-ref'ed */
+{
+    int n = sk_X509_num(certs); /* certs may be NULL */
+    int i;
+ 
+    for (i = 0; i < n; i++) {
+        int j = (flags & X509_ADD_FLAG_PREPEND) == 0 ? i : n - 1 - i;
+        /* if prepend, add certs in reverse order to keep original order */
+
+        if (!X509_add_cert(sk, sk_X509_value(certs, j), flags))
+            return 0;
+    }
+    return 1;
+}
+
 int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
 {
     int ret;
diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index e66cfb1825..f37e09dcdf 100644
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -578,14 +578,9 @@ STACK_OF(X509) *X509_STORE_get1_all_certs(X509_STORE *store)
     for (i = 0; i < sk_X509_OBJECT_num(objs); i++) {
         X509 *cert = X509_OBJECT_get0_X509(sk_X509_OBJECT_value(objs, i));
 
-        if (cert != NULL) {
-            if (!X509_up_ref(cert))
-                goto err;
-            if (!sk_X509_push(sk, cert)) {
-                X509_free(cert);
-                goto err;
-            }
-        }
+        if (cert != NULL
+            && !X509_add_cert(sk, cert, X509_ADD_FLAG_UP_REF))
+            goto err;
     }
     X509_STORE_unlock(store);
     return sk;
@@ -638,14 +633,8 @@ STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX *ctx,
     for (i = 0; i < cnt; i++, idx++) {
         obj = sk_X509_OBJECT_value(store->objs, idx);
         x = obj->data.x509;
-        if (!X509_up_ref(x)) {
-            X509_STORE_unlock(store);
-            sk_X509_pop_free(sk, X509_free);
-            return NULL;
-        }
-        if (!sk_X509_push(sk, x)) {
+        if (!X509_add_cert(sk, x, X509_ADD_FLAG_UP_REF)) {
             X509_STORE_unlock(store);
-            X509_free(x);
             sk_X509_pop_free(sk, X509_free);
             return NULL;
         }
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 012f932ee5..843b65f022 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -285,24 +285,10 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
         return -1;
     }
 
-    if (!X509_up_ref(ctx->cert)) {
-        X509err(X509_F_X509_VERIFY_CERT, ERR_R_INTERNAL_ERROR);
-        ctx->error = X509_V_ERR_UNSPECIFIED;
-        return -1;
-    }
-
-    /*
-     * first we make sure the chain we are going to build is present and that
-     * the first entry is in place
-     */
-    if ((ctx->chain = sk_X509_new_null()) == NULL
-            || !sk_X509_push(ctx->chain, ctx->cert)) {
-        X509_free(ctx->cert);
-        X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
+    if (!X509_add_cert_new(&ctx->chain, ctx->cert, X509_ADD_FLAG_UP_REF)) {
         ctx->error = X509_V_ERR_OUT_OF_MEM;
         return -1;
     }
-
     ctx->num_untrusted = 1;
 
     /* If the peer's public key is too weak, we can stop early. */
@@ -395,18 +381,8 @@ static STACK_OF(X509) *lookup_certs_sk(X509_STORE_CTX *ctx,
     for (i = 0; i < sk_X509_num(ctx->other_ctx); i++) {
         x = sk_X509_value(ctx->other_ctx, i);
         if (X509_NAME_cmp(nm, X509_get_subject_name(x)) == 0) {
-            if (!X509_up_ref(x)) {
-                sk_X509_pop_free(sk, X509_free);
-                X509err(X509_F_LOOKUP_CERTS_SK, ERR_R_INTERNAL_ERROR);
-                ctx->error = X509_V_ERR_UNSPECIFIED;
-                return NULL;
-            }
-            if (sk == NULL)
-                sk = sk_X509_new_null();
-            if (sk == NULL || !sk_X509_push(sk, x)) {
-                X509_free(x);
+            if (!X509_add_cert_new(&sk, x, X509_ADD_FLAG_UP_REF)) {
                 sk_X509_pop_free(sk, X509_free);
-                X509err(X509_F_LOOKUP_CERTS_SK, ERR_R_MALLOC_FAILURE);
                 ctx->error = X509_V_ERR_OUT_OF_MEM;
                 return NULL;
             }
@@ -3053,13 +3029,10 @@ static int build_chain(X509_STORE_CTX *ctx)
             ctx->error = X509_V_ERR_OUT_OF_MEM;
             return 0;
         }
-        for (i = 0; i < sk_X509_num(dane->certs); ++i) {
-            if (!sk_X509_push(sktmp, sk_X509_value(dane->certs, i))) {
-                sk_X509_free(sktmp);
-                X509err(X509_F_BUILD_CHAIN, ERR_R_MALLOC_FAILURE);
-                ctx->error = X509_V_ERR_OUT_OF_MEM;
-                return 0;
-            }
+        if (!X509_add_certs(sktmp, dane->certs, X509_ADD_FLAG_DEFAULT)) {
+            sk_X509_free(sktmp);
+            ctx->error = X509_V_ERR_OUT_OF_MEM;
+            return 0;
         }
     }
 
diff --git a/doc/internal/man3/ossl_cmp_sk_X509_add1_cert.pod b/doc/internal/man3/ossl_cmp_X509_STORE_add1_certs.pod
similarity index 53%
rename from doc/internal/man3/ossl_cmp_sk_X509_add1_cert.pod
rename to doc/internal/man3/ossl_cmp_X509_STORE_add1_certs.pod
index 289428878e..97304ee40d 100644
--- a/doc/internal/man3/ossl_cmp_sk_X509_add1_cert.pod
+++ b/doc/internal/man3/ossl_cmp_X509_STORE_add1_certs.pod
@@ -2,36 +2,20 @@
 
 =head1 NAME
 
-ossl_cmp_sk_X509_add1_cert,
-ossl_cmp_sk_X509_add1_certs,
 ossl_cmp_X509_STORE_add1_certs,
 ossl_cmp_X509_STORE_get1_certs
-- functions manipulating lists of certificates
+- functions manipulating stores of certificates
 
 =head1 SYNOPSIS
 
   #include <openssl/cmp_util.h>
 
-  int ossl_cmp_sk_X509_add1_cert(STACK_OF(X509) *sk, X509 *cert,
-                                 int no_dup, int prepend);
-  int ossl_cmp_sk_X509_add1_certs(STACK_OF(X509) *sk, STACK_OF(X509) *certs,
-                                  int no_self_signed, int no_dups, int prepend);
   int ossl_cmp_X509_STORE_add1_certs(X509_STORE *store, STACK_OF(X509) *certs,
                                      int only_self_signed);
   STACK_OF(X509) *ossl_cmp_X509_STORE_get1_certs(X509_STORE *store);
 
 =head1 DESCRIPTION
 
-ossl_cmp_sk_X509_add1_cert() appends or prepends (depending on the I<prepend>
-argument) a certificate to the given list,
-optionally only if it is not already contained.
-On success the reference count of the certificate is increased.
-
-ossl_cmp_sk_X509_add1_certs() appends or prepends (depending on the I<prepend>
-argument) a list of certificates to the given list,
-optionally only if not self-signed and optionally only if not already contained.
-The reference counts of those certificates appended successfully are increased.
-
 ossl_cmp_X509_STORE_add1_certs() adds all or only self-signed certificates from
 the given stack to given store. The I<certs> parameter may be NULL.
 
@@ -40,9 +24,9 @@ given store.
 
 =head1 RETURN VALUES
 
-ossl_cmp_X509_STORE_get1_certs() returns a list of certificates, NULL on error.
+ossl_cmp_X509_STORE_add1_certs() returns 1 on success, 0 on error.
 
-All other functions return 1 on success, 0 on error.
+ossl_cmp_X509_STORE_get1_certs() returns a list of certificates, NULL on error.
 
 =head1 HISTORY
 
diff --git a/doc/man3/X509_add_cert.pod b/doc/man3/X509_add_cert.pod
new file mode 100644
index 0000000000..292559e52c
--- /dev/null
+++ b/doc/man3/X509_add_cert.pod
@@ -0,0 +1,64 @@
+=pod
+
+=head1 NAME
+
+X509_add_cert,
+X509_add_certs -
+X509 certificate list addition functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+ int X509_add_cert(STACK_OF(X509) *sk, X509 *cert, int flags);
+ int X509_add_certs(STACK_OF(X509) *sk, STACK_OF(X509) *certs, int flags);
+
+=head1 DESCRIPTION
+
+X509_add_cert() adds a certificate I<cert> to the given list I<sk>.
+
+X509_add_certs() adds a list of certificate I<certs> to the given list I<sk>.
+The I<certs> argument may be NULL, which implies no effect.
+
+Both these functions have a I<flags> parameter,
+which is used to control details of the operation.
+
+The value B<X509_ADD_FLAG_DEFAULT>, which equals 0, means no special semantics.
+
+If B<X509_ADD_FLAG_UP_REF> is set then
+the reference counts of those certificates added successfully are increased.
+
+If B<X509_ADD_FLAG_PREPEND> is set then the certifcates are prepended to I<sk>.
+By default they are appended to I<sk>.
+In both cases the original order of the added certificates is preserved.
+
+If B<X509_ADD_FLAG_NO_DUP> is set then certificates already contained in I<sk>,
+which is determined using L<X509_cmp(3)>, are ignored.
+
+If B<X509_ADD_FLAG_NO_SS> is set then certificates that are marked self-signed,
+which is determined using L<X509_self_signed(3)>, are ignored.
+
+=head1 RETURN VALUES
+
+Both functions return 1 for success and 0 for failure.
+
+=head1 SEE ALSO
+
+L<X509_cmp(3)>
+L<X509_self_signed(3)>
+
+=head1 HISTORY
+
+The functions X509_add_cert() and X509_add_certs()
+were added in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/include/crypto/x509.h b/include/crypto/x509.h
index 712aa1cc86..87d71de420 100644
--- a/include/crypto/x509.h
+++ b/include/crypto/x509.h
@@ -300,10 +300,9 @@ int x509_set1_time(ASN1_TIME **ptm, const ASN1_TIME *tm);
 int x509_print_ex_brief(BIO *bio, X509 *cert, unsigned long neg_cflags);
 int x509v3_cache_extensions(X509 *x);
 int x509_set0_libctx(X509 *x, OPENSSL_CTX *libctx, const char *propq);
-
 void x509_init_sig_info(X509 *x);
-
 int asn1_item_digest_with_libctx(const ASN1_ITEM *it, const EVP_MD *type,
                                  void *data, unsigned char *md,
                                  unsigned int *len, OPENSSL_CTX *libctx,
                                  const char *propq);
+int X509_add_cert_new(STACK_OF(X509) **sk, X509 *cert, int flags);
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 935699a55a..d5b13ded0b 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -787,6 +787,14 @@ unsigned long X509_issuer_name_hash_old(X509 *a);
 unsigned long X509_subject_name_hash_old(X509 *x);
 # endif
 
+# define X509_ADD_FLAG_DEFAULT  0
+# define X509_ADD_FLAG_UP_REF   0x1
+# define X509_ADD_FLAG_PREPEND  0x2
+# define X509_ADD_FLAG_NO_DUP   0x4
+# define X509_ADD_FLAG_NO_SS    0x8
+int X509_add_cert(STACK_OF(X509) *sk, X509 *cert, int flags);
+int X509_add_certs(STACK_OF(X509) *sk, STACK_OF(X509) *certs, int flags);
+
 int X509_cmp(const X509 *a, const X509 *b);
 int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
 unsigned long X509_NAME_hash(const X509_NAME *x);
diff --git a/test/cmp_vfy_test.c b/test/cmp_vfy_test.c
index 297c01edb2..fcecca2500 100644
--- a/test/cmp_vfy_test.c
+++ b/test/cmp_vfy_test.c
@@ -186,8 +186,8 @@ static int add_trusted(OSSL_CMP_CTX *ctx, X509 *cert)
 
 static int add_untrusted(OSSL_CMP_CTX *ctx, X509 *cert)
 {
-    return ossl_cmp_sk_X509_add1_cert(OSSL_CMP_CTX_get0_untrusted_certs(ctx),
-                                      cert, 0, 0);
+    return X509_add_cert(OSSL_CMP_CTX_get0_untrusted_certs(ctx), cert,
+                         X509_ADD_FLAG_UP_REF);
 }
 
 static int test_validate_msg_signature_partial_chain(int expired)
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 2a573cae7a..1e50e72ffe 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4837,6 +4837,8 @@ OSSL_CMP_CTX_snprint_PKIStatus          ?	3_0_0	EXIST::FUNCTION:CMP
 OSSL_CMP_HDR_get0_transactionID         ?	3_0_0	EXIST::FUNCTION:CMP
 OSSL_CMP_HDR_get0_recipNonce            ?	3_0_0	EXIST::FUNCTION:CMP
 X509_LOOKUP_store                       ?	3_0_0	EXIST::FUNCTION:
+X509_add_cert                           ?	3_0_0	EXIST::FUNCTION:
+X509_add_certs                          ?	3_0_0	EXIST::FUNCTION:
 X509_STORE_load_file                    ?	3_0_0	EXIST::FUNCTION:
 X509_STORE_load_path                    ?	3_0_0	EXIST::FUNCTION:
 X509_STORE_load_store                   ?	3_0_0	EXIST::FUNCTION:

From builds at travis-ci.com  Wed Aug 12 13:57:35 2020
From: builds at travis-ci.com (Travis CI)
Date: Wed, 12 Aug 2020 13:57:35 +0000
Subject: Still Failing: openssl/openssl#36647 (master - eeccc23)
In-Reply-To: <openssl/openssl+179419666+still failing@travis-ci.com>
Message-ID: <5f33f54ebcd74_13ff4b35aa1e427473a@travis-pro-tasks-68b4cfd57d-zrkkn.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36647
Status: Still Failing

Duration: 1 hr, 40 mins, and 46 secs
Commit: eeccc23 (master)
Author: Dr. David von Oheimb
Message: Introduce X509_add_cert[s] simplifying various additions to cert lists

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12615)

View the changeset: https://github.com/openssl/openssl/compare/e3efe7a53299...eeccc237239d

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179419666?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200812/70e0dd8f/attachment.html>

From no-reply at appveyor.com  Wed Aug 12 15:17:34 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Wed, 12 Aug 2020 15:17:34 +0000
Subject: Build failed: openssl master.36108
Message-ID: <20200812151734.1.AEA234EFA05735E0@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200812/b1bb1834/attachment.html>

From no-reply at appveyor.com  Wed Aug 12 16:05:15 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Wed, 12 Aug 2020 16:05:15 +0000
Subject: Build completed: openssl master.36109
Message-ID: <20200812160515.1.F9243B62E847B5D1@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200812/fc9399a4/attachment.html>

From openssl at openssl.org  Wed Aug 12 23:59:03 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Wed, 12 Aug 2020 23:59:03 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT
Message-ID: <1597276743.154609.1055.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT

Commit log since last time:

eeccc23723 Introduce X509_add_cert[s] simplifying various additions to cert lists
e3efe7a532 Add public API for gettables and settables for keymanagement, signatures and key exchange.
af88e64a98 Fix serializer_EVP_PKEY_to_bio so that that the key is exported if the serializer provider does not match the key provider.
7c9a7cf127 Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072
1017ab21e4 provider: add the unused paramater tag to the gettable and settable functions
520150151b Expose S390x HW ciphers' IV state to provider layer
bdc0df8ab5 Avoid deprecated API in evp_test.c
f43c947dd9 Avoid deprecated function in evp_lib.c
2f5c405a16 Use local IV storage in EVP BLOCK_* macros
d91f902d73 Use local IV storage in e_rc2.c
acb30f4b59 Use local IV storage in e_xcbc_d.c
1453d736b5 Use local IV storage in e_sm4.c
c4d21d2f71 Use local IV storage in e_des3.c
36025d3b87 Use local IV storage in e_des.c
2c533a71c6 Use local IV storage in e_camellia.c
ddce5c29f5 Use local IV storage in e_aria.c
d3308027e9 Use local IV storage in e_aes_ebc_hmac_sha256.c
18a49e168f Use local IV storage in e_aes_ebc_hmac_sha1.c
9197c226ea Use local IV storage in e_aes.c
37322687b0 Retire EVP_CTRL_GET_IV
c76ffc78a5 Document EVP_CIPHER_CTX IV accessors
ef58f9af93 Make GCM providers more generous about fetching IVs
440b852a0f Add tests for new EVP_CIPHER_CTX IV accessors
79f4417ed9 Deprecate and replace EVP_CIPHER_CTX_iv()/etc.
8489026850 Support cipher provider "iv state"
31d2daecb3 Add DHX serialization
116d2510f7 Add dh_kdf support to provider
627c220311 Add DHX support to keymanager
36b778fbb7 README.md: remove incorrect link to openssl.github.io
0799b79a45 README.md: replace incorrect access token for the AppVeyor badge
33b4f73145 conf: add an error if the openssl_conf section isn't found.
711ae5d359 Remove a TODO from evp_test
cd0a4998a0 Extend the EVP_PKEY KDF to KDF provider bridge to the FIPS provider
9d1ae03caa Minimise the size of the macros in kdf_exch.c
74fc579a12 Update KDF documentation
1704752be6 Delete old KDF bridge EVP_PKEY_METHODS
194de849cc Extend the EVP_PKEY KDF to KDF provider bridge to also support Scrypt
05d2f72e79 Extend the EVP_PKEY KDF to KDF provider bridge to also support HKDF
ac2d58c72b Implement a EVP_PKEY KDF to KDF provider bridge
23f04372f4 Initial Apple Silicon support.
c23add3676 Fix memory leak in drbgtest

Build log ended with (last 100 lines):

            # Server sent alert unexpected_message but client received no alert.
            # 8057DEA66F7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:318:
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1
    not ok 6 - running ssl_test 25-cipher.cnf
# ------------------------------------------------------------------------------
    # Looks like you failed 2 tests of 9.
not ok 26 - Test configuration 25-cipher.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok

        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #2, ECDHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 8047915E427F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #3, DHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 8047915E427F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 4 - iteration 4
# ------------------------------------------------------------------------------
    not ok 1 - test_ssl_corrupt
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1
not ok 1 - running sslcorrupttest
# ------------------------------------------------------------------------------
#   Failed test 'running sslcorrupttest'
#   at ../openssl/test/recipes/80-test_sslcorrupt.t line 19.
# Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests 
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ skipped: Test only supported in a shared build
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls_mtu.t               (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  26
  Non-zero exit status: 1
80-test_sslcorrupt.t             (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=208, Tests=3103, 1769 wallclock secs (12.34 usr  1.55 sys + 1594.87 cusr 159.82 csys = 1768.58 CPU)
Result: FAIL
Makefile:2536: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-asan'
Makefile:2534: recipe for target 'tests' failed
make: *** [tests] Error 2

From kaduk at mit.edu  Thu Aug 13 01:05:35 2020
From: kaduk at mit.edu (kaduk at mit.edu)
Date: Thu, 13 Aug 2020 01:05:35 +0000
Subject: [openssl]  master update
Message-ID: <1597280735.503819.15934.nullmailer@dev.openssl.org>

The branch master has been updated
       via  dd0164e7565bb14fac193aea4c2c37714bf66d56 (commit)
      from  eeccc237239d6f2b6fbc557be7062bfe2ab836be (commit)


- Log -----------------------------------------------------------------
commit dd0164e7565bb14fac193aea4c2c37714bf66d56
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Wed Sep 19 21:14:04 2018 -0500

    Mark SSL_CTX_set_ssl_version() as deprecated in 3.0
    
    Also, document its unusual semantics of resetting the
    cipher list (but preserving other configuration).
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/7274)

-----------------------------------------------------------------------

Summary of changes:
 doc/man3/SSL_CTX_set_ssl_version.pod | 17 ++++++++++++++---
 include/openssl/ssl.h                |  2 +-
 ssl/ssl_lib.c                        |  2 ++
 util/libssl.num                      |  2 +-
 4 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/doc/man3/SSL_CTX_set_ssl_version.pod b/doc/man3/SSL_CTX_set_ssl_version.pod
index b41073112b..20efe0fbf7 100644
--- a/doc/man3/SSL_CTX_set_ssl_version.pod
+++ b/doc/man3/SSL_CTX_set_ssl_version.pod
@@ -16,9 +16,11 @@ SSL_CTX_set_ssl_version, SSL_set_ssl_method, SSL_get_ssl_method
 =head1 DESCRIPTION
 
 SSL_CTX_set_ssl_version() sets a new default TLS/SSL B<method> for SSL objects
-newly created from this B<ctx>. SSL objects already created with
-L<SSL_new(3)> are not affected, except when
-L<SSL_clear(3)> is being called.
+newly created from this B<ctx>.  Most of the configuration attached to the
+SSL_CTX object is retained, with the exception of the configured TLS ciphers,
+which are reset to the default values.  SSL objects already created from this
+SSL_CTX with L<SSL_new(3)> are not affected, except when L<SSL_clear(3)> is
+being called, as described below.
 
 SSL_set_ssl_method() sets a new TLS/SSL B<method> for a particular B<ssl>
 object. It may be reset, when SSL_clear() is called.
@@ -35,6 +37,11 @@ When L<SSL_clear(3)> is called and no session is connected to
 an SSL object, the method of the SSL object is reset to the method currently
 set in the corresponding SSL_CTX object.
 
+SSL_CTX_set_version() has unusual semantics and no clear use case;
+it would usually be preferable to create a new SSL_CTX object than to
+try to reuse an existing one in this fashion.  Its usage is considered
+deprecated.
+
 =head1 RETURN VALUES
 
 The following return values can occur for SSL_CTX_set_ssl_version()
@@ -58,6 +65,10 @@ L<SSL_CTX_new(3)>, L<SSL_new(3)>,
 L<SSL_clear(3)>, L<ssl(7)>,
 L<SSL_set_connect_state(3)>
 
+=head1 HISTORY
+
+SSL_CTX_set_ssl_version() was deprecated in OpenSSL 3.0.
+
 =head1 COPYRIGHT
 
 Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index bc003bc4fa..0b17f22193 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1903,7 +1903,7 @@ __owur int SSL_get_error(const SSL *s, int ret_code);
 __owur const char *SSL_get_version(const SSL *s);
 
 /* This sets the 'default' SSL version that SSL_new() will create */
-__owur int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
+DEPRECATEDIN_3_0(__owur int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth))
 
 # ifndef OPENSSL_NO_SSL3_METHOD
 DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *SSLv3_method(void)) /* SSLv3 */
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 63a7433be4..f957664a48 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -642,6 +642,7 @@ int SSL_clear(SSL *s)
     return 1;
 }
 
+#ifndef OPENSSL_NO_DEPRECATED_3_0
 /** Used to change an SSL_CTXs default SSL method type */
 int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
 {
@@ -664,6 +665,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
     }
     return 1;
 }
+#endif
 
 SSL *SSL_new(SSL_CTX *ctx)
 {
diff --git a/util/libssl.num b/util/libssl.num
index 1758525038..45ff6ed00a 100644
--- a/util/libssl.num
+++ b/util/libssl.num
@@ -239,7 +239,7 @@ DTLSv1_method                           239	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_1
 SSL_set0_wbio                           240	3_0_0	EXIST::FUNCTION:
 SSL_read                                241	3_0_0	EXIST::FUNCTION:
 SSL_CTX_get_options                     242	3_0_0	EXIST::FUNCTION:
-SSL_CTX_set_ssl_version                 243	3_0_0	EXIST::FUNCTION:
+SSL_CTX_set_ssl_version                 243	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0
 SSL_set_SSL_CTX                         244	3_0_0	EXIST::FUNCTION:
 SSL_renegotiate_abbreviated             245	3_0_0	EXIST::FUNCTION:
 SSL_get_verify_mode                     246	3_0_0	EXIST::FUNCTION:

From openssl at openssl.org  Thu Aug 13 01:54:59 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 13 Aug 2020 01:54:59 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-autoerrinit
Message-ID: <1597283699.166556.629.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit

Commit log since last time:

eeccc23723 Introduce X509_add_cert[s] simplifying various additions to cert lists
e3efe7a532 Add public API for gettables and settables for keymanagement, signatures and key exchange.
af88e64a98 Fix serializer_EVP_PKEY_to_bio so that that the key is exported if the serializer provider does not match the key provider.
7c9a7cf127 Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072
1017ab21e4 provider: add the unused paramater tag to the gettable and settable functions
520150151b Expose S390x HW ciphers' IV state to provider layer
bdc0df8ab5 Avoid deprecated API in evp_test.c
f43c947dd9 Avoid deprecated function in evp_lib.c
2f5c405a16 Use local IV storage in EVP BLOCK_* macros
d91f902d73 Use local IV storage in e_rc2.c
acb30f4b59 Use local IV storage in e_xcbc_d.c
1453d736b5 Use local IV storage in e_sm4.c
c4d21d2f71 Use local IV storage in e_des3.c
36025d3b87 Use local IV storage in e_des.c
2c533a71c6 Use local IV storage in e_camellia.c
ddce5c29f5 Use local IV storage in e_aria.c
d3308027e9 Use local IV storage in e_aes_ebc_hmac_sha256.c
18a49e168f Use local IV storage in e_aes_ebc_hmac_sha1.c
9197c226ea Use local IV storage in e_aes.c
37322687b0 Retire EVP_CTRL_GET_IV
c76ffc78a5 Document EVP_CIPHER_CTX IV accessors
ef58f9af93 Make GCM providers more generous about fetching IVs
440b852a0f Add tests for new EVP_CIPHER_CTX IV accessors
79f4417ed9 Deprecate and replace EVP_CIPHER_CTX_iv()/etc.
8489026850 Support cipher provider "iv state"
31d2daecb3 Add DHX serialization
116d2510f7 Add dh_kdf support to provider
627c220311 Add DHX support to keymanager
36b778fbb7 README.md: remove incorrect link to openssl.github.io
0799b79a45 README.md: replace incorrect access token for the AppVeyor badge
33b4f73145 conf: add an error if the openssl_conf section isn't found.
711ae5d359 Remove a TODO from evp_test
cd0a4998a0 Extend the EVP_PKEY KDF to KDF provider bridge to the FIPS provider
9d1ae03caa Minimise the size of the macros in kdf_exch.c
74fc579a12 Update KDF documentation
1704752be6 Delete old KDF bridge EVP_PKEY_METHODS
194de849cc Extend the EVP_PKEY KDF to KDF provider bridge to also support Scrypt
05d2f72e79 Extend the EVP_PKEY KDF to KDF provider bridge to also support HKDF
ac2d58c72b Implement a EVP_PKEY KDF to KDF provider bridge
23f04372f4 Initial Apple Silicon support.
c23add3676 Fix memory leak in drbgtest

Build log ended with (last 100 lines):

65-test_cmp_status.t ............... ok
65-test_cmp_vfy.t .................. ok
70-test_asyncio.t .................. ok
70-test_bad_dtls.t ................. ok
70-test_clienthello.t .............. ok
70-test_comp.t ..................... ok
70-test_key_share.t ................ ok
70-test_packet.t ................... ok
70-test_recordlen.t ................ ok
70-test_renegotiation.t ............ ok
70-test_servername.t ............... ok
70-test_sslcbcpadding.t ............ ok
70-test_sslcertstatus.t ............ ok
70-test_sslextension.t ............. ok
70-test_sslmessages.t .............. ok
70-test_sslrecords.t ............... ok
70-test_sslsessiontick.t ........... ok
70-test_sslsigalgs.t ............... ok
70-test_sslsignature.t ............. ok
70-test_sslskewith0p.t ............. ok
70-test_sslversions.t .............. ok
70-test_sslvertol.t ................ ok
70-test_tls13alerts.t .............. ok
70-test_tls13cookie.t .............. ok
70-test_tls13downgrade.t ........... ok
70-test_tls13hrr.t ................. ok
70-test_tls13kexmodes.t ............ ok
70-test_tls13messages.t ............ ok
70-test_tls13psk.t ................. ok
70-test_tlsextms.t ................. ok
70-test_verify_extra.t ............. ok
70-test_wpacket.t .................. ok
71-test_ssl_ctx.t .................. ok
80-test_ca.t ....................... ok
80-test_cipherbytes.t .............. ok
80-test_cipherlist.t ............... ok
80-test_ciphername.t ............... ok

# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... ok
80-test_dtls_mtu.t ................. ok
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok
80-test_ssl_new.t .................. ok
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
04-test_err.t                    (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=208, Tests=3172, 886 wallclock secs (13.76 usr  1.36 sys + 819.05 cusr 63.81 csys = 897.98 CPU)
Result: FAIL
Makefile:3172: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit'
Makefile:3170: recipe for target 'tests' failed
make: *** [tests] Error 2

From builds at travis-ci.com  Thu Aug 13 02:27:07 2020
From: builds at travis-ci.com (Travis CI)
Date: Thu, 13 Aug 2020 02:27:07 +0000
Subject: Still Failing: openssl/openssl#36658 (master - dd0164e)
In-Reply-To: <openssl/openssl+179512208+still failing@travis-ci.com>
Message-ID: <5f34a4faa1c23_13fcb394b83d81333f0@travis-pro-tasks-5f7f4df4d7-7287s.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36658
Status: Still Failing

Duration: 59 mins and 35 secs
Commit: dd0164e (master)
Author: Benjamin Kaduk
Message: Mark SSL_CTX_set_ssl_version() as deprecated in 3.0

Also, document its unusual semantics of resetting the
cipher list (but preserving other configuration).

Reviewed-by: Paul Dale <paul.dale at oracle.com>
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/7274)

View the changeset: https://github.com/openssl/openssl/compare/eeccc237239d...dd0164e7565b

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179512208?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200813/b23dff33/attachment-0001.html>

From no-reply at appveyor.com  Thu Aug 13 04:10:51 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 13 Aug 2020 04:10:51 +0000
Subject: Build failed: openssl master.36119
Message-ID: <20200813041051.1.3AACAD01FE4EEAA9@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200813/4c100840/attachment.html>

From openssl at openssl.org  Thu Aug 13 04:47:52 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 13 Aug 2020 04:47:52 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-cms
Message-ID: <1597294072.013874.29956.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-cms

Commit log since last time:

eeccc23723 Introduce X509_add_cert[s] simplifying various additions to cert lists
e3efe7a532 Add public API for gettables and settables for keymanagement, signatures and key exchange.
af88e64a98 Fix serializer_EVP_PKEY_to_bio so that that the key is exported if the serializer provider does not match the key provider.
7c9a7cf127 Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072
1017ab21e4 provider: add the unused paramater tag to the gettable and settable functions
520150151b Expose S390x HW ciphers' IV state to provider layer
bdc0df8ab5 Avoid deprecated API in evp_test.c
f43c947dd9 Avoid deprecated function in evp_lib.c
2f5c405a16 Use local IV storage in EVP BLOCK_* macros
d91f902d73 Use local IV storage in e_rc2.c
acb30f4b59 Use local IV storage in e_xcbc_d.c
1453d736b5 Use local IV storage in e_sm4.c
c4d21d2f71 Use local IV storage in e_des3.c
36025d3b87 Use local IV storage in e_des.c
2c533a71c6 Use local IV storage in e_camellia.c
ddce5c29f5 Use local IV storage in e_aria.c
d3308027e9 Use local IV storage in e_aes_ebc_hmac_sha256.c
18a49e168f Use local IV storage in e_aes_ebc_hmac_sha1.c
9197c226ea Use local IV storage in e_aes.c
37322687b0 Retire EVP_CTRL_GET_IV
c76ffc78a5 Document EVP_CIPHER_CTX IV accessors
ef58f9af93 Make GCM providers more generous about fetching IVs
440b852a0f Add tests for new EVP_CIPHER_CTX IV accessors
79f4417ed9 Deprecate and replace EVP_CIPHER_CTX_iv()/etc.
8489026850 Support cipher provider "iv state"
31d2daecb3 Add DHX serialization
116d2510f7 Add dh_kdf support to provider
627c220311 Add DHX support to keymanager
36b778fbb7 README.md: remove incorrect link to openssl.github.io
0799b79a45 README.md: replace incorrect access token for the AppVeyor badge
33b4f73145 conf: add an error if the openssl_conf section isn't found.
711ae5d359 Remove a TODO from evp_test
cd0a4998a0 Extend the EVP_PKEY KDF to KDF provider bridge to the FIPS provider
9d1ae03caa Minimise the size of the macros in kdf_exch.c
74fc579a12 Update KDF documentation
1704752be6 Delete old KDF bridge EVP_PKEY_METHODS
194de849cc Extend the EVP_PKEY KDF to KDF provider bridge to also support Scrypt
05d2f72e79 Extend the EVP_PKEY KDF to KDF provider bridge to also support HKDF
ac2d58c72b Implement a EVP_PKEY KDF to KDF provider bridge
23f04372f4 Initial Apple Silicon support.
c23add3676 Fix memory leak in drbgtest

Build log ended with (last 100 lines):

clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/bn/libcrypto-lib-rsaz_exp.d.tmp -MT crypto/bn/libcrypto-lib-rsaz_exp.o -c -o crypto/bn/libcrypto-lib-rsaz_exp.o ../openssl/crypto/bn/rsaz_exp.c
CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/x86_64-gf2m.pl "elf" -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM  crypto/bn/x86_64-gf2m.s
CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/x86_64-mont.pl "elf" -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM  crypto/bn/x86_64-mont.s
CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/x86_64-mont5.pl "elf" -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM  crypto/bn/x86_64-mont5.s
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/buffer/libcrypto-lib-buf_err.d.tmp -MT crypto/buffer/libcrypto-lib-buf_err.o -c -o crypto/buffer/libcrypto-lib-buf_err.o ../openssl/crypto/buffer/buf_err.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/buffer/libcrypto-lib-buffer.d.tmp -MT crypto/buffer/libcrypto-lib-buffer.o -c -o crypto/buffer/libcrypto-lib-buffer.o ../openssl/crypto/buffer/buffer.c
CC="clang" /usr/bin/perl ../openssl/crypto/camellia/asm/cmll-x86_64.pl "elf" -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM  crypto/camellia/cmll-x86_64.s
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/camellia/libcrypto-lib-cmll_cfb.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_cfb.o -c -o crypto/camellia/libcrypto-lib-cmll_cfb.o ../openssl/crypto/camellia/cmll_cfb.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/camellia/libcrypto-lib-cmll_ctr.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_ctr.o -c -o crypto/camellia/libcrypto-lib-cmll_ctr.o ../openssl/crypto/camellia/cmll_ctr.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/camellia/libcrypto-lib-cmll_ecb.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_ecb.o -c -o crypto/camellia/libcrypto-lib-cmll_ecb.o ../openssl/crypto/camellia/cmll_ecb.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/camellia/libcrypto-lib-cmll_misc.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_misc.o -c -o crypto/camellia/libcrypto-lib-cmll_misc.o ../openssl/crypto/camellia/cmll_misc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/camellia/libcrypto-lib-cmll_ofb.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_ofb.o -c -o crypto/camellia/libcrypto-lib-cmll_ofb.o ../openssl/crypto/camellia/cmll_ofb.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cast/libcrypto-lib-c_cfb64.d.tmp -MT crypto/cast/libcrypto-lib-c_cfb64.o -c -o crypto/cast/libcrypto-lib-c_cfb64.o ../openssl/crypto/cast/c_cfb64.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cast/libcrypto-lib-c_ecb.d.tmp -MT crypto/cast/libcrypto-lib-c_ecb.o -c -o crypto/cast/libcrypto-lib-c_ecb.o ../openssl/crypto/cast/c_ecb.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cast/libcrypto-lib-c_enc.d.tmp -MT crypto/cast/libcrypto-lib-c_enc.o -c -o crypto/cast/libcrypto-lib-c_enc.o ../openssl/crypto/cast/c_enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cast/libcrypto-lib-c_ofb64.d.tmp -MT crypto/cast/libcrypto-lib-c_ofb64.o -c -o crypto/cast/libcrypto-lib-c_ofb64.o ../openssl/crypto/cast/c_ofb64.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cast/libcrypto-lib-c_skey.d.tmp -MT crypto/cast/libcrypto-lib-c_skey.o -c -o crypto/cast/libcrypto-lib-c_skey.o ../openssl/crypto/cast/c_skey.c
CC="clang" /usr/bin/perl ../openssl/crypto/chacha/asm/chacha-x86_64.pl "elf" -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM  crypto/chacha/chacha-x86_64.s
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmac/libcrypto-lib-cm_ameth.d.tmp -MT crypto/cmac/libcrypto-lib-cm_ameth.o -c -o crypto/cmac/libcrypto-lib-cm_ameth.o ../openssl/crypto/cmac/cm_ameth.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmac/libcrypto-lib-cmac.d.tmp -MT crypto/cmac/libcrypto-lib-cmac.o -c -o crypto/cmac/libcrypto-lib-cmac.o ../openssl/crypto/cmac/cmac.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_asn.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_asn.o -c -o crypto/cmp/libcrypto-lib-cmp_asn.o ../openssl/crypto/cmp/cmp_asn.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_client.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_client.o -c -o crypto/cmp/libcrypto-lib-cmp_client.o ../openssl/crypto/cmp/cmp_client.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_ctx.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_ctx.o -c -o crypto/cmp/libcrypto-lib-cmp_ctx.o ../openssl/crypto/cmp/cmp_ctx.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_err.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_err.o -c -o crypto/cmp/libcrypto-lib-cmp_err.o ../openssl/crypto/cmp/cmp_err.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_hdr.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_hdr.o -c -o crypto/cmp/libcrypto-lib-cmp_hdr.o ../openssl/crypto/cmp/cmp_hdr.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_http.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_http.o -c -o crypto/cmp/libcrypto-lib-cmp_http.o ../openssl/crypto/cmp/cmp_http.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_msg.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_msg.o -c -o crypto/cmp/libcrypto-lib-cmp_msg.o ../openssl/crypto/cmp/cmp_msg.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_protect.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_protect.o -c -o crypto/cmp/libcrypto-lib-cmp_protect.o ../openssl/crypto/cmp/cmp_protect.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_server.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_server.o -c -o crypto/cmp/libcrypto-lib-cmp_server.o ../openssl/crypto/cmp/cmp_server.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_status.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_status.o -c -o crypto/cmp/libcrypto-lib-cmp_status.o ../openssl/crypto/cmp/cmp_status.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_util.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_util.o -c -o crypto/cmp/libcrypto-lib-cmp_util.o ../openssl/crypto/cmp/cmp_util.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_vfy.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_vfy.o -c -o crypto/cmp/libcrypto-lib-cmp_vfy.o ../openssl/crypto/cmp/cmp_vfy.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/comp/libcrypto-lib-c_zlib.d.tmp -MT crypto/comp/libcrypto-lib-c_zlib.o -c -o crypto/comp/libcrypto-lib-c_zlib.o ../openssl/crypto/comp/c_zlib.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/comp/libcrypto-lib-comp_err.d.tmp -MT crypto/comp/libcrypto-lib-comp_err.o -c -o crypto/comp/libcrypto-lib-comp_err.o ../openssl/crypto/comp/comp_err.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/comp/libcrypto-lib-comp_lib.d.tmp -MT crypto/comp/libcrypto-lib-comp_lib.o -c -o crypto/comp/libcrypto-lib-comp_lib.o ../openssl/crypto/comp/comp_lib.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/conf/libcrypto-lib-conf_api.d.tmp -MT crypto/conf/libcrypto-lib-conf_api.o -c -o crypto/conf/libcrypto-lib-conf_api.o ../openssl/crypto/conf/conf_api.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/conf/libcrypto-lib-conf_def.d.tmp -MT crypto/conf/libcrypto-lib-conf_def.o -c -o crypto/conf/libcrypto-lib-conf_def.o ../openssl/crypto/conf/conf_def.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/conf/libcrypto-lib-conf_err.d.tmp -MT crypto/conf/libcrypto-lib-conf_err.o -c -o crypto/conf/libcrypto-lib-conf_err.o ../openssl/crypto/conf/conf_err.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/conf/libcrypto-lib-conf_lib.d.tmp -MT crypto/conf/libcrypto-lib-conf_lib.o -c -o crypto/conf/libcrypto-lib-conf_lib.o ../openssl/crypto/conf/conf_lib.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/conf/libcrypto-lib-conf_mall.d.tmp -MT crypto/conf/libcrypto-lib-conf_mall.o -c -o crypto/conf/libcrypto-lib-conf_mall.o ../openssl/crypto/conf/conf_mall.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/conf/libcrypto-lib-conf_mod.d.tmp -MT crypto/conf/libcrypto-lib-conf_mod.o -c -o crypto/conf/libcrypto-lib-conf_mod.o ../openssl/crypto/conf/conf_mod.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/conf/libcrypto-lib-conf_sap.d.tmp -MT crypto/conf/libcrypto-lib-conf_sap.o -c -o crypto/conf/libcrypto-lib-conf_sap.o ../openssl/crypto/conf/conf_sap.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/conf/libcrypto-lib-conf_ssl.d.tmp -MT crypto/conf/libcrypto-lib-conf_ssl.o -c -o crypto/conf/libcrypto-lib-conf_ssl.o ../openssl/crypto/conf/conf_ssl.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/crmf/libcrypto-lib-crmf_asn.d.tmp -MT crypto/crmf/libcrypto-lib-crmf_asn.o -c -o crypto/crmf/libcrypto-lib-crmf_asn.o ../openssl/crypto/crmf/crmf_asn.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/crmf/libcrypto-lib-crmf_err.d.tmp -MT crypto/crmf/libcrypto-lib-crmf_err.o -c -o crypto/crmf/libcrypto-lib-crmf_err.o ../openssl/crypto/crmf/crmf_err.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/crmf/libcrypto-lib-crmf_lib.d.tmp -MT crypto/crmf/libcrypto-lib-crmf_lib.o -c -o crypto/crmf/libcrypto-lib-crmf_lib.o ../openssl/crypto/crmf/crmf_lib.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/crmf/libcrypto-lib-crmf_pbm.d.tmp -MT crypto/crmf/libcrypto-lib-crmf_pbm.o -c -o crypto/crmf/libcrypto-lib-crmf_pbm.o ../openssl/crypto/crmf/crmf_pbm.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/ct/libcrypto-lib-ct_b64.d.tmp -MT crypto/ct/libcrypto-lib-ct_b64.o -c -o crypto/ct/libcrypto-lib-ct_b64.o ../openssl/crypto/ct/ct_b64.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/ct/libcrypto-lib-ct_err.d.tmp -MT crypto/ct/libcrypto-lib-ct_err.o -c -o crypto/ct/libcrypto-lib-ct_err.o ../openssl/crypto/ct/ct_err.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/ct/libcrypto-lib-ct_log.d.tmp -MT crypto/ct/libcrypto-lib-ct_log.o -c -o crypto/ct/libcrypto-lib-ct_log.o ../openssl/crypto/ct/ct_log.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/ct/libcrypto-lib-ct_oct.d.tmp -MT crypto/ct/libcrypto-lib-ct_oct.o -c -o crypto/ct/libcrypto-lib-ct_oct.o ../openssl/crypto/ct/ct_oct.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/ct/libcrypto-lib-ct_policy.d.tmp -MT crypto/ct/libcrypto-lib-ct_policy.o -c -o crypto/ct/libcrypto-lib-ct_policy.o ../openssl/crypto/ct/ct_policy.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/ct/libcrypto-lib-ct_prn.d.tmp -MT crypto/ct/libcrypto-lib-ct_prn.o -c -o crypto/ct/libcrypto-lib-ct_prn.o ../openssl/crypto/ct/ct_prn.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/ct/libcrypto-lib-ct_sct.d.tmp -MT crypto/ct/libcrypto-lib-ct_sct.o -c -o crypto/ct/libcrypto-lib-ct_sct.o ../openssl/crypto/ct/ct_sct.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/ct/libcrypto-lib-ct_sct_ctx.d.tmp -MT crypto/ct/libcrypto-lib-ct_sct_ctx.o -c -o crypto/ct/libcrypto-lib-ct_sct_ctx.o ../openssl/crypto/ct/ct_sct_ctx.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/ct/libcrypto-lib-ct_vfy.d.tmp -MT crypto/ct/libcrypto-lib-ct_vfy.o -c -o crypto/ct/libcrypto-lib-ct_vfy.o ../openssl/crypto/ct/ct_vfy.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/ct/libcrypto-lib-ct_x509v3.d.tmp -MT crypto/ct/libcrypto-lib-ct_x509v3.o -c -o crypto/ct/libcrypto-lib-ct_x509v3.o ../openssl/crypto/ct/ct_x509v3.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-cbc_cksm.d.tmp -MT crypto/des/libcrypto-lib-cbc_cksm.o -c -o crypto/des/libcrypto-lib-cbc_cksm.o ../openssl/crypto/des/cbc_cksm.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-cbc_enc.d.tmp -MT crypto/des/libcrypto-lib-cbc_enc.o -c -o crypto/des/libcrypto-lib-cbc_enc.o ../openssl/crypto/des/cbc_enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-cfb64ede.d.tmp -MT crypto/des/libcrypto-lib-cfb64ede.o -c -o crypto/des/libcrypto-lib-cfb64ede.o ../openssl/crypto/des/cfb64ede.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-cfb64enc.d.tmp -MT crypto/des/libcrypto-lib-cfb64enc.o -c -o crypto/des/libcrypto-lib-cfb64enc.o ../openssl/crypto/des/cfb64enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-cfb_enc.d.tmp -MT crypto/des/libcrypto-lib-cfb_enc.o -c -o crypto/des/libcrypto-lib-cfb_enc.o ../openssl/crypto/des/cfb_enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-des_enc.d.tmp -MT crypto/des/libcrypto-lib-des_enc.o -c -o crypto/des/libcrypto-lib-des_enc.o ../openssl/crypto/des/des_enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-ecb3_enc.d.tmp -MT crypto/des/libcrypto-lib-ecb3_enc.o -c -o crypto/des/libcrypto-lib-ecb3_enc.o ../openssl/crypto/des/ecb3_enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-ecb_enc.d.tmp -MT crypto/des/libcrypto-lib-ecb_enc.o -c -o crypto/des/libcrypto-lib-ecb_enc.o ../openssl/crypto/des/ecb_enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-fcrypt.d.tmp -MT crypto/des/libcrypto-lib-fcrypt.o -c -o crypto/des/libcrypto-lib-fcrypt.o ../openssl/crypto/des/fcrypt.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-fcrypt_b.d.tmp -MT crypto/des/libcrypto-lib-fcrypt_b.o -c -o crypto/des/libcrypto-lib-fcrypt_b.o ../openssl/crypto/des/fcrypt_b.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-ofb64ede.d.tmp -MT crypto/des/libcrypto-lib-ofb64ede.o -c -o crypto/des/libcrypto-lib-ofb64ede.o ../openssl/crypto/des/ofb64ede.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-ofb64enc.d.tmp -MT crypto/des/libcrypto-lib-ofb64enc.o -c -o crypto/des/libcrypto-lib-ofb64enc.o ../openssl/crypto/des/ofb64enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-ofb_enc.d.tmp -MT crypto/des/libcrypto-lib-ofb_enc.o -c -o crypto/des/libcrypto-lib-ofb_enc.o ../openssl/crypto/des/ofb_enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-pcbc_enc.d.tmp -MT crypto/des/libcrypto-lib-pcbc_enc.o -c -o crypto/des/libcrypto-lib-pcbc_enc.o ../openssl/crypto/des/pcbc_enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-qud_cksm.d.tmp -MT crypto/des/libcrypto-lib-qud_cksm.o -c -o crypto/des/libcrypto-lib-qud_cksm.o ../openssl/crypto/des/qud_cksm.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-rand_key.d.tmp -MT crypto/des/libcrypto-lib-rand_key.o -c -o crypto/des/libcrypto-lib-rand_key.o ../openssl/crypto/des/rand_key.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-set_key.d.tmp -MT crypto/des/libcrypto-lib-set_key.o -c -o crypto/des/libcrypto-lib-set_key.o ../openssl/crypto/des/set_key.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-str2key.d.tmp -MT crypto/des/libcrypto-lib-str2key.o -c -o crypto/des/libcrypto-lib-str2key.o ../openssl/crypto/des/str2key.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-xcbc_enc.d.tmp -MT crypto/des/libcrypto-lib-xcbc_enc.o -c -o crypto/des/libcrypto-lib-xcbc_enc.o ../openssl/crypto/des/xcbc_enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_ameth.d.tmp -MT crypto/dh/libcrypto-lib-dh_ameth.o -c -o crypto/dh/libcrypto-lib-dh_ameth.o ../openssl/crypto/dh/dh_ameth.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_asn1.d.tmp -MT crypto/dh/libcrypto-lib-dh_asn1.o -c -o crypto/dh/libcrypto-lib-dh_asn1.o ../openssl/crypto/dh/dh_asn1.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_backend.d.tmp -MT crypto/dh/libcrypto-lib-dh_backend.o -c -o crypto/dh/libcrypto-lib-dh_backend.o ../openssl/crypto/dh/dh_backend.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_check.d.tmp -MT crypto/dh/libcrypto-lib-dh_check.o -c -o crypto/dh/libcrypto-lib-dh_check.o ../openssl/crypto/dh/dh_check.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_ctrl.d.tmp -MT crypto/dh/libcrypto-lib-dh_ctrl.o -c -o crypto/dh/libcrypto-lib-dh_ctrl.o ../openssl/crypto/dh/dh_ctrl.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_depr.d.tmp -MT crypto/dh/libcrypto-lib-dh_depr.o -c -o crypto/dh/libcrypto-lib-dh_depr.o ../openssl/crypto/dh/dh_depr.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_err.d.tmp -MT crypto/dh/libcrypto-lib-dh_err.o -c -o crypto/dh/libcrypto-lib-dh_err.o ../openssl/crypto/dh/dh_err.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_gen.d.tmp -MT crypto/dh/libcrypto-lib-dh_gen.o -c -o crypto/dh/libcrypto-lib-dh_gen.o ../openssl/crypto/dh/dh_gen.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_group_params.d.tmp -MT crypto/dh/libcrypto-lib-dh_group_params.o -c -o crypto/dh/libcrypto-lib-dh_group_params.o ../openssl/crypto/dh/dh_group_params.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_kdf.d.tmp -MT crypto/dh/libcrypto-lib-dh_kdf.o -c -o crypto/dh/libcrypto-lib-dh_kdf.o ../openssl/crypto/dh/dh_kdf.c
../openssl/crypto/dh/dh_ctrl.c:239:14: error: use of undeclared identifier 'EVP_PKEY_DH_KDF_X9_42'
        case EVP_PKEY_DH_KDF_X9_42:
             ^
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_key.d.tmp -MT crypto/dh/libcrypto-lib-dh_key.o -c -o crypto/dh/libcrypto-lib-dh_key.o ../openssl/crypto/dh/dh_key.c
../openssl/crypto/dh/dh_ctrl.c:293:16: error: use of undeclared identifier 'EVP_PKEY_DH_KDF_X9_42'
        return EVP_PKEY_DH_KDF_X9_42;
               ^
2 errors generated.
Makefile:13944: recipe for target 'crypto/dh/libcrypto-lib-dh_ctrl.o' failed
make[1]: *** [crypto/dh/libcrypto-lib-dh_ctrl.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-cms'
Makefile:3103: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From no-reply at appveyor.com  Thu Aug 13 06:46:21 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 13 Aug 2020 06:46:21 +0000
Subject: Build completed: openssl master.36120
Message-ID: <20200813064621.1.5C5B0530C8F23B11@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200813/40668e6b/attachment.html>

From openssl at openssl.org  Thu Aug 13 07:12:21 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 13 Aug 2020 07:12:21 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-des
Message-ID: <1597302741.601813.3108.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-des

Commit log since last time:

eeccc23723 Introduce X509_add_cert[s] simplifying various additions to cert lists
e3efe7a532 Add public API for gettables and settables for keymanagement, signatures and key exchange.
af88e64a98 Fix serializer_EVP_PKEY_to_bio so that that the key is exported if the serializer provider does not match the key provider.
7c9a7cf127 Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072
1017ab21e4 provider: add the unused paramater tag to the gettable and settable functions
520150151b Expose S390x HW ciphers' IV state to provider layer
bdc0df8ab5 Avoid deprecated API in evp_test.c
f43c947dd9 Avoid deprecated function in evp_lib.c
2f5c405a16 Use local IV storage in EVP BLOCK_* macros
d91f902d73 Use local IV storage in e_rc2.c
acb30f4b59 Use local IV storage in e_xcbc_d.c
1453d736b5 Use local IV storage in e_sm4.c
c4d21d2f71 Use local IV storage in e_des3.c
36025d3b87 Use local IV storage in e_des.c
2c533a71c6 Use local IV storage in e_camellia.c
ddce5c29f5 Use local IV storage in e_aria.c
d3308027e9 Use local IV storage in e_aes_ebc_hmac_sha256.c
18a49e168f Use local IV storage in e_aes_ebc_hmac_sha1.c
9197c226ea Use local IV storage in e_aes.c
37322687b0 Retire EVP_CTRL_GET_IV
c76ffc78a5 Document EVP_CIPHER_CTX IV accessors
ef58f9af93 Make GCM providers more generous about fetching IVs
440b852a0f Add tests for new EVP_CIPHER_CTX IV accessors
79f4417ed9 Deprecate and replace EVP_CIPHER_CTX_iv()/etc.
8489026850 Support cipher provider "iv state"
31d2daecb3 Add DHX serialization
116d2510f7 Add dh_kdf support to provider
627c220311 Add DHX support to keymanager
36b778fbb7 README.md: remove incorrect link to openssl.github.io
0799b79a45 README.md: replace incorrect access token for the AppVeyor badge
33b4f73145 conf: add an error if the openssl_conf section isn't found.
711ae5d359 Remove a TODO from evp_test
cd0a4998a0 Extend the EVP_PKEY KDF to KDF provider bridge to the FIPS provider
9d1ae03caa Minimise the size of the macros in kdf_exch.c
74fc579a12 Update KDF documentation
1704752be6 Delete old KDF bridge EVP_PKEY_METHODS
194de849cc Extend the EVP_PKEY KDF to KDF provider bridge to also support Scrypt
05d2f72e79 Extend the EVP_PKEY KDF to KDF provider bridge to also support HKDF
ac2d58c72b Implement a EVP_PKEY KDF to KDF provider bridge
23f04372f4 Initial Apple Silicon support.
c23add3676 Fix memory leak in drbgtest

Build log ended with (last 100 lines):

C0D0F781B37F0000:error::asn1 encoding routines:d2i_PrivateKey_ex:ASN1 lib:../openssl/crypto/asn1/d2i_pr.c:67:
C0D0F781B37F0000:error::asn1 encoding routines:asn1_check_tlen:wrong tag:../openssl/crypto/asn1/tasn_dec.c:1135:
C0D0F781B37F0000:error::asn1 encoding routines:asn1_d2i_ex_primitive:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:698:
C0D0F781B37F0000:error::asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:630:Field=pkey, Type=PKCS8_PRIV_KEY_INFO
C0D0F781B37F0000:error::asn1 encoding routines:asn1_check_tlen:wrong tag:../openssl/crypto/asn1/tasn_dec.c:1135:
C0D0F781B37F0000:error::asn1 encoding routines:asn1_d2i_ex_primitive:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:698:
C0D0F781B37F0000:error::asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:630:Field=pkey, Type=PKCS8_PRIV_KEY_INFO
OPENSSL_FUNC:../openssl/apps/cmp.c:2993:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2835:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -proxy option is empty string, resetting option
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 1
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
Could not open file or uri test.cert.pem for loading CMP client certificate (and optionally extra certs)
C070D3A1227F0000:error::system library:file_open_with_libctx:No such file or directory:../openssl/crypto/store/loader_file.c:928:calling stat(test.cert.pem)
Unable to load CMP client certificate (and optionally extra certs)
OPENSSL_FUNC:../openssl/apps/cmp.c:2993:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2835:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2073:CMP warning: -subject '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=leaf' given, which overrides the subject of 'test.cert.pem' in KUR
# OPENSSL_FUNC:../openssl/apps/cmp.c:778:CMP warning: can load only one certificate in DER format from test.cert.pem
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 1
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
Could not open file or uri test.cert.pem for loading CMP client certificate (and optionally extra certs)
C0408E26987F0000:error::system library:file_open_with_libctx:No such file or directory:../openssl/crypto/store/loader_file.c:928:calling stat(test.cert.pem)
Unable to load CMP client certificate (and optionally extra certs)
OPENSSL_FUNC:../openssl/apps/cmp.c:2993:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2835:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -subject option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -secret option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:778:CMP warning: can load only one certificate in DER format from test.cert.pem
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 1
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
    # Looks like you failed 31 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-des/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
30-test_evp.t                    (Wstat: 768 Tests: 85 Failed: 3)
  Failed tests:  12, 37, 71
  Non-zero exit status: 3
30-test_evp_kdf.t                (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=208, Tests=3207, 864 wallclock secs (13.36 usr  1.18 sys + 807.73 cusr 60.85 csys = 883.12 CPU)
Result: FAIL
Makefile:3118: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-des'
Makefile:3116: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Thu Aug 13 07:36:54 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 13 Aug 2020 07:36:54 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dgram
Message-ID: <1597304214.014909.20629.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dgram

Commit log since last time:

eeccc23723 Introduce X509_add_cert[s] simplifying various additions to cert lists
e3efe7a532 Add public API for gettables and settables for keymanagement, signatures and key exchange.
af88e64a98 Fix serializer_EVP_PKEY_to_bio so that that the key is exported if the serializer provider does not match the key provider.
7c9a7cf127 Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072
1017ab21e4 provider: add the unused paramater tag to the gettable and settable functions
520150151b Expose S390x HW ciphers' IV state to provider layer
bdc0df8ab5 Avoid deprecated API in evp_test.c
f43c947dd9 Avoid deprecated function in evp_lib.c
2f5c405a16 Use local IV storage in EVP BLOCK_* macros
d91f902d73 Use local IV storage in e_rc2.c
acb30f4b59 Use local IV storage in e_xcbc_d.c
1453d736b5 Use local IV storage in e_sm4.c
c4d21d2f71 Use local IV storage in e_des3.c
36025d3b87 Use local IV storage in e_des.c
2c533a71c6 Use local IV storage in e_camellia.c
ddce5c29f5 Use local IV storage in e_aria.c
d3308027e9 Use local IV storage in e_aes_ebc_hmac_sha256.c
18a49e168f Use local IV storage in e_aes_ebc_hmac_sha1.c
9197c226ea Use local IV storage in e_aes.c
37322687b0 Retire EVP_CTRL_GET_IV
c76ffc78a5 Document EVP_CIPHER_CTX IV accessors
ef58f9af93 Make GCM providers more generous about fetching IVs
440b852a0f Add tests for new EVP_CIPHER_CTX IV accessors
79f4417ed9 Deprecate and replace EVP_CIPHER_CTX_iv()/etc.
8489026850 Support cipher provider "iv state"
31d2daecb3 Add DHX serialization
116d2510f7 Add dh_kdf support to provider
627c220311 Add DHX support to keymanager
36b778fbb7 README.md: remove incorrect link to openssl.github.io
0799b79a45 README.md: replace incorrect access token for the AppVeyor badge
33b4f73145 conf: add an error if the openssl_conf section isn't found.
711ae5d359 Remove a TODO from evp_test
cd0a4998a0 Extend the EVP_PKEY KDF to KDF provider bridge to the FIPS provider
9d1ae03caa Minimise the size of the macros in kdf_exch.c
74fc579a12 Update KDF documentation
1704752be6 Delete old KDF bridge EVP_PKEY_METHODS
194de849cc Extend the EVP_PKEY KDF to KDF provider bridge to also support Scrypt
05d2f72e79 Extend the EVP_PKEY KDF to KDF provider bridge to also support HKDF
ac2d58c72b Implement a EVP_PKEY KDF to KDF provider bridge
23f04372f4 Initial Apple Silicon support.
c23add3676 Fix memory leak in drbgtest

Build log ended with (last 100 lines):


# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build
80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok

            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 7 - iteration 7
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 8 - iteration 8
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 10 - iteration 10
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 11 - iteration 11
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 12 - iteration 12
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips.cnf => 1
    not ok 9 - running ssl_test 04-client_auth.cnf
# ------------------------------------------------------------------------------
    #   Failed test 'running ssl_test 04-client_auth.cnf'
    #   at ../openssl/test/recipes/80-test_ssl_new.t line 173.
    # Looks like you failed 1 test of 9.
not ok 5 - Test configuration 04-client_auth.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  5
  Non-zero exit status: 1
Files=208, Tests=3306, 885 wallclock secs (12.85 usr  1.30 sys + 818.25 cusr 64.41 csys = 896.81 CPU)
Result: FAIL
Makefile:3171: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dgram'
Makefile:3169: recipe for target 'tests' failed
make: *** [tests] Error 2

From tmraz at fedoraproject.org  Thu Aug 13 08:17:48 2020
From: tmraz at fedoraproject.org (tmraz at fedoraproject.org)
Date: Thu, 13 Aug 2020 08:17:48 +0000
Subject: [openssl]  master update
Message-ID: <1597306668.241473.15203.nullmailer@dev.openssl.org>

The branch master has been updated
       via  ea9f6890eb54e4b9e8b81cc1318ca3a6fc0c8356 (commit)
       via  dffeec1c10a874d7c7b83c221dbbce82f755edb1 (commit)
      from  dd0164e7565bb14fac193aea4c2c37714bf66d56 (commit)


- Log -----------------------------------------------------------------
commit ea9f6890eb54e4b9e8b81cc1318ca3a6fc0c8356
Author: Tomas Mraz <tmraz at fedoraproject.org>
Date:   Thu Aug 6 15:14:29 2020 +0200

    sslapitest: Add test for premature call of SSL_export_keying_material
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12594)

commit dffeec1c10a874d7c7b83c221dbbce82f755edb1
Author: Tomas Mraz <tmraz at fedoraproject.org>
Date:   Thu Aug 6 11:20:43 2020 +0200

    Avoid segfault in SSL_export_keying_material if there is no session
    
    Fixes #12588
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12594)

-----------------------------------------------------------------------

Summary of changes:
 ssl/ssl_lib.c     |  3 ++-
 test/sslapitest.c | 17 ++++++++++++++---
 2 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index f957664a48..c72341547a 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -3054,7 +3054,8 @@ int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
                                const unsigned char *context, size_t contextlen,
                                int use_context)
 {
-    if (s->version < TLS1_VERSION && s->version != DTLS1_BAD_VER)
+    if (s->session == NULL
+        || (s->version < TLS1_VERSION && s->version != DTLS1_BAD_VER))
         return -1;
 
     return s->method->ssl3_enc->export_keying_material(s, out, olen, label,
diff --git a/test/sslapitest.c b/test/sslapitest.c
index 3d6d83a11a..6f4c11537b 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -5690,9 +5690,20 @@ static int test_export_key_mat(int tst)
         goto end;
 
     if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL,
-                                      NULL))
-            || !TEST_true(create_ssl_connection(serverssl, clientssl,
-                                                SSL_ERROR_NONE)))
+                                      NULL)))
+        goto end;
+
+    /*
+     * Premature call of SSL_export_keying_material should just fail.
+     */
+    if (!TEST_int_le(SSL_export_keying_material(clientssl, ckeymat1,
+                                                sizeof(ckeymat1), label,
+                                                SMALL_LABEL_LEN + 1, context,
+                                                sizeof(context) - 1, 1), 0))
+        goto end;
+
+    if (!TEST_true(create_ssl_connection(serverssl, clientssl,
+                                         SSL_ERROR_NONE)))
         goto end;
 
     if (tst == 5) {

From tmraz at fedoraproject.org  Thu Aug 13 08:19:33 2020
From: tmraz at fedoraproject.org (tmraz at fedoraproject.org)
Date: Thu, 13 Aug 2020 08:19:33 +0000
Subject: [openssl]  OpenSSL_1_1_1-stable update
Message-ID: <1597306773.426726.16538.nullmailer@dev.openssl.org>

The branch OpenSSL_1_1_1-stable has been updated
       via  925a9d0a8168bfd0b532bc6600ba3e7ab47a7592 (commit)
      from  ea7a58a60659d12d102ec78af4d6c3e589347150 (commit)


- Log -----------------------------------------------------------------
commit 925a9d0a8168bfd0b532bc6600ba3e7ab47a7592
Author: Tomas Mraz <tmraz at fedoraproject.org>
Date:   Thu Aug 6 11:20:43 2020 +0200

    Avoid segfault in SSL_export_keying_material if there is no session
    
    Fixes #12588
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12594)
    
    (cherry picked from commit dffeec1c10a874d7c7b83c221dbbce82f755edb1)

-----------------------------------------------------------------------

Summary of changes:
 ssl/ssl_lib.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 433a537969..b1df374817 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2897,7 +2897,8 @@ int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
                                const unsigned char *context, size_t contextlen,
                                int use_context)
 {
-    if (s->version < TLS1_VERSION && s->version != DTLS1_BAD_VER)
+    if (s->session == NULL
+        || (s->version < TLS1_VERSION && s->version != DTLS1_BAD_VER))
         return -1;
 
     return s->method->ssl3_enc->export_keying_material(s, out, olen, label,

From tmraz at fedoraproject.org  Thu Aug 13 08:20:01 2020
From: tmraz at fedoraproject.org (tmraz at fedoraproject.org)
Date: Thu, 13 Aug 2020 08:20:01 +0000
Subject: [openssl]  OpenSSL_1_1_1-stable update
Message-ID: <1597306801.935874.17624.nullmailer@dev.openssl.org>

The branch OpenSSL_1_1_1-stable has been updated
       via  46a9ee8c796c8b5f8d95290676119b4f3d72be91 (commit)
      from  925a9d0a8168bfd0b532bc6600ba3e7ab47a7592 (commit)


- Log -----------------------------------------------------------------
commit 46a9ee8c796c8b5f8d95290676119b4f3d72be91
Author: Tomas Mraz <tmraz at fedoraproject.org>
Date:   Thu Aug 6 15:14:29 2020 +0200

    sslapitest: Add test for premature call of SSL_export_keying_material
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12594)
    
    (cherry picked from commit ea9f6890eb54e4b9e8b81cc1318ca3a6fc0c8356)

-----------------------------------------------------------------------

Summary of changes:
 test/sslapitest.c | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/test/sslapitest.c b/test/sslapitest.c
index 52207226f4..ad1824c68d 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -4432,9 +4432,20 @@ static int test_export_key_mat(int tst)
     SSL_CTX_set_min_proto_version(cctx, protocols[tst]);
 
     if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL,
-                                      NULL))
-            || !TEST_true(create_ssl_connection(serverssl, clientssl,
-                                                SSL_ERROR_NONE)))
+                                      NULL)))
+        goto end;
+
+    /*
+     * Premature call of SSL_export_keying_material should just fail.
+     */
+    if (!TEST_int_le(SSL_export_keying_material(clientssl, ckeymat1,
+                                                sizeof(ckeymat1), label,
+                                                SMALL_LABEL_LEN + 1, context,
+                                                sizeof(context) - 1, 1), 0))
+        goto end;
+
+    if (!TEST_true(create_ssl_connection(serverssl, clientssl,
+                                         SSL_ERROR_NONE)))
         goto end;
 
     if (tst == 5) {

From builds at travis-ci.com  Thu Aug 13 09:43:03 2020
From: builds at travis-ci.com (Travis CI)
Date: Thu, 13 Aug 2020 09:43:03 +0000
Subject: Still Failing: openssl/openssl#36662 (master - ea9f689)
In-Reply-To: <openssl/openssl+179551784+still failing@travis-ci.com>
Message-ID: <5f350b273d240_13fbf099aa01c2449b@travis-pro-tasks-7876b49d7-kk7x5.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36662
Status: Still Failing

Duration: 1 hr, 4 mins, and 10 secs
Commit: ea9f689 (master)
Author: Tomas Mraz
Message: sslapitest: Add test for premature call of SSL_export_keying_material

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12594)

View the changeset: https://github.com/openssl/openssl/compare/dd0164e7565b...ea9f6890eb54

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179551784?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200813/62555ace/attachment.html>

From openssl at openssl.org  Thu Aug 13 12:51:59 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 13 Aug 2020 12:51:59 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-err
Message-ID: <1597323119.929527.13563.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-err

Commit log since last time:

eeccc23723 Introduce X509_add_cert[s] simplifying various additions to cert lists
e3efe7a532 Add public API for gettables and settables for keymanagement, signatures and key exchange.
af88e64a98 Fix serializer_EVP_PKEY_to_bio so that that the key is exported if the serializer provider does not match the key provider.
7c9a7cf127 Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072
1017ab21e4 provider: add the unused paramater tag to the gettable and settable functions
520150151b Expose S390x HW ciphers' IV state to provider layer
bdc0df8ab5 Avoid deprecated API in evp_test.c
f43c947dd9 Avoid deprecated function in evp_lib.c
2f5c405a16 Use local IV storage in EVP BLOCK_* macros
d91f902d73 Use local IV storage in e_rc2.c
acb30f4b59 Use local IV storage in e_xcbc_d.c
1453d736b5 Use local IV storage in e_sm4.c
c4d21d2f71 Use local IV storage in e_des3.c
36025d3b87 Use local IV storage in e_des.c
2c533a71c6 Use local IV storage in e_camellia.c
ddce5c29f5 Use local IV storage in e_aria.c
d3308027e9 Use local IV storage in e_aes_ebc_hmac_sha256.c
18a49e168f Use local IV storage in e_aes_ebc_hmac_sha1.c
9197c226ea Use local IV storage in e_aes.c
37322687b0 Retire EVP_CTRL_GET_IV
c76ffc78a5 Document EVP_CIPHER_CTX IV accessors
ef58f9af93 Make GCM providers more generous about fetching IVs
440b852a0f Add tests for new EVP_CIPHER_CTX IV accessors
79f4417ed9 Deprecate and replace EVP_CIPHER_CTX_iv()/etc.
8489026850 Support cipher provider "iv state"
31d2daecb3 Add DHX serialization
116d2510f7 Add dh_kdf support to provider
627c220311 Add DHX support to keymanager
36b778fbb7 README.md: remove incorrect link to openssl.github.io
0799b79a45 README.md: replace incorrect access token for the AppVeyor badge
33b4f73145 conf: add an error if the openssl_conf section isn't found.
711ae5d359 Remove a TODO from evp_test
cd0a4998a0 Extend the EVP_PKEY KDF to KDF provider bridge to the FIPS provider
9d1ae03caa Minimise the size of the macros in kdf_exch.c
74fc579a12 Update KDF documentation
1704752be6 Delete old KDF bridge EVP_PKEY_METHODS
194de849cc Extend the EVP_PKEY KDF to KDF provider bridge to also support Scrypt
05d2f72e79 Extend the EVP_PKEY KDF to KDF provider bridge to also support HKDF
ac2d58c72b Implement a EVP_PKEY KDF to KDF provider bridge
23f04372f4 Initial Apple Silicon support.
c23add3676 Fix memory leak in drbgtest

Build log ended with (last 100 lines):

65-test_cmp_status.t ............... ok
65-test_cmp_vfy.t .................. ok
70-test_asyncio.t .................. ok
70-test_bad_dtls.t ................. ok
70-test_clienthello.t .............. ok
70-test_comp.t ..................... ok
70-test_key_share.t ................ ok
70-test_packet.t ................... ok
70-test_recordlen.t ................ ok
70-test_renegotiation.t ............ ok
70-test_servername.t ............... ok
70-test_sslcbcpadding.t ............ ok
70-test_sslcertstatus.t ............ ok
70-test_sslextension.t ............. ok
70-test_sslmessages.t .............. ok
70-test_sslrecords.t ............... ok
70-test_sslsessiontick.t ........... ok
70-test_sslsigalgs.t ............... ok
70-test_sslsignature.t ............. ok
70-test_sslskewith0p.t ............. ok
70-test_sslversions.t .............. ok
70-test_sslvertol.t ................ ok
70-test_tls13alerts.t .............. ok
70-test_tls13cookie.t .............. ok
70-test_tls13downgrade.t ........... ok
70-test_tls13hrr.t ................. ok
70-test_tls13kexmodes.t ............ ok
70-test_tls13messages.t ............ ok
70-test_tls13psk.t ................. ok
70-test_tlsextms.t ................. ok
70-test_verify_extra.t ............. ok
70-test_wpacket.t .................. ok
71-test_ssl_ctx.t .................. ok
80-test_ca.t ....................... ok
80-test_cipherbytes.t .............. ok
80-test_cipherlist.t ............... ok
80-test_ciphername.t ............... ok

# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... ok
80-test_dtls_mtu.t ................. ok
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok
80-test_ssl_new.t .................. ok
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
04-test_err.t                    (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=208, Tests=3172, 880 wallclock secs (13.21 usr  1.23 sys + 815.36 cusr 62.85 csys = 892.65 CPU)
Result: FAIL
Makefile:3165: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-err'
Makefile:3163: recipe for target 'tests' failed
make: *** [tests] Error 2

From dev at ddvo.net  Thu Aug 13 15:28:23 2020
From: dev at ddvo.net (dev at ddvo.net)
Date: Thu, 13 Aug 2020 15:28:23 +0000
Subject: [openssl]  master update
Message-ID: <1597332503.048632.11713.nullmailer@dev.openssl.org>

The branch master has been updated
       via  cddbcf0d2887388d95d5b338b249ac3923be00f1 (commit)
      from  ea9f6890eb54e4b9e8b81cc1318ca3a6fc0c8356 (commit)


- Log -----------------------------------------------------------------
commit cddbcf0d2887388d95d5b338b249ac3923be00f1
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Thu Jun 4 10:23:42 2020 +0200

    Remove needless #ifndef OPENSSL_NO_SOCK for X509_{CRL_}load_http
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12638)

-----------------------------------------------------------------------

Summary of changes:
 crypto/x509/x_all.c    | 4 ----
 include/openssl/x509.h | 6 ++----
 util/libcrypto.num     | 4 ++--
 3 files changed, 4 insertions(+), 10 deletions(-)

diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c
index 868b187c5d..12a666884b 100644
--- a/crypto/x509/x_all.c
+++ b/crypto/x509/x_all.c
@@ -126,7 +126,6 @@ int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx)
                               &x->sig_alg, &x->signature, &x->cert_info, ctx);
 }
 
-#if !defined(OPENSSL_NO_SOCK)
 static ASN1_VALUE *simple_get_asn1(const char *url, BIO *bio, BIO *rbio,
                                    int timeout, const ASN1_ITEM *it)
 {
@@ -142,7 +141,6 @@ X509 *X509_load_http(const char *url, BIO *bio, BIO *rbio, int timeout)
     return (X509 *)simple_get_asn1(url, bio, rbio, timeout,
                                    ASN1_ITEM_rptr(X509));
 }
-#endif
 
 int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
 {
@@ -172,13 +170,11 @@ int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx)
                               &x->crl, ctx);
 }
 
-#if !defined(OPENSSL_NO_SOCK)
 X509_CRL *X509_CRL_load_http(const char *url, BIO *bio, BIO *rbio, int timeout)
 {
     return (X509_CRL *)simple_get_asn1(url, bio, rbio, timeout,
                                        ASN1_ITEM_rptr(X509_CRL));
 }
-#endif
 
 int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md)
 {
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index d5b13ded0b..71a5f77301 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -383,12 +383,10 @@ int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
 int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
                      unsigned char *md, unsigned int *len);
 
-# if !defined(OPENSSL_NO_SOCK)
 X509 *X509_load_http(const char *url, BIO *bio, BIO *rbio, int timeout);
-#  define X509_http_nbio(url) X509_load_http(url, NULL, NULL, 0)
+# define X509_http_nbio(url) X509_load_http(url, NULL, NULL, 0)
 X509_CRL *X509_CRL_load_http(const char *url, BIO *bio, BIO *rbio, int timeout);
-#  define X509_CRL_http_nbio(url) X509_CRL_load_http(url, NULL,  NULL, 0)
-# endif
+# define X509_CRL_http_nbio(url) X509_CRL_load_http(url, NULL,  NULL, 0)
 
 # ifndef OPENSSL_NO_STDIO
 X509 *d2i_X509_fp(FILE *fp, X509 **x509);
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 1e50e72ffe..a2b5a5c6ff 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -245,7 +245,7 @@ RSA_get_ex_data                         249	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3
 EVP_PKEY_meth_get_decrypt               250	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0
 DES_cfb_encrypt                         251	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,DES
 CMS_SignerInfo_set1_signer_cert         252	3_0_0	EXIST::FUNCTION:CMS
-X509_CRL_load_http                      253	3_0_0	EXIST::FUNCTION:SOCK
+X509_CRL_load_http                      253	3_0_0	EXIST::FUNCTION:
 ENGINE_register_all_ciphers             254	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE
 SXNET_new                               255	3_0_0	EXIST::FUNCTION:
 EVP_camellia_256_ctr                    256	3_0_0	EXIST::FUNCTION:CAMELLIA
@@ -1243,7 +1243,7 @@ TS_REQ_set_cert_req                     1271	3_0_0	EXIST::FUNCTION:TS
 TXT_DB_get_by_index                     1272	3_0_0	EXIST::FUNCTION:
 X509_check_ca                           1273	3_0_0	EXIST::FUNCTION:
 DH_get_2048_224                         1274	3_0_0	EXIST::FUNCTION:DH
-X509_load_http                          1275	3_0_0	EXIST::FUNCTION:SOCK
+X509_load_http                          1275	3_0_0	EXIST::FUNCTION:
 i2d_AUTHORITY_INFO_ACCESS               1276	3_0_0	EXIST::FUNCTION:
 EVP_get_cipherbyname                    1277	3_0_0	EXIST::FUNCTION:
 CONF_dump_fp                            1278	3_0_0	EXIST::FUNCTION:STDIO

From builds at travis-ci.com  Thu Aug 13 17:31:18 2020
From: builds at travis-ci.com (Travis CI)
Date: Thu, 13 Aug 2020 17:31:18 +0000
Subject: Still Failing: openssl/openssl#36669 (master - cddbcf0)
In-Reply-To: <openssl/openssl+179609339+still failing@travis-ci.com>
Message-ID: <5f3578e58405f_13fda008b40c4228476@travis-pro-tasks-69f875d67c-b5f8g.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36669
Status: Still Failing

Duration: 41 mins and 41 secs
Commit: cddbcf0 (master)
Author: Dr. David von Oheimb
Message: Remove needless #ifndef OPENSSL_NO_SOCK for X509_{CRL_}load_http

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12638)

View the changeset: https://github.com/openssl/openssl/compare/ea9f6890eb54...cddbcf0d2887

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179609339?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200813/5ed96e4d/attachment.html>

From patrick.steuer at de.ibm.com  Thu Aug 13 19:39:38 2020
From: patrick.steuer at de.ibm.com (patrick.steuer at de.ibm.com)
Date: Thu, 13 Aug 2020 19:39:38 +0000
Subject: [openssl]  master update
Message-ID: <1597347578.951811.11081.nullmailer@dev.openssl.org>

The branch master has been updated
       via  c19e6da9a345b1e14caca23c50a0c7690309e0e4 (commit)
      from  cddbcf0d2887388d95d5b338b249ac3923be00f1 (commit)


- Log -----------------------------------------------------------------
commit c19e6da9a345b1e14caca23c50a0c7690309e0e4
Author: Patrick Steuer <patrick.steuer at de.ibm.com>
Date:   Tue Aug 11 13:51:04 2020 +0200

    Appease -Werror=stringop-overflow=
    
    gcc 10 seems to think of assigning to an (unsigned) char
    array as a stringop and demands additional space for a
    terminating '\0':
    
    In function 'ssl3_generate_key_block',
        inlined from 'ssl3_setup_key_block' at ssl/s3_enc.c:304:11:
    ssl/s3_enc.c:51:20: error: writing 1 byte into a region of size 0
    [-Werror=stringop-overflow=]
       51 |             buf[j] = c;
          |             ~~~~~~~^~~
    ssl/s3_enc.c: In function 'ssl3_setup_key_block':
    ssl/s3_enc.c:23:19: note: at offset 16 to object 'buf' with size 16
    declared here
       23 |     unsigned char buf[16], smd[SHA_DIGEST_LENGTH];
          |                   ^~~
    
    Signed-off-by: Patrick Steuer <patrick.steuer at de.ibm.com>
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12632)

-----------------------------------------------------------------------

Summary of changes:
 ssl/s3_enc.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 36b7c7616e..bd668f317e 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -22,7 +22,7 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
     EVP_MD_CTX *s1;
     unsigned char buf[16], smd[SHA_DIGEST_LENGTH];
     unsigned char c = 'A';
-    unsigned int i, j, k;
+    unsigned int i, k;
     int ret = 0;
 
 #ifdef CHARSET_EBCDIC
@@ -47,8 +47,7 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
             goto err;
         }
 
-        for (j = 0; j < k; j++)
-            buf[j] = c;
+        memset(buf, c, k);
         c++;
         if (!EVP_DigestInit_ex(s1, sha1, NULL)
             || !EVP_DigestUpdate(s1, buf, k)

From openssl at openssl.org  Thu Aug 13 20:56:11 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 13 Aug 2020 20:56:11 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-ui-console
Message-ID: <1597352171.308305.30183.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ui-console

Commit log since last time:

eeccc23723 Introduce X509_add_cert[s] simplifying various additions to cert lists
e3efe7a532 Add public API for gettables and settables for keymanagement, signatures and key exchange.
af88e64a98 Fix serializer_EVP_PKEY_to_bio so that that the key is exported if the serializer provider does not match the key provider.
7c9a7cf127 Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072
1017ab21e4 provider: add the unused paramater tag to the gettable and settable functions
520150151b Expose S390x HW ciphers' IV state to provider layer
bdc0df8ab5 Avoid deprecated API in evp_test.c
f43c947dd9 Avoid deprecated function in evp_lib.c
2f5c405a16 Use local IV storage in EVP BLOCK_* macros
d91f902d73 Use local IV storage in e_rc2.c
acb30f4b59 Use local IV storage in e_xcbc_d.c
1453d736b5 Use local IV storage in e_sm4.c
c4d21d2f71 Use local IV storage in e_des3.c
36025d3b87 Use local IV storage in e_des.c
2c533a71c6 Use local IV storage in e_camellia.c
ddce5c29f5 Use local IV storage in e_aria.c
d3308027e9 Use local IV storage in e_aes_ebc_hmac_sha256.c
18a49e168f Use local IV storage in e_aes_ebc_hmac_sha1.c
9197c226ea Use local IV storage in e_aes.c
37322687b0 Retire EVP_CTRL_GET_IV
c76ffc78a5 Document EVP_CIPHER_CTX IV accessors
ef58f9af93 Make GCM providers more generous about fetching IVs
440b852a0f Add tests for new EVP_CIPHER_CTX IV accessors
79f4417ed9 Deprecate and replace EVP_CIPHER_CTX_iv()/etc.
8489026850 Support cipher provider "iv state"
31d2daecb3 Add DHX serialization
116d2510f7 Add dh_kdf support to provider
627c220311 Add DHX support to keymanager
36b778fbb7 README.md: remove incorrect link to openssl.github.io
0799b79a45 README.md: replace incorrect access token for the AppVeyor badge
33b4f73145 conf: add an error if the openssl_conf section isn't found.
711ae5d359 Remove a TODO from evp_test
cd0a4998a0 Extend the EVP_PKEY KDF to KDF provider bridge to the FIPS provider
9d1ae03caa Minimise the size of the macros in kdf_exch.c
74fc579a12 Update KDF documentation
1704752be6 Delete old KDF bridge EVP_PKEY_METHODS
194de849cc Extend the EVP_PKEY KDF to KDF provider bridge to also support Scrypt
05d2f72e79 Extend the EVP_PKEY KDF to KDF provider bridge to also support HKDF
ac2d58c72b Implement a EVP_PKEY KDF to KDF provider bridge
23f04372f4 Initial Apple Silicon support.
c23add3676 Fix memory leak in drbgtest

Build log ended with (last 100 lines):

    #   Failed test 'p10cr csr empty file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -csr wrong.csr.pem => 139
    not ok 78 - p10cr wrong csr
# ------------------------------------------------------------------------------
    #   Failed test 'p10cr wrong csr'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -revreason 5 => 139
    not ok 79 - ir + ignored revocation
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 139
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 139
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 139
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' => 139
    not ok 86 - kur newkey is directory
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139
    not ok 89 - kur oldcert is directory
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert is directory'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139
    not ok 90 - kur oldcert not existing
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert not existing'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139
    not ok 91 - kur empty oldcert file
# ------------------------------------------------------------------------------
    #   Failed test 'kur empty oldcert file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139
    not ok 92 - kur command without cert and oldcert
# ------------------------------------------------------------------------------
    #   Failed test 'kur command without cert and oldcert'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 65 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-ui-console/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=208, Tests=3309, 941 wallclock secs (13.09 usr  1.42 sys + 837.77 cusr 65.52 csys = 917.80 CPU)
Result: FAIL
Makefile:3164: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-ui-console'
Makefile:3162: recipe for target 'tests' failed
make: *** [tests] Error 2

From builds at travis-ci.com  Thu Aug 13 21:02:05 2020
From: builds at travis-ci.com (Travis CI)
Date: Thu, 13 Aug 2020 21:02:05 +0000
Subject: Still Failing: openssl/openssl#36671 (master - c19e6da)
In-Reply-To: <openssl/openssl+179645329+still failing@travis-ci.com>
Message-ID: <5f35aa4c6e288_13febc143645c1366ee@travis-pro-tasks-6998bc5ff4-qh4hn.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36671
Status: Still Failing

Duration: 1 hr, 21 mins, and 14 secs
Commit: c19e6da (master)
Author: Patrick Steuer
Message: Appease -Werror=stringop-overflow=

gcc 10 seems to think of assigning to an (unsigned) char
array as a stringop and demands additional space for a
terminating '\0':

In function 'ssl3_generate_key_block',
    inlined from 'ssl3_setup_key_block' at ssl/s3_enc.c:304:11:
ssl/s3_enc.c:51:20: error: writing 1 byte into a region of size 0
[-Werror=stringop-overflow=]
   51 |             buf[j] = c;
      |             ~~~~~~~^~~
ssl/s3_enc.c: In function 'ssl3_setup_key_block':
ssl/s3_enc.c:23:19: note: at offset 16 to object 'buf' with size 16
declared here
   23 |     unsigned char buf[16], smd[SHA_DIGEST_LENGTH];
      |                   ^~~

Signed-off-by: Patrick Steuer <patrick.steuer at de.ibm.com>

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12632)

View the changeset: https://github.com/openssl/openssl/compare/cddbcf0d2887...c19e6da9a345

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179645329?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200813/9cc0e5b4/attachment-0001.html>

From openssl at openssl.org  Thu Aug 13 23:21:40 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 13 Aug 2020 23:21:40 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 enable-fuzz-afl no-shared no-module
Message-ID: <1597360900.908920.12872.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module

Commit log since last time:

eeccc23723 Introduce X509_add_cert[s] simplifying various additions to cert lists
e3efe7a532 Add public API for gettables and settables for keymanagement, signatures and key exchange.
af88e64a98 Fix serializer_EVP_PKEY_to_bio so that that the key is exported if the serializer provider does not match the key provider.
7c9a7cf127 Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072
1017ab21e4 provider: add the unused paramater tag to the gettable and settable functions
520150151b Expose S390x HW ciphers' IV state to provider layer
bdc0df8ab5 Avoid deprecated API in evp_test.c
f43c947dd9 Avoid deprecated function in evp_lib.c
2f5c405a16 Use local IV storage in EVP BLOCK_* macros
d91f902d73 Use local IV storage in e_rc2.c
acb30f4b59 Use local IV storage in e_xcbc_d.c
1453d736b5 Use local IV storage in e_sm4.c
c4d21d2f71 Use local IV storage in e_des3.c
36025d3b87 Use local IV storage in e_des.c
2c533a71c6 Use local IV storage in e_camellia.c
ddce5c29f5 Use local IV storage in e_aria.c
d3308027e9 Use local IV storage in e_aes_ebc_hmac_sha256.c
18a49e168f Use local IV storage in e_aes_ebc_hmac_sha1.c
9197c226ea Use local IV storage in e_aes.c
37322687b0 Retire EVP_CTRL_GET_IV
c76ffc78a5 Document EVP_CIPHER_CTX IV accessors
ef58f9af93 Make GCM providers more generous about fetching IVs
440b852a0f Add tests for new EVP_CIPHER_CTX IV accessors
79f4417ed9 Deprecate and replace EVP_CIPHER_CTX_iv()/etc.
8489026850 Support cipher provider "iv state"
31d2daecb3 Add DHX serialization
116d2510f7 Add dh_kdf support to provider
627c220311 Add DHX support to keymanager
36b778fbb7 README.md: remove incorrect link to openssl.github.io
0799b79a45 README.md: replace incorrect access token for the AppVeyor badge
33b4f73145 conf: add an error if the openssl_conf section isn't found.
711ae5d359 Remove a TODO from evp_test
cd0a4998a0 Extend the EVP_PKEY KDF to KDF provider bridge to the FIPS provider
9d1ae03caa Minimise the size of the macros in kdf_exch.c
74fc579a12 Update KDF documentation
1704752be6 Delete old KDF bridge EVP_PKEY_METHODS
194de849cc Extend the EVP_PKEY KDF to KDF provider bridge to also support Scrypt
05d2f72e79 Extend the EVP_PKEY KDF to KDF provider bridge to also support HKDF
ac2d58c72b Implement a EVP_PKEY KDF to KDF provider bridge
23f04372f4 Initial Apple Silicon support.
c23add3676 Fix memory leak in drbgtest

Build log ended with (last 100 lines):

../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock credentials' -proxy '' -no_proxy 127.0.0.1 -cert "" -key "" -keypass "" -unprotected_requests => 0
    not ok 38 - unprotected request
# ------------------------------------------------------------------------------
    #   Failed test 'unprotected request'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 3 tests of 38.
not ok 5 - CMP app CLI Mock credentials
# ------------------------------------------------------------------------------
OPENSSL_FUNC:../openssl/apps/cmp.c:3059:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2835:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2172:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2216:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 43 - popo RAVERIFIED
# ------------------------------------------------------------------------------
OPENSSL_FUNC:../openssl/apps/cmp.c:3059:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2835:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2172:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2216:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 47 - popo NONE
# ------------------------------------------------------------------------------
    #   Failed test 'popo NONE'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
OPENSSL_FUNC:../openssl/apps/cmp.c:3059:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2835:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2172:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2216:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 2 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 48 - popo KEYENC not supported
# ------------------------------------------------------------------------------
    # Looks like you failed 3 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/enable-fuzz-afl/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 3 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 3 (wstat 768, 0x300)
Failed 3/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ skipped: Test only supported in a shared build
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 768 Tests: 7 Failed: 3)
  Failed tests:  4-5, 7
  Non-zero exit status: 3
Files=208, Tests=2994, 747 wallclock secs ( 9.65 usr  1.20 sys + 691.27 cusr 46.41 csys = 748.53 CPU)
Result: FAIL
Makefile:2396: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-fuzz-afl'
Makefile:2394: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Fri Aug 14 05:38:33 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 14 Aug 2020 05:38:33 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-posix-io
Message-ID: <1597383514.001938.32685.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-posix-io

Commit log since last time:

eeccc23723 Introduce X509_add_cert[s] simplifying various additions to cert lists
e3efe7a532 Add public API for gettables and settables for keymanagement, signatures and key exchange.
af88e64a98 Fix serializer_EVP_PKEY_to_bio so that that the key is exported if the serializer provider does not match the key provider.
7c9a7cf127 Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072
1017ab21e4 provider: add the unused paramater tag to the gettable and settable functions
520150151b Expose S390x HW ciphers' IV state to provider layer
bdc0df8ab5 Avoid deprecated API in evp_test.c
f43c947dd9 Avoid deprecated function in evp_lib.c
2f5c405a16 Use local IV storage in EVP BLOCK_* macros
d91f902d73 Use local IV storage in e_rc2.c
acb30f4b59 Use local IV storage in e_xcbc_d.c
1453d736b5 Use local IV storage in e_sm4.c
c4d21d2f71 Use local IV storage in e_des3.c
36025d3b87 Use local IV storage in e_des.c
2c533a71c6 Use local IV storage in e_camellia.c
ddce5c29f5 Use local IV storage in e_aria.c
d3308027e9 Use local IV storage in e_aes_ebc_hmac_sha256.c
18a49e168f Use local IV storage in e_aes_ebc_hmac_sha1.c
9197c226ea Use local IV storage in e_aes.c
37322687b0 Retire EVP_CTRL_GET_IV
c76ffc78a5 Document EVP_CIPHER_CTX IV accessors
ef58f9af93 Make GCM providers more generous about fetching IVs
440b852a0f Add tests for new EVP_CIPHER_CTX IV accessors
79f4417ed9 Deprecate and replace EVP_CIPHER_CTX_iv()/etc.
8489026850 Support cipher provider "iv state"
31d2daecb3 Add DHX serialization
116d2510f7 Add dh_kdf support to provider
627c220311 Add DHX support to keymanager
36b778fbb7 README.md: remove incorrect link to openssl.github.io
0799b79a45 README.md: replace incorrect access token for the AppVeyor badge
33b4f73145 conf: add an error if the openssl_conf section isn't found.
711ae5d359 Remove a TODO from evp_test
cd0a4998a0 Extend the EVP_PKEY KDF to KDF provider bridge to the FIPS provider
9d1ae03caa Minimise the size of the macros in kdf_exch.c
74fc579a12 Update KDF documentation
1704752be6 Delete old KDF bridge EVP_PKEY_METHODS
194de849cc Extend the EVP_PKEY KDF to KDF provider bridge to also support Scrypt
05d2f72e79 Extend the EVP_PKEY KDF to KDF provider bridge to also support HKDF
ac2d58c72b Implement a EVP_PKEY KDF to KDF provider bridge
23f04372f4 Initial Apple Silicon support.
c23add3676 Fix memory leak in drbgtest

Build log ended with (last 100 lines):

rm -f doc/man/man1/CA.pl.1 doc/man/man1/openssl-asn1parse.1 doc/man/man1/openssl-ca.1 doc/man/man1/openssl-ciphers.1 doc/man/man1/openssl-cmds.1 doc/man/man1/openssl-cmp.1 doc/man/man1/openssl-cms.1 doc/man/man1/openssl-crl.1 doc/man/man1/openssl-crl2pkcs7.1 doc/man/man1/openssl-dgst.1 doc/man/man1/openssl-dhparam.1 doc/man/man1/openssl-dsa.1 doc/man/man1/openssl-dsaparam.1 doc/man/man1/openssl-ec.1 doc/man/man1/openssl-ecparam.1 doc/man/man1/openssl-enc.1 doc/man/man1/openssl-engine.1 doc/man/man1/openssl-errstr.1 doc/man/man1/openssl-fipsinstall.1 doc/man/man1/openssl-gendsa.1 doc/man/man1/openssl-genpkey.1 doc/man/man1/openssl-genrsa.1 doc/man/man1/openssl-info.1 doc/man/man1/openssl-kdf.1 doc/man/man1/openssl-list.1 doc/man/man1/openssl-mac.1 doc/man/man1/openssl-nseq.1 doc/man/man1/openssl-ocsp.1 doc/man/man1/openssl-passwd.1 doc/man/man1/openssl-pkcs12.1 doc/man/man1/openssl-pkcs7.1 doc/man/man1/openssl-pkcs8.1 doc/man/man1/openssl-pkey.1 doc/man/man1/openssl-pkeyparam.1 doc/man/man1/openssl-pkeyutl.1 doc/man/man1/openssl-prime.1 doc/man/man1/openssl-provider.1 doc/man/man1/openssl-rand.1 doc/man/man1/openssl-rehash.1 doc/man/man1/openssl-req.1 doc/man/man1/openssl-rsa.1 doc/man/man1/openssl-rsautl.1 doc/man/man1/openssl-s_client.1 doc/man/man1/openssl-s_server.1 doc/man/man1/openssl-s_time.1 doc/man/man1/openssl-sess_id.1 doc/man/man1/openssl-smime.1 doc/man/man1/openssl-speed.1 doc/man/man1/openssl-spkac.1 doc/man/man1/openssl-srp.1 doc/man/man1/openssl-storeutl.1 doc/man/man1/openssl-ts.1 doc/man/man1/openssl-verify.1 doc/man/man1/openssl-version.1 doc/man/man1/openssl-x509.1 doc/man/man1/openssl.1 doc/man/man1/tsget.1 doc/man/man3/ADMISSIONS.3 doc/man/man3/ASN1_INTEGER_get_int64.3 doc/man/man3/ASN1_INTEGER_new.3 doc/man/man3/ASN1_ITEM_lookup.3 doc/man/man3/ASN1_OBJECT_new.3 doc/man/man3/ASN1_STRING_TABLE_add.3 doc/man/man3/ASN1_STRING_length.3 doc/man/man3/ASN1_STRING_new.3 doc/man/man3/ASN1_STRING_print_ex.3 doc/man/man3/ASN1_TIME_set.3 doc/man/man3/ASN1_TYPE_get.3 doc/man/man3/ASN1_generate_nconf.3 doc/man/man3/ASYNC_WAIT_CTX_new.3 doc/man/man3/ASYNC_start_job.3 doc/man/man3/BF_encrypt.3 doc/man/man3/BIO_ADDR.3 doc/man/man3/BIO_ADDRINFO.3 doc/man/man3/BIO_connect.3 doc/man/man3/BIO_ctrl.3 doc/man/man3/BIO_f_base64.3 doc/man/man3/BIO_f_buffer.3 doc/man/man3/BIO_f_cipher.3 doc/man/man3/BIO_f_md.3 doc/man/man3/BIO_f_null.3 doc/man/man3/BIO_f_prefix.3 doc/man/man3/BIO_f_ssl.3 doc/man/man3/BIO_find_type.3 doc/man/man3/BIO_get_data.3 doc/man/man3/BIO_get_ex_new_index.3 doc/man/man3/BIO_meth_new.3 doc/man/man3/BIO_new.3 doc/man/man3/BIO_new_CMS.3 doc/man/man3/BIO_parse_hostserv.3 doc/man/man3/BIO_printf.3 doc/man/man3/BIO_push.3 doc/man/man3/BIO_read.3 doc/man/man3/BIO_s_accept.3 doc/man/man3/BIO_s_bio.3 doc/man/man3/BIO_s_connect.3 doc/man/man3/BIO_s_fd.3 doc/man/man3/BIO_s_file.3 doc/man/man3/BIO_s_mem.3 doc/man/man3/BIO_s_null.3 doc/man/man3/BIO_s_socket.3 doc/man/man3/BIO_set_callback.3 doc/man/man3/BIO_should_retry.3 doc/man/man3/BIO_socket_wait.3 doc/man/man3/BN_BLINDING_new.3 doc/man/man3/BN_CTX_new.3 doc/man/man3/BN_CTX_start.3 doc/man/man3/BN_add.3 doc/man/man3/BN_add_word.3 doc/man/man3/BN_bn2bin.3 doc/man/man3/BN_cmp.3 doc/man/man3/BN_copy.3 doc/man/man3/BN_generate_prime.3 doc/man/man3/BN_mod_inverse.3 doc/man/man3/BN_mod_mul_montgomery.3 doc/man/man3/BN_mod_mul_reciprocal.3 doc/man/man3/BN_new.3 doc/man/man3/BN_num_bytes.3 doc/man/man3/BN_rand.3 doc/man/man3/BN_security_bits.3 doc/man/man3/BN_set_bit.3 doc/man/man3/BN_swap.3 doc/man/man3/BN_zero.3 doc/man/man3/BUF_MEM_new.3 doc/man/man3/CMS_EncryptedData_decrypt.3 doc/man/man3/CMS_EncryptedData_encrypt.3 doc/man/man3/CMS_EnvelopedData_create.3 doc/man/man3/CMS_add0_cert.3 doc/man/man3/CMS_add1_recipient_cert.3 doc/man/man3/CMS_add1_signer.3 doc/man/man3/CMS_compress.3 doc/man/man3/CMS_data_create.3 doc/man/man3/CMS_decrypt.3 doc/man/man3/CMS_digest_create.3 doc/man/man3/CMS_encrypt.3 doc/man/man3/CMS_final.3 doc/man/man3/CMS_get0_RecipientInfos.3 doc/man/man3/CMS_get0_SignerInfos.3 doc/man/man3/CMS_get0_type.3 doc/man/man3/CMS_get1_ReceiptRequest.3 doc/man/man3/CMS_sign.3 doc/man/man3/CMS_sign_receipt.3 doc/man/man3/CMS_uncompress.3 doc/man/man3/CMS_verify.3 doc/man/man3/CMS_verify_receipt.3 doc/man/man3/CONF_modules_free.3 doc/man/man3/CONF_modules_load_file.3 doc/man/man3/CRYPTO_THREAD_run_once.3 doc/man/man3/CRYPTO_get_ex_new_index.3 doc/man/man3/CRYPTO_memcmp.3 doc/man/man3/CTLOG_STORE_get0_log_by_id.3 doc/man/man3/CTLOG_STORE_new.3 doc/man/man3/CTLOG_new.3 doc/man/man3/CT_POLICY_EVAL_CTX_new.3 doc/man/man3/DEFINE_STACK_OF.3 doc/man/man3/DES_random_key.3 doc/man/man3/DH_generate_key.3 doc/man/man3/DH_generate_parameters.3 doc/man/man3/DH_get0_pqg.3 doc/man/man3/DH_get_1024_160.3 doc/man/man3/DH_meth_new.3 doc/man/man3/DH_new.3 doc/man/man3/DH_new_by_nid.3 doc/man/man3/DH_set_method.3 doc/man/man3/DH_size.3 doc/man/man3/DSA_SIG_new.3 doc/man/man3/DSA_do_sign.3 doc/man/man3/DSA_dup_DH.3 doc/man/man3/DSA_generate_key.3 doc/man/man3/DSA_generate_parameters.3 doc/man/man3/DSA_get0_pqg.3 doc/man/man3/DSA_meth_new.3 doc/man/man3/DSA_new.3 doc/man/man3/DSA_set_method.3 doc/man/man3/DSA_sign.3 doc/man/man3/DSA_size.3 doc/man/man3/DTLS_get_data_mtu.3 doc/man/man3/DTLS_set_timer_cb.3 doc/man/man3/DTLSv1_listen.3 doc/man/man3/ECDSA_SIG_new.3 doc/man/man3/ECPKParameters_print.3 doc/man/man3/EC_GFp_simple_method.3 doc/man/man3/EC_GROUP_copy.3 doc/man/man3/EC_GROUP_new.3 doc/man/man3/EC_KEY_get_enc_flags.3 doc/man/man3/EC_KEY_new.3 doc/man/man3/EC_POINT_add.3 doc/man/man3/EC_POINT_new.3 doc/man/man3/ENGINE_add.3 doc/man/man3/ERR_GET_LIB.3 doc/man/man3/ERR_clear_error.3 doc/man/man3/ERR_error_string.3 doc/man/man3/ERR_get_error.3 doc/man/man3/ERR_load_crypto_strings.3 doc/man/man3/ERR_load_strings.3 doc/man/man3/ERR_new.3 doc/man/man3/ERR_print_errors.3 doc/man/man3/ERR_put_error.3 doc/man/man3/ERR_remove_state.3 doc/man/man3/ERR_set_mark.3 doc/man/man3/EVP_ASYM_CIPHER_free.3 doc/man/man3/EVP_BytesToKey.3 doc/man/man3/EVP_CIPHER_CTX_get_cipher_data.3 doc/man/man3/EVP_CIPHER_CTX_get_iv.3 doc/man/man3/EVP_CIPHER_meth_new.3 doc/man/man3/EVP_DigestInit.3 doc/man/man3/EVP_DigestSignInit.3 doc/man/man3/EVP_DigestVerifyInit.3 doc/man/man3/EVP_EncodeInit.3 doc/man/man3/EVP_EncryptInit.3 doc/man/man3/EVP_KDF.3 doc/man/man3/EVP_KEYEXCH_free.3 doc/man/man3/EVP_KEYMGMT.3 doc/man/man3/EVP_MAC.3 doc/man/man3/EVP_MD_meth_new.3 doc/man/man3/EVP_OpenInit.3 doc/man/man3/EVP_PKEY_ASN1_METHOD.3 doc/man/man3/EVP_PKEY_CTX_ctrl.3 doc/man/man3/EVP_PKEY_CTX_new.3 doc/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3 doc/man/man3/EVP_PKEY_CTX_set_hkdf_md.3 doc/man/man3/EVP_PKEY_CTX_set_params.3 doc/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3 doc/man/man3/EVP_PKEY_CTX_set_scrypt_N.3 doc/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3 doc/man/man3/EVP_PKEY_asn1_get_count.3 doc/man/man3/EVP_PKEY_check.3 doc/man/man3/EVP_PKEY_copy_parameters.3 doc/man/man3/EVP_PKEY_decrypt.3 doc/man/man3/EVP_PKEY_derive.3 doc/man/man3/EVP_PKEY_encrypt.3 doc/man/man3/EVP_PKEY_fromdata.3 doc/man/man3/EVP_PKEY_gen.3 doc/man/man3/EVP_PKEY_get_default_digest_nid.3 doc/man/man3/EVP_PKEY_gettable_params.3 doc/man/man3/EVP_PKEY_is_a.3 doc/man/man3/EVP_PKEY_meth_get_count.3 doc/man/man3/EVP_PKEY_meth_new.3 doc/man/man3/EVP_PKEY_new.3 doc/man/man3/EVP_PKEY_print_private.3 doc/man/man3/EVP_PKEY_set1_RSA.3 doc/man/man3/EVP_PKEY_set_type.3 doc/man/man3/EVP_PKEY_sign.3 doc/man/man3/EVP_PKEY_size.3 doc/man/man3/EVP_PKEY_supports_digest_nid.3 doc/man/man3/EVP_PKEY_verify.3 doc/man/man3/EVP_PKEY_verify_recover.3 doc/man/man3/EVP_RAND.3 doc/man/man3/EVP_SIGNATURE_free.3 doc/man/man3/EVP_SealInit.3 doc/man/man3/EVP_SignInit.3 doc/man/man3/EVP_VerifyInit.3 doc/man/man3/EVP_aes_128_gcm.3 doc/man/man3/EVP_aria_128_gcm.3 doc/man/man3/EVP_bf_cbc.3 doc/man/man3/EVP_blake2b512.3 doc/man/man3/EVP_camellia_128_ecb.3 doc/man/man3/EVP_cast5_cbc.3 doc/man/man3/EVP_chacha20.3 doc/man/man3/EVP_des_cbc.3 doc/man/man3/EVP_desx_cbc.3 doc/man/man3/EVP_idea_cbc.3 doc/man/man3/EVP_md2.3 doc/man/man3/EVP_md4.3 doc/man/man3/EVP_md5.3 doc/man/man3/EVP_mdc2.3 doc/man/man3/EVP_rc2_cbc.3 doc/man/man3/EVP_rc4.3 doc/man/man3/EVP_rc5_32_12_16_cbc.3 doc/man/man3/EVP_ripemd160.3 doc/man/man3/EVP_seed_cbc.3 doc/man/man3/EVP_set_default_properties.3 doc/man/man3/EVP_sha1.3 doc/man/man3/EVP_sha224.3 doc/man/man3/EVP_sha3_224.3 doc/man/man3/EVP_sm3.3 doc/man/man3/EVP_sm4_cbc.3 doc/man/man3/EVP_whirlpool.3 doc/man/man3/HMAC.3 doc/man/man3/MD5.3 doc/man/man3/MDC2_Init.3 doc/man/man3/NCONF_new_with_libctx.3 doc/man/man3/OBJ_nid2obj.3 doc/man/man3/OCSP_REQUEST_new.3 doc/man/man3/OCSP_cert_to_id.3 doc/man/man3/OCSP_request_add1_nonce.3 doc/man/man3/OCSP_resp_find_status.3 doc/man/man3/OCSP_response_status.3 doc/man/man3/OCSP_sendreq_new.3 doc/man/man3/OPENSSL_Applink.3 doc/man/man3/OPENSSL_CTX.3 doc/man/man3/OPENSSL_FILE.3 doc/man/man3/OPENSSL_LH_COMPFUNC.3 doc/man/man3/OPENSSL_LH_stats.3 doc/man/man3/OPENSSL_config.3 doc/man/man3/OPENSSL_fork_prepare.3 doc/man/man3/OPENSSL_hexchar2int.3 doc/man/man3/OPENSSL_ia32cap.3 doc/man/man3/OPENSSL_init_crypto.3 doc/man/man3/OPENSSL_init_ssl.3 doc/man/man3/OPENSSL_instrument_bus.3 doc/man/man3/OPENSSL_load_builtin_modules.3 doc/man/man3/OPENSSL_malloc.3 doc/man/man3/OPENSSL_s390xcap.3 doc/man/man3/OPENSSL_secure_malloc.3 doc/man/man3/OSSL_CMP_CTX_new.3 doc/man/man3/OSSL_CMP_HDR_get0_transactionID.3 doc/man/man3/OSSL_CMP_ITAV_set0.3 doc/man/man3/OSSL_CMP_MSG_get0_header.3 doc/man/man3/OSSL_CMP_MSG_http_perform.3 doc/man/man3/OSSL_CMP_SRV_CTX_new.3 doc/man/man3/OSSL_CMP_STATUSINFO_new.3 doc/man/man3/OSSL_CMP_exec_certreq.3 doc/man/man3/OSSL_CMP_log_open.3 doc/man/man3/OSSL_CMP_validate_msg.3 doc/man/man3/OSSL_CRMF_MSG_get0_tmpl.3 doc/man/man3/OSSL_CRMF_MSG_set0_validity.3 doc/man/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.3 doc/man/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.3 doc/man/man3/OSSL_CRMF_pbmp_new.3 doc/man/man3/OSSL_DESERIALIZER.3 doc/man/man3/OSSL_DESERIALIZER_CTX.3 doc/man/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_DESERIALIZER_from_bio.3 doc/man/man3/OSSL_HTTP_transfer.3 doc/man/man3/OSSL_PARAM.3 doc/man/man3/OSSL_PARAM_BLD.3 doc/man/man3/OSSL_PARAM_allocate_from_text.3 doc/man/man3/OSSL_PARAM_int.3 doc/man/man3/OSSL_PROVIDER.3 doc/man/man3/OSSL_SELF_TEST_new.3 doc/man/man3/OSSL_SELF_TEST_set_callback.3 doc/man/man3/OSSL_SERIALIZER.3 doc/man/man3/OSSL_SERIALIZER_CTX.3 doc/man/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_SERIALIZER_to_bio.3 doc/man/man3/OSSL_STORE_INFO.3 doc/man/man3/OSSL_STORE_LOADER.3 doc/man/man3/OSSL_STORE_SEARCH.3 doc/man/man3/OSSL_STORE_attach.3 doc/man/man3/OSSL_STORE_expect.3 doc/man/man3/OSSL_STORE_open.3 doc/man/man3/OSSL_trace_enabled.3 doc/man/man3/OSSL_trace_get_category_num.3 doc/man/man3/OSSL_trace_set_channel.3 doc/man/man3/OpenSSL_add_all_algorithms.3 doc/man/man3/OpenSSL_version.3 doc/man/man3/PEM_X509_INFO_read_bio_with_libctx.3 doc/man/man3/PEM_bytes_read_bio.3 doc/man/man3/PEM_read.3 doc/man/man3/PEM_read_CMS.3 doc/man/man3/PEM_read_bio_PrivateKey.3 doc/man/man3/PEM_read_bio_ex.3 doc/man/man3/PEM_write_bio_CMS_stream.3 doc/man/man3/PEM_write_bio_PKCS7_stream.3 doc/man/man3/PKCS12_SAFEBAG_create_cert.3 doc/man/man3/PKCS12_SAFEBAG_get0_attrs.3 doc/man/man3/PKCS12_SAFEBAG_get1_cert.3 doc/man/man3/PKCS12_add1_attr_by_NID.3 doc/man/man3/PKCS12_add_CSPName_asc.3 doc/man/man3/PKCS12_add_cert.3 doc/man/man3/PKCS12_add_friendlyname_asc.3 doc/man/man3/PKCS12_add_localkeyid.3 doc/man/man3/PKCS12_add_safe.3 doc/man/man3/PKCS12_create.3 doc/man/man3/PKCS12_get_friendlyname.3 doc/man/man3/PKCS12_newpass.3 doc/man/man3/PKCS12_parse.3 doc/man/man3/PKCS5_PBKDF2_HMAC.3 doc/man/man3/PKCS7_decrypt.3 doc/man/man3/PKCS7_encrypt.3 doc/man/man3/PKCS7_sign.3 doc/man/man3/PKCS7_sign_add_signer.3 doc/man/man3/PKCS7_verify.3 doc/man/man3/PKCS8_pkey_add1_attr.3 doc/man/man3/RAND_add.3 doc/man/man3/RAND_bytes.3 doc/man/man3/RAND_cleanup.3 doc/man/man3/RAND_egd.3 doc/man/man3/RAND_get0_primary.3 doc/man/man3/RAND_load_file.3 doc/man/man3/RAND_set_rand_method.3 doc/man/man3/RC4_set_key.3 doc/man/man3/RIPEMD160_Init.3 doc/man/man3/RSA_blinding_on.3 doc/man/man3/RSA_check_key.3 doc/man/man3/RSA_generate_key.3 doc/man/man3/RSA_get0_key.3 doc/man/man3/RSA_meth_new.3 doc/man/man3/RSA_new.3 doc/man/man3/RSA_padding_add_PKCS1_type_1.3 doc/man/man3/RSA_print.3 doc/man/man3/RSA_private_encrypt.3 doc/man/man3/RSA_public_encrypt.3 doc/man/man3/RSA_set_method.3 doc/man/man3/RSA_sign.3 doc/man/man3/RSA_sign_ASN1_OCTET_STRING.3 doc/man/man3/RSA_size.3 doc/man/man3/SCT_new.3 doc/man/man3/SCT_print.3 doc/man/man3/SCT_validate.3 doc/man/man3/SHA256_Init.3 doc/man/man3/SMIME_read_ASN1.3 doc/man/man3/SMIME_read_CMS.3 doc/man/man3/SMIME_read_PKCS7.3 doc/man/man3/SMIME_write_ASN1.3 doc/man/man3/SMIME_write_CMS.3 doc/man/man3/SMIME_write_PKCS7.3 doc/man/man3/SRP_Calc_B.3 doc/man/man3/SRP_VBASE_new.3 doc/man/man3/SRP_create_verifier.3 doc/man/man3/SRP_user_pwd_new.3 doc/man/man3/SSL_CIPHER_get_name.3 doc/man/man3/SSL_COMP_add_compression_method.3 doc/man/man3/SSL_CONF_CTX_new.3 doc/man/man3/SSL_CONF_CTX_set1_prefix.3 doc/man/man3/SSL_CONF_CTX_set_flags.3 doc/man/man3/SSL_CONF_CTX_set_ssl_ctx.3 doc/man/man3/SSL_CONF_cmd.3 doc/man/man3/SSL_CONF_cmd_argv.3 doc/man/man3/SSL_CTX_add1_chain_cert.3 doc/man/man3/SSL_CTX_add_extra_chain_cert.3 doc/man/man3/SSL_CTX_add_session.3 doc/man/man3/SSL_CTX_config.3 doc/man/man3/SSL_CTX_ctrl.3 doc/man/man3/SSL_CTX_dane_enable.3 doc/man/man3/SSL_CTX_flush_sessions.3 doc/man/man3/SSL_CTX_free.3 doc/man/man3/SSL_CTX_get0_param.3 doc/man/man3/SSL_CTX_get_verify_mode.3 doc/man/man3/SSL_CTX_has_client_custom_ext.3 doc/man/man3/SSL_CTX_load_verify_locations.3 doc/man/man3/SSL_CTX_new.3 doc/man/man3/SSL_CTX_sess_number.3 doc/man/man3/SSL_CTX_sess_set_cache_size.3 doc/man/man3/SSL_CTX_sess_set_get_cb.3 doc/man/man3/SSL_CTX_sessions.3 doc/man/man3/SSL_CTX_set0_CA_list.3 doc/man/man3/SSL_CTX_set1_curves.3 doc/man/man3/SSL_CTX_set1_sigalgs.3 doc/man/man3/SSL_CTX_set1_verify_cert_store.3 doc/man/man3/SSL_CTX_set_alpn_select_cb.3 doc/man/man3/SSL_CTX_set_cert_cb.3 doc/man/man3/SSL_CTX_set_cert_store.3 doc/man/man3/SSL_CTX_set_cert_verify_callback.3 doc/man/man3/SSL_CTX_set_cipher_list.3 doc/man/man3/SSL_CTX_set_client_cert_cb.3 doc/man/man3/SSL_CTX_set_client_hello_cb.3 doc/man/man3/SSL_CTX_set_ct_validation_callback.3 doc/man/man3/SSL_CTX_set_ctlog_list_file.3 doc/man/man3/SSL_CTX_set_default_passwd_cb.3 doc/man/man3/SSL_CTX_set_generate_session_id.3 doc/man/man3/SSL_CTX_set_info_callback.3 doc/man/man3/SSL_CTX_set_keylog_callback.3 doc/man/man3/SSL_CTX_set_max_cert_list.3 doc/man/man3/SSL_CTX_set_min_proto_version.3 doc/man/man3/SSL_CTX_set_mode.3 doc/man/man3/SSL_CTX_set_msg_callback.3 doc/man/man3/SSL_CTX_set_num_tickets.3 doc/man/man3/SSL_CTX_set_options.3 doc/man/man3/SSL_CTX_set_psk_client_callback.3 doc/man/man3/SSL_CTX_set_quiet_shutdown.3 doc/man/man3/SSL_CTX_set_read_ahead.3 doc/man/man3/SSL_CTX_set_record_padding_callback.3 doc/man/man3/SSL_CTX_set_security_level.3 doc/man/man3/SSL_CTX_set_session_cache_mode.3 doc/man/man3/SSL_CTX_set_session_id_context.3 doc/man/man3/SSL_CTX_set_session_ticket_cb.3 doc/man/man3/SSL_CTX_set_split_send_fragment.3 doc/man/man3/SSL_CTX_set_srp_password.3 doc/man/man3/SSL_CTX_set_ssl_version.3 doc/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3 doc/man/man3/SSL_CTX_set_timeout.3 doc/man/man3/SSL_CTX_set_tlsext_servername_callback.3 doc/man/man3/SSL_CTX_set_tlsext_status_cb.3 doc/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3 doc/man/man3/SSL_CTX_set_tlsext_use_srtp.3 doc/man/man3/SSL_CTX_set_tmp_dh_callback.3 doc/man/man3/SSL_CTX_set_tmp_ecdh.3 doc/man/man3/SSL_CTX_set_verify.3 doc/man/man3/SSL_CTX_use_certificate.3 doc/man/man3/SSL_CTX_use_psk_identity_hint.3 doc/man/man3/SSL_CTX_use_serverinfo.3 doc/man/man3/SSL_SESSION_free.3 doc/man/man3/SSL_SESSION_get0_cipher.3 doc/man/man3/SSL_SESSION_get0_hostname.3 doc/man/man3/SSL_SESSION_get0_id_context.3 doc/man/man3/SSL_SESSION_get0_peer.3 doc/man/man3/SSL_SESSION_get_compress_id.3 doc/man/man3/SSL_SESSION_get_protocol_version.3 doc/man/man3/SSL_SESSION_get_time.3 doc/man/man3/SSL_SESSION_has_ticket.3 doc/man/man3/SSL_SESSION_is_resumable.3 doc/man/man3/SSL_SESSION_print.3 doc/man/man3/SSL_SESSION_set1_id.3 doc/man/man3/SSL_accept.3 doc/man/man3/SSL_alert_type_string.3 doc/man/man3/SSL_alloc_buffers.3 doc/man/man3/SSL_check_chain.3 doc/man/man3/SSL_clear.3 doc/man/man3/SSL_connect.3 doc/man/man3/SSL_do_handshake.3 doc/man/man3/SSL_export_keying_material.3 doc/man/man3/SSL_extension_supported.3 doc/man/man3/SSL_free.3 doc/man/man3/SSL_get0_peer_scts.3 doc/man/man3/SSL_get_SSL_CTX.3 doc/man/man3/SSL_get_all_async_fds.3 doc/man/man3/SSL_get_ciphers.3 doc/man/man3/SSL_get_client_random.3 doc/man/man3/SSL_get_current_cipher.3 doc/man/man3/SSL_get_default_timeout.3 doc/man/man3/SSL_get_error.3 doc/man/man3/SSL_get_extms_support.3 doc/man/man3/SSL_get_fd.3 doc/man/man3/SSL_get_peer_cert_chain.3 doc/man/man3/SSL_get_peer_certificate.3 doc/man/man3/SSL_get_peer_signature_nid.3 doc/man/man3/SSL_get_peer_tmp_key.3 doc/man/man3/SSL_get_psk_identity.3 doc/man/man3/SSL_get_rbio.3 doc/man/man3/SSL_get_session.3 doc/man/man3/SSL_get_shared_sigalgs.3 doc/man/man3/SSL_get_verify_result.3 doc/man/man3/SSL_get_version.3 doc/man/man3/SSL_in_init.3 doc/man/man3/SSL_key_update.3 doc/man/man3/SSL_library_init.3 doc/man/man3/SSL_load_client_CA_file.3 doc/man/man3/SSL_new.3 doc/man/man3/SSL_pending.3 doc/man/man3/SSL_read.3 doc/man/man3/SSL_read_early_data.3 doc/man/man3/SSL_rstate_string.3 doc/man/man3/SSL_session_reused.3 doc/man/man3/SSL_set1_host.3 doc/man/man3/SSL_set_async_callback.3 doc/man/man3/SSL_set_bio.3 doc/man/man3/SSL_set_connect_state.3 doc/man/man3/SSL_set_fd.3 doc/man/man3/SSL_set_session.3 doc/man/man3/SSL_set_shutdown.3 doc/man/man3/SSL_set_verify_result.3 doc/man/man3/SSL_shutdown.3 doc/man/man3/SSL_state_string.3 doc/man/man3/SSL_want.3 doc/man/man3/SSL_write.3 doc/man/man3/TS_VERIFY_CTX_set_certs.3 doc/man/man3/UI_STRING.3 doc/man/man3/UI_UTIL_read_pw.3 doc/man/man3/UI_create_method.3 doc/man/man3/UI_new.3 doc/man/man3/X509V3_get_d2i.3 doc/man/man3/X509_ALGOR_dup.3 doc/man/man3/X509_CRL_get0_by_serial.3 doc/man/man3/X509_EXTENSION_set_object.3 doc/man/man3/X509_LOOKUP.3 doc/man/man3/X509_LOOKUP_hash_dir.3 doc/man/man3/X509_LOOKUP_meth_new.3 doc/man/man3/X509_NAME_ENTRY_get_object.3 doc/man/man3/X509_NAME_add_entry_by_txt.3 doc/man/man3/X509_NAME_get0_der.3 doc/man/man3/X509_NAME_get_index_by_NID.3 doc/man/man3/X509_NAME_print_ex.3 doc/man/man3/X509_PUBKEY_new.3 doc/man/man3/X509_SIG_get0.3 doc/man/man3/X509_STORE_CTX_get_error.3 doc/man/man3/X509_STORE_CTX_new.3 doc/man/man3/X509_STORE_CTX_set_verify_cb.3 doc/man/man3/X509_STORE_add_cert.3 doc/man/man3/X509_STORE_get0_param.3 doc/man/man3/X509_STORE_new.3 doc/man/man3/X509_STORE_set_verify_cb_func.3 doc/man/man3/X509_VERIFY_PARAM_set_flags.3 doc/man/man3/X509_add_cert.3 doc/man/man3/X509_check_ca.3 doc/man/man3/X509_check_host.3 doc/man/man3/X509_check_issued.3 doc/man/man3/X509_check_private_key.3 doc/man/man3/X509_check_purpose.3 doc/man/man3/X509_cmp.3 doc/man/man3/X509_cmp_time.3 doc/man/man3/X509_digest.3 doc/man/man3/X509_dup.3 doc/man/man3/X509_get0_distinguishing_id.3 doc/man/man3/X509_get0_notBefore.3 doc/man/man3/X509_get0_signature.3 doc/man/man3/X509_get0_uids.3 doc/man/man3/X509_get_extension_flags.3 doc/man/man3/X509_get_pubkey.3 doc/man/man3/X509_get_serialNumber.3 doc/man/man3/X509_get_subject_name.3 doc/man/man3/X509_get_version.3 doc/man/man3/X509_load_http.3 doc/man/man3/X509_new.3 doc/man/man3/X509_sign.3 doc/man/man3/X509_verify.3 doc/man/man3/X509_verify_cert.3 doc/man/man3/X509v3_get_ext_by_NID.3 doc/man/man3/d2i_DHparams.3 doc/man/man3/d2i_PKCS8PrivateKey_bio.3 doc/man/man3/d2i_PrivateKey.3 doc/man/man3/d2i_SSL_SESSION.3 doc/man/man3/d2i_X509.3 doc/man/man3/i2d_CMS_bio_stream.3 doc/man/man3/i2d_PKCS7_bio_stream.3 doc/man/man3/i2d_re_X509_tbs.3 doc/man/man3/o2i_SCT_LIST.3 doc/man/man3/s2i_ASN1_IA5STRING.3 doc/man/man5/config.5 doc/man/man5/fips_config.5 doc/man/man5/x509v3_config.5 doc/man/man7/EVP_KDF-HKDF.7 doc/man/man7/EVP_KDF-KB.7 doc/man/man7/EVP_KDF-KRB5KDF.7 doc/man/man7/EVP_KDF-PBKDF2.7 doc/man/man7/EVP_KDF-SCRYPT.7 doc/man/man7/EVP_KDF-SS.7 doc/man/man7/EVP_KDF-SSHKDF.7 doc/man/man7/EVP_KDF-TLS1_PRF.7 doc/man/man7/EVP_KDF-X942.7 doc/man/man7/EVP_KDF-X963.7 doc/man/man7/EVP_KEYEXCH-DH.7 doc/man/man7/EVP_KEYEXCH-ECDH.7 doc/man/man7/EVP_KEYEXCH-X25519.7 doc/man/man7/EVP_MAC-BLAKE2.7 doc/man/man7/EVP_MAC-CMAC.7 doc/man/man7/EVP_MAC-GMAC.7 doc/man/man7/EVP_MAC-HMAC.7 doc/man/man7/EVP_MAC-KMAC.7 doc/man/man7/EVP_MAC-Poly1305.7 doc/man/man7/EVP_MAC-Siphash.7 doc/man/man7/EVP_MD-BLAKE2.7 doc/man/man7/EVP_MD-MD2.7 doc/man/man7/EVP_MD-MD4.7 doc/man/man7/EVP_MD-MD5-SHA1.7 doc/man/man7/EVP_MD-MD5.7 doc/man/man7/EVP_MD-MDC2.7 doc/man/man7/EVP_MD-RIPEMD160.7 doc/man/man7/EVP_MD-SHA1.7 doc/man/man7/EVP_MD-SHA2.7 doc/man/man7/EVP_MD-SHA3.7 doc/man/man7/EVP_MD-SHAKE.7 doc/man/man7/EVP_MD-SM3.7 doc/man/man7/EVP_MD-WHIRLPOOL.7 doc/man/man7/EVP_MD-common.7 doc/man/man7/EVP_PKEY-DH.7 doc/man/man7/EVP_PKEY-DSA.7 doc/man/man7/EVP_PKEY-EC.7 doc/man/man7/EVP_PKEY-FFC.7 doc/man/man7/EVP_PKEY-RSA.7 doc/man/man7/EVP_PKEY-X25519.7 doc/man/man7/EVP_RAND-CTR-DRBG.7 doc/man/man7/EVP_RAND-HASH-DRBG.7 doc/man/man7/EVP_RAND-HMAC-DRBG.7 doc/man/man7/EVP_RAND-TEST-RAND.7 doc/man/man7/EVP_RAND.7 doc/man/man7/EVP_SIGNATURE-DSA.7 doc/man/man7/EVP_SIGNATURE-ECDSA.7 doc/man/man7/EVP_SIGNATURE-ED25519.7 doc/man/man7/EVP_SIGNATURE-RSA.7 doc/man/man7/OSSL_PROVIDER-FIPS.7 doc/man/man7/OSSL_PROVIDER-base.7 doc/man/man7/OSSL_PROVIDER-default.7 doc/man/man7/OSSL_PROVIDER-legacy.7 doc/man/man7/OSSL_PROVIDER-null.7 doc/man/man7/RAND.7 doc/man/man7/RSA-PSS.7 doc/man/man7/SM2.7 doc/man/man7/X25519.7 doc/man/man7/bio.7 doc/man/man7/crypto.7 doc/man/man7/ct.7 doc/man/man7/des_modes.7 doc/man/man7/evp.7 doc/man/man7/openssl-core.h.7 doc/man/man7/openssl-core_dispatch.h.7 doc/man/man7/openssl-core_names.h.7 doc/man/man7/openssl-env.7 doc/man/man7/openssl_user_macros.7 doc/man/man7/ossl_store-file.7 doc/man/man7/ossl_store.7 doc/man/man7/passphrase-encoding.7 doc/man/man7/property.7 doc/man/man7/provider-asym_cipher.7 doc/man/man7/provider-base.7 doc/man/man7/provider-cipher.7 doc/man/man7/provider-digest.7 doc/man/man7/provider-keyexch.7 doc/man/man7/provider-keymgmt.7 doc/man/man7/provider-mac.7 doc/man/man7/provider-rand.7 doc/man/man7/provider-serializer.7 doc/man/man7/provider-signature.7 doc/man/man7/provider.7 doc/man/man7/proxy-certificates.7 doc/man/man7/ssl.7 doc/man/man7/x509.7
rm -f apps/openssl fuzz/asn1-test fuzz/asn1parse-test fuzz/bignum-test fuzz/bndiv-test fuzz/client-test fuzz/cmp-test fuzz/cms-test fuzz/conf-test fuzz/crl-test fuzz/ct-test fuzz/server-test fuzz/x509-test test/aborttest test/acvp_test test/aesgcmtest test/afalgtest test/asn1_decode_test test/asn1_dsa_internal_test test/asn1_encode_test test/asn1_internal_test test/asn1_string_table_test test/asn1_time_test test/asynciotest test/asynctest test/bad_dtls_test test/bftest test/bio_callback_test test/bio_enc_test test/bio_memleak_test test/bio_prefix_text test/bioprinttest test/bn_internal_test test/bntest test/buildtest_c_aes test/buildtest_c_asn1 test/buildtest_c_asn1t test/buildtest_c_async test/buildtest_c_bio test/buildtest_c_blowfish test/buildtest_c_bn test/buildtest_c_buffer test/buildtest_c_camellia test/buildtest_c_cast test/buildtest_c_cmac test/buildtest_c_cmp test/buildtest_c_cmp_util test/buildtest_c_cms test/buildtest_c_comp test/buildtest_c_conf test/buildtest_c_conf_api test/buildtest_c_core test/buildtest_c_core_dispatch test/buildtest_c_core_names test/buildtest_c_crmf test/buildtest_c_crypto test/buildtest_c_ct test/buildtest_c_des test/buildtest_c_deserializer test/buildtest_c_dh test/buildtest_c_dsa test/buildtest_c_dtls1 test/buildtest_c_e_os2 test/buildtest_c_ebcdic test/buildtest_c_ec test/buildtest_c_ecdh test/buildtest_c_ecdsa test/buildtest_c_engine test/buildtest_c_ess test/buildtest_c_evp test/buildtest_c_fips_names test/buildtest_c_hmac test/buildtest_c_http test/buildtest_c_idea test/buildtest_c_kdf test/buildtest_c_lhash test/buildtest_c_macros test/buildtest_c_md4 test/buildtest_c_md5 test/buildtest_c_mdc2 test/buildtest_c_modes test/buildtest_c_obj_mac test/buildtest_c_objects test/buildtest_c_ocsp test/buildtest_c_ossl_typ test/buildtest_c_param_build test/buildtest_c_params test/buildtest_c_pem test/buildtest_c_pem2 test/buildtest_c_pkcs12 test/buildtest_c_pkcs7 test/buildtest_c_provider test/buildtest_c_rand test/buildtest_c_rc2 test/buildtest_c_rc4 test/buildtest_c_ripemd test/buildtest_c_rsa test/buildtest_c_safestack test/buildtest_c_seed test/buildtest_c_self_test test/buildtest_c_serializer test/buildtest_c_sha test/buildtest_c_srp test/buildtest_c_srtp test/buildtest_c_ssl test/buildtest_c_ssl2 test/buildtest_c_stack test/buildtest_c_store test/buildtest_c_symhacks test/buildtest_c_tls1 test/buildtest_c_ts test/buildtest_c_txt_db test/buildtest_c_types test/buildtest_c_ui test/buildtest_c_whrlpool test/buildtest_c_x509 test/buildtest_c_x509_vfy test/buildtest_c_x509v3 test/casttest test/chacha_internal_test test/cipher_overhead_test test/cipherbytes_test test/cipherlist_test test/ciphername_test test/clienthellotest test/cmactest test/cmp_asn_test test/cmp_client_test test/cmp_ctx_test test/cmp_hdr_test test/cmp_msg_test test/cmp_protect_test test/cmp_server_test test/cmp_status_test test/cmp_vfy_test test/cmsapitest test/conf_include_test test/confdump test/constant_time_test test/context_internal_test test/crltest test/ct_test test/ctype_internal_test test/curve448_internal_test test/d2i_test test/danetest test/destest test/dhtest test/drbgtest test/dsa_no_digest_size_test test/dsatest test/dtls_mtu_test test/dtlstest test/dtlsv1listentest test/ec_internal_test test/ecdsatest test/ecstresstest test/ectest test/enginetest test/errtest test/evp_extra_test test/evp_extra_test2 test/evp_fetch_prov_test test/evp_kdf_test test/evp_libctx_test test/evp_pkey_dparams_test test/evp_pkey_provided_test test/evp_test test/exdatatest test/exptest test/fatalerrtest test/ffc_internal_test test/gmdifftest test/gosttest test/hexstr_test test/hmactest test/http_test test/ideatest test/igetest test/keymgmt_internal_test test/lhash_test test/mdc2_internal_test test/mdc2test test/memleaktest test/modes_internal_test test/namemap_internal_test test/ocspapitest test/packettest test/param_build_test test/params_api_test test/params_conversion_test test/params_test test/pbelutest test/pemtest test/pkcs12_format_test test/pkey_meth_kdf_test test/pkey_meth_test test/poly1305_internal_test test/property_test test/provider_fallback_test test/provider_internal_test test/provider_status_test test/provider_test test/rc2test test/rc4test test/rc5test test/rdrand_sanitytest test/recordlentest test/rsa_complex test/rsa_mp_test test/rsa_sp800_56b_test test/rsa_test test/sanitytest test/secmemtest test/serdes_test test/servername_test test/shlibloadtest test/siphash_internal_test test/sm2_internal_test test/sm4_internal_test test/sparse_array_test test/srptest test/ssl_cert_table_internal_test test/ssl_ctx_test test/ssl_test test/ssl_test_ctx_test test/sslapitest test/sslbuffertest test/sslcorrupttest test/ssltest_old test/stack_test test/sysdefaulttest test/test_test test/threadstest test/time_offset_test test/tls13ccstest test/tls13encryptiontest test/tls13secretstest test/uitest test/v3ext test/v3nametest test/verify_extra_test test/versions test/wpackettest test/x509_check_cert_pkey_test test/x509_dup_cert_test test/x509_internal_test test/x509_time_test test/x509aux  engines/afalg.so engines/capi.so engines/dasync.so engines/ossltest.so engines/padlock.so providers/fips.so providers/legacy.so test/p_test.so apps/CA.pl apps/tsget.pl tools/c_rehash util/shlib_wrap.sh
rm -f doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod include/crypto/bn_conf.h include/crypto/dso_conf.h include/openssl/configuration.h include/openssl/fipskey.h include/openssl/opensslv.h test/provider_internal_test.cnf apps/CA.pl apps/progs.c apps/progs.h apps/tsget.pl crypto/aes/aes-x86_64.s crypto/aes/aesni-mb-x86_64.s crypto/aes/aesni-sha1-x86_64.s crypto/aes/aesni-sha256-x86_64.s crypto/aes/aesni-x86_64.s crypto/aes/bsaes-x86_64.s crypto/aes/vpaes-x86_64.s crypto/bn/rsaz-avx2.s crypto/bn/rsaz-x86_64.s crypto/bn/x86_64-gf2m.s crypto/bn/x86_64-mont.s crypto/bn/x86_64-mont5.s crypto/buildinf.h crypto/camellia/cmll-x86_64.s crypto/chacha/chacha-x86_64.s crypto/ec/ecp_nistz256-x86_64.s crypto/ec/x25519-x86_64.s crypto/md5/md5-x86_64.s crypto/modes/aesni-gcm-x86_64.s crypto/modes/ghash-x86_64.s crypto/poly1305/poly1305-x86_64.s crypto/rc4/rc4-md5-x86_64.s crypto/rc4/rc4-x86_64.s crypto/sha/keccak1600-x86_64.s crypto/sha/sha1-mb-x86_64.s crypto/sha/sha1-x86_64.s crypto/sha/sha256-mb-x86_64.s crypto/sha/sha256-x86_64.s crypto/sha/sha512-x86_64.s crypto/whrlpool/wp-x86_64.s crypto/x86_64cpuid.s doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod engines/afalg.ld engines/capi.ld engines/dasync.ld engines/e_padlock-x86_64.s engines/ossltest.ld engines/padlock.ld libcrypto.ld libssl.ld providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_rsa_gen.c providers/common/der/der_wrap_gen.c providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_wrap.h providers/fips.ld providers/legacy.ld test/buildtest_aes.c test/buildtest_asn1.c test/buildtest_asn1t.c test/buildtest_async.c test/buildtest_bio.c test/buildtest_blowfish.c test/buildtest_bn.c test/buildtest_buffer.c test/buildtest_camellia.c test/buildtest_cast.c test/buildtest_cmac.c test/buildtest_cmp.c test/buildtest_cmp_util.c test/buildtest_cms.c test/buildtest_comp.c test/buildtest_conf.c test/buildtest_conf_api.c test/buildtest_core.c test/buildtest_core_dispatch.c test/buildtest_core_names.c test/buildtest_crmf.c test/buildtest_crypto.c test/buildtest_ct.c test/buildtest_des.c test/buildtest_deserializer.c test/buildtest_dh.c test/buildtest_dsa.c test/buildtest_dtls1.c test/buildtest_e_os2.c test/buildtest_ebcdic.c test/buildtest_ec.c test/buildtest_ecdh.c test/buildtest_ecdsa.c test/buildtest_engine.c test/buildtest_ess.c test/buildtest_evp.c test/buildtest_fips_names.c test/buildtest_hmac.c test/buildtest_http.c test/buildtest_idea.c test/buildtest_kdf.c test/buildtest_lhash.c test/buildtest_macros.c test/buildtest_md4.c test/buildtest_md5.c test/buildtest_mdc2.c test/buildtest_modes.c test/buildtest_obj_mac.c test/buildtest_objects.c test/buildtest_ocsp.c test/buildtest_ossl_typ.c test/buildtest_param_build.c test/buildtest_params.c test/buildtest_pem.c test/buildtest_pem2.c test/buildtest_pkcs12.c test/buildtest_pkcs7.c test/buildtest_provider.c test/buildtest_rand.c test/buildtest_rc2.c test/buildtest_rc4.c test/buildtest_ripemd.c test/buildtest_rsa.c test/buildtest_safestack.c test/buildtest_seed.c test/buildtest_self_test.c test/buildtest_serializer.c test/buildtest_sha.c test/buildtest_srp.c test/buildtest_srtp.c test/buildtest_ssl.c test/buildtest_ssl2.c test/buildtest_stack.c test/buildtest_store.c test/buildtest_symhacks.c test/buildtest_tls1.c test/buildtest_ts.c test/buildtest_txt_db.c test/buildtest_types.c test/buildtest_ui.c test/buildtest_whrlpool.c test/buildtest_x509.c test/buildtest_x509_vfy.c test/buildtest_x509v3.c test/p_test.ld tools/c_rehash util/shlib_wrap.sh
rm -f `find . -name '*.d' \! -name '.*' \! -type d -print`
rm -f `find . -name '*.o' \! -name '.*' \! -type d -print`
rm -f core
rm -f tags TAGS doc-nits cmd-nits md-nits
rm -f -r test/test-runs
rm -f openssl.pc libcrypto.pc libssl.pc
rm -f `find . -type l \! -name '.*' -print`
rm -f ../openssl-3.0.0-alpha7-dev.tar
$ make depend
$ LDCMD= make -j4
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-asn1parse.pod.in > doc/man1/openssl-asn1parse.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ca.pod.in > doc/man1/openssl-ca.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ciphers.pod.in > doc/man1/openssl-ciphers.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmds.pod.in > doc/man1/openssl-cmds.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmp.pod.in > doc/man1/openssl-cmp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cms.pod.in > doc/man1/openssl-cms.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl.pod.in > doc/man1/openssl-crl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-provider.pod.in > doc/man1/openssl-provider.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf
make depend && make _build_sw
make[1]: Entering directory '/home/openssl/run-checker/no-posix-io'
make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io'
make[1]: Entering directory '/home/openssl/run-checker/no-posix-io'
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c
../openssl/apps/lib/http_server.c:27:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations]
int multi = 0; /* run multiple responder processes */
    ^
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c
1 error generated.
Makefile:4167: recipe for target 'apps/lib/libapps-lib-http_server.o' failed
make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io'
Makefile:3137: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From pauli at openssl.org  Fri Aug 14 08:15:51 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Fri, 14 Aug 2020 08:15:51 +0000
Subject: [openssl]  master update
Message-ID: <1597392951.426755.2317.nullmailer@dev.openssl.org>

The branch master has been updated
       via  0e53cd5207615038de8496684d9aa3a18d50c388 (commit)
       via  b7466c1303b2e16815092ae4ef6c97ae1f0f347d (commit)
      from  c19e6da9a345b1e14caca23c50a0c7690309e0e4 (commit)


- Log -----------------------------------------------------------------
commit 0e53cd5207615038de8496684d9aa3a18d50c388
Author: Pauli <paul.dale at oracle.com>
Date:   Tue Aug 11 13:19:40 2020 +1000

    PKCS#12 KDF: don't run tests with the FIPS provider.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12624)

commit b7466c1303b2e16815092ae4ef6c97ae1f0f347d
Author: Pauli <paul.dale at oracle.com>
Date:   Tue Aug 11 10:29:02 2020 +1000

    Move PKCS#12 KDF to provider.
    
    This KDF is defined in RFC7292 in appendix B.  It is widely used in PKCS#12
    and should be provided.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12624)

-----------------------------------------------------------------------

Summary of changes:
 crypto/err/openssl.txt                             |   1 +
 crypto/pkcs12/p12_key.c                            | 124 +++------
 .../{EVP_KDF-PBKDF2.pod => EVP_KDF-PKCS12KDF.pod}  |  42 +--
 doc/man7/OSSL_PROVIDER-default.pod                 |   2 +
 include/openssl/core_names.h                       |   1 +
 providers/common/include/prov/providercommonerr.h  |   1 +
 providers/common/provider_err.c                    |   2 +
 providers/defltprov.c                              |   1 +
 .../implementations/include/prov/implementations.h |   1 +
 providers/implementations/kdfs/build.info          |   3 +
 providers/implementations/kdfs/pkcs12kdf.c         | 285 +++++++++++++++++++++
 test/recipes/30-test_evp.t                         |   2 +-
 12 files changed, 351 insertions(+), 114 deletions(-)
 copy doc/man7/{EVP_KDF-PBKDF2.pod => EVP_KDF-PKCS12KDF.pod} (59%)
 create mode 100644 providers/implementations/kdfs/pkcs12kdf.c

diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 2fa2af529a..c07eee6e7e 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2874,6 +2874,7 @@ PROV_R_INVALID_CUSTOM_LENGTH:111:invalid custom length
 PROV_R_INVALID_DATA:115:invalid data
 PROV_R_INVALID_DIGEST:122:invalid digest
 PROV_R_INVALID_DIGEST_LENGTH:166:invalid digest length
+PROV_R_INVALID_DIGEST_SIZE:218:invalid digest size
 PROV_R_INVALID_ITERATION_COUNT:123:invalid iteration count
 PROV_R_INVALID_IVLEN:116:invalid ivlen
 PROV_R_INVALID_IV_LENGTH:109:invalid iv length
diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c
index 4849cbd5bc..a40ae4cbe8 100644
--- a/crypto/pkcs12/p12_key.c
+++ b/crypto/pkcs12/p12_key.c
@@ -12,11 +12,9 @@
 #include <openssl/pkcs12.h>
 #include <openssl/bn.h>
 #include <openssl/trace.h>
-
-/* PKCS12 compatible key/IV generation */
-#ifndef min
-# define min(a,b) ((a) < (b) ? (a) : (b))
-#endif
+#include <openssl/kdf.h>
+#include <openssl/core_names.h>
+#include "internal/provider.h"
 
 int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
                        int saltlen, int id, int iter, int n,
@@ -68,16 +66,37 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
                        int saltlen, int id, int iter, int n,
                        unsigned char *out, const EVP_MD *md_type)
 {
-    unsigned char *B = NULL, *D = NULL, *I = NULL, *p = NULL, *Ai = NULL;
-    int Slen, Plen, Ilen;
-    int i, j, u, v;
-    int ret = 0;
-    EVP_MD_CTX *ctx = NULL;
-    unsigned char *tmpout = out;
-    int tmpn = n;
+    int res = 0;
+    EVP_KDF *kdf;
+    EVP_KDF_CTX *ctx;
+    OSSL_PARAM params[6], *p = params;
+
+    if (n <= 0)
+        return 0;
 
-    ctx = EVP_MD_CTX_new();
+    /*
+     * The parameter query isn't available but the library context can be
+     * extracted from the passed digest.
+     */
+    kdf = EVP_KDF_fetch(ossl_provider_library_context(EVP_MD_provider(md_type)),
+                        "PKCS12KDF", NULL);
+    if (kdf == NULL)
+        return 0;
+    ctx = EVP_KDF_CTX_new(kdf);
+    EVP_KDF_free(kdf);
     if (ctx == NULL)
+        return 0;
+
+    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
+                                            (char *)EVP_MD_name(md_type), 0);
+    *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD,
+                                             pass, passlen);
+    *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
+                                             salt, saltlen);
+    *p++ = OSSL_PARAM_construct_int(OSSL_KDF_PARAM_PKCS12_ID, &id);
+    *p++ = OSSL_PARAM_construct_int(OSSL_KDF_PARAM_ITER, &iter);
+    *p = OSSL_PARAM_construct_end();
+    if (!EVP_KDF_CTX_set_params(ctx, params))
         goto err;
 
     OSSL_TRACE_BEGIN(PKCS12_KEYGEN) {
@@ -89,77 +108,16 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
         BIO_hex_string(trc_out, 0, saltlen, salt, saltlen);
         BIO_printf(trc_out, "\n");
     } OSSL_TRACE_END(PKCS12_KEYGEN);
-    v = EVP_MD_block_size(md_type);
-    u = EVP_MD_size(md_type);
-    if (u < 0 || v <= 0)
-        goto err;
-    D = OPENSSL_malloc(v);
-    Ai = OPENSSL_malloc(u);
-    B = OPENSSL_malloc(v + 1);
-    Slen = v * ((saltlen + v - 1) / v);
-    if (passlen)
-        Plen = v * ((passlen + v - 1) / v);
-    else
-        Plen = 0;
-    Ilen = Slen + Plen;
-    I = OPENSSL_malloc(Ilen);
-    if (D == NULL || Ai == NULL || B == NULL || I == NULL)
-        goto err;
-    for (i = 0; i < v; i++)
-        D[i] = id;
-    p = I;
-    for (i = 0; i < Slen; i++)
-        *p++ = salt[i % saltlen];
-    for (i = 0; i < Plen; i++)
-        *p++ = pass[i % passlen];
-    for (;;) {
-        if (!EVP_DigestInit_ex(ctx, md_type, NULL)
-            || !EVP_DigestUpdate(ctx, D, v)
-            || !EVP_DigestUpdate(ctx, I, Ilen)
-            || !EVP_DigestFinal_ex(ctx, Ai, NULL))
-            goto err;
-        for (j = 1; j < iter; j++) {
-            if (!EVP_DigestInit_ex(ctx, md_type, NULL)
-                || !EVP_DigestUpdate(ctx, Ai, u)
-                || !EVP_DigestFinal_ex(ctx, Ai, NULL))
-                goto err;
-        }
-        memcpy(out, Ai, min(n, u));
-        if (u >= n) {
-            OSSL_TRACE_BEGIN(PKCS12_KEYGEN) {
-                BIO_printf(trc_out, "Output KEY (length %d)\n", tmpn);
-                BIO_hex_string(trc_out, 0, tmpn, tmpout, tmpn);
-                BIO_printf(trc_out, "\n");
-            } OSSL_TRACE_END(PKCS12_KEYGEN);
-            ret = 1;
-            goto end;
-        }
-        n -= u;
-        out += u;
-        for (j = 0; j < v; j++)
-            B[j] = Ai[j % u];
-        for (j = 0; j < Ilen; j += v) {
-            int k;
-            unsigned char *Ij = I + j;
-            uint16_t c = 1;
 
-            /* Work out Ij = Ij + B + 1 */
-            for (k = v - 1; k >= 0; k--) {
-                c += Ij[k] + B[k];
-                Ij[k] = (unsigned char)c;
-                c >>= 8;
-            }
-        }
+    if (EVP_KDF_derive(ctx, out, (size_t)n)) {
+        res = 1;
+        OSSL_TRACE_BEGIN(PKCS12_KEYGEN) {
+            BIO_printf(trc_out, "Output KEY (length %d)\n", n);
+            BIO_hex_string(trc_out, 0, n, out, n);
+            BIO_printf(trc_out, "\n");
+        } OSSL_TRACE_END(PKCS12_KEYGEN);
     }
-
  err:
-    PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI, ERR_R_MALLOC_FAILURE);
-
- end:
-    OPENSSL_free(Ai);
-    OPENSSL_free(B);
-    OPENSSL_free(D);
-    OPENSSL_free(I);
-    EVP_MD_CTX_free(ctx);
-    return ret;
+    EVP_KDF_CTX_free(ctx);
+    return res;
 }
diff --git a/doc/man7/EVP_KDF-PBKDF2.pod b/doc/man7/EVP_KDF-PKCS12KDF.pod
similarity index 59%
copy from doc/man7/EVP_KDF-PBKDF2.pod
copy to doc/man7/EVP_KDF-PKCS12KDF.pod
index b0b7ac1d65..68f987b050 100644
--- a/doc/man7/EVP_KDF-PBKDF2.pod
+++ b/doc/man7/EVP_KDF-PKCS12KDF.pod
@@ -2,20 +2,21 @@
 
 =head1 NAME
 
-EVP_KDF-PBKDF2 - The PBKDF2 EVP_KDF implementation
+EVP_KDF-PKCS12KDF - The PKCS#12 EVP_KDF implementation
 
 =head1 DESCRIPTION
 
-Support for computing the B<PBKDF2> password-based KDF through the B<EVP_KDF>
+Support for computing the B<PKCS#12> password-based KDF through the B<EVP_KDF>
 API.
 
-The EVP_KDF-PBKDF2 algorithm implements the PBKDF2 password-based key
-derivation function, as described in SP800-132; it derives a key from a password
-using a salt and iteration count.
+The EVP_KDF-PKCS12KDF algorithm implements the PKCS#12 password-based key
+derivation function, as described in appendix B of RFC 7292 (PKCS #12:
+Personal Information Exchange Syntax); it derives a key from a password
+using a salt, iteration count and the intended usage.
 
 =head2 Identity
 
-"PBKDF2" is the name for this implementation; it
+"PKCS12KDF" is the name for this implementation; it
 can be used with the EVP_KDF_fetch() function.
 
 =head2 Supported parameters
@@ -30,35 +31,16 @@ The supported parameters are:
 
 =item "iter" (B<OSSL_KDF_PARAM_ITER>) <unsigned integer>
 
-This parameter has a default value of 2048.
-
 =item "properties" (B<OSSL_KDF_PARAM_PROPERTIES>) <UTF8 string>
 
 =item "digest" (B<OSSL_KDF_PARAM_DIGEST>) <UTF8 string>
 
 These parameters work as described in L<EVP_KDF(3)/PARAMETERS>.
 
-=item "pkcs5" (B<OSSL_KDF_PARAM_PKCS5>) <integer>
-
-This parameter can be used to enable or disable SP800-132 compliance checks.
-Setting the mode to 0 enables the compliance checks.
-
-The checks performed are:
-
-=over 4
-
-=item - the iteration count is at least 1000.
-
-=item - the salt length is at least 128 bits.
-
-=item - the derived key length is at least 112 bits.
-
-=back
-
-The default provider uses a default mode of 1 for backwards compatibility,
-and the fips provider uses a default mode of 0.
+=item "id" (B<OSSL_KDF_PARAM_PKCS12_ID>) <integer>
 
-The value string is expected to be a decimal number 0 or 1.
+This parameter is used to specify the intended usage of the output bits, as per
+RFC 7292 section B.3.
 
 =back
 
@@ -77,7 +59,7 @@ byte sequence.
 
 =head1 CONFORMING TO
 
-SP800-132
+RFC7292
 
 =head1 SEE ALSO
 
@@ -94,7 +76,7 @@ This functionality was added to OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man7/OSSL_PROVIDER-default.pod b/doc/man7/OSSL_PROVIDER-default.pod
index 5fe7dbde8c..f82f8d8551 100644
--- a/doc/man7/OSSL_PROVIDER-default.pod
+++ b/doc/man7/OSSL_PROVIDER-default.pod
@@ -124,6 +124,8 @@ The OpenSSL default provider supports these operations and algorithms:
 
 =item PBKDF2, see L<EVP_KDF-PBKDF2(7)>
 
+=item PKCS12KDF, see L<EVP_KDF-PKCS12KDF(7)>
+
 =item SSHKDF, see L<EVP_KDF-SSHKDF(7)>
 
 =item TLS1-PRF, see L<EVP_KDF-TLS1_PRF(7)>
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
index 53e68e778b..97c4d65949 100644
--- a/include/openssl/core_names.h
+++ b/include/openssl/core_names.h
@@ -178,6 +178,7 @@ extern "C" {
 #define OSSL_KDF_PARAM_SIZE         "size"      /* size_t */
 #define OSSL_KDF_PARAM_CIPHER       OSSL_ALG_PARAM_CIPHER     /* utf8 string */
 #define OSSL_KDF_PARAM_CONSTANT     "constant"  /* octet string */
+#define OSSL_KDF_PARAM_PKCS12_ID    "id"        /* int */
 
 /* Known KDF names */
 #define OSSL_KDF_NAME_HKDF          "HKDF"
diff --git a/providers/common/include/prov/providercommonerr.h b/providers/common/include/prov/providercommonerr.h
index bdc39e4121..3f3c39ba52 100644
--- a/providers/common/include/prov/providercommonerr.h
+++ b/providers/common/include/prov/providercommonerr.h
@@ -88,6 +88,7 @@ int ERR_load_PROV_strings(void);
 # define PROV_R_INVALID_DATA                              115
 # define PROV_R_INVALID_DIGEST                            122
 # define PROV_R_INVALID_DIGEST_LENGTH                     166
+# define PROV_R_INVALID_DIGEST_SIZE                       218
 # define PROV_R_INVALID_ITERATION_COUNT                   123
 # define PROV_R_INVALID_IVLEN                             116
 # define PROV_R_INVALID_IV_LENGTH                         109
diff --git a/providers/common/provider_err.c b/providers/common/provider_err.c
index e65ce96471..ad7ae57157 100644
--- a/providers/common/provider_err.c
+++ b/providers/common/provider_err.c
@@ -79,6 +79,8 @@ static const ERR_STRING_DATA PROV_str_reasons[] = {
     {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_DIGEST), "invalid digest"},
     {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_DIGEST_LENGTH),
     "invalid digest length"},
+    {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_DIGEST_SIZE),
+    "invalid digest size"},
     {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_ITERATION_COUNT),
     "invalid iteration count"},
     {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_IVLEN), "invalid ivlen"},
diff --git a/providers/defltprov.c b/providers/defltprov.c
index c34c539726..083373a066 100644
--- a/providers/defltprov.c
+++ b/providers/defltprov.c
@@ -316,6 +316,7 @@ static const OSSL_ALGORITHM deflt_kdfs[] = {
     { "HKDF", "provider=default", kdf_hkdf_functions },
     { "SSKDF", "provider=default", kdf_sskdf_functions },
     { "PBKDF2", "provider=default", kdf_pbkdf2_functions },
+    { "PKCS12KDF", "provider=default", kdf_pkcs12_functions },
     { "SSHKDF", "provider=default", kdf_sshkdf_functions },
     { "X963KDF", "provider=default", kdf_x963_kdf_functions },
     { "TLS1-PRF", "provider=default", kdf_tls1_prf_functions },
diff --git a/providers/implementations/include/prov/implementations.h b/providers/implementations/include/prov/implementations.h
index 76053e22b0..f4c2a5adf5 100644
--- a/providers/implementations/include/prov/implementations.h
+++ b/providers/implementations/include/prov/implementations.h
@@ -244,6 +244,7 @@ extern const OSSL_DISPATCH poly1305_functions[];
 
 /* KDFs / PRFs */
 extern const OSSL_DISPATCH kdf_pbkdf2_functions[];
+extern const OSSL_DISPATCH kdf_pkcs12_functions[];
 #ifndef OPENSSL_NO_SCRYPT
 extern const OSSL_DISPATCH kdf_scrypt_functions[];
 #endif
diff --git a/providers/implementations/kdfs/build.info b/providers/implementations/kdfs/build.info
index 3b3884436a..459005def5 100644
--- a/providers/implementations/kdfs/build.info
+++ b/providers/implementations/kdfs/build.info
@@ -6,6 +6,7 @@ $HKDF_GOAL=../../libimplementations.a
 $KBKDF_GOAL=../../libimplementations.a
 $KRB5KDF_GOAL=../../libimplementations.a
 $PBKDF2_GOAL=../../libimplementations.a
+$PKCS12KDF_GOAL=../../libimplementations.a
 $SSKDF_GOAL=../../libimplementations.a
 $SCRYPT_GOAL=../../libimplementations.a
 $SSHKDF_GOAL=../../libimplementations.a
@@ -25,6 +26,8 @@ SOURCE[$PBKDF2_GOAL]=pbkdf2.c
 SOURCE[../../libfips.a]=pbkdf2_fips.c
 SOURCE[../../libnonfips.a]=pbkdf2_fips.c
 
+SOURCE[$PKCS12KDF_GOAL]=pkcs12kdf.c
+
 SOURCE[$SSKDF_GOAL]=sskdf.c
 
 SOURCE[$SCRYPT_GOAL]=scrypt.c
diff --git a/providers/implementations/kdfs/pkcs12kdf.c b/providers/implementations/kdfs/pkcs12kdf.c
new file mode 100644
index 0000000000..2cebc2d240
--- /dev/null
+++ b/providers/implementations/kdfs/pkcs12kdf.c
@@ -0,0 +1,285 @@
+/*
+ * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/trace.h>
+#include <stdlib.h>
+#include <stdarg.h>
+#include <string.h>
+#include <openssl/evp.h>
+#include <openssl/kdf.h>
+#include <openssl/core_names.h>
+#include "internal/cryptlib.h"
+#include "internal/numbers.h"
+#include "crypto/evp.h"
+#include "prov/provider_ctx.h"
+#include "prov/providercommonerr.h"
+#include "prov/implementations.h"
+#include "prov/provider_util.h"
+
+static OSSL_FUNC_kdf_newctx_fn kdf_pkcs12_new;
+static OSSL_FUNC_kdf_freectx_fn kdf_pkcs12_free;
+static OSSL_FUNC_kdf_reset_fn kdf_pkcs12_reset;
+static OSSL_FUNC_kdf_derive_fn kdf_pkcs12_derive;
+static OSSL_FUNC_kdf_settable_ctx_params_fn kdf_pkcs12_settable_ctx_params;
+static OSSL_FUNC_kdf_set_ctx_params_fn kdf_pkcs12_set_ctx_params;
+static OSSL_FUNC_kdf_gettable_ctx_params_fn kdf_pkcs12_gettable_ctx_params;
+static OSSL_FUNC_kdf_get_ctx_params_fn kdf_pkcs12_get_ctx_params;
+
+typedef struct {
+    void *provctx;
+    PROV_DIGEST digest;
+    unsigned char *pass;
+    size_t pass_len;
+    unsigned char *salt;
+    size_t salt_len;
+    uint64_t iter;
+    int id;
+} KDF_PKCS12;
+
+/* PKCS12 compatible key/IV generation */
+
+static int pkcs12kdf_derive(const unsigned char *pass, size_t passlen,
+                            const unsigned char *salt, size_t saltlen,
+                            int id, uint64_t iter, const EVP_MD *md_type,
+                            unsigned char *out, size_t n)
+{
+    unsigned char *B = NULL, *D = NULL, *I = NULL, *p = NULL, *Ai = NULL;
+    size_t Slen, Plen, Ilen;
+    size_t i, j, k, u, v;
+    uint64_t iter_cnt;
+    int ret = 0, ui, vi;
+    EVP_MD_CTX *ctx = NULL;
+
+    ctx = EVP_MD_CTX_new();
+    if (ctx == NULL) {
+        ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+        goto end;
+    }
+    vi = EVP_MD_block_size(md_type);
+    ui = EVP_MD_size(md_type);
+    if (ui < 0 || vi <= 0) {
+        ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_DIGEST_SIZE);
+        goto end;
+    }
+    u = (size_t)ui;
+    v = (size_t)vi;
+    D = OPENSSL_malloc(v);
+    Ai = OPENSSL_malloc(u);
+    B = OPENSSL_malloc(v + 1);
+    Slen = v * ((saltlen + v - 1) / v);
+    if (passlen != 0)
+        Plen = v * ((passlen + v - 1) / v);
+    else
+        Plen = 0;
+    Ilen = Slen + Plen;
+    I = OPENSSL_malloc(Ilen);
+    if (D == NULL || Ai == NULL || B == NULL || I == NULL) {
+        ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+        goto end;
+    }
+    for (i = 0; i < v; i++)
+        D[i] = id;
+    p = I;
+    for (i = 0; i < Slen; i++)
+        *p++ = salt[i % saltlen];
+    for (i = 0; i < Plen; i++)
+        *p++ = pass[i % passlen];
+    for (;;) {
+        if (!EVP_DigestInit_ex(ctx, md_type, NULL)
+            || !EVP_DigestUpdate(ctx, D, v)
+            || !EVP_DigestUpdate(ctx, I, Ilen)
+            || !EVP_DigestFinal_ex(ctx, Ai, NULL))
+            goto end;
+        for (iter_cnt = 1; iter_cnt < iter; iter_cnt++) {
+            if (!EVP_DigestInit_ex(ctx, md_type, NULL)
+                || !EVP_DigestUpdate(ctx, Ai, u)
+                || !EVP_DigestFinal_ex(ctx, Ai, NULL))
+                goto end;
+        }
+        memcpy(out, Ai, n < u ? n : u);
+        if (u >= n) {
+            ret = 1;
+            break;
+        }
+        n -= u;
+        out += u;
+        for (j = 0; j < v; j++)
+            B[j] = Ai[j % u];
+        for (j = 0; j < Ilen; j += v) {
+            unsigned char *Ij = I + j;
+            uint16_t c = 1;
+
+            /* Work out Ij = Ij + B + 1 */
+            for (k = v; k > 0;) {
+                k--;
+                c += Ij[k] + B[k];
+                Ij[k] = (unsigned char)c;
+                c >>= 8;
+            }
+        }
+    }
+
+ end:
+    OPENSSL_free(Ai);
+    OPENSSL_free(B);
+    OPENSSL_free(D);
+    OPENSSL_free(I);
+    EVP_MD_CTX_free(ctx);
+    return ret;
+}
+
+static void *kdf_pkcs12_new(void *provctx)
+{
+    KDF_PKCS12 *ctx;
+
+    ctx = OPENSSL_zalloc(sizeof(*ctx));
+    if (ctx == NULL) {
+        ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    ctx->provctx = provctx;
+    return ctx;
+}
+
+static void kdf_pkcs12_cleanup(KDF_PKCS12 *ctx)
+{
+    ossl_prov_digest_reset(&ctx->digest);
+    OPENSSL_free(ctx->salt);
+    OPENSSL_clear_free(ctx->pass, ctx->pass_len);
+    memset(ctx, 0, sizeof(*ctx));
+}
+
+static void kdf_pkcs12_free(void *vctx)
+{
+    KDF_PKCS12 *ctx = (KDF_PKCS12 *)vctx;
+
+    if (ctx != NULL) {
+        kdf_pkcs12_cleanup(ctx);
+        OPENSSL_free(ctx);
+    }
+}
+
+static void kdf_pkcs12_reset(void *vctx)
+{
+    KDF_PKCS12 *ctx = (KDF_PKCS12 *)vctx;
+    void *provctx = ctx->provctx;
+
+    kdf_pkcs12_cleanup(ctx);
+    ctx->provctx = provctx;
+}
+
+static int pkcs12kdf_set_membuf(unsigned char **buffer, size_t *buflen,
+                             const OSSL_PARAM *p)
+{
+    OPENSSL_clear_free(*buffer, *buflen);
+    if (p->data_size == 0) {
+        if ((*buffer = OPENSSL_malloc(1)) == NULL) {
+            ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+    } else if (p->data != NULL) {
+        *buffer = NULL;
+        if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen))
+            return 0;
+    }
+    return 1;
+}
+
+static int kdf_pkcs12_derive(void *vctx, unsigned char *key,
+                             size_t keylen)
+{
+    KDF_PKCS12 *ctx = (KDF_PKCS12 *)vctx;
+    const EVP_MD *md = ossl_prov_digest_md(&ctx->digest);
+
+    if (ctx->pass == NULL) {
+        ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_PASS);
+        return 0;
+    }
+
+    if (ctx->salt == NULL) {
+        ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_SALT);
+        return 0;
+    }
+
+    return pkcs12kdf_derive(ctx->pass, ctx->pass_len, ctx->salt, ctx->salt_len,
+                            ctx->id, ctx->iter, md, key, keylen);
+}
+
+static int kdf_pkcs12_set_ctx_params(void *vctx, const OSSL_PARAM params[])
+{
+    const OSSL_PARAM *p;
+    KDF_PKCS12 *ctx = vctx;
+    OPENSSL_CTX *provctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx);
+
+    if (!ossl_prov_digest_load_from_params(&ctx->digest, params, provctx))
+        return 0;
+
+    if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_PASSWORD)) != NULL)
+        if (!pkcs12kdf_set_membuf(&ctx->pass, &ctx->pass_len, p))
+            return 0;
+
+    if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SALT)) != NULL)
+        if (!pkcs12kdf_set_membuf(&ctx->salt, &ctx->salt_len,p))
+            return 0;
+
+    if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_PKCS12_ID)) != NULL)
+        if (!OSSL_PARAM_get_int(p, &ctx->id))
+            return 0;
+
+    if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_ITER)) != NULL)
+        if (!OSSL_PARAM_get_uint64(p, &ctx->iter))
+            return 0;
+    return 1;
+}
+
+static const OSSL_PARAM *kdf_pkcs12_settable_ctx_params(void *provctx)
+{
+    static const OSSL_PARAM known_settable_ctx_params[] = {
+        OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0),
+        OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_DIGEST, NULL, 0),
+        OSSL_PARAM_octet_string(OSSL_KDF_PARAM_PASSWORD, NULL, 0),
+        OSSL_PARAM_octet_string(OSSL_KDF_PARAM_SALT, NULL, 0),
+        OSSL_PARAM_uint64(OSSL_KDF_PARAM_ITER, NULL),
+        OSSL_PARAM_int(OSSL_KDF_PARAM_PKCS12_ID, NULL),
+        OSSL_PARAM_END
+    };
+    return known_settable_ctx_params;
+}
+
+static int kdf_pkcs12_get_ctx_params(void *vctx, OSSL_PARAM params[])
+{
+    OSSL_PARAM *p;
+
+    if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_SIZE)) != NULL)
+        return OSSL_PARAM_set_size_t(p, SIZE_MAX);
+    return -2;
+}
+
+static const OSSL_PARAM *kdf_pkcs12_gettable_ctx_params(void *provctx)
+{
+    static const OSSL_PARAM known_gettable_ctx_params[] = {
+        OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
+        OSSL_PARAM_END
+    };
+    return known_gettable_ctx_params;
+}
+
+const OSSL_DISPATCH kdf_pkcs12_functions[] = {
+    { OSSL_FUNC_KDF_NEWCTX, (void(*)(void))kdf_pkcs12_new },
+    { OSSL_FUNC_KDF_FREECTX, (void(*)(void))kdf_pkcs12_free },
+    { OSSL_FUNC_KDF_RESET, (void(*)(void))kdf_pkcs12_reset },
+    { OSSL_FUNC_KDF_DERIVE, (void(*)(void))kdf_pkcs12_derive },
+    { OSSL_FUNC_KDF_SETTABLE_CTX_PARAMS,
+      (void(*)(void))kdf_pkcs12_settable_ctx_params },
+    { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void(*)(void))kdf_pkcs12_set_ctx_params },
+    { OSSL_FUNC_KDF_GETTABLE_CTX_PARAMS,
+      (void(*)(void))kdf_pkcs12_gettable_ctx_params },
+    { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void(*)(void))kdf_pkcs12_get_ctx_params },
+    { 0, NULL }
+};
diff --git a/test/recipes/30-test_evp.t b/test/recipes/30-test_evp.t
index 29fb224e63..a49f4b50aa 100644
--- a/test/recipes/30-test_evp.t
+++ b/test/recipes/30-test_evp.t
@@ -46,7 +46,6 @@ my @files = qw(
                 evpmac_common.txt
                 evpmd_sha.txt
                 evppbe_pbkdf2.txt
-                evppbe_pkcs12.txt
                 evppkey_dsa.txt 
                 evppkey_ecc.txt
                 evppkey_ecdh.txt
@@ -93,6 +92,7 @@ my @defltfiles = qw(
                      evpmd_sm3.txt
                      evpmd_whirlpool.txt
                      evppbe_scrypt.txt
+                     evppbe_pkcs12.txt
                      evppkey_brainpool.txt
                      evppkey_kdf_scrypt.txt
                      evppkey_kdf_tls1_prf.txt

From pauli at openssl.org  Fri Aug 14 08:18:33 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Fri, 14 Aug 2020 08:18:33 +0000
Subject: [openssl]  master update
Message-ID: <1597393113.808133.7906.nullmailer@dev.openssl.org>

The branch master has been updated
       via  ebe3f24b3d53e503bd37a2a08a8b1f896014c30d (commit)
      from  0e53cd5207615038de8496684d9aa3a18d50c388 (commit)


- Log -----------------------------------------------------------------
commit ebe3f24b3d53e503bd37a2a08a8b1f896014c30d
Author: Pauli <paul.dale at oracle.com>
Date:   Thu Aug 13 10:02:01 2020 +1000

    provider: disable fall-backs if OSSL_PROVIDER_load() fails.
    
    If an attempt is made to load a provider and it fails, the fall-back mechanism
    should be disabled to prevent the user getting some weird happening.  E.g. a
    failure to load the FIPS provider should not allow the default to load as a
    fall-back.
    
    The OSSL_PROVIDER_try_load() call has been added, to allow a provider to be
    loaded without disabling the fall-back mechanism if it fails.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12625)

-----------------------------------------------------------------------

Summary of changes:
 crypto/provider.c           | 10 +++++++++-
 crypto/provider_core.c      | 11 +++++++++++
 doc/man3/OSSL_PROVIDER.pod  | 13 ++++++++++---
 include/internal/provider.h |  3 +++
 include/openssl/provider.h  |  1 +
 util/libcrypto.num          |  1 +
 6 files changed, 35 insertions(+), 4 deletions(-)

diff --git a/crypto/provider.c b/crypto/provider.c
index 40c837d8c0..e05279b89d 100644
--- a/crypto/provider.c
+++ b/crypto/provider.c
@@ -13,7 +13,7 @@
 #include <openssl/core_names.h>
 #include "internal/provider.h"
 
-OSSL_PROVIDER *OSSL_PROVIDER_load(OPENSSL_CTX *libctx, const char *name)
+OSSL_PROVIDER *OSSL_PROVIDER_try_load(OPENSSL_CTX *libctx, const char *name)
 {
     OSSL_PROVIDER *prov = NULL;
 
@@ -30,6 +30,14 @@ OSSL_PROVIDER *OSSL_PROVIDER_load(OPENSSL_CTX *libctx, const char *name)
     return prov;
 }
 
+OSSL_PROVIDER *OSSL_PROVIDER_load(OPENSSL_CTX *libctx, const char *name)
+{
+    /* Any attempt to load a provider disables auto-loading of defaults */
+    if (ossl_provider_disable_fallback_loading(libctx))
+        return OSSL_PROVIDER_try_load(libctx, name);
+    return NULL;
+}
+
 int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov)
 {
     ossl_provider_free(prov);
diff --git a/crypto/provider_core.c b/crypto/provider_core.c
index 4b5b013608..a714a71681 100644
--- a/crypto/provider_core.c
+++ b/crypto/provider_core.c
@@ -195,6 +195,17 @@ static struct provider_store_st *get_provider_store(OPENSSL_CTX *libctx)
     return store;
 }
 
+int ossl_provider_disable_fallback_loading(OPENSSL_CTX *libctx)
+{
+    struct provider_store_st *store;
+
+    if ((store = get_provider_store(libctx)) != NULL) {
+        store->use_fallbacks = 0;
+        return 1;
+    }
+    return 0;
+}
+
 OSSL_PROVIDER *ossl_provider_find(OPENSSL_CTX *libctx, const char *name,
                                   int noconfig)
 {
diff --git a/doc/man3/OSSL_PROVIDER.pod b/doc/man3/OSSL_PROVIDER.pod
index 6a1fdd204e..7fe8feb9dd 100644
--- a/doc/man3/OSSL_PROVIDER.pod
+++ b/doc/man3/OSSL_PROVIDER.pod
@@ -3,7 +3,7 @@
 =head1 NAME
 
 OSSL_PROVIDER_set_default_search_path,
-OSSL_PROVIDER, OSSL_PROVIDER_load, OSSL_PROVIDER_unload,
+OSSL_PROVIDER, OSSL_PROVIDER_load, OSSL_PROVIDER_try_load, OSSL_PROVIDER_unload,
 OSSL_PROVIDER_available, OSSL_PROVIDER_do_all,
 OSSL_PROVIDER_gettable_params, OSSL_PROVIDER_get_params,
 OSSL_PROVIDER_query_operation, OSSL_PROVIDER_get0_provider_ctx,
@@ -21,6 +21,7 @@ OSSL_PROVIDER_get_capabilities, OSSL_PROVIDER_self_test
                                             const char *path);
 
  OSSL_PROVIDER *OSSL_PROVIDER_load(OPENSSL_CTX *libctx, const char *name);
+ OSSL_PROVIDER *OSSL_PROVIDER_try_load(OPENSSL_CTX *libctx, const char *name);
  int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov);
  int OSSL_PROVIDER_available(OPENSSL_CTX *libctx, const char *name);
  int OSSL_PROVIDER_do_all(OPENSSL_CTX *ctx,
@@ -76,6 +77,12 @@ OSSL_PROVIDER_add_builtin() and run its given initialization function,
 or load a provider module with the given name and run its provider
 entry point, C<OSSL_provider_init>.
 
+OSSL_PROVIDER_try_load() functions like OSSL_PROVIDER_load(), except that
+it does not disable the fall-back providers if the provider cannot be
+loaded and initialized.
+If the provider loads successfully, however, the fall-back providers are
+disabled.
+
 OSSL_PROVIDER_unload() unloads the given provider.
 For a provider added with OSSL_PROVIDER_add_builtin(), this simply
 runs its teardown function.
@@ -130,8 +137,8 @@ L<provider-base(7)/CAPABILTIIES>.
 OSSL_PROVIDER_add(), OSSL_PROVIDER_unload(), OSSL_PROVIDER_get_params() and
 OSSL_PROVIDER_get_capabilities() return 1 on success, or 0 on error.
 
-OSSL_PROVIDER_load() returns a pointer to a provider object on
-success, or B<NULL> on error.
+OSSL_PROVIDER_load() and OSSL_PROVIDER_try_load() return a pointer to a
+provider object on success, or B<NULL> on error.
 
 OSSL_PROVIDER_available() returns 1 if the named provider is available,
 otherwise 0.
diff --git a/include/internal/provider.h b/include/internal/provider.h
index 38bbd3bbef..0930e56744 100644
--- a/include/internal/provider.h
+++ b/include/internal/provider.h
@@ -41,6 +41,9 @@ int ossl_provider_set_module_path(OSSL_PROVIDER *prov, const char *module_path);
 int ossl_provider_add_parameter(OSSL_PROVIDER *prov, const char *name,
                                 const char *value);
 
+/* Disable fallback loading */
+int ossl_provider_disable_fallback_loading(OPENSSL_CTX *libctx);
+
 /*
  * Activate the Provider
  * If the Provider is a module, the module will be loaded
diff --git a/include/openssl/provider.h b/include/openssl/provider.h
index 5470984e13..ad9d8e6569 100644
--- a/include/openssl/provider.h
+++ b/include/openssl/provider.h
@@ -21,6 +21,7 @@ int OSSL_PROVIDER_set_default_search_path(OPENSSL_CTX *, const char *path);
 
 /* Load and unload a provider */
 OSSL_PROVIDER *OSSL_PROVIDER_load(OPENSSL_CTX *, const char *name);
+OSSL_PROVIDER *OSSL_PROVIDER_try_load(OPENSSL_CTX *, const char *name);
 int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov);
 int OSSL_PROVIDER_available(OPENSSL_CTX *, const char *name);
 int OSSL_PROVIDER_do_all(OPENSSL_CTX *ctx,
diff --git a/util/libcrypto.num b/util/libcrypto.num
index a2b5a5c6ff..838d1e686d 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4487,6 +4487,7 @@ OSSL_trace_enabled                      ?	3_0_0	EXIST::FUNCTION:
 OSSL_trace_begin                        ?	3_0_0	EXIST::FUNCTION:
 OSSL_trace_end                          ?	3_0_0	EXIST::FUNCTION:
 OSSL_PROVIDER_load                      ?	3_0_0	EXIST::FUNCTION:
+OSSL_PROVIDER_try_load                  ?	3_0_0	EXIST::FUNCTION:
 OSSL_PROVIDER_unload                    ?	3_0_0	EXIST::FUNCTION:
 OSSL_PROVIDER_add_builtin               ?	3_0_0	EXIST::FUNCTION:
 OSSL_PROVIDER_gettable_params           ?	3_0_0	EXIST::FUNCTION:

From builds at travis-ci.com  Fri Aug 14 09:39:29 2020
From: builds at travis-ci.com (Travis CI)
Date: Fri, 14 Aug 2020 09:39:29 +0000
Subject: Still Failing: openssl/openssl#36675 (master - 0e53cd5)
In-Reply-To: <openssl/openssl+179705102+still failing@travis-ci.com>
Message-ID: <5f365bd155ae7_13fe6d91d3b0c1544a@travis-pro-tasks-664fd9c5c9-tmrzh.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36675
Status: Still Failing

Duration: 1 hr, 22 mins, and 14 secs
Commit: 0e53cd5 (master)
Author: Pauli
Message: PKCS#12 KDF: don't run tests with the FIPS provider.

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12624)

View the changeset: https://github.com/openssl/openssl/compare/c19e6da9a345...0e53cd520761

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179705102?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200814/d581ab77/attachment.html>

From openssl at openssl.org  Fri Aug 14 10:45:10 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 14 Aug 2020 10:45:10 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-sock
Message-ID: <1597401910.645908.14344.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-sock

Commit log since last time:

eeccc23723 Introduce X509_add_cert[s] simplifying various additions to cert lists
e3efe7a532 Add public API for gettables and settables for keymanagement, signatures and key exchange.
af88e64a98 Fix serializer_EVP_PKEY_to_bio so that that the key is exported if the serializer provider does not match the key provider.
7c9a7cf127 Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072
1017ab21e4 provider: add the unused paramater tag to the gettable and settable functions
520150151b Expose S390x HW ciphers' IV state to provider layer
bdc0df8ab5 Avoid deprecated API in evp_test.c
f43c947dd9 Avoid deprecated function in evp_lib.c
2f5c405a16 Use local IV storage in EVP BLOCK_* macros
d91f902d73 Use local IV storage in e_rc2.c
acb30f4b59 Use local IV storage in e_xcbc_d.c
1453d736b5 Use local IV storage in e_sm4.c
c4d21d2f71 Use local IV storage in e_des3.c
36025d3b87 Use local IV storage in e_des.c
2c533a71c6 Use local IV storage in e_camellia.c
ddce5c29f5 Use local IV storage in e_aria.c
d3308027e9 Use local IV storage in e_aes_ebc_hmac_sha256.c
18a49e168f Use local IV storage in e_aes_ebc_hmac_sha1.c
9197c226ea Use local IV storage in e_aes.c
37322687b0 Retire EVP_CTRL_GET_IV
c76ffc78a5 Document EVP_CIPHER_CTX IV accessors
ef58f9af93 Make GCM providers more generous about fetching IVs
440b852a0f Add tests for new EVP_CIPHER_CTX IV accessors
79f4417ed9 Deprecate and replace EVP_CIPHER_CTX_iv()/etc.
8489026850 Support cipher provider "iv state"
31d2daecb3 Add DHX serialization
116d2510f7 Add dh_kdf support to provider
627c220311 Add DHX support to keymanager
36b778fbb7 README.md: remove incorrect link to openssl.github.io
0799b79a45 README.md: replace incorrect access token for the AppVeyor badge
33b4f73145 conf: add an error if the openssl_conf section isn't found.
711ae5d359 Remove a TODO from evp_test
cd0a4998a0 Extend the EVP_PKEY KDF to KDF provider bridge to the FIPS provider
9d1ae03caa Minimise the size of the macros in kdf_exch.c
74fc579a12 Update KDF documentation
1704752be6 Delete old KDF bridge EVP_PKEY_METHODS
194de849cc Extend the EVP_PKEY KDF to KDF provider bridge to also support Scrypt
05d2f72e79 Extend the EVP_PKEY KDF to KDF provider bridge to also support HKDF
ac2d58c72b Implement a EVP_PKEY KDF to KDF provider bridge
23f04372f4 Initial Apple Silicon support.
c23add3676 Fix memory leak in drbgtest

Build log ended with (last 100 lines):

rm -f doc/man/man1/CA.pl.1 doc/man/man1/openssl-asn1parse.1 doc/man/man1/openssl-ca.1 doc/man/man1/openssl-ciphers.1 doc/man/man1/openssl-cmds.1 doc/man/man1/openssl-cmp.1 doc/man/man1/openssl-cms.1 doc/man/man1/openssl-crl.1 doc/man/man1/openssl-crl2pkcs7.1 doc/man/man1/openssl-dgst.1 doc/man/man1/openssl-dhparam.1 doc/man/man1/openssl-dsa.1 doc/man/man1/openssl-dsaparam.1 doc/man/man1/openssl-ec.1 doc/man/man1/openssl-ecparam.1 doc/man/man1/openssl-enc.1 doc/man/man1/openssl-engine.1 doc/man/man1/openssl-errstr.1 doc/man/man1/openssl-fipsinstall.1 doc/man/man1/openssl-gendsa.1 doc/man/man1/openssl-genpkey.1 doc/man/man1/openssl-genrsa.1 doc/man/man1/openssl-info.1 doc/man/man1/openssl-kdf.1 doc/man/man1/openssl-list.1 doc/man/man1/openssl-mac.1 doc/man/man1/openssl-nseq.1 doc/man/man1/openssl-ocsp.1 doc/man/man1/openssl-passwd.1 doc/man/man1/openssl-pkcs12.1 doc/man/man1/openssl-pkcs7.1 doc/man/man1/openssl-pkcs8.1 doc/man/man1/openssl-pkey.1 doc/man/man1/openssl-pkeyparam.1 doc/man/man1/openssl-pkeyutl.1 doc/man/man1/openssl-prime.1 doc/man/man1/openssl-provider.1 doc/man/man1/openssl-rand.1 doc/man/man1/openssl-rehash.1 doc/man/man1/openssl-req.1 doc/man/man1/openssl-rsa.1 doc/man/man1/openssl-rsautl.1 doc/man/man1/openssl-s_client.1 doc/man/man1/openssl-s_server.1 doc/man/man1/openssl-s_time.1 doc/man/man1/openssl-sess_id.1 doc/man/man1/openssl-smime.1 doc/man/man1/openssl-speed.1 doc/man/man1/openssl-spkac.1 doc/man/man1/openssl-srp.1 doc/man/man1/openssl-storeutl.1 doc/man/man1/openssl-ts.1 doc/man/man1/openssl-verify.1 doc/man/man1/openssl-version.1 doc/man/man1/openssl-x509.1 doc/man/man1/openssl.1 doc/man/man1/tsget.1 doc/man/man3/ADMISSIONS.3 doc/man/man3/ASN1_INTEGER_get_int64.3 doc/man/man3/ASN1_INTEGER_new.3 doc/man/man3/ASN1_ITEM_lookup.3 doc/man/man3/ASN1_OBJECT_new.3 doc/man/man3/ASN1_STRING_TABLE_add.3 doc/man/man3/ASN1_STRING_length.3 doc/man/man3/ASN1_STRING_new.3 doc/man/man3/ASN1_STRING_print_ex.3 doc/man/man3/ASN1_TIME_set.3 doc/man/man3/ASN1_TYPE_get.3 doc/man/man3/ASN1_generate_nconf.3 doc/man/man3/ASYNC_WAIT_CTX_new.3 doc/man/man3/ASYNC_start_job.3 doc/man/man3/BF_encrypt.3 doc/man/man3/BIO_ADDR.3 doc/man/man3/BIO_ADDRINFO.3 doc/man/man3/BIO_connect.3 doc/man/man3/BIO_ctrl.3 doc/man/man3/BIO_f_base64.3 doc/man/man3/BIO_f_buffer.3 doc/man/man3/BIO_f_cipher.3 doc/man/man3/BIO_f_md.3 doc/man/man3/BIO_f_null.3 doc/man/man3/BIO_f_prefix.3 doc/man/man3/BIO_f_ssl.3 doc/man/man3/BIO_find_type.3 doc/man/man3/BIO_get_data.3 doc/man/man3/BIO_get_ex_new_index.3 doc/man/man3/BIO_meth_new.3 doc/man/man3/BIO_new.3 doc/man/man3/BIO_new_CMS.3 doc/man/man3/BIO_parse_hostserv.3 doc/man/man3/BIO_printf.3 doc/man/man3/BIO_push.3 doc/man/man3/BIO_read.3 doc/man/man3/BIO_s_accept.3 doc/man/man3/BIO_s_bio.3 doc/man/man3/BIO_s_connect.3 doc/man/man3/BIO_s_fd.3 doc/man/man3/BIO_s_file.3 doc/man/man3/BIO_s_mem.3 doc/man/man3/BIO_s_null.3 doc/man/man3/BIO_s_socket.3 doc/man/man3/BIO_set_callback.3 doc/man/man3/BIO_should_retry.3 doc/man/man3/BIO_socket_wait.3 doc/man/man3/BN_BLINDING_new.3 doc/man/man3/BN_CTX_new.3 doc/man/man3/BN_CTX_start.3 doc/man/man3/BN_add.3 doc/man/man3/BN_add_word.3 doc/man/man3/BN_bn2bin.3 doc/man/man3/BN_cmp.3 doc/man/man3/BN_copy.3 doc/man/man3/BN_generate_prime.3 doc/man/man3/BN_mod_inverse.3 doc/man/man3/BN_mod_mul_montgomery.3 doc/man/man3/BN_mod_mul_reciprocal.3 doc/man/man3/BN_new.3 doc/man/man3/BN_num_bytes.3 doc/man/man3/BN_rand.3 doc/man/man3/BN_security_bits.3 doc/man/man3/BN_set_bit.3 doc/man/man3/BN_swap.3 doc/man/man3/BN_zero.3 doc/man/man3/BUF_MEM_new.3 doc/man/man3/CMS_EncryptedData_decrypt.3 doc/man/man3/CMS_EncryptedData_encrypt.3 doc/man/man3/CMS_EnvelopedData_create.3 doc/man/man3/CMS_add0_cert.3 doc/man/man3/CMS_add1_recipient_cert.3 doc/man/man3/CMS_add1_signer.3 doc/man/man3/CMS_compress.3 doc/man/man3/CMS_data_create.3 doc/man/man3/CMS_decrypt.3 doc/man/man3/CMS_digest_create.3 doc/man/man3/CMS_encrypt.3 doc/man/man3/CMS_final.3 doc/man/man3/CMS_get0_RecipientInfos.3 doc/man/man3/CMS_get0_SignerInfos.3 doc/man/man3/CMS_get0_type.3 doc/man/man3/CMS_get1_ReceiptRequest.3 doc/man/man3/CMS_sign.3 doc/man/man3/CMS_sign_receipt.3 doc/man/man3/CMS_uncompress.3 doc/man/man3/CMS_verify.3 doc/man/man3/CMS_verify_receipt.3 doc/man/man3/CONF_modules_free.3 doc/man/man3/CONF_modules_load_file.3 doc/man/man3/CRYPTO_THREAD_run_once.3 doc/man/man3/CRYPTO_get_ex_new_index.3 doc/man/man3/CRYPTO_memcmp.3 doc/man/man3/CTLOG_STORE_get0_log_by_id.3 doc/man/man3/CTLOG_STORE_new.3 doc/man/man3/CTLOG_new.3 doc/man/man3/CT_POLICY_EVAL_CTX_new.3 doc/man/man3/DEFINE_STACK_OF.3 doc/man/man3/DES_random_key.3 doc/man/man3/DH_generate_key.3 doc/man/man3/DH_generate_parameters.3 doc/man/man3/DH_get0_pqg.3 doc/man/man3/DH_get_1024_160.3 doc/man/man3/DH_meth_new.3 doc/man/man3/DH_new.3 doc/man/man3/DH_new_by_nid.3 doc/man/man3/DH_set_method.3 doc/man/man3/DH_size.3 doc/man/man3/DSA_SIG_new.3 doc/man/man3/DSA_do_sign.3 doc/man/man3/DSA_dup_DH.3 doc/man/man3/DSA_generate_key.3 doc/man/man3/DSA_generate_parameters.3 doc/man/man3/DSA_get0_pqg.3 doc/man/man3/DSA_meth_new.3 doc/man/man3/DSA_new.3 doc/man/man3/DSA_set_method.3 doc/man/man3/DSA_sign.3 doc/man/man3/DSA_size.3 doc/man/man3/DTLS_get_data_mtu.3 doc/man/man3/DTLS_set_timer_cb.3 doc/man/man3/DTLSv1_listen.3 doc/man/man3/ECDSA_SIG_new.3 doc/man/man3/ECPKParameters_print.3 doc/man/man3/EC_GFp_simple_method.3 doc/man/man3/EC_GROUP_copy.3 doc/man/man3/EC_GROUP_new.3 doc/man/man3/EC_KEY_get_enc_flags.3 doc/man/man3/EC_KEY_new.3 doc/man/man3/EC_POINT_add.3 doc/man/man3/EC_POINT_new.3 doc/man/man3/ENGINE_add.3 doc/man/man3/ERR_GET_LIB.3 doc/man/man3/ERR_clear_error.3 doc/man/man3/ERR_error_string.3 doc/man/man3/ERR_get_error.3 doc/man/man3/ERR_load_crypto_strings.3 doc/man/man3/ERR_load_strings.3 doc/man/man3/ERR_new.3 doc/man/man3/ERR_print_errors.3 doc/man/man3/ERR_put_error.3 doc/man/man3/ERR_remove_state.3 doc/man/man3/ERR_set_mark.3 doc/man/man3/EVP_ASYM_CIPHER_free.3 doc/man/man3/EVP_BytesToKey.3 doc/man/man3/EVP_CIPHER_CTX_get_cipher_data.3 doc/man/man3/EVP_CIPHER_CTX_get_iv.3 doc/man/man3/EVP_CIPHER_meth_new.3 doc/man/man3/EVP_DigestInit.3 doc/man/man3/EVP_DigestSignInit.3 doc/man/man3/EVP_DigestVerifyInit.3 doc/man/man3/EVP_EncodeInit.3 doc/man/man3/EVP_EncryptInit.3 doc/man/man3/EVP_KDF.3 doc/man/man3/EVP_KEYEXCH_free.3 doc/man/man3/EVP_KEYMGMT.3 doc/man/man3/EVP_MAC.3 doc/man/man3/EVP_MD_meth_new.3 doc/man/man3/EVP_OpenInit.3 doc/man/man3/EVP_PKEY_ASN1_METHOD.3 doc/man/man3/EVP_PKEY_CTX_ctrl.3 doc/man/man3/EVP_PKEY_CTX_new.3 doc/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3 doc/man/man3/EVP_PKEY_CTX_set_hkdf_md.3 doc/man/man3/EVP_PKEY_CTX_set_params.3 doc/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3 doc/man/man3/EVP_PKEY_CTX_set_scrypt_N.3 doc/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3 doc/man/man3/EVP_PKEY_asn1_get_count.3 doc/man/man3/EVP_PKEY_check.3 doc/man/man3/EVP_PKEY_copy_parameters.3 doc/man/man3/EVP_PKEY_decrypt.3 doc/man/man3/EVP_PKEY_derive.3 doc/man/man3/EVP_PKEY_encrypt.3 doc/man/man3/EVP_PKEY_fromdata.3 doc/man/man3/EVP_PKEY_gen.3 doc/man/man3/EVP_PKEY_get_default_digest_nid.3 doc/man/man3/EVP_PKEY_gettable_params.3 doc/man/man3/EVP_PKEY_is_a.3 doc/man/man3/EVP_PKEY_meth_get_count.3 doc/man/man3/EVP_PKEY_meth_new.3 doc/man/man3/EVP_PKEY_new.3 doc/man/man3/EVP_PKEY_print_private.3 doc/man/man3/EVP_PKEY_set1_RSA.3 doc/man/man3/EVP_PKEY_set_type.3 doc/man/man3/EVP_PKEY_sign.3 doc/man/man3/EVP_PKEY_size.3 doc/man/man3/EVP_PKEY_supports_digest_nid.3 doc/man/man3/EVP_PKEY_verify.3 doc/man/man3/EVP_PKEY_verify_recover.3 doc/man/man3/EVP_RAND.3 doc/man/man3/EVP_SIGNATURE_free.3 doc/man/man3/EVP_SealInit.3 doc/man/man3/EVP_SignInit.3 doc/man/man3/EVP_VerifyInit.3 doc/man/man3/EVP_aes_128_gcm.3 doc/man/man3/EVP_aria_128_gcm.3 doc/man/man3/EVP_bf_cbc.3 doc/man/man3/EVP_blake2b512.3 doc/man/man3/EVP_camellia_128_ecb.3 doc/man/man3/EVP_cast5_cbc.3 doc/man/man3/EVP_chacha20.3 doc/man/man3/EVP_des_cbc.3 doc/man/man3/EVP_desx_cbc.3 doc/man/man3/EVP_idea_cbc.3 doc/man/man3/EVP_md2.3 doc/man/man3/EVP_md4.3 doc/man/man3/EVP_md5.3 doc/man/man3/EVP_mdc2.3 doc/man/man3/EVP_rc2_cbc.3 doc/man/man3/EVP_rc4.3 doc/man/man3/EVP_rc5_32_12_16_cbc.3 doc/man/man3/EVP_ripemd160.3 doc/man/man3/EVP_seed_cbc.3 doc/man/man3/EVP_set_default_properties.3 doc/man/man3/EVP_sha1.3 doc/man/man3/EVP_sha224.3 doc/man/man3/EVP_sha3_224.3 doc/man/man3/EVP_sm3.3 doc/man/man3/EVP_sm4_cbc.3 doc/man/man3/EVP_whirlpool.3 doc/man/man3/HMAC.3 doc/man/man3/MD5.3 doc/man/man3/MDC2_Init.3 doc/man/man3/NCONF_new_with_libctx.3 doc/man/man3/OBJ_nid2obj.3 doc/man/man3/OCSP_REQUEST_new.3 doc/man/man3/OCSP_cert_to_id.3 doc/man/man3/OCSP_request_add1_nonce.3 doc/man/man3/OCSP_resp_find_status.3 doc/man/man3/OCSP_response_status.3 doc/man/man3/OCSP_sendreq_new.3 doc/man/man3/OPENSSL_Applink.3 doc/man/man3/OPENSSL_CTX.3 doc/man/man3/OPENSSL_FILE.3 doc/man/man3/OPENSSL_LH_COMPFUNC.3 doc/man/man3/OPENSSL_LH_stats.3 doc/man/man3/OPENSSL_config.3 doc/man/man3/OPENSSL_fork_prepare.3 doc/man/man3/OPENSSL_hexchar2int.3 doc/man/man3/OPENSSL_ia32cap.3 doc/man/man3/OPENSSL_init_crypto.3 doc/man/man3/OPENSSL_init_ssl.3 doc/man/man3/OPENSSL_instrument_bus.3 doc/man/man3/OPENSSL_load_builtin_modules.3 doc/man/man3/OPENSSL_malloc.3 doc/man/man3/OPENSSL_s390xcap.3 doc/man/man3/OPENSSL_secure_malloc.3 doc/man/man3/OSSL_CMP_CTX_new.3 doc/man/man3/OSSL_CMP_HDR_get0_transactionID.3 doc/man/man3/OSSL_CMP_ITAV_set0.3 doc/man/man3/OSSL_CMP_MSG_get0_header.3 doc/man/man3/OSSL_CMP_MSG_http_perform.3 doc/man/man3/OSSL_CMP_SRV_CTX_new.3 doc/man/man3/OSSL_CMP_STATUSINFO_new.3 doc/man/man3/OSSL_CMP_exec_certreq.3 doc/man/man3/OSSL_CMP_log_open.3 doc/man/man3/OSSL_CMP_validate_msg.3 doc/man/man3/OSSL_CRMF_MSG_get0_tmpl.3 doc/man/man3/OSSL_CRMF_MSG_set0_validity.3 doc/man/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.3 doc/man/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.3 doc/man/man3/OSSL_CRMF_pbmp_new.3 doc/man/man3/OSSL_DESERIALIZER.3 doc/man/man3/OSSL_DESERIALIZER_CTX.3 doc/man/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_DESERIALIZER_from_bio.3 doc/man/man3/OSSL_HTTP_transfer.3 doc/man/man3/OSSL_PARAM.3 doc/man/man3/OSSL_PARAM_BLD.3 doc/man/man3/OSSL_PARAM_allocate_from_text.3 doc/man/man3/OSSL_PARAM_int.3 doc/man/man3/OSSL_PROVIDER.3 doc/man/man3/OSSL_SELF_TEST_new.3 doc/man/man3/OSSL_SELF_TEST_set_callback.3 doc/man/man3/OSSL_SERIALIZER.3 doc/man/man3/OSSL_SERIALIZER_CTX.3 doc/man/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_SERIALIZER_to_bio.3 doc/man/man3/OSSL_STORE_INFO.3 doc/man/man3/OSSL_STORE_LOADER.3 doc/man/man3/OSSL_STORE_SEARCH.3 doc/man/man3/OSSL_STORE_attach.3 doc/man/man3/OSSL_STORE_expect.3 doc/man/man3/OSSL_STORE_open.3 doc/man/man3/OSSL_trace_enabled.3 doc/man/man3/OSSL_trace_get_category_num.3 doc/man/man3/OSSL_trace_set_channel.3 doc/man/man3/OpenSSL_add_all_algorithms.3 doc/man/man3/OpenSSL_version.3 doc/man/man3/PEM_X509_INFO_read_bio_with_libctx.3 doc/man/man3/PEM_bytes_read_bio.3 doc/man/man3/PEM_read.3 doc/man/man3/PEM_read_CMS.3 doc/man/man3/PEM_read_bio_PrivateKey.3 doc/man/man3/PEM_read_bio_ex.3 doc/man/man3/PEM_write_bio_CMS_stream.3 doc/man/man3/PEM_write_bio_PKCS7_stream.3 doc/man/man3/PKCS12_SAFEBAG_create_cert.3 doc/man/man3/PKCS12_SAFEBAG_get0_attrs.3 doc/man/man3/PKCS12_SAFEBAG_get1_cert.3 doc/man/man3/PKCS12_add1_attr_by_NID.3 doc/man/man3/PKCS12_add_CSPName_asc.3 doc/man/man3/PKCS12_add_cert.3 doc/man/man3/PKCS12_add_friendlyname_asc.3 doc/man/man3/PKCS12_add_localkeyid.3 doc/man/man3/PKCS12_add_safe.3 doc/man/man3/PKCS12_create.3 doc/man/man3/PKCS12_get_friendlyname.3 doc/man/man3/PKCS12_newpass.3 doc/man/man3/PKCS12_parse.3 doc/man/man3/PKCS5_PBKDF2_HMAC.3 doc/man/man3/PKCS7_decrypt.3 doc/man/man3/PKCS7_encrypt.3 doc/man/man3/PKCS7_sign.3 doc/man/man3/PKCS7_sign_add_signer.3 doc/man/man3/PKCS7_verify.3 doc/man/man3/PKCS8_pkey_add1_attr.3 doc/man/man3/RAND_add.3 doc/man/man3/RAND_bytes.3 doc/man/man3/RAND_cleanup.3 doc/man/man3/RAND_egd.3 doc/man/man3/RAND_get0_primary.3 doc/man/man3/RAND_load_file.3 doc/man/man3/RAND_set_rand_method.3 doc/man/man3/RC4_set_key.3 doc/man/man3/RIPEMD160_Init.3 doc/man/man3/RSA_blinding_on.3 doc/man/man3/RSA_check_key.3 doc/man/man3/RSA_generate_key.3 doc/man/man3/RSA_get0_key.3 doc/man/man3/RSA_meth_new.3 doc/man/man3/RSA_new.3 doc/man/man3/RSA_padding_add_PKCS1_type_1.3 doc/man/man3/RSA_print.3 doc/man/man3/RSA_private_encrypt.3 doc/man/man3/RSA_public_encrypt.3 doc/man/man3/RSA_set_method.3 doc/man/man3/RSA_sign.3 doc/man/man3/RSA_sign_ASN1_OCTET_STRING.3 doc/man/man3/RSA_size.3 doc/man/man3/SCT_new.3 doc/man/man3/SCT_print.3 doc/man/man3/SCT_validate.3 doc/man/man3/SHA256_Init.3 doc/man/man3/SMIME_read_ASN1.3 doc/man/man3/SMIME_read_CMS.3 doc/man/man3/SMIME_read_PKCS7.3 doc/man/man3/SMIME_write_ASN1.3 doc/man/man3/SMIME_write_CMS.3 doc/man/man3/SMIME_write_PKCS7.3 doc/man/man3/SRP_Calc_B.3 doc/man/man3/SRP_VBASE_new.3 doc/man/man3/SRP_create_verifier.3 doc/man/man3/SRP_user_pwd_new.3 doc/man/man3/SSL_CIPHER_get_name.3 doc/man/man3/SSL_COMP_add_compression_method.3 doc/man/man3/SSL_CONF_CTX_new.3 doc/man/man3/SSL_CONF_CTX_set1_prefix.3 doc/man/man3/SSL_CONF_CTX_set_flags.3 doc/man/man3/SSL_CONF_CTX_set_ssl_ctx.3 doc/man/man3/SSL_CONF_cmd.3 doc/man/man3/SSL_CONF_cmd_argv.3 doc/man/man3/SSL_CTX_add1_chain_cert.3 doc/man/man3/SSL_CTX_add_extra_chain_cert.3 doc/man/man3/SSL_CTX_add_session.3 doc/man/man3/SSL_CTX_config.3 doc/man/man3/SSL_CTX_ctrl.3 doc/man/man3/SSL_CTX_dane_enable.3 doc/man/man3/SSL_CTX_flush_sessions.3 doc/man/man3/SSL_CTX_free.3 doc/man/man3/SSL_CTX_get0_param.3 doc/man/man3/SSL_CTX_get_verify_mode.3 doc/man/man3/SSL_CTX_has_client_custom_ext.3 doc/man/man3/SSL_CTX_load_verify_locations.3 doc/man/man3/SSL_CTX_new.3 doc/man/man3/SSL_CTX_sess_number.3 doc/man/man3/SSL_CTX_sess_set_cache_size.3 doc/man/man3/SSL_CTX_sess_set_get_cb.3 doc/man/man3/SSL_CTX_sessions.3 doc/man/man3/SSL_CTX_set0_CA_list.3 doc/man/man3/SSL_CTX_set1_curves.3 doc/man/man3/SSL_CTX_set1_sigalgs.3 doc/man/man3/SSL_CTX_set1_verify_cert_store.3 doc/man/man3/SSL_CTX_set_alpn_select_cb.3 doc/man/man3/SSL_CTX_set_cert_cb.3 doc/man/man3/SSL_CTX_set_cert_store.3 doc/man/man3/SSL_CTX_set_cert_verify_callback.3 doc/man/man3/SSL_CTX_set_cipher_list.3 doc/man/man3/SSL_CTX_set_client_cert_cb.3 doc/man/man3/SSL_CTX_set_client_hello_cb.3 doc/man/man3/SSL_CTX_set_ct_validation_callback.3 doc/man/man3/SSL_CTX_set_ctlog_list_file.3 doc/man/man3/SSL_CTX_set_default_passwd_cb.3 doc/man/man3/SSL_CTX_set_generate_session_id.3 doc/man/man3/SSL_CTX_set_info_callback.3 doc/man/man3/SSL_CTX_set_keylog_callback.3 doc/man/man3/SSL_CTX_set_max_cert_list.3 doc/man/man3/SSL_CTX_set_min_proto_version.3 doc/man/man3/SSL_CTX_set_mode.3 doc/man/man3/SSL_CTX_set_msg_callback.3 doc/man/man3/SSL_CTX_set_num_tickets.3 doc/man/man3/SSL_CTX_set_options.3 doc/man/man3/SSL_CTX_set_psk_client_callback.3 doc/man/man3/SSL_CTX_set_quiet_shutdown.3 doc/man/man3/SSL_CTX_set_read_ahead.3 doc/man/man3/SSL_CTX_set_record_padding_callback.3 doc/man/man3/SSL_CTX_set_security_level.3 doc/man/man3/SSL_CTX_set_session_cache_mode.3 doc/man/man3/SSL_CTX_set_session_id_context.3 doc/man/man3/SSL_CTX_set_session_ticket_cb.3 doc/man/man3/SSL_CTX_set_split_send_fragment.3 doc/man/man3/SSL_CTX_set_srp_password.3 doc/man/man3/SSL_CTX_set_ssl_version.3 doc/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3 doc/man/man3/SSL_CTX_set_timeout.3 doc/man/man3/SSL_CTX_set_tlsext_servername_callback.3 doc/man/man3/SSL_CTX_set_tlsext_status_cb.3 doc/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3 doc/man/man3/SSL_CTX_set_tlsext_use_srtp.3 doc/man/man3/SSL_CTX_set_tmp_dh_callback.3 doc/man/man3/SSL_CTX_set_tmp_ecdh.3 doc/man/man3/SSL_CTX_set_verify.3 doc/man/man3/SSL_CTX_use_certificate.3 doc/man/man3/SSL_CTX_use_psk_identity_hint.3 doc/man/man3/SSL_CTX_use_serverinfo.3 doc/man/man3/SSL_SESSION_free.3 doc/man/man3/SSL_SESSION_get0_cipher.3 doc/man/man3/SSL_SESSION_get0_hostname.3 doc/man/man3/SSL_SESSION_get0_id_context.3 doc/man/man3/SSL_SESSION_get0_peer.3 doc/man/man3/SSL_SESSION_get_compress_id.3 doc/man/man3/SSL_SESSION_get_protocol_version.3 doc/man/man3/SSL_SESSION_get_time.3 doc/man/man3/SSL_SESSION_has_ticket.3 doc/man/man3/SSL_SESSION_is_resumable.3 doc/man/man3/SSL_SESSION_print.3 doc/man/man3/SSL_SESSION_set1_id.3 doc/man/man3/SSL_accept.3 doc/man/man3/SSL_alert_type_string.3 doc/man/man3/SSL_alloc_buffers.3 doc/man/man3/SSL_check_chain.3 doc/man/man3/SSL_clear.3 doc/man/man3/SSL_connect.3 doc/man/man3/SSL_do_handshake.3 doc/man/man3/SSL_export_keying_material.3 doc/man/man3/SSL_extension_supported.3 doc/man/man3/SSL_free.3 doc/man/man3/SSL_get0_peer_scts.3 doc/man/man3/SSL_get_SSL_CTX.3 doc/man/man3/SSL_get_all_async_fds.3 doc/man/man3/SSL_get_ciphers.3 doc/man/man3/SSL_get_client_random.3 doc/man/man3/SSL_get_current_cipher.3 doc/man/man3/SSL_get_default_timeout.3 doc/man/man3/SSL_get_error.3 doc/man/man3/SSL_get_extms_support.3 doc/man/man3/SSL_get_fd.3 doc/man/man3/SSL_get_peer_cert_chain.3 doc/man/man3/SSL_get_peer_certificate.3 doc/man/man3/SSL_get_peer_signature_nid.3 doc/man/man3/SSL_get_peer_tmp_key.3 doc/man/man3/SSL_get_psk_identity.3 doc/man/man3/SSL_get_rbio.3 doc/man/man3/SSL_get_session.3 doc/man/man3/SSL_get_shared_sigalgs.3 doc/man/man3/SSL_get_verify_result.3 doc/man/man3/SSL_get_version.3 doc/man/man3/SSL_in_init.3 doc/man/man3/SSL_key_update.3 doc/man/man3/SSL_library_init.3 doc/man/man3/SSL_load_client_CA_file.3 doc/man/man3/SSL_new.3 doc/man/man3/SSL_pending.3 doc/man/man3/SSL_read.3 doc/man/man3/SSL_read_early_data.3 doc/man/man3/SSL_rstate_string.3 doc/man/man3/SSL_session_reused.3 doc/man/man3/SSL_set1_host.3 doc/man/man3/SSL_set_async_callback.3 doc/man/man3/SSL_set_bio.3 doc/man/man3/SSL_set_connect_state.3 doc/man/man3/SSL_set_fd.3 doc/man/man3/SSL_set_session.3 doc/man/man3/SSL_set_shutdown.3 doc/man/man3/SSL_set_verify_result.3 doc/man/man3/SSL_shutdown.3 doc/man/man3/SSL_state_string.3 doc/man/man3/SSL_want.3 doc/man/man3/SSL_write.3 doc/man/man3/TS_VERIFY_CTX_set_certs.3 doc/man/man3/UI_STRING.3 doc/man/man3/UI_UTIL_read_pw.3 doc/man/man3/UI_create_method.3 doc/man/man3/UI_new.3 doc/man/man3/X509V3_get_d2i.3 doc/man/man3/X509_ALGOR_dup.3 doc/man/man3/X509_CRL_get0_by_serial.3 doc/man/man3/X509_EXTENSION_set_object.3 doc/man/man3/X509_LOOKUP.3 doc/man/man3/X509_LOOKUP_hash_dir.3 doc/man/man3/X509_LOOKUP_meth_new.3 doc/man/man3/X509_NAME_ENTRY_get_object.3 doc/man/man3/X509_NAME_add_entry_by_txt.3 doc/man/man3/X509_NAME_get0_der.3 doc/man/man3/X509_NAME_get_index_by_NID.3 doc/man/man3/X509_NAME_print_ex.3 doc/man/man3/X509_PUBKEY_new.3 doc/man/man3/X509_SIG_get0.3 doc/man/man3/X509_STORE_CTX_get_error.3 doc/man/man3/X509_STORE_CTX_new.3 doc/man/man3/X509_STORE_CTX_set_verify_cb.3 doc/man/man3/X509_STORE_add_cert.3 doc/man/man3/X509_STORE_get0_param.3 doc/man/man3/X509_STORE_new.3 doc/man/man3/X509_STORE_set_verify_cb_func.3 doc/man/man3/X509_VERIFY_PARAM_set_flags.3 doc/man/man3/X509_add_cert.3 doc/man/man3/X509_check_ca.3 doc/man/man3/X509_check_host.3 doc/man/man3/X509_check_issued.3 doc/man/man3/X509_check_private_key.3 doc/man/man3/X509_check_purpose.3 doc/man/man3/X509_cmp.3 doc/man/man3/X509_cmp_time.3 doc/man/man3/X509_digest.3 doc/man/man3/X509_dup.3 doc/man/man3/X509_get0_distinguishing_id.3 doc/man/man3/X509_get0_notBefore.3 doc/man/man3/X509_get0_signature.3 doc/man/man3/X509_get0_uids.3 doc/man/man3/X509_get_extension_flags.3 doc/man/man3/X509_get_pubkey.3 doc/man/man3/X509_get_serialNumber.3 doc/man/man3/X509_get_subject_name.3 doc/man/man3/X509_get_version.3 doc/man/man3/X509_load_http.3 doc/man/man3/X509_new.3 doc/man/man3/X509_sign.3 doc/man/man3/X509_verify.3 doc/man/man3/X509_verify_cert.3 doc/man/man3/X509v3_get_ext_by_NID.3 doc/man/man3/d2i_DHparams.3 doc/man/man3/d2i_PKCS8PrivateKey_bio.3 doc/man/man3/d2i_PrivateKey.3 doc/man/man3/d2i_SSL_SESSION.3 doc/man/man3/d2i_X509.3 doc/man/man3/i2d_CMS_bio_stream.3 doc/man/man3/i2d_PKCS7_bio_stream.3 doc/man/man3/i2d_re_X509_tbs.3 doc/man/man3/o2i_SCT_LIST.3 doc/man/man3/s2i_ASN1_IA5STRING.3 doc/man/man5/config.5 doc/man/man5/fips_config.5 doc/man/man5/x509v3_config.5 doc/man/man7/EVP_KDF-HKDF.7 doc/man/man7/EVP_KDF-KB.7 doc/man/man7/EVP_KDF-KRB5KDF.7 doc/man/man7/EVP_KDF-PBKDF2.7 doc/man/man7/EVP_KDF-SCRYPT.7 doc/man/man7/EVP_KDF-SS.7 doc/man/man7/EVP_KDF-SSHKDF.7 doc/man/man7/EVP_KDF-TLS1_PRF.7 doc/man/man7/EVP_KDF-X942.7 doc/man/man7/EVP_KDF-X963.7 doc/man/man7/EVP_KEYEXCH-DH.7 doc/man/man7/EVP_KEYEXCH-ECDH.7 doc/man/man7/EVP_KEYEXCH-X25519.7 doc/man/man7/EVP_MAC-BLAKE2.7 doc/man/man7/EVP_MAC-CMAC.7 doc/man/man7/EVP_MAC-GMAC.7 doc/man/man7/EVP_MAC-HMAC.7 doc/man/man7/EVP_MAC-KMAC.7 doc/man/man7/EVP_MAC-Poly1305.7 doc/man/man7/EVP_MAC-Siphash.7 doc/man/man7/EVP_MD-BLAKE2.7 doc/man/man7/EVP_MD-MD2.7 doc/man/man7/EVP_MD-MD4.7 doc/man/man7/EVP_MD-MD5-SHA1.7 doc/man/man7/EVP_MD-MD5.7 doc/man/man7/EVP_MD-MDC2.7 doc/man/man7/EVP_MD-RIPEMD160.7 doc/man/man7/EVP_MD-SHA1.7 doc/man/man7/EVP_MD-SHA2.7 doc/man/man7/EVP_MD-SHA3.7 doc/man/man7/EVP_MD-SHAKE.7 doc/man/man7/EVP_MD-SM3.7 doc/man/man7/EVP_MD-WHIRLPOOL.7 doc/man/man7/EVP_MD-common.7 doc/man/man7/EVP_PKEY-DH.7 doc/man/man7/EVP_PKEY-DSA.7 doc/man/man7/EVP_PKEY-EC.7 doc/man/man7/EVP_PKEY-FFC.7 doc/man/man7/EVP_PKEY-RSA.7 doc/man/man7/EVP_PKEY-X25519.7 doc/man/man7/EVP_RAND-CTR-DRBG.7 doc/man/man7/EVP_RAND-HASH-DRBG.7 doc/man/man7/EVP_RAND-HMAC-DRBG.7 doc/man/man7/EVP_RAND-TEST-RAND.7 doc/man/man7/EVP_RAND.7 doc/man/man7/EVP_SIGNATURE-DSA.7 doc/man/man7/EVP_SIGNATURE-ECDSA.7 doc/man/man7/EVP_SIGNATURE-ED25519.7 doc/man/man7/EVP_SIGNATURE-RSA.7 doc/man/man7/OSSL_PROVIDER-FIPS.7 doc/man/man7/OSSL_PROVIDER-base.7 doc/man/man7/OSSL_PROVIDER-default.7 doc/man/man7/OSSL_PROVIDER-legacy.7 doc/man/man7/OSSL_PROVIDER-null.7 doc/man/man7/RAND.7 doc/man/man7/RSA-PSS.7 doc/man/man7/SM2.7 doc/man/man7/X25519.7 doc/man/man7/bio.7 doc/man/man7/crypto.7 doc/man/man7/ct.7 doc/man/man7/des_modes.7 doc/man/man7/evp.7 doc/man/man7/openssl-core.h.7 doc/man/man7/openssl-core_dispatch.h.7 doc/man/man7/openssl-core_names.h.7 doc/man/man7/openssl-env.7 doc/man/man7/openssl_user_macros.7 doc/man/man7/ossl_store-file.7 doc/man/man7/ossl_store.7 doc/man/man7/passphrase-encoding.7 doc/man/man7/property.7 doc/man/man7/provider-asym_cipher.7 doc/man/man7/provider-base.7 doc/man/man7/provider-cipher.7 doc/man/man7/provider-digest.7 doc/man/man7/provider-keyexch.7 doc/man/man7/provider-keymgmt.7 doc/man/man7/provider-mac.7 doc/man/man7/provider-rand.7 doc/man/man7/provider-serializer.7 doc/man/man7/provider-signature.7 doc/man/man7/provider.7 doc/man/man7/proxy-certificates.7 doc/man/man7/ssl.7 doc/man/man7/x509.7
rm -f apps/openssl fuzz/asn1-test fuzz/asn1parse-test fuzz/bignum-test fuzz/bndiv-test fuzz/client-test fuzz/cmp-test fuzz/cms-test fuzz/conf-test fuzz/crl-test fuzz/ct-test fuzz/server-test fuzz/x509-test test/aborttest test/acvp_test test/aesgcmtest test/afalgtest test/asn1_decode_test test/asn1_dsa_internal_test test/asn1_encode_test test/asn1_internal_test test/asn1_string_table_test test/asn1_time_test test/asynciotest test/asynctest test/bad_dtls_test test/bftest test/bio_callback_test test/bio_enc_test test/bio_memleak_test test/bio_prefix_text test/bioprinttest test/bn_internal_test test/bntest test/buildtest_c_aes test/buildtest_c_asn1 test/buildtest_c_asn1t test/buildtest_c_async test/buildtest_c_bio test/buildtest_c_blowfish test/buildtest_c_bn test/buildtest_c_buffer test/buildtest_c_camellia test/buildtest_c_cast test/buildtest_c_cmac test/buildtest_c_cmp test/buildtest_c_cmp_util test/buildtest_c_cms test/buildtest_c_comp test/buildtest_c_conf test/buildtest_c_conf_api test/buildtest_c_core test/buildtest_c_core_dispatch test/buildtest_c_core_names test/buildtest_c_crmf test/buildtest_c_crypto test/buildtest_c_ct test/buildtest_c_des test/buildtest_c_deserializer test/buildtest_c_dh test/buildtest_c_dsa test/buildtest_c_e_os2 test/buildtest_c_ebcdic test/buildtest_c_ec test/buildtest_c_ecdh test/buildtest_c_ecdsa test/buildtest_c_engine test/buildtest_c_ess test/buildtest_c_evp test/buildtest_c_fips_names test/buildtest_c_hmac test/buildtest_c_http test/buildtest_c_idea test/buildtest_c_kdf test/buildtest_c_lhash test/buildtest_c_macros test/buildtest_c_md4 test/buildtest_c_md5 test/buildtest_c_mdc2 test/buildtest_c_modes test/buildtest_c_obj_mac test/buildtest_c_objects test/buildtest_c_ocsp test/buildtest_c_ossl_typ test/buildtest_c_param_build test/buildtest_c_params test/buildtest_c_pem test/buildtest_c_pem2 test/buildtest_c_pkcs12 test/buildtest_c_pkcs7 test/buildtest_c_provider test/buildtest_c_rand test/buildtest_c_rc2 test/buildtest_c_rc4 test/buildtest_c_ripemd test/buildtest_c_rsa test/buildtest_c_safestack test/buildtest_c_seed test/buildtest_c_self_test test/buildtest_c_serializer test/buildtest_c_sha test/buildtest_c_srp test/buildtest_c_srtp test/buildtest_c_ssl test/buildtest_c_ssl2 test/buildtest_c_stack test/buildtest_c_store test/buildtest_c_symhacks test/buildtest_c_tls1 test/buildtest_c_ts test/buildtest_c_txt_db test/buildtest_c_types test/buildtest_c_ui test/buildtest_c_whrlpool test/buildtest_c_x509 test/buildtest_c_x509_vfy test/buildtest_c_x509v3 test/casttest test/chacha_internal_test test/cipher_overhead_test test/cipherbytes_test test/cipherlist_test test/ciphername_test test/clienthellotest test/cmactest test/cmp_asn_test test/cmp_client_test test/cmp_ctx_test test/cmp_hdr_test test/cmp_msg_test test/cmp_protect_test test/cmp_server_test test/cmp_status_test test/cmp_vfy_test test/cmsapitest test/conf_include_test test/confdump test/constant_time_test test/context_internal_test test/crltest test/ct_test test/ctype_internal_test test/curve448_internal_test test/d2i_test test/danetest test/destest test/dhtest test/drbgtest test/dsa_no_digest_size_test test/dsatest test/dtls_mtu_test test/dtlstest test/dtlsv1listentest test/ec_internal_test test/ecdsatest test/ecstresstest test/ectest test/enginetest test/errtest test/evp_extra_test test/evp_extra_test2 test/evp_fetch_prov_test test/evp_kdf_test test/evp_libctx_test test/evp_pkey_dparams_test test/evp_pkey_provided_test test/evp_test test/exdatatest test/exptest test/fatalerrtest test/ffc_internal_test test/gmdifftest test/gosttest test/hexstr_test test/hmactest test/http_test test/ideatest test/igetest test/keymgmt_internal_test test/lhash_test test/mdc2_internal_test test/mdc2test test/memleaktest test/modes_internal_test test/namemap_internal_test test/ocspapitest test/packettest test/param_build_test test/params_api_test test/params_conversion_test test/params_test test/pbelutest test/pemtest test/pkcs12_format_test test/pkey_meth_kdf_test test/pkey_meth_test test/poly1305_internal_test test/property_test test/provider_fallback_test test/provider_internal_test test/provider_status_test test/provider_test test/rc2test test/rc4test test/rc5test test/rdrand_sanitytest test/recordlentest test/rsa_complex test/rsa_mp_test test/rsa_sp800_56b_test test/rsa_test test/sanitytest test/secmemtest test/serdes_test test/servername_test test/shlibloadtest test/siphash_internal_test test/sm2_internal_test test/sm4_internal_test test/sparse_array_test test/srptest test/ssl_cert_table_internal_test test/ssl_ctx_test test/ssl_test test/ssl_test_ctx_test test/sslapitest test/sslbuffertest test/sslcorrupttest test/ssltest_old test/stack_test test/sysdefaulttest test/test_test test/threadstest test/time_offset_test test/tls13ccstest test/tls13encryptiontest test/tls13secretstest test/uitest test/v3ext test/v3nametest test/verify_extra_test test/versions test/wpackettest test/x509_check_cert_pkey_test test/x509_dup_cert_test test/x509_internal_test test/x509_time_test test/x509aux  engines/afalg.so engines/capi.so engines/dasync.so engines/ossltest.so engines/padlock.so providers/fips.so providers/legacy.so test/p_test.so apps/CA.pl apps/tsget.pl tools/c_rehash util/shlib_wrap.sh
rm -f doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod include/crypto/bn_conf.h include/crypto/dso_conf.h include/openssl/configuration.h include/openssl/fipskey.h include/openssl/opensslv.h test/provider_internal_test.cnf apps/CA.pl apps/progs.c apps/progs.h apps/tsget.pl crypto/aes/aes-x86_64.s crypto/aes/aesni-mb-x86_64.s crypto/aes/aesni-sha1-x86_64.s crypto/aes/aesni-sha256-x86_64.s crypto/aes/aesni-x86_64.s crypto/aes/bsaes-x86_64.s crypto/aes/vpaes-x86_64.s crypto/bn/rsaz-avx2.s crypto/bn/rsaz-x86_64.s crypto/bn/x86_64-gf2m.s crypto/bn/x86_64-mont.s crypto/bn/x86_64-mont5.s crypto/buildinf.h crypto/camellia/cmll-x86_64.s crypto/chacha/chacha-x86_64.s crypto/ec/ecp_nistz256-x86_64.s crypto/ec/x25519-x86_64.s crypto/md5/md5-x86_64.s crypto/modes/aesni-gcm-x86_64.s crypto/modes/ghash-x86_64.s crypto/poly1305/poly1305-x86_64.s crypto/rc4/rc4-md5-x86_64.s crypto/rc4/rc4-x86_64.s crypto/sha/keccak1600-x86_64.s crypto/sha/sha1-mb-x86_64.s crypto/sha/sha1-x86_64.s crypto/sha/sha256-mb-x86_64.s crypto/sha/sha256-x86_64.s crypto/sha/sha512-x86_64.s crypto/whrlpool/wp-x86_64.s crypto/x86_64cpuid.s doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod engines/afalg.ld engines/capi.ld engines/dasync.ld engines/e_padlock-x86_64.s engines/ossltest.ld engines/padlock.ld libcrypto.ld libssl.ld providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_rsa_gen.c providers/common/der/der_wrap_gen.c providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_wrap.h providers/fips.ld providers/legacy.ld test/buildtest_aes.c test/buildtest_asn1.c test/buildtest_asn1t.c test/buildtest_async.c test/buildtest_bio.c test/buildtest_blowfish.c test/buildtest_bn.c test/buildtest_buffer.c test/buildtest_camellia.c test/buildtest_cast.c test/buildtest_cmac.c test/buildtest_cmp.c test/buildtest_cmp_util.c test/buildtest_cms.c test/buildtest_comp.c test/buildtest_conf.c test/buildtest_conf_api.c test/buildtest_core.c test/buildtest_core_dispatch.c test/buildtest_core_names.c test/buildtest_crmf.c test/buildtest_crypto.c test/buildtest_ct.c test/buildtest_des.c test/buildtest_deserializer.c test/buildtest_dh.c test/buildtest_dsa.c test/buildtest_e_os2.c test/buildtest_ebcdic.c test/buildtest_ec.c test/buildtest_ecdh.c test/buildtest_ecdsa.c test/buildtest_engine.c test/buildtest_ess.c test/buildtest_evp.c test/buildtest_fips_names.c test/buildtest_hmac.c test/buildtest_http.c test/buildtest_idea.c test/buildtest_kdf.c test/buildtest_lhash.c test/buildtest_macros.c test/buildtest_md4.c test/buildtest_md5.c test/buildtest_mdc2.c test/buildtest_modes.c test/buildtest_obj_mac.c test/buildtest_objects.c test/buildtest_ocsp.c test/buildtest_ossl_typ.c test/buildtest_param_build.c test/buildtest_params.c test/buildtest_pem.c test/buildtest_pem2.c test/buildtest_pkcs12.c test/buildtest_pkcs7.c test/buildtest_provider.c test/buildtest_rand.c test/buildtest_rc2.c test/buildtest_rc4.c test/buildtest_ripemd.c test/buildtest_rsa.c test/buildtest_safestack.c test/buildtest_seed.c test/buildtest_self_test.c test/buildtest_serializer.c test/buildtest_sha.c test/buildtest_srp.c test/buildtest_srtp.c test/buildtest_ssl.c test/buildtest_ssl2.c test/buildtest_stack.c test/buildtest_store.c test/buildtest_symhacks.c test/buildtest_tls1.c test/buildtest_ts.c test/buildtest_txt_db.c test/buildtest_types.c test/buildtest_ui.c test/buildtest_whrlpool.c test/buildtest_x509.c test/buildtest_x509_vfy.c test/buildtest_x509v3.c test/p_test.ld tools/c_rehash util/shlib_wrap.sh
rm -f `find . -name '*.d' \! -name '.*' \! -type d -print`
rm -f `find . -name '*.o' \! -name '.*' \! -type d -print`
rm -f core
rm -f tags TAGS doc-nits cmd-nits md-nits
rm -f -r test/test-runs
rm -f openssl.pc libcrypto.pc libssl.pc
rm -f `find . -type l \! -name '.*' -print`
rm -f ../openssl-3.0.0-alpha7-dev.tar
$ make depend
$ LDCMD= make -j4
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-asn1parse.pod.in > doc/man1/openssl-asn1parse.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ca.pod.in > doc/man1/openssl-ca.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ciphers.pod.in > doc/man1/openssl-ciphers.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmds.pod.in > doc/man1/openssl-cmds.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmp.pod.in > doc/man1/openssl-cmp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cms.pod.in > doc/man1/openssl-cms.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl.pod.in > doc/man1/openssl-crl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-provider.pod.in > doc/man1/openssl-provider.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf
make depend && make _build_sw
make[1]: Entering directory '/home/openssl/run-checker/no-sock'
make[1]: Leaving directory '/home/openssl/run-checker/no-sock'
make[1]: Entering directory '/home/openssl/run-checker/no-sock'
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c
../openssl/apps/lib/http_server.c:27:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations]
int multi = 0; /* run multiple responder processes */
    ^
1 error generated.
Makefile:4166: recipe for target 'apps/lib/libapps-lib-http_server.o' failed
make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-sock'
Makefile:3136: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From builds at travis-ci.com  Fri Aug 14 13:13:18 2020
From: builds at travis-ci.com (Travis CI)
Date: Fri, 14 Aug 2020 13:13:18 +0000
Subject: Still Failing: openssl/openssl#36676 (master - ebe3f24)
In-Reply-To: <openssl/openssl+179705382+still failing@travis-ci.com>
Message-ID: <5f368ded9c645_13fbc736fba701490a8@travis-pro-tasks-6f9997f559-p6cvq.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36676
Status: Still Failing

Duration: 3 hrs, 56 mins, and 26 secs
Commit: ebe3f24 (master)
Author: Pauli
Message: provider: disable fall-backs if OSSL_PROVIDER_load() fails.

If an attempt is made to load a provider and it fails, the fall-back mechanism
should be disabled to prevent the user getting some weird happening.  E.g. a
failure to load the FIPS provider should not allow the default to load as a
fall-back.

The OSSL_PROVIDER_try_load() call has been added, to allow a provider to be
loaded without disabling the fall-back mechanism if it fails.

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12625)

View the changeset: https://github.com/openssl/openssl/compare/0e53cd520761...ebe3f24b3d53

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179705382?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200814/1427828e/attachment.html>

From openssl at openssl.org  Fri Aug 14 14:36:01 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 14 Aug 2020 14:36:01 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT
 -fno-sanitize=alignment
Message-ID: <1597415761.986184.4063.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment

Commit log since last time:

eeccc23723 Introduce X509_add_cert[s] simplifying various additions to cert lists
e3efe7a532 Add public API for gettables and settables for keymanagement, signatures and key exchange.
af88e64a98 Fix serializer_EVP_PKEY_to_bio so that that the key is exported if the serializer provider does not match the key provider.
7c9a7cf127 Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072
1017ab21e4 provider: add the unused paramater tag to the gettable and settable functions
520150151b Expose S390x HW ciphers' IV state to provider layer
bdc0df8ab5 Avoid deprecated API in evp_test.c
f43c947dd9 Avoid deprecated function in evp_lib.c
2f5c405a16 Use local IV storage in EVP BLOCK_* macros
d91f902d73 Use local IV storage in e_rc2.c
acb30f4b59 Use local IV storage in e_xcbc_d.c
1453d736b5 Use local IV storage in e_sm4.c
c4d21d2f71 Use local IV storage in e_des3.c
36025d3b87 Use local IV storage in e_des.c
2c533a71c6 Use local IV storage in e_camellia.c
ddce5c29f5 Use local IV storage in e_aria.c
d3308027e9 Use local IV storage in e_aes_ebc_hmac_sha256.c
18a49e168f Use local IV storage in e_aes_ebc_hmac_sha1.c
9197c226ea Use local IV storage in e_aes.c
37322687b0 Retire EVP_CTRL_GET_IV
c76ffc78a5 Document EVP_CIPHER_CTX IV accessors
ef58f9af93 Make GCM providers more generous about fetching IVs
440b852a0f Add tests for new EVP_CIPHER_CTX IV accessors
79f4417ed9 Deprecate and replace EVP_CIPHER_CTX_iv()/etc.
8489026850 Support cipher provider "iv state"
31d2daecb3 Add DHX serialization
116d2510f7 Add dh_kdf support to provider
627c220311 Add DHX support to keymanager
36b778fbb7 README.md: remove incorrect link to openssl.github.io
0799b79a45 README.md: replace incorrect access token for the AppVeyor badge
33b4f73145 conf: add an error if the openssl_conf section isn't found.
711ae5d359 Remove a TODO from evp_test
cd0a4998a0 Extend the EVP_PKEY KDF to KDF provider bridge to the FIPS provider
9d1ae03caa Minimise the size of the macros in kdf_exch.c
74fc579a12 Update KDF documentation
1704752be6 Delete old KDF bridge EVP_PKEY_METHODS
194de849cc Extend the EVP_PKEY KDF to KDF provider bridge to also support Scrypt
05d2f72e79 Extend the EVP_PKEY KDF to KDF provider bridge to also support HKDF
ac2d58c72b Implement a EVP_PKEY KDF to KDF provider bridge
23f04372f4 Initial Apple Silicon support.
c23add3676 Fix memory leak in drbgtest

Build log ended with (last 100 lines):

            # Server sent alert unexpected_message but client received no alert.
            # 4007D1FE0B7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:318:
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1
    not ok 6 - running ssl_test 25-cipher.cnf
# ------------------------------------------------------------------------------
    # Looks like you failed 2 tests of 9.
not ok 26 - Test configuration 25-cipher.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok

        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #2, ECDHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 40F72929FA7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #3, DHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 40F72929FA7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 4 - iteration 4
# ------------------------------------------------------------------------------
    not ok 1 - test_ssl_corrupt
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1
not ok 1 - running sslcorrupttest
# ------------------------------------------------------------------------------
#   Failed test 'running sslcorrupttest'
#   at ../openssl/test/recipes/80-test_sslcorrupt.t line 19.
# Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests 
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls_mtu.t               (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  26
  Non-zero exit status: 1
80-test_sslcorrupt.t             (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=208, Tests=3309, 1671 wallclock secs (12.85 usr  1.42 sys + 1583.10 cusr 85.94 csys = 1683.31 CPU)
Result: FAIL
Makefile:3182: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-ubsan'
Makefile:3180: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Fri Aug 14 15:00:50 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 14 Aug 2020 15:00:50 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-ui
Message-ID: <1597417250.930335.21834.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ui

Commit log since last time:

eeccc23723 Introduce X509_add_cert[s] simplifying various additions to cert lists
e3efe7a532 Add public API for gettables and settables for keymanagement, signatures and key exchange.
af88e64a98 Fix serializer_EVP_PKEY_to_bio so that that the key is exported if the serializer provider does not match the key provider.
7c9a7cf127 Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072
1017ab21e4 provider: add the unused paramater tag to the gettable and settable functions
520150151b Expose S390x HW ciphers' IV state to provider layer
bdc0df8ab5 Avoid deprecated API in evp_test.c
f43c947dd9 Avoid deprecated function in evp_lib.c
2f5c405a16 Use local IV storage in EVP BLOCK_* macros
d91f902d73 Use local IV storage in e_rc2.c
acb30f4b59 Use local IV storage in e_xcbc_d.c
1453d736b5 Use local IV storage in e_sm4.c
c4d21d2f71 Use local IV storage in e_des3.c
36025d3b87 Use local IV storage in e_des.c
2c533a71c6 Use local IV storage in e_camellia.c
ddce5c29f5 Use local IV storage in e_aria.c
d3308027e9 Use local IV storage in e_aes_ebc_hmac_sha256.c
18a49e168f Use local IV storage in e_aes_ebc_hmac_sha1.c
9197c226ea Use local IV storage in e_aes.c
37322687b0 Retire EVP_CTRL_GET_IV
c76ffc78a5 Document EVP_CIPHER_CTX IV accessors
ef58f9af93 Make GCM providers more generous about fetching IVs
440b852a0f Add tests for new EVP_CIPHER_CTX IV accessors
79f4417ed9 Deprecate and replace EVP_CIPHER_CTX_iv()/etc.
8489026850 Support cipher provider "iv state"
31d2daecb3 Add DHX serialization
116d2510f7 Add dh_kdf support to provider
627c220311 Add DHX support to keymanager
36b778fbb7 README.md: remove incorrect link to openssl.github.io
0799b79a45 README.md: replace incorrect access token for the AppVeyor badge
33b4f73145 conf: add an error if the openssl_conf section isn't found.
711ae5d359 Remove a TODO from evp_test
cd0a4998a0 Extend the EVP_PKEY KDF to KDF provider bridge to the FIPS provider
9d1ae03caa Minimise the size of the macros in kdf_exch.c
74fc579a12 Update KDF documentation
1704752be6 Delete old KDF bridge EVP_PKEY_METHODS
194de849cc Extend the EVP_PKEY KDF to KDF provider bridge to also support Scrypt
05d2f72e79 Extend the EVP_PKEY KDF to KDF provider bridge to also support HKDF
ac2d58c72b Implement a EVP_PKEY KDF to KDF provider bridge
23f04372f4 Initial Apple Silicon support.
c23add3676 Fix memory leak in drbgtest

Build log ended with (last 100 lines):

    #   Failed test 'p10cr csr empty file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -csr wrong.csr.pem => 139
    not ok 78 - p10cr wrong csr
# ------------------------------------------------------------------------------
    #   Failed test 'p10cr wrong csr'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -revreason 5 => 139
    not ok 79 - ir + ignored revocation
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 139
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 139
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 139
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' => 139
    not ok 86 - kur newkey is directory
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139
    not ok 89 - kur oldcert is directory
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert is directory'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139
    not ok 90 - kur oldcert not existing
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert not existing'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139
    not ok 91 - kur empty oldcert file
# ------------------------------------------------------------------------------
    #   Failed test 'kur empty oldcert file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139
    not ok 92 - kur command without cert and oldcert
# ------------------------------------------------------------------------------
    #   Failed test 'kur command without cert and oldcert'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 65 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-ui/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=208, Tests=3309, 905 wallclock secs (13.02 usr  1.23 sys + 802.25 cusr 64.27 csys = 880.77 CPU)
Result: FAIL
Makefile:3193: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-ui'
Makefile:3191: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Fri Aug 14 17:52:24 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 14 Aug 2020 17:52:24 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls
Message-ID: <1597427544.820820.17374.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls

Commit log since last time:

eeccc23723 Introduce X509_add_cert[s] simplifying various additions to cert lists
e3efe7a532 Add public API for gettables and settables for keymanagement, signatures and key exchange.
af88e64a98 Fix serializer_EVP_PKEY_to_bio so that that the key is exported if the serializer provider does not match the key provider.
7c9a7cf127 Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072
1017ab21e4 provider: add the unused paramater tag to the gettable and settable functions
520150151b Expose S390x HW ciphers' IV state to provider layer
bdc0df8ab5 Avoid deprecated API in evp_test.c
f43c947dd9 Avoid deprecated function in evp_lib.c
2f5c405a16 Use local IV storage in EVP BLOCK_* macros
d91f902d73 Use local IV storage in e_rc2.c
acb30f4b59 Use local IV storage in e_xcbc_d.c
1453d736b5 Use local IV storage in e_sm4.c
c4d21d2f71 Use local IV storage in e_des3.c
36025d3b87 Use local IV storage in e_des.c
2c533a71c6 Use local IV storage in e_camellia.c
ddce5c29f5 Use local IV storage in e_aria.c
d3308027e9 Use local IV storage in e_aes_ebc_hmac_sha256.c
18a49e168f Use local IV storage in e_aes_ebc_hmac_sha1.c
9197c226ea Use local IV storage in e_aes.c
37322687b0 Retire EVP_CTRL_GET_IV
c76ffc78a5 Document EVP_CIPHER_CTX IV accessors
ef58f9af93 Make GCM providers more generous about fetching IVs
440b852a0f Add tests for new EVP_CIPHER_CTX IV accessors
79f4417ed9 Deprecate and replace EVP_CIPHER_CTX_iv()/etc.
8489026850 Support cipher provider "iv state"
31d2daecb3 Add DHX serialization
116d2510f7 Add dh_kdf support to provider
627c220311 Add DHX support to keymanager
36b778fbb7 README.md: remove incorrect link to openssl.github.io
0799b79a45 README.md: replace incorrect access token for the AppVeyor badge
33b4f73145 conf: add an error if the openssl_conf section isn't found.
711ae5d359 Remove a TODO from evp_test
cd0a4998a0 Extend the EVP_PKEY KDF to KDF provider bridge to the FIPS provider
9d1ae03caa Minimise the size of the macros in kdf_exch.c
74fc579a12 Update KDF documentation
1704752be6 Delete old KDF bridge EVP_PKEY_METHODS
194de849cc Extend the EVP_PKEY KDF to KDF provider bridge to also support Scrypt
05d2f72e79 Extend the EVP_PKEY KDF to KDF provider bridge to also support HKDF
ac2d58c72b Implement a EVP_PKEY KDF to KDF provider bridge
23f04372f4 Initial Apple Silicon support.
c23add3676 Fix memory leak in drbgtest

Build log ended with (last 100 lines):


# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build
80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok

            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 7 - iteration 7
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 8 - iteration 8
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 10 - iteration 10
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 11 - iteration 11
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 12 - iteration 12
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips.cnf => 1
    not ok 9 - running ssl_test 04-client_auth.cnf
# ------------------------------------------------------------------------------
    #   Failed test 'running ssl_test 04-client_auth.cnf'
    #   at ../openssl/test/recipes/80-test_ssl_new.t line 173.
    # Looks like you failed 1 test of 9.
not ok 5 - Test configuration 04-client_auth.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  5
  Non-zero exit status: 1
Files=208, Tests=3306, 881 wallclock secs (13.09 usr  1.28 sys + 814.72 cusr 63.80 csys = 892.89 CPU)
Result: FAIL
Makefile:3179: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls'
Makefile:3177: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Fri Aug 14 20:37:30 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 14 Aug 2020 20:37:30 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls1_2
Message-ID: <1597437450.796058.6930.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2

Commit log since last time:

eeccc23723 Introduce X509_add_cert[s] simplifying various additions to cert lists
e3efe7a532 Add public API for gettables and settables for keymanagement, signatures and key exchange.
af88e64a98 Fix serializer_EVP_PKEY_to_bio so that that the key is exported if the serializer provider does not match the key provider.
7c9a7cf127 Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072
1017ab21e4 provider: add the unused paramater tag to the gettable and settable functions
520150151b Expose S390x HW ciphers' IV state to provider layer
bdc0df8ab5 Avoid deprecated API in evp_test.c
f43c947dd9 Avoid deprecated function in evp_lib.c
2f5c405a16 Use local IV storage in EVP BLOCK_* macros
d91f902d73 Use local IV storage in e_rc2.c
acb30f4b59 Use local IV storage in e_xcbc_d.c
1453d736b5 Use local IV storage in e_sm4.c
c4d21d2f71 Use local IV storage in e_des3.c
36025d3b87 Use local IV storage in e_des.c
2c533a71c6 Use local IV storage in e_camellia.c
ddce5c29f5 Use local IV storage in e_aria.c
d3308027e9 Use local IV storage in e_aes_ebc_hmac_sha256.c
18a49e168f Use local IV storage in e_aes_ebc_hmac_sha1.c
9197c226ea Use local IV storage in e_aes.c
37322687b0 Retire EVP_CTRL_GET_IV
c76ffc78a5 Document EVP_CIPHER_CTX IV accessors
ef58f9af93 Make GCM providers more generous about fetching IVs
440b852a0f Add tests for new EVP_CIPHER_CTX IV accessors
79f4417ed9 Deprecate and replace EVP_CIPHER_CTX_iv()/etc.
8489026850 Support cipher provider "iv state"
31d2daecb3 Add DHX serialization
116d2510f7 Add dh_kdf support to provider
627c220311 Add DHX support to keymanager
36b778fbb7 README.md: remove incorrect link to openssl.github.io
0799b79a45 README.md: replace incorrect access token for the AppVeyor badge
33b4f73145 conf: add an error if the openssl_conf section isn't found.
711ae5d359 Remove a TODO from evp_test
cd0a4998a0 Extend the EVP_PKEY KDF to KDF provider bridge to the FIPS provider
9d1ae03caa Minimise the size of the macros in kdf_exch.c
74fc579a12 Update KDF documentation
1704752be6 Delete old KDF bridge EVP_PKEY_METHODS
194de849cc Extend the EVP_PKEY KDF to KDF provider bridge to also support Scrypt
05d2f72e79 Extend the EVP_PKEY KDF to KDF provider bridge to also support HKDF
ac2d58c72b Implement a EVP_PKEY KDF to KDF provider bridge
23f04372f4 Initial Apple Silicon support.
c23add3676 Fix memory leak in drbgtest

Build log ended with (last 100 lines):

    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0B0EB0F7E7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0B0EB0F7E7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0B0EB0F7E7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6749
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/vdLNEGTzgP default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C050AB6E397F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C050AB6E397F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:846
    # false
    not ok 3 - test_large_message_dtls
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C050AB6E397F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C050AB6E397F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C050AB6E397F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C050AB6E397F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6749
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/vdLNEGTzgP fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls.t                   (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 1024 Tests: 31 Failed: 4)
  Failed tests:  5, 8, 17, 19
  Non-zero exit status: 4
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=208, Tests=3308, 889 wallclock secs (13.32 usr  1.23 sys + 824.85 cusr 64.92 csys = 904.32 CPU)
Result: FAIL
Makefile:3177: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2'
Makefile:3175: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Fri Aug 14 20:37:17 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 14 Aug 2020 20:37:17 +0000
Subject: Build failed: openssl master.36140
Message-ID: <20200814203717.1.2717D2D2F212E790@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200814/0e8cb44f/attachment.html>

From no-reply at appveyor.com  Fri Aug 14 21:13:43 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 14 Aug 2020 21:13:43 +0000
Subject: Build completed: openssl master.36141
Message-ID: <20200814211343.1.D5FA9910B826C371@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200814/a8f40b5a/attachment.html>

From openssl at openssl.org  Fri Aug 14 23:02:08 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 14 Aug 2020 23:02:08 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls1_2-method
Message-ID: <1597446128.860438.15085.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method

Commit log since last time:

eeccc23723 Introduce X509_add_cert[s] simplifying various additions to cert lists
e3efe7a532 Add public API for gettables and settables for keymanagement, signatures and key exchange.
af88e64a98 Fix serializer_EVP_PKEY_to_bio so that that the key is exported if the serializer provider does not match the key provider.
7c9a7cf127 Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072
1017ab21e4 provider: add the unused paramater tag to the gettable and settable functions
520150151b Expose S390x HW ciphers' IV state to provider layer
bdc0df8ab5 Avoid deprecated API in evp_test.c
f43c947dd9 Avoid deprecated function in evp_lib.c
2f5c405a16 Use local IV storage in EVP BLOCK_* macros
d91f902d73 Use local IV storage in e_rc2.c
acb30f4b59 Use local IV storage in e_xcbc_d.c
1453d736b5 Use local IV storage in e_sm4.c
c4d21d2f71 Use local IV storage in e_des3.c
36025d3b87 Use local IV storage in e_des.c
2c533a71c6 Use local IV storage in e_camellia.c
ddce5c29f5 Use local IV storage in e_aria.c
d3308027e9 Use local IV storage in e_aes_ebc_hmac_sha256.c
18a49e168f Use local IV storage in e_aes_ebc_hmac_sha1.c
9197c226ea Use local IV storage in e_aes.c
37322687b0 Retire EVP_CTRL_GET_IV
c76ffc78a5 Document EVP_CIPHER_CTX IV accessors
ef58f9af93 Make GCM providers more generous about fetching IVs
440b852a0f Add tests for new EVP_CIPHER_CTX IV accessors
79f4417ed9 Deprecate and replace EVP_CIPHER_CTX_iv()/etc.
8489026850 Support cipher provider "iv state"
31d2daecb3 Add DHX serialization
116d2510f7 Add dh_kdf support to provider
627c220311 Add DHX support to keymanager
36b778fbb7 README.md: remove incorrect link to openssl.github.io
0799b79a45 README.md: replace incorrect access token for the AppVeyor badge
33b4f73145 conf: add an error if the openssl_conf section isn't found.
711ae5d359 Remove a TODO from evp_test
cd0a4998a0 Extend the EVP_PKEY KDF to KDF provider bridge to the FIPS provider
9d1ae03caa Minimise the size of the macros in kdf_exch.c
74fc579a12 Update KDF documentation
1704752be6 Delete old KDF bridge EVP_PKEY_METHODS
194de849cc Extend the EVP_PKEY KDF to KDF provider bridge to also support Scrypt
05d2f72e79 Extend the EVP_PKEY KDF to KDF provider bridge to also support HKDF
ac2d58c72b Implement a EVP_PKEY KDF to KDF provider bridge
23f04372f4 Initial Apple Silicon support.
c23add3676 Fix memory leak in drbgtest

Build log ended with (last 100 lines):

    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C030387EF37F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C030387EF37F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C030387EF37F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6749
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/2wAiTwbcJN default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C060297C417F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C060297C417F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:846
    # false
    not ok 3 - test_large_message_dtls
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C060297C417F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C060297C417F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C060297C417F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C060297C417F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6749
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/2wAiTwbcJN fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls.t                   (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 1024 Tests: 31 Failed: 4)
  Failed tests:  5, 8, 17, 19
  Non-zero exit status: 4
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=208, Tests=3308, 870 wallclock secs (13.07 usr  1.17 sys + 804.54 cusr 65.21 csys = 883.99 CPU)
Result: FAIL
Makefile:3193: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method'
Makefile:3191: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Fri Aug 14 23:49:40 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 14 Aug 2020 23:49:40 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-tls1_3
Message-ID: <1597448980.160365.15773.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_3

Commit log since last time:

eeccc23723 Introduce X509_add_cert[s] simplifying various additions to cert lists
e3efe7a532 Add public API for gettables and settables for keymanagement, signatures and key exchange.
af88e64a98 Fix serializer_EVP_PKEY_to_bio so that that the key is exported if the serializer provider does not match the key provider.
7c9a7cf127 Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072
1017ab21e4 provider: add the unused paramater tag to the gettable and settable functions
520150151b Expose S390x HW ciphers' IV state to provider layer
bdc0df8ab5 Avoid deprecated API in evp_test.c
f43c947dd9 Avoid deprecated function in evp_lib.c
2f5c405a16 Use local IV storage in EVP BLOCK_* macros
d91f902d73 Use local IV storage in e_rc2.c
acb30f4b59 Use local IV storage in e_xcbc_d.c
1453d736b5 Use local IV storage in e_sm4.c
c4d21d2f71 Use local IV storage in e_des3.c
36025d3b87 Use local IV storage in e_des.c
2c533a71c6 Use local IV storage in e_camellia.c
ddce5c29f5 Use local IV storage in e_aria.c
d3308027e9 Use local IV storage in e_aes_ebc_hmac_sha256.c
18a49e168f Use local IV storage in e_aes_ebc_hmac_sha1.c
9197c226ea Use local IV storage in e_aes.c
37322687b0 Retire EVP_CTRL_GET_IV
c76ffc78a5 Document EVP_CIPHER_CTX IV accessors
ef58f9af93 Make GCM providers more generous about fetching IVs
440b852a0f Add tests for new EVP_CIPHER_CTX IV accessors
79f4417ed9 Deprecate and replace EVP_CIPHER_CTX_iv()/etc.
8489026850 Support cipher provider "iv state"
31d2daecb3 Add DHX serialization
116d2510f7 Add dh_kdf support to provider
627c220311 Add DHX support to keymanager
36b778fbb7 README.md: remove incorrect link to openssl.github.io
0799b79a45 README.md: replace incorrect access token for the AppVeyor badge
33b4f73145 conf: add an error if the openssl_conf section isn't found.
711ae5d359 Remove a TODO from evp_test
cd0a4998a0 Extend the EVP_PKEY KDF to KDF provider bridge to the FIPS provider
9d1ae03caa Minimise the size of the macros in kdf_exch.c
74fc579a12 Update KDF documentation
1704752be6 Delete old KDF bridge EVP_PKEY_METHODS
194de849cc Extend the EVP_PKEY KDF to KDF provider bridge to also support Scrypt
05d2f72e79 Extend the EVP_PKEY KDF to KDF provider bridge to also support HKDF
ac2d58c72b Implement a EVP_PKEY KDF to KDF provider bridge
23f04372f4 Initial Apple Silicon support.
c23add3676 Fix memory leak in drbgtest

Build log ended with (last 100 lines):

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok

        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C02095DA187F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:415:
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C02095DA187F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8202
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C02095DA187F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:415:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C02095DA187F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8202
        # false
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
    not ok 37 - test_sigalgs_available
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/__lVfinAeH default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C060B283047F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:415:
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C060B283047F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8202
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C060B283047F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:415:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C060B283047F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8202
        # false
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
    not ok 37 - test_sigalgs_available
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/__lVfinAeH fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build
90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=208, Tests=3230, 810 wallclock secs (11.32 usr  1.29 sys + 748.19 cusr 60.33 csys = 821.13 CPU)
Result: FAIL
Makefile:3176: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-tls1_3'
Makefile:3174: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Sat Aug 15 10:47:31 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sat, 15 Aug 2020 10:47:31 +0000
Subject: Build failed: openssl master.36146
Message-ID: <20200815104731.1.4998BC354ED2B94F@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200815/b1c97d0f/attachment.html>

From no-reply at appveyor.com  Sat Aug 15 18:21:42 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sat, 15 Aug 2020 18:21:42 +0000
Subject: Build completed: openssl master.36147
Message-ID: <20200815182142.1.778A4158D09D87D8@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200815/f107e3dc/attachment.html>

From scan-admin at coverity.com  Sun Aug 16 07:53:58 2020
From: scan-admin at coverity.com (scan-admin at coverity.com)
Date: Sun, 16 Aug 2020 07:53:58 +0000 (UTC)
Subject: Coverity Scan: Analysis completed for OpenSSL-1.0.2
Message-ID: <5f38e616623c_19385e2ad70c0dcf6084222@prd-scan-dashboard-0.mail>


    Your request for analysis of OpenSSL-1.0.2 has been completed successfully.
    The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7Hlun-2FGpeF2rhqKLKnzox0Gkw-3D-3DDVvb_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeETHfuMRnf-2Fx3tdKqtPV99FufSVjLsKpPCwYqwh17MwRpQWCbKrYJOqQ4ANAndX-2F8s-2B7IPjML-2FGibiVZKjuDgWNcMXxi5sOCSFna80SKuNYm3lR7quz3kuuKECXJ1kOgq1ULo7-2Bx8wUe-2Bzcue8ZxW3QHQVZzULbloXl8ljidJt3Zt3MIeYk1I4Rj-2BA8On0waQQ-3D

    Build ID: 333093

    Analysis Summary:
       New defects found: 0
       Defects eliminated: 0


From scan-admin at coverity.com  Sun Aug 16 07:56:39 2020
From: scan-admin at coverity.com (scan-admin at coverity.com)
Date: Sun, 16 Aug 2020 07:56:39 +0000 (UTC)
Subject: Coverity Scan: Analysis completed for openssl/openssl
Message-ID: <5f38e6b753b72_1939cc2ad70c0dcf608425a@prd-scan-dashboard-0.mail>


    Your request for analysis of openssl/openssl has been completed successfully.
    The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3Df0UB_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeHW8O5G7tVwfm90M725BYafRDHY7FY6uTG2MjGnYlnAgZIfQKrM-2FFG-2Fp8XkBgR4n7E3Fn2gYheYUBObFCx33SwWIq62UZCQvnX3VBm4H3gATlhNkFcFoWRNapnWKuSwlJf9xXQoSz2tj7rpDtNj7-2FoNdSp3inPLDTUQ7YKy-2F8-2F3x-2Fo-2FqYSN9XPojCBq7WBMRc8-3D

    Build ID: 333092

    Analysis Summary:
       New defects found: 5
       Defects eliminated: 5

    If you have difficulty understanding any defects, email us at scan-admin at coverity.com,
    or post your question to StackOverflow
    at https://u15810271.ct.sendgrid.net/ls/click?upn=CTPegkVN6peWFCMEieYYmPWIi1E4yUS9EoqKFcNAiqhRq8qmgeBE-2Bdt3uvFRAFXd-2FlwX83-2FVVdybfzIMOby0qA-3D-3DaWJe_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeHW8O5G7tVwfm90M725BYafRDHY7FY6uTG2MjGnYlnAgbgZobGVA2JOPZ6m7y6dhfJMWLZEZeJ5YReECcUJmhhw7MnH9P4Zuywve9mJDPnr-2BvlKfL6NglupOj2eUDgETRrCwnVmsVQ1bu4HA6K-2BZWX0KSfo-2BQlLcUGLRX1ngR-2BPC1gICNBM0FtHrSkaJXIu-2FfM-3D

From mark at openssl.org  Sun Aug 16 13:00:11 2020
From: mark at openssl.org (Mark J. Cox)
Date: Sun, 16 Aug 2020 13:00:11 +0000
Subject: [web]  master update
Message-ID: <1597582811.580986.12909.nullmailer@dev.openssl.org>

The branch master has been updated
       via  aa5a6394fe82d072ca491cc4054b00cbf624358e (commit)
      from  1ee0b6a74934e813ae26995ae59cab209127da03 (commit)


- Log -----------------------------------------------------------------
commit aa5a6394fe82d072ca491cc4054b00cbf624358e
Author: Mark J. Cox <mark at awe.com>
Date:   Sun Aug 16 08:23:38 2020 +0100

    Add beslist.nl to the sponsor list for the bronze equivalent github level.  Remove
    the list of past sponsors, this would be better served perhaps as a yearly blog
    post giving details of the health of the project.

-----------------------------------------------------------------------

Summary of changes:
 support/acks.html | 28 ++--------------------------
 1 file changed, 2 insertions(+), 26 deletions(-)

diff --git a/support/acks.html b/support/acks.html
index 1f5714c..419924e 100644
--- a/support/acks.html
+++ b/support/acks.html
@@ -54,34 +54,10 @@
 
           <h4>Bronze:</h4>
           <div class="sponsorsection">
-          <p><a href="https://cargurus.com/">CarGurus</a></p>
+            <p><a href="https://beslist.nl/">beslist.nl</a></p>
+            <p><a href="https://cargurus.com/">CarGurus</a></p>
           </div>
 
-	  <h4>Past sponsors include:</h4> 
-          <dl>
-            <dd>2018: <a href="https://www.akamai.com/">Akamai</a>,
-              <a href="https://www.bluecedar.com/">Blue Cedar</a>,
-              <a href="https://www.handshake.org/">Handshake</a>,
-              <a href="https://www.huawei.com/">Huawei</a>,
-              <a href="https://levchinprize.com/">Levchin Prize</a>,
-              <a href="https://www.netapp.com/">NetApp</a>,
-              <a href="https://www.smartisan.com/">Smartisan</a>,
-              and
-              <a href="https://vmware.com/">VMWare</a>.
-            </dd>
-            <dd>2017: <a href="https://www.akamai.com/">Akamai</a>,
-              <a href="https://www.huawei.com/">Huawei</a>,
-              <a href="https://www.oracle.com/">Oracle</a>,
-              and
-              <a href="https://www.smartisan.com/">Smartisan</a>.
-            </dd>
-            <dd>2016: <a href="https://www.huawei.com/">Huawei</a>,
-              <a href="https://www.coreinfrastructure.org/">Linux Foundation
-                Core Infrastructure Initiative</a>,
-              and
-              <a href="https://www.smartisan.com/">Smartisan</a>.
-            </dd>            
-          </dl>
           <p></p>
           <hr noshade size=1>
           <h3>Other Donations</h3>

From openssl at openssl.org  Sun Aug 16 23:58:07 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Sun, 16 Aug 2020 23:58:07 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT
Message-ID: <1597622287.778231.17586.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT

Commit log since last time:

ebe3f24b3d provider: disable fall-backs if OSSL_PROVIDER_load() fails.
0e53cd5207 PKCS#12 KDF: don't run tests with the FIPS provider.
b7466c1303 Move PKCS#12 KDF to provider.
c19e6da9a3 Appease -Werror=stringop-overflow=
cddbcf0d28 Remove needless #ifndef OPENSSL_NO_SOCK for X509_{CRL_}load_http
ea9f6890eb sslapitest: Add test for premature call of SSL_export_keying_material
dffeec1c10 Avoid segfault in SSL_export_keying_material if there is no session
dd0164e756 Mark SSL_CTX_set_ssl_version() as deprecated in 3.0

Build log ended with (last 100 lines):

            # Server sent alert unexpected_message but client received no alert.
            # 8037E5825E7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:318:
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1
    not ok 6 - running ssl_test 25-cipher.cnf
# ------------------------------------------------------------------------------
    # Looks like you failed 2 tests of 9.
not ok 26 - Test configuration 25-cipher.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok

        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #2, ECDHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 8027B3FDE07F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #3, DHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 8027B3FDE07F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 4 - iteration 4
# ------------------------------------------------------------------------------
    not ok 1 - test_ssl_corrupt
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1
not ok 1 - running sslcorrupttest
# ------------------------------------------------------------------------------
#   Failed test 'running sslcorrupttest'
#   at ../openssl/test/recipes/80-test_sslcorrupt.t line 19.
# Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests 
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ skipped: Test only supported in a shared build
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls_mtu.t               (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  26
  Non-zero exit status: 1
80-test_sslcorrupt.t             (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=208, Tests=3102, 1752 wallclock secs (12.54 usr  1.54 sys + 1576.26 cusr 160.41 csys = 1750.75 CPU)
Result: FAIL
Makefile:2539: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-asan'
Makefile:2537: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Mon Aug 17 01:56:01 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 17 Aug 2020 01:56:01 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-autoerrinit
Message-ID: <1597629361.277905.17281.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit

Commit log since last time:

ebe3f24b3d provider: disable fall-backs if OSSL_PROVIDER_load() fails.
0e53cd5207 PKCS#12 KDF: don't run tests with the FIPS provider.
b7466c1303 Move PKCS#12 KDF to provider.
c19e6da9a3 Appease -Werror=stringop-overflow=
cddbcf0d28 Remove needless #ifndef OPENSSL_NO_SOCK for X509_{CRL_}load_http
ea9f6890eb sslapitest: Add test for premature call of SSL_export_keying_material
dffeec1c10 Avoid segfault in SSL_export_keying_material if there is no session
dd0164e756 Mark SSL_CTX_set_ssl_version() as deprecated in 3.0

Build log ended with (last 100 lines):

65-test_cmp_status.t ............... ok
65-test_cmp_vfy.t .................. ok
70-test_asyncio.t .................. ok
70-test_bad_dtls.t ................. ok
70-test_clienthello.t .............. ok
70-test_comp.t ..................... ok
70-test_key_share.t ................ ok
70-test_packet.t ................... ok
70-test_recordlen.t ................ ok
70-test_renegotiation.t ............ ok
70-test_servername.t ............... ok
70-test_sslcbcpadding.t ............ ok
70-test_sslcertstatus.t ............ ok
70-test_sslextension.t ............. ok
70-test_sslmessages.t .............. ok
70-test_sslrecords.t ............... ok
70-test_sslsessiontick.t ........... ok
70-test_sslsigalgs.t ............... ok
70-test_sslsignature.t ............. ok
70-test_sslskewith0p.t ............. ok
70-test_sslversions.t .............. ok
70-test_sslvertol.t ................ ok
70-test_tls13alerts.t .............. ok
70-test_tls13cookie.t .............. ok
70-test_tls13downgrade.t ........... ok
70-test_tls13hrr.t ................. ok
70-test_tls13kexmodes.t ............ ok
70-test_tls13messages.t ............ ok
70-test_tls13psk.t ................. ok
70-test_tlsextms.t ................. ok
70-test_verify_extra.t ............. ok
70-test_wpacket.t .................. ok
71-test_ssl_ctx.t .................. ok
80-test_ca.t ....................... ok
80-test_cipherbytes.t .............. ok
80-test_cipherlist.t ............... ok
80-test_ciphername.t ............... ok

# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... ok
80-test_dtls_mtu.t ................. ok
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok
80-test_ssl_new.t .................. ok
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
04-test_err.t                    (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=208, Tests=3171, 886 wallclock secs (13.31 usr  1.24 sys + 821.94 cusr 61.88 csys = 898.37 CPU)
Result: FAIL
Makefile:3182: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit'
Makefile:3180: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Mon Aug 17 04:39:41 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 17 Aug 2020 04:39:41 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-cms
Message-ID: <1597639181.445450.14009.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-cms

Commit log since last time:

ebe3f24b3d provider: disable fall-backs if OSSL_PROVIDER_load() fails.
0e53cd5207 PKCS#12 KDF: don't run tests with the FIPS provider.
b7466c1303 Move PKCS#12 KDF to provider.
c19e6da9a3 Appease -Werror=stringop-overflow=
cddbcf0d28 Remove needless #ifndef OPENSSL_NO_SOCK for X509_{CRL_}load_http
ea9f6890eb sslapitest: Add test for premature call of SSL_export_keying_material
dffeec1c10 Avoid segfault in SSL_export_keying_material if there is no session
dd0164e756 Mark SSL_CTX_set_ssl_version() as deprecated in 3.0

Build log ended with (last 100 lines):

CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/x86_64-gf2m.pl "elf" -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM  crypto/bn/x86_64-gf2m.s
CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/x86_64-mont.pl "elf" -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM  crypto/bn/x86_64-mont.s
CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/x86_64-mont5.pl "elf" -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM  crypto/bn/x86_64-mont5.s
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/buffer/libcrypto-lib-buf_err.d.tmp -MT crypto/buffer/libcrypto-lib-buf_err.o -c -o crypto/buffer/libcrypto-lib-buf_err.o ../openssl/crypto/buffer/buf_err.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/buffer/libcrypto-lib-buffer.d.tmp -MT crypto/buffer/libcrypto-lib-buffer.o -c -o crypto/buffer/libcrypto-lib-buffer.o ../openssl/crypto/buffer/buffer.c
CC="clang" /usr/bin/perl ../openssl/crypto/camellia/asm/cmll-x86_64.pl "elf" -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM  crypto/camellia/cmll-x86_64.s
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/camellia/libcrypto-lib-cmll_cfb.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_cfb.o -c -o crypto/camellia/libcrypto-lib-cmll_cfb.o ../openssl/crypto/camellia/cmll_cfb.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/camellia/libcrypto-lib-cmll_ctr.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_ctr.o -c -o crypto/camellia/libcrypto-lib-cmll_ctr.o ../openssl/crypto/camellia/cmll_ctr.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/camellia/libcrypto-lib-cmll_ecb.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_ecb.o -c -o crypto/camellia/libcrypto-lib-cmll_ecb.o ../openssl/crypto/camellia/cmll_ecb.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/camellia/libcrypto-lib-cmll_misc.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_misc.o -c -o crypto/camellia/libcrypto-lib-cmll_misc.o ../openssl/crypto/camellia/cmll_misc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/camellia/libcrypto-lib-cmll_ofb.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_ofb.o -c -o crypto/camellia/libcrypto-lib-cmll_ofb.o ../openssl/crypto/camellia/cmll_ofb.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cast/libcrypto-lib-c_cfb64.d.tmp -MT crypto/cast/libcrypto-lib-c_cfb64.o -c -o crypto/cast/libcrypto-lib-c_cfb64.o ../openssl/crypto/cast/c_cfb64.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cast/libcrypto-lib-c_ecb.d.tmp -MT crypto/cast/libcrypto-lib-c_ecb.o -c -o crypto/cast/libcrypto-lib-c_ecb.o ../openssl/crypto/cast/c_ecb.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cast/libcrypto-lib-c_enc.d.tmp -MT crypto/cast/libcrypto-lib-c_enc.o -c -o crypto/cast/libcrypto-lib-c_enc.o ../openssl/crypto/cast/c_enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cast/libcrypto-lib-c_ofb64.d.tmp -MT crypto/cast/libcrypto-lib-c_ofb64.o -c -o crypto/cast/libcrypto-lib-c_ofb64.o ../openssl/crypto/cast/c_ofb64.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cast/libcrypto-lib-c_skey.d.tmp -MT crypto/cast/libcrypto-lib-c_skey.o -c -o crypto/cast/libcrypto-lib-c_skey.o ../openssl/crypto/cast/c_skey.c
CC="clang" /usr/bin/perl ../openssl/crypto/chacha/asm/chacha-x86_64.pl "elf" -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM  crypto/chacha/chacha-x86_64.s
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmac/libcrypto-lib-cm_ameth.d.tmp -MT crypto/cmac/libcrypto-lib-cm_ameth.o -c -o crypto/cmac/libcrypto-lib-cm_ameth.o ../openssl/crypto/cmac/cm_ameth.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmac/libcrypto-lib-cmac.d.tmp -MT crypto/cmac/libcrypto-lib-cmac.o -c -o crypto/cmac/libcrypto-lib-cmac.o ../openssl/crypto/cmac/cmac.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_asn.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_asn.o -c -o crypto/cmp/libcrypto-lib-cmp_asn.o ../openssl/crypto/cmp/cmp_asn.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_client.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_client.o -c -o crypto/cmp/libcrypto-lib-cmp_client.o ../openssl/crypto/cmp/cmp_client.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_ctx.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_ctx.o -c -o crypto/cmp/libcrypto-lib-cmp_ctx.o ../openssl/crypto/cmp/cmp_ctx.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_err.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_err.o -c -o crypto/cmp/libcrypto-lib-cmp_err.o ../openssl/crypto/cmp/cmp_err.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_hdr.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_hdr.o -c -o crypto/cmp/libcrypto-lib-cmp_hdr.o ../openssl/crypto/cmp/cmp_hdr.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_http.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_http.o -c -o crypto/cmp/libcrypto-lib-cmp_http.o ../openssl/crypto/cmp/cmp_http.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_msg.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_msg.o -c -o crypto/cmp/libcrypto-lib-cmp_msg.o ../openssl/crypto/cmp/cmp_msg.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_protect.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_protect.o -c -o crypto/cmp/libcrypto-lib-cmp_protect.o ../openssl/crypto/cmp/cmp_protect.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_server.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_server.o -c -o crypto/cmp/libcrypto-lib-cmp_server.o ../openssl/crypto/cmp/cmp_server.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_status.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_status.o -c -o crypto/cmp/libcrypto-lib-cmp_status.o ../openssl/crypto/cmp/cmp_status.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_util.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_util.o -c -o crypto/cmp/libcrypto-lib-cmp_util.o ../openssl/crypto/cmp/cmp_util.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/cmp/libcrypto-lib-cmp_vfy.d.tmp -MT crypto/cmp/libcrypto-lib-cmp_vfy.o -c -o crypto/cmp/libcrypto-lib-cmp_vfy.o ../openssl/crypto/cmp/cmp_vfy.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/comp/libcrypto-lib-c_zlib.d.tmp -MT crypto/comp/libcrypto-lib-c_zlib.o -c -o crypto/comp/libcrypto-lib-c_zlib.o ../openssl/crypto/comp/c_zlib.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/comp/libcrypto-lib-comp_err.d.tmp -MT crypto/comp/libcrypto-lib-comp_err.o -c -o crypto/comp/libcrypto-lib-comp_err.o ../openssl/crypto/comp/comp_err.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/comp/libcrypto-lib-comp_lib.d.tmp -MT crypto/comp/libcrypto-lib-comp_lib.o -c -o crypto/comp/libcrypto-lib-comp_lib.o ../openssl/crypto/comp/comp_lib.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/conf/libcrypto-lib-conf_api.d.tmp -MT crypto/conf/libcrypto-lib-conf_api.o -c -o crypto/conf/libcrypto-lib-conf_api.o ../openssl/crypto/conf/conf_api.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/conf/libcrypto-lib-conf_def.d.tmp -MT crypto/conf/libcrypto-lib-conf_def.o -c -o crypto/conf/libcrypto-lib-conf_def.o ../openssl/crypto/conf/conf_def.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/conf/libcrypto-lib-conf_err.d.tmp -MT crypto/conf/libcrypto-lib-conf_err.o -c -o crypto/conf/libcrypto-lib-conf_err.o ../openssl/crypto/conf/conf_err.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/conf/libcrypto-lib-conf_lib.d.tmp -MT crypto/conf/libcrypto-lib-conf_lib.o -c -o crypto/conf/libcrypto-lib-conf_lib.o ../openssl/crypto/conf/conf_lib.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/conf/libcrypto-lib-conf_mall.d.tmp -MT crypto/conf/libcrypto-lib-conf_mall.o -c -o crypto/conf/libcrypto-lib-conf_mall.o ../openssl/crypto/conf/conf_mall.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/conf/libcrypto-lib-conf_mod.d.tmp -MT crypto/conf/libcrypto-lib-conf_mod.o -c -o crypto/conf/libcrypto-lib-conf_mod.o ../openssl/crypto/conf/conf_mod.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/conf/libcrypto-lib-conf_sap.d.tmp -MT crypto/conf/libcrypto-lib-conf_sap.o -c -o crypto/conf/libcrypto-lib-conf_sap.o ../openssl/crypto/conf/conf_sap.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/conf/libcrypto-lib-conf_ssl.d.tmp -MT crypto/conf/libcrypto-lib-conf_ssl.o -c -o crypto/conf/libcrypto-lib-conf_ssl.o ../openssl/crypto/conf/conf_ssl.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/crmf/libcrypto-lib-crmf_asn.d.tmp -MT crypto/crmf/libcrypto-lib-crmf_asn.o -c -o crypto/crmf/libcrypto-lib-crmf_asn.o ../openssl/crypto/crmf/crmf_asn.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/crmf/libcrypto-lib-crmf_err.d.tmp -MT crypto/crmf/libcrypto-lib-crmf_err.o -c -o crypto/crmf/libcrypto-lib-crmf_err.o ../openssl/crypto/crmf/crmf_err.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/crmf/libcrypto-lib-crmf_lib.d.tmp -MT crypto/crmf/libcrypto-lib-crmf_lib.o -c -o crypto/crmf/libcrypto-lib-crmf_lib.o ../openssl/crypto/crmf/crmf_lib.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/crmf/libcrypto-lib-crmf_pbm.d.tmp -MT crypto/crmf/libcrypto-lib-crmf_pbm.o -c -o crypto/crmf/libcrypto-lib-crmf_pbm.o ../openssl/crypto/crmf/crmf_pbm.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/ct/libcrypto-lib-ct_b64.d.tmp -MT crypto/ct/libcrypto-lib-ct_b64.o -c -o crypto/ct/libcrypto-lib-ct_b64.o ../openssl/crypto/ct/ct_b64.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/ct/libcrypto-lib-ct_err.d.tmp -MT crypto/ct/libcrypto-lib-ct_err.o -c -o crypto/ct/libcrypto-lib-ct_err.o ../openssl/crypto/ct/ct_err.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/ct/libcrypto-lib-ct_log.d.tmp -MT crypto/ct/libcrypto-lib-ct_log.o -c -o crypto/ct/libcrypto-lib-ct_log.o ../openssl/crypto/ct/ct_log.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/ct/libcrypto-lib-ct_oct.d.tmp -MT crypto/ct/libcrypto-lib-ct_oct.o -c -o crypto/ct/libcrypto-lib-ct_oct.o ../openssl/crypto/ct/ct_oct.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/ct/libcrypto-lib-ct_policy.d.tmp -MT crypto/ct/libcrypto-lib-ct_policy.o -c -o crypto/ct/libcrypto-lib-ct_policy.o ../openssl/crypto/ct/ct_policy.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/ct/libcrypto-lib-ct_prn.d.tmp -MT crypto/ct/libcrypto-lib-ct_prn.o -c -o crypto/ct/libcrypto-lib-ct_prn.o ../openssl/crypto/ct/ct_prn.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/ct/libcrypto-lib-ct_sct.d.tmp -MT crypto/ct/libcrypto-lib-ct_sct.o -c -o crypto/ct/libcrypto-lib-ct_sct.o ../openssl/crypto/ct/ct_sct.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/ct/libcrypto-lib-ct_sct_ctx.d.tmp -MT crypto/ct/libcrypto-lib-ct_sct_ctx.o -c -o crypto/ct/libcrypto-lib-ct_sct_ctx.o ../openssl/crypto/ct/ct_sct_ctx.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/ct/libcrypto-lib-ct_vfy.d.tmp -MT crypto/ct/libcrypto-lib-ct_vfy.o -c -o crypto/ct/libcrypto-lib-ct_vfy.o ../openssl/crypto/ct/ct_vfy.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/ct/libcrypto-lib-ct_x509v3.d.tmp -MT crypto/ct/libcrypto-lib-ct_x509v3.o -c -o crypto/ct/libcrypto-lib-ct_x509v3.o ../openssl/crypto/ct/ct_x509v3.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-cbc_cksm.d.tmp -MT crypto/des/libcrypto-lib-cbc_cksm.o -c -o crypto/des/libcrypto-lib-cbc_cksm.o ../openssl/crypto/des/cbc_cksm.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-cbc_enc.d.tmp -MT crypto/des/libcrypto-lib-cbc_enc.o -c -o crypto/des/libcrypto-lib-cbc_enc.o ../openssl/crypto/des/cbc_enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-cfb64ede.d.tmp -MT crypto/des/libcrypto-lib-cfb64ede.o -c -o crypto/des/libcrypto-lib-cfb64ede.o ../openssl/crypto/des/cfb64ede.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-cfb64enc.d.tmp -MT crypto/des/libcrypto-lib-cfb64enc.o -c -o crypto/des/libcrypto-lib-cfb64enc.o ../openssl/crypto/des/cfb64enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-cfb_enc.d.tmp -MT crypto/des/libcrypto-lib-cfb_enc.o -c -o crypto/des/libcrypto-lib-cfb_enc.o ../openssl/crypto/des/cfb_enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-des_enc.d.tmp -MT crypto/des/libcrypto-lib-des_enc.o -c -o crypto/des/libcrypto-lib-des_enc.o ../openssl/crypto/des/des_enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-ecb3_enc.d.tmp -MT crypto/des/libcrypto-lib-ecb3_enc.o -c -o crypto/des/libcrypto-lib-ecb3_enc.o ../openssl/crypto/des/ecb3_enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-ecb_enc.d.tmp -MT crypto/des/libcrypto-lib-ecb_enc.o -c -o crypto/des/libcrypto-lib-ecb_enc.o ../openssl/crypto/des/ecb_enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-fcrypt.d.tmp -MT crypto/des/libcrypto-lib-fcrypt.o -c -o crypto/des/libcrypto-lib-fcrypt.o ../openssl/crypto/des/fcrypt.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-fcrypt_b.d.tmp -MT crypto/des/libcrypto-lib-fcrypt_b.o -c -o crypto/des/libcrypto-lib-fcrypt_b.o ../openssl/crypto/des/fcrypt_b.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-ofb64ede.d.tmp -MT crypto/des/libcrypto-lib-ofb64ede.o -c -o crypto/des/libcrypto-lib-ofb64ede.o ../openssl/crypto/des/ofb64ede.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-ofb64enc.d.tmp -MT crypto/des/libcrypto-lib-ofb64enc.o -c -o crypto/des/libcrypto-lib-ofb64enc.o ../openssl/crypto/des/ofb64enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-ofb_enc.d.tmp -MT crypto/des/libcrypto-lib-ofb_enc.o -c -o crypto/des/libcrypto-lib-ofb_enc.o ../openssl/crypto/des/ofb_enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-pcbc_enc.d.tmp -MT crypto/des/libcrypto-lib-pcbc_enc.o -c -o crypto/des/libcrypto-lib-pcbc_enc.o ../openssl/crypto/des/pcbc_enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-qud_cksm.d.tmp -MT crypto/des/libcrypto-lib-qud_cksm.o -c -o crypto/des/libcrypto-lib-qud_cksm.o ../openssl/crypto/des/qud_cksm.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-rand_key.d.tmp -MT crypto/des/libcrypto-lib-rand_key.o -c -o crypto/des/libcrypto-lib-rand_key.o ../openssl/crypto/des/rand_key.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-set_key.d.tmp -MT crypto/des/libcrypto-lib-set_key.o -c -o crypto/des/libcrypto-lib-set_key.o ../openssl/crypto/des/set_key.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-str2key.d.tmp -MT crypto/des/libcrypto-lib-str2key.o -c -o crypto/des/libcrypto-lib-str2key.o ../openssl/crypto/des/str2key.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/des/libcrypto-lib-xcbc_enc.d.tmp -MT crypto/des/libcrypto-lib-xcbc_enc.o -c -o crypto/des/libcrypto-lib-xcbc_enc.o ../openssl/crypto/des/xcbc_enc.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_ameth.d.tmp -MT crypto/dh/libcrypto-lib-dh_ameth.o -c -o crypto/dh/libcrypto-lib-dh_ameth.o ../openssl/crypto/dh/dh_ameth.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_asn1.d.tmp -MT crypto/dh/libcrypto-lib-dh_asn1.o -c -o crypto/dh/libcrypto-lib-dh_asn1.o ../openssl/crypto/dh/dh_asn1.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_backend.d.tmp -MT crypto/dh/libcrypto-lib-dh_backend.o -c -o crypto/dh/libcrypto-lib-dh_backend.o ../openssl/crypto/dh/dh_backend.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_check.d.tmp -MT crypto/dh/libcrypto-lib-dh_check.o -c -o crypto/dh/libcrypto-lib-dh_check.o ../openssl/crypto/dh/dh_check.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_ctrl.d.tmp -MT crypto/dh/libcrypto-lib-dh_ctrl.o -c -o crypto/dh/libcrypto-lib-dh_ctrl.o ../openssl/crypto/dh/dh_ctrl.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_depr.d.tmp -MT crypto/dh/libcrypto-lib-dh_depr.o -c -o crypto/dh/libcrypto-lib-dh_depr.o ../openssl/crypto/dh/dh_depr.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_err.d.tmp -MT crypto/dh/libcrypto-lib-dh_err.o -c -o crypto/dh/libcrypto-lib-dh_err.o ../openssl/crypto/dh/dh_err.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_gen.d.tmp -MT crypto/dh/libcrypto-lib-dh_gen.o -c -o crypto/dh/libcrypto-lib-dh_gen.o ../openssl/crypto/dh/dh_gen.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_group_params.d.tmp -MT crypto/dh/libcrypto-lib-dh_group_params.o -c -o crypto/dh/libcrypto-lib-dh_group_params.o ../openssl/crypto/dh/dh_group_params.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_kdf.d.tmp -MT crypto/dh/libcrypto-lib-dh_kdf.o -c -o crypto/dh/libcrypto-lib-dh_kdf.o ../openssl/crypto/dh/dh_kdf.c
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_key.d.tmp -MT crypto/dh/libcrypto-lib-dh_key.o -c -o crypto/dh/libcrypto-lib-dh_key.o ../openssl/crypto/dh/dh_key.c
../openssl/crypto/dh/dh_ctrl.c:239:14: error: use of undeclared identifier 'EVP_PKEY_DH_KDF_X9_42'
        case EVP_PKEY_DH_KDF_X9_42:
             ^
../openssl/crypto/dh/dh_ctrl.c:293:16: error: use of undeclared identifier 'EVP_PKEY_DH_KDF_X9_42'
        return EVP_PKEY_DH_KDF_X9_42;
               ^
2 errors generated.
clang  -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/dh/libcrypto-lib-dh_lib.d.tmp -MT crypto/dh/libcrypto-lib-dh_lib.o -c -o crypto/dh/libcrypto-lib-dh_lib.o ../openssl/crypto/dh/dh_lib.c
Makefile:13949: recipe for target 'crypto/dh/libcrypto-lib-dh_ctrl.o' failed
make[1]: *** [crypto/dh/libcrypto-lib-dh_ctrl.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-cms'
Makefile:3107: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From no-reply at appveyor.com  Mon Aug 17 06:28:17 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 17 Aug 2020 06:28:17 +0000
Subject: Build failed: openssl master.36175
Message-ID: <20200817062817.1.0793BDA636AE4687@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200817/05aa1f5e/attachment.html>

From no-reply at appveyor.com  Mon Aug 17 06:49:56 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 17 Aug 2020 06:49:56 +0000
Subject: Build failed: openssl master.36176
Message-ID: <20200817064956.1.AC2FE6F017E894B8@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200817/d24b2a51/attachment.html>

From openssl at openssl.org  Mon Aug 17 07:06:20 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 17 Aug 2020 07:06:20 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-des
Message-ID: <1597647980.448541.19782.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-des

Commit log since last time:

ebe3f24b3d provider: disable fall-backs if OSSL_PROVIDER_load() fails.
0e53cd5207 PKCS#12 KDF: don't run tests with the FIPS provider.
b7466c1303 Move PKCS#12 KDF to provider.
c19e6da9a3 Appease -Werror=stringop-overflow=
cddbcf0d28 Remove needless #ifndef OPENSSL_NO_SOCK for X509_{CRL_}load_http
ea9f6890eb sslapitest: Add test for premature call of SSL_export_keying_material
dffeec1c10 Avoid segfault in SSL_export_keying_material if there is no session
dd0164e756 Mark SSL_CTX_set_ssl_version() as deprecated in 3.0

Build log ended with (last 100 lines):

C080B5394C7F0000:error::asn1 encoding routines:d2i_PrivateKey_ex:ASN1 lib:../openssl/crypto/asn1/d2i_pr.c:67:
C080B5394C7F0000:error::asn1 encoding routines:asn1_check_tlen:wrong tag:../openssl/crypto/asn1/tasn_dec.c:1135:
C080B5394C7F0000:error::asn1 encoding routines:asn1_d2i_ex_primitive:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:698:
C080B5394C7F0000:error::asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:630:Field=pkey, Type=PKCS8_PRIV_KEY_INFO
C080B5394C7F0000:error::asn1 encoding routines:asn1_check_tlen:wrong tag:../openssl/crypto/asn1/tasn_dec.c:1135:
C080B5394C7F0000:error::asn1 encoding routines:asn1_d2i_ex_primitive:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:698:
C080B5394C7F0000:error::asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:630:Field=pkey, Type=PKCS8_PRIV_KEY_INFO
OPENSSL_FUNC:../openssl/apps/cmp.c:2993:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2835:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -proxy option is empty string, resetting option
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 1
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
Could not open file or uri test.cert.pem for loading CMP client certificate (and optionally extra certs)
C0C0704EF67F0000:error::system library:file_open_with_libctx:No such file or directory:../openssl/crypto/store/loader_file.c:928:calling stat(test.cert.pem)
Unable to load CMP client certificate (and optionally extra certs)
OPENSSL_FUNC:../openssl/apps/cmp.c:2993:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2835:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2073:CMP warning: -subject '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=leaf' given, which overrides the subject of 'test.cert.pem' in KUR
# OPENSSL_FUNC:../openssl/apps/cmp.c:778:CMP warning: can load only one certificate in DER format from test.cert.pem
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 1
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
Could not open file or uri test.cert.pem for loading CMP client certificate (and optionally extra certs)
C0706A68EA7F0000:error::system library:file_open_with_libctx:No such file or directory:../openssl/crypto/store/loader_file.c:928:calling stat(test.cert.pem)
Unable to load CMP client certificate (and optionally extra certs)
OPENSSL_FUNC:../openssl/apps/cmp.c:2993:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2835:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -subject option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -secret option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:778:CMP warning: can load only one certificate in DER format from test.cert.pem
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 1
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
    # Looks like you failed 31 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-des/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
30-test_evp.t                    (Wstat: 768 Tests: 84 Failed: 3)
  Failed tests:  12, 36, 69
  Non-zero exit status: 3
30-test_evp_kdf.t                (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=208, Tests=3206, 884 wallclock secs (13.43 usr  1.51 sys + 812.97 cusr 60.59 csys = 888.50 CPU)
Result: FAIL
Makefile:3111: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-des'
Makefile:3109: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Mon Aug 17 07:30:12 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 17 Aug 2020 07:30:12 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dgram
Message-ID: <1597649412.786043.4689.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dgram

Commit log since last time:

ebe3f24b3d provider: disable fall-backs if OSSL_PROVIDER_load() fails.
0e53cd5207 PKCS#12 KDF: don't run tests with the FIPS provider.
b7466c1303 Move PKCS#12 KDF to provider.
c19e6da9a3 Appease -Werror=stringop-overflow=
cddbcf0d28 Remove needless #ifndef OPENSSL_NO_SOCK for X509_{CRL_}load_http
ea9f6890eb sslapitest: Add test for premature call of SSL_export_keying_material
dffeec1c10 Avoid segfault in SSL_export_keying_material if there is no session
dd0164e756 Mark SSL_CTX_set_ssl_version() as deprecated in 3.0

Build log ended with (last 100 lines):


# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build
80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok

            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 7 - iteration 7
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 8 - iteration 8
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 10 - iteration 10
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 11 - iteration 11
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 12 - iteration 12
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips.cnf => 1
    not ok 9 - running ssl_test 04-client_auth.cnf
# ------------------------------------------------------------------------------
    #   Failed test 'running ssl_test 04-client_auth.cnf'
    #   at ../openssl/test/recipes/80-test_ssl_new.t line 173.
    # Looks like you failed 1 test of 9.
not ok 5 - Test configuration 04-client_auth.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  5
  Non-zero exit status: 1
Files=208, Tests=3305, 860 wallclock secs (12.94 usr  1.26 sys + 797.35 cusr 64.60 csys = 876.15 CPU)
Result: FAIL
Makefile:3171: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dgram'
Makefile:3169: recipe for target 'tests' failed
make: *** [tests] Error 2

From matt at openssl.org  Mon Aug 17 10:39:54 2020
From: matt at openssl.org (Matt Caswell)
Date: Mon, 17 Aug 2020 10:39:54 +0000
Subject: [openssl]  master update
Message-ID: <1597660794.187972.5891.nullmailer@dev.openssl.org>

The branch master has been updated
       via  bfa6aaab45c30ced2da851ee92f8ac5942f08078 (commit)
       via  e6c54619d151eeec32055bbd713cda11a9182246 (commit)
      from  ebe3f24b3d53e503bd37a2a08a8b1f896014c30d (commit)


- Log -----------------------------------------------------------------
commit bfa6aaab45c30ced2da851ee92f8ac5942f08078
Author: Matt Caswell <matt at openssl.org>
Date:   Wed Aug 5 14:46:48 2020 +0100

    Test that EVP_default_properties_is_fips_enabled() works early
    
    We check that EVP_default_properties_is_fips_enabled() is working even
    before other function calls have auto-loaded the config file.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12567)

commit e6c54619d151eeec32055bbd713cda11a9182246
Author: Matt Caswell <matt at openssl.org>
Date:   Fri Jul 31 17:29:21 2020 +0100

    Load the default config file before working with default properties
    
    A config file can change the global default properties. Therefore we
    must ensure that the config file is loaded before reading or amending
    them.
    
    Fixes #12565
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12567)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/evp_cnf.c             |  3 +-
 crypto/evp/evp_fetch.c           | 22 +++++++----
 crypto/property/property.c       |  9 ++++-
 include/crypto/evp.h             |  2 +
 include/internal/property.h      |  2 +-
 test/build.info                  |  6 ++-
 test/defltfips_test.c            | 81 ++++++++++++++++++++++++++++++++++++++++
 test/evp_test.c                  |  3 +-
 test/fips.cnf                    |  7 ++++
 test/recipes/30-test_defltfips.t | 43 +++++++++++++++++++++
 test/tls-provider.c              | 12 +++++-
 11 files changed, 174 insertions(+), 16 deletions(-)
 create mode 100644 test/defltfips_test.c
 create mode 100644 test/recipes/30-test_defltfips.t

diff --git a/crypto/evp/evp_cnf.c b/crypto/evp/evp_cnf.c
index 27815553bd..455b258a9a 100644
--- a/crypto/evp/evp_cnf.c
+++ b/crypto/evp/evp_cnf.c
@@ -14,6 +14,7 @@
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 #include <openssl/trace.h>
+#include "crypto/evp.h"
 
 DEFINE_STACK_OF(CONF_VALUE)
 
@@ -52,7 +53,7 @@ static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
                 return 0;
             }
         } else if (strcmp(oval->name, "default_properties") == 0) {
-            if (!EVP_set_default_properties(cnf->libctx, oval->value)) {
+            if (!evp_set_default_properties_int(cnf->libctx, oval->value, 0)) {
                 EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_SET_DEFAULT_PROPERTY_FAILURE);
                 return 0;
             }
diff --git a/crypto/evp/evp_fetch.c b/crypto/evp/evp_fetch.c
index 4c3992ab40..7b0cea7f0b 100644
--- a/crypto/evp/evp_fetch.c
+++ b/crypto/evp/evp_fetch.c
@@ -377,11 +377,12 @@ void evp_method_store_flush(OPENSSL_CTX *libctx)
         ossl_method_store_flush_cache(store, 1);
 }
 
-static int evp_set_default_properties(OPENSSL_CTX *libctx,
-                                      OSSL_PROPERTY_LIST *def_prop)
+static int evp_set_parsed_default_properties(OPENSSL_CTX *libctx,
+                                             OSSL_PROPERTY_LIST *def_prop,
+                                             int loadconfig)
 {
     OSSL_METHOD_STORE *store = get_evp_method_store(libctx);
-    OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx);
+    OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx, loadconfig);
 
     if (plp != NULL) {
         ossl_property_free(*plp);
@@ -394,7 +395,8 @@ static int evp_set_default_properties(OPENSSL_CTX *libctx,
     return 0;
 }
 
-int EVP_set_default_properties(OPENSSL_CTX *libctx, const char *propq)
+int evp_set_default_properties_int(OPENSSL_CTX *libctx, const char *propq,
+                                   int loadconfig)
 {
     OSSL_PROPERTY_LIST *pl = NULL;
 
@@ -402,13 +404,17 @@ int EVP_set_default_properties(OPENSSL_CTX *libctx, const char *propq)
         EVPerr(0, EVP_R_DEFAULT_QUERY_PARSE_ERROR);
         return 0;
     }
-    return evp_set_default_properties(libctx, pl);
+    return evp_set_parsed_default_properties(libctx, pl, loadconfig);
 }
 
+int EVP_set_default_properties(OPENSSL_CTX *libctx, const char *propq)
+{
+    return evp_set_default_properties_int(libctx, propq, 1);
+}
 
 static int evp_default_properties_merge(OPENSSL_CTX *libctx, const char *propq)
 {
-    OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx);
+    OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx, 1);
     OSSL_PROPERTY_LIST *pl1, *pl2;
 
     if (propq == NULL)
@@ -425,13 +431,13 @@ static int evp_default_properties_merge(OPENSSL_CTX *libctx, const char *propq)
         EVPerr(0, ERR_R_MALLOC_FAILURE);
         return 0;
     }
-    return evp_set_default_properties(libctx, pl2);
+    return evp_set_parsed_default_properties(libctx, pl2, 0);
 }
 
 static int evp_default_property_is_enabled(OPENSSL_CTX *libctx,
                                            const char *prop_name)
 {
-    OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx);
+    OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx, 1);
 
     return plp != NULL && ossl_property_is_enabled(libctx, prop_name, *plp);
 }
diff --git a/crypto/property/property.c b/crypto/property/property.c
index cb82f8956b..608a909d49 100644
--- a/crypto/property/property.c
+++ b/crypto/property/property.c
@@ -96,8 +96,13 @@ static const OPENSSL_CTX_METHOD ossl_ctx_global_properties_method = {
     ossl_ctx_global_properties_free,
 };
 
-OSSL_PROPERTY_LIST **ossl_ctx_global_properties(OPENSSL_CTX *libctx)
+OSSL_PROPERTY_LIST **ossl_ctx_global_properties(OPENSSL_CTX *libctx,
+                                                int loadconfig)
 {
+#ifndef FIPS_MODULE
+    if (loadconfig && !OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL))
+        return NULL;
+#endif
     return openssl_ctx_get_data(libctx, OPENSSL_CTX_GLOBAL_PROPERTIES,
                                 &ossl_ctx_global_properties_method);
 }
@@ -352,7 +357,7 @@ int ossl_method_store_fetch(OSSL_METHOD_STORE *store, int nid,
 
     if (prop_query != NULL)
         p2 = pq = ossl_parse_query(store->ctx, prop_query);
-    plp = ossl_ctx_global_properties(store->ctx);
+    plp = ossl_ctx_global_properties(store->ctx, 1);
     if (plp != NULL && *plp != NULL) {
         if (pq == NULL) {
             pq = *plp;
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
index f170e59324..d2b2584357 100644
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -771,3 +771,5 @@ EVP_PKEY *evp_pkcs82pkey_int(const PKCS8_PRIV_KEY_INFO *p8, OPENSSL_CTX *libctx,
                              const char *propq);
 #endif /* !defined(FIPS_MODULE) */
 void evp_method_store_flush(OPENSSL_CTX *libctx);
+int evp_set_default_properties_int(OPENSSL_CTX *libctx, const char *propq,
+                                   int loadconfig);
diff --git a/include/internal/property.h b/include/internal/property.h
index ca1d1e055c..cd3982549d 100644
--- a/include/internal/property.h
+++ b/include/internal/property.h
@@ -45,7 +45,7 @@ int ossl_method_store_fetch(OSSL_METHOD_STORE *store, int nid,
                             const char *prop_query, void **method);
 
 /* Get the global properties associate with the specified library context */
-OSSL_PROPERTY_LIST **ossl_ctx_global_properties(OPENSSL_CTX *ctx);
+OSSL_PROPERTY_LIST **ossl_ctx_global_properties(OPENSSL_CTX *ctx, int loadconfig);
 
 /* property query cache functions */
 int ossl_method_store_cache_get(OSSL_METHOD_STORE *store, int nid,
diff --git a/test/build.info b/test/build.info
index 1dd3db7c79..11fce8e279 100644
--- a/test/build.info
+++ b/test/build.info
@@ -57,7 +57,7 @@ IF[{- !$disabled{tests} -}]
           http_test servername_test ocspapitest fatalerrtest tls13ccstest \
           sysdefaulttest errtest ssl_ctx_test gosttest \
           context_internal_test aesgcmtest params_test evp_pkey_dparams_test \
-          keymgmt_internal_test hexstr_test provider_status_test
+          keymgmt_internal_test hexstr_test provider_status_test defltfips_test
 
   IF[{- !$disabled{'deprecated-3.0'} -}]
     PROGRAMS{noinst}=enginetest
@@ -324,6 +324,10 @@ IF[{- !$disabled{tests} -}]
   INCLUDE[sslapitest]=../include ../apps/include ..
   DEPEND[sslapitest]=../libcrypto ../libssl libtestutil.a
 
+  SOURCE[defltfips_test]=defltfips_test.c
+  INCLUDE[defltfips_test]=../include  ../apps/include
+  DEPEND[defltfips_test]=../libcrypto libtestutil.a
+
   SOURCE[ocspapitest]=ocspapitest.c
   INCLUDE[ocspapitest]=../include ../apps/include
   DEPEND[ocspapitest]=../libcrypto libtestutil.a
diff --git a/test/defltfips_test.c b/test/defltfips_test.c
new file mode 100644
index 0000000000..a8349211b6
--- /dev/null
+++ b/test/defltfips_test.c
@@ -0,0 +1,81 @@
+#include <string.h>
+#include <openssl/evp.h>
+#include <openssl/provider.h>
+#include "testutil.h"
+
+static int is_fips;
+
+static int test_is_fips_enabled(void)
+{
+    int is_fips_enabled, is_fips_loaded;
+    EVP_MD *sha256 = NULL;
+
+    /*
+     * Check we're in FIPS mode when we're supposed to be. We do this early to
+     * confirm that EVP_default_properties_is_fips_enabled() works even before
+     * other function calls have auto-loaded the config file.
+     */
+    is_fips_enabled = EVP_default_properties_is_fips_enabled(NULL);
+    is_fips_loaded = OSSL_PROVIDER_available(NULL, "fips");
+
+    /*
+     * Check we're in an expected state. EVP_default_properties_is_fips_enabled
+     * can return true even if the FIPS provider isn't loaded - it is only based
+     * on the default properties. However we only set those properties if also
+     * loading the FIPS provider.
+     */
+    if (!TEST_int_eq(is_fips, is_fips_enabled)
+            || !TEST_int_eq(is_fips, is_fips_loaded))
+        return 0;
+
+    /*
+     * Fetching an algorithm shouldn't change the state and should come from
+     * expected provider.
+     */
+    sha256 = EVP_MD_fetch(NULL, "SHA2-256", NULL);
+    if (!TEST_ptr(sha256))
+        return 0;
+    if (is_fips
+            && !TEST_str_eq(OSSL_PROVIDER_name(EVP_MD_provider(sha256)), "fips")) {
+        EVP_MD_free(sha256);
+        return 0;
+    }
+    EVP_MD_free(sha256);
+
+    /* State should still be consistent */
+    is_fips_enabled = EVP_default_properties_is_fips_enabled(NULL);
+    if (!TEST_int_eq(is_fips, is_fips_enabled))
+        return 0;
+
+    return 1;
+}
+
+int setup_tests(void)
+{
+    size_t argc;
+
+    if (!test_skip_common_options()) {
+        TEST_error("Error parsing test options\n");
+        return 0;
+    }
+
+    argc = test_get_argument_count();
+    switch(argc) {
+    case 0:
+        is_fips = 0;
+        break;
+    case 1:
+        if (strcmp(test_get_argument(0), "fips") == 0) {
+            is_fips = 1;
+            break;
+        }
+        /* fall through */
+    default:
+        TEST_error("Invalid argument\n");
+        return 0;
+    }
+
+    /* Must be the first test before any other libcrypto calls are made */
+    ADD_TEST(test_is_fips_enabled);
+    return 1;
+}
diff --git a/test/evp_test.c b/test/evp_test.c
index b980abc944..cd6077e10d 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -2095,7 +2095,8 @@ static int rand_test_init(EVP_TEST *t, const char *name)
     if (!TEST_ptr(rdata = OPENSSL_zalloc(sizeof(*rdata))))
         return 0;
 
-    rand = EVP_RAND_fetch(libctx, "TEST-RAND", NULL);
+    /* TEST-RAND is available in the FIPS provider but not with "fips=yes" */
+    rand = EVP_RAND_fetch(libctx, "TEST-RAND", "-fips");
     if (rand == NULL)
         goto err;
     rdata->parent = EVP_RAND_CTX_new(rand, NULL);
diff --git a/test/fips.cnf b/test/fips.cnf
index d6c3c6be14..fa131a8bf6 100644
--- a/test/fips.cnf
+++ b/test/fips.cnf
@@ -4,6 +4,13 @@ openssl_conf = openssl_init
 
 [openssl_init]
 providers = provider_sect
+alg_section = evp_properties
+
+[evp_properties]
+# Ensure FIPS non-approved algorithms in the FIPS module are suppressed (e.g.
+# TEST-RAND). This also means that EVP_default_properties_is_fips_enabled()
+# returns the expected value
+default_properties = "fips=yes"
 
 [provider_sect]
 fips = fips_sect
diff --git a/test/recipes/30-test_defltfips.t b/test/recipes/30-test_defltfips.t
new file mode 100644
index 0000000000..c98591eb86
--- /dev/null
+++ b/test/recipes/30-test_defltfips.t
@@ -0,0 +1,43 @@
+#! /usr/bin/env perl
+# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+
+use strict;
+use warnings;
+
+use OpenSSL::Test qw/:DEFAULT srctop_file srctop_dir bldtop_file bldtop_dir/;
+use OpenSSL::Test::Utils;
+use Cwd qw(abs_path);
+
+BEGIN {
+    setup("test_evp");
+}
+
+use lib srctop_dir('Configurations');
+use lib bldtop_dir('.');
+use platform;
+
+my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
+
+plan tests =>
+    ($no_fips ? 1 : 3);
+
+unless ($no_fips) {
+    my $infile = bldtop_file('providers', platform->dso('fips'));
+
+    ok(run(app(['openssl', 'fipsinstall',
+                '-out', bldtop_file('providers', 'fipsmodule.cnf'),
+                '-module', $infile])),
+       "fipsinstall");
+
+    $ENV{OPENSSL_CONF} = abs_path(srctop_file("test", "fips.cnf"));
+    ok(run(test(["defltfips_test", "fips"])), "running defltfips_test fips");
+}
+
+$ENV{OPENSSL_CONF} = abs_path(srctop_file("test", "default.cnf"));
+ok(run(test(["defltfips_test"])), "running defltfips_test");
diff --git a/test/tls-provider.c b/test/tls-provider.c
index 496ba7ead9..924ede501b 100644
--- a/test/tls-provider.c
+++ b/test/tls-provider.c
@@ -180,7 +180,11 @@ static const OSSL_DISPATCH xor_keyexch_functions[] = {
 };
 
 static const OSSL_ALGORITHM tls_prov_keyexch[] = {
-    { "XOR", "provider=tls-provider", xor_keyexch_functions },
+    /*
+     * Obviously this is not FIPS approved, but in order to test in conjuction
+     * with the FIPS provider we pretend that it is.
+     */
+    { "XOR", "provider=tls-provider,fips=yes", xor_keyexch_functions },
     { NULL, NULL, NULL }
 };
 
@@ -414,7 +418,11 @@ static const OSSL_DISPATCH xor_keymgmt_functions[] = {
 };
 
 static const OSSL_ALGORITHM tls_prov_keymgmt[] = {
-    { "XOR", "provider=tls-provider", xor_keymgmt_functions },
+    /*
+     * Obviously this is not FIPS approved, but in order to test in conjuction
+     * with the FIPS provider we pretend that it is.
+     */
+    { "XOR", "provider=tls-provider,fips=yes", xor_keymgmt_functions },
     { NULL, NULL, NULL }
 };
 

From builds at travis-ci.com  Mon Aug 17 12:22:13 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 17 Aug 2020 12:22:13 +0000
Subject: Still Failing: openssl/openssl#36724 (master - bfa6aaa)
In-Reply-To: <openssl/openssl+179943592+still failing@travis-ci.com>
Message-ID: <5f3a76779f160_13fb4d09a86886679c4@travis-pro-tasks-64c48cf4b7-57nd5.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36724
Status: Still Failing

Duration: 1 hr, 5 mins, and 51 secs
Commit: bfa6aaa (master)
Author: Matt Caswell
Message: Test that EVP_default_properties_is_fips_enabled() works early

We check that EVP_default_properties_is_fips_enabled() is working even
before other function calls have auto-loaded the config file.

Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12567)

View the changeset: https://github.com/openssl/openssl/compare/ebe3f24b3d53...bfa6aaab45c3

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179943592?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200817/0c1193af/attachment.html>

From openssl at openssl.org  Mon Aug 17 12:47:15 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 17 Aug 2020 12:47:15 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-err
Message-ID: <1597668435.380191.30293.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-err

Commit log since last time:

ebe3f24b3d provider: disable fall-backs if OSSL_PROVIDER_load() fails.
0e53cd5207 PKCS#12 KDF: don't run tests with the FIPS provider.
b7466c1303 Move PKCS#12 KDF to provider.
c19e6da9a3 Appease -Werror=stringop-overflow=
cddbcf0d28 Remove needless #ifndef OPENSSL_NO_SOCK for X509_{CRL_}load_http
ea9f6890eb sslapitest: Add test for premature call of SSL_export_keying_material
dffeec1c10 Avoid segfault in SSL_export_keying_material if there is no session
dd0164e756 Mark SSL_CTX_set_ssl_version() as deprecated in 3.0

Build log ended with (last 100 lines):

65-test_cmp_status.t ............... ok
65-test_cmp_vfy.t .................. ok
70-test_asyncio.t .................. ok
70-test_bad_dtls.t ................. ok
70-test_clienthello.t .............. ok
70-test_comp.t ..................... ok
70-test_key_share.t ................ ok
70-test_packet.t ................... ok
70-test_recordlen.t ................ ok
70-test_renegotiation.t ............ ok
70-test_servername.t ............... ok
70-test_sslcbcpadding.t ............ ok
70-test_sslcertstatus.t ............ ok
70-test_sslextension.t ............. ok
70-test_sslmessages.t .............. ok
70-test_sslrecords.t ............... ok
70-test_sslsessiontick.t ........... ok
70-test_sslsigalgs.t ............... ok
70-test_sslsignature.t ............. ok
70-test_sslskewith0p.t ............. ok
70-test_sslversions.t .............. ok
70-test_sslvertol.t ................ ok
70-test_tls13alerts.t .............. ok
70-test_tls13cookie.t .............. ok
70-test_tls13downgrade.t ........... ok
70-test_tls13hrr.t ................. ok
70-test_tls13kexmodes.t ............ ok
70-test_tls13messages.t ............ ok
70-test_tls13psk.t ................. ok
70-test_tlsextms.t ................. ok
70-test_verify_extra.t ............. ok
70-test_wpacket.t .................. ok
71-test_ssl_ctx.t .................. ok
80-test_ca.t ....................... ok
80-test_cipherbytes.t .............. ok
80-test_cipherlist.t ............... ok
80-test_ciphername.t ............... ok

# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... ok
80-test_dtls_mtu.t ................. ok
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok
80-test_ssl_new.t .................. ok
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
04-test_err.t                    (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=208, Tests=3171, 891 wallclock secs (13.80 usr  1.33 sys + 816.28 cusr 64.24 csys = 895.65 CPU)
Result: FAIL
Makefile:3173: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-err'
Makefile:3171: recipe for target 'tests' failed
make: *** [tests] Error 2

From shane.lontis at oracle.com  Mon Aug 17 13:36:37 2020
From: shane.lontis at oracle.com (shane.lontis at oracle.com)
Date: Mon, 17 Aug 2020 13:36:37 +0000
Subject: [openssl]  master update
Message-ID: <1597671397.764130.2842.nullmailer@dev.openssl.org>

The branch master has been updated
       via  6c4e2e52d87d61a6df3ddf5f67c7207387585d6c (commit)
      from  bfa6aaab45c30ced2da851ee92f8ac5942f08078 (commit)


- Log -----------------------------------------------------------------
commit 6c4e2e52d87d61a6df3ddf5f67c7207387585d6c
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Mon Aug 17 12:34:17 2020 +1000

    Fix broken windows builds.
    
    A miscellaneous '\' was accidently added to set FIPSKEY=$(FIPSKEY) which was causing some
    external CI build loops to not produce test results.
    It looks like it was accidently copied from the unix variant which requires the '\'.
    Thanks to Wolfgang Beck for tracking down the issue.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12661)

-----------------------------------------------------------------------

Summary of changes:
 Configurations/windows-makefile.tmpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Configurations/windows-makefile.tmpl b/Configurations/windows-makefile.tmpl
index c2507a6508..dfabda7eef 100644
--- a/Configurations/windows-makefile.tmpl
+++ b/Configurations/windows-makefile.tmpl
@@ -406,7 +406,7 @@ test: tests
 	set SRCTOP=$(SRCDIR)
 	set BLDTOP=$(BLDDIR)
 	set PERL=$(PERL)
-	set FIPSKEY=$(FIPSKEY) \
+	set FIPSKEY=$(FIPSKEY)
 	"$(PERL)" "$(SRCDIR)\test\run_tests.pl" $(TESTS)
 	@{- if ($disabled{tests}) { output_on(); } else { output_off(); } "" -}
 	@$(ECHO) "Tests are not supported with your chosen Configure options"

From shane.lontis at oracle.com  Mon Aug 17 13:41:15 2020
From: shane.lontis at oracle.com (shane.lontis at oracle.com)
Date: Mon, 17 Aug 2020 13:41:15 +0000
Subject: [openssl]  master update
Message-ID: <1597671675.915400.4903.nullmailer@dev.openssl.org>

The branch master has been updated
       via  38145fba0a5f6163743f007dd6c9ba1a1e07e4f4 (commit)
      from  6c4e2e52d87d61a6df3ddf5f67c7207387585d6c (commit)


- Log -----------------------------------------------------------------
commit 38145fba0a5f6163743f007dd6c9ba1a1e07e4f4
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 11 10:15:28 2020 +1000

    Fix DSA/DH so that legacy keys can still be generated by the default provider
    
    Fixes #12589
    
    The 'type' parameter needed to be propagated to the ffc params during keygen,
    so that the simple validation of params done during keygen can handle legacy keys for the default provider.
    The fips provider ignores this change and only allows fips186-4 approved sizes.
    
    Reviewed-by: Nicola Tuveri <nic.tuv at gmail.com>
    (Merged from https://github.com/openssl/openssl/pull/12623)

-----------------------------------------------------------------------

Summary of changes:
 crypto/ffc/ffc_params.c                       |  8 ++++++++
 crypto/ffc/ffc_params_validate.c              |  9 +++++++--
 include/internal/ffc.h                        |  6 ++++--
 providers/implementations/keymgmt/dh_kmgmt.c  |  2 ++
 providers/implementations/keymgmt/dsa_kmgmt.c |  2 ++
 test/recipes/15-test_gendsa.t                 | 15 ++++++++++++++-
 6 files changed, 37 insertions(+), 5 deletions(-)

diff --git a/crypto/ffc/ffc_params.c b/crypto/ffc/ffc_params.c
index d70aeea35b..ac767c0a1c 100644
--- a/crypto/ffc/ffc_params.c
+++ b/crypto/ffc/ffc_params.c
@@ -117,6 +117,14 @@ void ffc_params_set_flags(FFC_PARAMS *params, unsigned int flags)
     params->flags = flags;
 }
 
+void ffc_params_enable_flags(FFC_PARAMS *params, unsigned int flags, int enable)
+{
+    if (enable)
+        params->flags |= flags;
+    else
+        params->flags &= ~flags;
+}
+
 int ffc_set_digest(FFC_PARAMS *params, const char *alg, const char *props)
 {
     params->mdname = alg;
diff --git a/crypto/ffc/ffc_params_validate.c b/crypto/ffc/ffc_params_validate.c
index 821ff3e88a..9221b13d17 100644
--- a/crypto/ffc/ffc_params_validate.c
+++ b/crypto/ffc/ffc_params_validate.c
@@ -66,7 +66,7 @@ int ffc_params_FIPS186_2_validate(OPENSSL_CTX *libctx, const FFC_PARAMS *params,
 {
     size_t L, N;
 
-    if (params->p == NULL || params->q == NULL) {
+    if (params == NULL || params->p == NULL || params->q == NULL) {
         *res = FFC_CHECK_INVALID_PQ;
         return FFC_PARAM_RET_STATUS_FAILED;
     }
@@ -99,7 +99,12 @@ int ffc_params_simple_validate(OPENSSL_CTX *libctx, FFC_PARAMS *params, int type
     params->flags = FFC_PARAM_FLAG_VALIDATE_G;
     params->gindex = FFC_UNVERIFIABLE_GINDEX;
 
-    ret = ffc_params_FIPS186_4_validate(libctx, params, type, &res, NULL);
+#ifndef FIPS_MODULE
+    if (save_flags & FFC_PARAM_FLAG_VALIDATE_LEGACY)
+        ret = ffc_params_FIPS186_2_validate(libctx, params, type, &res, NULL);
+    else
+#endif
+        ret = ffc_params_FIPS186_4_validate(libctx, params, type, &res, NULL);
     params->flags = save_flags;
     params->gindex = save_gindex;
     return ret != FFC_PARAM_RET_STATUS_FAILED;
diff --git a/include/internal/ffc.h b/include/internal/ffc.h
index b352b8d345..3a4dcc9dcb 100644
--- a/include/internal/ffc.h
+++ b/include/internal/ffc.h
@@ -39,10 +39,11 @@
 #define FFC_PARAM_RET_STATUS_UNVERIFIABLE_G 2
 
 /* Validation flags */
-# define FFC_PARAM_FLAG_VALIDATE_PQ  0x01
-# define FFC_PARAM_FLAG_VALIDATE_G   0x02
+# define FFC_PARAM_FLAG_VALIDATE_PQ    0x01
+# define FFC_PARAM_FLAG_VALIDATE_G     0x02
 # define FFC_PARAM_FLAG_VALIDATE_ALL                                           \
     (FFC_PARAM_FLAG_VALIDATE_PQ | FFC_PARAM_FLAG_VALIDATE_G)
+#define FFC_PARAM_FLAG_VALIDATE_LEGACY 0x04
 
 /*
  * NB: These values must align with the equivalently named macros in
@@ -124,6 +125,7 @@ void ffc_params_set_gindex(FFC_PARAMS *params, int index);
 void ffc_params_set_pcounter(FFC_PARAMS *params, int index);
 void ffc_params_set_h(FFC_PARAMS *params, int index);
 void ffc_params_set_flags(FFC_PARAMS *params, unsigned int flags);
+void ffc_params_enable_flags(FFC_PARAMS *params, unsigned int flags, int enable);
 int ffc_set_digest(FFC_PARAMS *params, const char *alg, const char *props);
 
 int ffc_params_set_validate_params(FFC_PARAMS *params,
diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c
index 0ea6ce7784..002cdec1f9 100644
--- a/providers/implementations/keymgmt/dh_kmgmt.c
+++ b/providers/implementations/keymgmt/dh_kmgmt.c
@@ -653,6 +653,8 @@ static void *dh_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
             goto end;
         if (gctx->priv_len > 0)
             DH_set_length(dh, (long)gctx->priv_len);
+        ffc_params_enable_flags(ffc, FFC_PARAM_FLAG_VALIDATE_LEGACY,
+                                gctx->gen_type == DH_PARAMGEN_TYPE_FIPS_186_2);
         if (DH_generate_key(dh) <= 0)
             goto end;
     }
diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c
index d9c6007650..855fa18c38 100644
--- a/providers/implementations/keymgmt/dsa_kmgmt.c
+++ b/providers/implementations/keymgmt/dsa_kmgmt.c
@@ -529,6 +529,8 @@ static void *dsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
                                          gencb) <= 0)
              goto end;
     }
+    ffc_params_enable_flags(ffc, FFC_PARAM_FLAG_VALIDATE_LEGACY,
+                            gctx->gen_type == DSA_PARAMGEN_TYPE_FIPS_186_2);
     if ((gctx->selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) {
         if (ffc->p == NULL
             || ffc->q == NULL
diff --git a/test/recipes/15-test_gendsa.t b/test/recipes/15-test_gendsa.t
index 4344cde95c..4dc387cac5 100644
--- a/test/recipes/15-test_gendsa.t
+++ b/test/recipes/15-test_gendsa.t
@@ -19,7 +19,7 @@ setup("test_gendsa");
 plan skip_all => "This test is unsupported in a no-dsa build"
     if disabled("dsa");
 
-plan tests => 8;
+plan tests => 10;
 
 ok(run(app([ 'openssl', 'genpkey', '-genparam',
              '-algorithm', 'DSA',
@@ -40,6 +40,13 @@ ok(run(app([ 'openssl', 'genpkey', '-genparam',
              '-text'])),
    "genpkey DSA params fips186_2");
 
+ok(run(app([ 'openssl', 'genpkey', '-genparam',
+             '-algorithm', 'DSA',
+             '-pkeyopt', 'type:fips186_2',
+             '-pkeyopt', 'dsa_paramgen_bits:1024',
+             '-out', 'dsagen.legacy.pem'])),
+   "genpkey DSA params fips186_2 PEM");
+
 ok(!run(app([ 'openssl', 'genpkey', '-algorithm', 'DSA',
              '-pkeyopt', 'type:group',
              '-text'])),
@@ -62,6 +69,12 @@ ok(run(app([ 'openssl', 'genpkey', '-genparam',
              '-out', 'dsagen.der'])),
    "genpkey DSA params fips186_4 DER");
 
+ok(run(app([ 'openssl', 'genpkey',
+             '-paramfile', 'dsagen.legacy.pem',
+             '-pkeyopt', 'type:fips186_2',
+             '-text'])),
+   "genpkey DSA fips186_2 with PEM params");
+
 # The seed and counter should be the ones generated from the param generation
 # Just put some dummy ones in to show it works.
 ok(run(app([ 'openssl', 'genpkey',

From builds at travis-ci.com  Mon Aug 17 15:41:09 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 17 Aug 2020 15:41:09 +0000
Subject: Still Failing: openssl/openssl#36727 (master - 6c4e2e5)
In-Reply-To: <openssl/openssl+179969071+still failing@travis-ci.com>
Message-ID: <5f3aa5149fbc0_13fb3bf2aa1a4361910@travis-pro-tasks-9bbbddff4-ht92g.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36727
Status: Still Failing

Duration: 1 hr, 25 mins, and 2 secs
Commit: 6c4e2e5 (master)
Author: Shane Lontis
Message: Fix broken windows builds.

A miscellaneous '\' was accidently added to set FIPSKEY=$(FIPSKEY) which was causing some
external CI build loops to not produce test results.
It looks like it was accidently copied from the unix variant which requires the '\'.
Thanks to Wolfgang Beck for tracking down the issue.

Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12661)

View the changeset: https://github.com/openssl/openssl/compare/bfa6aaab45c3...6c4e2e52d87d

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179969071?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200817/5a342754/attachment-0001.html>

From builds at travis-ci.com  Mon Aug 17 16:49:37 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 17 Aug 2020 16:49:37 +0000
Subject: Still Failing: openssl/openssl#36728 (master - 38145fb)
In-Reply-To: <openssl/openssl+179969889+still failing@travis-ci.com>
Message-ID: <5f3ab521345f9_13f9aabbc2e80444c3@travis-pro-tasks-58f8b8db4f-8sbkw.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36728
Status: Still Failing

Duration: 1 hr, 34 mins, and 18 secs
Commit: 38145fb (master)
Author: Shane Lontis
Message: Fix DSA/DH so that legacy keys can still be generated by the default provider

Fixes #12589

The 'type' parameter needed to be propagated to the ffc params during keygen,
so that the simple validation of params done during keygen can handle legacy keys for the default provider.
The fips provider ignores this change and only allows fips186-4 approved sizes.

Reviewed-by: Nicola Tuveri <nic.tuv at gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12623)

View the changeset: https://github.com/openssl/openssl/compare/6c4e2e52d87d...38145fba0a5f

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/179969889?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200817/cd731e23/attachment.html>

From openssl at openssl.org  Mon Aug 17 21:06:16 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 17 Aug 2020 21:06:16 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-ui-console
Message-ID: <1597698376.619572.16038.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ui-console

Commit log since last time:

ebe3f24b3d provider: disable fall-backs if OSSL_PROVIDER_load() fails.
0e53cd5207 PKCS#12 KDF: don't run tests with the FIPS provider.
b7466c1303 Move PKCS#12 KDF to provider.
c19e6da9a3 Appease -Werror=stringop-overflow=
cddbcf0d28 Remove needless #ifndef OPENSSL_NO_SOCK for X509_{CRL_}load_http
ea9f6890eb sslapitest: Add test for premature call of SSL_export_keying_material
dffeec1c10 Avoid segfault in SSL_export_keying_material if there is no session
dd0164e756 Mark SSL_CTX_set_ssl_version() as deprecated in 3.0

Build log ended with (last 100 lines):

    #   Failed test 'p10cr csr empty file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -csr wrong.csr.pem => 139
    not ok 78 - p10cr wrong csr
# ------------------------------------------------------------------------------
    #   Failed test 'p10cr wrong csr'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -revreason 5 => 139
    not ok 79 - ir + ignored revocation
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 139
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 139
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 139
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' => 139
    not ok 86 - kur newkey is directory
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139
    not ok 89 - kur oldcert is directory
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert is directory'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139
    not ok 90 - kur oldcert not existing
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert not existing'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139
    not ok 91 - kur empty oldcert file
# ------------------------------------------------------------------------------
    #   Failed test 'kur empty oldcert file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139
    not ok 92 - kur command without cert and oldcert
# ------------------------------------------------------------------------------
    #   Failed test 'kur command without cert and oldcert'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 65 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-ui-console/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=208, Tests=3308, 927 wallclock secs (13.67 usr  1.44 sys + 814.06 cusr 66.83 csys = 896.00 CPU)
Result: FAIL
Makefile:3176: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-ui-console'
Makefile:3174: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Mon Aug 17 21:33:24 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 17 Aug 2020 21:33:24 +0000
Subject: Build failed: openssl master.36193
Message-ID: <20200817213324.1.6622973686A47200@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200817/485dd9a1/attachment.html>

From openssl at openssl.org  Mon Aug 17 23:32:30 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 17 Aug 2020 23:32:30 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 enable-fuzz-afl no-shared no-module
Message-ID: <1597707150.110296.30184.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module

Commit log since last time:

ebe3f24b3d provider: disable fall-backs if OSSL_PROVIDER_load() fails.
0e53cd5207 PKCS#12 KDF: don't run tests with the FIPS provider.
b7466c1303 Move PKCS#12 KDF to provider.
c19e6da9a3 Appease -Werror=stringop-overflow=
cddbcf0d28 Remove needless #ifndef OPENSSL_NO_SOCK for X509_{CRL_}load_http
ea9f6890eb sslapitest: Add test for premature call of SSL_export_keying_material
dffeec1c10 Avoid segfault in SSL_export_keying_material if there is no session
dd0164e756 Mark SSL_CTX_set_ssl_version() as deprecated in 3.0

Build log ended with (last 100 lines):

../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock credentials' -proxy '' -no_proxy 127.0.0.1 -cert "" -key "" -keypass "" -unprotected_requests => 0
    not ok 38 - unprotected request
# ------------------------------------------------------------------------------
    #   Failed test 'unprotected request'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 3 tests of 38.
not ok 5 - CMP app CLI Mock credentials
# ------------------------------------------------------------------------------
OPENSSL_FUNC:../openssl/apps/cmp.c:3059:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2835:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2172:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2216:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 43 - popo RAVERIFIED
# ------------------------------------------------------------------------------
OPENSSL_FUNC:../openssl/apps/cmp.c:3059:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2835:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2172:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2216:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 47 - popo NONE
# ------------------------------------------------------------------------------
    #   Failed test 'popo NONE'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
OPENSSL_FUNC:../openssl/apps/cmp.c:3059:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2835:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2172:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2216:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 2 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 48 - popo KEYENC not supported
# ------------------------------------------------------------------------------
    # Looks like you failed 3 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/enable-fuzz-afl/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 3 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 3 (wstat 768, 0x300)
Failed 3/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ skipped: Test only supported in a shared build
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 768 Tests: 7 Failed: 3)
  Failed tests:  4-5, 7
  Non-zero exit status: 3
Files=208, Tests=2994, 769 wallclock secs (10.26 usr  1.15 sys + 706.60 cusr 53.55 csys = 771.56 CPU)
Result: FAIL
Makefile:2420: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-fuzz-afl'
Makefile:2418: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Tue Aug 18 00:29:38 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Tue, 18 Aug 2020 00:29:38 +0000
Subject: Build failed: openssl master.36200
Message-ID: <20200818002938.1.54B663470E63A65A@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200818/18a314ad/attachment.html>

From no-reply at appveyor.com  Tue Aug 18 03:35:21 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Tue, 18 Aug 2020 03:35:21 +0000
Subject: Build failed: openssl master.36206
Message-ID: <20200818033521.1.E210224D3C683F04@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200818/0f8e711c/attachment.html>

From openssl at openssl.org  Tue Aug 18 05:51:34 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 18 Aug 2020 05:51:34 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-posix-io
Message-ID: <1597729894.222379.17366.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-posix-io

Commit log since last time:

ebe3f24b3d provider: disable fall-backs if OSSL_PROVIDER_load() fails.
0e53cd5207 PKCS#12 KDF: don't run tests with the FIPS provider.
b7466c1303 Move PKCS#12 KDF to provider.
c19e6da9a3 Appease -Werror=stringop-overflow=
cddbcf0d28 Remove needless #ifndef OPENSSL_NO_SOCK for X509_{CRL_}load_http
ea9f6890eb sslapitest: Add test for premature call of SSL_export_keying_material
dffeec1c10 Avoid segfault in SSL_export_keying_material if there is no session
dd0164e756 Mark SSL_CTX_set_ssl_version() as deprecated in 3.0

Build log ended with (last 100 lines):

rm -f doc/man/man1/CA.pl.1 doc/man/man1/openssl-asn1parse.1 doc/man/man1/openssl-ca.1 doc/man/man1/openssl-ciphers.1 doc/man/man1/openssl-cmds.1 doc/man/man1/openssl-cmp.1 doc/man/man1/openssl-cms.1 doc/man/man1/openssl-crl.1 doc/man/man1/openssl-crl2pkcs7.1 doc/man/man1/openssl-dgst.1 doc/man/man1/openssl-dhparam.1 doc/man/man1/openssl-dsa.1 doc/man/man1/openssl-dsaparam.1 doc/man/man1/openssl-ec.1 doc/man/man1/openssl-ecparam.1 doc/man/man1/openssl-enc.1 doc/man/man1/openssl-engine.1 doc/man/man1/openssl-errstr.1 doc/man/man1/openssl-fipsinstall.1 doc/man/man1/openssl-gendsa.1 doc/man/man1/openssl-genpkey.1 doc/man/man1/openssl-genrsa.1 doc/man/man1/openssl-info.1 doc/man/man1/openssl-kdf.1 doc/man/man1/openssl-list.1 doc/man/man1/openssl-mac.1 doc/man/man1/openssl-nseq.1 doc/man/man1/openssl-ocsp.1 doc/man/man1/openssl-passwd.1 doc/man/man1/openssl-pkcs12.1 doc/man/man1/openssl-pkcs7.1 doc/man/man1/openssl-pkcs8.1 doc/man/man1/openssl-pkey.1 doc/man/man1/openssl-pkeyparam.1 doc/man/man1/openssl-pkeyutl.1 doc/man/man1/openssl-prime.1 doc/man/man1/openssl-provider.1 doc/man/man1/openssl-rand.1 doc/man/man1/openssl-rehash.1 doc/man/man1/openssl-req.1 doc/man/man1/openssl-rsa.1 doc/man/man1/openssl-rsautl.1 doc/man/man1/openssl-s_client.1 doc/man/man1/openssl-s_server.1 doc/man/man1/openssl-s_time.1 doc/man/man1/openssl-sess_id.1 doc/man/man1/openssl-smime.1 doc/man/man1/openssl-speed.1 doc/man/man1/openssl-spkac.1 doc/man/man1/openssl-srp.1 doc/man/man1/openssl-storeutl.1 doc/man/man1/openssl-ts.1 doc/man/man1/openssl-verify.1 doc/man/man1/openssl-version.1 doc/man/man1/openssl-x509.1 doc/man/man1/openssl.1 doc/man/man1/tsget.1 doc/man/man3/ADMISSIONS.3 doc/man/man3/ASN1_INTEGER_get_int64.3 doc/man/man3/ASN1_INTEGER_new.3 doc/man/man3/ASN1_ITEM_lookup.3 doc/man/man3/ASN1_OBJECT_new.3 doc/man/man3/ASN1_STRING_TABLE_add.3 doc/man/man3/ASN1_STRING_length.3 doc/man/man3/ASN1_STRING_new.3 doc/man/man3/ASN1_STRING_print_ex.3 doc/man/man3/ASN1_TIME_set.3 doc/man/man3/ASN1_TYPE_get.3 doc/man/man3/ASN1_generate_nconf.3 doc/man/man3/ASYNC_WAIT_CTX_new.3 doc/man/man3/ASYNC_start_job.3 doc/man/man3/BF_encrypt.3 doc/man/man3/BIO_ADDR.3 doc/man/man3/BIO_ADDRINFO.3 doc/man/man3/BIO_connect.3 doc/man/man3/BIO_ctrl.3 doc/man/man3/BIO_f_base64.3 doc/man/man3/BIO_f_buffer.3 doc/man/man3/BIO_f_cipher.3 doc/man/man3/BIO_f_md.3 doc/man/man3/BIO_f_null.3 doc/man/man3/BIO_f_prefix.3 doc/man/man3/BIO_f_ssl.3 doc/man/man3/BIO_find_type.3 doc/man/man3/BIO_get_data.3 doc/man/man3/BIO_get_ex_new_index.3 doc/man/man3/BIO_meth_new.3 doc/man/man3/BIO_new.3 doc/man/man3/BIO_new_CMS.3 doc/man/man3/BIO_parse_hostserv.3 doc/man/man3/BIO_printf.3 doc/man/man3/BIO_push.3 doc/man/man3/BIO_read.3 doc/man/man3/BIO_s_accept.3 doc/man/man3/BIO_s_bio.3 doc/man/man3/BIO_s_connect.3 doc/man/man3/BIO_s_fd.3 doc/man/man3/BIO_s_file.3 doc/man/man3/BIO_s_mem.3 doc/man/man3/BIO_s_null.3 doc/man/man3/BIO_s_socket.3 doc/man/man3/BIO_set_callback.3 doc/man/man3/BIO_should_retry.3 doc/man/man3/BIO_socket_wait.3 doc/man/man3/BN_BLINDING_new.3 doc/man/man3/BN_CTX_new.3 doc/man/man3/BN_CTX_start.3 doc/man/man3/BN_add.3 doc/man/man3/BN_add_word.3 doc/man/man3/BN_bn2bin.3 doc/man/man3/BN_cmp.3 doc/man/man3/BN_copy.3 doc/man/man3/BN_generate_prime.3 doc/man/man3/BN_mod_inverse.3 doc/man/man3/BN_mod_mul_montgomery.3 doc/man/man3/BN_mod_mul_reciprocal.3 doc/man/man3/BN_new.3 doc/man/man3/BN_num_bytes.3 doc/man/man3/BN_rand.3 doc/man/man3/BN_security_bits.3 doc/man/man3/BN_set_bit.3 doc/man/man3/BN_swap.3 doc/man/man3/BN_zero.3 doc/man/man3/BUF_MEM_new.3 doc/man/man3/CMS_EncryptedData_decrypt.3 doc/man/man3/CMS_EncryptedData_encrypt.3 doc/man/man3/CMS_EnvelopedData_create.3 doc/man/man3/CMS_add0_cert.3 doc/man/man3/CMS_add1_recipient_cert.3 doc/man/man3/CMS_add1_signer.3 doc/man/man3/CMS_compress.3 doc/man/man3/CMS_data_create.3 doc/man/man3/CMS_decrypt.3 doc/man/man3/CMS_digest_create.3 doc/man/man3/CMS_encrypt.3 doc/man/man3/CMS_final.3 doc/man/man3/CMS_get0_RecipientInfos.3 doc/man/man3/CMS_get0_SignerInfos.3 doc/man/man3/CMS_get0_type.3 doc/man/man3/CMS_get1_ReceiptRequest.3 doc/man/man3/CMS_sign.3 doc/man/man3/CMS_sign_receipt.3 doc/man/man3/CMS_uncompress.3 doc/man/man3/CMS_verify.3 doc/man/man3/CMS_verify_receipt.3 doc/man/man3/CONF_modules_free.3 doc/man/man3/CONF_modules_load_file.3 doc/man/man3/CRYPTO_THREAD_run_once.3 doc/man/man3/CRYPTO_get_ex_new_index.3 doc/man/man3/CRYPTO_memcmp.3 doc/man/man3/CTLOG_STORE_get0_log_by_id.3 doc/man/man3/CTLOG_STORE_new.3 doc/man/man3/CTLOG_new.3 doc/man/man3/CT_POLICY_EVAL_CTX_new.3 doc/man/man3/DEFINE_STACK_OF.3 doc/man/man3/DES_random_key.3 doc/man/man3/DH_generate_key.3 doc/man/man3/DH_generate_parameters.3 doc/man/man3/DH_get0_pqg.3 doc/man/man3/DH_get_1024_160.3 doc/man/man3/DH_meth_new.3 doc/man/man3/DH_new.3 doc/man/man3/DH_new_by_nid.3 doc/man/man3/DH_set_method.3 doc/man/man3/DH_size.3 doc/man/man3/DSA_SIG_new.3 doc/man/man3/DSA_do_sign.3 doc/man/man3/DSA_dup_DH.3 doc/man/man3/DSA_generate_key.3 doc/man/man3/DSA_generate_parameters.3 doc/man/man3/DSA_get0_pqg.3 doc/man/man3/DSA_meth_new.3 doc/man/man3/DSA_new.3 doc/man/man3/DSA_set_method.3 doc/man/man3/DSA_sign.3 doc/man/man3/DSA_size.3 doc/man/man3/DTLS_get_data_mtu.3 doc/man/man3/DTLS_set_timer_cb.3 doc/man/man3/DTLSv1_listen.3 doc/man/man3/ECDSA_SIG_new.3 doc/man/man3/ECPKParameters_print.3 doc/man/man3/EC_GFp_simple_method.3 doc/man/man3/EC_GROUP_copy.3 doc/man/man3/EC_GROUP_new.3 doc/man/man3/EC_KEY_get_enc_flags.3 doc/man/man3/EC_KEY_new.3 doc/man/man3/EC_POINT_add.3 doc/man/man3/EC_POINT_new.3 doc/man/man3/ENGINE_add.3 doc/man/man3/ERR_GET_LIB.3 doc/man/man3/ERR_clear_error.3 doc/man/man3/ERR_error_string.3 doc/man/man3/ERR_get_error.3 doc/man/man3/ERR_load_crypto_strings.3 doc/man/man3/ERR_load_strings.3 doc/man/man3/ERR_new.3 doc/man/man3/ERR_print_errors.3 doc/man/man3/ERR_put_error.3 doc/man/man3/ERR_remove_state.3 doc/man/man3/ERR_set_mark.3 doc/man/man3/EVP_ASYM_CIPHER_free.3 doc/man/man3/EVP_BytesToKey.3 doc/man/man3/EVP_CIPHER_CTX_get_cipher_data.3 doc/man/man3/EVP_CIPHER_CTX_get_iv.3 doc/man/man3/EVP_CIPHER_meth_new.3 doc/man/man3/EVP_DigestInit.3 doc/man/man3/EVP_DigestSignInit.3 doc/man/man3/EVP_DigestVerifyInit.3 doc/man/man3/EVP_EncodeInit.3 doc/man/man3/EVP_EncryptInit.3 doc/man/man3/EVP_KDF.3 doc/man/man3/EVP_KEYEXCH_free.3 doc/man/man3/EVP_KEYMGMT.3 doc/man/man3/EVP_MAC.3 doc/man/man3/EVP_MD_meth_new.3 doc/man/man3/EVP_OpenInit.3 doc/man/man3/EVP_PKEY_ASN1_METHOD.3 doc/man/man3/EVP_PKEY_CTX_ctrl.3 doc/man/man3/EVP_PKEY_CTX_new.3 doc/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3 doc/man/man3/EVP_PKEY_CTX_set_hkdf_md.3 doc/man/man3/EVP_PKEY_CTX_set_params.3 doc/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3 doc/man/man3/EVP_PKEY_CTX_set_scrypt_N.3 doc/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3 doc/man/man3/EVP_PKEY_asn1_get_count.3 doc/man/man3/EVP_PKEY_check.3 doc/man/man3/EVP_PKEY_copy_parameters.3 doc/man/man3/EVP_PKEY_decrypt.3 doc/man/man3/EVP_PKEY_derive.3 doc/man/man3/EVP_PKEY_encrypt.3 doc/man/man3/EVP_PKEY_fromdata.3 doc/man/man3/EVP_PKEY_gen.3 doc/man/man3/EVP_PKEY_get_default_digest_nid.3 doc/man/man3/EVP_PKEY_gettable_params.3 doc/man/man3/EVP_PKEY_is_a.3 doc/man/man3/EVP_PKEY_meth_get_count.3 doc/man/man3/EVP_PKEY_meth_new.3 doc/man/man3/EVP_PKEY_new.3 doc/man/man3/EVP_PKEY_print_private.3 doc/man/man3/EVP_PKEY_set1_RSA.3 doc/man/man3/EVP_PKEY_set_type.3 doc/man/man3/EVP_PKEY_sign.3 doc/man/man3/EVP_PKEY_size.3 doc/man/man3/EVP_PKEY_supports_digest_nid.3 doc/man/man3/EVP_PKEY_verify.3 doc/man/man3/EVP_PKEY_verify_recover.3 doc/man/man3/EVP_RAND.3 doc/man/man3/EVP_SIGNATURE_free.3 doc/man/man3/EVP_SealInit.3 doc/man/man3/EVP_SignInit.3 doc/man/man3/EVP_VerifyInit.3 doc/man/man3/EVP_aes_128_gcm.3 doc/man/man3/EVP_aria_128_gcm.3 doc/man/man3/EVP_bf_cbc.3 doc/man/man3/EVP_blake2b512.3 doc/man/man3/EVP_camellia_128_ecb.3 doc/man/man3/EVP_cast5_cbc.3 doc/man/man3/EVP_chacha20.3 doc/man/man3/EVP_des_cbc.3 doc/man/man3/EVP_desx_cbc.3 doc/man/man3/EVP_idea_cbc.3 doc/man/man3/EVP_md2.3 doc/man/man3/EVP_md4.3 doc/man/man3/EVP_md5.3 doc/man/man3/EVP_mdc2.3 doc/man/man3/EVP_rc2_cbc.3 doc/man/man3/EVP_rc4.3 doc/man/man3/EVP_rc5_32_12_16_cbc.3 doc/man/man3/EVP_ripemd160.3 doc/man/man3/EVP_seed_cbc.3 doc/man/man3/EVP_set_default_properties.3 doc/man/man3/EVP_sha1.3 doc/man/man3/EVP_sha224.3 doc/man/man3/EVP_sha3_224.3 doc/man/man3/EVP_sm3.3 doc/man/man3/EVP_sm4_cbc.3 doc/man/man3/EVP_whirlpool.3 doc/man/man3/HMAC.3 doc/man/man3/MD5.3 doc/man/man3/MDC2_Init.3 doc/man/man3/NCONF_new_with_libctx.3 doc/man/man3/OBJ_nid2obj.3 doc/man/man3/OCSP_REQUEST_new.3 doc/man/man3/OCSP_cert_to_id.3 doc/man/man3/OCSP_request_add1_nonce.3 doc/man/man3/OCSP_resp_find_status.3 doc/man/man3/OCSP_response_status.3 doc/man/man3/OCSP_sendreq_new.3 doc/man/man3/OPENSSL_Applink.3 doc/man/man3/OPENSSL_CTX.3 doc/man/man3/OPENSSL_FILE.3 doc/man/man3/OPENSSL_LH_COMPFUNC.3 doc/man/man3/OPENSSL_LH_stats.3 doc/man/man3/OPENSSL_config.3 doc/man/man3/OPENSSL_fork_prepare.3 doc/man/man3/OPENSSL_hexchar2int.3 doc/man/man3/OPENSSL_ia32cap.3 doc/man/man3/OPENSSL_init_crypto.3 doc/man/man3/OPENSSL_init_ssl.3 doc/man/man3/OPENSSL_instrument_bus.3 doc/man/man3/OPENSSL_load_builtin_modules.3 doc/man/man3/OPENSSL_malloc.3 doc/man/man3/OPENSSL_s390xcap.3 doc/man/man3/OPENSSL_secure_malloc.3 doc/man/man3/OSSL_CMP_CTX_new.3 doc/man/man3/OSSL_CMP_HDR_get0_transactionID.3 doc/man/man3/OSSL_CMP_ITAV_set0.3 doc/man/man3/OSSL_CMP_MSG_get0_header.3 doc/man/man3/OSSL_CMP_MSG_http_perform.3 doc/man/man3/OSSL_CMP_SRV_CTX_new.3 doc/man/man3/OSSL_CMP_STATUSINFO_new.3 doc/man/man3/OSSL_CMP_exec_certreq.3 doc/man/man3/OSSL_CMP_log_open.3 doc/man/man3/OSSL_CMP_validate_msg.3 doc/man/man3/OSSL_CRMF_MSG_get0_tmpl.3 doc/man/man3/OSSL_CRMF_MSG_set0_validity.3 doc/man/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.3 doc/man/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.3 doc/man/man3/OSSL_CRMF_pbmp_new.3 doc/man/man3/OSSL_DESERIALIZER.3 doc/man/man3/OSSL_DESERIALIZER_CTX.3 doc/man/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_DESERIALIZER_from_bio.3 doc/man/man3/OSSL_HTTP_transfer.3 doc/man/man3/OSSL_PARAM.3 doc/man/man3/OSSL_PARAM_BLD.3 doc/man/man3/OSSL_PARAM_allocate_from_text.3 doc/man/man3/OSSL_PARAM_int.3 doc/man/man3/OSSL_PROVIDER.3 doc/man/man3/OSSL_SELF_TEST_new.3 doc/man/man3/OSSL_SELF_TEST_set_callback.3 doc/man/man3/OSSL_SERIALIZER.3 doc/man/man3/OSSL_SERIALIZER_CTX.3 doc/man/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_SERIALIZER_to_bio.3 doc/man/man3/OSSL_STORE_INFO.3 doc/man/man3/OSSL_STORE_LOADER.3 doc/man/man3/OSSL_STORE_SEARCH.3 doc/man/man3/OSSL_STORE_attach.3 doc/man/man3/OSSL_STORE_expect.3 doc/man/man3/OSSL_STORE_open.3 doc/man/man3/OSSL_trace_enabled.3 doc/man/man3/OSSL_trace_get_category_num.3 doc/man/man3/OSSL_trace_set_channel.3 doc/man/man3/OpenSSL_add_all_algorithms.3 doc/man/man3/OpenSSL_version.3 doc/man/man3/PEM_X509_INFO_read_bio_with_libctx.3 doc/man/man3/PEM_bytes_read_bio.3 doc/man/man3/PEM_read.3 doc/man/man3/PEM_read_CMS.3 doc/man/man3/PEM_read_bio_PrivateKey.3 doc/man/man3/PEM_read_bio_ex.3 doc/man/man3/PEM_write_bio_CMS_stream.3 doc/man/man3/PEM_write_bio_PKCS7_stream.3 doc/man/man3/PKCS12_SAFEBAG_create_cert.3 doc/man/man3/PKCS12_SAFEBAG_get0_attrs.3 doc/man/man3/PKCS12_SAFEBAG_get1_cert.3 doc/man/man3/PKCS12_add1_attr_by_NID.3 doc/man/man3/PKCS12_add_CSPName_asc.3 doc/man/man3/PKCS12_add_cert.3 doc/man/man3/PKCS12_add_friendlyname_asc.3 doc/man/man3/PKCS12_add_localkeyid.3 doc/man/man3/PKCS12_add_safe.3 doc/man/man3/PKCS12_create.3 doc/man/man3/PKCS12_get_friendlyname.3 doc/man/man3/PKCS12_newpass.3 doc/man/man3/PKCS12_parse.3 doc/man/man3/PKCS5_PBKDF2_HMAC.3 doc/man/man3/PKCS7_decrypt.3 doc/man/man3/PKCS7_encrypt.3 doc/man/man3/PKCS7_sign.3 doc/man/man3/PKCS7_sign_add_signer.3 doc/man/man3/PKCS7_verify.3 doc/man/man3/PKCS8_pkey_add1_attr.3 doc/man/man3/RAND_add.3 doc/man/man3/RAND_bytes.3 doc/man/man3/RAND_cleanup.3 doc/man/man3/RAND_egd.3 doc/man/man3/RAND_get0_primary.3 doc/man/man3/RAND_load_file.3 doc/man/man3/RAND_set_rand_method.3 doc/man/man3/RC4_set_key.3 doc/man/man3/RIPEMD160_Init.3 doc/man/man3/RSA_blinding_on.3 doc/man/man3/RSA_check_key.3 doc/man/man3/RSA_generate_key.3 doc/man/man3/RSA_get0_key.3 doc/man/man3/RSA_meth_new.3 doc/man/man3/RSA_new.3 doc/man/man3/RSA_padding_add_PKCS1_type_1.3 doc/man/man3/RSA_print.3 doc/man/man3/RSA_private_encrypt.3 doc/man/man3/RSA_public_encrypt.3 doc/man/man3/RSA_set_method.3 doc/man/man3/RSA_sign.3 doc/man/man3/RSA_sign_ASN1_OCTET_STRING.3 doc/man/man3/RSA_size.3 doc/man/man3/SCT_new.3 doc/man/man3/SCT_print.3 doc/man/man3/SCT_validate.3 doc/man/man3/SHA256_Init.3 doc/man/man3/SMIME_read_ASN1.3 doc/man/man3/SMIME_read_CMS.3 doc/man/man3/SMIME_read_PKCS7.3 doc/man/man3/SMIME_write_ASN1.3 doc/man/man3/SMIME_write_CMS.3 doc/man/man3/SMIME_write_PKCS7.3 doc/man/man3/SRP_Calc_B.3 doc/man/man3/SRP_VBASE_new.3 doc/man/man3/SRP_create_verifier.3 doc/man/man3/SRP_user_pwd_new.3 doc/man/man3/SSL_CIPHER_get_name.3 doc/man/man3/SSL_COMP_add_compression_method.3 doc/man/man3/SSL_CONF_CTX_new.3 doc/man/man3/SSL_CONF_CTX_set1_prefix.3 doc/man/man3/SSL_CONF_CTX_set_flags.3 doc/man/man3/SSL_CONF_CTX_set_ssl_ctx.3 doc/man/man3/SSL_CONF_cmd.3 doc/man/man3/SSL_CONF_cmd_argv.3 doc/man/man3/SSL_CTX_add1_chain_cert.3 doc/man/man3/SSL_CTX_add_extra_chain_cert.3 doc/man/man3/SSL_CTX_add_session.3 doc/man/man3/SSL_CTX_config.3 doc/man/man3/SSL_CTX_ctrl.3 doc/man/man3/SSL_CTX_dane_enable.3 doc/man/man3/SSL_CTX_flush_sessions.3 doc/man/man3/SSL_CTX_free.3 doc/man/man3/SSL_CTX_get0_param.3 doc/man/man3/SSL_CTX_get_verify_mode.3 doc/man/man3/SSL_CTX_has_client_custom_ext.3 doc/man/man3/SSL_CTX_load_verify_locations.3 doc/man/man3/SSL_CTX_new.3 doc/man/man3/SSL_CTX_sess_number.3 doc/man/man3/SSL_CTX_sess_set_cache_size.3 doc/man/man3/SSL_CTX_sess_set_get_cb.3 doc/man/man3/SSL_CTX_sessions.3 doc/man/man3/SSL_CTX_set0_CA_list.3 doc/man/man3/SSL_CTX_set1_curves.3 doc/man/man3/SSL_CTX_set1_sigalgs.3 doc/man/man3/SSL_CTX_set1_verify_cert_store.3 doc/man/man3/SSL_CTX_set_alpn_select_cb.3 doc/man/man3/SSL_CTX_set_cert_cb.3 doc/man/man3/SSL_CTX_set_cert_store.3 doc/man/man3/SSL_CTX_set_cert_verify_callback.3 doc/man/man3/SSL_CTX_set_cipher_list.3 doc/man/man3/SSL_CTX_set_client_cert_cb.3 doc/man/man3/SSL_CTX_set_client_hello_cb.3 doc/man/man3/SSL_CTX_set_ct_validation_callback.3 doc/man/man3/SSL_CTX_set_ctlog_list_file.3 doc/man/man3/SSL_CTX_set_default_passwd_cb.3 doc/man/man3/SSL_CTX_set_generate_session_id.3 doc/man/man3/SSL_CTX_set_info_callback.3 doc/man/man3/SSL_CTX_set_keylog_callback.3 doc/man/man3/SSL_CTX_set_max_cert_list.3 doc/man/man3/SSL_CTX_set_min_proto_version.3 doc/man/man3/SSL_CTX_set_mode.3 doc/man/man3/SSL_CTX_set_msg_callback.3 doc/man/man3/SSL_CTX_set_num_tickets.3 doc/man/man3/SSL_CTX_set_options.3 doc/man/man3/SSL_CTX_set_psk_client_callback.3 doc/man/man3/SSL_CTX_set_quiet_shutdown.3 doc/man/man3/SSL_CTX_set_read_ahead.3 doc/man/man3/SSL_CTX_set_record_padding_callback.3 doc/man/man3/SSL_CTX_set_security_level.3 doc/man/man3/SSL_CTX_set_session_cache_mode.3 doc/man/man3/SSL_CTX_set_session_id_context.3 doc/man/man3/SSL_CTX_set_session_ticket_cb.3 doc/man/man3/SSL_CTX_set_split_send_fragment.3 doc/man/man3/SSL_CTX_set_srp_password.3 doc/man/man3/SSL_CTX_set_ssl_version.3 doc/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3 doc/man/man3/SSL_CTX_set_timeout.3 doc/man/man3/SSL_CTX_set_tlsext_servername_callback.3 doc/man/man3/SSL_CTX_set_tlsext_status_cb.3 doc/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3 doc/man/man3/SSL_CTX_set_tlsext_use_srtp.3 doc/man/man3/SSL_CTX_set_tmp_dh_callback.3 doc/man/man3/SSL_CTX_set_tmp_ecdh.3 doc/man/man3/SSL_CTX_set_verify.3 doc/man/man3/SSL_CTX_use_certificate.3 doc/man/man3/SSL_CTX_use_psk_identity_hint.3 doc/man/man3/SSL_CTX_use_serverinfo.3 doc/man/man3/SSL_SESSION_free.3 doc/man/man3/SSL_SESSION_get0_cipher.3 doc/man/man3/SSL_SESSION_get0_hostname.3 doc/man/man3/SSL_SESSION_get0_id_context.3 doc/man/man3/SSL_SESSION_get0_peer.3 doc/man/man3/SSL_SESSION_get_compress_id.3 doc/man/man3/SSL_SESSION_get_protocol_version.3 doc/man/man3/SSL_SESSION_get_time.3 doc/man/man3/SSL_SESSION_has_ticket.3 doc/man/man3/SSL_SESSION_is_resumable.3 doc/man/man3/SSL_SESSION_print.3 doc/man/man3/SSL_SESSION_set1_id.3 doc/man/man3/SSL_accept.3 doc/man/man3/SSL_alert_type_string.3 doc/man/man3/SSL_alloc_buffers.3 doc/man/man3/SSL_check_chain.3 doc/man/man3/SSL_clear.3 doc/man/man3/SSL_connect.3 doc/man/man3/SSL_do_handshake.3 doc/man/man3/SSL_export_keying_material.3 doc/man/man3/SSL_extension_supported.3 doc/man/man3/SSL_free.3 doc/man/man3/SSL_get0_peer_scts.3 doc/man/man3/SSL_get_SSL_CTX.3 doc/man/man3/SSL_get_all_async_fds.3 doc/man/man3/SSL_get_ciphers.3 doc/man/man3/SSL_get_client_random.3 doc/man/man3/SSL_get_current_cipher.3 doc/man/man3/SSL_get_default_timeout.3 doc/man/man3/SSL_get_error.3 doc/man/man3/SSL_get_extms_support.3 doc/man/man3/SSL_get_fd.3 doc/man/man3/SSL_get_peer_cert_chain.3 doc/man/man3/SSL_get_peer_certificate.3 doc/man/man3/SSL_get_peer_signature_nid.3 doc/man/man3/SSL_get_peer_tmp_key.3 doc/man/man3/SSL_get_psk_identity.3 doc/man/man3/SSL_get_rbio.3 doc/man/man3/SSL_get_session.3 doc/man/man3/SSL_get_shared_sigalgs.3 doc/man/man3/SSL_get_verify_result.3 doc/man/man3/SSL_get_version.3 doc/man/man3/SSL_in_init.3 doc/man/man3/SSL_key_update.3 doc/man/man3/SSL_library_init.3 doc/man/man3/SSL_load_client_CA_file.3 doc/man/man3/SSL_new.3 doc/man/man3/SSL_pending.3 doc/man/man3/SSL_read.3 doc/man/man3/SSL_read_early_data.3 doc/man/man3/SSL_rstate_string.3 doc/man/man3/SSL_session_reused.3 doc/man/man3/SSL_set1_host.3 doc/man/man3/SSL_set_async_callback.3 doc/man/man3/SSL_set_bio.3 doc/man/man3/SSL_set_connect_state.3 doc/man/man3/SSL_set_fd.3 doc/man/man3/SSL_set_session.3 doc/man/man3/SSL_set_shutdown.3 doc/man/man3/SSL_set_verify_result.3 doc/man/man3/SSL_shutdown.3 doc/man/man3/SSL_state_string.3 doc/man/man3/SSL_want.3 doc/man/man3/SSL_write.3 doc/man/man3/TS_VERIFY_CTX_set_certs.3 doc/man/man3/UI_STRING.3 doc/man/man3/UI_UTIL_read_pw.3 doc/man/man3/UI_create_method.3 doc/man/man3/UI_new.3 doc/man/man3/X509V3_get_d2i.3 doc/man/man3/X509_ALGOR_dup.3 doc/man/man3/X509_CRL_get0_by_serial.3 doc/man/man3/X509_EXTENSION_set_object.3 doc/man/man3/X509_LOOKUP.3 doc/man/man3/X509_LOOKUP_hash_dir.3 doc/man/man3/X509_LOOKUP_meth_new.3 doc/man/man3/X509_NAME_ENTRY_get_object.3 doc/man/man3/X509_NAME_add_entry_by_txt.3 doc/man/man3/X509_NAME_get0_der.3 doc/man/man3/X509_NAME_get_index_by_NID.3 doc/man/man3/X509_NAME_print_ex.3 doc/man/man3/X509_PUBKEY_new.3 doc/man/man3/X509_SIG_get0.3 doc/man/man3/X509_STORE_CTX_get_error.3 doc/man/man3/X509_STORE_CTX_new.3 doc/man/man3/X509_STORE_CTX_set_verify_cb.3 doc/man/man3/X509_STORE_add_cert.3 doc/man/man3/X509_STORE_get0_param.3 doc/man/man3/X509_STORE_new.3 doc/man/man3/X509_STORE_set_verify_cb_func.3 doc/man/man3/X509_VERIFY_PARAM_set_flags.3 doc/man/man3/X509_add_cert.3 doc/man/man3/X509_check_ca.3 doc/man/man3/X509_check_host.3 doc/man/man3/X509_check_issued.3 doc/man/man3/X509_check_private_key.3 doc/man/man3/X509_check_purpose.3 doc/man/man3/X509_cmp.3 doc/man/man3/X509_cmp_time.3 doc/man/man3/X509_digest.3 doc/man/man3/X509_dup.3 doc/man/man3/X509_get0_distinguishing_id.3 doc/man/man3/X509_get0_notBefore.3 doc/man/man3/X509_get0_signature.3 doc/man/man3/X509_get0_uids.3 doc/man/man3/X509_get_extension_flags.3 doc/man/man3/X509_get_pubkey.3 doc/man/man3/X509_get_serialNumber.3 doc/man/man3/X509_get_subject_name.3 doc/man/man3/X509_get_version.3 doc/man/man3/X509_load_http.3 doc/man/man3/X509_new.3 doc/man/man3/X509_sign.3 doc/man/man3/X509_verify.3 doc/man/man3/X509_verify_cert.3 doc/man/man3/X509v3_get_ext_by_NID.3 doc/man/man3/d2i_DHparams.3 doc/man/man3/d2i_PKCS8PrivateKey_bio.3 doc/man/man3/d2i_PrivateKey.3 doc/man/man3/d2i_SSL_SESSION.3 doc/man/man3/d2i_X509.3 doc/man/man3/i2d_CMS_bio_stream.3 doc/man/man3/i2d_PKCS7_bio_stream.3 doc/man/man3/i2d_re_X509_tbs.3 doc/man/man3/o2i_SCT_LIST.3 doc/man/man3/s2i_ASN1_IA5STRING.3 doc/man/man5/config.5 doc/man/man5/fips_config.5 doc/man/man5/x509v3_config.5 doc/man/man7/EVP_KDF-HKDF.7 doc/man/man7/EVP_KDF-KB.7 doc/man/man7/EVP_KDF-KRB5KDF.7 doc/man/man7/EVP_KDF-PBKDF2.7 doc/man/man7/EVP_KDF-PKCS12KDF.7 doc/man/man7/EVP_KDF-SCRYPT.7 doc/man/man7/EVP_KDF-SS.7 doc/man/man7/EVP_KDF-SSHKDF.7 doc/man/man7/EVP_KDF-TLS1_PRF.7 doc/man/man7/EVP_KDF-X942.7 doc/man/man7/EVP_KDF-X963.7 doc/man/man7/EVP_KEYEXCH-DH.7 doc/man/man7/EVP_KEYEXCH-ECDH.7 doc/man/man7/EVP_KEYEXCH-X25519.7 doc/man/man7/EVP_MAC-BLAKE2.7 doc/man/man7/EVP_MAC-CMAC.7 doc/man/man7/EVP_MAC-GMAC.7 doc/man/man7/EVP_MAC-HMAC.7 doc/man/man7/EVP_MAC-KMAC.7 doc/man/man7/EVP_MAC-Poly1305.7 doc/man/man7/EVP_MAC-Siphash.7 doc/man/man7/EVP_MD-BLAKE2.7 doc/man/man7/EVP_MD-MD2.7 doc/man/man7/EVP_MD-MD4.7 doc/man/man7/EVP_MD-MD5-SHA1.7 doc/man/man7/EVP_MD-MD5.7 doc/man/man7/EVP_MD-MDC2.7 doc/man/man7/EVP_MD-RIPEMD160.7 doc/man/man7/EVP_MD-SHA1.7 doc/man/man7/EVP_MD-SHA2.7 doc/man/man7/EVP_MD-SHA3.7 doc/man/man7/EVP_MD-SHAKE.7 doc/man/man7/EVP_MD-SM3.7 doc/man/man7/EVP_MD-WHIRLPOOL.7 doc/man/man7/EVP_MD-common.7 doc/man/man7/EVP_PKEY-DH.7 doc/man/man7/EVP_PKEY-DSA.7 doc/man/man7/EVP_PKEY-EC.7 doc/man/man7/EVP_PKEY-FFC.7 doc/man/man7/EVP_PKEY-RSA.7 doc/man/man7/EVP_PKEY-X25519.7 doc/man/man7/EVP_RAND-CTR-DRBG.7 doc/man/man7/EVP_RAND-HASH-DRBG.7 doc/man/man7/EVP_RAND-HMAC-DRBG.7 doc/man/man7/EVP_RAND-TEST-RAND.7 doc/man/man7/EVP_RAND.7 doc/man/man7/EVP_SIGNATURE-DSA.7 doc/man/man7/EVP_SIGNATURE-ECDSA.7 doc/man/man7/EVP_SIGNATURE-ED25519.7 doc/man/man7/EVP_SIGNATURE-RSA.7 doc/man/man7/OSSL_PROVIDER-FIPS.7 doc/man/man7/OSSL_PROVIDER-base.7 doc/man/man7/OSSL_PROVIDER-default.7 doc/man/man7/OSSL_PROVIDER-legacy.7 doc/man/man7/OSSL_PROVIDER-null.7 doc/man/man7/RAND.7 doc/man/man7/RSA-PSS.7 doc/man/man7/SM2.7 doc/man/man7/X25519.7 doc/man/man7/bio.7 doc/man/man7/crypto.7 doc/man/man7/ct.7 doc/man/man7/des_modes.7 doc/man/man7/evp.7 doc/man/man7/openssl-core.h.7 doc/man/man7/openssl-core_dispatch.h.7 doc/man/man7/openssl-core_names.h.7 doc/man/man7/openssl-env.7 doc/man/man7/openssl_user_macros.7 doc/man/man7/ossl_store-file.7 doc/man/man7/ossl_store.7 doc/man/man7/passphrase-encoding.7 doc/man/man7/property.7 doc/man/man7/provider-asym_cipher.7 doc/man/man7/provider-base.7 doc/man/man7/provider-cipher.7 doc/man/man7/provider-digest.7 doc/man/man7/provider-keyexch.7 doc/man/man7/provider-keymgmt.7 doc/man/man7/provider-mac.7 doc/man/man7/provider-rand.7 doc/man/man7/provider-serializer.7 doc/man/man7/provider-signature.7 doc/man/man7/provider.7 doc/man/man7/proxy-certificates.7 doc/man/man7/ssl.7 doc/man/man7/x509.7
rm -f apps/openssl fuzz/asn1-test fuzz/asn1parse-test fuzz/bignum-test fuzz/bndiv-test fuzz/client-test fuzz/cmp-test fuzz/cms-test fuzz/conf-test fuzz/crl-test fuzz/ct-test fuzz/server-test fuzz/x509-test test/aborttest test/acvp_test test/aesgcmtest test/afalgtest test/asn1_decode_test test/asn1_dsa_internal_test test/asn1_encode_test test/asn1_internal_test test/asn1_string_table_test test/asn1_time_test test/asynciotest test/asynctest test/bad_dtls_test test/bftest test/bio_callback_test test/bio_enc_test test/bio_memleak_test test/bio_prefix_text test/bioprinttest test/bn_internal_test test/bntest test/buildtest_c_aes test/buildtest_c_asn1 test/buildtest_c_asn1t test/buildtest_c_async test/buildtest_c_bio test/buildtest_c_blowfish test/buildtest_c_bn test/buildtest_c_buffer test/buildtest_c_camellia test/buildtest_c_cast test/buildtest_c_cmac test/buildtest_c_cmp test/buildtest_c_cmp_util test/buildtest_c_cms test/buildtest_c_comp test/buildtest_c_conf test/buildtest_c_conf_api test/buildtest_c_core test/buildtest_c_core_dispatch test/buildtest_c_core_names test/buildtest_c_crmf test/buildtest_c_crypto test/buildtest_c_ct test/buildtest_c_des test/buildtest_c_deserializer test/buildtest_c_dh test/buildtest_c_dsa test/buildtest_c_dtls1 test/buildtest_c_e_os2 test/buildtest_c_ebcdic test/buildtest_c_ec test/buildtest_c_ecdh test/buildtest_c_ecdsa test/buildtest_c_engine test/buildtest_c_ess test/buildtest_c_evp test/buildtest_c_fips_names test/buildtest_c_hmac test/buildtest_c_http test/buildtest_c_idea test/buildtest_c_kdf test/buildtest_c_lhash test/buildtest_c_macros test/buildtest_c_md4 test/buildtest_c_md5 test/buildtest_c_mdc2 test/buildtest_c_modes test/buildtest_c_obj_mac test/buildtest_c_objects test/buildtest_c_ocsp test/buildtest_c_ossl_typ test/buildtest_c_param_build test/buildtest_c_params test/buildtest_c_pem test/buildtest_c_pem2 test/buildtest_c_pkcs12 test/buildtest_c_pkcs7 test/buildtest_c_provider test/buildtest_c_rand test/buildtest_c_rc2 test/buildtest_c_rc4 test/buildtest_c_ripemd test/buildtest_c_rsa test/buildtest_c_safestack test/buildtest_c_seed test/buildtest_c_self_test test/buildtest_c_serializer test/buildtest_c_sha test/buildtest_c_srp test/buildtest_c_srtp test/buildtest_c_ssl test/buildtest_c_ssl2 test/buildtest_c_stack test/buildtest_c_store test/buildtest_c_symhacks test/buildtest_c_tls1 test/buildtest_c_ts test/buildtest_c_txt_db test/buildtest_c_types test/buildtest_c_ui test/buildtest_c_whrlpool test/buildtest_c_x509 test/buildtest_c_x509_vfy test/buildtest_c_x509v3 test/casttest test/chacha_internal_test test/cipher_overhead_test test/cipherbytes_test test/cipherlist_test test/ciphername_test test/clienthellotest test/cmactest test/cmp_asn_test test/cmp_client_test test/cmp_ctx_test test/cmp_hdr_test test/cmp_msg_test test/cmp_protect_test test/cmp_server_test test/cmp_status_test test/cmp_vfy_test test/cmsapitest test/conf_include_test test/confdump test/constant_time_test test/context_internal_test test/crltest test/ct_test test/ctype_internal_test test/curve448_internal_test test/d2i_test test/danetest test/destest test/dhtest test/drbgtest test/dsa_no_digest_size_test test/dsatest test/dtls_mtu_test test/dtlstest test/dtlsv1listentest test/ec_internal_test test/ecdsatest test/ecstresstest test/ectest test/enginetest test/errtest test/evp_extra_test test/evp_extra_test2 test/evp_fetch_prov_test test/evp_kdf_test test/evp_libctx_test test/evp_pkey_dparams_test test/evp_pkey_provided_test test/evp_test test/exdatatest test/exptest test/fatalerrtest test/ffc_internal_test test/gmdifftest test/gosttest test/hexstr_test test/hmactest test/http_test test/ideatest test/igetest test/keymgmt_internal_test test/lhash_test test/mdc2_internal_test test/mdc2test test/memleaktest test/modes_internal_test test/namemap_internal_test test/ocspapitest test/packettest test/param_build_test test/params_api_test test/params_conversion_test test/params_test test/pbelutest test/pemtest test/pkcs12_format_test test/pkey_meth_kdf_test test/pkey_meth_test test/poly1305_internal_test test/property_test test/provider_fallback_test test/provider_internal_test test/provider_status_test test/provider_test test/rc2test test/rc4test test/rc5test test/rdrand_sanitytest test/recordlentest test/rsa_complex test/rsa_mp_test test/rsa_sp800_56b_test test/rsa_test test/sanitytest test/secmemtest test/serdes_test test/servername_test test/shlibloadtest test/siphash_internal_test test/sm2_internal_test test/sm4_internal_test test/sparse_array_test test/srptest test/ssl_cert_table_internal_test test/ssl_ctx_test test/ssl_test test/ssl_test_ctx_test test/sslapitest test/sslbuffertest test/sslcorrupttest test/ssltest_old test/stack_test test/sysdefaulttest test/test_test test/threadstest test/time_offset_test test/tls13ccstest test/tls13encryptiontest test/tls13secretstest test/uitest test/v3ext test/v3nametest test/verify_extra_test test/versions test/wpackettest test/x509_check_cert_pkey_test test/x509_dup_cert_test test/x509_internal_test test/x509_time_test test/x509aux  engines/afalg.so engines/capi.so engines/dasync.so engines/ossltest.so engines/padlock.so providers/fips.so providers/legacy.so test/p_test.so apps/CA.pl apps/tsget.pl tools/c_rehash util/shlib_wrap.sh
rm -f doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod include/crypto/bn_conf.h include/crypto/dso_conf.h include/openssl/configuration.h include/openssl/fipskey.h include/openssl/opensslv.h test/provider_internal_test.cnf apps/CA.pl apps/progs.c apps/progs.h apps/tsget.pl crypto/aes/aes-x86_64.s crypto/aes/aesni-mb-x86_64.s crypto/aes/aesni-sha1-x86_64.s crypto/aes/aesni-sha256-x86_64.s crypto/aes/aesni-x86_64.s crypto/aes/bsaes-x86_64.s crypto/aes/vpaes-x86_64.s crypto/bn/rsaz-avx2.s crypto/bn/rsaz-x86_64.s crypto/bn/x86_64-gf2m.s crypto/bn/x86_64-mont.s crypto/bn/x86_64-mont5.s crypto/buildinf.h crypto/camellia/cmll-x86_64.s crypto/chacha/chacha-x86_64.s crypto/ec/ecp_nistz256-x86_64.s crypto/ec/x25519-x86_64.s crypto/md5/md5-x86_64.s crypto/modes/aesni-gcm-x86_64.s crypto/modes/ghash-x86_64.s crypto/poly1305/poly1305-x86_64.s crypto/rc4/rc4-md5-x86_64.s crypto/rc4/rc4-x86_64.s crypto/sha/keccak1600-x86_64.s crypto/sha/sha1-mb-x86_64.s crypto/sha/sha1-x86_64.s crypto/sha/sha256-mb-x86_64.s crypto/sha/sha256-x86_64.s crypto/sha/sha512-x86_64.s crypto/whrlpool/wp-x86_64.s crypto/x86_64cpuid.s doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod engines/afalg.ld engines/capi.ld engines/dasync.ld engines/e_padlock-x86_64.s engines/ossltest.ld engines/padlock.ld libcrypto.ld libssl.ld providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_rsa_gen.c providers/common/der/der_wrap_gen.c providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_wrap.h providers/fips.ld providers/legacy.ld test/buildtest_aes.c test/buildtest_asn1.c test/buildtest_asn1t.c test/buildtest_async.c test/buildtest_bio.c test/buildtest_blowfish.c test/buildtest_bn.c test/buildtest_buffer.c test/buildtest_camellia.c test/buildtest_cast.c test/buildtest_cmac.c test/buildtest_cmp.c test/buildtest_cmp_util.c test/buildtest_cms.c test/buildtest_comp.c test/buildtest_conf.c test/buildtest_conf_api.c test/buildtest_core.c test/buildtest_core_dispatch.c test/buildtest_core_names.c test/buildtest_crmf.c test/buildtest_crypto.c test/buildtest_ct.c test/buildtest_des.c test/buildtest_deserializer.c test/buildtest_dh.c test/buildtest_dsa.c test/buildtest_dtls1.c test/buildtest_e_os2.c test/buildtest_ebcdic.c test/buildtest_ec.c test/buildtest_ecdh.c test/buildtest_ecdsa.c test/buildtest_engine.c test/buildtest_ess.c test/buildtest_evp.c test/buildtest_fips_names.c test/buildtest_hmac.c test/buildtest_http.c test/buildtest_idea.c test/buildtest_kdf.c test/buildtest_lhash.c test/buildtest_macros.c test/buildtest_md4.c test/buildtest_md5.c test/buildtest_mdc2.c test/buildtest_modes.c test/buildtest_obj_mac.c test/buildtest_objects.c test/buildtest_ocsp.c test/buildtest_ossl_typ.c test/buildtest_param_build.c test/buildtest_params.c test/buildtest_pem.c test/buildtest_pem2.c test/buildtest_pkcs12.c test/buildtest_pkcs7.c test/buildtest_provider.c test/buildtest_rand.c test/buildtest_rc2.c test/buildtest_rc4.c test/buildtest_ripemd.c test/buildtest_rsa.c test/buildtest_safestack.c test/buildtest_seed.c test/buildtest_self_test.c test/buildtest_serializer.c test/buildtest_sha.c test/buildtest_srp.c test/buildtest_srtp.c test/buildtest_ssl.c test/buildtest_ssl2.c test/buildtest_stack.c test/buildtest_store.c test/buildtest_symhacks.c test/buildtest_tls1.c test/buildtest_ts.c test/buildtest_txt_db.c test/buildtest_types.c test/buildtest_ui.c test/buildtest_whrlpool.c test/buildtest_x509.c test/buildtest_x509_vfy.c test/buildtest_x509v3.c test/p_test.ld tools/c_rehash util/shlib_wrap.sh
rm -f `find . -name '*.d' \! -name '.*' \! -type d -print`
rm -f `find . -name '*.o' \! -name '.*' \! -type d -print`
rm -f core
rm -f tags TAGS doc-nits cmd-nits md-nits
rm -f -r test/test-runs
rm -f openssl.pc libcrypto.pc libssl.pc
rm -f `find . -type l \! -name '.*' -print`
rm -f ../openssl-3.0.0-alpha7-dev.tar
$ make depend
$ LDCMD= make -j4
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-asn1parse.pod.in > doc/man1/openssl-asn1parse.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ca.pod.in > doc/man1/openssl-ca.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ciphers.pod.in > doc/man1/openssl-ciphers.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmds.pod.in > doc/man1/openssl-cmds.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmp.pod.in > doc/man1/openssl-cmp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cms.pod.in > doc/man1/openssl-cms.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl.pod.in > doc/man1/openssl-crl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-provider.pod.in > doc/man1/openssl-provider.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf
make depend && make _build_sw
make[1]: Entering directory '/home/openssl/run-checker/no-posix-io'
make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io'
make[1]: Entering directory '/home/openssl/run-checker/no-posix-io'
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c
../openssl/apps/lib/http_server.c:27:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations]
int multi = 0; /* run multiple responder processes */
    ^
1 error generated.
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c
Makefile:4171: recipe for target 'apps/lib/libapps-lib-http_server.o' failed
make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io'
Makefile:3141: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From no-reply at appveyor.com  Tue Aug 18 08:37:34 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Tue, 18 Aug 2020 08:37:34 +0000
Subject: Build completed: openssl master.36207
Message-ID: <20200818083734.1.C772070549FB1285@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200818/7c25e684/attachment.html>

From pauli at openssl.org  Tue Aug 18 10:00:23 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Tue, 18 Aug 2020 10:00:23 +0000
Subject: [openssl]  master update
Message-ID: <1597744823.115775.7380.nullmailer@dev.openssl.org>

The branch master has been updated
       via  c9dcbc0759be1e733273cc0b5602bdbbd3542b27 (commit)
      from  38145fba0a5f6163743f007dd6c9ba1a1e07e4f4 (commit)


- Log -----------------------------------------------------------------
commit c9dcbc0759be1e733273cc0b5602bdbbd3542b27
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Aug 17 15:40:00 2020 +1000

    Apps: change provider_path option to provider-path.
    
    The applications use '-' in options not '_'.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12662)

-----------------------------------------------------------------------

Summary of changes:
 apps/include/opt.h                  | 2 +-
 doc/man1/openssl-fipsinstall.pod.in | 2 +-
 doc/man1/openssl.pod                | 2 +-
 doc/perlvars.pm                     | 4 ++--
 test/recipes/15-test_genrsa.t       | 2 +-
 test/recipes/15-test_rsaoaep.t      | 2 +-
 test/recipes/20-test_enc.t          | 2 +-
 test/recipes/20-test_enc_more.t     | 2 +-
 test/recipes/80-test_cms.t          | 6 +++---
 9 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/apps/include/opt.h b/apps/include/opt.h
index ad629c0199..a35fe327cf 100644
--- a/apps/include/opt.h
+++ b/apps/include/opt.h
@@ -278,7 +278,7 @@
 
 # define OPT_PROV_OPTIONS \
         OPT_SECTION("Provider"), \
-        { "provider_path", OPT_PROV_PROVIDER_PATH, 's', "Provider load path (must be before 'provider' argument if required)" }, \
+        { "provider-path", OPT_PROV_PROVIDER_PATH, 's', "Provider load path (must be before 'provider' argument if required)" }, \
         { "provider", OPT_PROV_PROVIDER, 's', "Provider to load (can be specified multiple times)" }
 
 # define OPT_PROV_CASES \
diff --git a/doc/man1/openssl-fipsinstall.pod.in b/doc/man1/openssl-fipsinstall.pod.in
index ec83e0950f..8120fd299a 100644
--- a/doc/man1/openssl-fipsinstall.pod.in
+++ b/doc/man1/openssl-fipsinstall.pod.in
@@ -179,7 +179,7 @@ Corrupt any self tests which have the description C<SHA1>:
 Validate that the fips module can be loaded from a base configuration file:
 
  export OPENSSL_CONF_INCLUDE=<path of configuration files>
- export OPENSSL_MODULES=<provider_path>
+ export OPENSSL_MODULES=<provider-path>
  openssl fipsinstall -config' 'default.cnf'
 
 
diff --git a/doc/man1/openssl.pod b/doc/man1/openssl.pod
index 384dfb2e72..2c56cc278c 100644
--- a/doc/man1/openssl.pod
+++ b/doc/man1/openssl.pod
@@ -777,7 +777,7 @@ Use the provider identified by I<name> and use all the methods it
 implements (algorithms, key storage, etc.).  This option can be specified
 multiple time to load more than one provider.
 
-=item B<-provider_path> I<path>
+=item B<-provider-path> I<path>
 
 Specify the search I<path> that is used to locate provider modules.  The format
 of I<path> varies depending on the operating system being used.
diff --git a/doc/perlvars.pm b/doc/perlvars.pm
index 978c206e25..567cc0744a 100644
--- a/doc/perlvars.pm
+++ b/doc/perlvars.pm
@@ -93,11 +93,11 @@ $OpenSSL::safe::opt_r_item = ""
 # Provider options
 $OpenSSL::safe::opt_provider_synopsis = ""
 . "[B<-provider> I<name>]\n"
-. "[B<-provider_path> I<path>]";
+. "[B<-provider-path> I<path>]";
 $OpenSSL::safe::opt_provider_item = ""
 . "=item B<-provider> I<name>\n"
 . "\n"
-. "=item B<-provider_path> I<path>\n"
+. "=item B<-provider-path> I<path>\n"
 . "\n"
 . "See L<openssl(1)/Provider Options>.";
 
diff --git a/test/recipes/15-test_genrsa.t b/test/recipes/15-test_genrsa.t
index b206267aad..90880be9fc 100644
--- a/test/recipes/15-test_genrsa.t
+++ b/test/recipes/15-test_genrsa.t
@@ -119,7 +119,7 @@ ok(!run(app([ 'openssl', 'genpkey', '-algorithm', 'RSA',
 unless ($no_fips) {
     my $provconf = srctop_file("test", "fips.cnf");
     my $provpath = bldtop_dir("providers");
-    my @prov = ( "-provider_path", $provpath,
+    my @prov = ( "-provider-path", $provpath,
                  "-provider", "base",
                  "-config", $provconf);
     my $infile = bldtop_file('providers', platform->dso('fips'));
diff --git a/test/recipes/15-test_rsaoaep.t b/test/recipes/15-test_rsaoaep.t
index 1b6fcb8e65..60d9b44f4f 100644
--- a/test/recipes/15-test_rsaoaep.t
+++ b/test/recipes/15-test_rsaoaep.t
@@ -39,7 +39,7 @@ my $dec3_file = "dec3.txt";
 my $key_file = srctop_file("test", "testrsa.pem");
 
 unless ($no_fips) {
-    @prov = ( "-provider_path", $provpath, "-config", $provconf );
+    @prov = ( "-provider-path", $provpath, "-config", $provconf );
     my $infile = bldtop_file('providers', platform->dso('fips'));
 
     ok(run(app(['openssl', 'fipsinstall',
diff --git a/test/recipes/20-test_enc.t b/test/recipes/20-test_enc.t
index 488253b724..003b1fc344 100644
--- a/test/recipes/20-test_enc.t
+++ b/test/recipes/20-test_enc.t
@@ -27,7 +27,7 @@ my $test = catfile(".", "p");
 
 my $cmd = "openssl";
 my $provpath = bldtop_dir("providers");
-my @prov = ("-provider_path", $provpath, "-provider", "default", "-provider", "legacy");
+my @prov = ("-provider-path", $provpath, "-provider", "default", "-provider", "legacy");
 
 my $ciphersstatus = undef;
 my @ciphers =
diff --git a/test/recipes/20-test_enc_more.t b/test/recipes/20-test_enc_more.t
index b4fb009d58..27fc901a16 100644
--- a/test/recipes/20-test_enc_more.t
+++ b/test/recipes/20-test_enc_more.t
@@ -26,7 +26,7 @@ my $plaintext = catfile(".", "testdatafile");
 my $fail = "";
 my $cmd = "openssl";
 my $provpath = bldtop_dir("providers");
-my @prov = ("-provider_path", $provpath, "-provider", "default", "-provider", "legacy");
+my @prov = ("-provider-path", $provpath, "-provider", "default", "-provider", "legacy");
 
 my $ciphersstatus = undef;
 my @ciphers =
diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t
index 38028c291a..cdd5ec15a8 100644
--- a/test/recipes/80-test_cms.t
+++ b/test/recipes/80-test_cms.t
@@ -33,10 +33,10 @@ plan skip_all => "CMS is not supported by this OpenSSL build"
 my $provpath = bldtop_dir("providers");
 
 # Some tests require legacy algorithms to be included.
-my @legacyprov = ("-provider_path", $provpath,
+my @legacyprov = ("-provider-path", $provpath,
                   "-provider", "default",
                   "-provider", "legacy" );
-my @defaultprov = ("-provider_path", $provpath,
+my @defaultprov = ("-provider-path", $provpath,
                    "-provider", "default");
 
 my @config = ( );
@@ -64,7 +64,7 @@ unless ($no_fips) {
 }
 
 $ENV{OPENSSL_TEST_LIBCTX} = "1";
-my @prov = ("-provider_path", $provpath,
+my @prov = ("-provider-path", $provpath,
             @config,
             "-provider", $provname);
 

From openssl at openssl.org  Tue Aug 18 10:55:49 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 18 Aug 2020 10:55:49 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-sock
Message-ID: <1597748149.553455.31253.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-sock

Commit log since last time:

ebe3f24b3d provider: disable fall-backs if OSSL_PROVIDER_load() fails.
0e53cd5207 PKCS#12 KDF: don't run tests with the FIPS provider.
b7466c1303 Move PKCS#12 KDF to provider.
c19e6da9a3 Appease -Werror=stringop-overflow=
cddbcf0d28 Remove needless #ifndef OPENSSL_NO_SOCK for X509_{CRL_}load_http
ea9f6890eb sslapitest: Add test for premature call of SSL_export_keying_material
dffeec1c10 Avoid segfault in SSL_export_keying_material if there is no session
dd0164e756 Mark SSL_CTX_set_ssl_version() as deprecated in 3.0

Build log ended with (last 100 lines):

rm -f doc/man/man1/CA.pl.1 doc/man/man1/openssl-asn1parse.1 doc/man/man1/openssl-ca.1 doc/man/man1/openssl-ciphers.1 doc/man/man1/openssl-cmds.1 doc/man/man1/openssl-cmp.1 doc/man/man1/openssl-cms.1 doc/man/man1/openssl-crl.1 doc/man/man1/openssl-crl2pkcs7.1 doc/man/man1/openssl-dgst.1 doc/man/man1/openssl-dhparam.1 doc/man/man1/openssl-dsa.1 doc/man/man1/openssl-dsaparam.1 doc/man/man1/openssl-ec.1 doc/man/man1/openssl-ecparam.1 doc/man/man1/openssl-enc.1 doc/man/man1/openssl-engine.1 doc/man/man1/openssl-errstr.1 doc/man/man1/openssl-fipsinstall.1 doc/man/man1/openssl-gendsa.1 doc/man/man1/openssl-genpkey.1 doc/man/man1/openssl-genrsa.1 doc/man/man1/openssl-info.1 doc/man/man1/openssl-kdf.1 doc/man/man1/openssl-list.1 doc/man/man1/openssl-mac.1 doc/man/man1/openssl-nseq.1 doc/man/man1/openssl-ocsp.1 doc/man/man1/openssl-passwd.1 doc/man/man1/openssl-pkcs12.1 doc/man/man1/openssl-pkcs7.1 doc/man/man1/openssl-pkcs8.1 doc/man/man1/openssl-pkey.1 doc/man/man1/openssl-pkeyparam.1 doc/man/man1/openssl-pkeyutl.1 doc/man/man1/openssl-prime.1 doc/man/man1/openssl-provider.1 doc/man/man1/openssl-rand.1 doc/man/man1/openssl-rehash.1 doc/man/man1/openssl-req.1 doc/man/man1/openssl-rsa.1 doc/man/man1/openssl-rsautl.1 doc/man/man1/openssl-s_client.1 doc/man/man1/openssl-s_server.1 doc/man/man1/openssl-s_time.1 doc/man/man1/openssl-sess_id.1 doc/man/man1/openssl-smime.1 doc/man/man1/openssl-speed.1 doc/man/man1/openssl-spkac.1 doc/man/man1/openssl-srp.1 doc/man/man1/openssl-storeutl.1 doc/man/man1/openssl-ts.1 doc/man/man1/openssl-verify.1 doc/man/man1/openssl-version.1 doc/man/man1/openssl-x509.1 doc/man/man1/openssl.1 doc/man/man1/tsget.1 doc/man/man3/ADMISSIONS.3 doc/man/man3/ASN1_INTEGER_get_int64.3 doc/man/man3/ASN1_INTEGER_new.3 doc/man/man3/ASN1_ITEM_lookup.3 doc/man/man3/ASN1_OBJECT_new.3 doc/man/man3/ASN1_STRING_TABLE_add.3 doc/man/man3/ASN1_STRING_length.3 doc/man/man3/ASN1_STRING_new.3 doc/man/man3/ASN1_STRING_print_ex.3 doc/man/man3/ASN1_TIME_set.3 doc/man/man3/ASN1_TYPE_get.3 doc/man/man3/ASN1_generate_nconf.3 doc/man/man3/ASYNC_WAIT_CTX_new.3 doc/man/man3/ASYNC_start_job.3 doc/man/man3/BF_encrypt.3 doc/man/man3/BIO_ADDR.3 doc/man/man3/BIO_ADDRINFO.3 doc/man/man3/BIO_connect.3 doc/man/man3/BIO_ctrl.3 doc/man/man3/BIO_f_base64.3 doc/man/man3/BIO_f_buffer.3 doc/man/man3/BIO_f_cipher.3 doc/man/man3/BIO_f_md.3 doc/man/man3/BIO_f_null.3 doc/man/man3/BIO_f_prefix.3 doc/man/man3/BIO_f_ssl.3 doc/man/man3/BIO_find_type.3 doc/man/man3/BIO_get_data.3 doc/man/man3/BIO_get_ex_new_index.3 doc/man/man3/BIO_meth_new.3 doc/man/man3/BIO_new.3 doc/man/man3/BIO_new_CMS.3 doc/man/man3/BIO_parse_hostserv.3 doc/man/man3/BIO_printf.3 doc/man/man3/BIO_push.3 doc/man/man3/BIO_read.3 doc/man/man3/BIO_s_accept.3 doc/man/man3/BIO_s_bio.3 doc/man/man3/BIO_s_connect.3 doc/man/man3/BIO_s_fd.3 doc/man/man3/BIO_s_file.3 doc/man/man3/BIO_s_mem.3 doc/man/man3/BIO_s_null.3 doc/man/man3/BIO_s_socket.3 doc/man/man3/BIO_set_callback.3 doc/man/man3/BIO_should_retry.3 doc/man/man3/BIO_socket_wait.3 doc/man/man3/BN_BLINDING_new.3 doc/man/man3/BN_CTX_new.3 doc/man/man3/BN_CTX_start.3 doc/man/man3/BN_add.3 doc/man/man3/BN_add_word.3 doc/man/man3/BN_bn2bin.3 doc/man/man3/BN_cmp.3 doc/man/man3/BN_copy.3 doc/man/man3/BN_generate_prime.3 doc/man/man3/BN_mod_inverse.3 doc/man/man3/BN_mod_mul_montgomery.3 doc/man/man3/BN_mod_mul_reciprocal.3 doc/man/man3/BN_new.3 doc/man/man3/BN_num_bytes.3 doc/man/man3/BN_rand.3 doc/man/man3/BN_security_bits.3 doc/man/man3/BN_set_bit.3 doc/man/man3/BN_swap.3 doc/man/man3/BN_zero.3 doc/man/man3/BUF_MEM_new.3 doc/man/man3/CMS_EncryptedData_decrypt.3 doc/man/man3/CMS_EncryptedData_encrypt.3 doc/man/man3/CMS_EnvelopedData_create.3 doc/man/man3/CMS_add0_cert.3 doc/man/man3/CMS_add1_recipient_cert.3 doc/man/man3/CMS_add1_signer.3 doc/man/man3/CMS_compress.3 doc/man/man3/CMS_data_create.3 doc/man/man3/CMS_decrypt.3 doc/man/man3/CMS_digest_create.3 doc/man/man3/CMS_encrypt.3 doc/man/man3/CMS_final.3 doc/man/man3/CMS_get0_RecipientInfos.3 doc/man/man3/CMS_get0_SignerInfos.3 doc/man/man3/CMS_get0_type.3 doc/man/man3/CMS_get1_ReceiptRequest.3 doc/man/man3/CMS_sign.3 doc/man/man3/CMS_sign_receipt.3 doc/man/man3/CMS_uncompress.3 doc/man/man3/CMS_verify.3 doc/man/man3/CMS_verify_receipt.3 doc/man/man3/CONF_modules_free.3 doc/man/man3/CONF_modules_load_file.3 doc/man/man3/CRYPTO_THREAD_run_once.3 doc/man/man3/CRYPTO_get_ex_new_index.3 doc/man/man3/CRYPTO_memcmp.3 doc/man/man3/CTLOG_STORE_get0_log_by_id.3 doc/man/man3/CTLOG_STORE_new.3 doc/man/man3/CTLOG_new.3 doc/man/man3/CT_POLICY_EVAL_CTX_new.3 doc/man/man3/DEFINE_STACK_OF.3 doc/man/man3/DES_random_key.3 doc/man/man3/DH_generate_key.3 doc/man/man3/DH_generate_parameters.3 doc/man/man3/DH_get0_pqg.3 doc/man/man3/DH_get_1024_160.3 doc/man/man3/DH_meth_new.3 doc/man/man3/DH_new.3 doc/man/man3/DH_new_by_nid.3 doc/man/man3/DH_set_method.3 doc/man/man3/DH_size.3 doc/man/man3/DSA_SIG_new.3 doc/man/man3/DSA_do_sign.3 doc/man/man3/DSA_dup_DH.3 doc/man/man3/DSA_generate_key.3 doc/man/man3/DSA_generate_parameters.3 doc/man/man3/DSA_get0_pqg.3 doc/man/man3/DSA_meth_new.3 doc/man/man3/DSA_new.3 doc/man/man3/DSA_set_method.3 doc/man/man3/DSA_sign.3 doc/man/man3/DSA_size.3 doc/man/man3/DTLS_get_data_mtu.3 doc/man/man3/DTLS_set_timer_cb.3 doc/man/man3/DTLSv1_listen.3 doc/man/man3/ECDSA_SIG_new.3 doc/man/man3/ECPKParameters_print.3 doc/man/man3/EC_GFp_simple_method.3 doc/man/man3/EC_GROUP_copy.3 doc/man/man3/EC_GROUP_new.3 doc/man/man3/EC_KEY_get_enc_flags.3 doc/man/man3/EC_KEY_new.3 doc/man/man3/EC_POINT_add.3 doc/man/man3/EC_POINT_new.3 doc/man/man3/ENGINE_add.3 doc/man/man3/ERR_GET_LIB.3 doc/man/man3/ERR_clear_error.3 doc/man/man3/ERR_error_string.3 doc/man/man3/ERR_get_error.3 doc/man/man3/ERR_load_crypto_strings.3 doc/man/man3/ERR_load_strings.3 doc/man/man3/ERR_new.3 doc/man/man3/ERR_print_errors.3 doc/man/man3/ERR_put_error.3 doc/man/man3/ERR_remove_state.3 doc/man/man3/ERR_set_mark.3 doc/man/man3/EVP_ASYM_CIPHER_free.3 doc/man/man3/EVP_BytesToKey.3 doc/man/man3/EVP_CIPHER_CTX_get_cipher_data.3 doc/man/man3/EVP_CIPHER_CTX_get_iv.3 doc/man/man3/EVP_CIPHER_meth_new.3 doc/man/man3/EVP_DigestInit.3 doc/man/man3/EVP_DigestSignInit.3 doc/man/man3/EVP_DigestVerifyInit.3 doc/man/man3/EVP_EncodeInit.3 doc/man/man3/EVP_EncryptInit.3 doc/man/man3/EVP_KDF.3 doc/man/man3/EVP_KEYEXCH_free.3 doc/man/man3/EVP_KEYMGMT.3 doc/man/man3/EVP_MAC.3 doc/man/man3/EVP_MD_meth_new.3 doc/man/man3/EVP_OpenInit.3 doc/man/man3/EVP_PKEY_ASN1_METHOD.3 doc/man/man3/EVP_PKEY_CTX_ctrl.3 doc/man/man3/EVP_PKEY_CTX_new.3 doc/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3 doc/man/man3/EVP_PKEY_CTX_set_hkdf_md.3 doc/man/man3/EVP_PKEY_CTX_set_params.3 doc/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3 doc/man/man3/EVP_PKEY_CTX_set_scrypt_N.3 doc/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3 doc/man/man3/EVP_PKEY_asn1_get_count.3 doc/man/man3/EVP_PKEY_check.3 doc/man/man3/EVP_PKEY_copy_parameters.3 doc/man/man3/EVP_PKEY_decrypt.3 doc/man/man3/EVP_PKEY_derive.3 doc/man/man3/EVP_PKEY_encrypt.3 doc/man/man3/EVP_PKEY_fromdata.3 doc/man/man3/EVP_PKEY_gen.3 doc/man/man3/EVP_PKEY_get_default_digest_nid.3 doc/man/man3/EVP_PKEY_gettable_params.3 doc/man/man3/EVP_PKEY_is_a.3 doc/man/man3/EVP_PKEY_meth_get_count.3 doc/man/man3/EVP_PKEY_meth_new.3 doc/man/man3/EVP_PKEY_new.3 doc/man/man3/EVP_PKEY_print_private.3 doc/man/man3/EVP_PKEY_set1_RSA.3 doc/man/man3/EVP_PKEY_set_type.3 doc/man/man3/EVP_PKEY_sign.3 doc/man/man3/EVP_PKEY_size.3 doc/man/man3/EVP_PKEY_supports_digest_nid.3 doc/man/man3/EVP_PKEY_verify.3 doc/man/man3/EVP_PKEY_verify_recover.3 doc/man/man3/EVP_RAND.3 doc/man/man3/EVP_SIGNATURE_free.3 doc/man/man3/EVP_SealInit.3 doc/man/man3/EVP_SignInit.3 doc/man/man3/EVP_VerifyInit.3 doc/man/man3/EVP_aes_128_gcm.3 doc/man/man3/EVP_aria_128_gcm.3 doc/man/man3/EVP_bf_cbc.3 doc/man/man3/EVP_blake2b512.3 doc/man/man3/EVP_camellia_128_ecb.3 doc/man/man3/EVP_cast5_cbc.3 doc/man/man3/EVP_chacha20.3 doc/man/man3/EVP_des_cbc.3 doc/man/man3/EVP_desx_cbc.3 doc/man/man3/EVP_idea_cbc.3 doc/man/man3/EVP_md2.3 doc/man/man3/EVP_md4.3 doc/man/man3/EVP_md5.3 doc/man/man3/EVP_mdc2.3 doc/man/man3/EVP_rc2_cbc.3 doc/man/man3/EVP_rc4.3 doc/man/man3/EVP_rc5_32_12_16_cbc.3 doc/man/man3/EVP_ripemd160.3 doc/man/man3/EVP_seed_cbc.3 doc/man/man3/EVP_set_default_properties.3 doc/man/man3/EVP_sha1.3 doc/man/man3/EVP_sha224.3 doc/man/man3/EVP_sha3_224.3 doc/man/man3/EVP_sm3.3 doc/man/man3/EVP_sm4_cbc.3 doc/man/man3/EVP_whirlpool.3 doc/man/man3/HMAC.3 doc/man/man3/MD5.3 doc/man/man3/MDC2_Init.3 doc/man/man3/NCONF_new_with_libctx.3 doc/man/man3/OBJ_nid2obj.3 doc/man/man3/OCSP_REQUEST_new.3 doc/man/man3/OCSP_cert_to_id.3 doc/man/man3/OCSP_request_add1_nonce.3 doc/man/man3/OCSP_resp_find_status.3 doc/man/man3/OCSP_response_status.3 doc/man/man3/OCSP_sendreq_new.3 doc/man/man3/OPENSSL_Applink.3 doc/man/man3/OPENSSL_CTX.3 doc/man/man3/OPENSSL_FILE.3 doc/man/man3/OPENSSL_LH_COMPFUNC.3 doc/man/man3/OPENSSL_LH_stats.3 doc/man/man3/OPENSSL_config.3 doc/man/man3/OPENSSL_fork_prepare.3 doc/man/man3/OPENSSL_hexchar2int.3 doc/man/man3/OPENSSL_ia32cap.3 doc/man/man3/OPENSSL_init_crypto.3 doc/man/man3/OPENSSL_init_ssl.3 doc/man/man3/OPENSSL_instrument_bus.3 doc/man/man3/OPENSSL_load_builtin_modules.3 doc/man/man3/OPENSSL_malloc.3 doc/man/man3/OPENSSL_s390xcap.3 doc/man/man3/OPENSSL_secure_malloc.3 doc/man/man3/OSSL_CMP_CTX_new.3 doc/man/man3/OSSL_CMP_HDR_get0_transactionID.3 doc/man/man3/OSSL_CMP_ITAV_set0.3 doc/man/man3/OSSL_CMP_MSG_get0_header.3 doc/man/man3/OSSL_CMP_MSG_http_perform.3 doc/man/man3/OSSL_CMP_SRV_CTX_new.3 doc/man/man3/OSSL_CMP_STATUSINFO_new.3 doc/man/man3/OSSL_CMP_exec_certreq.3 doc/man/man3/OSSL_CMP_log_open.3 doc/man/man3/OSSL_CMP_validate_msg.3 doc/man/man3/OSSL_CRMF_MSG_get0_tmpl.3 doc/man/man3/OSSL_CRMF_MSG_set0_validity.3 doc/man/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.3 doc/man/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.3 doc/man/man3/OSSL_CRMF_pbmp_new.3 doc/man/man3/OSSL_DESERIALIZER.3 doc/man/man3/OSSL_DESERIALIZER_CTX.3 doc/man/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_DESERIALIZER_from_bio.3 doc/man/man3/OSSL_HTTP_transfer.3 doc/man/man3/OSSL_PARAM.3 doc/man/man3/OSSL_PARAM_BLD.3 doc/man/man3/OSSL_PARAM_allocate_from_text.3 doc/man/man3/OSSL_PARAM_int.3 doc/man/man3/OSSL_PROVIDER.3 doc/man/man3/OSSL_SELF_TEST_new.3 doc/man/man3/OSSL_SELF_TEST_set_callback.3 doc/man/man3/OSSL_SERIALIZER.3 doc/man/man3/OSSL_SERIALIZER_CTX.3 doc/man/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_SERIALIZER_to_bio.3 doc/man/man3/OSSL_STORE_INFO.3 doc/man/man3/OSSL_STORE_LOADER.3 doc/man/man3/OSSL_STORE_SEARCH.3 doc/man/man3/OSSL_STORE_attach.3 doc/man/man3/OSSL_STORE_expect.3 doc/man/man3/OSSL_STORE_open.3 doc/man/man3/OSSL_trace_enabled.3 doc/man/man3/OSSL_trace_get_category_num.3 doc/man/man3/OSSL_trace_set_channel.3 doc/man/man3/OpenSSL_add_all_algorithms.3 doc/man/man3/OpenSSL_version.3 doc/man/man3/PEM_X509_INFO_read_bio_with_libctx.3 doc/man/man3/PEM_bytes_read_bio.3 doc/man/man3/PEM_read.3 doc/man/man3/PEM_read_CMS.3 doc/man/man3/PEM_read_bio_PrivateKey.3 doc/man/man3/PEM_read_bio_ex.3 doc/man/man3/PEM_write_bio_CMS_stream.3 doc/man/man3/PEM_write_bio_PKCS7_stream.3 doc/man/man3/PKCS12_SAFEBAG_create_cert.3 doc/man/man3/PKCS12_SAFEBAG_get0_attrs.3 doc/man/man3/PKCS12_SAFEBAG_get1_cert.3 doc/man/man3/PKCS12_add1_attr_by_NID.3 doc/man/man3/PKCS12_add_CSPName_asc.3 doc/man/man3/PKCS12_add_cert.3 doc/man/man3/PKCS12_add_friendlyname_asc.3 doc/man/man3/PKCS12_add_localkeyid.3 doc/man/man3/PKCS12_add_safe.3 doc/man/man3/PKCS12_create.3 doc/man/man3/PKCS12_get_friendlyname.3 doc/man/man3/PKCS12_newpass.3 doc/man/man3/PKCS12_parse.3 doc/man/man3/PKCS5_PBKDF2_HMAC.3 doc/man/man3/PKCS7_decrypt.3 doc/man/man3/PKCS7_encrypt.3 doc/man/man3/PKCS7_sign.3 doc/man/man3/PKCS7_sign_add_signer.3 doc/man/man3/PKCS7_verify.3 doc/man/man3/PKCS8_pkey_add1_attr.3 doc/man/man3/RAND_add.3 doc/man/man3/RAND_bytes.3 doc/man/man3/RAND_cleanup.3 doc/man/man3/RAND_egd.3 doc/man/man3/RAND_get0_primary.3 doc/man/man3/RAND_load_file.3 doc/man/man3/RAND_set_rand_method.3 doc/man/man3/RC4_set_key.3 doc/man/man3/RIPEMD160_Init.3 doc/man/man3/RSA_blinding_on.3 doc/man/man3/RSA_check_key.3 doc/man/man3/RSA_generate_key.3 doc/man/man3/RSA_get0_key.3 doc/man/man3/RSA_meth_new.3 doc/man/man3/RSA_new.3 doc/man/man3/RSA_padding_add_PKCS1_type_1.3 doc/man/man3/RSA_print.3 doc/man/man3/RSA_private_encrypt.3 doc/man/man3/RSA_public_encrypt.3 doc/man/man3/RSA_set_method.3 doc/man/man3/RSA_sign.3 doc/man/man3/RSA_sign_ASN1_OCTET_STRING.3 doc/man/man3/RSA_size.3 doc/man/man3/SCT_new.3 doc/man/man3/SCT_print.3 doc/man/man3/SCT_validate.3 doc/man/man3/SHA256_Init.3 doc/man/man3/SMIME_read_ASN1.3 doc/man/man3/SMIME_read_CMS.3 doc/man/man3/SMIME_read_PKCS7.3 doc/man/man3/SMIME_write_ASN1.3 doc/man/man3/SMIME_write_CMS.3 doc/man/man3/SMIME_write_PKCS7.3 doc/man/man3/SRP_Calc_B.3 doc/man/man3/SRP_VBASE_new.3 doc/man/man3/SRP_create_verifier.3 doc/man/man3/SRP_user_pwd_new.3 doc/man/man3/SSL_CIPHER_get_name.3 doc/man/man3/SSL_COMP_add_compression_method.3 doc/man/man3/SSL_CONF_CTX_new.3 doc/man/man3/SSL_CONF_CTX_set1_prefix.3 doc/man/man3/SSL_CONF_CTX_set_flags.3 doc/man/man3/SSL_CONF_CTX_set_ssl_ctx.3 doc/man/man3/SSL_CONF_cmd.3 doc/man/man3/SSL_CONF_cmd_argv.3 doc/man/man3/SSL_CTX_add1_chain_cert.3 doc/man/man3/SSL_CTX_add_extra_chain_cert.3 doc/man/man3/SSL_CTX_add_session.3 doc/man/man3/SSL_CTX_config.3 doc/man/man3/SSL_CTX_ctrl.3 doc/man/man3/SSL_CTX_dane_enable.3 doc/man/man3/SSL_CTX_flush_sessions.3 doc/man/man3/SSL_CTX_free.3 doc/man/man3/SSL_CTX_get0_param.3 doc/man/man3/SSL_CTX_get_verify_mode.3 doc/man/man3/SSL_CTX_has_client_custom_ext.3 doc/man/man3/SSL_CTX_load_verify_locations.3 doc/man/man3/SSL_CTX_new.3 doc/man/man3/SSL_CTX_sess_number.3 doc/man/man3/SSL_CTX_sess_set_cache_size.3 doc/man/man3/SSL_CTX_sess_set_get_cb.3 doc/man/man3/SSL_CTX_sessions.3 doc/man/man3/SSL_CTX_set0_CA_list.3 doc/man/man3/SSL_CTX_set1_curves.3 doc/man/man3/SSL_CTX_set1_sigalgs.3 doc/man/man3/SSL_CTX_set1_verify_cert_store.3 doc/man/man3/SSL_CTX_set_alpn_select_cb.3 doc/man/man3/SSL_CTX_set_cert_cb.3 doc/man/man3/SSL_CTX_set_cert_store.3 doc/man/man3/SSL_CTX_set_cert_verify_callback.3 doc/man/man3/SSL_CTX_set_cipher_list.3 doc/man/man3/SSL_CTX_set_client_cert_cb.3 doc/man/man3/SSL_CTX_set_client_hello_cb.3 doc/man/man3/SSL_CTX_set_ct_validation_callback.3 doc/man/man3/SSL_CTX_set_ctlog_list_file.3 doc/man/man3/SSL_CTX_set_default_passwd_cb.3 doc/man/man3/SSL_CTX_set_generate_session_id.3 doc/man/man3/SSL_CTX_set_info_callback.3 doc/man/man3/SSL_CTX_set_keylog_callback.3 doc/man/man3/SSL_CTX_set_max_cert_list.3 doc/man/man3/SSL_CTX_set_min_proto_version.3 doc/man/man3/SSL_CTX_set_mode.3 doc/man/man3/SSL_CTX_set_msg_callback.3 doc/man/man3/SSL_CTX_set_num_tickets.3 doc/man/man3/SSL_CTX_set_options.3 doc/man/man3/SSL_CTX_set_psk_client_callback.3 doc/man/man3/SSL_CTX_set_quiet_shutdown.3 doc/man/man3/SSL_CTX_set_read_ahead.3 doc/man/man3/SSL_CTX_set_record_padding_callback.3 doc/man/man3/SSL_CTX_set_security_level.3 doc/man/man3/SSL_CTX_set_session_cache_mode.3 doc/man/man3/SSL_CTX_set_session_id_context.3 doc/man/man3/SSL_CTX_set_session_ticket_cb.3 doc/man/man3/SSL_CTX_set_split_send_fragment.3 doc/man/man3/SSL_CTX_set_srp_password.3 doc/man/man3/SSL_CTX_set_ssl_version.3 doc/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3 doc/man/man3/SSL_CTX_set_timeout.3 doc/man/man3/SSL_CTX_set_tlsext_servername_callback.3 doc/man/man3/SSL_CTX_set_tlsext_status_cb.3 doc/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3 doc/man/man3/SSL_CTX_set_tlsext_use_srtp.3 doc/man/man3/SSL_CTX_set_tmp_dh_callback.3 doc/man/man3/SSL_CTX_set_tmp_ecdh.3 doc/man/man3/SSL_CTX_set_verify.3 doc/man/man3/SSL_CTX_use_certificate.3 doc/man/man3/SSL_CTX_use_psk_identity_hint.3 doc/man/man3/SSL_CTX_use_serverinfo.3 doc/man/man3/SSL_SESSION_free.3 doc/man/man3/SSL_SESSION_get0_cipher.3 doc/man/man3/SSL_SESSION_get0_hostname.3 doc/man/man3/SSL_SESSION_get0_id_context.3 doc/man/man3/SSL_SESSION_get0_peer.3 doc/man/man3/SSL_SESSION_get_compress_id.3 doc/man/man3/SSL_SESSION_get_protocol_version.3 doc/man/man3/SSL_SESSION_get_time.3 doc/man/man3/SSL_SESSION_has_ticket.3 doc/man/man3/SSL_SESSION_is_resumable.3 doc/man/man3/SSL_SESSION_print.3 doc/man/man3/SSL_SESSION_set1_id.3 doc/man/man3/SSL_accept.3 doc/man/man3/SSL_alert_type_string.3 doc/man/man3/SSL_alloc_buffers.3 doc/man/man3/SSL_check_chain.3 doc/man/man3/SSL_clear.3 doc/man/man3/SSL_connect.3 doc/man/man3/SSL_do_handshake.3 doc/man/man3/SSL_export_keying_material.3 doc/man/man3/SSL_extension_supported.3 doc/man/man3/SSL_free.3 doc/man/man3/SSL_get0_peer_scts.3 doc/man/man3/SSL_get_SSL_CTX.3 doc/man/man3/SSL_get_all_async_fds.3 doc/man/man3/SSL_get_ciphers.3 doc/man/man3/SSL_get_client_random.3 doc/man/man3/SSL_get_current_cipher.3 doc/man/man3/SSL_get_default_timeout.3 doc/man/man3/SSL_get_error.3 doc/man/man3/SSL_get_extms_support.3 doc/man/man3/SSL_get_fd.3 doc/man/man3/SSL_get_peer_cert_chain.3 doc/man/man3/SSL_get_peer_certificate.3 doc/man/man3/SSL_get_peer_signature_nid.3 doc/man/man3/SSL_get_peer_tmp_key.3 doc/man/man3/SSL_get_psk_identity.3 doc/man/man3/SSL_get_rbio.3 doc/man/man3/SSL_get_session.3 doc/man/man3/SSL_get_shared_sigalgs.3 doc/man/man3/SSL_get_verify_result.3 doc/man/man3/SSL_get_version.3 doc/man/man3/SSL_in_init.3 doc/man/man3/SSL_key_update.3 doc/man/man3/SSL_library_init.3 doc/man/man3/SSL_load_client_CA_file.3 doc/man/man3/SSL_new.3 doc/man/man3/SSL_pending.3 doc/man/man3/SSL_read.3 doc/man/man3/SSL_read_early_data.3 doc/man/man3/SSL_rstate_string.3 doc/man/man3/SSL_session_reused.3 doc/man/man3/SSL_set1_host.3 doc/man/man3/SSL_set_async_callback.3 doc/man/man3/SSL_set_bio.3 doc/man/man3/SSL_set_connect_state.3 doc/man/man3/SSL_set_fd.3 doc/man/man3/SSL_set_session.3 doc/man/man3/SSL_set_shutdown.3 doc/man/man3/SSL_set_verify_result.3 doc/man/man3/SSL_shutdown.3 doc/man/man3/SSL_state_string.3 doc/man/man3/SSL_want.3 doc/man/man3/SSL_write.3 doc/man/man3/TS_VERIFY_CTX_set_certs.3 doc/man/man3/UI_STRING.3 doc/man/man3/UI_UTIL_read_pw.3 doc/man/man3/UI_create_method.3 doc/man/man3/UI_new.3 doc/man/man3/X509V3_get_d2i.3 doc/man/man3/X509_ALGOR_dup.3 doc/man/man3/X509_CRL_get0_by_serial.3 doc/man/man3/X509_EXTENSION_set_object.3 doc/man/man3/X509_LOOKUP.3 doc/man/man3/X509_LOOKUP_hash_dir.3 doc/man/man3/X509_LOOKUP_meth_new.3 doc/man/man3/X509_NAME_ENTRY_get_object.3 doc/man/man3/X509_NAME_add_entry_by_txt.3 doc/man/man3/X509_NAME_get0_der.3 doc/man/man3/X509_NAME_get_index_by_NID.3 doc/man/man3/X509_NAME_print_ex.3 doc/man/man3/X509_PUBKEY_new.3 doc/man/man3/X509_SIG_get0.3 doc/man/man3/X509_STORE_CTX_get_error.3 doc/man/man3/X509_STORE_CTX_new.3 doc/man/man3/X509_STORE_CTX_set_verify_cb.3 doc/man/man3/X509_STORE_add_cert.3 doc/man/man3/X509_STORE_get0_param.3 doc/man/man3/X509_STORE_new.3 doc/man/man3/X509_STORE_set_verify_cb_func.3 doc/man/man3/X509_VERIFY_PARAM_set_flags.3 doc/man/man3/X509_add_cert.3 doc/man/man3/X509_check_ca.3 doc/man/man3/X509_check_host.3 doc/man/man3/X509_check_issued.3 doc/man/man3/X509_check_private_key.3 doc/man/man3/X509_check_purpose.3 doc/man/man3/X509_cmp.3 doc/man/man3/X509_cmp_time.3 doc/man/man3/X509_digest.3 doc/man/man3/X509_dup.3 doc/man/man3/X509_get0_distinguishing_id.3 doc/man/man3/X509_get0_notBefore.3 doc/man/man3/X509_get0_signature.3 doc/man/man3/X509_get0_uids.3 doc/man/man3/X509_get_extension_flags.3 doc/man/man3/X509_get_pubkey.3 doc/man/man3/X509_get_serialNumber.3 doc/man/man3/X509_get_subject_name.3 doc/man/man3/X509_get_version.3 doc/man/man3/X509_load_http.3 doc/man/man3/X509_new.3 doc/man/man3/X509_sign.3 doc/man/man3/X509_verify.3 doc/man/man3/X509_verify_cert.3 doc/man/man3/X509v3_get_ext_by_NID.3 doc/man/man3/d2i_DHparams.3 doc/man/man3/d2i_PKCS8PrivateKey_bio.3 doc/man/man3/d2i_PrivateKey.3 doc/man/man3/d2i_SSL_SESSION.3 doc/man/man3/d2i_X509.3 doc/man/man3/i2d_CMS_bio_stream.3 doc/man/man3/i2d_PKCS7_bio_stream.3 doc/man/man3/i2d_re_X509_tbs.3 doc/man/man3/o2i_SCT_LIST.3 doc/man/man3/s2i_ASN1_IA5STRING.3 doc/man/man5/config.5 doc/man/man5/fips_config.5 doc/man/man5/x509v3_config.5 doc/man/man7/EVP_KDF-HKDF.7 doc/man/man7/EVP_KDF-KB.7 doc/man/man7/EVP_KDF-KRB5KDF.7 doc/man/man7/EVP_KDF-PBKDF2.7 doc/man/man7/EVP_KDF-PKCS12KDF.7 doc/man/man7/EVP_KDF-SCRYPT.7 doc/man/man7/EVP_KDF-SS.7 doc/man/man7/EVP_KDF-SSHKDF.7 doc/man/man7/EVP_KDF-TLS1_PRF.7 doc/man/man7/EVP_KDF-X942.7 doc/man/man7/EVP_KDF-X963.7 doc/man/man7/EVP_KEYEXCH-DH.7 doc/man/man7/EVP_KEYEXCH-ECDH.7 doc/man/man7/EVP_KEYEXCH-X25519.7 doc/man/man7/EVP_MAC-BLAKE2.7 doc/man/man7/EVP_MAC-CMAC.7 doc/man/man7/EVP_MAC-GMAC.7 doc/man/man7/EVP_MAC-HMAC.7 doc/man/man7/EVP_MAC-KMAC.7 doc/man/man7/EVP_MAC-Poly1305.7 doc/man/man7/EVP_MAC-Siphash.7 doc/man/man7/EVP_MD-BLAKE2.7 doc/man/man7/EVP_MD-MD2.7 doc/man/man7/EVP_MD-MD4.7 doc/man/man7/EVP_MD-MD5-SHA1.7 doc/man/man7/EVP_MD-MD5.7 doc/man/man7/EVP_MD-MDC2.7 doc/man/man7/EVP_MD-RIPEMD160.7 doc/man/man7/EVP_MD-SHA1.7 doc/man/man7/EVP_MD-SHA2.7 doc/man/man7/EVP_MD-SHA3.7 doc/man/man7/EVP_MD-SHAKE.7 doc/man/man7/EVP_MD-SM3.7 doc/man/man7/EVP_MD-WHIRLPOOL.7 doc/man/man7/EVP_MD-common.7 doc/man/man7/EVP_PKEY-DH.7 doc/man/man7/EVP_PKEY-DSA.7 doc/man/man7/EVP_PKEY-EC.7 doc/man/man7/EVP_PKEY-FFC.7 doc/man/man7/EVP_PKEY-RSA.7 doc/man/man7/EVP_PKEY-X25519.7 doc/man/man7/EVP_RAND-CTR-DRBG.7 doc/man/man7/EVP_RAND-HASH-DRBG.7 doc/man/man7/EVP_RAND-HMAC-DRBG.7 doc/man/man7/EVP_RAND-TEST-RAND.7 doc/man/man7/EVP_RAND.7 doc/man/man7/EVP_SIGNATURE-DSA.7 doc/man/man7/EVP_SIGNATURE-ECDSA.7 doc/man/man7/EVP_SIGNATURE-ED25519.7 doc/man/man7/EVP_SIGNATURE-RSA.7 doc/man/man7/OSSL_PROVIDER-FIPS.7 doc/man/man7/OSSL_PROVIDER-base.7 doc/man/man7/OSSL_PROVIDER-default.7 doc/man/man7/OSSL_PROVIDER-legacy.7 doc/man/man7/OSSL_PROVIDER-null.7 doc/man/man7/RAND.7 doc/man/man7/RSA-PSS.7 doc/man/man7/SM2.7 doc/man/man7/X25519.7 doc/man/man7/bio.7 doc/man/man7/crypto.7 doc/man/man7/ct.7 doc/man/man7/des_modes.7 doc/man/man7/evp.7 doc/man/man7/openssl-core.h.7 doc/man/man7/openssl-core_dispatch.h.7 doc/man/man7/openssl-core_names.h.7 doc/man/man7/openssl-env.7 doc/man/man7/openssl_user_macros.7 doc/man/man7/ossl_store-file.7 doc/man/man7/ossl_store.7 doc/man/man7/passphrase-encoding.7 doc/man/man7/property.7 doc/man/man7/provider-asym_cipher.7 doc/man/man7/provider-base.7 doc/man/man7/provider-cipher.7 doc/man/man7/provider-digest.7 doc/man/man7/provider-keyexch.7 doc/man/man7/provider-keymgmt.7 doc/man/man7/provider-mac.7 doc/man/man7/provider-rand.7 doc/man/man7/provider-serializer.7 doc/man/man7/provider-signature.7 doc/man/man7/provider.7 doc/man/man7/proxy-certificates.7 doc/man/man7/ssl.7 doc/man/man7/x509.7
rm -f apps/openssl fuzz/asn1-test fuzz/asn1parse-test fuzz/bignum-test fuzz/bndiv-test fuzz/client-test fuzz/cmp-test fuzz/cms-test fuzz/conf-test fuzz/crl-test fuzz/ct-test fuzz/server-test fuzz/x509-test test/aborttest test/acvp_test test/aesgcmtest test/afalgtest test/asn1_decode_test test/asn1_dsa_internal_test test/asn1_encode_test test/asn1_internal_test test/asn1_string_table_test test/asn1_time_test test/asynciotest test/asynctest test/bad_dtls_test test/bftest test/bio_callback_test test/bio_enc_test test/bio_memleak_test test/bio_prefix_text test/bioprinttest test/bn_internal_test test/bntest test/buildtest_c_aes test/buildtest_c_asn1 test/buildtest_c_asn1t test/buildtest_c_async test/buildtest_c_bio test/buildtest_c_blowfish test/buildtest_c_bn test/buildtest_c_buffer test/buildtest_c_camellia test/buildtest_c_cast test/buildtest_c_cmac test/buildtest_c_cmp test/buildtest_c_cmp_util test/buildtest_c_cms test/buildtest_c_comp test/buildtest_c_conf test/buildtest_c_conf_api test/buildtest_c_core test/buildtest_c_core_dispatch test/buildtest_c_core_names test/buildtest_c_crmf test/buildtest_c_crypto test/buildtest_c_ct test/buildtest_c_des test/buildtest_c_deserializer test/buildtest_c_dh test/buildtest_c_dsa test/buildtest_c_e_os2 test/buildtest_c_ebcdic test/buildtest_c_ec test/buildtest_c_ecdh test/buildtest_c_ecdsa test/buildtest_c_engine test/buildtest_c_ess test/buildtest_c_evp test/buildtest_c_fips_names test/buildtest_c_hmac test/buildtest_c_http test/buildtest_c_idea test/buildtest_c_kdf test/buildtest_c_lhash test/buildtest_c_macros test/buildtest_c_md4 test/buildtest_c_md5 test/buildtest_c_mdc2 test/buildtest_c_modes test/buildtest_c_obj_mac test/buildtest_c_objects test/buildtest_c_ocsp test/buildtest_c_ossl_typ test/buildtest_c_param_build test/buildtest_c_params test/buildtest_c_pem test/buildtest_c_pem2 test/buildtest_c_pkcs12 test/buildtest_c_pkcs7 test/buildtest_c_provider test/buildtest_c_rand test/buildtest_c_rc2 test/buildtest_c_rc4 test/buildtest_c_ripemd test/buildtest_c_rsa test/buildtest_c_safestack test/buildtest_c_seed test/buildtest_c_self_test test/buildtest_c_serializer test/buildtest_c_sha test/buildtest_c_srp test/buildtest_c_srtp test/buildtest_c_ssl test/buildtest_c_ssl2 test/buildtest_c_stack test/buildtest_c_store test/buildtest_c_symhacks test/buildtest_c_tls1 test/buildtest_c_ts test/buildtest_c_txt_db test/buildtest_c_types test/buildtest_c_ui test/buildtest_c_whrlpool test/buildtest_c_x509 test/buildtest_c_x509_vfy test/buildtest_c_x509v3 test/casttest test/chacha_internal_test test/cipher_overhead_test test/cipherbytes_test test/cipherlist_test test/ciphername_test test/clienthellotest test/cmactest test/cmp_asn_test test/cmp_client_test test/cmp_ctx_test test/cmp_hdr_test test/cmp_msg_test test/cmp_protect_test test/cmp_server_test test/cmp_status_test test/cmp_vfy_test test/cmsapitest test/conf_include_test test/confdump test/constant_time_test test/context_internal_test test/crltest test/ct_test test/ctype_internal_test test/curve448_internal_test test/d2i_test test/danetest test/destest test/dhtest test/drbgtest test/dsa_no_digest_size_test test/dsatest test/dtls_mtu_test test/dtlstest test/dtlsv1listentest test/ec_internal_test test/ecdsatest test/ecstresstest test/ectest test/enginetest test/errtest test/evp_extra_test test/evp_extra_test2 test/evp_fetch_prov_test test/evp_kdf_test test/evp_libctx_test test/evp_pkey_dparams_test test/evp_pkey_provided_test test/evp_test test/exdatatest test/exptest test/fatalerrtest test/ffc_internal_test test/gmdifftest test/gosttest test/hexstr_test test/hmactest test/http_test test/ideatest test/igetest test/keymgmt_internal_test test/lhash_test test/mdc2_internal_test test/mdc2test test/memleaktest test/modes_internal_test test/namemap_internal_test test/ocspapitest test/packettest test/param_build_test test/params_api_test test/params_conversion_test test/params_test test/pbelutest test/pemtest test/pkcs12_format_test test/pkey_meth_kdf_test test/pkey_meth_test test/poly1305_internal_test test/property_test test/provider_fallback_test test/provider_internal_test test/provider_status_test test/provider_test test/rc2test test/rc4test test/rc5test test/rdrand_sanitytest test/recordlentest test/rsa_complex test/rsa_mp_test test/rsa_sp800_56b_test test/rsa_test test/sanitytest test/secmemtest test/serdes_test test/servername_test test/shlibloadtest test/siphash_internal_test test/sm2_internal_test test/sm4_internal_test test/sparse_array_test test/srptest test/ssl_cert_table_internal_test test/ssl_ctx_test test/ssl_test test/ssl_test_ctx_test test/sslapitest test/sslbuffertest test/sslcorrupttest test/ssltest_old test/stack_test test/sysdefaulttest test/test_test test/threadstest test/time_offset_test test/tls13ccstest test/tls13encryptiontest test/tls13secretstest test/uitest test/v3ext test/v3nametest test/verify_extra_test test/versions test/wpackettest test/x509_check_cert_pkey_test test/x509_dup_cert_test test/x509_internal_test test/x509_time_test test/x509aux  engines/afalg.so engines/capi.so engines/dasync.so engines/ossltest.so engines/padlock.so providers/fips.so providers/legacy.so test/p_test.so apps/CA.pl apps/tsget.pl tools/c_rehash util/shlib_wrap.sh
rm -f doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod include/crypto/bn_conf.h include/crypto/dso_conf.h include/openssl/configuration.h include/openssl/fipskey.h include/openssl/opensslv.h test/provider_internal_test.cnf apps/CA.pl apps/progs.c apps/progs.h apps/tsget.pl crypto/aes/aes-x86_64.s crypto/aes/aesni-mb-x86_64.s crypto/aes/aesni-sha1-x86_64.s crypto/aes/aesni-sha256-x86_64.s crypto/aes/aesni-x86_64.s crypto/aes/bsaes-x86_64.s crypto/aes/vpaes-x86_64.s crypto/bn/rsaz-avx2.s crypto/bn/rsaz-x86_64.s crypto/bn/x86_64-gf2m.s crypto/bn/x86_64-mont.s crypto/bn/x86_64-mont5.s crypto/buildinf.h crypto/camellia/cmll-x86_64.s crypto/chacha/chacha-x86_64.s crypto/ec/ecp_nistz256-x86_64.s crypto/ec/x25519-x86_64.s crypto/md5/md5-x86_64.s crypto/modes/aesni-gcm-x86_64.s crypto/modes/ghash-x86_64.s crypto/poly1305/poly1305-x86_64.s crypto/rc4/rc4-md5-x86_64.s crypto/rc4/rc4-x86_64.s crypto/sha/keccak1600-x86_64.s crypto/sha/sha1-mb-x86_64.s crypto/sha/sha1-x86_64.s crypto/sha/sha256-mb-x86_64.s crypto/sha/sha256-x86_64.s crypto/sha/sha512-x86_64.s crypto/whrlpool/wp-x86_64.s crypto/x86_64cpuid.s doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod engines/afalg.ld engines/capi.ld engines/dasync.ld engines/e_padlock-x86_64.s engines/ossltest.ld engines/padlock.ld libcrypto.ld libssl.ld providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_rsa_gen.c providers/common/der/der_wrap_gen.c providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_wrap.h providers/fips.ld providers/legacy.ld test/buildtest_aes.c test/buildtest_asn1.c test/buildtest_asn1t.c test/buildtest_async.c test/buildtest_bio.c test/buildtest_blowfish.c test/buildtest_bn.c test/buildtest_buffer.c test/buildtest_camellia.c test/buildtest_cast.c test/buildtest_cmac.c test/buildtest_cmp.c test/buildtest_cmp_util.c test/buildtest_cms.c test/buildtest_comp.c test/buildtest_conf.c test/buildtest_conf_api.c test/buildtest_core.c test/buildtest_core_dispatch.c test/buildtest_core_names.c test/buildtest_crmf.c test/buildtest_crypto.c test/buildtest_ct.c test/buildtest_des.c test/buildtest_deserializer.c test/buildtest_dh.c test/buildtest_dsa.c test/buildtest_e_os2.c test/buildtest_ebcdic.c test/buildtest_ec.c test/buildtest_ecdh.c test/buildtest_ecdsa.c test/buildtest_engine.c test/buildtest_ess.c test/buildtest_evp.c test/buildtest_fips_names.c test/buildtest_hmac.c test/buildtest_http.c test/buildtest_idea.c test/buildtest_kdf.c test/buildtest_lhash.c test/buildtest_macros.c test/buildtest_md4.c test/buildtest_md5.c test/buildtest_mdc2.c test/buildtest_modes.c test/buildtest_obj_mac.c test/buildtest_objects.c test/buildtest_ocsp.c test/buildtest_ossl_typ.c test/buildtest_param_build.c test/buildtest_params.c test/buildtest_pem.c test/buildtest_pem2.c test/buildtest_pkcs12.c test/buildtest_pkcs7.c test/buildtest_provider.c test/buildtest_rand.c test/buildtest_rc2.c test/buildtest_rc4.c test/buildtest_ripemd.c test/buildtest_rsa.c test/buildtest_safestack.c test/buildtest_seed.c test/buildtest_self_test.c test/buildtest_serializer.c test/buildtest_sha.c test/buildtest_srp.c test/buildtest_srtp.c test/buildtest_ssl.c test/buildtest_ssl2.c test/buildtest_stack.c test/buildtest_store.c test/buildtest_symhacks.c test/buildtest_tls1.c test/buildtest_ts.c test/buildtest_txt_db.c test/buildtest_types.c test/buildtest_ui.c test/buildtest_whrlpool.c test/buildtest_x509.c test/buildtest_x509_vfy.c test/buildtest_x509v3.c test/p_test.ld tools/c_rehash util/shlib_wrap.sh
rm -f `find . -name '*.d' \! -name '.*' \! -type d -print`
rm -f `find . -name '*.o' \! -name '.*' \! -type d -print`
rm -f core
rm -f tags TAGS doc-nits cmd-nits md-nits
rm -f -r test/test-runs
rm -f openssl.pc libcrypto.pc libssl.pc
rm -f `find . -type l \! -name '.*' -print`
rm -f ../openssl-3.0.0-alpha7-dev.tar
$ make depend
$ LDCMD= make -j4
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-asn1parse.pod.in > doc/man1/openssl-asn1parse.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ca.pod.in > doc/man1/openssl-ca.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ciphers.pod.in > doc/man1/openssl-ciphers.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmds.pod.in > doc/man1/openssl-cmds.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmp.pod.in > doc/man1/openssl-cmp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cms.pod.in > doc/man1/openssl-cms.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl.pod.in > doc/man1/openssl-crl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-provider.pod.in > doc/man1/openssl-provider.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf
make depend && make _build_sw
make[1]: Entering directory '/home/openssl/run-checker/no-sock'
make[1]: Leaving directory '/home/openssl/run-checker/no-sock'
make[1]: Entering directory '/home/openssl/run-checker/no-sock'
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c
../openssl/apps/lib/http_server.c:27:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations]
int multi = 0; /* run multiple responder processes */
    ^
1 error generated.
Makefile:4168: recipe for target 'apps/lib/libapps-lib-http_server.o' failed
make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-sock'
Makefile:3138: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From builds at travis-ci.com  Tue Aug 18 11:36:03 2020
From: builds at travis-ci.com (Travis CI)
Date: Tue, 18 Aug 2020 11:36:03 +0000
Subject: Still Failing: openssl/openssl#36751 (master - c9dcbc0)
In-Reply-To: <openssl/openssl+180111210+still failing@travis-ci.com>
Message-ID: <5f3bbd23b4ea_13fe2007c553465267f@travis-pro-tasks-5568667578-8nxpd.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36751
Status: Still Failing

Duration: 1 hr, 24 mins, and 38 secs
Commit: c9dcbc0 (master)
Author: Pauli
Message: Apps: change provider_path option to provider-path.

The applications use '-' in options not '_'.

Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12662)

View the changeset: https://github.com/openssl/openssl/compare/38145fba0a5f...c9dcbc0759be

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180111210?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200818/49c7dc6e/attachment.html>

From openssl at openssl.org  Tue Aug 18 14:49:30 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 18 Aug 2020 14:49:30 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT
 -fno-sanitize=alignment
Message-ID: <1597762170.540889.20976.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment

Commit log since last time:

ebe3f24b3d provider: disable fall-backs if OSSL_PROVIDER_load() fails.
0e53cd5207 PKCS#12 KDF: don't run tests with the FIPS provider.
b7466c1303 Move PKCS#12 KDF to provider.
c19e6da9a3 Appease -Werror=stringop-overflow=
cddbcf0d28 Remove needless #ifndef OPENSSL_NO_SOCK for X509_{CRL_}load_http
ea9f6890eb sslapitest: Add test for premature call of SSL_export_keying_material
dffeec1c10 Avoid segfault in SSL_export_keying_material if there is no session
dd0164e756 Mark SSL_CTX_set_ssl_version() as deprecated in 3.0

Build log ended with (last 100 lines):

            # Server sent alert unexpected_message but client received no alert.
            # 407701E4E77F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:318:
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1
    not ok 6 - running ssl_test 25-cipher.cnf
# ------------------------------------------------------------------------------
    # Looks like you failed 2 tests of 9.
not ok 26 - Test configuration 25-cipher.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok

        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #2, ECDHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 40C7489E647F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #3, DHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 40C7489E647F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 4 - iteration 4
# ------------------------------------------------------------------------------
    not ok 1 - test_ssl_corrupt
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1
not ok 1 - running sslcorrupttest
# ------------------------------------------------------------------------------
#   Failed test 'running sslcorrupttest'
#   at ../openssl/test/recipes/80-test_sslcorrupt.t line 19.
# Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests 
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls_mtu.t               (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  26
  Non-zero exit status: 1
80-test_sslcorrupt.t             (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=208, Tests=3308, 1771 wallclock secs (14.10 usr  1.43 sys + 1679.64 cusr 89.70 csys = 1784.87 CPU)
Result: FAIL
Makefile:3176: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-ubsan'
Makefile:3174: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Tue Aug 18 15:11:50 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Tue, 18 Aug 2020 15:11:50 +0000
Subject: Build failed: openssl master.36211
Message-ID: <20200818151150.1.66541BA3998F2356@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200818/240e4758/attachment-0001.html>

From openssl at openssl.org  Tue Aug 18 15:14:30 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 18 Aug 2020 15:14:30 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-ui
Message-ID: <1597763670.736833.7338.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ui

Commit log since last time:

ebe3f24b3d provider: disable fall-backs if OSSL_PROVIDER_load() fails.
0e53cd5207 PKCS#12 KDF: don't run tests with the FIPS provider.
b7466c1303 Move PKCS#12 KDF to provider.
c19e6da9a3 Appease -Werror=stringop-overflow=
cddbcf0d28 Remove needless #ifndef OPENSSL_NO_SOCK for X509_{CRL_}load_http
ea9f6890eb sslapitest: Add test for premature call of SSL_export_keying_material
dffeec1c10 Avoid segfault in SSL_export_keying_material if there is no session
dd0164e756 Mark SSL_CTX_set_ssl_version() as deprecated in 3.0

Build log ended with (last 100 lines):

    #   Failed test 'p10cr csr empty file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -csr wrong.csr.pem => 139
    not ok 78 - p10cr wrong csr
# ------------------------------------------------------------------------------
    #   Failed test 'p10cr wrong csr'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -revreason 5 => 139
    not ok 79 - ir + ignored revocation
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 139
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 139
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 139
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' => 139
    not ok 86 - kur newkey is directory
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139
    not ok 89 - kur oldcert is directory
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert is directory'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139
    not ok 90 - kur oldcert not existing
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert not existing'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139
    not ok 91 - kur empty oldcert file
# ------------------------------------------------------------------------------
    #   Failed test 'kur empty oldcert file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139
    not ok 92 - kur command without cert and oldcert
# ------------------------------------------------------------------------------
    #   Failed test 'kur command without cert and oldcert'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 65 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-ui/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=208, Tests=3308, 918 wallclock secs (13.16 usr  1.32 sys + 817.59 cusr 64.13 csys = 896.20 CPU)
Result: FAIL
Makefile:3171: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-ui'
Makefile:3169: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Tue Aug 18 16:44:18 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Tue, 18 Aug 2020 16:44:18 +0000
Subject: Build completed: openssl master.36212
Message-ID: <20200818164418.1.B2E68968DF22B832@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200818/902ba9be/attachment.html>

From openssl at openssl.org  Tue Aug 18 18:04:44 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 18 Aug 2020 18:04:44 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls
Message-ID: <1597773884.883147.3068.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls

Commit log since last time:

ebe3f24b3d provider: disable fall-backs if OSSL_PROVIDER_load() fails.
0e53cd5207 PKCS#12 KDF: don't run tests with the FIPS provider.
b7466c1303 Move PKCS#12 KDF to provider.
c19e6da9a3 Appease -Werror=stringop-overflow=
cddbcf0d28 Remove needless #ifndef OPENSSL_NO_SOCK for X509_{CRL_}load_http
ea9f6890eb sslapitest: Add test for premature call of SSL_export_keying_material
dffeec1c10 Avoid segfault in SSL_export_keying_material if there is no session
dd0164e756 Mark SSL_CTX_set_ssl_version() as deprecated in 3.0

Build log ended with (last 100 lines):


# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build
80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok

            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 7 - iteration 7
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 8 - iteration 8
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 10 - iteration 10
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 11 - iteration 11
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 12 - iteration 12
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips.cnf => 1
    not ok 9 - running ssl_test 04-client_auth.cnf
# ------------------------------------------------------------------------------
    #   Failed test 'running ssl_test 04-client_auth.cnf'
    #   at ../openssl/test/recipes/80-test_ssl_new.t line 173.
    # Looks like you failed 1 test of 9.
not ok 5 - Test configuration 04-client_auth.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  5
  Non-zero exit status: 1
Files=208, Tests=3305, 863 wallclock secs (13.02 usr  1.32 sys + 797.81 cusr 64.68 csys = 876.83 CPU)
Result: FAIL
Makefile:3171: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls'
Makefile:3169: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Tue Aug 18 19:06:35 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Tue, 18 Aug 2020 19:06:35 +0000
Subject: Build failed: openssl master.36214
Message-ID: <20200818190635.1.7828454FEF0AAC50@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200818/4d25f505/attachment.html>

From openssl at openssl.org  Tue Aug 18 20:50:04 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 18 Aug 2020 20:50:04 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls1_2
Message-ID: <1597783804.653380.24552.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2

Commit log since last time:

ebe3f24b3d provider: disable fall-backs if OSSL_PROVIDER_load() fails.
0e53cd5207 PKCS#12 KDF: don't run tests with the FIPS provider.
b7466c1303 Move PKCS#12 KDF to provider.
c19e6da9a3 Appease -Werror=stringop-overflow=
cddbcf0d28 Remove needless #ifndef OPENSSL_NO_SOCK for X509_{CRL_}load_http
ea9f6890eb sslapitest: Add test for premature call of SSL_export_keying_material
dffeec1c10 Avoid segfault in SSL_export_keying_material if there is no session
dd0164e756 Mark SSL_CTX_set_ssl_version() as deprecated in 3.0

Build log ended with (last 100 lines):

    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0703950017F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0703950017F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0703950017F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6760
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/7i6vazPlQN default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C0D0DE01E87F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0D0DE01E87F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:846
    # false
    not ok 3 - test_large_message_dtls
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C0D0DE01E87F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0D0DE01E87F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0D0DE01E87F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0D0DE01E87F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6760
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/7i6vazPlQN fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls.t                   (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 1024 Tests: 31 Failed: 4)
  Failed tests:  5, 8, 17, 19
  Non-zero exit status: 4
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=208, Tests=3307, 878 wallclock secs (12.95 usr  1.21 sys + 810.31 cusr 64.76 csys = 889.23 CPU)
Result: FAIL
Makefile:3175: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2'
Makefile:3173: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Tue Aug 18 23:14:54 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 18 Aug 2020 23:14:54 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls1_2-method
Message-ID: <1597792494.312520.439.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method

Commit log since last time:

ebe3f24b3d provider: disable fall-backs if OSSL_PROVIDER_load() fails.
0e53cd5207 PKCS#12 KDF: don't run tests with the FIPS provider.
b7466c1303 Move PKCS#12 KDF to provider.
c19e6da9a3 Appease -Werror=stringop-overflow=
cddbcf0d28 Remove needless #ifndef OPENSSL_NO_SOCK for X509_{CRL_}load_http
ea9f6890eb sslapitest: Add test for premature call of SSL_export_keying_material
dffeec1c10 Avoid segfault in SSL_export_keying_material if there is no session
dd0164e756 Mark SSL_CTX_set_ssl_version() as deprecated in 3.0

Build log ended with (last 100 lines):

    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0A08664377F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0A08664377F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0A08664377F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6760
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/QipafpJJzm default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C0C0EEC5C67F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0C0EEC5C67F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:846
    # false
    not ok 3 - test_large_message_dtls
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C0C0EEC5C67F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0C0EEC5C67F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0C0EEC5C67F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0C0EEC5C67F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6760
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/QipafpJJzm fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls.t                   (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 1024 Tests: 31 Failed: 4)
  Failed tests:  5, 8, 17, 19
  Non-zero exit status: 4
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=208, Tests=3307, 891 wallclock secs (13.15 usr  1.28 sys + 825.24 cusr 64.38 csys = 904.05 CPU)
Result: FAIL
Makefile:3187: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method'
Makefile:3185: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Wed Aug 19 00:02:52 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Wed, 19 Aug 2020 00:02:52 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-tls1_3
Message-ID: <1597795372.873724.2435.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_3

Commit log since last time:

ebe3f24b3d provider: disable fall-backs if OSSL_PROVIDER_load() fails.
0e53cd5207 PKCS#12 KDF: don't run tests with the FIPS provider.
b7466c1303 Move PKCS#12 KDF to provider.
c19e6da9a3 Appease -Werror=stringop-overflow=
cddbcf0d28 Remove needless #ifndef OPENSSL_NO_SOCK for X509_{CRL_}load_http
ea9f6890eb sslapitest: Add test for premature call of SSL_export_keying_material
dffeec1c10 Avoid segfault in SSL_export_keying_material if there is no session
dd0164e756 Mark SSL_CTX_set_ssl_version() as deprecated in 3.0

Build log ended with (last 100 lines):

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok

        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0D01BDF107F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:414:
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0D01BDF107F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8213
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0D01BDF107F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:414:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0D01BDF107F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8213
        # false
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
    not ok 37 - test_sigalgs_available
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/kLj59KPHCE default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0B01E578F7F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:414:
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0B01E578F7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8213
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0B01E578F7F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:414:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0B01E578F7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8213
        # false
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
    not ok 37 - test_sigalgs_available
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/kLj59KPHCE fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build
90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=208, Tests=3229, 824 wallclock secs (11.40 usr  1.26 sys + 762.42 cusr 61.28 csys = 836.36 CPU)
Result: FAIL
Makefile:3178: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-tls1_3'
Makefile:3176: recipe for target 'tests' failed
make: *** [tests] Error 2

From pauli at openssl.org  Wed Aug 19 03:15:49 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Wed, 19 Aug 2020 03:15:49 +0000
Subject: [openssl]  master update
Message-ID: <1597806949.610650.6622.nullmailer@dev.openssl.org>

The branch master has been updated
       via  c51a8af8cca755ceefba64b3cbd0bdb91c74d77c (commit)
      from  c9dcbc0759be1e733273cc0b5602bdbbd3542b27 (commit)


- Log -----------------------------------------------------------------
commit c51a8af8cca755ceefba64b3cbd0bdb91c74d77c
Author: Pauli <paul.dale at oracle.com>
Date:   Sat Aug 15 10:35:59 2020 +1000

    OCSP: Add return value checks.
    
    The calls are unlikely to fail but better checking their return than not.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12648)

-----------------------------------------------------------------------

Summary of changes:
 crypto/err/openssl.txt    |  2 ++
 crypto/ocsp/ocsp_err.c    |  2 ++
 crypto/ocsp/ocsp_vfy.c    | 53 +++++++++++++++++++++++++++++------------------
 include/openssl/ocsperr.h |  2 ++
 4 files changed, 39 insertions(+), 20 deletions(-)

diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index c07eee6e7e..b42abcc137 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2678,6 +2678,8 @@ OBJ_R_UNKNOWN_NID:101:unknown nid
 OBJ_R_UNKNOWN_OBJECT_NAME:103:unknown object name
 OCSP_R_CERTIFICATE_VERIFY_ERROR:101:certificate verify error
 OCSP_R_DIGEST_ERR:102:digest err
+OCSP_R_DIGEST_NAME_ERR:106:digest name err
+OCSP_R_DIGEST_SIZE_ERR:107:digest size err
 OCSP_R_ERROR_IN_NEXTUPDATE_FIELD:122:error in nextupdate field
 OCSP_R_ERROR_IN_THISUPDATE_FIELD:123:error in thisupdate field
 OCSP_R_MISSING_OCSPSIGNING_USAGE:103:missing ocspsigning usage
diff --git a/crypto/ocsp/ocsp_err.c b/crypto/ocsp/ocsp_err.c
index 7cd36723e2..518e0432a3 100644
--- a/crypto/ocsp/ocsp_err.c
+++ b/crypto/ocsp/ocsp_err.c
@@ -17,6 +17,8 @@ static const ERR_STRING_DATA OCSP_str_reasons[] = {
     {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_CERTIFICATE_VERIFY_ERROR),
     "certificate verify error"},
     {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_DIGEST_ERR), "digest err"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_DIGEST_NAME_ERR), "digest name err"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_DIGEST_SIZE_ERR), "digest size err"},
     {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_ERROR_IN_NEXTUPDATE_FIELD),
     "error in nextupdate field"},
     {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_ERROR_IN_THISUPDATE_FIELD),
diff --git a/crypto/ocsp/ocsp_vfy.c b/crypto/ocsp/ocsp_vfy.c
index 33cd236af7..adf4970d58 100644
--- a/crypto/ocsp/ocsp_vfy.c
+++ b/crypto/ocsp/ocsp_vfy.c
@@ -54,6 +54,7 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
         flags |= OCSP_NOVERIFY;
     if (!(flags & OCSP_NOSIGS)) {
         EVP_PKEY *skey;
+
         skey = X509_get0_pubkey(signer);
         if (skey == NULL) {
             OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, OCSP_R_NO_SIGNER_KEY);
@@ -153,6 +154,7 @@ static int ocsp_find_signer(X509 **psigner, OCSP_BASICRESP *bs,
 {
     X509 *signer;
     OCSP_RESPID *rid = &bs->tbsResponseData.responderId;
+
     if ((signer = ocsp_find_signer_sk(certs, rid))) {
         *psigner = signer;
         return 2;
@@ -187,8 +189,9 @@ static X509 *ocsp_find_signer_sk(STACK_OF(X509) *certs, OCSP_RESPID *id)
     /* Calculate hash of each key and compare */
     for (i = 0; i < sk_X509_num(certs); i++) {
         x = sk_X509_value(certs, i);
-        X509_pubkey_digest(x, EVP_sha1(), tmphash, NULL);
-        if (!memcmp(keyhash, tmphash, SHA_DIGEST_LENGTH))
+        if (!X509_pubkey_digest(x, EVP_sha1(), tmphash, NULL))
+            break;
+        if (memcmp(keyhash, tmphash, SHA_DIGEST_LENGTH) == 0)
             return x;
     }
     return NULL;
@@ -200,8 +203,8 @@ static int ocsp_check_issuer(OCSP_BASICRESP *bs, STACK_OF(X509) *chain)
     X509 *signer, *sca;
     OCSP_CERTID *caid = NULL;
     int i;
-    sresp = bs->tbsResponseData.responses;
 
+    sresp = bs->tbsResponseData.responses;
     if (sk_X509_num(chain) <= 0) {
         OCSPerr(OCSP_F_OCSP_CHECK_ISSUER, OCSP_R_NO_CERTIFICATES_IN_CHAIN);
         return -1;
@@ -274,52 +277,60 @@ static int ocsp_check_ids(STACK_OF(OCSP_SINGLERESP) *sresp, OCSP_CERTID **ret)
     return 1;
 }
 
+/*
+ * Match the certificate issuer ID.
+ * Returns -1 on error, 0 if there is no match and 1 if there is a match.
+ */
 static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
                                STACK_OF(OCSP_SINGLERESP) *sresp)
 {
     /* If only one ID to match then do it */
-    if (cid) {
+    if (cid != NULL) {
         const EVP_MD *dgst;
         const X509_NAME *iname;
         int mdlen;
         unsigned char md[EVP_MAX_MD_SIZE];
-        if ((dgst = EVP_get_digestbyobj(cid->hashAlgorithm.algorithm))
-                == NULL) {
-            OCSPerr(OCSP_F_OCSP_MATCH_ISSUERID,
-                    OCSP_R_UNKNOWN_MESSAGE_DIGEST);
+
+        dgst = EVP_get_digestbyobj(cid->hashAlgorithm.algorithm);
+        if (dgst == NULL) {
+            OCSPerr(0, OCSP_R_UNKNOWN_MESSAGE_DIGEST);
             return -1;
         }
 
         mdlen = EVP_MD_size(dgst);
-        if (mdlen < 0)
+        if (mdlen < 0) {
+            OCSPerr(0, OCSP_R_DIGEST_SIZE_ERR);
             return -1;
-        if ((cid->issuerNameHash.length != mdlen) ||
-            (cid->issuerKeyHash.length != mdlen))
+        }
+        if (cid->issuerNameHash.length != mdlen ||
+            cid->issuerKeyHash.length != mdlen)
             return 0;
         iname = X509_get_subject_name(cert);
-        if (!X509_NAME_digest(iname, dgst, md, NULL))
+        if (!X509_NAME_digest(iname, dgst, md, NULL)) {
+            OCSPerr(0, OCSP_R_DIGEST_NAME_ERR);
             return -1;
-        if (memcmp(md, cid->issuerNameHash.data, mdlen))
+        }
+        if (memcmp(md, cid->issuerNameHash.data, mdlen) != 0)
             return 0;
-        X509_pubkey_digest(cert, dgst, md, NULL);
-        if (memcmp(md, cid->issuerKeyHash.data, mdlen))
+        if (!X509_pubkey_digest(cert, dgst, md, NULL)) {
+            OCSPerr(0, OCSP_R_DIGEST_ERR);
+            return -1;
+        }
+        if (memcmp(md, cid->issuerKeyHash.data, mdlen) != 0)
             return 0;
-
-        return 1;
-
     } else {
         /* We have to match the whole lot */
         int i, ret;
         OCSP_CERTID *tmpid;
+
         for (i = 0; i < sk_OCSP_SINGLERESP_num(sresp); i++) {
             tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId;
             ret = ocsp_match_issuerid(cert, tmpid, NULL);
             if (ret <= 0)
                 return ret;
         }
-        return 1;
     }
-
+    return 1;
 }
 
 static int ocsp_check_delegated(X509 *x)
@@ -381,6 +392,7 @@ int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs,
     }
     if (!(flags & OCSP_NOVERIFY)) {
         int init_res;
+
         if (flags & OCSP_NOCHAIN)
             init_res = X509_STORE_CTX_init(ctx, store, signer, NULL);
         else
@@ -419,6 +431,7 @@ static int ocsp_req_find_signer(X509 **psigner, OCSP_REQUEST *req,
                                 unsigned long flags)
 {
     X509 *signer;
+
     if (!(flags & OCSP_NOINTERN)) {
         signer = X509_find_by_subject(req->optionalSignature->certs, nm);
         if (signer) {
diff --git a/include/openssl/ocsperr.h b/include/openssl/ocsperr.h
index f9ad3be022..eea82b8a56 100644
--- a/include/openssl/ocsperr.h
+++ b/include/openssl/ocsperr.h
@@ -50,6 +50,8 @@ int ERR_load_OCSP_strings(void);
  */
 #  define OCSP_R_CERTIFICATE_VERIFY_ERROR                  101
 #  define OCSP_R_DIGEST_ERR                                102
+#  define OCSP_R_DIGEST_NAME_ERR                           106
+#  define OCSP_R_DIGEST_SIZE_ERR                           107
 #  define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD                 122
 #  define OCSP_R_ERROR_IN_THISUPDATE_FIELD                 123
 #  define OCSP_R_MISSING_OCSPSIGNING_USAGE                 103

From shane.lontis at oracle.com  Wed Aug 19 03:29:02 2020
From: shane.lontis at oracle.com (shane.lontis at oracle.com)
Date: Wed, 19 Aug 2020 03:29:02 +0000
Subject: [openssl]  master update
Message-ID: <1597807742.614382.8770.nullmailer@dev.openssl.org>

The branch master has been updated
       via  7fe32ef68855d727c55186bda99b3e2500afa2c2 (commit)
      from  c51a8af8cca755ceefba64b3cbd0bdb91c74d77c (commit)


- Log -----------------------------------------------------------------
commit 7fe32ef68855d727c55186bda99b3e2500afa2c2
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Wed Aug 19 13:27:31 2020 +1000

    Fix no-cms build errors.
    
    Fixes #12640
    
    The X942-KDF is now indepedent of the CMS code (since it no longer uses CMS_SharedInfo_encode).
    Any code related to EVP_PKEY_DH_KDF_X9_42 needs to not be wrapped by !defined(OPENSSL_NO_CMS).
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12642)

-----------------------------------------------------------------------

Summary of changes:
 crypto/dh/dh_kdf.c   | 4 ++--
 crypto/dh/dh_pmeth.c | 6 ------
 include/openssl/dh.h | 6 +-----
 util/libcrypto.num   | 2 +-
 4 files changed, 4 insertions(+), 14 deletions(-)

diff --git a/crypto/dh/dh_kdf.c b/crypto/dh/dh_kdf.c
index 0b1e5881c3..6f59d6ecc2 100644
--- a/crypto/dh/dh_kdf.c
+++ b/crypto/dh/dh_kdf.c
@@ -60,7 +60,7 @@ err:
     return ret;
 }
 
-#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_CMS)
+#if !defined(FIPS_MODULE)
 int DH_KDF_X9_42(unsigned char *out, size_t outlen,
                  const unsigned char *Z, size_t Zlen,
                  ASN1_OBJECT *key_oid,
@@ -81,4 +81,4 @@ int DH_KDF_X9_42(unsigned char *out, size_t outlen,
     return dh_KDF_X9_42_asn1(out, outlen, Z, Zlen, key_alg,
                              ukm, ukmlen, md, libctx, NULL);
 }
-#endif /* !defined(FIPS_MODULE) && !defined(OPENSSL_NO_CMS) */
+#endif /* !defined(FIPS_MODULE) */
diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c
index 39b79ffb36..2c74b39db1 100644
--- a/crypto/dh/dh_pmeth.c
+++ b/crypto/dh/dh_pmeth.c
@@ -172,11 +172,7 @@ static int pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
     case EVP_PKEY_CTRL_DH_KDF_TYPE:
         if (p1 == -2)
             return dctx->kdf_type;
-#ifdef OPENSSL_NO_CMS
-        if (p1 != EVP_PKEY_DH_KDF_NONE)
-#else
         if (p1 != EVP_PKEY_DH_KDF_NONE && p1 != EVP_PKEY_DH_KDF_X9_42)
-#endif
             return -2;
         dctx->kdf_type = p1;
         return 1;
@@ -445,7 +441,6 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
         *keylen = ret;
         return 1;
     }
-#ifndef OPENSSL_NO_CMS
     else if (dctx->kdf_type == EVP_PKEY_DH_KDF_X9_42) {
 
         unsigned char *Z = NULL;
@@ -475,7 +470,6 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
         OPENSSL_clear_free(Z, Zlen);
         return ret;
     }
-#endif
     return 0;
 }
 
diff --git a/include/openssl/dh.h b/include/openssl/dh.h
index 4b456cff16..69a5b79c18 100644
--- a/include/openssl/dh.h
+++ b/include/openssl/dh.h
@@ -202,14 +202,12 @@ DH *DH_get_2048_256(void);
 DH *DH_new_by_nid(int nid);
 DEPRECATEDIN_3_0(int DH_get_nid(const DH *dh))
 
-#  ifndef OPENSSL_NO_CMS
 /* RFC2631 KDF */
 DEPRECATEDIN_3_0(int DH_KDF_X9_42(unsigned char *out, size_t outlen,
                                   const unsigned char *Z, size_t Zlen,
                                   ASN1_OBJECT *key_oid,
                                   const unsigned char *ukm,
                                   size_t ukmlen, const EVP_MD *md))
-#  endif
 
 void DH_get0_pqg(const DH *dh,
                  const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
@@ -316,9 +314,7 @@ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
 
 /* KDF types */
 #  define EVP_PKEY_DH_KDF_NONE                            1
-#  ifndef OPENSSL_NO_CMS
-#   define EVP_PKEY_DH_KDF_X9_42                          2
-#  endif
+#  define EVP_PKEY_DH_KDF_X9_42                           2
 
 #  ifdef  __cplusplus
 }
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 838d1e686d..b38670b1ab 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -2939,7 +2939,7 @@ TS_RESP_CTX_set_status_info             3001	3_0_0	EXIST::FUNCTION:TS
 BIO_f_nbio_test                         3002	3_0_0	EXIST::FUNCTION:
 SEED_ofb128_encrypt                     3003	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,SEED
 d2i_RSAPrivateKey_bio                   3004	3_0_0	EXIST::FUNCTION:RSA
-DH_KDF_X9_42                            3005	3_0_0	EXIST::FUNCTION:CMS,DEPRECATEDIN_3_0,DH
+DH_KDF_X9_42                            3005	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
 EVP_PKEY_meth_set_signctx               3006	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0
 X509_CRL_get_version                    3007	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_meth_get0_info                 3008	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0

From builds at travis-ci.com  Wed Aug 19 04:54:13 2020
From: builds at travis-ci.com (Travis CI)
Date: Wed, 19 Aug 2020 04:54:13 +0000
Subject: Still Failing: openssl/openssl#36778 (master - c51a8af)
In-Reply-To: <openssl/openssl+180448859+still failing@travis-ci.com>
Message-ID: <5f3cb075119cb_13feca2ca479c537e8@travis-pro-tasks-7957794c58-722s8.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36778
Status: Still Failing

Duration: 11 mins and 49 secs
Commit: c51a8af (master)
Author: Pauli
Message: OCSP: Add return value checks.

The calls are unlikely to fail but better checking their return than not.

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12648)

View the changeset: https://github.com/openssl/openssl/compare/c9dcbc0759be...c51a8af8cca7

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180448859?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200819/03c7872b/attachment.html>

From builds at travis-ci.com  Wed Aug 19 06:26:11 2020
From: builds at travis-ci.com (Travis CI)
Date: Wed, 19 Aug 2020 06:26:11 +0000
Subject: Still Failing: openssl/openssl#36779 (master - 7fe32ef)
In-Reply-To: <openssl/openssl+180449783+still failing@travis-ci.com>
Message-ID: <5f3cc6035ceb7_13feca39f48ac1708a3@travis-pro-tasks-7957794c58-722s8.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36779
Status: Still Failing

Duration: 32 mins and 50 secs
Commit: 7fe32ef (master)
Author: Shane Lontis
Message: Fix no-cms build errors.

Fixes #12640

The X942-KDF is now indepedent of the CMS code (since it no longer uses CMS_SharedInfo_encode).
Any code related to EVP_PKEY_DH_KDF_X9_42 needs to not be wrapped by !defined(OPENSSL_NO_CMS).

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12642)

View the changeset: https://github.com/openssl/openssl/compare/c51a8af8cca7...7fe32ef68855

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180449783?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200819/2b9d9683/attachment-0001.html>

From dev at ddvo.net  Wed Aug 19 07:17:42 2020
From: dev at ddvo.net (dev at ddvo.net)
Date: Wed, 19 Aug 2020 07:17:42 +0000
Subject: [openssl]  master update
Message-ID: <1597821462.380341.8281.nullmailer@dev.openssl.org>

The branch master has been updated
       via  9a30f40c575eeac094b81f884e6585e35725adaf (commit)
      from  7fe32ef68855d727c55186bda99b3e2500afa2c2 (commit)


- Log -----------------------------------------------------------------
commit 9a30f40c575eeac094b81f884e6585e35725adaf
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Fri Aug 14 10:39:17 2020 +0200

    OSSL_STORE file_load_try_decode(): Avoid flooding error queue by failed tries
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12645)

-----------------------------------------------------------------------

Summary of changes:
 crypto/store/loader_file.c | 27 ++++++++++++++++++++-------
 1 file changed, 20 insertions(+), 7 deletions(-)

diff --git a/crypto/store/loader_file.c b/crypto/store/loader_file.c
index da4e96b989..3b54ebbcd5 100644
--- a/crypto/store/loader_file.c
+++ b/crypto/store/loader_file.c
@@ -480,6 +480,7 @@ static OSSL_STORE_INFO *try_decode_PrivateKey(const char *pem_name,
                         || ameth2->pkey_flags & ASN1_PKEY_ALIAS)
                         continue;
 
+                    ERR_set_mark(); /* prevent flooding error queue */
                     tmp_pkey =
                         d2i_PrivateKey_ex(ameth2->pkey_id, NULL,
                                           &tmp_blob, len, libctx, propq);
@@ -490,6 +491,7 @@ static OSSL_STORE_INFO *try_decode_PrivateKey(const char *pem_name,
                             pkey = tmp_pkey;
                         (*matchcount)++;
                     }
+                    ERR_pop_to_mark();
                 }
             }
             curengine = ENGINE_get_next(curengine);
@@ -504,6 +506,7 @@ static OSSL_STORE_INFO *try_decode_PrivateKey(const char *pem_name,
             if (ameth->pkey_flags & ASN1_PKEY_ALIAS)
                 continue;
 
+            ERR_set_mark(); /* prevent flooding error queue */
             tmp_pkey = d2i_PrivateKey_ex(ameth->pkey_id, NULL, &tmp_blob, len,
                                          libctx, propq);
             if (tmp_pkey != NULL) {
@@ -513,6 +516,7 @@ static OSSL_STORE_INFO *try_decode_PrivateKey(const char *pem_name,
                     pkey = tmp_pkey;
                 (*matchcount)++;
             }
+            ERR_pop_to_mark();
         }
 
         if (*matchcount > 1) {
@@ -625,6 +629,8 @@ static OSSL_STORE_INFO *try_decode_params(const char *pem_name,
             if (ameth->pkey_flags & ASN1_PKEY_ALIAS)
                 continue;
 
+            ERR_set_mark(); /* prevent flooding error queue */
+
             if (EVP_PKEY_set_type(tmp_pkey, ameth->pkey_id)
                 && (ameth = EVP_PKEY_get0_asn1(tmp_pkey)) != NULL
                 && ameth->param_decode != NULL
@@ -636,6 +642,7 @@ static OSSL_STORE_INFO *try_decode_params(const char *pem_name,
                 tmp_pkey = NULL;
                 (*matchcount)++;
             }
+            ERR_pop_to_mark();
         }
 
         EVP_PKEY_free(tmp_pkey);
@@ -936,8 +943,7 @@ static OSSL_STORE_LOADER_CTX *file_open_with_libctx
         return NULL;
     }
 
-    /* Successfully found a working path, clear possible collected errors */
-    ERR_clear_error();
+    /* Successfully found a working path */
 
     ctx = OPENSSL_zalloc(sizeof(*ctx));
     if (ctx == NULL) {
@@ -1124,11 +1130,22 @@ static OSSL_STORE_INFO *file_load_try_decode(OSSL_STORE_LOADER_CTX *ctx,
             const FILE_HANDLER *handler = file_handlers[i];
             int try_matchcount = 0;
             void *tmp_handler_ctx = NULL;
-            OSSL_STORE_INFO *tmp_result =
+            OSSL_STORE_INFO *tmp_result;
+            unsigned long err;
+
+            ERR_set_mark();
+            tmp_result =
                 handler->try_decode(pem_name, pem_header, data, len,
                                     &tmp_handler_ctx, &try_matchcount,
                                     ui_method, ui_data, ctx->uri,
                                     ctx->libctx, ctx->propq);
+            /* avoid flooding error queue with low-level ASN.1 parse errors */
+            err = ERR_peek_last_error();
+            if (ERR_GET_LIB(err) == ERR_LIB_ASN1
+                    && ERR_GET_REASON(err) == ERR_R_NESTED_ASN1_ERROR)
+                ERR_pop_to_mark();
+            else
+                ERR_clear_last_mark();
 
             if (try_matchcount > 0) {
 
@@ -1177,9 +1194,6 @@ static OSSL_STORE_INFO *file_load_try_decode(OSSL_STORE_LOADER_CTX *ctx,
         goto again;
     }
 
-    if (result != NULL)
-        ERR_clear_error();
-
     return result;
 }
 
@@ -1448,7 +1462,6 @@ static OSSL_STORE_INFO *file_load(OSSL_STORE_LOADER_CTX *ctx,
     OSSL_STORE_INFO *result = NULL;
 
     ctx->errcnt = 0;
-    ERR_clear_error();
 
     if (ctx->type == is_dir) {
         do {

From dev at ddvo.net  Wed Aug 19 07:54:50 2020
From: dev at ddvo.net (dev at ddvo.net)
Date: Wed, 19 Aug 2020 07:54:50 +0000
Subject: [openssl]  master update
Message-ID: <1597823690.529554.14440.nullmailer@dev.openssl.org>

The branch master has been updated
       via  c7dfb2abe5655ad1de7dfbdf5a9a6b0164f429cf (commit)
       via  fc0aae737eb1cb2d2554caa8bffea80b8cbd38f9 (commit)
      from  9a30f40c575eeac094b81f884e6585e35725adaf (commit)


- Log -----------------------------------------------------------------
commit c7dfb2abe5655ad1de7dfbdf5a9a6b0164f429cf
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Fri Aug 14 10:24:33 2020 +0200

    PKCS12_parse(): Clean up code and correct documentation
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12641)

commit fc0aae737eb1cb2d2554caa8bffea80b8cbd38f9
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Wed Aug 12 18:06:00 2020 +0200

    PKCS12_parse(): Fix reversed order of certs parsed and output via *ca
    
    Fixes #6698
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12641)

-----------------------------------------------------------------------

Summary of changes:
 CHANGES.md                |  5 +++++
 crypto/pkcs12/p12_kiss.c  | 45 ++++++++++++++++++++++++++-------------------
 doc/man3/PKCS12_parse.pod | 12 ++++++++----
 3 files changed, 39 insertions(+), 23 deletions(-)

diff --git a/CHANGES.md b/CHANGES.md
index 3ecdd5d99b..31e183f395 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1172,6 +1172,11 @@ OpenSSL 3.0
 
    *Martin Elshuber*
 
+ * `PKCS12_parse` now maintains the order of the parsed certificates
+   when outputting them via `*ca` (rather than reversing it).
+
+   *David von Oheimb*
+
 OpenSSL 1.1.1
 -------------
 
diff --git a/crypto/pkcs12/p12_kiss.c b/crypto/pkcs12/p12_kiss.c
index eaf6501c1c..5413aecb1c 100644
--- a/crypto/pkcs12/p12_kiss.c
+++ b/crypto/pkcs12/p12_kiss.c
@@ -30,8 +30,8 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
 /*
  * Parse and decrypt a PKCS#12 structure returning user key, user cert and
  * other (CA) certs. Note either ca should be NULL, *ca should be NULL, or it
- * should point to a valid STACK structure. pkey and cert can be passed
- * uninitialised.
+ * should point to a valid STACK structure. pkey and/or cert may be NULL;
+ * if non-NULL the variables they point to can be passed uninitialised.
  */
 
 int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
@@ -40,9 +40,9 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
     STACK_OF(X509) *ocerts = NULL;
     X509 *x = NULL;
 
-    if (pkey)
+    if (pkey != NULL)
         *pkey = NULL;
-    if (cert)
+    if (cert != NULL)
         *cert = NULL;
 
     /* Check for NULL PKCS12 structure */
@@ -76,10 +76,9 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
         goto err;
     }
 
-    /* Allocate stack for other certificates */
-    ocerts = sk_X509_new_null();
-
-    if (!ocerts) {
+    /* If needed, allocate stack for other certificates */
+    if ((cert != NULL || ca != NULL)
+            && (ocerts = sk_X509_new_null()) == NULL) {
         PKCS12err(PKCS12_F_PKCS12_PARSE, ERR_R_MALLOC_FAILURE);
         goto err;
     }
@@ -89,36 +88,39 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
         goto err;
     }
 
-    while ((x = sk_X509_pop(ocerts))) {
+    /* Split the certs in ocerts over *cert and *ca as far as requested */
+    while ((x = sk_X509_shift(ocerts)) != NULL) {
         if (pkey != NULL && *pkey != NULL
                 && cert != NULL && *cert == NULL) {
+            int match;
+
             ERR_set_mark();
-            if (X509_check_private_key(x, *pkey)) {
+            match = X509_check_private_key(x, *pkey);
+            ERR_pop_to_mark();
+            if (match) {
                 *cert = x;
-                x = NULL;
+                continue;
             }
-            ERR_pop_to_mark();
         }
 
-        if (ca != NULL && x != NULL) {
+        if (ca != NULL) {
             if (!X509_add_cert_new(ca, x, X509_ADD_FLAG_DEFAULT))
                 goto err;
-            x = NULL;
+            continue;
         }
         X509_free(x);
     }
-
-    sk_X509_pop_free(ocerts, X509_free);
+    sk_X509_free(ocerts);
 
     return 1;
 
  err:
 
-    if (pkey) {
+    if (pkey != NULL) {
         EVP_PKEY_free(*pkey);
         *pkey = NULL;
     }
-    if (cert) {
+    if (cert != NULL) {
         X509_free(*cert);
         *cert = NULL;
     }
@@ -130,6 +132,7 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
 
 /* Parse the outer PKCS#12 structure */
 
+/* pkey and/or ocerts may be NULL */
 static int parse_pk12(PKCS12 *p12, const char *pass, int passlen,
                       EVP_PKEY **pkey, STACK_OF(X509) *ocerts)
 {
@@ -164,6 +167,7 @@ static int parse_pk12(PKCS12 *p12, const char *pass, int passlen,
     return 1;
 }
 
+/* pkey and/or ocerts may be NULL */
 static int parse_bags(const STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
                       int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts)
 {
@@ -176,6 +180,7 @@ static int parse_bags(const STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
     return 1;
 }
 
+/* pkey and/or ocerts may be NULL */
 static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
                      EVP_PKEY **pkey, STACK_OF(X509) *ocerts)
 {
@@ -212,7 +217,8 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
         break;
 
     case NID_certBag:
-        if (PKCS12_SAFEBAG_get_bag_nid(bag) != NID_x509Certificate)
+        if (ocerts == NULL
+                || PKCS12_SAFEBAG_get_bag_nid(bag) != NID_x509Certificate)
             return 1;
         if ((x509 = PKCS12_SAFEBAG_get1_cert(bag)) == NULL)
             return 0;
@@ -223,6 +229,7 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
         if (fname) {
             int len, r;
             unsigned char *data;
+
             len = ASN1_STRING_to_UTF8(&data, fname);
             if (len >= 0) {
                 r = X509_alias_set1(x509, data, len);
diff --git a/doc/man3/PKCS12_parse.pod b/doc/man3/PKCS12_parse.pod
index 34727fb13e..3697546976 100644
--- a/doc/man3/PKCS12_parse.pod
+++ b/doc/man3/PKCS12_parse.pod
@@ -21,10 +21,14 @@ certificate to B<*cert> and any additional certificates to B<*ca>.
 
 =head1 NOTES
 
-The parameters B<pkey> and B<cert> cannot be B<NULL>. B<ca> can be <NULL> in
-which case additional certificates will be discarded. B<*ca> can also be a
-valid STACK in which case additional certificates are appended to B<*ca>. If
-B<*ca> is B<NULL> a new STACK will be allocated.
+Each of the parameters B<pkey>, B<cert>, and B<ca> can be NULL in which case
+the private key, the corresponding certificate, or the additional certificates,
+respectively, will be discarded.
+If any of B<pkey> and B<cert> is non-NULL the variable it points to is
+initialized.
+If B<ca> is non-NULL and B<*ca> is NULL a new STACK will be allocated.
+If B<ca> is non-NULL and B<*ca> is a valid STACK
+then additional certificates are appended in the given order to B<*ca>.
 
 The B<friendlyName> and B<localKeyID> attributes (if present) on each
 certificate will be stored in the B<alias> and B<keyid> attributes of the

From builds at travis-ci.com  Wed Aug 19 11:31:09 2020
From: builds at travis-ci.com (Travis CI)
Date: Wed, 19 Aug 2020 11:31:09 +0000
Subject: Still Failing: openssl/openssl#36791 (master - 9a30f40)
In-Reply-To: <openssl/openssl+180465680+still failing@travis-ci.com>
Message-ID: <5f3d0d7cde163_13fe46316cd4459113e@travis-pro-tasks-6847c67b77-2rc4p.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36791
Status: Still Failing

Duration: 1 hr, 25 mins, and 57 secs
Commit: 9a30f40 (master)
Author: Dr. David von Oheimb
Message: OSSL_STORE file_load_try_decode(): Avoid flooding error queue by failed tries

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12645)

View the changeset: https://github.com/openssl/openssl/compare/7fe32ef68855...9a30f40c575e

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180465680?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200819/e9564669/attachment-0001.html>

From builds at travis-ci.com  Wed Aug 19 12:51:23 2020
From: builds at travis-ci.com (Travis CI)
Date: Wed, 19 Aug 2020 12:51:23 +0000
Subject: Still Failing: openssl/openssl#36793 (master - c7dfb2a)
In-Reply-To: <openssl/openssl+180470016+still failing@travis-ci.com>
Message-ID: <5f3d204bb756_13fec2e5de5e4143933@travis-pro-tasks-8548585548-7l2fn.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36793
Status: Still Failing

Duration: 58 mins and 48 secs
Commit: c7dfb2a (master)
Author: Dr. David von Oheimb
Message: PKCS12_parse(): Clean up code and correct documentation

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12641)

View the changeset: https://github.com/openssl/openssl/compare/9a30f40c575e...c7dfb2abe565

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180470016?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200819/3bbe2a09/attachment.html>

From no-reply at appveyor.com  Wed Aug 19 13:53:15 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Wed, 19 Aug 2020 13:53:15 +0000
Subject: Build failed: openssl master.36245
Message-ID: <20200819135315.1.3C09986882259BF6@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200819/2aa2fbe0/attachment.html>

From no-reply at appveyor.com  Wed Aug 19 15:25:11 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Wed, 19 Aug 2020 15:25:11 +0000
Subject: Build completed: openssl master.36246
Message-ID: <20200819152511.1.15E61F93FB2CD293@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200819/605e41c1/attachment.html>

From no-reply at appveyor.com  Wed Aug 19 15:51:19 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Wed, 19 Aug 2020 15:51:19 +0000
Subject: Build failed: openssl master.36247
Message-ID: <20200819155119.1.7C10865B8F77D065@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200819/64e785cc/attachment-0001.html>

From no-reply at appveyor.com  Wed Aug 19 17:21:42 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Wed, 19 Aug 2020 17:21:42 +0000
Subject: Build completed: openssl master.36248
Message-ID: <20200819172142.1.852D763D0243061F@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200819/940f9c53/attachment.html>

From no-reply at appveyor.com  Wed Aug 19 17:41:47 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Wed, 19 Aug 2020 17:41:47 +0000
Subject: Build failed: openssl master.36251
Message-ID: <20200819174147.1.C0937C253B68653B@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200819/781b7f6d/attachment.html>

From no-reply at appveyor.com  Wed Aug 19 20:34:21 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Wed, 19 Aug 2020 20:34:21 +0000
Subject: Build completed: openssl master.36252
Message-ID: <20200819203421.1.F06CA67CD1793F6D@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200819/cae563c1/attachment.html>

From openssl at openssl.org  Wed Aug 19 23:58:44 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Wed, 19 Aug 2020 23:58:44 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT
Message-ID: <1597881524.088076.7947.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT

Commit log since last time:

c7dfb2abe5 PKCS12_parse(): Clean up code and correct documentation
fc0aae737e PKCS12_parse(): Fix reversed order of certs parsed and output via *ca
9a30f40c57 OSSL_STORE file_load_try_decode(): Avoid flooding error queue by failed tries
7fe32ef688 Fix no-cms build errors.
c51a8af8cc OCSP: Add return value checks.
c9dcbc0759 Apps: change provider_path option to provider-path.
38145fba0a Fix DSA/DH so that legacy keys can still be generated by the default provider
6c4e2e52d8 Fix broken windows builds.
bfa6aaab45 Test that EVP_default_properties_is_fips_enabled() works early
e6c54619d1 Load the default config file before working with default properties

Build log ended with (last 100 lines):

            # Server sent alert unexpected_message but client received no alert.
            # 8017F43AED7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:318:
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1
    not ok 6 - running ssl_test 25-cipher.cnf
# ------------------------------------------------------------------------------
    # Looks like you failed 2 tests of 9.
not ok 26 - Test configuration 25-cipher.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok

        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #2, ECDHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 80D7DC8A837F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #3, DHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 80D7DC8A837F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 4 - iteration 4
# ------------------------------------------------------------------------------
    not ok 1 - test_ssl_corrupt
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1
not ok 1 - running sslcorrupttest
# ------------------------------------------------------------------------------
#   Failed test 'running sslcorrupttest'
#   at ../openssl/test/recipes/80-test_sslcorrupt.t line 19.
# Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests 
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ skipped: Test only supported in a shared build
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls_mtu.t               (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  26
  Non-zero exit status: 1
80-test_sslcorrupt.t             (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=209, Tests=3107, 1726 wallclock secs (12.49 usr  1.42 sys + 1552.54 cusr 157.66 csys = 1724.11 CPU)
Result: FAIL
Makefile:2542: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-asan'
Makefile:2540: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Thu Aug 20 01:54:33 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 20 Aug 2020 01:54:33 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-autoerrinit
Message-ID: <1597888473.786644.7662.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit

Commit log since last time:

c7dfb2abe5 PKCS12_parse(): Clean up code and correct documentation
fc0aae737e PKCS12_parse(): Fix reversed order of certs parsed and output via *ca
9a30f40c57 OSSL_STORE file_load_try_decode(): Avoid flooding error queue by failed tries
7fe32ef688 Fix no-cms build errors.
c51a8af8cc OCSP: Add return value checks.
c9dcbc0759 Apps: change provider_path option to provider-path.
38145fba0a Fix DSA/DH so that legacy keys can still be generated by the default provider
6c4e2e52d8 Fix broken windows builds.
bfa6aaab45 Test that EVP_default_properties_is_fips_enabled() works early
e6c54619d1 Load the default config file before working with default properties

Build log ended with (last 100 lines):

65-test_cmp_status.t ............... ok
65-test_cmp_vfy.t .................. ok
70-test_asyncio.t .................. ok
70-test_bad_dtls.t ................. ok
70-test_clienthello.t .............. ok
70-test_comp.t ..................... ok
70-test_key_share.t ................ ok
70-test_packet.t ................... ok
70-test_recordlen.t ................ ok
70-test_renegotiation.t ............ ok
70-test_servername.t ............... ok
70-test_sslcbcpadding.t ............ ok
70-test_sslcertstatus.t ............ ok
70-test_sslextension.t ............. ok
70-test_sslmessages.t .............. ok
70-test_sslrecords.t ............... ok
70-test_sslsessiontick.t ........... ok
70-test_sslsigalgs.t ............... ok
70-test_sslsignature.t ............. ok
70-test_sslskewith0p.t ............. ok
70-test_sslversions.t .............. ok
70-test_sslvertol.t ................ ok
70-test_tls13alerts.t .............. ok
70-test_tls13cookie.t .............. ok
70-test_tls13downgrade.t ........... ok
70-test_tls13hrr.t ................. ok
70-test_tls13kexmodes.t ............ ok
70-test_tls13messages.t ............ ok
70-test_tls13psk.t ................. ok
70-test_tlsextms.t ................. ok
70-test_verify_extra.t ............. ok
70-test_wpacket.t .................. ok
71-test_ssl_ctx.t .................. ok
80-test_ca.t ....................... ok
80-test_cipherbytes.t .............. ok
80-test_cipherlist.t ............... ok
80-test_ciphername.t ............... ok

# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... ok
80-test_dtls_mtu.t ................. ok
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok
80-test_ssl_new.t .................. ok
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
04-test_err.t                    (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=209, Tests=3176, 864 wallclock secs (12.89 usr  1.15 sys + 798.09 cusr 62.46 csys = 874.59 CPU)
Result: FAIL
Makefile:3189: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit'
Makefile:3187: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Thu Aug 20 02:22:26 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 20 Aug 2020 02:22:26 +0000
Subject: Build failed: openssl master.36265
Message-ID: <20200820022226.1.334A5721F2C52059@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200820/752de31b/attachment-0001.html>

From no-reply at appveyor.com  Thu Aug 20 03:25:16 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 20 Aug 2020 03:25:16 +0000
Subject: Build completed: openssl master.36266
Message-ID: <20200820032516.1.3B22C98B869DFB07@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200820/7cc62ec6/attachment.html>

From openssl at openssl.org  Thu Aug 20 04:49:46 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 20 Aug 2020 04:49:46 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-cms
Message-ID: <1597898986.261614.18668.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-cms

Commit log since last time:

c7dfb2abe5 PKCS12_parse(): Clean up code and correct documentation
fc0aae737e PKCS12_parse(): Fix reversed order of certs parsed and output via *ca
9a30f40c57 OSSL_STORE file_load_try_decode(): Avoid flooding error queue by failed tries
7fe32ef688 Fix no-cms build errors.
c51a8af8cc OCSP: Add return value checks.
c9dcbc0759 Apps: change provider_path option to provider-path.
38145fba0a Fix DSA/DH so that legacy keys can still be generated by the default provider
6c4e2e52d8 Fix broken windows builds.
bfa6aaab45 Test that EVP_default_properties_is_fips_enabled() works early
e6c54619d1 Load the default config file before working with default properties

Build log ended with (last 100 lines):

clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.d.tmp -MT test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o -c -o test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o ../openssl/test/ssl_cert_table_internal_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_ctx_test-bin-ssl_ctx_test.d.tmp -MT test/ssl_ctx_test-bin-ssl_ctx_test.o -c -o test/ssl_ctx_test-bin-ssl_ctx_test.o ../openssl/test/ssl_ctx_test.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test-bin-handshake_helper.d.tmp -MT test/ssl_test-bin-handshake_helper.o -c -o test/ssl_test-bin-handshake_helper.o ../openssl/test/handshake_helper.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test-bin-ssl_test.d.tmp -MT test/ssl_test-bin-ssl_test.o -c -o test/ssl_test-bin-ssl_test.o ../openssl/test/ssl_test.c
clang  -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test-bin-ssl_test_ctx.o -c -o test/ssl_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c
clang  -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx_test.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o ../openssl/test/ssl_test_ctx_test.c
clang  -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-filterprov.d.tmp -MT test/sslapitest-bin-filterprov.o -c -o test/sslapitest-bin-filterprov.o ../openssl/test/filterprov.c
clang  -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-sslapitest.d.tmp -MT test/sslapitest-bin-sslapitest.o -c -o test/sslapitest-bin-sslapitest.o ../openssl/test/sslapitest.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-ssltestlib.d.tmp -MT test/sslapitest-bin-ssltestlib.o -c -o test/sslapitest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-tls-provider.d.tmp -MT test/sslapitest-bin-tls-provider.o -c -o test/sslapitest-bin-tls-provider.o ../openssl/test/tls-provider.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslbuffertest-bin-sslbuffertest.d.tmp -MT test/sslbuffertest-bin-sslbuffertest.o -c -o test/sslbuffertest-bin-sslbuffertest.o ../openssl/test/sslbuffertest.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslbuffertest-bin-ssltestlib.d.tmp -MT test/sslbuffertest-bin-ssltestlib.o -c -o test/sslbuffertest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslcorrupttest-bin-sslcorrupttest.d.tmp -MT test/sslcorrupttest-bin-sslcorrupttest.o -c -o test/sslcorrupttest-bin-sslcorrupttest.o ../openssl/test/sslcorrupttest.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslcorrupttest-bin-ssltestlib.d.tmp -MT test/sslcorrupttest-bin-ssltestlib.o -c -o test/sslcorrupttest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssltest_old-bin-ssltest_old.d.tmp -MT test/ssltest_old-bin-ssltest_old.o -c -o test/ssltest_old-bin-ssltest_old.o ../openssl/test/ssltest_old.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/stack_test-bin-stack_test.d.tmp -MT test/stack_test-bin-stack_test.o -c -o test/stack_test-bin-stack_test.o ../openssl/test/stack_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sysdefaulttest-bin-sysdefaulttest.d.tmp -MT test/sysdefaulttest-bin-sysdefaulttest.o -c -o test/sysdefaulttest-bin-sysdefaulttest.o ../openssl/test/sysdefaulttest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/test_test-bin-test_test.d.tmp -MT test/test_test-bin-test_test.o -c -o test/test_test-bin-test_test.o ../openssl/test/test_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/threadstest-bin-threadstest.d.tmp -MT test/threadstest-bin-threadstest.o -c -o test/threadstest-bin-threadstest.o ../openssl/test/threadstest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/time_offset_test-bin-time_offset_test.d.tmp -MT test/time_offset_test-bin-time_offset_test.o -c -o test/time_offset_test-bin-time_offset_test.o ../openssl/test/time_offset_test.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13ccstest-bin-ssltestlib.d.tmp -MT test/tls13ccstest-bin-ssltestlib.o -c -o test/tls13ccstest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13ccstest-bin-tls13ccstest.d.tmp -MT test/tls13ccstest-bin-tls13ccstest.o -c -o test/tls13ccstest-bin-tls13ccstest.o ../openssl/test/tls13ccstest.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13encryptiontest-bin-tls13encryptiontest.d.tmp -MT test/tls13encryptiontest-bin-tls13encryptiontest.o -c -o test/tls13encryptiontest-bin-tls13encryptiontest.o ../openssl/test/tls13encryptiontest.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/tls13secretstest-bin-packet.d.tmp -MT crypto/tls13secretstest-bin-packet.o -c -o crypto/tls13secretstest-bin-packet.o ../openssl/crypto/packet.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF ssl/tls13secretstest-bin-tls13_enc.d.tmp -MT ssl/tls13secretstest-bin-tls13_enc.o -c -o ssl/tls13secretstest-bin-tls13_enc.o ../openssl/ssl/tls13_enc.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13secretstest-bin-tls13secretstest.d.tmp -MT test/tls13secretstest-bin-tls13secretstest.o -c -o test/tls13secretstest-bin-tls13secretstest.o ../openssl/test/tls13secretstest.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/uitest-bin-apps_ui.d.tmp -MT apps/lib/uitest-bin-apps_ui.o -c -o apps/lib/uitest-bin-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/uitest-bin-uitest.d.tmp -MT test/uitest-bin-uitest.o -c -o test/uitest-bin-uitest.o ../openssl/test/uitest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/v3ext-bin-v3ext.d.tmp -MT test/v3ext-bin-v3ext.o -c -o test/v3ext-bin-v3ext.o ../openssl/test/v3ext.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/v3nametest-bin-v3nametest.d.tmp -MT test/v3nametest-bin-v3nametest.o -c -o test/v3nametest-bin-v3nametest.o ../openssl/test/v3nametest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/verify_extra_test-bin-verify_extra_test.d.tmp -MT test/verify_extra_test-bin-verify_extra_test.o -c -o test/verify_extra_test-bin-verify_extra_test.o ../openssl/test/verify_extra_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/versions-bin-versions.d.tmp -MT test/versions-bin-versions.o -c -o test/versions-bin-versions.o ../openssl/test/versions.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/wpackettest-bin-wpackettest.d.tmp -MT test/wpackettest-bin-wpackettest.o -c -o test/wpackettest-bin-wpackettest.o ../openssl/test/wpackettest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.d.tmp -MT test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o -c -o test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o ../openssl/test/x509_check_cert_pkey_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_dup_cert_test-bin-x509_dup_cert_test.d.tmp -MT test/x509_dup_cert_test-bin-x509_dup_cert_test.o -c -o test/x509_dup_cert_test-bin-x509_dup_cert_test.o ../openssl/test/x509_dup_cert_test.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_internal_test-bin-x509_internal_test.d.tmp -MT test/x509_internal_test-bin-x509_internal_test.o -c -o test/x509_internal_test-bin-x509_internal_test.o ../openssl/test/x509_internal_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_time_test-bin-x509_time_test.d.tmp -MT test/x509_time_test-bin-x509_time_test.o -c -o test/x509_time_test-bin-x509_time_test.o ../openssl/test/x509_time_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509aux-bin-x509aux.d.tmp -MT test/x509aux-bin-x509aux.o -c -o test/x509aux-bin-x509aux.o ../openssl/test/x509aux.c
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/apps/CA.pl.in > "apps/CA.pl"
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/apps/tsget.in > "apps/tsget.pl"
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/tools/c_rehash.in > "tools/c_rehash"
chmod a+x apps/CA.pl
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/util/shlib_wrap.sh.in > "util/shlib_wrap.sh"
chmod a+x apps/tsget.pl
ar r apps/libapps.a apps/lib/libapps-lib-app_params.o apps/lib/libapps-lib-app_provider.o apps/lib/libapps-lib-app_rand.o apps/lib/libapps-lib-app_x509.o apps/lib/libapps-lib-apps.o apps/lib/libapps-lib-apps_ui.o apps/lib/libapps-lib-columns.o apps/lib/libapps-lib-fmt.o apps/lib/libapps-lib-http_server.o apps/lib/libapps-lib-names.o apps/lib/libapps-lib-opt.o apps/lib/libapps-lib-s_cb.o apps/lib/libapps-lib-s_socket.o
ar: creating apps/libapps.a
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aes-x86_64.o crypto/aes/aes-x86_64.s
ranlib apps/libapps.a || echo Never mind.
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-mb-x86_64.o crypto/aes/aesni-mb-x86_64.s
chmod a+x tools/c_rehash
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-sha1-x86_64.o crypto/aes/aesni-sha1-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-sha256-x86_64.o crypto/aes/aesni-sha256-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-x86_64.o crypto/aes/aesni-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-bsaes-x86_64.o crypto/aes/bsaes-x86_64.s
chmod a+x util/shlib_wrap.sh
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-vpaes-x86_64.o crypto/aes/vpaes-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-rsaz-avx2.o crypto/bn/rsaz-avx2.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-rsaz-x86_64.o crypto/bn/rsaz-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-x86_64-gf2m.o crypto/bn/x86_64-gf2m.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-x86_64-mont.o crypto/bn/x86_64-mont.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-x86_64-mont5.o crypto/bn/x86_64-mont5.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/camellia/libcrypto-lib-cmll-x86_64.o crypto/camellia/cmll-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/chacha/libcrypto-lib-chacha-x86_64.o crypto/chacha/chacha-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/ec/libcrypto-lib-ecp_nistz256-x86_64.o crypto/ec/ecp_nistz256-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/ec/libcrypto-lib-x25519-x86_64.o crypto/ec/x25519-x86_64.s
clang  -Icrypto -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/libcrypto-lib-cversion.d.tmp -MT crypto/libcrypto-lib-cversion.o -c -o crypto/libcrypto-lib-cversion.o ../openssl/crypto/cversion.c
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/libcrypto-lib-x86_64cpuid.o crypto/x86_64cpuid.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/md5/libcrypto-lib-md5-x86_64.o crypto/md5/md5-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/modes/libcrypto-lib-aesni-gcm-x86_64.o crypto/modes/aesni-gcm-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/modes/libcrypto-lib-ghash-x86_64.o crypto/modes/ghash-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/poly1305/libcrypto-lib-poly1305-x86_64.o crypto/poly1305/poly1305-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/rc4/libcrypto-lib-rc4-md5-x86_64.o crypto/rc4/rc4-md5-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/rc4/libcrypto-lib-rc4-x86_64.o crypto/rc4/rc4-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-keccak1600-x86_64.o crypto/sha/keccak1600-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha1-mb-x86_64.o crypto/sha/sha1-mb-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha1-x86_64.o crypto/sha/sha1-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha256-mb-x86_64.o crypto/sha/sha256-mb-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha256-x86_64.o crypto/sha/sha256-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha512-x86_64.o crypto/sha/sha512-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/whrlpool/libcrypto-lib-wp-x86_64.o crypto/whrlpool/wp-x86_64.s
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/implementations/kdfs/libimplementations-lib-x942kdf.d.tmp -MT providers/implementations/kdfs/libimplementations-lib-x942kdf.o -c -o providers/implementations/kdfs/libimplementations-lib-x942kdf.o ../openssl/providers/implementations/kdfs/x942kdf.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/implementations/serializers/libimplementations-lib-serializer_rsa.d.tmp -MT providers/implementations/serializers/libimplementations-lib-serializer_rsa.o -c -o providers/implementations/serializers/libimplementations-lib-serializer_rsa.o ../openssl/providers/implementations/serializers/serializer_rsa.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/implementations/signature/libimplementations-lib-dsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-dsa.o -c -o providers/implementations/signature/libimplementations-lib-dsa.o ../openssl/providers/implementations/signature/dsa.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/common/der/libnonfips-lib-der_digests_gen.d.tmp -MT providers/common/der/libnonfips-lib-der_digests_gen.o -c -o providers/common/der/libnonfips-lib-der_digests_gen.o providers/common/der/der_digests_gen.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/common/der/libnonfips-lib-der_dsa_gen.d.tmp -MT providers/common/der/libnonfips-lib-der_dsa_gen.o -c -o providers/common/der/libnonfips-lib-der_dsa_gen.o providers/common/der/der_dsa_gen.c
../openssl/providers/implementations/kdfs/x942kdf.c:438:21: error: no previous extern declaration for non-static variable 'kdf_x942_kdf_functions' [-Werror,-Wmissing-variable-declarations]
const OSSL_DISPATCH kdf_x942_kdf_functions[] = {
                    ^
1 error generated.
Makefile:21277: recipe for target 'providers/implementations/kdfs/libimplementations-lib-x942kdf.o' failed
make[1]: *** [providers/implementations/kdfs/libimplementations-lib-x942kdf.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-cms'
Makefile:3117: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From levitte at openssl.org  Thu Aug 20 05:47:48 2020
From: levitte at openssl.org (Richard Levitte)
Date: Thu, 20 Aug 2020 05:47:48 +0000
Subject: [openssl]  master update
Message-ID: <1597902468.305034.21024.nullmailer@dev.openssl.org>

The branch master has been updated
       via  a24b510c28006cdb9ef47009298589e0ea546334 (commit)
      from  c7dfb2abe5655ad1de7dfbdf5a9a6b0164f429cf (commit)


- Log -----------------------------------------------------------------
commit a24b510c28006cdb9ef47009298589e0ea546334
Author: Richard Levitte <levitte at openssl.org>
Date:   Fri Aug 7 18:47:04 2020 +0200

    EVP: Have evp_pkey_cmp_any() detect if export wasn't possible
    
    There are some EC keys that can't be exported to provider keymgmt,
    because the keymgmt implementation doesn't support certain forms of EC
    keys.  This could lead to a crash caused by dereferencing a NULL
    pointer, so we need to cover that case by returning an error instead.
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12610)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/p_lib.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index 145c5286ce..bee6337a88 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -269,6 +269,10 @@ static int evp_pkey_cmp_any(const EVP_PKEY *a, const EVP_PKEY *b,
     if (keymgmt1 != keymgmt2)
         return -2;
 
+    /* If the keymgmt implementations are NULL, the export failed */
+    if (keymgmt1 == NULL)
+        return -2;
+
     return evp_keymgmt_match(keymgmt1, keydata1, keydata2, selection);
 }
 

From levitte at openssl.org  Thu Aug 20 05:49:51 2020
From: levitte at openssl.org (Richard Levitte)
Date: Thu, 20 Aug 2020 05:49:51 +0000
Subject: [openssl]  master update
Message-ID: <1597902591.376039.22207.nullmailer@dev.openssl.org>

The branch master has been updated
       via  e6ed04a9dcc2ead94e35c4a7400b9c998b5ad9ac (commit)
      from  a24b510c28006cdb9ef47009298589e0ea546334 (commit)


- Log -----------------------------------------------------------------
commit e6ed04a9dcc2ead94e35c4a7400b9c998b5ad9ac
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Aug 18 21:17:58 2020 +0200

    TEST: separate out NIST ECC tests from non-NIST
    
    ECC keys with non-NIST group names aren't supported when running with
    the FIPS provider.
    
    Keys with such groups that are included in evp_test stanza files
    aren't even possible to decode if provider side decoders are used,
    since those depend on available EVP_KEYMGMT implementations and what
    they support.
    
    Those keys could only be decoded because the legacy decoders were
    used.
    
    To make these tests future proof, we separate out the stanzas having
    keys with NIST approved group names into separate files, and adjust
    the file lists in test/recipes/30-test_evp.t aaccordingly.
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12672)

-----------------------------------------------------------------------

Summary of changes:
 test/recipes/30-test_evp.t                         |    6 +-
 test/recipes/30-test_evp_data/evppkey_ecc.txt      |  932 --------------
 test/recipes/30-test_evp_data/evppkey_ecc_nist.txt |  945 ++++++++++++++
 test/recipes/30-test_evp_data/evppkey_ecdh.txt     | 1341 ++------------------
 .../recipes/30-test_evp_data/evppkey_ecdh_nist.txt | 1177 +++++++++++++++++
 5 files changed, 2217 insertions(+), 2184 deletions(-)
 create mode 100644 test/recipes/30-test_evp_data/evppkey_ecc_nist.txt
 create mode 100644 test/recipes/30-test_evp_data/evppkey_ecdh_nist.txt

diff --git a/test/recipes/30-test_evp.t b/test/recipes/30-test_evp.t
index a49f4b50aa..3978fa4835 100644
--- a/test/recipes/30-test_evp.t
+++ b/test/recipes/30-test_evp.t
@@ -47,8 +47,8 @@ my @files = qw(
                 evpmd_sha.txt
                 evppbe_pbkdf2.txt
                 evppkey_dsa.txt 
-                evppkey_ecc.txt
-                evppkey_ecdh.txt
+                evppkey_ecc_nist.txt
+                evppkey_ecdh_nist.txt
                 evppkey_ecdsa.txt
                 evppkey_ecx.txt
                 evppkey_ffdhe.txt
@@ -93,6 +93,8 @@ my @defltfiles = qw(
                      evpmd_whirlpool.txt
                      evppbe_scrypt.txt
                      evppbe_pkcs12.txt
+                     evppkey_ecc.txt
+                     evppkey_ecdh.txt
                      evppkey_brainpool.txt
                      evppkey_kdf_scrypt.txt
                      evppkey_kdf_tls1_prf.txt
diff --git a/test/recipes/30-test_evp_data/evppkey_ecc.txt b/test/recipes/30-test_evp_data/evppkey_ecc.txt
index f0ae1081c4..ea24f9d433 100644
--- a/test/recipes/30-test_evp_data/evppkey_ecc.txt
+++ b/test/recipes/30-test_evp_data/evppkey_ecc.txt
@@ -1164,46 +1164,6 @@ Ctrl=ecdh_cofactor_mode:1
 Result=DERIVE_ERROR
 Reason=point at infinity
 
-Title=prime192v1 curve tests
-
-PrivateKey=ALICE_cf_prime192v1
------BEGIN PRIVATE KEY-----
-MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEHzAdAgEBBBhQFYLaobJ47BVWWZv/ByY8Ti69m/U9
-TeI=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_prime192v1_PUB
------BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEHYbt14KzucSpmKMrlDx1IGz/a28nDs21OjKgx3BK
-PZ78UrllIr69kgrYUKsRg4sd
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_prime192v1:ALICE_cf_prime192v1_PUB
-
-PrivateKey=BOB_cf_prime192v1
------BEGIN PRIVATE KEY-----
-MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEHzAdAgEBBBhsbmKHAtygIqirkmUXSbniDJOx0/fI
-CWM=
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_prime192v1_PUB
------BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEJA+FQcXq5Axzv8pLDslxq1QVt1hjN2i0TgoO6Yxp
-bAekMot69VorE8ibSzgJixXJ
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_prime192v1:BOB_cf_prime192v1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_prime192v1
-PeerKey=BOB_cf_prime192v1_PUB
-SharedSecret=e36cad3b0f8d00f60f090440a76df47896713ae61421c354
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_prime192v1
-PeerKey=ALICE_cf_prime192v1_PUB
-SharedSecret=e36cad3b0f8d00f60f090440a76df47896713ae61421c354
-
 Title=prime192v2 curve tests
 
 PrivateKey=ALICE_cf_prime192v2
@@ -1404,46 +1364,6 @@ Derive=BOB_cf_prime239v3
 PeerKey=ALICE_cf_prime239v3_PUB
 SharedSecret=4dcc2c67c5993162ed71ebb33077bbb85395b0d3eec2311aa404e45901a0
 
-Title=prime256v1 curve tests
-
-PrivateKey=ALICE_cf_prime256v1
------BEGIN PRIVATE KEY-----
-MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCDZE0NZiGAFJX6JQxumKTFRT+XFCQqJ
-gHCUxmU2fRcn9Q==
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_prime256v1_PUB
------BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE5kDOrX6kmk1/jHfEdMBluFos6dyCbzKVOX3v2aa2
-y5IhlhTKtCJdydX+XWLDXWW9sbtIRNP94R3iOOpRPBqpGg==
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_prime256v1:ALICE_cf_prime256v1_PUB
-
-PrivateKey=BOB_cf_prime256v1
------BEGIN PRIVATE KEY-----
-MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCAxJgV1dLJw/o2Dmh1fIY1KpBd88WCP
-23wZzR8DzhyCrA==
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_prime256v1_PUB
------BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE5J6yA+j0zrGi6RilUhjrcL7OUMzYTwpnw5DdRXr0
-creHgE03EFV//7xqadB4BDwFIGM9MV2sE6qREEomWhZFeg==
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_prime256v1:BOB_cf_prime256v1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_prime256v1
-PeerKey=BOB_cf_prime256v1_PUB
-SharedSecret=ee63690b553dcd9bccb066137725f0489395a83f4d280f309339d606c969734a
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_prime256v1
-PeerKey=ALICE_cf_prime256v1_PUB
-SharedSecret=ee63690b553dcd9bccb066137725f0489395a83f4d280f309339d606c969734a
-
 Title=secp112r1 curve tests
 
 PrivateKey=ALICE_cf_secp112r1
@@ -1842,46 +1762,6 @@ Derive=BOB_cf_secp224k1
 PeerKey=ALICE_cf_secp224k1_PUB
 SharedSecret=6f7b9d16c9c1d3a5c84b6028f2a4fed9ae8e02455e678a27243bcc48
 
-Title=secp224r1 curve tests
-
-PrivateKey=ALICE_cf_secp224r1
------BEGIN PRIVATE KEY-----
-MDoCAQAwEAYHKoZIzj0CAQYFK4EEACEEIzAhAgEBBBzeo7Y0HMfrIqKNm3r997jcfVAa4osa0AR2
-JA28
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_secp224r1_PUB
------BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAExZc6o84XjBGLOosGj2t0QctgiyzF3NcVgy+DeW7stkVs
-yS2tRzMPBpwnApRzoRsdJR99sb3eM2s=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_secp224r1:ALICE_cf_secp224r1_PUB
-
-PrivateKey=BOB_cf_secp224r1
------BEGIN PRIVATE KEY-----
-MDoCAQAwEAYHKoZIzj0CAQYFK4EEACEEIzAhAgEBBBy2LsqxHhdlSiAmMYKQAEmjJWT22T42GYKo
-ZvXM
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_secp224r1_PUB
------BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAE71Eh6hwTKUrmyl2PdkY787GwxiohIcaqB4eK2Mwg6tU4
-LeJHWcgY18CgPKCaeldUgnkMcJzKj20=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_secp224r1:BOB_cf_secp224r1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_secp224r1
-PeerKey=BOB_cf_secp224r1_PUB
-SharedSecret=29d8b75934d74d5153bbb94e0370437c63ecc30bf3d2800ed1cb7eb5
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_secp224r1
-PeerKey=ALICE_cf_secp224r1_PUB
-SharedSecret=29d8b75934d74d5153bbb94e0370437c63ecc30bf3d2800ed1cb7eb5
-
 Title=secp256k1 curve tests
 
 PrivateKey=ALICE_cf_secp256k1
@@ -1922,90 +1802,6 @@ Derive=BOB_cf_secp256k1
 PeerKey=ALICE_cf_secp256k1_PUB
 SharedSecret=a4745cc4d19cabb9e5cb0abdd5c604cab2846a4638ad844ed9175f3cadda2da1
 
-Title=secp384r1 curve tests
-
-PrivateKey=ALICE_cf_secp384r1
------BEGIN PRIVATE KEY-----
-ME4CAQAwEAYHKoZIzj0CAQYFK4EEACIENzA1AgEBBDAp1ErG6wVjuJs90qVbUBxNpQK1wtV4ieX1
-bIU/4HssZK6WjOOTyYguyEBCOf/rUnw=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_secp384r1_PUB
------BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEx5rt+yujIuPoIXpHGmExKSi/P+58sGYoqgdpdOJUXzn2
-Rc4alCpSxVJeC55xvwaFHc3pzNyRGwnhPmN6oU/KMP6XjBvR4wq35mr/Sym5s0B2blAzkJU37idq
-nTi3xGHx
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_secp384r1:ALICE_cf_secp384r1_PUB
-
-PrivateKey=BOB_cf_secp384r1
------BEGIN PRIVATE KEY-----
-ME4CAQAwEAYHKoZIzj0CAQYFK4EEACIENzA1AgEBBDAUjVgPpiI+xXye0nfRhc8+12hLdWY4fpsO
-Jq2MCp+W85xJwtXsEPrHj1XFnKVpM4c=
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_secp384r1_PUB
------BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE+JUBXRSHixH0TrcvYvIzep7+/WNpEhWdCPsLMygigW5j
-pzP30MF41GnQYgfJu5wI/gu1C/jFTv1X6Dgmla3JxBYlPeD+1L0lEMT3evmHKMM/BFe3WKBuXyhP
-ilrNtfee
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_secp384r1:BOB_cf_secp384r1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_secp384r1
-PeerKey=BOB_cf_secp384r1_PUB
-SharedSecret=b3cfe488126e2731fb7c19f82e94fcc05e1dd303649a9257e858030b795c2d344a054b0c44a24fd7f5821f531a9b8cfb
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_secp384r1
-PeerKey=ALICE_cf_secp384r1_PUB
-SharedSecret=b3cfe488126e2731fb7c19f82e94fcc05e1dd303649a9257e858030b795c2d344a054b0c44a24fd7f5821f531a9b8cfb
-
-Title=secp521r1 curve tests
-
-PrivateKey=ALICE_cf_secp521r1
------BEGIN PRIVATE KEY-----
-MGACAQAwEAYHKoZIzj0CAQYFK4EEACMESTBHAgEBBEIBsYIcUKeN2evB626LCdYWH/xzUiEDCdRP
-rEENsC8//dowKnOCtlLtawh0DXTIZ/HhpUREuaoffdsmYb6+Oq1TRjc=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_secp521r1_PUB
------BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBufYxJf/4Ds6g7LlFRVS62ljm3xApV2T79hfWH8Lv
-iroIaCFjLBIfOVDF8jvj2PO1ar3yCLiSA2RiLZz1Y+tv/tcATHE0nS7l3SfGiGmEnVycEnhgqlKM
-UM3kpdd7eNkQn5/GO8KAPQqA/sOnvTavg5S01t0ub+PY/w0Y6oBgthaUAW0=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_secp521r1:ALICE_cf_secp521r1_PUB
-
-PrivateKey=BOB_cf_secp521r1
------BEGIN PRIVATE KEY-----
-MGACAQAwEAYHKoZIzj0CAQYFK4EEACMESTBHAgEBBEIB+3/adZnNwr6GFUzZpi8So7pC/5FYQ0+0
-lMmoUjGvy8DNADcHaPpW68hX/M+z7LrK0Jpnonb9JSEXlgjOPVe4Ea8=
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_secp521r1_PUB
------BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBLq2fjyCalnvr24tjaz87ijIWlLMoCH7Hmyq1t2l8
-PFbyBIZbngDC0gwFM5ZI582QSWlW79G3clJP9VxlJOsms50BYBYgd6o2JF4w8AnShVXxFSJU1py4
-klCDNhTFybRHFXpujfuUeNnFxAGIUb4edJ0fAqqc7kkERhYe8EPEZYMKp3Q=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_secp521r1:BOB_cf_secp521r1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_secp521r1
-PeerKey=BOB_cf_secp521r1_PUB
-SharedSecret=01dd4aa9037bb4ad298b420998dcd32b3a9af1cda8b7919e372aeb4e54ccfb4d2409a340ed896bfbc5dd462f8d96b8784bc17b29db3ca04700e6ec752f9bec777695
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_secp521r1
-PeerKey=ALICE_cf_secp521r1_PUB
-SharedSecret=01dd4aa9037bb4ad298b420998dcd32b3a9af1cda8b7919e372aeb4e54ccfb4d2409a340ed896bfbc5dd462f8d96b8784bc17b29db3ca04700e6ec752f9bec777695
-
 Title=sect113r1 curve tests
 
 PrivateKey=ALICE_cf_sect113r1
@@ -2280,76 +2076,6 @@ Ctrl=ecdh_cofactor_mode:1
 Result=DERIVE_ERROR
 Reason=point at infinity
 
-Title=sect163k1 curve tests
-
-PrivateKey=ALICE_cf_sect163k1
------BEGIN PRIVATE KEY-----
-MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAEEHDAaAgEBBBUB905PYfmej8LzbzX6Bg51GJzXQjQ=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_sect163k1_PUB
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBfvs5A1hD8YySP9O2ub8GEUfotVuBpfRx4GIHdAfx8wV
-1UVeTRnyAlWU
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_sect163k1:ALICE_cf_sect163k1_PUB
-
-PrivateKey=BOB_cf_sect163k1
------BEGIN PRIVATE KEY-----
-MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAEEHDAaAgEBBBUCHPtCjJ4/K8ylQBcLlb5VE0bkaUE=
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_sect163k1_PUB
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBvgfX1mTRlt6Z4TE1D1MNWo4loH4AoeYa6oowK104LKk
-nsdg7isQ8XBD
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_sect163k1:BOB_cf_sect163k1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_sect163k1
-PeerKey=BOB_cf_sect163k1_PUB
-SharedSecret=04d0e40788c5ce5220818055277cae53eac55c1e6b
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_sect163k1
-PeerKey=ALICE_cf_sect163k1_PUB
-SharedSecret=04d0e40788c5ce5220818055277cae53eac55c1e6b
-
-# ECC CDH Alice with Bob peer
-Derive=ALICE_cf_sect163k1
-PeerKey=BOB_cf_sect163k1_PUB
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=04c902a91110244d89110034dd2b099c49cbab6c77
-
-# ECC CDH Bob with Alice peer
-Derive=BOB_cf_sect163k1
-PeerKey=ALICE_cf_sect163k1_PUB
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=04c902a91110244d89110034dd2b099c49cbab6c77
-
-PublicKey=MALICE_cf_sect163k1_PUB
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAB
------END PUBLIC KEY-----
-
-# ECC CDH Bob with Malice peer
-Derive=BOB_cf_sect163k1
-PeerKey=MALICE_cf_sect163k1_PUB
-Ctrl=ecdh_cofactor_mode:1
-Result=DERIVE_ERROR
-Reason=point at infinity
-
-# ECC CDH Alice with Malice peer
-Derive=ALICE_cf_sect163k1
-PeerKey=MALICE_cf_sect163k1_PUB
-Ctrl=ecdh_cofactor_mode:1
-Result=DERIVE_ERROR
-Reason=point at infinity
-
 Title=sect163r1 curve tests
 
 PrivateKey=ALICE_cf_sect163r1
@@ -2420,76 +2146,6 @@ Ctrl=ecdh_cofactor_mode:1
 Result=DERIVE_ERROR
 Reason=point at infinity
 
-Title=sect163r2 curve tests
-
-PrivateKey=ALICE_cf_sect163r2
------BEGIN PRIVATE KEY-----
-MDMCAQAwEAYHKoZIzj0CAQYFK4EEAA8EHDAaAgEBBBUBjCs/M3N31jsAueYrOq21vdETwAI=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_sect163r2_PUB
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBd8Z1/HpA+89hF4I98EST3svWns3BAEbhWmL/fgxk2uu
-YwVrmqhgqH/C
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_sect163r2:ALICE_cf_sect163r2_PUB
-
-PrivateKey=BOB_cf_sect163r2
------BEGIN PRIVATE KEY-----
-MDMCAQAwEAYHKoZIzj0CAQYFK4EEAA8EHDAaAgEBBBUBsiouT9Df+mwHWrpPg1JSrY9nqlI=
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_sect163r2_PUB
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBULqBZ+nhLhDEMYY8NEEzZ126MdxAcFXWv8zmPEH9505
-8vT5zU3aq6HV
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_sect163r2:BOB_cf_sect163r2_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_sect163r2
-PeerKey=BOB_cf_sect163r2_PUB
-SharedSecret=019f829a53c4e6544bdec1395a23082169efaf369d
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_sect163r2
-PeerKey=ALICE_cf_sect163r2_PUB
-SharedSecret=019f829a53c4e6544bdec1395a23082169efaf369d
-
-# ECC CDH Alice with Bob peer
-Derive=ALICE_cf_sect163r2
-PeerKey=BOB_cf_sect163r2_PUB
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=048870d39235ecbc16a000ee478833509b9318a53f
-
-# ECC CDH Bob with Alice peer
-Derive=BOB_cf_sect163r2
-PeerKey=ALICE_cf_sect163r2_PUB
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=048870d39235ecbc16a000ee478833509b9318a53f
-
-PublicKey=MALICE_cf_sect163r2_PUB
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsJbhbrfiSdZPSHD
-ZtqJwDlp802l
------END PUBLIC KEY-----
-
-# ECC CDH Bob with Malice peer
-Derive=BOB_cf_sect163r2
-PeerKey=MALICE_cf_sect163r2_PUB
-Ctrl=ecdh_cofactor_mode:1
-Result=DERIVE_ERROR
-Reason=point at infinity
-
-# ECC CDH Alice with Malice peer
-Derive=ALICE_cf_sect163r2
-PeerKey=MALICE_cf_sect163r2_PUB
-Ctrl=ecdh_cofactor_mode:1
-Result=DERIVE_ERROR
-Reason=point at infinity
-
 Title=sect193r1 curve tests
 
 PrivateKey=ALICE_cf_sect193r1
@@ -2630,150 +2286,6 @@ Ctrl=ecdh_cofactor_mode:1
 Result=DERIVE_ERROR
 Reason=point at infinity
 
-Title=sect233k1 curve tests
-
-PrivateKey=ALICE_cf_sect233k1
------BEGIN PRIVATE KEY-----
-MDsCAQAwEAYHKoZIzj0CAQYFK4EEABoEJDAiAgEBBB0z/3heNFjJL+2sAT/38yRsN3kt2iXz7u+y
-Gua8Kw==
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_sect233k1_PUB
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEALQyn0zJmOrHm4S2EIjxRe899PadBnfpYjLKWGvpAIzf
-MEG861Nv1IYJkmkO1xlfNHeeRtqFgsQVFKZh
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_sect233k1:ALICE_cf_sect233k1_PUB
-
-PrivateKey=BOB_cf_sect233k1
------BEGIN PRIVATE KEY-----
-MDsCAQAwEAYHKoZIzj0CAQYFK4EEABoEJDAiAgEBBB1I0ucrC4d9i6Z+0cbar5r7uKpF5iiQkSJA
-DFMTUA==
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_sect233k1_PUB
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAatdqazxSghJ568CBFyMXhEvVeAiLewOY/jk9H5DAOB4
-ufNGbdd131KLaKPivB38a6n5Y+2BVSJangow
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_sect233k1:BOB_cf_sect233k1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_sect233k1
-PeerKey=BOB_cf_sect233k1_PUB
-SharedSecret=012145026e8de65973c154e085456fc5539ba9e25663e7f5816abfcab310
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_sect233k1
-PeerKey=ALICE_cf_sect233k1_PUB
-SharedSecret=012145026e8de65973c154e085456fc5539ba9e25663e7f5816abfcab310
-
-# ECC CDH Alice with Bob peer
-Derive=ALICE_cf_sect233k1
-PeerKey=BOB_cf_sect233k1_PUB
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00ff7d6c6b80f39d2ae68fbd00adbcd75fa599ed0bc1aac0e3f49c1c164d
-
-# ECC CDH Bob with Alice peer
-Derive=BOB_cf_sect233k1
-PeerKey=ALICE_cf_sect233k1_PUB
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00ff7d6c6b80f39d2ae68fbd00adbcd75fa599ed0bc1aac0e3f49c1c164d
-
-PublicKey=MALICE_cf_sect233k1_PUB
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
------END PUBLIC KEY-----
-
-# ECC CDH Bob with Malice peer
-Derive=BOB_cf_sect233k1
-PeerKey=MALICE_cf_sect233k1_PUB
-Ctrl=ecdh_cofactor_mode:1
-Result=DERIVE_ERROR
-Reason=point at infinity
-
-# ECC CDH Alice with Malice peer
-Derive=ALICE_cf_sect233k1
-PeerKey=MALICE_cf_sect233k1_PUB
-Ctrl=ecdh_cofactor_mode:1
-Result=DERIVE_ERROR
-Reason=point at infinity
-
-Title=sect233r1 curve tests
-
-PrivateKey=ALICE_cf_sect233r1
------BEGIN PRIVATE KEY-----
-MDwCAQAwEAYHKoZIzj0CAQYFK4EEABsEJTAjAgEBBB4ATcy7zVpIsJ9rl5EIDmzRz5wxjrDIQyDm
-HP3Pt8Y=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_sect233r1_PUB
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAQMQHiJ44LiCnZkEg1zyww1h+idTbsw8E07P33WUAUfD
-NeQ4hWEhTXPnytIbEhFKpnd3j/FbyZnJqxh8
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_sect233r1:ALICE_cf_sect233r1_PUB
-
-PrivateKey=BOB_cf_sect233r1
------BEGIN PRIVATE KEY-----
-MDwCAQAwEAYHKoZIzj0CAQYFK4EEABsEJTAjAgEBBB4ALpOlFn4OfiIAkRAZGOsn7L6W3XoQBSV8
-mQVC2pw=
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_sect233r1_PUB
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAJQw+NWqFJXYw4dVMovzvw76OYnYOTaDaEPNW8ECAQbl
-TzzbBSTp5iqM13mP0/Bo4OO66NS3lA9e/GTO
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_sect233r1:BOB_cf_sect233r1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_sect233r1
-PeerKey=BOB_cf_sect233r1_PUB
-SharedSecret=00209d2995a63f1e8b7a5c33dee5abb602e32e1835ae8bb57eb264d8d795
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_sect233r1
-PeerKey=ALICE_cf_sect233r1_PUB
-SharedSecret=00209d2995a63f1e8b7a5c33dee5abb602e32e1835ae8bb57eb264d8d795
-
-# ECC CDH Alice with Bob peer
-Derive=ALICE_cf_sect233r1
-PeerKey=BOB_cf_sect233r1_PUB
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00c3cd1d38a65f5e421399409a76cec1136bc84149f054a7f55e7980c612
-
-# ECC CDH Bob with Alice peer
-Derive=BOB_cf_sect233r1
-PeerKey=ALICE_cf_sect233r1_PUB
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=00c3cd1d38a65f5e421399409a76cec1136bc84149f054a7f55e7980c612
-
-PublicKey=MALICE_cf_sect233r1_PUB
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYf4
-Vie5eHTnR+4x4G1xyq7qUvISU+X5RtBh2pE4
------END PUBLIC KEY-----
-
-# ECC CDH Bob with Malice peer
-Derive=BOB_cf_sect233r1
-PeerKey=MALICE_cf_sect233r1_PUB
-Ctrl=ecdh_cofactor_mode:1
-Result=DERIVE_ERROR
-Reason=point at infinity
-
-# ECC CDH Alice with Malice peer
-Derive=ALICE_cf_sect233r1
-PeerKey=MALICE_cf_sect233r1_PUB
-Ctrl=ecdh_cofactor_mode:1
-Result=DERIVE_ERROR
-Reason=point at infinity
-
 Title=sect239k1 curve tests
 
 PrivateKey=ALICE_cf_sect239k1
@@ -2846,450 +2358,6 @@ Ctrl=ecdh_cofactor_mode:1
 Result=DERIVE_ERROR
 Reason=point at infinity
 
-Title=sect283k1 curve tests
-
-PrivateKey=ALICE_cf_sect283k1
------BEGIN PRIVATE KEY-----
-MEICAQAwEAYHKoZIzj0CAQYFK4EEABAEKzApAgEBBCQAY1Mi9rST7PiP1t03qYRczV/kSZ+VjQu8
-5EFCgxyvkaLManw=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_sect283k1_PUB
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBMjBO8WoxHS/vz8po52WZGxS+RK5yolrUe6tfbAMA3Sd
-5/JjBDVjOz95vM4gUnqzUWHN5nKBQtj6HiU9Q/R+zqg98OiQKTyA
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_sect283k1:ALICE_cf_sect283k1_PUB
-
-PrivateKey=BOB_cf_sect283k1
------BEGIN PRIVATE KEY-----
-MEICAQAwEAYHKoZIzj0CAQYFK4EEABAEKzApAgEBBCQBCZC8Is+YSjgXJBBDioEl6gu14QpGHllD
-1J6957vBTPSQdH0=
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_sect283k1_PUB
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAGEQKZVHYAlvtjHrFyZVm12qUb5j+T5/WNoC962+kwUM
-QkBYA5BpuG8Knlugq1iB31whPAgRCZfdLKHpHRPJSfXvKyUIdeUm
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_sect283k1:BOB_cf_sect283k1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_sect283k1
-PeerKey=BOB_cf_sect283k1_PUB
-SharedSecret=03f67c88bdc230b43773d17fdb4d0a980556d074ceccee726932160e4ed965e3be72803c
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_sect283k1
-PeerKey=ALICE_cf_sect283k1_PUB
-SharedSecret=03f67c88bdc230b43773d17fdb4d0a980556d074ceccee726932160e4ed965e3be72803c
-
-# ECC CDH Alice with Bob peer
-Derive=ALICE_cf_sect283k1
-PeerKey=BOB_cf_sect283k1_PUB
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0677ba01c84d139609ca145cb5b6079fc9ca67f59c9c913e47cad1073f1d1dfaddde0169
-
-# ECC CDH Bob with Alice peer
-Derive=BOB_cf_sect283k1
-PeerKey=ALICE_cf_sect283k1_PUB
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0677ba01c84d139609ca145cb5b6079fc9ca67f59c9c913e47cad1073f1d1dfaddde0169
-
-PublicKey=MALICE_cf_sect283k1_PUB
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB
------END PUBLIC KEY-----
-
-# ECC CDH Bob with Malice peer
-Derive=BOB_cf_sect283k1
-PeerKey=MALICE_cf_sect283k1_PUB
-Ctrl=ecdh_cofactor_mode:1
-Result=DERIVE_ERROR
-Reason=point at infinity
-
-# ECC CDH Alice with Malice peer
-Derive=ALICE_cf_sect283k1
-PeerKey=MALICE_cf_sect283k1_PUB
-Ctrl=ecdh_cofactor_mode:1
-Result=DERIVE_ERROR
-Reason=point at infinity
-
-Title=sect283r1 curve tests
-
-PrivateKey=ALICE_cf_sect283r1
------BEGIN PRIVATE KEY-----
-MEICAQAwEAYHKoZIzj0CAQYFK4EEABEEKzApAgEBBCQCQ5pqKvPxDysd1pi2Bv8Z11cFhsRZfuaf
-4Pi0hpGr4ubZcHE=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_sect283r1_PUB
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBcsrGDgO7pbGybQX/00gRHtQq3+X9XrGb7Uzv9Nabwc/
-kntnBMF0I2KU+aaTjQx1GVtmNf7CvFwPLEBnfKjJAjekjsGyIqoq
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_sect283r1:ALICE_cf_sect283r1_PUB
-
-PrivateKey=BOB_cf_sect283r1
------BEGIN PRIVATE KEY-----
-MEICAQAwEAYHKoZIzj0CAQYFK4EEABEEKzApAgEBBCQDxItnY3cDCrX/jGnVuAKDPaySZCr3E83Q
-UdFnP6YIykt7+Pg=
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_sect283r1_PUB
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBJ2C9BCkX0YRfs2ufgUKvreUXFWp2AGK+iHlZB4N3LqO
-PKpmAkrAeCMty6mw2mEnOR5HA1d4Ee+z7/NJgJJ80Ra9bFnreOW3
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_sect283r1:BOB_cf_sect283r1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_sect283r1
-PeerKey=BOB_cf_sect283r1_PUB
-SharedSecret=0424259cf09727574fb863cab7c27d8fe3835e96433110a45a951f94347fc81939ec4773
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_sect283r1
-PeerKey=ALICE_cf_sect283r1_PUB
-SharedSecret=0424259cf09727574fb863cab7c27d8fe3835e96433110a45a951f94347fc81939ec4773
-
-# ECC CDH Alice with Bob peer
-Derive=ALICE_cf_sect283r1
-PeerKey=BOB_cf_sect283r1_PUB
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01c2a542654ce85b17456ed75b6bca6b6eb761580913670debc426a3525f236df0e875c8
-
-# ECC CDH Bob with Alice peer
-Derive=BOB_cf_sect283r1
-PeerKey=ALICE_cf_sect283r1_PUB
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=01c2a542654ce85b17456ed75b6bca6b6eb761580913670debc426a3525f236df0e875c8
-
-PublicKey=MALICE_cf_sect283r1_PUB
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAByvMnFeSsevoGYMIn7b4NaL9IgowRCTKF8CCrhdEKu3pubP2
------END PUBLIC KEY-----
-
-# ECC CDH Bob with Malice peer
-Derive=BOB_cf_sect283r1
-PeerKey=MALICE_cf_sect283r1_PUB
-Ctrl=ecdh_cofactor_mode:1
-Result=DERIVE_ERROR
-Reason=point at infinity
-
-# ECC CDH Alice with Malice peer
-Derive=ALICE_cf_sect283r1
-PeerKey=MALICE_cf_sect283r1_PUB
-Ctrl=ecdh_cofactor_mode:1
-Result=DERIVE_ERROR
-Reason=point at infinity
-
-Title=sect409k1 curve tests
-
-PrivateKey=ALICE_cf_sect409k1
------BEGIN PRIVATE KEY-----
-MFECAQAwEAYHKoZIzj0CAQYFK4EEACQEOjA4AgEBBDMOthcLahkXFgM0wjOzm767D1A72sFRGlhb
-bVH+EB7z2WpIcPX4OD+M4Y1pf/a7wSaoSAo=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_sect409k1_PUB
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAbiYYpeFgCMsZFMzQaiwMJDrC+mCMT7KmhYtD5EMMgLW
-5OvhaqYdpRf49A8LOtVcRT7J5gGcMrXQgmQeS3FenA5owWnB2NIgrTNf5d8AAEtrOupsJ4c3kL6e
-aAzayZ1+UCEj8skbC9U=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_sect409k1:ALICE_cf_sect409k1_PUB
-
-PrivateKey=BOB_cf_sect409k1
------BEGIN PRIVATE KEY-----
-MFECAQAwEAYHKoZIzj0CAQYFK4EEACQEOjA4AgEBBDMO43ldQllTewdZwffH4OEXdzBrLwabKsn4
-6/hjgIAaYda/pt4yCEQLMp18QgtfMey5ENI=
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_sect409k1_PUB
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAVTQj6hRizVmOx4Z6vroN/zMkmAY+QhkQ0CnFeJ0AydY
-Fv+f+/420vMC1Mhqsc9VzPMmIAH6ZrgGKDsd4Ce9JUtYE0rVhGeiG2RaN1U5RlhVK4avkWhFlyQ5
-vuu4aApQiWE3yQd9v/I=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_sect409k1:BOB_cf_sect409k1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_sect409k1
-PeerKey=BOB_cf_sect409k1_PUB
-SharedSecret=01fbe13188588c9d1ac3a8a2680ea9a009b28e4b7d7fa4efcb1a22553876fb7973616819fd87c75e5b8ce6e3628595e4ce12edb0
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_sect409k1
-PeerKey=ALICE_cf_sect409k1_PUB
-SharedSecret=01fbe13188588c9d1ac3a8a2680ea9a009b28e4b7d7fa4efcb1a22553876fb7973616819fd87c75e5b8ce6e3628595e4ce12edb0
-
-# ECC CDH Alice with Bob peer
-Derive=ALICE_cf_sect409k1
-PeerKey=BOB_cf_sect409k1_PUB
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=007e9485f7234bb2255bb40e51f4be867cb0ef31f8e489a697b31b51c4d5346daaee51e96ae6f9636e6e3af56095fe28755325ee
-
-# ECC CDH Bob with Alice peer
-Derive=BOB_cf_sect409k1
-PeerKey=ALICE_cf_sect409k1_PUB
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=007e9485f7234bb2255bb40e51f4be867cb0ef31f8e489a697b31b51c4d5346daaee51e96ae6f9636e6e3af56095fe28755325ee
-
-PublicKey=MALICE_cf_sect409k1_PUB
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAA=
------END PUBLIC KEY-----
-
-# ECC CDH Bob with Malice peer
-Derive=BOB_cf_sect409k1
-PeerKey=MALICE_cf_sect409k1_PUB
-Ctrl=ecdh_cofactor_mode:1
-Result=DERIVE_ERROR
-Reason=point at infinity
-
-# ECC CDH Alice with Malice peer
-Derive=ALICE_cf_sect409k1
-PeerKey=MALICE_cf_sect409k1_PUB
-Ctrl=ecdh_cofactor_mode:1
-Result=DERIVE_ERROR
-Reason=point at infinity
-
-Title=sect409r1 curve tests
-
-PrivateKey=ALICE_cf_sect409r1
------BEGIN PRIVATE KEY-----
-MFICAQAwEAYHKoZIzj0CAQYFK4EEACUEOzA5AgEBBDQAxSC9lST5dtfXQI1Ug9VMMoue3GGni5ON
-+gieyXK2KKbd29KAPs4/AOd8kX2wQDsZPO7E
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_sect409r1_PUB
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEASAvXAM15DJerAu1JttpBuMJK1/fEfFohu2iEpt3r7Ui
-iQoER6HUsWiw1hhcJyTv7WzpJQHFWrOlJMe/KjmQa/CygSc65YHDzG27oUL+KGdQUGc79ZRSwl/q
-fGZqa3D+bDVMwrhmZto=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_sect409r1:ALICE_cf_sect409r1_PUB
-
-PrivateKey=BOB_cf_sect409r1
------BEGIN PRIVATE KEY-----
-MFICAQAwEAYHKoZIzj0CAQYFK4EEACUEOzA5AgEBBDQARen+1P3JQzBgOv0pUYwsZTPRVLpqqDAU
-7mKL2lk9eH7zSGmtNoMvP2m1S2dBnXxFY/bV
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_sect409r1_PUB
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAbDUw066TtdfOpDvrlKosEyqUNEG7rY+AKvDqKw+HOzf
-sUTYee6cEf71oqJ1sCKPQiYzlwCu/HLQeWPxISE6Uo+53kkeJml2xpMBwoE25Gq/DSS61dR7SRTZ
-+sUmumbIuGzbrjtMRmw=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_sect409r1:BOB_cf_sect409r1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_sect409r1
-PeerKey=BOB_cf_sect409r1_PUB
-SharedSecret=00a751259cdb3b445ce71a40a01a2189dfce70226111190505fc6eabe4e5a05bff7af55f2015e1ffcab6aea7ea9a6e74905da2a1
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_sect409r1
-PeerKey=ALICE_cf_sect409r1_PUB
-SharedSecret=00a751259cdb3b445ce71a40a01a2189dfce70226111190505fc6eabe4e5a05bff7af55f2015e1ffcab6aea7ea9a6e74905da2a1
-
-# ECC CDH Alice with Bob peer
-Derive=ALICE_cf_sect409r1
-PeerKey=BOB_cf_sect409r1_PUB
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0115a31aed416c5089d74a263ec300aff13a5329c6ad27de950ae0b0917b40a3464fccf5691ac9633a51e5177a82b15cfc434aad
-
-# ECC CDH Bob with Alice peer
-Derive=BOB_cf_sect409r1
-PeerKey=ALICE_cf_sect409r1_PUB
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=0115a31aed416c5089d74a263ec300aff13a5329c6ad27de950ae0b0917b40a3464fccf5691ac9633a51e5177a82b15cfc434aad
-
-PublicKey=MALICE_cf_sect409r1_PUB
------BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAACZNffkdo7i7yL5tKKfU8tdk6su0K185XwbJkn96JWVDPZXZ3My
-bFKKSOJ7hyrM8Lwl1e8=
------END PUBLIC KEY-----
-
-# ECC CDH Bob with Malice peer
-Derive=BOB_cf_sect409r1
-PeerKey=MALICE_cf_sect409r1_PUB
-Ctrl=ecdh_cofactor_mode:1
-Result=DERIVE_ERROR
-Reason=point at infinity
-
-# ECC CDH Alice with Malice peer
-Derive=ALICE_cf_sect409r1
-PeerKey=MALICE_cf_sect409r1_PUB
-Ctrl=ecdh_cofactor_mode:1
-Result=DERIVE_ERROR
-Reason=point at infinity
-
-Title=sect571k1 curve tests
-
-PrivateKey=ALICE_cf_sect571k1
------BEGIN PRIVATE KEY-----
-MGYCAQAwEAYHKoZIzj0CAQYFK4EEACYETzBNAgEBBEgB4agvk7Qdf9bVb9aMVdtXL0MuVw6dTleB
-zrpPMYty/piI5GWkQEGVp4OJSjF1BGgWmtYSYlV0oI8jJ7hfWTjVGfVWix4ipb8=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_sect571k1_PUB
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDUZq0ZrgYpTXNpOptjExaur0K9FAYHv1j9cvAptwX
-dcmQf3VqekMkGZCfNdqNeqCajG3QHRkBHe4FZhWr3FXi8whvvr463lUDf+t46un1kE6FTYfhILGa
-sBZm7OdfkarYd9TXBbmnkFA+XkyPlkM1+6daM3/WmnegK+TYghFDXLgwiyF8s0ElllF7z38Gmc4=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_sect571k1:ALICE_cf_sect571k1_PUB
-
-PrivateKey=BOB_cf_sect571k1
------BEGIN PRIVATE KEY-----
-MGYCAQAwEAYHKoZIzj0CAQYFK4EEACYETzBNAgEBBEgA3pINxGOI7L9M+Mil+bm/udPwI4xu7ubJ
-p3aoOepTXW94laf8wjFLcQnRUwH87Vbq9VLQEfCAFvr2vZoBc+5asnNuDhRNNeQ=
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_sect571k1_PUB
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDZRr5GCSq2uzGxmWNB+bED7zye18Rr/KehwXrbn1r
-rKtR8fe+dg2V15FieC3qZe/wCpMtyp79VmEabGi6iGLlAN/rUE81URsA/K7GVpmklslV5gmwryR0
-3E7jGKPFesun9iNtmpgM18P9y3aJd4Qr4hMlwW2Nyw187l6QB/W2e/i+8vKXFTLHlz5WLAyAcpA=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_sect571k1:BOB_cf_sect571k1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_sect571k1
-PeerKey=BOB_cf_sect571k1_PUB
-SharedSecret=02b79c92cee50dc5b9fdddce36d4fa2e28d7d178cd74e575961f39429496305b38815c840c2e66327435c044ed885ec964068531251a2112717602532e8b6d5411db2fe05c1ac18c
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_sect571k1
-PeerKey=ALICE_cf_sect571k1_PUB
-SharedSecret=02b79c92cee50dc5b9fdddce36d4fa2e28d7d178cd74e575961f39429496305b38815c840c2e66327435c044ed885ec964068531251a2112717602532e8b6d5411db2fe05c1ac18c
-
-# ECC CDH Alice with Bob peer
-Derive=ALICE_cf_sect571k1
-PeerKey=BOB_cf_sect571k1_PUB
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=063aea789492c9727a5a6b7f24e8d3d377c70ee8e86b13664e191a53b1905e90e78b85960b1881db5160c7c5cacca0d686d9e104140d565eeeec17426f93d3a7ba639ecd716b43d2
-
-# ECC CDH Bob with Alice peer
-Derive=BOB_cf_sect571k1
-PeerKey=ALICE_cf_sect571k1_PUB
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=063aea789492c9727a5a6b7f24e8d3d377c70ee8e86b13664e191a53b1905e90e78b85960b1881db5160c7c5cacca0d686d9e104140d565eeeec17426f93d3a7ba639ecd716b43d2
-
-PublicKey=MALICE_cf_sect571k1_PUB
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE=
------END PUBLIC KEY-----
-
-# ECC CDH Bob with Malice peer
-Derive=BOB_cf_sect571k1
-PeerKey=MALICE_cf_sect571k1_PUB
-Ctrl=ecdh_cofactor_mode:1
-Result=DERIVE_ERROR
-Reason=point at infinity
-
-# ECC CDH Alice with Malice peer
-Derive=ALICE_cf_sect571k1
-PeerKey=MALICE_cf_sect571k1_PUB
-Ctrl=ecdh_cofactor_mode:1
-Result=DERIVE_ERROR
-Reason=point at infinity
-
-Title=sect571r1 curve tests
-
-PrivateKey=ALICE_cf_sect571r1
------BEGIN PRIVATE KEY-----
-MGYCAQAwEAYHKoZIzj0CAQYFK4EEACcETzBNAgEBBEgAxfL2/gUsmJonvDMR95Azq1ySgXMlKSRk
-+PL+WaS92ZyOo45HaC7RpH5sdkf4b948u6y1BXOxGZuORXy6lgbgZ1Zx2UgL3cI=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_cf_sect571r1_PUB
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBK5L9ccIWacU2A1srZ35opPu6kcbEOsBPmvj/rlMS
-fFrdMOcagOYfcD0/ouYHPhvkHbr9k87IlQJfnV6ZNRA4PmWSp/FjkNwETm/fqTCUQHti/qqnKH7R
-Ed4fYROLFGvz+PX6E20SryOt1vrmoRyC7Z5FVmgMVOQQ1AaBNAHi3+IPtKx41YdXdbqHJxuI5jE=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=ALICE_cf_sect571r1:ALICE_cf_sect571r1_PUB
-
-PrivateKey=BOB_cf_sect571r1
------BEGIN PRIVATE KEY-----
-MGYCAQAwEAYHKoZIzj0CAQYFK4EEACcETzBNAgEBBEgAzcRvASPpWi0ybpOGlj0Lozz01C2a5oDA
-G5alib1EmZKcpVULxJXn75FQlTKpkUEuWUgA4yk5X5DTiScUuh4LDhaF3AFhsEY=
------END PRIVATE KEY-----
-
-PublicKey=BOB_cf_sect571r1_PUB
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQH3dnL22NajtqDWTX6qD14w1BOlpHFBUPTr24VySlh
-kiiBlOF95u7hFr/hSb7gm/3f+IVKyE18Sh2kR4KaxWcPWKY5xKTiqiICT7hCistuzNRt8gR+kNOT
-c1rETMV6ZruZinwzEWWWjwJf6612oy2HG3CX3B8Rm+a3sS0q6IzowEwqmDv6v9bMTFk8bsCv0Fk=
------END PUBLIC KEY-----
-
-PrivPubKeyPair=BOB_cf_sect571r1:BOB_cf_sect571r1_PUB
-
-# ECDH Alice with Bob peer
-Derive=ALICE_cf_sect571r1
-PeerKey=BOB_cf_sect571r1_PUB
-SharedSecret=0031f9879fa75b8c67ba81ee861be634e2b53aa79f834e9a8ca4df7f4461bcb02f083d9fa5b4767f881a710caa6524b58eb626623ba394961d46535204c26d165089e7d4f7be1827
-
-# ECDH Bob with Alice peer
-Derive=BOB_cf_sect571r1
-PeerKey=ALICE_cf_sect571r1_PUB
-SharedSecret=0031f9879fa75b8c67ba81ee861be634e2b53aa79f834e9a8ca4df7f4461bcb02f083d9fa5b4767f881a710caa6524b58eb626623ba394961d46535204c26d165089e7d4f7be1827
-
-# ECC CDH Alice with Bob peer
-Derive=ALICE_cf_sect571r1
-PeerKey=BOB_cf_sect571r1_PUB
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=012e8c2c1554988fe20c5ae7d11cdcfe15c7c6e8d2b6f46a43a45d724bfc7b415ea7594d5c16f770a95d6e65bbcb1f34619db95e89f4fecbcb0bc6a3f92d52df6a49b0e7773e0ac0
-
-# ECC CDH Bob with Alice peer
-Derive=BOB_cf_sect571r1
-PeerKey=ALICE_cf_sect571r1_PUB
-Ctrl=ecdh_cofactor_mode:1
-SharedSecret=012e8c2c1554988fe20c5ae7d11cdcfe15c7c6e8d2b6f46a43a45d724bfc7b415ea7594d5c16f770a95d6e65bbcb1f34619db95e89f4fecbcb0bc6a3f92d52df6a49b0e7773e0ac0
-
-PublicKey=MALICE_cf_sect571r1_PUB
------BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHMtVWZAwgtd1zmgWN/9WC
-aNQcWRNUKesEHXqhJVkC5jYsSACodKsLYFNrWEYM0gwG8DQONZSn93G+38EM45tkaZsIRDt2HEM=
------END PUBLIC KEY-----
-
-# ECC CDH Bob with Malice peer
-Derive=BOB_cf_sect571r1
-PeerKey=MALICE_cf_sect571r1_PUB
-Ctrl=ecdh_cofactor_mode:1
-Result=DERIVE_ERROR
-Reason=point at infinity
-
-# ECC CDH Alice with Malice peer
-Derive=ALICE_cf_sect571r1
-PeerKey=MALICE_cf_sect571r1_PUB
-Ctrl=ecdh_cofactor_mode:1
-Result=DERIVE_ERROR
-Reason=point at infinity
-
 Title=wap-wsg-idm-ecid-wtls10 curve tests
 
 PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls10
diff --git a/test/recipes/30-test_evp_data/evppkey_ecc_nist.txt b/test/recipes/30-test_evp_data/evppkey_ecc_nist.txt
new file mode 100644
index 0000000000..ffaa04233e
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evppkey_ecc_nist.txt
@@ -0,0 +1,945 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title=prime192v1 curve tests
+
+PrivateKey=ALICE_cf_prime192v1
+-----BEGIN PRIVATE KEY-----
+MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEHzAdAgEBBBhQFYLaobJ47BVWWZv/ByY8Ti69m/U9
+TeI=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_prime192v1_PUB
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEHYbt14KzucSpmKMrlDx1IGz/a28nDs21OjKgx3BK
+PZ78UrllIr69kgrYUKsRg4sd
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_prime192v1:ALICE_cf_prime192v1_PUB
+
+PrivateKey=BOB_cf_prime192v1
+-----BEGIN PRIVATE KEY-----
+MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEHzAdAgEBBBhsbmKHAtygIqirkmUXSbniDJOx0/fI
+CWM=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_prime192v1_PUB
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEJA+FQcXq5Axzv8pLDslxq1QVt1hjN2i0TgoO6Yxp
+bAekMot69VorE8ibSzgJixXJ
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_prime192v1:BOB_cf_prime192v1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_prime192v1
+PeerKey=BOB_cf_prime192v1_PUB
+SharedSecret=e36cad3b0f8d00f60f090440a76df47896713ae61421c354
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_prime192v1
+PeerKey=ALICE_cf_prime192v1_PUB
+SharedSecret=e36cad3b0f8d00f60f090440a76df47896713ae61421c354
+
+Title=prime256v1 curve tests
+
+PrivateKey=ALICE_cf_prime256v1
+-----BEGIN PRIVATE KEY-----
+MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCDZE0NZiGAFJX6JQxumKTFRT+XFCQqJ
+gHCUxmU2fRcn9Q==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_prime256v1_PUB
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE5kDOrX6kmk1/jHfEdMBluFos6dyCbzKVOX3v2aa2
+y5IhlhTKtCJdydX+XWLDXWW9sbtIRNP94R3iOOpRPBqpGg==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_prime256v1:ALICE_cf_prime256v1_PUB
+
+PrivateKey=BOB_cf_prime256v1
+-----BEGIN PRIVATE KEY-----
+MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCAxJgV1dLJw/o2Dmh1fIY1KpBd88WCP
+23wZzR8DzhyCrA==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_prime256v1_PUB
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE5J6yA+j0zrGi6RilUhjrcL7OUMzYTwpnw5DdRXr0
+creHgE03EFV//7xqadB4BDwFIGM9MV2sE6qREEomWhZFeg==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_prime256v1:BOB_cf_prime256v1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_prime256v1
+PeerKey=BOB_cf_prime256v1_PUB
+SharedSecret=ee63690b553dcd9bccb066137725f0489395a83f4d280f309339d606c969734a
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_prime256v1
+PeerKey=ALICE_cf_prime256v1_PUB
+SharedSecret=ee63690b553dcd9bccb066137725f0489395a83f4d280f309339d606c969734a
+
+Title=secp224r1 curve tests
+
+PrivateKey=ALICE_cf_secp224r1
+-----BEGIN PRIVATE KEY-----
+MDoCAQAwEAYHKoZIzj0CAQYFK4EEACEEIzAhAgEBBBzeo7Y0HMfrIqKNm3r997jcfVAa4osa0AR2
+JA28
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_secp224r1_PUB
+-----BEGIN PUBLIC KEY-----
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAExZc6o84XjBGLOosGj2t0QctgiyzF3NcVgy+DeW7stkVs
+yS2tRzMPBpwnApRzoRsdJR99sb3eM2s=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_secp224r1:ALICE_cf_secp224r1_PUB
+
+PrivateKey=BOB_cf_secp224r1
+-----BEGIN PRIVATE KEY-----
+MDoCAQAwEAYHKoZIzj0CAQYFK4EEACEEIzAhAgEBBBy2LsqxHhdlSiAmMYKQAEmjJWT22T42GYKo
+ZvXM
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_secp224r1_PUB
+-----BEGIN PUBLIC KEY-----
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAE71Eh6hwTKUrmyl2PdkY787GwxiohIcaqB4eK2Mwg6tU4
+LeJHWcgY18CgPKCaeldUgnkMcJzKj20=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_secp224r1:BOB_cf_secp224r1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_secp224r1
+PeerKey=BOB_cf_secp224r1_PUB
+SharedSecret=29d8b75934d74d5153bbb94e0370437c63ecc30bf3d2800ed1cb7eb5
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_secp224r1
+PeerKey=ALICE_cf_secp224r1_PUB
+SharedSecret=29d8b75934d74d5153bbb94e0370437c63ecc30bf3d2800ed1cb7eb5
+
+Title=secp384r1 curve tests
+
+PrivateKey=ALICE_cf_secp384r1
+-----BEGIN PRIVATE KEY-----
+ME4CAQAwEAYHKoZIzj0CAQYFK4EEACIENzA1AgEBBDAp1ErG6wVjuJs90qVbUBxNpQK1wtV4ieX1
+bIU/4HssZK6WjOOTyYguyEBCOf/rUnw=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_secp384r1_PUB
+-----BEGIN PUBLIC KEY-----
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEx5rt+yujIuPoIXpHGmExKSi/P+58sGYoqgdpdOJUXzn2
+Rc4alCpSxVJeC55xvwaFHc3pzNyRGwnhPmN6oU/KMP6XjBvR4wq35mr/Sym5s0B2blAzkJU37idq
+nTi3xGHx
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_secp384r1:ALICE_cf_secp384r1_PUB
+
+PrivateKey=BOB_cf_secp384r1
+-----BEGIN PRIVATE KEY-----
+ME4CAQAwEAYHKoZIzj0CAQYFK4EEACIENzA1AgEBBDAUjVgPpiI+xXye0nfRhc8+12hLdWY4fpsO
+Jq2MCp+W85xJwtXsEPrHj1XFnKVpM4c=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_secp384r1_PUB
+-----BEGIN PUBLIC KEY-----
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE+JUBXRSHixH0TrcvYvIzep7+/WNpEhWdCPsLMygigW5j
+pzP30MF41GnQYgfJu5wI/gu1C/jFTv1X6Dgmla3JxBYlPeD+1L0lEMT3evmHKMM/BFe3WKBuXyhP
+ilrNtfee
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_secp384r1:BOB_cf_secp384r1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_secp384r1
+PeerKey=BOB_cf_secp384r1_PUB
+SharedSecret=b3cfe488126e2731fb7c19f82e94fcc05e1dd303649a9257e858030b795c2d344a054b0c44a24fd7f5821f531a9b8cfb
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_secp384r1
+PeerKey=ALICE_cf_secp384r1_PUB
+SharedSecret=b3cfe488126e2731fb7c19f82e94fcc05e1dd303649a9257e858030b795c2d344a054b0c44a24fd7f5821f531a9b8cfb
+
+Title=secp521r1 curve tests
+
+PrivateKey=ALICE_cf_secp521r1
+-----BEGIN PRIVATE KEY-----
+MGACAQAwEAYHKoZIzj0CAQYFK4EEACMESTBHAgEBBEIBsYIcUKeN2evB626LCdYWH/xzUiEDCdRP
+rEENsC8//dowKnOCtlLtawh0DXTIZ/HhpUREuaoffdsmYb6+Oq1TRjc=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_secp521r1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBufYxJf/4Ds6g7LlFRVS62ljm3xApV2T79hfWH8Lv
+iroIaCFjLBIfOVDF8jvj2PO1ar3yCLiSA2RiLZz1Y+tv/tcATHE0nS7l3SfGiGmEnVycEnhgqlKM
+UM3kpdd7eNkQn5/GO8KAPQqA/sOnvTavg5S01t0ub+PY/w0Y6oBgthaUAW0=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_secp521r1:ALICE_cf_secp521r1_PUB
+
+PrivateKey=BOB_cf_secp521r1
+-----BEGIN PRIVATE KEY-----
+MGACAQAwEAYHKoZIzj0CAQYFK4EEACMESTBHAgEBBEIB+3/adZnNwr6GFUzZpi8So7pC/5FYQ0+0
+lMmoUjGvy8DNADcHaPpW68hX/M+z7LrK0Jpnonb9JSEXlgjOPVe4Ea8=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_secp521r1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBLq2fjyCalnvr24tjaz87ijIWlLMoCH7Hmyq1t2l8
+PFbyBIZbngDC0gwFM5ZI582QSWlW79G3clJP9VxlJOsms50BYBYgd6o2JF4w8AnShVXxFSJU1py4
+klCDNhTFybRHFXpujfuUeNnFxAGIUb4edJ0fAqqc7kkERhYe8EPEZYMKp3Q=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_secp521r1:BOB_cf_secp521r1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_secp521r1
+PeerKey=BOB_cf_secp521r1_PUB
+SharedSecret=01dd4aa9037bb4ad298b420998dcd32b3a9af1cda8b7919e372aeb4e54ccfb4d2409a340ed896bfbc5dd462f8d96b8784bc17b29db3ca04700e6ec752f9bec777695
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_secp521r1
+PeerKey=ALICE_cf_secp521r1_PUB
+SharedSecret=01dd4aa9037bb4ad298b420998dcd32b3a9af1cda8b7919e372aeb4e54ccfb4d2409a340ed896bfbc5dd462f8d96b8784bc17b29db3ca04700e6ec752f9bec777695
+
+Title=sect163k1 curve tests
+
+PrivateKey=ALICE_cf_sect163k1
+-----BEGIN PRIVATE KEY-----
+MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAEEHDAaAgEBBBUB905PYfmej8LzbzX6Bg51GJzXQjQ=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_sect163k1_PUB
+-----BEGIN PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBfvs5A1hD8YySP9O2ub8GEUfotVuBpfRx4GIHdAfx8wV
+1UVeTRnyAlWU
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_sect163k1:ALICE_cf_sect163k1_PUB
+
+PrivateKey=BOB_cf_sect163k1
+-----BEGIN PRIVATE KEY-----
+MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAEEHDAaAgEBBBUCHPtCjJ4/K8ylQBcLlb5VE0bkaUE=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_sect163k1_PUB
+-----BEGIN PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBvgfX1mTRlt6Z4TE1D1MNWo4loH4AoeYa6oowK104LKk
+nsdg7isQ8XBD
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_sect163k1:BOB_cf_sect163k1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_sect163k1
+PeerKey=BOB_cf_sect163k1_PUB
+SharedSecret=04d0e40788c5ce5220818055277cae53eac55c1e6b
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_sect163k1
+PeerKey=ALICE_cf_sect163k1_PUB
+SharedSecret=04d0e40788c5ce5220818055277cae53eac55c1e6b
+
+# ECC CDH Alice with Bob peer
+Derive=ALICE_cf_sect163k1
+PeerKey=BOB_cf_sect163k1_PUB
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=04c902a91110244d89110034dd2b099c49cbab6c77
+
+# ECC CDH Bob with Alice peer
+Derive=BOB_cf_sect163k1
+PeerKey=ALICE_cf_sect163k1_PUB
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=04c902a91110244d89110034dd2b099c49cbab6c77
+
+PublicKey=MALICE_cf_sect163k1_PUB
+-----BEGIN PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAB
+-----END PUBLIC KEY-----
+
+# ECC CDH Bob with Malice peer
+Derive=BOB_cf_sect163k1
+PeerKey=MALICE_cf_sect163k1_PUB
+Ctrl=ecdh_cofactor_mode:1
+Result=DERIVE_ERROR
+Reason=point at infinity
+
+# ECC CDH Alice with Malice peer
+Derive=ALICE_cf_sect163k1
+PeerKey=MALICE_cf_sect163k1_PUB
+Ctrl=ecdh_cofactor_mode:1
+Result=DERIVE_ERROR
+Reason=point at infinity
+
+Title=sect163r2 curve tests
+
+PrivateKey=ALICE_cf_sect163r2
+-----BEGIN PRIVATE KEY-----
+MDMCAQAwEAYHKoZIzj0CAQYFK4EEAA8EHDAaAgEBBBUBjCs/M3N31jsAueYrOq21vdETwAI=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_sect163r2_PUB
+-----BEGIN PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBd8Z1/HpA+89hF4I98EST3svWns3BAEbhWmL/fgxk2uu
+YwVrmqhgqH/C
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_sect163r2:ALICE_cf_sect163r2_PUB
+
+PrivateKey=BOB_cf_sect163r2
+-----BEGIN PRIVATE KEY-----
+MDMCAQAwEAYHKoZIzj0CAQYFK4EEAA8EHDAaAgEBBBUBsiouT9Df+mwHWrpPg1JSrY9nqlI=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_sect163r2_PUB
+-----BEGIN PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBULqBZ+nhLhDEMYY8NEEzZ126MdxAcFXWv8zmPEH9505
+8vT5zU3aq6HV
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_sect163r2:BOB_cf_sect163r2_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_sect163r2
+PeerKey=BOB_cf_sect163r2_PUB
+SharedSecret=019f829a53c4e6544bdec1395a23082169efaf369d
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_sect163r2
+PeerKey=ALICE_cf_sect163r2_PUB
+SharedSecret=019f829a53c4e6544bdec1395a23082169efaf369d
+
+# ECC CDH Alice with Bob peer
+Derive=ALICE_cf_sect163r2
+PeerKey=BOB_cf_sect163r2_PUB
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=048870d39235ecbc16a000ee478833509b9318a53f
+
+# ECC CDH Bob with Alice peer
+Derive=BOB_cf_sect163r2
+PeerKey=ALICE_cf_sect163r2_PUB
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=048870d39235ecbc16a000ee478833509b9318a53f
+
+PublicKey=MALICE_cf_sect163r2_PUB
+-----BEGIN PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsJbhbrfiSdZPSHD
+ZtqJwDlp802l
+-----END PUBLIC KEY-----
+
+# ECC CDH Bob with Malice peer
+Derive=BOB_cf_sect163r2
+PeerKey=MALICE_cf_sect163r2_PUB
+Ctrl=ecdh_cofactor_mode:1
+Result=DERIVE_ERROR
+Reason=point at infinity
+
+# ECC CDH Alice with Malice peer
+Derive=ALICE_cf_sect163r2
+PeerKey=MALICE_cf_sect163r2_PUB
+Ctrl=ecdh_cofactor_mode:1
+Result=DERIVE_ERROR
+Reason=point at infinity
+
+Title=sect233k1 curve tests
+
+PrivateKey=ALICE_cf_sect233k1
+-----BEGIN PRIVATE KEY-----
+MDsCAQAwEAYHKoZIzj0CAQYFK4EEABoEJDAiAgEBBB0z/3heNFjJL+2sAT/38yRsN3kt2iXz7u+y
+Gua8Kw==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_sect233k1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEALQyn0zJmOrHm4S2EIjxRe899PadBnfpYjLKWGvpAIzf
+MEG861Nv1IYJkmkO1xlfNHeeRtqFgsQVFKZh
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_sect233k1:ALICE_cf_sect233k1_PUB
+
+PrivateKey=BOB_cf_sect233k1
+-----BEGIN PRIVATE KEY-----
+MDsCAQAwEAYHKoZIzj0CAQYFK4EEABoEJDAiAgEBBB1I0ucrC4d9i6Z+0cbar5r7uKpF5iiQkSJA
+DFMTUA==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_sect233k1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAatdqazxSghJ568CBFyMXhEvVeAiLewOY/jk9H5DAOB4
+ufNGbdd131KLaKPivB38a6n5Y+2BVSJangow
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_sect233k1:BOB_cf_sect233k1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_sect233k1
+PeerKey=BOB_cf_sect233k1_PUB
+SharedSecret=012145026e8de65973c154e085456fc5539ba9e25663e7f5816abfcab310
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_sect233k1
+PeerKey=ALICE_cf_sect233k1_PUB
+SharedSecret=012145026e8de65973c154e085456fc5539ba9e25663e7f5816abfcab310
+
+# ECC CDH Alice with Bob peer
+Derive=ALICE_cf_sect233k1
+PeerKey=BOB_cf_sect233k1_PUB
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=00ff7d6c6b80f39d2ae68fbd00adbcd75fa599ed0bc1aac0e3f49c1c164d
+
+# ECC CDH Bob with Alice peer
+Derive=BOB_cf_sect233k1
+PeerKey=ALICE_cf_sect233k1_PUB
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=00ff7d6c6b80f39d2ae68fbd00adbcd75fa599ed0bc1aac0e3f49c1c164d
+
+PublicKey=MALICE_cf_sect233k1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+-----END PUBLIC KEY-----
+
+# ECC CDH Bob with Malice peer
+Derive=BOB_cf_sect233k1
+PeerKey=MALICE_cf_sect233k1_PUB
+Ctrl=ecdh_cofactor_mode:1
+Result=DERIVE_ERROR
+Reason=point at infinity
+
+# ECC CDH Alice with Malice peer
+Derive=ALICE_cf_sect233k1
+PeerKey=MALICE_cf_sect233k1_PUB
+Ctrl=ecdh_cofactor_mode:1
+Result=DERIVE_ERROR
+Reason=point at infinity
+
+Title=sect233r1 curve tests
+
+PrivateKey=ALICE_cf_sect233r1
+-----BEGIN PRIVATE KEY-----
+MDwCAQAwEAYHKoZIzj0CAQYFK4EEABsEJTAjAgEBBB4ATcy7zVpIsJ9rl5EIDmzRz5wxjrDIQyDm
+HP3Pt8Y=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_sect233r1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAQMQHiJ44LiCnZkEg1zyww1h+idTbsw8E07P33WUAUfD
+NeQ4hWEhTXPnytIbEhFKpnd3j/FbyZnJqxh8
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_sect233r1:ALICE_cf_sect233r1_PUB
+
+PrivateKey=BOB_cf_sect233r1
+-----BEGIN PRIVATE KEY-----
+MDwCAQAwEAYHKoZIzj0CAQYFK4EEABsEJTAjAgEBBB4ALpOlFn4OfiIAkRAZGOsn7L6W3XoQBSV8
+mQVC2pw=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_sect233r1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAJQw+NWqFJXYw4dVMovzvw76OYnYOTaDaEPNW8ECAQbl
+TzzbBSTp5iqM13mP0/Bo4OO66NS3lA9e/GTO
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_sect233r1:BOB_cf_sect233r1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_sect233r1
+PeerKey=BOB_cf_sect233r1_PUB
+SharedSecret=00209d2995a63f1e8b7a5c33dee5abb602e32e1835ae8bb57eb264d8d795
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_sect233r1
+PeerKey=ALICE_cf_sect233r1_PUB
+SharedSecret=00209d2995a63f1e8b7a5c33dee5abb602e32e1835ae8bb57eb264d8d795
+
+# ECC CDH Alice with Bob peer
+Derive=ALICE_cf_sect233r1
+PeerKey=BOB_cf_sect233r1_PUB
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=00c3cd1d38a65f5e421399409a76cec1136bc84149f054a7f55e7980c612
+
+# ECC CDH Bob with Alice peer
+Derive=BOB_cf_sect233r1
+PeerKey=ALICE_cf_sect233r1_PUB
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=00c3cd1d38a65f5e421399409a76cec1136bc84149f054a7f55e7980c612
+
+PublicKey=MALICE_cf_sect233r1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYf4
+Vie5eHTnR+4x4G1xyq7qUvISU+X5RtBh2pE4
+-----END PUBLIC KEY-----
+
+# ECC CDH Bob with Malice peer
+Derive=BOB_cf_sect233r1
+PeerKey=MALICE_cf_sect233r1_PUB
+Ctrl=ecdh_cofactor_mode:1
+Result=DERIVE_ERROR
+Reason=point at infinity
+
+# ECC CDH Alice with Malice peer
+Derive=ALICE_cf_sect233r1
+PeerKey=MALICE_cf_sect233r1_PUB
+Ctrl=ecdh_cofactor_mode:1
+Result=DERIVE_ERROR
+Reason=point at infinity
+
+Title=sect283k1 curve tests
+
+PrivateKey=ALICE_cf_sect283k1
+-----BEGIN PRIVATE KEY-----
+MEICAQAwEAYHKoZIzj0CAQYFK4EEABAEKzApAgEBBCQAY1Mi9rST7PiP1t03qYRczV/kSZ+VjQu8
+5EFCgxyvkaLManw=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_sect283k1_PUB
+-----BEGIN PUBLIC KEY-----
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBMjBO8WoxHS/vz8po52WZGxS+RK5yolrUe6tfbAMA3Sd
+5/JjBDVjOz95vM4gUnqzUWHN5nKBQtj6HiU9Q/R+zqg98OiQKTyA
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_sect283k1:ALICE_cf_sect283k1_PUB
+
+PrivateKey=BOB_cf_sect283k1
+-----BEGIN PRIVATE KEY-----
+MEICAQAwEAYHKoZIzj0CAQYFK4EEABAEKzApAgEBBCQBCZC8Is+YSjgXJBBDioEl6gu14QpGHllD
+1J6957vBTPSQdH0=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_sect283k1_PUB
+-----BEGIN PUBLIC KEY-----
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAGEQKZVHYAlvtjHrFyZVm12qUb5j+T5/WNoC962+kwUM
+QkBYA5BpuG8Knlugq1iB31whPAgRCZfdLKHpHRPJSfXvKyUIdeUm
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_sect283k1:BOB_cf_sect283k1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_sect283k1
+PeerKey=BOB_cf_sect283k1_PUB
+SharedSecret=03f67c88bdc230b43773d17fdb4d0a980556d074ceccee726932160e4ed965e3be72803c
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_sect283k1
+PeerKey=ALICE_cf_sect283k1_PUB
+SharedSecret=03f67c88bdc230b43773d17fdb4d0a980556d074ceccee726932160e4ed965e3be72803c
+
+# ECC CDH Alice with Bob peer
+Derive=ALICE_cf_sect283k1
+PeerKey=BOB_cf_sect283k1_PUB
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=0677ba01c84d139609ca145cb5b6079fc9ca67f59c9c913e47cad1073f1d1dfaddde0169
+
+# ECC CDH Bob with Alice peer
+Derive=BOB_cf_sect283k1
+PeerKey=ALICE_cf_sect283k1_PUB
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=0677ba01c84d139609ca145cb5b6079fc9ca67f59c9c913e47cad1073f1d1dfaddde0169
+
+PublicKey=MALICE_cf_sect283k1_PUB
+-----BEGIN PUBLIC KEY-----
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB
+-----END PUBLIC KEY-----
+
+# ECC CDH Bob with Malice peer
+Derive=BOB_cf_sect283k1
+PeerKey=MALICE_cf_sect283k1_PUB
+Ctrl=ecdh_cofactor_mode:1
+Result=DERIVE_ERROR
+Reason=point at infinity
+
+# ECC CDH Alice with Malice peer
+Derive=ALICE_cf_sect283k1
+PeerKey=MALICE_cf_sect283k1_PUB
+Ctrl=ecdh_cofactor_mode:1
+Result=DERIVE_ERROR
+Reason=point at infinity
+
+Title=sect283r1 curve tests
+
+PrivateKey=ALICE_cf_sect283r1
+-----BEGIN PRIVATE KEY-----
+MEICAQAwEAYHKoZIzj0CAQYFK4EEABEEKzApAgEBBCQCQ5pqKvPxDysd1pi2Bv8Z11cFhsRZfuaf
+4Pi0hpGr4ubZcHE=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_sect283r1_PUB
+-----BEGIN PUBLIC KEY-----
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBcsrGDgO7pbGybQX/00gRHtQq3+X9XrGb7Uzv9Nabwc/
+kntnBMF0I2KU+aaTjQx1GVtmNf7CvFwPLEBnfKjJAjekjsGyIqoq
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_sect283r1:ALICE_cf_sect283r1_PUB
+
+PrivateKey=BOB_cf_sect283r1
+-----BEGIN PRIVATE KEY-----
+MEICAQAwEAYHKoZIzj0CAQYFK4EEABEEKzApAgEBBCQDxItnY3cDCrX/jGnVuAKDPaySZCr3E83Q
+UdFnP6YIykt7+Pg=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_sect283r1_PUB
+-----BEGIN PUBLIC KEY-----
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBJ2C9BCkX0YRfs2ufgUKvreUXFWp2AGK+iHlZB4N3LqO
+PKpmAkrAeCMty6mw2mEnOR5HA1d4Ee+z7/NJgJJ80Ra9bFnreOW3
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_sect283r1:BOB_cf_sect283r1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_sect283r1
+PeerKey=BOB_cf_sect283r1_PUB
+SharedSecret=0424259cf09727574fb863cab7c27d8fe3835e96433110a45a951f94347fc81939ec4773
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_sect283r1
+PeerKey=ALICE_cf_sect283r1_PUB
+SharedSecret=0424259cf09727574fb863cab7c27d8fe3835e96433110a45a951f94347fc81939ec4773
+
+# ECC CDH Alice with Bob peer
+Derive=ALICE_cf_sect283r1
+PeerKey=BOB_cf_sect283r1_PUB
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=01c2a542654ce85b17456ed75b6bca6b6eb761580913670debc426a3525f236df0e875c8
+
+# ECC CDH Bob with Alice peer
+Derive=BOB_cf_sect283r1
+PeerKey=ALICE_cf_sect283r1_PUB
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=01c2a542654ce85b17456ed75b6bca6b6eb761580913670debc426a3525f236df0e875c8
+
+PublicKey=MALICE_cf_sect283r1_PUB
+-----BEGIN PUBLIC KEY-----
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAByvMnFeSsevoGYMIn7b4NaL9IgowRCTKF8CCrhdEKu3pubP2
+-----END PUBLIC KEY-----
+
+# ECC CDH Bob with Malice peer
+Derive=BOB_cf_sect283r1
+PeerKey=MALICE_cf_sect283r1_PUB
+Ctrl=ecdh_cofactor_mode:1
+Result=DERIVE_ERROR
+Reason=point at infinity
+
+# ECC CDH Alice with Malice peer
+Derive=ALICE_cf_sect283r1
+PeerKey=MALICE_cf_sect283r1_PUB
+Ctrl=ecdh_cofactor_mode:1
+Result=DERIVE_ERROR
+Reason=point at infinity
+
+Title=sect409k1 curve tests
+
+PrivateKey=ALICE_cf_sect409k1
+-----BEGIN PRIVATE KEY-----
+MFECAQAwEAYHKoZIzj0CAQYFK4EEACQEOjA4AgEBBDMOthcLahkXFgM0wjOzm767D1A72sFRGlhb
+bVH+EB7z2WpIcPX4OD+M4Y1pf/a7wSaoSAo=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_sect409k1_PUB
+-----BEGIN PUBLIC KEY-----
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAbiYYpeFgCMsZFMzQaiwMJDrC+mCMT7KmhYtD5EMMgLW
+5OvhaqYdpRf49A8LOtVcRT7J5gGcMrXQgmQeS3FenA5owWnB2NIgrTNf5d8AAEtrOupsJ4c3kL6e
+aAzayZ1+UCEj8skbC9U=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_sect409k1:ALICE_cf_sect409k1_PUB
+
+PrivateKey=BOB_cf_sect409k1
+-----BEGIN PRIVATE KEY-----
+MFECAQAwEAYHKoZIzj0CAQYFK4EEACQEOjA4AgEBBDMO43ldQllTewdZwffH4OEXdzBrLwabKsn4
+6/hjgIAaYda/pt4yCEQLMp18QgtfMey5ENI=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_sect409k1_PUB
+-----BEGIN PUBLIC KEY-----
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAVTQj6hRizVmOx4Z6vroN/zMkmAY+QhkQ0CnFeJ0AydY
+Fv+f+/420vMC1Mhqsc9VzPMmIAH6ZrgGKDsd4Ce9JUtYE0rVhGeiG2RaN1U5RlhVK4avkWhFlyQ5
+vuu4aApQiWE3yQd9v/I=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_sect409k1:BOB_cf_sect409k1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_sect409k1
+PeerKey=BOB_cf_sect409k1_PUB
+SharedSecret=01fbe13188588c9d1ac3a8a2680ea9a009b28e4b7d7fa4efcb1a22553876fb7973616819fd87c75e5b8ce6e3628595e4ce12edb0
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_sect409k1
+PeerKey=ALICE_cf_sect409k1_PUB
+SharedSecret=01fbe13188588c9d1ac3a8a2680ea9a009b28e4b7d7fa4efcb1a22553876fb7973616819fd87c75e5b8ce6e3628595e4ce12edb0
+
+# ECC CDH Alice with Bob peer
+Derive=ALICE_cf_sect409k1
+PeerKey=BOB_cf_sect409k1_PUB
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=007e9485f7234bb2255bb40e51f4be867cb0ef31f8e489a697b31b51c4d5346daaee51e96ae6f9636e6e3af56095fe28755325ee
+
+# ECC CDH Bob with Alice peer
+Derive=BOB_cf_sect409k1
+PeerKey=ALICE_cf_sect409k1_PUB
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=007e9485f7234bb2255bb40e51f4be867cb0ef31f8e489a697b31b51c4d5346daaee51e96ae6f9636e6e3af56095fe28755325ee
+
+PublicKey=MALICE_cf_sect409k1_PUB
+-----BEGIN PUBLIC KEY-----
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAA=
+-----END PUBLIC KEY-----
+
+# ECC CDH Bob with Malice peer
+Derive=BOB_cf_sect409k1
+PeerKey=MALICE_cf_sect409k1_PUB
+Ctrl=ecdh_cofactor_mode:1
+Result=DERIVE_ERROR
+Reason=point at infinity
+
+# ECC CDH Alice with Malice peer
+Derive=ALICE_cf_sect409k1
+PeerKey=MALICE_cf_sect409k1_PUB
+Ctrl=ecdh_cofactor_mode:1
+Result=DERIVE_ERROR
+Reason=point at infinity
+
+Title=sect409r1 curve tests
+
+PrivateKey=ALICE_cf_sect409r1
+-----BEGIN PRIVATE KEY-----
+MFICAQAwEAYHKoZIzj0CAQYFK4EEACUEOzA5AgEBBDQAxSC9lST5dtfXQI1Ug9VMMoue3GGni5ON
++gieyXK2KKbd29KAPs4/AOd8kX2wQDsZPO7E
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_sect409r1_PUB
+-----BEGIN PUBLIC KEY-----
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEASAvXAM15DJerAu1JttpBuMJK1/fEfFohu2iEpt3r7Ui
+iQoER6HUsWiw1hhcJyTv7WzpJQHFWrOlJMe/KjmQa/CygSc65YHDzG27oUL+KGdQUGc79ZRSwl/q
+fGZqa3D+bDVMwrhmZto=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_sect409r1:ALICE_cf_sect409r1_PUB
+
+PrivateKey=BOB_cf_sect409r1
+-----BEGIN PRIVATE KEY-----
+MFICAQAwEAYHKoZIzj0CAQYFK4EEACUEOzA5AgEBBDQARen+1P3JQzBgOv0pUYwsZTPRVLpqqDAU
+7mKL2lk9eH7zSGmtNoMvP2m1S2dBnXxFY/bV
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_sect409r1_PUB
+-----BEGIN PUBLIC KEY-----
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAbDUw066TtdfOpDvrlKosEyqUNEG7rY+AKvDqKw+HOzf
+sUTYee6cEf71oqJ1sCKPQiYzlwCu/HLQeWPxISE6Uo+53kkeJml2xpMBwoE25Gq/DSS61dR7SRTZ
++sUmumbIuGzbrjtMRmw=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_sect409r1:BOB_cf_sect409r1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_sect409r1
+PeerKey=BOB_cf_sect409r1_PUB
+SharedSecret=00a751259cdb3b445ce71a40a01a2189dfce70226111190505fc6eabe4e5a05bff7af55f2015e1ffcab6aea7ea9a6e74905da2a1
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_sect409r1
+PeerKey=ALICE_cf_sect409r1_PUB
+SharedSecret=00a751259cdb3b445ce71a40a01a2189dfce70226111190505fc6eabe4e5a05bff7af55f2015e1ffcab6aea7ea9a6e74905da2a1
+
+# ECC CDH Alice with Bob peer
+Derive=ALICE_cf_sect409r1
+PeerKey=BOB_cf_sect409r1_PUB
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=0115a31aed416c5089d74a263ec300aff13a5329c6ad27de950ae0b0917b40a3464fccf5691ac9633a51e5177a82b15cfc434aad
+
+# ECC CDH Bob with Alice peer
+Derive=BOB_cf_sect409r1
+PeerKey=ALICE_cf_sect409r1_PUB
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=0115a31aed416c5089d74a263ec300aff13a5329c6ad27de950ae0b0917b40a3464fccf5691ac9633a51e5177a82b15cfc434aad
+
+PublicKey=MALICE_cf_sect409r1_PUB
+-----BEGIN PUBLIC KEY-----
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAACZNffkdo7i7yL5tKKfU8tdk6su0K185XwbJkn96JWVDPZXZ3My
+bFKKSOJ7hyrM8Lwl1e8=
+-----END PUBLIC KEY-----
+
+# ECC CDH Bob with Malice peer
+Derive=BOB_cf_sect409r1
+PeerKey=MALICE_cf_sect409r1_PUB
+Ctrl=ecdh_cofactor_mode:1
+Result=DERIVE_ERROR
+Reason=point at infinity
+
+# ECC CDH Alice with Malice peer
+Derive=ALICE_cf_sect409r1
+PeerKey=MALICE_cf_sect409r1_PUB
+Ctrl=ecdh_cofactor_mode:1
+Result=DERIVE_ERROR
+Reason=point at infinity
+
+Title=sect571k1 curve tests
+
+PrivateKey=ALICE_cf_sect571k1
+-----BEGIN PRIVATE KEY-----
+MGYCAQAwEAYHKoZIzj0CAQYFK4EEACYETzBNAgEBBEgB4agvk7Qdf9bVb9aMVdtXL0MuVw6dTleB
+zrpPMYty/piI5GWkQEGVp4OJSjF1BGgWmtYSYlV0oI8jJ7hfWTjVGfVWix4ipb8=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_sect571k1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDUZq0ZrgYpTXNpOptjExaur0K9FAYHv1j9cvAptwX
+dcmQf3VqekMkGZCfNdqNeqCajG3QHRkBHe4FZhWr3FXi8whvvr463lUDf+t46un1kE6FTYfhILGa
+sBZm7OdfkarYd9TXBbmnkFA+XkyPlkM1+6daM3/WmnegK+TYghFDXLgwiyF8s0ElllF7z38Gmc4=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_sect571k1:ALICE_cf_sect571k1_PUB
+
+PrivateKey=BOB_cf_sect571k1
+-----BEGIN PRIVATE KEY-----
+MGYCAQAwEAYHKoZIzj0CAQYFK4EEACYETzBNAgEBBEgA3pINxGOI7L9M+Mil+bm/udPwI4xu7ubJ
+p3aoOepTXW94laf8wjFLcQnRUwH87Vbq9VLQEfCAFvr2vZoBc+5asnNuDhRNNeQ=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_sect571k1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDZRr5GCSq2uzGxmWNB+bED7zye18Rr/KehwXrbn1r
+rKtR8fe+dg2V15FieC3qZe/wCpMtyp79VmEabGi6iGLlAN/rUE81URsA/K7GVpmklslV5gmwryR0
+3E7jGKPFesun9iNtmpgM18P9y3aJd4Qr4hMlwW2Nyw187l6QB/W2e/i+8vKXFTLHlz5WLAyAcpA=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_sect571k1:BOB_cf_sect571k1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_sect571k1
+PeerKey=BOB_cf_sect571k1_PUB
+SharedSecret=02b79c92cee50dc5b9fdddce36d4fa2e28d7d178cd74e575961f39429496305b38815c840c2e66327435c044ed885ec964068531251a2112717602532e8b6d5411db2fe05c1ac18c
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_sect571k1
+PeerKey=ALICE_cf_sect571k1_PUB
+SharedSecret=02b79c92cee50dc5b9fdddce36d4fa2e28d7d178cd74e575961f39429496305b38815c840c2e66327435c044ed885ec964068531251a2112717602532e8b6d5411db2fe05c1ac18c
+
+# ECC CDH Alice with Bob peer
+Derive=ALICE_cf_sect571k1
+PeerKey=BOB_cf_sect571k1_PUB
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=063aea789492c9727a5a6b7f24e8d3d377c70ee8e86b13664e191a53b1905e90e78b85960b1881db5160c7c5cacca0d686d9e104140d565eeeec17426f93d3a7ba639ecd716b43d2
+
+# ECC CDH Bob with Alice peer
+Derive=BOB_cf_sect571k1
+PeerKey=ALICE_cf_sect571k1_PUB
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=063aea789492c9727a5a6b7f24e8d3d377c70ee8e86b13664e191a53b1905e90e78b85960b1881db5160c7c5cacca0d686d9e104140d565eeeec17426f93d3a7ba639ecd716b43d2
+
+PublicKey=MALICE_cf_sect571k1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE=
+-----END PUBLIC KEY-----
+
+# ECC CDH Bob with Malice peer
+Derive=BOB_cf_sect571k1
+PeerKey=MALICE_cf_sect571k1_PUB
+Ctrl=ecdh_cofactor_mode:1
+Result=DERIVE_ERROR
+Reason=point at infinity
+
+# ECC CDH Alice with Malice peer
+Derive=ALICE_cf_sect571k1
+PeerKey=MALICE_cf_sect571k1_PUB
+Ctrl=ecdh_cofactor_mode:1
+Result=DERIVE_ERROR
+Reason=point at infinity
+
+Title=sect571r1 curve tests
+
+PrivateKey=ALICE_cf_sect571r1
+-----BEGIN PRIVATE KEY-----
+MGYCAQAwEAYHKoZIzj0CAQYFK4EEACcETzBNAgEBBEgAxfL2/gUsmJonvDMR95Azq1ySgXMlKSRk
++PL+WaS92ZyOo45HaC7RpH5sdkf4b948u6y1BXOxGZuORXy6lgbgZ1Zx2UgL3cI=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_cf_sect571r1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBK5L9ccIWacU2A1srZ35opPu6kcbEOsBPmvj/rlMS
+fFrdMOcagOYfcD0/ouYHPhvkHbr9k87IlQJfnV6ZNRA4PmWSp/FjkNwETm/fqTCUQHti/qqnKH7R
+Ed4fYROLFGvz+PX6E20SryOt1vrmoRyC7Z5FVmgMVOQQ1AaBNAHi3+IPtKx41YdXdbqHJxuI5jE=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=ALICE_cf_sect571r1:ALICE_cf_sect571r1_PUB
+
+PrivateKey=BOB_cf_sect571r1
+-----BEGIN PRIVATE KEY-----
+MGYCAQAwEAYHKoZIzj0CAQYFK4EEACcETzBNAgEBBEgAzcRvASPpWi0ybpOGlj0Lozz01C2a5oDA
+G5alib1EmZKcpVULxJXn75FQlTKpkUEuWUgA4yk5X5DTiScUuh4LDhaF3AFhsEY=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_cf_sect571r1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQH3dnL22NajtqDWTX6qD14w1BOlpHFBUPTr24VySlh
+kiiBlOF95u7hFr/hSb7gm/3f+IVKyE18Sh2kR4KaxWcPWKY5xKTiqiICT7hCistuzNRt8gR+kNOT
+c1rETMV6ZruZinwzEWWWjwJf6612oy2HG3CX3B8Rm+a3sS0q6IzowEwqmDv6v9bMTFk8bsCv0Fk=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair=BOB_cf_sect571r1:BOB_cf_sect571r1_PUB
+
+# ECDH Alice with Bob peer
+Derive=ALICE_cf_sect571r1
+PeerKey=BOB_cf_sect571r1_PUB
+SharedSecret=0031f9879fa75b8c67ba81ee861be634e2b53aa79f834e9a8ca4df7f4461bcb02f083d9fa5b4767f881a710caa6524b58eb626623ba394961d46535204c26d165089e7d4f7be1827
+
+# ECDH Bob with Alice peer
+Derive=BOB_cf_sect571r1
+PeerKey=ALICE_cf_sect571r1_PUB
+SharedSecret=0031f9879fa75b8c67ba81ee861be634e2b53aa79f834e9a8ca4df7f4461bcb02f083d9fa5b4767f881a710caa6524b58eb626623ba394961d46535204c26d165089e7d4f7be1827
+
+# ECC CDH Alice with Bob peer
+Derive=ALICE_cf_sect571r1
+PeerKey=BOB_cf_sect571r1_PUB
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=012e8c2c1554988fe20c5ae7d11cdcfe15c7c6e8d2b6f46a43a45d724bfc7b415ea7594d5c16f770a95d6e65bbcb1f34619db95e89f4fecbcb0bc6a3f92d52df6a49b0e7773e0ac0
+
+# ECC CDH Bob with Alice peer
+Derive=BOB_cf_sect571r1
+PeerKey=ALICE_cf_sect571r1_PUB
+Ctrl=ecdh_cofactor_mode:1
+SharedSecret=012e8c2c1554988fe20c5ae7d11cdcfe15c7c6e8d2b6f46a43a45d724bfc7b415ea7594d5c16f770a95d6e65bbcb1f34619db95e89f4fecbcb0bc6a3f92d52df6a49b0e7773e0ac0
+
+PublicKey=MALICE_cf_sect571r1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHMtVWZAwgtd1zmgWN/9WC
+aNQcWRNUKesEHXqhJVkC5jYsSACodKsLYFNrWEYM0gwG8DQONZSn93G+38EM45tkaZsIRDt2HEM=
+-----END PUBLIC KEY-----
+
+# ECC CDH Bob with Malice peer
+Derive=BOB_cf_sect571r1
+PeerKey=MALICE_cf_sect571r1_PUB
+Ctrl=ecdh_cofactor_mode:1
+Result=DERIVE_ERROR
+Reason=point at infinity
+
+# ECC CDH Alice with Malice peer
+Derive=ALICE_cf_sect571r1
+PeerKey=MALICE_cf_sect571r1_PUB
+Ctrl=ecdh_cofactor_mode:1
+Result=DERIVE_ERROR
+Reason=point at infinity
+
diff --git a/test/recipes/30-test_evp_data/evppkey_ecdh.txt b/test/recipes/30-test_evp_data/evppkey_ecdh.txt
index 35b507896e..f60df1d259 100644
--- a/test/recipes/30-test_evp_data/evppkey_ecdh.txt
+++ b/test/recipes/30-test_evp_data/evppkey_ecdh.txt
@@ -17,53 +17,6 @@
 # Private keys used for PKEY operations.
 
 
-# EC P-256 key
-
-PrivateKey=P-256
------BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgiocvtiiTxNH/xbnw
-+RdYBp+DUuCPoFpJ+NuSbLVyhyWhRANCAAQsFQ9CnOcPIWwlLPXgYs4fY5zV0WXH
-+JQkBywnGX14szuSDpXNtmTpkNzwz+oNlOKo5q+dDlgFbmUxBJJbn+bJ
------END PRIVATE KEY-----
-
-# EC public key for above
-
-PublicKey=P-256-PUBLIC
------BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAELBUPQpznDyFsJSz14GLOH2Oc1dFl
-x/iUJAcsJxl9eLM7kg6VzbZk6ZDc8M/qDZTiqOavnQ5YBW5lMQSSW5/myQ==
------END PUBLIC KEY-----
-
-PrivPubKeyPair = P-256:P-256-PUBLIC
-
-# Additional EC key for ECDH
-PrivateKey=P-256-Peer
------BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg/URzu1TDNwUFWZ3i
-dLISAZpEY0vfJ2pLB7f+Xnjyl2OhRANCAAQgBuXhSgeKpz+4piXlYSVLvy0NT+wK
-uZWUI3LqUUCV07wg+RLLMY8yNK9kjqcgZDs/cB+bet64nQq+dNnvtpxG
------END PRIVATE KEY-----
-
-PublicKey=P-256-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEIAbl4UoHiqc/uKYl5WElS78tDU/s
-CrmVlCNy6lFAldO8IPkSyzGPMjSvZI6nIGQ7P3Afm3reuJ0KvnTZ77acRg==
------END PUBLIC KEY-----
-
-PrivPubKeyPair = P-256-Peer:P-256-Peer-PUBLIC
-
-Title = ECDH tests
-
-
-Derive=P-256
-PeerKey=P-256-Peer-PUBLIC
-SharedSecret=E3CC07DFBDDE76A1139811DB9FF5FAF9D17EF39944F1E77D1F6A208524BF7B1B
-
-
-Derive=P-256-Peer
-PeerKey=P-256-PUBLIC
-SharedSecret=E3CC07DFBDDE76A1139811DB9FF5FAF9D17EF39944F1E77D1F6A208524BF7B1B
-
 Title = ECDH tests (with random keys)
 
 # TEST CURVE secp112r1
@@ -470,52 +423,6 @@ Derive=BOB_secp224k1
 PeerKey=ALICE_secp224k1_PUB
 SharedSecret=80b65e65fe29c779213dd31189d371ff57b0b2bf08c6458ed142399a
 
-# TEST CURVE secp224r1
-
-PrivateKey=ALICE_secp224r1
------BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBxLKkXFJXYqGUlTsmgjlesi
-kwqejrekrkSTbehyoTwDOgAEUcEh0Ggy/rD+Nj9JQozzI+qzPtiU7b2D2HtdCa4h
-fbVPXngcRH2B2xN8W+dcHoIxrxO2UFXy4xo=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_secp224r1_PUB
------BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEUcEh0Ggy/rD+Nj9JQozzI+qzPtiU7b2D
-2HtdCa4hfbVPXngcRH2B2xN8W+dcHoIxrxO2UFXy4xo=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = ALICE_secp224r1:ALICE_secp224r1_PUB
-
-
-PrivateKey=BOB_secp224r1
------BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBzOHGGUR3fZYg3GSaUN6pxo
-NQtAlOzM3UclEhMzoTwDOgAEdwFklK/YoDRU6bM7X2ulNLwqx9TUETMFUM6VV9DB
-4YcvAzv6pQgVwYEU7IahmSKpX19chbPt2I0=
------END PRIVATE KEY-----
-
-PublicKey=BOB_secp224r1_PUB
------BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEdwFklK/YoDRU6bM7X2ulNLwqx9TUETMF
-UM6VV9DB4YcvAzv6pQgVwYEU7IahmSKpX19chbPt2I0=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = BOB_secp224r1:BOB_secp224r1_PUB
-
-
-# ECDH Alice with Bob peer
-
-Derive=ALICE_secp224r1
-PeerKey=BOB_secp224r1_PUB
-SharedSecret=34ea06d16d82f0d1725de47f3639ac0c23db7d7ed68f01488539a2a5
-
-# ECDH Bob with Alice peer
-
-Derive=BOB_secp224r1
-PeerKey=ALICE_secp224r1_PUB
-SharedSecret=34ea06d16d82f0d1725de47f3639ac0c23db7d7ed68f01488539a2a5
-
 # TEST CURVE secp256k1
 
 PrivateKey=ALICE_secp256k1
@@ -562,158 +469,6 @@ Derive=BOB_secp256k1
 PeerKey=ALICE_secp256k1_PUB
 SharedSecret=af43b52790082fd87afb1d14b883c12d12bb9e554080d1f8e527920676e31f3e
 
-# TEST CURVE secp384r1
-
-PrivateKey=ALICE_secp384r1
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCxE7Q4m1dsK7M3Otxo
-cgY/ejX9JOKKdAtSnRiU4bnK3eFmALkMN7XIveQnWLB1PEKhZANiAAQaUsvUFr/u
-ISpAmYqYZIme4VassCtb0tNGU97s3qt4ozcogZ4z+fIzXZ4YXqfGoEa57+uQDgqr
-+jNOTji7Gxopt6AqZ9EvwuVaCuunUi0pcx6cc8IuUfrwMwSFovV/7sM=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_secp384r1_PUB
------BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEGlLL1Ba/7iEqQJmKmGSJnuFWrLArW9LT
-RlPe7N6reKM3KIGeM/nyM12eGF6nxqBGue/rkA4Kq/ozTk44uxsaKbegKmfRL8Ll
-Wgrrp1ItKXMenHPCLlH68DMEhaL1f+7D
------END PUBLIC KEY-----
-
-PrivPubKeyPair = ALICE_secp384r1:ALICE_secp384r1_PUB
-
-
-PrivateKey=BOB_secp384r1
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBRiGXRsb5sUq0b3/dg
-Z+pA9kbrSivBMCUCXVwxno1d/30hI/Yy0Z5PWwbBgwTFprWhZANiAASp1FeUOBJF
-mzQCNbGiOz8He0kF+KIf24UGYVO5MC7u5rV9hpoYsbcgmwxALskPN18os2ygK1Pn
-f/h+WALIsG2RknSTbiyvBYkoIhJV9cflvEDpMeaWSLF7qJ5YjEIf9PM=
------END PRIVATE KEY-----
-
-PublicKey=BOB_secp384r1_PUB
------BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEqdRXlDgSRZs0AjWxojs/B3tJBfiiH9uF
-BmFTuTAu7ua1fYaaGLG3IJsMQC7JDzdfKLNsoCtT53/4flgCyLBtkZJ0k24srwWJ
-KCISVfXH5bxA6THmlkixe6ieWIxCH/Tz
------END PUBLIC KEY-----
-
-PrivPubKeyPair = BOB_secp384r1:BOB_secp384r1_PUB
-
-
-# ECDH Alice with Bob peer
-
-Derive=ALICE_secp384r1
-PeerKey=BOB_secp384r1_PUB
-SharedSecret=2006ed49acbb991b8fbf8a15c3f263542496eaefe1e2952591b72fb929463eac7a403a5419cebbfb73734918eaed59fd
-
-# ECDH Bob with Alice peer
-
-Derive=BOB_secp384r1
-PeerKey=ALICE_secp384r1_PUB
-SharedSecret=2006ed49acbb991b8fbf8a15c3f263542496eaefe1e2952591b72fb929463eac7a403a5419cebbfb73734918eaed59fd
-
-# TEST CURVE secp521r1
-
-PrivateKey=ALICE_secp521r1
------BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAFBIz3FLAuX8VCWzM
-wu1f/tm8pf1QqnsdLqaIWCQAJa2W5ldpJTYfkj1gGxM44AD3qHnkXISvNLwwuxI1
-hr2+pOGhgYkDgYYABACWlOOFYk/p3AS2LxEQWBuMm6uIjo3XArjh1QrsLcUc5hhi
-82CIz6kKwKjCnYRDHq4iv1x63rVEzGGhQOM1g+cRVwHSpfbBpaxK7bMLkVFOOavv
-OdcdyRHaHsvxw2pREmdS/GwtfgT8odQrG06KMIwVeL+H08fGJSbPX0Zock0DOPCp
-aw==
------END PRIVATE KEY-----
-
-PublicKey=ALICE_secp521r1_PUB
------BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAlpTjhWJP6dwEti8REFgbjJuriI6N
-1wK44dUK7C3FHOYYYvNgiM+pCsCowp2EQx6uIr9cet61RMxhoUDjNYPnEVcB0qX2
-waWsSu2zC5FRTjmr7znXHckR2h7L8cNqURJnUvxsLX4E/KHUKxtOijCMFXi/h9PH
-xiUmz19GaHJNAzjwqWs=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = ALICE_secp521r1:ALICE_secp521r1_PUB
-
-
-PrivateKey=BOB_secp521r1
------BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIA9C/sMWveRlHPr9P5
-cc3U+1L2/zB0VtHewKSQRWZ67SmS4+m7uXTqUVSLRHiQEgQid0cg77gSxXPlmV+z
-y0f3zd+hgYkDgYYABAE18N3SwDGtea3IOqUdh3j0JtnMeP41i/agEBlxK8/iEBXc
-Q61mkIrQIKcabRhoylEugXHiyNnqNQOD4DUa0bTKzAHtJ4UqqbEVno6byRmcUQwb
-mvG89eS8GLEmk5X/O2atHU4yIGTuTRQWn/BTJUCS+OgJz4FZdadscc5Z640EZqSD
-iw==
------END PRIVATE KEY-----
-
-PublicKey=BOB_secp521r1_PUB
------BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBNfDd0sAxrXmtyDqlHYd49CbZzHj+
-NYv2oBAZcSvP4hAV3EOtZpCK0CCnGm0YaMpRLoFx4sjZ6jUDg+A1GtG0yswB7SeF
-KqmxFZ6Om8kZnFEMG5rxvPXkvBixJpOV/ztmrR1OMiBk7k0UFp/wUyVAkvjoCc+B
-WXWnbHHOWeuNBGakg4s=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = BOB_secp521r1:BOB_secp521r1_PUB
-
-
-# ECDH Alice with Bob peer
-
-Derive=ALICE_secp521r1
-PeerKey=BOB_secp521r1_PUB
-SharedSecret=018c8f33e544a0fa8854dcd96bdba75b7687d1c42b2ff1bf0a06d49c424fee96d8a7f3af3119dcbfabc1c147477c50f7c72971956f9bb17ddec6d02b2187f06cf4be
-
-# ECDH Bob with Alice peer
-
-Derive=BOB_secp521r1
-PeerKey=ALICE_secp521r1_PUB
-SharedSecret=018c8f33e544a0fa8854dcd96bdba75b7687d1c42b2ff1bf0a06d49c424fee96d8a7f3af3119dcbfabc1c147477c50f7c72971956f9bb17ddec6d02b2187f06cf4be
-
-# TEST CURVE prime192v1
-
-PrivateKey=ALICE_prime192v1
------BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjxfXvSFNqD2UzFVN1L
-bQrPlzop7dxQq/ehNAMyAATibpGuYzCjkT1tWLYEogpKz74WqhvbQtZPkCYQCin1
-cmZuNW+BZ0jyVEpGlpnZPMg=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_prime192v1_PUB
------BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE4m6RrmMwo5E9bVi2BKIKSs++Fqob
-20LWT5AmEAop9XJmbjVvgWdI8lRKRpaZ2TzI
------END PUBLIC KEY-----
-
-PrivPubKeyPair = ALICE_prime192v1:ALICE_prime192v1_PUB
-
-
-PrivateKey=BOB_prime192v1
------BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhewaqXNZlYyqnmuEEE
-Y/oUXe3/jpzhmyGhNAMyAASkpwNJEP/1FuuWKCDDUm26iyqrs+zKwayZnaF77YC6
-qCtgia7yNcSl9tlWHh3gQgw=
------END PRIVATE KEY-----
-
-PublicKey=BOB_prime192v1_PUB
------BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEpKcDSRD/9Rbrliggw1Jtuosqq7Ps
-ysGsmZ2he+2AuqgrYImu8jXEpfbZVh4d4EIM
------END PUBLIC KEY-----
-
-PrivPubKeyPair = BOB_prime192v1:BOB_prime192v1_PUB
-
-
-# ECDH Alice with Bob peer
-
-Derive=ALICE_prime192v1
-PeerKey=BOB_prime192v1_PUB
-SharedSecret=be2a779b587f8f5d7c9d8f006e0a6d0e996c9c63c255f861
-
-# ECDH Bob with Alice peer
-
-Derive=BOB_prime192v1
-PeerKey=ALICE_prime192v1_PUB
-SharedSecret=be2a779b587f8f5d7c9d8f006e0a6d0e996c9c63c255f861
-
 # TEST CURVE prime192v2
 
 PrivateKey=ALICE_prime192v2
@@ -944,52 +699,6 @@ Derive=BOB_prime239v3
 PeerKey=ALICE_prime239v3_PUB
 SharedSecret=78e80ae760061178bd005e9e3634333971468bc6d3f82baee238c5ed32f9
 
-# TEST CURVE prime256v1
-
-PrivateKey=ALICE_prime256v1
------BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQglUPDk8gQ8lMj38V7
-0jPBZDfQUx5pNOVSKOMTqlh04POhRANCAARq87w+K0q9b1mzJGh309kjNvYTS02m
-YkHKxAewiZwmt/5w+5uywz/+0130SdAWbXtECjaHUK94YEHzp0G/PCl5
------END PRIVATE KEY-----
-
-PublicKey=ALICE_prime256v1_PUB
------BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEavO8PitKvW9ZsyRod9PZIzb2E0tN
-pmJBysQHsImcJrf+cPubssM//tNd9EnQFm17RAo2h1CveGBB86dBvzwpeQ==
------END PUBLIC KEY-----
-
-PrivPubKeyPair = ALICE_prime256v1:ALICE_prime256v1_PUB
-
-
-PrivateKey=BOB_prime256v1
------BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgNsLfn/sRZfm9ZcM7
-xURiUHT7+w8Jgk9SbwTVDjpLYYmhRANCAASRmyKNgUbADGxkIOAVh9T7IXv2ZDT6
-I5YMW6wOs27VMOAD0AiNLrv7sW1TdqxkUtF17/GFpLvFOuZcbdX4p3i/
------END PRIVATE KEY-----
-
-PublicKey=BOB_prime256v1_PUB
------BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEkZsijYFGwAxsZCDgFYfU+yF79mQ0
-+iOWDFusDrNu1TDgA9AIjS67+7FtU3asZFLRde/xhaS7xTrmXG3V+Kd4vw==
------END PUBLIC KEY-----
-
-PrivPubKeyPair = BOB_prime256v1:BOB_prime256v1_PUB
-
-
-# ECDH Alice with Bob peer
-
-Derive=ALICE_prime256v1
-PeerKey=BOB_prime256v1_PUB
-SharedSecret=390021fbca00d959c1adaf7e9cedef0e65a582489eab9adbe739ef66bf82adb4
-
-# ECDH Bob with Alice peer
-
-Derive=BOB_prime256v1
-PeerKey=ALICE_prime256v1_PUB
-SharedSecret=390021fbca00d959c1adaf7e9cedef0e65a582489eab9adbe739ef66bf82adb4
-
 # TEST CURVE sect113r1
 
 PrivateKey=ALICE_sect113r1
@@ -1166,685 +875,189 @@ Derive=BOB_sect131r2
 PeerKey=ALICE_sect131r2_PUB
 SharedSecret=03cbec3a3050c7f13d4801ad692d61c417
 
-# TEST CURVE sect163k1
-
-PrivateKey=ALICE_sect163k1
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBxkeGOXE86PAijpk8trN/
-f3kl4UmhLgMsAAQD1hrDCJ2MSFKZ6Q11cTllX/l5HY0Hg5XZCxMFC84AaczwPtNJ
-YNCxfCk=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_sect163k1_PUB
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA9YawwidjEhSmekNdXE5ZV/5eR2NB4OV
-2QsTBQvOAGnM8D7TSWDQsXwp
------END PUBLIC KEY-----
-
-PrivPubKeyPair = ALICE_sect163k1:ALICE_sect163k1_PUB
-
-
-PrivateKey=BOB_sect163k1
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUCUJ5kItSfXidHXsgokcS7
-nzPFbOShLgMsAAQGrYNJ1qgdb3A9ISOmTujfS+WYFKwBXXrJEluAkeNh3jXnDq8X
-+XBB0k8=
------END PRIVATE KEY-----
-
-PublicKey=BOB_sect163k1_PUB
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBq2DSdaoHW9wPSEjpk7o30vlmBSsAV16
-yRJbgJHjYd415w6vF/lwQdJP
------END PUBLIC KEY-----
-
-PrivPubKeyPair = BOB_sect163k1:BOB_sect163k1_PUB
-
-
-# ECDH Alice with Bob peer
-
-Derive=ALICE_sect163k1
-PeerKey=BOB_sect163k1_PUB
-SharedSecret=07bfdf00759b383aa7741ae4634400f8ddf2047092
-
-# ECDH Bob with Alice peer
-
-Derive=BOB_sect163k1
-PeerKey=ALICE_sect163k1_PUB
-SharedSecret=07bfdf00759b383aa7741ae4634400f8ddf2047092
-
 # TEST CURVE sect163r1
 
-PrivateKey=ALICE_sect163r1
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAIETDBKAgEBBBUBl9zmlPmFF5v9h1IIENAx
-1b8tj0+hLgMsAAQE3j8Jn58CCtEDwvOZ5DwgYGBYvIECz1zN8UwPfTFSdXjTWQcr
-9gWxNMA=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_sect163r1_PUB
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAIDLAAEBN4/CZ+fAgrRA8LzmeQ8IGBgWLyBAs9c
-zfFMD30xUnV401kHK/YFsTTA
------END PUBLIC KEY-----
-
-PrivPubKeyPair = ALICE_sect163r1:ALICE_sect163r1_PUB
-
-
-PrivateKey=BOB_sect163r1
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAIETDBKAgEBBBUA/nzN5yCavvZlXyDGEihW
-rwG360+hLgMsAAQDt6XZHfzXABSTnGhzfoPtfdLZgaoGhBdeWz+318vNmC6AMJP+
-PntHzsA=
------END PRIVATE KEY-----
-
-PublicKey=BOB_sect163r1_PUB
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAAIDLAAEA7el2R381wAUk5xoc36D7X3S2YGqBoQX
-Xls/t9fLzZgugDCT/j57R87A
------END PUBLIC KEY-----
-
-PrivPubKeyPair = BOB_sect163r1:BOB_sect163r1_PUB
-
-
-# ECDH Alice with Bob peer
-
-Derive=ALICE_sect163r1
-PeerKey=BOB_sect163r1_PUB
-SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4
-
-# ECDH Bob with Alice peer
-
-Derive=BOB_sect163r1
-PeerKey=ALICE_sect163r1_PUB
-SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4
-
-# TEST CURVE sect163r2
-
-PrivateKey=ALICE_sect163r2
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDjH2G7BkPTBM4VtljaQr8
-sXVLNOqhLgMsAAQHHqWxJWR2KrHCPp/PSjZIdK88ET0A323/UOTxhYHwsLpR7rp3
-ahq1lQ8=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_sect163r2_PUB
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBx6lsSVkdiqxwj6fz0o2SHSvPBE9AN9t
-/1Dk8YWB8LC6Ue66d2oatZUP
------END PUBLIC KEY-----
-
-PrivPubKeyPair = ALICE_sect163r2:ALICE_sect163r2_PUB
-
-
-PrivateKey=BOB_sect163r2
------BEGIN PRIVATE KEY-----
-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBXOM9Tm6sKXUlRLlW0HgC
-NTDxW2ihLgMsAAQGxa8xRcC+TIcDgGtehDVEV1PoBokBwtILj16NPYC0aBZI8/nF
-F4jhgmc=
------END PRIVATE KEY-----
-
-PublicKey=BOB_sect163r2_PUB
------BEGIN PUBLIC KEY-----
-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBsWvMUXAvkyHA4BrXoQ1RFdT6AaJAcLS
-C49ejT2AtGgWSPP5xReI4YJn
------END PUBLIC KEY-----
-
-PrivPubKeyPair = BOB_sect163r2:BOB_sect163r2_PUB
-
-
-# ECDH Alice with Bob peer
-
-Derive=ALICE_sect163r2
-PeerKey=BOB_sect163r2_PUB
-SharedSecret=040df54e6df412790ef5c0fafbbfcba5136b872951
-
-# ECDH Bob with Alice peer
-
-Derive=BOB_sect163r2
-PeerKey=ALICE_sect163r2_PUB
-SharedSecret=040df54e6df412790ef5c0fafbbfcba5136b872951
-
-# TEST CURVE sect193r1
-
-PrivateKey=ALICE_sect193r1
------BEGIN PRIVATE KEY-----
-MG8CAQAwEAYHKoZIzj0CAQYFK4EEABgEWDBWAgEBBBkAEQlofBlvj8zDK5o4CCfA
-aOQOmlAyTimBoTYDNAAEAKBcyRBxQDZTvpPM39ZVXYQS5aJwZfUnNwBn5T26m15R
-M4MLnYGdklcAM8oMOML999w=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_sect193r1_PUB
------BEGIN PUBLIC KEY-----
-MEgwEAYHKoZIzj0CAQYFK4EEABgDNAAEAKBcyRBxQDZTvpPM39ZVXYQS5aJwZfUn
-NwBn5T26m15RM4MLnYGdklcAM8oMOML999w=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = ALICE_sect193r1:ALICE_sect193r1_PUB
-
-
-PrivateKey=BOB_sect193r1
------BEGIN PRIVATE KEY-----
-MG8CAQAwEAYHKoZIzj0CAQYFK4EEABgEWDBWAgEBBBkAnxvYLKZaw4Rj24WTRBfg
-iar5vp3R3pCJoTYDNAAEAXw0PWt3PtZT5v9aH0o6WnFtFGOBNEUpYQE/jBjzUHIC
-qMNZTHy9gT2R9yc0GBZ/Dic=
------END PRIVATE KEY-----
-
-PublicKey=BOB_sect193r1_PUB
------BEGIN PUBLIC KEY-----
-MEgwEAYHKoZIzj0CAQYFK4EEABgDNAAEAXw0PWt3PtZT5v9aH0o6WnFtFGOBNEUp
-YQE/jBjzUHICqMNZTHy9gT2R9yc0GBZ/Dic=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = BOB_sect193r1:BOB_sect193r1_PUB
-
-
-# ECDH Alice with Bob peer
-
-Derive=ALICE_sect193r1
-PeerKey=BOB_sect193r1_PUB
-SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47
-
-# ECDH Bob with Alice peer
-
-Derive=BOB_sect193r1
-PeerKey=ALICE_sect193r1_PUB
-SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47
-
-# TEST CURVE sect193r2
-
-PrivateKey=ALICE_sect193r2
------BEGIN PRIVATE KEY-----
-MG8CAQAwEAYHKoZIzj0CAQYFK4EEABkEWDBWAgEBBBkAj54XQW+b3bnX9duvqaa+
-lPTNcvOlxRAvoTYDNAAEAHhW6xjH4TNPs/e12tsZcsGD+a92kAWkwQFc4m1ISx4o
-mtNyCVI7FXV5zNnaGWVACT4=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_sect193r2_PUB
------BEGIN PUBLIC KEY-----
-MEgwEAYHKoZIzj0CAQYFK4EEABkDNAAEAHhW6xjH4TNPs/e12tsZcsGD+a92kAWk
-wQFc4m1ISx4omtNyCVI7FXV5zNnaGWVACT4=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = ALICE_sect193r2:ALICE_sect193r2_PUB
-
-
-PrivateKey=BOB_sect193r2
------BEGIN PRIVATE KEY-----
-MG8CAQAwEAYHKoZIzj0CAQYFK4EEABkEWDBWAgEBBBkAvMiVR0abk6pHoeOIBESL
-fB9B4gsZJjLsoTYDNAAEADtKDcwL660+Mm11Vl254GI3TnD+fragdwF+wY5qlMu5
-VtrUDMHuAP0q3eGQUsrzNo0=
------END PRIVATE KEY-----
-
-PublicKey=BOB_sect193r2_PUB
------BEGIN PUBLIC KEY-----
-MEgwEAYHKoZIzj0CAQYFK4EEABkDNAAEADtKDcwL660+Mm11Vl254GI3TnD+frag
-dwF+wY5qlMu5VtrUDMHuAP0q3eGQUsrzNo0=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = BOB_sect193r2:BOB_sect193r2_PUB
-
-
-# ECDH Alice with Bob peer
-
-Derive=ALICE_sect193r2
-PeerKey=BOB_sect193r2_PUB
-SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891
-
-# ECDH Bob with Alice peer
-
-Derive=BOB_sect193r2
-PeerKey=ALICE_sect193r2_PUB
-SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891
-
-# TEST CURVE sect233k1
-
-PrivateKey=ALICE_sect233k1
------BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1aR7qaKm1vmZWK2bGsJ1rX
-mH6BpTkW4t1L4zSf/KFAAz4ABADcDiv+bTvPVViqYLNz06VO5wodry+sGi6fnJIr
-QQCTfZ9d5whiIsbY5Thlcm7I0A/cIGoShA/6LumOVA==
------END PRIVATE KEY-----
-
-PublicKey=ALICE_sect233k1_PUB
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEANwOK/5tO89VWKpgs3PTpU7nCh2vL6wa
-Lp+ckitBAJN9n13nCGIixtjlOGVybsjQD9wgahKED/ou6Y5U
------END PUBLIC KEY-----
-
-PrivPubKeyPair = ALICE_sect233k1:ALICE_sect233k1_PUB
-
-
-PrivateKey=BOB_sect233k1
------BEGIN PRIVATE KEY-----
-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0oa5BrzYxm6mn51Xyphn6X
-OUjKc9oMDHCowAyHTaFAAz4ABAGKiFuFJVQeymHYRVnt2LNF2MSaTMcL9JGSPn2z
-OwBis5MS4kgEFakWQl7KpGiy3vS89wmpblvHLJ/+IQ==
------END PRIVATE KEY-----
-
-PublicKey=BOB_sect233k1_PUB
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAYqIW4UlVB7KYdhFWe3Ys0XYxJpMxwv0
-kZI+fbM7AGKzkxLiSAQVqRZCXsqkaLLe9Lz3CaluW8csn/4h
------END PUBLIC KEY-----
-
-PrivPubKeyPair = BOB_sect233k1:BOB_sect233k1_PUB
-
-
-# ECDH Alice with Bob peer
-
-Derive=ALICE_sect233k1
-PeerKey=BOB_sect233k1_PUB
-SharedSecret=00a5e5f2e992f4360d530dd365d14f5c6013212e14f4ea258c91c71f1512
-
-# ECDH Bob with Alice peer
-
-Derive=BOB_sect233k1
-PeerKey=ALICE_sect233k1_PUB
-SharedSecret=00a5e5f2e992f4360d530dd365d14f5c6013212e14f4ea258c91c71f1512
-
-# TEST CURVE sect233r1
-
-PrivateKey=ALICE_sect233r1
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AEN6fePR2gizyXzU6kIgU
-Gijp5+IQAXoNBfKnVeChQAM+AAQB0kEwu2fwQWo1v1j7XQ8uJT3iMwRC8w+cxgxx
-GQ4B/FyjrhIUpEDWaMqfV23McZ6WdbIUe3MZ7K5pG38=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_sect233r1_PUB
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAdJBMLtn8EFqNb9Y+10PLiU94jMEQvMP
-nMYMcRkOAfxco64SFKRA1mjKn1dtzHGelnWyFHtzGeyuaRt/
------END PUBLIC KEY-----
-
-PrivPubKeyPair = ALICE_sect233r1:ALICE_sect233r1_PUB
-
-
-PrivateKey=BOB_sect233r1
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AXHWOeS6fG0XCH3FnHDuS
-IcELUeDG+AYNNeLVZd6hQAM+AAQAYRRYH017uxcaMPF3GOsL4bvodW1yZLEtL3pm
-CkcAfqJI/4niCr8uHKh0gBa2JBjBWMV1u8Mpf60uvok=
------END PRIVATE KEY-----
-
-PublicKey=BOB_sect233r1_PUB
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAGEUWB9Ne7sXGjDxdxjrC+G76HVtcmSx
-LS96ZgpHAH6iSP+J4gq/LhyodIAWtiQYwVjFdbvDKX+tLr6J
------END PUBLIC KEY-----
-
-PrivPubKeyPair = BOB_sect233r1:BOB_sect233r1_PUB
-
-
-# ECDH Alice with Bob peer
-
-Derive=ALICE_sect233r1
-PeerKey=BOB_sect233r1_PUB
-SharedSecret=01625f3fcd367ee7cd74c67cca02dccfce6c3b19ef07e358ed943d17a8e2
-
-# ECDH Bob with Alice peer
-
-Derive=BOB_sect233r1
-PeerKey=ALICE_sect233r1_PUB
-SharedSecret=01625f3fcd367ee7cd74c67cca02dccfce6c3b19ef07e358ed943d17a8e2
-
-# TEST CURVE sect239k1
-
-PrivateKey=ALICE_sect239k1
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEAAMEZzBlAgEBBB4MhpuQTtDeLBboZgiW11d/
-KBlgUL4YvTjZ8zg4HR2hQAM+AAQafRD6X3L/7c/FN69KuA04a4bhxHZezmz1G15m
-tltwl8zlWsR5+GNToxV0OBLbStAQbXxqBa2Gg83B0oc=
------END PRIVATE KEY-----
-
-PublicKey=ALICE_sect239k1_PUB
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEAAMDPgAEGn0Q+l9y/+3PxTevSrgNOGuG4cR2Xs5s
-9RteZrZbcJfM5VrEefhjU6MVdDgS20rQEG18agWthoPNwdKH
------END PUBLIC KEY-----
-
-PrivPubKeyPair = ALICE_sect239k1:ALICE_sect239k1_PUB
-
-
-PrivateKey=BOB_sect239k1
------BEGIN PRIVATE KEY-----
-MH4CAQAwEAYHKoZIzj0CAQYFK4EEAAMEZzBlAgEBBB4FBG477KvylisppUFwbDl/
-SRGnX5FFmfw/xWIiEMehQAM+AAQFii094UX6F5m8Dk0eI/DhF3+IDUu7h81hTdyZ
-xxET0IokxFkTUf/re9WPA7LxPOCuiIPZUNVCRxRWSuU=
------END PRIVATE KEY-----
-
-PublicKey=BOB_sect239k1_PUB
------BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEAAMDPgAEBYotPeFF+heZvA5NHiPw4Rd/iA1Lu4fN
-YU3cmccRE9CKJMRZE1H/63vVjwOy8TzgroiD2VDVQkcUVkrl
------END PUBLIC KEY-----
-
-PrivPubKeyPair = BOB_sect239k1:BOB_sect239k1_PUB
-
-
-# ECDH Alice with Bob peer
-
-Derive=ALICE_sect239k1
-PeerKey=BOB_sect239k1_PUB
-SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8
-
-# ECDH Bob with Alice peer
-
-Derive=BOB_sect239k1
-PeerKey=ALICE_sect239k1_PUB
-SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8
-
-# TEST CURVE sect283k1
-
-PrivateKey=ALICE_sect283k1
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAGhnsmZ2UDKV3QKmq3k+
-33LQ6n5aCYvKXcMgiZlBS/RrVgIRoUwDSgAEBSgpOw5TMTc4O8HHhw5atJl5mrnW
-uC6oWVYRYpD1IMvPNTRsAYo4SYRmPIfgzVv/ESVcHVaD1lPNo+eq0HN1qhvRX+4r
-mGO7
------END PRIVATE KEY-----
-
-PublicKey=ALICE_sect283k1_PUB
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBSgpOw5TMTc4O8HHhw5atJl5mrnWuC6o
-WVYRYpD1IMvPNTRsAYo4SYRmPIfgzVv/ESVcHVaD1lPNo+eq0HN1qhvRX+4rmGO7
------END PUBLIC KEY-----
-
-PrivPubKeyPair = ALICE_sect283k1:ALICE_sect283k1_PUB
-
-
-PrivateKey=BOB_sect283k1
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAAJXIwfWjYbiM5jEcNw8
-8/1kbEnhVjWGivO7zDPts7AuKSMkoUwDSgAEA5Ause5pdH6ks7PdyPeoPbYAkz6V
-D5v8KTV1b97PiYmZNDeoBY78FQyHRSvdSo+oRew2RacpaCAntRoiWHyN1nAdDSzj
-CN/m
------END PRIVATE KEY-----
-
-PublicKey=BOB_sect283k1_PUB
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA5Ause5pdH6ks7PdyPeoPbYAkz6VD5v8
-KTV1b97PiYmZNDeoBY78FQyHRSvdSo+oRew2RacpaCAntRoiWHyN1nAdDSzjCN/m
------END PUBLIC KEY-----
-
-PrivPubKeyPair = BOB_sect283k1:BOB_sect283k1_PUB
-
-
-# ECDH Alice with Bob peer
-
-Derive=ALICE_sect283k1
-PeerKey=BOB_sect283k1_PUB
-SharedSecret=02f2e682c2f60d7261624f3661a5e85fca920443b72aa4dd5a540082e65e552302d8f825
-
-# ECDH Bob with Alice peer
-
-Derive=BOB_sect283k1
-PeerKey=ALICE_sect283k1_PUB
-SharedSecret=02f2e682c2f60d7261624f3661a5e85fca920443b72aa4dd5a540082e65e552302d8f825
-
-# TEST CURVE sect283r1
-
-PrivateKey=ALICE_sect283r1
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAi4Jrhu19kt7H8jw1FO7
-VzCxh6p0pI0ogl3q9ev5NFkufZkZoUwDSgAEAHx6cwnWw+9l3oZHpx+R8nu7SLqU
-S40TU2uL0W6VTNANIvcJB1b++3okH0FJgFAahbaotafYTyfqCoY11VaxnVqU5/aE
-7jsD
------END PRIVATE KEY-----
-
-PublicKey=ALICE_sect283r1_PUB
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAHx6cwnWw+9l3oZHpx+R8nu7SLqUS40T
-U2uL0W6VTNANIvcJB1b++3okH0FJgFAahbaotafYTyfqCoY11VaxnVqU5/aE7jsD
------END PUBLIC KEY-----
-
-PrivPubKeyPair = ALICE_sect283r1:ALICE_sect283r1_PUB
-
-
-PrivateKey=BOB_sect283r1
------BEGIN PRIVATE KEY-----
-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkACD04gJaVfVxK/Dpbxjq
-rzZWc6B76a23MK/IQD1jMlGPQzzxoUwDSgAEA13mIYMvik12DBp8JkdETMB1ewOw
-22C/xhnzLEHmgrG0ewxeANVAoIZy2uv5t0VUJIp4PYdLNaqIguN+9v6U78O4lass
-Iq5I
------END PRIVATE KEY-----
-
-PublicKey=BOB_sect283r1_PUB
------BEGIN PUBLIC KEY-----
-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEA13mIYMvik12DBp8JkdETMB1ewOw22C/
-xhnzLEHmgrG0ewxeANVAoIZy2uv5t0VUJIp4PYdLNaqIguN+9v6U78O4lassIq5I
------END PUBLIC KEY-----
-
-PrivPubKeyPair = BOB_sect283r1:BOB_sect283r1_PUB
-
-
-# ECDH Alice with Bob peer
-
-Derive=ALICE_sect283r1
-PeerKey=BOB_sect283r1_PUB
-SharedSecret=05778bc1afcf38d7dddb2150cacbfe4d38dc588968fd8b2e859c28ae2629d3435f89f6cc
-
-# ECDH Bob with Alice peer
-
-Derive=BOB_sect283r1
-PeerKey=ALICE_sect283r1_PUB
-SharedSecret=05778bc1afcf38d7dddb2150cacbfe4d38dc588968fd8b2e859c28ae2629d3435f89f6cc
-
-# TEST CURVE sect409k1
-
-PrivateKey=ALICE_sect409k1
+PrivateKey=ALICE_sect163r1
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMg1vV7wiPe1ovX+ukz
-VfwPZoqvyj/vdif04Opi9PcjV5mPBEZgSFBg8hbutNxZJdVLrxShbANqAAQACe1I
-J5ilSk1pPLvbcjEZIE6abC9LZ9WmHuNJxM9LAW1OuLvJGi72AsGYUOGpX0WGmK6C
-AYaqZb2Qeedq/yUIljDHYi66J+26owYl7lOMpRzZ9U2QDJrZ7TYuxeMUui6re0B+
-JuZdYw==
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAIETDBKAgEBBBUBl9zmlPmFF5v9h1IIENAx
+1b8tj0+hLgMsAAQE3j8Jn58CCtEDwvOZ5DwgYGBYvIECz1zN8UwPfTFSdXjTWQcr
+9gWxNMA=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect409k1_PUB
+PublicKey=ALICE_sect163r1_PUB
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAAntSCeYpUpNaTy723IxGSBOmmwvS2fV
-ph7jScTPSwFtTri7yRou9gLBmFDhqV9FhpiuggGGqmW9kHnnav8lCJYwx2Iuuift
-uqMGJe5TjKUc2fVNkAya2e02LsXjFLouq3tAfibmXWM=
+MEAwEAYHKoZIzj0CAQYFK4EEAAIDLAAEBN4/CZ+fAgrRA8LzmeQ8IGBgWLyBAs9c
+zfFMD30xUnV401kHK/YFsTTA
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect409k1:ALICE_sect409k1_PUB
+PrivPubKeyPair = ALICE_sect163r1:ALICE_sect163r1_PUB
 
 
-PrivateKey=BOB_sect409k1
+PrivateKey=BOB_sect163r1
 -----BEGIN PRIVATE KEY-----
-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMIYBGZZcZz4qCdhAV9
-vqpfe8vV+vJEhjawR52JUV1rumWEBPAx0o6E+gaxHBr5hzVGkIKhbANqAAQAAQKK
-s60CTUUkltsT+lIBukjz850pkGGLltJ4eaZn4k9AtN/lFTCq6Vgqe2sDrjA3b45q
-AdWjf1vRaP0wawJ13SjApJmyXg5hQks6d0Zqz2OHYhGEGiM159VtTlStK067dVe1
-fGVDeg==
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAIETDBKAgEBBBUA/nzN5yCavvZlXyDGEihW
+rwG360+hLgMsAAQDt6XZHfzXABSTnGhzfoPtfdLZgaoGhBdeWz+318vNmC6AMJP+
+PntHzsA=
 -----END PRIVATE KEY-----
 
-PublicKey=BOB_sect409k1_PUB
+PublicKey=BOB_sect163r1_PUB
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAAECirOtAk1FJJbbE/pSAbpI8/OdKZBh
-i5bSeHmmZ+JPQLTf5RUwqulYKntrA64wN2+OagHVo39b0Wj9MGsCdd0owKSZsl4O
-YUJLOndGas9jh2IRhBojNefVbU5UrStOu3VXtXxlQ3o=
+MEAwEAYHKoZIzj0CAQYFK4EEAAIDLAAEA7el2R381wAUk5xoc36D7X3S2YGqBoQX
+Xls/t9fLzZgugDCT/j57R87A
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect409k1:BOB_sect409k1_PUB
+PrivPubKeyPair = BOB_sect163r1:BOB_sect163r1_PUB
 
 
 # ECDH Alice with Bob peer
 
-Derive=ALICE_sect409k1
-PeerKey=BOB_sect409k1_PUB
-SharedSecret=01523ec40ad40226a57281a4c423801ae9495dcf736eddd667023b1390977d018ce79313fb99c503f39cbee80f5c1968f3bd02e0
+Derive=ALICE_sect163r1
+PeerKey=BOB_sect163r1_PUB
+SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4
 
 # ECDH Bob with Alice peer
 
-Derive=BOB_sect409k1
-PeerKey=ALICE_sect409k1_PUB
-SharedSecret=01523ec40ad40226a57281a4c423801ae9495dcf736eddd667023b1390977d018ce79313fb99c503f39cbee80f5c1968f3bd02e0
+Derive=BOB_sect163r1
+PeerKey=ALICE_sect163r1_PUB
+SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4
 
-# TEST CURVE sect409r1
+# TEST CURVE sect193r1
 
-PrivateKey=ALICE_sect409r1
+PrivateKey=ALICE_sect193r1
 -----BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAYTMsTpey51D2ULnd
-pN+AAWnJLy9pTerziakhjii8OyWKpUVfpDFNneCCd2oQTDcPX5vdoWwDagAEAYfk
-3ZejxpVYCG7dYHTVhhcqILEyTYoQa4YehGPxKcbmgpqW4Wev1tEDVI3JIowICYGU
-owHXXzgDXoJeR79wgb7ySAlXJXgQ8Ficr7i0CaqyAuIpFw9FWJT3jheFwnbpDTvI
-eIozlf4=
+MG8CAQAwEAYHKoZIzj0CAQYFK4EEABgEWDBWAgEBBBkAEQlofBlvj8zDK5o4CCfA
+aOQOmlAyTimBoTYDNAAEAKBcyRBxQDZTvpPM39ZVXYQS5aJwZfUnNwBn5T26m15R
+M4MLnYGdklcAM8oMOML999w=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect409r1_PUB
+PublicKey=ALICE_sect193r1_PUB
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAYfk3ZejxpVYCG7dYHTVhhcqILEyTYoQ
-a4YehGPxKcbmgpqW4Wev1tEDVI3JIowICYGUowHXXzgDXoJeR79wgb7ySAlXJXgQ
-8Ficr7i0CaqyAuIpFw9FWJT3jheFwnbpDTvIeIozlf4=
+MEgwEAYHKoZIzj0CAQYFK4EEABgDNAAEAKBcyRBxQDZTvpPM39ZVXYQS5aJwZfUn
+NwBn5T26m15RM4MLnYGdklcAM8oMOML999w=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect409r1:ALICE_sect409r1_PUB
+PrivPubKeyPair = ALICE_sect193r1:ALICE_sect193r1_PUB
 
 
-PrivateKey=BOB_sect409r1
+PrivateKey=BOB_sect193r1
 -----BEGIN PRIVATE KEY-----
-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAsCs1nRgwW97TdKIH
-PRcsqmK1e8TIZ00e6rqLb3nD4sIe+Gw/fGhSUER9akQ7lAluEUnfoWwDagAEAfM2
-fvBEic+7jV4oC+v8GfsunD9Zp9rzNgMp3dJ+ZU7r6Bp+ZH3dL9Uvv8kUiB89UlDl
-LwBm/W6TlzGuh1FnzXYKVnhnXpzSlRZQsPCceKukbV46Asl8O23b2+DPJgQBGbMf
-WsgK+KA=
+MG8CAQAwEAYHKoZIzj0CAQYFK4EEABgEWDBWAgEBBBkAnxvYLKZaw4Rj24WTRBfg
+iar5vp3R3pCJoTYDNAAEAXw0PWt3PtZT5v9aH0o6WnFtFGOBNEUpYQE/jBjzUHIC
+qMNZTHy9gT2R9yc0GBZ/Dic=
 -----END PRIVATE KEY-----
 
-PublicKey=BOB_sect409r1_PUB
+PublicKey=BOB_sect193r1_PUB
 -----BEGIN PUBLIC KEY-----
-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAfM2fvBEic+7jV4oC+v8GfsunD9Zp9rz
-NgMp3dJ+ZU7r6Bp+ZH3dL9Uvv8kUiB89UlDlLwBm/W6TlzGuh1FnzXYKVnhnXpzS
-lRZQsPCceKukbV46Asl8O23b2+DPJgQBGbMfWsgK+KA=
+MEgwEAYHKoZIzj0CAQYFK4EEABgDNAAEAXw0PWt3PtZT5v9aH0o6WnFtFGOBNEUp
+YQE/jBjzUHICqMNZTHy9gT2R9yc0GBZ/Dic=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect409r1:BOB_sect409r1_PUB
+PrivPubKeyPair = BOB_sect193r1:BOB_sect193r1_PUB
 
 
 # ECDH Alice with Bob peer
 
-Derive=ALICE_sect409r1
-PeerKey=BOB_sect409r1_PUB
-SharedSecret=019dc849870dc6f79978aca8e1fc6aa6836c8fcb25bbfe3d5ab41ea53eae2c7329952280efb30f9097a31a774191e476dbd842d5
+Derive=ALICE_sect193r1
+PeerKey=BOB_sect193r1_PUB
+SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47
 
 # ECDH Bob with Alice peer
 
-Derive=BOB_sect409r1
-PeerKey=ALICE_sect409r1_PUB
-SharedSecret=019dc849870dc6f79978aca8e1fc6aa6836c8fcb25bbfe3d5ab41ea53eae2c7329952280efb30f9097a31a774191e476dbd842d5
+Derive=BOB_sect193r1
+PeerKey=ALICE_sect193r1_PUB
+SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47
 
-# TEST CURVE sect571k1
+# TEST CURVE sect193r2
 
-PrivateKey=ALICE_sect571k1
+PrivateKey=ALICE_sect193r2
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIARO8hI8j6TZ556/d
-RcdGYvdblnALD2XZCKu2c3C5yQIeA8Tidi+f8n6cCnb5FtJNTYKqP8tRfHlwAZtW
-/giXi/4yF5K2twS3oYGVA4GSAAQAtiuUbz7v6njhujnDhanD4iV84K0LQd9wP1+k
-v0Bn833nKtFrZComgrip2SwUaEYOE6IcPyCJ48vWOKvIR6fU11tWwsFRPU0Cct0S
-qVbANAJzwL1umwuKNPblJ6ZEwcBdgw7hWFL6sh+0ayAQ3a8zOizhViJPCnaKR/Oo
-AtaUpCWLSTHDF1gK4/kmlwEx+8o=
+MG8CAQAwEAYHKoZIzj0CAQYFK4EEABkEWDBWAgEBBBkAj54XQW+b3bnX9duvqaa+
+lPTNcvOlxRAvoTYDNAAEAHhW6xjH4TNPs/e12tsZcsGD+a92kAWkwQFc4m1ISx4o
+mtNyCVI7FXV5zNnaGWVACT4=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect571k1_PUB
+PublicKey=ALICE_sect193r2_PUB
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQAtiuUbz7v6njhujnDhanD4iV84K0L
-Qd9wP1+kv0Bn833nKtFrZComgrip2SwUaEYOE6IcPyCJ48vWOKvIR6fU11tWwsFR
-PU0Cct0SqVbANAJzwL1umwuKNPblJ6ZEwcBdgw7hWFL6sh+0ayAQ3a8zOizhViJP
-CnaKR/OoAtaUpCWLSTHDF1gK4/kmlwEx+8o=
+MEgwEAYHKoZIzj0CAQYFK4EEABkDNAAEAHhW6xjH4TNPs/e12tsZcsGD+a92kAWk
+wQFc4m1ISx4omtNyCVI7FXV5zNnaGWVACT4=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect571k1:ALICE_sect571k1_PUB
+PrivPubKeyPair = ALICE_sect193r2:ALICE_sect193r2_PUB
 
 
-PrivateKey=BOB_sect571k1
+PrivateKey=BOB_sect193r2
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAVZT4tnX9dMWS6Vd
-YCoYRl9o/j/Hz7KGqF4Ujk9n9b4+mXbJ37tobpjnpNqKlJfI04w80JPp+NxpoBR3
-8p1bcc9iL4Smh48YoYGVA4GSAAQARzAx9yVkHL8pbe1myosILIhhLLURYRDHmopO
-IijLQmTATV9pYO7CrFBPBjaKNRjPpw/cVOs89X9Jdzx/bolkGqVAsjLN1tsCrqET
-31F4mpnfsPwcM6zbp6lE4N2gL5cakKMmyPNM4d3m8xl1f6e56LBYfaxOaqcYzbXC
-Q/Aiij13H06qKhuFM4iiB/0D164=
+MG8CAQAwEAYHKoZIzj0CAQYFK4EEABkEWDBWAgEBBBkAvMiVR0abk6pHoeOIBESL
+fB9B4gsZJjLsoTYDNAAEADtKDcwL660+Mm11Vl254GI3TnD+fragdwF+wY5qlMu5
+VtrUDMHuAP0q3eGQUsrzNo0=
 -----END PRIVATE KEY-----
 
-PublicKey=BOB_sect571k1_PUB
+PublicKey=BOB_sect193r2_PUB
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQARzAx9yVkHL8pbe1myosILIhhLLUR
-YRDHmopOIijLQmTATV9pYO7CrFBPBjaKNRjPpw/cVOs89X9Jdzx/bolkGqVAsjLN
-1tsCrqET31F4mpnfsPwcM6zbp6lE4N2gL5cakKMmyPNM4d3m8xl1f6e56LBYfaxO
-aqcYzbXCQ/Aiij13H06qKhuFM4iiB/0D164=
+MEgwEAYHKoZIzj0CAQYFK4EEABkDNAAEADtKDcwL660+Mm11Vl254GI3TnD+frag
+dwF+wY5qlMu5VtrUDMHuAP0q3eGQUsrzNo0=
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect571k1:BOB_sect571k1_PUB
+PrivPubKeyPair = BOB_sect193r2:BOB_sect193r2_PUB
 
 
 # ECDH Alice with Bob peer
 
-Derive=ALICE_sect571k1
-PeerKey=BOB_sect571k1_PUB
-SharedSecret=05a423515fcc91b3171c83edd5c4085ff729a8ff0a3fa1578ebf769523ded0f5c1e387cf63109f2fbd95e117345b788b4577fdc6b6e727230bfc73eae0d4e851cb6f6e616eddb13e
+Derive=ALICE_sect193r2
+PeerKey=BOB_sect193r2_PUB
+SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891
 
 # ECDH Bob with Alice peer
 
-Derive=BOB_sect571k1
-PeerKey=ALICE_sect571k1_PUB
-SharedSecret=05a423515fcc91b3171c83edd5c4085ff729a8ff0a3fa1578ebf769523ded0f5c1e387cf63109f2fbd95e117345b788b4577fdc6b6e727230bfc73eae0d4e851cb6f6e616eddb13e
+Derive=BOB_sect193r2
+PeerKey=ALICE_sect193r2_PUB
+SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891
 
-# TEST CURVE sect571r1
+# TEST CURVE sect239k1
 
-PrivateKey=ALICE_sect571r1
+PrivateKey=ALICE_sect239k1
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIArsi//Zp9veeURYV
-zGYHn4MlNIxNt6U6vtmTPS/NaoiaavxbOimpHgxYPCjpoPYhM33Z2VBh7pl2aoRW
-3GBepLFLoF8oiQaLoYGVA4GSAAQDRG2b7KCUKbGDTWVgW0qqNC3oYcz4f/AwTHmo
-US1mzdRZj/Sf6IU+7mITGnQ6lg1EkTas/X6TK1hNMV7tAjSeowdN75wzd8YF32SF
-HMIcWew5g56oF961qv3IvICZnRAOmWyGHeHdYwHxMBSBPNgua42QGoJz6J6dYAUe
-vE+F3N29p/tRBGNzMFIqoDdW+NA=
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEAAMEZzBlAgEBBB4MhpuQTtDeLBboZgiW11d/
+KBlgUL4YvTjZ8zg4HR2hQAM+AAQafRD6X3L/7c/FN69KuA04a4bhxHZezmz1G15m
+tltwl8zlWsR5+GNToxV0OBLbStAQbXxqBa2Gg83B0oc=
 -----END PRIVATE KEY-----
 
-PublicKey=ALICE_sect571r1_PUB
+PublicKey=ALICE_sect239k1_PUB
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDRG2b7KCUKbGDTWVgW0qqNC3oYcz4
-f/AwTHmoUS1mzdRZj/Sf6IU+7mITGnQ6lg1EkTas/X6TK1hNMV7tAjSeowdN75wz
-d8YF32SFHMIcWew5g56oF961qv3IvICZnRAOmWyGHeHdYwHxMBSBPNgua42QGoJz
-6J6dYAUevE+F3N29p/tRBGNzMFIqoDdW+NA=
+MFIwEAYHKoZIzj0CAQYFK4EEAAMDPgAEGn0Q+l9y/+3PxTevSrgNOGuG4cR2Xs5s
+9RteZrZbcJfM5VrEefhjU6MVdDgS20rQEG18agWthoPNwdKH
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = ALICE_sect571r1:ALICE_sect571r1_PUB
+PrivPubKeyPair = ALICE_sect239k1:ALICE_sect239k1_PUB
 
 
-PrivateKey=BOB_sect571r1
+PrivateKey=BOB_sect239k1
 -----BEGIN PRIVATE KEY-----
-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAYj65N5XJTQusn+h
-Z9xj/dgZ4qR1GDC1Ij7jYuow+TvGrG2wz/WT76/lLNtlCLfDW2kODDUmDAJeK/e+
-VMO7suJTXGnrGFHioYGVA4GSAAQGxykYFxqz7jZxcBbiPLYfJEhXlf2SYmMKve74
-trOT+qjIm35+uUAcg2krOzH7X/8wH6bVSn/UKG/k27wZrAnWzZ5XKd8QI70H8aHv
-LgrCoMoqOno+h6J4TgvlDq7FIGZ8fvDaM7YJ8dHPX5FC8Vyphu82TcNdnNATBqom
-6WDWc7RTFZ4sijL5ywVhovwJ1gA=
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEAAMEZzBlAgEBBB4FBG477KvylisppUFwbDl/
+SRGnX5FFmfw/xWIiEMehQAM+AAQFii094UX6F5m8Dk0eI/DhF3+IDUu7h81hTdyZ
+xxET0IokxFkTUf/re9WPA7LxPOCuiIPZUNVCRxRWSuU=
 -----END PRIVATE KEY-----
 
-PublicKey=BOB_sect571r1_PUB
+PublicKey=BOB_sect239k1_PUB
 -----BEGIN PUBLIC KEY-----
-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGxykYFxqz7jZxcBbiPLYfJEhXlf2S
-YmMKve74trOT+qjIm35+uUAcg2krOzH7X/8wH6bVSn/UKG/k27wZrAnWzZ5XKd8Q
-I70H8aHvLgrCoMoqOno+h6J4TgvlDq7FIGZ8fvDaM7YJ8dHPX5FC8Vyphu82TcNd
-nNATBqom6WDWc7RTFZ4sijL5ywVhovwJ1gA=
+MFIwEAYHKoZIzj0CAQYFK4EEAAMDPgAEBYotPeFF+heZvA5NHiPw4Rd/iA1Lu4fN
+YU3cmccRE9CKJMRZE1H/63vVjwOy8TzgroiD2VDVQkcUVkrl
 -----END PUBLIC KEY-----
 
-PrivPubKeyPair = BOB_sect571r1:BOB_sect571r1_PUB
+PrivPubKeyPair = BOB_sect239k1:BOB_sect239k1_PUB
 
 
 # ECDH Alice with Bob peer
 
-Derive=ALICE_sect571r1
-PeerKey=BOB_sect571r1_PUB
-SharedSecret=004b397e564055e2c7d87648183c948655ccb0ebb20bd441f9b11635cf461cb5815ff060eab33091b9f7aed67bec8ba1bb7b22437ece3c92c7cf76124408fb951595dfb4a512b2ae
+Derive=ALICE_sect239k1
+PeerKey=BOB_sect239k1_PUB
+SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8
 
 # ECDH Bob with Alice peer
 
-Derive=BOB_sect571r1
-PeerKey=ALICE_sect571r1_PUB
-SharedSecret=004b397e564055e2c7d87648183c948655ccb0ebb20bd441f9b11635cf461cb5815ff060eab33091b9f7aed67bec8ba1bb7b22437ece3c92c7cf76124408fb951595dfb4a512b2ae
+Derive=BOB_sect239k1
+PeerKey=ALICE_sect239k1_PUB
+SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8
 
 # TEST CURVE c2pnb163v1
 
@@ -3096,375 +2309,3 @@ SharedSecret=c75a8283a73312de82c8f99d41a9173a43b8f921e8161dd140131b36
 Derive=BOB_wap-wsg-idm-ecid-wtls12
 PeerKey=ALICE_wap-wsg-idm-ecid-wtls12_PUB
 SharedSecret=c75a8283a73312de82c8f99d41a9173a43b8f921e8161dd140131b36
-
-
-Title = ECDH KATs (from RFC 5114, 5903, 7027)
-
-# Keys and shared secrets from RFC 5114
-PrivateKey=PRIME192V1_RFC5114
------BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBgyP6MWnY6cZZP1lHa8
-FCAAq1vg4knENCahNAMyAATNRkiez9bBBeez0yVm4rEi4kmrqt2HBhJoiHtId99R
-3U3D1v0R8KJvj9OEQxeRbpo=
------END PRIVATE KEY-----
-
-PublicKey=PRIME192V1_RFC5114-PUBLIC
------BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEzUZIns/WwQXns9MlZuKxIuJJq6rd
-hwYSaIh7SHffUd1Nw9b9EfCib4/ThEMXkW6a
------END PUBLIC KEY-----
-
-PrivPubKeyPair = PRIME192V1_RFC5114:PRIME192V1_RFC5114-PUBLIC
-
-
-PrivateKey=PRIME192V1_RFC5114-Peer
------BEGIN PRIVATE KEY-----
-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhjH5W7SmdjLJxHbu6a
-tpWrJAoEmTB/z2KhNAMyAARRmhIWgOAEVGa6Id8u7kf1lztQBXfvE9X/YTq01kzu
-OiCHW9sQ+VP2swygcsYKpX8=
------END PRIVATE KEY-----
-
-PublicKey=PRIME192V1_RFC5114-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEUZoSFoDgBFRmuiHfLu5H9Zc7UAV3
-7xPV/2E6tNZM7jogh1vbEPlT9rMMoHLGCqV/
------END PUBLIC KEY-----
-
-PrivPubKeyPair = PRIME192V1_RFC5114-Peer:PRIME192V1_RFC5114-Peer-PUBLIC
-
-
-
-Derive=PRIME192V1_RFC5114
-PeerKey=PRIME192V1_RFC5114-Peer-PUBLIC
-SharedSecret=AD420182633F8526BFE954ACDA376F05E5FF4F837F54FEBE
-
-Derive=PRIME192V1_RFC5114-Peer
-PeerKey=PRIME192V1_RFC5114-PUBLIC
-SharedSecret=AD420182633F8526BFE954ACDA376F05E5FF4F837F54FEBE
-
-PrivateKey=SECP224R1_RFC5114
------BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBy1WOtsKI2nB7u0+PuuKrnp
-y2LjvFx1c+IuJtN/oTwDOgAESd/vMJ+BSIwwTP9as+5aIVQ2fceDMVDgpR8+608r
-XuRXYsT2VMGgxn9Uz4iwFrUbzj18Io1XrbQ=
------END PRIVATE KEY-----
-
-PublicKey=SECP224R1_RFC5114-PUBLIC
------BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAESd/vMJ+BSIwwTP9as+5aIVQ2fceDMVDg
-pR8+608rXuRXYsT2VMGgxn9Uz4iwFrUbzj18Io1XrbQ=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = SECP224R1_RFC5114:SECP224R1_RFC5114-PUBLIC
-
-
-PrivateKey=SECP224R1_RFC5114-Peer
------BEGIN PRIVATE KEY-----
-MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBysOxrdPZdw5vanCO6fO44K
-s7SA6fJ/hciLXm0YoTwDOgAEazrJao0M3mpVmb6AMu3xDBYtCorSGVBtzUKiB9SR
-vpnCE6fRyjcG3r/jBfNhr8uzPiYJyLFhitU=
------END PRIVATE KEY-----
-
-PublicKey=SECP224R1_RFC5114-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEazrJao0M3mpVmb6AMu3xDBYtCorSGVBt
-zUKiB9SRvpnCE6fRyjcG3r/jBfNhr8uzPiYJyLFhitU=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = SECP224R1_RFC5114-Peer:SECP224R1_RFC5114-Peer-PUBLIC
-
-
-
-
-Derive=SECP224R1_RFC5114
-PeerKey=SECP224R1_RFC5114-Peer-PUBLIC
-SharedSecret=52272F50F46F4EDC9151569092F46DF2D96ECC3B6DC1714A4EA949FA
-
-
-Derive=SECP224R1_RFC5114-Peer
-PeerKey=SECP224R1_RFC5114-PUBLIC
-SharedSecret=52272F50F46F4EDC9151569092F46DF2D96ECC3B6DC1714A4EA949FA
-
-PrivateKey=PRIME256V1_RFC5114
------BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQggUJkFF8vVvLpao4z
-ehKEmT+vQypavOWehntykdUHo6+hRANCAAQq9QLzvolS8sm1qNQWDQnpcWW+ULxC
-rkpejTtLqDrrFesPr0yphsTThoGg+YctedVnlb1L/25t48D1AV7OXv2F
------END PRIVATE KEY-----
-
-PublicKey=PRIME256V1_RFC5114-PUBLIC
------BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEKvUC876JUvLJtajUFg0J6XFlvlC8
-Qq5KXo07S6g66xXrD69MqYbE04aBoPmHLXnVZ5W9S/9ubePA9QFezl79hQ==
------END PUBLIC KEY-----
-
-PrivPubKeyPair = PRIME256V1_RFC5114:PRIME256V1_RFC5114-PUBLIC
-
-
-PrivateKey=PRIME256V1_RFC5114-Peer
------BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgLOF4jsGX4JbblaIA
-zAqyahnOa8ytViuO7htZN2HPf0GhRANCAASxIN5Ko2SSeVNG6N5sLIZGrgaq6ief
-p3WzqwcV9s5RsJ8bfuziDXte2OxoX6Pwcdg3JwJwkqhBE4XDTd5XCLK2
------END PRIVATE KEY-----
-
-PublicKey=PRIME256V1_RFC5114-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEsSDeSqNkknlTRujebCyGRq4Gquon
-n6d1s6sHFfbOUbCfG37s4g17XtjsaF+j8HHYNycCcJKoQROFw03eVwiytg==
------END PUBLIC KEY-----
-
-PrivPubKeyPair = PRIME256V1_RFC5114-Peer:PRIME256V1_RFC5114-Peer-PUBLIC
-
-
-
-
-Derive=PRIME256V1_RFC5114
-PeerKey=PRIME256V1_RFC5114-Peer-PUBLIC
-SharedSecret=DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788
-
-
-Derive=PRIME256V1_RFC5114-Peer
-PeerKey=PRIME256V1_RFC5114-PUBLIC
-SharedSecret=DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788
-
-PrivateKey=SECP384R1_RFC5114
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDSczXqcWZK8kTdFOn9
-EmBxXf2KeWVXHEjXCe56eWKhVtcGqQy8td8phvBf6tuTdvGhZANiAAR5MUjxeHY0
-1dpMbZB0QX0F4FerYvggVNEO5rBAPWJ5VH5qjqnR/XdCfQFv4nqLjGbGxBKUMx0j
-5vSA9PtM1AUEyUc5LpT0w/BrjzmLsp5CNo96aFkj3jtnus7SFKGh0Sg=
------END PRIVATE KEY-----
-
-PublicKey=SECP384R1_RFC5114-PUBLIC
------BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEeTFI8Xh2NNXaTG2QdEF9BeBXq2L4IFTR
-DuawQD1ieVR+ao6p0f13Qn0Bb+J6i4xmxsQSlDMdI+b0gPT7TNQFBMlHOS6U9MPw
-a485i7KeQjaPemhZI947Z7rO0hShodEo
------END PUBLIC KEY-----
-
-PrivPubKeyPair = SECP384R1_RFC5114:SECP384R1_RFC5114-PUBLIC
-
-
-PrivateKey=SECP384R1_RFC5114-Peer
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBS0Xkf20tw+JwPANRW
-wvcCO2ElJiw2p98fgCMRIczj05vlLgDBlKQTLEpsdovNlNKhZANiAARc1Cq5xBtT
-R/dLjU77cIs9WzbbZZFTWbRKvBdke2uZmXidcqhIZa4vIj8StaGrwSDhcUWP6qk5
-qqOov6xGtAS9j21bNIwPpNgM7KFjVsqTMkC96HI0Fajs4DWw7fNnVd4=
------END PRIVATE KEY-----
-
-PublicKey=SECP384R1_RFC5114-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEXNQqucQbU0f3S41O+3CLPVs222WRU1m0
-SrwXZHtrmZl4nXKoSGWuLyI/ErWhq8Eg4XFFj+qpOaqjqL+sRrQEvY9tWzSMD6TY
-DOyhY1bKkzJAvehyNBWo7OA1sO3zZ1Xe
------END PUBLIC KEY-----
-
-PrivPubKeyPair = SECP384R1_RFC5114-Peer:SECP384R1_RFC5114-Peer-PUBLIC
-
-
-
-
-Derive=SECP384R1_RFC5114
-PeerKey=SECP384R1_RFC5114-Peer-PUBLIC
-SharedSecret=5EA1FC4AF7256D2055981B110575E0A8CAE53160137D904C59D926EB1B8456E427AA8A4540884C37DE159A58028ABC0E
-
-
-Derive=SECP384R1_RFC5114-Peer
-PeerKey=SECP384R1_RFC5114-PUBLIC
-SharedSecret=5EA1FC4AF7256D2055981B110575E0A8CAE53160137D904C59D926EB1B8456E427AA8A4540884C37DE159A58028ABC0E
-
-PrivateKey=SECP521R1_RFC5114
------BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBE/gtqCVzXj2XJ2aD
-srdCd7rSczXqcWZK8kMMxPM0WblmnueLP/ubhoMBXTRNy/72+5r0xsRwviVFFs08
-Gh+0c2KhgYkDgYYABAHrs03XVyGr+K3J2+0XiJy7l2XZCnxg8s7wB7sPKybhSIH9
-RELmidYcst0EbuMOP/0g+aRbvfZBPVg6Lb9Zkk/TXAD2tjLRlMA4jiLYQ35VjFUq
-4ZWt/RU/ktdJCDUbL4xO2pTtsJFtG1PAILXuyu0aX8OKIz5IMFh7su40ibO0KlqG
-pA==
------END PRIVATE KEY-----
-
-PublicKey=SECP521R1_RFC5114-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQB67NN11chq/itydvtF4icu5dl2Qp8
-YPLO8Ae7Dysm4UiB/URC5onWHLLdBG7jDj/9IPmkW732QT1YOi2/WZJP01wA9rYy
-0ZTAOI4i2EN+VYxVKuGVrf0VP5LXSQg1Gy+MTtqU7bCRbRtTwCC17srtGl/DiiM+
-SDBYe7LuNImztCpahqQ=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = SECP521R1_RFC5114:SECP521R1_RFC5114-PUBLIC
-
-
-PrivateKey=SECP521R1_RFC5114-Peer
------BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAzuNIDYZFoX0knyd2
-0ouuYWlS0Xkf20tw98M3hzKqGyKShEi80dwkltQ1sBBIBm6+T3KQPDYbGp3BGT3C
-ydCJG5ahgYkDgYYABAEOv6/G6F4I0kv//MGkUR2w5jS+6xtt7IxZOa5EdmIBr2IA
-QwupfIrGoOnwizPOfp/utbpO5eDYFRDCQpW4oI0CNQCkpuwwDfniV7A3K156v+8J
-NDZxmneIfrsLGM+Ambn0IStuMKFBnBjgKdNoY8ydRI9Nuk0qDmBxG+VykV+9T+8m
-lQ==
------END PRIVATE KEY-----
-
-PublicKey=SECP521R1_RFC5114-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBDr+vxuheCNJL//zBpFEdsOY0vusb
-beyMWTmuRHZiAa9iAEMLqXyKxqDp8Iszzn6f7rW6TuXg2BUQwkKVuKCNAjUApKbs
-MA354lewNyteer/vCTQ2cZp3iH67CxjPgJm59CErbjChQZwY4CnTaGPMnUSPTbpN
-Kg5gcRvlcpFfvU/vJpU=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = SECP521R1_RFC5114-Peer:SECP521R1_RFC5114-Peer-PUBLIC
-
-
-
-
-Derive=SECP521R1_RFC5114
-PeerKey=SECP521R1_RFC5114-Peer-PUBLIC
-SharedSecret=00CDEA89621CFA46B132F9E4CFE2261CDE2D4368EB5656634C7CC98C7A00CDE54ED1866A0DD3E6126C9D2F845DAFF82CEB1DA08F5D87521BB0EBECA77911169C20CC
-
-
-Derive=SECP521R1_RFC5114-Peer
-PeerKey=SECP521R1_RFC5114-PUBLIC
-SharedSecret=00CDEA89621CFA46B132F9E4CFE2261CDE2D4368EB5656634C7CC98C7A00CDE54ED1866A0DD3E6126C9D2F845DAFF82CEB1DA08F5D87521BB0EBECA77911169C20CC
-
-# Keys and shared secrets from RFC 5903
-PrivateKey=PRIME256V1_RFC5903
------BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgyI8B9RDZrD9wopLa
-ojFt5UTpqriv6EBJxiqcV4YtFDOhRANCAATa0LZTlCIc+bBR4f7KV4fQmN/mN/yQ
-ue+UXQw3clgRgFJxoEYc24JS1h8cRW+j5Zqx9FszrM9fWDieBXe4mQuz
------END PRIVATE KEY-----
-
-PublicKey=PRIME256V1_RFC5903-PUBLIC
------BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE2tC2U5QiHPmwUeH+yleH0Jjf5jf8
-kLnvlF0MN3JYEYBScaBGHNuCUtYfHEVvo+WasfRbM6zPX1g4ngV3uJkLsw==
------END PUBLIC KEY-----
-
-PrivPubKeyPair = PRIME256V1_RFC5903:PRIME256V1_RFC5903-PUBLIC
-
-
-PrivateKey=PRIME256V1_RFC5903-Peer
------BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgxu+cXXiuASoBEWSs
-s5fOIIhoXY8Gv5vgsoOrRkdr7lOhRANCAATRLftSicjU+BIItwJwOYw0IpaXCgvM
-t0xzb8dVRJS/Y1b788o2bMI+gVeFTBPFjWqsI/BGraMPg1PnTzMDmHKr
------END PRIVATE KEY-----
-
-PublicKey=PRIME256V1_RFC5903-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE0S37UonI1PgSCLcCcDmMNCKWlwoL
-zLdMc2/HVUSUv2NW+/PKNmzCPoFXhUwTxY1qrCPwRq2jD4NT508zA5hyqw==
------END PUBLIC KEY-----
-
-PrivPubKeyPair = PRIME256V1_RFC5903-Peer:PRIME256V1_RFC5903-Peer-PUBLIC
-
-
-
-
-Derive=PRIME256V1_RFC5903
-PeerKey=PRIME256V1_RFC5903-Peer-PUBLIC
-SharedSecret=D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE
-
-
-Derive=PRIME256V1_RFC5903-Peer
-PeerKey=PRIME256V1_RFC5903-PUBLIC
-SharedSecret=D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE
-
-PrivateKey=SECP384R1_RFC5903
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAJnzxwNNSixpmITXOj
-daZ/diTvfGs8DxYGR7Z0FNzmVeNbU4BB5knuP674lng6sZShZANiAARmeELX0YCs
-LN5vdPN1UfVXVcdkXCDvc+MWNP5ytMVe5t46yAistL20yIcyrulfQaqUgu0fwO65
-yvxJhGJcz8I/ZQMhSeDhRK2gJBgVNaDzjuufz/PCyUfa5ptMY0VzqBw=
------END PRIVATE KEY-----
-
-PublicKey=SECP384R1_RFC5903-PUBLIC
------BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZnhC19GArCzeb3TzdVH1V1XHZFwg73Pj
-FjT+crTFXubeOsgIrLS9tMiHMq7pX0GqlILtH8Duucr8SYRiXM/CP2UDIUng4USt
-oCQYFTWg847rn8/zwslH2uabTGNFc6gc
------END PUBLIC KEY-----
-
-PrivPubKeyPair = SECP384R1_RFC5903:SECP384R1_RFC5903-PUBLIC
-
-
-PrivateKey=SECP384R1_RFC5903-Peer
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBBywd5tL24XUeEZyX7
-7DyUMPq0bMjcUGCFXMm9oKopQuAwgxKRa47Slg5L1Vp0SPyhZANiAATlWNvvU+7N
-49P8z8GuoIqJqYdHXRL9lQ2Dz6QXMrxQnQ0axDoDNt75b9pB0HdKNXHc++x6rPMZ
-ZHIWnoOEMDZ/Zu6+PG5wxBbdXwxodZ3R//g/pAFCIJ3/XqrZbbnmOGw=
------END PRIVATE KEY-----
-
-PublicKey=SECP384R1_RFC5903-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE5Vjb71PuzePT/M/BrqCKiamHR10S/ZUN
-g8+kFzK8UJ0NGsQ6Azbe+W/aQdB3SjVx3PvseqzzGWRyFp6DhDA2f2buvjxucMQW
-3V8MaHWd0f/4P6QBQiCd/16q2W255jhs
------END PUBLIC KEY-----
-
-PrivPubKeyPair = SECP384R1_RFC5903-Peer:SECP384R1_RFC5903-Peer-PUBLIC
-
-
-
-Derive=SECP384R1_RFC5903
-PeerKey=SECP384R1_RFC5903-Peer-PUBLIC
-SharedSecret=11187331C279962D93D604243FD592CB9D0A926F422E47187521287E7156C5C4D603135569B9E9D09CF5D4A270F59746
-
-
-Derive=SECP384R1_RFC5903-Peer
-PeerKey=SECP384R1_RFC5903-PUBLIC
-SharedSecret=11187331C279962D93D604243FD592CB9D0A926F422E47187521287E7156C5C4D603135569B9E9D09CF5D4A270F59746
-
-PrivateKey=SECP521R1_RFC5903
------BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAN63pMZqJ9Nq9s+9B
-GqzMpRI8YayrV7U5Pc5HYIFyoJWqhaMP4cKVLGdx2Te6l3f1lXsmObqwckYvaMJ6
-VzgtSlKhgYkDgYYABAAVQX6E2/KMCtPCeHEzSdx98VPIl6GJG9mLq0NXyey+4eO/
-QuALjjgK6uV8LRB1ZJQYhZQq9af0YBcjxBldF2ztPgF8riC2ZB0u62lXhtjJRhRi
-OdCZ4Y4dWlFMc518tKEK2KeIAVrEBdd5ncdee31bbPImGmp/FQdDi/Ab62yjkm+V
-gg==
------END PRIVATE KEY-----
-
-PublicKey=SECP521R1_RFC5903-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAFUF+hNvyjArTwnhxM0ncffFTyJeh
-iRvZi6tDV8nsvuHjv0LgC444CurlfC0QdWSUGIWUKvWn9GAXI8QZXRds7T4BfK4g
-tmQdLutpV4bYyUYUYjnQmeGOHVpRTHOdfLShCtiniAFaxAXXeZ3HXnt9W2zyJhpq
-fxUHQ4vwG+tso5JvlYI=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = SECP521R1_RFC5903:SECP521R1_RFC5903-PUBLIC
-
-
-PrivateKey=SECP521R1_RFC5903-Peer
------BEGIN PRIVATE KEY-----
-MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBRbqZqEevQ3k/3Q6H
-LnzfoWvjD9x4D5e8zD8Hg4AgHpxnfWALNDdXo72/KjFj5ML4acynRYqkpO/8MR9c
-sVFoXrmhgYkDgYYABADQs5daxLeZ9b6hbV4T6a+XHV6bmEyfOXKLXlc5c1ohm5fD
-VkNq3G6VuwNS9r5kpsKRLU7y0EM87SthcWQAEtlGDwFcaCJjg5VuO9Bm55e2I8J8
-4OrC9VGhDCxyTZhSB3uHIgtlNsXECKHSrruOhtZ4rknLVwkfRzIpZXmrRPzRfw/F
-ag==
------END PRIVATE KEY-----
-
-PublicKey=SECP521R1_RFC5903-Peer-PUBLIC
------BEGIN PUBLIC KEY-----
-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQA0LOXWsS3mfW+oW1eE+mvlx1em5hM
-nzlyi15XOXNaIZuXw1ZDatxulbsDUva+ZKbCkS1O8tBDPO0rYXFkABLZRg8BXGgi
-Y4OVbjvQZueXtiPCfODqwvVRoQwsck2YUgd7hyILZTbFxAih0q67jobWeK5Jy1cJ
-H0cyKWV5q0T80X8PxWo=
------END PUBLIC KEY-----
-
-PrivPubKeyPair = SECP521R1_RFC5903-Peer:SECP521R1_RFC5903-Peer-PUBLIC
-
-
-Derive=SECP521R1_RFC5903
-PeerKey=SECP521R1_RFC5903-Peer-PUBLIC
-SharedSecret=01144C7D79AE6956BC8EDB8E7C787C4521CB086FA64407F97894E5E6B2D79B04D1427E73CA4BAA240A34786859810C06B3C715A3A8CC3151F2BEE417996D19F3DDEA
-
-
-Derive=SECP521R1_RFC5903-Peer
-PeerKey=SECP521R1_RFC5903-PUBLIC
-SharedSecret=01144C7D79AE6956BC8EDB8E7C787C4521CB086FA64407F97894E5E6B2D79B04D1427E73CA4BAA240A34786859810C06B3C715A3A8CC3151F2BEE417996D19F3DDEA
diff --git a/test/recipes/30-test_evp_data/evppkey_ecdh_nist.txt b/test/recipes/30-test_evp_data/evppkey_ecdh_nist.txt
new file mode 100644
index 0000000000..d7dec1d0e7
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evppkey_ecdh_nist.txt
@@ -0,0 +1,1177 @@
+#
+# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+
+# Public key algorithm tests
+
+# Private keys used for PKEY operations.
+
+
+# EC P-256 key
+
+PrivateKey=P-256
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgiocvtiiTxNH/xbnw
++RdYBp+DUuCPoFpJ+NuSbLVyhyWhRANCAAQsFQ9CnOcPIWwlLPXgYs4fY5zV0WXH
++JQkBywnGX14szuSDpXNtmTpkNzwz+oNlOKo5q+dDlgFbmUxBJJbn+bJ
+-----END PRIVATE KEY-----
+
+# EC public key for above
+
+PublicKey=P-256-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAELBUPQpznDyFsJSz14GLOH2Oc1dFl
+x/iUJAcsJxl9eLM7kg6VzbZk6ZDc8M/qDZTiqOavnQ5YBW5lMQSSW5/myQ==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = P-256:P-256-PUBLIC
+
+# Additional EC key for ECDH
+PrivateKey=P-256-Peer
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg/URzu1TDNwUFWZ3i
+dLISAZpEY0vfJ2pLB7f+Xnjyl2OhRANCAAQgBuXhSgeKpz+4piXlYSVLvy0NT+wK
+uZWUI3LqUUCV07wg+RLLMY8yNK9kjqcgZDs/cB+bet64nQq+dNnvtpxG
+-----END PRIVATE KEY-----
+
+PublicKey=P-256-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEIAbl4UoHiqc/uKYl5WElS78tDU/s
+CrmVlCNy6lFAldO8IPkSyzGPMjSvZI6nIGQ7P3Afm3reuJ0KvnTZ77acRg==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = P-256-Peer:P-256-Peer-PUBLIC
+
+Title = ECDH tests
+
+
+Derive=P-256
+PeerKey=P-256-Peer-PUBLIC
+SharedSecret=E3CC07DFBDDE76A1139811DB9FF5FAF9D17EF39944F1E77D1F6A208524BF7B1B
+
+
+Derive=P-256-Peer
+PeerKey=P-256-PUBLIC
+SharedSecret=E3CC07DFBDDE76A1139811DB9FF5FAF9D17EF39944F1E77D1F6A208524BF7B1B
+
+# TEST CURVE secp224r1
+
+PrivateKey=ALICE_secp224r1
+-----BEGIN PRIVATE KEY-----
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBxLKkXFJXYqGUlTsmgjlesi
+kwqejrekrkSTbehyoTwDOgAEUcEh0Ggy/rD+Nj9JQozzI+qzPtiU7b2D2HtdCa4h
+fbVPXngcRH2B2xN8W+dcHoIxrxO2UFXy4xo=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_secp224r1_PUB
+-----BEGIN PUBLIC KEY-----
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEUcEh0Ggy/rD+Nj9JQozzI+qzPtiU7b2D
+2HtdCa4hfbVPXngcRH2B2xN8W+dcHoIxrxO2UFXy4xo=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_secp224r1:ALICE_secp224r1_PUB
+
+
+PrivateKey=BOB_secp224r1
+-----BEGIN PRIVATE KEY-----
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBzOHGGUR3fZYg3GSaUN6pxo
+NQtAlOzM3UclEhMzoTwDOgAEdwFklK/YoDRU6bM7X2ulNLwqx9TUETMFUM6VV9DB
+4YcvAzv6pQgVwYEU7IahmSKpX19chbPt2I0=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_secp224r1_PUB
+-----BEGIN PUBLIC KEY-----
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEdwFklK/YoDRU6bM7X2ulNLwqx9TUETMF
+UM6VV9DB4YcvAzv6pQgVwYEU7IahmSKpX19chbPt2I0=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_secp224r1:BOB_secp224r1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_secp224r1
+PeerKey=BOB_secp224r1_PUB
+SharedSecret=34ea06d16d82f0d1725de47f3639ac0c23db7d7ed68f01488539a2a5
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_secp224r1
+PeerKey=ALICE_secp224r1_PUB
+SharedSecret=34ea06d16d82f0d1725de47f3639ac0c23db7d7ed68f01488539a2a5
+
+# TEST CURVE secp384r1
+
+PrivateKey=ALICE_secp384r1
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCxE7Q4m1dsK7M3Otxo
+cgY/ejX9JOKKdAtSnRiU4bnK3eFmALkMN7XIveQnWLB1PEKhZANiAAQaUsvUFr/u
+ISpAmYqYZIme4VassCtb0tNGU97s3qt4ozcogZ4z+fIzXZ4YXqfGoEa57+uQDgqr
++jNOTji7Gxopt6AqZ9EvwuVaCuunUi0pcx6cc8IuUfrwMwSFovV/7sM=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_secp384r1_PUB
+-----BEGIN PUBLIC KEY-----
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEGlLL1Ba/7iEqQJmKmGSJnuFWrLArW9LT
+RlPe7N6reKM3KIGeM/nyM12eGF6nxqBGue/rkA4Kq/ozTk44uxsaKbegKmfRL8Ll
+Wgrrp1ItKXMenHPCLlH68DMEhaL1f+7D
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_secp384r1:ALICE_secp384r1_PUB
+
+
+PrivateKey=BOB_secp384r1
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBRiGXRsb5sUq0b3/dg
+Z+pA9kbrSivBMCUCXVwxno1d/30hI/Yy0Z5PWwbBgwTFprWhZANiAASp1FeUOBJF
+mzQCNbGiOz8He0kF+KIf24UGYVO5MC7u5rV9hpoYsbcgmwxALskPN18os2ygK1Pn
+f/h+WALIsG2RknSTbiyvBYkoIhJV9cflvEDpMeaWSLF7qJ5YjEIf9PM=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_secp384r1_PUB
+-----BEGIN PUBLIC KEY-----
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEqdRXlDgSRZs0AjWxojs/B3tJBfiiH9uF
+BmFTuTAu7ua1fYaaGLG3IJsMQC7JDzdfKLNsoCtT53/4flgCyLBtkZJ0k24srwWJ
+KCISVfXH5bxA6THmlkixe6ieWIxCH/Tz
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_secp384r1:BOB_secp384r1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_secp384r1
+PeerKey=BOB_secp384r1_PUB
+SharedSecret=2006ed49acbb991b8fbf8a15c3f263542496eaefe1e2952591b72fb929463eac7a403a5419cebbfb73734918eaed59fd
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_secp384r1
+PeerKey=ALICE_secp384r1_PUB
+SharedSecret=2006ed49acbb991b8fbf8a15c3f263542496eaefe1e2952591b72fb929463eac7a403a5419cebbfb73734918eaed59fd
+
+# TEST CURVE secp521r1
+
+PrivateKey=ALICE_secp521r1
+-----BEGIN PRIVATE KEY-----
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAFBIz3FLAuX8VCWzM
+wu1f/tm8pf1QqnsdLqaIWCQAJa2W5ldpJTYfkj1gGxM44AD3qHnkXISvNLwwuxI1
+hr2+pOGhgYkDgYYABACWlOOFYk/p3AS2LxEQWBuMm6uIjo3XArjh1QrsLcUc5hhi
+82CIz6kKwKjCnYRDHq4iv1x63rVEzGGhQOM1g+cRVwHSpfbBpaxK7bMLkVFOOavv
+OdcdyRHaHsvxw2pREmdS/GwtfgT8odQrG06KMIwVeL+H08fGJSbPX0Zock0DOPCp
+aw==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_secp521r1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAlpTjhWJP6dwEti8REFgbjJuriI6N
+1wK44dUK7C3FHOYYYvNgiM+pCsCowp2EQx6uIr9cet61RMxhoUDjNYPnEVcB0qX2
+waWsSu2zC5FRTjmr7znXHckR2h7L8cNqURJnUvxsLX4E/KHUKxtOijCMFXi/h9PH
+xiUmz19GaHJNAzjwqWs=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_secp521r1:ALICE_secp521r1_PUB
+
+
+PrivateKey=BOB_secp521r1
+-----BEGIN PRIVATE KEY-----
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIA9C/sMWveRlHPr9P5
+cc3U+1L2/zB0VtHewKSQRWZ67SmS4+m7uXTqUVSLRHiQEgQid0cg77gSxXPlmV+z
+y0f3zd+hgYkDgYYABAE18N3SwDGtea3IOqUdh3j0JtnMeP41i/agEBlxK8/iEBXc
+Q61mkIrQIKcabRhoylEugXHiyNnqNQOD4DUa0bTKzAHtJ4UqqbEVno6byRmcUQwb
+mvG89eS8GLEmk5X/O2atHU4yIGTuTRQWn/BTJUCS+OgJz4FZdadscc5Z640EZqSD
+iw==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_secp521r1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBNfDd0sAxrXmtyDqlHYd49CbZzHj+
+NYv2oBAZcSvP4hAV3EOtZpCK0CCnGm0YaMpRLoFx4sjZ6jUDg+A1GtG0yswB7SeF
+KqmxFZ6Om8kZnFEMG5rxvPXkvBixJpOV/ztmrR1OMiBk7k0UFp/wUyVAkvjoCc+B
+WXWnbHHOWeuNBGakg4s=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_secp521r1:BOB_secp521r1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_secp521r1
+PeerKey=BOB_secp521r1_PUB
+SharedSecret=018c8f33e544a0fa8854dcd96bdba75b7687d1c42b2ff1bf0a06d49c424fee96d8a7f3af3119dcbfabc1c147477c50f7c72971956f9bb17ddec6d02b2187f06cf4be
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_secp521r1
+PeerKey=ALICE_secp521r1_PUB
+SharedSecret=018c8f33e544a0fa8854dcd96bdba75b7687d1c42b2ff1bf0a06d49c424fee96d8a7f3af3119dcbfabc1c147477c50f7c72971956f9bb17ddec6d02b2187f06cf4be
+
+# TEST CURVE prime192v1
+
+PrivateKey=ALICE_prime192v1
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjxfXvSFNqD2UzFVN1L
+bQrPlzop7dxQq/ehNAMyAATibpGuYzCjkT1tWLYEogpKz74WqhvbQtZPkCYQCin1
+cmZuNW+BZ0jyVEpGlpnZPMg=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_prime192v1_PUB
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE4m6RrmMwo5E9bVi2BKIKSs++Fqob
+20LWT5AmEAop9XJmbjVvgWdI8lRKRpaZ2TzI
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_prime192v1:ALICE_prime192v1_PUB
+
+
+PrivateKey=BOB_prime192v1
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhewaqXNZlYyqnmuEEE
+Y/oUXe3/jpzhmyGhNAMyAASkpwNJEP/1FuuWKCDDUm26iyqrs+zKwayZnaF77YC6
+qCtgia7yNcSl9tlWHh3gQgw=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_prime192v1_PUB
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEpKcDSRD/9Rbrliggw1Jtuosqq7Ps
+ysGsmZ2he+2AuqgrYImu8jXEpfbZVh4d4EIM
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_prime192v1:BOB_prime192v1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_prime192v1
+PeerKey=BOB_prime192v1_PUB
+SharedSecret=be2a779b587f8f5d7c9d8f006e0a6d0e996c9c63c255f861
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_prime192v1
+PeerKey=ALICE_prime192v1_PUB
+SharedSecret=be2a779b587f8f5d7c9d8f006e0a6d0e996c9c63c255f861
+
+# TEST CURVE prime256v1
+
+PrivateKey=ALICE_prime256v1
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQglUPDk8gQ8lMj38V7
+0jPBZDfQUx5pNOVSKOMTqlh04POhRANCAARq87w+K0q9b1mzJGh309kjNvYTS02m
+YkHKxAewiZwmt/5w+5uywz/+0130SdAWbXtECjaHUK94YEHzp0G/PCl5
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_prime256v1_PUB
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEavO8PitKvW9ZsyRod9PZIzb2E0tN
+pmJBysQHsImcJrf+cPubssM//tNd9EnQFm17RAo2h1CveGBB86dBvzwpeQ==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_prime256v1:ALICE_prime256v1_PUB
+
+
+PrivateKey=BOB_prime256v1
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgNsLfn/sRZfm9ZcM7
+xURiUHT7+w8Jgk9SbwTVDjpLYYmhRANCAASRmyKNgUbADGxkIOAVh9T7IXv2ZDT6
+I5YMW6wOs27VMOAD0AiNLrv7sW1TdqxkUtF17/GFpLvFOuZcbdX4p3i/
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_prime256v1_PUB
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEkZsijYFGwAxsZCDgFYfU+yF79mQ0
++iOWDFusDrNu1TDgA9AIjS67+7FtU3asZFLRde/xhaS7xTrmXG3V+Kd4vw==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_prime256v1:BOB_prime256v1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_prime256v1
+PeerKey=BOB_prime256v1_PUB
+SharedSecret=390021fbca00d959c1adaf7e9cedef0e65a582489eab9adbe739ef66bf82adb4
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_prime256v1
+PeerKey=ALICE_prime256v1_PUB
+SharedSecret=390021fbca00d959c1adaf7e9cedef0e65a582489eab9adbe739ef66bf82adb4
+
+# TEST CURVE sect163k1
+
+PrivateKey=ALICE_sect163k1
+-----BEGIN PRIVATE KEY-----
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBxkeGOXE86PAijpk8trN/
+f3kl4UmhLgMsAAQD1hrDCJ2MSFKZ6Q11cTllX/l5HY0Hg5XZCxMFC84AaczwPtNJ
+YNCxfCk=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect163k1_PUB
+-----BEGIN PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA9YawwidjEhSmekNdXE5ZV/5eR2NB4OV
+2QsTBQvOAGnM8D7TSWDQsXwp
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect163k1:ALICE_sect163k1_PUB
+
+
+PrivateKey=BOB_sect163k1
+-----BEGIN PRIVATE KEY-----
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUCUJ5kItSfXidHXsgokcS7
+nzPFbOShLgMsAAQGrYNJ1qgdb3A9ISOmTujfS+WYFKwBXXrJEluAkeNh3jXnDq8X
++XBB0k8=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect163k1_PUB
+-----BEGIN PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBq2DSdaoHW9wPSEjpk7o30vlmBSsAV16
+yRJbgJHjYd415w6vF/lwQdJP
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect163k1:BOB_sect163k1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect163k1
+PeerKey=BOB_sect163k1_PUB
+SharedSecret=07bfdf00759b383aa7741ae4634400f8ddf2047092
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect163k1
+PeerKey=ALICE_sect163k1_PUB
+SharedSecret=07bfdf00759b383aa7741ae4634400f8ddf2047092
+
+# TEST CURVE sect163r2
+
+PrivateKey=ALICE_sect163r2
+-----BEGIN PRIVATE KEY-----
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDjH2G7BkPTBM4VtljaQr8
+sXVLNOqhLgMsAAQHHqWxJWR2KrHCPp/PSjZIdK88ET0A323/UOTxhYHwsLpR7rp3
+ahq1lQ8=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect163r2_PUB
+-----BEGIN PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBx6lsSVkdiqxwj6fz0o2SHSvPBE9AN9t
+/1Dk8YWB8LC6Ue66d2oatZUP
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect163r2:ALICE_sect163r2_PUB
+
+
+PrivateKey=BOB_sect163r2
+-----BEGIN PRIVATE KEY-----
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBXOM9Tm6sKXUlRLlW0HgC
+NTDxW2ihLgMsAAQGxa8xRcC+TIcDgGtehDVEV1PoBokBwtILj16NPYC0aBZI8/nF
+F4jhgmc=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect163r2_PUB
+-----BEGIN PUBLIC KEY-----
+MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBsWvMUXAvkyHA4BrXoQ1RFdT6AaJAcLS
+C49ejT2AtGgWSPP5xReI4YJn
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect163r2:BOB_sect163r2_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect163r2
+PeerKey=BOB_sect163r2_PUB
+SharedSecret=040df54e6df412790ef5c0fafbbfcba5136b872951
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect163r2
+PeerKey=ALICE_sect163r2_PUB
+SharedSecret=040df54e6df412790ef5c0fafbbfcba5136b872951
+
+# TEST CURVE sect233k1
+
+PrivateKey=ALICE_sect233k1
+-----BEGIN PRIVATE KEY-----
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1aR7qaKm1vmZWK2bGsJ1rX
+mH6BpTkW4t1L4zSf/KFAAz4ABADcDiv+bTvPVViqYLNz06VO5wodry+sGi6fnJIr
+QQCTfZ9d5whiIsbY5Thlcm7I0A/cIGoShA/6LumOVA==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect233k1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEANwOK/5tO89VWKpgs3PTpU7nCh2vL6wa
+Lp+ckitBAJN9n13nCGIixtjlOGVybsjQD9wgahKED/ou6Y5U
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect233k1:ALICE_sect233k1_PUB
+
+
+PrivateKey=BOB_sect233k1
+-----BEGIN PRIVATE KEY-----
+MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0oa5BrzYxm6mn51Xyphn6X
+OUjKc9oMDHCowAyHTaFAAz4ABAGKiFuFJVQeymHYRVnt2LNF2MSaTMcL9JGSPn2z
+OwBis5MS4kgEFakWQl7KpGiy3vS89wmpblvHLJ/+IQ==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect233k1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAYqIW4UlVB7KYdhFWe3Ys0XYxJpMxwv0
+kZI+fbM7AGKzkxLiSAQVqRZCXsqkaLLe9Lz3CaluW8csn/4h
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect233k1:BOB_sect233k1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect233k1
+PeerKey=BOB_sect233k1_PUB
+SharedSecret=00a5e5f2e992f4360d530dd365d14f5c6013212e14f4ea258c91c71f1512
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect233k1
+PeerKey=ALICE_sect233k1_PUB
+SharedSecret=00a5e5f2e992f4360d530dd365d14f5c6013212e14f4ea258c91c71f1512
+
+# TEST CURVE sect233r1
+
+PrivateKey=ALICE_sect233r1
+-----BEGIN PRIVATE KEY-----
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AEN6fePR2gizyXzU6kIgU
+Gijp5+IQAXoNBfKnVeChQAM+AAQB0kEwu2fwQWo1v1j7XQ8uJT3iMwRC8w+cxgxx
+GQ4B/FyjrhIUpEDWaMqfV23McZ6WdbIUe3MZ7K5pG38=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect233r1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAdJBMLtn8EFqNb9Y+10PLiU94jMEQvMP
+nMYMcRkOAfxco64SFKRA1mjKn1dtzHGelnWyFHtzGeyuaRt/
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect233r1:ALICE_sect233r1_PUB
+
+
+PrivateKey=BOB_sect233r1
+-----BEGIN PRIVATE KEY-----
+MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AXHWOeS6fG0XCH3FnHDuS
+IcELUeDG+AYNNeLVZd6hQAM+AAQAYRRYH017uxcaMPF3GOsL4bvodW1yZLEtL3pm
+CkcAfqJI/4niCr8uHKh0gBa2JBjBWMV1u8Mpf60uvok=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect233r1_PUB
+-----BEGIN PUBLIC KEY-----
+MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAGEUWB9Ne7sXGjDxdxjrC+G76HVtcmSx
+LS96ZgpHAH6iSP+J4gq/LhyodIAWtiQYwVjFdbvDKX+tLr6J
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect233r1:BOB_sect233r1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect233r1
+PeerKey=BOB_sect233r1_PUB
+SharedSecret=01625f3fcd367ee7cd74c67cca02dccfce6c3b19ef07e358ed943d17a8e2
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect233r1
+PeerKey=ALICE_sect233r1_PUB
+SharedSecret=01625f3fcd367ee7cd74c67cca02dccfce6c3b19ef07e358ed943d17a8e2
+
+# TEST CURVE sect283k1
+
+PrivateKey=ALICE_sect283k1
+-----BEGIN PRIVATE KEY-----
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAGhnsmZ2UDKV3QKmq3k+
+33LQ6n5aCYvKXcMgiZlBS/RrVgIRoUwDSgAEBSgpOw5TMTc4O8HHhw5atJl5mrnW
+uC6oWVYRYpD1IMvPNTRsAYo4SYRmPIfgzVv/ESVcHVaD1lPNo+eq0HN1qhvRX+4r
+mGO7
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect283k1_PUB
+-----BEGIN PUBLIC KEY-----
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBSgpOw5TMTc4O8HHhw5atJl5mrnWuC6o
+WVYRYpD1IMvPNTRsAYo4SYRmPIfgzVv/ESVcHVaD1lPNo+eq0HN1qhvRX+4rmGO7
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect283k1:ALICE_sect283k1_PUB
+
+
+PrivateKey=BOB_sect283k1
+-----BEGIN PRIVATE KEY-----
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAAJXIwfWjYbiM5jEcNw8
+8/1kbEnhVjWGivO7zDPts7AuKSMkoUwDSgAEA5Ause5pdH6ks7PdyPeoPbYAkz6V
+D5v8KTV1b97PiYmZNDeoBY78FQyHRSvdSo+oRew2RacpaCAntRoiWHyN1nAdDSzj
+CN/m
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect283k1_PUB
+-----BEGIN PUBLIC KEY-----
+MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA5Ause5pdH6ks7PdyPeoPbYAkz6VD5v8
+KTV1b97PiYmZNDeoBY78FQyHRSvdSo+oRew2RacpaCAntRoiWHyN1nAdDSzjCN/m
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect283k1:BOB_sect283k1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect283k1
+PeerKey=BOB_sect283k1_PUB
+SharedSecret=02f2e682c2f60d7261624f3661a5e85fca920443b72aa4dd5a540082e65e552302d8f825
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect283k1
+PeerKey=ALICE_sect283k1_PUB
+SharedSecret=02f2e682c2f60d7261624f3661a5e85fca920443b72aa4dd5a540082e65e552302d8f825
+
+# TEST CURVE sect283r1
+
+PrivateKey=ALICE_sect283r1
+-----BEGIN PRIVATE KEY-----
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAi4Jrhu19kt7H8jw1FO7
+VzCxh6p0pI0ogl3q9ev5NFkufZkZoUwDSgAEAHx6cwnWw+9l3oZHpx+R8nu7SLqU
+S40TU2uL0W6VTNANIvcJB1b++3okH0FJgFAahbaotafYTyfqCoY11VaxnVqU5/aE
+7jsD
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect283r1_PUB
+-----BEGIN PUBLIC KEY-----
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAHx6cwnWw+9l3oZHpx+R8nu7SLqUS40T
+U2uL0W6VTNANIvcJB1b++3okH0FJgFAahbaotafYTyfqCoY11VaxnVqU5/aE7jsD
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect283r1:ALICE_sect283r1_PUB
+
+
+PrivateKey=BOB_sect283r1
+-----BEGIN PRIVATE KEY-----
+MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkACD04gJaVfVxK/Dpbxjq
+rzZWc6B76a23MK/IQD1jMlGPQzzxoUwDSgAEA13mIYMvik12DBp8JkdETMB1ewOw
+22C/xhnzLEHmgrG0ewxeANVAoIZy2uv5t0VUJIp4PYdLNaqIguN+9v6U78O4lass
+Iq5I
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect283r1_PUB
+-----BEGIN PUBLIC KEY-----
+MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEA13mIYMvik12DBp8JkdETMB1ewOw22C/
+xhnzLEHmgrG0ewxeANVAoIZy2uv5t0VUJIp4PYdLNaqIguN+9v6U78O4lassIq5I
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect283r1:BOB_sect283r1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect283r1
+PeerKey=BOB_sect283r1_PUB
+SharedSecret=05778bc1afcf38d7dddb2150cacbfe4d38dc588968fd8b2e859c28ae2629d3435f89f6cc
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect283r1
+PeerKey=ALICE_sect283r1_PUB
+SharedSecret=05778bc1afcf38d7dddb2150cacbfe4d38dc588968fd8b2e859c28ae2629d3435f89f6cc
+
+# TEST CURVE sect409k1
+
+PrivateKey=ALICE_sect409k1
+-----BEGIN PRIVATE KEY-----
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMg1vV7wiPe1ovX+ukz
+VfwPZoqvyj/vdif04Opi9PcjV5mPBEZgSFBg8hbutNxZJdVLrxShbANqAAQACe1I
+J5ilSk1pPLvbcjEZIE6abC9LZ9WmHuNJxM9LAW1OuLvJGi72AsGYUOGpX0WGmK6C
+AYaqZb2Qeedq/yUIljDHYi66J+26owYl7lOMpRzZ9U2QDJrZ7TYuxeMUui6re0B+
+JuZdYw==
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect409k1_PUB
+-----BEGIN PUBLIC KEY-----
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAAntSCeYpUpNaTy723IxGSBOmmwvS2fV
+ph7jScTPSwFtTri7yRou9gLBmFDhqV9FhpiuggGGqmW9kHnnav8lCJYwx2Iuuift
+uqMGJe5TjKUc2fVNkAya2e02LsXjFLouq3tAfibmXWM=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect409k1:ALICE_sect409k1_PUB
+
+
+PrivateKey=BOB_sect409k1
+-----BEGIN PRIVATE KEY-----
+MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMIYBGZZcZz4qCdhAV9
+vqpfe8vV+vJEhjawR52JUV1rumWEBPAx0o6E+gaxHBr5hzVGkIKhbANqAAQAAQKK
+s60CTUUkltsT+lIBukjz850pkGGLltJ4eaZn4k9AtN/lFTCq6Vgqe2sDrjA3b45q
+AdWjf1vRaP0wawJ13SjApJmyXg5hQks6d0Zqz2OHYhGEGiM159VtTlStK067dVe1
+fGVDeg==
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect409k1_PUB
+-----BEGIN PUBLIC KEY-----
+MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAAECirOtAk1FJJbbE/pSAbpI8/OdKZBh
+i5bSeHmmZ+JPQLTf5RUwqulYKntrA64wN2+OagHVo39b0Wj9MGsCdd0owKSZsl4O
+YUJLOndGas9jh2IRhBojNefVbU5UrStOu3VXtXxlQ3o=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect409k1:BOB_sect409k1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect409k1
+PeerKey=BOB_sect409k1_PUB
+SharedSecret=01523ec40ad40226a57281a4c423801ae9495dcf736eddd667023b1390977d018ce79313fb99c503f39cbee80f5c1968f3bd02e0
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect409k1
+PeerKey=ALICE_sect409k1_PUB
+SharedSecret=01523ec40ad40226a57281a4c423801ae9495dcf736eddd667023b1390977d018ce79313fb99c503f39cbee80f5c1968f3bd02e0
+
+# TEST CURVE sect409r1
+
+PrivateKey=ALICE_sect409r1
+-----BEGIN PRIVATE KEY-----
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAYTMsTpey51D2ULnd
+pN+AAWnJLy9pTerziakhjii8OyWKpUVfpDFNneCCd2oQTDcPX5vdoWwDagAEAYfk
+3ZejxpVYCG7dYHTVhhcqILEyTYoQa4YehGPxKcbmgpqW4Wev1tEDVI3JIowICYGU
+owHXXzgDXoJeR79wgb7ySAlXJXgQ8Ficr7i0CaqyAuIpFw9FWJT3jheFwnbpDTvI
+eIozlf4=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect409r1_PUB
+-----BEGIN PUBLIC KEY-----
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAYfk3ZejxpVYCG7dYHTVhhcqILEyTYoQ
+a4YehGPxKcbmgpqW4Wev1tEDVI3JIowICYGUowHXXzgDXoJeR79wgb7ySAlXJXgQ
+8Ficr7i0CaqyAuIpFw9FWJT3jheFwnbpDTvIeIozlf4=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect409r1:ALICE_sect409r1_PUB
+
+
+PrivateKey=BOB_sect409r1
+-----BEGIN PRIVATE KEY-----
+MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAsCs1nRgwW97TdKIH
+PRcsqmK1e8TIZ00e6rqLb3nD4sIe+Gw/fGhSUER9akQ7lAluEUnfoWwDagAEAfM2
+fvBEic+7jV4oC+v8GfsunD9Zp9rzNgMp3dJ+ZU7r6Bp+ZH3dL9Uvv8kUiB89UlDl
+LwBm/W6TlzGuh1FnzXYKVnhnXpzSlRZQsPCceKukbV46Asl8O23b2+DPJgQBGbMf
+WsgK+KA=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect409r1_PUB
+-----BEGIN PUBLIC KEY-----
+MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAfM2fvBEic+7jV4oC+v8GfsunD9Zp9rz
+NgMp3dJ+ZU7r6Bp+ZH3dL9Uvv8kUiB89UlDlLwBm/W6TlzGuh1FnzXYKVnhnXpzS
+lRZQsPCceKukbV46Asl8O23b2+DPJgQBGbMfWsgK+KA=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect409r1:BOB_sect409r1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect409r1
+PeerKey=BOB_sect409r1_PUB
+SharedSecret=019dc849870dc6f79978aca8e1fc6aa6836c8fcb25bbfe3d5ab41ea53eae2c7329952280efb30f9097a31a774191e476dbd842d5
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect409r1
+PeerKey=ALICE_sect409r1_PUB
+SharedSecret=019dc849870dc6f79978aca8e1fc6aa6836c8fcb25bbfe3d5ab41ea53eae2c7329952280efb30f9097a31a774191e476dbd842d5
+
+# TEST CURVE sect571k1
+
+PrivateKey=ALICE_sect571k1
+-----BEGIN PRIVATE KEY-----
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIARO8hI8j6TZ556/d
+RcdGYvdblnALD2XZCKu2c3C5yQIeA8Tidi+f8n6cCnb5FtJNTYKqP8tRfHlwAZtW
+/giXi/4yF5K2twS3oYGVA4GSAAQAtiuUbz7v6njhujnDhanD4iV84K0LQd9wP1+k
+v0Bn833nKtFrZComgrip2SwUaEYOE6IcPyCJ48vWOKvIR6fU11tWwsFRPU0Cct0S
+qVbANAJzwL1umwuKNPblJ6ZEwcBdgw7hWFL6sh+0ayAQ3a8zOizhViJPCnaKR/Oo
+AtaUpCWLSTHDF1gK4/kmlwEx+8o=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect571k1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQAtiuUbz7v6njhujnDhanD4iV84K0L
+Qd9wP1+kv0Bn833nKtFrZComgrip2SwUaEYOE6IcPyCJ48vWOKvIR6fU11tWwsFR
+PU0Cct0SqVbANAJzwL1umwuKNPblJ6ZEwcBdgw7hWFL6sh+0ayAQ3a8zOizhViJP
+CnaKR/OoAtaUpCWLSTHDF1gK4/kmlwEx+8o=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect571k1:ALICE_sect571k1_PUB
+
+
+PrivateKey=BOB_sect571k1
+-----BEGIN PRIVATE KEY-----
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAVZT4tnX9dMWS6Vd
+YCoYRl9o/j/Hz7KGqF4Ujk9n9b4+mXbJ37tobpjnpNqKlJfI04w80JPp+NxpoBR3
+8p1bcc9iL4Smh48YoYGVA4GSAAQARzAx9yVkHL8pbe1myosILIhhLLURYRDHmopO
+IijLQmTATV9pYO7CrFBPBjaKNRjPpw/cVOs89X9Jdzx/bolkGqVAsjLN1tsCrqET
+31F4mpnfsPwcM6zbp6lE4N2gL5cakKMmyPNM4d3m8xl1f6e56LBYfaxOaqcYzbXC
+Q/Aiij13H06qKhuFM4iiB/0D164=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect571k1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQARzAx9yVkHL8pbe1myosILIhhLLUR
+YRDHmopOIijLQmTATV9pYO7CrFBPBjaKNRjPpw/cVOs89X9Jdzx/bolkGqVAsjLN
+1tsCrqET31F4mpnfsPwcM6zbp6lE4N2gL5cakKMmyPNM4d3m8xl1f6e56LBYfaxO
+aqcYzbXCQ/Aiij13H06qKhuFM4iiB/0D164=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect571k1:BOB_sect571k1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect571k1
+PeerKey=BOB_sect571k1_PUB
+SharedSecret=05a423515fcc91b3171c83edd5c4085ff729a8ff0a3fa1578ebf769523ded0f5c1e387cf63109f2fbd95e117345b788b4577fdc6b6e727230bfc73eae0d4e851cb6f6e616eddb13e
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect571k1
+PeerKey=ALICE_sect571k1_PUB
+SharedSecret=05a423515fcc91b3171c83edd5c4085ff729a8ff0a3fa1578ebf769523ded0f5c1e387cf63109f2fbd95e117345b788b4577fdc6b6e727230bfc73eae0d4e851cb6f6e616eddb13e
+
+# TEST CURVE sect571r1
+
+PrivateKey=ALICE_sect571r1
+-----BEGIN PRIVATE KEY-----
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIArsi//Zp9veeURYV
+zGYHn4MlNIxNt6U6vtmTPS/NaoiaavxbOimpHgxYPCjpoPYhM33Z2VBh7pl2aoRW
+3GBepLFLoF8oiQaLoYGVA4GSAAQDRG2b7KCUKbGDTWVgW0qqNC3oYcz4f/AwTHmo
+US1mzdRZj/Sf6IU+7mITGnQ6lg1EkTas/X6TK1hNMV7tAjSeowdN75wzd8YF32SF
+HMIcWew5g56oF961qv3IvICZnRAOmWyGHeHdYwHxMBSBPNgua42QGoJz6J6dYAUe
+vE+F3N29p/tRBGNzMFIqoDdW+NA=
+-----END PRIVATE KEY-----
+
+PublicKey=ALICE_sect571r1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDRG2b7KCUKbGDTWVgW0qqNC3oYcz4
+f/AwTHmoUS1mzdRZj/Sf6IU+7mITGnQ6lg1EkTas/X6TK1hNMV7tAjSeowdN75wz
+d8YF32SFHMIcWew5g56oF961qv3IvICZnRAOmWyGHeHdYwHxMBSBPNgua42QGoJz
+6J6dYAUevE+F3N29p/tRBGNzMFIqoDdW+NA=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = ALICE_sect571r1:ALICE_sect571r1_PUB
+
+
+PrivateKey=BOB_sect571r1
+-----BEGIN PRIVATE KEY-----
+MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAYj65N5XJTQusn+h
+Z9xj/dgZ4qR1GDC1Ij7jYuow+TvGrG2wz/WT76/lLNtlCLfDW2kODDUmDAJeK/e+
+VMO7suJTXGnrGFHioYGVA4GSAAQGxykYFxqz7jZxcBbiPLYfJEhXlf2SYmMKve74
+trOT+qjIm35+uUAcg2krOzH7X/8wH6bVSn/UKG/k27wZrAnWzZ5XKd8QI70H8aHv
+LgrCoMoqOno+h6J4TgvlDq7FIGZ8fvDaM7YJ8dHPX5FC8Vyphu82TcNdnNATBqom
+6WDWc7RTFZ4sijL5ywVhovwJ1gA=
+-----END PRIVATE KEY-----
+
+PublicKey=BOB_sect571r1_PUB
+-----BEGIN PUBLIC KEY-----
+MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGxykYFxqz7jZxcBbiPLYfJEhXlf2S
+YmMKve74trOT+qjIm35+uUAcg2krOzH7X/8wH6bVSn/UKG/k27wZrAnWzZ5XKd8Q
+I70H8aHvLgrCoMoqOno+h6J4TgvlDq7FIGZ8fvDaM7YJ8dHPX5FC8Vyphu82TcNd
+nNATBqom6WDWc7RTFZ4sijL5ywVhovwJ1gA=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = BOB_sect571r1:BOB_sect571r1_PUB
+
+
+# ECDH Alice with Bob peer
+
+Derive=ALICE_sect571r1
+PeerKey=BOB_sect571r1_PUB
+SharedSecret=004b397e564055e2c7d87648183c948655ccb0ebb20bd441f9b11635cf461cb5815ff060eab33091b9f7aed67bec8ba1bb7b22437ece3c92c7cf76124408fb951595dfb4a512b2ae
+
+# ECDH Bob with Alice peer
+
+Derive=BOB_sect571r1
+PeerKey=ALICE_sect571r1_PUB
+SharedSecret=004b397e564055e2c7d87648183c948655ccb0ebb20bd441f9b11635cf461cb5815ff060eab33091b9f7aed67bec8ba1bb7b22437ece3c92c7cf76124408fb951595dfb4a512b2ae
+
+
+Title = ECDH KATs (from RFC 5114, 5903, 7027)
+
+# Keys and shared secrets from RFC 5114
+PrivateKey=PRIME192V1_RFC5114
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBgyP6MWnY6cZZP1lHa8
+FCAAq1vg4knENCahNAMyAATNRkiez9bBBeez0yVm4rEi4kmrqt2HBhJoiHtId99R
+3U3D1v0R8KJvj9OEQxeRbpo=
+-----END PRIVATE KEY-----
+
+PublicKey=PRIME192V1_RFC5114-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEzUZIns/WwQXns9MlZuKxIuJJq6rd
+hwYSaIh7SHffUd1Nw9b9EfCib4/ThEMXkW6a
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = PRIME192V1_RFC5114:PRIME192V1_RFC5114-PUBLIC
+
+
+PrivateKey=PRIME192V1_RFC5114-Peer
+-----BEGIN PRIVATE KEY-----
+MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhjH5W7SmdjLJxHbu6a
+tpWrJAoEmTB/z2KhNAMyAARRmhIWgOAEVGa6Id8u7kf1lztQBXfvE9X/YTq01kzu
+OiCHW9sQ+VP2swygcsYKpX8=
+-----END PRIVATE KEY-----
+
+PublicKey=PRIME192V1_RFC5114-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEUZoSFoDgBFRmuiHfLu5H9Zc7UAV3
+7xPV/2E6tNZM7jogh1vbEPlT9rMMoHLGCqV/
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = PRIME192V1_RFC5114-Peer:PRIME192V1_RFC5114-Peer-PUBLIC
+
+
+
+Derive=PRIME192V1_RFC5114
+PeerKey=PRIME192V1_RFC5114-Peer-PUBLIC
+SharedSecret=AD420182633F8526BFE954ACDA376F05E5FF4F837F54FEBE
+
+Derive=PRIME192V1_RFC5114-Peer
+PeerKey=PRIME192V1_RFC5114-PUBLIC
+SharedSecret=AD420182633F8526BFE954ACDA376F05E5FF4F837F54FEBE
+
+PrivateKey=SECP224R1_RFC5114
+-----BEGIN PRIVATE KEY-----
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBy1WOtsKI2nB7u0+PuuKrnp
+y2LjvFx1c+IuJtN/oTwDOgAESd/vMJ+BSIwwTP9as+5aIVQ2fceDMVDgpR8+608r
+XuRXYsT2VMGgxn9Uz4iwFrUbzj18Io1XrbQ=
+-----END PRIVATE KEY-----
+
+PublicKey=SECP224R1_RFC5114-PUBLIC
+-----BEGIN PUBLIC KEY-----
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAESd/vMJ+BSIwwTP9as+5aIVQ2fceDMVDg
+pR8+608rXuRXYsT2VMGgxn9Uz4iwFrUbzj18Io1XrbQ=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = SECP224R1_RFC5114:SECP224R1_RFC5114-PUBLIC
+
+
+PrivateKey=SECP224R1_RFC5114-Peer
+-----BEGIN PRIVATE KEY-----
+MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBysOxrdPZdw5vanCO6fO44K
+s7SA6fJ/hciLXm0YoTwDOgAEazrJao0M3mpVmb6AMu3xDBYtCorSGVBtzUKiB9SR
+vpnCE6fRyjcG3r/jBfNhr8uzPiYJyLFhitU=
+-----END PRIVATE KEY-----
+
+PublicKey=SECP224R1_RFC5114-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEazrJao0M3mpVmb6AMu3xDBYtCorSGVBt
+zUKiB9SRvpnCE6fRyjcG3r/jBfNhr8uzPiYJyLFhitU=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = SECP224R1_RFC5114-Peer:SECP224R1_RFC5114-Peer-PUBLIC
+
+
+
+
+Derive=SECP224R1_RFC5114
+PeerKey=SECP224R1_RFC5114-Peer-PUBLIC
+SharedSecret=52272F50F46F4EDC9151569092F46DF2D96ECC3B6DC1714A4EA949FA
+
+
+Derive=SECP224R1_RFC5114-Peer
+PeerKey=SECP224R1_RFC5114-PUBLIC
+SharedSecret=52272F50F46F4EDC9151569092F46DF2D96ECC3B6DC1714A4EA949FA
+
+PrivateKey=PRIME256V1_RFC5114
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQggUJkFF8vVvLpao4z
+ehKEmT+vQypavOWehntykdUHo6+hRANCAAQq9QLzvolS8sm1qNQWDQnpcWW+ULxC
+rkpejTtLqDrrFesPr0yphsTThoGg+YctedVnlb1L/25t48D1AV7OXv2F
+-----END PRIVATE KEY-----
+
+PublicKey=PRIME256V1_RFC5114-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEKvUC876JUvLJtajUFg0J6XFlvlC8
+Qq5KXo07S6g66xXrD69MqYbE04aBoPmHLXnVZ5W9S/9ubePA9QFezl79hQ==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = PRIME256V1_RFC5114:PRIME256V1_RFC5114-PUBLIC
+
+
+PrivateKey=PRIME256V1_RFC5114-Peer
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgLOF4jsGX4JbblaIA
+zAqyahnOa8ytViuO7htZN2HPf0GhRANCAASxIN5Ko2SSeVNG6N5sLIZGrgaq6ief
+p3WzqwcV9s5RsJ8bfuziDXte2OxoX6Pwcdg3JwJwkqhBE4XDTd5XCLK2
+-----END PRIVATE KEY-----
+
+PublicKey=PRIME256V1_RFC5114-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEsSDeSqNkknlTRujebCyGRq4Gquon
+n6d1s6sHFfbOUbCfG37s4g17XtjsaF+j8HHYNycCcJKoQROFw03eVwiytg==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = PRIME256V1_RFC5114-Peer:PRIME256V1_RFC5114-Peer-PUBLIC
+
+
+
+
+Derive=PRIME256V1_RFC5114
+PeerKey=PRIME256V1_RFC5114-Peer-PUBLIC
+SharedSecret=DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788
+
+
+Derive=PRIME256V1_RFC5114-Peer
+PeerKey=PRIME256V1_RFC5114-PUBLIC
+SharedSecret=DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788
+
+PrivateKey=SECP384R1_RFC5114
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDSczXqcWZK8kTdFOn9
+EmBxXf2KeWVXHEjXCe56eWKhVtcGqQy8td8phvBf6tuTdvGhZANiAAR5MUjxeHY0
+1dpMbZB0QX0F4FerYvggVNEO5rBAPWJ5VH5qjqnR/XdCfQFv4nqLjGbGxBKUMx0j
+5vSA9PtM1AUEyUc5LpT0w/BrjzmLsp5CNo96aFkj3jtnus7SFKGh0Sg=
+-----END PRIVATE KEY-----
+
+PublicKey=SECP384R1_RFC5114-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEeTFI8Xh2NNXaTG2QdEF9BeBXq2L4IFTR
+DuawQD1ieVR+ao6p0f13Qn0Bb+J6i4xmxsQSlDMdI+b0gPT7TNQFBMlHOS6U9MPw
+a485i7KeQjaPemhZI947Z7rO0hShodEo
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = SECP384R1_RFC5114:SECP384R1_RFC5114-PUBLIC
+
+
+PrivateKey=SECP384R1_RFC5114-Peer
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBS0Xkf20tw+JwPANRW
+wvcCO2ElJiw2p98fgCMRIczj05vlLgDBlKQTLEpsdovNlNKhZANiAARc1Cq5xBtT
+R/dLjU77cIs9WzbbZZFTWbRKvBdke2uZmXidcqhIZa4vIj8StaGrwSDhcUWP6qk5
+qqOov6xGtAS9j21bNIwPpNgM7KFjVsqTMkC96HI0Fajs4DWw7fNnVd4=
+-----END PRIVATE KEY-----
+
+PublicKey=SECP384R1_RFC5114-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEXNQqucQbU0f3S41O+3CLPVs222WRU1m0
+SrwXZHtrmZl4nXKoSGWuLyI/ErWhq8Eg4XFFj+qpOaqjqL+sRrQEvY9tWzSMD6TY
+DOyhY1bKkzJAvehyNBWo7OA1sO3zZ1Xe
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = SECP384R1_RFC5114-Peer:SECP384R1_RFC5114-Peer-PUBLIC
+
+
+
+
+Derive=SECP384R1_RFC5114
+PeerKey=SECP384R1_RFC5114-Peer-PUBLIC
+SharedSecret=5EA1FC4AF7256D2055981B110575E0A8CAE53160137D904C59D926EB1B8456E427AA8A4540884C37DE159A58028ABC0E
+
+
+Derive=SECP384R1_RFC5114-Peer
+PeerKey=SECP384R1_RFC5114-PUBLIC
+SharedSecret=5EA1FC4AF7256D2055981B110575E0A8CAE53160137D904C59D926EB1B8456E427AA8A4540884C37DE159A58028ABC0E
+
+PrivateKey=SECP521R1_RFC5114
+-----BEGIN PRIVATE KEY-----
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBE/gtqCVzXj2XJ2aD
+srdCd7rSczXqcWZK8kMMxPM0WblmnueLP/ubhoMBXTRNy/72+5r0xsRwviVFFs08
+Gh+0c2KhgYkDgYYABAHrs03XVyGr+K3J2+0XiJy7l2XZCnxg8s7wB7sPKybhSIH9
+RELmidYcst0EbuMOP/0g+aRbvfZBPVg6Lb9Zkk/TXAD2tjLRlMA4jiLYQ35VjFUq
+4ZWt/RU/ktdJCDUbL4xO2pTtsJFtG1PAILXuyu0aX8OKIz5IMFh7su40ibO0KlqG
+pA==
+-----END PRIVATE KEY-----
+
+PublicKey=SECP521R1_RFC5114-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQB67NN11chq/itydvtF4icu5dl2Qp8
+YPLO8Ae7Dysm4UiB/URC5onWHLLdBG7jDj/9IPmkW732QT1YOi2/WZJP01wA9rYy
+0ZTAOI4i2EN+VYxVKuGVrf0VP5LXSQg1Gy+MTtqU7bCRbRtTwCC17srtGl/DiiM+
+SDBYe7LuNImztCpahqQ=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = SECP521R1_RFC5114:SECP521R1_RFC5114-PUBLIC
+
+
+PrivateKey=SECP521R1_RFC5114-Peer
+-----BEGIN PRIVATE KEY-----
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAzuNIDYZFoX0knyd2
+0ouuYWlS0Xkf20tw98M3hzKqGyKShEi80dwkltQ1sBBIBm6+T3KQPDYbGp3BGT3C
+ydCJG5ahgYkDgYYABAEOv6/G6F4I0kv//MGkUR2w5jS+6xtt7IxZOa5EdmIBr2IA
+QwupfIrGoOnwizPOfp/utbpO5eDYFRDCQpW4oI0CNQCkpuwwDfniV7A3K156v+8J
+NDZxmneIfrsLGM+Ambn0IStuMKFBnBjgKdNoY8ydRI9Nuk0qDmBxG+VykV+9T+8m
+lQ==
+-----END PRIVATE KEY-----
+
+PublicKey=SECP521R1_RFC5114-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBDr+vxuheCNJL//zBpFEdsOY0vusb
+beyMWTmuRHZiAa9iAEMLqXyKxqDp8Iszzn6f7rW6TuXg2BUQwkKVuKCNAjUApKbs
+MA354lewNyteer/vCTQ2cZp3iH67CxjPgJm59CErbjChQZwY4CnTaGPMnUSPTbpN
+Kg5gcRvlcpFfvU/vJpU=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = SECP521R1_RFC5114-Peer:SECP521R1_RFC5114-Peer-PUBLIC
+
+
+
+
+Derive=SECP521R1_RFC5114
+PeerKey=SECP521R1_RFC5114-Peer-PUBLIC
+SharedSecret=00CDEA89621CFA46B132F9E4CFE2261CDE2D4368EB5656634C7CC98C7A00CDE54ED1866A0DD3E6126C9D2F845DAFF82CEB1DA08F5D87521BB0EBECA77911169C20CC
+
+
+Derive=SECP521R1_RFC5114-Peer
+PeerKey=SECP521R1_RFC5114-PUBLIC
+SharedSecret=00CDEA89621CFA46B132F9E4CFE2261CDE2D4368EB5656634C7CC98C7A00CDE54ED1866A0DD3E6126C9D2F845DAFF82CEB1DA08F5D87521BB0EBECA77911169C20CC
+
+# Keys and shared secrets from RFC 5903
+PrivateKey=PRIME256V1_RFC5903
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgyI8B9RDZrD9wopLa
+ojFt5UTpqriv6EBJxiqcV4YtFDOhRANCAATa0LZTlCIc+bBR4f7KV4fQmN/mN/yQ
+ue+UXQw3clgRgFJxoEYc24JS1h8cRW+j5Zqx9FszrM9fWDieBXe4mQuz
+-----END PRIVATE KEY-----
+
+PublicKey=PRIME256V1_RFC5903-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE2tC2U5QiHPmwUeH+yleH0Jjf5jf8
+kLnvlF0MN3JYEYBScaBGHNuCUtYfHEVvo+WasfRbM6zPX1g4ngV3uJkLsw==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = PRIME256V1_RFC5903:PRIME256V1_RFC5903-PUBLIC
+
+
+PrivateKey=PRIME256V1_RFC5903-Peer
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgxu+cXXiuASoBEWSs
+s5fOIIhoXY8Gv5vgsoOrRkdr7lOhRANCAATRLftSicjU+BIItwJwOYw0IpaXCgvM
+t0xzb8dVRJS/Y1b788o2bMI+gVeFTBPFjWqsI/BGraMPg1PnTzMDmHKr
+-----END PRIVATE KEY-----
+
+PublicKey=PRIME256V1_RFC5903-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE0S37UonI1PgSCLcCcDmMNCKWlwoL
+zLdMc2/HVUSUv2NW+/PKNmzCPoFXhUwTxY1qrCPwRq2jD4NT508zA5hyqw==
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = PRIME256V1_RFC5903-Peer:PRIME256V1_RFC5903-Peer-PUBLIC
+
+
+
+
+Derive=PRIME256V1_RFC5903
+PeerKey=PRIME256V1_RFC5903-Peer-PUBLIC
+SharedSecret=D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE
+
+
+Derive=PRIME256V1_RFC5903-Peer
+PeerKey=PRIME256V1_RFC5903-PUBLIC
+SharedSecret=D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE
+
+PrivateKey=SECP384R1_RFC5903
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAJnzxwNNSixpmITXOj
+daZ/diTvfGs8DxYGR7Z0FNzmVeNbU4BB5knuP674lng6sZShZANiAARmeELX0YCs
+LN5vdPN1UfVXVcdkXCDvc+MWNP5ytMVe5t46yAistL20yIcyrulfQaqUgu0fwO65
+yvxJhGJcz8I/ZQMhSeDhRK2gJBgVNaDzjuufz/PCyUfa5ptMY0VzqBw=
+-----END PRIVATE KEY-----
+
+PublicKey=SECP384R1_RFC5903-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZnhC19GArCzeb3TzdVH1V1XHZFwg73Pj
+FjT+crTFXubeOsgIrLS9tMiHMq7pX0GqlILtH8Duucr8SYRiXM/CP2UDIUng4USt
+oCQYFTWg847rn8/zwslH2uabTGNFc6gc
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = SECP384R1_RFC5903:SECP384R1_RFC5903-PUBLIC
+
+
+PrivateKey=SECP384R1_RFC5903-Peer
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBBywd5tL24XUeEZyX7
+7DyUMPq0bMjcUGCFXMm9oKopQuAwgxKRa47Slg5L1Vp0SPyhZANiAATlWNvvU+7N
+49P8z8GuoIqJqYdHXRL9lQ2Dz6QXMrxQnQ0axDoDNt75b9pB0HdKNXHc++x6rPMZ
+ZHIWnoOEMDZ/Zu6+PG5wxBbdXwxodZ3R//g/pAFCIJ3/XqrZbbnmOGw=
+-----END PRIVATE KEY-----
+
+PublicKey=SECP384R1_RFC5903-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE5Vjb71PuzePT/M/BrqCKiamHR10S/ZUN
+g8+kFzK8UJ0NGsQ6Azbe+W/aQdB3SjVx3PvseqzzGWRyFp6DhDA2f2buvjxucMQW
+3V8MaHWd0f/4P6QBQiCd/16q2W255jhs
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = SECP384R1_RFC5903-Peer:SECP384R1_RFC5903-Peer-PUBLIC
+
+
+
+Derive=SECP384R1_RFC5903
+PeerKey=SECP384R1_RFC5903-Peer-PUBLIC
+SharedSecret=11187331C279962D93D604243FD592CB9D0A926F422E47187521287E7156C5C4D603135569B9E9D09CF5D4A270F59746
+
+
+Derive=SECP384R1_RFC5903-Peer
+PeerKey=SECP384R1_RFC5903-PUBLIC
+SharedSecret=11187331C279962D93D604243FD592CB9D0A926F422E47187521287E7156C5C4D603135569B9E9D09CF5D4A270F59746
+
+PrivateKey=SECP521R1_RFC5903
+-----BEGIN PRIVATE KEY-----
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAN63pMZqJ9Nq9s+9B
+GqzMpRI8YayrV7U5Pc5HYIFyoJWqhaMP4cKVLGdx2Te6l3f1lXsmObqwckYvaMJ6
+VzgtSlKhgYkDgYYABAAVQX6E2/KMCtPCeHEzSdx98VPIl6GJG9mLq0NXyey+4eO/
+QuALjjgK6uV8LRB1ZJQYhZQq9af0YBcjxBldF2ztPgF8riC2ZB0u62lXhtjJRhRi
+OdCZ4Y4dWlFMc518tKEK2KeIAVrEBdd5ncdee31bbPImGmp/FQdDi/Ab62yjkm+V
+gg==
+-----END PRIVATE KEY-----
+
+PublicKey=SECP521R1_RFC5903-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAFUF+hNvyjArTwnhxM0ncffFTyJeh
+iRvZi6tDV8nsvuHjv0LgC444CurlfC0QdWSUGIWUKvWn9GAXI8QZXRds7T4BfK4g
+tmQdLutpV4bYyUYUYjnQmeGOHVpRTHOdfLShCtiniAFaxAXXeZ3HXnt9W2zyJhpq
+fxUHQ4vwG+tso5JvlYI=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = SECP521R1_RFC5903:SECP521R1_RFC5903-PUBLIC
+
+
+PrivateKey=SECP521R1_RFC5903-Peer
+-----BEGIN PRIVATE KEY-----
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBRbqZqEevQ3k/3Q6H
+LnzfoWvjD9x4D5e8zD8Hg4AgHpxnfWALNDdXo72/KjFj5ML4acynRYqkpO/8MR9c
+sVFoXrmhgYkDgYYABADQs5daxLeZ9b6hbV4T6a+XHV6bmEyfOXKLXlc5c1ohm5fD
+VkNq3G6VuwNS9r5kpsKRLU7y0EM87SthcWQAEtlGDwFcaCJjg5VuO9Bm55e2I8J8
+4OrC9VGhDCxyTZhSB3uHIgtlNsXECKHSrruOhtZ4rknLVwkfRzIpZXmrRPzRfw/F
+ag==
+-----END PRIVATE KEY-----
+
+PublicKey=SECP521R1_RFC5903-Peer-PUBLIC
+-----BEGIN PUBLIC KEY-----
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQA0LOXWsS3mfW+oW1eE+mvlx1em5hM
+nzlyi15XOXNaIZuXw1ZDatxulbsDUva+ZKbCkS1O8tBDPO0rYXFkABLZRg8BXGgi
+Y4OVbjvQZueXtiPCfODqwvVRoQwsck2YUgd7hyILZTbFxAih0q67jobWeK5Jy1cJ
+H0cyKWV5q0T80X8PxWo=
+-----END PUBLIC KEY-----
+
+PrivPubKeyPair = SECP521R1_RFC5903-Peer:SECP521R1_RFC5903-Peer-PUBLIC
+
+
+Derive=SECP521R1_RFC5903
+PeerKey=SECP521R1_RFC5903-Peer-PUBLIC
+SharedSecret=01144C7D79AE6956BC8EDB8E7C787C4521CB086FA64407F97894E5E6B2D79B04D1427E73CA4BAA240A34786859810C06B3C715A3A8CC3151F2BEE417996D19F3DDEA
+
+
+Derive=SECP521R1_RFC5903-Peer
+PeerKey=SECP521R1_RFC5903-PUBLIC
+SharedSecret=01144C7D79AE6956BC8EDB8E7C787C4521CB086FA64407F97894E5E6B2D79B04D1427E73CA4BAA240A34786859810C06B3C715A3A8CC3151F2BEE417996D19F3DDEA

From levitte at openssl.org  Thu Aug 20 05:51:17 2020
From: levitte at openssl.org (Richard Levitte)
Date: Thu, 20 Aug 2020 05:51:17 +0000
Subject: [openssl]  master update
Message-ID: <1597902677.291564.23283.nullmailer@dev.openssl.org>

The branch master has been updated
       via  26a8f2ac95ad4f652b1719aab356ad9c042c6fad (commit)
      from  e6ed04a9dcc2ead94e35c4a7400b9c998b5ad9ac (commit)


- Log -----------------------------------------------------------------
commit 26a8f2ac95ad4f652b1719aab356ad9c042c6fad
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Aug 18 23:00:24 2020 +0200

    RSA: Fix rsa_todata() to only add params for existing data
    
    The RSA key could be a public key, and yet, rsa_todata() always tries
    to add the private parts as well.  The resulting parameters will look
    a bit odd, such as a zero |d|, resulting in an invalid key.
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12676)

-----------------------------------------------------------------------

Summary of changes:
 crypto/rsa/rsa_backend.c | 24 ++++++++++++++----------
 1 file changed, 14 insertions(+), 10 deletions(-)

diff --git a/crypto/rsa/rsa_backend.c b/crypto/rsa/rsa_backend.c
index 985a21127a..871aa17a22 100644
--- a/crypto/rsa/rsa_backend.c
+++ b/crypto/rsa/rsa_backend.c
@@ -120,6 +120,10 @@ int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[])
     RSA_get0_key(rsa, &rsa_n, &rsa_e, &rsa_d);
     rsa_get0_all_params(rsa, factors, exps, coeffs);
 
+    if (!ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_RSA_N, rsa_n)
+        || !ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_RSA_E, rsa_e))
+        goto err;
+
     /* Check private key data integrity */
     if (rsa_d != NULL) {
         int numprimes = sk_BIGNUM_const_num(factors);
@@ -134,18 +138,18 @@ int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[])
         if (numprimes != 0
             && (numprimes < 2 || numexps < 2 || numcoeffs < 1))
             goto err;
-    }
 
-    if (!ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_RSA_N, rsa_n)
-        || !ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_RSA_E, rsa_e)
-        || !ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_RSA_D, rsa_d)
-        || !ossl_param_build_set_multi_key_bn(bld, params, rsa_mp_factor_names,
-                                              factors)
-        || !ossl_param_build_set_multi_key_bn(bld, params, rsa_mp_exp_names,
-                                              exps)
-        || !ossl_param_build_set_multi_key_bn(bld, params, rsa_mp_coeff_names,
-                                              coeffs))
+        if (!ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_RSA_D,
+                                     rsa_d)
+            || !ossl_param_build_set_multi_key_bn(bld, params,
+                                                  rsa_mp_factor_names, factors)
+            || !ossl_param_build_set_multi_key_bn(bld, params,
+                                                  rsa_mp_exp_names, exps)
+            || !ossl_param_build_set_multi_key_bn(bld, params,
+                                                  rsa_mp_coeff_names, coeffs))
         goto err;
+    }
+
 #if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
     /* The acvp test results are not meant for export so check for bld == NULL */
     if (bld == NULL)

From levitte at openssl.org  Thu Aug 20 05:52:42 2020
From: levitte at openssl.org (Richard Levitte)
Date: Thu, 20 Aug 2020 05:52:42 +0000
Subject: [openssl]  master update
Message-ID: <1597902762.688257.24327.nullmailer@dev.openssl.org>

The branch master has been updated
       via  16486f6332410d0d9e8f2606abb970d32b0572d3 (commit)
      from  26a8f2ac95ad4f652b1719aab356ad9c042c6fad (commit)


- Log -----------------------------------------------------------------
commit 16486f6332410d0d9e8f2606abb970d32b0572d3
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Aug 18 23:13:29 2020 +0200

    PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider
    
    In the FIPS provider, calling EC_GROUP_cmp() with NULL for the BN_CTX
    argument is forbidden.  Since that's what ec_match() does, it simply
    cannot work in the FIPS provider.  Therefore, we allocate a BN_CTX
    with the library context asssociated with one of the input keys
    (doesn't matter which) and use that.
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12677)

-----------------------------------------------------------------------

Summary of changes:
 providers/implementations/keymgmt/ec_kmgmt.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c
index 34b2737fdf..7fa23b1a6c 100644
--- a/providers/implementations/keymgmt/ec_kmgmt.c
+++ b/providers/implementations/keymgmt/ec_kmgmt.c
@@ -285,11 +285,12 @@ static int ec_match(const void *keydata1, const void *keydata2, int selection)
     const EC_KEY *ec2 = keydata2;
     const EC_GROUP *group_a = EC_KEY_get0_group(ec1);
     const EC_GROUP *group_b = EC_KEY_get0_group(ec2);
+    BN_CTX *ctx = BN_CTX_new_ex(ec_key_get_libctx(ec1));
     int ok = 1;
 
     if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0)
         ok = ok && group_a != NULL && group_b != NULL
-            && EC_GROUP_cmp(group_a, group_b, NULL) == 0;
+            && EC_GROUP_cmp(group_a, group_b, ctx) == 0;
     if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
         const BIGNUM *pa = EC_KEY_get0_private_key(ec1);
         const BIGNUM *pb = EC_KEY_get0_private_key(ec2);
@@ -300,8 +301,9 @@ static int ec_match(const void *keydata1, const void *keydata2, int selection)
         const EC_POINT *pa = EC_KEY_get0_public_key(ec1);
         const EC_POINT *pb = EC_KEY_get0_public_key(ec2);
 
-        ok = ok && EC_POINT_cmp(group_b, pa, pb, NULL) == 0;
+        ok = ok && EC_POINT_cmp(group_b, pa, pb, ctx) == 0;
     }
+    BN_CTX_free(ctx);
     return ok;
 }
 

From pauli at openssl.org  Thu Aug 20 06:08:27 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Thu, 20 Aug 2020 06:08:27 +0000
Subject: [openssl]  master update
Message-ID: <1597903707.060858.29032.nullmailer@dev.openssl.org>

The branch master has been updated
       via  3b1fd0b003572554ad9bb3914527c160bc6a7727 (commit)
       via  ffcdb24b13590190e92c7f88e2ad3e0a721408f2 (commit)
      from  16486f6332410d0d9e8f2606abb970d32b0572d3 (commit)


- Log -----------------------------------------------------------------
commit 3b1fd0b003572554ad9bb3914527c160bc6a7727
Author: Pauli <paul.dale at oracle.com>
Date:   Wed Aug 19 13:57:00 2020 +1000

    cmp: handle error return from OBJ_obj2txt()
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12678)

commit ffcdb24b13590190e92c7f88e2ad3e0a721408f2
Author: Pauli <paul.dale at oracle.com>
Date:   Wed Aug 19 13:40:22 2020 +1000

    pkeyutil: check return value reading password
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12678)

-----------------------------------------------------------------------

Summary of changes:
 apps/cmp.c     | 11 ++++++++---
 apps/pkeyutl.c | 13 +++++++++++--
 2 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/apps/cmp.c b/apps/cmp.c
index f0b3148714..b2afbf64e8 100644
--- a/apps/cmp.c
+++ b/apps/cmp.c
@@ -2241,7 +2241,7 @@ static void print_itavs(STACK_OF(OSSL_CMP_ITAV) *itavs)
 {
     OSSL_CMP_ITAV *itav = NULL;
     char buf[128];
-    int i;
+    int i, r;
     int n = sk_OSSL_CMP_ITAV_num(itavs); /* itavs == NULL leads to 0 */
 
     if (n == 0) {
@@ -2251,8 +2251,13 @@ static void print_itavs(STACK_OF(OSSL_CMP_ITAV) *itavs)
 
     for (i = 0; i < n; i++) {
         itav = sk_OSSL_CMP_ITAV_value(itavs, i);
-        OBJ_obj2txt(buf, 128, OSSL_CMP_ITAV_get0_type(itav), 0);
-        CMP_info1("genp contains ITAV of type: %s", buf);
+        r = OBJ_obj2txt(buf, 128, OSSL_CMP_ITAV_get0_type(itav), 0);
+        if (r < 0)
+            CMP_err("could not get ITAV details");
+        else if (r == 0)
+            CMP_info("genp contains empty ITAV");
+        else
+            CMP_info1("genp contains ITAV of type: %s", buf);
     }
 }
 
diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index 4de2a56590..9bfef87311 100644
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -331,9 +331,18 @@ int pkeyutl_main(int argc, char **argv)
             if (passin == NULL) {
                 /* Get password interactively */
                 char passwd_buf[4096];
+                int r;
+
                 BIO_snprintf(passwd_buf, sizeof(passwd_buf), "Enter %s: ", opt);
-                EVP_read_pw_string(passwd_buf, sizeof(passwd_buf) - 1,
-                                   passwd_buf, 0);
+                r = EVP_read_pw_string(passwd_buf, sizeof(passwd_buf) - 1,
+                                       passwd_buf, 0);
+                if (r < 0) {
+                    if (r == -2)
+                        BIO_puts(bio_err, "user abort\n");
+                    else
+                        BIO_puts(bio_err, "entry failed\n");
+                    goto end;
+                }
                 passwd = OPENSSL_strdup(passwd_buf);
                 if (passwd == NULL) {
                     BIO_puts(bio_err, "out of memory\n");

From openssl at openssl.org  Thu Aug 20 07:17:16 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 20 Aug 2020 07:17:16 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-des
Message-ID: <1597907836.175229.24686.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-des

Commit log since last time:

c7dfb2abe5 PKCS12_parse(): Clean up code and correct documentation
fc0aae737e PKCS12_parse(): Fix reversed order of certs parsed and output via *ca
9a30f40c57 OSSL_STORE file_load_try_decode(): Avoid flooding error queue by failed tries
7fe32ef688 Fix no-cms build errors.
c51a8af8cc OCSP: Add return value checks.
c9dcbc0759 Apps: change provider_path option to provider-path.
38145fba0a Fix DSA/DH so that legacy keys can still be generated by the default provider
6c4e2e52d8 Fix broken windows builds.
bfa6aaab45 Test that EVP_default_properties_is_fips_enabled() works early
e6c54619d1 Load the default config file before working with default properties

Build log ended with (last 100 lines):

    not ok 79 - ir + ignored revocation
# ------------------------------------------------------------------------------
Unable to load private key for CMP client certificate
C07075F21D7F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:
C07075F21D7F0000:error::PKCS12 routines:PKCS12_pbe_crypt:pkcs12 algor cipherinit error:../openssl/crypto/pkcs12/p12_decr.c:37:
C07075F21D7F0000:error::PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe crypt error:../openssl/crypto/pkcs12/p12_decr.c:90:
C07075F21D7F0000:error::PKCS12 routines:PKCS12_parse:parse error:../openssl/crypto/pkcs12/p12_kiss.c:87:
OPENSSL_FUNC:../openssl/apps/cmp.c:2993:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2835:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -proxy option is empty string, resetting option
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 1
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
Could not open file or uri test.cert.pem for loading CMP client certificate (and optionally extra certs)
C020D3C0957F0000:error::system library:file_open_with_libctx:No such file or directory:../openssl/crypto/store/loader_file.c:935:calling stat(test.cert.pem)
Unable to load CMP client certificate (and optionally extra certs)
OPENSSL_FUNC:../openssl/apps/cmp.c:2993:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2835:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2073:CMP warning: -subject '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=leaf' given, which overrides the subject of 'test.cert.pem' in KUR
# OPENSSL_FUNC:../openssl/apps/cmp.c:778:CMP warning: can load only one certificate in DER format from test.cert.pem
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 1
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
Could not open file or uri test.cert.pem for loading CMP client certificate (and optionally extra certs)
C0303B20537F0000:error::system library:file_open_with_libctx:No such file or directory:../openssl/crypto/store/loader_file.c:935:calling stat(test.cert.pem)
Unable to load CMP client certificate (and optionally extra certs)
OPENSSL_FUNC:../openssl/apps/cmp.c:2993:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2835:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -subject option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -secret option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:778:CMP warning: can load only one certificate in DER format from test.cert.pem
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 1
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
    # Looks like you failed 31 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-des/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
30-test_evp.t                    (Wstat: 768 Tests: 84 Failed: 3)
  Failed tests:  12, 36, 69
  Non-zero exit status: 3
30-test_evp_kdf.t                (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=209, Tests=3211, 889 wallclock secs (13.14 usr  1.43 sys + 828.96 cusr 61.21 csys = 904.74 CPU)
Result: FAIL
Makefile:3120: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-des'
Makefile:3118: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Thu Aug 20 07:41:14 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 20 Aug 2020 07:41:14 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dgram
Message-ID: <1597909274.560174.9631.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dgram

Commit log since last time:

c7dfb2abe5 PKCS12_parse(): Clean up code and correct documentation
fc0aae737e PKCS12_parse(): Fix reversed order of certs parsed and output via *ca
9a30f40c57 OSSL_STORE file_load_try_decode(): Avoid flooding error queue by failed tries
7fe32ef688 Fix no-cms build errors.
c51a8af8cc OCSP: Add return value checks.
c9dcbc0759 Apps: change provider_path option to provider-path.
38145fba0a Fix DSA/DH so that legacy keys can still be generated by the default provider
6c4e2e52d8 Fix broken windows builds.
bfa6aaab45 Test that EVP_default_properties_is_fips_enabled() works early
e6c54619d1 Load the default config file before working with default properties

Build log ended with (last 100 lines):


# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build
80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok

            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 7 - iteration 7
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 8 - iteration 8
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 10 - iteration 10
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 11 - iteration 11
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 12 - iteration 12
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips.cnf => 1
    not ok 9 - running ssl_test 04-client_auth.cnf
# ------------------------------------------------------------------------------
    #   Failed test 'running ssl_test 04-client_auth.cnf'
    #   at ../openssl/test/recipes/80-test_ssl_new.t line 173.
    # Looks like you failed 1 test of 9.
not ok 5 - Test configuration 04-client_auth.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  5
  Non-zero exit status: 1
Files=209, Tests=3310, 856 wallclock secs (12.83 usr  1.21 sys + 790.34 cusr 64.87 csys = 869.25 CPU)
Result: FAIL
Makefile:3176: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dgram'
Makefile:3174: recipe for target 'tests' failed
make: *** [tests] Error 2

From builds at travis-ci.com  Thu Aug 20 07:45:30 2020
From: builds at travis-ci.com (Travis CI)
Date: Thu, 20 Aug 2020 07:45:30 +0000
Subject: Still Failing: openssl/openssl#36828 (master - a24b510)
In-Reply-To: <openssl/openssl+180608899+still failing@travis-ci.com>
Message-ID: <5f3e2a1ac7ef_13fe5bc010dec3436c8@travis-pro-tasks-645c9ccbdf-q96lx.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36828
Status: Still Failing

Duration: 57 mins and 19 secs
Commit: a24b510 (master)
Author: Richard Levitte
Message: EVP: Have evp_pkey_cmp_any() detect if export wasn't possible

There are some EC keys that can't be exported to provider keymgmt,
because the keymgmt implementation doesn't support certain forms of EC
keys.  This could lead to a crash caused by dereferencing a NULL
pointer, so we need to cover that case by returning an error instead.

Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12610)

View the changeset: https://github.com/openssl/openssl/compare/c7dfb2abe565...a24b510c2800

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180608899?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200820/9af69249/attachment.html>

From builds at travis-ci.com  Thu Aug 20 09:05:24 2020
From: builds at travis-ci.com (Travis CI)
Date: Thu, 20 Aug 2020 09:05:24 +0000
Subject: Still Failing: openssl/openssl#36829 (master - e6ed04a)
In-Reply-To: <openssl/openssl+180609014+still failing@travis-ci.com>
Message-ID: <5f3e3cd3cb97a_13fdf39de3d40135898@travis-pro-tasks-7f5dbbc668-cmgt5.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36829
Status: Still Failing

Duration: 55 mins and 26 secs
Commit: e6ed04a (master)
Author: Richard Levitte
Message: TEST: separate out NIST ECC tests from non-NIST

ECC keys with non-NIST group names aren't supported when running with
the FIPS provider.

Keys with such groups that are included in evp_test stanza files
aren't even possible to decode if provider side decoders are used,
since those depend on available EVP_KEYMGMT implementations and what
they support.

Those keys could only be decoded because the legacy decoders were
used.

To make these tests future proof, we separate out the stanzas having
keys with NIST approved group names into separate files, and adjust
the file lists in test/recipes/30-test_evp.t aaccordingly.

Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12672)

View the changeset: https://github.com/openssl/openssl/compare/a24b510c2800...e6ed04a9dcc2

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180609014?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200820/d39d65e8/attachment-0001.html>

From no-reply at appveyor.com  Thu Aug 20 09:51:14 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 20 Aug 2020 09:51:14 +0000
Subject: Build failed: openssl master.36280
Message-ID: <20200820095114.1.C5246E759CB88B67@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200820/a7780864/attachment.html>

From levitte at openssl.org  Thu Aug 20 10:32:43 2020
From: levitte at openssl.org (Richard Levitte)
Date: Thu, 20 Aug 2020 10:32:43 +0000
Subject: [openssl]  master update
Message-ID: <1597919563.129155.24044.nullmailer@dev.openssl.org>

The branch master has been updated
       via  22b814443eea4ef4ea86d5d5677601d6645606d9 (commit)
      from  3b1fd0b003572554ad9bb3914527c160bc6a7727 (commit)


- Log -----------------------------------------------------------------
commit 22b814443eea4ef4ea86d5d5677601d6645606d9
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Aug 18 20:39:45 2020 +0200

    X509: Add d2i_PUBKEY_ex(), which take a libctx and propq
    
    Just like d2i_PrivateKey() / d2i_PrivateKey_ex(), there's a need to
    associate an EVP_PKEY extracted from a PUBKEY to a library context and
    a property query string.  Without it, a provider-native EVP_PKEY can
    only fetch necessary internal algorithms from the default library
    context, even though an application specific context should be used.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12671)

-----------------------------------------------------------------------

Summary of changes:
 crypto/ec/ec_ameth.c                               |  8 +++-
 crypto/x509/x_pubkey.c                             | 55 ++++++++++++++++++----
 doc/man3/X509_PUBKEY_new.pod                       | 16 +++++--
 include/crypto/x509.h                              |  3 ++
 include/openssl/x509.h                             |  2 +
 .../serializers/deserialize_der2key.c              |  4 +-
 util/libcrypto.num                                 |  1 +
 7 files changed, 73 insertions(+), 16 deletions(-)

diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c
index f8251a6de2..6cd0bf6279 100644
--- a/crypto/ec/ec_ameth.c
+++ b/crypto/ec/ec_ameth.c
@@ -22,6 +22,7 @@
 #include <openssl/asn1t.h>
 #include "crypto/asn1.h"
 #include "crypto/evp.h"
+#include "crypto/x509.h"
 #include <openssl/core_names.h>
 #include "openssl/param_build.h"
 #include "ec_local.h"
@@ -161,12 +162,15 @@ static int eckey_pub_decode(EVP_PKEY *pkey, const X509_PUBKEY *pubkey)
     int ptype, pklen;
     EC_KEY *eckey = NULL;
     X509_ALGOR *palg;
+    OPENSSL_CTX *libctx = NULL;
+    const char *propq = NULL;
 
-    if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
+    if (!X509_PUBKEY_get0_libctx(&libctx, &propq, pubkey)
+        || !X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
         return 0;
     X509_ALGOR_get0(NULL, &ptype, &pval, palg);
 
-    eckey = eckey_type2param(ptype, pval, NULL, NULL);
+    eckey = eckey_type2param(ptype, pval, libctx, propq);
 
     if (!eckey) {
         ECerr(EC_F_ECKEY_PUB_DECODE, ERR_R_EC_LIB);
diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c
index c73ea7a4ed..59f4a14895 100644
--- a/crypto/x509/x_pubkey.c
+++ b/crypto/x509/x_pubkey.c
@@ -28,6 +28,10 @@ struct X509_pubkey_st {
     X509_ALGOR *algor;
     ASN1_BIT_STRING *public_key;
     EVP_PKEY *pkey;
+
+    /* extra data for the callback, used by d2i_PUBKEY_ex */
+    OPENSSL_CTX *libctx;
+    const char *propq;
 };
 
 static int x509_pubkey_decode(EVP_PKEY **pk, const X509_PUBKEY *key);
@@ -228,32 +232,57 @@ EVP_PKEY *X509_PUBKEY_get(const X509_PUBKEY *key)
 }
 
 /*
- * Now two pseudo ASN1 routines that take an EVP_PKEY structure and encode or
- * decode as X509_PUBKEY
+ * Now three pseudo ASN1 routines that take an EVP_PKEY structure and encode
+ * or decode as X509_PUBKEY
  */
 
-EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length)
+EVP_PKEY *d2i_PUBKEY_ex(EVP_PKEY **a, const unsigned char **pp, long length,
+                        OPENSSL_CTX *libctx, const char *propq)
 {
-    X509_PUBKEY *xpk;
-    EVP_PKEY *pktmp;
+    X509_PUBKEY *xpk, *xpk2 = NULL, **pxpk = NULL;
+    EVP_PKEY *pktmp = NULL;
     const unsigned char *q;
 
     q = *pp;
-    xpk = d2i_X509_PUBKEY(NULL, &q, length);
+
+    /*
+     * If libctx or propq are non-NULL, we take advantage of the reuse
+     * feature.  It's not generally recommended, but is safe enough for
+     * newly created structures.
+     */
+    if (libctx != NULL || propq != NULL) {
+        xpk2 = OPENSSL_zalloc(sizeof(*xpk2));
+        if (xpk2 == NULL) {
+            ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+            return NULL;
+        }
+        xpk2->libctx = libctx;
+        xpk2->propq = propq;
+        pxpk = &xpk2;
+    }
+    xpk = d2i_X509_PUBKEY(pxpk, &q, length);
     if (xpk == NULL)
-        return NULL;
+        goto end;
     pktmp = X509_PUBKEY_get(xpk);
     X509_PUBKEY_free(xpk);
+    xpk2 = NULL;                 /* We know that xpk == xpk2 */
     if (pktmp == NULL)
-        return NULL;
+        goto end;
     *pp = q;
     if (a != NULL) {
         EVP_PKEY_free(*a);
         *a = pktmp;
     }
+ end:
+    X509_PUBKEY_free(xpk2);
     return pktmp;
 }
 
+EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length)
+{
+    return d2i_PUBKEY_ex(a, pp, length, NULL, NULL);
+}
+
 int i2d_PUBKEY(const EVP_PKEY *a, unsigned char **pp)
 {
     int ret = -1;
@@ -493,3 +522,13 @@ int X509_PUBKEY_eq(const X509_PUBKEY *a, const X509_PUBKEY *b)
         return -2;
     return EVP_PKEY_eq(pA, pB);
 }
+
+int X509_PUBKEY_get0_libctx(OPENSSL_CTX **plibctx, const char **ppropq,
+                            const X509_PUBKEY *key)
+{
+    if (plibctx)
+        *plibctx = key->libctx;
+    if (ppropq)
+        *ppropq = key->propq;
+    return 1;
+}
diff --git a/doc/man3/X509_PUBKEY_new.pod b/doc/man3/X509_PUBKEY_new.pod
index 76034fa878..e6acb89213 100644
--- a/doc/man3/X509_PUBKEY_new.pod
+++ b/doc/man3/X509_PUBKEY_new.pod
@@ -4,7 +4,7 @@
 
 X509_PUBKEY_new, X509_PUBKEY_free, X509_PUBKEY_dup,
 X509_PUBKEY_set, X509_PUBKEY_get0, X509_PUBKEY_get,
-d2i_PUBKEY, i2d_PUBKEY, d2i_PUBKEY_bio, d2i_PUBKEY_fp,
+d2i_PUBKEY_ex, d2i_PUBKEY, i2d_PUBKEY, d2i_PUBKEY_bio, d2i_PUBKEY_fp,
 i2d_PUBKEY_fp, i2d_PUBKEY_bio, X509_PUBKEY_set0_param, X509_PUBKEY_get0_param,
 X509_PUBKEY_eq - SubjectPublicKeyInfo public key functions
 
@@ -20,6 +20,8 @@ X509_PUBKEY_eq - SubjectPublicKeyInfo public key functions
  EVP_PKEY *X509_PUBKEY_get0(const X509_PUBKEY *key);
  EVP_PKEY *X509_PUBKEY_get(const X509_PUBKEY *key);
 
+ EVP_PKEY *d2i_PUBKEY_ex(EVP_PKEY **a, const unsigned char **pp, long length,
+                         OPENSSL_CTX *libctx, const char *propq);
  EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length);
  int i2d_PUBKEY(const EVP_PKEY *a, unsigned char **pp);
 
@@ -58,9 +60,15 @@ X509_PUBKEY_get() is similar to X509_PUBKEY_get0() except the reference
 count on the returned key is incremented so it B<MUST> be freed using
 EVP_PKEY_free() after use.
 
-d2i_PUBKEY() and i2d_PUBKEY() decode and encode an B<EVP_PKEY> structure
-using B<SubjectPublicKeyInfo> format. They otherwise follow the conventions of
-other ASN.1 functions such as d2i_X509().
+d2i_PUBKEY_ex() decodes an B<EVP_PKEY> structure using B<SubjectPublicKeyInfo>
+format.  Some public key decoding implementations may use cryptographic
+algorithms. In this case the supplied library context I<libctx> and property
+query string I<propq> are used.
+d2i_PUBKEY() does the same as d2i_PUBKEY_ex() except that the default
+library context and property query string are used.
+
+i2d_PUBKEY() encodes an B<EVP_PKEY> structure using B<SubjectPublicKeyInfo>
+format.
 
 d2i_PUBKEY_bio(), d2i_PUBKEY_fp(), i2d_PUBKEY_bio() and i2d_PUBKEY_fp() are
 similar to d2i_PUBKEY() and i2d_PUBKEY() except they decode or encode using a
diff --git a/include/crypto/x509.h b/include/crypto/x509.h
index 87d71de420..c663b68abd 100644
--- a/include/crypto/x509.h
+++ b/include/crypto/x509.h
@@ -306,3 +306,6 @@ int asn1_item_digest_with_libctx(const ASN1_ITEM *it, const EVP_MD *type,
                                  unsigned int *len, OPENSSL_CTX *libctx,
                                  const char *propq);
 int X509_add_cert_new(STACK_OF(X509) **sk, X509 *cert, int flags);
+
+int X509_PUBKEY_get0_libctx(OPENSSL_CTX **plibctx, const char **ppropq,
+                            const X509_PUBKEY *key);
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 71a5f77301..c373fc9845 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -522,6 +522,8 @@ EVP_PKEY *X509_PUBKEY_get(const X509_PUBKEY *key);
 int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain);
 long X509_get_pathlen(X509 *x);
 DECLARE_ASN1_ENCODE_FUNCTIONS_only(EVP_PKEY, PUBKEY)
+EVP_PKEY *d2i_PUBKEY_ex(EVP_PKEY **a, const unsigned char **pp, long length,
+                        OPENSSL_CTX *libctx, const char *propq);
 # ifndef OPENSSL_NO_RSA
 DECLARE_ASN1_ENCODE_FUNCTIONS_only(RSA, RSA_PUBKEY)
 # endif
diff --git a/providers/implementations/serializers/deserialize_der2key.c b/providers/implementations/serializers/deserialize_der2key.c
index 702119b74c..6975c9ceab 100644
--- a/providers/implementations/serializers/deserialize_der2key.c
+++ b/providers/implementations/serializers/deserialize_der2key.c
@@ -127,7 +127,7 @@ static int der2key_deserialize(void *vctx, OSSL_CORE_BIO *cin,
                              libctx, NULL);
     if (pkey == NULL) {
         derp = der;
-        pkey = d2i_PUBKEY(NULL, &derp, der_len);
+        pkey = d2i_PUBKEY_ex(NULL, &derp, der_len, libctx, NULL);
     }
 
     if (pkey == NULL) {
@@ -142,7 +142,7 @@ static int der2key_deserialize(void *vctx, OSSL_CORE_BIO *cin,
          *
          * TODO(3.0): The check should be done with EVP_PKEY_is_a(), but
          * as long as we still have #legacy internal keys, it's safer to
-         * use the type numbers in side the provider.
+         * use the type numbers inside the provider.
          */
         if (EVP_PKEY_id(pkey) == ctx->desc->type)
             key = ctx->desc->extract_key(pkey);
diff --git a/util/libcrypto.num b/util/libcrypto.num
index b38670b1ab..6aa0109de3 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5262,3 +5262,4 @@ EVP_SIGNATURE_gettable_ctx_params       ?	3_0_0	EXIST::FUNCTION:
 EVP_SIGNATURE_settable_ctx_params       ?	3_0_0	EXIST::FUNCTION:
 EVP_KEYEXCH_gettable_ctx_params         ?	3_0_0	EXIST::FUNCTION:
 EVP_KEYEXCH_settable_ctx_params         ?	3_0_0	EXIST::FUNCTION:
+d2i_PUBKEY_ex                           ?	3_0_0	EXIST::FUNCTION:

From levitte at openssl.org  Thu Aug 20 10:34:26 2020
From: levitte at openssl.org (Richard Levitte)
Date: Thu, 20 Aug 2020 10:34:26 +0000
Subject: [openssl]  master update
Message-ID: <1597919666.750976.26850.nullmailer@dev.openssl.org>

The branch master has been updated
       via  6cc1dfca88c565ddacd9ea9aa8261ef9c0c37335 (commit)
      from  22b814443eea4ef4ea86d5d5677601d6645606d9 (commit)


- Log -----------------------------------------------------------------
commit 6cc1dfca88c565ddacd9ea9aa8261ef9c0c37335
Author: Richard Levitte <levitte at openssl.org>
Date:   Thu Jul 30 10:14:27 2020 +0200

    PROV: Fix DSA and DH private key serializers
    
    If those private key serializer were given a key structure with just
    the public key material, they crashed, because they tried to
    de-reference NULL.  This adds better checking.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12679)

-----------------------------------------------------------------------

Summary of changes:
 crypto/err/openssl.txt                                 |  2 ++
 providers/common/include/prov/providercommonerr.h      |  2 ++
 providers/common/provider_err.c                        |  2 ++
 providers/implementations/serializers/serializer_dh.c  | 18 ++++++++++++++----
 providers/implementations/serializers/serializer_dsa.c | 18 ++++++++++++++----
 5 files changed, 34 insertions(+), 8 deletions(-)

diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index b42abcc137..7431248d8f 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2916,6 +2916,8 @@ PROV_R_MISSING_SESSION_ID:133:missing session id
 PROV_R_MISSING_TYPE:134:missing type
 PROV_R_MISSING_XCGHASH:135:missing xcghash
 PROV_R_MODULE_INTEGRITY_FAILURE:214:module integrity failure
+PROV_R_NOT_A_PRIVATE_KEY:221:not a private key
+PROV_R_NOT_A_PUBLIC_KEY:220:not a public key
 PROV_R_NOT_INSTANTIATED:193:not instantiated
 PROV_R_NOT_SUPPORTED:136:not supported
 PROV_R_NOT_XOF_OR_INVALID_LENGTH:113:not xof or invalid length
diff --git a/providers/common/include/prov/providercommonerr.h b/providers/common/include/prov/providercommonerr.h
index 3f3c39ba52..4c356fc5c6 100644
--- a/providers/common/include/prov/providercommonerr.h
+++ b/providers/common/include/prov/providercommonerr.h
@@ -128,6 +128,8 @@ int ERR_load_PROV_strings(void);
 # define PROV_R_MISSING_TYPE                              134
 # define PROV_R_MISSING_XCGHASH                           135
 # define PROV_R_MODULE_INTEGRITY_FAILURE                  214
+# define PROV_R_NOT_A_PRIVATE_KEY                         221
+# define PROV_R_NOT_A_PUBLIC_KEY                          220
 # define PROV_R_NOT_INSTANTIATED                          193
 # define PROV_R_NOT_SUPPORTED                             136
 # define PROV_R_NOT_XOF_OR_INVALID_LENGTH                 113
diff --git a/providers/common/provider_err.c b/providers/common/provider_err.c
index ad7ae57157..3ea41f3c25 100644
--- a/providers/common/provider_err.c
+++ b/providers/common/provider_err.c
@@ -133,6 +133,8 @@ static const ERR_STRING_DATA PROV_str_reasons[] = {
     {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_MISSING_XCGHASH), "missing xcghash"},
     {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_MODULE_INTEGRITY_FAILURE),
     "module integrity failure"},
+    {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_NOT_A_PRIVATE_KEY), "not a private key"},
+    {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_NOT_A_PUBLIC_KEY), "not a public key"},
     {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_NOT_INSTANTIATED), "not instantiated"},
     {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_NOT_SUPPORTED), "not supported"},
     {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_NOT_XOF_OR_INVALID_LENGTH),
diff --git a/providers/implementations/serializers/serializer_dh.c b/providers/implementations/serializers/serializer_dh.c
index d63c8402f9..d1b1d27cf6 100644
--- a/providers/implementations/serializers/serializer_dh.c
+++ b/providers/implementations/serializers/serializer_dh.c
@@ -119,10 +119,15 @@ int ossl_prov_prepare_dh_params(const void *dh, int nid,
 
 int ossl_prov_dh_pub_to_der(const void *dh, unsigned char **pder)
 {
-    ASN1_INTEGER *pub_key = BN_to_ASN1_INTEGER(DH_get0_pub_key(dh), NULL);
+    const BIGNUM *bn = NULL;
+    ASN1_INTEGER *pub_key = NULL;
     int ret;
 
-    if (pub_key == NULL) {
+    if ((bn = DH_get0_pub_key(dh)) == NULL) {
+        ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY);
+        return 0;
+    }
+    if ((pub_key = BN_to_ASN1_INTEGER(bn, NULL)) == NULL) {
         ERR_raise(ERR_LIB_PROV, PROV_R_BN_ERROR);
         return 0;
     }
@@ -135,10 +140,15 @@ int ossl_prov_dh_pub_to_der(const void *dh, unsigned char **pder)
 
 int ossl_prov_dh_priv_to_der(const void *dh, unsigned char **pder)
 {
-    ASN1_INTEGER *priv_key = BN_to_ASN1_INTEGER(DH_get0_priv_key(dh), NULL);
+    const BIGNUM *bn = NULL;
+    ASN1_INTEGER *priv_key = NULL;
     int ret;
 
-    if (priv_key == NULL) {
+    if ((bn = DH_get0_priv_key(dh)) == NULL) {
+        ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PRIVATE_KEY);
+        return 0;
+    }
+    if ((priv_key = BN_to_ASN1_INTEGER(bn, NULL)) == NULL) {
         ERR_raise(ERR_LIB_PROV, PROV_R_BN_ERROR);
         return 0;
     }
diff --git a/providers/implementations/serializers/serializer_dsa.c b/providers/implementations/serializers/serializer_dsa.c
index 4389bded99..1f986b62d5 100644
--- a/providers/implementations/serializers/serializer_dsa.c
+++ b/providers/implementations/serializers/serializer_dsa.c
@@ -132,10 +132,15 @@ int ossl_prov_prepare_all_dsa_params(const void *dsa, int nid,
 
 int ossl_prov_dsa_pub_to_der(const void *dsa, unsigned char **pder)
 {
-    ASN1_INTEGER *pub_key = BN_to_ASN1_INTEGER(DSA_get0_pub_key(dsa), NULL);
+    const BIGNUM *bn = NULL;
+    ASN1_INTEGER *pub_key = NULL;
     int ret;
 
-    if (pub_key == NULL) {
+    if ((bn = DSA_get0_pub_key(dsa)) == NULL) {
+        ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY);
+        return 0;
+    }
+    if ((pub_key = BN_to_ASN1_INTEGER(bn, NULL)) == NULL) {
         ERR_raise(ERR_LIB_PROV, PROV_R_BN_ERROR);
         return 0;
     }
@@ -148,10 +153,15 @@ int ossl_prov_dsa_pub_to_der(const void *dsa, unsigned char **pder)
 
 int ossl_prov_dsa_priv_to_der(const void *dsa, unsigned char **pder)
 {
-    ASN1_INTEGER *priv_key = BN_to_ASN1_INTEGER(DSA_get0_priv_key(dsa), NULL);
+    const BIGNUM *bn = NULL;
+    ASN1_INTEGER *priv_key = NULL;
     int ret;
 
-    if (priv_key == NULL) {
+    if ((bn = DSA_get0_priv_key(dsa)) == NULL) {
+        ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PRIVATE_KEY);
+        return 0;
+    }
+    if ((priv_key = BN_to_ASN1_INTEGER(bn, NULL)) == NULL) {
         ERR_raise(ERR_LIB_PROV, PROV_R_BN_ERROR);
         return 0;
     }

From levitte at openssl.org  Thu Aug 20 10:38:24 2020
From: levitte at openssl.org (Richard Levitte)
Date: Thu, 20 Aug 2020 10:38:24 +0000
Subject: [openssl]  master update
Message-ID: <1597919904.259236.11035.nullmailer@dev.openssl.org>

The branch master has been updated
       via  5f2b7db09b6f9650ecf2b465ee9f737385623bd5 (commit)
       via  6e5ccd58c85f05f8d47a1682125a207dbc694768 (commit)
       via  2274d22d39fd65b83c9c969cba86c8f03b3e0bec (commit)
      from  6cc1dfca88c565ddacd9ea9aa8261ef9c0c37335 (commit)


- Log -----------------------------------------------------------------
commit 5f2b7db09b6f9650ecf2b465ee9f737385623bd5
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Aug 18 21:45:19 2020 +0200

    TEST: Use PEM_read_bio_PUBKEY_ex() and PEM_read_bio_PrivateKey_ex()
    
    test/evp_test.c and test/sslapitest.c are affected.  This allows them
    to decode keys found in stanza files via provider decoder implementations
    when a library context other than the default should be used.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12673)

commit 6e5ccd58c85f05f8d47a1682125a207dbc694768
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Aug 18 21:38:56 2020 +0200

    PEM: Add more library context aware PEM readers
    
    PEM_read_bio_PUBKEY_ex() and PEM_read_bio_Parameters_ex() are added to
    complete PEM_read_bio_PrivateKey_ex().  They are all refactored to be
    wrappers around the same internal function.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12673)

commit 2274d22d39fd65b83c9c969cba86c8f03b3e0bec
Author: Richard Levitte <levitte at openssl.org>
Date:   Thu Jul 30 10:09:43 2020 +0200

    STORE: Distinguish public keys from private keys
    
    While public keys and private keys use the same type (EVP_PKEY), just
    with different contents, callers still need to distinguish between the
    two to be able to know what functions to call with them (for example,
    to be able to choose between EVP_PKEY_print_private() and
    EVP_PKEY_print_public()).
    The OSSL_STORE backend knows what it loaded, so it has the capacity to
    inform.
    
    Note that the same as usual still applies, that a private key EVP_PKEY
    contains the public parts, but not necessarily the other way around.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12673)

-----------------------------------------------------------------------

Summary of changes:
 apps/include/apps.h                  |   3 +-
 apps/lib/apps.c                      |  30 +++++++--
 apps/storeutl.c                      |   7 ++
 crypto/err/openssl.txt               |   3 +-
 crypto/pem/pem_all.c                 |   1 -
 crypto/pem/pem_pkey.c                | 123 +++++++++++++++++++++++++----------
 crypto/store/loader_file.c           |   2 +-
 crypto/store/store_err.c             |   5 +-
 crypto/store/store_lib.c             |  31 ++++++++-
 crypto/store/store_local.h           |   1 +
 crypto/store/store_strings.c         |   1 +
 doc/man3/OSSL_STORE_INFO.pod         |  43 +++++++-----
 doc/man3/PEM_read_bio_PrivateKey.pod |  20 ++++--
 include/openssl/pem.h                |  22 +++++--
 include/openssl/store.h              |  10 ++-
 include/openssl/storeerr.h           |   3 +-
 test/evp_test.c                      |   2 +-
 test/sslapitest.c                    |   9 ++-
 util/libcrypto.num                   |   6 ++
 19 files changed, 240 insertions(+), 82 deletions(-)

diff --git a/apps/include/apps.h b/apps/include/apps.h
index 0ee8e070cd..0e734a528e 100644
--- a/apps/include/apps.h
+++ b/apps/include/apps.h
@@ -119,7 +119,8 @@ int load_crls(const char *file, STACK_OF(X509_CRL) **crls, int format,
               const char *pass, const char *desc);
 int load_key_cert_crl(const char *uri, int maybe_stdin,
                       const char *pass, const char *desc,
-                      EVP_PKEY **ppkey, X509 **pcert, X509_CRL **pcrl);
+                      EVP_PKEY **ppkey, EVP_PKEY **ppubkey,
+                      X509 **pcert, X509_CRL **pcrl);
 X509_STORE *setup_verify(const char *CAfile, int noCAfile,
                          const char *CApath, int noCApath,
                          const char *CAstore, int noCAstore);
diff --git a/apps/lib/apps.c b/apps/lib/apps.c
index e8592c4880..d19fdc2126 100644
--- a/apps/lib/apps.c
+++ b/apps/lib/apps.c
@@ -491,7 +491,8 @@ X509 *load_cert_pass(const char *uri, int maybe_stdin,
 
     if (desc == NULL)
         desc = "certificate";
-    (void)load_key_cert_crl(uri, maybe_stdin, pass, desc, NULL, &cert, NULL);
+    (void)load_key_cert_crl(uri, maybe_stdin, pass, desc,
+                            NULL, NULL, &cert, NULL);
     if (cert == NULL) {
         BIO_printf(bio_err, "Unable to load %s\n", desc);
         ERR_print_errors(bio_err);
@@ -512,7 +513,8 @@ X509_CRL *load_crl(const char *uri, int format, const char *desc)
 
     if (desc == NULL)
         desc = "CRL";
-    (void)load_key_cert_crl(uri, 0, NULL, desc, NULL, NULL, &crl);
+    (void)load_key_cert_crl(uri, 0, NULL, desc,
+                            NULL, NULL, NULL, &crl);
     if (crl == NULL) {
         BIO_printf(bio_err, "Unable to load %s\n", desc);
         ERR_print_errors(bio_err);
@@ -591,7 +593,8 @@ EVP_PKEY *load_key(const char *uri, int format, int may_stdin,
 #endif
         }
     } else {
-        (void)load_key_cert_crl(uri, may_stdin, pass, desc, &pkey, NULL, NULL);
+        (void)load_key_cert_crl(uri, may_stdin, pass, desc,
+                                &pkey, NULL, NULL, NULL);
     }
 
     if (pkey == NULL) {
@@ -629,8 +632,8 @@ EVP_PKEY *load_pubkey(const char *uri, int format, int maybe_stdin,
 #endif
         }
     } else {
-        (void)load_key_cert_crl(uri, maybe_stdin, pass, desc, &pkey,
-                                NULL, NULL);
+        (void)load_key_cert_crl(uri, maybe_stdin, pass, desc,
+                                NULL, &pkey, NULL, NULL);
     }
     if (pkey == NULL) {
         BIO_printf(bio_err, "Unable to load %s\n", desc);
@@ -769,7 +772,8 @@ int load_crls(const char *file, STACK_OF(X509_CRL) **crls, int format,
  */
 int load_key_cert_crl(const char *uri, int maybe_stdin,
                       const char *pass, const char *desc,
-                      EVP_PKEY **ppkey, X509 **pcert, X509_CRL **pcrl)
+                      EVP_PKEY **ppkey, EVP_PKEY **ppubkey,
+                      X509 **pcert, X509_CRL **pcrl)
 {
     PW_CB_DATA uidata;
     OSSL_STORE_CTX *ctx = NULL;
@@ -780,6 +784,8 @@ int load_key_cert_crl(const char *uri, int maybe_stdin,
 
     if (ppkey != NULL)
         *ppkey = NULL;
+    if (ppubkey != NULL)
+        *ppubkey = NULL;
     if (pcert != NULL)
         *pcert = NULL;
     if (pcrl != NULL)
@@ -831,6 +837,18 @@ int load_key_cert_crl(const char *uri, int maybe_stdin,
         case OSSL_STORE_INFO_PKEY:
             if (ppkey != NULL && *ppkey == NULL)
                 err = ((*ppkey = OSSL_STORE_INFO_get1_PKEY(info)) == NULL);
+
+            /*
+             * An EVP_PKEY with private parts also holds the public parts,
+             * so if the caller asked for a public key, and we got a private
+             * key, we can still pass it back.
+             */
+            if (ppubkey != NULL && *ppubkey == NULL)
+                err = ((*ppubkey = OSSL_STORE_INFO_get1_PKEY(info)) == NULL);
+            break;
+        case OSSL_STORE_INFO_PUBKEY:
+            if (ppubkey != NULL && *ppubkey == NULL)
+                err = ((*ppubkey = OSSL_STORE_INFO_get1_PUBKEY(info)) == NULL);
             break;
         case OSSL_STORE_INFO_CERT:
             if (pcert != NULL && *pcert == NULL)
diff --git a/apps/storeutl.c b/apps/storeutl.c
index 66fd423ab0..3d9498dc46 100644
--- a/apps/storeutl.c
+++ b/apps/storeutl.c
@@ -450,6 +450,13 @@ static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata,
                 PEM_write_bio_Parameters(out,
                                          OSSL_STORE_INFO_get0_PARAMS(info));
             break;
+        case OSSL_STORE_INFO_PUBKEY:
+            if (text)
+                EVP_PKEY_print_public(out, OSSL_STORE_INFO_get0_PUBKEY(info),
+                                      0, NULL);
+            if (!noout)
+                PEM_write_bio_PUBKEY(out, OSSL_STORE_INFO_get0_PUBKEY(info));
+            break;
         case OSSL_STORE_INFO_PKEY:
             if (text)
                 EVP_PKEY_print_private(out, OSSL_STORE_INFO_get0_PKEY(info),
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 7431248d8f..e83f1013ec 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2717,8 +2717,9 @@ OSSL_STORE_R_LOADER_INCOMPLETE:116:loader incomplete
 OSSL_STORE_R_LOADING_STARTED:117:loading started
 OSSL_STORE_R_NOT_A_CERTIFICATE:100:not a certificate
 OSSL_STORE_R_NOT_A_CRL:101:not a crl
-OSSL_STORE_R_NOT_A_KEY:102:not a key
 OSSL_STORE_R_NOT_A_NAME:103:not a name
+OSSL_STORE_R_NOT_A_PRIVATE_KEY:102:not a private key
+OSSL_STORE_R_NOT_A_PUBLIC_KEY:122:not a public key
 OSSL_STORE_R_NOT_PARAMETERS:104:not parameters
 OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR:114:passphrase callback error
 OSSL_STORE_R_PATH_MUST_BE_ABSOLUTE:108:path must be absolute
diff --git a/crypto/pem/pem_all.c b/crypto/pem/pem_all.c
index 9b803082c6..bf7159a6ad 100644
--- a/crypto/pem/pem_all.c
+++ b/crypto/pem/pem_all.c
@@ -181,4 +181,3 @@ IMPLEMENT_PEM_write(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
 IMPLEMENT_PEM_write(DHxparams, DH, PEM_STRING_DHXPARAMS, DHxparams)
 #endif
 IMPLEMENT_PEM_provided_write(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY)
-IMPLEMENT_PEM_read(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY)
diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c
index c60eed97c0..4ee5bb7009 100644
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c
@@ -27,23 +27,39 @@
 
 int pem_check_suffix(const char *pem_str, const char *suffix);
 
-EVP_PKEY *PEM_read_bio_PrivateKey_ex(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
-                                     void *u, OPENSSL_CTX *libctx,
-                                     const char *propq)
+static EVP_PKEY *pem_read_bio_key(BIO *bp, EVP_PKEY **x,
+                                  pem_password_cb *cb, void *u,
+                                  OPENSSL_CTX *libctx, const char *propq,
+                                  int expected_store_info_type,
+                                  int try_secure)
 {
     EVP_PKEY *ret = NULL;
     OSSL_STORE_CTX *ctx = NULL;
     OSSL_STORE_INFO *info = NULL;
-    UI_METHOD *ui_method = NULL;
+    const UI_METHOD *ui_method = NULL;
+    UI_METHOD *allocated_ui_method = NULL;
 
-    if ((ui_method = UI_UTIL_wrap_read_pem_callback(cb, 0)) == NULL)
+    if (expected_store_info_type != OSSL_STORE_INFO_PKEY
+        && expected_store_info_type != OSSL_STORE_INFO_PUBKEY
+        && expected_store_info_type != OSSL_STORE_INFO_PARAMS) {
+        ERR_raise(ERR_LIB_PEM, ERR_R_PASSED_INVALID_ARGUMENT);
+        return NULL;
+    }
+
+    if (u != NULL && cb == NULL)
+        cb = PEM_def_callback;
+    if (cb == NULL)
+        ui_method = UI_null();
+    else
+        ui_method = allocated_ui_method = UI_UTIL_wrap_read_pem_callback(cb, 0);
+    if (ui_method == NULL)
         return NULL;
 
     if ((ctx = OSSL_STORE_attach(bp, "file", libctx, propq, ui_method, u,
                                  NULL, NULL)) == NULL)
         goto err;
 #ifndef OPENSSL_NO_SECURE_HEAP
-    {
+   if (try_secure) {
         int on = 1;
         if (!OSSL_STORE_ctrl(ctx, OSSL_STORE_C_USE_SECMEM, &on))
             goto err;
@@ -52,9 +68,18 @@ EVP_PKEY *PEM_read_bio_PrivateKey_ex(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
 
     while (!OSSL_STORE_eof(ctx)
            && (info = OSSL_STORE_load(ctx)) != NULL) {
-        if (OSSL_STORE_INFO_get_type(info) == OSSL_STORE_INFO_PKEY) {
-            ret = OSSL_STORE_INFO_get1_PKEY(info);
-            break;
+        if (OSSL_STORE_INFO_get_type(info) == expected_store_info_type) {
+            switch (expected_store_info_type) {
+            case OSSL_STORE_INFO_PKEY:
+                ret = OSSL_STORE_INFO_get1_PKEY(info);
+                break;
+            case OSSL_STORE_INFO_PUBKEY:
+                ret = OSSL_STORE_INFO_get1_PUBKEY(info);
+                break;
+            case OSSL_STORE_INFO_PARAMS:
+                ret = OSSL_STORE_INFO_get1_PARAMS(info);
+                break;
+            }
         }
         OSSL_STORE_INFO_free(info);
         info = NULL;
@@ -65,11 +90,57 @@ EVP_PKEY *PEM_read_bio_PrivateKey_ex(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
 
  err:
     OSSL_STORE_close(ctx);
-    UI_destroy_method(ui_method);
+    UI_destroy_method(allocated_ui_method);
     OSSL_STORE_INFO_free(info);
     return ret;
 }
 
+EVP_PKEY *PEM_read_bio_PUBKEY_ex(BIO *bp, EVP_PKEY **x,
+                                 pem_password_cb *cb, void *u,
+                                 OPENSSL_CTX *libctx, const char *propq)
+{
+    return pem_read_bio_key(bp, x, cb, u, libctx, propq,
+                            OSSL_STORE_INFO_PUBKEY, 0);
+}
+
+EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
+                              void *u)
+{
+    return PEM_read_bio_PUBKEY_ex(bp, x, cb, u, NULL, NULL);
+}
+
+#ifndef OPENSSL_NO_STDIO
+EVP_PKEY *PEM_read_PUBKEY_ex(FILE *fp, EVP_PKEY **x,
+                             pem_password_cb *cb, void *u,
+                             OPENSSL_CTX *libctx, const char *propq)
+{
+    BIO *b;
+    EVP_PKEY *ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        PEMerr(0, ERR_R_BUF_LIB);
+        return 0;
+    }
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    ret = PEM_read_bio_PUBKEY_ex(b, x, cb, u, libctx, propq);
+    BIO_free(b);
+    return ret;
+}
+
+EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u)
+{
+    return PEM_read_PUBKEY_ex(fp, x, cb, u, NULL, NULL);
+}
+#endif
+
+EVP_PKEY *PEM_read_bio_PrivateKey_ex(BIO *bp, EVP_PKEY **x,
+                                     pem_password_cb *cb, void *u,
+                                     OPENSSL_CTX *libctx, const char *propq)
+{
+    return pem_read_bio_key(bp, x, cb, u, libctx, propq,
+                            OSSL_STORE_INFO_PKEY, 1);
+}
+
 EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
                                   void *u)
 {
@@ -101,32 +172,16 @@ int PEM_write_bio_PrivateKey_traditional(BIO *bp, const EVP_PKEY *x,
                               pem_str, bp, x, enc, kstr, klen, cb, u);
 }
 
-EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x)
+EVP_PKEY *PEM_read_bio_Parameters_ex(BIO *bp, EVP_PKEY **x,
+                                     OPENSSL_CTX *libctx, const char *propq)
 {
-    EVP_PKEY *ret = NULL;
-    OSSL_STORE_CTX *ctx = NULL;
-    OSSL_STORE_INFO *info = NULL;
-
-    if ((ctx = OSSL_STORE_attach(bp, "file", NULL, NULL, UI_null(), NULL,
-                                 NULL, NULL)) == NULL)
-        goto err;
-
-    while (!OSSL_STORE_eof(ctx) && (info = OSSL_STORE_load(ctx)) != NULL) {
-        if (OSSL_STORE_INFO_get_type(info) == OSSL_STORE_INFO_PARAMS) {
-            ret = OSSL_STORE_INFO_get1_PARAMS(info);
-            break;
-        }
-        OSSL_STORE_INFO_free(info);
-        info = NULL;
-    }
-
-    if (ret != NULL && x != NULL)
-        *x = ret;
+    return pem_read_bio_key(bp, x, NULL, NULL, libctx, propq,
+                            OSSL_STORE_INFO_PARAMS, 0);
+}
 
- err:
-    OSSL_STORE_close(ctx);
-    OSSL_STORE_INFO_free(info);
-    return ret;
+EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x)
+{
+    return PEM_read_bio_Parameters_ex(bp, x, NULL, NULL);
 }
 
 PEM_write_fnsig(Parameters, EVP_PKEY, BIO, write_bio)
diff --git a/crypto/store/loader_file.c b/crypto/store/loader_file.c
index 3b54ebbcd5..25ce9ba92e 100644
--- a/crypto/store/loader_file.c
+++ b/crypto/store/loader_file.c
@@ -565,7 +565,7 @@ static OSSL_STORE_INFO *try_decode_PUBKEY(const char *pem_name,
 
     if ((pkey = d2i_PUBKEY(NULL, &blob, len)) != NULL) {
         *matchcount = 1;
-        store_info = OSSL_STORE_INFO_new_PKEY(pkey);
+        store_info = OSSL_STORE_INFO_new_PUBKEY(pkey);
     }
 
     return store_info;
diff --git a/crypto/store/store_err.c b/crypto/store/store_err.c
index 3abb50bb21..320934e6c6 100644
--- a/crypto/store/store_err.c
+++ b/crypto/store/store_err.c
@@ -32,8 +32,11 @@ static const ERR_STRING_DATA OSSL_STORE_str_reasons[] = {
     {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_NOT_A_CERTIFICATE),
     "not a certificate"},
     {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_NOT_A_CRL), "not a crl"},
-    {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_NOT_A_KEY), "not a key"},
     {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_NOT_A_NAME), "not a name"},
+    {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_NOT_A_PRIVATE_KEY),
+    "not a private key"},
+    {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_NOT_A_PUBLIC_KEY),
+    "not a public key"},
     {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_NOT_PARAMETERS),
     "not parameters"},
     {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR),
diff --git a/crypto/store/store_lib.c b/crypto/store/store_lib.c
index 2878358245..2ff92b7984 100644
--- a/crypto/store/store_lib.c
+++ b/crypto/store/store_lib.c
@@ -307,6 +307,15 @@ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(EVP_PKEY *params)
     return info;
 }
 
+OSSL_STORE_INFO *OSSL_STORE_INFO_new_PUBKEY(EVP_PKEY *pkey)
+{
+    OSSL_STORE_INFO *info = store_info_new(OSSL_STORE_INFO_PUBKEY, pkey);
+
+    if (info == NULL)
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
+    return info;
+}
+
 OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey)
 {
     OSSL_STORE_INFO *info = store_info_new(OSSL_STORE_INFO_PKEY, pkey);
@@ -408,6 +417,23 @@ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *info)
     return NULL;
 }
 
+EVP_PKEY *OSSL_STORE_INFO_get0_PUBKEY(const OSSL_STORE_INFO *info)
+{
+    if (info->type == OSSL_STORE_INFO_PUBKEY)
+        return info->_.pubkey;
+    return NULL;
+}
+
+EVP_PKEY *OSSL_STORE_INFO_get1_PUBKEY(const OSSL_STORE_INFO *info)
+{
+    if (info->type == OSSL_STORE_INFO_PUBKEY) {
+        EVP_PKEY_up_ref(info->_.pubkey);
+        return info->_.pubkey;
+    }
+    OSSL_STOREerr(0, OSSL_STORE_R_NOT_A_PUBLIC_KEY);
+    return NULL;
+}
+
 EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *info)
 {
     if (info->type == OSSL_STORE_INFO_PKEY)
@@ -422,7 +448,7 @@ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *info)
         return info->_.pkey;
     }
     OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_INFO_GET1_PKEY,
-                  OSSL_STORE_R_NOT_A_KEY);
+                  OSSL_STORE_R_NOT_A_PRIVATE_KEY);
     return NULL;
 }
 
@@ -480,6 +506,9 @@ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *info)
         case OSSL_STORE_INFO_PARAMS:
             EVP_PKEY_free(info->_.params);
             break;
+        case OSSL_STORE_INFO_PUBKEY:
+            EVP_PKEY_free(info->_.pubkey);
+            break;
         case OSSL_STORE_INFO_PKEY:
             EVP_PKEY_free(info->_.pkey);
             break;
diff --git a/crypto/store/store_local.h b/crypto/store/store_local.h
index c9592c38ce..47cba87f86 100644
--- a/crypto/store/store_local.h
+++ b/crypto/store/store_local.h
@@ -36,6 +36,7 @@ struct ossl_store_info_st {
         } name;                  /* when type == OSSL_STORE_INFO_NAME */
 
         EVP_PKEY *params;        /* when type == OSSL_STORE_INFO_PARAMS */
+        EVP_PKEY *pubkey;        /* when type == OSSL_STORE_INFO_PUBKEY */
         EVP_PKEY *pkey;          /* when type == OSSL_STORE_INFO_PKEY */
         X509 *x509;              /* when type == OSSL_STORE_INFO_CERT */
         X509_CRL *crl;           /* when type == OSSL_STORE_INFO_CRL */
diff --git a/crypto/store/store_strings.c b/crypto/store/store_strings.c
index 84cfdcfe6b..97497c8a78 100644
--- a/crypto/store/store_strings.c
+++ b/crypto/store/store_strings.c
@@ -12,6 +12,7 @@
 static char *type_strings[] = {
     "Name",                      /* OSSL_STORE_INFO_NAME */
     "Parameters",                /* OSSL_STORE_INFO_PARAMS */
+    "Public key",                /* OSSL_STORE_INFO_PUBKEY */
     "Pkey",                      /* OSSL_STORE_INFO_PKEY */
     "Certificate",               /* OSSL_STORE_INFO_CERT */
     "CRL"                        /* OSSL_STORE_INFO_CRL */
diff --git a/doc/man3/OSSL_STORE_INFO.pod b/doc/man3/OSSL_STORE_INFO.pod
index c331677954..bc965a77bd 100644
--- a/doc/man3/OSSL_STORE_INFO.pod
+++ b/doc/man3/OSSL_STORE_INFO.pod
@@ -3,15 +3,17 @@
 =head1 NAME
 
 OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME,
-OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS,
+OSSL_STORE_INFO_get0_NAME_description,
+OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PUBKEY,
 OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL,
 OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description,
-OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY,
-OSSL_STORE_INFO_get1_CERT,
-OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free,
+OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PUBKEY,
+OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL,
+OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free,
 OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description,
-OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT,
-OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects
+OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PUBKEY,
+OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL
+- Functions to manipulate OSSL_STORE_INFO objects
 
 =head1 SYNOPSIS
 
@@ -27,6 +29,8 @@ OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects
  char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
  EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
  EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PUBKEY(const OSSL_STORE_INFO *info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PUBKEY(const OSSL_STORE_INFO *info);
  EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
  EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
  X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
@@ -41,6 +45,7 @@ OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects
  OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
  int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
  OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PUBKEY(EVP_PKEY *pubkey);
  OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
  OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
  OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);
@@ -76,23 +81,27 @@ STORE_INFO_get_type_string() takes a STORE type number and returns a
 short string describing it.
 
 OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(),
-OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(),
-OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a
-B<OSSL_STORE_INFO> and return the held object of the appropriate OpenSSL
-type provided that's what's held.
+OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PUBKEY(),
+OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(),
+OSSL_STORE_INFO_get0_CRL()
+all take a B<OSSL_STORE_INFO> and return the object it holds if the
+B<OSSL_STORE_INFO> type (as returned by OSSL_STORE_INFO_get_type())
+matches the function, otherwise NULL.
 
 OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(),
-OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(),
-OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a
-B<OSSL_STORE_INFO> and return a duplicate of the held object of the
-appropriate OpenSSL type provided that's what's held.
+OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PUBKEY(),
+OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and
+OSSL_STORE_INFO_get1_CRL()
+all take a B<OSSL_STORE_INFO> and return a duplicate the object it
+holds if the B<OSSL_STORE_INFO> type (as returned by
+OSSL_STORE_INFO_get_type()) matches the function, otherwise NULL.
 
 OSSL_STORE_INFO_free() frees a B<OSSL_STORE_INFO> and its contained type.
 
 OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(),
-OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and
-OSSL_STORE_INFO_new_CRL() create a B<OSSL_STORE_INFO>
-object to hold the given input object.
+, OSSL_STORE_INFO_new_PUBKEY(), OSSL_STORE_INFO_new_PKEY(),
+OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL()
+create a B<OSSL_STORE_INFO> object to hold the given input object.
 On success the input object is consumed.
 
 Additionally, for B<OSSL_STORE_INFO_NAME>` objects,
diff --git a/doc/man3/PEM_read_bio_PrivateKey.pod b/doc/man3/PEM_read_bio_PrivateKey.pod
index 960a7df89e..26f03b5b0d 100644
--- a/doc/man3/PEM_read_bio_PrivateKey.pod
+++ b/doc/man3/PEM_read_bio_PrivateKey.pod
@@ -8,7 +8,8 @@ PEM_read_PrivateKey, PEM_write_bio_PrivateKey,
 PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey,
 PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey,
 PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid,
-PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY,
+PEM_read_bio_PUBKEY_ex, PEM_read_bio_PUBKEY, PEM_read_PUBKEY_ex,
+PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY,
 PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey,
 PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey,
 PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey,
@@ -16,8 +17,8 @@ PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY,
 PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey,
 PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey,
 PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY,
-PEM_write_DSA_PUBKEY, PEM_read_bio_Parameters, PEM_write_bio_Parameters,
-PEM_read_bio_DSAparams, PEM_read_DSAparams,
+PEM_write_DSA_PUBKEY, PEM_read_bio_Parameters_ex, PEM_read_bio_Parameters,
+PEM_write_bio_Parameters, PEM_read_bio_DSAparams, PEM_read_DSAparams,
 PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams,
 PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams,
 PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509,
@@ -67,8 +68,14 @@ PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines
                                    char *kstr, int klen,
                                    pem_password_cb *cb, void *u);
 
+ EVP_PKEY *PEM_read_bio_PUBKEY_ex(BIO *bp, EVP_PKEY **x,
+                                  pem_password_cb *cb, void *u,
+                                  OPENSSL_CTX *libctx, const char *propq);
  EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
                                pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY_ex(FILE *fp, EVP_PKEY **x,
+                              pem_password_cb *cb, void *u,
+                              OPENSSL_CTX *libctx, const char *propq);
  EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
                            pem_password_cb *cb, void *u);
  int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
@@ -117,6 +124,8 @@ PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines
  int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
  int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
 
+ EVP_PKEY *PEM_read_bio_Parameters_ex(BIO *bp, EVP_PKEY **x,
+                                      OPENSSL_CTX *libctx, const char *propq);
  EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x);
  int PEM_write_bio_Parameters(BIO *bp, const EVP_PKEY *x);
 
@@ -506,8 +515,9 @@ The old Netscape certificate sequences were no longer documented
 in OpenSSL 1.1.0; applications should use the PKCS7 standard instead
 as they will be formally deprecated in a future releases.
 
-PEM_read_bio_PrivateKey_ex() and PEM_read_PrivateKey_ex() were introduced in
-OpenSSL 3.0.
+PEM_read_bio_PrivateKey_ex(), PEM_read_PrivateKey_ex(),
+PEM_read_bio_PUBKEY_ex(), PEM_read_PUBKEY_ex() and
+PEM_read_bio_Parameters_ex() were introduced in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
diff --git a/include/openssl/pem.h b/include/openssl/pem.h
index f4989e3987..6fbc28e0d3 100644
--- a/include/openssl/pem.h
+++ b/include/openssl/pem.h
@@ -356,15 +356,23 @@ DECLARE_PEM_rw(DHparams, DH)
 DECLARE_PEM_write(DHxparams, DH)
 # endif
 DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
-EVP_PKEY *PEM_read_bio_PrivateKey_ex(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
-                                     void *u, OPENSSL_CTX *libctx,
-                                     const char *propq);
+EVP_PKEY *PEM_read_bio_PrivateKey_ex(BIO *bp, EVP_PKEY **x,
+                                     pem_password_cb *cb, void *u,
+                                     OPENSSL_CTX *libctx, const char *propq);
 # ifndef OPENSSL_NO_STDIO
-EVP_PKEY *PEM_read_PrivateKey_ex(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
-                                 void *u, OPENSSL_CTX *libctx,
-                                 const char *propq);
+EVP_PKEY *PEM_read_PrivateKey_ex(FILE *fp, EVP_PKEY **x,
+                                 pem_password_cb *cb, void *u,
+                                 OPENSSL_CTX *libctx, const char *propq);
 # endif
 DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
+EVP_PKEY *PEM_read_bio_PUBKEY_ex(BIO *bp, EVP_PKEY **x,
+                                 pem_password_cb *cb, void *u,
+                                 OPENSSL_CTX *libctx, const char *propq);
+# ifndef OPENSSL_NO_STDIO
+EVP_PKEY *PEM_read_PUBKEY_ex(FILE *fp, EVP_PKEY **x,
+                             pem_password_cb *cb, void *u,
+                             OPENSSL_CTX *libctx, const char *propq);
+# endif
 
 int PEM_write_bio_PrivateKey_traditional(BIO *bp, const EVP_PKEY *x,
                                          const EVP_CIPHER *enc,
@@ -405,6 +413,8 @@ int PEM_write_PKCS8PrivateKey(FILE *fp, const EVP_PKEY *x, const EVP_CIPHER *enc
                               const char *kstr, int klen,
                               pem_password_cb *cd, void *u);
 # endif
+EVP_PKEY *PEM_read_bio_Parameters_ex(BIO *bp, EVP_PKEY **x,
+                                     OPENSSL_CTX *libctx, const char *propq);
 EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x);
 int PEM_write_bio_Parameters(BIO *bp, const EVP_PKEY *x);
 
diff --git a/include/openssl/store.h b/include/openssl/store.h
index d5e72a0963..b75c79868c 100644
--- a/include/openssl/store.h
+++ b/include/openssl/store.h
@@ -138,9 +138,10 @@ OSSL_STORE_CTX *OSSL_STORE_attach(BIO *bio, const char *scheme,
  */
 # define OSSL_STORE_INFO_NAME           1   /* char * */
 # define OSSL_STORE_INFO_PARAMS         2   /* EVP_PKEY * */
-# define OSSL_STORE_INFO_PKEY           3   /* EVP_PKEY * */
-# define OSSL_STORE_INFO_CERT           4   /* X509 * */
-# define OSSL_STORE_INFO_CRL            5   /* X509_CRL * */
+# define OSSL_STORE_INFO_PUBKEY         3   /* EVP_PKEY * */
+# define OSSL_STORE_INFO_PKEY           4   /* EVP_PKEY * */
+# define OSSL_STORE_INFO_CERT           5   /* X509 * */
+# define OSSL_STORE_INFO_CRL            6   /* X509_CRL * */
 
 /*
  * Functions to generate OSSL_STORE_INFOs, one function for each type we
@@ -152,6 +153,7 @@ OSSL_STORE_CTX *OSSL_STORE_attach(BIO *bio, const char *scheme,
 OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
 int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
 OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(EVP_PKEY *params);
+OSSL_STORE_INFO *OSSL_STORE_INFO_new_PUBKEY(EVP_PKEY *pubkey);
 OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
 OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
 OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);
@@ -166,6 +168,8 @@ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO *info);
 char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *info);
 EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *info);
 EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *info);
+EVP_PKEY *OSSL_STORE_INFO_get0_PUBKEY(const OSSL_STORE_INFO *info);
+EVP_PKEY *OSSL_STORE_INFO_get1_PUBKEY(const OSSL_STORE_INFO *info);
 EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *info);
 EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *info);
 X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *info);
diff --git a/include/openssl/storeerr.h b/include/openssl/storeerr.h
index ed8f7988fe..5213a0b33c 100644
--- a/include/openssl/storeerr.h
+++ b/include/openssl/storeerr.h
@@ -78,8 +78,9 @@ int ERR_load_OSSL_STORE_strings(void);
 # define OSSL_STORE_R_LOADING_STARTED                     117
 # define OSSL_STORE_R_NOT_A_CERTIFICATE                   100
 # define OSSL_STORE_R_NOT_A_CRL                           101
-# define OSSL_STORE_R_NOT_A_KEY                           102
 # define OSSL_STORE_R_NOT_A_NAME                          103
+# define OSSL_STORE_R_NOT_A_PRIVATE_KEY                   102
+# define OSSL_STORE_R_NOT_A_PUBLIC_KEY                    122
 # define OSSL_STORE_R_NOT_PARAMETERS                      104
 # define OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR           114
 # define OSSL_STORE_R_PATH_MUST_BE_ABSOLUTE               108
diff --git a/test/evp_test.c b/test/evp_test.c
index cd6077e10d..958718b1ba 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -3342,7 +3342,7 @@ start:
         }
         klist = &private_keys;
     } else if (strcmp(pp->key, "PublicKey") == 0) {
-        pkey = PEM_read_bio_PUBKEY(t->s.key, NULL, 0, NULL);
+        pkey = PEM_read_bio_PUBKEY_ex(t->s.key, NULL, 0, NULL, libctx, NULL);
         if (pkey == NULL && !key_unsupported()) {
             EVP_PKEY_free(pkey);
             TEST_info("Can't read public key %s", pp->value);
diff --git a/test/sslapitest.c b/test/sslapitest.c
index 6f4c11537b..cf9947ea0b 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -7511,7 +7511,9 @@ static int cert_cb(SSL *s, void *arg)
         BIO_free(in);
         if (!TEST_ptr(in = BIO_new(BIO_s_file()))
                 || !TEST_int_ge(BIO_read_filename(in, ecdsakey), 0)
-                || !TEST_ptr(pkey = PEM_read_bio_PrivateKey(in, NULL, NULL, NULL)))
+                || !TEST_ptr(pkey = PEM_read_bio_PrivateKey_ex(in, NULL,
+                                                               NULL, NULL,
+                                                               libctx, NULL)))
             goto out;
         rv = SSL_check_chain(s, x509, pkey, chain);
         /*
@@ -7656,8 +7658,9 @@ static int client_cert_cb(SSL *ssl, X509 **x509, EVP_PKEY **pkey)
     if (!TEST_ptr(xcert = X509_new_with_libctx(libctx, NULL))
             || !TEST_ptr(PEM_read_bio_X509(in, &xcert, NULL, NULL))
             || !TEST_ptr(priv_in = BIO_new_file(privkey, "r"))
-            || !TEST_ptr(privpkey = PEM_read_bio_PrivateKey(priv_in, NULL, NULL,
-                                                            NULL)))
+            || !TEST_ptr(privpkey = PEM_read_bio_PrivateKey_ex(priv_in, NULL,
+                                                               NULL, NULL,
+                                                               libctx, NULL)))
         goto err;
 
     *x509 = xcert;
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 6aa0109de3..a9b914839a 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5263,3 +5263,9 @@ EVP_SIGNATURE_settable_ctx_params       ?	3_0_0	EXIST::FUNCTION:
 EVP_KEYEXCH_gettable_ctx_params         ?	3_0_0	EXIST::FUNCTION:
 EVP_KEYEXCH_settable_ctx_params         ?	3_0_0	EXIST::FUNCTION:
 d2i_PUBKEY_ex                           ?	3_0_0	EXIST::FUNCTION:
+OSSL_STORE_INFO_new_PUBKEY              ?	3_0_0	EXIST::FUNCTION:
+OSSL_STORE_INFO_get0_PUBKEY             ?	3_0_0	EXIST::FUNCTION:
+OSSL_STORE_INFO_get1_PUBKEY             ?	3_0_0	EXIST::FUNCTION:
+PEM_read_bio_PUBKEY_ex                  ?	3_0_0	EXIST::FUNCTION:
+PEM_read_PUBKEY_ex                      ?	3_0_0	EXIST::FUNCTION:STDIO
+PEM_read_bio_Parameters_ex              ?	3_0_0	EXIST::FUNCTION:

From builds at travis-ci.com  Thu Aug 20 10:48:58 2020
From: builds at travis-ci.com (Travis CI)
Date: Thu, 20 Aug 2020 10:48:58 +0000
Subject: Still Failing: openssl/openssl#36831 (master - 26a8f2a)
In-Reply-To: <openssl/openssl+180609104+still failing@travis-ci.com>
Message-ID: <5f3e551a53970_13fbbce9945d4401697@travis-pro-tasks-7f5dbbc668-8nltw.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36831
Status: Still Failing

Duration: 1 hr, 27 mins, and 4 secs
Commit: 26a8f2a (master)
Author: Richard Levitte
Message: RSA: Fix rsa_todata() to only add params for existing data

The RSA key could be a public key, and yet, rsa_todata() always tries
to add the private parts as well.  The resulting parameters will look
a bit odd, such as a zero |d|, resulting in an invalid key.

Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12676)

View the changeset: https://github.com/openssl/openssl/compare/e6ed04a9dcc2...26a8f2ac95ad

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180609104?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200820/205b3353/attachment.html>

From no-reply at appveyor.com  Thu Aug 20 11:01:23 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 20 Aug 2020 11:01:23 +0000
Subject: Build completed: openssl master.36281
Message-ID: <20200820110123.1.1AC32EF3FA806D01@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200820/6fa8ec86/attachment.html>

From builds at travis-ci.com  Thu Aug 20 11:58:10 2020
From: builds at travis-ci.com (Travis CI)
Date: Thu, 20 Aug 2020 11:58:10 +0000
Subject: Still Failing: openssl/openssl#36832 (master - 16486f6)
In-Reply-To: <openssl/openssl+180609192+still failing@travis-ci.com>
Message-ID: <5f3e65506d100_13fbbd1ef5cb45357dc@travis-pro-tasks-7f5dbbc668-8nltw.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36832
Status: Still Failing

Duration: 1 hr, 34 mins, and 35 secs
Commit: 16486f6 (master)
Author: Richard Levitte
Message: PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider

In the FIPS provider, calling EC_GROUP_cmp() with NULL for the BN_CTX
argument is forbidden.  Since that's what ec_match() does, it simply
cannot work in the FIPS provider.  Therefore, we allocate a BN_CTX
with the library context asssociated with one of the input keys
(doesn't matter which) and use that.

Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12677)

View the changeset: https://github.com/openssl/openssl/compare/26a8f2ac95ad...16486f633241

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180609192?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200820/f3aa55b5/attachment-0001.html>

From dev at ddvo.net  Thu Aug 20 12:30:09 2020
From: dev at ddvo.net (dev at ddvo.net)
Date: Thu, 20 Aug 2020 12:30:09 +0000
Subject: [openssl]  master update
Message-ID: <1597926609.268648.18416.nullmailer@dev.openssl.org>

The branch master has been updated
       via  ed4faae00cdab23244704660c099e41ec64f5dc0 (commit)
      from  5f2b7db09b6f9650ecf2b465ee9f737385623bd5 (commit)


- Log -----------------------------------------------------------------
commit ed4faae00cdab23244704660c099e41ec64f5dc0
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Wed Aug 12 17:37:50 2020 +0200

    Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8}
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12639)

-----------------------------------------------------------------------

Summary of changes:
 crypto/pkcs12/p12_key.c | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c
index a40ae4cbe8..bbe212d125 100644
--- a/crypto/pkcs12/p12_key.c
+++ b/crypto/pkcs12/p12_key.c
@@ -33,10 +33,8 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
     }
     ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen,
                              id, iter, n, out, md_type);
-    if (ret <= 0)
-        return 0;
     OPENSSL_clear_free(unipass, uniplen);
-    return ret;
+    return ret > 0;
 }
 
 int PKCS12_key_gen_utf8(const char *pass, int passlen, unsigned char *salt,
@@ -56,10 +54,8 @@ int PKCS12_key_gen_utf8(const char *pass, int passlen, unsigned char *salt,
     }
     ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen,
                              id, iter, n, out, md_type);
-    if (ret <= 0)
-        return 0;
     OPENSSL_clear_free(unipass, uniplen);
-    return ret;
+    return ret > 0;
 }
 
 int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,

From openssl at openssl.org  Thu Aug 20 12:57:41 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 20 Aug 2020 12:57:41 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-err
Message-ID: <1597928261.338642.2956.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-err

Commit log since last time:

c7dfb2abe5 PKCS12_parse(): Clean up code and correct documentation
fc0aae737e PKCS12_parse(): Fix reversed order of certs parsed and output via *ca
9a30f40c57 OSSL_STORE file_load_try_decode(): Avoid flooding error queue by failed tries
7fe32ef688 Fix no-cms build errors.
c51a8af8cc OCSP: Add return value checks.
c9dcbc0759 Apps: change provider_path option to provider-path.
38145fba0a Fix DSA/DH so that legacy keys can still be generated by the default provider
6c4e2e52d8 Fix broken windows builds.
bfa6aaab45 Test that EVP_default_properties_is_fips_enabled() works early
e6c54619d1 Load the default config file before working with default properties

Build log ended with (last 100 lines):

65-test_cmp_status.t ............... ok
65-test_cmp_vfy.t .................. ok
70-test_asyncio.t .................. ok
70-test_bad_dtls.t ................. ok
70-test_clienthello.t .............. ok
70-test_comp.t ..................... ok
70-test_key_share.t ................ ok
70-test_packet.t ................... ok
70-test_recordlen.t ................ ok
70-test_renegotiation.t ............ ok
70-test_servername.t ............... ok
70-test_sslcbcpadding.t ............ ok
70-test_sslcertstatus.t ............ ok
70-test_sslextension.t ............. ok
70-test_sslmessages.t .............. ok
70-test_sslrecords.t ............... ok
70-test_sslsessiontick.t ........... ok
70-test_sslsigalgs.t ............... ok
70-test_sslsignature.t ............. ok
70-test_sslskewith0p.t ............. ok
70-test_sslversions.t .............. ok
70-test_sslvertol.t ................ ok
70-test_tls13alerts.t .............. ok
70-test_tls13cookie.t .............. ok
70-test_tls13downgrade.t ........... ok
70-test_tls13hrr.t ................. ok
70-test_tls13kexmodes.t ............ ok
70-test_tls13messages.t ............ ok
70-test_tls13psk.t ................. ok
70-test_tlsextms.t ................. ok
70-test_verify_extra.t ............. ok
70-test_wpacket.t .................. ok
71-test_ssl_ctx.t .................. ok
80-test_ca.t ....................... ok
80-test_cipherbytes.t .............. ok
80-test_cipherlist.t ............... ok
80-test_ciphername.t ............... ok

# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... ok
80-test_dtls_mtu.t ................. ok
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok
80-test_ssl_new.t .................. ok
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
04-test_err.t                    (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=209, Tests=3176, 864 wallclock secs (13.25 usr  1.23 sys + 798.22 cusr 62.39 csys = 875.09 CPU)
Result: FAIL
Makefile:3178: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-err'
Makefile:3176: recipe for target 'tests' failed
make: *** [tests] Error 2

From dev at ddvo.net  Thu Aug 20 13:03:32 2020
From: dev at ddvo.net (dev at ddvo.net)
Date: Thu, 20 Aug 2020 13:03:32 +0000
Subject: [openssl]  master update
Message-ID: <1597928612.539380.24649.nullmailer@dev.openssl.org>

The branch master has been updated
       via  2a33470b4f23bcf1cd66bbf645c855142efa0ed9 (commit)
       via  b3c5aadf4ce3dc2207cc605726bf370a55b531c9 (commit)
      from  ed4faae00cdab23244704660c099e41ec64f5dc0 (commit)


- Log -----------------------------------------------------------------
commit 2a33470b4f23bcf1cd66bbf645c855142efa0ed9
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Sun Aug 16 15:25:27 2020 +0200

    Make better use of new load_cert_pass() variant of load_cert() in apps/
    
    allows loading password-protected PKCS#12 files in x509, ca, s_client, s_server
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12647)

commit b3c5aadf4ce3dc2207cc605726bf370a55b531c9
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Fri Aug 14 21:58:34 2020 +0200

    apps: make use of OSSL_STORE for generalized certs and CRLs loading
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12647)

-----------------------------------------------------------------------

Summary of changes:
 apps/ca.c                        |  46 ++++-----
 apps/cmp.c                       | 144 +++------------------------
 apps/cms.c                       |   3 +-
 apps/include/apps.h              |  11 ++-
 apps/lib/apps.c                  | 203 ++++++++++++++-------------------------
 apps/lib/s_cb.c                  |   3 +-
 apps/ocsp.c                      |  11 +--
 apps/pkcs12.c                    |  21 +++-
 apps/s_client.c                  |  15 ++-
 apps/s_server.c                  |  22 ++---
 apps/smime.c                     |   3 +-
 apps/verify.c                    |   8 +-
 apps/x509.c                      |   8 +-
 doc/man1/openssl-ca.pod.in       |  10 +-
 doc/man1/openssl-cmp.pod.in      |  12 +--
 doc/man1/openssl-cms.pod.in      |   1 +
 doc/man1/openssl-ocsp.pod.in     |  12 ++-
 doc/man1/openssl-pkcs12.pod.in   |  23 +++--
 doc/man1/openssl-s_client.pod.in |   8 +-
 doc/man1/openssl-s_server.pod.in |  10 +-
 doc/man1/openssl-smime.pod.in    |   1 +
 doc/man1/openssl-verify.pod.in   |   7 +-
 doc/man1/openssl-x509.pod.in     |   3 +-
 test/certs/v3-certs-RC2.p12      | Bin 0 -> 1568 bytes
 test/certs/v3-certs-TDES.p12     | Bin 0 -> 1568 bytes
 test/recipes/25-test_x509.t      |  13 ++-
 test/recipes/80-test_pkcs12.t    |  25 ++++-
 27 files changed, 258 insertions(+), 365 deletions(-)
 create mode 100644 test/certs/v3-certs-RC2.p12
 create mode 100644 test/certs/v3-certs-TDES.p12

diff --git a/apps/ca.c b/apps/ca.c
index fef0b82c39..8a5104f488 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -106,7 +106,7 @@ static int certify(X509 **xret, const char *infile, int informat,
                    int verbose, unsigned long certopt, unsigned long nameopt,
                    int default_op, int ext_copy, int selfsign);
 static int certify_cert(X509 **xret, const char *infile, int informat,
-                        EVP_PKEY *pkey, X509 *x509,
+                        const char *passin, EVP_PKEY *pkey, X509 *x509,
                         const EVP_MD *dgst,
                         STACK_OF(OPENSSL_STRING) *sigopts,
                         STACK_OF(OPENSSL_STRING) *vfyopts,
@@ -214,17 +214,17 @@ const OPTIONS ca_options[] = {
 
     OPT_SECTION("Signing"),
     {"md", OPT_MD, 's', "md to use; one of md2, md5, sha or sha1"},
-    {"keyfile", OPT_KEYFILE, 's', "Private key"},
+    {"keyfile", OPT_KEYFILE, 's', "The CA private key"},
     {"keyform", OPT_KEYFORM, 'f', "Private key file format (ENGINE, other values ignored)"},
-    {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
-    {"key", OPT_KEY, 's', "Key to decode the private key if it is encrypted"},
+    {"passin", OPT_PASSIN, 's', "Key and cert input file pass phrase source"},
+    {"key", OPT_KEY, 's', "Key to decrypt key or cert files. Better use -passin"},
     {"cert", OPT_CERT, '<', "The CA cert"},
     {"certform", OPT_CERTFORM, 'F',
-     "certificate input format (DER/PEM/P12); has no effect"},
+     "Certificate input format (DER/PEM/P12); has no effect"},
     {"selfsign", OPT_SELFSIGN, '-',
      "Sign a cert with the key associated with it"},
     {"sigopt", OPT_SIGOPT, 's', "Signature parameter in n:v form"},
-    {"vfyopt", OPT_SIGOPT, 's', "Verification parameter in n:v form"},
+    {"vfyopt", OPT_VFYOPT, 's', "Verification parameter in n:v form"},
 
     OPT_SECTION("Revocation"),
     {"gencrl", OPT_GENCRL, '-', "Generate a new CRL"},
@@ -272,10 +272,11 @@ int ca_main(int argc, char **argv)
     const EVP_MD *dgst = NULL;
     char *configfile = default_config_file, *section = NULL;
     char *md = NULL, *policy = NULL, *keyfile = NULL;
-    char *certfile = NULL, *crl_ext = NULL, *crlnumberfile = NULL, *key = NULL;
+    char *certfile = NULL, *crl_ext = NULL, *crlnumberfile = NULL;
     int certformat = FORMAT_PEM, informat = FORMAT_PEM;
     const char *infile = NULL, *spkac_file = NULL, *ss_cert_file = NULL;
     const char *extensions = NULL, *extfile = NULL, *passinarg = NULL;
+    char *passin = NULL;
     char *outdir = NULL, *outfile = NULL, *rev_arg = NULL, *ser_status = NULL;
     const char *serialfile = NULL, *subj = NULL;
     char *prog, *startdate = NULL, *enddate = NULL;
@@ -285,7 +286,7 @@ int ca_main(int argc, char **argv)
     char *const *pp;
     const char *p;
     size_t outdirlen = 0;
-    int create_ser = 0, free_key = 0, total = 0, total_done = 0;
+    int create_ser = 0, free_passin = 0, total = 0, total_done = 0;
     int batch = 0, default_op = 1, doupdatedb = 0, ext_copy = EXT_COPY_NONE;
     int keyformat = FORMAT_PEM, multirdn = 0, notext = 0, output_der = 0;
     int ret = 1, email_dn = 1, req = 0, verbose = 0, gencrl = 0, dorevoke = 0;
@@ -379,7 +380,7 @@ opthelp:
                 goto end;
             break;
         case OPT_KEY:
-            key = opt_arg();
+            passin = opt_arg();
             break;
         case OPT_CERT:
             certfile = opt_arg();
@@ -565,15 +566,14 @@ end_of_options:
         && (keyfile = lookup_conf(conf, section, ENV_PRIVATE_KEY)) == NULL)
         goto end;
 
-    if (key == NULL) {
-        free_key = 1;
-        if (!app_passwd(passinarg, NULL, &key, NULL)) {
+    if (passin == NULL) {
+        free_passin = 1;
+        if (!app_passwd(passinarg, NULL, &passin, NULL)) {
             BIO_printf(bio_err, "Error getting password\n");
             goto end;
         }
     }
-    pkey = load_key(keyfile, keyformat, 0, key, e, "CA private key");
-    cleanse(key);
+    pkey = load_key(keyfile, keyformat, 0, passin, e, "CA private key");
     if (pkey == NULL)
         /* load_key() has already printed an appropriate message */
         goto end;
@@ -585,7 +585,7 @@ end_of_options:
             && (certfile = lookup_conf(conf, section, ENV_CERTIFICATE)) == NULL)
             goto end;
 
-        x509 = load_cert(certfile, certformat, "CA certificate");
+        x509 = load_cert_pass(certfile, certformat, passin, "CA certificate");
         if (x509 == NULL)
             goto end;
 
@@ -940,8 +940,8 @@ end_of_options:
         }
         if (ss_cert_file != NULL) {
             total++;
-            j = certify_cert(&x, ss_cert_file, certformat, pkey, x509, dgst,
-                             sigopts, vfyopts, attribs,
+            j = certify_cert(&x, ss_cert_file, certformat, passin, pkey,
+                             x509, dgst, sigopts, vfyopts, attribs,
                              db, serial, subj, chtype, multirdn, email_dn,
                              startdate, enddate, days, batch, extensions,
                              conf, verbose, certopt, get_nameopt(), default_op,
@@ -1262,7 +1262,8 @@ end_of_options:
             goto end;
         } else {
             X509 *revcert;
-            revcert = load_cert(infile, certformat, infile);
+
+            revcert = load_cert_pass(infile, certformat, passin, infile);
             if (revcert == NULL)
                 goto end;
             if (dorevoke == 2)
@@ -1291,8 +1292,9 @@ end_of_options:
     BIO_free_all(in);
     sk_X509_pop_free(cert_sk, X509_free);
 
-    if (free_key)
-        OPENSSL_free(key);
+    cleanse(passin);
+    if (free_passin)
+        OPENSSL_free(passin);
     BN_free(serial);
     BN_free(crlnumber);
     free_index(db);
@@ -1379,7 +1381,7 @@ static int certify(X509 **xret, const char *infile, int informat,
 }
 
 static int certify_cert(X509 **xret, const char *infile, int certformat,
-                        EVP_PKEY *pkey, X509 *x509,
+                        const char *passin, EVP_PKEY *pkey, X509 *x509,
                         const EVP_MD *dgst,
                         STACK_OF(OPENSSL_STRING) *sigopts,
                         STACK_OF(OPENSSL_STRING) *vfyopts,
@@ -1395,7 +1397,7 @@ static int certify_cert(X509 **xret, const char *infile, int certformat,
     EVP_PKEY *pktmp = NULL;
     int ok = -1, i;
 
-    if ((req = load_cert(infile, certformat, infile)) == NULL)
+    if ((req = load_cert_pass(infile, certformat, passin, infile)) == NULL)
         goto end;
     if (verbose)
         X509_print(bio_err, req);
diff --git a/apps/cmp.c b/apps/cmp.c
index b2afbf64e8..350aa22628 100644
--- a/apps/cmp.c
+++ b/apps/cmp.c
@@ -138,8 +138,6 @@ static char *opt_certform_s = "PEM";
 static int opt_certform = FORMAT_PEM;
 static char *opt_keyform_s = "PEM";
 static int opt_keyform = FORMAT_PEM;
-static char *opt_certsform_s = "PEM";
-static int opt_certsform = FORMAT_PEM;
 static char *opt_otherpass = NULL;
 static char *opt_engine = NULL;
 
@@ -222,7 +220,7 @@ typedef enum OPTION_choice {
     OPT_DIGEST, OPT_MAC, OPT_EXTRACERTS,
     OPT_UNPROTECTED_REQUESTS,
 
-    OPT_CERTFORM, OPT_KEYFORM, OPT_CERTSFORM,
+    OPT_CERTFORM, OPT_KEYFORM,
     OPT_OTHERPASS,
 #ifndef OPENSSL_NO_ENGINE
     OPT_ENGINE,
@@ -394,12 +392,8 @@ const OPTIONS cmp_options[] = {
     OPT_SECTION("Credentials format"),
     {"certform", OPT_CERTFORM, 's',
      "Format (PEM or DER) to use when saving a certificate to a file. Default PEM"},
-    {OPT_MORE_STR, 0, 0,
-     "This also determines format to use for writing (not supported for P12)"},
     {"keyform", OPT_KEYFORM, 's',
-     "Format to assume when reading key files. Default PEM"},
-    {"certsform", OPT_CERTSFORM, 's',
-     "Format (PEM/DER/P12) to try first reading multiple certs. Default PEM"},
+     "Format of the key input (ENGINE, other values ignored)"},
     {"otherpass", OPT_OTHERPASS, 's',
      "Pass phrase source potentially needed for loading certificates of others"},
 #ifndef OPENSSL_NO_ENGINE
@@ -540,7 +534,7 @@ static varref cmp_vars[] = { /* must be in same order as enumerated above! */
     {&opt_digest}, {&opt_mac}, {&opt_extracerts},
     {(char **)&opt_unprotected_requests},
 
-    {&opt_certform_s}, {&opt_keyform_s}, {&opt_certsform_s},
+    {&opt_certform_s}, {&opt_keyform_s},
     {&opt_otherpass},
 #ifndef OPENSSL_NO_ENGINE
     {&opt_engine},
@@ -642,51 +636,6 @@ static X509 *load_cert_pwd(const char *uri, const char *pass, const char *desc)
     return cert;
 }
 
-/* TODO remove when PR #4930 is merged */
-static int load_pkcs12(BIO *in, const char *desc,
-                       pem_password_cb *pem_cb, void *cb_data,
-                       EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
-{
-    const char *pass;
-    char tpass[PEM_BUFSIZE];
-    int len;
-    int ret = 0;
-    PKCS12 *p12 = d2i_PKCS12_bio(in, NULL);
-
-    if (desc == NULL)
-        desc = "PKCS12 input";
-    if (p12 == NULL) {
-        BIO_printf(bio_err, "error loading PKCS12 file for %s\n", desc);
-        goto die;
-    }
-
-    /* See if an empty password will do */
-    if (PKCS12_verify_mac(p12, "", 0) || PKCS12_verify_mac(p12, NULL, 0)) {
-        pass = "";
-    } else {
-        if (pem_cb == NULL)
-            pem_cb = wrap_password_callback;
-        len = pem_cb(tpass, PEM_BUFSIZE, 0, cb_data);
-        if (len < 0) {
-            BIO_printf(bio_err, "passphrase callback error for %s\n", desc);
-            goto die;
-        }
-        if (len < PEM_BUFSIZE)
-            tpass[len] = 0;
-        if (!PKCS12_verify_mac(p12, tpass, len)) {
-            BIO_printf(bio_err,
-                       "mac verify error (wrong password?) in PKCS12 file for %s\n",
-                       desc);
-            goto die;
-        }
-        pass = tpass;
-    }
-    ret = PKCS12_parse(p12, pass, pkey, cert, ca);
- die:
-    PKCS12_free(p12);
-    return ret;
-}
-
 /* TODO potentially move this and related functions to apps/lib/apps.c */
 static int adjust_format(const char **infile, int format, int engine_ok)
 {
@@ -752,47 +701,6 @@ static X509_REQ *load_csr_autofmt(const char *infile, const char *desc)
     return csr;
 }
 
-/* TODO replace by calling generalized load_certs() when PR #4930 is merged */
-static int load_certs_preliminary(const char *file, STACK_OF(X509) **certs,
-                                  int format, const char *pass,
-                                  const char *desc)
-{
-    X509 *cert = NULL;
-    int ret = 0;
-
-    if (format == FORMAT_PKCS12) {
-        BIO *bio = bio_open_default(file, 'r', format);
-
-        if (bio != NULL) {
-            EVP_PKEY *pkey = NULL; /* pkey is needed until PR #4930 is merged */
-            PW_CB_DATA cb_data;
-
-            cb_data.password = pass;
-            cb_data.prompt_info = file;
-            ret = load_pkcs12(bio, desc, wrap_password_callback,
-                              &cb_data, &pkey, &cert, certs);
-            EVP_PKEY_free(pkey);
-            BIO_free(bio);
-        }
-    } else if (format == FORMAT_ASN1) { /* load only one cert in this case */
-        CMP_warn1("can load only one certificate in DER format from %s", file);
-        cert = load_cert_pass(file, 0, pass, desc);
-    }
-    if (format == FORMAT_PKCS12 || format == FORMAT_ASN1) {
-        if (cert) {
-            if (*certs == NULL)
-                *certs = sk_X509_new_null();
-            if (*certs != NULL)
-                ret = sk_X509_insert(*certs, cert, 0);
-            else
-                X509_free(cert);
-        }
-    } else {
-        ret = load_certs(file, certs, format, pass, desc);
-    }
-    return ret;
-}
-
 static void warn_certs_expired(const char *file, STACK_OF(X509) **certs)
 {
     int i, res;
@@ -812,34 +720,20 @@ static void warn_certs_expired(const char *file, STACK_OF(X509) **certs)
     }
 }
 
-/*
- * TODO potentially move this and related functions to apps/lib/
- * or even better extend OSSL_STORE with type OSSL_STORE_INFO_CERTS
- */
-static int load_certs_autofmt(const char *infile, STACK_OF(X509) **certs,
-                              int exclude_http, const char *pass,
-                              const char *desc)
+static int load_certs_pwd(const char *infile, STACK_OF(X509) **certs,
+                          int exclude_http, const char *pass,
+                          const char *desc)
 {
     int ret = 0;
     char *pass_string;
-    BIO *bio_bak = bio_err;
-    int format = adjust_format(&infile, opt_certsform, 0);
+    int format = adjust_format(&infile, FORMAT_PEM, 0);
 
     if (exclude_http && format == FORMAT_HTTP) {
         BIO_printf(bio_err, "error: HTTP retrieval not allowed for %s\n", desc);
         return ret;
     }
     pass_string = get_passwd(pass, desc);
-    if (format != FORMAT_HTTP)
-        bio_err = NULL; /* do not show errors on more than one try */
-    ret = load_certs_preliminary(infile, certs, format, pass_string, desc);
-    bio_err = bio_bak;
-    if (!ret && format != FORMAT_HTTP) {
-        int format2 = format == FORMAT_PEM ? FORMAT_ASN1 : FORMAT_PEM;
-
-        ERR_clear_error();
-        ret = load_certs_preliminary(infile, certs, format2, pass_string, desc);
-    }
+    ret = load_certs(infile, certs, pass_string, desc);
     clear_free(pass_string);
 
     if (ret)
@@ -1129,7 +1023,7 @@ static X509_STORE *load_certstore(char *input, const char *desc)
     while (input != NULL) {
         char *next = next_item(input);           \
 
-        if (!load_certs_autofmt(input, &certs, 1, opt_otherpass, desc)
+        if (!load_certs_pwd(input, &certs, 1, opt_otherpass, desc)
                 || !(store = sk_X509_to_store(store, certs))) {
             /* CMP_err("out of memory"); */
             X509_STORE_free(store);
@@ -1160,7 +1054,7 @@ static STACK_OF(X509) *load_certs_multifile(char *files,
     while (files != NULL) {
         char *next = next_item(files);
 
-        if (!load_certs_autofmt(files, &certs, 0, pass, desc))
+        if (!load_certs_pwd(files, &certs, 0, pass, desc))
             goto err;
         if (!X509_add_certs(result, certs,
                             X509_ADD_FLAG_UP_REF | X509_ADD_FLAG_NO_DUP))
@@ -1256,13 +1150,6 @@ static int transform_opts(void)
         return 0;
     }
 
-    if (opt_certsform_s != NULL
-            && !opt_format(opt_certsform_s, OPT_FMT_PEMDER | OPT_FMT_PKCS12,
-                           &opt_certsform)) {
-        CMP_err("unknown option given for certificate list loading format");
-        return 0;
-    }
-
     return 1;
 }
 
@@ -1554,8 +1441,8 @@ static SSL_CTX *setup_ssl_ctx(OSSL_CMP_CTX *ctx, ENGINE *engine)
         X509 *cert;
         STACK_OF(X509) *certs = NULL;
 
-        if (!load_certs_autofmt(opt_tls_cert, &certs, 0, opt_tls_keypass,
-                                "TLS client certificate (optionally with chain)"))
+        if (!load_certs_pwd(opt_tls_cert, &certs, 0, opt_tls_keypass,
+                            "TLS client certificate (optionally with chain)"))
             /*
              * opt_tls_keypass is needed in case opt_tls_cert is an encrypted
              * PKCS#12 file
@@ -1722,8 +1609,8 @@ static int setup_protection_ctx(OSSL_CMP_CTX *ctx, ENGINE *engine)
         STACK_OF(X509) *certs = NULL;
         int ok;
 
-        if (!load_certs_autofmt(opt_cert, &certs, 0, opt_keypass,
-                                "CMP client certificate (and optionally extra certs)"))
+        if (!load_certs_pwd(opt_cert, &certs, 0, opt_keypass,
+                            "CMP client certificate (and optionally extra certs)"))
             /* opt_keypass is needed if opt_cert is an encrypted PKCS#12 file */
             goto err;
 
@@ -2666,9 +2553,6 @@ static int get_opts(int argc, char **argv)
         case OPT_KEYFORM:
             opt_keyform_s = opt_str("keyform");
             break;
-        case OPT_CERTSFORM:
-            opt_certsform_s = opt_str("certsform");
-            break;
         case OPT_OTHERPASS:
             opt_otherpass = opt_str("otherpass");
             break;
diff --git a/apps/cms.c b/apps/cms.c
index 7e48cc1c82..bcf2f44ce5 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -822,8 +822,7 @@ int cms_main(int argc, char **argv)
     }
 
     if (certfile != NULL) {
-        if (!load_certs(certfile, &other, FORMAT_PEM, NULL,
-                        "certificate file")) {
+        if (!load_certs(certfile, &other, NULL, "certificate file")) {
             ERR_print_errors(bio_err);
             goto end;
         }
diff --git a/apps/include/apps.h b/apps/include/apps.h
index 0e734a528e..8d1eb7c280 100644
--- a/apps/include/apps.h
+++ b/apps/include/apps.h
@@ -105,7 +105,7 @@ X509_REQ *load_csr(const char *file, int format, const char *desc);
 X509 *load_cert_pass(const char *uri, int maybe_stdin,
                      const char *pass, const char *desc);
 /* the format parameter is meanwhile not needed anymore and thus ignored */
-X509 *load_cert(const char *uri, int format, const char *desc);
+#define load_cert(uri, format, desc) load_cert_pass(uri, 0, NULL, desc)
 X509_CRL *load_crl(const char *uri, int format, const char *desc);
 void cleanse(char *str);
 void clear_free(char *str);
@@ -113,10 +113,15 @@ EVP_PKEY *load_key(const char *uri, int format, int maybe_stdin,
                    const char *pass, ENGINE *e, const char *desc);
 EVP_PKEY *load_pubkey(const char *uri, int format, int maybe_stdin,
                       const char *pass, ENGINE *e, const char *desc);
-int load_certs(const char *file, STACK_OF(X509) **certs, int format,
+int load_certs(const char *uri, STACK_OF(X509) **certs,
                const char *pass, const char *desc);
-int load_crls(const char *file, STACK_OF(X509_CRL) **crls, int format,
+int load_crls(const char *uri, STACK_OF(X509_CRL) **crls,
               const char *pass, const char *desc);
+int load_key_certs_crls(const char *uri, int maybe_stdin,
+                        const char *pass, const char *desc,
+                        EVP_PKEY **ppkey, EVP_PKEY **ppubkey,
+                        X509 **pcert, STACK_OF(X509) **pcerts,
+                        X509_CRL **pcrl, STACK_OF(X509_CRL) **pcrls);
 int load_key_cert_crl(const char *uri, int maybe_stdin,
                       const char *pass, const char *desc,
                       EVP_PKEY **ppkey, EVP_PKEY **ppubkey,
diff --git a/apps/lib/apps.c b/apps/lib/apps.c
index d19fdc2126..150df997b8 100644
--- a/apps/lib/apps.c
+++ b/apps/lib/apps.c
@@ -491,8 +491,8 @@ X509 *load_cert_pass(const char *uri, int maybe_stdin,
 
     if (desc == NULL)
         desc = "certificate";
-    (void)load_key_cert_crl(uri, maybe_stdin, pass, desc,
-                            NULL, NULL, &cert, NULL);
+    (void)load_key_certs_crls(uri, maybe_stdin, pass, desc,
+                              NULL, NULL, &cert, NULL, NULL, NULL);
     if (cert == NULL) {
         BIO_printf(bio_err, "Unable to load %s\n", desc);
         ERR_print_errors(bio_err);
@@ -500,12 +500,6 @@ X509 *load_cert_pass(const char *uri, int maybe_stdin,
     return cert;
 }
 
-/* the format parameter is meanwhile not needed anymore and thus ignored */
-X509 *load_cert(const char *uri, int format, const char *desc)
-{
-    return load_cert_pass(uri, 1, NULL, desc);
-}
-
 /* the format parameter is meanwhile not needed anymore and thus ignored */
 X509_CRL *load_crl(const char *uri, int format, const char *desc)
 {
@@ -513,8 +507,8 @@ X509_CRL *load_crl(const char *uri, int format, const char *desc)
 
     if (desc == NULL)
         desc = "CRL";
-    (void)load_key_cert_crl(uri, 0, NULL, desc,
-                            NULL, NULL, NULL, &crl);
+    (void)load_key_certs_crls(uri, 0, NULL, desc,
+                              NULL,  NULL, NULL, NULL, &crl, NULL);
     if (crl == NULL) {
         BIO_printf(bio_err, "Unable to load %s\n", desc);
         ERR_print_errors(bio_err);
@@ -593,8 +587,8 @@ EVP_PKEY *load_key(const char *uri, int format, int may_stdin,
 #endif
         }
     } else {
-        (void)load_key_cert_crl(uri, may_stdin, pass, desc,
-                                &pkey, NULL, NULL, NULL);
+        (void)load_key_certs_crls(uri, may_stdin, pass, desc,
+                                  &pkey, NULL, NULL, NULL, NULL, NULL);
     }
 
     if (pkey == NULL) {
@@ -632,8 +626,8 @@ EVP_PKEY *load_pubkey(const char *uri, int format, int maybe_stdin,
 #endif
         }
     } else {
-        (void)load_key_cert_crl(uri, maybe_stdin, pass, desc,
-                                NULL, &pkey, NULL, NULL);
+        (void)load_key_certs_crls(uri, maybe_stdin, pass, desc,
+                                  NULL, &pkey, NULL, NULL, NULL, NULL);
     }
     if (pkey == NULL) {
         BIO_printf(bio_err, "Unable to load %s\n", desc);
@@ -642,89 +636,6 @@ EVP_PKEY *load_pubkey(const char *uri, int format, int maybe_stdin,
     return pkey;
 }
 
-static int load_certs_crls(const char *file, int format,
-                           const char *pass, const char *desc,
-                           STACK_OF(X509) **pcerts,
-                           STACK_OF(X509_CRL) **pcrls)
-{
-    int i;
-    BIO *bio;
-    STACK_OF(X509_INFO) *xis = NULL;
-    X509_INFO *xi;
-    PW_CB_DATA cb_data;
-    int rv = 0;
-
-    cb_data.password = pass;
-    cb_data.prompt_info = file;
-
-    if (format != FORMAT_PEM) {
-        BIO_printf(bio_err, "Bad input format specified for %s\n", desc);
-        return 0;
-    }
-
-    bio = bio_open_default(file, 'r', FORMAT_PEM);
-    if (bio == NULL)
-        return 0;
-
-    xis = PEM_X509_INFO_read_bio_with_libctx(bio, NULL,
-                                             (pem_password_cb *)password_callback,
-                                             &cb_data,
-                                             app_get0_libctx(),
-                                             app_get0_propq());
-
-    BIO_free(bio);
-
-    if (pcerts != NULL && *pcerts == NULL) {
-        *pcerts = sk_X509_new_null();
-        if (*pcerts == NULL)
-            goto end;
-    }
-
-    if (pcrls != NULL && *pcrls == NULL) {
-        *pcrls = sk_X509_CRL_new_null();
-        if (*pcrls == NULL)
-            goto end;
-    }
-
-    for (i = 0; i < sk_X509_INFO_num(xis); i++) {
-        xi = sk_X509_INFO_value(xis, i);
-        if (xi->x509 != NULL && pcerts != NULL) {
-            if (!sk_X509_push(*pcerts, xi->x509))
-                goto end;
-            xi->x509 = NULL;
-        }
-        if (xi->crl != NULL && pcrls != NULL) {
-            if (!sk_X509_CRL_push(*pcrls, xi->crl))
-                goto end;
-            xi->crl = NULL;
-        }
-    }
-
-    if (pcerts != NULL && sk_X509_num(*pcerts) > 0)
-        rv = 1;
-
-    if (pcrls != NULL && sk_X509_CRL_num(*pcrls) > 0)
-        rv = 1;
-
- end:
-
-    sk_X509_INFO_pop_free(xis, X509_INFO_free);
-
-    if (rv == 0) {
-        if (pcerts != NULL) {
-            sk_X509_pop_free(*pcerts, X509_free);
-            *pcerts = NULL;
-        }
-        if (pcrls != NULL) {
-            sk_X509_CRL_pop_free(*pcrls, X509_CRL_free);
-            *pcrls = NULL;
-        }
-        BIO_printf(bio_err, "Unable to load %s\n", desc != NULL ? desc :
-                   pcerts != NULL ? "certificates" : "CRLs");
-    }
-    return rv;
-}
-
 void app_bail_out(char *fmt, ...)
 {
     va_list args;
@@ -749,37 +660,49 @@ void* app_malloc(int sz, const char *what)
 /*
  * Initialize or extend, if *certs != NULL, a certificate stack.
  */
-int load_certs(const char *file, STACK_OF(X509) **certs, int format,
+int load_certs(const char *uri, STACK_OF(X509) **certs,
                const char *pass, const char *desc)
 {
-    return load_certs_crls(file, format, pass, desc, certs, NULL);
+    return load_key_certs_crls(uri, 0, pass, desc, NULL, NULL,
+                               NULL, certs, NULL, NULL);
 }
 
 /*
  * Initialize or extend, if *crls != NULL, a certificate stack.
  */
-int load_crls(const char *file, STACK_OF(X509_CRL) **crls, int format,
+int load_crls(const char *uri, STACK_OF(X509_CRL) **crls,
               const char *pass, const char *desc)
 {
-    return load_certs_crls(file, format, pass, desc, NULL, crls);
+    return load_key_certs_crls(uri, 0, pass, desc, NULL, NULL,
+                               NULL, NULL, NULL, crls);
 }
 
 /*
  * Load those types of credentials for which the result pointer is not NULL.
  * Reads from stdio if uri is NULL and maybe_stdin is nonzero.
- * For each type the first credential found in the store is loaded.
- * May yield partial result even if rv == 0.
+ * For non-NULL ppkey, pcert, and pcrl the first suitable value found is loaded.
+ * If pcerts is non-NULL and *pcerts == NULL then a new cert list is allocated.
+ * If pcerts is non-NULL then all available certificates are appended to *pcerts
+ * except any certificate assigned to *pcert.
+ * If pcrls is non-NULL and *pcrls == NULL then a new list of CRLs is allocated.
+ * If pcrls is non-NULL then all available CRLs are appended to *pcerts
+ * except any CRL assigned to *pcrl.
+ * In any case (also on error) the caller is responsible for freeing all members
+ * of *pcerts and *pcrls (as far as they are not NULL).
  */
-int load_key_cert_crl(const char *uri, int maybe_stdin,
-                      const char *pass, const char *desc,
-                      EVP_PKEY **ppkey, EVP_PKEY **ppubkey,
-                      X509 **pcert, X509_CRL **pcrl)
+int load_key_certs_crls(const char *uri, int maybe_stdin,
+                        const char *pass, const char *desc,
+                        EVP_PKEY **ppkey, EVP_PKEY **ppubkey,
+                        X509 **pcert, STACK_OF(X509) **pcerts,
+                        X509_CRL **pcrl, STACK_OF(X509_CRL) **pcrls)
 {
     PW_CB_DATA uidata;
     OSSL_STORE_CTX *ctx = NULL;
     OPENSSL_CTX *libctx = app_get0_libctx();
     const char *propq = app_get0_propq();
-    int ret = 0;
+    int ncerts = 0;
+    int ncrls = 0;
+    const char *failed = NULL;
     /* TODO make use of the engine reference 'eng' when loading pkeys */
 
     if (ppkey != NULL)
@@ -788,8 +711,18 @@ int load_key_cert_crl(const char *uri, int maybe_stdin,
         *ppubkey = NULL;
     if (pcert != NULL)
         *pcert = NULL;
+    if (pcerts != NULL && *pcerts == NULL
+            && (*pcerts = sk_X509_new_null()) == NULL) {
+        BIO_printf(bio_err, "Out of memory");
+        return 0;
+    }
     if (pcrl != NULL)
         *pcrl = NULL;
+    if (pcrls != NULL && *pcrls == NULL
+            && (*pcrls = sk_X509_CRL_new_null()) == NULL) {
+        BIO_printf(bio_err, "Out of memory");
+        return 0;
+    }
 
     if (desc == NULL)
         desc = "key/certificate/CRL";
@@ -799,6 +732,7 @@ int load_key_cert_crl(const char *uri, int maybe_stdin,
     if (uri == NULL) {
         BIO *bio;
 
+        uri = "<stdin>";
         if (!maybe_stdin) {
             BIO_printf(bio_err, "No filename or uri specified for loading %s\n",
                        desc);
@@ -809,7 +743,6 @@ int load_key_cert_crl(const char *uri, int maybe_stdin,
         if (bio != NULL)
             ctx = OSSL_STORE_attach(bio, "file", libctx, propq,
                                     get_ui_method(), &uidata, NULL, NULL);
-        uri = "<stdin>";
     } else {
         ctx = OSSL_STORE_open_with_libctx(uri, libctx, propq, get_ui_method(),
                                           &uidata, NULL, NULL);
@@ -820,61 +753,71 @@ int load_key_cert_crl(const char *uri, int maybe_stdin,
         goto end;
     }
 
-    for (;;) {
+    while (!OSSL_STORE_eof(ctx)) {
         OSSL_STORE_INFO *info = OSSL_STORE_load(ctx);
         int type = info == NULL ? 0 : OSSL_STORE_INFO_get_type(info);
-        const char *infostr =
-            info == NULL ? NULL : OSSL_STORE_INFO_type_string(type);
-        int err = 0;
-
-        if (info == NULL) {
-            if (OSSL_STORE_eof(ctx))
-                ret = 1;
-            break;
-        }
+        int ok = 1;
 
         switch (type) {
         case OSSL_STORE_INFO_PKEY:
             if (ppkey != NULL && *ppkey == NULL)
-                err = ((*ppkey = OSSL_STORE_INFO_get1_PKEY(info)) == NULL);
+                ok = (*ppkey = OSSL_STORE_INFO_get1_PKEY(info)) != NULL;
 
             /*
              * An EVP_PKEY with private parts also holds the public parts,
              * so if the caller asked for a public key, and we got a private
              * key, we can still pass it back.
              */
-            if (ppubkey != NULL && *ppubkey == NULL)
-                err = ((*ppubkey = OSSL_STORE_INFO_get1_PKEY(info)) == NULL);
+            if (ok && ppubkey != NULL && *ppubkey == NULL)
+                ok = ((*ppubkey = OSSL_STORE_INFO_get1_PKEY(info)) != NULL);
             break;
         case OSSL_STORE_INFO_PUBKEY:
             if (ppubkey != NULL && *ppubkey == NULL)
-                err = ((*ppubkey = OSSL_STORE_INFO_get1_PUBKEY(info)) == NULL);
+                ok = ((*ppubkey = OSSL_STORE_INFO_get1_PUBKEY(info)) != NULL);
             break;
         case OSSL_STORE_INFO_CERT:
             if (pcert != NULL && *pcert == NULL)
-                err = ((*pcert = OSSL_STORE_INFO_get1_CERT(info)) == NULL);
+                ok = (*pcert = OSSL_STORE_INFO_get1_CERT(info)) != NULL;
+            else if (pcerts != NULL)
+                ok = X509_add_cert(*pcerts,
+                                   OSSL_STORE_INFO_get1_CERT(info),
+                                   X509_ADD_FLAG_DEFAULT);
+            ncerts += ok;
             break;
         case OSSL_STORE_INFO_CRL:
             if (pcrl != NULL && *pcrl == NULL)
-                err = ((*pcrl = OSSL_STORE_INFO_get1_CRL(info)) == NULL);
+                ok = (*pcrl = OSSL_STORE_INFO_get1_CRL(info)) != NULL;
+            else if (pcrls != NULL)
+                ok = sk_X509_CRL_push(*pcrls, OSSL_STORE_INFO_get1_CRL(info));
+            ncrls += ok;
             break;
         default:
             /* skip any other type */
             break;
         }
         OSSL_STORE_INFO_free(info);
-        if (err) {
-            BIO_printf(bio_err, "Could not read %s of %s from %s\n",
-                       infostr, desc, uri);
+        if (!ok) {
+            failed = info == NULL ? NULL : OSSL_STORE_INFO_type_string(type);
+            BIO_printf(bio_err, "Error reading %s of %s from %s\n",
+                       failed, desc, uri);
             break;
         }
     }
 
  end:
     OSSL_STORE_close(ctx);
-    if (!ret)
+    if (ppkey != NULL && *ppkey == NULL)
+        failed = "key";
+    else if ((pcert != NULL || pcerts != NULL) && ncerts == 0)
+        failed = "cert";
+    else if ((pcrl != NULL || pcrls != NULL) && ncrls == 0)
+        failed = "CRL";
+    if (failed != NULL) {
+        BIO_printf(bio_err, "Could not read any %s of %s from %s\n",
+                   failed, desc, uri);
         ERR_print_errors(bio_err);
-    return ret;
+    }
+    return failed == NULL;
 }
 
 
diff --git a/apps/lib/s_cb.c b/apps/lib/s_cb.c
index ba9ef12afb..c58f634609 100644
--- a/apps/lib/s_cb.c
+++ b/apps/lib/s_cb.c
@@ -1040,8 +1040,7 @@ int load_excert(SSL_EXCERT **pexc)
         if (exc->key == NULL)
             return 0;
         if (exc->chainfile != NULL) {
-            if (!load_certs(exc->chainfile, &exc->chain, FORMAT_PEM, NULL,
-                            "Server Chain"))
+            if (!load_certs(exc->chainfile, &exc->chain, NULL, "Server Chain"))
                 return 0;
         }
     }
diff --git a/apps/ocsp.c b/apps/ocsp.c
index 4660a7fe5a..8fb605e6fe 100644
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -567,11 +567,10 @@ int ocsp_main(int argc, char **argv)
             BIO_printf(bio_err, "Error loading responder certificate\n");
             goto end;
         }
-        if (!load_certs(rca_filename, &rca_cert, FORMAT_PEM,
-                        NULL, "CA certificate"))
+        if (!load_certs(rca_filename, &rca_cert, NULL, "CA certificates"))
             goto end;
         if (rcertfile != NULL) {
-            if (!load_certs(rcertfile, &rother, FORMAT_PEM, NULL,
+            if (!load_certs(rcertfile, &rother, NULL,
                             "responder other certificates"))
                 goto end;
         }
@@ -665,7 +664,7 @@ redo_accept:
             goto end;
         }
         if (sign_certfile != NULL) {
-            if (!load_certs(sign_certfile, &sign_other, FORMAT_PEM, NULL,
+            if (!load_certs(sign_certfile, &sign_other, NULL,
                             "signer certificates"))
                 goto end;
         }
@@ -774,8 +773,8 @@ redo_accept:
     if (vpmtouched)
         X509_STORE_set1_param(store, vpm);
     if (verify_certfile != NULL) {
-        if (!load_certs(verify_certfile, &verify_other, FORMAT_PEM, NULL,
-                        "validator certificate"))
+        if (!load_certs(verify_certfile, &verify_other, NULL,
+                        "validator certificates"))
             goto end;
     }
 
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index 46340c0d25..60ede2e1a1 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -59,7 +59,7 @@ typedef enum OPTION_choice {
     OPT_CACERTS, OPT_NOOUT, OPT_INFO, OPT_CHAIN, OPT_TWOPASS, OPT_NOMACVER,
     OPT_DESCERT, OPT_EXPORT, OPT_ITER, OPT_NOITER, OPT_MACITER, OPT_NOMACITER,
     OPT_NOMAC, OPT_LMK, OPT_NODES, OPT_NOENC, OPT_MACALG, OPT_CERTPBE, OPT_KEYPBE,
-    OPT_INKEY, OPT_CERTFILE, OPT_NAME, OPT_CSP, OPT_CANAME,
+    OPT_INKEY, OPT_CERTFILE, OPT_PASSCERTS, OPT_NAME, OPT_CSP, OPT_CANAME,
     OPT_IN, OPT_OUT, OPT_PASSIN, OPT_PASSOUT, OPT_PASSWORD, OPT_CAPATH,
     OPT_CAFILE, OPT_CASTORE, OPT_NOCAPATH, OPT_NOCAFILE, OPT_NOCASTORE, OPT_ENGINE,
     OPT_R_ENUM, OPT_PROV_ENUM, OPT_LEGACY_ALG
@@ -87,6 +87,7 @@ const OPTIONS pkcs12_options[] = {
     OPT_SECTION("Input"),
     {"inkey", OPT_INKEY, 's', "Private key if not infile"},
     {"certfile", OPT_CERTFILE, '<', "Load certs from file"},
+    {"passcerts", OPT_PASSCERTS, 's', "Certificate file pass phrase source"},
     {"name", OPT_NAME, 's', "Use name as friendly name"},
     {"CSP", OPT_CSP, 's', "Microsoft CSP name"},
     {"caname", OPT_CANAME, 's',
@@ -143,6 +144,7 @@ const OPTIONS pkcs12_options[] = {
 int pkcs12_main(int argc, char **argv)
 {
     char *infile = NULL, *outfile = NULL, *keyname = NULL, *certfile = NULL;
+    char *passcertsarg = NULL, *passcerts = NULL;
     char *name = NULL, *csp_name = NULL;
     char pass[PASSWD_BUF_SIZE] = "", macpass[PASSWD_BUF_SIZE] = "";
     int export_cert = 0, options = 0, chain = 0, twopass = 0, keytype = 0, use_legacy = 0;
@@ -260,6 +262,9 @@ int pkcs12_main(int argc, char **argv)
         case OPT_CERTFILE:
             certfile = opt_arg();
             break;
+        case OPT_PASSCERTS:
+            passcertsarg = opt_arg();
+            break;
         case OPT_NAME:
             name = opt_arg();
             break;
@@ -322,6 +327,9 @@ int pkcs12_main(int argc, char **argv)
     }
     argc = opt_num_rest();
 
+    if (!export_cert && passcertsarg != NULL)
+        BIO_printf(bio_err,
+                   "Warning: -passcerts option ignored without -export\n");
     if (use_legacy) {
         /* load the legacy provider if not loaded already*/
         if (!OSSL_PROVIDER_available(app_get0_libctx(), "legacy")) {
@@ -349,6 +357,11 @@ int pkcs12_main(int argc, char **argv)
 
     private = 1;
 
+    if (!app_passwd(passcertsarg, NULL, &passcerts, NULL)) {
+        BIO_printf(bio_err, "Error getting certificate file password\n");
+        goto end;
+    }
+
     if (passarg != NULL) {
         if (export_cert)
             passoutarg = passarg;
@@ -424,8 +437,7 @@ int pkcs12_main(int argc, char **argv)
 
         /* Load in all certs in input file */
         if (!(options & NOCERTS)) {
-            if (!load_certs(infile, &certs, FORMAT_PEM, NULL,
-                            "certificates"))
+            if (!load_certs(infile, &certs, passin, "input certificates"))
                 goto export_end;
 
             if (key != NULL) {
@@ -453,7 +465,7 @@ int pkcs12_main(int argc, char **argv)
 
         /* Add any more certificates asked for */
         if (certfile != NULL) {
-            if (!load_certs(certfile, &certs, FORMAT_PEM, NULL,
+            if (!load_certs(certfile, &certs, passcerts,
                             "certificates from certfile"))
                 goto export_end;
         }
@@ -652,6 +664,7 @@ int pkcs12_main(int argc, char **argv)
     BIO_free_all(out);
     sk_OPENSSL_STRING_free(canames);
     OPENSSL_free(badpass);
+    OPENSSL_free(passcerts);
     OPENSSL_free(passin);
     OPENSSL_free(passout);
     return ret;
diff --git a/apps/s_client.c b/apps/s_client.c
index a1b80f4c5f..2a58589ce2 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -612,7 +612,7 @@ const OPTIONS s_client_options[] = {
     {"host", OPT_HOST, 's', "Use -connect instead"},
     {"port", OPT_PORT, 'p', "Use -connect instead"},
     {"connect", OPT_CONNECT, 's',
-     "TCP/IP where to connect (default is :" PORT ")"},
+     "TCP/IP where to connect; default: " PORT ")"},
     {"bind", OPT_BIND, 's', "bind local address for connection"},
     {"proxy", OPT_PROXY, 's',
      "Connect to via specified proxy to the real server"},
@@ -643,9 +643,9 @@ const OPTIONS s_client_options[] = {
     {"cert_chain", OPT_CERT_CHAIN, '<',
      "Client certificate chain file (in PEM format)"},
     {"build_chain", OPT_BUILD_CHAIN, '-', "Build client certificate chain"},
-    {"key", OPT_KEY, 's', "Private key file to use; default is: -cert file"},
+    {"key", OPT_KEY, 's', "Private key file to use; default: -cert file"},
     {"keyform", OPT_KEYFORM, 'E', "Key format (ENGINE, other values ignored)"},
-    {"pass", OPT_PASS, 's', "Private key file pass phrase source"},
+    {"pass", OPT_PASS, 's', "Private key and cert file pass phrase source"},
     {"verify", OPT_VERIFY, 'p', "Turn on peer certificate verification"},
     {"nameopt", OPT_NAMEOPT, 's', "Certificate subject/issuer name printing options"},
     {"CApath", OPT_CAPATH, '/', "PEM format directory of CA's"},
@@ -702,7 +702,7 @@ const OPTIONS s_client_options[] = {
     {"keymatexport", OPT_KEYMATEXPORT, 's',
      "Export keying material using label"},
     {"keymatexportlen", OPT_KEYMATEXPORTLEN, 'p',
-     "Export len bytes of keying material (default 20)"},
+     "Export len bytes of keying material; default 20"},
     {"security_debug", OPT_SECURITY_DEBUG, '-',
      "Enable security debug messages"},
     {"security_debug_verbose", OPT_SECURITY_DEBUG_VERBOSE, '-',
@@ -790,7 +790,7 @@ const OPTIONS s_client_options[] = {
     OPT_V_OPTIONS,
     {"CRL", OPT_CRL, '<', "CRL file to use"},
     {"crl_download", OPT_CRL_DOWNLOAD, '-', "Download CRL from distribution points"},
-    {"CRLform", OPT_CRLFORM, 'F', "CRL format (PEM or DER) PEM is default"},
+    {"CRLform", OPT_CRLFORM, 'F', "CRL format (PEM or DER); default PEM"},
     {"verify_return_error", OPT_VERIFY_RET_ERROR, '-',
      "Close connection on verification error"},
     {"verify_quiet", OPT_VERIFY_QUIET, '-', "Restrict verify output to errors"},
@@ -1740,14 +1740,13 @@ int s_client_main(int argc, char **argv)
     }
 
     if (cert_file != NULL) {
-        cert = load_cert(cert_file, cert_format, "client certificate file");
+        cert = load_cert_pass(cert_file, cert_format, pass, "client certificate file");
         if (cert == NULL)
             goto end;
     }
 
     if (chain_file != NULL) {
-        if (!load_certs(chain_file, &chain, FORMAT_PEM, NULL,
-                        "client certificate chain"))
+        if (!load_certs(chain_file, &chain, pass, "client certificate chain"))
             goto end;
     }
 
diff --git a/apps/s_server.c b/apps/s_server.c
index 5f16dcdea4..b936ff4226 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -809,9 +809,9 @@ const OPTIONS s_server_options[] = {
     {"Verify", OPT_UPPER_V_VERIFY, 'n',
      "Turn on peer certificate verification, must have a cert"},
     {"nameopt", OPT_NAMEOPT, 's', "Certificate subject/issuer name printing options"},
-    {"cert", OPT_CERT, '<', "Server certificate file to use; default is " TEST_CERT},
+    {"cert", OPT_CERT, '<', "Server certificate file to use; default " TEST_CERT},
     {"cert2", OPT_CERT2, '<',
-     "Certificate file to use for servername; default is" TEST_CERT2},
+     "Certificate file to use for servername; default " TEST_CERT2},
     {"certform", OPT_CERTFORM, 'F',
      "Server certificate file format (PEM/DER/P12); has no effect"},
     {"cert_chain", OPT_CERT_CHAIN, '<',
@@ -824,7 +824,7 @@ const OPTIONS s_server_options[] = {
     {"key2", OPT_KEY2, '<',
      "-Private Key file to use for servername if not in -cert2"},
     {"keyform", OPT_KEYFORM, 'f', "Key format (ENGINE, other values ignored)"},
-    {"pass", OPT_PASS, 's', "Private key file pass phrase source"},
+    {"pass", OPT_PASS, 's', "Private key and cert file pass phrase source"},
     {"dcert", OPT_DCERT, '<',
      "Second server certificate file to use (usually for DSA)"},
     {"dcertform", OPT_DCERTFORM, 'F',
@@ -835,16 +835,14 @@ const OPTIONS s_server_options[] = {
      "Second private key file to use (usually for DSA)"},
     {"dkeyform", OPT_DKEYFORM, 'F',
      "Second key file format (ENGINE, other values ignored)"},
-    {"dpass", OPT_DPASS, 's', "Second private key file pass phrase source"},
+    {"dpass", OPT_DPASS, 's', "Second private key and cert file pass phrase source"},
     {"dhparam", OPT_DHPARAM, '<', "DH parameters file to use"},
     {"servername", OPT_SERVERNAME, 's',
      "Servername for HostName TLS extension"},
     {"servername_fatal", OPT_SERVERNAME_FATAL, '-',
      "mismatch send fatal alert (default warning alert)"},
-
     {"nbio_test", OPT_NBIO_TEST, '-', "Test with the non-blocking test bio"},
     {"crlf", OPT_CRLF, '-', "Convert LF from terminal into CRLF"},
-
     {"quiet", OPT_QUIET, '-', "No server output"},
     {"no_resume_ephemeral", OPT_NO_RESUME_EPHEMERAL, '-',
      "Disable caching and tickets if ephemeral (EC)DH is used"},
@@ -860,7 +858,7 @@ const OPTIONS s_server_options[] = {
     {"keymatexport", OPT_KEYMATEXPORT, 's',
      "Export keying material using label"},
     {"keymatexportlen", OPT_KEYMATEXPORTLEN, 'p',
-     "Export len bytes of keying material (default 20)"},
+     "Export len bytes of keying material; default 20"},
     {"CRL", OPT_CRL, '<', "CRL file to use"},
     {"CRLform", OPT_CRLFORM, 'F', "CRL file format (PEM or DER); default PEM"},
     {"crl_download", OPT_CRL_DOWNLOAD, '-',
@@ -1752,13 +1750,13 @@ int s_server_main(int argc, char *argv[])
         if (s_key == NULL)
             goto end;
 
-        s_cert = load_cert(s_cert_file, s_cert_format,
+        s_cert = load_cert_pass(s_cert_file, s_cert_format, pass,
                            "server certificate file");
 
         if (s_cert == NULL)
             goto end;
         if (s_chain_file != NULL) {
-            if (!load_certs(s_chain_file, &s_chain, FORMAT_PEM, NULL,
+            if (!load_certs(s_chain_file, &s_chain, NULL,
                             "server certificate chain"))
                 goto end;
         }
@@ -1769,7 +1767,7 @@ int s_server_main(int argc, char *argv[])
             if (s_key2 == NULL)
                 goto end;
 
-            s_cert2 = load_cert(s_cert_file2, s_cert_format,
+            s_cert2 = load_cert_pass(s_cert_file2, s_cert_format, pass,
                                 "second server certificate file");
 
             if (s_cert2 == NULL)
@@ -1814,7 +1812,7 @@ int s_server_main(int argc, char *argv[])
         if (s_dkey == NULL)
             goto end;
 
-        s_dcert = load_cert(s_dcert_file, s_dcert_format,
+        s_dcert = load_cert_pass(s_dcert_file, s_dcert_format, dpass,
                             "second server certificate file");
 
         if (s_dcert == NULL) {
@@ -1822,7 +1820,7 @@ int s_server_main(int argc, char *argv[])
             goto end;
         }
         if (s_dchain_file != NULL) {
-            if (!load_certs(s_dchain_file, &s_dchain, FORMAT_PEM, NULL,
+            if (!load_certs(s_dchain_file, &s_dchain, NULL,
                             "second server certificate chain"))
                 goto end;
         }
diff --git a/apps/smime.c b/apps/smime.c
index 4dfc80d440..5ecdc019d2 100644
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -449,8 +449,7 @@ int smime_main(int argc, char **argv)
     }
 
     if (certfile != NULL) {
-        if (!load_certs(certfile, &other, FORMAT_PEM, NULL,
-                        "certificate file")) {
+        if (!load_certs(certfile, &other, NULL, "certificates")) {
             ERR_print_errors(bio_err);
             goto end;
         }
diff --git a/apps/verify.c b/apps/verify.c
index c28f44571a..ed20b69b17 100644
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -149,7 +149,7 @@ int verify_main(int argc, char **argv)
             break;
         case OPT_UNTRUSTED:
             /* Zero or more times */
-            if (!load_certs(opt_arg(), &untrusted, FORMAT_PEM, NULL,
+            if (!load_certs(opt_arg(), &untrusted, NULL,
                             "untrusted certificates"))
                 goto end;
             break;
@@ -158,14 +158,12 @@ int verify_main(int argc, char **argv)
             noCAfile = 1;
             noCApath = 1;
             noCAstore = 1;
-            if (!load_certs(opt_arg(), &trusted, FORMAT_PEM, NULL,
-                            "trusted certificates"))
+            if (!load_certs(opt_arg(), &trusted, NULL, "trusted certificates"))
                 goto end;
             break;
         case OPT_CRLFILE:
             /* Zero or more times */
-            if (!load_crls(opt_arg(), &crls, FORMAT_PEM, NULL,
-                           "other CRLs"))
+            if (!load_crls(opt_arg(), &crls, NULL, "other CRLs"))
                 goto end;
             break;
         case OPT_CRL_DOWNLOAD:
diff --git a/apps/x509.c b/apps/x509.c
index fbe4b8cefe..64a1cadc97 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -80,7 +80,7 @@ const OPTIONS x509_options[] = {
     {"inform", OPT_INFORM, 'f',
      "CSR input format (DER or PEM) - default PEM"},
     {"in", OPT_IN, '<', "Input file - default stdin"},
-    {"passin", OPT_PASSIN, 's', "Private key password/pass-phrase source"},
+    {"passin", OPT_PASSIN, 's', "Private key and cert file pass-phrase source"},
     {"outform", OPT_OUTFORM, 'f',
      "Output format (DER or PEM) - default PEM"},
     {"out", OPT_OUT, '>', "Output file - default stdout"},
@@ -633,7 +633,7 @@ int x509_main(int argc, char **argv)
         if (!X509_set_pubkey(x, fkey != NULL ? fkey : X509_REQ_get0_pubkey(req)))
             goto end;
     } else {
-        x = load_cert(infile, FORMAT_UNDEF, "Certificate");
+        x = load_cert_pass(infile, FORMAT_UNDEF, passin, "Certificate");
         if (x == NULL)
             goto end;
         if (fkey != NULL && !X509_set_pubkey(x, fkey))
@@ -643,7 +643,7 @@ int x509_main(int argc, char **argv)
     }
 
     if (CA_flag) {
-        xca = load_cert(CAfile, CAformat, "CA Certificate");
+        xca = load_cert_pass(CAfile, CAformat, passin, "CA Certificate");
         if (xca == NULL)
             goto end;
     }
@@ -963,7 +963,7 @@ int x509_main(int argc, char **argv)
     sk_ASN1_OBJECT_pop_free(reject, ASN1_OBJECT_free);
     ASN1_OBJECT_free(objtmp);
     release_engine(e);
-    OPENSSL_free(passin);
+    clear_free(passin);
     return ret;
 }
 
diff --git a/doc/man1/openssl-ca.pod.in b/doc/man1/openssl-ca.pod.in
index 5f7dc2d16f..7d7f0752f3 100644
--- a/doc/man1/openssl-ca.pod.in
+++ b/doc/man1/openssl-ca.pod.in
@@ -138,9 +138,9 @@ The directory to output certificates to. The certificate will be
 written to a filename consisting of the serial number in hex with
 F<.pem> appended.
 
-=item B<-cert>
+=item B<-cert> I<filename>
 
-The CA certificate file.
+The CA certificate, which must match with B<-keyfile>.
 
 =item B<-certform> B<DER>|B<PEM>|B<P12>
 
@@ -149,7 +149,7 @@ This option has no effect and is retained for backward compatibility only.
 
 =item B<-keyfile> I<filename>
 
-The private key to sign requests with.
+The CA private key to sign requests with. This must match with B<-cert>.
 
 =item B<-keyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>
 
@@ -179,6 +179,7 @@ The password used to encrypt the private key. Since on some
 systems the command line arguments are visible (e.g., when using
 L<ps(1)> on Unix),
 this option should be used with caution.
+Better use B<-passin>.
 
 =item B<-selfsign>
 
@@ -196,7 +197,8 @@ self-signed certificate.
 
 =item B<-passin> I<arg>
 
-The key password source. For more information about the format of B<arg>
+The key and certificate password source.
+For more information about the format of B<arg>
 see L<openssl(1)/Pass Phrase Options>.
 
 =item B<-notext>
diff --git a/doc/man1/openssl-cmp.pod.in b/doc/man1/openssl-cmp.pod.in
index 8d3e686b55..a6a769af9d 100644
--- a/doc/man1/openssl-cmp.pod.in
+++ b/doc/man1/openssl-cmp.pod.in
@@ -69,7 +69,6 @@ B<openssl> B<cmp>
 
 [B<-certform> I<PEM|DER>]
 [B<-keyform> I<PEM|DER|P12|ENGINE>]
-[B<-certsform> I<PEM|DER|P12>]
 [B<-otherpass> I<arg>]
 {- $OpenSSL::safe::opt_engine_synopsis -}
 {- $OpenSSL::safe::opt_provider_synopsis -}
@@ -681,15 +680,10 @@ Send messages without CMP-level protection.
 File format to use when saving a certificate to a file.
 Default value is PEM.
 
-=item B<-keyform> I<PEM|DER|P12>
+=item B<-keyform> I<PEM|DER|P12|ENGINE>
 
-Format to assume when reading key files.
-Default value is PEM.
-
-=item B<-certsform> I<PEM|DER|P12>
-
-Format to try first when reading multiple certificates from file(s).
-Default value is PEM.
+The format of the key input.
+The only value with effect is B<ENGINE>.
 
 =item B<-otherpass> I<arg>
 
diff --git a/doc/man1/openssl-cms.pod.in b/doc/man1/openssl-cms.pod.in
index a72b4c9fa0..def9766b3c 100644
--- a/doc/man1/openssl-cms.pod.in
+++ b/doc/man1/openssl-cms.pod.in
@@ -380,6 +380,7 @@ the MIME type multipart/signed is used.
 Allows additional certificates to be specified. When signing these will
 be included with the message. When verifying these will be searched for
 the signers certificates.
+The input can be in PEM, DER, or PKCS#12 format.
 
 =item B<-certsout> I<file>
 
diff --git a/doc/man1/openssl-ocsp.pod.in b/doc/man1/openssl-ocsp.pod.in
index a738ddbdd7..614a4dae83 100644
--- a/doc/man1/openssl-ocsp.pod.in
+++ b/doc/man1/openssl-ocsp.pod.in
@@ -130,6 +130,7 @@ the OCSP request is not signed.
 =item B<-sign_other> I<filename>
 
 Additional certificates to include in the signed request.
+The input can be in PEM, DER, or PKCS#12 format.
 
 =item B<-nonce>, B<-no_nonce>
 
@@ -180,10 +181,12 @@ the complete request is received.
 
 =item B<-verify_other> I<file>
 
-File containing additional certificates to search when attempting to locate
+File or URI containing additional certificates to search
+when attempting to locate
 the OCSP response signing certificate. Some responders omit the actual signer's
 certificate from the response: this option can be used to supply the necessary
 certificate in such cases.
+The input can be in PEM, DER, or PKCS#12 format.
 
 =item B<-trust_other>
 
@@ -194,8 +197,9 @@ root CA is not appropriate.
 
 =item B<-VAfile> I<file>
 
-File containing explicitly trusted responder certificates. Equivalent to the
-B<-verify_other> and B<-trust_other> options.
+File or URI containing explicitly trusted responder certificates.
+Equivalent to the B<-verify_other> and B<-trust_other> options.
+The input can be in PEM, DER, or PKCS#12 format.
 
 =item B<-noverify>
 
@@ -296,6 +300,7 @@ must also be present.
 
 CA certificate corresponding to the revocation information in the index
 file given with B<-index>.
+The input can be in PEM, DER, or PKCS#12 format.
 
 =item B<-rsigner> I<file>
 
@@ -314,6 +319,7 @@ see L<openssl(1)/Pass Phrase Options>.
 =item B<-rother> I<file>
 
 Additional certificates to include in the OCSP response.
+The input can be in PEM, DER, or PKCS#12 format.
 
 =item B<-rsigopt> I<nm>:I<v>
 
diff --git a/doc/man1/openssl-pkcs12.pod.in b/doc/man1/openssl-pkcs12.pod.in
index 90d8a7e19e..e148d229b0 100644
--- a/doc/man1/openssl-pkcs12.pod.in
+++ b/doc/man1/openssl-pkcs12.pod.in
@@ -13,6 +13,7 @@ B<openssl> B<pkcs12>
 [B<-chain>]
 [B<-inkey> I<file_or_id>]
 [B<-certfile> I<filename>]
+[B<-passcerts> I<arg>]
 [B<-name> I<name>]
 [B<-caname> I<name>]
 [B<-in> I<filename>]
@@ -85,8 +86,10 @@ Print out a usage message.
 
 =item B<-in> I<filename>
 
-This specifies filename of the PKCS#12 file to be parsed. Standard input is used
-by default.
+This specifies filename or URI of the PKCS#12 file to be parsed.
+With B<-export>, this refers to the the certificate and/or key input,
+which can be in PEM, DER, or PKCS#12 format.
+Standard input is used by default.
 
 =item B<-out> I<filename>
 
@@ -195,9 +198,10 @@ by default.
 
 =item B<-in> I<filename>
 
-The filename to read certificates and private keys from, standard input by
-default.  They must all be in PEM format. The order doesn't matter but one
-private key and its corresponding certificate should be present. If additional
+The filename or URI to read certificates and private keys from, standard input
+by default. They can be in PEM, DER, or PKCS#12 format.
+The order doesn't matter but one private key and
+its corresponding certificate should be present. If additional
 certificates are present they will also be included in the PKCS#12 file.
 
 =item B<-inkey> I<file_or_id>
@@ -214,7 +218,14 @@ name is typically displayed in list boxes by software importing the file.
 
 =item B<-certfile> I<filename>
 
-A filename to read additional certificates from.
+A filename or URI to read additional certificates from.
+The file can be in PEM, DER, or PKCS#12 format.
+
+=item B<-passcerts> I<arg>
+
+The password source for certificate input such as B<-certfile>.
+For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-caname> I<friendlyname>
 
diff --git a/doc/man1/openssl-s_client.pod.in b/doc/man1/openssl-s_client.pod.in
index 6d8cb5a397..594d26f9bd 100644
--- a/doc/man1/openssl-s_client.pod.in
+++ b/doc/man1/openssl-s_client.pod.in
@@ -234,7 +234,7 @@ Suppresses sending of the SNI (Server Name Indication) extension in the
 ClientHello message. Cannot be used in conjunction with the B<-servername> or
 <-dane_tlsa_domain> options.
 
-=item B<-cert> I<certname>
+=item B<-cert> I<filename>
 
 The client certificate to use, if one is requested by the server.
 The default is not to use a certificate.
@@ -248,8 +248,9 @@ This option has no effect and is retained for backward compatibility only.
 
 =item B<-cert_chain>
 
-A file containing untrusted certificates to use when attempting to build the
+A file or URI of untrusted certificates to use when attempting to build the
 certificate chain related to the certificate specified via the B<-cert> option.
+The input can be in PEM, DER, or PKCS#12 format.
 
 =item B<-build_chain>
 
@@ -282,7 +283,8 @@ See L<openssl(1)/Format Options> for details.
 
 =item B<-pass> I<arg>
 
-the private key password source. For more information about the format of I<arg>
+the private key and certifiate file password source.
+For more information about the format of I<arg>
 see L<openssl(1)/Pass phrase options>.
 
 =item B<-verify> I<depth>
diff --git a/doc/man1/openssl-s_server.pod.in b/doc/man1/openssl-s_server.pod.in
index 47515af42a..b074485a63 100644
--- a/doc/man1/openssl-s_server.pod.in
+++ b/doc/man1/openssl-s_server.pod.in
@@ -228,8 +228,9 @@ This option has no effect and is retained for backward compatibility only.
 
 =item B<-cert_chain>
 
-A file containing untrusted certificates to use when attempting to build the
+A file or URI of untrusted certificates to use when attempting to build the
 certificate chain related to the certificate specified via the B<-cert> option.
+The input can be in PEM, DER, or PKCS#12 format.
 
 =item B<-build_chain>
 
@@ -257,7 +258,7 @@ See L<openssl(1)/Format Options> for details.
 
 =item B<-pass> I<val>
 
-The private key password source.
+The private key and certificate file password source.
 For more information about the format of I<val>,
 see L<openssl(1)/Pass Phrase Options>.
 
@@ -274,9 +275,10 @@ by using an appropriate certificate.
 
 =item B<-dcert_chain>
 
-A file containing untrusted certificates to use when attempting to build the
+A file or URI of untrusted certificates to use when attempting to build the
 server certificate chain when a certificate specified via the B<-dcert> option
 is in use.
+The input can be in PEM, DER, or PKCS#12 format.
 
 =item B<-dcertform> B<DER>|B<PEM>|B<P12>
 
@@ -291,7 +293,7 @@ See L<openssl(1)/Format Options>.
 
 =item B<-dpass> I<val>
 
-The passphrase for the additional private key.
+The passphrase for the additional private key and certificate.
 For more information about the format of I<val>,
 see L<openssl(1)/Pass Phrase Options>.
 
diff --git a/doc/man1/openssl-smime.pod.in b/doc/man1/openssl-smime.pod.in
index 9f42c0c1fe..3aa0dc49d2 100644
--- a/doc/man1/openssl-smime.pod.in
+++ b/doc/man1/openssl-smime.pod.in
@@ -238,6 +238,7 @@ option is present B<CRLF> is used instead.
 Allows additional certificates to be specified. When signing these will
 be included with the message. When verifying these will be searched for
 the signers certificates.
+The input can be in PEM, DER, or PKCS#12 format.
 
 =item B<-signer> I<file>
 
diff --git a/doc/man1/openssl-verify.pod.in b/doc/man1/openssl-verify.pod.in
index ff4d88f577..e9c2ca922c 100644
--- a/doc/man1/openssl-verify.pod.in
+++ b/doc/man1/openssl-verify.pod.in
@@ -40,7 +40,7 @@ Print out a usage message.
 
 =item B<-CRLfile> I<file>
 
-The I<file> should contain one or more CRLs in PEM format.
+The file or URI should contain one or more CRLs in PEM or DER format.
 This option can be specified more than once to include CRLs from multiple
 I<file>s.
 
@@ -60,13 +60,14 @@ Print extra information about the operations being performed.
 
 =item B<-trusted> I<file>
 
-A file of trusted certificates in PEM format.
+A file or URI of trusted certificates in PEM, DER, or PKCS#12 format.
 This option can be specified more than once to load certificates from multiple
 I<file>s.
 
 =item B<-untrusted> I<file>
 
-A file of untrusted certificates in PEM format to use for chain building.
+A file or URI of untrusted certificates in PEM, DER, or PKCS#12 format
+to use for chain building.
 This option can be specified more than once to load certificates from multiple
 I<file>s.
 
diff --git a/doc/man1/openssl-x509.pod.in b/doc/man1/openssl-x509.pod.in
index 33e24ac6e9..8eb35e537e 100644
--- a/doc/man1/openssl-x509.pod.in
+++ b/doc/man1/openssl-x509.pod.in
@@ -386,7 +386,8 @@ Names and values of these options are algorithm-specific.
 
 =item B<-passin> I<arg>
 
-The key password source. For more information about the format of I<arg>
+The key and certificate file password source.
+For more information about the format of I<arg>
 see L<openssl(1)/Pass Phrase Options>.
 
 =item B<-clrext>
diff --git a/test/certs/v3-certs-RC2.p12 b/test/certs/v3-certs-RC2.p12
new file mode 100644
index 0000000000..0cdbcc1f26
Binary files /dev/null and b/test/certs/v3-certs-RC2.p12 differ
diff --git a/test/certs/v3-certs-TDES.p12 b/test/certs/v3-certs-TDES.p12
new file mode 100644
index 0000000000..d203dc2986
Binary files /dev/null and b/test/certs/v3-certs-TDES.p12 differ
diff --git a/test/recipes/25-test_x509.t b/test/recipes/25-test_x509.t
index 250738487a..3cfcb2290c 100644
--- a/test/recipes/25-test_x509.t
+++ b/test/recipes/25-test_x509.t
@@ -16,7 +16,7 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/;
 
 setup("test_x509");
 
-plan tests => 11;
+plan tests => 12;
 
 require_ok(srctop_file('test','recipes','tconversion.pl'));
 
@@ -35,6 +35,17 @@ ok(run(app(["openssl", "x509", "-text", "-in", $pem, "-out", $out_utf8,
 is(cmp_text($out_utf8, srctop_file("test/certs", "cyrillic.utf8")),
    0, 'Comparing utf8 output');
 
+ SKIP: {
+    skip "DES disabled", 1 if disabled("des");
+
+    my $p12 = srctop_file("test", "shibboleth.pfx");
+    my $p12pass = "??????? ????????";
+    my $out_pem = "out.pem";
+    ok(run(app(["openssl", "x509", "-text", "-in", $p12, "-out", $out_pem,
+                "-passin", "pass:$p12pass"])));
+    unlink $out_pem;
+}
+
 SKIP: {
     skip "EC disabled", 1 if disabled("ec");
 
diff --git a/test/recipes/80-test_pkcs12.t b/test/recipes/80-test_pkcs12.t
index fa95649212..24247b8c25 100644
--- a/test/recipes/80-test_pkcs12.t
+++ b/test/recipes/80-test_pkcs12.t
@@ -57,7 +57,7 @@ if (eval { require Win32::API; 1; }) {
 }
 $ENV{OPENSSL_WIN32_UTF8}=1;
 
-plan tests => 2;
+plan tests => 4;
 
 # Test different PKCS#12 formats
 ok(run(test(["pkcs12_format_test"])), "test pkcs12 formats");
@@ -68,4 +68,27 @@ ok(run(app(["openssl", "pkcs12", "-noout",
             "-in", srctop_file("test", "shibboleth.pfx")])),
    "test_pkcs12");
 
+my @path = qw(test certs);
+my $tmpfile = "tmp.p12";
+
+# Test the -passcerts option
+ok(run(app(["openssl", "pkcs12", "-export",
+            "-in", srctop_file(@path, "ee-cert.pem"),
+            "-certfile", srctop_file(@path, "v3-certs-TDES.p12"),
+            "-passcerts", "pass:v3-certs",
+            "-nokeys", "-passout", "pass:v3-certs", "-descert",
+            "-out", $tmpfile])),
+   "test_pkcs12_passcert");
+unlink $tmpfile;
+
+# Test reading legacy PKCS#12 file
+ok(run(app(["openssl", "pkcs12", "-export",
+            "-in", srctop_file(@path, "v3-certs-RC2.p12"),
+            "-passin", "pass:v3-certs",
+            "-provider", "default", "-provider", "legacy",
+            "-nokeys", "-passout", "pass:v3-certs", "-descert",
+            "-out", $tmpfile])),
+   "test_pkcs12_passcert");
+unlink $tmpfile;
+
 SetConsoleOutputCP($savedcp) if (defined($savedcp));

From no-reply at appveyor.com  Thu Aug 20 13:15:48 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 20 Aug 2020 13:15:48 +0000
Subject: Build failed: openssl master.36283
Message-ID: <20200820131548.1.70C8A5083710D6CA@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200820/cdb65db9/attachment.html>

From builds at travis-ci.com  Thu Aug 20 14:03:38 2020
From: builds at travis-ci.com (Travis CI)
Date: Thu, 20 Aug 2020 14:03:38 +0000
Subject: Still Failing: openssl/openssl#36834 (master - 3b1fd0b)
In-Reply-To: <openssl/openssl+180610229+still failing@travis-ci.com>
Message-ID: <5f3e82b8d674a_13fac1debf178341846@travis-pro-tasks-8486f9f66d-z7sg6.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36834
Status: Still Failing

Duration: 32 mins and 54 secs
Commit: 3b1fd0b (master)
Author: Pauli
Message: cmp: handle error return from OBJ_obj2txt()

Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12678)

View the changeset: https://github.com/openssl/openssl/compare/16486f633241...3b1fd0b00357

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180610229?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200820/77da6a73/attachment.html>

From no-reply at appveyor.com  Thu Aug 20 14:35:39 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 20 Aug 2020 14:35:39 +0000
Subject: Build failed: openssl master.36289
Message-ID: <20200820143539.1.04A29484B7B4EA47@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200820/60493568/attachment.html>

From matt at openssl.org  Thu Aug 20 16:14:07 2020
From: matt at openssl.org (Matt Caswell)
Date: Thu, 20 Aug 2020 16:14:07 +0000
Subject: [openssl]  master update
Message-ID: <1597940047.600671.9333.nullmailer@dev.openssl.org>

The branch master has been updated
       via  8ca6c6669fb6ebd4412be7e243eefdaa6b88aec6 (commit)
       via  a361cb841d75eae2c1c385f869fbdb598d2c60a7 (commit)
      from  2a33470b4f23bcf1cd66bbf645c855142efa0ed9 (commit)


- Log -----------------------------------------------------------------
commit 8ca6c6669fb6ebd4412be7e243eefdaa6b88aec6
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Aug 18 17:25:51 2020 +0100

    Test mte with stitched ciphersuites in TLSv1.0
    
    The previous commit fixed a bug with mte, stitched ciphersuites and
    TLSv1.0. We now add a test for that scenario.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12670)

commit a361cb841d75eae2c1c385f869fbdb598d2c60a7
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Aug 18 12:28:45 2020 +0100

    Fix stitched ciphersuites in TLS1.0
    
    TLS1.0 does not have an explicit IV in the record, and therefore we should
    not attempt to remove it.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12670)

-----------------------------------------------------------------------

Summary of changes:
 .../ciphers/cipher_aes_cbc_hmac_sha.c              | 22 ++++++
 test/ssl-tests/19-mac-then-encrypt.cnf             | 84 +++++++++++++++++++++-
 test/ssl-tests/19-mac-then-encrypt.cnf.in          | 53 ++++++++++++++
 3 files changed, 158 insertions(+), 1 deletion(-)

diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c
index ae853b7eb9..9c927352a2 100644
--- a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c
+++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c
@@ -16,6 +16,8 @@
 
 /* Dispatch functions for AES_CBC_HMAC_SHA ciphers */
 
+/* Only for SSL3_VERSION and TLS1_VERSION */
+#include <openssl/ssl.h>
 #include "cipher_aes_cbc_hmac_sha.h"
 #include "prov/implementations.h"
 
@@ -172,6 +174,26 @@ static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[])
             return 0;
         }
     }
+
+    p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS_VERSION);
+    if (p != NULL) {
+        if (!OSSL_PARAM_get_uint(p, &ctx->base.tlsversion)) {
+            ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
+            return 0;
+        }
+        if (ctx->base.tlsversion == SSL3_VERSION
+                || ctx->base.tlsversion == TLS1_VERSION) {
+            if (!ossl_assert(ctx->base.removetlspad >= AES_BLOCK_SIZE)) {
+                ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR);
+                return 0;
+            }
+            /*
+             * There is no explicit IV with these TLS versions, so don't attempt
+             * to remove it.
+             */
+            ctx->base.removetlspad -= AES_BLOCK_SIZE;
+        }
+    }
     return ret;
 }
 
diff --git a/test/ssl-tests/19-mac-then-encrypt.cnf b/test/ssl-tests/19-mac-then-encrypt.cnf
index 0dd384ea6c..803c2c0c0f 100644
--- a/test/ssl-tests/19-mac-then-encrypt.cnf
+++ b/test/ssl-tests/19-mac-then-encrypt.cnf
@@ -1,6 +1,6 @@
 # Generated with generate_ssl_tests.pl
 
-num_tests = 6
+num_tests = 9
 
 test-0 = 0-disable-encrypt-then-mac-server-sha
 test-1 = 1-disable-encrypt-then-mac-client-sha
@@ -8,6 +8,9 @@ test-2 = 2-disable-encrypt-then-mac-both-sha
 test-3 = 3-disable-encrypt-then-mac-server-sha2
 test-4 = 4-disable-encrypt-then-mac-client-sha2
 test-5 = 5-disable-encrypt-then-mac-both-sha2
+test-6 = 6-disable-encrypt-then-mac-server-sha-tls1
+test-7 = 7-disable-encrypt-then-mac-client-sha-tls1
+test-8 = 8-disable-encrypt-then-mac-both-sha-tls1
 # ===========================================================
 
 [0-disable-encrypt-then-mac-server-sha]
@@ -160,3 +163,82 @@ VerifyMode = Peer
 ExpectedResult = Success
 
 
+# ===========================================================
+
+[6-disable-encrypt-then-mac-server-sha-tls1]
+ssl_conf = 6-disable-encrypt-then-mac-server-sha-tls1-ssl
+
+[6-disable-encrypt-then-mac-server-sha-tls1-ssl]
+server = 6-disable-encrypt-then-mac-server-sha-tls1-server
+client = 6-disable-encrypt-then-mac-server-sha-tls1-client
+
+[6-disable-encrypt-then-mac-server-sha-tls1-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT:@SECLEVEL=0
+Options = -EncryptThenMac
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[6-disable-encrypt-then-mac-server-sha-tls1-client]
+CipherString = AES128-SHA at SECLEVEL=0
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-6]
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[7-disable-encrypt-then-mac-client-sha-tls1]
+ssl_conf = 7-disable-encrypt-then-mac-client-sha-tls1-ssl
+
+[7-disable-encrypt-then-mac-client-sha-tls1-ssl]
+server = 7-disable-encrypt-then-mac-client-sha-tls1-server
+client = 7-disable-encrypt-then-mac-client-sha-tls1-client
+
+[7-disable-encrypt-then-mac-client-sha-tls1-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT:@SECLEVEL=0
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[7-disable-encrypt-then-mac-client-sha-tls1-client]
+CipherString = AES128-SHA at SECLEVEL=0
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+Options = -EncryptThenMac
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-7]
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[8-disable-encrypt-then-mac-both-sha-tls1]
+ssl_conf = 8-disable-encrypt-then-mac-both-sha-tls1-ssl
+
+[8-disable-encrypt-then-mac-both-sha-tls1-ssl]
+server = 8-disable-encrypt-then-mac-both-sha-tls1-server
+client = 8-disable-encrypt-then-mac-both-sha-tls1-client
+
+[8-disable-encrypt-then-mac-both-sha-tls1-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT:@SECLEVEL=0
+Options = -EncryptThenMac
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[8-disable-encrypt-then-mac-both-sha-tls1-client]
+CipherString = AES128-SHA at SECLEVEL=0
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+Options = -EncryptThenMac
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-8]
+ExpectedResult = Success
+
+
diff --git a/test/ssl-tests/19-mac-then-encrypt.cnf.in b/test/ssl-tests/19-mac-then-encrypt.cnf.in
index 32b7b7dfdb..074b1d1380 100644
--- a/test/ssl-tests/19-mac-then-encrypt.cnf.in
+++ b/test/ssl-tests/19-mac-then-encrypt.cnf.in
@@ -13,6 +13,8 @@ package ssltests;
 
 use OpenSSL::Test::Utils;
 
+our $fips_mode;
+
 our @tests = (
     {
         name => "disable-encrypt-then-mac-server-sha",
@@ -99,4 +101,55 @@ my @tests_tls1_2 = (
     },
 );
 
+our @tests_tls1 = (
+    {
+        name => "disable-encrypt-then-mac-server-sha-tls1",
+        server => {
+          "CipherString" => 'DEFAULT:@SECLEVEL=0',
+          "Options" => "-EncryptThenMac",
+        },
+        client => {
+          "CipherString" => 'AES128-SHA at SECLEVEL=0',
+          "MinProtocol" => "TLSv1",
+          "MaxProtocol" => "TLSv1"
+        },
+        test   => {
+          "ExpectedResult" => "Success",
+        },
+    },
+    {
+        name => "disable-encrypt-then-mac-client-sha-tls1",
+        server => {
+          "CipherString" => 'DEFAULT:@SECLEVEL=0',
+        },
+        client => {
+          "CipherString" => 'AES128-SHA at SECLEVEL=0',
+          "Options" => "-EncryptThenMac",
+          "MinProtocol" => "TLSv1",
+          "MaxProtocol" => "TLSv1"
+        },
+        test   => {
+          "ExpectedResult" => "Success",
+        },
+    },
+    {
+        name => "disable-encrypt-then-mac-both-sha-tls1",
+        server => {
+          "CipherString" => 'DEFAULT:@SECLEVEL=0',
+          "Options" => "-EncryptThenMac",
+        },
+        client => {
+          "CipherString" => 'AES128-SHA at SECLEVEL=0',
+          "Options" => "-EncryptThenMac",
+          "MinProtocol" => "TLSv1",
+          "MaxProtocol" => "TLSv1"
+        },
+        test   => {
+          "ExpectedResult" => "Success",
+        },
+    },
+);
+
+
 push @tests, @tests_tls1_2 unless disabled("tls1_2");
+push @tests, @tests_tls1 unless disabled("tls1") || $fips_mode;

From no-reply at appveyor.com  Thu Aug 20 17:24:43 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 20 Aug 2020 17:24:43 +0000
Subject: Build failed: openssl master.36297
Message-ID: <20200820172443.1.99E7A72901B80C8D@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200820/e63a55c6/attachment.html>

From no-reply at appveyor.com  Thu Aug 20 18:34:25 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 20 Aug 2020 18:34:25 +0000
Subject: Build completed: openssl master.36298
Message-ID: <20200820183425.1.AC8665F91E7B7B43@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200820/72fc46c1/attachment.html>

From builds at travis-ci.com  Thu Aug 20 20:56:07 2020
From: builds at travis-ci.com (Travis CI)
Date: Thu, 20 Aug 2020 20:56:07 +0000
Subject: Still Failing: openssl/openssl#36844 (master - 22b8144)
In-Reply-To: <openssl/openssl+180639512+still failing@travis-ci.com>
Message-ID: <5f3ee36725511_13fade47ae10478112@travis-pro-tasks-6dd4687656-nq8w7.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36844
Status: Still Failing

Duration: 53 mins and 54 secs
Commit: 22b8144 (master)
Author: Richard Levitte
Message: X509: Add d2i_PUBKEY_ex(), which take a libctx and propq

Just like d2i_PrivateKey() / d2i_PrivateKey_ex(), there's a need to
associate an EVP_PKEY extracted from a PUBKEY to a library context and
a property query string.  Without it, a provider-native EVP_PKEY can
only fetch necessary internal algorithms from the default library
context, even though an application specific context should be used.

Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12671)

View the changeset: https://github.com/openssl/openssl/compare/3b1fd0b00357...22b814443eea

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180639512?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200820/46d71311/attachment.html>

From openssl at openssl.org  Thu Aug 20 21:00:44 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 20 Aug 2020 21:00:44 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-ui-console
Message-ID: <1597957244.051942.20676.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ui-console

Commit log since last time:

c7dfb2abe5 PKCS12_parse(): Clean up code and correct documentation
fc0aae737e PKCS12_parse(): Fix reversed order of certs parsed and output via *ca
9a30f40c57 OSSL_STORE file_load_try_decode(): Avoid flooding error queue by failed tries
7fe32ef688 Fix no-cms build errors.
c51a8af8cc OCSP: Add return value checks.
c9dcbc0759 Apps: change provider_path option to provider-path.
38145fba0a Fix DSA/DH so that legacy keys can still be generated by the default provider
6c4e2e52d8 Fix broken windows builds.
bfa6aaab45 Test that EVP_default_properties_is_fips_enabled() works early
e6c54619d1 Load the default config file before working with default properties

Build log ended with (last 100 lines):

    #   Failed test 'p10cr csr empty file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -csr wrong.csr.pem => 139
    not ok 78 - p10cr wrong csr
# ------------------------------------------------------------------------------
    #   Failed test 'p10cr wrong csr'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -revreason 5 => 139
    not ok 79 - ir + ignored revocation
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 139
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 139
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 139
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' => 139
    not ok 86 - kur newkey is directory
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139
    not ok 89 - kur oldcert is directory
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert is directory'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139
    not ok 90 - kur oldcert not existing
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert not existing'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139
    not ok 91 - kur empty oldcert file
# ------------------------------------------------------------------------------
    #   Failed test 'kur empty oldcert file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139
    not ok 92 - kur command without cert and oldcert
# ------------------------------------------------------------------------------
    #   Failed test 'kur command without cert and oldcert'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 65 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-ui-console/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=209, Tests=3313, 810 wallclock secs (11.13 usr  1.39 sys + 717.95 cusr 51.16 csys = 781.63 CPU)
Result: FAIL
Makefile:3181: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-ui-console'
Makefile:3179: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Thu Aug 20 21:58:46 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 20 Aug 2020 21:58:46 +0000
Subject: Build failed: openssl master.36301
Message-ID: <20200820215846.1.D88DDEC5E6E95F02@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200820/e0fd9038/attachment.html>

From builds at travis-ci.com  Thu Aug 20 22:15:53 2020
From: builds at travis-ci.com (Travis CI)
Date: Thu, 20 Aug 2020 22:15:53 +0000
Subject: Still Failing: openssl/openssl#36845 (master - 6cc1dfc)
In-Reply-To: <openssl/openssl+180639689+still failing@travis-ci.com>
Message-ID: <5f3ef618d2796_13fc823395dac34508f@travis-pro-tasks-6dd4687656-f94wv.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36845
Status: Still Failing

Duration: 35 mins and 16 secs
Commit: 6cc1dfc (master)
Author: Richard Levitte
Message: PROV: Fix DSA and DH private key serializers

If those private key serializer were given a key structure with just
the public key material, they crashed, because they tried to
de-reference NULL.  This adds better checking.

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12679)

View the changeset: https://github.com/openssl/openssl/compare/22b814443eea...6cc1dfca88c5

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180639689?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200820/10218c0b/attachment.html>

From openssl at openssl.org  Thu Aug 20 23:27:44 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 20 Aug 2020 23:27:44 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 enable-fuzz-afl no-shared no-module
Message-ID: <1597966064.054167.3734.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module

Commit log since last time:

c7dfb2abe5 PKCS12_parse(): Clean up code and correct documentation
fc0aae737e PKCS12_parse(): Fix reversed order of certs parsed and output via *ca
9a30f40c57 OSSL_STORE file_load_try_decode(): Avoid flooding error queue by failed tries
7fe32ef688 Fix no-cms build errors.
c51a8af8cc OCSP: Add return value checks.
c9dcbc0759 Apps: change provider_path option to provider-path.
38145fba0a Fix DSA/DH so that legacy keys can still be generated by the default provider
6c4e2e52d8 Fix broken windows builds.
bfa6aaab45 Test that EVP_default_properties_is_fips_enabled() works early
e6c54619d1 Load the default config file before working with default properties

Build log ended with (last 100 lines):

../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock credentials' -proxy '' -no_proxy 127.0.0.1 -cert "" -key "" -keypass "" -unprotected_requests => 0
    not ok 38 - unprotected request
# ------------------------------------------------------------------------------
    #   Failed test 'unprotected request'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 3 tests of 38.
not ok 5 - CMP app CLI Mock credentials
# ------------------------------------------------------------------------------
OPENSSL_FUNC:../openssl/apps/cmp.c:3059:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2835:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2172:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2216:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 43 - popo RAVERIFIED
# ------------------------------------------------------------------------------
OPENSSL_FUNC:../openssl/apps/cmp.c:3059:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2835:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2172:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2216:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 47 - popo NONE
# ------------------------------------------------------------------------------
    #   Failed test 'popo NONE'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
OPENSSL_FUNC:../openssl/apps/cmp.c:3059:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2835:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2441:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2172:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2216:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 2 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 48 - popo KEYENC not supported
# ------------------------------------------------------------------------------
    # Looks like you failed 3 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/enable-fuzz-afl/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 3 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 3 (wstat 768, 0x300)
Failed 3/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ skipped: Test only supported in a shared build
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 768 Tests: 7 Failed: 3)
  Failed tests:  4-5, 7
  Non-zero exit status: 3
Files=209, Tests=2997, 782 wallclock secs (10.14 usr  1.53 sys + 715.90 cusr 53.35 csys = 780.92 CPU)
Result: FAIL
Makefile:2416: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-fuzz-afl'
Makefile:2414: recipe for target 'tests' failed
make: *** [tests] Error 2

From builds at travis-ci.com  Thu Aug 20 23:29:01 2020
From: builds at travis-ci.com (Travis CI)
Date: Thu, 20 Aug 2020 23:29:01 +0000
Subject: Still Failing: openssl/openssl#36846 (master - 5f2b7db)
In-Reply-To: <openssl/openssl+180640068+still failing@travis-ci.com>
Message-ID: <5f3f073cb7e3e_13fc82010a4144921e6@travis-pro-tasks-6dd4687656-f94wv.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36846
Status: Still Failing

Duration: 59 mins and 57 secs
Commit: 5f2b7db (master)
Author: Richard Levitte
Message: TEST: Use PEM_read_bio_PUBKEY_ex() and PEM_read_bio_PrivateKey_ex()

test/evp_test.c and test/sslapitest.c are affected.  This allows them
to decode keys found in stanza files via provider decoder implementations
when a library context other than the default should be used.

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12673)

View the changeset: https://github.com/openssl/openssl/compare/6cc1dfca88c5...5f2b7db09b6f

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180640068?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200820/0bee2b75/attachment.html>

From shane.lontis at oracle.com  Fri Aug 21 00:03:30 2020
From: shane.lontis at oracle.com (shane.lontis at oracle.com)
Date: Fri, 21 Aug 2020 00:03:30 +0000
Subject: [openssl]  master update
Message-ID: <1597968210.254394.14977.nullmailer@dev.openssl.org>

The branch master has been updated
       via  be63e58732cedc0bbc39777d1cf7556e55f146ef (commit)
      from  8ca6c6669fb6ebd4412be7e243eefdaa6b88aec6 (commit)


- Log -----------------------------------------------------------------
commit be63e58732cedc0bbc39777d1cf7556e55f146ef
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Wed Aug 19 19:38:03 2020 +1000

    Fix incorrect selection flags for ec serializer.
    
    Fixes #12630
    
    ec_import requires domain parameters to be part of the selection.
    The public and private serialisers were not selecting the correct flags so the import was failing.
    Added a test that uses the base provider so that a export/import happens for serialization.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12681)

-----------------------------------------------------------------------

Summary of changes:
 providers/implementations/serializers/serializer_ec_priv.c |  6 +++---
 providers/implementations/serializers/serializer_ec_pub.c  |  9 ++++++---
 test/recipes/15-test_genec.t                               | 10 ++++++++++
 3 files changed, 19 insertions(+), 6 deletions(-)

diff --git a/providers/implementations/serializers/serializer_ec_priv.c b/providers/implementations/serializers/serializer_ec_priv.c
index acc6cf7081..25dc8dbcca 100644
--- a/providers/implementations/serializers/serializer_ec_priv.c
+++ b/providers/implementations/serializers/serializer_ec_priv.c
@@ -128,7 +128,7 @@ static int ec_priv_der_data(void *vctx, const OSSL_PARAM params[],
         EC_KEY *eckey;
 
         if ((eckey = ec_new(ctx->provctx)) != NULL
-            && ec_import(eckey, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && ec_import(eckey, OSSL_KEYMGMT_SELECT_ALL, params)
             && ec_priv_der(ctx, eckey, out, cb, cbarg))
             ok = 1;
         ec_free(eckey);
@@ -175,7 +175,7 @@ static int ec_pem_priv_data(void *vctx, const OSSL_PARAM params[],
         EC_KEY *eckey;
 
         if ((eckey = ec_new(ctx->provctx)) != NULL
-            && ec_import(eckey, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && ec_import(eckey, OSSL_KEYMGMT_SELECT_ALL, params)
             && ec_pem_priv(ctx, eckey, out, cb, cbarg))
             ok = 1;
         ec_free(eckey);
@@ -233,7 +233,7 @@ static int ec_priv_print_data(void *vctx, const OSSL_PARAM params[],
         EC_KEY *eckey;
 
         if ((eckey = ec_new(ctx->provctx)) != NULL
-            && ec_import(eckey, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && ec_import(eckey, OSSL_KEYMGMT_SELECT_ALL, params)
             && ec_priv_print(ctx, eckey, out, cb, cbarg))
             ok = 1;
         ec_free(eckey);
diff --git a/providers/implementations/serializers/serializer_ec_pub.c b/providers/implementations/serializers/serializer_ec_pub.c
index d3f67fd762..42fb4f96f2 100644
--- a/providers/implementations/serializers/serializer_ec_pub.c
+++ b/providers/implementations/serializers/serializer_ec_pub.c
@@ -17,6 +17,9 @@
 #include "prov/provider_ctx.h"
 #include "serializer_local.h"
 
+#define EC_SELECT_PUBLIC_IMPORTABLE                                            \
+    OSSL_KEYMGMT_SELECT_PUBLIC_KEY | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS
+
 static OSSL_FUNC_serializer_newctx_fn ec_pub_newctx;
 static OSSL_FUNC_serializer_freectx_fn ec_pub_freectx;
 static OSSL_FUNC_serializer_serialize_data_fn ec_pub_der_data;
@@ -58,7 +61,7 @@ static int ec_pub_der_data(void *vctx, const OSSL_PARAM params[],
 
         /* vctx == provctx */
         if ((eckey = ec_new(vctx)) != NULL
-            && ec_import(eckey, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && ec_import(eckey, EC_SELECT_PUBLIC_IMPORTABLE, params)
             && ec_pub_der(vctx, eckey, out, cb, cbarg))
             ok = 1;
         ec_free(eckey);
@@ -100,7 +103,7 @@ static int ec_pub_pem_data(void *vctx, const OSSL_PARAM params[],
 
         /* ctx == provctx */
         if ((eckey = ec_new(vctx)) != NULL
-            && ec_import(eckey, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && ec_import(eckey, EC_SELECT_PUBLIC_IMPORTABLE, params)
             && ec_pub_pem(vctx, eckey, out, cb, cbarg))
             ok = 1;
         ec_free(eckey);
@@ -141,7 +144,7 @@ static int ec_pub_print_data(void *vctx, const OSSL_PARAM params[],
 
         /* ctx == provctx */
         if ((eckey = ec_new(vctx)) != NULL
-            && ec_import(eckey, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && ec_import(eckey, EC_SELECT_PUBLIC_IMPORTABLE, params)
             && ec_pub_print(vctx, eckey, out, cb, cbarg))
             ok = 1;
         ec_free(eckey);
diff --git a/test/recipes/15-test_genec.t b/test/recipes/15-test_genec.t
index b46147ca10..20ddd4026d 100644
--- a/test/recipes/15-test_genec.t
+++ b/test/recipes/15-test_genec.t
@@ -194,6 +194,7 @@ plan tests => scalar(@curve_list) * scalar(keys %params_encodings)
     + 1                             # Checking that with no curve it fails
     + 1                             # Checking that with unknown curve it fails
     + 1                             # Subtest for explicit only curves
+    + 1                             # base serializer test
     ;
 
 ok(!run(app([ 'openssl', 'genpkey',
@@ -205,6 +206,15 @@ ok(!run(app([ 'openssl', 'genpkey',
               '-pkeyopt', 'ec_paramgen_curve:bogus_foobar_curve'])),
    "genpkey EC with unknown curve name should fail");
 
+ok(run(app([ 'openssl', 'genpkey',
+             '-provider-path', 'providers',
+             '-provider', 'base',
+             '-config', srctop_file("test", "default.cnf"),
+             '-algorithm', 'EC',
+             '-pkeyopt', 'ec_paramgen_curve:prime256v1',
+             '-text'])),
+    "generate a private key and serialize it using the base provider");
+
 foreach my $curvename (@curve_list) {
     foreach my $paramenc (sort keys %params_encodings) {
         my $fn = $params_encodings{$paramenc};

From builds at travis-ci.com  Fri Aug 21 01:21:53 2020
From: builds at travis-ci.com (Travis CI)
Date: Fri, 21 Aug 2020 01:21:53 +0000
Subject: Still Failing: openssl/openssl#36850 (master - ed4faae)
In-Reply-To: <openssl/openssl+180652791+still failing@travis-ci.com>
Message-ID: <5f3f21b16b21a_13ff4c1e389c41433b9@travis-pro-tasks-55cf6bc8f-x84sq.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36850
Status: Still Failing

Duration: 1 hr, 3 mins, and 29 secs
Commit: ed4faae (master)
Author: Dr. David von Oheimb
Message: Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8}

Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12639)

View the changeset: https://github.com/openssl/openssl/compare/5f2b7db09b6f...ed4faae00cda

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180652791?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200821/6c6206f0/attachment-0001.html>

From builds at travis-ci.com  Fri Aug 21 02:45:02 2020
From: builds at travis-ci.com (Travis CI)
Date: Fri, 21 Aug 2020 02:45:02 +0000
Subject: Still Failing: openssl/openssl#36852 (master - 2a33470)
In-Reply-To: <openssl/openssl+180657079+still failing@travis-ci.com>
Message-ID: <5f3f352e51fd5_13ff4c4a4ae2c302061@travis-pro-tasks-55cf6bc8f-x84sq.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36852
Status: Still Failing

Duration: 1 hr, 5 mins, and 26 secs
Commit: 2a33470 (master)
Author: Dr. David von Oheimb
Message: Make better use of new load_cert_pass() variant of load_cert() in apps/

allows loading password-protected PKCS#12 files in x509, ca, s_client, s_server

Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12647)

View the changeset: https://github.com/openssl/openssl/compare/ed4faae00cda...2a33470b4f23

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180657079?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200821/383314d2/attachment.html>

From builds at travis-ci.com  Fri Aug 21 05:28:56 2020
From: builds at travis-ci.com (Travis CI)
Date: Fri, 21 Aug 2020 05:28:56 +0000
Subject: Still Failing: openssl/openssl#36855 (master - 8ca6c66)
In-Reply-To: <openssl/openssl+180686354+still failing@travis-ci.com>
Message-ID: <5f3f5b98c2fe_13fc0ea5878e41187cb@travis-pro-tasks-5d8c85d45f-6whrc.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36855
Status: Still Failing

Duration: 1 hr, 3 mins, and 31 secs
Commit: 8ca6c66 (master)
Author: Matt Caswell
Message: Test mte with stitched ciphersuites in TLSv1.0

The previous commit fixed a bug with mte, stitched ciphersuites and
TLSv1.0. We now add a test for that scenario.

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12670)

View the changeset: https://github.com/openssl/openssl/compare/2a33470b4f23...8ca6c6669fb6

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180686354?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200821/da44a704/attachment-0001.html>

From openssl at openssl.org  Fri Aug 21 05:45:40 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 21 Aug 2020 05:45:40 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-posix-io
Message-ID: <1597988740.809026.24413.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-posix-io

Commit log since last time:

c7dfb2abe5 PKCS12_parse(): Clean up code and correct documentation
fc0aae737e PKCS12_parse(): Fix reversed order of certs parsed and output via *ca
9a30f40c57 OSSL_STORE file_load_try_decode(): Avoid flooding error queue by failed tries
7fe32ef688 Fix no-cms build errors.
c51a8af8cc OCSP: Add return value checks.
c9dcbc0759 Apps: change provider_path option to provider-path.
38145fba0a Fix DSA/DH so that legacy keys can still be generated by the default provider
6c4e2e52d8 Fix broken windows builds.
bfa6aaab45 Test that EVP_default_properties_is_fips_enabled() works early
e6c54619d1 Load the default config file before working with default properties

Build log ended with (last 100 lines):

rm -f doc/html/man1/CA.pl.html doc/html/man1/openssl-asn1parse.html doc/html/man1/openssl-ca.html doc/html/man1/openssl-ciphers.html doc/html/man1/openssl-cmds.html doc/html/man1/openssl-cmp.html doc/html/man1/openssl-cms.html doc/html/man1/openssl-crl.html doc/html/man1/openssl-crl2pkcs7.html doc/html/man1/openssl-dgst.html doc/html/man1/openssl-dhparam.html doc/html/man1/openssl-dsa.html doc/html/man1/openssl-dsaparam.html doc/html/man1/openssl-ec.html doc/html/man1/openssl-ecparam.html doc/html/man1/openssl-enc.html doc/html/man1/openssl-engine.html doc/html/man1/openssl-errstr.html doc/html/man1/openssl-fipsinstall.html doc/html/man1/openssl-gendsa.html doc/html/man1/openssl-genpkey.html doc/html/man1/openssl-genrsa.html doc/html/man1/openssl-info.html doc/html/man1/openssl-kdf.html doc/html/man1/openssl-list.html doc/html/man1/openssl-mac.html doc/html/man1/openssl-nseq.html doc/html/man1/openssl-ocsp.html doc/html/man1/openssl-passwd.html doc/html/man1/openssl-pkcs12.html doc/html/man1/openssl-pkcs7.html doc/html/man1/openssl-pkcs8.html doc/html/man1/openssl-pkey.html doc/html/man1/openssl-pkeyparam.html doc/html/man1/openssl-pkeyutl.html doc/html/man1/openssl-prime.html doc/html/man1/openssl-provider.html doc/html/man1/openssl-rand.html doc/html/man1/openssl-rehash.html doc/html/man1/openssl-req.html doc/html/man1/openssl-rsa.html doc/html/man1/openssl-rsautl.html doc/html/man1/openssl-s_client.html doc/html/man1/openssl-s_server.html doc/html/man1/openssl-s_time.html doc/html/man1/openssl-sess_id.html doc/html/man1/openssl-smime.html doc/html/man1/openssl-speed.html doc/html/man1/openssl-spkac.html doc/html/man1/openssl-srp.html doc/html/man1/openssl-storeutl.html doc/html/man1/openssl-ts.html doc/html/man1/openssl-verify.html doc/html/man1/openssl-version.html doc/html/man1/openssl-x509.html doc/html/man1/openssl.html doc/html/man1/tsget.html doc/html/man3/ADMISSIONS.html doc/html/man3/ASN1_INTEGER_get_int64.html doc/html/man3/ASN1_INTEGER_new.html doc/html/man3/ASN1_ITEM_lookup.html doc/html/man3/ASN1_OBJECT_new.html doc/html/man3/ASN1_STRING_TABLE_add.html doc/html/man3/ASN1_STRING_length.html doc/html/man3/ASN1_STRING_new.html doc/html/man3/ASN1_STRING_print_ex.html doc/html/man3/ASN1_TIME_set.html doc/html/man3/ASN1_TYPE_get.html doc/html/man3/ASN1_generate_nconf.html doc/html/man3/ASYNC_WAIT_CTX_new.html doc/html/man3/ASYNC_start_job.html doc/html/man3/BF_encrypt.html doc/html/man3/BIO_ADDR.html doc/html/man3/BIO_ADDRINFO.html doc/html/man3/BIO_connect.html doc/html/man3/BIO_ctrl.html doc/html/man3/BIO_f_base64.html doc/html/man3/BIO_f_buffer.html doc/html/man3/BIO_f_cipher.html doc/html/man3/BIO_f_md.html doc/html/man3/BIO_f_null.html doc/html/man3/BIO_f_prefix.html doc/html/man3/BIO_f_ssl.html doc/html/man3/BIO_find_type.html doc/html/man3/BIO_get_data.html doc/html/man3/BIO_get_ex_new_index.html doc/html/man3/BIO_meth_new.html doc/html/man3/BIO_new.html doc/html/man3/BIO_new_CMS.html doc/html/man3/BIO_parse_hostserv.html doc/html/man3/BIO_printf.html doc/html/man3/BIO_push.html doc/html/man3/BIO_read.html doc/html/man3/BIO_s_accept.html doc/html/man3/BIO_s_bio.html doc/html/man3/BIO_s_connect.html doc/html/man3/BIO_s_fd.html doc/html/man3/BIO_s_file.html doc/html/man3/BIO_s_mem.html doc/html/man3/BIO_s_null.html doc/html/man3/BIO_s_socket.html doc/html/man3/BIO_set_callback.html doc/html/man3/BIO_should_retry.html doc/html/man3/BIO_socket_wait.html doc/html/man3/BN_BLINDING_new.html doc/html/man3/BN_CTX_new.html doc/html/man3/BN_CTX_start.html doc/html/man3/BN_add.html doc/html/man3/BN_add_word.html doc/html/man3/BN_bn2bin.html doc/html/man3/BN_cmp.html doc/html/man3/BN_copy.html doc/html/man3/BN_generate_prime.html doc/html/man3/BN_mod_inverse.html doc/html/man3/BN_mod_mul_montgomery.html doc/html/man3/BN_mod_mul_reciprocal.html doc/html/man3/BN_new.html doc/html/man3/BN_num_bytes.html doc/html/man3/BN_rand.html doc/html/man3/BN_security_bits.html doc/html/man3/BN_set_bit.html doc/html/man3/BN_swap.html doc/html/man3/BN_zero.html doc/html/man3/BUF_MEM_new.html doc/html/man3/CMS_EncryptedData_decrypt.html doc/html/man3/CMS_EncryptedData_encrypt.html doc/html/man3/CMS_EnvelopedData_create.html doc/html/man3/CMS_add0_cert.html doc/html/man3/CMS_add1_recipient_cert.html doc/html/man3/CMS_add1_signer.html doc/html/man3/CMS_compress.html doc/html/man3/CMS_data_create.html doc/html/man3/CMS_decrypt.html doc/html/man3/CMS_digest_create.html doc/html/man3/CMS_encrypt.html doc/html/man3/CMS_final.html doc/html/man3/CMS_get0_RecipientInfos.html doc/html/man3/CMS_get0_SignerInfos.html doc/html/man3/CMS_get0_type.html doc/html/man3/CMS_get1_ReceiptRequest.html doc/html/man3/CMS_sign.html doc/html/man3/CMS_sign_receipt.html doc/html/man3/CMS_uncompress.html doc/html/man3/CMS_verify.html doc/html/man3/CMS_verify_receipt.html doc/html/man3/CONF_modules_free.html doc/html/man3/CONF_modules_load_file.html doc/html/man3/CRYPTO_THREAD_run_once.html doc/html/man3/CRYPTO_get_ex_new_index.html doc/html/man3/CRYPTO_memcmp.html doc/html/man3/CTLOG_STORE_get0_log_by_id.html doc/html/man3/CTLOG_STORE_new.html doc/html/man3/CTLOG_new.html doc/html/man3/CT_POLICY_EVAL_CTX_new.html doc/html/man3/DEFINE_STACK_OF.html doc/html/man3/DES_random_key.html doc/html/man3/DH_generate_key.html doc/html/man3/DH_generate_parameters.html doc/html/man3/DH_get0_pqg.html doc/html/man3/DH_get_1024_160.html doc/html/man3/DH_meth_new.html doc/html/man3/DH_new.html doc/html/man3/DH_new_by_nid.html doc/html/man3/DH_set_method.html doc/html/man3/DH_size.html doc/html/man3/DSA_SIG_new.html doc/html/man3/DSA_do_sign.html doc/html/man3/DSA_dup_DH.html doc/html/man3/DSA_generate_key.html doc/html/man3/DSA_generate_parameters.html doc/html/man3/DSA_get0_pqg.html doc/html/man3/DSA_meth_new.html doc/html/man3/DSA_new.html doc/html/man3/DSA_set_method.html doc/html/man3/DSA_sign.html doc/html/man3/DSA_size.html doc/html/man3/DTLS_get_data_mtu.html doc/html/man3/DTLS_set_timer_cb.html doc/html/man3/DTLSv1_listen.html doc/html/man3/ECDSA_SIG_new.html doc/html/man3/ECPKParameters_print.html doc/html/man3/EC_GFp_simple_method.html doc/html/man3/EC_GROUP_copy.html doc/html/man3/EC_GROUP_new.html doc/html/man3/EC_KEY_get_enc_flags.html doc/html/man3/EC_KEY_new.html doc/html/man3/EC_POINT_add.html doc/html/man3/EC_POINT_new.html doc/html/man3/ENGINE_add.html doc/html/man3/ERR_GET_LIB.html doc/html/man3/ERR_clear_error.html doc/html/man3/ERR_error_string.html doc/html/man3/ERR_get_error.html doc/html/man3/ERR_load_crypto_strings.html doc/html/man3/ERR_load_strings.html doc/html/man3/ERR_new.html doc/html/man3/ERR_print_errors.html doc/html/man3/ERR_put_error.html doc/html/man3/ERR_remove_state.html doc/html/man3/ERR_set_mark.html doc/html/man3/EVP_ASYM_CIPHER_free.html doc/html/man3/EVP_BytesToKey.html doc/html/man3/EVP_CIPHER_CTX_get_cipher_data.html doc/html/man3/EVP_CIPHER_CTX_get_iv.html doc/html/man3/EVP_CIPHER_meth_new.html doc/html/man3/EVP_DigestInit.html doc/html/man3/EVP_DigestSignInit.html doc/html/man3/EVP_DigestVerifyInit.html doc/html/man3/EVP_EncodeInit.html doc/html/man3/EVP_EncryptInit.html doc/html/man3/EVP_KDF.html doc/html/man3/EVP_KEYEXCH_free.html doc/html/man3/EVP_KEYMGMT.html doc/html/man3/EVP_MAC.html doc/html/man3/EVP_MD_meth_new.html doc/html/man3/EVP_OpenInit.html doc/html/man3/EVP_PKEY_ASN1_METHOD.html doc/html/man3/EVP_PKEY_CTX_ctrl.html doc/html/man3/EVP_PKEY_CTX_new.html doc/html/man3/EVP_PKEY_CTX_set1_pbe_pass.html doc/html/man3/EVP_PKEY_CTX_set_hkdf_md.html doc/html/man3/EVP_PKEY_CTX_set_params.html doc/html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.html doc/html/man3/EVP_PKEY_CTX_set_scrypt_N.html doc/html/man3/EVP_PKEY_CTX_set_tls1_prf_md.html doc/html/man3/EVP_PKEY_asn1_get_count.html doc/html/man3/EVP_PKEY_check.html doc/html/man3/EVP_PKEY_copy_parameters.html doc/html/man3/EVP_PKEY_decrypt.html doc/html/man3/EVP_PKEY_derive.html doc/html/man3/EVP_PKEY_encrypt.html doc/html/man3/EVP_PKEY_fromdata.html doc/html/man3/EVP_PKEY_gen.html doc/html/man3/EVP_PKEY_get_default_digest_nid.html doc/html/man3/EVP_PKEY_gettable_params.html doc/html/man3/EVP_PKEY_is_a.html doc/html/man3/EVP_PKEY_meth_get_count.html doc/html/man3/EVP_PKEY_meth_new.html doc/html/man3/EVP_PKEY_new.html doc/html/man3/EVP_PKEY_print_private.html doc/html/man3/EVP_PKEY_set1_RSA.html doc/html/man3/EVP_PKEY_set_type.html doc/html/man3/EVP_PKEY_sign.html doc/html/man3/EVP_PKEY_size.html doc/html/man3/EVP_PKEY_supports_digest_nid.html doc/html/man3/EVP_PKEY_verify.html doc/html/man3/EVP_PKEY_verify_recover.html doc/html/man3/EVP_RAND.html doc/html/man3/EVP_SIGNATURE_free.html doc/html/man3/EVP_SealInit.html doc/html/man3/EVP_SignInit.html doc/html/man3/EVP_VerifyInit.html doc/html/man3/EVP_aes_128_gcm.html doc/html/man3/EVP_aria_128_gcm.html doc/html/man3/EVP_bf_cbc.html doc/html/man3/EVP_blake2b512.html doc/html/man3/EVP_camellia_128_ecb.html doc/html/man3/EVP_cast5_cbc.html doc/html/man3/EVP_chacha20.html doc/html/man3/EVP_des_cbc.html doc/html/man3/EVP_desx_cbc.html doc/html/man3/EVP_idea_cbc.html doc/html/man3/EVP_md2.html doc/html/man3/EVP_md4.html doc/html/man3/EVP_md5.html doc/html/man3/EVP_mdc2.html doc/html/man3/EVP_rc2_cbc.html doc/html/man3/EVP_rc4.html doc/html/man3/EVP_rc5_32_12_16_cbc.html doc/html/man3/EVP_ripemd160.html doc/html/man3/EVP_seed_cbc.html doc/html/man3/EVP_set_default_properties.html doc/html/man3/EVP_sha1.html doc/html/man3/EVP_sha224.html doc/html/man3/EVP_sha3_224.html doc/html/man3/EVP_sm3.html doc/html/man3/EVP_sm4_cbc.html doc/html/man3/EVP_whirlpool.html doc/html/man3/HMAC.html doc/html/man3/MD5.html doc/html/man3/MDC2_Init.html doc/html/man3/NCONF_new_with_libctx.html doc/html/man3/OBJ_nid2obj.html doc/html/man3/OCSP_REQUEST_new.html doc/html/man3/OCSP_cert_to_id.html doc/html/man3/OCSP_request_add1_nonce.html doc/html/man3/OCSP_resp_find_status.html doc/html/man3/OCSP_response_status.html doc/html/man3/OCSP_sendreq_new.html doc/html/man3/OPENSSL_Applink.html doc/html/man3/OPENSSL_CTX.html doc/html/man3/OPENSSL_FILE.html doc/html/man3/OPENSSL_LH_COMPFUNC.html doc/html/man3/OPENSSL_LH_stats.html doc/html/man3/OPENSSL_config.html doc/html/man3/OPENSSL_fork_prepare.html doc/html/man3/OPENSSL_hexchar2int.html doc/html/man3/OPENSSL_ia32cap.html doc/html/man3/OPENSSL_init_crypto.html doc/html/man3/OPENSSL_init_ssl.html doc/html/man3/OPENSSL_instrument_bus.html doc/html/man3/OPENSSL_load_builtin_modules.html doc/html/man3/OPENSSL_malloc.html doc/html/man3/OPENSSL_s390xcap.html doc/html/man3/OPENSSL_secure_malloc.html doc/html/man3/OSSL_CMP_CTX_new.html doc/html/man3/OSSL_CMP_HDR_get0_transactionID.html doc/html/man3/OSSL_CMP_ITAV_set0.html doc/html/man3/OSSL_CMP_MSG_get0_header.html doc/html/man3/OSSL_CMP_MSG_http_perform.html doc/html/man3/OSSL_CMP_SRV_CTX_new.html doc/html/man3/OSSL_CMP_STATUSINFO_new.html doc/html/man3/OSSL_CMP_exec_certreq.html doc/html/man3/OSSL_CMP_log_open.html doc/html/man3/OSSL_CMP_validate_msg.html doc/html/man3/OSSL_CRMF_MSG_get0_tmpl.html doc/html/man3/OSSL_CRMF_MSG_set0_validity.html doc/html/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.html doc/html/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.html doc/html/man3/OSSL_CRMF_pbmp_new.html doc/html/man3/OSSL_DESERIALIZER.html doc/html/man3/OSSL_DESERIALIZER_CTX.html doc/html/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.html doc/html/man3/OSSL_DESERIALIZER_from_bio.html doc/html/man3/OSSL_HTTP_transfer.html doc/html/man3/OSSL_PARAM.html doc/html/man3/OSSL_PARAM_BLD.html doc/html/man3/OSSL_PARAM_allocate_from_text.html doc/html/man3/OSSL_PARAM_int.html doc/html/man3/OSSL_PROVIDER.html doc/html/man3/OSSL_SELF_TEST_new.html doc/html/man3/OSSL_SELF_TEST_set_callback.html doc/html/man3/OSSL_SERIALIZER.html doc/html/man3/OSSL_SERIALIZER_CTX.html doc/html/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.html doc/html/man3/OSSL_SERIALIZER_to_bio.html doc/html/man3/OSSL_STORE_INFO.html doc/html/man3/OSSL_STORE_LOADER.html doc/html/man3/OSSL_STORE_SEARCH.html doc/html/man3/OSSL_STORE_attach.html doc/html/man3/OSSL_STORE_expect.html doc/html/man3/OSSL_STORE_open.html doc/html/man3/OSSL_trace_enabled.html doc/html/man3/OSSL_trace_get_category_num.html doc/html/man3/OSSL_trace_set_channel.html doc/html/man3/OpenSSL_add_all_algorithms.html doc/html/man3/OpenSSL_version.html doc/html/man3/PEM_X509_INFO_read_bio_with_libctx.html doc/html/man3/PEM_bytes_read_bio.html doc/html/man3/PEM_read.html doc/html/man3/PEM_read_CMS.html doc/html/man3/PEM_read_bio_PrivateKey.html doc/html/man3/PEM_read_bio_ex.html doc/html/man3/PEM_write_bio_CMS_stream.html doc/html/man3/PEM_write_bio_PKCS7_stream.html doc/html/man3/PKCS12_SAFEBAG_create_cert.html doc/html/man3/PKCS12_SAFEBAG_get0_attrs.html doc/html/man3/PKCS12_SAFEBAG_get1_cert.html doc/html/man3/PKCS12_add1_attr_by_NID.html doc/html/man3/PKCS12_add_CSPName_asc.html doc/html/man3/PKCS12_add_cert.html doc/html/man3/PKCS12_add_friendlyname_asc.html doc/html/man3/PKCS12_add_localkeyid.html doc/html/man3/PKCS12_add_safe.html doc/html/man3/PKCS12_create.html doc/html/man3/PKCS12_get_friendlyname.html doc/html/man3/PKCS12_newpass.html doc/html/man3/PKCS12_parse.html doc/html/man3/PKCS5_PBKDF2_HMAC.html doc/html/man3/PKCS7_decrypt.html doc/html/man3/PKCS7_encrypt.html doc/html/man3/PKCS7_sign.html doc/html/man3/PKCS7_sign_add_signer.html doc/html/man3/PKCS7_verify.html doc/html/man3/PKCS8_pkey_add1_attr.html doc/html/man3/RAND_add.html doc/html/man3/RAND_bytes.html doc/html/man3/RAND_cleanup.html doc/html/man3/RAND_egd.html doc/html/man3/RAND_get0_primary.html doc/html/man3/RAND_load_file.html doc/html/man3/RAND_set_rand_method.html doc/html/man3/RC4_set_key.html doc/html/man3/RIPEMD160_Init.html doc/html/man3/RSA_blinding_on.html doc/html/man3/RSA_check_key.html doc/html/man3/RSA_generate_key.html doc/html/man3/RSA_get0_key.html doc/html/man3/RSA_meth_new.html doc/html/man3/RSA_new.html doc/html/man3/RSA_padding_add_PKCS1_type_1.html doc/html/man3/RSA_print.html doc/html/man3/RSA_private_encrypt.html doc/html/man3/RSA_public_encrypt.html doc/html/man3/RSA_set_method.html doc/html/man3/RSA_sign.html doc/html/man3/RSA_sign_ASN1_OCTET_STRING.html doc/html/man3/RSA_size.html doc/html/man3/SCT_new.html doc/html/man3/SCT_print.html doc/html/man3/SCT_validate.html doc/html/man3/SHA256_Init.html doc/html/man3/SMIME_read_ASN1.html doc/html/man3/SMIME_read_CMS.html doc/html/man3/SMIME_read_PKCS7.html doc/html/man3/SMIME_write_ASN1.html doc/html/man3/SMIME_write_CMS.html doc/html/man3/SMIME_write_PKCS7.html doc/html/man3/SRP_Calc_B.html doc/html/man3/SRP_VBASE_new.html doc/html/man3/SRP_create_verifier.html doc/html/man3/SRP_user_pwd_new.html doc/html/man3/SSL_CIPHER_get_name.html doc/html/man3/SSL_COMP_add_compression_method.html doc/html/man3/SSL_CONF_CTX_new.html doc/html/man3/SSL_CONF_CTX_set1_prefix.html doc/html/man3/SSL_CONF_CTX_set_flags.html doc/html/man3/SSL_CONF_CTX_set_ssl_ctx.html doc/html/man3/SSL_CONF_cmd.html doc/html/man3/SSL_CONF_cmd_argv.html doc/html/man3/SSL_CTX_add1_chain_cert.html doc/html/man3/SSL_CTX_add_extra_chain_cert.html doc/html/man3/SSL_CTX_add_session.html doc/html/man3/SSL_CTX_config.html doc/html/man3/SSL_CTX_ctrl.html doc/html/man3/SSL_CTX_dane_enable.html doc/html/man3/SSL_CTX_flush_sessions.html doc/html/man3/SSL_CTX_free.html doc/html/man3/SSL_CTX_get0_param.html doc/html/man3/SSL_CTX_get_verify_mode.html doc/html/man3/SSL_CTX_has_client_custom_ext.html doc/html/man3/SSL_CTX_load_verify_locations.html doc/html/man3/SSL_CTX_new.html doc/html/man3/SSL_CTX_sess_number.html doc/html/man3/SSL_CTX_sess_set_cache_size.html doc/html/man3/SSL_CTX_sess_set_get_cb.html doc/html/man3/SSL_CTX_sessions.html doc/html/man3/SSL_CTX_set0_CA_list.html doc/html/man3/SSL_CTX_set1_curves.html doc/html/man3/SSL_CTX_set1_sigalgs.html doc/html/man3/SSL_CTX_set1_verify_cert_store.html doc/html/man3/SSL_CTX_set_alpn_select_cb.html doc/html/man3/SSL_CTX_set_cert_cb.html doc/html/man3/SSL_CTX_set_cert_store.html doc/html/man3/SSL_CTX_set_cert_verify_callback.html doc/html/man3/SSL_CTX_set_cipher_list.html doc/html/man3/SSL_CTX_set_client_cert_cb.html doc/html/man3/SSL_CTX_set_client_hello_cb.html doc/html/man3/SSL_CTX_set_ct_validation_callback.html doc/html/man3/SSL_CTX_set_ctlog_list_file.html doc/html/man3/SSL_CTX_set_default_passwd_cb.html doc/html/man3/SSL_CTX_set_generate_session_id.html doc/html/man3/SSL_CTX_set_info_callback.html doc/html/man3/SSL_CTX_set_keylog_callback.html doc/html/man3/SSL_CTX_set_max_cert_list.html doc/html/man3/SSL_CTX_set_min_proto_version.html doc/html/man3/SSL_CTX_set_mode.html doc/html/man3/SSL_CTX_set_msg_callback.html doc/html/man3/SSL_CTX_set_num_tickets.html doc/html/man3/SSL_CTX_set_options.html doc/html/man3/SSL_CTX_set_psk_client_callback.html doc/html/man3/SSL_CTX_set_quiet_shutdown.html doc/html/man3/SSL_CTX_set_read_ahead.html doc/html/man3/SSL_CTX_set_record_padding_callback.html doc/html/man3/SSL_CTX_set_security_level.html doc/html/man3/SSL_CTX_set_session_cache_mode.html doc/html/man3/SSL_CTX_set_session_id_context.html doc/html/man3/SSL_CTX_set_session_ticket_cb.html doc/html/man3/SSL_CTX_set_split_send_fragment.html doc/html/man3/SSL_CTX_set_srp_password.html doc/html/man3/SSL_CTX_set_ssl_version.html doc/html/man3/SSL_CTX_set_stateless_cookie_generate_cb.html doc/html/man3/SSL_CTX_set_timeout.html doc/html/man3/SSL_CTX_set_tlsext_servername_callback.html doc/html/man3/SSL_CTX_set_tlsext_status_cb.html doc/html/man3/SSL_CTX_set_tlsext_ticket_key_cb.html doc/html/man3/SSL_CTX_set_tlsext_use_srtp.html doc/html/man3/SSL_CTX_set_tmp_dh_callback.html doc/html/man3/SSL_CTX_set_tmp_ecdh.html doc/html/man3/SSL_CTX_set_verify.html doc/html/man3/SSL_CTX_use_certificate.html doc/html/man3/SSL_CTX_use_psk_identity_hint.html doc/html/man3/SSL_CTX_use_serverinfo.html doc/html/man3/SSL_SESSION_free.html doc/html/man3/SSL_SESSION_get0_cipher.html doc/html/man3/SSL_SESSION_get0_hostname.html doc/html/man3/SSL_SESSION_get0_id_context.html doc/html/man3/SSL_SESSION_get0_peer.html doc/html/man3/SSL_SESSION_get_compress_id.html doc/html/man3/SSL_SESSION_get_protocol_version.html doc/html/man3/SSL_SESSION_get_time.html doc/html/man3/SSL_SESSION_has_ticket.html doc/html/man3/SSL_SESSION_is_resumable.html doc/html/man3/SSL_SESSION_print.html doc/html/man3/SSL_SESSION_set1_id.html doc/html/man3/SSL_accept.html doc/html/man3/SSL_alert_type_string.html doc/html/man3/SSL_alloc_buffers.html doc/html/man3/SSL_check_chain.html doc/html/man3/SSL_clear.html doc/html/man3/SSL_connect.html doc/html/man3/SSL_do_handshake.html doc/html/man3/SSL_export_keying_material.html doc/html/man3/SSL_extension_supported.html doc/html/man3/SSL_free.html doc/html/man3/SSL_get0_peer_scts.html doc/html/man3/SSL_get_SSL_CTX.html doc/html/man3/SSL_get_all_async_fds.html doc/html/man3/SSL_get_ciphers.html doc/html/man3/SSL_get_client_random.html doc/html/man3/SSL_get_current_cipher.html doc/html/man3/SSL_get_default_timeout.html doc/html/man3/SSL_get_error.html doc/html/man3/SSL_get_extms_support.html doc/html/man3/SSL_get_fd.html doc/html/man3/SSL_get_peer_cert_chain.html doc/html/man3/SSL_get_peer_certificate.html doc/html/man3/SSL_get_peer_signature_nid.html doc/html/man3/SSL_get_peer_tmp_key.html doc/html/man3/SSL_get_psk_identity.html doc/html/man3/SSL_get_rbio.html doc/html/man3/SSL_get_session.html doc/html/man3/SSL_get_shared_sigalgs.html doc/html/man3/SSL_get_verify_result.html doc/html/man3/SSL_get_version.html doc/html/man3/SSL_in_init.html doc/html/man3/SSL_key_update.html doc/html/man3/SSL_library_init.html doc/html/man3/SSL_load_client_CA_file.html doc/html/man3/SSL_new.html doc/html/man3/SSL_pending.html doc/html/man3/SSL_read.html doc/html/man3/SSL_read_early_data.html doc/html/man3/SSL_rstate_string.html doc/html/man3/SSL_session_reused.html doc/html/man3/SSL_set1_host.html doc/html/man3/SSL_set_async_callback.html doc/html/man3/SSL_set_bio.html doc/html/man3/SSL_set_connect_state.html doc/html/man3/SSL_set_fd.html doc/html/man3/SSL_set_session.html doc/html/man3/SSL_set_shutdown.html doc/html/man3/SSL_set_verify_result.html doc/html/man3/SSL_shutdown.html doc/html/man3/SSL_state_string.html doc/html/man3/SSL_want.html doc/html/man3/SSL_write.html doc/html/man3/TS_VERIFY_CTX_set_certs.html doc/html/man3/UI_STRING.html doc/html/man3/UI_UTIL_read_pw.html doc/html/man3/UI_create_method.html doc/html/man3/UI_new.html doc/html/man3/X509V3_get_d2i.html doc/html/man3/X509_ALGOR_dup.html doc/html/man3/X509_CRL_get0_by_serial.html doc/html/man3/X509_EXTENSION_set_object.html doc/html/man3/X509_LOOKUP.html doc/html/man3/X509_LOOKUP_hash_dir.html doc/html/man3/X509_LOOKUP_meth_new.html doc/html/man3/X509_NAME_ENTRY_get_object.html doc/html/man3/X509_NAME_add_entry_by_txt.html doc/html/man3/X509_NAME_get0_der.html doc/html/man3/X509_NAME_get_index_by_NID.html doc/html/man3/X509_NAME_print_ex.html doc/html/man3/X509_PUBKEY_new.html doc/html/man3/X509_SIG_get0.html doc/html/man3/X509_STORE_CTX_get_error.html doc/html/man3/X509_STORE_CTX_new.html doc/html/man3/X509_STORE_CTX_set_verify_cb.html doc/html/man3/X509_STORE_add_cert.html doc/html/man3/X509_STORE_get0_param.html doc/html/man3/X509_STORE_new.html doc/html/man3/X509_STORE_set_verify_cb_func.html doc/html/man3/X509_VERIFY_PARAM_set_flags.html doc/html/man3/X509_add_cert.html doc/html/man3/X509_check_ca.html doc/html/man3/X509_check_host.html doc/html/man3/X509_check_issued.html doc/html/man3/X509_check_private_key.html doc/html/man3/X509_check_purpose.html doc/html/man3/X509_cmp.html doc/html/man3/X509_cmp_time.html doc/html/man3/X509_digest.html doc/html/man3/X509_dup.html doc/html/man3/X509_get0_distinguishing_id.html doc/html/man3/X509_get0_notBefore.html doc/html/man3/X509_get0_signature.html doc/html/man3/X509_get0_uids.html doc/html/man3/X509_get_extension_flags.html doc/html/man3/X509_get_pubkey.html doc/html/man3/X509_get_serialNumber.html doc/html/man3/X509_get_subject_name.html doc/html/man3/X509_get_version.html doc/html/man3/X509_load_http.html doc/html/man3/X509_new.html doc/html/man3/X509_sign.html doc/html/man3/X509_verify.html doc/html/man3/X509_verify_cert.html doc/html/man3/X509v3_get_ext_by_NID.html doc/html/man3/d2i_DHparams.html doc/html/man3/d2i_PKCS8PrivateKey_bio.html doc/html/man3/d2i_PrivateKey.html doc/html/man3/d2i_SSL_SESSION.html doc/html/man3/d2i_X509.html doc/html/man3/i2d_CMS_bio_stream.html doc/html/man3/i2d_PKCS7_bio_stream.html doc/html/man3/i2d_re_X509_tbs.html doc/html/man3/o2i_SCT_LIST.html doc/html/man3/s2i_ASN1_IA5STRING.html doc/html/man5/config.html doc/html/man5/fips_config.html doc/html/man5/x509v3_config.html doc/html/man7/EVP_KDF-HKDF.html doc/html/man7/EVP_KDF-KB.html doc/html/man7/EVP_KDF-KRB5KDF.html doc/html/man7/EVP_KDF-PBKDF2.html doc/html/man7/EVP_KDF-PKCS12KDF.html doc/html/man7/EVP_KDF-SCRYPT.html doc/html/man7/EVP_KDF-SS.html doc/html/man7/EVP_KDF-SSHKDF.html doc/html/man7/EVP_KDF-TLS1_PRF.html doc/html/man7/EVP_KDF-X942.html doc/html/man7/EVP_KDF-X963.html doc/html/man7/EVP_KEYEXCH-DH.html doc/html/man7/EVP_KEYEXCH-ECDH.html doc/html/man7/EVP_KEYEXCH-X25519.html doc/html/man7/EVP_MAC-BLAKE2.html doc/html/man7/EVP_MAC-CMAC.html doc/html/man7/EVP_MAC-GMAC.html doc/html/man7/EVP_MAC-HMAC.html doc/html/man7/EVP_MAC-KMAC.html doc/html/man7/EVP_MAC-Poly1305.html doc/html/man7/EVP_MAC-Siphash.html doc/html/man7/EVP_MD-BLAKE2.html doc/html/man7/EVP_MD-MD2.html doc/html/man7/EVP_MD-MD4.html doc/html/man7/EVP_MD-MD5-SHA1.html doc/html/man7/EVP_MD-MD5.html doc/html/man7/EVP_MD-MDC2.html doc/html/man7/EVP_MD-RIPEMD160.html doc/html/man7/EVP_MD-SHA1.html doc/html/man7/EVP_MD-SHA2.html doc/html/man7/EVP_MD-SHA3.html doc/html/man7/EVP_MD-SHAKE.html doc/html/man7/EVP_MD-SM3.html doc/html/man7/EVP_MD-WHIRLPOOL.html doc/html/man7/EVP_MD-common.html doc/html/man7/EVP_PKEY-DH.html doc/html/man7/EVP_PKEY-DSA.html doc/html/man7/EVP_PKEY-EC.html doc/html/man7/EVP_PKEY-FFC.html doc/html/man7/EVP_PKEY-RSA.html doc/html/man7/EVP_PKEY-X25519.html doc/html/man7/EVP_RAND-CTR-DRBG.html doc/html/man7/EVP_RAND-HASH-DRBG.html doc/html/man7/EVP_RAND-HMAC-DRBG.html doc/html/man7/EVP_RAND-TEST-RAND.html doc/html/man7/EVP_RAND.html doc/html/man7/EVP_SIGNATURE-DSA.html doc/html/man7/EVP_SIGNATURE-ECDSA.html doc/html/man7/EVP_SIGNATURE-ED25519.html doc/html/man7/EVP_SIGNATURE-RSA.html doc/html/man7/OSSL_PROVIDER-FIPS.html doc/html/man7/OSSL_PROVIDER-base.html doc/html/man7/OSSL_PROVIDER-default.html doc/html/man7/OSSL_PROVIDER-legacy.html doc/html/man7/OSSL_PROVIDER-null.html doc/html/man7/RAND.html doc/html/man7/RSA-PSS.html doc/html/man7/SM2.html doc/html/man7/X25519.html doc/html/man7/bio.html doc/html/man7/crypto.html doc/html/man7/ct.html doc/html/man7/des_modes.html doc/html/man7/evp.html doc/html/man7/openssl-core.h.html doc/html/man7/openssl-core_dispatch.h.html doc/html/man7/openssl-core_names.h.html doc/html/man7/openssl-env.html doc/html/man7/openssl_user_macros.html doc/html/man7/ossl_store-file.html doc/html/man7/ossl_store.html doc/html/man7/passphrase-encoding.html doc/html/man7/property.html doc/html/man7/provider-asym_cipher.html doc/html/man7/provider-base.html doc/html/man7/provider-cipher.html doc/html/man7/provider-digest.html doc/html/man7/provider-keyexch.html doc/html/man7/provider-keymgmt.html doc/html/man7/provider-mac.html doc/html/man7/provider-rand.html doc/html/man7/provider-serializer.html doc/html/man7/provider-signature.html doc/html/man7/provider.html doc/html/man7/proxy-certificates.html doc/html/man7/ssl.html doc/html/man7/x509.html
rm -f doc/man/man1/CA.pl.1 doc/man/man1/openssl-asn1parse.1 doc/man/man1/openssl-ca.1 doc/man/man1/openssl-ciphers.1 doc/man/man1/openssl-cmds.1 doc/man/man1/openssl-cmp.1 doc/man/man1/openssl-cms.1 doc/man/man1/openssl-crl.1 doc/man/man1/openssl-crl2pkcs7.1 doc/man/man1/openssl-dgst.1 doc/man/man1/openssl-dhparam.1 doc/man/man1/openssl-dsa.1 doc/man/man1/openssl-dsaparam.1 doc/man/man1/openssl-ec.1 doc/man/man1/openssl-ecparam.1 doc/man/man1/openssl-enc.1 doc/man/man1/openssl-engine.1 doc/man/man1/openssl-errstr.1 doc/man/man1/openssl-fipsinstall.1 doc/man/man1/openssl-gendsa.1 doc/man/man1/openssl-genpkey.1 doc/man/man1/openssl-genrsa.1 doc/man/man1/openssl-info.1 doc/man/man1/openssl-kdf.1 doc/man/man1/openssl-list.1 doc/man/man1/openssl-mac.1 doc/man/man1/openssl-nseq.1 doc/man/man1/openssl-ocsp.1 doc/man/man1/openssl-passwd.1 doc/man/man1/openssl-pkcs12.1 doc/man/man1/openssl-pkcs7.1 doc/man/man1/openssl-pkcs8.1 doc/man/man1/openssl-pkey.1 doc/man/man1/openssl-pkeyparam.1 doc/man/man1/openssl-pkeyutl.1 doc/man/man1/openssl-prime.1 doc/man/man1/openssl-provider.1 doc/man/man1/openssl-rand.1 doc/man/man1/openssl-rehash.1 doc/man/man1/openssl-req.1 doc/man/man1/openssl-rsa.1 doc/man/man1/openssl-rsautl.1 doc/man/man1/openssl-s_client.1 doc/man/man1/openssl-s_server.1 doc/man/man1/openssl-s_time.1 doc/man/man1/openssl-sess_id.1 doc/man/man1/openssl-smime.1 doc/man/man1/openssl-speed.1 doc/man/man1/openssl-spkac.1 doc/man/man1/openssl-srp.1 doc/man/man1/openssl-storeutl.1 doc/man/man1/openssl-ts.1 doc/man/man1/openssl-verify.1 doc/man/man1/openssl-version.1 doc/man/man1/openssl-x509.1 doc/man/man1/openssl.1 doc/man/man1/tsget.1 doc/man/man3/ADMISSIONS.3 doc/man/man3/ASN1_INTEGER_get_int64.3 doc/man/man3/ASN1_INTEGER_new.3 doc/man/man3/ASN1_ITEM_lookup.3 doc/man/man3/ASN1_OBJECT_new.3 doc/man/man3/ASN1_STRING_TABLE_add.3 doc/man/man3/ASN1_STRING_length.3 doc/man/man3/ASN1_STRING_new.3 doc/man/man3/ASN1_STRING_print_ex.3 doc/man/man3/ASN1_TIME_set.3 doc/man/man3/ASN1_TYPE_get.3 doc/man/man3/ASN1_generate_nconf.3 doc/man/man3/ASYNC_WAIT_CTX_new.3 doc/man/man3/ASYNC_start_job.3 doc/man/man3/BF_encrypt.3 doc/man/man3/BIO_ADDR.3 doc/man/man3/BIO_ADDRINFO.3 doc/man/man3/BIO_connect.3 doc/man/man3/BIO_ctrl.3 doc/man/man3/BIO_f_base64.3 doc/man/man3/BIO_f_buffer.3 doc/man/man3/BIO_f_cipher.3 doc/man/man3/BIO_f_md.3 doc/man/man3/BIO_f_null.3 doc/man/man3/BIO_f_prefix.3 doc/man/man3/BIO_f_ssl.3 doc/man/man3/BIO_find_type.3 doc/man/man3/BIO_get_data.3 doc/man/man3/BIO_get_ex_new_index.3 doc/man/man3/BIO_meth_new.3 doc/man/man3/BIO_new.3 doc/man/man3/BIO_new_CMS.3 doc/man/man3/BIO_parse_hostserv.3 doc/man/man3/BIO_printf.3 doc/man/man3/BIO_push.3 doc/man/man3/BIO_read.3 doc/man/man3/BIO_s_accept.3 doc/man/man3/BIO_s_bio.3 doc/man/man3/BIO_s_connect.3 doc/man/man3/BIO_s_fd.3 doc/man/man3/BIO_s_file.3 doc/man/man3/BIO_s_mem.3 doc/man/man3/BIO_s_null.3 doc/man/man3/BIO_s_socket.3 doc/man/man3/BIO_set_callback.3 doc/man/man3/BIO_should_retry.3 doc/man/man3/BIO_socket_wait.3 doc/man/man3/BN_BLINDING_new.3 doc/man/man3/BN_CTX_new.3 doc/man/man3/BN_CTX_start.3 doc/man/man3/BN_add.3 doc/man/man3/BN_add_word.3 doc/man/man3/BN_bn2bin.3 doc/man/man3/BN_cmp.3 doc/man/man3/BN_copy.3 doc/man/man3/BN_generate_prime.3 doc/man/man3/BN_mod_inverse.3 doc/man/man3/BN_mod_mul_montgomery.3 doc/man/man3/BN_mod_mul_reciprocal.3 doc/man/man3/BN_new.3 doc/man/man3/BN_num_bytes.3 doc/man/man3/BN_rand.3 doc/man/man3/BN_security_bits.3 doc/man/man3/BN_set_bit.3 doc/man/man3/BN_swap.3 doc/man/man3/BN_zero.3 doc/man/man3/BUF_MEM_new.3 doc/man/man3/CMS_EncryptedData_decrypt.3 doc/man/man3/CMS_EncryptedData_encrypt.3 doc/man/man3/CMS_EnvelopedData_create.3 doc/man/man3/CMS_add0_cert.3 doc/man/man3/CMS_add1_recipient_cert.3 doc/man/man3/CMS_add1_signer.3 doc/man/man3/CMS_compress.3 doc/man/man3/CMS_data_create.3 doc/man/man3/CMS_decrypt.3 doc/man/man3/CMS_digest_create.3 doc/man/man3/CMS_encrypt.3 doc/man/man3/CMS_final.3 doc/man/man3/CMS_get0_RecipientInfos.3 doc/man/man3/CMS_get0_SignerInfos.3 doc/man/man3/CMS_get0_type.3 doc/man/man3/CMS_get1_ReceiptRequest.3 doc/man/man3/CMS_sign.3 doc/man/man3/CMS_sign_receipt.3 doc/man/man3/CMS_uncompress.3 doc/man/man3/CMS_verify.3 doc/man/man3/CMS_verify_receipt.3 doc/man/man3/CONF_modules_free.3 doc/man/man3/CONF_modules_load_file.3 doc/man/man3/CRYPTO_THREAD_run_once.3 doc/man/man3/CRYPTO_get_ex_new_index.3 doc/man/man3/CRYPTO_memcmp.3 doc/man/man3/CTLOG_STORE_get0_log_by_id.3 doc/man/man3/CTLOG_STORE_new.3 doc/man/man3/CTLOG_new.3 doc/man/man3/CT_POLICY_EVAL_CTX_new.3 doc/man/man3/DEFINE_STACK_OF.3 doc/man/man3/DES_random_key.3 doc/man/man3/DH_generate_key.3 doc/man/man3/DH_generate_parameters.3 doc/man/man3/DH_get0_pqg.3 doc/man/man3/DH_get_1024_160.3 doc/man/man3/DH_meth_new.3 doc/man/man3/DH_new.3 doc/man/man3/DH_new_by_nid.3 doc/man/man3/DH_set_method.3 doc/man/man3/DH_size.3 doc/man/man3/DSA_SIG_new.3 doc/man/man3/DSA_do_sign.3 doc/man/man3/DSA_dup_DH.3 doc/man/man3/DSA_generate_key.3 doc/man/man3/DSA_generate_parameters.3 doc/man/man3/DSA_get0_pqg.3 doc/man/man3/DSA_meth_new.3 doc/man/man3/DSA_new.3 doc/man/man3/DSA_set_method.3 doc/man/man3/DSA_sign.3 doc/man/man3/DSA_size.3 doc/man/man3/DTLS_get_data_mtu.3 doc/man/man3/DTLS_set_timer_cb.3 doc/man/man3/DTLSv1_listen.3 doc/man/man3/ECDSA_SIG_new.3 doc/man/man3/ECPKParameters_print.3 doc/man/man3/EC_GFp_simple_method.3 doc/man/man3/EC_GROUP_copy.3 doc/man/man3/EC_GROUP_new.3 doc/man/man3/EC_KEY_get_enc_flags.3 doc/man/man3/EC_KEY_new.3 doc/man/man3/EC_POINT_add.3 doc/man/man3/EC_POINT_new.3 doc/man/man3/ENGINE_add.3 doc/man/man3/ERR_GET_LIB.3 doc/man/man3/ERR_clear_error.3 doc/man/man3/ERR_error_string.3 doc/man/man3/ERR_get_error.3 doc/man/man3/ERR_load_crypto_strings.3 doc/man/man3/ERR_load_strings.3 doc/man/man3/ERR_new.3 doc/man/man3/ERR_print_errors.3 doc/man/man3/ERR_put_error.3 doc/man/man3/ERR_remove_state.3 doc/man/man3/ERR_set_mark.3 doc/man/man3/EVP_ASYM_CIPHER_free.3 doc/man/man3/EVP_BytesToKey.3 doc/man/man3/EVP_CIPHER_CTX_get_cipher_data.3 doc/man/man3/EVP_CIPHER_CTX_get_iv.3 doc/man/man3/EVP_CIPHER_meth_new.3 doc/man/man3/EVP_DigestInit.3 doc/man/man3/EVP_DigestSignInit.3 doc/man/man3/EVP_DigestVerifyInit.3 doc/man/man3/EVP_EncodeInit.3 doc/man/man3/EVP_EncryptInit.3 doc/man/man3/EVP_KDF.3 doc/man/man3/EVP_KEYEXCH_free.3 doc/man/man3/EVP_KEYMGMT.3 doc/man/man3/EVP_MAC.3 doc/man/man3/EVP_MD_meth_new.3 doc/man/man3/EVP_OpenInit.3 doc/man/man3/EVP_PKEY_ASN1_METHOD.3 doc/man/man3/EVP_PKEY_CTX_ctrl.3 doc/man/man3/EVP_PKEY_CTX_new.3 doc/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3 doc/man/man3/EVP_PKEY_CTX_set_hkdf_md.3 doc/man/man3/EVP_PKEY_CTX_set_params.3 doc/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3 doc/man/man3/EVP_PKEY_CTX_set_scrypt_N.3 doc/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3 doc/man/man3/EVP_PKEY_asn1_get_count.3 doc/man/man3/EVP_PKEY_check.3 doc/man/man3/EVP_PKEY_copy_parameters.3 doc/man/man3/EVP_PKEY_decrypt.3 doc/man/man3/EVP_PKEY_derive.3 doc/man/man3/EVP_PKEY_encrypt.3 doc/man/man3/EVP_PKEY_fromdata.3 doc/man/man3/EVP_PKEY_gen.3 doc/man/man3/EVP_PKEY_get_default_digest_nid.3 doc/man/man3/EVP_PKEY_gettable_params.3 doc/man/man3/EVP_PKEY_is_a.3 doc/man/man3/EVP_PKEY_meth_get_count.3 doc/man/man3/EVP_PKEY_meth_new.3 doc/man/man3/EVP_PKEY_new.3 doc/man/man3/EVP_PKEY_print_private.3 doc/man/man3/EVP_PKEY_set1_RSA.3 doc/man/man3/EVP_PKEY_set_type.3 doc/man/man3/EVP_PKEY_sign.3 doc/man/man3/EVP_PKEY_size.3 doc/man/man3/EVP_PKEY_supports_digest_nid.3 doc/man/man3/EVP_PKEY_verify.3 doc/man/man3/EVP_PKEY_verify_recover.3 doc/man/man3/EVP_RAND.3 doc/man/man3/EVP_SIGNATURE_free.3 doc/man/man3/EVP_SealInit.3 doc/man/man3/EVP_SignInit.3 doc/man/man3/EVP_VerifyInit.3 doc/man/man3/EVP_aes_128_gcm.3 doc/man/man3/EVP_aria_128_gcm.3 doc/man/man3/EVP_bf_cbc.3 doc/man/man3/EVP_blake2b512.3 doc/man/man3/EVP_camellia_128_ecb.3 doc/man/man3/EVP_cast5_cbc.3 doc/man/man3/EVP_chacha20.3 doc/man/man3/EVP_des_cbc.3 doc/man/man3/EVP_desx_cbc.3 doc/man/man3/EVP_idea_cbc.3 doc/man/man3/EVP_md2.3 doc/man/man3/EVP_md4.3 doc/man/man3/EVP_md5.3 doc/man/man3/EVP_mdc2.3 doc/man/man3/EVP_rc2_cbc.3 doc/man/man3/EVP_rc4.3 doc/man/man3/EVP_rc5_32_12_16_cbc.3 doc/man/man3/EVP_ripemd160.3 doc/man/man3/EVP_seed_cbc.3 doc/man/man3/EVP_set_default_properties.3 doc/man/man3/EVP_sha1.3 doc/man/man3/EVP_sha224.3 doc/man/man3/EVP_sha3_224.3 doc/man/man3/EVP_sm3.3 doc/man/man3/EVP_sm4_cbc.3 doc/man/man3/EVP_whirlpool.3 doc/man/man3/HMAC.3 doc/man/man3/MD5.3 doc/man/man3/MDC2_Init.3 doc/man/man3/NCONF_new_with_libctx.3 doc/man/man3/OBJ_nid2obj.3 doc/man/man3/OCSP_REQUEST_new.3 doc/man/man3/OCSP_cert_to_id.3 doc/man/man3/OCSP_request_add1_nonce.3 doc/man/man3/OCSP_resp_find_status.3 doc/man/man3/OCSP_response_status.3 doc/man/man3/OCSP_sendreq_new.3 doc/man/man3/OPENSSL_Applink.3 doc/man/man3/OPENSSL_CTX.3 doc/man/man3/OPENSSL_FILE.3 doc/man/man3/OPENSSL_LH_COMPFUNC.3 doc/man/man3/OPENSSL_LH_stats.3 doc/man/man3/OPENSSL_config.3 doc/man/man3/OPENSSL_fork_prepare.3 doc/man/man3/OPENSSL_hexchar2int.3 doc/man/man3/OPENSSL_ia32cap.3 doc/man/man3/OPENSSL_init_crypto.3 doc/man/man3/OPENSSL_init_ssl.3 doc/man/man3/OPENSSL_instrument_bus.3 doc/man/man3/OPENSSL_load_builtin_modules.3 doc/man/man3/OPENSSL_malloc.3 doc/man/man3/OPENSSL_s390xcap.3 doc/man/man3/OPENSSL_secure_malloc.3 doc/man/man3/OSSL_CMP_CTX_new.3 doc/man/man3/OSSL_CMP_HDR_get0_transactionID.3 doc/man/man3/OSSL_CMP_ITAV_set0.3 doc/man/man3/OSSL_CMP_MSG_get0_header.3 doc/man/man3/OSSL_CMP_MSG_http_perform.3 doc/man/man3/OSSL_CMP_SRV_CTX_new.3 doc/man/man3/OSSL_CMP_STATUSINFO_new.3 doc/man/man3/OSSL_CMP_exec_certreq.3 doc/man/man3/OSSL_CMP_log_open.3 doc/man/man3/OSSL_CMP_validate_msg.3 doc/man/man3/OSSL_CRMF_MSG_get0_tmpl.3 doc/man/man3/OSSL_CRMF_MSG_set0_validity.3 doc/man/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.3 doc/man/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.3 doc/man/man3/OSSL_CRMF_pbmp_new.3 doc/man/man3/OSSL_DESERIALIZER.3 doc/man/man3/OSSL_DESERIALIZER_CTX.3 doc/man/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_DESERIALIZER_from_bio.3 doc/man/man3/OSSL_HTTP_transfer.3 doc/man/man3/OSSL_PARAM.3 doc/man/man3/OSSL_PARAM_BLD.3 doc/man/man3/OSSL_PARAM_allocate_from_text.3 doc/man/man3/OSSL_PARAM_int.3 doc/man/man3/OSSL_PROVIDER.3 doc/man/man3/OSSL_SELF_TEST_new.3 doc/man/man3/OSSL_SELF_TEST_set_callback.3 doc/man/man3/OSSL_SERIALIZER.3 doc/man/man3/OSSL_SERIALIZER_CTX.3 doc/man/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_SERIALIZER_to_bio.3 doc/man/man3/OSSL_STORE_INFO.3 doc/man/man3/OSSL_STORE_LOADER.3 doc/man/man3/OSSL_STORE_SEARCH.3 doc/man/man3/OSSL_STORE_attach.3 doc/man/man3/OSSL_STORE_expect.3 doc/man/man3/OSSL_STORE_open.3 doc/man/man3/OSSL_trace_enabled.3 doc/man/man3/OSSL_trace_get_category_num.3 doc/man/man3/OSSL_trace_set_channel.3 doc/man/man3/OpenSSL_add_all_algorithms.3 doc/man/man3/OpenSSL_version.3 doc/man/man3/PEM_X509_INFO_read_bio_with_libctx.3 doc/man/man3/PEM_bytes_read_bio.3 doc/man/man3/PEM_read.3 doc/man/man3/PEM_read_CMS.3 doc/man/man3/PEM_read_bio_PrivateKey.3 doc/man/man3/PEM_read_bio_ex.3 doc/man/man3/PEM_write_bio_CMS_stream.3 doc/man/man3/PEM_write_bio_PKCS7_stream.3 doc/man/man3/PKCS12_SAFEBAG_create_cert.3 doc/man/man3/PKCS12_SAFEBAG_get0_attrs.3 doc/man/man3/PKCS12_SAFEBAG_get1_cert.3 doc/man/man3/PKCS12_add1_attr_by_NID.3 doc/man/man3/PKCS12_add_CSPName_asc.3 doc/man/man3/PKCS12_add_cert.3 doc/man/man3/PKCS12_add_friendlyname_asc.3 doc/man/man3/PKCS12_add_localkeyid.3 doc/man/man3/PKCS12_add_safe.3 doc/man/man3/PKCS12_create.3 doc/man/man3/PKCS12_get_friendlyname.3 doc/man/man3/PKCS12_newpass.3 doc/man/man3/PKCS12_parse.3 doc/man/man3/PKCS5_PBKDF2_HMAC.3 doc/man/man3/PKCS7_decrypt.3 doc/man/man3/PKCS7_encrypt.3 doc/man/man3/PKCS7_sign.3 doc/man/man3/PKCS7_sign_add_signer.3 doc/man/man3/PKCS7_verify.3 doc/man/man3/PKCS8_pkey_add1_attr.3 doc/man/man3/RAND_add.3 doc/man/man3/RAND_bytes.3 doc/man/man3/RAND_cleanup.3 doc/man/man3/RAND_egd.3 doc/man/man3/RAND_get0_primary.3 doc/man/man3/RAND_load_file.3 doc/man/man3/RAND_set_rand_method.3 doc/man/man3/RC4_set_key.3 doc/man/man3/RIPEMD160_Init.3 doc/man/man3/RSA_blinding_on.3 doc/man/man3/RSA_check_key.3 doc/man/man3/RSA_generate_key.3 doc/man/man3/RSA_get0_key.3 doc/man/man3/RSA_meth_new.3 doc/man/man3/RSA_new.3 doc/man/man3/RSA_padding_add_PKCS1_type_1.3 doc/man/man3/RSA_print.3 doc/man/man3/RSA_private_encrypt.3 doc/man/man3/RSA_public_encrypt.3 doc/man/man3/RSA_set_method.3 doc/man/man3/RSA_sign.3 doc/man/man3/RSA_sign_ASN1_OCTET_STRING.3 doc/man/man3/RSA_size.3 doc/man/man3/SCT_new.3 doc/man/man3/SCT_print.3 doc/man/man3/SCT_validate.3 doc/man/man3/SHA256_Init.3 doc/man/man3/SMIME_read_ASN1.3 doc/man/man3/SMIME_read_CMS.3 doc/man/man3/SMIME_read_PKCS7.3 doc/man/man3/SMIME_write_ASN1.3 doc/man/man3/SMIME_write_CMS.3 doc/man/man3/SMIME_write_PKCS7.3 doc/man/man3/SRP_Calc_B.3 doc/man/man3/SRP_VBASE_new.3 doc/man/man3/SRP_create_verifier.3 doc/man/man3/SRP_user_pwd_new.3 doc/man/man3/SSL_CIPHER_get_name.3 doc/man/man3/SSL_COMP_add_compression_method.3 doc/man/man3/SSL_CONF_CTX_new.3 doc/man/man3/SSL_CONF_CTX_set1_prefix.3 doc/man/man3/SSL_CONF_CTX_set_flags.3 doc/man/man3/SSL_CONF_CTX_set_ssl_ctx.3 doc/man/man3/SSL_CONF_cmd.3 doc/man/man3/SSL_CONF_cmd_argv.3 doc/man/man3/SSL_CTX_add1_chain_cert.3 doc/man/man3/SSL_CTX_add_extra_chain_cert.3 doc/man/man3/SSL_CTX_add_session.3 doc/man/man3/SSL_CTX_config.3 doc/man/man3/SSL_CTX_ctrl.3 doc/man/man3/SSL_CTX_dane_enable.3 doc/man/man3/SSL_CTX_flush_sessions.3 doc/man/man3/SSL_CTX_free.3 doc/man/man3/SSL_CTX_get0_param.3 doc/man/man3/SSL_CTX_get_verify_mode.3 doc/man/man3/SSL_CTX_has_client_custom_ext.3 doc/man/man3/SSL_CTX_load_verify_locations.3 doc/man/man3/SSL_CTX_new.3 doc/man/man3/SSL_CTX_sess_number.3 doc/man/man3/SSL_CTX_sess_set_cache_size.3 doc/man/man3/SSL_CTX_sess_set_get_cb.3 doc/man/man3/SSL_CTX_sessions.3 doc/man/man3/SSL_CTX_set0_CA_list.3 doc/man/man3/SSL_CTX_set1_curves.3 doc/man/man3/SSL_CTX_set1_sigalgs.3 doc/man/man3/SSL_CTX_set1_verify_cert_store.3 doc/man/man3/SSL_CTX_set_alpn_select_cb.3 doc/man/man3/SSL_CTX_set_cert_cb.3 doc/man/man3/SSL_CTX_set_cert_store.3 doc/man/man3/SSL_CTX_set_cert_verify_callback.3 doc/man/man3/SSL_CTX_set_cipher_list.3 doc/man/man3/SSL_CTX_set_client_cert_cb.3 doc/man/man3/SSL_CTX_set_client_hello_cb.3 doc/man/man3/SSL_CTX_set_ct_validation_callback.3 doc/man/man3/SSL_CTX_set_ctlog_list_file.3 doc/man/man3/SSL_CTX_set_default_passwd_cb.3 doc/man/man3/SSL_CTX_set_generate_session_id.3 doc/man/man3/SSL_CTX_set_info_callback.3 doc/man/man3/SSL_CTX_set_keylog_callback.3 doc/man/man3/SSL_CTX_set_max_cert_list.3 doc/man/man3/SSL_CTX_set_min_proto_version.3 doc/man/man3/SSL_CTX_set_mode.3 doc/man/man3/SSL_CTX_set_msg_callback.3 doc/man/man3/SSL_CTX_set_num_tickets.3 doc/man/man3/SSL_CTX_set_options.3 doc/man/man3/SSL_CTX_set_psk_client_callback.3 doc/man/man3/SSL_CTX_set_quiet_shutdown.3 doc/man/man3/SSL_CTX_set_read_ahead.3 doc/man/man3/SSL_CTX_set_record_padding_callback.3 doc/man/man3/SSL_CTX_set_security_level.3 doc/man/man3/SSL_CTX_set_session_cache_mode.3 doc/man/man3/SSL_CTX_set_session_id_context.3 doc/man/man3/SSL_CTX_set_session_ticket_cb.3 doc/man/man3/SSL_CTX_set_split_send_fragment.3 doc/man/man3/SSL_CTX_set_srp_password.3 doc/man/man3/SSL_CTX_set_ssl_version.3 doc/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3 doc/man/man3/SSL_CTX_set_timeout.3 doc/man/man3/SSL_CTX_set_tlsext_servername_callback.3 doc/man/man3/SSL_CTX_set_tlsext_status_cb.3 doc/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3 doc/man/man3/SSL_CTX_set_tlsext_use_srtp.3 doc/man/man3/SSL_CTX_set_tmp_dh_callback.3 doc/man/man3/SSL_CTX_set_tmp_ecdh.3 doc/man/man3/SSL_CTX_set_verify.3 doc/man/man3/SSL_CTX_use_certificate.3 doc/man/man3/SSL_CTX_use_psk_identity_hint.3 doc/man/man3/SSL_CTX_use_serverinfo.3 doc/man/man3/SSL_SESSION_free.3 doc/man/man3/SSL_SESSION_get0_cipher.3 doc/man/man3/SSL_SESSION_get0_hostname.3 doc/man/man3/SSL_SESSION_get0_id_context.3 doc/man/man3/SSL_SESSION_get0_peer.3 doc/man/man3/SSL_SESSION_get_compress_id.3 doc/man/man3/SSL_SESSION_get_protocol_version.3 doc/man/man3/SSL_SESSION_get_time.3 doc/man/man3/SSL_SESSION_has_ticket.3 doc/man/man3/SSL_SESSION_is_resumable.3 doc/man/man3/SSL_SESSION_print.3 doc/man/man3/SSL_SESSION_set1_id.3 doc/man/man3/SSL_accept.3 doc/man/man3/SSL_alert_type_string.3 doc/man/man3/SSL_alloc_buffers.3 doc/man/man3/SSL_check_chain.3 doc/man/man3/SSL_clear.3 doc/man/man3/SSL_connect.3 doc/man/man3/SSL_do_handshake.3 doc/man/man3/SSL_export_keying_material.3 doc/man/man3/SSL_extension_supported.3 doc/man/man3/SSL_free.3 doc/man/man3/SSL_get0_peer_scts.3 doc/man/man3/SSL_get_SSL_CTX.3 doc/man/man3/SSL_get_all_async_fds.3 doc/man/man3/SSL_get_ciphers.3 doc/man/man3/SSL_get_client_random.3 doc/man/man3/SSL_get_current_cipher.3 doc/man/man3/SSL_get_default_timeout.3 doc/man/man3/SSL_get_error.3 doc/man/man3/SSL_get_extms_support.3 doc/man/man3/SSL_get_fd.3 doc/man/man3/SSL_get_peer_cert_chain.3 doc/man/man3/SSL_get_peer_certificate.3 doc/man/man3/SSL_get_peer_signature_nid.3 doc/man/man3/SSL_get_peer_tmp_key.3 doc/man/man3/SSL_get_psk_identity.3 doc/man/man3/SSL_get_rbio.3 doc/man/man3/SSL_get_session.3 doc/man/man3/SSL_get_shared_sigalgs.3 doc/man/man3/SSL_get_verify_result.3 doc/man/man3/SSL_get_version.3 doc/man/man3/SSL_in_init.3 doc/man/man3/SSL_key_update.3 doc/man/man3/SSL_library_init.3 doc/man/man3/SSL_load_client_CA_file.3 doc/man/man3/SSL_new.3 doc/man/man3/SSL_pending.3 doc/man/man3/SSL_read.3 doc/man/man3/SSL_read_early_data.3 doc/man/man3/SSL_rstate_string.3 doc/man/man3/SSL_session_reused.3 doc/man/man3/SSL_set1_host.3 doc/man/man3/SSL_set_async_callback.3 doc/man/man3/SSL_set_bio.3 doc/man/man3/SSL_set_connect_state.3 doc/man/man3/SSL_set_fd.3 doc/man/man3/SSL_set_session.3 doc/man/man3/SSL_set_shutdown.3 doc/man/man3/SSL_set_verify_result.3 doc/man/man3/SSL_shutdown.3 doc/man/man3/SSL_state_string.3 doc/man/man3/SSL_want.3 doc/man/man3/SSL_write.3 doc/man/man3/TS_VERIFY_CTX_set_certs.3 doc/man/man3/UI_STRING.3 doc/man/man3/UI_UTIL_read_pw.3 doc/man/man3/UI_create_method.3 doc/man/man3/UI_new.3 doc/man/man3/X509V3_get_d2i.3 doc/man/man3/X509_ALGOR_dup.3 doc/man/man3/X509_CRL_get0_by_serial.3 doc/man/man3/X509_EXTENSION_set_object.3 doc/man/man3/X509_LOOKUP.3 doc/man/man3/X509_LOOKUP_hash_dir.3 doc/man/man3/X509_LOOKUP_meth_new.3 doc/man/man3/X509_NAME_ENTRY_get_object.3 doc/man/man3/X509_NAME_add_entry_by_txt.3 doc/man/man3/X509_NAME_get0_der.3 doc/man/man3/X509_NAME_get_index_by_NID.3 doc/man/man3/X509_NAME_print_ex.3 doc/man/man3/X509_PUBKEY_new.3 doc/man/man3/X509_SIG_get0.3 doc/man/man3/X509_STORE_CTX_get_error.3 doc/man/man3/X509_STORE_CTX_new.3 doc/man/man3/X509_STORE_CTX_set_verify_cb.3 doc/man/man3/X509_STORE_add_cert.3 doc/man/man3/X509_STORE_get0_param.3 doc/man/man3/X509_STORE_new.3 doc/man/man3/X509_STORE_set_verify_cb_func.3 doc/man/man3/X509_VERIFY_PARAM_set_flags.3 doc/man/man3/X509_add_cert.3 doc/man/man3/X509_check_ca.3 doc/man/man3/X509_check_host.3 doc/man/man3/X509_check_issued.3 doc/man/man3/X509_check_private_key.3 doc/man/man3/X509_check_purpose.3 doc/man/man3/X509_cmp.3 doc/man/man3/X509_cmp_time.3 doc/man/man3/X509_digest.3 doc/man/man3/X509_dup.3 doc/man/man3/X509_get0_distinguishing_id.3 doc/man/man3/X509_get0_notBefore.3 doc/man/man3/X509_get0_signature.3 doc/man/man3/X509_get0_uids.3 doc/man/man3/X509_get_extension_flags.3 doc/man/man3/X509_get_pubkey.3 doc/man/man3/X509_get_serialNumber.3 doc/man/man3/X509_get_subject_name.3 doc/man/man3/X509_get_version.3 doc/man/man3/X509_load_http.3 doc/man/man3/X509_new.3 doc/man/man3/X509_sign.3 doc/man/man3/X509_verify.3 doc/man/man3/X509_verify_cert.3 doc/man/man3/X509v3_get_ext_by_NID.3 doc/man/man3/d2i_DHparams.3 doc/man/man3/d2i_PKCS8PrivateKey_bio.3 doc/man/man3/d2i_PrivateKey.3 doc/man/man3/d2i_SSL_SESSION.3 doc/man/man3/d2i_X509.3 doc/man/man3/i2d_CMS_bio_stream.3 doc/man/man3/i2d_PKCS7_bio_stream.3 doc/man/man3/i2d_re_X509_tbs.3 doc/man/man3/o2i_SCT_LIST.3 doc/man/man3/s2i_ASN1_IA5STRING.3 doc/man/man5/config.5 doc/man/man5/fips_config.5 doc/man/man5/x509v3_config.5 doc/man/man7/EVP_KDF-HKDF.7 doc/man/man7/EVP_KDF-KB.7 doc/man/man7/EVP_KDF-KRB5KDF.7 doc/man/man7/EVP_KDF-PBKDF2.7 doc/man/man7/EVP_KDF-PKCS12KDF.7 doc/man/man7/EVP_KDF-SCRYPT.7 doc/man/man7/EVP_KDF-SS.7 doc/man/man7/EVP_KDF-SSHKDF.7 doc/man/man7/EVP_KDF-TLS1_PRF.7 doc/man/man7/EVP_KDF-X942.7 doc/man/man7/EVP_KDF-X963.7 doc/man/man7/EVP_KEYEXCH-DH.7 doc/man/man7/EVP_KEYEXCH-ECDH.7 doc/man/man7/EVP_KEYEXCH-X25519.7 doc/man/man7/EVP_MAC-BLAKE2.7 doc/man/man7/EVP_MAC-CMAC.7 doc/man/man7/EVP_MAC-GMAC.7 doc/man/man7/EVP_MAC-HMAC.7 doc/man/man7/EVP_MAC-KMAC.7 doc/man/man7/EVP_MAC-Poly1305.7 doc/man/man7/EVP_MAC-Siphash.7 doc/man/man7/EVP_MD-BLAKE2.7 doc/man/man7/EVP_MD-MD2.7 doc/man/man7/EVP_MD-MD4.7 doc/man/man7/EVP_MD-MD5-SHA1.7 doc/man/man7/EVP_MD-MD5.7 doc/man/man7/EVP_MD-MDC2.7 doc/man/man7/EVP_MD-RIPEMD160.7 doc/man/man7/EVP_MD-SHA1.7 doc/man/man7/EVP_MD-SHA2.7 doc/man/man7/EVP_MD-SHA3.7 doc/man/man7/EVP_MD-SHAKE.7 doc/man/man7/EVP_MD-SM3.7 doc/man/man7/EVP_MD-WHIRLPOOL.7 doc/man/man7/EVP_MD-common.7 doc/man/man7/EVP_PKEY-DH.7 doc/man/man7/EVP_PKEY-DSA.7 doc/man/man7/EVP_PKEY-EC.7 doc/man/man7/EVP_PKEY-FFC.7 doc/man/man7/EVP_PKEY-RSA.7 doc/man/man7/EVP_PKEY-X25519.7 doc/man/man7/EVP_RAND-CTR-DRBG.7 doc/man/man7/EVP_RAND-HASH-DRBG.7 doc/man/man7/EVP_RAND-HMAC-DRBG.7 doc/man/man7/EVP_RAND-TEST-RAND.7 doc/man/man7/EVP_RAND.7 doc/man/man7/EVP_SIGNATURE-DSA.7 doc/man/man7/EVP_SIGNATURE-ECDSA.7 doc/man/man7/EVP_SIGNATURE-ED25519.7 doc/man/man7/EVP_SIGNATURE-RSA.7 doc/man/man7/OSSL_PROVIDER-FIPS.7 doc/man/man7/OSSL_PROVIDER-base.7 doc/man/man7/OSSL_PROVIDER-default.7 doc/man/man7/OSSL_PROVIDER-legacy.7 doc/man/man7/OSSL_PROVIDER-null.7 doc/man/man7/RAND.7 doc/man/man7/RSA-PSS.7 doc/man/man7/SM2.7 doc/man/man7/X25519.7 doc/man/man7/bio.7 doc/man/man7/crypto.7 doc/man/man7/ct.7 doc/man/man7/des_modes.7 doc/man/man7/evp.7 doc/man/man7/openssl-core.h.7 doc/man/man7/openssl-core_dispatch.h.7 doc/man/man7/openssl-core_names.h.7 doc/man/man7/openssl-env.7 doc/man/man7/openssl_user_macros.7 doc/man/man7/ossl_store-file.7 doc/man/man7/ossl_store.7 doc/man/man7/passphrase-encoding.7 doc/man/man7/property.7 doc/man/man7/provider-asym_cipher.7 doc/man/man7/provider-base.7 doc/man/man7/provider-cipher.7 doc/man/man7/provider-digest.7 doc/man/man7/provider-keyexch.7 doc/man/man7/provider-keymgmt.7 doc/man/man7/provider-mac.7 doc/man/man7/provider-rand.7 doc/man/man7/provider-serializer.7 doc/man/man7/provider-signature.7 doc/man/man7/provider.7 doc/man/man7/proxy-certificates.7 doc/man/man7/ssl.7 doc/man/man7/x509.7
rm -f apps/openssl fuzz/asn1-test fuzz/asn1parse-test fuzz/bignum-test fuzz/bndiv-test fuzz/client-test fuzz/cmp-test fuzz/cms-test fuzz/conf-test fuzz/crl-test fuzz/ct-test fuzz/server-test fuzz/x509-test test/aborttest test/acvp_test test/aesgcmtest test/afalgtest test/asn1_decode_test test/asn1_dsa_internal_test test/asn1_encode_test test/asn1_internal_test test/asn1_string_table_test test/asn1_time_test test/asynciotest test/asynctest test/bad_dtls_test test/bftest test/bio_callback_test test/bio_enc_test test/bio_memleak_test test/bio_prefix_text test/bioprinttest test/bn_internal_test test/bntest test/buildtest_c_aes test/buildtest_c_asn1 test/buildtest_c_asn1t test/buildtest_c_async test/buildtest_c_bio test/buildtest_c_blowfish test/buildtest_c_bn test/buildtest_c_buffer test/buildtest_c_camellia test/buildtest_c_cast test/buildtest_c_cmac test/buildtest_c_cmp test/buildtest_c_cmp_util test/buildtest_c_cms test/buildtest_c_comp test/buildtest_c_conf test/buildtest_c_conf_api test/buildtest_c_core test/buildtest_c_core_dispatch test/buildtest_c_core_names test/buildtest_c_crmf test/buildtest_c_crypto test/buildtest_c_ct test/buildtest_c_des test/buildtest_c_deserializer test/buildtest_c_dh test/buildtest_c_dsa test/buildtest_c_dtls1 test/buildtest_c_e_os2 test/buildtest_c_ebcdic test/buildtest_c_ec test/buildtest_c_ecdh test/buildtest_c_ecdsa test/buildtest_c_engine test/buildtest_c_ess test/buildtest_c_evp test/buildtest_c_fips_names test/buildtest_c_hmac test/buildtest_c_http test/buildtest_c_idea test/buildtest_c_kdf test/buildtest_c_lhash test/buildtest_c_macros test/buildtest_c_md4 test/buildtest_c_md5 test/buildtest_c_mdc2 test/buildtest_c_modes test/buildtest_c_obj_mac test/buildtest_c_objects test/buildtest_c_ocsp test/buildtest_c_ossl_typ test/buildtest_c_param_build test/buildtest_c_params test/buildtest_c_pem test/buildtest_c_pem2 test/buildtest_c_pkcs12 test/buildtest_c_pkcs7 test/buildtest_c_provider test/buildtest_c_rand test/buildtest_c_rc2 test/buildtest_c_rc4 test/buildtest_c_ripemd test/buildtest_c_rsa test/buildtest_c_safestack test/buildtest_c_seed test/buildtest_c_self_test test/buildtest_c_serializer test/buildtest_c_sha test/buildtest_c_srp test/buildtest_c_srtp test/buildtest_c_ssl test/buildtest_c_ssl2 test/buildtest_c_stack test/buildtest_c_store test/buildtest_c_symhacks test/buildtest_c_tls1 test/buildtest_c_ts test/buildtest_c_txt_db test/buildtest_c_types test/buildtest_c_ui test/buildtest_c_whrlpool test/buildtest_c_x509 test/buildtest_c_x509_vfy test/buildtest_c_x509v3 test/casttest test/chacha_internal_test test/cipher_overhead_test test/cipherbytes_test test/cipherlist_test test/ciphername_test test/clienthellotest test/cmactest test/cmp_asn_test test/cmp_client_test test/cmp_ctx_test test/cmp_hdr_test test/cmp_msg_test test/cmp_protect_test test/cmp_server_test test/cmp_status_test test/cmp_vfy_test test/cmsapitest test/conf_include_test test/confdump test/constant_time_test test/context_internal_test test/crltest test/ct_test test/ctype_internal_test test/curve448_internal_test test/d2i_test test/danetest test/defltfips_test test/destest test/dhtest test/drbgtest test/dsa_no_digest_size_test test/dsatest test/dtls_mtu_test test/dtlstest test/dtlsv1listentest test/ec_internal_test test/ecdsatest test/ecstresstest test/ectest test/enginetest test/errtest test/evp_extra_test test/evp_extra_test2 test/evp_fetch_prov_test test/evp_kdf_test test/evp_libctx_test test/evp_pkey_dparams_test test/evp_pkey_provided_test test/evp_test test/exdatatest test/exptest test/fatalerrtest test/ffc_internal_test test/gmdifftest test/gosttest test/hexstr_test test/hmactest test/http_test test/ideatest test/igetest test/keymgmt_internal_test test/lhash_test test/mdc2_internal_test test/mdc2test test/memleaktest test/modes_internal_test test/namemap_internal_test test/ocspapitest test/packettest test/param_build_test test/params_api_test test/params_conversion_test test/params_test test/pbelutest test/pemtest test/pkcs12_format_test test/pkey_meth_kdf_test test/pkey_meth_test test/poly1305_internal_test test/property_test test/provider_fallback_test test/provider_internal_test test/provider_status_test test/provider_test test/rc2test test/rc4test test/rc5test test/rdrand_sanitytest test/recordlentest test/rsa_complex test/rsa_mp_test test/rsa_sp800_56b_test test/rsa_test test/sanitytest test/secmemtest test/serdes_test test/servername_test test/shlibloadtest test/siphash_internal_test test/sm2_internal_test test/sm4_internal_test test/sparse_array_test test/srptest test/ssl_cert_table_internal_test test/ssl_ctx_test test/ssl_test test/ssl_test_ctx_test test/sslapitest test/sslbuffertest test/sslcorrupttest test/ssltest_old test/stack_test test/sysdefaulttest test/test_test test/threadstest test/time_offset_test test/tls13ccstest test/tls13encryptiontest test/tls13secretstest test/uitest test/v3ext test/v3nametest test/verify_extra_test test/versions test/wpackettest test/x509_check_cert_pkey_test test/x509_dup_cert_test test/x509_internal_test test/x509_time_test test/x509aux  engines/afalg.so engines/capi.so engines/dasync.so engines/ossltest.so engines/padlock.so providers/fips.so providers/legacy.so test/p_test.so apps/CA.pl apps/tsget.pl tools/c_rehash util/shlib_wrap.sh
rm -f doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod include/crypto/bn_conf.h include/crypto/dso_conf.h include/openssl/configuration.h include/openssl/fipskey.h include/openssl/opensslv.h test/provider_internal_test.cnf apps/CA.pl apps/progs.c apps/progs.h apps/tsget.pl crypto/aes/aes-x86_64.s crypto/aes/aesni-mb-x86_64.s crypto/aes/aesni-sha1-x86_64.s crypto/aes/aesni-sha256-x86_64.s crypto/aes/aesni-x86_64.s crypto/aes/bsaes-x86_64.s crypto/aes/vpaes-x86_64.s crypto/bn/rsaz-avx2.s crypto/bn/rsaz-x86_64.s crypto/bn/x86_64-gf2m.s crypto/bn/x86_64-mont.s crypto/bn/x86_64-mont5.s crypto/buildinf.h crypto/camellia/cmll-x86_64.s crypto/chacha/chacha-x86_64.s crypto/ec/ecp_nistz256-x86_64.s crypto/ec/x25519-x86_64.s crypto/md5/md5-x86_64.s crypto/modes/aesni-gcm-x86_64.s crypto/modes/ghash-x86_64.s crypto/poly1305/poly1305-x86_64.s crypto/rc4/rc4-md5-x86_64.s crypto/rc4/rc4-x86_64.s crypto/sha/keccak1600-x86_64.s crypto/sha/sha1-mb-x86_64.s crypto/sha/sha1-x86_64.s crypto/sha/sha256-mb-x86_64.s crypto/sha/sha256-x86_64.s crypto/sha/sha512-x86_64.s crypto/whrlpool/wp-x86_64.s crypto/x86_64cpuid.s doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod engines/afalg.ld engines/capi.ld engines/dasync.ld engines/e_padlock-x86_64.s engines/ossltest.ld engines/padlock.ld libcrypto.ld libssl.ld providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_rsa_gen.c providers/common/der/der_wrap_gen.c providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_wrap.h providers/fips.ld providers/legacy.ld test/buildtest_aes.c test/buildtest_asn1.c test/buildtest_asn1t.c test/buildtest_async.c test/buildtest_bio.c test/buildtest_blowfish.c test/buildtest_bn.c test/buildtest_buffer.c test/buildtest_camellia.c test/buildtest_cast.c test/buildtest_cmac.c test/buildtest_cmp.c test/buildtest_cmp_util.c test/buildtest_cms.c test/buildtest_comp.c test/buildtest_conf.c test/buildtest_conf_api.c test/buildtest_core.c test/buildtest_core_dispatch.c test/buildtest_core_names.c test/buildtest_crmf.c test/buildtest_crypto.c test/buildtest_ct.c test/buildtest_des.c test/buildtest_deserializer.c test/buildtest_dh.c test/buildtest_dsa.c test/buildtest_dtls1.c test/buildtest_e_os2.c test/buildtest_ebcdic.c test/buildtest_ec.c test/buildtest_ecdh.c test/buildtest_ecdsa.c test/buildtest_engine.c test/buildtest_ess.c test/buildtest_evp.c test/buildtest_fips_names.c test/buildtest_hmac.c test/buildtest_http.c test/buildtest_idea.c test/buildtest_kdf.c test/buildtest_lhash.c test/buildtest_macros.c test/buildtest_md4.c test/buildtest_md5.c test/buildtest_mdc2.c test/buildtest_modes.c test/buildtest_obj_mac.c test/buildtest_objects.c test/buildtest_ocsp.c test/buildtest_ossl_typ.c test/buildtest_param_build.c test/buildtest_params.c test/buildtest_pem.c test/buildtest_pem2.c test/buildtest_pkcs12.c test/buildtest_pkcs7.c test/buildtest_provider.c test/buildtest_rand.c test/buildtest_rc2.c test/buildtest_rc4.c test/buildtest_ripemd.c test/buildtest_rsa.c test/buildtest_safestack.c test/buildtest_seed.c test/buildtest_self_test.c test/buildtest_serializer.c test/buildtest_sha.c test/buildtest_srp.c test/buildtest_srtp.c test/buildtest_ssl.c test/buildtest_ssl2.c test/buildtest_stack.c test/buildtest_store.c test/buildtest_symhacks.c test/buildtest_tls1.c test/buildtest_ts.c test/buildtest_txt_db.c test/buildtest_types.c test/buildtest_ui.c test/buildtest_whrlpool.c test/buildtest_x509.c test/buildtest_x509_vfy.c test/buildtest_x509v3.c test/p_test.ld tools/c_rehash util/shlib_wrap.sh
rm -f `find . -name '*.d' \! -name '.*' \! -type d -print`
rm -f `find . -name '*.o' \! -name '.*' \! -type d -print`
rm -f core
rm -f tags TAGS doc-nits cmd-nits md-nits
rm -f -r test/test-runs
rm -f openssl.pc libcrypto.pc libssl.pc
rm -f `find . -type l \! -name '.*' -print`
rm -f ../openssl-3.0.0-alpha7-dev.tar
$ make depend
$ LDCMD= make -j4
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-asn1parse.pod.in > doc/man1/openssl-asn1parse.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ca.pod.in > doc/man1/openssl-ca.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ciphers.pod.in > doc/man1/openssl-ciphers.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmds.pod.in > doc/man1/openssl-cmds.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmp.pod.in > doc/man1/openssl-cmp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cms.pod.in > doc/man1/openssl-cms.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl.pod.in > doc/man1/openssl-crl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-provider.pod.in > doc/man1/openssl-provider.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf
make depend && make _build_sw
make[1]: Entering directory '/home/openssl/run-checker/no-posix-io'
make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io'
make[1]: Entering directory '/home/openssl/run-checker/no-posix-io'
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c
../openssl/apps/lib/http_server.c:27:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations]
int multi = 0; /* run multiple responder processes */
    ^
1 error generated.
Makefile:4153: recipe for target 'apps/lib/libapps-lib-http_server.o' failed
make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io'
Makefile:3123: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From dev at ddvo.net  Fri Aug 21 07:10:15 2020
From: dev at ddvo.net (dev at ddvo.net)
Date: Fri, 21 Aug 2020 07:10:15 +0000
Subject: [openssl]  master update
Message-ID: <1597993815.789519.479.nullmailer@dev.openssl.org>

The branch master has been updated
       via  5a7734cd0219faaad336990c9ceebc8efc2776b0 (commit)
       via  4561f15fdb0cf86257fd30292a9b82893c248350 (commit)
       via  bdd6784fdd0f6e8ffc7b9a3c19fcc6a029385160 (commit)
       via  b0248cbc3e2fa20e9c4d97845808537f9bd4206a (commit)
       via  6d1f50b520ce0a2eaa624686a26ffd4a5af00d93 (commit)
       via  cac30a69bcadcfcf5beb034abf958bbcdb8b83cb (commit)
       via  28e9f62b2dd5f59218bd7d5c3ef877dd06e5eb97 (commit)
       via  1930b58642a67eecf23708aa71df9e193e849a3c (commit)
       via  2300083887342650e1ad8071855d87a0e814dba4 (commit)
       via  ab28b59064b3f46c7a62b540cd17cad718738108 (commit)
       via  97e00da90282dddfc572c84d8468d85ab1925fba (commit)
       via  1a7cd250ad55a3c9d684a7259c20ea8075c2b08b (commit)
       via  7b1a3a506273bc043cefd7c2202300a9bf81daa0 (commit)
       via  cef3a008a667a742cec5317c84470e4a09600e17 (commit)
       via  ded346fad2f2c86bc13ac3beaf5e00e969f04442 (commit)
       via  4cdf44c46b699934b86b9d842cfd4448b7dbe58e (commit)
       via  09c2e26e640d78afe7da00d856ab113d9181e098 (commit)
       via  1bb6f70da33ab48a74327dd04121c94c015217ac (commit)
       via  06cee80a843cae6bcb2dcba7eab26c963e10f825 (commit)
       via  1a7ceb6c74d930fd5dfbcd06350b4cef0228936b (commit)
       via  bc03cfadc403137e1c274de4907b390841057cbf (commit)
       via  de3713d492556e684e71eccf3c20116d00616277 (commit)
      from  be63e58732cedc0bbc39777d1cf7556e55f146ef (commit)


- Log -----------------------------------------------------------------
commit 5a7734cd0219faaad336990c9ceebc8efc2776b0
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Wed Aug 19 00:48:57 2020 +0200

    Add libctx/provider support to cmp_msg_test
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

commit 4561f15fdb0cf86257fd30292a9b82893c248350
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Tue Aug 18 17:14:19 2020 +0200

    Add libctx/provider support to cmp_protect_test
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

commit bdd6784fdd0f6e8ffc7b9a3c19fcc6a029385160
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Tue Aug 18 17:04:54 2020 +0200

    Add libctx/provider support to cmp_vfy_test
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

commit b0248cbc3e2fa20e9c4d97845808537f9bd4206a
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Wed Aug 12 22:20:23 2020 +0200

    Add libctx/provider support to cmp_client_test
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

commit 6d1f50b520ce0a2eaa624686a26ffd4a5af00d93
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Thu Aug 13 17:44:54 2020 +0200

    Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

commit cac30a69bcadcfcf5beb034abf958bbcdb8b83cb
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Wed Aug 12 22:15:24 2020 +0200

    cmp_msg.c: Copy libctx and propq of CMP_CTX to newly enrolled certificate
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

commit 28e9f62b2dd5f59218bd7d5c3ef877dd06e5eb97
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Wed May 13 16:03:26 2020 +0200

    cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

commit 1930b58642a67eecf23708aa71df9e193e849a3c
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Wed May 13 12:19:16 2020 +0200

    cmp_hdr.c: Adapt ossl_cmp_hdr_init() to use OPENSSL_CTX for random number generation
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

commit 2300083887342650e1ad8071855d87a0e814dba4
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Wed Aug 12 19:16:03 2020 +0200

    crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

commit ab28b59064b3f46c7a62b540cd17cad718738108
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Thu May 14 12:32:44 2020 +1000

    Add libctx/provider support to cmp_server_test
    
    Reviewed-by: David von Oheimb <david.von.oheimb at siemens.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

commit 97e00da90282dddfc572c84d8468d85ab1925fba
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Wed May 13 11:58:52 2020 +0200

    Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its doc
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

commit 1a7cd250ad55a3c9d684a7259c20ea8075c2b08b
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Wed May 13 09:28:24 2020 +0200

    Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_mock_srv_new()
    
    Also remove not really to-the-point error message if call fails in apps/cmp.c
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

commit 7b1a3a506273bc043cefd7c2202300a9bf81daa0
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Tue Aug 18 16:03:29 2020 +0200

    cmp_vfy.c: Fix bug: must verify msg signature also in 3GPP mode
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

commit cef3a008a667a742cec5317c84470e4a09600e17
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Wed May 13 14:04:18 2020 +0200

    Update CMP header file references in internal CMP documentation
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

commit ded346fad2f2c86bc13ac3beaf5e00e969f04442
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Thu May 14 21:09:49 2020 +0200

    Add libctx and propq param to ASN.1 sign/verify/HMAC/decrypt
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

commit 4cdf44c46b699934b86b9d842cfd4448b7dbe58e
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Wed Aug 12 21:07:12 2020 +0200

    x_x509.c: Simplify X509_new_with_libctx() using x509_set0_libctx()
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

commit 09c2e26e640d78afe7da00d856ab113d9181e098
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Thu May 14 11:27:43 2020 +0200

    Re-word null->empty property; improve iteration.count example in property.pod
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

commit 1bb6f70da33ab48a74327dd04121c94c015217ac
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Wed Aug 12 07:46:57 2020 +0200

    testutil: Add provider.c with test_get_libctx(), to use at least for SSL and CMP
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

commit 06cee80a843cae6bcb2dcba7eab26c963e10f825
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Wed Aug 12 20:24:26 2020 +0200

    testutil: Make SETUP_TEST_FIXTURE return 0 on fixture == NULL
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

commit 1a7ceb6c74d930fd5dfbcd06350b4cef0228936b
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Fri May 15 18:46:59 2020 +0200

    Correct the #define's of EVP_PKEY_CTRL_SET1_ID and EVP_PKEY_CTRL_GET1_ID{,_LEN}
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

commit bc03cfadc403137e1c274de4907b390841057cbf
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Wed Aug 12 22:11:42 2020 +0200

    Add prerequisite #include directives to include/crypto/x509.h
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

commit de3713d492556e684e71eccf3c20116d00616277
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Wed Aug 12 22:07:51 2020 +0200

    Make sure x509v3_cache_extensions() does not modify the error queue
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/11808)

-----------------------------------------------------------------------

Summary of changes:
 apps/cmp.c                                         |  15 +-
 apps/cmp_mock_srv.c                                |   4 +-
 apps/cmp_mock_srv.h                                |   2 +-
 crypto/asn1/a_sign.c                               |  50 +++--
 crypto/asn1/a_verify.c                             |  43 ++--
 crypto/asn1/ameth_lib.c                            |   8 +-
 crypto/asn1/asn1_err.c                             |   2 +-
 crypto/cmp/cmp_client.c                            |   6 +-
 crypto/cmp/cmp_ctx.c                               |  49 ++++-
 crypto/cmp/cmp_err.c                               |   3 +-
 crypto/cmp/cmp_hdr.c                               |  28 +--
 crypto/cmp/cmp_local.h                             |  29 ++-
 crypto/cmp/cmp_msg.c                               |  26 ++-
 crypto/cmp/cmp_protect.c                           | 235 +++++++++++----------
 crypto/cmp/cmp_server.c                            |   6 +-
 crypto/cmp/cmp_util.c                              |  18 +-
 crypto/cmp/cmp_vfy.c                               | 131 ++++++------
 crypto/crmf/crmf_err.c                             |   4 +-
 crypto/crmf/crmf_lib.c                             |  91 ++++----
 crypto/crmf/crmf_pbm.c                             |  34 +--
 crypto/ec/ecx_meth.c                               |  12 +-
 crypto/err/openssl.txt                             |   5 +-
 crypto/evp/digest.c                                |  32 +++
 crypto/rsa/rsa_ameth.c                             |  10 +-
 crypto/x509/v3_purp.c                              |   2 +
 crypto/x509/x_all.c                                |  67 +-----
 crypto/x509/x_x509.c                               |   5 +-
 .../man3/ossl_cmp_asn1_octet_string_set1.pod       |  22 +-
 doc/internal/man3/ossl_cmp_hdr_init.pod            |   2 +-
 doc/internal/man3/ossl_cmp_mock_srv_new.pod        |   8 +-
 doc/internal/man3/ossl_cmp_msg_create.pod          |   2 +-
 doc/internal/man3/ossl_cmp_msg_protect.pod         |  53 ++++-
 doc/internal/man3/ossl_cmp_pkisi_get_status.pod    |  15 +-
 doc/man3/OSSL_CMP_CTX_new.pod                      |  11 +-
 doc/man3/OSSL_CMP_SRV_CTX_new.pod                  |   7 +-
 doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod               |  20 +-
 doc/man3/OSSL_CRMF_MSG_set0_validity.pod           |  19 +-
 doc/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod   |  28 +--
 doc/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod    |  10 +-
 doc/man3/OSSL_CRMF_pbmp_new.pod                    |  52 +++--
 doc/man7/property.pod                              |   8 +-
 fuzz/cmp.c                                         |   4 +-
 include/crypto/asn1.h                              |   7 +-
 include/crypto/evp.h                               |   3 +
 include/crypto/x509.h                              |   2 +
 include/openssl/asn1.h                             |  10 +
 include/openssl/asn1err.h                          |   1 -
 include/openssl/cmp.h                              |   4 +-
 include/openssl/cmperr.h                           |   2 +-
 include/openssl/crmf.h                             |  17 +-
 include/openssl/crmferr.h                          |   3 +-
 include/openssl/ec.h                               |   7 +-
 include/openssl/evp.h                              |  18 +-
 include/openssl/x509.h                             |  23 +-
 test/build.info                                    |   2 +-
 test/cipherlist_test.c                             |   9 +-
 test/cmp_client_test.c                             |  22 +-
 test/cmp_ctx_test.c                                |   2 +-
 test/cmp_hdr_test.c                                |   7 +-
 test/cmp_msg_test.c                                |  62 ++++--
 test/cmp_protect_test.c                            |  74 ++++---
 test/cmp_server_test.c                             |  18 +-
 test/cmp_testlib.c                                 |  20 +-
 test/cmp_testlib.h                                 |   4 +-
 test/cmp_vfy_test.c                                |  57 +++--
 test/ct_test.c                                     |  16 --
 test/recipes/65-test_cmp_client.t                  |  39 +++-
 test/recipes/65-test_cmp_msg.t                     |  34 ++-
 .../65-test_cmp_msg_data/new.key}                  |   0
 test/recipes/65-test_cmp_protect.t                 |  51 +++--
 test/recipes/65-test_cmp_server.t                  |  30 ++-
 test/recipes/65-test_cmp_vfy.t                     |  53 +++--
 test/ssl_test.c                                    |  27 +--
 test/ssl_test_ctx_test.c                           |   4 -
 test/testutil.h                                    |  48 +++--
 test/testutil/provider.c                           |  51 +++++
 util/libcrypto.num                                 |   2 +
 util/missingcrypto.txt                             |   2 +
 78 files changed, 1092 insertions(+), 817 deletions(-)
 copy test/{certs/root-key2.pem => recipes/65-test_cmp_msg_data/new.key} (100%)
 create mode 100644 test/testutil/provider.c

diff --git a/apps/cmp.c b/apps/cmp.c
index 350aa22628..97fa322b11 100644
--- a/apps/cmp.c
+++ b/apps/cmp.c
@@ -1156,7 +1156,8 @@ static int transform_opts(void)
 static OSSL_CMP_SRV_CTX *setup_srv_ctx(ENGINE *engine)
 {
     OSSL_CMP_CTX *ctx; /* extra CMP (client) ctx partly used by server */
-    OSSL_CMP_SRV_CTX *srv_ctx = ossl_cmp_mock_srv_new();
+    OSSL_CMP_SRV_CTX *srv_ctx = ossl_cmp_mock_srv_new(app_get0_libctx(),
+                                                      app_get0_propq());
 
     if (srv_ctx == NULL)
         return NULL;
@@ -1652,8 +1653,11 @@ static int setup_protection_ctx(OSSL_CMP_CTX *ctx, ENGINE *engine)
             CMP_err1("digest algorithm name not recognized: '%s'", opt_digest);
             goto err;
         }
-        (void)OSSL_CMP_CTX_set_option(ctx, OSSL_CMP_OPT_DIGEST_ALGNID, digest);
-        (void)OSSL_CMP_CTX_set_option(ctx, OSSL_CMP_OPT_OWF_ALGNID, digest);
+        if (!OSSL_CMP_CTX_set_option(ctx, OSSL_CMP_OPT_DIGEST_ALGNID, digest)
+            || !OSSL_CMP_CTX_set_option(ctx, OSSL_CMP_OPT_OWF_ALGNID, digest)) {
+            CMP_err1("digest algorithm name not supported: '%s'", opt_digest);
+            goto err;
+        }
     }
 
     if (opt_mac != NULL) {
@@ -2776,10 +2780,9 @@ int cmp_main(int argc, char **argv)
         }
     }
 
-    if ((cmp_ctx = OSSL_CMP_CTX_new()) == NULL) {
-        CMP_err("out of memory");
+    cmp_ctx = OSSL_CMP_CTX_new(app_get0_libctx(), app_get0_propq());
+    if (cmp_ctx == NULL)
         goto err;
-    }
     if (!OSSL_CMP_CTX_set_log_cb(cmp_ctx, print_to_bio_out)) {
         CMP_err1("cannot set up error reporting and logging for %s", prog);
         goto err;
diff --git a/apps/cmp_mock_srv.c b/apps/cmp_mock_srv.c
index c63e5f9943..3a0819008b 100644
--- a/apps/cmp_mock_srv.c
+++ b/apps/cmp_mock_srv.c
@@ -388,9 +388,9 @@ static int process_pollReq(OSSL_CMP_SRV_CTX *srv_ctx,
     return 1;
 }
 
-OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(void)
+OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(OPENSSL_CTX *libctx, const char *propq)
 {
-    OSSL_CMP_SRV_CTX *srv_ctx = OSSL_CMP_SRV_CTX_new();
+    OSSL_CMP_SRV_CTX *srv_ctx = OSSL_CMP_SRV_CTX_new(libctx, propq);
     mock_srv_ctx *ctx = mock_srv_ctx_new();
 
     if (srv_ctx != NULL && ctx != NULL
diff --git a/apps/cmp_mock_srv.h b/apps/cmp_mock_srv.h
index bddc44df5b..b4f82d1b81 100644
--- a/apps/cmp_mock_srv.h
+++ b/apps/cmp_mock_srv.h
@@ -16,7 +16,7 @@
 
 #  include <openssl/cmp.h>
 
-OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(void);
+OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(OPENSSL_CTX *libctx, const char *propq);
 void ossl_cmp_mock_srv_free(OSSL_CMP_SRV_CTX *srv_ctx);
 
 int ossl_cmp_mock_srv_set1_certOut(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert);
diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c
index 300f30aa71..04edd1b28c 100644
--- a/crypto/asn1/a_sign.c
+++ b/crypto/asn1/a_sign.c
@@ -115,40 +115,50 @@ int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2,
 
 #endif
 
-int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
-                   X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *asn,
-                   EVP_PKEY *pkey, const EVP_MD *type)
+int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
+                   ASN1_BIT_STRING *signature, const void *data,
+                   EVP_PKEY *pkey, const EVP_MD *md)
 {
-    int rv;
-    EVP_MD_CTX *ctx = EVP_MD_CTX_new();
+    return ASN1_item_sign_with_libctx(it, algor1, algor2, signature, data, NULL,
+                                      pkey, md, NULL, NULL);
+}
+
+int ASN1_item_sign_with_libctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
+                               X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
+                               const void *data, const ASN1_OCTET_STRING *id,
+                               EVP_PKEY *pkey, const EVP_MD *md,
+                               OPENSSL_CTX *libctx, const char *propq)
+{
+    int rv = 0;
+    EVP_MD_CTX *ctx = evp_md_ctx_new_with_libctx(pkey, id, libctx, propq);
 
     if (ctx == NULL) {
-        ASN1err(ASN1_F_ASN1_ITEM_SIGN, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    if (!EVP_DigestSignInit(ctx, NULL, type, NULL, pkey)) {
-        EVP_MD_CTX_free(ctx);
+        ASN1err(0, ERR_R_MALLOC_FAILURE);
         return 0;
     }
+    if (!EVP_DigestSignInit(ctx, NULL, md, NULL, pkey))
+        goto err;
 
-    rv = ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, ctx);
+    rv = ASN1_item_sign_ctx(it, algor1, algor2, signature, data, ctx);
 
+ err:
+    EVP_PKEY_CTX_free(EVP_MD_CTX_pkey_ctx(ctx));
     EVP_MD_CTX_free(ctx);
     return rv;
 }
 
-int ASN1_item_sign_ctx(const ASN1_ITEM *it,
-                       X509_ALGOR *algor1, X509_ALGOR *algor2,
-                       ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx)
+int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
+                       X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
+                       const void *data, EVP_MD_CTX *ctx)
 {
-    const EVP_MD *type;
+    const EVP_MD *md;
     EVP_PKEY *pkey;
     unsigned char *buf_in = NULL, *buf_out = NULL;
     size_t inl = 0, outl = 0, outll = 0;
     int signid, paramtype, buf_len = 0;
     int rv, pkey_id;
 
-    type = EVP_MD_CTX_md(ctx);
+    md = EVP_MD_CTX_md(ctx);
     pkey = EVP_PKEY_CTX_get0_pkey(EVP_MD_CTX_pkey_ctx(ctx));
 
     if (pkey == NULL) {
@@ -202,7 +212,7 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
 
         rv = 3;
     } else if (pkey->ameth->item_sign) {
-        rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2, signature);
+        rv = pkey->ameth->item_sign(ctx, it, data, algor1, algor2, signature);
         if (rv == 1)
             outl = signature->length;
         /*-
@@ -221,7 +231,7 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
     }
 
     if (rv == 2) {
-        if (type == NULL) {
+        if (md == NULL) {
             ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED);
             goto err;
         }
@@ -232,7 +242,7 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
 #endif
             pkey->ameth->pkey_id;
 
-        if (!OBJ_find_sigid_by_algs(&signid, EVP_MD_nid(type), pkey_id)) {
+        if (!OBJ_find_sigid_by_algs(&signid, EVP_MD_nid(md), pkey_id)) {
             ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,
                     ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
             goto err;
@@ -250,7 +260,7 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
 
     }
 
-    buf_len = ASN1_item_i2d(asn, &buf_in, it);
+    buf_len = ASN1_item_i2d(data, &buf_in, it);
     if (buf_len <= 0) {
         outl = 0;
         ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_INTERNAL_ERROR);
diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c
index eb024e79c0..2b2c46a854 100644
--- a/crypto/asn1/a_verify.c
+++ b/crypto/asn1/a_verify.c
@@ -85,30 +85,33 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
 
 #endif
 
-int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
-                     ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey)
+int ASN1_item_verify(const ASN1_ITEM *it, const X509_ALGOR *alg,
+                     const ASN1_BIT_STRING *signature, const void *data,
+                     EVP_PKEY *pkey)
 {
+    return ASN1_item_verify_with_libctx(it, alg, signature, data, NULL, pkey,
+                                        NULL, NULL);
+}
+
+int ASN1_item_verify_with_libctx(const ASN1_ITEM *it, const X509_ALGOR *alg,
+                                 const ASN1_BIT_STRING *signature,
+                                 const void *data,
+                                 const ASN1_OCTET_STRING *id, EVP_PKEY *pkey,
+                                 OPENSSL_CTX *libctx, const char *propq)
+{
+    EVP_MD_CTX *ctx;
     int rv = -1;
-    EVP_MD_CTX *ctx = EVP_MD_CTX_new();
-    EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new(pkey, NULL);
 
-    if (ctx == NULL || pctx == NULL) {
-        ASN1err(0, ERR_R_MALLOC_FAILURE);
-        goto err;
+    if ((ctx = evp_md_ctx_new_with_libctx(pkey, id, libctx, propq)) != NULL) {
+        rv = ASN1_item_verify_ctx(it, alg, signature, data, ctx);
+        EVP_PKEY_CTX_free(EVP_MD_CTX_pkey_ctx(ctx));
+        EVP_MD_CTX_free(ctx);
     }
-
-    EVP_MD_CTX_set_pkey_ctx(ctx, pctx);
-
-    rv = ASN1_item_verify_ctx(it, a, signature, asn, ctx);
-
- err:
-    EVP_PKEY_CTX_free(pctx);
-    EVP_MD_CTX_free(ctx);
     return rv;
 }
 
-int ASN1_item_verify_ctx(const ASN1_ITEM *it, X509_ALGOR *a,
-                         ASN1_BIT_STRING *signature, void *asn,
+int ASN1_item_verify_ctx(const ASN1_ITEM *it, const X509_ALGOR *alg,
+                         const ASN1_BIT_STRING *signature, const void *data,
                          EVP_MD_CTX *ctx)
 {
     EVP_PKEY *pkey;
@@ -130,7 +133,7 @@ int ASN1_item_verify_ctx(const ASN1_ITEM *it, X509_ALGOR *a,
     }
 
     /* Convert signature OID into digest and public key OIDs */
-    if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) {
+    if (!OBJ_find_sigid_algs(OBJ_obj2nid(alg->algorithm), &mdnid, &pknid)) {
         ASN1err(0, ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
         goto err;
     }
@@ -140,7 +143,7 @@ int ASN1_item_verify_ctx(const ASN1_ITEM *it, X509_ALGOR *a,
             ASN1err(0, ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
             goto err;
         }
-        ret = pkey->ameth->item_verify(ctx, it, asn, a, signature, pkey);
+        ret = pkey->ameth->item_verify(ctx, it, data, alg, signature, pkey);
         /*
          * Return values meaning:
          * <=0: error.
@@ -172,7 +175,7 @@ int ASN1_item_verify_ctx(const ASN1_ITEM *it, X509_ALGOR *a,
         }
     }
 
-    inl = ASN1_item_i2d(asn, &buf_in, it);
+    inl = ASN1_item_i2d(data, &buf_in, it);
     if (inl <= 0) {
         ASN1err(0, ERR_R_INTERNAL_ERROR);
         goto err;
diff --git a/crypto/asn1/ameth_lib.c b/crypto/asn1/ameth_lib.c
index 32074c460e..e473112d0b 100644
--- a/crypto/asn1/ameth_lib.c
+++ b/crypto/asn1/ameth_lib.c
@@ -361,13 +361,13 @@ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
 void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
                             int (*item_verify) (EVP_MD_CTX *ctx,
                                                 const ASN1_ITEM *it,
-                                                void *asn,
-                                                X509_ALGOR *a,
-                                                ASN1_BIT_STRING *sig,
+                                                const void *data,
+                                                const X509_ALGOR *a,
+                                                const ASN1_BIT_STRING *sig,
                                                 EVP_PKEY *pkey),
                             int (*item_sign) (EVP_MD_CTX *ctx,
                                               const ASN1_ITEM *it,
-                                              void *asn,
+                                              const void *data,
                                               X509_ALGOR *alg1,
                                               X509_ALGOR *alg2,
                                               ASN1_BIT_STRING *sig))
diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
index 96878e2a46..6a599bc067 100644
--- a/crypto/asn1/asn1_err.c
+++ b/crypto/asn1/asn1_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/crypto/cmp/cmp_client.c b/crypto/cmp/cmp_client.c
index 37473c7a6c..b7319372e6 100644
--- a/crypto/cmp/cmp_client.c
+++ b/crypto/cmp/cmp_client.c
@@ -425,10 +425,8 @@ static X509 *get1_cert_status(OSSL_CMP_CTX *ctx, int bodytype,
         goto err;
     case OSSL_CMP_PKISTATUS_grantedWithMods:
         ossl_cmp_warn(ctx, "received \"grantedWithMods\" for certificate");
-        crt = ossl_cmp_certresponse_get1_certificate(privkey, crep);
         break;
     case OSSL_CMP_PKISTATUS_accepted:
-        crt = ossl_cmp_certresponse_get1_certificate(privkey, crep);
         break;
         /* get all information in case of a rejection before going to error */
     case OSSL_CMP_PKISTATUS_rejection:
@@ -438,19 +436,16 @@ static X509 *get1_cert_status(OSSL_CMP_CTX *ctx, int bodytype,
     case OSSL_CMP_PKISTATUS_revocationWarning:
         ossl_cmp_warn(ctx,
                       "received \"revocationWarning\" - a revocation of the cert is imminent");
-        crt = ossl_cmp_certresponse_get1_certificate(privkey, crep);
         break;
     case OSSL_CMP_PKISTATUS_revocationNotification:
         ossl_cmp_warn(ctx,
                       "received \"revocationNotification\" - a revocation of the cert has occurred");
-        crt = ossl_cmp_certresponse_get1_certificate(privkey, crep);
         break;
     case OSSL_CMP_PKISTATUS_keyUpdateWarning:
         if (bodytype != OSSL_CMP_PKIBODY_KUR) {
             CMPerr(0, CMP_R_ENCOUNTERED_KEYUPDATEWARNING);
             goto err;
         }
-        crt = ossl_cmp_certresponse_get1_certificate(privkey, crep);
         break;
     default:
         ossl_cmp_log1(ERROR, ctx,
@@ -459,6 +454,7 @@ static X509 *get1_cert_status(OSSL_CMP_CTX *ctx, int bodytype,
         CMPerr(0, CMP_R_UNKNOWN_PKISTATUS);
         goto err;
     }
+    crt = ossl_cmp_certresponse_get1_cert(crep, ctx, privkey);
     if (crt == NULL) /* according to PKIStatus, we can expect a cert */
         CMPerr(0, CMP_R_CERTIFICATE_NOT_FOUND);
 
diff --git a/crypto/cmp/cmp_ctx.c b/crypto/cmp/cmp_ctx.c
index 3081dfcc21..e731f15958 100644
--- a/crypto/cmp/cmp_ctx.c
+++ b/crypto/cmp/cmp_ctx.c
@@ -12,6 +12,7 @@
 #include <openssl/trace.h>
 #include <openssl/bio.h>
 #include <openssl/ocsp.h> /* for OCSP_REVOKED_STATUS_* */
+#include "crypto/x509.h" /* for x509v3_cache_extensions() */
 
 #include "cmp_local.h"
 
@@ -89,16 +90,34 @@ int OSSL_CMP_CTX_set1_untrusted_certs(OSSL_CMP_CTX *ctx, STACK_OF(X509) *certs)
     return 0;
 }
 
+static int cmp_ctx_set_md(OSSL_CMP_CTX *ctx, EVP_MD **pmd, int nid)
+{
+    EVP_MD *md = EVP_MD_fetch(ctx->libctx, OBJ_nid2sn(nid), ctx->propq);
+    /* fetching in advance to be able to throw error early if unsupported */
+
+    if (md == NULL) {
+        CMPerr(0, CMP_R_UNSUPPORTED_ALGORITHM);
+        return 0;
+    }
+    EVP_MD_free(*pmd);
+    *pmd = md;
+    return 1;
+}
+
 /*
  * Allocates and initializes OSSL_CMP_CTX context structure with default values.
  * Returns new context on success, NULL on error
  */
-OSSL_CMP_CTX *OSSL_CMP_CTX_new(void)
+OSSL_CMP_CTX *OSSL_CMP_CTX_new(OPENSSL_CTX *libctx, const char *propq)
 {
     OSSL_CMP_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
 
     if (ctx == NULL)
-        return NULL;
+        goto err;
+
+    ctx->libctx = libctx;
+    if (propq != NULL && (ctx->propq = OPENSSL_strdup(propq)) == NULL)
+        goto err;
 
     ctx->log_verbosity = OSSL_CMP_LOG_INFO;
 
@@ -111,11 +130,13 @@ OSSL_CMP_CTX *OSSL_CMP_CTX_new(void)
         goto err;
 
     ctx->pbm_slen = 16;
-    ctx->pbm_owf = NID_sha256;
+    if (!cmp_ctx_set_md(ctx, &ctx->pbm_owf, NID_sha256))
+        goto err;
     ctx->pbm_itercnt = 500;
     ctx->pbm_mac = NID_hmac_sha1;
 
-    ctx->digest = NID_sha256;
+    if (!cmp_ctx_set_md(ctx, &ctx->digest, NID_sha256))
+        goto err;
     ctx->popoMethod = OSSL_CRMF_POPO_SIGNATURE;
     ctx->revocationReason = CRL_REASON_NONE;
 
@@ -124,6 +145,7 @@ OSSL_CMP_CTX *OSSL_CMP_CTX_new(void)
 
  err:
     OSSL_CMP_CTX_free(ctx);
+    X509err(0, ERR_R_MALLOC_FAILURE);
     return NULL;
 }
 
@@ -171,8 +193,10 @@ void OSSL_CMP_CTX_free(OSSL_CMP_CTX *ctx)
     if (ctx->secretValue != NULL)
         OPENSSL_cleanse(ctx->secretValue->data, ctx->secretValue->length);
     ASN1_OCTET_STRING_free(ctx->secretValue);
+    EVP_MD_free(ctx->pbm_owf);
 
     X509_NAME_free(ctx->recipient);
+    EVP_MD_free(ctx->digest);
     ASN1_OCTET_STRING_free(ctx->transactionID);
     ASN1_OCTET_STRING_free(ctx->senderNonce);
     ASN1_OCTET_STRING_free(ctx->recipNonce);
@@ -574,6 +598,8 @@ int OSSL_CMP_CTX_set1_##FIELD(OSSL_CMP_CTX *ctx, const TYPE *val) \
     return 1; \
 }
 
+#define X509_invalid(cert) (!x509v3_cache_extensions(cert))
+#define EVP_PKEY_invalid(key) 0
 #define DEFINE_OSSL_CMP_CTX_set1_up_ref(FIELD, TYPE) \
 int OSSL_CMP_CTX_set1_##FIELD(OSSL_CMP_CTX *ctx, TYPE *val) \
 { \
@@ -582,6 +608,11 @@ int OSSL_CMP_CTX_set1_##FIELD(OSSL_CMP_CTX *ctx, TYPE *val) \
         return 0; \
     } \
     \
+    /* prevent misleading error later on malformed cert or provider issue */ \
+    if (val != NULL && TYPE##_invalid(val)) { \
+        CMPerr(0, CMP_R_POTENTIALLY_INVALID_CERTIFICATE); \
+        return 0; \
+    } \
     if (val != NULL && !TYPE##_up_ref(val)) \
         return 0; \
     TYPE##_free(ctx->FIELD); \
@@ -964,10 +995,12 @@ int OSSL_CMP_CTX_set_option(OSSL_CMP_CTX *ctx, int opt, int val)
         ctx->popoMethod = val;
         break;
     case OSSL_CMP_OPT_DIGEST_ALGNID:
-        ctx->digest = val;
+        if (!cmp_ctx_set_md(ctx, &ctx->digest, val))
+            return 0;
         break;
     case OSSL_CMP_OPT_OWF_ALGNID:
-        ctx->pbm_owf = val;
+        if (!cmp_ctx_set_md(ctx, &ctx->pbm_owf, val))
+            return 0;
         break;
     case OSSL_CMP_OPT_MAC_ALGNID:
         ctx->pbm_mac = val;
@@ -1031,9 +1064,9 @@ int OSSL_CMP_CTX_get_option(const OSSL_CMP_CTX *ctx, int opt)
     case OSSL_CMP_OPT_POPO_METHOD:
         return ctx->popoMethod;
     case OSSL_CMP_OPT_DIGEST_ALGNID:
-        return ctx->digest;
+        return EVP_MD_type(ctx->digest);
     case OSSL_CMP_OPT_OWF_ALGNID:
-        return ctx->pbm_owf;
+        return EVP_MD_type(ctx->pbm_owf);
     case OSSL_CMP_OPT_MAC_ALGNID:
         return ctx->pbm_mac;
     case OSSL_CMP_OPT_MSG_TIMEOUT:
diff --git a/crypto/cmp/cmp_err.c b/crypto/cmp/cmp_err.c
index 87d0f0f1b0..19d1556426 100644
--- a/crypto/cmp/cmp_err.c
+++ b/crypto/cmp/cmp_err.c
@@ -33,8 +33,6 @@ static const ERR_STRING_DATA CMP_str_reasons[] = {
     "cert and key do not match"},
     {ERR_PACK(ERR_LIB_CMP, 0, CMP_R_CHECKAFTER_OUT_OF_RANGE),
     "checkafter out of range"},
-    {ERR_PACK(ERR_LIB_CMP, 0, CMP_R_CHECKING_PBM_NO_SECRET_AVAILABLE),
-    "checking pbm no secret available"},
     {ERR_PACK(ERR_LIB_CMP, 0, CMP_R_ENCOUNTERED_KEYUPDATEWARNING),
     "encountered keyupdatewarning"},
     {ERR_PACK(ERR_LIB_CMP, 0, CMP_R_ENCOUNTERED_WAITING),
@@ -88,6 +86,7 @@ static const ERR_STRING_DATA CMP_str_reasons[] = {
     {ERR_PACK(ERR_LIB_CMP, 0, CMP_R_MISSING_KEY_USAGE_DIGITALSIGNATURE),
     "missing key usage digitalsignature"},
     {ERR_PACK(ERR_LIB_CMP, 0, CMP_R_MISSING_P10CSR), "missing p10csr"},
+    {ERR_PACK(ERR_LIB_CMP, 0, CMP_R_MISSING_PBM_SECRET), "missing pbm secret"},
     {ERR_PACK(ERR_LIB_CMP, 0, CMP_R_MISSING_PRIVATE_KEY),
     "missing private key"},
     {ERR_PACK(ERR_LIB_CMP, 0, CMP_R_MISSING_PROTECTION), "missing protection"},
diff --git a/crypto/cmp/cmp_hdr.c b/crypto/cmp/cmp_hdr.c
index 364d89a9b0..6bd1e581af 100644
--- a/crypto/cmp/cmp_hdr.c
+++ b/crypto/cmp/cmp_hdr.c
@@ -143,26 +143,16 @@ int ossl_cmp_hdr_update_messageTime(OSSL_CMP_PKIHEADER *hdr)
     return ASN1_GENERALIZEDTIME_set(hdr->messageTime, time(NULL)) != NULL;
 }
 
-/* assign to *tgt a copy of src (or if NULL a random byte array of given len) */
-static int set1_aostr_else_random(ASN1_OCTET_STRING **tgt,
-                                  const ASN1_OCTET_STRING *src, size_t len)
+/* assign to *tgt a random byte array of given length */
+static int set_random(ASN1_OCTET_STRING **tgt, OSSL_CMP_CTX *ctx, size_t len)
 {
-    unsigned char *bytes = NULL;
+    unsigned char *bytes = OPENSSL_malloc(len);
     int res = 0;
 
-    if (src == NULL) { /* generate a random value if src == NULL */
-        if ((bytes = OPENSSL_malloc(len)) == NULL)
-            goto err;
-        if (RAND_bytes(bytes, len) <= 0) {
-            CMPerr(0, CMP_R_FAILURE_OBTAINING_RANDOM);
-            goto err;
-        }
+    if (bytes == NULL || RAND_bytes_ex(ctx->libctx, bytes, len) <= 0)
+        CMPerr(0, CMP_R_FAILURE_OBTAINING_RANDOM);
+    else
         res = ossl_cmp_asn1_octet_string_set1_bytes(tgt, bytes, len);
-    } else {
-        res = ossl_cmp_asn1_octet_string_set1(tgt, src);
-    }
-
- err:
     OPENSSL_free(bytes);
     return res;
 }
@@ -287,8 +277,7 @@ int ossl_cmp_hdr_has_implicitConfirm(const OSSL_CMP_PKIHEADER *hdr)
 int ossl_cmp_hdr_set_transactionID(OSSL_CMP_CTX *ctx, OSSL_CMP_PKIHEADER *hdr)
 {
     if (ctx->transactionID == NULL
-            && !set1_aostr_else_random(&ctx->transactionID, NULL,
-                                       OSSL_CMP_TRANSACTIONID_LENGTH))
+        && !set_random(&ctx->transactionID, ctx, OSSL_CMP_TRANSACTIONID_LENGTH))
         return 0;
     return ossl_cmp_asn1_octet_string_set1(&hdr->transactionID,
                                            ctx->transactionID);
@@ -355,8 +344,7 @@ int ossl_cmp_hdr_init(OSSL_CMP_CTX *ctx, OSSL_CMP_PKIHEADER *hdr)
      * is copied from the senderNonce of the previous message in the
      * transaction.
      */
-    if (!set1_aostr_else_random(&hdr->senderNonce, NULL,
-                                OSSL_CMP_SENDERNONCE_LENGTH))
+    if (!set_random(&hdr->senderNonce, ctx, OSSL_CMP_SENDERNONCE_LENGTH))
         return 0;
 
     /* store senderNonce - for cmp with recipNonce in next outgoing msg */
diff --git a/crypto/cmp/cmp_local.h b/crypto/cmp/cmp_local.h
index 84309cc1af..41c10b22c1 100644
--- a/crypto/cmp/cmp_local.h
+++ b/crypto/cmp/cmp_local.h
@@ -28,6 +28,8 @@
  * this structure is used to store the context for CMP sessions
  */
 struct ossl_cmp_ctx_st {
+    OPENSSL_CTX *libctx;
+    const char *propq;
     OSSL_CMP_log_cb_t log_cb; /* log callback for error/debug/etc. output */
     OSSL_CMP_severity log_verbosity; /* level of verbosity of log output */
 
@@ -73,14 +75,14 @@ struct ossl_cmp_ctx_st {
     ASN1_OCTET_STRING *referenceValue; /* optional user name for MSG_MAC_ALG */
     ASN1_OCTET_STRING *secretValue; /* password/shared secret for MSG_MAC_ALG */
     /* PBMParameters for MSG_MAC_ALG */
-    size_t pbm_slen; /* currently fixed to 16 */
-    int pbm_owf; /* NID of one-way function (OWF), default: SHA256 */
-    int pbm_itercnt; /* currently fixed to 500 */
+    size_t pbm_slen; /* salt length, currently fixed to 16 */
+    EVP_MD *pbm_owf; /* one-way function (OWF), default: SHA256 */
+    int pbm_itercnt; /* OWF iteration count, currently fixed to 500 */
     int pbm_mac; /* NID of MAC algorithm, default: HMAC-SHA1 as per RFC 4210 */
 
     /* CMP message header and extra certificates */
     X509_NAME *recipient; /* to set in recipient in pkiheader */
-    int digest; /* NID of digest used in MSG_SIG_ALG and POPO, default SHA256 */
+    EVP_MD *digest; /* digest used in MSG_SIG_ALG and POPO, default SHA256 */
     ASN1_OCTET_STRING *transactionID; /* the current transaction ID */
     ASN1_OCTET_STRING *senderNonce; /* last nonce sent */
     ASN1_OCTET_STRING *recipNonce; /* last nonce received */
@@ -742,7 +744,9 @@ int ossl_cmp_asn1_octet_string_set1(ASN1_OCTET_STRING **tgt,
                                     const ASN1_OCTET_STRING *src);
 int ossl_cmp_asn1_octet_string_set1_bytes(ASN1_OCTET_STRING **tgt,
                                           const unsigned char *bytes, int len);
-STACK_OF(X509) *ossl_cmp_build_cert_chain(STACK_OF(X509) *certs, X509 *cert);
+STACK_OF(X509)
+    *ossl_cmp_build_cert_chain(OPENSSL_CTX *libctx, const char *propq,
+                               STACK_OF(X509) *certs, X509 *cert);
 
 /* from cmp_ctx.c */
 int ossl_cmp_print_log(OSSL_CMP_severity level, const OSSL_CMP_CTX *ctx,
@@ -890,14 +894,14 @@ ossl_cmp_pollrepcontent_get0_pollrep(const OSSL_CMP_POLLREPCONTENT *prc,
 OSSL_CMP_CERTRESPONSE *
 ossl_cmp_certrepmessage_get0_certresponse(const OSSL_CMP_CERTREPMESSAGE *crm,
                                           int rid);
-X509 *ossl_cmp_certresponse_get1_certificate(EVP_PKEY *privkey,
-                                             const OSSL_CMP_CERTRESPONSE *crep);
+X509 *ossl_cmp_certresponse_get1_cert(const OSSL_CMP_CERTRESPONSE *crep,
+                                      const OSSL_CMP_CTX *ctx, EVP_PKEY *pkey);
+OSSL_CMP_MSG *ossl_cmp_msg_load(const char *file);
 
 /* from cmp_protect.c */
-ASN1_BIT_STRING *ossl_cmp_calc_protection(const OSSL_CMP_MSG *msg,
-                                          const ASN1_OCTET_STRING *secret,
-                                          EVP_PKEY *pkey);
 int ossl_cmp_msg_add_extraCerts(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg);
+ASN1_BIT_STRING *ossl_cmp_calc_protection(const OSSL_CMP_CTX *ctx,
+                                          const OSSL_CMP_MSG *msg);
 int ossl_cmp_msg_protect(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg);
 
 /* from cmp_vfy.c */
@@ -906,7 +910,10 @@ typedef int (*ossl_cmp_allow_unprotected_cb_t)(const OSSL_CMP_CTX *ctx,
                                                int invalid_protection, int arg);
 int ossl_cmp_msg_check_update(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg,
                               ossl_cmp_allow_unprotected_cb_t cb, int cb_arg);
-int ossl_cmp_verify_popo(const OSSL_CMP_MSG *msg, int accept_RAVerified);
+int ossl_cmp_msg_check_received(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg,
+                                ossl_cmp_allow_unprotected_cb_t cb, int cb_arg);
+int ossl_cmp_verify_popo(const OSSL_CMP_CTX *ctx,
+                         const OSSL_CMP_MSG *msg, int accept_RAVerified);
 
 /* from cmp_client.c */
 int ossl_cmp_exchange_certConf(OSSL_CMP_CTX *ctx, int fail_info,
diff --git a/crypto/cmp/cmp_msg.c b/crypto/cmp/cmp_msg.c
index d506e7b22b..64e00fc884 100644
--- a/crypto/cmp/cmp_msg.c
+++ b/crypto/cmp/cmp_msg.c
@@ -19,6 +19,7 @@
 #include <openssl/crmf.h>
 #include <openssl/err.h>
 #include <openssl/x509.h>
+#include "crypto/x509.h" /* for x509_set0_libctx() */
 
 DEFINE_STACK_OF(OSSL_CMP_CERTSTATUS)
 DEFINE_STACK_OF(OSSL_CMP_ITAV)
@@ -354,8 +355,9 @@ OSSL_CMP_MSG *ossl_cmp_certreq_new(OSSL_CMP_CTX *ctx, int type,
                                                type == OSSL_CMP_PKIBODY_KUR,
                                                OSSL_CMP_CERTREQID);
             if (local_crm == NULL
-                || !OSSL_CRMF_MSG_create_popo(local_crm, privkey, ctx->digest,
-                                              ctx->popoMethod))
+                || !OSSL_CRMF_MSG_create_popo(ctx->popoMethod, local_crm,
+                                              privkey, ctx->digest,
+                                              ctx->libctx, ctx->propq))
                 goto err;
         } else {
             if ((local_crm = OSSL_CRMF_MSG_dup(crm)) == NULL)
@@ -956,19 +958,18 @@ ossl_cmp_certrepmessage_get0_certresponse(const OSSL_CMP_CERTREPMESSAGE *crm,
     return NULL;
 }
 
-/*
- * CMP_CERTRESPONSE_get1_certificate() attempts to retrieve the returned
- * certificate from the given certResponse B<crep>.
- * Uses the privkey in case of indirect POP from B<ctx>.
+/*-
+ * Retrieve the newly enrolled certificate from the given certResponse crep.
+ * In case of indirect POPO uses the libctx and propq from ctx and private key.
  * Returns a pointer to a copy of the found certificate, or NULL if not found.
  */
-X509 *ossl_cmp_certresponse_get1_certificate(EVP_PKEY *privkey,
-                                             const OSSL_CMP_CERTRESPONSE *crep)
+X509 *ossl_cmp_certresponse_get1_cert(const OSSL_CMP_CERTRESPONSE *crep,
+                                      const OSSL_CMP_CTX *ctx, EVP_PKEY *pkey)
 {
     OSSL_CMP_CERTORENCCERT *coec;
     X509 *crt = NULL;
 
-    if (!ossl_assert(crep != NULL))
+    if (!ossl_assert(crep != NULL && ctx != NULL))
         return NULL;
 
     if (crep->certifiedKeyPair
@@ -979,13 +980,14 @@ X509 *ossl_cmp_certresponse_get1_certificate(EVP_PKEY *privkey,
             break;
         case OSSL_CMP_CERTORENCCERT_ENCRYPTEDCERT:
             /* cert encrypted for indirect PoP; RFC 4210, 5.2.8.2 */
-            if (privkey == NULL) {
+            if (pkey == NULL) {
                 CMPerr(0, CMP_R_MISSING_PRIVATE_KEY);
                 return NULL;
             }
             crt =
                 OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(coec->value.encryptedCert,
-                                                      privkey);
+                                                      ctx->libctx, ctx->propq,
+                                                      pkey);
             break;
         default:
             CMPerr(0, CMP_R_UNKNOWN_CERT_TYPE);
@@ -994,6 +996,8 @@ X509 *ossl_cmp_certresponse_get1_certificate(EVP_PKEY *privkey,
     }
     if (crt == NULL)
         CMPerr(0, CMP_R_CERTIFICATE_NOT_FOUND);
+    else
+        (void)x509_set0_libctx(crt, ctx->libctx, ctx->propq);
     return crt;
 }
 
diff --git a/crypto/cmp/cmp_protect.c b/crypto/cmp/cmp_protect.c
index 0f70c29953..212ef92f50 100644
--- a/crypto/cmp/cmp_protect.c
+++ b/crypto/cmp/cmp_protect.c
@@ -21,67 +21,62 @@
 DEFINE_STACK_OF(X509)
 
 /*
- * This function is also used for verification from cmp_vfy.
+ * This function is also used by the internal verify_PBMAC() in cmp_vfy.c.
  *
- * Calculate protection for given PKImessage utilizing the given credentials
- * and the algorithm parameters set inside the message header's protectionAlg.
+ * Calculate protection for given PKImessage according to
+ * the algorithm and parameters in the message header's protectionAlg
+ * using the credentials, library context, and property criteria in the ctx.
  *
- * secret or pkey must be set. Attempts doing PBMAC in case 'secret' is set
- * and else signature if 'pkey' is set - but will only
- * do the protection already marked in msg->header->protectionAlg.
- *
- * returns ptr to ASN1_BIT_STRING containing protection on success, else NULL
+ * returns ASN1_BIT_STRING representing the protection on success, else NULL
  */
-ASN1_BIT_STRING *ossl_cmp_calc_protection(const OSSL_CMP_MSG *msg,
-                                          const ASN1_OCTET_STRING *secret,
-                                          EVP_PKEY *pkey)
+ASN1_BIT_STRING *ossl_cmp_calc_protection(const OSSL_CMP_CTX *ctx,
+                                          const OSSL_CMP_MSG *msg)
 {
     ASN1_BIT_STRING *prot = NULL;
     OSSL_CMP_PROTECTEDPART prot_part;
     const ASN1_OBJECT *algorOID = NULL;
-    int len;
-    size_t prot_part_der_len;
-    unsigned char *prot_part_der = NULL;
-    size_t sig_len;
-    unsigned char *protection = NULL;
     const void *ppval = NULL;
     int pptype = 0;
-    OSSL_CRMF_PBMPARAMETER *pbm = NULL;
-    ASN1_STRING *pbm_str = NULL;
-    const unsigned char *pbm_str_uc = NULL;
-    EVP_MD_CTX *evp_ctx = NULL;
-    int md_NID;
-    const EVP_MD *md = NULL;
 
-    if (!ossl_assert(msg != NULL))
+    if (!ossl_assert(ctx != NULL && msg != NULL))
         return NULL;
 
     /* construct data to be signed */
     prot_part.header = msg->header;
     prot_part.body = msg->body;
 
-    len = i2d_OSSL_CMP_PROTECTEDPART(&prot_part, &prot_part_der);
-    if (len < 0 || prot_part_der == NULL) {
-        CMPerr(0, CMP_R_ERROR_CALCULATING_PROTECTION);
-        goto end;
-    }
-    prot_part_der_len = (size_t) len;
-
     if (msg->header->protectionAlg == NULL) {
         CMPerr(0, CMP_R_UNKNOWN_ALGORITHM_ID);
-        goto end;
+        return NULL;
     }
     X509_ALGOR_get0(&algorOID, &pptype, &ppval, msg->header->protectionAlg);
 
-    if (secret != NULL) {
+    if (OBJ_obj2nid(algorOID) == NID_id_PasswordBasedMAC) {
+        int len;
+        size_t prot_part_der_len;
+        unsigned char *prot_part_der = NULL;
+        size_t sig_len;
+        unsigned char *protection = NULL;
+        OSSL_CRMF_PBMPARAMETER *pbm = NULL;
+        ASN1_STRING *pbm_str = NULL;
+        const unsigned char *pbm_str_uc = NULL;
+
+        if (ctx->secretValue == NULL) {
+            CMPerr(0, CMP_R_MISSING_PBM_SECRET);
+            return NULL;
+        }
         if (ppval == NULL) {
             CMPerr(0, CMP_R_ERROR_CALCULATING_PROTECTION);
-            goto end;
+            return NULL;
         }
-        if (NID_id_PasswordBasedMAC != OBJ_obj2nid(algorOID)) {
-            CMPerr(0, CMP_R_WRONG_ALGORITHM_OID);
+
+        len = i2d_OSSL_CMP_PROTECTEDPART(&prot_part, &prot_part_der);
+        if (len < 0 || prot_part_der == NULL) {
+            CMPerr(0, CMP_R_ERROR_CALCULATING_PROTECTION);
             goto end;
         }
+        prot_part_der_len = (size_t)len;
+
         pbm_str = (ASN1_STRING *)ppval;
         pbm_str_uc = pbm_str->data;
         pbm = d2i_OSSL_CRMF_PBMPARAMETER(NULL, &pbm_str_uc, pbm_str->length);
@@ -90,50 +85,49 @@ ASN1_BIT_STRING *ossl_cmp_calc_protection(const OSSL_CMP_MSG *msg,
             goto end;
         }
 
-        if (!OSSL_CRMF_pbm_new(pbm, prot_part_der, prot_part_der_len,
-                               secret->data, secret->length,
+        if (!OSSL_CRMF_pbm_new(ctx->libctx, ctx->propq,
+                               pbm, prot_part_der, prot_part_der_len,
+                               ctx->secretValue->data, ctx->secretValue->length,
                                &protection, &sig_len))
             goto end;
-    } else if (pkey != NULL) {
-        /* TODO combine this with large parts of CRMF_poposigningkey_init() */
-        /* EVP_DigestSignInit() checks that pkey type is correct for the alg */
 
-        if (!OBJ_find_sigid_algs(OBJ_obj2nid(algorOID), &md_NID, NULL)
-                || (md = EVP_get_digestbynid(md_NID)) == NULL
-                || (evp_ctx = EVP_MD_CTX_new()) == NULL) {
-            CMPerr(0, CMP_R_UNKNOWN_ALGORITHM_ID);
-            goto end;
-        }
-        if (EVP_DigestSignInit(evp_ctx, NULL, md, NULL, pkey) <= 0
-                || EVP_DigestSignUpdate(evp_ctx, prot_part_der,
-                                        prot_part_der_len) <= 0
-                || EVP_DigestSignFinal(evp_ctx, NULL, &sig_len) <= 0
-                || (protection = OPENSSL_malloc(sig_len)) == NULL
-                || EVP_DigestSignFinal(evp_ctx, protection, &sig_len) <= 0) {
-            CMPerr(0, CMP_R_ERROR_CALCULATING_PROTECTION);
-            goto end;
+        if ((prot = ASN1_BIT_STRING_new()) == NULL)
+            return NULL;
+        /* OpenSSL defaults all bit strings to be encoded as ASN.1 NamedBitList */
+        prot->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
+        prot->flags |= ASN1_STRING_FLAG_BITS_LEFT;
+        if (!ASN1_BIT_STRING_set(prot, protection, sig_len)) {
+            ASN1_BIT_STRING_free(prot);
+            prot = NULL;
         }
+    end:
+        OSSL_CRMF_PBMPARAMETER_free(pbm);
+        OPENSSL_free(protection);
+        OPENSSL_free(prot_part_der);
+        return prot;
     } else {
-        CMPerr(0, CMP_R_INVALID_ARGS);
-        goto end;
-    }
+        int md_nid;
+        const EVP_MD *md = NULL;
 
-    if ((prot = ASN1_BIT_STRING_new()) == NULL)
-        goto end;
-    /* OpenSSL defaults all bit strings to be encoded as ASN.1 NamedBitList */
-    prot->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
-    prot->flags |= ASN1_STRING_FLAG_BITS_LEFT;
-    if (!ASN1_BIT_STRING_set(prot, protection, sig_len)) {
+        if (ctx->pkey == NULL) {
+            CMPerr(0, CMP_R_MISSING_KEY_INPUT_FOR_CREATING_PROTECTION);
+            return NULL;
+        }
+        if (!OBJ_find_sigid_algs(OBJ_obj2nid(algorOID), &md_nid, NULL)
+                || (md = EVP_get_digestbynid(md_nid)) == NULL) {
+            CMPerr(0, CMP_R_UNKNOWN_ALGORITHM_ID);
+            return NULL;
+        }
+
+        if ((prot = ASN1_BIT_STRING_new()) == NULL)
+            return NULL;
+        if (ASN1_item_sign_with_libctx(ASN1_ITEM_rptr(OSSL_CMP_PROTECTEDPART),
+                                       NULL, NULL, prot, &prot_part, NULL,
+                                       ctx->pkey, md, ctx->libctx, ctx->propq))
+            return prot;
         ASN1_BIT_STRING_free(prot);
-        prot = NULL;
+        return NULL;
     }
-
- end:
-    OSSL_CRMF_PBMPARAMETER_free(pbm);
-    EVP_MD_CTX_free(evp_ctx);
-    OPENSSL_free(protection);
-    OPENSSL_free(prot_part_der);
-    return prot;
 }
 
 int ossl_cmp_msg_add_extraCerts(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg)
@@ -154,7 +148,8 @@ int ossl_cmp_msg_add_extraCerts(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg)
         /* if we have untrusted certs, try to add intermediate certs */
         if (ctx->untrusted_certs != NULL) {
             STACK_OF(X509) *chain =
-                ossl_cmp_build_cert_chain(ctx->untrusted_certs, ctx->cert);
+                ossl_cmp_build_cert_chain(ctx->libctx, ctx->propq,
+                                          ctx->untrusted_certs, ctx->cert);
             int res = X509_add_certs(msg->extraCerts, chain,
                                      X509_ADD_FLAG_UP_REF | X509_ADD_FLAG_NO_DUP
                                      | X509_ADD_FLAG_NO_SS);
@@ -181,24 +176,22 @@ int ossl_cmp_msg_add_extraCerts(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg)
 /*
  * Create an X509_ALGOR structure for PasswordBasedMAC protection based on
  * the pbm settings in the context
- * returns pointer to X509_ALGOR on success, NULL on error
  */
-static X509_ALGOR *create_pbmac_algor(OSSL_CMP_CTX *ctx)
+static int set_pbmac_algor(const OSSL_CMP_CTX *ctx, X509_ALGOR **alg)
 {
-    X509_ALGOR *alg = NULL;
     OSSL_CRMF_PBMPARAMETER *pbm = NULL;
     unsigned char *pbm_der = NULL;
     int pbm_der_len;
     ASN1_STRING *pbm_str = NULL;
 
     if (!ossl_assert(ctx != NULL))
-        return NULL;
+        return 0;
 
-    alg = X509_ALGOR_new();
-    pbm = OSSL_CRMF_pbmp_new(ctx->pbm_slen, ctx->pbm_owf, ctx->pbm_itercnt,
+    pbm = OSSL_CRMF_pbmp_new(ctx->libctx, ctx->pbm_slen,
+                             EVP_MD_type(ctx->pbm_owf), ctx->pbm_itercnt,
                              ctx->pbm_mac);
     pbm_str = ASN1_STRING_new();
-    if (alg == NULL || pbm == NULL || pbm_str == NULL)
+    if (pbm == NULL || pbm_str == NULL)
         goto err;
 
     if ((pbm_der_len = i2d_OSSL_CRMF_PBMPARAMETER(pbm, &pbm_der)) < 0)
@@ -206,19 +199,49 @@ static X509_ALGOR *create_pbmac_algor(OSSL_CMP_CTX *ctx)
 
     if (!ASN1_STRING_set(pbm_str, pbm_der, pbm_der_len))
         goto err;
+    if (*alg == NULL && (*alg = X509_ALGOR_new()) == NULL)
+        goto err;
     OPENSSL_free(pbm_der);
 
-    X509_ALGOR_set0(alg, OBJ_nid2obj(NID_id_PasswordBasedMAC),
+    X509_ALGOR_set0(*alg, OBJ_nid2obj(NID_id_PasswordBasedMAC),
                     V_ASN1_SEQUENCE, pbm_str);
     OSSL_CRMF_PBMPARAMETER_free(pbm);
-    return alg;
+    return 1;
 
  err:
     ASN1_STRING_free(pbm_str);
-    X509_ALGOR_free(alg);
     OPENSSL_free(pbm_der);
     OSSL_CRMF_PBMPARAMETER_free(pbm);
-    return NULL;
+    return 0;
+}
+
+static int set_sig_algor(const OSSL_CMP_CTX *ctx, X509_ALGOR **alg)
+{
+    int nid = 0;
+    ASN1_OBJECT *algo = NULL;
+
+    if (!OBJ_find_sigid_by_algs(&nid, EVP_MD_type(ctx->digest),
+                                EVP_PKEY_id(ctx->pkey))) {
+        CMPerr(0, CMP_R_UNSUPPORTED_KEY_TYPE);
+        return 0;
+    }
+    if ((algo = OBJ_nid2obj(nid)) == NULL)
+        return 0;
+    if (*alg == NULL && (*alg = X509_ALGOR_new()) == NULL)
+        return 0;
+
+    if (X509_ALGOR_set0(*alg, algo, V_ASN1_UNDEF, NULL))
+        return 1;
+    ASN1_OBJECT_free(algo);
+    return 0;
+}
+
+static int set_senderKID(const OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg,
+                         const ASN1_OCTET_STRING *id)
+{
+    if (id == NULL)
+        id = ctx->referenceValue; /* standard for PBM, fallback for sig-based */
+    return id == NULL || ossl_cmp_hdr_set1_senderKID(msg->header, id);
 }
 
 int ossl_cmp_msg_protect(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg)
@@ -240,20 +263,18 @@ int ossl_cmp_msg_protect(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg)
 
     /* use PasswordBasedMac according to 5.1.3.1 if secretValue is given */
     if (ctx->secretValue != NULL) {
-        if ((msg->header->protectionAlg = create_pbmac_algor(ctx)) == NULL)
+        if (!set_pbmac_algor(ctx, &msg->header->protectionAlg))
             goto err;
-        if (ctx->referenceValue != NULL
-                && !ossl_cmp_hdr_set1_senderKID(msg->header,
-                                                ctx->referenceValue))
+        if (!set_senderKID(ctx, msg, NULL))
             goto err;
-    } else if (ctx->cert != NULL && ctx->pkey != NULL) {
+
         /*
-         * use MSG_SIG_ALG according to 5.1.3.3 if client Certificate and
-         * private key is given
+         * will add any additional certificates from ctx->extraCertsOut
+         * while not needed to validate the protection certificate,
+         * the option to do this might be handy for certain use cases
          */
-        const ASN1_OCTET_STRING *subjKeyIDStr = NULL;
-        int algNID = 0;
-        ASN1_OBJECT *alg = NULL;
+    } else if (ctx->cert != NULL && ctx->pkey != NULL) {
+        /* use MSG_SIG_ALG according to 5.1.3.3 if client cert and key given */
 
         /* make sure that key and certificate match */
         if (!X509_check_private_key(ctx->cert, ctx->pkey)) {
@@ -261,37 +282,21 @@ int ossl_cmp_msg_protect(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg)
             goto err;
         }
 
-        if ((msg->header->protectionAlg = X509_ALGOR_new()) == NULL)
-            goto err;
-        if (!OBJ_find_sigid_by_algs(&algNID, ctx->digest,
-                                    EVP_PKEY_id(ctx->pkey))) {
-            CMPerr(0, CMP_R_UNSUPPORTED_KEY_TYPE);
-            goto err;
-        }
-        if ((alg = OBJ_nid2obj(algNID)) == NULL)
+        if (!set_sig_algor(ctx, &msg->header->protectionAlg))
             goto err;
-        if (!X509_ALGOR_set0(msg->header->protectionAlg, alg,
-                             V_ASN1_UNDEF, NULL)) {
-            ASN1_OBJECT_free(alg);
+        /* set senderKID to keyIdentifier of the cert according to 5.1.1 */
+        if (!set_senderKID(ctx, msg, X509_get0_subject_key_id(ctx->cert)))
             goto err;
-        }
 
         /*
-         * set senderKID to keyIdentifier of the used certificate according
-         * to section 5.1.1
+         * will add ctx->cert followed, if possible, by its chain built
+         * from ctx->untrusted_certs, and then ctx->extraCertsOut
          */
-        subjKeyIDStr = X509_get0_subject_key_id(ctx->cert);
-        if (subjKeyIDStr == NULL)
-            subjKeyIDStr = ctx->referenceValue; /* fallback */
-        if (subjKeyIDStr != NULL
-                && !ossl_cmp_hdr_set1_senderKID(msg->header, subjKeyIDStr))
-            goto err;
     } else {
         CMPerr(0, CMP_R_MISSING_KEY_INPUT_FOR_CREATING_PROTECTION);
         goto err;
     }
-    if ((msg->protection =
-         ossl_cmp_calc_protection(msg, ctx->secretValue, ctx->pkey)) == NULL)
+    if ((msg->protection = ossl_cmp_calc_protection(ctx, msg)) == NULL)
         goto err;
 
     /*
diff --git a/crypto/cmp/cmp_server.c b/crypto/cmp/cmp_server.c
index a9a86cb5de..2ba6cb7984 100644
--- a/crypto/cmp/cmp_server.c
+++ b/crypto/cmp/cmp_server.c
@@ -53,14 +53,14 @@ void OSSL_CMP_SRV_CTX_free(OSSL_CMP_SRV_CTX *srv_ctx)
     OPENSSL_free(srv_ctx);
 }
 
-OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(void)
+OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(OPENSSL_CTX *libctx, const char *propq)
 {
     OSSL_CMP_SRV_CTX *ctx = OPENSSL_zalloc(sizeof(OSSL_CMP_SRV_CTX));
 
     if (ctx == NULL)
         goto err;
 
-    if ((ctx->ctx = OSSL_CMP_CTX_new()) == NULL)
+    if ((ctx->ctx = OSSL_CMP_CTX_new(libctx, propq)) == NULL)
         goto err;
 
     /* all other elements are initialized to 0 or NULL, respectively */
@@ -206,7 +206,7 @@ static OSSL_CMP_MSG *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
         certReqId = OSSL_CRMF_MSG_get_certReqId(crm);
     }
 
-    if (!ossl_cmp_verify_popo(req, srv_ctx->acceptRAVerified)) {
+    if (!ossl_cmp_verify_popo(srv_ctx->ctx, req, srv_ctx->acceptRAVerified)) {
         /* Proof of possession could not be verified */
         si = OSSL_CMP_STATUSINFO_new(OSSL_CMP_PKISTATUS_rejection,
                                      1 << OSSL_CMP_PKIFAILUREINFO_badPOP,
diff --git a/crypto/cmp/cmp_util.c b/crypto/cmp/cmp_util.c
index 0ec69d0bb5..c4797f1691 100644
--- a/crypto/cmp/cmp_util.c
+++ b/crypto/cmp/cmp_util.c
@@ -206,19 +206,19 @@ int ossl_cmp_X509_STORE_add1_certs(X509_STORE *store, STACK_OF(X509) *certs,
 }
 
 /*-
- * Builds up the certificate chain of certs as high up as possible using
- * the given list of certs containing all possible intermediate certificates and
- * optionally the (possible) trust anchor(s). See also ssl_add_cert_chain().
+ * Builds up the chain of intermediate CA certificates
+ * starting from the given certificate <cert> as high up as possible using
+ * the given list of candidate certificates, similarly to ssl_add_cert_chain().
  *
  * Intended use of this function is to find all the certificates above the trust
  * anchor needed to verify an EE's own certificate.  Those are supposed to be
- * included in the ExtraCerts field of every first sent message of a transaction
+ * included in the ExtraCerts field of every first CMP message of a transaction
  * when MSG_SIG_ALG is utilized.
  *
  * NOTE: This allocates a stack and increments the reference count of each cert,
  * so when not needed any more the stack and all its elements should be freed.
- * NOTE: in case there is more than one possibility for the chain,
- * OpenSSL seems to take the first one, check X509_verify_cert() for details.
+ * NOTE: In case there is more than one possibility for the chain,
+ * OpenSSL seems to take the first one; check X509_verify_cert() for details.
  *
  * returns a pointer to a stack of (up_ref'ed) X509 certificates containing:
  *      - the EE certificate given in the function arguments (cert)
@@ -226,7 +226,9 @@ int ossl_cmp_X509_STORE_add1_certs(X509_STORE *store, STACK_OF(X509) *certs,
  *        whereas the (self-signed) trust anchor is not included
  * returns NULL on error
  */
-STACK_OF(X509) *ossl_cmp_build_cert_chain(STACK_OF(X509) *certs, X509 *cert)
+STACK_OF(X509)
+    *ossl_cmp_build_cert_chain(OPENSSL_CTX *libctx, const char *propq,
+                               STACK_OF(X509) *certs, X509 *cert)
 {
     STACK_OF(X509) *chain = NULL, *result = NULL;
     X509_STORE *store = X509_STORE_new();
@@ -237,7 +239,7 @@ STACK_OF(X509) *ossl_cmp_build_cert_chain(STACK_OF(X509) *certs, X509 *cert)
         goto err;
     }
 
-    csc = X509_STORE_CTX_new();
+    csc = X509_STORE_CTX_new_with_libctx(libctx, propq);
     if (csc == NULL)
         goto err;
 
diff --git a/crypto/cmp/cmp_vfy.c b/crypto/cmp/cmp_vfy.c
index 27dc612baf..b50a3fe83a 100644
--- a/crypto/cmp/cmp_vfy.c
+++ b/crypto/cmp/cmp_vfy.c
@@ -24,23 +24,12 @@
 
 DEFINE_STACK_OF(X509)
 
-/*-
- * Verify a message protected by signature according to section 5.1.3.3
- * (sha1+RSA/DSA or any other algorithm supported by OpenSSL).
- *
- * Returns 1 on successful validation and 0 otherwise.
- */
+/* Verify a message protected by signature according to RFC section 5.1.3.3 */
 static int verify_signature(const OSSL_CMP_CTX *cmp_ctx,
                             const OSSL_CMP_MSG *msg, X509 *cert)
 {
-    EVP_MD_CTX *ctx = NULL;
     OSSL_CMP_PROTECTEDPART prot_part;
-    int digest_nid, pk_nid;
-    const EVP_MD *digest = NULL;
     EVP_PKEY *pubkey = NULL;
-    int len;
-    size_t prot_part_der_len = 0;
-    unsigned char *prot_part_der = NULL;
     BIO *bio = BIO_new(BIO_s_mem()); /* may be NULL */
     int res = 0;
 
@@ -60,35 +49,13 @@ static int verify_signature(const OSSL_CMP_CTX *cmp_ctx,
         goto sig_err;
     }
 
-    /* create the DER representation of protected part */
     prot_part.header = msg->header;
     prot_part.body = msg->body;
 
-    len = i2d_OSSL_CMP_PROTECTEDPART(&prot_part, &prot_part_der);
-    if (len < 0 || prot_part_der == NULL)
-        goto end;
-    prot_part_der_len = (size_t) len;
-
-    /* verify signature of protected part */
-    if (!OBJ_find_sigid_algs(ossl_cmp_hdr_get_protection_nid(msg->header),
-                             &digest_nid, &pk_nid)
-            || digest_nid == NID_undef || pk_nid == NID_undef
-            || (digest = EVP_get_digestbynid(digest_nid)) == NULL) {
-        CMPerr(0, CMP_R_ALGORITHM_NOT_SUPPORTED);
-        goto sig_err;
-    }
-
-    /* check msg->header->protectionAlg is consistent with public key type */
-    if (EVP_PKEY_type(pk_nid) != EVP_PKEY_base_id(pubkey)) {
-        CMPerr(0, CMP_R_WRONG_ALGORITHM_OID);
-        goto sig_err;
-    }
-    if ((ctx = EVP_MD_CTX_new()) == NULL)
-        goto end;
-    if (EVP_DigestVerifyInit(ctx, NULL, digest, NULL, pubkey)
-            && EVP_DigestVerify(ctx, msg->protection->data,
-                                msg->protection->length,
-                                prot_part_der, prot_part_der_len) == 1) {
+    if (ASN1_item_verify_with_libctx(ASN1_ITEM_rptr(OSSL_CMP_PROTECTEDPART),
+                                     msg->header->protectionAlg,
+                                     msg->protection, &prot_part, NULL, pubkey,
+                                     cmp_ctx->libctx, cmp_ctx->propq) > 0) {
         res = 1;
         goto end;
     }
@@ -101,8 +68,6 @@ static int verify_signature(const OSSL_CMP_CTX *cmp_ctx,
     res = 0;
 
  end:
-    EVP_MD_CTX_free(ctx);
-    OPENSSL_free(prot_part_der);
     EVP_PKEY_free(pubkey);
     BIO_free(bio);
 
@@ -110,14 +75,13 @@ static int verify_signature(const OSSL_CMP_CTX *cmp_ctx,
 }
 
 /* Verify a message protected with PBMAC */
-static int verify_PBMAC(const OSSL_CMP_MSG *msg,
-                        const ASN1_OCTET_STRING *secret)
+static int verify_PBMAC(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg)
 {
     ASN1_BIT_STRING *protection = NULL;
     int valid = 0;
 
     /* generate expected protection for the message */
-    if ((protection = ossl_cmp_calc_protection(msg, secret, NULL)) == NULL)
+    if ((protection = ossl_cmp_calc_protection(ctx, msg)) == NULL)
         return 0; /* failed to generate protection string! */
 
     valid = msg->protection != NULL && msg->protection->length >= 0
@@ -156,7 +120,7 @@ int OSSL_CMP_validate_cert_path(const OSSL_CMP_CTX *ctx,
         return 0;
     }
 
-    if ((csc = X509_STORE_CTX_new()) == NULL
+    if ((csc = X509_STORE_CTX_new_with_libctx(ctx->libctx, ctx->propq)) == NULL
             || !X509_STORE_CTX_init(csc, trusted_store,
                                     cert, ctx->untrusted_certs))
         goto err;
@@ -304,18 +268,23 @@ static int cert_acceptable(const OSSL_CMP_CTX *ctx,
 
     if (!check_kid(ctx, X509_get0_subject_key_id(cert), msg->header->senderKID))
         return 0;
+    /* prevent misleading error later in case x509v3_cache_extensions() fails */
+    if (!x509v3_cache_extensions(cert)) {
+        ossl_cmp_warn(ctx, "cert appears to be invalid");
+        return 0;
+    }
+    if (!verify_signature(ctx, msg, cert)) {
+        ossl_cmp_warn(ctx, "msg signature verification failed");
+        return 0;
+    }
     /* acceptable also if there is no senderKID in msg header */
     ossl_cmp_info(ctx, " cert seems acceptable");
     return 1;
 }
 
-static int check_msg_valid_cert(const OSSL_CMP_CTX *ctx, X509_STORE *store,
-                                X509 *scrt, const OSSL_CMP_MSG *msg)
+static int check_cert_path(const OSSL_CMP_CTX *ctx, X509_STORE *store,
+                           X509 *scrt)
 {
-    if (!verify_signature(ctx, msg, scrt)) {
-        ossl_cmp_warn(ctx, "msg signature verification failed");
-        return 0;
-    }
     if (OSSL_CMP_validate_cert_path(ctx, store, scrt))
         return 1;
 
@@ -328,11 +297,11 @@ static int check_msg_valid_cert(const OSSL_CMP_CTX *ctx, X509_STORE *store,
  * Exceptional handling for 3GPP TS 33.310 [3G/LTE Network Domain Security
  * (NDS); Authentication Framework (AF)], only to use for IP messages
  * and if the ctx option is explicitly set: use self-issued certificates
- * from extraCerts as trust anchor to validate sender cert and msg -
+ * from extraCerts as trust anchor to validate sender cert -
  * provided it also can validate the newly enrolled certificate
  */
-static int check_msg_valid_cert_3gpp(const OSSL_CMP_CTX *ctx, X509 *scrt,
-                                     const OSSL_CMP_MSG *msg)
+static int check_cert_path_3gpp(const OSSL_CMP_CTX *ctx,
+                                const OSSL_CMP_MSG *msg, X509 *scrt)
 {
     int valid = 0;
     X509_STORE *store;
@@ -355,11 +324,11 @@ static int check_msg_valid_cert_3gpp(const OSSL_CMP_CTX *ctx, X509 *scrt,
          * verify that the newly enrolled certificate (which assumed rid ==
          * OSSL_CMP_CERTREQID) can also be validated with the same trusted store
          */
-        EVP_PKEY *privkey = OSSL_CMP_CTX_get0_newPkey(ctx, 1);
+        EVP_PKEY *pkey = OSSL_CMP_CTX_get0_newPkey(ctx, 1);
         OSSL_CMP_CERTRESPONSE *crep =
             ossl_cmp_certrepmessage_get0_certresponse(msg->body->value.ip,
                                                       OSSL_CMP_CERTREQID);
-        X509 *newcrt = ossl_cmp_certresponse_get1_certificate(privkey, crep);
+        X509 *newcrt = ossl_cmp_certresponse_get1_cert(crep, ctx, pkey);
         /*
          * maybe better use get_cert_status() from cmp_client.c, which catches
          * errors
@@ -378,8 +347,8 @@ static int check_msg_given_cert(const OSSL_CMP_CTX *ctx, X509 *cert,
 {
     return cert_acceptable(ctx, "previously validated", "sender cert",
                            cert, NULL, NULL, msg)
-        && (check_msg_valid_cert(ctx, ctx->trusted, cert, msg)
-            || check_msg_valid_cert_3gpp(ctx, cert, msg));
+        && (check_cert_path(ctx, ctx->trusted, cert)
+            || check_cert_path_3gpp(ctx, msg, cert));
 }
 
 /*-
@@ -411,8 +380,8 @@ static int check_msg_with_certs(OSSL_CMP_CTX *ctx, const STACK_OF(X509) *certs,
                              already_checked1, already_checked2, msg))
             continue;
         n_acceptable_certs++;
-        if (mode_3gpp ? check_msg_valid_cert_3gpp(ctx, cert, msg)
-                      : check_msg_valid_cert(ctx, ctx->trusted, cert, msg)) {
+        if (mode_3gpp ? check_cert_path_3gpp(ctx, msg, cert)
+                      : check_cert_path(ctx, ctx->trusted, cert)) {
             /* store successful sender cert for further msgs in transaction */
             if (!X509_up_ref(cert))
                 return 0;
@@ -598,13 +567,34 @@ int OSSL_CMP_validate_msg(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg)
     switch (ossl_cmp_hdr_get_protection_nid(msg->header)) {
         /* 5.1.3.1.  Shared Secret Information */
     case NID_id_PasswordBasedMAC:
-        if (ctx->secretValue == 0) {
-            CMPerr(0, CMP_R_CHECKING_PBM_NO_SECRET_AVAILABLE);
-            break;
-        }
-
-        if (verify_PBMAC(msg, ctx->secretValue))
+        if (verify_PBMAC(ctx, msg)) {
+            /*
+             * RFC 4210, 5.3.2: 'Note that if the PKI Message Protection is
+             * "shared secret information", then any certificate transported in
+             * the caPubs field may be directly trusted as a root CA
+             * certificate by the initiator.'
+             */
+            switch (ossl_cmp_msg_get_bodytype(msg)) {
+            case -1:
+                return 0;
+            case OSSL_CMP_PKIBODY_IP:
+            case OSSL_CMP_PKIBODY_CP:
+            case OSSL_CMP_PKIBODY_KUP:
+            case OSSL_CMP_PKIBODY_CCP:
+                if (ctx->trusted != NULL) {
+                    STACK_OF(X509) *certs = msg->body->value.ip->caPubs;
+                    /* value.ip is same for cp, kup, and ccp */
+
+                    if (!ossl_cmp_X509_STORE_add1_certs(ctx->trusted, certs, 0))
+                        /* adds both self-issued and not self-issued certs */
+                        return 0;
+                }
+                break;
+            default:
+                break;
+            }
             return 1;
+        }
         break;
 
         /*
@@ -802,7 +792,7 @@ int ossl_cmp_msg_check_update(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg,
                 if (!ossl_cmp_X509_STORE_add1_certs(ctx->trusted, certs, 0))
                     /* adds both self-issued and not self-issued certs */
                     return 0;
-                }
+            }
             break;
         default:
             break;
@@ -811,7 +801,8 @@ int ossl_cmp_msg_check_update(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg,
     return 1;
 }
 
-int ossl_cmp_verify_popo(const OSSL_CMP_MSG *msg, int accept_RAVerified)
+int ossl_cmp_verify_popo(const OSSL_CMP_CTX *ctx,
+                         const OSSL_CMP_MSG *msg, int acceptRAVerified)
 {
     if (!ossl_assert(msg != NULL && msg->body != NULL))
         return 0;
@@ -820,7 +811,8 @@ int ossl_cmp_verify_popo(const OSSL_CMP_MSG *msg, int accept_RAVerified)
         {
             X509_REQ *req = msg->body->value.p10cr;
 
-            if (X509_REQ_verify(req, X509_REQ_get0_pubkey(req)) <= 0) {
+            if (X509_REQ_verify_with_libctx(req, X509_REQ_get0_pubkey(req),
+                                            ctx->libctx, ctx->propq) <= 0) {
 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
                 CMPerr(0, CMP_R_REQUEST_NOT_ACCEPTED);
                 return 0;
@@ -832,7 +824,8 @@ int ossl_cmp_verify_popo(const OSSL_CMP_MSG *msg, int accept_RAVerified)
     case OSSL_CMP_PKIBODY_CR:
     case OSSL_CMP_PKIBODY_KUR:
         if (!OSSL_CRMF_MSGS_verify_popo(msg->body->value.ir, OSSL_CMP_CERTREQID,
-                                        accept_RAVerified)) {
+                                        acceptRAVerified,
+                                        ctx->libctx, ctx->propq)) {
 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
             return 0;
 #endif
diff --git a/crypto/crmf/crmf_err.c b/crypto/crmf/crmf_err.c
index 159d5b2c91..61a1488838 100644
--- a/crypto/crmf/crmf_err.c
+++ b/crypto/crmf/crmf_err.c
@@ -30,6 +30,8 @@ static const ERR_STRING_DATA CRMF_str_reasons[] = {
     "iterationcount below 100"},
     {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_MALFORMED_IV), "malformed iv"},
     {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_NULL_ARGUMENT), "null argument"},
+    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_POPOSKINPUT_NOT_SUPPORTED),
+    "poposkinput not supported"},
     {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_POPO_INCONSISTENT_PUBLIC_KEY),
     "popo inconsistent public key"},
     {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_POPO_MISSING), "popo missing"},
@@ -45,8 +47,6 @@ static const ERR_STRING_DATA CRMF_str_reasons[] = {
     "setting owf algor failure"},
     {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_UNSUPPORTED_ALGORITHM),
     "unsupported algorithm"},
-    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_UNSUPPORTED_ALG_FOR_POPSIGNINGKEY),
-    "unsupported alg for popsigningkey"},
     {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_UNSUPPORTED_CIPHER),
     "unsupported cipher"},
     {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_UNSUPPORTED_METHOD_FOR_CREATING_POPO),
diff --git a/crypto/crmf/crmf_lib.c b/crypto/crmf/crmf_lib.c
index 7530120ff3..3202f357c1 100644
--- a/crypto/crmf/crmf_lib.c
+++ b/crypto/crmf/crmf_lib.c
@@ -353,57 +353,47 @@ int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm,
     return 0;
 }
 
-/* TODO: support cases 1+2 (besides case 3) defined in RFC 4211, section 4.1. */
-static int CRMF_poposigningkey_init(OSSL_CRMF_POPOSIGNINGKEY *ps,
-                                    OSSL_CRMF_CERTREQUEST *cr,
-                                    EVP_PKEY *pkey, int dgst)
+static int create_popo_signature(OSSL_CRMF_POPOSIGNINGKEY *ps,
+                                 const OSSL_CRMF_CERTREQUEST *cr,
+                                 EVP_PKEY *pkey, const EVP_MD *digest,
+                                 OPENSSL_CTX *libctx, const char *propq)
 {
-    int ret = 0;
-    EVP_MD *fetched_md = NULL;
-    const EVP_MD *md = EVP_get_digestbynid(dgst);
-
     if (ps == NULL || cr == NULL || pkey == NULL) {
-        CRMFerr(CRMF_F_CRMF_POPOSIGNINGKEY_INIT, CRMF_R_NULL_ARGUMENT);
+        CRMFerr(0, CRMF_R_NULL_ARGUMENT);
         return 0;
     }
-
-    /* If we didn't find legacy MD, we try an implicit fetch */
-    if (md == NULL)
-        md = fetched_md = EVP_MD_fetch(NULL, OBJ_nid2sn(dgst), NULL);
-
-    if (md == NULL) {
-        CRMFerr(CRMF_F_CRMF_POPOSIGNINGKEY_INIT,
-                CRMF_R_UNSUPPORTED_ALG_FOR_POPSIGNINGKEY);
+    if (ps->poposkInput != NULL) {
+        /* TODO: support cases 1+2 defined in RFC 4211, section 4.1 */
+        CRMFerr(0, CRMF_R_POPOSKINPUT_NOT_SUPPORTED);
         return 0;
     }
 
-    ret = ASN1_item_sign(ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST),
-                         ps->algorithmIdentifier, NULL, ps->signature,
-                         cr, pkey, md);
-
-    EVP_MD_free(fetched_md);
-    return ret;
+    return ASN1_item_sign_with_libctx(ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST),
+                                      ps->algorithmIdentifier, NULL,
+                                      ps->signature, cr, NULL, pkey, digest,
+                                      libctx, propq);
 }
 
 
-int OSSL_CRMF_MSG_create_popo(OSSL_CRMF_MSG *crm, EVP_PKEY *pkey,
-                              int dgst, int ppmtd)
+int OSSL_CRMF_MSG_create_popo(int meth, OSSL_CRMF_MSG *crm,
+                              EVP_PKEY *pkey, const EVP_MD *digest,
+                              OPENSSL_CTX *libctx, const char *propq)
 {
     OSSL_CRMF_POPO *pp = NULL;
     ASN1_INTEGER *tag = NULL;
 
-    if (crm == NULL || (ppmtd == OSSL_CRMF_POPO_SIGNATURE && pkey == NULL)) {
+    if (crm == NULL || (meth == OSSL_CRMF_POPO_SIGNATURE && pkey == NULL)) {
         CRMFerr(CRMF_F_OSSL_CRMF_MSG_CREATE_POPO, CRMF_R_NULL_ARGUMENT);
         return 0;
     }
 
-    if (ppmtd == OSSL_CRMF_POPO_NONE)
+    if (meth == OSSL_CRMF_POPO_NONE)
         goto end;
     if ((pp = OSSL_CRMF_POPO_new()) == NULL)
         goto err;
-    pp->type = ppmtd;
+    pp->type = meth;
 
-    switch (ppmtd) {
+    switch (meth) {
     case OSSL_CRMF_POPO_RAVERIFIED:
         if ((pp->value.raVerified = ASN1_NULL_new()) == NULL)
             goto err;
@@ -412,8 +402,11 @@ int OSSL_CRMF_MSG_create_popo(OSSL_CRMF_MSG *crm, EVP_PKEY *pkey,
     case OSSL_CRMF_POPO_SIGNATURE:
         {
             OSSL_CRMF_POPOSIGNINGKEY *ps = OSSL_CRMF_POPOSIGNINGKEY_new();
-            if (ps == NULL
-                    || !CRMF_poposigningkey_init(ps, crm->certReq, pkey, dgst)) {
+
+            if (ps == NULL)
+                goto err;
+            if (!create_popo_signature(ps, crm->certReq, pkey, digest,
+                                       libctx, propq)) {
                 OSSL_CRMF_POPOSIGNINGKEY_free(ps);
                 goto err;
             }
@@ -451,11 +444,14 @@ int OSSL_CRMF_MSG_create_popo(OSSL_CRMF_MSG *crm, EVP_PKEY *pkey,
 
 /* verifies the Proof-of-Possession of the request with the given rid in reqs */
 int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs,
-                               int rid, int acceptRAVerified)
+                               int rid, int acceptRAVerified,
+                               OPENSSL_CTX *libctx, const char *propq)
 {
     OSSL_CRMF_MSG *req = NULL;
     X509_PUBKEY *pubkey = NULL;
     OSSL_CRMF_POPOSIGNINGKEY *sig = NULL;
+    const ASN1_ITEM *it;
+    void *asn;
 
     if (reqs == NULL || (req = sk_OSSL_CRMF_MSG_value(reqs, rid)) == NULL) {
         CRMFerr(CRMF_F_OSSL_CRMF_MSGS_VERIFY_POPO, CRMF_R_NULL_ARGUMENT);
@@ -499,21 +495,21 @@ int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs,
              * TODO check the contents of the authInfo sub-field,
              * see RFC 4211 https://tools.ietf.org/html/rfc4211#section-4.1
              */
-            if (ASN1_item_verify(ASN1_ITEM_rptr(OSSL_CRMF_POPOSIGNINGKEYINPUT),
-                                 sig->algorithmIdentifier, sig->signature,
-                                 sig->poposkInput,
-                                 X509_PUBKEY_get0(pubkey)) < 1)
-                return 0;
+            it = ASN1_ITEM_rptr(OSSL_CRMF_POPOSIGNINGKEYINPUT);
+            asn = sig->poposkInput;
         } else {
             if (req->certReq->certTemplate->subject == NULL) {
                 CRMFerr(0, CRMF_R_POPO_MISSING_SUBJECT);
                 return 0;
             }
-            if (ASN1_item_verify(ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST),
-                                 sig->algorithmIdentifier, sig->signature,
-                                 req->certReq, X509_PUBKEY_get0(pubkey)) < 1)
-                return 0;
+            it = ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST);
+            asn = req->certReq;
         }
+        if (ASN1_item_verify_with_libctx(it, sig->algorithmIdentifier,
+                                         sig->signature, asn, NULL,
+                                         X509_PUBKEY_get0(pubkey),
+                                         libctx, propq) < 1)
+            return 0;
         break;
     case OSSL_CRMF_POPO_KEYENC:
         /*
@@ -594,8 +590,10 @@ int OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE *tmpl,
  * returns a pointer to the decrypted certificate
  * returns NULL on error or if no certificate available
  */
-X509 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecert,
-                                            EVP_PKEY *pkey)
+X509
+*OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecert,
+                                       OPENSSL_CTX *libctx, const char *propq,
+                                       EVP_PKEY *pkey)
 {
     X509 *cert = NULL; /* decrypted certificate */
     EVP_CIPHER_CTX *evp_ctx = NULL; /* context for symmetric encryption */
@@ -629,7 +627,7 @@ X509 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecer
     }
     cikeysize = EVP_CIPHER_key_length(cipher);
     /* first the symmetric key needs to be decrypted */
-    pkctx = EVP_PKEY_CTX_new(pkey, NULL);
+    pkctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq);
     if (pkctx != NULL && EVP_PKEY_decrypt_init(pkctx)) {
         ASN1_BIT_STRING *encKey = ecert->encSymmKey;
         size_t failure;
@@ -685,10 +683,11 @@ X509 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecer
     outlen += n;
 
     /* convert decrypted certificate from DER to internal ASN.1 structure */
-    if ((cert = d2i_X509(NULL, &p, outlen)) == NULL) {
+    if ((cert = X509_new_with_libctx(libctx, propq)) == NULL)
+        goto end;
+    if (d2i_X509(&cert, &p, outlen) == NULL)
         CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT,
                 CRMF_R_ERROR_DECODING_CERTIFICATE);
-    }
  end:
     EVP_PKEY_CTX_free(pkctx);
     OPENSSL_free(outbuf);
diff --git a/crypto/crmf/crmf_pbm.c b/crypto/crmf/crmf_pbm.c
index f674eeeff7..3aedf8b57f 100644
--- a/crypto/crmf/crmf_pbm.c
+++ b/crypto/crmf/crmf_pbm.c
@@ -29,14 +29,15 @@
 
 /*-
  * creates and initializes OSSL_CRMF_PBMPARAMETER (section 4.4)
- * |slen| SHOULD be > 8    (16 is common)
+ * |slen| SHOULD be at least 8 (16 is common)
  * |owfnid| e.g., NID_sha256
- * |itercnt| MUST be > 100 (500 is common)
+ * |itercnt| MUST be >= 100 (e.g., 500) and <= OSSL_CRMF_PBM_MAX_ITERATION_COUNT
  * |macnid| e.g., NID_hmac_sha1
  * returns pointer to OSSL_CRMF_PBMPARAMETER on success, NULL on error
  */
-OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(size_t slen, int owfnid,
-                                           int itercnt, int macnid)
+OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(OPENSSL_CTX *libctx, size_t slen,
+                                           int owfnid, size_t itercnt,
+                                           int macnid)
 {
     OSSL_CRMF_PBMPARAMETER *pbm = NULL;
     unsigned char *salt = NULL;
@@ -51,7 +52,7 @@ OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(size_t slen, int owfnid,
      */
     if ((salt = OPENSSL_malloc(slen)) == NULL)
         goto err;
-    if (RAND_bytes(salt, (int)slen) <= 0) {
+    if (RAND_bytes_ex(libctx, salt, (int)slen) <= 0) {
         CRMFerr(CRMF_F_OSSL_CRMF_PBMP_NEW, CRMF_R_FAILURE_OBTAINING_RANDOM);
         goto err;
     }
@@ -82,6 +83,10 @@ OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(size_t slen, int owfnid,
         CRMFerr(CRMF_F_OSSL_CRMF_PBMP_NEW, CRMF_R_ITERATIONCOUNT_BELOW_100);
         goto err;
     }
+    if (itercnt > OSSL_CRMF_PBM_MAX_ITERATION_COUNT) {
+        CRMFerr(CRMF_F_OSSL_CRMF_PBMP_NEW, CRMF_R_BAD_PBM_ITERATIONCOUNT);
+        goto err;
+    }
 
     if (!ASN1_INTEGER_set(pbm->iterationCount, itercnt)) {
         CRMFerr(CRMF_F_OSSL_CRMF_PBMP_NEW, CRMF_R_CRMFERROR);
@@ -117,14 +122,16 @@ OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(size_t slen, int owfnid,
  * |maclen| if not NULL, will set variable to the length of the mac on success
  * returns 1 on success, 0 on error
  */
-int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp,
+/* TODO try to combine with other MAC calculations in the libray */
+int OSSL_CRMF_pbm_new(OPENSSL_CTX *libctx, const char *propq,
+                      const OSSL_CRMF_PBMPARAMETER *pbmp,
                       const unsigned char *msg, size_t msglen,
                       const unsigned char *sec, size_t seclen,
                       unsigned char **out, size_t *outlen)
 {
     int mac_nid, hmac_md_nid = NID_undef;
-    const char *mdname = NULL;
-    const EVP_MD *m = NULL;
+    const char *mdname;
+    EVP_MD *owf = NULL;
     EVP_MD_CTX *ctx = NULL;
     unsigned char basekey[EVP_MAX_MD_SIZE];
     unsigned int bklen = EVP_MAX_MD_SIZE;
@@ -148,7 +155,8 @@ int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp,
      * compute the key used in the MAC process.  All implementations MUST
      * support SHA-1.
      */
-    if ((m = EVP_get_digestbyobj(pbmp->owf->algorithm)) == NULL) {
+    mdname = OBJ_nid2sn(OBJ_obj2nid(pbmp->owf->algorithm));
+    if ((owf = EVP_MD_fetch(libctx, mdname, propq)) == NULL) {
         CRMFerr(CRMF_F_OSSL_CRMF_PBM_NEW, CRMF_R_UNSUPPORTED_ALGORITHM);
         goto err;
     }
@@ -157,7 +165,7 @@ int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp,
         goto err;
 
     /* compute the basekey of the salted secret */
-    if (!EVP_DigestInit_ex(ctx, m, NULL))
+    if (!EVP_DigestInit_ex(ctx, owf, NULL))
         goto err;
     /* first the secret */
     if (!EVP_DigestUpdate(ctx, sec, seclen))
@@ -176,7 +184,7 @@ int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp,
 
     /* the first iteration was already done above */
     while (--iterations > 0) {
-        if (!EVP_DigestInit_ex(ctx, m, NULL))
+        if (!EVP_DigestInit_ex(ctx, owf, NULL))
             goto err;
         if (!EVP_DigestUpdate(ctx, basekey, bklen))
             goto err;
@@ -201,7 +209,7 @@ int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp,
                                                     (char *)mdname, 0);
     macparams[1] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
                                                      basekey, bklen);
-    if ((mac = EVP_MAC_fetch(NULL, "HMAC", NULL)) == NULL
+    if ((mac = EVP_MAC_fetch(libctx, "HMAC", propq)) == NULL
             || (mctx = EVP_MAC_CTX_new(mac)) == NULL
             || !EVP_MAC_CTX_set_params(mctx, macparams)
             || !EVP_MAC_init(mctx)
@@ -212,10 +220,10 @@ int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp,
     ok = 1;
 
  err:
-    /* cleanup */
     OPENSSL_cleanse(basekey, bklen);
     EVP_MAC_CTX_free(mctx);
     EVP_MAC_free(mac);
+    EVP_MD_free(owf);
     EVP_MD_CTX_free(ctx);
 
     if (ok == 1) {
diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c
index 8b63e6918d..75693e35f7 100644
--- a/crypto/ec/ecx_meth.c
+++ b/crypto/ec/ecx_meth.c
@@ -570,9 +570,9 @@ static int ecd_size448(const EVP_PKEY *pkey)
     return ED448_SIGSIZE;
 }
 
-static int ecd_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
-                           X509_ALGOR *sigalg, ASN1_BIT_STRING *str,
-                           EVP_PKEY *pkey)
+static int ecd_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it,
+                           const void *asn, const X509_ALGOR *sigalg,
+                           const ASN1_BIT_STRING *str, EVP_PKEY *pkey)
 {
     const ASN1_OBJECT *obj;
     int ptype;
@@ -592,7 +592,8 @@ static int ecd_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
     return 2;
 }
 
-static int ecd_item_sign25519(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+static int ecd_item_sign25519(EVP_MD_CTX *ctx, const ASN1_ITEM *it,
+                              const void *asn,
                               X509_ALGOR *alg1, X509_ALGOR *alg2,
                               ASN1_BIT_STRING *str)
 {
@@ -612,7 +613,8 @@ static int ecd_sig_info_set25519(X509_SIG_INFO *siginf, const X509_ALGOR *alg,
     return 1;
 }
 
-static int ecd_item_sign448(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+static int ecd_item_sign448(EVP_MD_CTX *ctx, const ASN1_ITEM *it,
+                            const void *asn,
                             X509_ALGOR *alg1, X509_ALGOR *alg2,
                             ASN1_BIT_STRING *str)
 {
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index e83f1013ec..10531ead7a 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -40,7 +40,6 @@ ASN1_F_ASN1_ITEM_FLAGS_I2D:118:asn1_item_flags_i2d
 ASN1_F_ASN1_ITEM_I2D_BIO:192:ASN1_item_i2d_bio
 ASN1_F_ASN1_ITEM_I2D_FP:193:ASN1_item_i2d_fp
 ASN1_F_ASN1_ITEM_PACK:198:ASN1_item_pack
-ASN1_F_ASN1_ITEM_SIGN:195:ASN1_item_sign
 ASN1_F_ASN1_ITEM_SIGN_CTX:220:ASN1_item_sign_ctx
 ASN1_F_ASN1_ITEM_UNPACK:199:ASN1_item_unpack
 ASN1_F_ASN1_ITEM_VERIFY:197:ASN1_item_verify
@@ -2094,7 +2093,6 @@ CMP_R_CERTREQMSG_NOT_FOUND:157:certreqmsg not found
 CMP_R_CERTRESPONSE_NOT_FOUND:113:certresponse not found
 CMP_R_CERT_AND_KEY_DO_NOT_MATCH:114:cert and key do not match
 CMP_R_CHECKAFTER_OUT_OF_RANGE:181:checkafter out of range
-CMP_R_CHECKING_PBM_NO_SECRET_AVAILABLE:166:checking pbm no secret available
 CMP_R_ENCOUNTERED_KEYUPDATEWARNING:176:encountered keyupdatewarning
 CMP_R_ENCOUNTERED_WAITING:162:encountered waiting
 CMP_R_ERROR_CALCULATING_PROTECTION:115:error calculating protection
@@ -2125,6 +2123,7 @@ CMP_R_MISSING_KEY_INPUT_FOR_CREATING_PROTECTION:130:\
 	missing key input for creating protection
 CMP_R_MISSING_KEY_USAGE_DIGITALSIGNATURE:142:missing key usage digitalsignature
 CMP_R_MISSING_P10CSR:121:missing p10csr
+CMP_R_MISSING_PBM_SECRET:166:missing pbm secret
 CMP_R_MISSING_PRIVATE_KEY:131:missing private key
 CMP_R_MISSING_PROTECTION:143:missing protection
 CMP_R_MISSING_REFERENCE_CERT:168:missing reference cert
@@ -2297,6 +2296,7 @@ CRMF_R_FAILURE_OBTAINING_RANDOM:107:failure obtaining random
 CRMF_R_ITERATIONCOUNT_BELOW_100:108:iterationcount below 100
 CRMF_R_MALFORMED_IV:101:malformed iv
 CRMF_R_NULL_ARGUMENT:109:null argument
+CRMF_R_POPOSKINPUT_NOT_SUPPORTED:113:poposkinput not supported
 CRMF_R_POPO_INCONSISTENT_PUBLIC_KEY:117:popo inconsistent public key
 CRMF_R_POPO_MISSING:121:popo missing
 CRMF_R_POPO_MISSING_PUBLIC_KEY:118:popo missing public key
@@ -2305,7 +2305,6 @@ CRMF_R_POPO_RAVERIFIED_NOT_ACCEPTED:120:popo raverified not accepted
 CRMF_R_SETTING_MAC_ALGOR_FAILURE:110:setting mac algor failure
 CRMF_R_SETTING_OWF_ALGOR_FAILURE:111:setting owf algor failure
 CRMF_R_UNSUPPORTED_ALGORITHM:112:unsupported algorithm
-CRMF_R_UNSUPPORTED_ALG_FOR_POPSIGNINGKEY:113:unsupported alg for popsigningkey
 CRMF_R_UNSUPPORTED_CIPHER:114:unsupported cipher
 CRMF_R_UNSUPPORTED_METHOD_FOR_CREATING_POPO:115:\
 	unsupported method for creating popo
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 7476efd9bc..7caab8a5f7 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -13,6 +13,7 @@
 #include <stdio.h>
 #include <openssl/objects.h>
 #include <openssl/evp.h>
+#include <openssl/ec.h>
 #include <openssl/engine.h>
 #include <openssl/params.h>
 #include <openssl/core_names.h>
@@ -73,6 +74,37 @@ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx)
     return 1;
 }
 
+#ifndef FIPS_MODULE
+EVP_MD_CTX *evp_md_ctx_new_with_libctx(EVP_PKEY *pkey,
+                                       const ASN1_OCTET_STRING *id,
+                                       OPENSSL_CTX *libctx, const char *propq)
+{
+    EVP_MD_CTX *ctx;
+    EVP_PKEY_CTX *pctx = NULL;
+
+    if ((ctx = EVP_MD_CTX_new()) == NULL
+        || (pctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq)) == NULL) {
+        ASN1err(0, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+# ifndef OPENSSL_NO_EC
+    if (id != NULL && EVP_PKEY_CTX_set1_id(pctx, id->data, id->length) <= 0) {
+        ASN1err(0, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+# endif
+
+    EVP_MD_CTX_set_pkey_ctx(ctx, pctx);
+    return ctx;
+
+ err:
+    EVP_PKEY_CTX_free(pctx);
+    EVP_MD_CTX_free(ctx);
+    return NULL;
+}
+#endif
+
 EVP_MD_CTX *EVP_MD_CTX_new(void)
 {
     return OPENSSL_zalloc(sizeof(EVP_MD_CTX));
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
index 749cd8764b..130f6156c5 100644
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@@ -696,7 +696,7 @@ static ASN1_STRING *rsa_ctx_to_pss_string(EVP_PKEY_CTX *pkctx)
  */
 
 static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx,
-                          X509_ALGOR *sigalg, EVP_PKEY *pkey)
+                          const X509_ALGOR *sigalg, EVP_PKEY *pkey)
 {
     int rv = -1;
     int saltlen;
@@ -876,9 +876,9 @@ static int rsa_cms_verify(CMS_SignerInfo *si)
  * is encountered requiring special handling. We currently only handle PSS.
  */
 
-static int rsa_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
-                           X509_ALGOR *sigalg, ASN1_BIT_STRING *sig,
-                           EVP_PKEY *pkey)
+static int rsa_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it,
+                           const void *asn, const X509_ALGOR *sigalg,
+                           const ASN1_BIT_STRING *sig, EVP_PKEY *pkey)
 {
     /* Sanity check: make sure it is PSS */
     if (OBJ_obj2nid(sigalg->algorithm) != EVP_PKEY_RSA_PSS) {
@@ -920,7 +920,7 @@ static int rsa_cms_sign(CMS_SignerInfo *si)
 }
 #endif
 
-static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, const void *asn,
                          X509_ALGOR *alg1, X509_ALGOR *alg2,
                          ASN1_BIT_STRING *sig)
 {
diff --git a/crypto/x509/v3_purp.c b/crypto/x509/v3_purp.c
index 9e0190a038..d7d0aae3b3 100644
--- a/crypto/x509/v3_purp.c
+++ b/crypto/x509/v3_purp.c
@@ -396,6 +396,7 @@ int x509v3_cache_extensions(X509 *x)
         CRYPTO_THREAD_unlock(x->lock);
         return (x->ex_flags & EXFLAG_INVALID) == 0;
     }
+    ERR_set_mark();
 
     if (!X509_digest(x, EVP_sha1(), x->sha1_hash, NULL))
             x->ex_flags |= EXFLAG_INVALID;
@@ -572,6 +573,7 @@ int x509v3_cache_extensions(X509 *x)
      * all stores are visible on all processors. Hence the release fence.
      */
 #endif
+    ERR_pop_to_mark();
     CRYPTO_THREAD_unlock(x->lock);
 
     return (x->ex_flags & EXFLAG_INVALID) == 0;
diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c
index 12a666884b..a8ad292074 100644
--- a/crypto/x509/x_all.c
+++ b/crypto/x509/x_all.c
@@ -27,76 +27,23 @@
 #include "crypto/pkcs7.h"
 #include "crypto/x509.h"
 
-static void clean_id_ctx(EVP_MD_CTX *ctx)
-{
-    EVP_PKEY_CTX *pctx = EVP_MD_CTX_pkey_ctx(ctx);
-
-    EVP_PKEY_CTX_free(pctx);
-    EVP_MD_CTX_free(ctx);
-}
-
-static EVP_MD_CTX *make_id_ctx(EVP_PKEY *r, ASN1_OCTET_STRING *id,
-                               OPENSSL_CTX *libctx, const char *propq)
-{
-    EVP_MD_CTX *ctx = NULL;
-    EVP_PKEY_CTX *pctx = NULL;
-
-    if ((ctx = EVP_MD_CTX_new()) == NULL
-        || (pctx = EVP_PKEY_CTX_new_from_pkey(libctx, r, propq)) == NULL) {
-        X509err(0, ERR_R_MALLOC_FAILURE);
-        goto error;
-    }
-
-#ifndef OPENSSL_NO_EC
-    if (id != NULL) {
-        if (EVP_PKEY_CTX_set1_id(pctx, id->data, id->length) <= 0) {
-            X509err(0, ERR_R_MALLOC_FAILURE);
-            goto error;
-        }
-    }
-#endif
-
-    EVP_MD_CTX_set_pkey_ctx(ctx, pctx);
-
-    return ctx;
- error:
-    EVP_PKEY_CTX_free(pctx);
-    EVP_MD_CTX_free(ctx);
-    return NULL;
-}
-
 int X509_verify(X509 *a, EVP_PKEY *r)
 {
-    int rv = 0;
-    EVP_MD_CTX *ctx = NULL;
-    ASN1_OCTET_STRING *id = NULL;
-
     if (X509_ALGOR_cmp(&a->sig_alg, &a->cert_info.signature))
         return 0;
 
-    id = a->distinguishing_id;
-    if ((ctx = make_id_ctx(r, id, a->libctx, a->propq)) != NULL) {
-        rv = ASN1_item_verify_ctx(ASN1_ITEM_rptr(X509_CINF), &a->sig_alg,
-                                  &a->signature, &a->cert_info, ctx);
-        clean_id_ctx(ctx);
-    }
-    return rv;
+    return ASN1_item_verify_with_libctx(ASN1_ITEM_rptr(X509_CINF), &a->sig_alg,
+                                        &a->signature, &a->cert_info,
+                                        a->distinguishing_id, r,
+                                        a->libctx, a->propq);
 }
 
 int X509_REQ_verify_with_libctx(X509_REQ *a, EVP_PKEY *r, OPENSSL_CTX *libctx,
                                 const char *propq)
 {
-    int rv = 0;
-    EVP_MD_CTX *ctx = NULL;
-    ASN1_OCTET_STRING *id = NULL;
-
-    id = a->distinguishing_id;
-    if ((ctx = make_id_ctx(r, id, libctx, propq)) != NULL) {
-        rv = ASN1_item_verify_ctx(ASN1_ITEM_rptr(X509_REQ_INFO), &a->sig_alg,
-                                  a->signature, &a->req_info, ctx);
-        clean_id_ctx(ctx);
-    }
-    return rv;
+    return ASN1_item_verify_with_libctx(ASN1_ITEM_rptr(X509_REQ_INFO),
+                                        &a->sig_alg, a->signature, &a->req_info,
+                                        a->distinguishing_id, r, libctx, propq);
 }
 
 int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c
index 64bf5faa83..5ee284666c 100644
--- a/crypto/x509/x_x509.c
+++ b/crypto/x509/x_x509.c
@@ -152,10 +152,7 @@ X509 *X509_new_with_libctx(OPENSSL_CTX *libctx, const char *propq)
     X509 *cert = NULL;
 
     cert = (X509 *)ASN1_item_new((X509_it()));
-    if (cert != NULL) {
-        cert->libctx = libctx;
-        cert->propq = propq;
-    }
+    (void)x509_set0_libctx(cert, libctx, propq);
     return cert;
 }
 
diff --git a/doc/internal/man3/ossl_cmp_asn1_octet_string_set1.pod b/doc/internal/man3/ossl_cmp_asn1_octet_string_set1.pod
index 3d91f8a073..a154cda1c9 100644
--- a/doc/internal/man3/ossl_cmp_asn1_octet_string_set1.pod
+++ b/doc/internal/man3/ossl_cmp_asn1_octet_string_set1.pod
@@ -3,9 +3,8 @@
 =head1 NAME
 
 ossl_cmp_asn1_octet_string_set1,
-ossl_cmp_asn1_octet_string_set1_bytes,
-ossl_cmp_build_cert_chain
-- misc internal utility functions
+ossl_cmp_asn1_octet_string_set1_bytes
+- ASN.1 octet string utility functions
 
 =head1 SYNOPSIS
 
@@ -16,32 +15,19 @@ ossl_cmp_build_cert_chain
  int ossl_cmp_asn1_octet_string_set1_bytes(ASN1_OCTET_STRING **tgt,
                                            const unsigned char *bytes, int len);
 
- STACK_OF(X509) *ossl_cmp_build_cert_chain(STACK_OF(X509) *certs, X509 *cert);
-
 =head1 DESCRIPTION
 
 ossl_cmp_asn1_octet_string_set1() frees any previous value of the variable
 referenced via the I<tgt> argument and assigns either a copy of
 the ASN1_OCTET_STRING given as the I<src> argument or NULL.
-It returns 1 on success, 0 on error.
 
 ossl_cmp_asn1_octet_string_set1_bytes() frees any previous value of the variable
 referenced via the I<tgt> argument and assigns either a copy of the given byte
-string (with the given length) or NULL. It returns 1 on success, 0 on error.
-
-ossl_cmp_build_cert_chain() builds up the certificate chain of cert as high up
-as possible using the given X509_STORE containing all possible intermediate
-certificates and optionally the (possible) trust anchor(s).
+string (with the given length) or NULL.
 
 =head1 RETURN VALUES
 
-ossl_cmp_build_cert_chain()
-returns NULL on error, else a pointer to a stack of (up_ref'ed) certificates
-containing the EE certificate given in the function arguments (cert)
-and all intermediate certificates up the chain toward the trust anchor.
-The (self-signed) trust anchor is not included.
-
-All other functions return 1 on success, 0 on error.
+All functions return 1 on success, 0 on error.
 
 =head1 HISTORY
 
diff --git a/doc/internal/man3/ossl_cmp_hdr_init.pod b/doc/internal/man3/ossl_cmp_hdr_init.pod
index 0c6405054f..60259dd4bd 100644
--- a/doc/internal/man3/ossl_cmp_hdr_init.pod
+++ b/doc/internal/man3/ossl_cmp_hdr_init.pod
@@ -22,7 +22,7 @@ ossl_cmp_hdr_init
 
 =head1 SYNOPSIS
 
-  #include "cmp_int.h"
+  #include "cmp_local.h"
 
   int ossl_cmp_hdr_set_pvno(OSSL_CMP_PKIHEADER *hdr, int pvno);
   int ossl_cmp_hdr_get_pvno(const OSSL_CMP_PKIHEADER *hdr);
diff --git a/doc/internal/man3/ossl_cmp_mock_srv_new.pod b/doc/internal/man3/ossl_cmp_mock_srv_new.pod
index da1f44b391..3a90edfa4a 100644
--- a/doc/internal/man3/ossl_cmp_mock_srv_new.pod
+++ b/doc/internal/man3/ossl_cmp_mock_srv_new.pod
@@ -15,9 +15,9 @@ ossl_cmp_mock_srv_set_checkAfterTime
 
 =head1 SYNOPSIS
 
- #include <openssl/cmp.h>
+ #include "apps/cmp_mock_srv.h"
 
- OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(void);
+ OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(OPENSSL_CTX *libctx, const char *propq);
  void ossl_cmp_mock_srv_free(OSSL_CMP_SRV_CTX *srv_ctx);
 
  int ossl_cmp_mock_srv_set1_certOut(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert);
@@ -33,7 +33,9 @@ ossl_cmp_mock_srv_set_checkAfterTime
 
 =head1 DESCRIPTION
 
-ossl_cmp_mock_srv_new() allocates the contexts for the CMP mock server.
+ossl_cmp_mock_srv_new() allocates the contexts for the CMP mock server
+associated with the library context I<libctx> and property query string
+I<propq>, both of which may be NULL to select the defaults.
 
 ossl_cmp_mock_srv_free() deallocates the contexts for the CMP mock server.
 
diff --git a/doc/internal/man3/ossl_cmp_msg_create.pod b/doc/internal/man3/ossl_cmp_msg_create.pod
index 0a10a6567e..aca0a996f4 100644
--- a/doc/internal/man3/ossl_cmp_msg_create.pod
+++ b/doc/internal/man3/ossl_cmp_msg_create.pod
@@ -12,7 +12,7 @@ ossl_cmp_msg_gen_ITAVs_push1
 
 =head1 SYNOPSIS
 
-  #include "cmp_int.h"
+  #include "cmp_local.h"
 
   const char *ossl_cmp_bodytype_to_string(int type);
   int ossl_cmp_msg_get_bodytype(const OSSL_CMP_MSG *msg);
diff --git a/doc/internal/man3/ossl_cmp_msg_protect.pod b/doc/internal/man3/ossl_cmp_msg_protect.pod
index bf859cdbda..6c33db6954 100644
--- a/doc/internal/man3/ossl_cmp_msg_protect.pod
+++ b/doc/internal/man3/ossl_cmp_msg_protect.pod
@@ -2,31 +2,56 @@
 
 =head1 NAME
 
+ossl_cmp_build_cert_chain,
+ossl_cmp_calc_protection,
 ossl_cmp_msg_protect,
 ossl_cmp_msg_add_extraCerts
 - functions for producing CMP message protection
 
 =head1 SYNOPSIS
 
-  #include "cmp_int.h"
+ #include "cmp_local.h"
 
-  int ossl_cmp_msg_protect(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg);
-  int ossl_cmp_msg_add_extraCerts(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg);
+ STACK_OF(X509)
+     *ossl_cmp_build_cert_chain(OPENSSL_CTX *libctx, const char *propq,
+                                STACK_OF(X509) *certs, X509 *cert);
+ ASN1_BIT_STRING *ossl_cmp_calc_protection(const OSSL_CMP_CTX *ctx,
+                                           const OSSL_CMP_MSG *msg);
+ int ossl_cmp_msg_protect(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg);
+ int ossl_cmp_msg_add_extraCerts(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg);
 
 =head1 DESCRIPTION
 
-ossl_cmp_msg_protect() (re-)protects the given message B<msg> using an algorithm
-depending on the available context information given in the B<ctx>.
+ossl_cmp_build_cert_chain() builds up the chain of intermediate CA certificates
+starting from the given certificate I<cert> as high up as possible using
+the given list of candidate certificates, similarly to ssl_add_cert_chain().
+It internally uses a B<X509_STORE_CTX> structure associated with the library
+context I<libctx> and property query string I<propq>, both of which may be NULL.
+Intended use of this function is to find all the certificates above the trust
+anchor needed to verify an EE's own certificate.
+Those are supposed to be included in the ExtraCerts field of every first
+CMP message of a transaction when MSG_SIG_ALG is utilized.
+This allocates a stack and increments the reference count of each cert,
+so when not needed any more the stack and all its elements should be freed.
+In case there is more than one possibility for the chain,
+OpenSSL seems to take the first one; check X509_verify_cert() for details.
+
+ossl_cmp_calc_protection() calculates the protection for the given I<msg>
+according to the algorithm and parameters in the message header's protectionAlg
+using the credentials, library context, and property criteria in the I<ctx>.
+
+ossl_cmp_msg_protect() (re-)protects the given message I<msg> using an algorithm
+depending on the available context information given in the I<ctx>.
 If there is a secretValue it selects PBMAC, else if there is a protection cert
-it selects Signature and uses B<ossl_cmp_msg_add_extraCerts()>.
+it selects Signature and uses L<ossl_cmp_msg_add_extraCerts(3)>.
 It also sets the protectionAlg field in the message header accordingly.
 
 ossl_cmp_msg_add_extraCerts() adds elements to the extraCerts field in the given
-message B<msg>. It tries to build the certificate chain of the client cert in
-the B<ctx> if present by using certificates in ctx->untrusted_certs;
+message I<msg>. It tries to build the certificate chain of the client cert in
+the I<ctx> if present by using certificates in ctx->untrusted_certs;
 if no untrusted certs are set, it will at least add the client certificate.
 In any case all the certificates explicitly specified to be sent out (i.e.,
-B<ctx->extraCertsOut>) are added. Note that it will NOT add the root certificate
+I<ctx->extraCertsOut>) are added. Note that it will NOT add the root certificate
 of the chain, i.e, the trust anchor (unless it is part of extraCertsOut).
 
 =head1 NOTES
@@ -35,7 +60,15 @@ CMP is defined in RFC 4210 (and CRMF in RFC 4211).
 
 =head1 RETURN VALUES
 
-All functions return 1 on success, 0 on error.
+ossl_cmp_build_cert_chain() returns NULL on error,
+else a pointer to a stack of (up_ref'ed) certificates
+containing the EE certificate given in the function arguments (cert)
+and all intermediate certificates up the chain toward the trust anchor.
+The (self-signed) trust anchor is not included.
+
+ossl_cmp_calc_protection() returns the protection on success, else NULL.
+
+All other functions return 1 on success, 0 on error.
 
 =head1 HISTORY
 
diff --git a/doc/internal/man3/ossl_cmp_pkisi_get_status.pod b/doc/internal/man3/ossl_cmp_pkisi_get_status.pod
index cd32c9015d..21f6f90b39 100644
--- a/doc/internal/man3/ossl_cmp_pkisi_get_status.pod
+++ b/doc/internal/man3/ossl_cmp_pkisi_get_status.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+ossl_cmp_certresponse_get1_cert,
 ossl_cmp_pkisi_get_status,
 ossl_cmp_PKIStatus_to_string,
 ossl_cmp_pkisi_get0_statusString,
@@ -42,6 +43,8 @@ ossl_cmp_pkisi_check_pkifailureinfo
 # define OSSL_CMP_PKIFAILUREINFO_duplicateCertReq    26
 # define OSSL_CMP_PKIFAILUREINFO_MAX                 26
 
+  X509 *ossl_cmp_certresponse_get1_cert(const OSSL_CMP_CERTRESPONSE *crep,
+                                        const OSSL_CMP_CTX *ctx, EVP_PKEY *pkey);
   int ossl_cmp_pkisi_get_status(const OSSL_CMP_PKISI *si);
   const char *ossl_cmp_PKIStatus_to_string(int status);
   OSSL_CMP_PKIFREETEXT *ossl_cmp_pkisi_get0_statusString(const OSSL_CMP_PKISI *si);
@@ -50,19 +53,23 @@ ossl_cmp_pkisi_check_pkifailureinfo
 
 =head1 DESCRIPTION
 
-ossl_cmp_pkisi_get_status() returns the PKIStatus of B<si>, or -1 on error.
+ossl_cmp_certresponse_get1_cert() returns a pointer to a copy of the newly
+enrolled certificate from the given certResponse I<crep>, or NULL on error.
+In case of indirect POPO uses data from the I<ctx> and the private key I<pkey>.
+
+ossl_cmp_pkisi_get_status() returns the PKIStatus of I<si>, or -1 on error.
 
 ossl_cmp_PKIStatus_to_string() returns a human-readable string representing
 the PKIStatus values as specified in RFC 4210, Appendix F.
 
 ossl_cmp_pkisi_get0_statusString() returns a direct pointer to the statusString
-field contained in B<si>.
+field contained in I<si>.
 
 ossl_cmp_pkisi_get_pkifailureinfo() returns the PKIFailureInfo bits
-of B<si>, encoded as integer, or -1 on error.
+of I<si>, encoded as integer, or -1 on error.
 
 ossl_cmp_pkisi_check_pkifailureinfo() returns the state of the bit (0 or 1)
-with index B<index> in the PKIFailureInfo of the B<si>, or -1 on error.
+with index I<index> in the PKIFailureInfo of the I<si>, or -1 on error.
 
 =head1 NOTES
 
diff --git a/doc/man3/OSSL_CMP_CTX_new.pod b/doc/man3/OSSL_CMP_CTX_new.pod
index 368d73f820..62e1a562c9 100644
--- a/doc/man3/OSSL_CMP_CTX_new.pod
+++ b/doc/man3/OSSL_CMP_CTX_new.pod
@@ -64,7 +64,7 @@ OSSL_CMP_CTX_set1_senderNonce
 
  #include <openssl/cmp.h>
 
- OSSL_CMP_CTX *OSSL_CMP_CTX_new(void);
+ OSSL_CMP_CTX *OSSL_CMP_CTX_new(OPENSSL_CTX *libctx, const char *propq);
  void OSSL_CMP_CTX_free(OSSL_CMP_CTX *ctx);
  int OSSL_CMP_CTX_reinit(OSSL_CMP_CTX *ctx);
  int OSSL_CMP_CTX_set_option(OSSL_CMP_CTX *ctx, int opt, int val);
@@ -158,8 +158,13 @@ OSSL_CMP_CTX_set1_senderNonce
 This is the context API for using CMP (Certificate Management Protocol) with
 OpenSSL.
 
-OSSL_CMP_CTX_new() allocates and initializes an OSSL_CMP_CTX structure to
-default values, e.g., proof-of-possession method is set to POPOSigningKey.
+OSSL_CMP_CTX_new() allocates an B<OSSL_CMP_CTX> structure associated with
+the library context I<libctx> and property query string I<propq>,
+both of which may be NULL to select the defaults.
+It initializes the remaining fields to their default values - for instance,
+the logging verbosity is set to OSSL_CMP_LOG_INFO,
+the message timeout is set to 120 seconds,
+and the proof-of-possession method is set to OSSL_CRMF_POPO_SIGNATURE.
 
 OSSL_CMP_CTX_free() deallocates an OSSL_CMP_CTX structure.
 
diff --git a/doc/man3/OSSL_CMP_SRV_CTX_new.pod b/doc/man3/OSSL_CMP_SRV_CTX_new.pod
index 27d4f6ca1e..7d87d7df2c 100644
--- a/doc/man3/OSSL_CMP_SRV_CTX_new.pod
+++ b/doc/man3/OSSL_CMP_SRV_CTX_new.pod
@@ -29,7 +29,7 @@ OSSL_CMP_SRV_CTX_set_grant_implicit_confirm
                                             const OSSL_CMP_MSG *req);
  OSSL_CMP_MSG *OSSL_CMP_CTX_server_perform(OSSL_CMP_CTX *client_ctx,
                                            const OSSL_CMP_MSG *req);
- OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(void);
+ OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(OPENSSL_CTX *libctx, const char *propq);
  void OSSL_CMP_SRV_CTX_free(OSSL_CMP_SRV_CTX *srv_ctx);
 
  typedef OSSL_CMP_PKISI *(*OSSL_CMP_SRV_cert_request_cb_t)(
@@ -95,8 +95,9 @@ B<OSSL_CMP_SRV_process_request()> that can be used by a CMP client
 in the same way as B<OSSL_CMP_MSG_http_perform()>.
 The B<OSSL_CMP_SRV_CTX> must be set as I<transfer_cb_arg> of I<client_ctx>.
 
-OSSL_CMP_SRV_CTX_new() creates and initializes an OSSL_CMP_SRV_CTX structure
-and returns a pointer to it on success, NULL on error.
+OSSL_CMP_SRV_CTX_new() creates and initializes an B<OSSL_CMP_SRV_CTX> structure
+associated with the library context I<libctx> and property query string 
+I<propq>, both of which may be NULL to select the defaults.
 
 OSSL_CMP_SRV_CTX_free() deletes the given I<srv_ctx>.
 
diff --git a/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod b/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod
index 8e8bd7263f..e71cc52422 100644
--- a/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod
+++ b/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod
@@ -26,6 +26,7 @@ OSSL_CRMF_MSG_get_certReqId
 
  X509
  *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecert,
+                                        OPENSSL_CTX *libctx, const char *propq,
                                         EVP_PKEY *pkey);
 
  int OSSL_CRMF_MSG_get_certReqId(const OSSL_CRMF_MSG *crm);
@@ -33,27 +34,28 @@ OSSL_CRMF_MSG_get_certReqId
 
 =head1 DESCRIPTION
 
-OSSL_CRMF_MSG_get0_tmpl() retrieves the certificate template of B<crm>.
+OSSL_CRMF_MSG_get0_tmpl() retrieves the certificate template of I<crm>.
 
 OSSL_CRMF_CERTTEMPLATE_get0_serialNumber() retrieves the serialNumber of the
-given certificate template B<tmpl>.
+given certificate template I<tmpl>.
 
 OSSL_CRMF_CERTTEMPLATE_get0_issuer() retrieves the issuer name of the
-given certificate template B<tmpl>.
+given certificate template I<tmpl>.
 
 OSSL_CRMF_CERTID_get0_serialNumber retrieves the serialNumber
-of the given CertId B<cid>.
+of the given CertId I<cid>.
 
 OSSL_CRMF_CERTID_get0_issuer retrieves the issuer name
-of the given CertId B<cid>, which must be of ASN.1 type GEN_DIRNAME.
+of the given CertId I<cid>, which must be of ASN.1 type GEN_DIRNAME.
 
 OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert() decrypts the certificate in the given
-encryptedValue B<ecert>, using the private key B<pkey>.
-This is needed for the indirect PoP method as in RFC 4210 section 5.2.8.2.
+encryptedValue I<ecert>, using the private key I<pkey>, library context
+I<libctx> and property query string I<propq> (see L<OPENSSL_CTX(3)>).
+This is needed for the indirect POPO method as in RFC 4210 section 5.2.8.2.
 The function returns the decrypted certificate as a copy, leaving its ownership
 with the caller, who is responsible for freeing it.
 
-OSSL_CRMF_MSG_get_certReqId() retrieves the certReqId of B<crm>.
+OSSL_CRMF_MSG_get_certReqId() retrieves the certReqId of I<crm>.
 
 
 =head1 RETURN VALUES
@@ -65,7 +67,7 @@ All other functions return a pointer with the intended result or NULL on error.
 
 =head1 SEE ALSO
 
-B<RFC 4211>
+RFC 4211
 
 =head1 HISTORY
 
diff --git a/doc/man3/OSSL_CRMF_MSG_set0_validity.pod b/doc/man3/OSSL_CRMF_MSG_set0_validity.pod
index 54ebe0f856..8612049d73 100644
--- a/doc/man3/OSSL_CRMF_MSG_set0_validity.pod
+++ b/doc/man3/OSSL_CRMF_MSG_set0_validity.pod
@@ -30,11 +30,13 @@ OSSL_CRMF_MSGS_verify_popo
 
  int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm, X509_EXTENSION *ext);
 
- int OSSL_CRMF_MSG_create_popo(OSSL_CRMF_MSG *crm, EVP_PKEY *pkey,
-                               int dgst, int ppmtd);
+ int OSSL_CRMF_MSG_create_popo(int meth, OSSL_CRMF_MSG *crm,
+                               EVP_PKEY *pkey, const EVP_MD *digest,
+                               OPENSSL_CTX *libctx, const char *propq);
 
  int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs,
-                                int rid, int acceptRAVerified);
+                                int rid, int acceptRAVerified,
+                                OPENSSL_CTX *libctx, const char *propq);
 
 =head1 DESCRIPTION
 
@@ -59,11 +61,13 @@ OSSL_CRMF_MSG_push0_extension() pushes the X509 extension I<ext> to the
 extensions in the certTemplate of I<crm>.  Consumes I<ext>.
 
 OSSL_CRMF_MSG_create_popo() creates and sets the Proof-of-Possession (POPO)
-according to the method I<ppmtd> in I<crm>.
+according to the method I<meth> in I<crm>.<
+The library context I<libctx> and property query string I<propq>,
+may be NULL to select the defaults.
 In case the method is OSSL_CRMF_POPO_SIGNATURE the POPO is calculated
-using the private I<pkey> and the digest algorithm NID I<dgst>.
+using the private key I<pkey> and the digest method I<digest>.
 
-I<ppmtd> can be one of the following:
+I<meth> can be one of the following:
 
 =over 8
 
@@ -86,7 +90,8 @@ challenge-response exchange (challengeResp) not yet supported.
 =back
 
 OSSL_CRMF_MSGS_verify_popo verifies the Proof-of-Possession of the request with
-the given I<rid> in the list of I<reqs>. Optionally accepts RAVerified.
+the given I<rid> in the list of I<reqs>. Optionally accepts RAVerified. It can
+make use of the library context I<libctx> and property query string I<propq>.
 
 =head1 RETURN VALUES
 
diff --git a/doc/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod b/doc/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod
index 78423c7001..9a76567a10 100644
--- a/doc/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod
+++ b/doc/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod
@@ -40,42 +40,42 @@ OSSL_CRMF_CERTID_gen
 =head1 DESCRIPTION
 
 OSSL_CRMF_MSG_set1_regCtrl_regToken() sets the regToken control in the given
-B<msg> copying the given B<tok> as value. See RFC 4211, section 6.1.
+I<msg> copying the given I<tok> as value. See RFC 4211, section 6.1.
 
 OSSL_CRMF_MSG_set1_regCtrl_authenticator() sets the authenticator control in
-the given B<msg> copying the given B<auth> as value. See RFC 4211, section 6.2.
+the given I<msg> copying the given I<auth> as value. See RFC 4211, section 6.2.
 
-OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo() pushes the given B<spi>
-to B<si>. Consumes the B<spi> pointer.
+OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo() pushes the given I<spi>
+to I<si>. Consumes the I<spi> pointer.
 
-OSSL_CRMF_MSG_set0_SinglePubInfo() sets in the given SinglePubInfo B<spi>
-the B<method> and publication location, in the form of a GeneralName, B<nm>.
-The publication location is optional, and therefore B<nm> may be NULL.
-The function consumes the B<nm> pointer if present.
+OSSL_CRMF_MSG_set0_SinglePubInfo() sets in the given SinglePubInfo I<spi>
+the I<method> and publication location, in the form of a GeneralName, I<nm>.
+The publication location is optional, and therefore I<nm> may be NULL.
+The function consumes the I<nm> pointer if present.
 Available methods are:
  # define OSSL_CRMF_PUB_METHOD_DONTCARE 0
  # define OSSL_CRMF_PUB_METHOD_X500     1
  # define OSSL_CRMF_PUB_METHOD_WEB      2
  # define OSSL_CRMF_PUB_METHOD_LDAP     3
 
-OSSL_CRMF_MSG_set_PKIPublicationInfo_action() sets the action in the given B<pi>
-using the given B<action> as value. See RFC 4211, section 6.3.
+OSSL_CRMF_MSG_set_PKIPublicationInfo_action() sets the action in the given I<pi>
+using the given I<action> as value. See RFC 4211, section 6.3.
 Available actions are:
  # define OSSL_CRMF_PUB_ACTION_DONTPUBLISH   0
  # define OSSL_CRMF_PUB_ACTION_PLEASEPUBLISH 1
 
 OSSL_CRMF_MSG_set1_regCtrl_pkiPublicationInfo() sets the pkiPublicationInfo
-control in the given B<msg> copying the given B<tok> as value. See RFC 4211,
+control in the given I<msg> copying the given I<tok> as value. See RFC 4211,
 section 6.3.
 
 OSSL_CRMF_MSG_set1_regCtrl_protocolEncrKey() sets the protocolEncrKey control in
-the given B<msg> copying the given B<pubkey> as value. See RFC 4211 section 6.6.
+the given I<msg> copying the given I<pubkey> as value. See RFC 4211 section 6.6.
 
 OSSL_CRMF_MSG_set1_regCtrl_oldCertID() sets the oldCertID control in the given
-B<msg> copying the given B<cid> as value. See RFC 4211, section 6.5.
+I<msg> copying the given I<cid> as value. See RFC 4211, section 6.5.
 
 OSSL_CRMF_CERTID_gen produces an OSSL_CRMF_CERTID_gen structure copying the
-given B<issuer> name and B<serial> number.
+given I<issuer> name and I<serial> number.
 
 =head1 RETURN VALUES
 
diff --git a/doc/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod b/doc/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod
index 32a4933e7d..a9309bbf29 100644
--- a/doc/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod
+++ b/doc/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod
@@ -17,11 +17,11 @@ OSSL_CRMF_MSG_set1_regInfo_certReq
 
 =head1 DESCRIPTION
 
-OSSL_CRMF_MSG_set1_regInfo_utf8Pairs() adds a copy of the given B<utf8pairs>
-value as utf8Pairs regInfo to the given B<msg>. See RFC 4211 section 7.1.
+OSSL_CRMF_MSG_set1_regInfo_utf8Pairs() adds a copy of the given I<utf8pairs>
+value as utf8Pairs regInfo to the given I<msg>. See RFC 4211 section 7.1.
 
-OSSL_CRMF_MSG_set1_regInfo_certReq() adds a copy of the given B<cr> value
-as certReq regInfo to the given B<msg>. See RFC 4211 section 7.2.
+OSSL_CRMF_MSG_set1_regInfo_certReq() adds a copy of the given I<cr> value
+as certReq regInfo to the given I<msg>. See RFC 4211 section 7.2.
 
 =head1 RETURN VALUES
 
@@ -30,7 +30,7 @@ All functions return 1 on success, 0 on error.
 =head1 NOTES
 
 Calling these functions multiple times adds multiple instances of the respective
-control to the regInfo structure of the given B<msg>. While RFC 4211 expects
+control to the regInfo structure of the given I<msg>. While RFC 4211 expects
 multiple utf8Pairs in one regInfo structure, it does not allow multiple certReq.
 
 =head1 SEE ALSO
diff --git a/doc/man3/OSSL_CRMF_pbmp_new.pod b/doc/man3/OSSL_CRMF_pbmp_new.pod
index 8e07032cd1..b4fd62a296 100644
--- a/doc/man3/OSSL_CRMF_pbmp_new.pod
+++ b/doc/man3/OSSL_CRMF_pbmp_new.pod
@@ -8,39 +8,49 @@ OSSL_CRMF_pbmp_new
 
 =head1 SYNOPSIS
 
-  #include <openssl/crmf.h>
+ #include <openssl/crmf.h>
 
-  int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp,
-                        const unsigned char *msg, size_t msglen,
-                        const unsigned char *sec, size_t seclen,
-                        unsigned char **mac, size_t *maclen);
+ int OSSL_CRMF_pbm_new(OPENSSL_CTX *libctx, const char *propq,
+                       const OSSL_CRMF_PBMPARAMETER *pbmp,
+                       const unsigned char *msg, size_t msglen,
+                       const unsigned char *sec, size_t seclen,
+                       unsigned char **mac, size_t *maclen);
 
-  OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(size_t saltlen, int owfnid,
-                                             int itercnt, int macnid);
+ OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(OPENSSL_CTX *libctx, size_t saltlen,
+                                            int owfnid, size_t itercnt,
+                                            int macnid);
 
 =head1 DESCRIPTION
 
 OSSL_CRMF_pbm_new() generates a PBM (Password-Based MAC) based on given PBM
-parameters B<pbmp>, message B<msg>, and secret B<sec>, along with the respective
-lengths B<msglen> and B<seclen>. On success writes the address of the newly
-allocated MAC via the B<mac> reference parameter and writes the length via the
-B<maclen> reference parameter unless it its NULL.
-
-The iteration count must be at least 100, as stipulated by RFC 4211, and is
-limited to at most 100000 to avoid DoS through manipulated or otherwise
-malformed input.
-
-OSSL_CRMF_pbmp_new() initializes and returns a new PBMParameter
-structure with a new random salt of given length B<saltlen>, OWF (one-way
-function) NID B<owfnid>, iteration count B<itercnt>, and MAC NID B<macnid>.
+parameters I<pbmp>, message I<msg>, and secret I<sec>, along with the respective
+lengths I<msglen> and I<seclen>.
+The optional library context I<libctx> and I<propq> parameters may be used
+to influence the selection of the MAC algorithm referenced in the I<pbmp>;
+see L<provider(7)/Fetching algorithms> for further information.
+On success writes the address of the newly
+allocated MAC via the I<mac> reference parameter and writes the length via the
+I<maclen> reference parameter unless it its NULL.
+
+OSSL_CRMF_pbmp_new() initializes and returns a new B<PBMParameter> structure
+with a new random salt of given length I<saltlen>,
+OWF (one-way function) NID I<owfnid>, OWF iteration count I<itercnt>,
+and MAC NID I<macnid>.
+The library context I<libctx> parameter may be used to select the provider
+for the random number generation (DRBG) and may be NULL for the default.
 
 =head1 NOTES
 
 The algorithms for the OWF (one-way function) and for the MAC (message
-authentication code) may be any with a NID defined in B<openssl/objects.h>.
+authentication code) may be any with a NID defined in C<openssl/objects.h>.
 As specified by RFC 4210, these should include NID_hmac_sha1.
 
-RFC 4210 recommends that the salt SHOULD be at least 8 bytes (64 bits) long.
+RFC 4210 recommends that the salt SHOULD be at least 8 bytes (64 bits) long,
+where 16 bytes is common.
+
+The iteration count must be at least 100, as stipulated by RFC 4211, and is
+limited to at most 100000 to avoid DoS through manipulated or otherwise
+malformed input.
 
 =head1 RETURN VALUES
 
diff --git a/doc/man7/property.pod b/doc/man7/property.pod
index d3fe38157b..90368b1f8d 100644
--- a/doc/man7/property.pod
+++ b/doc/man7/property.pod
@@ -42,9 +42,9 @@ property names like
 A I<property> is a I<name=value> pair.
 A I<property definition> is a sequence of comma separated properties.
 There can be any number of properties in a definition.
-For example: "" defines a null property definition; "my.foo=bar"
-defines a property named I<my.foo> which has a string value I<bar> and
-"iteration.count=3" defines a property named I<iteration.count> which
+For example: "" defines an empty property definition (i.e., no restriction);
+"my.foo=bar" defines a property named I<my.foo> which has a string value I<bar>
+and "iteration.count=3" defines a property named I<iteration.count> which
 has a numeric value of I<3>.
 The full syntax for property definitions appears below.
 
@@ -60,7 +60,7 @@ provider defines I<provider=legacy> for all of their algorithms.
 =head2 Queries
 
 A I<property query clause> is a single conditional test.
-For example, "fips=yes", "provider!=default" or "?iteration.count!=3".
+For example, "fips=yes", "provider!=default" or "?iteration.count=3".
 The first two represent mandatory clauses, such clauses B<must> match
 for any algorithm to even be under consideration.
 The third clause represents an optional clause.
diff --git a/fuzz/cmp.c b/fuzz/cmp.c
index a63ef9c238..44a0c1adeb 100644
--- a/fuzz/cmp.c
+++ b/fuzz/cmp.c
@@ -171,8 +171,8 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
     msg = d2i_OSSL_CMP_MSG_bio(in, NULL);
     if (msg != NULL) {
         BIO *out = BIO_new(BIO_s_null());
-        OSSL_CMP_SRV_CTX *srv_ctx = OSSL_CMP_SRV_CTX_new();
-        OSSL_CMP_CTX *client_ctx = OSSL_CMP_CTX_new();
+        OSSL_CMP_SRV_CTX *srv_ctx = OSSL_CMP_SRV_CTX_new(NULL, NULL);
+        OSSL_CMP_CTX *client_ctx = OSSL_CMP_CTX_new(NULL, NULL);
 
         i2d_OSSL_CMP_MSG_bio(out, msg);
         ASN1_item_print(out, (ASN1_VALUE *)msg, 4,
diff --git a/include/crypto/asn1.h b/include/crypto/asn1.h
index d3683649bc..68672d1a02 100644
--- a/include/crypto/asn1.h
+++ b/include/crypto/asn1.h
@@ -49,9 +49,10 @@ struct evp_pkey_asn1_method_st {
                             const unsigned char **pder, int derlen);
     int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);
     /* Custom ASN1 signature verification */
-    int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
-                        X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
-    int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+    int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, const void *data,
+                        const X509_ALGOR *a, const ASN1_BIT_STRING *sig,
+                        EVP_PKEY *pkey);
+    int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, const void *data,
                       X509_ALGOR *alg1, X509_ALGOR *alg2,
                       ASN1_BIT_STRING *sig);
     int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
index d2b2584357..512b4d6f48 100644
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -769,6 +769,9 @@ int evp_pkey_ctx_get_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params);
 
 EVP_PKEY *evp_pkcs82pkey_int(const PKCS8_PRIV_KEY_INFO *p8, OPENSSL_CTX *libctx,
                              const char *propq);
+EVP_MD_CTX *evp_md_ctx_new_with_libctx(EVP_PKEY *pkey,
+                                       const ASN1_OCTET_STRING *id,
+                                       OPENSSL_CTX *libctx, const char *propq);
 #endif /* !defined(FIPS_MODULE) */
 void evp_method_store_flush(OPENSSL_CTX *libctx);
 int evp_set_default_properties_int(OPENSSL_CTX *libctx, const char *propq,
diff --git a/include/crypto/x509.h b/include/crypto/x509.h
index c663b68abd..a3c05f15b8 100644
--- a/include/crypto/x509.h
+++ b/include/crypto/x509.h
@@ -8,6 +8,8 @@
  */
 
 #include "internal/refcount.h"
+#include <openssl/asn1.h>
+#include <openssl/x509.h>
 
 /* Internal X509 structures and functions: not for application use */
 
diff --git a/include/openssl/asn1.h b/include/openssl/asn1.h
index a62d4d7755..b47e8e823e 100644
--- a/include/openssl/asn1.h
+++ b/include/openssl/asn1.h
@@ -678,6 +678,16 @@ void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, const void *x);
                      CHECKED_PTR_OF(const type, x)))
 
 void *ASN1_item_dup(const ASN1_ITEM *it, const void *x);
+int ASN1_item_sign_with_libctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
+                               X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
+                               const void *data, const ASN1_OCTET_STRING *id,
+                               EVP_PKEY *pkey, const EVP_MD *md,
+                               OPENSSL_CTX *libctx, const char *propq);
+int ASN1_item_verify_with_libctx(const ASN1_ITEM *it, const X509_ALGOR *alg,
+                                 const ASN1_BIT_STRING *signature,
+                                 const void *data,
+                                 const ASN1_OCTET_STRING *id, EVP_PKEY *pkey,
+                                 OPENSSL_CTX *libctx, const char *propq);
 
 /* ASN1 alloc/free macros for when a type is only used internally */
 
diff --git a/include/openssl/asn1err.h b/include/openssl/asn1err.h
index 3247e0f445..f610d8816d 100644
--- a/include/openssl/asn1err.h
+++ b/include/openssl/asn1err.h
@@ -59,7 +59,6 @@ int ERR_load_ASN1_strings(void);
 #  define ASN1_F_ASN1_ITEM_I2D_BIO                         0
 #  define ASN1_F_ASN1_ITEM_I2D_FP                          0
 #  define ASN1_F_ASN1_ITEM_PACK                            0
-#  define ASN1_F_ASN1_ITEM_SIGN                            0
 #  define ASN1_F_ASN1_ITEM_SIGN_CTX                        0
 #  define ASN1_F_ASN1_ITEM_UNPACK                          0
 #  define ASN1_F_ASN1_ITEM_VERIFY                          0
diff --git a/include/openssl/cmp.h b/include/openssl/cmp.h
index 519117d622..cf79a4c71f 100644
--- a/include/openssl/cmp.h
+++ b/include/openssl/cmp.h
@@ -243,7 +243,7 @@ void OSSL_CMP_ITAV_free(OSSL_CMP_ITAV *itav);
 void OSSL_CMP_MSG_free(OSSL_CMP_MSG *msg);
 
 /* from cmp_ctx.c */
-OSSL_CMP_CTX *OSSL_CMP_CTX_new(void);
+OSSL_CMP_CTX *OSSL_CMP_CTX_new(OPENSSL_CTX *libctx, const char *propq);
 void OSSL_CMP_CTX_free(OSSL_CMP_CTX *ctx);
 int OSSL_CMP_CTX_reinit(OSSL_CMP_CTX *ctx);
 /* various CMP options: */
@@ -375,7 +375,7 @@ OSSL_CMP_MSG *OSSL_CMP_SRV_process_request(OSSL_CMP_SRV_CTX *srv_ctx,
                                            const OSSL_CMP_MSG *req);
 OSSL_CMP_MSG * OSSL_CMP_CTX_server_perform(OSSL_CMP_CTX *client_ctx,
                                            const OSSL_CMP_MSG *req);
-OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(void);
+OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(OPENSSL_CTX *libctx, const char *propq);
 void OSSL_CMP_SRV_CTX_free(OSSL_CMP_SRV_CTX *srv_ctx);
 typedef OSSL_CMP_PKISI *(*OSSL_CMP_SRV_cert_request_cb_t)
     (OSSL_CMP_SRV_CTX *srv_ctx, const OSSL_CMP_MSG *req, int certReqId,
diff --git a/include/openssl/cmperr.h b/include/openssl/cmperr.h
index f18ba386bc..2ae82974a9 100644
--- a/include/openssl/cmperr.h
+++ b/include/openssl/cmperr.h
@@ -45,7 +45,6 @@ int ERR_load_CMP_strings(void);
 #  define CMP_R_CERTRESPONSE_NOT_FOUND                     113
 #  define CMP_R_CERT_AND_KEY_DO_NOT_MATCH                  114
 #  define CMP_R_CHECKAFTER_OUT_OF_RANGE                    181
-#  define CMP_R_CHECKING_PBM_NO_SECRET_AVAILABLE           166
 #  define CMP_R_ENCOUNTERED_KEYUPDATEWARNING               176
 #  define CMP_R_ENCOUNTERED_WAITING                        162
 #  define CMP_R_ERROR_CALCULATING_PROTECTION               115
@@ -75,6 +74,7 @@ int ERR_load_CMP_strings(void);
 #  define CMP_R_MISSING_KEY_INPUT_FOR_CREATING_PROTECTION  130
 #  define CMP_R_MISSING_KEY_USAGE_DIGITALSIGNATURE         142
 #  define CMP_R_MISSING_P10CSR                             121
+#  define CMP_R_MISSING_PBM_SECRET                         166
 #  define CMP_R_MISSING_PRIVATE_KEY                        131
 #  define CMP_R_MISSING_PROTECTION                         143
 #  define CMP_R_MISSING_REFERENCE_CERT                     168
diff --git a/include/openssl/crmf.h b/include/openssl/crmf.h
index bf0e32d499..022f0bb9d2 100644
--- a/include/openssl/crmf.h
+++ b/include/openssl/crmf.h
@@ -67,9 +67,11 @@ DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSGS)
 typedef struct ossl_crmf_optionalvalidity_st OSSL_CRMF_OPTIONALVALIDITY;
 
 /* crmf_pbm.c */
-OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(size_t slen, int owfnid,
-                                           int itercnt, int macnid);
-int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp,
+OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(OPENSSL_CTX *libctx, size_t slen,
+                                           int owfnid, size_t itercnt,
+                                           int macnid);
+int OSSL_CRMF_pbm_new(OPENSSL_CTX *libctx, const char *propq,
+                      const OSSL_CRMF_PBMPARAMETER *pbmp,
                       const unsigned char *msg, size_t msglen,
                       const unsigned char *sec, size_t seclen,
                       unsigned char **mac, size_t *maclen);
@@ -118,10 +120,12 @@ int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm, X509_EXTENSION *ext);
 #  define OSSL_CRMF_POPO_SIGNATURE  1
 #  define OSSL_CRMF_POPO_KEYENC     2
 #  define OSSL_CRMF_POPO_KEYAGREE   3
-int OSSL_CRMF_MSG_create_popo(OSSL_CRMF_MSG *crm, EVP_PKEY *pkey,
-                              int dgst, int ppmtd);
+int OSSL_CRMF_MSG_create_popo(int meth, OSSL_CRMF_MSG *crm,
+                              EVP_PKEY *pkey, const EVP_MD *digest,
+                              OPENSSL_CTX *libctx, const char *propq);
 int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs,
-                               int rid, int acceptRAVerified);
+                               int rid, int acceptRAVerified,
+                               OPENSSL_CTX *libctx, const char *propq);
 OSSL_CRMF_CERTTEMPLATE *OSSL_CRMF_MSG_get0_tmpl(const OSSL_CRMF_MSG *crm);
 ASN1_INTEGER
 *OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(const OSSL_CRMF_CERTTEMPLATE *tmpl);
@@ -137,6 +141,7 @@ int OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE *tmpl,
                                 const ASN1_INTEGER *serial);
 X509
 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecert,
+                                       OPENSSL_CTX *libctx, const char *propq,
                                        EVP_PKEY *pkey);
 
 #  ifdef __cplusplus
diff --git a/include/openssl/crmferr.h b/include/openssl/crmferr.h
index 17e5c85cc2..a4c194e094 100644
--- a/include/openssl/crmferr.h
+++ b/include/openssl/crmferr.h
@@ -10,6 +10,7 @@
 
 #ifndef OPENSSL_CRMFERR_H
 # define OPENSSL_CRMFERR_H
+# pragma once
 
 # include <openssl/opensslconf.h>
 # include <openssl/symhacks.h>
@@ -62,6 +63,7 @@ int ERR_load_CRMF_strings(void);
 #  define CRMF_R_ITERATIONCOUNT_BELOW_100                  108
 #  define CRMF_R_MALFORMED_IV                              101
 #  define CRMF_R_NULL_ARGUMENT                             109
+#  define CRMF_R_POPOSKINPUT_NOT_SUPPORTED                 113
 #  define CRMF_R_POPO_INCONSISTENT_PUBLIC_KEY              117
 #  define CRMF_R_POPO_MISSING                              121
 #  define CRMF_R_POPO_MISSING_PUBLIC_KEY                   118
@@ -70,7 +72,6 @@ int ERR_load_CRMF_strings(void);
 #  define CRMF_R_SETTING_MAC_ALGOR_FAILURE                 110
 #  define CRMF_R_SETTING_OWF_ALGOR_FAILURE                 111
 #  define CRMF_R_UNSUPPORTED_ALGORITHM                     112
-#  define CRMF_R_UNSUPPORTED_ALG_FOR_POPSIGNINGKEY         113
 #  define CRMF_R_UNSUPPORTED_CIPHER                        114
 #  define CRMF_R_UNSUPPORTED_METHOD_FOR_CREATING_POPO      115
 #  define CRMF_R_UNSUPPORTED_POPO_METHOD                   116
diff --git a/include/openssl/ec.h b/include/openssl/ec.h
index 35dbeb9301..822e3e9b28 100644
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@@ -1500,9 +1500,10 @@ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
 #  define EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN             (EVP_PKEY_ALG_CTRL + 8)
 #  define EVP_PKEY_CTRL_EC_KDF_UKM                    (EVP_PKEY_ALG_CTRL + 9)
 #  define EVP_PKEY_CTRL_GET_EC_KDF_UKM                (EVP_PKEY_ALG_CTRL + 10)
-#  define EVP_PKEY_CTRL_SET1_ID                       (EVP_PKEY_ALG_CTRL + 11)
-#  define EVP_PKEY_CTRL_GET1_ID                       (EVP_PKEY_ALG_CTRL + 12)
-#  define EVP_PKEY_CTRL_GET1_ID_LEN                   (EVP_PKEY_ALG_CTRL + 13)
+/* TODO move next three #defines to evp.h when 'breaking' change is possible */
+#  define EVP_PKEY_CTRL_SET1_ID                       15
+#  define EVP_PKEY_CTRL_GET1_ID                       16
+#  define EVP_PKEY_CTRL_GET1_ID_LEN                   17
 
 /* KDF types */
 #  define EVP_PKEY_ECDH_KDF_NONE                      1
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 189112efaa..62015a7b1b 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -1446,13 +1446,13 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
 void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
                             int (*item_verify) (EVP_MD_CTX *ctx,
                                                 const ASN1_ITEM *it,
-                                                void *asn,
-                                                X509_ALGOR *a,
-                                                ASN1_BIT_STRING *sig,
+                                                const void *data,
+                                                const X509_ALGOR *a,
+                                                const ASN1_BIT_STRING *sig,
                                                 EVP_PKEY *pkey),
                             int (*item_sign) (EVP_MD_CTX *ctx,
                                               const ASN1_ITEM *it,
-                                              void *asn,
+                                              const void *data,
                                               X509_ALGOR *alg1,
                                               X509_ALGOR *alg2,
                                               ASN1_BIT_STRING *sig));
@@ -1532,28 +1532,20 @@ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
 
 # define EVP_PKEY_CTRL_MD                1
 # define EVP_PKEY_CTRL_PEER_KEY          2
-
 # define EVP_PKEY_CTRL_PKCS7_ENCRYPT     3
 # define EVP_PKEY_CTRL_PKCS7_DECRYPT     4
-
 # define EVP_PKEY_CTRL_PKCS7_SIGN        5
-
 # define EVP_PKEY_CTRL_SET_MAC_KEY       6
-
 # define EVP_PKEY_CTRL_DIGESTINIT        7
-
 /* Used by GOST key encryption in TLS */
 # define EVP_PKEY_CTRL_SET_IV            8
-
 # define EVP_PKEY_CTRL_CMS_ENCRYPT       9
 # define EVP_PKEY_CTRL_CMS_DECRYPT       10
 # define EVP_PKEY_CTRL_CMS_SIGN          11
-
 # define EVP_PKEY_CTRL_CIPHER            12
-
 # define EVP_PKEY_CTRL_GET_MD            13
-
 # define EVP_PKEY_CTRL_SET_DIGEST_SIZE   14
+/* TODO move here three #defines of EVP_PKEY_CTRL_*ET1_ID* from ec.h */
 
 # define EVP_PKEY_ALG_CTRL               0x1000
 
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index c373fc9845..9aef28c954 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -621,33 +621,30 @@ X509_INFO *X509_INFO_new(void);
 void X509_INFO_free(X509_INFO *a);
 char *X509_NAME_oneline(const X509_NAME *a, char *buf, int size);
 
+/* TODO move this block of decls to asn1.h when 'breaking change' is possible */
 DEPRECATEDIN_3_0(int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *algor1,
                                  ASN1_BIT_STRING *signature, char *data,
                                  EVP_PKEY *pkey))
-
 DEPRECATEDIN_3_0(int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type,
                                  char *data,
                                  unsigned char *md, unsigned int *len))
-
 DEPRECATEDIN_3_0(int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1,
                                X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
                                char *data, EVP_PKEY *pkey, const EVP_MD *type))
-
 int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *data,
                      unsigned char *md, unsigned int *len);
-
-int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1,
-                     ASN1_BIT_STRING *signature, void *data, EVP_PKEY *pkey);
-int ASN1_item_verify_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
-                         ASN1_BIT_STRING *signature, void *data,
+int ASN1_item_verify(const ASN1_ITEM *it, const X509_ALGOR *alg,
+                     const ASN1_BIT_STRING *signature, const void *data,
+                     EVP_PKEY *pkey);
+int ASN1_item_verify_ctx(const ASN1_ITEM *it, const X509_ALGOR *alg,
+                         const ASN1_BIT_STRING *signature, const void *data,
                          EVP_MD_CTX *ctx);
-
-int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
-                   X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *data,
-                   EVP_PKEY *pkey, const EVP_MD *type);
+int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
+                   ASN1_BIT_STRING *signature, const void *data,
+                   EVP_PKEY *pkey, const EVP_MD *md);
 int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
                        X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
-                       void *asn, EVP_MD_CTX *ctx);
+                       const void *data, EVP_MD_CTX *ctx);
 
 long X509_get_version(const X509 *x);
 int X509_set_version(X509 *x, long version);
diff --git a/test/build.info b/test/build.info
index 11fce8e279..3ad16b51b1 100644
--- a/test/build.info
+++ b/test/build.info
@@ -22,7 +22,7 @@ IF[{- !$disabled{tests} -}]
           testutil/driver.c testutil/tests.c testutil/cb.c testutil/stanza.c \
           testutil/format_output.c \
           testutil/test_cleanup.c testutil/main.c testutil/testutil_init.c \
-          testutil/options.c testutil/test_options.c \
+          testutil/options.c testutil/test_options.c testutil/provider.c \
           testutil/apps_mem.c testutil/random.c $LIBAPPSSRC
   INCLUDE[libtestutil.a]=../include ../apps/include ..
   DEPEND[libtestutil.a]=../libcrypto
diff --git a/test/cipherlist_test.c b/test/cipherlist_test.c
index f850d7bbe9..0f337b4054 100644
--- a/test/cipherlist_test.c
+++ b/test/cipherlist_test.c
@@ -199,8 +199,6 @@ static int execute_test(CIPHERLIST_TEST_FIXTURE *fixture)
 static int test_default_cipherlist_implicit(void)
 {
     SETUP_CIPHERLIST_TEST_FIXTURE();
-    if (fixture == NULL)
-        return 0;
     EXECUTE_CIPHERLIST_TEST();
     return result;
 }
@@ -208,8 +206,6 @@ static int test_default_cipherlist_implicit(void)
 static int test_default_cipherlist_explicit(void)
 {
     SETUP_CIPHERLIST_TEST_FIXTURE();
-    if (fixture == NULL)
-        return 0;
     if (!TEST_true(SSL_CTX_set_cipher_list(fixture->server, "DEFAULT"))
             || !TEST_true(SSL_CTX_set_cipher_list(fixture->client, "DEFAULT")))
         tear_down(fixture);
@@ -220,11 +216,8 @@ static int test_default_cipherlist_explicit(void)
 /* SSL_CTX_set_cipher_list() should fail if it clears all TLSv1.2 ciphers. */
 static int test_default_cipherlist_clear(void)
 {
-    SETUP_CIPHERLIST_TEST_FIXTURE();
     SSL *s = NULL;
-
-    if (fixture == NULL)
-        return 0;
+    SETUP_CIPHERLIST_TEST_FIXTURE();
 
     if (!TEST_int_eq(SSL_CTX_set_cipher_list(fixture->server, "no-such"), 0))
         goto end;
diff --git a/test/cmp_client_test.c b/test/cmp_client_test.c
index d305eb5610..9fb3050ac0 100644
--- a/test/cmp_client_test.c
+++ b/test/cmp_client_test.c
@@ -33,6 +33,9 @@ typedef struct test_fixture {
     STACK_OF(X509) *caPubs;
 } CMP_SES_TEST_FIXTURE;
 
+static OPENSSL_CTX *libctx = NULL;
+static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL;
+
 static EVP_PKEY *server_key = NULL;
 static X509 *server_cert = NULL;
 static EVP_PKEY *client_key = NULL;
@@ -62,7 +65,7 @@ static CMP_SES_TEST_FIXTURE *set_up(const char *const test_case_name)
     if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture))))
         return NULL;
     fixture->test_case_name = test_case_name;
-    if (!TEST_ptr(fixture->srv_ctx = ossl_cmp_mock_srv_new())
+    if (!TEST_ptr(fixture->srv_ctx = ossl_cmp_mock_srv_new(libctx, NULL))
             || !OSSL_CMP_SRV_CTX_set_accept_unprotected(fixture->srv_ctx, 1)
             || !ossl_cmp_mock_srv_set1_certOut(fixture->srv_ctx, client_cert)
             || (srv_cmp_ctx =
@@ -70,7 +73,7 @@ static CMP_SES_TEST_FIXTURE *set_up(const char *const test_case_name)
             || !OSSL_CMP_CTX_set1_cert(srv_cmp_ctx, server_cert)
             || !OSSL_CMP_CTX_set1_pkey(srv_cmp_ctx, server_key))
         goto err;
-    if (!TEST_ptr(fixture->cmp_ctx = ctx = OSSL_CMP_CTX_new())
+    if (!TEST_ptr(fixture->cmp_ctx = ctx = OSSL_CMP_CTX_new(libctx, NULL))
             || !OSSL_CMP_CTX_set_log_cb(fixture->cmp_ctx, print_to_bio_out)
             || !OSSL_CMP_CTX_set_transfer_cb(ctx, OSSL_CMP_CTX_server_perform)
             || !OSSL_CMP_CTX_set_transfer_cb_arg(ctx, fixture->srv_ctx)
@@ -343,9 +346,13 @@ void cleanup_tests(void)
     EVP_PKEY_free(server_key);
     X509_free(client_cert);
     EVP_PKEY_free(client_key);
+    OPENSSL_CTX_free(libctx);
     return;
 }
 
+#define USAGE "server.key server.crt client.key client.crt client.csr module_name [module_conf_file]\n"
+OPT_TEST_DECLARE_USAGE(USAGE)
+
 int setup_tests(void)
 {
     if (!test_skip_common_options()) {
@@ -358,15 +365,18 @@ int setup_tests(void)
             || !TEST_ptr(client_key_f = test_get_argument(2))
             || !TEST_ptr(client_cert_f = test_get_argument(3))
             || !TEST_ptr(pkcs10_f = test_get_argument(4))) {
-        TEST_error("usage: cmp_client_test server.key server.crt client.key client.crt client.csr\n");
+        TEST_error("usage: cmp_client_test %s", USAGE);
         return 0;
     }
 
+    if (!test_get_libctx(&libctx, &default_null_provider, &provider, 5, USAGE))
+        return 0;
+
     if (!TEST_ptr(server_key = load_pem_key(server_key_f))
-            || !TEST_ptr(server_cert = load_pem_cert(server_cert_f))
+            || !TEST_ptr(server_cert = load_pem_cert(server_cert_f, libctx))
             || !TEST_ptr(client_key = load_pem_key(client_key_f))
-            || !TEST_ptr(client_cert = load_pem_cert(client_cert_f))
-            || !TEST_int_eq(1, RAND_bytes(ref, sizeof(ref)))) {
+            || !TEST_ptr(client_cert = load_pem_cert(client_cert_f, libctx))
+            || !TEST_int_eq(1, RAND_bytes_ex(libctx, ref, sizeof(ref)))) {
         cleanup_tests();
         return 0;
     }
diff --git a/test/cmp_ctx_test.c b/test/cmp_ctx_test.c
index 898053424e..184e5bf498 100644
--- a/test/cmp_ctx_test.c
+++ b/test/cmp_ctx_test.c
@@ -37,7 +37,7 @@ static OSSL_CMP_CTX_TEST_FIXTURE *set_up(const char *const test_case_name)
 
     if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture))))
         return NULL;
-    if (!TEST_ptr(fixture->ctx = OSSL_CMP_CTX_new())) {
+    if (!TEST_ptr(fixture->ctx = OSSL_CMP_CTX_new(NULL, NULL))) {
         tear_down(fixture);
         return NULL;
     }
diff --git a/test/cmp_hdr_test.c b/test/cmp_hdr_test.c
index cd30c49762..4dcf998e26 100644
--- a/test/cmp_hdr_test.c
+++ b/test/cmp_hdr_test.c
@@ -38,7 +38,7 @@ static CMP_HDR_TEST_FIXTURE *set_up(const char *const test_case_name)
     if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture))))
         return NULL;
     fixture->test_case_name = test_case_name;
-    if (!TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new()))
+    if (!TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(NULL, NULL)))
         goto err;
     if (!TEST_ptr(fixture->hdr = OSSL_CMP_PKIHEADER_new()))
         goto err;
@@ -402,9 +402,10 @@ static int execute_HDR_init_test(CMP_HDR_TEST_FIXTURE *fixture)
 
 static int test_HDR_init_with_ref(void)
 {
-    SETUP_TEST_FIXTURE(CMP_HDR_TEST_FIXTURE, set_up);
     unsigned char ref[CMP_TEST_REFVALUE_LENGTH];
 
+    SETUP_TEST_FIXTURE(CMP_HDR_TEST_FIXTURE, set_up);
+
     fixture->expected = 1;
     if (!TEST_int_eq(1, RAND_bytes(ref, sizeof(ref)))
             || !TEST_true(OSSL_CMP_CTX_set1_referenceValue(fixture->cmp_ctx,
@@ -418,9 +419,9 @@ static int test_HDR_init_with_ref(void)
 
 static int test_HDR_init_with_subject(void)
 {
-    SETUP_TEST_FIXTURE(CMP_HDR_TEST_FIXTURE, set_up);
     X509_NAME *subject = NULL;
 
+    SETUP_TEST_FIXTURE(CMP_HDR_TEST_FIXTURE, set_up);
     fixture->expected = 1;
     if (!TEST_ptr(subject = X509_NAME_new())
             || !TEST_true(X509_NAME_ADD(subject, "CN", "Common Name"))
diff --git a/test/cmp_msg_test.c b/test/cmp_msg_test.c
index 92989f95e1..b9309a6983 100644
--- a/test/cmp_msg_test.c
+++ b/test/cmp_msg_test.c
@@ -13,6 +13,7 @@
 
 DEFINE_STACK_OF(OSSL_CMP_CERTRESPONSE)
 
+static const char *newkey_f;
 static const char *server_cert_f;
 static const char *pkcs10_f;
 
@@ -31,6 +32,19 @@ typedef struct test_fixture {
     OSSL_CMP_PKISI *si;
 } CMP_MSG_TEST_FIXTURE;
 
+static OPENSSL_CTX *libctx = NULL;
+static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL;
+
+/* TODO(3.0) Clean this up - See issue #12680 */
+static X509 *X509_dup_with_libctx(const X509 *cert)
+{
+    X509 *dup = X509_dup(cert);
+
+    if (dup != NULL)
+        x509_set0_libctx(dup, libctx, NULL);
+    return dup;
+}
+
 static unsigned char ref[CMP_TEST_REFVALUE_LENGTH];
 
 static void tear_down(CMP_MSG_TEST_FIXTURE *fixture)
@@ -51,7 +65,7 @@ static CMP_MSG_TEST_FIXTURE *set_up(const char *const test_case_name)
         return NULL;
     fixture->test_case_name = test_case_name;
 
-    if (!TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new())
+    if (!TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(libctx, NULL))
             || !TEST_true(SET_OPT_UNPROTECTED_SEND(fixture->cmp_ctx, 1))
             || !TEST_true(OSSL_CMP_CTX_set1_referenceValue(fixture->cmp_ctx,
                                                            ref, sizeof(ref)))) {
@@ -137,14 +151,16 @@ static int set1_newPkey(OSSL_CMP_CTX *ctx, EVP_PKEY *pkey)
 
 static int test_cmp_create_ir_protection_set(void)
 {
-    SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
-    OSSL_CMP_CTX *ctx = fixture->cmp_ctx;
+    OSSL_CMP_CTX *ctx;
     unsigned char secret[16];
 
+    SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
+
+    ctx = fixture->cmp_ctx;
     fixture->bodytype = OSSL_CMP_PKIBODY_IR;
     fixture->err_code = -1;
     fixture->expected = 1;
-    if (!TEST_int_eq(1, RAND_bytes(secret, sizeof(secret)))
+    if (!TEST_int_eq(1, RAND_bytes_ex(libctx, secret, sizeof(secret)))
             || !TEST_true(SET_OPT_UNPROTECTED_SEND(ctx, 0))
             || !TEST_true(set1_newPkey(ctx, newkey))
             || !TEST_true(OSSL_CMP_CTX_set1_secretValue(ctx, secret,
@@ -213,10 +229,11 @@ static int test_cmp_create_certreq_with_invalid_bodytype(void)
 
 static int test_cmp_create_p10cr(void)
 {
-    SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
-    OSSL_CMP_CTX *ctx = fixture->cmp_ctx;
+    OSSL_CMP_CTX *ctx;
     X509_REQ *p10cr = NULL;
 
+    SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
+    ctx = fixture->cmp_ctx;
     fixture->bodytype = OSSL_CMP_PKIBODY_P10CR;
     fixture->err_code = CMP_R_ERROR_CREATING_CERTREQ;
     fixture->expected = 1;
@@ -280,7 +297,7 @@ static int test_cmp_create_certconf(void)
     fixture->fail_info = 0;
     fixture->expected = 1;
     if (!TEST_true(ossl_cmp_ctx_set0_newCert(fixture->cmp_ctx,
-                                             X509_dup(cert)))) {
+                                             X509_dup_with_libctx(cert)))) {
         tear_down(fixture);
         fixture = NULL;
     }
@@ -294,7 +311,7 @@ static int test_cmp_create_certconf_badAlg(void)
     fixture->fail_info = 1 << OSSL_CMP_PKIFAILUREINFO_badAlg;
     fixture->expected = 1;
     if (!TEST_true(ossl_cmp_ctx_set0_newCert(fixture->cmp_ctx,
-                                             X509_dup(cert)))) {
+                                             X509_dup_with_libctx(cert)))) {
         tear_down(fixture);
         fixture = NULL;
     }
@@ -308,7 +325,7 @@ static int test_cmp_create_certconf_fail_info_max(void)
     fixture->fail_info = 1 << OSSL_CMP_PKIFAILUREINFO_MAX;
     fixture->expected = 1;
     if (!TEST_true(ossl_cmp_ctx_set0_newCert(fixture->cmp_ctx,
-                                             X509_dup(cert)))) {
+                                             X509_dup_with_libctx(cert)))) {
         tear_down(fixture);
         fixture = NULL;
     }
@@ -373,6 +390,7 @@ static int test_cmp_create_genm(void)
 
 static int execute_certrep_create(CMP_MSG_TEST_FIXTURE *fixture)
 {
+    OSSL_CMP_CTX *ctx = fixture->cmp_ctx;
     OSSL_CMP_CERTREPMESSAGE *crepmsg = OSSL_CMP_CERTREPMESSAGE_new();
     OSSL_CMP_CERTRESPONSE *read_cresp, *cresp = OSSL_CMP_CERTRESPONSE_new();
     EVP_PKEY *privkey;
@@ -388,7 +406,7 @@ static int execute_certrep_create(CMP_MSG_TEST_FIXTURE *fixture)
     cresp->certifiedKeyPair->certOrEncCert->type =
         OSSL_CMP_CERTORENCCERT_CERTIFICATE;
     if ((cresp->certifiedKeyPair->certOrEncCert->value.certificate =
-         X509_dup(cert)) == NULL
+         X509_dup_with_libctx(cert)) == NULL
             || !sk_OSSL_CMP_CERTRESPONSE_push(crepmsg->response, cresp))
         goto err;
     cresp = NULL;
@@ -397,8 +415,8 @@ static int execute_certrep_create(CMP_MSG_TEST_FIXTURE *fixture)
         goto err;
     if (!TEST_ptr_null(ossl_cmp_certrepmessage_get0_certresponse(crepmsg, 88)))
         goto err;
-    privkey = OSSL_CMP_CTX_get0_newPkey(fixture->cmp_ctx, 1); /* may be NULL */
-    certfromresp = ossl_cmp_certresponse_get1_certificate(privkey, read_cresp);
+    privkey = OSSL_CMP_CTX_get0_newPkey(ctx, 1); /* may be NULL */
+    certfromresp = ossl_cmp_certresponse_get1_cert(read_cresp, ctx, privkey);
     if (certfromresp == NULL || !TEST_int_eq(X509_cmp(cert, certfromresp), 0))
         goto err;
 
@@ -534,8 +552,12 @@ void cleanup_tests(void)
 {
     EVP_PKEY_free(newkey);
     X509_free(cert);
+    OPENSSL_CTX_free(libctx);
 }
 
+#define USAGE "new.key server.crt pkcs10.der module_name [module_conf_file]\n"
+OPT_TEST_DECLARE_USAGE(USAGE)
+
 int setup_tests(void)
 {
     if (!test_skip_common_options()) {
@@ -543,15 +565,19 @@ int setup_tests(void)
         return 0;
     }
 
-    if (!TEST_ptr(server_cert_f = test_get_argument(0))
-            || !TEST_ptr(pkcs10_f = test_get_argument(1))) {
-        TEST_error("usage: cmp_msg_test server.crt pkcs10.der\n");
+    if (!TEST_ptr(newkey_f = test_get_argument(0))
+            || !TEST_ptr(server_cert_f = test_get_argument(1))
+            || !TEST_ptr(pkcs10_f = test_get_argument(2))) {
+        TEST_error("usage: cmp_msg_test %s", USAGE);
         return 0;
     }
 
-    if (!TEST_ptr(newkey = gen_rsa())
-            || !TEST_ptr(cert = load_pem_cert(server_cert_f))
-            || !TEST_int_eq(1, RAND_bytes(ref, sizeof(ref)))) {
+    if (!test_get_libctx(&libctx, &default_null_provider, &provider, 3, USAGE))
+        return 0;
+
+    if (!TEST_ptr(newkey = load_pem_key(newkey_f))
+            || !TEST_ptr(cert = load_pem_cert(server_cert_f, libctx))
+            || !TEST_int_eq(1, RAND_bytes_ex(libctx, ref, sizeof(ref)))) {
         cleanup_tests();
         return 0;
     }
diff --git a/test/cmp_protect_test.c b/test/cmp_protect_test.c
index 1d1e009aca..6413c20a23 100644
--- a/test/cmp_protect_test.c
+++ b/test/cmp_protect_test.c
@@ -23,8 +23,6 @@ typedef struct test_fixture {
     /* for protection tests */
     OSSL_CMP_MSG *msg;
     OSSL_CMP_PKISI *si; /* for error and response messages */
-    ASN1_OCTET_STRING *secret;
-    EVP_PKEY *privkey;
     EVP_PKEY *pubkey;
     unsigned char *mem;
     int memlen;
@@ -35,11 +33,13 @@ typedef struct test_fixture {
     int expected;
 } CMP_PROTECT_TEST_FIXTURE;
 
+static OPENSSL_CTX *libctx = NULL;
+static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL;
+
 static void tear_down(CMP_PROTECT_TEST_FIXTURE *fixture)
 {
     OSSL_CMP_CTX_free(fixture->cmp_ctx);
     OSSL_CMP_MSG_free(fixture->msg);
-    ASN1_OCTET_STRING_free(fixture->secret);
     OSSL_CMP_PKISI_free(fixture->si);
 
     OPENSSL_free(fixture->mem);
@@ -56,7 +56,7 @@ static CMP_PROTECT_TEST_FIXTURE *set_up(const char *const test_case_name)
     if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture))))
         return NULL;
     fixture->test_case_name = test_case_name;
-    if (!TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new())) {
+    if (!TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(libctx, NULL))) {
         tear_down(fixture);
         return NULL;
     }
@@ -75,8 +75,7 @@ static X509 *endentity1 = NULL, *endentity2 = NULL,
 static int execute_calc_protection_fails_test(CMP_PROTECT_TEST_FIXTURE *fixture)
 {
     ASN1_BIT_STRING *protection =
-        ossl_cmp_calc_protection(fixture->msg, fixture->secret,
-                                 fixture->privkey);
+        ossl_cmp_calc_protection(fixture->cmp_ctx, fixture->msg);
     int res = TEST_ptr_null(protection);
 
     ASN1_BIT_STRING_free(protection);
@@ -86,7 +85,7 @@ static int execute_calc_protection_fails_test(CMP_PROTECT_TEST_FIXTURE *fixture)
 static int execute_calc_protection_pbmac_test(CMP_PROTECT_TEST_FIXTURE *fixture)
 {
     ASN1_BIT_STRING *protection =
-        ossl_cmp_calc_protection(fixture->msg, fixture->secret, NULL);
+        ossl_cmp_calc_protection(fixture->cmp_ctx, fixture->msg);
     int res = TEST_ptr(protection)
             && TEST_true(ASN1_STRING_cmp(protection,
                                          fixture->msg->protection) == 0);
@@ -101,13 +100,12 @@ static int execute_calc_protection_pbmac_test(CMP_PROTECT_TEST_FIXTURE *fixture)
  */
 static int verify_signature(OSSL_CMP_MSG *msg,
                             ASN1_BIT_STRING *protection,
-                            EVP_PKEY *pkey, int digest_nid)
+                            EVP_PKEY *pkey, EVP_MD *digest)
 {
     OSSL_CMP_PROTECTEDPART prot_part;
     unsigned char *prot_part_der = NULL;
     int len;
     EVP_MD_CTX *ctx = NULL;
-    const EVP_MD *digest = EVP_get_digestbynid(digest_nid);
     int res;
 
     prot_part.header = OSSL_CMP_MSG_get0_header(msg);
@@ -131,7 +129,7 @@ static int execute_calc_protection_signature_test(CMP_PROTECT_TEST_FIXTURE *
                                                   fixture)
 {
     ASN1_BIT_STRING *protection =
-        ossl_cmp_calc_protection(fixture->msg, NULL, fixture->privkey);
+        ossl_cmp_calc_protection(fixture->cmp_ctx, fixture->msg);
     int ret = (TEST_ptr(protection)
                    && TEST_true(ASN1_STRING_cmp(protection,
                                                 fixture->msg->protection) == 0)
@@ -161,8 +159,8 @@ static int test_cmp_calc_protection_pkey(void)
 {
     SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
     fixture->pubkey = loadedpubkey;
-    fixture->privkey = loadedprivkey;
-    if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f))) {
+    if (!TEST_true(OSSL_CMP_CTX_set1_pkey(fixture->cmp_ctx, loadedprivkey))
+            || !TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f))) {
         tear_down(fixture);
         fixture = NULL;
     }
@@ -175,9 +173,8 @@ static int test_cmp_calc_protection_pbmac(void)
     unsigned char sec_insta[] = { 'i', 'n', 's', 't', 'a' };
 
     SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
-    if (!TEST_ptr(fixture->secret = ASN1_OCTET_STRING_new())
-            || !TEST_true(ASN1_OCTET_STRING_set
-                          (fixture->secret, sec_insta, sizeof(sec_insta)))
+    if (!TEST_true(OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx,
+                                                 sec_insta, sizeof(sec_insta)))
             || !TEST_ptr(fixture->msg = load_pkimsg(ip_PBM_f))) {
         tear_down(fixture);
         fixture = NULL;
@@ -214,8 +211,7 @@ static int test_MSG_protect_with_msg_sig_alg_protection_plus_rsa_key(void)
     SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
     fixture->expected = 1;
 
-    if (!TEST_ptr(fixture->msg =
-                  OSSL_CMP_MSG_dup(ir_unprotected))
+    if (!TEST_ptr(fixture->msg = OSSL_CMP_MSG_dup(ir_unprotected))
             || !TEST_true(SET_OPT_UNPROTECTED_SEND(fixture->cmp_ctx, 0))
             /*
              * Use half of the 16 bytes of random input
@@ -252,9 +248,10 @@ static int test_MSG_protect_with_certificate_and_key(void)
 
 static int test_MSG_protect_certificate_based_without_cert(void)
 {
-    SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
-    OSSL_CMP_CTX *ctx = fixture->cmp_ctx;
+    OSSL_CMP_CTX *ctx;
 
+    SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
+    ctx = fixture->cmp_ctx;
     fixture->expected = 0;
     if (!TEST_ptr(fixture->msg =
                   OSSL_CMP_MSG_dup(ir_unprotected))
@@ -334,14 +331,16 @@ static int test_MSG_add_extraCerts(void)
 /* The cert chain tests use EC certs so we skip them in no-ec builds */
 static int execute_cmp_build_cert_chain_test(CMP_PROTECT_TEST_FIXTURE *fixture)
 {
-    STACK_OF(X509) *result = NULL;
     int ret = 0;
+    OSSL_CMP_CTX *ctx = fixture->cmp_ctx;
+    STACK_OF(X509) *chain =
+        ossl_cmp_build_cert_chain(ctx->libctx, ctx->propq,
+                                  fixture->certs, fixture->cert);
 
-    if (TEST_ptr(result = ossl_cmp_build_cert_chain(fixture->certs,
-                                                    fixture->cert))) {
+    if (TEST_ptr(chain)) {
         /* Check whether chain built is equal to the expected one */
-        ret = TEST_int_eq(0, STACK_OF_X509_cmp(result, fixture->chain));
-        sk_X509_pop_free(result, X509_free);
+        ret = TEST_int_eq(0, STACK_OF_X509_cmp(chain, fixture->chain));
+        sk_X509_pop_free(chain, X509_free);
     }
     return ret;
 }
@@ -481,9 +480,14 @@ void cleanup_tests(void)
     X509_free(intermediate);
     OSSL_CMP_MSG_free(ir_protected);
     OSSL_CMP_MSG_free(ir_unprotected);
-
+    OPENSSL_CTX_free(libctx);
 }
 
+#define USAGE "server.pem IR_protected.der IR_unprotected.der IP_PBM.der " \
+    "server.crt server.pem EndEntity1.crt EndEntity2.crt Root_CA.crt " \
+    "Intermediate_CA.crt module_name [module_conf_file]\n"
+OPT_TEST_DECLARE_USAGE(USAGE)
+
 int setup_tests(void)
 {
     char *server_f;
@@ -510,15 +514,15 @@ int setup_tests(void)
             || !TEST_ptr(endentity2_f = test_get_argument(7))
             || !TEST_ptr(root_f = test_get_argument(8))
             || !TEST_ptr(intermediate_f = test_get_argument(9))) {
-        TEST_error("usage: cmp_protect_test server.pem "
-                   "IR_protected.der IR_unprotected.der IP_PBM.der "
-                   "server.crt server.pem"
-                   "EndEntity1.crt EndEntity2.crt "
-                   "Root_CA.crt Intermediate_CA.crt\n");
+        TEST_error("usage: cmp_protect_test %s", USAGE);
         return 0;
     }
+
+    if (!test_get_libctx(&libctx, &default_null_provider, &provider, 10, USAGE))
+        return 0;
+
     if (!TEST_ptr(loadedkey = load_pem_key(server_key_f))
-            || !TEST_ptr(cert = load_pem_cert(server_cert_f)))
+            || !TEST_ptr(cert = load_pem_cert(server_cert_f, libctx)))
         return 0;
 
     if (!TEST_ptr(loadedprivkey = load_pem_key(server_f)))
@@ -528,10 +532,10 @@ int setup_tests(void)
     if (!TEST_ptr(ir_protected = load_pkimsg(ir_protected_f))
             || !TEST_ptr(ir_unprotected = load_pkimsg(ir_unprotected_f)))
         return 0;
-    if (!TEST_ptr(endentity1 = load_pem_cert(endentity1_f))
-            || !TEST_ptr(endentity2 = load_pem_cert(endentity2_f))
-            || !TEST_ptr(root = load_pem_cert(root_f))
-            || !TEST_ptr(intermediate = load_pem_cert(intermediate_f)))
+    if (!TEST_ptr(endentity1 = load_pem_cert(endentity1_f, libctx))
+            || !TEST_ptr(endentity2 = load_pem_cert(endentity2_f, libctx))
+            || !TEST_ptr(root = load_pem_cert(root_f, libctx))
+            || !TEST_ptr(intermediate = load_pem_cert(intermediate_f, libctx)))
         return 0;
     if (!TEST_int_eq(1, RAND_bytes(rand_data, OSSL_CMP_TRANSACTIONID_LENGTH)))
         return 0;
diff --git a/test/cmp_server_test.c b/test/cmp_server_test.c
index 13159299e9..4b3525d7bd 100644
--- a/test/cmp_server_test.c
+++ b/test/cmp_server_test.c
@@ -18,6 +18,8 @@ typedef struct test_fixture {
     OSSL_CMP_MSG *req;
 } CMP_SRV_TEST_FIXTURE;
 
+static OPENSSL_CTX *libctx = NULL;
+static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL;
 static OSSL_CMP_MSG *request = NULL;
 
 static void tear_down(CMP_SRV_TEST_FIXTURE *fixture)
@@ -33,7 +35,7 @@ static CMP_SRV_TEST_FIXTURE *set_up(const char *const test_case_name)
     if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture))))
         return NULL;
     fixture->test_case_name = test_case_name;
-    if (!TEST_ptr(fixture->srv_ctx = OSSL_CMP_SRV_CTX_new()))
+    if (!TEST_ptr(fixture->srv_ctx = OSSL_CMP_SRV_CTX_new(libctx, NULL)))
         goto err;
     return fixture;
 
@@ -67,7 +69,7 @@ static int execute_test_handle_request(CMP_SRV_TEST_FIXTURE *fixture)
     OSSL_CMP_ERRORMSGCONTENT *errorContent;
     int res = 0;
 
-    if (!TEST_ptr(client_ctx = OSSL_CMP_CTX_new())
+    if (!TEST_ptr(client_ctx = OSSL_CMP_CTX_new(libctx, NULL))
             || !TEST_true(OSSL_CMP_CTX_set_transfer_cb_arg(client_ctx, ctx)))
         goto end;
 
@@ -119,9 +121,16 @@ static int test_handle_request(void)
 void cleanup_tests(void)
 {
     OSSL_CMP_MSG_free(request);
+    OSSL_PROVIDER_unload(default_null_provider);
+    OSSL_PROVIDER_unload(provider);
+    OPENSSL_CTX_free(libctx);
     return;
 }
 
+#define USAGE \
+    "CR_protected_PBM_1234.der module_name [module_conf_file]\n"
+OPT_TEST_DECLARE_USAGE(USAGE)
+
 int setup_tests(void)
 {
     const char *request_f;
@@ -132,10 +141,13 @@ int setup_tests(void)
     }
 
     if (!TEST_ptr(request_f = test_get_argument(0))) {
-        TEST_error("usage: cmp_server_test CR_protected_PBM_1234.der\n");
+        TEST_error("usage: cmp_server_test %s", USAGE);
         return 0;
     }
 
+    if (!test_get_libctx(&libctx, &default_null_provider, &provider, 1, USAGE))
+        return 0;
+
     if (!TEST_ptr(request = load_pkimsg(request_f))) {
         cleanup_tests();
         return 0;
diff --git a/test/cmp_testlib.c b/test/cmp_testlib.c
index ef33aa8e83..ffa43cd81c 100644
--- a/test/cmp_testlib.c
+++ b/test/cmp_testlib.c
@@ -28,15 +28,16 @@ EVP_PKEY *load_pem_key(const char *file)
     return key;
 }
 
-X509 *load_pem_cert(const char *file)
+X509 *load_pem_cert(const char *file, OPENSSL_CTX *libctx)
 {
     X509 *cert = NULL;
     BIO *bio = NULL;
 
     if (!TEST_ptr(bio = BIO_new(BIO_s_file())))
         return NULL;
-    if (TEST_int_gt(BIO_read_filename(bio, file), 0))
-        (void)TEST_ptr(cert = PEM_read_bio_X509(bio, NULL, NULL, NULL));
+    if (TEST_int_gt(BIO_read_filename(bio, file), 0)
+            && TEST_ptr(cert = X509_new_with_libctx(libctx, NULL)))
+        (void)TEST_ptr(cert = PEM_read_bio_X509(bio, &cert, NULL, NULL));
 
     BIO_free(bio);
     return cert;
@@ -62,19 +63,6 @@ X509_REQ *load_csr(const char *file)
     return csr;
 }
 
-EVP_PKEY *gen_rsa(void)
-{
-    EVP_PKEY_CTX *ctx = NULL;
-    EVP_PKEY *pkey = NULL;
-
-    (void)(TEST_ptr(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL))
-               && TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
-               && TEST_int_gt(EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048), 0)
-               && TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0));
-    EVP_PKEY_CTX_free(ctx);
-    return pkey;
-}
-
 /*
  * Checks whether the syntax of msg conforms to ASN.1
  */
diff --git a/test/cmp_testlib.h b/test/cmp_testlib.h
index 9277510579..e24074cdd7 100644
--- a/test/cmp_testlib.h
+++ b/test/cmp_testlib.h
@@ -15,6 +15,7 @@
 # include <openssl/cmp.h>
 # include <openssl/pem.h>
 # include <openssl/rand.h>
+# include "crypto/x509.h" /* for x509_set0_libctx() and x509_dup_with_libctx() */
 
 # include "../crypto/cmp/cmp_local.h"
 
@@ -23,11 +24,10 @@
 # ifndef OPENSSL_NO_CMP
 #  define CMP_TEST_REFVALUE_LENGTH 15 /* arbitrary value */
 EVP_PKEY *load_pem_key(const char *file);
-X509 *load_pem_cert(const char *file);
+X509 *load_pem_cert(const char *file, OPENSSL_CTX *libctx);
 X509_REQ *load_csr(const char *file);
 OSSL_CMP_MSG *load_pkimsg(const char *file);
 int valid_asn1_encoding(const OSSL_CMP_MSG *msg);
-EVP_PKEY *gen_rsa(void);
 int STACK_OF_X509_cmp(const STACK_OF(X509) *sk1, const STACK_OF(X509) *sk2);
 int STACK_OF_X509_push1(STACK_OF(X509) *sk, X509 *cert);
 int print_to_bio_out(const char *func, const char *file, int line,
diff --git a/test/cmp_vfy_test.c b/test/cmp_vfy_test.c
index fcecca2500..1aec50d657 100644
--- a/test/cmp_vfy_test.c
+++ b/test/cmp_vfy_test.c
@@ -38,6 +38,9 @@ typedef struct test_fixture {
     int additional_arg;
 } CMP_VFY_TEST_FIXTURE;
 
+static OPENSSL_CTX *libctx = NULL;
+static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL;
+
 static void tear_down(CMP_VFY_TEST_FIXTURE *fixture)
 {
     OSSL_CMP_MSG_free(fixture->msg);
@@ -56,7 +59,7 @@ static CMP_VFY_TEST_FIXTURE *set_up(const char *const test_case_name)
         return NULL;
     fixture->test_case_name = test_case_name;
     if (ts == NULL
-            || !TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new())
+            || !TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(libctx, NULL))
             || !OSSL_CMP_CTX_set0_trustedStore(fixture->cmp_ctx, ts)
             || !OSSL_CMP_CTX_set_log_cb(fixture->cmp_ctx, print_to_bio_out)) {
         tear_down(fixture);
@@ -98,7 +101,7 @@ static int execute_verify_popo_test(CMP_VFY_TEST_FIXTURE *fixture)
             return 0;
     }
     return TEST_int_eq(fixture->expected,
-                       ossl_cmp_verify_popo(fixture->msg,
+                       ossl_cmp_verify_popo(fixture->cmp_ctx, fixture->msg,
                                             fixture->additional_arg));
 }
 
@@ -140,13 +143,14 @@ static int execute_validate_cert_path_test(CMP_VFY_TEST_FIXTURE *fixture)
 
 static int test_validate_msg_mac_alg_protection(void)
 {
-    SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
     /* secret value belonging to cmp-test/CMP_IP_waitingStatus_PBM.der */
     const unsigned char sec_1[] = {
         '9', 'p', 'p', '8', '-', 'b', '3', '5', 'i', '-', 'X', 'd', '3',
         'Q', '-', 'u', 'd', 'N', 'R'
     };
 
+    SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
+
     fixture->expected = 1;
     if (!TEST_true(OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx, sec_1,
                                                  sizeof(sec_1)))
@@ -161,11 +165,12 @@ static int test_validate_msg_mac_alg_protection(void)
 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
 static int test_validate_msg_mac_alg_protection_bad(void)
 {
-    SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
     const unsigned char sec_bad[] = {
         '9', 'p', 'p', '8', '-', 'b', '3', '5', 'i', '-', 'X', 'd', '3',
         'Q', '-', 'u', 'd', 'N', 'r'
     };
+
+    SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
     fixture->expected = 0;
 
     if (!TEST_true(OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx, sec_bad,
@@ -192,9 +197,11 @@ static int add_untrusted(OSSL_CMP_CTX *ctx, X509 *cert)
 
 static int test_validate_msg_signature_partial_chain(int expired)
 {
+    X509_STORE *ts;
+
     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
-    X509_STORE *ts = OSSL_CMP_CTX_get0_trustedStore(fixture->cmp_ctx);
 
+    ts = OSSL_CMP_CTX_get0_trustedStore(fixture->cmp_ctx);
     fixture->expected = !expired;
     if (ts == NULL
             || !TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f))
@@ -543,9 +550,21 @@ void cleanup_tests(void)
     X509_free(instaca_cert);
     OSSL_CMP_MSG_free(ir_unprotected);
     OSSL_CMP_MSG_free(ir_rmprotection);
+    OPENSSL_CTX_free(libctx);
     return;
 }
 
+
+#define USAGE "server.crt client.crt " \
+    "EndEntity1.crt EndEntity2.crt " \
+    "Root_CA.crt Intermediate_CA.crt " \
+    "CMP_IR_protected.der CMP_IR_unprotected.der " \
+    "IP_waitingStatus_PBM.der IR_rmprotection.der " \
+    "insta.cert.pem insta_ca.cert.pem " \
+    "IR_protected_0_extraCerts.der " \
+    "IR_protected_2_extraCerts.der module_name [module_conf_file]\n"
+OPT_TEST_DECLARE_USAGE(USAGE)
+
 int setup_tests(void)
 {
     /* Set test time stamps */
@@ -578,31 +597,27 @@ int setup_tests(void)
             || !TEST_ptr(instaca_f = test_get_argument(11))
             || !TEST_ptr(ir_protected_0_extracerts = test_get_argument(12))
             || !TEST_ptr(ir_protected_2_extracerts = test_get_argument(13))) {
-        TEST_error("usage: cmp_vfy_test server.crt client.crt "
-                   "EndEntity1.crt EndEntity2.crt "
-                   "Root_CA.crt Intermediate_CA.crt "
-                   "CMP_IR_protected.der CMP_IR_unprotected.der "
-                   "IP_waitingStatus_PBM.der IR_rmprotection.der "
-                   "insta.cert.pem insta_ca.cert.pem "
-                   "IR_protected_0_extraCerts.der "
-                   "IR_protected_2_extraCerts.der\n");
+        TEST_error("usage: cmp_vfy_test %s", USAGE);
         return 0;
     }
 
+    if (!test_get_libctx(&libctx, &default_null_provider, &provider, 14, USAGE))
+        return 0;
+
     /* Load certificates for cert chain */
-    if (!TEST_ptr(endentity1 = load_pem_cert(endentity1_f))
-            || !TEST_ptr(endentity2 = load_pem_cert(endentity2_f))
-            || !TEST_ptr(root = load_pem_cert(root_f))
-            || !TEST_ptr(intermediate = load_pem_cert(intermediate_f)))
+    if (!TEST_ptr(endentity1 = load_pem_cert(endentity1_f, libctx))
+            || !TEST_ptr(endentity2 = load_pem_cert(endentity2_f, libctx))
+            || !TEST_ptr(root = load_pem_cert(root_f, NULL))
+            || !TEST_ptr(intermediate = load_pem_cert(intermediate_f, libctx)))
         goto err;
 
-    if (!TEST_ptr(insta_cert = load_pem_cert(instacert_f))
-            || !TEST_ptr(instaca_cert = load_pem_cert(instaca_f)))
+    if (!TEST_ptr(insta_cert = load_pem_cert(instacert_f, libctx))
+            || !TEST_ptr(instaca_cert = load_pem_cert(instaca_f, libctx)))
         goto err;
 
     /* Load certificates for message validation */
-    if (!TEST_ptr(srvcert = load_pem_cert(server_f))
-            || !TEST_ptr(clcert = load_pem_cert(client_f)))
+    if (!TEST_ptr(srvcert = load_pem_cert(server_f, libctx))
+            || !TEST_ptr(clcert = load_pem_cert(client_f, libctx)))
         goto err;
     if (!TEST_int_eq(1, RAND_bytes(rand_data, OSSL_CMP_TRANSACTIONID_LENGTH)))
         goto err;
diff --git a/test/ct_test.c b/test/ct_test.c
index 79ffcbf9a2..2e161a74d2 100644
--- a/test/ct_test.c
+++ b/test/ct_test.c
@@ -338,8 +338,6 @@ end:
 static int test_no_scts_in_certificate(void)
 {
     SETUP_CT_TEST_FIXTURE();
-    if (fixture == NULL)
-        return 0;
     fixture->certs_dir = certs_dir;
     fixture->certificate_file = "leaf.pem";
     fixture->issuer_file = "subinterCA.pem";
@@ -351,8 +349,6 @@ static int test_no_scts_in_certificate(void)
 static int test_one_sct_in_certificate(void)
 {
     SETUP_CT_TEST_FIXTURE();
-    if (fixture == NULL)
-        return 0;
     fixture->certs_dir = certs_dir;
     fixture->certificate_file = "embeddedSCTs1.pem";
     fixture->issuer_file = "embeddedSCTs1_issuer.pem";
@@ -366,8 +362,6 @@ static int test_one_sct_in_certificate(void)
 static int test_multiple_scts_in_certificate(void)
 {
     SETUP_CT_TEST_FIXTURE();
-    if (fixture == NULL)
-        return 0;
     fixture->certs_dir = certs_dir;
     fixture->certificate_file = "embeddedSCTs3.pem";
     fixture->issuer_file = "embeddedSCTs3_issuer.pem";
@@ -381,8 +375,6 @@ static int test_multiple_scts_in_certificate(void)
 static int test_verify_one_sct(void)
 {
     SETUP_CT_TEST_FIXTURE();
-    if (fixture == NULL)
-        return 0;
     fixture->certs_dir = certs_dir;
     fixture->certificate_file = "embeddedSCTs1.pem";
     fixture->issuer_file = "embeddedSCTs1_issuer.pem";
@@ -395,8 +387,6 @@ static int test_verify_one_sct(void)
 static int test_verify_multiple_scts(void)
 {
     SETUP_CT_TEST_FIXTURE();
-    if (fixture == NULL)
-        return 0;
     fixture->certs_dir = certs_dir;
     fixture->certificate_file = "embeddedSCTs3.pem";
     fixture->issuer_file = "embeddedSCTs3_issuer.pem";
@@ -409,8 +399,6 @@ static int test_verify_multiple_scts(void)
 static int test_verify_fails_for_future_sct(void)
 {
     SETUP_CT_TEST_FIXTURE();
-    if (fixture == NULL)
-        return 0;
     fixture->epoch_time_in_ms = 1365094800000ULL; /* Apr 4 17:00:00 2013 GMT */
     fixture->certs_dir = certs_dir;
     fixture->certificate_file = "embeddedSCTs1.pem";
@@ -443,8 +431,6 @@ static int test_decode_tls_sct(void)
         "\xED\xBF\x08";
 
     SETUP_CT_TEST_FIXTURE();
-    if (fixture == NULL)
-        return 0;
     fixture->tls_sct_list = tls_sct_list;
     fixture->tls_sct_list_len = 0x7a;
     fixture->sct_dir = ct_dir;
@@ -463,8 +449,6 @@ static int test_encode_tls_sct(void)
     SCT *sct = NULL;
 
     SETUP_CT_TEST_FIXTURE();
-    if (fixture == NULL)
-        return 0;
 
     fixture->sct_list = sk_SCT_new_null();
     if (!TEST_ptr(sct = SCT_new_from_base64(SCT_VERSION_V1, log_id,
diff --git a/test/recipes/65-test_cmp_client.t b/test/recipes/65-test_cmp_client.t
index 1b54940e94..de60599cf0 100644
--- a/test/recipes/65-test_cmp_client.t
+++ b/test/recipes/65-test_cmp_client.t
@@ -9,19 +9,40 @@
 # https://www.openssl.org/source/license.html
 
 use strict;
-use OpenSSL::Test qw/:DEFAULT data_file/;
+use OpenSSL::Test qw/:DEFAULT data_file srctop_file srctop_dir bldtop_file bldtop_dir/;
 use OpenSSL::Test::Utils;
 
-setup("test_cmp_client");
+BEGIN {
+    setup("test_cmp_client");
+}
+
+use lib srctop_dir('Configurations');
+use lib bldtop_dir('.');
+use platform;
+
+my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
 
 plan skip_all => "This test is not supported in a no-cmp or no-ec build"
     if disabled("cmp") || disabled("ec");
 
-plan tests => 1;
+plan tests => 2 + ($no_fips ? 0 : 2); #fips install + fips test
+
+my @basic_cmd = ("cmp_client_test",
+                 data_file("server.key"),
+                 data_file("server.crt"),
+                 data_file("client.key"),
+                 data_file("client.crt"),
+                 data_file("client.csr"));
+
+ok(run(test([@basic_cmd, "none"])));
+
+ok(run(test([@basic_cmd, "default", srctop_file("test", "default.cnf")])));
+
+unless ($no_fips) {
+    ok(run(app(['openssl', 'fipsinstall',
+                '-out', bldtop_file('providers', 'fipsmodule.cnf'),
+                '-module', bldtop_file('providers', platform->dso('fips'))])),
+       "fipsinstall");
 
-ok(run(test(["cmp_client_test",
-             data_file("server.key"),
-             data_file("server.crt"),
-             data_file("client.key"),
-             data_file("client.crt"),
-             data_file("client.csr")])));
+    ok(run(test([@basic_cmd, "fips", srctop_file("test", "fips.cnf")])));
+}
diff --git a/test/recipes/65-test_cmp_msg.t b/test/recipes/65-test_cmp_msg.t
index e1b08ccfa2..0347c1a2a9 100644
--- a/test/recipes/65-test_cmp_msg.t
+++ b/test/recipes/65-test_cmp_msg.t
@@ -9,16 +9,38 @@
 # https://www.openssl.org/source/license.html
 
 use strict;
-use OpenSSL::Test qw/:DEFAULT data_file/;
+use OpenSSL::Test qw/:DEFAULT data_file srctop_file srctop_dir bldtop_file bldtop_dir/;
 use OpenSSL::Test::Utils;
 
-setup("test_cmp_msg");
+BEGIN {
+    setup("test_cmp_msg");
+}
+
+use lib srctop_dir('Configurations');
+use lib bldtop_dir('.');
+use platform;
+
+my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
 
 plan skip_all => "This test is not supported in a no-cmp build"
     if disabled("cmp");
 
-plan tests => 1;
+plan tests => 2 + ($no_fips ? 0 : 2); #fips install + fips test
+
+my @basic_cmd = ("cmp_msg_test",
+                 data_file("new.key"),
+                 data_file("server.crt"),
+                 data_file("pkcs10.der"));
+
+ok(run(test([@basic_cmd, "none"])));
+
+ok(run(test([@basic_cmd, "default", srctop_file("test", "default.cnf")])));
+
+unless ($no_fips) {
+    ok(run(app(['openssl', 'fipsinstall',
+                '-out', bldtop_file('providers', 'fipsmodule.cnf'),
+                '-module', bldtop_file('providers', platform->dso('fips'))])),
+       "fipsinstall");
 
-ok(run(test(["cmp_msg_test",
-             data_file("server.crt"),
-             data_file("pkcs10.der")])));
+    ok(run(test([@basic_cmd, "fips", srctop_file("test", "fips.cnf")])));
+}
diff --git a/test/certs/root-key2.pem b/test/recipes/65-test_cmp_msg_data/new.key
similarity index 100%
copy from test/certs/root-key2.pem
copy to test/recipes/65-test_cmp_msg_data/new.key
diff --git a/test/recipes/65-test_cmp_protect.t b/test/recipes/65-test_cmp_protect.t
index cc36d2674d..19185e112b 100644
--- a/test/recipes/65-test_cmp_protect.t
+++ b/test/recipes/65-test_cmp_protect.t
@@ -9,10 +9,18 @@
 # https://www.openssl.org/source/license.html
 
 use strict;
-use OpenSSL::Test qw/:DEFAULT data_file/;
+use OpenSSL::Test qw/:DEFAULT data_file srctop_file srctop_dir bldtop_file bldtop_dir/;
 use OpenSSL::Test::Utils;
 
-setup("test_cmp_protect");
+BEGIN {
+    setup("test_cmp_protect");
+}
+
+use lib srctop_dir('Configurations');
+use lib bldtop_dir('.');
+use platform;
+
+my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
 
 plan skip_all => "This test is not supported in a no-cmp build"
     if disabled("cmp");
@@ -20,16 +28,29 @@ plan skip_all => "This test is not supported in a no-cmp build"
 plan skip_all => "This test is not supported in a shared library build on Windows"
     if $^O eq 'MSWin32' && !disabled("shared");
 
-plan tests => 1;
-
-ok(run(test(["cmp_protect_test",
-             data_file("server.pem"),
-             data_file("IR_protected.der"),
-             data_file("IR_unprotected.der"),
-             data_file("IP_PBM.der"),
-             data_file("server.crt"),
-             data_file("server.pem"),
-             data_file("EndEntity1.crt"),
-             data_file("EndEntity2.crt"),
-             data_file("Root_CA.crt"),
-             data_file("Intermediate_CA.crt")])));
+plan tests => 2 + ($no_fips ? 0 : 2); #fips install + fips test
+
+my @basic_cmd = ("cmp_protect_test",
+                 data_file("server.pem"),
+                 data_file("IR_protected.der"),
+                 data_file("IR_unprotected.der"),
+                 data_file("IP_PBM.der"),
+                 data_file("server.crt"),
+                 data_file("server.pem"),
+                 data_file("EndEntity1.crt"),
+                 data_file("EndEntity2.crt"),
+                 data_file("Root_CA.crt"),
+                 data_file("Intermediate_CA.crt"));
+
+ok(run(test([@basic_cmd, "none"])));
+
+ok(run(test([@basic_cmd, "default", srctop_file("test", "default.cnf")])));
+
+unless ($no_fips) {
+    ok(run(app(['openssl', 'fipsinstall',
+                '-out', bldtop_file('providers', 'fipsmodule.cnf'),
+                '-module', bldtop_file('providers', platform->dso('fips'))])),
+       "fipsinstall");
+
+    ok(run(test([@basic_cmd, "fips", srctop_file("test", "fips.cnf")])));
+}
diff --git a/test/recipes/65-test_cmp_server.t b/test/recipes/65-test_cmp_server.t
index 87dbdb10b2..5864163f01 100644
--- a/test/recipes/65-test_cmp_server.t
+++ b/test/recipes/65-test_cmp_server.t
@@ -9,10 +9,18 @@
 # https://www.openssl.org/source/license.html
 
 use strict;
-use OpenSSL::Test qw/:DEFAULT data_file/;
+use OpenSSL::Test qw/:DEFAULT data_file srctop_file srctop_dir bldtop_file bldtop_dir/;
 use OpenSSL::Test::Utils;
 
-setup("test_cmp_server");
+BEGIN {
+    setup("test_cmp_server");
+}
+
+use lib srctop_dir('Configurations');
+use lib bldtop_dir('.');
+use platform;
+
+my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
 
 plan skip_all => "This test is not supported in a no-cmp build"
     if disabled("cmp");
@@ -20,7 +28,19 @@ plan skip_all => "This test is not supported in a no-cmp build"
 plan skip_all => "This test is not supported in a no-ec build"
     if disabled("ec");
 
-plan tests => 1;
+plan tests => 2 + ($no_fips ? 0 : 2); #fips install + fips test
+
+my @basic_cmd = ("cmp_server_test", data_file("CR_protected_PBM_1234.der"));
+
+ok(run(test([@basic_cmd, "none"])));
+
+ok(run(test([@basic_cmd, "default", srctop_file("test", "default.cnf")])));
+
+unless ($no_fips) {
+    ok(run(app(['openssl', 'fipsinstall',
+                '-out', bldtop_file('providers', 'fipsmodule.cnf'),
+                '-module', bldtop_file('providers', platform->dso('fips'))])),
+       "fipsinstall");
 
-ok(run(test(["cmp_server_test",
-             data_file("CR_protected_PBM_1234.der")])));
+    ok(run(test([@basic_cmd, "fips", srctop_file("test", "fips.cnf")])));
+}
diff --git a/test/recipes/65-test_cmp_vfy.t b/test/recipes/65-test_cmp_vfy.t
index 8b3911ea36..800dabcd85 100644
--- a/test/recipes/65-test_cmp_vfy.t
+++ b/test/recipes/65-test_cmp_vfy.t
@@ -9,10 +9,18 @@
 # https://www.openssl.org/source/license.html
 
 use strict;
-use OpenSSL::Test qw/:DEFAULT data_file/;
+use OpenSSL::Test qw/:DEFAULT data_file srctop_file srctop_dir bldtop_file bldtop_dir/;
 use OpenSSL::Test::Utils;
 
-setup("test_cmp_vfy");
+BEGIN {
+    setup("test_cmp_vfy");
+}
+
+use lib srctop_dir('Configurations');
+use lib bldtop_dir('.');
+use platform;
+
+my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
 
 plan skip_all => "This test is not supported in a no-cmp build"
     if disabled("cmp");
@@ -20,17 +28,30 @@ plan skip_all => "This test is not supported in a no-cmp build"
 plan skip_all => "This test is not supported in a no-ec build"
     if disabled("ec");
 
-plan tests => 1;
-
-ok(run(test(["cmp_vfy_test",
-             data_file("server.crt"),     data_file("client.crt"),
-             data_file("EndEntity1.crt"), data_file("EndEntity2.crt"),
-             data_file("Root_CA.crt"),    data_file("Intermediate_CA.crt"),
-             data_file("IR_protected.der"),
-             data_file("IR_unprotected.der"),
-             data_file("IP_waitingStatus_PBM.der"),
-             data_file("IR_rmprotection.der"),
-             data_file("insta.cert.pem"),
-             data_file("insta_ca.cert.pem"),
-             data_file("IR_protected_0_extraCerts.der"),
-             data_file("IR_protected_2_extraCerts.der")])));
+plan tests => 2 + ($no_fips ? 0 : 2); #fips install + fips test
+
+my @basic_cmd = ("cmp_vfy_test",
+                 data_file("server.crt"),     data_file("client.crt"),
+                 data_file("EndEntity1.crt"), data_file("EndEntity2.crt"),
+                 data_file("Root_CA.crt"),    data_file("Intermediate_CA.crt"),
+                 data_file("IR_protected.der"),
+                 data_file("IR_unprotected.der"),
+                 data_file("IP_waitingStatus_PBM.der"),
+                 data_file("IR_rmprotection.der"),
+                 data_file("insta.cert.pem"),
+                 data_file("insta_ca.cert.pem"),
+                 data_file("IR_protected_0_extraCerts.der"),
+                 data_file("IR_protected_2_extraCerts.der"));
+
+ok(run(test([@basic_cmd, "none"])));
+
+ok(run(test([@basic_cmd, "default", srctop_file("test", "default.cnf")])));
+
+unless ($no_fips) {
+    ok(run(app(['openssl', 'fipsinstall',
+                '-out', bldtop_file('providers', 'fipsmodule.cnf'),
+                '-module', bldtop_file('providers', platform->dso('fips'))])),
+       "fipsinstall");
+
+    ok(run(test([@basic_cmd, "fips", srctop_file("test", "fips.cnf")])));
+}
diff --git a/test/ssl_test.c b/test/ssl_test.c
index 5880468f93..18e92c7f77 100644
--- a/test/ssl_test.c
+++ b/test/ssl_test.c
@@ -513,12 +513,12 @@ err:
     return ret;
 }
 
-OPT_TEST_DECLARE_USAGE("conf_file modulename [fips_conf_file]\n")
+#define USAGE "conf_file module_name [module_conf_file]\n"
+OPT_TEST_DECLARE_USAGE(USAGE)
 
 int setup_tests(void)
 {
     long num_tests;
-    const char *modulename;
 
     if (!test_skip_common_options()) {
         TEST_error("Error parsing test options\n");
@@ -529,29 +529,14 @@ int setup_tests(void)
             /* argv[1] should point to the test conf file */
             || !TEST_int_gt(NCONF_load(conf, test_get_argument(0), NULL), 0)
             || !TEST_int_ne(NCONF_get_number_e(conf, NULL, "num_tests",
-                                               &num_tests), 0))
+                                               &num_tests), 0)) {
+        TEST_error("usage: ssl_test %s", USAGE);
         return 0;
+    }
 
-    if (!TEST_ptr(modulename = test_get_argument(1)))
+    if (!test_get_libctx(&libctx, &defctxnull, &thisprov, 1, USAGE))
         return 0;
 
-    if (strcmp(modulename, "none") != 0) {
-        const char *configfile = test_get_argument(2);
-
-        defctxnull = OSSL_PROVIDER_load(NULL, "null");
-        libctx = OPENSSL_CTX_new();
-        if (!TEST_ptr(libctx))
-            return 0;
-
-        if (configfile != NULL
-                && !TEST_true(OPENSSL_CTX_load_config(libctx, configfile)))
-            return 0;
-
-        thisprov = OSSL_PROVIDER_load(libctx, modulename);
-        if (!TEST_ptr(thisprov))
-            return 0;
-    }
-
     ADD_ALL_TESTS(test_handshake, (int)num_tests);
     return 1;
 }
diff --git a/test/ssl_test_ctx_test.c b/test/ssl_test_ctx_test.c
index 16ce32a33f..91f418095f 100644
--- a/test/ssl_test_ctx_test.c
+++ b/test/ssl_test_ctx_test.c
@@ -151,8 +151,6 @@ static void tear_down(SSL_TEST_CTX_TEST_FIXTURE *fixture)
 static int test_empty_configuration(void)
 {
     SETUP_SSL_TEST_CTX_TEST_FIXTURE();
-    if (fixture == NULL)
-        return 0;
     fixture->test_section = "ssltest_default";
     fixture->expected_ctx->expected_result = SSL_TEST_SUCCESS;
     EXECUTE_SSL_TEST_CTX_TEST();
@@ -162,8 +160,6 @@ static int test_empty_configuration(void)
 static int test_good_configuration(void)
 {
     SETUP_SSL_TEST_CTX_TEST_FIXTURE();
-    if (fixture == NULL)
-        return 0;
     fixture->test_section = "ssltest_good";
     fixture->expected_ctx->method = SSL_TEST_METHOD_DTLS;
     fixture->expected_ctx->handshake_mode = SSL_TEST_HANDSHAKE_RESUME;
diff --git a/test/testutil.h b/test/testutil.h
index 88a3cbc9a8..14483fd405 100644
--- a/test/testutil.h
+++ b/test/testutil.h
@@ -10,12 +10,13 @@
 #ifndef OSSL_TESTUTIL_H
 # define OSSL_TESTUTIL_H
 
-#include <stdarg.h>
+# include <stdarg.h>
 
-#include <openssl/err.h>
-#include <openssl/e_os2.h>
-#include <openssl/bn.h>
-#include "opt.h"
+# include <openssl/provider.h>
+# include <openssl/err.h>
+# include <openssl/e_os2.h>
+# include <openssl/bn.h>
+# include "opt.h"
 
 /*-
  * Simple unit tests should implement setup_tests().
@@ -67,6 +68,7 @@
  * object called "fixture". It will also allocate the "result" variable used
  * by EXECUTE_TEST. set_up() should take a const char* specifying the test
  * case name and return a TEST_FIXTURE_TYPE by reference.
+ * If case set_up() fails then 0 is returned.
  *
  * EXECUTE_TEST will pass fixture to execute_func() by reference, call
  * tear_down(), and return the result of execute_func(). execute_func() should
@@ -94,7 +96,11 @@
  */
 # define SETUP_TEST_FIXTURE(TEST_FIXTURE_TYPE, set_up)\
     TEST_FIXTURE_TYPE *fixture = set_up(TEST_CASE_NAME); \
-    int result = 0
+    int result = 0; \
+\
+    if (fixture == NULL) \
+        return 0
+
 
 # define EXECUTE_TEST(execute_func, tear_down)\
     if (fixture != NULL) {\
@@ -120,7 +126,7 @@
 
 
 /* The default test enum which should be common to all tests */
-#define OPT_TEST_ENUM \
+# define OPT_TEST_ENUM \
     OPT_TEST_HELP = 500, \
     OPT_TEST_LIST, \
     OPT_TEST_SINGLE, \
@@ -129,7 +135,7 @@
     OPT_TEST_SEED
 
 /* The Default test OPTIONS common to all tests (without a usage string) */
-#define OPT_TEST_OPTIONS \
+# define OPT_TEST_OPTIONS \
     { OPT_HELP_STR, 1,  '-', "Valid options are:\n" }, \
     { "help", OPT_TEST_HELP, '-', "Display this summary" }, \
     { "list", OPT_TEST_LIST, '-', "Display the list of tests available" }, \
@@ -139,12 +145,12 @@
     { "seed", OPT_TEST_SEED, 'n', "Seed value to randomize tests with" }
 
 /* The Default test OPTIONS common to all tests starting with an additional usage string */
-#define OPT_TEST_OPTIONS_WITH_EXTRA_USAGE(usage) \
+# define OPT_TEST_OPTIONS_WITH_EXTRA_USAGE(usage) \
     { OPT_HELP_STR, 1, '-', "Usage: %s [options] " usage }, \
     OPT_TEST_OPTIONS
 
 /* The Default test OPTIONS common to all tests with an default usage string */
-#define OPT_TEST_OPTIONS_DEFAULT_USAGE \
+# define OPT_TEST_OPTIONS_DEFAULT_USAGE \
     { OPT_HELP_STR, 1, '-', "Usage: %s [options]\n" }, \
     OPT_TEST_OPTIONS
 
@@ -152,7 +158,7 @@
  * Optional Cases that need to be ignored by the test app when using opt_next(),
  * (that are handled internally).
  */
-#define OPT_TEST_CASES \
+# define OPT_TEST_CASES \
          OPT_TEST_HELP: \
     case OPT_TEST_LIST: \
     case OPT_TEST_SINGLE: \
@@ -174,7 +180,7 @@
  *      well as the additional options that need to be handled.
  *  (3) case OPT_TEST_CASES: break; inside the opt_next() handling code.
  */
-#define OPT_TEST_DECLARE_USAGE(usage_str) \
+# define OPT_TEST_DECLARE_USAGE(usage_str) \
 const OPTIONS *test_get_options(void) \
 { \
     enum { OPT_TEST_ENUM }; \
@@ -199,6 +205,10 @@ size_t test_get_argument_count(void);
  */
 int test_skip_common_options(void);
 
+int test_get_libctx(OPENSSL_CTX **libctx,
+                    OSSL_PROVIDER **default_null_provider,
+                    OSSL_PROVIDER **provider, int argn, const char *usage);
+
 /*
  * Internal helpers. Test programs shouldn't use these directly, but should
  * rather link to one of the helper main() methods.
@@ -230,17 +240,17 @@ const OPTIONS *test_get_options(void);
  *  Test assumption verification helpers.
  */
 
-#define PRINTF_FORMAT(a, b)
-#if defined(__GNUC__) && defined(__STDC_VERSION__)
+# define PRINTF_FORMAT(a, b)
+# if defined(__GNUC__) && defined(__STDC_VERSION__)
   /*
    * Because we support the 'z' modifier, which made its appearance in C99,
    * we can't use __attribute__ with pre C99 dialects.
    */
-# if __STDC_VERSION__ >= 199901L
-#  undef PRINTF_FORMAT
-#  define PRINTF_FORMAT(a, b)   __attribute__ ((format(printf, a, b)))
+#  if __STDC_VERSION__ >= 199901L
+#   undef PRINTF_FORMAT
+#   define PRINTF_FORMAT(a, b)   __attribute__ ((format(printf, a, b)))
+#  endif
 # endif
-#endif
 
 # define DECLARE_COMPARISON(type, name, opname)                         \
     int test_ ## name ## _ ## opname(const char *, int,                 \
@@ -498,7 +508,7 @@ void test_output_memory(const char *name, const unsigned char *m, size_t l);
 /*
  * Utilities to parse a test file.
  */
-#define TESTMAXPAIRS        150
+# define TESTMAXPAIRS        150
 
 typedef struct pair_st {
     char *key;
diff --git a/test/testutil/provider.c b/test/testutil/provider.c
new file mode 100644
index 0000000000..f7c7b1cdb6
--- /dev/null
+++ b/test/testutil/provider.c
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "../testutil.h"
+#include <openssl/provider.h>
+#include <string.h>
+
+int test_get_libctx(OPENSSL_CTX **libctx,
+                    OSSL_PROVIDER **default_null_provider,
+                    OSSL_PROVIDER **provider, int argn, const char *usage)
+{
+    const char *module_name;
+
+    if (!TEST_ptr(module_name = test_get_argument(argn))) {
+        TEST_error("usage: <prog> %s", usage);
+        return 0;
+    }
+    if (strcmp(module_name, "none") != 0) {
+        const char *config_fname = test_get_argument(argn + 1);
+
+        *default_null_provider = OSSL_PROVIDER_load(NULL, "null");
+        *libctx = OPENSSL_CTX_new();
+        if (!TEST_ptr(*libctx)) {
+            TEST_error("Failed to create libctx\n");
+            goto err;
+        }
+
+        if (config_fname != NULL
+                && !TEST_true(OPENSSL_CTX_load_config(*libctx, config_fname))) {
+            TEST_error("Error loading config file %s\n", config_fname);
+            goto err;
+        }
+
+        *provider = OSSL_PROVIDER_load(*libctx, module_name);
+        if (!TEST_ptr(*provider)) {
+            TEST_error("Failed to load provider %s\n", module_name);
+            goto err;
+        }
+    }
+    return 1;
+
+ err:
+    ERR_print_errors_fp(stderr);
+    return 0;
+}
diff --git a/util/libcrypto.num b/util/libcrypto.num
index a9b914839a..19a9b4c9d3 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4926,6 +4926,8 @@ PKCS8_pkey_add1_attr_by_OBJ             ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_private_check                  ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_pairwise_check                 ?	3_0_0	EXIST::FUNCTION:
 ASN1_item_verify_ctx                    ?	3_0_0	EXIST::FUNCTION:
+ASN1_item_sign_with_libctx              ?	3_0_0	EXIST::FUNCTION:
+ASN1_item_verify_with_libctx            ?	3_0_0	EXIST::FUNCTION:
 RAND_DRBG_set_callback_data             ?	3_0_0	NOEXIST::FUNCTION:
 RAND_DRBG_get_callback_data             ?	3_0_0	NOEXIST::FUNCTION:
 BIO_socket_wait                         ?	3_0_0	EXIST::FUNCTION:SOCK
diff --git a/util/missingcrypto.txt b/util/missingcrypto.txt
index 3aa3b5065b..97208d364e 100644
--- a/util/missingcrypto.txt
+++ b/util/missingcrypto.txt
@@ -156,9 +156,11 @@ ASN1_item_pack(3)
 ASN1_item_print(3)
 ASN1_item_sign(3)
 ASN1_item_sign_ctx(3)
+ASN1_item_sign_with_libctx(3)
 ASN1_item_unpack(3)
 ASN1_item_verify(3)
 ASN1_item_verify_ctx(3)
+ASN1_item_verify_with_libctx(3)
 ASN1_mbstring_copy(3)
 ASN1_mbstring_ncopy(3)
 ASN1_object_size(3)

From levitte at openssl.org  Fri Aug 21 07:27:01 2020
From: levitte at openssl.org (Richard Levitte)
Date: Fri, 21 Aug 2020 07:27:01 +0000
Subject: [openssl]  master update
Message-ID: <1597994821.940083.20829.nullmailer@dev.openssl.org>

The branch master has been updated
       via  93ec4f8f09bc1b0e8b478d7b6c07a3bdb537bb75 (commit)
       via  ece9304c96f71277ca95696d9bc49fdec51e9f17 (commit)
       via  f650993f1de3dbb5eda9009ad0c4895a7b1b7fe2 (commit)
      from  5a7734cd0219faaad336990c9ceebc8efc2776b0 (commit)


- Log -----------------------------------------------------------------
commit 93ec4f8f09bc1b0e8b478d7b6c07a3bdb537bb75
Author: Richard Levitte <levitte at openssl.org>
Date:   Sun Aug 16 21:26:13 2020 +0200

    Remove the OSSL_SERIALIZER / OSSL_DESERIALIZER renaming scripts
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12660)

commit ece9304c96f71277ca95696d9bc49fdec51e9f17
Author: Richard Levitte <levitte at openssl.org>
Date:   Sun Aug 16 21:25:08 2020 +0200

    Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
    
    Fixes #12455
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12660)

commit f650993f1de3dbb5eda9009ad0c4895a7b1b7fe2
Author: Richard Levitte <levitte at openssl.org>
Date:   Sun Aug 16 21:22:02 2020 +0200

    Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
    
    These are the scripts that do the deed.
    
    Fixes #12455
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12660)

-----------------------------------------------------------------------

Summary of changes:
 CHANGES.md                                         |  30 +-
 NEWS.md                                            |   2 +-
 apps/list.c                                        | 139 +++---
 crypto/asn1/i2d_pr.c                               |  14 +-
 crypto/build.info                                  |   2 +-
 crypto/encode_decode/build.info                    |   8 +
 .../decoder_err.c}                                 |  14 +-
 crypto/encode_decode/decoder_lib.c                 | 483 ++++++++++++++++++
 crypto/encode_decode/decoder_meth.c                | 552 +++++++++++++++++++++
 .../decoder_pkey.c}                                | 141 +++---
 .../encoder_err.c}                                 |  16 +-
 .../encoder_lib.c}                                 |  12 +-
 crypto/encode_decode/encoder_local.h               | 140 ++++++
 crypto/encode_decode/encoder_meth.c                | 523 +++++++++++++++++++
 crypto/encode_decode/encoder_pkey.c                | 276 +++++++++++
 .../endecode_pass.c}                               |  34 +-
 crypto/err/err.c                                   |   4 +-
 crypto/err/openssl.ec                              |  12 +-
 crypto/err/openssl.txt                             |   6 +-
 crypto/evp/p_lib.c                                 |  20 +-
 crypto/evp/pmeth_gn.c                              |   1 -
 crypto/pem/pem_local.h                             |  38 +-
 crypto/pem/pem_pk8.c                               |  23 +-
 crypto/pem/pem_pkey.c                              |   1 -
 crypto/property/property_parse.c                   |   6 +-
 crypto/serializer/build.info                       |   8 -
 crypto/serializer/deserializer_lib.c               | 488 ------------------
 crypto/serializer/deserializer_meth.c              | 552 ---------------------
 crypto/serializer/serializer_err.c                 |  33 --
 crypto/serializer/serializer_local.h               | 140 ------
 crypto/serializer/serializer_meth.c                | 522 -------------------
 crypto/serializer/serializer_pkey.c                | 275 ----------
 crypto/x509/x_pubkey.c                             |  26 +-
 doc/man1/openssl-list.pod.in                       |  12 +-
 doc/man3/OSSL_DECODER.pod                          | 142 ++++++
 doc/man3/OSSL_DECODER_CTX.pod                      |  74 +++
 doc/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.pod      | 109 ++++
 doc/man3/OSSL_DECODER_from_bio.pod                 | 276 +++++++++++
 doc/man3/OSSL_DESERIALIZER.pod                     | 146 ------
 doc/man3/OSSL_DESERIALIZER_CTX.pod                 |  74 ---
 doc/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.pod | 111 -----
 doc/man3/OSSL_DESERIALIZER_from_bio.pod            | 280 -----------
 doc/man3/OSSL_ENCODER.pod                          | 126 +++++
 doc/man3/OSSL_ENCODER_CTX.pod                      |  93 ++++
 doc/man3/OSSL_ENCODER_CTX_new_by_EVP_PKEY.pod      | 144 ++++++
 ...RIALIZER_to_bio.pod => OSSL_ENCODER_to_bio.pod} |  24 +-
 doc/man3/OSSL_SERIALIZER.pod                       | 129 -----
 doc/man3/OSSL_SERIALIZER_CTX.pod                   |  94 ----
 doc/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.pod   | 144 ------
 doc/man7/OSSL_PROVIDER-FIPS.pod                    |   2 +-
 doc/man7/OSSL_PROVIDER-base.pod                    |  22 +-
 doc/man7/OSSL_PROVIDER-default.pod                 |  16 +-
 ...rovider-serializer.pod => provider-encoder.pod} | 127 +++--
 doc/man7/provider.pod                              |  10 +-
 include/crypto/{serializer.h => encoder.h}         |   8 +-
 include/internal/cryptlib.h                        |   4 +-
 include/openssl/core_dispatch.h                    |  62 +--
 include/openssl/core_names.h                       |  26 +-
 include/openssl/decoder.h                          | 117 +++++
 .../openssl/{deserializererr.h => decodererr.h}    |  12 +-
 include/openssl/deserializer.h                     | 125 -----
 include/openssl/encoder.h                          | 100 ++++
 include/openssl/{serializererr.h => encodererr.h}  |  14 +-
 include/openssl/err.h                              |   4 +-
 include/openssl/serializer.h                       | 104 ----
 include/openssl/types.h                            |   8 +-
 providers/baseprov.c                               |  24 +-
 providers/decoders.inc                             |  42 ++
 providers/defltprov.c                              |  24 +-
 providers/deserializers.inc                        |  42 --
 providers/encoders.inc                             | 112 +++++
 providers/implementations/build.info               |   2 +-
 providers/implementations/encode_decode/build.info |  35 ++
 .../decode_common.c}                               |   2 +-
 .../decode_der2key.c}                              |  46 +-
 .../decode_ms2key.c}                               |  64 ++-
 .../decode_pem2der.c}                              |  40 +-
 .../encoder_common.c}                              |   2 +-
 .../serializer_dh.c => encode_decode/encoder_dh.c} |   2 +-
 .../encoder_dh_param.c}                            |  52 +-
 .../encoder_dh_priv.c}                             |  86 ++--
 .../encoder_dh_pub.c}                              |  58 +--
 .../encoder_dsa.c}                                 |   2 +-
 .../encoder_dsa_param.c}                           |  48 +-
 .../encoder_dsa_priv.c}                            |  84 ++--
 .../encoder_dsa_pub.c}                             |  48 +-
 .../serializer_ec.c => encode_decode/encoder_ec.c} |   2 +-
 .../encoder_ec_param.c}                            |  54 +-
 .../encoder_ec_priv.c}                             |  90 ++--
 .../encoder_ec_pub.c}                              |  49 +-
 .../encoder_ecx.c}                                 |   2 +-
 .../encoder_ecx_priv.c}                            | 108 ++--
 .../encoder_ecx_pub.c}                             |  60 +--
 .../encoder_ffc_params.c}                          |   2 +-
 .../encoder_local.h}                               |   2 +-
 .../encoder_rsa.c}                                 |   4 +-
 .../encoder_rsa_priv.c}                            |  84 ++--
 .../encoder_rsa_pub.c}                             |  48 +-
 .../implementations/include/prov/implementations.h | 146 +++---
 providers/implementations/serializers/build.info   |  35 --
 providers/serializers.inc                          | 112 -----
 test/build.info                                    |   8 +-
 test/{serdes_test.c => endecode_test.c}            | 230 ++++-----
 test/evp_pkey_provided_test.c                      |  60 +--
 ...er_deserializer.t => 04-test_encoder_decoder.t} |   4 +-
 util/libcrypto.num                                 | 114 ++---
 util/missingcrypto.txt                             |  16 +-
 util/other.syms                                    |  36 +-
 108 files changed, 4645 insertions(+), 4716 deletions(-)
 create mode 100644 crypto/encode_decode/build.info
 copy crypto/{serializer/deserializer_err.c => encode_decode/decoder_err.c} (55%)
 create mode 100644 crypto/encode_decode/decoder_lib.c
 create mode 100644 crypto/encode_decode/decoder_meth.c
 rename crypto/{serializer/deserializer_pkey.c => encode_decode/decoder_pkey.c} (65%)
 rename crypto/{serializer/deserializer_err.c => encode_decode/encoder_err.c} (51%)
 rename crypto/{serializer/serializer_lib.c => encode_decode/encoder_lib.c} (71%)
 create mode 100644 crypto/encode_decode/encoder_local.h
 create mode 100644 crypto/encode_decode/encoder_meth.c
 create mode 100644 crypto/encode_decode/encoder_pkey.c
 rename crypto/{serializer/serdes_pass.c => encode_decode/endecode_pass.c} (80%)
 delete mode 100644 crypto/serializer/build.info
 delete mode 100644 crypto/serializer/deserializer_lib.c
 delete mode 100644 crypto/serializer/deserializer_meth.c
 delete mode 100644 crypto/serializer/serializer_err.c
 delete mode 100644 crypto/serializer/serializer_local.h
 delete mode 100644 crypto/serializer/serializer_meth.c
 delete mode 100644 crypto/serializer/serializer_pkey.c
 create mode 100644 doc/man3/OSSL_DECODER.pod
 create mode 100644 doc/man3/OSSL_DECODER_CTX.pod
 create mode 100644 doc/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.pod
 create mode 100644 doc/man3/OSSL_DECODER_from_bio.pod
 delete mode 100644 doc/man3/OSSL_DESERIALIZER.pod
 delete mode 100644 doc/man3/OSSL_DESERIALIZER_CTX.pod
 delete mode 100644 doc/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.pod
 delete mode 100644 doc/man3/OSSL_DESERIALIZER_from_bio.pod
 create mode 100644 doc/man3/OSSL_ENCODER.pod
 create mode 100644 doc/man3/OSSL_ENCODER_CTX.pod
 create mode 100644 doc/man3/OSSL_ENCODER_CTX_new_by_EVP_PKEY.pod
 rename doc/man3/{OSSL_SERIALIZER_to_bio.pod => OSSL_ENCODER_to_bio.pod} (58%)
 delete mode 100644 doc/man3/OSSL_SERIALIZER.pod
 delete mode 100644 doc/man3/OSSL_SERIALIZER_CTX.pod
 delete mode 100644 doc/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.pod
 rename doc/man7/{provider-serializer.pod => provider-encoder.pod} (56%)
 rename include/crypto/{serializer.h => encoder.h} (53%)
 create mode 100644 include/openssl/decoder.h
 rename include/openssl/{deserializererr.h => decodererr.h} (68%)
 delete mode 100644 include/openssl/deserializer.h
 create mode 100644 include/openssl/encoder.h
 rename include/openssl/{serializererr.h => encodererr.h} (64%)
 delete mode 100644 include/openssl/serializer.h
 create mode 100644 providers/decoders.inc
 delete mode 100644 providers/deserializers.inc
 create mode 100644 providers/encoders.inc
 create mode 100644 providers/implementations/encode_decode/build.info
 rename providers/implementations/{serializers/deserialize_common.c => encode_decode/decode_common.c} (99%)
 rename providers/implementations/{serializers/deserialize_der2key.c => encode_decode/decode_der2key.c} (81%)
 rename providers/implementations/{serializers/deserialize_ms2key.c => encode_decode/decode_ms2key.c} (73%)
 rename providers/implementations/{serializers/deserialize_pem2der.c => encode_decode/decode_pem2der.c} (71%)
 rename providers/implementations/{serializers/serializer_common.c => encode_decode/encoder_common.c} (99%)
 rename providers/implementations/{serializers/serializer_dh.c => encode_decode/encoder_dh.c} (99%)
 rename providers/implementations/{serializers/serializer_dh_param.c => encode_decode/encoder_dh_param.c} (70%)
 rename providers/implementations/{serializers/serializer_dh_priv.c => encode_decode/encoder_dh_priv.c} (73%)
 rename providers/implementations/{serializers/serializer_dh_pub.c => encode_decode/encoder_dh_pub.c} (70%)
 rename providers/implementations/{serializers/serializer_dsa.c => encode_decode/encoder_dsa.c} (99%)
 rename providers/implementations/{serializers/serializer_dsa_param.c => encode_decode/encoder_dsa_param.c} (73%)
 rename providers/implementations/{serializers/serializer_dsa_priv.c => encode_decode/encoder_dsa_priv.c} (74%)
 rename providers/implementations/{serializers/serializer_dsa_pub.c => encode_decode/encoder_dsa_pub.c} (76%)
 rename providers/implementations/{serializers/serializer_ec.c => encode_decode/encoder_ec.c} (99%)
 rename providers/implementations/{serializers/serializer_ec_param.c => encode_decode/encoder_ec_param.c} (68%)
 rename providers/implementations/{serializers/serializer_ec_priv.c => encode_decode/encoder_ec_priv.c} (71%)
 rename providers/implementations/{serializers/serializer_ec_pub.c => encode_decode/encoder_ec_pub.c} (74%)
 rename providers/implementations/{serializers/serializer_ecx.c => encode_decode/encoder_ecx.c} (99%)
 rename providers/implementations/{serializers/serializer_ecx_priv.c => encode_decode/encoder_ecx_priv.c} (68%)
 rename providers/implementations/{serializers/serializer_ecx_pub.c => encode_decode/encoder_ecx_pub.c} (75%)
 rename providers/implementations/{serializers/serializer_ffc_params.c => encode_decode/encoder_ffc_params.c} (98%)
 rename providers/implementations/{serializers/serializer_local.h => encode_decode/encoder_local.h} (99%)
 rename providers/implementations/{serializers/serializer_rsa.c => encode_decode/encoder_rsa.c} (98%)
 rename providers/implementations/{serializers/serializer_rsa_priv.c => encode_decode/encoder_rsa_priv.c} (74%)
 rename providers/implementations/{serializers/serializer_rsa_pub.c => encode_decode/encoder_rsa_pub.c} (75%)
 delete mode 100644 providers/implementations/serializers/build.info
 delete mode 100644 providers/serializers.inc
 rename test/{serdes_test.c => endecode_test.c} (79%)
 rename test/recipes/{04-test_serializer_deserializer.t => 04-test_encoder_decoder.t} (89%)

diff --git a/CHANGES.md b/CHANGES.md
index 31e183f395..c2bbf0d167 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -612,22 +612,22 @@ OpenSSL 3.0
 
    *Rich Salz*
 
- * Introduced a new method type and API, OSSL_SERIALIZER, to
-   represent generic serializers.  An implementation is expected to
-   be able to serialize an object associated with a given name (such
+ * Introduced a new method type and API, OSSL_ENCODER, to
+   represent generic encoders.  An implementation is expected to
+   be able to encode an object associated with a given name (such
    as an algorithm name for an asymmetric key) into forms given by
    implementation properties.
 
-   Serializers are primarily used from inside libcrypto, through
+   Encoders are primarily used from inside libcrypto, through
    calls to functions like EVP_PKEY_print_private(),
    PEM_write_bio_PrivateKey() and similar.
 
-   Serializers are specified in such a way that they can be made to
+   Encoders are specified in such a way that they can be made to
    directly handle the provider side portion of an object, if this
-   provider side part comes from the same provider as the serializer
+   provider side part comes from the same provider as the encoder
    itself, but can also be made to handle objects in parametrized
    form (as an OSSL_PARAM array of data).  This allows a provider to
-   offer generic serializers as a service for any other provider.
+   offer generic encoders as a service for any other provider.
 
    *Richard Levitte*
 
@@ -769,13 +769,13 @@ OpenSSL 3.0
    *Richard Levitte*
 
  * For built-in EC curves, ensure an EC_GROUP built from the curve name is
-   used even when parsing explicit parameters, when loading a serialized key
+   used even when parsing explicit parameters, when loading a encoded key
    or calling `EC_GROUP_new_from_ecpkparameters()`/
    `EC_GROUP_new_from_ecparameters()`.
    This prevents bypass of security hardening and performance gains,
    especially for curves with specialized EC_METHODs.
    By default, if a key encoded with explicit parameters is loaded and later
-   serialized, the output is still encoded with explicit parameters, even if
+   encoded, the output is still encoded with explicit parameters, even if
    internally a "named" EC_GROUP is used for computation.
 
    *Nicola Tuveri*
@@ -1255,13 +1255,13 @@ OpenSSL 1.1.1
    *Matthias St. Pierre*
 
  * For built-in EC curves, ensure an EC_GROUP built from the curve name is
-   used even when parsing explicit parameters, when loading a serialized key
+   used even when parsing explicit parameters, when loading a encoded key
    or calling `EC_GROUP_new_from_ecpkparameters()`/
    `EC_GROUP_new_from_ecparameters()`.
    This prevents bypass of security hardening and performance gains,
    especially for curves with specialized EC_METHODs.
    By default, if a key encoded with explicit parameters is loaded and later
-   serialized, the output is still encoded with explicit parameters, even if
+   encoded, the output is still encoded with explicit parameters, even if
    internally a "named" EC_GROUP is used for computation.
 
    *Nicola Tuveri*
@@ -2025,13 +2025,13 @@ OpenSSL 1.1.0
 ### Changes between 1.1.0k and 1.1.0l [10 Sep 2019]
 
  * For built-in EC curves, ensure an EC_GROUP built from the curve name is
-   used even when parsing explicit parameters, when loading a serialized key
+   used even when parsing explicit parameters, when loading a encoded key
    or calling `EC_GROUP_new_from_ecpkparameters()`/
    `EC_GROUP_new_from_ecparameters()`.
    This prevents bypass of security hardening and performance gains,
    especially for curves with specialized EC_METHODs.
    By default, if a key encoded with explicit parameters is loaded and later
-   serialized, the output is still encoded with explicit parameters, even if
+   encoded, the output is still encoded with explicit parameters, even if
    internally a "named" EC_GROUP is used for computation.
 
    *Nicola Tuveri*
@@ -3822,13 +3822,13 @@ OpenSSL 1.0.2
 ### Changes between 1.0.2s and 1.0.2t [10 Sep 2019]
 
  * For built-in EC curves, ensure an EC_GROUP built from the curve name is
-   used even when parsing explicit parameters, when loading a serialized key
+   used even when parsing explicit parameters, when loading a encoded key
    or calling `EC_GROUP_new_from_ecpkparameters()`/
    `EC_GROUP_new_from_ecparameters()`.
    This prevents bypass of security hardening and performance gains,
    especially for curves with specialized EC_METHODs.
    By default, if a key encoded with explicit parameters is loaded and later
-   serialized, the output is still encoded with explicit parameters, even if
+   encoded, the output is still encoded with explicit parameters, even if
    internally a "named" EC_GROUP is used for computation.
 
    *Nicola Tuveri*
diff --git a/NEWS.md b/NEWS.md
index e40b2932b3..4b0171fb50 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -43,7 +43,7 @@ OpenSSL 3.0
   * Added a proper HTTP(S) client to libcrypto supporting GET and POST,
     redirection, plain and ASN.1-encoded contents, proxies, and timeouts.
   * Added util/check-format.pl for checking adherence to the coding guidelines.
-  * Added OSSL_SERIALIZER, a generic serializer API.
+  * Added OSSL_ENCODER, a generic encoder API.
   * Added OSSL_PARAM_BLD, an easier to use API to OSSL_PARAM.
   * Added error raising macros, ERR_raise() and ERR_raise_data().
   * Deprecated ERR_put_error().
diff --git a/apps/list.c b/apps/list.c
index 69a516763c..c891bf7213 100644
--- a/apps/list.c
+++ b/apps/list.c
@@ -16,8 +16,8 @@
 #include <openssl/provider.h>
 #include <openssl/safestack.h>
 #include <openssl/kdf.h>
-#include <openssl/serializer.h>
-#include <openssl/deserializer.h>
+#include <openssl/encoder.h>
+#include <openssl/decoder.h>
 #include <openssl/core_names.h>
 #include "apps.h"
 #include "app_params.h"
@@ -355,124 +355,124 @@ static void list_random_generators(void)
 }
 
 /*
- * Serializers
+ * Encoders
  */
-DEFINE_STACK_OF(OSSL_SERIALIZER)
-static int serializer_cmp(const OSSL_SERIALIZER * const *a,
-                          const OSSL_SERIALIZER * const *b)
+DEFINE_STACK_OF(OSSL_ENCODER)
+static int encoder_cmp(const OSSL_ENCODER * const *a,
+                       const OSSL_ENCODER * const *b)
 {
-    int ret = OSSL_SERIALIZER_number(*a) - OSSL_SERIALIZER_number(*b);
+    int ret = OSSL_ENCODER_number(*a) - OSSL_ENCODER_number(*b);
 
     if (ret == 0)
-        ret = strcmp(OSSL_PROVIDER_name(OSSL_SERIALIZER_provider(*a)),
-                     OSSL_PROVIDER_name(OSSL_SERIALIZER_provider(*b)));
+        ret = strcmp(OSSL_PROVIDER_name(OSSL_ENCODER_provider(*a)),
+                     OSSL_PROVIDER_name(OSSL_ENCODER_provider(*b)));
     return ret;
 }
 
-static void collect_serializers(OSSL_SERIALIZER *serializer, void *stack)
+static void collect_encoders(OSSL_ENCODER *encoder, void *stack)
 {
-    STACK_OF(OSSL_SERIALIZER) *serializer_stack = stack;
+    STACK_OF(OSSL_ENCODER) *encoder_stack = stack;
 
-    sk_OSSL_SERIALIZER_push(serializer_stack, serializer);
-    OSSL_SERIALIZER_up_ref(serializer);
+    sk_OSSL_ENCODER_push(encoder_stack, encoder);
+    OSSL_ENCODER_up_ref(encoder);
 }
 
-static void list_serializers(void)
+static void list_encoders(void)
 {
-    STACK_OF(OSSL_SERIALIZER) *serializers;
+    STACK_OF(OSSL_ENCODER) *encoders;
     int i;
 
-    serializers = sk_OSSL_SERIALIZER_new(serializer_cmp);
-    if (serializers == NULL) {
+    encoders = sk_OSSL_ENCODER_new(encoder_cmp);
+    if (encoders == NULL) {
         BIO_printf(bio_err, "ERROR: Memory allocation\n");
         return;
     }
-    BIO_printf(bio_out, "Provided SERIALIZERs:\n");
-    OSSL_SERIALIZER_do_all_provided(NULL, collect_serializers, serializers);
-    sk_OSSL_SERIALIZER_sort(serializers);
+    BIO_printf(bio_out, "Provided ENCODERs:\n");
+    OSSL_ENCODER_do_all_provided(NULL, collect_encoders, encoders);
+    sk_OSSL_ENCODER_sort(encoders);
 
-    for (i = 0; i < sk_OSSL_SERIALIZER_num(serializers); i++) {
-        OSSL_SERIALIZER *k = sk_OSSL_SERIALIZER_value(serializers, i);
+    for (i = 0; i < sk_OSSL_ENCODER_num(encoders); i++) {
+        OSSL_ENCODER *k = sk_OSSL_ENCODER_value(encoders, i);
         STACK_OF(OPENSSL_CSTRING) *names =
             sk_OPENSSL_CSTRING_new(name_cmp);
 
-        OSSL_SERIALIZER_names_do_all(k, collect_names, names);
+        OSSL_ENCODER_names_do_all(k, collect_names, names);
 
         BIO_printf(bio_out, "  ");
         print_names(bio_out, names);
         BIO_printf(bio_out, " @ %s (%s)\n",
-                   OSSL_PROVIDER_name(OSSL_SERIALIZER_provider(k)),
-                   OSSL_SERIALIZER_properties(k));
+                   OSSL_PROVIDER_name(OSSL_ENCODER_provider(k)),
+                   OSSL_ENCODER_properties(k));
 
         sk_OPENSSL_CSTRING_free(names);
 
         if (verbose) {
             print_param_types("settable operation parameters",
-                              OSSL_SERIALIZER_settable_ctx_params(k), 4);
+                              OSSL_ENCODER_settable_ctx_params(k), 4);
         }
     }
-    sk_OSSL_SERIALIZER_pop_free(serializers, OSSL_SERIALIZER_free);
+    sk_OSSL_ENCODER_pop_free(encoders, OSSL_ENCODER_free);
 }
 
 /*
- * Deserializers
+ * Decoders
  */
-DEFINE_STACK_OF(OSSL_DESERIALIZER)
-static int deserializer_cmp(const OSSL_DESERIALIZER * const *a,
-                            const OSSL_DESERIALIZER * const *b)
+DEFINE_STACK_OF(OSSL_DECODER)
+static int decoder_cmp(const OSSL_DECODER * const *a,
+                       const OSSL_DECODER * const *b)
 {
-    int ret = OSSL_DESERIALIZER_number(*a) - OSSL_DESERIALIZER_number(*b);
+    int ret = OSSL_DECODER_number(*a) - OSSL_DECODER_number(*b);
 
     if (ret == 0)
-        ret = strcmp(OSSL_PROVIDER_name(OSSL_DESERIALIZER_provider(*a)),
-                     OSSL_PROVIDER_name(OSSL_DESERIALIZER_provider(*b)));
+        ret = strcmp(OSSL_PROVIDER_name(OSSL_DECODER_provider(*a)),
+                     OSSL_PROVIDER_name(OSSL_DECODER_provider(*b)));
     return ret;
 }
 
-static void collect_deserializers(OSSL_DESERIALIZER *deserializer, void *stack)
+static void collect_decoders(OSSL_DECODER *decoder, void *stack)
 {
-    STACK_OF(OSSL_DESERIALIZER) *deserializer_stack = stack;
+    STACK_OF(OSSL_DECODER) *decoder_stack = stack;
 
-    sk_OSSL_DESERIALIZER_push(deserializer_stack, deserializer);
-    OSSL_DESERIALIZER_up_ref(deserializer);
+    sk_OSSL_DECODER_push(decoder_stack, decoder);
+    OSSL_DECODER_up_ref(decoder);
 }
 
-static void list_deserializers(void)
+static void list_decoders(void)
 {
-    STACK_OF(OSSL_DESERIALIZER) *deserializers;
+    STACK_OF(OSSL_DECODER) *decoders;
     int i;
 
-    deserializers = sk_OSSL_DESERIALIZER_new(deserializer_cmp);
-    if (deserializers == NULL) {
+    decoders = sk_OSSL_DECODER_new(decoder_cmp);
+    if (decoders == NULL) {
         BIO_printf(bio_err, "ERROR: Memory allocation\n");
         return;
     }
-    BIO_printf(bio_out, "Provided DESERIALIZERs:\n");
-    OSSL_DESERIALIZER_do_all_provided(NULL, collect_deserializers,
-                                      deserializers);
-    sk_OSSL_DESERIALIZER_sort(deserializers);
+    BIO_printf(bio_out, "Provided DECODERs:\n");
+    OSSL_DECODER_do_all_provided(NULL, collect_decoders,
+                                 decoders);
+    sk_OSSL_DECODER_sort(decoders);
 
-    for (i = 0; i < sk_OSSL_DESERIALIZER_num(deserializers); i++) {
-        OSSL_DESERIALIZER *k = sk_OSSL_DESERIALIZER_value(deserializers, i);
+    for (i = 0; i < sk_OSSL_DECODER_num(decoders); i++) {
+        OSSL_DECODER *k = sk_OSSL_DECODER_value(decoders, i);
         STACK_OF(OPENSSL_CSTRING) *names =
             sk_OPENSSL_CSTRING_new(name_cmp);
 
-        OSSL_DESERIALIZER_names_do_all(k, collect_names, names);
+        OSSL_DECODER_names_do_all(k, collect_names, names);
 
         BIO_printf(bio_out, "  ");
         print_names(bio_out, names);
         BIO_printf(bio_out, " @ %s (%s)\n",
-                   OSSL_PROVIDER_name(OSSL_DESERIALIZER_provider(k)),
-                   OSSL_DESERIALIZER_properties(k));
+                   OSSL_PROVIDER_name(OSSL_DECODER_provider(k)),
+                   OSSL_DECODER_properties(k));
 
         sk_OPENSSL_CSTRING_free(names);
 
         if (verbose) {
             print_param_types("settable operation parameters",
-                              OSSL_DESERIALIZER_settable_ctx_params(k), 4);
+                              OSSL_DECODER_settable_ctx_params(k), 4);
         }
     }
-    sk_OSSL_DESERIALIZER_pop_free(deserializers, OSSL_DESERIALIZER_free);
+    sk_OSSL_DECODER_pop_free(decoders, OSSL_DECODER_free);
 }
 
 static void list_missing_help(void)
@@ -554,7 +554,7 @@ static void list_options_for_command(const char *command)
             break;
     if (fp->name == NULL) {
         BIO_printf(bio_err, "Invalid command '%s'; type \"help\" for a list.\n",
-                command);
+                   command);
         return;
     }
 
@@ -821,8 +821,8 @@ typedef enum HELPLIST_CHOICE {
     OPT_COMMANDS, OPT_DIGEST_COMMANDS, OPT_MAC_ALGORITHMS, OPT_OPTIONS,
     OPT_DIGEST_ALGORITHMS, OPT_CIPHER_COMMANDS, OPT_CIPHER_ALGORITHMS,
     OPT_PK_ALGORITHMS, OPT_PK_METHOD, OPT_DISABLED,
-    OPT_KDF_ALGORITHMS, OPT_RANDOM_GENERATORS, OPT_SERIALIZERS,
-    OPT_DESERIALIZERS,
+    OPT_KDF_ALGORITHMS, OPT_RANDOM_GENERATORS, OPT_ENCODERS,
+    OPT_DECODERS,
     OPT_MISSING_HELP, OPT_OBJECTS,
 #ifndef OPENSSL_NO_DEPRECATED_3_0
     OPT_ENGINES, 
@@ -847,15 +847,14 @@ const OPTIONS list_options[] = {
     {"kdf-algorithms", OPT_KDF_ALGORITHMS, '-',
      "List of key derivation and pseudo random function algorithms"},
     {"random-generators", OPT_RANDOM_GENERATORS, '-',
-      "List of random number generators"},
+     "List of random number generators"},
     {"mac-algorithms", OPT_MAC_ALGORITHMS, '-',
      "List of message authentication code algorithms"},
     {"cipher-commands", OPT_CIPHER_COMMANDS, '-', "List of cipher commands"},
     {"cipher-algorithms", OPT_CIPHER_ALGORITHMS, '-',
      "List of cipher algorithms"},
-    {"serializers", OPT_SERIALIZERS, '-', "List of serialization methods" },
-    {"deserializers", OPT_DESERIALIZERS, '-',
-      "List of deserialization methods" },
+    {"encoders", OPT_ENCODERS, '-', "List of encoding methods" },
+    {"decoders", OPT_DECODERS, '-', "List of decoding methods" },
     {"public-key-algorithms", OPT_PK_ALGORITHMS, '-',
      "List of public key algorithms"},
 #ifndef OPENSSL_NO_DEPRECATED_3_0
@@ -890,8 +889,8 @@ int list_main(int argc, char **argv)
         unsigned int mac_algorithms:1;
         unsigned int cipher_commands:1;
         unsigned int cipher_algorithms:1;
-        unsigned int serializer_algorithms:1;
-        unsigned int deserializer_algorithms:1;
+        unsigned int encoder_algorithms:1;
+        unsigned int decoder_algorithms:1;
         unsigned int pk_algorithms:1;
         unsigned int pk_method:1;
 #ifndef OPENSSL_NO_DEPRECATED_3_0
@@ -943,11 +942,11 @@ opthelp:
         case OPT_CIPHER_ALGORITHMS:
             todo.cipher_algorithms = 1;
             break;
-        case OPT_SERIALIZERS:
-            todo.serializer_algorithms = 1;
+        case OPT_ENCODERS:
+            todo.encoder_algorithms = 1;
             break;
-        case OPT_DESERIALIZERS:
-            todo.deserializer_algorithms = 1;
+        case OPT_DECODERS:
+            todo.decoder_algorithms = 1;
             break;
         case OPT_PK_ALGORITHMS:
             todo.pk_algorithms = 1;
@@ -1003,10 +1002,10 @@ opthelp:
         list_type(FT_cipher, one);
     if (todo.cipher_algorithms)
         list_ciphers();
-    if (todo.serializer_algorithms)
-        list_serializers();
-    if (todo.deserializer_algorithms)
-        list_deserializers();
+    if (todo.encoder_algorithms)
+        list_encoders();
+    if (todo.decoder_algorithms)
+        list_decoders();
     if (todo.pk_algorithms)
         list_pkey();
 #ifndef OPENSSL_NO_DEPRECATED_3_0
diff --git a/crypto/asn1/i2d_pr.c b/crypto/asn1/i2d_pr.c
index 545300cbab..84513db5bf 100644
--- a/crypto/asn1/i2d_pr.c
+++ b/crypto/asn1/i2d_pr.c
@@ -10,7 +10,7 @@
 #include <stdio.h>
 #include "internal/cryptlib.h"
 #include <openssl/evp.h>
-#include <openssl/serializer.h>
+#include <openssl/encoder.h>
 #include <openssl/buffer.h>
 #include <openssl/x509.h>
 #include "crypto/asn1.h"
@@ -31,17 +31,17 @@ int i2d_PrivateKey(const EVP_PKEY *a, unsigned char **pp)
         return ret;
     }
     if (a->keymgmt != NULL) {
-        const char *serprop = OSSL_SERIALIZER_PrivateKey_TO_DER_PQ;
-        OSSL_SERIALIZER_CTX *ctx =
-            OSSL_SERIALIZER_CTX_new_by_EVP_PKEY(a, serprop);
+        const char *encprop = OSSL_ENCODER_PrivateKey_TO_DER_PQ;
+        OSSL_ENCODER_CTX *ctx =
+            OSSL_ENCODER_CTX_new_by_EVP_PKEY(a, encprop);
         BIO *out = BIO_new(BIO_s_mem());
         BUF_MEM *buf = NULL;
         int ret = -1;
 
         if (ctx != NULL
             && out != NULL
-            && OSSL_SERIALIZER_CTX_get_serializer(ctx) != NULL
-            && OSSL_SERIALIZER_to_bio(ctx, out)
+            && OSSL_ENCODER_CTX_get_encoder(ctx) != NULL
+            && OSSL_ENCODER_to_bio(ctx, out)
             && BIO_get_mem_ptr(out, &buf) > 0) {
             ret = buf->length;
 
@@ -57,7 +57,7 @@ int i2d_PrivateKey(const EVP_PKEY *a, unsigned char **pp)
             }
         }
         BIO_free(out);
-        OSSL_SERIALIZER_CTX_free(ctx);
+        OSSL_ENCODER_CTX_free(ctx);
         return ret;
     }
     ASN1err(ASN1_F_I2D_PRIVATEKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
diff --git a/crypto/build.info b/crypto/build.info
index 83625029c0..07e3dd526f 100644
--- a/crypto/build.info
+++ b/crypto/build.info
@@ -5,7 +5,7 @@ SUBDIRS=objects buffer bio stack lhash rand evp asn1 pem x509 conf \
         md2 md4 md5 sha mdc2 hmac ripemd whrlpool poly1305 \
         siphash sm3 des aes rc2 rc4 rc5 idea aria bf cast camellia \
         seed sm4 chacha modes bn ec rsa dsa dh sm2 dso engine \
-        err comp http ocsp cms ts srp cmac ct async ess crmf cmp serializer \
+        err comp http ocsp cms ts srp cmac ct async ess crmf cmp encode_decode \
         ffc
 
 LIBS=../libcrypto
diff --git a/crypto/encode_decode/build.info b/crypto/encode_decode/build.info
new file mode 100644
index 0000000000..4686c4a19d
--- /dev/null
+++ b/crypto/encode_decode/build.info
@@ -0,0 +1,8 @@
+SOURCE[../../libcrypto]=endecode_pass.c
+
+SOURCE[../../libcrypto]=encoder_meth.c encoder_lib.c encoder_pkey.c
+SOURCE[../../libcrypto]=decoder_meth.c decoder_lib.c \
+        decoder_pkey.c
+
+SOURCE[../../libcrypto]=encoder_err.c
+SOURCE[../../libcrypto]=decoder_err.c
diff --git a/crypto/serializer/deserializer_err.c b/crypto/encode_decode/decoder_err.c
similarity index 55%
copy from crypto/serializer/deserializer_err.c
copy to crypto/encode_decode/decoder_err.c
index 2cc245996f..984f7abeb9 100644
--- a/crypto/serializer/deserializer_err.c
+++ b/crypto/encode_decode/decoder_err.c
@@ -9,23 +9,23 @@
  */
 
 #include <openssl/err.h>
-#include <openssl/deserializererr.h>
+#include <openssl/decodererr.h>
 
 #ifndef OPENSSL_NO_ERR
 
-static const ERR_STRING_DATA OSSL_DESERIALIZER_str_reasons[] = {
-    {ERR_PACK(ERR_LIB_OSSL_DESERIALIZER, 0, OSSL_DESERIALIZER_R_MISSING_GET_PARAMS),
-    "missing get params"},
+static const ERR_STRING_DATA OSSL_DECODER_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_OSSL_DECODER, 0, OSSL_DECODER_R_MISSING_GET_PARAMS),
+     "missing get params"},
     {0, NULL}
 };
 
 #endif
 
-int ERR_load_OSSL_DESERIALIZER_strings(void)
+int ERR_load_OSSL_DECODER_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-    if (ERR_reason_error_string(OSSL_DESERIALIZER_str_reasons[0].error) == NULL)
-        ERR_load_strings_const(OSSL_DESERIALIZER_str_reasons);
+    if (ERR_reason_error_string(OSSL_DECODER_str_reasons[0].error) == NULL)
+        ERR_load_strings_const(OSSL_DECODER_str_reasons);
 #endif
     return 1;
 }
diff --git a/crypto/encode_decode/decoder_lib.c b/crypto/encode_decode/decoder_lib.c
new file mode 100644
index 0000000000..21b4703084
--- /dev/null
+++ b/crypto/encode_decode/decoder_lib.c
@@ -0,0 +1,483 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/core_names.h>
+#include <openssl/bio.h>
+#include <openssl/params.h>
+#include <openssl/provider.h>
+#include "encoder_local.h"
+#include "e_os.h"
+
+struct decoder_process_data_st {
+    OSSL_DECODER_CTX *ctx;
+
+    /* Current BIO */
+    BIO *bio;
+
+    /* Index of the current decoder instance to be processed */
+    size_t current_deser_inst_index;
+};
+
+static int decoder_process(const OSSL_PARAM params[], void *arg);
+
+int OSSL_DECODER_from_bio(OSSL_DECODER_CTX *ctx, BIO *in)
+{
+    struct decoder_process_data_st data;
+    int ok = 0;
+
+    memset(&data, 0, sizeof(data));
+    data.ctx = ctx;
+    data.bio = in;
+
+    ok = decoder_process(NULL, &data);
+
+    /* Clear any internally cached passphrase */
+    if (!ctx->flag_user_passphrase) {
+        OSSL_DECODER_CTX_set_passphrase(ctx, NULL, 0);
+        ctx->flag_user_passphrase = 0;
+    }
+    return ok;
+}
+
+#ifndef OPENSSL_NO_STDIO
+static BIO *bio_from_file(FILE *fp)
+{
+    BIO *b;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_BIO_LIB);
+        return NULL;
+    }
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    return b;
+}
+
+int OSSL_DECODER_from_fp(OSSL_DECODER_CTX *ctx, FILE *fp)
+{
+    BIO *b = bio_from_file(fp);
+    int ret = 0;
+
+    if (b != NULL)
+        ret = OSSL_DECODER_from_bio(ctx, b);
+
+    BIO_free(b);
+    return ret;
+}
+#endif
+
+int OSSL_DECODER_CTX_set_input_type(OSSL_DECODER_CTX *ctx,
+                                    const char *input_type)
+{
+    if (!ossl_assert(ctx != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    /*
+     * NULL is a valid starting input type, and means that the caller leaves
+     * it to code to discover what the starting input type is.
+     */
+    ctx->start_input_type = input_type;
+    return 1;
+}
+
+int OSSL_DECODER_CTX_add_decoder(OSSL_DECODER_CTX *ctx, OSSL_DECODER *decoder)
+{
+    OSSL_DECODER_INSTANCE *decoder_inst = NULL;
+    const OSSL_PROVIDER *prov = NULL;
+    OSSL_PARAM params[2];
+    void *provctx = NULL;
+
+    if (!ossl_assert(ctx != NULL) || !ossl_assert(decoder != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    if (decoder->get_params == NULL) {
+        ERR_raise(ERR_LIB_OSSL_DECODER,
+                  OSSL_DECODER_R_MISSING_GET_PARAMS);
+        return 0;
+    }
+
+    if (ctx->decoder_insts == NULL
+        && (ctx->decoder_insts =
+            sk_OSSL_DECODER_INSTANCE_new_null()) == NULL) {
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    if ((decoder_inst = OPENSSL_zalloc(sizeof(*decoder_inst))) == NULL) {
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    if (!OSSL_DECODER_up_ref(decoder)) {
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
+    decoder_inst->decoder = decoder;
+
+    prov = OSSL_DECODER_provider(decoder_inst->decoder);
+    provctx = OSSL_PROVIDER_get0_provider_ctx(prov);
+
+    /* Cache the input type for this encoder */
+    params[0] =
+        OSSL_PARAM_construct_utf8_ptr(OSSL_DECODER_PARAM_INPUT_TYPE,
+                                      (char **)&decoder_inst->input_type, 0);
+    params[1] = OSSL_PARAM_construct_end();
+
+    if (!decoder_inst->decoder->get_params(params)
+        || !OSSL_PARAM_modified(&params[0]))
+        goto err;
+
+    if ((decoder_inst->deserctx = decoder_inst->decoder->newctx(provctx))
+        == NULL)
+        goto err;
+
+    if (sk_OSSL_DECODER_INSTANCE_push(ctx->decoder_insts, decoder_inst) <= 0)
+        goto err;
+
+    return 1;
+ err:
+    if (decoder_inst != NULL) {
+        if (decoder_inst->decoder != NULL)
+            decoder_inst->decoder->freectx(decoder_inst->deserctx);
+        OSSL_DECODER_free(decoder_inst->decoder);
+        OPENSSL_free(decoder_inst);
+    }
+    return 0;
+}
+
+int OSSL_DECODER_CTX_add_extra(OSSL_DECODER_CTX *ctx,
+                               OPENSSL_CTX *libctx, const char *propq)
+{
+    /*
+     * This function goes through existing decoder methods in
+     * |ctx->decoder_insts|, and tries to fetch new decoders that produce
+     * what the existing ones want as input, and push those newly fetched
+     * decoders on top of the same stack.
+     * Then it does the same again, but looping over the newly fetched
+     * decoders, until there are no more encoders to be fetched, or
+     * when we have done this 10 times.
+     *
+     * we do this with sliding windows on the stack by keeping track of indexes
+     * and of the end.
+     *
+     * +----------------+
+     * |   DER to RSA   | <--- w_prev_start
+     * +----------------+
+     * |   DER to DSA   |
+     * +----------------+
+     * |   DER to DH    |
+     * +----------------+
+     * |   PEM to DER   | <--- w_prev_end, w_new_start
+     * +----------------+
+     *                    <--- w_new_end
+     */
+    size_t w_prev_start, w_prev_end; /* "previous" decoders */
+    size_t w_new_start, w_new_end;   /* "new" decoders */
+    size_t count = 0; /* Calculates how many were added in each iteration */
+    size_t depth = 0; /* Counts the number of iterations */
+
+    if (!ossl_assert(ctx != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    /*
+     * If there is no stack of OSSL_DECODER_INSTANCE, we have nothing
+     * more to add.  That's fine.
+     */
+    if (ctx->decoder_insts == NULL)
+        return 1;
+
+    w_prev_start = 0;
+    w_prev_end = sk_OSSL_DECODER_INSTANCE_num(ctx->decoder_insts);
+    do {
+        size_t i;
+
+        w_new_start = w_new_end = w_prev_end;
+
+        for (i = w_prev_start; i < w_prev_end; i++) {
+            OSSL_DECODER_INSTANCE *decoder_inst =
+                sk_OSSL_DECODER_INSTANCE_value(ctx->decoder_insts, i);
+            const char *name = decoder_inst->input_type;
+            OSSL_DECODER *decoder = NULL;
+
+            /*
+             * If the caller has specified what the initial input should be,
+             * and the decoder implementation we're looking at has that
+             * input type, there's no point adding on more implementations
+             * on top of this one, so we don't.
+             */
+            if (ctx->start_input_type != NULL
+                && strcasecmp(ctx->start_input_type,
+                              decoder_inst->input_type) != 0)
+                continue;
+
+            ERR_set_mark();
+            decoder = OSSL_DECODER_fetch(libctx, name, propq);
+            ERR_pop_to_mark();
+
+            if (decoder != NULL) {
+                size_t j;
+
+                /*
+                 * Check that we don't already have this decoder in our
+                 * stack We only need to check among the newly added ones.
+                 */
+                for (j = w_new_start; j < w_new_end; j++) {
+                    OSSL_DECODER_INSTANCE *check_inst =
+                        sk_OSSL_DECODER_INSTANCE_value(ctx->decoder_insts, j);
+
+                    if (decoder == check_inst->decoder) {
+                        /* We found it, so drop the new fetch */
+                        OSSL_DECODER_free(decoder);
+                        decoder = NULL;
+                        break;
+                    }
+                }
+            }
+
+            if (decoder == NULL)
+                continue;
+
+            /*
+             * Apart from keeping w_new_end up to date, We don't care about
+             * errors here.  If it doesn't collect, then it doesn't...
+             */
+            if (OSSL_DECODER_CTX_add_decoder(ctx, decoder)) /* ref++ */
+                w_new_end++;
+            OSSL_DECODER_free(decoder); /* ref-- */
+        }
+        /* How many were added in this iteration */
+        count = w_new_end - w_new_start;
+
+        /* Slide the "previous decoder" windows */
+        w_prev_start = w_new_start;
+        w_prev_end = w_new_end;
+
+        depth++;
+    } while (count != 0 && depth <= 10);
+
+    return 1;
+}
+
+int OSSL_DECODER_CTX_num_decoders(OSSL_DECODER_CTX *ctx)
+{
+    if (ctx == NULL || ctx->decoder_insts == NULL)
+        return 0;
+    return sk_OSSL_DECODER_INSTANCE_num(ctx->decoder_insts);
+}
+
+int OSSL_DECODER_CTX_set_construct(OSSL_DECODER_CTX *ctx,
+                                   OSSL_DECODER_CONSTRUCT *construct)
+{
+    if (!ossl_assert(ctx != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    ctx->construct = construct;
+    return 1;
+}
+
+int OSSL_DECODER_CTX_set_construct_data(OSSL_DECODER_CTX *ctx,
+                                        void *construct_data)
+{
+    if (!ossl_assert(ctx != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    ctx->construct_data = construct_data;
+    return 1;
+}
+
+int OSSL_DECODER_CTX_set_cleanup(OSSL_DECODER_CTX *ctx,
+                                 OSSL_DECODER_CLEANUP *cleanup)
+{
+    if (!ossl_assert(ctx != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    ctx->cleanup = cleanup;
+    return 1;
+}
+
+OSSL_DECODER_CONSTRUCT *
+OSSL_DECODER_CTX_get_construct(OSSL_DECODER_CTX *ctx)
+{
+    if (ctx == NULL)
+        return NULL;
+    return ctx->construct;
+}
+
+void *OSSL_DECODER_CTX_get_construct_data(OSSL_DECODER_CTX *ctx)
+{
+    if (ctx == NULL)
+        return NULL;
+    return ctx->construct_data;
+}
+
+OSSL_DECODER_CLEANUP *
+OSSL_DECODER_CTX_get_cleanup(OSSL_DECODER_CTX *ctx)
+{
+    if (ctx == NULL)
+        return NULL;
+    return ctx->cleanup;
+}
+
+int OSSL_DECODER_export(OSSL_DECODER_INSTANCE *decoder_inst,
+                        void *reference, size_t reference_sz,
+                        OSSL_CALLBACK *export_cb, void *export_cbarg)
+{
+    if (!(ossl_assert(decoder_inst != NULL)
+          && ossl_assert(reference != NULL)
+          && ossl_assert(export_cb != NULL)
+          && ossl_assert(export_cbarg != NULL))) {
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    return decoder_inst->decoder->export_object(decoder_inst->deserctx,
+                                                reference, reference_sz,
+                                                export_cb, export_cbarg);
+}
+
+OSSL_DECODER *OSSL_DECODER_INSTANCE_decoder(OSSL_DECODER_INSTANCE *decoder_inst)
+{
+    if (decoder_inst == NULL)
+        return NULL;
+    return decoder_inst->decoder;
+}
+
+void *OSSL_DECODER_INSTANCE_decoder_ctx(OSSL_DECODER_INSTANCE *decoder_inst)
+{
+    if (decoder_inst == NULL)
+        return NULL;
+    return decoder_inst->deserctx;
+}
+
+static int decoder_process(const OSSL_PARAM params[], void *arg)
+{
+    struct decoder_process_data_st *data = arg;
+    OSSL_DECODER_CTX *ctx = data->ctx;
+    OSSL_DECODER_INSTANCE *decoder_inst = NULL;
+    OSSL_DECODER *decoder = NULL;
+    BIO *bio = data->bio;
+    long loc;
+    size_t i;
+    int ok = 0;
+    /* For recursions */
+    struct decoder_process_data_st new_data;
+
+    memset(&new_data, 0, sizeof(new_data));
+    new_data.ctx = data->ctx;
+
+    if (params == NULL) {
+        /* First iteration, where we prepare for what is to come */
+
+        data->current_deser_inst_index =
+            OSSL_DECODER_CTX_num_decoders(ctx);
+
+        bio = data->bio;
+    } else {
+        const OSSL_PARAM *p;
+
+        decoder_inst =
+            sk_OSSL_DECODER_INSTANCE_value(ctx->decoder_insts,
+                                           data->current_deser_inst_index);
+        decoder = OSSL_DECODER_INSTANCE_decoder(decoder_inst);
+
+        if (ctx->construct != NULL
+            && ctx->construct(decoder_inst, params, ctx->construct_data)) {
+            ok = 1;
+            goto end;
+        }
+
+        /* The constructor didn't return success */
+
+        /*
+         * so we try to use the object we got and feed it to any next
+         * decoder that will take it.  Object references are not
+         * allowed for this.
+         * If this data isn't present, decoding has failed.
+         */
+
+        p = OSSL_PARAM_locate_const(params, OSSL_DECODER_PARAM_DATA);
+        if (p == NULL || p->data_type != OSSL_PARAM_OCTET_STRING)
+            goto end;
+        new_data.bio = BIO_new_mem_buf(p->data, (int)p->data_size);
+        if (new_data.bio == NULL)
+            goto end;
+        bio = new_data.bio;
+    }
+
+    /*
+     * If we have no more decoders to look through at this point,
+     * we failed
+     */
+    if (data->current_deser_inst_index == 0)
+        goto end;
+
+    if ((loc = BIO_tell(bio)) < 0) {
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_BIO_LIB);
+        goto end;
+    }
+
+    for (i = data->current_deser_inst_index; i-- > 0;) {
+        OSSL_DECODER_INSTANCE *new_deser_inst =
+            sk_OSSL_DECODER_INSTANCE_value(ctx->decoder_insts, i);
+        OSSL_DECODER *new_deser =
+            OSSL_DECODER_INSTANCE_decoder(new_deser_inst);
+
+        /*
+         * If |decoder| is NULL, it means we've just started, and the caller
+         * may have specified what it expects the initial input to be.  If
+         * that's the case, we do this extra check.
+         */
+        if (decoder == NULL && ctx->start_input_type != NULL
+            && strcasecmp(ctx->start_input_type,
+                          new_deser_inst->input_type) != 0)
+            continue;
+
+        /*
+         * If we have a previous decoder, we check that the input type
+         * of the next to be used matches the type of this previous one.
+         * decoder_inst->input_type is a cache of the parameter "input-type"
+         * value for that decoder.
+         */
+        if (decoder != NULL
+            && !OSSL_DECODER_is_a(decoder, new_deser_inst->input_type))
+            continue;
+
+        /*
+         * Checking the return value of BIO_reset() or BIO_seek() is unsafe.
+         * Furthermore, BIO_reset() is unsafe to use if the source BIO happens
+         * to be a BIO_s_mem(), because the earlier BIO_tell() gives us zero
+         * no matter where we are in the underlying buffer we're reading from.
+         *
+         * So, we simply do a BIO_seek(), and use BIO_tell() that we're back
+         * at the same position.  This is a best effort attempt, but BIO_seek()
+         * and BIO_tell() should come as a pair...
+         */
+        (void)BIO_seek(bio, loc);
+        if (BIO_tell(bio) != loc)
+            goto end;
+
+        /* Recurse */
+        new_data.current_deser_inst_index = i;
+        ok = new_deser->decode(new_deser_inst->deserctx, (OSSL_CORE_BIO *)bio,
+                               decoder_process, &new_data,
+                               ctx->passphrase_cb, new_data.ctx);
+        if (ok)
+            break;
+    }
+
+ end:
+    BIO_free(new_data.bio);
+    return ok;
+}
diff --git a/crypto/encode_decode/decoder_meth.c b/crypto/encode_decode/decoder_meth.c
new file mode 100644
index 0000000000..2259c6348a
--- /dev/null
+++ b/crypto/encode_decode/decoder_meth.c
@@ -0,0 +1,552 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/core.h>
+#include <openssl/core_dispatch.h>
+#include <openssl/decoder.h>
+#include <openssl/ui.h>
+#include "internal/core.h"
+#include "internal/namemap.h"
+#include "internal/property.h"
+#include "internal/provider.h"
+#include "crypto/encoder.h"
+#include "encoder_local.h"
+
+static void OSSL_DECODER_INSTANCE_free(OSSL_DECODER_INSTANCE *instance);
+
+/*
+ * Decoder can have multiple names, separated with colons in a name string
+ */
+#define NAME_SEPARATOR ':'
+
+/* Simple method structure constructor and destructor */
+static OSSL_DECODER *ossl_decoder_new(void)
+{
+    OSSL_DECODER *decoder = NULL;
+
+    if ((decoder = OPENSSL_zalloc(sizeof(*decoder))) == NULL
+        || (decoder->base.lock = CRYPTO_THREAD_lock_new()) == NULL) {
+        OSSL_DECODER_free(decoder);
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    decoder->base.refcnt = 1;
+
+    return decoder;
+}
+
+int OSSL_DECODER_up_ref(OSSL_DECODER *decoder)
+{
+    int ref = 0;
+
+    CRYPTO_UP_REF(&decoder->base.refcnt, &ref, decoder->base.lock);
+    return 1;
+}
+
+void OSSL_DECODER_free(OSSL_DECODER *decoder)
+{
+    int ref = 0;
+
+    if (decoder == NULL)
+        return;
+
+    CRYPTO_DOWN_REF(&decoder->base.refcnt, &ref, decoder->base.lock);
+    if (ref > 0)
+        return;
+    ossl_provider_free(decoder->base.prov);
+    CRYPTO_THREAD_lock_free(decoder->base.lock);
+    OPENSSL_free(decoder);
+}
+
+/* Permanent decoder method store, constructor and destructor */
+static void decoder_store_free(void *vstore)
+{
+    ossl_method_store_free(vstore);
+}
+
+static void *decoder_store_new(OPENSSL_CTX *ctx)
+{
+    return ossl_method_store_new(ctx);
+}
+
+
+static const OPENSSL_CTX_METHOD decoder_store_method = {
+    decoder_store_new,
+    decoder_store_free,
+};
+
+/* Data to be passed through ossl_method_construct() */
+struct decoder_data_st {
+    OPENSSL_CTX *libctx;
+    OSSL_METHOD_CONSTRUCT_METHOD *mcm;
+    int id;                      /* For get_decoder_from_store() */
+    const char *names;           /* For get_decoder_from_store() */
+    const char *propquery;       /* For get_decoder_from_store() */
+};
+
+/*
+ * Generic routines to fetch / create DECODER methods with
+ * ossl_method_construct()
+ */
+
+/* Temporary decoder method store, constructor and destructor */
+static void *alloc_tmp_decoder_store(OPENSSL_CTX *ctx)
+{
+    return ossl_method_store_new(ctx);
+}
+
+static void dealloc_tmp_decoder_store(void *store)
+{
+    if (store != NULL)
+        ossl_method_store_free(store);
+}
+
+/* Get the permanent decoder store */
+static OSSL_METHOD_STORE *get_decoder_store(OPENSSL_CTX *libctx)
+{
+    return openssl_ctx_get_data(libctx, OPENSSL_CTX_DECODER_STORE_INDEX,
+                                &decoder_store_method);
+}
+
+/* Get decoder methods from a store, or put one in */
+static void *get_decoder_from_store(OPENSSL_CTX *libctx, void *store,
+                                    void *data)
+{
+    struct decoder_data_st *methdata = data;
+    void *method = NULL;
+    int id;
+
+    if ((id = methdata->id) == 0) {
+        OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
+
+        id = ossl_namemap_name2num(namemap, methdata->names);
+    }
+
+    if (store == NULL
+        && (store = get_decoder_store(libctx)) == NULL)
+        return NULL;
+
+    if (!ossl_method_store_fetch(store, id, methdata->propquery, &method))
+        return NULL;
+    return method;
+}
+
+static int put_decoder_in_store(OPENSSL_CTX *libctx, void *store,
+                                void *method, const OSSL_PROVIDER *prov,
+                                int operation_id, const char *names,
+                                const char *propdef, void *unused)
+{
+    OSSL_NAMEMAP *namemap;
+    int id;
+
+    if ((namemap = ossl_namemap_stored(libctx)) == NULL
+        || (id = ossl_namemap_name2num(namemap, names)) == 0)
+        return 0;
+
+    if (store == NULL && (store = get_decoder_store(libctx)) == NULL)
+        return 0;
+
+    return ossl_method_store_add(store, prov, id, propdef, method,
+                                 (int (*)(void *))OSSL_DECODER_up_ref,
+                                 (void (*)(void *))OSSL_DECODER_free);
+}
+
+/* Create and populate a decoder method */
+static void *decoder_from_dispatch(int id, const OSSL_ALGORITHM *algodef,
+                                   OSSL_PROVIDER *prov)
+{
+    OSSL_DECODER *decoder = NULL;
+    const OSSL_DISPATCH *fns = algodef->implementation;
+
+    if ((decoder = ossl_decoder_new()) == NULL)
+        return NULL;
+    decoder->base.id = id;
+    decoder->base.propdef = algodef->property_definition;
+
+    for (; fns->function_id != 0; fns++) {
+        switch (fns->function_id) {
+        case OSSL_FUNC_DECODER_NEWCTX:
+            if (decoder->newctx == NULL)
+                decoder->newctx = OSSL_FUNC_decoder_newctx(fns);
+            break;
+        case OSSL_FUNC_DECODER_FREECTX:
+            if (decoder->freectx == NULL)
+                decoder->freectx = OSSL_FUNC_decoder_freectx(fns);
+            break;
+        case OSSL_FUNC_DECODER_GET_PARAMS:
+            if (decoder->get_params == NULL)
+                decoder->get_params =
+                    OSSL_FUNC_decoder_get_params(fns);
+            break;
+        case OSSL_FUNC_DECODER_GETTABLE_PARAMS:
+            if (decoder->gettable_params == NULL)
+                decoder->gettable_params =
+                    OSSL_FUNC_decoder_gettable_params(fns);
+            break;
+        case OSSL_FUNC_DECODER_SET_CTX_PARAMS:
+            if (decoder->set_ctx_params == NULL)
+                decoder->set_ctx_params =
+                    OSSL_FUNC_decoder_set_ctx_params(fns);
+            break;
+        case OSSL_FUNC_DECODER_SETTABLE_CTX_PARAMS:
+            if (decoder->settable_ctx_params == NULL)
+                decoder->settable_ctx_params =
+                    OSSL_FUNC_decoder_settable_ctx_params(fns);
+            break;
+        case OSSL_FUNC_DECODER_DECODE:
+            if (decoder->decode == NULL)
+                decoder->decode = OSSL_FUNC_decoder_decode(fns);
+            break;
+        case OSSL_FUNC_DECODER_EXPORT_OBJECT:
+            if (decoder->export_object == NULL)
+                decoder->export_object = OSSL_FUNC_decoder_export_object(fns);
+            break;
+        }
+    }
+    /*
+     * Try to check that the method is sensible.
+     * If you have a constructor, you must have a destructor and vice versa.
+     * You must have at least one of the encoding driver functions.
+     */
+    if (!((decoder->newctx == NULL && decoder->freectx == NULL)
+          || (decoder->newctx != NULL && decoder->freectx != NULL))
+        || (decoder->decode == NULL && decoder->export_object == NULL)) {
+        OSSL_DECODER_free(decoder);
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_INVALID_PROVIDER_FUNCTIONS);
+        return NULL;
+    }
+
+    if (prov != NULL && !ossl_provider_up_ref(prov)) {
+        OSSL_DECODER_free(decoder);
+        return NULL;
+    }
+
+    decoder->base.prov = prov;
+    return decoder;
+}
+
+
+/*
+ * The core fetching functionality passes the names of the implementation.
+ * This function is responsible to getting an identity number for them,
+ * then call decoder_from_dispatch() with that identity number.
+ */
+static void *construct_decoder(const OSSL_ALGORITHM *algodef,
+                               OSSL_PROVIDER *prov, void *unused)
+{
+    /*
+     * This function is only called if get_decoder_from_store() returned
+     * NULL, so it's safe to say that of all the spots to create a new
+     * namemap entry, this is it.  Should the name already exist there, we
+     * know that ossl_namemap_add() will return its corresponding number.
+     */
+    OPENSSL_CTX *libctx = ossl_provider_library_context(prov);
+    OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
+    const char *names = algodef->algorithm_names;
+    int id = ossl_namemap_add_names(namemap, 0, names, NAME_SEPARATOR);
+    void *method = NULL;
+
+    if (id != 0)
+        method = decoder_from_dispatch(id, algodef, prov);
+
+    return method;
+}
+
+/* Intermediary function to avoid ugly casts, used below */
+static void destruct_decoder(void *method, void *data)
+{
+    OSSL_DECODER_free(method);
+}
+
+static int up_ref_decoder(void *method)
+{
+    return OSSL_DECODER_up_ref(method);
+}
+
+static void free_decoder(void *method)
+{
+    OSSL_DECODER_free(method);
+}
+
+/* Fetching support.  Can fetch by numeric identity or by name */
+static OSSL_DECODER *inner_ossl_decoder_fetch(OPENSSL_CTX *libctx, int id,
+                                              const char *name,
+                                              const char *properties)
+{
+    OSSL_METHOD_STORE *store = get_decoder_store(libctx);
+    OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
+    void *method = NULL;
+
+    if (store == NULL || namemap == NULL)
+        return NULL;
+
+    /*
+     * If we have been passed neither a name_id or a name, we have an
+     * internal programming error.
+     */
+    if (!ossl_assert(id != 0 || name != NULL))
+        return NULL;
+
+    if (id == 0)
+        id = ossl_namemap_name2num(namemap, name);
+
+    if (id == 0
+        || !ossl_method_store_cache_get(store, id, properties, &method)) {
+        OSSL_METHOD_CONSTRUCT_METHOD mcm = {
+            alloc_tmp_decoder_store,
+            dealloc_tmp_decoder_store,
+            get_decoder_from_store,
+            put_decoder_in_store,
+            construct_decoder,
+            destruct_decoder
+        };
+        struct decoder_data_st mcmdata;
+
+        mcmdata.libctx = libctx;
+        mcmdata.mcm = &mcm;
+        mcmdata.id = id;
+        mcmdata.names = name;
+        mcmdata.propquery = properties;
+        if ((method = ossl_method_construct(libctx, OSSL_OP_DECODER,
+                                            0 /* !force_cache */,
+                                            &mcm, &mcmdata)) != NULL) {
+            /*
+             * If construction did create a method for us, we know that
+             * there is a correct name_id and meth_id, since those have
+             * already been calculated in get_decoder_from_store() and
+             * put_decoder_in_store() above.
+             */
+            if (id == 0)
+                id = ossl_namemap_name2num(namemap, name);
+            ossl_method_store_cache_set(store, id, properties, method,
+                                        up_ref_decoder, free_decoder);
+        }
+    }
+
+    return method;
+}
+
+OSSL_DECODER *OSSL_DECODER_fetch(OPENSSL_CTX *libctx, const char *name,
+                                 const char *properties)
+{
+    return inner_ossl_decoder_fetch(libctx, 0, name, properties);
+}
+
+OSSL_DECODER *ossl_decoder_fetch_by_number(OPENSSL_CTX *libctx, int id,
+                                           const char *properties)
+{
+    return inner_ossl_decoder_fetch(libctx, id, NULL, properties);
+}
+
+/*
+ * Library of basic method functions
+ */
+
+const OSSL_PROVIDER *OSSL_DECODER_provider(const OSSL_DECODER *decoder)
+{
+    if (!ossl_assert(decoder != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    return decoder->base.prov;
+}
+
+const char *OSSL_DECODER_properties(const OSSL_DECODER *decoder)
+{
+    if (!ossl_assert(decoder != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    return decoder->base.propdef;
+}
+
+int OSSL_DECODER_number(const OSSL_DECODER *decoder)
+{
+    if (!ossl_assert(decoder != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    return decoder->base.id;
+}
+
+int OSSL_DECODER_is_a(const OSSL_DECODER *decoder, const char *name)
+{
+    if (decoder->base.prov != NULL) {
+        OPENSSL_CTX *libctx = ossl_provider_library_context(decoder->base.prov);
+        OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
+
+        return ossl_namemap_name2num(namemap, name) == decoder->base.id;
+    }
+    return 0;
+}
+
+struct decoder_do_all_data_st {
+    void (*user_fn)(void *method, void *arg);
+    void *user_arg;
+};
+
+static void decoder_do_one(OSSL_PROVIDER *provider,
+                           const OSSL_ALGORITHM *algodef,
+                           int no_store, void *vdata)
+{
+    struct decoder_do_all_data_st *data = vdata;
+    OPENSSL_CTX *libctx = ossl_provider_library_context(provider);
+    OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
+    const char *names = algodef->algorithm_names;
+    int id = ossl_namemap_add_names(namemap, 0, names, NAME_SEPARATOR);
+    void *method = NULL;
+
+    if (id != 0)
+        method =
+            decoder_from_dispatch(id, algodef, provider);
+
+    if (method != NULL) {
+        data->user_fn(method, data->user_arg);
+        OSSL_DECODER_free(method);
+    }
+}
+
+void OSSL_DECODER_do_all_provided(OPENSSL_CTX *libctx,
+                                  void (*fn)(OSSL_DECODER *decoder, void *arg),
+                                  void *arg)
+{
+    struct decoder_do_all_data_st data;
+
+    data.user_fn = (void (*)(void *, void *))fn;
+    data.user_arg = arg;
+    ossl_algorithm_do_all(libctx, OSSL_OP_DECODER, NULL,
+                          NULL, decoder_do_one, NULL,
+                          &data);
+}
+
+void OSSL_DECODER_names_do_all(const OSSL_DECODER *decoder,
+                               void (*fn)(const char *name, void *data),
+                               void *data)
+{
+    if (decoder == NULL)
+        return;
+
+    if (decoder->base.prov != NULL) {
+        OPENSSL_CTX *libctx = ossl_provider_library_context(decoder->base.prov);
+        OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
+
+        ossl_namemap_doall_names(namemap, decoder->base.id, fn, data);
+    }
+}
+
+const OSSL_PARAM *
+OSSL_DECODER_gettable_params(OSSL_DECODER *decoder)
+{
+    if (decoder != NULL && decoder->gettable_params != NULL) {
+        void *provctx = ossl_provider_ctx(OSSL_DECODER_provider(decoder));
+
+        return decoder->gettable_params(provctx);
+    }
+    return NULL;
+}
+
+int OSSL_DECODER_get_params(OSSL_DECODER *decoder, OSSL_PARAM params[])
+{
+    if (decoder != NULL && decoder->get_params != NULL)
+        return decoder->get_params(params);
+    return 0;
+}
+
+const OSSL_PARAM *
+OSSL_DECODER_settable_ctx_params(OSSL_DECODER *decoder)
+{
+    if (decoder != NULL && decoder->settable_ctx_params != NULL) {
+        void *provctx = ossl_provider_ctx(OSSL_DECODER_provider(decoder));
+
+        return decoder->settable_ctx_params(provctx);
+    }
+    return NULL;
+}
+
+/*
+ * Decoder context support
+ */
+
+/*
+ * |encoder| value NULL is valid, and signifies that there is no decoder.
+ * This is useful to provide fallback mechanisms.
+ *  Functions that want to verify if there is a decoder can do so with
+ * OSSL_DECODER_CTX_get_decoder()
+ */
+OSSL_DECODER_CTX *OSSL_DECODER_CTX_new(void)
+{
+    OSSL_DECODER_CTX *ctx;
+
+    if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) {
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    ctx->passphrase_cb = ossl_decoder_passphrase_in_cb;
+    return ctx;
+}
+
+int OSSL_DECODER_CTX_set_params(OSSL_DECODER_CTX *ctx,
+                                const OSSL_PARAM params[])
+{
+    size_t i;
+    size_t l;
+
+    if (!ossl_assert(ctx != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    if (ctx->decoder_insts == NULL)
+        return 1;
+
+    l = (size_t)sk_OSSL_DECODER_INSTANCE_num(ctx->decoder_insts);
+    for (i = 0; i < l; i++) {
+        OSSL_DECODER_INSTANCE *decoder_inst =
+            sk_OSSL_DECODER_INSTANCE_value(ctx->decoder_insts, i);
+
+        if (decoder_inst->deserctx == NULL
+            || decoder_inst->decoder->set_ctx_params == NULL)
+            continue;
+        if (!decoder_inst->decoder->set_ctx_params(decoder_inst->deserctx, params))
+            return 0;
+    }
+    return 1;
+}
+
+static void
+OSSL_DECODER_INSTANCE_free(OSSL_DECODER_INSTANCE *decoder_inst)
+{
+    if (decoder_inst != NULL) {
+        if (decoder_inst->decoder->freectx != NULL)
+            decoder_inst->decoder->freectx(decoder_inst->deserctx);
+        decoder_inst->deserctx = NULL;
+        OSSL_DECODER_free(decoder_inst->decoder);
+        decoder_inst->decoder = NULL;
+        OPENSSL_free(decoder_inst);
+        decoder_inst = NULL;
+    }
+}
+
+void OSSL_DECODER_CTX_free(OSSL_DECODER_CTX *ctx)
+{
+    if (ctx != NULL) {
+        if (ctx->cleanup != NULL)
+            ctx->cleanup(ctx->construct_data);
+        sk_OSSL_DECODER_INSTANCE_pop_free(ctx->decoder_insts,
+                                          OSSL_DECODER_INSTANCE_free);
+        OSSL_DECODER_CTX_set_passphrase_ui(ctx, NULL, NULL);
+        OSSL_DECODER_CTX_set_passphrase(ctx, NULL, 0);
+        OPENSSL_free(ctx);
+    }
+}
diff --git a/crypto/serializer/deserializer_pkey.c b/crypto/encode_decode/decoder_pkey.c
similarity index 65%
rename from crypto/serializer/deserializer_pkey.c
rename to crypto/encode_decode/decoder_pkey.c
index 6375a29e36..7f468c2476 100644
--- a/crypto/serializer/deserializer_pkey.c
+++ b/crypto/encode_decode/decoder_pkey.c
@@ -10,17 +10,17 @@
 #include <openssl/core_names.h>
 #include <openssl/evp.h>
 #include <openssl/ui.h>
-#include <openssl/deserializer.h>
+#include <openssl/decoder.h>
 #include <openssl/safestack.h>
 #include "crypto/evp.h"
-#include "serializer_local.h"
+#include "encoder_local.h"
 
-int OSSL_DESERIALIZER_CTX_set_passphrase(OSSL_DESERIALIZER_CTX *ctx,
-                                         const unsigned char *kstr,
-                                         size_t klen)
+int OSSL_DECODER_CTX_set_passphrase(OSSL_DECODER_CTX *ctx,
+                                    const unsigned char *kstr,
+                                    size_t klen)
 {
     if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
         return 0;
     }
 
@@ -36,7 +36,7 @@ int OSSL_DESERIALIZER_CTX_set_passphrase(OSSL_DESERIALIZER_CTX *ctx,
             ctx->cached_passphrase_len = klen;
         }
         if (ctx->cached_passphrase == NULL) {
-            ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_MALLOC_FAILURE);
+            ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE);
             return 0;
         }
     }
@@ -44,7 +44,7 @@ int OSSL_DESERIALIZER_CTX_set_passphrase(OSSL_DESERIALIZER_CTX *ctx,
     return 1;
 }
 
-static void deserializer_ctx_reset_passphrase_ui(OSSL_DESERIALIZER_CTX *ctx)
+static void decoder_ctx_reset_passphrase_ui(OSSL_DECODER_CTX *ctx)
 {
     UI_destroy_method(ctx->allocated_ui_method);
     ctx->allocated_ui_method = NULL;
@@ -52,28 +52,28 @@ static void deserializer_ctx_reset_passphrase_ui(OSSL_DESERIALIZER_CTX *ctx)
     ctx->ui_data = NULL;
 }
 
-int OSSL_DESERIALIZER_CTX_set_passphrase_ui(OSSL_DESERIALIZER_CTX *ctx,
-                                            const UI_METHOD *ui_method,
-                                            void *ui_data)
+int OSSL_DECODER_CTX_set_passphrase_ui(OSSL_DECODER_CTX *ctx,
+                                       const UI_METHOD *ui_method,
+                                       void *ui_data)
 {
     if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
         return 0;
     }
 
-    deserializer_ctx_reset_passphrase_ui(ctx);
+    decoder_ctx_reset_passphrase_ui(ctx);
     ctx->ui_method = ui_method;
     ctx->ui_data = ui_data;
     return 1;
 }
 
-int OSSL_DESERIALIZER_CTX_set_pem_password_cb(OSSL_DESERIALIZER_CTX *ctx,
-                                              pem_password_cb *cb, void *cbarg)
+int OSSL_DECODER_CTX_set_pem_password_cb(OSSL_DECODER_CTX *ctx,
+                                         pem_password_cb *cb, void *cbarg)
 {
     UI_METHOD *ui_method = NULL;
 
     if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
         return 0;
     }
 
@@ -84,10 +84,10 @@ int OSSL_DESERIALIZER_CTX_set_pem_password_cb(OSSL_DESERIALIZER_CTX *ctx,
      */
     if (cb == NULL
         || (ui_method = UI_UTIL_wrap_read_pem_callback(cb, 0)) != NULL) {
-        deserializer_ctx_reset_passphrase_ui(ctx);
+        decoder_ctx_reset_passphrase_ui(ctx);
         ctx->ui_method = ctx->allocated_ui_method = ui_method;
         ctx->ui_data = cbarg;
-        ctx->passphrase_cb = ossl_deserializer_passphrase_in_cb;
+        ctx->passphrase_cb = ossl_decoder_passphrase_in_cb;
         return 1;
     }
 
@@ -95,26 +95,26 @@ int OSSL_DESERIALIZER_CTX_set_pem_password_cb(OSSL_DESERIALIZER_CTX *ctx,
 }
 
 /*
- * Support for OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY:
+ * Support for OSSL_DECODER_CTX_new_by_EVP_PKEY:
  * The construct data, and collecting keymgmt information for it
  */
 
 DEFINE_STACK_OF(EVP_KEYMGMT)
 
-struct deser_EVP_PKEY_data_st {
+struct decoder_EVP_PKEY_data_st {
     char *object_type;           /* recorded object data type, may be NULL */
     void **object;               /* Where the result should end up */
     STACK_OF(EVP_KEYMGMT) *keymgmts; /* The EVP_KEYMGMTs we handle */
 };
 
-static int deser_construct_EVP_PKEY(OSSL_DESERIALIZER_INSTANCE *deser_inst,
-                                    const OSSL_PARAM *params,
-                                    void *construct_data)
+static int decoder_construct_EVP_PKEY(OSSL_DECODER_INSTANCE *decoder_inst,
+                                      const OSSL_PARAM *params,
+                                      void *construct_data)
 {
-    struct deser_EVP_PKEY_data_st *data = construct_data;
-    OSSL_DESERIALIZER *deser =
-        OSSL_DESERIALIZER_INSTANCE_deserializer(deser_inst);
-    void *deserctx = OSSL_DESERIALIZER_INSTANCE_deserializer_ctx(deser_inst);
+    struct decoder_EVP_PKEY_data_st *data = construct_data;
+    OSSL_DECODER *decoder =
+        OSSL_DECODER_INSTANCE_decoder(decoder_inst);
+    void *deserctx = OSSL_DECODER_INSTANCE_decoder_ctx(decoder_inst);
     size_t i, end_i;
     /*
      * |object_ref| points to a provider reference to an object, its exact
@@ -128,7 +128,7 @@ static int deser_construct_EVP_PKEY(OSSL_DESERIALIZER_INSTANCE *deser_inst,
     size_t object_ref_sz = 0;
     const OSSL_PARAM *p;
 
-    p = OSSL_PARAM_locate_const(params, OSSL_DESERIALIZER_PARAM_DATA_TYPE);
+    p = OSSL_PARAM_locate_const(params, OSSL_DECODER_PARAM_DATA_TYPE);
     if (p != NULL) {
         char *object_type = NULL;
 
@@ -143,7 +143,7 @@ static int deser_construct_EVP_PKEY(OSSL_DESERIALIZER_INSTANCE *deser_inst,
      * reference for the moment.  This enforces that the key data itself
      * remains with the provider.
      */
-    p = OSSL_PARAM_locate_const(params, OSSL_DESERIALIZER_PARAM_REFERENCE);
+    p = OSSL_PARAM_locate_const(params, OSSL_DECODER_PARAM_REFERENCE);
     if (p == NULL || p->data_type != OSSL_PARAM_OCTET_STRING)
         return 0;
     object_ref = p->data;
@@ -160,35 +160,35 @@ static int deser_construct_EVP_PKEY(OSSL_DESERIALIZER_INSTANCE *deser_inst,
          * 1.  If the object data type (recorded in |data->object_type|)
          *     is defined, by checking it using EVP_KEYMGMT_is_a().
          * 2.  If the object data type is NOT defined, by comparing the
-         *     EVP_KEYMGMT and OSSL_DESERIALIZER method numbers.  Since
-         *     EVP_KEYMGMT and OSSL_DESERIALIZE operate with the same
+         *     EVP_KEYMGMT and OSSL_DECODER method numbers.  Since
+         *     EVP_KEYMGMT and OSSL_DECODE operate with the same
          *     namemap, we know that the method numbers must match.
          *
-         * This allows individual deserializers to specify variants of keys,
-         * such as a DER to RSA deserializer finding a RSA-PSS key, without
-         * having to deserialize the exact same DER blob into the exact same
+         * This allows individual decoders to specify variants of keys,
+         * such as a DER to RSA decoder finding a RSA-PSS key, without
+         * having to decode the exact same DER blob into the exact same
          * internal structure twice.  This is, of course, entirely at the
-         * discretion of the deserializer implementations.
+         * discretion of the decoder implementations.
          */
         if (data->object_type != NULL
             ? EVP_KEYMGMT_is_a(keymgmt, data->object_type)
-            : EVP_KEYMGMT_number(keymgmt) == OSSL_DESERIALIZER_number(deser)) {
+            : EVP_KEYMGMT_number(keymgmt) == OSSL_DECODER_number(decoder)) {
             EVP_PKEY *pkey = NULL;
             void *keydata = NULL;
             const OSSL_PROVIDER *keymgmt_prov =
                 EVP_KEYMGMT_provider(keymgmt);
-            const OSSL_PROVIDER *deser_prov =
-                OSSL_DESERIALIZER_provider(deser);
+            const OSSL_PROVIDER *decoder_prov =
+                OSSL_DECODER_provider(decoder);
 
             /*
-             * If the EVP_KEYMGMT and the OSSL_DESERIALIZER are from the
+             * If the EVP_KEYMGMT and the OSSL_DECODER are from the
              * same provider, we assume that the KEYMGMT has a key loading
              * function that can handle the provider reference we hold.
              *
-             * Otherwise, we export from the deserializer and import the
+             * Otherwise, we export from the decoder and import the
              * result in the keymgmt.
              */
-            if (keymgmt_prov == deser_prov) {
+            if (keymgmt_prov == decoder_prov) {
                 keydata = evp_keymgmt_load(keymgmt, object_ref, object_ref_sz);
             } else {
                 struct evp_keymgmt_util_try_import_data_st import_data;
@@ -201,9 +201,9 @@ static int deser_construct_EVP_PKEY(OSSL_DESERIALIZER_INSTANCE *deser_inst,
                  * No need to check for errors here, the value of
                  * |import_data.keydata| is as much an indicator.
                  */
-                (void)deser->export_object(deserctx, object_ref, object_ref_sz,
-                                           &evp_keymgmt_util_try_import,
-                                           &import_data);
+                (void)decoder->export_object(deserctx, object_ref, object_ref_sz,
+                                             &evp_keymgmt_util_try_import,
+                                             &import_data);
                 keydata = import_data.keydata;
                 import_data.keydata = NULL;
             }
@@ -225,9 +225,9 @@ static int deser_construct_EVP_PKEY(OSSL_DESERIALIZER_INSTANCE *deser_inst,
     return (*data->object != NULL);
 }
 
-static void deser_clean_EVP_PKEY_construct_arg(void *construct_data)
+static void decoder_clean_EVP_PKEY_construct_arg(void *construct_data)
 {
-    struct deser_EVP_PKEY_data_st *data = construct_data;
+    struct decoder_EVP_PKEY_data_st *data = construct_data;
 
     if (data != NULL) {
         sk_EVP_KEYMGMT_pop_free(data->keymgmts, EVP_KEYMGMT_free);
@@ -239,9 +239,9 @@ static void deser_clean_EVP_PKEY_construct_arg(void *construct_data)
 DEFINE_STACK_OF_CSTRING()
 
 struct collected_data_st {
-    struct deser_EVP_PKEY_data_st *process_data;
+    struct decoder_EVP_PKEY_data_st *process_data;
     STACK_OF(OPENSSL_CSTRING) *names;
-    OSSL_DESERIALIZER_CTX *ctx;
+    OSSL_DECODER_CTX *ctx;
 
     unsigned int error_occured:1;
 };
@@ -280,7 +280,7 @@ static void collect_name(const char *name, void *arg)
     data->error_occured = 0;         /* All is good now */
 }
 
-static void collect_deserializer(OSSL_DESERIALIZER *deser, void *arg)
+static void collect_decoder(OSSL_DECODER *decoder, void *arg)
 {
     struct collected_data_st *data = arg;
     size_t i, end_i;
@@ -294,37 +294,36 @@ static void collect_deserializer(OSSL_DESERIALIZER *deser, void *arg)
     for (i = 0; i < end_i; i++) {
         const char *name = sk_OPENSSL_CSTRING_value(data->names, i);
 
-        if (!OSSL_DESERIALIZER_is_a(deser, name))
+        if (!OSSL_DECODER_is_a(decoder, name))
             continue;
-        (void)OSSL_DESERIALIZER_CTX_add_deserializer(data->ctx, deser);
+        (void)OSSL_DECODER_CTX_add_decoder(data->ctx, decoder);
     }
 
     data->error_occured = 0;         /* All is good now */
 }
 
-OSSL_DESERIALIZER_CTX *
-OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY(EVP_PKEY **pkey,
-                                      const char *input_type,
-                                      OPENSSL_CTX *libctx,
-                                      const char *propquery)
+OSSL_DECODER_CTX *OSSL_DECODER_CTX_new_by_EVP_PKEY(EVP_PKEY **pkey,
+                                                   const char *input_type,
+                                                   OPENSSL_CTX *libctx,
+                                                   const char *propquery)
 {
-    OSSL_DESERIALIZER_CTX *ctx = NULL;
+    OSSL_DECODER_CTX *ctx = NULL;
     struct collected_data_st *data = NULL;
     size_t i, end_i;
 
-    if ((ctx = OSSL_DESERIALIZER_CTX_new()) == NULL
+    if ((ctx = OSSL_DECODER_CTX_new()) == NULL
         || (data = OPENSSL_zalloc(sizeof(*data))) == NULL
         || (data->process_data =
             OPENSSL_zalloc(sizeof(*data->process_data))) == NULL
         || (data->process_data->keymgmts
             = sk_EVP_KEYMGMT_new_null()) == NULL
         || (data->names = sk_OPENSSL_CSTRING_new_null()) == NULL) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_MALLOC_FAILURE);
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE);
         goto err;
     }
     data->process_data->object = (void **)pkey;
     data->ctx = ctx;
-    OSSL_DESERIALIZER_CTX_set_input_type(ctx, input_type);
+    OSSL_DECODER_CTX_set_input_type(ctx, input_type);
 
     /* First, find all keymgmts to form goals */
     EVP_KEYMGMT_do_all_provided(libctx, collect_keymgmt, data);
@@ -345,30 +344,30 @@ OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY(EVP_PKEY **pkey,
     }
 
     /*
-     * Finally, find all deserializers that have any keymgmt of the collected
+     * Finally, find all decoders that have any keymgmt of the collected
      * keymgmt names
      */
-    OSSL_DESERIALIZER_do_all_provided(libctx, collect_deserializer, data);
+    OSSL_DECODER_do_all_provided(libctx, collect_decoder, data);
 
     if (data->error_occured)
         goto err;
 
-    /* If we found no deserializers to match the keymgmts, we err */
-    if (OSSL_DESERIALIZER_CTX_num_deserializers(ctx) == 0)
+    /* If we found no decoders to match the keymgmts, we err */
+    if (OSSL_DECODER_CTX_num_decoders(ctx) == 0)
         goto err;
 
-    /* Finally, collect extra deserializers based on what we already have */
-    (void)OSSL_DESERIALIZER_CTX_add_extra(ctx, libctx, propquery);
+    /* Finally, collect extra decoders based on what we already have */
+    (void)OSSL_DECODER_CTX_add_extra(ctx, libctx, propquery);
 
-    if (!OSSL_DESERIALIZER_CTX_set_construct(ctx, deser_construct_EVP_PKEY)
-        || !OSSL_DESERIALIZER_CTX_set_construct_data(ctx, data->process_data)
-        || !OSSL_DESERIALIZER_CTX_set_cleanup
-                (ctx, deser_clean_EVP_PKEY_construct_arg))
+    if (!OSSL_DECODER_CTX_set_construct(ctx, decoder_construct_EVP_PKEY)
+        || !OSSL_DECODER_CTX_set_construct_data(ctx, data->process_data)
+        || !OSSL_DECODER_CTX_set_cleanup(ctx,
+                                         decoder_clean_EVP_PKEY_construct_arg))
         goto err;
 
     data->process_data = NULL;
  err:
-    deser_clean_EVP_PKEY_construct_arg(data->process_data);
+    decoder_clean_EVP_PKEY_construct_arg(data->process_data);
     sk_OPENSSL_CSTRING_free(data->names);
     OPENSSL_free(data);
     return ctx;
diff --git a/crypto/serializer/deserializer_err.c b/crypto/encode_decode/encoder_err.c
similarity index 51%
rename from crypto/serializer/deserializer_err.c
rename to crypto/encode_decode/encoder_err.c
index 2cc245996f..5416f8390e 100644
--- a/crypto/serializer/deserializer_err.c
+++ b/crypto/encode_decode/encoder_err.c
@@ -9,23 +9,25 @@
  */
 
 #include <openssl/err.h>
-#include <openssl/deserializererr.h>
+#include <openssl/encodererr.h>
 
 #ifndef OPENSSL_NO_ERR
 
-static const ERR_STRING_DATA OSSL_DESERIALIZER_str_reasons[] = {
-    {ERR_PACK(ERR_LIB_OSSL_DESERIALIZER, 0, OSSL_DESERIALIZER_R_MISSING_GET_PARAMS),
-    "missing get params"},
+static const ERR_STRING_DATA OSSL_ENCODER_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_OSSL_ENCODER, 0, OSSL_ENCODER_R_INCORRECT_PROPERTY_QUERY),
+     "incorrect property query"},
+    {ERR_PACK(ERR_LIB_OSSL_ENCODER, 0, OSSL_ENCODER_R_ENCODER_NOT_FOUND),
+     "encoder not found"},
     {0, NULL}
 };
 
 #endif
 
-int ERR_load_OSSL_DESERIALIZER_strings(void)
+int ERR_load_OSSL_ENCODER_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-    if (ERR_reason_error_string(OSSL_DESERIALIZER_str_reasons[0].error) == NULL)
-        ERR_load_strings_const(OSSL_DESERIALIZER_str_reasons);
+    if (ERR_reason_error_string(OSSL_ENCODER_str_reasons[0].error) == NULL)
+        ERR_load_strings_const(OSSL_ENCODER_str_reasons);
 #endif
     return 1;
 }
diff --git a/crypto/serializer/serializer_lib.c b/crypto/encode_decode/encoder_lib.c
similarity index 71%
rename from crypto/serializer/serializer_lib.c
rename to crypto/encode_decode/encoder_lib.c
index 932ef1e3ae..b083fa2d4c 100644
--- a/crypto/serializer/serializer_lib.c
+++ b/crypto/encode_decode/encoder_lib.c
@@ -8,10 +8,10 @@
  */
 
 #include <openssl/bio.h>
-#include <openssl/serializer.h>
-#include "serializer_local.h"
+#include <openssl/encoder.h>
+#include "encoder_local.h"
 
-int OSSL_SERIALIZER_to_bio(OSSL_SERIALIZER_CTX *ctx, BIO *out)
+int OSSL_ENCODER_to_bio(OSSL_ENCODER_CTX *ctx, BIO *out)
 {
     return ctx->do_output(ctx, out);
 }
@@ -22,20 +22,20 @@ static BIO *bio_from_file(FILE *fp)
     BIO *b;
 
     if ((b = BIO_new(BIO_s_file())) == NULL) {
-        ERR_raise(ERR_LIB_OSSL_SERIALIZER, ERR_R_BUF_LIB);
+        ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_BUF_LIB);
         return NULL;
     }
     BIO_set_fp(b, fp, BIO_NOCLOSE);
     return b;
 }
 
-int OSSL_SERIALIZER_to_fp(OSSL_SERIALIZER_CTX *ctx, FILE *fp)
+int OSSL_ENCODER_to_fp(OSSL_ENCODER_CTX *ctx, FILE *fp)
 {
     BIO *b = bio_from_file(fp);
     int ret = 0;
 
     if (b != NULL)
-        ret = OSSL_SERIALIZER_to_bio(ctx, b);
+        ret = OSSL_ENCODER_to_bio(ctx, b);
 
     BIO_free(b);
     return ret;
diff --git a/crypto/encode_decode/encoder_local.h b/crypto/encode_decode/encoder_local.h
new file mode 100644
index 0000000000..34931d4e43
--- /dev/null
+++ b/crypto/encode_decode/encoder_local.h
@@ -0,0 +1,140 @@
+/*
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/core_dispatch.h>
+#include <openssl/types.h>
+#include <openssl/safestack.h>
+#include <openssl/encoder.h>
+#include <openssl/decoder.h>
+#include "internal/cryptlib.h"
+#include "internal/refcount.h"
+
+struct ossl_serdes_base_st {
+    OSSL_PROVIDER *prov;
+    int id;
+    const char *propdef;
+
+    CRYPTO_REF_COUNT refcnt;
+    CRYPTO_RWLOCK *lock;
+};
+
+struct ossl_encoder_st {
+    struct ossl_serdes_base_st base;
+    OSSL_FUNC_encoder_newctx_fn *newctx;
+    OSSL_FUNC_encoder_freectx_fn *freectx;
+    OSSL_FUNC_encoder_set_ctx_params_fn *set_ctx_params;
+    OSSL_FUNC_encoder_settable_ctx_params_fn *settable_ctx_params;
+    OSSL_FUNC_encoder_encode_data_fn *encode_data;
+    OSSL_FUNC_encoder_encode_object_fn *encode_object;
+};
+
+struct ossl_decoder_st {
+    struct ossl_serdes_base_st base;
+    OSSL_FUNC_decoder_newctx_fn *newctx;
+    OSSL_FUNC_decoder_freectx_fn *freectx;
+    OSSL_FUNC_decoder_get_params_fn *get_params;
+    OSSL_FUNC_decoder_gettable_params_fn *gettable_params;
+    OSSL_FUNC_decoder_set_ctx_params_fn *set_ctx_params;
+    OSSL_FUNC_decoder_settable_ctx_params_fn *settable_ctx_params;
+    OSSL_FUNC_decoder_decode_fn *decode;
+    OSSL_FUNC_decoder_export_object_fn *export_object;
+};
+
+struct ossl_encoder_ctx_st {
+    OSSL_ENCODER *encoder;
+    void *serctx;
+
+    int selection;
+
+    /*-
+     * Output / encoding data, used by OSSL_ENCODER_to_{bio,fp}
+     *
+     * |object|         is the libcrypto object to handle.
+     * |do_output|      performs the actual encoding.
+     *
+     * |do_output| must have intimate knowledge of |object|.
+     */
+    const void *object;
+    int (*do_output)(OSSL_ENCODER_CTX *ctx, BIO *out);
+
+    /* For any function that needs a passphrase reader */
+    const UI_METHOD *ui_method;
+    void *ui_data;
+    /*
+     * if caller used OSSL_ENCODER_CTX_set_passphrase_cb(), we need
+     * intermediary storage.
+     */
+    UI_METHOD *allocated_ui_method;
+};
+
+struct ossl_decoder_instance_st {
+    OSSL_DECODER *decoder;    /* Never NULL */
+    void *deserctx;              /* Never NULL */
+    const char *input_type;      /* Never NULL */
+};
+
+DEFINE_STACK_OF(OSSL_DECODER_INSTANCE)
+
+struct ossl_decoder_ctx_st {
+    /*
+     * The caller may know the input type of the data they pass.  If not,
+     * this will remain NULL and the decoding functionality will start
+     * with trying to decode with any desencoder in |decoder_insts|,
+     * regardless of their respective input type.
+     */
+    const char *start_input_type;
+
+    /*
+     * Decoders that are components of any current decoding path.
+     */
+    STACK_OF(OSSL_DECODER_INSTANCE) *decoder_insts;
+
+    /*
+     * The constructors of a decoding, and its caller argument.
+     */
+    OSSL_DECODER_CONSTRUCT *construct;
+    OSSL_DECODER_CLEANUP *cleanup;
+    void *construct_data;
+
+    /* For any function that needs a passphrase reader */
+    OSSL_PASSPHRASE_CALLBACK *passphrase_cb;
+    const UI_METHOD *ui_method;
+    void *ui_data;
+    /*
+     * if caller used OSSL_ENCODER_CTX_set_pem_password_cb(), we need
+     * intermediary storage.
+     */
+    UI_METHOD *allocated_ui_method;
+    /*
+     * Because the same input may pass through more than one decoder,
+     * we cache any passphrase passed to us.  The desrializing processor
+     * must clear this at the end of a run.
+     */
+    unsigned char *cached_passphrase;
+    size_t cached_passphrase_len;
+
+    /*
+     * Flag section.  Keep these together
+     */
+
+    /*
+     * The passphrase was passed to us by the user.  In that case, it
+     * should only be freed when freeing this context.
+     */
+    unsigned int flag_user_passphrase:1;
+};
+
+/* Passphrase callbacks, found in serdes_pass.c */
+
+/*
+ * Encoders typically want to get an outgoing passphrase, while
+ * decoders typically want to get en incoming passphrase.
+ */
+OSSL_PASSPHRASE_CALLBACK ossl_encoder_passphrase_out_cb;
+OSSL_PASSPHRASE_CALLBACK ossl_decoder_passphrase_in_cb;
diff --git a/crypto/encode_decode/encoder_meth.c b/crypto/encode_decode/encoder_meth.c
new file mode 100644
index 0000000000..ef3c24433e
--- /dev/null
+++ b/crypto/encode_decode/encoder_meth.c
@@ -0,0 +1,523 @@
+/*
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/core.h>
+#include <openssl/core_dispatch.h>
+#include <openssl/encoder.h>
+#include <openssl/ui.h>
+#include "internal/core.h"
+#include "internal/namemap.h"
+#include "internal/property.h"
+#include "internal/provider.h"
+#include "crypto/encoder.h"
+#include "encoder_local.h"
+
+/*
+ * Encoder can have multiple names, separated with colons in a name string
+ */
+#define NAME_SEPARATOR ':'
+
+/* Simple method structure constructor and destructor */
+static OSSL_ENCODER *ossl_encoder_new(void)
+{
+    OSSL_ENCODER *encoder = NULL;
+
+    if ((encoder = OPENSSL_zalloc(sizeof(*encoder))) == NULL
+        || (encoder->base.lock = CRYPTO_THREAD_lock_new()) == NULL) {
+        OSSL_ENCODER_free(encoder);
+        ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    encoder->base.refcnt = 1;
+
+    return encoder;
+}
+
+int OSSL_ENCODER_up_ref(OSSL_ENCODER *encoder)
+{
+    int ref = 0;
+
+    CRYPTO_UP_REF(&encoder->base.refcnt, &ref, encoder->base.lock);
+    return 1;
+}
+
+void OSSL_ENCODER_free(OSSL_ENCODER *encoder)
+{
+    int ref = 0;
+
+    if (encoder == NULL)
+        return;
+
+    CRYPTO_DOWN_REF(&encoder->base.refcnt, &ref, encoder->base.lock);
+    if (ref > 0)
+        return;
+    ossl_provider_free(encoder->base.prov);
+    CRYPTO_THREAD_lock_free(encoder->base.lock);
+    OPENSSL_free(encoder);
+}
+
+/* Permanent encoder method store, constructor and destructor */
+static void encoder_store_free(void *vstore)
+{
+    ossl_method_store_free(vstore);
+}
+
+static void *encoder_store_new(OPENSSL_CTX *ctx)
+{
+    return ossl_method_store_new(ctx);
+}
+
+
+static const OPENSSL_CTX_METHOD encoder_store_method = {
+    encoder_store_new,
+    encoder_store_free,
+};
+
+/* Data to be passed through ossl_method_construct() */
+struct encoder_data_st {
+    OPENSSL_CTX *libctx;
+    OSSL_METHOD_CONSTRUCT_METHOD *mcm;
+    int id;                      /* For get_encoder_from_store() */
+    const char *names;           /* For get_encoder_from_store() */
+    const char *propquery;       /* For get_encoder_from_store() */
+};
+
+/*
+ * Generic routines to fetch / create ENCODER methods with
+ * ossl_method_construct()
+ */
+
+/* Temporary encoder method store, constructor and destructor */
+static void *alloc_tmp_encoder_store(OPENSSL_CTX *ctx)
+{
+    return ossl_method_store_new(ctx);
+}
+
+static void dealloc_tmp_encoder_store(void *store)
+{
+    if (store != NULL)
+        ossl_method_store_free(store);
+}
+
+/* Get the permanent encoder store */
+static OSSL_METHOD_STORE *get_encoder_store(OPENSSL_CTX *libctx)
+{
+    return openssl_ctx_get_data(libctx, OPENSSL_CTX_ENCODER_STORE_INDEX,
+                                &encoder_store_method);
+}
+
+/* Get encoder methods from a store, or put one in */
+static void *get_encoder_from_store(OPENSSL_CTX *libctx, void *store,
+                                    void *data)
+{
+    struct encoder_data_st *methdata = data;
+    void *method = NULL;
+    int id;
+
+    if ((id = methdata->id) == 0) {
+        OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
+
+        id = ossl_namemap_name2num(namemap, methdata->names);
+    }
+
+    if (store == NULL
+        && (store = get_encoder_store(libctx)) == NULL)
+        return NULL;
+
+    if (!ossl_method_store_fetch(store, id, methdata->propquery, &method))
+        return NULL;
+    return method;
+}
+
+static int put_encoder_in_store(OPENSSL_CTX *libctx, void *store,
+                                void *method, const OSSL_PROVIDER *prov,
+                                int operation_id, const char *names,
+                                const char *propdef, void *unused)
+{
+    OSSL_NAMEMAP *namemap;
+    int id;
+
+    if ((namemap = ossl_namemap_stored(libctx)) == NULL
+        || (id = ossl_namemap_name2num(namemap, names)) == 0)
+        return 0;
+
+    if (store == NULL && (store = get_encoder_store(libctx)) == NULL)
+        return 0;
+
+    return ossl_method_store_add(store, prov, id, propdef, method,
+                                 (int (*)(void *))OSSL_ENCODER_up_ref,
+                                 (void (*)(void *))OSSL_ENCODER_free);
+}
+
+/* Create and populate a encoder method */
+static void *encoder_from_dispatch(int id, const OSSL_ALGORITHM *algodef,
+                                   OSSL_PROVIDER *prov)
+{
+    OSSL_ENCODER *encoder = NULL;
+    const OSSL_DISPATCH *fns = algodef->implementation;
+
+    if ((encoder = ossl_encoder_new()) == NULL)
+        return NULL;
+    encoder->base.id = id;
+    encoder->base.propdef = algodef->property_definition;
+
+    for (; fns->function_id != 0; fns++) {
+        switch (fns->function_id) {
+        case OSSL_FUNC_ENCODER_NEWCTX:
+            if (encoder->newctx == NULL)
+                encoder->newctx =
+                    OSSL_FUNC_encoder_newctx(fns);
+            break;
+        case OSSL_FUNC_ENCODER_FREECTX:
+            if (encoder->freectx == NULL)
+                encoder->freectx =
+                    OSSL_FUNC_encoder_freectx(fns);
+            break;
+        case OSSL_FUNC_ENCODER_SET_CTX_PARAMS:
+            if (encoder->set_ctx_params == NULL)
+                encoder->set_ctx_params =
+                    OSSL_FUNC_encoder_set_ctx_params(fns);
+            break;
+        case OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS:
+            if (encoder->settable_ctx_params == NULL)
+                encoder->settable_ctx_params =
+                    OSSL_FUNC_encoder_settable_ctx_params(fns);
+            break;
+        case OSSL_FUNC_ENCODER_ENCODE_DATA:
+            if (encoder->encode_data == NULL)
+                encoder->encode_data =
+                    OSSL_FUNC_encoder_encode_data(fns);
+            break;
+        case OSSL_FUNC_ENCODER_ENCODE_OBJECT:
+            if (encoder->encode_object == NULL)
+                encoder->encode_object =
+                    OSSL_FUNC_encoder_encode_object(fns);
+            break;
+        }
+    }
+    /*
+     * Try to check that the method is sensible.
+     * If you have a constructor, you must have a destructor and vice versa.
+     * You must have at least one of the encoding driver functions.
+     */
+    if (!((encoder->newctx == NULL && encoder->freectx == NULL)
+          || (encoder->newctx != NULL && encoder->freectx != NULL))
+        || (encoder->encode_data == NULL && encoder->encode_object == NULL)) {
+        OSSL_ENCODER_free(encoder);
+        ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_INVALID_PROVIDER_FUNCTIONS);
+        return NULL;
+    }
+
+    if (prov != NULL && !ossl_provider_up_ref(prov)) {
+        OSSL_ENCODER_free(encoder);
+        return NULL;
+    }
+
+    encoder->base.prov = prov;
+    return encoder;
+}
+
+
+/*
+ * The core fetching functionality passes the names of the implementation.
+ * This function is responsible to getting an identity number for them,
+ * then call encoder_from_dispatch() with that identity number.
+ */
+static void *construct_encoder(const OSSL_ALGORITHM *algodef,
+                               OSSL_PROVIDER *prov, void *unused)
+{
+    /*
+     * This function is only called if get_encoder_from_store() returned
+     * NULL, so it's safe to say that of all the spots to create a new
+     * namemap entry, this is it.  Should the name already exist there, we
+     * know that ossl_namemap_add() will return its corresponding number.
+     */
+    OPENSSL_CTX *libctx = ossl_provider_library_context(prov);
+    OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
+    const char *names = algodef->algorithm_names;
+    int id = ossl_namemap_add_names(namemap, 0, names, NAME_SEPARATOR);
+    void *method = NULL;
+
+    if (id != 0)
+        method = encoder_from_dispatch(id, algodef, prov);
+
+    return method;
+}
+
+/* Intermediary function to avoid ugly casts, used below */
+static void destruct_encoder(void *method, void *data)
+{
+    OSSL_ENCODER_free(method);
+}
+
+static int up_ref_encoder(void *method)
+{
+    return OSSL_ENCODER_up_ref(method);
+}
+
+static void free_encoder(void *method)
+{
+    OSSL_ENCODER_free(method);
+}
+
+/* Fetching support.  Can fetch by numeric identity or by name */
+static OSSL_ENCODER *inner_ossl_encoder_fetch(OPENSSL_CTX *libctx,
+                                              int id, const char *name,
+                                              const char *properties)
+{
+    OSSL_METHOD_STORE *store = get_encoder_store(libctx);
+    OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
+    void *method = NULL;
+
+    if (store == NULL || namemap == NULL)
+        return NULL;
+
+    /*
+     * If we have been passed neither a name_id or a name, we have an
+     * internal programming error.
+     */
+    if (!ossl_assert(id != 0 || name != NULL))
+        return NULL;
+
+    if (id == 0)
+        id = ossl_namemap_name2num(namemap, name);
+
+    if (id == 0
+        || !ossl_method_store_cache_get(store, id, properties, &method)) {
+        OSSL_METHOD_CONSTRUCT_METHOD mcm = {
+            alloc_tmp_encoder_store,
+            dealloc_tmp_encoder_store,
+            get_encoder_from_store,
+            put_encoder_in_store,
+            construct_encoder,
+            destruct_encoder
+        };
+        struct encoder_data_st mcmdata;
+
+        mcmdata.libctx = libctx;
+        mcmdata.mcm = &mcm;
+        mcmdata.id = id;
+        mcmdata.names = name;
+        mcmdata.propquery = properties;
+        if ((method = ossl_method_construct(libctx, OSSL_OP_ENCODER,
+                                            0 /* !force_cache */,
+                                            &mcm, &mcmdata)) != NULL) {
+            /*
+             * If construction did create a method for us, we know that
+             * there is a correct name_id and meth_id, since those have
+             * already been calculated in get_encoder_from_store() and
+             * put_encoder_in_store() above.
+             */
+            if (id == 0)
+                id = ossl_namemap_name2num(namemap, name);
+            ossl_method_store_cache_set(store, id, properties, method,
+                                        up_ref_encoder, free_encoder);
+        }
+    }
+
+    return method;
+}
+
+OSSL_ENCODER *OSSL_ENCODER_fetch(OPENSSL_CTX *libctx, const char *name,
+                                 const char *properties)
+{
+    return inner_ossl_encoder_fetch(libctx, 0, name, properties);
+}
+
+OSSL_ENCODER *ossl_encoder_fetch_by_number(OPENSSL_CTX *libctx, int id,
+                                           const char *properties)
+{
+    return inner_ossl_encoder_fetch(libctx, id, NULL, properties);
+}
+
+/*
+ * Library of basic method functions
+ */
+
+const OSSL_PROVIDER *OSSL_ENCODER_provider(const OSSL_ENCODER *encoder)
+{
+    if (!ossl_assert(encoder != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    return encoder->base.prov;
+}
+
+const char *OSSL_ENCODER_properties(const OSSL_ENCODER *encoder)
+{
+    if (!ossl_assert(encoder != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    return encoder->base.propdef;
+}
+
+int OSSL_ENCODER_number(const OSSL_ENCODER *encoder)
+{
+    if (!ossl_assert(encoder != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    return encoder->base.id;
+}
+
+int OSSL_ENCODER_is_a(const OSSL_ENCODER *encoder, const char *name)
+{
+    if (encoder->base.prov != NULL) {
+        OPENSSL_CTX *libctx = ossl_provider_library_context(encoder->base.prov);
+        OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
+
+        return ossl_namemap_name2num(namemap, name) == encoder->base.id;
+    }
+    return 0;
+}
+
+struct encoder_do_all_data_st {
+    void (*user_fn)(void *method, void *arg);
+    void *user_arg;
+};
+
+static void encoder_do_one(OSSL_PROVIDER *provider,
+                           const OSSL_ALGORITHM *algodef,
+                           int no_store, void *vdata)
+{
+    struct encoder_do_all_data_st *data = vdata;
+    OPENSSL_CTX *libctx = ossl_provider_library_context(provider);
+    OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
+    const char *names = algodef->algorithm_names;
+    int id = ossl_namemap_add_names(namemap, 0, names, NAME_SEPARATOR);
+    void *method = NULL;
+
+    if (id != 0)
+        method =
+            encoder_from_dispatch(id, algodef, provider);
+
+    if (method != NULL) {
+        data->user_fn(method, data->user_arg);
+        OSSL_ENCODER_free(method);
+    }
+}
+
+void OSSL_ENCODER_do_all_provided(OPENSSL_CTX *libctx,
+                                  void (*fn)(OSSL_ENCODER *encoder, void *arg),
+                                  void *arg)
+{
+    struct encoder_do_all_data_st data;
+
+    data.user_fn = (void (*)(void *, void *))fn;
+    data.user_arg = arg;
+
+    /*
+     * No pre- or post-condition for this call, as this only creates methods
+     * temporarly and then promptly destroys them.
+     */
+    ossl_algorithm_do_all(libctx, OSSL_OP_ENCODER, NULL, NULL,
+                          encoder_do_one, NULL, &data);
+}
+
+void OSSL_ENCODER_names_do_all(const OSSL_ENCODER *encoder,
+                               void (*fn)(const char *name, void *data),
+                               void *data)
+{
+    if (encoder == NULL)
+        return;
+
+    if (encoder->base.prov != NULL) {
+        OPENSSL_CTX *libctx = ossl_provider_library_context(encoder->base.prov);
+        OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
+
+        ossl_namemap_doall_names(namemap, encoder->base.id, fn, data);
+    }
+}
+
+const OSSL_PARAM *OSSL_ENCODER_settable_ctx_params(OSSL_ENCODER *encoder)
+{
+    if (encoder != NULL && encoder->settable_ctx_params != NULL) {
+        void *provctx = ossl_provider_ctx(OSSL_ENCODER_provider(encoder));
+
+        return encoder->settable_ctx_params(provctx);
+    }
+    return NULL;
+}
+
+/*
+ * Encoder context support
+ */
+
+/*
+ * |encoder| value NULL is valid, and signifies that there is no encoder.
+ * This is useful to provide fallback mechanisms.
+ *  Functions that want to verify if there is a encoder can do so with
+ * OSSL_ENCODER_CTX_get_encoder()
+ */
+OSSL_ENCODER_CTX *OSSL_ENCODER_CTX_new(OSSL_ENCODER *encoder)
+{
+    OSSL_ENCODER_CTX *ctx;
+
+    if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) {
+        ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    ctx->encoder = encoder;
+    if (encoder != NULL && encoder->newctx != NULL) {
+        const OSSL_PROVIDER *prov = OSSL_ENCODER_provider(encoder);
+        void *provctx = ossl_provider_ctx(prov);
+
+        if (OSSL_ENCODER_up_ref(encoder)) {
+            ctx->serctx = encoder->newctx(provctx);
+        } else {
+            OSSL_ENCODER_free(encoder);
+            OPENSSL_free(ctx);
+            ctx = NULL;
+        }
+    }
+
+    return ctx;
+}
+
+const OSSL_ENCODER *
+OSSL_ENCODER_CTX_get_encoder(OSSL_ENCODER_CTX *ctx)
+{
+    if (!ossl_assert(ctx != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    return ctx->encoder;
+}
+
+
+int OSSL_ENCODER_CTX_set_params(OSSL_ENCODER_CTX *ctx,
+                                const OSSL_PARAM params[])
+{
+    if (!ossl_assert(ctx != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    if (ctx->encoder != NULL && ctx->encoder->set_ctx_params != NULL)
+        return ctx->encoder->set_ctx_params(ctx->serctx, params);
+    return 0;
+}
+
+void OSSL_ENCODER_CTX_free(OSSL_ENCODER_CTX *ctx)
+{
+    if (ctx != NULL) {
+        if (ctx->encoder != NULL && ctx->encoder->freectx != NULL)
+            ctx->encoder->freectx(ctx->serctx);
+        OSSL_ENCODER_free(ctx->encoder);
+        UI_destroy_method(ctx->allocated_ui_method);
+        OPENSSL_free(ctx);
+    }
+}
diff --git a/crypto/encode_decode/encoder_pkey.c b/crypto/encode_decode/encoder_pkey.c
new file mode 100644
index 0000000000..dc776c023e
--- /dev/null
+++ b/crypto/encode_decode/encoder_pkey.c
@@ -0,0 +1,276 @@
+/*
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/err.h>
+#include <openssl/ui.h>
+#include <openssl/params.h>
+#include <openssl/encoder.h>
+#include <openssl/core_names.h>
+#include <openssl/safestack.h>
+#include "internal/provider.h"
+#include "internal/property.h"
+#include "crypto/evp.h"
+#include "encoder_local.h"
+
+DEFINE_STACK_OF_CSTRING()
+
+int OSSL_ENCODER_CTX_set_cipher(OSSL_ENCODER_CTX *ctx,
+                                const char *cipher_name,
+                                const char *propquery)
+{
+    OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END };
+
+    params[0] =
+        OSSL_PARAM_construct_utf8_string(OSSL_ENCODER_PARAM_CIPHER,
+                                         (void *)cipher_name, 0);
+    params[1] =
+        OSSL_PARAM_construct_utf8_string(OSSL_ENCODER_PARAM_PROPERTIES,
+                                         (void *)propquery, 0);
+
+    return OSSL_ENCODER_CTX_set_params(ctx, params);
+}
+
+int OSSL_ENCODER_CTX_set_passphrase(OSSL_ENCODER_CTX *ctx,
+                                    const unsigned char *kstr,
+                                    size_t klen)
+{
+    OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
+
+    params[0] = OSSL_PARAM_construct_octet_string(OSSL_ENCODER_PARAM_PASS,
+                                                  (void *)kstr, klen);
+
+    return OSSL_ENCODER_CTX_set_params(ctx, params);
+}
+
+static void encoder_ctx_reset_passphrase_ui(OSSL_ENCODER_CTX *ctx)
+{
+    UI_destroy_method(ctx->allocated_ui_method);
+    ctx->allocated_ui_method = NULL;
+    ctx->ui_method = NULL;
+    ctx->ui_data = NULL;
+}
+
+int OSSL_ENCODER_CTX_set_passphrase_ui(OSSL_ENCODER_CTX *ctx,
+                                       const UI_METHOD *ui_method,
+                                       void *ui_data)
+{
+    if (!ossl_assert(ctx != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    encoder_ctx_reset_passphrase_ui(ctx);
+    ctx->ui_method = ui_method;
+    ctx->ui_data = ui_data;
+    return 1;
+}
+
+int OSSL_ENCODER_CTX_set_passphrase_cb(OSSL_ENCODER_CTX *ctx,
+                                       pem_password_cb *cb, void *cbarg)
+{
+    if (!ossl_assert(ctx != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    encoder_ctx_reset_passphrase_ui(ctx);
+    if (cb == NULL)
+        return 1;
+    ctx->ui_method =
+        ctx->allocated_ui_method = UI_UTIL_wrap_read_pem_callback(cb, 1);
+    ctx->ui_data = cbarg;
+
+    return ctx->ui_method != NULL;
+}
+
+/*
+ * Support for OSSL_ENCODER_CTX_new_by_TYPE:
+ * finding a suitable encoder
+ */
+
+struct selected_encoder_st {
+    STACK_OF(OPENSSL_CSTRING) *names;
+    int error;
+};
+
+static void cache_encoders(const char *name, void *data)
+{
+    struct selected_encoder_st *d = data;
+
+    if (sk_OPENSSL_CSTRING_push(d->names, name) <= 0)
+        d->error = 1;
+}
+
+/*
+ * Support for OSSL_ENCODER_to_bio:
+ * writing callback for the OSSL_PARAM (the implementation doesn't have
+ * intimate knowledge of the provider side object)
+ */
+
+struct encoder_write_data_st {
+    OSSL_ENCODER_CTX *ctx;
+    BIO *out;
+};
+
+static int encoder_write_cb(const OSSL_PARAM params[], void *arg)
+{
+    struct encoder_write_data_st *write_data = arg;
+    OSSL_ENCODER_CTX *ctx = write_data->ctx;
+    BIO *out = write_data->out;
+
+    return ctx->encoder->encode_data(ctx->serctx, params, (OSSL_CORE_BIO *)out,
+                                     ossl_encoder_passphrase_out_cb, ctx);
+}
+
+/*
+ * Support for OSSL_ENCODER_to_bio:
+ * Perform the actual output.
+ */
+
+static int encoder_EVP_PKEY_to_bio(OSSL_ENCODER_CTX *ctx, BIO *out)
+{
+    const EVP_PKEY *pkey = ctx->object;
+    void *keydata = pkey->keydata;
+    EVP_KEYMGMT *keymgmt = pkey->keymgmt;
+
+    /*
+     * OSSL_ENCODER_CTX_new() creates a context, even when the
+     * encoder it's given is NULL.  Callers can detect the lack
+     * of encoder with OSSL_ENCODER_CTX_get_encoder() and
+     * should take precautions, possibly call a fallback instead of
+     * OSSL_ENCODER_to_bio() / OSSL_ENCODER_to_fp().  If it's
+     * come this far, we return an error.
+     */
+    if (ctx->encoder == NULL)
+        return 0;
+
+    if (ctx->encoder->encode_object == NULL
+        || (OSSL_ENCODER_provider(ctx->encoder)
+            != EVP_KEYMGMT_provider(keymgmt))) {
+        struct encoder_write_data_st write_data;
+
+        write_data.ctx = ctx;
+        write_data.out = out;
+
+        return evp_keymgmt_export(keymgmt, keydata, ctx->selection,
+                                  &encoder_write_cb, &write_data);
+    }
+
+    return ctx->encoder->encode_object(ctx->serctx, keydata,
+                                       (OSSL_CORE_BIO *)out,
+                                       ossl_encoder_passphrase_out_cb, ctx);
+}
+
+/*
+ * OSSL_ENCODER_CTX_new_by_EVP_PKEY() returns a ctx with no encoder if
+ * it couldn't find a suitable encoder.  This allows a caller to detect if
+ * a suitable encoder was found, with OSSL_ENCODER_CTX_get_encoder(),
+ * and to use fallback methods if the result is NULL.
+ */
+OSSL_ENCODER_CTX *OSSL_ENCODER_CTX_new_by_EVP_PKEY(const EVP_PKEY *pkey,
+                                                   const char *propquery)
+{
+    OSSL_ENCODER_CTX *ctx = NULL;
+    OSSL_ENCODER *encoder = NULL;
+    EVP_KEYMGMT *keymgmt = pkey->keymgmt;
+    int selection = OSSL_KEYMGMT_SELECT_ALL;
+
+    if (!ossl_assert(pkey != NULL && propquery != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
+        return NULL;
+    }
+
+    if (keymgmt != NULL) {
+        const OSSL_PROVIDER *desired_prov = EVP_KEYMGMT_provider(keymgmt);
+        OPENSSL_CTX *libctx = ossl_provider_library_context(desired_prov);
+        struct selected_encoder_st sel_data;
+        OSSL_ENCODER *first = NULL;
+        const char *name;
+        int i;
+
+        /*
+         * Select the encoder in two steps.  First, get the names of all of
+         * the encoders.  Then determine which is the best one to use.
+         * This has to be broken because it isn't possible to fetch the
+         * serialisers inside EVP_KEYMGMT_names_do_all() due to locking
+         * order inversions with the store lock.
+         */
+        sel_data.error = 0;
+        sel_data.names = sk_OPENSSL_CSTRING_new_null();
+        if (sel_data.names == NULL)
+            return NULL;
+        EVP_KEYMGMT_names_do_all(keymgmt, cache_encoders, &sel_data);
+        /*
+         * Ignore memory allocation errors that are indicated in sel_data.error
+         * in case a suitable provider does get found regardless.
+         */
+
+        /*
+         * Encoders offer two functions, one that handles object data in
+         * the form of a OSSL_PARAM array, and one that directly handles a
+         * provider side object.  The latter requires that the encoder
+         * is offered by the same provider that holds that object, but is
+         * more desirable because it usually provides faster encoding.
+         *
+         * When looking up possible encoders, we save the first that can
+         * handle an OSSL_PARAM array in |first| and use that if nothing
+         * better turns up.
+         */
+        for (i = 0; i < sk_OPENSSL_CSTRING_num(sel_data.names); i++) {
+            name = sk_OPENSSL_CSTRING_value(sel_data.names, i);
+            encoder = OSSL_ENCODER_fetch(libctx, name, propquery);
+            if (encoder != NULL) {
+                if (OSSL_ENCODER_provider(encoder) == desired_prov
+                        && encoder->encode_object != NULL) {
+                    OSSL_ENCODER_free(first);
+                    break;
+                }
+                if (first == NULL && encoder->encode_data != NULL)
+                    first = encoder;
+                else
+                    OSSL_ENCODER_free(encoder);
+                encoder = NULL;
+            }
+        }
+        sk_OPENSSL_CSTRING_free(sel_data.names);
+        if (encoder == NULL)
+            encoder = first;
+
+        if (encoder != NULL) {
+            OSSL_PROPERTY_LIST *check = NULL, *current_props = NULL;
+
+            check = ossl_parse_query(libctx, "type=parameters");
+            current_props =
+                ossl_parse_property(libctx, OSSL_ENCODER_properties(encoder));
+            if (ossl_property_match_count(check, current_props) > 0)
+                selection = OSSL_KEYMGMT_SELECT_ALL_PARAMETERS;
+            ossl_property_free(current_props);
+            ossl_property_free(check);
+        } else {
+            if (sel_data.error)
+                ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_MALLOC_FAILURE);
+            else
+                ERR_raise(ERR_LIB_OSSL_ENCODER,
+                          OSSL_ENCODER_R_ENCODER_NOT_FOUND);
+        }
+    }
+
+    ctx = OSSL_ENCODER_CTX_new(encoder); /* refcnt(encoder)++ */
+    OSSL_ENCODER_free(encoder);          /* refcnt(encoder)-- */
+
+    if (ctx != NULL) {
+        /* Setup for OSSL_ENCODE_to_bio() */
+        ctx->selection = selection;
+        ctx->object = pkey;
+        ctx->do_output = encoder_EVP_PKEY_to_bio;
+    }
+
+    return ctx;
+}
+
diff --git a/crypto/serializer/serdes_pass.c b/crypto/encode_decode/endecode_pass.c
similarity index 80%
rename from crypto/serializer/serdes_pass.c
rename to crypto/encode_decode/endecode_pass.c
index 75200955b5..113f5eeb84 100644
--- a/crypto/serializer/serdes_pass.c
+++ b/crypto/encode_decode/endecode_pass.c
@@ -11,7 +11,7 @@
 #include <openssl/ui.h>
 #include <openssl/core_names.h>
 #include "internal/cryptlib.h"
-#include "serializer_local.h"
+#include "encoder_local.h"
 
 /* Passphrase callbacks for any who need it */
 
@@ -56,7 +56,7 @@ static int do_passphrase(char *pass, size_t pass_size, size_t *pass_len,
 
     /* Get an application constructed prompt */
     prompt = UI_construct_prompt(ui, "pass phrase", prompt_info);
-   if (prompt == NULL) {
+    if (prompt == NULL) {
         ERR_raise(errlib, ERR_R_MALLOC_FAILURE);
         goto end;
     }
@@ -107,33 +107,33 @@ static int do_passphrase(char *pass, size_t pass_size, size_t *pass_len,
 }
 
 /*
- * Serializers typically want to get an outgoing passphrase, while
- * deserializers typically want to get en incoming passphrase.
+ * Encoders typically want to get an outgoing passphrase, while
+ * decoders typically want to get en incoming passphrase.
  */
-int ossl_serializer_passphrase_out_cb(char *pass, size_t pass_size,
-                                      size_t *pass_len,
-                                      const OSSL_PARAM params[], void *arg)
+int ossl_encoder_passphrase_out_cb(char *pass, size_t pass_size,
+                                   size_t *pass_len,
+                                   const OSSL_PARAM params[], void *arg)
 {
-    OSSL_SERIALIZER_CTX *ctx = arg;
+    OSSL_ENCODER_CTX *ctx = arg;
 
     if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_SERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
+        ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
         return 0;
     }
 
     return do_passphrase(pass, pass_size, pass_len, params, arg, 1,
                          ctx->ui_method, ctx->ui_data,
-                         ERR_LIB_OSSL_SERIALIZER);
+                         ERR_LIB_OSSL_ENCODER);
 }
 
-int ossl_deserializer_passphrase_in_cb(char *pass, size_t pass_size,
-                                       size_t *pass_len,
-                                       const OSSL_PARAM params[], void *arg)
+int ossl_decoder_passphrase_in_cb(char *pass, size_t pass_size,
+                                  size_t *pass_len,
+                                  const OSSL_PARAM params[], void *arg)
 {
-    OSSL_DESERIALIZER_CTX *ctx = arg;
+    OSSL_DECODER_CTX *ctx = arg;
 
     if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
+        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
         return 0;
     }
 
@@ -147,13 +147,13 @@ int ossl_deserializer_passphrase_in_cb(char *pass, size_t pass_size,
         return 1;
     } else {
         if ((ctx->cached_passphrase = OPENSSL_zalloc(pass_size)) == NULL) {
-            ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_MALLOC_FAILURE);
+            ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE);
             return 0;
         }
     }
     if (do_passphrase(pass, pass_size, pass_len, params, arg, 0,
                       ctx->ui_method, ctx->ui_data,
-                      ERR_LIB_OSSL_DESERIALIZER)) {
+                      ERR_LIB_OSSL_DECODER)) {
         memcpy(ctx->cached_passphrase, pass, *pass_len);
         ctx->cached_passphrase_len = *pass_len;
         return 1;
diff --git a/crypto/err/err.c b/crypto/err/err.c
index e2d70d7a58..9098112d1c 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -75,8 +75,8 @@ static ERR_STRING_DATA ERR_str_libraries[] = {
     {ERR_PACK(ERR_LIB_SM2, 0, 0), "SM2 routines"},
     {ERR_PACK(ERR_LIB_ESS, 0, 0), "ESS routines"},
     {ERR_PACK(ERR_LIB_PROV, 0, 0), "Provider routines"},
-    {ERR_PACK(ERR_LIB_OSSL_SERIALIZER, 0, 0), "SERIALIZER routines"},
-    {ERR_PACK(ERR_LIB_OSSL_DESERIALIZER, 0, 0), "DESERIALIZER routines"},
+    {ERR_PACK(ERR_LIB_OSSL_ENCODER, 0, 0), "ENCODER routines"},
+    {ERR_PACK(ERR_LIB_OSSL_DECODER, 0, 0), "DECODER routines"},
     {ERR_PACK(ERR_LIB_HTTP, 0, 0), "HTTP routines"},
     {0, NULL},
 };
diff --git a/crypto/err/openssl.ec b/crypto/err/openssl.ec
index f1bed12795..037611d759 100644
--- a/crypto/err/openssl.ec
+++ b/crypto/err/openssl.ec
@@ -40,16 +40,16 @@ L OSSL_STORE    include/openssl/store.h         crypto/store/store_err.c
 L ESS           include/openssl/ess.h           crypto/ess/ess_err.c
 L PROP          include/internal/property.h     crypto/property/property_err.c
 L PROV          providers/common/include/prov/providercommon.h providers/common/provider_err.c
-L OSSL_SERIALIZER include/openssl/serializer.h  crypto/serializer/serializer_err.c
-L OSSL_DESERIALIZER include/openssl/deserializer.h  crypto/serializer/deserializer_err.c
+L OSSL_ENCODER  include/openssl/encoder.h       crypto/encoder/encoder_err.c
+L OSSL_DECODER  include/openssl/decoder.h       crypto/encoder/decoder_err.c
 L HTTP          include/openssl/http.h          crypto/http/http_err.c
 
 # additional header files to be scanned for function names
 L NONE          include/openssl/x509_vfy.h      NONE
-L NONE          crypto/ec/ec_local.h              NONE
-L NONE          crypto/cms/cms_local.h            NONE
-L NONE          crypto/ct/ct_local.h             NONE
-L NONE          ssl/ssl_local.h                  NONE
+L NONE          crypto/ec/ec_local.h            NONE
+L NONE          crypto/cms/cms_local.h          NONE
+L NONE          crypto/ct/ct_local.h            NONE
+L NONE          ssl/ssl_local.h                 NONE
 
 # SSL/TLS alerts
 R SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE          1010
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 10531ead7a..3a5a5b5692 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2702,9 +2702,9 @@ OCSP_R_STATUS_TOO_OLD:127:status too old
 OCSP_R_UNKNOWN_MESSAGE_DIGEST:119:unknown message digest
 OCSP_R_UNKNOWN_NID:120:unknown nid
 OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE:129:unsupported requestorname type
-OSSL_DESERIALIZER_R_MISSING_GET_PARAMS:100:missing get params
-OSSL_SERIALIZER_R_INCORRECT_PROPERTY_QUERY:100:incorrect property query
-OSSL_SERIALIZER_R_SERIALIZER_NOT_FOUND:101:serializer not found
+OSSL_DECODER_R_MISSING_GET_PARAMS:100:missing get params
+OSSL_ENCODER_R_INCORRECT_PROPERTY_QUERY:100:incorrect property query
+OSSL_ENCODER_R_ENCODER_NOT_FOUND:101:encoder not found
 OSSL_STORE_R_AMBIGUOUS_CONTENT_TYPE:107:ambiguous content type
 OSSL_STORE_R_BAD_PASSWORD_READ:115:bad password read
 OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC:113:error verifying pkcs12 mac
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index bee6337a88..7a79816788 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -29,7 +29,7 @@
 #include <openssl/engine.h>
 #include <openssl/params.h>
 #include <openssl/param_build.h>
-#include <openssl/serializer.h>
+#include <openssl/encoder.h>
 #include <openssl/core_names.h>
 
 #include "crypto/asn1.h"
@@ -1143,23 +1143,23 @@ static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent,
 }
 
 static int print_pkey(const EVP_PKEY *pkey, BIO *out, int indent,
-                      const char *propquery /* For provided serialization */,
+                      const char *propquery /* For provided encoding */,
                       int (*legacy_print)(BIO *out, const EVP_PKEY *pkey,
                                           int indent, ASN1_PCTX *pctx),
                       ASN1_PCTX *legacy_pctx /* For legacy print */)
 {
     int pop_f_prefix;
     long saved_indent;
-    OSSL_SERIALIZER_CTX *ctx = NULL;
+    OSSL_ENCODER_CTX *ctx = NULL;
     int ret = -2;                /* default to unsupported */
 
     if (!print_set_indent(&out, &pop_f_prefix, &saved_indent, indent))
         return 0;
 
-    ctx = OSSL_SERIALIZER_CTX_new_by_EVP_PKEY(pkey, propquery);
-    if (OSSL_SERIALIZER_CTX_get_serializer(ctx) != NULL)
-        ret = OSSL_SERIALIZER_to_bio(ctx, out);
-    OSSL_SERIALIZER_CTX_free(ctx);
+    ctx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey, propquery);
+    if (OSSL_ENCODER_CTX_get_encoder(ctx) != NULL)
+        ret = OSSL_ENCODER_to_bio(ctx, out);
+    OSSL_ENCODER_CTX_free(ctx);
 
     if (ret != -2)
         goto end;
@@ -1178,7 +1178,7 @@ static int print_pkey(const EVP_PKEY *pkey, BIO *out, int indent,
 int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
                           int indent, ASN1_PCTX *pctx)
 {
-    return print_pkey(pkey, out, indent, OSSL_SERIALIZER_PUBKEY_TO_TEXT_PQ,
+    return print_pkey(pkey, out, indent, OSSL_ENCODER_PUBKEY_TO_TEXT_PQ,
                       (pkey->ameth != NULL ? pkey->ameth->pub_print : NULL),
                       pctx);
 }
@@ -1186,7 +1186,7 @@ int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
 int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
                            int indent, ASN1_PCTX *pctx)
 {
-    return print_pkey(pkey, out, indent, OSSL_SERIALIZER_PrivateKey_TO_TEXT_PQ,
+    return print_pkey(pkey, out, indent, OSSL_ENCODER_PrivateKey_TO_TEXT_PQ,
                       (pkey->ameth != NULL ? pkey->ameth->priv_print : NULL),
                       pctx);
 }
@@ -1194,7 +1194,7 @@ int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
 int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
                           int indent, ASN1_PCTX *pctx)
 {
-    return print_pkey(pkey, out, indent, OSSL_SERIALIZER_Parameters_TO_TEXT_PQ,
+    return print_pkey(pkey, out, indent, OSSL_ENCODER_Parameters_TO_TEXT_PQ,
                       (pkey->ameth != NULL ? pkey->ameth->param_print : NULL),
                       pctx);
 }
diff --git a/crypto/evp/pmeth_gn.c b/crypto/evp/pmeth_gn.c
index 1ab309329d..2f9346d998 100644
--- a/crypto/evp/pmeth_gn.c
+++ b/crypto/evp/pmeth_gn.c
@@ -27,7 +27,6 @@
 /* TODO(3.0) remove when provider SM2 key generation is implemented */
 #ifdef TMP_SM2_HACK
 # include <openssl/ec.h>
-# include <openssl/serializer.h>
 # include "internal/sizes.h"
 #endif
 
diff --git a/crypto/pem/pem_local.h b/crypto/pem/pem_local.h
index 2fb1e6f4d5..81d1718e32 100644
--- a/crypto/pem/pem_local.h
+++ b/crypto/pem/pem_local.h
@@ -13,17 +13,17 @@
  */
 
 #include <openssl/pem.h>
-#include <openssl/serializer.h>
+#include <openssl/encoder.h>
 
-/* Alternative IMPLEMENT macros for provided serializers */
+/* Alternative IMPLEMENT macros for provided encoders */
 
 # define IMPLEMENT_PEM_provided_write_body_vars(type, asn1)             \
     int ret = 0;                                                        \
-    const char *pq = OSSL_SERIALIZER_##asn1##_TO_PEM_PQ;                \
-    OSSL_SERIALIZER_CTX *ctx = OSSL_SERIALIZER_CTX_new_by_##type(x, pq); \
+    const char *pq = OSSL_ENCODER_##asn1##_TO_PEM_PQ;                   \
+    OSSL_ENCODER_CTX *ctx = OSSL_ENCODER_CTX_new_by_##type(x, pq);      \
                                                                         \
-    if (ctx != NULL && OSSL_SERIALIZER_CTX_get_serializer(ctx) == NULL) { \
-        OSSL_SERIALIZER_CTX_free(ctx);                                  \
+    if (ctx != NULL && OSSL_ENCODER_CTX_get_encoder(ctx) == NULL) {     \
+        OSSL_ENCODER_CTX_free(ctx);                                     \
         goto legacy;                                                    \
     }
 # define IMPLEMENT_PEM_provided_write_body_pass()                       \
@@ -38,31 +38,31 @@
     }                                                                   \
     if (enc != NULL) {                                                  \
         ret = 0;                                                        \
-        if (OSSL_SERIALIZER_CTX_set_cipher(ctx, EVP_CIPHER_name(enc),   \
-                                           NULL)) {                     \
+        if (OSSL_ENCODER_CTX_set_cipher(ctx, EVP_CIPHER_name(enc),      \
+                                        NULL)) {                        \
             ret = 1;                                                    \
             if (kstr != NULL                                            \
-                && !OSSL_SERIALIZER_CTX_set_passphrase(ctx, kstr, klen)) \
+                && !OSSL_ENCODER_CTX_set_passphrase(ctx, kstr, klen))   \
                 ret = 0;                                                \
             else if (cb != NULL                                         \
-                     && !OSSL_SERIALIZER_CTX_set_passphrase_cb(ctx,     \
-                                                               cb, u))  \
+                     && !OSSL_ENCODER_CTX_set_passphrase_cb(ctx,        \
+                                                            cb, u))     \
                 ret = 0;                                                \
         }                                                               \
     }                                                                   \
     if (!ret) {                                                         \
-        OSSL_SERIALIZER_CTX_free(ctx);                                  \
+        OSSL_ENCODER_CTX_free(ctx);                                     \
         return 0;                                                       \
     }
 # define IMPLEMENT_PEM_provided_write_body_main(type, outtype)          \
-    ret = OSSL_SERIALIZER_to_##outtype(ctx, out);                       \
-    OSSL_SERIALIZER_CTX_free(ctx);                                      \
+    ret = OSSL_ENCODER_to_##outtype(ctx, out);                          \
+    OSSL_ENCODER_CTX_free(ctx);                                         \
     return ret
 # define IMPLEMENT_PEM_provided_write_body_fallback(str, asn1,          \
                                                     writename)          \
     legacy:                                                             \
     return PEM_ASN1_##writename((i2d_of_void *)i2d_##asn1, str, out,    \
-                                  x, NULL, NULL, 0, NULL, NULL)
+                                x, NULL, NULL, 0, NULL, NULL)
 # define IMPLEMENT_PEM_provided_write_body_fallback_cb(str, asn1,       \
                                                        writename)       \
     legacy:                                                             \
@@ -114,15 +114,15 @@
     IMPLEMENT_PEM_provided_write_bio(name, type, str, asn1)     \
     IMPLEMENT_PEM_provided_write_fp(name, type, str, asn1)
 
-# define IMPLEMENT_PEM_provided_write_cb(name, type, str, asn1) \
-    IMPLEMENT_PEM_provided_write_cb_bio(name, type, str, asn1)  \
+# define IMPLEMENT_PEM_provided_write_cb(name, type, str, asn1)         \
+    IMPLEMENT_PEM_provided_write_cb_bio(name, type, str, asn1)          \
     IMPLEMENT_PEM_provided_write_cb_fp(name, type, str, asn1)
 
-# define IMPLEMENT_PEM_provided_rw(name, type, str, asn1) \
+# define IMPLEMENT_PEM_provided_rw(name, type, str, asn1)       \
     IMPLEMENT_PEM_read(name, type, str, asn1)                   \
     IMPLEMENT_PEM_provided_write(name, type, str, asn1)
 
-# define IMPLEMENT_PEM_provided_rw_cb(name, type, str, asn1) \
+# define IMPLEMENT_PEM_provided_rw_cb(name, type, str, asn1)    \
     IMPLEMENT_PEM_read(name, type, str, asn1)                   \
     IMPLEMENT_PEM_provided_write_cb(name, type, str, asn1)
 
diff --git a/crypto/pem/pem_pk8.c b/crypto/pem/pem_pk8.c
index 12a25b7a82..84d431820b 100644
--- a/crypto/pem/pem_pk8.c
+++ b/crypto/pem/pem_pk8.c
@@ -15,7 +15,7 @@
 #include <openssl/x509.h>
 #include <openssl/pkcs12.h>
 #include <openssl/pem.h>
-#include <openssl/serializer.h>
+#include <openssl/encoder.h>
 
 static int do_pk8pkey(BIO *bp, const EVP_PKEY *x, int isder,
                       int nid, const EVP_CIPHER *enc,
@@ -69,9 +69,9 @@ static int do_pk8pkey(BIO *bp, const EVP_PKEY *x, int isder, int nid,
 {
     int ret = 0;
     const char *pq = isder
-        ? OSSL_SERIALIZER_PrivateKey_TO_DER_PQ
-        : OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ;
-    OSSL_SERIALIZER_CTX *ctx = OSSL_SERIALIZER_CTX_new_by_EVP_PKEY(x, pq);
+        ? OSSL_ENCODER_PrivateKey_TO_DER_PQ
+        : OSSL_ENCODER_PrivateKey_TO_PEM_PQ;
+    OSSL_ENCODER_CTX *ctx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(x, pq);
 
     if (ctx == NULL)
         return 0;
@@ -90,12 +90,11 @@ static int do_pk8pkey(BIO *bp, const EVP_PKEY *x, int isder, int nid,
         }
     }
 
-    if (OSSL_SERIALIZER_CTX_get_serializer(ctx) != NULL) {
+    if (OSSL_ENCODER_CTX_get_encoder(ctx) != NULL) {
         ret = 1;
         if (enc != NULL) {
             ret = 0;
-            if (OSSL_SERIALIZER_CTX_set_cipher(ctx, EVP_CIPHER_name(enc),
-                                               NULL)) {
+            if (OSSL_ENCODER_CTX_set_cipher(ctx, EVP_CIPHER_name(enc), NULL)) {
                 const unsigned char *ukstr = (const unsigned char *)kstr;
 
                 /*
@@ -106,14 +105,14 @@ static int do_pk8pkey(BIO *bp, const EVP_PKEY *x, int isder, int nid,
                  */
                 ret = 1;
                 if (kstr != NULL
-                    && !OSSL_SERIALIZER_CTX_set_passphrase(ctx, ukstr, klen))
+                    && !OSSL_ENCODER_CTX_set_passphrase(ctx, ukstr, klen))
                     ret = 0;
                 else if (cb != NULL
-                         && !OSSL_SERIALIZER_CTX_set_passphrase_cb(ctx, cb, u))
+                         && !OSSL_ENCODER_CTX_set_passphrase_cb(ctx, cb, u))
                     ret = 0;
             }
         }
-        ret = ret && OSSL_SERIALIZER_to_bio(ctx, bp);
+        ret = ret && OSSL_ENCODER_to_bio(ctx, bp);
     } else {
         X509_SIG *p8;
         PKCS8_PRIV_KEY_INFO *p8inf;
@@ -153,7 +152,7 @@ static int do_pk8pkey(BIO *bp, const EVP_PKEY *x, int isder, int nid,
      legacy_end:
         PKCS8_PRIV_KEY_INFO_free(p8inf);
     }
-    OSSL_SERIALIZER_CTX_free(ctx);
+    OSSL_ENCODER_CTX_free(ctx);
     return ret;
 }
 
@@ -261,4 +260,4 @@ IMPLEMENT_PEM_rw(PKCS8, X509_SIG, PEM_STRING_PKCS8, X509_SIG)
 
 
 IMPLEMENT_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO, PEM_STRING_PKCS8INF,
-             PKCS8_PRIV_KEY_INFO)
+                 PKCS8_PRIV_KEY_INFO)
diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c
index 4ee5bb7009..e355afe5f9 100644
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c
@@ -19,7 +19,6 @@
 #include <openssl/dh.h>
 #include <openssl/store.h>
 #include <openssl/ui.h>
-#include <openssl/serializer.h>
 #include "crypto/store.h"
 #include "crypto/asn1.h"
 #include "crypto/evp.h"
diff --git a/crypto/property/property_parse.c b/crypto/property/property_parse.c
index 91b830c2e5..6d6ca9b266 100644
--- a/crypto/property/property_parse.c
+++ b/crypto/property/property_parse.c
@@ -596,9 +596,9 @@ int ossl_property_parse_init(OPENSSL_CTX *ctx)
         "provider",     /* Name of provider (default, legacy, fips) */
         "version",      /* Version number of this provider */
         "fips",         /* FIPS validated or FIPS supporting algorithm */
-        "format",       /* output format for serializers */
-        "type",         /* output type for serializers */
-        "input",        /* input type for deserializers */
+        "format",       /* output format for encoders */
+        "type",         /* output type for encoders */
+        "input",        /* input type for decoders */
     };
     size_t i;
 
diff --git a/crypto/serializer/build.info b/crypto/serializer/build.info
deleted file mode 100644
index 11f8889b6b..0000000000
--- a/crypto/serializer/build.info
+++ /dev/null
@@ -1,8 +0,0 @@
-SOURCE[../../libcrypto]=serdes_pass.c
-
-SOURCE[../../libcrypto]=serializer_meth.c serializer_lib.c serializer_pkey.c
-SOURCE[../../libcrypto]=deserializer_meth.c deserializer_lib.c \
-        deserializer_pkey.c
-
-SOURCE[../../libcrypto]=serializer_err.c
-SOURCE[../../libcrypto]=deserializer_err.c
diff --git a/crypto/serializer/deserializer_lib.c b/crypto/serializer/deserializer_lib.c
deleted file mode 100644
index aa3b552786..0000000000
--- a/crypto/serializer/deserializer_lib.c
+++ /dev/null
@@ -1,488 +0,0 @@
-/*
- * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <openssl/core_names.h>
-#include <openssl/bio.h>
-#include <openssl/params.h>
-#include <openssl/provider.h>
-#include "serializer_local.h"
-#include "e_os.h"
-
-struct deser_process_data_st {
-    OSSL_DESERIALIZER_CTX *ctx;
-
-    /* Current BIO */
-    BIO *bio;
-
-    /* Index of the current deserializer instance to be processed */
-    size_t current_deser_inst_index;
-};
-
-static int deser_process(const OSSL_PARAM params[], void *arg);
-
-int OSSL_DESERIALIZER_from_bio(OSSL_DESERIALIZER_CTX *ctx, BIO *in)
-{
-    struct deser_process_data_st data;
-    int ok = 0;
-
-    memset(&data, 0, sizeof(data));
-    data.ctx = ctx;
-    data.bio = in;
-
-    ok = deser_process(NULL, &data);
-
-    /* Clear any internally cached passphrase */
-    if (!ctx->flag_user_passphrase) {
-        OSSL_DESERIALIZER_CTX_set_passphrase(ctx, NULL, 0);
-        ctx->flag_user_passphrase = 0;
-    }
-    return ok;
-}
-
-#ifndef OPENSSL_NO_STDIO
-static BIO *bio_from_file(FILE *fp)
-{
-    BIO *b;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_BIO_LIB);
-        return NULL;
-    }
-    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    return b;
-}
-
-int OSSL_DESERIALIZER_from_fp(OSSL_DESERIALIZER_CTX *ctx, FILE *fp)
-{
-    BIO *b = bio_from_file(fp);
-    int ret = 0;
-
-    if (b != NULL)
-        ret = OSSL_DESERIALIZER_from_bio(ctx, b);
-
-    BIO_free(b);
-    return ret;
-}
-#endif
-
-int OSSL_DESERIALIZER_CTX_set_input_type(OSSL_DESERIALIZER_CTX *ctx,
-                                         const char *input_type)
-{
-    if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    /*
-     * NULL is a valid starting input type, and means that the caller leaves
-     * it to code to discover what the starting input type is.
-     */
-    ctx->start_input_type = input_type;
-    return 1;
-}
-
-int OSSL_DESERIALIZER_CTX_add_deserializer(OSSL_DESERIALIZER_CTX *ctx,
-                                           OSSL_DESERIALIZER *deser)
-{
-    OSSL_DESERIALIZER_INSTANCE *deser_inst = NULL;
-    const OSSL_PROVIDER *prov = NULL;
-    OSSL_PARAM params[2];
-    void *provctx = NULL;
-
-    if (!ossl_assert(ctx != NULL) || !ossl_assert(deser != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    if (deser->get_params == NULL) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER,
-                  OSSL_DESERIALIZER_R_MISSING_GET_PARAMS);
-        return 0;
-    }
-
-    if (ctx->deser_insts == NULL
-        && (ctx->deser_insts =
-            sk_OSSL_DESERIALIZER_INSTANCE_new_null()) == NULL) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    if ((deser_inst = OPENSSL_zalloc(sizeof(*deser_inst))) == NULL) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    if (!OSSL_DESERIALIZER_up_ref(deser)) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-    deser_inst->deser = deser;
-
-    prov = OSSL_DESERIALIZER_provider(deser_inst->deser);
-    provctx = OSSL_PROVIDER_get0_provider_ctx(prov);
-
-    /* Cache the input type for this serializer */
-    params[0] =
-        OSSL_PARAM_construct_utf8_ptr(OSSL_DESERIALIZER_PARAM_INPUT_TYPE,
-                                      (char **)&deser_inst->input_type, 0);
-    params[1] = OSSL_PARAM_construct_end();
-
-    if (!deser_inst->deser->get_params(params)
-        || !OSSL_PARAM_modified(&params[0]))
-        goto err;
-
-    if ((deser_inst->deserctx = deser_inst->deser->newctx(provctx))
-        == NULL)
-        goto err;
-
-    if (sk_OSSL_DESERIALIZER_INSTANCE_push(ctx->deser_insts, deser_inst) <= 0)
-        goto err;
-
-    return 1;
- err:
-    if (deser_inst != NULL) {
-        if (deser_inst->deser != NULL)
-            deser_inst->deser->freectx(deser_inst->deserctx);
-        OSSL_DESERIALIZER_free(deser_inst->deser);
-        OPENSSL_free(deser_inst);
-    }
-    return 0;
-}
-
-int OSSL_DESERIALIZER_CTX_add_extra(OSSL_DESERIALIZER_CTX *ctx,
-                                    OPENSSL_CTX *libctx, const char *propq)
-{
-    /*
-     * This function goes through existing deserializer methods in
-     * |ctx->deser_insts|, and tries to fetch new deserializers that produce
-     * what the existing ones want as input, and push those newly fetched
-     * deserializers on top of the same stack.
-     * Then it does the same again, but looping over the newly fetched
-     * deserializers, until there are no more serializers to be fetched, or
-     * when we have done this 10 times.
-     *
-     * we do this with sliding windows on the stack by keeping track of indexes
-     * and of the end.
-     *
-     * +----------------+
-     * |   DER to RSA   | <--- w_prev_start
-     * +----------------+
-     * |   DER to DSA   |
-     * +----------------+
-     * |   DER to DH    |
-     * +----------------+
-     * |   PEM to DER   | <--- w_prev_end, w_new_start
-     * +----------------+
-     *                    <--- w_new_end
-     */
-    size_t w_prev_start, w_prev_end; /* "previous" deserializers */
-    size_t w_new_start, w_new_end;   /* "new" deserializers */
-    size_t count = 0; /* Calculates how many were added in each iteration */
-    size_t depth = 0; /* Counts the number of iterations */
-
-    if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    /*
-     * If there is no stack of OSSL_DESERIALIZER_INSTANCE, we have nothing
-     * more to add.  That's fine.
-     */
-    if (ctx->deser_insts == NULL)
-        return 1;
-
-    w_prev_start = 0;
-    w_prev_end = sk_OSSL_DESERIALIZER_INSTANCE_num(ctx->deser_insts);
-    do {
-        size_t i;
-
-        w_new_start = w_new_end = w_prev_end;
-
-        for (i = w_prev_start; i < w_prev_end; i++) {
-            OSSL_DESERIALIZER_INSTANCE *deser_inst =
-                sk_OSSL_DESERIALIZER_INSTANCE_value(ctx->deser_insts, i);
-            const char *name = deser_inst->input_type;
-            OSSL_DESERIALIZER *deser = NULL;
-
-            /*
-             * If the caller has specified what the initial input should be,
-             * and the deserializer implementation we're looking at has that
-             * input type, there's no point adding on more implementations
-             * on top of this one, so we don't.
-             */
-            if (ctx->start_input_type != NULL
-                && strcasecmp(ctx->start_input_type,
-                              deser_inst->input_type) != 0)
-                continue;
-
-            ERR_set_mark();
-            deser = OSSL_DESERIALIZER_fetch(libctx, name, propq);
-            ERR_pop_to_mark();
-
-            if (deser != NULL) {
-                size_t j;
-
-                /*
-                 * Check that we don't already have this deserializer in our
-                 * stack We only need to check among the newly added ones.
-                 */
-                for (j = w_new_start; j < w_new_end; j++) {
-                    OSSL_DESERIALIZER_INSTANCE *check_inst =
-                        sk_OSSL_DESERIALIZER_INSTANCE_value(ctx->deser_insts, j);
-
-                    if (deser == check_inst->deser) {
-                        /* We found it, so drop the new fetch */
-                        OSSL_DESERIALIZER_free(deser);
-                        deser = NULL;
-                        break;
-                    }
-                }
-            }
-
-            if (deser == NULL)
-                continue;
-
-            /*
-             * Apart from keeping w_new_end up to date, We don't care about
-             * errors here.  If it doesn't collect, then it doesn't...
-             */
-            if (OSSL_DESERIALIZER_CTX_add_deserializer(ctx, deser)) /* ref++ */
-                w_new_end++;
-            OSSL_DESERIALIZER_free(deser); /* ref-- */
-        }
-        /* How many were added in this iteration */
-        count = w_new_end - w_new_start;
-
-        /* Slide the "previous deserializer" windows */
-        w_prev_start = w_new_start;
-        w_prev_end = w_new_end;
-
-        depth++;
-    } while (count != 0 && depth <= 10);
-
-    return 1;
-}
-
-int OSSL_DESERIALIZER_CTX_num_deserializers(OSSL_DESERIALIZER_CTX *ctx)
-{
-    if (ctx == NULL || ctx->deser_insts == NULL)
-        return 0;
-    return sk_OSSL_DESERIALIZER_INSTANCE_num(ctx->deser_insts);
-}
-
-int OSSL_DESERIALIZER_CTX_set_construct(OSSL_DESERIALIZER_CTX *ctx,
-                                        OSSL_DESERIALIZER_CONSTRUCT *construct)
-{
-    if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    ctx->construct = construct;
-    return 1;
-}
-
-int OSSL_DESERIALIZER_CTX_set_construct_data(OSSL_DESERIALIZER_CTX *ctx,
-                                             void *construct_data)
-{
-    if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    ctx->construct_data = construct_data;
-    return 1;
-}
-
-int OSSL_DESERIALIZER_CTX_set_cleanup(OSSL_DESERIALIZER_CTX *ctx,
-                                      OSSL_DESERIALIZER_CLEANUP *cleanup)
-{
-    if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    ctx->cleanup = cleanup;
-    return 1;
-}
-
-OSSL_DESERIALIZER_CONSTRUCT *
-OSSL_DESERIALIZER_CTX_get_construct(OSSL_DESERIALIZER_CTX *ctx)
-{
-    if (ctx == NULL)
-        return NULL;
-    return ctx->construct;
-}
-
-void *OSSL_DESERIALIZER_CTX_get_construct_data(OSSL_DESERIALIZER_CTX *ctx)
-{
-    if (ctx == NULL)
-        return NULL;
-    return ctx->construct_data;
-}
-
-OSSL_DESERIALIZER_CLEANUP *
-OSSL_DESERIALIZER_CTX_get_cleanup(OSSL_DESERIALIZER_CTX *ctx)
-{
-    if (ctx == NULL)
-        return NULL;
-    return ctx->cleanup;
-}
-
-int OSSL_DESERIALIZER_export(OSSL_DESERIALIZER_INSTANCE *deser_inst,
-                             void *reference, size_t reference_sz,
-                             OSSL_CALLBACK *export_cb, void *export_cbarg)
-{
-    if (!(ossl_assert(deser_inst != NULL)
-          && ossl_assert(reference != NULL)
-          && ossl_assert(export_cb != NULL)
-          && ossl_assert(export_cbarg != NULL))) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    return deser_inst->deser->export_object(deser_inst->deserctx,
-                                            reference, reference_sz,
-                                            export_cb, export_cbarg);
-}
-
-OSSL_DESERIALIZER *OSSL_DESERIALIZER_INSTANCE_deserializer
-    (OSSL_DESERIALIZER_INSTANCE *deser_inst)
-{
-    if (deser_inst == NULL)
-        return NULL;
-    return deser_inst->deser;
-}
-
-void *OSSL_DESERIALIZER_INSTANCE_deserializer_ctx
-    (OSSL_DESERIALIZER_INSTANCE *deser_inst)
-{
-    if (deser_inst == NULL)
-        return NULL;
-    return deser_inst->deserctx;
-}
-
-static int deser_process(const OSSL_PARAM params[], void *arg)
-{
-    struct deser_process_data_st *data = arg;
-    OSSL_DESERIALIZER_CTX *ctx = data->ctx;
-    OSSL_DESERIALIZER_INSTANCE *deser_inst = NULL;
-    OSSL_DESERIALIZER *deser = NULL;
-    BIO *bio = data->bio;
-    long loc;
-    size_t i;
-    int ok = 0;
-    /* For recursions */
-    struct deser_process_data_st new_data;
-
-    memset(&new_data, 0, sizeof(new_data));
-    new_data.ctx = data->ctx;
-
-    if (params == NULL) {
-        /* First iteration, where we prepare for what is to come */
-
-        data->current_deser_inst_index =
-            OSSL_DESERIALIZER_CTX_num_deserializers(ctx);
-
-        bio = data->bio;
-    } else {
-        const OSSL_PARAM *p;
-
-        deser_inst =
-            sk_OSSL_DESERIALIZER_INSTANCE_value(ctx->deser_insts,
-                                                data->current_deser_inst_index);
-        deser = OSSL_DESERIALIZER_INSTANCE_deserializer(deser_inst);
-
-        if (ctx->construct != NULL
-            && ctx->construct(deser_inst, params, ctx->construct_data)) {
-            ok = 1;
-            goto end;
-        }
-
-        /* The constructor didn't return success */
-
-        /*
-         * so we try to use the object we got and feed it to any next
-         * deserializer that will take it.  Object references are not
-         * allowed for this.
-         * If this data isn't present, deserialization has failed.
-         */
-
-        p = OSSL_PARAM_locate_const(params, OSSL_DESERIALIZER_PARAM_DATA);
-        if (p == NULL || p->data_type != OSSL_PARAM_OCTET_STRING)
-            goto end;
-        new_data.bio = BIO_new_mem_buf(p->data, (int)p->data_size);
-        if (new_data.bio == NULL)
-            goto end;
-        bio = new_data.bio;
-    }
-
-    /*
-     * If we have no more deserializers to look through at this point,
-     * we failed
-     */
-    if (data->current_deser_inst_index == 0)
-        goto end;
-
-    if ((loc = BIO_tell(bio)) < 0) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_BIO_LIB);
-        goto end;
-    }
-
-    for (i = data->current_deser_inst_index; i-- > 0;) {
-        OSSL_DESERIALIZER_INSTANCE *new_deser_inst =
-            sk_OSSL_DESERIALIZER_INSTANCE_value(ctx->deser_insts, i);
-        OSSL_DESERIALIZER *new_deser =
-            OSSL_DESERIALIZER_INSTANCE_deserializer(new_deser_inst);
-
-        /*
-         * If |deser| is NULL, it means we've just started, and the caller
-         * may have specified what it expects the initial input to be.  If
-         * that's the case, we do this extra check.
-         */
-        if (deser == NULL && ctx->start_input_type != NULL
-            && strcasecmp(ctx->start_input_type,
-                          new_deser_inst->input_type) != 0)
-            continue;
-
-        /*
-         * If we have a previous deserializer, we check that the input type
-         * of the next to be used matches the type of this previous one.
-         * deser_inst->input_type is a cache of the parameter "input-type"
-         * value for that deserializer.
-         */
-        if (deser != NULL
-            && !OSSL_DESERIALIZER_is_a(deser, new_deser_inst->input_type))
-            continue;
-
-        /*
-         * Checking the return value of BIO_reset() or BIO_seek() is unsafe.
-         * Furthermore, BIO_reset() is unsafe to use if the source BIO happens
-         * to be a BIO_s_mem(), because the earlier BIO_tell() gives us zero
-         * no matter where we are in the underlying buffer we're reading from.
-         *
-         * So, we simply do a BIO_seek(), and use BIO_tell() that we're back
-         * at the same position.  This is a best effort attempt, but BIO_seek()
-         * and BIO_tell() should come as a pair...
-         */
-        (void)BIO_seek(bio, loc);
-        if (BIO_tell(bio) != loc)
-            goto end;
-
-        /* Recurse */
-        new_data.current_deser_inst_index = i;
-        ok = new_deser->deserialize(new_deser_inst->deserctx,
-                                    (OSSL_CORE_BIO *)bio,
-                                    deser_process, &new_data,
-                                    ctx->passphrase_cb,
-                                    new_data.ctx);
-        if (ok)
-            break;
-    }
-
- end:
-    BIO_free(new_data.bio);
-    return ok;
-}
diff --git a/crypto/serializer/deserializer_meth.c b/crypto/serializer/deserializer_meth.c
deleted file mode 100644
index 69099f5e95..0000000000
--- a/crypto/serializer/deserializer_meth.c
+++ /dev/null
@@ -1,552 +0,0 @@
-/*
- * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <openssl/core.h>
-#include <openssl/core_dispatch.h>
-#include <openssl/deserializer.h>
-#include <openssl/ui.h>
-#include "internal/core.h"
-#include "internal/namemap.h"
-#include "internal/property.h"
-#include "internal/provider.h"
-#include "crypto/serializer.h"
-#include "serializer_local.h"
-
-static void OSSL_DESERIALIZER_INSTANCE_free(OSSL_DESERIALIZER_INSTANCE *instance);
-
-/*
- * Deserializer can have multiple names, separated with colons in a name string
- */
-#define NAME_SEPARATOR ':'
-
-/* Simple method structure constructor and destructor */
-static OSSL_DESERIALIZER *ossl_deserializer_new(void)
-{
-    OSSL_DESERIALIZER *deser = NULL;
-
-    if ((deser = OPENSSL_zalloc(sizeof(*deser))) == NULL
-        || (deser->base.lock = CRYPTO_THREAD_lock_new()) == NULL) {
-        OSSL_DESERIALIZER_free(deser);
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    deser->base.refcnt = 1;
-
-    return deser;
-}
-
-int OSSL_DESERIALIZER_up_ref(OSSL_DESERIALIZER *deser)
-{
-    int ref = 0;
-
-    CRYPTO_UP_REF(&deser->base.refcnt, &ref, deser->base.lock);
-    return 1;
-}
-
-void OSSL_DESERIALIZER_free(OSSL_DESERIALIZER *deser)
-{
-    int ref = 0;
-
-    if (deser == NULL)
-        return;
-
-    CRYPTO_DOWN_REF(&deser->base.refcnt, &ref, deser->base.lock);
-    if (ref > 0)
-        return;
-    ossl_provider_free(deser->base.prov);
-    CRYPTO_THREAD_lock_free(deser->base.lock);
-    OPENSSL_free(deser);
-}
-
-/* Permanent deserializer method store, constructor and destructor */
-static void deserializer_store_free(void *vstore)
-{
-    ossl_method_store_free(vstore);
-}
-
-static void *deserializer_store_new(OPENSSL_CTX *ctx)
-{
-    return ossl_method_store_new(ctx);
-}
-
-
-static const OPENSSL_CTX_METHOD deserializer_store_method = {
-    deserializer_store_new,
-    deserializer_store_free,
-};
-
-/* Data to be passed through ossl_method_construct() */
-struct deserializer_data_st {
-    OPENSSL_CTX *libctx;
-    OSSL_METHOD_CONSTRUCT_METHOD *mcm;
-    int id;                      /* For get_deserializer_from_store() */
-    const char *names;           /* For get_deserializer_from_store() */
-    const char *propquery;       /* For get_deserializer_from_store() */
-};
-
-/*
- * Generic routines to fetch / create DESERIALIZER methods with
- * ossl_method_construct()
- */
-
-/* Temporary deserializer method store, constructor and destructor */
-static void *alloc_tmp_deserializer_store(OPENSSL_CTX *ctx)
-{
-    return ossl_method_store_new(ctx);
-}
-
- static void dealloc_tmp_deserializer_store(void *store)
-{
-    if (store != NULL)
-        ossl_method_store_free(store);
-}
-
-/* Get the permanent deserializer store */
-static OSSL_METHOD_STORE *get_deserializer_store(OPENSSL_CTX *libctx)
-{
-    return openssl_ctx_get_data(libctx, OPENSSL_CTX_DESERIALIZER_STORE_INDEX,
-                                &deserializer_store_method);
-}
-
-/* Get deserializer methods from a store, or put one in */
-static void *get_deserializer_from_store(OPENSSL_CTX *libctx, void *store,
-                                         void *data)
-{
-    struct deserializer_data_st *methdata = data;
-    void *method = NULL;
-    int id;
-
-    if ((id = methdata->id) == 0) {
-        OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
-
-        id = ossl_namemap_name2num(namemap, methdata->names);
-    }
-
-    if (store == NULL
-        && (store = get_deserializer_store(libctx)) == NULL)
-        return NULL;
-
-    if (!ossl_method_store_fetch(store, id, methdata->propquery, &method))
-        return NULL;
-    return method;
-}
-
-static int put_deserializer_in_store(OPENSSL_CTX *libctx, void *store,
-                                     void *method, const OSSL_PROVIDER *prov,
-                                     int operation_id, const char *names,
-                                     const char *propdef, void *unused)
-{
-    OSSL_NAMEMAP *namemap;
-    int id;
-
-    if ((namemap = ossl_namemap_stored(libctx)) == NULL
-        || (id = ossl_namemap_name2num(namemap, names)) == 0)
-        return 0;
-
-    if (store == NULL && (store = get_deserializer_store(libctx)) == NULL)
-        return 0;
-
-    return ossl_method_store_add(store, prov, id, propdef, method,
-                                 (int (*)(void *))OSSL_DESERIALIZER_up_ref,
-                                 (void (*)(void *))OSSL_DESERIALIZER_free);
-}
-
-/* Create and populate a deserializer method */
-static void *deserializer_from_dispatch(int id, const OSSL_ALGORITHM *algodef,
-                                        OSSL_PROVIDER *prov)
-{
-    OSSL_DESERIALIZER *deser = NULL;
-    const OSSL_DISPATCH *fns = algodef->implementation;
-
-    if ((deser = ossl_deserializer_new()) == NULL)
-        return NULL;
-    deser->base.id = id;
-    deser->base.propdef = algodef->property_definition;
-
-    for (; fns->function_id != 0; fns++) {
-        switch (fns->function_id) {
-        case OSSL_FUNC_DESERIALIZER_NEWCTX:
-            if (deser->newctx == NULL)
-                deser->newctx = OSSL_FUNC_deserializer_newctx(fns);
-            break;
-        case OSSL_FUNC_DESERIALIZER_FREECTX:
-            if (deser->freectx == NULL)
-                deser->freectx = OSSL_FUNC_deserializer_freectx(fns);
-            break;
-        case OSSL_FUNC_DESERIALIZER_GET_PARAMS:
-            if (deser->get_params == NULL)
-                deser->get_params =
-                    OSSL_FUNC_deserializer_get_params(fns);
-            break;
-        case OSSL_FUNC_DESERIALIZER_GETTABLE_PARAMS:
-            if (deser->gettable_params == NULL)
-                deser->gettable_params =
-                    OSSL_FUNC_deserializer_gettable_params(fns);
-            break;
-        case OSSL_FUNC_DESERIALIZER_SET_CTX_PARAMS:
-            if (deser->set_ctx_params == NULL)
-                deser->set_ctx_params =
-                    OSSL_FUNC_deserializer_set_ctx_params(fns);
-            break;
-        case OSSL_FUNC_DESERIALIZER_SETTABLE_CTX_PARAMS:
-            if (deser->settable_ctx_params == NULL)
-                deser->settable_ctx_params =
-                    OSSL_FUNC_deserializer_settable_ctx_params(fns);
-            break;
-        case OSSL_FUNC_DESERIALIZER_DESERIALIZE:
-            if (deser->deserialize == NULL)
-                deser->deserialize = OSSL_FUNC_deserializer_deserialize(fns);
-            break;
-        case OSSL_FUNC_DESERIALIZER_EXPORT_OBJECT:
-            if (deser->export_object == NULL)
-                deser->export_object = OSSL_FUNC_deserializer_export_object(fns);
-            break;
-        }
-    }
-    /*
-     * Try to check that the method is sensible.
-     * If you have a constructor, you must have a destructor and vice versa.
-     * You must have at least one of the serializing driver functions.
-     */
-    if (!((deser->newctx == NULL && deser->freectx == NULL)
-          || (deser->newctx != NULL && deser->freectx != NULL))
-        || (deser->deserialize == NULL && deser->export_object == NULL)) {
-        OSSL_DESERIALIZER_free(deser);
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_INVALID_PROVIDER_FUNCTIONS);
-        return NULL;
-    }
-
-    if (prov != NULL && !ossl_provider_up_ref(prov)) {
-        OSSL_DESERIALIZER_free(deser);
-        return NULL;
-    }
-
-    deser->base.prov = prov;
-    return deser;
-}
-
-
-/*
- * The core fetching functionality passes the names of the implementation.
- * This function is responsible to getting an identity number for them,
- * then call deserializer_from_dispatch() with that identity number.
- */
-static void *construct_deserializer(const OSSL_ALGORITHM *algodef,
-                                    OSSL_PROVIDER *prov, void *unused)
-{
-    /*
-     * This function is only called if get_deserializer_from_store() returned
-     * NULL, so it's safe to say that of all the spots to create a new
-     * namemap entry, this is it.  Should the name already exist there, we
-     * know that ossl_namemap_add() will return its corresponding number.
-     */
-    OPENSSL_CTX *libctx = ossl_provider_library_context(prov);
-    OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
-    const char *names = algodef->algorithm_names;
-    int id = ossl_namemap_add_names(namemap, 0, names, NAME_SEPARATOR);
-    void *method = NULL;
-
-    if (id != 0)
-        method = deserializer_from_dispatch(id, algodef, prov);
-
-    return method;
-}
-
-/* Intermediary function to avoid ugly casts, used below */
-static void destruct_deserializer(void *method, void *data)
-{
-    OSSL_DESERIALIZER_free(method);
-}
-
-static int up_ref_deserializer(void *method)
-{
-    return OSSL_DESERIALIZER_up_ref(method);
-}
-
-static void free_deserializer(void *method)
-{
-    OSSL_DESERIALIZER_free(method);
-}
-
-/* Fetching support.  Can fetch by numeric identity or by name */
-static OSSL_DESERIALIZER *inner_ossl_deserializer_fetch(OPENSSL_CTX *libctx,
-                                                        int id,
-                                                        const char *name,
-                                                        const char *properties)
-{
-    OSSL_METHOD_STORE *store = get_deserializer_store(libctx);
-    OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
-    void *method = NULL;
-
-    if (store == NULL || namemap == NULL)
-        return NULL;
-
-    /*
-     * If we have been passed neither a name_id or a name, we have an
-     * internal programming error.
-     */
-    if (!ossl_assert(id != 0 || name != NULL))
-        return NULL;
-
-    if (id == 0)
-        id = ossl_namemap_name2num(namemap, name);
-
-    if (id == 0
-        || !ossl_method_store_cache_get(store, id, properties, &method)) {
-        OSSL_METHOD_CONSTRUCT_METHOD mcm = {
-            alloc_tmp_deserializer_store,
-            dealloc_tmp_deserializer_store,
-            get_deserializer_from_store,
-            put_deserializer_in_store,
-            construct_deserializer,
-            destruct_deserializer
-        };
-        struct deserializer_data_st mcmdata;
-
-        mcmdata.libctx = libctx;
-        mcmdata.mcm = &mcm;
-        mcmdata.id = id;
-        mcmdata.names = name;
-        mcmdata.propquery = properties;
-        if ((method = ossl_method_construct(libctx, OSSL_OP_DESERIALIZER,
-                                            0 /* !force_cache */,
-                                            &mcm, &mcmdata)) != NULL) {
-            /*
-             * If construction did create a method for us, we know that
-             * there is a correct name_id and meth_id, since those have
-             * already been calculated in get_deserializer_from_store() and
-             * put_deserializer_in_store() above.
-             */
-            if (id == 0)
-                id = ossl_namemap_name2num(namemap, name);
-            ossl_method_store_cache_set(store, id, properties, method,
-                                        up_ref_deserializer, free_deserializer);
-        }
-    }
-
-    return method;
-}
-
-OSSL_DESERIALIZER *OSSL_DESERIALIZER_fetch(OPENSSL_CTX *libctx,
-                                           const char *name,
-                                           const char *properties)
-{
-    return inner_ossl_deserializer_fetch(libctx, 0, name, properties);
-}
-
-OSSL_DESERIALIZER *ossl_deserializer_fetch_by_number(OPENSSL_CTX *libctx,
-                                                     int id,
-                                                     const char *properties)
-{
-    return inner_ossl_deserializer_fetch(libctx, id, NULL, properties);
-}
-
-/*
- * Library of basic method functions
- */
-
-const OSSL_PROVIDER *OSSL_DESERIALIZER_provider(const OSSL_DESERIALIZER *deser)
-{
-    if (!ossl_assert(deser != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    return deser->base.prov;
-}
-
-const char *OSSL_DESERIALIZER_properties(const OSSL_DESERIALIZER *deser)
-{
-    if (!ossl_assert(deser != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    return deser->base.propdef;
-}
-
-int OSSL_DESERIALIZER_number(const OSSL_DESERIALIZER *deser)
-{
-    if (!ossl_assert(deser != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    return deser->base.id;
-}
-
-int OSSL_DESERIALIZER_is_a(const OSSL_DESERIALIZER *deser, const char *name)
-{
-    if (deser->base.prov != NULL) {
-        OPENSSL_CTX *libctx = ossl_provider_library_context(deser->base.prov);
-        OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
-
-        return ossl_namemap_name2num(namemap, name) == deser->base.id;
-    }
-    return 0;
-}
-
-struct deserializer_do_all_data_st {
-    void (*user_fn)(void *method, void *arg);
-    void *user_arg;
-};
-
-static void deserializer_do_one(OSSL_PROVIDER *provider,
-                                const OSSL_ALGORITHM *algodef,
-                                int no_store, void *vdata)
-{
-    struct deserializer_do_all_data_st *data = vdata;
-    OPENSSL_CTX *libctx = ossl_provider_library_context(provider);
-    OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
-    const char *names = algodef->algorithm_names;
-    int id = ossl_namemap_add_names(namemap, 0, names, NAME_SEPARATOR);
-    void *method = NULL;
-
-    if (id != 0)
-        method =
-            deserializer_from_dispatch(id, algodef, provider);
-
-    if (method != NULL) {
-        data->user_fn(method, data->user_arg);
-        OSSL_DESERIALIZER_free(method);
-    }
-}
-
-void OSSL_DESERIALIZER_do_all_provided(OPENSSL_CTX *libctx,
-                                       void (*fn)(OSSL_DESERIALIZER *deser,
-                                                  void *arg),
-                                       void *arg)
-{
-    struct deserializer_do_all_data_st data;
-
-    data.user_fn = (void (*)(void *, void *))fn;
-    data.user_arg = arg;
-    ossl_algorithm_do_all(libctx, OSSL_OP_DESERIALIZER, NULL,
-                          NULL, deserializer_do_one, NULL,
-                          &data);
-}
-
-void OSSL_DESERIALIZER_names_do_all(const OSSL_DESERIALIZER *deser,
-                                    void (*fn)(const char *name, void *data),
-                                    void *data)
-{
-    if (deser == NULL)
-        return;
-
-    if (deser->base.prov != NULL) {
-        OPENSSL_CTX *libctx = ossl_provider_library_context(deser->base.prov);
-        OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
-
-        ossl_namemap_doall_names(namemap, deser->base.id, fn, data);
-    }
-}
-
-const OSSL_PARAM *
-OSSL_DESERIALIZER_gettable_params(OSSL_DESERIALIZER *deser)
-{
-    if (deser != NULL && deser->gettable_params != NULL)
-        return deser->gettable_params(
-                   ossl_provider_ctx(OSSL_DESERIALIZER_provider(deser)));
-    return NULL;
-}
-
-int OSSL_DESERIALIZER_get_params(OSSL_DESERIALIZER *deser, OSSL_PARAM params[])
-{
-    if (deser != NULL && deser->get_params != NULL)
-        return deser->get_params(params);
-    return 0;
-}
-
-const OSSL_PARAM *
-OSSL_DESERIALIZER_settable_ctx_params(OSSL_DESERIALIZER *deser)
-{
-    if (deser != NULL && deser->settable_ctx_params != NULL)
-        return deser->settable_ctx_params(
-                   ossl_provider_ctx(OSSL_DESERIALIZER_provider(deser)));
-    return NULL;
-}
-
-/*
- * Deserializer context support
- */
-
-/*
- * |ser| value NULL is valid, and signifies that there is no deserializer.
- * This is useful to provide fallback mechanisms.
- *  Functions that want to verify if there is a deserializer can do so with
- * OSSL_DESERIALIZER_CTX_get_deserializer()
- */
-OSSL_DESERIALIZER_CTX *OSSL_DESERIALIZER_CTX_new(void)
-{
-    OSSL_DESERIALIZER_CTX *ctx;
-
-    if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    ctx->passphrase_cb = ossl_deserializer_passphrase_in_cb;
-    return ctx;
-}
-
-int OSSL_DESERIALIZER_CTX_set_params(OSSL_DESERIALIZER_CTX *ctx,
-                                     const OSSL_PARAM params[])
-{
-    size_t i;
-    size_t l;
-
-    if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_DESERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    if (ctx->deser_insts == NULL)
-        return 1;
-
-    l = (size_t)sk_OSSL_DESERIALIZER_INSTANCE_num(ctx->deser_insts);
-    for (i = 0; i < l; i++) {
-        OSSL_DESERIALIZER_INSTANCE *deser_inst =
-            sk_OSSL_DESERIALIZER_INSTANCE_value(ctx->deser_insts, i);
-
-        if (deser_inst->deserctx == NULL
-            || deser_inst->deser->set_ctx_params == NULL)
-            continue;
-        if (!deser_inst->deser->set_ctx_params(deser_inst->deserctx, params))
-            return 0;
-    }
-    return 1;
-}
-
-static void
-OSSL_DESERIALIZER_INSTANCE_free(OSSL_DESERIALIZER_INSTANCE *deser_inst)
-{
-    if (deser_inst != NULL) {
-        if (deser_inst->deser->freectx != NULL)
-            deser_inst->deser->freectx(deser_inst->deserctx);
-        deser_inst->deserctx = NULL;
-        OSSL_DESERIALIZER_free(deser_inst->deser);
-        deser_inst->deser = NULL;
-        OPENSSL_free(deser_inst);
-        deser_inst = NULL;
-    }
-}
-
-void OSSL_DESERIALIZER_CTX_free(OSSL_DESERIALIZER_CTX *ctx)
-{
-    if (ctx != NULL) {
-        if (ctx->cleanup != NULL)
-            ctx->cleanup(ctx->construct_data);
-        sk_OSSL_DESERIALIZER_INSTANCE_pop_free(ctx->deser_insts,
-                                               OSSL_DESERIALIZER_INSTANCE_free);
-        OSSL_DESERIALIZER_CTX_set_passphrase_ui(ctx, NULL, NULL);
-        OSSL_DESERIALIZER_CTX_set_passphrase(ctx, NULL, 0);
-        OPENSSL_free(ctx);
-    }
-}
diff --git a/crypto/serializer/serializer_err.c b/crypto/serializer/serializer_err.c
deleted file mode 100644
index 2ea8b8bede..0000000000
--- a/crypto/serializer/serializer_err.c
+++ /dev/null
@@ -1,33 +0,0 @@
-/*
- * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <openssl/err.h>
-#include <openssl/serializererr.h>
-
-#ifndef OPENSSL_NO_ERR
-
-static const ERR_STRING_DATA OSSL_SERIALIZER_str_reasons[] = {
-    {ERR_PACK(ERR_LIB_OSSL_SERIALIZER, 0, OSSL_SERIALIZER_R_INCORRECT_PROPERTY_QUERY),
-    "incorrect property query"},
-    {ERR_PACK(ERR_LIB_OSSL_SERIALIZER, 0, OSSL_SERIALIZER_R_SERIALIZER_NOT_FOUND),
-    "serializer not found"},
-    {0, NULL}
-};
-
-#endif
-
-int ERR_load_OSSL_SERIALIZER_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-    if (ERR_reason_error_string(OSSL_SERIALIZER_str_reasons[0].error) == NULL)
-        ERR_load_strings_const(OSSL_SERIALIZER_str_reasons);
-#endif
-    return 1;
-}
diff --git a/crypto/serializer/serializer_local.h b/crypto/serializer/serializer_local.h
deleted file mode 100644
index d139e402d7..0000000000
--- a/crypto/serializer/serializer_local.h
+++ /dev/null
@@ -1,140 +0,0 @@
-/*
- * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <openssl/core_dispatch.h>
-#include <openssl/types.h>
-#include <openssl/safestack.h>
-#include <openssl/serializer.h>
-#include <openssl/deserializer.h>
-#include "internal/cryptlib.h"
-#include "internal/refcount.h"
-
-struct ossl_serdes_base_st {
-    OSSL_PROVIDER *prov;
-    int id;
-    const char *propdef;
-
-    CRYPTO_REF_COUNT refcnt;
-    CRYPTO_RWLOCK *lock;
-};
-
-struct ossl_serializer_st {
-    struct ossl_serdes_base_st base;
-    OSSL_FUNC_serializer_newctx_fn *newctx;
-    OSSL_FUNC_serializer_freectx_fn *freectx;
-    OSSL_FUNC_serializer_set_ctx_params_fn *set_ctx_params;
-    OSSL_FUNC_serializer_settable_ctx_params_fn *settable_ctx_params;
-    OSSL_FUNC_serializer_serialize_data_fn *serialize_data;
-    OSSL_FUNC_serializer_serialize_object_fn *serialize_object;
-};
-
-struct ossl_deserializer_st {
-    struct ossl_serdes_base_st base;
-    OSSL_FUNC_deserializer_newctx_fn *newctx;
-    OSSL_FUNC_deserializer_freectx_fn *freectx;
-    OSSL_FUNC_deserializer_get_params_fn *get_params;
-    OSSL_FUNC_deserializer_gettable_params_fn *gettable_params;
-    OSSL_FUNC_deserializer_set_ctx_params_fn *set_ctx_params;
-    OSSL_FUNC_deserializer_settable_ctx_params_fn *settable_ctx_params;
-    OSSL_FUNC_deserializer_deserialize_fn *deserialize;
-    OSSL_FUNC_deserializer_export_object_fn *export_object;
-};
-
-struct ossl_serializer_ctx_st {
-    OSSL_SERIALIZER *ser;
-    void *serctx;
-
-    int selection;
-
-    /*-
-     * Output / serializing data, used by OSSL_SERIALIZER_to_{bio,fp}
-     *
-     * |object|         is the libcrypto object to handle.
-     * |do_output|      performs the actual serialization.
-     *
-     * |do_output| must have intimate knowledge of |object|.
-     */
-    const void *object;
-    int (*do_output)(OSSL_SERIALIZER_CTX *ctx, BIO *out);
-
-    /* For any function that needs a passphrase reader */
-    const UI_METHOD *ui_method;
-    void *ui_data;
-    /*
-     * if caller used OSSL_SERIALIZER_CTX_set_passphrase_cb(), we need
-     * intermediary storage.
-     */
-    UI_METHOD *allocated_ui_method;
-};
-
-struct ossl_deserializer_instance_st {
-    OSSL_DESERIALIZER *deser;    /* Never NULL */
-    void *deserctx;              /* Never NULL */
-    const char *input_type;      /* Never NULL */
-};
-
-DEFINE_STACK_OF(OSSL_DESERIALIZER_INSTANCE)
-
-struct ossl_deserializer_ctx_st {
-    /*
-     * The caller may know the input type of the data they pass.  If not,
-     * this will remain NULL and the deserializing functionality will start
-     * with trying to deserialize with any desserializer in |deser_insts|,
-     * regardless of their respective input type.
-     */
-    const char *start_input_type;
-
-    /*
-     * Deserializers that are components of any current deserialization path.
-     */
-    STACK_OF(OSSL_DESERIALIZER_INSTANCE) *deser_insts;
-
-    /*
-     * The constructors of a deserialization, and its caller argument.
-     */
-    OSSL_DESERIALIZER_CONSTRUCT *construct;
-    OSSL_DESERIALIZER_CLEANUP *cleanup;
-    void *construct_data;
-
-    /* For any function that needs a passphrase reader */
-    OSSL_PASSPHRASE_CALLBACK *passphrase_cb;
-    const UI_METHOD *ui_method;
-    void *ui_data;
-    /*
-     * if caller used OSSL_SERIALIZER_CTX_set_pem_password_cb(), we need
-     * intermediary storage.
-     */
-    UI_METHOD *allocated_ui_method;
-    /*
-     * Because the same input may pass through more than one deserializer,
-     * we cache any passphrase passed to us.  The desrializing processor
-     * must clear this at the end of a run.
-     */
-    unsigned char *cached_passphrase;
-    size_t cached_passphrase_len;
-
-    /*
-     * Flag section.  Keep these together
-     */
-
-    /*
-     * The passphrase was passed to us by the user.  In that case, it
-     * should only be freed when freeing this context.
-     */
-    unsigned int flag_user_passphrase:1;
-};
-
-/* Passphrase callbacks, found in serdes_pass.c */
-
-/*
- * Serializers typically want to get an outgoing passphrase, while
- * deserializers typically want to get en incoming passphrase.
- */
-OSSL_PASSPHRASE_CALLBACK ossl_serializer_passphrase_out_cb;
-OSSL_PASSPHRASE_CALLBACK ossl_deserializer_passphrase_in_cb;
diff --git a/crypto/serializer/serializer_meth.c b/crypto/serializer/serializer_meth.c
deleted file mode 100644
index 1489fff890..0000000000
--- a/crypto/serializer/serializer_meth.c
+++ /dev/null
@@ -1,522 +0,0 @@
-/*
- * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <openssl/core.h>
-#include <openssl/core_dispatch.h>
-#include <openssl/serializer.h>
-#include <openssl/ui.h>
-#include "internal/core.h"
-#include "internal/namemap.h"
-#include "internal/property.h"
-#include "internal/provider.h"
-#include "crypto/serializer.h"
-#include "serializer_local.h"
-
-/*
- * Serializer can have multiple names, separated with colons in a name string
- */
-#define NAME_SEPARATOR ':'
-
-/* Simple method structure constructor and destructor */
-static OSSL_SERIALIZER *ossl_serializer_new(void)
-{
-    OSSL_SERIALIZER *ser = NULL;
-
-    if ((ser = OPENSSL_zalloc(sizeof(*ser))) == NULL
-        || (ser->base.lock = CRYPTO_THREAD_lock_new()) == NULL) {
-        OSSL_SERIALIZER_free(ser);
-        ERR_raise(ERR_LIB_OSSL_SERIALIZER, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    ser->base.refcnt = 1;
-
-    return ser;
-}
-
-int OSSL_SERIALIZER_up_ref(OSSL_SERIALIZER *ser)
-{
-    int ref = 0;
-
-    CRYPTO_UP_REF(&ser->base.refcnt, &ref, ser->base.lock);
-    return 1;
-}
-
-void OSSL_SERIALIZER_free(OSSL_SERIALIZER *ser)
-{
-    int ref = 0;
-
-    if (ser == NULL)
-        return;
-
-    CRYPTO_DOWN_REF(&ser->base.refcnt, &ref, ser->base.lock);
-    if (ref > 0)
-        return;
-    ossl_provider_free(ser->base.prov);
-    CRYPTO_THREAD_lock_free(ser->base.lock);
-    OPENSSL_free(ser);
-}
-
-/* Permanent serializer method store, constructor and destructor */
-static void serializer_store_free(void *vstore)
-{
-    ossl_method_store_free(vstore);
-}
-
-static void *serializer_store_new(OPENSSL_CTX *ctx)
-{
-    return ossl_method_store_new(ctx);
-}
-
-
-static const OPENSSL_CTX_METHOD serializer_store_method = {
-    serializer_store_new,
-    serializer_store_free,
-};
-
-/* Data to be passed through ossl_method_construct() */
-struct serializer_data_st {
-    OPENSSL_CTX *libctx;
-    OSSL_METHOD_CONSTRUCT_METHOD *mcm;
-    int id;                      /* For get_serializer_from_store() */
-    const char *names;           /* For get_serializer_from_store() */
-    const char *propquery;       /* For get_serializer_from_store() */
-};
-
-/*
- * Generic routines to fetch / create SERIALIZER methods with
- * ossl_method_construct()
- */
-
-/* Temporary serializer method store, constructor and destructor */
-static void *alloc_tmp_serializer_store(OPENSSL_CTX *ctx)
-{
-    return ossl_method_store_new(ctx);
-}
-
- static void dealloc_tmp_serializer_store(void *store)
-{
-    if (store != NULL)
-        ossl_method_store_free(store);
-}
-
-/* Get the permanent serializer store */
-static OSSL_METHOD_STORE *get_serializer_store(OPENSSL_CTX *libctx)
-{
-    return openssl_ctx_get_data(libctx, OPENSSL_CTX_SERIALIZER_STORE_INDEX,
-                                &serializer_store_method);
-}
-
-/* Get serializer methods from a store, or put one in */
-static void *get_serializer_from_store(OPENSSL_CTX *libctx, void *store,
-                                       void *data)
-{
-    struct serializer_data_st *methdata = data;
-    void *method = NULL;
-    int id;
-
-    if ((id = methdata->id) == 0) {
-        OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
-
-        id = ossl_namemap_name2num(namemap, methdata->names);
-    }
-
-    if (store == NULL
-        && (store = get_serializer_store(libctx)) == NULL)
-        return NULL;
-
-    if (!ossl_method_store_fetch(store, id, methdata->propquery, &method))
-        return NULL;
-    return method;
-}
-
-static int put_serializer_in_store(OPENSSL_CTX *libctx, void *store,
-                                   void *method, const OSSL_PROVIDER *prov,
-                                   int operation_id, const char *names,
-                                   const char *propdef, void *unused)
-{
-    OSSL_NAMEMAP *namemap;
-    int id;
-
-    if ((namemap = ossl_namemap_stored(libctx)) == NULL
-        || (id = ossl_namemap_name2num(namemap, names)) == 0)
-        return 0;
-
-    if (store == NULL && (store = get_serializer_store(libctx)) == NULL)
-        return 0;
-
-    return ossl_method_store_add(store, prov, id, propdef, method,
-                                 (int (*)(void *))OSSL_SERIALIZER_up_ref,
-                                 (void (*)(void *))OSSL_SERIALIZER_free);
-}
-
-/* Create and populate a serializer method */
-static void *serializer_from_dispatch(int id, const OSSL_ALGORITHM *algodef,
-                                      OSSL_PROVIDER *prov)
-{
-    OSSL_SERIALIZER *ser = NULL;
-    const OSSL_DISPATCH *fns = algodef->implementation;
-
-    if ((ser = ossl_serializer_new()) == NULL)
-        return NULL;
-    ser->base.id = id;
-    ser->base.propdef = algodef->property_definition;
-
-    for (; fns->function_id != 0; fns++) {
-        switch (fns->function_id) {
-        case OSSL_FUNC_SERIALIZER_NEWCTX:
-            if (ser->newctx == NULL)
-                ser->newctx =
-                    OSSL_FUNC_serializer_newctx(fns);
-            break;
-        case OSSL_FUNC_SERIALIZER_FREECTX:
-            if (ser->freectx == NULL)
-                ser->freectx =
-                    OSSL_FUNC_serializer_freectx(fns);
-            break;
-        case OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS:
-            if (ser->set_ctx_params == NULL)
-                ser->set_ctx_params =
-                    OSSL_FUNC_serializer_set_ctx_params(fns);
-            break;
-        case OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS:
-            if (ser->settable_ctx_params == NULL)
-                ser->settable_ctx_params =
-                    OSSL_FUNC_serializer_settable_ctx_params(fns);
-            break;
-        case OSSL_FUNC_SERIALIZER_SERIALIZE_DATA:
-            if (ser->serialize_data == NULL)
-                ser->serialize_data =
-                    OSSL_FUNC_serializer_serialize_data(fns);
-            break;
-        case OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT:
-            if (ser->serialize_object == NULL)
-                ser->serialize_object =
-                    OSSL_FUNC_serializer_serialize_object(fns);
-            break;
-        }
-    }
-    /*
-     * Try to check that the method is sensible.
-     * If you have a constructor, you must have a destructor and vice versa.
-     * You must have at least one of the serializing driver functions.
-     */
-    if (!((ser->newctx == NULL && ser->freectx == NULL)
-          || (ser->newctx != NULL && ser->freectx != NULL))
-        || (ser->serialize_data == NULL && ser->serialize_object == NULL)) {
-        OSSL_SERIALIZER_free(ser);
-        ERR_raise(ERR_LIB_OSSL_SERIALIZER, ERR_R_INVALID_PROVIDER_FUNCTIONS);
-        return NULL;
-    }
-
-    if (prov != NULL && !ossl_provider_up_ref(prov)) {
-        OSSL_SERIALIZER_free(ser);
-        return NULL;
-    }
-
-    ser->base.prov = prov;
-    return ser;
-}
-
-
-/*
- * The core fetching functionality passes the names of the implementation.
- * This function is responsible to getting an identity number for them,
- * then call serializer_from_dispatch() with that identity number.
- */
-static void *construct_serializer(const OSSL_ALGORITHM *algodef,
-                                  OSSL_PROVIDER *prov, void *unused)
-{
-    /*
-     * This function is only called if get_serializer_from_store() returned
-     * NULL, so it's safe to say that of all the spots to create a new
-     * namemap entry, this is it.  Should the name already exist there, we
-     * know that ossl_namemap_add() will return its corresponding number.
-     */
-    OPENSSL_CTX *libctx = ossl_provider_library_context(prov);
-    OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
-    const char *names = algodef->algorithm_names;
-    int id = ossl_namemap_add_names(namemap, 0, names, NAME_SEPARATOR);
-    void *method = NULL;
-
-    if (id != 0)
-        method = serializer_from_dispatch(id, algodef, prov);
-
-    return method;
-}
-
-/* Intermediary function to avoid ugly casts, used below */
-static void destruct_serializer(void *method, void *data)
-{
-    OSSL_SERIALIZER_free(method);
-}
-
-static int up_ref_serializer(void *method)
-{
-    return OSSL_SERIALIZER_up_ref(method);
-}
-
-static void free_serializer(void *method)
-{
-    OSSL_SERIALIZER_free(method);
-}
-
-/* Fetching support.  Can fetch by numeric identity or by name */
-static OSSL_SERIALIZER *inner_ossl_serializer_fetch(OPENSSL_CTX *libctx,
-                                                    int id, const char *name,
-                                                    const char *properties)
-{
-    OSSL_METHOD_STORE *store = get_serializer_store(libctx);
-    OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
-    void *method = NULL;
-
-    if (store == NULL || namemap == NULL)
-        return NULL;
-
-    /*
-     * If we have been passed neither a name_id or a name, we have an
-     * internal programming error.
-     */
-    if (!ossl_assert(id != 0 || name != NULL))
-        return NULL;
-
-    if (id == 0)
-        id = ossl_namemap_name2num(namemap, name);
-
-    if (id == 0
-        || !ossl_method_store_cache_get(store, id, properties, &method)) {
-        OSSL_METHOD_CONSTRUCT_METHOD mcm = {
-            alloc_tmp_serializer_store,
-            dealloc_tmp_serializer_store,
-            get_serializer_from_store,
-            put_serializer_in_store,
-            construct_serializer,
-            destruct_serializer
-        };
-        struct serializer_data_st mcmdata;
-
-        mcmdata.libctx = libctx;
-        mcmdata.mcm = &mcm;
-        mcmdata.id = id;
-        mcmdata.names = name;
-        mcmdata.propquery = properties;
-        if ((method = ossl_method_construct(libctx, OSSL_OP_SERIALIZER,
-                                            0 /* !force_cache */,
-                                            &mcm, &mcmdata)) != NULL) {
-            /*
-             * If construction did create a method for us, we know that
-             * there is a correct name_id and meth_id, since those have
-             * already been calculated in get_serializer_from_store() and
-             * put_serializer_in_store() above.
-             */
-            if (id == 0)
-                id = ossl_namemap_name2num(namemap, name);
-            ossl_method_store_cache_set(store, id, properties, method,
-                                        up_ref_serializer, free_serializer);
-        }
-    }
-
-    return method;
-}
-
-OSSL_SERIALIZER *OSSL_SERIALIZER_fetch(OPENSSL_CTX *libctx, const char *name,
-                                       const char *properties)
-{
-    return inner_ossl_serializer_fetch(libctx, 0, name, properties);
-}
-
-OSSL_SERIALIZER *ossl_serializer_fetch_by_number(OPENSSL_CTX *libctx, int id,
-                                                 const char *properties)
-{
-    return inner_ossl_serializer_fetch(libctx, id, NULL, properties);
-}
-
-/*
- * Library of basic method functions
- */
-
-const OSSL_PROVIDER *OSSL_SERIALIZER_provider(const OSSL_SERIALIZER *ser)
-{
-    if (!ossl_assert(ser != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_SERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    return ser->base.prov;
-}
-
-const char *OSSL_SERIALIZER_properties(const OSSL_SERIALIZER *ser)
-{
-    if (!ossl_assert(ser != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_SERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    return ser->base.propdef;
-}
-
-int OSSL_SERIALIZER_number(const OSSL_SERIALIZER *ser)
-{
-    if (!ossl_assert(ser != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_SERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    return ser->base.id;
-}
-
-int OSSL_SERIALIZER_is_a(const OSSL_SERIALIZER *ser, const char *name)
-{
-    if (ser->base.prov != NULL) {
-        OPENSSL_CTX *libctx = ossl_provider_library_context(ser->base.prov);
-        OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
-
-        return ossl_namemap_name2num(namemap, name) == ser->base.id;
-    }
-    return 0;
-}
-
-struct serializer_do_all_data_st {
-    void (*user_fn)(void *method, void *arg);
-    void *user_arg;
-};
-
-static void serializer_do_one(OSSL_PROVIDER *provider,
-                              const OSSL_ALGORITHM *algodef,
-                              int no_store, void *vdata)
-{
-    struct serializer_do_all_data_st *data = vdata;
-    OPENSSL_CTX *libctx = ossl_provider_library_context(provider);
-    OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
-    const char *names = algodef->algorithm_names;
-    int id = ossl_namemap_add_names(namemap, 0, names, NAME_SEPARATOR);
-    void *method = NULL;
-
-    if (id != 0)
-        method =
-            serializer_from_dispatch(id, algodef, provider);
-
-    if (method != NULL) {
-        data->user_fn(method, data->user_arg);
-        OSSL_SERIALIZER_free(method);
-    }
-}
-
-void OSSL_SERIALIZER_do_all_provided(OPENSSL_CTX *libctx,
-                                     void (*fn)(OSSL_SERIALIZER *ser,
-                                                void *arg),
-                                     void *arg)
-{
-    struct serializer_do_all_data_st data;
-
-    data.user_fn = (void (*)(void *, void *))fn;
-    data.user_arg = arg;
-
-    /*
-     * No pre- or post-condition for this call, as this only creates methods
-     * temporarly and then promptly destroys them.
-     */
-    ossl_algorithm_do_all(libctx, OSSL_OP_SERIALIZER, NULL, NULL,
-                          serializer_do_one, NULL, &data);
-}
-
-void OSSL_SERIALIZER_names_do_all(const OSSL_SERIALIZER *ser,
-                                  void (*fn)(const char *name, void *data),
-                                  void *data)
-{
-    if (ser == NULL)
-        return;
-
-    if (ser->base.prov != NULL) {
-        OPENSSL_CTX *libctx = ossl_provider_library_context(ser->base.prov);
-        OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
-
-        ossl_namemap_doall_names(namemap, ser->base.id, fn, data);
-    }
-}
-
-const OSSL_PARAM *OSSL_SERIALIZER_settable_ctx_params(OSSL_SERIALIZER *ser)
-{
-    if (ser != NULL && ser->settable_ctx_params != NULL)
-        return ser->settable_ctx_params(
-                   ossl_provider_ctx(OSSL_SERIALIZER_provider(ser)));
-    return NULL;
-}
-
-/*
- * Serializer context support
- */
-
-/*
- * |ser| value NULL is valid, and signifies that there is no serializer.
- * This is useful to provide fallback mechanisms.
- *  Functions that want to verify if there is a serializer can do so with
- * OSSL_SERIALIZER_CTX_get_serializer()
- */
-OSSL_SERIALIZER_CTX *OSSL_SERIALIZER_CTX_new(OSSL_SERIALIZER *ser)
-{
-    OSSL_SERIALIZER_CTX *ctx;
-
-    if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) {
-        ERR_raise(ERR_LIB_OSSL_SERIALIZER, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    ctx->ser = ser;
-    if (ser != NULL && ser->newctx != NULL) {
-        const OSSL_PROVIDER *prov = OSSL_SERIALIZER_provider(ser);
-        void *provctx = ossl_provider_ctx(prov);
-
-        if (OSSL_SERIALIZER_up_ref(ser)) {
-            ctx->serctx = ser->newctx(provctx);
-        } else {
-            OSSL_SERIALIZER_free(ser);
-            OPENSSL_free(ctx);
-            ctx = NULL;
-        }
-    }
-
-    return ctx;
-}
-
-const OSSL_SERIALIZER *
-OSSL_SERIALIZER_CTX_get_serializer(OSSL_SERIALIZER_CTX *ctx)
-{
-    if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_SERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    return ctx->ser;
-}
-
-
-int OSSL_SERIALIZER_CTX_set_params(OSSL_SERIALIZER_CTX *ctx,
-                                   const OSSL_PARAM params[])
-{
-    if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_SERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    if (ctx->ser != NULL && ctx->ser->set_ctx_params != NULL)
-        return ctx->ser->set_ctx_params(ctx->serctx, params);
-    return 0;
-}
-
-void OSSL_SERIALIZER_CTX_free(OSSL_SERIALIZER_CTX *ctx)
-{
-    if (ctx != NULL) {
-        if (ctx->ser != NULL && ctx->ser->freectx != NULL)
-            ctx->ser->freectx(ctx->serctx);
-        OSSL_SERIALIZER_free(ctx->ser);
-        UI_destroy_method(ctx->allocated_ui_method);
-        OPENSSL_free(ctx);
-    }
-}
diff --git a/crypto/serializer/serializer_pkey.c b/crypto/serializer/serializer_pkey.c
deleted file mode 100644
index d31b3cce8b..0000000000
--- a/crypto/serializer/serializer_pkey.c
+++ /dev/null
@@ -1,275 +0,0 @@
-/*
- * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <openssl/err.h>
-#include <openssl/ui.h>
-#include <openssl/params.h>
-#include <openssl/serializer.h>
-#include <openssl/core_names.h>
-#include <openssl/safestack.h>
-#include "internal/provider.h"
-#include "internal/property.h"
-#include "crypto/evp.h"
-#include "serializer_local.h"
-
-DEFINE_STACK_OF_CSTRING()
-
-int OSSL_SERIALIZER_CTX_set_cipher(OSSL_SERIALIZER_CTX *ctx,
-                                   const char *cipher_name,
-                                   const char *propquery)
-{
-    OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END };
-
-    params[0] =
-        OSSL_PARAM_construct_utf8_string(OSSL_SERIALIZER_PARAM_CIPHER,
-                                         (void *)cipher_name, 0);
-    params[1] =
-        OSSL_PARAM_construct_utf8_string(OSSL_SERIALIZER_PARAM_PROPERTIES,
-                                         (void *)propquery, 0);
-
-    return OSSL_SERIALIZER_CTX_set_params(ctx, params);
-}
-
-int OSSL_SERIALIZER_CTX_set_passphrase(OSSL_SERIALIZER_CTX *ctx,
-                                       const unsigned char *kstr,
-                                       size_t klen)
-{
-    OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
-
-    params[0] = OSSL_PARAM_construct_octet_string(OSSL_SERIALIZER_PARAM_PASS,
-                                                  (void *)kstr, klen);
-
-    return OSSL_SERIALIZER_CTX_set_params(ctx, params);
-}
-
-static void serializer_ctx_reset_passphrase_ui(OSSL_SERIALIZER_CTX *ctx)
-{
-    UI_destroy_method(ctx->allocated_ui_method);
-    ctx->allocated_ui_method = NULL;
-    ctx->ui_method = NULL;
-    ctx->ui_data = NULL;
-}
-
-int OSSL_SERIALIZER_CTX_set_passphrase_ui(OSSL_SERIALIZER_CTX *ctx,
-                                          const UI_METHOD *ui_method,
-                                          void *ui_data)
-{
-    if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_SERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    serializer_ctx_reset_passphrase_ui(ctx);
-    ctx->ui_method = ui_method;
-    ctx->ui_data = ui_data;
-    return 1;
-}
-
-int OSSL_SERIALIZER_CTX_set_passphrase_cb(OSSL_SERIALIZER_CTX *ctx,
-                                          pem_password_cb *cb, void *cbarg)
-{
-    if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_SERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    serializer_ctx_reset_passphrase_ui(ctx);
-    if (cb == NULL)
-        return 1;
-    ctx->ui_method =
-        ctx->allocated_ui_method = UI_UTIL_wrap_read_pem_callback(cb, 1);
-    ctx->ui_data = cbarg;
-
-    return ctx->ui_method != NULL;
-}
-
-/*
- * Support for OSSL_SERIALIZER_CTX_new_by_TYPE:
- * finding a suitable serializer
- */
-
-struct selected_serializer_st {
-    STACK_OF(OPENSSL_CSTRING) *names;
-    int error;
-};
-
-static void cache_serializers(const char *name, void *data)
-{
-    struct selected_serializer_st *d = data;
-
-    if (sk_OPENSSL_CSTRING_push(d->names, name) <= 0)
-        d->error = 1;
-}
-
-/*
- * Support for OSSL_SERIALIZER_to_bio:
- * writing callback for the OSSL_PARAM (the implementation doesn't have
- * intimate knowledge of the provider side object)
- */
-
-struct serializer_write_data_st {
-    OSSL_SERIALIZER_CTX *ctx;
-    BIO *out;
-};
-
-static int serializer_write_cb(const OSSL_PARAM params[], void *arg)
-{
-    struct serializer_write_data_st *write_data = arg;
-    OSSL_SERIALIZER_CTX *ctx = write_data->ctx;
-    BIO *out = write_data->out;
-
-    return ctx->ser->serialize_data(ctx->serctx, params, (OSSL_CORE_BIO *)out,
-                                    ossl_serializer_passphrase_out_cb, ctx);
-}
-
-/*
- * Support for OSSL_SERIALIZER_to_bio:
- * Perform the actual output.
- */
-
-static int serializer_EVP_PKEY_to_bio(OSSL_SERIALIZER_CTX *ctx, BIO *out)
-{
-    const EVP_PKEY *pkey = ctx->object;
-    void *keydata = pkey->keydata;
-    EVP_KEYMGMT *keymgmt = pkey->keymgmt;
-
-    /*
-     * OSSL_SERIALIZER_CTX_new() creates a context, even when the
-     * serializer it's given is NULL.  Callers can detect the lack
-     * of serializer with OSSL_SERIALIZER_CTX_get_serializer() and
-     * should take precautions, possibly call a fallback instead of
-     * OSSL_SERIALIZER_to_bio() / OSSL_SERIALIZER_to_fp().  If it's
-     * come this far, we return an error.
-     */
-    if (ctx->ser == NULL)
-        return 0;
-
-    if (ctx->ser->serialize_object == NULL
-        || OSSL_SERIALIZER_provider(ctx->ser) != EVP_KEYMGMT_provider(keymgmt)) {
-        struct serializer_write_data_st write_data;
-
-        write_data.ctx = ctx;
-        write_data.out = out;
-
-        return evp_keymgmt_export(keymgmt, keydata, ctx->selection,
-                                  &serializer_write_cb, &write_data);
-    }
-
-    return ctx->ser->serialize_object(ctx->serctx, keydata,
-                                      (OSSL_CORE_BIO *)out,
-                                      ossl_serializer_passphrase_out_cb, ctx);
-}
-
-/*
- * OSSL_SERIALIZER_CTX_new_by_EVP_PKEY() returns a ctx with no serializer if
- * it couldn't find a suitable serializer.  This allows a caller to detect if
- * a suitable serializer was found, with OSSL_SERIALIZER_CTX_get_serializer(),
- * and to use fallback methods if the result is NULL.
- */
-OSSL_SERIALIZER_CTX *OSSL_SERIALIZER_CTX_new_by_EVP_PKEY(const EVP_PKEY *pkey,
-                                                         const char *propquery)
-{
-    OSSL_SERIALIZER_CTX *ctx = NULL;
-    OSSL_SERIALIZER *ser = NULL;
-    EVP_KEYMGMT *keymgmt = pkey->keymgmt;
-    int selection = OSSL_KEYMGMT_SELECT_ALL;
-
-    if (!ossl_assert(pkey != NULL && propquery != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_SERIALIZER, ERR_R_PASSED_NULL_PARAMETER);
-        return NULL;
-    }
-
-    if (keymgmt != NULL) {
-        const OSSL_PROVIDER *desired_prov = EVP_KEYMGMT_provider(keymgmt);
-        OPENSSL_CTX *libctx = ossl_provider_library_context(desired_prov);
-        struct selected_serializer_st sel_data;
-        OSSL_SERIALIZER *first = NULL;
-        const char *name;
-        int i;
-
-        /*
-         * Select the serializer in two steps.  First, get the names of all of
-         * the serializers.  Then determine which is the best one to use.
-         * This has to be broken because it isn't possible to fetch the
-         * serialisers inside EVP_KEYMGMT_names_do_all() due to locking
-         * order inversions with the store lock.
-         */
-        sel_data.error = 0;
-        sel_data.names = sk_OPENSSL_CSTRING_new_null();
-        if (sel_data.names == NULL)
-            return NULL;
-        EVP_KEYMGMT_names_do_all(keymgmt, cache_serializers, &sel_data);
-        /*
-         * Ignore memory allocation errors that are indicated in sel_data.error
-         * in case a suitable provider does get found regardless.
-         */
-
-        /*
-         * Serializers offer two functions, one that handles object data in
-         * the form of a OSSL_PARAM array, and one that directly handles a
-         * provider side object.  The latter requires that the serializer
-         * is offered by the same provider that holds that object, but is
-         * more desirable because it usually provides faster serialization.
-         *
-         * When looking up possible serializers, we save the first that can
-         * handle an OSSL_PARAM array in |first| and use that if nothing
-         * better turns up.
-         */
-        for (i = 0; i < sk_OPENSSL_CSTRING_num(sel_data.names); i++) {
-            name = sk_OPENSSL_CSTRING_value(sel_data.names, i);
-            ser = OSSL_SERIALIZER_fetch(libctx, name, propquery);
-            if (ser != NULL) {
-                if (OSSL_SERIALIZER_provider(ser) == desired_prov
-                        && ser->serialize_object != NULL) {
-                    OSSL_SERIALIZER_free(first);
-                    break;
-                }
-                if (first == NULL && ser->serialize_data != NULL)
-                    first = ser;
-                else
-                    OSSL_SERIALIZER_free(ser);
-                ser = NULL;
-            }
-        }
-        sk_OPENSSL_CSTRING_free(sel_data.names);
-        if (ser == NULL)
-            ser = first;
-
-        if (ser != NULL) {
-            OSSL_PROPERTY_LIST *check = NULL, *current_props = NULL;
-
-            check = ossl_parse_query(libctx, "type=parameters");
-            current_props =
-                ossl_parse_property(libctx, OSSL_SERIALIZER_properties(ser));
-            if (ossl_property_match_count(check, current_props) > 0)
-                selection = OSSL_KEYMGMT_SELECT_ALL_PARAMETERS;
-            ossl_property_free(current_props);
-            ossl_property_free(check);
-        } else {
-            if (sel_data.error)
-                ERR_raise(ERR_LIB_OSSL_SERIALIZER, ERR_R_MALLOC_FAILURE);
-            else
-                ERR_raise(ERR_LIB_OSSL_SERIALIZER,
-                          OSSL_SERIALIZER_R_SERIALIZER_NOT_FOUND);
-        }
-    }
-
-    ctx = OSSL_SERIALIZER_CTX_new(ser); /* refcnt(ser)++ */
-    OSSL_SERIALIZER_free(ser);          /* refcnt(ser)-- */
-
-    if (ctx != NULL) {
-        /* Setup for OSSL_SERIALIZE_to_bio() */
-        ctx->selection = selection;
-        ctx->object = pkey;
-        ctx->do_output = serializer_EVP_PKEY_to_bio;
-    }
-
-    return ctx;
-}
-
diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c
index 59f4a14895..cb47f917ad 100644
--- a/crypto/x509/x_pubkey.c
+++ b/crypto/x509/x_pubkey.c
@@ -22,7 +22,7 @@
 #include "crypto/x509.h"
 #include <openssl/rsa.h>
 #include <openssl/dsa.h>
-#include <openssl/serializer.h>
+#include <openssl/encoder.h>
 
 struct X509_pubkey_st {
     X509_ALGOR *algor;
@@ -97,18 +97,18 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
         }
     } else if (pkey->keymgmt != NULL) {
         BIO *bmem = BIO_new(BIO_s_mem());
-        const char *serprop = OSSL_SERIALIZER_PUBKEY_TO_DER_PQ;
-        OSSL_SERIALIZER_CTX *sctx =
-            OSSL_SERIALIZER_CTX_new_by_EVP_PKEY(pkey, serprop);
+        const char *encprop = OSSL_ENCODER_PUBKEY_TO_DER_PQ;
+        OSSL_ENCODER_CTX *ectx =
+            OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey, encprop);
 
-        if (OSSL_SERIALIZER_to_bio(sctx, bmem)) {
+        if (OSSL_ENCODER_to_bio(ectx, bmem)) {
             const unsigned char *der = NULL;
             long derlen = BIO_get_mem_data(bmem, (char **)&der);
 
             pk = d2i_X509_PUBKEY(NULL, &der, derlen);
         }
 
-        OSSL_SERIALIZER_CTX_free(sctx);
+        OSSL_ENCODER_CTX_free(ectx);
         BIO_free(bmem);
     }
 
@@ -124,7 +124,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
 
     /*
      * pk->pkey is NULL when using the legacy routine, but is non-NULL when
-     * going through the serializer, and for all intents and purposes, it's
+     * going through the encoder, and for all intents and purposes, it's
      * a perfect copy of |pkey|, just not the same instance.  In that case,
      * we could simply return early, right here.
      * However, in the interest of being cautious leaning on paranoia, some
@@ -303,16 +303,16 @@ int i2d_PUBKEY(const EVP_PKEY *a, unsigned char **pp)
         }
         X509_PUBKEY_free(xpk);
     } else if (a->keymgmt != NULL) {
-        const char *serprop = OSSL_SERIALIZER_PUBKEY_TO_DER_PQ;
-        OSSL_SERIALIZER_CTX *ctx =
-            OSSL_SERIALIZER_CTX_new_by_EVP_PKEY(a, serprop);
+        const char *encprop = OSSL_ENCODER_PUBKEY_TO_DER_PQ;
+        OSSL_ENCODER_CTX *ctx =
+            OSSL_ENCODER_CTX_new_by_EVP_PKEY(a, encprop);
         BIO *out = BIO_new(BIO_s_mem());
         BUF_MEM *buf = NULL;
 
         if (ctx != NULL
             && out != NULL
-            && OSSL_SERIALIZER_CTX_get_serializer(ctx) != NULL
-            && OSSL_SERIALIZER_to_bio(ctx, out)
+            && OSSL_ENCODER_CTX_get_encoder(ctx) != NULL
+            && OSSL_ENCODER_to_bio(ctx, out)
             && BIO_get_mem_ptr(out, &buf) > 0) {
             ret = buf->length;
 
@@ -328,7 +328,7 @@ int i2d_PUBKEY(const EVP_PKEY *a, unsigned char **pp)
             }
         }
         BIO_free(out);
-        OSSL_SERIALIZER_CTX_free(ctx);
+        OSSL_ENCODER_CTX_free(ctx);
     }
 
     return ret;
diff --git a/doc/man1/openssl-list.pod.in b/doc/man1/openssl-list.pod.in
index df970a0959..26680849a2 100644
--- a/doc/man1/openssl-list.pod.in
+++ b/doc/man1/openssl-list.pod.in
@@ -19,8 +19,8 @@ B<openssl list>
 [B<-random-generators>]
 [B<-cipher-commands>]
 [B<-cipher-algorithms>]
-[B<-serializers>]
-[B<-deserializers>]
+[B<-encoders>]
+[B<-decoders>]
 [B<-public-key-algorithms>]
 {- output_off() if $disabled{"deprecated-3.0"}; ""
 -}[B<-public-key-methods>]
@@ -84,18 +84,18 @@ Display a list of random number generators.
 See L</Display of algorithm names> for a description of how names are
 displayed.
 
-=item B<-serializers>
+=item B<-encoders>
 
-Display a list of serializers.
+Display a list of encoders.
 See L</Display of algorithm names> for a description of how names are
 displayed.
 
 In verbose mode, the algorithms provided by a provider will get additional
 information on what parameters each implementation supports.
 
-=item B<-deserializers>
+=item B<-decoders>
 
-Display a list of deserializers.
+Display a list of decoders.
 See L</Display of algorithm names> for a description of how names are
 displayed.
 
diff --git a/doc/man3/OSSL_DECODER.pod b/doc/man3/OSSL_DECODER.pod
new file mode 100644
index 0000000000..96d0a51ca5
--- /dev/null
+++ b/doc/man3/OSSL_DECODER.pod
@@ -0,0 +1,142 @@
+=pod
+
+=head1 NAME
+
+OSSL_DECODER,
+OSSL_DECODER_fetch,
+OSSL_DECODER_up_ref,
+OSSL_DECODER_free,
+OSSL_DECODER_provider,
+OSSL_DECODER_properties,
+OSSL_DECODER_is_a,
+OSSL_DECODER_number,
+OSSL_DECODER_do_all_provided,
+OSSL_DECODER_names_do_all,
+OSSL_DECODER_gettable_params,
+OSSL_DECODER_get_params
+- Decoder method routines
+
+=head1 SYNOPSIS
+
+ #include <openssl/decoder.h>
+
+ typedef struct ossl_decoder_st OSSL_DECODER;
+
+ OSSL_DECODER *OSSL_DECODER_fetch(OPENSSL_CTX *ctx, const char *name,
+                                  const char *properties);
+ int OSSL_DECODER_up_ref(OSSL_DECODER *decoder);
+ void OSSL_DECODER_free(OSSL_DECODER *decoder);
+ const OSSL_PROVIDER *OSSL_DECODER_provider(const OSSL_DECODER *decoder);
+ const char *OSSL_DECODER_properties(const OSSL_DECODER *decoder);
+ int OSSL_DECODER_is_a(const OSSL_DECODER *decoder, const char *name);
+ int OSSL_DECODER_number(const OSSL_DECODER *decoder);
+ void OSSL_DECODER_do_all_provided(OPENSSL_CTX *libctx,
+                                   void (*fn)(OSSL_DECODER *decoder, void *arg),
+                                   void *arg);
+ void OSSL_DECODER_names_do_all(const OSSL_DECODER *decoder,
+                                void (*fn)(const char *name, void *data),
+                                void *data);
+ const OSSL_PARAM *OSSL_DECODER_gettable_params(OSSL_DECODER *decoder);
+ int OSSL_DECODER_get_params(OSSL_DECODER_CTX *ctx, const OSSL_PARAM params[]);
+
+=head1 DESCRIPTION
+
+B<OSSL_DECODER> is a method for decoders, which know how to
+decode encoded data into an object of some type that the rest
+of OpenSSL knows how to handle.
+
+OSSL_DECODER_fetch() looks for an algorithm within the provider that
+has been loaded into the B<OPENSSL_CTX> given by I<ctx>, having the
+name given by I<name> and the properties given by I<properties>.
+The I<name> determines what type of object the fetched decoder
+method is expected to be able to decode, and the properties are
+used to determine the expected output type.
+For known properties and the values they may have, please have a look
+in L<provider-encoder(7)/Names and properties>.
+
+OSSL_DECODER_up_ref() increments the reference count for the given
+I<decoder>.
+
+OSSL_DECODER_free() decrements the reference count for the given
+I<decoder>, and when the count reaches zero, frees it.
+
+OSSL_DECODER_provider() returns the provider of the given
+I<decoder>.
+
+OSSL_DECODER_properties() returns the property definition associated
+with the given I<decoder>.
+
+OSSL_DECODER_is_a() checks if I<decoder> is an implementation
+of an algorithm that's identifiable with I<name>.
+
+OSSL_DECODER_number() returns the internal dynamic number assigned
+to the given I<decoder>.
+
+OSSL_DECODER_names_do_all() traverses all names for the given
+I<decoder>, and calls I<fn> with each name and I<data>.
+
+OSSL_DECODER_do_all_provided() traverses all encoder
+implementations by all activated providers in the library context
+I<libctx>, and for each of the implementations, calls I<fn> with the
+implementation method and I<data> as arguments.
+
+OSSL_DECODER_gettable_params() returns an L<OSSL_PARAM(3)>
+array of parameter descriptors.
+
+OSSL_DECODER_get_params() attempts to get parameters specified
+with an L<OSSL_PARAM(3)> array I<params>.  Parameters that the
+implementation doesn't recognise should be ignored.
+
+=head1 RETURN VALUES
+
+OSSL_DECODER_fetch() returns a pointer to an OSSL_DECODER object,
+or NULL on error.
+
+OSSL_DECODER_up_ref() returns 1 on success, or 0 on error.
+
+OSSL_DECODER_free() doesn't return any value.
+
+OSSL_DECODER_provider() returns a pointer to a provider object, or
+NULL on error.
+
+OSSL_DECODER_properties() returns a pointer to a property
+definition string, or NULL on error.
+
+OSSL_DECODER_is_a() returns 1 if I<decoder> was identifiable,
+otherwise 0.
+
+OSSL_DECODER_number() returns an integer.
+
+=head1 NOTES
+
+OSSL_DECODER_fetch() may be called implicitly by other fetching
+functions, using the same library context and properties.
+Any other API that uses keys will typically do this.
+
+=begin comment TODO(3.0) Add examples!
+
+=head1 EXAMPLES
+
+Text, because pod2xxx doesn't like empty sections
+
+=end comment
+
+=head1 SEE ALSO
+
+L<provider(7)>, L<OSSL_DECODER_CTX(3)>, L<OSSL_DECODER_from_bio(3)>,
+L<OSSL_DECODER_CTX_new_by_EVP_PKEY(3)>, L<OPENSSL_CTX(3)>
+
+=head1 HISTORY
+
+The functions described here were added in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man3/OSSL_DECODER_CTX.pod b/doc/man3/OSSL_DECODER_CTX.pod
new file mode 100644
index 0000000000..7dbd7550df
--- /dev/null
+++ b/doc/man3/OSSL_DECODER_CTX.pod
@@ -0,0 +1,74 @@
+=pod
+
+=head1 NAME
+
+OSSL_DECODER_CTX,
+OSSL_DECODER_CTX_new,
+OSSL_DECODER_settable_ctx_params,
+OSSL_DECODER_CTX_set_params,
+OSSL_DECODER_CTX_free
+- Encoder context routines
+
+=head1 SYNOPSIS
+
+ #include <openssl/decoder.h>
+
+ typedef struct ossl_decoder_ctx_st OSSL_DECODER_CTX;
+
+ OSSL_DECODER_CTX *OSSL_DECODER_CTX_new(OPENSSL_CTX *libctx);
+ const OSSL_PARAM *OSSL_DECODER_settable_ctx_params(OSSL_DECODER *decoder);
+ int OSSL_DECODER_CTX_set_params(OSSL_DECODER_CTX *ctx,
+                                 const OSSL_PARAM params[]);
+ void OSSL_DECODER_CTX_free(OSSL_DECODER_CTX *ctx);
+
+=head1 DESCRIPTION
+
+B<OSSL_DECODER_CTX> is a context with which B<OSSL_DECODER>
+operations are performed.  The context typically holds values, both
+internal and supplied by the application, which are useful for the
+implementations supplied by providers.
+
+OSSL_DECODER_CTX_new() creates a new empty B<OSSL_DECODER_CTX>.
+
+OSSL_DECODER_settable_ctx_params() returns an L<OSSL_PARAM(3)>
+array of parameter descriptors.
+
+OSSL_DECODER_CTX_set_params() attempts to set parameters specified
+with an L<OSSL_PARAM(3)> array I<params>.  These parameters are passed
+to all decoders that have been added to the I<ctx> so far.
+Parameters that an implementation doesn't recognise should be ignored
+by it.
+
+OSSL_DECODER_CTX_free() frees the given context I<ctx>.
+
+=head1 RETURN VALUES
+
+OSSL_DECODER_CTX_new() returns a pointer to a
+B<OSSL_DECODER_CTX>, or NULL if the context structure couldn't be
+allocated.
+
+OSSL_DECODER_settable_ctx_params() returns an L<OSSL_PARAM(3)>
+array, or NULL if none is available.
+
+OSSL_DECODER_CTX_set_params() returns 1 if all recognised
+parameters were valid, or 0 if one of them was invalid or caused some
+other failure in the implementation.
+
+=head1 SEE ALSO
+
+L<provider(7)>, L<OSSL_DECODER(3)>, L<OSSL_DECODER_from_bio(3)>
+
+=head1 HISTORY
+
+The functions described here were added in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.pod b/doc/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.pod
new file mode 100644
index 0000000000..4486e6b001
--- /dev/null
+++ b/doc/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.pod
@@ -0,0 +1,109 @@
+=pod
+
+=head1 NAME
+
+OSSL_DECODER_CTX_new_by_EVP_PKEY,
+OSSL_DECODER_CTX_set_passphrase,
+OSSL_DECODER_CTX_set_pem_password_cb,
+OSSL_DECODER_CTX_set_passphrase_ui
+- Decoder routines to decode EVP_PKEYs
+
+=head1 SYNOPSIS
+
+ #include <openssl/decoder.h>
+
+ OSSL_DECODER_CTX *
+ OSSL_DECODER_CTX_new_by_EVP_PKEY(const EVP_PKEY *pkey, const char *input_type,
+                                  OPENSSL_CTX *libctx, const char *propquery);
+
+ int OSSL_DECODER_CTX_set_passphrase(OSSL_DECODER_CTX *ctx,
+                                     const unsigned char *kstr,
+                                     size_t klen);
+ int OSSL_DECODER_CTX_set_pem_password_cb(OSSL_DECODER_CTX *ctx,
+                                          pem_password_cb *cb,
+                                          void *cbarg);
+ int OSSL_DECODER_CTX_set_passphrase_ui(OSSL_DECODER_CTX *ctx,
+                                        const UI_METHOD *ui_method,
+                                        void *ui_data);
+
+=head1 DESCRIPTION
+
+OSSL_DECODER_CTX_new_by_EVP_PKEY() is a utility function that
+creates a B<OSSL_DECODER_CTX>, finds all applicable decoder
+implementations and sets them up, so all the caller has to do next is
+call functions like OSSL_DECODE_from_bio().
+
+Internally OSSL_DECODER_CTX_new_by_EVP_PKEY() searches for all
+available L<EVP_KEYMGMT(3)> implementations, and then builds a list of all
+potential decoder implementations that may be able to process the
+encoded input into data suitable for B<EVP_PKEY>s.  All these
+implementations are implicitly fetched using I<libctx> and I<propquery>.
+
+The search of decoder implementations can be limited with
+I<input_type>, which specifies a starting input type.  This is further
+explained in L<OSSL_DECODER_CTX_set_input_type(3)>.
+
+If no suitable decoder was found, OSSL_DECODER_CTX_new_by_EVP_PKEY()
+still creates a B<OSSL_DECODER_CTX>, but with no associated
+decoder (L<OSSL_DECODER_CTX_num_decoders(3)> returns
+zero).  This helps the caller distinguish between an error when
+creating the B<OSSL_DECODER_CTX>, and the lack the decoder
+support and act accordingly.
+
+OSSL_DECODER_CTX_set_passphrase() gives the implementation a
+pass phrase to use when decrypting the encoded private key.
+Alternatively, a pass phrase callback may be specified with the
+following functions.
+
+OSSL_DECODER_CTX_set_pem_password_cb() and
+OSSL_DECODER_CTX_set_passphrase_ui() set up a callback method that
+the implementation can use to prompt for a pass phrase, giving the caller
+the choice of prefered pass phrase callback form.  These are called
+indirectly, through an internal B<OSSL_PASSPHRASE_CALLBACK> function.
+
+The internal B<OSSL_PASSPHRASE_CALLBACK> function caches the pass phrase, to
+be re-used in all decodings that are performed in the same
+decoding run
+(for example, within one L<OSSL_DECODER_from_bio(3)> call).
+
+=for comment the name OSSL_DECODER_CTX_set_pem_password_cb() leaves
+open the future possibility of having a function where the caller can set a
+B<OSSL_PASSPHRASE_CALLBACK> method as another option.
+
+=head1 RETURN VALUES
+
+OSSL_DECODER_CTX_new_by_EVP_PKEY() returns a pointer to a
+B<OSSL_DECODER_CTX>, or NULL if it couldn't be created.
+
+OSSL_DECODER_CTX_set_passphrase(),
+OSSL_DECODER_CTX_set_pem_password_cb() and
+OSSL_DECODER_CTX_set_passphrase_ui()
+all return 1 on success, or 0 on failure.
+
+=head1 NOTES
+
+Parts of the function names are made to match already existing OpenSSL
+names.
+
+B<EVP_PKEY> in OSSL_DECODER_CTX_new_by_EVP_PKEY() matches the type
+name, thus making for the naming pattern
+B<OSSL_DECODER_CTX_new_by_I<TYPE>>() when new types are handled.
+
+=head1 SEE ALSO
+
+L<provider(7)>, L<OSSL_DECODER(3)>, L<OSSL_DECODER_CTX(3)>
+
+=head1 HISTORY
+
+The functions described here were added in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man3/OSSL_DECODER_from_bio.pod b/doc/man3/OSSL_DECODER_from_bio.pod
new file mode 100644
index 0000000000..1beb74d5ff
--- /dev/null
+++ b/doc/man3/OSSL_DECODER_from_bio.pod
@@ -0,0 +1,276 @@
+=pod
+
+=head1 NAME
+
+OSSL_DECODER_from_bio,
+OSSL_DECODER_from_fp,
+OSSL_DECODER_CTX_set_input_type,
+OSSL_DECODER_CTX_add_decoder,
+OSSL_DECODER_CTX_add_extra,
+OSSL_DECODER_CTX_num_decoders,
+OSSL_DECODER_INSTANCE,
+OSSL_DECODER_CONSTRUCT,
+OSSL_DECODER_CLEANUP,
+OSSL_DECODER_CTX_set_construct,
+OSSL_DECODER_CTX_set_construct_data,
+OSSL_DECODER_CTX_set_cleanup,
+OSSL_DECODER_CTX_get_construct,
+OSSL_DECODER_CTX_get_construct_data,
+OSSL_DECODER_CTX_get_cleanup,
+OSSL_DECODER_export,
+OSSL_DECODER_INSTANCE_decoder,
+OSSL_DECODER_INSTANCE_decoder_ctx
+- Routines to perform a decoding
+
+=head1 SYNOPSIS
+
+ #include <openssl/decoder.h>
+
+ int OSSL_DECODER_from_bio(OSSL_DECODER_CTX *ctx, BIO *in);
+ int OSSL_DECODER_from_fp(OSSL_DECODER_CTX *ctx, FILE *fp);
+
+ int OSSL_DECODER_CTX_set_input_type(OSSL_DECODER_CTX *ctx,
+                                     const char *input_type);
+ int OSSL_DECODER_CTX_add_decoder(OSSL_DECODER_CTX *ctx, OSSL_DECODER *decoder);
+ int OSSL_DECODER_CTX_add_extra(OSSL_DECODER_CTX *ctx);
+ int OSSL_DECODER_CTX_num_decoders(OSSL_DECODER_CTX *ctx);
+
+ typedef struct ossl_decoder_instance_st OSSL_DECODER_INSTANCE;
+ OSSL_DECODER *
+ OSSL_DECODER_INSTANCE_decoder(OSSL_DECODER_INSTANCE *decoder_inst);
+ void *OSSL_DECODER_INSTANCE_decoder_ctx(OSSL_DECODER_INSTANCE *decoder_inst);
+
+ typedef int (OSSL_DECODER_CONSTRUCT)(OSSL_DECODER_INSTANCE *decoder_inst,
+                                      const OSSL_PARAM *params,
+                                      void *construct_data);
+ typedef void (OSSL_DECODER_CLEANUP)(void *construct_data);
+
+ int OSSL_DECODER_CTX_set_construct(OSSL_DECODER_CTX *ctx,
+                                    OSSL_DECODER_CONSTRUCT *construct);
+ int OSSL_DECODER_CTX_set_construct_data(OSSL_DECODER_CTX *ctx,
+                                         void *construct_data);
+ int OSSL_DECODER_CTX_set_cleanup(OSSL_DECODER_CTX *ctx,
+                                  OSSL_DECODER_CLEANUP *cleanup);
+ OSSL_DECODER_CONSTRUCT *OSSL_DECODER_CTX_get_construct(OSSL_DECODER_CTX *ctx);
+ void *OSSL_DECODER_CTX_get_construct_data(OSSL_DECODER_CTX *ctx);
+ OSSL_DECODER_CLEANUP *OSSL_DECODER_CTX_get_cleanup(OSSL_DECODER_CTX *ctx);
+
+ int OSSL_DECODER_export(OSSL_DECODER_INSTANCE *decoder_inst,
+                         void *reference, size_t reference_sz,
+                         OSSL_CALLBACK *export_cb, void *export_cbarg);
+
+Feature availability macros:
+
+=over 4
+
+=item OSSL_DECODER_from_fp() is only available when B<OPENSSL_NO_STDIO>
+is undefined.
+
+=back
+
+=head1 DESCRIPTION
+
+The B<OSSL_DECODER_CTX> holds data about multiple decoders, as
+needed to figure out what the input data is and to attempt to unpack it into
+one of several possible related results.  This also includes chaining
+decoders, so the output from one can become the input for another.
+This allows having generic format decoders such as PEM to DER, as well
+as more specialized decoders like DER to RSA.
+
+The chains may be limited by specifying an input type, which is considered a
+starting point.
+This is both considered by OSSL_DECODER_CTX_add_extra(), which will
+stop adding on more decoder implementations when it has already added
+those that take the specified input type, and OSSL_DECODER_from_bio(),
+which will only start the decoding process with the decoder
+implementations that take that input type.  For example, if the input type
+is set to C<DER>, a PEM to DER decoder will be ignored.
+
+The input type can also be NULL, which means that the caller doesn't know
+what type of input they have.  In this case, OSSL_DECODER_from_bio()
+will simply try with one decoder implementation after the other, and
+thereby discover what kind of input the caller gave it.
+
+For every decoding done, even an intermediary one, a constructor
+provided by the caller is called to attempt to construct an appropriate type
+/ structure that the caller knows how to handle from the current
+decoding result.
+The constructor is set with OSSL_DECODER_CTX_set_construct().
+
+B<OSSL_DECODER_INSTANCE> is an opaque structure that contains
+data about the decoder that was just used, and that may be
+useful for the constructor.  There are some functions to extract data
+from this type, described further down.
+
+=head2 Functions
+
+OSSL_DECODER_from_bio() runs the decoding process for the
+context I<ctx>, with the input coming from the B<BIO> I<in>.  Should
+it make a difference, it's recommended to have the BIO set in binary
+mode rather than text mode.
+
+OSSL_DECODER_from_fp() does the same thing as OSSL_DECODER_from_bio(),
+except that the input is coming from the B<FILE> I<fp>.
+
+OSSL_DECODER_CTX_add_decoder() populates the B<OSSL_DECODER_CTX>
+I<ctx> with a decoder, to be used to attempt to decode some
+encoded input.
+
+OSSL_DECODER_CTX_add_extra() finds decoders that generate
+input for already added decoders, and adds them as well.  This is
+used to build decoder chains.
+
+OSSL_DECODER_CTX_set_input_type() sets the starting input type.  This
+limits the decoder chains to be considered, as explained in the general
+description above.
+
+OSSL_DECODER_CTX_num_decoders() gets the number of
+decoders currently added to the context I<ctx>.
+
+OSSL_DECODER_CTX_set_construct() sets the constructor I<construct>.
+
+OSSL_DECODER_CTX_set_construct_data() sets the constructor data that is
+passed to the constructor every time it's called.
+
+OSSL_DECODER_CTX_set_cleanup() sets the constructor data I<cleanup>
+function.  This is called by L<OSSL_DECODER_CTX_free(3)>.
+
+OSSL_DECODER_CTX_get_construct(),
+OSSL_DECODER_CTX_get_construct_data() and
+OSSL_DECODER_CTX_get_cleanup()
+return the values that have been set by
+OSSL_DECODER_CTX_set_construct(),
+OSSL_DECODER_CTX_set_construct_data() and
+OSSL_DECODER_CTX_set_cleanup() respectively.
+
+OSSL_DECODER_export() is a fallback function for constructors that
+cannot use the data they get directly for diverse reasons.  It takes the same
+decode instance I<decoder_inst> that the constructor got and an object
+I<reference>, unpacks the object which it refers to, and exports it by creating
+an L<OSSL_PARAM(3)> array that it then passes to I<export_cb>, along with
+I<export_arg>.
+
+OSSL_DECODER_INSTANCE_decoder() can be used to get the
+decoder method from a decoder instance I<decoder_inst>.
+
+OSSL_DECODER_INSTANCE_decoder-ctx() can be used to get the
+decoder method's provider context from a decoder instance
+I<decoder_inst>.
+
+=head2 Constructor
+
+A B<OSSL_DECODER_CONSTRUCT> gets the following arguments:
+
+=over 4
+
+=item I<decoder_inst>
+
+The B<OSSL_DECODER_INSTANCE> for the decoder from which
+the constructor gets its data.
+
+=item I<params>
+
+The data produced by the decoder, further described below.
+
+=item I<construct_data>
+
+The pointer that was set with OSSL_DECODE_CTX_set_construct_data().
+
+=back
+
+The constructor is expected to return 1 when the data it receives can
+be constructed, otherwise 0.
+
+The globally known parameters that the constructor can get in I<params>
+are:
+
+=over 4
+
+=item "data-type" (B<OSSL_DECODER_PARAM_DATA_TYPE>) <UTF8 string>
+
+This is a detected content type that some decoders may provide.
+For example, PEM input sometimes has a type specified in its header,
+and some decoders may add that information as this parameter.
+This is an optional parameter, but may be useful for extra checks in
+the constructor.
+
+=item "data" (B<OSSL_DECODER_PARAM_DATA>) <octet string>
+
+The decoded data itself, as an octet string.  This is produced by
+decoders when it's possible to pass an object in this form.  Most
+often, this is simply meant to be passed to the next decoder in a
+chain, but could be considered final data as well, at the discretion
+of the constructor.
+
+=item "reference" (B<OSSL_DECODER_PARAM_DATA>) <octet string>
+
+The decoded data itself, as a reference to an object.  The
+reference itself is an octet string, and can be passed to other
+operations and functions within the same provider as the one that
+provides I<decoder>.
+
+=back
+
+At least one of "data" or "reference" must be present, and it's
+possible that both can be.  A constructor should choose to use the
+"reference" parameter if possible, otherwise it should use the "data"
+parameter.
+
+If it's not possible to use the "reference" parameter, but that's
+still what a constructor wants to do, it is possible to use
+OSSL_DECODER_export() as a fallback.
+
+=head1 RETURN VALUES
+
+OSSL_DECODER_from_bio() and OSSL_DECODER_from_fp() return 1 on
+success, or 0 on failure.
+
+OSSL_DECODER_CTX_add_decoder(),
+OSSL_DECODER_CTX_add_extra(),
+OSSL_DECODER_CTX_set_construct(),
+OSSL_DECODER_CTX_set_construct_data() and
+OSSL_DECODER_CTX_set_cleanup() return 1 on success, or 0 on
+failure.
+
+OSSL_DECODER_CTX_get_construct(),
+OSSL_DECODER_CTX_get_construct_data() and
+OSSL_DECODER_CTX_get_cleanup() return the current pointers to the
+cosntructor, the constructor data and the cleanup functions, respectively.
+
+OSSL_DECODER_CTX_num_decoders() returns the current
+number of decoders.  It returns 0 if I<ctx> is NULL.
+
+OSSL_DECODER_export() returns 1 on success, or 0 on failure.
+
+OSSL_DECODER_INSTANCE_decoder() returns an
+B<OSSL_DECODER> pointer on success, or NULL on failure.
+
+OSSL_DECODER_INSTANCE_decoder_ctx() returns a provider
+context pointer on success, or NULL on failure.>
+
+=begin comment TODO(3.0) Add examples!
+
+=head1 EXAMPLES
+
+Text, because pod2xxx doesn't like empty sections
+
+=end comment
+
+=head1 SEE ALSO
+
+L<provider(7)>, L<OSSL_DECODER_CTX(3)>
+
+=head1 HISTORY
+
+The functions described here were added in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man3/OSSL_DESERIALIZER.pod b/doc/man3/OSSL_DESERIALIZER.pod
deleted file mode 100644
index 5562a8122b..0000000000
--- a/doc/man3/OSSL_DESERIALIZER.pod
+++ /dev/null
@@ -1,146 +0,0 @@
-=pod
-
-=head1 NAME
-
-OSSL_DESERIALIZER,
-OSSL_DESERIALIZER_fetch,
-OSSL_DESERIALIZER_up_ref,
-OSSL_DESERIALIZER_free,
-OSSL_DESERIALIZER_provider,
-OSSL_DESERIALIZER_properties,
-OSSL_DESERIALIZER_is_a,
-OSSL_DESERIALIZER_number,
-OSSL_DESERIALIZER_do_all_provided,
-OSSL_DESERIALIZER_names_do_all,
-OSSL_DESERIALIZER_gettable_params,
-OSSL_DESERIALIZER_get_params
-- Deserializer method routines
-
-=head1 SYNOPSIS
-
- #include <openssl/deserializer.h>
-
- typedef struct ossl_deserializer_st OSSL_DESERIALIZER;
-
- OSSL_DESERIALIZER *OSSL_DESERIALIZER_fetch(OPENSSL_CTX *ctx, const char *name,
-                                            const char *properties);
- int OSSL_DESERIALIZER_up_ref(OSSL_DESERIALIZER *deserializer);
- void OSSL_DESERIALIZER_free(OSSL_DESERIALIZER *deserializer);
- const OSSL_PROVIDER *OSSL_DESERIALIZER_provider(const OSSL_DESERIALIZER
-                                                 *deserializer);
- const char *OSSL_DESERIALIZER_properties(const OSSL_DESERIALIZER *deser);
- int OSSL_DESERIALIZER_is_a(const OSSL_DESERIALIZER *deserializer,
-                            const char *name);
- int OSSL_DESERIALIZER_number(const OSSL_DESERIALIZER *deserializer);
- void OSSL_DESERIALIZER_do_all_provided(OPENSSL_CTX *libctx,
-                                        void (*fn)(OSSL_DESERIALIZER *deserializer,
-                                                   void *arg),
-                                        void *arg);
- void OSSL_DESERIALIZER_names_do_all(const OSSL_DESERIALIZER *deserializer,
-                                     void (*fn)(const char *name, void *data),
-                                     void *data);
- const OSSL_PARAM *OSSL_DESERIALIZER_gettable_params(OSSL_DESERIALIZER *deser);
- int OSSL_DESERIALIZER_get_params(OSSL_DESERIALIZER_CTX *ctx,
-                                  const OSSL_PARAM params[]);
-
-=head1 DESCRIPTION
-
-B<OSSL_DESERIALIZER> is a method for deserializers, which know how to
-deserialize serialized data into an object of some type that the rest
-of OpenSSL knows how to handle.
-
-OSSL_DESERIALIZER_fetch() looks for an algorithm within the provider that
-has been loaded into the B<OPENSSL_CTX> given by I<ctx>, having the
-name given by I<name> and the properties given by I<properties>.
-The I<name> determines what type of object the fetched deserializer
-method is expected to be able to deserialize, and the properties are
-used to determine the expected output type.
-For known properties and the values they may have, please have a look
-in L<provider-serializer(7)/Names and properties>.
-
-OSSL_DESERIALIZER_up_ref() increments the reference count for the given
-I<deserializer>.
-
-OSSL_DESERIALIZER_free() decrements the reference count for the given
-I<deserializer>, and when the count reaches zero, frees it.
-
-OSSL_DESERIALIZER_provider() returns the provider of the given
-I<deserializer>.
-
-OSSL_DESERIALIZER_properties() returns the property definition associated
-with the given I<deserializer>.
-
-OSSL_DESERIALIZER_is_a() checks if I<deserializer> is an implementation
-of an algorithm that's identifiable with I<name>.
-
-OSSL_DESERIALIZER_number() returns the internal dynamic number assigned
-to the given I<deserializer>.
-
-OSSL_DESERIALIZER_names_do_all() traverses all names for the given
-I<deserializer>, and calls I<fn> with each name and I<data>.
-
-OSSL_DESERIALIZER_do_all_provided() traverses all serializer
-implementations by all activated providers in the library context
-I<libctx>, and for each of the implementations, calls I<fn> with the
-implementation method and I<data> as arguments.
-
-OSSL_DESERIALIZER_gettable_params() returns an L<OSSL_PARAM(3)>
-array of parameter descriptors.
-
-OSSL_DESERIALIZER_get_params() attempts to get parameters specified
-with an L<OSSL_PARAM(3)> array I<params>.  Parameters that the
-implementation doesn't recognise should be ignored.
-
-=head1 RETURN VALUES
-
-OSSL_DESERIALIZER_fetch() returns a pointer to an OSSL_DESERIALIZER object,
-or NULL on error.
-
-OSSL_DESERIALIZER_up_ref() returns 1 on success, or 0 on error.
-
-OSSL_DESERIALIZER_free() doesn't return any value.
-
-OSSL_DESERIALIZER_provider() returns a pointer to a provider object, or
-NULL on error.
-
-OSSL_DESERIALIZER_properties() returns a pointer to a property
-definition string, or NULL on error.
-
-OSSL_DESERIALIZER_is_a() returns 1 if I<deserializer> was identifiable,
-otherwise 0.
-
-OSSL_DESERIALIZER_number() returns an integer.
-
-=head1 NOTES
-
-OSSL_DESERIALIZER_fetch() may be called implicitly by other fetching
-functions, using the same library context and properties.
-Any other API that uses keys will typically do this.
-
-=begin comment TODO(3.0) Add examples!
-
-=head1 EXAMPLES
-
-Text, because pod2xxx doesn't like empty sections
-
-=end comment
-
-=head1 SEE ALSO
-
-L<provider(7)>, L<OSSL_DESERIALIZER_CTX(3)>, L<OSSL_DESERIALIZER_from_bio(3)>,
-L<OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY(3)>, L<OPENSSL_CTX(3)>
-
-=head1 HISTORY
-
-The functions described here were added in OpenSSL 3.0.
-
-=head1 COPYRIGHT
-
-Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
-
-Licensed under the Apache License 2.0 (the "License").  You may not use
-this file except in compliance with the License.  You can obtain a copy
-in the file LICENSE in the source distribution or at
-L<https://www.openssl.org/source/license.html>.
-
-=cut
diff --git a/doc/man3/OSSL_DESERIALIZER_CTX.pod b/doc/man3/OSSL_DESERIALIZER_CTX.pod
deleted file mode 100644
index 413584f8dc..0000000000
--- a/doc/man3/OSSL_DESERIALIZER_CTX.pod
+++ /dev/null
@@ -1,74 +0,0 @@
-=pod
-
-=head1 NAME
-
-OSSL_DESERIALIZER_CTX,
-OSSL_DESERIALIZER_CTX_new,
-OSSL_DESERIALIZER_settable_ctx_params,
-OSSL_DESERIALIZER_CTX_set_params,
-OSSL_DESERIALIZER_CTX_free
-- Serializer context routines
-
-=head1 SYNOPSIS
-
- #include <openssl/deserializer.h>
-
- typedef struct ossl_deserializer_ctx_st OSSL_DESERIALIZER_CTX;
-
- OSSL_DESERIALIZER_CTX *OSSL_DESERIALIZER_CTX_new(OPENSSL_CTX *libctx);
- const OSSL_PARAM *OSSL_DESERIALIZER_settable_ctx_params(OSSL_DESERIALIZER *deser);
- int OSSL_DESERIALIZER_CTX_set_params(OSSL_DESERIALIZER_CTX *ctx,
-                                      const OSSL_PARAM params[]);
- void OSSL_DESERIALIZER_CTX_free(OSSL_DESERIALIZER_CTX *ctx);
-
-=head1 DESCRIPTION
-
-B<OSSL_DESERIALIZER_CTX> is a context with which B<OSSL_DESERIALIZER>
-operations are performed.  The context typically holds values, both
-internal and supplied by the application, which are useful for the
-implementations supplied by providers.
-
-OSSL_DESERIALIZER_CTX_new() creates a new empty B<OSSL_DESERIALIZER_CTX>.
-
-OSSL_DESERIALIZER_settable_ctx_params() returns an L<OSSL_PARAM(3)>
-array of parameter descriptors.
-
-OSSL_DESERIALIZER_CTX_set_params() attempts to set parameters specified
-with an L<OSSL_PARAM(3)> array I<params>.  These parameters are passed
-to all deserializers that have been added to the I<ctx> so far.
-Parameters that an implementation doesn't recognise should be ignored
-by it.
-
-OSSL_DESERIALIZER_CTX_free() frees the given context I<ctx>.
-
-=head1 RETURN VALUES
-
-OSSL_DESERIALIZER_CTX_new() returns a pointer to a
-B<OSSL_DESERIALIZER_CTX>, or NULL if the context structure couldn't be
-allocated.
-
-OSSL_DESERIALIZER_settable_ctx_params() returns an L<OSSL_PARAM(3)>
-array, or NULL if none is available.
-
-OSSL_DESERIALIZER_CTX_set_params() returns 1 if all recognised
-parameters were valid, or 0 if one of them was invalid or caused some
-other failure in the implementation.
-
-=head1 SEE ALSO
-
-L<provider(7)>, L<OSSL_DESERIALIZER(3)>, L<OSSL_DESERIALIZER_from_bio(3)>
-
-=head1 HISTORY
-
-The functions described here were added in OpenSSL 3.0.
-
-=head1 COPYRIGHT
-
-Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
-
-Licensed under the Apache License 2.0 (the "License").  You may not use
-this file except in compliance with the License.  You can obtain a copy
-in the file LICENSE in the source distribution or at
-L<https://www.openssl.org/source/license.html>.
-
-=cut
diff --git a/doc/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.pod b/doc/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.pod
deleted file mode 100644
index c8466657c9..0000000000
--- a/doc/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.pod
+++ /dev/null
@@ -1,111 +0,0 @@
-=pod
-
-=head1 NAME
-
-OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY,
-OSSL_DESERIALIZER_CTX_set_passphrase,
-OSSL_DESERIALIZER_CTX_set_pem_password_cb,
-OSSL_DESERIALIZER_CTX_set_passphrase_ui
-- Deserializer routines to deserialize EVP_PKEYs
-
-=head1 SYNOPSIS
-
- #include <openssl/deserializer.h>
-
- OSSL_DESERIALIZER_CTX *
- OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY(const EVP_PKEY *pkey,
-                                       const char *input_type,
-                                       OPENSSL_CTX *libctx,
-                                       const char *propquery);
-
- int OSSL_DESERIALIZER_CTX_set_passphrase(OSSL_DESERIALIZER_CTX *ctx,
-                                          const unsigned char *kstr,
-                                          size_t klen);
- int OSSL_DESERIALIZER_CTX_set_pem_password_cb(OSSL_DESERIALIZER_CTX *ctx,
-                                               pem_password_cb *cb,
-                                               void *cbarg);
- int OSSL_DESERIALIZER_CTX_set_passphrase_ui(OSSL_DESERIALIZER_CTX *ctx,
-                                             const UI_METHOD *ui_method,
-                                             void *ui_data);
-
-=head1 DESCRIPTION
-
-OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY() is a utility function that
-creates a B<OSSL_DESERIALIZER_CTX>, finds all applicable deserializer
-implementations and sets them up, so all the caller has to do next is
-call functions like OSSL_DESERIALIZE_from_bio().
-
-Internally OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY() searches for all
-available L<EVP_KEYMGMT(3)> implementations, and then builds a list of all
-potential deserializer implementations that may be able to process the
-serialized input into data suitable for B<EVP_PKEY>s.  All these
-implementations are implicitly fetched using I<libctx> and I<propquery>.
-
-The search of deserializer implementations can be limited with
-I<input_type>, which specifies a starting input type.  This is further
-explained in L<OSSL_DESERIALIZER_CTX_set_input_type(3)>.
-
-If no suitable deserializer was found, OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY()
-still creates a B<OSSL_DESERIALIZER_CTX>, but with no associated
-deserializer (L<OSSL_DESERIALIZER_CTX_num_deserializers(3)> returns
-zero).  This helps the caller distinguish between an error when
-creating the B<OSSL_DESERIALIZER_CTX>, and the lack the deserializer
-support and act accordingly.
-
-OSSL_DESERIALIZER_CTX_set_passphrase() gives the implementation a
-pass phrase to use when decrypting the serialized private key.
-Alternatively, a pass phrase callback may be specified with the
-following functions.
-
-OSSL_DESERIALIZER_CTX_set_pem_password_cb() and
-OSSL_DESERIALIZER_CTX_set_passphrase_ui() set up a callback method that
-the implementation can use to prompt for a pass phrase, giving the caller
-the choice of prefered pass phrase callback form.  These are called
-indirectly, through an internal B<OSSL_PASSPHRASE_CALLBACK> function.
-
-The internal B<OSSL_PASSPHRASE_CALLBACK> function caches the pass phrase, to
-be re-used in all deserializations that are performed in the same
-deserialization run
-(for example, within one L<OSSL_DESERIALIZER_from_bio(3)> call).
-
-=for comment the name OSSL_DESERIALIZER_CTX_set_pem_password_cb() leaves
-open the future possibility of having a function where the caller can set a
-B<OSSL_PASSPHRASE_CALLBACK> method as another option.
-
-=head1 RETURN VALUES
-
-OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY() returns a pointer to a
-B<OSSL_DESERIALIZER_CTX>, or NULL if it couldn't be created.
-
-OSSL_DESERIALIZER_CTX_set_passphrase(),
-OSSL_DESERIALIZER_CTX_set_pem_password_cb() and
-OSSL_DESERIALIZER_CTX_set_passphrase_ui()
-all return 1 on success, or 0 on failure.
-
-=head1 NOTES
-
-Parts of the function names are made to match already existing OpenSSL
-names.
-
-B<EVP_PKEY> in OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY() matches the type
-name, thus making for the naming pattern
-B<OSSL_DESERIALIZER_CTX_new_by_I<TYPE>>() when new types are handled.
-
-=head1 SEE ALSO
-
-L<provider(7)>, L<OSSL_DESERIALIZER(3)>, L<OSSL_DESERIALIZER_CTX(3)>
-
-=head1 HISTORY
-
-The functions described here were added in OpenSSL 3.0.
-
-=head1 COPYRIGHT
-
-Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
-
-Licensed under the Apache License 2.0 (the "License").  You may not use
-this file except in compliance with the License.  You can obtain a copy
-in the file LICENSE in the source distribution or at
-L<https://www.openssl.org/source/license.html>.
-
-=cut
diff --git a/doc/man3/OSSL_DESERIALIZER_from_bio.pod b/doc/man3/OSSL_DESERIALIZER_from_bio.pod
deleted file mode 100644
index 1aa54899a5..0000000000
--- a/doc/man3/OSSL_DESERIALIZER_from_bio.pod
+++ /dev/null
@@ -1,280 +0,0 @@
-=pod
-
-=head1 NAME
-
-OSSL_DESERIALIZER_from_bio,
-OSSL_DESERIALIZER_from_fp,
-OSSL_DESERIALIZER_CTX_set_input_type,
-OSSL_DESERIALIZER_CTX_add_deserializer,
-OSSL_DESERIALIZER_CTX_add_extra,
-OSSL_DESERIALIZER_CTX_num_deserializers,
-OSSL_DESERIALIZER_INSTANCE,
-OSSL_DESERIALIZER_CONSTRUCT,
-OSSL_DESERIALIZER_CLEANUP,
-OSSL_DESERIALIZER_CTX_set_construct,
-OSSL_DESERIALIZER_CTX_set_construct_data,
-OSSL_DESERIALIZER_CTX_set_cleanup,
-OSSL_DESERIALIZER_CTX_get_construct,
-OSSL_DESERIALIZER_CTX_get_construct_data,
-OSSL_DESERIALIZER_CTX_get_cleanup,
-OSSL_DESERIALIZER_export,
-OSSL_DESERIALIZER_INSTANCE_deserializer,
-OSSL_DESERIALIZER_INSTANCE_deserializer_ctx
-- Routines to perform a deserialization
-
-=head1 SYNOPSIS
-
- #include <openssl/deserializer.h>
-
- int OSSL_DESERIALIZER_from_bio(OSSL_DESERIALIZER_CTX *ctx, BIO *in);
- int OSSL_DESERIALIZER_from_fp(OSSL_DESERIALIZER_CTX *ctx, FILE *fp);
-
- int OSSL_DESERIALIZER_CTX_set_input_type(OSSL_DESERIALIZER_CTX *ctx,
-                                          const char *input_type);
- int OSSL_DESERIALIZER_CTX_add_deserializer(OSSL_DESERIALIZER_CTX *ctx,
-                                            OSSL_DESERIALIZER *deser);
- int OSSL_DESERIALIZER_CTX_add_extra(OSSL_DESERIALIZER_CTX *ctx);
- int OSSL_DESERIALIZER_CTX_num_deserializers(OSSL_DESERIALIZER_CTX *ctx);
-
- typedef struct ossl_deserializer_instance_st OSSL_DESERIALIZER_INSTANCE;
- OSSL_DESERIALIZER *OSSL_DESERIALIZER_INSTANCE_deserializer
-     (OSSL_DESERIALIZER_INSTANCE *deser_inst);
- void *OSSL_DESERIALIZER_INSTANCE_deserializer_ctx
-     (OSSL_DESERIALIZER_INSTANCE *deser_inst);
-
- typedef int (OSSL_DESERIALIZER_CONSTRUCT)
-     (OSSL_DESERIALIZER_INSTANCE *deser_inst,
-      const OSSL_PARAM *params, void *construct_data);
- typedef void (OSSL_DESERIALIZER_CLEANUP)(void *construct_data);
-
- int OSSL_DESERIALIZER_CTX_set_construct
-     (OSSL_DESERIALIZER_CTX *ctx, OSSL_DESERIALIZER_CONSTRUCT *construct);
- int OSSL_DESERIALIZER_CTX_set_construct_data
-     (OSSL_DESERIALIZER_CTX *ctx, void *construct_data);
- int OSSL_DESERIALIZER_CTX_set_cleanup(OSSL_DESERIALIZER_CTX *ctx,
-                                       OSSL_DESERIALIZER_CLEANUP *cleanup);
- OSSL_DESERIALIZER_CONSTRUCT *
- OSSL_DESERIALIZER_CTX_get_construct(OSSL_DESERIALIZER_CTX *ctx);
- void *OSSL_DESERIALIZER_CTX_get_construct_data(OSSL_DESERIALIZER_CTX *ctx);
- OSSL_DESERIALIZER_CLEANUP *
- OSSL_DESERIALIZER_CTX_get_cleanup(OSSL_DESERIALIZER_CTX *ctx);
-
- int OSSL_DESERIALIZER_export(OSSL_DESERIALIZER_INSTANCE *deser_inst,
-                              void *reference, size_t reference_sz,
-                              OSSL_CALLBACK *export_cb, void *export_cbarg);
-
-Feature availability macros:
-
-=over 4
-
-=item OSSL_DESERIALIZER_from_fp() is only available when B<OPENSSL_NO_STDIO>
-is undefined.
-
-=back
-
-=head1 DESCRIPTION
-
-The B<OSSL_DESERIALIZER_CTX> holds data about multiple deserializers, as
-needed to figure out what the input data is and to attempt to unpack it into
-one of several possible related results.  This also includes chaining
-deserializers, so the output from one can become the input for another.
-This allows having generic format deserializers such as PEM to DER, as well
-as more specialized deserializers like DER to RSA.
-
-The chains may be limited by specifying an input type, which is considered a
-starting point.
-This is both considered by OSSL_DESERIALIZER_CTX_add_extra(), which will
-stop adding on more deserializer implementations when it has already added
-those that take the specified input type, and OSSL_DESERIALIZER_from_bio(),
-which will only start the deserializing process with the deserializer
-implementations that take that input type.  For example, if the input type
-is set to C<DER>, a PEM to DER deserializer will be ignored.
-
-The input type can also be NULL, which means that the caller doesn't know
-what type of input they have.  In this case, OSSL_DESERIALIZER_from_bio()
-will simply try with one deserializer implementation after the other, and
-thereby discover what kind of input the caller gave it.
-
-For every deserialization done, even an intermediary one, a constructor
-provided by the caller is called to attempt to construct an appropriate type
-/ structure that the caller knows how to handle from the current
-deserialization result.
-The constructor is set with OSSL_DESERIALIZER_CTX_set_construct().
-
-B<OSSL_DESERIALIZER_INSTANCE> is an opaque structure that contains
-data about the deserializer that was just used, and that may be
-useful for the constructor.  There are some functions to extract data
-from this type, described further down.
-
-=head2 Functions
-
-OSSL_DESERIALIZER_from_bio() runs the deserialization process for the
-context I<ctx>, with the input coming from the B<BIO> I<in>.  Should
-it make a difference, it's recommended to have the BIO set in binary
-mode rather than text mode.
-
-OSSL_DESERIALIZER_from_fp() does the same thing as OSSL_DESERIALIZER_from_bio(),
-except that the input is coming from the B<FILE> I<fp>.
-
-OSSL_DESERIALIZER_CTX_add_deserializer() populates the B<OSSL_DESERIALIZER_CTX>
-I<ctx> with a deserializer, to be used to attempt to deserialize some
-serialized input.
-
-OSSL_DESERIALIZER_CTX_add_extra() finds deserializers that generate
-input for already added deserializers, and adds them as well.  This is
-used to build deserializer chains.
-
-OSSL_DESERIALIZER_CTX_set_input_type() sets the starting input type.  This
-limits the deserializer chains to be considered, as explained in the general
-description above.
-
-OSSL_DESERIALIZER_CTX_num_deserializers() gets the number of
-deserializers currently added to the context I<ctx>.
-
-OSSL_DESERIALIZER_CTX_set_construct() sets the constructor I<construct>.
-
-OSSL_DESERIALIZER_CTX_set_construct_data() sets the constructor data that is
-passed to the constructor every time it's called.
-
-OSSL_DESERIALIZER_CTX_set_cleanup() sets the constructor data I<cleanup>
-function.  This is called by L<OSSL_DESERIALIZER_CTX_free(3)>.
-
-OSSL_DESERIALIZER_CTX_get_construct(),
-OSSL_DESERIALIZER_CTX_get_construct_data() and
-OSSL_DESERIALIZER_CTX_get_cleanup()
-return the values that have been set by
-OSSL_DESERIALIZER_CTX_set_construct(),
-OSSL_DESERIALIZER_CTX_set_construct_data() and
-OSSL_DESERIALIZER_CTX_set_cleanup() respectively.
-
-OSSL_DESERIALIZER_export() is a fallback function for constructors that
-cannot use the data they get directly for diverse reasons.  It takes the same
-deserialize instance I<deser_inst> that the constructor got and an object
-I<reference>, unpacks the object which it refers to, and exports it by creating
-an L<OSSL_PARAM(3)> array that it then passes to I<export_cb>, along with
-I<export_arg>.
-
-OSSL_DESERIALIZER_INSTANCE_deserializer() can be used to get the
-deserializer method from a deserializer instance I<deser_inst>.
-
-OSSL_DESERIALIZER_INSTANCE_deserializer-ctx() can be used to get the
-deserializer method's provider context from a deserializer instance
-I<deser_inst>.
-
-=head2 Constructor
-
-A B<OSSL_DESERIALIZER_CONSTRUCT> gets the following arguments:
-
-=over 4
-
-=item I<deser_inst>
-
-The B<OSSL_DESERIALIZER_INSTANCE> for the deserializer from which
-the constructor gets its data.
-
-=item I<params>
-
-The data produced by the deserializer, further described below.
-
-=item I<construct_data>
-
-The pointer that was set with OSSL_DESERIALIZE_CTX_set_construct_data().
-
-=back
-
-The constructor is expected to return 1 when the data it receives can
-be constructed, otherwise 0.
-
-The globally known parameters that the constructor can get in I<params>
-are:
-
-=over 4
-
-=item "data-type" (B<OSSL_DESERIALIZER_PARAM_DATA_TYPE>) <UTF8 string>
-
-This is a detected content type that some deserializers may provide.
-For example, PEM input sometimes has a type specified in its header,
-and some deserializers may add that information as this parameter.
-This is an optional parameter, but may be useful for extra checks in
-the constructor.
-
-=item "data" (B<OSSL_DESERIALIZER_PARAM_DATA>) <octet string>
-
-The deserialized data itself, as an octet string.  This is produced by
-deserializers when it's possible to pass an object in this form.  Most
-often, this is simply meant to be passed to the next deserializer in a
-chain, but could be considered final data as well, at the discretion
-of the constructor.
-
-=item "reference" (B<OSSL_DESERIALIZER_PARAM_DATA>) <octet string>
-
-The deserialized data itself, as a reference to an object.  The
-reference itself is an octet string, and can be passed to other
-operations and functions within the same provider as the one that
-provides I<deser>.
-
-=back
-
-At least one of "data" or "reference" must be present, and it's
-possible that both can be.  A constructor should choose to use the
-"reference" parameter if possible, otherwise it should use the "data"
-parameter.
-
-If it's not possible to use the "reference" parameter, but that's
-still what a constructor wants to do, it is possible to use
-OSSL_DESERIALIZER_export() as a fallback.
-
-=head1 RETURN VALUES
-
-OSSL_DESERIALIZER_from_bio() and OSSL_DESERIALIZER_from_fp() return 1 on
-success, or 0 on failure.
-
-OSSL_DESERIALIZER_CTX_add_deserializer(),
-OSSL_DESERIALIZER_CTX_add_extra(),
-OSSL_DESERIALIZER_CTX_set_construct(),
-OSSL_DESERIALIZER_CTX_set_construct_data() and
-OSSL_DESERIALIZER_CTX_set_cleanup() return 1 on success, or 0 on
-failure.
-
-OSSL_DESERIALIZER_CTX_get_construct(),
-OSSL_DESERIALIZER_CTX_get_construct_data() and
-OSSL_DESERIALIZER_CTX_get_cleanup() return the current pointers to the
-cosntructor, the constructor data and the cleanup functions, respectively.
-
-OSSL_DESERIALIZER_CTX_num_deserializers() returns the current
-number of deserializers.  It returns 0 if I<ctx> is NULL.
-
-OSSL_DESERIALIZER_export() returns 1 on success, or 0 on failure.
-
-OSSL_DESERIALIZER_INSTANCE_deserializer() returns an
-B<OSSL_DESERIALIZER> pointer on success, or NULL on failure.
-
-OSSL_DESERIALIZER_INSTANCE_deserializer_ctx() returns a provider
-context pointer on success, or NULL on failure.>
-
-=begin comment TODO(3.0) Add examples!
-
-=head1 EXAMPLES
-
-Text, because pod2xxx doesn't like empty sections
-
-=end comment
-
-=head1 SEE ALSO
-
-L<provider(7)>, L<OSSL_DESERIALIZER_CTX(3)>
-
-=head1 HISTORY
-
-The functions described here were added in OpenSSL 3.0.
-
-=head1 COPYRIGHT
-
-Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
-
-Licensed under the Apache License 2.0 (the "License").  You may not use
-this file except in compliance with the License.  You can obtain a copy
-in the file LICENSE in the source distribution or at
-L<https://www.openssl.org/source/license.html>.
-
-=cut
diff --git a/doc/man3/OSSL_ENCODER.pod b/doc/man3/OSSL_ENCODER.pod
new file mode 100644
index 0000000000..d8998310bd
--- /dev/null
+++ b/doc/man3/OSSL_ENCODER.pod
@@ -0,0 +1,126 @@
+=pod
+
+=head1 NAME
+
+OSSL_ENCODER,
+OSSL_ENCODER_fetch,
+OSSL_ENCODER_up_ref,
+OSSL_ENCODER_free,
+OSSL_ENCODER_provider,
+OSSL_ENCODER_properties,
+OSSL_ENCODER_is_a,
+OSSL_ENCODER_number,
+OSSL_ENCODER_do_all_provided,
+OSSL_ENCODER_names_do_all
+- Encoder method routines
+
+=head1 SYNOPSIS
+
+ #include <openssl/encoder.h>
+
+ typedef struct ossl_encoder_st OSSL_ENCODER;
+
+ OSSL_ENCODER *OSSL_ENCODER_fetch(OPENSSL_CTX *ctx, const char *name,
+                                  const char *properties);
+ int OSSL_ENCODER_up_ref(OSSL_ENCODER *encoder);
+ void OSSL_ENCODER_free(OSSL_ENCODER *encoder);
+ const OSSL_PROVIDER *OSSL_ENCODER_provider(const OSSL_ENCODER *encoder);
+ const char *OSSL_ENCODER_properties(const OSSL_ENCODER *encoder);
+ int OSSL_ENCODER_is_a(const OSSL_ENCODER *encoder, const char *name);
+ int OSSL_ENCODER_number(const OSSL_ENCODER *encoder);
+ void OSSL_ENCODER_do_all_provided(OPENSSL_CTX *libctx,
+                                   void (*fn)(OSSL_ENCODER *encoder, void *arg),
+                                   void *arg);
+ void OSSL_ENCODER_names_do_all(const OSSL_ENCODER *encoder,
+                                void (*fn)(const char *name, void *data),
+                                void *data);
+
+=head1 DESCRIPTION
+
+=for comment Future development should also talk about decoding
+
+B<OSSL_ENCODER> is a method for encoders, which know how to
+encode an object of some kind to a encoded form, such as PEM,
+DER, or even human readable text.
+
+OSSL_ENCODER_fetch() looks for an algorithm within the provider that
+has been loaded into the B<OPENSSL_CTX> given by I<ctx>, having the
+name given by I<name> and the properties given by I<properties>.
+The I<name> determines what type of object the fetched encoder
+method is expected to be able to encode, and the properties are
+used to determine the expected output type.
+For known properties and the values they may have, please have a look
+in L<provider-encoder(7)/Names and properties>.
+
+OSSL_ENCODER_up_ref() increments the reference count for the given
+I<encoder>.
+
+OSSL_ENCODER_free() decrements the reference count for the given
+I<encoder>, and when the count reaches zero, frees it.
+
+OSSL_ENCODER_provider() returns the provider of the given
+I<encoder>.
+
+OSSL_ENCODER_provider() returns the property definition associated
+with the given I<encoder>.
+
+OSSL_ENCODER_is_a() checks if I<encoder> is an implementation of an
+algorithm that's identifiable with I<name>.
+
+OSSL_ENCODER_number() returns the internal dynamic number assigned to
+the given I<encoder>.
+
+OSSL_ENCODER_names_do_all() traverses all names for the given
+I<encoder>, and calls I<fn> with each name and I<data>.
+
+OSSL_ENCODER_do_all_provided() traverses all encoder
+implementations by all activated providers in the library context
+I<libctx>, and for each of the implementations, calls I<fn> with the
+implementation method and I<data> as arguments.
+
+=head1 NOTES
+
+OSSL_ENCODER_fetch() may be called implicitly by other fetching
+functions, using the same library context and properties.
+Any other API that uses keys will typically do this.
+
+=head1 RETURN VALUES
+
+OSSL_ENCODER_fetch() returns a pointer to the key management
+implementation represented by an OSSL_ENCODER object, or NULL on
+error.
+
+OSSL_ENCODER_up_ref() returns 1 on success, or 0 on error.
+
+OSSL_ENCODER_free() doesn't return any value.
+
+OSSL_ENCODER_provider() returns a pointer to a provider object, or
+NULL on error.
+
+OSSL_ENCODER_properties() returns a pointer to a property
+definition string, or NULL on error.
+
+OSSL_ENCODER_is_a() returns 1 of I<encoder> was identifiable,
+otherwise 0.
+
+OSSL_ENCODER_number() returns an integer.
+
+=head1 SEE ALSO
+
+L<provider(7)>, L<OSSL_ENCODER_CTX(3)>, L<OSSL_ENCODER_to_bio(3)>,
+L<OSSL_ENCODER_CTX_new_by_EVP_PKEY(3)>, L<OPENSSL_CTX(3)>
+
+=head1 HISTORY
+
+The functions described here were added in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man3/OSSL_ENCODER_CTX.pod b/doc/man3/OSSL_ENCODER_CTX.pod
new file mode 100644
index 0000000000..bf339c6a4f
--- /dev/null
+++ b/doc/man3/OSSL_ENCODER_CTX.pod
@@ -0,0 +1,93 @@
+=pod
+
+=head1 NAME
+
+OSSL_ENCODER_CTX,
+OSSL_ENCODER_CTX_new,
+OSSL_ENCODER_CTX_get_encoder,
+OSSL_ENCODER_settable_ctx_params,
+OSSL_ENCODER_CTX_set_params,
+OSSL_ENCODER_CTX_free
+- Encoder context routines
+
+=head1 SYNOPSIS
+
+ #include <openssl/encoder.h>
+
+ typedef struct ossl_encoder_ctx_st OSSL_ENCODER_CTX;
+
+ OSSL_ENCODER_CTX *OSSL_ENCODER_CTX_new(OSSL_ENCODER *encoder);
+ const OSSL_ENCODER *OSSL_ENCODER_CTX_get_encoder(OSSL_ENCODER_CTX *ctx);
+ const OSSL_PARAM *OSSL_ENCODER_settable_ctx_params(OSSL_ENCODER *encoder);
+ int OSSL_ENCODER_CTX_set_params(OSSL_ENCODER_CTX *ctx,
+                                 const OSSL_PARAM params[]);
+ void OSSL_ENCODER_CTX_free(OSSL_ENCODER_CTX *ctx);
+
+=head1 DESCRIPTION
+
+B<OSSL_ENCODER_CTX> is a context with which B<OSSL_ENCODER>
+operations are performed.  The context typically holds values, both
+internal and supplied by the application, which are useful for the
+implementations supplied by providers.
+
+OSSL_ENCODER_CTX_new() creates a B<OSSL_ENCODER_CTX> associated
+with the encoder I<encoder>.  NULL is a valid I<encoder>, the context will
+be created anyway, it's just not very useful.  This is intentional, to
+distinguish between errors in allocating the context or assigning it
+values on one hand, and the lack of encoder support on the other.
+
+=begin comment
+
+The above distinction makes it possible for other routines to sense if
+they need to report an error or fall back on other methods to
+encode.
+
+=end comment
+
+OSSL_ENCODER_CTX_get_encoder() gets the encoder method
+currently associated with the context I<ctx>.
+
+OSSL_ENCODER_settable_ctx_params() returns an L<OSSL_PARAM(3)>
+array of parameter descriptors.
+
+OSSL_ENCODER_CTX_set_params() attempts to set parameters specified
+with an L<OSSL_PARAM(3)> array I<params>.  Parameters that the
+implementation doesn't recognise should be ignored.
+
+OSSL_ENCODER_CTX_free() frees the given context I<ctx>.
+
+=head1 RETURN VALUES
+
+OSSL_ENCODER_CTX_new() returns a pointer to a
+B<OSSL_ENCODER_CTX>, or NULL if the context structure couldn't be
+allocated.
+
+OSSL_ENCODER_CTX_get_encoder() returns a pointer to the
+encoder method associated with I<ctx>.  NULL is a valid return
+value and signifies that there is no associated encoder method.
+
+OSSL_ENCODER_settable_ctx_params() returns an L<OSSL_PARAM(3)>
+array, or NULL if none is available.
+
+OSSL_ENCODER_CTX_set_params() returns 1 if all recognised
+parameters were valid, or 0 if one of them was invalid or caused some
+other failure in the implementation.
+
+=head1 SEE ALSO
+
+L<provider(7)>, L<OSSL_ENCODER(3)>
+
+=head1 HISTORY
+
+The functions described here were added in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man3/OSSL_ENCODER_CTX_new_by_EVP_PKEY.pod b/doc/man3/OSSL_ENCODER_CTX_new_by_EVP_PKEY.pod
new file mode 100644
index 0000000000..2aa103fd14
--- /dev/null
+++ b/doc/man3/OSSL_ENCODER_CTX_new_by_EVP_PKEY.pod
@@ -0,0 +1,144 @@
+=pod
+
+=head1 NAME
+
+OSSL_ENCODER_CTX_new_by_EVP_PKEY,
+OSSL_ENCODER_CTX_set_cipher,
+OSSL_ENCODER_CTX_set_passphrase,
+OSSL_ENCODER_CTX_set_passphrase_cb,
+OSSL_ENCODER_CTX_set_passphrase_ui,
+OSSL_ENCODER_PUBKEY_TO_PEM_PQ,
+OSSL_ENCODER_PrivateKey_TO_PEM_PQ,
+OSSL_ENCODER_Parameters_TO_PEM_PQ,
+OSSL_ENCODER_PUBKEY_TO_DER_PQ,
+OSSL_ENCODER_PrivateKey_TO_DER_PQ,
+OSSL_ENCODER_Parameters_TO_DER_PQ,
+OSSL_ENCODER_PUBKEY_TO_TEXT_PQ,
+OSSL_ENCODER_PrivateKey_TO_TEXT_PQ,
+OSSL_ENCODER_Parameters_TO_TEXT_PQ
+- Encoder routines to encode EVP_PKEYs
+
+=head1 SYNOPSIS
+
+ #include <openssl/encoder.h>
+
+ OSSL_ENCODER_CTX *OSSL_ENCODER_CTX_new_by_EVP_PKEY(const EVP_PKEY *pkey,
+                                                    const char *propquery);
+
+ int OSSL_ENCODER_CTX_set_cipher(OSSL_ENCODER_CTX *ctx,
+                                 const char *cipher_name,
+                                 const char *propquery);
+ int OSSL_ENCODER_CTX_set_passphrase(OSSL_ENCODER_CTX *ctx,
+                                     const unsigned char *kstr,
+                                     size_t klen);
+ int OSSL_ENCODER_CTX_set_passphrase_cb(OSSL_ENCODER_CTX *ctx,
+                                        pem_password_cb *cb, void *cbarg);
+ int OSSL_ENCODER_CTX_set_passphrase_ui(OSSL_ENCODER_CTX *ctx,
+                                        const UI_METHOD *ui_method,
+                                        void *ui_data);
+
+ #define OSSL_ENCODER_PUBKEY_TO_PEM_PQ "format=pem,type=public"
+ #define OSSL_ENCODER_PrivateKey_TO_PEM_PQ "format=pem,type=private"
+ #define OSSL_ENCODER_Parameters_TO_PEM_PQ "format=pem,type=parameters"
+
+ #define OSSL_ENCODER_PUBKEY_TO_DER_PQ "format=der,type=public"
+ #define OSSL_ENCODER_PrivateKey_TO_DER_PQ "format=der,type=private"
+ #define OSSL_ENCODER_Parameters_TO_DER_PQ "format=der,type=parameters"
+
+ #define OSSL_ENCODER_PUBKEY_TO_TEXT_PQ "format=text,type=public"
+ #define OSSL_ENCODER_PrivateKey_TO_TEXT_PQ "format=text,type=private"
+ #define OSSL_ENCODER_Parameters_TO_TEXT_PQ "format=text,type=parameters"
+
+=head1 DESCRIPTION
+
+OSSL_ENCODER_CTX_new_by_EVP_PKEY() creates a B<OSSL_ENCODER_CTX>
+with a suitable attached output routine for B<EVP_PKEY>s.  It will
+search for a encoder implementation that matches the algorithm of
+the B<EVP_PKEY> and the property query given with I<propquery>.  It
+will prefer to find a encoder from the same provider as the key
+data of the B<EVP_PKEY> itself, but failing that, it will choose the
+first encoder that supplies a generic encoding function.
+
+If no suitable encoder was found, OSSL_ENCODER_CTX_new_by_EVP_PKEY()
+still creates a B<OSSL_ENCODER_CTX>, but with no associated
+encoder (L<OSSL_ENCODER_CTX_get_encoder(3)> returns NULL).
+This helps the caller distinguish between an error when creating
+the B<OSSL_ENCODER_CTX>, and the lack the encoder support and
+act accordingly.
+
+OSSL_ENCODER_CTX_set_cipher() tells the implementation what cipher
+should be used to encrypt encoded keys.  The cipher is given by
+name I<cipher_name>.  The interpretation of that I<cipher_name> is
+implementation dependent.  The implementation may implement the digest
+directly itself or by other implementations, or it may choose to fetch
+it.  If the implementation supports fetching the cipher, then it may
+use I<propquery> as properties to be queried for when fetching.
+I<cipher_name> may also be NULL, which will result in unencrypted
+encoding.
+
+OSSL_ENCODER_CTX_set_passphrase() gives the implementation a
+pass phrase to use when encrypting the encoded private key.
+Alternatively, a pass phrase callback may be specified with the
+following functions.
+
+OSSL_ENCODER_CTX_set_passphrase_cb() and
+OSSL_ENCODER_CTX_set_passphrase_ui() sets up a callback method that
+the implementation can use to prompt for a pass phrase.
+
+=for comment Note that the callback method is called indirectly,
+through an internal B<OSSL_PASSPHRASE_CALLBACK> function.
+
+The macros B<OSSL_ENCODER_PUBKEY_TO_PEM_PQ>,
+B<OSSL_ENCODER_PrivateKey_TO_PEM_PQ>,
+B<OSSL_ENCODER_Parameters_TO_PEM_PQ>,
+B<OSSL_ENCODER_PUBKEY_TO_DER_PQ>,
+B<OSSL_ENCODER_PrivateKey_TO_DER_PQ>,
+B<OSSL_ENCODER_Parameters_TO_DER_PQ>,
+B<OSSL_ENCODER_PUBKEY_TO_TEXT_PQ>,
+B<OSSL_ENCODER_PrivateKey_TO_TEXT_PQ>,
+B<OSSL_ENCODER_Parameters_TO_TEXT_PQ> are convenience macros with
+property queries to encode the B<EVP_PKEY> as a public key, private
+key or parameters to B<PEM>, to B<DER>, or to text.
+
+=head1 RETURN VALUES
+
+OSSL_ENCODER_CTX_new_by_EVP_PKEY() returns a pointer to a
+B<OSSL_ENCODER_CTX>, or NULL if it couldn't be created.
+
+OSSL_ENCODER_CTX_set_cipher(),
+OSSL_ENCODER_CTX_set_passphrase(),
+OSSL_ENCODER_CTX_set_passphrase_cb(), and
+OSSL_ENCODER_CTX_set_passphrase_ui() all return 1 on success, or 0
+on failure.
+
+=head1 NOTES
+
+Parts of the function and macro names are made to match already
+existing OpenSSL names.
+
+B<EVP_PKEY> in OSSL_ENCODER_CTX_new_by_EVP_PKEY() matches the type
+name, thus making for the naming pattern
+B<OSSL_ENCODER_CTX_new_by_I<TYPE>>() when new types are handled.
+
+B<PUBKEY>, B<PrivateKey> and B<Parameters> in the macro names match
+the B<I<TYPE>> part of B<PEM_write_bio_I<TYPE>> functions as well
+as B<i2d_I<TYPE>_bio> functions.
+
+=head1 SEE ALSO
+
+L<provider(7)>, L<OSSL_ENCODER(3)>, L<OSSL_ENCODER_CTX(3)>
+
+=head1 HISTORY
+
+The functions described here were added in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man3/OSSL_SERIALIZER_to_bio.pod b/doc/man3/OSSL_ENCODER_to_bio.pod
similarity index 58%
rename from doc/man3/OSSL_SERIALIZER_to_bio.pod
rename to doc/man3/OSSL_ENCODER_to_bio.pod
index 3ed68a17ed..ee9998b2eb 100644
--- a/doc/man3/OSSL_SERIALIZER_to_bio.pod
+++ b/doc/man3/OSSL_ENCODER_to_bio.pod
@@ -2,46 +2,46 @@
 
 =head1 NAME
 
-OSSL_SERIALIZER_to_bio,
-OSSL_SERIALIZER_to_fp
-- Serializer file output routines
+OSSL_ENCODER_to_bio,
+OSSL_ENCODER_to_fp
+- Encoder file output routines
 
 =head1 SYNOPSIS
 
- #include <openssl/serializer.h>
+ #include <openssl/encoder.h>
 
- int OSSL_SERIALIZER_to_bio(OSSL_SERIALIZER_CTX *ctx, BIO *out);
- int OSSL_SERIALIZER_to_fp(OSSL_SERIALIZER_CTX *ctx, FILE *fp);
+ int OSSL_ENCODER_to_bio(OSSL_ENCODER_CTX *ctx, BIO *out);
+ int OSSL_ENCODER_to_fp(OSSL_ENCODER_CTX *ctx, FILE *fp);
 
 Feature availability macros:
 
 =over 4
 
-=item OSSL_SERIALIZER_to_fp() is only available when B<OPENSSL_NO_STDIO>
+=item OSSL_ENCODER_to_fp() is only available when B<OPENSSL_NO_STDIO>
 is undefined.
 
 =back
 
 =head1 DESCRIPTION
 
-OSSL_SERIALIZER_to_bio() runs the serialization process for the
+OSSL_ENCODER_to_bio() runs the encoding process for the
 context I<ctx>, with the output going to the B<BIO> I<out>.  The
 application is required to set up the B<BIO> properly, for example to
 have it in text or binary mode if that's appropriate.
 
-=for comment Know your serializer!
+=for comment Know your encoder!
 
-OSSL_SERIALIZER_to_fp() does the same thing as OSSL_SERIALIZER_to_bio(),
+OSSL_ENCODER_to_fp() does the same thing as OSSL_ENCODER_to_bio(),
 except that the output is going to the B<FILE> I<fp>.
 
 =head1 RETURN VALUES
 
-OSSL_SERIALIZER_to_bio() and OSSL_SERIALIZER_to_fp() return 1 on
+OSSL_ENCODER_to_bio() and OSSL_ENCODER_to_fp() return 1 on
 success, or 0 on failure.
 
 =head1 SEE ALSO
 
-L<provider(7)>, L<OSSL_SERIALIZER_CTX(3)>
+L<provider(7)>, L<OSSL_ENCODER_CTX(3)>
 
 =head1 HISTORY
 
diff --git a/doc/man3/OSSL_SERIALIZER.pod b/doc/man3/OSSL_SERIALIZER.pod
deleted file mode 100644
index 05b889bf60..0000000000
--- a/doc/man3/OSSL_SERIALIZER.pod
+++ /dev/null
@@ -1,129 +0,0 @@
-=pod
-
-=head1 NAME
-
-OSSL_SERIALIZER,
-OSSL_SERIALIZER_fetch,
-OSSL_SERIALIZER_up_ref,
-OSSL_SERIALIZER_free,
-OSSL_SERIALIZER_provider,
-OSSL_SERIALIZER_properties,
-OSSL_SERIALIZER_is_a,
-OSSL_SERIALIZER_number,
-OSSL_SERIALIZER_do_all_provided,
-OSSL_SERIALIZER_names_do_all
-- Serializer method routines
-
-=head1 SYNOPSIS
-
- #include <openssl/serializer.h>
-
- typedef struct ossl_serializer_st OSSL_SERIALIZER;
-
- OSSL_SERIALIZER *OSSL_SERIALIZER_fetch(OPENSSL_CTX *ctx, const char *name,
-                                        const char *properties);
- int OSSL_SERIALIZER_up_ref(OSSL_SERIALIZER *serializer);
- void OSSL_SERIALIZER_free(OSSL_SERIALIZER *serializer);
- const OSSL_PROVIDER *OSSL_SERIALIZER_provider(const OSSL_SERIALIZER
-                                               *serializer);
- const char *OSSL_SERIALIZER_properties(const OSSL_SERIALIZER *ser);
- int OSSL_SERIALIZER_is_a(const OSSL_SERIALIZER *serializer,
-                          const char *name);
- int OSSL_SERIALIZER_number(const OSSL_SERIALIZER *serializer);
- void OSSL_SERIALIZER_do_all_provided(OPENSSL_CTX *libctx,
-                                      void (*fn)(OSSL_SERIALIZER *serializer,
-                                                 void *arg),
-                                      void *arg);
- void OSSL_SERIALIZER_names_do_all(const OSSL_SERIALIZER *serializer,
-                                   void (*fn)(const char *name, void *data),
-                                   void *data);
-
-=head1 DESCRIPTION
-
-=for comment Future development should also talk about deserialization
-
-B<OSSL_SERIALIZER> is a method for serializers, which know how to
-serialize an object of some kind to a serialized form, such as PEM,
-DER, or even human readable text.
-
-OSSL_SERIALIZER_fetch() looks for an algorithm within the provider that
-has been loaded into the B<OPENSSL_CTX> given by I<ctx>, having the
-name given by I<name> and the properties given by I<properties>.
-The I<name> determines what type of object the fetched serializer
-method is expected to be able to serialize, and the properties are
-used to determine the expected output type.
-For known properties and the values they may have, please have a look
-in L<provider-serializer(7)/Names and properties>.
-
-OSSL_SERIALIZER_up_ref() increments the reference count for the given
-I<serializer>.
-
-OSSL_SERIALIZER_free() decrements the reference count for the given
-I<serializer>, and when the count reaches zero, frees it.
-
-OSSL_SERIALIZER_provider() returns the provider of the given
-I<serializer>.
-
-OSSL_SERIALIZER_provider() returns the property definition associated
-with the given I<serializer>.
-
-OSSL_SERIALIZER_is_a() checks if I<serializer> is an implementation of an
-algorithm that's identifiable with I<name>.
-
-OSSL_SERIALIZER_number() returns the internal dynamic number assigned to
-the given I<serializer>.
-
-OSSL_SERIALIZER_names_do_all() traverses all names for the given
-I<serializer>, and calls I<fn> with each name and I<data>.
-
-OSSL_SERIALIZER_do_all_provided() traverses all serializer
-implementations by all activated providers in the library context
-I<libctx>, and for each of the implementations, calls I<fn> with the
-implementation method and I<data> as arguments.
-
-=head1 NOTES
-
-OSSL_SERIALIZER_fetch() may be called implicitly by other fetching
-functions, using the same library context and properties.
-Any other API that uses keys will typically do this.
-
-=head1 RETURN VALUES
-
-OSSL_SERIALIZER_fetch() returns a pointer to the key management
-implementation represented by an OSSL_SERIALIZER object, or NULL on
-error.
-
-OSSL_SERIALIZER_up_ref() returns 1 on success, or 0 on error.
-
-OSSL_SERIALIZER_free() doesn't return any value.
-
-OSSL_SERIALIZER_provider() returns a pointer to a provider object, or
-NULL on error.
-
-OSSL_SERIALIZER_properties() returns a pointer to a property
-definition string, or NULL on error.
-
-OSSL_SERIALIZER_is_a() returns 1 of I<serializer> was identifiable,
-otherwise 0.
-
-OSSL_SERIALIZER_number() returns an integer.
-
-=head1 SEE ALSO
-
-L<provider(7)>, L<OSSL_SERIALIZER_CTX(3)>, L<OSSL_SERIALIZER_to_bio(3)>,
-L<OSSL_SERIALIZER_CTX_new_by_EVP_PKEY(3)>, L<OPENSSL_CTX(3)>
-
-=head1 HISTORY
-
-The functions described here were added in OpenSSL 3.0.
-
-=head1 COPYRIGHT
-
-Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
-
-Licensed under the Apache License 2.0 (the "License").  You may not use
-this file except in compliance with the License.  You can obtain a copy
-in the file LICENSE in the source distribution or at
-L<https://www.openssl.org/source/license.html>.
-
-=cut
diff --git a/doc/man3/OSSL_SERIALIZER_CTX.pod b/doc/man3/OSSL_SERIALIZER_CTX.pod
deleted file mode 100644
index d446b842d0..0000000000
--- a/doc/man3/OSSL_SERIALIZER_CTX.pod
+++ /dev/null
@@ -1,94 +0,0 @@
-=pod
-
-=head1 NAME
-
-OSSL_SERIALIZER_CTX,
-OSSL_SERIALIZER_CTX_new,
-OSSL_SERIALIZER_CTX_get_serializer,
-OSSL_SERIALIZER_settable_ctx_params,
-OSSL_SERIALIZER_CTX_set_params,
-OSSL_SERIALIZER_CTX_free
-- Serializer context routines
-
-=head1 SYNOPSIS
-
- #include <openssl/serializer.h>
-
- typedef struct ossl_serializer_ctx_st OSSL_SERIALIZER_CTX;
-
- OSSL_SERIALIZER_CTX *OSSL_SERIALIZER_CTX_new(OSSL_SERIALIZER *ser);
- const OSSL_SERIALIZER *
- OSSL_SERIALIZER_CTX_get_serializer(OSSL_SERIALIZER_CTX *ctx);
- const OSSL_PARAM *OSSL_SERIALIZER_settable_ctx_params(OSSL_SERIALIZER *ser);
- int OSSL_SERIALIZER_CTX_set_params(OSSL_SERIALIZER_CTX *ctx,
-                                    const OSSL_PARAM params[]);
- void OSSL_SERIALIZER_CTX_free(OSSL_SERIALIZER_CTX *ctx);
-
-=head1 DESCRIPTION
-
-B<OSSL_SERIALIZER_CTX> is a context with which B<OSSL_SERIALIZER>
-operations are performed.  The context typically holds values, both
-internal and supplied by the application, which are useful for the
-implementations supplied by providers.
-
-OSSL_SERIALIZER_CTX_new() creates a B<OSSL_SERIALIZER_CTX> associated
-with the serializer I<ser>.  NULL is a valid I<ser>, the context will
-be created anyway, it's just not very useful.  This is intentional, to
-distinguish between errors in allocating the context or assigning it
-values on one hand, and the lack of serializer support on the other.
-
-=begin comment
-
-The above distinction makes it possible for other routines to sense if
-they need to report an error or fall back on other methods to
-serialize.
-
-=end comment
-
-OSSL_SERIALIZER_CTX_get_serializer() gets the serializer method
-currently associated with the context I<ctx>.
-
-OSSL_SERIALIZER_settable_ctx_params() returns an L<OSSL_PARAM(3)>
-array of parameter descriptors.
-
-OSSL_SERIALIZER_CTX_set_params() attempts to set parameters specified
-with an L<OSSL_PARAM(3)> array I<params>.  Parameters that the
-implementation doesn't recognise should be ignored.
-
-OSSL_SERIALIZER_CTX_free() frees the given context I<ctx>.
-
-=head1 RETURN VALUES
-
-OSSL_SERIALIZER_CTX_new() returns a pointer to a
-B<OSSL_SERIALIZER_CTX>, or NULL if the context structure couldn't be
-allocated.
-
-OSSL_SERIALIZER_CTX_get_serializer() returns a pointer to the
-serializer method associated with I<ctx>.  NULL is a valid return
-value and signifies that there is no associated serializer method.
-
-OSSL_SERIALIZER_settable_ctx_params() returns an L<OSSL_PARAM(3)>
-array, or NULL if none is available.
-
-OSSL_SERIALIZER_CTX_set_params() returns 1 if all recognised
-parameters were valid, or 0 if one of them was invalid or caused some
-other failure in the implementation.
-
-=head1 SEE ALSO
-
-L<provider(7)>, L<OSSL_SERIALIZER(3)>
-
-=head1 HISTORY
-
-The functions described here were added in OpenSSL 3.0.
-
-=head1 COPYRIGHT
-
-Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
-
-Licensed under the Apache License 2.0 (the "License").  You may not use
-this file except in compliance with the License.  You can obtain a copy
-in the file LICENSE in the source distribution or at
-L<https://www.openssl.org/source/license.html>.
-
-=cut
diff --git a/doc/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.pod b/doc/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.pod
deleted file mode 100644
index 5797ab1caa..0000000000
--- a/doc/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.pod
+++ /dev/null
@@ -1,144 +0,0 @@
-=pod
-
-=head1 NAME
-
-OSSL_SERIALIZER_CTX_new_by_EVP_PKEY,
-OSSL_SERIALIZER_CTX_set_cipher,
-OSSL_SERIALIZER_CTX_set_passphrase,
-OSSL_SERIALIZER_CTX_set_passphrase_cb,
-OSSL_SERIALIZER_CTX_set_passphrase_ui,
-OSSL_SERIALIZER_PUBKEY_TO_PEM_PQ,
-OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ,
-OSSL_SERIALIZER_Parameters_TO_PEM_PQ,
-OSSL_SERIALIZER_PUBKEY_TO_DER_PQ,
-OSSL_SERIALIZER_PrivateKey_TO_DER_PQ,
-OSSL_SERIALIZER_Parameters_TO_DER_PQ,
-OSSL_SERIALIZER_PUBKEY_TO_TEXT_PQ,
-OSSL_SERIALIZER_PrivateKey_TO_TEXT_PQ,
-OSSL_SERIALIZER_Parameters_TO_TEXT_PQ
-- Serializer routines to serialize EVP_PKEYs
-
-=head1 SYNOPSIS
-
- #include <openssl/serializer.h>
-
- OSSL_SERIALIZER_CTX *OSSL_SERIALIZER_CTX_new_by_EVP_PKEY(const EVP_PKEY *pkey,
-                                                          const char *propquery);
-
- int OSSL_SERIALIZER_CTX_set_cipher(OSSL_SERIALIZER_CTX *ctx,
-                                    const char *cipher_name,
-                                    const char *propquery);
- int OSSL_SERIALIZER_CTX_set_passphrase(OSSL_SERIALIZER_CTX *ctx,
-                                        const unsigned char *kstr,
-                                        size_t klen);
- int OSSL_SERIALIZER_CTX_set_passphrase_cb(OSSL_SERIALIZER_CTX *ctx,
-                                           pem_password_cb *cb, void *cbarg);
- int OSSL_SERIALIZER_CTX_set_passphrase_ui(OSSL_SERIALIZER_CTX *ctx,
-                                           const UI_METHOD *ui_method,
-                                           void *ui_data);
-
- #define OSSL_SERIALIZER_PUBKEY_TO_PEM_PQ "format=pem,type=public"
- #define OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ "format=pem,type=private"
- #define OSSL_SERIALIZER_Parameters_TO_PEM_PQ "format=pem,type=parameters"
-
- #define OSSL_SERIALIZER_PUBKEY_TO_DER_PQ "format=der,type=public"
- #define OSSL_SERIALIZER_PrivateKey_TO_DER_PQ "format=der,type=private"
- #define OSSL_SERIALIZER_Parameters_TO_DER_PQ "format=der,type=parameters"
-
- #define OSSL_SERIALIZER_PUBKEY_TO_TEXT_PQ "format=text,type=public"
- #define OSSL_SERIALIZER_PrivateKey_TO_TEXT_PQ "format=text,type=private"
- #define OSSL_SERIALIZER_Parameters_TO_TEXT_PQ "format=text,type=parameters"
-
-=head1 DESCRIPTION
-
-OSSL_SERIALIZER_CTX_new_by_EVP_PKEY() creates a B<OSSL_SERIALIZER_CTX>
-with a suitable attached output routine for B<EVP_PKEY>s.  It will
-search for a serializer implementation that matches the algorithm of
-the B<EVP_PKEY> and the property query given with I<propquery>.  It
-will prefer to find a serializer from the same provider as the key
-data of the B<EVP_PKEY> itself, but failing that, it will choose the
-first serializer that supplies a generic serializing function.
-
-If no suitable serializer was found, OSSL_SERIALIZER_CTX_new_by_EVP_PKEY()
-still creates a B<OSSL_SERIALIZER_CTX>, but with no associated
-serializer (L<OSSL_SERIALIZER_CTX_get_serializer(3)> returns NULL).
-This helps the caller distinguish between an error when creating
-the B<OSSL_SERIALIZER_CTX>, and the lack the serializer support and
-act accordingly.
-
-OSSL_SERIALIZER_CTX_set_cipher() tells the implementation what cipher
-should be used to encrypt serialized keys.  The cipher is given by
-name I<cipher_name>.  The interpretation of that I<cipher_name> is
-implementation dependent.  The implementation may implement the digest
-directly itself or by other implementations, or it may choose to fetch
-it.  If the implementation supports fetching the cipher, then it may
-use I<propquery> as properties to be queried for when fetching.
-I<cipher_name> may also be NULL, which will result in unencrypted
-serialization.
-
-OSSL_SERIALIZER_CTX_set_passphrase() gives the implementation a
-pass phrase to use when encrypting the serialized private key.
-Alternatively, a pass phrase callback may be specified with the
-following functions.
-
-OSSL_SERIALIZER_CTX_set_passphrase_cb() and
-OSSL_SERIALIZER_CTX_set_passphrase_ui() sets up a callback method that
-the implementation can use to prompt for a pass phrase.
-
-=for comment Note that the callback method is called indirectly,
-through an internal B<OSSL_PASSPHRASE_CALLBACK> function.
-
-The macros B<OSSL_SERIALIZER_PUBKEY_TO_PEM_PQ>,
-B<OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ>,
-B<OSSL_SERIALIZER_Parameters_TO_PEM_PQ>,
-B<OSSL_SERIALIZER_PUBKEY_TO_DER_PQ>,
-B<OSSL_SERIALIZER_PrivateKey_TO_DER_PQ>,
-B<OSSL_SERIALIZER_Parameters_TO_DER_PQ>,
-B<OSSL_SERIALIZER_PUBKEY_TO_TEXT_PQ>,
-B<OSSL_SERIALIZER_PrivateKey_TO_TEXT_PQ>,
-B<OSSL_SERIALIZER_Parameters_TO_TEXT_PQ> are convenience macros with
-property queries to serialize the B<EVP_PKEY> as a public key, private
-key or parameters to B<PEM>, to B<DER>, or to text.
-
-=head1 RETURN VALUES
-
-OSSL_SERIALIZER_CTX_new_by_EVP_PKEY() returns a pointer to a
-B<OSSL_SERIALIZER_CTX>, or NULL if it couldn't be created.
-
-OSSL_SERIALIZER_CTX_set_cipher(),
-OSSL_SERIALIZER_CTX_set_passphrase(),
-OSSL_SERIALIZER_CTX_set_passphrase_cb(), and
-OSSL_SERIALIZER_CTX_set_passphrase_ui() all return 1 on success, or 0
-on failure.
-
-=head1 NOTES
-
-Parts of the function and macro names are made to match already
-existing OpenSSL names.
-
-B<EVP_PKEY> in OSSL_SERIALIZER_CTX_new_by_EVP_PKEY() matches the type
-name, thus making for the naming pattern
-B<OSSL_SERIALIZER_CTX_new_by_I<TYPE>>() when new types are handled.
-
-B<PUBKEY>, B<PrivateKey> and B<Parameters> in the macro names match
-the B<I<TYPE>> part of B<PEM_write_bio_I<TYPE>> functions as well
-as B<i2d_I<TYPE>_bio> functions.
-
-=head1 SEE ALSO
-
-L<provider(7)>, L<OSSL_SERIALIZER(3)>, L<OSSL_SERIALIZER_CTX(3)>
-
-=head1 HISTORY
-
-The functions described here were added in OpenSSL 3.0.
-
-=head1 COPYRIGHT
-
-Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
-
-Licensed under the Apache License 2.0 (the "License").  You may not use
-this file except in compliance with the License.  You can obtain a copy
-in the file LICENSE in the source distribution or at
-L<https://www.openssl.org/source/license.html>.
-
-=cut
diff --git a/doc/man7/OSSL_PROVIDER-FIPS.pod b/doc/man7/OSSL_PROVIDER-FIPS.pod
index dd4d21f7cc..fc9c191855 100644
--- a/doc/man7/OSSL_PROVIDER-FIPS.pod
+++ b/doc/man7/OSSL_PROVIDER-FIPS.pod
@@ -35,7 +35,7 @@ make sure to get implementations of this provider and none other.
 The "fips=yes" property can be use to make sure only FIPS approved
 implementations are used for crypto operations.  This may also include
 other non-crypto support operations that are not in the fips provider,
-such as asymmetric key serializers,
+such as asymmetric key encoders,
 see L<OSSL_PROVIDER-default(7)/Asymmetric Key Management>.
 
 =head1 OPERATIONS AND ALGORITHMS
diff --git a/doc/man7/OSSL_PROVIDER-base.pod b/doc/man7/OSSL_PROVIDER-base.pod
index 5896c5a91e..06b608be60 100644
--- a/doc/man7/OSSL_PROVIDER-base.pod
+++ b/doc/man7/OSSL_PROVIDER-base.pod
@@ -6,7 +6,7 @@ OSSL_PROVIDER-base - OpenSSL base provider
 
 =head1 DESCRIPTION
 
-The OpenSSL base provider supplies the serialization for OpenSSL's
+The OpenSSL base provider supplies the encoding for OpenSSL's
 asymmetric cryptography.
 
 =head2 Properties
@@ -36,7 +36,7 @@ implementations of this provider and none other.
 =back
 
 These may be used in a property query string with fetching functions to select
-which data are to be serialized.  Either the private key material, the public
+which data are to be encoded.  Either the private key material, the public
 key material or the domain parameters can be selected.
 
 =over 4
@@ -50,32 +50,32 @@ key material or the domain parameters can be selected.
 =back
 
 These may be used in a property query string with fetching functions to select
-the serialization output format.  Either the DER, PEM and plaintext are
+the encoding output format.  Either the DER, PEM and plaintext are
 currently permitted.
 
 =head1 OPERATIONS AND ALGORITHMS
 
 The OpenSSL base provider supports these operations and algorithms:
 
-=head2 Asymmetric Key Serializer
+=head2 Asymmetric Key Encoder
 
-In addition to "provider=base", some of these serializers define the
+In addition to "provider=base", some of these encoders define the
 property "fips=yes", to allow them to be used together with the FIPS
 provider.
 
 =over 4
 
-=item RSA, see L<OSSL_SERIALIZER-RSA(7)>
+=item RSA, see L<OSSL_ENCODER-RSA(7)>
 
-=item DH, see L<OSSL_SERIALIZER-DH(7)>
+=item DH, see L<OSSL_ENCODER-DH(7)>
 
-=item DSA, see L<OSSL_SERIALIZER-DSA(7)>
+=item DSA, see L<OSSL_ENCODER-DSA(7)>
 
-=item EC, see L<OSSL_SERIALIZER-EC(7)>
+=item EC, see L<OSSL_ENCODER-EC(7)>
 
-=item X25519, see L<OSSL_SERIALIZER-X25519(7)>
+=item X25519, see L<OSSL_ENCODER-X25519(7)>
 
-=item X448, see L<OSSL_SERIALIZER-X448(7)>
+=item X448, see L<OSSL_ENCODER-X448(7)>
 
 =back
 
diff --git a/doc/man7/OSSL_PROVIDER-default.pod b/doc/man7/OSSL_PROVIDER-default.pod
index f82f8d8551..0b477b56c1 100644
--- a/doc/man7/OSSL_PROVIDER-default.pod
+++ b/doc/man7/OSSL_PROVIDER-default.pod
@@ -192,25 +192,25 @@ The OpenSSL default provider supports these operations and algorithms:
 
 =back
 
-=head2 Asymmetric Key Serializer
+=head2 Asymmetric Key Encoder
 
-The default provider also includes all of the serialization algorithms
+The default provider also includes all of the encoding algorithms
 present in the base provider.  Some of these have the property "fips=yes",
 to allow them to be used together with the FIPS provider.
 
 =over 4
 
-=item RSA, see L<OSSL_SERIALIZER-RSA(7)>
+=item RSA, see L<OSSL_ENCODER-RSA(7)>
 
-=item DH, see L<OSSL_SERIALIZER-DH(7)>
+=item DH, see L<OSSL_ENCODER-DH(7)>
 
-=item DSA, see L<OSSL_SERIALIZER-DSA(7)>
+=item DSA, see L<OSSL_ENCODER-DSA(7)>
 
-=item EC, see L<OSSL_SERIALIZER-EC(7)>
+=item EC, see L<OSSL_ENCODER-EC(7)>
 
-=item X25519, see L<OSSL_SERIALIZER-X25519(7)>
+=item X25519, see L<OSSL_ENCODER-X25519(7)>
 
-=item X448, see L<OSSL_SERIALIZER-X448(7)>
+=item X448, see L<OSSL_ENCODER-X448(7)>
 
 =back
 
diff --git a/doc/man7/provider-serializer.pod b/doc/man7/provider-encoder.pod
similarity index 56%
rename from doc/man7/provider-serializer.pod
rename to doc/man7/provider-encoder.pod
index 0c1662837f..99787e7040 100644
--- a/doc/man7/provider-serializer.pod
+++ b/doc/man7/provider-encoder.pod
@@ -2,16 +2,10 @@
 
 =head1 NAME
 
-provider-serializer - The SERIALIZER library E<lt>-E<gt> provider functions
+provider-encoder - The ENCODER library E<lt>-E<gt> provider functions
 
 =head1 SYNOPSIS
 
-=begin comment
-
-Future development will also include deserializing functions.
-
-=end comment
-
  #include <openssl/core_dispatch.h>
 
  /*
@@ -20,39 +14,42 @@ Future development will also include deserializing functions.
   * pointers in OSSL_DISPATCH arrays.
   */
 
- /* Functions to construct / destruct / manipulate the serializer context */
- void *OSSL_FUNC_serializer_newctx(void *provctx);
- void OSSL_FUNC_serializer_freectx(void *ctx);
- int OSSL_FUNC_serializer_set_ctx_params(void *ctx, const OSSL_PARAM params[]);
- const OSSL_PARAM *OSSL_FUNC_serializer_settable_ctx_params(void *provctx)
+ /* Functions to construct / destruct / manipulate the encoder context */
+ void *OSSL_FUNC_encoder_newctx(void *provctx);
+ void OSSL_FUNC_encoder_freectx(void *ctx);
+ int OSSL_FUNC_encoder_set_ctx_params(void *ctx, const OSSL_PARAM params[]);
+ const OSSL_PARAM *OSSL_FUNC_encoder_settable_ctx_params(void *provctx)
 
- /* Functions to serialize object data */
- int OSSL_FUNC_serializer_serialize_data(void *ctx, const OSSL_PARAM *data,
+ /* Functions to encode object data */
+ int OSSL_FUNC_encoder_encode_data(void *ctx, const OSSL_PARAM *data,
                                          OSSL_CORE_BIO *out,
                                          OSSL_PASSPHRASE_CALLBACK *cb,
                                          void *cbarg);
- int OSSL_FUNC_serializer_serialize_object(void *ctx, void *obj, OSSL_CORE_BIO *out,
+ int OSSL_FUNC_encoder_encode_object(void *ctx, void *obj, OSSL_CORE_BIO *out,
                                            OSSL_PASSPHRASE_CALLBACK *cb,
                                            void *cbarg);
 
 =head1 DESCRIPTION
 
-The SERIALIZER is a generic method to serialize any set of object data
+I<We use the wide term "encode" in this manual.  This includes but is
+not limited to serialization.>
+
+The ENCODER is a generic method to encode any set of object data
 in L<OSSL_PARAM(3)> array form, or any provider side object into
-serialized form, and write it to the given OSSL_CORE_BIO.  If the caller wants
-to get the serialized stream to memory, it should provide a
+encoded form, and write it to the given OSSL_CORE_BIO.  If the caller wants
+to get the encoded stream to memory, it should provide a
 L<BIO_s_membuf(3)>.
 
-The serializer doesn't need to know more about the B<OSSL_CORE_BIO> pointer than
+The encoder doesn't need to know more about the B<OSSL_CORE_BIO> pointer than
 being able to pass it to the appropriate BIO upcalls (see
 L<provider-base(7)/Core functions>).
 
-The serialization using the L<OSSL_PARAM(3)> array form allows a
-serializer to be used for data that's been exported from another
+The encoding using the L<OSSL_PARAM(3)> array form allows a
+encoder to be used for data that's been exported from another
 provider, and thereby allow them to exist independently of each
 other.
 
-The serialization using a provider side object can only be safely used
+The encoding using a provider side object can only be safely used
 with provider data coming from the same provider, for example keys
 with the L<KEYMGMT|provider-keymgmt(7)> provider.
 
@@ -66,34 +63,34 @@ All these "functions" have a corresponding function type definition
 named B<OSSL_{name}_fn>, and a helper function to retrieve the
 function pointer from a B<OSSL_DISPATCH> element named
 B<OSSL_FUNC_{name}>.
-For example, the "function" OSSL_FUNC_serializer_serialize_data() has these:
+For example, the "function" OSSL_FUNC_encoder_encode_data() has these:
 
  typedef int
-     (OSSL_FUNC_serializer_serialize_data_fn)(void *provctx,
+     (OSSL_FUNC_encoder_encode_data_fn)(void *provctx,
                                             const OSSL_PARAM params[],
                                             OSSL_CORE_BIO *out);
- static ossl_inline OSSL_FUNC_serializer_serialize_data_fn
-     OSSL_FUNC_serializer_serialize_data(const OSSL_DISPATCH *opf);
+ static ossl_inline OSSL_FUNC_encoder_encode_data_fn
+     OSSL_FUNC_encoder_encode_data(const OSSL_DISPATCH *opf);
 
 B<OSSL_DISPATCH> arrays are indexed by numbers that are provided as
 macros in L<openssl-core_dispatch.h(7)>, as follows:
 
- OSSL_FUNC_serializer_newctx              OSSL_FUNC_SERIALIZER_NEWCTX
- OSSL_FUNC_serializer_freectx             OSSL_FUNC_SERIALIZER_FREECTX
- OSSL_FUNC_serializer_set_ctx_params      OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS
- OSSL_FUNC_serializer_settable_ctx_params OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS
+ OSSL_FUNC_encoder_newctx              OSSL_FUNC_ENCODER_NEWCTX
+ OSSL_FUNC_encoder_freectx             OSSL_FUNC_ENCODER_FREECTX
+ OSSL_FUNC_encoder_set_ctx_params      OSSL_FUNC_ENCODER_SET_CTX_PARAMS
+ OSSL_FUNC_encoder_settable_ctx_params OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS
 
- OSSL_FUNC_serializer_serialize_data      OSSL_FUNC_SERIALIZER_SERIALIZE_DATA
- OSSL_FUNC_serializer_serialize_object    OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT
+ OSSL_FUNC_encoder_encode_data      OSSL_FUNC_ENCODER_ENCODE_DATA
+ OSSL_FUNC_encoder_encode_object    OSSL_FUNC_ENCODER_ENCODE_OBJECT
 
 =head2 Names and properties
 
 The name of an implementation should match the type of object it
-handles.  For example, an implementation that serializes an RSA key
+handles.  For example, an implementation that encodes an RSA key
 should be named accordingly.
 
-To be able to specify exactly what serialization format and what type
-of data a serializer implementation is expected to handle, two
+To be able to specify exactly what encoding format and what type
+of data a encoder implementation is expected to handle, two
 additional properties may be given:
 
 =over 4
@@ -156,77 +153,77 @@ know anything about.
 
 =head2 Context functions
 
-OSSL_FUNC_serializer_newctx() returns a context to be used with the rest of
+OSSL_FUNC_encoder_newctx() returns a context to be used with the rest of
 the functions.
 
-OSSL_FUNC_serializer_freectx() frees the given I<ctx>, if it was created by
-OSSL_FUNC_serializer_newctx().
+OSSL_FUNC_encoder_freectx() frees the given I<ctx>, if it was created by
+OSSL_FUNC_encoder_newctx().
 
-OSSL_FUNC_serializer_set_ctx_params() sets context data according to
+OSSL_FUNC_encoder_set_ctx_params() sets context data according to
 parameters from I<params> that it recognises.  Unrecognised parameters
 should be ignored.
 
-OSSL_FUNC_serializer_settable_ctx_params() returns a constant B<OSSL_PARAM>
-array describing the parameters that OSSL_FUNC_serializer_set_ctx_params()
+OSSL_FUNC_encoder_settable_ctx_params() returns a constant B<OSSL_PARAM>
+array describing the parameters that OSSL_FUNC_encoder_set_ctx_params()
 can handle.
 
 See L<OSSL_PARAM(3)> for further details on the parameters structure used
-by OSSL_FUNC_serializer_set_ctx_params() and OSSL_FUNC_serializer_settable_ctx_params().
+by OSSL_FUNC_encoder_set_ctx_params() and OSSL_FUNC_encoder_settable_ctx_params().
 
-=head2 Serializing functions
+=head2 Encoding functions
 
-=for comment There will be a "Deserializing functions" title as well
+=for comment There will be a "Decoding functions" title as well
 
-OSSL_FUNC_serializer_serialize_data() should take an array of B<OSSL_PARAM>,
+OSSL_FUNC_encoder_encode_data() should take an array of B<OSSL_PARAM>,
 I<data>, and if it contains the data necessary for the object type
 that the implementation handles, it should output the object in
-serialized form to the B<OSSL_CORE_BIO>.
+encoded form to the B<OSSL_CORE_BIO>.
 
-OSSL_FUNC_serializer_serialize_object() should take a pointer to an object
-that it knows intimately, and output that object in serialized form to
+OSSL_FUNC_encoder_encode_object() should take a pointer to an object
+that it knows intimately, and output that object in encoded form to
 the B<OSSL_CORE_BIO>.  The caller I<must> ensure that this function is called
 with a pointer that the provider of this function is familiar with.
 It is not suitable to use with object pointers coming from other
 providers.
 
-Both serialization functions also take an B<OSSL_PASSPHRASE_CALLBACK>
+Both encoding functions also take an B<OSSL_PASSPHRASE_CALLBACK>
 function pointer along with a pointer to application data I<cbarg>,
 which should be used when a pass phrase prompt is needed.
 
-=head2 Serializer parameters
+=head2 Encoder parameters
 
-Parameters currently recognised by built-in serializers are as
+Parameters currently recognised by built-in encoders are as
 follows:
 
 =over 4
 
-=item "cipher" (B<OSSL_SERIALIZER_PARAM_CIPHER>) <UTF8 string>
+=item "cipher" (B<OSSL_ENCODER_PARAM_CIPHER>) <UTF8 string>
 
 The name of the encryption cipher to be used when generating encrypted
-serialization.  This is used when serializing private keys, as well as
+encoding.  This is used when encoding private keys, as well as
 other objects that need protection.
 
-If this name is invalid for the serialization implementation, the
-implementation should refuse to perform the serialization, i.e.
-OSSL_FUNC_serializer_serialize_data() and OSSL_FUNC_serializer_serialize_object()
+If this name is invalid for the encoding implementation, the
+implementation should refuse to perform the encoding, i.e.
+OSSL_FUNC_encoder_encode_data() and OSSL_FUNC_encoder_encode_object()
 should return an error.
 
-=item "properties" (B<OSSL_SERIALIZER_PARAM_PROPERTIES>) <UTF8 string>
+=item "properties" (B<OSSL_ENCODER_PARAM_PROPERTIES>) <UTF8 string>
 
 The properties to be queried when trying to fetch the algorithm given
 with the "cipher" parameter.
 This must be given together with the "cipher" parameter to be
 considered valid.
 
-The serialization implementation isn't obligated to use this value.
+The encoding implementation isn't obligated to use this value.
 However, it is recommended that implementations that do not handle
 property strings return an error on receiving this parameter unless
 its value NULL or the empty string.
 
-=item "passphrase" (B<OSSL_SERIALIZER_PARAM_PASS>) <octet string>
+=item "passphrase" (B<OSSL_ENCODER_PARAM_PASS>) <octet string>
 
 A pass phrase provided by the application.  When this is given, the
-built-in serializers will not attempt to use the passphrase callback.
+built-in encoders will not attempt to use the passphrase callback.
 
 =back
 
@@ -244,16 +241,16 @@ of object it's being prompted for.
 
 =head1 RETURN VALUES
 
-OSSL_FUNC_serializer_newctx() returns a pointer to a context, or NULL on
+OSSL_FUNC_encoder_newctx() returns a pointer to a context, or NULL on
 failure.
 
-OSSL_FUNC_serializer_set_ctx_params() returns 1, unless a recognised
+OSSL_FUNC_encoder_set_ctx_params() returns 1, unless a recognised
 parameters was invalid or caused an error, for which 0 is returned.
 
-OSSL_FUNC_serializer_settable_ctx_params() returns a pointer to an array of
+OSSL_FUNC_encoder_settable_ctx_params() returns a pointer to an array of
 constant B<OSSL_PARAM> elements.
 
-OSSL_FUNC_serializer_serialize_data() and OSSL_FUNC_serializer_serialize_object()
+OSSL_FUNC_encoder_encode_data() and OSSL_FUNC_encoder_encode_object()
 return 1 on success, or 0 on failure.
 
 =head1 SEE ALSO
@@ -262,7 +259,7 @@ L<provider(7)>
 
 =head1 HISTORY
 
-The SERIALIZER interface was introduced in OpenSSL 3.0.
+The ENCODER interface was introduced in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
diff --git a/doc/man7/provider.pod b/doc/man7/provider.pod
index 62ff8695f1..2f7f019650 100644
--- a/doc/man7/provider.pod
+++ b/doc/man7/provider.pod
@@ -154,13 +154,13 @@ The number for this operation is B<OSSL_OP_ASYM_CIPHER>.
 The functions the provider can offer are described in
 L<provider-asym_cipher(7)>
 
-=item Serialization
+=item Encoding
 
 In the OpenSSL libraries, the corresponding method object is
-B<OSSL_SERIALIZER>.
-The number for this operation is B<OSSL_OP_SERIALIZER>.
+B<OSSL_ENCODER>.
+The number for this operation is B<OSSL_OP_ENCODER>.
 The functions the provider can offer are described in
-L<provider-serializer(7)>
+L<provider-encoder(7)>
 
 =back
 
@@ -277,7 +277,7 @@ The base provider is built in as part of the F<libcrypto> library.
 Should it be needed (if other providers are loaded and offer
 implementations of the same algorithms), the property "provider=base"
 can be used as a search criterion for these implementations. Some
-non-cryptographic algorithms (such as serializers for loading keys and
+non-cryptographic algorithms (such as encoders for loading keys and
 parameters from files) are not FIPS algorithm implementations in themselves but
 support algorithms from the FIPS provider and are allowed for use in "FIPS
 mode". The property "fips=yes" can be used to select such algorithms.
diff --git a/include/crypto/serializer.h b/include/crypto/encoder.h
similarity index 53%
rename from include/crypto/serializer.h
rename to include/crypto/encoder.h
index 84d6b54de7..f75a031c32 100644
--- a/include/crypto/serializer.h
+++ b/include/crypto/encoder.h
@@ -9,7 +9,7 @@
 
 #include <openssl/types.h>
 
-OSSL_SERIALIZER *ossl_serializer_fetch_by_number(OPENSSL_CTX *libctx, int id,
-                                                 const char *properties);
-OSSL_DESERIALIZER *ossl_deserializer_fetch_by_number(OPENSSL_CTX *libctx, int id,
-                                                     const char *properties);
+OSSL_ENCODER *ossl_encoder_fetch_by_number(OPENSSL_CTX *libctx, int id,
+                                           const char *properties);
+OSSL_DECODER *ossl_decoder_fetch_by_number(OPENSSL_CTX *libctx, int id,
+                                           const char *properties);
diff --git a/include/internal/cryptlib.h b/include/internal/cryptlib.h
index d0dd6fe2b5..3075bd70c0 100644
--- a/include/internal/cryptlib.h
+++ b/include/internal/cryptlib.h
@@ -155,8 +155,8 @@ typedef struct ossl_ex_data_global_st {
 # define OPENSSL_CTX_RAND_CRNGT_INDEX               7
 # define OPENSSL_CTX_THREAD_EVENT_HANDLER_INDEX     8
 # define OPENSSL_CTX_FIPS_PROV_INDEX                9
-# define OPENSSL_CTX_SERIALIZER_STORE_INDEX        10
-# define OPENSSL_CTX_DESERIALIZER_STORE_INDEX      11
+# define OPENSSL_CTX_ENCODER_STORE_INDEX        10
+# define OPENSSL_CTX_DECODER_STORE_INDEX      11
 # define OPENSSL_CTX_SELF_TEST_CB_INDEX            12
 # define OPENSSL_CTX_BIO_PROV_INDEX                13
 # define OPENSSL_CTX_GLOBAL_PROPERTIES             14
diff --git a/include/openssl/core_dispatch.h b/include/openssl/core_dispatch.h
index 55144f126b..ee589eae6b 100644
--- a/include/openssl/core_dispatch.h
+++ b/include/openssl/core_dispatch.h
@@ -191,8 +191,8 @@ OSSL_CORE_MAKE_FUNC(int, provider_self_test, (void *provctx))
 # define OSSL_OP_SIGNATURE                          12
 # define OSSL_OP_ASYM_CIPHER                        13
 /* New section for non-EVP operations */
-# define OSSL_OP_SERIALIZER                         20
-# define OSSL_OP_DESERIALIZER                       21
+# define OSSL_OP_ENCODER                         20
+# define OSSL_OP_DECODER                       21
 /* Highest known operation number */
 # define OSSL_OP__HIGHEST                           21
 
@@ -713,50 +713,50 @@ OSSL_CORE_MAKE_FUNC(int, asym_cipher_set_ctx_params,
 OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, asym_cipher_settable_ctx_params,
                     (void *provctx))
 
-/* Serializers and deserializers */
-# define OSSL_FUNC_SERIALIZER_NEWCTX                1
-# define OSSL_FUNC_SERIALIZER_FREECTX               2
-# define OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS        3
-# define OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS   4
-# define OSSL_FUNC_SERIALIZER_SERIALIZE_DATA       10
-# define OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT     11
-OSSL_CORE_MAKE_FUNC(void *, serializer_newctx, (void *provctx))
-OSSL_CORE_MAKE_FUNC(void, serializer_freectx, (void *ctx))
-OSSL_CORE_MAKE_FUNC(int, serializer_set_ctx_params,
+/* Encoders and decoders */
+# define OSSL_FUNC_ENCODER_NEWCTX                      1
+# define OSSL_FUNC_ENCODER_FREECTX                     2
+# define OSSL_FUNC_ENCODER_SET_CTX_PARAMS              3
+# define OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS         4
+# define OSSL_FUNC_ENCODER_ENCODE_DATA                10
+# define OSSL_FUNC_ENCODER_ENCODE_OBJECT              11
+OSSL_CORE_MAKE_FUNC(void *, encoder_newctx, (void *provctx))
+OSSL_CORE_MAKE_FUNC(void, encoder_freectx, (void *ctx))
+OSSL_CORE_MAKE_FUNC(int, encoder_set_ctx_params,
                     (void *ctx, const OSSL_PARAM params[]))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, serializer_settable_ctx_params,
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, encoder_settable_ctx_params,
                     (void *provctx))
 
-OSSL_CORE_MAKE_FUNC(int, serializer_serialize_data,
+OSSL_CORE_MAKE_FUNC(int, encoder_encode_data,
                     (void *ctx, const OSSL_PARAM[], OSSL_CORE_BIO *out,
                      OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg))
-OSSL_CORE_MAKE_FUNC(int, serializer_serialize_object,
+OSSL_CORE_MAKE_FUNC(int, encoder_encode_object,
                     (void *ctx, void *obj, OSSL_CORE_BIO *out,
                      OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg))
 
-# define OSSL_FUNC_DESERIALIZER_NEWCTX              1
-# define OSSL_FUNC_DESERIALIZER_FREECTX             2
-# define OSSL_FUNC_DESERIALIZER_GET_PARAMS          3
-# define OSSL_FUNC_DESERIALIZER_GETTABLE_PARAMS     4
-# define OSSL_FUNC_DESERIALIZER_SET_CTX_PARAMS      5
-# define OSSL_FUNC_DESERIALIZER_SETTABLE_CTX_PARAMS 6
-# define OSSL_FUNC_DESERIALIZER_DESERIALIZE        10
-# define OSSL_FUNC_DESERIALIZER_EXPORT_OBJECT      11
-OSSL_CORE_MAKE_FUNC(void *, deserializer_newctx, (void *provctx))
-OSSL_CORE_MAKE_FUNC(void, deserializer_freectx, (void *ctx))
-OSSL_CORE_MAKE_FUNC(int, deserializer_get_params, (OSSL_PARAM params[]))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, deserializer_gettable_params,
+# define OSSL_FUNC_DECODER_NEWCTX                      1
+# define OSSL_FUNC_DECODER_FREECTX                     2
+# define OSSL_FUNC_DECODER_GET_PARAMS                  3
+# define OSSL_FUNC_DECODER_GETTABLE_PARAMS             4
+# define OSSL_FUNC_DECODER_SET_CTX_PARAMS              5
+# define OSSL_FUNC_DECODER_SETTABLE_CTX_PARAMS         6
+# define OSSL_FUNC_DECODER_DECODE                     10
+# define OSSL_FUNC_DECODER_EXPORT_OBJECT              11
+OSSL_CORE_MAKE_FUNC(void *, decoder_newctx, (void *provctx))
+OSSL_CORE_MAKE_FUNC(void, decoder_freectx, (void *ctx))
+OSSL_CORE_MAKE_FUNC(int, decoder_get_params, (OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, decoder_gettable_params,
                     (void *provctx))
-OSSL_CORE_MAKE_FUNC(int, deserializer_set_ctx_params,
+OSSL_CORE_MAKE_FUNC(int, decoder_set_ctx_params,
                     (void *ctx, const OSSL_PARAM params[]))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, deserializer_settable_ctx_params,
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, decoder_settable_ctx_params,
                     (void *provctx))
 
-OSSL_CORE_MAKE_FUNC(int, deserializer_deserialize,
+OSSL_CORE_MAKE_FUNC(int, decoder_decode,
                     (void *ctx, OSSL_CORE_BIO *in,
                      OSSL_CALLBACK *metadata_cb, void *metadata_cbarg,
                      OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg))
-OSSL_CORE_MAKE_FUNC(int, deserializer_export_object,
+OSSL_CORE_MAKE_FUNC(int, decoder_export_object,
                     (void *ctx, const void *objref, size_t objref_sz,
                      OSSL_CALLBACK *export_cb, void *export_cbarg))
 
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
index 97c4d65949..7538d9ce93 100644
--- a/include/openssl/core_names.h
+++ b/include/openssl/core_names.h
@@ -400,23 +400,23 @@ extern "C" {
 #define OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION   "tls-negotiated-version"
 
 /*
- * Serializer / deserializer parameters
+ * Encoder / decoder parameters
  */
 /* The passphrase may be passed as a utf8 string or an octet string */
-#define OSSL_SERIALIZER_PARAM_CIPHER            OSSL_ALG_PARAM_CIPHER
-#define OSSL_SERIALIZER_PARAM_PROPERTIES        OSSL_ALG_PARAM_PROPERTIES
-#define OSSL_SERIALIZER_PARAM_PASS              "passphrase"
-
-#define OSSL_DESERIALIZER_PARAM_CIPHER          OSSL_ALG_PARAM_CIPHER
-#define OSSL_DESERIALIZER_PARAM_PROPERTIES      OSSL_ALG_PARAM_PROPERTIES
-#define OSSL_DESERIALIZER_PARAM_PASS            "passphrase"
-#define OSSL_DESERIALIZER_PARAM_INPUT_TYPE      "input-type"
-#define OSSL_DESERIALIZER_PARAM_DATA_TYPE       "data-type"
-#define OSSL_DESERIALIZER_PARAM_DATA            "data"
-#define OSSL_DESERIALIZER_PARAM_REFERENCE       "reference"
+#define OSSL_ENCODER_PARAM_CIPHER       OSSL_ALG_PARAM_CIPHER
+#define OSSL_ENCODER_PARAM_PROPERTIES   OSSL_ALG_PARAM_PROPERTIES
+#define OSSL_ENCODER_PARAM_PASS         "passphrase"
+
+#define OSSL_DECODER_PARAM_CIPHER       OSSL_ALG_PARAM_CIPHER
+#define OSSL_DECODER_PARAM_PROPERTIES   OSSL_ALG_PARAM_PROPERTIES
+#define OSSL_DECODER_PARAM_PASS         "passphrase"
+#define OSSL_DECODER_PARAM_INPUT_TYPE   "input-type"
+#define OSSL_DECODER_PARAM_DATA_TYPE    "data-type"
+#define OSSL_DECODER_PARAM_DATA         "data"
+#define OSSL_DECODER_PARAM_REFERENCE    "reference"
 
 /* Passphrase callback parameters */
-#define OSSL_PASSPHRASE_PARAM_INFO              "info"
+#define OSSL_PASSPHRASE_PARAM_INFO      "info"
 
 /* Keygen callback parameters, from provider to libcrypto */
 #define OSSL_GEN_PARAM_POTENTIAL            "potential" /* integer */
diff --git a/include/openssl/decoder.h b/include/openssl/decoder.h
new file mode 100644
index 0000000000..cb5a404b89
--- /dev/null
+++ b/include/openssl/decoder.h
@@ -0,0 +1,117 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_DECODER_H
+# define OPENSSL_DECODER_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_STDIO
+#  include <stdio.h>
+# endif
+# include <stdarg.h>
+# include <stddef.h>
+# include <openssl/decodererr.h>
+# include <openssl/types.h>
+# include <openssl/core.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+OSSL_DECODER *OSSL_DECODER_fetch(OPENSSL_CTX *libctx, const char *name,
+                                 const char *properties);
+int OSSL_DECODER_up_ref(OSSL_DECODER *encoder);
+void OSSL_DECODER_free(OSSL_DECODER *encoder);
+
+const OSSL_PROVIDER *OSSL_DECODER_provider(const OSSL_DECODER *encoder);
+const char *OSSL_DECODER_properties(const OSSL_DECODER *encoder);
+int OSSL_DECODER_number(const OSSL_DECODER *encoder);
+int OSSL_DECODER_is_a(const OSSL_DECODER *encoder, const char *name);
+
+void OSSL_DECODER_do_all_provided(OPENSSL_CTX *libctx,
+                                  void (*fn)(OSSL_DECODER *encoder, void *arg),
+                                  void *arg);
+void OSSL_DECODER_names_do_all(const OSSL_DECODER *encoder,
+                               void (*fn)(const char *name, void *data),
+                               void *data);
+const OSSL_PARAM *OSSL_DECODER_gettable_params(OSSL_DECODER *decoder);
+int OSSL_DECODER_get_params(OSSL_DECODER *decoder, OSSL_PARAM params[]);
+
+const OSSL_PARAM *OSSL_DECODER_settable_ctx_params(OSSL_DECODER *encoder);
+OSSL_DECODER_CTX *OSSL_DECODER_CTX_new(void);
+int OSSL_DECODER_CTX_set_params(OSSL_DECODER_CTX *ctx,
+                                const OSSL_PARAM params[]);
+void OSSL_DECODER_CTX_free(OSSL_DECODER_CTX *ctx);
+
+/* Utilities that help set specific parameters */
+int OSSL_DECODER_CTX_set_passphrase(OSSL_DECODER_CTX *ctx,
+                                    const unsigned char *kstr,
+                                    size_t klen);
+int OSSL_DECODER_CTX_set_pem_password_cb(OSSL_DECODER_CTX *ctx,
+                                         pem_password_cb *cb,
+                                         void *cbarg);
+int OSSL_DECODER_CTX_set_passphrase_ui(OSSL_DECODER_CTX *ctx,
+                                       const UI_METHOD *ui_method,
+                                       void *ui_data);
+
+/*
+ * Utilities to read the object to decode, with the result sent to cb.
+ * These will discover all provided methods
+ */
+
+int OSSL_DECODER_CTX_set_input_type(OSSL_DECODER_CTX *ctx,
+                                    const char *input_type);
+int OSSL_DECODER_CTX_add_decoder(OSSL_DECODER_CTX *ctx, OSSL_DECODER *decoder);
+int OSSL_DECODER_CTX_add_extra(OSSL_DECODER_CTX *ctx,
+                               OPENSSL_CTX *libctx, const char *propq);
+int OSSL_DECODER_CTX_num_decoders(OSSL_DECODER_CTX *ctx);
+
+typedef struct ossl_decoder_instance_st OSSL_DECODER_INSTANCE;
+OSSL_DECODER *
+OSSL_DECODER_INSTANCE_decoder(OSSL_DECODER_INSTANCE *decoder_inst);
+void *OSSL_DECODER_INSTANCE_decoder_ctx(OSSL_DECODER_INSTANCE *decoder_inst);
+
+typedef int (OSSL_DECODER_CONSTRUCT)(OSSL_DECODER_INSTANCE *decoder_inst,
+                                     const OSSL_PARAM *params,
+                                     void *construct_data);
+typedef void (OSSL_DECODER_CLEANUP)(void *construct_data);
+
+int OSSL_DECODER_CTX_set_construct(OSSL_DECODER_CTX *ctx,
+                                   OSSL_DECODER_CONSTRUCT *construct);
+int OSSL_DECODER_CTX_set_construct_data(OSSL_DECODER_CTX *ctx,
+                                        void *construct_data);
+int OSSL_DECODER_CTX_set_cleanup(OSSL_DECODER_CTX *ctx,
+                                 OSSL_DECODER_CLEANUP *cleanup);
+OSSL_DECODER_CONSTRUCT *OSSL_DECODER_CTX_get_construct(OSSL_DECODER_CTX *ctx);
+void *OSSL_DECODER_CTX_get_construct_data(OSSL_DECODER_CTX *ctx);
+OSSL_DECODER_CLEANUP *OSSL_DECODER_CTX_get_cleanup(OSSL_DECODER_CTX *ctx);
+
+int OSSL_DECODER_export(OSSL_DECODER_INSTANCE *decoder_inst,
+                        void *reference, size_t reference_sz,
+                        OSSL_CALLBACK *export_cb, void *export_cbarg);
+
+int OSSL_DECODER_from_bio(OSSL_DECODER_CTX *ctx, BIO *in);
+#ifndef OPENSSL_NO_STDIO
+int OSSL_DECODER_from_fp(OSSL_DECODER_CTX *ctx, FILE *in);
+#endif
+
+/*
+ * Create the OSSL_DECODER_CTX with an associated type.  This will perform
+ * an implicit OSSL_DECODER_fetch(), suitable for the object of that type.
+ */
+OSSL_DECODER_CTX *
+OSSL_DECODER_CTX_new_by_EVP_PKEY(EVP_PKEY **pkey, const char *input_type,
+                                 OPENSSL_CTX *libctx, const char *propquery);
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/include/openssl/deserializererr.h b/include/openssl/decodererr.h
similarity index 68%
rename from include/openssl/deserializererr.h
rename to include/openssl/decodererr.h
index 1c6573afb6..8da9157814 100644
--- a/include/openssl/deserializererr.h
+++ b/include/openssl/decodererr.h
@@ -8,8 +8,8 @@
  * https://www.openssl.org/source/license.html
  */
 
-#ifndef OPENSSL_OSSL_DESERIALIZERERR_H
-# define OPENSSL_OSSL_DESERIALIZERERR_H
+#ifndef OPENSSL_OSSL_DECODERERR_H
+# define OPENSSL_OSSL_DECODERERR_H
 # pragma once
 
 # include <openssl/opensslconf.h>
@@ -19,17 +19,17 @@
 # ifdef  __cplusplus
 extern "C"
 # endif
-int ERR_load_OSSL_DESERIALIZER_strings(void);
+int ERR_load_OSSL_DECODER_strings(void);
 
 /*
- * OSSL_DESERIALIZER function codes.
+ * OSSL_DECODER function codes.
  */
 # ifndef OPENSSL_NO_DEPRECATED_3_0
 # endif
 
 /*
- * OSSL_DESERIALIZER reason codes.
+ * OSSL_DECODER reason codes.
  */
-# define OSSL_DESERIALIZER_R_MISSING_GET_PARAMS           100
+# define OSSL_DECODER_R_MISSING_GET_PARAMS           100
 
 #endif
diff --git a/include/openssl/deserializer.h b/include/openssl/deserializer.h
deleted file mode 100644
index 0133785b50..0000000000
--- a/include/openssl/deserializer.h
+++ /dev/null
@@ -1,125 +0,0 @@
-/*
- * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#ifndef OPENSSL_DESERIALIZER_H
-# define OPENSSL_DESERIALIZER_H
-# pragma once
-
-# include <openssl/opensslconf.h>
-
-# ifndef OPENSSL_NO_STDIO
-#  include <stdio.h>
-# endif
-# include <stdarg.h>
-# include <stddef.h>
-# include <openssl/deserializererr.h>
-# include <openssl/types.h>
-# include <openssl/core.h>
-
-# ifdef __cplusplus
-extern "C" {
-# endif
-
-OSSL_DESERIALIZER *OSSL_DESERIALIZER_fetch(OPENSSL_CTX *libctx,
-                                           const char *name,
-                                           const char *properties);
-int OSSL_DESERIALIZER_up_ref(OSSL_DESERIALIZER *ser);
-void OSSL_DESERIALIZER_free(OSSL_DESERIALIZER *ser);
-
-const OSSL_PROVIDER *OSSL_DESERIALIZER_provider(const OSSL_DESERIALIZER *ser);
-const char *OSSL_DESERIALIZER_properties(const OSSL_DESERIALIZER *ser);
-int OSSL_DESERIALIZER_number(const OSSL_DESERIALIZER *ser);
-int OSSL_DESERIALIZER_is_a(const OSSL_DESERIALIZER *ser,
-                           const char *name);
-
-void OSSL_DESERIALIZER_do_all_provided(OPENSSL_CTX *libctx,
-                                       void (*fn)(OSSL_DESERIALIZER *ser,
-                                                  void *arg),
-                                       void *arg);
-void OSSL_DESERIALIZER_names_do_all(const OSSL_DESERIALIZER *ser,
-                                    void (*fn)(const char *name, void *data),
-                                    void *data);
-const OSSL_PARAM *OSSL_DESERIALIZER_gettable_params(OSSL_DESERIALIZER *deser);
-int OSSL_DESERIALIZER_get_params(OSSL_DESERIALIZER *deser, OSSL_PARAM params[]);
-
-const OSSL_PARAM *OSSL_DESERIALIZER_settable_ctx_params(OSSL_DESERIALIZER *ser);
-OSSL_DESERIALIZER_CTX *OSSL_DESERIALIZER_CTX_new(void);
-int OSSL_DESERIALIZER_CTX_set_params(OSSL_DESERIALIZER_CTX *ctx,
-                                     const OSSL_PARAM params[]);
-void OSSL_DESERIALIZER_CTX_free(OSSL_DESERIALIZER_CTX *ctx);
-
-/* Utilities that help set specific parameters */
-int OSSL_DESERIALIZER_CTX_set_passphrase(OSSL_DESERIALIZER_CTX *ctx,
-                                         const unsigned char *kstr,
-                                         size_t klen);
-int OSSL_DESERIALIZER_CTX_set_pem_password_cb(OSSL_DESERIALIZER_CTX *ctx,
-                                              pem_password_cb *cb,
-                                              void *cbarg);
-int OSSL_DESERIALIZER_CTX_set_passphrase_ui(OSSL_DESERIALIZER_CTX *ctx,
-                                            const UI_METHOD *ui_method,
-                                            void *ui_data);
-
-/*
- * Utilities to read the object to deserialize, with the result sent to cb.
- * These will discover all provided methods
- */
-
-int OSSL_DESERIALIZER_CTX_set_input_type(OSSL_DESERIALIZER_CTX *ctx,
-                                         const char *input_type);
-int OSSL_DESERIALIZER_CTX_add_deserializer(OSSL_DESERIALIZER_CTX *ctx,
-                                           OSSL_DESERIALIZER *deser);
-int OSSL_DESERIALIZER_CTX_add_extra(OSSL_DESERIALIZER_CTX *ctx,
-                                    OPENSSL_CTX *libctx, const char *propq);
-int OSSL_DESERIALIZER_CTX_num_deserializers(OSSL_DESERIALIZER_CTX *ctx);
-
-typedef struct ossl_deserializer_instance_st OSSL_DESERIALIZER_INSTANCE;
-OSSL_DESERIALIZER *OSSL_DESERIALIZER_INSTANCE_deserializer
-    (OSSL_DESERIALIZER_INSTANCE *deser_inst);
-void *OSSL_DESERIALIZER_INSTANCE_deserializer_ctx
-    (OSSL_DESERIALIZER_INSTANCE *deser_inst);
-
-typedef int (OSSL_DESERIALIZER_CONSTRUCT)
-    (OSSL_DESERIALIZER_INSTANCE *deser_inst,
-     const OSSL_PARAM *params, void *construct_data);
-typedef void (OSSL_DESERIALIZER_CLEANUP)(void *construct_data);
-
-int OSSL_DESERIALIZER_CTX_set_construct(OSSL_DESERIALIZER_CTX *ctx,
-                                        OSSL_DESERIALIZER_CONSTRUCT *construct);
-int OSSL_DESERIALIZER_CTX_set_construct_data(OSSL_DESERIALIZER_CTX *ctx,
-                                             void *construct_data);
-int OSSL_DESERIALIZER_CTX_set_cleanup(OSSL_DESERIALIZER_CTX *ctx,
-                                      OSSL_DESERIALIZER_CLEANUP *cleanup);
-OSSL_DESERIALIZER_CONSTRUCT *
-OSSL_DESERIALIZER_CTX_get_construct(OSSL_DESERIALIZER_CTX *ctx);
-void *OSSL_DESERIALIZER_CTX_get_construct_data(OSSL_DESERIALIZER_CTX *ctx);
-OSSL_DESERIALIZER_CLEANUP *
-OSSL_DESERIALIZER_CTX_get_cleanup(OSSL_DESERIALIZER_CTX *ctx);
-
-int OSSL_DESERIALIZER_export(OSSL_DESERIALIZER_INSTANCE *deser_inst,
-                             void *reference, size_t reference_sz,
-                             OSSL_CALLBACK *export_cb, void *export_cbarg);
-
-int OSSL_DESERIALIZER_from_bio(OSSL_DESERIALIZER_CTX *ctx, BIO *in);
-#ifndef OPENSSL_NO_STDIO
-int OSSL_DESERIALIZER_from_fp(OSSL_DESERIALIZER_CTX *ctx, FILE *in);
-#endif
-
-/*
- * Create the OSSL_DESERIALIZER_CTX with an associated type.  This will perform
- * an implicit OSSL_DESERIALIZER_fetch(), suitable for the object of that type.
- */
-OSSL_DESERIALIZER_CTX *
-OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY(EVP_PKEY **pkey, const char *input_type,
-                                      OPENSSL_CTX *libctx,
-                                      const char *propquery);
-
-# ifdef __cplusplus
-}
-# endif
-#endif
diff --git a/include/openssl/encoder.h b/include/openssl/encoder.h
new file mode 100644
index 0000000000..10b2bc9188
--- /dev/null
+++ b/include/openssl/encoder.h
@@ -0,0 +1,100 @@
+/*
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_ENCODER_H
+# define OPENSSL_ENCODER_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_STDIO
+#  include <stdio.h>
+# endif
+# include <stdarg.h>
+# include <stddef.h>
+# include <openssl/encodererr.h>
+# include <openssl/types.h>
+# include <openssl/core.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+OSSL_ENCODER *OSSL_ENCODER_fetch(OPENSSL_CTX *libctx, const char *name,
+                                 const char *properties);
+int OSSL_ENCODER_up_ref(OSSL_ENCODER *encoder);
+void OSSL_ENCODER_free(OSSL_ENCODER *encoder);
+
+const OSSL_PROVIDER *OSSL_ENCODER_provider(const OSSL_ENCODER *encoder);
+const char *OSSL_ENCODER_properties(const OSSL_ENCODER *encoder);
+int OSSL_ENCODER_number(const OSSL_ENCODER *encoder);
+int OSSL_ENCODER_is_a(const OSSL_ENCODER *encoder, const char *name);
+
+void OSSL_ENCODER_do_all_provided(OPENSSL_CTX *libctx,
+                                  void (*fn)(OSSL_ENCODER *encoder, void *arg),
+                                  void *arg);
+void OSSL_ENCODER_names_do_all(const OSSL_ENCODER *encoder,
+                               void (*fn)(const char *name, void *data),
+                               void *data);
+
+const OSSL_PARAM *OSSL_ENCODER_settable_ctx_params(OSSL_ENCODER *encoder);
+OSSL_ENCODER_CTX *OSSL_ENCODER_CTX_new(OSSL_ENCODER *encoder);
+const OSSL_ENCODER *OSSL_ENCODER_CTX_get_encoder(OSSL_ENCODER_CTX *ctx);
+int OSSL_ENCODER_CTX_set_params(OSSL_ENCODER_CTX *ctx,
+                                const OSSL_PARAM params[]);
+void OSSL_ENCODER_CTX_free(OSSL_ENCODER_CTX *ctx);
+
+/* Utilities that help set specific parameters */
+int OSSL_ENCODER_CTX_set_cipher(OSSL_ENCODER_CTX *ctx,
+                                const char *cipher_name,
+                                const char *propquery);
+int OSSL_ENCODER_CTX_set_passphrase(OSSL_ENCODER_CTX *ctx,
+                                    const unsigned char *kstr,
+                                    size_t klen);
+int OSSL_ENCODER_CTX_set_passphrase_cb(OSSL_ENCODER_CTX *ctx,
+                                       pem_password_cb *cb, void *cbarg);
+int OSSL_ENCODER_CTX_set_passphrase_ui(OSSL_ENCODER_CTX *ctx,
+                                       const UI_METHOD *ui_method,
+                                       void *ui_data);
+
+/* Utilities to output the object to encode */
+int OSSL_ENCODER_to_bio(OSSL_ENCODER_CTX *ctx, BIO *out);
+#ifndef OPENSSL_NO_STDIO
+int OSSL_ENCODER_to_fp(OSSL_ENCODER_CTX *ctx, FILE *fp);
+#endif
+
+/*
+ * Create the OSSL_ENCODER_CTX with an associated type.  This will perform
+ * an implicit OSSL_ENCODER_fetch(), suitable for the object of that type.
+ * This is more useful than calling OSSL_ENCODER_CTX_new().
+ */
+OSSL_ENCODER_CTX *OSSL_ENCODER_CTX_new_by_EVP_PKEY(const EVP_PKEY *pkey,
+                                                   const char *propquery);
+
+/*
+ * These macros define the last argument to pass to
+ * OSSL_ENCODER_CTX_new_by_TYPE().
+ */
+# define OSSL_ENCODER_PUBKEY_TO_PEM_PQ "format=pem,type=public"
+# define OSSL_ENCODER_PrivateKey_TO_PEM_PQ "format=pem,type=private"
+# define OSSL_ENCODER_Parameters_TO_PEM_PQ "format=pem,type=parameters"
+
+# define OSSL_ENCODER_PUBKEY_TO_DER_PQ "format=der,type=public"
+# define OSSL_ENCODER_PrivateKey_TO_DER_PQ "format=der,type=private"
+# define OSSL_ENCODER_Parameters_TO_DER_PQ "format=der,type=parameters"
+
+/* Corresponding macros for text output */
+# define OSSL_ENCODER_PUBKEY_TO_TEXT_PQ "format=text,type=public"
+# define OSSL_ENCODER_PrivateKey_TO_TEXT_PQ "format=text,type=private"
+# define OSSL_ENCODER_Parameters_TO_TEXT_PQ "format=text,type=parameters"
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/include/openssl/serializererr.h b/include/openssl/encodererr.h
similarity index 64%
rename from include/openssl/serializererr.h
rename to include/openssl/encodererr.h
index f99143b4d1..007070e0c0 100644
--- a/include/openssl/serializererr.h
+++ b/include/openssl/encodererr.h
@@ -8,8 +8,8 @@
  * https://www.openssl.org/source/license.html
  */
 
-#ifndef OPENSSL_OSSL_SERIALIZERERR_H
-# define OPENSSL_OSSL_SERIALIZERERR_H
+#ifndef OPENSSL_OSSL_ENCODERERR_H
+# define OPENSSL_OSSL_ENCODERERR_H
 # pragma once
 
 # include <openssl/opensslconf.h>
@@ -19,18 +19,18 @@
 # ifdef  __cplusplus
 extern "C"
 # endif
-int ERR_load_OSSL_SERIALIZER_strings(void);
+int ERR_load_OSSL_ENCODER_strings(void);
 
 /*
- * OSSL_SERIALIZER function codes.
+ * OSSL_ENCODER function codes.
  */
 # ifndef OPENSSL_NO_DEPRECATED_3_0
 # endif
 
 /*
- * OSSL_SERIALIZER reason codes.
+ * OSSL_ENCODER reason codes.
  */
-# define OSSL_SERIALIZER_R_INCORRECT_PROPERTY_QUERY       100
-# define OSSL_SERIALIZER_R_SERIALIZER_NOT_FOUND           101
+# define OSSL_ENCODER_R_INCORRECT_PROPERTY_QUERY       100
+# define OSSL_ENCODER_R_ENCODER_NOT_FOUND           101
 
 #endif
diff --git a/include/openssl/err.h b/include/openssl/err.h
index 77bbba4f9f..4dd69c6a3f 100644
--- a/include/openssl/err.h
+++ b/include/openssl/err.h
@@ -113,8 +113,8 @@ struct err_state_st {
 # define ERR_LIB_CRMF            56
 # define ERR_LIB_PROV            57
 # define ERR_LIB_CMP             58
-# define ERR_LIB_OSSL_SERIALIZER 59
-# define ERR_LIB_OSSL_DESERIALIZER 60
+# define ERR_LIB_OSSL_ENCODER 59
+# define ERR_LIB_OSSL_DECODER 60
 # define ERR_LIB_HTTP            61
 
 # define ERR_LIB_USER            128
diff --git a/include/openssl/serializer.h b/include/openssl/serializer.h
deleted file mode 100644
index 50c85d617f..0000000000
--- a/include/openssl/serializer.h
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
- * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#ifndef OPENSSL_SERIALIZER_H
-# define OPENSSL_SERIALIZER_H
-# pragma once
-
-# include <openssl/opensslconf.h>
-
-# ifndef OPENSSL_NO_STDIO
-#  include <stdio.h>
-# endif
-# include <stdarg.h>
-# include <stddef.h>
-# include <openssl/serializererr.h>
-# include <openssl/types.h>
-# include <openssl/core.h>
-
-# ifdef __cplusplus
-extern "C" {
-# endif
-
-OSSL_SERIALIZER *OSSL_SERIALIZER_fetch(OPENSSL_CTX *libctx,
-                                       const char *name,
-                                       const char *properties);
-int OSSL_SERIALIZER_up_ref(OSSL_SERIALIZER *ser);
-void OSSL_SERIALIZER_free(OSSL_SERIALIZER *ser);
-
-const OSSL_PROVIDER *OSSL_SERIALIZER_provider(const OSSL_SERIALIZER *ser);
-const char *OSSL_SERIALIZER_properties(const OSSL_SERIALIZER *ser);
-int OSSL_SERIALIZER_number(const OSSL_SERIALIZER *ser);
-int OSSL_SERIALIZER_is_a(const OSSL_SERIALIZER *ser,
-                         const char *name);
-
-void OSSL_SERIALIZER_do_all_provided(OPENSSL_CTX *libctx,
-                                     void (*fn)(OSSL_SERIALIZER *ser,
-                                                void *arg),
-                                     void *arg);
-void OSSL_SERIALIZER_names_do_all(const OSSL_SERIALIZER *ser,
-                                  void (*fn)(const char *name, void *data),
-                                  void *data);
-
-const OSSL_PARAM *OSSL_SERIALIZER_settable_ctx_params(OSSL_SERIALIZER *ser);
-OSSL_SERIALIZER_CTX *OSSL_SERIALIZER_CTX_new(OSSL_SERIALIZER *ser);
-const OSSL_SERIALIZER *
-OSSL_SERIALIZER_CTX_get_serializer(OSSL_SERIALIZER_CTX *ctx);
-int OSSL_SERIALIZER_CTX_set_params(OSSL_SERIALIZER_CTX *ctx,
-                                   const OSSL_PARAM params[]);
-void OSSL_SERIALIZER_CTX_free(OSSL_SERIALIZER_CTX *ctx);
-
-/* Utilities that help set specific parameters */
-int OSSL_SERIALIZER_CTX_set_cipher(OSSL_SERIALIZER_CTX *ctx,
-                                   const char *cipher_name,
-                                   const char *propquery);
-int OSSL_SERIALIZER_CTX_set_passphrase(OSSL_SERIALIZER_CTX *ctx,
-                                       const unsigned char *kstr,
-                                       size_t klen);
-int OSSL_SERIALIZER_CTX_set_passphrase_cb(OSSL_SERIALIZER_CTX *ctx,
-                                          pem_password_cb *cb, void *cbarg);
-int OSSL_SERIALIZER_CTX_set_passphrase_ui(OSSL_SERIALIZER_CTX *ctx,
-                                          const UI_METHOD *ui_method,
-                                          void *ui_data);
-
-/* Utilities to output the object to serialize */
-int OSSL_SERIALIZER_to_bio(OSSL_SERIALIZER_CTX *ctx, BIO *out);
-#ifndef OPENSSL_NO_STDIO
-int OSSL_SERIALIZER_to_fp(OSSL_SERIALIZER_CTX *ctx, FILE *fp);
-#endif
-
-/*
- * Create the OSSL_SERIALIZER_CTX with an associated type.  This will perform
- * an implicit OSSL_SERIALIZER_fetch(), suitable for the object of that type.
- * This is more useful than calling OSSL_SERIALIZER_CTX_new().
- */
-OSSL_SERIALIZER_CTX *OSSL_SERIALIZER_CTX_new_by_EVP_PKEY(const EVP_PKEY *pkey,
-                                                         const char *propquery);
-
-/*
- * These macros define the last argument to pass to
- * OSSL_SERIALIZER_CTX_new_by_TYPE().
- */
-# define OSSL_SERIALIZER_PUBKEY_TO_PEM_PQ "format=pem,type=public"
-# define OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ "format=pem,type=private"
-# define OSSL_SERIALIZER_Parameters_TO_PEM_PQ "format=pem,type=parameters"
-
-# define OSSL_SERIALIZER_PUBKEY_TO_DER_PQ "format=der,type=public"
-# define OSSL_SERIALIZER_PrivateKey_TO_DER_PQ "format=der,type=private"
-# define OSSL_SERIALIZER_Parameters_TO_DER_PQ "format=der,type=parameters"
-
-/* Corresponding macros for text output */
-# define OSSL_SERIALIZER_PUBKEY_TO_TEXT_PQ "format=text,type=public"
-# define OSSL_SERIALIZER_PrivateKey_TO_TEXT_PQ "format=text,type=private"
-# define OSSL_SERIALIZER_Parameters_TO_TEXT_PQ "format=text,type=parameters"
-
-# ifdef __cplusplus
-}
-# endif
-#endif
diff --git a/include/openssl/types.h b/include/openssl/types.h
index 496f42a101..cd0c51e8bf 100644
--- a/include/openssl/types.h
+++ b/include/openssl/types.h
@@ -212,10 +212,10 @@ typedef struct ossl_param_bld_st OSSL_PARAM_BLD;
 
 typedef int pem_password_cb (char *buf, int size, int rwflag, void *userdata);
 
-typedef struct ossl_serializer_st OSSL_SERIALIZER;
-typedef struct ossl_serializer_ctx_st OSSL_SERIALIZER_CTX;
-typedef struct ossl_deserializer_st OSSL_DESERIALIZER;
-typedef struct ossl_deserializer_ctx_st OSSL_DESERIALIZER_CTX;
+typedef struct ossl_encoder_st OSSL_ENCODER;
+typedef struct ossl_encoder_ctx_st OSSL_ENCODER_CTX;
+typedef struct ossl_decoder_st OSSL_DECODER;
+typedef struct ossl_decoder_ctx_st OSSL_DECODER_CTX;
 
 typedef struct ossl_self_test_st OSSL_SELF_TEST;
 
diff --git a/providers/baseprov.c b/providers/baseprov.c
index 917bf680d4..eb0e4afbd3 100644
--- a/providers/baseprov.c
+++ b/providers/baseprov.c
@@ -64,37 +64,37 @@ static int base_get_params(void *provctx, OSSL_PARAM params[])
     return 1;
 }
 
-static const OSSL_ALGORITHM base_serializer[] = {
-#define SER(name, fips, format, type, func_table)                           \
+static const OSSL_ALGORITHM base_encoder[] = {
+#define ENCODER(name, fips, format, type, func_table)                           \
     { name,                                                                 \
       "provider=base,fips=" fips ",format=" format ",type=" type,           \
       (func_table) }
 
-#include "serializers.inc"
+#include "encoders.inc"
     { NULL, NULL, NULL }
 };
-#undef SER
+#undef ENCODER
 
-static const OSSL_ALGORITHM base_deserializer[] = {
-#define DESER(name, fips, input, func_table)                                \
+static const OSSL_ALGORITHM base_decoder[] = {
+#define DECODER(name, fips, input, func_table)                                \
     { name,                                                                 \
       "provider=base,fips=" fips ",input=" input,                           \
       (func_table) }
 
-#include "deserializers.inc"
+#include "decoders.inc"
     { NULL, NULL, NULL }
 };
-#undef DESER
+#undef DECODER
 
 static const OSSL_ALGORITHM *base_query(void *provctx, int operation_id,
                                          int *no_cache)
 {
     *no_cache = 0;
     switch (operation_id) {
-    case OSSL_OP_SERIALIZER:
-        return base_serializer;
-    case OSSL_OP_DESERIALIZER:
-        return base_deserializer;
+    case OSSL_OP_ENCODER:
+        return base_encoder;
+    case OSSL_OP_DECODER:
+        return base_decoder;
     }
     return NULL;
 }
diff --git a/providers/decoders.inc b/providers/decoders.inc
new file mode 100644
index 0000000000..d8c6da72e1
--- /dev/null
+++ b/providers/decoders.inc
@@ -0,0 +1,42 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef DECODER
+# error Macro DECODER undefined
+#endif
+
+#ifndef OPENSSL_NO_DH
+    DECODER("DH", "yes", "der", der_to_dh_decoder_functions),
+    DECODER("DHX", "yes", "der", der_to_dhx_decoder_functions),
+#endif
+#ifndef OPENSSL_NO_DSA
+    DECODER("DSA", "yes", "der", der_to_dsa_decoder_functions),
+    DECODER("DSA", "yes", "mblob", msblob_to_dsa_decoder_functions),
+# ifndef OPENSSL_NO_RC4
+    DECODER("DSA", "yes", "pvk", pvk_to_dsa_decoder_functions),
+# endif
+#endif
+#ifndef OPENSSL_NO_EC
+    DECODER("EC", "yes", "der", der_to_ec_decoder_functions),
+    DECODER("ED25519", "yes", "der", der_to_ed25519_decoder_functions),
+    DECODER("ED448", "yes", "der", der_to_ed448_decoder_functions),
+    DECODER("X25519", "yes", "der", der_to_x25519_decoder_functions),
+    DECODER("X448", "yes", "der", der_to_x448_decoder_functions),
+#endif
+    DECODER("RSA", "yes", "der", der_to_rsa_decoder_functions),
+    DECODER("RSA-PSS", "yes", "der", der_to_rsapss_decoder_functions),
+#ifndef OPENSSL_NO_DSA
+    DECODER("RSA", "yes", "mblob", msblob_to_rsa_decoder_functions),
+# ifndef OPENSSL_NO_RC4
+    DECODER("RSA", "yes", "pvk", pvk_to_rsa_decoder_functions),
+# endif
+#endif
+
+    DECODER("DER", "yes", "pem", pem_to_der_decoder_functions),
+
diff --git a/providers/defltprov.c b/providers/defltprov.c
index 083373a066..9aefa801a1 100644
--- a/providers/defltprov.c
+++ b/providers/defltprov.c
@@ -395,27 +395,27 @@ static const OSSL_ALGORITHM deflt_keymgmt[] = {
     { NULL, NULL, NULL }
 };
 
-static const OSSL_ALGORITHM deflt_serializer[] = {
-#define SER(name, fips, format, type, func_table)                           \
+static const OSSL_ALGORITHM deflt_encoder[] = {
+#define ENCODER(name, fips, format, type, func_table)                           \
     { name,                                                                 \
       "provider=default,fips=" fips ",format=" format ",type=" type,        \
       (func_table) }
 
-#include "serializers.inc"
+#include "encoders.inc"
     { NULL, NULL, NULL }
 };
-#undef SER
+#undef ENCODER
 
-static const OSSL_ALGORITHM deflt_deserializer[] = {
-#define DESER(name, fips, input, func_table)                                \
+static const OSSL_ALGORITHM deflt_decoder[] = {
+#define DECODER(name, fips, input, func_table)                                \
     { name,                                                                 \
       "provider=default,fips=" fips ",input=" input,                        \
       (func_table) }
 
-#include "deserializers.inc"
+#include "decoders.inc"
     { NULL, NULL, NULL }
 };
-#undef DESER
+#undef DECODER
 
 static const OSSL_ALGORITHM *deflt_query(void *provctx, int operation_id,
                                          int *no_cache)
@@ -441,10 +441,10 @@ static const OSSL_ALGORITHM *deflt_query(void *provctx, int operation_id,
         return deflt_signature;
     case OSSL_OP_ASYM_CIPHER:
         return deflt_asym_cipher;
-    case OSSL_OP_SERIALIZER:
-        return deflt_serializer;
-    case OSSL_OP_DESERIALIZER:
-        return deflt_deserializer;
+    case OSSL_OP_ENCODER:
+        return deflt_encoder;
+    case OSSL_OP_DECODER:
+        return deflt_decoder;
     }
     return NULL;
 }
diff --git a/providers/deserializers.inc b/providers/deserializers.inc
deleted file mode 100644
index 2e363143b8..0000000000
--- a/providers/deserializers.inc
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#ifndef DESER
-# error Macro DESER undefined
-#endif
-
-#ifndef OPENSSL_NO_DH
-    DESER("DH", "yes", "der", der_to_dh_deserializer_functions),
-    DESER("DHX", "yes", "der", der_to_dhx_deserializer_functions),
-#endif
-#ifndef OPENSSL_NO_DSA
-    DESER("DSA", "yes", "der", der_to_dsa_deserializer_functions),
-    DESER("DSA", "yes", "mblob", msblob_to_dsa_deserializer_functions),
-# ifndef OPENSSL_NO_RC4
-    DESER("DSA", "yes", "pvk", pvk_to_dsa_deserializer_functions),
-# endif
-#endif
-#ifndef OPENSSL_NO_EC
-    DESER("EC", "yes", "der", der_to_ec_deserializer_functions),
-    DESER("ED25519", "yes", "der", der_to_ed25519_deserializer_functions),
-    DESER("ED448", "yes", "der", der_to_ed448_deserializer_functions),
-    DESER("X25519", "yes", "der", der_to_x25519_deserializer_functions),
-    DESER("X448", "yes", "der", der_to_x448_deserializer_functions),
-#endif
-    DESER("RSA", "yes", "der", der_to_rsa_deserializer_functions),
-    DESER("RSA-PSS", "yes", "der", der_to_rsapss_deserializer_functions),
-#ifndef OPENSSL_NO_DSA
-    DESER("RSA", "yes", "mblob", msblob_to_rsa_deserializer_functions),
-# ifndef OPENSSL_NO_RC4
-    DESER("RSA", "yes", "pvk", pvk_to_rsa_deserializer_functions),
-# endif
-#endif
-
-    DESER("DER", "yes", "pem", pem_to_der_deserializer_functions),
-
diff --git a/providers/encoders.inc b/providers/encoders.inc
new file mode 100644
index 0000000000..4d894a73e5
--- /dev/null
+++ b/providers/encoders.inc
@@ -0,0 +1,112 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef ENCODER
+# error Macro ENCODER undefined
+#endif
+
+    ENCODER("RSA", "yes", "text", "private", rsa_priv_text_encoder_functions),
+    ENCODER("RSA", "yes", "text", "public", rsa_pub_text_encoder_functions),
+    ENCODER("RSA", "yes", "der", "private", rsa_priv_der_encoder_functions),
+    ENCODER("RSA", "yes", "der", "public", rsa_pub_der_encoder_functions),
+    ENCODER("RSA", "yes", "pem", "private", rsa_priv_pem_encoder_functions),
+    ENCODER("RSA", "yes", "pem", "public", rsa_pub_pem_encoder_functions),
+    ENCODER("RSA-PSS", "yes", "text", "private",
+        rsa_priv_text_encoder_functions),
+    ENCODER("RSA-PSS", "yes", "text", "public", rsa_pub_text_encoder_functions),
+    ENCODER("RSA-PSS", "yes", "der", "private", rsa_priv_der_encoder_functions),
+    ENCODER("RSA-PSS", "yes", "der", "public", rsa_pub_der_encoder_functions),
+    ENCODER("RSA-PSS", "yes", "pem", "private", rsa_priv_pem_encoder_functions),
+    ENCODER("RSA-PSS", "yes", "pem", "public", rsa_pub_pem_encoder_functions),
+
+#ifndef OPENSSL_NO_DH
+    ENCODER("DH", "yes", "text", "private", dh_priv_text_encoder_functions),
+    ENCODER("DH", "yes", "text", "public", dh_pub_text_encoder_functions),
+    ENCODER("DH", "yes", "text", "parameters", dh_param_text_encoder_functions),
+    ENCODER("DH", "yes", "der", "private", dh_priv_der_encoder_functions),
+    ENCODER("DH", "yes", "der", "public", dh_pub_der_encoder_functions),
+    ENCODER("DH", "yes", "der", "parameters", dh_param_der_encoder_functions),
+    ENCODER("DH", "yes", "pem", "private", dh_priv_pem_encoder_functions),
+    ENCODER("DH", "yes", "pem", "public", dh_pub_pem_encoder_functions),
+    ENCODER("DH", "yes", "pem", "parameters", dh_param_pem_encoder_functions),
+
+    ENCODER("DHX", "yes", "text", "private", dh_priv_text_encoder_functions),
+    ENCODER("DHX", "yes", "text", "public", dh_pub_text_encoder_functions),
+    ENCODER("DHX", "yes", "text", "parameters", dh_param_text_encoder_functions),
+    ENCODER("DHX", "yes", "der", "private", dh_priv_der_encoder_functions),
+    ENCODER("DHX", "yes", "der", "public", dh_pub_der_encoder_functions),
+    ENCODER("DHX", "yes", "der", "parameters", dh_param_der_encoder_functions),
+    ENCODER("DHX", "yes", "pem", "private", dh_priv_pem_encoder_functions),
+    ENCODER("DHX", "yes", "pem", "public", dh_pub_pem_encoder_functions),
+    ENCODER("DHX", "yes", "pem", "parameters", dh_param_pem_encoder_functions),
+#endif
+
+#ifndef OPENSSL_NO_DSA
+    ENCODER("DSA", "yes", "text", "private", dsa_priv_text_encoder_functions),
+    ENCODER("DSA", "yes", "text", "public", dsa_pub_text_encoder_functions),
+    ENCODER("DSA", "yes", "text", "parameters",
+        dsa_param_text_encoder_functions),
+    ENCODER("DSA", "yes", "der", "private", dsa_priv_der_encoder_functions),
+    ENCODER("DSA", "yes", "der", "public", dsa_pub_der_encoder_functions),
+    ENCODER("DSA", "yes", "der", "parameters", dsa_param_der_encoder_functions),
+    ENCODER("DSA", "yes", "pem", "private", dsa_priv_pem_encoder_functions),
+    ENCODER("DSA", "yes", "pem", "public", dsa_pub_pem_encoder_functions),
+    ENCODER("DSA", "yes", "pem", "parameters", dsa_param_pem_encoder_functions),
+#endif
+
+#ifndef OPENSSL_NO_EC
+    ENCODER("X25519", "yes", "text", "private",
+        x25519_priv_print_encoder_functions),
+    ENCODER("X25519", "yes", "text", "public",
+        x25519_pub_print_encoder_functions),
+    ENCODER("X25519", "yes", "der", "private",
+        x25519_priv_der_encoder_functions),
+    ENCODER("X25519", "yes", "der", "public", x25519_pub_der_encoder_functions),
+    ENCODER("X25519", "yes", "pem", "private",
+        x25519_priv_pem_encoder_functions),
+    ENCODER("X25519", "yes", "pem", "public", x25519_pub_pem_encoder_functions),
+
+    ENCODER("X448", "no", "text", "private", x448_priv_print_encoder_functions),
+    ENCODER("X448", "no", "text", "public", x448_pub_print_encoder_functions),
+    ENCODER("X448", "no", "der", "private", x448_priv_der_encoder_functions),
+    ENCODER("X448", "no", "der", "public", x448_pub_der_encoder_functions),
+    ENCODER("X448", "no", "pem", "private", x448_priv_pem_encoder_functions),
+    ENCODER("X448", "no", "pem", "public", x448_pub_pem_encoder_functions),
+
+    ENCODER("ED25519", "yes", "text", "private",
+        ed25519_priv_print_encoder_functions),
+    ENCODER("ED25519", "yes", "text", "public",
+        ed25519_pub_print_encoder_functions),
+    ENCODER("ED25519", "yes", "der", "private",
+        ed25519_priv_der_encoder_functions),
+    ENCODER("ED25519", "yes", "der", "public",
+        ed25519_pub_der_encoder_functions),
+    ENCODER("ED25519", "yes", "pem", "private",
+        ed25519_priv_pem_encoder_functions),
+    ENCODER("ED25519", "yes", "pem", "public",
+        ed25519_pub_pem_encoder_functions),
+
+    ENCODER("ED448", "no", "text", "private",
+        ed448_priv_print_encoder_functions),
+    ENCODER("ED448", "no", "text", "public", ed448_pub_print_encoder_functions),
+    ENCODER("ED448", "no", "der", "private", ed448_priv_der_encoder_functions),
+    ENCODER("ED448", "no", "der", "public", ed448_pub_der_encoder_functions),
+    ENCODER("ED448", "no", "pem", "private", ed448_priv_pem_encoder_functions),
+    ENCODER("ED448", "no", "pem", "public", ed448_pub_pem_encoder_functions),
+
+    ENCODER("EC", "yes", "text", "private", ec_priv_text_encoder_functions),
+    ENCODER("EC", "yes", "text", "public", ec_pub_text_encoder_functions),
+    ENCODER("EC", "yes", "text", "parameters", ec_param_text_encoder_functions),
+    ENCODER("EC", "yes", "der", "private", ec_priv_der_encoder_functions),
+    ENCODER("EC", "yes", "der", "public", ec_pub_der_encoder_functions),
+    ENCODER("EC", "yes", "der", "parameters", ec_param_der_encoder_functions),
+    ENCODER("EC", "yes", "pem", "private", ec_priv_pem_encoder_functions),
+    ENCODER("EC", "yes", "pem", "public", ec_pub_pem_encoder_functions),
+    ENCODER("EC", "yes", "pem", "parameters", ec_param_pem_encoder_functions),
+#endif
diff --git a/providers/implementations/build.info b/providers/implementations/build.info
index 839478ef36..54392cf68b 100644
--- a/providers/implementations/build.info
+++ b/providers/implementations/build.info
@@ -1,2 +1,2 @@
 SUBDIRS=digests ciphers rands macs kdfs exchange keymgmt signature asymciphers \
-        serializers
+        encode_decode
diff --git a/providers/implementations/encode_decode/build.info b/providers/implementations/encode_decode/build.info
new file mode 100644
index 0000000000..3e78849dfc
--- /dev/null
+++ b/providers/implementations/encode_decode/build.info
@@ -0,0 +1,35 @@
+# We make separate GOAL variables for each algorithm, to make it easy to
+# switch each to the Legacy provider when needed.
+
+$ENCODER_GOAL=../../libimplementations.a
+$DECODER_GOAL=../../libimplementations.a
+$RSA_GOAL=../../libimplementations.a
+$FFC_GOAL=../../libimplementations.a
+$DH_GOAL=../../libimplementations.a
+$DSA_GOAL=../../libimplementations.a
+$ECX_GOAL=../../libimplementations.a
+$EC_GOAL=../../libimplementations.a
+
+SOURCE[$ENCODER_GOAL]=encoder_common.c decode_common.c
+
+SOURCE[$DECODER_GOAL]=decode_der2key.c decode_pem2der.c
+IF[{- !$disabled{dsa} -}]
+  SOURCE[$DECODER_GOAL]=decode_ms2key.c
+ENDIF
+
+SOURCE[$RSA_GOAL]=encoder_rsa.c encoder_rsa_priv.c encoder_rsa_pub.c
+DEPEND[encoder_rsa.o]=../../common/include/prov/der_rsa.h
+
+IF[{- !$disabled{"dh"} || !$disabled{"dsa"} -}]
+  SOURCE[$FFC_GOAL]=encoder_ffc_params.c
+ENDIF
+IF[{- !$disabled{dh} -}]
+  SOURCE[$DH_GOAL]=encoder_dh.c encoder_dh_priv.c encoder_dh_pub.c encoder_dh_param.c
+ENDIF
+IF[{- !$disabled{dsa} -}]
+  SOURCE[$DSA_GOAL]=encoder_dsa.c encoder_dsa_priv.c encoder_dsa_pub.c encoder_dsa_param.c
+ENDIF
+IF[{- !$disabled{ec} -}]
+  SOURCE[$ECX_GOAL]=encoder_ecx.c encoder_ecx_priv.c encoder_ecx_pub.c
+  SOURCE[$EC_GOAL]=encoder_ec.c encoder_ec_priv.c encoder_ec_pub.c encoder_ec_param.c
+ENDIF
diff --git a/providers/implementations/serializers/deserialize_common.c b/providers/implementations/encode_decode/decode_common.c
similarity index 99%
rename from providers/implementations/serializers/deserialize_common.c
rename to providers/implementations/encode_decode/decode_common.c
index 54c63347fd..1b5eea4c8d 100644
--- a/providers/implementations/serializers/deserialize_common.c
+++ b/providers/implementations/encode_decode/decode_common.c
@@ -18,7 +18,7 @@
 #include "crypto/asn1.h"
 #include "prov/bio.h"               /* ossl_prov_bio_printf() */
 #include "prov/providercommonerr.h" /* PROV_R_READ_KEY */
-#include "serializer_local.h"
+#include "encoder_local.h"
 
 int ossl_prov_read_der(PROV_CTX *provctx, OSSL_CORE_BIO *cin,
                        unsigned char **data, long *len)
diff --git a/providers/implementations/serializers/deserialize_der2key.c b/providers/implementations/encode_decode/decode_der2key.c
similarity index 81%
rename from providers/implementations/serializers/deserialize_der2key.c
rename to providers/implementations/encode_decode/decode_der2key.c
index 6975c9ceab..6af1c0927d 100644
--- a/providers/implementations/serializers/deserialize_der2key.c
+++ b/providers/implementations/encode_decode/decode_der2key.c
@@ -20,15 +20,15 @@
 #include <openssl/x509.h>
 #include "prov/bio.h"
 #include "prov/implementations.h"
-#include "serializer_local.h"
+#include "encoder_local.h"
 
-static OSSL_FUNC_deserializer_newctx_fn der2rsa_newctx;
+static OSSL_FUNC_decoder_newctx_fn der2rsa_newctx;
 
-static OSSL_FUNC_deserializer_freectx_fn der2key_freectx;
-static OSSL_FUNC_deserializer_gettable_params_fn der2key_gettable_params;
-static OSSL_FUNC_deserializer_get_params_fn der2key_get_params;
-static OSSL_FUNC_deserializer_deserialize_fn der2key_deserialize;
-static OSSL_FUNC_deserializer_export_object_fn der2key_export_object;
+static OSSL_FUNC_decoder_freectx_fn der2key_freectx;
+static OSSL_FUNC_decoder_gettable_params_fn der2key_gettable_params;
+static OSSL_FUNC_decoder_get_params_fn der2key_get_params;
+static OSSL_FUNC_decoder_decode_fn der2key_decode;
+static OSSL_FUNC_decoder_export_object_fn der2key_export_object;
 
 typedef void *(extract_key_fn)(EVP_PKEY *);
 typedef void (free_key_fn)(void *);
@@ -46,7 +46,7 @@ struct keytype_desc_st {
 };
 
 /*
- * Context used for DER to key deserialization.
+ * Context used for DER to key decoding.
  */
 struct der2key_ctx_st {
     PROV_CTX *provctx;
@@ -75,7 +75,7 @@ static void der2key_freectx(void *vctx)
 static const OSSL_PARAM *der2key_gettable_params(void *provctx)
 {
     static const OSSL_PARAM gettables[] = {
-        { OSSL_DESERIALIZER_PARAM_INPUT_TYPE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 },
+        { OSSL_DECODER_PARAM_INPUT_TYPE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 },
         OSSL_PARAM_END,
     };
 
@@ -86,16 +86,16 @@ static int der2key_get_params(OSSL_PARAM params[])
 {
     OSSL_PARAM *p;
 
-    p = OSSL_PARAM_locate(params, OSSL_DESERIALIZER_PARAM_INPUT_TYPE);
+    p = OSSL_PARAM_locate(params, OSSL_DECODER_PARAM_INPUT_TYPE);
     if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "DER"))
         return 0;
 
     return 1;
 }
 
-static int der2key_deserialize(void *vctx, OSSL_CORE_BIO *cin,
-                               OSSL_CALLBACK *data_cb, void *data_cbarg,
-                               OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
+static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin,
+                          OSSL_CALLBACK *data_cb, void *data_cbarg,
+                          OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
 {
     struct der2key_ctx_st *ctx = vctx;
     void *libctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx);
@@ -160,11 +160,11 @@ static int der2key_deserialize(void *vctx, OSSL_CORE_BIO *cin,
         OSSL_PARAM params[3];
 
         params[0] =
-            OSSL_PARAM_construct_utf8_string(OSSL_DESERIALIZER_PARAM_DATA_TYPE,
+            OSSL_PARAM_construct_utf8_string(OSSL_DECODER_PARAM_DATA_TYPE,
                                              (char *)ctx->desc->name, 0);
         /* The address of the key becomes the octet string */
         params[1] =
-            OSSL_PARAM_construct_octet_string(OSSL_DESERIALIZER_PARAM_REFERENCE,
+            OSSL_PARAM_construct_octet_string(OSSL_DECODER_PARAM_REFERENCE,
                                               &key, sizeof(key));
         params[2] = OSSL_PARAM_construct_end();
 
@@ -203,18 +203,18 @@ static int der2key_export_object(void *vctx,
     {                                                                   \
         return der2key_newctx(provctx, &keytype##_desc);                \
     }                                                                   \
-    const OSSL_DISPATCH der_to_##keytype##_deserializer_functions[] = { \
-        { OSSL_FUNC_DESERIALIZER_NEWCTX,                                \
+    const OSSL_DISPATCH der_to_##keytype##_decoder_functions[] = {      \
+        { OSSL_FUNC_DECODER_NEWCTX,                                     \
           (void (*)(void))der2##keytype##_newctx },                     \
-        { OSSL_FUNC_DESERIALIZER_FREECTX,                               \
+        { OSSL_FUNC_DECODER_FREECTX,                                    \
           (void (*)(void))der2key_freectx },                            \
-        { OSSL_FUNC_DESERIALIZER_GETTABLE_PARAMS,                       \
+        { OSSL_FUNC_DECODER_GETTABLE_PARAMS,                            \
           (void (*)(void))der2key_gettable_params },                    \
-        { OSSL_FUNC_DESERIALIZER_GET_PARAMS,                            \
+        { OSSL_FUNC_DECODER_GET_PARAMS,                                 \
           (void (*)(void))der2key_get_params },                         \
-        { OSSL_FUNC_DESERIALIZER_DESERIALIZE,                           \
-          (void (*)(void))der2key_deserialize },                        \
-        { OSSL_FUNC_DESERIALIZER_EXPORT_OBJECT,                         \
+        { OSSL_FUNC_DECODER_DECODE,                                     \
+          (void (*)(void))der2key_decode },                             \
+        { OSSL_FUNC_DECODER_EXPORT_OBJECT,                              \
           (void (*)(void))der2key_export_object },                      \
         { 0, NULL }                                                     \
     }
diff --git a/providers/implementations/serializers/deserialize_ms2key.c b/providers/implementations/encode_decode/decode_ms2key.c
similarity index 73%
rename from providers/implementations/serializers/deserialize_ms2key.c
rename to providers/implementations/encode_decode/decode_ms2key.c
index 8b9ddec6a0..453e8188b3 100644
--- a/providers/implementations/serializers/deserialize_ms2key.c
+++ b/providers/implementations/encode_decode/decode_ms2key.c
@@ -21,19 +21,19 @@
 #include "internal/pem.h"        /* For PVK and "blob" PEM headers */
 #include "prov/bio.h"
 #include "prov/implementations.h"
-#include "serializer_local.h"
+#include "encoder_local.h"
 
-static OSSL_FUNC_deserializer_freectx_fn ms2key_freectx;
-static OSSL_FUNC_deserializer_gettable_params_fn ms2key_gettable_params;
-static OSSL_FUNC_deserializer_get_params_fn msblob2key_get_params;
+static OSSL_FUNC_decoder_freectx_fn ms2key_freectx;
+static OSSL_FUNC_decoder_gettable_params_fn ms2key_gettable_params;
+static OSSL_FUNC_decoder_get_params_fn msblob2key_get_params;
 #ifndef OPENSSL_NO_RC4
-static OSSL_FUNC_deserializer_get_params_fn pvk2key_get_params;
+static OSSL_FUNC_decoder_get_params_fn pvk2key_get_params;
 #endif
-static OSSL_FUNC_deserializer_deserialize_fn msblob2key_deserialize;
+static OSSL_FUNC_decoder_decode_fn msblob2key_decode;
 #ifndef OPENSSL_NO_RC4
-static OSSL_FUNC_deserializer_deserialize_fn pvk2key_deserialize;
+static OSSL_FUNC_decoder_decode_fn pvk2key_decode;
 #endif
-static OSSL_FUNC_deserializer_export_object_fn ms2key_export_object;
+static OSSL_FUNC_decoder_export_object_fn ms2key_export_object;
 
 typedef void *(extract_key_fn)(EVP_PKEY *);
 typedef void (free_key_fn)(void *);
@@ -51,7 +51,7 @@ struct keytype_desc_st {
 };
 
 /*
- * Context used for DER to key deserialization.
+ * Context used for DER to key decoding.
  */
 struct ms2key_ctx_st {
     PROV_CTX *provctx;
@@ -80,7 +80,7 @@ static void ms2key_freectx(void *vctx)
 static const OSSL_PARAM *ms2key_gettable_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM gettables[] = {
-        { OSSL_DESERIALIZER_PARAM_INPUT_TYPE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 },
+        { OSSL_DECODER_PARAM_INPUT_TYPE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 },
         OSSL_PARAM_END,
     };
 
@@ -91,7 +91,7 @@ static int msblob2key_get_params(OSSL_PARAM params[])
 {
     OSSL_PARAM *p;
 
-    p = OSSL_PARAM_locate(params, OSSL_DESERIALIZER_PARAM_INPUT_TYPE);
+    p = OSSL_PARAM_locate(params, OSSL_DECODER_PARAM_INPUT_TYPE);
     if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "MSBLOB"))
         return 0;
 
@@ -103,7 +103,7 @@ static int pvk2key_get_params(OSSL_PARAM params[])
 {
     OSSL_PARAM *p;
 
-    p = OSSL_PARAM_locate(params, OSSL_DESERIALIZER_PARAM_INPUT_TYPE);
+    p = OSSL_PARAM_locate(params, OSSL_DECODER_PARAM_INPUT_TYPE);
     if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "PVK"))
         return 0;
 
@@ -134,11 +134,11 @@ static int ms2key_post(struct ms2key_ctx_st *ctx, EVP_PKEY *pkey,
         OSSL_PARAM params[3];
 
         params[0] =
-            OSSL_PARAM_construct_utf8_string(OSSL_DESERIALIZER_PARAM_DATA_TYPE,
+            OSSL_PARAM_construct_utf8_string(OSSL_DECODER_PARAM_DATA_TYPE,
                                              (char *)ctx->desc->name, 0);
         /* The address of the key becomes the octet string */
         params[1] =
-            OSSL_PARAM_construct_octet_string(OSSL_DESERIALIZER_PARAM_REFERENCE,
+            OSSL_PARAM_construct_octet_string(OSSL_DECODER_PARAM_REFERENCE,
                                               &key, sizeof(key));
         params[2] = OSSL_PARAM_construct_end();
 
@@ -149,10 +149,9 @@ static int ms2key_post(struct ms2key_ctx_st *ctx, EVP_PKEY *pkey,
     return ok;
 }
 
-static int msblob2key_deserialize(void *vctx, OSSL_CORE_BIO *cin,
-                                  OSSL_CALLBACK *data_cb, void *data_cbarg,
-                                  OSSL_PASSPHRASE_CALLBACK *pw_cb,
-                                  void *pw_cbarg)
+static int msblob2key_decode(void *vctx, OSSL_CORE_BIO *cin,
+                             OSSL_CALLBACK *data_cb, void *data_cbarg,
+                             OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
 {
     struct ms2key_ctx_st *ctx = vctx;
     int ispub = -1;
@@ -164,10 +163,9 @@ static int msblob2key_deserialize(void *vctx, OSSL_CORE_BIO *cin,
 }
 
 #ifndef OPENSSL_NO_RC4
-static int pvk2key_deserialize(void *vctx, OSSL_CORE_BIO *cin,
-                               OSSL_CALLBACK *data_cb, void *data_cbarg,
-                               OSSL_PASSPHRASE_CALLBACK *pw_cb,
-                               void *pw_cbarg)
+static int pvk2key_decode(void *vctx, OSSL_CORE_BIO *cin,
+                          OSSL_CALLBACK *data_cb, void *data_cbarg,
+                          OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
 {
     struct ms2key_ctx_st *ctx = vctx;
     EVP_PKEY *pkey = ossl_prov_read_pvk(ctx->provctx, cin, pw_cb, pw_cbarg);
@@ -179,8 +177,8 @@ static int pvk2key_deserialize(void *vctx, OSSL_CORE_BIO *cin,
 #endif
 
 static int ms2key_export_object(void *vctx,
-                                 const void *reference, size_t reference_sz,
-                                 OSSL_CALLBACK *export_cb, void *export_cbarg)
+                                const void *reference, size_t reference_sz,
+                                OSSL_CALLBACK *export_cb, void *export_cbarg)
 {
     struct ms2key_ctx_st *ctx = vctx;
     OSSL_FUNC_keymgmt_export_fn *export =
@@ -199,7 +197,7 @@ static int ms2key_export_object(void *vctx,
 
 #define IMPLEMENT_TYPE(KEYTYPEstr, KEYTYPE, keytype, extract, free)     \
     static const struct keytype_desc_st keytype##_desc;                 \
-    static OSSL_FUNC_deserializer_newctx_fn ms2##keytype##_newctx;      \
+    static OSSL_FUNC_decoder_newctx_fn ms2##keytype##_newctx;           \
     static void *ms2##keytype##_newctx(void *provctx)                   \
     {                                                                   \
         return ms2key_newctx(provctx, &keytype##_desc);                 \
@@ -211,18 +209,18 @@ static int ms2key_export_object(void *vctx,
 
 #define IMPLEMENT_MS(mstype, keytype)                                   \
     const OSSL_DISPATCH                                                 \
-    mstype##_to_##keytype##_deserializer_functions[] = {                \
-        { OSSL_FUNC_DESERIALIZER_NEWCTX,                                \
+        mstype##_to_##keytype##_decoder_functions[] = {                 \
+        { OSSL_FUNC_DECODER_NEWCTX,                                     \
           (void (*)(void))ms2##keytype##_newctx },                      \
-        { OSSL_FUNC_DESERIALIZER_FREECTX,                               \
+        { OSSL_FUNC_DECODER_FREECTX,                                    \
           (void (*)(void))ms2key_freectx },                             \
-        { OSSL_FUNC_DESERIALIZER_GETTABLE_PARAMS,                       \
+        { OSSL_FUNC_DECODER_GETTABLE_PARAMS,                            \
           (void (*)(void))ms2key_gettable_params },                     \
-        { OSSL_FUNC_DESERIALIZER_GET_PARAMS,                            \
+        { OSSL_FUNC_DECODER_GET_PARAMS,                                 \
           (void (*)(void))mstype##2key_get_params },                    \
-        { OSSL_FUNC_DESERIALIZER_DESERIALIZE,                           \
-          (void (*)(void))mstype##2key_deserialize },                   \
-        { OSSL_FUNC_DESERIALIZER_EXPORT_OBJECT,                         \
+        { OSSL_FUNC_DECODER_DECODE,                                     \
+          (void (*)(void))mstype##2key_decode },                        \
+        { OSSL_FUNC_DECODER_EXPORT_OBJECT,                              \
           (void (*)(void))ms2key_export_object },                       \
         { 0, NULL }                                                     \
     }
diff --git a/providers/implementations/serializers/deserialize_pem2der.c b/providers/implementations/encode_decode/decode_pem2der.c
similarity index 71%
rename from providers/implementations/serializers/deserialize_pem2der.c
rename to providers/implementations/encode_decode/decode_pem2der.c
index ea43bd8319..7ba1cbe3d3 100644
--- a/providers/implementations/serializers/deserialize_pem2der.c
+++ b/providers/implementations/encode_decode/decode_pem2der.c
@@ -24,16 +24,16 @@
 #include "prov/bio.h"
 #include "prov/implementations.h"
 #include "prov/providercommonerr.h"
-#include "serializer_local.h"
+#include "encoder_local.h"
 
-static OSSL_FUNC_deserializer_newctx_fn pem2der_newctx;
-static OSSL_FUNC_deserializer_freectx_fn pem2der_freectx;
-static OSSL_FUNC_deserializer_gettable_params_fn pem2der_gettable_params;
-static OSSL_FUNC_deserializer_get_params_fn pem2der_get_params;
-static OSSL_FUNC_deserializer_deserialize_fn pem2der_deserialize;
+static OSSL_FUNC_decoder_newctx_fn pem2der_newctx;
+static OSSL_FUNC_decoder_freectx_fn pem2der_freectx;
+static OSSL_FUNC_decoder_gettable_params_fn pem2der_gettable_params;
+static OSSL_FUNC_decoder_get_params_fn pem2der_get_params;
+static OSSL_FUNC_decoder_decode_fn pem2der_decode;
 
 /*
- * Context used for PEM to DER deserialization.
+ * Context used for PEM to DER decoding.
  */
 struct pem2der_ctx_st {
     PROV_CTX *provctx;
@@ -58,7 +58,7 @@ static void pem2der_freectx(void *vctx)
 static const OSSL_PARAM *pem2der_gettable_params(void *provctx)
 {
     static const OSSL_PARAM gettables[] = {
-        { OSSL_DESERIALIZER_PARAM_INPUT_TYPE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 },
+        { OSSL_DECODER_PARAM_INPUT_TYPE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 },
         OSSL_PARAM_END,
     };
 
@@ -69,7 +69,7 @@ static int pem2der_get_params(OSSL_PARAM params[])
 {
     OSSL_PARAM *p;
 
-    p = OSSL_PARAM_locate(params, OSSL_DESERIALIZER_PARAM_INPUT_TYPE);
+    p = OSSL_PARAM_locate(params, OSSL_DECODER_PARAM_INPUT_TYPE);
     if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "PEM"))
         return 0;
 
@@ -94,9 +94,9 @@ static int pem2der_pass_helper(char *buf, int num, int w, void *data)
     return (int)plen;
 }
 
-static int pem2der_deserialize(void *vctx, OSSL_CORE_BIO *cin,
-                               OSSL_CALLBACK *data_cb, void *data_cbarg,
-                               OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
+static int pem2der_decode(void *vctx, OSSL_CORE_BIO *cin,
+                          OSSL_CALLBACK *data_cb, void *data_cbarg,
+                          OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
 {
     struct pem2der_ctx_st *ctx = vctx;
     char *pem_name = NULL, *pem_header = NULL;
@@ -130,10 +130,10 @@ static int pem2der_deserialize(void *vctx, OSSL_CORE_BIO *cin,
         OSSL_PARAM params[3];
 
         params[0] =
-            OSSL_PARAM_construct_utf8_string(OSSL_DESERIALIZER_PARAM_DATA_TYPE,
+            OSSL_PARAM_construct_utf8_string(OSSL_DECODER_PARAM_DATA_TYPE,
                                              pem_name, 0);
         params[1] =
-            OSSL_PARAM_construct_octet_string(OSSL_DESERIALIZER_PARAM_DATA,
+            OSSL_PARAM_construct_octet_string(OSSL_DECODER_PARAM_DATA,
                                               der, der_len);
         params[2] = OSSL_PARAM_construct_end();
 
@@ -147,13 +147,13 @@ static int pem2der_deserialize(void *vctx, OSSL_CORE_BIO *cin,
     return ok;
 }
 
-const OSSL_DISPATCH pem_to_der_deserializer_functions[] = {
-    { OSSL_FUNC_DESERIALIZER_NEWCTX, (void (*)(void))pem2der_newctx },
-    { OSSL_FUNC_DESERIALIZER_FREECTX, (void (*)(void))pem2der_freectx },
-    { OSSL_FUNC_DESERIALIZER_GETTABLE_PARAMS,
+const OSSL_DISPATCH pem_to_der_decoder_functions[] = {
+    { OSSL_FUNC_DECODER_NEWCTX, (void (*)(void))pem2der_newctx },
+    { OSSL_FUNC_DECODER_FREECTX, (void (*)(void))pem2der_freectx },
+    { OSSL_FUNC_DECODER_GETTABLE_PARAMS,
       (void (*)(void))pem2der_gettable_params },
-    { OSSL_FUNC_DESERIALIZER_GET_PARAMS,
+    { OSSL_FUNC_DECODER_GET_PARAMS,
       (void (*)(void))pem2der_get_params },
-    { OSSL_FUNC_DESERIALIZER_DESERIALIZE, (void (*)(void))pem2der_deserialize },
+    { OSSL_FUNC_DECODER_DECODE, (void (*)(void))pem2der_decode },
     { 0, NULL }
 };
diff --git a/providers/implementations/serializers/serializer_common.c b/providers/implementations/encode_decode/encoder_common.c
similarity index 99%
rename from providers/implementations/serializers/serializer_common.c
rename to providers/implementations/encode_decode/encoder_common.c
index 58d7a27e60..4d8348b3fc 100644
--- a/providers/implementations/serializers/serializer_common.c
+++ b/providers/implementations/encode_decode/encoder_common.c
@@ -19,7 +19,7 @@
 #include "prov/bio.h"            /* ossl_prov_bio_printf() */
 #include "prov/implementations.h"
 #include "prov/providercommonerr.h" /* PROV_R_READ_KEY */
-#include "serializer_local.h"
+#include "encoder_local.h"
 
 static PKCS8_PRIV_KEY_INFO *
 ossl_prov_p8info_from_obj(const void *obj, int obj_nid,
diff --git a/providers/implementations/serializers/serializer_dh.c b/providers/implementations/encode_decode/encoder_dh.c
similarity index 99%
rename from providers/implementations/serializers/serializer_dh.c
rename to providers/implementations/encode_decode/encoder_dh.c
index d1b1d27cf6..d9578f46c4 100644
--- a/providers/implementations/serializers/serializer_dh.c
+++ b/providers/implementations/encode_decode/encoder_dh.c
@@ -19,7 +19,7 @@
 #include "prov/providercommonerr.h" /* PROV_R_BN_ERROR */
 #include "internal/ffc.h"
 #include "crypto/dh.h"
-#include "serializer_local.h"
+#include "encoder_local.h"
 
 OSSL_FUNC_keymgmt_new_fn *ossl_prov_get_keymgmt_dh_new(void)
 {
diff --git a/providers/implementations/serializers/serializer_dh_param.c b/providers/implementations/encode_decode/encoder_dh_param.c
similarity index 70%
rename from providers/implementations/serializers/serializer_dh_param.c
rename to providers/implementations/encode_decode/encoder_dh_param.c
index 49c0857734..23cda024c4 100644
--- a/providers/implementations/serializers/serializer_dh_param.c
+++ b/providers/implementations/encode_decode/encoder_dh_param.c
@@ -22,17 +22,17 @@
 #include "prov/implementations.h"
 #include "prov/providercommonerr.h"
 #include "prov/provider_ctx.h"
-#include "serializer_local.h"
+#include "encoder_local.h"
 
-static OSSL_FUNC_serializer_newctx_fn dh_param_newctx;
-static OSSL_FUNC_serializer_freectx_fn dh_param_freectx;
-static OSSL_FUNC_serializer_serialize_data_fn dh_param_der_data;
-static OSSL_FUNC_serializer_serialize_object_fn dh_param_der;
-static OSSL_FUNC_serializer_serialize_data_fn dh_param_pem_data;
-static OSSL_FUNC_serializer_serialize_object_fn dh_param_pem;
+static OSSL_FUNC_encoder_newctx_fn dh_param_newctx;
+static OSSL_FUNC_encoder_freectx_fn dh_param_freectx;
+static OSSL_FUNC_encoder_encode_data_fn dh_param_der_data;
+static OSSL_FUNC_encoder_encode_object_fn dh_param_der;
+static OSSL_FUNC_encoder_encode_data_fn dh_param_pem_data;
+static OSSL_FUNC_encoder_encode_object_fn dh_param_pem;
 
-static OSSL_FUNC_serializer_serialize_data_fn dh_param_print_data;
-static OSSL_FUNC_serializer_serialize_object_fn dh_param_print;
+static OSSL_FUNC_encoder_encode_data_fn dh_param_print_data;
+static OSSL_FUNC_encoder_encode_object_fn dh_param_print;
 
 /* Parameters : context */
 
@@ -109,7 +109,7 @@ static int dh_param_pem_data(void *ctx, const OSSL_PARAM params[],
 }
 
 static int dh_param_pem(void *ctx, void *dh, OSSL_CORE_BIO *cout,
-                       OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
+                        OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
 {
     BIO *out = bio_new_from_core_bio(ctx, cout);
     int ret;
@@ -146,7 +146,7 @@ static int dh_param_print_data(void *ctx, const OSSL_PARAM params[],
 }
 
 static int dh_param_print(void *ctx, void *dh, OSSL_CORE_BIO *cout,
-                         OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
+                          OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
 {
     BIO *out = bio_new_from_core_bio(ctx, cout);
     int ret;
@@ -160,27 +160,27 @@ static int dh_param_print(void *ctx, void *dh, OSSL_CORE_BIO *cout,
     return ret;
 }
 
-const OSSL_DISPATCH dh_param_der_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dh_param_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dh_param_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dh_param_der_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dh_param_der },
+const OSSL_DISPATCH dh_param_der_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))dh_param_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))dh_param_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))dh_param_der_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))dh_param_der },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH dh_param_pem_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dh_param_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dh_param_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dh_param_pem_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dh_param_pem },
+const OSSL_DISPATCH dh_param_pem_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))dh_param_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))dh_param_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))dh_param_pem_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))dh_param_pem },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH dh_param_text_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dh_param_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dh_param_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dh_param_print },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA,
+const OSSL_DISPATCH dh_param_text_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))dh_param_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))dh_param_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))dh_param_print },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA,
       (void (*)(void))dh_param_print_data },
     { 0, NULL }
 };
diff --git a/providers/implementations/serializers/serializer_dh_priv.c b/providers/implementations/encode_decode/encoder_dh_priv.c
similarity index 73%
rename from providers/implementations/serializers/serializer_dh_priv.c
rename to providers/implementations/encode_decode/encoder_dh_priv.c
index 0e974ac401..a9373df96a 100644
--- a/providers/implementations/serializers/serializer_dh_priv.c
+++ b/providers/implementations/encode_decode/encoder_dh_priv.c
@@ -23,24 +23,24 @@
 #include "prov/bio.h"
 #include "prov/implementations.h"
 #include "prov/provider_ctx.h"
-#include "serializer_local.h"
-
-static OSSL_FUNC_serializer_newctx_fn dh_priv_newctx;
-static OSSL_FUNC_serializer_freectx_fn dh_priv_freectx;
-static OSSL_FUNC_serializer_set_ctx_params_fn dh_priv_set_ctx_params;
-static OSSL_FUNC_serializer_settable_ctx_params_fn dh_priv_settable_ctx_params;
-static OSSL_FUNC_serializer_serialize_data_fn dh_priv_der_data;
-static OSSL_FUNC_serializer_serialize_object_fn dh_priv_der;
-static OSSL_FUNC_serializer_serialize_data_fn dh_pem_priv_data;
-static OSSL_FUNC_serializer_serialize_object_fn dh_pem_priv;
-
-static OSSL_FUNC_serializer_newctx_fn dh_print_newctx;
-static OSSL_FUNC_serializer_freectx_fn dh_print_freectx;
-static OSSL_FUNC_serializer_serialize_data_fn dh_priv_print_data;
-static OSSL_FUNC_serializer_serialize_object_fn dh_priv_print;
-
- /*
- * Context used for private key serialization.
+#include "encoder_local.h"
+
+static OSSL_FUNC_encoder_newctx_fn dh_priv_newctx;
+static OSSL_FUNC_encoder_freectx_fn dh_priv_freectx;
+static OSSL_FUNC_encoder_set_ctx_params_fn dh_priv_set_ctx_params;
+static OSSL_FUNC_encoder_settable_ctx_params_fn dh_priv_settable_ctx_params;
+static OSSL_FUNC_encoder_encode_data_fn dh_priv_der_data;
+static OSSL_FUNC_encoder_encode_object_fn dh_priv_der;
+static OSSL_FUNC_encoder_encode_data_fn dh_pem_priv_data;
+static OSSL_FUNC_encoder_encode_object_fn dh_pem_priv;
+
+static OSSL_FUNC_encoder_newctx_fn dh_print_newctx;
+static OSSL_FUNC_encoder_freectx_fn dh_print_freectx;
+static OSSL_FUNC_encoder_encode_data_fn dh_priv_print_data;
+static OSSL_FUNC_encoder_encode_object_fn dh_priv_print;
+
+/*
+ * Context used for private key encoding.
  */
 struct dh_priv_ctx_st {
     void *provctx;
@@ -74,8 +74,8 @@ static void dh_priv_freectx(void *vctx)
 static const OSSL_PARAM *dh_priv_settable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM settables[] = {
-        OSSL_PARAM_utf8_string(OSSL_SERIALIZER_PARAM_CIPHER, NULL, 0),
-        OSSL_PARAM_octet_string(OSSL_SERIALIZER_PARAM_PASS, NULL, 0),
+        OSSL_PARAM_utf8_string(OSSL_ENCODER_PARAM_CIPHER, NULL, 0),
+        OSSL_PARAM_octet_string(OSSL_ENCODER_PARAM_PASS, NULL, 0),
         OSSL_PARAM_END,
     };
 
@@ -87,10 +87,10 @@ static int dh_priv_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     struct dh_priv_ctx_st *ctx = vctx;
     const OSSL_PARAM *p;
 
-    if ((p = OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_CIPHER))
+    if ((p = OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_CIPHER))
         != NULL) {
         const OSSL_PARAM *propsp =
-            OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_PROPERTIES);
+            OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_PROPERTIES);
         const char *props = NULL;
 
         if (p->data_type != OSSL_PARAM_UTF8_STRING)
@@ -106,7 +106,7 @@ static int dh_priv_set_ctx_params(void *vctx, const OSSL_PARAM params[])
                 == NULL))
             return 0;
     }
-    if ((p = OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_PASS))
+    if ((p = OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_PASS))
         != NULL) {
         OPENSSL_free(ctx->sc.cipher_pass);
         ctx->sc.cipher_pass = NULL;
@@ -141,7 +141,7 @@ static int dh_priv_der_data(void *vctx, const OSSL_PARAM params[],
 }
 
 static int dh_priv_der(void *vctx, void *dh, OSSL_CORE_BIO *cout,
-                        OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
+                       OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
 {
     struct dh_priv_ctx_st *ctx = vctx;
     int ret;
@@ -258,35 +258,35 @@ static int dh_priv_print(void *ctx, void *dh, OSSL_CORE_BIO *cout,
     return ret;
 }
 
-const OSSL_DISPATCH dh_priv_der_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dh_priv_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dh_priv_freectx },
-    { OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS,
+const OSSL_DISPATCH dh_priv_der_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))dh_priv_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))dh_priv_freectx },
+    { OSSL_FUNC_ENCODER_SET_CTX_PARAMS,
       (void (*)(void))dh_priv_set_ctx_params },
-    { OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS,
+    { OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS,
       (void (*)(void))dh_priv_settable_ctx_params },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dh_priv_der_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dh_priv_der },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))dh_priv_der_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))dh_priv_der },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH dh_priv_pem_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dh_priv_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dh_priv_freectx },
-    { OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS,
+const OSSL_DISPATCH dh_priv_pem_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))dh_priv_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))dh_priv_freectx },
+    { OSSL_FUNC_ENCODER_SET_CTX_PARAMS,
       (void (*)(void))dh_priv_set_ctx_params },
-    { OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS,
+    { OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS,
       (void (*)(void))dh_priv_settable_ctx_params },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dh_pem_priv_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dh_pem_priv },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))dh_pem_priv_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))dh_pem_priv },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH dh_priv_text_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dh_print_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dh_print_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dh_priv_print },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA,
+const OSSL_DISPATCH dh_priv_text_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))dh_print_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))dh_print_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))dh_priv_print },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA,
       (void (*)(void))dh_priv_print_data },
     { 0, NULL }
 };
diff --git a/providers/implementations/serializers/serializer_dh_pub.c b/providers/implementations/encode_decode/encoder_dh_pub.c
similarity index 70%
rename from providers/implementations/serializers/serializer_dh_pub.c
rename to providers/implementations/encode_decode/encoder_dh_pub.c
index b79f1df216..99f9532c34 100644
--- a/providers/implementations/serializers/serializer_dh_pub.c
+++ b/providers/implementations/encode_decode/encoder_dh_pub.c
@@ -22,17 +22,17 @@
 #include "prov/bio.h"
 #include "prov/implementations.h"
 #include "prov/provider_ctx.h"
-#include "serializer_local.h"
+#include "encoder_local.h"
 
-static OSSL_FUNC_serializer_newctx_fn dh_pub_newctx;
-static OSSL_FUNC_serializer_freectx_fn dh_pub_freectx;
-static OSSL_FUNC_serializer_serialize_data_fn dh_pub_der_data;
-static OSSL_FUNC_serializer_serialize_object_fn dh_pub_der;
-static OSSL_FUNC_serializer_serialize_data_fn dh_pub_pem_data;
-static OSSL_FUNC_serializer_serialize_object_fn dh_pub_pem;
+static OSSL_FUNC_encoder_newctx_fn dh_pub_newctx;
+static OSSL_FUNC_encoder_freectx_fn dh_pub_freectx;
+static OSSL_FUNC_encoder_encode_data_fn dh_pub_der_data;
+static OSSL_FUNC_encoder_encode_object_fn dh_pub_der;
+static OSSL_FUNC_encoder_encode_data_fn dh_pub_pem_data;
+static OSSL_FUNC_encoder_encode_object_fn dh_pub_pem;
 
-static OSSL_FUNC_serializer_serialize_data_fn dh_pub_print_data;
-static OSSL_FUNC_serializer_serialize_object_fn dh_pub_print;
+static OSSL_FUNC_encoder_encode_data_fn dh_pub_print_data;
+static OSSL_FUNC_encoder_encode_object_fn dh_pub_print;
 
 /* Public key : context */
 
@@ -50,8 +50,8 @@ static void dh_pub_freectx(void *ctx)
 
 /* Public key : DER */
 static int dh_pub_der_data(void *ctx, const OSSL_PARAM params[],
-                            OSSL_CORE_BIO *out,
-                            OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
+                           OSSL_CORE_BIO *out,
+                           OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
 {
     OSSL_FUNC_keymgmt_new_fn *dh_new = ossl_prov_get_keymgmt_dh_new();
     OSSL_FUNC_keymgmt_free_fn *dh_free = ossl_prov_get_keymgmt_dh_free();
@@ -72,7 +72,7 @@ static int dh_pub_der_data(void *ctx, const OSSL_PARAM params[],
 }
 
 static int dh_pub_der(void *ctx, void *dh, OSSL_CORE_BIO *cout,
-                       OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
+                      OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
 {
     BIO *out = bio_new_from_core_bio(ctx, cout);
     int ret;
@@ -113,7 +113,7 @@ static int dh_pub_pem_data(void *ctx, const OSSL_PARAM params[],
 }
 
 static int dh_pub_pem(void *ctx, void *dh, OSSL_CORE_BIO *cout,
-                       OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
+                      OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
 {
     BIO *out = bio_new_from_core_bio(ctx, cout);
     int ret;
@@ -153,7 +153,7 @@ static int dh_pub_print_data(void *ctx, const OSSL_PARAM params[],
 }
 
 static int dh_pub_print(void *ctx, void *dh, OSSL_CORE_BIO *cout,
-                         OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
+                        OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
 {
     BIO *out = bio_new_from_core_bio(ctx, cout);
     int ret;
@@ -167,27 +167,27 @@ static int dh_pub_print(void *ctx, void *dh, OSSL_CORE_BIO *cout,
     return ret;
 }
 
-const OSSL_DISPATCH dh_pub_der_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dh_pub_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dh_pub_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dh_pub_der_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dh_pub_der },
+const OSSL_DISPATCH dh_pub_der_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))dh_pub_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))dh_pub_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))dh_pub_der_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))dh_pub_der },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH dh_pub_pem_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dh_pub_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dh_pub_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dh_pub_pem_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dh_pub_pem },
+const OSSL_DISPATCH dh_pub_pem_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))dh_pub_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))dh_pub_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))dh_pub_pem_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))dh_pub_pem },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH dh_pub_text_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dh_pub_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dh_pub_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dh_pub_print },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA,
+const OSSL_DISPATCH dh_pub_text_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))dh_pub_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))dh_pub_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))dh_pub_print },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA,
       (void (*)(void))dh_pub_print_data },
     { 0, NULL }
 };
diff --git a/providers/implementations/serializers/serializer_dsa.c b/providers/implementations/encode_decode/encoder_dsa.c
similarity index 99%
rename from providers/implementations/serializers/serializer_dsa.c
rename to providers/implementations/encode_decode/encoder_dsa.c
index 1f986b62d5..838079902e 100644
--- a/providers/implementations/serializers/serializer_dsa.c
+++ b/providers/implementations/encode_decode/encoder_dsa.c
@@ -18,7 +18,7 @@
 #include "prov/bio.h"             /* ossl_prov_bio_printf() */
 #include "prov/implementations.h" /* rsa_keymgmt_functions */
 #include "prov/providercommonerr.h" /* PROV_R_BN_ERROR */
-#include "serializer_local.h"
+#include "encoder_local.h"
 #include "internal/ffc.h"
 #include "crypto/dsa.h"
 
diff --git a/providers/implementations/serializers/serializer_dsa_param.c b/providers/implementations/encode_decode/encoder_dsa_param.c
similarity index 73%
rename from providers/implementations/serializers/serializer_dsa_param.c
rename to providers/implementations/encode_decode/encoder_dsa_param.c
index fff577df39..87abde7212 100644
--- a/providers/implementations/serializers/serializer_dsa_param.c
+++ b/providers/implementations/encode_decode/encoder_dsa_param.c
@@ -22,17 +22,17 @@
 #include "prov/implementations.h"
 #include "prov/providercommonerr.h"
 #include "prov/provider_ctx.h"
-#include "serializer_local.h"
+#include "encoder_local.h"
 
-static OSSL_FUNC_serializer_newctx_fn dsa_param_newctx;
-static OSSL_FUNC_serializer_freectx_fn dsa_param_freectx;
-static OSSL_FUNC_serializer_serialize_data_fn dsa_param_der_data;
-static OSSL_FUNC_serializer_serialize_object_fn dsa_param_der;
-static OSSL_FUNC_serializer_serialize_data_fn dsa_param_pem_data;
-static OSSL_FUNC_serializer_serialize_object_fn dsa_param_pem;
+static OSSL_FUNC_encoder_newctx_fn dsa_param_newctx;
+static OSSL_FUNC_encoder_freectx_fn dsa_param_freectx;
+static OSSL_FUNC_encoder_encode_data_fn dsa_param_der_data;
+static OSSL_FUNC_encoder_encode_object_fn dsa_param_der;
+static OSSL_FUNC_encoder_encode_data_fn dsa_param_pem_data;
+static OSSL_FUNC_encoder_encode_object_fn dsa_param_pem;
 
-static OSSL_FUNC_serializer_serialize_data_fn dsa_param_print_data;
-static OSSL_FUNC_serializer_serialize_object_fn dsa_param_print;
+static OSSL_FUNC_encoder_encode_data_fn dsa_param_print_data;
+static OSSL_FUNC_encoder_encode_object_fn dsa_param_print;
 
 /* Parameters : context */
 
@@ -161,27 +161,27 @@ static int dsa_param_print(void *ctx, void *dsa, OSSL_CORE_BIO *cout,
     return ret;
 }
 
-const OSSL_DISPATCH dsa_param_der_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dsa_param_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dsa_param_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dsa_param_der_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dsa_param_der },
+const OSSL_DISPATCH dsa_param_der_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))dsa_param_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))dsa_param_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))dsa_param_der_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))dsa_param_der },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH dsa_param_pem_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dsa_param_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dsa_param_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dsa_param_pem_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dsa_param_pem },
+const OSSL_DISPATCH dsa_param_pem_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))dsa_param_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))dsa_param_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))dsa_param_pem_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))dsa_param_pem },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH dsa_param_text_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dsa_param_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dsa_param_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dsa_param_print },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA,
+const OSSL_DISPATCH dsa_param_text_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))dsa_param_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))dsa_param_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))dsa_param_print },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA,
       (void (*)(void))dsa_param_print_data },
     { 0, NULL }
 };
diff --git a/providers/implementations/serializers/serializer_dsa_priv.c b/providers/implementations/encode_decode/encoder_dsa_priv.c
similarity index 74%
rename from providers/implementations/serializers/serializer_dsa_priv.c
rename to providers/implementations/encode_decode/encoder_dsa_priv.c
index 0db3ef49e4..c37c9f9f3c 100644
--- a/providers/implementations/serializers/serializer_dsa_priv.c
+++ b/providers/implementations/encode_decode/encoder_dsa_priv.c
@@ -23,24 +23,24 @@
 #include "prov/bio.h"
 #include "prov/implementations.h"
 #include "prov/provider_ctx.h"
-#include "serializer_local.h"
-
-static OSSL_FUNC_serializer_newctx_fn dsa_priv_newctx;
-static OSSL_FUNC_serializer_freectx_fn dsa_priv_freectx;
-static OSSL_FUNC_serializer_set_ctx_params_fn dsa_priv_set_ctx_params;
-static OSSL_FUNC_serializer_settable_ctx_params_fn dsa_priv_settable_ctx_params;
-static OSSL_FUNC_serializer_serialize_data_fn dsa_priv_der_data;
-static OSSL_FUNC_serializer_serialize_object_fn dsa_priv_der;
-static OSSL_FUNC_serializer_serialize_data_fn dsa_pem_priv_data;
-static OSSL_FUNC_serializer_serialize_object_fn dsa_pem_priv;
-
-static OSSL_FUNC_serializer_newctx_fn dsa_print_newctx;
-static OSSL_FUNC_serializer_freectx_fn dsa_print_freectx;
-static OSSL_FUNC_serializer_serialize_data_fn dsa_priv_print_data;
-static OSSL_FUNC_serializer_serialize_object_fn dsa_priv_print;
-
- /*
- * Context used for private key serialization.
+#include "encoder_local.h"
+
+static OSSL_FUNC_encoder_newctx_fn dsa_priv_newctx;
+static OSSL_FUNC_encoder_freectx_fn dsa_priv_freectx;
+static OSSL_FUNC_encoder_set_ctx_params_fn dsa_priv_set_ctx_params;
+static OSSL_FUNC_encoder_settable_ctx_params_fn dsa_priv_settable_ctx_params;
+static OSSL_FUNC_encoder_encode_data_fn dsa_priv_der_data;
+static OSSL_FUNC_encoder_encode_object_fn dsa_priv_der;
+static OSSL_FUNC_encoder_encode_data_fn dsa_pem_priv_data;
+static OSSL_FUNC_encoder_encode_object_fn dsa_pem_priv;
+
+static OSSL_FUNC_encoder_newctx_fn dsa_print_newctx;
+static OSSL_FUNC_encoder_freectx_fn dsa_print_freectx;
+static OSSL_FUNC_encoder_encode_data_fn dsa_priv_print_data;
+static OSSL_FUNC_encoder_encode_object_fn dsa_priv_print;
+
+/*
+ * Context used for private key encoding.
  */
 struct dsa_priv_ctx_st {
     void *provctx;
@@ -74,8 +74,8 @@ static void dsa_priv_freectx(void *vctx)
 static const OSSL_PARAM *dsa_priv_settable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM settables[] = {
-        OSSL_PARAM_utf8_string(OSSL_SERIALIZER_PARAM_CIPHER, NULL, 0),
-        OSSL_PARAM_octet_string(OSSL_SERIALIZER_PARAM_PASS, NULL, 0),
+        OSSL_PARAM_utf8_string(OSSL_ENCODER_PARAM_CIPHER, NULL, 0),
+        OSSL_PARAM_octet_string(OSSL_ENCODER_PARAM_PASS, NULL, 0),
         OSSL_PARAM_END,
     };
 
@@ -87,10 +87,10 @@ static int dsa_priv_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     struct dsa_priv_ctx_st *ctx = vctx;
     const OSSL_PARAM *p;
 
-    if ((p = OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_CIPHER))
+    if ((p = OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_CIPHER))
         != NULL) {
         const OSSL_PARAM *propsp =
-            OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_PROPERTIES);
+            OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_PROPERTIES);
         const char *props = NULL;
 
         if (p->data_type != OSSL_PARAM_UTF8_STRING)
@@ -106,7 +106,7 @@ static int dsa_priv_set_ctx_params(void *vctx, const OSSL_PARAM params[])
                 == NULL))
             return 0;
     }
-    if ((p = OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_PASS))
+    if ((p = OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_PASS))
         != NULL) {
         OPENSSL_free(ctx->sc.cipher_pass);
         ctx->sc.cipher_pass = NULL;
@@ -256,35 +256,35 @@ static int dsa_priv_print(void *ctx, void *dsa, OSSL_CORE_BIO *cout,
     return ret;
 }
 
-const OSSL_DISPATCH dsa_priv_der_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dsa_priv_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dsa_priv_freectx },
-    { OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS,
+const OSSL_DISPATCH dsa_priv_der_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))dsa_priv_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))dsa_priv_freectx },
+    { OSSL_FUNC_ENCODER_SET_CTX_PARAMS,
       (void (*)(void))dsa_priv_set_ctx_params },
-    { OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS,
+    { OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS,
       (void (*)(void))dsa_priv_settable_ctx_params },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dsa_priv_der_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dsa_priv_der },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))dsa_priv_der_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))dsa_priv_der },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH dsa_priv_pem_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dsa_priv_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dsa_priv_freectx },
-    { OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS,
+const OSSL_DISPATCH dsa_priv_pem_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))dsa_priv_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))dsa_priv_freectx },
+    { OSSL_FUNC_ENCODER_SET_CTX_PARAMS,
       (void (*)(void))dsa_priv_set_ctx_params },
-    { OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS,
+    { OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS,
       (void (*)(void))dsa_priv_settable_ctx_params },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dsa_pem_priv_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dsa_pem_priv },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))dsa_pem_priv_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))dsa_pem_priv },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH dsa_priv_text_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dsa_print_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dsa_print_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dsa_priv_print },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA,
+const OSSL_DISPATCH dsa_priv_text_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))dsa_print_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))dsa_print_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))dsa_priv_print },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA,
       (void (*)(void))dsa_priv_print_data },
     { 0, NULL }
 };
diff --git a/providers/implementations/serializers/serializer_dsa_pub.c b/providers/implementations/encode_decode/encoder_dsa_pub.c
similarity index 76%
rename from providers/implementations/serializers/serializer_dsa_pub.c
rename to providers/implementations/encode_decode/encoder_dsa_pub.c
index 787bbb541e..ca7dd4bf1e 100644
--- a/providers/implementations/serializers/serializer_dsa_pub.c
+++ b/providers/implementations/encode_decode/encoder_dsa_pub.c
@@ -22,17 +22,17 @@
 #include "prov/bio.h"
 #include "prov/implementations.h"
 #include "prov/provider_ctx.h"
-#include "serializer_local.h"
+#include "encoder_local.h"
 
-static OSSL_FUNC_serializer_newctx_fn dsa_pub_newctx;
-static OSSL_FUNC_serializer_freectx_fn dsa_pub_freectx;
-static OSSL_FUNC_serializer_serialize_data_fn dsa_pub_der_data;
-static OSSL_FUNC_serializer_serialize_object_fn dsa_pub_der;
-static OSSL_FUNC_serializer_serialize_data_fn dsa_pub_pem_data;
-static OSSL_FUNC_serializer_serialize_object_fn dsa_pub_pem;
+static OSSL_FUNC_encoder_newctx_fn dsa_pub_newctx;
+static OSSL_FUNC_encoder_freectx_fn dsa_pub_freectx;
+static OSSL_FUNC_encoder_encode_data_fn dsa_pub_der_data;
+static OSSL_FUNC_encoder_encode_object_fn dsa_pub_der;
+static OSSL_FUNC_encoder_encode_data_fn dsa_pub_pem_data;
+static OSSL_FUNC_encoder_encode_object_fn dsa_pub_pem;
 
-static OSSL_FUNC_serializer_serialize_data_fn dsa_pub_print_data;
-static OSSL_FUNC_serializer_serialize_object_fn dsa_pub_print;
+static OSSL_FUNC_encoder_encode_data_fn dsa_pub_print_data;
+static OSSL_FUNC_encoder_encode_object_fn dsa_pub_print;
 
 /* Public key : context */
 
@@ -177,27 +177,27 @@ static int dsa_pub_print(void *ctx, void *dsa, OSSL_CORE_BIO *cout,
     return ret;
 }
 
-const OSSL_DISPATCH dsa_pub_der_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dsa_pub_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dsa_pub_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dsa_pub_der_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dsa_pub_der },
+const OSSL_DISPATCH dsa_pub_der_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))dsa_pub_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))dsa_pub_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))dsa_pub_der_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))dsa_pub_der },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH dsa_pub_pem_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dsa_pub_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dsa_pub_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dsa_pub_pem_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dsa_pub_pem },
+const OSSL_DISPATCH dsa_pub_pem_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))dsa_pub_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))dsa_pub_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))dsa_pub_pem_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))dsa_pub_pem },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH dsa_pub_text_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dsa_pub_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dsa_pub_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dsa_pub_print },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA,
+const OSSL_DISPATCH dsa_pub_text_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))dsa_pub_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))dsa_pub_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))dsa_pub_print },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA,
       (void (*)(void))dsa_pub_print_data },
     { 0, NULL }
 };
diff --git a/providers/implementations/serializers/serializer_ec.c b/providers/implementations/encode_decode/encoder_ec.c
similarity index 99%
rename from providers/implementations/serializers/serializer_ec.c
rename to providers/implementations/encode_decode/encoder_ec.c
index 0dbc889d34..8c256fe448 100644
--- a/providers/implementations/serializers/serializer_ec.c
+++ b/providers/implementations/encode_decode/encoder_ec.c
@@ -12,7 +12,7 @@
 #include "prov/bio.h"             /* ossl_prov_bio_printf() */
 #include "prov/implementations.h" /* ec_keymgmt_functions */
 #include "prov/providercommonerr.h" /* PROV_R_MISSING_OID */
-#include "serializer_local.h"
+#include "encoder_local.h"
 
 void ec_get_new_free_import(OSSL_FUNC_keymgmt_new_fn **ec_new,
                             OSSL_FUNC_keymgmt_free_fn **ec_free,
diff --git a/providers/implementations/serializers/serializer_ec_param.c b/providers/implementations/encode_decode/encoder_ec_param.c
similarity index 68%
rename from providers/implementations/serializers/serializer_ec_param.c
rename to providers/implementations/encode_decode/encoder_ec_param.c
index 95fbd555a0..2f6637d80e 100644
--- a/providers/implementations/serializers/serializer_ec_param.c
+++ b/providers/implementations/encode_decode/encoder_ec_param.c
@@ -16,17 +16,17 @@
 #include "prov/implementations.h"
 #include "prov/providercommonerr.h"
 #include "prov/provider_ctx.h"
-#include "serializer_local.h"
+#include "encoder_local.h"
 
-static OSSL_FUNC_serializer_newctx_fn ec_param_newctx;
-static OSSL_FUNC_serializer_freectx_fn ec_param_freectx;
-static OSSL_FUNC_serializer_serialize_data_fn ec_param_der_data;
-static OSSL_FUNC_serializer_serialize_object_fn ec_param_der;
-static OSSL_FUNC_serializer_serialize_data_fn ec_param_pem_data;
-static OSSL_FUNC_serializer_serialize_object_fn ec_param_pem;
+static OSSL_FUNC_encoder_newctx_fn ec_param_newctx;
+static OSSL_FUNC_encoder_freectx_fn ec_param_freectx;
+static OSSL_FUNC_encoder_encode_data_fn ec_param_der_data;
+static OSSL_FUNC_encoder_encode_object_fn ec_param_der;
+static OSSL_FUNC_encoder_encode_data_fn ec_param_pem_data;
+static OSSL_FUNC_encoder_encode_object_fn ec_param_pem;
 
-static OSSL_FUNC_serializer_serialize_data_fn ec_param_print_data;
-static OSSL_FUNC_serializer_serialize_object_fn ec_param_print;
+static OSSL_FUNC_encoder_encode_data_fn ec_param_print_data;
+static OSSL_FUNC_encoder_encode_object_fn ec_param_print;
 
 
 /* There is no specific implementation context, so use the provider context */
@@ -65,7 +65,7 @@ static int ec_param_der_data(void *vctx, const OSSL_PARAM params[],
 }
 
 static int ec_param_der(void *vctx, void *eckey, OSSL_CORE_BIO *cout,
-                         OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
+                        OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
 {
     BIO *out = bio_new_from_core_bio(vctx, cout);
     int ret;
@@ -105,7 +105,7 @@ static int ec_param_pem_data(void *vctx, const OSSL_PARAM params[],
 }
 
 static int ec_param_pem(void *vctx, void *eckey, OSSL_CORE_BIO *cout,
-                         OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
+                        OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
 {
     BIO *out = bio_new_from_core_bio(vctx, cout);
     int ret;
@@ -144,7 +144,7 @@ static int ec_param_print_data(void *vctx, const OSSL_PARAM params[],
 }
 
 static int ec_param_print(void *vctx, void *eckey, OSSL_CORE_BIO *cout,
-                           OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
+                          OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
 {
     BIO *out = bio_new_from_core_bio(vctx, cout);
     int ret;
@@ -158,27 +158,27 @@ static int ec_param_print(void *vctx, void *eckey, OSSL_CORE_BIO *cout,
     return ret;
 }
 
-const OSSL_DISPATCH ec_param_der_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))ec_param_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ec_param_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))ec_param_der_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))ec_param_der },
+const OSSL_DISPATCH ec_param_der_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))ec_param_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))ec_param_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))ec_param_der_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))ec_param_der },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH ec_param_pem_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))ec_param_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ec_param_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))ec_param_pem_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))ec_param_pem },
+const OSSL_DISPATCH ec_param_pem_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))ec_param_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))ec_param_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))ec_param_pem_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))ec_param_pem },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH ec_param_text_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))ec_param_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ec_param_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))ec_param_print },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA,
+const OSSL_DISPATCH ec_param_text_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))ec_param_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))ec_param_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))ec_param_print },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA,
       (void (*)(void))ec_param_print_data },
     { 0, NULL }
 };
diff --git a/providers/implementations/serializers/serializer_ec_priv.c b/providers/implementations/encode_decode/encoder_ec_priv.c
similarity index 71%
rename from providers/implementations/serializers/serializer_ec_priv.c
rename to providers/implementations/encode_decode/encoder_ec_priv.c
index 25dc8dbcca..ea8a1ba92b 100644
--- a/providers/implementations/serializers/serializer_ec_priv.c
+++ b/providers/implementations/encode_decode/encoder_ec_priv.c
@@ -17,24 +17,24 @@
 #include "prov/bio.h"
 #include "prov/implementations.h"
 #include "prov/provider_ctx.h"
-#include "serializer_local.h"
-
-static OSSL_FUNC_serializer_newctx_fn ec_priv_newctx;
-static OSSL_FUNC_serializer_freectx_fn ec_priv_freectx;
-static OSSL_FUNC_serializer_set_ctx_params_fn ec_priv_set_ctx_params;
-static OSSL_FUNC_serializer_settable_ctx_params_fn ec_priv_settable_ctx_params;
-static OSSL_FUNC_serializer_serialize_data_fn ec_priv_der_data;
-static OSSL_FUNC_serializer_serialize_object_fn ec_priv_der;
-static OSSL_FUNC_serializer_serialize_data_fn ec_pem_priv_data;
-static OSSL_FUNC_serializer_serialize_object_fn ec_pem_priv;
-
-static OSSL_FUNC_serializer_newctx_fn ec_print_newctx;
-static OSSL_FUNC_serializer_freectx_fn ec_print_freectx;
-static OSSL_FUNC_serializer_serialize_data_fn ec_priv_print_data;
-static OSSL_FUNC_serializer_serialize_object_fn ec_priv_print;
-
- /*
- * Context used for private key serialization.
+#include "encoder_local.h"
+
+static OSSL_FUNC_encoder_newctx_fn ec_priv_newctx;
+static OSSL_FUNC_encoder_freectx_fn ec_priv_freectx;
+static OSSL_FUNC_encoder_set_ctx_params_fn ec_priv_set_ctx_params;
+static OSSL_FUNC_encoder_settable_ctx_params_fn ec_priv_settable_ctx_params;
+static OSSL_FUNC_encoder_encode_data_fn ec_priv_der_data;
+static OSSL_FUNC_encoder_encode_object_fn ec_priv_der;
+static OSSL_FUNC_encoder_encode_data_fn ec_pem_priv_data;
+static OSSL_FUNC_encoder_encode_object_fn ec_pem_priv;
+
+static OSSL_FUNC_encoder_newctx_fn ec_print_newctx;
+static OSSL_FUNC_encoder_freectx_fn ec_print_freectx;
+static OSSL_FUNC_encoder_encode_data_fn ec_priv_print_data;
+static OSSL_FUNC_encoder_encode_object_fn ec_priv_print;
+
+/*
+ * Context used for private key encoding.
  */
 struct ec_priv_ctx_st {
     void *provctx;
@@ -68,8 +68,8 @@ static void ec_priv_freectx(void *vctx)
 static const OSSL_PARAM *ec_priv_settable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM settables[] = {
-        OSSL_PARAM_utf8_string(OSSL_SERIALIZER_PARAM_CIPHER, NULL, 0),
-        OSSL_PARAM_octet_string(OSSL_SERIALIZER_PARAM_PASS, NULL, 0),
+        OSSL_PARAM_utf8_string(OSSL_ENCODER_PARAM_CIPHER, NULL, 0),
+        OSSL_PARAM_octet_string(OSSL_ENCODER_PARAM_PASS, NULL, 0),
         OSSL_PARAM_END,
     };
 
@@ -81,10 +81,10 @@ static int ec_priv_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     struct ec_priv_ctx_st *ctx = vctx;
     const OSSL_PARAM *p;
 
-    if ((p = OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_CIPHER))
+    if ((p = OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_CIPHER))
         != NULL) {
         const OSSL_PARAM *propsp =
-            OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_PROPERTIES);
+            OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_PROPERTIES);
         const char *props = NULL;
 
         if (p->data_type != OSSL_PARAM_UTF8_STRING)
@@ -100,7 +100,7 @@ static int ec_priv_set_ctx_params(void *vctx, const OSSL_PARAM params[])
                 == NULL))
             return 0;
     }
-    if ((p = OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_PASS))
+    if ((p = OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_PASS))
         != NULL) {
         OPENSSL_free(ctx->sc.cipher_pass);
         ctx->sc.cipher_pass = NULL;
@@ -137,7 +137,7 @@ static int ec_priv_der_data(void *vctx, const OSSL_PARAM params[],
 }
 
 static int ec_priv_der(void *vctx, void *eckey, OSSL_CORE_BIO *cout,
-                        OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
+                       OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
 {
     struct ec_priv_ctx_st *ctx = vctx;
     BIO *out = bio_new_from_core_bio(ctx->provctx, cout);
@@ -184,7 +184,7 @@ static int ec_pem_priv_data(void *vctx, const OSSL_PARAM params[],
 }
 
 static int ec_pem_priv(void *vctx, void *eckey, OSSL_CORE_BIO *cout,
-                        OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
+                       OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
 {
     struct ec_priv_ctx_st *ctx = vctx;
     BIO *out = bio_new_from_core_bio(ctx->provctx, cout);
@@ -242,7 +242,7 @@ static int ec_priv_print_data(void *vctx, const OSSL_PARAM params[],
 }
 
 static int ec_priv_print(void *ctx, void *eckey, OSSL_CORE_BIO *cout,
-                          OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
+                         OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
 {
     BIO *out = bio_new_from_core_bio(ctx, cout);
     int ret;
@@ -256,35 +256,35 @@ static int ec_priv_print(void *ctx, void *eckey, OSSL_CORE_BIO *cout,
     return ret;
 }
 
-const OSSL_DISPATCH ec_priv_der_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))ec_priv_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ec_priv_freectx },
-    { OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS,
+const OSSL_DISPATCH ec_priv_der_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))ec_priv_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))ec_priv_freectx },
+    { OSSL_FUNC_ENCODER_SET_CTX_PARAMS,
       (void (*)(void))ec_priv_set_ctx_params },
-    { OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS,
+    { OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS,
       (void (*)(void))ec_priv_settable_ctx_params },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))ec_priv_der_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))ec_priv_der },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))ec_priv_der_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))ec_priv_der },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH ec_priv_pem_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))ec_priv_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ec_priv_freectx },
-    { OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS,
+const OSSL_DISPATCH ec_priv_pem_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))ec_priv_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))ec_priv_freectx },
+    { OSSL_FUNC_ENCODER_SET_CTX_PARAMS,
       (void (*)(void))ec_priv_set_ctx_params },
-    { OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS,
+    { OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS,
       (void (*)(void))ec_priv_settable_ctx_params },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))ec_pem_priv_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))ec_pem_priv },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))ec_pem_priv_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))ec_pem_priv },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH ec_priv_text_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))ec_print_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ec_print_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))ec_priv_print },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA,
+const OSSL_DISPATCH ec_priv_text_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))ec_print_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))ec_print_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))ec_priv_print },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA,
       (void (*)(void))ec_priv_print_data },
     { 0, NULL }
 };
diff --git a/providers/implementations/serializers/serializer_ec_pub.c b/providers/implementations/encode_decode/encoder_ec_pub.c
similarity index 74%
rename from providers/implementations/serializers/serializer_ec_pub.c
rename to providers/implementations/encode_decode/encoder_ec_pub.c
index 42fb4f96f2..9ab121f7d2 100644
--- a/providers/implementations/serializers/serializer_ec_pub.c
+++ b/providers/implementations/encode_decode/encoder_ec_pub.c
@@ -15,20 +15,19 @@
 #include "prov/bio.h"
 #include "prov/implementations.h"
 #include "prov/provider_ctx.h"
-#include "serializer_local.h"
+#include "encoder_local.h"
 
 #define EC_SELECT_PUBLIC_IMPORTABLE                                            \
     OSSL_KEYMGMT_SELECT_PUBLIC_KEY | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS
 
-static OSSL_FUNC_serializer_newctx_fn ec_pub_newctx;
-static OSSL_FUNC_serializer_freectx_fn ec_pub_freectx;
-static OSSL_FUNC_serializer_serialize_data_fn ec_pub_der_data;
-static OSSL_FUNC_serializer_serialize_object_fn ec_pub_der;
-static OSSL_FUNC_serializer_serialize_data_fn ec_pub_pem_data;
-static OSSL_FUNC_serializer_serialize_object_fn ec_pub_pem;
-
-static OSSL_FUNC_serializer_serialize_data_fn ec_pub_print_data;
-static OSSL_FUNC_serializer_serialize_object_fn ec_pub_print;
+static OSSL_FUNC_encoder_newctx_fn ec_pub_newctx;
+static OSSL_FUNC_encoder_freectx_fn ec_pub_freectx;
+static OSSL_FUNC_encoder_encode_data_fn ec_pub_der_data;
+static OSSL_FUNC_encoder_encode_object_fn ec_pub_der;
+static OSSL_FUNC_encoder_encode_data_fn ec_pub_pem_data;
+static OSSL_FUNC_encoder_encode_object_fn ec_pub_pem;
+static OSSL_FUNC_encoder_encode_data_fn ec_pub_print_data;
+static OSSL_FUNC_encoder_encode_object_fn ec_pub_print;
 
 /* Public key : context */
 
@@ -167,27 +166,27 @@ static int ec_pub_print(void *vctx, void *eckey, OSSL_CORE_BIO *cout,
     return ret;
 }
 
-const OSSL_DISPATCH ec_pub_der_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))ec_pub_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ec_pub_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))ec_pub_der_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))ec_pub_der },
+const OSSL_DISPATCH ec_pub_der_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))ec_pub_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))ec_pub_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))ec_pub_der_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))ec_pub_der },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH ec_pub_pem_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))ec_pub_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ec_pub_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))ec_pub_pem_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))ec_pub_pem },
+const OSSL_DISPATCH ec_pub_pem_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))ec_pub_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))ec_pub_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))ec_pub_pem_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))ec_pub_pem },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH ec_pub_text_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))ec_pub_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ec_pub_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))ec_pub_print },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA,
+const OSSL_DISPATCH ec_pub_text_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))ec_pub_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))ec_pub_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))ec_pub_print },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA,
       (void (*)(void))ec_pub_print_data },
     { 0, NULL }
 };
diff --git a/providers/implementations/serializers/serializer_ecx.c b/providers/implementations/encode_decode/encoder_ecx.c
similarity index 99%
rename from providers/implementations/serializers/serializer_ecx.c
rename to providers/implementations/encode_decode/encoder_ecx.c
index ef16d97b97..83de9fe002 100644
--- a/providers/implementations/serializers/serializer_ecx.c
+++ b/providers/implementations/encode_decode/encoder_ecx.c
@@ -11,7 +11,7 @@
 #include "crypto/ecx.h"
 #include "prov/bio.h"             /* ossl_prov_bio_printf() */
 #include "prov/implementations.h" /* ecx_keymgmt_functions */
-#include "serializer_local.h"
+#include "encoder_local.h"
 
 void ecx_get_new_free_import(ECX_KEY_TYPE type,
                              OSSL_FUNC_keymgmt_new_fn **ecx_new,
diff --git a/providers/implementations/serializers/serializer_ecx_priv.c b/providers/implementations/encode_decode/encoder_ecx_priv.c
similarity index 68%
rename from providers/implementations/serializers/serializer_ecx_priv.c
rename to providers/implementations/encode_decode/encoder_ecx_priv.c
index 7df1e01fd5..cd0190aa7c 100644
--- a/providers/implementations/serializers/serializer_ecx_priv.c
+++ b/providers/implementations/encode_decode/encoder_ecx_priv.c
@@ -17,25 +17,25 @@
 #include "prov/bio.h"
 #include "prov/implementations.h"
 #include "prov/provider_ctx.h"
-#include "serializer_local.h"
-
-static OSSL_FUNC_serializer_newctx_fn x25519_priv_newctx;
-static OSSL_FUNC_serializer_newctx_fn x448_priv_newctx;
-static OSSL_FUNC_serializer_newctx_fn ed25519_priv_newctx;
-static OSSL_FUNC_serializer_newctx_fn ed448_priv_newctx;
-static OSSL_FUNC_serializer_freectx_fn ecx_priv_freectx;
-static OSSL_FUNC_serializer_set_ctx_params_fn ecx_priv_set_ctx_params;
-static OSSL_FUNC_serializer_settable_ctx_params_fn ecx_priv_settable_ctx_params;
-static OSSL_FUNC_serializer_serialize_data_fn ecx_priv_der_data;
-static OSSL_FUNC_serializer_serialize_object_fn ecx_priv_der;
-static OSSL_FUNC_serializer_serialize_data_fn ecx_priv_pem_data;
-static OSSL_FUNC_serializer_serialize_object_fn ecx_priv_pem;
-
-static OSSL_FUNC_serializer_serialize_data_fn ecx_priv_print_data;
-static OSSL_FUNC_serializer_serialize_object_fn ecx_priv_print;
-
- /*
- * Context used for private key serialization.
+#include "encoder_local.h"
+
+static OSSL_FUNC_encoder_newctx_fn x25519_priv_newctx;
+static OSSL_FUNC_encoder_newctx_fn x448_priv_newctx;
+static OSSL_FUNC_encoder_newctx_fn ed25519_priv_newctx;
+static OSSL_FUNC_encoder_newctx_fn ed448_priv_newctx;
+static OSSL_FUNC_encoder_freectx_fn ecx_priv_freectx;
+static OSSL_FUNC_encoder_set_ctx_params_fn ecx_priv_set_ctx_params;
+static OSSL_FUNC_encoder_settable_ctx_params_fn ecx_priv_settable_ctx_params;
+static OSSL_FUNC_encoder_encode_data_fn ecx_priv_der_data;
+static OSSL_FUNC_encoder_encode_object_fn ecx_priv_der;
+static OSSL_FUNC_encoder_encode_data_fn ecx_priv_pem_data;
+static OSSL_FUNC_encoder_encode_object_fn ecx_priv_pem;
+
+static OSSL_FUNC_encoder_encode_data_fn ecx_priv_print_data;
+static OSSL_FUNC_encoder_encode_object_fn ecx_priv_print;
+
+/*
+ * Context used for private key encoding.
  */
 struct ecx_priv_ctx_st {
     void *provctx;
@@ -91,8 +91,8 @@ static void ecx_priv_freectx(void *vctx)
 static const OSSL_PARAM *ecx_priv_settable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM settables[] = {
-        OSSL_PARAM_utf8_string(OSSL_SERIALIZER_PARAM_CIPHER, NULL, 0),
-        OSSL_PARAM_octet_string(OSSL_SERIALIZER_PARAM_PASS, NULL, 0),
+        OSSL_PARAM_utf8_string(OSSL_ENCODER_PARAM_CIPHER, NULL, 0),
+        OSSL_PARAM_octet_string(OSSL_ENCODER_PARAM_PASS, NULL, 0),
         OSSL_PARAM_END,
     };
 
@@ -104,10 +104,10 @@ static int ecx_priv_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     struct ecx_priv_ctx_st *ctx = vctx;
     const OSSL_PARAM *p;
 
-    p = OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_CIPHER);
+    p = OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_CIPHER);
     if (p != NULL) {
         const OSSL_PARAM *propsp =
-            OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_PROPERTIES);
+            OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_PROPERTIES);
         const char *props;
 
         if (p->data_type != OSSL_PARAM_UTF8_STRING)
@@ -123,7 +123,7 @@ static int ecx_priv_set_ctx_params(void *vctx, const OSSL_PARAM params[])
                 == NULL))
             return 0;
     }
-    p = OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_PASS);
+    p = OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_PASS);
     if (p != NULL) {
         OPENSSL_free(ctx->sc.cipher_pass);
         ctx->sc.cipher_pass = NULL;
@@ -210,7 +210,7 @@ static int ecx_priv_pem_data(void *vctx, const OSSL_PARAM params[],
 }
 
 static int ecx_priv_pem(void *vctx, void *ecxkey, OSSL_CORE_BIO *cout,
-                       OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
+                        OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
 {
     struct ecx_priv_ctx_st *ctx = vctx;
     int ret;
@@ -258,7 +258,7 @@ static int ecx_priv_print_data(void *vctx, const OSSL_PARAM params[],
 }
 
 static int ecx_priv_print(void *vctx, void *ecxkey, OSSL_CORE_BIO *cout,
-                         OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
+                          OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
 {
     struct ecx_priv_ctx_st *ctx = vctx;
     BIO *out = bio_new_from_core_bio(ctx->provctx, cout);
@@ -273,35 +273,35 @@ static int ecx_priv_print(void *vctx, void *ecxkey, OSSL_CORE_BIO *cout,
     return ret;
 }
 
-#define MAKE_SERIALIZER_FUNCTIONS(alg, type) \
-    const OSSL_DISPATCH alg##_priv_##type##_serializer_functions[] = { \
-        { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))alg##_priv_newctx }, \
-        { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ecx_priv_freectx }, \
-        { OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS, \
-          (void (*)(void))ecx_priv_set_ctx_params }, \
-        { OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS, \
-          (void (*)(void))ecx_priv_settable_ctx_params }, \
-        { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, \
-          (void (*)(void))ecx_priv_##type##_data }, \
-        { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, \
-          (void (*)(void))ecx_priv_##type }, \
-        { 0, NULL } \
+#define MAKE_ENCODER_FUNCTIONS(alg, type)                               \
+    const OSSL_DISPATCH alg##_priv_##type##_encoder_functions[] = {     \
+        { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))alg##_priv_newctx }, \
+        { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))ecx_priv_freectx }, \
+        { OSSL_FUNC_ENCODER_SET_CTX_PARAMS,                             \
+          (void (*)(void))ecx_priv_set_ctx_params },                    \
+        { OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS,                        \
+          (void (*)(void))ecx_priv_settable_ctx_params },               \
+        { OSSL_FUNC_ENCODER_ENCODE_DATA,                                \
+          (void (*)(void))ecx_priv_##type##_data },                     \
+        { OSSL_FUNC_ENCODER_ENCODE_OBJECT,                              \
+          (void (*)(void))ecx_priv_##type },                            \
+        { 0, NULL }                                                     \
     };
 
-#define MAKE_SERIALIZER_FUNCTIONS_GROUP(alg) \
-    MAKE_SERIALIZER_FUNCTIONS(alg, der) \
-    MAKE_SERIALIZER_FUNCTIONS(alg, pem) \
-    const OSSL_DISPATCH alg##_priv_print_serializer_functions[] = { \
-        { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))alg##_priv_newctx }, \
-        { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ecx_priv_freectx }, \
-        { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, \
-          (void (*)(void))ecx_priv_print }, \
-        { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, \
-          (void (*)(void))ecx_priv_print_data }, \
-        { 0, NULL } \
+#define MAKE_ENCODER_FUNCTIONS_GROUP(alg)                               \
+    MAKE_ENCODER_FUNCTIONS(alg, der)                                    \
+        MAKE_ENCODER_FUNCTIONS(alg, pem)                                \
+        const OSSL_DISPATCH alg##_priv_print_encoder_functions[] = {    \
+        { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))alg##_priv_newctx }, \
+        { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))ecx_priv_freectx }, \
+        { OSSL_FUNC_ENCODER_ENCODE_OBJECT,                              \
+          (void (*)(void))ecx_priv_print },                             \
+        { OSSL_FUNC_ENCODER_ENCODE_DATA,                                \
+          (void (*)(void))ecx_priv_print_data },                        \
+        { 0, NULL }                                                     \
     };
 
-MAKE_SERIALIZER_FUNCTIONS_GROUP(x25519)
-MAKE_SERIALIZER_FUNCTIONS_GROUP(x448)
-MAKE_SERIALIZER_FUNCTIONS_GROUP(ed25519)
-MAKE_SERIALIZER_FUNCTIONS_GROUP(ed448)
+MAKE_ENCODER_FUNCTIONS_GROUP(x25519)
+MAKE_ENCODER_FUNCTIONS_GROUP(x448)
+MAKE_ENCODER_FUNCTIONS_GROUP(ed25519)
+MAKE_ENCODER_FUNCTIONS_GROUP(ed448)
diff --git a/providers/implementations/serializers/serializer_ecx_pub.c b/providers/implementations/encode_decode/encoder_ecx_pub.c
similarity index 75%
rename from providers/implementations/serializers/serializer_ecx_pub.c
rename to providers/implementations/encode_decode/encoder_ecx_pub.c
index fa15e5a8c4..6f082c2b4c 100644
--- a/providers/implementations/serializers/serializer_ecx_pub.c
+++ b/providers/implementations/encode_decode/encoder_ecx_pub.c
@@ -16,23 +16,23 @@
 #include "prov/bio.h"
 #include "prov/implementations.h"
 #include "prov/provider_ctx.h"
-#include "serializer_local.h"
+#include "encoder_local.h"
 
-static OSSL_FUNC_serializer_newctx_fn x25519_pub_newctx;
-static OSSL_FUNC_serializer_newctx_fn x448_pub_newctx;
-static OSSL_FUNC_serializer_newctx_fn ed25519_pub_newctx;
-static OSSL_FUNC_serializer_newctx_fn ed448_pub_newctx;
-static OSSL_FUNC_serializer_freectx_fn ecx_pub_freectx;
-static OSSL_FUNC_serializer_serialize_data_fn ecx_pub_der_data;
-static OSSL_FUNC_serializer_serialize_object_fn ecx_pub_der;
-static OSSL_FUNC_serializer_serialize_data_fn ecx_pub_pem_data;
-static OSSL_FUNC_serializer_serialize_object_fn ecx_pub_pem;
+static OSSL_FUNC_encoder_newctx_fn x25519_pub_newctx;
+static OSSL_FUNC_encoder_newctx_fn x448_pub_newctx;
+static OSSL_FUNC_encoder_newctx_fn ed25519_pub_newctx;
+static OSSL_FUNC_encoder_newctx_fn ed448_pub_newctx;
+static OSSL_FUNC_encoder_freectx_fn ecx_pub_freectx;
+static OSSL_FUNC_encoder_encode_data_fn ecx_pub_der_data;
+static OSSL_FUNC_encoder_encode_object_fn ecx_pub_der;
+static OSSL_FUNC_encoder_encode_data_fn ecx_pub_pem_data;
+static OSSL_FUNC_encoder_encode_object_fn ecx_pub_pem;
 
-static OSSL_FUNC_serializer_serialize_data_fn ecx_pub_print_data;
-static OSSL_FUNC_serializer_serialize_object_fn ecx_pub_print;
+static OSSL_FUNC_encoder_encode_data_fn ecx_pub_print_data;
+static OSSL_FUNC_encoder_encode_object_fn ecx_pub_print;
 
 /*
- * Context used for public key serialization.
+ * Context used for public key encoding.
  */
 struct ecx_pub_ctx_st {
     void *provctx;
@@ -204,23 +204,23 @@ static int ecx_pub_print(void *vctx, void *ecxkey, OSSL_CORE_BIO *cout,
     return ret;
 }
 
-#define MAKE_SERIALIZER_FUNCTIONS(alg, type) \
-    const OSSL_DISPATCH alg##_pub_##type##_serializer_functions[] = { \
-        { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))alg##_pub_newctx }, \
-        { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ecx_pub_freectx }, \
-        { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, \
-          (void (*)(void))ecx_pub_##type##_data }, \
-        { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, \
-          (void (*)(void))ecx_pub_##type }, \
-        { 0, NULL } \
+#define MAKE_ENCODER_FUNCTIONS(alg, type)                               \
+    const OSSL_DISPATCH alg##_pub_##type##_encoder_functions[] = {      \
+        { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))alg##_pub_newctx }, \
+        { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))ecx_pub_freectx }, \
+        { OSSL_FUNC_ENCODER_ENCODE_DATA,                                \
+          (void (*)(void))ecx_pub_##type##_data },                      \
+        { OSSL_FUNC_ENCODER_ENCODE_OBJECT,                              \
+          (void (*)(void))ecx_pub_##type },                             \
+        { 0, NULL }                                                     \
     };
 
-#define MAKE_SERIALIZER_FUNCTIONS_GROUP(alg) \
-    MAKE_SERIALIZER_FUNCTIONS(alg, der) \
-    MAKE_SERIALIZER_FUNCTIONS(alg, pem) \
-    MAKE_SERIALIZER_FUNCTIONS(alg, print)
+#define MAKE_ENCODER_FUNCTIONS_GROUP(alg)       \
+    MAKE_ENCODER_FUNCTIONS(alg, der)            \
+        MAKE_ENCODER_FUNCTIONS(alg, pem)        \
+        MAKE_ENCODER_FUNCTIONS(alg, print)
 
-MAKE_SERIALIZER_FUNCTIONS_GROUP(x25519)
-MAKE_SERIALIZER_FUNCTIONS_GROUP(x448)
-MAKE_SERIALIZER_FUNCTIONS_GROUP(ed25519)
-MAKE_SERIALIZER_FUNCTIONS_GROUP(ed448)
+MAKE_ENCODER_FUNCTIONS_GROUP(x25519)
+MAKE_ENCODER_FUNCTIONS_GROUP(x448)
+MAKE_ENCODER_FUNCTIONS_GROUP(ed25519)
+MAKE_ENCODER_FUNCTIONS_GROUP(ed448)
diff --git a/providers/implementations/serializers/serializer_ffc_params.c b/providers/implementations/encode_decode/encoder_ffc_params.c
similarity index 98%
rename from providers/implementations/serializers/serializer_ffc_params.c
rename to providers/implementations/encode_decode/encoder_ffc_params.c
index ad96c4ddd0..67ec50c9b8 100644
--- a/providers/implementations/serializers/serializer_ffc_params.c
+++ b/providers/implementations/encode_decode/encoder_ffc_params.c
@@ -10,7 +10,7 @@
 /* Utility function for printing DSA/DH params. */
 
 #include "prov/bio.h"
-#include "serializer_local.h"
+#include "encoder_local.h"
 
 int ffc_params_prov_print(BIO *out, const FFC_PARAMS *ffc)
 {
diff --git a/providers/implementations/serializers/serializer_local.h b/providers/implementations/encode_decode/encoder_local.h
similarity index 99%
rename from providers/implementations/serializers/serializer_local.h
rename to providers/implementations/encode_decode/encoder_local.h
index 14c6073246..7a1f29f7e9 100644
--- a/providers/implementations/serializers/serializer_local.h
+++ b/providers/implementations/encode_decode/encoder_local.h
@@ -79,7 +79,7 @@ int ossl_prov_prepare_dsa_params(const void *dsa, int nid,
                                 void **pstr, int *pstrtype);
 /*
  * Special variant of ossl_prov_prepare_dsa_params() that requires all
- * three parameters (P, Q and G) to be set.  This is used when serializing
+ * three parameters (P, Q and G) to be set.  This is used when encoding
  * the public key.
  */
 int ossl_prov_prepare_all_dsa_params(const void *dsa, int nid,
diff --git a/providers/implementations/serializers/serializer_rsa.c b/providers/implementations/encode_decode/encoder_rsa.c
similarity index 98%
rename from providers/implementations/serializers/serializer_rsa.c
rename to providers/implementations/encode_decode/encoder_rsa.c
index 9250d49735..cd9ff3b7dd 100644
--- a/providers/implementations/serializers/serializer_rsa.c
+++ b/providers/implementations/encode_decode/encoder_rsa.c
@@ -18,7 +18,7 @@
 #include "prov/bio.h"             /* ossl_prov_bio_printf() */
 #include "prov/der_rsa.h"         /* DER_w_RSASSA_PSS_params() */
 #include "prov/implementations.h" /* rsa_keymgmt_functions */
-#include "serializer_local.h"
+#include "encoder_local.h"
 
 DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM)
 
@@ -189,7 +189,7 @@ int ossl_prov_print_rsa(BIO *out, RSA *rsa, int priv)
 }
 
 /*
- * Helper functions to prepare RSA-PSS params for serialization.  We would
+ * Helper functions to prepare RSA-PSS params for encoding.  We would
  * have simply written the whole AlgorithmIdentifier, but existing libcrypto
  * functionality doesn't allow that.
  */
diff --git a/providers/implementations/serializers/serializer_rsa_priv.c b/providers/implementations/encode_decode/encoder_rsa_priv.c
similarity index 74%
rename from providers/implementations/serializers/serializer_rsa_priv.c
rename to providers/implementations/encode_decode/encoder_rsa_priv.c
index 5a589ae020..3ba648f360 100644
--- a/providers/implementations/serializers/serializer_rsa_priv.c
+++ b/providers/implementations/encode_decode/encoder_rsa_priv.c
@@ -26,24 +26,24 @@
 #include "prov/implementations.h"
 #include "prov/providercommonerr.h"
 #include "prov/provider_ctx.h"
-#include "serializer_local.h"
-
-static OSSL_FUNC_serializer_newctx_fn rsa_priv_newctx;
-static OSSL_FUNC_serializer_freectx_fn rsa_priv_freectx;
-static OSSL_FUNC_serializer_set_ctx_params_fn rsa_priv_set_ctx_params;
-static OSSL_FUNC_serializer_settable_ctx_params_fn rsa_priv_settable_ctx_params;
-static OSSL_FUNC_serializer_serialize_data_fn rsa_priv_der_data;
-static OSSL_FUNC_serializer_serialize_object_fn rsa_priv_der;
-static OSSL_FUNC_serializer_serialize_data_fn rsa_pem_priv_data;
-static OSSL_FUNC_serializer_serialize_object_fn rsa_pem_priv;
-
-static OSSL_FUNC_serializer_newctx_fn rsa_print_newctx;
-static OSSL_FUNC_serializer_freectx_fn rsa_print_freectx;
-static OSSL_FUNC_serializer_serialize_data_fn rsa_priv_print_data;
-static OSSL_FUNC_serializer_serialize_object_fn rsa_priv_print;
-
- /*
- * Context used for private key serialization.
+#include "encoder_local.h"
+
+static OSSL_FUNC_encoder_newctx_fn rsa_priv_newctx;
+static OSSL_FUNC_encoder_freectx_fn rsa_priv_freectx;
+static OSSL_FUNC_encoder_set_ctx_params_fn rsa_priv_set_ctx_params;
+static OSSL_FUNC_encoder_settable_ctx_params_fn rsa_priv_settable_ctx_params;
+static OSSL_FUNC_encoder_encode_data_fn rsa_priv_der_data;
+static OSSL_FUNC_encoder_encode_object_fn rsa_priv_der;
+static OSSL_FUNC_encoder_encode_data_fn rsa_pem_priv_data;
+static OSSL_FUNC_encoder_encode_object_fn rsa_pem_priv;
+
+static OSSL_FUNC_encoder_newctx_fn rsa_print_newctx;
+static OSSL_FUNC_encoder_freectx_fn rsa_print_freectx;
+static OSSL_FUNC_encoder_encode_data_fn rsa_priv_print_data;
+static OSSL_FUNC_encoder_encode_object_fn rsa_priv_print;
+
+/*
+ * Context used for private key encoding.
  */
 struct rsa_priv_ctx_st {
     void *provctx;
@@ -76,8 +76,8 @@ static void rsa_priv_freectx(void *vctx)
 static const OSSL_PARAM *rsa_priv_settable_ctx_params(ossl_unused void *provctx)
 {
     static const OSSL_PARAM settables[] = {
-        OSSL_PARAM_utf8_string(OSSL_SERIALIZER_PARAM_CIPHER, NULL, 0),
-        OSSL_PARAM_octet_string(OSSL_SERIALIZER_PARAM_PASS, NULL, 0),
+        OSSL_PARAM_utf8_string(OSSL_ENCODER_PARAM_CIPHER, NULL, 0),
+        OSSL_PARAM_octet_string(OSSL_ENCODER_PARAM_PASS, NULL, 0),
         OSSL_PARAM_END,
     };
 
@@ -89,10 +89,10 @@ static int rsa_priv_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     struct rsa_priv_ctx_st *ctx = vctx;
     const OSSL_PARAM *p;
 
-    if ((p = OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_CIPHER))
+    if ((p = OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_CIPHER))
         != NULL) {
         const OSSL_PARAM *propsp =
-            OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_PROPERTIES);
+            OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_PROPERTIES);
         const char *props = NULL;
 
         if (p->data_type != OSSL_PARAM_UTF8_STRING)
@@ -108,7 +108,7 @@ static int rsa_priv_set_ctx_params(void *vctx, const OSSL_PARAM params[])
                 == NULL))
             return 0;
     }
-    if ((p = OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_PASS))
+    if ((p = OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_PASS))
         != NULL) {
         OPENSSL_free(ctx->sc.cipher_pass);
         ctx->sc.cipher_pass = NULL;
@@ -260,35 +260,35 @@ static int rsa_priv_print(void *ctx, void *rsa, OSSL_CORE_BIO *cout,
     return ret;
 }
 
-const OSSL_DISPATCH rsa_priv_der_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))rsa_priv_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))rsa_priv_freectx },
-    { OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS,
+const OSSL_DISPATCH rsa_priv_der_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))rsa_priv_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))rsa_priv_freectx },
+    { OSSL_FUNC_ENCODER_SET_CTX_PARAMS,
       (void (*)(void))rsa_priv_set_ctx_params },
-    { OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS,
+    { OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS,
       (void (*)(void))rsa_priv_settable_ctx_params },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))rsa_priv_der_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))rsa_priv_der },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))rsa_priv_der_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))rsa_priv_der },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH rsa_priv_pem_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))rsa_priv_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))rsa_priv_freectx },
-    { OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS,
+const OSSL_DISPATCH rsa_priv_pem_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))rsa_priv_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))rsa_priv_freectx },
+    { OSSL_FUNC_ENCODER_SET_CTX_PARAMS,
       (void (*)(void))rsa_priv_set_ctx_params },
-    { OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS,
+    { OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS,
       (void (*)(void))rsa_priv_settable_ctx_params },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))rsa_pem_priv_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))rsa_pem_priv },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))rsa_pem_priv_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))rsa_pem_priv },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH rsa_priv_text_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))rsa_print_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))rsa_print_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))rsa_priv_print },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA,
+const OSSL_DISPATCH rsa_priv_text_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))rsa_print_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))rsa_print_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))rsa_priv_print },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA,
       (void (*)(void))rsa_priv_print_data },
     { 0, NULL }
 };
diff --git a/providers/implementations/serializers/serializer_rsa_pub.c b/providers/implementations/encode_decode/encoder_rsa_pub.c
similarity index 75%
rename from providers/implementations/serializers/serializer_rsa_pub.c
rename to providers/implementations/encode_decode/encoder_rsa_pub.c
index 72c290ee44..29e71cc093 100644
--- a/providers/implementations/serializers/serializer_rsa_pub.c
+++ b/providers/implementations/encode_decode/encoder_rsa_pub.c
@@ -22,17 +22,17 @@
 #include "prov/implementations.h"
 #include "prov/providercommonerr.h"
 #include "prov/provider_ctx.h"
-#include "serializer_local.h"
+#include "encoder_local.h"
 
-static OSSL_FUNC_serializer_newctx_fn rsa_pub_newctx;
-static OSSL_FUNC_serializer_freectx_fn rsa_pub_freectx;
-static OSSL_FUNC_serializer_serialize_data_fn rsa_pub_der_data;
-static OSSL_FUNC_serializer_serialize_object_fn rsa_pub_der;
-static OSSL_FUNC_serializer_serialize_data_fn rsa_pub_pem_data;
-static OSSL_FUNC_serializer_serialize_object_fn rsa_pub_pem;
+static OSSL_FUNC_encoder_newctx_fn rsa_pub_newctx;
+static OSSL_FUNC_encoder_freectx_fn rsa_pub_freectx;
+static OSSL_FUNC_encoder_encode_data_fn rsa_pub_der_data;
+static OSSL_FUNC_encoder_encode_object_fn rsa_pub_der;
+static OSSL_FUNC_encoder_encode_data_fn rsa_pub_pem_data;
+static OSSL_FUNC_encoder_encode_object_fn rsa_pub_pem;
 
-static OSSL_FUNC_serializer_serialize_data_fn rsa_pub_print_data;
-static OSSL_FUNC_serializer_serialize_object_fn rsa_pub_print;
+static OSSL_FUNC_encoder_encode_data_fn rsa_pub_print_data;
+static OSSL_FUNC_encoder_encode_object_fn rsa_pub_print;
 
 /* Public key : context */
 
@@ -167,27 +167,27 @@ static int rsa_pub_print(void *ctx, void *rsa, OSSL_CORE_BIO *cout,
     return ret;
 }
 
-const OSSL_DISPATCH rsa_pub_der_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))rsa_pub_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))rsa_pub_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))rsa_pub_der_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))rsa_pub_der },
+const OSSL_DISPATCH rsa_pub_der_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))rsa_pub_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))rsa_pub_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))rsa_pub_der_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))rsa_pub_der },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH rsa_pub_pem_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))rsa_pub_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))rsa_pub_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))rsa_pub_pem_data },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))rsa_pub_pem },
+const OSSL_DISPATCH rsa_pub_pem_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))rsa_pub_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))rsa_pub_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA, (void (*)(void))rsa_pub_pem_data },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))rsa_pub_pem },
     { 0, NULL }
 };
 
-const OSSL_DISPATCH rsa_pub_text_serializer_functions[] = {
-    { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))rsa_pub_newctx },
-    { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))rsa_pub_freectx },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))rsa_pub_print },
-    { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA,
+const OSSL_DISPATCH rsa_pub_text_encoder_functions[] = {
+    { OSSL_FUNC_ENCODER_NEWCTX, (void (*)(void))rsa_pub_newctx },
+    { OSSL_FUNC_ENCODER_FREECTX, (void (*)(void))rsa_pub_freectx },
+    { OSSL_FUNC_ENCODER_ENCODE_OBJECT, (void (*)(void))rsa_pub_print },
+    { OSSL_FUNC_ENCODER_ENCODE_DATA,
       (void (*)(void))rsa_pub_print_data },
     { 0, NULL }
 };
diff --git a/providers/implementations/include/prov/implementations.h b/providers/implementations/include/prov/implementations.h
index f4c2a5adf5..f07a7b00f0 100644
--- a/providers/implementations/include/prov/implementations.h
+++ b/providers/implementations/include/prov/implementations.h
@@ -299,84 +299,84 @@ extern const OSSL_DISPATCH ecdsa_signature_functions[];
 /* Asym Cipher */
 extern const OSSL_DISPATCH rsa_asym_cipher_functions[];
 
-/* Serializers */
-extern const OSSL_DISPATCH rsa_priv_text_serializer_functions[];
-extern const OSSL_DISPATCH rsa_pub_text_serializer_functions[];
-extern const OSSL_DISPATCH rsa_priv_der_serializer_functions[];
-extern const OSSL_DISPATCH rsa_pub_der_serializer_functions[];
-extern const OSSL_DISPATCH rsa_priv_pem_serializer_functions[];
-extern const OSSL_DISPATCH rsa_pub_pem_serializer_functions[];
+/* Encoders */
+extern const OSSL_DISPATCH rsa_priv_text_encoder_functions[];
+extern const OSSL_DISPATCH rsa_pub_text_encoder_functions[];
+extern const OSSL_DISPATCH rsa_priv_der_encoder_functions[];
+extern const OSSL_DISPATCH rsa_pub_der_encoder_functions[];
+extern const OSSL_DISPATCH rsa_priv_pem_encoder_functions[];
+extern const OSSL_DISPATCH rsa_pub_pem_encoder_functions[];
 
-extern const OSSL_DISPATCH dh_priv_text_serializer_functions[];
-extern const OSSL_DISPATCH dh_pub_text_serializer_functions[];
-extern const OSSL_DISPATCH dh_param_text_serializer_functions[];
-extern const OSSL_DISPATCH dh_priv_der_serializer_functions[];
-extern const OSSL_DISPATCH dh_pub_der_serializer_functions[];
-extern const OSSL_DISPATCH dh_param_der_serializer_functions[];
-extern const OSSL_DISPATCH dh_priv_pem_serializer_functions[];
-extern const OSSL_DISPATCH dh_pub_pem_serializer_functions[];
-extern const OSSL_DISPATCH dh_param_pem_serializer_functions[];
+extern const OSSL_DISPATCH dh_priv_text_encoder_functions[];
+extern const OSSL_DISPATCH dh_pub_text_encoder_functions[];
+extern const OSSL_DISPATCH dh_param_text_encoder_functions[];
+extern const OSSL_DISPATCH dh_priv_der_encoder_functions[];
+extern const OSSL_DISPATCH dh_pub_der_encoder_functions[];
+extern const OSSL_DISPATCH dh_param_der_encoder_functions[];
+extern const OSSL_DISPATCH dh_priv_pem_encoder_functions[];
+extern const OSSL_DISPATCH dh_pub_pem_encoder_functions[];
+extern const OSSL_DISPATCH dh_param_pem_encoder_functions[];
 
-extern const OSSL_DISPATCH dsa_priv_text_serializer_functions[];
-extern const OSSL_DISPATCH dsa_pub_text_serializer_functions[];
-extern const OSSL_DISPATCH dsa_param_text_serializer_functions[];
-extern const OSSL_DISPATCH dsa_priv_der_serializer_functions[];
-extern const OSSL_DISPATCH dsa_pub_der_serializer_functions[];
-extern const OSSL_DISPATCH dsa_param_der_serializer_functions[];
-extern const OSSL_DISPATCH dsa_priv_pem_serializer_functions[];
-extern const OSSL_DISPATCH dsa_pub_pem_serializer_functions[];
-extern const OSSL_DISPATCH dsa_param_pem_serializer_functions[];
+extern const OSSL_DISPATCH dsa_priv_text_encoder_functions[];
+extern const OSSL_DISPATCH dsa_pub_text_encoder_functions[];
+extern const OSSL_DISPATCH dsa_param_text_encoder_functions[];
+extern const OSSL_DISPATCH dsa_priv_der_encoder_functions[];
+extern const OSSL_DISPATCH dsa_pub_der_encoder_functions[];
+extern const OSSL_DISPATCH dsa_param_der_encoder_functions[];
+extern const OSSL_DISPATCH dsa_priv_pem_encoder_functions[];
+extern const OSSL_DISPATCH dsa_pub_pem_encoder_functions[];
+extern const OSSL_DISPATCH dsa_param_pem_encoder_functions[];
 
-extern const OSSL_DISPATCH x25519_priv_print_serializer_functions[];
-extern const OSSL_DISPATCH x25519_pub_print_serializer_functions[];
-extern const OSSL_DISPATCH x25519_priv_der_serializer_functions[];
-extern const OSSL_DISPATCH x25519_pub_der_serializer_functions[];
-extern const OSSL_DISPATCH x25519_priv_pem_serializer_functions[];
-extern const OSSL_DISPATCH x25519_pub_pem_serializer_functions[];
+extern const OSSL_DISPATCH x25519_priv_print_encoder_functions[];
+extern const OSSL_DISPATCH x25519_pub_print_encoder_functions[];
+extern const OSSL_DISPATCH x25519_priv_der_encoder_functions[];
+extern const OSSL_DISPATCH x25519_pub_der_encoder_functions[];
+extern const OSSL_DISPATCH x25519_priv_pem_encoder_functions[];
+extern const OSSL_DISPATCH x25519_pub_pem_encoder_functions[];
 
-extern const OSSL_DISPATCH x448_priv_print_serializer_functions[];
-extern const OSSL_DISPATCH x448_pub_print_serializer_functions[];
-extern const OSSL_DISPATCH x448_priv_der_serializer_functions[];
-extern const OSSL_DISPATCH x448_pub_der_serializer_functions[];
-extern const OSSL_DISPATCH x448_priv_pem_serializer_functions[];
-extern const OSSL_DISPATCH x448_pub_pem_serializer_functions[];
+extern const OSSL_DISPATCH x448_priv_print_encoder_functions[];
+extern const OSSL_DISPATCH x448_pub_print_encoder_functions[];
+extern const OSSL_DISPATCH x448_priv_der_encoder_functions[];
+extern const OSSL_DISPATCH x448_pub_der_encoder_functions[];
+extern const OSSL_DISPATCH x448_priv_pem_encoder_functions[];
+extern const OSSL_DISPATCH x448_pub_pem_encoder_functions[];
 
-extern const OSSL_DISPATCH ed25519_priv_print_serializer_functions[];
-extern const OSSL_DISPATCH ed25519_pub_print_serializer_functions[];
-extern const OSSL_DISPATCH ed25519_priv_der_serializer_functions[];
-extern const OSSL_DISPATCH ed25519_pub_der_serializer_functions[];
-extern const OSSL_DISPATCH ed25519_priv_pem_serializer_functions[];
-extern const OSSL_DISPATCH ed25519_pub_pem_serializer_functions[];
+extern const OSSL_DISPATCH ed25519_priv_print_encoder_functions[];
+extern const OSSL_DISPATCH ed25519_pub_print_encoder_functions[];
+extern const OSSL_DISPATCH ed25519_priv_der_encoder_functions[];
+extern const OSSL_DISPATCH ed25519_pub_der_encoder_functions[];
+extern const OSSL_DISPATCH ed25519_priv_pem_encoder_functions[];
+extern const OSSL_DISPATCH ed25519_pub_pem_encoder_functions[];
 
-extern const OSSL_DISPATCH ed448_priv_print_serializer_functions[];
-extern const OSSL_DISPATCH ed448_pub_print_serializer_functions[];
-extern const OSSL_DISPATCH ed448_priv_der_serializer_functions[];
-extern const OSSL_DISPATCH ed448_pub_der_serializer_functions[];
-extern const OSSL_DISPATCH ed448_priv_pem_serializer_functions[];
-extern const OSSL_DISPATCH ed448_pub_pem_serializer_functions[];
+extern const OSSL_DISPATCH ed448_priv_print_encoder_functions[];
+extern const OSSL_DISPATCH ed448_pub_print_encoder_functions[];
+extern const OSSL_DISPATCH ed448_priv_der_encoder_functions[];
+extern const OSSL_DISPATCH ed448_pub_der_encoder_functions[];
+extern const OSSL_DISPATCH ed448_priv_pem_encoder_functions[];
+extern const OSSL_DISPATCH ed448_pub_pem_encoder_functions[];
 
-extern const OSSL_DISPATCH ec_priv_text_serializer_functions[];
-extern const OSSL_DISPATCH ec_pub_text_serializer_functions[];
-extern const OSSL_DISPATCH ec_param_text_serializer_functions[];
-extern const OSSL_DISPATCH ec_priv_der_serializer_functions[];
-extern const OSSL_DISPATCH ec_pub_der_serializer_functions[];
-extern const OSSL_DISPATCH ec_param_der_serializer_functions[];
-extern const OSSL_DISPATCH ec_priv_pem_serializer_functions[];
-extern const OSSL_DISPATCH ec_pub_pem_serializer_functions[];
-extern const OSSL_DISPATCH ec_param_pem_serializer_functions[];
+extern const OSSL_DISPATCH ec_priv_text_encoder_functions[];
+extern const OSSL_DISPATCH ec_pub_text_encoder_functions[];
+extern const OSSL_DISPATCH ec_param_text_encoder_functions[];
+extern const OSSL_DISPATCH ec_priv_der_encoder_functions[];
+extern const OSSL_DISPATCH ec_pub_der_encoder_functions[];
+extern const OSSL_DISPATCH ec_param_der_encoder_functions[];
+extern const OSSL_DISPATCH ec_priv_pem_encoder_functions[];
+extern const OSSL_DISPATCH ec_pub_pem_encoder_functions[];
+extern const OSSL_DISPATCH ec_param_pem_encoder_functions[];
 
-extern const OSSL_DISPATCH der_to_dh_deserializer_functions[];
-extern const OSSL_DISPATCH der_to_dhx_deserializer_functions[];
-extern const OSSL_DISPATCH der_to_dsa_deserializer_functions[];
-extern const OSSL_DISPATCH msblob_to_dsa_deserializer_functions[];
-extern const OSSL_DISPATCH pvk_to_dsa_deserializer_functions[];
-extern const OSSL_DISPATCH der_to_ec_deserializer_functions[];
-extern const OSSL_DISPATCH der_to_x25519_deserializer_functions[];
-extern const OSSL_DISPATCH der_to_x448_deserializer_functions[];
-extern const OSSL_DISPATCH der_to_ed25519_deserializer_functions[];
-extern const OSSL_DISPATCH der_to_ed448_deserializer_functions[];
-extern const OSSL_DISPATCH der_to_rsa_deserializer_functions[];
-extern const OSSL_DISPATCH der_to_rsapss_deserializer_functions[];
-extern const OSSL_DISPATCH msblob_to_rsa_deserializer_functions[];
-extern const OSSL_DISPATCH pvk_to_rsa_deserializer_functions[];
-extern const OSSL_DISPATCH pem_to_der_deserializer_functions[];
+extern const OSSL_DISPATCH der_to_dh_decoder_functions[];
+extern const OSSL_DISPATCH der_to_dhx_decoder_functions[];
+extern const OSSL_DISPATCH der_to_dsa_decoder_functions[];
+extern const OSSL_DISPATCH msblob_to_dsa_decoder_functions[];
+extern const OSSL_DISPATCH pvk_to_dsa_decoder_functions[];
+extern const OSSL_DISPATCH der_to_ec_decoder_functions[];
+extern const OSSL_DISPATCH der_to_x25519_decoder_functions[];
+extern const OSSL_DISPATCH der_to_x448_decoder_functions[];
+extern const OSSL_DISPATCH der_to_ed25519_decoder_functions[];
+extern const OSSL_DISPATCH der_to_ed448_decoder_functions[];
+extern const OSSL_DISPATCH der_to_rsa_decoder_functions[];
+extern const OSSL_DISPATCH der_to_rsapss_decoder_functions[];
+extern const OSSL_DISPATCH msblob_to_rsa_decoder_functions[];
+extern const OSSL_DISPATCH pvk_to_rsa_decoder_functions[];
+extern const OSSL_DISPATCH pem_to_der_decoder_functions[];
diff --git a/providers/implementations/serializers/build.info b/providers/implementations/serializers/build.info
deleted file mode 100644
index 04f230b334..0000000000
--- a/providers/implementations/serializers/build.info
+++ /dev/null
@@ -1,35 +0,0 @@
-# We make separate GOAL variables for each algorithm, to make it easy to
-# switch each to the Legacy provider when needed.
-
-$SERIALIZER_GOAL=../../libimplementations.a
-$DESERIALIZER_GOAL=../../libimplementations.a
-$RSA_GOAL=../../libimplementations.a
-$FFC_GOAL=../../libimplementations.a
-$DH_GOAL=../../libimplementations.a
-$DSA_GOAL=../../libimplementations.a
-$ECX_GOAL=../../libimplementations.a
-$EC_GOAL=../../libimplementations.a
-
-SOURCE[$SERIALIZER_GOAL]=serializer_common.c deserialize_common.c
-
-SOURCE[$DESERIALIZER_GOAL]=deserialize_der2key.c deserialize_pem2der.c
-IF[{- !$disabled{dsa} -}]
-  SOURCE[$DESERIALIZER_GOAL]=deserialize_ms2key.c
-ENDIF
-
-SOURCE[$RSA_GOAL]=serializer_rsa.c serializer_rsa_priv.c serializer_rsa_pub.c
-DEPEND[serializer_rsa.o]=../../common/include/prov/der_rsa.h
-
-IF[{- !$disabled{"dh"} || !$disabled{"dsa"} -}]
-  SOURCE[$FFC_GOAL]=serializer_ffc_params.c
-ENDIF
-IF[{- !$disabled{dh} -}]
-  SOURCE[$DH_GOAL]=serializer_dh.c serializer_dh_priv.c serializer_dh_pub.c serializer_dh_param.c
-ENDIF
-IF[{- !$disabled{dsa} -}]
-  SOURCE[$DSA_GOAL]=serializer_dsa.c serializer_dsa_priv.c serializer_dsa_pub.c serializer_dsa_param.c
-ENDIF
-IF[{- !$disabled{ec} -}]
-  SOURCE[$ECX_GOAL]=serializer_ecx.c serializer_ecx_priv.c serializer_ecx_pub.c
-  SOURCE[$EC_GOAL]=serializer_ec.c serializer_ec_priv.c serializer_ec_pub.c serializer_ec_param.c
-ENDIF
diff --git a/providers/serializers.inc b/providers/serializers.inc
deleted file mode 100644
index 749c1bbb67..0000000000
--- a/providers/serializers.inc
+++ /dev/null
@@ -1,112 +0,0 @@
-/*
- * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#ifndef SER
-# error Macro SER undefined
-#endif
-
-    SER("RSA", "yes", "text", "private", rsa_priv_text_serializer_functions),
-    SER("RSA", "yes", "text", "public", rsa_pub_text_serializer_functions),
-    SER("RSA", "yes", "der", "private", rsa_priv_der_serializer_functions),
-    SER("RSA", "yes", "der", "public", rsa_pub_der_serializer_functions),
-    SER("RSA", "yes", "pem", "private", rsa_priv_pem_serializer_functions),
-    SER("RSA", "yes", "pem", "public", rsa_pub_pem_serializer_functions),
-    SER("RSA-PSS", "yes", "text", "private",
-        rsa_priv_text_serializer_functions),
-    SER("RSA-PSS", "yes", "text", "public", rsa_pub_text_serializer_functions),
-    SER("RSA-PSS", "yes", "der", "private", rsa_priv_der_serializer_functions),
-    SER("RSA-PSS", "yes", "der", "public", rsa_pub_der_serializer_functions),
-    SER("RSA-PSS", "yes", "pem", "private", rsa_priv_pem_serializer_functions),
-    SER("RSA-PSS", "yes", "pem", "public", rsa_pub_pem_serializer_functions),
-
-#ifndef OPENSSL_NO_DH
-    SER("DH", "yes", "text", "private", dh_priv_text_serializer_functions),
-    SER("DH", "yes", "text", "public", dh_pub_text_serializer_functions),
-    SER("DH", "yes", "text", "parameters", dh_param_text_serializer_functions),
-    SER("DH", "yes", "der", "private", dh_priv_der_serializer_functions),
-    SER("DH", "yes", "der", "public", dh_pub_der_serializer_functions),
-    SER("DH", "yes", "der", "parameters", dh_param_der_serializer_functions),
-    SER("DH", "yes", "pem", "private", dh_priv_pem_serializer_functions),
-    SER("DH", "yes", "pem", "public", dh_pub_pem_serializer_functions),
-    SER("DH", "yes", "pem", "parameters", dh_param_pem_serializer_functions),
-
-    SER("DHX", "yes", "text", "private", dh_priv_text_serializer_functions),
-    SER("DHX", "yes", "text", "public", dh_pub_text_serializer_functions),
-    SER("DHX", "yes", "text", "parameters", dh_param_text_serializer_functions),
-    SER("DHX", "yes", "der", "private", dh_priv_der_serializer_functions),
-    SER("DHX", "yes", "der", "public", dh_pub_der_serializer_functions),
-    SER("DHX", "yes", "der", "parameters", dh_param_der_serializer_functions),
-    SER("DHX", "yes", "pem", "private", dh_priv_pem_serializer_functions),
-    SER("DHX", "yes", "pem", "public", dh_pub_pem_serializer_functions),
-    SER("DHX", "yes", "pem", "parameters", dh_param_pem_serializer_functions),
-#endif
-
-#ifndef OPENSSL_NO_DSA
-    SER("DSA", "yes", "text", "private", dsa_priv_text_serializer_functions),
-    SER("DSA", "yes", "text", "public", dsa_pub_text_serializer_functions),
-    SER("DSA", "yes", "text", "parameters",
-        dsa_param_text_serializer_functions),
-    SER("DSA", "yes", "der", "private", dsa_priv_der_serializer_functions),
-    SER("DSA", "yes", "der", "public", dsa_pub_der_serializer_functions),
-    SER("DSA", "yes", "der", "parameters", dsa_param_der_serializer_functions),
-    SER("DSA", "yes", "pem", "private", dsa_priv_pem_serializer_functions),
-    SER("DSA", "yes", "pem", "public", dsa_pub_pem_serializer_functions),
-    SER("DSA", "yes", "pem", "parameters", dsa_param_pem_serializer_functions),
-#endif
-
-#ifndef OPENSSL_NO_EC
-    SER("X25519", "yes", "text", "private",
-        x25519_priv_print_serializer_functions),
-    SER("X25519", "yes", "text", "public",
-        x25519_pub_print_serializer_functions),
-    SER("X25519", "yes", "der", "private",
-        x25519_priv_der_serializer_functions),
-    SER("X25519", "yes", "der", "public", x25519_pub_der_serializer_functions),
-    SER("X25519", "yes", "pem", "private",
-        x25519_priv_pem_serializer_functions),
-    SER("X25519", "yes", "pem", "public", x25519_pub_pem_serializer_functions),
-
-    SER("X448", "no", "text", "private", x448_priv_print_serializer_functions),
-    SER("X448", "no", "text", "public", x448_pub_print_serializer_functions),
-    SER("X448", "no", "der", "private", x448_priv_der_serializer_functions),
-    SER("X448", "no", "der", "public", x448_pub_der_serializer_functions),
-    SER("X448", "no", "pem", "private", x448_priv_pem_serializer_functions),
-    SER("X448", "no", "pem", "public", x448_pub_pem_serializer_functions),
-
-    SER("ED25519", "yes", "text", "private",
-        ed25519_priv_print_serializer_functions),
-    SER("ED25519", "yes", "text", "public",
-        ed25519_pub_print_serializer_functions),
-    SER("ED25519", "yes", "der", "private",
-        ed25519_priv_der_serializer_functions),
-    SER("ED25519", "yes", "der", "public",
-        ed25519_pub_der_serializer_functions),
-    SER("ED25519", "yes", "pem", "private",
-        ed25519_priv_pem_serializer_functions),
-    SER("ED25519", "yes", "pem", "public",
-        ed25519_pub_pem_serializer_functions),
-
-    SER("ED448", "no", "text", "private",
-        ed448_priv_print_serializer_functions),
-    SER("ED448", "no", "text", "public", ed448_pub_print_serializer_functions),
-    SER("ED448", "no", "der", "private", ed448_priv_der_serializer_functions),
-    SER("ED448", "no", "der", "public", ed448_pub_der_serializer_functions),
-    SER("ED448", "no", "pem", "private", ed448_priv_pem_serializer_functions),
-    SER("ED448", "no", "pem", "public", ed448_pub_pem_serializer_functions),
-
-    SER("EC", "yes", "text", "private", ec_priv_text_serializer_functions),
-    SER("EC", "yes", "text", "public", ec_pub_text_serializer_functions),
-    SER("EC", "yes", "text", "parameters", ec_param_text_serializer_functions),
-    SER("EC", "yes", "der", "private", ec_priv_der_serializer_functions),
-    SER("EC", "yes", "der", "public", ec_pub_der_serializer_functions),
-    SER("EC", "yes", "der", "parameters", ec_param_der_serializer_functions),
-    SER("EC", "yes", "pem", "private", ec_priv_pem_serializer_functions),
-    SER("EC", "yes", "pem", "public", ec_pub_pem_serializer_functions),
-    SER("EC", "yes", "pem", "parameters", ec_param_pem_serializer_functions),
-#endif
diff --git a/test/build.info b/test/build.info
index 3ad16b51b1..134a473195 100644
--- a/test/build.info
+++ b/test/build.info
@@ -780,10 +780,10 @@ IF[{- !$disabled{tests} -}]
   INCLUDE[hexstr_test]=.. ../include ../apps/include
   DEPEND[hexstr_test]=../libcrypto.a libtestutil.a
 
-  PROGRAMS{noinst}=serdes_test
-  SOURCE[serdes_test]=serdes_test.c
-  INCLUDE[serdes_test]=.. ../include ../apps/include
-  DEPEND[serdes_test]=../libcrypto.a libtestutil.a
+  PROGRAMS{noinst}=endecode_test
+  SOURCE[endecode_test]=endecode_test.c
+  INCLUDE[endecode_test]=.. ../include ../apps/include
+  DEPEND[endecode_test]=../libcrypto.a libtestutil.a
 
   PROGRAMS{noinst}=namemap_internal_test
   SOURCE[namemap_internal_test]=namemap_internal_test.c
diff --git a/test/serdes_test.c b/test/endecode_test.c
similarity index 79%
rename from test/serdes_test.c
rename to test/endecode_test.c
index f4afe53eac..5f3fa3d220 100644
--- a/test/serdes_test.c
+++ b/test/endecode_test.c
@@ -13,8 +13,8 @@
 #include <openssl/rsa.h>
 #include <openssl/x509.h>
 #include <openssl/params.h>
-#include <openssl/serializer.h>
-#include <openssl/deserializer.h>
+#include <openssl/encoder.h>
+#include <openssl/decoder.h>
 
 #include "internal/pem.h"        /* For PVK and "blob" PEM headers */
 #include "internal/cryptlib.h"   /* ossl_assert */
@@ -26,7 +26,7 @@
  * provider side EVP_PKEYs (which don't necessarily have an ameth)
  *
  * In the mean time, we use separate "downgraded" EVP_PKEYs to test
- * serializing/deserializing with "traditional" keys.
+ * encoding/decoding with "traditional" keys.
  */
 
 static EVP_PKEY *make_template(const char *type, OSSL_PARAM *genparams)
@@ -85,36 +85,36 @@ static EVP_PKEY *make_key(const char *type, EVP_PKEY *template,
  * (TEST_strn2_eq(), for example).
  */
 
-typedef int (serializer)(void **serialized, long *serialized_len,
+typedef int (encoder)(void **encoded, long *encoded_len,
                          void *object, const char *pass, const char *pcipher,
-                         const char *ser_propq);
-typedef int (deserializer)(void **object,
-                           void *serialized, long serialized_len,
+                         const char *encoder_propq);
+typedef int (decoder)(void **object,
+                           void *encoded, long encoded_len,
                            const char *pass);
 typedef int (tester)(const void *data1, size_t data1_len,
                      const void *data2, size_t data2_len);
 typedef int (checker)(const char *type, const void *data, size_t data_len);
 typedef void (dumper)(const char *label, const void *data, size_t data_len);
 
-static int test_serialize_deserialize(const char *type, EVP_PKEY *pkey,
+static int test_encode_decode(const char *type, EVP_PKEY *pkey,
                                       const char *pass, const char *pcipher,
-                                      serializer *serialize_cb,
-                                      deserializer *deserialize_cb,
+                                      encoder *encode_cb,
+                                      decoder *decode_cb,
                                       tester *test_cb,
                                       checker *check_cb, dumper *dump_cb,
-                                      const char *ser_propq, int make_legacy)
+                                      const char *encoder_propq, int make_legacy)
 {
-    void *serialized = NULL;
-    long serialized_len = 0;
+    void *encoded = NULL;
+    long encoded_len = 0;
     EVP_PKEY *pkey2 = NULL;
-    void *serialized2 = NULL;
-    long serialized2_len = 0;
+    void *encoded2 = NULL;
+    long encoded2_len = 0;
     int ok = 0;
 
-    if (!serialize_cb(&serialized, &serialized_len, pkey,
-                      pass, pcipher, ser_propq)
-        || !check_cb(type, serialized, serialized_len)
-        || !deserialize_cb((void **)&pkey2, serialized, serialized_len,
+    if (!encode_cb(&encoded, &encoded_len, pkey,
+                      pass, pcipher, encoder_propq)
+        || !check_cb(type, encoded, encoded_len)
+        || !decode_cb((void **)&pkey2, encoded, encoded_len,
                            pass)
         || !TEST_int_eq(EVP_PKEY_eq(pkey, pkey2), 1))
         goto end;
@@ -128,100 +128,100 @@ static int test_serialize_deserialize(const char *type, EVP_PKEY *pkey,
         goto end;
 
     /*
-     * Double check the serialization, but only for unprotected keys,
+     * Double check the encoding, but only for unprotected keys,
      * as protected keys have a random component, which makes the output
      * differ.
      */
     if ((pass == NULL && pcipher == NULL)
-        && (!serialize_cb(&serialized2, &serialized2_len, pkey2,
-                          pass, pcipher, ser_propq)
-            || !test_cb(serialized, serialized_len,
-                        serialized2, serialized2_len)))
+        && (!encode_cb(&encoded2, &encoded2_len, pkey2,
+                          pass, pcipher, encoder_propq)
+            || !test_cb(encoded, encoded_len,
+                        encoded2, encoded2_len)))
         goto end;
 
     ok = 1;
  end:
     if (!ok) {
-        if (serialized != NULL && serialized_len != 0)
-            dump_cb("serialized result", serialized, serialized_len);
-        if (serialized2 != NULL && serialized2_len != 0)
-            dump_cb("re-serialized result", serialized2, serialized2_len);
+        if (encoded != NULL && encoded_len != 0)
+            dump_cb("encoded result", encoded, encoded_len);
+        if (encoded2 != NULL && encoded2_len != 0)
+            dump_cb("re-encoded result", encoded2, encoded2_len);
     }
 
-    OPENSSL_free(serialized);
-    OPENSSL_free(serialized2);
+    OPENSSL_free(encoded);
+    OPENSSL_free(encoded2);
     EVP_PKEY_free(pkey2);
     return ok;
 }
 
-/* Serializing and desserializing methods */
+/* Encoding and desencoding methods */
 
-static int serialize_EVP_PKEY_prov(void **serialized, long *serialized_len,
+static int encode_EVP_PKEY_prov(void **encoded, long *encoded_len,
                                    void *object,
                                    const char *pass, const char *pcipher,
-                                   const char *ser_propq)
+                                   const char *encoder_propq)
 {
     EVP_PKEY *pkey = object;
-    OSSL_SERIALIZER_CTX *sctx = NULL;
+    OSSL_ENCODER_CTX *ectx = NULL;
     BIO *mem_ser = NULL;
     BUF_MEM *mem_buf = NULL;
     const unsigned char *upass = (const unsigned char *)pass;
     int ok = 0;
 
-    if (!TEST_ptr(sctx = OSSL_SERIALIZER_CTX_new_by_EVP_PKEY(pkey, ser_propq))
+    if (!TEST_ptr(ectx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey, encoder_propq))
         || (pass != NULL
-            && !TEST_true(OSSL_SERIALIZER_CTX_set_passphrase(sctx, upass,
+            && !TEST_true(OSSL_ENCODER_CTX_set_passphrase(ectx, upass,
                                                              strlen(pass))))
         || (pcipher != NULL
-            && !TEST_true(OSSL_SERIALIZER_CTX_set_cipher(sctx, pcipher, NULL)))
+            && !TEST_true(OSSL_ENCODER_CTX_set_cipher(ectx, pcipher, NULL)))
         || !TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
-        || !TEST_true(OSSL_SERIALIZER_to_bio(sctx, mem_ser))
+        || !TEST_true(OSSL_ENCODER_to_bio(ectx, mem_ser))
         || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
-        || !TEST_ptr(*serialized = mem_buf->data)
-        || !TEST_long_gt(*serialized_len = mem_buf->length, 0))
+        || !TEST_ptr(*encoded = mem_buf->data)
+        || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
         goto end;
 
-    /* Detach the serialized output */
+    /* Detach the encoded output */
     mem_buf->data = NULL;
     mem_buf->length = 0;
     ok = 1;
  end:
     BIO_free(mem_ser);
-    OSSL_SERIALIZER_CTX_free(sctx);
+    OSSL_ENCODER_CTX_free(ectx);
     return ok;
 }
 
-static int deserialize_EVP_PKEY_prov(void **object,
-                                     void *serialized, long serialized_len,
+static int decode_EVP_PKEY_prov(void **object,
+                                     void *encoded, long encoded_len,
                                      const char *pass)
 {
     EVP_PKEY *pkey = NULL;
-    OSSL_DESERIALIZER_CTX *dctx = NULL;
+    OSSL_DECODER_CTX *dctx = NULL;
     BIO *mem_deser = NULL;
     const unsigned char *upass = (const unsigned char *)pass;
     int ok = 0;
 
-    if (!TEST_ptr(dctx = OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY(&pkey, NULL,
+    if (!TEST_ptr(dctx = OSSL_DECODER_CTX_new_by_EVP_PKEY(&pkey, NULL,
                                                                NULL, NULL))
         || (pass != NULL
-            && !OSSL_DESERIALIZER_CTX_set_passphrase(dctx, upass,
+            && !OSSL_DECODER_CTX_set_passphrase(dctx, upass,
                                                      strlen(pass)))
-        || !TEST_ptr(mem_deser = BIO_new_mem_buf(serialized, serialized_len))
-        || !TEST_true(OSSL_DESERIALIZER_from_bio(dctx, mem_deser)))
+        || !TEST_ptr(mem_deser = BIO_new_mem_buf(encoded, encoded_len))
+        || !TEST_true(OSSL_DECODER_from_bio(dctx, mem_deser)))
         goto end;
     ok = 1;
     *object = pkey;
  end:
     BIO_free(mem_deser);
-    OSSL_DESERIALIZER_CTX_free(dctx);
+    OSSL_DECODER_CTX_free(dctx);
     return ok;
 }
 
-static int serialize_EVP_PKEY_legacy_PEM(void **serialized,
-                                         long *serialized_len,
+static int encode_EVP_PKEY_legacy_PEM(void **encoded,
+                                         long *encoded_len,
                                          void *object,
                                          const char *pass, const char *pcipher,
-                                         ossl_unused const char *ser_propq)
+                                         ossl_unused const char *encoder_propq)
 {
     EVP_PKEY *pkey = object;
     EVP_CIPHER *cipher = NULL;
@@ -242,11 +242,11 @@ static int serialize_EVP_PKEY_legacy_PEM(void **serialized,
                                                            upass, passlen,
                                                            NULL, NULL))
         || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
-        || !TEST_ptr(*serialized = mem_buf->data)
-        || !TEST_long_gt(*serialized_len = mem_buf->length, 0))
+        || !TEST_ptr(*encoded = mem_buf->data)
+        || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
         goto end;
 
-    /* Detach the serialized output */
+    /* Detach the encoded output */
     mem_buf->data = NULL;
     mem_buf->length = 0;
     ok = 1;
@@ -257,12 +257,12 @@ static int serialize_EVP_PKEY_legacy_PEM(void **serialized,
 }
 
 #ifndef OPENSSL_NO_DSA
-static int serialize_EVP_PKEY_MSBLOB(void **serialized,
-                                     long *serialized_len,
+static int encode_EVP_PKEY_MSBLOB(void **encoded,
+                                     long *encoded_len,
                                      void *object,
                                      ossl_unused const char *pass,
                                      ossl_unused const char *pcipher,
-                                     ossl_unused const char *ser_propq)
+                                     ossl_unused const char *encoder_propq)
 {
     EVP_PKEY *pkey = object;
     BIO *mem_ser = NULL;
@@ -272,11 +272,11 @@ static int serialize_EVP_PKEY_MSBLOB(void **serialized,
     if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
         || !TEST_int_ge(i2b_PrivateKey_bio(mem_ser, pkey), 0)
         || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
-        || !TEST_ptr(*serialized = mem_buf->data)
-        || !TEST_long_gt(*serialized_len = mem_buf->length, 0))
+        || !TEST_ptr(*encoded = mem_buf->data)
+        || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
         goto end;
 
-    /* Detach the serialized output */
+    /* Detach the encoded output */
     mem_buf->data = NULL;
     mem_buf->length = 0;
     ok = 1;
@@ -285,12 +285,12 @@ static int serialize_EVP_PKEY_MSBLOB(void **serialized,
     return ok;
 }
 
-static int serialize_public_EVP_PKEY_MSBLOB(void **serialized,
-                                            long *serialized_len,
+static int encode_public_EVP_PKEY_MSBLOB(void **encoded,
+                                            long *encoded_len,
                                             void *object,
                                             ossl_unused const char *pass,
                                             ossl_unused const char *pcipher,
-                                            ossl_unused const char *ser_propq)
+                                            ossl_unused const char *encoder_propq)
 {
     EVP_PKEY *pkey = object;
     BIO *mem_ser = NULL;
@@ -300,11 +300,11 @@ static int serialize_public_EVP_PKEY_MSBLOB(void **serialized,
     if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
         || !TEST_int_ge(i2b_PublicKey_bio(mem_ser, pkey), 0)
         || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
-        || !TEST_ptr(*serialized = mem_buf->data)
-        || !TEST_long_gt(*serialized_len = mem_buf->length, 0))
+        || !TEST_ptr(*encoded = mem_buf->data)
+        || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
         goto end;
 
-    /* Detach the serialized output */
+    /* Detach the encoded output */
     mem_buf->data = NULL;
     mem_buf->length = 0;
     ok = 1;
@@ -321,11 +321,11 @@ static int pass_pw(char *buf, int size, int rwflag, void *userdata)
     return strlen(userdata);
 }
 
-static int serialize_EVP_PKEY_PVK(void **serialized, long *serialized_len,
+static int encode_EVP_PKEY_PVK(void **encoded, long *encoded_len,
                                   void *object,
                                   const char *pass,
                                   ossl_unused const char *pcipher,
-                                  ossl_unused const char *ser_propq)
+                                  ossl_unused const char *encoder_propq)
 {
     EVP_PKEY *pkey = object;
     BIO *mem_ser = NULL;
@@ -337,11 +337,11 @@ static int serialize_EVP_PKEY_PVK(void **serialized, long *serialized_len,
         || !TEST_int_ge(i2b_PVK_bio(mem_ser, pkey, enc,
                                     pass_pw, (void *)pass), 0)
         || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
-        || !TEST_ptr(*serialized = mem_buf->data)
-        || !TEST_long_gt(*serialized_len = mem_buf->length, 0))
+        || !TEST_ptr(*encoded = mem_buf->data)
+        || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
         goto end;
 
-    /* Detach the serialized output */
+    /* Detach the encoded output */
     mem_buf->data = NULL;
     mem_buf->length = 0;
     ok = 1;
@@ -396,12 +396,12 @@ static int check_unprotected_PKCS8_DER(const char *type,
 
 static int test_unprotected_via_DER(const char *type, EVP_PKEY *key)
 {
-    return test_serialize_deserialize(type, key, NULL, NULL,
-                                      serialize_EVP_PKEY_prov,
-                                      deserialize_EVP_PKEY_prov,
+    return test_encode_decode(type, key, NULL, NULL,
+                                      encode_EVP_PKEY_prov,
+                                      decode_EVP_PKEY_prov,
                                       test_mem,
                                       check_unprotected_PKCS8_DER, dump_der,
-                                      OSSL_SERIALIZER_PrivateKey_TO_DER_PQ,
+                                      OSSL_ENCODER_PrivateKey_TO_DER_PQ,
                                       0);
 }
 
@@ -415,12 +415,12 @@ static int check_unprotected_PKCS8_PEM(const char *type,
 
 static int test_unprotected_via_PEM(const char *type, EVP_PKEY *key)
 {
-    return test_serialize_deserialize(type, key, NULL, NULL,
-                                      serialize_EVP_PKEY_prov,
-                                      deserialize_EVP_PKEY_prov,
+    return test_encode_decode(type, key, NULL, NULL,
+                                      encode_EVP_PKEY_prov,
+                                      decode_EVP_PKEY_prov,
                                       test_text,
                                       check_unprotected_PKCS8_PEM, dump_pem,
-                                      OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ,
+                                      OSSL_ENCODER_PrivateKey_TO_PEM_PQ,
                                       0);
 }
 
@@ -437,9 +437,9 @@ static int check_unprotected_legacy_PEM(const char *type,
 
 static int test_unprotected_via_legacy_PEM(const char *type, EVP_PKEY *key)
 {
-    return test_serialize_deserialize(type, key, NULL, NULL,
-                                      serialize_EVP_PKEY_legacy_PEM,
-                                      deserialize_EVP_PKEY_prov,
+    return test_encode_decode(type, key, NULL, NULL,
+                                      encode_EVP_PKEY_legacy_PEM,
+                                      decode_EVP_PKEY_prov,
                                       test_text,
                                       check_unprotected_legacy_PEM, dump_pem,
                                       NULL, 1);
@@ -458,9 +458,9 @@ static int check_MSBLOB(const char *type, const void *data, size_t data_len)
 
 static int test_unprotected_via_MSBLOB(const char *type, EVP_PKEY *key)
 {
-    return test_serialize_deserialize(type, key, NULL, NULL,
-                                      serialize_EVP_PKEY_MSBLOB,
-                                      deserialize_EVP_PKEY_prov,
+    return test_encode_decode(type, key, NULL, NULL,
+                                      encode_EVP_PKEY_MSBLOB,
+                                      decode_EVP_PKEY_prov,
                                       test_mem,
                                       check_MSBLOB, dump_der,
                                       NULL, 0);
@@ -478,9 +478,9 @@ static int check_PVK(const char *type, const void *data, size_t data_len)
 
 static int test_unprotected_via_PVK(const char *type, EVP_PKEY *key)
 {
-    return test_serialize_deserialize(type, key, NULL, NULL,
-                                      serialize_EVP_PKEY_PVK,
-                                      deserialize_EVP_PKEY_prov,
+    return test_encode_decode(type, key, NULL, NULL,
+                                      encode_EVP_PKEY_PVK,
+                                      decode_EVP_PKEY_prov,
                                       test_mem,
                                       check_PVK, dump_der,
                                       NULL, 0);
@@ -504,12 +504,12 @@ static int check_protected_PKCS8_DER(const char *type,
 
 static int test_protected_via_DER(const char *type, EVP_PKEY *key)
 {
-    return test_serialize_deserialize(type, key, pass, pass_cipher,
-                                      serialize_EVP_PKEY_prov,
-                                      deserialize_EVP_PKEY_prov,
+    return test_encode_decode(type, key, pass, pass_cipher,
+                                      encode_EVP_PKEY_prov,
+                                      decode_EVP_PKEY_prov,
                                       test_mem,
                                       check_protected_PKCS8_DER, dump_der,
-                                      OSSL_SERIALIZER_PrivateKey_TO_DER_PQ,
+                                      OSSL_ENCODER_PrivateKey_TO_DER_PQ,
                                       0);
 }
 
@@ -523,12 +523,12 @@ static int check_protected_PKCS8_PEM(const char *type,
 
 static int test_protected_via_PEM(const char *type, EVP_PKEY *key)
 {
-    return test_serialize_deserialize(type, key, pass, pass_cipher,
-                                      serialize_EVP_PKEY_prov,
-                                      deserialize_EVP_PKEY_prov,
+    return test_encode_decode(type, key, pass, pass_cipher,
+                                      encode_EVP_PKEY_prov,
+                                      decode_EVP_PKEY_prov,
                                       test_text,
                                       check_protected_PKCS8_PEM, dump_pem,
-                                      OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ,
+                                      OSSL_ENCODER_PrivateKey_TO_PEM_PQ,
                                       0);
 }
 
@@ -546,9 +546,9 @@ static int check_protected_legacy_PEM(const char *type,
 
 static int test_protected_via_legacy_PEM(const char *type, EVP_PKEY *key)
 {
-    return test_serialize_deserialize(type, key, pass, pass_cipher,
-                                      serialize_EVP_PKEY_legacy_PEM,
-                                      deserialize_EVP_PKEY_prov,
+    return test_encode_decode(type, key, pass, pass_cipher,
+                                      encode_EVP_PKEY_legacy_PEM,
+                                      decode_EVP_PKEY_prov,
                                       test_text,
                                       check_protected_legacy_PEM, dump_pem,
                                       NULL, 1);
@@ -557,9 +557,9 @@ static int test_protected_via_legacy_PEM(const char *type, EVP_PKEY *key)
 #if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
 static int test_protected_via_PVK(const char *type, EVP_PKEY *key)
 {
-    return test_serialize_deserialize(type, key, pass, NULL,
-                                      serialize_EVP_PKEY_PVK,
-                                      deserialize_EVP_PKEY_prov,
+    return test_encode_decode(type, key, pass, NULL,
+                                      encode_EVP_PKEY_PVK,
+                                      decode_EVP_PKEY_prov,
                                       test_mem,
                                       check_PVK, dump_der,
                                       NULL, 0);
@@ -578,12 +578,12 @@ static int check_public_DER(const char *type, const void *data, size_t data_len)
 
 static int test_public_via_DER(const char *type, EVP_PKEY *key)
 {
-    return test_serialize_deserialize(type, key, NULL, NULL,
-                                      serialize_EVP_PKEY_prov,
-                                      deserialize_EVP_PKEY_prov,
+    return test_encode_decode(type, key, NULL, NULL,
+                                      encode_EVP_PKEY_prov,
+                                      decode_EVP_PKEY_prov,
                                       test_mem,
                                       check_public_DER, dump_der,
-                                      OSSL_SERIALIZER_PUBKEY_TO_DER_PQ,
+                                      OSSL_ENCODER_PUBKEY_TO_DER_PQ,
                                       0);
 }
 
@@ -597,12 +597,12 @@ static int check_public_PEM(const char *type, const void *data, size_t data_len)
 
 static int test_public_via_PEM(const char *type, EVP_PKEY *key)
 {
-    return test_serialize_deserialize(type, key, NULL, NULL,
-                                      serialize_EVP_PKEY_prov,
-                                      deserialize_EVP_PKEY_prov,
+    return test_encode_decode(type, key, NULL, NULL,
+                                      encode_EVP_PKEY_prov,
+                                      decode_EVP_PKEY_prov,
                                       test_text,
                                       check_public_PEM, dump_pem,
-                                      OSSL_SERIALIZER_PUBKEY_TO_PEM_PQ,
+                                      OSSL_ENCODER_PUBKEY_TO_PEM_PQ,
                                       0);
 }
 
@@ -620,9 +620,9 @@ static int check_public_MSBLOB(const char *type,
 
 static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key)
 {
-    return test_serialize_deserialize(type, key, NULL, NULL,
-                                      serialize_public_EVP_PKEY_MSBLOB,
-                                      deserialize_EVP_PKEY_prov,
+    return test_encode_decode(type, key, NULL, NULL,
+                                      encode_public_EVP_PKEY_MSBLOB,
+                                      decode_EVP_PKEY_prov,
                                       test_mem,
                                       check_public_MSBLOB, dump_der,
                                       NULL, 0);
diff --git a/test/evp_pkey_provided_test.c b/test/evp_pkey_provided_test.c
index 7e063bb77b..3678dc0584 100644
--- a/test/evp_pkey_provided_test.c
+++ b/test/evp_pkey_provided_test.c
@@ -10,7 +10,7 @@
 #include <string.h> /* memset */
 #include <openssl/evp.h>
 #include <openssl/pem.h>
-#include <openssl/serializer.h>
+#include <openssl/encoder.h>
 #include <openssl/provider.h>
 #include <openssl/param_build.h>
 #include <openssl/core_names.h>
@@ -152,41 +152,41 @@ static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk)
     return ret;
 }
 
-static int test_print_key_type_using_serializer(const char *alg, int type,
+static int test_print_key_type_using_encoder(const char *alg, int type,
                                                 const EVP_PKEY *pk)
 {
     const char *pq;
-    OSSL_SERIALIZER_CTX *ctx = NULL;
+    OSSL_ENCODER_CTX *ctx = NULL;
     BIO *membio = BIO_new(BIO_s_mem());
     int ret = 0;
 
     switch (type) {
     case PRIV_TEXT:
-        pq = OSSL_SERIALIZER_PrivateKey_TO_TEXT_PQ;
+        pq = OSSL_ENCODER_PrivateKey_TO_TEXT_PQ;
         break;
 
     case PRIV_PEM:
-        pq = OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ;
+        pq = OSSL_ENCODER_PrivateKey_TO_PEM_PQ;
         break;
 
     case PRIV_DER:
-        pq = OSSL_SERIALIZER_PrivateKey_TO_DER_PQ;
+        pq = OSSL_ENCODER_PrivateKey_TO_DER_PQ;
         break;
 
     case PUB_TEXT:
-        pq = OSSL_SERIALIZER_PUBKEY_TO_TEXT_PQ;
+        pq = OSSL_ENCODER_PUBKEY_TO_TEXT_PQ;
         break;
 
     case PUB_PEM:
-        pq = OSSL_SERIALIZER_PUBKEY_TO_PEM_PQ;
+        pq = OSSL_ENCODER_PUBKEY_TO_PEM_PQ;
         break;
 
     case PUB_DER:
-        pq = OSSL_SERIALIZER_PUBKEY_TO_DER_PQ;
+        pq = OSSL_ENCODER_PUBKEY_TO_DER_PQ;
         break;
 
     default:
-        TEST_error("Invalid serialization type");
+        TEST_error("Invalid encoding type");
         goto err;
     }
 
@@ -194,58 +194,58 @@ static int test_print_key_type_using_serializer(const char *alg, int type,
         goto err;
 
     /* Make a context, it's valid for several prints */
-    TEST_note("Setting up a OSSL_SERIALIZER context with passphrase");
-    if (!TEST_ptr(ctx = OSSL_SERIALIZER_CTX_new_by_EVP_PKEY(pk, pq))
+    TEST_note("Setting up a OSSL_ENCODER context with passphrase");
+    if (!TEST_ptr(ctx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(pk, pq))
         /* Check that this operation is supported */
-        || !TEST_ptr(OSSL_SERIALIZER_CTX_get_serializer(ctx)))
+        || !TEST_ptr(OSSL_ENCODER_CTX_get_encoder(ctx)))
         goto err;
 
     /* Use no cipher.  This should give us an unencrypted PEM */
     TEST_note("Testing with no encryption");
-    if (!TEST_true(OSSL_SERIALIZER_to_bio(ctx, membio))
+    if (!TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
         || !TEST_true(compare_with_file(alg, type, membio)))
         goto err;
 
     if (type == PRIV_PEM) {
         /* Set a passphrase to be used later */
-        if (!TEST_true(OSSL_SERIALIZER_CTX_set_passphrase(ctx,
+        if (!TEST_true(OSSL_ENCODER_CTX_set_passphrase(ctx,
                                                           (unsigned char *)"pass",
                                                           4)))
             goto err;
 
         /* Use a valid cipher name */
         TEST_note("Displaying PEM encrypted with AES-256-CBC");
-        if (!TEST_true(OSSL_SERIALIZER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
-            || !TEST_true(OSSL_SERIALIZER_to_bio(ctx, bio_out)))
+        if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
+            || !TEST_true(OSSL_ENCODER_to_bio(ctx, bio_out)))
             goto err;
 
         /* Use an invalid cipher name, which should generate no output */
         TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
-        if (!TEST_false(OSSL_SERIALIZER_CTX_set_cipher(ctx, "FOO", NULL))
-            || !TEST_false(OSSL_SERIALIZER_to_bio(ctx, bio_out)))
+        if (!TEST_false(OSSL_ENCODER_CTX_set_cipher(ctx, "FOO", NULL))
+            || !TEST_false(OSSL_ENCODER_to_bio(ctx, bio_out)))
             goto err;
 
         /* Clear the cipher.  This should give us an unencrypted PEM again */
         TEST_note("Testing with encryption cleared (no encryption)");
-        if (!TEST_true(OSSL_SERIALIZER_CTX_set_cipher(ctx, NULL, NULL))
-            || !TEST_true(OSSL_SERIALIZER_to_bio(ctx, membio))
+        if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, NULL, NULL))
+            || !TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
             || !TEST_true(compare_with_file(alg, type, membio)))
             goto err;
     }
     ret = 1;
 err:
     BIO_free(membio);
-    OSSL_SERIALIZER_CTX_free(ctx);
+    OSSL_ENCODER_CTX_free(ctx);
     return ret;
 }
 
-static int test_print_key_using_serializer(const char *alg, const EVP_PKEY *pk)
+static int test_print_key_using_encoder(const char *alg, const EVP_PKEY *pk)
 {
     int i;
     int ret = 1;
 
     for (i = 0; i < 6; i++)
-        ret = ret && test_print_key_type_using_serializer(alg, i, pk);
+        ret = ret && test_print_key_type_using_encoder(alg, i, pk);
 
     return ret;
 }
@@ -326,7 +326,7 @@ static int test_fromdata_rsa(void)
             goto err;
     }
     ret = test_print_key_using_pem("RSA", pk)
-          && test_print_key_using_serializer("RSA", pk);
+          && test_print_key_using_encoder("RSA", pk);
  err:
     BN_free(bn_from);
     BN_free(bn);
@@ -512,7 +512,7 @@ static int test_fromdata_dh_named_group(void)
         goto err;
 
     ret = test_print_key_using_pem("DH", pk)
-          && test_print_key_using_serializer("DH", pk);
+          && test_print_key_using_encoder("DH", pk);
 err:
     BN_free(p);
     BN_free(q);
@@ -648,7 +648,7 @@ static int test_fromdata_dh_fips186_4(void)
         goto err;
 
     ret = test_print_key_using_pem("DH", pk)
-          && test_print_key_using_serializer("DH", pk);
+          && test_print_key_using_encoder("DH", pk);
 err:
     BN_free(p);
     BN_free(q);
@@ -876,7 +876,7 @@ static int test_fromdata_ecx(int tst)
         goto err;
 
     ret = test_print_key_using_pem(alg, pk)
-          && test_print_key_using_serializer(alg, pk);
+          && test_print_key_using_encoder(alg, pk);
 
 err:
     EVP_PKEY_free(pk);
@@ -977,7 +977,7 @@ static int test_fromdata_ec(void)
         goto err;
 
     ret = test_print_key_using_pem(alg, pk)
-          && test_print_key_using_serializer(alg, pk);
+          && test_print_key_using_encoder(alg, pk);
 err:
     BN_free(bn_priv);
     BN_free(ec_priv_bn);
@@ -1193,7 +1193,7 @@ static int test_fromdata_dsa_fips186_4(void)
         goto err;
 
     ret = test_print_key_using_pem("DSA", pk)
-          && test_print_key_using_serializer("DSA", pk);
+          && test_print_key_using_encoder("DSA", pk);
  err:
     OSSL_PARAM_BLD_free_params(fromdata_params);
     OSSL_PARAM_BLD_free(bld);
diff --git a/test/recipes/04-test_serializer_deserializer.t b/test/recipes/04-test_encoder_decoder.t
similarity index 89%
rename from test/recipes/04-test_serializer_deserializer.t
rename to test/recipes/04-test_encoder_decoder.t
index 905fc3fccc..2041eb1fb9 100644
--- a/test/recipes/04-test_serializer_deserializer.t
+++ b/test/recipes/04-test_encoder_decoder.t
@@ -13,11 +13,11 @@ use OpenSSL::Test::Simple;
 use OpenSSL::Test qw/:DEFAULT srctop_file bldtop_dir/;
 use Cwd qw(abs_path);
 
-setup("test_serializer_deserializer");
+setup("test_encoder_decoder");
 
 plan tests => 1;
 
 $ENV{OPENSSL_MODULES} = abs_path(bldtop_dir("providers"));
 $ENV{OPENSSL_CONF} = abs_path(srctop_file("test", "default-and-legacy.cnf"));
 
-ok(run(test(["serdes_test"])));
+ok(run(test(["endecode_test"])));
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 19a9b4c9d3..2d85c13eef 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4872,28 +4872,28 @@ EVP_PKEY_meth_set_digestsign            ?	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0
 EVP_PKEY_meth_set_digestverify          ?	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0
 EVP_PKEY_meth_get_digestsign            ?	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0
 EVP_PKEY_meth_get_digestverify          ?	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0
-OSSL_SERIALIZER_up_ref                  ?	3_0_0	EXIST::FUNCTION:
-OSSL_SERIALIZER_free                    ?	3_0_0	EXIST::FUNCTION:
-OSSL_SERIALIZER_fetch                   ?	3_0_0	EXIST::FUNCTION:
-OSSL_SERIALIZER_number                  ?	3_0_0	EXIST::FUNCTION:
-OSSL_SERIALIZER_is_a                    ?	3_0_0	EXIST::FUNCTION:
-OSSL_SERIALIZER_provider                ?	3_0_0	EXIST::FUNCTION:
-OSSL_SERIALIZER_do_all_provided         ?	3_0_0	EXIST::FUNCTION:
-OSSL_SERIALIZER_names_do_all            ?	3_0_0	EXIST::FUNCTION:
-OSSL_SERIALIZER_settable_ctx_params     ?	3_0_0	EXIST::FUNCTION:
-OSSL_SERIALIZER_CTX_new                 ?	3_0_0	EXIST::FUNCTION:
-OSSL_SERIALIZER_CTX_get_serializer      ?	3_0_0	EXIST::FUNCTION:
-OSSL_SERIALIZER_CTX_set_params          ?	3_0_0	EXIST::FUNCTION:
-OSSL_SERIALIZER_CTX_free                ?	3_0_0	EXIST::FUNCTION:
-OSSL_SERIALIZER_properties              ?	3_0_0	EXIST::FUNCTION:
-OSSL_SERIALIZER_to_bio                  ?	3_0_0	EXIST::FUNCTION:
-OSSL_SERIALIZER_to_fp                   ?	3_0_0	EXIST::FUNCTION:STDIO
-OSSL_SERIALIZER_CTX_new_by_EVP_PKEY     ?	3_0_0	EXIST::FUNCTION:
-OSSL_SERIALIZER_CTX_set_cipher          ?	3_0_0	EXIST::FUNCTION:
-OSSL_SERIALIZER_CTX_set_passphrase      ?	3_0_0	EXIST::FUNCTION:
-OSSL_SERIALIZER_CTX_set_passphrase_cb   ?	3_0_0	EXIST::FUNCTION:
-OSSL_SERIALIZER_CTX_set_passphrase_ui   ?	3_0_0	EXIST::FUNCTION:
-ERR_load_OSSL_SERIALIZER_strings        ?	3_0_0	EXIST::FUNCTION:
+OSSL_ENCODER_up_ref                     ?	3_0_0	EXIST::FUNCTION:
+OSSL_ENCODER_free                       ?	3_0_0	EXIST::FUNCTION:
+OSSL_ENCODER_fetch                      ?	3_0_0	EXIST::FUNCTION:
+OSSL_ENCODER_number                     ?	3_0_0	EXIST::FUNCTION:
+OSSL_ENCODER_is_a                       ?	3_0_0	EXIST::FUNCTION:
+OSSL_ENCODER_provider                   ?	3_0_0	EXIST::FUNCTION:
+OSSL_ENCODER_do_all_provided            ?	3_0_0	EXIST::FUNCTION:
+OSSL_ENCODER_names_do_all               ?	3_0_0	EXIST::FUNCTION:
+OSSL_ENCODER_settable_ctx_params        ?	3_0_0	EXIST::FUNCTION:
+OSSL_ENCODER_CTX_new                    ?	3_0_0	EXIST::FUNCTION:
+OSSL_ENCODER_CTX_get_encoder            ?	3_0_0	EXIST::FUNCTION:
+OSSL_ENCODER_CTX_set_params             ?	3_0_0	EXIST::FUNCTION:
+OSSL_ENCODER_CTX_free                   ?	3_0_0	EXIST::FUNCTION:
+OSSL_ENCODER_properties                 ?	3_0_0	EXIST::FUNCTION:
+OSSL_ENCODER_to_bio                     ?	3_0_0	EXIST::FUNCTION:
+OSSL_ENCODER_to_fp                      ?	3_0_0	EXIST::FUNCTION:STDIO
+OSSL_ENCODER_CTX_new_by_EVP_PKEY        ?	3_0_0	EXIST::FUNCTION:
+OSSL_ENCODER_CTX_set_cipher             ?	3_0_0	EXIST::FUNCTION:
+OSSL_ENCODER_CTX_set_passphrase         ?	3_0_0	EXIST::FUNCTION:
+OSSL_ENCODER_CTX_set_passphrase_cb      ?	3_0_0	EXIST::FUNCTION:
+OSSL_ENCODER_CTX_set_passphrase_ui      ?	3_0_0	EXIST::FUNCTION:
+ERR_load_OSSL_ENCODER_strings           ?	3_0_0	EXIST::FUNCTION:
 PEM_read_X509_PUBKEY                    ?	3_0_0	EXIST::FUNCTION:STDIO
 PEM_write_X509_PUBKEY                   ?	3_0_0	EXIST::FUNCTION:STDIO
 PEM_read_bio_X509_PUBKEY                ?	3_0_0	EXIST::FUNCTION:
@@ -5155,35 +5155,35 @@ X509_STORE_load_store_with_libctx       ?	3_0_0	EXIST::FUNCTION:
 X509_STORE_load_locations_with_libctx   ?	3_0_0	EXIST::FUNCTION:
 X509_STORE_set_default_paths_with_libctx ?	3_0_0	EXIST::FUNCTION:
 OSSL_STORE_open_with_libctx             ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_fetch                 ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_up_ref                ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_free                  ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_provider              ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_properties            ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_number                ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_is_a                  ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_do_all_provided       ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_names_do_all          ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_settable_ctx_params   ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_CTX_new               ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_CTX_set_params        ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_CTX_free              ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_CTX_set_passphrase    ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_CTX_set_pem_password_cb ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_CTX_set_passphrase_ui ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_from_bio              ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_from_fp               ?	3_0_0	EXIST::FUNCTION:STDIO
-OSSL_DESERIALIZER_CTX_add_deserializer  ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_CTX_add_extra         ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_CTX_num_deserializers ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_CTX_set_input_type    ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_export                ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_INSTANCE_deserializer ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_INSTANCE_deserializer_ctx ?	3_0_0	EXIST::FUNCTION:
-ERR_load_OSSL_DESERIALIZER_strings      ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_gettable_params       ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_get_params            ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY   ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_fetch                      ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_up_ref                     ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_free                       ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_provider                   ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_properties                 ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_number                     ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_is_a                       ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_do_all_provided            ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_names_do_all               ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_settable_ctx_params        ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_CTX_new                    ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_CTX_set_params             ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_CTX_free                   ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_CTX_set_passphrase         ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_CTX_set_pem_password_cb    ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_CTX_set_passphrase_ui      ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_from_bio                   ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_from_fp                    ?	3_0_0	EXIST::FUNCTION:STDIO
+OSSL_DECODER_CTX_add_decoder            ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_CTX_add_extra              ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_CTX_num_decoders           ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_CTX_set_input_type         ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_export                     ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_INSTANCE_decoder           ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_INSTANCE_decoder_ctx       ?	3_0_0	EXIST::FUNCTION:
+ERR_load_OSSL_DECODER_strings           ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_gettable_params            ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_get_params                 ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_CTX_new_by_EVP_PKEY        ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_set1_X25519                    ?	3_0_0	EXIST::FUNCTION:EC
 EVP_PKEY_get0_X25519                    ?	3_0_0	EXIST::FUNCTION:EC
 EVP_PKEY_get1_X25519                    ?	3_0_0	EXIST::FUNCTION:EC
@@ -5196,12 +5196,12 @@ EVP_PKEY_get1_ED25519                   ?	3_0_0	EXIST::FUNCTION:EC
 EVP_PKEY_set1_ED448                     ?	3_0_0	EXIST::FUNCTION:EC
 EVP_PKEY_get0_ED448                     ?	3_0_0	EXIST::FUNCTION:EC
 EVP_PKEY_get1_ED448                     ?	3_0_0	EXIST::FUNCTION:EC
-OSSL_DESERIALIZER_CTX_set_construct     ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_CTX_set_construct_data ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_CTX_set_cleanup       ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_CTX_get_construct     ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_CTX_get_construct_data ?	3_0_0	EXIST::FUNCTION:
-OSSL_DESERIALIZER_CTX_get_cleanup       ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_CTX_set_construct          ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_CTX_set_construct_data     ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_CTX_set_cleanup            ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_CTX_get_construct          ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_CTX_get_construct_data     ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_CTX_get_cleanup            ?	3_0_0	EXIST::FUNCTION:
 RAND_get0_primary                       ?	3_0_0	EXIST::FUNCTION:
 RAND_get0_public                        ?	3_0_0	EXIST::FUNCTION:
 RAND_get0_private                       ?	3_0_0	EXIST::FUNCTION:
diff --git a/util/missingcrypto.txt b/util/missingcrypto.txt
index 97208d364e..54ff9cc1b7 100644
--- a/util/missingcrypto.txt
+++ b/util/missingcrypto.txt
@@ -633,8 +633,8 @@ ERR_load_HTTP_strings(3)
 ERR_load_KDF_strings(3)
 ERR_load_OBJ_strings(3)
 ERR_load_OCSP_strings(3)
-ERR_load_OSSL_SERIALIZER_strings(3)
-ERR_load_OSSL_DESERIALIZER_strings(3)
+ERR_load_OSSL_ENCODER_strings(3)
+ERR_load_OSSL_DECODER_strings(3)
 ERR_load_OSSL_STORE_strings(3)
 ERR_load_PEM_strings(3)
 ERR_load_PKCS12_strings(3)
@@ -910,12 +910,12 @@ OPENSSL_utf82uni(3)
 OSSL_CRMF_CERTID_dup(3)
 OSSL_PARAM_modified(3)
 OSSL_PARAM_set_all_unmodified(3)
-OSSL_SERIALIZER-DH(7)
-OSSL_SERIALIZER-DSA(7)
-OSSL_SERIALIZER-EC(7)
-OSSL_SERIALIZER-RSA(7)
-OSSL_SERIALIZER-X25519(7)
-OSSL_SERIALIZER-X448(7)
+OSSL_ENCODER-DH(7)
+OSSL_ENCODER-DSA(7)
+OSSL_ENCODER-EC(7)
+OSSL_ENCODER-RSA(7)
+OSSL_ENCODER-X25519(7)
+OSSL_ENCODER-X448(7)
 OSSL_STORE_do_all_loaders(3)
 OSSL_STORE_vctrl(3)
 OTHERNAME_cmp(3)
diff --git a/util/other.syms b/util/other.syms
index bfe320396b..97f71906da 100644
--- a/util/other.syms
+++ b/util/other.syms
@@ -41,17 +41,17 @@ GEN_SESSION_CB                          datatype
 OPENSSL_Applink                         external
 OPENSSL_CTX                             datatype
 NAMING_AUTHORITY                        datatype
-OSSL_DESERIALIZER                       datatype
-OSSL_DESERIALIZER_CTX                   datatype
-OSSL_DESERIALIZER_CONSTRUCT             datatype
-OSSL_DESERIALIZER_CLEANUP               datatype
-OSSL_DESERIALIZER_INSTANCE              datatype
-OSSL_DESERIALIZER_CTX                   datatype
+OSSL_DECODER                            datatype
+OSSL_DECODER_CTX                        datatype
+OSSL_DECODER_CONSTRUCT                  datatype
+OSSL_DECODER_CLEANUP                    datatype
+OSSL_DECODER_INSTANCE                   datatype
+OSSL_DECODER_CTX                        datatype
 OSSL_HTTP_bio_cb_t                      datatype
 OSSL_PARAM                              datatype
 OSSL_PROVIDER                           datatype
-OSSL_SERIALIZER                         datatype
-OSSL_SERIALIZER_CTX                     datatype
+OSSL_ENCODER                            datatype
+OSSL_ENCODER_CTX                        datatype
 OSSL_STORE_CTX                          datatype
 OSSL_STORE_INFO                         datatype
 OSSL_STORE_LOADER                       datatype
@@ -266,7 +266,7 @@ EVP_PKEY_CTX_set1_scrypt_salt           define
 EVP_PKEY_CTX_set1_tls1_prf_secret       define
 EVP_PKEY_CTX_set_dh_paramgen_generator  define
 EVP_PKEY_CTX_set_dh_paramgen_prime_len  define
-EVP_PKEY_CTX_set_dh_paramgen_subprime_len     define
+EVP_PKEY_CTX_set_dh_paramgen_subprime_len define
 EVP_PKEY_CTX_set_dh_paramgen_type       define
 EVP_PKEY_CTX_set_dh_kdf_md              define
 EVP_PKEY_CTX_set_dh_kdf_outlen          define
@@ -412,15 +412,15 @@ OSSL_PARAM_utf8_string                  define
 OSSL_PARAM_get_TYPE                     generic
 OSSL_PARAM_END                          define
 OSSL_PARAM_set_TYPE                     generic
-OSSL_SERIALIZER_PUBKEY_TO_DER_PQ        define
-OSSL_SERIALIZER_PrivateKey_TO_DER_PQ    define
-OSSL_SERIALIZER_Parameters_TO_DER_PQ    define
-OSSL_SERIALIZER_PUBKEY_TO_PEM_PQ        define
-OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ    define
-OSSL_SERIALIZER_Parameters_TO_PEM_PQ    define
-OSSL_SERIALIZER_PUBKEY_TO_TEXT_PQ       define
-OSSL_SERIALIZER_PrivateKey_TO_TEXT_PQ   define
-OSSL_SERIALIZER_Parameters_TO_TEXT_PQ   define
+OSSL_ENCODER_PUBKEY_TO_DER_PQ           define
+OSSL_ENCODER_PrivateKey_TO_DER_PQ       define
+OSSL_ENCODER_Parameters_TO_DER_PQ       define
+OSSL_ENCODER_PUBKEY_TO_PEM_PQ           define
+OSSL_ENCODER_PrivateKey_TO_PEM_PQ       define
+OSSL_ENCODER_Parameters_TO_PEM_PQ       define
+OSSL_ENCODER_PUBKEY_TO_TEXT_PQ          define
+OSSL_ENCODER_PrivateKey_TO_TEXT_PQ      define
+OSSL_ENCODER_Parameters_TO_TEXT_PQ      define
 PEM_FLAG_EAY_COMPATIBLE                 define
 PEM_FLAG_ONLY_B64                       define
 PEM_FLAG_SECURE                         define

From builds at travis-ci.com  Fri Aug 21 09:54:24 2020
From: builds at travis-ci.com (Travis CI)
Date: Fri, 21 Aug 2020 09:54:24 +0000
Subject: Still Failing: openssl/openssl#36859 (master - be63e58)
In-Reply-To: <openssl/openssl+180752420+still failing@travis-ci.com>
Message-ID: <5f3f99cfae1cd_13fca604261d81528a7@travis-pro-tasks-86cb5d48b5-5rnd9.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36859
Status: Still Failing

Duration: 36 mins and 17 secs
Commit: be63e58 (master)
Author: Shane Lontis
Message: Fix incorrect selection flags for ec serializer.

Fixes #12630

ec_import requires domain parameters to be part of the selection.
The public and private serialisers were not selecting the correct flags so the import was failing.
Added a test that uses the base provider so that a export/import happens for serialization.

Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12681)

View the changeset: https://github.com/openssl/openssl/compare/8ca6c6669fb6...be63e58732ce

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180752420?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200821/d910b9c0/attachment.html>

From openssl at openssl.org  Fri Aug 21 10:52:56 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 21 Aug 2020 10:52:56 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-sock
Message-ID: <1598007176.031834.6144.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-sock

Commit log since last time:

c7dfb2abe5 PKCS12_parse(): Clean up code and correct documentation
fc0aae737e PKCS12_parse(): Fix reversed order of certs parsed and output via *ca
9a30f40c57 OSSL_STORE file_load_try_decode(): Avoid flooding error queue by failed tries
7fe32ef688 Fix no-cms build errors.
c51a8af8cc OCSP: Add return value checks.
c9dcbc0759 Apps: change provider_path option to provider-path.
38145fba0a Fix DSA/DH so that legacy keys can still be generated by the default provider
6c4e2e52d8 Fix broken windows builds.
bfa6aaab45 Test that EVP_default_properties_is_fips_enabled() works early
e6c54619d1 Load the default config file before working with default properties

Build log ended with (last 100 lines):

rm -f doc/html/man1/CA.pl.html doc/html/man1/openssl-asn1parse.html doc/html/man1/openssl-ca.html doc/html/man1/openssl-ciphers.html doc/html/man1/openssl-cmds.html doc/html/man1/openssl-cmp.html doc/html/man1/openssl-cms.html doc/html/man1/openssl-crl.html doc/html/man1/openssl-crl2pkcs7.html doc/html/man1/openssl-dgst.html doc/html/man1/openssl-dhparam.html doc/html/man1/openssl-dsa.html doc/html/man1/openssl-dsaparam.html doc/html/man1/openssl-ec.html doc/html/man1/openssl-ecparam.html doc/html/man1/openssl-enc.html doc/html/man1/openssl-engine.html doc/html/man1/openssl-errstr.html doc/html/man1/openssl-fipsinstall.html doc/html/man1/openssl-gendsa.html doc/html/man1/openssl-genpkey.html doc/html/man1/openssl-genrsa.html doc/html/man1/openssl-info.html doc/html/man1/openssl-kdf.html doc/html/man1/openssl-list.html doc/html/man1/openssl-mac.html doc/html/man1/openssl-nseq.html doc/html/man1/openssl-ocsp.html doc/html/man1/openssl-passwd.html doc/html/man1/openssl-pkcs12.html doc/html/man1/openssl-pkcs7.html doc/html/man1/openssl-pkcs8.html doc/html/man1/openssl-pkey.html doc/html/man1/openssl-pkeyparam.html doc/html/man1/openssl-pkeyutl.html doc/html/man1/openssl-prime.html doc/html/man1/openssl-provider.html doc/html/man1/openssl-rand.html doc/html/man1/openssl-rehash.html doc/html/man1/openssl-req.html doc/html/man1/openssl-rsa.html doc/html/man1/openssl-rsautl.html doc/html/man1/openssl-s_client.html doc/html/man1/openssl-s_server.html doc/html/man1/openssl-s_time.html doc/html/man1/openssl-sess_id.html doc/html/man1/openssl-smime.html doc/html/man1/openssl-speed.html doc/html/man1/openssl-spkac.html doc/html/man1/openssl-srp.html doc/html/man1/openssl-storeutl.html doc/html/man1/openssl-ts.html doc/html/man1/openssl-verify.html doc/html/man1/openssl-version.html doc/html/man1/openssl-x509.html doc/html/man1/openssl.html doc/html/man1/tsget.html doc/html/man3/ADMISSIONS.html doc/html/man3/ASN1_INTEGER_get_int64.html doc/html/man3/ASN1_INTEGER_new.html doc/html/man3/ASN1_ITEM_lookup.html doc/html/man3/ASN1_OBJECT_new.html doc/html/man3/ASN1_STRING_TABLE_add.html doc/html/man3/ASN1_STRING_length.html doc/html/man3/ASN1_STRING_new.html doc/html/man3/ASN1_STRING_print_ex.html doc/html/man3/ASN1_TIME_set.html doc/html/man3/ASN1_TYPE_get.html doc/html/man3/ASN1_generate_nconf.html doc/html/man3/ASYNC_WAIT_CTX_new.html doc/html/man3/ASYNC_start_job.html doc/html/man3/BF_encrypt.html doc/html/man3/BIO_ADDR.html doc/html/man3/BIO_ADDRINFO.html doc/html/man3/BIO_connect.html doc/html/man3/BIO_ctrl.html doc/html/man3/BIO_f_base64.html doc/html/man3/BIO_f_buffer.html doc/html/man3/BIO_f_cipher.html doc/html/man3/BIO_f_md.html doc/html/man3/BIO_f_null.html doc/html/man3/BIO_f_prefix.html doc/html/man3/BIO_f_ssl.html doc/html/man3/BIO_find_type.html doc/html/man3/BIO_get_data.html doc/html/man3/BIO_get_ex_new_index.html doc/html/man3/BIO_meth_new.html doc/html/man3/BIO_new.html doc/html/man3/BIO_new_CMS.html doc/html/man3/BIO_parse_hostserv.html doc/html/man3/BIO_printf.html doc/html/man3/BIO_push.html doc/html/man3/BIO_read.html doc/html/man3/BIO_s_accept.html doc/html/man3/BIO_s_bio.html doc/html/man3/BIO_s_connect.html doc/html/man3/BIO_s_fd.html doc/html/man3/BIO_s_file.html doc/html/man3/BIO_s_mem.html doc/html/man3/BIO_s_null.html doc/html/man3/BIO_s_socket.html doc/html/man3/BIO_set_callback.html doc/html/man3/BIO_should_retry.html doc/html/man3/BIO_socket_wait.html doc/html/man3/BN_BLINDING_new.html doc/html/man3/BN_CTX_new.html doc/html/man3/BN_CTX_start.html doc/html/man3/BN_add.html doc/html/man3/BN_add_word.html doc/html/man3/BN_bn2bin.html doc/html/man3/BN_cmp.html doc/html/man3/BN_copy.html doc/html/man3/BN_generate_prime.html doc/html/man3/BN_mod_inverse.html doc/html/man3/BN_mod_mul_montgomery.html doc/html/man3/BN_mod_mul_reciprocal.html doc/html/man3/BN_new.html doc/html/man3/BN_num_bytes.html doc/html/man3/BN_rand.html doc/html/man3/BN_security_bits.html doc/html/man3/BN_set_bit.html doc/html/man3/BN_swap.html doc/html/man3/BN_zero.html doc/html/man3/BUF_MEM_new.html doc/html/man3/CMS_EncryptedData_decrypt.html doc/html/man3/CMS_EncryptedData_encrypt.html doc/html/man3/CMS_EnvelopedData_create.html doc/html/man3/CMS_add0_cert.html doc/html/man3/CMS_add1_recipient_cert.html doc/html/man3/CMS_add1_signer.html doc/html/man3/CMS_compress.html doc/html/man3/CMS_data_create.html doc/html/man3/CMS_decrypt.html doc/html/man3/CMS_digest_create.html doc/html/man3/CMS_encrypt.html doc/html/man3/CMS_final.html doc/html/man3/CMS_get0_RecipientInfos.html doc/html/man3/CMS_get0_SignerInfos.html doc/html/man3/CMS_get0_type.html doc/html/man3/CMS_get1_ReceiptRequest.html doc/html/man3/CMS_sign.html doc/html/man3/CMS_sign_receipt.html doc/html/man3/CMS_uncompress.html doc/html/man3/CMS_verify.html doc/html/man3/CMS_verify_receipt.html doc/html/man3/CONF_modules_free.html doc/html/man3/CONF_modules_load_file.html doc/html/man3/CRYPTO_THREAD_run_once.html doc/html/man3/CRYPTO_get_ex_new_index.html doc/html/man3/CRYPTO_memcmp.html doc/html/man3/CTLOG_STORE_get0_log_by_id.html doc/html/man3/CTLOG_STORE_new.html doc/html/man3/CTLOG_new.html doc/html/man3/CT_POLICY_EVAL_CTX_new.html doc/html/man3/DEFINE_STACK_OF.html doc/html/man3/DES_random_key.html doc/html/man3/DH_generate_key.html doc/html/man3/DH_generate_parameters.html doc/html/man3/DH_get0_pqg.html doc/html/man3/DH_get_1024_160.html doc/html/man3/DH_meth_new.html doc/html/man3/DH_new.html doc/html/man3/DH_new_by_nid.html doc/html/man3/DH_set_method.html doc/html/man3/DH_size.html doc/html/man3/DSA_SIG_new.html doc/html/man3/DSA_do_sign.html doc/html/man3/DSA_dup_DH.html doc/html/man3/DSA_generate_key.html doc/html/man3/DSA_generate_parameters.html doc/html/man3/DSA_get0_pqg.html doc/html/man3/DSA_meth_new.html doc/html/man3/DSA_new.html doc/html/man3/DSA_set_method.html doc/html/man3/DSA_sign.html doc/html/man3/DSA_size.html doc/html/man3/DTLS_get_data_mtu.html doc/html/man3/DTLS_set_timer_cb.html doc/html/man3/DTLSv1_listen.html doc/html/man3/ECDSA_SIG_new.html doc/html/man3/ECPKParameters_print.html doc/html/man3/EC_GFp_simple_method.html doc/html/man3/EC_GROUP_copy.html doc/html/man3/EC_GROUP_new.html doc/html/man3/EC_KEY_get_enc_flags.html doc/html/man3/EC_KEY_new.html doc/html/man3/EC_POINT_add.html doc/html/man3/EC_POINT_new.html doc/html/man3/ENGINE_add.html doc/html/man3/ERR_GET_LIB.html doc/html/man3/ERR_clear_error.html doc/html/man3/ERR_error_string.html doc/html/man3/ERR_get_error.html doc/html/man3/ERR_load_crypto_strings.html doc/html/man3/ERR_load_strings.html doc/html/man3/ERR_new.html doc/html/man3/ERR_print_errors.html doc/html/man3/ERR_put_error.html doc/html/man3/ERR_remove_state.html doc/html/man3/ERR_set_mark.html doc/html/man3/EVP_ASYM_CIPHER_free.html doc/html/man3/EVP_BytesToKey.html doc/html/man3/EVP_CIPHER_CTX_get_cipher_data.html doc/html/man3/EVP_CIPHER_CTX_get_iv.html doc/html/man3/EVP_CIPHER_meth_new.html doc/html/man3/EVP_DigestInit.html doc/html/man3/EVP_DigestSignInit.html doc/html/man3/EVP_DigestVerifyInit.html doc/html/man3/EVP_EncodeInit.html doc/html/man3/EVP_EncryptInit.html doc/html/man3/EVP_KDF.html doc/html/man3/EVP_KEYEXCH_free.html doc/html/man3/EVP_KEYMGMT.html doc/html/man3/EVP_MAC.html doc/html/man3/EVP_MD_meth_new.html doc/html/man3/EVP_OpenInit.html doc/html/man3/EVP_PKEY_ASN1_METHOD.html doc/html/man3/EVP_PKEY_CTX_ctrl.html doc/html/man3/EVP_PKEY_CTX_new.html doc/html/man3/EVP_PKEY_CTX_set1_pbe_pass.html doc/html/man3/EVP_PKEY_CTX_set_hkdf_md.html doc/html/man3/EVP_PKEY_CTX_set_params.html doc/html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.html doc/html/man3/EVP_PKEY_CTX_set_scrypt_N.html doc/html/man3/EVP_PKEY_CTX_set_tls1_prf_md.html doc/html/man3/EVP_PKEY_asn1_get_count.html doc/html/man3/EVP_PKEY_check.html doc/html/man3/EVP_PKEY_copy_parameters.html doc/html/man3/EVP_PKEY_decrypt.html doc/html/man3/EVP_PKEY_derive.html doc/html/man3/EVP_PKEY_encrypt.html doc/html/man3/EVP_PKEY_fromdata.html doc/html/man3/EVP_PKEY_gen.html doc/html/man3/EVP_PKEY_get_default_digest_nid.html doc/html/man3/EVP_PKEY_gettable_params.html doc/html/man3/EVP_PKEY_is_a.html doc/html/man3/EVP_PKEY_meth_get_count.html doc/html/man3/EVP_PKEY_meth_new.html doc/html/man3/EVP_PKEY_new.html doc/html/man3/EVP_PKEY_print_private.html doc/html/man3/EVP_PKEY_set1_RSA.html doc/html/man3/EVP_PKEY_set_type.html doc/html/man3/EVP_PKEY_sign.html doc/html/man3/EVP_PKEY_size.html doc/html/man3/EVP_PKEY_supports_digest_nid.html doc/html/man3/EVP_PKEY_verify.html doc/html/man3/EVP_PKEY_verify_recover.html doc/html/man3/EVP_RAND.html doc/html/man3/EVP_SIGNATURE_free.html doc/html/man3/EVP_SealInit.html doc/html/man3/EVP_SignInit.html doc/html/man3/EVP_VerifyInit.html doc/html/man3/EVP_aes_128_gcm.html doc/html/man3/EVP_aria_128_gcm.html doc/html/man3/EVP_bf_cbc.html doc/html/man3/EVP_blake2b512.html doc/html/man3/EVP_camellia_128_ecb.html doc/html/man3/EVP_cast5_cbc.html doc/html/man3/EVP_chacha20.html doc/html/man3/EVP_des_cbc.html doc/html/man3/EVP_desx_cbc.html doc/html/man3/EVP_idea_cbc.html doc/html/man3/EVP_md2.html doc/html/man3/EVP_md4.html doc/html/man3/EVP_md5.html doc/html/man3/EVP_mdc2.html doc/html/man3/EVP_rc2_cbc.html doc/html/man3/EVP_rc4.html doc/html/man3/EVP_rc5_32_12_16_cbc.html doc/html/man3/EVP_ripemd160.html doc/html/man3/EVP_seed_cbc.html doc/html/man3/EVP_set_default_properties.html doc/html/man3/EVP_sha1.html doc/html/man3/EVP_sha224.html doc/html/man3/EVP_sha3_224.html doc/html/man3/EVP_sm3.html doc/html/man3/EVP_sm4_cbc.html doc/html/man3/EVP_whirlpool.html doc/html/man3/HMAC.html doc/html/man3/MD5.html doc/html/man3/MDC2_Init.html doc/html/man3/NCONF_new_with_libctx.html doc/html/man3/OBJ_nid2obj.html doc/html/man3/OCSP_REQUEST_new.html doc/html/man3/OCSP_cert_to_id.html doc/html/man3/OCSP_request_add1_nonce.html doc/html/man3/OCSP_resp_find_status.html doc/html/man3/OCSP_response_status.html doc/html/man3/OCSP_sendreq_new.html doc/html/man3/OPENSSL_Applink.html doc/html/man3/OPENSSL_CTX.html doc/html/man3/OPENSSL_FILE.html doc/html/man3/OPENSSL_LH_COMPFUNC.html doc/html/man3/OPENSSL_LH_stats.html doc/html/man3/OPENSSL_config.html doc/html/man3/OPENSSL_fork_prepare.html doc/html/man3/OPENSSL_hexchar2int.html doc/html/man3/OPENSSL_ia32cap.html doc/html/man3/OPENSSL_init_crypto.html doc/html/man3/OPENSSL_init_ssl.html doc/html/man3/OPENSSL_instrument_bus.html doc/html/man3/OPENSSL_load_builtin_modules.html doc/html/man3/OPENSSL_malloc.html doc/html/man3/OPENSSL_s390xcap.html doc/html/man3/OPENSSL_secure_malloc.html doc/html/man3/OSSL_CMP_CTX_new.html doc/html/man3/OSSL_CMP_HDR_get0_transactionID.html doc/html/man3/OSSL_CMP_ITAV_set0.html doc/html/man3/OSSL_CMP_MSG_get0_header.html doc/html/man3/OSSL_CMP_MSG_http_perform.html doc/html/man3/OSSL_CMP_SRV_CTX_new.html doc/html/man3/OSSL_CMP_STATUSINFO_new.html doc/html/man3/OSSL_CMP_exec_certreq.html doc/html/man3/OSSL_CMP_log_open.html doc/html/man3/OSSL_CMP_validate_msg.html doc/html/man3/OSSL_CRMF_MSG_get0_tmpl.html doc/html/man3/OSSL_CRMF_MSG_set0_validity.html doc/html/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.html doc/html/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.html doc/html/man3/OSSL_CRMF_pbmp_new.html doc/html/man3/OSSL_DESERIALIZER.html doc/html/man3/OSSL_DESERIALIZER_CTX.html doc/html/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.html doc/html/man3/OSSL_DESERIALIZER_from_bio.html doc/html/man3/OSSL_HTTP_transfer.html doc/html/man3/OSSL_PARAM.html doc/html/man3/OSSL_PARAM_BLD.html doc/html/man3/OSSL_PARAM_allocate_from_text.html doc/html/man3/OSSL_PARAM_int.html doc/html/man3/OSSL_PROVIDER.html doc/html/man3/OSSL_SELF_TEST_new.html doc/html/man3/OSSL_SELF_TEST_set_callback.html doc/html/man3/OSSL_SERIALIZER.html doc/html/man3/OSSL_SERIALIZER_CTX.html doc/html/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.html doc/html/man3/OSSL_SERIALIZER_to_bio.html doc/html/man3/OSSL_STORE_INFO.html doc/html/man3/OSSL_STORE_LOADER.html doc/html/man3/OSSL_STORE_SEARCH.html doc/html/man3/OSSL_STORE_attach.html doc/html/man3/OSSL_STORE_expect.html doc/html/man3/OSSL_STORE_open.html doc/html/man3/OSSL_trace_enabled.html doc/html/man3/OSSL_trace_get_category_num.html doc/html/man3/OSSL_trace_set_channel.html doc/html/man3/OpenSSL_add_all_algorithms.html doc/html/man3/OpenSSL_version.html doc/html/man3/PEM_X509_INFO_read_bio_with_libctx.html doc/html/man3/PEM_bytes_read_bio.html doc/html/man3/PEM_read.html doc/html/man3/PEM_read_CMS.html doc/html/man3/PEM_read_bio_PrivateKey.html doc/html/man3/PEM_read_bio_ex.html doc/html/man3/PEM_write_bio_CMS_stream.html doc/html/man3/PEM_write_bio_PKCS7_stream.html doc/html/man3/PKCS12_SAFEBAG_create_cert.html doc/html/man3/PKCS12_SAFEBAG_get0_attrs.html doc/html/man3/PKCS12_SAFEBAG_get1_cert.html doc/html/man3/PKCS12_add1_attr_by_NID.html doc/html/man3/PKCS12_add_CSPName_asc.html doc/html/man3/PKCS12_add_cert.html doc/html/man3/PKCS12_add_friendlyname_asc.html doc/html/man3/PKCS12_add_localkeyid.html doc/html/man3/PKCS12_add_safe.html doc/html/man3/PKCS12_create.html doc/html/man3/PKCS12_get_friendlyname.html doc/html/man3/PKCS12_newpass.html doc/html/man3/PKCS12_parse.html doc/html/man3/PKCS5_PBKDF2_HMAC.html doc/html/man3/PKCS7_decrypt.html doc/html/man3/PKCS7_encrypt.html doc/html/man3/PKCS7_sign.html doc/html/man3/PKCS7_sign_add_signer.html doc/html/man3/PKCS7_verify.html doc/html/man3/PKCS8_pkey_add1_attr.html doc/html/man3/RAND_add.html doc/html/man3/RAND_bytes.html doc/html/man3/RAND_cleanup.html doc/html/man3/RAND_egd.html doc/html/man3/RAND_get0_primary.html doc/html/man3/RAND_load_file.html doc/html/man3/RAND_set_rand_method.html doc/html/man3/RC4_set_key.html doc/html/man3/RIPEMD160_Init.html doc/html/man3/RSA_blinding_on.html doc/html/man3/RSA_check_key.html doc/html/man3/RSA_generate_key.html doc/html/man3/RSA_get0_key.html doc/html/man3/RSA_meth_new.html doc/html/man3/RSA_new.html doc/html/man3/RSA_padding_add_PKCS1_type_1.html doc/html/man3/RSA_print.html doc/html/man3/RSA_private_encrypt.html doc/html/man3/RSA_public_encrypt.html doc/html/man3/RSA_set_method.html doc/html/man3/RSA_sign.html doc/html/man3/RSA_sign_ASN1_OCTET_STRING.html doc/html/man3/RSA_size.html doc/html/man3/SCT_new.html doc/html/man3/SCT_print.html doc/html/man3/SCT_validate.html doc/html/man3/SHA256_Init.html doc/html/man3/SMIME_read_ASN1.html doc/html/man3/SMIME_read_CMS.html doc/html/man3/SMIME_read_PKCS7.html doc/html/man3/SMIME_write_ASN1.html doc/html/man3/SMIME_write_CMS.html doc/html/man3/SMIME_write_PKCS7.html doc/html/man3/SRP_Calc_B.html doc/html/man3/SRP_VBASE_new.html doc/html/man3/SRP_create_verifier.html doc/html/man3/SRP_user_pwd_new.html doc/html/man3/SSL_CIPHER_get_name.html doc/html/man3/SSL_COMP_add_compression_method.html doc/html/man3/SSL_CONF_CTX_new.html doc/html/man3/SSL_CONF_CTX_set1_prefix.html doc/html/man3/SSL_CONF_CTX_set_flags.html doc/html/man3/SSL_CONF_CTX_set_ssl_ctx.html doc/html/man3/SSL_CONF_cmd.html doc/html/man3/SSL_CONF_cmd_argv.html doc/html/man3/SSL_CTX_add1_chain_cert.html doc/html/man3/SSL_CTX_add_extra_chain_cert.html doc/html/man3/SSL_CTX_add_session.html doc/html/man3/SSL_CTX_config.html doc/html/man3/SSL_CTX_ctrl.html doc/html/man3/SSL_CTX_dane_enable.html doc/html/man3/SSL_CTX_flush_sessions.html doc/html/man3/SSL_CTX_free.html doc/html/man3/SSL_CTX_get0_param.html doc/html/man3/SSL_CTX_get_verify_mode.html doc/html/man3/SSL_CTX_has_client_custom_ext.html doc/html/man3/SSL_CTX_load_verify_locations.html doc/html/man3/SSL_CTX_new.html doc/html/man3/SSL_CTX_sess_number.html doc/html/man3/SSL_CTX_sess_set_cache_size.html doc/html/man3/SSL_CTX_sess_set_get_cb.html doc/html/man3/SSL_CTX_sessions.html doc/html/man3/SSL_CTX_set0_CA_list.html doc/html/man3/SSL_CTX_set1_curves.html doc/html/man3/SSL_CTX_set1_sigalgs.html doc/html/man3/SSL_CTX_set1_verify_cert_store.html doc/html/man3/SSL_CTX_set_alpn_select_cb.html doc/html/man3/SSL_CTX_set_cert_cb.html doc/html/man3/SSL_CTX_set_cert_store.html doc/html/man3/SSL_CTX_set_cert_verify_callback.html doc/html/man3/SSL_CTX_set_cipher_list.html doc/html/man3/SSL_CTX_set_client_cert_cb.html doc/html/man3/SSL_CTX_set_client_hello_cb.html doc/html/man3/SSL_CTX_set_ct_validation_callback.html doc/html/man3/SSL_CTX_set_ctlog_list_file.html doc/html/man3/SSL_CTX_set_default_passwd_cb.html doc/html/man3/SSL_CTX_set_generate_session_id.html doc/html/man3/SSL_CTX_set_info_callback.html doc/html/man3/SSL_CTX_set_keylog_callback.html doc/html/man3/SSL_CTX_set_max_cert_list.html doc/html/man3/SSL_CTX_set_min_proto_version.html doc/html/man3/SSL_CTX_set_mode.html doc/html/man3/SSL_CTX_set_msg_callback.html doc/html/man3/SSL_CTX_set_num_tickets.html doc/html/man3/SSL_CTX_set_options.html doc/html/man3/SSL_CTX_set_psk_client_callback.html doc/html/man3/SSL_CTX_set_quiet_shutdown.html doc/html/man3/SSL_CTX_set_read_ahead.html doc/html/man3/SSL_CTX_set_record_padding_callback.html doc/html/man3/SSL_CTX_set_security_level.html doc/html/man3/SSL_CTX_set_session_cache_mode.html doc/html/man3/SSL_CTX_set_session_id_context.html doc/html/man3/SSL_CTX_set_session_ticket_cb.html doc/html/man3/SSL_CTX_set_split_send_fragment.html doc/html/man3/SSL_CTX_set_srp_password.html doc/html/man3/SSL_CTX_set_ssl_version.html doc/html/man3/SSL_CTX_set_stateless_cookie_generate_cb.html doc/html/man3/SSL_CTX_set_timeout.html doc/html/man3/SSL_CTX_set_tlsext_servername_callback.html doc/html/man3/SSL_CTX_set_tlsext_status_cb.html doc/html/man3/SSL_CTX_set_tlsext_ticket_key_cb.html doc/html/man3/SSL_CTX_set_tlsext_use_srtp.html doc/html/man3/SSL_CTX_set_tmp_dh_callback.html doc/html/man3/SSL_CTX_set_tmp_ecdh.html doc/html/man3/SSL_CTX_set_verify.html doc/html/man3/SSL_CTX_use_certificate.html doc/html/man3/SSL_CTX_use_psk_identity_hint.html doc/html/man3/SSL_CTX_use_serverinfo.html doc/html/man3/SSL_SESSION_free.html doc/html/man3/SSL_SESSION_get0_cipher.html doc/html/man3/SSL_SESSION_get0_hostname.html doc/html/man3/SSL_SESSION_get0_id_context.html doc/html/man3/SSL_SESSION_get0_peer.html doc/html/man3/SSL_SESSION_get_compress_id.html doc/html/man3/SSL_SESSION_get_protocol_version.html doc/html/man3/SSL_SESSION_get_time.html doc/html/man3/SSL_SESSION_has_ticket.html doc/html/man3/SSL_SESSION_is_resumable.html doc/html/man3/SSL_SESSION_print.html doc/html/man3/SSL_SESSION_set1_id.html doc/html/man3/SSL_accept.html doc/html/man3/SSL_alert_type_string.html doc/html/man3/SSL_alloc_buffers.html doc/html/man3/SSL_check_chain.html doc/html/man3/SSL_clear.html doc/html/man3/SSL_connect.html doc/html/man3/SSL_do_handshake.html doc/html/man3/SSL_export_keying_material.html doc/html/man3/SSL_extension_supported.html doc/html/man3/SSL_free.html doc/html/man3/SSL_get0_peer_scts.html doc/html/man3/SSL_get_SSL_CTX.html doc/html/man3/SSL_get_all_async_fds.html doc/html/man3/SSL_get_ciphers.html doc/html/man3/SSL_get_client_random.html doc/html/man3/SSL_get_current_cipher.html doc/html/man3/SSL_get_default_timeout.html doc/html/man3/SSL_get_error.html doc/html/man3/SSL_get_extms_support.html doc/html/man3/SSL_get_fd.html doc/html/man3/SSL_get_peer_cert_chain.html doc/html/man3/SSL_get_peer_certificate.html doc/html/man3/SSL_get_peer_signature_nid.html doc/html/man3/SSL_get_peer_tmp_key.html doc/html/man3/SSL_get_psk_identity.html doc/html/man3/SSL_get_rbio.html doc/html/man3/SSL_get_session.html doc/html/man3/SSL_get_shared_sigalgs.html doc/html/man3/SSL_get_verify_result.html doc/html/man3/SSL_get_version.html doc/html/man3/SSL_in_init.html doc/html/man3/SSL_key_update.html doc/html/man3/SSL_library_init.html doc/html/man3/SSL_load_client_CA_file.html doc/html/man3/SSL_new.html doc/html/man3/SSL_pending.html doc/html/man3/SSL_read.html doc/html/man3/SSL_read_early_data.html doc/html/man3/SSL_rstate_string.html doc/html/man3/SSL_session_reused.html doc/html/man3/SSL_set1_host.html doc/html/man3/SSL_set_async_callback.html doc/html/man3/SSL_set_bio.html doc/html/man3/SSL_set_connect_state.html doc/html/man3/SSL_set_fd.html doc/html/man3/SSL_set_session.html doc/html/man3/SSL_set_shutdown.html doc/html/man3/SSL_set_verify_result.html doc/html/man3/SSL_shutdown.html doc/html/man3/SSL_state_string.html doc/html/man3/SSL_want.html doc/html/man3/SSL_write.html doc/html/man3/TS_VERIFY_CTX_set_certs.html doc/html/man3/UI_STRING.html doc/html/man3/UI_UTIL_read_pw.html doc/html/man3/UI_create_method.html doc/html/man3/UI_new.html doc/html/man3/X509V3_get_d2i.html doc/html/man3/X509_ALGOR_dup.html doc/html/man3/X509_CRL_get0_by_serial.html doc/html/man3/X509_EXTENSION_set_object.html doc/html/man3/X509_LOOKUP.html doc/html/man3/X509_LOOKUP_hash_dir.html doc/html/man3/X509_LOOKUP_meth_new.html doc/html/man3/X509_NAME_ENTRY_get_object.html doc/html/man3/X509_NAME_add_entry_by_txt.html doc/html/man3/X509_NAME_get0_der.html doc/html/man3/X509_NAME_get_index_by_NID.html doc/html/man3/X509_NAME_print_ex.html doc/html/man3/X509_PUBKEY_new.html doc/html/man3/X509_SIG_get0.html doc/html/man3/X509_STORE_CTX_get_error.html doc/html/man3/X509_STORE_CTX_new.html doc/html/man3/X509_STORE_CTX_set_verify_cb.html doc/html/man3/X509_STORE_add_cert.html doc/html/man3/X509_STORE_get0_param.html doc/html/man3/X509_STORE_new.html doc/html/man3/X509_STORE_set_verify_cb_func.html doc/html/man3/X509_VERIFY_PARAM_set_flags.html doc/html/man3/X509_add_cert.html doc/html/man3/X509_check_ca.html doc/html/man3/X509_check_host.html doc/html/man3/X509_check_issued.html doc/html/man3/X509_check_private_key.html doc/html/man3/X509_check_purpose.html doc/html/man3/X509_cmp.html doc/html/man3/X509_cmp_time.html doc/html/man3/X509_digest.html doc/html/man3/X509_dup.html doc/html/man3/X509_get0_distinguishing_id.html doc/html/man3/X509_get0_notBefore.html doc/html/man3/X509_get0_signature.html doc/html/man3/X509_get0_uids.html doc/html/man3/X509_get_extension_flags.html doc/html/man3/X509_get_pubkey.html doc/html/man3/X509_get_serialNumber.html doc/html/man3/X509_get_subject_name.html doc/html/man3/X509_get_version.html doc/html/man3/X509_load_http.html doc/html/man3/X509_new.html doc/html/man3/X509_sign.html doc/html/man3/X509_verify.html doc/html/man3/X509_verify_cert.html doc/html/man3/X509v3_get_ext_by_NID.html doc/html/man3/d2i_DHparams.html doc/html/man3/d2i_PKCS8PrivateKey_bio.html doc/html/man3/d2i_PrivateKey.html doc/html/man3/d2i_SSL_SESSION.html doc/html/man3/d2i_X509.html doc/html/man3/i2d_CMS_bio_stream.html doc/html/man3/i2d_PKCS7_bio_stream.html doc/html/man3/i2d_re_X509_tbs.html doc/html/man3/o2i_SCT_LIST.html doc/html/man3/s2i_ASN1_IA5STRING.html doc/html/man5/config.html doc/html/man5/fips_config.html doc/html/man5/x509v3_config.html doc/html/man7/EVP_KDF-HKDF.html doc/html/man7/EVP_KDF-KB.html doc/html/man7/EVP_KDF-KRB5KDF.html doc/html/man7/EVP_KDF-PBKDF2.html doc/html/man7/EVP_KDF-PKCS12KDF.html doc/html/man7/EVP_KDF-SCRYPT.html doc/html/man7/EVP_KDF-SS.html doc/html/man7/EVP_KDF-SSHKDF.html doc/html/man7/EVP_KDF-TLS1_PRF.html doc/html/man7/EVP_KDF-X942.html doc/html/man7/EVP_KDF-X963.html doc/html/man7/EVP_KEYEXCH-DH.html doc/html/man7/EVP_KEYEXCH-ECDH.html doc/html/man7/EVP_KEYEXCH-X25519.html doc/html/man7/EVP_MAC-BLAKE2.html doc/html/man7/EVP_MAC-CMAC.html doc/html/man7/EVP_MAC-GMAC.html doc/html/man7/EVP_MAC-HMAC.html doc/html/man7/EVP_MAC-KMAC.html doc/html/man7/EVP_MAC-Poly1305.html doc/html/man7/EVP_MAC-Siphash.html doc/html/man7/EVP_MD-BLAKE2.html doc/html/man7/EVP_MD-MD2.html doc/html/man7/EVP_MD-MD4.html doc/html/man7/EVP_MD-MD5-SHA1.html doc/html/man7/EVP_MD-MD5.html doc/html/man7/EVP_MD-MDC2.html doc/html/man7/EVP_MD-RIPEMD160.html doc/html/man7/EVP_MD-SHA1.html doc/html/man7/EVP_MD-SHA2.html doc/html/man7/EVP_MD-SHA3.html doc/html/man7/EVP_MD-SHAKE.html doc/html/man7/EVP_MD-SM3.html doc/html/man7/EVP_MD-WHIRLPOOL.html doc/html/man7/EVP_MD-common.html doc/html/man7/EVP_PKEY-DH.html doc/html/man7/EVP_PKEY-DSA.html doc/html/man7/EVP_PKEY-EC.html doc/html/man7/EVP_PKEY-FFC.html doc/html/man7/EVP_PKEY-RSA.html doc/html/man7/EVP_PKEY-X25519.html doc/html/man7/EVP_RAND-CTR-DRBG.html doc/html/man7/EVP_RAND-HASH-DRBG.html doc/html/man7/EVP_RAND-HMAC-DRBG.html doc/html/man7/EVP_RAND-TEST-RAND.html doc/html/man7/EVP_RAND.html doc/html/man7/EVP_SIGNATURE-DSA.html doc/html/man7/EVP_SIGNATURE-ECDSA.html doc/html/man7/EVP_SIGNATURE-ED25519.html doc/html/man7/EVP_SIGNATURE-RSA.html doc/html/man7/OSSL_PROVIDER-FIPS.html doc/html/man7/OSSL_PROVIDER-base.html doc/html/man7/OSSL_PROVIDER-default.html doc/html/man7/OSSL_PROVIDER-legacy.html doc/html/man7/OSSL_PROVIDER-null.html doc/html/man7/RAND.html doc/html/man7/RSA-PSS.html doc/html/man7/SM2.html doc/html/man7/X25519.html doc/html/man7/bio.html doc/html/man7/crypto.html doc/html/man7/ct.html doc/html/man7/des_modes.html doc/html/man7/evp.html doc/html/man7/openssl-core.h.html doc/html/man7/openssl-core_dispatch.h.html doc/html/man7/openssl-core_names.h.html doc/html/man7/openssl-env.html doc/html/man7/openssl_user_macros.html doc/html/man7/ossl_store-file.html doc/html/man7/ossl_store.html doc/html/man7/passphrase-encoding.html doc/html/man7/property.html doc/html/man7/provider-asym_cipher.html doc/html/man7/provider-base.html doc/html/man7/provider-cipher.html doc/html/man7/provider-digest.html doc/html/man7/provider-keyexch.html doc/html/man7/provider-keymgmt.html doc/html/man7/provider-mac.html doc/html/man7/provider-rand.html doc/html/man7/provider-serializer.html doc/html/man7/provider-signature.html doc/html/man7/provider.html doc/html/man7/proxy-certificates.html doc/html/man7/ssl.html doc/html/man7/x509.html
rm -f doc/man/man1/CA.pl.1 doc/man/man1/openssl-asn1parse.1 doc/man/man1/openssl-ca.1 doc/man/man1/openssl-ciphers.1 doc/man/man1/openssl-cmds.1 doc/man/man1/openssl-cmp.1 doc/man/man1/openssl-cms.1 doc/man/man1/openssl-crl.1 doc/man/man1/openssl-crl2pkcs7.1 doc/man/man1/openssl-dgst.1 doc/man/man1/openssl-dhparam.1 doc/man/man1/openssl-dsa.1 doc/man/man1/openssl-dsaparam.1 doc/man/man1/openssl-ec.1 doc/man/man1/openssl-ecparam.1 doc/man/man1/openssl-enc.1 doc/man/man1/openssl-engine.1 doc/man/man1/openssl-errstr.1 doc/man/man1/openssl-fipsinstall.1 doc/man/man1/openssl-gendsa.1 doc/man/man1/openssl-genpkey.1 doc/man/man1/openssl-genrsa.1 doc/man/man1/openssl-info.1 doc/man/man1/openssl-kdf.1 doc/man/man1/openssl-list.1 doc/man/man1/openssl-mac.1 doc/man/man1/openssl-nseq.1 doc/man/man1/openssl-ocsp.1 doc/man/man1/openssl-passwd.1 doc/man/man1/openssl-pkcs12.1 doc/man/man1/openssl-pkcs7.1 doc/man/man1/openssl-pkcs8.1 doc/man/man1/openssl-pkey.1 doc/man/man1/openssl-pkeyparam.1 doc/man/man1/openssl-pkeyutl.1 doc/man/man1/openssl-prime.1 doc/man/man1/openssl-provider.1 doc/man/man1/openssl-rand.1 doc/man/man1/openssl-rehash.1 doc/man/man1/openssl-req.1 doc/man/man1/openssl-rsa.1 doc/man/man1/openssl-rsautl.1 doc/man/man1/openssl-s_client.1 doc/man/man1/openssl-s_server.1 doc/man/man1/openssl-s_time.1 doc/man/man1/openssl-sess_id.1 doc/man/man1/openssl-smime.1 doc/man/man1/openssl-speed.1 doc/man/man1/openssl-spkac.1 doc/man/man1/openssl-srp.1 doc/man/man1/openssl-storeutl.1 doc/man/man1/openssl-ts.1 doc/man/man1/openssl-verify.1 doc/man/man1/openssl-version.1 doc/man/man1/openssl-x509.1 doc/man/man1/openssl.1 doc/man/man1/tsget.1 doc/man/man3/ADMISSIONS.3 doc/man/man3/ASN1_INTEGER_get_int64.3 doc/man/man3/ASN1_INTEGER_new.3 doc/man/man3/ASN1_ITEM_lookup.3 doc/man/man3/ASN1_OBJECT_new.3 doc/man/man3/ASN1_STRING_TABLE_add.3 doc/man/man3/ASN1_STRING_length.3 doc/man/man3/ASN1_STRING_new.3 doc/man/man3/ASN1_STRING_print_ex.3 doc/man/man3/ASN1_TIME_set.3 doc/man/man3/ASN1_TYPE_get.3 doc/man/man3/ASN1_generate_nconf.3 doc/man/man3/ASYNC_WAIT_CTX_new.3 doc/man/man3/ASYNC_start_job.3 doc/man/man3/BF_encrypt.3 doc/man/man3/BIO_ADDR.3 doc/man/man3/BIO_ADDRINFO.3 doc/man/man3/BIO_connect.3 doc/man/man3/BIO_ctrl.3 doc/man/man3/BIO_f_base64.3 doc/man/man3/BIO_f_buffer.3 doc/man/man3/BIO_f_cipher.3 doc/man/man3/BIO_f_md.3 doc/man/man3/BIO_f_null.3 doc/man/man3/BIO_f_prefix.3 doc/man/man3/BIO_f_ssl.3 doc/man/man3/BIO_find_type.3 doc/man/man3/BIO_get_data.3 doc/man/man3/BIO_get_ex_new_index.3 doc/man/man3/BIO_meth_new.3 doc/man/man3/BIO_new.3 doc/man/man3/BIO_new_CMS.3 doc/man/man3/BIO_parse_hostserv.3 doc/man/man3/BIO_printf.3 doc/man/man3/BIO_push.3 doc/man/man3/BIO_read.3 doc/man/man3/BIO_s_accept.3 doc/man/man3/BIO_s_bio.3 doc/man/man3/BIO_s_connect.3 doc/man/man3/BIO_s_fd.3 doc/man/man3/BIO_s_file.3 doc/man/man3/BIO_s_mem.3 doc/man/man3/BIO_s_null.3 doc/man/man3/BIO_s_socket.3 doc/man/man3/BIO_set_callback.3 doc/man/man3/BIO_should_retry.3 doc/man/man3/BIO_socket_wait.3 doc/man/man3/BN_BLINDING_new.3 doc/man/man3/BN_CTX_new.3 doc/man/man3/BN_CTX_start.3 doc/man/man3/BN_add.3 doc/man/man3/BN_add_word.3 doc/man/man3/BN_bn2bin.3 doc/man/man3/BN_cmp.3 doc/man/man3/BN_copy.3 doc/man/man3/BN_generate_prime.3 doc/man/man3/BN_mod_inverse.3 doc/man/man3/BN_mod_mul_montgomery.3 doc/man/man3/BN_mod_mul_reciprocal.3 doc/man/man3/BN_new.3 doc/man/man3/BN_num_bytes.3 doc/man/man3/BN_rand.3 doc/man/man3/BN_security_bits.3 doc/man/man3/BN_set_bit.3 doc/man/man3/BN_swap.3 doc/man/man3/BN_zero.3 doc/man/man3/BUF_MEM_new.3 doc/man/man3/CMS_EncryptedData_decrypt.3 doc/man/man3/CMS_EncryptedData_encrypt.3 doc/man/man3/CMS_EnvelopedData_create.3 doc/man/man3/CMS_add0_cert.3 doc/man/man3/CMS_add1_recipient_cert.3 doc/man/man3/CMS_add1_signer.3 doc/man/man3/CMS_compress.3 doc/man/man3/CMS_data_create.3 doc/man/man3/CMS_decrypt.3 doc/man/man3/CMS_digest_create.3 doc/man/man3/CMS_encrypt.3 doc/man/man3/CMS_final.3 doc/man/man3/CMS_get0_RecipientInfos.3 doc/man/man3/CMS_get0_SignerInfos.3 doc/man/man3/CMS_get0_type.3 doc/man/man3/CMS_get1_ReceiptRequest.3 doc/man/man3/CMS_sign.3 doc/man/man3/CMS_sign_receipt.3 doc/man/man3/CMS_uncompress.3 doc/man/man3/CMS_verify.3 doc/man/man3/CMS_verify_receipt.3 doc/man/man3/CONF_modules_free.3 doc/man/man3/CONF_modules_load_file.3 doc/man/man3/CRYPTO_THREAD_run_once.3 doc/man/man3/CRYPTO_get_ex_new_index.3 doc/man/man3/CRYPTO_memcmp.3 doc/man/man3/CTLOG_STORE_get0_log_by_id.3 doc/man/man3/CTLOG_STORE_new.3 doc/man/man3/CTLOG_new.3 doc/man/man3/CT_POLICY_EVAL_CTX_new.3 doc/man/man3/DEFINE_STACK_OF.3 doc/man/man3/DES_random_key.3 doc/man/man3/DH_generate_key.3 doc/man/man3/DH_generate_parameters.3 doc/man/man3/DH_get0_pqg.3 doc/man/man3/DH_get_1024_160.3 doc/man/man3/DH_meth_new.3 doc/man/man3/DH_new.3 doc/man/man3/DH_new_by_nid.3 doc/man/man3/DH_set_method.3 doc/man/man3/DH_size.3 doc/man/man3/DSA_SIG_new.3 doc/man/man3/DSA_do_sign.3 doc/man/man3/DSA_dup_DH.3 doc/man/man3/DSA_generate_key.3 doc/man/man3/DSA_generate_parameters.3 doc/man/man3/DSA_get0_pqg.3 doc/man/man3/DSA_meth_new.3 doc/man/man3/DSA_new.3 doc/man/man3/DSA_set_method.3 doc/man/man3/DSA_sign.3 doc/man/man3/DSA_size.3 doc/man/man3/DTLS_get_data_mtu.3 doc/man/man3/DTLS_set_timer_cb.3 doc/man/man3/DTLSv1_listen.3 doc/man/man3/ECDSA_SIG_new.3 doc/man/man3/ECPKParameters_print.3 doc/man/man3/EC_GFp_simple_method.3 doc/man/man3/EC_GROUP_copy.3 doc/man/man3/EC_GROUP_new.3 doc/man/man3/EC_KEY_get_enc_flags.3 doc/man/man3/EC_KEY_new.3 doc/man/man3/EC_POINT_add.3 doc/man/man3/EC_POINT_new.3 doc/man/man3/ENGINE_add.3 doc/man/man3/ERR_GET_LIB.3 doc/man/man3/ERR_clear_error.3 doc/man/man3/ERR_error_string.3 doc/man/man3/ERR_get_error.3 doc/man/man3/ERR_load_crypto_strings.3 doc/man/man3/ERR_load_strings.3 doc/man/man3/ERR_new.3 doc/man/man3/ERR_print_errors.3 doc/man/man3/ERR_put_error.3 doc/man/man3/ERR_remove_state.3 doc/man/man3/ERR_set_mark.3 doc/man/man3/EVP_ASYM_CIPHER_free.3 doc/man/man3/EVP_BytesToKey.3 doc/man/man3/EVP_CIPHER_CTX_get_cipher_data.3 doc/man/man3/EVP_CIPHER_CTX_get_iv.3 doc/man/man3/EVP_CIPHER_meth_new.3 doc/man/man3/EVP_DigestInit.3 doc/man/man3/EVP_DigestSignInit.3 doc/man/man3/EVP_DigestVerifyInit.3 doc/man/man3/EVP_EncodeInit.3 doc/man/man3/EVP_EncryptInit.3 doc/man/man3/EVP_KDF.3 doc/man/man3/EVP_KEYEXCH_free.3 doc/man/man3/EVP_KEYMGMT.3 doc/man/man3/EVP_MAC.3 doc/man/man3/EVP_MD_meth_new.3 doc/man/man3/EVP_OpenInit.3 doc/man/man3/EVP_PKEY_ASN1_METHOD.3 doc/man/man3/EVP_PKEY_CTX_ctrl.3 doc/man/man3/EVP_PKEY_CTX_new.3 doc/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3 doc/man/man3/EVP_PKEY_CTX_set_hkdf_md.3 doc/man/man3/EVP_PKEY_CTX_set_params.3 doc/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3 doc/man/man3/EVP_PKEY_CTX_set_scrypt_N.3 doc/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3 doc/man/man3/EVP_PKEY_asn1_get_count.3 doc/man/man3/EVP_PKEY_check.3 doc/man/man3/EVP_PKEY_copy_parameters.3 doc/man/man3/EVP_PKEY_decrypt.3 doc/man/man3/EVP_PKEY_derive.3 doc/man/man3/EVP_PKEY_encrypt.3 doc/man/man3/EVP_PKEY_fromdata.3 doc/man/man3/EVP_PKEY_gen.3 doc/man/man3/EVP_PKEY_get_default_digest_nid.3 doc/man/man3/EVP_PKEY_gettable_params.3 doc/man/man3/EVP_PKEY_is_a.3 doc/man/man3/EVP_PKEY_meth_get_count.3 doc/man/man3/EVP_PKEY_meth_new.3 doc/man/man3/EVP_PKEY_new.3 doc/man/man3/EVP_PKEY_print_private.3 doc/man/man3/EVP_PKEY_set1_RSA.3 doc/man/man3/EVP_PKEY_set_type.3 doc/man/man3/EVP_PKEY_sign.3 doc/man/man3/EVP_PKEY_size.3 doc/man/man3/EVP_PKEY_supports_digest_nid.3 doc/man/man3/EVP_PKEY_verify.3 doc/man/man3/EVP_PKEY_verify_recover.3 doc/man/man3/EVP_RAND.3 doc/man/man3/EVP_SIGNATURE_free.3 doc/man/man3/EVP_SealInit.3 doc/man/man3/EVP_SignInit.3 doc/man/man3/EVP_VerifyInit.3 doc/man/man3/EVP_aes_128_gcm.3 doc/man/man3/EVP_aria_128_gcm.3 doc/man/man3/EVP_bf_cbc.3 doc/man/man3/EVP_blake2b512.3 doc/man/man3/EVP_camellia_128_ecb.3 doc/man/man3/EVP_cast5_cbc.3 doc/man/man3/EVP_chacha20.3 doc/man/man3/EVP_des_cbc.3 doc/man/man3/EVP_desx_cbc.3 doc/man/man3/EVP_idea_cbc.3 doc/man/man3/EVP_md2.3 doc/man/man3/EVP_md4.3 doc/man/man3/EVP_md5.3 doc/man/man3/EVP_mdc2.3 doc/man/man3/EVP_rc2_cbc.3 doc/man/man3/EVP_rc4.3 doc/man/man3/EVP_rc5_32_12_16_cbc.3 doc/man/man3/EVP_ripemd160.3 doc/man/man3/EVP_seed_cbc.3 doc/man/man3/EVP_set_default_properties.3 doc/man/man3/EVP_sha1.3 doc/man/man3/EVP_sha224.3 doc/man/man3/EVP_sha3_224.3 doc/man/man3/EVP_sm3.3 doc/man/man3/EVP_sm4_cbc.3 doc/man/man3/EVP_whirlpool.3 doc/man/man3/HMAC.3 doc/man/man3/MD5.3 doc/man/man3/MDC2_Init.3 doc/man/man3/NCONF_new_with_libctx.3 doc/man/man3/OBJ_nid2obj.3 doc/man/man3/OCSP_REQUEST_new.3 doc/man/man3/OCSP_cert_to_id.3 doc/man/man3/OCSP_request_add1_nonce.3 doc/man/man3/OCSP_resp_find_status.3 doc/man/man3/OCSP_response_status.3 doc/man/man3/OCSP_sendreq_new.3 doc/man/man3/OPENSSL_Applink.3 doc/man/man3/OPENSSL_CTX.3 doc/man/man3/OPENSSL_FILE.3 doc/man/man3/OPENSSL_LH_COMPFUNC.3 doc/man/man3/OPENSSL_LH_stats.3 doc/man/man3/OPENSSL_config.3 doc/man/man3/OPENSSL_fork_prepare.3 doc/man/man3/OPENSSL_hexchar2int.3 doc/man/man3/OPENSSL_ia32cap.3 doc/man/man3/OPENSSL_init_crypto.3 doc/man/man3/OPENSSL_init_ssl.3 doc/man/man3/OPENSSL_instrument_bus.3 doc/man/man3/OPENSSL_load_builtin_modules.3 doc/man/man3/OPENSSL_malloc.3 doc/man/man3/OPENSSL_s390xcap.3 doc/man/man3/OPENSSL_secure_malloc.3 doc/man/man3/OSSL_CMP_CTX_new.3 doc/man/man3/OSSL_CMP_HDR_get0_transactionID.3 doc/man/man3/OSSL_CMP_ITAV_set0.3 doc/man/man3/OSSL_CMP_MSG_get0_header.3 doc/man/man3/OSSL_CMP_MSG_http_perform.3 doc/man/man3/OSSL_CMP_SRV_CTX_new.3 doc/man/man3/OSSL_CMP_STATUSINFO_new.3 doc/man/man3/OSSL_CMP_exec_certreq.3 doc/man/man3/OSSL_CMP_log_open.3 doc/man/man3/OSSL_CMP_validate_msg.3 doc/man/man3/OSSL_CRMF_MSG_get0_tmpl.3 doc/man/man3/OSSL_CRMF_MSG_set0_validity.3 doc/man/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.3 doc/man/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.3 doc/man/man3/OSSL_CRMF_pbmp_new.3 doc/man/man3/OSSL_DESERIALIZER.3 doc/man/man3/OSSL_DESERIALIZER_CTX.3 doc/man/man3/OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_DESERIALIZER_from_bio.3 doc/man/man3/OSSL_HTTP_transfer.3 doc/man/man3/OSSL_PARAM.3 doc/man/man3/OSSL_PARAM_BLD.3 doc/man/man3/OSSL_PARAM_allocate_from_text.3 doc/man/man3/OSSL_PARAM_int.3 doc/man/man3/OSSL_PROVIDER.3 doc/man/man3/OSSL_SELF_TEST_new.3 doc/man/man3/OSSL_SELF_TEST_set_callback.3 doc/man/man3/OSSL_SERIALIZER.3 doc/man/man3/OSSL_SERIALIZER_CTX.3 doc/man/man3/OSSL_SERIALIZER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_SERIALIZER_to_bio.3 doc/man/man3/OSSL_STORE_INFO.3 doc/man/man3/OSSL_STORE_LOADER.3 doc/man/man3/OSSL_STORE_SEARCH.3 doc/man/man3/OSSL_STORE_attach.3 doc/man/man3/OSSL_STORE_expect.3 doc/man/man3/OSSL_STORE_open.3 doc/man/man3/OSSL_trace_enabled.3 doc/man/man3/OSSL_trace_get_category_num.3 doc/man/man3/OSSL_trace_set_channel.3 doc/man/man3/OpenSSL_add_all_algorithms.3 doc/man/man3/OpenSSL_version.3 doc/man/man3/PEM_X509_INFO_read_bio_with_libctx.3 doc/man/man3/PEM_bytes_read_bio.3 doc/man/man3/PEM_read.3 doc/man/man3/PEM_read_CMS.3 doc/man/man3/PEM_read_bio_PrivateKey.3 doc/man/man3/PEM_read_bio_ex.3 doc/man/man3/PEM_write_bio_CMS_stream.3 doc/man/man3/PEM_write_bio_PKCS7_stream.3 doc/man/man3/PKCS12_SAFEBAG_create_cert.3 doc/man/man3/PKCS12_SAFEBAG_get0_attrs.3 doc/man/man3/PKCS12_SAFEBAG_get1_cert.3 doc/man/man3/PKCS12_add1_attr_by_NID.3 doc/man/man3/PKCS12_add_CSPName_asc.3 doc/man/man3/PKCS12_add_cert.3 doc/man/man3/PKCS12_add_friendlyname_asc.3 doc/man/man3/PKCS12_add_localkeyid.3 doc/man/man3/PKCS12_add_safe.3 doc/man/man3/PKCS12_create.3 doc/man/man3/PKCS12_get_friendlyname.3 doc/man/man3/PKCS12_newpass.3 doc/man/man3/PKCS12_parse.3 doc/man/man3/PKCS5_PBKDF2_HMAC.3 doc/man/man3/PKCS7_decrypt.3 doc/man/man3/PKCS7_encrypt.3 doc/man/man3/PKCS7_sign.3 doc/man/man3/PKCS7_sign_add_signer.3 doc/man/man3/PKCS7_verify.3 doc/man/man3/PKCS8_pkey_add1_attr.3 doc/man/man3/RAND_add.3 doc/man/man3/RAND_bytes.3 doc/man/man3/RAND_cleanup.3 doc/man/man3/RAND_egd.3 doc/man/man3/RAND_get0_primary.3 doc/man/man3/RAND_load_file.3 doc/man/man3/RAND_set_rand_method.3 doc/man/man3/RC4_set_key.3 doc/man/man3/RIPEMD160_Init.3 doc/man/man3/RSA_blinding_on.3 doc/man/man3/RSA_check_key.3 doc/man/man3/RSA_generate_key.3 doc/man/man3/RSA_get0_key.3 doc/man/man3/RSA_meth_new.3 doc/man/man3/RSA_new.3 doc/man/man3/RSA_padding_add_PKCS1_type_1.3 doc/man/man3/RSA_print.3 doc/man/man3/RSA_private_encrypt.3 doc/man/man3/RSA_public_encrypt.3 doc/man/man3/RSA_set_method.3 doc/man/man3/RSA_sign.3 doc/man/man3/RSA_sign_ASN1_OCTET_STRING.3 doc/man/man3/RSA_size.3 doc/man/man3/SCT_new.3 doc/man/man3/SCT_print.3 doc/man/man3/SCT_validate.3 doc/man/man3/SHA256_Init.3 doc/man/man3/SMIME_read_ASN1.3 doc/man/man3/SMIME_read_CMS.3 doc/man/man3/SMIME_read_PKCS7.3 doc/man/man3/SMIME_write_ASN1.3 doc/man/man3/SMIME_write_CMS.3 doc/man/man3/SMIME_write_PKCS7.3 doc/man/man3/SRP_Calc_B.3 doc/man/man3/SRP_VBASE_new.3 doc/man/man3/SRP_create_verifier.3 doc/man/man3/SRP_user_pwd_new.3 doc/man/man3/SSL_CIPHER_get_name.3 doc/man/man3/SSL_COMP_add_compression_method.3 doc/man/man3/SSL_CONF_CTX_new.3 doc/man/man3/SSL_CONF_CTX_set1_prefix.3 doc/man/man3/SSL_CONF_CTX_set_flags.3 doc/man/man3/SSL_CONF_CTX_set_ssl_ctx.3 doc/man/man3/SSL_CONF_cmd.3 doc/man/man3/SSL_CONF_cmd_argv.3 doc/man/man3/SSL_CTX_add1_chain_cert.3 doc/man/man3/SSL_CTX_add_extra_chain_cert.3 doc/man/man3/SSL_CTX_add_session.3 doc/man/man3/SSL_CTX_config.3 doc/man/man3/SSL_CTX_ctrl.3 doc/man/man3/SSL_CTX_dane_enable.3 doc/man/man3/SSL_CTX_flush_sessions.3 doc/man/man3/SSL_CTX_free.3 doc/man/man3/SSL_CTX_get0_param.3 doc/man/man3/SSL_CTX_get_verify_mode.3 doc/man/man3/SSL_CTX_has_client_custom_ext.3 doc/man/man3/SSL_CTX_load_verify_locations.3 doc/man/man3/SSL_CTX_new.3 doc/man/man3/SSL_CTX_sess_number.3 doc/man/man3/SSL_CTX_sess_set_cache_size.3 doc/man/man3/SSL_CTX_sess_set_get_cb.3 doc/man/man3/SSL_CTX_sessions.3 doc/man/man3/SSL_CTX_set0_CA_list.3 doc/man/man3/SSL_CTX_set1_curves.3 doc/man/man3/SSL_CTX_set1_sigalgs.3 doc/man/man3/SSL_CTX_set1_verify_cert_store.3 doc/man/man3/SSL_CTX_set_alpn_select_cb.3 doc/man/man3/SSL_CTX_set_cert_cb.3 doc/man/man3/SSL_CTX_set_cert_store.3 doc/man/man3/SSL_CTX_set_cert_verify_callback.3 doc/man/man3/SSL_CTX_set_cipher_list.3 doc/man/man3/SSL_CTX_set_client_cert_cb.3 doc/man/man3/SSL_CTX_set_client_hello_cb.3 doc/man/man3/SSL_CTX_set_ct_validation_callback.3 doc/man/man3/SSL_CTX_set_ctlog_list_file.3 doc/man/man3/SSL_CTX_set_default_passwd_cb.3 doc/man/man3/SSL_CTX_set_generate_session_id.3 doc/man/man3/SSL_CTX_set_info_callback.3 doc/man/man3/SSL_CTX_set_keylog_callback.3 doc/man/man3/SSL_CTX_set_max_cert_list.3 doc/man/man3/SSL_CTX_set_min_proto_version.3 doc/man/man3/SSL_CTX_set_mode.3 doc/man/man3/SSL_CTX_set_msg_callback.3 doc/man/man3/SSL_CTX_set_num_tickets.3 doc/man/man3/SSL_CTX_set_options.3 doc/man/man3/SSL_CTX_set_psk_client_callback.3 doc/man/man3/SSL_CTX_set_quiet_shutdown.3 doc/man/man3/SSL_CTX_set_read_ahead.3 doc/man/man3/SSL_CTX_set_record_padding_callback.3 doc/man/man3/SSL_CTX_set_security_level.3 doc/man/man3/SSL_CTX_set_session_cache_mode.3 doc/man/man3/SSL_CTX_set_session_id_context.3 doc/man/man3/SSL_CTX_set_session_ticket_cb.3 doc/man/man3/SSL_CTX_set_split_send_fragment.3 doc/man/man3/SSL_CTX_set_srp_password.3 doc/man/man3/SSL_CTX_set_ssl_version.3 doc/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3 doc/man/man3/SSL_CTX_set_timeout.3 doc/man/man3/SSL_CTX_set_tlsext_servername_callback.3 doc/man/man3/SSL_CTX_set_tlsext_status_cb.3 doc/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3 doc/man/man3/SSL_CTX_set_tlsext_use_srtp.3 doc/man/man3/SSL_CTX_set_tmp_dh_callback.3 doc/man/man3/SSL_CTX_set_tmp_ecdh.3 doc/man/man3/SSL_CTX_set_verify.3 doc/man/man3/SSL_CTX_use_certificate.3 doc/man/man3/SSL_CTX_use_psk_identity_hint.3 doc/man/man3/SSL_CTX_use_serverinfo.3 doc/man/man3/SSL_SESSION_free.3 doc/man/man3/SSL_SESSION_get0_cipher.3 doc/man/man3/SSL_SESSION_get0_hostname.3 doc/man/man3/SSL_SESSION_get0_id_context.3 doc/man/man3/SSL_SESSION_get0_peer.3 doc/man/man3/SSL_SESSION_get_compress_id.3 doc/man/man3/SSL_SESSION_get_protocol_version.3 doc/man/man3/SSL_SESSION_get_time.3 doc/man/man3/SSL_SESSION_has_ticket.3 doc/man/man3/SSL_SESSION_is_resumable.3 doc/man/man3/SSL_SESSION_print.3 doc/man/man3/SSL_SESSION_set1_id.3 doc/man/man3/SSL_accept.3 doc/man/man3/SSL_alert_type_string.3 doc/man/man3/SSL_alloc_buffers.3 doc/man/man3/SSL_check_chain.3 doc/man/man3/SSL_clear.3 doc/man/man3/SSL_connect.3 doc/man/man3/SSL_do_handshake.3 doc/man/man3/SSL_export_keying_material.3 doc/man/man3/SSL_extension_supported.3 doc/man/man3/SSL_free.3 doc/man/man3/SSL_get0_peer_scts.3 doc/man/man3/SSL_get_SSL_CTX.3 doc/man/man3/SSL_get_all_async_fds.3 doc/man/man3/SSL_get_ciphers.3 doc/man/man3/SSL_get_client_random.3 doc/man/man3/SSL_get_current_cipher.3 doc/man/man3/SSL_get_default_timeout.3 doc/man/man3/SSL_get_error.3 doc/man/man3/SSL_get_extms_support.3 doc/man/man3/SSL_get_fd.3 doc/man/man3/SSL_get_peer_cert_chain.3 doc/man/man3/SSL_get_peer_certificate.3 doc/man/man3/SSL_get_peer_signature_nid.3 doc/man/man3/SSL_get_peer_tmp_key.3 doc/man/man3/SSL_get_psk_identity.3 doc/man/man3/SSL_get_rbio.3 doc/man/man3/SSL_get_session.3 doc/man/man3/SSL_get_shared_sigalgs.3 doc/man/man3/SSL_get_verify_result.3 doc/man/man3/SSL_get_version.3 doc/man/man3/SSL_in_init.3 doc/man/man3/SSL_key_update.3 doc/man/man3/SSL_library_init.3 doc/man/man3/SSL_load_client_CA_file.3 doc/man/man3/SSL_new.3 doc/man/man3/SSL_pending.3 doc/man/man3/SSL_read.3 doc/man/man3/SSL_read_early_data.3 doc/man/man3/SSL_rstate_string.3 doc/man/man3/SSL_session_reused.3 doc/man/man3/SSL_set1_host.3 doc/man/man3/SSL_set_async_callback.3 doc/man/man3/SSL_set_bio.3 doc/man/man3/SSL_set_connect_state.3 doc/man/man3/SSL_set_fd.3 doc/man/man3/SSL_set_session.3 doc/man/man3/SSL_set_shutdown.3 doc/man/man3/SSL_set_verify_result.3 doc/man/man3/SSL_shutdown.3 doc/man/man3/SSL_state_string.3 doc/man/man3/SSL_want.3 doc/man/man3/SSL_write.3 doc/man/man3/TS_VERIFY_CTX_set_certs.3 doc/man/man3/UI_STRING.3 doc/man/man3/UI_UTIL_read_pw.3 doc/man/man3/UI_create_method.3 doc/man/man3/UI_new.3 doc/man/man3/X509V3_get_d2i.3 doc/man/man3/X509_ALGOR_dup.3 doc/man/man3/X509_CRL_get0_by_serial.3 doc/man/man3/X509_EXTENSION_set_object.3 doc/man/man3/X509_LOOKUP.3 doc/man/man3/X509_LOOKUP_hash_dir.3 doc/man/man3/X509_LOOKUP_meth_new.3 doc/man/man3/X509_NAME_ENTRY_get_object.3 doc/man/man3/X509_NAME_add_entry_by_txt.3 doc/man/man3/X509_NAME_get0_der.3 doc/man/man3/X509_NAME_get_index_by_NID.3 doc/man/man3/X509_NAME_print_ex.3 doc/man/man3/X509_PUBKEY_new.3 doc/man/man3/X509_SIG_get0.3 doc/man/man3/X509_STORE_CTX_get_error.3 doc/man/man3/X509_STORE_CTX_new.3 doc/man/man3/X509_STORE_CTX_set_verify_cb.3 doc/man/man3/X509_STORE_add_cert.3 doc/man/man3/X509_STORE_get0_param.3 doc/man/man3/X509_STORE_new.3 doc/man/man3/X509_STORE_set_verify_cb_func.3 doc/man/man3/X509_VERIFY_PARAM_set_flags.3 doc/man/man3/X509_add_cert.3 doc/man/man3/X509_check_ca.3 doc/man/man3/X509_check_host.3 doc/man/man3/X509_check_issued.3 doc/man/man3/X509_check_private_key.3 doc/man/man3/X509_check_purpose.3 doc/man/man3/X509_cmp.3 doc/man/man3/X509_cmp_time.3 doc/man/man3/X509_digest.3 doc/man/man3/X509_dup.3 doc/man/man3/X509_get0_distinguishing_id.3 doc/man/man3/X509_get0_notBefore.3 doc/man/man3/X509_get0_signature.3 doc/man/man3/X509_get0_uids.3 doc/man/man3/X509_get_extension_flags.3 doc/man/man3/X509_get_pubkey.3 doc/man/man3/X509_get_serialNumber.3 doc/man/man3/X509_get_subject_name.3 doc/man/man3/X509_get_version.3 doc/man/man3/X509_load_http.3 doc/man/man3/X509_new.3 doc/man/man3/X509_sign.3 doc/man/man3/X509_verify.3 doc/man/man3/X509_verify_cert.3 doc/man/man3/X509v3_get_ext_by_NID.3 doc/man/man3/d2i_DHparams.3 doc/man/man3/d2i_PKCS8PrivateKey_bio.3 doc/man/man3/d2i_PrivateKey.3 doc/man/man3/d2i_SSL_SESSION.3 doc/man/man3/d2i_X509.3 doc/man/man3/i2d_CMS_bio_stream.3 doc/man/man3/i2d_PKCS7_bio_stream.3 doc/man/man3/i2d_re_X509_tbs.3 doc/man/man3/o2i_SCT_LIST.3 doc/man/man3/s2i_ASN1_IA5STRING.3 doc/man/man5/config.5 doc/man/man5/fips_config.5 doc/man/man5/x509v3_config.5 doc/man/man7/EVP_KDF-HKDF.7 doc/man/man7/EVP_KDF-KB.7 doc/man/man7/EVP_KDF-KRB5KDF.7 doc/man/man7/EVP_KDF-PBKDF2.7 doc/man/man7/EVP_KDF-PKCS12KDF.7 doc/man/man7/EVP_KDF-SCRYPT.7 doc/man/man7/EVP_KDF-SS.7 doc/man/man7/EVP_KDF-SSHKDF.7 doc/man/man7/EVP_KDF-TLS1_PRF.7 doc/man/man7/EVP_KDF-X942.7 doc/man/man7/EVP_KDF-X963.7 doc/man/man7/EVP_KEYEXCH-DH.7 doc/man/man7/EVP_KEYEXCH-ECDH.7 doc/man/man7/EVP_KEYEXCH-X25519.7 doc/man/man7/EVP_MAC-BLAKE2.7 doc/man/man7/EVP_MAC-CMAC.7 doc/man/man7/EVP_MAC-GMAC.7 doc/man/man7/EVP_MAC-HMAC.7 doc/man/man7/EVP_MAC-KMAC.7 doc/man/man7/EVP_MAC-Poly1305.7 doc/man/man7/EVP_MAC-Siphash.7 doc/man/man7/EVP_MD-BLAKE2.7 doc/man/man7/EVP_MD-MD2.7 doc/man/man7/EVP_MD-MD4.7 doc/man/man7/EVP_MD-MD5-SHA1.7 doc/man/man7/EVP_MD-MD5.7 doc/man/man7/EVP_MD-MDC2.7 doc/man/man7/EVP_MD-RIPEMD160.7 doc/man/man7/EVP_MD-SHA1.7 doc/man/man7/EVP_MD-SHA2.7 doc/man/man7/EVP_MD-SHA3.7 doc/man/man7/EVP_MD-SHAKE.7 doc/man/man7/EVP_MD-SM3.7 doc/man/man7/EVP_MD-WHIRLPOOL.7 doc/man/man7/EVP_MD-common.7 doc/man/man7/EVP_PKEY-DH.7 doc/man/man7/EVP_PKEY-DSA.7 doc/man/man7/EVP_PKEY-EC.7 doc/man/man7/EVP_PKEY-FFC.7 doc/man/man7/EVP_PKEY-RSA.7 doc/man/man7/EVP_PKEY-X25519.7 doc/man/man7/EVP_RAND-CTR-DRBG.7 doc/man/man7/EVP_RAND-HASH-DRBG.7 doc/man/man7/EVP_RAND-HMAC-DRBG.7 doc/man/man7/EVP_RAND-TEST-RAND.7 doc/man/man7/EVP_RAND.7 doc/man/man7/EVP_SIGNATURE-DSA.7 doc/man/man7/EVP_SIGNATURE-ECDSA.7 doc/man/man7/EVP_SIGNATURE-ED25519.7 doc/man/man7/EVP_SIGNATURE-RSA.7 doc/man/man7/OSSL_PROVIDER-FIPS.7 doc/man/man7/OSSL_PROVIDER-base.7 doc/man/man7/OSSL_PROVIDER-default.7 doc/man/man7/OSSL_PROVIDER-legacy.7 doc/man/man7/OSSL_PROVIDER-null.7 doc/man/man7/RAND.7 doc/man/man7/RSA-PSS.7 doc/man/man7/SM2.7 doc/man/man7/X25519.7 doc/man/man7/bio.7 doc/man/man7/crypto.7 doc/man/man7/ct.7 doc/man/man7/des_modes.7 doc/man/man7/evp.7 doc/man/man7/openssl-core.h.7 doc/man/man7/openssl-core_dispatch.h.7 doc/man/man7/openssl-core_names.h.7 doc/man/man7/openssl-env.7 doc/man/man7/openssl_user_macros.7 doc/man/man7/ossl_store-file.7 doc/man/man7/ossl_store.7 doc/man/man7/passphrase-encoding.7 doc/man/man7/property.7 doc/man/man7/provider-asym_cipher.7 doc/man/man7/provider-base.7 doc/man/man7/provider-cipher.7 doc/man/man7/provider-digest.7 doc/man/man7/provider-keyexch.7 doc/man/man7/provider-keymgmt.7 doc/man/man7/provider-mac.7 doc/man/man7/provider-rand.7 doc/man/man7/provider-serializer.7 doc/man/man7/provider-signature.7 doc/man/man7/provider.7 doc/man/man7/proxy-certificates.7 doc/man/man7/ssl.7 doc/man/man7/x509.7
rm -f apps/openssl fuzz/asn1-test fuzz/asn1parse-test fuzz/bignum-test fuzz/bndiv-test fuzz/client-test fuzz/cmp-test fuzz/cms-test fuzz/conf-test fuzz/crl-test fuzz/ct-test fuzz/server-test fuzz/x509-test test/aborttest test/acvp_test test/aesgcmtest test/afalgtest test/asn1_decode_test test/asn1_dsa_internal_test test/asn1_encode_test test/asn1_internal_test test/asn1_string_table_test test/asn1_time_test test/asynciotest test/asynctest test/bad_dtls_test test/bftest test/bio_callback_test test/bio_enc_test test/bio_memleak_test test/bio_prefix_text test/bioprinttest test/bn_internal_test test/bntest test/buildtest_c_aes test/buildtest_c_asn1 test/buildtest_c_asn1t test/buildtest_c_async test/buildtest_c_bio test/buildtest_c_blowfish test/buildtest_c_bn test/buildtest_c_buffer test/buildtest_c_camellia test/buildtest_c_cast test/buildtest_c_cmac test/buildtest_c_cmp test/buildtest_c_cmp_util test/buildtest_c_cms test/buildtest_c_comp test/buildtest_c_conf test/buildtest_c_conf_api test/buildtest_c_core test/buildtest_c_core_dispatch test/buildtest_c_core_names test/buildtest_c_crmf test/buildtest_c_crypto test/buildtest_c_ct test/buildtest_c_des test/buildtest_c_deserializer test/buildtest_c_dh test/buildtest_c_dsa test/buildtest_c_e_os2 test/buildtest_c_ebcdic test/buildtest_c_ec test/buildtest_c_ecdh test/buildtest_c_ecdsa test/buildtest_c_engine test/buildtest_c_ess test/buildtest_c_evp test/buildtest_c_fips_names test/buildtest_c_hmac test/buildtest_c_http test/buildtest_c_idea test/buildtest_c_kdf test/buildtest_c_lhash test/buildtest_c_macros test/buildtest_c_md4 test/buildtest_c_md5 test/buildtest_c_mdc2 test/buildtest_c_modes test/buildtest_c_obj_mac test/buildtest_c_objects test/buildtest_c_ocsp test/buildtest_c_ossl_typ test/buildtest_c_param_build test/buildtest_c_params test/buildtest_c_pem test/buildtest_c_pem2 test/buildtest_c_pkcs12 test/buildtest_c_pkcs7 test/buildtest_c_provider test/buildtest_c_rand test/buildtest_c_rc2 test/buildtest_c_rc4 test/buildtest_c_ripemd test/buildtest_c_rsa test/buildtest_c_safestack test/buildtest_c_seed test/buildtest_c_self_test test/buildtest_c_serializer test/buildtest_c_sha test/buildtest_c_srp test/buildtest_c_srtp test/buildtest_c_ssl test/buildtest_c_ssl2 test/buildtest_c_stack test/buildtest_c_store test/buildtest_c_symhacks test/buildtest_c_tls1 test/buildtest_c_ts test/buildtest_c_txt_db test/buildtest_c_types test/buildtest_c_ui test/buildtest_c_whrlpool test/buildtest_c_x509 test/buildtest_c_x509_vfy test/buildtest_c_x509v3 test/casttest test/chacha_internal_test test/cipher_overhead_test test/cipherbytes_test test/cipherlist_test test/ciphername_test test/clienthellotest test/cmactest test/cmp_asn_test test/cmp_client_test test/cmp_ctx_test test/cmp_hdr_test test/cmp_msg_test test/cmp_protect_test test/cmp_server_test test/cmp_status_test test/cmp_vfy_test test/cmsapitest test/conf_include_test test/confdump test/constant_time_test test/context_internal_test test/crltest test/ct_test test/ctype_internal_test test/curve448_internal_test test/d2i_test test/danetest test/defltfips_test test/destest test/dhtest test/drbgtest test/dsa_no_digest_size_test test/dsatest test/dtls_mtu_test test/dtlstest test/dtlsv1listentest test/ec_internal_test test/ecdsatest test/ecstresstest test/ectest test/enginetest test/errtest test/evp_extra_test test/evp_extra_test2 test/evp_fetch_prov_test test/evp_kdf_test test/evp_libctx_test test/evp_pkey_dparams_test test/evp_pkey_provided_test test/evp_test test/exdatatest test/exptest test/fatalerrtest test/ffc_internal_test test/gmdifftest test/gosttest test/hexstr_test test/hmactest test/http_test test/ideatest test/igetest test/keymgmt_internal_test test/lhash_test test/mdc2_internal_test test/mdc2test test/memleaktest test/modes_internal_test test/namemap_internal_test test/ocspapitest test/packettest test/param_build_test test/params_api_test test/params_conversion_test test/params_test test/pbelutest test/pemtest test/pkcs12_format_test test/pkey_meth_kdf_test test/pkey_meth_test test/poly1305_internal_test test/property_test test/provider_fallback_test test/provider_internal_test test/provider_status_test test/provider_test test/rc2test test/rc4test test/rc5test test/rdrand_sanitytest test/recordlentest test/rsa_complex test/rsa_mp_test test/rsa_sp800_56b_test test/rsa_test test/sanitytest test/secmemtest test/serdes_test test/servername_test test/shlibloadtest test/siphash_internal_test test/sm2_internal_test test/sm4_internal_test test/sparse_array_test test/srptest test/ssl_cert_table_internal_test test/ssl_ctx_test test/ssl_test test/ssl_test_ctx_test test/sslapitest test/sslbuffertest test/sslcorrupttest test/ssltest_old test/stack_test test/sysdefaulttest test/test_test test/threadstest test/time_offset_test test/tls13ccstest test/tls13encryptiontest test/tls13secretstest test/uitest test/v3ext test/v3nametest test/verify_extra_test test/versions test/wpackettest test/x509_check_cert_pkey_test test/x509_dup_cert_test test/x509_internal_test test/x509_time_test test/x509aux  engines/afalg.so engines/capi.so engines/dasync.so engines/ossltest.so engines/padlock.so providers/fips.so providers/legacy.so test/p_test.so apps/CA.pl apps/tsget.pl tools/c_rehash util/shlib_wrap.sh
rm -f doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod include/crypto/bn_conf.h include/crypto/dso_conf.h include/openssl/configuration.h include/openssl/fipskey.h include/openssl/opensslv.h test/provider_internal_test.cnf apps/CA.pl apps/progs.c apps/progs.h apps/tsget.pl crypto/aes/aes-x86_64.s crypto/aes/aesni-mb-x86_64.s crypto/aes/aesni-sha1-x86_64.s crypto/aes/aesni-sha256-x86_64.s crypto/aes/aesni-x86_64.s crypto/aes/bsaes-x86_64.s crypto/aes/vpaes-x86_64.s crypto/bn/rsaz-avx2.s crypto/bn/rsaz-x86_64.s crypto/bn/x86_64-gf2m.s crypto/bn/x86_64-mont.s crypto/bn/x86_64-mont5.s crypto/buildinf.h crypto/camellia/cmll-x86_64.s crypto/chacha/chacha-x86_64.s crypto/ec/ecp_nistz256-x86_64.s crypto/ec/x25519-x86_64.s crypto/md5/md5-x86_64.s crypto/modes/aesni-gcm-x86_64.s crypto/modes/ghash-x86_64.s crypto/poly1305/poly1305-x86_64.s crypto/rc4/rc4-md5-x86_64.s crypto/rc4/rc4-x86_64.s crypto/sha/keccak1600-x86_64.s crypto/sha/sha1-mb-x86_64.s crypto/sha/sha1-x86_64.s crypto/sha/sha256-mb-x86_64.s crypto/sha/sha256-x86_64.s crypto/sha/sha512-x86_64.s crypto/whrlpool/wp-x86_64.s crypto/x86_64cpuid.s doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod engines/afalg.ld engines/capi.ld engines/dasync.ld engines/e_padlock-x86_64.s engines/ossltest.ld engines/padlock.ld libcrypto.ld libssl.ld providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_rsa_gen.c providers/common/der/der_wrap_gen.c providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_wrap.h providers/fips.ld providers/legacy.ld test/buildtest_aes.c test/buildtest_asn1.c test/buildtest_asn1t.c test/buildtest_async.c test/buildtest_bio.c test/buildtest_blowfish.c test/buildtest_bn.c test/buildtest_buffer.c test/buildtest_camellia.c test/buildtest_cast.c test/buildtest_cmac.c test/buildtest_cmp.c test/buildtest_cmp_util.c test/buildtest_cms.c test/buildtest_comp.c test/buildtest_conf.c test/buildtest_conf_api.c test/buildtest_core.c test/buildtest_core_dispatch.c test/buildtest_core_names.c test/buildtest_crmf.c test/buildtest_crypto.c test/buildtest_ct.c test/buildtest_des.c test/buildtest_deserializer.c test/buildtest_dh.c test/buildtest_dsa.c test/buildtest_e_os2.c test/buildtest_ebcdic.c test/buildtest_ec.c test/buildtest_ecdh.c test/buildtest_ecdsa.c test/buildtest_engine.c test/buildtest_ess.c test/buildtest_evp.c test/buildtest_fips_names.c test/buildtest_hmac.c test/buildtest_http.c test/buildtest_idea.c test/buildtest_kdf.c test/buildtest_lhash.c test/buildtest_macros.c test/buildtest_md4.c test/buildtest_md5.c test/buildtest_mdc2.c test/buildtest_modes.c test/buildtest_obj_mac.c test/buildtest_objects.c test/buildtest_ocsp.c test/buildtest_ossl_typ.c test/buildtest_param_build.c test/buildtest_params.c test/buildtest_pem.c test/buildtest_pem2.c test/buildtest_pkcs12.c test/buildtest_pkcs7.c test/buildtest_provider.c test/buildtest_rand.c test/buildtest_rc2.c test/buildtest_rc4.c test/buildtest_ripemd.c test/buildtest_rsa.c test/buildtest_safestack.c test/buildtest_seed.c test/buildtest_self_test.c test/buildtest_serializer.c test/buildtest_sha.c test/buildtest_srp.c test/buildtest_srtp.c test/buildtest_ssl.c test/buildtest_ssl2.c test/buildtest_stack.c test/buildtest_store.c test/buildtest_symhacks.c test/buildtest_tls1.c test/buildtest_ts.c test/buildtest_txt_db.c test/buildtest_types.c test/buildtest_ui.c test/buildtest_whrlpool.c test/buildtest_x509.c test/buildtest_x509_vfy.c test/buildtest_x509v3.c test/p_test.ld tools/c_rehash util/shlib_wrap.sh
rm -f `find . -name '*.d' \! -name '.*' \! -type d -print`
rm -f `find . -name '*.o' \! -name '.*' \! -type d -print`
rm -f core
rm -f tags TAGS doc-nits cmd-nits md-nits
rm -f -r test/test-runs
rm -f openssl.pc libcrypto.pc libssl.pc
rm -f `find . -type l \! -name '.*' -print`
rm -f ../openssl-3.0.0-alpha7-dev.tar
$ make depend
$ LDCMD= make -j4
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-asn1parse.pod.in > doc/man1/openssl-asn1parse.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ca.pod.in > doc/man1/openssl-ca.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ciphers.pod.in > doc/man1/openssl-ciphers.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmds.pod.in > doc/man1/openssl-cmds.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmp.pod.in > doc/man1/openssl-cmp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cms.pod.in > doc/man1/openssl-cms.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl.pod.in > doc/man1/openssl-crl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-provider.pod.in > doc/man1/openssl-provider.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf
make depend && make _build_sw
make[1]: Entering directory '/home/openssl/run-checker/no-sock'
make[1]: Leaving directory '/home/openssl/run-checker/no-sock'
make[1]: Entering directory '/home/openssl/run-checker/no-sock'
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c
../openssl/apps/lib/http_server.c:27:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations]
int multi = 0; /* run multiple responder processes */
    ^
1 error generated.
Makefile:4175: recipe for target 'apps/lib/libapps-lib-http_server.o' failed
make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-sock'
Makefile:3145: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From no-reply at appveyor.com  Fri Aug 21 11:29:24 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 21 Aug 2020 11:29:24 +0000
Subject: Build failed: openssl master.36322
Message-ID: <20200821112924.1.AF2CFB6155D1489C@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200821/3e7e3aa4/attachment.html>

From no-reply at appveyor.com  Fri Aug 21 12:45:35 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 21 Aug 2020 12:45:35 +0000
Subject: Build completed: openssl master.36323
Message-ID: <20200821124535.1.908E94114E2F8EDB@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200821/753573e6/attachment.html>

From levitte at openssl.org  Fri Aug 21 13:18:54 2020
From: levitte at openssl.org (Richard Levitte)
Date: Fri, 21 Aug 2020 13:18:54 +0000
Subject: [openssl]  master update
Message-ID: <1598015934.619784.9078.nullmailer@dev.openssl.org>

The branch master has been updated
       via  a02c715c183382aa3038fc4d7d463b17e62a24ff (commit)
      from  93ec4f8f09bc1b0e8b478d7b6c07a3bdb537bb75 (commit)


- Log -----------------------------------------------------------------
commit a02c715c183382aa3038fc4d7d463b17e62a24ff
Author: Richard Levitte <levitte at openssl.org>
Date:   Thu Aug 20 09:33:01 2020 +0200

    Clean away some declarations
    
    dsa_algorithmidentifier_encoding(), ecdsa_algorithmidentifier_encoding(),
    rsa_algorithmidentifier_encoding() have been replaced with DER writer
    functions, so they aren't useful any more.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12693)

-----------------------------------------------------------------------

Summary of changes:
 include/crypto/dsa.h | 1 -
 include/crypto/ec.h  | 1 -
 include/crypto/rsa.h | 1 -
 3 files changed, 3 deletions(-)

diff --git a/include/crypto/dsa.h b/include/crypto/dsa.h
index 59c94a1740..7fe9f3ad9b 100644
--- a/include/crypto/dsa.h
+++ b/include/crypto/dsa.h
@@ -21,7 +21,6 @@ int dsa_generate_ffc_parameters(DSA *dsa, int type, int pbits, int qbits,
 
 int dsa_sign_int(int type, const unsigned char *dgst,
                  int dlen, unsigned char *sig, unsigned int *siglen, DSA *dsa);
-const unsigned char *dsa_algorithmidentifier_encoding(int md_nid, size_t *len);
 
 FFC_PARAMS *dsa_get0_params(DSA *dsa);
 int dsa_ffc_params_fromdata(DSA *dsa, const OSSL_PARAM params[]);
diff --git a/include/crypto/ec.h b/include/crypto/ec.h
index b6ab033626..9901141bb2 100644
--- a/include/crypto/ec.h
+++ b/include/crypto/ec.h
@@ -57,7 +57,6 @@ OPENSSL_CTX *ec_key_get_libctx(const EC_KEY *eckey);
 const char *ec_key_get0_propq(const EC_KEY *eckey);
 const char *ec_curve_nid2name(int nid);
 int ec_curve_name2nid(const char *name);
-const unsigned char *ecdsa_algorithmidentifier_encoding(int md_nid, size_t *len);
 
 /* Backend support */
 int ec_key_fromdata(EC_KEY *ecx, const OSSL_PARAM params[], int include_private);
diff --git a/include/crypto/rsa.h b/include/crypto/rsa.h
index 97cbfa1d7e..478327d231 100644
--- a/include/crypto/rsa.h
+++ b/include/crypto/rsa.h
@@ -87,7 +87,6 @@ int int_rsa_verify(int dtype, const unsigned char *m,
                    size_t siglen, RSA *rsa);
 
 const unsigned char *rsa_digestinfo_encoding(int md_nid, size_t *len);
-const unsigned char *rsa_algorithmidentifier_encoding(int md_nid, size_t *len);
 
 extern const char *rsa_mp_factor_names[];
 extern const char *rsa_mp_exp_names[];

From no-reply at appveyor.com  Fri Aug 21 14:31:45 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 21 Aug 2020 14:31:45 +0000
Subject: Build failed: openssl master.36328
Message-ID: <20200821143145.1.3A886DD75EEE698D@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200821/8fd48741/attachment.html>

From openssl at openssl.org  Fri Aug 21 14:47:19 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 21 Aug 2020 14:47:19 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT
 -fno-sanitize=alignment
Message-ID: <1598021239.362718.29111.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment

Commit log since last time:

c7dfb2abe5 PKCS12_parse(): Clean up code and correct documentation
fc0aae737e PKCS12_parse(): Fix reversed order of certs parsed and output via *ca
9a30f40c57 OSSL_STORE file_load_try_decode(): Avoid flooding error queue by failed tries
7fe32ef688 Fix no-cms build errors.
c51a8af8cc OCSP: Add return value checks.
c9dcbc0759 Apps: change provider_path option to provider-path.
38145fba0a Fix DSA/DH so that legacy keys can still be generated by the default provider
6c4e2e52d8 Fix broken windows builds.
bfa6aaab45 Test that EVP_default_properties_is_fips_enabled() works early
e6c54619d1 Load the default config file before working with default properties

Build log ended with (last 100 lines):

            # Server sent alert unexpected_message but client received no alert.
            # 4067129CA97F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:318:
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1
    not ok 6 - running ssl_test 25-cipher.cnf
# ------------------------------------------------------------------------------
    # Looks like you failed 2 tests of 9.
not ok 26 - Test configuration 25-cipher.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok

        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #2, ECDHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 40D7C1D7A67F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #3, DHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 40D7C1D7A67F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 4 - iteration 4
# ------------------------------------------------------------------------------
    not ok 1 - test_ssl_corrupt
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1
not ok 1 - running sslcorrupttest
# ------------------------------------------------------------------------------
#   Failed test 'running sslcorrupttest'
#   at ../openssl/test/recipes/80-test_sslcorrupt.t line 19.
# Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests 
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls_mtu.t               (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  26
  Non-zero exit status: 1
80-test_sslcorrupt.t             (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=209, Tests=3313, 1811 wallclock secs (14.16 usr  1.49 sys + 1719.26 cusr 90.85 csys = 1825.76 CPU)
Result: FAIL
Makefile:3178: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-ubsan'
Makefile:3176: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Fri Aug 21 15:11:18 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 21 Aug 2020 15:11:18 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-ui
Message-ID: <1598022678.396889.15468.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ui

Commit log since last time:

c7dfb2abe5 PKCS12_parse(): Clean up code and correct documentation
fc0aae737e PKCS12_parse(): Fix reversed order of certs parsed and output via *ca
9a30f40c57 OSSL_STORE file_load_try_decode(): Avoid flooding error queue by failed tries
7fe32ef688 Fix no-cms build errors.
c51a8af8cc OCSP: Add return value checks.
c9dcbc0759 Apps: change provider_path option to provider-path.
38145fba0a Fix DSA/DH so that legacy keys can still be generated by the default provider
6c4e2e52d8 Fix broken windows builds.
bfa6aaab45 Test that EVP_default_properties_is_fips_enabled() works early
e6c54619d1 Load the default config file before working with default properties

Build log ended with (last 100 lines):

    #   Failed test 'p10cr csr empty file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -csr wrong.csr.pem => 139
    not ok 78 - p10cr wrong csr
# ------------------------------------------------------------------------------
    #   Failed test 'p10cr wrong csr'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -revreason 5 => 139
    not ok 79 - ir + ignored revocation
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 139
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 139
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 139
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' => 139
    not ok 86 - kur newkey is directory
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139
    not ok 89 - kur oldcert is directory
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert is directory'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139
    not ok 90 - kur oldcert not existing
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert not existing'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139
    not ok 91 - kur empty oldcert file
# ------------------------------------------------------------------------------
    #   Failed test 'kur empty oldcert file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139
    not ok 92 - kur command without cert and oldcert
# ------------------------------------------------------------------------------
    #   Failed test 'kur command without cert and oldcert'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 65 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-ui/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=209, Tests=3313, 852 wallclock secs (11.93 usr  1.22 sys + 763.72 cusr 53.69 csys = 830.56 CPU)
Result: FAIL
Makefile:3173: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-ui'
Makefile:3171: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Fri Aug 21 15:56:51 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 21 Aug 2020 15:56:51 +0000
Subject: Build failed: openssl master.36331
Message-ID: <20200821155651.1.076080A36DBA7095@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200821/dc6effc6/attachment.html>

From builds at travis-ci.com  Fri Aug 21 16:58:51 2020
From: builds at travis-ci.com (Travis CI)
Date: Fri, 21 Aug 2020 16:58:51 +0000
Subject: Still Failing: openssl/openssl#36866 (master - 5a7734c)
In-Reply-To: <openssl/openssl+180780844+still failing@travis-ci.com>
Message-ID: <5f3ffd498810e_13fab82e109d41320c8@travis-pro-tasks-546cf9d5d-75llg.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36866
Status: Still Failing

Duration: 43 mins and 11 secs
Commit: 5a7734c (master)
Author: Dr. David von Oheimb
Message: Add libctx/provider support to cmp_msg_test

Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)

View the changeset: https://github.com/openssl/openssl/compare/be63e58732ce...5a7734cd0219

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180780844?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200821/595694a6/attachment.html>

From no-reply at appveyor.com  Fri Aug 21 17:07:33 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 21 Aug 2020 17:07:33 +0000
Subject: Build completed: openssl master.36332
Message-ID: <20200821170733.1.F4AC1AC2AED1D732@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200821/eaa6ef0f/attachment.html>

From openssl at openssl.org  Fri Aug 21 18:03:05 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 21 Aug 2020 18:03:05 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls
Message-ID: <1598032985.512345.11756.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls

Commit log since last time:

c7dfb2abe5 PKCS12_parse(): Clean up code and correct documentation
fc0aae737e PKCS12_parse(): Fix reversed order of certs parsed and output via *ca
9a30f40c57 OSSL_STORE file_load_try_decode(): Avoid flooding error queue by failed tries
7fe32ef688 Fix no-cms build errors.
c51a8af8cc OCSP: Add return value checks.
c9dcbc0759 Apps: change provider_path option to provider-path.
38145fba0a Fix DSA/DH so that legacy keys can still be generated by the default provider
6c4e2e52d8 Fix broken windows builds.
bfa6aaab45 Test that EVP_default_properties_is_fips_enabled() works early
e6c54619d1 Load the default config file before working with default properties

Build log ended with (last 100 lines):


# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build
80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok

            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 7 - iteration 7
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 8 - iteration 8
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 10 - iteration 10
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 11 - iteration 11
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 12 - iteration 12
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips.cnf => 1
    not ok 9 - running ssl_test 04-client_auth.cnf
# ------------------------------------------------------------------------------
    #   Failed test 'running ssl_test 04-client_auth.cnf'
    #   at ../openssl/test/recipes/80-test_ssl_new.t line 173.
    # Looks like you failed 1 test of 9.
not ok 5 - Test configuration 04-client_auth.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  5
  Non-zero exit status: 1
Files=209, Tests=3310, 862 wallclock secs (13.08 usr  1.34 sys + 798.91 cusr 64.42 csys = 877.75 CPU)
Result: FAIL
Makefile:3184: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls'
Makefile:3182: recipe for target 'tests' failed
make: *** [tests] Error 2

From builds at travis-ci.com  Fri Aug 21 18:43:41 2020
From: builds at travis-ci.com (Travis CI)
Date: Fri, 21 Aug 2020 18:43:41 +0000
Subject: Still Failing: openssl/openssl#36871 (master - 93ec4f8)
In-Reply-To: <openssl/openssl+180787671+still failing@travis-ci.com>
Message-ID: <5f4015dd6d5a2_13fab82d108b836614d@travis-pro-tasks-546cf9d5d-75llg.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36871
Status: Still Failing

Duration: 30 mins and 3 secs
Commit: 93ec4f8 (master)
Author: Richard Levitte
Message: Remove the OSSL_SERIALIZER / OSSL_DESERIALIZER renaming scripts

Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12660)

View the changeset: https://github.com/openssl/openssl/compare/5a7734cd0219...93ec4f8f09bc

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180787671?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200821/428b5790/attachment.html>

From no-reply at appveyor.com  Fri Aug 21 19:44:21 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 21 Aug 2020 19:44:21 +0000
Subject: Build failed: openssl master.36336
Message-ID: <20200821194421.1.9EAB28DF8134A37C@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200821/ef39a1a4/attachment.html>

From openssl at openssl.org  Fri Aug 21 20:48:06 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 21 Aug 2020 20:48:06 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls1_2
Message-ID: <1598042886.905527.369.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2

Commit log since last time:

c7dfb2abe5 PKCS12_parse(): Clean up code and correct documentation
fc0aae737e PKCS12_parse(): Fix reversed order of certs parsed and output via *ca
9a30f40c57 OSSL_STORE file_load_try_decode(): Avoid flooding error queue by failed tries
7fe32ef688 Fix no-cms build errors.
c51a8af8cc OCSP: Add return value checks.
c9dcbc0759 Apps: change provider_path option to provider-path.
38145fba0a Fix DSA/DH so that legacy keys can still be generated by the default provider
6c4e2e52d8 Fix broken windows builds.
bfa6aaab45 Test that EVP_default_properties_is_fips_enabled() works early
e6c54619d1 Load the default config file before working with default properties

Build log ended with (last 100 lines):

    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0C03A90657F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0C03A90657F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0C03A90657F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6760
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/UFNlgeeBtc default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C080FB385A7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C080FB385A7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:846
    # false
    not ok 3 - test_large_message_dtls
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C080FB385A7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C080FB385A7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C080FB385A7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C080FB385A7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6760
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/UFNlgeeBtc fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls.t                   (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 1024 Tests: 31 Failed: 4)
  Failed tests:  5, 8, 17, 19
  Non-zero exit status: 4
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=209, Tests=3312, 882 wallclock secs (13.10 usr  1.29 sys + 817.09 cusr 65.67 csys = 897.15 CPU)
Result: FAIL
Makefile:3164: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2'
Makefile:3162: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Fri Aug 21 23:12:58 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 21 Aug 2020 23:12:58 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls1_2-method
Message-ID: <1598051578.398639.8849.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method

Commit log since last time:

c7dfb2abe5 PKCS12_parse(): Clean up code and correct documentation
fc0aae737e PKCS12_parse(): Fix reversed order of certs parsed and output via *ca
9a30f40c57 OSSL_STORE file_load_try_decode(): Avoid flooding error queue by failed tries
7fe32ef688 Fix no-cms build errors.
c51a8af8cc OCSP: Add return value checks.
c9dcbc0759 Apps: change provider_path option to provider-path.
38145fba0a Fix DSA/DH so that legacy keys can still be generated by the default provider
6c4e2e52d8 Fix broken windows builds.
bfa6aaab45 Test that EVP_default_properties_is_fips_enabled() works early
e6c54619d1 Load the default config file before working with default properties

Build log ended with (last 100 lines):

    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C040B1242B7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C040B1242B7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C040B1242B7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6760
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/q_XP5HVl2D default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C0206E2FCA7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0206E2FCA7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:846
    # false
    not ok 3 - test_large_message_dtls
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C0206E2FCA7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0206E2FCA7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0206E2FCA7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0206E2FCA7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6760
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/q_XP5HVl2D fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls.t                   (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 1024 Tests: 31 Failed: 4)
  Failed tests:  5, 8, 17, 19
  Non-zero exit status: 4
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=209, Tests=3312, 876 wallclock secs (13.04 usr  1.32 sys + 813.07 cusr 64.70 csys = 892.13 CPU)
Result: FAIL
Makefile:3176: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method'
Makefile:3174: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Sat Aug 22 00:01:03 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Sat, 22 Aug 2020 00:01:03 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-tls1_3
Message-ID: <1598054463.461063.9762.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_3

Commit log since last time:

c7dfb2abe5 PKCS12_parse(): Clean up code and correct documentation
fc0aae737e PKCS12_parse(): Fix reversed order of certs parsed and output via *ca
9a30f40c57 OSSL_STORE file_load_try_decode(): Avoid flooding error queue by failed tries
7fe32ef688 Fix no-cms build errors.
c51a8af8cc OCSP: Add return value checks.
c9dcbc0759 Apps: change provider_path option to provider-path.
38145fba0a Fix DSA/DH so that legacy keys can still be generated by the default provider
6c4e2e52d8 Fix broken windows builds.
bfa6aaab45 Test that EVP_default_properties_is_fips_enabled() works early
e6c54619d1 Load the default config file before working with default properties

Build log ended with (last 100 lines):

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok

        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0202E7E377F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:414:
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0202E7E377F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8213
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0202E7E377F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:414:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0202E7E377F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8213
        # false
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
    not ok 37 - test_sigalgs_available
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/7jw_f62qqI default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0101378187F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:414:
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0101378187F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8213
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0101378187F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:414:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0101378187F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8213
        # false
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
    not ok 37 - test_sigalgs_available
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/7jw_f62qqI fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build
90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=209, Tests=3234, 823 wallclock secs (11.55 usr  1.20 sys + 763.47 cusr 59.26 csys = 835.48 CPU)
Result: FAIL
Makefile:3160: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-tls1_3'
Makefile:3158: recipe for target 'tests' failed
make: *** [tests] Error 2

From builds at travis-ci.com  Sat Aug 22 01:24:17 2020
From: builds at travis-ci.com (Travis CI)
Date: Sat, 22 Aug 2020 01:24:17 +0000
Subject: Still Failing: openssl/openssl#36881 (master - a02c715)
In-Reply-To: <openssl/openssl+180825814+still failing@travis-ci.com>
Message-ID: <5f4073c35b678_13f8ebceaa79c571a9@travis-pro-tasks-ff4b7d44b-d6vsw.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36881
Status: Still Failing

Duration: 1 hr, 3 mins, and 26 secs
Commit: a02c715 (master)
Author: Richard Levitte
Message: Clean away some declarations

dsa_algorithmidentifier_encoding(), ecdsa_algorithmidentifier_encoding(),
rsa_algorithmidentifier_encoding() have been replaced with DER writer
functions, so they aren't useful any more.

Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12693)

View the changeset: https://github.com/openssl/openssl/compare/93ec4f8f09bc...a02c715c1833

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180825814?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200822/061c5db0/attachment-0001.html>

From no-reply at appveyor.com  Sat Aug 22 02:22:02 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sat, 22 Aug 2020 02:22:02 +0000
Subject: Build failed: openssl master.36343
Message-ID: <20200822022202.1.A1DE5B704B55A454@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200822/b00f4465/attachment.html>

From no-reply at appveyor.com  Sat Aug 22 03:23:23 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sat, 22 Aug 2020 03:23:23 +0000
Subject: Build failed: openssl master.36344
Message-ID: <20200822032323.1.0FB9B5A560243C08@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200822/0143de10/attachment.html>

From no-reply at appveyor.com  Sat Aug 22 04:23:43 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sat, 22 Aug 2020 04:23:43 +0000
Subject: Build completed: openssl master.36345
Message-ID: <20200822042343.1.81B5E5D854D7BE1D@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200822/2ff9889f/attachment.html>

From shane.lontis at oracle.com  Sat Aug 22 04:57:40 2020
From: shane.lontis at oracle.com (shane.lontis at oracle.com)
Date: Sat, 22 Aug 2020 04:57:40 +0000
Subject: [openssl]  master update
Message-ID: <1598072260.317299.30115.nullmailer@dev.openssl.org>

The branch master has been updated
       via  c0f39ded68ba0929698a8773e63e9806ec9e5c74 (commit)
      from  a02c715c183382aa3038fc4d7d463b17e62a24ff (commit)


- Log -----------------------------------------------------------------
commit c0f39ded68ba0929698a8773e63e9806ec9e5c74
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Sat Aug 22 14:55:41 2020 +1000

    Add Explicit EC parameter support to providers.
    
    This was added for backward compatability.
    Added EC_GROUP_new_from_params() that supports explicit curve parameters.
    
    This fixes the 15-test_genec.t TODO.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12604)

-----------------------------------------------------------------------

Summary of changes:
 crypto/ec/ec_ameth.c                               |  62 +---
 crypto/ec/ec_asn1.c                                |  71 +---
 crypto/ec/ec_backend.c                             | 205 ++++++++--
 crypto/ec/ec_err.c                                 |   8 +
 crypto/ec/ec_lib.c                                 | 411 ++++++++++++++++++++-
 crypto/err/openssl.txt                             |   7 +
 crypto/evp/pmeth_lib.c                             |  20 +-
 doc/man3/EC_GROUP_new.pod                          |  18 +-
 doc/man3/EVP_PKEY_fromdata.pod                     |   2 +-
 doc/man7/EVP_PKEY-EC.pod                           |  84 ++++-
 include/crypto/ec.h                                |   6 +-
 include/openssl/core.h                             |   6 +-
 include/openssl/core_names.h                       |  22 ++
 include/openssl/ec.h                               |  14 +
 include/openssl/ecerr.h                            |   7 +
 .../implementations/encode_decode/encoder_ec.c     | 190 ++++++++--
 providers/implementations/keymgmt/ec_kmgmt.c       | 391 +++++++++++++++-----
 test/ectest.c                                      | 224 ++++++++++-
 test/endecode_test.c                               | 264 ++++++++++++-
 test/recipes/15-test_genec.t                       |  22 +-
 util/libcrypto.num                                 |   1 +
 21 files changed, 1709 insertions(+), 326 deletions(-)

diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c
index 6cd0bf6279..8840d57188 100644
--- a/crypto/ec/ec_ameth.c
+++ b/crypto/ec/ec_ameth.c
@@ -606,43 +606,6 @@ size_t ec_pkey_dirty_cnt(const EVP_PKEY *pkey)
     return pkey->pkey.ec->dirty_cnt;
 }
 
-static ossl_inline
-int ecparams_to_params(const EC_KEY *eckey, OSSL_PARAM_BLD *tmpl)
-{
-    const EC_GROUP *ecg;
-    int curve_nid;
-
-    if (eckey == NULL)
-        return 0;
-
-    ecg = EC_KEY_get0_group(eckey);
-    if (ecg == NULL)
-        return 0;
-
-    curve_nid = EC_GROUP_get_curve_name(ecg);
-
-    if (curve_nid == NID_undef) {
-        /* explicit parameters */
-
-        /*
-         * TODO(3.0): should we support explicit parameters curves?
-         */
-        return 0;
-    } else {
-        /* named curve */
-        const char *curve_name = NULL;
-
-        if ((curve_name = OBJ_nid2sn(curve_nid)) == NULL)
-            return 0;
-
-        if (!OSSL_PARAM_BLD_push_utf8_string(tmpl, OSSL_PKEY_PARAM_GROUP_NAME,
-                                             curve_name, 0))
-            return 0;
-    }
-
-    return 1;
-}
-
 static
 int ec_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
                       EVP_KEYMGMT *to_keymgmt, OPENSSL_CTX *libctx,
@@ -650,7 +613,7 @@ int ec_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
 {
     const EC_KEY *eckey = NULL;
     const EC_GROUP *ecg = NULL;
-    unsigned char *pub_key_buf = NULL;
+    unsigned char *pub_key_buf = NULL, *gen_buf = NULL;
     size_t pub_key_buflen;
     OSSL_PARAM_BLD *tmpl;
     OSSL_PARAM *params = NULL;
@@ -676,8 +639,17 @@ int ec_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
     if (tmpl == NULL)
         return 0;
 
+    /*
+     * EC_POINT_point2buf() can generate random numbers in some
+     * implementations so we need to ensure we use the correct libctx.
+     */
+    bnctx = BN_CTX_new_ex(libctx);
+    if (bnctx == NULL)
+        goto err;
+    BN_CTX_start(bnctx);
+
     /* export the domain parameters */
-    if (!ecparams_to_params(eckey, tmpl))
+    if (!ec_group_todata(ecg, tmpl, NULL, libctx, propq, bnctx, &gen_buf))
         goto err;
     selection |= OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
 
@@ -685,14 +657,6 @@ int ec_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
     pub_point = EC_KEY_get0_public_key(eckey);
 
     if (pub_point != NULL) {
-        /*
-         * EC_POINT_point2buf() can generate random numbers in some
-         * implementations so we need to ensure we use the correct libctx.
-         */
-        bnctx = BN_CTX_new_ex(libctx);
-        if (bnctx == NULL)
-            goto err;
-
         /* convert pub_point to a octet string according to the SECG standard */
         if ((pub_key_buflen = EC_POINT_point2buf(ecg, pub_point,
                                                  POINT_CONVERSION_COMPRESSED,
@@ -779,6 +743,8 @@ int ec_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
     OSSL_PARAM_BLD_free(tmpl);
     OSSL_PARAM_BLD_free_params(params);
     OPENSSL_free(pub_key_buf);
+    OPENSSL_free(gen_buf);
+    BN_CTX_end(bnctx);
     BN_CTX_free(bnctx);
     return rv;
 }
@@ -794,7 +760,7 @@ static int ec_pkey_import_from(const OSSL_PARAM params[], void *vpctx)
         return 0;
     }
 
-    if (!ec_key_domparams_fromdata(ec, params)
+    if (!ec_group_fromdata(ec, params)
         || !ec_key_otherparams_fromdata(ec, params)
         || !ec_key_fromdata(ec, params, 1)
         || !EVP_PKEY_assign_EC_KEY(pkey, ec)) {
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index 654a12ad60..879ff9faa2 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -23,75 +23,6 @@
 
 #ifndef FIPS_MODULE
 
-int EC_GROUP_get_basis_type(const EC_GROUP *group)
-{
-    int i;
-
-    if (EC_GROUP_get_field_type(group) != NID_X9_62_characteristic_two_field)
-        /* everything else is currently not supported */
-        return 0;
-
-    /* Find the last non-zero element of group->poly[] */
-    for (i = 0;
-         i < (int)OSSL_NELEM(group->poly) && group->poly[i] != 0;
-         i++)
-        continue;
-
-    if (i == 4)
-        return NID_X9_62_ppBasis;
-    else if (i == 2)
-        return NID_X9_62_tpBasis;
-    else
-        /* everything else is currently not supported */
-        return 0;
-}
-
-#ifndef OPENSSL_NO_EC2M
-int EC_GROUP_get_trinomial_basis(const EC_GROUP *group, unsigned int *k)
-{
-    if (group == NULL)
-        return 0;
-
-    if (EC_GROUP_get_field_type(group) != NID_X9_62_characteristic_two_field
-        || !((group->poly[0] != 0) && (group->poly[1] != 0)
-             && (group->poly[2] == 0))) {
-        ECerr(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS,
-              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-
-    if (k)
-        *k = group->poly[1];
-
-    return 1;
-}
-
-int EC_GROUP_get_pentanomial_basis(const EC_GROUP *group, unsigned int *k1,
-                                   unsigned int *k2, unsigned int *k3)
-{
-    if (group == NULL)
-        return 0;
-
-    if (EC_GROUP_get_field_type(group) != NID_X9_62_characteristic_two_field
-        || !((group->poly[0] != 0) && (group->poly[1] != 0)
-             && (group->poly[2] != 0) && (group->poly[3] != 0)
-             && (group->poly[4] == 0))) {
-        ECerr(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS,
-              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-
-    if (k1)
-        *k1 = group->poly[3];
-    if (k2)
-        *k2 = group->poly[2];
-    if (k3)
-        *k3 = group->poly[1];
-
-    return 1;
-}
-#endif
-
 /* some structures needed for the asn1 encoding */
 typedef struct x9_62_pentanomial_st {
     int32_t k1;
@@ -444,7 +375,7 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve)
 }
 
 ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group,
-                                               ECPARAMETERS *params)
+                                        ECPARAMETERS *params)
 {
     size_t len = 0;
     ECPARAMETERS *ret = NULL;
diff --git a/crypto/ec/ec_backend.c b/crypto/ec/ec_backend.c
index 2277c2c724..1599e2b1f3 100644
--- a/crypto/ec/ec_backend.c
+++ b/crypto/ec/ec_backend.c
@@ -10,15 +10,178 @@
 #include <openssl/core_names.h>
 #include <openssl/objects.h>
 #include <openssl/params.h>
+#include <openssl/err.h>
 #include "crypto/bn.h"
 #include "crypto/ec.h"
+#include "ec_local.h"
+#include "e_os.h"
+#include "internal/param_build_set.h"
+
+/* Mapping between a flag and a name */
+static const OSSL_ITEM encoding_nameid_map[] = {
+    { OPENSSL_EC_EXPLICIT_CURVE, OSSL_PKEY_EC_ENCODING_EXPLICIT },
+    { OPENSSL_EC_NAMED_CURVE, OSSL_PKEY_EC_ENCODING_GROUP },
+};
+
+int ec_encoding_name2id(const char *name)
+{
+    size_t i, sz;
+
+    /* Return the default value if there is no name */
+    if (name == NULL)
+        return OPENSSL_EC_NAMED_CURVE;
+
+    for (i = 0, sz = OSSL_NELEM(encoding_nameid_map); i < sz; i++) {
+        if (strcasecmp(name, encoding_nameid_map[i].ptr) == 0)
+            return encoding_nameid_map[i].id;
+    }
+    return -1;
+}
+
+static char *ec_param_encoding_id2name(int id)
+{
+    size_t i, sz;
+
+    for (i = 0, sz = OSSL_NELEM(encoding_nameid_map); i < sz; i++) {
+        if (id == (int)encoding_nameid_map[i].id)
+            return encoding_nameid_map[i].ptr;
+    }
+    return NULL;
+}
+
+int ec_group_todata(const EC_GROUP *group, OSSL_PARAM_BLD *tmpl,
+                    OSSL_PARAM params[], OPENSSL_CTX *libctx, const char *propq,
+                    BN_CTX *bnctx, unsigned char **genbuf)
+{
+    int ret = 0, curve_nid, encoding_flag;
+    const char *field_type, *encoding_name;
+    const BIGNUM *cofactor, *order;
+    BIGNUM *p = NULL, *a = NULL, *b = NULL;
+    point_conversion_form_t genform;
+    const EC_POINT *genpt;
+    unsigned char *seed = NULL;
+    size_t genbuf_len, seed_len;
+
+    if (group == NULL) {
+        ECerr(0,EC_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    encoding_flag = EC_GROUP_get_asn1_flag(group) & OPENSSL_EC_NAMED_CURVE;
+    encoding_name = ec_param_encoding_id2name(encoding_flag);
+    if (encoding_name == NULL
+        || !ossl_param_build_set_utf8_string(tmpl, params,
+                                             OSSL_PKEY_PARAM_EC_ENCODING,
+                                             encoding_name)) {
+        ECerr(0, EC_R_INVALID_ENCODING);
+        return 0;
+    }
+
+    curve_nid = EC_GROUP_get_curve_name(group);
+    if (curve_nid == NID_undef) {
+        /* explicit curve */
+        int fid = EC_GROUP_get_field_type(group);
+
+        if (fid == NID_X9_62_prime_field) {
+            field_type = SN_X9_62_prime_field;
+        } else if (fid == NID_X9_62_characteristic_two_field) {
+            field_type = SN_X9_62_characteristic_two_field;
+        } else {
+            ECerr(0, EC_R_INVALID_FIELD);
+            return 0;
+        }
+
+        p = BN_CTX_get(bnctx);
+        a = BN_CTX_get(bnctx);
+        b = BN_CTX_get(bnctx);
+        if (b == NULL) {
+            ECerr(0, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+
+        if (!EC_GROUP_get_curve(group, p, a, b, bnctx)) {
+            ECerr(0, EC_R_INVALID_CURVE);
+            goto err;
+        }
+
+        order = EC_GROUP_get0_order(group);
+        if (order == NULL) {
+            ECerr(0, EC_R_INVALID_GROUP_ORDER);
+            goto err;
+        }
+        genpt = EC_GROUP_get0_generator(group);
+        if (genpt == NULL) {
+            ECerr(0, EC_R_INVALID_GENERATOR);
+            goto err;
+        }
+        genform = EC_GROUP_get_point_conversion_form(group);
+        genbuf_len = EC_POINT_point2buf(group, genpt, genform, genbuf, bnctx);
+        if (genbuf_len == 0) {
+            ECerr(0, EC_R_INVALID_GENERATOR);
+            goto err;
+        }
+
+        if (!ossl_param_build_set_utf8_string(tmpl, params,
+                                              OSSL_PKEY_PARAM_EC_FIELD_TYPE,
+                                              field_type)
+            || !ossl_param_build_set_bn(tmpl, params, OSSL_PKEY_PARAM_EC_P, p)
+            || !ossl_param_build_set_bn(tmpl, params, OSSL_PKEY_PARAM_EC_A, a)
+            || !ossl_param_build_set_bn(tmpl, params, OSSL_PKEY_PARAM_EC_B, b)
+            || !ossl_param_build_set_bn(tmpl, params, OSSL_PKEY_PARAM_EC_ORDER,
+                                        order)
+            || !ossl_param_build_set_octet_string(tmpl, params,
+                                                  OSSL_PKEY_PARAM_EC_GENERATOR,
+                                                  *genbuf, genbuf_len)) {
+            ECerr(0, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+
+        cofactor = EC_GROUP_get0_cofactor(group);
+        if (cofactor != NULL
+            && !ossl_param_build_set_bn(tmpl, params,
+                                        OSSL_PKEY_PARAM_EC_COFACTOR, cofactor)) {
+            ECerr(0, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+
+        seed = EC_GROUP_get0_seed(group);
+        seed_len = EC_GROUP_get_seed_len(group);
+        if (seed != NULL
+            && seed_len > 0
+            && !ossl_param_build_set_octet_string(tmpl, params,
+                                                  OSSL_PKEY_PARAM_EC_SEED,
+                                                  seed, seed_len)) {
+            ECerr(0, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+#ifdef OPENSSL_NO_EC2M
+        if (fid == NID_X9_62_characteristic_two_field) {
+            ECerr(0, EC_R_GF2M_NOT_SUPPORTED);
+            goto err;
+        }
+#endif
+    } else {
+        /* named curve */
+        const char *curve_name = curve_name = ec_curve_nid2name(curve_nid);
+
+        if (curve_name == NULL
+            || !ossl_param_build_set_utf8_string(tmpl, params,
+                                                 OSSL_PKEY_PARAM_GROUP_NAME,
+                                                 curve_name)) {
+            ECerr(0, EC_R_INVALID_CURVE);
+            goto err;
+        }
+    }
+    ret = 1;
+err:
+    return ret;
+}
 
 /*
  * The intention with the "backend" source file is to offer backend support
  * for legacy backends (EVP_PKEY_ASN1_METHOD and EVP_PKEY_METHOD) and provider
  * implementations alike.
  */
-
 int ec_set_ecdh_cofactor_mode(EC_KEY *ec, int mode)
 {
     const EC_GROUP *ecg = EC_KEY_get0_group(ec);
@@ -163,52 +326,27 @@ int ec_key_fromdata(EC_KEY *ec, const OSSL_PARAM params[], int include_private)
     return ok;
 }
 
-int ec_key_domparams_fromdata(EC_KEY *ec, const OSSL_PARAM params[])
+int ec_group_fromdata(EC_KEY *ec, const OSSL_PARAM params[])
 {
-    const OSSL_PARAM *param_ec_name;
-    EC_GROUP *ecg = NULL;
-    char *curve_name = NULL;
     int ok = 0;
+    EC_GROUP *group = NULL;
 
     if (ec == NULL)
         return 0;
 
-    param_ec_name = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_GROUP_NAME);
-    if (param_ec_name == NULL) {
-        /* explicit parameters */
-
-        /*
-         * TODO(3.0): should we support explicit parameters curves?
-         */
-        return 0;
-    } else {
-        /* named curve */
-        int curve_nid;
-
-        if (!OSSL_PARAM_get_utf8_string(param_ec_name, &curve_name, 0)
-                || curve_name == NULL
-                || (curve_nid = ec_curve_name2nid(curve_name)) == NID_undef)
-            goto err;
-
-        if ((ecg = EC_GROUP_new_by_curve_name_with_libctx(ec_key_get_libctx(ec),
-                                                          ec_key_get0_propq(ec),
-                                                          curve_nid)) == NULL)
-            goto err;
-    }
+     group = EC_GROUP_new_from_params(params, ec_key_get_libctx(ec),
+                                      ec_key_get0_propq(ec));
 
-    if (!EC_KEY_set_group(ec, ecg))
+    if (!EC_KEY_set_group(ec, group))
         goto err;
 
     /*
      * TODO(3.0): if the group has changed, should we invalidate the private and
      * public key?
      */
-
     ok = 1;
-
- err:
-    OPENSSL_free(curve_name);
-    EC_GROUP_free(ecg);
+err:
+    EC_GROUP_free(group);
     return ok;
 }
 
@@ -227,5 +365,6 @@ int ec_key_otherparams_fromdata(EC_KEY *ec, const OSSL_PARAM params[])
             || !ec_set_ecdh_cofactor_mode(ec, mode))
             return 0;
     }
+
     return 1;
 }
diff --git a/crypto/ec/ec_err.c b/crypto/ec/ec_err.c
index afb2696285..7112cbc21f 100644
--- a/crypto/ec/ec_err.c
+++ b/crypto/ec/ec_err.c
@@ -44,7 +44,10 @@ static const ERR_STRING_DATA EC_str_reasons[] = {
     "i2d ecpkparameters failure"},
     {ERR_PACK(ERR_LIB_EC, 0, EC_R_INCOMPATIBLE_OBJECTS),
     "incompatible objects"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_A), "invalid a"},
     {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_ARGUMENT), "invalid argument"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_B), "invalid b"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_COFACTOR), "invalid cofactor"},
     {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_COMPRESSED_POINT),
     "invalid compressed point"},
     {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_COMPRESSION_BIT),
@@ -55,14 +58,19 @@ static const ERR_STRING_DATA EC_str_reasons[] = {
     {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_ENCODING), "invalid encoding"},
     {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_FIELD), "invalid field"},
     {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_FORM), "invalid form"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_GENERATOR), "invalid generator"},
     {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_GROUP_ORDER), "invalid group order"},
     {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_KEY), "invalid key"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_NAMED_GROUP_CONVERSION),
+    "invalid named group conversion"},
     {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_OUTPUT_LENGTH),
     "invalid output length"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_P), "invalid p"},
     {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_PEER_KEY), "invalid peer key"},
     {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_PENTANOMIAL_BASIS),
     "invalid pentanomial basis"},
     {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_PRIVATE_KEY), "invalid private key"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_SEED), "invalid seed"},
     {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_TRINOMIAL_BASIS),
     "invalid trinomial basis"},
     {ERR_PACK(ERR_LIB_EC, 0, EC_R_KDF_PARAMETER_ERROR), "kdf parameter error"},
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
index a0c007a13e..d9298f62d0 100644
--- a/crypto/ec/ec_lib.c
+++ b/crypto/ec/ec_lib.c
@@ -15,11 +15,14 @@
 #include "internal/deprecated.h"
 
 #include <string.h>
-
+#include <openssl/params.h>
+#include <openssl/core_names.h>
 #include <openssl/err.h>
 #include <openssl/opensslv.h>
-
+#include "crypto/ec.h"
+#include "internal/nelem.h"
 #include "ec_local.h"
+#include "e_os.h" /* strcasecmp */
 
 /* functions for EC_GROUP objects */
 
@@ -1317,3 +1320,407 @@ int ec_point_blind_coordinates(const EC_GROUP *group, EC_POINT *p, BN_CTX *ctx)
 
     return group->meth->blind_coordinates(group, p, ctx);
 }
+
+int EC_GROUP_get_basis_type(const EC_GROUP *group)
+{
+    int i;
+
+    if (EC_GROUP_get_field_type(group) != NID_X9_62_characteristic_two_field)
+        /* everything else is currently not supported */
+        return 0;
+
+    /* Find the last non-zero element of group->poly[] */
+    for (i = 0;
+         i < (int)OSSL_NELEM(group->poly) && group->poly[i] != 0;
+         i++)
+        continue;
+
+    if (i == 4)
+        return NID_X9_62_ppBasis;
+    else if (i == 2)
+        return NID_X9_62_tpBasis;
+    else
+        /* everything else is currently not supported */
+        return 0;
+}
+
+#ifndef OPENSSL_NO_EC2M
+int EC_GROUP_get_trinomial_basis(const EC_GROUP *group, unsigned int *k)
+{
+    if (group == NULL)
+        return 0;
+
+    if (EC_GROUP_get_field_type(group) != NID_X9_62_characteristic_two_field
+        || !((group->poly[0] != 0) && (group->poly[1] != 0)
+             && (group->poly[2] == 0))) {
+        ECerr(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS,
+              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+
+    if (k)
+        *k = group->poly[1];
+
+    return 1;
+}
+
+int EC_GROUP_get_pentanomial_basis(const EC_GROUP *group, unsigned int *k1,
+                                   unsigned int *k2, unsigned int *k3)
+{
+    if (group == NULL)
+        return 0;
+
+    if (EC_GROUP_get_field_type(group) != NID_X9_62_characteristic_two_field
+        || !((group->poly[0] != 0) && (group->poly[1] != 0)
+             && (group->poly[2] != 0) && (group->poly[3] != 0)
+             && (group->poly[4] == 0))) {
+        ECerr(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS,
+              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+
+    if (k1)
+        *k1 = group->poly[3];
+    if (k2)
+        *k2 = group->poly[2];
+    if (k3)
+        *k3 = group->poly[1];
+
+    return 1;
+}
+#endif
+
+/*
+ * Check if the explicit parameters group matches any built-in curves.
+ *
+ * We create a copy of the group just built, so that we can remove optional
+ * fields for the lookup: we do this to avoid the possibility that one of
+ * the optional parameters is used to force the library into using a less
+ * performant and less secure EC_METHOD instead of the specialized one.
+ * In any case, `seed` is not really used in any computation, while a
+ * cofactor different from the one in the built-in table is just
+ * mathematically wrong anyway and should not be used.
+ */
+static EC_GROUP *ec_group_explicit_to_named(const EC_GROUP *group,
+                                            OPENSSL_CTX *libctx,
+                                            const char *propq,
+                                            BN_CTX *ctx)
+{
+    EC_GROUP *ret_group = NULL, *dup = NULL;
+    int curve_name_nid;
+
+    const EC_POINT *point = EC_GROUP_get0_generator(group);
+    const BIGNUM *order = EC_GROUP_get0_order(group);
+    int no_seed = (EC_GROUP_get0_seed(group) == NULL);
+
+    if ((dup = EC_GROUP_dup(group)) == NULL
+            || EC_GROUP_set_seed(dup, NULL, 0) != 1
+            || !EC_GROUP_set_generator(dup, point, order, NULL))
+        goto err;
+    if ((curve_name_nid = ec_curve_nid_from_params(dup, ctx)) != NID_undef) {
+        /*
+         * The input explicit parameters successfully matched one of the
+         * built-in curves: often for built-in curves we have specialized
+         * methods with better performance and hardening.
+         *
+         * In this case we replace the `EC_GROUP` created through explicit
+         * parameters with one created from a named group.
+         */
+
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+        /*
+         * NID_wap_wsg_idm_ecid_wtls12 and NID_secp224r1 are both aliases for
+         * the same curve, we prefer the SECP nid when matching explicit
+         * parameters as that is associated with a specialized EC_METHOD.
+         */
+        if (curve_name_nid == NID_wap_wsg_idm_ecid_wtls12)
+            curve_name_nid = NID_secp224r1;
+#endif /* !def(OPENSSL_NO_EC_NISTP_64_GCC_128) */
+
+        ret_group = EC_GROUP_new_by_curve_name_with_libctx(libctx, propq,
+                                                           curve_name_nid);
+        if (ret_group == NULL)
+            goto err;
+
+        /*
+         * Set the flag so that EC_GROUPs created from explicit parameters are
+         * serialized using explicit parameters by default.
+         */
+        EC_GROUP_set_asn1_flag(ret_group, OPENSSL_EC_EXPLICIT_CURVE);
+
+        /*
+         * If the input params do not contain the optional seed field we make
+         * sure it is not added to the returned group.
+         *
+         * The seed field is not really used inside libcrypto anyway, and
+         * adding it to parsed explicit parameter keys would alter their DER
+         * encoding output (because of the extra field) which could impact
+         * applications fingerprinting keys by their DER encoding.
+         */
+        if (no_seed) {
+            if (EC_GROUP_set_seed(ret_group, NULL, 0) != 1)
+                goto err;
+        }
+    } else {
+        ret_group = (EC_GROUP *)group;
+    }
+    EC_GROUP_free(dup);
+    return ret_group;
+err:
+    EC_GROUP_free(dup);
+    EC_GROUP_free(ret_group);
+    return NULL;
+}
+
+static int ec_encoding_param2id(const OSSL_PARAM *p, int *id)
+{
+    const char *name = NULL;
+    int status = 0;
+
+    switch (p->data_type) {
+    case OSSL_PARAM_UTF8_STRING:
+        /* The OSSL_PARAM functions have no support for this */
+        name = p->data;
+        status = (name != NULL);
+        break;
+    case OSSL_PARAM_UTF8_PTR:
+        status = OSSL_PARAM_get_utf8_ptr(p, &name);
+        break;
+    }
+    if (status) {
+        int i = ec_encoding_name2id(name);
+
+        if (i >= 0) {
+            *id = i;
+            return 1;
+        }
+    }
+    return 0;
+}
+
+static EC_GROUP *group_new_from_name(const OSSL_PARAM *p,
+                                     OPENSSL_CTX *libctx, const char *propq)
+{
+    int ok = 0, nid;
+    const char *curve_name = NULL;
+
+    switch (p->data_type) {
+    case OSSL_PARAM_UTF8_STRING:
+        /* The OSSL_PARAM functions have no support for this */
+        curve_name = p->data;
+        ok = (curve_name != NULL);
+        break;
+    case OSSL_PARAM_UTF8_PTR:
+        ok = OSSL_PARAM_get_utf8_ptr(p, &curve_name);
+        break;
+    }
+
+    if (ok) {
+        nid = ec_curve_name2nid(curve_name);
+        if (nid == NID_undef) {
+            ECerr(0, EC_R_INVALID_CURVE);
+            return NULL;
+        } else {
+            return EC_GROUP_new_by_curve_name_with_libctx(libctx, propq, nid);
+        }
+    }
+    return NULL;
+}
+
+EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[],
+                                   OPENSSL_CTX *libctx, const char *propq)
+{
+    const OSSL_PARAM *ptmp, *pa, *pb;
+    int ok = 0;
+    EC_GROUP *group = NULL, *named_group = NULL;
+    BIGNUM *p = NULL, *a = NULL, *b = NULL, *order = NULL, *cofactor = NULL;
+    EC_POINT *point = NULL;
+    int field_bits = 0;
+    int is_prime_field = 1;
+    BN_CTX *bnctx = NULL;
+    const unsigned char *buf = NULL;
+    int encoding_flag = -1;
+
+    ptmp = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_EC_ENCODING);
+    if (ptmp != NULL && !ec_encoding_param2id(ptmp, &encoding_flag)) {
+        ECerr(0, EC_R_INVALID_ENCODING);
+        return 0;
+    }
+
+    ptmp = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_GROUP_NAME);
+    if (ptmp != NULL) {
+        group = group_new_from_name(ptmp, libctx, propq);
+        if (group != NULL)
+            EC_GROUP_set_asn1_flag(group, encoding_flag);
+        else
+            ECerr(0, ERR_R_EC_LIB);
+        return group;
+    }
+    bnctx = BN_CTX_new_ex(libctx);
+    if (bnctx == NULL) {
+        ECerr(0, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    BN_CTX_start(bnctx);
+
+    p = BN_CTX_get(bnctx);
+    a = BN_CTX_get(bnctx);
+    b = BN_CTX_get(bnctx);
+    order = BN_CTX_get(bnctx);
+    if (order == NULL) {
+        ECerr(0, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    ptmp = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_EC_FIELD_TYPE);
+    if (ptmp == NULL || ptmp->data_type != OSSL_PARAM_UTF8_STRING) {
+        ECerr(0, EC_R_INVALID_FIELD);
+        goto err;
+    }
+    if (strcasecmp(ptmp->data, SN_X9_62_prime_field) == 0) {
+        is_prime_field = 1;
+    } else if (strcasecmp(ptmp->data, SN_X9_62_characteristic_two_field) == 0) {
+        is_prime_field = 0;
+    } else {
+        /* Invalid field */
+        ECerr(0, EC_R_UNSUPPORTED_FIELD);
+        goto err;
+    }
+
+    pa = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_EC_A);
+    if (!OSSL_PARAM_get_BN(pa, &a)) {
+        ECerr(0, EC_R_INVALID_A);
+        goto err;
+    }
+    pb = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_EC_B);
+    if (!OSSL_PARAM_get_BN(pb, &b)) {
+        ECerr(0, EC_R_INVALID_B);
+        goto err;
+    }
+
+    /* extract the prime number or irreducible polynomial */
+    ptmp = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_EC_P);
+    if (!OSSL_PARAM_get_BN(ptmp, &p)) {
+        ECerr(0, EC_R_INVALID_P);
+        goto err;
+    }
+
+    if (is_prime_field) {
+        if (BN_is_negative(p) || BN_is_zero(p)) {
+            ECerr(0, EC_R_INVALID_P);
+            goto err;
+        }
+        field_bits = BN_num_bits(p);
+        if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS) {
+            ECerr(0, EC_R_FIELD_TOO_LARGE);
+            goto err;
+        }
+
+        /* create the EC_GROUP structure */
+        group = EC_GROUP_new_curve_GFp(p, a, b, bnctx);
+    } else {
+#ifdef OPENSSL_NO_EC2M
+        ECerr(0, EC_R_GF2M_NOT_SUPPORTED);
+        goto err;
+#else
+        /* create the EC_GROUP structure */
+        group = EC_GROUP_new_curve_GF2m(p, a, b, NULL);
+        if (group != NULL) {
+            field_bits = EC_GROUP_get_degree(group);
+            if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS) {
+                ECerr(0, EC_R_FIELD_TOO_LARGE);
+                goto err;
+            }
+        }
+#endif /* OPENSSL_NO_EC2M */
+    }
+
+    if (group == NULL) {
+        ECerr(0, ERR_R_EC_LIB);
+        goto err;
+    }
+
+    /* Optional seed */
+    ptmp = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_EC_SEED);
+    if (ptmp != NULL) {
+        if (ptmp->data_type != OSSL_PARAM_OCTET_STRING) {
+            ECerr(0, EC_R_INVALID_SEED);
+            goto err;
+        }
+        if (!EC_GROUP_set_seed(group, ptmp->data, ptmp->data_size))
+            goto err;
+    }
+
+    /* generator base point */
+    ptmp = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_EC_GENERATOR);
+    if (ptmp == NULL
+        || ptmp->data_type != OSSL_PARAM_OCTET_STRING) {
+        ECerr(0, EC_R_INVALID_GENERATOR);
+        goto err;
+    }
+    buf = (const unsigned char *)(ptmp->data);
+    if ((point = EC_POINT_new(group)) == NULL)
+        goto err;
+    EC_GROUP_set_point_conversion_form(group,
+                                       (point_conversion_form_t)buf[0] & ~0x01);
+    if (!EC_POINT_oct2point(group, point, buf, ptmp->data_size, bnctx)) {
+        ECerr(0, EC_R_INVALID_GENERATOR);
+        goto err;
+    }
+
+    /* order */
+    ptmp = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_EC_ORDER);
+    if (!OSSL_PARAM_get_BN(ptmp, &order)
+        || (BN_is_negative(order) || BN_is_zero(order))
+        || (BN_num_bits(order) > (int)field_bits + 1)) { /* Hasse bound */
+        ECerr(0, EC_R_INVALID_GROUP_ORDER);
+        goto err;
+    }
+
+    /* Optional cofactor */
+    ptmp = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_EC_COFACTOR);
+    if (ptmp != NULL) {
+        cofactor = BN_CTX_get(bnctx);
+        if (cofactor == NULL || !OSSL_PARAM_get_BN(ptmp, &cofactor)) {
+            ECerr(0, EC_R_INVALID_COFACTOR);
+            goto err;
+        }
+    }
+
+    /* set the generator, order and cofactor (if present) */
+    if (!EC_GROUP_set_generator(group, point, order, cofactor)) {
+        ECerr(0, EC_R_INVALID_GENERATOR);
+        goto err;
+    }
+
+    named_group = ec_group_explicit_to_named(group, libctx, propq, bnctx);
+    if (named_group == NULL) {
+        ECerr(0, EC_R_INVALID_NAMED_GROUP_CONVERSION);
+        goto err;
+    }
+    if (named_group == group) {
+        /*
+         * If we did not find a named group then the encoding should be explicit
+         * if it was specified
+         */
+        if (encoding_flag == OPENSSL_EC_NAMED_CURVE) {
+            ECerr(0, EC_R_INVALID_ENCODING);
+            goto err;
+        }
+        EC_GROUP_set_asn1_flag(group, OPENSSL_EC_EXPLICIT_CURVE);
+    } else {
+        EC_GROUP_free(group);
+        group = named_group;
+    }
+    ok = 1;
+ err:
+    if (!ok) {
+        EC_GROUP_free(group);
+        group = NULL;
+    }
+    EC_POINT_free(point);
+    BN_CTX_end(bnctx);
+    BN_CTX_free(bnctx);
+
+    return group;
+}
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 3a5a5b5692..b530098d2f 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2421,7 +2421,10 @@ EC_R_GF2M_NOT_SUPPORTED:147:gf2m not supported
 EC_R_GROUP2PKPARAMETERS_FAILURE:120:group2pkparameters failure
 EC_R_I2D_ECPKPARAMETERS_FAILURE:121:i2d ecpkparameters failure
 EC_R_INCOMPATIBLE_OBJECTS:101:incompatible objects
+EC_R_INVALID_A:168:invalid a
 EC_R_INVALID_ARGUMENT:112:invalid argument
+EC_R_INVALID_B:169:invalid b
+EC_R_INVALID_COFACTOR:171:invalid cofactor
 EC_R_INVALID_COMPRESSED_POINT:110:invalid compressed point
 EC_R_INVALID_COMPRESSION_BIT:109:invalid compression bit
 EC_R_INVALID_CURVE:141:invalid curve
@@ -2430,12 +2433,16 @@ EC_R_INVALID_DIGEST_TYPE:138:invalid digest type
 EC_R_INVALID_ENCODING:102:invalid encoding
 EC_R_INVALID_FIELD:103:invalid field
 EC_R_INVALID_FORM:104:invalid form
+EC_R_INVALID_GENERATOR:173:invalid generator
 EC_R_INVALID_GROUP_ORDER:122:invalid group order
 EC_R_INVALID_KEY:116:invalid key
+EC_R_INVALID_NAMED_GROUP_CONVERSION:174:invalid named group conversion
 EC_R_INVALID_OUTPUT_LENGTH:161:invalid output length
+EC_R_INVALID_P:172:invalid p
 EC_R_INVALID_PEER_KEY:133:invalid peer key
 EC_R_INVALID_PENTANOMIAL_BASIS:132:invalid pentanomial basis
 EC_R_INVALID_PRIVATE_KEY:123:invalid private key
+EC_R_INVALID_SEED:175:invalid seed
 EC_R_INVALID_TRINOMIAL_BASIS:137:invalid trinomial basis
 EC_R_KDF_PARAMETER_ERROR:148:kdf parameter error
 EC_R_KEYS_NOT_SET:140:keys not set
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index fe2cc689f6..7fd5339537 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -1277,24 +1277,6 @@ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
 static int legacy_ctrl_str_to_param(EVP_PKEY_CTX *ctx, const char *name,
                                     const char *value)
 {
-
-    /* Special cases that we intercept */
-# ifndef OPENSSL_NO_EC
-    /*
-     * We don't support encoding settings for providers, i.e. the only
-     * possible encoding is "named_curve", so we simply fail when something
-     * else is given, and otherwise just pretend all is fine.
-     */
-    if (strcmp(name, "ec_param_enc") == 0) {
-        if (strcmp(value, "named_curve") == 0) {
-            return 1;
-        } else {
-            ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
-            return -2;
-        }
-    }
-# endif
-
     if (strcmp(name, "md") == 0)
         name = OSSL_ALG_PARAM_DIGEST;
     else if (strcmp(name, "rsa_padding_mode") == 0)
@@ -1352,6 +1334,8 @@ static int legacy_ctrl_str_to_param(EVP_PKEY_CTX *ctx, const char *name,
         name = OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE;
     else if (strcmp(name, "ecdh_kdf_md") == 0)
         name = OSSL_EXCHANGE_PARAM_KDF_DIGEST;
+    else if (strcmp(name, "ec_param_enc") == 0)
+        name = OSSL_PKEY_PARAM_EC_ENCODING;
 # endif
     else if (strcmp(name, "N") == 0)
         name = OSSL_KDF_PARAM_SCRYPT_N;
diff --git a/doc/man3/EC_GROUP_new.pod b/doc/man3/EC_GROUP_new.pod
index dbead817ec..918e504ce8 100644
--- a/doc/man3/EC_GROUP_new.pod
+++ b/doc/man3/EC_GROUP_new.pod
@@ -4,9 +4,10 @@
 
 EC_GROUP_get_ecparameters,
 EC_GROUP_get_ecpkparameters,
-EC_GROUP_new,
+EC_GROUP_new_from_params,
 EC_GROUP_new_from_ecparameters,
 EC_GROUP_new_from_ecpkparameters,
+EC_GROUP_new,
 EC_GROUP_free,
 EC_GROUP_clear_free,
 EC_GROUP_new_curve_GFp,
@@ -26,6 +27,8 @@ objects
 
  #include <openssl/ec.h>
 
+ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[],
+                                    OPENSSL_CTX *libctx, const char *propq);
  EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params);
  EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params);
  void EC_GROUP_free(EC_GROUP *group);
@@ -93,6 +96,14 @@ used.
 It is then necessary to call EC_GROUP_set_curve() to set the curve parameters.
 Applications should instead use one of the other EC_GROUP_new_* constructors.
 
+EC_GROUP_new_from_params() creates a group with parameters specified by I<params>.
+The library context I<libctx> (see L<OPENSSL_CTX(3)>) and property query string
+I<propq> are used to fetch algorithms from providers.
+I<params> may be either a list of explicit params or a named group,
+The values for I<ctx> and I<propq> may be NULL.
+The I<params> that can be used are described in
+L<B<EVP_PKEY-EC>(7)|EVP_PKEY-EC(7)/Common EC parameters>.
+
 EC_GROUP_new_from_ecparameters() will create a group from the
 specified I<params> and
 EC_GROUP_new_from_ecpkparameters() will create a group from the specific PK
@@ -177,7 +188,7 @@ EC_GROUP_get_curve_GF2m() return 1 on success or 0 on error.
 L<crypto(7)>, L<EC_GROUP_copy(3)>,
 L<EC_POINT_new(3)>, L<EC_POINT_add(3)>, L<EC_KEY_new(3)>,
 L<EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)>,
-L<OPENSSL_CTX(3)>
+L<OPENSSL_CTX(3)>, L<EVP_PKEY-EC(7)>
 
 =head1 HISTORY
 
@@ -187,7 +198,8 @@ L<OPENSSL_CTX(3)>
 
 EC_GROUP_new() was deprecated in OpenSSL 3.0.
 
-EC_GROUP_new_by_curve_name_with_libctx() was added in OpenSSL 3.0.
+EC_GROUP_new_by_curve_name_with_libctx() and EC_GROUP_new_from_params() were
+added in OpenSSL 3.0.
 
 =item *
 
diff --git a/doc/man3/EVP_PKEY_fromdata.pod b/doc/man3/EVP_PKEY_fromdata.pod
index e3003674e3..e3e6d89f8c 100644
--- a/doc/man3/EVP_PKEY_fromdata.pod
+++ b/doc/man3/EVP_PKEY_fromdata.pod
@@ -149,7 +149,7 @@ TODO Write a set of cookbook documents and link to them.
      0x47
  };
  const OSSL_PARAM params[] = {
-     OSSL_PARAM_utf8_string("curve-name", "prime256v1"),
+     OSSL_PARAM_utf8_string("group", "prime256v1"),
      OSSL_PARAM_BN("priv", priv, sizeof(priv)),
      OSSL_PARAM_BN("pub", pub, sizeof(pub)),
      OSSL_PARAM_END
diff --git a/doc/man7/EVP_PKEY-EC.pod b/doc/man7/EVP_PKEY-EC.pod
index ff074b949d..e423a52971 100644
--- a/doc/man7/EVP_PKEY-EC.pod
+++ b/doc/man7/EVP_PKEY-EC.pod
@@ -12,7 +12,15 @@ The B<EC> keytype is implemented in OpenSSL's default provider.
 
 =head2 Common EC parameters
 
-The following Import/Export types are available for the built-in EC algorithm:
+The normal way of specifying domain parameters for an EC curve is via the
+curve name "group". For curves with no curve name, explicit parameters can be
+used that specify "field-type", "p", "a", "b", "generator" and "order".
+Explicit parameters are supported for backwards compability reasons, but they
+are not compliant with multiple standards (including RFC5915) which only allow
+named curves.
+
+The following KeyGen/Gettable/Import/Export types are available for the
+built-in EC algorithm:
 
 =over 4
 
@@ -20,12 +28,56 @@ The following Import/Export types are available for the built-in EC algorithm:
 
 The curve name.
 
+=item "field-type" (B<OSSL_PKEY_PARAM_EC_FIELD_TYPE>) <utf8 string>
+
+The value should be either "prime-field" or "characteristic-two-field",
+which correspond to prime field Fp and binary field F2^m.
+
+=item "p" (B<OSSL_PKEY_PARAM_EC_P>) <unsigned integer>
+
+For a curve over Fp I<p> is the prime for the field. For a curve over F2^m I<p>
+represents the irreducible polynomial - each bit represents a term in the
+polynomial. Therefore, there will either be three or five bits set dependent on
+whether the polynomial is a trinomial or a pentanomial.
+
+=item "a" (B<OSSL_PKEY_PARAM_EC_A>) <unsigned integer>
+
+=item "b" (B<OSSL_PKEY_PARAM_EC_B>) <unsigned integer>
+
+=item "seed" (B<OSSL_PKEY_PARAM_EC_SEED>) <octet string>
+
+I<a> and I<b> represents the coefficients of the curve
+For Fp:   y^2 mod p = x^3 +ax + b mod p OR
+For F2^m: y^2 + xy = x^3 + ax^2 + b
+
+I<seed> is an optional value that is for information purposes only.
+It represents the random number seed used to generate the coefficient I<b> from a
+random number.
+
+=item "generator" (B<OSSL_PKEY_PARAM_EC_GENERATOR>) <octet string>
+
+=item "order" (B<OSSL_PKEY_PARAM_EC_ORDER>) <unsigned integer>
+
+=item "cofactor" (B<OSSL_PKEY_PARAM_EC_COFACTOR>) <unsigned integer>
+
+The I<generator> is a well defined point on the curve chosen for cryptographic
+operations. The encoding conforms with Sec. 2.3.3 of the SECG SEC 1 ("Elliptic Curve
+Cryptography") standard. See EC_POINT_oct2point().
+Integers used for point multiplications will be between 0 and
+I<order> - 1.
+I<cofactor> is an optional value.
+I<order> multiplied by the I<cofactor> gives the number of points on the curve.
+
 =item "use-cofactor-flag" (B<OSSL_PKEY_PARAM_USE_COFACTOR_ECDH>) <integer>
 
 Enable Cofactor DH (ECC CDH) if this value is 1, otherwise it uses normal EC DH
 if the value is zero. The cofactor variant multiplies the shared secret by the
 EC curve's cofactor (note for some curves the cofactor is 1).
 
+=item "encoding" (B<OSSL_PKEY_PARAM_EC_ENCODING>) <utf8 string>
+
+Set the format used for serializing the EC group parameters.
+Valid values are "explicit" or "named_curve". The default value is "named_curve".
 
 See also L<EVP_KEYEXCH-ECDH(7)> for the related
 B<OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE> parameter that can be set on a
@@ -46,6 +98,36 @@ exchange message for the TLS protocol.
 
 =back
 
+The following Gettable types are also available for the built-in EC algorithm:
+
+=over 4
+
+=item "basis-type" (B<OSSL_PKEY_PARAM_EC_CHAR2_TYPE>) <utf8 string>
+
+Supports the values "tpBasis" for a trinomial or "ppBasis" for a pentanomial.
+This field is only used for a binary field F2^m.
+
+=item "m" (B<OSSL_PKEY_PARAM_EC_CHAR2_M>) <integer>
+
+=item "tp" (B<OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS>) <integer>
+
+=item "k1" (B<OSSL_PKEY_PARAM_EC_CHAR2_PP_K1>) <integer>
+
+=item "k2" (B<OSSL_PKEY_PARAM_EC_CHAR2_PP_K2>) <integer>
+
+=item "k3" (B<OSSL_PKEY_PARAM_EC_CHAR2_PP_K3>) <integer>
+
+These fields are only used for a binary field F2^m.
+I<m> is the degree of the binary field.
+
+I<tp> is the middle bit of a trinomial so its value must be in the
+range m > tp > 0.
+
+I<k1>, I<k2> and I<k3> are used to get the middle bits of a pentanomial such
+that m > k3 > k2 > k1 > 0
+
+=back
+
 =head1 EXAMPLES
 
 An B<EVP_PKEY> context can be obtained by calling:
diff --git a/include/crypto/ec.h b/include/crypto/ec.h
index 9901141bb2..587f7a39fc 100644
--- a/include/crypto/ec.h
+++ b/include/crypto/ec.h
@@ -59,10 +59,14 @@ const char *ec_curve_nid2name(int nid);
 int ec_curve_name2nid(const char *name);
 
 /* Backend support */
+int ec_group_todata(const EC_GROUP *group, OSSL_PARAM_BLD *tmpl,
+                    OSSL_PARAM params[], OPENSSL_CTX *libctx, const char *propq,
+                    BN_CTX *bnctx, unsigned char **genbuf);
+int ec_group_fromdata(EC_KEY *ec, const OSSL_PARAM params[]);
 int ec_key_fromdata(EC_KEY *ecx, const OSSL_PARAM params[], int include_private);
-int ec_key_domparams_fromdata(EC_KEY *ecx, const OSSL_PARAM params[]);
 int ec_key_otherparams_fromdata(EC_KEY *ec, const OSSL_PARAM params[]);
 int ec_set_ecdh_cofactor_mode(EC_KEY *ec, int mode);
+int ec_encoding_name2id(const char *name);
 
 # endif /* OPENSSL_NO_EC */
 #endif
diff --git a/include/openssl/core.h b/include/openssl/core.h
index e77c2ba22f..80ba32d9bf 100644
--- a/include/openssl/core.h
+++ b/include/openssl/core.h
@@ -107,18 +107,18 @@ struct ossl_param_st {
 # define OSSL_PARAM_REAL                 3
 /*-
  * OSSL_PARAM_UTF8_STRING
- * is a printable string.  Is expteced to be printed as it is.
+ * is a printable string.  It is expected to be printed as it is.
  */
 # define OSSL_PARAM_UTF8_STRING          4
 /*-
  * OSSL_PARAM_OCTET_STRING
- * is a string of bytes with no further specification.  Is expected to be
+ * is a string of bytes with no further specification.  It is expected to be
  * printed as a hexdump.
  */
 # define OSSL_PARAM_OCTET_STRING         5
 /*-
  * OSSL_PARAM_UTF8_PTR
- * is a pointer to a printable string.  Is expteced to be printed as it is.
+ * is a pointer to a printable string.  It is expected to be printed as it is.
  *
  * The difference between this and OSSL_PARAM_UTF8_STRING is that only pointers
  * are manipulated for this type.
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
index 7538d9ce93..bf6dd2e96f 100644
--- a/include/openssl/core_names.h
+++ b/include/openssl/core_names.h
@@ -269,6 +269,22 @@ extern "C" {
 #define OSSL_PKEY_PARAM_EC_PUB_X     "qx"
 #define OSSL_PKEY_PARAM_EC_PUB_Y     "qy"
 
+/* Elliptic Curve Explicit Domain Parameters */
+#define OSSL_PKEY_PARAM_EC_FIELD_TYPE     "field-type"
+#define OSSL_PKEY_PARAM_EC_P              "p"
+#define OSSL_PKEY_PARAM_EC_A              "a"
+#define OSSL_PKEY_PARAM_EC_B              "b"
+#define OSSL_PKEY_PARAM_EC_GENERATOR      "generator"
+#define OSSL_PKEY_PARAM_EC_ORDER          "order"
+#define OSSL_PKEY_PARAM_EC_COFACTOR       "cofactor"
+#define OSSL_PKEY_PARAM_EC_SEED           "seed"
+#define OSSL_PKEY_PARAM_EC_CHAR2_M        "m"
+#define OSSL_PKEY_PARAM_EC_CHAR2_TYPE     "basis-type"
+#define OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS "tp"
+#define OSSL_PKEY_PARAM_EC_CHAR2_PP_K1    "k1"
+#define OSSL_PKEY_PARAM_EC_CHAR2_PP_K2    "k2"
+#define OSSL_PKEY_PARAM_EC_CHAR2_PP_K3    "k3"
+
 /* Elliptic Curve Key Parameters */
 #define OSSL_PKEY_PARAM_USE_COFACTOR_FLAG "use-cofactor-flag"
 #define OSSL_PKEY_PARAM_USE_COFACTOR_ECDH \
@@ -352,6 +368,12 @@ extern "C" {
 #define OSSL_PKEY_PARAM_FFC_DIGEST       OSSL_PKEY_PARAM_DIGEST
 #define OSSL_PKEY_PARAM_FFC_DIGEST_PROPS OSSL_PKEY_PARAM_PROPERTIES
 
+#define OSSL_PKEY_PARAM_EC_ENCODING      "encoding" /* utf8_string */
+
+/* OSSL_PKEY_PARAM_EC_ENCODING values */
+#define OSSL_PKEY_EC_ENCODING_EXPLICIT  "explicit"
+#define OSSL_PKEY_EC_ENCODING_GROUP     "named_curve"
+
 /* Key Exchange parameters */
 #define OSSL_EXCHANGE_PARAM_PAD                   "pad" /* uint */
 #define OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE "ecdh-cofactor-mode" /* int */
diff --git a/include/openssl/ec.h b/include/openssl/ec.h
index 822e3e9b28..9db898cfed 100644
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@@ -47,6 +47,7 @@ typedef enum {
     POINT_CONVERSION_HYBRID = 6
 } point_conversion_form_t;
 
+#  include <openssl/params.h>
 #  ifndef OPENSSL_NO_DEPRECATED_3_0
 typedef struct ec_method_st EC_METHOD;
 #  endif
@@ -379,6 +380,19 @@ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
                                   const BIGNUM *b, BN_CTX *ctx);
 #  endif
 
+/**
+ * Creates a EC_GROUP object with a curve specified by parameters.
+ * The parameters may be explicit or a named curve,
+ *  \param  params A list of parameters describing the group.
+ *  \param  libctx The associated library context or NULL for the default
+ *                 context
+ *  \param  propq  A property query string
+ *  \return newly created EC_GROUP object with specified parameters or NULL
+ *          if an error occurred
+ */
+EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[],
+                                   OPENSSL_CTX *libctx, const char *propq);
+
 /**
  * Creates a EC_GROUP object with a curve specified by a NID
  *  \param  libctx The associated library context or NULL for the default
diff --git a/include/openssl/ecerr.h b/include/openssl/ecerr.h
index b12e222510..bbed2b4b7c 100644
--- a/include/openssl/ecerr.h
+++ b/include/openssl/ecerr.h
@@ -243,7 +243,10 @@ int ERR_load_EC_strings(void);
 #  define EC_R_GROUP2PKPARAMETERS_FAILURE                  120
 #  define EC_R_I2D_ECPKPARAMETERS_FAILURE                  121
 #  define EC_R_INCOMPATIBLE_OBJECTS                        101
+#  define EC_R_INVALID_A                                   168
 #  define EC_R_INVALID_ARGUMENT                            112
+#  define EC_R_INVALID_B                                   169
+#  define EC_R_INVALID_COFACTOR                            171
 #  define EC_R_INVALID_COMPRESSED_POINT                    110
 #  define EC_R_INVALID_COMPRESSION_BIT                     109
 #  define EC_R_INVALID_CURVE                               141
@@ -252,12 +255,16 @@ int ERR_load_EC_strings(void);
 #  define EC_R_INVALID_ENCODING                            102
 #  define EC_R_INVALID_FIELD                               103
 #  define EC_R_INVALID_FORM                                104
+#  define EC_R_INVALID_GENERATOR                           173
 #  define EC_R_INVALID_GROUP_ORDER                         122
 #  define EC_R_INVALID_KEY                                 116
+#  define EC_R_INVALID_NAMED_GROUP_CONVERSION              174
 #  define EC_R_INVALID_OUTPUT_LENGTH                       161
+#  define EC_R_INVALID_P                                   172
 #  define EC_R_INVALID_PEER_KEY                            133
 #  define EC_R_INVALID_PENTANOMIAL_BASIS                   132
 #  define EC_R_INVALID_PRIVATE_KEY                         123
+#  define EC_R_INVALID_SEED                                175
 #  define EC_R_INVALID_TRINOMIAL_BASIS                     137
 #  define EC_R_KDF_PARAMETER_ERROR                         148
 #  define EC_R_KEYS_NOT_SET                                140
diff --git a/providers/implementations/encode_decode/encoder_ec.c b/providers/implementations/encode_decode/encoder_ec.c
index 8c256fe448..ee64e2f802 100644
--- a/providers/implementations/encode_decode/encoder_ec.c
+++ b/providers/implementations/encode_decode/encoder_ec.c
@@ -23,22 +23,134 @@ void ec_get_new_free_import(OSSL_FUNC_keymgmt_new_fn **ec_new,
     *ec_import = ossl_prov_get_keymgmt_import(ec_keymgmt_functions);
 }
 
-static int ossl_prov_print_ec_param(BIO *out, const EC_GROUP *group)
+static int ossl_prov_print_ec_param_explicit_curve(BIO *out,
+                                                   const EC_GROUP *group,
+                                                   BN_CTX *ctx)
 {
-    const char *curve_name;
-    int curve_nid = EC_GROUP_get_curve_name(group);
+    const char *plabel = "Prime:";
+    BIGNUM *p = NULL, *a = NULL, *b = NULL;
 
-    /* TODO(3.0): Explicit parameters are currently not supported */
-    if (curve_nid == NID_undef)
+    p = BN_CTX_get(ctx);
+    a = BN_CTX_get(ctx);
+    b = BN_CTX_get(ctx);
+    if (b == NULL
+        || !EC_GROUP_get_curve(group, p, a, b, ctx))
         return 0;
 
-    if (BIO_printf(out, "%s: %s\n", "ASN1 OID", OBJ_nid2sn(curve_nid)) <= 0)
+    if (EC_GROUP_get_field_type(group) == NID_X9_62_characteristic_two_field) {
+        int basis_type = EC_GROUP_get_basis_type(group);
+
+        /* print the 'short name' of the base type OID */
+        if (basis_type == NID_undef
+            || BIO_printf(out, "Basis Type: %s\n", OBJ_nid2sn(basis_type)) <= 0)
+            return 0;
+        plabel = "Polynomial:";
+    }
+    return ossl_prov_print_labeled_bignum(out, plabel, p)
+           && ossl_prov_print_labeled_bignum(out, "A:   ", a)
+           && ossl_prov_print_labeled_bignum(out, "B:   ", b);
+}
+
+static int ossl_prov_print_ec_param_explicit_gen(BIO *out,
+                                                 const EC_GROUP *group,
+                                                 BN_CTX *ctx)
+{
+    const EC_POINT *point = NULL;
+    BIGNUM *gen = NULL;
+    const char *glabel = NULL;
+    point_conversion_form_t form;
+
+    form = EC_GROUP_get_point_conversion_form(group);
+    point = EC_GROUP_get0_generator(group);
+    gen = BN_CTX_get(ctx);
+
+    if (gen == NULL
+        || point == NULL
+        || EC_POINT_point2bn(group, point, form, gen, ctx) == NULL)
+        return 0;
+
+    if (gen != NULL) {
+        switch (form) {
+        case POINT_CONVERSION_COMPRESSED:
+           glabel = "Generator (compressed):";
+           break;
+        case POINT_CONVERSION_UNCOMPRESSED:
+            glabel = "Generator (uncompressed):";
+            break;
+        case POINT_CONVERSION_HYBRID:
+            glabel = "Generator (hybrid):";
+            break;
+        default:
+            return 0;
+        }
+        return ossl_prov_print_labeled_bignum(out, glabel, gen);
+    }
+    return 1;
+}
+
+/* Print explicit parameters */
+static int ossl_prov_print_ec_param_explicit(BIO *out, const EC_GROUP *group,
+                                             OPENSSL_CTX *libctx)
+{
+    int ret = 0, tmp_nid;
+    BN_CTX *ctx = NULL;
+    const BIGNUM *order = NULL, *cofactor = NULL;
+    const unsigned char *seed;
+    size_t seed_len = 0;
+
+    ctx = BN_CTX_new_ex(libctx);
+    if (ctx == NULL)
         return 0;
+    BN_CTX_start(ctx);
+
+    tmp_nid = EC_GROUP_get_field_type(group);
+    order = EC_GROUP_get0_order(group);
+    if (order == NULL)
+        goto err;
+
+    seed = EC_GROUP_get0_seed(group);
+    if (seed != NULL)
+        seed_len = EC_GROUP_get_seed_len(group);
+    cofactor = EC_GROUP_get0_cofactor(group);
+
+    /* print the 'short name' of the field type */
+    if (BIO_printf(out, "Field Type: %s\n", OBJ_nid2sn(tmp_nid)) <= 0
+        || !ossl_prov_print_ec_param_explicit_curve(out, group, ctx)
+        || !ossl_prov_print_ec_param_explicit_gen(out, group, ctx)
+        || !ossl_prov_print_labeled_bignum(out, "Order: ", order)
+        || (cofactor != NULL
+            && !ossl_prov_print_labeled_bignum(out, "Cofactor: ", cofactor))
+        || (seed != NULL
+            && !ossl_prov_print_labeled_buf(out, "Seed:", seed, seed_len)))
+        goto err;
+    ret = 1;
+err:
+    BN_CTX_end(ctx);
+    BN_CTX_free(ctx);
+    return ret;
+}
+
+static int ossl_prov_print_ec_param(BIO *out, const EC_GROUP *group,
+                                    OPENSSL_CTX *libctx)
+{
+    if (EC_GROUP_get_asn1_flag(group) & OPENSSL_EC_NAMED_CURVE) {
+        const char *curve_name;
+        int curve_nid = EC_GROUP_get_curve_name(group);
 
-    /* TODO(3.0): Only named curves are currently supported */
-    curve_name = EC_curve_nid2nist(curve_nid);
-    return (curve_name == NULL
-            || BIO_printf(out, "%s: %s\n", "NIST CURVE", curve_name) > 0);
+        /* Explicit parameters */
+        if (curve_nid == NID_undef)
+            return 0;
+
+        if (BIO_printf(out, "%s: %s\n", "ASN1 OID", OBJ_nid2sn(curve_nid)) <= 0)
+            return 0;
+
+        /* TODO(3.0): Only named curves are currently supported */
+        curve_name = EC_curve_nid2nist(curve_nid);
+        return (curve_name == NULL
+                || BIO_printf(out, "%s: %s\n", "NIST CURVE", curve_name) > 0);
+    } else {
+        return ossl_prov_print_ec_param_explicit(out, group, libctx);
+    }
 }
 
 int ossl_prov_print_eckey(BIO *out, EC_KEY *eckey, enum ec_print_type type)
@@ -94,7 +206,7 @@ int ossl_prov_print_eckey(BIO *out, EC_KEY *eckey, enum ec_print_type type)
     if (pub != NULL
         && !ossl_prov_print_labeled_buf(out, "pub:", pub, pub_len))
         goto err;
-    ret = ossl_prov_print_ec_param(out, group);
+    ret = ossl_prov_print_ec_param(out, group, ec_key_get_libctx(eckey));
 err:
     OPENSSL_clear_free(priv, priv_len);
     OPENSSL_free(pub);
@@ -104,32 +216,60 @@ null_err:
     goto err;
 }
 
-int ossl_prov_prepare_ec_params(const void *eckey, int nid,
-                                void **pstr, int *pstrtype)
+static int ossl_prov_prepare_ec_explicit_params(const void *eckey,
+                                                void **pstr, int *pstrtype)
 {
-    int curve_nid;
-    const EC_GROUP *group = EC_KEY_get0_group(eckey);
-    ASN1_OBJECT *params;
+    ASN1_STRING *params = ASN1_STRING_new();
 
-    if (group == NULL
-        || ((curve_nid = EC_GROUP_get_curve_name(group)) == NID_undef)
-        || ((params = OBJ_nid2obj(curve_nid)) == NULL)) {
-        /* TODO(3.0): Explicit curves are not supported */
+    if (params == NULL) {
+        ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
         return 0;
     }
 
-    if (OBJ_length(params) == 0) {
-        /* Some curves might not have an associated OID */
-        ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_OID);
-        ASN1_OBJECT_free(params);
+    params->length = i2d_ECParameters(eckey, &params->data);
+    if (params->length <= 0) {
+        ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+        ASN1_STRING_free(params);
         return 0;
     }
 
+    *pstrtype = V_ASN1_SEQUENCE;
     *pstr = params;
-    *pstrtype = V_ASN1_OBJECT;
     return 1;
 }
 
+int ossl_prov_prepare_ec_params(const void *eckey, int nid,
+                                void **pstr, int *pstrtype)
+{
+    int curve_nid;
+    const EC_GROUP *group = EC_KEY_get0_group(eckey);
+    ASN1_OBJECT *params = NULL;
+
+    if (group == NULL)
+        return 0;
+    curve_nid = EC_GROUP_get_curve_name(group);
+    if (curve_nid != NID_undef) {
+        params = OBJ_nid2obj(curve_nid);
+        if (params == NULL)
+            return 0;
+    }
+
+    if (curve_nid != NID_undef
+        && (EC_GROUP_get_asn1_flag(group) & OPENSSL_EC_NAMED_CURVE)) {
+        if (OBJ_length(params) == 0) {
+            /* Some curves might not have an associated OID */
+            ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_OID);
+            ASN1_OBJECT_free(params);
+            return 0;
+        }
+        *pstr = params;
+        *pstrtype = V_ASN1_OBJECT;
+        return 1;
+    } else {
+        return ossl_prov_prepare_ec_explicit_params(eckey, pstr, pstrtype);
+    }
+}
+
 int ossl_prov_ec_pub_to_der(const void *eckey, unsigned char **pder)
 {
     return i2o_ECPublicKey(eckey, pder);
diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c
index 7fa23b1a6c..cb5e2291da 100644
--- a/providers/implementations/keymgmt/ec_kmgmt.c
+++ b/providers/implementations/keymgmt/ec_kmgmt.c
@@ -13,6 +13,8 @@
  */
 #include "internal/deprecated.h"
 
+#include "e_os.h" /* strcasecmp */
+#include <string.h>
 #include <openssl/core_dispatch.h>
 #include <openssl/core_names.h>
 #include <openssl/bn.h>
@@ -64,41 +66,6 @@ const char *ec_query_operation_name(int operation_id)
     return NULL;
 }
 
-static ossl_inline
-int domparams_to_params(const EC_KEY *ec, OSSL_PARAM_BLD *tmpl,
-                        OSSL_PARAM params[])
-{
-    const EC_GROUP *ecg;
-    int curve_nid;
-
-    if (ec == NULL)
-        return 0;
-
-    ecg = EC_KEY_get0_group(ec);
-    if (ecg == NULL)
-        return 0;
-
-    curve_nid = EC_GROUP_get_curve_name(ecg);
-
-    if (curve_nid == NID_undef) {
-        /* TODO(3.0): should we support explicit parameters curves? */
-        return 0;
-    } else {
-        /* named curve */
-        const char *curve_name = NULL;
-
-        if ((curve_name = ec_curve_nid2name(curve_nid)) == NULL)
-            return 0;
-        if (!ossl_param_build_set_utf8_string(tmpl, params,
-                                              OSSL_PKEY_PARAM_GROUP_NAME,
-                                              curve_name))
-
-            return 0;
-    }
-
-    return 1;
-}
-
 /*
  * Callers of key_to_params MUST make sure that domparams_to_params is also
  * called!
@@ -319,7 +286,7 @@ int ec_import(void *keydata, int selection, const OSSL_PARAM params[])
     /*
      * In this implementation, we can export/import only keydata in the
      * following combinations:
-     *   - domain parameters only
+     *   - domain parameters (+optional other params)
      *   - public key with associated domain parameters (+optional other params)
      *   - private key with associated public key and domain parameters
      *         (+optional other params)
@@ -327,19 +294,16 @@ int ec_import(void *keydata, int selection, const OSSL_PARAM params[])
      * This means:
      *   - domain parameters must always be requested
      *   - private key must be requested alongside public key
-     *   - other parameters must be requested only alongside a key
+     *   - other parameters are always optional
      */
     if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) == 0)
         return 0;
     if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0
             && (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) == 0)
         return 0;
-    if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0
-            && (selection & OSSL_KEYMGMT_SELECT_KEYPAIR) == 0)
-        return 0;
 
     if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0)
-        ok = ok && ec_key_domparams_fromdata(ec, params);
+        ok = ok && ec_group_fromdata(ec, params);
     if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) {
         int include_private =
             selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0;
@@ -359,7 +323,8 @@ int ec_export(void *keydata, int selection, OSSL_CALLBACK *param_cb,
     EC_KEY *ec = keydata;
     OSSL_PARAM_BLD *tmpl;
     OSSL_PARAM *params = NULL;
-    unsigned char *pub_key = NULL;
+    unsigned char *pub_key = NULL, *genbuf = NULL;
+    BN_CTX *bnctx = NULL;
     int ok = 1;
 
     if (ec == NULL)
@@ -368,7 +333,7 @@ int ec_export(void *keydata, int selection, OSSL_CALLBACK *param_cb,
     /*
      * In this implementation, we can export/import only keydata in the
      * following combinations:
-     *   - domain parameters only
+     *   - domain parameters (+optional other params)
      *   - public key with associated domain parameters (+optional other params)
      *   - private key with associated public key and domain parameters
      *         (+optional other params)
@@ -376,7 +341,7 @@ int ec_export(void *keydata, int selection, OSSL_CALLBACK *param_cb,
      * This means:
      *   - domain parameters must always be requested
      *   - private key must be requested alongside public key
-     *   - other parameters must be requested only alongside a key
+     *   - other parameters are always optional
      */
     if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) == 0)
         return 0;
@@ -391,8 +356,14 @@ int ec_export(void *keydata, int selection, OSSL_CALLBACK *param_cb,
     if (tmpl == NULL)
         return 0;
 
-    if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0)
-        ok = ok && domparams_to_params(ec, tmpl, NULL);
+    if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) {
+        bnctx = BN_CTX_new_ex(ec_key_get_libctx(ec));
+        BN_CTX_start(bnctx);
+        ok = ok && (bnctx != NULL);
+        ok = ok && ec_group_todata(EC_KEY_get0_group(ec), tmpl, NULL,
+                                   ec_key_get_libctx(ec), ec_key_get0_propq(ec),
+                                   bnctx, &genbuf);
+    }
 
     if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) {
         int include_private =
@@ -409,18 +380,31 @@ int ec_export(void *keydata, int selection, OSSL_CALLBACK *param_cb,
     OSSL_PARAM_BLD_free_params(params);
     OSSL_PARAM_BLD_free(tmpl);
     OPENSSL_free(pub_key);
+    OPENSSL_free(genbuf);
+    BN_CTX_end(bnctx);
+    BN_CTX_free(bnctx);
     return ok;
 }
 
 /* IMEXPORT = IMPORT + EXPORT */
 
-# define EC_IMEXPORTABLE_DOM_PARAMETERS                          \
-    OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, NULL, 0)
-# define EC_IMEXPORTABLE_PUBLIC_KEY                              \
+# define EC_IMEXPORTABLE_DOM_PARAMETERS                                        \
+    OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, NULL, 0),               \
+    OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_EC_ENCODING, NULL, 0),              \
+    OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_EC_FIELD_TYPE, NULL, 0),            \
+    OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_P, NULL, 0),                              \
+    OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_A, NULL, 0),                              \
+    OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_B, NULL, 0),                              \
+    OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_EC_GENERATOR, NULL, 0),            \
+    OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_ORDER, NULL, 0),                          \
+    OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_COFACTOR, NULL, 0),                       \
+    OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_EC_SEED, NULL, 0)
+
+# define EC_IMEXPORTABLE_PUBLIC_KEY                                            \
     OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY, NULL, 0)
-# define EC_IMEXPORTABLE_PRIVATE_KEY                             \
+# define EC_IMEXPORTABLE_PRIVATE_KEY                                           \
     OSSL_PARAM_BN(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0)
-# define EC_IMEXPORTABLE_OTHER_PARAMETERS                        \
+# define EC_IMEXPORTABLE_OTHER_PARAMETERS                                      \
     OSSL_PARAM_int(OSSL_PKEY_PARAM_USE_COFACTOR_ECDH, NULL)
 
 /*
@@ -465,19 +449,81 @@ const OSSL_PARAM *ec_export_types(int selection)
     return ec_imexport_types(selection);
 }
 
+static int ec_get_ecm_params(const EC_GROUP *group, OSSL_PARAM params[])
+{
+#ifdef OPENSSL_NO_EC2M
+    return 1;
+#else
+    int ret = 0, m;
+    unsigned int k1 = 0, k2 = 0, k3 = 0;
+    int basis_nid;
+    const char *basis_name = NULL;
+    int fid = EC_GROUP_get_field_type(group);
+
+    if (fid != NID_X9_62_characteristic_two_field)
+        return 1;
+
+    basis_nid = EC_GROUP_get_basis_type(group);
+    if (basis_nid == NID_X9_62_tpBasis)
+        basis_name = SN_X9_62_tpBasis;
+    else if (basis_nid == NID_X9_62_ppBasis)
+        basis_name = SN_X9_62_ppBasis;
+    else
+        goto err;
+
+    m = EC_GROUP_get_degree(group);
+    if (!ossl_param_build_set_int(NULL, params, OSSL_PKEY_PARAM_EC_CHAR2_M, m)
+        || !ossl_param_build_set_utf8_string(NULL, params,
+                                             OSSL_PKEY_PARAM_EC_CHAR2_TYPE,
+                                             basis_name))
+        goto err;
+
+    if (basis_nid == NID_X9_62_tpBasis) {
+        if (!EC_GROUP_get_trinomial_basis(group, &k1)
+            || !ossl_param_build_set_int(NULL, params,
+                                         OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS,
+                                         (int)k1))
+            goto err;
+    } else {
+        if (!EC_GROUP_get_pentanomial_basis(group, &k1, &k2, &k3)
+            || !ossl_param_build_set_int(NULL, params,
+                                         OSSL_PKEY_PARAM_EC_CHAR2_PP_K1, (int)k1)
+            || !ossl_param_build_set_int(NULL, params,
+                                         OSSL_PKEY_PARAM_EC_CHAR2_PP_K2, (int)k2)
+            || !ossl_param_build_set_int(NULL, params,
+                                         OSSL_PKEY_PARAM_EC_CHAR2_PP_K3, (int)k3))
+            goto err;
+    }
+    ret = 1;
+err:
+    return ret;
+#endif /* OPENSSL_NO_EC2M */
+}
+
 static
 int ec_get_params(void *key, OSSL_PARAM params[])
 {
-    int ret;
+    int ret = 0;
     EC_KEY *eck = key;
     const EC_GROUP *ecg = NULL;
     OSSL_PARAM *p;
-    unsigned char *pub_key = NULL;
+    unsigned char *pub_key = NULL, *genbuf = NULL;
+    OPENSSL_CTX *libctx;
+    const char *propq;
+    BN_CTX *bnctx = NULL;
 
     ecg = EC_KEY_get0_group(eck);
     if (ecg == NULL)
         return 0;
 
+    libctx = ec_key_get_libctx(eck);
+    propq = ec_key_get0_propq(eck);
+
+    bnctx = BN_CTX_new_ex(libctx);
+    if (bnctx == NULL)
+        return 0;
+    BN_CTX_start(bnctx);
+
     if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_MAX_SIZE)) != NULL
         && !OSSL_PARAM_set_int(p, ECDSA_size(eck)))
         return 0;
@@ -537,32 +583,45 @@ int ec_get_params(void *key, OSSL_PARAM params[])
             return 0;
     }
     if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT)) != NULL) {
-        BN_CTX *ctx = BN_CTX_new_ex(ec_key_get_libctx(key));
-
-        if (ctx == NULL)
-            return 0;
         p->return_size = EC_POINT_point2oct(EC_KEY_get0_group(key),
                                             EC_KEY_get0_public_key(key),
                                             POINT_CONVERSION_UNCOMPRESSED,
-                                            p->data, p->return_size, ctx);
-        BN_CTX_free(ctx);
+                                            p->data, p->return_size, bnctx);
         if (p->return_size == 0)
-            return 0;
+            goto err;
     }
 
-    ret = domparams_to_params(eck, NULL, params)
+    ret = ec_get_ecm_params(ecg, params)
+          && ec_group_todata(ecg, NULL, params, libctx, propq, bnctx, &genbuf)
           && key_to_params(eck, NULL, params, 1, &pub_key)
           && otherparams_to_params(eck, NULL, params);
+err:
+    OPENSSL_free(genbuf);
     OPENSSL_free(pub_key);
+    BN_CTX_end(bnctx);
+    BN_CTX_free(bnctx);
     return ret;
 }
 
+#ifndef OPENSSL_NO_EC2M
+# define EC2M_GETTABLE_DOM_PARAMS                                              \
+        OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_CHAR2_M, NULL),                      \
+        OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_EC_CHAR2_TYPE, NULL, 0),        \
+        OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS, NULL),               \
+        OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_CHAR2_PP_K1, NULL),                  \
+        OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_CHAR2_PP_K2, NULL),                  \
+        OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_CHAR2_PP_K3, NULL),
+#else
+# define EC2M_GETTABLE_DOM_PARAMS
+#endif
+
 static const OSSL_PARAM ec_known_gettable_params[] = {
     OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL),
     OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL),
     OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL),
     OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0),
     EC_IMEXPORTABLE_DOM_PARAMETERS,
+    EC2M_GETTABLE_DOM_PARAMS
     EC_IMEXPORTABLE_PUBLIC_KEY,
     OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_EC_PUB_X, NULL, 0),
     OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_EC_PUB_Y, NULL, 0),
@@ -643,9 +702,15 @@ int ec_validate(void *keydata, int selection)
 
 struct ec_gen_ctx {
     OPENSSL_CTX *libctx;
-    EC_GROUP *gen_group;
+    char *group_name;
+    char *encoding;
+    char *field_type;
+    BIGNUM *p, *a, *b, *order, *cofactor;
+    unsigned char *gen, *seed;
+    size_t gen_len, seed_len;
     int selection;
     int ecdh_mode;
+    EC_GROUP *gen_group;
 };
 
 static void *ec_gen_init(void *provctx, int selection)
@@ -658,19 +723,18 @@ static void *ec_gen_init(void *provctx, int selection)
 
     if ((gctx = OPENSSL_zalloc(sizeof(*gctx))) != NULL) {
         gctx->libctx = libctx;
-        gctx->gen_group = NULL;
         gctx->selection = selection;
         gctx->ecdh_mode = 0;
     }
     return gctx;
 }
 
-static int ec_gen_set_group(void *genctx, int nid)
+static int ec_gen_set_group(void *genctx, const EC_GROUP *src)
 {
     struct ec_gen_ctx *gctx = genctx;
     EC_GROUP *group;
 
-    group = EC_GROUP_new_by_curve_name_with_libctx(gctx->libctx, NULL, nid);
+    group = EC_GROUP_dup(src);
     if (group == NULL) {
         ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_CURVE);
         return 0;
@@ -679,6 +743,7 @@ static int ec_gen_set_group(void *genctx, int nid)
     gctx->gen_group = group;
     return 1;
 }
+
 static int ec_gen_set_template(void *genctx, void *templ)
 {
     struct ec_gen_ctx *gctx = genctx;
@@ -689,48 +754,144 @@ static int ec_gen_set_template(void *genctx, void *templ)
         return 0;
     if ((ec_group = EC_KEY_get0_group(ec)) == NULL)
         return 0;
-    return ec_gen_set_group(gctx, EC_GROUP_get_curve_name(ec_group));
+    return ec_gen_set_group(gctx, ec_group);
+}
+
+#define COPY_INT_PARAM(params, key, val)                                       \
+p = OSSL_PARAM_locate_const(params, key);                                      \
+if (p != NULL && !OSSL_PARAM_get_int(p, &val))                                 \
+    goto err;
+
+#define COPY_UTF8_PARAM(params, key, val)                                      \
+p = OSSL_PARAM_locate_const(params, key);                                      \
+if (p != NULL) {                                                               \
+    if (p->data_type != OSSL_PARAM_UTF8_STRING)                                \
+        goto err;                                                              \
+    OPENSSL_free(val);                                                         \
+    val = OPENSSL_strdup(p->data);                                             \
+    if (val == NULL)                                                           \
+        goto err;                                                              \
+}
+
+#define COPY_OCTET_PARAM(params, key, val, len)                                \
+p = OSSL_PARAM_locate_const(params, key);                                      \
+if (p != NULL) {                                                               \
+    if (p->data_type != OSSL_PARAM_OCTET_STRING)                               \
+        goto err;                                                              \
+    OPENSSL_free(val);                                                         \
+    len = p->data_size;                                                        \
+    val = OPENSSL_memdup(p->data, p->data_size);                               \
+    if (val == NULL)                                                           \
+        goto err;                                                              \
+}
+
+#define COPY_BN_PARAM(params, key, bn)                                         \
+p = OSSL_PARAM_locate_const(params, key);                                      \
+if (p != NULL) {                                                               \
+    if (bn == NULL)                                                            \
+        bn = BN_new();                                                         \
+    if (bn == NULL || !OSSL_PARAM_get_BN(p, &bn))                              \
+        goto err;                                                              \
 }
 
 static int ec_gen_set_params(void *genctx, const OSSL_PARAM params[])
 {
+    int ret = 0;
     struct ec_gen_ctx *gctx = genctx;
     const OSSL_PARAM *p;
+    EC_GROUP *group = NULL;
 
-    if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_USE_COFACTOR_ECDH))
-        != NULL) {
-        if (!OSSL_PARAM_get_int(p, &gctx->ecdh_mode))
-            return 0;
-    }
-    if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_GROUP_NAME))
-        != NULL) {
-        const char *curve_name = NULL;
-        int ret = 0;
-
-        switch (p->data_type) {
-        case OSSL_PARAM_UTF8_STRING:
-            /* The OSSL_PARAM functions have no support for this */
-            curve_name = p->data;
-            ret = (curve_name != NULL);
-            break;
-        case OSSL_PARAM_UTF8_PTR:
-            ret = OSSL_PARAM_get_utf8_ptr(p, &curve_name);
-            break;
-        }
+    COPY_INT_PARAM(params, OSSL_PKEY_PARAM_USE_COFACTOR_ECDH, gctx->ecdh_mode);
 
-        if (ret) {
-            int nid = ec_curve_name2nid(curve_name);
+    COPY_UTF8_PARAM(params, OSSL_PKEY_PARAM_GROUP_NAME, gctx->group_name);
+    COPY_UTF8_PARAM(params, OSSL_PKEY_PARAM_EC_FIELD_TYPE, gctx->field_type);
+    COPY_UTF8_PARAM(params, OSSL_PKEY_PARAM_EC_ENCODING, gctx->encoding);
 
-            if (nid == NID_undef) {
-                ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_CURVE);
-                ret = 0;
-            } else {
-                ret = ec_gen_set_group(gctx, nid);
-            }
-        }
-        return ret;
+    COPY_BN_PARAM(params, OSSL_PKEY_PARAM_EC_P, gctx->p);
+    COPY_BN_PARAM(params, OSSL_PKEY_PARAM_EC_A, gctx->a);
+    COPY_BN_PARAM(params, OSSL_PKEY_PARAM_EC_B, gctx->b);
+    COPY_BN_PARAM(params, OSSL_PKEY_PARAM_EC_ORDER, gctx->order);
+    COPY_BN_PARAM(params, OSSL_PKEY_PARAM_EC_COFACTOR, gctx->cofactor);
+
+    COPY_OCTET_PARAM(params, OSSL_PKEY_PARAM_EC_SEED, gctx->seed, gctx->seed_len);
+    COPY_OCTET_PARAM(params, OSSL_PKEY_PARAM_EC_GENERATOR, gctx->gen,
+                     gctx->gen_len);
+
+    ret = 1;
+err:
+    EC_GROUP_free(group);
+    return ret;
+}
+
+static int ec_gen_set_group_from_params(struct ec_gen_ctx *gctx)
+{
+    int ret = 0;
+    OSSL_PARAM_BLD *bld;
+    OSSL_PARAM *params = NULL;
+    EC_GROUP *group = NULL;
+
+    bld = OSSL_PARAM_BLD_new();
+    if (bld == NULL)
+        return 0;
+
+    if (gctx->encoding != NULL
+        && !OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_EC_ENCODING,
+                                            gctx->encoding, 0))
+        goto err;
+
+    if (gctx->group_name != NULL) {
+        if (!OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME,
+                                             gctx->group_name, 0))
+            goto err;
+        /* Ignore any other parameters if there is a group name */
+        goto build;
+    } else if (gctx->field_type != NULL) {
+        if (!OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_EC_FIELD_TYPE,
+                                             gctx->field_type, 0))
+            goto err;
+    } else {
+        goto err;
     }
-    return 1;
+    if (gctx->p == NULL
+        || gctx->a == NULL
+        || gctx->b == NULL
+        || gctx->order == NULL
+        || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, gctx->p)
+        || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, gctx->a)
+        || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, gctx->b)
+        || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_ORDER, gctx->order))
+        goto err;
+
+    if (gctx->cofactor != NULL
+        && !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
+                                   gctx->cofactor))
+        goto err;
+
+    if (gctx->seed != NULL
+        && !OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_EC_SEED,
+                                             gctx->seed, gctx->seed_len))
+        goto err;
+
+    if (gctx->gen == NULL
+        || !OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_EC_GENERATOR,
+                                             gctx->gen, gctx->gen_len))
+        goto err;
+build:
+    params = OSSL_PARAM_BLD_to_param(bld);
+    if (params == NULL)
+        goto err;
+    group = EC_GROUP_new_from_params(params, gctx->libctx, NULL);
+    if (group == NULL)
+        goto err;
+
+    EC_GROUP_free(gctx->gen_group);
+    gctx->gen_group = group;
+
+    ret = 1;
+err:
+    OSSL_PARAM_BLD_free_params(params);
+    OSSL_PARAM_BLD_free(bld);
+    return ret;
 }
 
 static const OSSL_PARAM *ec_gen_settable_params(void *provctx)
@@ -738,6 +899,15 @@ static const OSSL_PARAM *ec_gen_settable_params(void *provctx)
     static OSSL_PARAM settable[] = {
         OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, NULL, 0),
         OSSL_PARAM_int(OSSL_PKEY_PARAM_USE_COFACTOR_ECDH, NULL),
+        OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_EC_ENCODING, NULL, 0),
+        OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_EC_FIELD_TYPE, NULL, 0),
+        OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_P, NULL, 0),
+        OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_A, NULL, 0),
+        OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_B, NULL, 0),
+        OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_EC_GENERATOR, NULL, 0),
+        OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_ORDER, NULL, 0),
+        OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_COFACTOR, NULL, 0),
+        OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_EC_SEED, NULL, 0),
         OSSL_PARAM_END
     };
 
@@ -760,14 +930,27 @@ static void *ec_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
 {
     struct ec_gen_ctx *gctx = genctx;
     EC_KEY *ec = NULL;
-    int ret = 1;                 /* Start optimistically */
+    int ret = 0;
 
     if (gctx == NULL
         || (ec = EC_KEY_new_with_libctx(gctx->libctx, NULL)) == NULL)
         return NULL;
 
+    if (gctx->gen_group == NULL) {
+        if (!ec_gen_set_group_from_params(gctx))
+            goto err;
+    } else {
+        if (gctx->encoding) {
+            int flags = ec_encoding_name2id(gctx->encoding);
+            if (flags < 0)
+                goto err;
+            EC_GROUP_set_asn1_flag(gctx->gen_group, flags);
+        }
+    }
+
     /* We must always assign a group, no matter what */
     ret = ec_gen_assign_group(ec, gctx->gen_group);
+
     /* Whether you want it or not, you get a keypair, not just one half */
     if ((gctx->selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
         ret = ret && EC_KEY_generate_key(ec);
@@ -777,7 +960,7 @@ static void *ec_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
 
     if (ret)
         return ec;
-
+err:
     /* Something went wrong, throw the key away */
     EC_KEY_free(ec);
     return NULL;
@@ -791,6 +974,16 @@ static void ec_gen_cleanup(void *genctx)
         return;
 
     EC_GROUP_free(gctx->gen_group);
+    BN_free(gctx->p);
+    BN_free(gctx->a);
+    BN_free(gctx->b);
+    BN_free(gctx->order);
+    BN_free(gctx->cofactor);
+    OPENSSL_free(gctx->group_name);
+    OPENSSL_free(gctx->field_type);;
+    OPENSSL_free(gctx->encoding);
+    OPENSSL_free(gctx->seed);
+    OPENSSL_free(gctx->gen);
     OPENSSL_free(gctx);
 }
 
diff --git a/test/ectest.c b/test/ectest.c
index 3678c42f71..9088fd166a 100644
--- a/test/ectest.c
+++ b/test/ectest.c
@@ -2340,6 +2340,225 @@ static int ec_point_hex2point_test(int id)
     return ret;
 }
 
+static int do_test_custom_explicit_fromdata(EC_GROUP *group, BN_CTX *ctx,
+                                            unsigned char *gen, int gen_size)
+{
+    int ret = 0, i_out;
+    EVP_PKEY_CTX *pctx = NULL;
+    EVP_PKEY *pkeyparam = NULL;
+    OSSL_PARAM_BLD *bld = NULL;
+    const char *field_name;
+    OSSL_PARAM *params = NULL;
+    const OSSL_PARAM *gettable;
+    BIGNUM *p, *a, *b;
+    BIGNUM *p_out = NULL, *a_out = NULL, *b_out = NULL;
+    BIGNUM *order_out = NULL, *cofactor_out = NULL;
+    char name[80];
+    unsigned char buf[1024];
+    size_t buf_len, name_len;
+#ifndef OPENSSL_NO_EC2M
+    unsigned int k1 = 0, k2 = 0, k3 = 0;
+    const char *basis_name = NULL;
+#endif
+
+    p = BN_CTX_get(ctx);
+    a = BN_CTX_get(ctx);
+    b = BN_CTX_get(ctx);
+
+    if (!TEST_ptr(b)
+        || !TEST_ptr(bld = OSSL_PARAM_BLD_new()))
+        goto err;
+
+    if (EC_GROUP_get_field_type(group) == NID_X9_62_prime_field) {
+        field_name = SN_X9_62_prime_field;
+    } else {
+        field_name = SN_X9_62_characteristic_two_field;
+#ifndef OPENSSL_NO_EC2M
+        if (EC_GROUP_get_basis_type(group) == NID_X9_62_tpBasis) {
+            basis_name = SN_X9_62_tpBasis;
+            if (!TEST_true(EC_GROUP_get_trinomial_basis(group, &k1)))
+                goto err;
+        } else {
+            basis_name = SN_X9_62_ppBasis;
+            if (!TEST_true(EC_GROUP_get_pentanomial_basis(group, &k1, &k2, &k3)))
+                goto err;
+        }
+#endif /* OPENSSL_NO_EC2M */
+    }
+    if (!TEST_true(EC_GROUP_get_curve(group, p, a, b, ctx))
+        || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
+                          OSSL_PKEY_PARAM_EC_FIELD_TYPE, field_name, 0))
+        || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, p))
+        || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
+        || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b)))
+        goto err;
+
+    if (EC_GROUP_get0_seed(group) != NULL) {
+        if (!TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
+                           OSSL_PKEY_PARAM_EC_SEED, EC_GROUP_get0_seed(group),
+                           EC_GROUP_get_seed_len(group))))
+            goto err;
+    }
+    if (EC_GROUP_get0_cofactor(group) != NULL) {
+        if (!TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
+                                              EC_GROUP_get0_cofactor(group))))
+            goto err;
+    }
+
+    if (!TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
+                       OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_size))
+        || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_ORDER,
+                                             EC_GROUP_get0_order(group))))
+        goto err;
+
+    if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))
+        || !TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL))
+        || !TEST_int_gt(EVP_PKEY_param_fromdata_init(pctx), 0)
+        || !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkeyparam, params), 0))
+        goto err;
+
+    /*- Check that all the set values are retrievable -*/
+
+    /* There should be no match to a group name since the generator changed */
+    if (!TEST_false(EVP_PKEY_get_utf8_string_param(pkeyparam,
+                        OSSL_PKEY_PARAM_GROUP_NAME, name, sizeof(name),
+                        &name_len)))
+        goto err;
+
+    /* The encoding should be explicit as it has no group */
+    if (!TEST_true(EVP_PKEY_get_utf8_string_param(pkeyparam,
+                       OSSL_PKEY_PARAM_EC_ENCODING,
+                       name, sizeof(name), &name_len))
+        || !TEST_str_eq(name, OSSL_PKEY_EC_ENCODING_EXPLICIT))
+        goto err;
+
+    if (!TEST_true(EVP_PKEY_get_utf8_string_param(pkeyparam,
+                       OSSL_PKEY_PARAM_EC_FIELD_TYPE, name, sizeof(name),
+                       &name_len))
+        || !TEST_str_eq(name, field_name))
+        goto err;
+
+    if (!TEST_true(EVP_PKEY_get_octet_string_param(pkeyparam,
+                       OSSL_PKEY_PARAM_EC_GENERATOR, buf, sizeof(buf), &buf_len))
+        || !TEST_mem_eq(buf, (int)buf_len, gen, gen_size))
+        goto err;
+
+    if (!TEST_true(EVP_PKEY_get_bn_param(pkeyparam, OSSL_PKEY_PARAM_EC_P, &p_out))
+        || !TEST_BN_eq(p_out, p)
+        || !TEST_true(EVP_PKEY_get_bn_param(pkeyparam, OSSL_PKEY_PARAM_EC_A,
+                                            &a_out))
+        || !TEST_BN_eq(a_out, a)
+        || !TEST_true(EVP_PKEY_get_bn_param(pkeyparam, OSSL_PKEY_PARAM_EC_B,
+                                            &b_out))
+        || !TEST_BN_eq(b_out, b)
+        || !TEST_true(EVP_PKEY_get_bn_param(pkeyparam, OSSL_PKEY_PARAM_EC_ORDER,
+                                            &order_out))
+        || !TEST_BN_eq(order_out, EC_GROUP_get0_order(group)))
+        goto err;
+
+    if (EC_GROUP_get0_cofactor(group) != NULL) {
+        if (!TEST_true(EVP_PKEY_get_bn_param(pkeyparam,
+                           OSSL_PKEY_PARAM_EC_COFACTOR, &cofactor_out))
+            || !TEST_BN_eq(cofactor_out, EC_GROUP_get0_cofactor(group)))
+            goto err;
+    }
+    if (EC_GROUP_get0_seed(group) != NULL) {
+        if (!TEST_true(EVP_PKEY_get_octet_string_param(pkeyparam,
+                           OSSL_PKEY_PARAM_EC_SEED, buf, sizeof(buf), &buf_len))
+            || !TEST_mem_eq(buf, buf_len, EC_GROUP_get0_seed(group),
+                            EC_GROUP_get_seed_len(group)))
+            goto err;
+    }
+
+    if (EC_GROUP_get_field_type(group) == NID_X9_62_prime_field) {
+        /* No extra fields should be set for a prime field */
+        if (!TEST_false(EVP_PKEY_get_int_param(pkeyparam,
+                            OSSL_PKEY_PARAM_EC_CHAR2_M, &i_out))
+            || !TEST_false(EVP_PKEY_get_int_param(pkeyparam,
+                               OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS, &i_out))
+            || !TEST_false(EVP_PKEY_get_int_param(pkeyparam,
+                               OSSL_PKEY_PARAM_EC_CHAR2_PP_K1, &i_out))
+            || !TEST_false(EVP_PKEY_get_int_param(pkeyparam,
+                               OSSL_PKEY_PARAM_EC_CHAR2_PP_K2, &i_out))
+            || !TEST_false(EVP_PKEY_get_int_param(pkeyparam,
+                               OSSL_PKEY_PARAM_EC_CHAR2_PP_K3, &i_out))
+            || !TEST_false(EVP_PKEY_get_utf8_string_param(pkeyparam,
+                               OSSL_PKEY_PARAM_EC_CHAR2_TYPE, name, sizeof(name),
+                               &name_len)))
+            goto err;
+    } else {
+#ifndef OPENSSL_NO_EC2M
+        if (!TEST_true(EVP_PKEY_get_int_param(pkeyparam,
+                           OSSL_PKEY_PARAM_EC_CHAR2_M, &i_out))
+            || !TEST_int_eq(EC_GROUP_get_degree(group), i_out)
+            || !TEST_true(EVP_PKEY_get_utf8_string_param(pkeyparam,
+                              OSSL_PKEY_PARAM_EC_CHAR2_TYPE, name, sizeof(name),
+                              &name_len))
+            || !TEST_str_eq(name, basis_name))
+            goto err;
+
+        if (EC_GROUP_get_basis_type(group) == NID_X9_62_tpBasis) {
+            if (!TEST_true(EVP_PKEY_get_int_param(pkeyparam,
+                               OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS, &i_out))
+                || !TEST_int_eq(k1, i_out)
+                || !TEST_false(EVP_PKEY_get_int_param(pkeyparam,
+                                   OSSL_PKEY_PARAM_EC_CHAR2_PP_K1, &i_out))
+                || !TEST_false(EVP_PKEY_get_int_param(pkeyparam,
+                                   OSSL_PKEY_PARAM_EC_CHAR2_PP_K2, &i_out))
+                || !TEST_false(EVP_PKEY_get_int_param(pkeyparam,
+                                   OSSL_PKEY_PARAM_EC_CHAR2_PP_K3, &i_out)))
+                goto err;
+        } else {
+            if (!TEST_false(EVP_PKEY_get_int_param(pkeyparam,
+                                OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS, &i_out))
+                || !TEST_true(EVP_PKEY_get_int_param(pkeyparam,
+                                  OSSL_PKEY_PARAM_EC_CHAR2_PP_K1, &i_out))
+                || !TEST_int_eq(k1, i_out)
+                || !TEST_true(EVP_PKEY_get_int_param(pkeyparam,
+                                  OSSL_PKEY_PARAM_EC_CHAR2_PP_K2, &i_out))
+                || !TEST_int_eq(k2, i_out)
+                || !TEST_true(EVP_PKEY_get_int_param(pkeyparam,
+                                  OSSL_PKEY_PARAM_EC_CHAR2_PP_K3, &i_out))
+                || !TEST_int_eq(k3, i_out))
+                goto err;
+        }
+#endif /* OPENSSL_NO_EC2M */
+    }
+    if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pkeyparam))
+        || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_GROUP_NAME))
+        || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_ENCODING))
+        || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_FIELD_TYPE))
+        || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_P))
+        || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_A))
+        || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_B))
+        || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_GENERATOR))
+        || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_ORDER))
+        || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_COFACTOR))
+        || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_SEED))
+#ifndef OPENSSL_NO_EC2M
+        || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_CHAR2_M))
+        || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_CHAR2_TYPE))
+        || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS))
+        || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_CHAR2_PP_K1))
+        || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_CHAR2_PP_K2))
+        || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_CHAR2_PP_K3))
+#endif
+        )
+        goto err;
+    ret = 1;
+err:
+    BN_free(order_out);
+    BN_free(cofactor_out);
+    BN_free(a_out);
+    BN_free(b_out);
+    BN_free(p_out);
+    OSSL_PARAM_BLD_free_params(params);
+    OSSL_PARAM_BLD_free(bld);
+    EVP_PKEY_free(pkeyparam);
+    EVP_PKEY_CTX_free(pctx);
+    return ret;
+}
+
 /*
  * check the EC_METHOD respects the supplied EC_GROUP_set_generator G
  */
@@ -2406,14 +2625,17 @@ static int custom_generator_test(int id)
         || !TEST_mem_eq(b1, bsize, b2, bsize))
         goto err;
 
+    if (!do_test_custom_explicit_fromdata(group, ctx, b1, bsize))
+        goto err;
+
     ret = 1;
 
  err:
-    BN_CTX_end(ctx);
     EC_POINT_free(Q1);
     EC_POINT_free(Q2);
     EC_POINT_free(G2);
     EC_GROUP_free(group);
+    BN_CTX_end(ctx);
     BN_CTX_free(ctx);
     OPENSSL_free(b1);
     OPENSSL_free(b2);
diff --git a/test/endecode_test.c b/test/endecode_test.c
index 5f3fa3d220..0a2f5d0b40 100644
--- a/test/endecode_test.c
+++ b/test/endecode_test.c
@@ -12,7 +12,9 @@
 #include <openssl/pem.h>
 #include <openssl/rsa.h>
 #include <openssl/x509.h>
+#include <openssl/core_names.h>
 #include <openssl/params.h>
+#include <openssl/param_build.h>
 #include <openssl/encoder.h>
 #include <openssl/decoder.h>
 
@@ -21,6 +23,21 @@
 
 #include "testutil.h"
 
+#ifndef OPENSSL_NO_EC
+static BN_CTX *bnctx = NULL;
+static OSSL_PARAM_BLD *bld_prime_nc = NULL;
+static OSSL_PARAM_BLD *bld_prime = NULL;
+static OSSL_PARAM *ec_explicit_prime_params_nc = NULL;
+static OSSL_PARAM *ec_explicit_prime_params_explicit = NULL;
+
+# ifndef OPENSSL_NO_EC2M
+static OSSL_PARAM_BLD *bld_tri_nc = NULL;
+static OSSL_PARAM_BLD *bld_tri = NULL;
+static OSSL_PARAM *ec_explicit_tri_params_nc = NULL;
+static OSSL_PARAM *ec_explicit_tri_params_explicit = NULL;
+# endif
+#endif
+
 /*
  * TODO(3.0) Modify PEM_write_bio_PrivateKey_traditional() to handle
  * provider side EVP_PKEYs (which don't necessarily have an ameth)
@@ -75,7 +92,6 @@ static EVP_PKEY *make_key(const char *type, EVP_PKEY *template,
     return pkey;
 }
 
-
 /* Main test driver */
 
 /*
@@ -754,6 +770,16 @@ IMPLEMENT_TEST_SUITE_PVK(DSA, "DSA")
 #ifndef OPENSSL_NO_EC
 DOMAIN_KEYS(EC);
 IMPLEMENT_TEST_SUITE(EC, "EC")
+DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
+IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC")
+DOMAIN_KEYS(ECExplicitPrime2G);
+IMPLEMENT_TEST_SUITE(ECExplicitPrime2G, "EC")
+# ifndef OPENSSL_NO_EC2M
+DOMAIN_KEYS(ECExplicitTriNamedCurve);
+IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve, "EC")
+DOMAIN_KEYS(ECExplicitTri2G);
+IMPLEMENT_TEST_SUITE(ECExplicitTri2G, "EC")
+# endif
 KEYS(ED25519);
 IMPLEMENT_TEST_SUITE(ED25519, "ED25519")
 KEYS(ED448);
@@ -774,6 +800,189 @@ IMPLEMENT_TEST_SUITE_PVK(RSA, "RSA")
 # endif
 #endif
 
+#ifndef OPENSSL_NO_EC
+/* Explicit parameters that match a named curve */
+static int do_create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld,
+                                              const unsigned char *gen,
+                                              size_t gen_len)
+{
+    BIGNUM *a, *b, *prime, *order;
+
+    /* Curve prime256v1 */
+    static const unsigned char prime_data[] = {
+        0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
+        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
+        0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+        0xff
+    };
+    static const unsigned char a_data[] = {
+        0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
+        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
+        0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+        0xfc
+    };
+    static const unsigned char b_data[] = {
+        0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
+        0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
+        0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
+        0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b
+    };
+    static const unsigned char seed[] = {
+        0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93,
+        0x6a, 0x66, 0x78, 0xe1, 0x13, 0x9d, 0x26, 0xb7,
+        0x81, 0x9f, 0x7e, 0x90
+    };
+    static const unsigned char order_data[] = {
+        0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
+        0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+        0xff, 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e,
+        0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51
+    };
+    return TEST_ptr(a = BN_CTX_get(bnctx))
+           && TEST_ptr(b = BN_CTX_get(bnctx))
+           && TEST_ptr(prime = BN_CTX_get(bnctx))
+           && TEST_ptr(order = BN_CTX_get(bnctx))
+           && TEST_ptr(BN_bin2bn(prime_data, sizeof(prime_data), prime))
+           && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
+           && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
+           && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
+           && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
+                            OSSL_PKEY_PARAM_EC_FIELD_TYPE, SN_X9_62_prime_field,
+                            0))
+           && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, prime))
+           && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
+           && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
+           && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
+                            OSSL_PKEY_PARAM_EC_ORDER, order))
+           && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
+                            OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
+           && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
+                            OSSL_PKEY_PARAM_EC_SEED, seed, sizeof(seed)))
+           && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
+                                               BN_value_one()));
+}
+
+static int create_ec_explicit_prime_params_namedcurve(OSSL_PARAM_BLD *bld)
+{
+    static const unsigned char prime256v1_gen[] = {
+        0x04,
+        0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,
+        0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
+        0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
+        0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96,
+        0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b,
+        0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
+        0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
+        0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5
+    };
+    return do_create_ec_explicit_prime_params(bld, prime256v1_gen,
+                                              sizeof(prime256v1_gen));
+}
+
+static int create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld)
+{
+    /* 2G */
+    static const unsigned char prime256v1_gen2[] = {
+        0x04,
+        0xe4, 0x97, 0x08, 0xbe, 0x7d, 0xfa, 0xa2, 0x9a,
+        0xa3, 0x12, 0x6f, 0xe4, 0xe7, 0xd0, 0x25, 0xe3,
+        0x4a, 0xc1, 0x03, 0x15, 0x8c, 0xd9, 0x33, 0xc6,
+        0x97, 0x42, 0xf5, 0xdc, 0x97, 0xb9, 0xd7, 0x31,
+        0xe9, 0x7d, 0x74, 0x3d, 0x67, 0x6a, 0x3b, 0x21,
+        0x08, 0x9c, 0x31, 0x73, 0xf8, 0xc1, 0x27, 0xc9,
+        0xd2, 0xa0, 0xa0, 0x83, 0x66, 0xe0, 0xc9, 0xda,
+        0xa8, 0xc6, 0x56, 0x2b, 0x94, 0xb1, 0xae, 0x55
+    };
+    return do_create_ec_explicit_prime_params(bld, prime256v1_gen2,
+                                              sizeof(prime256v1_gen2));
+}
+
+# ifndef OPENSSL_NO_EC2M
+static int do_create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld,
+                                                  const unsigned char *gen,
+                                                  size_t gen_len)
+{
+    BIGNUM *a, *b, *poly, *order, *cofactor;
+    /* sect233k1 characteristic-two-field tpBasis */
+    static const unsigned char poly_data[] = {
+        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+    };
+    static const unsigned char a_data[] = {
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+    };
+    static const unsigned char b_data[] = {
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x01
+    };
+    static const unsigned char order_data[] = {
+        0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB,
+        0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF
+    };
+    static const unsigned char cofactor_data[]= {
+        0x4
+    };
+    return TEST_ptr(a = BN_CTX_get(bnctx))
+           && TEST_ptr(b = BN_CTX_get(bnctx))
+           && TEST_ptr(poly = BN_CTX_get(bnctx))
+           && TEST_ptr(order = BN_CTX_get(bnctx))
+           && TEST_ptr(cofactor = BN_CTX_get(bnctx))
+           && TEST_ptr(BN_bin2bn(poly_data, sizeof(poly_data), poly))
+           && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
+           && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
+           && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
+           && TEST_ptr(BN_bin2bn(cofactor_data, sizeof(cofactor_data), cofactor))
+           && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
+                            OSSL_PKEY_PARAM_EC_FIELD_TYPE,
+                            SN_X9_62_characteristic_two_field, 0))
+           && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, poly))
+           && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
+           && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
+           && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
+                            OSSL_PKEY_PARAM_EC_ORDER, order))
+           && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
+                            OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
+           && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
+                                               cofactor));
+}
+
+static int create_ec_explicit_trinomial_params_namedcurve(OSSL_PARAM_BLD *bld)
+{
+    static const unsigned char gen[] = {
+        0x04,
+        0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2,
+        0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C,
+        0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26,
+        0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A,
+        0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0,
+        0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3
+    };
+    return do_create_ec_explicit_trinomial_params(bld, gen, sizeof(gen));
+}
+
+static int create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld)
+{
+    static const unsigned char gen2[] = {
+        0x04,
+        0x00, 0xd7, 0xba, 0xd0, 0x26, 0x6c, 0x31, 0x6a, 0x78, 0x76, 0x01, 0xd1,
+        0x32, 0x4b, 0x8f, 0x30, 0x29, 0x2d, 0x78, 0x30, 0xca, 0x43, 0xaa, 0xf0,
+        0xa2, 0x5a, 0xd4, 0x0f, 0xb3, 0xf4,
+        0x00, 0x85, 0x4b, 0x1b, 0x8d, 0x50, 0x10, 0xa5, 0x1c, 0x80, 0xf7, 0x86,
+        0x40, 0x62, 0x4c, 0x87, 0xd1, 0x26, 0x7a, 0x9c, 0x5c, 0xe9, 0x82, 0x29,
+        0xd1, 0x67, 0x70, 0x41, 0xea, 0xcb
+    };
+    return do_create_ec_explicit_trinomial_params(bld, gen2, sizeof(gen2));
+}
+# endif /* OPENSSL_NO_EC2M */
+#endif /* OPENSSL_NO_EC */
+
 int setup_tests(void)
 {
     int ok = 1;
@@ -803,7 +1012,28 @@ int setup_tests(void)
         OSSL_PARAM_END
     };
 
+#ifndef OPENSSL_NO_EC
+    if (!TEST_ptr(bnctx = BN_CTX_new_ex(NULL))
+        || !TEST_ptr(bld_prime_nc = OSSL_PARAM_BLD_new())
+        || !TEST_ptr(bld_prime = OSSL_PARAM_BLD_new())
+        || !create_ec_explicit_prime_params_namedcurve(bld_prime_nc)
+        || !create_ec_explicit_prime_params(bld_prime)
+        || !TEST_ptr(ec_explicit_prime_params_nc = OSSL_PARAM_BLD_to_param(bld_prime_nc))
+        || !TEST_ptr(ec_explicit_prime_params_explicit = OSSL_PARAM_BLD_to_param(bld_prime))
+# ifndef OPENSSL_NO_EC2M
+        || !TEST_ptr(bld_tri_nc = OSSL_PARAM_BLD_new())
+        || !TEST_ptr(bld_tri = OSSL_PARAM_BLD_new())
+        || !create_ec_explicit_trinomial_params_namedcurve(bld_tri_nc)
+        || !create_ec_explicit_trinomial_params(bld_tri)
+        || !TEST_ptr(ec_explicit_tri_params_nc = OSSL_PARAM_BLD_to_param(bld_tri_nc))
+        || !TEST_ptr(ec_explicit_tri_params_explicit = OSSL_PARAM_BLD_to_param(bld_tri))
+# endif
+        )
+        return 0;
+#endif
+
     TEST_info("Generating keys...");
+
 #ifndef OPENSSL_NO_DH
     MAKE_DOMAIN_KEYS(DH, "DH", NULL);
     MAKE_DOMAIN_KEYS(DHX, "X9.42 DH", NULL);
@@ -813,6 +1043,12 @@ int setup_tests(void)
 #endif
 #ifndef OPENSSL_NO_EC
     MAKE_DOMAIN_KEYS(EC, "EC", EC_params);
+    MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve, "EC", ec_explicit_prime_params_nc);
+    MAKE_DOMAIN_KEYS(ECExplicitPrime2G, "EC", ec_explicit_prime_params_explicit);
+# ifndef OPENSSL_NO_EC2M
+    MAKE_DOMAIN_KEYS(ECExplicitTriNamedCurve, "EC", ec_explicit_tri_params_nc);
+    MAKE_DOMAIN_KEYS(ECExplicitTri2G, "EC", ec_explicit_tri_params_explicit);
+# endif
     MAKE_KEYS(ED25519, "ED25519", NULL);
     MAKE_KEYS(ED448, "ED448", NULL);
     MAKE_KEYS(X25519, "X25519", NULL);
@@ -836,6 +1072,12 @@ int setup_tests(void)
 #endif
 #ifndef OPENSSL_NO_EC
         ADD_TEST_SUITE(EC);
+        ADD_TEST_SUITE(ECExplicitPrimeNamedCurve);
+        ADD_TEST_SUITE(ECExplicitPrime2G);
+# ifndef OPENSSL_NO_EC2M
+        ADD_TEST_SUITE(ECExplicitTriNamedCurve);
+        ADD_TEST_SUITE(ECExplicitTri2G);
+# endif
         ADD_TEST_SUITE(ED25519);
         ADD_TEST_SUITE(ED448);
         ADD_TEST_SUITE(X25519);
@@ -856,6 +1098,20 @@ int setup_tests(void)
 
 void cleanup_tests(void)
 {
+#ifndef OPENSSL_NO_EC
+    OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_nc);
+    OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_explicit);
+    OSSL_PARAM_BLD_free(bld_prime_nc);
+    OSSL_PARAM_BLD_free(bld_prime);
+# ifndef OPENSSL_NO_EC2M
+    OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_nc);
+    OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_explicit);
+    OSSL_PARAM_BLD_free(bld_tri_nc);
+    OSSL_PARAM_BLD_free(bld_tri);
+# endif
+    BN_CTX_free(bnctx);
+#endif /* OPENSSL_NO_EC */
+
 #ifndef OPENSSL_NO_DH
     FREE_DOMAIN_KEYS(DH);
     FREE_DOMAIN_KEYS(DHX);
@@ -865,6 +1121,12 @@ void cleanup_tests(void)
 #endif
 #ifndef OPENSSL_NO_EC
     FREE_DOMAIN_KEYS(EC);
+    FREE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
+    FREE_DOMAIN_KEYS(ECExplicitPrime2G);
+# ifndef OPENSSL_NO_EC2M
+    FREE_DOMAIN_KEYS(ECExplicitTriNamedCurve);
+    FREE_DOMAIN_KEYS(ECExplicitTri2G);
+# endif
     FREE_KEYS(ED25519);
     FREE_KEYS(ED448);
     FREE_KEYS(X25519);
diff --git a/test/recipes/15-test_genec.t b/test/recipes/15-test_genec.t
index 20ddd4026d..2dfed387ca 100644
--- a/test/recipes/15-test_genec.t
+++ b/test/recipes/15-test_genec.t
@@ -29,30 +29,12 @@ sub supported_pass {
     ok(run(@_), $str);
 }
 
-sub unsupported_pass {
-    my $str = shift;
- TODO: {
-        local $TODO = "Currently not supported";
-
-        ok(run(@_), $str);
-    }
-}
-
 sub supported_fail {
     my $str = shift;
 
     ok(!run(@_), $str);
 }
 
-sub unsupported_fail {
-    my $str = shift;
- TODO: {
-        local $TODO = "Currently not supported";
-
-        ok(!run(@_), $str);
-    }
-}
-
 setup("test_genec");
 
 plan skip_all => "This test is unsupported in a no-ec build"
@@ -183,7 +165,7 @@ push(@curve_list, @curve_aliases);
 my %params_encodings =
     (
      'named_curve'      => \&supported_pass,
-     'explicit'         => \&unsupported_pass
+     'explicit'         => \&supported_pass
     );
 
 my @output_formats = ('PEM', 'DER');
@@ -273,7 +255,7 @@ subtest "test curves that only support explicit parameters encoding" => sub {
     my %params_encodings =
         (
          'named_curve'      => \&supported_fail,
-         'explicit'         => \&unsupported_pass
+         'explicit'         => \&supported_pass
         );
 
     foreach my $curvename (@explicit_only_curves) {
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 2d85c13eef..549ab0a7c7 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5271,3 +5271,4 @@ OSSL_STORE_INFO_get1_PUBKEY             ?	3_0_0	EXIST::FUNCTION:
 PEM_read_bio_PUBKEY_ex                  ?	3_0_0	EXIST::FUNCTION:
 PEM_read_PUBKEY_ex                      ?	3_0_0	EXIST::FUNCTION:STDIO
 PEM_read_bio_Parameters_ex              ?	3_0_0	EXIST::FUNCTION:
+EC_GROUP_new_from_params                ?	3_0_0	EXIST::FUNCTION:EC

From shane.lontis at oracle.com  Sat Aug 22 05:10:27 2020
From: shane.lontis at oracle.com (shane.lontis at oracle.com)
Date: Sat, 22 Aug 2020 05:10:27 +0000
Subject: [openssl]  master update
Message-ID: <1598073027.023994.17843.nullmailer@dev.openssl.org>

The branch master has been updated
       via  eed12622faf01369141caa558439ac5f6fd5dcd1 (commit)
      from  c0f39ded68ba0929698a8773e63e9806ec9e5c74 (commit)


- Log -----------------------------------------------------------------
commit eed12622faf01369141caa558439ac5f6fd5dcd1
Author: Robert J?drzejczyk <robert at prog.olsztyn.pl>
Date:   Sat Aug 22 15:05:56 2020 +1000

    Windows get ENV value as UTF-8 encoded string instead of a raw string
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12657)

-----------------------------------------------------------------------

Summary of changes:
 crypto/getenv.c | 72 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 72 insertions(+)

diff --git a/crypto/getenv.c b/crypto/getenv.c
index a49a06f8ed..431a7644b9 100644
--- a/crypto/getenv.c
+++ b/crypto/getenv.c
@@ -13,9 +13,81 @@
 
 #include <stdlib.h>
 #include "internal/cryptlib.h"
+#include "e_os.h"
 
 char *ossl_safe_getenv(const char *name)
 {
+#if defined(_WIN32) && defined(CP_UTF8) && !defined(_WIN32_WCE)
+    if (GetEnvironmentVariableW(L"OPENSSL_WIN32_UTF8", NULL, 0) != 0) {
+        char *val = NULL;
+        int vallen = 0;
+        WCHAR *namew = NULL;
+        WCHAR *valw = NULL;
+        DWORD envlen = 0;
+        DWORD dwFlags = MB_ERR_INVALID_CHARS;
+        int rsize, fsize;
+        UINT curacp;
+
+        curacp = GetACP();
+
+        /*
+         * For the code pages listed below, dwFlags must be set to 0.
+         * Otherwise, the function fails with ERROR_INVALID_FLAGS.
+         */
+        if (curacp == 50220 || curacp == 50221 || curacp == 50222 ||
+            curacp == 50225 || curacp == 50227 || curacp == 50229 ||
+            (57002 <= curacp && curacp <=57011) || curacp == 65000 ||
+            curacp == 42)
+            dwFlags = 0;
+
+        /* query for buffer len */
+        rsize = MultiByteToWideChar(curacp, dwFlags, name, -1, NULL, 0);
+        /* if name is valid string and can be converted to wide string */
+        if (rsize > 0)
+            namew = _malloca(rsize * sizeof(WCHAR));
+
+        if (NULL != namew) {
+            /* convert name to wide string */
+            fsize = MultiByteToWideChar(curacp, dwFlags, name, -1, namew, rsize);
+            /* if conversion is ok, then determine value string size in wchars */
+            if (fsize > 0)
+                envlen = GetEnvironmentVariableW(namew, NULL, 0);
+        }
+
+        if (envlen > 0)
+            valw = _malloca(envlen * sizeof(WCHAR));
+
+        if (NULL != valw) {
+            /* if can get env value as wide string */
+            if (GetEnvironmentVariableW(namew, valw, envlen) < envlen) {
+                /* determine value string size in utf-8 */
+                vallen = WideCharToMultiByte(CP_UTF8, 0, valw, -1, NULL, 0,
+                                             NULL, NULL);
+            }
+        }
+
+        if (vallen > 0)
+            val = OPENSSL_malloc(vallen);
+
+        if (NULL != val) {
+            /* convert value string from wide to utf-8 */
+            if (WideCharToMultiByte(CP_UTF8, 0, valw, -1, val, vallen,
+                                    NULL, NULL) == 0) {
+                OPENSSL_free(val);
+                val = NULL;
+            }
+        }
+
+        if (NULL != namew)
+            _freea(namew);
+
+        if (NULL != valw)
+            _freea(valw);
+
+        return val;
+    }
+#endif
+
 #if defined(__GLIBC__) && defined(__GLIBC_PREREQ)
 # if __GLIBC_PREREQ(2, 17)
 #  define SECURE_GETENV

From builds at travis-ci.com  Sat Aug 22 07:55:54 2020
From: builds at travis-ci.com (Travis CI)
Date: Sat, 22 Aug 2020 07:55:54 +0000
Subject: Still Failing: openssl/openssl#36890 (master - c0f39de)
In-Reply-To: <openssl/openssl+180919574+still failing@travis-ci.com>
Message-ID: <5f40cf8a5a739_13f87ea108a181078c9@travis-pro-tasks-6dbd7ddf9d-mdmvr.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36890
Status: Still Failing

Duration: 1 hr, 9 mins, and 1 sec
Commit: c0f39de (master)
Author: Shane Lontis
Message: Add Explicit EC parameter support to providers.

This was added for backward compatability.
Added EC_GROUP_new_from_params() that supports explicit curve parameters.

This fixes the 15-test_genec.t TODO.

Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12604)

View the changeset: https://github.com/openssl/openssl/compare/a02c715c1833...c0f39ded68ba

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180919574?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200822/01101431/attachment.html>

From beldmit at gmail.com  Sat Aug 22 08:08:34 2020
From: beldmit at gmail.com (beldmit at gmail.com)
Date: Sat, 22 Aug 2020 08:08:34 +0000
Subject: [openssl]  master update
Message-ID: <1598083714.095525.3800.nullmailer@dev.openssl.org>

The branch master has been updated
       via  1acb2e6f3540727c4cc9f8388cc0da265e6fe8ab (commit)
      from  eed12622faf01369141caa558439ac5f6fd5dcd1 (commit)


- Log -----------------------------------------------------------------
commit 1acb2e6f3540727c4cc9f8388cc0da265e6fe8ab
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Thu Aug 20 13:28:11 2020 +1000

    Fix CMS so that it still works with non fetchable algorithms.
    
    Fixes #12633
    
    For CMS the Gost engine still requires calls to EVP_get_digestbyname() and EVP_get_cipherbyname() when
    EVP_MD_fetch() and EVP_CIPHER_fetch() return NULL.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
    (Merged from https://github.com/openssl/openssl/pull/12689)

-----------------------------------------------------------------------

Summary of changes:
 crypto/cms/cms_enc.c | 18 ++++++++++++------
 crypto/cms/cms_env.c | 20 ++++++++++++++------
 crypto/cms/cms_lib.c | 19 +++++++++++++++----
 crypto/cms/cms_sd.c  | 21 +++++++++++++++++----
 4 files changed, 58 insertions(+), 20 deletions(-)

diff --git a/crypto/cms/cms_enc.c b/crypto/cms/cms_enc.c
index e25453ec9c..48934ef2a1 100644
--- a/crypto/cms/cms_enc.c
+++ b/crypto/cms/cms_enc.c
@@ -45,6 +45,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec,
 
     BIO_get_cipher_ctx(b, &ctx);
 
+    (void)ERR_set_mark();
     if (enc) {
         cipher = ec->cipher;
         /*
@@ -58,17 +59,21 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec,
     if (cipher != NULL) {
         fetched_ciph = EVP_CIPHER_fetch(cms_ctx->libctx, EVP_CIPHER_name(cipher),
                                         cms_ctx->propq);
-        if (fetched_ciph == NULL) {
-            CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, CMS_R_UNKNOWN_CIPHER);
-            goto err;
-        }
+        if (fetched_ciph != NULL)
+            cipher = fetched_ciph;
+    }
+    if (cipher == NULL) {
+        (void)ERR_clear_last_mark();
+        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, CMS_R_UNKNOWN_CIPHER);
+        goto err;
     }
-    if (EVP_CipherInit_ex(ctx, fetched_ciph, NULL, NULL, NULL, enc) <= 0) {
+    (void)ERR_pop_to_mark();
+
+    if (EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc) <= 0) {
         CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
                CMS_R_CIPHER_INITIALISATION_ERROR);
         goto err;
     }
-    EVP_CIPHER_free(fetched_ciph);
 
     if (enc) {
         int ivlen;
@@ -159,6 +164,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec,
     ok = 1;
 
  err:
+    EVP_CIPHER_free(fetched_ciph);
     if (!keep_key || !ok) {
         OPENSSL_clear_free(ec->key, ec->keylen);
         ec->key = NULL;
diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c
index 94961cd038..1fed65c442 100644
--- a/crypto/cms/cms_env.c
+++ b/crypto/cms/cms_env.c
@@ -466,7 +466,8 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
     size_t eklen;
     int ret = 0;
     size_t fixlen = 0;
-    EVP_CIPHER *ciph = NULL;
+    const EVP_CIPHER *cipher = NULL;
+    EVP_CIPHER *fetched_cipher = NULL;
     CMS_EncryptedContentInfo *ec;
     const CMS_CTX *ctx = cms_get0_cmsctx(cms);
 
@@ -482,14 +483,22 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
         X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
         const char *name = OBJ_nid2sn(OBJ_obj2nid(calg->algorithm));
 
-        ciph = EVP_CIPHER_fetch(ctx->libctx, name, ctx->propq);
-        if (ciph == NULL) {
+        (void)ERR_set_mark();
+        fetched_cipher = EVP_CIPHER_fetch(ctx->libctx, name, ctx->propq);
+
+        if (fetched_cipher != NULL)
+            cipher = fetched_cipher;
+        else
+            cipher = EVP_get_cipherbyobj(calg->algorithm);
+        if (cipher == NULL) {
+            (void)ERR_clear_last_mark();
             CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_UNKNOWN_CIPHER);
             return 0;
         }
+        (void)ERR_pop_to_mark();
 
-        fixlen = EVP_CIPHER_key_length(ciph);
-        EVP_CIPHER_free(ciph);
+        fixlen = EVP_CIPHER_key_length(cipher);
+        EVP_CIPHER_free(fetched_cipher);
     }
 
     ktri->pctx = EVP_PKEY_CTX_new_from_pkey(ctx->libctx, pkey, ctx->propq);
@@ -514,7 +523,6 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
         goto err;
 
     ek = OPENSSL_malloc(eklen);
-
     if (ek == NULL) {
         CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, ERR_R_MALLOC_FAILURE);
         goto err;
diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c
index 92321dfc33..7c9b2494a2 100644
--- a/crypto/cms/cms_lib.c
+++ b/crypto/cms/cms_lib.c
@@ -394,26 +394,37 @@ BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm,
 {
     BIO *mdbio = NULL;
     const ASN1_OBJECT *digestoid;
-    EVP_MD *digest = NULL;
+    const EVP_MD *digest = NULL;
+    EVP_MD *fetched_digest = NULL;
     const char *alg;
 
     X509_ALGOR_get0(&digestoid, NULL, NULL, digestAlgorithm);
     alg = OBJ_nid2sn(OBJ_obj2nid(digestoid));
-    digest = EVP_MD_fetch(ctx->libctx, alg, ctx->propq);
+
+    (void)ERR_set_mark();
+    fetched_digest = EVP_MD_fetch(ctx->libctx, alg, ctx->propq);
+
+    if (fetched_digest != NULL)
+        digest = fetched_digest;
+    else
+        digest = EVP_get_digestbyobj(digestoid);
     if (digest == NULL) {
+        (void)ERR_clear_last_mark();
         CMSerr(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO,
                CMS_R_UNKNOWN_DIGEST_ALGORITHM);
         goto err;
     }
+    (void)ERR_pop_to_mark();
+
     mdbio = BIO_new(BIO_f_md());
     if (mdbio == NULL || !BIO_set_md(mdbio, digest)) {
         CMSerr(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO, CMS_R_MD_BIO_INIT_ERROR);
         goto err;
     }
-    EVP_MD_free(digest);
+    EVP_MD_free(fetched_digest);
     return mdbio;
  err:
-    EVP_MD_free(digest);
+    EVP_MD_free(fetched_digest);
     BIO_free(mdbio);
     return NULL;
 }
diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c
index 4fac4e6182..c11d44487b 100644
--- a/crypto/cms/cms_sd.c
+++ b/crypto/cms/cms_sd.c
@@ -817,7 +817,8 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si)
     unsigned char *abuf = NULL;
     int alen, r = -1;
     const char *name;
-    EVP_MD *md = NULL;
+    const EVP_MD *md;
+    EVP_MD *fetched_md = NULL;
     const CMS_CTX *ctx = si->cms_ctx;
 
     if (si->pkey == NULL) {
@@ -829,9 +830,21 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si)
         return -1;
 
     name = OBJ_nid2sn(OBJ_obj2nid(si->digestAlgorithm->algorithm));
-    md = EVP_MD_fetch(ctx->libctx, name, ctx->propq);
-    if (md == NULL)
+
+    (void)ERR_set_mark();
+    fetched_md = EVP_MD_fetch(ctx->libctx, name, ctx->propq);
+
+    if (fetched_md != NULL)
+        md = fetched_md;
+    else
+        md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
+    if (md == NULL) {
+        (void)ERR_clear_last_mark();
+        CMSerr(0, CMS_R_UNKNOWN_DIGEST_ALGORITHM);
         return -1;
+    }
+    (void)ERR_pop_to_mark();
+
     if (si->mctx == NULL && (si->mctx = EVP_MD_CTX_new()) == NULL) {
         CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, ERR_R_MALLOC_FAILURE);
         goto err;
@@ -860,7 +873,7 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si)
     if (r <= 0)
         CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, CMS_R_VERIFICATION_FAILURE);
  err:
-    EVP_MD_free(md);
+    EVP_MD_free(fetched_md);
     EVP_MD_CTX_reset(mctx);
     return r;
 }

From builds at travis-ci.com  Sat Aug 22 09:22:57 2020
From: builds at travis-ci.com (Travis CI)
Date: Sat, 22 Aug 2020 09:22:57 +0000
Subject: Still Failing: openssl/openssl#36891 (master - eed1262)
In-Reply-To: <openssl/openssl+180920041+still failing@travis-ci.com>
Message-ID: <5f40e3f16d8ee_13f95c41b0a3c139252@travis-pro-tasks-979cc9dfc-8c67l.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36891
Status: Still Failing

Duration: 6 mins and 35 secs
Commit: eed1262 (master)
Author: Robert J?drzejczyk
Message: Windows get ENV value as UTF-8 encoded string instead of a raw string

Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12657)

View the changeset: https://github.com/openssl/openssl/compare/c0f39ded68ba...eed12622faf0

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180920041?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200822/a5ef81b9/attachment.html>

From builds at travis-ci.com  Sat Aug 22 12:11:52 2020
From: builds at travis-ci.com (Travis CI)
Date: Sat, 22 Aug 2020 12:11:52 +0000
Subject: Still Failing: openssl/openssl#36894 (master - 1acb2e6)
In-Reply-To: <openssl/openssl+180925927+still failing@travis-ci.com>
Message-ID: <5f410b86cd787_13fc515e2c4d4170999@travis-pro-tasks-979cc9dfc-zxnxk.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36894
Status: Still Failing

Duration: 1 hr, 2 mins, and 21 secs
Commit: 1acb2e6 (master)
Author: Shane Lontis
Message: Fix CMS so that it still works with non fetchable algorithms.

Fixes #12633

For CMS the Gost engine still requires calls to EVP_get_digestbyname() and EVP_get_cipherbyname() when
EVP_MD_fetch() and EVP_CIPHER_fetch() return NULL.

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12689)

View the changeset: https://github.com/openssl/openssl/compare/eed12622faf0...1acb2e6f3540

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180925927?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200822/bc0f6ac8/attachment-0001.html>

From no-reply at appveyor.com  Sat Aug 22 18:35:43 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sat, 22 Aug 2020 18:35:43 +0000
Subject: Build failed: openssl master.36361
Message-ID: <20200822183543.1.B6705291936F008A@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200822/5a3a73ee/attachment.html>

From no-reply at appveyor.com  Sat Aug 22 19:19:00 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sat, 22 Aug 2020 19:19:00 +0000
Subject: Build failed: openssl master.36362
Message-ID: <20200822191900.1.DE696903407BCE07@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200822/18f3a3e0/attachment.html>

From no-reply at appveyor.com  Sat Aug 22 22:29:00 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sat, 22 Aug 2020 22:29:00 +0000
Subject: Build failed: openssl master.36363
Message-ID: <20200822222900.1.0F203A1365C20397@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200822/7bd0a603/attachment.html>

From scan-admin at coverity.com  Sun Aug 23 07:54:07 2020
From: scan-admin at coverity.com (scan-admin at coverity.com)
Date: Sun, 23 Aug 2020 07:54:07 +0000 (UTC)
Subject: Coverity Scan: Analysis completed for OpenSSL-1.0.2
Message-ID: <5f42209e7b34e_fe0ae2b106b1fcf6062973@prd-scan-dashboard-0.mail>


    Your request for analysis of OpenSSL-1.0.2 has been completed successfully.
    The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7Hlun-2FGpeF2rhqKLKnzox0Gkw-3D-3DcpRH_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeHouq5JWVTaOxKOW95RHwLrHb6ob2k055j-2BqZqub-2FG5WUdpeSJyD-2BEt-2FZ5DqS4LuXV2dz-2B2tuBBiDAhYxE12V73rRjlZvJ32-2FCKgVnqF-2BsWf6zlhmj6t1F2kog9R9ZqWBhNKnVzMrlMNKwJr0kO2ZZjam77Qh0YFhHEdY6wl6OUdcIb00PD4lXEtkC2VRaRuB4-3D

    Build ID: 334633

    Analysis Summary:
       New defects found: 0
       Defects eliminated: 0


From scan-admin at coverity.com  Sun Aug 23 07:58:04 2020
From: scan-admin at coverity.com (scan-admin at coverity.com)
Date: Sun, 23 Aug 2020 07:58:04 +0000 (UTC)
Subject: Coverity Scan: Analysis completed for openssl/openssl
Message-ID: <5f42218bed4e9_fe2de2b106b1fcf60629f1@prd-scan-dashboard-0.mail>


    Your request for analysis of openssl/openssl has been completed successfully.
    The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3DukSR_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeEePcIJErwz-2BjGEA44SNyHU-2BBOvq0fgZiokueKyVsT3dyBhf43ghK2I5-2BBCoa5z1-2FzfihEL3EOnGf0lXJ6hOrbKJQhscb13jqkzvbnZMpvLTdJHrn92XzF3f-2F63QRFA69RF0S8EifyhNN9AAaelBUHgpCXth4fuVJW3sg-2F8VKuVKbZcEcyKc6D-2Fsv5cRyBFe7k-3D

    Build ID: 334632

    Analysis Summary:
       New defects found: 11
       Defects eliminated: 3

    If you have difficulty understanding any defects, email us at scan-admin at coverity.com,
    or post your question to StackOverflow
    at https://u15810271.ct.sendgrid.net/ls/click?upn=CTPegkVN6peWFCMEieYYmPWIi1E4yUS9EoqKFcNAiqhRq8qmgeBE-2Bdt3uvFRAFXd-2FlwX83-2FVVdybfzIMOby0qA-3D-3DRj5W_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeEePcIJErwz-2BjGEA44SNyHU-2BBOvq0fgZiokueKyVsT3dz5ZTJBOkhze9eztzawY9D8nBXpuNVoz0fzqZZSQBsIGqe6DFwFqQv4tT3nWbv5FoOh-2BT7cRwST32aLutiU3iB44Nq6hcYAExhbboQ6K6c9HVaqksLFWUhEvhWEuCPyi-2Be-2Bb26svymnQrgYezjDAHbY-3D

From no-reply at appveyor.com  Sun Aug 23 09:47:25 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sun, 23 Aug 2020 09:47:25 +0000
Subject: Build failed: openssl master.36369
Message-ID: <20200823094725.1.725C324BEB048147@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200823/d1da6a6a/attachment.html>

From dev at ddvo.net  Sun Aug 23 10:01:35 2020
From: dev at ddvo.net (dev at ddvo.net)
Date: Sun, 23 Aug 2020 10:01:35 +0000
Subject: [openssl]  master update
Message-ID: <1598176895.855939.871.nullmailer@dev.openssl.org>

The branch master has been updated
       via  05ead000650b885deaf48b08509e8d14a5b7dd78 (commit)
      from  1acb2e6f3540727c4cc9f8388cc0da265e6fe8ab (commit)


- Log -----------------------------------------------------------------
commit 05ead000650b885deaf48b08509e8d14a5b7dd78
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Wed Aug 19 12:23:52 2020 +0200

    run_tests.pl: Add warning that HARNESS_JOBS > 1 overrides HARNESS_VERBOSE
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12682)

-----------------------------------------------------------------------

Summary of changes:
 test/run_tests.pl | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/test/run_tests.pl b/test/run_tests.pl
index 73d4d91931..2b05ddcbb0 100644
--- a/test/run_tests.pl
+++ b/test/run_tests.pl
@@ -56,6 +56,8 @@ my %openssl_args = ();
 $openssl_args{'failure_verbosity'} = $ENV{HARNESS_VERBOSE} ? 0 :
     $ENV{HARNESS_VERBOSE_FAILURE_PROGRESS} ? 2 :
     1; # $ENV{HARNESS_VERBOSE_FAILURE}
+print "Warning: HARNESS_JOBS > 1 overrides HARNESS_VERBOSE\n"
+    if $ENV{HARNESS_JOBS} > 1;
 print "Warning: HARNESS_VERBOSE overrides HARNESS_VERBOSE_FAILURE*\n"
     if ($ENV{HARNESS_VERBOSE} && ($ENV{HARNESS_VERBOSE_FAILURE}
                                   || $ENV{HARNESS_VERBOSE_FAILURE_PROGRESS}));

From no-reply at appveyor.com  Sun Aug 23 10:51:37 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sun, 23 Aug 2020 10:51:37 +0000
Subject: Build completed: openssl master.36370
Message-ID: <20200823105137.1.629BC816064257F8@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200823/f054214c/attachment-0001.html>

From builds at travis-ci.com  Sun Aug 23 11:46:49 2020
From: builds at travis-ci.com (Travis CI)
Date: Sun, 23 Aug 2020 11:46:49 +0000
Subject: Still Failing: openssl/openssl#36912 (master - 05ead00)
In-Reply-To: <openssl/openssl+180992497+still failing@travis-ci.com>
Message-ID: <5f425728d5625_13f9766ac5afc1552f4@travis-pro-tasks-8457bd6994-q9c2l.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36912
Status: Still Failing

Duration: 1 hr, 2 mins, and 44 secs
Commit: 05ead00 (master)
Author: Dr. David von Oheimb
Message: run_tests.pl: Add warning that HARNESS_JOBS > 1 overrides HARNESS_VERBOSE

Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12682)

View the changeset: https://github.com/openssl/openssl/compare/1acb2e6f3540...05ead000650b

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/180992497?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200823/bd32caa6/attachment.html>

From openssl at openssl.org  Mon Aug 24 00:00:21 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 24 Aug 2020 00:00:21 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT
Message-ID: <1598227221.451253.12751.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT

Commit log since last time:

05ead00065 run_tests.pl: Add warning that HARNESS_JOBS > 1 overrides HARNESS_VERBOSE
1acb2e6f35 Fix CMS so that it still works with non fetchable algorithms.
eed12622fa Windows get ENV value as UTF-8 encoded string instead of a raw string
c0f39ded68 Add Explicit EC parameter support to providers.
a02c715c18 Clean away some declarations
93ec4f8f09 Remove the OSSL_SERIALIZER / OSSL_DESERIALIZER renaming scripts
ece9304c96 Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
f650993f1d Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
5a7734cd02 Add libctx/provider support to cmp_msg_test
4561f15fdb Add libctx/provider support to cmp_protect_test
bdd6784fdd Add libctx/provider support to cmp_vfy_test
b0248cbc3e Add libctx/provider support to cmp_client_test
6d1f50b520 Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt
cac30a69bc cmp_msg.c: Copy libctx and propq of CMP_CTX to newly enrolled certificate
28e9f62b2d cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc
1930b58642 cmp_hdr.c: Adapt ossl_cmp_hdr_init() to use OPENSSL_CTX for random number generation
2300083887 crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails
ab28b59064 Add libctx/provider support to cmp_server_test
97e00da902 Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its doc
1a7cd250ad Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_mock_srv_new()
7b1a3a5062 cmp_vfy.c: Fix bug: must verify msg signature also in 3GPP mode
cef3a008a6 Update CMP header file references in internal CMP documentation
ded346fad2 Add libctx and propq param to ASN.1 sign/verify/HMAC/decrypt
4cdf44c46b x_x509.c: Simplify X509_new_with_libctx() using x509_set0_libctx()
09c2e26e64 Re-word null->empty property; improve iteration.count example in property.pod
1bb6f70da3 testutil: Add provider.c with test_get_libctx(), to use at least for SSL and CMP
06cee80a84 testutil: Make SETUP_TEST_FIXTURE return 0 on fixture == NULL
1a7ceb6c74 Correct the #define's of EVP_PKEY_CTRL_SET1_ID and EVP_PKEY_CTRL_GET1_ID{,_LEN}
bc03cfadc4 Add prerequisite #include directives to include/crypto/x509.h
de3713d492 Make sure x509v3_cache_extensions() does not modify the error queue
be63e58732 Fix incorrect selection flags for ec serializer.
8ca6c6669f Test mte with stitched ciphersuites in TLSv1.0
a361cb841d Fix stitched ciphersuites in TLS1.0
2a33470b4f Make better use of new load_cert_pass() variant of load_cert() in apps/
b3c5aadf4c apps: make use of OSSL_STORE for generalized certs and CRLs loading
ed4faae00c Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8}
5f2b7db09b TEST: Use PEM_read_bio_PUBKEY_ex() and PEM_read_bio_PrivateKey_ex()
6e5ccd58c8 PEM: Add more library context aware PEM readers
2274d22d39 STORE: Distinguish public keys from private keys
6cc1dfca88 PROV: Fix DSA and DH private key serializers
22b814443e X509: Add d2i_PUBKEY_ex(), which take a libctx and propq
3b1fd0b003 cmp: handle error return from OBJ_obj2txt()
ffcdb24b13 pkeyutil: check return value reading password
16486f6332 PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider
26a8f2ac95 RSA: Fix rsa_todata() to only add params for existing data
e6ed04a9dc TEST: separate out NIST ECC tests from non-NIST
a24b510c28 EVP: Have evp_pkey_cmp_any() detect if export wasn't possible

Build log ended with (last 100 lines):

            # Server sent alert unexpected_message but client received no alert.
            # 80876EB9017F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:318:
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1
    not ok 6 - running ssl_test 25-cipher.cnf
# ------------------------------------------------------------------------------
    # Looks like you failed 2 tests of 9.
not ok 26 - Test configuration 25-cipher.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok

        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #2, ECDHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 80F71D2E517F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #3, DHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 80F71D2E517F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 4 - iteration 4
# ------------------------------------------------------------------------------
    not ok 1 - test_ssl_corrupt
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1
not ok 1 - running sslcorrupttest
# ------------------------------------------------------------------------------
#   Failed test 'running sslcorrupttest'
#   at ../openssl/test/recipes/80-test_sslcorrupt.t line 19.
# Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests 
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ skipped: Test only supported in a shared build
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls_mtu.t               (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  26
  Non-zero exit status: 1
80-test_sslcorrupt.t             (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=209, Tests=3128, 1741 wallclock secs (12.76 usr  1.51 sys + 1562.99 cusr 159.46 csys = 1736.72 CPU)
Result: FAIL
Makefile:2539: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-asan'
Makefile:2537: recipe for target 'tests' failed
make: *** [tests] Error 2

From shane.lontis at oracle.com  Mon Aug 24 01:24:37 2020
From: shane.lontis at oracle.com (shane.lontis at oracle.com)
Date: Mon, 24 Aug 2020 01:24:37 +0000
Subject: [openssl]  master update
Message-ID: <1598232277.954313.22450.nullmailer@dev.openssl.org>

The branch master has been updated
       via  bc8c3e1cd8691e6c8e6fe208377ee0d0e408af73 (commit)
       via  4bec3f6d5103c8244aa50d5d5a5b0374c91e7dfb (commit)
       via  1f9ad4f953fb178137dbcd625da5ee2440b5449d (commit)
       via  825ccf515528f289ae3dfe3b34d6252c4764069a (commit)
       via  10ead93897ab48233d66cc40bfdc146d6c95c4a7 (commit)
       via  db1319b706b8f3b0d8d05d766da720812afc28c6 (commit)
       via  fa519461c96c8d5c4652cd0decc5dd62d7d13629 (commit)
       via  51bba73e9361d19a0827e4459c01a7b3f6712415 (commit)
       via  fdf6118b1552bc723aeba726174b14ca07b5170a (commit)
       via  26c5ea8f6168bba5c0879ac7b9bc62ed4e8d469c (commit)
       via  75348bb29820a10c0afbe754fdd03ceacc91979e (commit)
       via  e499a64befa50bc2e7b9cb3173e8ac9b402fe1f9 (commit)
       via  ab7f4a3d2b86ef564081df7219301f7874c4d8af (commit)
       via  61d61c5fd227903bb34562fc06531e91e9453f64 (commit)
       via  f2bfc53b02fd4cf328cf6200452b86adfdc15489 (commit)
       via  90e0e0d8023fca71b019232ffc5804b8d07e2ff2 (commit)
       via  3c1ccfea85e6dcb93aba5cfb166d7aa88bd0a587 (commit)
      from  05ead000650b885deaf48b08509e8d14a5b7dd78 (commit)


- Log -----------------------------------------------------------------
commit bc8c3e1cd8691e6c8e6fe208377ee0d0e408af73
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 11 17:50:13 2020 +1000

    Fix coverity CID #1452770 - Dereference before NULL check in CRYPTO_siv128_init()
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12628)

commit 4bec3f6d5103c8244aa50d5d5a5b0374c91e7dfb
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 11 17:31:11 2020 +1000

    Fix coverity CID #1452773 - Dereference before NULL check in EVP_DigestFinal_ex()
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12628)

commit 1f9ad4f953fb178137dbcd625da5ee2440b5449d
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 11 17:18:31 2020 +1000

    Fix coverity CID #1452775 & #1452772- Dereference before NULL check in evp_lib.c
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12628)

commit 825ccf515528f289ae3dfe3b34d6252c4764069a
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 11 17:09:18 2020 +1000

    Fix coverity CID #1454638 - Dereference after NULL check in EVP_MD_CTX_gettable_params()
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12628)

commit 10ead93897ab48233d66cc40bfdc146d6c95c4a7
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 11 17:01:07 2020 +1000

    Fix coverity CID #1455335 - Dereference after NULL check in fromdata_init()
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12628)

commit db1319b706b8f3b0d8d05d766da720812afc28c6
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 11 16:50:10 2020 +1000

    Fix coverity CID #1458641 - Dereference before NULL check when setting ctx->flag_allow_md in rsa.c
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12628)

commit fa519461c96c8d5c4652cd0decc5dd62d7d13629
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 11 16:41:51 2020 +1000

    Fix coverity CID #1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info()
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12628)

commit 51bba73e9361d19a0827e4459c01a7b3f6712415
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 11 16:33:19 2020 +1000

    Fix coverity CID #1458645 - Dereference before NULL check in rsa_digest_verify_final()
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12628)

commit fdf6118b1552bc723aeba726174b14ca07b5170a
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 11 16:28:00 2020 +1000

    Fix coverity CID #1458647 - Use after free in clean_tbuf() which uses ctx->rsa
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12628)

commit 26c5ea8f6168bba5c0879ac7b9bc62ed4e8d469c
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 11 16:23:28 2020 +1000

    Fix coverity CID #1458648 - Wrong sizeof() arg in rsa_freectx()
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12628)

commit 75348bb29820a10c0afbe754fdd03ceacc91979e
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 11 15:56:17 2020 +1000

    Fix coverity CID #1465525 - NULL pointer dereference in OSSL_DECODER_CTX_new_by_EVP_PKEY()
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12628)

commit e499a64befa50bc2e7b9cb3173e8ac9b402fe1f9
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 11 15:41:54 2020 +1000

    Fix coverity CID #1465531 - Negative return passed to a function param using size_t in asn1_item_digest_with_libctx()
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12628)

commit ab7f4a3d2b86ef564081df7219301f7874c4d8af
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 11 15:36:49 2020 +1000

    Fix coverity CID #1465790 - Dereference after NULL check in evp_test.c
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12628)

commit 61d61c5fd227903bb34562fc06531e91e9453f64
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 11 15:24:52 2020 +1000

    Fix coverity CID #1465794 - Uninitialized pointer read in x942_encode_otherinfo()
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12628)

commit f2bfc53b02fd4cf328cf6200452b86adfdc15489
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 11 15:21:30 2020 +1000

    Fix coverity CID #1465795 - Incorrect free deallocator used in SSL_add1_host()
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12628)

commit 90e0e0d8023fca71b019232ffc5804b8d07e2ff2
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 11 15:17:17 2020 +1000

    Fix coverity CID #1465797 - Negative loop bound in collect_deserializer
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12628)

commit 3c1ccfea85e6dcb93aba5cfb166d7aa88bd0a587
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Tue Aug 11 15:03:42 2020 +1000

    Fix coverity CID #1465594 - Null dereference in EVP_PKEY_get0()
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12628)

-----------------------------------------------------------------------

Summary of changes:
 crypto/asn1/a_digest.c                    |  2 +-
 crypto/ec/ec_ameth.c                      |  2 +-
 crypto/encode_decode/decoder_pkey.c       | 10 +++++++---
 crypto/evp/digest.c                       | 19 ++++++++++++++-----
 crypto/evp/evp_lib.c                      |  8 ++++----
 crypto/evp/p_lib.c                        |  2 ++
 crypto/evp/pmeth_gn.c                     |  3 ++-
 crypto/modes/siv128.c                     | 22 ++++++++++++++--------
 providers/implementations/kdfs/x942kdf.c  |  2 +-
 providers/implementations/signature/rsa.c | 16 ++++++++++------
 ssl/ssl_lib.c                             |  2 +-
 test/evp_test.c                           |  4 ++--
 12 files changed, 59 insertions(+), 33 deletions(-)

diff --git a/crypto/asn1/a_digest.c b/crypto/asn1/a_digest.c
index 3e7b418a19..9211d7a968 100644
--- a/crypto/asn1/a_digest.c
+++ b/crypto/asn1/a_digest.c
@@ -63,7 +63,7 @@ int asn1_item_digest_with_libctx(const ASN1_ITEM *it, const EVP_MD *md,
     EVP_MD *fetched_md = (EVP_MD *)md;
 
     i = ASN1_item_i2d(asn, &str, it);
-    if (str == NULL)
+    if (i < 0 || str == NULL)
         return 0;
 
     if (EVP_MD_provider(md) == NULL) {
diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c
index 8840d57188..67705d6fe4 100644
--- a/crypto/ec/ec_ameth.c
+++ b/crypto/ec/ec_ameth.c
@@ -976,7 +976,7 @@ static int ecdh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri)
 
     plen = CMS_SharedInfo_encode(&der, kekalg, ukm, keylen);
 
-    if (!plen)
+    if (plen <= 0)
         goto err;
 
     if (EVP_PKEY_CTX_set0_ecdh_kdf_ukm(pctx, der, plen) <= 0)
diff --git a/crypto/encode_decode/decoder_pkey.c b/crypto/encode_decode/decoder_pkey.c
index 7f468c2476..7ab38f228f 100644
--- a/crypto/encode_decode/decoder_pkey.c
+++ b/crypto/encode_decode/decoder_pkey.c
@@ -289,6 +289,8 @@ static void collect_decoder(OSSL_DECODER *decoder, void *arg)
         return;
 
     data->error_occured = 1;         /* Assume the worst */
+    if (data->names == NULL)
+        return;
 
     end_i = sk_OPENSSL_CSTRING_num(data->names);
     for (i = 0; i < end_i; i++) {
@@ -367,8 +369,10 @@ OSSL_DECODER_CTX *OSSL_DECODER_CTX_new_by_EVP_PKEY(EVP_PKEY **pkey,
 
     data->process_data = NULL;
  err:
-    decoder_clean_EVP_PKEY_construct_arg(data->process_data);
-    sk_OPENSSL_CSTRING_free(data->names);
-    OPENSSL_free(data);
+    if (data != NULL) {
+        decoder_clean_EVP_PKEY_construct_arg(data->process_data);
+        sk_OPENSSL_CSTRING_free(data->names);
+        OPENSSL_free(data);
+    }
     return ctx;
 }
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 7caab8a5f7..f9ba59ca63 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -367,11 +367,18 @@ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
 /* The caller can assume that this removes any secret data from the context */
 int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *isize)
 {
-    int ret;
+    int ret, sz;
     size_t size = 0;
-    size_t mdsize = EVP_MD_size(ctx->digest);
+    size_t mdsize = 0;
 
-    if (ctx->digest == NULL || ctx->digest->prov == NULL)
+    if (ctx->digest == NULL)
+        return 0;
+
+    sz = EVP_MD_size(ctx->digest);
+    if (sz < 0)
+        return 0;
+    mdsize = sz;
+    if (ctx->digest->prov == NULL)
         goto legacy;
 
     if (ctx->digest->dfinal == NULL) {
@@ -671,8 +678,10 @@ const OSSL_PARAM *EVP_MD_CTX_gettable_params(EVP_MD_CTX *ctx)
 {
     EVP_PKEY_CTX *pctx;
 
-    if (ctx != NULL
-            && ctx->digest != NULL
+    if (ctx == NULL)
+        return NULL;
+
+    if (ctx->digest != NULL
             && ctx->digest->gettable_ctx_params != NULL)
         return ctx->digest->gettable_ctx_params(
                    ossl_provider_ctx(EVP_MD_provider(ctx->digest)));
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index c4d41518ef..676461a51b 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -638,14 +638,14 @@ const OSSL_PROVIDER *EVP_MD_provider(const EVP_MD *md)
 int EVP_MD_block_size(const EVP_MD *md)
 {
     int ok;
-    size_t v = md->block_size;
+    size_t v;
     OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
 
     if (md == NULL) {
         EVPerr(EVP_F_EVP_MD_BLOCK_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
         return -1;
     }
-
+    v = md->block_size;
     params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_BLOCK_SIZE, &v);
     ok = evp_do_md_getparams(md, params);
 
@@ -665,14 +665,14 @@ int EVP_MD_pkey_type(const EVP_MD *md)
 int EVP_MD_size(const EVP_MD *md)
 {
     int ok;
-    size_t v = md->md_size;
+    size_t v;
     OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
 
     if (md == NULL) {
         EVPerr(EVP_F_EVP_MD_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
         return -1;
     }
-
+    v = md->md_size;
     params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_SIZE, &v);
     ok = evp_do_md_getparams(md, params);
 
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index 7a79816788..503009dd93 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -720,6 +720,8 @@ int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key)
 
 void *EVP_PKEY_get0(const EVP_PKEY *pkey)
 {
+    if (pkey == NULL)
+        return NULL;
     if (!evp_pkey_downgrade((EVP_PKEY *)pkey)) {
         ERR_raise(ERR_LIB_EVP, EVP_R_INACCESSIBLE_KEY);
         return NULL;
diff --git a/crypto/evp/pmeth_gn.c b/crypto/evp/pmeth_gn.c
index 2f9346d998..3096828678 100644
--- a/crypto/evp/pmeth_gn.c
+++ b/crypto/evp/pmeth_gn.c
@@ -375,7 +375,8 @@ static int fromdata_init(EVP_PKEY_CTX *ctx, int operation)
     return 1;
 
  not_supported:
-    ctx->operation = EVP_PKEY_OP_UNDEFINED;
+    if (ctx != NULL)
+        ctx->operation = EVP_PKEY_OP_UNDEFINED;
     ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
     return -2;
 }
diff --git a/crypto/modes/siv128.c b/crypto/modes/siv128.c
index 27e29c3cc6..aa924efae7 100644
--- a/crypto/modes/siv128.c
+++ b/crypto/modes/siv128.c
@@ -168,13 +168,10 @@ int CRYPTO_siv128_init(SIV128_CONTEXT *ctx, const unsigned char *key, int klen,
     size_t out_len = SIV_LEN;
     EVP_MAC_CTX *mac_ctx = NULL;
     OSSL_PARAM params[3];
-    const char *cbc_name = EVP_CIPHER_name(cbc);
+    const char *cbc_name;
 
-    params[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER,
-                                                 (char *)cbc_name, 0);
-    params[1] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
-                                                  (void *)key, klen);
-    params[2] = OSSL_PARAM_construct_end();
+    if (ctx == NULL)
+        return 0;
 
     memset(&ctx->d, 0, sizeof(ctx->d));
     EVP_CIPHER_CTX_free(ctx->cipher_ctx);
@@ -184,8 +181,17 @@ int CRYPTO_siv128_init(SIV128_CONTEXT *ctx, const unsigned char *key, int klen,
     ctx->cipher_ctx = NULL;
     ctx->mac_ctx_init = NULL;
 
-    if (key == NULL || cbc == NULL || ctr == NULL
-            || (ctx->cipher_ctx = EVP_CIPHER_CTX_new()) == NULL
+    if (key == NULL || cbc == NULL || ctr == NULL)
+        return 0;
+
+    cbc_name = EVP_CIPHER_name(cbc);
+    params[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER,
+                                                 (char *)cbc_name, 0);
+    params[1] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
+                                                  (void *)key, klen);
+    params[2] = OSSL_PARAM_construct_end();
+
+    if ((ctx->cipher_ctx = EVP_CIPHER_CTX_new()) == NULL
             || (ctx->mac =
                 EVP_MAC_fetch(libctx, OSSL_MAC_NAME_CMAC, propq)) == NULL
             || (ctx->mac_ctx_init = EVP_MAC_CTX_new(ctx->mac)) == NULL
diff --git a/providers/implementations/kdfs/x942kdf.c b/providers/implementations/kdfs/x942kdf.c
index 3ca87cddc2..d1a1ee443c 100644
--- a/providers/implementations/kdfs/x942kdf.c
+++ b/providers/implementations/kdfs/x942kdf.c
@@ -164,7 +164,7 @@ static int x942_encode_otherinfo(size_t keylen,
 
     /* keylenbits must fit into 4 bytes */
     if (keylen > 0xFFFFFF)
-        goto err;
+        return 0;
     keylen_bits = 8 * keylen;
 
     /* Calculate the size of the buffer */
diff --git a/providers/implementations/signature/rsa.c b/providers/implementations/signature/rsa.c
index 05c47dfb65..ca7f6f23b9 100644
--- a/providers/implementations/signature/rsa.c
+++ b/providers/implementations/signature/rsa.c
@@ -725,7 +725,8 @@ static int rsa_digest_signverify_init(void *vprsactx, const char *mdname,
 {
     PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
 
-    prsactx->flag_allow_md = 0;
+    if (prsactx != NULL)
+        prsactx->flag_allow_md = 0;
     if (!rsa_signature_init(vprsactx, vrsa, operation)
         || !rsa_setup_md(prsactx, mdname, NULL)) /* TODO RL */
         return 0;
@@ -775,10 +776,11 @@ static int rsa_digest_sign_final(void *vprsactx, unsigned char *sig,
     unsigned char digest[EVP_MAX_MD_SIZE];
     unsigned int dlen = 0;
 
+    if (prsactx == NULL)
+        return 0;
     prsactx->flag_allow_md = 1;
-    if (prsactx == NULL || prsactx->mdctx == NULL)
+    if (prsactx->mdctx == NULL)
         return 0;
-
     /*
      * If sig is NULL then we're just finding out the sig size. Other fields
      * are ignored. Defer to rsa_sign.
@@ -810,8 +812,10 @@ int rsa_digest_verify_final(void *vprsactx, const unsigned char *sig,
     unsigned char digest[EVP_MAX_MD_SIZE];
     unsigned int dlen = 0;
 
+    if (prsactx == NULL)
+        return 0;
     prsactx->flag_allow_md = 1;
-    if (prsactx == NULL || prsactx->mdctx == NULL)
+    if (prsactx->mdctx == NULL)
         return 0;
 
     /*
@@ -832,14 +836,14 @@ static void rsa_freectx(void *vprsactx)
     if (prsactx == NULL)
         return;
 
-    RSA_free(prsactx->rsa);
     EVP_MD_CTX_free(prsactx->mdctx);
     EVP_MD_free(prsactx->md);
     EVP_MD_free(prsactx->mgf1_md);
     OPENSSL_free(prsactx->propq);
     free_tbuf(prsactx);
+    RSA_free(prsactx->rsa);
 
-    OPENSSL_clear_free(prsactx, sizeof(prsactx));
+    OPENSSL_clear_free(prsactx, sizeof(*prsactx));
 }
 
 static void *rsa_dupctx(void *vprsactx)
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index c72341547a..ad1cfb4f40 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -981,7 +981,7 @@ int SSL_add1_host(SSL *s, const char *hostname)
             old_ip = X509_VERIFY_PARAM_get1_ip_asc(s->param);
             if (old_ip)
             {
-                free(old_ip);
+                OPENSSL_free(old_ip);
                 /* There can be only one IP address */
                 return 0;
             }
diff --git a/test/evp_test.c b/test/evp_test.c
index 958718b1ba..adcfea0038 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -1151,7 +1151,7 @@ static int mac_test_run_pkey(EVP_TEST *t)
                   OBJ_nid2sn(expected->type), expected->alg);
 
     if (expected->type == EVP_PKEY_CMAC) {
-        if (is_cipher_disabled(expected->alg)) {
+        if (expected->alg != NULL && is_cipher_disabled(expected->alg)) {
             TEST_info("skipping, PKEY CMAC '%s' is disabled", expected->alg);
             t->skip = 1;
             t->err = NULL;
@@ -1174,7 +1174,7 @@ static int mac_test_run_pkey(EVP_TEST *t)
         goto err;
     }
 
-    if (expected->type == EVP_PKEY_HMAC) {
+    if (expected->type == EVP_PKEY_HMAC && expected->alg != NULL) {
         if (is_digest_disabled(expected->alg)) {
             TEST_info("skipping, HMAC '%s' is disabled", expected->alg);
             t->skip = 1;

From openssl at openssl.org  Mon Aug 24 01:58:10 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 24 Aug 2020 01:58:10 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-autoerrinit
Message-ID: <1598234290.890046.13116.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit

Commit log since last time:

05ead00065 run_tests.pl: Add warning that HARNESS_JOBS > 1 overrides HARNESS_VERBOSE
1acb2e6f35 Fix CMS so that it still works with non fetchable algorithms.
eed12622fa Windows get ENV value as UTF-8 encoded string instead of a raw string
c0f39ded68 Add Explicit EC parameter support to providers.
a02c715c18 Clean away some declarations
93ec4f8f09 Remove the OSSL_SERIALIZER / OSSL_DESERIALIZER renaming scripts
ece9304c96 Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
f650993f1d Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
5a7734cd02 Add libctx/provider support to cmp_msg_test
4561f15fdb Add libctx/provider support to cmp_protect_test
bdd6784fdd Add libctx/provider support to cmp_vfy_test
b0248cbc3e Add libctx/provider support to cmp_client_test
6d1f50b520 Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt
cac30a69bc cmp_msg.c: Copy libctx and propq of CMP_CTX to newly enrolled certificate
28e9f62b2d cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc
1930b58642 cmp_hdr.c: Adapt ossl_cmp_hdr_init() to use OPENSSL_CTX for random number generation
2300083887 crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails
ab28b59064 Add libctx/provider support to cmp_server_test
97e00da902 Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its doc
1a7cd250ad Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_mock_srv_new()
7b1a3a5062 cmp_vfy.c: Fix bug: must verify msg signature also in 3GPP mode
cef3a008a6 Update CMP header file references in internal CMP documentation
ded346fad2 Add libctx and propq param to ASN.1 sign/verify/HMAC/decrypt
4cdf44c46b x_x509.c: Simplify X509_new_with_libctx() using x509_set0_libctx()
09c2e26e64 Re-word null->empty property; improve iteration.count example in property.pod
1bb6f70da3 testutil: Add provider.c with test_get_libctx(), to use at least for SSL and CMP
06cee80a84 testutil: Make SETUP_TEST_FIXTURE return 0 on fixture == NULL
1a7ceb6c74 Correct the #define's of EVP_PKEY_CTRL_SET1_ID and EVP_PKEY_CTRL_GET1_ID{,_LEN}
bc03cfadc4 Add prerequisite #include directives to include/crypto/x509.h
de3713d492 Make sure x509v3_cache_extensions() does not modify the error queue
be63e58732 Fix incorrect selection flags for ec serializer.
8ca6c6669f Test mte with stitched ciphersuites in TLSv1.0
a361cb841d Fix stitched ciphersuites in TLS1.0
2a33470b4f Make better use of new load_cert_pass() variant of load_cert() in apps/
b3c5aadf4c apps: make use of OSSL_STORE for generalized certs and CRLs loading
ed4faae00c Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8}
5f2b7db09b TEST: Use PEM_read_bio_PUBKEY_ex() and PEM_read_bio_PrivateKey_ex()
6e5ccd58c8 PEM: Add more library context aware PEM readers
2274d22d39 STORE: Distinguish public keys from private keys
6cc1dfca88 PROV: Fix DSA and DH private key serializers
22b814443e X509: Add d2i_PUBKEY_ex(), which take a libctx and propq
3b1fd0b003 cmp: handle error return from OBJ_obj2txt()
ffcdb24b13 pkeyutil: check return value reading password
16486f6332 PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider
26a8f2ac95 RSA: Fix rsa_todata() to only add params for existing data
e6ed04a9dc TEST: separate out NIST ECC tests from non-NIST
a24b510c28 EVP: Have evp_pkey_cmp_any() detect if export wasn't possible

Build log ended with (last 100 lines):

65-test_cmp_status.t ............... ok
65-test_cmp_vfy.t .................. ok
70-test_asyncio.t .................. ok
70-test_bad_dtls.t ................. ok
70-test_clienthello.t .............. ok
70-test_comp.t ..................... ok
70-test_key_share.t ................ ok
70-test_packet.t ................... ok
70-test_recordlen.t ................ ok
70-test_renegotiation.t ............ ok
70-test_servername.t ............... ok
70-test_sslcbcpadding.t ............ ok
70-test_sslcertstatus.t ............ ok
70-test_sslextension.t ............. ok
70-test_sslmessages.t .............. ok
70-test_sslrecords.t ............... ok
70-test_sslsessiontick.t ........... ok
70-test_sslsigalgs.t ............... ok
70-test_sslsignature.t ............. ok
70-test_sslskewith0p.t ............. ok
70-test_sslversions.t .............. ok
70-test_sslvertol.t ................ ok
70-test_tls13alerts.t .............. ok
70-test_tls13cookie.t .............. ok
70-test_tls13downgrade.t ........... ok
70-test_tls13hrr.t ................. ok
70-test_tls13kexmodes.t ............ ok
70-test_tls13messages.t ............ ok
70-test_tls13psk.t ................. ok
70-test_tlsextms.t ................. ok
70-test_verify_extra.t ............. ok
70-test_wpacket.t .................. ok
71-test_ssl_ctx.t .................. ok
80-test_ca.t ....................... ok
80-test_cipherbytes.t .............. ok
80-test_cipherlist.t ............... ok
80-test_ciphername.t ............... ok

# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... ok
80-test_dtls_mtu.t ................. ok
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok
80-test_ssl_new.t .................. ok
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
04-test_err.t                    (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=209, Tests=3197, 900 wallclock secs (14.12 usr  1.42 sys + 827.56 cusr 64.32 csys = 907.42 CPU)
Result: FAIL
Makefile:3188: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit'
Makefile:3186: recipe for target 'tests' failed
make: *** [tests] Error 2

From builds at travis-ci.com  Mon Aug 24 02:53:03 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 24 Aug 2020 02:53:03 +0000
Subject: Still Failing: openssl/openssl#36918 (master - bc8c3e1)
In-Reply-To: <openssl/openssl+181024842+still failing@travis-ci.com>
Message-ID: <5f432b8eeae6f_13fad75bbb4141468a9@travis-pro-tasks-57647dbd89-88qht.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36918
Status: Still Failing

Duration: 1 hr, 0 mins, and 45 secs
Commit: bc8c3e1 (master)
Author: Shane Lontis
Message: Fix coverity CID #1452770 - Dereference before NULL check in CRYPTO_siv128_init()

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12628)

View the changeset: https://github.com/openssl/openssl/compare/05ead000650b...bc8c3e1cd869

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/181024842?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200824/073a89fa/attachment.html>

From openssl at openssl.org  Mon Aug 24 04:51:34 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 24 Aug 2020 04:51:34 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-cms
Message-ID: <1598244694.637112.24452.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-cms

Commit log since last time:

05ead00065 run_tests.pl: Add warning that HARNESS_JOBS > 1 overrides HARNESS_VERBOSE
1acb2e6f35 Fix CMS so that it still works with non fetchable algorithms.
eed12622fa Windows get ENV value as UTF-8 encoded string instead of a raw string
c0f39ded68 Add Explicit EC parameter support to providers.
a02c715c18 Clean away some declarations
93ec4f8f09 Remove the OSSL_SERIALIZER / OSSL_DESERIALIZER renaming scripts
ece9304c96 Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
f650993f1d Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
5a7734cd02 Add libctx/provider support to cmp_msg_test
4561f15fdb Add libctx/provider support to cmp_protect_test
bdd6784fdd Add libctx/provider support to cmp_vfy_test
b0248cbc3e Add libctx/provider support to cmp_client_test
6d1f50b520 Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt
cac30a69bc cmp_msg.c: Copy libctx and propq of CMP_CTX to newly enrolled certificate
28e9f62b2d cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc
1930b58642 cmp_hdr.c: Adapt ossl_cmp_hdr_init() to use OPENSSL_CTX for random number generation
2300083887 crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails
ab28b59064 Add libctx/provider support to cmp_server_test
97e00da902 Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its doc
1a7cd250ad Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_mock_srv_new()
7b1a3a5062 cmp_vfy.c: Fix bug: must verify msg signature also in 3GPP mode
cef3a008a6 Update CMP header file references in internal CMP documentation
ded346fad2 Add libctx and propq param to ASN.1 sign/verify/HMAC/decrypt
4cdf44c46b x_x509.c: Simplify X509_new_with_libctx() using x509_set0_libctx()
09c2e26e64 Re-word null->empty property; improve iteration.count example in property.pod
1bb6f70da3 testutil: Add provider.c with test_get_libctx(), to use at least for SSL and CMP
06cee80a84 testutil: Make SETUP_TEST_FIXTURE return 0 on fixture == NULL
1a7ceb6c74 Correct the #define's of EVP_PKEY_CTRL_SET1_ID and EVP_PKEY_CTRL_GET1_ID{,_LEN}
bc03cfadc4 Add prerequisite #include directives to include/crypto/x509.h
de3713d492 Make sure x509v3_cache_extensions() does not modify the error queue
be63e58732 Fix incorrect selection flags for ec serializer.
8ca6c6669f Test mte with stitched ciphersuites in TLSv1.0
a361cb841d Fix stitched ciphersuites in TLS1.0
2a33470b4f Make better use of new load_cert_pass() variant of load_cert() in apps/
b3c5aadf4c apps: make use of OSSL_STORE for generalized certs and CRLs loading
ed4faae00c Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8}
5f2b7db09b TEST: Use PEM_read_bio_PUBKEY_ex() and PEM_read_bio_PrivateKey_ex()
6e5ccd58c8 PEM: Add more library context aware PEM readers
2274d22d39 STORE: Distinguish public keys from private keys
6cc1dfca88 PROV: Fix DSA and DH private key serializers
22b814443e X509: Add d2i_PUBKEY_ex(), which take a libctx and propq
3b1fd0b003 cmp: handle error return from OBJ_obj2txt()
ffcdb24b13 pkeyutil: check return value reading password
16486f6332 PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider
26a8f2ac95 RSA: Fix rsa_todata() to only add params for existing data
e6ed04a9dc TEST: separate out NIST ECC tests from non-NIST
a24b510c28 EVP: Have evp_pkey_cmp_any() detect if export wasn't possible

Build log ended with (last 100 lines):

clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_ctx_test-bin-ssl_ctx_test.d.tmp -MT test/ssl_ctx_test-bin-ssl_ctx_test.o -c -o test/ssl_ctx_test-bin-ssl_ctx_test.o ../openssl/test/ssl_ctx_test.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test-bin-handshake_helper.d.tmp -MT test/ssl_test-bin-handshake_helper.o -c -o test/ssl_test-bin-handshake_helper.o ../openssl/test/handshake_helper.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test-bin-ssl_test.d.tmp -MT test/ssl_test-bin-ssl_test.o -c -o test/ssl_test-bin-ssl_test.o ../openssl/test/ssl_test.c
clang  -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test-bin-ssl_test_ctx.o -c -o test/ssl_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c
clang  -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx_test.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o ../openssl/test/ssl_test_ctx_test.c
clang  -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-filterprov.d.tmp -MT test/sslapitest-bin-filterprov.o -c -o test/sslapitest-bin-filterprov.o ../openssl/test/filterprov.c
clang  -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-sslapitest.d.tmp -MT test/sslapitest-bin-sslapitest.o -c -o test/sslapitest-bin-sslapitest.o ../openssl/test/sslapitest.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-ssltestlib.d.tmp -MT test/sslapitest-bin-ssltestlib.o -c -o test/sslapitest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-tls-provider.d.tmp -MT test/sslapitest-bin-tls-provider.o -c -o test/sslapitest-bin-tls-provider.o ../openssl/test/tls-provider.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslbuffertest-bin-sslbuffertest.d.tmp -MT test/sslbuffertest-bin-sslbuffertest.o -c -o test/sslbuffertest-bin-sslbuffertest.o ../openssl/test/sslbuffertest.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslbuffertest-bin-ssltestlib.d.tmp -MT test/sslbuffertest-bin-ssltestlib.o -c -o test/sslbuffertest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslcorrupttest-bin-sslcorrupttest.d.tmp -MT test/sslcorrupttest-bin-sslcorrupttest.o -c -o test/sslcorrupttest-bin-sslcorrupttest.o ../openssl/test/sslcorrupttest.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslcorrupttest-bin-ssltestlib.d.tmp -MT test/sslcorrupttest-bin-ssltestlib.o -c -o test/sslcorrupttest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssltest_old-bin-ssltest_old.d.tmp -MT test/ssltest_old-bin-ssltest_old.o -c -o test/ssltest_old-bin-ssltest_old.o ../openssl/test/ssltest_old.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/stack_test-bin-stack_test.d.tmp -MT test/stack_test-bin-stack_test.o -c -o test/stack_test-bin-stack_test.o ../openssl/test/stack_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sysdefaulttest-bin-sysdefaulttest.d.tmp -MT test/sysdefaulttest-bin-sysdefaulttest.o -c -o test/sysdefaulttest-bin-sysdefaulttest.o ../openssl/test/sysdefaulttest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/test_test-bin-test_test.d.tmp -MT test/test_test-bin-test_test.o -c -o test/test_test-bin-test_test.o ../openssl/test/test_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/threadstest-bin-threadstest.d.tmp -MT test/threadstest-bin-threadstest.o -c -o test/threadstest-bin-threadstest.o ../openssl/test/threadstest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/time_offset_test-bin-time_offset_test.d.tmp -MT test/time_offset_test-bin-time_offset_test.o -c -o test/time_offset_test-bin-time_offset_test.o ../openssl/test/time_offset_test.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13ccstest-bin-ssltestlib.d.tmp -MT test/tls13ccstest-bin-ssltestlib.o -c -o test/tls13ccstest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13ccstest-bin-tls13ccstest.d.tmp -MT test/tls13ccstest-bin-tls13ccstest.o -c -o test/tls13ccstest-bin-tls13ccstest.o ../openssl/test/tls13ccstest.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13encryptiontest-bin-tls13encryptiontest.d.tmp -MT test/tls13encryptiontest-bin-tls13encryptiontest.o -c -o test/tls13encryptiontest-bin-tls13encryptiontest.o ../openssl/test/tls13encryptiontest.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/tls13secretstest-bin-packet.d.tmp -MT crypto/tls13secretstest-bin-packet.o -c -o crypto/tls13secretstest-bin-packet.o ../openssl/crypto/packet.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF ssl/tls13secretstest-bin-tls13_enc.d.tmp -MT ssl/tls13secretstest-bin-tls13_enc.o -c -o ssl/tls13secretstest-bin-tls13_enc.o ../openssl/ssl/tls13_enc.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13secretstest-bin-tls13secretstest.d.tmp -MT test/tls13secretstest-bin-tls13secretstest.o -c -o test/tls13secretstest-bin-tls13secretstest.o ../openssl/test/tls13secretstest.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/uitest-bin-apps_ui.d.tmp -MT apps/lib/uitest-bin-apps_ui.o -c -o apps/lib/uitest-bin-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/uitest-bin-uitest.d.tmp -MT test/uitest-bin-uitest.o -c -o test/uitest-bin-uitest.o ../openssl/test/uitest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/v3ext-bin-v3ext.d.tmp -MT test/v3ext-bin-v3ext.o -c -o test/v3ext-bin-v3ext.o ../openssl/test/v3ext.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/v3nametest-bin-v3nametest.d.tmp -MT test/v3nametest-bin-v3nametest.o -c -o test/v3nametest-bin-v3nametest.o ../openssl/test/v3nametest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/verify_extra_test-bin-verify_extra_test.d.tmp -MT test/verify_extra_test-bin-verify_extra_test.o -c -o test/verify_extra_test-bin-verify_extra_test.o ../openssl/test/verify_extra_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/versions-bin-versions.d.tmp -MT test/versions-bin-versions.o -c -o test/versions-bin-versions.o ../openssl/test/versions.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/wpackettest-bin-wpackettest.d.tmp -MT test/wpackettest-bin-wpackettest.o -c -o test/wpackettest-bin-wpackettest.o ../openssl/test/wpackettest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.d.tmp -MT test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o -c -o test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o ../openssl/test/x509_check_cert_pkey_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_dup_cert_test-bin-x509_dup_cert_test.d.tmp -MT test/x509_dup_cert_test-bin-x509_dup_cert_test.o -c -o test/x509_dup_cert_test-bin-x509_dup_cert_test.o ../openssl/test/x509_dup_cert_test.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_internal_test-bin-x509_internal_test.d.tmp -MT test/x509_internal_test-bin-x509_internal_test.o -c -o test/x509_internal_test-bin-x509_internal_test.o ../openssl/test/x509_internal_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_time_test-bin-x509_time_test.d.tmp -MT test/x509_time_test-bin-x509_time_test.o -c -o test/x509_time_test-bin-x509_time_test.o ../openssl/test/x509_time_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509aux-bin-x509aux.d.tmp -MT test/x509aux-bin-x509aux.o -c -o test/x509aux-bin-x509aux.o ../openssl/test/x509aux.c
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/apps/CA.pl.in > "apps/CA.pl"
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/apps/tsget.in > "apps/tsget.pl"
chmod a+x apps/CA.pl
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/tools/c_rehash.in > "tools/c_rehash"
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/util/shlib_wrap.sh.in > "util/shlib_wrap.sh"
chmod a+x apps/tsget.pl
ar r apps/libapps.a apps/lib/libapps-lib-app_params.o apps/lib/libapps-lib-app_provider.o apps/lib/libapps-lib-app_rand.o apps/lib/libapps-lib-app_x509.o apps/lib/libapps-lib-apps.o apps/lib/libapps-lib-apps_ui.o apps/lib/libapps-lib-columns.o apps/lib/libapps-lib-fmt.o apps/lib/libapps-lib-http_server.o apps/lib/libapps-lib-names.o apps/lib/libapps-lib-opt.o apps/lib/libapps-lib-s_cb.o apps/lib/libapps-lib-s_socket.o
ar: creating apps/libapps.a
ranlib apps/libapps.a || echo Never mind.
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aes-x86_64.o crypto/aes/aes-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-mb-x86_64.o crypto/aes/aesni-mb-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-sha1-x86_64.o crypto/aes/aesni-sha1-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-sha256-x86_64.o crypto/aes/aesni-sha256-x86_64.s
chmod a+x tools/c_rehash
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-x86_64.o crypto/aes/aesni-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-bsaes-x86_64.o crypto/aes/bsaes-x86_64.s
chmod a+x util/shlib_wrap.sh
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-vpaes-x86_64.o crypto/aes/vpaes-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-rsaz-avx2.o crypto/bn/rsaz-avx2.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-rsaz-x86_64.o crypto/bn/rsaz-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-x86_64-gf2m.o crypto/bn/x86_64-gf2m.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-x86_64-mont.o crypto/bn/x86_64-mont.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-x86_64-mont5.o crypto/bn/x86_64-mont5.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/camellia/libcrypto-lib-cmll-x86_64.o crypto/camellia/cmll-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/chacha/libcrypto-lib-chacha-x86_64.o crypto/chacha/chacha-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/ec/libcrypto-lib-ecp_nistz256-x86_64.o crypto/ec/ecp_nistz256-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/ec/libcrypto-lib-x25519-x86_64.o crypto/ec/x25519-x86_64.s
clang  -Icrypto -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/libcrypto-lib-cversion.d.tmp -MT crypto/libcrypto-lib-cversion.o -c -o crypto/libcrypto-lib-cversion.o ../openssl/crypto/cversion.c
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/libcrypto-lib-x86_64cpuid.o crypto/x86_64cpuid.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/md5/libcrypto-lib-md5-x86_64.o crypto/md5/md5-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/modes/libcrypto-lib-aesni-gcm-x86_64.o crypto/modes/aesni-gcm-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/modes/libcrypto-lib-ghash-x86_64.o crypto/modes/ghash-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/poly1305/libcrypto-lib-poly1305-x86_64.o crypto/poly1305/poly1305-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/rc4/libcrypto-lib-rc4-md5-x86_64.o crypto/rc4/rc4-md5-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/rc4/libcrypto-lib-rc4-x86_64.o crypto/rc4/rc4-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-keccak1600-x86_64.o crypto/sha/keccak1600-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha1-mb-x86_64.o crypto/sha/sha1-mb-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha1-x86_64.o crypto/sha/sha1-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha256-mb-x86_64.o crypto/sha/sha256-mb-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha256-x86_64.o crypto/sha/sha256-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha512-x86_64.o crypto/sha/sha512-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/whrlpool/libcrypto-lib-wp-x86_64.o crypto/whrlpool/wp-x86_64.s
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/implementations/encode_decode/libimplementations-lib-encoder_rsa.d.tmp -MT providers/implementations/encode_decode/libimplementations-lib-encoder_rsa.o -c -o providers/implementations/encode_decode/libimplementations-lib-encoder_rsa.o ../openssl/providers/implementations/encode_decode/encoder_rsa.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/implementations/kdfs/libimplementations-lib-x942kdf.d.tmp -MT providers/implementations/kdfs/libimplementations-lib-x942kdf.o -c -o providers/implementations/kdfs/libimplementations-lib-x942kdf.o ../openssl/providers/implementations/kdfs/x942kdf.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/implementations/signature/libimplementations-lib-dsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-dsa.o -c -o providers/implementations/signature/libimplementations-lib-dsa.o ../openssl/providers/implementations/signature/dsa.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/common/der/libnonfips-lib-der_digests_gen.d.tmp -MT providers/common/der/libnonfips-lib-der_digests_gen.o -c -o providers/common/der/libnonfips-lib-der_digests_gen.o providers/common/der/der_digests_gen.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/common/der/libnonfips-lib-der_dsa_gen.d.tmp -MT providers/common/der/libnonfips-lib-der_dsa_gen.o -c -o providers/common/der/libnonfips-lib-der_dsa_gen.o providers/common/der/der_dsa_gen.c
../openssl/providers/implementations/kdfs/x942kdf.c:438:21: error: no previous extern declaration for non-static variable 'kdf_x942_kdf_functions' [-Werror,-Wmissing-variable-declarations]
const OSSL_DISPATCH kdf_x942_kdf_functions[] = {
                    ^
1 error generated.
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/common/der/libnonfips-lib-der_dsa_key.d.tmp -MT providers/common/der/libnonfips-lib-der_dsa_key.o -c -o providers/common/der/libnonfips-lib-der_dsa_key.o ../openssl/providers/common/der/der_dsa_key.c
Makefile:21467: recipe for target 'providers/implementations/kdfs/libimplementations-lib-x942kdf.o' failed
make[1]: *** [providers/implementations/kdfs/libimplementations-lib-x942kdf.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-cms'
Makefile:3115: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From openssl at openssl.org  Mon Aug 24 07:19:27 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 24 Aug 2020 07:19:27 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-des
Message-ID: <1598253568.001101.31090.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-des

Commit log since last time:

05ead00065 run_tests.pl: Add warning that HARNESS_JOBS > 1 overrides HARNESS_VERBOSE
1acb2e6f35 Fix CMS so that it still works with non fetchable algorithms.
eed12622fa Windows get ENV value as UTF-8 encoded string instead of a raw string
c0f39ded68 Add Explicit EC parameter support to providers.
a02c715c18 Clean away some declarations
93ec4f8f09 Remove the OSSL_SERIALIZER / OSSL_DESERIALIZER renaming scripts
ece9304c96 Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
f650993f1d Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
5a7734cd02 Add libctx/provider support to cmp_msg_test
4561f15fdb Add libctx/provider support to cmp_protect_test
bdd6784fdd Add libctx/provider support to cmp_vfy_test
b0248cbc3e Add libctx/provider support to cmp_client_test
6d1f50b520 Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt
cac30a69bc cmp_msg.c: Copy libctx and propq of CMP_CTX to newly enrolled certificate
28e9f62b2d cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc
1930b58642 cmp_hdr.c: Adapt ossl_cmp_hdr_init() to use OPENSSL_CTX for random number generation
2300083887 crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails
ab28b59064 Add libctx/provider support to cmp_server_test
97e00da902 Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its doc
1a7cd250ad Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_mock_srv_new()
7b1a3a5062 cmp_vfy.c: Fix bug: must verify msg signature also in 3GPP mode
cef3a008a6 Update CMP header file references in internal CMP documentation
ded346fad2 Add libctx and propq param to ASN.1 sign/verify/HMAC/decrypt
4cdf44c46b x_x509.c: Simplify X509_new_with_libctx() using x509_set0_libctx()
09c2e26e64 Re-word null->empty property; improve iteration.count example in property.pod
1bb6f70da3 testutil: Add provider.c with test_get_libctx(), to use at least for SSL and CMP
06cee80a84 testutil: Make SETUP_TEST_FIXTURE return 0 on fixture == NULL
1a7ceb6c74 Correct the #define's of EVP_PKEY_CTRL_SET1_ID and EVP_PKEY_CTRL_GET1_ID{,_LEN}
bc03cfadc4 Add prerequisite #include directives to include/crypto/x509.h
de3713d492 Make sure x509v3_cache_extensions() does not modify the error queue
be63e58732 Fix incorrect selection flags for ec serializer.
8ca6c6669f Test mte with stitched ciphersuites in TLSv1.0
a361cb841d Fix stitched ciphersuites in TLS1.0
2a33470b4f Make better use of new load_cert_pass() variant of load_cert() in apps/
b3c5aadf4c apps: make use of OSSL_STORE for generalized certs and CRLs loading
ed4faae00c Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8}
5f2b7db09b TEST: Use PEM_read_bio_PUBKEY_ex() and PEM_read_bio_PrivateKey_ex()
6e5ccd58c8 PEM: Add more library context aware PEM readers
2274d22d39 STORE: Distinguish public keys from private keys
6cc1dfca88 PROV: Fix DSA and DH private key serializers
22b814443e X509: Add d2i_PUBKEY_ex(), which take a libctx and propq
3b1fd0b003 cmp: handle error return from OBJ_obj2txt()
ffcdb24b13 pkeyutil: check return value reading password
16486f6332 PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider
26a8f2ac95 RSA: Fix rsa_todata() to only add params for existing data
e6ed04a9dc TEST: separate out NIST ECC tests from non-NIST
a24b510c28 EVP: Have evp_pkey_cmp_any() detect if export wasn't possible

Build log ended with (last 100 lines):

../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -revreason 5 => 1
    not ok 79 - ir + ignored revocation
# ------------------------------------------------------------------------------
Could not read any key of private key for CMP client certificate from signer.p12
C0202B7F747F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:
C0202B7F747F0000:error::PKCS12 routines:PKCS12_pbe_crypt:pkcs12 algor cipherinit error:../openssl/crypto/pkcs12/p12_decr.c:37:
C0202B7F747F0000:error::PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe crypt error:../openssl/crypto/pkcs12/p12_decr.c:90:
C0202B7F747F0000:error::PKCS12 routines:PKCS12_parse:parse error:../openssl/crypto/pkcs12/p12_kiss.c:87:
Unable to load private key for CMP client certificate
OPENSSL_FUNC:../openssl/apps/cmp.c:2885:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2728:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -proxy option is empty string, resetting option
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 1
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
Could not open file or uri test.cert.pem for loading CMP client certificate (and optionally extra certs)
Could not read any cert of CMP client certificate (and optionally extra certs) from test.cert.pem
C0B05311167F0000:error::system library:file_open_with_libctx:No such file or directory:../openssl/crypto/store/loader_file.c:935:calling stat(test.cert.pem)
OPENSSL_FUNC:../openssl/apps/cmp.c:2885:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2728:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:1964:CMP warning: -subject '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=leaf' given, which overrides the subject of 'test.cert.pem' in KUR
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 1
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
Could not open file or uri test.cert.pem for loading CMP client certificate (and optionally extra certs)
Could not read any cert of CMP client certificate (and optionally extra certs) from test.cert.pem
C0108F1A377F0000:error::system library:file_open_with_libctx:No such file or directory:../openssl/crypto/store/loader_file.c:935:calling stat(test.cert.pem)
OPENSSL_FUNC:../openssl/apps/cmp.c:2885:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2728:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -subject option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -secret option is empty string, resetting option
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 1
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
    # Looks like you failed 31 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-des/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
30-test_evp.t                    (Wstat: 768 Tests: 86 Failed: 3)
  Failed tests:  12, 36, 69
  Non-zero exit status: 3
30-test_evp_kdf.t                (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=209, Tests=3230, 886 wallclock secs (14.06 usr  1.39 sys + 817.87 cusr 62.63 csys = 895.95 CPU)
Result: FAIL
Makefile:3121: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-des'
Makefile:3119: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Mon Aug 24 07:43:48 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 24 Aug 2020 07:43:48 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dgram
Message-ID: <1598255028.934531.16154.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dgram

Commit log since last time:

05ead00065 run_tests.pl: Add warning that HARNESS_JOBS > 1 overrides HARNESS_VERBOSE
1acb2e6f35 Fix CMS so that it still works with non fetchable algorithms.
eed12622fa Windows get ENV value as UTF-8 encoded string instead of a raw string
c0f39ded68 Add Explicit EC parameter support to providers.
a02c715c18 Clean away some declarations
93ec4f8f09 Remove the OSSL_SERIALIZER / OSSL_DESERIALIZER renaming scripts
ece9304c96 Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
f650993f1d Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
5a7734cd02 Add libctx/provider support to cmp_msg_test
4561f15fdb Add libctx/provider support to cmp_protect_test
bdd6784fdd Add libctx/provider support to cmp_vfy_test
b0248cbc3e Add libctx/provider support to cmp_client_test
6d1f50b520 Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt
cac30a69bc cmp_msg.c: Copy libctx and propq of CMP_CTX to newly enrolled certificate
28e9f62b2d cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc
1930b58642 cmp_hdr.c: Adapt ossl_cmp_hdr_init() to use OPENSSL_CTX for random number generation
2300083887 crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails
ab28b59064 Add libctx/provider support to cmp_server_test
97e00da902 Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its doc
1a7cd250ad Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_mock_srv_new()
7b1a3a5062 cmp_vfy.c: Fix bug: must verify msg signature also in 3GPP mode
cef3a008a6 Update CMP header file references in internal CMP documentation
ded346fad2 Add libctx and propq param to ASN.1 sign/verify/HMAC/decrypt
4cdf44c46b x_x509.c: Simplify X509_new_with_libctx() using x509_set0_libctx()
09c2e26e64 Re-word null->empty property; improve iteration.count example in property.pod
1bb6f70da3 testutil: Add provider.c with test_get_libctx(), to use at least for SSL and CMP
06cee80a84 testutil: Make SETUP_TEST_FIXTURE return 0 on fixture == NULL
1a7ceb6c74 Correct the #define's of EVP_PKEY_CTRL_SET1_ID and EVP_PKEY_CTRL_GET1_ID{,_LEN}
bc03cfadc4 Add prerequisite #include directives to include/crypto/x509.h
de3713d492 Make sure x509v3_cache_extensions() does not modify the error queue
be63e58732 Fix incorrect selection flags for ec serializer.
8ca6c6669f Test mte with stitched ciphersuites in TLSv1.0
a361cb841d Fix stitched ciphersuites in TLS1.0
2a33470b4f Make better use of new load_cert_pass() variant of load_cert() in apps/
b3c5aadf4c apps: make use of OSSL_STORE for generalized certs and CRLs loading
ed4faae00c Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8}
5f2b7db09b TEST: Use PEM_read_bio_PUBKEY_ex() and PEM_read_bio_PrivateKey_ex()
6e5ccd58c8 PEM: Add more library context aware PEM readers
2274d22d39 STORE: Distinguish public keys from private keys
6cc1dfca88 PROV: Fix DSA and DH private key serializers
22b814443e X509: Add d2i_PUBKEY_ex(), which take a libctx and propq
3b1fd0b003 cmp: handle error return from OBJ_obj2txt()
ffcdb24b13 pkeyutil: check return value reading password
16486f6332 PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider
26a8f2ac95 RSA: Fix rsa_todata() to only add params for existing data
e6ed04a9dc TEST: separate out NIST ECC tests from non-NIST
a24b510c28 EVP: Have evp_pkey_cmp_any() detect if export wasn't possible

Build log ended with (last 100 lines):


# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build
80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok

            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 7 - iteration 7
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 8 - iteration 8
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 10 - iteration 10
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 11 - iteration 11
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 12 - iteration 12
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips.cnf => 1
    not ok 9 - running ssl_test 04-client_auth.cnf
# ------------------------------------------------------------------------------
    #   Failed test 'running ssl_test 04-client_auth.cnf'
    #   at ../openssl/test/recipes/80-test_ssl_new.t line 173.
    # Looks like you failed 1 test of 9.
not ok 5 - Test configuration 04-client_auth.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  5
  Non-zero exit status: 1
Files=209, Tests=3331, 865 wallclock secs (13.41 usr  1.25 sys + 798.31 cusr 65.07 csys = 878.04 CPU)
Result: FAIL
Makefile:3175: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dgram'
Makefile:3173: recipe for target 'tests' failed
make: *** [tests] Error 2

From levitte at openssl.org  Mon Aug 24 08:05:05 2020
From: levitte at openssl.org (Richard Levitte)
Date: Mon, 24 Aug 2020 08:05:05 +0000
Subject: [openssl]  master update
Message-ID: <1598256305.996216.12878.nullmailer@dev.openssl.org>

The branch master has been updated
       via  a8b7ea8268e23a033750eb77380ef9a4f9a5aa27 (commit)
       via  34b80d0622924d112b145fd36bfaad18616f2546 (commit)
       via  4fd397821139723fd4e51a03e92df33e9a9fadcc (commit)
       via  ab00ddb55907317d6cece552d12ddf3263c01043 (commit)
       via  c4fc564d48456be622509886d3ea5618fce2a02e (commit)
       via  8704b6bf32ccc24570b57fbdfef685fbd3572635 (commit)
       via  faa64bca9f59b4390aed93dca75e53c3cacddc4a (commit)
       via  a517edec0385280e31e2dc2912301501e6b0c4a3 (commit)
       via  14c8a3d118e3ec5d0179d45c7f227d29a52f7697 (commit)
      from  bc8c3e1cd8691e6c8e6fe208377ee0d0e408af73 (commit)


- Log -----------------------------------------------------------------
commit a8b7ea8268e23a033750eb77380ef9a4f9a5aa27
Author: Richard Levitte <levitte at openssl.org>
Date:   Thu Jul 23 16:12:10 2020 +0200

    STORE: Change all error recording to use ERR_raise() / ERR_raise_data()
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12512)

commit 34b80d0622924d112b145fd36bfaad18616f2546
Author: Richard Levitte <levitte at openssl.org>
Date:   Wed Jul 22 22:55:00 2020 +0200

    STORE: Modify to support loading with provider based loaders
    
    This adds the needed code to make the OSSL_STORE API functions handle
    provided STORE implementations.
    
    This also modifies OSSL_STORE_attach() for have the URI, the
    library context and the properties in the same order as
    OSSL_STORE_open_with_libctx().
    
    The most notable change, though, is how this creates a division of
    labor between libcrypto and any storemgmt implementation that wants to
    pass X.509, X.509 CRL, etc structures back to libcrypto.  Since those
    structures aren't directly supported in the libcrypto <-> provider
    interface (asymmetric keys being the only exception so far), we resort
    to a libcrypto object callback that can handle passed data in DER form
    and does its part of figuring out what the DER content actually is.
    
    This also adds the internal x509_crl_set0_libctx(), which works just
    like x509_set0_libctx(), but for X509_CRL.
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12512)

commit 4fd397821139723fd4e51a03e92df33e9a9fadcc
Author: Richard Levitte <levitte at openssl.org>
Date:   Sun Aug 2 14:29:33 2020 +0200

    DECODER: Add function to set an OSSL_PASSPHRASE_CALLBACK type callback
    
    This makes it possible to use OSSL_DECODER in functions that are passed
    a OSSL_PASSPHRASE_CALLBACK already.
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12512)

commit ab00ddb55907317d6cece552d12ddf3263c01043
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Jul 28 22:00:09 2020 +0200

    OSSL_PARAM: Add string pointer getters
    
    When some function receives an OSSL_PARAM array to pilfer for data,
    and there is a string of some sort, and all the code needs is to get
    the pointer to the data, rather than a copy, there is currently no
    other way than to use |param->data| directly.  This is of course a
    valid method, but lacks any safety check (is |param->data_type|
    correct, for example?).
    
    OSSL_PARAM_get_utf8_string_ptr() and OSSL_PARAM_get_octet_string_ptr()
    helps the programmer with such things, by setting the argument pointer
    to |param->data|.
    Additionally, the handle the data types OSSL_PARAM_UTF8_PTR and
    OSSL_PARAM_OCTET_PTR as well.
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12512)

commit c4fc564d48456be622509886d3ea5618fce2a02e
Author: Richard Levitte <levitte at openssl.org>
Date:   Wed Jul 22 22:54:54 2020 +0200

    STORE: Add the base functions to support provider based loaders
    
    This includes fixing a bug that could only be discovered when no
    loaders were registered.
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12512)

commit 8704b6bf32ccc24570b57fbdfef685fbd3572635
Author: Richard Levitte <levitte at openssl.org>
Date:   Wed Jul 22 22:54:42 2020 +0200

    STORE for providers: define libcrypto <-> provider interface
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12512)

commit faa64bca9f59b4390aed93dca75e53c3cacddc4a
Author: Richard Levitte <levitte at openssl.org>
Date:   Sun Jul 26 09:21:29 2020 +0200

    STORE: Add missing function OSSL_STORE_LOADER_set_open_with_libctx()
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12512)

commit a517edec0385280e31e2dc2912301501e6b0c4a3
Author: Richard Levitte <levitte at openssl.org>
Date:   Sun Aug 2 12:14:19 2020 +0200

    CORE: Generalise internal pass phrase prompter
    
    The pass phrase prompter that's part of OSSL_ENCODER and OSSL_DECODER
    is really a passphrase callback bridge between the diverse forms of
    prompters that exist within OpenSSL: pem_password_cb, ui_method and
    OSSL_PASSPHRASE_CALLBACK.
    
    This can be generalised, to be re-used by other parts of OpenSSL, and
    to thereby allow the users to specify whatever form of pass phrase
    callback they need, while being able to pass that on to other APIs
    that are called internally, in the form that those APIs demand.
    
    Additionally, we throw in the possibility to cache pass phrases during
    a "session" (we leave it to each API to define what a "session" is).
    This is useful for any API that implements discovery and therefore may
    need to get the same password more than once, such as OSSL_DECODER and
    OSSL_STORE.
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12512)

commit 14c8a3d118e3ec5d0179d45c7f227d29a52f7697
Author: Richard Levitte <levitte at openssl.org>
Date:   Wed Jul 22 15:34:25 2020 +0200

    CORE: Define provider-native abstract objects
    
    This is placed as CORE because the core of libcrypto is the authority
    for what is possible to do and what's required to make these abstract
    objects work.
    
    In essence, an abstract object is an OSSL_PARAM array with well
    defined parameter keys and values:
    
    -   an object type, which is a number indicating what kind of
        libcrypto structure the object in question can be used with.  The
        currently possible numbers are defined in <openssl/core_object.h>.
    -   an object data type, which is a string that indicates more closely
        what the contents of the object are.
    -   the object data, an octet string.  The exact encoding used depends
        on the context in which it's used.  For example, the decoder
        sub-system accepts any encoding, as long as there is a decoder
        implementation that takes that as input.  If central code is to
        handle the data directly, DER encoding is assumed. (*)
    -   an object reference, also an octet string.  This octet string is
        not the object contents, just a mere reference to a provider-native
        object. (**)
    -   an object description, which is a human readable text string that
        can be displayed if some software desires to do so.
    
    The intent is that certain provider-native operations (called X
    here) are able to return any sort of object that belong with other
    operations, or an object that has no provider support otherwise.
    
    (*) A future extension might be to be able to specify encoding.
    
    (**) The possible mechanisms for dealing with object references are:
    
    -   An object loading function in the target operation.  The exact
        target operation is determined by the object type (for example,
        OSSL_OBJECT_PKEY implies that the target operation is a KEYMGMT)
        and the implementation to be fetched by its object data type (for
        an OSSL_OBJECT_PKEY, that's the KEYMGMT keytype to be fetched).
        This loading function is only useful for this if the implementations
        that are involved (X and KEYMGMT, for example) are from the same
        provider.
    
    -   An object exporter function in the operation X implementation.
        That exporter function can be used to export the object data in
        OSSL_PARAM form that can be imported by a target operation's
        import function.  This can be used when it's not possible to fetch
        the target operation implementation from the same provider.
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12512)

-----------------------------------------------------------------------

Summary of changes:
 crypto/build.info                                  |   2 +-
 crypto/encode_decode/build.info                    |   5 +-
 crypto/encode_decode/decoder_lib.c                 |  15 +-
 crypto/encode_decode/decoder_meth.c                |   4 +-
 crypto/encode_decode/decoder_pkey.c                |  75 +--
 crypto/encode_decode/encoder_local.h               |  44 +-
 crypto/encode_decode/encoder_meth.c                |   2 +-
 crypto/encode_decode/encoder_pkey.c                |  38 +-
 crypto/encode_decode/endecode_pass.c               | 162 ------
 crypto/params.c                                    |  26 +
 crypto/passphrase.c                                | 324 +++++++++++
 crypto/store/build.info                            |   4 +-
 crypto/store/store_init.c                          |   2 +-
 crypto/store/store_lib.c                           | 498 +++++++++++++----
 crypto/store/store_local.h                         |  76 +++
 crypto/store/store_meth.c                          | 425 +++++++++++++++
 crypto/store/store_register.c                      |  80 ++-
 crypto/store/store_result.c                        | 594 +++++++++++++++++++++
 crypto/x509/x_crl.c                                |   9 +
 doc/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.pod      |  25 +-
 doc/man3/OSSL_DECODER_from_bio.pod                 |  47 +-
 doc/man3/OSSL_PARAM_int.pod                        |  16 +
 doc/man3/OSSL_STORE_LOADER.pod                     | 238 ++++++---
 doc/man3/OSSL_STORE_open.pod                       |  21 +-
 doc/man7/provider-object.pod                       | 189 +++++++
 doc/man7/provider-storemgmt.pod                    | 178 ++++++
 include/crypto/x509.h                              |   4 +
 include/internal/cryptlib.h                        |   3 +-
 include/internal/passphrase.h                      | 120 +++++
 include/openssl/core_dispatch.h                    |  43 +-
 include/openssl/core_names.h                       |  48 +-
 include/openssl/core_object.h                      |  40 ++
 include/openssl/decoder.h                          |   3 +
 include/openssl/err.h                              |   1 +
 include/openssl/params.h                           |   4 +
 include/openssl/store.h                            |  85 ++-
 .../implementations/encode_decode/decode_common.c  |  39 +-
 .../implementations/encode_decode/decode_der2key.c |  14 +-
 .../implementations/encode_decode/decode_ms2key.c  |  14 +-
 .../implementations/encode_decode/decode_pem2der.c |   4 +-
 util/libcrypto.num                                 |  12 +
 util/other.syms                                    |   1 +
 42 files changed, 2854 insertions(+), 680 deletions(-)
 delete mode 100644 crypto/encode_decode/endecode_pass.c
 create mode 100644 crypto/passphrase.c
 create mode 100644 crypto/store/store_meth.c
 create mode 100644 crypto/store/store_result.c
 create mode 100644 doc/man7/provider-object.pod
 create mode 100644 doc/man7/provider-storemgmt.pod
 create mode 100644 include/internal/passphrase.h
 create mode 100644 include/openssl/core_object.h

diff --git a/crypto/build.info b/crypto/build.info
index 07e3dd526f..9e10145d3c 100644
--- a/crypto/build.info
+++ b/crypto/build.info
@@ -71,7 +71,7 @@ $UTIL_COMMON=\
         cryptlib.c params.c params_from_text.c bsearch.c ex_data.c o_str.c \
         ctype.c threads_pthread.c threads_win.c threads_none.c initthread.c \
         context.c sparse_array.c asn1_dsa.c packet.c param_build.c $CPUIDASM \
-        param_build_set.c der_writer.c
+        param_build_set.c der_writer.c passphrase.c
 $UTIL_DEFINE=$CPUIDDEF
 
 SOURCE[../libcrypto]=$UTIL_COMMON \
diff --git a/crypto/encode_decode/build.info b/crypto/encode_decode/build.info
index 4686c4a19d..e2cd846673 100644
--- a/crypto/encode_decode/build.info
+++ b/crypto/encode_decode/build.info
@@ -1,8 +1,5 @@
-SOURCE[../../libcrypto]=endecode_pass.c
-
 SOURCE[../../libcrypto]=encoder_meth.c encoder_lib.c encoder_pkey.c
-SOURCE[../../libcrypto]=decoder_meth.c decoder_lib.c \
-        decoder_pkey.c
+SOURCE[../../libcrypto]=decoder_meth.c decoder_lib.c decoder_pkey.c
 
 SOURCE[../../libcrypto]=encoder_err.c
 SOURCE[../../libcrypto]=decoder_err.c
diff --git a/crypto/encode_decode/decoder_lib.c b/crypto/encode_decode/decoder_lib.c
index 21b4703084..5d18ef1eff 100644
--- a/crypto/encode_decode/decoder_lib.c
+++ b/crypto/encode_decode/decoder_lib.c
@@ -11,6 +11,7 @@
 #include <openssl/bio.h>
 #include <openssl/params.h>
 #include <openssl/provider.h>
+#include "internal/passphrase.h"
 #include "encoder_local.h"
 #include "e_os.h"
 
@@ -35,13 +36,14 @@ int OSSL_DECODER_from_bio(OSSL_DECODER_CTX *ctx, BIO *in)
     data.ctx = ctx;
     data.bio = in;
 
+    /* Enable passphrase caching */
+    (void)ossl_pw_enable_passphrase_caching(&ctx->pwdata);
+
     ok = decoder_process(NULL, &data);
 
     /* Clear any internally cached passphrase */
-    if (!ctx->flag_user_passphrase) {
-        OSSL_DECODER_CTX_set_passphrase(ctx, NULL, 0);
-        ctx->flag_user_passphrase = 0;
-    }
+    (void)ossl_pw_clear_passphrase_cache(&ctx->pwdata);
+
     return ok;
 }
 
@@ -407,7 +409,7 @@ static int decoder_process(const OSSL_PARAM params[], void *arg)
          * If this data isn't present, decoding has failed.
          */
 
-        p = OSSL_PARAM_locate_const(params, OSSL_DECODER_PARAM_DATA);
+        p = OSSL_PARAM_locate_const(params, OSSL_OBJECT_PARAM_DATA);
         if (p == NULL || p->data_type != OSSL_PARAM_OCTET_STRING)
             goto end;
         new_data.bio = BIO_new_mem_buf(p->data, (int)p->data_size);
@@ -472,7 +474,8 @@ static int decoder_process(const OSSL_PARAM params[], void *arg)
         new_data.current_deser_inst_index = i;
         ok = new_deser->decode(new_deser_inst->deserctx, (OSSL_CORE_BIO *)bio,
                                decoder_process, &new_data,
-                               ctx->passphrase_cb, new_data.ctx);
+                               ossl_pw_passphrase_callback_dec,
+                               &new_data.ctx->pwdata);
         if (ok)
             break;
     }
diff --git a/crypto/encode_decode/decoder_meth.c b/crypto/encode_decode/decoder_meth.c
index 2259c6348a..409bb1aa54 100644
--- a/crypto/encode_decode/decoder_meth.c
+++ b/crypto/encode_decode/decoder_meth.c
@@ -492,7 +492,6 @@ OSSL_DECODER_CTX *OSSL_DECODER_CTX_new(void)
         return NULL;
     }
 
-    ctx->passphrase_cb = ossl_decoder_passphrase_in_cb;
     return ctx;
 }
 
@@ -545,8 +544,7 @@ void OSSL_DECODER_CTX_free(OSSL_DECODER_CTX *ctx)
             ctx->cleanup(ctx->construct_data);
         sk_OSSL_DECODER_INSTANCE_pop_free(ctx->decoder_insts,
                                           OSSL_DECODER_INSTANCE_free);
-        OSSL_DECODER_CTX_set_passphrase_ui(ctx, NULL, NULL);
-        OSSL_DECODER_CTX_set_passphrase(ctx, NULL, 0);
+        ossl_pw_clear_passphrase_data(&ctx->pwdata);
         OPENSSL_free(ctx);
     }
 }
diff --git a/crypto/encode_decode/decoder_pkey.c b/crypto/encode_decode/decoder_pkey.c
index 7ab38f228f..0bb548abce 100644
--- a/crypto/encode_decode/decoder_pkey.c
+++ b/crypto/encode_decode/decoder_pkey.c
@@ -8,6 +8,7 @@
  */
 
 #include <openssl/core_names.h>
+#include <openssl/core_object.h>
 #include <openssl/evp.h>
 #include <openssl/ui.h>
 #include <openssl/decoder.h>
@@ -19,79 +20,27 @@ int OSSL_DECODER_CTX_set_passphrase(OSSL_DECODER_CTX *ctx,
                                     const unsigned char *kstr,
                                     size_t klen)
 {
-    if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    OPENSSL_clear_free(ctx->cached_passphrase, ctx->cached_passphrase_len);
-    ctx->cached_passphrase = NULL;
-    ctx->cached_passphrase_len = 0;
-    if (kstr != NULL) {
-        if (klen == 0) {
-            ctx->cached_passphrase = OPENSSL_zalloc(1);
-            ctx->cached_passphrase_len = 0;
-        } else {
-            ctx->cached_passphrase = OPENSSL_memdup(kstr, klen);
-            ctx->cached_passphrase_len = klen;
-        }
-        if (ctx->cached_passphrase == NULL) {
-            ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-    }
-    ctx->flag_user_passphrase = 1;
-    return 1;
-}
-
-static void decoder_ctx_reset_passphrase_ui(OSSL_DECODER_CTX *ctx)
-{
-    UI_destroy_method(ctx->allocated_ui_method);
-    ctx->allocated_ui_method = NULL;
-    ctx->ui_method = NULL;
-    ctx->ui_data = NULL;
+    return ossl_pw_set_passphrase(&ctx->pwdata, kstr, klen);
 }
 
 int OSSL_DECODER_CTX_set_passphrase_ui(OSSL_DECODER_CTX *ctx,
                                        const UI_METHOD *ui_method,
                                        void *ui_data)
 {
-    if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    decoder_ctx_reset_passphrase_ui(ctx);
-    ctx->ui_method = ui_method;
-    ctx->ui_data = ui_data;
-    return 1;
+    return ossl_pw_set_ui_method(&ctx->pwdata, ui_method, ui_data);
 }
 
 int OSSL_DECODER_CTX_set_pem_password_cb(OSSL_DECODER_CTX *ctx,
                                          pem_password_cb *cb, void *cbarg)
 {
-    UI_METHOD *ui_method = NULL;
-
-    if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    /*
-     * If |cb| is NULL, it means the caller wants to reset previous
-     * password callback info.  Otherwise, we only set the new data
-     * if a new UI_METHOD could be created for this sort of callback.
-     */
-    if (cb == NULL
-        || (ui_method = UI_UTIL_wrap_read_pem_callback(cb, 0)) != NULL) {
-        decoder_ctx_reset_passphrase_ui(ctx);
-        ctx->ui_method = ctx->allocated_ui_method = ui_method;
-        ctx->ui_data = cbarg;
-        ctx->passphrase_cb = ossl_decoder_passphrase_in_cb;
-        return 1;
-    }
+    return ossl_pw_set_pem_password_cb(&ctx->pwdata, cb, cbarg);
+}
 
-    return 0;
+int OSSL_DECODER_CTX_set_passphrase_cb(OSSL_DECODER_CTX *ctx,
+                                       OSSL_PASSPHRASE_CALLBACK *cb,
+                                       void *cbarg)
+{
+    return ossl_pw_set_ossl_passphrase_cb(&ctx->pwdata, cb, cbarg);
 }
 
 /*
@@ -128,7 +77,7 @@ static int decoder_construct_EVP_PKEY(OSSL_DECODER_INSTANCE *decoder_inst,
     size_t object_ref_sz = 0;
     const OSSL_PARAM *p;
 
-    p = OSSL_PARAM_locate_const(params, OSSL_DECODER_PARAM_DATA_TYPE);
+    p = OSSL_PARAM_locate_const(params, OSSL_OBJECT_PARAM_DATA_TYPE);
     if (p != NULL) {
         char *object_type = NULL;
 
@@ -143,7 +92,7 @@ static int decoder_construct_EVP_PKEY(OSSL_DECODER_INSTANCE *decoder_inst,
      * reference for the moment.  This enforces that the key data itself
      * remains with the provider.
      */
-    p = OSSL_PARAM_locate_const(params, OSSL_DECODER_PARAM_REFERENCE);
+    p = OSSL_PARAM_locate_const(params, OSSL_OBJECT_PARAM_REFERENCE);
     if (p == NULL || p->data_type != OSSL_PARAM_OCTET_STRING)
         return 0;
     object_ref = p->data;
diff --git a/crypto/encode_decode/encoder_local.h b/crypto/encode_decode/encoder_local.h
index 34931d4e43..749b2688e4 100644
--- a/crypto/encode_decode/encoder_local.h
+++ b/crypto/encode_decode/encoder_local.h
@@ -13,6 +13,7 @@
 #include <openssl/encoder.h>
 #include <openssl/decoder.h>
 #include "internal/cryptlib.h"
+#include "internal/passphrase.h"
 #include "internal/refcount.h"
 
 struct ossl_serdes_base_st {
@@ -64,13 +65,7 @@ struct ossl_encoder_ctx_st {
     int (*do_output)(OSSL_ENCODER_CTX *ctx, BIO *out);
 
     /* For any function that needs a passphrase reader */
-    const UI_METHOD *ui_method;
-    void *ui_data;
-    /*
-     * if caller used OSSL_ENCODER_CTX_set_passphrase_cb(), we need
-     * intermediary storage.
-     */
-    UI_METHOD *allocated_ui_method;
+    struct ossl_passphrase_data_st pwdata;
 };
 
 struct ossl_decoder_instance_st {
@@ -103,38 +98,5 @@ struct ossl_decoder_ctx_st {
     void *construct_data;
 
     /* For any function that needs a passphrase reader */
-    OSSL_PASSPHRASE_CALLBACK *passphrase_cb;
-    const UI_METHOD *ui_method;
-    void *ui_data;
-    /*
-     * if caller used OSSL_ENCODER_CTX_set_pem_password_cb(), we need
-     * intermediary storage.
-     */
-    UI_METHOD *allocated_ui_method;
-    /*
-     * Because the same input may pass through more than one decoder,
-     * we cache any passphrase passed to us.  The desrializing processor
-     * must clear this at the end of a run.
-     */
-    unsigned char *cached_passphrase;
-    size_t cached_passphrase_len;
-
-    /*
-     * Flag section.  Keep these together
-     */
-
-    /*
-     * The passphrase was passed to us by the user.  In that case, it
-     * should only be freed when freeing this context.
-     */
-    unsigned int flag_user_passphrase:1;
+    struct ossl_passphrase_data_st pwdata;
 };
-
-/* Passphrase callbacks, found in serdes_pass.c */
-
-/*
- * Encoders typically want to get an outgoing passphrase, while
- * decoders typically want to get en incoming passphrase.
- */
-OSSL_PASSPHRASE_CALLBACK ossl_encoder_passphrase_out_cb;
-OSSL_PASSPHRASE_CALLBACK ossl_decoder_passphrase_in_cb;
diff --git a/crypto/encode_decode/encoder_meth.c b/crypto/encode_decode/encoder_meth.c
index ef3c24433e..81bc5c47b9 100644
--- a/crypto/encode_decode/encoder_meth.c
+++ b/crypto/encode_decode/encoder_meth.c
@@ -517,7 +517,7 @@ void OSSL_ENCODER_CTX_free(OSSL_ENCODER_CTX *ctx)
         if (ctx->encoder != NULL && ctx->encoder->freectx != NULL)
             ctx->encoder->freectx(ctx->serctx);
         OSSL_ENCODER_free(ctx->encoder);
-        UI_destroy_method(ctx->allocated_ui_method);
+        ossl_pw_clear_passphrase_data(&ctx->pwdata);
         OPENSSL_free(ctx);
     }
 }
diff --git a/crypto/encode_decode/encoder_pkey.c b/crypto/encode_decode/encoder_pkey.c
index dc776c023e..6664f589b4 100644
--- a/crypto/encode_decode/encoder_pkey.c
+++ b/crypto/encode_decode/encoder_pkey.c
@@ -48,45 +48,17 @@ int OSSL_ENCODER_CTX_set_passphrase(OSSL_ENCODER_CTX *ctx,
     return OSSL_ENCODER_CTX_set_params(ctx, params);
 }
 
-static void encoder_ctx_reset_passphrase_ui(OSSL_ENCODER_CTX *ctx)
-{
-    UI_destroy_method(ctx->allocated_ui_method);
-    ctx->allocated_ui_method = NULL;
-    ctx->ui_method = NULL;
-    ctx->ui_data = NULL;
-}
-
 int OSSL_ENCODER_CTX_set_passphrase_ui(OSSL_ENCODER_CTX *ctx,
                                        const UI_METHOD *ui_method,
                                        void *ui_data)
 {
-    if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    encoder_ctx_reset_passphrase_ui(ctx);
-    ctx->ui_method = ui_method;
-    ctx->ui_data = ui_data;
-    return 1;
+    return ossl_pw_set_ui_method(&ctx->pwdata, ui_method, ui_data);
 }
 
 int OSSL_ENCODER_CTX_set_passphrase_cb(OSSL_ENCODER_CTX *ctx,
                                        pem_password_cb *cb, void *cbarg)
 {
-    if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    encoder_ctx_reset_passphrase_ui(ctx);
-    if (cb == NULL)
-        return 1;
-    ctx->ui_method =
-        ctx->allocated_ui_method = UI_UTIL_wrap_read_pem_callback(cb, 1);
-    ctx->ui_data = cbarg;
-
-    return ctx->ui_method != NULL;
+    return ossl_pw_set_pem_password_cb(&ctx->pwdata, cb, cbarg);
 }
 
 /*
@@ -125,7 +97,8 @@ static int encoder_write_cb(const OSSL_PARAM params[], void *arg)
     BIO *out = write_data->out;
 
     return ctx->encoder->encode_data(ctx->serctx, params, (OSSL_CORE_BIO *)out,
-                                     ossl_encoder_passphrase_out_cb, ctx);
+                                     ossl_pw_passphrase_callback_enc,
+                                     &ctx->pwdata);
 }
 
 /*
@@ -164,7 +137,8 @@ static int encoder_EVP_PKEY_to_bio(OSSL_ENCODER_CTX *ctx, BIO *out)
 
     return ctx->encoder->encode_object(ctx->serctx, keydata,
                                        (OSSL_CORE_BIO *)out,
-                                       ossl_encoder_passphrase_out_cb, ctx);
+                                       ossl_pw_passphrase_callback_enc,
+                                       &ctx->pwdata);
 }
 
 /*
diff --git a/crypto/encode_decode/endecode_pass.c b/crypto/encode_decode/endecode_pass.c
deleted file mode 100644
index 113f5eeb84..0000000000
--- a/crypto/encode_decode/endecode_pass.c
+++ /dev/null
@@ -1,162 +0,0 @@
-/*
- * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <openssl/err.h>
-#include <openssl/ui.h>
-#include <openssl/core_names.h>
-#include "internal/cryptlib.h"
-#include "encoder_local.h"
-
-/* Passphrase callbacks for any who need it */
-
-/*
- * First, define the generic passphrase function that supports both
- * outgoing (with passphrase verify) and incoming (without passphrase
- * verify) passphrase reading.
- */
-static int do_passphrase(char *pass, size_t pass_size, size_t *pass_len,
-                         const OSSL_PARAM params[], void *arg, int verify,
-                         const UI_METHOD *ui_method, void *ui_data, int errlib)
-{
-    const OSSL_PARAM *p;
-    const char *prompt_info = NULL;
-    char *prompt = NULL, *vpass = NULL;
-    int prompt_idx = -1, verify_idx = -1;
-    UI *ui = NULL;
-    int ret = 0;
-
-    if (!ossl_assert(pass != NULL && pass_size != 0 && pass_len != NULL)) {
-        ERR_raise(errlib, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    if ((p = OSSL_PARAM_locate_const(params,
-                                     OSSL_PASSPHRASE_PARAM_INFO)) != NULL) {
-        if (p->data_type != OSSL_PARAM_UTF8_STRING)
-            return 0;
-        prompt_info = p->data;
-    }
-
-    if ((ui = UI_new()) == NULL) {
-        ERR_raise(errlib, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-
-    if (ui_method != NULL) {
-        UI_set_method(ui, ui_method);
-        if (ui_data != NULL)
-            UI_add_user_data(ui, ui_data);
-    }
-
-    /* Get an application constructed prompt */
-    prompt = UI_construct_prompt(ui, "pass phrase", prompt_info);
-    if (prompt == NULL) {
-        ERR_raise(errlib, ERR_R_MALLOC_FAILURE);
-        goto end;
-    }
-
-    prompt_idx = UI_add_input_string(ui, prompt,
-                                     UI_INPUT_FLAG_DEFAULT_PWD,
-                                     pass, 0, pass_size - 1) - 1;
-    if (prompt_idx < 0) {
-        ERR_raise(errlib, ERR_R_UI_LIB);
-        goto end;
-    }
-
-    if (verify) {
-        /* Get a buffer for verification prompt */
-        vpass = OPENSSL_zalloc(pass_size);
-        if (vpass == NULL) {
-            ERR_raise(errlib, ERR_R_MALLOC_FAILURE);
-            goto end;
-        }
-        verify_idx = UI_add_verify_string(ui, prompt,
-                                          UI_INPUT_FLAG_DEFAULT_PWD,
-                                          vpass, 0, pass_size - 1,
-                                          pass) - 1;
-        if (verify_idx < 0) {
-            ERR_raise(errlib, ERR_R_UI_LIB);
-            goto end;
-        }
-    }
-
-    switch (UI_process(ui)) {
-    case -2:
-        ERR_raise(errlib, ERR_R_INTERRUPTED_OR_CANCELLED);
-        break;
-    case -1:
-        ERR_raise(errlib, ERR_R_UI_LIB);
-        break;
-    default:
-        *pass_len = (size_t)UI_get_result_length(ui, prompt_idx);
-        ret = 1;
-        break;
-    }
-
- end:
-    OPENSSL_free(vpass);
-    OPENSSL_free(prompt);
-    UI_free(ui);
-    return ret;
-}
-
-/*
- * Encoders typically want to get an outgoing passphrase, while
- * decoders typically want to get en incoming passphrase.
- */
-int ossl_encoder_passphrase_out_cb(char *pass, size_t pass_size,
-                                   size_t *pass_len,
-                                   const OSSL_PARAM params[], void *arg)
-{
-    OSSL_ENCODER_CTX *ctx = arg;
-
-    if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    return do_passphrase(pass, pass_size, pass_len, params, arg, 1,
-                         ctx->ui_method, ctx->ui_data,
-                         ERR_LIB_OSSL_ENCODER);
-}
-
-int ossl_decoder_passphrase_in_cb(char *pass, size_t pass_size,
-                                  size_t *pass_len,
-                                  const OSSL_PARAM params[], void *arg)
-{
-    OSSL_DECODER_CTX *ctx = arg;
-
-    if (!ossl_assert(ctx != NULL)) {
-        ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    if (ctx->cached_passphrase != NULL) {
-        size_t len = ctx->cached_passphrase_len;
-
-        if (len > pass_size)
-            len = pass_size;
-        memcpy(pass, ctx->cached_passphrase, len);
-        *pass_len = len;
-        return 1;
-    } else {
-        if ((ctx->cached_passphrase = OPENSSL_zalloc(pass_size)) == NULL) {
-            ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-    }
-    if (do_passphrase(pass, pass_size, pass_len, params, arg, 0,
-                      ctx->ui_method, ctx->ui_data,
-                      ERR_LIB_OSSL_DECODER)) {
-        memcpy(ctx->cached_passphrase, pass, *pass_len);
-        ctx->cached_passphrase_len = *pass_len;
-        return 1;
-    }
-    return 0;
-}
diff --git a/crypto/params.c b/crypto/params.c
index 67ca4f0c83..4f7e25e0ca 100644
--- a/crypto/params.c
+++ b/crypto/params.c
@@ -969,3 +969,29 @@ OSSL_PARAM OSSL_PARAM_construct_end(void)
 
     return end;
 }
+
+static int get_string_ptr_internal(const OSSL_PARAM *p, const void **val,
+                                   size_t *used_len, unsigned int type)
+{
+    if (val == NULL || p == NULL || p->data_type != type)
+        return 0;
+    if (used_len != NULL)
+        *used_len = p->data_size;
+    *val = p->data;
+    return 1;
+}
+
+int OSSL_PARAM_get_utf8_string_ptr(const OSSL_PARAM *p, const char **val)
+{
+    return OSSL_PARAM_get_utf8_ptr(p, val)
+        || get_string_ptr_internal(p, (const void **)val, NULL,
+                                   OSSL_PARAM_UTF8_STRING);
+}
+
+int OSSL_PARAM_get_octet_string_ptr(const OSSL_PARAM *p, const void **val,
+                                    size_t *used_len)
+{
+    return OSSL_PARAM_get_octet_ptr(p, val, used_len)
+        || get_string_ptr_internal(p, val, used_len, OSSL_PARAM_OCTET_STRING);
+}
+
diff --git a/crypto/passphrase.c b/crypto/passphrase.c
new file mode 100644
index 0000000000..ac352697db
--- /dev/null
+++ b/crypto/passphrase.c
@@ -0,0 +1,324 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/err.h>
+#include <openssl/ui.h>
+#include <openssl/core_names.h>
+#include "internal/cryptlib.h"
+#include "internal/passphrase.h"
+
+void ossl_pw_clear_passphrase_data(struct ossl_passphrase_data_st *data)
+{
+    if (data != NULL) {
+        if (data->type == is_expl_passphrase)
+            OPENSSL_clear_free(data->_.expl_passphrase.passphrase_copy,
+                               data->_.expl_passphrase.passphrase_len);
+        ossl_pw_clear_passphrase_cache(data);
+        memset(data, 0, sizeof(*data));
+    }
+}
+
+void ossl_pw_clear_passphrase_cache(struct ossl_passphrase_data_st *data)
+{
+    OPENSSL_clear_free(data->cached_passphrase, data->cached_passphrase_len);
+    data->cached_passphrase = NULL;
+}
+
+int ossl_pw_set_passphrase(struct ossl_passphrase_data_st *data,
+                           const unsigned char *passphrase,
+                           size_t passphrase_len)
+{
+    if (!ossl_assert(data != NULL && passphrase != NULL)) {
+        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    ossl_pw_clear_passphrase_data(data);
+    data->type = is_expl_passphrase;
+    data->_.expl_passphrase.passphrase_copy =
+        OPENSSL_memdup(passphrase, passphrase_len);
+    if (data->_.expl_passphrase.passphrase_copy == NULL) {
+        ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    data->_.expl_passphrase.passphrase_len = passphrase_len;
+    return 1;
+}
+
+int ossl_pw_set_pem_password_cb(struct ossl_passphrase_data_st *data,
+                                pem_password_cb *cb, void *cbarg)
+{
+    if (!ossl_assert(data != NULL && cb != NULL)) {
+        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    ossl_pw_clear_passphrase_data(data);
+    data->type = is_pem_password;
+    data->_.pem_password.password_cb = cb;
+    data->_.pem_password.password_cbarg = cbarg;
+    return 1;
+}
+
+int ossl_pw_set_ossl_passphrase_cb(struct ossl_passphrase_data_st *data,
+                                   OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
+{
+    if (!ossl_assert(data != NULL && cb != NULL)) {
+        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    ossl_pw_clear_passphrase_data(data);
+    data->type = is_ossl_passphrase;
+    data->_.ossl_passphrase.passphrase_cb = cb;
+    data->_.ossl_passphrase.passphrase_cbarg = cbarg;
+    return 1;
+}
+
+int ossl_pw_set_ui_method(struct ossl_passphrase_data_st *data,
+                          const UI_METHOD *ui_method, void *ui_data)
+{
+    if (!ossl_assert(data != NULL && ui_method != NULL)) {
+        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    ossl_pw_clear_passphrase_data(data);
+    data->type = is_ui_method;
+    data->_.ui_method.ui_method = ui_method;
+    data->_.ui_method.ui_method_data = ui_data;
+    return 1;
+}
+
+int ossl_pw_enable_passphrase_caching(struct ossl_passphrase_data_st *data)
+{
+    data->flag_cache_passphrase = 1;
+    return 1;
+}
+
+int ossl_pw_disable_passphrase_caching(struct ossl_passphrase_data_st *data)
+{
+    data->flag_cache_passphrase = 0;
+    return 1;
+}
+
+
+/*-
+ * UI_METHOD processor.  It differs from UI_UTIL_read_pw() like this:
+ *
+ * 1.  It constructs a prompt on its own, based on |prompt_info|.
+ * 2.  It allocates a buffer for verification on its own.
+ * 3.  It raises errors.
+ * 4.  It reports back the length of the prompted pass phrase.
+ */
+static int do_ui_passphrase(char *pass, size_t pass_size, size_t *pass_len,
+                            const char *prompt_info, int verify,
+                            const UI_METHOD *ui_method, void *ui_data)
+{
+    char *prompt = NULL, *vpass = NULL;
+    int prompt_idx = -1, verify_idx = -1;
+    UI *ui = NULL;
+    int ret = 0;
+
+    if (!ossl_assert(pass != NULL && pass_size != 0 && pass_len != NULL)) {
+        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    if ((ui = UI_new()) == NULL) {
+        ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+
+    if (ui_method != NULL) {
+        UI_set_method(ui, ui_method);
+        if (ui_data != NULL)
+            UI_add_user_data(ui, ui_data);
+    }
+
+    /* Get an application constructed prompt */
+    prompt = UI_construct_prompt(ui, "pass phrase", prompt_info);
+    if (prompt == NULL) {
+        ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
+        goto end;
+    }
+
+    prompt_idx = UI_add_input_string(ui, prompt,
+                                     UI_INPUT_FLAG_DEFAULT_PWD,
+                                     pass, 0, pass_size - 1) - 1;
+    if (prompt_idx < 0) {
+        ERR_raise(ERR_LIB_CRYPTO, ERR_R_UI_LIB);
+        goto end;
+    }
+
+    if (verify) {
+        /* Get a buffer for verification prompt */
+        vpass = OPENSSL_zalloc(pass_size);
+        if (vpass == NULL) {
+            ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
+            goto end;
+        }
+        verify_idx = UI_add_verify_string(ui, prompt,
+                                          UI_INPUT_FLAG_DEFAULT_PWD,
+                                          vpass, 0, pass_size - 1,
+                                          pass) - 1;
+        if (verify_idx < 0) {
+            ERR_raise(ERR_LIB_CRYPTO, ERR_R_UI_LIB);
+            goto end;
+        }
+    }
+
+    switch (UI_process(ui)) {
+    case -2:
+        ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERRUPTED_OR_CANCELLED);
+        break;
+    case -1:
+        ERR_raise(ERR_LIB_CRYPTO, ERR_R_UI_LIB);
+        break;
+    default:
+        *pass_len = (size_t)UI_get_result_length(ui, prompt_idx);
+        ret = 1;
+        break;
+    }
+
+ end:
+    OPENSSL_free(vpass);
+    OPENSSL_free(prompt);
+    UI_free(ui);
+    return ret;
+}
+
+/* Central pw prompting dispatcher */
+int ossl_pw_get_passphrase(char *pass, size_t pass_size, size_t *pass_len,
+                           const OSSL_PARAM params[], int verify,
+                           struct ossl_passphrase_data_st *data)
+{
+    const char *source = NULL;
+    size_t source_len = 0;
+    const char *prompt_info = NULL;
+    const UI_METHOD *ui_method = NULL;
+    UI_METHOD *allocated_ui_method = NULL;
+    void *ui_data = NULL;
+    const OSSL_PARAM *p = NULL;
+    int ret;
+
+    /* Handle explicit and cached passphrases */
+
+    if (data->type == is_expl_passphrase) {
+        source = data->_.expl_passphrase.passphrase_copy;
+        source_len = data->_.expl_passphrase.passphrase_len;
+    } else if (data->flag_cache_passphrase && data->cached_passphrase != NULL) {
+        source = data->cached_passphrase;
+        source_len = data->cached_passphrase_len;
+    }
+
+    if (source != NULL) {
+        if (source_len > pass_size)
+            source_len = pass_size;
+        memcpy(pass, source, source_len);
+        *pass_len = source_len;
+        return 1;
+    }
+
+    /* Handle the is_ossl_passphrase case...  that's pretty direct */
+
+    if (data->type == is_ossl_passphrase) {
+        OSSL_PASSPHRASE_CALLBACK *cb = data->_.ossl_passphrase.passphrase_cb;
+        void *cbarg = data->_.ossl_passphrase.passphrase_cbarg;
+
+        ret = cb(pass, pass_size, pass_len, params, cbarg);
+        goto do_cache;
+    }
+
+    /* Handle the is_pem_password and is_ui_method cases */
+
+    if ((p = OSSL_PARAM_locate_const(params,
+                                     OSSL_PASSPHRASE_PARAM_INFO)) != NULL) {
+        if (p->data_type != OSSL_PARAM_UTF8_STRING) {
+            ERR_raise_data(ERR_LIB_CRYPTO, ERR_R_PASSED_INVALID_ARGUMENT,
+                           "Prompt info data type incorrect");
+            return 0;
+        }
+        prompt_info = p->data;
+    }
+
+    if (data->type == is_pem_password) {
+        /* We use a UI wrapper for PEM */
+        pem_password_cb *cb = data->_.pem_password.password_cb;
+
+        ui_method = allocated_ui_method =
+            UI_UTIL_wrap_read_pem_callback(cb, verify);
+        ui_data = data->_.pem_password.password_cbarg;
+
+        if (ui_method == NULL) {
+            ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+    } else if (data->type == is_ui_method) {
+        ui_method = data->_.ui_method.ui_method;
+        ui_data = data->_.ui_method.ui_method_data;
+    }
+
+    if (ui_method == NULL) {
+        ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR);
+        return 0;
+    }
+
+    ret = do_ui_passphrase(pass, pass_size, pass_len, prompt_info, verify,
+                           ui_method, ui_data);
+
+    UI_destroy_method(allocated_ui_method);
+
+ do_cache:
+    if (ret && data->flag_cache_passphrase) {
+        if (*pass_len > data->cached_passphrase_len) {
+            void *new_cache =
+                OPENSSL_clear_realloc(data->cached_passphrase,
+                                      data->cached_passphrase_len,
+                                      *pass_len + 1);
+
+            if (new_cache == NULL) {
+                OPENSSL_cleanse(pass, *pass_len);
+                ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
+                return 0;
+            }
+            data->cached_passphrase = new_cache;
+        }
+        memcpy(data->cached_passphrase, pass, *pass_len);
+        data->cached_passphrase[*pass_len] = '\0';
+        data->cached_passphrase_len = *pass_len;
+    }
+
+    return ret;
+}
+
+int ossl_pw_pem_password(char *buf, int size, int rwflag, void *userdata)
+{
+    size_t password_len = 0;
+    OSSL_PARAM params[] = {
+        OSSL_PARAM_utf8_string(OSSL_PASSPHRASE_PARAM_INFO, NULL, 0),
+        OSSL_PARAM_END
+    };
+
+    params[0].data = "PEM";
+    if (ossl_pw_get_passphrase(buf, (size_t)size, &password_len, params,
+                               rwflag, userdata))
+        return (int)password_len;
+    return -1;
+}
+
+int ossl_pw_passphrase_callback_enc(char *pass, size_t pass_size,
+                                    size_t *pass_len,
+                                    const OSSL_PARAM params[], void *arg)
+{
+    return ossl_pw_get_passphrase(pass, pass_size, pass_len, params, 1, arg);
+}
+
+int ossl_pw_passphrase_callback_dec(char *pass, size_t pass_size,
+                                    size_t *pass_len,
+                                    const OSSL_PARAM params[], void *arg)
+{
+    return ossl_pw_get_passphrase(pass, pass_size, pass_len, params, 0, arg);
+}
diff --git a/crypto/store/build.info b/crypto/store/build.info
index 7d882f313e..33b59f0fae 100644
--- a/crypto/store/build.info
+++ b/crypto/store/build.info
@@ -1,4 +1,4 @@
 LIBS=../../libcrypto
 SOURCE[../../libcrypto]=\
-        store_err.c store_init.c store_lib.c store_register.c store_strings.c \
-        loader_file.c
+        store_err.c store_lib.c store_result.c store_strings.c store_meth.c \
+        store_init.c store_register.c loader_file.c
diff --git a/crypto/store/store_init.c b/crypto/store/store_init.c
index e1b953fbf8..b87730736d 100644
--- a/crypto/store/store_init.c
+++ b/crypto/store/store_init.c
@@ -21,7 +21,7 @@ DEFINE_RUN_ONCE_STATIC(do_store_init)
 int ossl_store_init_once(void)
 {
     if (!RUN_ONCE(&store_init, do_store_init)) {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_INIT_ONCE, ERR_R_MALLOC_FAILURE);
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
         return 0;
     }
     return 1;
diff --git a/crypto/store/store_lib.c b/crypto/store/store_lib.c
index 2ff92b7984..d0fdb38cd8 100644
--- a/crypto/store/store_lib.c
+++ b/crypto/store/store_lib.c
@@ -7,39 +7,39 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include "e_os.h"
 #include <stdlib.h>
 #include <string.h>
 #include <assert.h>
+
+#include "e_os.h"
+
 #include <openssl/crypto.h>
 #include <openssl/err.h>
 #include <openssl/trace.h>
+#include <openssl/core_names.h>
+#include <openssl/provider.h>
+#include <openssl/param_build.h>
 #include <openssl/store.h>
 #include "internal/thread_once.h"
+#include "internal/cryptlib.h"
+#include "internal/provider.h"
 #include "crypto/store.h"
 #include "store_local.h"
 
-struct ossl_store_ctx_st {
-    const OSSL_STORE_LOADER *loader;
-    OSSL_STORE_LOADER_CTX *loader_ctx;
-    const UI_METHOD *ui_method;
-    void *ui_data;
-    OSSL_STORE_post_process_info_fn post_process;
-    void *post_process_data;
-    int expected_type;
+static int ossl_store_close_it(OSSL_STORE_CTX *ctx);
 
-    /* 0 before the first STORE_load(), 1 otherwise */
-    int loading;
-};
-
-OSSL_STORE_CTX *OSSL_STORE_open_with_libctx(
-    const char *uri, OPENSSL_CTX *libctx, const char *propq,
-    const UI_METHOD *ui_method, void *ui_data,
-    OSSL_STORE_post_process_info_fn post_process, void *post_process_data)
+OSSL_STORE_CTX *
+OSSL_STORE_open_with_libctx(const char *uri,
+                            OPENSSL_CTX *libctx, const char *propq,
+                            const UI_METHOD *ui_method, void *ui_data,
+                            OSSL_STORE_post_process_info_fn post_process,
+                            void *post_process_data)
 {
     const OSSL_STORE_LOADER *loader = NULL;
+    OSSL_STORE_LOADER *fetched_loader = NULL;
     OSSL_STORE_LOADER_CTX *loader_ctx = NULL;
     OSSL_STORE_CTX *ctx = NULL;
+    char *propq_copy = NULL;
     char scheme_copy[256], *p, *schemes[2];
     size_t schemes_n = 0;
     size_t i;
@@ -70,32 +70,76 @@ OSSL_STORE_CTX *OSSL_STORE_open_with_libctx(
 
     ERR_set_mark();
 
-    /* Try each scheme until we find one that could open the URI */
+    /*
+     * Try each scheme until we find one that could open the URI.
+     *
+     * For each scheme, we look for the engine implementation first, and
+     * failing that, we then try to fetch a provided implementation.
+     * This is consistent with how we handle legacy / engine implementations
+     * elsewhere.
+     */
     for (i = 0; loader_ctx == NULL && i < schemes_n; i++) {
         OSSL_TRACE1(STORE, "Looking up scheme %s\n", schemes[i]);
         if ((loader = ossl_store_get0_loader_int(schemes[i])) != NULL) {
-            OSSL_TRACE1(STORE, "Found loader for scheme %s\n", schemes[i]);
             if (loader->open_with_libctx != NULL)
                 loader_ctx = loader->open_with_libctx(loader, uri, libctx, propq,
                                                       ui_method, ui_data);
             else
                 loader_ctx = loader->open(loader, uri, ui_method, ui_data);
-            OSSL_TRACE2(STORE, "Opened %s => %p\n", uri, (void *)loader_ctx);
+        }
+        if (loader == NULL
+            && (fetched_loader =
+                OSSL_STORE_LOADER_fetch(schemes[i], libctx, propq)) != NULL) {
+            const OSSL_PROVIDER *provider =
+                OSSL_STORE_LOADER_provider(fetched_loader);
+            void *provctx = OSSL_PROVIDER_get0_provider_ctx(provider);
+
+            loader_ctx = fetched_loader->p_open(provctx, uri);
+            if (loader_ctx == NULL) {
+                OSSL_STORE_LOADER_free(fetched_loader);
+                fetched_loader = NULL;
+            } else if (propq != NULL) {
+                OSSL_PARAM params[] = {
+                    OSSL_PARAM_utf8_string(OSSL_STORE_PARAM_PROPERTIES,
+                                           NULL, 0),
+                    OSSL_PARAM_END
+                };
+
+                params[0].data = (void *)propq;
+                if (!fetched_loader->p_set_ctx_params(loader_ctx, params)) {
+                    (void)fetched_loader->p_close(loader_ctx);
+                    OSSL_STORE_LOADER_free(fetched_loader);
+                    fetched_loader = NULL;
+                }
+            }
+            loader = fetched_loader;
         }
     }
 
+    if (loader != NULL)
+        OSSL_TRACE1(STORE, "Found loader for scheme %s\n", schemes[i]);
+
     if (loader_ctx == NULL)
         goto err;
 
-    if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) {
-        OSSL_STOREerr(0, ERR_R_MALLOC_FAILURE);
+    OSSL_TRACE2(STORE, "Opened %s => %p\n", uri, (void *)loader_ctx);
+
+    if ((propq != NULL && (propq_copy = OPENSSL_strdup(propq)) == NULL)
+        || (ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) {
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
         goto err;
     }
 
+    if ((ui_method != NULL
+         && !ossl_pw_set_ui_method(&ctx->pwdata, ui_method, ui_data))
+        || !ossl_pw_enable_passphrase_caching(&ctx->pwdata)) {
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_CRYPTO_LIB);
+        goto err;
+    }
+    ctx->properties = propq_copy;
+    ctx->fetched_loader = fetched_loader;
     ctx->loader = loader;
     ctx->loader_ctx = loader_ctx;
-    ctx->ui_method = ui_method;
-    ctx->ui_data = ui_data;
     ctx->post_process = post_process;
     ctx->post_process_data = post_process_data;
 
@@ -111,13 +155,25 @@ OSSL_STORE_CTX *OSSL_STORE_open_with_libctx(
  err:
     ERR_clear_last_mark();
     if (loader_ctx != NULL) {
+        /*
+         * Temporary structure so OSSL_STORE_close() can work even when
+         * |ctx| couldn't be allocated properly
+         */
+        OSSL_STORE_CTX tmpctx = { NULL, };
+
+        tmpctx.fetched_loader = fetched_loader;
+        tmpctx.loader = loader;
+        tmpctx.loader_ctx = loader_ctx;
+
         /*
          * We ignore a returned error because we will return NULL anyway in
          * this case, so if something goes wrong when closing, that'll simply
          * just add another entry on the error stack.
          */
-        (void)loader->close(loader_ctx);
+        (void)ossl_store_close_it(&tmpctx);
     }
+    OSSL_STORE_LOADER_free(fetched_loader);
+    OPENSSL_free(propq_copy);
     return NULL;
 }
 
@@ -144,39 +200,148 @@ int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ...)
 
 int OSSL_STORE_vctrl(OSSL_STORE_CTX *ctx, int cmd, va_list args)
 {
-    if (ctx->loader->ctrl != NULL)
+    if (ctx->fetched_loader != NULL) {
+        if (ctx->fetched_loader->p_set_ctx_params != NULL) {
+            OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+
+            switch (cmd) {
+            case OSSL_STORE_C_USE_SECMEM:
+                {
+                    int on = *(va_arg(args, int *));
+
+                    params[0] = OSSL_PARAM_construct_int("use_secmem", &on);
+                }
+                break;
+            default:
+                break;
+            }
+
+            return ctx->fetched_loader->p_set_ctx_params(ctx->loader_ctx,
+                                                         params);
+        }
+    } else if (ctx->loader->ctrl != NULL) {
         return ctx->loader->ctrl(ctx->loader_ctx, cmd, args);
-    return 0;
+    }
+
+    /*
+     * If the fetched loader doesn't have a set_ctx_params or a ctrl, it's as
+     * if there was one that ignored our params, which usually returns 1.
+     */
+    return 1;
 }
 
 int OSSL_STORE_expect(OSSL_STORE_CTX *ctx, int expected_type)
 {
+    int ret = 1;
+
     if (ctx->loading) {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_EXPECT,
-                      OSSL_STORE_R_LOADING_STARTED);
+        ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_LOADING_STARTED);
         return 0;
     }
 
     ctx->expected_type = expected_type;
-    if (ctx->loader->expect != NULL)
-        return ctx->loader->expect(ctx->loader_ctx, expected_type);
-    return 1;
+    if (ctx->fetched_loader != NULL
+        && ctx->fetched_loader->p_set_ctx_params != NULL) {
+        OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+
+        params[0] =
+            OSSL_PARAM_construct_int(OSSL_STORE_PARAM_EXPECT, &expected_type);
+        ret = ctx->fetched_loader->p_set_ctx_params(ctx->loader_ctx, params);
+    }
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+    if (ctx->fetched_loader == NULL
+        && ctx->loader->expect != NULL) {
+        ret = ctx->loader->expect(ctx->loader_ctx, expected_type);
+    }
+#endif
+    return ret;
 }
 
 int OSSL_STORE_find(OSSL_STORE_CTX *ctx, const OSSL_STORE_SEARCH *search)
 {
+    int ret = 1;
+
     if (ctx->loading) {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_FIND,
-                      OSSL_STORE_R_LOADING_STARTED);
+        ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_LOADING_STARTED);
         return 0;
     }
-    if (ctx->loader->find == NULL) {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_FIND,
-                      OSSL_STORE_R_UNSUPPORTED_OPERATION);
-        return 0;
+
+    if (ctx->fetched_loader != NULL) {
+        OSSL_PARAM_BLD *bld;
+        OSSL_PARAM *params;
+        /* OSSL_STORE_SEARCH_BY_NAME, OSSL_STORE_SEARCH_BY_ISSUER_SERIAL*/
+        void *name_der = NULL;
+        int name_der_sz;
+        /* OSSL_STORE_SEARCH_BY_ISSUER_SERIAL */
+        BIGNUM *number = NULL;
+
+        if (ctx->fetched_loader->p_set_ctx_params == NULL) {
+            ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_UNSUPPORTED_OPERATION);
+            return 0;
+        }
+
+        if ((bld = OSSL_PARAM_BLD_new()) == NULL) {
+            ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+
+        ret = 0;                 /* Assume the worst */
+
+        switch (search->search_type) {
+        case OSSL_STORE_SEARCH_BY_NAME:
+            if ((name_der_sz = i2d_X509_NAME(search->name,
+                                             (unsigned char **)&name_der)) > 0
+                && OSSL_PARAM_BLD_push_octet_string(bld,
+                                                    OSSL_STORE_PARAM_SUBJECT,
+                                                    name_der, name_der_sz))
+                ret = 1;
+            break;
+        case OSSL_STORE_SEARCH_BY_ISSUER_SERIAL:
+            if ((name_der_sz = i2d_X509_NAME(search->name,
+                                             (unsigned char **)&name_der)) > 0
+                && (number = ASN1_INTEGER_to_BN(search->serial, NULL)) != NULL
+                && OSSL_PARAM_BLD_push_octet_string(bld,
+                                                    OSSL_STORE_PARAM_ISSUER,
+                                                    name_der, name_der_sz)
+                && OSSL_PARAM_BLD_push_BN(bld, OSSL_STORE_PARAM_SERIAL,
+                                          number))
+                ret = 1;
+            break;
+        case OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT:
+            if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_STORE_PARAM_DIGEST,
+                                                EVP_MD_name(search->digest), 0)
+                && OSSL_PARAM_BLD_push_octet_string(bld,
+                                                    OSSL_STORE_PARAM_FINGERPRINT,
+                                                    search->string,
+                                                    search->stringlength))
+                ret = 1;
+            break;
+        case OSSL_STORE_SEARCH_BY_ALIAS:
+            if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_STORE_PARAM_ALIAS,
+                                                (char *)search->string,
+                                                search->stringlength))
+                ret = 1;
+            break;
+        }
+        if (ret) {
+            params = OSSL_PARAM_BLD_to_param(bld);
+            ret = ctx->fetched_loader->p_set_ctx_params(ctx->loader_ctx,
+                                                        params);
+            OSSL_PARAM_BLD_free_params(params);
+        }
+        OSSL_PARAM_BLD_free(bld);
+        OPENSSL_free(name_der);
+        BN_free(number);
+    } else {
+        /* legacy loader section */
+        if (ctx->loader->find == NULL) {
+            ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_UNSUPPORTED_OPERATION);
+            return 0;
+        }
+        ret = ctx->loader->find(ctx->loader_ctx, search);
     }
 
-    return ctx->loader->find(ctx->loader_ctx, search);
+    return ret;
 }
 
 OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx)
@@ -188,8 +353,40 @@ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx)
     if (OSSL_STORE_eof(ctx))
         return NULL;
 
-    OSSL_TRACE(STORE, "Loading next object\n");
-    v = ctx->loader->load(ctx->loader_ctx, ctx->ui_method, ctx->ui_data);
+    if (ctx->loader != NULL)
+        OSSL_TRACE(STORE, "Loading next object\n");
+
+    if (ctx->cached_info != NULL
+        && sk_OSSL_STORE_INFO_num(ctx->cached_info) == 0) {
+        sk_OSSL_STORE_INFO_free(ctx->cached_info);
+        ctx->cached_info = NULL;
+    }
+
+    if (ctx->cached_info != NULL) {
+        v = sk_OSSL_STORE_INFO_shift(ctx->cached_info);
+    } else {
+        if (ctx->fetched_loader != NULL) {
+            struct ossl_load_result_data_st load_data;
+
+            load_data.v = NULL;
+            load_data.ctx = ctx;
+
+            if (!ctx->fetched_loader->p_load(ctx->loader_ctx,
+                                             ossl_store_handle_load_result,
+                                             &load_data,
+                                             ossl_pw_passphrase_callback_dec,
+                                             &ctx->pwdata)) {
+                if (!OSSL_STORE_eof(ctx))
+                    ctx->error_flag = 1;
+                return NULL;
+            }
+            v = load_data.v;
+        }
+        if (ctx->fetched_loader == NULL)
+            v = ctx->loader->load(ctx->loader_ctx,
+                                  ctx->pwdata._.ui_method.ui_method,
+                                  ctx->pwdata._.ui_method.ui_method_data);
+    }
 
     if (ctx->post_process != NULL && v != NULL) {
         v = ctx->post_process(v, ctx->post_process_data);
@@ -206,13 +403,6 @@ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx)
         int returned_type = OSSL_STORE_INFO_get_type(v);
 
         if (returned_type != OSSL_STORE_INFO_NAME && returned_type != 0) {
-            /*
-             * Soft assert here so those who want to harsly weed out faulty
-             * loaders can do so using a debugging version of libcrypto.
-             */
-            if (ctx->loader->expect != NULL)
-                assert(ctx->expected_type == returned_type);
-
             if (ctx->expected_type != returned_type) {
                 OSSL_STORE_INFO_free(v);
                 goto again;
@@ -220,6 +410,7 @@ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx)
         }
     }
 
+    ossl_pw_clear_passphrase_cache(&ctx->pwdata);
     if (v != NULL)
         OSSL_TRACE1(STORE, "Got a %s\n",
                     OSSL_STORE_INFO_type_string(OSSL_STORE_INFO_get_type(v)));
@@ -229,25 +420,51 @@ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx)
 
 int OSSL_STORE_error(OSSL_STORE_CTX *ctx)
 {
-    return ctx->loader->error(ctx->loader_ctx);
+    int ret = 1;
+
+    if (ctx->fetched_loader != NULL)
+        ret = ctx->error_flag;
+    if (ctx->fetched_loader == NULL)
+        ret = ctx->loader->error(ctx->loader_ctx);
+    return ret;
 }
 
 int OSSL_STORE_eof(OSSL_STORE_CTX *ctx)
 {
-    return ctx->loader->eof(ctx->loader_ctx);
+    int ret = 1;
+
+    if (ctx->fetched_loader != NULL)
+        ret = ctx->loader->p_eof(ctx->loader_ctx);
+    if (ctx->fetched_loader == NULL)
+        ret = ctx->loader->eof(ctx->loader_ctx);
+    return ret;
 }
 
-int OSSL_STORE_close(OSSL_STORE_CTX *ctx)
+static int ossl_store_close_it(OSSL_STORE_CTX *ctx)
 {
-    int loader_ret;
+    int ret = 0;
 
     if (ctx == NULL)
         return 1;
     OSSL_TRACE1(STORE, "Closing %p\n", (void *)ctx->loader_ctx);
-    loader_ret = ctx->loader->close(ctx->loader_ctx);
+
+    if (ctx->fetched_loader != NULL)
+        ret = ctx->loader->p_close(ctx->loader_ctx);
+    if (ctx->fetched_loader == NULL)
+        ret = ctx->loader->close(ctx->loader_ctx);
+
+    sk_OSSL_STORE_INFO_pop_free(ctx->cached_info, OSSL_STORE_INFO_free);
+    OSSL_STORE_LOADER_free(ctx->fetched_loader);
+    OPENSSL_free(ctx->properties);
+    return ret;
+}
+
+int OSSL_STORE_close(OSSL_STORE_CTX *ctx)
+{
+    int ret = ossl_store_close_it(ctx);
 
     OPENSSL_free(ctx);
-    return loader_ret;
+    return ret;
 }
 
 /*
@@ -274,8 +491,7 @@ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name)
     OSSL_STORE_INFO *info = store_info_new(OSSL_STORE_INFO_NAME, NULL);
 
     if (info == NULL) {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_INFO_NEW_NAME,
-                      ERR_R_MALLOC_FAILURE);
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
 
@@ -288,8 +504,7 @@ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name)
 int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc)
 {
     if (info->type != OSSL_STORE_INFO_NAME) {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_INFO_SET0_NAME_DESCRIPTION,
-                      ERR_R_PASSED_INVALID_ARGUMENT);
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_PASSED_INVALID_ARGUMENT);
         return 0;
     }
 
@@ -302,8 +517,7 @@ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(EVP_PKEY *params)
     OSSL_STORE_INFO *info = store_info_new(OSSL_STORE_INFO_PARAMS, params);
 
     if (info == NULL)
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_INFO_NEW_PARAMS,
-                      ERR_R_MALLOC_FAILURE);
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
     return info;
 }
 
@@ -321,8 +535,7 @@ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey)
     OSSL_STORE_INFO *info = store_info_new(OSSL_STORE_INFO_PKEY, pkey);
 
     if (info == NULL)
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_INFO_NEW_PKEY,
-                      ERR_R_MALLOC_FAILURE);
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
     return info;
 }
 
@@ -331,8 +544,7 @@ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509)
     OSSL_STORE_INFO *info = store_info_new(OSSL_STORE_INFO_CERT, x509);
 
     if (info == NULL)
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_INFO_NEW_CERT,
-                      ERR_R_MALLOC_FAILURE);
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
     return info;
 }
 
@@ -341,8 +553,7 @@ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl)
     OSSL_STORE_INFO *info = store_info_new(OSSL_STORE_INFO_CRL, crl);
 
     if (info == NULL)
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_INFO_NEW_CRL,
-                      ERR_R_MALLOC_FAILURE);
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
     return info;
 }
 
@@ -367,12 +578,10 @@ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *info)
         char *ret = OPENSSL_strdup(info->_.name.name);
 
         if (ret == NULL)
-            OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_INFO_GET1_NAME,
-                          ERR_R_MALLOC_FAILURE);
+            ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
         return ret;
     }
-    OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_INFO_GET1_NAME,
-                  OSSL_STORE_R_NOT_A_NAME);
+    ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_NAME);
     return NULL;
 }
 
@@ -390,12 +599,10 @@ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *info)
                                    ? info->_.name.desc : "");
 
         if (ret == NULL)
-            OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_INFO_GET1_NAME_DESCRIPTION,
-                     ERR_R_MALLOC_FAILURE);
+            ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
         return ret;
     }
-    OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_INFO_GET1_NAME_DESCRIPTION,
-                  OSSL_STORE_R_NOT_A_NAME);
+    ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_NAME);
     return NULL;
 }
 
@@ -412,8 +619,7 @@ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *info)
         EVP_PKEY_up_ref(info->_.params);
         return info->_.params;
     }
-    OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_INFO_GET1_PARAMS,
-                  OSSL_STORE_R_NOT_PARAMETERS);
+    ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_PARAMETERS);
     return NULL;
 }
 
@@ -447,8 +653,7 @@ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *info)
         EVP_PKEY_up_ref(info->_.pkey);
         return info->_.pkey;
     }
-    OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_INFO_GET1_PKEY,
-                  OSSL_STORE_R_NOT_A_PRIVATE_KEY);
+    ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_PRIVATE_KEY);
     return NULL;
 }
 
@@ -465,8 +670,7 @@ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *info)
         X509_up_ref(info->_.x509);
         return info->_.x509;
     }
-    OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_INFO_GET1_CERT,
-                  OSSL_STORE_R_NOT_A_CERTIFICATE);
+    ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_CERTIFICATE);
     return NULL;
 }
 
@@ -483,8 +687,7 @@ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *info)
         X509_CRL_up_ref(info->_.crl);
         return info->_.crl;
     }
-    OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_INFO_GET1_CRL,
-                  OSSL_STORE_R_NOT_A_CRL);
+    ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_CRL);
     return NULL;
 }
 
@@ -525,12 +728,53 @@ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *info)
 
 int OSSL_STORE_supports_search(OSSL_STORE_CTX *ctx, int search_type)
 {
-    OSSL_STORE_SEARCH tmp_search;
+    int ret = 0;
+
+    if (ctx->fetched_loader != NULL) {
+        void *provctx =
+            ossl_provider_ctx(OSSL_STORE_LOADER_provider(ctx->fetched_loader));
+        const OSSL_PARAM *params;
+        const OSSL_PARAM *p_subject = NULL;
+        const OSSL_PARAM *p_issuer = NULL;
+        const OSSL_PARAM *p_serial = NULL;
+        const OSSL_PARAM *p_fingerprint = NULL;
+        const OSSL_PARAM *p_alias = NULL;
+
+        if (ctx->fetched_loader->p_settable_ctx_params == NULL)
+            return 0;
+
+        params = ctx->fetched_loader->p_settable_ctx_params(provctx);
+        p_subject = OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_SUBJECT);
+        p_issuer = OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_ISSUER);
+        p_serial = OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_SERIAL);
+        p_fingerprint =
+            OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_FINGERPRINT);
+        p_alias = OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_ALIAS);
+
+        switch (search_type) {
+        case OSSL_STORE_SEARCH_BY_NAME:
+            ret = (p_subject != NULL);
+            break;
+        case OSSL_STORE_SEARCH_BY_ISSUER_SERIAL:
+            ret = (p_issuer != NULL && p_serial != NULL);
+            break;
+        case OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT:
+            ret = (p_fingerprint != NULL);
+            break;
+        case OSSL_STORE_SEARCH_BY_ALIAS:
+            ret = (p_alias != NULL);
+            break;
+        }
+    }
+    if (ctx->fetched_loader == NULL) {
+        OSSL_STORE_SEARCH tmp_search;
 
-    if (ctx->loader->find == NULL)
-        return 0;
-    tmp_search.search_type = search_type;
-    return ctx->loader->find(NULL, &tmp_search);
+        if (ctx->loader->find == NULL)
+            return 0;
+        tmp_search.search_type = search_type;
+        ret = ctx->loader->find(NULL, &tmp_search);
+    }
+    return ret;
 }
 
 /* Search term constructors */
@@ -539,8 +783,7 @@ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name)
     OSSL_STORE_SEARCH *search = OPENSSL_zalloc(sizeof(*search));
 
     if (search == NULL) {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_SEARCH_BY_NAME,
-                      ERR_R_MALLOC_FAILURE);
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
 
@@ -555,8 +798,7 @@ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name,
     OSSL_STORE_SEARCH *search = OPENSSL_zalloc(sizeof(*search));
 
     if (search == NULL) {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ISSUER_SERIAL,
-                      ERR_R_MALLOC_FAILURE);
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
 
@@ -573,20 +815,16 @@ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest,
     OSSL_STORE_SEARCH *search = OPENSSL_zalloc(sizeof(*search));
 
     if (search == NULL) {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT,
-                      ERR_R_MALLOC_FAILURE);
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
 
     if (digest != NULL && len != (size_t)EVP_MD_size(digest)) {
-        char buf1[20], buf2[20];
-
-        BIO_snprintf(buf1, sizeof(buf1), "%d", EVP_MD_size(digest));
-        BIO_snprintf(buf2, sizeof(buf2), "%zu", len);
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT,
-                      OSSL_STORE_R_FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST);
-        ERR_add_error_data(5, EVP_MD_name(digest), " size is ", buf1,
-                           ", fingerprint size is ", buf2);
+        ERR_raise_data(ERR_LIB_OSSL_STORE,
+                       OSSL_STORE_R_FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST,
+                       "%s size is %d, fingerprint size is %zu",
+                       EVP_MD_name(digest), EVP_MD_size(digest), len);
+        return NULL;
     }
 
     search->search_type = OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT;
@@ -601,8 +839,7 @@ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_alias(const char *alias)
     OSSL_STORE_SEARCH *search = OPENSSL_zalloc(sizeof(*search));
 
     if (search == NULL) {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ALIAS,
-                      ERR_R_MALLOC_FAILURE);
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
 
@@ -659,8 +896,7 @@ OSSL_STORE_INFO *ossl_store_info_new_EMBEDDED(const char *new_pem_name,
     OSSL_STORE_INFO *info = store_info_new(OSSL_STORE_INFO_EMBEDDED, NULL);
 
     if (info == NULL) {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_INFO_NEW_EMBEDDED,
-                      ERR_R_MALLOC_FAILURE);
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
 
@@ -669,8 +905,7 @@ OSSL_STORE_INFO *ossl_store_info_new_EMBEDDED(const char *new_pem_name,
         new_pem_name == NULL ? NULL : OPENSSL_strdup(new_pem_name);
 
     if (new_pem_name != NULL && info->_.embedded.pem_name == NULL) {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_INFO_NEW_EMBEDDED,
-                      ERR_R_MALLOC_FAILURE);
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
         OSSL_STORE_INFO_free(info);
         info = NULL;
     }
@@ -698,25 +933,58 @@ OSSL_STORE_CTX *OSSL_STORE_attach(BIO *bp, const char *scheme,
                                   OSSL_STORE_post_process_info_fn post_process,
                                   void *post_process_data)
 {
-    OSSL_STORE_CTX *ctx = NULL;
     const OSSL_STORE_LOADER *loader = NULL;
+    OSSL_STORE_LOADER *fetched_loader = NULL;
     OSSL_STORE_LOADER_CTX *loader_ctx = NULL;
+    OSSL_STORE_CTX *ctx = NULL;
 
-    if ((loader =
-         ossl_store_get0_loader_int(scheme != NULL ? scheme : "file")) == NULL
-        || (loader_ctx = loader->attach(loader, bp, libctx, propq,
-                                        ui_method, ui_data)) == NULL)
+    if (scheme == NULL)
+        scheme = "file";
+
+    OSSL_TRACE1(STORE, "Looking up scheme %s\n", scheme);
+    if ((loader = ossl_store_get0_loader_int(scheme)) != NULL)
+        loader_ctx = loader->attach(loader, bp, libctx, propq,
+                                    ui_method, ui_data);
+    if (loader == NULL
+        && (fetched_loader =
+            OSSL_STORE_LOADER_fetch(scheme, libctx, propq)) != NULL) {
+        const OSSL_PROVIDER *provider =
+            OSSL_STORE_LOADER_provider(fetched_loader);
+        void *provctx = OSSL_PROVIDER_get0_provider_ctx(provider);
+
+        if ((loader_ctx =
+             fetched_loader->p_attach(provctx, (OSSL_CORE_BIO *)bp)) == NULL) {
+            OSSL_STORE_LOADER_free(fetched_loader);
+            fetched_loader = NULL;
+        } else if (propq != NULL) {
+            OSSL_PARAM params[] = {
+                OSSL_PARAM_utf8_string(OSSL_STORE_PARAM_PROPERTIES,
+                                       NULL, 0),
+                OSSL_PARAM_END
+            };
+
+            params[0].data = (void *)propq;
+            if (!fetched_loader->p_set_ctx_params(loader_ctx, params)) {
+                (void)fetched_loader->p_close(loader_ctx);
+                OSSL_STORE_LOADER_free(fetched_loader);
+                fetched_loader = NULL;
+            }
+        }
+        loader = fetched_loader;
+    }
+
+    if (loader_ctx == NULL)
         return NULL;
 
     if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_ATTACH, ERR_R_MALLOC_FAILURE);
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
 
+    (void)ossl_pw_set_ui_method(&ctx->pwdata, ui_method, ui_data);
+    ctx->fetched_loader = fetched_loader;
     ctx->loader = loader;
     ctx->loader_ctx = loader_ctx;
-    ctx->ui_method = ui_method;
-    ctx->ui_data = ui_data;
     ctx->post_process = post_process;
     ctx->post_process_data = post_process_data;
 
diff --git a/crypto/store/store_local.h b/crypto/store/store_local.h
index 47cba87f86..619e547aae 100644
--- a/crypto/store/store_local.h
+++ b/crypto/store/store_local.h
@@ -7,13 +7,16 @@
  * https://www.openssl.org/source/license.html
  */
 
+#include <openssl/core_dispatch.h>
 #include "internal/thread_once.h"
+#include "internal/refcount.h"
 #include <openssl/dsa.h>
 #include <openssl/engine.h>
 #include <openssl/evp.h>
 #include <openssl/lhash.h>
 #include <openssl/x509.h>
 #include <openssl/store.h>
+#include "internal/passphrase.h"
 
 /*-
  *  OSSL_STORE_INFO stuff
@@ -100,6 +103,7 @@ OSSL_STORE_LOADER *ossl_store_unregister_loader_int(const char *scheme);
 
 /* loader stuff */
 struct ossl_store_loader_st {
+    /* Legacy stuff */
     const char *scheme;
     ENGINE *engine;
     OSSL_STORE_open_fn open;
@@ -112,12 +116,58 @@ struct ossl_store_loader_st {
     OSSL_STORE_error_fn error;
     OSSL_STORE_close_fn close;
     OSSL_STORE_open_with_libctx_fn open_with_libctx;
+
+    /* Provider stuff */
+    OSSL_PROVIDER *prov;
+    int scheme_id;
+    const char *propdef;
+
+    CRYPTO_REF_COUNT refcnt;
+    CRYPTO_RWLOCK *lock;
+
+    OSSL_FUNC_store_open_fn *p_open;
+    OSSL_FUNC_store_attach_fn *p_attach;
+    OSSL_FUNC_store_settable_ctx_params_fn *p_settable_ctx_params;
+    OSSL_FUNC_store_set_ctx_params_fn *p_set_ctx_params;
+    OSSL_FUNC_store_load_fn *p_load;
+    OSSL_FUNC_store_eof_fn *p_eof;
+    OSSL_FUNC_store_close_fn *p_close;
+    OSSL_FUNC_store_export_object_fn *p_export_object;
 };
 DEFINE_LHASH_OF(OSSL_STORE_LOADER);
 
 const OSSL_STORE_LOADER *ossl_store_get0_loader_int(const char *scheme);
 void ossl_store_destroy_loaders_int(void);
 
+/*-
+ *  OSSL_STORE_CTX stuff
+ *  ---------------------
+ */
+
+struct ossl_store_ctx_st {
+    const OSSL_STORE_LOADER *loader; /* legacy */
+    OSSL_STORE_LOADER *fetched_loader;
+    OSSL_STORE_LOADER_CTX *loader_ctx;
+    OSSL_STORE_post_process_info_fn post_process;
+    void *post_process_data;
+    int expected_type;
+
+    char *properties;
+
+    /* 0 before the first STORE_load(), 1 otherwise */
+    int loading;
+    /* 1 on load error, only valid for fetched loaders */
+    int error_flag;
+
+    /*
+     * Cache of stuff, to be able to return the contents of a PKCS#12
+     * blob, one object at a time.
+     */
+    STACK_OF(OSSL_STORE_INFO) *cached_info;
+
+    struct ossl_passphrase_data_st pwdata;
+};
+
 /*-
  *  OSSL_STORE init stuff
  *  ---------------------
@@ -125,3 +175,29 @@ void ossl_store_destroy_loaders_int(void);
 
 int ossl_store_init_once(void);
 int ossl_store_file_loader_init(void);
+
+/*-
+ *  'file' scheme stuff
+ *  -------------------
+ */
+
+OSSL_STORE_LOADER_CTX *ossl_store_file_attach_pem_bio_int(BIO *bp);
+int ossl_store_file_detach_pem_bio_int(OSSL_STORE_LOADER_CTX *ctx);
+
+/*-
+ * Provider stuff
+ * -------------------
+ */
+OSSL_STORE_LOADER *ossl_store_loader_fetch(OPENSSL_CTX *libctx,
+                                           const char *scheme,
+                                           const char *properties);
+OSSL_STORE_LOADER *ossl_store_loader_fetch_by_number(OPENSSL_CTX *libctx,
+                                                     int scheme_id,
+                                                     const char *properties);
+
+/* Standard function to handle the result from OSSL_FUNC_store_load() */
+struct ossl_load_result_data_st {
+    OSSL_STORE_INFO *v;          /* To be filled in */
+    OSSL_STORE_CTX *ctx;
+};
+OSSL_CALLBACK ossl_store_handle_load_result;
diff --git a/crypto/store/store_meth.c b/crypto/store/store_meth.c
new file mode 100644
index 0000000000..6af5ec14f2
--- /dev/null
+++ b/crypto/store/store_meth.c
@@ -0,0 +1,425 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/store.h>
+#include <openssl/crypto.h>
+#include "internal/core.h"
+#include "internal/namemap.h"
+#include "internal/property.h"
+#include "internal/provider.h"
+#include "store_local.h"
+
+int OSSL_STORE_LOADER_up_ref(OSSL_STORE_LOADER *loader)
+{
+    int ref = 0;
+
+    if (loader->prov != NULL)
+        CRYPTO_UP_REF(&loader->refcnt, &ref, loader->lock);
+    return 1;
+}
+
+void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *loader)
+{
+    if (loader != NULL && loader->prov != NULL) {
+        int i;
+
+        CRYPTO_DOWN_REF(&loader->refcnt, &i, loader->lock);
+        if (i > 0)
+            return;
+        ossl_provider_free(loader->prov);
+        CRYPTO_THREAD_lock_free(loader->lock);
+    }
+    OPENSSL_free(loader);
+}
+
+/*
+ * OSSL_STORE_LOADER_new() expects the scheme as a constant string,
+ * which we currently don't have, so we need an alternative allocator.
+ */
+static OSSL_STORE_LOADER *new_loader(OSSL_PROVIDER *prov)
+{
+    OSSL_STORE_LOADER *loader;
+
+    if ((loader = OPENSSL_zalloc(sizeof(*loader))) == NULL
+        || (loader->lock = CRYPTO_THREAD_lock_new()) == NULL) {
+        OPENSSL_free(loader);
+        return NULL;
+    }
+    loader->prov = prov;
+    ossl_provider_up_ref(prov);
+    loader->refcnt = 1;
+
+    return loader;
+}
+
+static int up_ref_loader(void *method)
+{
+    return OSSL_STORE_LOADER_up_ref(method);
+}
+
+static void free_loader(void *method)
+{
+    OSSL_STORE_LOADER_free(method);
+}
+
+/* Permanent loader method store, constructor and destructor */
+static void loader_store_free(void *vstore)
+{
+    ossl_method_store_free(vstore);
+}
+
+static void *loader_store_new(OPENSSL_CTX *ctx)
+{
+    return ossl_method_store_new(ctx);
+}
+
+
+static const OPENSSL_CTX_METHOD loader_store_method = {
+    loader_store_new,
+    loader_store_free,
+};
+
+/* Data to be passed through ossl_method_construct() */
+struct loader_data_st {
+    OPENSSL_CTX *libctx;
+    OSSL_METHOD_CONSTRUCT_METHOD *mcm;
+    int scheme_id;               /* For get_loader_from_store() */
+    const char *scheme;          /* For get_loader_from_store() */
+    const char *propquery;       /* For get_loader_from_store() */
+};
+
+/*
+ * Generic routines to fetch / create OSSL_STORE methods with
+ * ossl_method_construct()
+ */
+
+/* Temporary loader method store, constructor and destructor */
+static void *alloc_tmp_loader_store(OPENSSL_CTX *ctx)
+{
+    return ossl_method_store_new(ctx);
+}
+
+ static void dealloc_tmp_loader_store(void *store)
+{
+    if (store != NULL)
+        ossl_method_store_free(store);
+}
+
+/* Get the permanent loader store */
+static OSSL_METHOD_STORE *get_loader_store(OPENSSL_CTX *libctx)
+{
+    return openssl_ctx_get_data(libctx, OPENSSL_CTX_STORE_LOADER_STORE_INDEX,
+                                &loader_store_method);
+}
+
+/* Get loader methods from a store, or put one in */
+static void *get_loader_from_store(OPENSSL_CTX *libctx, void *store,
+                                   void *data)
+{
+    struct loader_data_st *methdata = data;
+    void *method = NULL;
+    int id;
+
+    if ((id = methdata->scheme_id) == 0) {
+        OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
+
+        id = ossl_namemap_name2num(namemap, methdata->scheme);
+    }
+
+    if (store == NULL
+        && (store = get_loader_store(libctx)) == NULL)
+        return NULL;
+
+    if (!ossl_method_store_fetch(store, id, methdata->propquery, &method))
+        return NULL;
+    return method;
+}
+
+static int put_loader_in_store(OPENSSL_CTX *libctx, void *store,
+                               void *method, const OSSL_PROVIDER *prov,
+                               int operation_id, const char *scheme,
+                               const char *propdef, void *unused)
+{
+    OSSL_NAMEMAP *namemap;
+    int id;
+
+    if ((namemap = ossl_namemap_stored(libctx)) == NULL
+        || (id = ossl_namemap_name2num(namemap, scheme)) == 0)
+        return 0;
+
+    if (store == NULL && (store = get_loader_store(libctx)) == NULL)
+        return 0;
+
+    return ossl_method_store_add(store, prov, id, propdef, method,
+                                 up_ref_loader, free_loader);
+}
+
+static void *loader_from_dispatch(int scheme_id, const OSSL_ALGORITHM *algodef,
+                                  OSSL_PROVIDER *prov)
+{
+    OSSL_STORE_LOADER *loader = NULL;
+    const OSSL_DISPATCH *fns = algodef->implementation;
+
+    if ((loader = new_loader(prov)) == NULL)
+        return NULL;
+    loader->scheme_id = scheme_id;
+    loader->propdef = algodef->property_definition;
+
+    for (; fns->function_id != 0; fns++) {
+        switch (fns->function_id) {
+        case OSSL_FUNC_STORE_OPEN:
+            if (loader->p_open == NULL)
+                loader->p_open = OSSL_FUNC_store_open(fns);
+            break;
+        case OSSL_FUNC_STORE_ATTACH:
+            if (loader->p_attach == NULL)
+                loader->p_attach = OSSL_FUNC_store_attach(fns);
+            break;
+        case OSSL_FUNC_STORE_SETTABLE_CTX_PARAMS:
+            if (loader->p_settable_ctx_params == NULL)
+                loader->p_settable_ctx_params =
+                    OSSL_FUNC_store_settable_ctx_params(fns);
+            break;
+        case OSSL_FUNC_STORE_SET_CTX_PARAMS:
+            if (loader->p_set_ctx_params == NULL)
+                loader->p_set_ctx_params = OSSL_FUNC_store_set_ctx_params(fns);
+            break;
+        case OSSL_FUNC_STORE_LOAD:
+            if (loader->p_load == NULL)
+                loader->p_load = OSSL_FUNC_store_load(fns);
+            break;
+        case OSSL_FUNC_STORE_EOF:
+            if (loader->p_eof == NULL)
+                loader->p_eof = OSSL_FUNC_store_eof(fns);
+            break;
+        case OSSL_FUNC_STORE_CLOSE:
+            if (loader->p_close == NULL)
+                loader->p_close = OSSL_FUNC_store_close(fns);
+            break;
+        case OSSL_FUNC_STORE_EXPORT_OBJECT:
+            if (loader->p_export_object == NULL)
+                loader->p_export_object = OSSL_FUNC_store_export_object(fns);
+            break;
+        }
+    }
+
+    if ((loader->p_open == NULL && loader->p_attach == NULL)
+        || loader->p_load == NULL
+        || loader->p_eof == NULL
+        || loader->p_close == NULL) {
+        /* Only set_ctx_params is optionaal */
+        OSSL_STORE_LOADER_free(loader);
+        ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_LOADER_INCOMPLETE);
+        return NULL;
+    }
+    return loader;
+}
+
+/*
+ * The core fetching functionality passes the scheme of the implementation.
+ * This function is responsible to getting an identity number for them,
+ * then call loader_from_dispatch() with that identity number.
+ */
+static void *construct_loader(const OSSL_ALGORITHM *algodef,
+                              OSSL_PROVIDER *prov, void *unused)
+{
+    /*
+     * This function is only called if get_loader_from_store() returned
+     * NULL, so it's safe to say that of all the spots to create a new
+     * namemap entry, this is it.  Should the scheme already exist there, we
+     * know that ossl_namemap_add() will return its corresponding number.
+     */
+    OPENSSL_CTX *libctx = ossl_provider_library_context(prov);
+    OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
+    const char *scheme = algodef->algorithm_names;
+    int id = ossl_namemap_add_name(namemap, 0, scheme);
+    void *method = NULL;
+
+    if (id != 0)
+        method = loader_from_dispatch(id, algodef, prov);
+
+    return method;
+}
+
+/* Intermediary function to avoid ugly casts, used below */
+static void destruct_loader(void *method, void *data)
+{
+    OSSL_STORE_LOADER_free(method);
+}
+
+/* Fetching support.  Can fetch by numeric identity or by scheme */
+static OSSL_STORE_LOADER *inner_loader_fetch(OPENSSL_CTX *libctx,
+                                             int id, const char *scheme,
+                                             const char *properties)
+{
+    OSSL_METHOD_STORE *store = get_loader_store(libctx);
+    OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
+    void *method = NULL;
+
+    if (store == NULL || namemap == NULL)
+        return NULL;
+
+    /*
+     * If we have been passed neither a scheme_id or a scheme, we have an
+     * internal programming error.
+     */
+    if (!ossl_assert(id != 0 || scheme != NULL))
+        return NULL;
+
+    if (id == 0)
+        id = ossl_namemap_name2num(namemap, scheme);
+
+    if (id == 0
+        || !ossl_method_store_cache_get(store, id, properties, &method)) {
+        OSSL_METHOD_CONSTRUCT_METHOD mcm = {
+            alloc_tmp_loader_store,
+            dealloc_tmp_loader_store,
+            get_loader_from_store,
+            put_loader_in_store,
+            construct_loader,
+            destruct_loader
+        };
+        struct loader_data_st mcmdata;
+
+        mcmdata.libctx = libctx;
+        mcmdata.mcm = &mcm;
+        mcmdata.scheme_id = id;
+        mcmdata.scheme = scheme;
+        mcmdata.propquery = properties;
+        if ((method = ossl_method_construct(libctx, OSSL_OP_STORE,
+                                            0 /* !force_cache */,
+                                            &mcm, &mcmdata)) != NULL) {
+            /*
+             * If construction did create a method for us, we know that there
+             * is a correct scheme_id, since those have already been calculated
+             * in get_loader_from_store() and put_loader_in_store() above.
+             */
+            if (id == 0)
+                id = ossl_namemap_name2num(namemap, scheme);
+            ossl_method_store_cache_set(store, id, properties, method,
+                                        up_ref_loader, free_loader);
+        }
+    }
+
+    return method;
+}
+
+OSSL_STORE_LOADER *OSSL_STORE_LOADER_fetch(const char *scheme,
+                                           OPENSSL_CTX *libctx,
+                                           const char *properties)
+{
+    return inner_loader_fetch(libctx, 0, scheme, properties);
+}
+
+OSSL_STORE_LOADER *ossl_store_loader_fetch_by_number(OPENSSL_CTX *libctx,
+                                                     int scheme_id,
+                                                     const char *properties)
+{
+    return inner_loader_fetch(libctx, scheme_id, NULL, properties);
+}
+
+/*
+ * Library of basic method functions
+ */
+
+const OSSL_PROVIDER *OSSL_STORE_LOADER_provider(const OSSL_STORE_LOADER *loader)
+{
+    if (!ossl_assert(loader != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    return loader->prov;
+}
+
+const char *OSSL_STORE_LOADER_properties(const OSSL_STORE_LOADER *loader)
+{
+    if (!ossl_assert(loader != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    return loader->propdef;
+}
+
+int OSSL_STORE_LOADER_number(const OSSL_STORE_LOADER *loader)
+{
+    if (!ossl_assert(loader != NULL)) {
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    return loader->scheme_id;
+}
+
+int OSSL_STORE_LOADER_is_a(const OSSL_STORE_LOADER *loader, const char *name)
+{
+    if (loader->prov != NULL) {
+        OPENSSL_CTX *libctx = ossl_provider_library_context(loader->prov);
+        OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
+
+        return ossl_namemap_name2num(namemap, name) == loader->scheme_id;
+    }
+    return 0;
+}
+
+struct loader_do_all_data_st {
+    void (*user_fn)(void *method, void *arg);
+    void *user_arg;
+};
+
+static void loader_do_one(OSSL_PROVIDER *provider,
+                          const OSSL_ALGORITHM *algodef,
+                          int no_store, void *vdata)
+{
+    struct loader_do_all_data_st *data = vdata;
+    OPENSSL_CTX *libctx = ossl_provider_library_context(provider);
+    OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
+    const char *name = algodef->algorithm_names;
+    int id = ossl_namemap_add_name(namemap, 0, name);
+    void *method = NULL;
+
+    if (id != 0)
+        method =
+            loader_from_dispatch(id, algodef, provider);
+
+    if (method != NULL) {
+        data->user_fn(method, data->user_arg);
+        OSSL_STORE_LOADER_free(method);
+    }
+}
+
+void OSSL_STORE_LOADER_do_all_provided(OPENSSL_CTX *libctx,
+                                       void (*fn)(OSSL_STORE_LOADER *loader,
+                                                  void *arg),
+                                       void *arg)
+{
+    struct loader_do_all_data_st data;
+
+    data.user_fn = (void (*)(void *, void *))fn;
+    data.user_arg = arg;
+    ossl_algorithm_do_all(libctx, OSSL_OP_STORE, NULL,
+                          NULL, loader_do_one, NULL,
+                          &data);
+}
+
+void OSSL_STORE_LOADER_names_do_all(const OSSL_STORE_LOADER *loader,
+                                    void (*fn)(const char *name, void *data),
+                                    void *data)
+{
+    if (loader == NULL)
+        return;
+
+    if (loader->prov != NULL) {
+        OPENSSL_CTX *libctx = ossl_provider_library_context(loader->prov);
+        OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
+
+        ossl_namemap_doall_names(namemap, loader->scheme_id, fn, data);
+    }
+}
diff --git a/crypto/store/store_register.c b/crypto/store/store_register.c
index 4fbf459afa..7bc233ca9d 100644
--- a/crypto/store/store_register.c
+++ b/crypto/store/store_register.c
@@ -39,13 +39,12 @@ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme)
      * later on.
      */
     if (scheme == NULL) {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_LOADER_NEW,
-                      OSSL_STORE_R_INVALID_SCHEME);
+        ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_INVALID_SCHEME);
         return NULL;
     }
 
     if ((res = OPENSSL_zalloc(sizeof(*res))) == NULL) {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_LOADER_NEW, ERR_R_MALLOC_FAILURE);
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
 
@@ -71,6 +70,14 @@ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *loader,
     return 1;
 }
 
+int OSSL_STORE_LOADER_set_open_with_libctx
+    (OSSL_STORE_LOADER *loader,
+     OSSL_STORE_open_with_libctx_fn open_with_libctx_function)
+{
+    loader->open_with_libctx = open_with_libctx_function;
+    return 1;
+}
+
 int OSSL_STORE_LOADER_set_attach(OSSL_STORE_LOADER *loader,
                                  OSSL_STORE_attach_fn attach_function)
 {
@@ -127,11 +134,6 @@ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *loader,
     return 1;
 }
 
-void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *loader)
-{
-    OPENSSL_free(loader);
-}
-
 /*
  *  Functions for registering OSSL_STORE_LOADERs
  */
@@ -149,6 +151,14 @@ static int store_loader_cmp(const OSSL_STORE_LOADER *a,
 }
 
 static LHASH_OF(OSSL_STORE_LOADER) *loader_register = NULL;
+static int ossl_store_register_init(void)
+{
+    if (loader_register == NULL) {
+        loader_register = lh_OSSL_STORE_LOADER_new(store_loader_hash,
+                                                   store_loader_cmp);
+    }
+    return loader_register != NULL;
+}
 
 int ossl_store_register_loader_int(OSSL_STORE_LOADER *loader)
 {
@@ -168,33 +178,25 @@ int ossl_store_register_loader_int(OSSL_STORE_LOADER *loader)
                    || strchr("+-.", *scheme) != NULL))
             scheme++;
     if (*scheme != '\0') {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_REGISTER_LOADER_INT,
-                      OSSL_STORE_R_INVALID_SCHEME);
-        ERR_add_error_data(2, "scheme=", loader->scheme);
+        ERR_raise_data(ERR_LIB_OSSL_STORE, OSSL_STORE_R_INVALID_SCHEME,
+                       "scheme=%s", loader->scheme);
         return 0;
     }
 
     /* Check that functions we absolutely require are present */
     if (loader->open == NULL || loader->load == NULL || loader->eof == NULL
         || loader->error == NULL || loader->close == NULL) {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_REGISTER_LOADER_INT,
-                      OSSL_STORE_R_LOADER_INCOMPLETE);
+        ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_LOADER_INCOMPLETE);
         return 0;
     }
 
     if (!RUN_ONCE(&registry_init, do_registry_init)) {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_REGISTER_LOADER_INT,
-                      ERR_R_MALLOC_FAILURE);
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
         return 0;
     }
     CRYPTO_THREAD_write_lock(registry_lock);
 
-    if (loader_register == NULL) {
-        loader_register = lh_OSSL_STORE_LOADER_new(store_loader_hash,
-                                                   store_loader_cmp);
-    }
-
-    if (loader_register != NULL
+    if (ossl_store_register_init()
         && (lh_OSSL_STORE_LOADER_insert(loader_register, loader) != NULL
             || lh_OSSL_STORE_LOADER_error(loader_register) == 0))
         ok = 1;
@@ -226,19 +228,17 @@ const OSSL_STORE_LOADER *ossl_store_get0_loader_int(const char *scheme)
         return NULL;
 
     if (!RUN_ONCE(&registry_init, do_registry_init)) {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_GET0_LOADER_INT,
-                      ERR_R_MALLOC_FAILURE);
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
     CRYPTO_THREAD_write_lock(registry_lock);
 
-    loader = lh_OSSL_STORE_LOADER_retrieve(loader_register, &template);
-
-    if (loader == NULL) {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_GET0_LOADER_INT,
-                      OSSL_STORE_R_UNREGISTERED_SCHEME);
-        ERR_add_error_data(2, "scheme=", scheme);
-    }
+    if (!ossl_store_register_init())
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_INTERNAL_ERROR);
+    else if ((loader = lh_OSSL_STORE_LOADER_retrieve(loader_register,
+                                                     &template)) == NULL)
+        ERR_raise_data(ERR_LIB_OSSL_STORE, OSSL_STORE_R_UNREGISTERED_SCHEME,
+                       "scheme=%s", scheme);
 
     CRYPTO_THREAD_unlock(registry_lock);
 
@@ -257,19 +257,17 @@ OSSL_STORE_LOADER *ossl_store_unregister_loader_int(const char *scheme)
     template.close = NULL;
 
     if (!RUN_ONCE(&registry_init, do_registry_init)) {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_UNREGISTER_LOADER_INT,
-                      ERR_R_MALLOC_FAILURE);
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
     CRYPTO_THREAD_write_lock(registry_lock);
 
-    loader = lh_OSSL_STORE_LOADER_delete(loader_register, &template);
-
-    if (loader == NULL) {
-        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_UNREGISTER_LOADER_INT,
-                      OSSL_STORE_R_UNREGISTERED_SCHEME);
-        ERR_add_error_data(2, "scheme=", scheme);
-    }
+    if (!ossl_store_register_init())
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_INTERNAL_ERROR);
+    else if ((loader = lh_OSSL_STORE_LOADER_delete(loader_register,
+                                                   &template)) == NULL)
+        ERR_raise_data(ERR_LIB_OSSL_STORE, OSSL_STORE_R_UNREGISTERED_SCHEME,
+                       "scheme=%s", scheme);
 
     CRYPTO_THREAD_unlock(registry_lock);
 
@@ -284,7 +282,6 @@ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme)
 
 void ossl_store_destroy_loaders_int(void)
 {
-    assert(lh_OSSL_STORE_LOADER_num_items(loader_register) == 0);
     lh_OSSL_STORE_LOADER_free(loader_register);
     loader_register = NULL;
     CRYPTO_THREAD_lock_free(registry_lock);
@@ -300,6 +297,7 @@ int OSSL_STORE_do_all_loaders(void (*do_function) (const OSSL_STORE_LOADER
                                                    *loader, void *do_arg),
                               void *do_arg)
 {
-    lh_OSSL_STORE_LOADER_doall_void(loader_register, do_function, do_arg);
+    if (ossl_store_register_init())
+        lh_OSSL_STORE_LOADER_doall_void(loader_register, do_function, do_arg);
     return 1;
 }
diff --git a/crypto/store/store_result.c b/crypto/store/store_result.c
new file mode 100644
index 0000000000..74aeaf543b
--- /dev/null
+++ b/crypto/store/store_result.c
@@ -0,0 +1,594 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "e_os.h"
+#include <string.h>
+
+#include <openssl/core.h>
+#include <openssl/core_names.h>
+#include <openssl/core_object.h>
+#include <openssl/err.h>
+#include <openssl/pkcs12.h>
+#include <openssl/provider.h>
+#include <openssl/decoder.h>
+#include <openssl/store.h>
+#include "internal/provider.h"
+#include "internal/passphrase.h"
+#include "crypto/evp.h"
+#include "crypto/x509.h"
+#include "store_local.h"
+
+#ifndef OSSL_OBJECT_PKCS12
+/*
+ * The object abstraction doesn't know PKCS#12, but we want to indicate
+ * it anyway, so we create our own.  Since the public macros use positive
+ * numbers, negative ones should be fine.  They must never slip out from
+ * this translation unit anyway.
+ */
+# define OSSL_OBJECT_PKCS12 -1
+#endif
+
+/*
+ * ossl_store_handle_load_result() is initially written to be a companion
+ * to our 'file:' scheme provider implementation, but has been made generic
+ * to serve others as well.
+ *
+ * This result handler takes any object abstraction (see provider-object(7))
+ * and does the best it can with it.  If the object is passed by value (not
+ * by reference), the contents are currently expected to be DER encoded.
+ * If an object type is specified, that will be respected; otherwise, this
+ * handler will guess the contents, by trying the following in order:
+ *
+ * 1.  Decode it into an EVP_PKEY, using OSSL_DECODER.
+ * 2.  Decode it into an X.509 certificate, using d2i_X509 / d2i_X509_AUX.
+ * 3.  Decode it into an X.509 CRL, using d2i_X509_CRL.
+ * 4.  Decode it into a PKCS#12 structure, using d2i_PKCS12 (*).
+ *
+ * For the 'file:' scheme implementation, this is division of labor.  Since
+ * the libcrypto <-> provider interface currently doesn't support certain
+ * structures as first class objects, they must be unpacked from DER here
+ * rather than in the provider.  The current exception is asymmetric keys,
+ * which can reside within the provider boundary, most of all thanks to
+ * OSSL_FUNC_keymgmt_load(), which allows loading the key material by
+ * reference.
+ */
+
+DEFINE_STACK_OF(X509)
+
+struct extracted_param_data_st {
+    int object_type;
+    const char *data_type;
+    const char *utf8_data;
+    const void *octet_data;
+    size_t octet_data_size;
+    const void *ref;
+    size_t ref_size;
+    const char *desc;
+};
+
+static int try_name(struct extracted_param_data_st *, OSSL_STORE_INFO **);
+static int try_key(struct extracted_param_data_st *, OSSL_STORE_INFO **,
+                   OSSL_STORE_CTX *, const OSSL_PROVIDER *,
+                   OPENSSL_CTX *, const char *);
+static int try_cert(struct extracted_param_data_st *, OSSL_STORE_INFO **,
+                    OPENSSL_CTX *, const char *);
+static int try_crl(struct extracted_param_data_st *, OSSL_STORE_INFO **,
+                   OPENSSL_CTX *, const char *);
+static int try_pkcs12(struct extracted_param_data_st *, OSSL_STORE_INFO **,
+                      OSSL_STORE_CTX *, OPENSSL_CTX *, const char *);
+
+int ossl_store_handle_load_result(const OSSL_PARAM params[], void *arg)
+{
+    struct ossl_load_result_data_st *cbdata = arg;
+    OSSL_STORE_INFO **v = &cbdata->v;
+    OSSL_STORE_CTX *ctx = cbdata->ctx;
+    const OSSL_PROVIDER *provider =
+        OSSL_STORE_LOADER_provider(ctx->fetched_loader);
+    OPENSSL_CTX *libctx = ossl_provider_library_context(provider);
+    const char *propq = ctx->properties;
+    const OSSL_PARAM *p;
+    struct extracted_param_data_st helper_data;
+
+    memset(&helper_data, 0, sizeof(helper_data));
+    helper_data.object_type = OSSL_OBJECT_UNKNOWN;
+
+    if ((p = OSSL_PARAM_locate_const(params, OSSL_OBJECT_PARAM_TYPE)) != NULL
+        && !OSSL_PARAM_get_int(p, &helper_data.object_type))
+        return 0;
+    p = OSSL_PARAM_locate_const(params, OSSL_OBJECT_PARAM_DATA_TYPE);
+    if (p != NULL
+        && !OSSL_PARAM_get_utf8_string_ptr(p, &helper_data.data_type))
+        return 0;
+    p = OSSL_PARAM_locate_const(params, OSSL_OBJECT_PARAM_DATA);
+    if (p != NULL
+        && !OSSL_PARAM_get_octet_string_ptr(p, &helper_data.octet_data,
+                                            &helper_data.octet_data_size)
+        && !OSSL_PARAM_get_utf8_string_ptr(p, &helper_data.utf8_data))
+        return 0;
+    p = OSSL_PARAM_locate_const(params, OSSL_OBJECT_PARAM_REFERENCE);
+    if (p != NULL && !OSSL_PARAM_get_octet_string_ptr(p, &helper_data.ref,
+                                                      &helper_data.ref_size))
+        return 0;
+    p = OSSL_PARAM_locate_const(params, OSSL_OBJECT_PARAM_DESC);
+    if (p != NULL && !OSSL_PARAM_get_utf8_string_ptr(p, &helper_data.desc))
+        return 0;
+
+    /*
+     * The helper functions return 0 on actual errors, otherwise 1, even if
+     * they didn't fill out |*v|.
+     */
+    if (!try_name(&helper_data, v)
+        || !try_key(&helper_data, v, ctx, provider, libctx, propq)
+        || !try_cert(&helper_data, v, libctx, propq)
+        || !try_crl(&helper_data, v, libctx, propq)
+        || !try_pkcs12(&helper_data, v, ctx, libctx, propq))
+        return 0;
+
+    return (*v != NULL);
+}
+
+static int try_name(struct extracted_param_data_st *data, OSSL_STORE_INFO **v)
+{
+    if (data->object_type == OSSL_OBJECT_NAME) {
+        char *newname = NULL, *newdesc = NULL;
+
+        if (data->utf8_data == NULL)
+            return 0;
+        if ((newname = OPENSSL_strdup(data->utf8_data)) == NULL
+            || (data->desc != NULL
+                && (newdesc = OPENSSL_strdup(data->desc)) == NULL)
+            || (*v = OSSL_STORE_INFO_new_NAME(newname)) == NULL) {
+            OPENSSL_free(newname);
+            OPENSSL_free(newdesc);
+            return 0;
+        }
+        OSSL_STORE_INFO_set0_NAME_description(*v, newdesc);
+    }
+    return 1;
+}
+
+/*
+ * For the rest of the object types, the provider code may not know what
+ * type of data it gave us, so we may need to figure that out on our own.
+ * Therefore, we do check for OSSL_OBJECT_UNKNOWN everywhere below, and
+ * only return 0 on error if the object type is known.
+ */
+
+static EVP_PKEY *try_key_ref(struct extracted_param_data_st *data,
+                             OSSL_STORE_CTX *ctx,
+                             const OSSL_PROVIDER *provider,
+                             OPENSSL_CTX *libctx, const char *propq)
+{
+    EVP_PKEY *pk = NULL;
+    EVP_KEYMGMT *keymgmt = NULL;
+    void *keydata = NULL;
+
+    /* If we have an object reference, we must have a data type */
+    if (data->data_type == NULL)
+        return 0;
+
+    keymgmt = EVP_KEYMGMT_fetch(libctx, data->data_type, propq);
+    if (keymgmt != NULL) {
+        /*
+         * There are two possible cases
+         *
+         * 1.  The keymgmt is from the same provider as the loader,
+         *     so we can use evp_keymgmt_load()
+         * 2.  The keymgmt is from another provider, then we must
+         *     do the export/import dance.
+         */
+        if (EVP_KEYMGMT_provider(keymgmt) == provider) {
+            keydata = evp_keymgmt_load(keymgmt, data->ref, data->ref_size);
+        } else {
+            struct evp_keymgmt_util_try_import_data_st import_data;
+            OSSL_FUNC_store_export_object_fn *export_object =
+                ctx->fetched_loader->p_export_object;
+
+            import_data.keymgmt = keymgmt;
+            import_data.keydata = NULL;
+            import_data.selection = OSSL_KEYMGMT_SELECT_ALL;
+
+            if (export_object != NULL) {
+                /*
+                 * No need to check for errors here, the value of
+                 * |import_data.keydata| is as much an indicator.
+                 */
+                (void)export_object(ctx->loader_ctx,
+                                    data->ref, data->ref_size,
+                                    &evp_keymgmt_util_try_import,
+                                    &import_data);
+            }
+
+            keydata = import_data.keydata;
+        }
+    }
+    if (keydata != NULL)
+        pk = evp_keymgmt_util_make_pkey(keymgmt, keydata);
+    EVP_KEYMGMT_free(keymgmt);
+
+    return pk;
+}
+
+static EVP_PKEY *try_key_value(struct extracted_param_data_st *data,
+                               OSSL_STORE_CTX *ctx,
+                               OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg,
+                               OPENSSL_CTX *libctx, const char *propq)
+{
+    EVP_PKEY *pk = NULL;
+    OSSL_DECODER_CTX *decoderctx = NULL;
+    BIO *membio =
+        BIO_new_mem_buf(data->octet_data, (int)data->octet_data_size);
+
+    if (membio == NULL)
+        return 0;
+
+    decoderctx = OSSL_DECODER_CTX_new_by_EVP_PKEY(&pk, "DER", libctx, propq);
+    (void)OSSL_DECODER_CTX_set_passphrase_cb(decoderctx, cb, cbarg);
+
+    /* No error if this couldn't be decoded */
+    (void)OSSL_DECODER_from_bio(decoderctx, membio);
+
+    OSSL_DECODER_CTX_free(decoderctx);
+    BIO_free(membio);
+
+    return pk;
+}
+
+typedef OSSL_STORE_INFO *store_info_new_fn(EVP_PKEY *);
+
+static EVP_PKEY *try_key_value_legacy(struct extracted_param_data_st *data,
+                                      store_info_new_fn **store_info_new,
+                                      OSSL_STORE_CTX *ctx,
+                                      OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg,
+                                      OPENSSL_CTX *libctx, const char *propq)
+{
+    EVP_PKEY *pk = NULL;
+    const unsigned char *der = data->octet_data, *derp;
+    long der_len = (long)data->octet_data_size;
+
+    /* Try PUBKEY first, that's a real easy target */
+    derp = der;
+    pk = d2i_PUBKEY_ex(NULL, &derp, der_len, libctx, propq);
+    if (pk != NULL)
+        *store_info_new = OSSL_STORE_INFO_new_PUBKEY;
+
+    /* Try private keys next */
+    if (pk == NULL) {
+        unsigned char *new_der = NULL;
+        X509_SIG *p8 = NULL;
+        PKCS8_PRIV_KEY_INFO *p8info = NULL;
+
+        /* See if it's an encrypted PKCS#8 and decrypt it */
+        derp = der;
+        if ((p8 = d2i_X509_SIG(NULL, &derp, der_len)) != NULL) {
+            char pbuf[PEM_BUFSIZE];
+            size_t plen = 0;
+
+            if (!cb(pbuf, sizeof(pbuf), &plen, NULL, cbarg)) {
+                ERR_raise(ERR_LIB_OSSL_STORE,
+                          OSSL_STORE_R_BAD_PASSWORD_READ);
+            } else {
+                const X509_ALGOR *alg = NULL;
+                const ASN1_OCTET_STRING *oct = NULL;
+                int len = 0;
+
+                X509_SIG_get0(p8, &alg, &oct);
+
+                /*
+                 * No need to check the returned value, |new_der|
+                 * will be NULL on error anyway.
+                 */
+                PKCS12_pbe_crypt(alg, pbuf, plen,
+                                 oct->data, oct->length,
+                                 &new_der, &len, 0);
+                der_len = len;
+                der = new_der;
+            }
+            X509_SIG_free(p8);
+        }
+
+        /*
+         * If the encrypted PKCS#8 couldn't be decrypted,
+         * |der| is NULL
+         */
+        if (der != NULL) {
+            /* Try to unpack an unencrypted PKCS#8, that's easy */
+            derp = der;
+            p8info = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp, der_len);
+            if (p8info != NULL) {
+                pk = evp_pkcs82pkey_int(p8info, libctx, propq);
+                PKCS8_PRIV_KEY_INFO_free(p8info);
+            }
+
+            /*
+             * It wasn't PKCS#8, so we must try the hard way.
+             * However, we can cheat a little bit, because we know
+             * what's not yet fully supported in out decoders.
+             * TODO(3.0) Eliminate these when we have decoder support.
+             */
+            if (pk == NULL) {
+                derp = der;
+                pk = d2i_PrivateKey_ex(EVP_PKEY_SM2, NULL,
+                                       &derp, der_len,
+                                       libctx, NULL);
+            }
+        }
+
+        if (pk != NULL)
+            *store_info_new = OSSL_STORE_INFO_new_PKEY;
+
+        OPENSSL_free(new_der);
+        der = data->octet_data;
+        der_len = (long)data->octet_data_size;
+    }
+
+    /*
+     * Last, we try parameters.  We cheat the same way we do for
+     * private keys above.
+     * TODO(3.0) Eliminate these when we have decoder support.
+     */
+    if (pk == NULL) {
+        derp = der;
+        pk = d2i_KeyParams(EVP_PKEY_SM2, NULL, &derp, der_len);
+        if (pk != NULL)
+            *store_info_new = OSSL_STORE_INFO_new_PARAMS;
+    }
+
+    return pk;
+}
+
+static int try_key(struct extracted_param_data_st *data, OSSL_STORE_INFO **v,
+                   OSSL_STORE_CTX *ctx, const OSSL_PROVIDER *provider,
+                   OPENSSL_CTX *libctx, const char *propq)
+{
+    store_info_new_fn *store_info_new = NULL;
+
+    if (data->object_type == OSSL_OBJECT_UNKNOWN
+        || data->object_type == OSSL_OBJECT_PKEY) {
+        EVP_PKEY *pk = NULL;
+
+        /* Prefer key by reference than key by value */
+        if (data->object_type == OSSL_OBJECT_PKEY && data->ref != NULL) {
+            pk = try_key_ref(data, ctx, provider, libctx, propq);
+
+            /*
+             * If for some reason we couldn't get a key, it's an error.
+             * It indicates that while decoders could make a key reference,
+             * the keymgmt somehow couldn't handle it, or doesn't have a
+             * OSSL_FUNC_keymgmt_load function.
+             */
+            if (pk == NULL)
+                return 0;
+        } else if (data->octet_data != NULL) {
+            OSSL_PASSPHRASE_CALLBACK *cb = ossl_pw_passphrase_callback_dec;
+            void *cbarg = &ctx->pwdata;
+
+            pk = try_key_value(data, ctx, cb, cbarg, libctx, propq);
+
+            /*
+             * Desperate last maneuver, in case the decoders don't support
+             * the data we have, then we try on our own to at least get a
+             * legacy key.
+             * This is the same as der2key_decode() does, but in a limited
+             * way and within the walls of libcrypto.
+             *
+             * TODO Remove this when #legacy keys are gone
+             */
+            if (pk == NULL)
+                pk = try_key_value_legacy(data, &store_info_new, ctx,
+                                          cb, cbarg, libctx, propq);
+        }
+
+        if (pk != NULL) {
+            data->object_type = OSSL_OBJECT_PKEY;
+
+            if (store_info_new == NULL) {
+                /*
+                 * We determined the object type for OSSL_STORE_INFO, which
+                 * makes an explicit difference between an EVP_PKEY with just
+                 * (domain) parameters and an EVP_PKEY with actual key
+                 * material.
+                 * The logic is that an EVP_PKEY with actual key material
+                 * always has the public half.
+                 */
+                if (evp_keymgmt_util_has(pk, OSSL_KEYMGMT_SELECT_PRIVATE_KEY))
+                    store_info_new = OSSL_STORE_INFO_new_PKEY;
+                else if (evp_keymgmt_util_has(pk,
+                                              OSSL_KEYMGMT_SELECT_PUBLIC_KEY))
+                    store_info_new = OSSL_STORE_INFO_new_PUBKEY;
+                else
+                    store_info_new = OSSL_STORE_INFO_new_PARAMS;
+            }
+            *v = store_info_new(pk);
+        }
+
+        if (*v == NULL)
+            EVP_PKEY_free(pk);
+    }
+
+    return 1;
+}
+
+static int try_cert(struct extracted_param_data_st *data, OSSL_STORE_INFO **v,
+                    OPENSSL_CTX *libctx, const char *propq)
+{
+    if (data->object_type == OSSL_OBJECT_UNKNOWN
+        || data->object_type == OSSL_OBJECT_CERT) {
+        X509 *cert;
+
+        /*
+         * In most cases, we can try to interpret the serialized
+         * data as a trusted cert (X509 + X509_AUX) and fall back
+         * to reading it as a normal cert (just X509), but if
+         * |data_type| (the PEM name) specifically declares it as a
+         * trusted cert, then no fallback should be engaged.
+         * |ignore_trusted| tells if the fallback can be used (1)
+         * or not (0).
+         */
+        int ignore_trusted = 1;
+
+        /* If we have a data type, it should be a PEM name */
+        if (data->data_type != NULL
+            && (strcasecmp(data->data_type, PEM_STRING_X509_TRUSTED) == 0))
+            ignore_trusted = 0;
+
+        cert = d2i_X509_AUX(NULL, (const unsigned char **)&data->octet_data,
+                            data->octet_data_size);
+        if (cert == NULL && ignore_trusted)
+            cert = d2i_X509(NULL, (const unsigned char **)&data->octet_data,
+                            data->octet_data_size);
+
+        if (cert != NULL)
+            /* We determined the object type */
+            data->object_type = OSSL_OBJECT_CERT;
+
+        if (cert != NULL && !x509_set0_libctx(cert, libctx, propq)) {
+            X509_free(cert);
+            cert = NULL;
+        }
+
+        if (cert != NULL)
+            *v = OSSL_STORE_INFO_new_CERT(cert);
+        if (*v == NULL)
+            X509_free(cert);
+    }
+
+    return 1;
+}
+
+static int try_crl(struct extracted_param_data_st *data, OSSL_STORE_INFO **v,
+                   OPENSSL_CTX *libctx, const char *propq)
+{
+    if (data->object_type == OSSL_OBJECT_UNKNOWN
+        || data->object_type == OSSL_OBJECT_CRL) {
+        X509_CRL *crl;
+
+        crl = d2i_X509_CRL(NULL, (const unsigned char **)&data->octet_data,
+                           data->octet_data_size);
+        if (crl != NULL)
+            /* We determined the object type */
+            data->object_type = OSSL_OBJECT_CRL;
+
+        if (crl != NULL && !x509_crl_set0_libctx(crl, libctx, propq)) {
+            X509_CRL_free(crl);
+            crl = NULL;
+        }
+
+        if (crl != NULL)
+            *v = OSSL_STORE_INFO_new_CRL(crl);
+        if (*v == NULL)
+            X509_CRL_free(crl);
+    }
+
+    return 1;
+}
+
+static int try_pkcs12(struct extracted_param_data_st *data, OSSL_STORE_INFO **v,
+                      OSSL_STORE_CTX *ctx,
+                      OPENSSL_CTX *libctx, const char *propq)
+{
+    /* There is no specific object type for PKCS12 */
+    if (data->object_type == OSSL_OBJECT_UNKNOWN) {
+        /* Initial parsing */
+        PKCS12 *p12;
+
+        if ((p12 = d2i_PKCS12(NULL, (const unsigned char **)&data->octet_data,
+                              data->octet_data_size)) != NULL) {
+            char *pass = NULL;
+            char tpass[PEM_BUFSIZE];
+            size_t tpass_len;
+            EVP_PKEY *pkey = NULL;
+            X509 *cert = NULL;
+            STACK_OF(X509) *chain = NULL;
+
+            data->object_type = OSSL_OBJECT_PKCS12;
+
+            if (PKCS12_verify_mac(p12, "", 0)
+                || PKCS12_verify_mac(p12, NULL, 0)) {
+                pass = "";
+            } else {
+                static char prompt_info[] = "PKCS12 import pass phrase";
+                OSSL_PARAM pw_params[] = {
+                    OSSL_PARAM_utf8_string(OSSL_PASSPHRASE_PARAM_INFO,
+                                           prompt_info,
+                                           sizeof(prompt_info) - 1),
+                    OSSL_PARAM_END
+                };
+
+                if (!ossl_pw_get_passphrase(tpass, sizeof(tpass), &tpass_len,
+                                            pw_params, 0, &ctx->pwdata)) {
+                    ERR_raise(ERR_LIB_OSSL_STORE,
+                              OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR);
+                    goto p12_end;
+                }
+                pass = tpass;
+                if (!PKCS12_verify_mac(p12, pass, strlen(pass))) {
+                    ERR_raise(ERR_LIB_OSSL_STORE,
+                              OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC);
+                    goto p12_end;
+                }
+            }
+
+            if (PKCS12_parse(p12, pass, &pkey, &cert, &chain)) {
+                STACK_OF(OSSL_STORE_INFO) *infos = NULL;
+                OSSL_STORE_INFO *osi_pkey = NULL;
+                OSSL_STORE_INFO *osi_cert = NULL;
+                OSSL_STORE_INFO *osi_ca = NULL;
+                int ok = 1;
+
+                if ((infos = sk_OSSL_STORE_INFO_new_null()) != NULL) {
+                    if (pkey != NULL) {
+                        if ((osi_pkey = OSSL_STORE_INFO_new_PKEY(pkey)) != NULL
+                            /* clearing pkey here avoids case distinctions */
+                            && (pkey = NULL) == NULL
+                            && sk_OSSL_STORE_INFO_push(infos, osi_pkey) != 0)
+                            osi_pkey = NULL;
+                        else
+                            ok = 0;
+                    }
+                    if (ok && cert != NULL) {
+                        if ((osi_cert = OSSL_STORE_INFO_new_CERT(cert)) != NULL
+                            /* clearing cert here avoids case distinctions */
+                            && (cert = NULL) == NULL
+                            && sk_OSSL_STORE_INFO_push(infos, osi_cert) != 0)
+                            osi_cert = NULL;
+                        else
+                            ok = 0;
+                    }
+                    while (ok && sk_X509_num(chain) > 0) {
+                        X509 *ca = sk_X509_value(chain, 0);
+
+                        if ((osi_ca = OSSL_STORE_INFO_new_CERT(ca)) != NULL
+                            && sk_X509_shift(chain) != NULL
+                            && sk_OSSL_STORE_INFO_push(infos, osi_ca) != 0)
+                            osi_ca = NULL;
+                        else
+                            ok = 0;
+                    }
+                }
+                EVP_PKEY_free(pkey);
+                X509_free(cert);
+                sk_X509_pop_free(chain, X509_free);
+                OSSL_STORE_INFO_free(osi_pkey);
+                OSSL_STORE_INFO_free(osi_cert);
+                OSSL_STORE_INFO_free(osi_ca);
+                if (!ok) {
+                    sk_OSSL_STORE_INFO_pop_free(infos, OSSL_STORE_INFO_free);
+                    infos = NULL;
+                }
+                ctx->cached_info = infos;
+            }
+        }
+     p12_end:
+        PKCS12_free(p12);
+        *v = sk_OSSL_STORE_INFO_shift(ctx->cached_info);
+    }
+
+    return 1;
+}
diff --git a/crypto/x509/x_crl.c b/crypto/x509/x_crl.c
index 1690dd8963..44f374aed3 100644
--- a/crypto/x509/x_crl.c
+++ b/crypto/x509/x_crl.c
@@ -494,3 +494,12 @@ void *X509_CRL_get_meth_data(X509_CRL *crl)
 {
     return crl->meth_data;
 }
+
+int x509_crl_set0_libctx(X509_CRL *x, OPENSSL_CTX *libctx, const char *propq)
+{
+    if (x != NULL) {
+        x->libctx = libctx;
+        x->propq = propq;
+    }
+    return 1;
+}
diff --git a/doc/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.pod b/doc/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.pod
index 4486e6b001..620688e322 100644
--- a/doc/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.pod
+++ b/doc/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.pod
@@ -5,7 +5,8 @@
 OSSL_DECODER_CTX_new_by_EVP_PKEY,
 OSSL_DECODER_CTX_set_passphrase,
 OSSL_DECODER_CTX_set_pem_password_cb,
-OSSL_DECODER_CTX_set_passphrase_ui
+OSSL_DECODER_CTX_set_passphrase_ui,
+OSSL_DECODER_CTX_set_passphrase_cb
 - Decoder routines to decode EVP_PKEYs
 
 =head1 SYNOPSIS
@@ -25,6 +26,9 @@ OSSL_DECODER_CTX_set_passphrase_ui
  int OSSL_DECODER_CTX_set_passphrase_ui(OSSL_DECODER_CTX *ctx,
                                         const UI_METHOD *ui_method,
                                         void *ui_data);
+ int OSSL_DECODER_CTX_set_passphrase_cb(OSSL_DECODER_CTX *ctx,
+                                        OSSL_PASSPHRASE_CALLBACK *cb,
+                                        void *cbarg);
 
 =head1 DESCRIPTION
 
@@ -55,29 +59,26 @@ pass phrase to use when decrypting the encoded private key.
 Alternatively, a pass phrase callback may be specified with the
 following functions.
 
-OSSL_DECODER_CTX_set_pem_password_cb() and
-OSSL_DECODER_CTX_set_passphrase_ui() set up a callback method that
+OSSL_DECODER_CTX_set_pem_password_cb(),
+OSSL_DECODER_CTX_set_passphrase_ui() and
+OSSL_DECODER_CTX_set_passphrase_cb() set up a callback method that
 the implementation can use to prompt for a pass phrase, giving the caller
 the choice of prefered pass phrase callback form.  These are called
 indirectly, through an internal B<OSSL_PASSPHRASE_CALLBACK> function.
 
-The internal B<OSSL_PASSPHRASE_CALLBACK> function caches the pass phrase, to
-be re-used in all decodings that are performed in the same
-decoding run
+The internal B<OSSL_PASSPHRASE_CALLBACK> function caches the pass phrase,
+to be re-used in all decodings that are performed in the same decoding run
 (for example, within one L<OSSL_DECODER_from_bio(3)> call).
 
-=for comment the name OSSL_DECODER_CTX_set_pem_password_cb() leaves
-open the future possibility of having a function where the caller can set a
-B<OSSL_PASSPHRASE_CALLBACK> method as another option.
-
 =head1 RETURN VALUES
 
 OSSL_DECODER_CTX_new_by_EVP_PKEY() returns a pointer to a
 B<OSSL_DECODER_CTX>, or NULL if it couldn't be created.
 
 OSSL_DECODER_CTX_set_passphrase(),
-OSSL_DECODER_CTX_set_pem_password_cb() and
-OSSL_DECODER_CTX_set_passphrase_ui()
+OSSL_DECODER_CTX_set_pem_password_cb(),
+OSSL_DECODER_CTX_set_passphrase_ui() and
+OSSL_DECODER_CTX_set_passphrase_cb()
 all return 1 on success, or 0 on failure.
 
 =head1 NOTES
diff --git a/doc/man3/OSSL_DECODER_from_bio.pod b/doc/man3/OSSL_DECODER_from_bio.pod
index 1beb74d5ff..560231fe23 100644
--- a/doc/man3/OSSL_DECODER_from_bio.pod
+++ b/doc/man3/OSSL_DECODER_from_bio.pod
@@ -41,7 +41,7 @@ OSSL_DECODER_INSTANCE_decoder_ctx
  void *OSSL_DECODER_INSTANCE_decoder_ctx(OSSL_DECODER_INSTANCE *decoder_inst);
 
  typedef int (OSSL_DECODER_CONSTRUCT)(OSSL_DECODER_INSTANCE *decoder_inst,
-                                      const OSSL_PARAM *params,
+                                      const OSSL_PARAM *object,
                                       void *construct_data);
  typedef void (OSSL_DECODER_CLEANUP)(void *construct_data);
 
@@ -168,9 +168,11 @@ A B<OSSL_DECODER_CONSTRUCT> gets the following arguments:
 The B<OSSL_DECODER_INSTANCE> for the decoder from which
 the constructor gets its data.
 
-=item I<params>
+=item I<object>
 
-The data produced by the decoder, further described below.
+A provider-native object abstraction produced by the decoder.  Further
+information on the provider-native object abstraction can be found in
+L<provider-object(7)>.
 
 =item I<construct_data>
 
@@ -181,45 +183,6 @@ The pointer that was set with OSSL_DECODE_CTX_set_construct_data().
 The constructor is expected to return 1 when the data it receives can
 be constructed, otherwise 0.
 
-The globally known parameters that the constructor can get in I<params>
-are:
-
-=over 4
-
-=item "data-type" (B<OSSL_DECODER_PARAM_DATA_TYPE>) <UTF8 string>
-
-This is a detected content type that some decoders may provide.
-For example, PEM input sometimes has a type specified in its header,
-and some decoders may add that information as this parameter.
-This is an optional parameter, but may be useful for extra checks in
-the constructor.
-
-=item "data" (B<OSSL_DECODER_PARAM_DATA>) <octet string>
-
-The decoded data itself, as an octet string.  This is produced by
-decoders when it's possible to pass an object in this form.  Most
-often, this is simply meant to be passed to the next decoder in a
-chain, but could be considered final data as well, at the discretion
-of the constructor.
-
-=item "reference" (B<OSSL_DECODER_PARAM_DATA>) <octet string>
-
-The decoded data itself, as a reference to an object.  The
-reference itself is an octet string, and can be passed to other
-operations and functions within the same provider as the one that
-provides I<decoder>.
-
-=back
-
-At least one of "data" or "reference" must be present, and it's
-possible that both can be.  A constructor should choose to use the
-"reference" parameter if possible, otherwise it should use the "data"
-parameter.
-
-If it's not possible to use the "reference" parameter, but that's
-still what a constructor wants to do, it is possible to use
-OSSL_DECODER_export() as a fallback.
-
 =head1 RETURN VALUES
 
 OSSL_DECODER_from_bio() and OSSL_DECODER_from_fp() return 1 on
diff --git a/doc/man3/OSSL_PARAM_int.pod b/doc/man3/OSSL_PARAM_int.pod
index 6712a07327..691bc3b340 100644
--- a/doc/man3/OSSL_PARAM_int.pod
+++ b/doc/man3/OSSL_PARAM_int.pod
@@ -24,6 +24,7 @@ OSSL_PARAM_get_time_t, OSSL_PARAM_get_uint, OSSL_PARAM_get_uint32,
 OSSL_PARAM_get_uint64, OSSL_PARAM_get_ulong, OSSL_PARAM_get_BN,
 OSSL_PARAM_get_utf8_string, OSSL_PARAM_get_octet_string,
 OSSL_PARAM_get_utf8_ptr, OSSL_PARAM_get_octet_ptr,
+OSSL_PARAM_get_utf8_string_ptr, OSSL_PARAM_get_octet_string_ptr,
 OSSL_PARAM_set_double, OSSL_PARAM_set_int, OSSL_PARAM_set_int32,
 OSSL_PARAM_set_int64, OSSL_PARAM_set_long, OSSL_PARAM_set_size_t,
 OSSL_PARAM_set_time_t, OSSL_PARAM_set_uint, OSSL_PARAM_set_uint32,
@@ -96,6 +97,10 @@ OSSL_PARAM_UNMODIFIED, OSSL_PARAM_modified, OSSL_PARAM_set_all_unmodified
  int OSSL_PARAM_set_octet_ptr(OSSL_PARAM *p, const void *val,
                               size_t used_len);
 
+ int OSSL_PARAM_get_utf8_string_ptr(const OSSL_PARAM *p, const char **val);
+ int OSSL_PARAM_get_octet_string_ptr(const OSSL_PARAM *p, const void **val,
+                                     size_t *used_len);
+
  int OSSL_PARAM_modified(const OSSL_PARAM *param);
  void OSSL_PARAM_set_all_unmodified(OSSL_PARAM *params);
 
@@ -264,6 +269,17 @@ OSSL_PARAM_set_octet_ptr() sets the OCTET string pointer in the parameter
 referenced by B<p> to the values B<val>.
 The length of the OCTET string is provided by B<used_len>.
 
+OSSL_PARAM_get_utf8_string_ptr() retrieves the pointer to a UTF8 string from
+the parameter pointed to by B<p>, and stores that pointer in B<*val>.
+This is different from OSSL_PARAM_get_utf8_string(), which copies the
+string.
+
+OSSL_PARAM_get_octet_string_ptr() retrieves the pointer to a octet string
+from the parameter pointed to by B<p>, and stores that pointer in B<*val>,
+along with the string's length in B<*used_len>.
+This is different from OSSL_PARAM_get_octet_string(), which copies the
+string.
+
 The OSSL_PARAM_UNMODIFIED macro is used to detect if a parameter was set.  On
 creation, via either the macros or construct calls, the I<return_size> field
 is set to this.  If the parameter is set using the calls defined herein, the
diff --git a/doc/man3/OSSL_STORE_LOADER.pod b/doc/man3/OSSL_STORE_LOADER.pod
index 64b15c18c8..4e25f79f9e 100644
--- a/doc/man3/OSSL_STORE_LOADER.pod
+++ b/doc/man3/OSSL_STORE_LOADER.pod
@@ -2,16 +2,26 @@
 
 =head1 NAME
 
-OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new,
+OSSL_STORE_LOADER,
+OSSL_STORE_LOADER_fetch,
+OSSL_STORE_LOADER_up_ref,
+OSSL_STORE_LOADER_free,
+OSSL_STORE_LOADER_provider,
+OSSL_STORE_LOADER_properties,
+OSSL_STORE_LOADER_is_a,
+OSSL_STORE_LOADER_number,
+OSSL_STORE_LOADER_do_all_provided,
+OSSL_STORE_LOADER_names_do_all,
+OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new,
 OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme,
-OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_attach,
-OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect,
-OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load,
-OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error,
-OSSL_STORE_LOADER_set_close,
-OSSL_STORE_LOADER_free, OSSL_STORE_register_loader,
-OSSL_STORE_unregister_loader,
-OSSL_STORE_open_fn, OSSL_STORE_attach_fn, OSSL_STORE_ctrl_fn,
+OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_open_with_libctx,
+OSSL_STORE_LOADER_set_attach, OSSL_STORE_LOADER_set_ctrl,
+OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find,
+OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof,
+OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close,
+OSSL_STORE_register_loader, OSSL_STORE_unregister_loader,
+OSSL_STORE_open_fn, OSSL_STORE_open_with_libctx_fn,
+OSSL_STORE_attach_fn, OSSL_STORE_ctrl_fn,
 OSSL_STORE_expect_fn, OSSL_STORE_find_fn,
 OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn,
 OSSL_STORE_close_fn - Types and functions to manipulate, register and
@@ -23,6 +33,28 @@ unregister STORE loaders for different URI schemes
 
  typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
 
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_fetch(const char *scheme,
+                                            OPENSSL_CTX *libctx,
+                                            const char *properties);
+ int OSSL_STORE_LOADER_up_ref(OSSL_STORE_LOADER *loader);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *loader);
+ const OSSL_PROVIDER *OSSL_STORE_LOADER_provider(const OSSL_STORE_LOADER *
+                                                 loader);
+ const char *OSSL_STORE_LOADER_properties(const OSSL_STORE_LOADER *loader);
+ int OSSL_STORE_LOADER_number(const OSSL_STORE_LOADER *loader);
+ int OSSL_STORE_LOADER_is_a(const OSSL_STORE_LOADER *loader,
+                            const char *scheme);
+ void OSSL_STORE_LOADER_do_all_provided(OPENSSL_CTX *libctx,
+                                        void (*fn)(OSSL_STORE_LOADER *loader,
+                                                   void *arg),
+                                        void *arg);
+ void OSSL_STORE_LOADER_names_do_all(const OSSL_STORE_LOADER *loader,
+                                     void (*fn)(const char *name, void *data),
+                                     void *data);
+
+Legacy functions, still present to support B<OSSL_STORE_LOADER>s provided
+by B<ENGINE>:
+
  OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
  const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
                                              *store_loader);
@@ -36,6 +68,11 @@ unregister STORE loaders for different URI schemes
      const char *uri, const UI_METHOD *ui_method, void *ui_data);
  int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
                                 OSSL_STORE_open_fn store_open_function);
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_with_libctx_fn)(
+     const char *uri, const UI_METHOD *ui_method, void *ui_data);
+ int OSSL_STORE_LOADER_set_open_with_libctx
+     (OSSL_STORE_LOADER *store_loader,
+      OSSL_STORE_open_with_libctx_fn store_open_with_libctx_function);
  typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_attach_fn)
      (const OSSL_STORE_LOADER *loader, BIO *bio,
       OPENSSL_CTX *libctx, const char *propq,
@@ -74,52 +111,90 @@ unregister STORE loaders for different URI schemes
 
 =head1 DESCRIPTION
 
-These functions help applications and engines to create loaders for
-schemes they support.
+B<OSSL_STORE_LOADER> is a method for OSSL_STORE loaders, which implement
+OSSL_STORE_open(), OSSL_STORE_open_with_libctx(), OSSL_STORE_load(),
+OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for specific
+storage schemes.
+
+OSSL_STORE_LOADER_fetch() looks for an implementation for a storage
+I<scheme> within the providers that has been loaded into the B<OPENSSL_CTX>
+given by I<ctx>, and with the properties given by I<properties>.
+
+OSSL_STORE_LOADER_up_ref() increments the reference count for the given
+I<loader>.
+
+OSSL_STORE_LOADER_free() decrements the reference count for the given
+I<loader>, and when the count reaches zero, frees it.
+
+OSSL_STORE_LOADER_provider() returns the provider of the given
+I<loader>.
 
-=head2 Types
+OSSL_STORE_LOADER_properties() returns the property definition associated
+with the given I<loader>.
 
-B<OSSL_STORE_LOADER> is the type to hold a loader.
-It contains a scheme and the functions needed to implement
-OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and
-OSSL_STORE_close() for this scheme.
+OSSL_STORE_LOADER_is_a() checks if I<loader> is an implementation
+of an algorithm that's identifiable with I<scheme>.
+
+OSSL_STORE_LOADER_number() returns the internal dynamic number assigned
+to the given I<loader>.
+
+OSSL_STORE_LOADER_do_all_provided() traverses all store implementations
+by all activated providers in the library context I<libctx>, and for each
+of the implementations, calls I<fn> with the implementation method and
+I<data> as arguments.
+
+OSSL_STORE_LOADER_names_do_all() traverses all names for the given
+I<loader>, and calls I<fn> with each name and I<data>.
+
+=head2 Legacy Types and Functions
+
+These functions help applications and engines to create loaders for
+schemes they support.  These are all discouraged in favour of provider
+implementations, see L<provider-storemgmt(7)>.
 
 B<OSSL_STORE_LOADER_CTX> is a type template, to be defined by each loader
-using B<struct ossl_store_loader_ctx_st { ... }>.
+using C<struct ossl_store_loader_ctx_st { ... }>.
 
-B<OSSL_STORE_open_fn>, B<OSSL_STORE_ctrl_fn>, B<OSSL_STORE_expect_fn>,
-B<OSSL_STORE_find_fn>, B<OSSL_STORE_load_fn>, B<OSSL_STORE_eof_fn>,
-and B<OSSL_STORE_close_fn>
+B<OSSL_STORE_open_fn>, B<OSSL_STORE_open_with_libctx_fn>,
+B<OSSL_STORE_ctrl_fn>, B<OSSL_STORE_expect_fn>, B<OSSL_STORE_find_fn>,
+B<OSSL_STORE_load_fn>, B<OSSL_STORE_eof_fn>, and B<OSSL_STORE_close_fn>
 are the function pointer types used within a STORE loader.
 The functions pointed at define the functionality of the given loader.
 
 =over 4
 
-=item B<OSSL_STORE_open_fn>
+=item B<OSSL_STORE_open_fn> and B<OSSL_STORE_open_with_libctx_fn>
 
-This function takes a URI and is expected to interpret it in the best
-manner possible according to the scheme the loader implements, it also
-takes a B<UI_METHOD> and associated data, to be used any time
-something needs to be prompted for.
+B<OSSL_STORE_open_with_libctx_fn> takes a URI and is expected to
+interpret it in the best manner possible according to the scheme the
+loader implements.  It also takes a B<UI_METHOD> and associated data,
+to be used any time something needs to be prompted for, as well as a
+library context I<libctx> with an associated property query I<propq>,
+to be used when fetching necessary algorithms to perform the loads.
 Furthermore, this function is expected to initialize what needs to be
-initialized, to create a private data store (B<OSSL_STORE_LOADER_CTX>, see
-above), and to return it.
+initialized, to create a private data store (B<OSSL_STORE_LOADER_CTX>,
+see above), and to return it.
 If something goes wrong, this function is expected to return NULL.
 
-=item B<OSSL_STORE_open_fn>
+B<OSSL_STORE_open_fn> does the same thing as
+B<OSSL_STORE_open_with_libctx_fn> but uses NULL for the library
+context I<libctx> and property query I<propq>.
 
-This function takes a B<BIO>, otherwise works like B<OSSL_STORE_open_fn>.
+=item B<OSSL_STORE_attach_fn>
+
+This function takes a B<BIO>, otherwise works like
+B<OSSL_STORE_open_with_libctx_fn>.
 
 =item B<OSSL_STORE_ctrl_fn>
 
 This function takes a B<OSSL_STORE_LOADER_CTX> pointer, a command number
-B<cmd> and a B<va_list> B<args> and is used to manipulate loader
+I<cmd> and a B<va_list> I<args> and is used to manipulate loader
 specific parameters.
 
 =begin comment
 
 Globally known command numbers are documented in L<OSSL_STORE_ctrl(3)>,
-along with what B<args> are expected with each of them.
+along with what I<args> are expected with each of them.
 
 =end comment
 
@@ -132,9 +207,9 @@ This function is expected to return 1 on success, 0 on error.
 =item B<OSSL_STORE_expect_fn>
 
 This function takes a B<OSSL_STORE_LOADER_CTX> pointer and a B<OSSL_STORE_INFO>
-identity B<expected>, and is used to tell the loader what object type is
+identity I<expected>, and is used to tell the loader what object type is
 expected.
-B<expected> may be zero to signify that no specific object type is expected.
+I<expected> may be zero to signify that no specific object type is expected.
 
 This function is expected to return 1 on success, 0 on error.
 
@@ -144,10 +219,10 @@ This function takes a B<OSSL_STORE_LOADER_CTX> pointer and a
 B<OSSL_STORE_SEARCH> search criterion, and is used to tell the loader what
 to search for.
 
-When called with the loader context being B<NULL>, this function is expected
+When called with the loader context being NULL, this function is expected
 to return 1 if the loader supports the criterion, otherwise 0.
 
-When called with the loader context being something other than B<NULL>, this
+When called with the loader context being something other than NULL, this
 function is expected to return 1 on success, 0 on error.
 
 =item B<OSSL_STORE_load_fn>
@@ -186,78 +261,105 @@ It returns 1 on success and 0 on error.
 
 =back
 
-=head2 Functions
-
 OSSL_STORE_LOADER_new() creates a new B<OSSL_STORE_LOADER>.
-It takes an B<ENGINE> B<e> and a string B<scheme>.
-B<scheme> must I<always> be set.
-Both B<e> and B<scheme> are used as is and must therefore be alive as
+It takes an B<ENGINE> I<e> and a string I<scheme>.
+I<scheme> must I<always> be set.
+Both I<e> and I<scheme> are used as is and must therefore be alive as
 long as the created loader is.
 
-OSSL_STORE_LOADER_get0_engine() returns the engine of the B<store_loader>.
-OSSL_STORE_LOADER_get0_scheme() returns the scheme of the B<store_loader>.
+OSSL_STORE_LOADER_get0_engine() returns the engine of the I<store_loader>.
+OSSL_STORE_LOADER_get0_scheme() returns the scheme of the I<store_loader>.
 
 OSSL_STORE_LOADER_set_open() sets the opener function for the
-B<store_loader>.
+I<store_loader>.
+
+OSSL_STORE_LOADER_set_open_with_libctx() sets the opener with library context
+function for the I<store_loader>.
 
 OSSL_STORE_LOADER_set_attach() sets the attacher function for the
-B<store_loader>.
+I<store_loader>.
 
 OSSL_STORE_LOADER_set_ctrl() sets the control function for the
-B<store_loader>.
+I<store_loader>.
 
 OSSL_STORE_LOADER_set_expect() sets the expect function for the
-B<store_loader>.
+I<store_loader>.
 
 OSSL_STORE_LOADER_set_load() sets the loader function for the
-B<store_loader>.
+I<store_loader>.
 
 OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the
-B<store_loader>.
+I<store_loader>.
 
 OSSL_STORE_LOADER_set_close() sets the closing function for the
-B<store_loader>.
+I<store_loader>.
 
-OSSL_STORE_LOADER_free() frees the given B<store_loader>.
+OSSL_STORE_LOADER_free() frees the given I<store_loader>.
 
-OSSL_STORE_register_loader() register the given B<store_loader> and thereby
-makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(),
-OSSL_STORE_eof() and OSSL_STORE_close().
+OSSL_STORE_register_loader() register the given I<store_loader> and
+thereby makes it available for use with OSSL_STORE_open(),
+OSSL_STORE_open_with_libctx(), OSSL_STORE_load(), OSSL_STORE_eof()
+and OSSL_STORE_close().
 
 OSSL_STORE_unregister_loader() unregister the store loader for the given
-B<scheme>.
+I<scheme>.
 
-=head1 NOTES
+=head1 RETURN VALUES
 
-The B<file:> scheme has built in support.
+OSSL_STORE_LOADER_fetch() returns a pointer to an OSSL_STORE_LOADER object,
+or NULL on error.
 
-=head1 RETURN VALUES
+OSSL_STORE_LOADER_up_ref() returns 1 on success, or 0 on error.
+
+OSSL_STORE_LOADER_free() doesn't return any value.
+
+OSSL_STORE_LOADER_provider() returns a pointer to a provider object, or
+NULL on error.
 
-The functions with the types B<OSSL_STORE_open_fn>, B<OSSL_STORE_ctrl_fn>,
-B<OSSL_STORE_expect_fn>,
-B<OSSL_STORE_load_fn>, B<OSSL_STORE_eof_fn> and B<OSSL_STORE_close_fn> have the
-same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(),
+OSSL_STORE_LOADER_properties() returns a pointer to a property
+definition string, or NULL on error.
+
+OSSL_STORE_LOADER_is_a() returns 1 if I<loader> was identifiable,
+otherwise 0.
+
+OSSL_STORE_LOADER_number() returns an integer.
+
+The functions with the types B<OSSL_STORE_open_fn>,
+B<OSSL_STORE_open_with_libctx_fn>, B<OSSL_STORE_ctrl_fn>,
+B<OSSL_STORE_expect_fn>, B<OSSL_STORE_load_fn>, B<OSSL_STORE_eof_fn>
+and B<OSSL_STORE_close_fn> have the same return values as OSSL_STORE_open(),
+OSSL_STORE_open_with_libctx(), OSSL_STORE_ctrl(), OSSL_STORE_expect(),
 OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.
 
 OSSL_STORE_LOADER_new() returns a pointer to a B<OSSL_STORE_LOADER> on success,
-or B<NULL> on failure.
+or NULL on failure.
 
-OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(),
-OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and
-OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.
+OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_open_with_libctx(),
+OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(),
+OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1
+on success, or 0 on failure.
 
 OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.
 
 OSSL_STORE_unregister_loader() returns the unregistered loader on success,
-or B<NULL> on failure.
+or NULL on failure.
 
 =head1 SEE ALSO
 
-L<ossl_store(7)>, L<OSSL_STORE_open(3)>
+L<ossl_store(7)>, L<OSSL_STORE_open(3)>, L<OPENSSL_CTX(3)>,
+L<provider-storemgmt(7)>
 
 =head1 HISTORY
 
-OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(),
+OSSL_STORE_LOADER_fetch(), OSSL_STORE_LOADER_up_ref(),
+OSSL_STORE_LOADER_free(), OSSL_STORE_LOADER_provider(),
+OSSL_STORE_LOADER_properties(), OSSL_STORE_LOADER_is_a(),
+OSSL_STORE_LOADER_number(), OSSL_STORE_LOADER_do_all_provided() and
+OSSL_STORE_LOADER_names_do_all() were added in OpenSSL 3.0.
+
+OSSL_STORE_open_with_libctx_fn() was added in OpenSSL 3.0.
+
+B<OSSL_STORE_LOADER>, B<OSSL_STORE_LOADER_CTX>, OSSL_STORE_LOADER_new(),
 OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(),
 OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(),
 OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(),
diff --git a/doc/man3/OSSL_STORE_open.pod b/doc/man3/OSSL_STORE_open.pod
index ef1a934194..0f7bf9c0d3 100644
--- a/doc/man3/OSSL_STORE_open.pod
+++ b/doc/man3/OSSL_STORE_open.pod
@@ -21,11 +21,12 @@ OSSL_STORE_error, OSSL_STORE_close
                                  void *ui_data,
                                  OSSL_STORE_post_process_info_fn post_process,
                                  void *post_process_data);
- OSSL_STORE_CTX *OSSL_STORE_open_with_libctx
-     (const char *uri, OPENSSL_CTX *libctx, const char *propq,
-      const UI_METHOD *ui_method, void *ui_data,
-      OSSL_STORE_post_process_info_fn post_process, void *post_process_data);
-
+ OSSL_STORE_CTX *
+ OSSL_STORE_open_with_libctx(const char *uri,
+                             OPENSSL_CTX *libctx, const char *propq,
+                             const UI_METHOD *ui_method, void *ui_data,
+                             OSSL_STORE_post_process_info_fn post_process,
+                             void *post_process_data);
  int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ... /* args */);
  OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx);
  int OSSL_STORE_eof(OSSL_STORE_CTX *ctx);
@@ -57,7 +58,7 @@ together.
 OSSL_STORE_open_with_libctx() takes a uri or path I<uri>, password UI method
 I<ui_method> with associated data I<ui_data>, and post processing
 callback I<post_process> with associated data I<post_process_data>,
-a library context I<libctx> with an associated property query <propq>,
+a library context I<libctx> with an associated property query I<propq>,
 and opens a channel to the data located at the URI and returns a
 B<OSSL_STORE_CTX> with all necessary internal information.
 The given I<ui_method> and I<ui_data> will be reused by all
@@ -71,7 +72,7 @@ the next object, until I<post_process> returns something other than
 NULL, or the end of data is reached as indicated by OSSL_STORE_eof().
 
 OSSL_STORE_open() is similar to OSSL_STORE_open_with_libctx() but uses NULL for
-the library context I<libctx> and property query <propq>.
+the library context I<libctx> and property query I<propq>.
 
 OSSL_STORE_ctrl() takes a B<OSSL_STORE_CTX>, and command number I<cmd> and
 more arguments not specified here.
@@ -87,7 +88,7 @@ There are also global controls available:
 
 Controls if the loader should attempt to use secure memory for any
 allocated B<OSSL_STORE_INFO> and its contents.
-This control expects one argument, a pointer to an B<int> that is expected to
+This control expects one argument, a pointer to an I<int> that is expected to
 have the value 1 (yes) or 0 (no).
 Any other value is an error.
 
@@ -161,13 +162,15 @@ L<passphrase-encoding(7)>
 
 OSSL_STORE_open_with_libctx() was added in OpenSSL 3.0.
 
-OSSL_STORE_CTX(), OSSL_STORE_post_process_info_fn(), OSSL_STORE_open(),
+B<OSSL_STORE_CTX>, OSSL_STORE_post_process_info_fn(), OSSL_STORE_open(),
 OSSL_STORE_ctrl(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close()
 were added in OpenSSL 1.1.1.
 
 Handling of NULL I<ctx> argument for OSSL_STORE_close()
 was introduced in OpenSSL 1.1.1h.
 
+OSSL_STORE_open_with_libctx() was added in OpenSSL 3.0.
+
 =head1 COPYRIGHT
 
 Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/doc/man7/provider-object.pod b/doc/man7/provider-object.pod
new file mode 100644
index 0000000000..63332b4f9b
--- /dev/null
+++ b/doc/man7/provider-object.pod
@@ -0,0 +1,189 @@
+=pod
+
+=head1 NAME
+
+provider-object - A specification for a provider-native object abstraction
+
+=head1 SYNOPSIS
+
+=for openssl multiple includes
+
+ #include <openssl/core_object.h>
+ #include <openssl/core_names.h>
+
+=head1 DESCRIPTION
+
+The provider-native object abstraction is a set of L<OSSL_PARAM(3)> keys and
+values that can be used to pass provider-native objects to OpenSSL library
+code or between different provider operation implementations with the help
+of OpenSSL library code.
+
+The intention is that certain provider-native operations can pass any sort
+of object that belong with other operations, or with OpenSSL library code.
+
+An object may be passed in the following manners:
+
+=over 4
+
+=item 1.
+
+I<By value>
+
+This means that the I<object data> is passed as an octet string or an UTF8
+string, which can be handled in diverse ways by other provided implementations.
+The encoding of the object depends on the context it's used in; for example,
+L<OSSL_DECODER(3)> allows multiple encodings, depending on existing decoders.
+If central OpenSSL library functionality is to handle the data directly, it
+B<must> be encoded in DER for all object types except for B<OSSL_OBJECT_NAME>
+(see L</Parameter reference> below), where it's assumed to a plain UTF8 string.
+
+=for comment A future extension might be to be able to specify encoding as a
+separate parameter.
+
+=item 2.
+
+I<By reference>
+
+This means that the I<object data> isn't passed directly, an I<object
+reference> is passed instead.  It's an octet string that only the correct
+provider understands correctly.
+
+=back
+
+Objects I<by value> can be used by anything that handles DER encoded
+objects.
+
+Objects I<by reference> need a higher level of cooperation from the
+implementation where the object originated (let's call it X) and its target
+implementation (let's call it Y):
+
+=over 4
+
+=item 1.
+
+I<An object loading function in the target implementation>
+
+The target implementation (Y) may have a function that can take an I<object
+reference>.  This can only be used if the target implementation is from the
+same provider as the one originating the object abstraction in question (X).
+
+The exact target implementation to use is determined from the I<object type>
+and possibly the I<object data type>.
+For example, when the OpenSSL library receives an object abstraction with the
+I<object type> B<OSSL_OBJECT_PKEY>, it will fetch a L<provider-keymgmt(7)>
+using the I<object data type> as its key type (the second argument in
+L<EVP_KEYMGMT_fetch(3)>).
+
+=item 2.
+
+I<An object exporter in the originating implementation>
+
+The originating implementation (X) may have an exporter function.  This
+exporter function can be used to export the object in L<OSSL_PARAM(3)> form,
+that can then be imported by the target implementation's imported function.
+
+This can be used when it's not possible to fetch the target implementation
+(Y) from the same provider.
+
+=back
+
+=head2 Parameter reference
+
+A provider-native object abstraction is an L<OSSL_PARAM(3)> with a selection
+of the following parameters:
+
+=over 4
+
+=item "data" (B<OSSL_OBJECT_PARAM_DATA>) <octet string> or <utf8 string>
+
+The object data I<passed by value>.
+
+=item "reference" (B<OSSL_OBJECT_PARAM_REFERENCE>) <octet string>
+
+The object data I<passed by reference>.
+
+=item "type" (B<OSSL_OBJECT_PARAM_TYPE>) <integer>
+
+The I<object type>, a number that may have any of the following values (all
+defined in F<< <openssl/core_object.h> >>):
+
+=over 4
+
+=item B<OSSL_OBJECT_NAME>
+
+The object data may only be I<passed by value>, and should be a UTF8
+string.
+
+This is useful for L<provider-storemgmt(7)> when a URI load results in new
+URIs.
+
+=item B<OSSL_OBJECT_PKEY>
+
+The object data is suitable as provider-native B<EVP_PKEY> key data.  The
+object data may be I<passed by value> or I<passed by reference>.
+
+=item B<OSSL_OBJECT_CERT>
+
+The object data is suitable as B<X509> data.  The object data for this
+object type can only be I<passed by value>, and should be an octet string.
+
+Since there's no provider-native X.509 object, OpenSSL libraries that
+receive this object abstraction are expected to convert the data to a
+B<X509> object with d2i_X509().
+
+=item B<OSSL_OBJECT_CRL>
+
+The object data is suitable as B<X509_CRL> data.  The object data can
+only be I<passed by value>, and should be an octet string.
+
+Since there's no provider-native X.509 CRL object, OpenSSL libraries that
+receive this object abstraction are expected to convert the data to a
+B<X509_CRL> object with d2i_X509_CRL().
+
+=back
+
+=item "data-type" (B<OSSL_OBJECT_PARAM_DATA_TYPE>) <utf8 string>
+
+The specific type of the object content.  Legitimate values depend on the
+object type; if it is B<OSSL_OBJECT_PKEY>, the data type is expected to be a
+key type suitable for fetching a L<provider-keymgmt(7)> that can handle the
+data.
+
+=for comment For objects with an unknown object type (OSSL_OBJECT_PARAM_TYPE
+is either missing or has the value OSSL_OBJECT_UNKNOWN), libcrypto
+interprets the object data type as the input type for a decoder.
+
+=item "desc" (B<OSSL_OBJECT_PARAM_DESC>) <utf8 string>
+
+A human readable text that describes extra details on the object.
+
+=back
+
+When a provider-native object abtraction is used, it I<must> contain object
+data in at least one form (object data I<passed by value>, i.e. the "data"
+item, or object data I<passed by reference>, i.e. the "reference" item).
+Both may be present at once, in which case the OpenSSL library code that
+receives this will use the most optimal variant.
+
+For objects with the object type B<OSSL_OBJECT_NAME>, that object type
+I<must> be given.
+
+=head1 SEE ALSO
+
+L<provider(7)>, L<OSSL_DECODER(3)>
+
+=head1 HISTORY
+
+The concept of providers and everything surrounding them was
+introduced in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/provider-storemgmt.pod b/doc/man7/provider-storemgmt.pod
new file mode 100644
index 0000000000..2e5bddc5ec
--- /dev/null
+++ b/doc/man7/provider-storemgmt.pod
@@ -0,0 +1,178 @@
+=pod
+
+=head1 NAME
+
+provider-storemgmt - The OSSL_STORE library E<lt>-E<gt> provider functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/core_dispatch.h>
+
+ /*
+  * None of these are actual functions, but are displayed like this for
+  * the function signatures for functions that are offered as function
+  * pointers in OSSL_DISPATCH arrays.
+  */
+
+ void *OSSL_FUNC_store_open(void *provctx, const char *uri);
+ void *OSSL_FUNC_store_attach(void *provctx, OSSL_CORE_BIO *bio);
+ const OSSL_PARAM *store_settable_ctx_params(void *provctx);
+ int OSSL_FUNC_store_set_ctx_params(void *loaderctx, const OSSL_PARAM[]);
+ int OSSL_FUNC_store_load(void *loaderctx,
+                          OSSL_CALLBACK *object_cb, void *object_cbarg,
+                          OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg);
+ int OSSL_FUNC_store_eof(void *loaderctx);
+ int OSSL_FUNC_store_close(void *loaderctx);
+
+ int OSSL_FUNC_store_export_object
+     (void *loaderctx, const void *objref, size_t objref_sz,
+      OSSL_CALLBACK *export_cb, void *export_cbarg);
+
+=head1 DESCRIPTION
+
+The STORE operation is the provider side of the L<ossl_store(7)> API.
+
+The primary responsibility of the STORE operation is to load all sorts
+of objects from a container indicated by URI.  These objects are given
+to the OpenSSL library in provider-native object abstraction form (see
+L<provider-object(7)>).  The OpenSSL library is then responsible for
+passing on that abstraction to suitable provided functions.
+
+Examples of functions that the OpenSSL library can pass the abstraction to
+include OSSL_FUNC_keymgmt_load() (L<provider-keymgmt(7)>),
+OSSL_FUNC_store_export_object() (which exports the object in parameterized
+form).
+
+All "functions" mentioned here are passed as function pointers between
+F<libcrypto> and the provider in B<OSSL_DISPATCH> arrays via
+B<OSSL_ALGORITHM> arrays that are returned by the provider's
+provider_query_operation() function
+(see L<provider-base(7)/Provider Functions>).
+
+All these "functions" have a corresponding function type definition named
+B<OSSL_{name}_fn>, and a helper function to retrieve the function pointer
+from a B<OSSL_DISPATCH> element named B<OSSL_get_{name}>.
+For example, the "function" OSSL_FUNC_store_load() has these:
+
+ typedef void *(OSSL_OSSL_FUNC_store_load_fn)(void *provctx,
+                                              const OSSL_PARAM params[]);
+ static ossl_inline OSSL_OSSL_FUNC_store_load_fn
+     OSSL_OSSL_FUNC_store_load(const OSSL_DISPATCH *opf);
+
+B<OSSL_DISPATCH> arrays are indexed by numbers that are provided as macros
+in L<openssl-core_dispatch.h(7)>, as follows:
+
+ OSSL_FUNC_store_open                 OSSL_FUNC_STORE_OPEN
+ OSSL_FUNC_store_attach               OSSL_FUNC_STORE_ATTACH
+ OSSL_FUNC_store_settable_ctx_params  OSSL_FUNC_STORE_SETTABLE_CTX_PARAMS
+ OSSL_FUNC_store_set_ctx_params       OSSL_FUNC_STORE_SET_CTX_PARAMS
+ OSSL_FUNC_store_load                 OSSL_FUNC_STORE_LOAD
+ OSSL_FUNC_store_eof                  OSSL_FUNC_STORE_EOF
+ OSSL_FUNC_store_close                OSSL_FUNC_STORE_CLOSE
+ OSSL_FUNC_store_export_object        OSSL_FUNC_STORE_EXPORT_OBJECT
+
+=head2 Functions
+
+OSSL_FUNC_store_open() should create a provider side context with data based
+on the input I<uri>.  The implementation is entirely responsible for the
+interpretation of the URI.
+
+OSSL_FUNC_store_attach() should create a provider side context with the core
+B<BIO> I<bio> attached.  This is an alternative to using a URI to find storage,
+supporting L<OSSL_STORE_attach(3)>.
+
+OSSL_FUNC_store_settable_ctx_params() should return a constant array of
+descriptor B<OSSL_PARAM>, for parameters that OSSL_FUNC_store_set_ctx_params()
+can handle.
+
+OSSL_FUNC_store_set_ctx_params() should set additional parameters, such as what
+kind of data to expect, search criteria, and so on.  More on those below, in
+L</Load Parameters>.  Whether unrecognised parameters are an error or simply
+ignored is at the implementation's discretion.
+
+OSSL_FUNC_store_load() loads the next object from the URI opened by
+OSSL_FUNC_store_open(), creates an object abstraction for it (see
+L<provider-object(7)>), and calls I<object_cb> with it as well as
+I<object_cbarg>.  I<object_cb> will then interpret the object abstraction
+and do what it can to wrap it or decode it into an OpenSSL structure.  In
+case a passphrase needs to be prompted to unlock an object, I<pw_cb> should
+be called.
+
+OSSL_FUNC_store_eof() indicates if the end of the set of objects from the
+URI has been reached.  When that happens, there's no point trying to do any
+further loading.
+
+OSSL_FUNC_store_close() frees the provider side context I<ctx>.
+
+=head2 Load Parameters
+
+=over 4
+
+=item "expect" (B<OSSL_STORE_PARAM_EXPECT>) <integer>
+
+Is a hint of what type of data the OpenSSL library expects to get.
+This is only useful for optimization, as the library will check that the
+object types match the expectation too.
+
+The number that can be given through this parameter is found in
+F<< <openssl/store.h> >>, with the macros having names starting with
+C<OSSL_STORE_INFO_>.  These are further described in
+L<OSSL_STORE_INFO(3)/SUPPORTED OBJECTS>.
+
+=item "subject" (B<OSSL_STORE_PARAM_SUBJECT>) <octet string>
+
+Indicates that the caller wants to search for an object with the given
+subject associated.  This can be used to select specific certificates
+by subject.
+
+The contents of the octet string is expected to be in DER form.
+
+=item "issuer" (B<OSSL_STORE_PARAM_ISSUER>) <octet string>
+
+Indicates that the caller wants to search for an object with the given
+issuer associated.  This can be used to select specific certificates
+by issuer.
+
+The contents of the octet string is expected to be in DER form.
+
+=item "serial" (B<OSSL_STORE_PARAM_SERIAL>) <integer>
+
+Indicates that the caller wants to search for an object with the given
+serial number associated.
+
+=item "digest" (B<OSSL_STORE_PARAM_DIGEST>) <utf8 string>
+
+=item "fingerprint" (B<OSSL_STORE_PARAM_FINGERPRINT>) <octet string>
+
+Indicates that the caller wants to search for an object with the given
+fingerprint, computed with the given digest.
+
+=item "alias" (B<OSSL_STORE_PARAM_ALIAS>) <utf8 string>
+
+Indicates that the caller wants to search for an object with the given
+alias (some call it a "friendly name").
+
+=back
+
+Several of these search criteria may be combined.  For example, to
+search for a certificate by issuer+serial, both the "issuer" and the
+"serial" parameters will be given.
+
+=head1 SEE ALSO
+
+L<provider(7)>
+
+=head1 HISTORY
+
+The STORE interface was introduced in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/include/crypto/x509.h b/include/crypto/x509.h
index a3c05f15b8..bd8f9ba52d 100644
--- a/include/crypto/x509.h
+++ b/include/crypto/x509.h
@@ -114,6 +114,9 @@ struct X509_crl_st {
     const X509_CRL_METHOD *meth;
     void *meth_data;
     CRYPTO_RWLOCK *lock;
+
+    OPENSSL_CTX *libctx;
+    const char *propq;
 };
 
 struct x509_revoked_st {
@@ -302,6 +305,7 @@ int x509_set1_time(ASN1_TIME **ptm, const ASN1_TIME *tm);
 int x509_print_ex_brief(BIO *bio, X509 *cert, unsigned long neg_cflags);
 int x509v3_cache_extensions(X509 *x);
 int x509_set0_libctx(X509 *x, OPENSSL_CTX *libctx, const char *propq);
+int x509_crl_set0_libctx(X509_CRL *x, OPENSSL_CTX *libctx, const char *propq);
 void x509_init_sig_info(X509 *x);
 int asn1_item_digest_with_libctx(const ASN1_ITEM *it, const EVP_MD *type,
                                  void *data, unsigned char *md,
diff --git a/include/internal/cryptlib.h b/include/internal/cryptlib.h
index 3075bd70c0..1df0c5df34 100644
--- a/include/internal/cryptlib.h
+++ b/include/internal/cryptlib.h
@@ -160,7 +160,8 @@ typedef struct ossl_ex_data_global_st {
 # define OPENSSL_CTX_SELF_TEST_CB_INDEX            12
 # define OPENSSL_CTX_BIO_PROV_INDEX                13
 # define OPENSSL_CTX_GLOBAL_PROPERTIES             14
-# define OPENSSL_CTX_MAX_INDEXES                   15
+# define OPENSSL_CTX_STORE_LOADER_STORE_INDEX      15
+# define OPENSSL_CTX_MAX_INDEXES                   16
 
 typedef struct openssl_ctx_method {
     void *(*new_func)(OPENSSL_CTX *ctx);
diff --git a/include/internal/passphrase.h b/include/internal/passphrase.h
new file mode 100644
index 0000000000..9077907d52
--- /dev/null
+++ b/include/internal/passphrase.h
@@ -0,0 +1,120 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OSSL_INTERNAL_PASSPHRASE_H
+# define OSSL_INTERNAL_PASSPHRASE_H
+
+/*
+ * This is a passphrase reader bridge with bells and whistles.
+ *
+ * On one hand, an API may wish to offer all sorts of passphrase callback
+ * possibilities to users, or may have to do so for historical reasons.
+ * On the other hand, that same API may have demands from other interfaces,
+ * notably from the libcrypto <-> provider interface, which uses
+ * OSSL_PASSPHRASE_CALLBACK consistently.
+ *
+ * The structure and functions below are the fundaments for bridging one
+ * passphrase callback form to another.
+ *
+ * In addition, extra features are included (this may be a growing list):
+ *
+ * -   password caching.  This is to be used by APIs where it's likely
+ *     that the same passphrase may be asked for more than once, but the
+ *     user shouldn't get prompted more than once.  For example, this is
+ *     useful for OSSL_DECODER, which may have to use a passphrase while
+ *     trying to find out what input it has.
+ */
+
+/*
+ * Structure to hold whatever the calling user may specify.  This structure
+ * is intended to be integrated into API specific structures or to be used
+ * as a local on-stack variable type.  Therefore, no functions to allocate
+ * or freed it on the heap is offered.
+ */
+struct ossl_passphrase_data_st {
+    enum {
+        is_expl_passphrase = 1, /* Explicit passphrase given by user */
+        is_pem_password,        /* pem_password_cb given by user */
+        is_ossl_passphrase,     /* OSSL_PASSPHRASE_CALLBACK given by user */
+        is_ui_method            /* UI_METHOD given by user */
+    } type;
+    union {
+        struct {
+            char *passphrase_copy;
+            size_t passphrase_len;
+        } expl_passphrase;
+
+        struct {
+            pem_password_cb *password_cb;
+            void *password_cbarg;
+        } pem_password;
+
+        struct {
+            OSSL_PASSPHRASE_CALLBACK *passphrase_cb;
+            void *passphrase_cbarg;
+        } ossl_passphrase;
+
+        struct {
+            const UI_METHOD *ui_method;
+            void *ui_method_data;
+        } ui_method;
+    } _;
+
+    /*-
+     * Flags section
+     */
+
+    /* Set to indicate that caching should be done */
+    unsigned int flag_cache_passphrase:1;
+
+    /*-
+     * Misc section: caches and other
+     */
+
+    char *cached_passphrase;
+    size_t cached_passphrase_len;
+};
+
+/* Structure manipulation */
+
+void ossl_pw_clear_passphrase_data(struct ossl_passphrase_data_st *data);
+void ossl_pw_clear_passphrase_cache(struct ossl_passphrase_data_st *data);
+
+int ossl_pw_set_passphrase(struct ossl_passphrase_data_st *data,
+                           const unsigned char *passphrase,
+                           size_t passphrase_len);
+int ossl_pw_set_pem_password_cb(struct ossl_passphrase_data_st *data,
+                                pem_password_cb *cb, void *cbarg);
+int ossl_pw_set_ossl_passphrase_cb(struct ossl_passphrase_data_st *data,
+                                   OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg);
+int ossl_pw_set_ui_method(struct ossl_passphrase_data_st *data,
+                          const UI_METHOD *ui_method, void *ui_data);
+
+int ossl_pw_enable_passphrase_caching(struct ossl_passphrase_data_st *data);
+int ossl_pw_disable_passphrase_caching(struct ossl_passphrase_data_st *data);
+
+/* Central function for direct calls */
+
+int ossl_pw_get_passphrase(char *pass, size_t pass_size, size_t *pass_len,
+                           const OSSL_PARAM params[], int verify,
+                           struct ossl_passphrase_data_st *data);
+
+/* Callback functions */
+
+/*
+ * All of these callback expect that the callback argument is a
+ * struct ossl_passphrase_data_st
+ */
+
+pem_password_cb ossl_pw_pem_password;
+/* One callback for encoding (verification prompt) and one for decoding */
+OSSL_PASSPHRASE_CALLBACK ossl_pw_passphrase_callback_enc;
+OSSL_PASSPHRASE_CALLBACK ossl_pw_passphrase_callback_dec;
+
+#endif
diff --git a/include/openssl/core_dispatch.h b/include/openssl/core_dispatch.h
index ee589eae6b..b21fe559f7 100644
--- a/include/openssl/core_dispatch.h
+++ b/include/openssl/core_dispatch.h
@@ -191,10 +191,11 @@ OSSL_CORE_MAKE_FUNC(int, provider_self_test, (void *provctx))
 # define OSSL_OP_SIGNATURE                          12
 # define OSSL_OP_ASYM_CIPHER                        13
 /* New section for non-EVP operations */
-# define OSSL_OP_ENCODER                         20
-# define OSSL_OP_DECODER                       21
+# define OSSL_OP_ENCODER                            20
+# define OSSL_OP_DECODER                            21
+# define OSSL_OP_STORE                              22
 /* Highest known operation number */
-# define OSSL_OP__HIGHEST                           21
+# define OSSL_OP__HIGHEST                           22
 
 /* Digests */
 
@@ -760,6 +761,42 @@ OSSL_CORE_MAKE_FUNC(int, decoder_export_object,
                     (void *ctx, const void *objref, size_t objref_sz,
                      OSSL_CALLBACK *export_cb, void *export_cbarg))
 
+/*-
+ * Store
+ *
+ * Objects are scanned by using the 'open', 'load', 'eof' and 'close'
+ * functions, which implement an OSSL_STORE loader.
+ *
+ * store_load() works in a way that's very similar to the decoders, in
+ * that they pass an abstract object through a callback, either as a DER
+ * octet string or as an object reference, which libcrypto will have to
+ * deal with.
+ */
+
+#define OSSL_FUNC_STORE_OPEN                        1
+#define OSSL_FUNC_STORE_ATTACH                      2
+#define OSSL_FUNC_STORE_SETTABLE_CTX_PARAMS         3
+#define OSSL_FUNC_STORE_SET_CTX_PARAMS              4
+#define OSSL_FUNC_STORE_LOAD                        5
+#define OSSL_FUNC_STORE_EOF                         6
+#define OSSL_FUNC_STORE_CLOSE                       7
+#define OSSL_FUNC_STORE_EXPORT_OBJECT               8
+OSSL_CORE_MAKE_FUNC(void *, store_open, (void *provctx, const char *uri))
+OSSL_CORE_MAKE_FUNC(void *, store_attach, (void *provctx, OSSL_CORE_BIO *in))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, store_settable_ctx_params,
+                    (void *provctx))
+OSSL_CORE_MAKE_FUNC(int, store_set_ctx_params,
+                    (void *loaderctx, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(int, store_load,
+                    (void *loaderctx,
+                     OSSL_CALLBACK *object_cb, void *object_cbarg,
+                     OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg))
+OSSL_CORE_MAKE_FUNC(int, store_eof, (void *loaderctx))
+OSSL_CORE_MAKE_FUNC(int, store_close, (void *loaderctx))
+OSSL_CORE_MAKE_FUNC(int, store_export_object,
+                    (void *loaderctx, const void *objref, size_t objref_sz,
+                     OSSL_CALLBACK *export_cb, void *export_cbarg))
+
 # ifdef __cplusplus
 }
 # endif
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
index bf6dd2e96f..4ca794fd50 100644
--- a/include/openssl/core_names.h
+++ b/include/openssl/core_names.h
@@ -30,6 +30,23 @@ extern "C" {
 #define OSSL_PROV_PARAM_SELF_TEST_TYPE   "st-type"  /* utf8_string */
 #define OSSL_PROV_PARAM_SELF_TEST_DESC   "st-desc"  /* utf8_string */
 
+/*-
+ * Provider-native object abstractions
+ *
+ * These are used when a provider wants to pass object data or an object
+ * reference back to libcrypto.  This is only useful for provider functions
+ * that take a callback to which an OSSL_PARAM array with these parameters
+ * can be passed.
+ *
+ * This set of parameter names is explained in detail in provider-object(7)
+ * (doc/man7/provider-object.pod)
+ */
+#define OSSL_OBJECT_PARAM_TYPE       "type"      /* INTEGER */
+#define OSSL_OBJECT_PARAM_DATA_TYPE  "data-type" /* UTF8_STRING */
+#define OSSL_OBJECT_PARAM_REFERENCE  "reference" /* OCTET_STRING */
+#define OSSL_OBJECT_PARAM_DATA       "data" /* OCTET_STRING or UTF8_STRING */
+#define OSSL_OBJECT_PARAM_DESC       "desc"      /* UTF8_STRING */
+
 /*
  * Algorithm parameters
  * If "engine" or "properties" are specified, they should always be paired
@@ -433,9 +450,6 @@ extern "C" {
 #define OSSL_DECODER_PARAM_PROPERTIES   OSSL_ALG_PARAM_PROPERTIES
 #define OSSL_DECODER_PARAM_PASS         "passphrase"
 #define OSSL_DECODER_PARAM_INPUT_TYPE   "input-type"
-#define OSSL_DECODER_PARAM_DATA_TYPE    "data-type"
-#define OSSL_DECODER_PARAM_DATA         "data"
-#define OSSL_DECODER_PARAM_REFERENCE    "reference"
 
 /* Passphrase callback parameters */
 #define OSSL_PASSPHRASE_PARAM_INFO      "info"
@@ -470,6 +484,34 @@ extern "C" {
 #define OSSL_CAPABILITY_TLS_GROUP_MIN_DTLS          "tls-min-dtls"
 #define OSSL_CAPABILITY_TLS_GROUP_MAX_DTLS          "tls-max-dtls"
 
+/*-
+ * storemgmt parameters
+ */
+
+/*
+ * Used by storemgmt_ctx_set_params():
+ *
+ * - OSSL_STORE_PARAM_EXPECT is an INTEGER, and the value is any of the
+ *   OSSL_STORE_INFO numbers.  This is used to set the expected type of
+ *   object loaded.
+ *
+ * - OSSL_STORE_PARAM_SUBJECT, OSSL_STORE_PARAM_ISSUER,
+ *   OSSL_STORE_PARAM_SERIAL, OSSL_STORE_PARAM_FINGERPRINT,
+ *   OSSL_STORE_PARAM_DIGEST, OSSL_STORE_PARAM_ALIAS
+ *   are used as search criteria.
+ *   (OSSL_STORE_PARAM_DIGEST is used with OSSL_STORE_PARAM_FINGERPRINT)
+ */
+#define OSSL_STORE_PARAM_EXPECT     "expect"       /* INTEGER */
+#define OSSL_STORE_PARAM_SUBJECT    "subject" /* DER blob => OCTET_STRING */
+#define OSSL_STORE_PARAM_ISSUER     "name" /* DER blob => OCTET_STRING */
+#define OSSL_STORE_PARAM_SERIAL     "serial"       /* INTEGER */
+#define OSSL_STORE_PARAM_DIGEST     "digest"       /* UTF8_STRING */
+#define OSSL_STORE_PARAM_FINGERPRINT "fingerprint" /* OCTET_STRING */
+#define OSSL_STORE_PARAM_ALIAS      "alias"        /* UTF8_STRING */
+
+/* You may want to pass properties for the provider implementation to use */
+#define OSSL_STORE_PARAM_PROPERTIES "properties"   /* utf8_string */
+
 # ifdef __cplusplus
 }
 # endif
diff --git a/include/openssl/core_object.h b/include/openssl/core_object.h
new file mode 100644
index 0000000000..395279d7bc
--- /dev/null
+++ b/include/openssl/core_object.h
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CORE_OBJECT_H
+# define OPENSSL_CORE_OBJECT_H
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+/*-
+ * Known object types
+ *
+ * These numbers are used as values for the OSSL_PARAM parameter
+ * OSSL_OBJECT_PARAM_TYPE.
+ *
+ * For most of these types, there's a corresponding libcrypto object type.
+ * The corresponding type is indicated with a comment after the number.
+ */
+# define OSSL_OBJECT_UNKNOWN            0
+# define OSSL_OBJECT_NAME               1 /* char * */
+# define OSSL_OBJECT_PKEY               2 /* EVP_PKEY * */
+# define OSSL_OBJECT_CERT               3 /* X509 * */
+# define OSSL_OBJECT_CRL                4 /* X509_CRL * */
+
+/*
+ * The rest of the associated OSSL_PARAM elements is described in core_names.h
+ */
+
+# ifdef __cplusplus
+}
+# endif
+
+#endif
diff --git a/include/openssl/decoder.h b/include/openssl/decoder.h
index cb5a404b89..91dfca4a09 100644
--- a/include/openssl/decoder.h
+++ b/include/openssl/decoder.h
@@ -58,6 +58,9 @@ int OSSL_DECODER_CTX_set_passphrase(OSSL_DECODER_CTX *ctx,
 int OSSL_DECODER_CTX_set_pem_password_cb(OSSL_DECODER_CTX *ctx,
                                          pem_password_cb *cb,
                                          void *cbarg);
+int OSSL_DECODER_CTX_set_passphrase_cb(OSSL_DECODER_CTX *ctx,
+                                       OSSL_PASSPHRASE_CALLBACK *cb,
+                                       void *cbarg);
 int OSSL_DECODER_CTX_set_passphrase_ui(OSSL_DECODER_CTX *ctx,
                                        const UI_METHOD *ui_method,
                                        void *ui_data);
diff --git a/include/openssl/err.h b/include/openssl/err.h
index 4dd69c6a3f..497436d2c5 100644
--- a/include/openssl/err.h
+++ b/include/openssl/err.h
@@ -295,6 +295,7 @@ static ossl_inline int ERR_FATAL_ERROR(unsigned long errcode)
 # define ERR_R_DSA_LIB   ERR_LIB_DSA/* 10 */
 # define ERR_R_X509_LIB  ERR_LIB_X509/* 11 */
 # define ERR_R_ASN1_LIB  ERR_LIB_ASN1/* 13 */
+# define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO/* 15 */
 # define ERR_R_EC_LIB    ERR_LIB_EC/* 16 */
 # define ERR_R_BIO_LIB   ERR_LIB_BIO/* 32 */
 # define ERR_R_PKCS7_LIB ERR_LIB_PKCS7/* 33 */
diff --git a/include/openssl/params.h b/include/openssl/params.h
index 44fc1a6a38..6ed7ecbb24 100644
--- a/include/openssl/params.h
+++ b/include/openssl/params.h
@@ -142,6 +142,10 @@ int OSSL_PARAM_get_octet_ptr(const OSSL_PARAM *p, const void **val,
 int OSSL_PARAM_set_octet_ptr(OSSL_PARAM *p, const void *val,
                              size_t used_len);
 
+int OSSL_PARAM_get_utf8_string_ptr(const OSSL_PARAM *p, const char **val);
+int OSSL_PARAM_get_octet_string_ptr(const OSSL_PARAM *p, const void **val,
+                                    size_t *used_len);
+
 int OSSL_PARAM_modified(const OSSL_PARAM *p);
 void OSSL_PARAM_set_all_unmodified(OSSL_PARAM *p);
 
diff --git a/include/openssl/store.h b/include/openssl/store.h
index b75c79868c..9a2b423371 100644
--- a/include/openssl/store.h
+++ b/include/openssl/store.h
@@ -52,15 +52,16 @@ typedef OSSL_STORE_INFO *(*OSSL_STORE_post_process_info_fn)(OSSL_STORE_INFO *,
  * Returns a context reference which represents the channel to communicate
  * through.
  */
-OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method,
-                                void *ui_data,
-                                OSSL_STORE_post_process_info_fn post_process,
-                                void *post_process_data);
-
-OSSL_STORE_CTX *OSSL_STORE_open_with_libctx
-    (const char *uri, OPENSSL_CTX *libctx, const char *propq,
-     const UI_METHOD *ui_method, void *ui_data,
-     OSSL_STORE_post_process_info_fn post_process, void *post_process_data);
+OSSL_STORE_CTX *
+OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method, void *ui_data,
+                OSSL_STORE_post_process_info_fn post_process,
+                void *post_process_data);
+OSSL_STORE_CTX *
+OSSL_STORE_open_with_libctx(const char *uri,
+                            OPENSSL_CTX *libctx, const char *propq,
+                            const UI_METHOD *ui_method, void *ui_data,
+                            OSSL_STORE_post_process_info_fn post_process,
+                            void *post_process_data);
 
 /*
  * Control / fine tune the OSSL_STORE channel.  |cmd| determines what is to be
@@ -234,6 +235,32 @@ int OSSL_STORE_expect(OSSL_STORE_CTX *ctx, int expected_type);
 int OSSL_STORE_find(OSSL_STORE_CTX *ctx, const OSSL_STORE_SEARCH *search);
 
 
+/*-
+ *  Function to fetch a loader and extract data from it
+ *  ---------------------------------------------------
+ */
+
+typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+OSSL_STORE_LOADER *OSSL_STORE_LOADER_fetch(const char *scheme,
+                                           OPENSSL_CTX *libctx,
+                                           const char *properties);
+int OSSL_STORE_LOADER_up_ref(OSSL_STORE_LOADER *loader);
+void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *loader);
+const OSSL_PROVIDER *OSSL_STORE_LOADER_provider(const OSSL_STORE_LOADER *
+                                                loader);
+const char *OSSL_STORE_LOADER_properties(const OSSL_STORE_LOADER *loader);
+int OSSL_STORE_LOADER_number(const OSSL_STORE_LOADER *loader);
+int OSSL_STORE_LOADER_is_a(const OSSL_STORE_LOADER *loader,
+                           const char *scheme);
+void OSSL_STORE_LOADER_do_all_provided(OPENSSL_CTX *libctx,
+                                       void (*fn)(OSSL_STORE_LOADER *loader,
+                                                  void *arg),
+                                       void *arg);
+void OSSL_STORE_LOADER_names_do_all(const OSSL_STORE_LOADER *loader,
+                                    void (*fn)(const char *name, void *data),
+                                    void *data);
+
 /*-
  *  Function to register a loader for the given URI scheme.
  *  -------------------------------------------------------
@@ -242,10 +269,6 @@ int OSSL_STORE_find(OSSL_STORE_CTX *ctx, const OSSL_STORE_SEARCH *search);
  *  scheme.
  */
 
-typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
-OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
-const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER *loader);
-const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER *loader);
 /* struct ossl_store_loader_ctx_st is defined differently by each loader */
 typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
 typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)
@@ -256,41 +279,47 @@ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_with_libctx_fn)
      const char *uri, OPENSSL_CTX *libctx, const char *propq,
      const UI_METHOD *ui_method, void *ui_data);
 
-int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *loader,
-                               OSSL_STORE_open_fn open_function);
 typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_attach_fn)
     (const OSSL_STORE_LOADER *loader, BIO *bio,
      OPENSSL_CTX *libctx, const char *propq,
      const UI_METHOD *ui_method, void *ui_data);
+typedef int (*OSSL_STORE_ctrl_fn)
+    (OSSL_STORE_LOADER_CTX *ctx, int cmd, va_list args);
+typedef int (*OSSL_STORE_expect_fn)
+    (OSSL_STORE_LOADER_CTX *ctx, int expected);
+typedef int (*OSSL_STORE_find_fn)
+    (OSSL_STORE_LOADER_CTX *ctx, const OSSL_STORE_SEARCH *criteria);
+typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)
+    (OSSL_STORE_LOADER_CTX *ctx, const UI_METHOD *ui_method, void *ui_data);
+typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+
+OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *loader,
+                               OSSL_STORE_open_fn open_function);
+int OSSL_STORE_LOADER_set_open_with_libctx
+    (OSSL_STORE_LOADER *loader,
+     OSSL_STORE_open_with_libctx_fn open_with_libctx_function);
 int OSSL_STORE_LOADER_set_attach(OSSL_STORE_LOADER *loader,
                                  OSSL_STORE_attach_fn attach_function);
-typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
-                                  va_list args);
 int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *loader,
                                OSSL_STORE_ctrl_fn ctrl_function);
-typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
 int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
                                  OSSL_STORE_expect_fn expect_function);
-typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
-                                  const OSSL_STORE_SEARCH *criteria);
 int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
                                OSSL_STORE_find_fn find_function);
-typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
-                                               const UI_METHOD *ui_method,
-                                               void *ui_data);
 int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *loader,
                                OSSL_STORE_load_fn load_function);
-
-typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
 int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *loader,
                               OSSL_STORE_eof_fn eof_function);
-typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
 int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *loader,
                                 OSSL_STORE_error_fn error_function);
-typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
 int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *loader,
                                 OSSL_STORE_close_fn close_function);
-void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *loader);
+
+const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER *loader);
+const char * OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER *loader);
 
 int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
 OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);
diff --git a/providers/implementations/encode_decode/decode_common.c b/providers/implementations/encode_decode/decode_common.c
index 1b5eea4c8d..2277c150c1 100644
--- a/providers/implementations/encode_decode/decode_common.c
+++ b/providers/implementations/encode_decode/decode_common.c
@@ -16,6 +16,7 @@
 #include "internal/pem.h"        /* For internal PVK and "blob" functions */
 #include "internal/cryptlib.h"
 #include "crypto/asn1.h"
+#include "internal/passphrase.h"
 #include "prov/bio.h"               /* ossl_prov_bio_printf() */
 #include "prov/providercommonerr.h" /* PROV_R_READ_KEY */
 #include "encoder_local.h"
@@ -58,44 +59,22 @@ EVP_PKEY *ossl_prov_read_msblob(PROV_CTX *provctx, OSSL_CORE_BIO *cin,
     return pkey;
 }
 
-struct pwdata_st {
-    OSSL_PASSPHRASE_CALLBACK *pw_cb;
-    void *pw_cbarg;
-};
-
-pem_password_cb pw_pem_password_to_ossl_passhrase;
-int pw_pem_password_to_ossl_passhrase(char *buf, int size, int rwflag,
-                                      void *userdata)
-{
-    struct pwdata_st *data = userdata;
-    size_t pw_len = 0;
-    static char prompt_info[] = "pass phrase";
-    OSSL_PARAM params[] = {
-        OSSL_PARAM_utf8_string(OSSL_PASSPHRASE_PARAM_INFO, prompt_info,
-                               sizeof(prompt_info) - 1),
-        OSSL_PARAM_END
-    };
-    int ok = data->pw_cb(buf, (size_t)size, &pw_len, params, data->pw_cbarg);
-
-    if (ok)
-        return (int)pw_len;
-    else
-        return -1;
-}
-
 # ifndef OPENSSL_NO_RC4
 EVP_PKEY *ossl_prov_read_pvk(PROV_CTX *provctx, OSSL_CORE_BIO *cin,
                              OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
 {
-    BIO *in = bio_new_from_core_bio(provctx, cin);
+    BIO *in = NULL;
     EVP_PKEY *pkey = NULL;
-    struct pwdata_st pwdata;
+    struct ossl_passphrase_data_st pwdata;
 
-    pwdata.pw_cb = pw_cb;
-    pwdata.pw_cbarg = pw_cbarg;
-    pkey = b2i_PVK_bio(in, pw_pem_password_to_ossl_passhrase, &pwdata);
+    memset(&pwdata, 0, sizeof(pwdata));
+    if (!ossl_pw_set_ossl_passphrase_cb(&pwdata, pw_cb, pw_cbarg))
+        return NULL;
 
+    in = bio_new_from_core_bio(provctx, cin);
+    pkey = b2i_PVK_bio(in, ossl_pw_pem_password, &pwdata);
     BIO_free(in);
+
     return pkey;
 }
 # endif
diff --git a/providers/implementations/encode_decode/decode_der2key.c b/providers/implementations/encode_decode/decode_der2key.c
index 6af1c0927d..b8b268217d 100644
--- a/providers/implementations/encode_decode/decode_der2key.c
+++ b/providers/implementations/encode_decode/decode_der2key.c
@@ -15,6 +15,7 @@
 
 #include <openssl/core_dispatch.h>
 #include <openssl/core_names.h>
+#include <openssl/core_object.h>
 #include <openssl/crypto.h>
 #include <openssl/params.h>
 #include <openssl/x509.h>
@@ -157,16 +158,19 @@ static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin,
     OPENSSL_free(der);
 
     if (key != NULL) {
-        OSSL_PARAM params[3];
+        OSSL_PARAM params[4];
+        int object_type = OSSL_OBJECT_PKEY;
 
         params[0] =
-            OSSL_PARAM_construct_utf8_string(OSSL_DECODER_PARAM_DATA_TYPE,
+            OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type);
+        params[1] =
+            OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE,
                                              (char *)ctx->desc->name, 0);
         /* The address of the key becomes the octet string */
-        params[1] =
-            OSSL_PARAM_construct_octet_string(OSSL_DECODER_PARAM_REFERENCE,
+        params[2] =
+            OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE,
                                               &key, sizeof(key));
-        params[2] = OSSL_PARAM_construct_end();
+        params[3] = OSSL_PARAM_construct_end();
 
         ok = data_cb(params, data_cbarg);
     }
diff --git a/providers/implementations/encode_decode/decode_ms2key.c b/providers/implementations/encode_decode/decode_ms2key.c
index 453e8188b3..d8aa813ced 100644
--- a/providers/implementations/encode_decode/decode_ms2key.c
+++ b/providers/implementations/encode_decode/decode_ms2key.c
@@ -15,6 +15,7 @@
 
 #include <openssl/core_dispatch.h>
 #include <openssl/core_names.h>
+#include <openssl/core_object.h>
 #include <openssl/crypto.h>
 #include <openssl/params.h>
 #include <openssl/x509.h>
@@ -131,16 +132,19 @@ static int ms2key_post(struct ms2key_ctx_st *ctx, EVP_PKEY *pkey,
     }
 
     if (key != NULL) {
-        OSSL_PARAM params[3];
+        OSSL_PARAM params[4];
+        int object_type = OSSL_OBJECT_PKEY;
 
         params[0] =
-            OSSL_PARAM_construct_utf8_string(OSSL_DECODER_PARAM_DATA_TYPE,
+            OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type);
+        params[1] =
+            OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE,
                                              (char *)ctx->desc->name, 0);
         /* The address of the key becomes the octet string */
-        params[1] =
-            OSSL_PARAM_construct_octet_string(OSSL_DECODER_PARAM_REFERENCE,
+        params[2] =
+            OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE,
                                               &key, sizeof(key));
-        params[2] = OSSL_PARAM_construct_end();
+        params[3] = OSSL_PARAM_construct_end();
 
         ok = data_cb(params, data_cbarg);
     }
diff --git a/providers/implementations/encode_decode/decode_pem2der.c b/providers/implementations/encode_decode/decode_pem2der.c
index 7ba1cbe3d3..cbee397982 100644
--- a/providers/implementations/encode_decode/decode_pem2der.c
+++ b/providers/implementations/encode_decode/decode_pem2der.c
@@ -130,10 +130,10 @@ static int pem2der_decode(void *vctx, OSSL_CORE_BIO *cin,
         OSSL_PARAM params[3];
 
         params[0] =
-            OSSL_PARAM_construct_utf8_string(OSSL_DECODER_PARAM_DATA_TYPE,
+            OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE,
                                              pem_name, 0);
         params[1] =
-            OSSL_PARAM_construct_octet_string(OSSL_DECODER_PARAM_DATA,
+            OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_DATA,
                                               der, der_len);
         params[2] = OSSL_PARAM_construct_end();
 
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 549ab0a7c7..99790a1b74 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5272,3 +5272,15 @@ PEM_read_bio_PUBKEY_ex                  ?	3_0_0	EXIST::FUNCTION:
 PEM_read_PUBKEY_ex                      ?	3_0_0	EXIST::FUNCTION:STDIO
 PEM_read_bio_Parameters_ex              ?	3_0_0	EXIST::FUNCTION:
 EC_GROUP_new_from_params                ?	3_0_0	EXIST::FUNCTION:EC
+OSSL_STORE_LOADER_set_open_with_libctx  ?	3_0_0	EXIST::FUNCTION:
+OSSL_STORE_LOADER_fetch                 ?	3_0_0	EXIST::FUNCTION:
+OSSL_STORE_LOADER_up_ref                ?	3_0_0	EXIST::FUNCTION:
+OSSL_STORE_LOADER_provider              ?	3_0_0	EXIST::FUNCTION:
+OSSL_STORE_LOADER_properties            ?	3_0_0	EXIST::FUNCTION:
+OSSL_STORE_LOADER_number                ?	3_0_0	EXIST::FUNCTION:
+OSSL_STORE_LOADER_is_a                  ?	3_0_0	EXIST::FUNCTION:
+OSSL_STORE_LOADER_do_all_provided       ?	3_0_0	EXIST::FUNCTION:
+OSSL_STORE_LOADER_names_do_all          ?	3_0_0	EXIST::FUNCTION:
+OSSL_PARAM_get_utf8_string_ptr          ?	3_0_0	EXIST::FUNCTION:
+OSSL_PARAM_get_octet_string_ptr         ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_CTX_set_passphrase_cb      ?	3_0_0	EXIST::FUNCTION:
diff --git a/util/other.syms b/util/other.syms
index 97f71906da..964e09f0bd 100644
--- a/util/other.syms
+++ b/util/other.syms
@@ -66,6 +66,7 @@ OSSL_STORE_eof_fn                       datatype
 OSSL_STORE_error_fn                     datatype
 OSSL_STORE_load_fn                      datatype
 OSSL_STORE_open_fn                      datatype
+OSSL_STORE_open_with_libctx_fn          datatype
 OSSL_STORE_post_process_info_fn         datatype
 OSSL_trace_cb                           datatype
 PROFESSION_INFO                         datatype

From builds at travis-ci.com  Mon Aug 24 09:49:28 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 24 Aug 2020 09:49:28 +0000
Subject: Still Failing: openssl/openssl#36921 (master - a8b7ea8)
In-Reply-To: <openssl/openssl+181051175+still failing@travis-ci.com>
Message-ID: <5f438d2a9f92c_13fdfaceb50842574e7@travis-pro-tasks-6579bc96f5-g8nwx.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36921
Status: Still Failing

Duration: 1 hr, 10 mins, and 48 secs
Commit: a8b7ea8 (master)
Author: Richard Levitte
Message: STORE: Change all error recording to use ERR_raise() / ERR_raise_data()

Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12512)

View the changeset: https://github.com/openssl/openssl/compare/bc8c3e1cd869...a8b7ea8268e2

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/181051175?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200824/05a47083/attachment.html>

From no-reply at appveyor.com  Mon Aug 24 11:08:31 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 24 Aug 2020 11:08:31 +0000
Subject: Build failed: openssl master.36381
Message-ID: <20200824110831.1.34AD4C3E428476FD@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200824/cb8e1d50/attachment.html>

From nic.tuv at gmail.com  Mon Aug 24 12:01:11 2020
From: nic.tuv at gmail.com (nic.tuv at gmail.com)
Date: Mon, 24 Aug 2020 12:01:11 +0000
Subject: [openssl]  master update
Message-ID: <1598270471.884801.4528.nullmailer@dev.openssl.org>

The branch master has been updated
       via  39d9be390a16d3bc5c2b94ad31b705f8239af779 (commit)
      from  a8b7ea8268e23a033750eb77380ef9a4f9a5aa27 (commit)


- Log -----------------------------------------------------------------
commit 39d9be390a16d3bc5c2b94ad31b705f8239af779
Author: Nicola Tuveri <nic.tuv at gmail.com>
Date:   Sat Jun 27 01:40:30 2020 +0300

    Add CLI tests in FIPS configuration
    
    Add positive and negative tests of CLI apps using configuration files
    via environment variables to force FIPS mode.
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12291)

-----------------------------------------------------------------------

Summary of changes:
 test/{default-and-fips.cnf => fips-and-base.cnf} |   4 +-
 test/recipes/20-test_cli_fips.t                  | 310 +++++++++++++++++++++++
 2 files changed, 312 insertions(+), 2 deletions(-)
 copy test/{default-and-fips.cnf => fips-and-base.cnf} (79%)
 create mode 100644 test/recipes/20-test_cli_fips.t

diff --git a/test/default-and-fips.cnf b/test/fips-and-base.cnf
similarity index 79%
copy from test/default-and-fips.cnf
copy to test/fips-and-base.cnf
index 7a4d765591..0caf2b88a4 100644
--- a/test/default-and-fips.cnf
+++ b/test/fips-and-base.cnf
@@ -6,8 +6,8 @@ openssl_conf = openssl_init
 providers = provider_sect
 
 [provider_sect]
-default = default_sect
 fips = fips_sect
+base = base_sect
 
-[default_sect]
+[base_sect]
 activate = 1
diff --git a/test/recipes/20-test_cli_fips.t b/test/recipes/20-test_cli_fips.t
new file mode 100644
index 0000000000..5977e2ccbb
--- /dev/null
+++ b/test/recipes/20-test_cli_fips.t
@@ -0,0 +1,310 @@
+#! /usr/bin/env perl
+# Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+use strict;
+use warnings;
+
+use File::Spec;
+use File::Spec::Functions qw/curdir abs2rel/;
+use File::Copy;
+use OpenSSL::Glob;
+use OpenSSL::Test qw/:DEFAULT srctop_dir bldtop_dir bldtop_file srctop_file data_file/;
+use OpenSSL::Test::Utils;
+
+BEGIN {
+    setup("test_cli_fips");
+}
+use lib srctop_dir('Configurations');
+use lib bldtop_dir('.');
+use platform;
+
+plan skip_all => "Test only supported in a fips build" if disabled("fips");
+
+plan tests => 6;
+
+my $fipsmodule = bldtop_file('providers', platform->dso('fips'));
+my $fipsconf = srctop_file("test", "fips-and-base.cnf");
+my $defaultconf = srctop_file("test", "default.cnf");
+my $tbs_data = $fipsmodule;
+my $bogus_data = $fipsconf;
+
+# output a fipsmodule.cnf file containing mac data
+ok(run(app(['openssl', 'fipsinstall', '-out', 'fipsmodule.cnf',
+            '-module', $fipsmodule, ])),
+   "fipsinstall");
+
+# verify the $fipsconf file
+ok(run(app(['openssl', 'fipsinstall', '-in', 'fipsmodule.cnf', '-module', $fipsmodule,
+            '-verify'])),
+   "fipsinstall verify");
+
+$ENV{OPENSSL_CONF_INCLUDE} = abs2rel(curdir());
+$ENV{OPENSSL_CONF} = $fipsconf;
+
+ok(run(app(['openssl', 'provider', '-v', 'fips'])),
+   "provider listing");
+
+my $tsignverify_count = 8;
+sub tsignverify {
+    my $prefix = shift;
+    my $fips_key = shift;
+    my $nonfips_key = shift;
+    my $fips_sigfile = $prefix.'.fips.sig';
+    my $nonfips_sigfile = $prefix.'.nonfips.sig';
+    my $sigfile = '';
+    my $testtext = '';
+
+    $ENV{OPENSSL_CONF} = $fipsconf;
+
+    $sigfile = $fips_sigfile;
+    $testtext = $prefix.': '.
+        'Sign something with a FIPS key';
+    ok(run(app(['openssl', 'dgst', '-sha256',
+                '-sign', $fips_key,
+                '-out', $sigfile,
+                $tbs_data])),
+       $testtext);
+
+    $testtext = $prefix.': '.
+        'Verify something with a FIPS key';
+    ok(run(app(['openssl', 'dgst', '-sha256',
+                '-verify', $fips_key,
+                '-signature', $sigfile,
+                $tbs_data])),
+       $testtext);
+
+    $testtext = $prefix.': '.
+        'Verify a valid signature against the wrong data with a FIPS key'.
+        ' (should fail)';
+    ok(!run(app(['openssl', 'dgst', '-sha256',
+                 '-verify', $fips_key,
+                 '-signature', $sigfile,
+                 $bogus_data])),
+       $testtext);
+
+    $ENV{OPENSSL_CONF} = $defaultconf;
+
+    $sigfile = $nonfips_sigfile;
+    $testtext = $prefix.': '.
+        'Sign something with a non-FIPS key'.
+        ' with the default provider';
+    ok(run(app(['openssl', 'dgst', '-sha256',
+                '-sign', $nonfips_key,
+                '-out', $sigfile,
+                $tbs_data])),
+       $testtext);
+
+    $testtext = $prefix.': '.
+        'Verify something with a non-FIPS key'.
+        ' with the default provider';
+    ok(run(app(['openssl', 'dgst', '-sha256',
+                '-verify', $nonfips_key,
+                '-signature', $sigfile,
+                $tbs_data])),
+       $testtext);
+
+    $ENV{OPENSSL_CONF} = $fipsconf;
+
+    $testtext = $prefix.': '.
+        'Sign something with a non-FIPS key'.
+        ' (should fail)';
+    ok(!run(app(['openssl', 'dgst', '-sha256',
+                 '-sign', $nonfips_key,
+                 '-out', $prefix.'.nonfips.fail.sig',
+                 $tbs_data])),
+       $testtext);
+
+    $testtext = $prefix.': '.
+        'Verify something with a non-FIPS key'.
+        ' (should fail)';
+    ok(!run(app(['openssl', 'dgst', '-sha256',
+                 '-verify', $nonfips_key,
+                 '-signature', $sigfile,
+                 $tbs_data])),
+       $testtext);
+
+    $testtext = $prefix.': '.
+        'Verify a valid signature against the wrong data with a non-FIPS key'.
+        ' (should fail)';
+    ok(!run(app(['openssl', 'dgst', '-sha256',
+                 '-verify', $nonfips_key,
+                 '-signature', $sigfile,
+                 $bogus_data])),
+       $testtext);
+}
+
+SKIP : {
+    skip "FIPS EC tests because of no ec in this build", 1
+        if disabled("ec");
+
+    subtest EC => sub {
+        my $testtext_prefix = 'EC';
+        my $a_fips_curve = 'prime256v1';
+        my $fips_key = $testtext_prefix.'.fips.priv.pem';
+        my $a_nonfips_curve = 'brainpoolP256r1';
+        my $nonfips_key = $testtext_prefix.'.nonfips.priv.pem';
+        my $testtext = '';
+        my $curvename = '';
+
+        plan tests => 3 + $tsignverify_count;
+
+        $ENV{OPENSSL_CONF} = $defaultconf;
+        $curvename = $a_nonfips_curve;
+        $testtext = $testtext_prefix.': '.
+            'Generate a key with a non-FIPS algorithm with the default provider';
+        ok(run(app(['openssl', 'genpkey', '-algorithm', 'EC',
+                    '-pkeyopt', 'ec_paramgen_curve:'.$curvename,
+                    '-out', $nonfips_key])),
+           $testtext);
+
+        $ENV{OPENSSL_CONF} = $fipsconf;
+
+        $curvename = $a_fips_curve;
+        $testtext = $testtext_prefix.': '.
+            'Generate a key with a FIPS algorithm';
+        ok(run(app(['openssl', 'genpkey', '-algorithm', 'EC',
+                    '-pkeyopt', 'ec_paramgen_curve:'.$curvename,
+                    '-out', $fips_key])),
+           $testtext);
+
+        $curvename = $a_nonfips_curve;
+        $testtext = $testtext_prefix.': '.
+            'Generate a key with a non-FIPS algorithm'.
+            ' (should fail)';
+        ok(!run(app(['openssl', 'genpkey', '-algorithm', 'EC',
+                     '-pkeyopt', 'ec_paramgen_curve:'.$curvename,
+                     '-out', $testtext_prefix.'.'.$curvename.'.priv.pem'])),
+           $testtext);
+
+        tsignverify($testtext_prefix, $fips_key, $nonfips_key);
+    };
+}
+
+SKIP: {
+    skip "FIPS RSA tests because of no rsa in this build", 1
+        if disabled("rsa");
+
+    subtest RSA => sub {
+        my $testtext_prefix = 'RSA';
+        my $fips_key = $testtext_prefix.'.fips.priv.pem';
+        my $nonfips_key = $testtext_prefix.'.nonfips.priv.pem';
+        my $testtext = '';
+
+        plan tests => 3 + $tsignverify_count;
+
+        $ENV{OPENSSL_CONF} = $defaultconf;
+        $testtext = $testtext_prefix.': '.
+            'Generate a key with a non-FIPS algorithm with the default provider';
+        ok(run(app(['openssl', 'genpkey', '-algorithm', 'RSA',
+                    '-pkeyopt', 'rsa_keygen_bits:512',
+                    '-out', $nonfips_key])),
+           $testtext);
+
+        $ENV{OPENSSL_CONF} = $fipsconf;
+
+        $testtext = $testtext_prefix.': '.
+            'Generate a key with a FIPS algorithm';
+        ok(run(app(['openssl', 'genpkey', '-algorithm', 'RSA',
+                    '-pkeyopt', 'rsa_keygen_bits:2048',
+                    '-out', $fips_key])),
+           $testtext);
+
+        $testtext = $testtext_prefix.': '.
+            'Generate a key with a non-FIPS algorithm'.
+            ' (should fail)';
+        ok(!run(app(['openssl', 'genpkey', '-algorithm', 'RSA',
+                    '-pkeyopt', 'rsa_keygen_bits:512',
+                     '-out', $testtext_prefix.'.fail.priv.pem'])),
+           $testtext);
+
+        TODO : {
+             local $TODO = "see issue #12629";
+             tsignverify($testtext_prefix, $fips_key, $nonfips_key);
+        }
+    };
+}
+
+SKIP : {
+    skip "FIPS DSA tests because of no dsa in this build", 1
+        if disabled("dsa");
+
+    subtest DSA => sub {
+        my $testtext_prefix = 'DSA';
+        my $fips_key = $testtext_prefix.'.fips.priv.pem';
+        my $nonfips_key = $testtext_prefix.'.nonfips.priv.pem';
+        my $testtext = '';
+        my $fips_param = $testtext_prefix.'.fips.param.pem';
+        my $nonfips_param = $testtext_prefix.'.nonfips.param.pem';
+
+        plan tests => 6 + $tsignverify_count;
+
+        $ENV{OPENSSL_CONF} = $defaultconf;
+
+        $testtext = $testtext_prefix.': '.
+            'Generate non-FIPS params with the default provider';
+        ok(run(app(['openssl', 'genpkey', '-genparam',
+                    '-algorithm', 'DSA',
+                    '-pkeyopt', 'type:fips186_2',
+                    '-pkeyopt', 'dsa_paramgen_bits:512',
+                    '-out', $nonfips_param])),
+           $testtext);
+
+        $ENV{OPENSSL_CONF} = $fipsconf;
+
+        $testtext = $testtext_prefix.': '.
+            'Generate FIPS params';
+        ok(run(app(['openssl', 'genpkey', '-genparam',
+                    '-algorithm', 'DSA',
+                    '-pkeyopt', 'dsa_paramgen_bits:2048',
+                    '-out', $fips_param])),
+           $testtext);
+
+        $testtext = $testtext_prefix.': '.
+            'Generate non-FIPS params'.
+            ' (should fail)';
+        ok(!run(app(['openssl', 'genpkey', '-genparam',
+                     '-algorithm', 'DSA',
+                    '-pkeyopt', 'dsa_paramgen_bits:512',
+                     '-out', $testtext_prefix.'.fail.param.pem'])),
+           $testtext);
+
+        $ENV{OPENSSL_CONF} = $defaultconf;
+
+        $testtext = $testtext_prefix.': '.
+            'Generate a key with non-FIPS params with the default provider';
+        ok(run(app(['openssl', 'genpkey',
+                    '-paramfile', $nonfips_param,
+                    '-pkeyopt', 'type:fips186_2',
+                    '-out', $nonfips_key])),
+           $testtext);
+
+        $ENV{OPENSSL_CONF} = $fipsconf;
+
+        $testtext = $testtext_prefix.': '.
+            'Generate a key with FIPS parameters';
+        ok(run(app(['openssl', 'genpkey',
+                    '-paramfile', $fips_param,
+                    '-pkeyopt', 'type:fips186_4',
+                    '-out', $fips_key])),
+           $testtext);
+
+        $testtext = $testtext_prefix.': '.
+            'Generate a key with non-FIPS parameters'.
+            ' (should fail)';
+        ok(!run(app(['openssl', 'genpkey',
+                     '-paramfile', $nonfips_param,
+                     '-pkeyopt', 'type:fips186_2',
+                     '-out', $testtext_prefix.'.fail.priv.pem'])),
+           $testtext);
+
+       TODO : {
+            local $TODO = "see issues #12626, #12627";
+            tsignverify($testtext_prefix, $fips_key, $nonfips_key);
+       }
+    };
+}

From no-reply at appveyor.com  Mon Aug 24 12:25:21 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 24 Aug 2020 12:25:21 +0000
Subject: Build failed: openssl master.36382
Message-ID: <20200824122521.1.6E270A2346E68938@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200824/bbb242b7/attachment.html>

From openssl at openssl.org  Mon Aug 24 13:03:17 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 24 Aug 2020 13:03:17 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-err
Message-ID: <1598274197.963798.12386.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-err

Commit log since last time:

05ead00065 run_tests.pl: Add warning that HARNESS_JOBS > 1 overrides HARNESS_VERBOSE
1acb2e6f35 Fix CMS so that it still works with non fetchable algorithms.
eed12622fa Windows get ENV value as UTF-8 encoded string instead of a raw string
c0f39ded68 Add Explicit EC parameter support to providers.
a02c715c18 Clean away some declarations
93ec4f8f09 Remove the OSSL_SERIALIZER / OSSL_DESERIALIZER renaming scripts
ece9304c96 Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
f650993f1d Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
5a7734cd02 Add libctx/provider support to cmp_msg_test
4561f15fdb Add libctx/provider support to cmp_protect_test
bdd6784fdd Add libctx/provider support to cmp_vfy_test
b0248cbc3e Add libctx/provider support to cmp_client_test
6d1f50b520 Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt
cac30a69bc cmp_msg.c: Copy libctx and propq of CMP_CTX to newly enrolled certificate
28e9f62b2d cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc
1930b58642 cmp_hdr.c: Adapt ossl_cmp_hdr_init() to use OPENSSL_CTX for random number generation
2300083887 crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails
ab28b59064 Add libctx/provider support to cmp_server_test
97e00da902 Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its doc
1a7cd250ad Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_mock_srv_new()
7b1a3a5062 cmp_vfy.c: Fix bug: must verify msg signature also in 3GPP mode
cef3a008a6 Update CMP header file references in internal CMP documentation
ded346fad2 Add libctx and propq param to ASN.1 sign/verify/HMAC/decrypt
4cdf44c46b x_x509.c: Simplify X509_new_with_libctx() using x509_set0_libctx()
09c2e26e64 Re-word null->empty property; improve iteration.count example in property.pod
1bb6f70da3 testutil: Add provider.c with test_get_libctx(), to use at least for SSL and CMP
06cee80a84 testutil: Make SETUP_TEST_FIXTURE return 0 on fixture == NULL
1a7ceb6c74 Correct the #define's of EVP_PKEY_CTRL_SET1_ID and EVP_PKEY_CTRL_GET1_ID{,_LEN}
bc03cfadc4 Add prerequisite #include directives to include/crypto/x509.h
de3713d492 Make sure x509v3_cache_extensions() does not modify the error queue
be63e58732 Fix incorrect selection flags for ec serializer.
8ca6c6669f Test mte with stitched ciphersuites in TLSv1.0
a361cb841d Fix stitched ciphersuites in TLS1.0
2a33470b4f Make better use of new load_cert_pass() variant of load_cert() in apps/
b3c5aadf4c apps: make use of OSSL_STORE for generalized certs and CRLs loading
ed4faae00c Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8}
5f2b7db09b TEST: Use PEM_read_bio_PUBKEY_ex() and PEM_read_bio_PrivateKey_ex()
6e5ccd58c8 PEM: Add more library context aware PEM readers
2274d22d39 STORE: Distinguish public keys from private keys
6cc1dfca88 PROV: Fix DSA and DH private key serializers
22b814443e X509: Add d2i_PUBKEY_ex(), which take a libctx and propq
3b1fd0b003 cmp: handle error return from OBJ_obj2txt()
ffcdb24b13 pkeyutil: check return value reading password
16486f6332 PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider
26a8f2ac95 RSA: Fix rsa_todata() to only add params for existing data
e6ed04a9dc TEST: separate out NIST ECC tests from non-NIST
a24b510c28 EVP: Have evp_pkey_cmp_any() detect if export wasn't possible

Build log ended with (last 100 lines):

65-test_cmp_status.t ............... ok
65-test_cmp_vfy.t .................. ok
70-test_asyncio.t .................. ok
70-test_bad_dtls.t ................. ok
70-test_clienthello.t .............. ok
70-test_comp.t ..................... ok
70-test_key_share.t ................ ok
70-test_packet.t ................... ok
70-test_recordlen.t ................ ok
70-test_renegotiation.t ............ ok
70-test_servername.t ............... ok
70-test_sslcbcpadding.t ............ ok
70-test_sslcertstatus.t ............ ok
70-test_sslextension.t ............. ok
70-test_sslmessages.t .............. ok
70-test_sslrecords.t ............... ok
70-test_sslsessiontick.t ........... ok
70-test_sslsigalgs.t ............... ok
70-test_sslsignature.t ............. ok
70-test_sslskewith0p.t ............. ok
70-test_sslversions.t .............. ok
70-test_sslvertol.t ................ ok
70-test_tls13alerts.t .............. ok
70-test_tls13cookie.t .............. ok
70-test_tls13downgrade.t ........... ok
70-test_tls13hrr.t ................. ok
70-test_tls13kexmodes.t ............ ok
70-test_tls13messages.t ............ ok
70-test_tls13psk.t ................. ok
70-test_tlsextms.t ................. ok
70-test_verify_extra.t ............. ok
70-test_wpacket.t .................. ok
71-test_ssl_ctx.t .................. ok
80-test_ca.t ....................... ok
80-test_cipherbytes.t .............. ok
80-test_cipherlist.t ............... ok
80-test_ciphername.t ............... ok

# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... ok
80-test_dtls_mtu.t ................. ok
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok
80-test_ssl_new.t .................. ok
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
04-test_err.t                    (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=209, Tests=3197, 881 wallclock secs (13.44 usr  1.24 sys + 815.67 cusr 63.53 csys = 893.88 CPU)
Result: FAIL
Makefile:3199: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-err'
Makefile:3197: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Mon Aug 24 13:42:15 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 24 Aug 2020 13:42:15 +0000
Subject: Build completed: openssl master.36383
Message-ID: <20200824134215.1.F29ACCC92E8A51D0@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200824/47d252ad/attachment.html>

From builds at travis-ci.com  Mon Aug 24 14:03:14 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 24 Aug 2020 14:03:14 +0000
Subject: Still Failing: openssl/openssl#36926 (master - 39d9be3)
In-Reply-To: <openssl/openssl+181081163+still failing@travis-ci.com>
Message-ID: <5f43c8a2717b0_13ff209eb1320237280@travis-pro-tasks-77784b868c-xvfvw.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36926
Status: Still Failing

Duration: 59 mins and 2 secs
Commit: 39d9be3 (master)
Author: Nicola Tuveri
Message: Add CLI tests in FIPS configuration

Add positive and negative tests of CLI apps using configuration files
via environment variables to force FIPS mode.

Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12291)

View the changeset: https://github.com/openssl/openssl/compare/a8b7ea8268e2...39d9be390a16

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/181081163?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200824/c0d5bea5/attachment-0001.html>

From levitte at openssl.org  Mon Aug 24 16:21:11 2020
From: levitte at openssl.org (Richard Levitte)
Date: Mon, 24 Aug 2020 16:21:11 +0000
Subject: [openssl]  master update
Message-ID: <1598286071.613182.20144.nullmailer@dev.openssl.org>

The branch master has been updated
       via  9afa0748cffeabbdd01bf35c8955797daba31bea (commit)
      from  39d9be390a16d3bc5c2b94ad31b705f8239af779 (commit)


- Log -----------------------------------------------------------------
commit 9afa0748cffeabbdd01bf35c8955797daba31bea
Author: Richard Levitte <levitte at openssl.org>
Date:   Sun Aug 23 10:06:06 2020 +0200

    TEST: Fix CMP tests so they load keys in the current library context
    
    Reviewed-by: David von Oheimb <david.von.oheimb at siemens.com>
    (Merged from https://github.com/openssl/openssl/pull/12705)

-----------------------------------------------------------------------

Summary of changes:
 test/cmp_client_test.c  | 4 ++--
 test/cmp_msg_test.c     | 2 +-
 test/cmp_protect_test.c | 4 ++--
 test/cmp_testlib.c      | 5 +++--
 test/cmp_testlib.h      | 2 +-
 5 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/test/cmp_client_test.c b/test/cmp_client_test.c
index 9fb3050ac0..111a4c27f4 100644
--- a/test/cmp_client_test.c
+++ b/test/cmp_client_test.c
@@ -372,9 +372,9 @@ int setup_tests(void)
     if (!test_get_libctx(&libctx, &default_null_provider, &provider, 5, USAGE))
         return 0;
 
-    if (!TEST_ptr(server_key = load_pem_key(server_key_f))
+    if (!TEST_ptr(server_key = load_pem_key(server_key_f, libctx))
             || !TEST_ptr(server_cert = load_pem_cert(server_cert_f, libctx))
-            || !TEST_ptr(client_key = load_pem_key(client_key_f))
+            || !TEST_ptr(client_key = load_pem_key(client_key_f, libctx))
             || !TEST_ptr(client_cert = load_pem_cert(client_cert_f, libctx))
             || !TEST_int_eq(1, RAND_bytes_ex(libctx, ref, sizeof(ref)))) {
         cleanup_tests();
diff --git a/test/cmp_msg_test.c b/test/cmp_msg_test.c
index b9309a6983..a56f04f1df 100644
--- a/test/cmp_msg_test.c
+++ b/test/cmp_msg_test.c
@@ -575,7 +575,7 @@ int setup_tests(void)
     if (!test_get_libctx(&libctx, &default_null_provider, &provider, 3, USAGE))
         return 0;
 
-    if (!TEST_ptr(newkey = load_pem_key(newkey_f))
+    if (!TEST_ptr(newkey = load_pem_key(newkey_f, libctx))
             || !TEST_ptr(cert = load_pem_cert(server_cert_f, libctx))
             || !TEST_int_eq(1, RAND_bytes_ex(libctx, ref, sizeof(ref)))) {
         cleanup_tests();
diff --git a/test/cmp_protect_test.c b/test/cmp_protect_test.c
index 6413c20a23..66cc6af370 100644
--- a/test/cmp_protect_test.c
+++ b/test/cmp_protect_test.c
@@ -521,11 +521,11 @@ int setup_tests(void)
     if (!test_get_libctx(&libctx, &default_null_provider, &provider, 10, USAGE))
         return 0;
 
-    if (!TEST_ptr(loadedkey = load_pem_key(server_key_f))
+    if (!TEST_ptr(loadedkey = load_pem_key(server_key_f, libctx))
             || !TEST_ptr(cert = load_pem_cert(server_cert_f, libctx)))
         return 0;
 
-    if (!TEST_ptr(loadedprivkey = load_pem_key(server_f)))
+    if (!TEST_ptr(loadedprivkey = load_pem_key(server_f, libctx)))
         return 0;
     if (TEST_true(EVP_PKEY_up_ref(loadedprivkey)))
         loadedpubkey = loadedprivkey;
diff --git a/test/cmp_testlib.c b/test/cmp_testlib.c
index ffa43cd81c..754a6ba845 100644
--- a/test/cmp_testlib.c
+++ b/test/cmp_testlib.c
@@ -14,7 +14,7 @@
 
 DEFINE_STACK_OF(X509)
 
-EVP_PKEY *load_pem_key(const char *file)
+EVP_PKEY *load_pem_key(const char *file, OPENSSL_CTX *libctx)
 {
     EVP_PKEY *key = NULL;
     BIO *bio = NULL;
@@ -22,7 +22,8 @@ EVP_PKEY *load_pem_key(const char *file)
     if (!TEST_ptr(bio = BIO_new(BIO_s_file())))
         return NULL;
     if (TEST_int_gt(BIO_read_filename(bio, file), 0))
-        (void)TEST_ptr(key = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL));
+        (void)TEST_ptr(key = PEM_read_bio_PrivateKey_ex(bio, NULL, NULL, NULL,
+                                                        libctx, NULL));
 
     BIO_free(bio);
     return key;
diff --git a/test/cmp_testlib.h b/test/cmp_testlib.h
index e24074cdd7..e8ae7a1834 100644
--- a/test/cmp_testlib.h
+++ b/test/cmp_testlib.h
@@ -23,7 +23,7 @@
 
 # ifndef OPENSSL_NO_CMP
 #  define CMP_TEST_REFVALUE_LENGTH 15 /* arbitrary value */
-EVP_PKEY *load_pem_key(const char *file);
+EVP_PKEY *load_pem_key(const char *file, OPENSSL_CTX *libctx);
 X509 *load_pem_cert(const char *file, OPENSSL_CTX *libctx);
 X509_REQ *load_csr(const char *file);
 OSSL_CMP_MSG *load_pkimsg(const char *file);

From no-reply at appveyor.com  Mon Aug 24 17:42:12 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 24 Aug 2020 17:42:12 +0000
Subject: Build failed: openssl master.36386
Message-ID: <20200824174212.1.C20FD54E4CA757CE@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200824/ce088dc5/attachment.html>

From builds at travis-ci.com  Mon Aug 24 18:05:01 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 24 Aug 2020 18:05:01 +0000
Subject: Still Failing: openssl/openssl#36929 (master - 9afa074)
In-Reply-To: <openssl/openssl+181117819+still failing@travis-ci.com>
Message-ID: <5f44014e86942_13f8c685aa5bc3972e8@travis-pro-tasks-785bfccd4-qw2xs.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36929
Status: Still Failing

Duration: 47 mins and 45 secs
Commit: 9afa074 (master)
Author: Richard Levitte
Message: TEST: Fix CMP tests so they load keys in the current library context

Reviewed-by: David von Oheimb <david.von.oheimb at siemens.com>
(Merged from https://github.com/openssl/openssl/pull/12705)

View the changeset: https://github.com/openssl/openssl/compare/39d9be390a16...9afa0748cffe

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/181117819?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200824/15856858/attachment-0001.html>

From no-reply at appveyor.com  Mon Aug 24 19:00:06 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 24 Aug 2020 19:00:06 +0000
Subject: Build completed: openssl master.36387
Message-ID: <20200824190006.1.648836360C913A20@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200824/5c8d129f/attachment.html>

From openssl at openssl.org  Mon Aug 24 21:19:07 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 24 Aug 2020 21:19:07 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-ui-console
Message-ID: <1598303947.332256.812.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ui-console

Commit log since last time:

05ead00065 run_tests.pl: Add warning that HARNESS_JOBS > 1 overrides HARNESS_VERBOSE
1acb2e6f35 Fix CMS so that it still works with non fetchable algorithms.
eed12622fa Windows get ENV value as UTF-8 encoded string instead of a raw string
c0f39ded68 Add Explicit EC parameter support to providers.
a02c715c18 Clean away some declarations
93ec4f8f09 Remove the OSSL_SERIALIZER / OSSL_DESERIALIZER renaming scripts
ece9304c96 Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
f650993f1d Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
5a7734cd02 Add libctx/provider support to cmp_msg_test
4561f15fdb Add libctx/provider support to cmp_protect_test
bdd6784fdd Add libctx/provider support to cmp_vfy_test
b0248cbc3e Add libctx/provider support to cmp_client_test
6d1f50b520 Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt
cac30a69bc cmp_msg.c: Copy libctx and propq of CMP_CTX to newly enrolled certificate
28e9f62b2d cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc
1930b58642 cmp_hdr.c: Adapt ossl_cmp_hdr_init() to use OPENSSL_CTX for random number generation
2300083887 crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails
ab28b59064 Add libctx/provider support to cmp_server_test
97e00da902 Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its doc
1a7cd250ad Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_mock_srv_new()
7b1a3a5062 cmp_vfy.c: Fix bug: must verify msg signature also in 3GPP mode
cef3a008a6 Update CMP header file references in internal CMP documentation
ded346fad2 Add libctx and propq param to ASN.1 sign/verify/HMAC/decrypt
4cdf44c46b x_x509.c: Simplify X509_new_with_libctx() using x509_set0_libctx()
09c2e26e64 Re-word null->empty property; improve iteration.count example in property.pod
1bb6f70da3 testutil: Add provider.c with test_get_libctx(), to use at least for SSL and CMP
06cee80a84 testutil: Make SETUP_TEST_FIXTURE return 0 on fixture == NULL
1a7ceb6c74 Correct the #define's of EVP_PKEY_CTRL_SET1_ID and EVP_PKEY_CTRL_GET1_ID{,_LEN}
bc03cfadc4 Add prerequisite #include directives to include/crypto/x509.h
de3713d492 Make sure x509v3_cache_extensions() does not modify the error queue
be63e58732 Fix incorrect selection flags for ec serializer.
8ca6c6669f Test mte with stitched ciphersuites in TLSv1.0
a361cb841d Fix stitched ciphersuites in TLS1.0
2a33470b4f Make better use of new load_cert_pass() variant of load_cert() in apps/
b3c5aadf4c apps: make use of OSSL_STORE for generalized certs and CRLs loading
ed4faae00c Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8}
5f2b7db09b TEST: Use PEM_read_bio_PUBKEY_ex() and PEM_read_bio_PrivateKey_ex()
6e5ccd58c8 PEM: Add more library context aware PEM readers
2274d22d39 STORE: Distinguish public keys from private keys
6cc1dfca88 PROV: Fix DSA and DH private key serializers
22b814443e X509: Add d2i_PUBKEY_ex(), which take a libctx and propq
3b1fd0b003 cmp: handle error return from OBJ_obj2txt()
ffcdb24b13 pkeyutil: check return value reading password
16486f6332 PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider
26a8f2ac95 RSA: Fix rsa_todata() to only add params for existing data
e6ed04a9dc TEST: separate out NIST ECC tests from non-NIST
a24b510c28 EVP: Have evp_pkey_cmp_any() detect if export wasn't possible

Build log ended with (last 100 lines):

    #   Failed test 'p10cr csr empty file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -csr wrong.csr.pem => 139
    not ok 78 - p10cr wrong csr
# ------------------------------------------------------------------------------
    #   Failed test 'p10cr wrong csr'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -revreason 5 => 139
    not ok 79 - ir + ignored revocation
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 139
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 139
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 139
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' => 139
    not ok 86 - kur newkey is directory
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139
    not ok 89 - kur oldcert is directory
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert is directory'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139
    not ok 90 - kur oldcert not existing
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert not existing'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139
    not ok 91 - kur empty oldcert file
# ------------------------------------------------------------------------------
    #   Failed test 'kur empty oldcert file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139
    not ok 92 - kur command without cert and oldcert
# ------------------------------------------------------------------------------
    #   Failed test 'kur command without cert and oldcert'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 65 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-ui-console/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=209, Tests=3334, 908 wallclock secs (13.09 usr  1.18 sys + 804.49 cusr 61.81 csys = 880.57 CPU)
Result: FAIL
Makefile:3191: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-ui-console'
Makefile:3189: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Mon Aug 24 22:22:12 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 24 Aug 2020 22:22:12 +0000
Subject: Build failed: openssl master.36389
Message-ID: <20200824222212.1.85C8E8677B3F03EC@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200824/6bf4c693/attachment.html>

From no-reply at appveyor.com  Mon Aug 24 23:33:15 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 24 Aug 2020 23:33:15 +0000
Subject: Build failed: openssl master.36392
Message-ID: <20200824233315.1.01D5C6D5A2A68B3A@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200824/941fb485/attachment.html>

From openssl at openssl.org  Mon Aug 24 23:45:53 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 24 Aug 2020 23:45:53 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 enable-fuzz-afl no-shared no-module
Message-ID: <1598312753.506312.15636.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module

Commit log since last time:

05ead00065 run_tests.pl: Add warning that HARNESS_JOBS > 1 overrides HARNESS_VERBOSE
1acb2e6f35 Fix CMS so that it still works with non fetchable algorithms.
eed12622fa Windows get ENV value as UTF-8 encoded string instead of a raw string
c0f39ded68 Add Explicit EC parameter support to providers.
a02c715c18 Clean away some declarations
93ec4f8f09 Remove the OSSL_SERIALIZER / OSSL_DESERIALIZER renaming scripts
ece9304c96 Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
f650993f1d Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
5a7734cd02 Add libctx/provider support to cmp_msg_test
4561f15fdb Add libctx/provider support to cmp_protect_test
bdd6784fdd Add libctx/provider support to cmp_vfy_test
b0248cbc3e Add libctx/provider support to cmp_client_test
6d1f50b520 Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt
cac30a69bc cmp_msg.c: Copy libctx and propq of CMP_CTX to newly enrolled certificate
28e9f62b2d cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc
1930b58642 cmp_hdr.c: Adapt ossl_cmp_hdr_init() to use OPENSSL_CTX for random number generation
2300083887 crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails
ab28b59064 Add libctx/provider support to cmp_server_test
97e00da902 Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its doc
1a7cd250ad Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_mock_srv_new()
7b1a3a5062 cmp_vfy.c: Fix bug: must verify msg signature also in 3GPP mode
cef3a008a6 Update CMP header file references in internal CMP documentation
ded346fad2 Add libctx and propq param to ASN.1 sign/verify/HMAC/decrypt
4cdf44c46b x_x509.c: Simplify X509_new_with_libctx() using x509_set0_libctx()
09c2e26e64 Re-word null->empty property; improve iteration.count example in property.pod
1bb6f70da3 testutil: Add provider.c with test_get_libctx(), to use at least for SSL and CMP
06cee80a84 testutil: Make SETUP_TEST_FIXTURE return 0 on fixture == NULL
1a7ceb6c74 Correct the #define's of EVP_PKEY_CTRL_SET1_ID and EVP_PKEY_CTRL_GET1_ID{,_LEN}
bc03cfadc4 Add prerequisite #include directives to include/crypto/x509.h
de3713d492 Make sure x509v3_cache_extensions() does not modify the error queue
be63e58732 Fix incorrect selection flags for ec serializer.
8ca6c6669f Test mte with stitched ciphersuites in TLSv1.0
a361cb841d Fix stitched ciphersuites in TLS1.0
2a33470b4f Make better use of new load_cert_pass() variant of load_cert() in apps/
b3c5aadf4c apps: make use of OSSL_STORE for generalized certs and CRLs loading
ed4faae00c Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8}
5f2b7db09b TEST: Use PEM_read_bio_PUBKEY_ex() and PEM_read_bio_PrivateKey_ex()
6e5ccd58c8 PEM: Add more library context aware PEM readers
2274d22d39 STORE: Distinguish public keys from private keys
6cc1dfca88 PROV: Fix DSA and DH private key serializers
22b814443e X509: Add d2i_PUBKEY_ex(), which take a libctx and propq
3b1fd0b003 cmp: handle error return from OBJ_obj2txt()
ffcdb24b13 pkeyutil: check return value reading password
16486f6332 PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider
26a8f2ac95 RSA: Fix rsa_todata() to only add params for existing data
e6ed04a9dc TEST: separate out NIST ECC tests from non-NIST
a24b510c28 EVP: Have evp_pkey_cmp_any() detect if export wasn't possible

Build log ended with (last 100 lines):

../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock credentials' -proxy '' -no_proxy 127.0.0.1 -cert "" -key "" -keypass "" -unprotected_requests => 0
    not ok 38 - unprotected request
# ------------------------------------------------------------------------------
    #   Failed test 'unprotected request'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 3 tests of 38.
not ok 5 - CMP app CLI Mock credentials
# ------------------------------------------------------------------------------
OPENSSL_FUNC:../openssl/apps/cmp.c:2951:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2728:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2063:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2107:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 43 - popo RAVERIFIED
# ------------------------------------------------------------------------------
OPENSSL_FUNC:../openssl/apps/cmp.c:2951:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2728:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2063:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2107:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 47 - popo NONE
# ------------------------------------------------------------------------------
    #   Failed test 'popo NONE'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
OPENSSL_FUNC:../openssl/apps/cmp.c:2951:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2728:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2063:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2107:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 2 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 48 - popo KEYENC not supported
# ------------------------------------------------------------------------------
    # Looks like you failed 3 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/enable-fuzz-afl/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 3 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 3 (wstat 768, 0x300)
Failed 3/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ skipped: Test only supported in a shared build
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 768 Tests: 7 Failed: 3)
  Failed tests:  4-5, 7
  Non-zero exit status: 3
Files=209, Tests=3008, 772 wallclock secs (10.04 usr  1.27 sys + 712.00 cusr 50.62 csys = 773.93 CPU)
Result: FAIL
Makefile:2421: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-fuzz-afl'
Makefile:2419: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Tue Aug 25 00:42:04 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Tue, 25 Aug 2020 00:42:04 +0000
Subject: Build completed: openssl master.36393
Message-ID: <20200825004204.1.33B7FD87EA5741C5@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200825/4df8865e/attachment.html>

From no-reply at appveyor.com  Tue Aug 25 03:36:26 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Tue, 25 Aug 2020 03:36:26 +0000
Subject: Build failed: openssl master.36397
Message-ID: <20200825033626.1.4AADE8173967967C@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200825/647a41f6/attachment.html>

From openssl at openssl.org  Tue Aug 25 06:05:51 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 25 Aug 2020 06:05:51 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-posix-io
Message-ID: <1598335551.908024.8550.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-posix-io

Commit log since last time:

05ead00065 run_tests.pl: Add warning that HARNESS_JOBS > 1 overrides HARNESS_VERBOSE
1acb2e6f35 Fix CMS so that it still works with non fetchable algorithms.
eed12622fa Windows get ENV value as UTF-8 encoded string instead of a raw string
c0f39ded68 Add Explicit EC parameter support to providers.
a02c715c18 Clean away some declarations
93ec4f8f09 Remove the OSSL_SERIALIZER / OSSL_DESERIALIZER renaming scripts
ece9304c96 Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
f650993f1d Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
5a7734cd02 Add libctx/provider support to cmp_msg_test
4561f15fdb Add libctx/provider support to cmp_protect_test
bdd6784fdd Add libctx/provider support to cmp_vfy_test
b0248cbc3e Add libctx/provider support to cmp_client_test
6d1f50b520 Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt
cac30a69bc cmp_msg.c: Copy libctx and propq of CMP_CTX to newly enrolled certificate
28e9f62b2d cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc
1930b58642 cmp_hdr.c: Adapt ossl_cmp_hdr_init() to use OPENSSL_CTX for random number generation
2300083887 crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails
ab28b59064 Add libctx/provider support to cmp_server_test
97e00da902 Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its doc
1a7cd250ad Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_mock_srv_new()
7b1a3a5062 cmp_vfy.c: Fix bug: must verify msg signature also in 3GPP mode
cef3a008a6 Update CMP header file references in internal CMP documentation
ded346fad2 Add libctx and propq param to ASN.1 sign/verify/HMAC/decrypt
4cdf44c46b x_x509.c: Simplify X509_new_with_libctx() using x509_set0_libctx()
09c2e26e64 Re-word null->empty property; improve iteration.count example in property.pod
1bb6f70da3 testutil: Add provider.c with test_get_libctx(), to use at least for SSL and CMP
06cee80a84 testutil: Make SETUP_TEST_FIXTURE return 0 on fixture == NULL
1a7ceb6c74 Correct the #define's of EVP_PKEY_CTRL_SET1_ID and EVP_PKEY_CTRL_GET1_ID{,_LEN}
bc03cfadc4 Add prerequisite #include directives to include/crypto/x509.h
de3713d492 Make sure x509v3_cache_extensions() does not modify the error queue
be63e58732 Fix incorrect selection flags for ec serializer.
8ca6c6669f Test mte with stitched ciphersuites in TLSv1.0
a361cb841d Fix stitched ciphersuites in TLS1.0
2a33470b4f Make better use of new load_cert_pass() variant of load_cert() in apps/
b3c5aadf4c apps: make use of OSSL_STORE for generalized certs and CRLs loading
ed4faae00c Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8}
5f2b7db09b TEST: Use PEM_read_bio_PUBKEY_ex() and PEM_read_bio_PrivateKey_ex()
6e5ccd58c8 PEM: Add more library context aware PEM readers
2274d22d39 STORE: Distinguish public keys from private keys
6cc1dfca88 PROV: Fix DSA and DH private key serializers
22b814443e X509: Add d2i_PUBKEY_ex(), which take a libctx and propq
3b1fd0b003 cmp: handle error return from OBJ_obj2txt()
ffcdb24b13 pkeyutil: check return value reading password
16486f6332 PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider
26a8f2ac95 RSA: Fix rsa_todata() to only add params for existing data
e6ed04a9dc TEST: separate out NIST ECC tests from non-NIST
a24b510c28 EVP: Have evp_pkey_cmp_any() detect if export wasn't possible

Build log ended with (last 100 lines):

rm -f doc/man/man1/CA.pl.1 doc/man/man1/openssl-asn1parse.1 doc/man/man1/openssl-ca.1 doc/man/man1/openssl-ciphers.1 doc/man/man1/openssl-cmds.1 doc/man/man1/openssl-cmp.1 doc/man/man1/openssl-cms.1 doc/man/man1/openssl-crl.1 doc/man/man1/openssl-crl2pkcs7.1 doc/man/man1/openssl-dgst.1 doc/man/man1/openssl-dhparam.1 doc/man/man1/openssl-dsa.1 doc/man/man1/openssl-dsaparam.1 doc/man/man1/openssl-ec.1 doc/man/man1/openssl-ecparam.1 doc/man/man1/openssl-enc.1 doc/man/man1/openssl-engine.1 doc/man/man1/openssl-errstr.1 doc/man/man1/openssl-fipsinstall.1 doc/man/man1/openssl-gendsa.1 doc/man/man1/openssl-genpkey.1 doc/man/man1/openssl-genrsa.1 doc/man/man1/openssl-info.1 doc/man/man1/openssl-kdf.1 doc/man/man1/openssl-list.1 doc/man/man1/openssl-mac.1 doc/man/man1/openssl-nseq.1 doc/man/man1/openssl-ocsp.1 doc/man/man1/openssl-passwd.1 doc/man/man1/openssl-pkcs12.1 doc/man/man1/openssl-pkcs7.1 doc/man/man1/openssl-pkcs8.1 doc/man/man1/openssl-pkey.1 doc/man/man1/openssl-pkeyparam.1 doc/man/man1/openssl-pkeyutl.1 doc/man/man1/openssl-prime.1 doc/man/man1/openssl-provider.1 doc/man/man1/openssl-rand.1 doc/man/man1/openssl-rehash.1 doc/man/man1/openssl-req.1 doc/man/man1/openssl-rsa.1 doc/man/man1/openssl-rsautl.1 doc/man/man1/openssl-s_client.1 doc/man/man1/openssl-s_server.1 doc/man/man1/openssl-s_time.1 doc/man/man1/openssl-sess_id.1 doc/man/man1/openssl-smime.1 doc/man/man1/openssl-speed.1 doc/man/man1/openssl-spkac.1 doc/man/man1/openssl-srp.1 doc/man/man1/openssl-storeutl.1 doc/man/man1/openssl-ts.1 doc/man/man1/openssl-verify.1 doc/man/man1/openssl-version.1 doc/man/man1/openssl-x509.1 doc/man/man1/openssl.1 doc/man/man1/tsget.1 doc/man/man3/ADMISSIONS.3 doc/man/man3/ASN1_INTEGER_get_int64.3 doc/man/man3/ASN1_INTEGER_new.3 doc/man/man3/ASN1_ITEM_lookup.3 doc/man/man3/ASN1_OBJECT_new.3 doc/man/man3/ASN1_STRING_TABLE_add.3 doc/man/man3/ASN1_STRING_length.3 doc/man/man3/ASN1_STRING_new.3 doc/man/man3/ASN1_STRING_print_ex.3 doc/man/man3/ASN1_TIME_set.3 doc/man/man3/ASN1_TYPE_get.3 doc/man/man3/ASN1_generate_nconf.3 doc/man/man3/ASYNC_WAIT_CTX_new.3 doc/man/man3/ASYNC_start_job.3 doc/man/man3/BF_encrypt.3 doc/man/man3/BIO_ADDR.3 doc/man/man3/BIO_ADDRINFO.3 doc/man/man3/BIO_connect.3 doc/man/man3/BIO_ctrl.3 doc/man/man3/BIO_f_base64.3 doc/man/man3/BIO_f_buffer.3 doc/man/man3/BIO_f_cipher.3 doc/man/man3/BIO_f_md.3 doc/man/man3/BIO_f_null.3 doc/man/man3/BIO_f_prefix.3 doc/man/man3/BIO_f_ssl.3 doc/man/man3/BIO_find_type.3 doc/man/man3/BIO_get_data.3 doc/man/man3/BIO_get_ex_new_index.3 doc/man/man3/BIO_meth_new.3 doc/man/man3/BIO_new.3 doc/man/man3/BIO_new_CMS.3 doc/man/man3/BIO_parse_hostserv.3 doc/man/man3/BIO_printf.3 doc/man/man3/BIO_push.3 doc/man/man3/BIO_read.3 doc/man/man3/BIO_s_accept.3 doc/man/man3/BIO_s_bio.3 doc/man/man3/BIO_s_connect.3 doc/man/man3/BIO_s_fd.3 doc/man/man3/BIO_s_file.3 doc/man/man3/BIO_s_mem.3 doc/man/man3/BIO_s_null.3 doc/man/man3/BIO_s_socket.3 doc/man/man3/BIO_set_callback.3 doc/man/man3/BIO_should_retry.3 doc/man/man3/BIO_socket_wait.3 doc/man/man3/BN_BLINDING_new.3 doc/man/man3/BN_CTX_new.3 doc/man/man3/BN_CTX_start.3 doc/man/man3/BN_add.3 doc/man/man3/BN_add_word.3 doc/man/man3/BN_bn2bin.3 doc/man/man3/BN_cmp.3 doc/man/man3/BN_copy.3 doc/man/man3/BN_generate_prime.3 doc/man/man3/BN_mod_inverse.3 doc/man/man3/BN_mod_mul_montgomery.3 doc/man/man3/BN_mod_mul_reciprocal.3 doc/man/man3/BN_new.3 doc/man/man3/BN_num_bytes.3 doc/man/man3/BN_rand.3 doc/man/man3/BN_security_bits.3 doc/man/man3/BN_set_bit.3 doc/man/man3/BN_swap.3 doc/man/man3/BN_zero.3 doc/man/man3/BUF_MEM_new.3 doc/man/man3/CMS_EncryptedData_decrypt.3 doc/man/man3/CMS_EncryptedData_encrypt.3 doc/man/man3/CMS_EnvelopedData_create.3 doc/man/man3/CMS_add0_cert.3 doc/man/man3/CMS_add1_recipient_cert.3 doc/man/man3/CMS_add1_signer.3 doc/man/man3/CMS_compress.3 doc/man/man3/CMS_data_create.3 doc/man/man3/CMS_decrypt.3 doc/man/man3/CMS_digest_create.3 doc/man/man3/CMS_encrypt.3 doc/man/man3/CMS_final.3 doc/man/man3/CMS_get0_RecipientInfos.3 doc/man/man3/CMS_get0_SignerInfos.3 doc/man/man3/CMS_get0_type.3 doc/man/man3/CMS_get1_ReceiptRequest.3 doc/man/man3/CMS_sign.3 doc/man/man3/CMS_sign_receipt.3 doc/man/man3/CMS_uncompress.3 doc/man/man3/CMS_verify.3 doc/man/man3/CMS_verify_receipt.3 doc/man/man3/CONF_modules_free.3 doc/man/man3/CONF_modules_load_file.3 doc/man/man3/CRYPTO_THREAD_run_once.3 doc/man/man3/CRYPTO_get_ex_new_index.3 doc/man/man3/CRYPTO_memcmp.3 doc/man/man3/CTLOG_STORE_get0_log_by_id.3 doc/man/man3/CTLOG_STORE_new.3 doc/man/man3/CTLOG_new.3 doc/man/man3/CT_POLICY_EVAL_CTX_new.3 doc/man/man3/DEFINE_STACK_OF.3 doc/man/man3/DES_random_key.3 doc/man/man3/DH_generate_key.3 doc/man/man3/DH_generate_parameters.3 doc/man/man3/DH_get0_pqg.3 doc/man/man3/DH_get_1024_160.3 doc/man/man3/DH_meth_new.3 doc/man/man3/DH_new.3 doc/man/man3/DH_new_by_nid.3 doc/man/man3/DH_set_method.3 doc/man/man3/DH_size.3 doc/man/man3/DSA_SIG_new.3 doc/man/man3/DSA_do_sign.3 doc/man/man3/DSA_dup_DH.3 doc/man/man3/DSA_generate_key.3 doc/man/man3/DSA_generate_parameters.3 doc/man/man3/DSA_get0_pqg.3 doc/man/man3/DSA_meth_new.3 doc/man/man3/DSA_new.3 doc/man/man3/DSA_set_method.3 doc/man/man3/DSA_sign.3 doc/man/man3/DSA_size.3 doc/man/man3/DTLS_get_data_mtu.3 doc/man/man3/DTLS_set_timer_cb.3 doc/man/man3/DTLSv1_listen.3 doc/man/man3/ECDSA_SIG_new.3 doc/man/man3/ECPKParameters_print.3 doc/man/man3/EC_GFp_simple_method.3 doc/man/man3/EC_GROUP_copy.3 doc/man/man3/EC_GROUP_new.3 doc/man/man3/EC_KEY_get_enc_flags.3 doc/man/man3/EC_KEY_new.3 doc/man/man3/EC_POINT_add.3 doc/man/man3/EC_POINT_new.3 doc/man/man3/ENGINE_add.3 doc/man/man3/ERR_GET_LIB.3 doc/man/man3/ERR_clear_error.3 doc/man/man3/ERR_error_string.3 doc/man/man3/ERR_get_error.3 doc/man/man3/ERR_load_crypto_strings.3 doc/man/man3/ERR_load_strings.3 doc/man/man3/ERR_new.3 doc/man/man3/ERR_print_errors.3 doc/man/man3/ERR_put_error.3 doc/man/man3/ERR_remove_state.3 doc/man/man3/ERR_set_mark.3 doc/man/man3/EVP_ASYM_CIPHER_free.3 doc/man/man3/EVP_BytesToKey.3 doc/man/man3/EVP_CIPHER_CTX_get_cipher_data.3 doc/man/man3/EVP_CIPHER_CTX_get_iv.3 doc/man/man3/EVP_CIPHER_meth_new.3 doc/man/man3/EVP_DigestInit.3 doc/man/man3/EVP_DigestSignInit.3 doc/man/man3/EVP_DigestVerifyInit.3 doc/man/man3/EVP_EncodeInit.3 doc/man/man3/EVP_EncryptInit.3 doc/man/man3/EVP_KDF.3 doc/man/man3/EVP_KEYEXCH_free.3 doc/man/man3/EVP_KEYMGMT.3 doc/man/man3/EVP_MAC.3 doc/man/man3/EVP_MD_meth_new.3 doc/man/man3/EVP_OpenInit.3 doc/man/man3/EVP_PKEY_ASN1_METHOD.3 doc/man/man3/EVP_PKEY_CTX_ctrl.3 doc/man/man3/EVP_PKEY_CTX_new.3 doc/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3 doc/man/man3/EVP_PKEY_CTX_set_hkdf_md.3 doc/man/man3/EVP_PKEY_CTX_set_params.3 doc/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3 doc/man/man3/EVP_PKEY_CTX_set_scrypt_N.3 doc/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3 doc/man/man3/EVP_PKEY_asn1_get_count.3 doc/man/man3/EVP_PKEY_check.3 doc/man/man3/EVP_PKEY_copy_parameters.3 doc/man/man3/EVP_PKEY_decrypt.3 doc/man/man3/EVP_PKEY_derive.3 doc/man/man3/EVP_PKEY_encrypt.3 doc/man/man3/EVP_PKEY_fromdata.3 doc/man/man3/EVP_PKEY_gen.3 doc/man/man3/EVP_PKEY_get_default_digest_nid.3 doc/man/man3/EVP_PKEY_gettable_params.3 doc/man/man3/EVP_PKEY_is_a.3 doc/man/man3/EVP_PKEY_meth_get_count.3 doc/man/man3/EVP_PKEY_meth_new.3 doc/man/man3/EVP_PKEY_new.3 doc/man/man3/EVP_PKEY_print_private.3 doc/man/man3/EVP_PKEY_set1_RSA.3 doc/man/man3/EVP_PKEY_set_type.3 doc/man/man3/EVP_PKEY_sign.3 doc/man/man3/EVP_PKEY_size.3 doc/man/man3/EVP_PKEY_supports_digest_nid.3 doc/man/man3/EVP_PKEY_verify.3 doc/man/man3/EVP_PKEY_verify_recover.3 doc/man/man3/EVP_RAND.3 doc/man/man3/EVP_SIGNATURE_free.3 doc/man/man3/EVP_SealInit.3 doc/man/man3/EVP_SignInit.3 doc/man/man3/EVP_VerifyInit.3 doc/man/man3/EVP_aes_128_gcm.3 doc/man/man3/EVP_aria_128_gcm.3 doc/man/man3/EVP_bf_cbc.3 doc/man/man3/EVP_blake2b512.3 doc/man/man3/EVP_camellia_128_ecb.3 doc/man/man3/EVP_cast5_cbc.3 doc/man/man3/EVP_chacha20.3 doc/man/man3/EVP_des_cbc.3 doc/man/man3/EVP_desx_cbc.3 doc/man/man3/EVP_idea_cbc.3 doc/man/man3/EVP_md2.3 doc/man/man3/EVP_md4.3 doc/man/man3/EVP_md5.3 doc/man/man3/EVP_mdc2.3 doc/man/man3/EVP_rc2_cbc.3 doc/man/man3/EVP_rc4.3 doc/man/man3/EVP_rc5_32_12_16_cbc.3 doc/man/man3/EVP_ripemd160.3 doc/man/man3/EVP_seed_cbc.3 doc/man/man3/EVP_set_default_properties.3 doc/man/man3/EVP_sha1.3 doc/man/man3/EVP_sha224.3 doc/man/man3/EVP_sha3_224.3 doc/man/man3/EVP_sm3.3 doc/man/man3/EVP_sm4_cbc.3 doc/man/man3/EVP_whirlpool.3 doc/man/man3/HMAC.3 doc/man/man3/MD5.3 doc/man/man3/MDC2_Init.3 doc/man/man3/NCONF_new_with_libctx.3 doc/man/man3/OBJ_nid2obj.3 doc/man/man3/OCSP_REQUEST_new.3 doc/man/man3/OCSP_cert_to_id.3 doc/man/man3/OCSP_request_add1_nonce.3 doc/man/man3/OCSP_resp_find_status.3 doc/man/man3/OCSP_response_status.3 doc/man/man3/OCSP_sendreq_new.3 doc/man/man3/OPENSSL_Applink.3 doc/man/man3/OPENSSL_CTX.3 doc/man/man3/OPENSSL_FILE.3 doc/man/man3/OPENSSL_LH_COMPFUNC.3 doc/man/man3/OPENSSL_LH_stats.3 doc/man/man3/OPENSSL_config.3 doc/man/man3/OPENSSL_fork_prepare.3 doc/man/man3/OPENSSL_hexchar2int.3 doc/man/man3/OPENSSL_ia32cap.3 doc/man/man3/OPENSSL_init_crypto.3 doc/man/man3/OPENSSL_init_ssl.3 doc/man/man3/OPENSSL_instrument_bus.3 doc/man/man3/OPENSSL_load_builtin_modules.3 doc/man/man3/OPENSSL_malloc.3 doc/man/man3/OPENSSL_s390xcap.3 doc/man/man3/OPENSSL_secure_malloc.3 doc/man/man3/OSSL_CMP_CTX_new.3 doc/man/man3/OSSL_CMP_HDR_get0_transactionID.3 doc/man/man3/OSSL_CMP_ITAV_set0.3 doc/man/man3/OSSL_CMP_MSG_get0_header.3 doc/man/man3/OSSL_CMP_MSG_http_perform.3 doc/man/man3/OSSL_CMP_SRV_CTX_new.3 doc/man/man3/OSSL_CMP_STATUSINFO_new.3 doc/man/man3/OSSL_CMP_exec_certreq.3 doc/man/man3/OSSL_CMP_log_open.3 doc/man/man3/OSSL_CMP_validate_msg.3 doc/man/man3/OSSL_CRMF_MSG_get0_tmpl.3 doc/man/man3/OSSL_CRMF_MSG_set0_validity.3 doc/man/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.3 doc/man/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.3 doc/man/man3/OSSL_CRMF_pbmp_new.3 doc/man/man3/OSSL_DECODER.3 doc/man/man3/OSSL_DECODER_CTX.3 doc/man/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_DECODER_from_bio.3 doc/man/man3/OSSL_ENCODER.3 doc/man/man3/OSSL_ENCODER_CTX.3 doc/man/man3/OSSL_ENCODER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_ENCODER_to_bio.3 doc/man/man3/OSSL_HTTP_transfer.3 doc/man/man3/OSSL_PARAM.3 doc/man/man3/OSSL_PARAM_BLD.3 doc/man/man3/OSSL_PARAM_allocate_from_text.3 doc/man/man3/OSSL_PARAM_int.3 doc/man/man3/OSSL_PROVIDER.3 doc/man/man3/OSSL_SELF_TEST_new.3 doc/man/man3/OSSL_SELF_TEST_set_callback.3 doc/man/man3/OSSL_STORE_INFO.3 doc/man/man3/OSSL_STORE_LOADER.3 doc/man/man3/OSSL_STORE_SEARCH.3 doc/man/man3/OSSL_STORE_attach.3 doc/man/man3/OSSL_STORE_expect.3 doc/man/man3/OSSL_STORE_open.3 doc/man/man3/OSSL_trace_enabled.3 doc/man/man3/OSSL_trace_get_category_num.3 doc/man/man3/OSSL_trace_set_channel.3 doc/man/man3/OpenSSL_add_all_algorithms.3 doc/man/man3/OpenSSL_version.3 doc/man/man3/PEM_X509_INFO_read_bio_with_libctx.3 doc/man/man3/PEM_bytes_read_bio.3 doc/man/man3/PEM_read.3 doc/man/man3/PEM_read_CMS.3 doc/man/man3/PEM_read_bio_PrivateKey.3 doc/man/man3/PEM_read_bio_ex.3 doc/man/man3/PEM_write_bio_CMS_stream.3 doc/man/man3/PEM_write_bio_PKCS7_stream.3 doc/man/man3/PKCS12_SAFEBAG_create_cert.3 doc/man/man3/PKCS12_SAFEBAG_get0_attrs.3 doc/man/man3/PKCS12_SAFEBAG_get1_cert.3 doc/man/man3/PKCS12_add1_attr_by_NID.3 doc/man/man3/PKCS12_add_CSPName_asc.3 doc/man/man3/PKCS12_add_cert.3 doc/man/man3/PKCS12_add_friendlyname_asc.3 doc/man/man3/PKCS12_add_localkeyid.3 doc/man/man3/PKCS12_add_safe.3 doc/man/man3/PKCS12_create.3 doc/man/man3/PKCS12_get_friendlyname.3 doc/man/man3/PKCS12_newpass.3 doc/man/man3/PKCS12_parse.3 doc/man/man3/PKCS5_PBKDF2_HMAC.3 doc/man/man3/PKCS7_decrypt.3 doc/man/man3/PKCS7_encrypt.3 doc/man/man3/PKCS7_sign.3 doc/man/man3/PKCS7_sign_add_signer.3 doc/man/man3/PKCS7_verify.3 doc/man/man3/PKCS8_pkey_add1_attr.3 doc/man/man3/RAND_add.3 doc/man/man3/RAND_bytes.3 doc/man/man3/RAND_cleanup.3 doc/man/man3/RAND_egd.3 doc/man/man3/RAND_get0_primary.3 doc/man/man3/RAND_load_file.3 doc/man/man3/RAND_set_rand_method.3 doc/man/man3/RC4_set_key.3 doc/man/man3/RIPEMD160_Init.3 doc/man/man3/RSA_blinding_on.3 doc/man/man3/RSA_check_key.3 doc/man/man3/RSA_generate_key.3 doc/man/man3/RSA_get0_key.3 doc/man/man3/RSA_meth_new.3 doc/man/man3/RSA_new.3 doc/man/man3/RSA_padding_add_PKCS1_type_1.3 doc/man/man3/RSA_print.3 doc/man/man3/RSA_private_encrypt.3 doc/man/man3/RSA_public_encrypt.3 doc/man/man3/RSA_set_method.3 doc/man/man3/RSA_sign.3 doc/man/man3/RSA_sign_ASN1_OCTET_STRING.3 doc/man/man3/RSA_size.3 doc/man/man3/SCT_new.3 doc/man/man3/SCT_print.3 doc/man/man3/SCT_validate.3 doc/man/man3/SHA256_Init.3 doc/man/man3/SMIME_read_ASN1.3 doc/man/man3/SMIME_read_CMS.3 doc/man/man3/SMIME_read_PKCS7.3 doc/man/man3/SMIME_write_ASN1.3 doc/man/man3/SMIME_write_CMS.3 doc/man/man3/SMIME_write_PKCS7.3 doc/man/man3/SRP_Calc_B.3 doc/man/man3/SRP_VBASE_new.3 doc/man/man3/SRP_create_verifier.3 doc/man/man3/SRP_user_pwd_new.3 doc/man/man3/SSL_CIPHER_get_name.3 doc/man/man3/SSL_COMP_add_compression_method.3 doc/man/man3/SSL_CONF_CTX_new.3 doc/man/man3/SSL_CONF_CTX_set1_prefix.3 doc/man/man3/SSL_CONF_CTX_set_flags.3 doc/man/man3/SSL_CONF_CTX_set_ssl_ctx.3 doc/man/man3/SSL_CONF_cmd.3 doc/man/man3/SSL_CONF_cmd_argv.3 doc/man/man3/SSL_CTX_add1_chain_cert.3 doc/man/man3/SSL_CTX_add_extra_chain_cert.3 doc/man/man3/SSL_CTX_add_session.3 doc/man/man3/SSL_CTX_config.3 doc/man/man3/SSL_CTX_ctrl.3 doc/man/man3/SSL_CTX_dane_enable.3 doc/man/man3/SSL_CTX_flush_sessions.3 doc/man/man3/SSL_CTX_free.3 doc/man/man3/SSL_CTX_get0_param.3 doc/man/man3/SSL_CTX_get_verify_mode.3 doc/man/man3/SSL_CTX_has_client_custom_ext.3 doc/man/man3/SSL_CTX_load_verify_locations.3 doc/man/man3/SSL_CTX_new.3 doc/man/man3/SSL_CTX_sess_number.3 doc/man/man3/SSL_CTX_sess_set_cache_size.3 doc/man/man3/SSL_CTX_sess_set_get_cb.3 doc/man/man3/SSL_CTX_sessions.3 doc/man/man3/SSL_CTX_set0_CA_list.3 doc/man/man3/SSL_CTX_set1_curves.3 doc/man/man3/SSL_CTX_set1_sigalgs.3 doc/man/man3/SSL_CTX_set1_verify_cert_store.3 doc/man/man3/SSL_CTX_set_alpn_select_cb.3 doc/man/man3/SSL_CTX_set_cert_cb.3 doc/man/man3/SSL_CTX_set_cert_store.3 doc/man/man3/SSL_CTX_set_cert_verify_callback.3 doc/man/man3/SSL_CTX_set_cipher_list.3 doc/man/man3/SSL_CTX_set_client_cert_cb.3 doc/man/man3/SSL_CTX_set_client_hello_cb.3 doc/man/man3/SSL_CTX_set_ct_validation_callback.3 doc/man/man3/SSL_CTX_set_ctlog_list_file.3 doc/man/man3/SSL_CTX_set_default_passwd_cb.3 doc/man/man3/SSL_CTX_set_generate_session_id.3 doc/man/man3/SSL_CTX_set_info_callback.3 doc/man/man3/SSL_CTX_set_keylog_callback.3 doc/man/man3/SSL_CTX_set_max_cert_list.3 doc/man/man3/SSL_CTX_set_min_proto_version.3 doc/man/man3/SSL_CTX_set_mode.3 doc/man/man3/SSL_CTX_set_msg_callback.3 doc/man/man3/SSL_CTX_set_num_tickets.3 doc/man/man3/SSL_CTX_set_options.3 doc/man/man3/SSL_CTX_set_psk_client_callback.3 doc/man/man3/SSL_CTX_set_quiet_shutdown.3 doc/man/man3/SSL_CTX_set_read_ahead.3 doc/man/man3/SSL_CTX_set_record_padding_callback.3 doc/man/man3/SSL_CTX_set_security_level.3 doc/man/man3/SSL_CTX_set_session_cache_mode.3 doc/man/man3/SSL_CTX_set_session_id_context.3 doc/man/man3/SSL_CTX_set_session_ticket_cb.3 doc/man/man3/SSL_CTX_set_split_send_fragment.3 doc/man/man3/SSL_CTX_set_srp_password.3 doc/man/man3/SSL_CTX_set_ssl_version.3 doc/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3 doc/man/man3/SSL_CTX_set_timeout.3 doc/man/man3/SSL_CTX_set_tlsext_servername_callback.3 doc/man/man3/SSL_CTX_set_tlsext_status_cb.3 doc/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3 doc/man/man3/SSL_CTX_set_tlsext_use_srtp.3 doc/man/man3/SSL_CTX_set_tmp_dh_callback.3 doc/man/man3/SSL_CTX_set_tmp_ecdh.3 doc/man/man3/SSL_CTX_set_verify.3 doc/man/man3/SSL_CTX_use_certificate.3 doc/man/man3/SSL_CTX_use_psk_identity_hint.3 doc/man/man3/SSL_CTX_use_serverinfo.3 doc/man/man3/SSL_SESSION_free.3 doc/man/man3/SSL_SESSION_get0_cipher.3 doc/man/man3/SSL_SESSION_get0_hostname.3 doc/man/man3/SSL_SESSION_get0_id_context.3 doc/man/man3/SSL_SESSION_get0_peer.3 doc/man/man3/SSL_SESSION_get_compress_id.3 doc/man/man3/SSL_SESSION_get_protocol_version.3 doc/man/man3/SSL_SESSION_get_time.3 doc/man/man3/SSL_SESSION_has_ticket.3 doc/man/man3/SSL_SESSION_is_resumable.3 doc/man/man3/SSL_SESSION_print.3 doc/man/man3/SSL_SESSION_set1_id.3 doc/man/man3/SSL_accept.3 doc/man/man3/SSL_alert_type_string.3 doc/man/man3/SSL_alloc_buffers.3 doc/man/man3/SSL_check_chain.3 doc/man/man3/SSL_clear.3 doc/man/man3/SSL_connect.3 doc/man/man3/SSL_do_handshake.3 doc/man/man3/SSL_export_keying_material.3 doc/man/man3/SSL_extension_supported.3 doc/man/man3/SSL_free.3 doc/man/man3/SSL_get0_peer_scts.3 doc/man/man3/SSL_get_SSL_CTX.3 doc/man/man3/SSL_get_all_async_fds.3 doc/man/man3/SSL_get_ciphers.3 doc/man/man3/SSL_get_client_random.3 doc/man/man3/SSL_get_current_cipher.3 doc/man/man3/SSL_get_default_timeout.3 doc/man/man3/SSL_get_error.3 doc/man/man3/SSL_get_extms_support.3 doc/man/man3/SSL_get_fd.3 doc/man/man3/SSL_get_peer_cert_chain.3 doc/man/man3/SSL_get_peer_certificate.3 doc/man/man3/SSL_get_peer_signature_nid.3 doc/man/man3/SSL_get_peer_tmp_key.3 doc/man/man3/SSL_get_psk_identity.3 doc/man/man3/SSL_get_rbio.3 doc/man/man3/SSL_get_session.3 doc/man/man3/SSL_get_shared_sigalgs.3 doc/man/man3/SSL_get_verify_result.3 doc/man/man3/SSL_get_version.3 doc/man/man3/SSL_in_init.3 doc/man/man3/SSL_key_update.3 doc/man/man3/SSL_library_init.3 doc/man/man3/SSL_load_client_CA_file.3 doc/man/man3/SSL_new.3 doc/man/man3/SSL_pending.3 doc/man/man3/SSL_read.3 doc/man/man3/SSL_read_early_data.3 doc/man/man3/SSL_rstate_string.3 doc/man/man3/SSL_session_reused.3 doc/man/man3/SSL_set1_host.3 doc/man/man3/SSL_set_async_callback.3 doc/man/man3/SSL_set_bio.3 doc/man/man3/SSL_set_connect_state.3 doc/man/man3/SSL_set_fd.3 doc/man/man3/SSL_set_session.3 doc/man/man3/SSL_set_shutdown.3 doc/man/man3/SSL_set_verify_result.3 doc/man/man3/SSL_shutdown.3 doc/man/man3/SSL_state_string.3 doc/man/man3/SSL_want.3 doc/man/man3/SSL_write.3 doc/man/man3/TS_VERIFY_CTX_set_certs.3 doc/man/man3/UI_STRING.3 doc/man/man3/UI_UTIL_read_pw.3 doc/man/man3/UI_create_method.3 doc/man/man3/UI_new.3 doc/man/man3/X509V3_get_d2i.3 doc/man/man3/X509_ALGOR_dup.3 doc/man/man3/X509_CRL_get0_by_serial.3 doc/man/man3/X509_EXTENSION_set_object.3 doc/man/man3/X509_LOOKUP.3 doc/man/man3/X509_LOOKUP_hash_dir.3 doc/man/man3/X509_LOOKUP_meth_new.3 doc/man/man3/X509_NAME_ENTRY_get_object.3 doc/man/man3/X509_NAME_add_entry_by_txt.3 doc/man/man3/X509_NAME_get0_der.3 doc/man/man3/X509_NAME_get_index_by_NID.3 doc/man/man3/X509_NAME_print_ex.3 doc/man/man3/X509_PUBKEY_new.3 doc/man/man3/X509_SIG_get0.3 doc/man/man3/X509_STORE_CTX_get_error.3 doc/man/man3/X509_STORE_CTX_new.3 doc/man/man3/X509_STORE_CTX_set_verify_cb.3 doc/man/man3/X509_STORE_add_cert.3 doc/man/man3/X509_STORE_get0_param.3 doc/man/man3/X509_STORE_new.3 doc/man/man3/X509_STORE_set_verify_cb_func.3 doc/man/man3/X509_VERIFY_PARAM_set_flags.3 doc/man/man3/X509_add_cert.3 doc/man/man3/X509_check_ca.3 doc/man/man3/X509_check_host.3 doc/man/man3/X509_check_issued.3 doc/man/man3/X509_check_private_key.3 doc/man/man3/X509_check_purpose.3 doc/man/man3/X509_cmp.3 doc/man/man3/X509_cmp_time.3 doc/man/man3/X509_digest.3 doc/man/man3/X509_dup.3 doc/man/man3/X509_get0_distinguishing_id.3 doc/man/man3/X509_get0_notBefore.3 doc/man/man3/X509_get0_signature.3 doc/man/man3/X509_get0_uids.3 doc/man/man3/X509_get_extension_flags.3 doc/man/man3/X509_get_pubkey.3 doc/man/man3/X509_get_serialNumber.3 doc/man/man3/X509_get_subject_name.3 doc/man/man3/X509_get_version.3 doc/man/man3/X509_load_http.3 doc/man/man3/X509_new.3 doc/man/man3/X509_sign.3 doc/man/man3/X509_verify.3 doc/man/man3/X509_verify_cert.3 doc/man/man3/X509v3_get_ext_by_NID.3 doc/man/man3/d2i_DHparams.3 doc/man/man3/d2i_PKCS8PrivateKey_bio.3 doc/man/man3/d2i_PrivateKey.3 doc/man/man3/d2i_SSL_SESSION.3 doc/man/man3/d2i_X509.3 doc/man/man3/i2d_CMS_bio_stream.3 doc/man/man3/i2d_PKCS7_bio_stream.3 doc/man/man3/i2d_re_X509_tbs.3 doc/man/man3/o2i_SCT_LIST.3 doc/man/man3/s2i_ASN1_IA5STRING.3 doc/man/man5/config.5 doc/man/man5/fips_config.5 doc/man/man5/x509v3_config.5 doc/man/man7/EVP_KDF-HKDF.7 doc/man/man7/EVP_KDF-KB.7 doc/man/man7/EVP_KDF-KRB5KDF.7 doc/man/man7/EVP_KDF-PBKDF2.7 doc/man/man7/EVP_KDF-PKCS12KDF.7 doc/man/man7/EVP_KDF-SCRYPT.7 doc/man/man7/EVP_KDF-SS.7 doc/man/man7/EVP_KDF-SSHKDF.7 doc/man/man7/EVP_KDF-TLS1_PRF.7 doc/man/man7/EVP_KDF-X942.7 doc/man/man7/EVP_KDF-X963.7 doc/man/man7/EVP_KEYEXCH-DH.7 doc/man/man7/EVP_KEYEXCH-ECDH.7 doc/man/man7/EVP_KEYEXCH-X25519.7 doc/man/man7/EVP_MAC-BLAKE2.7 doc/man/man7/EVP_MAC-CMAC.7 doc/man/man7/EVP_MAC-GMAC.7 doc/man/man7/EVP_MAC-HMAC.7 doc/man/man7/EVP_MAC-KMAC.7 doc/man/man7/EVP_MAC-Poly1305.7 doc/man/man7/EVP_MAC-Siphash.7 doc/man/man7/EVP_MD-BLAKE2.7 doc/man/man7/EVP_MD-MD2.7 doc/man/man7/EVP_MD-MD4.7 doc/man/man7/EVP_MD-MD5-SHA1.7 doc/man/man7/EVP_MD-MD5.7 doc/man/man7/EVP_MD-MDC2.7 doc/man/man7/EVP_MD-RIPEMD160.7 doc/man/man7/EVP_MD-SHA1.7 doc/man/man7/EVP_MD-SHA2.7 doc/man/man7/EVP_MD-SHA3.7 doc/man/man7/EVP_MD-SHAKE.7 doc/man/man7/EVP_MD-SM3.7 doc/man/man7/EVP_MD-WHIRLPOOL.7 doc/man/man7/EVP_MD-common.7 doc/man/man7/EVP_PKEY-DH.7 doc/man/man7/EVP_PKEY-DSA.7 doc/man/man7/EVP_PKEY-EC.7 doc/man/man7/EVP_PKEY-FFC.7 doc/man/man7/EVP_PKEY-RSA.7 doc/man/man7/EVP_PKEY-X25519.7 doc/man/man7/EVP_RAND-CTR-DRBG.7 doc/man/man7/EVP_RAND-HASH-DRBG.7 doc/man/man7/EVP_RAND-HMAC-DRBG.7 doc/man/man7/EVP_RAND-TEST-RAND.7 doc/man/man7/EVP_RAND.7 doc/man/man7/EVP_SIGNATURE-DSA.7 doc/man/man7/EVP_SIGNATURE-ECDSA.7 doc/man/man7/EVP_SIGNATURE-ED25519.7 doc/man/man7/EVP_SIGNATURE-RSA.7 doc/man/man7/OSSL_PROVIDER-FIPS.7 doc/man/man7/OSSL_PROVIDER-base.7 doc/man/man7/OSSL_PROVIDER-default.7 doc/man/man7/OSSL_PROVIDER-legacy.7 doc/man/man7/OSSL_PROVIDER-null.7 doc/man/man7/RAND.7 doc/man/man7/RSA-PSS.7 doc/man/man7/SM2.7 doc/man/man7/X25519.7 doc/man/man7/bio.7 doc/man/man7/crypto.7 doc/man/man7/ct.7 doc/man/man7/des_modes.7 doc/man/man7/evp.7 doc/man/man7/openssl-core.h.7 doc/man/man7/openssl-core_dispatch.h.7 doc/man/man7/openssl-core_names.h.7 doc/man/man7/openssl-env.7 doc/man/man7/openssl_user_macros.7 doc/man/man7/ossl_store-file.7 doc/man/man7/ossl_store.7 doc/man/man7/passphrase-encoding.7 doc/man/man7/property.7 doc/man/man7/provider-asym_cipher.7 doc/man/man7/provider-base.7 doc/man/man7/provider-cipher.7 doc/man/man7/provider-digest.7 doc/man/man7/provider-encoder.7 doc/man/man7/provider-keyexch.7 doc/man/man7/provider-keymgmt.7 doc/man/man7/provider-mac.7 doc/man/man7/provider-rand.7 doc/man/man7/provider-signature.7 doc/man/man7/provider.7 doc/man/man7/proxy-certificates.7 doc/man/man7/ssl.7 doc/man/man7/x509.7
rm -f apps/openssl fuzz/asn1-test fuzz/asn1parse-test fuzz/bignum-test fuzz/bndiv-test fuzz/client-test fuzz/cmp-test fuzz/cms-test fuzz/conf-test fuzz/crl-test fuzz/ct-test fuzz/server-test fuzz/x509-test test/aborttest test/acvp_test test/aesgcmtest test/afalgtest test/asn1_decode_test test/asn1_dsa_internal_test test/asn1_encode_test test/asn1_internal_test test/asn1_string_table_test test/asn1_time_test test/asynciotest test/asynctest test/bad_dtls_test test/bftest test/bio_callback_test test/bio_enc_test test/bio_memleak_test test/bio_prefix_text test/bioprinttest test/bn_internal_test test/bntest test/buildtest_c_aes test/buildtest_c_asn1 test/buildtest_c_asn1t test/buildtest_c_async test/buildtest_c_bio test/buildtest_c_blowfish test/buildtest_c_bn test/buildtest_c_buffer test/buildtest_c_camellia test/buildtest_c_cast test/buildtest_c_cmac test/buildtest_c_cmp test/buildtest_c_cmp_util test/buildtest_c_cms test/buildtest_c_comp test/buildtest_c_conf test/buildtest_c_conf_api test/buildtest_c_core test/buildtest_c_core_dispatch test/buildtest_c_core_names test/buildtest_c_crmf test/buildtest_c_crypto test/buildtest_c_ct test/buildtest_c_decoder test/buildtest_c_des test/buildtest_c_dh test/buildtest_c_dsa test/buildtest_c_dtls1 test/buildtest_c_e_os2 test/buildtest_c_ebcdic test/buildtest_c_ec test/buildtest_c_ecdh test/buildtest_c_ecdsa test/buildtest_c_encoder test/buildtest_c_engine test/buildtest_c_ess test/buildtest_c_evp test/buildtest_c_fips_names test/buildtest_c_hmac test/buildtest_c_http test/buildtest_c_idea test/buildtest_c_kdf test/buildtest_c_lhash test/buildtest_c_macros test/buildtest_c_md4 test/buildtest_c_md5 test/buildtest_c_mdc2 test/buildtest_c_modes test/buildtest_c_obj_mac test/buildtest_c_objects test/buildtest_c_ocsp test/buildtest_c_ossl_typ test/buildtest_c_param_build test/buildtest_c_params test/buildtest_c_pem test/buildtest_c_pem2 test/buildtest_c_pkcs12 test/buildtest_c_pkcs7 test/buildtest_c_provider test/buildtest_c_rand test/buildtest_c_rc2 test/buildtest_c_rc4 test/buildtest_c_ripemd test/buildtest_c_rsa test/buildtest_c_safestack test/buildtest_c_seed test/buildtest_c_self_test test/buildtest_c_sha test/buildtest_c_srp test/buildtest_c_srtp test/buildtest_c_ssl test/buildtest_c_ssl2 test/buildtest_c_stack test/buildtest_c_store test/buildtest_c_symhacks test/buildtest_c_tls1 test/buildtest_c_ts test/buildtest_c_txt_db test/buildtest_c_types test/buildtest_c_ui test/buildtest_c_whrlpool test/buildtest_c_x509 test/buildtest_c_x509_vfy test/buildtest_c_x509v3 test/casttest test/chacha_internal_test test/cipher_overhead_test test/cipherbytes_test test/cipherlist_test test/ciphername_test test/clienthellotest test/cmactest test/cmp_asn_test test/cmp_client_test test/cmp_ctx_test test/cmp_hdr_test test/cmp_msg_test test/cmp_protect_test test/cmp_server_test test/cmp_status_test test/cmp_vfy_test test/cmsapitest test/conf_include_test test/confdump test/constant_time_test test/context_internal_test test/crltest test/ct_test test/ctype_internal_test test/curve448_internal_test test/d2i_test test/danetest test/defltfips_test test/destest test/dhtest test/drbgtest test/dsa_no_digest_size_test test/dsatest test/dtls_mtu_test test/dtlstest test/dtlsv1listentest test/ec_internal_test test/ecdsatest test/ecstresstest test/ectest test/endecode_test test/enginetest test/errtest test/evp_extra_test test/evp_extra_test2 test/evp_fetch_prov_test test/evp_kdf_test test/evp_libctx_test test/evp_pkey_dparams_test test/evp_pkey_provided_test test/evp_test test/exdatatest test/exptest test/fatalerrtest test/ffc_internal_test test/gmdifftest test/gosttest test/hexstr_test test/hmactest test/http_test test/ideatest test/igetest test/keymgmt_internal_test test/lhash_test test/mdc2_internal_test test/mdc2test test/memleaktest test/modes_internal_test test/namemap_internal_test test/ocspapitest test/packettest test/param_build_test test/params_api_test test/params_conversion_test test/params_test test/pbelutest test/pemtest test/pkcs12_format_test test/pkey_meth_kdf_test test/pkey_meth_test test/poly1305_internal_test test/property_test test/provider_fallback_test test/provider_internal_test test/provider_status_test test/provider_test test/rc2test test/rc4test test/rc5test test/rdrand_sanitytest test/recordlentest test/rsa_complex test/rsa_mp_test test/rsa_sp800_56b_test test/rsa_test test/sanitytest test/secmemtest test/servername_test test/shlibloadtest test/siphash_internal_test test/sm2_internal_test test/sm4_internal_test test/sparse_array_test test/srptest test/ssl_cert_table_internal_test test/ssl_ctx_test test/ssl_test test/ssl_test_ctx_test test/sslapitest test/sslbuffertest test/sslcorrupttest test/ssltest_old test/stack_test test/sysdefaulttest test/test_test test/threadstest test/time_offset_test test/tls13ccstest test/tls13encryptiontest test/tls13secretstest test/uitest test/v3ext test/v3nametest test/verify_extra_test test/versions test/wpackettest test/x509_check_cert_pkey_test test/x509_dup_cert_test test/x509_internal_test test/x509_time_test test/x509aux  engines/afalg.so engines/capi.so engines/dasync.so engines/ossltest.so engines/padlock.so providers/fips.so providers/legacy.so test/p_test.so apps/CA.pl apps/tsget.pl tools/c_rehash util/shlib_wrap.sh
rm -f doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod include/crypto/bn_conf.h include/crypto/dso_conf.h include/openssl/configuration.h include/openssl/fipskey.h include/openssl/opensslv.h test/provider_internal_test.cnf apps/CA.pl apps/progs.c apps/progs.h apps/tsget.pl crypto/aes/aes-x86_64.s crypto/aes/aesni-mb-x86_64.s crypto/aes/aesni-sha1-x86_64.s crypto/aes/aesni-sha256-x86_64.s crypto/aes/aesni-x86_64.s crypto/aes/bsaes-x86_64.s crypto/aes/vpaes-x86_64.s crypto/bn/rsaz-avx2.s crypto/bn/rsaz-x86_64.s crypto/bn/x86_64-gf2m.s crypto/bn/x86_64-mont.s crypto/bn/x86_64-mont5.s crypto/buildinf.h crypto/camellia/cmll-x86_64.s crypto/chacha/chacha-x86_64.s crypto/ec/ecp_nistz256-x86_64.s crypto/ec/x25519-x86_64.s crypto/md5/md5-x86_64.s crypto/modes/aesni-gcm-x86_64.s crypto/modes/ghash-x86_64.s crypto/poly1305/poly1305-x86_64.s crypto/rc4/rc4-md5-x86_64.s crypto/rc4/rc4-x86_64.s crypto/sha/keccak1600-x86_64.s crypto/sha/sha1-mb-x86_64.s crypto/sha/sha1-x86_64.s crypto/sha/sha256-mb-x86_64.s crypto/sha/sha256-x86_64.s crypto/sha/sha512-x86_64.s crypto/whrlpool/wp-x86_64.s crypto/x86_64cpuid.s doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod engines/afalg.ld engines/capi.ld engines/dasync.ld engines/e_padlock-x86_64.s engines/ossltest.ld engines/padlock.ld libcrypto.ld libssl.ld providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_rsa_gen.c providers/common/der/der_wrap_gen.c providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_wrap.h providers/fips.ld providers/legacy.ld test/buildtest_aes.c test/buildtest_asn1.c test/buildtest_asn1t.c test/buildtest_async.c test/buildtest_bio.c test/buildtest_blowfish.c test/buildtest_bn.c test/buildtest_buffer.c test/buildtest_camellia.c test/buildtest_cast.c test/buildtest_cmac.c test/buildtest_cmp.c test/buildtest_cmp_util.c test/buildtest_cms.c test/buildtest_comp.c test/buildtest_conf.c test/buildtest_conf_api.c test/buildtest_core.c test/buildtest_core_dispatch.c test/buildtest_core_names.c test/buildtest_crmf.c test/buildtest_crypto.c test/buildtest_ct.c test/buildtest_decoder.c test/buildtest_des.c test/buildtest_dh.c test/buildtest_dsa.c test/buildtest_dtls1.c test/buildtest_e_os2.c test/buildtest_ebcdic.c test/buildtest_ec.c test/buildtest_ecdh.c test/buildtest_ecdsa.c test/buildtest_encoder.c test/buildtest_engine.c test/buildtest_ess.c test/buildtest_evp.c test/buildtest_fips_names.c test/buildtest_hmac.c test/buildtest_http.c test/buildtest_idea.c test/buildtest_kdf.c test/buildtest_lhash.c test/buildtest_macros.c test/buildtest_md4.c test/buildtest_md5.c test/buildtest_mdc2.c test/buildtest_modes.c test/buildtest_obj_mac.c test/buildtest_objects.c test/buildtest_ocsp.c test/buildtest_ossl_typ.c test/buildtest_param_build.c test/buildtest_params.c test/buildtest_pem.c test/buildtest_pem2.c test/buildtest_pkcs12.c test/buildtest_pkcs7.c test/buildtest_provider.c test/buildtest_rand.c test/buildtest_rc2.c test/buildtest_rc4.c test/buildtest_ripemd.c test/buildtest_rsa.c test/buildtest_safestack.c test/buildtest_seed.c test/buildtest_self_test.c test/buildtest_sha.c test/buildtest_srp.c test/buildtest_srtp.c test/buildtest_ssl.c test/buildtest_ssl2.c test/buildtest_stack.c test/buildtest_store.c test/buildtest_symhacks.c test/buildtest_tls1.c test/buildtest_ts.c test/buildtest_txt_db.c test/buildtest_types.c test/buildtest_ui.c test/buildtest_whrlpool.c test/buildtest_x509.c test/buildtest_x509_vfy.c test/buildtest_x509v3.c test/p_test.ld tools/c_rehash util/shlib_wrap.sh
rm -f `find . -name '*.d' \! -name '.*' \! -type d -print`
rm -f `find . -name '*.o' \! -name '.*' \! -type d -print`
rm -f core
rm -f tags TAGS doc-nits cmd-nits md-nits
rm -f -r test/test-runs
rm -f openssl.pc libcrypto.pc libssl.pc
rm -f `find . -type l \! -name '.*' -print`
rm -f ../openssl-3.0.0-alpha7-dev.tar
$ make depend
$ LDCMD= make -j4
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-asn1parse.pod.in > doc/man1/openssl-asn1parse.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ca.pod.in > doc/man1/openssl-ca.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ciphers.pod.in > doc/man1/openssl-ciphers.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmds.pod.in > doc/man1/openssl-cmds.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmp.pod.in > doc/man1/openssl-cmp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cms.pod.in > doc/man1/openssl-cms.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl.pod.in > doc/man1/openssl-crl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-provider.pod.in > doc/man1/openssl-provider.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf
make depend && make _build_sw
make[1]: Entering directory '/home/openssl/run-checker/no-posix-io'
make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io'
make[1]: Entering directory '/home/openssl/run-checker/no-posix-io'
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c
../openssl/apps/lib/http_server.c:27:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations]
int multi = 0; /* run multiple responder processes */
    ^
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c
1 error generated.
Makefile:4161: recipe for target 'apps/lib/libapps-lib-http_server.o' failed
make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io'
Makefile:3131: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From openssl at openssl.org  Tue Aug 25 06:55:41 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 25 Aug 2020 06:55:41 +0000
Subject: FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-rc2
Message-ID: <1598338541.958537.11527.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-rc2

Commit log since last time:

05ead00065 run_tests.pl: Add warning that HARNESS_JOBS > 1 overrides HARNESS_VERBOSE
1acb2e6f35 Fix CMS so that it still works with non fetchable algorithms.
eed12622fa Windows get ENV value as UTF-8 encoded string instead of a raw string
c0f39ded68 Add Explicit EC parameter support to providers.
a02c715c18 Clean away some declarations
93ec4f8f09 Remove the OSSL_SERIALIZER / OSSL_DESERIALIZER renaming scripts
ece9304c96 Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
f650993f1d Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
5a7734cd02 Add libctx/provider support to cmp_msg_test
4561f15fdb Add libctx/provider support to cmp_protect_test
bdd6784fdd Add libctx/provider support to cmp_vfy_test
b0248cbc3e Add libctx/provider support to cmp_client_test
6d1f50b520 Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt
cac30a69bc cmp_msg.c: Copy libctx and propq of CMP_CTX to newly enrolled certificate
28e9f62b2d cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc
1930b58642 cmp_hdr.c: Adapt ossl_cmp_hdr_init() to use OPENSSL_CTX for random number generation
2300083887 crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails
ab28b59064 Add libctx/provider support to cmp_server_test
97e00da902 Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its doc
1a7cd250ad Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_mock_srv_new()
7b1a3a5062 cmp_vfy.c: Fix bug: must verify msg signature also in 3GPP mode
cef3a008a6 Update CMP header file references in internal CMP documentation
ded346fad2 Add libctx and propq param to ASN.1 sign/verify/HMAC/decrypt
4cdf44c46b x_x509.c: Simplify X509_new_with_libctx() using x509_set0_libctx()
09c2e26e64 Re-word null->empty property; improve iteration.count example in property.pod
1bb6f70da3 testutil: Add provider.c with test_get_libctx(), to use at least for SSL and CMP
06cee80a84 testutil: Make SETUP_TEST_FIXTURE return 0 on fixture == NULL
1a7ceb6c74 Correct the #define's of EVP_PKEY_CTRL_SET1_ID and EVP_PKEY_CTRL_GET1_ID{,_LEN}
bc03cfadc4 Add prerequisite #include directives to include/crypto/x509.h
de3713d492 Make sure x509v3_cache_extensions() does not modify the error queue
be63e58732 Fix incorrect selection flags for ec serializer.
8ca6c6669f Test mte with stitched ciphersuites in TLSv1.0
a361cb841d Fix stitched ciphersuites in TLS1.0
2a33470b4f Make better use of new load_cert_pass() variant of load_cert() in apps/
b3c5aadf4c apps: make use of OSSL_STORE for generalized certs and CRLs loading
ed4faae00c Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8}
5f2b7db09b TEST: Use PEM_read_bio_PUBKEY_ex() and PEM_read_bio_PrivateKey_ex()
6e5ccd58c8 PEM: Add more library context aware PEM readers
2274d22d39 STORE: Distinguish public keys from private keys
6cc1dfca88 PROV: Fix DSA and DH private key serializers
22b814443e X509: Add d2i_PUBKEY_ex(), which take a libctx and propq
3b1fd0b003 cmp: handle error return from OBJ_obj2txt()
ffcdb24b13 pkeyutil: check return value reading password
16486f6332 PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider
26a8f2ac95 RSA: Fix rsa_todata() to only add params for existing data
e6ed04a9dc TEST: separate out NIST ECC tests from non-NIST
a24b510c28 EVP: Have evp_pkey_cmp_any() detect if export wasn't possible

Build log ended with (last 100 lines):

70-test_sslextension.t ............. ok
70-test_sslmessages.t .............. ok
70-test_sslrecords.t ............... ok
70-test_sslsessiontick.t ........... ok
70-test_sslsigalgs.t ............... ok
70-test_sslsignature.t ............. ok
70-test_sslskewith0p.t ............. ok
70-test_sslversions.t .............. ok
70-test_sslvertol.t ................ ok
70-test_tls13alerts.t .............. ok
70-test_tls13cookie.t .............. ok
70-test_tls13downgrade.t ........... ok
70-test_tls13hrr.t ................. ok
70-test_tls13kexmodes.t ............ ok
70-test_tls13messages.t ............ ok
70-test_tls13psk.t ................. ok
70-test_tlsextms.t ................. ok
70-test_verify_extra.t ............. ok
70-test_wpacket.t .................. ok
71-test_ssl_ctx.t .................. ok
80-test_ca.t ....................... ok
80-test_cipherbytes.t .............. ok
80-test_cipherlist.t ............... ok
80-test_ciphername.t ............... ok

# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... ok
80-test_dtls_mtu.t ................. ok
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok

Could not read any cert of input certificates from ../../../openssl/test/certs/v3-certs-RC2.p12
C0F01CE9357F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:
C0F01CE9357F0000:error::PKCS12 routines:PKCS12_pbe_crypt:pkcs12 algor cipherinit error:../openssl/crypto/pkcs12/p12_decr.c:37:
C0F01CE9357F0000:error::PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe crypt error:../openssl/crypto/pkcs12/p12_decr.c:90:
C0F01CE9357F0000:error::PKCS12 routines:PKCS12_parse:parse error:../openssl/crypto/pkcs12/p12_kiss.c:87:
../../util/wrap.pl ../../apps/openssl pkcs12 -export -in ../../../openssl/test/certs/v3-certs-RC2.p12 -passin 'pass:v3-certs' -provider default -provider legacy -nokeys -passout 'pass:v3-certs' -descert -out tmp.p12 => 1
not ok 4 - test_pkcs12_passcert
# ------------------------------------------------------------------------------
#   Failed test 'test_pkcs12_passcert'
#   at ../openssl/test/recipes/80-test_pkcs12.t line 85.
# Looks like you failed 1 test of 4.80-test_pkcs12.t ................... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/4 subtests 
80-test_ssl_new.t .................. ok
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_pkcs12.t                 (Wstat: 256 Tests: 4 Failed: 1)
  Failed test:  4
  Non-zero exit status: 1
Files=209, Tests=3309, 901 wallclock secs (14.01 usr  1.34 sys + 818.78 cusr 64.51 csys = 898.64 CPU)
Result: FAIL
Makefile:3164: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-rc2'
Makefile:3162: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Tue Aug 25 08:18:11 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Tue, 25 Aug 2020 08:18:11 +0000
Subject: Build completed: openssl master.36398
Message-ID: <20200825081811.1.F3400281D1D9CF70@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200825/05909fb7/attachment.html>

From openssl at openssl.org  Tue Aug 25 11:14:12 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 25 Aug 2020 11:14:12 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-sock
Message-ID: <1598354052.809104.23357.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-sock

Commit log since last time:

05ead00065 run_tests.pl: Add warning that HARNESS_JOBS > 1 overrides HARNESS_VERBOSE
1acb2e6f35 Fix CMS so that it still works with non fetchable algorithms.
eed12622fa Windows get ENV value as UTF-8 encoded string instead of a raw string
c0f39ded68 Add Explicit EC parameter support to providers.
a02c715c18 Clean away some declarations
93ec4f8f09 Remove the OSSL_SERIALIZER / OSSL_DESERIALIZER renaming scripts
ece9304c96 Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
f650993f1d Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
5a7734cd02 Add libctx/provider support to cmp_msg_test
4561f15fdb Add libctx/provider support to cmp_protect_test
bdd6784fdd Add libctx/provider support to cmp_vfy_test
b0248cbc3e Add libctx/provider support to cmp_client_test
6d1f50b520 Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt
cac30a69bc cmp_msg.c: Copy libctx and propq of CMP_CTX to newly enrolled certificate
28e9f62b2d cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc
1930b58642 cmp_hdr.c: Adapt ossl_cmp_hdr_init() to use OPENSSL_CTX for random number generation
2300083887 crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails
ab28b59064 Add libctx/provider support to cmp_server_test
97e00da902 Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its doc
1a7cd250ad Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_mock_srv_new()
7b1a3a5062 cmp_vfy.c: Fix bug: must verify msg signature also in 3GPP mode
cef3a008a6 Update CMP header file references in internal CMP documentation
ded346fad2 Add libctx and propq param to ASN.1 sign/verify/HMAC/decrypt
4cdf44c46b x_x509.c: Simplify X509_new_with_libctx() using x509_set0_libctx()
09c2e26e64 Re-word null->empty property; improve iteration.count example in property.pod
1bb6f70da3 testutil: Add provider.c with test_get_libctx(), to use at least for SSL and CMP
06cee80a84 testutil: Make SETUP_TEST_FIXTURE return 0 on fixture == NULL
1a7ceb6c74 Correct the #define's of EVP_PKEY_CTRL_SET1_ID and EVP_PKEY_CTRL_GET1_ID{,_LEN}
bc03cfadc4 Add prerequisite #include directives to include/crypto/x509.h
de3713d492 Make sure x509v3_cache_extensions() does not modify the error queue
be63e58732 Fix incorrect selection flags for ec serializer.
8ca6c6669f Test mte with stitched ciphersuites in TLSv1.0
a361cb841d Fix stitched ciphersuites in TLS1.0
2a33470b4f Make better use of new load_cert_pass() variant of load_cert() in apps/
b3c5aadf4c apps: make use of OSSL_STORE for generalized certs and CRLs loading
ed4faae00c Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8}
5f2b7db09b TEST: Use PEM_read_bio_PUBKEY_ex() and PEM_read_bio_PrivateKey_ex()
6e5ccd58c8 PEM: Add more library context aware PEM readers
2274d22d39 STORE: Distinguish public keys from private keys
6cc1dfca88 PROV: Fix DSA and DH private key serializers
22b814443e X509: Add d2i_PUBKEY_ex(), which take a libctx and propq
3b1fd0b003 cmp: handle error return from OBJ_obj2txt()
ffcdb24b13 pkeyutil: check return value reading password
16486f6332 PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider
26a8f2ac95 RSA: Fix rsa_todata() to only add params for existing data
e6ed04a9dc TEST: separate out NIST ECC tests from non-NIST
a24b510c28 EVP: Have evp_pkey_cmp_any() detect if export wasn't possible

Build log ended with (last 100 lines):

rm -f apps/openssl fuzz/asn1-test fuzz/asn1parse-test fuzz/bignum-test fuzz/bndiv-test fuzz/client-test fuzz/cmp-test fuzz/cms-test fuzz/conf-test fuzz/crl-test fuzz/ct-test fuzz/server-test fuzz/x509-test test/aborttest test/acvp_test test/aesgcmtest test/afalgtest test/asn1_decode_test test/asn1_dsa_internal_test test/asn1_encode_test test/asn1_internal_test test/asn1_string_table_test test/asn1_time_test test/asynciotest test/asynctest test/bad_dtls_test test/bftest test/bio_callback_test test/bio_enc_test test/bio_memleak_test test/bio_prefix_text test/bioprinttest test/bn_internal_test test/bntest test/buildtest_c_aes test/buildtest_c_asn1 test/buildtest_c_asn1t test/buildtest_c_async test/buildtest_c_bio test/buildtest_c_blowfish test/buildtest_c_bn test/buildtest_c_buffer test/buildtest_c_camellia test/buildtest_c_cast test/buildtest_c_cmac test/buildtest_c_cmp test/buildtest_c_cmp_util test/buildtest_c_cms test/buildtest_c_comp test/buildtest_c_conf test/buildtest_c_conf_api test/buildtest_c_core test/buildtest_c_core_dispatch test/buildtest_c_core_names test/buildtest_c_crmf test/buildtest_c_crypto test/buildtest_c_ct test/buildtest_c_decoder test/buildtest_c_des test/buildtest_c_dh test/buildtest_c_dsa test/buildtest_c_e_os2 test/buildtest_c_ebcdic test/buildtest_c_ec test/buildtest_c_ecdh test/buildtest_c_ecdsa test/buildtest_c_encoder test/buildtest_c_engine test/buildtest_c_ess test/buildtest_c_evp test/buildtest_c_fips_names test/buildtest_c_hmac test/buildtest_c_http test/buildtest_c_idea test/buildtest_c_kdf test/buildtest_c_lhash test/buildtest_c_macros test/buildtest_c_md4 test/buildtest_c_md5 test/buildtest_c_mdc2 test/buildtest_c_modes test/buildtest_c_obj_mac test/buildtest_c_objects test/buildtest_c_ocsp test/buildtest_c_ossl_typ test/buildtest_c_param_build test/buildtest_c_params test/buildtest_c_pem test/buildtest_c_pem2 test/buildtest_c_pkcs12 test/buildtest_c_pkcs7 test/buildtest_c_provider test/buildtest_c_rand test/buildtest_c_rc2 test/buildtest_c_rc4 test/buildtest_c_ripemd test/buildtest_c_rsa test/buildtest_c_safestack test/buildtest_c_seed test/buildtest_c_self_test test/buildtest_c_sha test/buildtest_c_srp test/buildtest_c_srtp test/buildtest_c_ssl test/buildtest_c_ssl2 test/buildtest_c_stack test/buildtest_c_store test/buildtest_c_symhacks test/buildtest_c_tls1 test/buildtest_c_ts test/buildtest_c_txt_db test/buildtest_c_types test/buildtest_c_ui test/buildtest_c_whrlpool test/buildtest_c_x509 test/buildtest_c_x509_vfy test/buildtest_c_x509v3 test/casttest test/chacha_internal_test test/cipher_overhead_test test/cipherbytes_test test/cipherlist_test test/ciphername_test test/clienthellotest test/cmactest test/cmp_asn_test test/cmp_client_test test/cmp_ctx_test test/cmp_hdr_test test/cmp_msg_test test/cmp_protect_test test/cmp_server_test test/cmp_status_test test/cmp_vfy_test test/cmsapitest test/conf_include_test test/confdump test/constant_time_test test/context_internal_test test/crltest test/ct_test test/ctype_internal_test test/curve448_internal_test test/d2i_test test/danetest test/defltfips_test test/destest test/dhtest test/drbgtest test/dsa_no_digest_size_test test/dsatest test/dtls_mtu_test test/dtlstest test/dtlsv1listentest test/ec_internal_test test/ecdsatest test/ecstresstest test/ectest test/endecode_test test/enginetest test/errtest test/evp_extra_test test/evp_extra_test2 test/evp_fetch_prov_test test/evp_kdf_test test/evp_libctx_test test/evp_pkey_dparams_test test/evp_pkey_provided_test test/evp_test test/exdatatest test/exptest test/fatalerrtest test/ffc_internal_test test/gmdifftest test/gosttest test/hexstr_test test/hmactest test/http_test test/ideatest test/igetest test/keymgmt_internal_test test/lhash_test test/mdc2_internal_test test/mdc2test test/memleaktest test/modes_internal_test test/namemap_internal_test test/ocspapitest test/packettest test/param_build_test test/params_api_test test/params_conversion_test test/params_test test/pbelutest test/pemtest test/pkcs12_format_test test/pkey_meth_kdf_test test/pkey_meth_test test/poly1305_internal_test test/property_test test/provider_fallback_test test/provider_internal_test test/provider_status_test test/provider_test test/rc2test test/rc4test test/rc5test test/rdrand_sanitytest test/recordlentest test/rsa_complex test/rsa_mp_test test/rsa_sp800_56b_test test/rsa_test test/sanitytest test/secmemtest test/servername_test test/shlibloadtest test/siphash_internal_test test/sm2_internal_test test/sm4_internal_test test/sparse_array_test test/srptest test/ssl_cert_table_internal_test test/ssl_ctx_test test/ssl_test test/ssl_test_ctx_test test/sslapitest test/sslbuffertest test/sslcorrupttest test/ssltest_old test/stack_test test/sysdefaulttest test/test_test test/threadstest test/time_offset_test test/tls13ccstest test/tls13encryptiontest test/tls13secretstest test/uitest test/v3ext test/v3nametest test/verify_extra_test test/versions test/wpackettest test/x509_check_cert_pkey_test test/x509_dup_cert_test test/x509_internal_test test/x509_time_test test/x509aux  engines/afalg.so engines/capi.so engines/dasync.so engines/ossltest.so engines/padlock.so providers/fips.so providers/legacy.so test/p_test.so apps/CA.pl apps/tsget.pl tools/c_rehash util/shlib_wrap.sh
rm -f doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod include/crypto/bn_conf.h include/crypto/dso_conf.h include/openssl/configuration.h include/openssl/fipskey.h include/openssl/opensslv.h test/provider_internal_test.cnf apps/CA.pl apps/progs.c apps/progs.h apps/tsget.pl crypto/aes/aes-x86_64.s crypto/aes/aesni-mb-x86_64.s crypto/aes/aesni-sha1-x86_64.s crypto/aes/aesni-sha256-x86_64.s crypto/aes/aesni-x86_64.s crypto/aes/bsaes-x86_64.s crypto/aes/vpaes-x86_64.s crypto/bn/rsaz-avx2.s crypto/bn/rsaz-x86_64.s crypto/bn/x86_64-gf2m.s crypto/bn/x86_64-mont.s crypto/bn/x86_64-mont5.s crypto/buildinf.h crypto/camellia/cmll-x86_64.s crypto/chacha/chacha-x86_64.s crypto/ec/ecp_nistz256-x86_64.s crypto/ec/x25519-x86_64.s crypto/md5/md5-x86_64.s crypto/modes/aesni-gcm-x86_64.s crypto/modes/ghash-x86_64.s crypto/poly1305/poly1305-x86_64.s crypto/rc4/rc4-md5-x86_64.s crypto/rc4/rc4-x86_64.s crypto/sha/keccak1600-x86_64.s crypto/sha/sha1-mb-x86_64.s crypto/sha/sha1-x86_64.s crypto/sha/sha256-mb-x86_64.s crypto/sha/sha256-x86_64.s crypto/sha/sha512-x86_64.s crypto/whrlpool/wp-x86_64.s crypto/x86_64cpuid.s doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod engines/afalg.ld engines/capi.ld engines/dasync.ld engines/e_padlock-x86_64.s engines/ossltest.ld engines/padlock.ld libcrypto.ld libssl.ld providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_rsa_gen.c providers/common/der/der_wrap_gen.c providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_wrap.h providers/fips.ld providers/legacy.ld test/buildtest_aes.c test/buildtest_asn1.c test/buildtest_asn1t.c test/buildtest_async.c test/buildtest_bio.c test/buildtest_blowfish.c test/buildtest_bn.c test/buildtest_buffer.c test/buildtest_camellia.c test/buildtest_cast.c test/buildtest_cmac.c test/buildtest_cmp.c test/buildtest_cmp_util.c test/buildtest_cms.c test/buildtest_comp.c test/buildtest_conf.c test/buildtest_conf_api.c test/buildtest_core.c test/buildtest_core_dispatch.c test/buildtest_core_names.c test/buildtest_crmf.c test/buildtest_crypto.c test/buildtest_ct.c test/buildtest_decoder.c test/buildtest_des.c test/buildtest_dh.c test/buildtest_dsa.c test/buildtest_e_os2.c test/buildtest_ebcdic.c test/buildtest_ec.c test/buildtest_ecdh.c test/buildtest_ecdsa.c test/buildtest_encoder.c test/buildtest_engine.c test/buildtest_ess.c test/buildtest_evp.c test/buildtest_fips_names.c test/buildtest_hmac.c test/buildtest_http.c test/buildtest_idea.c test/buildtest_kdf.c test/buildtest_lhash.c test/buildtest_macros.c test/buildtest_md4.c test/buildtest_md5.c test/buildtest_mdc2.c test/buildtest_modes.c test/buildtest_obj_mac.c test/buildtest_objects.c test/buildtest_ocsp.c test/buildtest_ossl_typ.c test/buildtest_param_build.c test/buildtest_params.c test/buildtest_pem.c test/buildtest_pem2.c test/buildtest_pkcs12.c test/buildtest_pkcs7.c test/buildtest_provider.c test/buildtest_rand.c test/buildtest_rc2.c test/buildtest_rc4.c test/buildtest_ripemd.c test/buildtest_rsa.c test/buildtest_safestack.c test/buildtest_seed.c test/buildtest_self_test.c test/buildtest_sha.c test/buildtest_srp.c test/buildtest_srtp.c test/buildtest_ssl.c test/buildtest_ssl2.c test/buildtest_stack.c test/buildtest_store.c test/buildtest_symhacks.c test/buildtest_tls1.c test/buildtest_ts.c test/buildtest_txt_db.c test/buildtest_types.c test/buildtest_ui.c test/buildtest_whrlpool.c test/buildtest_x509.c test/buildtest_x509_vfy.c test/buildtest_x509v3.c test/p_test.ld tools/c_rehash util/shlib_wrap.sh
rm -f `find . -name '*.d' \! -name '.*' \! -type d -print`
rm -f `find . -name '*.o' \! -name '.*' \! -type d -print`
rm -f core
rm -f tags TAGS doc-nits cmd-nits md-nits
rm -f -r test/test-runs
rm -f openssl.pc libcrypto.pc libssl.pc
rm -f `find . -type l \! -name '.*' -print`
rm -f ../openssl-3.0.0-alpha7-dev.tar
$ make depend
$ LDCMD= make -j4
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-asn1parse.pod.in > doc/man1/openssl-asn1parse.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ca.pod.in > doc/man1/openssl-ca.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ciphers.pod.in > doc/man1/openssl-ciphers.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmds.pod.in > doc/man1/openssl-cmds.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmp.pod.in > doc/man1/openssl-cmp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cms.pod.in > doc/man1/openssl-cms.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl.pod.in > doc/man1/openssl-crl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-provider.pod.in > doc/man1/openssl-provider.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf
make depend && make _build_sw
make[1]: Entering directory '/home/openssl/run-checker/no-sock'
make[1]: Leaving directory '/home/openssl/run-checker/no-sock'
make[1]: Entering directory '/home/openssl/run-checker/no-sock'
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-s_socket.d.tmp -MT apps/lib/libapps-lib-s_socket.o -c -o apps/lib/libapps-lib-s_socket.o ../openssl/apps/lib/s_socket.c
../openssl/apps/lib/http_server.c:27:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations]
int multi = 0; /* run multiple responder processes */
    ^
1 error generated.
Makefile:4162: recipe for target 'apps/lib/libapps-lib-http_server.o' failed
make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-sock'
Makefile:3132: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From openssl at openssl.org  Tue Aug 25 15:09:38 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 25 Aug 2020 15:09:38 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT
 -fno-sanitize=alignment
Message-ID: <1598368178.868782.14983.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment

Commit log since last time:

05ead00065 run_tests.pl: Add warning that HARNESS_JOBS > 1 overrides HARNESS_VERBOSE
1acb2e6f35 Fix CMS so that it still works with non fetchable algorithms.
eed12622fa Windows get ENV value as UTF-8 encoded string instead of a raw string
c0f39ded68 Add Explicit EC parameter support to providers.
a02c715c18 Clean away some declarations
93ec4f8f09 Remove the OSSL_SERIALIZER / OSSL_DESERIALIZER renaming scripts
ece9304c96 Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
f650993f1d Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
5a7734cd02 Add libctx/provider support to cmp_msg_test
4561f15fdb Add libctx/provider support to cmp_protect_test
bdd6784fdd Add libctx/provider support to cmp_vfy_test
b0248cbc3e Add libctx/provider support to cmp_client_test
6d1f50b520 Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt
cac30a69bc cmp_msg.c: Copy libctx and propq of CMP_CTX to newly enrolled certificate
28e9f62b2d cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc
1930b58642 cmp_hdr.c: Adapt ossl_cmp_hdr_init() to use OPENSSL_CTX for random number generation
2300083887 crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails
ab28b59064 Add libctx/provider support to cmp_server_test
97e00da902 Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its doc
1a7cd250ad Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_mock_srv_new()
7b1a3a5062 cmp_vfy.c: Fix bug: must verify msg signature also in 3GPP mode
cef3a008a6 Update CMP header file references in internal CMP documentation
ded346fad2 Add libctx and propq param to ASN.1 sign/verify/HMAC/decrypt
4cdf44c46b x_x509.c: Simplify X509_new_with_libctx() using x509_set0_libctx()
09c2e26e64 Re-word null->empty property; improve iteration.count example in property.pod
1bb6f70da3 testutil: Add provider.c with test_get_libctx(), to use at least for SSL and CMP
06cee80a84 testutil: Make SETUP_TEST_FIXTURE return 0 on fixture == NULL
1a7ceb6c74 Correct the #define's of EVP_PKEY_CTRL_SET1_ID and EVP_PKEY_CTRL_GET1_ID{,_LEN}
bc03cfadc4 Add prerequisite #include directives to include/crypto/x509.h
de3713d492 Make sure x509v3_cache_extensions() does not modify the error queue
be63e58732 Fix incorrect selection flags for ec serializer.
8ca6c6669f Test mte with stitched ciphersuites in TLSv1.0
a361cb841d Fix stitched ciphersuites in TLS1.0
2a33470b4f Make better use of new load_cert_pass() variant of load_cert() in apps/
b3c5aadf4c apps: make use of OSSL_STORE for generalized certs and CRLs loading
ed4faae00c Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8}
5f2b7db09b TEST: Use PEM_read_bio_PUBKEY_ex() and PEM_read_bio_PrivateKey_ex()
6e5ccd58c8 PEM: Add more library context aware PEM readers
2274d22d39 STORE: Distinguish public keys from private keys
6cc1dfca88 PROV: Fix DSA and DH private key serializers
22b814443e X509: Add d2i_PUBKEY_ex(), which take a libctx and propq
3b1fd0b003 cmp: handle error return from OBJ_obj2txt()
ffcdb24b13 pkeyutil: check return value reading password
16486f6332 PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider
26a8f2ac95 RSA: Fix rsa_todata() to only add params for existing data
e6ed04a9dc TEST: separate out NIST ECC tests from non-NIST
a24b510c28 EVP: Have evp_pkey_cmp_any() detect if export wasn't possible

Build log ended with (last 100 lines):

            # Server sent alert unexpected_message but client received no alert.
            # 40B77600817F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:318:
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1
    not ok 6 - running ssl_test 25-cipher.cnf
# ------------------------------------------------------------------------------
    # Looks like you failed 2 tests of 9.
not ok 26 - Test configuration 25-cipher.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok

        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #2, ECDHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 40B705A79D7F0000:error::SSL routines::excessive message size:../openssl/ssl/statem/statem.c:604:
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #3, DHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 40B705A79D7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 4 - iteration 4
# ------------------------------------------------------------------------------
    not ok 1 - test_ssl_corrupt
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1
not ok 1 - running sslcorrupttest
# ------------------------------------------------------------------------------
#   Failed test 'running sslcorrupttest'
#   at ../openssl/test/recipes/80-test_sslcorrupt.t line 19.
# Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests 
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls_mtu.t               (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  26
  Non-zero exit status: 1
80-test_sslcorrupt.t             (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=209, Tests=3334, 1779 wallclock secs (14.38 usr  1.28 sys + 1685.20 cusr 89.77 csys = 1790.63 CPU)
Result: FAIL
Makefile:3177: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-ubsan'
Makefile:3175: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Tue Aug 25 15:34:47 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 25 Aug 2020 15:34:47 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-ui
Message-ID: <1598369687.062642.433.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ui

Commit log since last time:

05ead00065 run_tests.pl: Add warning that HARNESS_JOBS > 1 overrides HARNESS_VERBOSE
1acb2e6f35 Fix CMS so that it still works with non fetchable algorithms.
eed12622fa Windows get ENV value as UTF-8 encoded string instead of a raw string
c0f39ded68 Add Explicit EC parameter support to providers.
a02c715c18 Clean away some declarations
93ec4f8f09 Remove the OSSL_SERIALIZER / OSSL_DESERIALIZER renaming scripts
ece9304c96 Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
f650993f1d Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
5a7734cd02 Add libctx/provider support to cmp_msg_test
4561f15fdb Add libctx/provider support to cmp_protect_test
bdd6784fdd Add libctx/provider support to cmp_vfy_test
b0248cbc3e Add libctx/provider support to cmp_client_test
6d1f50b520 Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt
cac30a69bc cmp_msg.c: Copy libctx and propq of CMP_CTX to newly enrolled certificate
28e9f62b2d cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc
1930b58642 cmp_hdr.c: Adapt ossl_cmp_hdr_init() to use OPENSSL_CTX for random number generation
2300083887 crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails
ab28b59064 Add libctx/provider support to cmp_server_test
97e00da902 Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its doc
1a7cd250ad Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_mock_srv_new()
7b1a3a5062 cmp_vfy.c: Fix bug: must verify msg signature also in 3GPP mode
cef3a008a6 Update CMP header file references in internal CMP documentation
ded346fad2 Add libctx and propq param to ASN.1 sign/verify/HMAC/decrypt
4cdf44c46b x_x509.c: Simplify X509_new_with_libctx() using x509_set0_libctx()
09c2e26e64 Re-word null->empty property; improve iteration.count example in property.pod
1bb6f70da3 testutil: Add provider.c with test_get_libctx(), to use at least for SSL and CMP
06cee80a84 testutil: Make SETUP_TEST_FIXTURE return 0 on fixture == NULL
1a7ceb6c74 Correct the #define's of EVP_PKEY_CTRL_SET1_ID and EVP_PKEY_CTRL_GET1_ID{,_LEN}
bc03cfadc4 Add prerequisite #include directives to include/crypto/x509.h
de3713d492 Make sure x509v3_cache_extensions() does not modify the error queue
be63e58732 Fix incorrect selection flags for ec serializer.
8ca6c6669f Test mte with stitched ciphersuites in TLSv1.0
a361cb841d Fix stitched ciphersuites in TLS1.0
2a33470b4f Make better use of new load_cert_pass() variant of load_cert() in apps/
b3c5aadf4c apps: make use of OSSL_STORE for generalized certs and CRLs loading
ed4faae00c Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8}
5f2b7db09b TEST: Use PEM_read_bio_PUBKEY_ex() and PEM_read_bio_PrivateKey_ex()
6e5ccd58c8 PEM: Add more library context aware PEM readers
2274d22d39 STORE: Distinguish public keys from private keys
6cc1dfca88 PROV: Fix DSA and DH private key serializers
22b814443e X509: Add d2i_PUBKEY_ex(), which take a libctx and propq
3b1fd0b003 cmp: handle error return from OBJ_obj2txt()
ffcdb24b13 pkeyutil: check return value reading password
16486f6332 PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider
26a8f2ac95 RSA: Fix rsa_todata() to only add params for existing data
e6ed04a9dc TEST: separate out NIST ECC tests from non-NIST
a24b510c28 EVP: Have evp_pkey_cmp_any() detect if export wasn't possible

Build log ended with (last 100 lines):

    #   Failed test 'p10cr csr empty file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -csr wrong.csr.pem => 139
    not ok 78 - p10cr wrong csr
# ------------------------------------------------------------------------------
    #   Failed test 'p10cr wrong csr'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -revreason 5 => 139
    not ok 79 - ir + ignored revocation
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 139
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 139
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 139
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' => 139
    not ok 86 - kur newkey is directory
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139
    not ok 89 - kur oldcert is directory
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert is directory'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139
    not ok 90 - kur oldcert not existing
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert not existing'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139
    not ok 91 - kur empty oldcert file
# ------------------------------------------------------------------------------
    #   Failed test 'kur empty oldcert file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139
    not ok 92 - kur command without cert and oldcert
# ------------------------------------------------------------------------------
    #   Failed test 'kur command without cert and oldcert'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 65 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-ui/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=209, Tests=3334, 924 wallclock secs (13.30 usr  1.29 sys + 818.57 cusr 64.02 csys = 897.18 CPU)
Result: FAIL
Makefile:3183: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-ui'
Makefile:3181: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Tue Aug 25 18:26:35 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 25 Aug 2020 18:26:35 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls
Message-ID: <1598379995.583883.29849.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls

Commit log since last time:

05ead00065 run_tests.pl: Add warning that HARNESS_JOBS > 1 overrides HARNESS_VERBOSE
1acb2e6f35 Fix CMS so that it still works with non fetchable algorithms.
eed12622fa Windows get ENV value as UTF-8 encoded string instead of a raw string
c0f39ded68 Add Explicit EC parameter support to providers.
a02c715c18 Clean away some declarations
93ec4f8f09 Remove the OSSL_SERIALIZER / OSSL_DESERIALIZER renaming scripts
ece9304c96 Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
f650993f1d Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
5a7734cd02 Add libctx/provider support to cmp_msg_test
4561f15fdb Add libctx/provider support to cmp_protect_test
bdd6784fdd Add libctx/provider support to cmp_vfy_test
b0248cbc3e Add libctx/provider support to cmp_client_test
6d1f50b520 Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt
cac30a69bc cmp_msg.c: Copy libctx and propq of CMP_CTX to newly enrolled certificate
28e9f62b2d cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc
1930b58642 cmp_hdr.c: Adapt ossl_cmp_hdr_init() to use OPENSSL_CTX for random number generation
2300083887 crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails
ab28b59064 Add libctx/provider support to cmp_server_test
97e00da902 Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its doc
1a7cd250ad Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_mock_srv_new()
7b1a3a5062 cmp_vfy.c: Fix bug: must verify msg signature also in 3GPP mode
cef3a008a6 Update CMP header file references in internal CMP documentation
ded346fad2 Add libctx and propq param to ASN.1 sign/verify/HMAC/decrypt
4cdf44c46b x_x509.c: Simplify X509_new_with_libctx() using x509_set0_libctx()
09c2e26e64 Re-word null->empty property; improve iteration.count example in property.pod
1bb6f70da3 testutil: Add provider.c with test_get_libctx(), to use at least for SSL and CMP
06cee80a84 testutil: Make SETUP_TEST_FIXTURE return 0 on fixture == NULL
1a7ceb6c74 Correct the #define's of EVP_PKEY_CTRL_SET1_ID and EVP_PKEY_CTRL_GET1_ID{,_LEN}
bc03cfadc4 Add prerequisite #include directives to include/crypto/x509.h
de3713d492 Make sure x509v3_cache_extensions() does not modify the error queue
be63e58732 Fix incorrect selection flags for ec serializer.
8ca6c6669f Test mte with stitched ciphersuites in TLSv1.0
a361cb841d Fix stitched ciphersuites in TLS1.0
2a33470b4f Make better use of new load_cert_pass() variant of load_cert() in apps/
b3c5aadf4c apps: make use of OSSL_STORE for generalized certs and CRLs loading
ed4faae00c Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8}
5f2b7db09b TEST: Use PEM_read_bio_PUBKEY_ex() and PEM_read_bio_PrivateKey_ex()
6e5ccd58c8 PEM: Add more library context aware PEM readers
2274d22d39 STORE: Distinguish public keys from private keys
6cc1dfca88 PROV: Fix DSA and DH private key serializers
22b814443e X509: Add d2i_PUBKEY_ex(), which take a libctx and propq
3b1fd0b003 cmp: handle error return from OBJ_obj2txt()
ffcdb24b13 pkeyutil: check return value reading password
16486f6332 PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider
26a8f2ac95 RSA: Fix rsa_todata() to only add params for existing data
e6ed04a9dc TEST: separate out NIST ECC tests from non-NIST
a24b510c28 EVP: Have evp_pkey_cmp_any() detect if export wasn't possible

Build log ended with (last 100 lines):


# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build
80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok

            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 7 - iteration 7
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 8 - iteration 8
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 10 - iteration 10
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 11 - iteration 11
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 12 - iteration 12
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips.cnf => 1
    not ok 9 - running ssl_test 04-client_auth.cnf
# ------------------------------------------------------------------------------
    #   Failed test 'running ssl_test 04-client_auth.cnf'
    #   at ../openssl/test/recipes/80-test_ssl_new.t line 173.
    # Looks like you failed 1 test of 9.
not ok 5 - Test configuration 04-client_auth.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  5
  Non-zero exit status: 1
Files=209, Tests=3331, 863 wallclock secs (13.16 usr  1.29 sys + 796.47 cusr 62.50 csys = 873.42 CPU)
Result: FAIL
Makefile:3183: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls'
Makefile:3181: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Tue Aug 25 21:10:54 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 25 Aug 2020 21:10:54 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls1_2
Message-ID: <1598389854.016182.21073.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2

Commit log since last time:

05ead00065 run_tests.pl: Add warning that HARNESS_JOBS > 1 overrides HARNESS_VERBOSE
1acb2e6f35 Fix CMS so that it still works with non fetchable algorithms.
eed12622fa Windows get ENV value as UTF-8 encoded string instead of a raw string
c0f39ded68 Add Explicit EC parameter support to providers.
a02c715c18 Clean away some declarations
93ec4f8f09 Remove the OSSL_SERIALIZER / OSSL_DESERIALIZER renaming scripts
ece9304c96 Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
f650993f1d Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
5a7734cd02 Add libctx/provider support to cmp_msg_test
4561f15fdb Add libctx/provider support to cmp_protect_test
bdd6784fdd Add libctx/provider support to cmp_vfy_test
b0248cbc3e Add libctx/provider support to cmp_client_test
6d1f50b520 Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt
cac30a69bc cmp_msg.c: Copy libctx and propq of CMP_CTX to newly enrolled certificate
28e9f62b2d cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc
1930b58642 cmp_hdr.c: Adapt ossl_cmp_hdr_init() to use OPENSSL_CTX for random number generation
2300083887 crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails
ab28b59064 Add libctx/provider support to cmp_server_test
97e00da902 Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its doc
1a7cd250ad Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_mock_srv_new()
7b1a3a5062 cmp_vfy.c: Fix bug: must verify msg signature also in 3GPP mode
cef3a008a6 Update CMP header file references in internal CMP documentation
ded346fad2 Add libctx and propq param to ASN.1 sign/verify/HMAC/decrypt
4cdf44c46b x_x509.c: Simplify X509_new_with_libctx() using x509_set0_libctx()
09c2e26e64 Re-word null->empty property; improve iteration.count example in property.pod
1bb6f70da3 testutil: Add provider.c with test_get_libctx(), to use at least for SSL and CMP
06cee80a84 testutil: Make SETUP_TEST_FIXTURE return 0 on fixture == NULL
1a7ceb6c74 Correct the #define's of EVP_PKEY_CTRL_SET1_ID and EVP_PKEY_CTRL_GET1_ID{,_LEN}
bc03cfadc4 Add prerequisite #include directives to include/crypto/x509.h
de3713d492 Make sure x509v3_cache_extensions() does not modify the error queue
be63e58732 Fix incorrect selection flags for ec serializer.
8ca6c6669f Test mte with stitched ciphersuites in TLSv1.0
a361cb841d Fix stitched ciphersuites in TLS1.0
2a33470b4f Make better use of new load_cert_pass() variant of load_cert() in apps/
b3c5aadf4c apps: make use of OSSL_STORE for generalized certs and CRLs loading
ed4faae00c Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8}
5f2b7db09b TEST: Use PEM_read_bio_PUBKEY_ex() and PEM_read_bio_PrivateKey_ex()
6e5ccd58c8 PEM: Add more library context aware PEM readers
2274d22d39 STORE: Distinguish public keys from private keys
6cc1dfca88 PROV: Fix DSA and DH private key serializers
22b814443e X509: Add d2i_PUBKEY_ex(), which take a libctx and propq
3b1fd0b003 cmp: handle error return from OBJ_obj2txt()
ffcdb24b13 pkeyutil: check return value reading password
16486f6332 PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider
26a8f2ac95 RSA: Fix rsa_todata() to only add params for existing data
e6ed04a9dc TEST: separate out NIST ECC tests from non-NIST
a24b510c28 EVP: Have evp_pkey_cmp_any() detect if export wasn't possible

Build log ended with (last 100 lines):

    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0000805A37F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0000805A37F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0000805A37F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6760
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/8jBcvRhWOv default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C080B24DFB7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C080B24DFB7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:846
    # false
    not ok 3 - test_large_message_dtls
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C080B24DFB7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C080B24DFB7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C080B24DFB7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C080B24DFB7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6760
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/8jBcvRhWOv fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls.t                   (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 1024 Tests: 31 Failed: 4)
  Failed tests:  5, 8, 17, 19
  Non-zero exit status: 4
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=209, Tests=3333, 892 wallclock secs (14.07 usr  1.38 sys + 821.93 cusr 63.65 csys = 901.03 CPU)
Result: FAIL
Makefile:3192: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2'
Makefile:3190: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Tue Aug 25 23:36:06 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Tue, 25 Aug 2020 23:36:06 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls1_2-method
Message-ID: <1598398566.988349.29245.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method

Commit log since last time:

05ead00065 run_tests.pl: Add warning that HARNESS_JOBS > 1 overrides HARNESS_VERBOSE
1acb2e6f35 Fix CMS so that it still works with non fetchable algorithms.
eed12622fa Windows get ENV value as UTF-8 encoded string instead of a raw string
c0f39ded68 Add Explicit EC parameter support to providers.
a02c715c18 Clean away some declarations
93ec4f8f09 Remove the OSSL_SERIALIZER / OSSL_DESERIALIZER renaming scripts
ece9304c96 Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
f650993f1d Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
5a7734cd02 Add libctx/provider support to cmp_msg_test
4561f15fdb Add libctx/provider support to cmp_protect_test
bdd6784fdd Add libctx/provider support to cmp_vfy_test
b0248cbc3e Add libctx/provider support to cmp_client_test
6d1f50b520 Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt
cac30a69bc cmp_msg.c: Copy libctx and propq of CMP_CTX to newly enrolled certificate
28e9f62b2d cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc
1930b58642 cmp_hdr.c: Adapt ossl_cmp_hdr_init() to use OPENSSL_CTX for random number generation
2300083887 crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails
ab28b59064 Add libctx/provider support to cmp_server_test
97e00da902 Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its doc
1a7cd250ad Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_mock_srv_new()
7b1a3a5062 cmp_vfy.c: Fix bug: must verify msg signature also in 3GPP mode
cef3a008a6 Update CMP header file references in internal CMP documentation
ded346fad2 Add libctx and propq param to ASN.1 sign/verify/HMAC/decrypt
4cdf44c46b x_x509.c: Simplify X509_new_with_libctx() using x509_set0_libctx()
09c2e26e64 Re-word null->empty property; improve iteration.count example in property.pod
1bb6f70da3 testutil: Add provider.c with test_get_libctx(), to use at least for SSL and CMP
06cee80a84 testutil: Make SETUP_TEST_FIXTURE return 0 on fixture == NULL
1a7ceb6c74 Correct the #define's of EVP_PKEY_CTRL_SET1_ID and EVP_PKEY_CTRL_GET1_ID{,_LEN}
bc03cfadc4 Add prerequisite #include directives to include/crypto/x509.h
de3713d492 Make sure x509v3_cache_extensions() does not modify the error queue
be63e58732 Fix incorrect selection flags for ec serializer.
8ca6c6669f Test mte with stitched ciphersuites in TLSv1.0
a361cb841d Fix stitched ciphersuites in TLS1.0
2a33470b4f Make better use of new load_cert_pass() variant of load_cert() in apps/
b3c5aadf4c apps: make use of OSSL_STORE for generalized certs and CRLs loading
ed4faae00c Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8}
5f2b7db09b TEST: Use PEM_read_bio_PUBKEY_ex() and PEM_read_bio_PrivateKey_ex()
6e5ccd58c8 PEM: Add more library context aware PEM readers
2274d22d39 STORE: Distinguish public keys from private keys
6cc1dfca88 PROV: Fix DSA and DH private key serializers
22b814443e X509: Add d2i_PUBKEY_ex(), which take a libctx and propq
3b1fd0b003 cmp: handle error return from OBJ_obj2txt()
ffcdb24b13 pkeyutil: check return value reading password
16486f6332 PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider
26a8f2ac95 RSA: Fix rsa_todata() to only add params for existing data
e6ed04a9dc TEST: separate out NIST ECC tests from non-NIST
a24b510c28 EVP: Have evp_pkey_cmp_any() detect if export wasn't possible

Build log ended with (last 100 lines):

    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0006171A97F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0006171A97F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0006171A97F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6760
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/EmGOtzqild default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C0309A79557F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0309A79557F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:846
    # false
    not ok 3 - test_large_message_dtls
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C0309A79557F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0309A79557F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0309A79557F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0309A79557F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6760
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/EmGOtzqild fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls.t                   (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 1024 Tests: 31 Failed: 4)
  Failed tests:  5, 8, 17, 19
  Non-zero exit status: 4
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=209, Tests=3333, 882 wallclock secs (13.34 usr  1.19 sys + 814.05 cusr 64.28 csys = 892.86 CPU)
Result: FAIL
Makefile:3175: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method'
Makefile:3173: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Wed Aug 26 00:24:03 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Wed, 26 Aug 2020 00:24:03 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-tls1_3
Message-ID: <1598401443.592477.31402.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_3

Commit log since last time:

05ead00065 run_tests.pl: Add warning that HARNESS_JOBS > 1 overrides HARNESS_VERBOSE
1acb2e6f35 Fix CMS so that it still works with non fetchable algorithms.
eed12622fa Windows get ENV value as UTF-8 encoded string instead of a raw string
c0f39ded68 Add Explicit EC parameter support to providers.
a02c715c18 Clean away some declarations
93ec4f8f09 Remove the OSSL_SERIALIZER / OSSL_DESERIALIZER renaming scripts
ece9304c96 Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
f650993f1d Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
5a7734cd02 Add libctx/provider support to cmp_msg_test
4561f15fdb Add libctx/provider support to cmp_protect_test
bdd6784fdd Add libctx/provider support to cmp_vfy_test
b0248cbc3e Add libctx/provider support to cmp_client_test
6d1f50b520 Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt
cac30a69bc cmp_msg.c: Copy libctx and propq of CMP_CTX to newly enrolled certificate
28e9f62b2d cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc
1930b58642 cmp_hdr.c: Adapt ossl_cmp_hdr_init() to use OPENSSL_CTX for random number generation
2300083887 crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails
ab28b59064 Add libctx/provider support to cmp_server_test
97e00da902 Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its doc
1a7cd250ad Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_mock_srv_new()
7b1a3a5062 cmp_vfy.c: Fix bug: must verify msg signature also in 3GPP mode
cef3a008a6 Update CMP header file references in internal CMP documentation
ded346fad2 Add libctx and propq param to ASN.1 sign/verify/HMAC/decrypt
4cdf44c46b x_x509.c: Simplify X509_new_with_libctx() using x509_set0_libctx()
09c2e26e64 Re-word null->empty property; improve iteration.count example in property.pod
1bb6f70da3 testutil: Add provider.c with test_get_libctx(), to use at least for SSL and CMP
06cee80a84 testutil: Make SETUP_TEST_FIXTURE return 0 on fixture == NULL
1a7ceb6c74 Correct the #define's of EVP_PKEY_CTRL_SET1_ID and EVP_PKEY_CTRL_GET1_ID{,_LEN}
bc03cfadc4 Add prerequisite #include directives to include/crypto/x509.h
de3713d492 Make sure x509v3_cache_extensions() does not modify the error queue
be63e58732 Fix incorrect selection flags for ec serializer.
8ca6c6669f Test mte with stitched ciphersuites in TLSv1.0
a361cb841d Fix stitched ciphersuites in TLS1.0
2a33470b4f Make better use of new load_cert_pass() variant of load_cert() in apps/
b3c5aadf4c apps: make use of OSSL_STORE for generalized certs and CRLs loading
ed4faae00c Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8}
5f2b7db09b TEST: Use PEM_read_bio_PUBKEY_ex() and PEM_read_bio_PrivateKey_ex()
6e5ccd58c8 PEM: Add more library context aware PEM readers
2274d22d39 STORE: Distinguish public keys from private keys
6cc1dfca88 PROV: Fix DSA and DH private key serializers
22b814443e X509: Add d2i_PUBKEY_ex(), which take a libctx and propq
3b1fd0b003 cmp: handle error return from OBJ_obj2txt()
ffcdb24b13 pkeyutil: check return value reading password
16486f6332 PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider
26a8f2ac95 RSA: Fix rsa_todata() to only add params for existing data
e6ed04a9dc TEST: separate out NIST ECC tests from non-NIST
a24b510c28 EVP: Have evp_pkey_cmp_any() detect if export wasn't possible

Build log ended with (last 100 lines):

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok

        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0D0DD5BD87F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:414:
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0D0DD5BD87F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8216
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0D0DD5BD87F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:414:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0D0DD5BD87F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8216
        # false
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
    not ok 37 - test_sigalgs_available
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/YVx1C2GGUa default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C020F1FF3A7F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:414:
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C020F1FF3A7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8216
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C020F1FF3A7F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:414:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C020F1FF3A7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8216
        # false
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
    not ok 37 - test_sigalgs_available
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/YVx1C2GGUa fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build
90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=209, Tests=3255, 825 wallclock secs (12.06 usr  1.20 sys + 758.28 cusr 61.84 csys = 833.38 CPU)
Result: FAIL
Makefile:3191: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-tls1_3'
Makefile:3189: recipe for target 'tests' failed
make: *** [tests] Error 2

From levitte at openssl.org  Wed Aug 26 05:11:22 2020
From: levitte at openssl.org (Richard Levitte)
Date: Wed, 26 Aug 2020 05:11:22 +0000
Subject: [openssl]  master update
Message-ID: <1598418682.932149.29305.nullmailer@dev.openssl.org>

The branch master has been updated
       via  eb800ef5533947b8583d42a8f767f6ff385d2c17 (commit)
      from  9afa0748cffeabbdd01bf35c8955797daba31bea (commit)


- Log -----------------------------------------------------------------
commit eb800ef5533947b8583d42a8f767f6ff385d2c17
Author: Richard Levitte <levitte at openssl.org>
Date:   Thu Aug 20 21:31:33 2020 +0200

    crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc()
    
    Fixes #12695
    
    Reviewed-by: David von Oheimb <david.von.oheimb at siemens.com>
    (Merged from https://github.com/openssl/openssl/pull/12696)

-----------------------------------------------------------------------

Summary of changes:
 crypto/x509/v3_utl.c | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/crypto/x509/v3_utl.c b/crypto/x509/v3_utl.c
index acb0e35a42..9083ed8686 100644
--- a/crypto/x509/v3_utl.c
+++ b/crypto/x509/v3_utl.c
@@ -978,7 +978,12 @@ int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags)
 
 char *ipaddr_to_asc(unsigned char *p, int len)
 {
+    /*
+     * 40 is enough space for the longest IPv6 address + nul terminator byte
+     * XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX\0
+     */
     char buf[40], *out;
+    int i = 0, remain = 0, bytes = 0;
 
     switch (len) {
     case 4: /* IPv4 */
@@ -986,11 +991,14 @@ char *ipaddr_to_asc(unsigned char *p, int len)
         break;
         /* TODO possibly combine with static i2r_address() in v3_addr.c */
     case 16: /* IPv6 */
-        for (out = buf; out < buf + 8 * 3; out += 3) {
-            BIO_snprintf(out, 3 + 1, "%X:", p[0] << 8 | p[1]);
+        for (out = buf, i = 8, remain = sizeof(buf);
+             i-- > 0 && bytes >= 0;
+             remain -= bytes, out += bytes) {
+            const char *template = (i > 0 ? "%X:" : "%X");
+
+            bytes = BIO_snprintf(out, remain, template, p[0] << 8 | p[1]);
             p += 2;
         }
-        out[-1] = '\0';
         break;
     default:
         BIO_snprintf(buf, sizeof(buf), "<invalid length=%d>", len);

From builds at travis-ci.com  Wed Aug 26 09:21:26 2020
From: builds at travis-ci.com (Travis CI)
Date: Wed, 26 Aug 2020 09:21:26 +0000
Subject: Still Failing: openssl/openssl#36955 (master - eb800ef)
In-Reply-To: <openssl/openssl+181416357+still failing@travis-ci.com>
Message-ID: <5f4629962236d_13fc0754d329c19451e@travis-pro-tasks-7965b5bfb8-qg6nr.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36955
Status: Still Failing

Duration: 17 mins and 59 secs
Commit: eb800ef (master)
Author: Richard Levitte
Message: crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc()

Fixes #12695

Reviewed-by: David von Oheimb <david.von.oheimb at siemens.com>
(Merged from https://github.com/openssl/openssl/pull/12696)

View the changeset: https://github.com/openssl/openssl/compare/9afa0748cffe...eb800ef55339

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/181416357?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200826/a45e4020/attachment.html>

From beldmit at gmail.com  Wed Aug 26 11:06:43 2020
From: beldmit at gmail.com (beldmit at gmail.com)
Date: Wed, 26 Aug 2020 11:06:43 +0000
Subject: [openssl]  master update
Message-ID: <1598440003.995552.2649.nullmailer@dev.openssl.org>

The branch master has been updated
       via  a149f7502458dc022501c2347629cc847f2e1298 (commit)
       via  26930bd3c28db93323af566d537012477de2f820 (commit)
       via  8a302080c3fedfa02ad4b17e3f2d44dd006c08a0 (commit)
       via  a0188e284e4a34d4e03eeaa4f09a97ed787a848b (commit)
       via  0bf093be31f4a485104068e8f52dd99b242480cd (commit)
       via  90c9319d47e9f8bdeea2a60362528e2061109544 (commit)
       via  69d9245996088c485072aa4d4e86baec49ccaa80 (commit)
       via  4650f2b5908947a318ff28b0970b7d451fac32ae (commit)
      from  eb800ef5533947b8583d42a8f767f6ff385d2c17 (commit)


- Log -----------------------------------------------------------------
commit a149f7502458dc022501c2347629cc847f2e1298
Author: Dmitry Belyavskiy <beldmit at gmail.com>
Date:   Wed Jul 1 10:24:51 2020 +0300

    Replace hierogliphs with stub to pass tests
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/9654)

commit 26930bd3c28db93323af566d537012477de2f820
Author: Dmitry Belyavskiy <beldmit at gmail.com>
Date:   Mon Oct 14 16:35:42 2019 +0300

    Documentation for internal PUNYCODE-related functions
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/9654)

commit 8a302080c3fedfa02ad4b17e3f2d44dd006c08a0
Author: Dmitry Belyavskiy <beldmit at gmail.com>
Date:   Wed Sep 18 21:27:17 2019 +0300

    EAI test script and data
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/9654)

commit a0188e284e4a34d4e03eeaa4f09a97ed787a848b
Author: Dmitry Belyavskiy <beldmit at gmail.com>
Date:   Wed Aug 21 18:36:10 2019 +0300

    RFC 8398: documentation
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/9654)

commit 0bf093be31f4a485104068e8f52dd99b242480cd
Author: Dmitry Belyavskiy <beldmit at gmail.com>
Date:   Wed Aug 21 18:35:45 2019 +0300

    Add NID_id_on_SmtpUTF8Mailbox to table of X.509 attributes
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/9654)

commit 90c9319d47e9f8bdeea2a60362528e2061109544
Author: Dmitry Belyavskiy <beldmit at gmail.com>
Date:   Wed Aug 21 18:34:27 2019 +0300

    RFC 8398: EAI comparison
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/9654)

commit 69d9245996088c485072aa4d4e86baec49ccaa80
Author: Dmitry Belyavskiy <beldmit at gmail.com>
Date:   Wed Aug 21 18:33:14 2019 +0300

    RFC 8398: Name constraints validation
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/9654)

commit 4650f2b5908947a318ff28b0970b7d451fac32ae
Author: Dmitry Belyavskiy <beldmit at gmail.com>
Date:   Wed Aug 21 18:31:43 2019 +0300

    Punycode decoding implementation
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/9654)

-----------------------------------------------------------------------

Summary of changes:
 crypto/asn1/tbl_standard.h                    |   3 +-
 crypto/build.info                             |   1 +
 crypto/punycode.c                             | 338 ++++++++++++++++++++++++++
 crypto/x509/v3_ncons.c                        |  73 +++++-
 crypto/x509/v3_utl.c                          |  18 +-
 doc/internal/man3/ossl_punycode_decode.pod    |  60 +++++
 doc/man3/X509_check_host.pod                  |   8 +-
 doc/man5/x509v3_config.pod                    |   9 +
 include/crypto/punycode.h                     |  24 ++
 test/recipes/25-test_eai_data.t               |  53 ++++
 test/recipes/25-test_eai_data/ascii_chain.pem |  53 ++++
 test/recipes/25-test_eai_data/ascii_leaf.pem  |  28 +++
 test/recipes/25-test_eai_data/san.ascii       |   2 +
 test/recipes/25-test_eai_data/san.utf8        |   2 +
 test/recipes/25-test_eai_data/utf8_chain.pem  |  53 ++++
 test/recipes/25-test_eai_data/utf8_leaf.pem   |  28 +++
 16 files changed, 743 insertions(+), 10 deletions(-)
 create mode 100644 crypto/punycode.c
 create mode 100644 doc/internal/man3/ossl_punycode_decode.pod
 create mode 100644 include/crypto/punycode.h
 create mode 100644 test/recipes/25-test_eai_data.t
 create mode 100644 test/recipes/25-test_eai_data/ascii_chain.pem
 create mode 100644 test/recipes/25-test_eai_data/ascii_leaf.pem
 create mode 100644 test/recipes/25-test_eai_data/san.ascii
 create mode 100644 test/recipes/25-test_eai_data/san.utf8
 create mode 100644 test/recipes/25-test_eai_data/utf8_chain.pem
 create mode 100644 test/recipes/25-test_eai_data/utf8_leaf.pem

diff --git a/crypto/asn1/tbl_standard.h b/crypto/asn1/tbl_standard.h
index f1750fe78f..ea6ad2847a 100644
--- a/crypto/asn1/tbl_standard.h
+++ b/crypto/asn1/tbl_standard.h
@@ -56,6 +56,7 @@ static const ASN1_STRING_TABLE tbl_standard[] = {
     {NID_SNILS, 1, 11, B_ASN1_NUMERICSTRING, STABLE_NO_MASK},
     {NID_countryCode3c, 3, 3, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
     {NID_countryCode3n, 3, 3, B_ASN1_NUMERICSTRING, STABLE_NO_MASK},
-    {NID_dnsName, 0, -1, B_ASN1_UTF8STRING, STABLE_NO_MASK}
+    {NID_dnsName, 0, -1, B_ASN1_UTF8STRING, STABLE_NO_MASK},
+    {NID_id_on_SmtpUTF8Mailbox, 1, ub_email_address, B_ASN1_UTF8STRING, STABLE_NO_MASK}
 };
 
diff --git a/crypto/build.info b/crypto/build.info
index 9e10145d3c..814d8dcab7 100644
--- a/crypto/build.info
+++ b/crypto/build.info
@@ -78,6 +78,7 @@ SOURCE[../libcrypto]=$UTIL_COMMON \
         mem.c mem_sec.c \
         cversion.c info.c cpt_err.c ebcdic.c uid.c o_time.c o_dir.c \
         o_fopen.c getenv.c o_init.c init.c trace.c provider.c \
+        punycode.c \
         $UPLINKSRC
 SOURCE[../providers/libfips.a]=$UTIL_COMMON
 SOURCE[../providers/liblegacy.a]=$UTIL_COMMON
diff --git a/crypto/punycode.c b/crypto/punycode.c
new file mode 100644
index 0000000000..2607d6157a
--- /dev/null
+++ b/crypto/punycode.c
@@ -0,0 +1,338 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stddef.h>
+#include <string.h>
+#include <stdio.h>
+#include <openssl/e_os2.h>
+#include "crypto/punycode.h"
+
+static const unsigned int base = 36;
+static const unsigned int tmin = 1;
+static const unsigned int tmax = 26;
+static const unsigned int skew = 38;
+static const unsigned int damp = 700;
+static const unsigned int initial_bias = 72;
+static const unsigned int initial_n = 0x80;
+static const unsigned int maxint = 0xFFFFFFFF;
+static const char delimiter = '-';
+
+#define LABEL_BUF_SIZE 512
+
+/*-
+ * Pseudocode:
+ *
+ * function adapt(delta,numpoints,firsttime):
+ *  if firsttime then let delta = delta div damp
+ *  else let delta = delta div 2
+ *  let delta = delta + (delta div numpoints)
+ *  let k = 0
+ *  while delta > ((base - tmin) * tmax) div 2 do begin
+ *    let delta = delta div (base - tmin)
+ *    let k = k + base
+ *  end
+ *  return k + (((base - tmin + 1) * delta) div (delta + skew))
+ */
+
+static int adapt(unsigned int delta, unsigned int numpoints,
+                 unsigned int firsttime)
+{
+    unsigned int k = 0;
+
+    delta = (firsttime) ? delta / damp : delta / 2;
+    delta = delta + delta / numpoints;
+
+    while (delta > ((base - tmin) * tmax) / 2) {
+        delta = delta / (base - tmin);
+        k = k + base;
+    }
+
+    return k + (((base - tmin + 1) * delta) / (delta + skew));
+}
+
+static ossl_inline int is_basic(unsigned int a)
+{
+    return (a < 0x80) ? 1 : 0;
+}
+
+/*-
+ * code points    digit-values
+ * ------------   ----------------------
+ * 41..5A (A-Z) =  0 to 25, respectively
+ * 61..7A (a-z) =  0 to 25, respectively
+ * 30..39 (0-9) = 26 to 35, respectively
+ */
+static ossl_inline int digit_decoded(const unsigned char a)
+{
+    if (a >= 0x41 && a <= 0x5A)
+        return a - 0x41;
+
+    if (a >= 0x61 && a <= 0x7A)
+        return a - 0x61;
+
+    if (a >= 0x30 && a <= 0x39)
+        return a - 0x30 + 26;
+
+    return -1;
+}
+
+/*-
+ * Pseudocode:
+ *
+ * function ossl_punycode_decode
+ *  let n = initial_n
+ *  let i = 0
+ *  let bias = initial_bias
+ *  let output = an empty string indexed from 0
+ *  consume all code points before the last delimiter (if there is one)
+ *    and copy them to output, fail on any non-basic code point
+ *  if more than zero code points were consumed then consume one more
+ *    (which will be the last delimiter)
+ *  while the input is not exhausted do begin
+ *    let oldi = i
+ *    let w = 1
+ *    for k = base to infinity in steps of base do begin
+ *      consume a code point, or fail if there was none to consume
+ *      let digit = the code point's digit-value, fail if it has none
+ *      let i = i + digit * w, fail on overflow
+ *      let t = tmin if k <= bias {+ tmin}, or
+ *              tmax if k >= bias + tmax, or k - bias otherwise
+ *      if digit < t then break
+ *      let w = w * (base - t), fail on overflow
+ *    end
+ *    let bias = adapt(i - oldi, length(output) + 1, test oldi is 0?)
+ *    let n = n + i div (length(output) + 1), fail on overflow
+ *    let i = i mod (length(output) + 1)
+ *    {if n is a basic code point then fail}
+ *    insert n into output at position i
+ *    increment i
+ *  end
+ */
+
+int ossl_punycode_decode(const char *pEncoded, const size_t enc_len,
+                         unsigned int *pDecoded, unsigned int *pout_length)
+{
+    unsigned int n = initial_n;
+    unsigned int i = 0;
+    unsigned int bias = initial_bias;
+    size_t processed_in = 0, written_out = 0;
+    unsigned int max_out = *pout_length;
+
+    unsigned int basic_count = 0;
+    unsigned int loop;
+
+    for (loop = 0; loop < enc_len; loop++) {
+        if (pEncoded[loop] == delimiter)
+            basic_count = loop;
+    }
+
+    if (basic_count > 0) {
+        if (basic_count > max_out)
+            return 0;
+
+        for (loop = 0; loop < basic_count; loop++) {
+            if (is_basic(pEncoded[loop]) == 0)
+                return 0;
+
+            pDecoded[loop] = pEncoded[loop];
+            written_out++;
+        }
+        processed_in = basic_count + 1;
+    }
+
+    for (loop = processed_in; loop < enc_len;) {
+        unsigned int oldi = i;
+        unsigned int w = 1;
+        unsigned int k, t;
+        int digit;
+
+        for (k = base;; k += base) {
+            if (loop >= enc_len)
+                return 0;
+
+            digit = digit_decoded(pEncoded[loop]);
+            loop++;
+
+            if (digit < 0)
+                return 0;
+            if ((unsigned int)digit > (maxint - i) / w)
+                return 0;
+
+            i = i + digit * w;
+            t = (k <= bias) ? tmin : (k >= bias + tmax) ? tmax : k - bias;
+
+            if ((unsigned int)digit < t)
+                break;
+
+            if (w > maxint / (base - t))
+                return 0;
+            w = w * (base - t);
+        }
+
+        bias = adapt(i - oldi, written_out + 1, (oldi == 0));
+        if (i / (written_out + 1) > maxint - n)
+            return 0;
+        n = n + i / (written_out + 1);
+        i %= (written_out + 1);
+
+        if (written_out > max_out)
+            return 0;
+
+        memmove(pDecoded + i + 1, pDecoded + i,
+                (written_out - i) * sizeof *pDecoded);
+        pDecoded[i] = n;
+        i++;
+        written_out++;
+    }
+
+    *pout_length = written_out;
+    return 1;
+}
+
+/*
+ * Encode a code point using UTF-8
+ * return number of bytes on success, 0 on failure
+ * (also produces U+FFFD, which uses 3 bytes on failure)
+ */
+static int codepoint2utf8(unsigned char *out, unsigned long utf)
+{
+    if (utf <= 0x7F) {
+        /* Plain ASCII */
+        out[0] = (unsigned char)utf;
+        out[1] = 0;
+        return 1;
+    } else if (utf <= 0x07FF) {
+        /* 2-byte unicode */
+        out[0] = (unsigned char)(((utf >> 6) & 0x1F) | 0xC0);
+        out[1] = (unsigned char)(((utf >> 0) & 0x3F) | 0x80);
+        out[2] = 0;
+        return 2;
+    } else if (utf <= 0xFFFF) {
+        /* 3-byte unicode */
+        out[0] = (unsigned char)(((utf >> 12) & 0x0F) | 0xE0);
+        out[1] = (unsigned char)(((utf >> 6) & 0x3F) | 0x80);
+        out[2] = (unsigned char)(((utf >> 0) & 0x3F) | 0x80);
+        out[3] = 0;
+        return 3;
+    } else if (utf <= 0x10FFFF) {
+        /* 4-byte unicode */
+        out[0] = (unsigned char)(((utf >> 18) & 0x07) | 0xF0);
+        out[1] = (unsigned char)(((utf >> 12) & 0x3F) | 0x80);
+        out[2] = (unsigned char)(((utf >> 6) & 0x3F) | 0x80);
+        out[3] = (unsigned char)(((utf >> 0) & 0x3F) | 0x80);
+        out[4] = 0;
+        return 4;
+    } else {
+        /* error - use replacement character */
+        out[0] = (unsigned char)0xEF;
+        out[1] = (unsigned char)0xBF;
+        out[2] = (unsigned char)0xBD;
+        out[3] = 0;
+        return 0;
+    }
+}
+
+/*-
+ * Return values:
+ * 1 - ok, *outlen contains valid buf length
+ * 0 - ok but buf was too short, *outlen contains valid buf length
+ * -1 - bad string passed
+ */
+
+int ossl_a2ulabel(const char *in, char *out, size_t *outlen)
+{
+    /*-
+     * Domain name has some parts consisting of ASCII chars joined with dot.
+     * If a part is shorter than 5 chars, it becomes U-label as is.
+     * If it does not start with xn--,    it becomes U-label as is.
+     * Otherwise we try to decode it.
+     */
+    char *outptr = out;
+    const char *inptr = in;
+    size_t size = 0;
+    int result = 1;
+
+    unsigned int buf[LABEL_BUF_SIZE];      /* It's a hostname */
+    if (out == NULL)
+        result = 0;
+
+    while (1) {
+        char *tmpptr = strchr(inptr, '.');
+        size_t delta = (tmpptr) ? (size_t)(tmpptr - inptr) : strlen(inptr);
+
+        if (strncmp(inptr, "xn--", 4) != 0) {
+            size += delta + 1;
+
+            if (size >= *outlen - 1)
+                result = 0;
+
+            if (result > 0) {
+                memcpy(outptr, inptr, delta + 1);
+                outptr += delta + 1;
+            }
+        } else {
+            unsigned int bufsize = LABEL_BUF_SIZE;
+            unsigned int i;
+
+            if (ossl_punycode_decode(inptr + 4, delta - 4, buf, &bufsize) <= 0)
+                return -1;
+
+            for (i = 0; i < bufsize; i++) {
+                unsigned char seed[6];
+                size_t utfsize = codepoint2utf8(seed, buf[i]);
+                if (utfsize == 0)
+                    return -1;
+
+                size += utfsize;
+                if (size >= *outlen - 1)
+                    result = 0;
+
+                if (result > 0) {
+                    memcpy(outptr, seed, utfsize);
+                    outptr += utfsize;
+                }
+            }
+
+            if (tmpptr != NULL) {
+                *outptr = '.';
+                outptr++;
+                size++;
+                if (size >= *outlen - 1)
+                    result = 0;
+            }
+        }
+
+        if (tmpptr == NULL)
+            break;
+
+        inptr = tmpptr + 1;
+    }
+
+    return result;
+}
+
+/*-
+ * a MUST be A-label
+ * u MUST be U-label
+ * Returns 0 if compared values are equal
+ * 1 if not
+ * -1 in case of errors
+ */
+
+int ossl_a2ucompare(const char *a, const char *u)
+{
+    char a_ulabel[LABEL_BUF_SIZE];
+    size_t a_size = sizeof(a_ulabel);
+
+    if (ossl_a2ulabel(a, a_ulabel, &a_size) <= 0) {
+        return -1;
+    }
+
+    return (strcmp(a_ulabel, u) == 0) ? 0 : 1;
+}
diff --git a/crypto/x509/v3_ncons.c b/crypto/x509/v3_ncons.c
index 4543ec2e11..8da9cca24d 100644
--- a/crypto/x509/v3_ncons.c
+++ b/crypto/x509/v3_ncons.c
@@ -17,6 +17,7 @@
 #include <openssl/bn.h>
 
 #include "crypto/x509.h"
+#include "crypto/punycode.h"
 #include "ext_dat.h"
 
 DEFINE_STACK_OF(CONF_VALUE)
@@ -38,6 +39,7 @@ static int nc_match_single(GENERAL_NAME *sub, GENERAL_NAME *gen);
 static int nc_dn(const X509_NAME *sub, const X509_NAME *nm);
 static int nc_dns(ASN1_IA5STRING *sub, ASN1_IA5STRING *dns);
 static int nc_email(ASN1_IA5STRING *sub, ASN1_IA5STRING *eml);
+static int nc_email_eai(ASN1_UTF8STRING *sub, ASN1_IA5STRING *eml);
 static int nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base);
 static int nc_ip(ASN1_OCTET_STRING *ip, ASN1_OCTET_STRING *base);
 
@@ -459,6 +461,14 @@ static int nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc)
 {
     GENERAL_SUBTREE *sub;
     int i, r, match = 0;
+    /*
+     * We need to compare not gen->type field but an "effective" type because
+     * the otherName field may contain EAI email address treated specially
+     * according to RFC 8398, section 6
+     */
+    int effective_type = ((gen->type == GEN_OTHERNAME) &&
+                          (OBJ_obj2nid(gen->d.otherName->type_id) ==
+                           NID_id_on_SmtpUTF8Mailbox)) ? GEN_EMAIL : gen->type;
 
     /*
      * Permitted subtrees: if any subtrees exist of matching the type at
@@ -467,7 +477,7 @@ static int nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc)
 
     for (i = 0; i < sk_GENERAL_SUBTREE_num(nc->permittedSubtrees); i++) {
         sub = sk_GENERAL_SUBTREE_value(nc->permittedSubtrees, i);
-        if (gen->type != sub->base->type)
+        if (effective_type != sub->base->type)
             continue;
         if (!nc_minmax_valid(sub))
             return X509_V_ERR_SUBTREE_MINMAX;
@@ -490,7 +500,7 @@ static int nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc)
 
     for (i = 0; i < sk_GENERAL_SUBTREE_num(nc->excludedSubtrees); i++) {
         sub = sk_GENERAL_SUBTREE_value(nc->excludedSubtrees, i);
-        if (gen->type != sub->base->type)
+        if (effective_type != sub->base->type)
             continue;
         if (!nc_minmax_valid(sub))
             return X509_V_ERR_SUBTREE_MINMAX;
@@ -509,7 +519,14 @@ static int nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc)
 
 static int nc_match_single(GENERAL_NAME *gen, GENERAL_NAME *base)
 {
-    switch (base->type) {
+    switch (gen->type) {
+    case GEN_OTHERNAME:
+        /*
+         * We are here only when we have SmtpUTF8 name,
+         * so we match the value of othername with base->d.rfc822Name
+         */
+        return nc_email_eai(gen->d.otherName->value->value.utf8string,
+                            base->d.rfc822Name);
     case GEN_DIRNAME:
         return nc_dn(gen->d.directoryName, base->d.directoryName);
 
@@ -577,13 +594,59 @@ static int nc_dns(ASN1_IA5STRING *dns, ASN1_IA5STRING *base)
 
 }
 
+/*
+ * This function implements comparison between ASCII/U-label in eml
+ * and A-label in base according to RFC 8398, section 6.
+ * Convert base to U-label and ASCII-parts of domain names, for base
+ * Octet-to-octet comparison of `eml` and `base` hostname parts
+ * (ASCII-parts should be compared in case-insensitive manner)
+ */
+static int nc_email_eai(ASN1_UTF8STRING *eml, ASN1_IA5STRING *base)
+{
+    const char *baseptr = (char *)base->data;
+    const char *emlptr = (char *)eml->data;
+    const char *emlat = strrchr(emlptr, '@');
+
+    char ulabel[256];
+    size_t size = sizeof(ulabel) - 1;
+
+    if (emlat == NULL)
+        return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
+
+    memset(ulabel, 0, sizeof(ulabel));
+    /* Special case: initial '.' is RHS match */
+    if (*baseptr == '.') {
+        ulabel[0] = '.';
+        size -= 1;
+        if (ossl_a2ulabel(baseptr, ulabel + 1, &size) <= 0)
+            return X509_V_ERR_UNSPECIFIED;
+
+        if ((size_t)eml->length > size + 1) {
+            emlptr += eml->length - (size + 1);
+            if (ia5casecmp(ulabel, emlptr) == 0)
+                return X509_V_OK;
+        }
+        return X509_V_ERR_PERMITTED_VIOLATION;
+    }
+
+    emlptr = emlat + 1;
+    if (ossl_a2ulabel(baseptr, ulabel, &size) <= 0)
+        return X509_V_ERR_UNSPECIFIED;
+    /* Just have hostname left to match: case insensitive */
+    if (ia5casecmp(ulabel, emlptr))
+        return X509_V_ERR_PERMITTED_VIOLATION;
+
+    return X509_V_OK;
+
+}
+
 static int nc_email(ASN1_IA5STRING *eml, ASN1_IA5STRING *base)
 {
     const char *baseptr = (char *)base->data;
     const char *emlptr = (char *)eml->data;
 
-    const char *baseat = strchr(baseptr, '@');
-    const char *emlat = strchr(emlptr, '@');
+    const char *baseat = strrchr(baseptr, '@');
+    const char *emlat = strrchr(emlptr, '@');
     if (!emlat)
         return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
     /* Special case: initial '.' is RHS match */
diff --git a/crypto/x509/v3_utl.c b/crypto/x509/v3_utl.c
index 9083ed8686..e31be45e03 100644
--- a/crypto/x509/v3_utl.c
+++ b/crypto/x509/v3_utl.c
@@ -878,8 +878,22 @@ static int do_x509_check(X509 *x, const char *chk, size_t chklen,
             ASN1_STRING *cstr;
 
             gen = sk_GENERAL_NAME_value(gens, i);
-            if (gen->type != check_type)
-                continue;
+            if ((gen->type == GEN_OTHERNAME) && (check_type == GEN_EMAIL)) {
+                if (OBJ_obj2nid(gen->d.otherName->type_id) ==
+                    NID_id_on_SmtpUTF8Mailbox) {
+                    san_present = 1;
+                    cstr = gen->d.otherName->value->value.utf8string;
+
+                    /* Positive on success, negative on error! */
+                    if ((rv = do_check_string(cstr, 0, equal, flags,
+                                              chk, chklen, peername)) != 0)
+                        break;
+                } else
+                    continue;
+            } else {
+                if ((gen->type != check_type) && (gen->type != GEN_OTHERNAME))
+                    continue;
+            }
             san_present = 1;
             if (check_type == GEN_EMAIL)
                 cstr = gen->d.rfc822Name;
diff --git a/doc/internal/man3/ossl_punycode_decode.pod b/doc/internal/man3/ossl_punycode_decode.pod
new file mode 100644
index 0000000000..b0ff76653b
--- /dev/null
+++ b/doc/internal/man3/ossl_punycode_decode.pod
@@ -0,0 +1,60 @@
+=pod
+
+=head1 NAME
+
+ossl_punycode_decode, ossl_a2ulabel, ossl_a2ucompare
+- internal punycode-related functions
+
+=head1 SYNOPSIS
+
+  #include "crypto/punycode.h"
+
+  int ossl_punycode_decode(const char *pEncoded, const size_t enc_len,
+                           unsigned int *pDecoded, unsigned int *pout_length);
+
+  int ossl_a2ulabel(const char *in, char *out, size_t *outlen);
+
+  int ossl_a2ucompare(const char *a, const char *u);
+
+=head1 DESCRIPTION
+
+PUNYCODE encoding introduced in RFCs 3490-3492 is widely used for
+representation of host names in ASCII-only format. Some specifications,
+such as RFC 8398, require comparison of host names encoded in UTF-8 charset.
+
+ossl_a2ulabel() decodes NULL-terminated hostname from PUNYCODE to UTF-8,
+using a provided buffer for output.
+
+ossl_a2ucompare() accepts two NULL-terminated hostnames, decodes the 1st
+from PUNYCODE to UTF-8 and compares it with the 2nd one as is.
+
+ossl_punycode_decode() decodes one label (one dot-separated part) from
+a hostname, with stripped PUNYCODE marker I<xn-->.
+
+=head1 RETURN VALUES
+
+ossl_a2ulabel() returns 1 on success, 0 on not enough buf passed,
+-1 on invalid PUNYCODE string passed. When valid string is provided, it sets the
+I<*outlen> to the length of required buffer to perform correct decoding.
+
+ossl_a2ucompare() returns 1 on non-equal strings, 0 on equal strings,
+-1 when invalid PUNYCODE string passed.
+
+ossl_punycode_decode() returns 1 on success, 0 on error. On success,
+*pout_length contains the number of codepoints decoded.
+
+=head1 HISTORY
+
+The functions described here were all added in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
+
diff --git a/doc/man3/X509_check_host.pod b/doc/man3/X509_check_host.pod
index b541901c00..23476a81df 100644
--- a/doc/man3/X509_check_host.pod
+++ b/doc/man3/X509_check_host.pod
@@ -48,9 +48,13 @@ is responsible for freeing the peername via OPENSSL_free() when it
 is no longer needed.
 
 X509_check_email() checks if the certificate matches the specified
-email B<address>.  Only the mailbox syntax of RFC 822 is supported,
+email B<address>. The mailbox syntax of RFC 822 is supported,
 comments are not allowed, and no attempt is made to normalize quoted
-characters.  The B<addresslen> argument must be the number of
+characters. The mailbox syntax of RFC 6531 is supported for
+SmtpUTF8Mailbox address in subjectAltName according to RFC 8398,
+with similar limitations as for RFC 822 syntax, and no attempt
+is made to convert from A-label to U-label before comparison.
+The B<addresslen> argument must be the number of
 characters in the address string or zero in which case the length
 is calculated with strlen(B<address>).
 
diff --git a/doc/man5/x509v3_config.pod b/doc/man5/x509v3_config.pod
index a16f862bae..953b0268cd 100644
--- a/doc/man5/x509v3_config.pod
+++ b/doc/man5/x509v3_config.pod
@@ -241,6 +241,15 @@ Examples:
  OU = My Unit
  CN = My Name
 
+Non-ASCII Email Address conforming the syntax defined in Section 3.3 of RFC 6531
+are provided as otherName.SmtpUTF8Mailbox. According to RFC 8398, the email
+address should be provided as UTF8String. To enforce the valid representation in
+the certificate, the SmtpUTF8Mailbox should be provided as follows
+
+ subjectAltName=@alts
+ [alts]
+ otherName = 1.3.6.1.5.5.7.8.9;FORMAT:UTF8,UTF8String:nonasciiname.example.com
+
 =head2 Issuer Alternative Name
 
 This extension supports most of the options of subject alternative name;
diff --git a/include/crypto/punycode.h b/include/crypto/punycode.h
new file mode 100644
index 0000000000..ec97c17cab
--- /dev/null
+++ b/include/crypto/punycode.h
@@ -0,0 +1,24 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OSSL_CRYPTO_PUNYCODE_H
+# define OSSL_CRYPTO_PUNYCODE_H
+
+
+int ossl_punycode_decode (
+	const char *pEncoded,
+	const size_t enc_len,
+	unsigned int *pDecoded,
+	unsigned int *pout_length
+);
+
+int ossl_a2ulabel(const char *in, char *out, size_t *outlen);
+
+int ossl_a2ucompare(const char *a, const char *u);
+#endif
diff --git a/test/recipes/25-test_eai_data.t b/test/recipes/25-test_eai_data.t
new file mode 100644
index 0000000000..ccdb09dd9c
--- /dev/null
+++ b/test/recipes/25-test_eai_data.t
@@ -0,0 +1,53 @@
+#! /usr/bin/env perl
+# Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+
+use strict;
+use warnings;
+
+use File::Spec;
+use OpenSSL::Test::Utils;
+use OpenSSL::Test qw/:DEFAULT srctop_file/;
+
+setup("test_eai_data");
+
+#./util/wrap.pl apps/openssl verify -nameopt utf8 -no_check_time -CAfile test/recipes/25-test_eai_data/ascii_chain.pem test/recipes/25-test_eai_data/ascii_leaf.pem
+#./util/wrap.pl apps/openssl verify -nameopt utf8 -no_check_time -CAfile test/recipes/25-test_eai_data/utf8_chain.pem test/recipes/25-test_eai_data/utf8_leaf.pem
+#./util/wrap.pl apps/openssl verify -nameopt utf8 -no_check_time -CAfile test/recipes/25-test_eai_data/utf8_chain.pem test/recipes/25-test_eai_data/ascii_leaf.pem
+#./util/wrap.pl apps/openssl verify -nameopt utf8 -no_check_time -CAfile test/recipes/25-test_eai_data/ascii_chain.pem test/recipes/25-test_eai_data/utf8_leaf.pem
+
+plan tests => 11;
+
+require_ok(srctop_file('test','recipes','tconversion.pl'));
+my $folder = "test/recipes/25-test_eai_data";
+
+my $ascii_pem = srctop_file($folder, "ascii_leaf.pem");
+my $utf8_pem  = srctop_file($folder, "utf8_leaf.pem");
+
+my $ascii_chain_pem = srctop_file($folder, "ascii_chain.pem");
+my $utf8_chain_pem  = srctop_file($folder, "utf8_chain.pem");
+
+my $out = "san.tmp";
+
+ok(run(app(["openssl", "x509", "-ext", "subjectAltName", "-in", $ascii_pem, "-noout", "-out", $out])));
+is(cmp_text($out, srctop_file($folder, "san.ascii")), 0, 'Comparing othername for ASCII domain');
+
+ok(run(app(["openssl", "x509", "-ext", "subjectAltName", "-in", $utf8_pem, "-noout", "-out", $out])));
+is(cmp_text($out, srctop_file($folder, "san.utf8")), 0, 'Comparing othername for IDN domain');
+
+unlink $out;
+
+ok(run(app(["openssl", "verify", "-nameopt", "utf8", "-no_check_time", "-verify_email", "??\@elementary.school.example.com", "-CAfile", $ascii_chain_pem, $ascii_pem])));
+ok(run(app(["openssl", "verify", "-nameopt", "utf8", "-no_check_time", "-verify_email", "??\@??.example.com", "-CAfile", $utf8_chain_pem, $utf8_pem])));
+
+ok(run(app(["openssl", "verify", "-nameopt", "utf8", "-no_check_time", "-CAfile", $ascii_chain_pem, $ascii_pem])));
+ok(run(app(["openssl", "verify", "-nameopt", "utf8", "-no_check_time", "-CAfile", $utf8_chain_pem, $utf8_pem])));
+
+ok(!run(app(["openssl", "verify", "-nameopt", "utf8", "-no_check_time", "-CAfile", $ascii_chain_pem, $utf8_pem])));
+ok(!run(app(["openssl", "verify", "-nameopt", "utf8", "-no_check_time", "-CAfile", $utf8_chain_pem,  $ascii_pem])));
+
diff --git a/test/recipes/25-test_eai_data/ascii_chain.pem b/test/recipes/25-test_eai_data/ascii_chain.pem
new file mode 100644
index 0000000000..ea258a3885
--- /dev/null
+++ b/test/recipes/25-test_eai_data/ascii_chain.pem
@@ -0,0 +1,53 @@
+-----BEGIN CERTIFICATE-----
+MIIEjDCCA3SgAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwgbsxCzAJBgNVBAYTAlVT
+MQswCQYDVQQIDAJDQTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEYMBYGA1UECgwP
+RXhhbXBsZSBDb21wYW55MS4wLAYDVQQLDCVFeGFtcGxlIENvbXBhbnkgQ2VydGlm
+aWNhdGUgQXV0aG9yaXR5MRswGQYDVQQDDBJFeGFtcGxlIENvbXBhbnkgQ0ExIDAe
+BgkqhkiG9w0BCQEWEWFsaWNlQGV4YW1wbGUuY29tMB4XDTE5MDMyNzA5MzkwMloX
+DTI5MDMyNDA5MzkwMlowgb0xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEYMBYG
+A1UECgwPRXhhbXBsZSBDb21wYW55MTswOQYDVQQLDDJFeGFtcGxlIENvbXBhbnkg
+SW50ZXJtZWRpYXRlIENlcnRpZmljYXRlIEF1dGhvcml0eTEoMCYGA1UEAwwfRXhh
+bXBsZSBDb21wYW55IEludGVybWVkaWF0ZSBDQTEgMB4GCSqGSIb3DQEJARYRYWxp
+Y2VAZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9
+G/Vjs763ft6Jz6F63pNY2cc0jzCBxgw6c7UY3QC9Szmi7F/YxW+mCXwUFy4kT16X
+gujoV1prCJC7ywF2zmapIqRg08oUMdyYAfqi+OH1sbelih+J9ptvoLlQ4HULkXqP
+r9EAjI90shcVhFM/+C1C+7AC+fM74Q89U5D4i6GWFvGjVT88/fsQYwRGoB7e13gQ
+DZTFDpun8ayCI2cuIDEmpnplNpYYIbCdvBNNTp1D82g5eEz1VJVEwnr6JyVUFg5U
+aHApPzaqAXoIDjjW9G0RdX61zNAdbtjqZmP98Dt1MNGyRVHNUiafY2Zr9CtR02Fe
+AzVq8HGKCQ+FXy5VQXB7AgMBAAGjgZUwgZIwHQYDVR0OBBYEFAw/3qi2nZHj2xms
+cUd3PxN+/lxzMB8GA1UdIwQYMBaAFE7KwQ4mMV6AoFSttAbzi7rsIMY2MBIGA1Ud
+EwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMCwGA1UdHgQlMCOgITAfgR1l
+bGVtZW50YXJ5LnNjaG9vbC5leGFtcGxlLmNvbTANBgkqhkiG9w0BAQsFAAOCAQEA
+DwUJJlG487NnzXCZjhztXGwjDmPb5ZDybIsOQH7CVSoajLLFaAVAIUYy9kFSENfZ
+gBT2LfJbW4i4ziRAIgHwWpjZAItirFwZtyl8BWJF4xdUmd+m0gj0ReEgPWKJdgLc
+O9quzLsGZ2n//oFG97gWqctIEw1ugOhwdeTcaC2WZMf62sE0yqjOOf+fynfCFjUV
++enle/EyAFghVBbuF/Yk6Y7/x+7pjncTHKl9zTBLWp5yH2JvQ5dCloho9jD16TGs
+TRL/b1I154INi/XwZMtFLxNxosB1HC86sr4l4GVO8nZxzgJ+8cppp1goGzEUDY1F
+lMWa0rQbcHhk98IaP+OAWg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEXjCCA0agAwIBAgIJAMujkjMG9iZjMA0GCSqGSIb3DQEBCwUAMIG7MQswCQYD
+VQQGEwJVUzELMAkGA1UECAwCQ0ExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xGDAW
+BgNVBAoMD0V4YW1wbGUgQ29tcGFueTEuMCwGA1UECwwlRXhhbXBsZSBDb21wYW55
+IENlcnRpZmljYXRlIEF1dGhvcml0eTEbMBkGA1UEAwwSRXhhbXBsZSBDb21wYW55
+IENBMSAwHgYJKoZIhvcNAQkBFhFhbGljZUBleGFtcGxlLmNvbTAeFw0xOTAzMjcw
+NjIzNDBaFw0zOTAzMjIwNjIzNDBaMIG7MQswCQYDVQQGEwJVUzELMAkGA1UECAwC
+Q0ExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xGDAWBgNVBAoMD0V4YW1wbGUgQ29t
+cGFueTEuMCwGA1UECwwlRXhhbXBsZSBDb21wYW55IENlcnRpZmljYXRlIEF1dGhv
+cml0eTEbMBkGA1UEAwwSRXhhbXBsZSBDb21wYW55IENBMSAwHgYJKoZIhvcNAQkB
+FhFhbGljZUBleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAKhAtiyuvE09abRB1qPBnnMkzU7mRX3xcbOPT/NzfDTkbuTVbcJ98Ei3TRv1
+fmS5Ds1t2fcc493Cx1BTPmfdZSWhvONa9PDZ84wmtkaoU0Utzzdm+62zb/0/I0wh
+MgGaC25D8IRZ5yp5eTtX/yasOVaij9UjphAoHa4eD1GGzpc/LNI9hrV15BmdfcS2
+3FbtlUjFdIjsR41bTVkEb5nwBSrixV5MAcV6Y6I7mSykSTrytY6DcJs/k9yrzOM9
+p6x3v9Npyzny1vUxHWJmsSPwlfxCigcFU7I1ixybWuJB6opPu59h46r4VOVedhcj
+chSa9UcSLIKfmEhrQnw3YIUhudkCAwEAAaNjMGEwHQYDVR0OBBYEFE7KwQ4mMV6A
+oFSttAbzi7rsIMY2MB8GA1UdIwQYMBaAFE7KwQ4mMV6AoFSttAbzi7rsIMY2MA8G
+A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IB
+AQCBmOcwt/AqQjCAFRdqLFsWdGsDC2iQE4lJhsv6oypBsNNxrYV962JrrgkZThPv
+e+OkBmPrN2izT7UX5Yxbi8qmCe/eaY239GCIgRQs6wehMqlGPx5cZeruwLHDjcsv
+4/KmyDJ9u1lx83OsORxcAr4W+HEIFtLEueQkGbJTMZSKMKkbSa4Ik2bji6ctZBkO
+qWtD5s4C0P29Z8CJL1jRrYNjFg5alGSzoYi26c1o9Oz35pNiurxySE+iDHjkj1vq
+d9+F+869tkXsbuGucdv7oKGZrfdTWKp+LiRQBJzjA9nrZuUqMSMsmSXpXPHV3BdI
+4k1AgvwY9/u+RlmeGW2qRTZJ
+-----END CERTIFICATE-----
diff --git a/test/recipes/25-test_eai_data/ascii_leaf.pem b/test/recipes/25-test_eai_data/ascii_leaf.pem
new file mode 100644
index 0000000000..286d317968
--- /dev/null
+++ b/test/recipes/25-test_eai_data/ascii_leaf.pem
@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIE3DCCA8SgAwIBAgIUPTX8yrPZtf85fFr2BqMIknud10EwDQYJKoZIhvcNAQEL
+BQAwgb0xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEYMBYGA1UECgwPRXhhbXBs
+ZSBDb21wYW55MTswOQYDVQQLDDJFeGFtcGxlIENvbXBhbnkgSW50ZXJtZWRpYXRl
+IENlcnRpZmljYXRlIEF1dGhvcml0eTEoMCYGA1UEAwwfRXhhbXBsZSBDb21wYW55
+IEludGVybWVkaWF0ZSBDQTEgMB4GCSqGSIb3DQEJARYRYWxpY2VAZXhhbXBsZS5j
+b20wHhcNMTkwNjA4MTA0NDA2WhcNMjAwNjE3MTA0NDA2WjCBiDELMAkGA1UEBhMC
+VVMxCzAJBgNVBAgMAkNBMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2NvMRgwFgYDVQQK
+DA9FeGFtcGxlIENvbXBhbnkxHTAbBgNVBAsMFEV4YW1wbGUgQ29tcGFueSBVbml0
+MRswGQYDVQQDDBJBbGljZSBBc2NpaSBEb21haW4wggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDfpjeb8F/YlO5NYh+5+UcdaKIG3cpORrYZddUYprsbn8ic
+Utk4OXOklvMC1PwhW/8KcwuF0pUsQ/QZUmiJWv2umopmvl05OvPbTVfE4nE9JezF
+bNagPPrAugsbAC/1K65iPuZO4ZEZV7zjHxbdQk8fPzAZUfRqJsyinSnc2r3P4OvJ
+BffRJk8ZDJvx8kT3POYScSjTrSNVOHT3mT+2S+z00vwqKWdtroVyUr7TyC0/ocbf
+AKly1TmkD9RZNJ3ASlG0ZVri/a/TuglEs0WLtZran4IuKkzNnWccDILke0lkXZ+H
+mC1eKY3fYt8tAN+nkdTE1liJJNth4SpmYHLKoqstAgMBAAGjggEFMIIBATAJBgNV
+HRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIFoDAzBglghkgBhvhCAQ0EJhYkT3BlblNT
+TCBHZW5lcmF0ZWQgQ2xpZW50IENlcnRpZmljYXRlMB0GA1UdDgQWBBTCGcnEt0A+
+oJcD1GbkcwiWGG8f9DAfBgNVHSMEGDAWgBQMP96otp2R49sZrHFHdz8Tfv5cczAO
+BgNVHQ8BAf8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMD0G
+A1UdEQQ2MDSgMgYIKwYBBQUHCAmgJgwk5a2m55SfQGVsZW1lbnRhcnkuc2Nob29s
+LmV4YW1wbGUuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQALoWleKWXxN/WXsIMvceNO
+IfAy01Yrks0+qVhD0Z9GOAliqXOcSdr9ns+8Vhh56qPAevdP6vqACE8LnQ5Uwq1d
+SV0dxEKIaJoWRI+CnbKu+TVrR9mZAyABbPqWIBP41luj32Y/tL85k8gPF02hp0Vw
+tqrJjbCyzY4Sly14v9dBdxkJPPm+uPcgICbaCthSVm2iB9Bh+FdwJA9As+texqyI
+3Yzc6GcQpRB9M5kb5Ibqw3RMEzBGkdBCBehh06hDrx6c/JmgCspLZjCgImjn7eLk
+VyPZTiTcnTFUJuL4F/z/aAUAXzE2ueQCCRQOeX/x5KC9CElpFCw7RcpcZdCAw9KN
+-----END CERTIFICATE-----
diff --git a/test/recipes/25-test_eai_data/san.ascii b/test/recipes/25-test_eai_data/san.ascii
new file mode 100644
index 0000000000..e719e2660f
--- /dev/null
+++ b/test/recipes/25-test_eai_data/san.ascii
@@ -0,0 +1,2 @@
+X509v3 Subject Alternative Name: 
+    othername: SmtpUTF8Mailbox::??@elementary.school.example.com
diff --git a/test/recipes/25-test_eai_data/san.utf8 b/test/recipes/25-test_eai_data/san.utf8
new file mode 100644
index 0000000000..cf62d9dfbe
--- /dev/null
+++ b/test/recipes/25-test_eai_data/san.utf8
@@ -0,0 +1,2 @@
+X509v3 Subject Alternative Name: 
+    othername: SmtpUTF8Mailbox::??@??.example.com
diff --git a/test/recipes/25-test_eai_data/utf8_chain.pem b/test/recipes/25-test_eai_data/utf8_chain.pem
new file mode 100644
index 0000000000..793902569f
--- /dev/null
+++ b/test/recipes/25-test_eai_data/utf8_chain.pem
@@ -0,0 +1,53 @@
+-----BEGIN CERTIFICATE-----
+MIIEhTCCA22gAwIBAgICEAIwDQYJKoZIhvcNAQELBQAwgbsxCzAJBgNVBAYTAlVT
+MQswCQYDVQQIDAJDQTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEYMBYGA1UECgwP
+RXhhbXBsZSBDb21wYW55MS4wLAYDVQQLDCVFeGFtcGxlIENvbXBhbnkgQ2VydGlm
+aWNhdGUgQXV0aG9yaXR5MRswGQYDVQQDDBJFeGFtcGxlIENvbXBhbnkgQ0ExIDAe
+BgkqhkiG9w0BCQEWEWFsaWNlQGV4YW1wbGUuY29tMB4XDTE5MDMyNzA5NDEzOVoX
+DTI5MDMyNDA5NDEzOVowgb0xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEYMBYG
+A1UECgwPRXhhbXBsZSBDb21wYW55MTswOQYDVQQLDDJFeGFtcGxlIENvbXBhbnkg
+SW50ZXJtZWRpYXRlIENlcnRpZmljYXRlIEF1dGhvcml0eTEoMCYGA1UEAwwfRXhh
+bXBsZSBDb21wYW55IEludGVybWVkaWF0ZSBDQTEgMB4GCSqGSIb3DQEJARYRYWxp
+Y2VAZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9
+G/Vjs763ft6Jz6F63pNY2cc0jzCBxgw6c7UY3QC9Szmi7F/YxW+mCXwUFy4kT16X
+gujoV1prCJC7ywF2zmapIqRg08oUMdyYAfqi+OH1sbelih+J9ptvoLlQ4HULkXqP
+r9EAjI90shcVhFM/+C1C+7AC+fM74Q89U5D4i6GWFvGjVT88/fsQYwRGoB7e13gQ
+DZTFDpun8ayCI2cuIDEmpnplNpYYIbCdvBNNTp1D82g5eEz1VJVEwnr6JyVUFg5U
+aHApPzaqAXoIDjjW9G0RdX61zNAdbtjqZmP98Dt1MNGyRVHNUiafY2Zr9CtR02Fe
+AzVq8HGKCQ+FXy5VQXB7AgMBAAGjgY4wgYswHQYDVR0OBBYEFAw/3qi2nZHj2xms
+cUd3PxN+/lxzMB8GA1UdIwQYMBaAFE7KwQ4mMV6AoFSttAbzi7rsIMY2MBIGA1Ud
+EwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMCUGA1UdHgQeMBygGjAYgRZ4
+bi0tcHNzMjVjLmV4YW1wbGUuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQCEpk1PVmSQ
+LoDTVDZlhbJmRP4UNq0ODaKNJHwpqVm0Q0lpg694brvLapmgAeRHPHHdTOv8VdGj
+y4/NvaWRjdBqnI6sVobMfC0JJtHQufWpQ4i85D6ljh6RQX62Tz9/EGd6jgE/Pjrw
+siU4geDY4c4EWGskJAGHaMYSTjQdutSP8NAxFXcupyniDyF75Kjfeb7kVj3zuvhS
+UYN13IeB2498t46BNqYVP1Sh51UMg4vkddHt3rI37WdilDq2j5e3qcUvYGFmiU7O
+j7P48QXoDHsWZmUvZcXlFky+9eFYd1a3QAV7AMc2iD93+GJBbwqxdN1393Y9Kk4R
+Y/RIVt183q8X
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEXjCCA0agAwIBAgIJAMujkjMG9iZjMA0GCSqGSIb3DQEBCwUAMIG7MQswCQYD
+VQQGEwJVUzELMAkGA1UECAwCQ0ExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xGDAW
+BgNVBAoMD0V4YW1wbGUgQ29tcGFueTEuMCwGA1UECwwlRXhhbXBsZSBDb21wYW55
+IENlcnRpZmljYXRlIEF1dGhvcml0eTEbMBkGA1UEAwwSRXhhbXBsZSBDb21wYW55
+IENBMSAwHgYJKoZIhvcNAQkBFhFhbGljZUBleGFtcGxlLmNvbTAeFw0xOTAzMjcw
+NjIzNDBaFw0zOTAzMjIwNjIzNDBaMIG7MQswCQYDVQQGEwJVUzELMAkGA1UECAwC
+Q0ExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xGDAWBgNVBAoMD0V4YW1wbGUgQ29t
+cGFueTEuMCwGA1UECwwlRXhhbXBsZSBDb21wYW55IENlcnRpZmljYXRlIEF1dGhv
+cml0eTEbMBkGA1UEAwwSRXhhbXBsZSBDb21wYW55IENBMSAwHgYJKoZIhvcNAQkB
+FhFhbGljZUBleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAKhAtiyuvE09abRB1qPBnnMkzU7mRX3xcbOPT/NzfDTkbuTVbcJ98Ei3TRv1
+fmS5Ds1t2fcc493Cx1BTPmfdZSWhvONa9PDZ84wmtkaoU0Utzzdm+62zb/0/I0wh
+MgGaC25D8IRZ5yp5eTtX/yasOVaij9UjphAoHa4eD1GGzpc/LNI9hrV15BmdfcS2
+3FbtlUjFdIjsR41bTVkEb5nwBSrixV5MAcV6Y6I7mSykSTrytY6DcJs/k9yrzOM9
+p6x3v9Npyzny1vUxHWJmsSPwlfxCigcFU7I1ixybWuJB6opPu59h46r4VOVedhcj
+chSa9UcSLIKfmEhrQnw3YIUhudkCAwEAAaNjMGEwHQYDVR0OBBYEFE7KwQ4mMV6A
+oFSttAbzi7rsIMY2MB8GA1UdIwQYMBaAFE7KwQ4mMV6AoFSttAbzi7rsIMY2MA8G
+A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IB
+AQCBmOcwt/AqQjCAFRdqLFsWdGsDC2iQE4lJhsv6oypBsNNxrYV962JrrgkZThPv
+e+OkBmPrN2izT7UX5Yxbi8qmCe/eaY239GCIgRQs6wehMqlGPx5cZeruwLHDjcsv
+4/KmyDJ9u1lx83OsORxcAr4W+HEIFtLEueQkGbJTMZSKMKkbSa4Ik2bji6ctZBkO
+qWtD5s4C0P29Z8CJL1jRrYNjFg5alGSzoYi26c1o9Oz35pNiurxySE+iDHjkj1vq
+d9+F+869tkXsbuGucdv7oKGZrfdTWKp+LiRQBJzjA9nrZuUqMSMsmSXpXPHV3BdI
+4k1AgvwY9/u+RlmeGW2qRTZJ
+-----END CERTIFICATE-----
diff --git a/test/recipes/25-test_eai_data/utf8_leaf.pem b/test/recipes/25-test_eai_data/utf8_leaf.pem
new file mode 100644
index 0000000000..61d5965bc8
--- /dev/null
+++ b/test/recipes/25-test_eai_data/utf8_leaf.pem
@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIEzjCCA7agAwIBAgIUCf16eBeNMQe+sxEnCZnFEuEONAwwDQYJKoZIhvcNAQEL
+BQAwgb0xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEYMBYGA1UECgwPRXhhbXBs
+ZSBDb21wYW55MTswOQYDVQQLDDJFeGFtcGxlIENvbXBhbnkgSW50ZXJtZWRpYXRl
+IENlcnRpZmljYXRlIEF1dGhvcml0eTEoMCYGA1UEAwwfRXhhbXBsZSBDb21wYW55
+IEludGVybWVkaWF0ZSBDQTEgMB4GCSqGSIb3DQEJARYRYWxpY2VAZXhhbXBsZS5j
+b20wHhcNMTkwNjA4MTA1MzUzWhcNMjAwNjE3MTA1MzUzWjCBhzELMAkGA1UEBhMC
+VVMxCzAJBgNVBAgMAkNBMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2NvMRgwFgYDVQQK
+DA9FeGFtcGxlIENvbXBhbnkxHTAbBgNVBAsMFEV4YW1wbGUgQ29tcGFueSBVbml0
+MRowGAYDVQQDDBFCb2IgLSB1dGY4IERvbWFpbjCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAN+mN5vwX9iU7k1iH7n5Rx1oogbdyk5Gthl11RimuxufyJxS
+2Tg5c6SW8wLU/CFb/wpzC4XSlSxD9BlSaIla/a6aima+XTk689tNV8TicT0l7MVs
+1qA8+sC6CxsAL/UrrmI+5k7hkRlXvOMfFt1CTx8/MBlR9GomzKKdKdzavc/g68kF
+99EmTxkMm/HyRPc85hJxKNOtI1U4dPeZP7ZL7PTS/CopZ22uhXJSvtPILT+hxt8A
+qXLVOaQP1Fk0ncBKUbRlWuL9r9O6CUSzRYu1mtqfgi4qTM2dZxwMguR7SWRdn4eY
+LV4pjd9i3y0A36eR1MTWWIkk22HhKmZgcsqiqy0CAwEAAaOB+TCB9jAJBgNVHRME
+AjAAMBEGCWCGSAGG+EIBAQQEAwIFoDAzBglghkgBhvhCAQ0EJhYkT3BlblNTTCBH
+ZW5lcmF0ZWQgQ2xpZW50IENlcnRpZmljYXRlMB0GA1UdDgQWBBTCGcnEt0A+oJcD
+1GbkcwiWGG8f9DAfBgNVHSMEGDAWgBQMP96otp2R49sZrHFHdz8Tfv5cczAOBgNV
+HQ8BAf8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMDIGA1Ud
+EQQrMCmgJwYIKwYBBQUHCAmgGwwZ5Yy755SfQOWkp+Wtpi5leGFtcGxlLmNvbTAN
+BgkqhkiG9w0BAQsFAAOCAQEAJMye89+KKYE0Dn2fSUCA3JcoRqWGi5rJkBKzGLQE
+sXmXJ/ECjWXugIz69vkJhh5L4cvRv/Orsq40aAsEhzQHVwFZvjgaDW3EHL10FeY9
+fiZgCThMcktaxWnc9xrUE2GUrEt9+QBkaVozNQgsnGDGPh499Tupzwp7YArHHdUP
+Z1y7jCR4Wlhl3RKP/VRYT0MZGuOKwyVsV4D6+4dQ/CigCqvD0eruI6owREvfH8Lc
+sIwyPtO87EhMWOKD0EkU9bH97D0UZyZlhEg0uq1VaWOHztsnb63Go7u5m1QWlII6
+jAEfnqwuMqNAkRkTT2pfNCq+2+GUlBZDRtuiTljc6QQegg==
+-----END CERTIFICATE-----

From builds at travis-ci.com  Wed Aug 26 12:56:58 2020
From: builds at travis-ci.com (Travis CI)
Date: Wed, 26 Aug 2020 12:56:58 +0000
Subject: Still Failing: openssl/openssl#36960 (master - a149f75)
In-Reply-To: <openssl/openssl+181459258+still failing@travis-ci.com>
Message-ID: <5f465c19b6a8a_13f97d50b910c1162fa@travis-pro-tasks-7cf95bbb46-bxmnw.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36960
Status: Still Failing

Duration: 1 hr, 22 mins, and 46 secs
Commit: a149f75 (master)
Author: Dmitry Belyavskiy
Message: Replace hierogliphs with stub to pass tests

Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9654)

View the changeset: https://github.com/openssl/openssl/compare/eb800ef55339...a149f7502458

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/181459258?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200826/99e8ef7b/attachment.html>

From no-reply at appveyor.com  Wed Aug 26 21:46:57 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Wed, 26 Aug 2020 21:46:57 +0000
Subject: Build failed: openssl master.36425
Message-ID: <20200826214657.1.3E4A80F0BC1675F7@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200826/0bae3c5d/attachment.html>

From openssl at openssl.org  Thu Aug 27 00:01:29 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 27 Aug 2020 00:01:29 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT
Message-ID: <1598486489.362394.6249.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT

Commit log since last time:

a149f75024 Replace hierogliphs with stub to pass tests
26930bd3c2 Documentation for internal PUNYCODE-related functions
8a302080c3 EAI test script and data
a0188e284e RFC 8398: documentation
0bf093be31 Add NID_id_on_SmtpUTF8Mailbox to table of X.509 attributes
90c9319d47 RFC 8398: EAI comparison
69d9245996 RFC 8398: Name constraints validation
4650f2b590 Punycode decoding implementation
eb800ef553 crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc()
9afa0748cf TEST: Fix CMP tests so they load keys in the current library context
39d9be390a Add CLI tests in FIPS configuration
a8b7ea8268 STORE: Change all error recording to use ERR_raise() / ERR_raise_data()
34b80d0622 STORE: Modify to support loading with provider based loaders
4fd3978211 DECODER: Add function to set an OSSL_PASSPHRASE_CALLBACK type callback
ab00ddb559 OSSL_PARAM: Add string pointer getters
c4fc564d48 STORE: Add the base functions to support provider based loaders
8704b6bf32 STORE for providers: define libcrypto <-> provider interface
faa64bca9f STORE: Add missing function OSSL_STORE_LOADER_set_open_with_libctx()
a517edec03 CORE: Generalise internal pass phrase prompter
14c8a3d118 CORE: Define provider-native abstract objects
bc8c3e1cd8 Fix coverity CID #1452770 - Dereference before NULL check in CRYPTO_siv128_init()
4bec3f6d51 Fix coverity CID #1452773 - Dereference before NULL check in EVP_DigestFinal_ex()
1f9ad4f953 Fix coverity CID #1452775 & #1452772- Dereference before NULL check in evp_lib.c
825ccf5155 Fix coverity CID #1454638 - Dereference after NULL check in EVP_MD_CTX_gettable_params()
10ead93897 Fix coverity CID #1455335 - Dereference after NULL check in fromdata_init()
db1319b706 Fix coverity CID #1458641 - Dereference before NULL check when setting ctx->flag_allow_md in rsa.c
fa519461c9 Fix coverity CID #1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info()
51bba73e93 Fix coverity CID #1458645 - Dereference before NULL check in rsa_digest_verify_final()
fdf6118b15 Fix coverity CID #1458647 - Use after free in clean_tbuf() which uses ctx->rsa
26c5ea8f61 Fix coverity CID #1458648 - Wrong sizeof() arg in rsa_freectx()
75348bb298 Fix coverity CID #1465525 - NULL pointer dereference in OSSL_DECODER_CTX_new_by_EVP_PKEY()
e499a64bef Fix coverity CID #1465531 - Negative return passed to a function param using size_t in asn1_item_digest_with_libctx()
ab7f4a3d2b Fix coverity CID #1465790 - Dereference after NULL check in evp_test.c
61d61c5fd2 Fix coverity CID #1465794 - Uninitialized pointer read in x942_encode_otherinfo()
f2bfc53b02 Fix coverity CID #1465795 - Incorrect free deallocator used in SSL_add1_host()
90e0e0d802 Fix coverity CID #1465797 - Negative loop bound in collect_deserializer
3c1ccfea85 Fix coverity CID #1465594 - Null dereference in EVP_PKEY_get0()

Build log ended with (last 100 lines):

            # Server sent alert unexpected_message but client received no alert.
            # 80C75CA23C7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:318:
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1
    not ok 6 - running ssl_test 25-cipher.cnf
# ------------------------------------------------------------------------------
    # Looks like you failed 2 tests of 9.
not ok 26 - Test configuration 25-cipher.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok

        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #2, ECDHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 80D7C83BA77F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #3, DHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 80D7C83BA77F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 4 - iteration 4
# ------------------------------------------------------------------------------
    not ok 1 - test_ssl_corrupt
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1
not ok 1 - running sslcorrupttest
# ------------------------------------------------------------------------------
#   Failed test 'running sslcorrupttest'
#   at ../openssl/test/recipes/80-test_sslcorrupt.t line 19.
# Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests 
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ skipped: Test only supported in a shared build
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls_mtu.t               (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  26
  Non-zero exit status: 1
80-test_sslcorrupt.t             (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=211, Tests=3145, 1783 wallclock secs (12.75 usr  1.68 sys + 1602.94 cusr 162.63 csys = 1780.00 CPU)
Result: FAIL
Makefile:2548: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-asan'
Makefile:2546: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Thu Aug 27 02:01:11 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 27 Aug 2020 02:01:11 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-autoerrinit
Message-ID: <1598493671.429212.7548.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit

Commit log since last time:

a149f75024 Replace hierogliphs with stub to pass tests
26930bd3c2 Documentation for internal PUNYCODE-related functions
8a302080c3 EAI test script and data
a0188e284e RFC 8398: documentation
0bf093be31 Add NID_id_on_SmtpUTF8Mailbox to table of X.509 attributes
90c9319d47 RFC 8398: EAI comparison
69d9245996 RFC 8398: Name constraints validation
4650f2b590 Punycode decoding implementation
eb800ef553 crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc()
9afa0748cf TEST: Fix CMP tests so they load keys in the current library context
39d9be390a Add CLI tests in FIPS configuration
a8b7ea8268 STORE: Change all error recording to use ERR_raise() / ERR_raise_data()
34b80d0622 STORE: Modify to support loading with provider based loaders
4fd3978211 DECODER: Add function to set an OSSL_PASSPHRASE_CALLBACK type callback
ab00ddb559 OSSL_PARAM: Add string pointer getters
c4fc564d48 STORE: Add the base functions to support provider based loaders
8704b6bf32 STORE for providers: define libcrypto <-> provider interface
faa64bca9f STORE: Add missing function OSSL_STORE_LOADER_set_open_with_libctx()
a517edec03 CORE: Generalise internal pass phrase prompter
14c8a3d118 CORE: Define provider-native abstract objects
bc8c3e1cd8 Fix coverity CID #1452770 - Dereference before NULL check in CRYPTO_siv128_init()
4bec3f6d51 Fix coverity CID #1452773 - Dereference before NULL check in EVP_DigestFinal_ex()
1f9ad4f953 Fix coverity CID #1452775 & #1452772- Dereference before NULL check in evp_lib.c
825ccf5155 Fix coverity CID #1454638 - Dereference after NULL check in EVP_MD_CTX_gettable_params()
10ead93897 Fix coverity CID #1455335 - Dereference after NULL check in fromdata_init()
db1319b706 Fix coverity CID #1458641 - Dereference before NULL check when setting ctx->flag_allow_md in rsa.c
fa519461c9 Fix coverity CID #1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info()
51bba73e93 Fix coverity CID #1458645 - Dereference before NULL check in rsa_digest_verify_final()
fdf6118b15 Fix coverity CID #1458647 - Use after free in clean_tbuf() which uses ctx->rsa
26c5ea8f61 Fix coverity CID #1458648 - Wrong sizeof() arg in rsa_freectx()
75348bb298 Fix coverity CID #1465525 - NULL pointer dereference in OSSL_DECODER_CTX_new_by_EVP_PKEY()
e499a64bef Fix coverity CID #1465531 - Negative return passed to a function param using size_t in asn1_item_digest_with_libctx()
ab7f4a3d2b Fix coverity CID #1465790 - Dereference after NULL check in evp_test.c
61d61c5fd2 Fix coverity CID #1465794 - Uninitialized pointer read in x942_encode_otherinfo()
f2bfc53b02 Fix coverity CID #1465795 - Incorrect free deallocator used in SSL_add1_host()
90e0e0d802 Fix coverity CID #1465797 - Negative loop bound in collect_deserializer
3c1ccfea85 Fix coverity CID #1465594 - Null dereference in EVP_PKEY_get0()

Build log ended with (last 100 lines):

65-test_cmp_status.t ............... ok
65-test_cmp_vfy.t .................. ok
70-test_asyncio.t .................. ok
70-test_bad_dtls.t ................. ok
70-test_clienthello.t .............. ok
70-test_comp.t ..................... ok
70-test_key_share.t ................ ok
70-test_packet.t ................... ok
70-test_recordlen.t ................ ok
70-test_renegotiation.t ............ ok
70-test_servername.t ............... ok
70-test_sslcbcpadding.t ............ ok
70-test_sslcertstatus.t ............ ok
70-test_sslextension.t ............. ok
70-test_sslmessages.t .............. ok
70-test_sslrecords.t ............... ok
70-test_sslsessiontick.t ........... ok
70-test_sslsigalgs.t ............... ok
70-test_sslsignature.t ............. ok
70-test_sslskewith0p.t ............. ok
70-test_sslversions.t .............. ok
70-test_sslvertol.t ................ ok
70-test_tls13alerts.t .............. ok
70-test_tls13cookie.t .............. ok
70-test_tls13downgrade.t ........... ok
70-test_tls13hrr.t ................. ok
70-test_tls13kexmodes.t ............ ok
70-test_tls13messages.t ............ ok
70-test_tls13psk.t ................. ok
70-test_tlsextms.t ................. ok
70-test_verify_extra.t ............. ok
70-test_wpacket.t .................. ok
71-test_ssl_ctx.t .................. ok
80-test_ca.t ....................... ok
80-test_cipherbytes.t .............. ok
80-test_cipherlist.t ............... ok
80-test_ciphername.t ............... ok

# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... ok
80-test_dtls_mtu.t ................. ok
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok
80-test_ssl_new.t .................. ok
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
04-test_err.t                    (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=211, Tests=3214, 891 wallclock secs (13.73 usr  1.38 sys + 822.40 cusr 63.07 csys = 900.58 CPU)
Result: FAIL
Makefile:3192: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit'
Makefile:3190: recipe for target 'tests' failed
make: *** [tests] Error 2

From pauli at openssl.org  Thu Aug 27 03:46:17 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Thu, 27 Aug 2020 03:46:17 +0000
Subject: [openssl]  master update
Message-ID: <1598499977.109143.4658.nullmailer@dev.openssl.org>

The branch master has been updated
       via  625679b6d79296e020bb0cad31d6ac24ad547a39 (commit)
      from  a149f7502458dc022501c2347629cc847f2e1298 (commit)


- Log -----------------------------------------------------------------
commit 625679b6d79296e020bb0cad31d6ac24ad547a39
Author: Pauli <paul.dale at oracle.com>
Date:   Wed Aug 26 14:36:50 2020 +1000

    EVP: NULL pctx pointer after free.
    
    Not doing so can result in a double free.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12718)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/digest.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index f9ba59ca63..c9b4e3fd6e 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -34,8 +34,10 @@ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx)
      * pctx should be freed by the user of EVP_MD_CTX
      * if EVP_MD_CTX_FLAG_KEEP_PKEY_CTX is set
      */
-    if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX))
+    if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX)) {
         EVP_PKEY_CTX_free(ctx->pctx);
+        ctx->pctx = NULL;
+    }
 #endif
 
     EVP_MD_free(ctx->fetched_digest);

From openssl at openssl.org  Thu Aug 27 04:57:34 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 27 Aug 2020 04:57:34 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-cms
Message-ID: <1598504254.317912.21912.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-cms

Commit log since last time:

a149f75024 Replace hierogliphs with stub to pass tests
26930bd3c2 Documentation for internal PUNYCODE-related functions
8a302080c3 EAI test script and data
a0188e284e RFC 8398: documentation
0bf093be31 Add NID_id_on_SmtpUTF8Mailbox to table of X.509 attributes
90c9319d47 RFC 8398: EAI comparison
69d9245996 RFC 8398: Name constraints validation
4650f2b590 Punycode decoding implementation
eb800ef553 crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc()
9afa0748cf TEST: Fix CMP tests so they load keys in the current library context
39d9be390a Add CLI tests in FIPS configuration
a8b7ea8268 STORE: Change all error recording to use ERR_raise() / ERR_raise_data()
34b80d0622 STORE: Modify to support loading with provider based loaders
4fd3978211 DECODER: Add function to set an OSSL_PASSPHRASE_CALLBACK type callback
ab00ddb559 OSSL_PARAM: Add string pointer getters
c4fc564d48 STORE: Add the base functions to support provider based loaders
8704b6bf32 STORE for providers: define libcrypto <-> provider interface
faa64bca9f STORE: Add missing function OSSL_STORE_LOADER_set_open_with_libctx()
a517edec03 CORE: Generalise internal pass phrase prompter
14c8a3d118 CORE: Define provider-native abstract objects
bc8c3e1cd8 Fix coverity CID #1452770 - Dereference before NULL check in CRYPTO_siv128_init()
4bec3f6d51 Fix coverity CID #1452773 - Dereference before NULL check in EVP_DigestFinal_ex()
1f9ad4f953 Fix coverity CID #1452775 & #1452772- Dereference before NULL check in evp_lib.c
825ccf5155 Fix coverity CID #1454638 - Dereference after NULL check in EVP_MD_CTX_gettable_params()
10ead93897 Fix coverity CID #1455335 - Dereference after NULL check in fromdata_init()
db1319b706 Fix coverity CID #1458641 - Dereference before NULL check when setting ctx->flag_allow_md in rsa.c
fa519461c9 Fix coverity CID #1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info()
51bba73e93 Fix coverity CID #1458645 - Dereference before NULL check in rsa_digest_verify_final()
fdf6118b15 Fix coverity CID #1458647 - Use after free in clean_tbuf() which uses ctx->rsa
26c5ea8f61 Fix coverity CID #1458648 - Wrong sizeof() arg in rsa_freectx()
75348bb298 Fix coverity CID #1465525 - NULL pointer dereference in OSSL_DECODER_CTX_new_by_EVP_PKEY()
e499a64bef Fix coverity CID #1465531 - Negative return passed to a function param using size_t in asn1_item_digest_with_libctx()
ab7f4a3d2b Fix coverity CID #1465790 - Dereference after NULL check in evp_test.c
61d61c5fd2 Fix coverity CID #1465794 - Uninitialized pointer read in x942_encode_otherinfo()
f2bfc53b02 Fix coverity CID #1465795 - Incorrect free deallocator used in SSL_add1_host()
90e0e0d802 Fix coverity CID #1465797 - Negative loop bound in collect_deserializer
3c1ccfea85 Fix coverity CID #1465594 - Null dereference in EVP_PKEY_get0()

Build log ended with (last 100 lines):

clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_ctx_test-bin-ssl_ctx_test.d.tmp -MT test/ssl_ctx_test-bin-ssl_ctx_test.o -c -o test/ssl_ctx_test-bin-ssl_ctx_test.o ../openssl/test/ssl_ctx_test.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test-bin-handshake_helper.d.tmp -MT test/ssl_test-bin-handshake_helper.o -c -o test/ssl_test-bin-handshake_helper.o ../openssl/test/handshake_helper.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test-bin-ssl_test.d.tmp -MT test/ssl_test-bin-ssl_test.o -c -o test/ssl_test-bin-ssl_test.o ../openssl/test/ssl_test.c
clang  -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test-bin-ssl_test_ctx.o -c -o test/ssl_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c
clang  -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx_test.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o ../openssl/test/ssl_test_ctx_test.c
clang  -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-filterprov.d.tmp -MT test/sslapitest-bin-filterprov.o -c -o test/sslapitest-bin-filterprov.o ../openssl/test/filterprov.c
clang  -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-sslapitest.d.tmp -MT test/sslapitest-bin-sslapitest.o -c -o test/sslapitest-bin-sslapitest.o ../openssl/test/sslapitest.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-ssltestlib.d.tmp -MT test/sslapitest-bin-ssltestlib.o -c -o test/sslapitest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-tls-provider.d.tmp -MT test/sslapitest-bin-tls-provider.o -c -o test/sslapitest-bin-tls-provider.o ../openssl/test/tls-provider.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslbuffertest-bin-sslbuffertest.d.tmp -MT test/sslbuffertest-bin-sslbuffertest.o -c -o test/sslbuffertest-bin-sslbuffertest.o ../openssl/test/sslbuffertest.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslbuffertest-bin-ssltestlib.d.tmp -MT test/sslbuffertest-bin-ssltestlib.o -c -o test/sslbuffertest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslcorrupttest-bin-sslcorrupttest.d.tmp -MT test/sslcorrupttest-bin-sslcorrupttest.o -c -o test/sslcorrupttest-bin-sslcorrupttest.o ../openssl/test/sslcorrupttest.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslcorrupttest-bin-ssltestlib.d.tmp -MT test/sslcorrupttest-bin-ssltestlib.o -c -o test/sslcorrupttest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssltest_old-bin-ssltest_old.d.tmp -MT test/ssltest_old-bin-ssltest_old.o -c -o test/ssltest_old-bin-ssltest_old.o ../openssl/test/ssltest_old.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/stack_test-bin-stack_test.d.tmp -MT test/stack_test-bin-stack_test.o -c -o test/stack_test-bin-stack_test.o ../openssl/test/stack_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sysdefaulttest-bin-sysdefaulttest.d.tmp -MT test/sysdefaulttest-bin-sysdefaulttest.o -c -o test/sysdefaulttest-bin-sysdefaulttest.o ../openssl/test/sysdefaulttest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/test_test-bin-test_test.d.tmp -MT test/test_test-bin-test_test.o -c -o test/test_test-bin-test_test.o ../openssl/test/test_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/threadstest-bin-threadstest.d.tmp -MT test/threadstest-bin-threadstest.o -c -o test/threadstest-bin-threadstest.o ../openssl/test/threadstest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/time_offset_test-bin-time_offset_test.d.tmp -MT test/time_offset_test-bin-time_offset_test.o -c -o test/time_offset_test-bin-time_offset_test.o ../openssl/test/time_offset_test.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13ccstest-bin-ssltestlib.d.tmp -MT test/tls13ccstest-bin-ssltestlib.o -c -o test/tls13ccstest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13ccstest-bin-tls13ccstest.d.tmp -MT test/tls13ccstest-bin-tls13ccstest.o -c -o test/tls13ccstest-bin-tls13ccstest.o ../openssl/test/tls13ccstest.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13encryptiontest-bin-tls13encryptiontest.d.tmp -MT test/tls13encryptiontest-bin-tls13encryptiontest.o -c -o test/tls13encryptiontest-bin-tls13encryptiontest.o ../openssl/test/tls13encryptiontest.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/tls13secretstest-bin-packet.d.tmp -MT crypto/tls13secretstest-bin-packet.o -c -o crypto/tls13secretstest-bin-packet.o ../openssl/crypto/packet.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF ssl/tls13secretstest-bin-tls13_enc.d.tmp -MT ssl/tls13secretstest-bin-tls13_enc.o -c -o ssl/tls13secretstest-bin-tls13_enc.o ../openssl/ssl/tls13_enc.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13secretstest-bin-tls13secretstest.d.tmp -MT test/tls13secretstest-bin-tls13secretstest.o -c -o test/tls13secretstest-bin-tls13secretstest.o ../openssl/test/tls13secretstest.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/uitest-bin-apps_ui.d.tmp -MT apps/lib/uitest-bin-apps_ui.o -c -o apps/lib/uitest-bin-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/uitest-bin-uitest.d.tmp -MT test/uitest-bin-uitest.o -c -o test/uitest-bin-uitest.o ../openssl/test/uitest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/v3ext-bin-v3ext.d.tmp -MT test/v3ext-bin-v3ext.o -c -o test/v3ext-bin-v3ext.o ../openssl/test/v3ext.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/v3nametest-bin-v3nametest.d.tmp -MT test/v3nametest-bin-v3nametest.o -c -o test/v3nametest-bin-v3nametest.o ../openssl/test/v3nametest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/verify_extra_test-bin-verify_extra_test.d.tmp -MT test/verify_extra_test-bin-verify_extra_test.o -c -o test/verify_extra_test-bin-verify_extra_test.o ../openssl/test/verify_extra_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/versions-bin-versions.d.tmp -MT test/versions-bin-versions.o -c -o test/versions-bin-versions.o ../openssl/test/versions.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/wpackettest-bin-wpackettest.d.tmp -MT test/wpackettest-bin-wpackettest.o -c -o test/wpackettest-bin-wpackettest.o ../openssl/test/wpackettest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.d.tmp -MT test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o -c -o test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o ../openssl/test/x509_check_cert_pkey_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_dup_cert_test-bin-x509_dup_cert_test.d.tmp -MT test/x509_dup_cert_test-bin-x509_dup_cert_test.o -c -o test/x509_dup_cert_test-bin-x509_dup_cert_test.o ../openssl/test/x509_dup_cert_test.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_internal_test-bin-x509_internal_test.d.tmp -MT test/x509_internal_test-bin-x509_internal_test.o -c -o test/x509_internal_test-bin-x509_internal_test.o ../openssl/test/x509_internal_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_time_test-bin-x509_time_test.d.tmp -MT test/x509_time_test-bin-x509_time_test.o -c -o test/x509_time_test-bin-x509_time_test.o ../openssl/test/x509_time_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509aux-bin-x509aux.d.tmp -MT test/x509aux-bin-x509aux.o -c -o test/x509aux-bin-x509aux.o ../openssl/test/x509aux.c
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/apps/CA.pl.in > "apps/CA.pl"
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/apps/tsget.in > "apps/tsget.pl"
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/tools/c_rehash.in > "tools/c_rehash"
chmod a+x apps/CA.pl
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/util/shlib_wrap.sh.in > "util/shlib_wrap.sh"
chmod a+x apps/tsget.pl
ar r apps/libapps.a apps/lib/libapps-lib-app_params.o apps/lib/libapps-lib-app_provider.o apps/lib/libapps-lib-app_rand.o apps/lib/libapps-lib-app_x509.o apps/lib/libapps-lib-apps.o apps/lib/libapps-lib-apps_ui.o apps/lib/libapps-lib-columns.o apps/lib/libapps-lib-fmt.o apps/lib/libapps-lib-http_server.o apps/lib/libapps-lib-names.o apps/lib/libapps-lib-opt.o apps/lib/libapps-lib-s_cb.o apps/lib/libapps-lib-s_socket.o
ar: creating apps/libapps.a
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aes-x86_64.o crypto/aes/aes-x86_64.s
ranlib apps/libapps.a || echo Never mind.
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-mb-x86_64.o crypto/aes/aesni-mb-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-sha1-x86_64.o crypto/aes/aesni-sha1-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-sha256-x86_64.o crypto/aes/aesni-sha256-x86_64.s
chmod a+x tools/c_rehash
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-x86_64.o crypto/aes/aesni-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-bsaes-x86_64.o crypto/aes/bsaes-x86_64.s
chmod a+x util/shlib_wrap.sh
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-vpaes-x86_64.o crypto/aes/vpaes-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-rsaz-avx2.o crypto/bn/rsaz-avx2.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-rsaz-x86_64.o crypto/bn/rsaz-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-x86_64-gf2m.o crypto/bn/x86_64-gf2m.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-x86_64-mont.o crypto/bn/x86_64-mont.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-x86_64-mont5.o crypto/bn/x86_64-mont5.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/camellia/libcrypto-lib-cmll-x86_64.o crypto/camellia/cmll-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/chacha/libcrypto-lib-chacha-x86_64.o crypto/chacha/chacha-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/ec/libcrypto-lib-ecp_nistz256-x86_64.o crypto/ec/ecp_nistz256-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/ec/libcrypto-lib-x25519-x86_64.o crypto/ec/x25519-x86_64.s
clang  -Icrypto -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/libcrypto-lib-cversion.d.tmp -MT crypto/libcrypto-lib-cversion.o -c -o crypto/libcrypto-lib-cversion.o ../openssl/crypto/cversion.c
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/libcrypto-lib-x86_64cpuid.o crypto/x86_64cpuid.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/md5/libcrypto-lib-md5-x86_64.o crypto/md5/md5-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/modes/libcrypto-lib-aesni-gcm-x86_64.o crypto/modes/aesni-gcm-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/modes/libcrypto-lib-ghash-x86_64.o crypto/modes/ghash-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/poly1305/libcrypto-lib-poly1305-x86_64.o crypto/poly1305/poly1305-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/rc4/libcrypto-lib-rc4-md5-x86_64.o crypto/rc4/rc4-md5-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/rc4/libcrypto-lib-rc4-x86_64.o crypto/rc4/rc4-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-keccak1600-x86_64.o crypto/sha/keccak1600-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha1-mb-x86_64.o crypto/sha/sha1-mb-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha1-x86_64.o crypto/sha/sha1-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha256-mb-x86_64.o crypto/sha/sha256-mb-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha256-x86_64.o crypto/sha/sha256-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha512-x86_64.o crypto/sha/sha512-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/whrlpool/libcrypto-lib-wp-x86_64.o crypto/whrlpool/wp-x86_64.s
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/implementations/encode_decode/libimplementations-lib-encoder_rsa.d.tmp -MT providers/implementations/encode_decode/libimplementations-lib-encoder_rsa.o -c -o providers/implementations/encode_decode/libimplementations-lib-encoder_rsa.o ../openssl/providers/implementations/encode_decode/encoder_rsa.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/implementations/kdfs/libimplementations-lib-x942kdf.d.tmp -MT providers/implementations/kdfs/libimplementations-lib-x942kdf.o -c -o providers/implementations/kdfs/libimplementations-lib-x942kdf.o ../openssl/providers/implementations/kdfs/x942kdf.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/implementations/signature/libimplementations-lib-dsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-dsa.o -c -o providers/implementations/signature/libimplementations-lib-dsa.o ../openssl/providers/implementations/signature/dsa.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/common/der/libnonfips-lib-der_digests_gen.d.tmp -MT providers/common/der/libnonfips-lib-der_digests_gen.o -c -o providers/common/der/libnonfips-lib-der_digests_gen.o providers/common/der/der_digests_gen.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/common/der/libnonfips-lib-der_dsa_gen.d.tmp -MT providers/common/der/libnonfips-lib-der_dsa_gen.o -c -o providers/common/der/libnonfips-lib-der_dsa_gen.o providers/common/der/der_dsa_gen.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/common/der/libnonfips-lib-der_dsa_key.d.tmp -MT providers/common/der/libnonfips-lib-der_dsa_key.o -c -o providers/common/der/libnonfips-lib-der_dsa_key.o ../openssl/providers/common/der/der_dsa_key.c
../openssl/providers/implementations/kdfs/x942kdf.c:438:21: error: no previous extern declaration for non-static variable 'kdf_x942_kdf_functions' [-Werror,-Wmissing-variable-declarations]
const OSSL_DISPATCH kdf_x942_kdf_functions[] = {
                    ^
1 error generated.
Makefile:21551: recipe for target 'providers/implementations/kdfs/libimplementations-lib-x942kdf.o' failed
make[1]: *** [providers/implementations/kdfs/libimplementations-lib-x942kdf.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-cms'
Makefile:3132: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From builds at travis-ci.com  Thu Aug 27 05:09:20 2020
From: builds at travis-ci.com (Travis CI)
Date: Thu, 27 Aug 2020 05:09:20 +0000
Subject: Still Failing: openssl/openssl#36975 (master - 625679b)
In-Reply-To: <openssl/openssl+181579936+still failing@travis-ci.com>
Message-ID: <5f473fffee2f5_13fde7d7b8220151832@travis-pro-tasks-5565cd9fbf-fgkqx.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36975
Status: Still Failing

Duration: 51 mins and 4 secs
Commit: 625679b (master)
Author: Pauli
Message: EVP: NULL pctx pointer after free.

Not doing so can result in a double free.

Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12718)

View the changeset: https://github.com/openssl/openssl/compare/a149f7502458...625679b6d792

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/181579936?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200827/ee2aa9aa/attachment.html>

From no-reply at appveyor.com  Thu Aug 27 06:24:46 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 27 Aug 2020 06:24:46 +0000
Subject: Build failed: openssl master.36435
Message-ID: <20200827062446.1.535EA7FBBC993837@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200827/279b6527/attachment.html>

From no-reply at appveyor.com  Thu Aug 27 06:33:03 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 27 Aug 2020 06:33:03 +0000
Subject: Build failed: openssl OpenSSL_1_1_1-stable.36436
Message-ID: <20200827063303.1.DFF5D5A0D73D2222@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200827/fa2cbf14/attachment.html>

From openssl at openssl.org  Thu Aug 27 07:25:55 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 27 Aug 2020 07:25:55 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-des
Message-ID: <1598513155.090388.31598.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-des

Commit log since last time:

a149f75024 Replace hierogliphs with stub to pass tests
26930bd3c2 Documentation for internal PUNYCODE-related functions
8a302080c3 EAI test script and data
a0188e284e RFC 8398: documentation
0bf093be31 Add NID_id_on_SmtpUTF8Mailbox to table of X.509 attributes
90c9319d47 RFC 8398: EAI comparison
69d9245996 RFC 8398: Name constraints validation
4650f2b590 Punycode decoding implementation
eb800ef553 crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc()
9afa0748cf TEST: Fix CMP tests so they load keys in the current library context
39d9be390a Add CLI tests in FIPS configuration
a8b7ea8268 STORE: Change all error recording to use ERR_raise() / ERR_raise_data()
34b80d0622 STORE: Modify to support loading with provider based loaders
4fd3978211 DECODER: Add function to set an OSSL_PASSPHRASE_CALLBACK type callback
ab00ddb559 OSSL_PARAM: Add string pointer getters
c4fc564d48 STORE: Add the base functions to support provider based loaders
8704b6bf32 STORE for providers: define libcrypto <-> provider interface
faa64bca9f STORE: Add missing function OSSL_STORE_LOADER_set_open_with_libctx()
a517edec03 CORE: Generalise internal pass phrase prompter
14c8a3d118 CORE: Define provider-native abstract objects
bc8c3e1cd8 Fix coverity CID #1452770 - Dereference before NULL check in CRYPTO_siv128_init()
4bec3f6d51 Fix coverity CID #1452773 - Dereference before NULL check in EVP_DigestFinal_ex()
1f9ad4f953 Fix coverity CID #1452775 & #1452772- Dereference before NULL check in evp_lib.c
825ccf5155 Fix coverity CID #1454638 - Dereference after NULL check in EVP_MD_CTX_gettable_params()
10ead93897 Fix coverity CID #1455335 - Dereference after NULL check in fromdata_init()
db1319b706 Fix coverity CID #1458641 - Dereference before NULL check when setting ctx->flag_allow_md in rsa.c
fa519461c9 Fix coverity CID #1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info()
51bba73e93 Fix coverity CID #1458645 - Dereference before NULL check in rsa_digest_verify_final()
fdf6118b15 Fix coverity CID #1458647 - Use after free in clean_tbuf() which uses ctx->rsa
26c5ea8f61 Fix coverity CID #1458648 - Wrong sizeof() arg in rsa_freectx()
75348bb298 Fix coverity CID #1465525 - NULL pointer dereference in OSSL_DECODER_CTX_new_by_EVP_PKEY()
e499a64bef Fix coverity CID #1465531 - Negative return passed to a function param using size_t in asn1_item_digest_with_libctx()
ab7f4a3d2b Fix coverity CID #1465790 - Dereference after NULL check in evp_test.c
61d61c5fd2 Fix coverity CID #1465794 - Uninitialized pointer read in x942_encode_otherinfo()
f2bfc53b02 Fix coverity CID #1465795 - Incorrect free deallocator used in SSL_add1_host()
90e0e0d802 Fix coverity CID #1465797 - Negative loop bound in collect_deserializer
3c1ccfea85 Fix coverity CID #1465594 - Null dereference in EVP_PKEY_get0()

Build log ended with (last 100 lines):

../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -revreason 5 => 1
    not ok 79 - ir + ignored revocation
# ------------------------------------------------------------------------------
Could not read any key of private key for CMP client certificate from signer.p12
C080A7BEB37F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:
C080A7BEB37F0000:error::PKCS12 routines:PKCS12_pbe_crypt:pkcs12 algor cipherinit error:../openssl/crypto/pkcs12/p12_decr.c:37:
C080A7BEB37F0000:error::PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe crypt error:../openssl/crypto/pkcs12/p12_decr.c:90:
C080A7BEB37F0000:error::PKCS12 routines:PKCS12_parse:parse error:../openssl/crypto/pkcs12/p12_kiss.c:87:
Unable to load private key for CMP client certificate
OPENSSL_FUNC:../openssl/apps/cmp.c:2885:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2728:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -proxy option is empty string, resetting option
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 1
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
Could not open file or uri test.cert.pem for loading CMP client certificate (and optionally extra certs)
Could not read any cert of CMP client certificate (and optionally extra certs) from test.cert.pem
C0F023D41F7F0000:error::system library:file_open_with_libctx:No such file or directory:../openssl/crypto/store/loader_file.c:935:calling stat(test.cert.pem)
OPENSSL_FUNC:../openssl/apps/cmp.c:2885:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2728:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:1964:CMP warning: -subject '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=leaf' given, which overrides the subject of 'test.cert.pem' in KUR
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 1
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
Could not open file or uri test.cert.pem for loading CMP client certificate (and optionally extra certs)
Could not read any cert of CMP client certificate (and optionally extra certs) from test.cert.pem
C0B05AE0AB7F0000:error::system library:file_open_with_libctx:No such file or directory:../openssl/crypto/store/loader_file.c:935:calling stat(test.cert.pem)
OPENSSL_FUNC:../openssl/apps/cmp.c:2885:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2728:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -subject option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -secret option is empty string, resetting option
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 1
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
    # Looks like you failed 31 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-des/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
30-test_evp.t                    (Wstat: 768 Tests: 86 Failed: 3)
  Failed tests:  12, 36, 69
  Non-zero exit status: 3
30-test_evp_kdf.t                (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=211, Tests=3247, 863 wallclock secs (13.33 usr  1.28 sys + 804.24 cusr 61.30 csys = 880.15 CPU)
Result: FAIL
Makefile:3123: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-des'
Makefile:3121: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Thu Aug 27 07:50:15 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 27 Aug 2020 07:50:15 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dgram
Message-ID: <1598514615.447141.17042.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dgram

Commit log since last time:

a149f75024 Replace hierogliphs with stub to pass tests
26930bd3c2 Documentation for internal PUNYCODE-related functions
8a302080c3 EAI test script and data
a0188e284e RFC 8398: documentation
0bf093be31 Add NID_id_on_SmtpUTF8Mailbox to table of X.509 attributes
90c9319d47 RFC 8398: EAI comparison
69d9245996 RFC 8398: Name constraints validation
4650f2b590 Punycode decoding implementation
eb800ef553 crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc()
9afa0748cf TEST: Fix CMP tests so they load keys in the current library context
39d9be390a Add CLI tests in FIPS configuration
a8b7ea8268 STORE: Change all error recording to use ERR_raise() / ERR_raise_data()
34b80d0622 STORE: Modify to support loading with provider based loaders
4fd3978211 DECODER: Add function to set an OSSL_PASSPHRASE_CALLBACK type callback
ab00ddb559 OSSL_PARAM: Add string pointer getters
c4fc564d48 STORE: Add the base functions to support provider based loaders
8704b6bf32 STORE for providers: define libcrypto <-> provider interface
faa64bca9f STORE: Add missing function OSSL_STORE_LOADER_set_open_with_libctx()
a517edec03 CORE: Generalise internal pass phrase prompter
14c8a3d118 CORE: Define provider-native abstract objects
bc8c3e1cd8 Fix coverity CID #1452770 - Dereference before NULL check in CRYPTO_siv128_init()
4bec3f6d51 Fix coverity CID #1452773 - Dereference before NULL check in EVP_DigestFinal_ex()
1f9ad4f953 Fix coverity CID #1452775 & #1452772- Dereference before NULL check in evp_lib.c
825ccf5155 Fix coverity CID #1454638 - Dereference after NULL check in EVP_MD_CTX_gettable_params()
10ead93897 Fix coverity CID #1455335 - Dereference after NULL check in fromdata_init()
db1319b706 Fix coverity CID #1458641 - Dereference before NULL check when setting ctx->flag_allow_md in rsa.c
fa519461c9 Fix coverity CID #1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info()
51bba73e93 Fix coverity CID #1458645 - Dereference before NULL check in rsa_digest_verify_final()
fdf6118b15 Fix coverity CID #1458647 - Use after free in clean_tbuf() which uses ctx->rsa
26c5ea8f61 Fix coverity CID #1458648 - Wrong sizeof() arg in rsa_freectx()
75348bb298 Fix coverity CID #1465525 - NULL pointer dereference in OSSL_DECODER_CTX_new_by_EVP_PKEY()
e499a64bef Fix coverity CID #1465531 - Negative return passed to a function param using size_t in asn1_item_digest_with_libctx()
ab7f4a3d2b Fix coverity CID #1465790 - Dereference after NULL check in evp_test.c
61d61c5fd2 Fix coverity CID #1465794 - Uninitialized pointer read in x942_encode_otherinfo()
f2bfc53b02 Fix coverity CID #1465795 - Incorrect free deallocator used in SSL_add1_host()
90e0e0d802 Fix coverity CID #1465797 - Negative loop bound in collect_deserializer
3c1ccfea85 Fix coverity CID #1465594 - Null dereference in EVP_PKEY_get0()

Build log ended with (last 100 lines):


# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build
80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok

            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 7 - iteration 7
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 8 - iteration 8
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 10 - iteration 10
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 11 - iteration 11
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 12 - iteration 12
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips.cnf => 1
    not ok 9 - running ssl_test 04-client_auth.cnf
# ------------------------------------------------------------------------------
    #   Failed test 'running ssl_test 04-client_auth.cnf'
    #   at ../openssl/test/recipes/80-test_ssl_new.t line 173.
    # Looks like you failed 1 test of 9.
not ok 5 - Test configuration 04-client_auth.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  5
  Non-zero exit status: 1
Files=211, Tests=3348, 865 wallclock secs (13.36 usr  1.31 sys + 798.94 cusr 63.88 csys = 877.49 CPU)
Result: FAIL
Makefile:3196: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dgram'
Makefile:3194: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Thu Aug 27 08:59:26 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 27 Aug 2020 08:59:26 +0000
Subject: Build failed: openssl master.36437
Message-ID: <20200827085926.1.B3D74569EE71AF33@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200827/71b20446/attachment.html>

From no-reply at appveyor.com  Thu Aug 27 09:11:05 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 27 Aug 2020 09:11:05 +0000
Subject: Build failed: openssl OpenSSL_1_1_1-stable.36438
Message-ID: <20200827091105.1.973640C9BD8CCEC7@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200827/b78baf00/attachment.html>

From beldmit at gmail.com  Thu Aug 27 10:13:33 2020
From: beldmit at gmail.com (beldmit at gmail.com)
Date: Thu, 27 Aug 2020 10:13:33 +0000
Subject: [openssl]  master update
Message-ID: <1598523213.983818.27224.nullmailer@dev.openssl.org>

The branch master has been updated
       via  fcc3a5204c6daa0f0bbc1679ce1ce82fb767190d (commit)
       via  50c911b0c56cd9aac360f09610f9bcdd74037a22 (commit)
      from  625679b6d79296e020bb0cad31d6ac24ad547a39 (commit)


- Log -----------------------------------------------------------------
commit fcc3a5204c6daa0f0bbc1679ce1ce82fb767190d
Author: Marc <34656315+MarcT512 at users.noreply.github.com>
Date:   Mon Jun 29 00:45:04 2020 +0100

    apps: -msg flag enhancement 2/2
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
    (Merged from https://github.com/openssl/openssl/pull/12310)

commit 50c911b0c56cd9aac360f09610f9bcdd74037a22
Author: Marc <34656315+MarcT512 at users.noreply.github.com>
Date:   Mon Jun 29 00:43:37 2020 +0100

    apps: -msg flag enhancement 1/2
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
    (Merged from https://github.com/openssl/openssl/pull/12310)

-----------------------------------------------------------------------

Summary of changes:
 apps/lib/s_cb.c           | 31 +++++++++++++++++++++++++------
 ssl/record/rec_layer_s3.c |  4 ++--
 ssl/record/ssl3_record.c  | 10 +++++++---
 3 files changed, 34 insertions(+), 11 deletions(-)

diff --git a/apps/lib/s_cb.c b/apps/lib/s_cb.c
index c58f634609..0ae851d792 100644
--- a/apps/lib/s_cb.c
+++ b/apps/lib/s_cb.c
@@ -570,8 +570,8 @@ void msg_cb(int write_p, int version, int content_type, const void *buf,
 {
     BIO *bio = arg;
     const char *str_write_p = write_p ? ">>>" : "<<<";
-    const char *str_version = lookup(version, ssl_versions, "???");
-    const char *str_content_type = "", *str_details1 = "", *str_details2 = "";
+    char tmpbuf[128];
+    const char *str_version, *str_content_type = "", *str_details1 = "", *str_details2 = "";
     const unsigned char* bp = buf;
 
     if (version == SSL3_VERSION ||
@@ -580,11 +580,14 @@ void msg_cb(int write_p, int version, int content_type, const void *buf,
         version == TLS1_2_VERSION ||
         version == TLS1_3_VERSION ||
         version == DTLS1_VERSION || version == DTLS1_BAD_VER) {
+        str_version = lookup(version, ssl_versions, "???");
         switch (content_type) {
-        case 20:
+        case SSL3_RT_CHANGE_CIPHER_SPEC:
+            /* type 20 */
             str_content_type = ", ChangeCipherSpec";
             break;
-        case 21:
+        case SSL3_RT_ALERT:
+            /* type 21 */
             str_content_type = ", Alert";
             str_details1 = ", ???";
             if (len == 2) {
@@ -599,16 +602,32 @@ void msg_cb(int write_p, int version, int content_type, const void *buf,
                 str_details2 = lookup((int)bp[1], alert_types, " ???");
             }
             break;
-        case 22:
+        case SSL3_RT_HANDSHAKE:
+            /* type 22 */
             str_content_type = ", Handshake";
             str_details1 = "???";
             if (len > 0)
                 str_details1 = lookup((int)bp[0], handshakes, "???");
             break;
-        case 23:
+        case SSL3_RT_APPLICATION_DATA:
+            /* type 23 */
             str_content_type = ", ApplicationData";
             break;
+        case SSL3_RT_HEADER:
+            /* type 256 */
+            str_content_type = ", RecordHeader";
+            break;
+        case SSL3_RT_INNER_CONTENT_TYPE:
+            /* type 257 */
+            str_content_type = ", InnerContent";
+            break;
+        default:
+            BIO_snprintf(tmpbuf, sizeof(tmpbuf)-1, ", Unknown (content_type=%d)", content_type);
+            str_content_type = tmpbuf;
         }
+    } else {
+        BIO_snprintf(tmpbuf, sizeof(tmpbuf)-1, "Not TLS data or unknown version (version=%d, content_type=%d)", version, content_type);
+        str_version = tmpbuf;
     }
 
     BIO_printf(bio, "%s %s%s [length %04lx]%s%s\n", str_write_p, str_version,
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index 1d9e803570..19483ef8c3 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -1107,14 +1107,14 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
         if (s->msg_callback) {
             recordstart = WPACKET_get_curr(thispkt) - len
                           - SSL3_RT_HEADER_LENGTH;
-            s->msg_callback(1, 0, SSL3_RT_HEADER, recordstart,
+            s->msg_callback(1, thiswr->rec_version, SSL3_RT_HEADER, recordstart,
                             SSL3_RT_HEADER_LENGTH, s,
                             s->msg_callback_arg);
 
             if (SSL_TREAT_AS_TLS13(s) && s->enc_write_ctx != NULL) {
                 unsigned char ctype = type;
 
-                s->msg_callback(1, s->version, SSL3_RT_INNER_CONTENT_TYPE,
+                s->msg_callback(1, thiswr->rec_version, SSL3_RT_INNER_CONTENT_TYPE,
                                 &ctype, 1, s, s->msg_callback_arg);
             }
         }
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c
index 80990e8296..27167ba92f 100644
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -287,14 +287,14 @@ int ssl3_get_record(SSL *s)
                 }
             } else {
                 /* SSLv3+ style record */
-                if (s->msg_callback)
-                    s->msg_callback(0, 0, SSL3_RT_HEADER, p, 5, s,
-                                    s->msg_callback_arg);
 
                 /* Pull apart the header into the SSL3_RECORD */
                 if (!PACKET_get_1(&pkt, &type)
                         || !PACKET_get_net_2(&pkt, &version)
                         || !PACKET_get_net_2_len(&pkt, &thisrr->length)) {
+                    if (s->msg_callback)
+                        s->msg_callback(0, 0, SSL3_RT_HEADER, p, 5, s,
+                                        s->msg_callback_arg);
                     SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_SSL3_GET_RECORD,
                              ERR_R_INTERNAL_ERROR);
                     return -1;
@@ -302,6 +302,10 @@ int ssl3_get_record(SSL *s)
                 thisrr->type = type;
                 thisrr->rec_version = version;
 
+                if (s->msg_callback)
+                    s->msg_callback(0, version, SSL3_RT_HEADER, p, 5, s,
+                                    s->msg_callback_arg);
+
                 /*
                  * Lets check version. In TLSv1.3 we only check this field
                  * when encryption is occurring (see later check). For the

From no-reply at appveyor.com  Thu Aug 27 11:15:12 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 27 Aug 2020 11:15:12 +0000
Subject: Build completed: openssl master.36439
Message-ID: <20200827111512.1.C9A7ED773D93026D@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200827/436c8f59/attachment-0001.html>

From builds at travis-ci.com  Thu Aug 27 12:04:08 2020
From: builds at travis-ci.com (Travis CI)
Date: Thu, 27 Aug 2020 12:04:08 +0000
Subject: Still Failing: openssl/openssl#36981 (master - fcc3a52)
In-Reply-To: <openssl/openssl+181618632+still failing@travis-ci.com>
Message-ID: <5f47a1375836c_13fbaf681090c43469@travis-pro-tasks-dcdb97c46-gmcq7.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36981
Status: Still Failing

Duration: 1 hr, 22 mins, and 22 secs
Commit: fcc3a52 (master)
Author: Marc
Message: apps: -msg flag enhancement 2/2

Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12310)

View the changeset: https://github.com/openssl/openssl/compare/625679b6d792...fcc3a5204c6d

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/181618632?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200827/5c2907cc/attachment.html>

From openssl at openssl.org  Thu Aug 27 13:09:24 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 27 Aug 2020 13:09:24 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-err
Message-ID: <1598533764.643192.18225.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-err

Commit log since last time:

a149f75024 Replace hierogliphs with stub to pass tests
26930bd3c2 Documentation for internal PUNYCODE-related functions
8a302080c3 EAI test script and data
a0188e284e RFC 8398: documentation
0bf093be31 Add NID_id_on_SmtpUTF8Mailbox to table of X.509 attributes
90c9319d47 RFC 8398: EAI comparison
69d9245996 RFC 8398: Name constraints validation
4650f2b590 Punycode decoding implementation
eb800ef553 crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc()
9afa0748cf TEST: Fix CMP tests so they load keys in the current library context
39d9be390a Add CLI tests in FIPS configuration
a8b7ea8268 STORE: Change all error recording to use ERR_raise() / ERR_raise_data()
34b80d0622 STORE: Modify to support loading with provider based loaders
4fd3978211 DECODER: Add function to set an OSSL_PASSPHRASE_CALLBACK type callback
ab00ddb559 OSSL_PARAM: Add string pointer getters
c4fc564d48 STORE: Add the base functions to support provider based loaders
8704b6bf32 STORE for providers: define libcrypto <-> provider interface
faa64bca9f STORE: Add missing function OSSL_STORE_LOADER_set_open_with_libctx()
a517edec03 CORE: Generalise internal pass phrase prompter
14c8a3d118 CORE: Define provider-native abstract objects
bc8c3e1cd8 Fix coverity CID #1452770 - Dereference before NULL check in CRYPTO_siv128_init()
4bec3f6d51 Fix coverity CID #1452773 - Dereference before NULL check in EVP_DigestFinal_ex()
1f9ad4f953 Fix coverity CID #1452775 & #1452772- Dereference before NULL check in evp_lib.c
825ccf5155 Fix coverity CID #1454638 - Dereference after NULL check in EVP_MD_CTX_gettable_params()
10ead93897 Fix coverity CID #1455335 - Dereference after NULL check in fromdata_init()
db1319b706 Fix coverity CID #1458641 - Dereference before NULL check when setting ctx->flag_allow_md in rsa.c
fa519461c9 Fix coverity CID #1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info()
51bba73e93 Fix coverity CID #1458645 - Dereference before NULL check in rsa_digest_verify_final()
fdf6118b15 Fix coverity CID #1458647 - Use after free in clean_tbuf() which uses ctx->rsa
26c5ea8f61 Fix coverity CID #1458648 - Wrong sizeof() arg in rsa_freectx()
75348bb298 Fix coverity CID #1465525 - NULL pointer dereference in OSSL_DECODER_CTX_new_by_EVP_PKEY()
e499a64bef Fix coverity CID #1465531 - Negative return passed to a function param using size_t in asn1_item_digest_with_libctx()
ab7f4a3d2b Fix coverity CID #1465790 - Dereference after NULL check in evp_test.c
61d61c5fd2 Fix coverity CID #1465794 - Uninitialized pointer read in x942_encode_otherinfo()
f2bfc53b02 Fix coverity CID #1465795 - Incorrect free deallocator used in SSL_add1_host()
90e0e0d802 Fix coverity CID #1465797 - Negative loop bound in collect_deserializer
3c1ccfea85 Fix coverity CID #1465594 - Null dereference in EVP_PKEY_get0()

Build log ended with (last 100 lines):

65-test_cmp_status.t ............... ok
65-test_cmp_vfy.t .................. ok
70-test_asyncio.t .................. ok
70-test_bad_dtls.t ................. ok
70-test_clienthello.t .............. ok
70-test_comp.t ..................... ok
70-test_key_share.t ................ ok
70-test_packet.t ................... ok
70-test_recordlen.t ................ ok
70-test_renegotiation.t ............ ok
70-test_servername.t ............... ok
70-test_sslcbcpadding.t ............ ok
70-test_sslcertstatus.t ............ ok
70-test_sslextension.t ............. ok
70-test_sslmessages.t .............. ok
70-test_sslrecords.t ............... ok
70-test_sslsessiontick.t ........... ok
70-test_sslsigalgs.t ............... ok
70-test_sslsignature.t ............. ok
70-test_sslskewith0p.t ............. ok
70-test_sslversions.t .............. ok
70-test_sslvertol.t ................ ok
70-test_tls13alerts.t .............. ok
70-test_tls13cookie.t .............. ok
70-test_tls13downgrade.t ........... ok
70-test_tls13hrr.t ................. ok
70-test_tls13kexmodes.t ............ ok
70-test_tls13messages.t ............ ok
70-test_tls13psk.t ................. ok
70-test_tlsextms.t ................. ok
70-test_verify_extra.t ............. ok
70-test_wpacket.t .................. ok
71-test_ssl_ctx.t .................. ok
80-test_ca.t ....................... ok
80-test_cipherbytes.t .............. ok
80-test_cipherlist.t ............... ok
80-test_ciphername.t ............... ok

# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... ok
80-test_dtls_mtu.t ................. ok
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok
80-test_ssl_new.t .................. ok
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
04-test_err.t                    (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=211, Tests=3214, 863 wallclock secs (13.20 usr  1.17 sys + 798.31 cusr 62.27 csys = 874.95 CPU)
Result: FAIL
Makefile:3185: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-err'
Makefile:3183: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Thu Aug 27 13:46:07 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 27 Aug 2020 13:46:07 +0000
Subject: Build failed: openssl master.36440
Message-ID: <20200827134607.1.C7EB23CC4836AEBE@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200827/b1053169/attachment.html>

From no-reply at appveyor.com  Thu Aug 27 15:13:39 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 27 Aug 2020 15:13:39 +0000
Subject: Build completed: openssl master.36441
Message-ID: <20200827151339.1.EBAAA93D79088055@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200827/d869c606/attachment.html>

From no-reply at appveyor.com  Thu Aug 27 17:27:43 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 27 Aug 2020 17:27:43 +0000
Subject: Build failed: openssl master.36445
Message-ID: <20200827172743.1.FC57845727326981@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200827/730c833c/attachment.html>

From dev at ddvo.net  Thu Aug 27 18:04:03 2020
From: dev at ddvo.net (dev at ddvo.net)
Date: Thu, 27 Aug 2020 18:04:03 +0000
Subject: [openssl]  master update
Message-ID: <1598551443.344604.11649.nullmailer@dev.openssl.org>

The branch master has been updated
       via  0495a3ec4ab463d5c08f4a4e85d0e3925e4602e7 (commit)
      from  fcc3a5204c6daa0f0bbc1679ce1ce82fb767190d (commit)


- Log -----------------------------------------------------------------
commit 0495a3ec4ab463d5c08f4a4e85d0e3925e4602e7
Author: Rich Salz <rsalz at akamai.com>
Date:   Mon Aug 17 15:31:42 2020 -0400

    Add OCSP_PARTIAL_CHAIN to OCSP_basic_verify()
    
    This adds a flag, OCSP_PARTIAL_CHAIN, to the OCSP_basic_verify()
    function.  This is equivlent to X509_V_FLAG_PARTIAL_CHAIN, in that
    if any certificate in the OCSP response is in the trust store, then
    trust it.
    
    Reviewed-by: David von Oheimb <david.von.oheimb at siemens.com>
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12666)

-----------------------------------------------------------------------

Summary of changes:
 crypto/ocsp/ocsp_vfy.c                   | 4 ++++
 doc/man3/OCSP_resp_find_status.pod       | 9 +++++++--
 doc/man3/X509_VERIFY_PARAM_set_flags.pod | 2 +-
 include/openssl/ocsp.h                   | 1 +
 4 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/crypto/ocsp/ocsp_vfy.c b/crypto/ocsp/ocsp_vfy.c
index adf4970d58..cf7602616f 100644
--- a/crypto/ocsp/ocsp_vfy.c
+++ b/crypto/ocsp/ocsp_vfy.c
@@ -38,6 +38,7 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
     STACK_OF(X509) *chain = NULL;
     STACK_OF(X509) *untrusted = NULL;
     X509_STORE_CTX *ctx = NULL;
+    X509_VERIFY_PARAM *vp;
     int i, ret = ocsp_find_signer(&signer, bs, certs, flags);
 
     if (!ret) {
@@ -85,6 +86,9 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
             OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, ERR_R_X509_LIB);
             goto f_err;
         }
+        if ((flags & OCSP_PARTIAL_CHAIN) != 0
+                && (vp = X509_STORE_CTX_get0_param(ctx)) != NULL)
+            X509_VERIFY_PARAM_set_flags(vp, X509_V_FLAG_PARTIAL_CHAIN);
 
         X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_OCSP_HELPER);
         ret = X509_verify_cert(ctx);
diff --git a/doc/man3/OCSP_resp_find_status.pod b/doc/man3/OCSP_resp_find_status.pod
index 179f303a77..7dd90837b6 100644
--- a/doc/man3/OCSP_resp_find_status.pod
+++ b/doc/man3/OCSP_resp_find_status.pod
@@ -120,7 +120,7 @@ OCSP_basic_verify() checks that the basic response message B<bs> is correctly
 signed and that the signer certificate can be validated. It takes B<st> as
 the trusted store and B<certs> as a set of untrusted intermediate certificates.
 The function first tries to find the signer certificate of the response
-in <certs>. It also searches the certificates the responder may have included
+in B<certs>. It also searches the certificates the responder may have included
 in B<bs> unless the B<flags> contain B<OCSP_NOINTERN>.
 It fails if the signer certificate cannot be found.
 Next, the function checks the signature of B<bs> and fails on error
@@ -128,6 +128,10 @@ unless the B<flags> contain B<OCSP_NOSIGS>. Then the function already returns
 success if the B<flags> contain B<OCSP_NOVERIFY> or if the signer certificate
 was found in B<certs> and the B<flags> contain B<OCSP_TRUSTOTHER>.
 Otherwise the function continues by validating the signer certificate.
+If B<flags> contains B<OCSP_PARTIAL_CHAIN>, intermediate CA certificates
+in B<st> are trust-anchors.
+For more details, see the description of B<X509_V_FLAG_PARTIAL_CHAIN>
+in L<X509_VERIFY_PARAM_set_flags(3)/VERIFICATION FLAGS>.
 To this end, all certificates in B<cert> and in B<bs> are considered as
 untrusted certificates for the construction of the validation path for the
 signer certificate unless the B<OCSP_NOCHAIN> flag is set. After successful path
@@ -185,7 +189,8 @@ L<OCSP_cert_to_id(3)>,
 L<OCSP_request_add1_nonce(3)>,
 L<OCSP_REQUEST_new(3)>,
 L<OCSP_response_status(3)>,
-L<OCSP_sendreq_new(3)>
+L<OCSP_sendreq_new(3)>,
+L<X509_VERIFY_PARAM_set_flags(3)>
 
 =head1 COPYRIGHT
 
diff --git a/doc/man3/X509_VERIFY_PARAM_set_flags.pod b/doc/man3/X509_VERIFY_PARAM_set_flags.pod
index 4f067c877c..6265915d9c 100644
--- a/doc/man3/X509_VERIFY_PARAM_set_flags.pod
+++ b/doc/man3/X509_VERIFY_PARAM_set_flags.pod
@@ -75,7 +75,7 @@ These functions manipulate the B<X509_VERIFY_PARAM> structure associated with
 a certificate verification operation.
 
 The X509_VERIFY_PARAM_set_flags() function sets the flags in B<param> by oring
-it with B<flags>. See the B<VERIFICATION FLAGS> section for a complete
+it with B<flags>. See L</VERIFICATION FLAGS> for a complete
 description of values the B<flags> parameter can take.
 
 X509_VERIFY_PARAM_get_flags() returns the flags in B<param>.
diff --git a/include/openssl/ocsp.h b/include/openssl/ocsp.h
index 1c514efeee..939a90877d 100644
--- a/include/openssl/ocsp.h
+++ b/include/openssl/ocsp.h
@@ -102,6 +102,7 @@ extern "C" {
 #  define OCSP_TRUSTOTHER                 0x200
 #  define OCSP_RESPID_KEY                 0x400
 #  define OCSP_NOTIME                     0x800
+#  define OCSP_PARTIAL_CHAIN              0x1000
 
 typedef struct ocsp_cert_id_st OCSP_CERTID;
 typedef struct ocsp_one_request_st OCSP_ONEREQ;

From dev at ddvo.net  Thu Aug 27 18:09:21 2020
From: dev at ddvo.net (dev at ddvo.net)
Date: Thu, 27 Aug 2020 18:09:21 +0000
Subject: [openssl]  master update
Message-ID: <1598551761.565009.30667.nullmailer@dev.openssl.org>

The branch master has been updated
       via  1d6c86709c72442aff3bdde8ab48b048e6df153a (commit)
       via  77a9bb83d7d785acddef83ac8d627719f74760cd (commit)
      from  0495a3ec4ab463d5c08f4a4e85d0e3925e4602e7 (commit)


- Log -----------------------------------------------------------------
commit 1d6c86709c72442aff3bdde8ab48b048e6df153a
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Mon Aug 10 14:23:46 2020 +0200

    apps/pkcs12.c: Add -untrusted option
    
    Also improve EE cert selection, user guidance, and documentation.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12643)

commit 77a9bb83d7d785acddef83ac8d627719f74760cd
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Thu Aug 13 13:52:29 2020 +0200

    X509_add_certs(): Add to doc some warning notes on memory management
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12643)

-----------------------------------------------------------------------

Summary of changes:
 apps/pkcs12.c                  | 163 ++++++++++++++++++++++++++++-------------
 doc/man1/openssl-pkcs12.pod.in |  42 +++++++----
 doc/man3/X509_add_cert.pod     |  12 +++
 test/recipes/80-test_pkcs12.t  |  10 ++-
 4 files changed, 162 insertions(+), 65 deletions(-)

diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index 60ede2e1a1..f5bb18a8db 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -35,6 +35,7 @@ DEFINE_STACK_OF_STRING()
 #define PASSWD_BUF_SIZE 2048
 
 static int get_cert_chain(X509 *cert, X509_STORE *store,
+                          STACK_OF(X509) *untrusted_certs,
                           STACK_OF(X509) **chain);
 int dump_certs_keys_p12(BIO *out, const PKCS12 *p12,
                         const char *pass, int passlen, int options,
@@ -59,7 +60,8 @@ typedef enum OPTION_choice {
     OPT_CACERTS, OPT_NOOUT, OPT_INFO, OPT_CHAIN, OPT_TWOPASS, OPT_NOMACVER,
     OPT_DESCERT, OPT_EXPORT, OPT_ITER, OPT_NOITER, OPT_MACITER, OPT_NOMACITER,
     OPT_NOMAC, OPT_LMK, OPT_NODES, OPT_NOENC, OPT_MACALG, OPT_CERTPBE, OPT_KEYPBE,
-    OPT_INKEY, OPT_CERTFILE, OPT_PASSCERTS, OPT_NAME, OPT_CSP, OPT_CANAME,
+    OPT_INKEY, OPT_CERTFILE, OPT_UNTRUSTED, OPT_PASSCERTS,
+    OPT_NAME, OPT_CSP, OPT_CANAME,
     OPT_IN, OPT_OUT, OPT_PASSIN, OPT_PASSOUT, OPT_PASSWORD, OPT_CAPATH,
     OPT_CAFILE, OPT_CASTORE, OPT_NOCAPATH, OPT_NOCAFILE, OPT_NOCASTORE, OPT_ENGINE,
     OPT_R_ENUM, OPT_PROV_ENUM, OPT_LEGACY_ALG
@@ -73,7 +75,7 @@ const OPTIONS pkcs12_options[] = {
     {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
 #endif
 
-    OPT_SECTION("CA"),
+    OPT_SECTION("CA input for export with the -chain option"),
     {"CApath", OPT_CAPATH, '/', "PEM-format directory of CA's"},
     {"CAfile", OPT_CAFILE, '<', "PEM-format file of CA's"},
     {"CAstore", OPT_CASTORE, ':', "URI to store of CA's"},
@@ -85,39 +87,42 @@ const OPTIONS pkcs12_options[] = {
      "Do not load certificates from the default certificates store"},
 
     OPT_SECTION("Input"),
-    {"inkey", OPT_INKEY, 's', "Private key if not infile"},
-    {"certfile", OPT_CERTFILE, '<', "Load certs from file"},
+    {"in", OPT_IN, '<', "Input file for PKCS12 parsing or certs and possibly key"},
+    {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
+    {"inkey", OPT_INKEY, 's', "Private key, else read from -in input file"},
+    {"certfile", OPT_CERTFILE, '<', "Extra certificates for PKCS12 output"},
+    {"untrusted", OPT_UNTRUSTED, '<', "Untrusted certificates for chain building"},
     {"passcerts", OPT_PASSCERTS, 's', "Certificate file pass phrase source"},
     {"name", OPT_NAME, 's', "Use name as friendly name"},
     {"CSP", OPT_CSP, 's', "Microsoft CSP name"},
     {"caname", OPT_CANAME, 's',
      "Use name as CA friendly name (can be repeated)"},
-    {"in", OPT_IN, '<', "Input filename"},
-    {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
 
     OPT_SECTION("Output"),
     {"export", OPT_EXPORT, '-', "Output PKCS12 file"},
     {"LMK", OPT_LMK, '-',
      "Add local machine keyset attribute to private key"},
     {"macalg", OPT_MACALG, 's',
-     "Digest algorithm used in MAC (default SHA1)"},
+     "Digest algorithm to use in MAC (default SHA1)"},
     {"keypbe", OPT_KEYPBE, 's', "Private key PBE algorithm (default 3DES)"},
     {"out", OPT_OUT, '>', "Output filename"},
-    {"passout", OPT_PASSOUT, 's', "Output file pass phrase source"},
+    {"passout", OPT_PASSOUT, 's', "Output pass phrase source"},
     {"password", OPT_PASSWORD, 's', "Set import/export password source"},
     {"nocerts", OPT_NOCERTS, '-', "Don't output certificates"},
     {"clcerts", OPT_CLCERTS, '-', "Only output client certificates"},
     {"cacerts", OPT_CACERTS, '-', "Only output CA certificates"},
-    {"noout", OPT_NOOUT, '-', "Don't output anything, just verify"},
-    {"chain", OPT_CHAIN, '-', "Add certificate chain"},
+    {"noout", OPT_NOOUT, '-', "Don't output anything, just verify PKCS#12 input"},
+    {"chain", OPT_CHAIN, '-', "Build and add certificate chain for EE cert,"},
+    {OPT_MORE_STR, 0, 0,
+     "which is the 1st cert from -in matching the private key (if given)"},
     {"twopass", OPT_TWOPASS, '-', "Separate MAC, encryption passwords"},
     {"nomacver", OPT_NOMACVER, '-', "Don't verify MAC"},
     {"info", OPT_INFO, '-', "Print info about PKCS#12 structure"},
     {"nokeys", OPT_NOKEYS, '-', "Don't output private keys"},
-    {"keyex", OPT_KEYEX, '-', "Set MS key exchange type"},
-    {"keysig", OPT_KEYSIG, '-', "Set MS key signature type"},
+    {"keyex", OPT_KEYEX, '-', "Set key type to MS key exchange"},
+    {"keysig", OPT_KEYSIG, '-', "Set key type to MS key signature"},
 
-    OPT_SECTION("Encryption"),
+    OPT_SECTION("PKCS12 output encryption and MAC"),
 #ifndef OPENSSL_NO_RC2
     {"descert", OPT_DESCERT, '-',
      "Encrypt output with 3DES (default PBES2 with PBKDF2 and AES-256 CBC)"},
@@ -144,6 +149,7 @@ const OPTIONS pkcs12_options[] = {
 int pkcs12_main(int argc, char **argv)
 {
     char *infile = NULL, *outfile = NULL, *keyname = NULL, *certfile = NULL;
+    char *untrusted = NULL;
     char *passcertsarg = NULL, *passcerts = NULL;
     char *name = NULL, *csp_name = NULL;
     char pass[PASSWD_BUF_SIZE] = "", macpass[PASSWD_BUF_SIZE] = "";
@@ -262,6 +268,9 @@ int pkcs12_main(int argc, char **argv)
         case OPT_CERTFILE:
             certfile = opt_arg();
             break;
+        case OPT_UNTRUSTED:
+            untrusted = opt_arg();
+            break;
         case OPT_PASSCERTS:
             passcertsarg = opt_arg();
             break;
@@ -327,9 +336,37 @@ int pkcs12_main(int argc, char **argv)
     }
     argc = opt_num_rest();
 
-    if (!export_cert && passcertsarg != NULL)
-        BIO_printf(bio_err,
-                   "Warning: -passcerts option ignored without -export\n");
+    if (!export_cert) {
+        if (chain)
+            BIO_printf(bio_err, "Warning: -chain option ignored without -export\n");
+        if (certfile != NULL)
+            BIO_printf(bio_err, "Warning: -certfile option ignored without -export\n");
+        if (untrusted != NULL)
+            BIO_printf(bio_err, "Warning: -untrusted option ignored without -export\n");
+        if (passcertsarg != NULL)
+            BIO_printf(bio_err,
+                       "Warning: -passcerts option ignored without -export\n");
+        if (CApath != NULL || noCApath)
+            BIO_printf(bio_err, "Warning: -[no-]CApath option ignored without -export\n");
+        if (CAfile != NULL || noCAfile)
+            BIO_printf(bio_err, "Warning: -[no-]CAfile option ignored without -export\n");
+        if (CAstore != NULL || noCAstore)
+            BIO_printf(bio_err, "Warning: -[no-]CAstore option ignored without -export\n");
+        if (add_lmk)
+            BIO_printf(bio_err, "Warning: -LMK option ignored without -export\n");
+        if (name != NULL)
+            BIO_printf(bio_err, "Warning: -name option ignored without -export\n");
+        if (csp_name != NULL)
+            BIO_printf(bio_err, "Warning: -CSP option ignored without -export\n");
+        if (canames != NULL)
+            BIO_printf(bio_err, "Warning: -caname option ignored without -export\n");
+        if (keyname != NULL)
+            BIO_printf(bio_err, "Warning: -inkey option ignored without -export\n");
+        if (keytype != 0)
+            BIO_printf(bio_err, "Warning: -keyex and -keysig options ignored without -export\n");
+        if (macalg != NULL)
+            BIO_printf(bio_err, "Warning: -macalg option ignored without -export\n");
+    }
     if (use_legacy) {
         /* load the legacy provider if not loaded already*/
         if (!OSSL_PROVIDER_available(app_get0_libctx(), "legacy")) {
@@ -414,94 +451,119 @@ int pkcs12_main(int argc, char **argv)
 
     if (export_cert) {
         EVP_PKEY *key = NULL;
-        X509 *ucert = NULL, *x = NULL;
+        X509 *ee_cert = NULL, *x = NULL;
         STACK_OF(X509) *certs = NULL;
+        STACK_OF(X509) *untrusted_certs = NULL;
         const EVP_MD *macmd = NULL;
         unsigned char *catmp = NULL;
         int i;
 
         if ((options & (NOCERTS | NOKEYS)) == (NOCERTS | NOKEYS)) {
-            BIO_printf(bio_err, "Nothing to do!\n");
+            BIO_printf(bio_err, "Nothing to export due to -nocerts and -nokeys or -noout!\n");
             goto export_end;
         }
 
-        if (options & NOCERTS)
+        if ((options & NOCERTS) != 0) {
             chain = 0;
+            BIO_printf(bio_err, "Warning: -chain option ignored with -nocerts\n");
+        }
 
         if (!(options & NOKEYS)) {
             key = load_key(keyname ? keyname : infile,
-                           FORMAT_PEM, 1, passin, e, "private key");
+                           FORMAT_PEM, 1, passin, e,
+                           keyname ?
+                           "private key from -inkey file" :
+                           "private key from -in file");
             if (key == NULL)
                 goto export_end;
         }
 
-        /* Load in all certs in input file */
+        /* Load all certs in input file */
         if (!(options & NOCERTS)) {
-            if (!load_certs(infile, &certs, passin, "input certificates"))
+            if (!load_certs(infile, &certs, passin,
+                            "certificates from -in file"))
                 goto export_end;
+            if (sk_X509_num(certs) < 1) {
+                BIO_printf(bio_err, "No certificate in -in file %s\n", infile);
+                goto export_end;
+            }
 
             if (key != NULL) {
                 /* Look for matching private key */
                 for (i = 0; i < sk_X509_num(certs); i++) {
                     x = sk_X509_value(certs, i);
                     if (X509_check_private_key(x, key)) {
-                        ucert = x;
+                        ee_cert = x;
                         /* Zero keyid and alias */
-                        X509_keyid_set1(ucert, NULL, 0);
-                        X509_alias_set1(ucert, NULL, 0);
+                        X509_keyid_set1(ee_cert, NULL, 0);
+                        X509_alias_set1(ee_cert, NULL, 0);
                         /* Remove from list */
                         (void)sk_X509_delete(certs, i);
                         break;
                     }
                 }
-                if (ucert == NULL) {
+                if (ee_cert == NULL) {
                     BIO_printf(bio_err,
-                               "No certificate matches private key\n");
+                               "No cert in -in file '%s' matches private key\n",
+                               infile);
                     goto export_end;
                 }
+            } else {
+                ee_cert = X509_dup(sk_X509_value(certs, 0)); /* take 1st cert */
             }
-
         }
 
-        /* Add any more certificates asked for */
-        if (certfile != NULL) {
-            if (!load_certs(certfile, &certs, passcerts,
-                            "certificates from certfile"))
+        /* Load any untrusted certificates for chain building */
+        if (untrusted != NULL) {
+            if (!load_certs(untrusted, &untrusted_certs, passcerts,
+                            "untrusted certificates"))
                 goto export_end;
         }
 
-        /* If chaining get chain from user cert */
+        /* If chaining get chain from end entity cert */
         if (chain) {
             int vret;
             STACK_OF(X509) *chain2;
             X509_STORE *store;
+
+            if (ee_cert == NULL) {
+                BIO_printf(bio_err,
+                           "No end entity certificate to check with -chain\n");
+                goto export_end;
+            }
+
             if ((store = setup_verify(CAfile, noCAfile, CApath, noCApath,
                                       CAstore, noCAstore))
                     == NULL)
                 goto export_end;
 
-            vret = get_cert_chain(ucert, store, &chain2);
+            vret = get_cert_chain(ee_cert, store, untrusted_certs, &chain2);
             X509_STORE_free(store);
 
             if (vret == X509_V_OK) {
-                /* Exclude verified certificate */
-                for (i = 1; i < sk_X509_num(chain2); i++)
-                    sk_X509_push(certs, sk_X509_value(chain2, i));
-                /* Free first certificate */
-                X509_free(sk_X509_value(chain2, 0));
-                sk_X509_free(chain2);
+                /* Remove from chain2 the first (end entity) certificate */
+                X509_free(sk_X509_shift(chain2));
+                /* Add the remaining certs (except for duplicates) */
+                if (!X509_add_certs(certs, chain2, X509_ADD_FLAG_UP_REF
+                                    | X509_ADD_FLAG_NO_DUP))
+                    goto export_end;
+                sk_X509_pop_free(chain2, X509_free);
             } else {
                 if (vret != X509_V_ERR_UNSPECIFIED)
-                    BIO_printf(bio_err, "Error %s getting chain.\n",
+                    BIO_printf(bio_err, "Error getting chain: %s\n",
                                X509_verify_cert_error_string(vret));
-                else
-                    ERR_print_errors(bio_err);
                 goto export_end;
             }
         }
 
-        /* Add any CA names */
+        /* Add any extra certificates asked for */
+        if (certfile != NULL) {
+            if (!load_certs(certfile, &certs, passcerts,
+                            "extra certificates from -certfile"))
+                goto export_end;
+        }
 
+        /* Add any CA names */
         for (i = 0; i < sk_OPENSSL_STRING_num(canames); i++) {
             catmp = (unsigned char *)sk_OPENSSL_STRING_value(canames, i);
             X509_alias_set1(sk_X509_value(certs, i), catmp, -1);
@@ -534,7 +596,7 @@ int pkcs12_main(int argc, char **argv)
         if (!twopass)
             OPENSSL_strlcpy(macpass, pass, sizeof(macpass));
 
-        p12 = PKCS12_create(cpass, name, key, ucert, certs,
+        p12 = PKCS12_create(cpass, name, key, ee_cert, certs,
                             key_pbe, cert_pbe, iter, -1, keytype);
 
         if (p12 == NULL) {
@@ -542,7 +604,7 @@ int pkcs12_main(int argc, char **argv)
             goto export_end;
         }
 
-        if (macalg) {
+        if (macalg != NULL) {
             if (!opt_md(macalg, &macmd))
                 goto opthelp;
         }
@@ -564,7 +626,8 @@ int pkcs12_main(int argc, char **argv)
 
         EVP_PKEY_free(key);
         sk_X509_pop_free(certs, X509_free);
-        X509_free(ucert);
+        sk_X509_pop_free(untrusted_certs, X509_free);
+        X509_free(ee_cert);
 
         goto end;
 
@@ -831,18 +894,20 @@ int dump_certs_pkeys_bag(BIO *out, const PKCS12_SAFEBAG *bag,
 /* Given a single certificate return a verified chain or NULL if error */
 
 static int get_cert_chain(X509 *cert, X509_STORE *store,
+                          STACK_OF(X509) *untrusted_certs,
                           STACK_OF(X509) **chain)
 {
     X509_STORE_CTX *store_ctx = NULL;
     STACK_OF(X509) *chn = NULL;
     int i = 0;
 
-    store_ctx = X509_STORE_CTX_new();
+    store_ctx = X509_STORE_CTX_new_with_libctx(app_get0_libctx(),
+                                               app_get0_propq());
     if (store_ctx == NULL) {
         i =  X509_V_ERR_UNSPECIFIED;
         goto end;
     }
-    if (!X509_STORE_CTX_init(store_ctx, store, cert, NULL)) {
+    if (!X509_STORE_CTX_init(store_ctx, store, cert, untrusted_certs)) {
         i =  X509_V_ERR_UNSPECIFIED;
         goto end;
     }
diff --git a/doc/man1/openssl-pkcs12.pod.in b/doc/man1/openssl-pkcs12.pod.in
index e148d229b0..c702d39e43 100644
--- a/doc/man1/openssl-pkcs12.pod.in
+++ b/doc/man1/openssl-pkcs12.pod.in
@@ -13,6 +13,7 @@ B<openssl> B<pkcs12>
 [B<-chain>]
 [B<-inkey> I<file_or_id>]
 [B<-certfile> I<filename>]
+[B<-untrusted> I<filename>]
 [B<-passcerts> I<arg>]
 [B<-name> I<name>]
 [B<-caname> I<name>]
@@ -73,8 +74,9 @@ programs including Netscape, MSIE and MS Outlook.
 =head1 OPTIONS
 
 There are a lot of options the meaning of some depends of whether a PKCS#12 file
-is being created or parsed. By default a PKCS#12 file is parsed. A PKCS#12
-file can be created by using the B<-export> option (see below).
+is being created or parsed. By default a PKCS#12 file is parsed.
+A PKCS#12 file can be created by using the B<-export> option (see below).
+Many further options such as B<-chain> make sense only with B<-export>.
 
 =head1 PARSING OPTIONS
 
@@ -86,10 +88,10 @@ Print out a usage message.
 
 =item B<-in> I<filename>
 
-This specifies filename or URI of the PKCS#12 file to be parsed.
-With B<-export>, this refers to the the certificate and/or key input,
-which can be in PEM, DER, or PKCS#12 format.
+This specifies the input filename or URI.
 Standard input is used by default.
+Without the B<-export> option this is a PKCS#12 file to be parsed.
+With the B<-export> option this is a file with certificates and possibly a key.
 
 =item B<-out> I<filename>
 
@@ -103,8 +105,8 @@ otherwise it is equivalent to B<-passin>.
 
 =item B<-noout>
 
-This option inhibits output of the keys and certificates to the output file
-version of the PKCS#12 file.
+This option inhibits credentials output,
+and so the PKCS#12 input is just verified.
 
 =item B<-clcerts>
 
@@ -206,8 +208,8 @@ certificates are present they will also be included in the PKCS#12 file.
 
 =item B<-inkey> I<file_or_id>
 
-File to read private key from. If not present then a private key must be present
-in the input file.
+File to read private key from for PKCS12 output.
+If not present then the input file (B<-in> argument) must contain a private key.
 If no engine is used, the argument is taken as a file; if an engine is
 specified, the argument is given to the engine as a key identifier.
 
@@ -218,8 +220,15 @@ name is typically displayed in list boxes by software importing the file.
 
 =item B<-certfile> I<filename>
 
-A filename or URI to read additional certificates from.
-The file can be in PEM, DER, or PKCS#12 format.
+An input file with extra certificates to be added to the PKCS12 output
+if the B<-export> option is given.
+
+=item B<-untrusted> I<filename>
+
+An input file of untrusted certificates that may be used
+for chain building, which is relevant only when a PKCS#12 file is created
+with the B<-export> option and the B<-chain> option is given as well.
+Any certificates that are actually part of the chain are added to the output.
 
 =item B<-passcerts> I<arg>
 
@@ -243,9 +252,12 @@ see L<openssl(1)/Pass Phrase Options>.
 
 =item B<-chain>
 
-If this option is present then an attempt is made to include the entire
-certificate chain of the user certificate. The standard CA store is used
-for this search. If the search fails it is considered a fatal error.
+If this option is present then the certificate chain of the end entity
+certificate is built and included in the PKCS#12 output file.
+The end entity certificate is the first one read from the B<-in> file
+if no key is given, else the first certificate matching the given key.
+The standard CA trust store is used for chain building,
+as well as any untrusted CA certificates given with the B<-untrusted> option.
 
 =item B<-descert>
 
@@ -404,7 +416,7 @@ L<ossl_store-file(7)>
 =head1 HISTORY
 
 The B<-engine> option was deprecated in OpenSSL 3.0.
-The <-nodes> option was deprecated in OpenSSL 3.0, too; use B<-noenc> instead.
+The B<-nodes> option was deprecated in OpenSSL 3.0, too; use B<-noenc> instead.
 
 =head1 COPYRIGHT
 
diff --git a/doc/man3/X509_add_cert.pod b/doc/man3/X509_add_cert.pod
index 292559e52c..1512d81701 100644
--- a/doc/man3/X509_add_cert.pod
+++ b/doc/man3/X509_add_cert.pod
@@ -19,6 +19,9 @@ X509_add_cert() adds a certificate I<cert> to the given list I<sk>.
 
 X509_add_certs() adds a list of certificate I<certs> to the given list I<sk>.
 The I<certs> argument may be NULL, which implies no effect.
+It does not modify the list I<certs> but
+in case the B<X509_ADD_FLAG_UP_REF> flag (described below) is set
+the reference counters of those of its members added to I<sk> are increased.
 
 Both these functions have a I<flags> parameter,
 which is used to control details of the operation.
@@ -42,6 +45,15 @@ which is determined using L<X509_self_signed(3)>, are ignored.
 
 Both functions return 1 for success and 0 for failure.
 
+=head1 NOTES
+
+If X509_add_certs() is used with the flags B<X509_ADD_FLAG_NO_DUP> or
+B<X509_ADD_FLAG_NO_SS> it is advisable to use also B<X509_ADD_FLAG_UP_REF>
+because otherwise likely not for all members of the I<certs> list
+the ownership is transferred to the list of certificates I<sk>.
+
+Care should also be taken in case the I<certs> argument equals I<sk>.
+
 =head1 SEE ALSO
 
 L<X509_cmp(3)>
diff --git a/test/recipes/80-test_pkcs12.t b/test/recipes/80-test_pkcs12.t
index 24247b8c25..e474d4448c 100644
--- a/test/recipes/80-test_pkcs12.t
+++ b/test/recipes/80-test_pkcs12.t
@@ -57,7 +57,7 @@ if (eval { require Win32::API; 1; }) {
 }
 $ENV{OPENSSL_WIN32_UTF8}=1;
 
-plan tests => 4;
+plan tests => 5;
 
 # Test different PKCS#12 formats
 ok(run(test(["pkcs12_format_test"])), "test pkcs12 formats");
@@ -71,6 +71,14 @@ ok(run(app(["openssl", "pkcs12", "-noout",
 my @path = qw(test certs);
 my $tmpfile = "tmp.p12";
 
+# Test the -chain option with -untrusted
+ok(run(app(["openssl", "pkcs12", "-export", "-chain",
+            "-CAfile",  srctop_file(@path,  "sroot-cert.pem"),
+            "-untrusted", srctop_file(@path, "ca-cert.pem"),
+            "-in", srctop_file(@path, "ee-cert.pem"),
+            "-nokeys", "-passout", "pass:", "-out", $tmpfile])),
+   "test_pkcs12_chain_untrusted");
+
 # Test the -passcerts option
 ok(run(app(["openssl", "pkcs12", "-export",
             "-in", srctop_file(@path, "ee-cert.pem"),

From no-reply at appveyor.com  Thu Aug 27 18:38:46 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 27 Aug 2020 18:38:46 +0000
Subject: Build failed: openssl master.36446
Message-ID: <20200827183846.1.58FE060C4B10BA5D@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200827/1d478552/attachment.html>

From builds at travis-ci.com  Thu Aug 27 19:29:37 2020
From: builds at travis-ci.com (Travis CI)
Date: Thu, 27 Aug 2020 19:29:37 +0000
Subject: Errored: openssl/openssl#36990 (master - 0495a3e)
In-Reply-To: <openssl/openssl+181683357+errored@travis-ci.com>
Message-ID: <5f4809a142623_13fb936db618457086e@travis-pro-tasks-84d9668f7f-sjzvt.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36990
Status: Errored

Duration: 1 hr, 24 mins, and 10 secs
Commit: 0495a3e (master)
Author: Rich Salz
Message: Add OCSP_PARTIAL_CHAIN to OCSP_basic_verify()

This adds a flag, OCSP_PARTIAL_CHAIN, to the OCSP_basic_verify()
function.  This is equivlent to X509_V_FLAG_PARTIAL_CHAIN, in that
if any certificate in the OCSP response is in the trust store, then
trust it.

Reviewed-by: David von Oheimb <david.von.oheimb at siemens.com>
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12666)

View the changeset: https://github.com/openssl/openssl/compare/fcc3a5204c6d...0495a3ec4ab4

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/181683357?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200827/f2cbf596/attachment.html>

From no-reply at appveyor.com  Thu Aug 27 19:49:06 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 27 Aug 2020 19:49:06 +0000
Subject: Build completed: openssl master.36447
Message-ID: <20200827194906.1.AA6B274580AD63A3@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200827/d5cf9c8a/attachment.html>

From builds at travis-ci.com  Thu Aug 27 20:40:17 2020
From: builds at travis-ci.com (Travis CI)
Date: Thu, 27 Aug 2020 20:40:17 +0000
Subject: Still Failing: openssl/openssl#36991 (master - 1d6c867)
In-Reply-To: <openssl/openssl+181683882+still failing@travis-ci.com>
Message-ID: <5f481a312b5d6_13f96addb583484952@travis-pro-tasks-5b458b45d9-q95l2.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36991
Status: Still Failing

Duration: 1 hr, 38 mins, and 33 secs
Commit: 1d6c867 (master)
Author: Dr. David von Oheimb
Message: apps/pkcs12.c: Add -untrusted option

Also improve EE cert selection, user guidance, and documentation.

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12643)

View the changeset: https://github.com/openssl/openssl/compare/0495a3ec4ab4...1d6c86709c72

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/181683882?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200827/94771403/attachment-0001.html>

From openssl at openssl.org  Thu Aug 27 21:27:36 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 27 Aug 2020 21:27:36 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-ui-console
Message-ID: <1598563656.936573.14178.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ui-console

Commit log since last time:

a149f75024 Replace hierogliphs with stub to pass tests
26930bd3c2 Documentation for internal PUNYCODE-related functions
8a302080c3 EAI test script and data
a0188e284e RFC 8398: documentation
0bf093be31 Add NID_id_on_SmtpUTF8Mailbox to table of X.509 attributes
90c9319d47 RFC 8398: EAI comparison
69d9245996 RFC 8398: Name constraints validation
4650f2b590 Punycode decoding implementation
eb800ef553 crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc()
9afa0748cf TEST: Fix CMP tests so they load keys in the current library context
39d9be390a Add CLI tests in FIPS configuration
a8b7ea8268 STORE: Change all error recording to use ERR_raise() / ERR_raise_data()
34b80d0622 STORE: Modify to support loading with provider based loaders
4fd3978211 DECODER: Add function to set an OSSL_PASSPHRASE_CALLBACK type callback
ab00ddb559 OSSL_PARAM: Add string pointer getters
c4fc564d48 STORE: Add the base functions to support provider based loaders
8704b6bf32 STORE for providers: define libcrypto <-> provider interface
faa64bca9f STORE: Add missing function OSSL_STORE_LOADER_set_open_with_libctx()
a517edec03 CORE: Generalise internal pass phrase prompter
14c8a3d118 CORE: Define provider-native abstract objects
bc8c3e1cd8 Fix coverity CID #1452770 - Dereference before NULL check in CRYPTO_siv128_init()
4bec3f6d51 Fix coverity CID #1452773 - Dereference before NULL check in EVP_DigestFinal_ex()
1f9ad4f953 Fix coverity CID #1452775 & #1452772- Dereference before NULL check in evp_lib.c
825ccf5155 Fix coverity CID #1454638 - Dereference after NULL check in EVP_MD_CTX_gettable_params()
10ead93897 Fix coverity CID #1455335 - Dereference after NULL check in fromdata_init()
db1319b706 Fix coverity CID #1458641 - Dereference before NULL check when setting ctx->flag_allow_md in rsa.c
fa519461c9 Fix coverity CID #1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info()
51bba73e93 Fix coverity CID #1458645 - Dereference before NULL check in rsa_digest_verify_final()
fdf6118b15 Fix coverity CID #1458647 - Use after free in clean_tbuf() which uses ctx->rsa
26c5ea8f61 Fix coverity CID #1458648 - Wrong sizeof() arg in rsa_freectx()
75348bb298 Fix coverity CID #1465525 - NULL pointer dereference in OSSL_DECODER_CTX_new_by_EVP_PKEY()
e499a64bef Fix coverity CID #1465531 - Negative return passed to a function param using size_t in asn1_item_digest_with_libctx()
ab7f4a3d2b Fix coverity CID #1465790 - Dereference after NULL check in evp_test.c
61d61c5fd2 Fix coverity CID #1465794 - Uninitialized pointer read in x942_encode_otherinfo()
f2bfc53b02 Fix coverity CID #1465795 - Incorrect free deallocator used in SSL_add1_host()
90e0e0d802 Fix coverity CID #1465797 - Negative loop bound in collect_deserializer
3c1ccfea85 Fix coverity CID #1465594 - Null dereference in EVP_PKEY_get0()

Build log ended with (last 100 lines):

    #   Failed test 'p10cr csr empty file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -csr wrong.csr.pem => 139
    not ok 78 - p10cr wrong csr
# ------------------------------------------------------------------------------
    #   Failed test 'p10cr wrong csr'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -revreason 5 => 139
    not ok 79 - ir + ignored revocation
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 139
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 139
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 139
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' => 139
    not ok 86 - kur newkey is directory
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139
    not ok 89 - kur oldcert is directory
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert is directory'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139
    not ok 90 - kur oldcert not existing
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert not existing'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139
    not ok 91 - kur empty oldcert file
# ------------------------------------------------------------------------------
    #   Failed test 'kur empty oldcert file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139
    not ok 92 - kur command without cert and oldcert
# ------------------------------------------------------------------------------
    #   Failed test 'kur command without cert and oldcert'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 65 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-ui-console/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=211, Tests=3351, 944 wallclock secs (13.83 usr  1.47 sys + 830.30 cusr 65.54 csys = 911.14 CPU)
Result: FAIL
Makefile:3190: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-ui-console'
Makefile:3188: recipe for target 'tests' failed
make: *** [tests] Error 2

From pauli at openssl.org  Thu Aug 27 22:43:37 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Thu, 27 Aug 2020 22:43:37 +0000
Subject: [openssl]  master update
Message-ID: <1598568217.892145.30559.nullmailer@dev.openssl.org>

The branch master has been updated
       via  edd53e9135d9546e3611ca1d45876bac15047aa8 (commit)
      from  1d6c86709c72442aff3bdde8ab48b048e6df153a (commit)


- Log -----------------------------------------------------------------
commit edd53e9135d9546e3611ca1d45876bac15047aa8
Author: Pauli <paul.dale at oracle.com>
Date:   Wed Aug 26 23:56:55 2020 +1000

    rand: add a note about a potentially misleading code analyzer warning.
    
    When seeding from a parent DRBG, the pointer to the child is used as
    additional data.  This triggers static code analysers.  Rearrange and
    expand the comments to make this more obvious.
    
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
    (Merged from https://github.com/openssl/openssl/pull/12724)

-----------------------------------------------------------------------

Summary of changes:
 providers/implementations/rands/drbg.c | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/providers/implementations/rands/drbg.c b/providers/implementations/rands/drbg.c
index 593bb176c8..a4a9b177a3 100644
--- a/providers/implementations/rands/drbg.c
+++ b/providers/implementations/rands/drbg.c
@@ -183,17 +183,23 @@ static size_t prov_drbg_get_entropy(PROV_DRBG *drbg, unsigned char **pout,
         if (buffer != NULL) {
             size_t bytes = 0;
 
+            if (drbg->parent_generate == NULL)
+                goto err;
             /*
-             * Get random data from parent. Include our address as additional input,
-             * in order to provide some additional distinction between different
-             * DRBG child instances.
              * Our lock is already held, but we need to lock our parent before
              * generating bits from it. (Note: taking the lock will be a no-op
              * if locking if drbg->parent->lock == NULL.)
              */
-            if (drbg->parent_generate == NULL)
-                goto err;
             drbg_lock_parent(drbg);
+            /*
+             * Get random data from parent.  Include our DRBG address as
+             * additional input, in order to provide a distinction between
+             * different DRBG child instances.
+             *
+             * Note: using the sizeof() operator on a pointer triggers
+             *       a warning in some static code analyzers, but it's
+             *       intentional and correct here.
+             */
             if (drbg->parent_generate(drbg->parent, buffer, bytes_needed,
                                       drbg->strength, prediction_resistance,
                                       (unsigned char *)&drbg,

From openssl at openssl.org  Thu Aug 27 23:56:40 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 27 Aug 2020 23:56:40 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 enable-fuzz-afl no-shared no-module
Message-ID: <1598572600.490235.30561.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module

Commit log since last time:

a149f75024 Replace hierogliphs with stub to pass tests
26930bd3c2 Documentation for internal PUNYCODE-related functions
8a302080c3 EAI test script and data
a0188e284e RFC 8398: documentation
0bf093be31 Add NID_id_on_SmtpUTF8Mailbox to table of X.509 attributes
90c9319d47 RFC 8398: EAI comparison
69d9245996 RFC 8398: Name constraints validation
4650f2b590 Punycode decoding implementation
eb800ef553 crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc()
9afa0748cf TEST: Fix CMP tests so they load keys in the current library context
39d9be390a Add CLI tests in FIPS configuration
a8b7ea8268 STORE: Change all error recording to use ERR_raise() / ERR_raise_data()
34b80d0622 STORE: Modify to support loading with provider based loaders
4fd3978211 DECODER: Add function to set an OSSL_PASSPHRASE_CALLBACK type callback
ab00ddb559 OSSL_PARAM: Add string pointer getters
c4fc564d48 STORE: Add the base functions to support provider based loaders
8704b6bf32 STORE for providers: define libcrypto <-> provider interface
faa64bca9f STORE: Add missing function OSSL_STORE_LOADER_set_open_with_libctx()
a517edec03 CORE: Generalise internal pass phrase prompter
14c8a3d118 CORE: Define provider-native abstract objects
bc8c3e1cd8 Fix coverity CID #1452770 - Dereference before NULL check in CRYPTO_siv128_init()
4bec3f6d51 Fix coverity CID #1452773 - Dereference before NULL check in EVP_DigestFinal_ex()
1f9ad4f953 Fix coverity CID #1452775 & #1452772- Dereference before NULL check in evp_lib.c
825ccf5155 Fix coverity CID #1454638 - Dereference after NULL check in EVP_MD_CTX_gettable_params()
10ead93897 Fix coverity CID #1455335 - Dereference after NULL check in fromdata_init()
db1319b706 Fix coverity CID #1458641 - Dereference before NULL check when setting ctx->flag_allow_md in rsa.c
fa519461c9 Fix coverity CID #1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info()
51bba73e93 Fix coverity CID #1458645 - Dereference before NULL check in rsa_digest_verify_final()
fdf6118b15 Fix coverity CID #1458647 - Use after free in clean_tbuf() which uses ctx->rsa
26c5ea8f61 Fix coverity CID #1458648 - Wrong sizeof() arg in rsa_freectx()
75348bb298 Fix coverity CID #1465525 - NULL pointer dereference in OSSL_DECODER_CTX_new_by_EVP_PKEY()
e499a64bef Fix coverity CID #1465531 - Negative return passed to a function param using size_t in asn1_item_digest_with_libctx()
ab7f4a3d2b Fix coverity CID #1465790 - Dereference after NULL check in evp_test.c
61d61c5fd2 Fix coverity CID #1465794 - Uninitialized pointer read in x942_encode_otherinfo()
f2bfc53b02 Fix coverity CID #1465795 - Incorrect free deallocator used in SSL_add1_host()
90e0e0d802 Fix coverity CID #1465797 - Negative loop bound in collect_deserializer
3c1ccfea85 Fix coverity CID #1465594 - Null dereference in EVP_PKEY_get0()

Build log ended with (last 100 lines):

../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock credentials' -proxy '' -no_proxy 127.0.0.1 -cert "" -key "" -keypass "" -unprotected_requests => 0
    not ok 38 - unprotected request
# ------------------------------------------------------------------------------
    #   Failed test 'unprotected request'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 3 tests of 38.
not ok 5 - CMP app CLI Mock credentials
# ------------------------------------------------------------------------------
OPENSSL_FUNC:../openssl/apps/cmp.c:2951:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2728:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2063:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2107:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 43 - popo RAVERIFIED
# ------------------------------------------------------------------------------
OPENSSL_FUNC:../openssl/apps/cmp.c:2951:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2728:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2063:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2107:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 47 - popo NONE
# ------------------------------------------------------------------------------
    #   Failed test 'popo NONE'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
OPENSSL_FUNC:../openssl/apps/cmp.c:2951:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2728:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2063:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2107:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 2 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 48 - popo KEYENC not supported
# ------------------------------------------------------------------------------
    # Looks like you failed 3 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/enable-fuzz-afl/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 3 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 3 (wstat 768, 0x300)
Failed 3/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ skipped: Test only supported in a shared build
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 768 Tests: 7 Failed: 3)
  Failed tests:  4-5, 7
  Non-zero exit status: 3
Files=211, Tests=3019, 787 wallclock secs (10.29 usr  1.42 sys + 724.62 cusr 53.54 csys = 789.87 CPU)
Result: FAIL
Makefile:2420: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-fuzz-afl'
Makefile:2418: recipe for target 'tests' failed
make: *** [tests] Error 2

From builds at travis-ci.com  Fri Aug 28 00:09:06 2020
From: builds at travis-ci.com (Travis CI)
Date: Fri, 28 Aug 2020 00:09:06 +0000
Subject: Still Failing: openssl/openssl#36994 (master - edd53e9)
In-Reply-To: <openssl/openssl+181720990+still failing@travis-ci.com>
Message-ID: <5f484b2227d4b_13fce417b2a88452026@travis-pro-tasks-5b458b45d9-9f4pb.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36994
Status: Still Failing

Duration: 1 hr, 24 mins, and 8 secs
Commit: edd53e9 (master)
Author: Pauli
Message: rand: add a note about a potentially misleading code analyzer warning.

When seeding from a parent DRBG, the pointer to the child is used as
additional data.  This triggers static code analysers.  Rearrange and
expand the comments to make this more obvious.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12724)

View the changeset: https://github.com/openssl/openssl/compare/1d6c86709c72...edd53e9135d9

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/181720990?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200828/a57b2d8a/attachment.html>

From pauli at openssl.org  Fri Aug 28 00:20:42 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Fri, 28 Aug 2020 00:20:42 +0000
Subject: [openssl]  master update
Message-ID: <1598574042.487290.16614.nullmailer@dev.openssl.org>

The branch master has been updated
       via  4516bf7422223a47f98931c1315985bd9dc303af (commit)
      from  edd53e9135d9546e3611ca1d45876bac15047aa8 (commit)


- Log -----------------------------------------------------------------
commit 4516bf7422223a47f98931c1315985bd9dc303af
Author: Pauli <paul.dale at oracle.com>
Date:   Wed Aug 26 14:11:49 2020 +1000

    rand: instantiate the DRBGs upon first use.
    
    Fixes #12714
    
    [skip ci]
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
    (Merged from https://github.com/openssl/openssl/pull/12717)

-----------------------------------------------------------------------

Summary of changes:
 crypto/rand/rand_lib.c      |  9 +++++++--
 test/build.info             |  6 +++++-
 test/rand_status_test.c     | 27 +++++++++++++++++++++++++++
 test/recipes/05-test_rand.t |  3 ++-
 4 files changed, 41 insertions(+), 4 deletions(-)
 create mode 100644 test/rand_status_test.c

diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index 89277e93c5..a37a575e5b 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -246,7 +246,7 @@ int RAND_status(void)
         return meth->status != NULL ? meth->status() : 0;
 
     if ((rand = RAND_get0_primary(NULL)) == NULL)
-        return EVP_RAND_STATE_UNINITIALISED;
+        return 0;
     return EVP_RAND_state(rand) == EVP_RAND_STATE_READY;
 }
 #else  /* !FIPS_MODULE */
@@ -467,7 +467,12 @@ static EVP_RAND_CTX *rand_new_drbg(OPENSSL_CTX *libctx, EVP_RAND_CTX *parent,
     if (!EVP_RAND_set_ctx_params(ctx, params)) {
         RANDerr(0, RAND_R_ERROR_INITIALISING_DRBG);
         EVP_RAND_CTX_free(ctx);
-        ctx = NULL;
+        return NULL;
+    }
+    if (!EVP_RAND_instantiate(ctx, 0, 0, NULL, 0)) {
+        RANDerr(0, RAND_R_ERROR_INSTANTIATING_DRBG);
+        EVP_RAND_CTX_free(ctx);
+        return NULL;
     }
     return ctx;
 }
diff --git a/test/build.info b/test/build.info
index 134a473195..16ff48e24b 100644
--- a/test/build.info
+++ b/test/build.info
@@ -52,7 +52,7 @@ IF[{- !$disabled{tests} -}]
           cipherbytes_test \
           asn1_encode_test asn1_decode_test asn1_string_table_test \
           x509_time_test x509_dup_cert_test x509_check_cert_pkey_test \
-          recordlentest drbgtest sslbuffertest \
+          recordlentest drbgtest rand_status_test sslbuffertest \
           time_offset_test pemtest ssl_cert_table_internal_test ciphername_test \
           http_test servername_test ocspapitest fatalerrtest tls13ccstest \
           sysdefaulttest errtest ssl_ctx_test gosttest \
@@ -380,6 +380,10 @@ IF[{- !$disabled{tests} -}]
   INCLUDE[drbgtest]=../include ../apps/include
   DEPEND[drbgtest]=../libcrypto.a libtestutil.a
 
+  SOURCE[rand_status_test]=rand_status_test.c
+  INCLUDE[rand_status_test]=../include ../apps/include
+  DEPEND[rand_status_test]=../libcrypto libtestutil.a
+
   SOURCE[x509_dup_cert_test]=x509_dup_cert_test.c
   INCLUDE[x509_dup_cert_test]=../include ../apps/include
   DEPEND[x509_dup_cert_test]=../libcrypto libtestutil.a
diff --git a/test/rand_status_test.c b/test/rand_status_test.c
new file mode 100644
index 0000000000..449b523d70
--- /dev/null
+++ b/test/rand_status_test.c
@@ -0,0 +1,27 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/rand.h>
+#include "testutil.h"
+
+/*
+ * This needs to be in a test executable all by itself so that it can be
+ * guaranteed to run before any generate calls have been made.
+ */
+
+static int test_rand_status(void)
+{
+    return TEST_true(RAND_status());
+}
+
+int setup_tests(void)
+{
+    ADD_TEST(test_rand_status);
+    return 1;
+}
diff --git a/test/recipes/05-test_rand.t b/test/recipes/05-test_rand.t
index 4a080cb910..750b1a28e8 100644
--- a/test/recipes/05-test_rand.t
+++ b/test/recipes/05-test_rand.t
@@ -11,7 +11,8 @@ use warnings;
 use OpenSSL::Test;
 use OpenSSL::Test::Utils;
 
-plan tests => 1;
+plan tests => 2;
 setup("test_rand");
 
 ok(run(test(["drbgtest"])));
+ok(run(test(["rand_status_test"])));

From kaduk at mit.edu  Fri Aug 28 03:29:00 2020
From: kaduk at mit.edu (kaduk at mit.edu)
Date: Fri, 28 Aug 2020 03:29:00 +0000
Subject: [openssl]  master update
Message-ID: <1598585340.413704.15990.nullmailer@dev.openssl.org>

The branch master has been updated
       via  cd84d8832d274357a5ba5433640d7ef76691b1ac (commit)
      from  4516bf7422223a47f98931c1315985bd9dc303af (commit)


- Log -----------------------------------------------------------------
commit cd84d8832d274357a5ba5433640d7ef76691b1ac
Author: Jung-uk Kim <jkim at FreeBSD.org>
Date:   Wed Aug 26 14:00:56 2020 -0400

    Ignore vendor name in Clang version number.
    
    For example, FreeBSD prepends "FreeBSD" to version string, e.g.,
    
    FreeBSD clang version 11.0.0 (git at github.com:llvm/llvm-project.git llvmorg-11.0.0-rc2-0-g414f32a9e86)
    Target: x86_64-unknown-freebsd13.0
    Thread model: posix
    InstalledDir: /usr/bin
    
    This prevented us from properly detecting AVX support, etc.
    
    CLA: trivial
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    Reviewed-by: Ben Kaduk <kaduk at mit.edu>
    (Merged from https://github.com/openssl/openssl/pull/12725)

-----------------------------------------------------------------------

Summary of changes:
 crypto/aes/asm/aesni-mb-x86_64.pl      | 2 +-
 crypto/aes/asm/aesni-sha1-x86_64.pl    | 2 +-
 crypto/aes/asm/aesni-sha256-x86_64.pl  | 2 +-
 crypto/bn/asm/rsaz-avx2.pl             | 2 +-
 crypto/bn/asm/rsaz-x86_64.pl           | 2 +-
 crypto/bn/asm/x86_64-mont.pl           | 2 +-
 crypto/bn/asm/x86_64-mont5.pl          | 2 +-
 crypto/chacha/asm/chacha-x86.pl        | 2 +-
 crypto/chacha/asm/chacha-x86_64.pl     | 2 +-
 crypto/ec/asm/ecp_nistz256-x86_64.pl   | 2 +-
 crypto/ec/asm/x25519-x86_64.pl         | 2 +-
 crypto/modes/asm/aesni-gcm-x86_64.pl   | 2 +-
 crypto/modes/asm/ghash-x86_64.pl       | 2 +-
 crypto/poly1305/asm/poly1305-x86.pl    | 2 +-
 crypto/poly1305/asm/poly1305-x86_64.pl | 2 +-
 crypto/sha/asm/sha1-586.pl             | 2 +-
 crypto/sha/asm/sha1-mb-x86_64.pl       | 2 +-
 crypto/sha/asm/sha1-x86_64.pl          | 2 +-
 crypto/sha/asm/sha256-586.pl           | 2 +-
 crypto/sha/asm/sha256-mb-x86_64.pl     | 2 +-
 crypto/sha/asm/sha512-x86_64.pl        | 2 +-
 util/perl/OpenSSL/config.pm            | 2 +-
 22 files changed, 22 insertions(+), 22 deletions(-)

diff --git a/crypto/aes/asm/aesni-mb-x86_64.pl b/crypto/aes/asm/aesni-mb-x86_64.pl
index 3c74df5f78..dde15b1ef7 100644
--- a/crypto/aes/asm/aesni-mb-x86_64.pl
+++ b/crypto/aes/asm/aesni-mb-x86_64.pl
@@ -76,7 +76,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$avx = ($1>=10) + ($1>=11);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 
diff --git a/crypto/aes/asm/aesni-sha1-x86_64.pl b/crypto/aes/asm/aesni-sha1-x86_64.pl
index 7d1f91295c..dbe33a3f1a 100644
--- a/crypto/aes/asm/aesni-sha1-x86_64.pl
+++ b/crypto/aes/asm/aesni-sha1-x86_64.pl
@@ -109,7 +109,7 @@ $avx=1 if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
 $avx=1 if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	   `ml64 2>&1` =~ /Version ([0-9]+)\./ &&
 	   $1>=10);
-$avx=1 if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/ && $2>=3.0);
+$avx=1 if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/ && $2>=3.0);
 
 $shaext=1;	### set to zero if compiling for 1.0.1
 
diff --git a/crypto/aes/asm/aesni-sha256-x86_64.pl b/crypto/aes/asm/aesni-sha256-x86_64.pl
index 38901feb66..5521766a6a 100644
--- a/crypto/aes/asm/aesni-sha256-x86_64.pl
+++ b/crypto/aes/asm/aesni-sha256-x86_64.pl
@@ -71,7 +71,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$avx = ($1>=10) + ($1>=12);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 
diff --git a/crypto/bn/asm/rsaz-avx2.pl b/crypto/bn/asm/rsaz-avx2.pl
index fc2e8f587b..3d0e342a6b 100755
--- a/crypto/bn/asm/rsaz-avx2.pl
+++ b/crypto/bn/asm/rsaz-avx2.pl
@@ -67,7 +67,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$addx = ($1>=11);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([0-9]+)\.([0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|based on LLVM) ([0-9]+)\.([0-9]+)/) {
 	my $ver = $2 + $3/100.0;	# 3.1->3.01, 3.10->3.10
 	$avx = ($ver>=3.0) + ($ver>=3.01);
 	$addx = ($ver>=3.03);
diff --git a/crypto/bn/asm/rsaz-x86_64.pl b/crypto/bn/asm/rsaz-x86_64.pl
index 78df8adf98..5c7d526fa3 100755
--- a/crypto/bn/asm/rsaz-x86_64.pl
+++ b/crypto/bn/asm/rsaz-x86_64.pl
@@ -83,7 +83,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$addx = ($1>=12);
 }
 
-if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
+if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
 	my $ver = $2 + $3/100.0;	# 3.1->3.01, 3.10->3.10
 	$addx = ($ver>=3.03);
 }
diff --git a/crypto/bn/asm/x86_64-mont.pl b/crypto/bn/asm/x86_64-mont.pl
index 187f29f8e2..140072b899 100755
--- a/crypto/bn/asm/x86_64-mont.pl
+++ b/crypto/bn/asm/x86_64-mont.pl
@@ -77,7 +77,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$addx = ($1>=12);
 }
 
-if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
+if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
 	my $ver = $2 + $3/100.0;	# 3.1->3.01, 3.10->3.10
 	$addx = ($ver>=3.03);
 }
diff --git a/crypto/bn/asm/x86_64-mont5.pl b/crypto/bn/asm/x86_64-mont5.pl
index 1edf1f7174..c03473f13a 100755
--- a/crypto/bn/asm/x86_64-mont5.pl
+++ b/crypto/bn/asm/x86_64-mont5.pl
@@ -62,7 +62,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$addx = ($1>=12);
 }
 
-if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
+if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
 	my $ver = $2 + $3/100.0;	# 3.1->3.01, 3.10->3.10
 	$addx = ($ver>=3.03);
 }
diff --git a/crypto/chacha/asm/chacha-x86.pl b/crypto/chacha/asm/chacha-x86.pl
index d88e88975b..d0e83d88ce 100755
--- a/crypto/chacha/asm/chacha-x86.pl
+++ b/crypto/chacha/asm/chacha-x86.pl
@@ -61,7 +61,7 @@ $ymm=1 if ($xmm && !$ymm && $ARGV[0] eq "win32" &&
 		$1>=10);	# first version supporting AVX
 
 $ymm=1 if ($xmm && !$ymm &&
-		`$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/ &&
+		`$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/ &&
 		$2>=3.0);	# first version supporting AVX
 
 $a="eax";
diff --git a/crypto/chacha/asm/chacha-x86_64.pl b/crypto/chacha/asm/chacha-x86_64.pl
index 7c06a9b329..964c926fde 100755
--- a/crypto/chacha/asm/chacha-x86_64.pl
+++ b/crypto/chacha/asm/chacha-x86_64.pl
@@ -86,7 +86,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$avx = ($1>=10) + ($1>=11);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 
diff --git a/crypto/ec/asm/ecp_nistz256-x86_64.pl b/crypto/ec/asm/ecp_nistz256-x86_64.pl
index fc8719cb62..430b14c86d 100755
--- a/crypto/ec/asm/ecp_nistz256-x86_64.pl
+++ b/crypto/ec/asm/ecp_nistz256-x86_64.pl
@@ -74,7 +74,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$addx = ($1>=12);
 }
 
-if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
+if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
 	my $ver = $2 + $3/100.0;	# 3.1->3.01, 3.10->3.10
 	$avx = ($ver>=3.0) + ($ver>=3.01);
 	$addx = ($ver>=3.03);
diff --git a/crypto/ec/asm/x25519-x86_64.pl b/crypto/ec/asm/x25519-x86_64.pl
index a8b145e6a0..d2285269a3 100755
--- a/crypto/ec/asm/x25519-x86_64.pl
+++ b/crypto/ec/asm/x25519-x86_64.pl
@@ -92,7 +92,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$addx = ($1>=12);
 }
 
-if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
+if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
 	my $ver = $2 + $3/100.0;	# 3.1->3.01, 3.10->3.10
 	$addx = ($ver>=3.03);
 }
diff --git a/crypto/modes/asm/aesni-gcm-x86_64.pl b/crypto/modes/asm/aesni-gcm-x86_64.pl
index 37953109a5..eaf4d9c755 100644
--- a/crypto/modes/asm/aesni-gcm-x86_64.pl
+++ b/crypto/modes/asm/aesni-gcm-x86_64.pl
@@ -67,7 +67,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$avx = ($1>=10) + ($1>=11);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 
diff --git a/crypto/modes/asm/ghash-x86_64.pl b/crypto/modes/asm/ghash-x86_64.pl
index 5a8d2e0b69..6709f96492 100644
--- a/crypto/modes/asm/ghash-x86_64.pl
+++ b/crypto/modes/asm/ghash-x86_64.pl
@@ -117,7 +117,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$avx = ($1>=10) + ($1>=11);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 
diff --git a/crypto/poly1305/asm/poly1305-x86.pl b/crypto/poly1305/asm/poly1305-x86.pl
index f58af00837..c91d01fb3b 100755
--- a/crypto/poly1305/asm/poly1305-x86.pl
+++ b/crypto/poly1305/asm/poly1305-x86.pl
@@ -70,7 +70,7 @@ if ($sse2) {
 	$avx = ($1>=2.09) + ($1>=2.10);
 	}
 
-	if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/) {
+	if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/) {
 		$avx = ($2>=3.0) + ($2>3.0);
 	}
 }
diff --git a/crypto/poly1305/asm/poly1305-x86_64.pl b/crypto/poly1305/asm/poly1305-x86_64.pl
index dbcd0463cb..fa9bfb7a7b 100755
--- a/crypto/poly1305/asm/poly1305-x86_64.pl
+++ b/crypto/poly1305/asm/poly1305-x86_64.pl
@@ -91,7 +91,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$avx = ($1>=10) + ($1>=12);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 
diff --git a/crypto/sha/asm/sha1-586.pl b/crypto/sha/asm/sha1-586.pl
index 8a33fd53ea..00350324a1 100644
--- a/crypto/sha/asm/sha1-586.pl
+++ b/crypto/sha/asm/sha1-586.pl
@@ -143,7 +143,7 @@ $ymm=1 if ($xmm && !$ymm && $ARGV[0] eq "win32" &&
 		`ml 2>&1` =~ /Version ([0-9]+)\./ &&
 		$1>=10);	# first version supporting AVX
 
-$ymm=1 if ($xmm && !$ymm && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/ &&
+$ymm=1 if ($xmm && !$ymm && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/ &&
 		$2>=3.0);	# first version supporting AVX
 
 $shaext=$xmm;	### set to zero if compiling for 1.0.1
diff --git a/crypto/sha/asm/sha1-mb-x86_64.pl b/crypto/sha/asm/sha1-mb-x86_64.pl
index 16f6ddbd2a..67faba136d 100644
--- a/crypto/sha/asm/sha1-mb-x86_64.pl
+++ b/crypto/sha/asm/sha1-mb-x86_64.pl
@@ -72,7 +72,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$avx = ($1>=10) + ($1>=11);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 
diff --git a/crypto/sha/asm/sha1-x86_64.pl b/crypto/sha/asm/sha1-x86_64.pl
index 674b288f66..c66b8fca87 100755
--- a/crypto/sha/asm/sha1-x86_64.pl
+++ b/crypto/sha/asm/sha1-x86_64.pl
@@ -120,7 +120,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$avx = ($1>=10) + ($1>=11);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 
diff --git a/crypto/sha/asm/sha256-586.pl b/crypto/sha/asm/sha256-586.pl
index d3c0c44d3f..8e19cd875e 100644
--- a/crypto/sha/asm/sha256-586.pl
+++ b/crypto/sha/asm/sha256-586.pl
@@ -95,7 +95,7 @@ if ($xmm && !$avx && $ARGV[0] eq "win32" &&
 	$avx = ($1>=10) + ($1>=11);
 }
 
-if ($xmm && !$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/) {
+if ($xmm && !$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 
diff --git a/crypto/sha/asm/sha256-mb-x86_64.pl b/crypto/sha/asm/sha256-mb-x86_64.pl
index 681f505763..fa2ca86046 100644
--- a/crypto/sha/asm/sha256-mb-x86_64.pl
+++ b/crypto/sha/asm/sha256-mb-x86_64.pl
@@ -73,7 +73,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$avx = ($1>=10) + ($1>=11);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 
diff --git a/crypto/sha/asm/sha512-x86_64.pl b/crypto/sha/asm/sha512-x86_64.pl
index ec75abdd72..1bd0256954 100755
--- a/crypto/sha/asm/sha512-x86_64.pl
+++ b/crypto/sha/asm/sha512-x86_64.pl
@@ -136,7 +136,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$avx = ($1>=10) + ($1>=11);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 
diff --git a/util/perl/OpenSSL/config.pm b/util/perl/OpenSSL/config.pm
index e72eadc8a9..4409c98df6 100755
--- a/util/perl/OpenSSL/config.pm
+++ b/util/perl/OpenSSL/config.pm
@@ -50,7 +50,7 @@ my @cc_version =
     (
      clang => sub {
          my $v = `$CROSS_COMPILE$CC -v 2>&1`;
-         $v =~ m/(?:(?:^clang|LLVM) version|.*based on LLVM)\s+([0-9]+\.[0-9]+)/;
+         $v =~ m/(?:(?:clang|LLVM) version|.*based on LLVM)\s+([0-9]+\.[0-9]+)/;
          return $1;
      },
      gnu => sub {

From kaduk at mit.edu  Fri Aug 28 03:39:33 2020
From: kaduk at mit.edu (kaduk at mit.edu)
Date: Fri, 28 Aug 2020 03:39:33 +0000
Subject: [openssl]  OpenSSL_1_1_1-stable update
Message-ID: <1598585973.464071.18665.nullmailer@dev.openssl.org>

The branch OpenSSL_1_1_1-stable has been updated
       via  28499baca599413fe775c59433159b6188d9bedb (commit)
      from  46a9ee8c796c8b5f8d95290676119b4f3d72be91 (commit)


- Log -----------------------------------------------------------------
commit 28499baca599413fe775c59433159b6188d9bedb
Author: Jung-uk Kim <jkim at FreeBSD.org>
Date:   Wed Aug 26 14:00:56 2020 -0400

    Ignore vendor name in Clang version number.
    
    For example, FreeBSD prepends "FreeBSD" to version string, e.g.,
    
    FreeBSD clang version 11.0.0 (git at github.com:llvm/llvm-project.git llvmorg-11.0.0-rc2-0-g414f32a9e86)
    Target: x86_64-unknown-freebsd13.0
    Thread model: posix
    InstalledDir: /usr/bin
    
    This prevented us from properly detecting AVX support, etc.
    
    CLA: trivial
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    Reviewed-by: Ben Kaduk <kaduk at mit.edu>
    (Merged from https://github.com/openssl/openssl/pull/12725)
    
    (cherry picked from commit cd84d8832d274357a5ba5433640d7ef76691b1ac)

-----------------------------------------------------------------------

Summary of changes:
 crypto/aes/asm/aesni-mb-x86_64.pl      | 2 +-
 crypto/aes/asm/aesni-sha1-x86_64.pl    | 2 +-
 crypto/aes/asm/aesni-sha256-x86_64.pl  | 2 +-
 crypto/bn/asm/rsaz-avx2.pl             | 2 +-
 crypto/bn/asm/rsaz-x86_64.pl           | 2 +-
 crypto/bn/asm/x86_64-mont.pl           | 2 +-
 crypto/bn/asm/x86_64-mont5.pl          | 2 +-
 crypto/chacha/asm/chacha-x86.pl        | 2 +-
 crypto/chacha/asm/chacha-x86_64.pl     | 2 +-
 crypto/ec/asm/ecp_nistz256-x86_64.pl   | 2 +-
 crypto/ec/asm/x25519-x86_64.pl         | 2 +-
 crypto/modes/asm/aesni-gcm-x86_64.pl   | 2 +-
 crypto/modes/asm/ghash-x86_64.pl       | 2 +-
 crypto/poly1305/asm/poly1305-x86.pl    | 2 +-
 crypto/poly1305/asm/poly1305-x86_64.pl | 2 +-
 crypto/sha/asm/sha1-586.pl             | 2 +-
 crypto/sha/asm/sha1-mb-x86_64.pl       | 2 +-
 crypto/sha/asm/sha1-x86_64.pl          | 2 +-
 crypto/sha/asm/sha256-586.pl           | 2 +-
 crypto/sha/asm/sha256-mb-x86_64.pl     | 2 +-
 crypto/sha/asm/sha512-x86_64.pl        | 2 +-
 21 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/crypto/aes/asm/aesni-mb-x86_64.pl b/crypto/aes/asm/aesni-mb-x86_64.pl
index be2434f120..a80cfdc139 100644
--- a/crypto/aes/asm/aesni-mb-x86_64.pl
+++ b/crypto/aes/asm/aesni-mb-x86_64.pl
@@ -70,7 +70,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$avx = ($1>=10) + ($1>=11);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 
diff --git a/crypto/aes/asm/aesni-sha1-x86_64.pl b/crypto/aes/asm/aesni-sha1-x86_64.pl
index 42fe5d469e..04fd13be5e 100644
--- a/crypto/aes/asm/aesni-sha1-x86_64.pl
+++ b/crypto/aes/asm/aesni-sha1-x86_64.pl
@@ -108,7 +108,7 @@ $avx=1 if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
 $avx=1 if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	   `ml64 2>&1` =~ /Version ([0-9]+)\./ &&
 	   $1>=10);
-$avx=1 if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/ && $2>=3.0);
+$avx=1 if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/ && $2>=3.0);
 
 $shaext=1;	### set to zero if compiling for 1.0.1
 
diff --git a/crypto/aes/asm/aesni-sha256-x86_64.pl b/crypto/aes/asm/aesni-sha256-x86_64.pl
index f1b144eccb..ff9b18507d 100644
--- a/crypto/aes/asm/aesni-sha256-x86_64.pl
+++ b/crypto/aes/asm/aesni-sha256-x86_64.pl
@@ -70,7 +70,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$avx = ($1>=10) + ($1>=12);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 
diff --git a/crypto/bn/asm/rsaz-avx2.pl b/crypto/bn/asm/rsaz-avx2.pl
index 9b54f9d9ed..0be771febc 100755
--- a/crypto/bn/asm/rsaz-avx2.pl
+++ b/crypto/bn/asm/rsaz-avx2.pl
@@ -66,7 +66,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$addx = ($1>=11);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([0-9]+)\.([0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|based on LLVM) ([0-9]+)\.([0-9]+)/) {
 	my $ver = $2 + $3/100.0;	# 3.1->3.01, 3.10->3.10
 	$avx = ($ver>=3.0) + ($ver>=3.01);
 	$addx = ($ver>=3.03);
diff --git a/crypto/bn/asm/rsaz-x86_64.pl b/crypto/bn/asm/rsaz-x86_64.pl
index 8172dace74..cf08ce9b83 100755
--- a/crypto/bn/asm/rsaz-x86_64.pl
+++ b/crypto/bn/asm/rsaz-x86_64.pl
@@ -81,7 +81,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$addx = ($1>=12);
 }
 
-if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
+if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
 	my $ver = $2 + $3/100.0;	# 3.1->3.01, 3.10->3.10
 	$addx = ($ver>=3.03);
 }
diff --git a/crypto/bn/asm/x86_64-mont.pl b/crypto/bn/asm/x86_64-mont.pl
index e00cac448b..f14d4e63b9 100755
--- a/crypto/bn/asm/x86_64-mont.pl
+++ b/crypto/bn/asm/x86_64-mont.pl
@@ -75,7 +75,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$addx = ($1>=12);
 }
 
-if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
+if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
 	my $ver = $2 + $3/100.0;	# 3.1->3.01, 3.10->3.10
 	$addx = ($ver>=3.03);
 }
diff --git a/crypto/bn/asm/x86_64-mont5.pl b/crypto/bn/asm/x86_64-mont5.pl
index 887770b30d..8c37d132e4 100755
--- a/crypto/bn/asm/x86_64-mont5.pl
+++ b/crypto/bn/asm/x86_64-mont5.pl
@@ -60,7 +60,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$addx = ($1>=12);
 }
 
-if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
+if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
 	my $ver = $2 + $3/100.0;	# 3.1->3.01, 3.10->3.10
 	$addx = ($ver>=3.03);
 }
diff --git a/crypto/chacha/asm/chacha-x86.pl b/crypto/chacha/asm/chacha-x86.pl
index a1f5694b69..492fda5f11 100755
--- a/crypto/chacha/asm/chacha-x86.pl
+++ b/crypto/chacha/asm/chacha-x86.pl
@@ -62,7 +62,7 @@ $ymm=1 if ($xmm && !$ymm && $ARGV[0] eq "win32" &&
 		$1>=10);	# first version supporting AVX
 
 $ymm=1 if ($xmm && !$ymm &&
-		`$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/ &&
+		`$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/ &&
 		$2>=3.0);	# first version supporting AVX
 
 $a="eax";
diff --git a/crypto/chacha/asm/chacha-x86_64.pl b/crypto/chacha/asm/chacha-x86_64.pl
index 647d2537ce..227ee59ff2 100755
--- a/crypto/chacha/asm/chacha-x86_64.pl
+++ b/crypto/chacha/asm/chacha-x86_64.pl
@@ -85,7 +85,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$avx = ($1>=10) + ($1>=11);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 
diff --git a/crypto/ec/asm/ecp_nistz256-x86_64.pl b/crypto/ec/asm/ecp_nistz256-x86_64.pl
index de9b194510..b50ee70191 100755
--- a/crypto/ec/asm/ecp_nistz256-x86_64.pl
+++ b/crypto/ec/asm/ecp_nistz256-x86_64.pl
@@ -72,7 +72,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$addx = ($1>=12);
 }
 
-if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
+if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
 	my $ver = $2 + $3/100.0;	# 3.1->3.01, 3.10->3.10
 	$avx = ($ver>=3.0) + ($ver>=3.01);
 	$addx = ($ver>=3.03);
diff --git a/crypto/ec/asm/x25519-x86_64.pl b/crypto/ec/asm/x25519-x86_64.pl
index 3d9d1dc1ad..62599dacac 100755
--- a/crypto/ec/asm/x25519-x86_64.pl
+++ b/crypto/ec/asm/x25519-x86_64.pl
@@ -90,7 +90,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$addx = ($1>=12);
 }
 
-if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
+if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
 	my $ver = $2 + $3/100.0;	# 3.1->3.01, 3.10->3.10
 	$addx = ($ver>=3.03);
 }
diff --git a/crypto/modes/asm/aesni-gcm-x86_64.pl b/crypto/modes/asm/aesni-gcm-x86_64.pl
index 959efedb0d..60f03e4fe2 100644
--- a/crypto/modes/asm/aesni-gcm-x86_64.pl
+++ b/crypto/modes/asm/aesni-gcm-x86_64.pl
@@ -66,7 +66,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$avx = ($1>=10) + ($1>=11);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 
diff --git a/crypto/modes/asm/ghash-x86_64.pl b/crypto/modes/asm/ghash-x86_64.pl
index 0a0bfd575c..9bdba41d1d 100644
--- a/crypto/modes/asm/ghash-x86_64.pl
+++ b/crypto/modes/asm/ghash-x86_64.pl
@@ -116,7 +116,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$avx = ($1>=10) + ($1>=11);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 
diff --git a/crypto/poly1305/asm/poly1305-x86.pl b/crypto/poly1305/asm/poly1305-x86.pl
index 4aaf63a0a1..2ae16a230b 100755
--- a/crypto/poly1305/asm/poly1305-x86.pl
+++ b/crypto/poly1305/asm/poly1305-x86.pl
@@ -71,7 +71,7 @@ if ($sse2) {
 	$avx = ($1>=2.09) + ($1>=2.10);
 	}
 
-	if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/) {
+	if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/) {
 		$avx = ($2>=3.0) + ($2>3.0);
 	}
 }
diff --git a/crypto/poly1305/asm/poly1305-x86_64.pl b/crypto/poly1305/asm/poly1305-x86_64.pl
index c014be1ca9..5f834d8faf 100755
--- a/crypto/poly1305/asm/poly1305-x86_64.pl
+++ b/crypto/poly1305/asm/poly1305-x86_64.pl
@@ -90,7 +90,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$avx = ($1>=10) + ($1>=12);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 
diff --git a/crypto/sha/asm/sha1-586.pl b/crypto/sha/asm/sha1-586.pl
index f7b85e6c6d..b72869b86d 100644
--- a/crypto/sha/asm/sha1-586.pl
+++ b/crypto/sha/asm/sha1-586.pl
@@ -144,7 +144,7 @@ $ymm=1 if ($xmm && !$ymm && $ARGV[0] eq "win32" &&
 		`ml 2>&1` =~ /Version ([0-9]+)\./ &&
 		$1>=10);	# first version supporting AVX
 
-$ymm=1 if ($xmm && !$ymm && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/ &&
+$ymm=1 if ($xmm && !$ymm && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/ &&
 		$2>=3.0);	# first version supporting AVX
 
 $shaext=$xmm;	### set to zero if compiling for 1.0.1
diff --git a/crypto/sha/asm/sha1-mb-x86_64.pl b/crypto/sha/asm/sha1-mb-x86_64.pl
index a78266d62f..47c5887151 100644
--- a/crypto/sha/asm/sha1-mb-x86_64.pl
+++ b/crypto/sha/asm/sha1-mb-x86_64.pl
@@ -66,7 +66,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$avx = ($1>=10) + ($1>=11);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 
diff --git a/crypto/sha/asm/sha1-x86_64.pl b/crypto/sha/asm/sha1-x86_64.pl
index 0680d6d0a2..89146d137b 100755
--- a/crypto/sha/asm/sha1-x86_64.pl
+++ b/crypto/sha/asm/sha1-x86_64.pl
@@ -119,7 +119,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$avx = ($1>=10) + ($1>=11);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 
diff --git a/crypto/sha/asm/sha256-586.pl b/crypto/sha/asm/sha256-586.pl
index 6989d59bd7..7523dbc165 100644
--- a/crypto/sha/asm/sha256-586.pl
+++ b/crypto/sha/asm/sha256-586.pl
@@ -96,7 +96,7 @@ if ($xmm && !$avx && $ARGV[0] eq "win32" &&
 	$avx = ($1>=10) + ($1>=11);
 }
 
-if ($xmm && !$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/) {
+if ($xmm && !$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 
diff --git a/crypto/sha/asm/sha256-mb-x86_64.pl b/crypto/sha/asm/sha256-mb-x86_64.pl
index 81ac814eff..c8cc6efac9 100644
--- a/crypto/sha/asm/sha256-mb-x86_64.pl
+++ b/crypto/sha/asm/sha256-mb-x86_64.pl
@@ -67,7 +67,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$avx = ($1>=10) + ($1>=11);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 
diff --git a/crypto/sha/asm/sha512-x86_64.pl b/crypto/sha/asm/sha512-x86_64.pl
index 64ae641c14..ad37850e61 100755
--- a/crypto/sha/asm/sha512-x86_64.pl
+++ b/crypto/sha/asm/sha512-x86_64.pl
@@ -135,7 +135,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
 	$avx = ($1>=10) + ($1>=11);
 }
 
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
 	$avx = ($2>=3.0) + ($2>3.0);
 }
 

From builds at travis-ci.com  Fri Aug 28 04:52:34 2020
From: builds at travis-ci.com (Travis CI)
Date: Fri, 28 Aug 2020 04:52:34 +0000
Subject: Still Failing: openssl/openssl#36995 (master - cd84d88)
In-Reply-To: <openssl/openssl+181737713+still failing@travis-ci.com>
Message-ID: <5f488d90b6563_13f9d1fbaa01c8983c@travis-pro-tasks-677ff75d68-5lvl9.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36995
Status: Still Failing

Duration: 1 hr, 2 mins, and 41 secs
Commit: cd84d88 (master)
Author: Jung-uk Kim
Message: Ignore vendor name in Clang version number.

For example, FreeBSD prepends "FreeBSD" to version string, e.g.,

FreeBSD clang version 11.0.0 (git at github.com:llvm/llvm-project.git llvmorg-11.0.0-rc2-0-g414f32a9e86)
Target: x86_64-unknown-freebsd13.0
Thread model: posix
InstalledDir: /usr/bin

This prevented us from properly detecting AVX support, etc.

CLA: trivial

Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Paul Dale <paul.dale at oracle.com>
Reviewed-by: Ben Kaduk <kaduk at mit.edu>
(Merged from https://github.com/openssl/openssl/pull/12725)

View the changeset: https://github.com/openssl/openssl/compare/4516bf742222...cd84d8832d27

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/181737713?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200828/0872da84/attachment-0001.html>

From openssl at openssl.org  Fri Aug 28 06:19:05 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 28 Aug 2020 06:19:05 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-posix-io
Message-ID: <1598595545.101427.28032.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-posix-io

Commit log since last time:

a149f75024 Replace hierogliphs with stub to pass tests
26930bd3c2 Documentation for internal PUNYCODE-related functions
8a302080c3 EAI test script and data
a0188e284e RFC 8398: documentation
0bf093be31 Add NID_id_on_SmtpUTF8Mailbox to table of X.509 attributes
90c9319d47 RFC 8398: EAI comparison
69d9245996 RFC 8398: Name constraints validation
4650f2b590 Punycode decoding implementation
eb800ef553 crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc()
9afa0748cf TEST: Fix CMP tests so they load keys in the current library context
39d9be390a Add CLI tests in FIPS configuration
a8b7ea8268 STORE: Change all error recording to use ERR_raise() / ERR_raise_data()
34b80d0622 STORE: Modify to support loading with provider based loaders
4fd3978211 DECODER: Add function to set an OSSL_PASSPHRASE_CALLBACK type callback
ab00ddb559 OSSL_PARAM: Add string pointer getters
c4fc564d48 STORE: Add the base functions to support provider based loaders
8704b6bf32 STORE for providers: define libcrypto <-> provider interface
faa64bca9f STORE: Add missing function OSSL_STORE_LOADER_set_open_with_libctx()
a517edec03 CORE: Generalise internal pass phrase prompter
14c8a3d118 CORE: Define provider-native abstract objects
bc8c3e1cd8 Fix coverity CID #1452770 - Dereference before NULL check in CRYPTO_siv128_init()
4bec3f6d51 Fix coverity CID #1452773 - Dereference before NULL check in EVP_DigestFinal_ex()
1f9ad4f953 Fix coverity CID #1452775 & #1452772- Dereference before NULL check in evp_lib.c
825ccf5155 Fix coverity CID #1454638 - Dereference after NULL check in EVP_MD_CTX_gettable_params()
10ead93897 Fix coverity CID #1455335 - Dereference after NULL check in fromdata_init()
db1319b706 Fix coverity CID #1458641 - Dereference before NULL check when setting ctx->flag_allow_md in rsa.c
fa519461c9 Fix coverity CID #1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info()
51bba73e93 Fix coverity CID #1458645 - Dereference before NULL check in rsa_digest_verify_final()
fdf6118b15 Fix coverity CID #1458647 - Use after free in clean_tbuf() which uses ctx->rsa
26c5ea8f61 Fix coverity CID #1458648 - Wrong sizeof() arg in rsa_freectx()
75348bb298 Fix coverity CID #1465525 - NULL pointer dereference in OSSL_DECODER_CTX_new_by_EVP_PKEY()
e499a64bef Fix coverity CID #1465531 - Negative return passed to a function param using size_t in asn1_item_digest_with_libctx()
ab7f4a3d2b Fix coverity CID #1465790 - Dereference after NULL check in evp_test.c
61d61c5fd2 Fix coverity CID #1465794 - Uninitialized pointer read in x942_encode_otherinfo()
f2bfc53b02 Fix coverity CID #1465795 - Incorrect free deallocator used in SSL_add1_host()
90e0e0d802 Fix coverity CID #1465797 - Negative loop bound in collect_deserializer
3c1ccfea85 Fix coverity CID #1465594 - Null dereference in EVP_PKEY_get0()

Build log ended with (last 100 lines):

rm -f doc/man/man1/CA.pl.1 doc/man/man1/openssl-asn1parse.1 doc/man/man1/openssl-ca.1 doc/man/man1/openssl-ciphers.1 doc/man/man1/openssl-cmds.1 doc/man/man1/openssl-cmp.1 doc/man/man1/openssl-cms.1 doc/man/man1/openssl-crl.1 doc/man/man1/openssl-crl2pkcs7.1 doc/man/man1/openssl-dgst.1 doc/man/man1/openssl-dhparam.1 doc/man/man1/openssl-dsa.1 doc/man/man1/openssl-dsaparam.1 doc/man/man1/openssl-ec.1 doc/man/man1/openssl-ecparam.1 doc/man/man1/openssl-enc.1 doc/man/man1/openssl-engine.1 doc/man/man1/openssl-errstr.1 doc/man/man1/openssl-fipsinstall.1 doc/man/man1/openssl-gendsa.1 doc/man/man1/openssl-genpkey.1 doc/man/man1/openssl-genrsa.1 doc/man/man1/openssl-info.1 doc/man/man1/openssl-kdf.1 doc/man/man1/openssl-list.1 doc/man/man1/openssl-mac.1 doc/man/man1/openssl-nseq.1 doc/man/man1/openssl-ocsp.1 doc/man/man1/openssl-passwd.1 doc/man/man1/openssl-pkcs12.1 doc/man/man1/openssl-pkcs7.1 doc/man/man1/openssl-pkcs8.1 doc/man/man1/openssl-pkey.1 doc/man/man1/openssl-pkeyparam.1 doc/man/man1/openssl-pkeyutl.1 doc/man/man1/openssl-prime.1 doc/man/man1/openssl-provider.1 doc/man/man1/openssl-rand.1 doc/man/man1/openssl-rehash.1 doc/man/man1/openssl-req.1 doc/man/man1/openssl-rsa.1 doc/man/man1/openssl-rsautl.1 doc/man/man1/openssl-s_client.1 doc/man/man1/openssl-s_server.1 doc/man/man1/openssl-s_time.1 doc/man/man1/openssl-sess_id.1 doc/man/man1/openssl-smime.1 doc/man/man1/openssl-speed.1 doc/man/man1/openssl-spkac.1 doc/man/man1/openssl-srp.1 doc/man/man1/openssl-storeutl.1 doc/man/man1/openssl-ts.1 doc/man/man1/openssl-verify.1 doc/man/man1/openssl-version.1 doc/man/man1/openssl-x509.1 doc/man/man1/openssl.1 doc/man/man1/tsget.1 doc/man/man3/ADMISSIONS.3 doc/man/man3/ASN1_INTEGER_get_int64.3 doc/man/man3/ASN1_INTEGER_new.3 doc/man/man3/ASN1_ITEM_lookup.3 doc/man/man3/ASN1_OBJECT_new.3 doc/man/man3/ASN1_STRING_TABLE_add.3 doc/man/man3/ASN1_STRING_length.3 doc/man/man3/ASN1_STRING_new.3 doc/man/man3/ASN1_STRING_print_ex.3 doc/man/man3/ASN1_TIME_set.3 doc/man/man3/ASN1_TYPE_get.3 doc/man/man3/ASN1_generate_nconf.3 doc/man/man3/ASYNC_WAIT_CTX_new.3 doc/man/man3/ASYNC_start_job.3 doc/man/man3/BF_encrypt.3 doc/man/man3/BIO_ADDR.3 doc/man/man3/BIO_ADDRINFO.3 doc/man/man3/BIO_connect.3 doc/man/man3/BIO_ctrl.3 doc/man/man3/BIO_f_base64.3 doc/man/man3/BIO_f_buffer.3 doc/man/man3/BIO_f_cipher.3 doc/man/man3/BIO_f_md.3 doc/man/man3/BIO_f_null.3 doc/man/man3/BIO_f_prefix.3 doc/man/man3/BIO_f_ssl.3 doc/man/man3/BIO_find_type.3 doc/man/man3/BIO_get_data.3 doc/man/man3/BIO_get_ex_new_index.3 doc/man/man3/BIO_meth_new.3 doc/man/man3/BIO_new.3 doc/man/man3/BIO_new_CMS.3 doc/man/man3/BIO_parse_hostserv.3 doc/man/man3/BIO_printf.3 doc/man/man3/BIO_push.3 doc/man/man3/BIO_read.3 doc/man/man3/BIO_s_accept.3 doc/man/man3/BIO_s_bio.3 doc/man/man3/BIO_s_connect.3 doc/man/man3/BIO_s_fd.3 doc/man/man3/BIO_s_file.3 doc/man/man3/BIO_s_mem.3 doc/man/man3/BIO_s_null.3 doc/man/man3/BIO_s_socket.3 doc/man/man3/BIO_set_callback.3 doc/man/man3/BIO_should_retry.3 doc/man/man3/BIO_socket_wait.3 doc/man/man3/BN_BLINDING_new.3 doc/man/man3/BN_CTX_new.3 doc/man/man3/BN_CTX_start.3 doc/man/man3/BN_add.3 doc/man/man3/BN_add_word.3 doc/man/man3/BN_bn2bin.3 doc/man/man3/BN_cmp.3 doc/man/man3/BN_copy.3 doc/man/man3/BN_generate_prime.3 doc/man/man3/BN_mod_inverse.3 doc/man/man3/BN_mod_mul_montgomery.3 doc/man/man3/BN_mod_mul_reciprocal.3 doc/man/man3/BN_new.3 doc/man/man3/BN_num_bytes.3 doc/man/man3/BN_rand.3 doc/man/man3/BN_security_bits.3 doc/man/man3/BN_set_bit.3 doc/man/man3/BN_swap.3 doc/man/man3/BN_zero.3 doc/man/man3/BUF_MEM_new.3 doc/man/man3/CMS_EncryptedData_decrypt.3 doc/man/man3/CMS_EncryptedData_encrypt.3 doc/man/man3/CMS_EnvelopedData_create.3 doc/man/man3/CMS_add0_cert.3 doc/man/man3/CMS_add1_recipient_cert.3 doc/man/man3/CMS_add1_signer.3 doc/man/man3/CMS_compress.3 doc/man/man3/CMS_data_create.3 doc/man/man3/CMS_decrypt.3 doc/man/man3/CMS_digest_create.3 doc/man/man3/CMS_encrypt.3 doc/man/man3/CMS_final.3 doc/man/man3/CMS_get0_RecipientInfos.3 doc/man/man3/CMS_get0_SignerInfos.3 doc/man/man3/CMS_get0_type.3 doc/man/man3/CMS_get1_ReceiptRequest.3 doc/man/man3/CMS_sign.3 doc/man/man3/CMS_sign_receipt.3 doc/man/man3/CMS_uncompress.3 doc/man/man3/CMS_verify.3 doc/man/man3/CMS_verify_receipt.3 doc/man/man3/CONF_modules_free.3 doc/man/man3/CONF_modules_load_file.3 doc/man/man3/CRYPTO_THREAD_run_once.3 doc/man/man3/CRYPTO_get_ex_new_index.3 doc/man/man3/CRYPTO_memcmp.3 doc/man/man3/CTLOG_STORE_get0_log_by_id.3 doc/man/man3/CTLOG_STORE_new.3 doc/man/man3/CTLOG_new.3 doc/man/man3/CT_POLICY_EVAL_CTX_new.3 doc/man/man3/DEFINE_STACK_OF.3 doc/man/man3/DES_random_key.3 doc/man/man3/DH_generate_key.3 doc/man/man3/DH_generate_parameters.3 doc/man/man3/DH_get0_pqg.3 doc/man/man3/DH_get_1024_160.3 doc/man/man3/DH_meth_new.3 doc/man/man3/DH_new.3 doc/man/man3/DH_new_by_nid.3 doc/man/man3/DH_set_method.3 doc/man/man3/DH_size.3 doc/man/man3/DSA_SIG_new.3 doc/man/man3/DSA_do_sign.3 doc/man/man3/DSA_dup_DH.3 doc/man/man3/DSA_generate_key.3 doc/man/man3/DSA_generate_parameters.3 doc/man/man3/DSA_get0_pqg.3 doc/man/man3/DSA_meth_new.3 doc/man/man3/DSA_new.3 doc/man/man3/DSA_set_method.3 doc/man/man3/DSA_sign.3 doc/man/man3/DSA_size.3 doc/man/man3/DTLS_get_data_mtu.3 doc/man/man3/DTLS_set_timer_cb.3 doc/man/man3/DTLSv1_listen.3 doc/man/man3/ECDSA_SIG_new.3 doc/man/man3/ECPKParameters_print.3 doc/man/man3/EC_GFp_simple_method.3 doc/man/man3/EC_GROUP_copy.3 doc/man/man3/EC_GROUP_new.3 doc/man/man3/EC_KEY_get_enc_flags.3 doc/man/man3/EC_KEY_new.3 doc/man/man3/EC_POINT_add.3 doc/man/man3/EC_POINT_new.3 doc/man/man3/ENGINE_add.3 doc/man/man3/ERR_GET_LIB.3 doc/man/man3/ERR_clear_error.3 doc/man/man3/ERR_error_string.3 doc/man/man3/ERR_get_error.3 doc/man/man3/ERR_load_crypto_strings.3 doc/man/man3/ERR_load_strings.3 doc/man/man3/ERR_new.3 doc/man/man3/ERR_print_errors.3 doc/man/man3/ERR_put_error.3 doc/man/man3/ERR_remove_state.3 doc/man/man3/ERR_set_mark.3 doc/man/man3/EVP_ASYM_CIPHER_free.3 doc/man/man3/EVP_BytesToKey.3 doc/man/man3/EVP_CIPHER_CTX_get_cipher_data.3 doc/man/man3/EVP_CIPHER_CTX_get_iv.3 doc/man/man3/EVP_CIPHER_meth_new.3 doc/man/man3/EVP_DigestInit.3 doc/man/man3/EVP_DigestSignInit.3 doc/man/man3/EVP_DigestVerifyInit.3 doc/man/man3/EVP_EncodeInit.3 doc/man/man3/EVP_EncryptInit.3 doc/man/man3/EVP_KDF.3 doc/man/man3/EVP_KEYEXCH_free.3 doc/man/man3/EVP_KEYMGMT.3 doc/man/man3/EVP_MAC.3 doc/man/man3/EVP_MD_meth_new.3 doc/man/man3/EVP_OpenInit.3 doc/man/man3/EVP_PKEY_ASN1_METHOD.3 doc/man/man3/EVP_PKEY_CTX_ctrl.3 doc/man/man3/EVP_PKEY_CTX_new.3 doc/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3 doc/man/man3/EVP_PKEY_CTX_set_hkdf_md.3 doc/man/man3/EVP_PKEY_CTX_set_params.3 doc/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3 doc/man/man3/EVP_PKEY_CTX_set_scrypt_N.3 doc/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3 doc/man/man3/EVP_PKEY_asn1_get_count.3 doc/man/man3/EVP_PKEY_check.3 doc/man/man3/EVP_PKEY_copy_parameters.3 doc/man/man3/EVP_PKEY_decrypt.3 doc/man/man3/EVP_PKEY_derive.3 doc/man/man3/EVP_PKEY_encrypt.3 doc/man/man3/EVP_PKEY_fromdata.3 doc/man/man3/EVP_PKEY_gen.3 doc/man/man3/EVP_PKEY_get_default_digest_nid.3 doc/man/man3/EVP_PKEY_gettable_params.3 doc/man/man3/EVP_PKEY_is_a.3 doc/man/man3/EVP_PKEY_meth_get_count.3 doc/man/man3/EVP_PKEY_meth_new.3 doc/man/man3/EVP_PKEY_new.3 doc/man/man3/EVP_PKEY_print_private.3 doc/man/man3/EVP_PKEY_set1_RSA.3 doc/man/man3/EVP_PKEY_set_type.3 doc/man/man3/EVP_PKEY_sign.3 doc/man/man3/EVP_PKEY_size.3 doc/man/man3/EVP_PKEY_supports_digest_nid.3 doc/man/man3/EVP_PKEY_verify.3 doc/man/man3/EVP_PKEY_verify_recover.3 doc/man/man3/EVP_RAND.3 doc/man/man3/EVP_SIGNATURE_free.3 doc/man/man3/EVP_SealInit.3 doc/man/man3/EVP_SignInit.3 doc/man/man3/EVP_VerifyInit.3 doc/man/man3/EVP_aes_128_gcm.3 doc/man/man3/EVP_aria_128_gcm.3 doc/man/man3/EVP_bf_cbc.3 doc/man/man3/EVP_blake2b512.3 doc/man/man3/EVP_camellia_128_ecb.3 doc/man/man3/EVP_cast5_cbc.3 doc/man/man3/EVP_chacha20.3 doc/man/man3/EVP_des_cbc.3 doc/man/man3/EVP_desx_cbc.3 doc/man/man3/EVP_idea_cbc.3 doc/man/man3/EVP_md2.3 doc/man/man3/EVP_md4.3 doc/man/man3/EVP_md5.3 doc/man/man3/EVP_mdc2.3 doc/man/man3/EVP_rc2_cbc.3 doc/man/man3/EVP_rc4.3 doc/man/man3/EVP_rc5_32_12_16_cbc.3 doc/man/man3/EVP_ripemd160.3 doc/man/man3/EVP_seed_cbc.3 doc/man/man3/EVP_set_default_properties.3 doc/man/man3/EVP_sha1.3 doc/man/man3/EVP_sha224.3 doc/man/man3/EVP_sha3_224.3 doc/man/man3/EVP_sm3.3 doc/man/man3/EVP_sm4_cbc.3 doc/man/man3/EVP_whirlpool.3 doc/man/man3/HMAC.3 doc/man/man3/MD5.3 doc/man/man3/MDC2_Init.3 doc/man/man3/NCONF_new_with_libctx.3 doc/man/man3/OBJ_nid2obj.3 doc/man/man3/OCSP_REQUEST_new.3 doc/man/man3/OCSP_cert_to_id.3 doc/man/man3/OCSP_request_add1_nonce.3 doc/man/man3/OCSP_resp_find_status.3 doc/man/man3/OCSP_response_status.3 doc/man/man3/OCSP_sendreq_new.3 doc/man/man3/OPENSSL_Applink.3 doc/man/man3/OPENSSL_CTX.3 doc/man/man3/OPENSSL_FILE.3 doc/man/man3/OPENSSL_LH_COMPFUNC.3 doc/man/man3/OPENSSL_LH_stats.3 doc/man/man3/OPENSSL_config.3 doc/man/man3/OPENSSL_fork_prepare.3 doc/man/man3/OPENSSL_hexchar2int.3 doc/man/man3/OPENSSL_ia32cap.3 doc/man/man3/OPENSSL_init_crypto.3 doc/man/man3/OPENSSL_init_ssl.3 doc/man/man3/OPENSSL_instrument_bus.3 doc/man/man3/OPENSSL_load_builtin_modules.3 doc/man/man3/OPENSSL_malloc.3 doc/man/man3/OPENSSL_s390xcap.3 doc/man/man3/OPENSSL_secure_malloc.3 doc/man/man3/OSSL_CMP_CTX_new.3 doc/man/man3/OSSL_CMP_HDR_get0_transactionID.3 doc/man/man3/OSSL_CMP_ITAV_set0.3 doc/man/man3/OSSL_CMP_MSG_get0_header.3 doc/man/man3/OSSL_CMP_MSG_http_perform.3 doc/man/man3/OSSL_CMP_SRV_CTX_new.3 doc/man/man3/OSSL_CMP_STATUSINFO_new.3 doc/man/man3/OSSL_CMP_exec_certreq.3 doc/man/man3/OSSL_CMP_log_open.3 doc/man/man3/OSSL_CMP_validate_msg.3 doc/man/man3/OSSL_CRMF_MSG_get0_tmpl.3 doc/man/man3/OSSL_CRMF_MSG_set0_validity.3 doc/man/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.3 doc/man/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.3 doc/man/man3/OSSL_CRMF_pbmp_new.3 doc/man/man3/OSSL_DECODER.3 doc/man/man3/OSSL_DECODER_CTX.3 doc/man/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_DECODER_from_bio.3 doc/man/man3/OSSL_ENCODER.3 doc/man/man3/OSSL_ENCODER_CTX.3 doc/man/man3/OSSL_ENCODER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_ENCODER_to_bio.3 doc/man/man3/OSSL_HTTP_transfer.3 doc/man/man3/OSSL_PARAM.3 doc/man/man3/OSSL_PARAM_BLD.3 doc/man/man3/OSSL_PARAM_allocate_from_text.3 doc/man/man3/OSSL_PARAM_int.3 doc/man/man3/OSSL_PROVIDER.3 doc/man/man3/OSSL_SELF_TEST_new.3 doc/man/man3/OSSL_SELF_TEST_set_callback.3 doc/man/man3/OSSL_STORE_INFO.3 doc/man/man3/OSSL_STORE_LOADER.3 doc/man/man3/OSSL_STORE_SEARCH.3 doc/man/man3/OSSL_STORE_attach.3 doc/man/man3/OSSL_STORE_expect.3 doc/man/man3/OSSL_STORE_open.3 doc/man/man3/OSSL_trace_enabled.3 doc/man/man3/OSSL_trace_get_category_num.3 doc/man/man3/OSSL_trace_set_channel.3 doc/man/man3/OpenSSL_add_all_algorithms.3 doc/man/man3/OpenSSL_version.3 doc/man/man3/PEM_X509_INFO_read_bio_with_libctx.3 doc/man/man3/PEM_bytes_read_bio.3 doc/man/man3/PEM_read.3 doc/man/man3/PEM_read_CMS.3 doc/man/man3/PEM_read_bio_PrivateKey.3 doc/man/man3/PEM_read_bio_ex.3 doc/man/man3/PEM_write_bio_CMS_stream.3 doc/man/man3/PEM_write_bio_PKCS7_stream.3 doc/man/man3/PKCS12_SAFEBAG_create_cert.3 doc/man/man3/PKCS12_SAFEBAG_get0_attrs.3 doc/man/man3/PKCS12_SAFEBAG_get1_cert.3 doc/man/man3/PKCS12_add1_attr_by_NID.3 doc/man/man3/PKCS12_add_CSPName_asc.3 doc/man/man3/PKCS12_add_cert.3 doc/man/man3/PKCS12_add_friendlyname_asc.3 doc/man/man3/PKCS12_add_localkeyid.3 doc/man/man3/PKCS12_add_safe.3 doc/man/man3/PKCS12_create.3 doc/man/man3/PKCS12_get_friendlyname.3 doc/man/man3/PKCS12_newpass.3 doc/man/man3/PKCS12_parse.3 doc/man/man3/PKCS5_PBKDF2_HMAC.3 doc/man/man3/PKCS7_decrypt.3 doc/man/man3/PKCS7_encrypt.3 doc/man/man3/PKCS7_sign.3 doc/man/man3/PKCS7_sign_add_signer.3 doc/man/man3/PKCS7_verify.3 doc/man/man3/PKCS8_pkey_add1_attr.3 doc/man/man3/RAND_add.3 doc/man/man3/RAND_bytes.3 doc/man/man3/RAND_cleanup.3 doc/man/man3/RAND_egd.3 doc/man/man3/RAND_get0_primary.3 doc/man/man3/RAND_load_file.3 doc/man/man3/RAND_set_rand_method.3 doc/man/man3/RC4_set_key.3 doc/man/man3/RIPEMD160_Init.3 doc/man/man3/RSA_blinding_on.3 doc/man/man3/RSA_check_key.3 doc/man/man3/RSA_generate_key.3 doc/man/man3/RSA_get0_key.3 doc/man/man3/RSA_meth_new.3 doc/man/man3/RSA_new.3 doc/man/man3/RSA_padding_add_PKCS1_type_1.3 doc/man/man3/RSA_print.3 doc/man/man3/RSA_private_encrypt.3 doc/man/man3/RSA_public_encrypt.3 doc/man/man3/RSA_set_method.3 doc/man/man3/RSA_sign.3 doc/man/man3/RSA_sign_ASN1_OCTET_STRING.3 doc/man/man3/RSA_size.3 doc/man/man3/SCT_new.3 doc/man/man3/SCT_print.3 doc/man/man3/SCT_validate.3 doc/man/man3/SHA256_Init.3 doc/man/man3/SMIME_read_ASN1.3 doc/man/man3/SMIME_read_CMS.3 doc/man/man3/SMIME_read_PKCS7.3 doc/man/man3/SMIME_write_ASN1.3 doc/man/man3/SMIME_write_CMS.3 doc/man/man3/SMIME_write_PKCS7.3 doc/man/man3/SRP_Calc_B.3 doc/man/man3/SRP_VBASE_new.3 doc/man/man3/SRP_create_verifier.3 doc/man/man3/SRP_user_pwd_new.3 doc/man/man3/SSL_CIPHER_get_name.3 doc/man/man3/SSL_COMP_add_compression_method.3 doc/man/man3/SSL_CONF_CTX_new.3 doc/man/man3/SSL_CONF_CTX_set1_prefix.3 doc/man/man3/SSL_CONF_CTX_set_flags.3 doc/man/man3/SSL_CONF_CTX_set_ssl_ctx.3 doc/man/man3/SSL_CONF_cmd.3 doc/man/man3/SSL_CONF_cmd_argv.3 doc/man/man3/SSL_CTX_add1_chain_cert.3 doc/man/man3/SSL_CTX_add_extra_chain_cert.3 doc/man/man3/SSL_CTX_add_session.3 doc/man/man3/SSL_CTX_config.3 doc/man/man3/SSL_CTX_ctrl.3 doc/man/man3/SSL_CTX_dane_enable.3 doc/man/man3/SSL_CTX_flush_sessions.3 doc/man/man3/SSL_CTX_free.3 doc/man/man3/SSL_CTX_get0_param.3 doc/man/man3/SSL_CTX_get_verify_mode.3 doc/man/man3/SSL_CTX_has_client_custom_ext.3 doc/man/man3/SSL_CTX_load_verify_locations.3 doc/man/man3/SSL_CTX_new.3 doc/man/man3/SSL_CTX_sess_number.3 doc/man/man3/SSL_CTX_sess_set_cache_size.3 doc/man/man3/SSL_CTX_sess_set_get_cb.3 doc/man/man3/SSL_CTX_sessions.3 doc/man/man3/SSL_CTX_set0_CA_list.3 doc/man/man3/SSL_CTX_set1_curves.3 doc/man/man3/SSL_CTX_set1_sigalgs.3 doc/man/man3/SSL_CTX_set1_verify_cert_store.3 doc/man/man3/SSL_CTX_set_alpn_select_cb.3 doc/man/man3/SSL_CTX_set_cert_cb.3 doc/man/man3/SSL_CTX_set_cert_store.3 doc/man/man3/SSL_CTX_set_cert_verify_callback.3 doc/man/man3/SSL_CTX_set_cipher_list.3 doc/man/man3/SSL_CTX_set_client_cert_cb.3 doc/man/man3/SSL_CTX_set_client_hello_cb.3 doc/man/man3/SSL_CTX_set_ct_validation_callback.3 doc/man/man3/SSL_CTX_set_ctlog_list_file.3 doc/man/man3/SSL_CTX_set_default_passwd_cb.3 doc/man/man3/SSL_CTX_set_generate_session_id.3 doc/man/man3/SSL_CTX_set_info_callback.3 doc/man/man3/SSL_CTX_set_keylog_callback.3 doc/man/man3/SSL_CTX_set_max_cert_list.3 doc/man/man3/SSL_CTX_set_min_proto_version.3 doc/man/man3/SSL_CTX_set_mode.3 doc/man/man3/SSL_CTX_set_msg_callback.3 doc/man/man3/SSL_CTX_set_num_tickets.3 doc/man/man3/SSL_CTX_set_options.3 doc/man/man3/SSL_CTX_set_psk_client_callback.3 doc/man/man3/SSL_CTX_set_quiet_shutdown.3 doc/man/man3/SSL_CTX_set_read_ahead.3 doc/man/man3/SSL_CTX_set_record_padding_callback.3 doc/man/man3/SSL_CTX_set_security_level.3 doc/man/man3/SSL_CTX_set_session_cache_mode.3 doc/man/man3/SSL_CTX_set_session_id_context.3 doc/man/man3/SSL_CTX_set_session_ticket_cb.3 doc/man/man3/SSL_CTX_set_split_send_fragment.3 doc/man/man3/SSL_CTX_set_srp_password.3 doc/man/man3/SSL_CTX_set_ssl_version.3 doc/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3 doc/man/man3/SSL_CTX_set_timeout.3 doc/man/man3/SSL_CTX_set_tlsext_servername_callback.3 doc/man/man3/SSL_CTX_set_tlsext_status_cb.3 doc/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3 doc/man/man3/SSL_CTX_set_tlsext_use_srtp.3 doc/man/man3/SSL_CTX_set_tmp_dh_callback.3 doc/man/man3/SSL_CTX_set_tmp_ecdh.3 doc/man/man3/SSL_CTX_set_verify.3 doc/man/man3/SSL_CTX_use_certificate.3 doc/man/man3/SSL_CTX_use_psk_identity_hint.3 doc/man/man3/SSL_CTX_use_serverinfo.3 doc/man/man3/SSL_SESSION_free.3 doc/man/man3/SSL_SESSION_get0_cipher.3 doc/man/man3/SSL_SESSION_get0_hostname.3 doc/man/man3/SSL_SESSION_get0_id_context.3 doc/man/man3/SSL_SESSION_get0_peer.3 doc/man/man3/SSL_SESSION_get_compress_id.3 doc/man/man3/SSL_SESSION_get_protocol_version.3 doc/man/man3/SSL_SESSION_get_time.3 doc/man/man3/SSL_SESSION_has_ticket.3 doc/man/man3/SSL_SESSION_is_resumable.3 doc/man/man3/SSL_SESSION_print.3 doc/man/man3/SSL_SESSION_set1_id.3 doc/man/man3/SSL_accept.3 doc/man/man3/SSL_alert_type_string.3 doc/man/man3/SSL_alloc_buffers.3 doc/man/man3/SSL_check_chain.3 doc/man/man3/SSL_clear.3 doc/man/man3/SSL_connect.3 doc/man/man3/SSL_do_handshake.3 doc/man/man3/SSL_export_keying_material.3 doc/man/man3/SSL_extension_supported.3 doc/man/man3/SSL_free.3 doc/man/man3/SSL_get0_peer_scts.3 doc/man/man3/SSL_get_SSL_CTX.3 doc/man/man3/SSL_get_all_async_fds.3 doc/man/man3/SSL_get_ciphers.3 doc/man/man3/SSL_get_client_random.3 doc/man/man3/SSL_get_current_cipher.3 doc/man/man3/SSL_get_default_timeout.3 doc/man/man3/SSL_get_error.3 doc/man/man3/SSL_get_extms_support.3 doc/man/man3/SSL_get_fd.3 doc/man/man3/SSL_get_peer_cert_chain.3 doc/man/man3/SSL_get_peer_certificate.3 doc/man/man3/SSL_get_peer_signature_nid.3 doc/man/man3/SSL_get_peer_tmp_key.3 doc/man/man3/SSL_get_psk_identity.3 doc/man/man3/SSL_get_rbio.3 doc/man/man3/SSL_get_session.3 doc/man/man3/SSL_get_shared_sigalgs.3 doc/man/man3/SSL_get_verify_result.3 doc/man/man3/SSL_get_version.3 doc/man/man3/SSL_in_init.3 doc/man/man3/SSL_key_update.3 doc/man/man3/SSL_library_init.3 doc/man/man3/SSL_load_client_CA_file.3 doc/man/man3/SSL_new.3 doc/man/man3/SSL_pending.3 doc/man/man3/SSL_read.3 doc/man/man3/SSL_read_early_data.3 doc/man/man3/SSL_rstate_string.3 doc/man/man3/SSL_session_reused.3 doc/man/man3/SSL_set1_host.3 doc/man/man3/SSL_set_async_callback.3 doc/man/man3/SSL_set_bio.3 doc/man/man3/SSL_set_connect_state.3 doc/man/man3/SSL_set_fd.3 doc/man/man3/SSL_set_session.3 doc/man/man3/SSL_set_shutdown.3 doc/man/man3/SSL_set_verify_result.3 doc/man/man3/SSL_shutdown.3 doc/man/man3/SSL_state_string.3 doc/man/man3/SSL_want.3 doc/man/man3/SSL_write.3 doc/man/man3/TS_VERIFY_CTX_set_certs.3 doc/man/man3/UI_STRING.3 doc/man/man3/UI_UTIL_read_pw.3 doc/man/man3/UI_create_method.3 doc/man/man3/UI_new.3 doc/man/man3/X509V3_get_d2i.3 doc/man/man3/X509_ALGOR_dup.3 doc/man/man3/X509_CRL_get0_by_serial.3 doc/man/man3/X509_EXTENSION_set_object.3 doc/man/man3/X509_LOOKUP.3 doc/man/man3/X509_LOOKUP_hash_dir.3 doc/man/man3/X509_LOOKUP_meth_new.3 doc/man/man3/X509_NAME_ENTRY_get_object.3 doc/man/man3/X509_NAME_add_entry_by_txt.3 doc/man/man3/X509_NAME_get0_der.3 doc/man/man3/X509_NAME_get_index_by_NID.3 doc/man/man3/X509_NAME_print_ex.3 doc/man/man3/X509_PUBKEY_new.3 doc/man/man3/X509_SIG_get0.3 doc/man/man3/X509_STORE_CTX_get_error.3 doc/man/man3/X509_STORE_CTX_new.3 doc/man/man3/X509_STORE_CTX_set_verify_cb.3 doc/man/man3/X509_STORE_add_cert.3 doc/man/man3/X509_STORE_get0_param.3 doc/man/man3/X509_STORE_new.3 doc/man/man3/X509_STORE_set_verify_cb_func.3 doc/man/man3/X509_VERIFY_PARAM_set_flags.3 doc/man/man3/X509_add_cert.3 doc/man/man3/X509_check_ca.3 doc/man/man3/X509_check_host.3 doc/man/man3/X509_check_issued.3 doc/man/man3/X509_check_private_key.3 doc/man/man3/X509_check_purpose.3 doc/man/man3/X509_cmp.3 doc/man/man3/X509_cmp_time.3 doc/man/man3/X509_digest.3 doc/man/man3/X509_dup.3 doc/man/man3/X509_get0_distinguishing_id.3 doc/man/man3/X509_get0_notBefore.3 doc/man/man3/X509_get0_signature.3 doc/man/man3/X509_get0_uids.3 doc/man/man3/X509_get_extension_flags.3 doc/man/man3/X509_get_pubkey.3 doc/man/man3/X509_get_serialNumber.3 doc/man/man3/X509_get_subject_name.3 doc/man/man3/X509_get_version.3 doc/man/man3/X509_load_http.3 doc/man/man3/X509_new.3 doc/man/man3/X509_sign.3 doc/man/man3/X509_verify.3 doc/man/man3/X509_verify_cert.3 doc/man/man3/X509v3_get_ext_by_NID.3 doc/man/man3/d2i_DHparams.3 doc/man/man3/d2i_PKCS8PrivateKey_bio.3 doc/man/man3/d2i_PrivateKey.3 doc/man/man3/d2i_SSL_SESSION.3 doc/man/man3/d2i_X509.3 doc/man/man3/i2d_CMS_bio_stream.3 doc/man/man3/i2d_PKCS7_bio_stream.3 doc/man/man3/i2d_re_X509_tbs.3 doc/man/man3/o2i_SCT_LIST.3 doc/man/man3/s2i_ASN1_IA5STRING.3 doc/man/man5/config.5 doc/man/man5/fips_config.5 doc/man/man5/x509v3_config.5 doc/man/man7/EVP_KDF-HKDF.7 doc/man/man7/EVP_KDF-KB.7 doc/man/man7/EVP_KDF-KRB5KDF.7 doc/man/man7/EVP_KDF-PBKDF2.7 doc/man/man7/EVP_KDF-PKCS12KDF.7 doc/man/man7/EVP_KDF-SCRYPT.7 doc/man/man7/EVP_KDF-SS.7 doc/man/man7/EVP_KDF-SSHKDF.7 doc/man/man7/EVP_KDF-TLS1_PRF.7 doc/man/man7/EVP_KDF-X942.7 doc/man/man7/EVP_KDF-X963.7 doc/man/man7/EVP_KEYEXCH-DH.7 doc/man/man7/EVP_KEYEXCH-ECDH.7 doc/man/man7/EVP_KEYEXCH-X25519.7 doc/man/man7/EVP_MAC-BLAKE2.7 doc/man/man7/EVP_MAC-CMAC.7 doc/man/man7/EVP_MAC-GMAC.7 doc/man/man7/EVP_MAC-HMAC.7 doc/man/man7/EVP_MAC-KMAC.7 doc/man/man7/EVP_MAC-Poly1305.7 doc/man/man7/EVP_MAC-Siphash.7 doc/man/man7/EVP_MD-BLAKE2.7 doc/man/man7/EVP_MD-MD2.7 doc/man/man7/EVP_MD-MD4.7 doc/man/man7/EVP_MD-MD5-SHA1.7 doc/man/man7/EVP_MD-MD5.7 doc/man/man7/EVP_MD-MDC2.7 doc/man/man7/EVP_MD-RIPEMD160.7 doc/man/man7/EVP_MD-SHA1.7 doc/man/man7/EVP_MD-SHA2.7 doc/man/man7/EVP_MD-SHA3.7 doc/man/man7/EVP_MD-SHAKE.7 doc/man/man7/EVP_MD-SM3.7 doc/man/man7/EVP_MD-WHIRLPOOL.7 doc/man/man7/EVP_MD-common.7 doc/man/man7/EVP_PKEY-DH.7 doc/man/man7/EVP_PKEY-DSA.7 doc/man/man7/EVP_PKEY-EC.7 doc/man/man7/EVP_PKEY-FFC.7 doc/man/man7/EVP_PKEY-RSA.7 doc/man/man7/EVP_PKEY-X25519.7 doc/man/man7/EVP_RAND-CTR-DRBG.7 doc/man/man7/EVP_RAND-HASH-DRBG.7 doc/man/man7/EVP_RAND-HMAC-DRBG.7 doc/man/man7/EVP_RAND-TEST-RAND.7 doc/man/man7/EVP_RAND.7 doc/man/man7/EVP_SIGNATURE-DSA.7 doc/man/man7/EVP_SIGNATURE-ECDSA.7 doc/man/man7/EVP_SIGNATURE-ED25519.7 doc/man/man7/EVP_SIGNATURE-RSA.7 doc/man/man7/OSSL_PROVIDER-FIPS.7 doc/man/man7/OSSL_PROVIDER-base.7 doc/man/man7/OSSL_PROVIDER-default.7 doc/man/man7/OSSL_PROVIDER-legacy.7 doc/man/man7/OSSL_PROVIDER-null.7 doc/man/man7/RAND.7 doc/man/man7/RSA-PSS.7 doc/man/man7/SM2.7 doc/man/man7/X25519.7 doc/man/man7/bio.7 doc/man/man7/crypto.7 doc/man/man7/ct.7 doc/man/man7/des_modes.7 doc/man/man7/evp.7 doc/man/man7/openssl-core.h.7 doc/man/man7/openssl-core_dispatch.h.7 doc/man/man7/openssl-core_names.h.7 doc/man/man7/openssl-env.7 doc/man/man7/openssl_user_macros.7 doc/man/man7/ossl_store-file.7 doc/man/man7/ossl_store.7 doc/man/man7/passphrase-encoding.7 doc/man/man7/property.7 doc/man/man7/provider-asym_cipher.7 doc/man/man7/provider-base.7 doc/man/man7/provider-cipher.7 doc/man/man7/provider-digest.7 doc/man/man7/provider-encoder.7 doc/man/man7/provider-keyexch.7 doc/man/man7/provider-keymgmt.7 doc/man/man7/provider-mac.7 doc/man/man7/provider-object.7 doc/man/man7/provider-rand.7 doc/man/man7/provider-signature.7 doc/man/man7/provider-storemgmt.7 doc/man/man7/provider.7 doc/man/man7/proxy-certificates.7 doc/man/man7/ssl.7 doc/man/man7/x509.7
rm -f apps/openssl fuzz/asn1-test fuzz/asn1parse-test fuzz/bignum-test fuzz/bndiv-test fuzz/client-test fuzz/cmp-test fuzz/cms-test fuzz/conf-test fuzz/crl-test fuzz/ct-test fuzz/server-test fuzz/x509-test test/aborttest test/acvp_test test/aesgcmtest test/afalgtest test/asn1_decode_test test/asn1_dsa_internal_test test/asn1_encode_test test/asn1_internal_test test/asn1_string_table_test test/asn1_time_test test/asynciotest test/asynctest test/bad_dtls_test test/bftest test/bio_callback_test test/bio_enc_test test/bio_memleak_test test/bio_prefix_text test/bioprinttest test/bn_internal_test test/bntest test/buildtest_c_aes test/buildtest_c_asn1 test/buildtest_c_asn1t test/buildtest_c_async test/buildtest_c_bio test/buildtest_c_blowfish test/buildtest_c_bn test/buildtest_c_buffer test/buildtest_c_camellia test/buildtest_c_cast test/buildtest_c_cmac test/buildtest_c_cmp test/buildtest_c_cmp_util test/buildtest_c_cms test/buildtest_c_comp test/buildtest_c_conf test/buildtest_c_conf_api test/buildtest_c_core test/buildtest_c_core_dispatch test/buildtest_c_core_names test/buildtest_c_core_object test/buildtest_c_crmf test/buildtest_c_crypto test/buildtest_c_ct test/buildtest_c_decoder test/buildtest_c_des test/buildtest_c_dh test/buildtest_c_dsa test/buildtest_c_dtls1 test/buildtest_c_e_os2 test/buildtest_c_ebcdic test/buildtest_c_ec test/buildtest_c_ecdh test/buildtest_c_ecdsa test/buildtest_c_encoder test/buildtest_c_engine test/buildtest_c_ess test/buildtest_c_evp test/buildtest_c_fips_names test/buildtest_c_hmac test/buildtest_c_http test/buildtest_c_idea test/buildtest_c_kdf test/buildtest_c_lhash test/buildtest_c_macros test/buildtest_c_md4 test/buildtest_c_md5 test/buildtest_c_mdc2 test/buildtest_c_modes test/buildtest_c_obj_mac test/buildtest_c_objects test/buildtest_c_ocsp test/buildtest_c_ossl_typ test/buildtest_c_param_build test/buildtest_c_params test/buildtest_c_pem test/buildtest_c_pem2 test/buildtest_c_pkcs12 test/buildtest_c_pkcs7 test/buildtest_c_provider test/buildtest_c_rand test/buildtest_c_rc2 test/buildtest_c_rc4 test/buildtest_c_ripemd test/buildtest_c_rsa test/buildtest_c_safestack test/buildtest_c_seed test/buildtest_c_self_test test/buildtest_c_sha test/buildtest_c_srp test/buildtest_c_srtp test/buildtest_c_ssl test/buildtest_c_ssl2 test/buildtest_c_stack test/buildtest_c_store test/buildtest_c_symhacks test/buildtest_c_tls1 test/buildtest_c_ts test/buildtest_c_txt_db test/buildtest_c_types test/buildtest_c_ui test/buildtest_c_whrlpool test/buildtest_c_x509 test/buildtest_c_x509_vfy test/buildtest_c_x509v3 test/casttest test/chacha_internal_test test/cipher_overhead_test test/cipherbytes_test test/cipherlist_test test/ciphername_test test/clienthellotest test/cmactest test/cmp_asn_test test/cmp_client_test test/cmp_ctx_test test/cmp_hdr_test test/cmp_msg_test test/cmp_protect_test test/cmp_server_test test/cmp_status_test test/cmp_vfy_test test/cmsapitest test/conf_include_test test/confdump test/constant_time_test test/context_internal_test test/crltest test/ct_test test/ctype_internal_test test/curve448_internal_test test/d2i_test test/danetest test/defltfips_test test/destest test/dhtest test/drbgtest test/dsa_no_digest_size_test test/dsatest test/dtls_mtu_test test/dtlstest test/dtlsv1listentest test/ec_internal_test test/ecdsatest test/ecstresstest test/ectest test/endecode_test test/enginetest test/errtest test/evp_extra_test test/evp_extra_test2 test/evp_fetch_prov_test test/evp_kdf_test test/evp_libctx_test test/evp_pkey_dparams_test test/evp_pkey_provided_test test/evp_test test/exdatatest test/exptest test/fatalerrtest test/ffc_internal_test test/gmdifftest test/gosttest test/hexstr_test test/hmactest test/http_test test/ideatest test/igetest test/keymgmt_internal_test test/lhash_test test/mdc2_internal_test test/mdc2test test/memleaktest test/modes_internal_test test/namemap_internal_test test/ocspapitest test/packettest test/param_build_test test/params_api_test test/params_conversion_test test/params_test test/pbelutest test/pemtest test/pkcs12_format_test test/pkey_meth_kdf_test test/pkey_meth_test test/poly1305_internal_test test/property_test test/provider_fallback_test test/provider_internal_test test/provider_status_test test/provider_test test/rc2test test/rc4test test/rc5test test/rdrand_sanitytest test/recordlentest test/rsa_complex test/rsa_mp_test test/rsa_sp800_56b_test test/rsa_test test/sanitytest test/secmemtest test/servername_test test/shlibloadtest test/siphash_internal_test test/sm2_internal_test test/sm4_internal_test test/sparse_array_test test/srptest test/ssl_cert_table_internal_test test/ssl_ctx_test test/ssl_test test/ssl_test_ctx_test test/sslapitest test/sslbuffertest test/sslcorrupttest test/ssltest_old test/stack_test test/sysdefaulttest test/test_test test/threadstest test/time_offset_test test/tls13ccstest test/tls13encryptiontest test/tls13secretstest test/uitest test/v3ext test/v3nametest test/verify_extra_test test/versions test/wpackettest test/x509_check_cert_pkey_test test/x509_dup_cert_test test/x509_internal_test test/x509_time_test test/x509aux  engines/afalg.so engines/capi.so engines/dasync.so engines/ossltest.so engines/padlock.so providers/fips.so providers/legacy.so test/p_test.so apps/CA.pl apps/tsget.pl tools/c_rehash util/shlib_wrap.sh
rm -f doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod include/crypto/bn_conf.h include/crypto/dso_conf.h include/openssl/configuration.h include/openssl/fipskey.h include/openssl/opensslv.h test/provider_internal_test.cnf apps/CA.pl apps/progs.c apps/progs.h apps/tsget.pl crypto/aes/aes-x86_64.s crypto/aes/aesni-mb-x86_64.s crypto/aes/aesni-sha1-x86_64.s crypto/aes/aesni-sha256-x86_64.s crypto/aes/aesni-x86_64.s crypto/aes/bsaes-x86_64.s crypto/aes/vpaes-x86_64.s crypto/bn/rsaz-avx2.s crypto/bn/rsaz-x86_64.s crypto/bn/x86_64-gf2m.s crypto/bn/x86_64-mont.s crypto/bn/x86_64-mont5.s crypto/buildinf.h crypto/camellia/cmll-x86_64.s crypto/chacha/chacha-x86_64.s crypto/ec/ecp_nistz256-x86_64.s crypto/ec/x25519-x86_64.s crypto/md5/md5-x86_64.s crypto/modes/aesni-gcm-x86_64.s crypto/modes/ghash-x86_64.s crypto/poly1305/poly1305-x86_64.s crypto/rc4/rc4-md5-x86_64.s crypto/rc4/rc4-x86_64.s crypto/sha/keccak1600-x86_64.s crypto/sha/sha1-mb-x86_64.s crypto/sha/sha1-x86_64.s crypto/sha/sha256-mb-x86_64.s crypto/sha/sha256-x86_64.s crypto/sha/sha512-x86_64.s crypto/whrlpool/wp-x86_64.s crypto/x86_64cpuid.s doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod engines/afalg.ld engines/capi.ld engines/dasync.ld engines/e_padlock-x86_64.s engines/ossltest.ld engines/padlock.ld libcrypto.ld libssl.ld providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_rsa_gen.c providers/common/der/der_wrap_gen.c providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_wrap.h providers/fips.ld providers/legacy.ld test/buildtest_aes.c test/buildtest_asn1.c test/buildtest_asn1t.c test/buildtest_async.c test/buildtest_bio.c test/buildtest_blowfish.c test/buildtest_bn.c test/buildtest_buffer.c test/buildtest_camellia.c test/buildtest_cast.c test/buildtest_cmac.c test/buildtest_cmp.c test/buildtest_cmp_util.c test/buildtest_cms.c test/buildtest_comp.c test/buildtest_conf.c test/buildtest_conf_api.c test/buildtest_core.c test/buildtest_core_dispatch.c test/buildtest_core_names.c test/buildtest_core_object.c test/buildtest_crmf.c test/buildtest_crypto.c test/buildtest_ct.c test/buildtest_decoder.c test/buildtest_des.c test/buildtest_dh.c test/buildtest_dsa.c test/buildtest_dtls1.c test/buildtest_e_os2.c test/buildtest_ebcdic.c test/buildtest_ec.c test/buildtest_ecdh.c test/buildtest_ecdsa.c test/buildtest_encoder.c test/buildtest_engine.c test/buildtest_ess.c test/buildtest_evp.c test/buildtest_fips_names.c test/buildtest_hmac.c test/buildtest_http.c test/buildtest_idea.c test/buildtest_kdf.c test/buildtest_lhash.c test/buildtest_macros.c test/buildtest_md4.c test/buildtest_md5.c test/buildtest_mdc2.c test/buildtest_modes.c test/buildtest_obj_mac.c test/buildtest_objects.c test/buildtest_ocsp.c test/buildtest_ossl_typ.c test/buildtest_param_build.c test/buildtest_params.c test/buildtest_pem.c test/buildtest_pem2.c test/buildtest_pkcs12.c test/buildtest_pkcs7.c test/buildtest_provider.c test/buildtest_rand.c test/buildtest_rc2.c test/buildtest_rc4.c test/buildtest_ripemd.c test/buildtest_rsa.c test/buildtest_safestack.c test/buildtest_seed.c test/buildtest_self_test.c test/buildtest_sha.c test/buildtest_srp.c test/buildtest_srtp.c test/buildtest_ssl.c test/buildtest_ssl2.c test/buildtest_stack.c test/buildtest_store.c test/buildtest_symhacks.c test/buildtest_tls1.c test/buildtest_ts.c test/buildtest_txt_db.c test/buildtest_types.c test/buildtest_ui.c test/buildtest_whrlpool.c test/buildtest_x509.c test/buildtest_x509_vfy.c test/buildtest_x509v3.c test/p_test.ld tools/c_rehash util/shlib_wrap.sh
rm -f `find . -name '*.d' \! -name '.*' \! -type d -print`
rm -f `find . -name '*.o' \! -name '.*' \! -type d -print`
rm -f core
rm -f tags TAGS doc-nits cmd-nits md-nits
rm -f -r test/test-runs
rm -f openssl.pc libcrypto.pc libssl.pc
rm -f `find . -type l \! -name '.*' -print`
rm -f ../openssl-3.0.0-alpha7-dev.tar
$ make depend
$ LDCMD= make -j4
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-asn1parse.pod.in > doc/man1/openssl-asn1parse.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ca.pod.in > doc/man1/openssl-ca.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ciphers.pod.in > doc/man1/openssl-ciphers.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmds.pod.in > doc/man1/openssl-cmds.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmp.pod.in > doc/man1/openssl-cmp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cms.pod.in > doc/man1/openssl-cms.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl.pod.in > doc/man1/openssl-crl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-provider.pod.in > doc/man1/openssl-provider.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf
make depend && make _build_sw
make[1]: Entering directory '/home/openssl/run-checker/no-posix-io'
make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io'
make[1]: Entering directory '/home/openssl/run-checker/no-posix-io'
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c
../openssl/apps/lib/http_server.c:27:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations]
int multi = 0; /* run multiple responder processes */
    ^
1 error generated.
Makefile:4198: recipe for target 'apps/lib/libapps-lib-http_server.o' failed
make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io'
Makefile:3167: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From openssl at openssl.org  Fri Aug 28 07:09:19 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 28 Aug 2020 07:09:19 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-rc2
Message-ID: <1598598559.446088.930.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-rc2

Commit log since last time:

a149f75024 Replace hierogliphs with stub to pass tests
26930bd3c2 Documentation for internal PUNYCODE-related functions
8a302080c3 EAI test script and data
a0188e284e RFC 8398: documentation
0bf093be31 Add NID_id_on_SmtpUTF8Mailbox to table of X.509 attributes
90c9319d47 RFC 8398: EAI comparison
69d9245996 RFC 8398: Name constraints validation
4650f2b590 Punycode decoding implementation
eb800ef553 crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc()
9afa0748cf TEST: Fix CMP tests so they load keys in the current library context
39d9be390a Add CLI tests in FIPS configuration
a8b7ea8268 STORE: Change all error recording to use ERR_raise() / ERR_raise_data()
34b80d0622 STORE: Modify to support loading with provider based loaders
4fd3978211 DECODER: Add function to set an OSSL_PASSPHRASE_CALLBACK type callback
ab00ddb559 OSSL_PARAM: Add string pointer getters
c4fc564d48 STORE: Add the base functions to support provider based loaders
8704b6bf32 STORE for providers: define libcrypto <-> provider interface
faa64bca9f STORE: Add missing function OSSL_STORE_LOADER_set_open_with_libctx()
a517edec03 CORE: Generalise internal pass phrase prompter
14c8a3d118 CORE: Define provider-native abstract objects
bc8c3e1cd8 Fix coverity CID #1452770 - Dereference before NULL check in CRYPTO_siv128_init()
4bec3f6d51 Fix coverity CID #1452773 - Dereference before NULL check in EVP_DigestFinal_ex()
1f9ad4f953 Fix coverity CID #1452775 & #1452772- Dereference before NULL check in evp_lib.c
825ccf5155 Fix coverity CID #1454638 - Dereference after NULL check in EVP_MD_CTX_gettable_params()
10ead93897 Fix coverity CID #1455335 - Dereference after NULL check in fromdata_init()
db1319b706 Fix coverity CID #1458641 - Dereference before NULL check when setting ctx->flag_allow_md in rsa.c
fa519461c9 Fix coverity CID #1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info()
51bba73e93 Fix coverity CID #1458645 - Dereference before NULL check in rsa_digest_verify_final()
fdf6118b15 Fix coverity CID #1458647 - Use after free in clean_tbuf() which uses ctx->rsa
26c5ea8f61 Fix coverity CID #1458648 - Wrong sizeof() arg in rsa_freectx()
75348bb298 Fix coverity CID #1465525 - NULL pointer dereference in OSSL_DECODER_CTX_new_by_EVP_PKEY()
e499a64bef Fix coverity CID #1465531 - Negative return passed to a function param using size_t in asn1_item_digest_with_libctx()
ab7f4a3d2b Fix coverity CID #1465790 - Dereference after NULL check in evp_test.c
61d61c5fd2 Fix coverity CID #1465794 - Uninitialized pointer read in x942_encode_otherinfo()
f2bfc53b02 Fix coverity CID #1465795 - Incorrect free deallocator used in SSL_add1_host()
90e0e0d802 Fix coverity CID #1465797 - Negative loop bound in collect_deserializer
3c1ccfea85 Fix coverity CID #1465594 - Null dereference in EVP_PKEY_get0()

Build log ended with (last 100 lines):

70-test_sslextension.t ............. ok
70-test_sslmessages.t .............. ok
70-test_sslrecords.t ............... ok
70-test_sslsessiontick.t ........... ok
70-test_sslsigalgs.t ............... ok
70-test_sslsignature.t ............. ok
70-test_sslskewith0p.t ............. ok
70-test_sslversions.t .............. ok
70-test_sslvertol.t ................ ok
70-test_tls13alerts.t .............. ok
70-test_tls13cookie.t .............. ok
70-test_tls13downgrade.t ........... ok
70-test_tls13hrr.t ................. ok
70-test_tls13kexmodes.t ............ ok
70-test_tls13messages.t ............ ok
70-test_tls13psk.t ................. ok
70-test_tlsextms.t ................. ok
70-test_verify_extra.t ............. ok
70-test_wpacket.t .................. ok
71-test_ssl_ctx.t .................. ok
80-test_ca.t ....................... ok
80-test_cipherbytes.t .............. ok
80-test_cipherlist.t ............... ok
80-test_ciphername.t ............... ok

# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... ok
80-test_dtls_mtu.t ................. ok
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok

Could not read any cert of input certificates from ../../../openssl/test/certs/v3-certs-RC2.p12
C030513D817F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:
C030513D817F0000:error::PKCS12 routines:PKCS12_pbe_crypt:pkcs12 algor cipherinit error:../openssl/crypto/pkcs12/p12_decr.c:37:
C030513D817F0000:error::PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe crypt error:../openssl/crypto/pkcs12/p12_decr.c:90:
C030513D817F0000:error::PKCS12 routines:PKCS12_parse:parse error:../openssl/crypto/pkcs12/p12_kiss.c:87:
../../util/wrap.pl ../../apps/openssl pkcs12 -export -in ../../../openssl/test/certs/v3-certs-RC2.p12 -passin 'pass:v3-certs' -provider default -provider legacy -nokeys -passout 'pass:v3-certs' -descert -out tmp.p12 => 1
not ok 4 - test_pkcs12_passcert
# ------------------------------------------------------------------------------
#   Failed test 'test_pkcs12_passcert'
#   at ../openssl/test/recipes/80-test_pkcs12.t line 85.
# Looks like you failed 1 test of 4.80-test_pkcs12.t ................... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/4 subtests 
80-test_ssl_new.t .................. ok
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_pkcs12.t                 (Wstat: 256 Tests: 4 Failed: 1)
  Failed test:  4
  Non-zero exit status: 1
Files=211, Tests=3326, 897 wallclock secs (13.67 usr  1.52 sys + 816.70 cusr 64.59 csys = 896.48 CPU)
Result: FAIL
Makefile:3181: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-rc2'
Makefile:3179: recipe for target 'tests' failed
make: *** [tests] Error 2

From pauli at openssl.org  Fri Aug 28 09:23:02 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Fri, 28 Aug 2020 09:23:02 +0000
Subject: [openssl]  master update
Message-ID: <1598606582.088353.16185.nullmailer@dev.openssl.org>

The branch master has been updated
       via  33855c0af6046c2b36d1c541b0962e534fa6f8d9 (commit)
       via  3d94185718e592660fdf5b988bef294b6adf0739 (commit)
      from  cd84d8832d274357a5ba5433640d7ef76691b1ac (commit)


- Log -----------------------------------------------------------------
commit 33855c0af6046c2b36d1c541b0962e534fa6f8d9
Author: Pauli <paul.dale at oracle.com>
Date:   Wed Aug 26 13:41:30 2020 +1000

    conf: add diagnostic option
    
    Add an option to configuration files "config_diagnostics" that when set to a
    non-zero value, overrides the error ignoring flags.  The outcome is that
    diagnostic option is produced when e.g. sections are missing.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12663)

commit 3d94185718e592660fdf5b988bef294b6adf0739
Author: Pauli <paul.dale at oracle.com>
Date:   Wed Aug 19 21:13:58 2020 +1000

    provider_conf: report missing section on error
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12663)

-----------------------------------------------------------------------

Summary of changes:
 crypto/conf/conf_mod.c              | 24 +++++++++++++++++++++---
 crypto/provider_conf.c              |  1 +
 doc/man3/CONF_modules_load_file.pod |  3 ++-
 doc/man5/config.pod                 |  7 +++++++
 4 files changed, 31 insertions(+), 4 deletions(-)

diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c
index aebf38292a..a0b9fd3b61 100644
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@@ -79,6 +79,18 @@ static int module_init(CONF_MODULE *pmod, const char *name, const char *value,
 static CONF_MODULE *module_load_dso(const CONF *cnf, const char *name,
                                     const char *value);
 
+static int conf_diagnostics(const CONF *cnf)
+{
+    long int lflag = 0;
+    int res;
+
+    ERR_set_mark();
+    res = NCONF_get_number(cnf, NULL, "config_diagnostics", &lflag)
+          && lflag != 0;
+    ERR_pop_to_mark();
+    return res;
+}
+
 /* Main function: load modules from a CONF structure */
 
 int CONF_modules_load(const CONF *cnf, const char *appname,
@@ -87,12 +99,17 @@ int CONF_modules_load(const CONF *cnf, const char *appname,
     STACK_OF(CONF_VALUE) *values;
     CONF_VALUE *vl;
     char *vsection = NULL;
-
     int ret, i;
 
     if (!cnf)
         return 1;
 
+    if (conf_diagnostics(cnf))
+        flags &= ~(CONF_MFLAGS_IGNORE_ERRORS
+                   | CONF_MFLAGS_IGNORE_RETURN_CODES
+                   | CONF_MFLAGS_SILENT
+                   | CONF_MFLAGS_IGNORE_MISSING_FILE);
+
     if (appname)
         vsection = NCONF_get_string(cnf, NULL, appname);
 
@@ -135,7 +152,7 @@ int CONF_modules_load_file_with_libctx(OPENSSL_CTX *libctx,
 {
     char *file = NULL;
     CONF *conf = NULL;
-    int ret = 0;
+    int ret = 0, diagnostics = 0;
 
     conf = NCONF_new_with_libctx(libctx, NULL);
     if (conf == NULL)
@@ -159,13 +176,14 @@ int CONF_modules_load_file_with_libctx(OPENSSL_CTX *libctx,
     }
 
     ret = CONF_modules_load(conf, appname, flags);
+    diagnostics = conf_diagnostics(conf);
 
  err:
     if (filename == NULL)
         OPENSSL_free(file);
     NCONF_free(conf);
 
-    if (flags & CONF_MFLAGS_IGNORE_RETURN_CODES)
+    if ((flags & CONF_MFLAGS_IGNORE_RETURN_CODES) != 0 && !diagnostics)
         return 1;
 
     return ret;
diff --git a/crypto/provider_conf.c b/crypto/provider_conf.c
index ce09fae7d3..5007a726d2 100644
--- a/crypto/provider_conf.c
+++ b/crypto/provider_conf.c
@@ -89,6 +89,7 @@ static int provider_conf_load(OPENSSL_CTX *libctx, const char *name,
 
     if (!ecmds) {
         CRYPTOerr(CRYPTO_F_PROVIDER_CONF_LOAD, CRYPTO_R_PROVIDER_SECTION_ERROR);
+        ERR_add_error_data(3, "section=", value, " not found");
         return 0;
     }
 
diff --git a/doc/man3/CONF_modules_load_file.pod b/doc/man3/CONF_modules_load_file.pod
index ba2c8b68b5..7e99bb9d5a 100644
--- a/doc/man3/CONF_modules_load_file.pod
+++ b/doc/man3/CONF_modules_load_file.pod
@@ -24,7 +24,8 @@ library context B<libctx> file B<filename> and application name B<appname>.
 If B<filename> is NULL the standard OpenSSL configuration file is used.
 If B<appname> is NULL the standard OpenSSL application name B<openssl_conf> is
 used.
-The behaviour can be customized using B<flags>.
+The behaviour can be customized using B<flags>. Note that, the error suppressing
+can be overriden by B<config_diagnostics> as described in L<config(5)>.
 
 CONF_modules_load_file() is the same as CONF_modules_load_file_with_libctx() but
 has a NULL library context.
diff --git a/doc/man5/config.pod b/doc/man5/config.pod
index 2618cef588..46d60f6ced 100644
--- a/doc/man5/config.pod
+++ b/doc/man5/config.pod
@@ -160,6 +160,12 @@ how to configure any modules in the library. It is not an error to leave
 any module in its default configuration. An application can specify a
 different name by calling CONF_modules_load_file(), for example, directly.
 
+OpenSSL also looks up the value of B<config_diagnostics>.
+If this exists and has a nonzero numeric value, any error suppressing flags
+passed to CONF_modules_load() will be ignored.
+This is useful for diagnosing misconfigurations and should not be used in
+production.
+
  # This must be in the default section
  openssl_conf = openssl_init
 
@@ -482,6 +488,7 @@ L<openssl-x509(1)>, L<openssl-req(1)>, L<openssl-ca(1)>,
 L<openssl-fipsinstall(1)>,
 L<ASN1_generate_nconf(3)>,
 L<EVP_set_default_properties(3)>,
+L<CONF_modules_load(3)>,
 L<CONF_modules_load_file(3)>,
 L<fips_config(5)>, and
 L<x509v3_config(5)>.

From pauli at openssl.org  Fri Aug 28 09:25:38 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Fri, 28 Aug 2020 09:25:38 +0000
Subject: [openssl]  master update
Message-ID: <1598606738.117774.30912.nullmailer@dev.openssl.org>

The branch master has been updated
       via  b6ef3c7089e887427cde8c550e28211dc0c22dd1 (commit)
      from  33855c0af6046c2b36d1c541b0962e534fa6f8d9 (commit)


- Log -----------------------------------------------------------------
commit b6ef3c7089e887427cde8c550e28211dc0c22dd1
Author: T.Yanagisawa <52776010+mogisawa at users.noreply.github.com>
Date:   Thu Aug 27 11:11:23 2020 +0900

    Correct description of BN_mask_bits
    
    CLA: trivial
    
    Correct right shift to left shift.
    Pseudo code `a&=~((~0)>>n)` means "get higher n-bits of a", but actually crypto lib gives lower n-bits.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12727)

-----------------------------------------------------------------------

Summary of changes:
 doc/man3/BN_set_bit.pod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/man3/BN_set_bit.pod b/doc/man3/BN_set_bit.pod
index c2bed68d91..349ef9e056 100644
--- a/doc/man3/BN_set_bit.pod
+++ b/doc/man3/BN_set_bit.pod
@@ -33,7 +33,7 @@ error occurs if B<a> is shorter than B<n> bits.
 BN_is_bit_set() tests if bit B<n> in B<a> is set.
 
 BN_mask_bits() truncates B<a> to an B<n> bit number
-(C<a&=~((~0)E<gt>E<gt>n)>).  An error occurs if B<a> already is
+(C<a&=~((~0)E<lt>E<lt>n)>).  An error occurs if B<a> already is
 shorter than B<n> bits.
 
 BN_lshift() shifts B<a> left by B<n> bits and places the result in

From builds at travis-ci.com  Fri Aug 28 10:51:27 2020
From: builds at travis-ci.com (Travis CI)
Date: Fri, 28 Aug 2020 10:51:27 +0000
Subject: Still Failing: openssl/openssl#36998 (master - 33855c0)
In-Reply-To: <openssl/openssl+181766681+still failing@travis-ci.com>
Message-ID: <5f48e1af24b9c_13fab8d6c71403210e9@travis-pro-tasks-85c686fd65-lkjsz.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36998
Status: Still Failing

Duration: 1 hr, 27 mins, and 0 secs
Commit: 33855c0 (master)
Author: Pauli
Message: conf: add diagnostic option

Add an option to configuration files "config_diagnostics" that when set to a
non-zero value, overrides the error ignoring flags.  The outcome is that
diagnostic option is produced when e.g. sections are missing.

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12663)

View the changeset: https://github.com/openssl/openssl/compare/cd84d8832d27...33855c0af604

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/181766681?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200828/fd5c5dec/attachment-0001.html>

From openssl at openssl.org  Fri Aug 28 11:29:07 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 28 Aug 2020 11:29:07 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-sock
Message-ID: <1598614147.639901.15882.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-sock

Commit log since last time:

a149f75024 Replace hierogliphs with stub to pass tests
26930bd3c2 Documentation for internal PUNYCODE-related functions
8a302080c3 EAI test script and data
a0188e284e RFC 8398: documentation
0bf093be31 Add NID_id_on_SmtpUTF8Mailbox to table of X.509 attributes
90c9319d47 RFC 8398: EAI comparison
69d9245996 RFC 8398: Name constraints validation
4650f2b590 Punycode decoding implementation
eb800ef553 crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc()
9afa0748cf TEST: Fix CMP tests so they load keys in the current library context
39d9be390a Add CLI tests in FIPS configuration
a8b7ea8268 STORE: Change all error recording to use ERR_raise() / ERR_raise_data()
34b80d0622 STORE: Modify to support loading with provider based loaders
4fd3978211 DECODER: Add function to set an OSSL_PASSPHRASE_CALLBACK type callback
ab00ddb559 OSSL_PARAM: Add string pointer getters
c4fc564d48 STORE: Add the base functions to support provider based loaders
8704b6bf32 STORE for providers: define libcrypto <-> provider interface
faa64bca9f STORE: Add missing function OSSL_STORE_LOADER_set_open_with_libctx()
a517edec03 CORE: Generalise internal pass phrase prompter
14c8a3d118 CORE: Define provider-native abstract objects
bc8c3e1cd8 Fix coverity CID #1452770 - Dereference before NULL check in CRYPTO_siv128_init()
4bec3f6d51 Fix coverity CID #1452773 - Dereference before NULL check in EVP_DigestFinal_ex()
1f9ad4f953 Fix coverity CID #1452775 & #1452772- Dereference before NULL check in evp_lib.c
825ccf5155 Fix coverity CID #1454638 - Dereference after NULL check in EVP_MD_CTX_gettable_params()
10ead93897 Fix coverity CID #1455335 - Dereference after NULL check in fromdata_init()
db1319b706 Fix coverity CID #1458641 - Dereference before NULL check when setting ctx->flag_allow_md in rsa.c
fa519461c9 Fix coverity CID #1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info()
51bba73e93 Fix coverity CID #1458645 - Dereference before NULL check in rsa_digest_verify_final()
fdf6118b15 Fix coverity CID #1458647 - Use after free in clean_tbuf() which uses ctx->rsa
26c5ea8f61 Fix coverity CID #1458648 - Wrong sizeof() arg in rsa_freectx()
75348bb298 Fix coverity CID #1465525 - NULL pointer dereference in OSSL_DECODER_CTX_new_by_EVP_PKEY()
e499a64bef Fix coverity CID #1465531 - Negative return passed to a function param using size_t in asn1_item_digest_with_libctx()
ab7f4a3d2b Fix coverity CID #1465790 - Dereference after NULL check in evp_test.c
61d61c5fd2 Fix coverity CID #1465794 - Uninitialized pointer read in x942_encode_otherinfo()
f2bfc53b02 Fix coverity CID #1465795 - Incorrect free deallocator used in SSL_add1_host()
90e0e0d802 Fix coverity CID #1465797 - Negative loop bound in collect_deserializer
3c1ccfea85 Fix coverity CID #1465594 - Null dereference in EVP_PKEY_get0()

Build log ended with (last 100 lines):

rm -f doc/html/man1/CA.pl.html doc/html/man1/openssl-asn1parse.html doc/html/man1/openssl-ca.html doc/html/man1/openssl-ciphers.html doc/html/man1/openssl-cmds.html doc/html/man1/openssl-cmp.html doc/html/man1/openssl-cms.html doc/html/man1/openssl-crl.html doc/html/man1/openssl-crl2pkcs7.html doc/html/man1/openssl-dgst.html doc/html/man1/openssl-dhparam.html doc/html/man1/openssl-dsa.html doc/html/man1/openssl-dsaparam.html doc/html/man1/openssl-ec.html doc/html/man1/openssl-ecparam.html doc/html/man1/openssl-enc.html doc/html/man1/openssl-engine.html doc/html/man1/openssl-errstr.html doc/html/man1/openssl-fipsinstall.html doc/html/man1/openssl-gendsa.html doc/html/man1/openssl-genpkey.html doc/html/man1/openssl-genrsa.html doc/html/man1/openssl-info.html doc/html/man1/openssl-kdf.html doc/html/man1/openssl-list.html doc/html/man1/openssl-mac.html doc/html/man1/openssl-nseq.html doc/html/man1/openssl-ocsp.html doc/html/man1/openssl-passwd.html doc/html/man1/openssl-pkcs12.html doc/html/man1/openssl-pkcs7.html doc/html/man1/openssl-pkcs8.html doc/html/man1/openssl-pkey.html doc/html/man1/openssl-pkeyparam.html doc/html/man1/openssl-pkeyutl.html doc/html/man1/openssl-prime.html doc/html/man1/openssl-provider.html doc/html/man1/openssl-rand.html doc/html/man1/openssl-rehash.html doc/html/man1/openssl-req.html doc/html/man1/openssl-rsa.html doc/html/man1/openssl-rsautl.html doc/html/man1/openssl-s_client.html doc/html/man1/openssl-s_server.html doc/html/man1/openssl-s_time.html doc/html/man1/openssl-sess_id.html doc/html/man1/openssl-smime.html doc/html/man1/openssl-speed.html doc/html/man1/openssl-spkac.html doc/html/man1/openssl-srp.html doc/html/man1/openssl-storeutl.html doc/html/man1/openssl-ts.html doc/html/man1/openssl-verify.html doc/html/man1/openssl-version.html doc/html/man1/openssl-x509.html doc/html/man1/openssl.html doc/html/man1/tsget.html doc/html/man3/ADMISSIONS.html doc/html/man3/ASN1_INTEGER_get_int64.html doc/html/man3/ASN1_INTEGER_new.html doc/html/man3/ASN1_ITEM_lookup.html doc/html/man3/ASN1_OBJECT_new.html doc/html/man3/ASN1_STRING_TABLE_add.html doc/html/man3/ASN1_STRING_length.html doc/html/man3/ASN1_STRING_new.html doc/html/man3/ASN1_STRING_print_ex.html doc/html/man3/ASN1_TIME_set.html doc/html/man3/ASN1_TYPE_get.html doc/html/man3/ASN1_generate_nconf.html doc/html/man3/ASYNC_WAIT_CTX_new.html doc/html/man3/ASYNC_start_job.html doc/html/man3/BF_encrypt.html doc/html/man3/BIO_ADDR.html doc/html/man3/BIO_ADDRINFO.html doc/html/man3/BIO_connect.html doc/html/man3/BIO_ctrl.html doc/html/man3/BIO_f_base64.html doc/html/man3/BIO_f_buffer.html doc/html/man3/BIO_f_cipher.html doc/html/man3/BIO_f_md.html doc/html/man3/BIO_f_null.html doc/html/man3/BIO_f_prefix.html doc/html/man3/BIO_f_ssl.html doc/html/man3/BIO_find_type.html doc/html/man3/BIO_get_data.html doc/html/man3/BIO_get_ex_new_index.html doc/html/man3/BIO_meth_new.html doc/html/man3/BIO_new.html doc/html/man3/BIO_new_CMS.html doc/html/man3/BIO_parse_hostserv.html doc/html/man3/BIO_printf.html doc/html/man3/BIO_push.html doc/html/man3/BIO_read.html doc/html/man3/BIO_s_accept.html doc/html/man3/BIO_s_bio.html doc/html/man3/BIO_s_connect.html doc/html/man3/BIO_s_fd.html doc/html/man3/BIO_s_file.html doc/html/man3/BIO_s_mem.html doc/html/man3/BIO_s_null.html doc/html/man3/BIO_s_socket.html doc/html/man3/BIO_set_callback.html doc/html/man3/BIO_should_retry.html doc/html/man3/BIO_socket_wait.html doc/html/man3/BN_BLINDING_new.html doc/html/man3/BN_CTX_new.html doc/html/man3/BN_CTX_start.html doc/html/man3/BN_add.html doc/html/man3/BN_add_word.html doc/html/man3/BN_bn2bin.html doc/html/man3/BN_cmp.html doc/html/man3/BN_copy.html doc/html/man3/BN_generate_prime.html doc/html/man3/BN_mod_inverse.html doc/html/man3/BN_mod_mul_montgomery.html doc/html/man3/BN_mod_mul_reciprocal.html doc/html/man3/BN_new.html doc/html/man3/BN_num_bytes.html doc/html/man3/BN_rand.html doc/html/man3/BN_security_bits.html doc/html/man3/BN_set_bit.html doc/html/man3/BN_swap.html doc/html/man3/BN_zero.html doc/html/man3/BUF_MEM_new.html doc/html/man3/CMS_EncryptedData_decrypt.html doc/html/man3/CMS_EncryptedData_encrypt.html doc/html/man3/CMS_EnvelopedData_create.html doc/html/man3/CMS_add0_cert.html doc/html/man3/CMS_add1_recipient_cert.html doc/html/man3/CMS_add1_signer.html doc/html/man3/CMS_compress.html doc/html/man3/CMS_data_create.html doc/html/man3/CMS_decrypt.html doc/html/man3/CMS_digest_create.html doc/html/man3/CMS_encrypt.html doc/html/man3/CMS_final.html doc/html/man3/CMS_get0_RecipientInfos.html doc/html/man3/CMS_get0_SignerInfos.html doc/html/man3/CMS_get0_type.html doc/html/man3/CMS_get1_ReceiptRequest.html doc/html/man3/CMS_sign.html doc/html/man3/CMS_sign_receipt.html doc/html/man3/CMS_uncompress.html doc/html/man3/CMS_verify.html doc/html/man3/CMS_verify_receipt.html doc/html/man3/CONF_modules_free.html doc/html/man3/CONF_modules_load_file.html doc/html/man3/CRYPTO_THREAD_run_once.html doc/html/man3/CRYPTO_get_ex_new_index.html doc/html/man3/CRYPTO_memcmp.html doc/html/man3/CTLOG_STORE_get0_log_by_id.html doc/html/man3/CTLOG_STORE_new.html doc/html/man3/CTLOG_new.html doc/html/man3/CT_POLICY_EVAL_CTX_new.html doc/html/man3/DEFINE_STACK_OF.html doc/html/man3/DES_random_key.html doc/html/man3/DH_generate_key.html doc/html/man3/DH_generate_parameters.html doc/html/man3/DH_get0_pqg.html doc/html/man3/DH_get_1024_160.html doc/html/man3/DH_meth_new.html doc/html/man3/DH_new.html doc/html/man3/DH_new_by_nid.html doc/html/man3/DH_set_method.html doc/html/man3/DH_size.html doc/html/man3/DSA_SIG_new.html doc/html/man3/DSA_do_sign.html doc/html/man3/DSA_dup_DH.html doc/html/man3/DSA_generate_key.html doc/html/man3/DSA_generate_parameters.html doc/html/man3/DSA_get0_pqg.html doc/html/man3/DSA_meth_new.html doc/html/man3/DSA_new.html doc/html/man3/DSA_set_method.html doc/html/man3/DSA_sign.html doc/html/man3/DSA_size.html doc/html/man3/DTLS_get_data_mtu.html doc/html/man3/DTLS_set_timer_cb.html doc/html/man3/DTLSv1_listen.html doc/html/man3/ECDSA_SIG_new.html doc/html/man3/ECPKParameters_print.html doc/html/man3/EC_GFp_simple_method.html doc/html/man3/EC_GROUP_copy.html doc/html/man3/EC_GROUP_new.html doc/html/man3/EC_KEY_get_enc_flags.html doc/html/man3/EC_KEY_new.html doc/html/man3/EC_POINT_add.html doc/html/man3/EC_POINT_new.html doc/html/man3/ENGINE_add.html doc/html/man3/ERR_GET_LIB.html doc/html/man3/ERR_clear_error.html doc/html/man3/ERR_error_string.html doc/html/man3/ERR_get_error.html doc/html/man3/ERR_load_crypto_strings.html doc/html/man3/ERR_load_strings.html doc/html/man3/ERR_new.html doc/html/man3/ERR_print_errors.html doc/html/man3/ERR_put_error.html doc/html/man3/ERR_remove_state.html doc/html/man3/ERR_set_mark.html doc/html/man3/EVP_ASYM_CIPHER_free.html doc/html/man3/EVP_BytesToKey.html doc/html/man3/EVP_CIPHER_CTX_get_cipher_data.html doc/html/man3/EVP_CIPHER_CTX_get_iv.html doc/html/man3/EVP_CIPHER_meth_new.html doc/html/man3/EVP_DigestInit.html doc/html/man3/EVP_DigestSignInit.html doc/html/man3/EVP_DigestVerifyInit.html doc/html/man3/EVP_EncodeInit.html doc/html/man3/EVP_EncryptInit.html doc/html/man3/EVP_KDF.html doc/html/man3/EVP_KEYEXCH_free.html doc/html/man3/EVP_KEYMGMT.html doc/html/man3/EVP_MAC.html doc/html/man3/EVP_MD_meth_new.html doc/html/man3/EVP_OpenInit.html doc/html/man3/EVP_PKEY_ASN1_METHOD.html doc/html/man3/EVP_PKEY_CTX_ctrl.html doc/html/man3/EVP_PKEY_CTX_new.html doc/html/man3/EVP_PKEY_CTX_set1_pbe_pass.html doc/html/man3/EVP_PKEY_CTX_set_hkdf_md.html doc/html/man3/EVP_PKEY_CTX_set_params.html doc/html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.html doc/html/man3/EVP_PKEY_CTX_set_scrypt_N.html doc/html/man3/EVP_PKEY_CTX_set_tls1_prf_md.html doc/html/man3/EVP_PKEY_asn1_get_count.html doc/html/man3/EVP_PKEY_check.html doc/html/man3/EVP_PKEY_copy_parameters.html doc/html/man3/EVP_PKEY_decrypt.html doc/html/man3/EVP_PKEY_derive.html doc/html/man3/EVP_PKEY_encrypt.html doc/html/man3/EVP_PKEY_fromdata.html doc/html/man3/EVP_PKEY_gen.html doc/html/man3/EVP_PKEY_get_default_digest_nid.html doc/html/man3/EVP_PKEY_gettable_params.html doc/html/man3/EVP_PKEY_is_a.html doc/html/man3/EVP_PKEY_meth_get_count.html doc/html/man3/EVP_PKEY_meth_new.html doc/html/man3/EVP_PKEY_new.html doc/html/man3/EVP_PKEY_print_private.html doc/html/man3/EVP_PKEY_set1_RSA.html doc/html/man3/EVP_PKEY_set_type.html doc/html/man3/EVP_PKEY_sign.html doc/html/man3/EVP_PKEY_size.html doc/html/man3/EVP_PKEY_supports_digest_nid.html doc/html/man3/EVP_PKEY_verify.html doc/html/man3/EVP_PKEY_verify_recover.html doc/html/man3/EVP_RAND.html doc/html/man3/EVP_SIGNATURE_free.html doc/html/man3/EVP_SealInit.html doc/html/man3/EVP_SignInit.html doc/html/man3/EVP_VerifyInit.html doc/html/man3/EVP_aes_128_gcm.html doc/html/man3/EVP_aria_128_gcm.html doc/html/man3/EVP_bf_cbc.html doc/html/man3/EVP_blake2b512.html doc/html/man3/EVP_camellia_128_ecb.html doc/html/man3/EVP_cast5_cbc.html doc/html/man3/EVP_chacha20.html doc/html/man3/EVP_des_cbc.html doc/html/man3/EVP_desx_cbc.html doc/html/man3/EVP_idea_cbc.html doc/html/man3/EVP_md2.html doc/html/man3/EVP_md4.html doc/html/man3/EVP_md5.html doc/html/man3/EVP_mdc2.html doc/html/man3/EVP_rc2_cbc.html doc/html/man3/EVP_rc4.html doc/html/man3/EVP_rc5_32_12_16_cbc.html doc/html/man3/EVP_ripemd160.html doc/html/man3/EVP_seed_cbc.html doc/html/man3/EVP_set_default_properties.html doc/html/man3/EVP_sha1.html doc/html/man3/EVP_sha224.html doc/html/man3/EVP_sha3_224.html doc/html/man3/EVP_sm3.html doc/html/man3/EVP_sm4_cbc.html doc/html/man3/EVP_whirlpool.html doc/html/man3/HMAC.html doc/html/man3/MD5.html doc/html/man3/MDC2_Init.html doc/html/man3/NCONF_new_with_libctx.html doc/html/man3/OBJ_nid2obj.html doc/html/man3/OCSP_REQUEST_new.html doc/html/man3/OCSP_cert_to_id.html doc/html/man3/OCSP_request_add1_nonce.html doc/html/man3/OCSP_resp_find_status.html doc/html/man3/OCSP_response_status.html doc/html/man3/OCSP_sendreq_new.html doc/html/man3/OPENSSL_Applink.html doc/html/man3/OPENSSL_CTX.html doc/html/man3/OPENSSL_FILE.html doc/html/man3/OPENSSL_LH_COMPFUNC.html doc/html/man3/OPENSSL_LH_stats.html doc/html/man3/OPENSSL_config.html doc/html/man3/OPENSSL_fork_prepare.html doc/html/man3/OPENSSL_hexchar2int.html doc/html/man3/OPENSSL_ia32cap.html doc/html/man3/OPENSSL_init_crypto.html doc/html/man3/OPENSSL_init_ssl.html doc/html/man3/OPENSSL_instrument_bus.html doc/html/man3/OPENSSL_load_builtin_modules.html doc/html/man3/OPENSSL_malloc.html doc/html/man3/OPENSSL_s390xcap.html doc/html/man3/OPENSSL_secure_malloc.html doc/html/man3/OSSL_CMP_CTX_new.html doc/html/man3/OSSL_CMP_HDR_get0_transactionID.html doc/html/man3/OSSL_CMP_ITAV_set0.html doc/html/man3/OSSL_CMP_MSG_get0_header.html doc/html/man3/OSSL_CMP_MSG_http_perform.html doc/html/man3/OSSL_CMP_SRV_CTX_new.html doc/html/man3/OSSL_CMP_STATUSINFO_new.html doc/html/man3/OSSL_CMP_exec_certreq.html doc/html/man3/OSSL_CMP_log_open.html doc/html/man3/OSSL_CMP_validate_msg.html doc/html/man3/OSSL_CRMF_MSG_get0_tmpl.html doc/html/man3/OSSL_CRMF_MSG_set0_validity.html doc/html/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.html doc/html/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.html doc/html/man3/OSSL_CRMF_pbmp_new.html doc/html/man3/OSSL_DECODER.html doc/html/man3/OSSL_DECODER_CTX.html doc/html/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.html doc/html/man3/OSSL_DECODER_from_bio.html doc/html/man3/OSSL_ENCODER.html doc/html/man3/OSSL_ENCODER_CTX.html doc/html/man3/OSSL_ENCODER_CTX_new_by_EVP_PKEY.html doc/html/man3/OSSL_ENCODER_to_bio.html doc/html/man3/OSSL_HTTP_transfer.html doc/html/man3/OSSL_PARAM.html doc/html/man3/OSSL_PARAM_BLD.html doc/html/man3/OSSL_PARAM_allocate_from_text.html doc/html/man3/OSSL_PARAM_int.html doc/html/man3/OSSL_PROVIDER.html doc/html/man3/OSSL_SELF_TEST_new.html doc/html/man3/OSSL_SELF_TEST_set_callback.html doc/html/man3/OSSL_STORE_INFO.html doc/html/man3/OSSL_STORE_LOADER.html doc/html/man3/OSSL_STORE_SEARCH.html doc/html/man3/OSSL_STORE_attach.html doc/html/man3/OSSL_STORE_expect.html doc/html/man3/OSSL_STORE_open.html doc/html/man3/OSSL_trace_enabled.html doc/html/man3/OSSL_trace_get_category_num.html doc/html/man3/OSSL_trace_set_channel.html doc/html/man3/OpenSSL_add_all_algorithms.html doc/html/man3/OpenSSL_version.html doc/html/man3/PEM_X509_INFO_read_bio_with_libctx.html doc/html/man3/PEM_bytes_read_bio.html doc/html/man3/PEM_read.html doc/html/man3/PEM_read_CMS.html doc/html/man3/PEM_read_bio_PrivateKey.html doc/html/man3/PEM_read_bio_ex.html doc/html/man3/PEM_write_bio_CMS_stream.html doc/html/man3/PEM_write_bio_PKCS7_stream.html doc/html/man3/PKCS12_SAFEBAG_create_cert.html doc/html/man3/PKCS12_SAFEBAG_get0_attrs.html doc/html/man3/PKCS12_SAFEBAG_get1_cert.html doc/html/man3/PKCS12_add1_attr_by_NID.html doc/html/man3/PKCS12_add_CSPName_asc.html doc/html/man3/PKCS12_add_cert.html doc/html/man3/PKCS12_add_friendlyname_asc.html doc/html/man3/PKCS12_add_localkeyid.html doc/html/man3/PKCS12_add_safe.html doc/html/man3/PKCS12_create.html doc/html/man3/PKCS12_get_friendlyname.html doc/html/man3/PKCS12_newpass.html doc/html/man3/PKCS12_parse.html doc/html/man3/PKCS5_PBKDF2_HMAC.html doc/html/man3/PKCS7_decrypt.html doc/html/man3/PKCS7_encrypt.html doc/html/man3/PKCS7_sign.html doc/html/man3/PKCS7_sign_add_signer.html doc/html/man3/PKCS7_verify.html doc/html/man3/PKCS8_pkey_add1_attr.html doc/html/man3/RAND_add.html doc/html/man3/RAND_bytes.html doc/html/man3/RAND_cleanup.html doc/html/man3/RAND_egd.html doc/html/man3/RAND_get0_primary.html doc/html/man3/RAND_load_file.html doc/html/man3/RAND_set_rand_method.html doc/html/man3/RC4_set_key.html doc/html/man3/RIPEMD160_Init.html doc/html/man3/RSA_blinding_on.html doc/html/man3/RSA_check_key.html doc/html/man3/RSA_generate_key.html doc/html/man3/RSA_get0_key.html doc/html/man3/RSA_meth_new.html doc/html/man3/RSA_new.html doc/html/man3/RSA_padding_add_PKCS1_type_1.html doc/html/man3/RSA_print.html doc/html/man3/RSA_private_encrypt.html doc/html/man3/RSA_public_encrypt.html doc/html/man3/RSA_set_method.html doc/html/man3/RSA_sign.html doc/html/man3/RSA_sign_ASN1_OCTET_STRING.html doc/html/man3/RSA_size.html doc/html/man3/SCT_new.html doc/html/man3/SCT_print.html doc/html/man3/SCT_validate.html doc/html/man3/SHA256_Init.html doc/html/man3/SMIME_read_ASN1.html doc/html/man3/SMIME_read_CMS.html doc/html/man3/SMIME_read_PKCS7.html doc/html/man3/SMIME_write_ASN1.html doc/html/man3/SMIME_write_CMS.html doc/html/man3/SMIME_write_PKCS7.html doc/html/man3/SRP_Calc_B.html doc/html/man3/SRP_VBASE_new.html doc/html/man3/SRP_create_verifier.html doc/html/man3/SRP_user_pwd_new.html doc/html/man3/SSL_CIPHER_get_name.html doc/html/man3/SSL_COMP_add_compression_method.html doc/html/man3/SSL_CONF_CTX_new.html doc/html/man3/SSL_CONF_CTX_set1_prefix.html doc/html/man3/SSL_CONF_CTX_set_flags.html doc/html/man3/SSL_CONF_CTX_set_ssl_ctx.html doc/html/man3/SSL_CONF_cmd.html doc/html/man3/SSL_CONF_cmd_argv.html doc/html/man3/SSL_CTX_add1_chain_cert.html doc/html/man3/SSL_CTX_add_extra_chain_cert.html doc/html/man3/SSL_CTX_add_session.html doc/html/man3/SSL_CTX_config.html doc/html/man3/SSL_CTX_ctrl.html doc/html/man3/SSL_CTX_dane_enable.html doc/html/man3/SSL_CTX_flush_sessions.html doc/html/man3/SSL_CTX_free.html doc/html/man3/SSL_CTX_get0_param.html doc/html/man3/SSL_CTX_get_verify_mode.html doc/html/man3/SSL_CTX_has_client_custom_ext.html doc/html/man3/SSL_CTX_load_verify_locations.html doc/html/man3/SSL_CTX_new.html doc/html/man3/SSL_CTX_sess_number.html doc/html/man3/SSL_CTX_sess_set_cache_size.html doc/html/man3/SSL_CTX_sess_set_get_cb.html doc/html/man3/SSL_CTX_sessions.html doc/html/man3/SSL_CTX_set0_CA_list.html doc/html/man3/SSL_CTX_set1_curves.html doc/html/man3/SSL_CTX_set1_sigalgs.html doc/html/man3/SSL_CTX_set1_verify_cert_store.html doc/html/man3/SSL_CTX_set_alpn_select_cb.html doc/html/man3/SSL_CTX_set_cert_cb.html doc/html/man3/SSL_CTX_set_cert_store.html doc/html/man3/SSL_CTX_set_cert_verify_callback.html doc/html/man3/SSL_CTX_set_cipher_list.html doc/html/man3/SSL_CTX_set_client_cert_cb.html doc/html/man3/SSL_CTX_set_client_hello_cb.html doc/html/man3/SSL_CTX_set_ct_validation_callback.html doc/html/man3/SSL_CTX_set_ctlog_list_file.html doc/html/man3/SSL_CTX_set_default_passwd_cb.html doc/html/man3/SSL_CTX_set_generate_session_id.html doc/html/man3/SSL_CTX_set_info_callback.html doc/html/man3/SSL_CTX_set_keylog_callback.html doc/html/man3/SSL_CTX_set_max_cert_list.html doc/html/man3/SSL_CTX_set_min_proto_version.html doc/html/man3/SSL_CTX_set_mode.html doc/html/man3/SSL_CTX_set_msg_callback.html doc/html/man3/SSL_CTX_set_num_tickets.html doc/html/man3/SSL_CTX_set_options.html doc/html/man3/SSL_CTX_set_psk_client_callback.html doc/html/man3/SSL_CTX_set_quiet_shutdown.html doc/html/man3/SSL_CTX_set_read_ahead.html doc/html/man3/SSL_CTX_set_record_padding_callback.html doc/html/man3/SSL_CTX_set_security_level.html doc/html/man3/SSL_CTX_set_session_cache_mode.html doc/html/man3/SSL_CTX_set_session_id_context.html doc/html/man3/SSL_CTX_set_session_ticket_cb.html doc/html/man3/SSL_CTX_set_split_send_fragment.html doc/html/man3/SSL_CTX_set_srp_password.html doc/html/man3/SSL_CTX_set_ssl_version.html doc/html/man3/SSL_CTX_set_stateless_cookie_generate_cb.html doc/html/man3/SSL_CTX_set_timeout.html doc/html/man3/SSL_CTX_set_tlsext_servername_callback.html doc/html/man3/SSL_CTX_set_tlsext_status_cb.html doc/html/man3/SSL_CTX_set_tlsext_ticket_key_cb.html doc/html/man3/SSL_CTX_set_tlsext_use_srtp.html doc/html/man3/SSL_CTX_set_tmp_dh_callback.html doc/html/man3/SSL_CTX_set_tmp_ecdh.html doc/html/man3/SSL_CTX_set_verify.html doc/html/man3/SSL_CTX_use_certificate.html doc/html/man3/SSL_CTX_use_psk_identity_hint.html doc/html/man3/SSL_CTX_use_serverinfo.html doc/html/man3/SSL_SESSION_free.html doc/html/man3/SSL_SESSION_get0_cipher.html doc/html/man3/SSL_SESSION_get0_hostname.html doc/html/man3/SSL_SESSION_get0_id_context.html doc/html/man3/SSL_SESSION_get0_peer.html doc/html/man3/SSL_SESSION_get_compress_id.html doc/html/man3/SSL_SESSION_get_protocol_version.html doc/html/man3/SSL_SESSION_get_time.html doc/html/man3/SSL_SESSION_has_ticket.html doc/html/man3/SSL_SESSION_is_resumable.html doc/html/man3/SSL_SESSION_print.html doc/html/man3/SSL_SESSION_set1_id.html doc/html/man3/SSL_accept.html doc/html/man3/SSL_alert_type_string.html doc/html/man3/SSL_alloc_buffers.html doc/html/man3/SSL_check_chain.html doc/html/man3/SSL_clear.html doc/html/man3/SSL_connect.html doc/html/man3/SSL_do_handshake.html doc/html/man3/SSL_export_keying_material.html doc/html/man3/SSL_extension_supported.html doc/html/man3/SSL_free.html doc/html/man3/SSL_get0_peer_scts.html doc/html/man3/SSL_get_SSL_CTX.html doc/html/man3/SSL_get_all_async_fds.html doc/html/man3/SSL_get_ciphers.html doc/html/man3/SSL_get_client_random.html doc/html/man3/SSL_get_current_cipher.html doc/html/man3/SSL_get_default_timeout.html doc/html/man3/SSL_get_error.html doc/html/man3/SSL_get_extms_support.html doc/html/man3/SSL_get_fd.html doc/html/man3/SSL_get_peer_cert_chain.html doc/html/man3/SSL_get_peer_certificate.html doc/html/man3/SSL_get_peer_signature_nid.html doc/html/man3/SSL_get_peer_tmp_key.html doc/html/man3/SSL_get_psk_identity.html doc/html/man3/SSL_get_rbio.html doc/html/man3/SSL_get_session.html doc/html/man3/SSL_get_shared_sigalgs.html doc/html/man3/SSL_get_verify_result.html doc/html/man3/SSL_get_version.html doc/html/man3/SSL_in_init.html doc/html/man3/SSL_key_update.html doc/html/man3/SSL_library_init.html doc/html/man3/SSL_load_client_CA_file.html doc/html/man3/SSL_new.html doc/html/man3/SSL_pending.html doc/html/man3/SSL_read.html doc/html/man3/SSL_read_early_data.html doc/html/man3/SSL_rstate_string.html doc/html/man3/SSL_session_reused.html doc/html/man3/SSL_set1_host.html doc/html/man3/SSL_set_async_callback.html doc/html/man3/SSL_set_bio.html doc/html/man3/SSL_set_connect_state.html doc/html/man3/SSL_set_fd.html doc/html/man3/SSL_set_session.html doc/html/man3/SSL_set_shutdown.html doc/html/man3/SSL_set_verify_result.html doc/html/man3/SSL_shutdown.html doc/html/man3/SSL_state_string.html doc/html/man3/SSL_want.html doc/html/man3/SSL_write.html doc/html/man3/TS_VERIFY_CTX_set_certs.html doc/html/man3/UI_STRING.html doc/html/man3/UI_UTIL_read_pw.html doc/html/man3/UI_create_method.html doc/html/man3/UI_new.html doc/html/man3/X509V3_get_d2i.html doc/html/man3/X509_ALGOR_dup.html doc/html/man3/X509_CRL_get0_by_serial.html doc/html/man3/X509_EXTENSION_set_object.html doc/html/man3/X509_LOOKUP.html doc/html/man3/X509_LOOKUP_hash_dir.html doc/html/man3/X509_LOOKUP_meth_new.html doc/html/man3/X509_NAME_ENTRY_get_object.html doc/html/man3/X509_NAME_add_entry_by_txt.html doc/html/man3/X509_NAME_get0_der.html doc/html/man3/X509_NAME_get_index_by_NID.html doc/html/man3/X509_NAME_print_ex.html doc/html/man3/X509_PUBKEY_new.html doc/html/man3/X509_SIG_get0.html doc/html/man3/X509_STORE_CTX_get_error.html doc/html/man3/X509_STORE_CTX_new.html doc/html/man3/X509_STORE_CTX_set_verify_cb.html doc/html/man3/X509_STORE_add_cert.html doc/html/man3/X509_STORE_get0_param.html doc/html/man3/X509_STORE_new.html doc/html/man3/X509_STORE_set_verify_cb_func.html doc/html/man3/X509_VERIFY_PARAM_set_flags.html doc/html/man3/X509_add_cert.html doc/html/man3/X509_check_ca.html doc/html/man3/X509_check_host.html doc/html/man3/X509_check_issued.html doc/html/man3/X509_check_private_key.html doc/html/man3/X509_check_purpose.html doc/html/man3/X509_cmp.html doc/html/man3/X509_cmp_time.html doc/html/man3/X509_digest.html doc/html/man3/X509_dup.html doc/html/man3/X509_get0_distinguishing_id.html doc/html/man3/X509_get0_notBefore.html doc/html/man3/X509_get0_signature.html doc/html/man3/X509_get0_uids.html doc/html/man3/X509_get_extension_flags.html doc/html/man3/X509_get_pubkey.html doc/html/man3/X509_get_serialNumber.html doc/html/man3/X509_get_subject_name.html doc/html/man3/X509_get_version.html doc/html/man3/X509_load_http.html doc/html/man3/X509_new.html doc/html/man3/X509_sign.html doc/html/man3/X509_verify.html doc/html/man3/X509_verify_cert.html doc/html/man3/X509v3_get_ext_by_NID.html doc/html/man3/d2i_DHparams.html doc/html/man3/d2i_PKCS8PrivateKey_bio.html doc/html/man3/d2i_PrivateKey.html doc/html/man3/d2i_SSL_SESSION.html doc/html/man3/d2i_X509.html doc/html/man3/i2d_CMS_bio_stream.html doc/html/man3/i2d_PKCS7_bio_stream.html doc/html/man3/i2d_re_X509_tbs.html doc/html/man3/o2i_SCT_LIST.html doc/html/man3/s2i_ASN1_IA5STRING.html doc/html/man5/config.html doc/html/man5/fips_config.html doc/html/man5/x509v3_config.html doc/html/man7/EVP_KDF-HKDF.html doc/html/man7/EVP_KDF-KB.html doc/html/man7/EVP_KDF-KRB5KDF.html doc/html/man7/EVP_KDF-PBKDF2.html doc/html/man7/EVP_KDF-PKCS12KDF.html doc/html/man7/EVP_KDF-SCRYPT.html doc/html/man7/EVP_KDF-SS.html doc/html/man7/EVP_KDF-SSHKDF.html doc/html/man7/EVP_KDF-TLS1_PRF.html doc/html/man7/EVP_KDF-X942.html doc/html/man7/EVP_KDF-X963.html doc/html/man7/EVP_KEYEXCH-DH.html doc/html/man7/EVP_KEYEXCH-ECDH.html doc/html/man7/EVP_KEYEXCH-X25519.html doc/html/man7/EVP_MAC-BLAKE2.html doc/html/man7/EVP_MAC-CMAC.html doc/html/man7/EVP_MAC-GMAC.html doc/html/man7/EVP_MAC-HMAC.html doc/html/man7/EVP_MAC-KMAC.html doc/html/man7/EVP_MAC-Poly1305.html doc/html/man7/EVP_MAC-Siphash.html doc/html/man7/EVP_MD-BLAKE2.html doc/html/man7/EVP_MD-MD2.html doc/html/man7/EVP_MD-MD4.html doc/html/man7/EVP_MD-MD5-SHA1.html doc/html/man7/EVP_MD-MD5.html doc/html/man7/EVP_MD-MDC2.html doc/html/man7/EVP_MD-RIPEMD160.html doc/html/man7/EVP_MD-SHA1.html doc/html/man7/EVP_MD-SHA2.html doc/html/man7/EVP_MD-SHA3.html doc/html/man7/EVP_MD-SHAKE.html doc/html/man7/EVP_MD-SM3.html doc/html/man7/EVP_MD-WHIRLPOOL.html doc/html/man7/EVP_MD-common.html doc/html/man7/EVP_PKEY-DH.html doc/html/man7/EVP_PKEY-DSA.html doc/html/man7/EVP_PKEY-EC.html doc/html/man7/EVP_PKEY-FFC.html doc/html/man7/EVP_PKEY-RSA.html doc/html/man7/EVP_PKEY-X25519.html doc/html/man7/EVP_RAND-CTR-DRBG.html doc/html/man7/EVP_RAND-HASH-DRBG.html doc/html/man7/EVP_RAND-HMAC-DRBG.html doc/html/man7/EVP_RAND-TEST-RAND.html doc/html/man7/EVP_RAND.html doc/html/man7/EVP_SIGNATURE-DSA.html doc/html/man7/EVP_SIGNATURE-ECDSA.html doc/html/man7/EVP_SIGNATURE-ED25519.html doc/html/man7/EVP_SIGNATURE-RSA.html doc/html/man7/OSSL_PROVIDER-FIPS.html doc/html/man7/OSSL_PROVIDER-base.html doc/html/man7/OSSL_PROVIDER-default.html doc/html/man7/OSSL_PROVIDER-legacy.html doc/html/man7/OSSL_PROVIDER-null.html doc/html/man7/RAND.html doc/html/man7/RSA-PSS.html doc/html/man7/SM2.html doc/html/man7/X25519.html doc/html/man7/bio.html doc/html/man7/crypto.html doc/html/man7/ct.html doc/html/man7/des_modes.html doc/html/man7/evp.html doc/html/man7/openssl-core.h.html doc/html/man7/openssl-core_dispatch.h.html doc/html/man7/openssl-core_names.h.html doc/html/man7/openssl-env.html doc/html/man7/openssl_user_macros.html doc/html/man7/ossl_store-file.html doc/html/man7/ossl_store.html doc/html/man7/passphrase-encoding.html doc/html/man7/property.html doc/html/man7/provider-asym_cipher.html doc/html/man7/provider-base.html doc/html/man7/provider-cipher.html doc/html/man7/provider-digest.html doc/html/man7/provider-encoder.html doc/html/man7/provider-keyexch.html doc/html/man7/provider-keymgmt.html doc/html/man7/provider-mac.html doc/html/man7/provider-object.html doc/html/man7/provider-rand.html doc/html/man7/provider-signature.html doc/html/man7/provider-storemgmt.html doc/html/man7/provider.html doc/html/man7/proxy-certificates.html doc/html/man7/ssl.html doc/html/man7/x509.html
rm -f doc/man/man1/CA.pl.1 doc/man/man1/openssl-asn1parse.1 doc/man/man1/openssl-ca.1 doc/man/man1/openssl-ciphers.1 doc/man/man1/openssl-cmds.1 doc/man/man1/openssl-cmp.1 doc/man/man1/openssl-cms.1 doc/man/man1/openssl-crl.1 doc/man/man1/openssl-crl2pkcs7.1 doc/man/man1/openssl-dgst.1 doc/man/man1/openssl-dhparam.1 doc/man/man1/openssl-dsa.1 doc/man/man1/openssl-dsaparam.1 doc/man/man1/openssl-ec.1 doc/man/man1/openssl-ecparam.1 doc/man/man1/openssl-enc.1 doc/man/man1/openssl-engine.1 doc/man/man1/openssl-errstr.1 doc/man/man1/openssl-fipsinstall.1 doc/man/man1/openssl-gendsa.1 doc/man/man1/openssl-genpkey.1 doc/man/man1/openssl-genrsa.1 doc/man/man1/openssl-info.1 doc/man/man1/openssl-kdf.1 doc/man/man1/openssl-list.1 doc/man/man1/openssl-mac.1 doc/man/man1/openssl-nseq.1 doc/man/man1/openssl-ocsp.1 doc/man/man1/openssl-passwd.1 doc/man/man1/openssl-pkcs12.1 doc/man/man1/openssl-pkcs7.1 doc/man/man1/openssl-pkcs8.1 doc/man/man1/openssl-pkey.1 doc/man/man1/openssl-pkeyparam.1 doc/man/man1/openssl-pkeyutl.1 doc/man/man1/openssl-prime.1 doc/man/man1/openssl-provider.1 doc/man/man1/openssl-rand.1 doc/man/man1/openssl-rehash.1 doc/man/man1/openssl-req.1 doc/man/man1/openssl-rsa.1 doc/man/man1/openssl-rsautl.1 doc/man/man1/openssl-s_client.1 doc/man/man1/openssl-s_server.1 doc/man/man1/openssl-s_time.1 doc/man/man1/openssl-sess_id.1 doc/man/man1/openssl-smime.1 doc/man/man1/openssl-speed.1 doc/man/man1/openssl-spkac.1 doc/man/man1/openssl-srp.1 doc/man/man1/openssl-storeutl.1 doc/man/man1/openssl-ts.1 doc/man/man1/openssl-verify.1 doc/man/man1/openssl-version.1 doc/man/man1/openssl-x509.1 doc/man/man1/openssl.1 doc/man/man1/tsget.1 doc/man/man3/ADMISSIONS.3 doc/man/man3/ASN1_INTEGER_get_int64.3 doc/man/man3/ASN1_INTEGER_new.3 doc/man/man3/ASN1_ITEM_lookup.3 doc/man/man3/ASN1_OBJECT_new.3 doc/man/man3/ASN1_STRING_TABLE_add.3 doc/man/man3/ASN1_STRING_length.3 doc/man/man3/ASN1_STRING_new.3 doc/man/man3/ASN1_STRING_print_ex.3 doc/man/man3/ASN1_TIME_set.3 doc/man/man3/ASN1_TYPE_get.3 doc/man/man3/ASN1_generate_nconf.3 doc/man/man3/ASYNC_WAIT_CTX_new.3 doc/man/man3/ASYNC_start_job.3 doc/man/man3/BF_encrypt.3 doc/man/man3/BIO_ADDR.3 doc/man/man3/BIO_ADDRINFO.3 doc/man/man3/BIO_connect.3 doc/man/man3/BIO_ctrl.3 doc/man/man3/BIO_f_base64.3 doc/man/man3/BIO_f_buffer.3 doc/man/man3/BIO_f_cipher.3 doc/man/man3/BIO_f_md.3 doc/man/man3/BIO_f_null.3 doc/man/man3/BIO_f_prefix.3 doc/man/man3/BIO_f_ssl.3 doc/man/man3/BIO_find_type.3 doc/man/man3/BIO_get_data.3 doc/man/man3/BIO_get_ex_new_index.3 doc/man/man3/BIO_meth_new.3 doc/man/man3/BIO_new.3 doc/man/man3/BIO_new_CMS.3 doc/man/man3/BIO_parse_hostserv.3 doc/man/man3/BIO_printf.3 doc/man/man3/BIO_push.3 doc/man/man3/BIO_read.3 doc/man/man3/BIO_s_accept.3 doc/man/man3/BIO_s_bio.3 doc/man/man3/BIO_s_connect.3 doc/man/man3/BIO_s_fd.3 doc/man/man3/BIO_s_file.3 doc/man/man3/BIO_s_mem.3 doc/man/man3/BIO_s_null.3 doc/man/man3/BIO_s_socket.3 doc/man/man3/BIO_set_callback.3 doc/man/man3/BIO_should_retry.3 doc/man/man3/BIO_socket_wait.3 doc/man/man3/BN_BLINDING_new.3 doc/man/man3/BN_CTX_new.3 doc/man/man3/BN_CTX_start.3 doc/man/man3/BN_add.3 doc/man/man3/BN_add_word.3 doc/man/man3/BN_bn2bin.3 doc/man/man3/BN_cmp.3 doc/man/man3/BN_copy.3 doc/man/man3/BN_generate_prime.3 doc/man/man3/BN_mod_inverse.3 doc/man/man3/BN_mod_mul_montgomery.3 doc/man/man3/BN_mod_mul_reciprocal.3 doc/man/man3/BN_new.3 doc/man/man3/BN_num_bytes.3 doc/man/man3/BN_rand.3 doc/man/man3/BN_security_bits.3 doc/man/man3/BN_set_bit.3 doc/man/man3/BN_swap.3 doc/man/man3/BN_zero.3 doc/man/man3/BUF_MEM_new.3 doc/man/man3/CMS_EncryptedData_decrypt.3 doc/man/man3/CMS_EncryptedData_encrypt.3 doc/man/man3/CMS_EnvelopedData_create.3 doc/man/man3/CMS_add0_cert.3 doc/man/man3/CMS_add1_recipient_cert.3 doc/man/man3/CMS_add1_signer.3 doc/man/man3/CMS_compress.3 doc/man/man3/CMS_data_create.3 doc/man/man3/CMS_decrypt.3 doc/man/man3/CMS_digest_create.3 doc/man/man3/CMS_encrypt.3 doc/man/man3/CMS_final.3 doc/man/man3/CMS_get0_RecipientInfos.3 doc/man/man3/CMS_get0_SignerInfos.3 doc/man/man3/CMS_get0_type.3 doc/man/man3/CMS_get1_ReceiptRequest.3 doc/man/man3/CMS_sign.3 doc/man/man3/CMS_sign_receipt.3 doc/man/man3/CMS_uncompress.3 doc/man/man3/CMS_verify.3 doc/man/man3/CMS_verify_receipt.3 doc/man/man3/CONF_modules_free.3 doc/man/man3/CONF_modules_load_file.3 doc/man/man3/CRYPTO_THREAD_run_once.3 doc/man/man3/CRYPTO_get_ex_new_index.3 doc/man/man3/CRYPTO_memcmp.3 doc/man/man3/CTLOG_STORE_get0_log_by_id.3 doc/man/man3/CTLOG_STORE_new.3 doc/man/man3/CTLOG_new.3 doc/man/man3/CT_POLICY_EVAL_CTX_new.3 doc/man/man3/DEFINE_STACK_OF.3 doc/man/man3/DES_random_key.3 doc/man/man3/DH_generate_key.3 doc/man/man3/DH_generate_parameters.3 doc/man/man3/DH_get0_pqg.3 doc/man/man3/DH_get_1024_160.3 doc/man/man3/DH_meth_new.3 doc/man/man3/DH_new.3 doc/man/man3/DH_new_by_nid.3 doc/man/man3/DH_set_method.3 doc/man/man3/DH_size.3 doc/man/man3/DSA_SIG_new.3 doc/man/man3/DSA_do_sign.3 doc/man/man3/DSA_dup_DH.3 doc/man/man3/DSA_generate_key.3 doc/man/man3/DSA_generate_parameters.3 doc/man/man3/DSA_get0_pqg.3 doc/man/man3/DSA_meth_new.3 doc/man/man3/DSA_new.3 doc/man/man3/DSA_set_method.3 doc/man/man3/DSA_sign.3 doc/man/man3/DSA_size.3 doc/man/man3/DTLS_get_data_mtu.3 doc/man/man3/DTLS_set_timer_cb.3 doc/man/man3/DTLSv1_listen.3 doc/man/man3/ECDSA_SIG_new.3 doc/man/man3/ECPKParameters_print.3 doc/man/man3/EC_GFp_simple_method.3 doc/man/man3/EC_GROUP_copy.3 doc/man/man3/EC_GROUP_new.3 doc/man/man3/EC_KEY_get_enc_flags.3 doc/man/man3/EC_KEY_new.3 doc/man/man3/EC_POINT_add.3 doc/man/man3/EC_POINT_new.3 doc/man/man3/ENGINE_add.3 doc/man/man3/ERR_GET_LIB.3 doc/man/man3/ERR_clear_error.3 doc/man/man3/ERR_error_string.3 doc/man/man3/ERR_get_error.3 doc/man/man3/ERR_load_crypto_strings.3 doc/man/man3/ERR_load_strings.3 doc/man/man3/ERR_new.3 doc/man/man3/ERR_print_errors.3 doc/man/man3/ERR_put_error.3 doc/man/man3/ERR_remove_state.3 doc/man/man3/ERR_set_mark.3 doc/man/man3/EVP_ASYM_CIPHER_free.3 doc/man/man3/EVP_BytesToKey.3 doc/man/man3/EVP_CIPHER_CTX_get_cipher_data.3 doc/man/man3/EVP_CIPHER_CTX_get_iv.3 doc/man/man3/EVP_CIPHER_meth_new.3 doc/man/man3/EVP_DigestInit.3 doc/man/man3/EVP_DigestSignInit.3 doc/man/man3/EVP_DigestVerifyInit.3 doc/man/man3/EVP_EncodeInit.3 doc/man/man3/EVP_EncryptInit.3 doc/man/man3/EVP_KDF.3 doc/man/man3/EVP_KEYEXCH_free.3 doc/man/man3/EVP_KEYMGMT.3 doc/man/man3/EVP_MAC.3 doc/man/man3/EVP_MD_meth_new.3 doc/man/man3/EVP_OpenInit.3 doc/man/man3/EVP_PKEY_ASN1_METHOD.3 doc/man/man3/EVP_PKEY_CTX_ctrl.3 doc/man/man3/EVP_PKEY_CTX_new.3 doc/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3 doc/man/man3/EVP_PKEY_CTX_set_hkdf_md.3 doc/man/man3/EVP_PKEY_CTX_set_params.3 doc/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3 doc/man/man3/EVP_PKEY_CTX_set_scrypt_N.3 doc/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3 doc/man/man3/EVP_PKEY_asn1_get_count.3 doc/man/man3/EVP_PKEY_check.3 doc/man/man3/EVP_PKEY_copy_parameters.3 doc/man/man3/EVP_PKEY_decrypt.3 doc/man/man3/EVP_PKEY_derive.3 doc/man/man3/EVP_PKEY_encrypt.3 doc/man/man3/EVP_PKEY_fromdata.3 doc/man/man3/EVP_PKEY_gen.3 doc/man/man3/EVP_PKEY_get_default_digest_nid.3 doc/man/man3/EVP_PKEY_gettable_params.3 doc/man/man3/EVP_PKEY_is_a.3 doc/man/man3/EVP_PKEY_meth_get_count.3 doc/man/man3/EVP_PKEY_meth_new.3 doc/man/man3/EVP_PKEY_new.3 doc/man/man3/EVP_PKEY_print_private.3 doc/man/man3/EVP_PKEY_set1_RSA.3 doc/man/man3/EVP_PKEY_set_type.3 doc/man/man3/EVP_PKEY_sign.3 doc/man/man3/EVP_PKEY_size.3 doc/man/man3/EVP_PKEY_supports_digest_nid.3 doc/man/man3/EVP_PKEY_verify.3 doc/man/man3/EVP_PKEY_verify_recover.3 doc/man/man3/EVP_RAND.3 doc/man/man3/EVP_SIGNATURE_free.3 doc/man/man3/EVP_SealInit.3 doc/man/man3/EVP_SignInit.3 doc/man/man3/EVP_VerifyInit.3 doc/man/man3/EVP_aes_128_gcm.3 doc/man/man3/EVP_aria_128_gcm.3 doc/man/man3/EVP_bf_cbc.3 doc/man/man3/EVP_blake2b512.3 doc/man/man3/EVP_camellia_128_ecb.3 doc/man/man3/EVP_cast5_cbc.3 doc/man/man3/EVP_chacha20.3 doc/man/man3/EVP_des_cbc.3 doc/man/man3/EVP_desx_cbc.3 doc/man/man3/EVP_idea_cbc.3 doc/man/man3/EVP_md2.3 doc/man/man3/EVP_md4.3 doc/man/man3/EVP_md5.3 doc/man/man3/EVP_mdc2.3 doc/man/man3/EVP_rc2_cbc.3 doc/man/man3/EVP_rc4.3 doc/man/man3/EVP_rc5_32_12_16_cbc.3 doc/man/man3/EVP_ripemd160.3 doc/man/man3/EVP_seed_cbc.3 doc/man/man3/EVP_set_default_properties.3 doc/man/man3/EVP_sha1.3 doc/man/man3/EVP_sha224.3 doc/man/man3/EVP_sha3_224.3 doc/man/man3/EVP_sm3.3 doc/man/man3/EVP_sm4_cbc.3 doc/man/man3/EVP_whirlpool.3 doc/man/man3/HMAC.3 doc/man/man3/MD5.3 doc/man/man3/MDC2_Init.3 doc/man/man3/NCONF_new_with_libctx.3 doc/man/man3/OBJ_nid2obj.3 doc/man/man3/OCSP_REQUEST_new.3 doc/man/man3/OCSP_cert_to_id.3 doc/man/man3/OCSP_request_add1_nonce.3 doc/man/man3/OCSP_resp_find_status.3 doc/man/man3/OCSP_response_status.3 doc/man/man3/OCSP_sendreq_new.3 doc/man/man3/OPENSSL_Applink.3 doc/man/man3/OPENSSL_CTX.3 doc/man/man3/OPENSSL_FILE.3 doc/man/man3/OPENSSL_LH_COMPFUNC.3 doc/man/man3/OPENSSL_LH_stats.3 doc/man/man3/OPENSSL_config.3 doc/man/man3/OPENSSL_fork_prepare.3 doc/man/man3/OPENSSL_hexchar2int.3 doc/man/man3/OPENSSL_ia32cap.3 doc/man/man3/OPENSSL_init_crypto.3 doc/man/man3/OPENSSL_init_ssl.3 doc/man/man3/OPENSSL_instrument_bus.3 doc/man/man3/OPENSSL_load_builtin_modules.3 doc/man/man3/OPENSSL_malloc.3 doc/man/man3/OPENSSL_s390xcap.3 doc/man/man3/OPENSSL_secure_malloc.3 doc/man/man3/OSSL_CMP_CTX_new.3 doc/man/man3/OSSL_CMP_HDR_get0_transactionID.3 doc/man/man3/OSSL_CMP_ITAV_set0.3 doc/man/man3/OSSL_CMP_MSG_get0_header.3 doc/man/man3/OSSL_CMP_MSG_http_perform.3 doc/man/man3/OSSL_CMP_SRV_CTX_new.3 doc/man/man3/OSSL_CMP_STATUSINFO_new.3 doc/man/man3/OSSL_CMP_exec_certreq.3 doc/man/man3/OSSL_CMP_log_open.3 doc/man/man3/OSSL_CMP_validate_msg.3 doc/man/man3/OSSL_CRMF_MSG_get0_tmpl.3 doc/man/man3/OSSL_CRMF_MSG_set0_validity.3 doc/man/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.3 doc/man/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.3 doc/man/man3/OSSL_CRMF_pbmp_new.3 doc/man/man3/OSSL_DECODER.3 doc/man/man3/OSSL_DECODER_CTX.3 doc/man/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_DECODER_from_bio.3 doc/man/man3/OSSL_ENCODER.3 doc/man/man3/OSSL_ENCODER_CTX.3 doc/man/man3/OSSL_ENCODER_CTX_new_by_EVP_PKEY.3 doc/man/man3/OSSL_ENCODER_to_bio.3 doc/man/man3/OSSL_HTTP_transfer.3 doc/man/man3/OSSL_PARAM.3 doc/man/man3/OSSL_PARAM_BLD.3 doc/man/man3/OSSL_PARAM_allocate_from_text.3 doc/man/man3/OSSL_PARAM_int.3 doc/man/man3/OSSL_PROVIDER.3 doc/man/man3/OSSL_SELF_TEST_new.3 doc/man/man3/OSSL_SELF_TEST_set_callback.3 doc/man/man3/OSSL_STORE_INFO.3 doc/man/man3/OSSL_STORE_LOADER.3 doc/man/man3/OSSL_STORE_SEARCH.3 doc/man/man3/OSSL_STORE_attach.3 doc/man/man3/OSSL_STORE_expect.3 doc/man/man3/OSSL_STORE_open.3 doc/man/man3/OSSL_trace_enabled.3 doc/man/man3/OSSL_trace_get_category_num.3 doc/man/man3/OSSL_trace_set_channel.3 doc/man/man3/OpenSSL_add_all_algorithms.3 doc/man/man3/OpenSSL_version.3 doc/man/man3/PEM_X509_INFO_read_bio_with_libctx.3 doc/man/man3/PEM_bytes_read_bio.3 doc/man/man3/PEM_read.3 doc/man/man3/PEM_read_CMS.3 doc/man/man3/PEM_read_bio_PrivateKey.3 doc/man/man3/PEM_read_bio_ex.3 doc/man/man3/PEM_write_bio_CMS_stream.3 doc/man/man3/PEM_write_bio_PKCS7_stream.3 doc/man/man3/PKCS12_SAFEBAG_create_cert.3 doc/man/man3/PKCS12_SAFEBAG_get0_attrs.3 doc/man/man3/PKCS12_SAFEBAG_get1_cert.3 doc/man/man3/PKCS12_add1_attr_by_NID.3 doc/man/man3/PKCS12_add_CSPName_asc.3 doc/man/man3/PKCS12_add_cert.3 doc/man/man3/PKCS12_add_friendlyname_asc.3 doc/man/man3/PKCS12_add_localkeyid.3 doc/man/man3/PKCS12_add_safe.3 doc/man/man3/PKCS12_create.3 doc/man/man3/PKCS12_get_friendlyname.3 doc/man/man3/PKCS12_newpass.3 doc/man/man3/PKCS12_parse.3 doc/man/man3/PKCS5_PBKDF2_HMAC.3 doc/man/man3/PKCS7_decrypt.3 doc/man/man3/PKCS7_encrypt.3 doc/man/man3/PKCS7_sign.3 doc/man/man3/PKCS7_sign_add_signer.3 doc/man/man3/PKCS7_verify.3 doc/man/man3/PKCS8_pkey_add1_attr.3 doc/man/man3/RAND_add.3 doc/man/man3/RAND_bytes.3 doc/man/man3/RAND_cleanup.3 doc/man/man3/RAND_egd.3 doc/man/man3/RAND_get0_primary.3 doc/man/man3/RAND_load_file.3 doc/man/man3/RAND_set_rand_method.3 doc/man/man3/RC4_set_key.3 doc/man/man3/RIPEMD160_Init.3 doc/man/man3/RSA_blinding_on.3 doc/man/man3/RSA_check_key.3 doc/man/man3/RSA_generate_key.3 doc/man/man3/RSA_get0_key.3 doc/man/man3/RSA_meth_new.3 doc/man/man3/RSA_new.3 doc/man/man3/RSA_padding_add_PKCS1_type_1.3 doc/man/man3/RSA_print.3 doc/man/man3/RSA_private_encrypt.3 doc/man/man3/RSA_public_encrypt.3 doc/man/man3/RSA_set_method.3 doc/man/man3/RSA_sign.3 doc/man/man3/RSA_sign_ASN1_OCTET_STRING.3 doc/man/man3/RSA_size.3 doc/man/man3/SCT_new.3 doc/man/man3/SCT_print.3 doc/man/man3/SCT_validate.3 doc/man/man3/SHA256_Init.3 doc/man/man3/SMIME_read_ASN1.3 doc/man/man3/SMIME_read_CMS.3 doc/man/man3/SMIME_read_PKCS7.3 doc/man/man3/SMIME_write_ASN1.3 doc/man/man3/SMIME_write_CMS.3 doc/man/man3/SMIME_write_PKCS7.3 doc/man/man3/SRP_Calc_B.3 doc/man/man3/SRP_VBASE_new.3 doc/man/man3/SRP_create_verifier.3 doc/man/man3/SRP_user_pwd_new.3 doc/man/man3/SSL_CIPHER_get_name.3 doc/man/man3/SSL_COMP_add_compression_method.3 doc/man/man3/SSL_CONF_CTX_new.3 doc/man/man3/SSL_CONF_CTX_set1_prefix.3 doc/man/man3/SSL_CONF_CTX_set_flags.3 doc/man/man3/SSL_CONF_CTX_set_ssl_ctx.3 doc/man/man3/SSL_CONF_cmd.3 doc/man/man3/SSL_CONF_cmd_argv.3 doc/man/man3/SSL_CTX_add1_chain_cert.3 doc/man/man3/SSL_CTX_add_extra_chain_cert.3 doc/man/man3/SSL_CTX_add_session.3 doc/man/man3/SSL_CTX_config.3 doc/man/man3/SSL_CTX_ctrl.3 doc/man/man3/SSL_CTX_dane_enable.3 doc/man/man3/SSL_CTX_flush_sessions.3 doc/man/man3/SSL_CTX_free.3 doc/man/man3/SSL_CTX_get0_param.3 doc/man/man3/SSL_CTX_get_verify_mode.3 doc/man/man3/SSL_CTX_has_client_custom_ext.3 doc/man/man3/SSL_CTX_load_verify_locations.3 doc/man/man3/SSL_CTX_new.3 doc/man/man3/SSL_CTX_sess_number.3 doc/man/man3/SSL_CTX_sess_set_cache_size.3 doc/man/man3/SSL_CTX_sess_set_get_cb.3 doc/man/man3/SSL_CTX_sessions.3 doc/man/man3/SSL_CTX_set0_CA_list.3 doc/man/man3/SSL_CTX_set1_curves.3 doc/man/man3/SSL_CTX_set1_sigalgs.3 doc/man/man3/SSL_CTX_set1_verify_cert_store.3 doc/man/man3/SSL_CTX_set_alpn_select_cb.3 doc/man/man3/SSL_CTX_set_cert_cb.3 doc/man/man3/SSL_CTX_set_cert_store.3 doc/man/man3/SSL_CTX_set_cert_verify_callback.3 doc/man/man3/SSL_CTX_set_cipher_list.3 doc/man/man3/SSL_CTX_set_client_cert_cb.3 doc/man/man3/SSL_CTX_set_client_hello_cb.3 doc/man/man3/SSL_CTX_set_ct_validation_callback.3 doc/man/man3/SSL_CTX_set_ctlog_list_file.3 doc/man/man3/SSL_CTX_set_default_passwd_cb.3 doc/man/man3/SSL_CTX_set_generate_session_id.3 doc/man/man3/SSL_CTX_set_info_callback.3 doc/man/man3/SSL_CTX_set_keylog_callback.3 doc/man/man3/SSL_CTX_set_max_cert_list.3 doc/man/man3/SSL_CTX_set_min_proto_version.3 doc/man/man3/SSL_CTX_set_mode.3 doc/man/man3/SSL_CTX_set_msg_callback.3 doc/man/man3/SSL_CTX_set_num_tickets.3 doc/man/man3/SSL_CTX_set_options.3 doc/man/man3/SSL_CTX_set_psk_client_callback.3 doc/man/man3/SSL_CTX_set_quiet_shutdown.3 doc/man/man3/SSL_CTX_set_read_ahead.3 doc/man/man3/SSL_CTX_set_record_padding_callback.3 doc/man/man3/SSL_CTX_set_security_level.3 doc/man/man3/SSL_CTX_set_session_cache_mode.3 doc/man/man3/SSL_CTX_set_session_id_context.3 doc/man/man3/SSL_CTX_set_session_ticket_cb.3 doc/man/man3/SSL_CTX_set_split_send_fragment.3 doc/man/man3/SSL_CTX_set_srp_password.3 doc/man/man3/SSL_CTX_set_ssl_version.3 doc/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3 doc/man/man3/SSL_CTX_set_timeout.3 doc/man/man3/SSL_CTX_set_tlsext_servername_callback.3 doc/man/man3/SSL_CTX_set_tlsext_status_cb.3 doc/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3 doc/man/man3/SSL_CTX_set_tlsext_use_srtp.3 doc/man/man3/SSL_CTX_set_tmp_dh_callback.3 doc/man/man3/SSL_CTX_set_tmp_ecdh.3 doc/man/man3/SSL_CTX_set_verify.3 doc/man/man3/SSL_CTX_use_certificate.3 doc/man/man3/SSL_CTX_use_psk_identity_hint.3 doc/man/man3/SSL_CTX_use_serverinfo.3 doc/man/man3/SSL_SESSION_free.3 doc/man/man3/SSL_SESSION_get0_cipher.3 doc/man/man3/SSL_SESSION_get0_hostname.3 doc/man/man3/SSL_SESSION_get0_id_context.3 doc/man/man3/SSL_SESSION_get0_peer.3 doc/man/man3/SSL_SESSION_get_compress_id.3 doc/man/man3/SSL_SESSION_get_protocol_version.3 doc/man/man3/SSL_SESSION_get_time.3 doc/man/man3/SSL_SESSION_has_ticket.3 doc/man/man3/SSL_SESSION_is_resumable.3 doc/man/man3/SSL_SESSION_print.3 doc/man/man3/SSL_SESSION_set1_id.3 doc/man/man3/SSL_accept.3 doc/man/man3/SSL_alert_type_string.3 doc/man/man3/SSL_alloc_buffers.3 doc/man/man3/SSL_check_chain.3 doc/man/man3/SSL_clear.3 doc/man/man3/SSL_connect.3 doc/man/man3/SSL_do_handshake.3 doc/man/man3/SSL_export_keying_material.3 doc/man/man3/SSL_extension_supported.3 doc/man/man3/SSL_free.3 doc/man/man3/SSL_get0_peer_scts.3 doc/man/man3/SSL_get_SSL_CTX.3 doc/man/man3/SSL_get_all_async_fds.3 doc/man/man3/SSL_get_ciphers.3 doc/man/man3/SSL_get_client_random.3 doc/man/man3/SSL_get_current_cipher.3 doc/man/man3/SSL_get_default_timeout.3 doc/man/man3/SSL_get_error.3 doc/man/man3/SSL_get_extms_support.3 doc/man/man3/SSL_get_fd.3 doc/man/man3/SSL_get_peer_cert_chain.3 doc/man/man3/SSL_get_peer_certificate.3 doc/man/man3/SSL_get_peer_signature_nid.3 doc/man/man3/SSL_get_peer_tmp_key.3 doc/man/man3/SSL_get_psk_identity.3 doc/man/man3/SSL_get_rbio.3 doc/man/man3/SSL_get_session.3 doc/man/man3/SSL_get_shared_sigalgs.3 doc/man/man3/SSL_get_verify_result.3 doc/man/man3/SSL_get_version.3 doc/man/man3/SSL_in_init.3 doc/man/man3/SSL_key_update.3 doc/man/man3/SSL_library_init.3 doc/man/man3/SSL_load_client_CA_file.3 doc/man/man3/SSL_new.3 doc/man/man3/SSL_pending.3 doc/man/man3/SSL_read.3 doc/man/man3/SSL_read_early_data.3 doc/man/man3/SSL_rstate_string.3 doc/man/man3/SSL_session_reused.3 doc/man/man3/SSL_set1_host.3 doc/man/man3/SSL_set_async_callback.3 doc/man/man3/SSL_set_bio.3 doc/man/man3/SSL_set_connect_state.3 doc/man/man3/SSL_set_fd.3 doc/man/man3/SSL_set_session.3 doc/man/man3/SSL_set_shutdown.3 doc/man/man3/SSL_set_verify_result.3 doc/man/man3/SSL_shutdown.3 doc/man/man3/SSL_state_string.3 doc/man/man3/SSL_want.3 doc/man/man3/SSL_write.3 doc/man/man3/TS_VERIFY_CTX_set_certs.3 doc/man/man3/UI_STRING.3 doc/man/man3/UI_UTIL_read_pw.3 doc/man/man3/UI_create_method.3 doc/man/man3/UI_new.3 doc/man/man3/X509V3_get_d2i.3 doc/man/man3/X509_ALGOR_dup.3 doc/man/man3/X509_CRL_get0_by_serial.3 doc/man/man3/X509_EXTENSION_set_object.3 doc/man/man3/X509_LOOKUP.3 doc/man/man3/X509_LOOKUP_hash_dir.3 doc/man/man3/X509_LOOKUP_meth_new.3 doc/man/man3/X509_NAME_ENTRY_get_object.3 doc/man/man3/X509_NAME_add_entry_by_txt.3 doc/man/man3/X509_NAME_get0_der.3 doc/man/man3/X509_NAME_get_index_by_NID.3 doc/man/man3/X509_NAME_print_ex.3 doc/man/man3/X509_PUBKEY_new.3 doc/man/man3/X509_SIG_get0.3 doc/man/man3/X509_STORE_CTX_get_error.3 doc/man/man3/X509_STORE_CTX_new.3 doc/man/man3/X509_STORE_CTX_set_verify_cb.3 doc/man/man3/X509_STORE_add_cert.3 doc/man/man3/X509_STORE_get0_param.3 doc/man/man3/X509_STORE_new.3 doc/man/man3/X509_STORE_set_verify_cb_func.3 doc/man/man3/X509_VERIFY_PARAM_set_flags.3 doc/man/man3/X509_add_cert.3 doc/man/man3/X509_check_ca.3 doc/man/man3/X509_check_host.3 doc/man/man3/X509_check_issued.3 doc/man/man3/X509_check_private_key.3 doc/man/man3/X509_check_purpose.3 doc/man/man3/X509_cmp.3 doc/man/man3/X509_cmp_time.3 doc/man/man3/X509_digest.3 doc/man/man3/X509_dup.3 doc/man/man3/X509_get0_distinguishing_id.3 doc/man/man3/X509_get0_notBefore.3 doc/man/man3/X509_get0_signature.3 doc/man/man3/X509_get0_uids.3 doc/man/man3/X509_get_extension_flags.3 doc/man/man3/X509_get_pubkey.3 doc/man/man3/X509_get_serialNumber.3 doc/man/man3/X509_get_subject_name.3 doc/man/man3/X509_get_version.3 doc/man/man3/X509_load_http.3 doc/man/man3/X509_new.3 doc/man/man3/X509_sign.3 doc/man/man3/X509_verify.3 doc/man/man3/X509_verify_cert.3 doc/man/man3/X509v3_get_ext_by_NID.3 doc/man/man3/d2i_DHparams.3 doc/man/man3/d2i_PKCS8PrivateKey_bio.3 doc/man/man3/d2i_PrivateKey.3 doc/man/man3/d2i_SSL_SESSION.3 doc/man/man3/d2i_X509.3 doc/man/man3/i2d_CMS_bio_stream.3 doc/man/man3/i2d_PKCS7_bio_stream.3 doc/man/man3/i2d_re_X509_tbs.3 doc/man/man3/o2i_SCT_LIST.3 doc/man/man3/s2i_ASN1_IA5STRING.3 doc/man/man5/config.5 doc/man/man5/fips_config.5 doc/man/man5/x509v3_config.5 doc/man/man7/EVP_KDF-HKDF.7 doc/man/man7/EVP_KDF-KB.7 doc/man/man7/EVP_KDF-KRB5KDF.7 doc/man/man7/EVP_KDF-PBKDF2.7 doc/man/man7/EVP_KDF-PKCS12KDF.7 doc/man/man7/EVP_KDF-SCRYPT.7 doc/man/man7/EVP_KDF-SS.7 doc/man/man7/EVP_KDF-SSHKDF.7 doc/man/man7/EVP_KDF-TLS1_PRF.7 doc/man/man7/EVP_KDF-X942.7 doc/man/man7/EVP_KDF-X963.7 doc/man/man7/EVP_KEYEXCH-DH.7 doc/man/man7/EVP_KEYEXCH-ECDH.7 doc/man/man7/EVP_KEYEXCH-X25519.7 doc/man/man7/EVP_MAC-BLAKE2.7 doc/man/man7/EVP_MAC-CMAC.7 doc/man/man7/EVP_MAC-GMAC.7 doc/man/man7/EVP_MAC-HMAC.7 doc/man/man7/EVP_MAC-KMAC.7 doc/man/man7/EVP_MAC-Poly1305.7 doc/man/man7/EVP_MAC-Siphash.7 doc/man/man7/EVP_MD-BLAKE2.7 doc/man/man7/EVP_MD-MD2.7 doc/man/man7/EVP_MD-MD4.7 doc/man/man7/EVP_MD-MD5-SHA1.7 doc/man/man7/EVP_MD-MD5.7 doc/man/man7/EVP_MD-MDC2.7 doc/man/man7/EVP_MD-RIPEMD160.7 doc/man/man7/EVP_MD-SHA1.7 doc/man/man7/EVP_MD-SHA2.7 doc/man/man7/EVP_MD-SHA3.7 doc/man/man7/EVP_MD-SHAKE.7 doc/man/man7/EVP_MD-SM3.7 doc/man/man7/EVP_MD-WHIRLPOOL.7 doc/man/man7/EVP_MD-common.7 doc/man/man7/EVP_PKEY-DH.7 doc/man/man7/EVP_PKEY-DSA.7 doc/man/man7/EVP_PKEY-EC.7 doc/man/man7/EVP_PKEY-FFC.7 doc/man/man7/EVP_PKEY-RSA.7 doc/man/man7/EVP_PKEY-X25519.7 doc/man/man7/EVP_RAND-CTR-DRBG.7 doc/man/man7/EVP_RAND-HASH-DRBG.7 doc/man/man7/EVP_RAND-HMAC-DRBG.7 doc/man/man7/EVP_RAND-TEST-RAND.7 doc/man/man7/EVP_RAND.7 doc/man/man7/EVP_SIGNATURE-DSA.7 doc/man/man7/EVP_SIGNATURE-ECDSA.7 doc/man/man7/EVP_SIGNATURE-ED25519.7 doc/man/man7/EVP_SIGNATURE-RSA.7 doc/man/man7/OSSL_PROVIDER-FIPS.7 doc/man/man7/OSSL_PROVIDER-base.7 doc/man/man7/OSSL_PROVIDER-default.7 doc/man/man7/OSSL_PROVIDER-legacy.7 doc/man/man7/OSSL_PROVIDER-null.7 doc/man/man7/RAND.7 doc/man/man7/RSA-PSS.7 doc/man/man7/SM2.7 doc/man/man7/X25519.7 doc/man/man7/bio.7 doc/man/man7/crypto.7 doc/man/man7/ct.7 doc/man/man7/des_modes.7 doc/man/man7/evp.7 doc/man/man7/openssl-core.h.7 doc/man/man7/openssl-core_dispatch.h.7 doc/man/man7/openssl-core_names.h.7 doc/man/man7/openssl-env.7 doc/man/man7/openssl_user_macros.7 doc/man/man7/ossl_store-file.7 doc/man/man7/ossl_store.7 doc/man/man7/passphrase-encoding.7 doc/man/man7/property.7 doc/man/man7/provider-asym_cipher.7 doc/man/man7/provider-base.7 doc/man/man7/provider-cipher.7 doc/man/man7/provider-digest.7 doc/man/man7/provider-encoder.7 doc/man/man7/provider-keyexch.7 doc/man/man7/provider-keymgmt.7 doc/man/man7/provider-mac.7 doc/man/man7/provider-object.7 doc/man/man7/provider-rand.7 doc/man/man7/provider-signature.7 doc/man/man7/provider-storemgmt.7 doc/man/man7/provider.7 doc/man/man7/proxy-certificates.7 doc/man/man7/ssl.7 doc/man/man7/x509.7
rm -f apps/openssl fuzz/asn1-test fuzz/asn1parse-test fuzz/bignum-test fuzz/bndiv-test fuzz/client-test fuzz/cmp-test fuzz/cms-test fuzz/conf-test fuzz/crl-test fuzz/ct-test fuzz/server-test fuzz/x509-test test/aborttest test/acvp_test test/aesgcmtest test/afalgtest test/asn1_decode_test test/asn1_dsa_internal_test test/asn1_encode_test test/asn1_internal_test test/asn1_string_table_test test/asn1_time_test test/asynciotest test/asynctest test/bad_dtls_test test/bftest test/bio_callback_test test/bio_enc_test test/bio_memleak_test test/bio_prefix_text test/bioprinttest test/bn_internal_test test/bntest test/buildtest_c_aes test/buildtest_c_asn1 test/buildtest_c_asn1t test/buildtest_c_async test/buildtest_c_bio test/buildtest_c_blowfish test/buildtest_c_bn test/buildtest_c_buffer test/buildtest_c_camellia test/buildtest_c_cast test/buildtest_c_cmac test/buildtest_c_cmp test/buildtest_c_cmp_util test/buildtest_c_cms test/buildtest_c_comp test/buildtest_c_conf test/buildtest_c_conf_api test/buildtest_c_core test/buildtest_c_core_dispatch test/buildtest_c_core_names test/buildtest_c_core_object test/buildtest_c_crmf test/buildtest_c_crypto test/buildtest_c_ct test/buildtest_c_decoder test/buildtest_c_des test/buildtest_c_dh test/buildtest_c_dsa test/buildtest_c_e_os2 test/buildtest_c_ebcdic test/buildtest_c_ec test/buildtest_c_ecdh test/buildtest_c_ecdsa test/buildtest_c_encoder test/buildtest_c_engine test/buildtest_c_ess test/buildtest_c_evp test/buildtest_c_fips_names test/buildtest_c_hmac test/buildtest_c_http test/buildtest_c_idea test/buildtest_c_kdf test/buildtest_c_lhash test/buildtest_c_macros test/buildtest_c_md4 test/buildtest_c_md5 test/buildtest_c_mdc2 test/buildtest_c_modes test/buildtest_c_obj_mac test/buildtest_c_objects test/buildtest_c_ocsp test/buildtest_c_ossl_typ test/buildtest_c_param_build test/buildtest_c_params test/buildtest_c_pem test/buildtest_c_pem2 test/buildtest_c_pkcs12 test/buildtest_c_pkcs7 test/buildtest_c_provider test/buildtest_c_rand test/buildtest_c_rc2 test/buildtest_c_rc4 test/buildtest_c_ripemd test/buildtest_c_rsa test/buildtest_c_safestack test/buildtest_c_seed test/buildtest_c_self_test test/buildtest_c_sha test/buildtest_c_srp test/buildtest_c_srtp test/buildtest_c_ssl test/buildtest_c_ssl2 test/buildtest_c_stack test/buildtest_c_store test/buildtest_c_symhacks test/buildtest_c_tls1 test/buildtest_c_ts test/buildtest_c_txt_db test/buildtest_c_types test/buildtest_c_ui test/buildtest_c_whrlpool test/buildtest_c_x509 test/buildtest_c_x509_vfy test/buildtest_c_x509v3 test/casttest test/chacha_internal_test test/cipher_overhead_test test/cipherbytes_test test/cipherlist_test test/ciphername_test test/clienthellotest test/cmactest test/cmp_asn_test test/cmp_client_test test/cmp_ctx_test test/cmp_hdr_test test/cmp_msg_test test/cmp_protect_test test/cmp_server_test test/cmp_status_test test/cmp_vfy_test test/cmsapitest test/conf_include_test test/confdump test/constant_time_test test/context_internal_test test/crltest test/ct_test test/ctype_internal_test test/curve448_internal_test test/d2i_test test/danetest test/defltfips_test test/destest test/dhtest test/drbgtest test/dsa_no_digest_size_test test/dsatest test/dtls_mtu_test test/dtlstest test/dtlsv1listentest test/ec_internal_test test/ecdsatest test/ecstresstest test/ectest test/endecode_test test/enginetest test/errtest test/evp_extra_test test/evp_extra_test2 test/evp_fetch_prov_test test/evp_kdf_test test/evp_libctx_test test/evp_pkey_dparams_test test/evp_pkey_provided_test test/evp_test test/exdatatest test/exptest test/fatalerrtest test/ffc_internal_test test/gmdifftest test/gosttest test/hexstr_test test/hmactest test/http_test test/ideatest test/igetest test/keymgmt_internal_test test/lhash_test test/mdc2_internal_test test/mdc2test test/memleaktest test/modes_internal_test test/namemap_internal_test test/ocspapitest test/packettest test/param_build_test test/params_api_test test/params_conversion_test test/params_test test/pbelutest test/pemtest test/pkcs12_format_test test/pkey_meth_kdf_test test/pkey_meth_test test/poly1305_internal_test test/property_test test/provider_fallback_test test/provider_internal_test test/provider_status_test test/provider_test test/rc2test test/rc4test test/rc5test test/rdrand_sanitytest test/recordlentest test/rsa_complex test/rsa_mp_test test/rsa_sp800_56b_test test/rsa_test test/sanitytest test/secmemtest test/servername_test test/shlibloadtest test/siphash_internal_test test/sm2_internal_test test/sm4_internal_test test/sparse_array_test test/srptest test/ssl_cert_table_internal_test test/ssl_ctx_test test/ssl_test test/ssl_test_ctx_test test/sslapitest test/sslbuffertest test/sslcorrupttest test/ssltest_old test/stack_test test/sysdefaulttest test/test_test test/threadstest test/time_offset_test test/tls13ccstest test/tls13encryptiontest test/tls13secretstest test/uitest test/v3ext test/v3nametest test/verify_extra_test test/versions test/wpackettest test/x509_check_cert_pkey_test test/x509_dup_cert_test test/x509_internal_test test/x509_time_test test/x509aux  engines/afalg.so engines/capi.so engines/dasync.so engines/ossltest.so engines/padlock.so providers/fips.so providers/legacy.so test/p_test.so apps/CA.pl apps/tsget.pl tools/c_rehash util/shlib_wrap.sh
rm -f doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod include/crypto/bn_conf.h include/crypto/dso_conf.h include/openssl/configuration.h include/openssl/fipskey.h include/openssl/opensslv.h test/provider_internal_test.cnf apps/CA.pl apps/progs.c apps/progs.h apps/tsget.pl crypto/aes/aes-x86_64.s crypto/aes/aesni-mb-x86_64.s crypto/aes/aesni-sha1-x86_64.s crypto/aes/aesni-sha256-x86_64.s crypto/aes/aesni-x86_64.s crypto/aes/bsaes-x86_64.s crypto/aes/vpaes-x86_64.s crypto/bn/rsaz-avx2.s crypto/bn/rsaz-x86_64.s crypto/bn/x86_64-gf2m.s crypto/bn/x86_64-mont.s crypto/bn/x86_64-mont5.s crypto/buildinf.h crypto/camellia/cmll-x86_64.s crypto/chacha/chacha-x86_64.s crypto/ec/ecp_nistz256-x86_64.s crypto/ec/x25519-x86_64.s crypto/md5/md5-x86_64.s crypto/modes/aesni-gcm-x86_64.s crypto/modes/ghash-x86_64.s crypto/poly1305/poly1305-x86_64.s crypto/rc4/rc4-md5-x86_64.s crypto/rc4/rc4-x86_64.s crypto/sha/keccak1600-x86_64.s crypto/sha/sha1-mb-x86_64.s crypto/sha/sha1-x86_64.s crypto/sha/sha256-mb-x86_64.s crypto/sha/sha256-x86_64.s crypto/sha/sha512-x86_64.s crypto/whrlpool/wp-x86_64.s crypto/x86_64cpuid.s doc/man1/openssl-asn1parse.pod doc/man1/openssl-ca.pod doc/man1/openssl-ciphers.pod doc/man1/openssl-cmds.pod doc/man1/openssl-cmp.pod doc/man1/openssl-cms.pod doc/man1/openssl-crl.pod doc/man1/openssl-crl2pkcs7.pod doc/man1/openssl-dgst.pod doc/man1/openssl-dhparam.pod doc/man1/openssl-dsa.pod doc/man1/openssl-dsaparam.pod doc/man1/openssl-ec.pod doc/man1/openssl-ecparam.pod doc/man1/openssl-enc.pod doc/man1/openssl-engine.pod doc/man1/openssl-errstr.pod doc/man1/openssl-fipsinstall.pod doc/man1/openssl-gendsa.pod doc/man1/openssl-genpkey.pod doc/man1/openssl-genrsa.pod doc/man1/openssl-info.pod doc/man1/openssl-kdf.pod doc/man1/openssl-list.pod doc/man1/openssl-mac.pod doc/man1/openssl-nseq.pod doc/man1/openssl-ocsp.pod doc/man1/openssl-passwd.pod doc/man1/openssl-pkcs12.pod doc/man1/openssl-pkcs7.pod doc/man1/openssl-pkcs8.pod doc/man1/openssl-pkey.pod doc/man1/openssl-pkeyparam.pod doc/man1/openssl-pkeyutl.pod doc/man1/openssl-prime.pod doc/man1/openssl-provider.pod doc/man1/openssl-rand.pod doc/man1/openssl-rehash.pod doc/man1/openssl-req.pod doc/man1/openssl-rsa.pod doc/man1/openssl-rsautl.pod doc/man1/openssl-s_client.pod doc/man1/openssl-s_server.pod doc/man1/openssl-s_time.pod doc/man1/openssl-sess_id.pod doc/man1/openssl-smime.pod doc/man1/openssl-speed.pod doc/man1/openssl-spkac.pod doc/man1/openssl-srp.pod doc/man1/openssl-storeutl.pod doc/man1/openssl-ts.pod doc/man1/openssl-verify.pod doc/man1/openssl-version.pod doc/man1/openssl-x509.pod doc/man7/openssl_user_macros.pod engines/afalg.ld engines/capi.ld engines/dasync.ld engines/e_padlock-x86_64.s engines/ossltest.ld engines/padlock.ld libcrypto.ld libssl.ld providers/common/der/der_digests_gen.c providers/common/der/der_dsa_gen.c providers/common/der/der_ec_gen.c providers/common/der/der_rsa_gen.c providers/common/der/der_wrap_gen.c providers/common/include/prov/der_digests.h providers/common/include/prov/der_dsa.h providers/common/include/prov/der_ec.h providers/common/include/prov/der_rsa.h providers/common/include/prov/der_wrap.h providers/fips.ld providers/legacy.ld test/buildtest_aes.c test/buildtest_asn1.c test/buildtest_asn1t.c test/buildtest_async.c test/buildtest_bio.c test/buildtest_blowfish.c test/buildtest_bn.c test/buildtest_buffer.c test/buildtest_camellia.c test/buildtest_cast.c test/buildtest_cmac.c test/buildtest_cmp.c test/buildtest_cmp_util.c test/buildtest_cms.c test/buildtest_comp.c test/buildtest_conf.c test/buildtest_conf_api.c test/buildtest_core.c test/buildtest_core_dispatch.c test/buildtest_core_names.c test/buildtest_core_object.c test/buildtest_crmf.c test/buildtest_crypto.c test/buildtest_ct.c test/buildtest_decoder.c test/buildtest_des.c test/buildtest_dh.c test/buildtest_dsa.c test/buildtest_e_os2.c test/buildtest_ebcdic.c test/buildtest_ec.c test/buildtest_ecdh.c test/buildtest_ecdsa.c test/buildtest_encoder.c test/buildtest_engine.c test/buildtest_ess.c test/buildtest_evp.c test/buildtest_fips_names.c test/buildtest_hmac.c test/buildtest_http.c test/buildtest_idea.c test/buildtest_kdf.c test/buildtest_lhash.c test/buildtest_macros.c test/buildtest_md4.c test/buildtest_md5.c test/buildtest_mdc2.c test/buildtest_modes.c test/buildtest_obj_mac.c test/buildtest_objects.c test/buildtest_ocsp.c test/buildtest_ossl_typ.c test/buildtest_param_build.c test/buildtest_params.c test/buildtest_pem.c test/buildtest_pem2.c test/buildtest_pkcs12.c test/buildtest_pkcs7.c test/buildtest_provider.c test/buildtest_rand.c test/buildtest_rc2.c test/buildtest_rc4.c test/buildtest_ripemd.c test/buildtest_rsa.c test/buildtest_safestack.c test/buildtest_seed.c test/buildtest_self_test.c test/buildtest_sha.c test/buildtest_srp.c test/buildtest_srtp.c test/buildtest_ssl.c test/buildtest_ssl2.c test/buildtest_stack.c test/buildtest_store.c test/buildtest_symhacks.c test/buildtest_tls1.c test/buildtest_ts.c test/buildtest_txt_db.c test/buildtest_types.c test/buildtest_ui.c test/buildtest_whrlpool.c test/buildtest_x509.c test/buildtest_x509_vfy.c test/buildtest_x509v3.c test/p_test.ld tools/c_rehash util/shlib_wrap.sh
rm -f `find . -name '*.d' \! -name '.*' \! -type d -print`
rm -f `find . -name '*.o' \! -name '.*' \! -type d -print`
rm -f core
rm -f tags TAGS doc-nits cmd-nits md-nits
rm -f -r test/test-runs
rm -f openssl.pc libcrypto.pc libssl.pc
rm -f `find . -type l \! -name '.*' -print`
rm -f ../openssl-3.0.0-alpha7-dev.tar
$ make depend
$ LDCMD= make -j4
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-asn1parse.pod.in > doc/man1/openssl-asn1parse.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ca.pod.in > doc/man1/openssl-ca.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ciphers.pod.in > doc/man1/openssl-ciphers.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmds.pod.in > doc/man1/openssl-cmds.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cmp.pod.in > doc/man1/openssl-cmp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-cms.pod.in > doc/man1/openssl-cms.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl.pod.in > doc/man1/openssl-crl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-provider.pod.in > doc/man1/openssl-provider.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf
make depend && make _build_sw
make[1]: Entering directory '/home/openssl/run-checker/no-sock'
make[1]: Leaving directory '/home/openssl/run-checker/no-sock'
make[1]: Entering directory '/home/openssl/run-checker/no-sock'
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c
../openssl/apps/lib/http_server.c:27:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations]
int multi = 0; /* run multiple responder processes */
    ^
1 error generated.
Makefile:4185: recipe for target 'apps/lib/libapps-lib-http_server.o' failed
make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-sock'
Makefile:3154: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From builds at travis-ci.com  Fri Aug 28 11:55:55 2020
From: builds at travis-ci.com (Travis CI)
Date: Fri, 28 Aug 2020 11:55:55 +0000
Subject: Still Failing: openssl/openssl#36999 (master - b6ef3c7)
In-Reply-To: <openssl/openssl+181766947+still failing@travis-ci.com>
Message-ID: <5f48f0cbaa57_13fab8cb7f7d8453282@travis-pro-tasks-85c686fd65-lkjsz.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #36999
Status: Still Failing

Duration: 1 hr, 36 mins, and 13 secs
Commit: b6ef3c7 (master)
Author: T.Yanagisawa
Message: Correct description of BN_mask_bits

CLA: trivial

Correct right shift to left shift.
Pseudo code `a&=~((~0)>>n)` means "get higher n-bits of a", but actually crypto lib gives lower n-bits.

Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12727)

View the changeset: https://github.com/openssl/openssl/compare/33855c0af604...b6ef3c7089e8

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/181766947?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200828/711748be/attachment.html>

From openssl at openssl.org  Fri Aug 28 15:25:32 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 28 Aug 2020 15:25:32 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT
 -fno-sanitize=alignment
Message-ID: <1598628332.942995.9367.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment

Commit log since last time:

a149f75024 Replace hierogliphs with stub to pass tests
26930bd3c2 Documentation for internal PUNYCODE-related functions
8a302080c3 EAI test script and data
a0188e284e RFC 8398: documentation
0bf093be31 Add NID_id_on_SmtpUTF8Mailbox to table of X.509 attributes
90c9319d47 RFC 8398: EAI comparison
69d9245996 RFC 8398: Name constraints validation
4650f2b590 Punycode decoding implementation
eb800ef553 crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc()
9afa0748cf TEST: Fix CMP tests so they load keys in the current library context
39d9be390a Add CLI tests in FIPS configuration
a8b7ea8268 STORE: Change all error recording to use ERR_raise() / ERR_raise_data()
34b80d0622 STORE: Modify to support loading with provider based loaders
4fd3978211 DECODER: Add function to set an OSSL_PASSPHRASE_CALLBACK type callback
ab00ddb559 OSSL_PARAM: Add string pointer getters
c4fc564d48 STORE: Add the base functions to support provider based loaders
8704b6bf32 STORE for providers: define libcrypto <-> provider interface
faa64bca9f STORE: Add missing function OSSL_STORE_LOADER_set_open_with_libctx()
a517edec03 CORE: Generalise internal pass phrase prompter
14c8a3d118 CORE: Define provider-native abstract objects
bc8c3e1cd8 Fix coverity CID #1452770 - Dereference before NULL check in CRYPTO_siv128_init()
4bec3f6d51 Fix coverity CID #1452773 - Dereference before NULL check in EVP_DigestFinal_ex()
1f9ad4f953 Fix coverity CID #1452775 & #1452772- Dereference before NULL check in evp_lib.c
825ccf5155 Fix coverity CID #1454638 - Dereference after NULL check in EVP_MD_CTX_gettable_params()
10ead93897 Fix coverity CID #1455335 - Dereference after NULL check in fromdata_init()
db1319b706 Fix coverity CID #1458641 - Dereference before NULL check when setting ctx->flag_allow_md in rsa.c
fa519461c9 Fix coverity CID #1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info()
51bba73e93 Fix coverity CID #1458645 - Dereference before NULL check in rsa_digest_verify_final()
fdf6118b15 Fix coverity CID #1458647 - Use after free in clean_tbuf() which uses ctx->rsa
26c5ea8f61 Fix coverity CID #1458648 - Wrong sizeof() arg in rsa_freectx()
75348bb298 Fix coverity CID #1465525 - NULL pointer dereference in OSSL_DECODER_CTX_new_by_EVP_PKEY()
e499a64bef Fix coverity CID #1465531 - Negative return passed to a function param using size_t in asn1_item_digest_with_libctx()
ab7f4a3d2b Fix coverity CID #1465790 - Dereference after NULL check in evp_test.c
61d61c5fd2 Fix coverity CID #1465794 - Uninitialized pointer read in x942_encode_otherinfo()
f2bfc53b02 Fix coverity CID #1465795 - Incorrect free deallocator used in SSL_add1_host()
90e0e0d802 Fix coverity CID #1465797 - Negative loop bound in collect_deserializer
3c1ccfea85 Fix coverity CID #1465594 - Null dereference in EVP_PKEY_get0()

Build log ended with (last 100 lines):

            # Server sent alert unexpected_message but client received no alert.
            # 40E7FA57F97F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:318:
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1
    not ok 6 - running ssl_test 25-cipher.cnf
# ------------------------------------------------------------------------------
    # Looks like you failed 2 tests of 9.
not ok 26 - Test configuration 25-cipher.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok

        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #2, ECDHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 402736B0EC7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #3, DHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 402736B0EC7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 4 - iteration 4
# ------------------------------------------------------------------------------
    not ok 1 - test_ssl_corrupt
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1
not ok 1 - running sslcorrupttest
# ------------------------------------------------------------------------------
#   Failed test 'running sslcorrupttest'
#   at ../openssl/test/recipes/80-test_sslcorrupt.t line 19.
# Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests 
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls_mtu.t               (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  26
  Non-zero exit status: 1
80-test_sslcorrupt.t             (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=211, Tests=3351, 1794 wallclock secs (14.64 usr  1.31 sys + 1699.54 cusr 90.38 csys = 1805.87 CPU)
Result: FAIL
Makefile:3188: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-ubsan'
Makefile:3186: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Fri Aug 28 15:50:43 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 28 Aug 2020 15:50:43 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-ui
Message-ID: <1598629843.827141.27561.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ui

Commit log since last time:

a149f75024 Replace hierogliphs with stub to pass tests
26930bd3c2 Documentation for internal PUNYCODE-related functions
8a302080c3 EAI test script and data
a0188e284e RFC 8398: documentation
0bf093be31 Add NID_id_on_SmtpUTF8Mailbox to table of X.509 attributes
90c9319d47 RFC 8398: EAI comparison
69d9245996 RFC 8398: Name constraints validation
4650f2b590 Punycode decoding implementation
eb800ef553 crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc()
9afa0748cf TEST: Fix CMP tests so they load keys in the current library context
39d9be390a Add CLI tests in FIPS configuration
a8b7ea8268 STORE: Change all error recording to use ERR_raise() / ERR_raise_data()
34b80d0622 STORE: Modify to support loading with provider based loaders
4fd3978211 DECODER: Add function to set an OSSL_PASSPHRASE_CALLBACK type callback
ab00ddb559 OSSL_PARAM: Add string pointer getters
c4fc564d48 STORE: Add the base functions to support provider based loaders
8704b6bf32 STORE for providers: define libcrypto <-> provider interface
faa64bca9f STORE: Add missing function OSSL_STORE_LOADER_set_open_with_libctx()
a517edec03 CORE: Generalise internal pass phrase prompter
14c8a3d118 CORE: Define provider-native abstract objects
bc8c3e1cd8 Fix coverity CID #1452770 - Dereference before NULL check in CRYPTO_siv128_init()
4bec3f6d51 Fix coverity CID #1452773 - Dereference before NULL check in EVP_DigestFinal_ex()
1f9ad4f953 Fix coverity CID #1452775 & #1452772- Dereference before NULL check in evp_lib.c
825ccf5155 Fix coverity CID #1454638 - Dereference after NULL check in EVP_MD_CTX_gettable_params()
10ead93897 Fix coverity CID #1455335 - Dereference after NULL check in fromdata_init()
db1319b706 Fix coverity CID #1458641 - Dereference before NULL check when setting ctx->flag_allow_md in rsa.c
fa519461c9 Fix coverity CID #1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info()
51bba73e93 Fix coverity CID #1458645 - Dereference before NULL check in rsa_digest_verify_final()
fdf6118b15 Fix coverity CID #1458647 - Use after free in clean_tbuf() which uses ctx->rsa
26c5ea8f61 Fix coverity CID #1458648 - Wrong sizeof() arg in rsa_freectx()
75348bb298 Fix coverity CID #1465525 - NULL pointer dereference in OSSL_DECODER_CTX_new_by_EVP_PKEY()
e499a64bef Fix coverity CID #1465531 - Negative return passed to a function param using size_t in asn1_item_digest_with_libctx()
ab7f4a3d2b Fix coverity CID #1465790 - Dereference after NULL check in evp_test.c
61d61c5fd2 Fix coverity CID #1465794 - Uninitialized pointer read in x942_encode_otherinfo()
f2bfc53b02 Fix coverity CID #1465795 - Incorrect free deallocator used in SSL_add1_host()
90e0e0d802 Fix coverity CID #1465797 - Negative loop bound in collect_deserializer
3c1ccfea85 Fix coverity CID #1465594 - Null dereference in EVP_PKEY_get0()

Build log ended with (last 100 lines):

    #   Failed test 'p10cr csr empty file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -csr wrong.csr.pem => 139
    not ok 78 - p10cr wrong csr
# ------------------------------------------------------------------------------
    #   Failed test 'p10cr wrong csr'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -revreason 5 => 139
    not ok 79 - ir + ignored revocation
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 139
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 139
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 139
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' => 139
    not ok 86 - kur newkey is directory
# ------------------------------------------------------------------------------
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139
    not ok 89 - kur oldcert is directory
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert is directory'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139
    not ok 90 - kur oldcert not existing
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert not existing'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139
    not ok 91 - kur empty oldcert file
# ------------------------------------------------------------------------------
    #   Failed test 'kur empty oldcert file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139
    not ok 92 - kur command without cert and oldcert
# ------------------------------------------------------------------------------
    #   Failed test 'kur command without cert and oldcert'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 65 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-ui/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=211, Tests=3351, 928 wallclock secs (13.26 usr  1.31 sys + 822.36 cusr 63.88 csys = 900.81 CPU)
Result: FAIL
Makefile:3179: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-ui'
Makefile:3177: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Fri Aug 28 18:41:58 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 28 Aug 2020 18:41:58 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls
Message-ID: <1598640118.191600.27009.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls

Commit log since last time:

a149f75024 Replace hierogliphs with stub to pass tests
26930bd3c2 Documentation for internal PUNYCODE-related functions
8a302080c3 EAI test script and data
a0188e284e RFC 8398: documentation
0bf093be31 Add NID_id_on_SmtpUTF8Mailbox to table of X.509 attributes
90c9319d47 RFC 8398: EAI comparison
69d9245996 RFC 8398: Name constraints validation
4650f2b590 Punycode decoding implementation
eb800ef553 crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc()
9afa0748cf TEST: Fix CMP tests so they load keys in the current library context
39d9be390a Add CLI tests in FIPS configuration
a8b7ea8268 STORE: Change all error recording to use ERR_raise() / ERR_raise_data()
34b80d0622 STORE: Modify to support loading with provider based loaders
4fd3978211 DECODER: Add function to set an OSSL_PASSPHRASE_CALLBACK type callback
ab00ddb559 OSSL_PARAM: Add string pointer getters
c4fc564d48 STORE: Add the base functions to support provider based loaders
8704b6bf32 STORE for providers: define libcrypto <-> provider interface
faa64bca9f STORE: Add missing function OSSL_STORE_LOADER_set_open_with_libctx()
a517edec03 CORE: Generalise internal pass phrase prompter
14c8a3d118 CORE: Define provider-native abstract objects
bc8c3e1cd8 Fix coverity CID #1452770 - Dereference before NULL check in CRYPTO_siv128_init()
4bec3f6d51 Fix coverity CID #1452773 - Dereference before NULL check in EVP_DigestFinal_ex()
1f9ad4f953 Fix coverity CID #1452775 & #1452772- Dereference before NULL check in evp_lib.c
825ccf5155 Fix coverity CID #1454638 - Dereference after NULL check in EVP_MD_CTX_gettable_params()
10ead93897 Fix coverity CID #1455335 - Dereference after NULL check in fromdata_init()
db1319b706 Fix coverity CID #1458641 - Dereference before NULL check when setting ctx->flag_allow_md in rsa.c
fa519461c9 Fix coverity CID #1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info()
51bba73e93 Fix coverity CID #1458645 - Dereference before NULL check in rsa_digest_verify_final()
fdf6118b15 Fix coverity CID #1458647 - Use after free in clean_tbuf() which uses ctx->rsa
26c5ea8f61 Fix coverity CID #1458648 - Wrong sizeof() arg in rsa_freectx()
75348bb298 Fix coverity CID #1465525 - NULL pointer dereference in OSSL_DECODER_CTX_new_by_EVP_PKEY()
e499a64bef Fix coverity CID #1465531 - Negative return passed to a function param using size_t in asn1_item_digest_with_libctx()
ab7f4a3d2b Fix coverity CID #1465790 - Dereference after NULL check in evp_test.c
61d61c5fd2 Fix coverity CID #1465794 - Uninitialized pointer read in x942_encode_otherinfo()
f2bfc53b02 Fix coverity CID #1465795 - Incorrect free deallocator used in SSL_add1_host()
90e0e0d802 Fix coverity CID #1465797 - Negative loop bound in collect_deserializer
3c1ccfea85 Fix coverity CID #1465594 - Null dereference in EVP_PKEY_get0()

Build log ended with (last 100 lines):


# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build
80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok

            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 7 - iteration 7
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 8 - iteration 8
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 10 - iteration 10
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 11 - iteration 11
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 12 - iteration 12
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips.cnf => 1
    not ok 9 - running ssl_test 04-client_auth.cnf
# ------------------------------------------------------------------------------
    #   Failed test 'running ssl_test 04-client_auth.cnf'
    #   at ../openssl/test/recipes/80-test_ssl_new.t line 173.
    # Looks like you failed 1 test of 9.
not ok 5 - Test configuration 04-client_auth.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  5
  Non-zero exit status: 1
Files=211, Tests=3348, 871 wallclock secs (13.14 usr  1.32 sys + 806.09 cusr 64.53 csys = 885.08 CPU)
Result: FAIL
Makefile:3196: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls'
Makefile:3194: recipe for target 'tests' failed
make: *** [tests] Error 2

From levitte at openssl.org  Fri Aug 28 18:49:12 2020
From: levitte at openssl.org (Richard Levitte)
Date: Fri, 28 Aug 2020 18:49:12 +0000
Subject: [openssl]  master update
Message-ID: <1598640552.111007.17248.nullmailer@dev.openssl.org>

The branch master has been updated
       via  bddfea0271d0596961a43283b36ff49923329a92 (commit)
       via  87d91d223b869855c11f51b54541ba8139d30d8e (commit)
      from  b6ef3c7089e887427cde8c550e28211dc0c22dd1 (commit)


- Log -----------------------------------------------------------------
commit bddfea0271d0596961a43283b36ff49923329a92
Author: Richard Levitte <levitte at openssl.org>
Date:   Thu Aug 27 16:05:53 2020 +0200

    TEST: Adapt some tests for a stricter PEM_write_bio_PrivateKey_traditional()
    
    - test/endecode_test.c
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12728)

commit 87d91d223b869855c11f51b54541ba8139d30d8e
Author: Richard Levitte <levitte at openssl.org>
Date:   Thu Aug 27 07:18:55 2020 +0200

    Fix PEM_write_bio_PrivateKey_traditional() to not output PKCS#8
    
    PEM_write_bio_PrivateKey_traditional() uses i2d_PrivateKey() to do the
    actual encoding to DER.  However, i2d_PrivateKey() is a generic
    function that will do what it can to produce output according to what
    the associated EVP_PKEY_ASN1_METHOD offers.  If that method offers a
    function 'old_priv_encode', which is expected to produce the
    "traditional" encoded form, then i2d_PrivateKey() uses that.  If not,
    i2d_PrivateKey() will go on and used more modern methods, which are
    all expected to produce PKCS#8.
    
    To ensure that PEM_write_bio_PrivateKey_traditional() never produces
    more modern encoded forms, an extra check that 'old_priv_encode' is
    non-NULL is added.  If it is NULL, an error is returned.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12728)

-----------------------------------------------------------------------

Summary of changes:
 crypto/err/openssl.txt   |  1 +
 crypto/pem/pem_err.c     |  4 ++-
 crypto/pem/pem_pkey.c    |  5 ++++
 include/openssl/pemerr.h |  1 +
 test/endecode_test.c     | 66 +++++++++++++++++++++++++++++++++++++++---------
 5 files changed, 64 insertions(+), 13 deletions(-)

diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index b530098d2f..43114dc545 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2768,6 +2768,7 @@ PEM_R_UNEXPECTED_DEK_IV:130:unexpected dek iv
 PEM_R_UNSUPPORTED_CIPHER:113:unsupported cipher
 PEM_R_UNSUPPORTED_ENCRYPTION:114:unsupported encryption
 PEM_R_UNSUPPORTED_KEY_COMPONENTS:126:unsupported key components
+PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE:110:unsupported public key type
 PKCS12_R_CANT_PACK_STRUCTURE:100:cant pack structure
 PKCS12_R_CONTENT_TYPE_NOT_DATA:121:content type not data
 PKCS12_R_DECODE_ERROR:101:decode error
diff --git a/crypto/pem/pem_err.c b/crypto/pem/pem_err.c
index 014aade185..132b15cb37 100644
--- a/crypto/pem/pem_err.c
+++ b/crypto/pem/pem_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -52,6 +52,8 @@ static const ERR_STRING_DATA PEM_str_reasons[] = {
     "unsupported encryption"},
     {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_UNSUPPORTED_KEY_COMPONENTS),
     "unsupported key components"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE),
+    "unsupported public key type"},
     {0, NULL}
 };
 
diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c
index e355afe5f9..8aee82ea80 100644
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c
@@ -166,6 +166,11 @@ int PEM_write_bio_PrivateKey_traditional(BIO *bp, const EVP_PKEY *x,
                                          pem_password_cb *cb, void *u)
 {
     char pem_str[80];
+
+    if (x->ameth == NULL || x->ameth->old_priv_encode == NULL) {
+        ERR_raise(ERR_LIB_PEM, PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+        return 0;
+    }
     BIO_snprintf(pem_str, 80, "%s PRIVATE KEY", x->ameth->pem_str);
     return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey,
                               pem_str, bp, x, enc, kstr, klen, cb, u);
diff --git a/include/openssl/pemerr.h b/include/openssl/pemerr.h
index e3450e5eed..a8ad9f2c87 100644
--- a/include/openssl/pemerr.h
+++ b/include/openssl/pemerr.h
@@ -102,5 +102,6 @@ int ERR_load_PEM_strings(void);
 # define PEM_R_UNSUPPORTED_CIPHER                         113
 # define PEM_R_UNSUPPORTED_ENCRYPTION                     114
 # define PEM_R_UNSUPPORTED_KEY_COMPONENTS                 126
+# define PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE                110
 
 #endif
diff --git a/test/endecode_test.c b/test/endecode_test.c
index 0a2f5d0b40..5b1e06946f 100644
--- a/test/endecode_test.c
+++ b/test/endecode_test.c
@@ -684,11 +684,6 @@ static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key)
     {                                                                   \
         return test_unprotected_via_PEM(KEYTYPEstr, key_##KEYTYPE);     \
     }                                                                   \
-    static int test_unprotected_##KEYTYPE##_via_legacy_PEM(void)        \
-    {                                                                   \
-        return test_unprotected_via_legacy_PEM(KEYTYPEstr,              \
-                                               legacy_key_##KEYTYPE);   \
-    }                                                                   \
     static int test_protected_##KEYTYPE##_via_DER(void)                 \
     {                                                                   \
         return test_protected_via_DER(KEYTYPEstr, key_##KEYTYPE);       \
@@ -697,11 +692,6 @@ static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key)
     {                                                                   \
         return test_protected_via_PEM(KEYTYPEstr, key_##KEYTYPE);       \
     }                                                                   \
-    static int test_protected_##KEYTYPE##_via_legacy_PEM(void)          \
-    {                                                                   \
-        return test_protected_via_legacy_PEM(KEYTYPEstr,                \
-                                             legacy_key_##KEYTYPE);     \
-    }                                                                   \
     static int test_public_##KEYTYPE##_via_DER(void)                    \
     {                                                                   \
         return test_public_via_DER(KEYTYPEstr, key_##KEYTYPE);          \
@@ -714,13 +704,27 @@ static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key)
 #define ADD_TEST_SUITE(KEYTYPE)                                 \
     ADD_TEST(test_unprotected_##KEYTYPE##_via_DER);             \
     ADD_TEST(test_unprotected_##KEYTYPE##_via_PEM);             \
-    ADD_TEST(test_unprotected_##KEYTYPE##_via_legacy_PEM);      \
     ADD_TEST(test_protected_##KEYTYPE##_via_DER);               \
     ADD_TEST(test_protected_##KEYTYPE##_via_PEM);               \
-    ADD_TEST(test_protected_##KEYTYPE##_via_legacy_PEM);        \
     ADD_TEST(test_public_##KEYTYPE##_via_DER);                  \
     ADD_TEST(test_public_##KEYTYPE##_via_PEM)
 
+#define IMPLEMENT_TEST_SUITE_LEGACY(KEYTYPE, KEYTYPEstr)                \
+    static int test_unprotected_##KEYTYPE##_via_legacy_PEM(void)        \
+    {                                                                   \
+        return test_unprotected_via_legacy_PEM(KEYTYPEstr,              \
+                                               legacy_key_##KEYTYPE);   \
+    }                                                                   \
+    static int test_protected_##KEYTYPE##_via_legacy_PEM(void)          \
+    {                                                                   \
+        return test_protected_via_legacy_PEM(KEYTYPEstr,                \
+                                             legacy_key_##KEYTYPE);     \
+    }
+
+#define ADD_TEST_SUITE_LEGACY(KEYTYPE)                                 \
+    ADD_TEST(test_unprotected_##KEYTYPE##_via_legacy_PEM);      \
+    ADD_TEST(test_protected_##KEYTYPE##_via_legacy_PEM)
+
 #ifndef OPENSSL_NO_DSA
 # define IMPLEMENT_TEST_SUITE_MSBLOB(KEYTYPE, KEYTYPEstr)               \
     static int test_unprotected_##KEYTYPE##_via_MSBLOB(void)            \
@@ -758,10 +762,15 @@ DOMAIN_KEYS(DH);
 IMPLEMENT_TEST_SUITE(DH, "DH")
 DOMAIN_KEYS(DHX);
 IMPLEMENT_TEST_SUITE(DHX, "X9.42 DH")
+/*
+ * DH has no support for PEM_write_bio_PrivateKey_traditional(),
+ * so no legacy tests.
+ */
 #endif
 #ifndef OPENSSL_NO_DSA
 DOMAIN_KEYS(DSA);
 IMPLEMENT_TEST_SUITE(DSA, "DSA")
+IMPLEMENT_TEST_SUITE_LEGACY(DSA, "DSA")
 IMPLEMENT_TEST_SUITE_MSBLOB(DSA, "DSA")
 # ifndef OPENSSL_NO_RC4
 IMPLEMENT_TEST_SUITE_PVK(DSA, "DSA")
@@ -770,15 +779,20 @@ IMPLEMENT_TEST_SUITE_PVK(DSA, "DSA")
 #ifndef OPENSSL_NO_EC
 DOMAIN_KEYS(EC);
 IMPLEMENT_TEST_SUITE(EC, "EC")
+IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC")
 DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
 IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC")
+IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve, "EC")
 DOMAIN_KEYS(ECExplicitPrime2G);
 IMPLEMENT_TEST_SUITE(ECExplicitPrime2G, "EC")
+IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrime2G, "EC")
 # ifndef OPENSSL_NO_EC2M
 DOMAIN_KEYS(ECExplicitTriNamedCurve);
 IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve, "EC")
+IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve, "EC")
 DOMAIN_KEYS(ECExplicitTri2G);
 IMPLEMENT_TEST_SUITE(ECExplicitTri2G, "EC")
+IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTri2G, "EC")
 # endif
 KEYS(ED25519);
 IMPLEMENT_TEST_SUITE(ED25519, "ED25519")
@@ -788,11 +802,20 @@ KEYS(X25519);
 IMPLEMENT_TEST_SUITE(X25519, "X25519")
 KEYS(X448);
 IMPLEMENT_TEST_SUITE(X448, "X448")
+/*
+ * ED25519, ED448, X25519 and X448 have no support for
+ * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
+ */
 #endif
 KEYS(RSA);
 IMPLEMENT_TEST_SUITE(RSA, "RSA")
+IMPLEMENT_TEST_SUITE_LEGACY(RSA, "RSA")
 KEYS(RSA_PSS);
 IMPLEMENT_TEST_SUITE(RSA_PSS, "RSA-PSS")
+/*
+ * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
+ * so no legacy tests.
+ */
 #ifndef OPENSSL_NO_DSA
 IMPLEMENT_TEST_SUITE_MSBLOB(RSA, "RSA")
 # ifndef OPENSSL_NO_RC4
@@ -1062,9 +1085,14 @@ int setup_tests(void)
 #ifndef OPENSSL_NO_DH
         ADD_TEST_SUITE(DH);
         ADD_TEST_SUITE(DHX);
+        /*
+         * DH has no support for PEM_write_bio_PrivateKey_traditional(),
+         * so no legacy tests.
+         */
 #endif
 #ifndef OPENSSL_NO_DSA
         ADD_TEST_SUITE(DSA);
+        ADD_TEST_SUITE_LEGACY(DSA);
         ADD_TEST_SUITE_MSBLOB(DSA);
 # ifndef OPENSSL_NO_RC4
         ADD_TEST_SUITE_PVK(DSA);
@@ -1072,19 +1100,33 @@ int setup_tests(void)
 #endif
 #ifndef OPENSSL_NO_EC
         ADD_TEST_SUITE(EC);
+        ADD_TEST_SUITE_LEGACY(EC);
         ADD_TEST_SUITE(ECExplicitPrimeNamedCurve);
+        ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve);
         ADD_TEST_SUITE(ECExplicitPrime2G);
+        ADD_TEST_SUITE_LEGACY(ECExplicitPrime2G);
 # ifndef OPENSSL_NO_EC2M
         ADD_TEST_SUITE(ECExplicitTriNamedCurve);
+        ADD_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve);
         ADD_TEST_SUITE(ECExplicitTri2G);
+        ADD_TEST_SUITE_LEGACY(ECExplicitTri2G);
 # endif
         ADD_TEST_SUITE(ED25519);
         ADD_TEST_SUITE(ED448);
         ADD_TEST_SUITE(X25519);
         ADD_TEST_SUITE(X448);
+        /*
+         * ED25519, ED448, X25519 and X448 have no support for
+         * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
+         */
 #endif
         ADD_TEST_SUITE(RSA);
+        ADD_TEST_SUITE_LEGACY(RSA);
         ADD_TEST_SUITE(RSA_PSS);
+        /*
+         * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
+         * so no legacy tests.
+         */
 #ifndef OPENSSL_NO_DSA
         ADD_TEST_SUITE_MSBLOB(RSA);
 # ifndef OPENSSL_NO_RC4

From levitte at openssl.org  Fri Aug 28 18:53:11 2020
From: levitte at openssl.org (Richard Levitte)
Date: Fri, 28 Aug 2020 18:53:11 +0000
Subject: [openssl]  OpenSSL_1_1_1-stable update
Message-ID: <1598640791.600250.19005.nullmailer@dev.openssl.org>

The branch OpenSSL_1_1_1-stable has been updated
       via  56456c3404b0ec27f93816d951ff7a58827481f0 (commit)
      from  28499baca599413fe775c59433159b6188d9bedb (commit)


- Log -----------------------------------------------------------------
commit 56456c3404b0ec27f93816d951ff7a58827481f0
Author: Richard Levitte <levitte at openssl.org>
Date:   Thu Aug 27 07:18:55 2020 +0200

    Fix PEM_write_bio_PrivateKey_traditional() to not output PKCS#8
    
    PEM_write_bio_PrivateKey_traditional() uses i2d_PrivateKey() to do the
    actual encoding to DER.  However, i2d_PrivateKey() is a generic
    function that will do what it can to produce output according to what
    the associated EVP_PKEY_ASN1_METHOD offers.  If that method offers a
    function 'old_priv_encode', which is expected to produce the
    "traditional" encoded form, then i2d_PrivateKey() uses that.  If not,
    i2d_PrivateKey() will go on and used more modern methods, which are
    all expected to produce PKCS#8.
    
    To ensure that PEM_write_bio_PrivateKey_traditional() never produces
    more modern encoded forms, an extra check that 'old_priv_encode' is
    non-NULL is added.  If it is NULL, an error is returned.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12729)

-----------------------------------------------------------------------

Summary of changes:
 crypto/err/openssl.txt   | 3 +++
 crypto/pem/pem_err.c     | 6 +++++-
 crypto/pem/pem_pkey.c    | 6 ++++++
 include/openssl/pemerr.h | 4 +++-
 4 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 3ca271beb5..0b5873ebbc 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -934,6 +934,8 @@ PEM_F_PEM_READ_PRIVATEKEY:124:PEM_read_PrivateKey
 PEM_F_PEM_SIGNFINAL:112:PEM_SignFinal
 PEM_F_PEM_WRITE:113:PEM_write
 PEM_F_PEM_WRITE_BIO:114:PEM_write_bio
+PEM_F_PEM_WRITE_BIO_PRIVATEKEY_TRADITIONAL:147:\
+	PEM_write_bio_PrivateKey_traditional
 PEM_F_PEM_WRITE_PRIVATEKEY:139:PEM_write_PrivateKey
 PEM_F_PEM_X509_INFO_READ:115:PEM_X509_INFO_read
 PEM_F_PEM_X509_INFO_READ_BIO:116:PEM_X509_INFO_read_bio
@@ -2400,6 +2402,7 @@ PEM_R_UNEXPECTED_DEK_IV:130:unexpected dek iv
 PEM_R_UNSUPPORTED_CIPHER:113:unsupported cipher
 PEM_R_UNSUPPORTED_ENCRYPTION:114:unsupported encryption
 PEM_R_UNSUPPORTED_KEY_COMPONENTS:126:unsupported key components
+PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE:110:unsupported public key type
 PKCS12_R_CANT_PACK_STRUCTURE:100:cant pack structure
 PKCS12_R_CONTENT_TYPE_NOT_DATA:121:content type not data
 PKCS12_R_DECODE_ERROR:101:decode error
diff --git a/crypto/pem/pem_err.c b/crypto/pem/pem_err.c
index f642030aa5..0f3cb02407 100644
--- a/crypto/pem/pem_err.c
+++ b/crypto/pem/pem_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -60,6 +60,8 @@ static const ERR_STRING_DATA PEM_str_functs[] = {
     {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_SIGNFINAL, 0), "PEM_SignFinal"},
     {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_WRITE, 0), "PEM_write"},
     {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_WRITE_BIO, 0), "PEM_write_bio"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_WRITE_BIO_PRIVATEKEY_TRADITIONAL, 0),
+     "PEM_write_bio_PrivateKey_traditional"},
     {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_WRITE_PRIVATEKEY, 0),
      "PEM_write_PrivateKey"},
     {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_X509_INFO_READ, 0), "PEM_X509_INFO_read"},
@@ -109,6 +111,8 @@ static const ERR_STRING_DATA PEM_str_reasons[] = {
     "unsupported encryption"},
     {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_UNSUPPORTED_KEY_COMPONENTS),
     "unsupported key components"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE),
+    "unsupported public key type"},
     {0, NULL}
 };
 
diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c
index e58cdf4a3e..7bd9aa097e 100644
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c
@@ -108,6 +108,12 @@ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
                                          pem_password_cb *cb, void *u)
 {
     char pem_str[80];
+
+    if (x->ameth == NULL || x->ameth->old_priv_encode == NULL) {
+        PEMerr(PEM_F_PEM_WRITE_BIO_PRIVATEKEY_TRADITIONAL,
+               PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+        return 0;
+    }
     BIO_snprintf(pem_str, 80, "%s PRIVATE KEY", x->ameth->pem_str);
     return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey,
                               pem_str, bp, x, enc, kstr, klen, cb, u);
diff --git a/include/openssl/pemerr.h b/include/openssl/pemerr.h
index 0c45918f3c..4f7e3574b3 100644
--- a/include/openssl/pemerr.h
+++ b/include/openssl/pemerr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -61,6 +61,7 @@ int ERR_load_PEM_strings(void);
 # define PEM_F_PEM_SIGNFINAL                              112
 # define PEM_F_PEM_WRITE                                  113
 # define PEM_F_PEM_WRITE_BIO                              114
+# define PEM_F_PEM_WRITE_BIO_PRIVATEKEY_TRADITIONAL       147
 # define PEM_F_PEM_WRITE_PRIVATEKEY                       139
 # define PEM_F_PEM_X509_INFO_READ                         115
 # define PEM_F_PEM_X509_INFO_READ_BIO                     116
@@ -99,5 +100,6 @@ int ERR_load_PEM_strings(void);
 # define PEM_R_UNSUPPORTED_CIPHER                         113
 # define PEM_R_UNSUPPORTED_ENCRYPTION                     114
 # define PEM_R_UNSUPPORTED_KEY_COMPONENTS                 126
+# define PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE                110
 
 #endif

From builds at travis-ci.com  Fri Aug 28 20:14:01 2020
From: builds at travis-ci.com (Travis CI)
Date: Fri, 28 Aug 2020 20:14:01 +0000
Subject: Still Failing: openssl/openssl#37012 (master - bddfea0)
In-Reply-To: <openssl/openssl+181848408+still failing@travis-ci.com>
Message-ID: <5f496588a262e_13fcba11b4c8c61357d@travis-pro-tasks-56bd79499-swr24.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #37012
Status: Still Failing

Duration: 1 hr, 23 mins, and 24 secs
Commit: bddfea0 (master)
Author: Richard Levitte
Message: TEST: Adapt some tests for a stricter PEM_write_bio_PrivateKey_traditional()

- test/endecode_test.c

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12728)

View the changeset: https://github.com/openssl/openssl/compare/b6ef3c7089e8...bddfea0271d0

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/181848408?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200828/14f79343/attachment.html>

From openssl at openssl.org  Fri Aug 28 21:29:19 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 28 Aug 2020 21:29:19 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls1_2
Message-ID: <1598650159.648392.20294.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2

Commit log since last time:

a149f75024 Replace hierogliphs with stub to pass tests
26930bd3c2 Documentation for internal PUNYCODE-related functions
8a302080c3 EAI test script and data
a0188e284e RFC 8398: documentation
0bf093be31 Add NID_id_on_SmtpUTF8Mailbox to table of X.509 attributes
90c9319d47 RFC 8398: EAI comparison
69d9245996 RFC 8398: Name constraints validation
4650f2b590 Punycode decoding implementation
eb800ef553 crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc()
9afa0748cf TEST: Fix CMP tests so they load keys in the current library context
39d9be390a Add CLI tests in FIPS configuration
a8b7ea8268 STORE: Change all error recording to use ERR_raise() / ERR_raise_data()
34b80d0622 STORE: Modify to support loading with provider based loaders
4fd3978211 DECODER: Add function to set an OSSL_PASSPHRASE_CALLBACK type callback
ab00ddb559 OSSL_PARAM: Add string pointer getters
c4fc564d48 STORE: Add the base functions to support provider based loaders
8704b6bf32 STORE for providers: define libcrypto <-> provider interface
faa64bca9f STORE: Add missing function OSSL_STORE_LOADER_set_open_with_libctx()
a517edec03 CORE: Generalise internal pass phrase prompter
14c8a3d118 CORE: Define provider-native abstract objects
bc8c3e1cd8 Fix coverity CID #1452770 - Dereference before NULL check in CRYPTO_siv128_init()
4bec3f6d51 Fix coverity CID #1452773 - Dereference before NULL check in EVP_DigestFinal_ex()
1f9ad4f953 Fix coverity CID #1452775 & #1452772- Dereference before NULL check in evp_lib.c
825ccf5155 Fix coverity CID #1454638 - Dereference after NULL check in EVP_MD_CTX_gettable_params()
10ead93897 Fix coverity CID #1455335 - Dereference after NULL check in fromdata_init()
db1319b706 Fix coverity CID #1458641 - Dereference before NULL check when setting ctx->flag_allow_md in rsa.c
fa519461c9 Fix coverity CID #1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info()
51bba73e93 Fix coverity CID #1458645 - Dereference before NULL check in rsa_digest_verify_final()
fdf6118b15 Fix coverity CID #1458647 - Use after free in clean_tbuf() which uses ctx->rsa
26c5ea8f61 Fix coverity CID #1458648 - Wrong sizeof() arg in rsa_freectx()
75348bb298 Fix coverity CID #1465525 - NULL pointer dereference in OSSL_DECODER_CTX_new_by_EVP_PKEY()
e499a64bef Fix coverity CID #1465531 - Negative return passed to a function param using size_t in asn1_item_digest_with_libctx()
ab7f4a3d2b Fix coverity CID #1465790 - Dereference after NULL check in evp_test.c
61d61c5fd2 Fix coverity CID #1465794 - Uninitialized pointer read in x942_encode_otherinfo()
f2bfc53b02 Fix coverity CID #1465795 - Incorrect free deallocator used in SSL_add1_host()
90e0e0d802 Fix coverity CID #1465797 - Negative loop bound in collect_deserializer
3c1ccfea85 Fix coverity CID #1465594 - Null dereference in EVP_PKEY_get0()

Build log ended with (last 100 lines):

    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C05043E88B7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C05043E88B7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C05043E88B7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6760
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/sfe3imR7ji default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C010BFF7F77F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C010BFF7F77F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:846
    # false
    not ok 3 - test_large_message_dtls
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C010BFF7F77F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C010BFF7F77F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C010BFF7F77F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C010BFF7F77F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6760
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/sfe3imR7ji fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls.t                   (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 1024 Tests: 31 Failed: 4)
  Failed tests:  5, 8, 17, 19
  Non-zero exit status: 4
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=211, Tests=3350, 889 wallclock secs (13.38 usr  1.30 sys + 822.29 cusr 65.26 csys = 902.23 CPU)
Result: FAIL
Makefile:3189: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2'
Makefile:3187: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Fri Aug 28 23:56:06 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 28 Aug 2020 23:56:06 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dtls1_2-method
Message-ID: <1598658966.760954.30557.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method

Commit log since last time:

a149f75024 Replace hierogliphs with stub to pass tests
26930bd3c2 Documentation for internal PUNYCODE-related functions
8a302080c3 EAI test script and data
a0188e284e RFC 8398: documentation
0bf093be31 Add NID_id_on_SmtpUTF8Mailbox to table of X.509 attributes
90c9319d47 RFC 8398: EAI comparison
69d9245996 RFC 8398: Name constraints validation
4650f2b590 Punycode decoding implementation
eb800ef553 crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc()
9afa0748cf TEST: Fix CMP tests so they load keys in the current library context
39d9be390a Add CLI tests in FIPS configuration
a8b7ea8268 STORE: Change all error recording to use ERR_raise() / ERR_raise_data()
34b80d0622 STORE: Modify to support loading with provider based loaders
4fd3978211 DECODER: Add function to set an OSSL_PASSPHRASE_CALLBACK type callback
ab00ddb559 OSSL_PARAM: Add string pointer getters
c4fc564d48 STORE: Add the base functions to support provider based loaders
8704b6bf32 STORE for providers: define libcrypto <-> provider interface
faa64bca9f STORE: Add missing function OSSL_STORE_LOADER_set_open_with_libctx()
a517edec03 CORE: Generalise internal pass phrase prompter
14c8a3d118 CORE: Define provider-native abstract objects
bc8c3e1cd8 Fix coverity CID #1452770 - Dereference before NULL check in CRYPTO_siv128_init()
4bec3f6d51 Fix coverity CID #1452773 - Dereference before NULL check in EVP_DigestFinal_ex()
1f9ad4f953 Fix coverity CID #1452775 & #1452772- Dereference before NULL check in evp_lib.c
825ccf5155 Fix coverity CID #1454638 - Dereference after NULL check in EVP_MD_CTX_gettable_params()
10ead93897 Fix coverity CID #1455335 - Dereference after NULL check in fromdata_init()
db1319b706 Fix coverity CID #1458641 - Dereference before NULL check when setting ctx->flag_allow_md in rsa.c
fa519461c9 Fix coverity CID #1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info()
51bba73e93 Fix coverity CID #1458645 - Dereference before NULL check in rsa_digest_verify_final()
fdf6118b15 Fix coverity CID #1458647 - Use after free in clean_tbuf() which uses ctx->rsa
26c5ea8f61 Fix coverity CID #1458648 - Wrong sizeof() arg in rsa_freectx()
75348bb298 Fix coverity CID #1465525 - NULL pointer dereference in OSSL_DECODER_CTX_new_by_EVP_PKEY()
e499a64bef Fix coverity CID #1465531 - Negative return passed to a function param using size_t in asn1_item_digest_with_libctx()
ab7f4a3d2b Fix coverity CID #1465790 - Dereference after NULL check in evp_test.c
61d61c5fd2 Fix coverity CID #1465794 - Uninitialized pointer read in x942_encode_otherinfo()
f2bfc53b02 Fix coverity CID #1465795 - Incorrect free deallocator used in SSL_add1_host()
90e0e0d802 Fix coverity CID #1465797 - Negative loop bound in collect_deserializer
3c1ccfea85 Fix coverity CID #1465594 - Null dereference in EVP_PKEY_get0()

Build log ended with (last 100 lines):

    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C09043E9367F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C09043E9367F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C09043E9367F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6760
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/vDmW8m6FUs default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C0D021AF287F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0D021AF287F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:846
    # false
    not ok 3 - test_large_message_dtls
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/ssltestlib.c:964
    # SSL_accept() failed -1, 1
    # C0D021AF287F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
    # INFO:  @ ../openssl/test/ssltestlib.c:946
    # SSL_connect() failed -1, 1
    # C0D021AF287F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1631
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1709
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C0D021AF287F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3329:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C0D021AF287F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6760
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/vDmW8m6FUs fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls.t                   (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 1024 Tests: 31 Failed: 4)
  Failed tests:  5, 8, 17, 19
  Non-zero exit status: 4
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=211, Tests=3350, 892 wallclock secs (14.19 usr  1.42 sys + 818.44 cusr 64.76 csys = 898.81 CPU)
Result: FAIL
Makefile:3200: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method'
Makefile:3198: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Sat Aug 29 00:44:53 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Sat, 29 Aug 2020 00:44:53 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-tls1_3
Message-ID: <1598661893.060920.1069.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_3

Commit log since last time:

a149f75024 Replace hierogliphs with stub to pass tests
26930bd3c2 Documentation for internal PUNYCODE-related functions
8a302080c3 EAI test script and data
a0188e284e RFC 8398: documentation
0bf093be31 Add NID_id_on_SmtpUTF8Mailbox to table of X.509 attributes
90c9319d47 RFC 8398: EAI comparison
69d9245996 RFC 8398: Name constraints validation
4650f2b590 Punycode decoding implementation
eb800ef553 crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc()
9afa0748cf TEST: Fix CMP tests so they load keys in the current library context
39d9be390a Add CLI tests in FIPS configuration
a8b7ea8268 STORE: Change all error recording to use ERR_raise() / ERR_raise_data()
34b80d0622 STORE: Modify to support loading with provider based loaders
4fd3978211 DECODER: Add function to set an OSSL_PASSPHRASE_CALLBACK type callback
ab00ddb559 OSSL_PARAM: Add string pointer getters
c4fc564d48 STORE: Add the base functions to support provider based loaders
8704b6bf32 STORE for providers: define libcrypto <-> provider interface
faa64bca9f STORE: Add missing function OSSL_STORE_LOADER_set_open_with_libctx()
a517edec03 CORE: Generalise internal pass phrase prompter
14c8a3d118 CORE: Define provider-native abstract objects
bc8c3e1cd8 Fix coverity CID #1452770 - Dereference before NULL check in CRYPTO_siv128_init()
4bec3f6d51 Fix coverity CID #1452773 - Dereference before NULL check in EVP_DigestFinal_ex()
1f9ad4f953 Fix coverity CID #1452775 & #1452772- Dereference before NULL check in evp_lib.c
825ccf5155 Fix coverity CID #1454638 - Dereference after NULL check in EVP_MD_CTX_gettable_params()
10ead93897 Fix coverity CID #1455335 - Dereference after NULL check in fromdata_init()
db1319b706 Fix coverity CID #1458641 - Dereference before NULL check when setting ctx->flag_allow_md in rsa.c
fa519461c9 Fix coverity CID #1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info()
51bba73e93 Fix coverity CID #1458645 - Dereference before NULL check in rsa_digest_verify_final()
fdf6118b15 Fix coverity CID #1458647 - Use after free in clean_tbuf() which uses ctx->rsa
26c5ea8f61 Fix coverity CID #1458648 - Wrong sizeof() arg in rsa_freectx()
75348bb298 Fix coverity CID #1465525 - NULL pointer dereference in OSSL_DECODER_CTX_new_by_EVP_PKEY()
e499a64bef Fix coverity CID #1465531 - Negative return passed to a function param using size_t in asn1_item_digest_with_libctx()
ab7f4a3d2b Fix coverity CID #1465790 - Dereference after NULL check in evp_test.c
61d61c5fd2 Fix coverity CID #1465794 - Uninitialized pointer read in x942_encode_otherinfo()
f2bfc53b02 Fix coverity CID #1465795 - Incorrect free deallocator used in SSL_add1_host()
90e0e0d802 Fix coverity CID #1465797 - Negative loop bound in collect_deserializer
3c1ccfea85 Fix coverity CID #1465594 - Null dereference in EVP_PKEY_get0()

Build log ended with (last 100 lines):

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok

        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C000777FE77F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:414:
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C000777FE77F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8216
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C000777FE77F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:414:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C000777FE77F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8216
        # false
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
    not ok 37 - test_sigalgs_available
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/1Xp8oOrHwL default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C070CF53507F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:414:
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C070CF53507F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8216
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/ssltestlib.c:964
        # SSL_accept() failed -1, 1
        # C070CF53507F0000:error::SSL routines::internal error:../openssl/ssl/s3_enc.c:414:
        # INFO:  @ ../openssl/test/ssltestlib.c:946
        # SSL_connect() failed -1, 1
        # C070CF53507F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:8216
        # false
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
    not ok 37 - test_sigalgs_available
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/1Xp8oOrHwL fips ../../../openssl/test/fips.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build
90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=211, Tests=3272, 824 wallclock secs (12.24 usr  1.42 sys + 752.22 cusr 60.13 csys = 826.01 CPU)
Result: FAIL
Makefile:3186: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-tls1_3'
Makefile:3184: recipe for target 'tests' failed
make: *** [tests] Error 2

From pauli at openssl.org  Sat Aug 29 07:44:03 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Sat, 29 Aug 2020 07:44:03 +0000
Subject: [openssl]  master update
Message-ID: <1598687043.897285.17280.nullmailer@dev.openssl.org>

The branch master has been updated
       via  e3bf65da88f714f8721c2985f235b12a7f90d9f8 (commit)
       via  52ae0f8fc23570b6b7cc98d1cb0d6f6dd53ea98a (commit)
       via  2ef9a7ac5eb93c3f5460695c526968faf025b730 (commit)
       via  2106b0471997b6c96fd702ceb0f9a2c8af298a0a (commit)
       via  e5bc0ce2aed293f6356d1702a766f418526890e5 (commit)
       via  2cf765e5a20762df1442c80cd2afc99e8bb1b823 (commit)
       via  a540ef90f55c1e10feb709d09332dfa352d9f33e (commit)
       via  4db71d0175ed42586bcd4e6527caacbd18602adf (commit)
       via  8014b2a966e0a971797d5160c082108b5618d6b3 (commit)
       via  b27b31b62846d21a915acfd45c92ba82d3cd5666 (commit)
       via  6f0bd6ca1c675503962e4580e54ceecd078a8331 (commit)
       via  ada0670bf6c2f67016a55750b1f6b08c54f4242c (commit)
       via  5d51925a90734226f804a7b928326f8ba4bd0434 (commit)
       via  1bf625040c9a1f02782c9b4f993e1a58e6e70448 (commit)
       via  b571e662cdc06febabeac3a117726deaf812afd7 (commit)
       via  409910be16240d1693dbff5065b852998e80cd40 (commit)
       via  e538294f8f9b522279e523ebf6804ed4cb721b80 (commit)
      from  bddfea0271d0596961a43283b36ff49923329a92 (commit)


- Log -----------------------------------------------------------------
commit e3bf65da88f714f8721c2985f235b12a7f90d9f8
Author: Matt Caswell <matt at openssl.org>
Date:   Wed Aug 19 17:33:38 2020 +0100

    Include "legacy" in the name of the various MAC bridge functions
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12637)

commit 52ae0f8fc23570b6b7cc98d1cb0d6f6dd53ea98a
Author: Matt Caswell <matt at openssl.org>
Date:   Mon Aug 17 17:25:37 2020 +0100

    Add some documentation about the EVP_PKEY MAC interface
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12637)

commit 2ef9a7ac5eb93c3f5460695c526968faf025b730
Author: Matt Caswell <matt at openssl.org>
Date:   Mon Aug 17 15:14:14 2020 +0100

    Improve code reuse in the provider MAC bridge
    
    We reuse concepts such as PROV_CIPHER, and make use of some common code
    in provider_util.c
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12637)

commit 2106b0471997b6c96fd702ceb0f9a2c8af298a0a
Author: Matt Caswell <matt at openssl.org>
Date:   Fri Aug 14 17:01:00 2020 +0100

    Document the EVP_PKEY_new_CMAC_key_with_libctx() function
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12637)

commit e5bc0ce2aed293f6356d1702a766f418526890e5
Author: Matt Caswell <matt at openssl.org>
Date:   Wed Aug 12 14:41:12 2020 +0100

    Extend test_CMAC_keygen in evp_extra_test
    
    The test only setup the generation of a key. It did not complete that
    generation. We extend the test to complete the generation and to use the
    generated key. We also compare the result with a key generated in a
    different way.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12637)

commit 2cf765e5a20762df1442c80cd2afc99e8bb1b823
Author: Matt Caswell <matt at openssl.org>
Date:   Wed Aug 12 13:41:59 2020 +0100

    Delete unused PKEY MAC files
    
    Now that the all the legacy PKEY MAC bridge code has been moved to the
    providers we no longer need the old bridge and it can be removed.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12637)

commit a540ef90f55c1e10feb709d09332dfa352d9f33e
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Aug 11 16:17:00 2020 +0100

    Extend the provider MAC bridge for CMAC
    
    The previous commits added support for HMAC, SIPHASH and Poly1305 into
    the provider MAC bridge. We now extend that for CMAC too.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12637)

commit 4db71d0175ed42586bcd4e6527caacbd18602adf
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Aug 11 15:28:07 2020 +0100

    Extend the provider MAC bridge for Poly1305
    
    The previous commits added support for HMAC and SIPHASH into the provider
    MAC bridge. We now extend that for Poly1305 too.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12637)

commit 8014b2a966e0a971797d5160c082108b5618d6b3
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Aug 11 14:55:04 2020 +0100

    Don't require a default digest from signature algorithms
    
    Some signature algorithms don't need a default digest, so don't fail if
    we don't have one.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12637)

commit b27b31b62846d21a915acfd45c92ba82d3cd5666
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Aug 11 14:54:18 2020 +0100

    Extend the provider MAC bridge for SIPHASH
    
    The previous commits added support for HMAC into the provider MAC bridge.
    We now extend that for SIPHASH too.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12637)

commit 6f0bd6ca1c675503962e4580e54ceecd078a8331
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Aug 11 11:50:04 2020 +0100

    Ensure libssl creates libctx aware MAC keys
    
    Convert various mac key creation function calls to use the _with_libctx
    variants.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12637)

commit ada0670bf6c2f67016a55750b1f6b08c54f4242c
Author: Matt Caswell <matt at openssl.org>
Date:   Mon Aug 10 17:11:39 2020 +0100

    Fix some EVP_MD_CTX_* functions
    
    Fixes some issues with EVP_MD_CTX_* functions when doing EVP_DigestSign*
    and EVP_DigestVerify* functions.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12637)

commit 5d51925a90734226f804a7b928326f8ba4bd0434
Author: Matt Caswell <matt at openssl.org>
Date:   Mon Aug 10 09:16:01 2020 +0100

    Convert EVP_PKEY_CTX_set_mac_key() into a function
    
    Previously it was a macro. We now make it into a function that is params
    aware.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12637)

commit 1bf625040c9a1f02782c9b4f993e1a58e6e70448
Author: Matt Caswell <matt at openssl.org>
Date:   Fri Aug 7 17:20:18 2020 +0100

    Fix evp_extra_test to not assume that HMAC is legacy
    
    evp_extra_test had a test that checks whether an EVP_PKEY_CTX can still
    be created for HMAC even though there are no providers loaded because it
    is a legacy algorithm. However after the earlier commits this is no longer
    the case. We swap the check to a different legacy algorithm (SM2).
    Hopefully before too long there will be no legacy algorithms left and the
    test can be deleted.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12637)

commit b571e662cdc06febabeac3a117726deaf812afd7
Author: Matt Caswell <matt at openssl.org>
Date:   Fri Aug 7 16:55:42 2020 +0100

    Make the provider side EVP PKEY MAC bridge available in default and fips
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12637)

commit 409910be16240d1693dbff5065b852998e80cd40
Author: Matt Caswell <matt at openssl.org>
Date:   Fri Aug 7 16:42:02 2020 +0100

    Implement signature functions for EVP_PKEY MAC to EVP_MAC provider bridge
    
    Some MAC implementations were available before the current EVP_MAC API. They
    were used via EVP_DigestSign*. There exists a bridge between the oldAPI and
    the EVP_MAC API however this bridge itself uses a legacy EVP_PKEY_METHOD.
    This commit implements the signature functions for the provider side bridge
    without having to use any legacy code.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12637)

commit e538294f8f9b522279e523ebf6804ed4cb721b80
Author: Matt Caswell <matt at openssl.org>
Date:   Fri Aug 7 16:40:25 2020 +0100

    Implement key management for the EVP_PKEY MAC to EVP_MAC provider bridge
    
    Some MAC implementations were available before the current EVP_MAC API. They
    were used via EVP_DigestSign*. There exists a bridge between the old API and
    the EVP_MAC API however this bridge itself uses a legacy EVP_PKEY_METHOD.
    This commit implements the key management for provider side bridge without
    having to useany legacy code.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12637)

-----------------------------------------------------------------------

Summary of changes:
 crypto/asn1/standard_methods.h                     |  10 -
 crypto/cmac/build.info                             |   2 +-
 crypto/cmac/cm_ameth.c                             |  59 --
 crypto/evp/build.info                              |   1 -
 crypto/evp/digest.c                                |  45 +-
 crypto/evp/m_sigver.c                              |   5 +-
 crypto/evp/p_lib.c                                 |  92 +--
 crypto/evp/pkey_mac.c                              | 696 ---------------------
 crypto/evp/pmeth_lib.c                             |  66 +-
 crypto/hmac/build.info                             |   2 +-
 crypto/hmac/hm_ameth.c                             | 133 ----
 crypto/poly1305/build.info                         |   2 +-
 crypto/poly1305/poly1305_ameth.c                   | 121 ----
 crypto/siphash/build.info                          |   3 +-
 crypto/siphash/siphash_ameth.c                     | 123 ----
 doc/man3/EVP_PKEY_new.pod                          |  57 +-
 doc/man7/EVP_PKEY-HMAC.pod                         |  95 +++
 doc/man7/EVP_SIGNATURE-HMAC.pod                    |  41 ++
 include/crypto/asn1.h                              |   4 -
 include/crypto/evp.h                               |   4 -
 include/openssl/core_names.h                       |   5 +-
 include/openssl/evp.h                              |  10 +-
 providers/common/include/prov/provider_util.h      |  15 +
 providers/common/provider_util.c                   | 109 ++--
 providers/defltprov.c                              |  16 +
 providers/fips/fipsprov.c                          |   8 +
 .../implementations/include/prov/implementations.h |   7 +-
 .../include/prov/{kdfexchange.h => macsignature.h} |  18 +-
 providers/implementations/keymgmt/build.info       |   3 +
 .../implementations/keymgmt/mac_legacy_kmgmt.c     | 513 +++++++++++++++
 providers/implementations/signature/build.info     |   3 +
 providers/implementations/signature/mac_legacy.c   | 191 ++++++
 ssl/statem/extensions.c                            |   6 +-
 ssl/statem/extensions_srvr.c                       |  18 +-
 ssl/t1_enc.c                                       |  18 +-
 test/evp_extra_test.c                              |  61 +-
 test/evp_test.c                                    |   6 +-
 util/libcrypto.num                                 |   2 +
 38 files changed, 1236 insertions(+), 1334 deletions(-)
 delete mode 100644 crypto/cmac/cm_ameth.c
 delete mode 100644 crypto/evp/pkey_mac.c
 delete mode 100644 crypto/hmac/hm_ameth.c
 delete mode 100644 crypto/poly1305/poly1305_ameth.c
 delete mode 100644 crypto/siphash/siphash_ameth.c
 create mode 100644 doc/man7/EVP_PKEY-HMAC.pod
 create mode 100644 doc/man7/EVP_SIGNATURE-HMAC.pod
 copy providers/implementations/include/prov/{kdfexchange.h => macsignature.h} (60%)
 create mode 100644 providers/implementations/keymgmt/mac_legacy_kmgmt.c
 create mode 100644 providers/implementations/signature/mac_legacy.c

diff --git a/crypto/asn1/standard_methods.h b/crypto/asn1/standard_methods.h
index d461461031..fdf1d23558 100644
--- a/crypto/asn1/standard_methods.h
+++ b/crypto/asn1/standard_methods.h
@@ -29,10 +29,6 @@ static const EVP_PKEY_ASN1_METHOD *standard_methods[] = {
 #endif
 #ifndef OPENSSL_NO_EC
     &eckey_asn1_meth,
-#endif
-    &hmac_asn1_meth,
-#ifndef OPENSSL_NO_CMAC
-    &cmac_asn1_meth,
 #endif
 #ifndef OPENSSL_NO_RSA
     &rsa_pss_asn1_meth,
@@ -44,12 +40,6 @@ static const EVP_PKEY_ASN1_METHOD *standard_methods[] = {
     &ecx25519_asn1_meth,
     &ecx448_asn1_meth,
 #endif
-#ifndef OPENSSL_NO_POLY1305
-    &poly1305_asn1_meth,
-#endif
-#ifndef OPENSSL_NO_SIPHASH
-    &siphash_asn1_meth,
-#endif
 #ifndef OPENSSL_NO_EC
     &ed25519_asn1_meth,
     &ed448_asn1_meth,
diff --git a/crypto/cmac/build.info b/crypto/cmac/build.info
index a2f6f218c2..0c0e50941f 100644
--- a/crypto/cmac/build.info
+++ b/crypto/cmac/build.info
@@ -2,5 +2,5 @@ LIBS=../../libcrypto
 
 $COMMON=cmac.c
 
-SOURCE[../../libcrypto]=$COMMON cm_ameth.c
+SOURCE[../../libcrypto]=$COMMON
 SOURCE[../../providers/libfips.a]=$COMMON
diff --git a/crypto/cmac/cm_ameth.c b/crypto/cmac/cm_ameth.c
deleted file mode 100644
index aa06cdc98a..0000000000
--- a/crypto/cmac/cm_ameth.c
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * Copyright 2010-2020 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-/*
- * CMAC low level APIs are deprecated for public use, but still ok for internal
- * use.
- */
-#include "internal/deprecated.h"
-
-#include <stdio.h>
-#include "internal/cryptlib.h"
-#include <openssl/evp.h>
-#include "crypto/asn1.h"
-
-/*
- * CMAC "ASN1" method. This is just here to indicate the maximum CMAC output
- * length and to free up a CMAC key.
- */
-
-static int cmac_size(const EVP_PKEY *pkey)
-{
-    return EVP_MAX_BLOCK_LENGTH;
-}
-
-static void cmac_key_free(EVP_PKEY *pkey)
-{
-    EVP_MAC_CTX *cmctx = EVP_PKEY_get0(pkey);
-    EVP_MAC *mac = cmctx == NULL ? NULL : EVP_MAC_CTX_mac(cmctx);
-
-    EVP_MAC_CTX_free(cmctx);
-    EVP_MAC_free(mac);
-}
-
-const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = {
-    EVP_PKEY_CMAC,
-    EVP_PKEY_CMAC,
-    0,
-
-    "CMAC",
-    "OpenSSL CMAC method",
-
-    0, 0, 0, 0,
-
-    0, 0, 0,
-
-    cmac_size,
-    0, 0,
-    0, 0, 0, 0, 0, 0, 0,
-
-    cmac_key_free,
-    0,
-    0, 0
-};
diff --git a/crypto/evp/build.info b/crypto/evp/build.info
index 81c660051b..4f155f1393 100644
--- a/crypto/evp/build.info
+++ b/crypto/evp/build.info
@@ -16,7 +16,6 @@ SOURCE[../../libcrypto]=$COMMON\
         pmeth_fn.c\
         e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_rc4_hmac_md5.c \
         e_chacha20_poly1305.c \
-        pkey_mac.c \
         legacy_sha.c
 
 IF[{- !$disabled{'deprecated-3.0'} -}]
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index c9b4e3fd6e..19fddb74ab 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -489,10 +489,12 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
     if (in->fetched_digest != NULL)
         EVP_MD_up_ref(in->fetched_digest);
 
-    out->provctx = in->digest->dupctx(in->provctx);
-    if (out->provctx == NULL) {
-        EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, EVP_R_NOT_ABLE_TO_COPY_CTX);
-        return 0;
+    if (in->provctx != NULL) {
+        out->provctx = in->digest->dupctx(in->provctx);
+        if (out->provctx == NULL) {
+            EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, EVP_R_NOT_ABLE_TO_COPY_CTX);
+            return 0;
+        }
     }
 
     /* copied EVP_MD_CTX should free the copied EVP_PKEY_CTX */
@@ -608,9 +610,7 @@ int EVP_MD_CTX_set_params(EVP_MD_CTX *ctx, const OSSL_PARAM params[])
 {
     EVP_PKEY_CTX *pctx = ctx->pctx;
 
-    if (ctx->digest != NULL && ctx->digest->set_ctx_params != NULL)
-        return ctx->digest->set_ctx_params(ctx->provctx, params);
-
+    /* If we have a pctx then we should try that first */
     if (pctx != NULL
             && (pctx->operation == EVP_PKEY_OP_VERIFYCTX
                 || pctx->operation == EVP_PKEY_OP_SIGNCTX)
@@ -618,6 +618,10 @@ int EVP_MD_CTX_set_params(EVP_MD_CTX *ctx, const OSSL_PARAM params[])
             && pctx->op.sig.signature->set_ctx_md_params != NULL)
         return pctx->op.sig.signature->set_ctx_md_params(pctx->op.sig.sigprovctx,
                                                          params);
+
+    if (ctx->digest != NULL && ctx->digest->set_ctx_params != NULL)
+        return ctx->digest->set_ctx_params(ctx->provctx, params);
+
     return 0;
 }
 
@@ -635,10 +639,7 @@ const OSSL_PARAM *EVP_MD_CTX_settable_params(EVP_MD_CTX *ctx)
     if (ctx == NULL)
         return NULL;
 
-    if (ctx->digest != NULL && ctx->digest->settable_ctx_params != NULL)
-        return ctx->digest->settable_ctx_params(
-                  ossl_provider_ctx(EVP_MD_provider(ctx->digest)));
-
+    /* If we have a pctx then we should try that first */
     pctx = ctx->pctx;
     if (pctx != NULL
             && (pctx->operation == EVP_PKEY_OP_VERIFYCTX
@@ -648,6 +649,10 @@ const OSSL_PARAM *EVP_MD_CTX_settable_params(EVP_MD_CTX *ctx)
         return pctx->op.sig.signature->settable_ctx_md_params(
                    pctx->op.sig.sigprovctx);
 
+    if (ctx->digest != NULL && ctx->digest->settable_ctx_params != NULL)
+        return ctx->digest->settable_ctx_params(
+                  ossl_provider_ctx(EVP_MD_provider(ctx->digest)));
+
     return NULL;
 }
 
@@ -655,9 +660,7 @@ int EVP_MD_CTX_get_params(EVP_MD_CTX *ctx, OSSL_PARAM params[])
 {
     EVP_PKEY_CTX *pctx = ctx->pctx;
 
-    if (ctx->digest != NULL && ctx->digest->get_params != NULL)
-        return ctx->digest->get_ctx_params(ctx->provctx, params);
-
+    /* If we have a pctx then we should try that first */
     if (pctx != NULL
             && (pctx->operation == EVP_PKEY_OP_VERIFYCTX
                 || pctx->operation == EVP_PKEY_OP_SIGNCTX)
@@ -666,6 +669,9 @@ int EVP_MD_CTX_get_params(EVP_MD_CTX *ctx, OSSL_PARAM params[])
         return pctx->op.sig.signature->get_ctx_md_params(pctx->op.sig.sigprovctx,
                                                          params);
 
+    if (ctx->digest != NULL && ctx->digest->get_params != NULL)
+        return ctx->digest->get_ctx_params(ctx->provctx, params);
+
     return 0;
 }
 
@@ -683,11 +689,7 @@ const OSSL_PARAM *EVP_MD_CTX_gettable_params(EVP_MD_CTX *ctx)
     if (ctx == NULL)
         return NULL;
 
-    if (ctx->digest != NULL
-            && ctx->digest->gettable_ctx_params != NULL)
-        return ctx->digest->gettable_ctx_params(
-                   ossl_provider_ctx(EVP_MD_provider(ctx->digest)));
-
+    /* If we have a pctx then we should try that first */
     pctx = ctx->pctx;
     if (pctx != NULL
             && (pctx->operation == EVP_PKEY_OP_VERIFYCTX
@@ -697,6 +699,11 @@ const OSSL_PARAM *EVP_MD_CTX_gettable_params(EVP_MD_CTX *ctx)
         return pctx->op.sig.signature->gettable_ctx_md_params(
                     pctx->op.sig.sigprovctx);
 
+    if (ctx->digest != NULL
+            && ctx->digest->gettable_ctx_params != NULL)
+        return ctx->digest->gettable_ctx_params(
+                   ossl_provider_ctx(EVP_MD_provider(ctx->digest)));
+
     return NULL;
 }
 
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
index 04ac121e25..0278d9ca09 100644
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@@ -172,9 +172,6 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
                                                        locmdname,
                                                        sizeof(locmdname)) > 0) {
                 mdname = canon_mdname(locmdname);
-            } else {
-                EVPerr(EVP_F_DO_SIGVER_INIT, EVP_R_NO_DEFAULT_DIGEST);
-                return 0;
             }
         }
 
@@ -186,7 +183,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
              * so the EVP_MD should not be used beyound the lifetime of the
              * EVP_MD_CTX.
              */
-            ctx->reqdigest = ctx->fetched_digest =
+            ctx->digest = ctx->reqdigest = ctx->fetched_digest =
                 EVP_MD_fetch(locpctx->libctx, mdname, props);
         }
     }
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index 503009dd93..16c674d920 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -586,64 +586,82 @@ int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub,
     return 1;
 }
 
-EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
-                                size_t len, const EVP_CIPHER *cipher)
+static EVP_PKEY *new_cmac_key_int(const unsigned char *priv, size_t len,
+                                  const char *cipher_name,
+                                  const EVP_CIPHER *cipher, OPENSSL_CTX *libctx,
+                                  const char *propq, ENGINE *e)
 {
 # ifndef OPENSSL_NO_CMAC
 #  ifndef OPENSSL_NO_ENGINE
     const char *engine_id = e != NULL ? ENGINE_get_id(e) : NULL;
 #  endif
-    const char *cipher_name = EVP_CIPHER_name(cipher);
-    const OSSL_PROVIDER *prov = EVP_CIPHER_provider(cipher);
-    OPENSSL_CTX *libctx =
-        prov == NULL ? NULL : ossl_provider_library_context(prov);
-    EVP_PKEY *ret = EVP_PKEY_new();
-    EVP_MAC *cmac = EVP_MAC_fetch(libctx, OSSL_MAC_NAME_CMAC, NULL);
-    EVP_MAC_CTX *cmctx = cmac != NULL ? EVP_MAC_CTX_new(cmac) : NULL;
-    OSSL_PARAM params[4];
-    size_t paramsn = 0;
-
-    if (ret == NULL
-        || cmctx == NULL
-        || !pkey_set_type(ret, e, EVP_PKEY_CMAC, NULL, -1, NULL)) {
-        /* EVPerr already called */
+    OSSL_PARAM params[5], *p = params;
+    EVP_PKEY *pkey = NULL;
+    EVP_PKEY_CTX *ctx;
+
+    if (cipher != NULL)
+        cipher_name = EVP_CIPHER_name(cipher);
+
+    if (cipher_name == NULL) {
+        EVPerr(0, EVP_R_KEY_SETUP_FAILED);
+        return NULL;
+    }
+
+    ctx = EVP_PKEY_CTX_new_from_name(libctx, "CMAC", propq);
+    if (ctx == NULL) {
+        EVPerr(0, ERR_R_MALLOC_FAILURE);
         goto err;
     }
 
+    if (!EVP_PKEY_key_fromdata_init(ctx)) {
+        EVPerr(0, EVP_R_KEY_SETUP_FAILED);
+        goto err;
+    }
+
+    *p++ = OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
+                                            (void *)priv, len);
+    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_CIPHER,
+                                            (char *)cipher_name, 0);
+    if (propq != NULL)
+        *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_PROPERTIES,
+                                                (char *)propq, 0);
 #  ifndef OPENSSL_NO_ENGINE
     if (engine_id != NULL)
-        params[paramsn++] =
-            OSSL_PARAM_construct_utf8_string("engine", (char *)engine_id, 0);
+        *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_ENGINE,
+                                                (char *)engine_id, 0);
 #  endif
+    *p = OSSL_PARAM_construct_end();
 
-    params[paramsn++] =
-        OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER,
-                                         (char *)cipher_name, 0);
-    params[paramsn++] =
-        OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
-                                          (char *)priv, len);
-    params[paramsn] = OSSL_PARAM_construct_end();
-
-    if (!EVP_MAC_CTX_set_params(cmctx, params)) {
-        EVPerr(EVP_F_EVP_PKEY_NEW_CMAC_KEY, EVP_R_KEY_SETUP_FAILED);
+    if (!EVP_PKEY_fromdata(ctx, &pkey, params)) {
+        EVPerr(0, EVP_R_KEY_SETUP_FAILED);
         goto err;
     }
 
-    ret->pkey.ptr = cmctx;
-    return ret;
-
  err:
-    EVP_PKEY_free(ret);
-    EVP_MAC_CTX_free(cmctx);
-    EVP_MAC_free(cmac);
-    return NULL;
+    EVP_PKEY_CTX_free(ctx);
+
+    return pkey;
 # else
-    EVPerr(EVP_F_EVP_PKEY_NEW_CMAC_KEY,
-           EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+    EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
     return NULL;
 # endif
 }
 
+EVP_PKEY *EVP_PKEY_new_CMAC_key_with_libctx(const unsigned char *priv,
+                                            size_t len,
+                                            const char *cipher_name,
+                                            OPENSSL_CTX *libctx,
+                                            const char *propq)
+{
+    return new_cmac_key_int(priv, len, cipher_name, NULL, libctx, propq, NULL);
+}
+
+EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
+                                size_t len, const EVP_CIPHER *cipher)
+{
+    return new_cmac_key_int(priv, len, NULL, cipher, NULL, NULL, e);
+}
+
 int EVP_PKEY_set_type(EVP_PKEY *pkey, int type)
 {
     return pkey_set_type(pkey, NULL, type, NULL, -1, NULL);
diff --git a/crypto/evp/pkey_mac.c b/crypto/evp/pkey_mac.c
deleted file mode 100644
index 7e36b3c6bd..0000000000
--- a/crypto/evp/pkey_mac.c
+++ /dev/null
@@ -1,696 +0,0 @@
-/*
- * Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-/* We need to use some engine deprecated APIs */
-#define OPENSSL_SUPPRESS_DEPRECATED
-
-#include <string.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/engine.h>
-#include <openssl/params.h>
-#include <openssl/core_names.h>
-#include "crypto/evp.h"
-#include "evp_local.h"
-
-/* MAC PKEY context structure */
-
-typedef struct {
-    EVP_MAC_CTX *ctx;
-
-    /*
-     * We know of two MAC types:
-     *
-     * 1. those who take a secret in raw form, i.e. raw data as a
-     *    ASN1_OCTET_STRING embedded in a EVP_PKEY.  So far, that's
-     *    all of them but CMAC.
-     * 2. those who take a secret with associated cipher in very generic
-     *    form, i.e. a complete EVP_MAC_CTX embedded in a PKEY.  So far,
-     *    only CMAC does this.
-     *
-     * (one might wonder why the second form isn't used for all)
-     */
-#define MAC_TYPE_RAW    1   /* HMAC like MAC type (all but CMAC so far) */
-#define MAC_TYPE_MAC    2   /* CMAC like MAC type (only CMAC known so far) */
-    int type;
-
-    /* The following is only used for MAC_TYPE_RAW implementations */
-    struct {
-        const EVP_MD *md;           /* temp storage of MD */
-        ASN1_OCTET_STRING ktmp;     /* temp storage for key */
-    } raw_data;
-} MAC_PKEY_CTX;
-
-static void pkey_mac_cleanup(EVP_PKEY_CTX *ctx);
-
-static int pkey_mac_init(EVP_PKEY_CTX *ctx)
-{
-    MAC_PKEY_CTX *hctx;
-    /* We're being smart and using the same base NIDs for PKEY and for MAC */
-    int nid = ctx->pmeth->pkey_id;
-    EVP_MAC *mac;
-
-    ERR_set_mark();
-    mac = EVP_MAC_fetch(ctx->libctx, OBJ_nid2sn(nid), ctx->propquery);
-    ERR_pop_to_mark();
-
-    /*
-     * mac == NULL may actually be ok in some situations. In an
-     * EVP_PKEY_new_mac_key() call a temporary EVP_PKEY_CTX is created with
-     * default libctx. We don't actually need the underlying MAC to be present
-     * to successfully set the key in that case. The resulting EVP_PKEY could
-     * then be used in some other libctx where the MAC *is* present
-     */
-
-    if ((hctx = OPENSSL_zalloc(sizeof(*hctx))) == NULL) {
-        EVPerr(EVP_F_PKEY_MAC_INIT, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-
-    if (mac != NULL) {
-        hctx->ctx = EVP_MAC_CTX_new(mac);
-        if (hctx->ctx == NULL) {
-            OPENSSL_free(hctx);
-            return 0;
-        }
-    }
-
-    if (nid == EVP_PKEY_CMAC) {
-        hctx->type = MAC_TYPE_MAC;
-    } else {
-        hctx->type = MAC_TYPE_RAW;
-        hctx->raw_data.ktmp.type = V_ASN1_OCTET_STRING;
-    }
-
-    pkey_mac_cleanup(ctx);
-    EVP_PKEY_CTX_set_data(ctx, hctx);
-    ctx->keygen_info_count = 0;
-
-    return 1;
-}
-
-static int pkey_mac_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src)
-{
-    MAC_PKEY_CTX *sctx, *dctx;
-
-    sctx = EVP_PKEY_CTX_get_data(src);
-
-    if (sctx->ctx == NULL) {
-        /* This actually means the fetch failed during the init call */
-        EVPerr(0, EVP_R_FETCH_FAILED);
-        return 0;
-    }
-
-    if (sctx->ctx->data == NULL)
-        return 0;
-
-    dctx = OPENSSL_zalloc(sizeof(*dctx));
-    if (dctx == NULL) {
-        EVPerr(EVP_F_PKEY_MAC_COPY, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-
-    EVP_PKEY_CTX_set_data(dst, dctx);
-    dst->keygen_info_count = 0;
-
-    dctx->ctx = EVP_MAC_CTX_dup(sctx->ctx);
-    if (dctx->ctx == NULL)
-        goto err;
-
-    /*
-     * Normally, nothing special would be done with the MAC method.  In
-     * this particular case, though, the MAC method was fetched internally
-     * by pkey_mac_init() above or by EVP_PKEY_new_CMAC_key() and passed
-     * via the EVP_MAC_CTX, so it is effectively like every new EVP_MAC_CTX
-     * fetches the MAC method anew in this case.  Therefore, its reference
-     * count must be adjusted here.
-     */
-    if (!EVP_MAC_up_ref(EVP_MAC_CTX_mac(dctx->ctx)))
-        goto err;
-
-    dctx->type = sctx->type;
-
-    switch (dctx->type) {
-    case MAC_TYPE_RAW:
-        dctx->raw_data.md = sctx->raw_data.md;
-        if (ASN1_STRING_get0_data(&sctx->raw_data.ktmp) != NULL &&
-            !ASN1_STRING_copy(&dctx->raw_data.ktmp, &sctx->raw_data.ktmp))
-            goto err;
-        break;
-    case MAC_TYPE_MAC:
-        /* Nothing more to do */
-        break;
-    default:
-        /* This should be dead code */
-        return 0;
-    }
-    return 1;
- err:
-    pkey_mac_cleanup(dst);
-    return 0;
-}
-
-static void pkey_mac_cleanup(EVP_PKEY_CTX *ctx)
-{
-    /*
-     * For the exact same reasons the MAC reference count is incremented
-     * in pkey_mac_copy() above, it must be explicitly freed here.
-     */
-
-    MAC_PKEY_CTX *hctx = ctx == NULL ? NULL : EVP_PKEY_CTX_get_data(ctx);
-
-    if (hctx != NULL) {
-        EVP_MAC *mac = hctx->ctx != NULL ? EVP_MAC_CTX_mac(hctx->ctx) : NULL;
-
-        switch (hctx->type) {
-        case MAC_TYPE_RAW:
-            OPENSSL_clear_free(hctx->raw_data.ktmp.data,
-                               hctx->raw_data.ktmp.length);
-            break;
-        }
-        EVP_MAC_CTX_free(hctx->ctx);
-        EVP_MAC_free(mac);
-        OPENSSL_free(hctx);
-        EVP_PKEY_CTX_set_data(ctx, NULL);
-    }
-}
-
-static int pkey_mac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
-    MAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(ctx);
-    int nid = ctx->pmeth->pkey_id;
-
-    switch (hctx->type) {
-    case MAC_TYPE_RAW:
-        {
-            ASN1_OCTET_STRING *hkey = NULL;
-
-            if (!hctx->raw_data.ktmp.data)
-                return 0;
-            hkey = ASN1_OCTET_STRING_dup(&hctx->raw_data.ktmp);
-            if (!hkey)
-                return 0;
-            EVP_PKEY_assign(pkey, nid, hkey);
-        }
-        break;
-    case MAC_TYPE_MAC:
-        {
-            EVP_MAC_CTX *cmkey;
-
-            if (hctx->ctx == NULL) {
-                /* This actually means the fetch failed during the init call */
-                EVPerr(0, EVP_R_FETCH_FAILED);
-                return 0;
-            }
-
-            cmkey = EVP_MAC_CTX_dup(hctx->ctx);
-            if (cmkey == NULL)
-                return 0;
-            if (!EVP_MAC_up_ref(EVP_MAC_CTX_mac(hctx->ctx)))
-                return 0;
-            EVP_PKEY_assign(pkey, nid, cmkey);
-        }
-        break;
-    default:
-        /* This should be dead code */
-        return 0;
-    }
-
-    return 1;
-}
-
-static int int_update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-    MAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(EVP_MD_CTX_pkey_ctx(ctx));
-
-    if (!EVP_MAC_update(hctx->ctx, data, count))
-        return 0;
-    return 1;
-}
-
-static int pkey_mac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
-{
-    MAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(ctx);
-    ASN1_OCTET_STRING *key = NULL;
-    int rv = 1;
-    /*
-     * For MACs with the EVP_PKEY_FLAG_SIGCTX_CUSTOM flag set and that
-     * gets the key passed as an ASN.1 OCTET STRING, we set the key here,
-     * as this may be only time it's set during a DigestSign.
-     *
-     * MACs that pass around the key in form of EVP_MAC_CTX are setting
-     * the key through other mechanisms.  (this is only CMAC for now)
-     */
-    int set_key =
-        hctx->type == MAC_TYPE_RAW
-        && (ctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM) != 0;
-
-    if (hctx->ctx == NULL) {
-        /* This actually means the fetch failed during the init call */
-        EVPerr(0, EVP_R_FETCH_FAILED);
-        return 0;
-    }
-
-    if (set_key) {
-        if (!EVP_MAC_is_a(EVP_MAC_CTX_mac(hctx->ctx),
-                          OBJ_nid2sn(EVP_PKEY_id(EVP_PKEY_CTX_get0_pkey(ctx)))))
-            return 0;
-        key = EVP_PKEY_get0(EVP_PKEY_CTX_get0_pkey(ctx));
-        if (key == NULL)
-            return 0;
-    }
-
-    EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
-    EVP_MD_CTX_set_update_fn(mctx, int_update);
-
-    /* Some MACs don't support this control...  that's fine */
-    {
-        OSSL_PARAM params[3];
-        size_t params_n = 0;
-        int flags = EVP_MD_CTX_test_flags(mctx, ~EVP_MD_CTX_FLAG_NO_INIT);
-
-        /* TODO(3.0) "flags" isn't quite right, i.e. a quick hack for now */
-        params[params_n++] =
-            OSSL_PARAM_construct_int(OSSL_MAC_PARAM_FLAGS, &flags);
-        if (set_key)
-            params[params_n++] =
-                OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
-                                                  key->data, key->length);
-        params[params_n++] = OSSL_PARAM_construct_end();
-        rv = EVP_MAC_CTX_set_params(hctx->ctx, params);
-    }
-    return rv;
-}
-
-static int pkey_mac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig,
-                             size_t *siglen, EVP_MD_CTX *mctx)
-{
-    MAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(ctx);
-
-    return EVP_MAC_final(hctx->ctx, sig, siglen, EVP_MAC_size(hctx->ctx));
-}
-
-static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
-{
-    MAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(ctx);
-
-    switch (type) {
-
-    case EVP_PKEY_CTRL_CIPHER:
-        switch (hctx->type) {
-        case MAC_TYPE_RAW:
-            return -2;       /* The raw types don't support ciphers */
-        case MAC_TYPE_MAC:
-            {
-                OSSL_PARAM params[3];
-                size_t params_n = 0;
-                char *ciphname = (char *)OBJ_nid2sn(EVP_CIPHER_nid(p2));
-
-#ifndef OPENSSL_NO_ENGINE
-                if (ctx->engine != NULL) {
-                    char *engid = (char *)ENGINE_get_id(ctx->engine);
-
-                    params[params_n++] =
-                        OSSL_PARAM_construct_utf8_string("engine", engid, 0);
-                }
-#endif
-                params[params_n++] =
-                    OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER,
-                                                     ciphname, 0);
-                params[params_n] = OSSL_PARAM_construct_end();
-
-                if (hctx->ctx == NULL) {
-                    /*
-                     * This actually means the fetch failed during the init call
-                     */
-                    EVPerr(0, EVP_R_FETCH_FAILED);
-                    return 0;
-                }
-
-                if (!EVP_MAC_CTX_set_params(hctx->ctx, params)
-                    || !EVP_MAC_init(hctx->ctx))
-                    return 0;
-            }
-            break;
-        default:
-            /* This should be dead code */
-            return 0;
-        }
-        break;
-
-    case EVP_PKEY_CTRL_MD:
-        switch (hctx->type) {
-        case MAC_TYPE_RAW:
-            hctx->raw_data.md = p2;
-            break;
-        case MAC_TYPE_MAC: {
-                EVP_MAC_CTX *new_mac_ctx;
-
-                if (ctx->pkey == NULL)
-                    return 0;
-                new_mac_ctx = EVP_MAC_CTX_dup(ctx->pkey->pkey.ptr);
-                if (new_mac_ctx == NULL)
-                    return 0;
-                EVP_MAC_CTX_free(hctx->ctx);
-                hctx->ctx = new_mac_ctx;
-            }
-            break;
-        default:
-            /* This should be dead code */
-            return 0;
-        }
-        break;
-
-    case EVP_PKEY_CTRL_SET_DIGEST_SIZE:
-        {
-            OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
-            size_t size = (size_t)p1;
-            size_t verify = 0;
-
-            /*
-             * We verify that the length is actually set by getting back
-             * the same parameter and checking that it matches what we
-             * tried to set.
-             * TODO(3.0) when we have a more direct mechanism to check if
-             * a parameter was used, we must refactor this to use that.
-             */
-
-            params[0] =
-                OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE, &size);
-
-            if (hctx->ctx == NULL) {
-                /*
-                 * This actually means the fetch failed during the init call
-                 */
-                EVPerr(0, EVP_R_FETCH_FAILED);
-                return 0;
-            }
-
-            if (!EVP_MAC_CTX_set_params(hctx->ctx, params))
-                return 0;
-
-            params[0] =
-                OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE, &verify);
-
-            if (!EVP_MAC_CTX_get_params(hctx->ctx, params))
-                return 0;
-
-            /*
-             * Since EVP_MAC_{get,set}_ctx_params() returned successfully,
-             * we can only assume that the size was ignored, i.e. this
-             * control is unsupported.
-             */
-            if (verify != size)
-                return -2;
-        }
-        break;
-    case EVP_PKEY_CTRL_SET_MAC_KEY:
-        switch (hctx->type) {
-        case MAC_TYPE_RAW:
-            if ((!p2 && p1 > 0) || (p1 < -1))
-                return 0;
-            if (!ASN1_OCTET_STRING_set(&hctx->raw_data.ktmp, p2, p1))
-                return 0;
-            break;
-        case MAC_TYPE_MAC:
-            {
-                OSSL_PARAM params[2];
-                size_t params_n = 0;
-
-                params[params_n++] =
-                    OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
-                                                      p2, p1);
-                params[params_n] = OSSL_PARAM_construct_end();
-
-                if (hctx->ctx == NULL) {
-                    /*
-                     * This actually means the fetch failed during the init call
-                     */
-                    EVPerr(0, EVP_R_FETCH_FAILED);
-                    return 0;
-                }
-
-                return EVP_MAC_CTX_set_params(hctx->ctx, params);
-            }
-            break;
-        default:
-            /* This should be dead code */
-            return 0;
-        }
-        break;
-
-    case EVP_PKEY_CTRL_DIGESTINIT:
-        switch (hctx->type) {
-        case MAC_TYPE_RAW:
-            if (hctx->ctx == NULL) {
-                /* This actually means the fetch failed during the init call */
-                EVPerr(0, EVP_R_FETCH_FAILED);
-                return 0;
-            }
-
-            /* Ensure that we have attached the implementation */
-            if (!EVP_MAC_init(hctx->ctx))
-                return 0;
-            {
-                ASN1_OCTET_STRING *key =
-                    (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr;
-                OSSL_PARAM params[4];
-                size_t params_n = 0;
-                char *mdname =
-                    (char *)OBJ_nid2sn(EVP_MD_nid(hctx->raw_data.md));
-
-#ifndef OPENSSL_NO_ENGINE
-                if (ctx->engine != NULL) {
-                    char *engid = (char *)ENGINE_get_id(ctx->engine);
-
-                    params[params_n++] =
-                        OSSL_PARAM_construct_utf8_string("engine", engid, 0);
-                }
-#endif
-                params[params_n++] =
-                    OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
-                                                     mdname, 0);
-                params[params_n++] =
-                    OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
-                                                      key->data, key->length);
-                params[params_n] = OSSL_PARAM_construct_end();
-
-                return EVP_MAC_CTX_set_params(hctx->ctx, params);
-            }
-            break;
-        case MAC_TYPE_MAC:
-            return -2;       /* The mac types don't support ciphers */
-        default:
-            /* This should be dead code */
-            return 0;
-        }
-        break;
-
-    default:
-        return -2;
-
-    }
-    return 1;
-}
-
-static int pkey_mac_ctrl_str(EVP_PKEY_CTX *ctx,
-                             const char *type, const char *value)
-{
-    MAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(ctx);
-    const EVP_MAC *mac;
-    OSSL_PARAM params[2];
-    int ok = 0;
-
-    if (hctx == NULL) {
-        EVPerr(0, EVP_R_NULL_MAC_PKEY_CTX);
-        return 0;
-    }
-    if (hctx->ctx == NULL) {
-        /* This actually means the fetch failed during the init call */
-        EVPerr(0, EVP_R_FETCH_FAILED);
-        return 0;
-    }
-    mac = EVP_MAC_CTX_mac(hctx->ctx);
-
-    /*
-     * Translation of some control names that are equivalent to a single
-     * parameter name.
-     *
-     * "md" and "digest" are the same thing, we use the single "digest"
-     *
-     * "digestsize" was a setting control in siphash, but naming wise,
-     * it's really the same as "size".
-     */
-    if (strcmp(type, "md") == 0)
-        type = OSSL_MAC_PARAM_DIGEST;
-    else if (strcmp(type, "digestsize") == 0)
-        type = OSSL_MAC_PARAM_SIZE;
-
-    if (!OSSL_PARAM_allocate_from_text(&params[0],
-                                       EVP_MAC_settable_ctx_params(mac),
-                                       type, value, strlen(value) + 1, NULL))
-        return 0;
-    params[1] = OSSL_PARAM_construct_end();
-
-    ok = EVP_MAC_CTX_set_params(hctx->ctx, params);
-    OPENSSL_free(params[0].data);
-    return ok;
-}
-
-static const EVP_PKEY_METHOD cmac_pkey_meth = {
-    EVP_PKEY_CMAC,
-    EVP_PKEY_FLAG_SIGCTX_CUSTOM,
-    pkey_mac_init,
-    pkey_mac_copy,
-    pkey_mac_cleanup,
-
-    0, 0,
-
-    0,
-    pkey_mac_keygen,
-
-    0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    pkey_mac_signctx_init,
-    pkey_mac_signctx,
-
-    0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    pkey_mac_ctrl,
-    pkey_mac_ctrl_str
-};
-
-const EVP_PKEY_METHOD *cmac_pkey_method(void)
-{
-    return &cmac_pkey_meth;
-}
-
-static const EVP_PKEY_METHOD hmac_pkey_meth = {
-    EVP_PKEY_HMAC,
-    0,
-    pkey_mac_init,
-    pkey_mac_copy,
-    pkey_mac_cleanup,
-
-    0, 0,
-
-    0,
-    pkey_mac_keygen,
-
-    0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    pkey_mac_signctx_init,
-    pkey_mac_signctx,
-
-    0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    pkey_mac_ctrl,
-    pkey_mac_ctrl_str
-};
-
-const EVP_PKEY_METHOD *hmac_pkey_method(void)
-{
-    return &hmac_pkey_meth;
-}
-
-static const EVP_PKEY_METHOD siphash_pkey_meth = {
-    EVP_PKEY_SIPHASH,
-    EVP_PKEY_FLAG_SIGCTX_CUSTOM,
-    pkey_mac_init,
-    pkey_mac_copy,
-    pkey_mac_cleanup,
-
-    0, 0,
-
-    0,
-    pkey_mac_keygen,
-
-    0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    pkey_mac_signctx_init,
-    pkey_mac_signctx,
-
-    0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    pkey_mac_ctrl,
-    pkey_mac_ctrl_str
-};
-
-const EVP_PKEY_METHOD *siphash_pkey_method(void)
-{
-    return &siphash_pkey_meth;
-}
-
-static const EVP_PKEY_METHOD poly1305_pkey_meth = {
-    EVP_PKEY_POLY1305,
-    EVP_PKEY_FLAG_SIGCTX_CUSTOM,
-    pkey_mac_init,
-    pkey_mac_copy,
-    pkey_mac_cleanup,
-
-    0, 0,
-
-    0,
-    pkey_mac_keygen,
-
-    0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    pkey_mac_signctx_init,
-    pkey_mac_signctx,
-
-    0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    pkey_mac_ctrl,
-    pkey_mac_ctrl_str
-};
-
-const EVP_PKEY_METHOD *poly1305_pkey_method(void)
-{
-    return &poly1305_pkey_meth;
-}
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 7fd5339537..aef7c39a20 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -51,10 +51,6 @@ static pmeth_fn standard_methods[] = {
 # endif
 # ifndef OPENSSL_NO_EC
     ec_pkey_method,
-# endif
-    hmac_pkey_method,
-# ifndef OPENSSL_NO_CMAC
-    cmac_pkey_method,
 # endif
 # ifndef OPENSSL_NO_RSA
     rsa_pss_pkey_method,
@@ -66,12 +62,6 @@ static pmeth_fn standard_methods[] = {
     ecx25519_pkey_method,
     ecx448_pkey_method,
 # endif
-# ifndef OPENSSL_NO_POLY1305
-    poly1305_pkey_method,
-# endif
-# ifndef OPENSSL_NO_SIPHASH
-    siphash_pkey_method,
-# endif
 # ifndef OPENSSL_NO_EC
     ed25519_pkey_method,
     ed448_pkey_method,
@@ -150,10 +140,6 @@ static int is_legacy_alg(int id, const char *keytype)
      * support
      */
     case EVP_PKEY_SM2:
-    case EVP_PKEY_CMAC:
-    case EVP_PKEY_HMAC:
-    case EVP_PKEY_SIPHASH:
-    case EVP_PKEY_POLY1305:
         return 1;
     default:
         return 0;
@@ -845,7 +831,7 @@ static int evp_pkey_ctx_set1_octet_string(EVP_PKEY_CTX *ctx, int fallback,
 {
     OSSL_PARAM octet_string_params[2], *p = octet_string_params;
 
-    if (ctx == NULL || !EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
+    if (ctx == NULL || (ctx->operation & op) == 0) {
         ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
         /* Uses the same return values as EVP_PKEY_CTX_ctrl */
         return -2;
@@ -1027,17 +1013,19 @@ int EVP_PKEY_CTX_set_scrypt_maxmem_bytes(EVP_PKEY_CTX *ctx,
                                    maxmem_bytes);
 }
 
+int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, const unsigned char *key,
+                             int keylen)
+{
+    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.keymgmt.genctx == NULL,
+                                          OSSL_PKEY_PARAM_PRIV_KEY,
+                                          EVP_PKEY_OP_KEYGEN,
+                                          EVP_PKEY_CTRL_SET_MAC_KEY,
+                                          key, keylen);
+}
+
 static int legacy_ctrl_to_param(EVP_PKEY_CTX *ctx, int keytype, int optype,
                                 int cmd, int p1, void *p2)
 {
-    /*
-     * GOST CMS format is different for different cipher algorithms.
-     * Most of other algorithms don't have such a difference
-     * so this ctrl is just ignored.
-     */
-    if (cmd == EVP_PKEY_CTRL_CIPHER)
-        return -2;
-
 # ifndef OPENSSL_NO_DH
     if (keytype == EVP_PKEY_DHX) {
         switch (cmd) {
@@ -1186,6 +1174,29 @@ static int legacy_ctrl_to_param(EVP_PKEY_CTX *ctx, int keytype, int optype,
             case EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES:
                 return EVP_PKEY_CTX_set_scrypt_maxmem_bytes(ctx, p1);
             }
+        } else if (optype == EVP_PKEY_OP_KEYGEN) {
+            OSSL_PARAM params[2], *p = params;
+
+            switch (cmd) {
+            case EVP_PKEY_CTRL_CIPHER:
+                {
+                    char *ciphname = (char *)EVP_CIPHER_name(p2);
+
+                    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_CIPHER,
+                                                            ciphname, 0);
+                    *p = OSSL_PARAM_construct_end();
+
+                    return EVP_PKEY_CTX_set_params(ctx, params);
+                }
+            case EVP_PKEY_CTRL_SET_MAC_KEY:
+                {
+                    *p++ = OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
+                                                             p2, p1);
+                    *p = OSSL_PARAM_construct_end();
+
+                    return EVP_PKEY_CTX_set_params(ctx, params);
+                }
+            }
         }
         switch (cmd) {
         case EVP_PKEY_CTRL_MD:
@@ -1216,6 +1227,15 @@ static int legacy_ctrl_to_param(EVP_PKEY_CTX *ctx, int keytype, int optype,
             return -2;
         }
     }
+
+    /*
+     * GOST CMS format is different for different cipher algorithms.
+     * Most of other algorithms don't have such a difference
+     * so this ctrl is just ignored.
+     */
+    if (cmd == EVP_PKEY_CTRL_CIPHER)
+        return -2;
+
     return 0;
 }
 
diff --git a/crypto/hmac/build.info b/crypto/hmac/build.info
index 4ed90c09f4..b828ab122e 100644
--- a/crypto/hmac/build.info
+++ b/crypto/hmac/build.info
@@ -2,5 +2,5 @@ LIBS=../../libcrypto
 
 $COMMON=hmac.c
 
-SOURCE[../../libcrypto]=$COMMON hm_ameth.c
+SOURCE[../../libcrypto]=$COMMON
 SOURCE[../../providers/libfips.a]=$COMMON
diff --git a/crypto/hmac/hm_ameth.c b/crypto/hmac/hm_ameth.c
deleted file mode 100644
index a0e1556b41..0000000000
--- a/crypto/hmac/hm_ameth.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/*
- * Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-/*
- * HMAC low level APIs are deprecated for public use, but still ok for internal
- * use.
- */
-#include "internal/deprecated.h"
-
-#include <stdio.h>
-#include "internal/cryptlib.h"
-#include <openssl/evp.h>
-#include "crypto/asn1.h"
-#include "crypto/evp.h"
-
-/*
- * HMAC "ASN1" method. This is just here to indicate the maximum HMAC output
- * length and to free up an HMAC key.
- */
-
-static int hmac_size(const EVP_PKEY *pkey)
-{
-    return EVP_MAX_MD_SIZE;
-}
-
-static void hmac_key_free(EVP_PKEY *pkey)
-{
-    ASN1_OCTET_STRING *os = EVP_PKEY_get0(pkey);
-    if (os) {
-        if (os->data)
-            OPENSSL_cleanse(os->data, os->length);
-        ASN1_OCTET_STRING_free(os);
-    }
-}
-
-static int hmac_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
-{
-    switch (op) {
-    case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
-        *(int *)arg2 = NID_sha256;
-        return 1;
-
-    default:
-        return -2;
-    }
-}
-
-static int hmac_pkey_public_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-    return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b));
-}
-
-static int hmac_set_priv_key(EVP_PKEY *pkey, const unsigned char *priv,
-                             size_t len)
-{
-    ASN1_OCTET_STRING *os;
-
-    if (pkey->pkey.ptr != NULL)
-        return 0;
-
-    os = ASN1_OCTET_STRING_new();
-    if (os == NULL)
-        return 0;
-
-
-    if (!ASN1_OCTET_STRING_set(os, priv, len)) {
-        ASN1_OCTET_STRING_free(os);
-        return 0;
-    }
-
-    pkey->pkey.ptr = os;
-    return 1;
-}
-
-static int hmac_get_priv_key(const EVP_PKEY *pkey, unsigned char *priv,
-                             size_t *len)
-{
-    ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr;
-
-    if (priv == NULL) {
-        *len = ASN1_STRING_length(os);
-        return 1;
-    }
-
-    if (os == NULL || *len < (size_t)ASN1_STRING_length(os))
-        return 0;
-
-    *len = ASN1_STRING_length(os);
-    memcpy(priv, ASN1_STRING_get0_data(os), *len);
-
-    return 1;
-}
-
-const EVP_PKEY_ASN1_METHOD hmac_asn1_meth = {
-    EVP_PKEY_HMAC,
-    EVP_PKEY_HMAC,
-    0,
-
-    "HMAC",
-    "OpenSSL HMAC method",
-
-    0, 0, hmac_pkey_public_cmp, 0,
-
-    0, 0, 0,
-
-    hmac_size,
-    0, 0,
-    0, 0, 0, 0, 0, 0, 0,
-
-    hmac_key_free,
-    hmac_pkey_ctrl,
-    NULL,
-    NULL,
-
-    NULL,
-    NULL,
-    NULL,
-
-    NULL,
-    NULL,
-    NULL,
-
-    hmac_set_priv_key,
-    NULL,
-    hmac_get_priv_key,
-    NULL,
-};
diff --git a/crypto/poly1305/build.info b/crypto/poly1305/build.info
index 6425a01583..b3078f21cc 100644
--- a/crypto/poly1305/build.info
+++ b/crypto/poly1305/build.info
@@ -29,7 +29,7 @@ IF[{- !$disabled{asm} -}]
   ENDIF
 ENDIF
 
-SOURCE[../../libcrypto]=poly1305_ameth.c poly1305.c $POLY1305ASM
+SOURCE[../../libcrypto]=poly1305.c $POLY1305ASM
 
 # Implementations are now spread across several libraries, so the defines
 # need to be applied to all affected libraries and modules.
diff --git a/crypto/poly1305/poly1305_ameth.c b/crypto/poly1305/poly1305_ameth.c
deleted file mode 100644
index 2feec9ccc3..0000000000
--- a/crypto/poly1305/poly1305_ameth.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/*
- * Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <stdio.h>
-#include "internal/cryptlib.h"
-#include <openssl/evp.h>
-#include "crypto/asn1.h"
-#include "crypto/poly1305.h"
-#include "crypto/evp.h"
-
-/*
- * POLY1305 "ASN1" method. This is just here to indicate the maximum
- * POLY1305 output length and to free up a POLY1305 key.
- */
-
-static int poly1305_size(const EVP_PKEY *pkey)
-{
-    return POLY1305_DIGEST_SIZE;
-}
-
-static void poly1305_key_free(EVP_PKEY *pkey)
-{
-    ASN1_OCTET_STRING *os = EVP_PKEY_get0(pkey);
-    if (os != NULL) {
-        if (os->data != NULL)
-            OPENSSL_cleanse(os->data, os->length);
-        ASN1_OCTET_STRING_free(os);
-    }
-}
-
-static int poly1305_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
-{
-    /* nothing, (including ASN1_PKEY_CTRL_DEFAULT_MD_NID), is supported */
-    return -2;
-}
-
-static int poly1305_pkey_public_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-    return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b));
-}
-
-static int poly1305_set_priv_key(EVP_PKEY *pkey, const unsigned char *priv,
-                                 size_t len)
-{
-    ASN1_OCTET_STRING *os;
-
-    if (pkey->pkey.ptr != NULL || len != POLY1305_KEY_SIZE)
-        return 0;
-
-    os = ASN1_OCTET_STRING_new();
-    if (os == NULL)
-        return 0;
-
-    if (!ASN1_OCTET_STRING_set(os, priv, len)) {
-        ASN1_OCTET_STRING_free(os);
-        return 0;
-    }
-
-    pkey->pkey.ptr = os;
-    return 1;
-}
-
-static int poly1305_get_priv_key(const EVP_PKEY *pkey, unsigned char *priv,
-                                 size_t *len)
-{
-    ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr;
-
-    if (priv == NULL) {
-        *len = POLY1305_KEY_SIZE;
-        return 1;
-    }
-
-    if (os == NULL || *len < POLY1305_KEY_SIZE)
-        return 0;
-
-    memcpy(priv, ASN1_STRING_get0_data(os), ASN1_STRING_length(os));
-    *len = POLY1305_KEY_SIZE;
-
-    return 1;
-}
-
-const EVP_PKEY_ASN1_METHOD poly1305_asn1_meth = {
-    EVP_PKEY_POLY1305,
-    EVP_PKEY_POLY1305,
-    0,
-
-    "POLY1305",
-    "OpenSSL POLY1305 method",
-
-    0, 0, poly1305_pkey_public_cmp, 0,
-
-    0, 0, 0,
-
-    poly1305_size,
-    0, 0,
-    0, 0, 0, 0, 0, 0, 0,
-
-    poly1305_key_free,
-    poly1305_pkey_ctrl,
-    NULL,
-    NULL,
-
-    NULL,
-    NULL,
-    NULL,
-
-    NULL,
-    NULL,
-    NULL,
-
-    poly1305_set_priv_key,
-    NULL,
-    poly1305_get_priv_key,
-    NULL,
-};
diff --git a/crypto/siphash/build.info b/crypto/siphash/build.info
index 2dc7101a10..432b6f5ec3 100644
--- a/crypto/siphash/build.info
+++ b/crypto/siphash/build.info
@@ -1,4 +1,3 @@
 LIBS=../../libcrypto
 SOURCE[../../libcrypto]=\
-	siphash.c \
-	siphash_ameth.c
+	siphash.c
diff --git a/crypto/siphash/siphash_ameth.c b/crypto/siphash/siphash_ameth.c
deleted file mode 100644
index 5aa4d88915..0000000000
--- a/crypto/siphash/siphash_ameth.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/*
- * Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <stdio.h>
-#include "internal/cryptlib.h"
-#include <openssl/evp.h>
-#include "crypto/asn1.h"
-#include "crypto/siphash.h"
-#include "siphash_local.h"
-#include "crypto/evp.h"
-
-/*
- * SIPHASH "ASN1" method. This is just here to indicate the maximum
- * SIPHASH output length and to free up a SIPHASH key.
- */
-
-static int siphash_size(const EVP_PKEY *pkey)
-{
-    return SIPHASH_MAX_DIGEST_SIZE;
-}
-
-static void siphash_key_free(EVP_PKEY *pkey)
-{
-    ASN1_OCTET_STRING *os = EVP_PKEY_get0(pkey);
-
-    if (os != NULL) {
-        if (os->data != NULL)
-            OPENSSL_cleanse(os->data, os->length);
-        ASN1_OCTET_STRING_free(os);
-    }
-}
-
-static int siphash_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
-{
-    /* nothing (including ASN1_PKEY_CTRL_DEFAULT_MD_NID), is supported */
-    return -2;
-}
-
-static int siphash_pkey_public_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-    return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b));
-}
-
-static int siphash_set_priv_key(EVP_PKEY *pkey, const unsigned char *priv,
-                                size_t len)
-{
-    ASN1_OCTET_STRING *os;
-
-    if (pkey->pkey.ptr != NULL || len != SIPHASH_KEY_SIZE)
-        return 0;
-
-    os = ASN1_OCTET_STRING_new();
-    if (os == NULL)
-        return 0;
-
-    if (!ASN1_OCTET_STRING_set(os, priv, len)) {
-        ASN1_OCTET_STRING_free(os);
-        return 0;
-    }
-
-    pkey->pkey.ptr = os;
-    return 1;
-}
-
-static int siphash_get_priv_key(const EVP_PKEY *pkey, unsigned char *priv,
-                                size_t *len)
-{
-    ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr;
-
-    if (priv == NULL) {
-        *len = SIPHASH_KEY_SIZE;
-        return 1;
-    }
-
-    if (os == NULL || *len < SIPHASH_KEY_SIZE)
-        return 0;
-
-    memcpy(priv, ASN1_STRING_get0_data(os), ASN1_STRING_length(os));
-    *len = SIPHASH_KEY_SIZE;
-
-    return 1;
-}
-
-const EVP_PKEY_ASN1_METHOD siphash_asn1_meth = {
-    EVP_PKEY_SIPHASH,
-    EVP_PKEY_SIPHASH,
-    0,
-
-    "SIPHASH",
-    "OpenSSL SIPHASH method",
-
-    0, 0, siphash_pkey_public_cmp, 0,
-
-    0, 0, 0,
-
-    siphash_size,
-    0, 0,
-    0, 0, 0, 0, 0, 0, 0,
-
-    siphash_key_free,
-    siphash_pkey_ctrl,
-    NULL,
-    NULL,
-
-    NULL,
-    NULL,
-    NULL,
-
-    NULL,
-    NULL,
-    NULL,
-
-    siphash_set_priv_key,
-    NULL,
-    siphash_get_priv_key,
-    NULL,
-};
diff --git a/doc/man3/EVP_PKEY_new.pod b/doc/man3/EVP_PKEY_new.pod
index ff5744bebd..0543600704 100644
--- a/doc/man3/EVP_PKEY_new.pod
+++ b/doc/man3/EVP_PKEY_new.pod
@@ -9,6 +9,7 @@ EVP_PKEY_new_raw_private_key_with_libctx,
 EVP_PKEY_new_raw_private_key,
 EVP_PKEY_new_raw_public_key_with_libctx,
 EVP_PKEY_new_raw_public_key,
+EVP_PKEY_new_CMAC_key_with_libctx,
 EVP_PKEY_new_CMAC_key,
 EVP_PKEY_new_mac_key,
 EVP_PKEY_get_raw_private_key,
@@ -37,6 +38,11 @@ EVP_PKEY_get_raw_public_key
                                                    size_t keylen);
  EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e,
                                        const unsigned char *key, size_t keylen);
+ EVP_PKEY *EVP_PKEY_new_CMAC_key_with_libctx(const unsigned char *priv,
+                                             size_t len,
+                                             const char *cipher_name,
+                                             OPENSSL_CTX *libctx,
+                                             const char *propq);
  EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
                                  size_t len, const EVP_CIPHER *cipher);
  EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key,
@@ -53,10 +59,10 @@ The EVP_PKEY_new() function allocates an empty B<EVP_PKEY> structure which is
 used by OpenSSL to store public and private keys. The reference count is set to
 B<1>.
 
-EVP_PKEY_up_ref() increments the reference count of B<key>.
+EVP_PKEY_up_ref() increments the reference count of I<key>.
 
-EVP_PKEY_free() decrements the reference count of B<key> and, if the reference
-count is zero, frees it up. If B<key> is NULL, nothing is done.
+EVP_PKEY_free() decrements the reference count of I<key> and, if the reference
+count is zero, frees it up. If I<key> is NULL, nothing is done.
 
 EVP_PKEY_new_raw_private_key_with_libctx() allocates a new B<EVP_PKEY>. Unless
 an engine should be used for the key type, a provider for the key is found using
@@ -73,8 +79,8 @@ derived from the given private key data (if appropriate for the algorithm type).
 
 EVP_PKEY_new_raw_private_key() does the same as
 EVP_PKEY_new_raw_private_key_with_libctx() except that the default library
-context and default property query are used instead. If B<e> is non-NULL then
-the new B<EVP_PKEY> structure is associated with the engine B<e>. The B<type>
+context and default property query are used instead. If I<e> is non-NULL then
+the new B<EVP_PKEY> structure is associated with the engine I<e>. The I<type>
 argument indicates what kind of key this is. The value should be a NID for a
 public key algorithm that supports raw private keys, i.e. one of
 B<EVP_PKEY_POLY1305>, B<EVP_PKEY_SIPHASH>, B<EVP_PKEY_X25519>,
@@ -82,40 +88,46 @@ B<EVP_PKEY_ED25519>, B<EVP_PKEY_X448> or B<EVP_PKEY_ED448>. As for
 EVP_PKEY_new_raw_private_key_with_libctx() you may also use B<EVP_PKEY_HMAC>.
 
 EVP_PKEY_new_raw_public_key_with_libctx() works in the same way as
-EVP_PKEY_new_raw_private_key_with_libctx() except that B<key> points to the raw
+EVP_PKEY_new_raw_private_key_with_libctx() except that I<key> points to the raw
 public key data. The B<EVP_PKEY> structure will be initialised without any
 private key information. Algorithm types that support raw public keys are
 "X25519", "ED25519", "X448" or "ED448".
 
 EVP_PKEY_new_raw_public_key() works in the same way as
-EVP_PKEY_new_raw_private_key() except that B<key> points to the raw public key
+EVP_PKEY_new_raw_private_key() except that I<key> points to the raw public key
 data. The B<EVP_PKEY> structure will be initialised without any private key
 information. Algorithm types that support raw public keys are
 B<EVP_PKEY_X25519>, B<EVP_PKEY_ED25519>, B<EVP_PKEY_X448> or B<EVP_PKEY_ED448>.
 
-EVP_PKEY_new_CMAC_key() works in the same way as EVP_PKEY_new_raw_private_key()
-except it is only for the B<EVP_PKEY_CMAC> algorithm type. In addition to the
-raw private key data, it also takes a cipher algorithm to be used during
-creation of a CMAC in the B<cipher> argument. The cipher should be a standard
-encryption only cipher. For example AEAD and XTS ciphers should not be used.
+EVP_PKEY_new_CMAC_key_with_libctx() works in the same way as
+EVP_PKEY_new_raw_private_key() except it is only for the B<EVP_PKEY_CMAC>
+algorithm type. In addition to the raw private key data, it also takes a cipher
+algorithm to be used during creation of a CMAC in the I<cipher> argument. The
+cipher should be a standard encryption only cipher. For example AEAD and XTS
+ciphers should not be used. Finally it also takes a library context I<libctx>
+and property query I<propq> which are used when fetching any cryptographic
+algorithms which may be NULL to use the default values.
+
+EVP_PKEY_new_CMAC_key() is the same as EVP_PKEY_new_CMAC_key_with_libctx()
+except that the default values are used for I<libctx> and I<propq>.
 
 EVP_PKEY_new_mac_key() works in the same way as EVP_PKEY_new_raw_private_key().
 New applications should use EVP_PKEY_new_raw_private_key() instead.
 
-EVP_PKEY_get_raw_private_key() fills the buffer provided by B<priv> with raw
-private key data. The size of the B<priv> buffer should be in B<*len> on entry
-to the function, and on exit B<*len> is updated with the number of bytes
-actually written. If the buffer B<priv> is NULL then B<*len> is populated with
+EVP_PKEY_get_raw_private_key() fills the buffer provided by I<priv> with raw
+private key data. The size of the I<priv> buffer should be in I<*len> on entry
+to the function, and on exit I<*len> is updated with the number of bytes
+actually written. If the buffer I<priv> is NULL then I<*len> is populated with
 the number of bytes required to hold the key. The calling application is
 responsible for ensuring that the buffer is large enough to receive the private
 key data. This function only works for algorithms that support raw private keys.
 Currently this is: B<EVP_PKEY_HMAC>, B<EVP_PKEY_POLY1305>, B<EVP_PKEY_SIPHASH>,
 B<EVP_PKEY_X25519>, B<EVP_PKEY_ED25519>, B<EVP_PKEY_X448> or B<EVP_PKEY_ED448>.
 
-EVP_PKEY_get_raw_public_key() fills the buffer provided by B<pub> with raw
-public key data. The size of the B<pub> buffer should be in B<*len> on entry
-to the function, and on exit B<*len> is updated with the number of bytes
-actually written. If the buffer B<pub> is NULL then B<*len> is populated with
+EVP_PKEY_get_raw_public_key() fills the buffer provided by I<pub> with raw
+public key data. The size of the I<pub> buffer should be in I<*len> on entry
+to the function, and on exit I<*len> is updated with the number of bytes
+actually written. If the buffer I<pub> is NULL then I<*len> is populated with
 the number of bytes required to hold the key. The calling application is
 responsible for ensuring that the buffer is large enough to receive the public
 key data. This function only works for algorithms that support raw public  keys.
@@ -158,8 +170,9 @@ EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(),
 EVP_PKEY_new_CMAC_key(), EVP_PKEY_new_raw_private_key() and
 EVP_PKEY_get_raw_public_key() functions were added in OpenSSL 1.1.1.
 
-The EVP_PKEY_new_raw_private_key_with_libctx and
-EVP_PKEY_new_raw_public_key_with_libctx functions were added in OpenSSL 3.0.
+The EVP_PKEY_new_raw_private_key_with_libctx(),
+EVP_PKEY_new_raw_public_key_with_libctx() and
+EVP_PKEY_new_CMAC_key_with_libctx() functions were added in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
diff --git a/doc/man7/EVP_PKEY-HMAC.pod b/doc/man7/EVP_PKEY-HMAC.pod
new file mode 100644
index 0000000000..7b6c52bb03
--- /dev/null
+++ b/doc/man7/EVP_PKEY-HMAC.pod
@@ -0,0 +1,95 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY-HMAC, EVP_KEYMGMT-HMAC, EVP_PKEY-SIPHASH, EVP_KEYMGMT-SIPHASH,
+EVP_PKEY-POLY1305, EVP_KEYMGMT-POLY1305, EVP_PKEY-CMAC, EVP_KEYMGMT-CMAC
+- EVP_PKEY legacy MAC keytypes and algorithm support
+
+=head1 DESCRIPTION
+
+The B<HMAC> and B<CMAC> key types are implemented in OpenSSL's default and FIPS
+providers. Additionally the B<SIPHASH> and B<POLY1305> key types are implemented
+in the default provider. Performing MAC operations via an EVP_PKEY
+is considered legacy and are only available for backwards compatibility purposes
+and for a restricted set of algorithms. The preferred way of performing MAC
+operations is via the EVP_MAC APIs. See L<EVP_MAC_init(3)>.
+
+For further details on using EVP_PKEY based MAC keys see
+L<EVP_SIGNATURE-HMAC(7)>, L<EVP_SIGNATURE-SIPHASH(7)>,
+L<EVP_SIGNATURE-POLY1305(7)> or L<EVP_SIGNATURE-CMAC(7)>.
+
+=head2 Common MAC parameters
+
+All the B<MAC> keytypes support the following parameters.
+
+=over 4
+
+=item "priv" (B<OSSL_PKEY_PARAM_PRIV_KEY>) <octet string>
+
+The MAC key value.
+
+=item "properties" (B<OSSL_PKEY_PARAM_PROPERTIES>) <UTF8 string>
+
+A property query string to be used when any algorithms are fetched.
+
+=back
+
+=head2 CMAC parameters
+
+As well as the parameters described above, the B<CMAC> keytype additionally
+supports the following parameters.
+
+=over 4
+
+=item "cipher" (B<OSSL_PKEY_PARAM_CIPHER>) <UTF8 string>
+
+The name of a cipher to be used when generating the MAC.
+
+=item "engine" (B<OSSL_PKEY_PARAM_ENGINE>) <UTF8 string>
+
+The name of an engine to be used for the specified cipher (if any).
+
+=back
+
+=head2 Common MAC key generation parameters
+
+MAC key generation is unusual in that no new key is actually generated. Instead
+a new provider side key object is created with the supplied raw key value. This
+is done for backwards compatibility with previous versions of OpenSSL.
+
+=over 4
+
+=item "priv" (B<OSSL_PKEY_PARAM_PRIV_KEY>) <octet string>
+
+The MAC key value.
+
+=back
+
+=head2 CMAC key generation parameters
+
+In addition to the common MAC key generation parameters, the CMAC key generation
+additionally recognises the following.
+
+=over 4
+
+=item "cipher" (B<OSSL_PKEY_PARAM_CIPHER>) <UTF8 string>
+
+The name of a cipher to be used when generating the MAC.
+
+=back
+
+=head1 SEE ALSO
+
+L<EVP_KEYMGMT(3)>, L<EVP_PKEY(3)>, L<provider-keymgmt(7)>
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/EVP_SIGNATURE-HMAC.pod b/doc/man7/EVP_SIGNATURE-HMAC.pod
new file mode 100644
index 0000000000..dd74fae88c
--- /dev/null
+++ b/doc/man7/EVP_SIGNATURE-HMAC.pod
@@ -0,0 +1,41 @@
+=pod
+
+=head1 NAME
+
+EVP_SIGNATURE-HMAC, EVP_SIGNATURE-SIPHASH, EVP_SIGNATURE-POLY1305,
+EVP_SIGNATURE-CMAC
+- The legacy B<EVP_PKEY> MAC signature implementations
+
+=head1 DESCRIPTION
+
+The algorithms described here have legacy support for creating MACs using
+L<EVP_DigestSignInit(3)> and related functions. This is not the preferred way of
+creating MACs. Instead you should use the newer L<EVP_MAC_init(3)> functions.
+This mechanism is provided for backwards compatibility with older versions of
+OpenSSL. 
+
+There are no parameters supported by the legacy EVP_PKEY MAC signature
+algorithms. See L<EVP_PKEY-HMAC(7)>, L<EVP_PKEY-SIPHASH(7)>,
+L<EVP_PKEY-POLY1305(7)> or L<EVP_PKEY-CMAC(7)> for details about parameters that
+are supported during the creation of an EVP_PKEY.
+
+=head1 SEE ALSO
+
+L<EVP_MAC_init(3)>,
+L<EVP_DigestSignInit(3)>,
+L<EVP_PKEY-HMAC(7)>,
+L<EVP_PKEY-SIPHASH(7)>,
+L<EVP_PKEY-POLY1305(7)>,
+L<EVP_PKEY-CMAC(7)>,
+L<provider-signature(7)>,
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/include/crypto/asn1.h b/include/crypto/asn1.h
index 68672d1a02..041642f022 100644
--- a/include/crypto/asn1.h
+++ b/include/crypto/asn1.h
@@ -86,7 +86,6 @@ struct evp_pkey_asn1_method_st {
 
 DEFINE_STACK_OF_CONST(EVP_PKEY_ASN1_METHOD)
 
-extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth;
 extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth;
 extern const EVP_PKEY_ASN1_METHOD dhx_asn1_meth;
 extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[5];
@@ -96,12 +95,9 @@ extern const EVP_PKEY_ASN1_METHOD ecx448_asn1_meth;
 extern const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth;
 extern const EVP_PKEY_ASN1_METHOD ed448_asn1_meth;
 extern const EVP_PKEY_ASN1_METHOD sm2_asn1_meth;
-extern const EVP_PKEY_ASN1_METHOD poly1305_asn1_meth;
 
-extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth;
 extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[2];
 extern const EVP_PKEY_ASN1_METHOD rsa_pss_asn1_meth;
-extern const EVP_PKEY_ASN1_METHOD siphash_asn1_meth;
 
 /*
  * These are used internally in the ASN1_OBJECT to keep track of whether the
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
index 512b4d6f48..634eb86425 100644
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -131,7 +131,6 @@ DEFINE_STACK_OF_CONST(EVP_PKEY_METHOD)
 
 void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
 
-const EVP_PKEY_METHOD *cmac_pkey_method(void);
 const EVP_PKEY_METHOD *dh_pkey_method(void);
 const EVP_PKEY_METHOD *dhx_pkey_method(void);
 const EVP_PKEY_METHOD *dsa_pkey_method(void);
@@ -141,11 +140,8 @@ const EVP_PKEY_METHOD *ecx25519_pkey_method(void);
 const EVP_PKEY_METHOD *ecx448_pkey_method(void);
 const EVP_PKEY_METHOD *ed25519_pkey_method(void);
 const EVP_PKEY_METHOD *ed448_pkey_method(void);
-const EVP_PKEY_METHOD *hmac_pkey_method(void);
 const EVP_PKEY_METHOD *rsa_pkey_method(void);
 const EVP_PKEY_METHOD *rsa_pss_pkey_method(void);
-const EVP_PKEY_METHOD *poly1305_pkey_method(void);
-const EVP_PKEY_METHOD *siphash_pkey_method(void);
 
 struct evp_mac_st {
     OSSL_PROVIDER *prov;
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
index 4ca794fd50..3be69d5774 100644
--- a/include/openssl/core_names.h
+++ b/include/openssl/core_names.h
@@ -56,6 +56,7 @@ extern "C" {
  */
 #define OSSL_ALG_PARAM_DIGEST       "digest"    /* utf8_string */
 #define OSSL_ALG_PARAM_CIPHER       "cipher"    /* utf8_string */
+#define OSSL_ALG_PARAM_ENGINE       "engine"    /* utf8_string */
 #define OSSL_ALG_PARAM_MAC          "mac"       /* utf8_string */
 #define OSSL_ALG_PARAM_PROPERTIES   "properties"/* utf8_string */
 
@@ -247,6 +248,8 @@ extern "C" {
 #define OSSL_PKEY_PARAM_MAX_SIZE            "max-size" /* integer */
 #define OSSL_PKEY_PARAM_SECURITY_BITS       "security-bits" /* integer */
 #define OSSL_PKEY_PARAM_DIGEST              OSSL_ALG_PARAM_DIGEST
+#define OSSL_PKEY_PARAM_CIPHER              OSSL_ALG_PARAM_CIPHER /* utf8 string */
+#define OSSL_PKEY_PARAM_ENGINE              OSSL_ALG_PARAM_ENGINE /* utf8 string */
 #define OSSL_PKEY_PARAM_PROPERTIES          OSSL_ALG_PARAM_PROPERTIES
 #define OSSL_PKEY_PARAM_DEFAULT_DIGEST      "default-digest" /* utf8 string */
 #define OSSL_PKEY_PARAM_MANDATORY_DIGEST    "mandatory-digest" /* utf8 string */
@@ -257,8 +260,6 @@ extern "C" {
 #define OSSL_PKEY_PARAM_MGF1_PROPERTIES     "mgf1-properties"
 #define OSSL_PKEY_PARAM_TLS_ENCODED_PT      "tls-encoded-pt"
 #define OSSL_PKEY_PARAM_GROUP_NAME          "group"
-
-/* Diffie-Hellman/DSA public/private key */
 #define OSSL_PKEY_PARAM_PUB_KEY             "pub"
 #define OSSL_PKEY_PARAM_PRIV_KEY            "priv"
 
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 62015a7b1b..6bd6e26edf 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -1526,9 +1526,8 @@ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
 # define EVP_PKEY_OP_TYPE_FROMDATA \
         (EVP_PKEY_OP_PARAMFROMDATA | EVP_PKEY_OP_KEYFROMDATA)
 
-# define  EVP_PKEY_CTX_set_mac_key(ctx, key, len)        \
-                EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_KEYGEN,  \
-                                  EVP_PKEY_CTRL_SET_MAC_KEY, len, (void *)(key))
+int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, const unsigned char *key,
+                             int keylen);
 
 # define EVP_PKEY_CTRL_MD                1
 # define EVP_PKEY_CTRL_PEER_KEY          2
@@ -1636,6 +1635,11 @@ int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, unsigned char *priv,
 int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub,
                                 size_t *len);
 
+EVP_PKEY *EVP_PKEY_new_CMAC_key_with_libctx(const unsigned char *priv,
+                                            size_t len,
+                                            const char *cipher_name,
+                                            OPENSSL_CTX *libctx,
+                                            const char *propq);
 EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
                                 size_t len, const EVP_CIPHER *cipher);
 
diff --git a/providers/common/include/prov/provider_util.h b/providers/common/include/prov/provider_util.h
index 9b5b983299..d964f832ad 100644
--- a/providers/common/include/prov/provider_util.h
+++ b/providers/common/include/prov/provider_util.h
@@ -78,6 +78,21 @@ int ossl_prov_digest_copy(PROV_DIGEST *dst, const PROV_DIGEST *src);
 const EVP_MD *ossl_prov_digest_md(const PROV_DIGEST *pd);
 ENGINE *ossl_prov_digest_engine(const PROV_DIGEST *pd);
 
+
+/*
+ * Set the various parameters on an EVP_MAC_CTX from the supplied arguments.
+ * If any of the supplied ciphername/mdname etc are NULL then the values
+ * from the supplied params (if non NULL) are used instead.
+ */
+int ossl_prov_set_macctx(EVP_MAC_CTX *macctx,
+                         const OSSL_PARAM params[],
+                         const char *ciphername,
+                         const char *mdname,
+                         const char *engine,
+                         const char *properties,
+                         const unsigned char *key,
+                         size_t keylen);
+
 /* MAC functions */
 /*
  * Load an EVP_MAC_CTX* from the specified parameters with the specified
diff --git a/providers/common/provider_util.c b/providers/common/provider_util.c
index f6155e7dce..1bd514221f 100644
--- a/providers/common/provider_util.c
+++ b/providers/common/provider_util.c
@@ -50,7 +50,7 @@ static int load_common(const OSSL_PARAM params[], const char **propquery,
     /* TODO legacy stuff, to be removed */
     /* Inside the FIPS module, we don't support legacy ciphers */
 #if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE)
-    p = OSSL_PARAM_locate_const(params, "engine");
+    p = OSSL_PARAM_locate_const(params, OSSL_ALG_PARAM_ENGINE);
     if (p != NULL) {
         if (p->data_type != OSSL_PARAM_UTF8_STRING)
             return 0;
@@ -164,6 +164,72 @@ ENGINE *ossl_prov_digest_engine(const PROV_DIGEST *pd)
     return pd->engine;
 }
 
+int ossl_prov_set_macctx(EVP_MAC_CTX *macctx,
+                         const OSSL_PARAM params[],
+                         const char *ciphername,
+                         const char *mdname,
+                         const char *engine,
+                         const char *properties,
+                         const unsigned char *key,
+                         size_t keylen)
+{
+    const OSSL_PARAM *p;
+    OSSL_PARAM mac_params[6], *mp = mac_params;
+
+    if (params != NULL) {
+        if (mdname == NULL) {
+            if ((p = OSSL_PARAM_locate_const(params,
+                                            OSSL_ALG_PARAM_DIGEST)) != NULL) {
+                if (p->data_type != OSSL_PARAM_UTF8_STRING)
+                    return 0;
+                mdname = p->data;
+            }
+        }
+        if (ciphername == NULL) {
+            if ((p = OSSL_PARAM_locate_const(params,
+                                            OSSL_ALG_PARAM_CIPHER)) != NULL) {
+                if (p->data_type != OSSL_PARAM_UTF8_STRING)
+                    return 0;
+                ciphername = p->data;
+            }
+        }
+        if (engine == NULL) {
+            if ((p = OSSL_PARAM_locate_const(params, OSSL_ALG_PARAM_ENGINE))
+                    != NULL) {
+                if (p->data_type != OSSL_PARAM_UTF8_STRING)
+                    return 0;
+                engine = p->data;
+            }
+        }
+    }
+
+    if (mdname != NULL)
+        *mp++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
+                                                 (char *)mdname, 0);
+    if (ciphername != NULL)
+        *mp++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER,
+                                                 (char *)ciphername, 0);
+    if (properties != NULL)
+        *mp++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_PROPERTIES,
+                                                 (char *)properties, 0);
+
+#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
+    if (engine != NULL)
+        *mp++ = OSSL_PARAM_construct_utf8_string(OSSL_ALG_PARAM_ENGINE,
+                                                 (char *) engine, 0);
+#endif
+
+    if (key != NULL)
+        *mp++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
+                                                  (unsigned char *)key,
+                                                  keylen);
+
+    *mp = OSSL_PARAM_construct_end();
+
+    return EVP_MAC_CTX_set_params(macctx, mac_params);
+
+}
+
 int ossl_prov_macctx_load_from_params(EVP_MAC_CTX **macctx,
                                       const OSSL_PARAM params[],
                                       const char *macname,
@@ -172,7 +238,6 @@ int ossl_prov_macctx_load_from_params(EVP_MAC_CTX **macctx,
                                       OPENSSL_CTX *libctx)
 {
     const OSSL_PARAM *p;
-    OSSL_PARAM mac_params[5], *mp = mac_params;
     const char *properties = NULL;
 
     if (macname == NULL
@@ -207,44 +272,8 @@ int ossl_prov_macctx_load_from_params(EVP_MAC_CTX **macctx,
     if (*macctx == NULL)
         return 1;
 
-    if (mdname == NULL) {
-        if ((p = OSSL_PARAM_locate_const(params,
-                                         OSSL_ALG_PARAM_DIGEST)) != NULL) {
-            if (p->data_type != OSSL_PARAM_UTF8_STRING)
-                return 0;
-            mdname = p->data;
-        }
-    }
-    if (ciphername == NULL) {
-        if ((p = OSSL_PARAM_locate_const(params,
-                                         OSSL_ALG_PARAM_CIPHER)) != NULL) {
-            if (p->data_type != OSSL_PARAM_UTF8_STRING)
-                return 0;
-            ciphername = p->data;
-        }
-    }
-
-    if (mdname != NULL)
-        *mp++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
-                                                 (char *)mdname, 0);
-    if (ciphername != NULL)
-        *mp++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER,
-                                                 (char *)ciphername, 0);
-    if (properties != NULL)
-        *mp++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_PROPERTIES,
-                                                 (char *)properties, 0);
-
-#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
-    if ((p = OSSL_PARAM_locate_const(params, "engine")) != NULL) {
-        if (p->data_type != OSSL_PARAM_UTF8_STRING)
-            return 0;
-        *mp++ = OSSL_PARAM_construct_utf8_string("engine",
-                                                 p->data, p->data_size);
-    }
-#endif
-    *mp = OSSL_PARAM_construct_end();
-
-    if (EVP_MAC_CTX_set_params(*macctx, mac_params))
+    if (ossl_prov_set_macctx(*macctx, params, ciphername, mdname, NULL,
+                             properties, NULL, 0))
         return 1;
 
     EVP_MAC_CTX_free(*macctx);
diff --git a/providers/defltprov.c b/providers/defltprov.c
index 9aefa801a1..943bdc6136 100644
--- a/providers/defltprov.c
+++ b/providers/defltprov.c
@@ -363,6 +363,14 @@ static const OSSL_ALGORITHM deflt_signature[] = {
     { "ED25519:Ed25519", "provider=default", ed25519_signature_functions },
     { "ED448:Ed448", "provider=default", ed448_signature_functions },
     { "ECDSA", "provider=default", ecdsa_signature_functions },
+#endif
+    { "HMAC", "provider=default", mac_legacy_hmac_signature_functions },
+    { "SIPHASH", "provider=default", mac_legacy_siphash_signature_functions },
+#ifndef OPENSSL_NO_POLY1305
+    { "POLY1305", "provider=default", mac_legacy_poly1305_signature_functions },
+#endif
+#ifndef OPENSSL_NO_CMAC
+    { "CMAC", "provider=default", mac_legacy_cmac_signature_functions },
 #endif
     { NULL, NULL, NULL }
 };
@@ -392,6 +400,14 @@ static const OSSL_ALGORITHM deflt_keymgmt[] = {
     { "TLS1-PRF", "provider=default", kdf_keymgmt_functions },
     { "HKDF", "provider=default", kdf_keymgmt_functions },
     { "SCRYPT:id-scrypt", "provider=default", kdf_keymgmt_functions },
+    { "HMAC", "provider=default", mac_legacy_keymgmt_functions },
+    { "SIPHASH", "provider=default", mac_legacy_keymgmt_functions },
+#ifndef OPENSSL_NO_POLY1305
+    { "POLY1305", "provider=default", mac_legacy_keymgmt_functions },
+#endif
+#ifndef OPENSSL_NO_CMAC
+    { "CMAC", "provider=default", cmac_legacy_keymgmt_functions },
+#endif
     { NULL, NULL, NULL }
 };
 
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index b29cae509c..c9867f998c 100644
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -435,6 +435,10 @@ static const OSSL_ALGORITHM fips_signature[] = {
     { "ED25519", FIPS_DEFAULT_PROPERTIES, ed25519_signature_functions },
     { "ED448", FIPS_DEFAULT_PROPERTIES, ed448_signature_functions },
     { "ECDSA", FIPS_DEFAULT_PROPERTIES, ecdsa_signature_functions },
+#endif
+    { "HMAC", FIPS_DEFAULT_PROPERTIES, mac_legacy_hmac_signature_functions },
+#ifndef OPENSSL_NO_CMAC
+    { "CMAC", FIPS_DEFAULT_PROPERTIES, mac_legacy_cmac_signature_functions },
 #endif
     { NULL, NULL, NULL }
 };
@@ -464,6 +468,10 @@ static const OSSL_ALGORITHM fips_keymgmt[] = {
 #endif
     { "TLS1-PRF", FIPS_DEFAULT_PROPERTIES, kdf_keymgmt_functions },
     { "HKDF", FIPS_DEFAULT_PROPERTIES, kdf_keymgmt_functions },
+    { "HMAC", FIPS_DEFAULT_PROPERTIES, mac_legacy_keymgmt_functions },
+#ifndef OPENSSL_NO_CMAC
+    { "CMAC", FIPS_DEFAULT_PROPERTIES, cmac_legacy_keymgmt_functions },
+#endif
     { NULL, NULL, NULL }
 };
 
diff --git a/providers/implementations/include/prov/implementations.h b/providers/implementations/include/prov/implementations.h
index f07a7b00f0..1b8642415f 100644
--- a/providers/implementations/include/prov/implementations.h
+++ b/providers/implementations/include/prov/implementations.h
@@ -278,6 +278,8 @@ extern const OSSL_DISPATCH ed25519_keymgmt_functions[];
 extern const OSSL_DISPATCH ed448_keymgmt_functions[];
 extern const OSSL_DISPATCH ec_keymgmt_functions[];
 extern const OSSL_DISPATCH kdf_keymgmt_functions[];
+extern const OSSL_DISPATCH mac_legacy_keymgmt_functions[];
+extern const OSSL_DISPATCH cmac_legacy_keymgmt_functions[];
 
 /* Key Exchange */
 extern const OSSL_DISPATCH dh_keyexch_functions[];
@@ -294,7 +296,10 @@ extern const OSSL_DISPATCH rsa_signature_functions[];
 extern const OSSL_DISPATCH ed25519_signature_functions[];
 extern const OSSL_DISPATCH ed448_signature_functions[];
 extern const OSSL_DISPATCH ecdsa_signature_functions[];
-
+extern const OSSL_DISPATCH mac_legacy_hmac_signature_functions[];
+extern const OSSL_DISPATCH mac_legacy_siphash_signature_functions[];
+extern const OSSL_DISPATCH mac_legacy_poly1305_signature_functions[];
+extern const OSSL_DISPATCH mac_legacy_cmac_signature_functions[];
 
 /* Asym Cipher */
 extern const OSSL_DISPATCH rsa_asym_cipher_functions[];
diff --git a/providers/implementations/include/prov/kdfexchange.h b/providers/implementations/include/prov/macsignature.h
similarity index 60%
copy from providers/implementations/include/prov/kdfexchange.h
copy to providers/implementations/include/prov/macsignature.h
index 5c817bb929..bec5c46fbe 100644
--- a/providers/implementations/include/prov/kdfexchange.h
+++ b/providers/implementations/include/prov/macsignature.h
@@ -10,15 +10,21 @@
 #include <stdlib.h>
 #include <openssl/crypto.h>
 #include "internal/refcount.h"
+#include "prov/provider_util.h"
 
-struct kdf_data_st {
+struct mac_key_st {
+    CRYPTO_RWLOCK *lock;
     OPENSSL_CTX *libctx;
     CRYPTO_REF_COUNT refcnt;
-    CRYPTO_RWLOCK *lock;
+    unsigned char *priv_key;
+    size_t priv_key_len;
+    PROV_CIPHER cipher;
+    char *properties;
+    int cmac;
 };
 
-typedef struct kdf_data_st KDF_DATA;
+typedef struct mac_key_st MAC_KEY;
 
-KDF_DATA *kdf_data_new(void *provctx);
-void kdf_data_free(KDF_DATA *kdfdata);
-int kdf_data_up_ref(KDF_DATA *kdfdata);
+MAC_KEY *mac_key_new(OPENSSL_CTX *libctx, int cmac);
+void mac_key_free(MAC_KEY *mackey);
+int mac_key_up_ref(MAC_KEY *mackey);
diff --git a/providers/implementations/keymgmt/build.info b/providers/implementations/keymgmt/build.info
index 53c84ac3d4..978cd706ae 100644
--- a/providers/implementations/keymgmt/build.info
+++ b/providers/implementations/keymgmt/build.info
@@ -36,3 +36,6 @@ SOURCE[../../libfips.a]=rsa_kmgmt.c
 SOURCE[../../libnonfips.a]=rsa_kmgmt.c
 
 SOURCE[$KDF_GOAL]=kdf_legacy_kmgmt.c
+
+SOURCE[../../libfips.a]=mac_legacy_kmgmt.c
+SOURCE[../../libnonfips.a]=mac_legacy_kmgmt.c
diff --git a/providers/implementations/keymgmt/mac_legacy_kmgmt.c b/providers/implementations/keymgmt/mac_legacy_kmgmt.c
new file mode 100644
index 0000000000..dd18eecf12
--- /dev/null
+++ b/providers/implementations/keymgmt/mac_legacy_kmgmt.c
@@ -0,0 +1,513 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/* We need to use some engine deprecated APIs */
+#define OPENSSL_SUPPRESS_DEPRECATED
+
+#include <string.h>
+#include <openssl/core_dispatch.h>
+#include <openssl/core_names.h>
+#include <openssl/params.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include "openssl/param_build.h"
+#include "internal/param_build_set.h"
+#include "prov/implementations.h"
+#include "prov/providercommon.h"
+#include "prov/provider_ctx.h"
+#include "prov/macsignature.h"
+#include "e_os.h" /* strcasecmp */
+
+static OSSL_FUNC_keymgmt_new_fn mac_new;
+static OSSL_FUNC_keymgmt_free_fn mac_free;
+static OSSL_FUNC_keymgmt_gen_init_fn mac_gen_init;
+static OSSL_FUNC_keymgmt_gen_fn mac_gen;
+static OSSL_FUNC_keymgmt_gen_cleanup_fn mac_gen_cleanup;
+static OSSL_FUNC_keymgmt_get_params_fn mac_get_params;
+static OSSL_FUNC_keymgmt_gettable_params_fn mac_gettable_params;
+static OSSL_FUNC_keymgmt_set_params_fn mac_set_params;
+static OSSL_FUNC_keymgmt_settable_params_fn mac_settable_params;
+static OSSL_FUNC_keymgmt_has_fn mac_has;
+static OSSL_FUNC_keymgmt_match_fn mac_match;
+static OSSL_FUNC_keymgmt_import_fn mac_import;
+static OSSL_FUNC_keymgmt_import_types_fn mac_imexport_types;
+static OSSL_FUNC_keymgmt_export_fn mac_export;
+static OSSL_FUNC_keymgmt_export_types_fn mac_imexport_types;
+
+struct mac_gen_ctx {
+    OPENSSL_CTX *libctx;
+    int selection;
+    unsigned char *priv_key;
+    size_t priv_key_len;
+    PROV_CIPHER cipher;
+};
+
+MAC_KEY *mac_key_new(OPENSSL_CTX *libctx, int cmac)
+{
+    MAC_KEY *mackey = OPENSSL_zalloc(sizeof(*mackey));
+
+    if (mackey == NULL)
+        return NULL;
+
+    mackey->lock = CRYPTO_THREAD_lock_new();
+    if (mackey->lock == NULL) {
+        OPENSSL_free(mackey);
+        return NULL;
+    }
+    mackey->libctx = libctx;
+    mackey->refcnt = 1;
+    mackey->cmac = cmac;
+
+    return mackey;
+}
+
+void mac_key_free(MAC_KEY *mackey)
+{
+    int ref = 0;
+
+    if (mackey == NULL)
+        return;
+
+    CRYPTO_DOWN_REF(&mackey->refcnt, &ref, mackey->lock);
+    if (ref > 0)
+        return;
+
+    OPENSSL_secure_clear_free(mackey->priv_key, mackey->priv_key_len);
+    OPENSSL_free(mackey->properties);
+    ossl_prov_cipher_reset(&mackey->cipher);
+    CRYPTO_THREAD_lock_free(mackey->lock);
+    OPENSSL_free(mackey);
+}
+
+int mac_key_up_ref(MAC_KEY *mackey)
+{
+    int ref = 0;
+
+    CRYPTO_UP_REF(&mackey->refcnt, &ref, mackey->lock);
+    return 1;
+}
+
+static void *mac_new(void *provctx)
+{
+    return mac_key_new(PROV_LIBRARY_CONTEXT_OF(provctx), 0);
+}
+
+static void *mac_new_cmac(void *provctx)
+{
+    return mac_key_new(PROV_LIBRARY_CONTEXT_OF(provctx), 1);
+}
+
+static void mac_free(void *mackey)
+{
+    mac_key_free(mackey);
+}
+
+static int mac_has(void *keydata, int selection)
+{
+    MAC_KEY *key = keydata;
+    int ok = 0;
+
+    if (key != NULL) {
+        /*
+         * MAC keys always have all the parameters they need (i.e. none).
+         * Therefore we always return with 1, if asked about parameters.
+         * Similarly for public keys.
+         */
+        ok = 1;
+
+        if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0)
+            ok = key->priv_key != NULL;
+    }
+    return ok;
+}
+
+static int mac_match(const void *keydata1, const void *keydata2, int selection)
+{
+    const MAC_KEY *key1 = keydata1;
+    const MAC_KEY *key2 = keydata2;
+    int ok = 1;
+
+    if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
+        if ((key1->priv_key == NULL && key2->priv_key != NULL)
+                || (key1->priv_key != NULL && key2->priv_key == NULL)
+                || key1->priv_key_len != key2->priv_key_len
+                || (key1->cipher.cipher == NULL && key2->cipher.cipher != NULL)
+                || (key1->cipher.cipher != NULL && key2->cipher.cipher == NULL))
+            ok = 0;
+        else
+            ok = ok && (key1->priv_key == NULL /* implies key2->privkey == NULL */
+                        || CRYPTO_memcmp(key1->priv_key, key2->priv_key,
+                                         key1->priv_key_len) == 0);
+        if (key1->cipher.cipher != NULL)
+            ok = ok && EVP_CIPHER_is_a(key1->cipher.cipher,
+                                       EVP_CIPHER_name(key2->cipher.cipher));
+    }
+    return ok;
+}
+
+static int mac_key_fromdata(MAC_KEY *key, const OSSL_PARAM params[])
+{
+    const OSSL_PARAM *p;
+
+    p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY);
+    if (p != NULL) {
+        if (p->data_type != OSSL_PARAM_OCTET_STRING) {
+            ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT);
+            return 0;
+        }
+        OPENSSL_secure_clear_free(key->priv_key, key->priv_key_len);
+        key->priv_key = OPENSSL_secure_malloc(p->data_size);
+        if (key->priv_key == NULL) {
+            ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        memcpy(key->priv_key, p->data, p->data_size);
+        key->priv_key_len = p->data_size;
+    }
+
+    p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PROPERTIES);
+    if (p != NULL) {
+        if (p->data_type != OSSL_PARAM_UTF8_STRING) {
+            ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT);
+            return 0;
+        }
+        OPENSSL_free(key->properties);
+        key->properties = OPENSSL_strdup(p->data);
+        if (key->properties == NULL) {
+            ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+    }
+
+    if (key->cmac && !ossl_prov_cipher_load_from_params(&key->cipher, params,
+                                                        key->libctx)) {
+        ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT);
+        return 0;
+    }
+
+    if (key->priv_key != NULL)
+        return 1;
+
+    return 0;
+}
+
+static int mac_import(void *keydata, int selection, const OSSL_PARAM params[])
+{
+    MAC_KEY *key = keydata;
+
+    if (key == NULL)
+        return 0;
+
+    if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) == 0)
+        return 0;
+
+    return mac_key_fromdata(key, params);
+}
+
+static int key_to_params(MAC_KEY *key, OSSL_PARAM_BLD *tmpl,
+                         OSSL_PARAM params[])
+{
+    if (key == NULL)
+        return 0;
+
+    if (key->priv_key != NULL
+        && !ossl_param_build_set_octet_string(tmpl, params,
+                                              OSSL_PKEY_PARAM_PRIV_KEY,
+                                              key->priv_key, key->priv_key_len))
+        return 0;
+
+    if (key->cipher.cipher != NULL
+        && !ossl_param_build_set_utf8_string(tmpl, params,
+                                             OSSL_PKEY_PARAM_CIPHER,
+                                             EVP_CIPHER_name(key->cipher.cipher)))
+        return 0;
+
+#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
+    if (key->cipher.engine != NULL
+        && !ossl_param_build_set_utf8_string(tmpl, params,
+                                             OSSL_PKEY_PARAM_ENGINE,
+                                             ENGINE_get_id(key->cipher.engine)))
+        return 0;
+#endif
+
+    return 1;
+}
+
+static int mac_export(void *keydata, int selection, OSSL_CALLBACK *param_cb,
+                      void *cbarg)
+{
+    MAC_KEY *key = keydata;
+    OSSL_PARAM_BLD *tmpl;
+    OSSL_PARAM *params = NULL;
+    int ret = 0;
+
+    if (key == NULL)
+        return 0;
+
+    tmpl = OSSL_PARAM_BLD_new();
+    if (tmpl == NULL)
+        return 0;
+
+    if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0
+         && !key_to_params(key, tmpl, NULL))
+        goto err;
+
+    params = OSSL_PARAM_BLD_to_param(tmpl);
+    if (params == NULL)
+        goto err;
+
+    ret = param_cb(params, cbarg);
+    OSSL_PARAM_BLD_free_params(params);
+err:
+    OSSL_PARAM_BLD_free(tmpl);
+    return ret;
+}
+
+static const OSSL_PARAM mac_key_types[] = {
+    OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0),
+    OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_PROPERTIES, NULL, 0),
+    OSSL_PARAM_END
+};
+static const OSSL_PARAM *mac_imexport_types(int selection)
+{
+    if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0)
+        return mac_key_types;
+    return NULL;
+}
+
+static const OSSL_PARAM cmac_key_types[] = {
+    OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0),
+    OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_CIPHER, NULL, 0),
+    OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_ENGINE, NULL, 0),
+    OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_PROPERTIES, NULL, 0),
+    OSSL_PARAM_END
+};
+static const OSSL_PARAM *cmac_imexport_types(int selection)
+{
+    if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0)
+        return cmac_key_types;
+    return NULL;
+}
+
+static int mac_get_params(void *key, OSSL_PARAM params[])
+{
+    return key_to_params(key, NULL, params);
+}
+
+static const OSSL_PARAM *mac_gettable_params(void *provctx)
+{
+    static const OSSL_PARAM gettable_params[] = {
+        OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0),
+        OSSL_PARAM_END
+    };
+    return gettable_params;
+}
+
+static const OSSL_PARAM *cmac_gettable_params(void *provctx)
+{
+    static const OSSL_PARAM gettable_params[] = {
+        OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0),
+        OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_CIPHER, NULL, 0),
+        OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_ENGINE, NULL, 0),
+        OSSL_PARAM_END
+    };
+    return gettable_params;
+}
+
+static int mac_set_params(void *keydata, const OSSL_PARAM params[])
+{
+    MAC_KEY *key = keydata;
+    const OSSL_PARAM *p;
+
+    if (key == NULL)
+        return 0;
+
+    p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY);
+    if (p != NULL)
+        return mac_key_fromdata(key, params);
+
+    return 1;
+}
+
+static const OSSL_PARAM *mac_settable_params(void *provctx)
+{
+    static const OSSL_PARAM settable_params[] = {
+        OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0),
+        OSSL_PARAM_END
+    };
+    return settable_params;
+}
+
+static void *mac_gen_init(void *provctx, int selection)
+{
+    OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(provctx);
+    struct mac_gen_ctx *gctx = NULL;
+
+    if ((gctx = OPENSSL_zalloc(sizeof(*gctx))) != NULL) {
+        gctx->libctx = libctx;
+        gctx->selection = selection;
+    }
+    return gctx;
+}
+
+static int mac_gen_set_params(void *genctx, const OSSL_PARAM params[])
+{
+    struct mac_gen_ctx *gctx = genctx;
+    const OSSL_PARAM *p;
+
+    if (gctx == NULL)
+        return 0;
+
+    p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY);
+    if (p != NULL) {
+        if (p->data_type != OSSL_PARAM_OCTET_STRING) {
+            ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT);
+            return 0;
+        }
+        gctx->priv_key = OPENSSL_secure_malloc(p->data_size);
+        if (gctx->priv_key == NULL) {
+            ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        memcpy(gctx->priv_key, p->data, p->data_size);
+        gctx->priv_key_len = p->data_size;
+    }
+
+    return 1;
+}
+
+static int cmac_gen_set_params(void *genctx, const OSSL_PARAM params[])
+{
+    struct mac_gen_ctx *gctx = genctx;
+
+    if (!mac_gen_set_params(genctx, params))
+        return 0;
+
+    if (!ossl_prov_cipher_load_from_params(&gctx->cipher, params,
+                                           gctx->libctx)) {
+        ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT);
+        return 0;
+    }
+
+    return 1;
+}
+
+static const OSSL_PARAM *mac_gen_settable_params(void *provctx)
+{
+    static OSSL_PARAM settable[] = {
+        OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0),
+        OSSL_PARAM_END
+    };
+    return settable;
+}
+
+static const OSSL_PARAM *cmac_gen_settable_params(void *provctx)
+{
+    static OSSL_PARAM settable[] = {
+        OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0),
+        OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_CIPHER, NULL, 0),
+        OSSL_PARAM_END
+    };
+    return settable;
+}
+
+static void *mac_gen(void *genctx, OSSL_CALLBACK *cb, void *cbarg)
+{
+    struct mac_gen_ctx *gctx = genctx;
+    MAC_KEY *key;
+
+    if (gctx == NULL)
+        return NULL;
+
+    if ((key = mac_key_new(gctx->libctx, 0)) == NULL) {
+        ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    /* If we're doing parameter generation then we just return a blank key */
+    if ((gctx->selection & OSSL_KEYMGMT_SELECT_KEYPAIR) == 0)
+        return key;
+
+    if (gctx->priv_key == NULL) {
+        ERR_raise(ERR_LIB_PROV, EVP_R_INVALID_KEY);
+        mac_key_free(key);
+        return NULL;
+    }
+
+    /*
+     * This is horrible but required for backwards compatibility. We don't
+     * actually do real key generation at all. We simply copy the key that was
+     * previously set in the gctx. Hopefully at some point in the future all
+     * of this can be removed and we will only support the EVP_KDF APIs.
+     */
+    if (!ossl_prov_cipher_copy(&key->cipher, &gctx->cipher)) {
+        ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR);
+        return NULL;
+    }
+    ossl_prov_cipher_reset(&gctx->cipher);
+    key->priv_key = gctx->priv_key;
+    key->priv_key_len = gctx->priv_key_len;
+    gctx->priv_key_len = 0;
+    gctx->priv_key = NULL;
+
+    return key;
+}
+
+static void mac_gen_cleanup(void *genctx)
+{
+    struct mac_gen_ctx *gctx = genctx;
+
+    OPENSSL_secure_clear_free(gctx->priv_key, gctx->priv_key_len);
+    ossl_prov_cipher_reset(&gctx->cipher);
+    OPENSSL_free(gctx);
+}
+
+const OSSL_DISPATCH mac_legacy_keymgmt_functions[] = {
+    { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))mac_new },
+    { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))mac_free },
+    { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))mac_get_params },
+    { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))mac_gettable_params },
+    { OSSL_FUNC_KEYMGMT_SET_PARAMS, (void (*) (void))mac_set_params },
+    { OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS, (void (*) (void))mac_settable_params },
+    { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))mac_has },
+    { OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))mac_match },
+    { OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))mac_import },
+    { OSSL_FUNC_KEYMGMT_IMPORT_TYPES, (void (*)(void))mac_imexport_types },
+    { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))mac_export },
+    { OSSL_FUNC_KEYMGMT_EXPORT_TYPES, (void (*)(void))mac_imexport_types },
+    { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))mac_gen_init },
+    { OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS, (void (*)(void))mac_gen_set_params },
+    { OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS,
+        (void (*)(void))mac_gen_settable_params },
+    { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))mac_gen },
+    { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))mac_gen_cleanup },
+    { 0, NULL }
+};
+
+const OSSL_DISPATCH cmac_legacy_keymgmt_functions[] = {
+    { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))mac_new_cmac },
+    { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))mac_free },
+    { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))mac_get_params },
+    { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))cmac_gettable_params },
+    { OSSL_FUNC_KEYMGMT_SET_PARAMS, (void (*) (void))mac_set_params },
+    { OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS, (void (*) (void))mac_settable_params },
+    { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))mac_has },
+    { OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))mac_match },
+    { OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))mac_import },
+    { OSSL_FUNC_KEYMGMT_IMPORT_TYPES, (void (*)(void))cmac_imexport_types },
+    { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))mac_export },
+    { OSSL_FUNC_KEYMGMT_EXPORT_TYPES, (void (*)(void))cmac_imexport_types },
+    { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))mac_gen_init },
+    { OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS, (void (*)(void))cmac_gen_set_params },
+    { OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS,
+        (void (*)(void))cmac_gen_settable_params },
+    { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))mac_gen },
+    { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))mac_gen_cleanup },
+    { 0, NULL }
+};
diff --git a/providers/implementations/signature/build.info b/providers/implementations/signature/build.info
index 0e7765ae24..5a813083b2 100644
--- a/providers/implementations/signature/build.info
+++ b/providers/implementations/signature/build.info
@@ -20,3 +20,6 @@ SOURCE[../../libnonfips.a]=rsa.c
 DEPEND[rsa.o]=../../common/include/prov/der_rsa.h
 DEPEND[dsa.o]=../../common/include/prov/der_dsa.h
 DEPEND[ecdsa.o]=../../common/include/prov/der_ec.h
+
+SOURCE[../../libfips.a]=mac_legacy.c
+SOURCE[../../libnonfips.a]=mac_legacy.c
diff --git a/providers/implementations/signature/mac_legacy.c b/providers/implementations/signature/mac_legacy.c
new file mode 100644
index 0000000000..2b8edcad9d
--- /dev/null
+++ b/providers/implementations/signature/mac_legacy.c
@@ -0,0 +1,191 @@
+/*
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/* We need to use some engine deprecated APIs */
+#define OPENSSL_SUPPRESS_DEPRECATED
+
+#include <openssl/crypto.h>
+#include <openssl/evp.h>
+#include <openssl/core_dispatch.h>
+#include <openssl/core_names.h>
+#include <openssl/params.h>
+#include <openssl/err.h>
+#include "prov/implementations.h"
+#include "prov/provider_ctx.h"
+#include "prov/macsignature.h"
+
+static OSSL_FUNC_signature_newctx_fn mac_hmac_newctx;
+static OSSL_FUNC_signature_digest_sign_init_fn mac_digest_sign_init;
+static OSSL_FUNC_signature_digest_sign_update_fn mac_digest_sign_update;
+static OSSL_FUNC_signature_digest_sign_final_fn mac_digest_sign_final;
+static OSSL_FUNC_signature_freectx_fn mac_freectx;
+static OSSL_FUNC_signature_dupctx_fn mac_dupctx;
+
+typedef struct {
+    OPENSSL_CTX *libctx;
+    char *propq;
+    MAC_KEY *key;
+    EVP_MAC_CTX *macctx;
+} PROV_MAC_CTX;
+
+static void *mac_newctx(void *provctx, const char *propq, const char *macname)
+{
+    PROV_MAC_CTX *pmacctx = OPENSSL_zalloc(sizeof(PROV_MAC_CTX));
+    EVP_MAC *mac = NULL;
+
+    if (pmacctx == NULL)
+        return NULL;
+
+    pmacctx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx);
+    if (propq != NULL && (pmacctx->propq = OPENSSL_strdup(propq)) == NULL) {
+        ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    mac = EVP_MAC_fetch(pmacctx->libctx, macname, propq);
+    if (mac == NULL)
+        goto err;
+
+    pmacctx->macctx = EVP_MAC_CTX_new(mac);
+    if (pmacctx->macctx == NULL)
+        goto err;
+
+    EVP_MAC_free(mac);
+
+    return pmacctx;
+
+ err:
+    OPENSSL_free(pmacctx);
+    EVP_MAC_free(mac);
+    return NULL;
+}
+
+#define MAC_NEWCTX(funcname, macname) \
+    static void *mac_##funcname##_newctx(void *provctx, const char *propq) \
+    { \
+        return mac_newctx(provctx, propq, macname); \
+    }
+
+MAC_NEWCTX(hmac, "HMAC")
+MAC_NEWCTX(siphash, "SIPHASH")
+MAC_NEWCTX(poly1305, "POLY1305")
+MAC_NEWCTX(cmac, "CMAC")
+
+static int mac_digest_sign_init(void *vpmacctx, const char *mdname, void *vkey)
+{
+    PROV_MAC_CTX *pmacctx = (PROV_MAC_CTX *)vpmacctx;
+    const char *ciphername = NULL, *engine = NULL;
+
+    if (pmacctx == NULL || vkey == NULL || !mac_key_up_ref(vkey))
+        return 0;
+
+    mac_key_free(pmacctx->key);
+    pmacctx->key = vkey;
+
+    if (pmacctx->key->cipher.cipher != NULL)
+        ciphername = (char *)EVP_CIPHER_name(pmacctx->key->cipher.cipher);
+#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
+    if (pmacctx->key->cipher.engine != NULL)
+        engine = (char *)ENGINE_get_id(pmacctx->key->cipher.engine);
+#endif
+
+    if (!ossl_prov_set_macctx(pmacctx->macctx, NULL,
+                              (char *)ciphername,
+                              (char *)mdname,
+                              (char *)engine,
+                              pmacctx->key->properties,
+                              pmacctx->key->priv_key,
+                              pmacctx->key->priv_key_len))
+        return 0;
+
+    if (!EVP_MAC_init(pmacctx->macctx))
+        return 0;
+
+    return 1;
+}
+
+int mac_digest_sign_update(void *vpmacctx, const unsigned char *data,
+                           size_t datalen)
+{
+    PROV_MAC_CTX *pmacctx = (PROV_MAC_CTX *)vpmacctx;
+
+    if (pmacctx == NULL || pmacctx->macctx == NULL)
+        return 0;
+
+    return EVP_MAC_update(pmacctx->macctx, data, datalen);
+}
+
+int mac_digest_sign_final(void *vpmacctx, unsigned char *mac, size_t *maclen,
+                          size_t macsize)
+{
+    PROV_MAC_CTX *pmacctx = (PROV_MAC_CTX *)vpmacctx;
+
+    if (pmacctx == NULL || pmacctx->macctx == NULL)
+        return 0;
+
+    return EVP_MAC_final(pmacctx->macctx, mac, maclen, macsize);
+}
+
+static void mac_freectx(void *vpmacctx)
+{
+    PROV_MAC_CTX *ctx = (PROV_MAC_CTX *)vpmacctx;
+
+    OPENSSL_free(ctx->propq);
+    EVP_MAC_CTX_free(ctx->macctx);
+    mac_key_free(ctx->key);
+    OPENSSL_free(ctx);
+}
+
+static void *mac_dupctx(void *vpmacctx)
+{
+    PROV_MAC_CTX *srcctx = (PROV_MAC_CTX *)vpmacctx;
+    PROV_MAC_CTX *dstctx;
+
+    dstctx = OPENSSL_zalloc(sizeof(*srcctx));
+    if (dstctx == NULL)
+        return NULL;
+
+    *dstctx = *srcctx;
+    dstctx->key = NULL;
+    dstctx->macctx = NULL;
+
+    if (srcctx->key != NULL && !mac_key_up_ref(srcctx->key))
+        goto err;
+    dstctx->key = srcctx->key;
+
+    if (srcctx->macctx != NULL) {
+        dstctx->macctx = EVP_MAC_CTX_dup(srcctx->macctx);
+        if (dstctx->macctx == NULL)
+            goto err;
+    }
+
+    return dstctx;
+ err:
+    mac_freectx(dstctx);
+    return NULL;
+}
+
+#define MAC_SIGNATURE_FUNCTIONS(funcname) \
+    const OSSL_DISPATCH mac_legacy_##funcname##_signature_functions[] = { \
+        { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))mac_##funcname##_newctx }, \
+        { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT, \
+        (void (*)(void))mac_digest_sign_init }, \
+        { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE, \
+        (void (*)(void))mac_digest_sign_update }, \
+        { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL, \
+        (void (*)(void))mac_digest_sign_final }, \
+        { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))mac_freectx }, \
+        { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))mac_dupctx }, \
+        { 0, NULL } \
+    };
+
+MAC_SIGNATURE_FUNCTIONS(hmac)
+MAC_SIGNATURE_FUNCTIONS(siphash)
+MAC_SIGNATURE_FUNCTIONS(poly1305)
+MAC_SIGNATURE_FUNCTIONS(cmac)
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index 1a8e3cf829..c842e20fbf 100644
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -1598,8 +1598,10 @@ int tls_psk_do_binder(SSL *s, const EVP_MD *md, const unsigned char *msgstart,
         goto err;
     }
 
-    mackey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, finishedkey,
-                                          hashsize);
+    mackey = EVP_PKEY_new_raw_private_key_with_libctx(s->ctx->libctx, "HMAC",
+                                                      s->ctx->propq,
+                                                      finishedkey,
+                                                      hashsize);
     if (mackey == NULL) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PSK_DO_BINDER,
                  ERR_R_INTERNAL_ERROR);
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index 3eeafef828..b5cd34b646 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -771,10 +771,11 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
 
     /* Verify the HMAC of the cookie */
     hctx = EVP_MD_CTX_create();
-    pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL,
-                                        s->session_ctx->ext.cookie_hmac_key,
-                                        sizeof(s->session_ctx->ext
-                                               .cookie_hmac_key));
+    pkey = EVP_PKEY_new_raw_private_key_with_libctx(s->ctx->libctx, "HMAC",
+                                                    s->ctx->propq,
+                                                    s->session_ctx->ext.cookie_hmac_key,
+                                                    sizeof(s->session_ctx->ext
+                                                           .cookie_hmac_key));
     if (hctx == NULL || pkey == NULL) {
         EVP_MD_CTX_free(hctx);
         EVP_PKEY_free(pkey);
@@ -1863,10 +1864,11 @@ EXT_RETURN tls_construct_stoc_cookie(SSL *s, WPACKET *pkt, unsigned int context,
 
     /* HMAC the cookie */
     hctx = EVP_MD_CTX_create();
-    pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL,
-                                        s->session_ctx->ext.cookie_hmac_key,
-                                        sizeof(s->session_ctx->ext
-                                               .cookie_hmac_key));
+    pkey = EVP_PKEY_new_raw_private_key_with_libctx(s->ctx->libctx, "HMAC",
+                                                    s->ctx->propq,
+                                                    s->session_ctx->ext.cookie_hmac_key,
+                                                    sizeof(s->session_ctx->ext
+                                                           .cookie_hmac_key));
     if (hctx == NULL || pkey == NULL) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE,
                  ERR_R_MALLOC_FAILURE);
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 8285e5cd27..2e46187024 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -376,9 +376,21 @@ int tls1_change_cipher_state(SSL *s, int which)
     memcpy(mac_secret, ms, i);
 
     if (!(EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER)) {
-        /* TODO(size_t): Convert this function */
-        mac_key = EVP_PKEY_new_mac_key(mac_type, NULL, mac_secret,
-                                               (int)*mac_secret_size);
+        if (mac_type == EVP_PKEY_HMAC) {
+            mac_key = EVP_PKEY_new_raw_private_key_with_libctx(s->ctx->libctx,
+                                                               "HMAC",
+                                                               s->ctx->propq,
+                                                               mac_secret,
+                                                               *mac_secret_size);
+        } else {
+            /*
+             * If its not HMAC then the only other types of MAC we support are
+             * the GOST MACs, so we need to use the old style way of creating
+             * a MAC key.
+             */
+            mac_key = EVP_PKEY_new_mac_key(mac_type, NULL, mac_secret,
+                                           (int)*mac_secret_size);
+        }
         if (mac_key == NULL
             || EVP_DigestSignInit_with_libctx(mac_ctx, NULL, EVP_MD_name(m),
                                               s->ctx->libctx, s->ctx->propq,
diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c
index 4da65a2400..bae6f2339b 100644
--- a/test/evp_extra_test.c
+++ b/test/evp_extra_test.c
@@ -27,6 +27,7 @@
 #include <openssl/params.h>
 #include <openssl/dsa.h>
 #include <openssl/dh.h>
+#include <openssl/aes.h>
 #include "testutil.h"
 #include "internal/nelem.h"
 #include "internal/sizes.h"
@@ -1254,23 +1255,69 @@ static int test_EVP_PKEY_check(int i)
 }
 
 #ifndef OPENSSL_NO_CMAC
+static int get_cmac_val(EVP_PKEY *pkey, unsigned char *mac)
+{
+    EVP_MD_CTX *mdctx = EVP_MD_CTX_new();
+    const char msg[] = "Hello World";
+    size_t maclen;
+    int ret = 1;
+
+    if (!TEST_ptr(mdctx)
+            || !TEST_true(EVP_DigestSignInit(mdctx, NULL, NULL, NULL, pkey))
+            || !TEST_true(EVP_DigestSignUpdate(mdctx, msg, sizeof(msg)))
+            || !TEST_true(EVP_DigestSignFinal(mdctx, mac, &maclen))
+            || !TEST_size_t_eq(maclen, AES_BLOCK_SIZE))
+        ret = 0;
+
+    EVP_MD_CTX_free(mdctx);
+
+    return ret;
+}
 static int test_CMAC_keygen(void)
 {
+    static unsigned char key[] = {
+        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
+        0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+        0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
+    };
     /*
      * This is a legacy method for CMACs, but should still work.
      * This verifies that it works without an ENGINE.
      */
     EVP_PKEY_CTX *kctx = EVP_PKEY_CTX_new_id(EVP_PKEY_CMAC, NULL);
     int ret = 0;
+    EVP_PKEY *pkey = NULL;
+    unsigned char mac[AES_BLOCK_SIZE], mac2[AES_BLOCK_SIZE];
+
+    /* Test a CMAC key created using the "generated" method */
+    if (!TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)
+            || !TEST_int_gt(EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,
+                                            EVP_PKEY_CTRL_CIPHER,
+                                            0, (void *)EVP_aes_256_ecb()), 0)
+            || !TEST_int_gt(EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,
+                                            EVP_PKEY_CTRL_SET_MAC_KEY,
+                                            sizeof(key), (void *)key), 0)
+            || !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0)
+            || !TEST_ptr(pkey)
+            || !TEST_true(get_cmac_val(pkey, mac)))
+        goto done;
+
+    EVP_PKEY_free(pkey);
 
-    if (!TEST_true(EVP_PKEY_keygen_init(kctx) > 0)
-        && !TEST_true(EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,
-                                        EVP_PKEY_CTRL_CIPHER,
-                                        0, (void *)EVP_aes_256_ecb()) > 0))
+    /*
+     * Test a CMAC key using the direct method, and compare with the mac
+     * created above.
+     */
+    pkey = EVP_PKEY_new_CMAC_key(NULL, key, sizeof(key), EVP_aes_256_ecb());
+    if (!TEST_ptr(pkey)
+            || !TEST_true(get_cmac_val(pkey, mac2))
+            || !TEST_mem_eq(mac, sizeof(mac), mac2, sizeof(mac2)))
         goto done;
+
     ret = 1;
 
  done:
+    EVP_PKEY_free(pkey);
     EVP_PKEY_CTX_free(kctx);
     return ret;
 }
@@ -1760,15 +1807,17 @@ static int test_pkey_ctx_fail_without_provider(int tst)
     if (!TEST_ptr(nullprov))
         goto err;
 
-    pctx = EVP_PKEY_CTX_new_from_name(tmpctx, tst == 0 ? "RSA" : "HMAC", "");
+    pctx = EVP_PKEY_CTX_new_from_name(tmpctx, tst == 0 ? "RSA" : "SM2", "");
 
     /* RSA is not available via any provider so we expect this to fail */
     if (tst == 0 && !TEST_ptr_null(pctx))
         goto err;
 
     /*
-     * HMAC is always available because it is implemented via legacy codepaths
+     * SM2 is always available because it is implemented via legacy codepaths
      * and not in a provider at all. We expect this to pass.
+     * TODO(3.0): This can be removed once there are no more algorithms
+     * available via legacy codepaths
      */
     if (tst == 1 && !TEST_ptr(pctx))
         goto err;
diff --git a/test/evp_test.c b/test/evp_test.c
index adcfea0038..238bbaf3d5 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -1161,8 +1161,10 @@ static int mac_test_run_pkey(EVP_TEST *t)
             t->err = "MAC_KEY_CREATE_ERROR";
             goto err;
         }
-        key = EVP_PKEY_new_CMAC_key(NULL, expected->key, expected->key_len,
-                                    cipher);
+        key = EVP_PKEY_new_CMAC_key_with_libctx(expected->key,
+                                                expected->key_len,
+                                                EVP_CIPHER_name(cipher),
+                                                libctx, NULL);
     } else {
         key = EVP_PKEY_new_raw_private_key_with_libctx(libctx,
                                                        OBJ_nid2sn(expected->type),
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 99790a1b74..96f834500d 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5284,3 +5284,5 @@ OSSL_STORE_LOADER_names_do_all          ?	3_0_0	EXIST::FUNCTION:
 OSSL_PARAM_get_utf8_string_ptr          ?	3_0_0	EXIST::FUNCTION:
 OSSL_PARAM_get_octet_string_ptr         ?	3_0_0	EXIST::FUNCTION:
 OSSL_DECODER_CTX_set_passphrase_cb      ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_CTX_set_mac_key                ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_new_CMAC_key_with_libctx       ?	3_0_0	EXIST::FUNCTION:

From pauli at openssl.org  Sat Aug 29 07:57:48 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Sat, 29 Aug 2020 07:57:48 +0000
Subject: [openssl]  master update
Message-ID: <1598687868.163149.7009.nullmailer@dev.openssl.org>

The branch master has been updated
       via  8e32ea633f9d908a083f208c74eac9d8011046a3 (commit)
       via  7cd1420b3e53212485e5e7e53ac69929a9bc1ac3 (commit)
      from  e3bf65da88f714f8721c2985f235b12a7f90d9f8 (commit)


- Log -----------------------------------------------------------------
commit 8e32ea633f9d908a083f208c74eac9d8011046a3
Author: Matt Caswell <matt at openssl.org>
Date:   Thu Aug 27 17:03:13 2020 +0100

    Check whether we have MD5-SHA1 and whether we need it
    
    If we don't have MD5-SHA1 then we must be use (D)TLSv1.2 or above. We
    check that this is consistent with the way we've been configured. We also
    ensure that we never attempt to negotiate <(D)TLSv1.2 if MD5-SHA1 is not
    available.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12733)

commit 7cd1420b3e53212485e5e7e53ac69929a9bc1ac3
Author: Matt Caswell <matt at openssl.org>
Date:   Thu Aug 27 16:19:27 2020 +0100

    Improve some error messages if a digest is not available
    
    If a digest is not available we just get an "internal error" error
    message - which isn't very helpful for diagnosing problems. Instead we
    explicitly state that we couldn't find a suitable digest.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12733)

-----------------------------------------------------------------------

Summary of changes:
 crypto/err/openssl.txt   |  3 ++-
 include/openssl/sslerr.h |  1 +
 ssl/s3_enc.c             |  7 +++++-
 ssl/ssl_err.c            |  2 ++
 ssl/statem/statem_clnt.c |  2 +-
 ssl/statem/statem_lib.c  | 55 ++++++++++++++++++++++++++++++++++++++++++------
 6 files changed, 61 insertions(+), 9 deletions(-)

diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 43114dc545..643bf6b278 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2710,8 +2710,8 @@ OCSP_R_UNKNOWN_MESSAGE_DIGEST:119:unknown message digest
 OCSP_R_UNKNOWN_NID:120:unknown nid
 OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE:129:unsupported requestorname type
 OSSL_DECODER_R_MISSING_GET_PARAMS:100:missing get params
-OSSL_ENCODER_R_INCORRECT_PROPERTY_QUERY:100:incorrect property query
 OSSL_ENCODER_R_ENCODER_NOT_FOUND:101:encoder not found
+OSSL_ENCODER_R_INCORRECT_PROPERTY_QUERY:100:incorrect property query
 OSSL_STORE_R_AMBIGUOUS_CONTENT_TYPE:107:ambiguous content type
 OSSL_STORE_R_BAD_PASSWORD_READ:115:bad password read
 OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC:113:error verifying pkcs12 mac
@@ -3297,6 +3297,7 @@ SSL_R_NO_SHARED_CIPHER:193:no shared cipher
 SSL_R_NO_SHARED_GROUPS:410:no shared groups
 SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS:376:no shared signature algorithms
 SSL_R_NO_SRTP_PROFILES:359:no srtp profiles
+SSL_R_NO_SUITABLE_DIGEST_ALGORITHM:297:no suitable digest algorithm
 SSL_R_NO_SUITABLE_KEY_SHARE:101:no suitable key share
 SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM:118:no suitable signature algorithm
 SSL_R_NO_VALID_SCTS:216:no valid scts
diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h
index c15a17f96f..d4ee837a1e 100644
--- a/include/openssl/sslerr.h
+++ b/include/openssl/sslerr.h
@@ -634,6 +634,7 @@ int ERR_load_SSL_strings(void);
 # define SSL_R_NO_SHARED_GROUPS                           410
 # define SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS             376
 # define SSL_R_NO_SRTP_PROFILES                           359
+# define SSL_R_NO_SUITABLE_DIGEST_ALGORITHM               297
 # define SSL_R_NO_SUITABLE_KEY_SHARE                      101
 # define SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM            118
 # define SSL_R_NO_VALID_SCTS                              216
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index bd668f317e..bd90e059b5 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -408,7 +408,12 @@ int ssl3_digest_cached_records(SSL *s, int keep)
         }
 
         md = ssl_handshake_md(s);
-        if (md == NULL || !EVP_DigestInit_ex(s->s3.handshake_dgst, md, NULL)
+        if (md == NULL) {
+            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_DIGEST_CACHED_RECORDS,
+                     SSL_R_NO_SUITABLE_DIGEST_ALGORITHM);
+            return 0;
+        }
+        if (!EVP_DigestInit_ex(s->s3.handshake_dgst, md, NULL)
             || !EVP_DigestUpdate(s->s3.handshake_dgst, hdata, hdatalen)) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_DIGEST_CACHED_RECORDS,
                      ERR_R_INTERNAL_ERROR);
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index f84b3f94d8..9f47a924f0 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -300,6 +300,8 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS),
     "no shared signature algorithms"},
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_SRTP_PROFILES), "no srtp profiles"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_SUITABLE_DIGEST_ALGORITHM),
+    "no suitable digest algorithm"},
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_SUITABLE_KEY_SHARE),
     "no suitable key share"},
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM),
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index ff48759436..4c994dd389 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2356,7 +2356,7 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
 
         if (!tls1_lookup_md(s->ctx, s->s3.tmp.peer_sigalg, &md)) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_KEY_EXCHANGE,
-                     ERR_R_INTERNAL_ERROR);
+                     SSL_R_NO_SUITABLE_DIGEST_ALGORITHM);
             goto err;
         }
         if (SSL_USE_SIGALGS(s))
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index 39ec4a92fd..e0ff00d1b8 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -94,6 +94,8 @@ int tls_close_construct_packet(SSL *s, WPACKET *pkt, int htype)
 
 int tls_setup_handshake(SSL *s)
 {
+    int ver_min, ver_max, ok;
+
     if (!ssl3_init_finished_mac(s)) {
         /* SSLfatal() already called */
         return 0;
@@ -102,20 +104,61 @@ int tls_setup_handshake(SSL *s)
     /* Reset any extension flags */
     memset(s->ext.extflags, 0, sizeof(s->ext.extflags));
 
+    if (ssl_get_min_max_version(s, &ver_min, &ver_max, NULL) != 0) {
+        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_SETUP_HANDSHAKE,
+                    ERR_R_INTERNAL_ERROR);
+        return 0;
+    }
+
+    /* Sanity check that we have MD5-SHA1 if we need it */
+    if (s->ctx->ssl_digest_methods[SSL_MD_MD5_SHA1_IDX] == NULL) {
+        int md5sha1_needed = 0;
+
+        /* We don't have MD5-SHA1 - do we need it? */
+        if (SSL_IS_DTLS(s)) {
+            if (DTLS_VERSION_LE(ver_max, DTLS1_VERSION))
+                md5sha1_needed = 1;
+        } else {
+            if (ver_max <= TLS1_1_VERSION)
+                md5sha1_needed = 1;
+        }
+        if (md5sha1_needed) {
+            SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS_SETUP_HANDSHAKE,
+                        SSL_R_NO_SUITABLE_DIGEST_ALGORITHM);
+            ERR_add_error_data(1, "The max supported SSL/TLS version needs the"
+                                    " MD5-SHA1 digest but it is not available"
+                                    " in the loaded providers. Use (D)TLSv1.2 or"
+                                    " above, or load different providers");
+            return 0;
+        }
+
+        ok = 1;
+        /* Don't allow TLSv1.1 or below to be negotiated */
+        if (SSL_IS_DTLS(s)) {
+            if (DTLS_VERSION_LT(ver_min, DTLS1_2_VERSION))
+                ok = SSL_set_min_proto_version(s, DTLS1_2_VERSION);
+        } else {
+            if (ver_min < TLS1_2_VERSION)
+                ok = SSL_set_min_proto_version(s, TLS1_2_VERSION);
+        }
+        if (!ok) {
+            /* Shouldn't happen */
+            SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS_SETUP_HANDSHAKE,
+                     ERR_R_INTERNAL_ERROR);
+            return 0;
+        }
+    }
+
+    ok = 0;
     if (s->server) {
         STACK_OF(SSL_CIPHER) *ciphers = SSL_get_ciphers(s);
-        int i, ver_min, ver_max, ok = 0;
+        int i;
 
         /*
          * Sanity check that the maximum version we accept has ciphers
          * enabled. For clients we do this check during construction of the
          * ClientHello.
          */
-        if (ssl_get_min_max_version(s, &ver_min, &ver_max, NULL) != 0) {
-            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_SETUP_HANDSHAKE,
-                     ERR_R_INTERNAL_ERROR);
-            return 0;
-        }
         for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
             const SSL_CIPHER *c = sk_SSL_CIPHER_value(ciphers, i);
 

From builds at travis-ci.com  Sat Aug 29 10:34:44 2020
From: builds at travis-ci.com (Travis CI)
Date: Sat, 29 Aug 2020 10:34:44 +0000
Subject: Still Failing: openssl/openssl#37025 (master - e3bf65d)
In-Reply-To: <openssl/openssl+181886847+still failing@travis-ci.com>
Message-ID: <5f4a2f441183e_13f86985b14781193cf@travis-pro-tasks-77c7ff96c6-vhjns.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #37025
Status: Still Failing

Duration: 1 hr, 35 mins, and 6 secs
Commit: e3bf65d (master)
Author: Matt Caswell
Message: Include "legacy" in the name of the various MAC bridge functions

Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12637)

View the changeset: https://github.com/openssl/openssl/compare/bddfea0271d0...e3bf65da88f7

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/181886847?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200829/28e72270/attachment-0001.html>

From builds at travis-ci.com  Sat Aug 29 11:53:41 2020
From: builds at travis-ci.com (Travis CI)
Date: Sat, 29 Aug 2020 11:53:41 +0000
Subject: Still Failing: openssl/openssl#37026 (master - 8e32ea6)
In-Reply-To: <openssl/openssl+181887212+still failing@travis-ci.com>
Message-ID: <5f4a41c4d30f2_13f8693fbc940186644@travis-pro-tasks-77c7ff96c6-vhjns.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #37026
Status: Still Failing

Duration: 1 hr, 45 mins, and 12 secs
Commit: 8e32ea6 (master)
Author: Matt Caswell
Message: Check whether we have MD5-SHA1 and whether we need it

If we don't have MD5-SHA1 then we must be use (D)TLSv1.2 or above. We
check that this is consistent with the way we've been configured. We also
ensure that we never attempt to negotiate <(D)TLSv1.2 if MD5-SHA1 is not
available.

Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12733)

View the changeset: https://github.com/openssl/openssl/compare/e3bf65da88f7...8e32ea633f9d

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/181887212?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200829/d1d8f6c4/attachment.html>

From beldmit at gmail.com  Sat Aug 29 16:37:59 2020
From: beldmit at gmail.com (beldmit at gmail.com)
Date: Sat, 29 Aug 2020 16:37:59 +0000
Subject: [openssl]  master update
Message-ID: <1598719079.384308.13844.nullmailer@dev.openssl.org>

The branch master has been updated
       via  835b2900168bfd1cc471bf1d798d3b5b7219cd4d (commit)
       via  bd1bbbfe516de5d0a6f2a2494c0dd386f2f178da (commit)
      from  8e32ea633f9d908a083f208c74eac9d8011046a3 (commit)


- Log -----------------------------------------------------------------
commit 835b2900168bfd1cc471bf1d798d3b5b7219cd4d
Author: Dmitry Belyavskiy <beldmit at gmail.com>
Date:   Fri Aug 28 16:39:16 2020 +0300

    Fix PKCS#7 so that it still works with non fetchable cipher algorithms.
    
    Fixes #12697
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12740)

commit bd1bbbfe516de5d0a6f2a2494c0dd386f2f178da
Author: Dmitry Belyavskiy <beldmit at gmail.com>
Date:   Fri Aug 28 16:01:39 2020 +0300

    Fix PKCS#7 so that it still works with non fetchable digest algorithms.
    
    Fixes #12684
    Partially fixes #12697
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12740)

-----------------------------------------------------------------------

Summary of changes:
 crypto/pkcs7/pk7_doit.c | 84 ++++++++++++++++++++++++++++++++++++++++++-------
 1 file changed, 72 insertions(+), 12 deletions(-)

diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index 1d2a1eb898..6a7af7826d 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -64,6 +64,7 @@ static int pkcs7_bio_add_digest(BIO **pbio, X509_ALGOR *alg,
     BIO *btmp;
     const char *name;
     EVP_MD *fetched = NULL;
+    const EVP_MD *md;
 
     if ((btmp = BIO_new(BIO_f_md())) == NULL) {
         PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST, ERR_R_BIO_LIB);
@@ -71,13 +72,22 @@ static int pkcs7_bio_add_digest(BIO **pbio, X509_ALGOR *alg,
     }
 
     name = OBJ_nid2sn(OBJ_obj2nid(alg->algorithm));
+
+    (void)ERR_set_mark();
     fetched = EVP_MD_fetch(ctx->libctx, name, ctx->propq);
-    if (fetched == NULL) {
+    if (fetched != NULL)
+        md = fetched;
+    else
+        md = EVP_get_digestbyname(name);
+
+    if (md == NULL) {
+        (void)ERR_clear_last_mark();
         PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST, PKCS7_R_UNKNOWN_DIGEST_TYPE);
         goto err;
     }
+    (void)ERR_pop_to_mark();
 
-    BIO_set_md(btmp, fetched);
+    BIO_set_md(btmp, md);
     EVP_MD_free(fetched);
     if (*pbio == NULL)
         *pbio = btmp;
@@ -209,6 +219,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
     BIO *out = NULL, *btmp = NULL;
     X509_ALGOR *xa = NULL;
     EVP_CIPHER *fetched_cipher = NULL;
+    const EVP_CIPHER *cipher;
     const EVP_CIPHER *evp_cipher = NULL;
     STACK_OF(X509_ALGOR) *md_sk = NULL;
     STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;
@@ -301,13 +312,22 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
             if (RAND_bytes_ex(p7_ctx->libctx, iv, ivlen) <= 0)
                 goto err;
 
+        (void)ERR_set_mark();
         fetched_cipher = EVP_CIPHER_fetch(p7_ctx->libctx,
                                           EVP_CIPHER_name(evp_cipher),
                                           p7_ctx->propq);
-        if (fetched_cipher == NULL)
+        if (fetched_cipher != NULL)
+            cipher = fetched_cipher;
+        else
+            cipher = evp_cipher;
+
+        if (cipher == NULL) {
+            (void)ERR_clear_last_mark();
             goto err;
+        }
+        (void)ERR_pop_to_mark();
 
-        if (EVP_CipherInit_ex(ctx, fetched_cipher, NULL, NULL, NULL, 1) <= 0)
+        if (EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, 1) <= 0)
             goto err;
 
         EVP_CIPHER_free(fetched_cipher);
@@ -389,7 +409,9 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
     X509_ALGOR *xa;
     ASN1_OCTET_STRING *data_body = NULL;
     EVP_MD *evp_md = NULL;
+    const EVP_MD *md;
     EVP_CIPHER *evp_cipher = NULL;
+    const EVP_CIPHER *cipher = NULL;
     EVP_CIPHER_CTX *evp_ctx = NULL;
     X509_ALGOR *enc_alg = NULL;
     STACK_OF(X509_ALGOR) *md_sk = NULL;
@@ -439,12 +461,21 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
         enc_alg = p7->d.signed_and_enveloped->enc_data->algorithm;
 
         name = OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm));
+
+        (void)ERR_set_mark();
         evp_cipher = EVP_CIPHER_fetch(p7_ctx->libctx, name, p7_ctx->propq);
-        if (evp_cipher == NULL) {
+        if (evp_cipher != NULL)
+            cipher = evp_cipher;
+        else
+            cipher = EVP_get_cipherbyname(name);
+
+        if (cipher == NULL) {
+            (void)ERR_clear_last_mark();
             PKCS7err(PKCS7_F_PKCS7_DATADECODE,
                      PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
             goto err;
         }
+        (void)ERR_pop_to_mark();
         break;
     case NID_pkcs7_enveloped:
         rsk = p7->d.enveloped->recipientinfo;
@@ -452,12 +483,21 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
         /* data_body is NULL if the optional EncryptedContent is missing. */
         data_body = p7->d.enveloped->enc_data->enc_data;
         name = OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm));
+
+        (void)ERR_set_mark();
         evp_cipher = EVP_CIPHER_fetch(p7_ctx->libctx, name, p7_ctx->propq);
-        if (evp_cipher == NULL) {
+        if (evp_cipher != NULL)
+            cipher = evp_cipher;
+        else
+            cipher = EVP_get_cipherbyname(name);
+
+        if (cipher == NULL) {
+            (void)ERR_clear_last_mark();
             PKCS7err(PKCS7_F_PKCS7_DATADECODE,
                      PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
             goto err;
         }
+        (void)ERR_pop_to_mark();
         break;
     default:
         PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
@@ -480,14 +520,23 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
             }
 
             name = OBJ_nid2sn(OBJ_obj2nid(xa->algorithm));
+
+            (void)ERR_set_mark();
             evp_md = EVP_MD_fetch(p7_ctx->libctx, name, p7_ctx->propq);
-            if (evp_md == NULL) {
+            if (evp_md != NULL)
+                md = evp_md;
+            else
+                md = EVP_get_digestbyname(name);
+
+            if (md == NULL) {
+                (void)ERR_clear_last_mark();
                 PKCS7err(PKCS7_F_PKCS7_DATADECODE,
                          PKCS7_R_UNKNOWN_DIGEST_TYPE);
                 goto err;
             }
+            (void)ERR_pop_to_mark();
 
-            BIO_set_md(btmp, evp_md);
+            BIO_set_md(btmp, md);
             EVP_MD_free(evp_md);
             if (out == NULL)
                 out = btmp;
@@ -497,7 +546,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
         }
     }
 
-    if (evp_cipher != NULL) {
+    if (cipher != NULL) {
         if ((etmp = BIO_new(BIO_f_cipher())) == NULL) {
             PKCS7err(PKCS7_F_PKCS7_DATADECODE, ERR_R_BIO_LIB);
             goto err;
@@ -537,7 +586,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
                 ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
                 ri->ctx = p7_ctx;
                 if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey,
-                        EVP_CIPHER_key_length(evp_cipher)) < 0)
+                        EVP_CIPHER_key_length(cipher)) < 0)
                     goto err;
                 ERR_clear_error();
             }
@@ -551,7 +600,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
 
         evp_ctx = NULL;
         BIO_get_cipher_ctx(etmp, &evp_ctx);
-        if (EVP_CipherInit_ex(evp_ctx, evp_cipher, NULL, NULL, NULL, 0) <= 0)
+        if (EVP_CipherInit_ex(evp_ctx, cipher, NULL, NULL, NULL, 0) <= 0)
             goto err;
         if (EVP_CIPHER_asn1_to_param(evp_ctx, enc_alg->parameter) < 0)
             goto err;
@@ -1023,6 +1072,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
 {
     ASN1_OCTET_STRING *os;
     EVP_MD_CTX *mdc_tmp, *mdc;
+    const EVP_MD *md;
     EVP_MD *fetched_md = NULL;
     int ret = 0, i;
     int md_type;
@@ -1097,9 +1147,19 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
             goto err;
         }
 
+        (void)ERR_set_mark();
         fetched_md = EVP_MD_fetch(ctx->libctx, OBJ_nid2sn(md_type), ctx->propq);
-        if (fetched_md == NULL || !EVP_VerifyInit_ex(mdc_tmp, fetched_md, NULL))
+
+        if (fetched_md != NULL)
+            md = fetched_md;
+        else
+            md = EVP_get_digestbynid(md_type);
+
+        if (md == NULL || !EVP_VerifyInit_ex(mdc_tmp, md, NULL)) {
+            (void)ERR_clear_last_mark();
             goto err;
+        }
+        (void)ERR_pop_to_mark();
 
         alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf,
                              ASN1_ITEM_rptr(PKCS7_ATTR_VERIFY));

From builds at travis-ci.com  Sat Aug 29 18:01:13 2020
From: builds at travis-ci.com (Travis CI)
Date: Sat, 29 Aug 2020 18:01:13 +0000
Subject: Still Failing: openssl/openssl#37029 (master - 835b290)
In-Reply-To: <openssl/openssl+181906459+still failing@travis-ci.com>
Message-ID: <5f4a97e59cfbe_13fc9853117b015599e@travis-pro-tasks-77b4d9756d-jd8mm.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #37029
Status: Still Failing

Duration: 1 hr, 21 mins, and 49 secs
Commit: 835b290 (master)
Author: Dmitry Belyavskiy
Message: Fix PKCS#7 so that it still works with non fetchable cipher algorithms.

Fixes #12697

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12740)

View the changeset: https://github.com/openssl/openssl/compare/8e32ea633f9d...835b2900168b

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/181906459?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200829/8a3b3fe9/attachment.html>

From shane.lontis at oracle.com  Sun Aug 30 06:20:32 2020
From: shane.lontis at oracle.com (shane.lontis at oracle.com)
Date: Sun, 30 Aug 2020 06:20:32 +0000
Subject: [openssl]  master update
Message-ID: <1598768432.647898.22343.nullmailer@dev.openssl.org>

The branch master has been updated
       via  458cb85d1985aa3efe0a33eb59123d23b5fa975a (commit)
       via  d9cdfda24fd140f3e4c7b4afd9b46a7929841c69 (commit)
       via  81fca0e7c1f4e874f860ac66415546fe8fc5ad18 (commit)
       via  3fab56631f597b969bb5849bd890e354d4062178 (commit)
      from  835b2900168bfd1cc471bf1d798d3b5b7219cd4d (commit)


- Log -----------------------------------------------------------------
commit 458cb85d1985aa3efe0a33eb59123d23b5fa975a
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Fri Aug 21 11:15:59 2020 +1000

    Fix ECX serializer import calls to use correct selection flags.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12698)

commit d9cdfda24fd140f3e4c7b4afd9b46a7929841c69
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Fri Aug 21 11:15:10 2020 +1000

    Fix RSA serializer import calls to use correct selection flags.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12698)

commit 81fca0e7c1f4e874f860ac66415546fe8fc5ad18
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Fri Aug 21 11:14:34 2020 +1000

    Fix DSA serializer import calls to use correct selection flags.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12698)

commit 3fab56631f597b969bb5849bd890e354d4062178
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Fri Aug 21 11:13:09 2020 +1000

    Fix DH serializer import calls to use correct selection flags.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12698)

-----------------------------------------------------------------------

Summary of changes:
 providers/implementations/encode_decode/encoder_dh_param.c  |  6 +++---
 providers/implementations/encode_decode/encoder_dh_priv.c   |  9 ++++++---
 providers/implementations/encode_decode/encoder_dh_pub.c    |  9 ++++++---
 providers/implementations/encode_decode/encoder_dsa_param.c |  6 +++---
 providers/implementations/encode_decode/encoder_dsa_priv.c  |  9 ++++++---
 providers/implementations/encode_decode/encoder_dsa_pub.c   | 10 ++++++----
 providers/implementations/encode_decode/encoder_ecx_pub.c   |  6 +++---
 providers/implementations/encode_decode/encoder_rsa_priv.c  |  9 ++++++---
 providers/implementations/encode_decode/encoder_rsa_pub.c   |  9 ++++++---
 9 files changed, 45 insertions(+), 28 deletions(-)

diff --git a/providers/implementations/encode_decode/encoder_dh_param.c b/providers/implementations/encode_decode/encoder_dh_param.c
index 23cda024c4..32c8769b5e 100644
--- a/providers/implementations/encode_decode/encoder_dh_param.c
+++ b/providers/implementations/encode_decode/encoder_dh_param.c
@@ -63,7 +63,7 @@ static int dh_param_der_data(void *ctx, const OSSL_PARAM params[],
 
         /* ctx == provctx */
         if ((dh = dh_new(ctx)) != NULL
-            && dh_import(dh, OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, params)
+            && dh_import(dh, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, params)
             && dh_param_der(ctx, dh, out, cb, cbarg))
             ok = 1;
         dh_free(dh);
@@ -100,7 +100,7 @@ static int dh_param_pem_data(void *ctx, const OSSL_PARAM params[],
 
         /* ctx == provctx */
         if ((dh = dh_new(ctx)) != NULL
-            && dh_import(dh, OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, params)
+            && dh_import(dh, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, params)
             && dh_param_pem(ctx, dh, out, cb, cbarg))
             ok = 1;
         dh_free(dh);
@@ -137,7 +137,7 @@ static int dh_param_print_data(void *ctx, const OSSL_PARAM params[],
 
         /* ctx == provctx */
         if ((dh = dh_new(ctx)) != NULL
-            && dh_import(dh, OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, params)
+            && dh_import(dh, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, params)
             && dh_param_print(ctx, dh, out, cb, cbarg))
             ok = 1;
         dh_free(dh);
diff --git a/providers/implementations/encode_decode/encoder_dh_priv.c b/providers/implementations/encode_decode/encoder_dh_priv.c
index a9373df96a..dd94223084 100644
--- a/providers/implementations/encode_decode/encoder_dh_priv.c
+++ b/providers/implementations/encode_decode/encoder_dh_priv.c
@@ -25,6 +25,9 @@
 #include "prov/provider_ctx.h"
 #include "encoder_local.h"
 
+#define DH_SELECT_PRIVATE_IMPORTABLE                                           \
+    (OSSL_KEYMGMT_SELECT_KEYPAIR | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS)
+
 static OSSL_FUNC_encoder_newctx_fn dh_priv_newctx;
 static OSSL_FUNC_encoder_freectx_fn dh_priv_freectx;
 static OSSL_FUNC_encoder_set_ctx_params_fn dh_priv_set_ctx_params;
@@ -132,7 +135,7 @@ static int dh_priv_der_data(void *vctx, const OSSL_PARAM params[],
         DH *dh;
 
         if ((dh = dh_new(ctx->provctx)) != NULL
-            && dh_import(dh, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && dh_import(dh, DH_SELECT_PRIVATE_IMPORTABLE, params)
             && dh_priv_der(ctx, dh, out, cb, cbarg))
             ok = 1;
         dh_free(dh);
@@ -178,7 +181,7 @@ static int dh_pem_priv_data(void *vctx, const OSSL_PARAM params[],
         DH *dh;
 
         if ((dh = dh_new(ctx->provctx)) != NULL
-            && dh_import(dh, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && dh_import(dh, DH_SELECT_PRIVATE_IMPORTABLE, params)
             && dh_pem_priv(ctx->provctx, dh, out, cb, cbarg))
             ok = 1;
         dh_free(dh);
@@ -235,7 +238,7 @@ static int dh_priv_print_data(void *vctx, const OSSL_PARAM params[],
         DH *dh;
 
         if ((dh = dh_new(ctx->provctx)) != NULL
-            && dh_import(dh, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && dh_import(dh, DH_SELECT_PRIVATE_IMPORTABLE, params)
             && dh_priv_print(ctx, dh, out, cb, cbarg))
             ok = 1;
         dh_free(dh);
diff --git a/providers/implementations/encode_decode/encoder_dh_pub.c b/providers/implementations/encode_decode/encoder_dh_pub.c
index 99f9532c34..583dcd9c5a 100644
--- a/providers/implementations/encode_decode/encoder_dh_pub.c
+++ b/providers/implementations/encode_decode/encoder_dh_pub.c
@@ -34,6 +34,9 @@ static OSSL_FUNC_encoder_encode_object_fn dh_pub_pem;
 static OSSL_FUNC_encoder_encode_data_fn dh_pub_print_data;
 static OSSL_FUNC_encoder_encode_object_fn dh_pub_print;
 
+#define DH_SELECT_PUBLIC_IMPORTABLE                                            \
+    (OSSL_KEYMGMT_SELECT_PUBLIC_KEY | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS)
+
 /* Public key : context */
 
 /*
@@ -63,7 +66,7 @@ static int dh_pub_der_data(void *ctx, const OSSL_PARAM params[],
 
         /* ctx == provctx */
         if ((dh = dh_new(ctx)) != NULL
-            && dh_import(dh, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && dh_import(dh, DH_SELECT_PUBLIC_IMPORTABLE, params)
             && dh_pub_der(ctx, dh, out, cb, cbarg))
             ok = 1;
         dh_free(dh);
@@ -104,7 +107,7 @@ static int dh_pub_pem_data(void *ctx, const OSSL_PARAM params[],
 
         /* ctx == provctx */
         if ((dh = dh_new(ctx)) != NULL
-            && dh_import(dh, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && dh_import(dh, DH_SELECT_PUBLIC_IMPORTABLE, params)
             && dh_pub_pem(ctx, dh, out, cb, cbarg))
             ok = 1;
         dh_free(dh);
@@ -144,7 +147,7 @@ static int dh_pub_print_data(void *ctx, const OSSL_PARAM params[],
 
         /* ctx == provctx */
         if ((dh = dh_new(ctx)) != NULL
-            && dh_import(dh, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && dh_import(dh, DH_SELECT_PUBLIC_IMPORTABLE, params)
             && dh_pub_print(ctx, dh, out, cb, cbarg))
             ok = 1;
         dh_free(dh);
diff --git a/providers/implementations/encode_decode/encoder_dsa_param.c b/providers/implementations/encode_decode/encoder_dsa_param.c
index 87abde7212..0438b14cc8 100644
--- a/providers/implementations/encode_decode/encoder_dsa_param.c
+++ b/providers/implementations/encode_decode/encoder_dsa_param.c
@@ -63,7 +63,7 @@ static int dsa_param_der_data(void *ctx, const OSSL_PARAM params[],
 
         /* ctx == provctx */
         if ((dsa = dsa_new(ctx)) != NULL
-            && dsa_import(dsa, OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, params)
+            && dsa_import(dsa, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, params)
             && dsa_param_der(ctx, dsa, out, cb, cbarg))
             ok = 1;
         dsa_free(dsa);
@@ -101,7 +101,7 @@ static int dsa_param_pem_data(void *ctx, const OSSL_PARAM params[],
 
         /* ctx == provctx */
         if ((dsa = dsa_new(ctx)) != NULL
-            && dsa_import(dsa, OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, params)
+            && dsa_import(dsa, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, params)
             && dsa_param_pem(ctx, dsa, out, cb, cbarg))
             ok = 1;
         dsa_free(dsa);
@@ -138,7 +138,7 @@ static int dsa_param_print_data(void *ctx, const OSSL_PARAM params[],
 
         /* ctx == provctx */
         if ((dsa = dsa_new(ctx)) != NULL
-            && dsa_import(dsa, OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, params)
+            && dsa_import(dsa, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, params)
             && dsa_param_print(ctx, dsa, out, cb, cbarg))
             ok = 1;
         dsa_free(dsa);
diff --git a/providers/implementations/encode_decode/encoder_dsa_priv.c b/providers/implementations/encode_decode/encoder_dsa_priv.c
index c37c9f9f3c..be5b7ee326 100644
--- a/providers/implementations/encode_decode/encoder_dsa_priv.c
+++ b/providers/implementations/encode_decode/encoder_dsa_priv.c
@@ -25,6 +25,9 @@
 #include "prov/provider_ctx.h"
 #include "encoder_local.h"
 
+#define DSA_SELECT_PRIVATE_IMPORTABLE                                          \
+    (OSSL_KEYMGMT_SELECT_KEYPAIR | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS)
+
 static OSSL_FUNC_encoder_newctx_fn dsa_priv_newctx;
 static OSSL_FUNC_encoder_freectx_fn dsa_priv_freectx;
 static OSSL_FUNC_encoder_set_ctx_params_fn dsa_priv_set_ctx_params;
@@ -132,7 +135,7 @@ static int dsa_priv_der_data(void *vctx, const OSSL_PARAM params[],
         DSA *dsa;
 
         if ((dsa = dsa_new(ctx->provctx)) != NULL
-            && dsa_import(dsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && dsa_import(dsa, DSA_SELECT_PRIVATE_IMPORTABLE, params)
             && dsa_priv_der(ctx, dsa, out, cb, cbarg))
             ok = 1;
         dsa_free(dsa);
@@ -177,7 +180,7 @@ static int dsa_pem_priv_data(void *vctx, const OSSL_PARAM params[],
         DSA *dsa;
 
         if ((dsa = dsa_new(ctx->provctx)) != NULL
-            && dsa_import(dsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && dsa_import(dsa, DSA_SELECT_PRIVATE_IMPORTABLE, params)
             && dsa_pem_priv(ctx, dsa, out, cb, cbarg))
             ok = 1;
         dsa_free(dsa);
@@ -233,7 +236,7 @@ static int dsa_priv_print_data(void *vctx, const OSSL_PARAM params[],
         DSA *dsa;
 
         if ((dsa = dsa_new(ctx->provctx)) != NULL
-            && dsa_import(dsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && dsa_import(dsa, DSA_SELECT_PRIVATE_IMPORTABLE, params)
             && dsa_priv_print(ctx, dsa, out, cb, cbarg))
             ok = 1;
         dsa_free(dsa);
diff --git a/providers/implementations/encode_decode/encoder_dsa_pub.c b/providers/implementations/encode_decode/encoder_dsa_pub.c
index ca7dd4bf1e..f99388e150 100644
--- a/providers/implementations/encode_decode/encoder_dsa_pub.c
+++ b/providers/implementations/encode_decode/encoder_dsa_pub.c
@@ -24,13 +24,15 @@
 #include "prov/provider_ctx.h"
 #include "encoder_local.h"
 
+#define DSA_SELECT_PUBLIC_IMPORTABLE                                           \
+    (OSSL_KEYMGMT_SELECT_PUBLIC_KEY | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS)
+
 static OSSL_FUNC_encoder_newctx_fn dsa_pub_newctx;
 static OSSL_FUNC_encoder_freectx_fn dsa_pub_freectx;
 static OSSL_FUNC_encoder_encode_data_fn dsa_pub_der_data;
 static OSSL_FUNC_encoder_encode_object_fn dsa_pub_der;
 static OSSL_FUNC_encoder_encode_data_fn dsa_pub_pem_data;
 static OSSL_FUNC_encoder_encode_object_fn dsa_pub_pem;
-
 static OSSL_FUNC_encoder_encode_data_fn dsa_pub_print_data;
 static OSSL_FUNC_encoder_encode_object_fn dsa_pub_print;
 
@@ -63,7 +65,7 @@ static int dsa_pub_der_data(void *ctx, const OSSL_PARAM params[],
 
         /* ctx == provctx */
         if ((dsa = dsa_new(ctx)) != NULL
-            && dsa_import(dsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && dsa_import(dsa, DSA_SELECT_PUBLIC_IMPORTABLE, params)
             && dsa_pub_der(ctx, dsa, out, cb, cbarg))
             ok = 1;
         dsa_free(dsa);
@@ -114,7 +116,7 @@ static int dsa_pub_pem_data(void *ctx, const OSSL_PARAM params[],
 
         /* ctx == provctx */
         if ((dsa = dsa_new(ctx)) != NULL
-            && dsa_import(dsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && dsa_import(dsa, DSA_SELECT_PUBLIC_IMPORTABLE, params)
             && dsa_pub_pem(ctx, dsa, out, cb, cbarg))
             ok = 1;
         dsa_free(dsa);
@@ -154,7 +156,7 @@ static int dsa_pub_print_data(void *ctx, const OSSL_PARAM params[],
 
         /* ctx == provctx */
         if ((dsa = dsa_new(ctx)) != NULL
-            && dsa_import(dsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && dsa_import(dsa, DSA_SELECT_PUBLIC_IMPORTABLE, params)
             && dsa_pub_print(ctx, dsa, out, cb, cbarg))
             ok = 1;
         dsa_free(dsa);
diff --git a/providers/implementations/encode_decode/encoder_ecx_pub.c b/providers/implementations/encode_decode/encoder_ecx_pub.c
index 6f082c2b4c..a4350d84cf 100644
--- a/providers/implementations/encode_decode/encoder_ecx_pub.c
+++ b/providers/implementations/encode_decode/encoder_ecx_pub.c
@@ -93,7 +93,7 @@ static int ecx_pub_der_data(void *vctx, const OSSL_PARAM params[],
         ECX_KEY *ecxkey;
 
         if ((ecxkey = ecx_new(ctx->provctx)) != NULL
-            && ecx_import(ecxkey, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && ecx_import(ecxkey, OSSL_KEYMGMT_SELECT_PUBLIC_KEY, params)
             && ecx_pub_der(ctx, ecxkey, out, cb, cbarg))
             ok = 1;
         ecx_free(ecxkey);
@@ -137,7 +137,7 @@ static int ecx_pub_pem_data(void *vctx, const OSSL_PARAM params[],
         ECX_KEY *ecxkey;
 
         if ((ecxkey = ecx_new(ctx->provctx)) != NULL
-            && ecx_import(ecxkey, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && ecx_import(ecxkey, OSSL_KEYMGMT_SELECT_PUBLIC_KEY, params)
             && ecx_pub_pem(ctx, ecxkey, out, cb, cbarg))
             ok = 1;
         ecx_free(ecxkey);
@@ -180,7 +180,7 @@ static int ecx_pub_print_data(void *vctx, const OSSL_PARAM params[],
         ECX_KEY *ecxkey;
 
         if ((ecxkey = ecx_new(ctx)) != NULL
-            && ecx_import(ecxkey, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && ecx_import(ecxkey, OSSL_KEYMGMT_SELECT_PUBLIC_KEY, params)
             && ecx_pub_print(ctx, ecxkey, out, cb, cbarg))
             ok = 1;
         ecx_free(ecxkey);
diff --git a/providers/implementations/encode_decode/encoder_rsa_priv.c b/providers/implementations/encode_decode/encoder_rsa_priv.c
index 3ba648f360..7be37dd49a 100644
--- a/providers/implementations/encode_decode/encoder_rsa_priv.c
+++ b/providers/implementations/encode_decode/encoder_rsa_priv.c
@@ -28,6 +28,9 @@
 #include "prov/provider_ctx.h"
 #include "encoder_local.h"
 
+#define RSA_SELECT_PRIVATE_IMPORTABLE                                          \
+    (OSSL_KEYMGMT_SELECT_KEYPAIR | OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS)
+
 static OSSL_FUNC_encoder_newctx_fn rsa_priv_newctx;
 static OSSL_FUNC_encoder_freectx_fn rsa_priv_freectx;
 static OSSL_FUNC_encoder_set_ctx_params_fn rsa_priv_set_ctx_params;
@@ -134,7 +137,7 @@ static int rsa_priv_der_data(void *vctx, const OSSL_PARAM params[],
         RSA *rsa;
 
         if ((rsa = rsa_new(ctx->provctx)) != NULL
-            && rsa_import(rsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && rsa_import(rsa, RSA_SELECT_PRIVATE_IMPORTABLE, params)
             && rsa_priv_der(ctx, rsa, out, cb, cbarg))
             ok = 1;
         rsa_free(rsa);
@@ -180,7 +183,7 @@ static int rsa_pem_priv_data(void *vctx, const OSSL_PARAM params[],
         RSA *rsa;
 
         if ((rsa = rsa_new(ctx->provctx)) != NULL
-            && rsa_import(rsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && rsa_import(rsa, RSA_SELECT_PRIVATE_IMPORTABLE, params)
             && rsa_pem_priv(ctx, rsa, out, cb, cbarg))
             ok = 1;
         rsa_free(rsa);
@@ -237,7 +240,7 @@ static int rsa_priv_print_data(void *vctx, const OSSL_PARAM params[],
         RSA *rsa;
 
         if ((rsa = rsa_new(ctx->provctx)) != NULL
-            && rsa_import(rsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && rsa_import(rsa, RSA_SELECT_PRIVATE_IMPORTABLE, params)
             && rsa_priv_print(ctx, rsa, out, cb, cbarg))
             ok = 1;
         rsa_free(rsa);
diff --git a/providers/implementations/encode_decode/encoder_rsa_pub.c b/providers/implementations/encode_decode/encoder_rsa_pub.c
index 29e71cc093..73bb466767 100644
--- a/providers/implementations/encode_decode/encoder_rsa_pub.c
+++ b/providers/implementations/encode_decode/encoder_rsa_pub.c
@@ -24,6 +24,9 @@
 #include "prov/provider_ctx.h"
 #include "encoder_local.h"
 
+#define RSA_SELECT_PUBLIC_IMPORTABLE                                           \
+    (OSSL_KEYMGMT_SELECT_PUBLIC_KEY | OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS)
+
 static OSSL_FUNC_encoder_newctx_fn rsa_pub_newctx;
 static OSSL_FUNC_encoder_freectx_fn rsa_pub_freectx;
 static OSSL_FUNC_encoder_encode_data_fn rsa_pub_der_data;
@@ -63,7 +66,7 @@ static int rsa_pub_der_data(void *ctx, const OSSL_PARAM params[],
 
         /* ctx == provctx */
         if ((rsa = rsa_new(ctx)) != NULL
-            && rsa_import(rsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && rsa_import(rsa, RSA_SELECT_PUBLIC_IMPORTABLE, params)
             && rsa_pub_der(ctx, rsa, out, cb, cbarg))
             ok = 1;
         rsa_free(rsa);
@@ -104,7 +107,7 @@ static int rsa_pub_pem_data(void *ctx, const OSSL_PARAM params[],
 
         /* ctx == provctx */
         if ((rsa = rsa_new(ctx)) != NULL
-            && rsa_import(rsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && rsa_import(rsa, RSA_SELECT_PUBLIC_IMPORTABLE, params)
             && rsa_pub_pem(ctx, rsa, out, cb, cbarg))
             ok = 1;
         rsa_free(rsa);
@@ -144,7 +147,7 @@ static int rsa_pub_print_data(void *ctx, const OSSL_PARAM params[],
 
         /* ctx == provctx */
         if ((rsa = rsa_new(ctx)) != NULL
-            && rsa_import(rsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+            && rsa_import(rsa, RSA_SELECT_PUBLIC_IMPORTABLE, params)
             && rsa_pub_print(ctx, rsa, out, cb, cbarg))
             ok = 1;
         rsa_free(rsa);

From builds at travis-ci.com  Sun Aug 30 07:44:54 2020
From: builds at travis-ci.com (Travis CI)
Date: Sun, 30 Aug 2020 07:44:54 +0000
Subject: Still Failing: openssl/openssl#37031 (master - 458cb85)
In-Reply-To: <openssl/openssl+181935154+still failing@travis-ci.com>
Message-ID: <5f4b58f51cad8_13fd677caa4802254a@travis-pro-tasks-6c86447c99-xfwfk.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #37031
Status: Still Failing

Duration: 1 hr, 22 mins, and 56 secs
Commit: 458cb85 (master)
Author: Shane Lontis
Message: Fix ECX serializer import calls to use correct selection flags.

Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12698)

View the changeset: https://github.com/openssl/openssl/compare/835b2900168b...458cb85d1985

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/181935154?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200830/24bbfa24/attachment.html>

From scan-admin at coverity.com  Sun Aug 30 07:54:53 2020
From: scan-admin at coverity.com (scan-admin at coverity.com)
Date: Sun, 30 Aug 2020 07:54:53 +0000 (UTC)
Subject: Coverity Scan: Analysis completed for OpenSSL-1.0.2
Message-ID: <5f4b5b4d5795d_2444562ac509f82f5c8563@prd-scan-dashboard-0.mail>


    Your request for analysis of OpenSSL-1.0.2 has been completed successfully.
    The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7Hlun-2FGpeF2rhqKLKnzox0Gkw-3D-3Dm0Hr_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeEY49mBCUz0tsS-2FkJ5IEp4oDdg8Zzt6LwOCda-2FpwXaZel-2Fz-2FCx1JlkfrXYE7WGKKCETcXfCe1-2BIhOHRi6gtmenKCxJqtiDRoLm-2FutqNSNdSopQqbSOi9dC5ZemlKGcRPz6ltlNDVF0uZqM6Sv3NQ2DKJRSxxPZ80XyI3G-2BisQBKwjZqwYKdJg5za9rwjXhtVmE-3D

    Build ID: 336157

    Analysis Summary:
       New defects found: 0
       Defects eliminated: 0


From scan-admin at coverity.com  Sun Aug 30 07:58:55 2020
From: scan-admin at coverity.com (scan-admin at coverity.com)
Date: Sun, 30 Aug 2020 07:58:55 +0000 (UTC)
Subject: Coverity Scan: Analysis completed for openssl/openssl
Message-ID: <5f4b5c3ecb812_2446642ac509f82f5c8563@prd-scan-dashboard-0.mail>


    Your request for analysis of openssl/openssl has been completed successfully.
    The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3DOlEt_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeEpQTih7hfBfVCWkCof1olJKktB3RzYjONkMqmawQCnrTrmOKF6GddZBOXjaUzAyyb6Y9aylGoFMybF5uZkY239r98NJdad-2B1gEJJVi4BmpjYYGJWQgLeqzqEiCwl0vnNEHYnqhB4RcD8ghvxV0C2Tlhoeis8qcOj8yjaub-2FZnTG238kgm9Ny3P5UGk4mvdp5A-3D

    Build ID: 336156

    Analysis Summary:
       New defects found: 9
       Defects eliminated: 16

    If you have difficulty understanding any defects, email us at scan-admin at coverity.com,
    or post your question to StackOverflow
    at https://u15810271.ct.sendgrid.net/ls/click?upn=CTPegkVN6peWFCMEieYYmPWIi1E4yUS9EoqKFcNAiqhRq8qmgeBE-2Bdt3uvFRAFXd-2FlwX83-2FVVdybfzIMOby0qA-3D-3DWjJr_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeEpQTih7hfBfVCWkCof1olJKktB3RzYjONkMqmawQCnrQrsw1-2B5m1j8wO7FP349cUrzaPNKFjUmRbv01NQT-2BSMbuDaMzwJbgfITyKNX-2Ft1wiN3SyOPj0ux4gE5ejI72wWMllVRV5CJWYkXY4i3zKSN9N6KzLrilhLOzeoNNoyctpSkYjKslNqX84sVefgauFt8-3D

From no-reply at appveyor.com  Sun Aug 30 09:43:55 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sun, 30 Aug 2020 09:43:55 +0000
Subject: Build failed: openssl master.36493
Message-ID: <20200830094355.1.0BB445249EC98983@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200830/db5ac47b/attachment.html>

From no-reply at appveyor.com  Sun Aug 30 10:26:07 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sun, 30 Aug 2020 10:26:07 +0000
Subject: Build failed: openssl master.36495
Message-ID: <20200830102607.1.CAE428FD44A947B4@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200830/ff2d0d8a/attachment.html>

From no-reply at appveyor.com  Sun Aug 30 11:28:09 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sun, 30 Aug 2020 11:28:09 +0000
Subject: Build completed: openssl master.36496
Message-ID: <20200830112809.1.4526E793D9D1B045@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200830/67850018/attachment.html>

From openssl at openssl.org  Mon Aug 31 00:01:50 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 31 Aug 2020 00:01:50 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT
Message-ID: <1598832110.051559.5173.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT

Commit log since last time:

458cb85d19 Fix ECX serializer import calls to use correct selection flags.
d9cdfda24f Fix RSA serializer import calls to use correct selection flags.
81fca0e7c1 Fix DSA serializer import calls to use correct selection flags.
3fab56631f Fix DH serializer import calls to use correct selection flags.
835b290016 Fix PKCS#7 so that it still works with non fetchable cipher algorithms.
bd1bbbfe51 Fix PKCS#7 so that it still works with non fetchable digest algorithms.
8e32ea633f Check whether we have MD5-SHA1 and whether we need it
7cd1420b3e Improve some error messages if a digest is not available
e3bf65da88 Include "legacy" in the name of the various MAC bridge functions
52ae0f8fc2 Add some documentation about the EVP_PKEY MAC interface
2ef9a7ac5e Improve code reuse in the provider MAC bridge
2106b04719 Document the EVP_PKEY_new_CMAC_key_with_libctx() function
e5bc0ce2ae Extend test_CMAC_keygen in evp_extra_test
2cf765e5a2 Delete unused PKEY MAC files
a540ef90f5 Extend the provider MAC bridge for CMAC
4db71d0175 Extend the provider MAC bridge for Poly1305
8014b2a966 Don't require a default digest from signature algorithms
b27b31b628 Extend the provider MAC bridge for SIPHASH
6f0bd6ca1c Ensure libssl creates libctx aware MAC keys
ada0670bf6 Fix some EVP_MD_CTX_* functions
5d51925a90 Convert EVP_PKEY_CTX_set_mac_key() into a function
1bf625040c Fix evp_extra_test to not assume that HMAC is legacy
b571e662cd Make the provider side EVP PKEY MAC bridge available in default and fips
409910be16 Implement signature functions for EVP_PKEY MAC to EVP_MAC provider bridge
e538294f8f Implement key management for the EVP_PKEY MAC to EVP_MAC provider bridge
bddfea0271 TEST: Adapt some tests for a stricter PEM_write_bio_PrivateKey_traditional()
87d91d223b Fix PEM_write_bio_PrivateKey_traditional() to not output PKCS#8
b6ef3c7089 Correct description of BN_mask_bits
33855c0af6 conf: add diagnostic option
3d94185718 provider_conf: report missing section on error
cd84d8832d Ignore vendor name in Clang version number.
4516bf7422 rand: instantiate the DRBGs upon first use.
edd53e9135 rand: add a note about a potentially misleading code analyzer warning.
1d6c86709c apps/pkcs12.c: Add -untrusted option
77a9bb83d7 X509_add_certs(): Add to doc some warning notes on memory management
0495a3ec4a Add OCSP_PARTIAL_CHAIN to OCSP_basic_verify()
fcc3a5204c apps: -msg flag enhancement 2/2
50c911b0c5 apps: -msg flag enhancement 1/2
625679b6d7 EVP: NULL pctx pointer after free.

Build log ended with (last 100 lines):

            # Server sent alert unexpected_message but client received no alert.
            # 80C7EA94297F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:318:
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1
    not ok 6 - running ssl_test 25-cipher.cnf
# ------------------------------------------------------------------------------
    # Looks like you failed 2 tests of 9.
not ok 26 - Test configuration 25-cipher.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok

        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #2, ECDHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 8047E747AA7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 3 - iteration 3
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/sslcorrupttest.c:199
        # Starting #3, DHE-RSA-CHACHA20-POLY1305
        # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032
        # [1] compared to [2]
        # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:229
        # false
        # 8047E747AA7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:403:
        not ok 4 - iteration 4
# ------------------------------------------------------------------------------
    not ok 1 - test_ssl_corrupt
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1
not ok 1 - running sslcorrupttest
# ------------------------------------------------------------------------------
#   Failed test 'running sslcorrupttest'
#   at ../openssl/test/recipes/80-test_sslcorrupt.t line 19.
# Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests 
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ skipped: Test only supported in a shared build
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_dtls_mtu.t               (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  26
  Non-zero exit status: 1
80-test_sslcorrupt.t             (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=211, Tests=3147, 1763 wallclock secs (13.07 usr  1.48 sys + 1582.07 cusr 161.26 csys = 1757.88 CPU)
Result: FAIL
Makefile:2543: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-asan'
Makefile:2541: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Mon Aug 31 02:03:25 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 31 Aug 2020 02:03:25 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-autoerrinit
Message-ID: <1598839405.553287.7556.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit

Commit log since last time:

458cb85d19 Fix ECX serializer import calls to use correct selection flags.
d9cdfda24f Fix RSA serializer import calls to use correct selection flags.
81fca0e7c1 Fix DSA serializer import calls to use correct selection flags.
3fab56631f Fix DH serializer import calls to use correct selection flags.
835b290016 Fix PKCS#7 so that it still works with non fetchable cipher algorithms.
bd1bbbfe51 Fix PKCS#7 so that it still works with non fetchable digest algorithms.
8e32ea633f Check whether we have MD5-SHA1 and whether we need it
7cd1420b3e Improve some error messages if a digest is not available
e3bf65da88 Include "legacy" in the name of the various MAC bridge functions
52ae0f8fc2 Add some documentation about the EVP_PKEY MAC interface
2ef9a7ac5e Improve code reuse in the provider MAC bridge
2106b04719 Document the EVP_PKEY_new_CMAC_key_with_libctx() function
e5bc0ce2ae Extend test_CMAC_keygen in evp_extra_test
2cf765e5a2 Delete unused PKEY MAC files
a540ef90f5 Extend the provider MAC bridge for CMAC
4db71d0175 Extend the provider MAC bridge for Poly1305
8014b2a966 Don't require a default digest from signature algorithms
b27b31b628 Extend the provider MAC bridge for SIPHASH
6f0bd6ca1c Ensure libssl creates libctx aware MAC keys
ada0670bf6 Fix some EVP_MD_CTX_* functions
5d51925a90 Convert EVP_PKEY_CTX_set_mac_key() into a function
1bf625040c Fix evp_extra_test to not assume that HMAC is legacy
b571e662cd Make the provider side EVP PKEY MAC bridge available in default and fips
409910be16 Implement signature functions for EVP_PKEY MAC to EVP_MAC provider bridge
e538294f8f Implement key management for the EVP_PKEY MAC to EVP_MAC provider bridge
bddfea0271 TEST: Adapt some tests for a stricter PEM_write_bio_PrivateKey_traditional()
87d91d223b Fix PEM_write_bio_PrivateKey_traditional() to not output PKCS#8
b6ef3c7089 Correct description of BN_mask_bits
33855c0af6 conf: add diagnostic option
3d94185718 provider_conf: report missing section on error
cd84d8832d Ignore vendor name in Clang version number.
4516bf7422 rand: instantiate the DRBGs upon first use.
edd53e9135 rand: add a note about a potentially misleading code analyzer warning.
1d6c86709c apps/pkcs12.c: Add -untrusted option
77a9bb83d7 X509_add_certs(): Add to doc some warning notes on memory management
0495a3ec4a Add OCSP_PARTIAL_CHAIN to OCSP_basic_verify()
fcc3a5204c apps: -msg flag enhancement 2/2
50c911b0c5 apps: -msg flag enhancement 1/2
625679b6d7 EVP: NULL pctx pointer after free.

Build log ended with (last 100 lines):

65-test_cmp_status.t ............... ok
65-test_cmp_vfy.t .................. ok
70-test_asyncio.t .................. ok
70-test_bad_dtls.t ................. ok
70-test_clienthello.t .............. ok
70-test_comp.t ..................... ok
70-test_key_share.t ................ ok
70-test_packet.t ................... ok
70-test_recordlen.t ................ ok
70-test_renegotiation.t ............ ok
70-test_servername.t ............... ok
70-test_sslcbcpadding.t ............ ok
70-test_sslcertstatus.t ............ ok
70-test_sslextension.t ............. ok
70-test_sslmessages.t .............. ok
70-test_sslrecords.t ............... ok
70-test_sslsessiontick.t ........... ok
70-test_sslsigalgs.t ............... ok
70-test_sslsignature.t ............. ok
70-test_sslskewith0p.t ............. ok
70-test_sslversions.t .............. ok
70-test_sslvertol.t ................ ok
70-test_tls13alerts.t .............. ok
70-test_tls13cookie.t .............. ok
70-test_tls13downgrade.t ........... ok
70-test_tls13hrr.t ................. ok
70-test_tls13kexmodes.t ............ ok
70-test_tls13messages.t ............ ok
70-test_tls13psk.t ................. ok
70-test_tlsextms.t ................. ok
70-test_verify_extra.t ............. ok
70-test_wpacket.t .................. ok
71-test_ssl_ctx.t .................. ok
80-test_ca.t ....................... ok
80-test_cipherbytes.t .............. ok
80-test_cipherlist.t ............... ok
80-test_ciphername.t ............... ok

# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... ok
80-test_dtls_mtu.t ................. ok
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok
80-test_ssl_new.t .................. ok
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
04-test_err.t                    (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=211, Tests=3216, 907 wallclock secs (13.56 usr  1.18 sys + 840.42 cusr 63.96 csys = 919.12 CPU)
Result: FAIL
Makefile:3192: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit'
Makefile:3190: recipe for target 'tests' failed
make: *** [tests] Error 2

From shane.lontis at oracle.com  Mon Aug 31 04:50:52 2020
From: shane.lontis at oracle.com (shane.lontis at oracle.com)
Date: Mon, 31 Aug 2020 04:50:52 +0000
Subject: [openssl]  master update
Message-ID: <1598849452.005919.30753.nullmailer@dev.openssl.org>

The branch master has been updated
       via  23e77b0ba328afe3492d990cd24f7b8896b4246f (commit)
       via  e2e46dfa8c42b5d47723aaed60d7fce3d84455c5 (commit)
      from  458cb85d1985aa3efe0a33eb59123d23b5fa975a (commit)


- Log -----------------------------------------------------------------
commit 23e77b0ba328afe3492d990cd24f7b8896b4246f
Author: Jon Spillett <jon.spillett at oracle.com>
Date:   Fri Aug 21 14:18:59 2020 +1000

    Update test data for DSA public key text
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12688)

commit e2e46dfa8c42b5d47723aaed60d7fce3d84455c5
Author: Jon Spillett <jon.spillett at oracle.com>
Date:   Thu Aug 20 09:13:28 2020 +1000

    Add the correct enum value for DSA public key serialization
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12688)

-----------------------------------------------------------------------

Summary of changes:
 providers/implementations/encode_decode/encoder_dsa_pub.c | 2 +-
 test/recipes/30-test_evp_pkey_provided/DSA.pub.txt        | 6 +-----
 2 files changed, 2 insertions(+), 6 deletions(-)

diff --git a/providers/implementations/encode_decode/encoder_dsa_pub.c b/providers/implementations/encode_decode/encoder_dsa_pub.c
index f99388e150..e1201634b9 100644
--- a/providers/implementations/encode_decode/encoder_dsa_pub.c
+++ b/providers/implementations/encode_decode/encoder_dsa_pub.c
@@ -173,7 +173,7 @@ static int dsa_pub_print(void *ctx, void *dsa, OSSL_CORE_BIO *cout,
     if (out == NULL)
         return 0;
 
-    ret = ossl_prov_print_dsa(out, dsa, 0);
+    ret = ossl_prov_print_dsa(out, dsa, dsa_print_pub);
     BIO_free(out);
 
     return ret;
diff --git a/test/recipes/30-test_evp_pkey_provided/DSA.pub.txt b/test/recipes/30-test_evp_pkey_provided/DSA.pub.txt
index 1b1b758b03..0cd037294c 100644
--- a/test/recipes/30-test_evp_pkey_provided/DSA.pub.txt
+++ b/test/recipes/30-test_evp_pkey_provided/DSA.pub.txt
@@ -1,8 +1,4 @@
-Private-Key: (2048 bit)
-priv:
-    00:8f:c5:9e:d0:f7:2a:0b:66:f1:32:73:ae:f6:d9:
-    d4:db:2d:96:55:89:ff:ef:a8:5f:47:8f:ca:02:8a:
-    e1:35:90
+Public-Key: (2048 bit)
 pub: 
     44:19:c9:46:45:57:c1:a9:d8:30:99:29:6a:4b:63:
     71:69:96:35:17:b2:62:9b:80:0a:95:9d:6a:c0:32:

From openssl at openssl.org  Mon Aug 31 04:59:39 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 31 Aug 2020 04:59:39 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-cms
Message-ID: <1598849979.082071.20842.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-cms

Commit log since last time:

458cb85d19 Fix ECX serializer import calls to use correct selection flags.
d9cdfda24f Fix RSA serializer import calls to use correct selection flags.
81fca0e7c1 Fix DSA serializer import calls to use correct selection flags.
3fab56631f Fix DH serializer import calls to use correct selection flags.
835b290016 Fix PKCS#7 so that it still works with non fetchable cipher algorithms.
bd1bbbfe51 Fix PKCS#7 so that it still works with non fetchable digest algorithms.
8e32ea633f Check whether we have MD5-SHA1 and whether we need it
7cd1420b3e Improve some error messages if a digest is not available
e3bf65da88 Include "legacy" in the name of the various MAC bridge functions
52ae0f8fc2 Add some documentation about the EVP_PKEY MAC interface
2ef9a7ac5e Improve code reuse in the provider MAC bridge
2106b04719 Document the EVP_PKEY_new_CMAC_key_with_libctx() function
e5bc0ce2ae Extend test_CMAC_keygen in evp_extra_test
2cf765e5a2 Delete unused PKEY MAC files
a540ef90f5 Extend the provider MAC bridge for CMAC
4db71d0175 Extend the provider MAC bridge for Poly1305
8014b2a966 Don't require a default digest from signature algorithms
b27b31b628 Extend the provider MAC bridge for SIPHASH
6f0bd6ca1c Ensure libssl creates libctx aware MAC keys
ada0670bf6 Fix some EVP_MD_CTX_* functions
5d51925a90 Convert EVP_PKEY_CTX_set_mac_key() into a function
1bf625040c Fix evp_extra_test to not assume that HMAC is legacy
b571e662cd Make the provider side EVP PKEY MAC bridge available in default and fips
409910be16 Implement signature functions for EVP_PKEY MAC to EVP_MAC provider bridge
e538294f8f Implement key management for the EVP_PKEY MAC to EVP_MAC provider bridge
bddfea0271 TEST: Adapt some tests for a stricter PEM_write_bio_PrivateKey_traditional()
87d91d223b Fix PEM_write_bio_PrivateKey_traditional() to not output PKCS#8
b6ef3c7089 Correct description of BN_mask_bits
33855c0af6 conf: add diagnostic option
3d94185718 provider_conf: report missing section on error
cd84d8832d Ignore vendor name in Clang version number.
4516bf7422 rand: instantiate the DRBGs upon first use.
edd53e9135 rand: add a note about a potentially misleading code analyzer warning.
1d6c86709c apps/pkcs12.c: Add -untrusted option
77a9bb83d7 X509_add_certs(): Add to doc some warning notes on memory management
0495a3ec4a Add OCSP_PARTIAL_CHAIN to OCSP_basic_verify()
fcc3a5204c apps: -msg flag enhancement 2/2
50c911b0c5 apps: -msg flag enhancement 1/2
625679b6d7 EVP: NULL pctx pointer after free.

Build log ended with (last 100 lines):

clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_ctx_test-bin-ssl_ctx_test.d.tmp -MT test/ssl_ctx_test-bin-ssl_ctx_test.o -c -o test/ssl_ctx_test-bin-ssl_ctx_test.o ../openssl/test/ssl_ctx_test.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test-bin-handshake_helper.d.tmp -MT test/ssl_test-bin-handshake_helper.o -c -o test/ssl_test-bin-handshake_helper.o ../openssl/test/handshake_helper.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test-bin-ssl_test.d.tmp -MT test/ssl_test-bin-ssl_test.o -c -o test/ssl_test-bin-ssl_test.o ../openssl/test/ssl_test.c
clang  -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test-bin-ssl_test_ctx.o -c -o test/ssl_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c
clang  -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx_test.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o ../openssl/test/ssl_test_ctx_test.c
clang  -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-filterprov.d.tmp -MT test/sslapitest-bin-filterprov.o -c -o test/sslapitest-bin-filterprov.o ../openssl/test/filterprov.c
clang  -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-sslapitest.d.tmp -MT test/sslapitest-bin-sslapitest.o -c -o test/sslapitest-bin-sslapitest.o ../openssl/test/sslapitest.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-ssltestlib.d.tmp -MT test/sslapitest-bin-ssltestlib.o -c -o test/sslapitest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslapitest-bin-tls-provider.d.tmp -MT test/sslapitest-bin-tls-provider.o -c -o test/sslapitest-bin-tls-provider.o ../openssl/test/tls-provider.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslbuffertest-bin-sslbuffertest.d.tmp -MT test/sslbuffertest-bin-sslbuffertest.o -c -o test/sslbuffertest-bin-sslbuffertest.o ../openssl/test/sslbuffertest.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslbuffertest-bin-ssltestlib.d.tmp -MT test/sslbuffertest-bin-ssltestlib.o -c -o test/sslbuffertest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslcorrupttest-bin-sslcorrupttest.d.tmp -MT test/sslcorrupttest-bin-sslcorrupttest.o -c -o test/sslcorrupttest-bin-sslcorrupttest.o ../openssl/test/sslcorrupttest.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sslcorrupttest-bin-ssltestlib.d.tmp -MT test/sslcorrupttest-bin-ssltestlib.o -c -o test/sslcorrupttest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/ssltest_old-bin-ssltest_old.d.tmp -MT test/ssltest_old-bin-ssltest_old.o -c -o test/ssltest_old-bin-ssltest_old.o ../openssl/test/ssltest_old.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/stack_test-bin-stack_test.d.tmp -MT test/stack_test-bin-stack_test.o -c -o test/stack_test-bin-stack_test.o ../openssl/test/stack_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/sysdefaulttest-bin-sysdefaulttest.d.tmp -MT test/sysdefaulttest-bin-sysdefaulttest.o -c -o test/sysdefaulttest-bin-sysdefaulttest.o ../openssl/test/sysdefaulttest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/test_test-bin-test_test.d.tmp -MT test/test_test-bin-test_test.o -c -o test/test_test-bin-test_test.o ../openssl/test/test_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/threadstest-bin-threadstest.d.tmp -MT test/threadstest-bin-threadstest.o -c -o test/threadstest-bin-threadstest.o ../openssl/test/threadstest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/time_offset_test-bin-time_offset_test.d.tmp -MT test/time_offset_test-bin-time_offset_test.o -c -o test/time_offset_test-bin-time_offset_test.o ../openssl/test/time_offset_test.c
clang  -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13ccstest-bin-ssltestlib.d.tmp -MT test/tls13ccstest-bin-ssltestlib.o -c -o test/tls13ccstest-bin-ssltestlib.o ../openssl/test/ssltestlib.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13ccstest-bin-tls13ccstest.d.tmp -MT test/tls13ccstest-bin-tls13ccstest.o -c -o test/tls13ccstest-bin-tls13ccstest.o ../openssl/test/tls13ccstest.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13encryptiontest-bin-tls13encryptiontest.d.tmp -MT test/tls13encryptiontest-bin-tls13encryptiontest.o -c -o test/tls13encryptiontest-bin-tls13encryptiontest.o ../openssl/test/tls13encryptiontest.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/tls13secretstest-bin-packet.d.tmp -MT crypto/tls13secretstest-bin-packet.o -c -o crypto/tls13secretstest-bin-packet.o ../openssl/crypto/packet.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF ssl/tls13secretstest-bin-tls13_enc.d.tmp -MT ssl/tls13secretstest-bin-tls13_enc.o -c -o ssl/tls13secretstest-bin-tls13_enc.o ../openssl/ssl/tls13_enc.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/tls13secretstest-bin-tls13secretstest.d.tmp -MT test/tls13secretstest-bin-tls13secretstest.o -c -o test/tls13secretstest-bin-tls13secretstest.o ../openssl/test/tls13secretstest.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF apps/lib/uitest-bin-apps_ui.d.tmp -MT apps/lib/uitest-bin-apps_ui.o -c -o apps/lib/uitest-bin-apps_ui.o ../openssl/apps/lib/apps_ui.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/uitest-bin-uitest.d.tmp -MT test/uitest-bin-uitest.o -c -o test/uitest-bin-uitest.o ../openssl/test/uitest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/v3ext-bin-v3ext.d.tmp -MT test/v3ext-bin-v3ext.o -c -o test/v3ext-bin-v3ext.o ../openssl/test/v3ext.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/v3nametest-bin-v3nametest.d.tmp -MT test/v3nametest-bin-v3nametest.o -c -o test/v3nametest-bin-v3nametest.o ../openssl/test/v3nametest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/verify_extra_test-bin-verify_extra_test.d.tmp -MT test/verify_extra_test-bin-verify_extra_test.o -c -o test/verify_extra_test-bin-verify_extra_test.o ../openssl/test/verify_extra_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/versions-bin-versions.d.tmp -MT test/versions-bin-versions.o -c -o test/versions-bin-versions.o ../openssl/test/versions.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/wpackettest-bin-wpackettest.d.tmp -MT test/wpackettest-bin-wpackettest.o -c -o test/wpackettest-bin-wpackettest.o ../openssl/test/wpackettest.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.d.tmp -MT test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o -c -o test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o ../openssl/test/x509_check_cert_pkey_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_dup_cert_test-bin-x509_dup_cert_test.d.tmp -MT test/x509_dup_cert_test-bin-x509_dup_cert_test.o -c -o test/x509_dup_cert_test-bin-x509_dup_cert_test.o ../openssl/test/x509_dup_cert_test.c
clang  -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_internal_test-bin-x509_internal_test.d.tmp -MT test/x509_internal_test-bin-x509_internal_test.o -c -o test/x509_internal_test-bin-x509_internal_test.o ../openssl/test/x509_internal_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509_time_test-bin-x509_time_test.d.tmp -MT test/x509_time_test-bin-x509_time_test.o -c -o test/x509_time_test-bin-x509_time_test.o ../openssl/test/x509_time_test.c
clang  -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include  -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL  -MMD -MF test/x509aux-bin-x509aux.d.tmp -MT test/x509aux-bin-x509aux.o -c -o test/x509aux-bin-x509aux.o ../openssl/test/x509aux.c
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/apps/CA.pl.in > "apps/CA.pl"
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/apps/tsget.in > "apps/tsget.pl"
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/tools/c_rehash.in > "tools/c_rehash"
chmod a+x apps/CA.pl
/usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \
    "-oMakefile" ../openssl/util/shlib_wrap.sh.in > "util/shlib_wrap.sh"
ar r apps/libapps.a apps/lib/libapps-lib-app_params.o apps/lib/libapps-lib-app_provider.o apps/lib/libapps-lib-app_rand.o apps/lib/libapps-lib-app_x509.o apps/lib/libapps-lib-apps.o apps/lib/libapps-lib-apps_ui.o apps/lib/libapps-lib-columns.o apps/lib/libapps-lib-fmt.o apps/lib/libapps-lib-http_server.o apps/lib/libapps-lib-names.o apps/lib/libapps-lib-opt.o apps/lib/libapps-lib-s_cb.o apps/lib/libapps-lib-s_socket.o
ar: creating apps/libapps.a
chmod a+x apps/tsget.pl
ranlib apps/libapps.a || echo Never mind.
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aes-x86_64.o crypto/aes/aes-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-mb-x86_64.o crypto/aes/aesni-mb-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-sha1-x86_64.o crypto/aes/aesni-sha1-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-sha256-x86_64.o crypto/aes/aesni-sha256-x86_64.s
chmod a+x tools/c_rehash
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-aesni-x86_64.o crypto/aes/aesni-x86_64.s
chmod a+x util/shlib_wrap.sh
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-bsaes-x86_64.o crypto/aes/bsaes-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/aes/libcrypto-lib-vpaes-x86_64.o crypto/aes/vpaes-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-rsaz-avx2.o crypto/bn/rsaz-avx2.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-rsaz-x86_64.o crypto/bn/rsaz-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-x86_64-gf2m.o crypto/bn/x86_64-gf2m.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-x86_64-mont.o crypto/bn/x86_64-mont.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/bn/libcrypto-lib-x86_64-mont5.o crypto/bn/x86_64-mont5.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/camellia/libcrypto-lib-cmll-x86_64.o crypto/camellia/cmll-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/chacha/libcrypto-lib-chacha-x86_64.o crypto/chacha/chacha-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/ec/libcrypto-lib-ecp_nistz256-x86_64.o crypto/ec/ecp_nistz256-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/ec/libcrypto-lib-x25519-x86_64.o crypto/ec/x25519-x86_64.s
clang  -Icrypto -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include  -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF crypto/libcrypto-lib-cversion.d.tmp -MT crypto/libcrypto-lib-cversion.o -c -o crypto/libcrypto-lib-cversion.o ../openssl/crypto/cversion.c
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/libcrypto-lib-x86_64cpuid.o crypto/x86_64cpuid.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/md5/libcrypto-lib-md5-x86_64.o crypto/md5/md5-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/modes/libcrypto-lib-aesni-gcm-x86_64.o crypto/modes/aesni-gcm-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/modes/libcrypto-lib-ghash-x86_64.o crypto/modes/ghash-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/poly1305/libcrypto-lib-poly1305-x86_64.o crypto/poly1305/poly1305-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/rc4/libcrypto-lib-rc4-md5-x86_64.o crypto/rc4/rc4-md5-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/rc4/libcrypto-lib-rc4-x86_64.o crypto/rc4/rc4-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-keccak1600-x86_64.o crypto/sha/keccak1600-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha1-mb-x86_64.o crypto/sha/sha1-mb-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha1-x86_64.o crypto/sha/sha1-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha256-mb-x86_64.o crypto/sha/sha256-mb-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha256-x86_64.o crypto/sha/sha256-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/sha/libcrypto-lib-sha512-x86_64.o crypto/sha/sha512-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -c -o crypto/whrlpool/libcrypto-lib-wp-x86_64.o crypto/whrlpool/wp-x86_64.s
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/implementations/encode_decode/libimplementations-lib-encoder_rsa.d.tmp -MT providers/implementations/encode_decode/libimplementations-lib-encoder_rsa.o -c -o providers/implementations/encode_decode/libimplementations-lib-encoder_rsa.o ../openssl/providers/implementations/encode_decode/encoder_rsa.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/implementations/kdfs/libimplementations-lib-x942kdf.d.tmp -MT providers/implementations/kdfs/libimplementations-lib-x942kdf.o -c -o providers/implementations/kdfs/libimplementations-lib-x942kdf.o ../openssl/providers/implementations/kdfs/x942kdf.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/implementations/signature/libimplementations-lib-dsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-dsa.o -c -o providers/implementations/signature/libimplementations-lib-dsa.o ../openssl/providers/implementations/signature/dsa.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/common/der/libnonfips-lib-der_digests_gen.d.tmp -MT providers/common/der/libnonfips-lib-der_digests_gen.o -c -o providers/common/der/libnonfips-lib-der_digests_gen.o providers/common/der/der_digests_gen.c
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/common/der/libnonfips-lib-der_dsa_gen.d.tmp -MT providers/common/der/libnonfips-lib-der_dsa_gen.o -c -o providers/common/der/libnonfips-lib-der_dsa_gen.o providers/common/der/der_dsa_gen.c
../openssl/providers/implementations/kdfs/x942kdf.c:438:21: error: no previous extern declaration for non-static variable 'kdf_x942_kdf_functions' [-Werror,-Wmissing-variable-declarations]
const OSSL_DISPATCH kdf_x942_kdf_functions[] = {
                    ^
1 error generated.
clang  -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include  -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL  -MMD -MF providers/common/der/libnonfips-lib-der_dsa_key.d.tmp -MT providers/common/der/libnonfips-lib-der_dsa_key.o -c -o providers/common/der/libnonfips-lib-der_dsa_key.o ../openssl/providers/common/der/der_dsa_key.c
Makefile:21466: recipe for target 'providers/implementations/kdfs/libimplementations-lib-x942kdf.o' failed
make[1]: *** [providers/implementations/kdfs/libimplementations-lib-x942kdf.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/no-cms'
Makefile:3122: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

From builds at travis-ci.com  Mon Aug 31 06:15:54 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 31 Aug 2020 06:15:54 +0000
Subject: Still Failing: openssl/openssl#37047 (master - 23e77b0)
In-Reply-To: <openssl/openssl+182009783+still failing@travis-ci.com>
Message-ID: <5f4c959afa8a_13f8df85b82e8154997@travis-pro-tasks-8589cdbf7b-jrmtv.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #37047
Status: Still Failing

Duration: 1 hr, 23 mins, and 31 secs
Commit: 23e77b0 (master)
Author: Jon Spillett
Message: Update test data for DSA public key text

Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12688)

View the changeset: https://github.com/openssl/openssl/compare/458cb85d1985...23e77b0ba328

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/182009783?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200831/2abee6ca/attachment.html>

From openssl at openssl.org  Mon Aug 31 07:27:48 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 31 Aug 2020 07:27:48 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-des
Message-ID: <1598858868.922665.29638.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-des

Commit log since last time:

458cb85d19 Fix ECX serializer import calls to use correct selection flags.
d9cdfda24f Fix RSA serializer import calls to use correct selection flags.
81fca0e7c1 Fix DSA serializer import calls to use correct selection flags.
3fab56631f Fix DH serializer import calls to use correct selection flags.
835b290016 Fix PKCS#7 so that it still works with non fetchable cipher algorithms.
bd1bbbfe51 Fix PKCS#7 so that it still works with non fetchable digest algorithms.
8e32ea633f Check whether we have MD5-SHA1 and whether we need it
7cd1420b3e Improve some error messages if a digest is not available
e3bf65da88 Include "legacy" in the name of the various MAC bridge functions
52ae0f8fc2 Add some documentation about the EVP_PKEY MAC interface
2ef9a7ac5e Improve code reuse in the provider MAC bridge
2106b04719 Document the EVP_PKEY_new_CMAC_key_with_libctx() function
e5bc0ce2ae Extend test_CMAC_keygen in evp_extra_test
2cf765e5a2 Delete unused PKEY MAC files
a540ef90f5 Extend the provider MAC bridge for CMAC
4db71d0175 Extend the provider MAC bridge for Poly1305
8014b2a966 Don't require a default digest from signature algorithms
b27b31b628 Extend the provider MAC bridge for SIPHASH
6f0bd6ca1c Ensure libssl creates libctx aware MAC keys
ada0670bf6 Fix some EVP_MD_CTX_* functions
5d51925a90 Convert EVP_PKEY_CTX_set_mac_key() into a function
1bf625040c Fix evp_extra_test to not assume that HMAC is legacy
b571e662cd Make the provider side EVP PKEY MAC bridge available in default and fips
409910be16 Implement signature functions for EVP_PKEY MAC to EVP_MAC provider bridge
e538294f8f Implement key management for the EVP_PKEY MAC to EVP_MAC provider bridge
bddfea0271 TEST: Adapt some tests for a stricter PEM_write_bio_PrivateKey_traditional()
87d91d223b Fix PEM_write_bio_PrivateKey_traditional() to not output PKCS#8
b6ef3c7089 Correct description of BN_mask_bits
33855c0af6 conf: add diagnostic option
3d94185718 provider_conf: report missing section on error
cd84d8832d Ignore vendor name in Clang version number.
4516bf7422 rand: instantiate the DRBGs upon first use.
edd53e9135 rand: add a note about a potentially misleading code analyzer warning.
1d6c86709c apps/pkcs12.c: Add -untrusted option
77a9bb83d7 X509_add_certs(): Add to doc some warning notes on memory management
0495a3ec4a Add OCSP_PARTIAL_CHAIN to OCSP_basic_verify()
fcc3a5204c apps: -msg flag enhancement 2/2
50c911b0c5 apps: -msg flag enhancement 1/2
625679b6d7 EVP: NULL pctx pointer after free.

Build log ended with (last 100 lines):

../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -revreason 5 => 1
    not ok 79 - ir + ignored revocation
# ------------------------------------------------------------------------------
Could not read any key of private key for CMP client certificate from signer.p12
C060D810787F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:
C060D810787F0000:error::PKCS12 routines:PKCS12_pbe_crypt:pkcs12 algor cipherinit error:../openssl/crypto/pkcs12/p12_decr.c:37:
C060D810787F0000:error::PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe crypt error:../openssl/crypto/pkcs12/p12_decr.c:90:
C060D810787F0000:error::PKCS12 routines:PKCS12_parse:parse error:../openssl/crypto/pkcs12/p12_kiss.c:87:
Unable to load private key for CMP client certificate
OPENSSL_FUNC:../openssl/apps/cmp.c:2885:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2728:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -proxy option is empty string, resetting option
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 1
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
Could not open file or uri test.cert.pem for loading CMP client certificate (and optionally extra certs)
Could not read any cert of CMP client certificate (and optionally extra certs) from test.cert.pem
C0408467B77F0000:error::system library:file_open_with_libctx:No such file or directory:../openssl/crypto/store/loader_file.c:935:calling stat(test.cert.pem)
OPENSSL_FUNC:../openssl/apps/cmp.c:2885:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2728:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:1964:CMP warning: -subject '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=leaf' given, which overrides the subject of 'test.cert.pem' in KUR
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 1
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
Could not open file or uri test.cert.pem for loading CMP client certificate (and optionally extra certs)
Could not read any cert of CMP client certificate (and optionally extra certs) from test.cert.pem
C000F74DA57F0000:error::system library:file_open_with_libctx:No such file or directory:../openssl/crypto/store/loader_file.c:935:calling stat(test.cert.pem)
OPENSSL_FUNC:../openssl/apps/cmp.c:2885:CMP error: cannot set up CMP context
# OPENSSL_FUNC:../openssl/apps/cmp.c:2728:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -subject option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -secret option is empty string, resetting option
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 1
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
    # Looks like you failed 31 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-des/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
30-test_evp.t                    (Wstat: 768 Tests: 86 Failed: 3)
  Failed tests:  12, 36, 69
  Non-zero exit status: 3
30-test_evp_kdf.t                (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=211, Tests=3248, 881 wallclock secs (13.73 usr  1.36 sys + 817.27 cusr 62.49 csys = 894.85 CPU)
Result: FAIL
Makefile:3134: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-des'
Makefile:3132: recipe for target 'tests' failed
make: *** [tests] Error 2

From openssl at openssl.org  Mon Aug 31 07:52:04 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 31 Aug 2020 07:52:04 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-dgram
Message-ID: <1598860324.412016.15008.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dgram

Commit log since last time:

458cb85d19 Fix ECX serializer import calls to use correct selection flags.
d9cdfda24f Fix RSA serializer import calls to use correct selection flags.
81fca0e7c1 Fix DSA serializer import calls to use correct selection flags.
3fab56631f Fix DH serializer import calls to use correct selection flags.
835b290016 Fix PKCS#7 so that it still works with non fetchable cipher algorithms.
bd1bbbfe51 Fix PKCS#7 so that it still works with non fetchable digest algorithms.
8e32ea633f Check whether we have MD5-SHA1 and whether we need it
7cd1420b3e Improve some error messages if a digest is not available
e3bf65da88 Include "legacy" in the name of the various MAC bridge functions
52ae0f8fc2 Add some documentation about the EVP_PKEY MAC interface
2ef9a7ac5e Improve code reuse in the provider MAC bridge
2106b04719 Document the EVP_PKEY_new_CMAC_key_with_libctx() function
e5bc0ce2ae Extend test_CMAC_keygen in evp_extra_test
2cf765e5a2 Delete unused PKEY MAC files
a540ef90f5 Extend the provider MAC bridge for CMAC
4db71d0175 Extend the provider MAC bridge for Poly1305
8014b2a966 Don't require a default digest from signature algorithms
b27b31b628 Extend the provider MAC bridge for SIPHASH
6f0bd6ca1c Ensure libssl creates libctx aware MAC keys
ada0670bf6 Fix some EVP_MD_CTX_* functions
5d51925a90 Convert EVP_PKEY_CTX_set_mac_key() into a function
1bf625040c Fix evp_extra_test to not assume that HMAC is legacy
b571e662cd Make the provider side EVP PKEY MAC bridge available in default and fips
409910be16 Implement signature functions for EVP_PKEY MAC to EVP_MAC provider bridge
e538294f8f Implement key management for the EVP_PKEY MAC to EVP_MAC provider bridge
bddfea0271 TEST: Adapt some tests for a stricter PEM_write_bio_PrivateKey_traditional()
87d91d223b Fix PEM_write_bio_PrivateKey_traditional() to not output PKCS#8
b6ef3c7089 Correct description of BN_mask_bits
33855c0af6 conf: add diagnostic option
3d94185718 provider_conf: report missing section on error
cd84d8832d Ignore vendor name in Clang version number.
4516bf7422 rand: instantiate the DRBGs upon first use.
edd53e9135 rand: add a note about a potentially misleading code analyzer warning.
1d6c86709c apps/pkcs12.c: Add -untrusted option
77a9bb83d7 X509_add_certs(): Add to doc some warning notes on memory management
0495a3ec4a Add OCSP_PARTIAL_CHAIN to OCSP_basic_verify()
fcc3a5204c apps: -msg flag enhancement 2/2
50c911b0c5 apps: -msg flag enhancement 1/2
625679b6d7 EVP: NULL pctx pointer after free.

Build log ended with (last 100 lines):


# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build
80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok

            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 7 - iteration 7
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 8 - iteration 8
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 9 - iteration 9
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 10 - iteration 10
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 11 - iteration 11
# ------------------------------------------------------------------------------
            # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:479
            # 0x0
            not ok 12 - iteration 12
# ------------------------------------------------------------------------------
        not ok 1 - test_handshake
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips.cnf => 1
    not ok 9 - running ssl_test 04-client_auth.cnf
# ------------------------------------------------------------------------------
    #   Failed test 'running ssl_test 04-client_auth.cnf'
    #   at ../openssl/test/recipes/80-test_ssl_new.t line 173.
    # Looks like you failed 1 test of 9.
not ok 5 - Test configuration 04-client_auth.cnf
# ------------------------------------------------------------------------------
# Looks like you failed 1 test of 31.80-test_ssl_new.t .................. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
80-test_ssl_new.t                (Wstat: 256 Tests: 31 Failed: 1)
  Failed test:  5
  Non-zero exit status: 1
Files=211, Tests=3350, 856 wallclock secs (13.27 usr  1.33 sys + 788.31 cusr 65.34 csys = 868.25 CPU)
Result: FAIL
Makefile:3191: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dgram'
Makefile:3189: recipe for target 'tests' failed
make: *** [tests] Error 2

From matt at openssl.org  Mon Aug 31 08:50:00 2020
From: matt at openssl.org (Matt Caswell)
Date: Mon, 31 Aug 2020 08:50:00 +0000
Subject: [openssl]  master update
Message-ID: <1598863800.346823.30783.nullmailer@dev.openssl.org>

The branch master has been updated
       via  72c1e37421ffe9a4db4bba46f3d736dbc227c255 (commit)
       via  ab114c6ddef52384c3c5d579847b989284f51dfc (commit)
       via  18efb630169a5c2c58a77b0b67fc707a87cb8b93 (commit)
       via  cd03b5dc428568548163890081da99b6e5df11ba (commit)
       via  eb818d23c2f451ed56030d9e9fb94bd60ec48b07 (commit)
       via  c7b46b549d59797c3f1ea6541f8ff6f02009cbc5 (commit)
       via  b22a3ccc07e304df8fdbc79bf4168c1a880d0ac5 (commit)
       via  3c1641e8e86dc86028637251421a57827243f6ca (commit)
       via  0a90a90c4626dab3b6931e6a1e0bba9419720146 (commit)
       via  3e5826061baa7948ab1d2835357403d16470108d (commit)
       via  c34ca13a60f2acb4509be0aec9f506853ffbd1ea (commit)
      from  23e77b0ba328afe3492d990cd24f7b8896b4246f (commit)


- Log -----------------------------------------------------------------
commit 72c1e37421ffe9a4db4bba46f3d736dbc227c255
Author: John Baldwin <jhb at FreeBSD.org>
Date:   Wed Aug 5 16:24:24 2020 -0700

    Use global 'libctx' with RAND_bytes_ex to generate sendfile temp data.
    
    While here, check for failure from RAND_bytes_ex as well.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12111)

commit ab114c6ddef52384c3c5d579847b989284f51dfc
Author: Vadim Fedorenko <vadimjunk at gmail.com>
Date:   Fri Jul 31 11:21:36 2020 -0700

    Fix two issues with AES-CCM KTLS tests.
    
    - Apply the cipher list to the server context as well as the client
      context.  The tests still worked for AES-GCM cipher suites as those
      are in the default list of ciphers.  AES-CCM cipher suites are not
      in the default list and require the cipher list to be set.
    
    - Use the correct cipher name for AES-CCM.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12111)

commit 18efb630169a5c2c58a77b0b67fc707a87cb8b93
Author: John Baldwin <jhb at FreeBSD.org>
Date:   Wed Jul 29 15:08:54 2020 -0700

    Skip tests using KTLS RX for TLS 1.3.
    
    KTLS RX is not yet supported for TLS 1.3.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12111)

commit cd03b5dc428568548163890081da99b6e5df11ba
Author: John Baldwin <jhb at FreeBSD.org>
Date:   Wed Jul 29 15:08:25 2020 -0700

    Skip tests using KTLS RX if KTLS RX is not supported.
    
    This skips tests using KTLS RX when run on systems that only support
    KTLS TX.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12111)

commit eb818d23c2f451ed56030d9e9fb94bd60ec48b07
Author: John Baldwin <jhb at FreeBSD.org>
Date:   Wed Jul 29 14:56:58 2020 -0700

    Refactor the KTLS tests to minimize code duplication.
    
    Use the low 4 bits of the test number directly as flags for which of
    the connection sides should use KTLS or not for each test instead of
    having 16 nearly identical functions to do the same thing.
    
    This makes it easier to skip tests that aren't supported (e.g. KTLS RX
    on TLS 1.3).
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12111)

commit c7b46b549d59797c3f1ea6541f8ff6f02009cbc5
Author: John Baldwin <jhb at FreeBSD.org>
Date:   Mon Jul 27 11:35:13 2020 -0700

    Move KTLS inline functions only used by libssl into ssl/ktls.c.
    
    These functions are a bit large to inline and are not usable outside
    of libssl.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12111)

commit b22a3ccc07e304df8fdbc79bf4168c1a880d0ac5
Author: John Baldwin <jhb at FreeBSD.org>
Date:   Wed Dec 4 16:50:06 2019 -0800

    Support for KTLS TX on FreeBSD for TLS 1.3.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12111)

commit 3c1641e8e86dc86028637251421a57827243f6ca
Author: John Baldwin <jhb at FreeBSD.org>
Date:   Thu Mar 5 11:26:06 2020 -0800

    Don't check errno if ktls_read_record() returned 0.
    
    errno is only valid if ktls_read_record() fails with a negative return
    value.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12111)

commit 0a90a90c4626dab3b6931e6a1e0bba9419720146
Author: John Baldwin <jhb at FreeBSD.org>
Date:   Thu Oct 31 16:49:40 2019 -0700

    Add support for KTLS receive for TLS 1.1-1.2 on FreeBSD.
    
    Similar to KTLS receive for Linux, KTLS receive for FreeBSD is enabled
    by passing a session key to the kernel via a new socket option.  Once
    KTLS receive is enabled on a socket, the socket returns records via
    recvmsg().  A control message attached to each record supplies the
    original TLS header, and the decrypted plaintext is returned in the
    data buffer passed to recvmsg().
    
    To support the case that the userland buffer may already contain
    pending encrypted records (which is already handled by Linux's KTLS
    receive), the socket option structure for FreeBSD has been extended to
    include the initial sequence number.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12111)

commit 3e5826061baa7948ab1d2835357403d16470108d
Author: John Baldwin <jhb at FreeBSD.org>
Date:   Wed Jun 10 13:36:38 2020 -0700

    Add helper functions for FreeBSD KTLS.
    
    These are similar to the helpers added in 95badfeb60.  I've adjusted
    the arguments passed to ktls_check_supported_cipher and
    ktls_configure_crypto so that FreeBSD and Linux can both use the same
    signature to avoid OS-specific #ifdef's in libssl.  This also required
    moving the check on valid TLS versions into
    ktls_check_supported_cipher for Linux.  This has largely removed
    OS-specific code and OS-specific #ifdef's for KTLS outside of
    <internal/ktls.h>.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12111)

commit c34ca13a60f2acb4509be0aec9f506853ffbd1ea
Author: John Baldwin <jhb at FreeBSD.org>
Date:   Fri Jul 24 13:47:35 2020 -0700

    Add a ktls_crypto_info_t typedef.
    
    This type is defined to hold the OS-specific structure passed to
    BIO_set_ktls.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12111)

-----------------------------------------------------------------------

Summary of changes:
 include/internal/ktls.h  | 206 ++++++++++++-------------
 ssl/build.info           |   8 +-
 ssl/ktls.c               | 222 +++++++++++++++++++++++++++
 ssl/record/ssl3_record.c |   2 +-
 ssl/ssl_local.h          |  12 ++
 ssl/t1_enc.c             |  66 +-------
 ssl/tls13_enc.c          |  12 +-
 test/sslapitest.c        | 382 +++++------------------------------------------
 8 files changed, 392 insertions(+), 518 deletions(-)
 create mode 100644 ssl/ktls.c

diff --git a/include/internal/ktls.h b/include/internal/ktls.h
index 535e563479..2af1589f98 100644
--- a/include/internal/ktls.h
+++ b/include/internal/ktls.h
@@ -20,9 +20,9 @@
 # endif
 #endif
 
-#ifndef OPENSSL_NO_KTLS
-# ifndef HEADER_INTERNAL_KTLS
-#  define HEADER_INTERNAL_KTLS
+#ifndef HEADER_INTERNAL_KTLS
+# define HEADER_INTERNAL_KTLS
+# ifndef OPENSSL_NO_KTLS
 
 #  if defined(__FreeBSD__)
 #   include <sys/types.h>
@@ -30,12 +30,22 @@
 #   include <sys/ktls.h>
 #   include <netinet/in.h>
 #   include <netinet/tcp.h>
-#   include <crypto/cryptodev.h>
+#   include "openssl/ssl3.h"
+
+#   ifndef TCP_RXTLS_ENABLE
+#    define OPENSSL_NO_KTLS_RX
+#   endif
+#   define OPENSSL_KTLS_AES_GCM_128
+#   define OPENSSL_KTLS_AES_GCM_256
+#   define OPENSSL_KTLS_TLS13
 
 /*
  * Only used by the tests in sslapitest.c.
  */
 #   define TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE             8
+#   define TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE             8
+
+typedef struct tls_enable ktls_crypto_info_t;
 
 /*
  * FreeBSD does not require any additional steps to enable KTLS before
@@ -49,8 +59,12 @@ static ossl_inline int ktls_enable(int fd)
 /*
  * The TCP_TXTLS_ENABLE socket option marks the outgoing socket buffer
  * as using TLS.  If successful, then data sent using this socket will
- * be encrypted and encapsulated in TLS records using the tls_en.
+ * be encrypted and encapsulated in TLS records using the tls_en
  * provided here.
+ *
+ * The TCP_RXTLS_ENABLE socket option marks the incoming socket buffer
+ * as using TLS.  If successful, then data received for this socket will
+ * be authenticated and decrypted using the tls_en provided here.
  */
 static ossl_inline int ktls_start(int fd,
                                   void *tls_en,
@@ -59,8 +73,11 @@ static ossl_inline int ktls_start(int fd,
     if (is_tx)
         return setsockopt(fd, IPPROTO_TCP, TCP_TXTLS_ENABLE,
                           tls_en, len) ? 0 : 1;
-    else
-        return 0;
+#   ifndef OPENSSL_NO_KTLS_RX
+    return setsockopt(fd, IPPROTO_TCP, TCP_RXTLS_ENABLE, tls_en, len) ? 0 : 1;
+#   else
+    return 0;
+#   endif
 }
 
 /*
@@ -96,11 +113,79 @@ static ossl_inline int ktls_send_ctrl_message(int fd, unsigned char record_type,
     return sendmsg(fd, &msg, 0);
 }
 
+#   ifdef OPENSSL_NO_KTLS_RX
+
 static ossl_inline int ktls_read_record(int fd, void *data, size_t length)
 {
     return -1;
 }
 
+#   else /* !defined(OPENSSL_NO_KTLS_RX) */
+
+/*
+ * Receive a TLS record using the tls_en provided in ktls_start.  The
+ * kernel strips any explicit IV and authentication tag, but provides
+ * the TLS record header via a control message.  If there is an error
+ * with the TLS record such as an invalid header, invalid padding, or
+ * authentication failure recvmsg() will fail with an error.
+ */
+static ossl_inline int ktls_read_record(int fd, void *data, size_t length)
+{
+    struct msghdr msg = { 0 };
+    int cmsg_len = sizeof(struct tls_get_record);
+    struct tls_get_record *tgr;
+    struct cmsghdr *cmsg;
+    char buf[CMSG_SPACE(cmsg_len)];
+    struct iovec msg_iov;   /* Vector of data to send/receive into */
+    int ret;
+    unsigned char *p = data;
+    const size_t prepend_length = SSL3_RT_HEADER_LENGTH;
+
+    if (length <= prepend_length) {
+        errno = EINVAL;
+        return -1;
+    }
+
+    msg.msg_control = buf;
+    msg.msg_controllen = sizeof(buf);
+
+    msg_iov.iov_base = p + prepend_length;
+    msg_iov.iov_len = length - prepend_length;
+    msg.msg_iov = &msg_iov;
+    msg.msg_iovlen = 1;
+
+    ret = recvmsg(fd, &msg, 0);
+    if (ret <= 0)
+        return ret;
+
+    if ((msg.msg_flags & (MSG_EOR | MSG_CTRUNC)) != MSG_EOR) {
+        errno = EMSGSIZE;
+        return -1;
+    }
+
+    if (msg.msg_controllen == 0) {
+        errno = EBADMSG;
+        return -1;
+    }
+
+    cmsg = CMSG_FIRSTHDR(&msg);
+    if (cmsg->cmsg_level != IPPROTO_TCP || cmsg->cmsg_type != TLS_GET_RECORD
+        || cmsg->cmsg_len != CMSG_LEN(cmsg_len)) {
+        errno = EBADMSG;
+        return -1;
+    }
+
+    tgr = (struct tls_get_record *)CMSG_DATA(cmsg);
+    p[0] = tgr->tls_type;
+    p[1] = tgr->tls_vmajor;
+    p[2] = tgr->tls_vminor;
+    *(uint16_t *)(p + 3) = htons(ret);
+
+    return ret + prepend_length;
+}
+
+#   endif /* OPENSSL_NO_KTLS_RX */
+
 /*
  * KTLS enables the sendfile system call to send data from a file over
  * TLS.
@@ -119,6 +204,7 @@ static ossl_inline ossl_ssize_t ktls_sendfile(int s, int fd, off_t off,
     }
     return sbytes;
 }
+
 #  endif                         /* __FreeBSD__ */
 
 #  if defined(OPENSSL_SYS_LINUX)
@@ -173,6 +259,9 @@ struct tls_crypto_info_all {
     };
     size_t tls_crypto_info_len;
 };
+
+typedef struct tls_crypto_info_all ktls_crypto_info_t;
+
 /*
  * When successful, this socket option doesn't change the behaviour of the
  * TCP socket, except changing the TCP setsockopt handler to enable the
@@ -310,106 +399,8 @@ static ossl_inline int ktls_read_record(int fd, void *data, size_t length)
 
 #   endif /* OPENSSL_NO_KTLS_RX */
 
-/* Function to check supported ciphers in Linux */
-static ossl_inline int ktls_check_supported_cipher(const EVP_CIPHER *c,
-                                            const EVP_CIPHER_CTX *dd)
-{
-    /* check that cipher is AES_GCM_128, AES_GCM_256, AES_CCM_128 */
-    switch (EVP_CIPHER_nid(c))
-    {
-#  ifdef OPENSSL_KTLS_AES_CCM_128
-    case NID_aes_128_ccm:
-        if (EVP_CIPHER_CTX_tag_length(dd) != EVP_CCM_TLS_TAG_LEN)
-          return 0;
-#  endif
-#  ifdef OPENSSL_KTLS_AES_GCM_128
-    case NID_aes_128_gcm:
-#  endif
-#  ifdef OPENSSL_KTLS_AES_GCM_256
-    case NID_aes_256_gcm:
-#  endif
-        return 1;
-    default:
-        return 0;
-    }
-}
-
-/* Function to configure kernel TLS structure */
-static ossl_inline int ktls_configure_crypto(const EVP_CIPHER *c, int tls_version,
-                                EVP_CIPHER_CTX *dd, void *rl_sequence,
-                                struct tls_crypto_info_all *crypto_info,
-                                unsigned char **rec_seq, unsigned char *iv,
-                                unsigned char *key)
-{
-    unsigned char geniv[12];
-    unsigned char *iiv = iv;
-
-    if (tls_version == TLS1_2_VERSION &&
-        EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) {
-        if (!EVP_CIPHER_CTX_get_iv_state(dd, geniv,
-                                         EVP_GCM_TLS_FIXED_IV_LEN
-                                         + EVP_GCM_TLS_EXPLICIT_IV_LEN))
-            return 0;
-        iiv = geniv;
-    }
-
-    memset(crypto_info, 0, sizeof(*crypto_info));
-    switch (EVP_CIPHER_nid(c))
-    {
-#  ifdef OPENSSL_KTLS_AES_GCM_128
-    case NID_aes_128_gcm:
-        crypto_info->gcm128.info.cipher_type = TLS_CIPHER_AES_GCM_128;
-        crypto_info->gcm128.info.version = tls_version;
-        crypto_info->tls_crypto_info_len = sizeof(crypto_info->gcm128);
-        memcpy(crypto_info->gcm128.iv, iiv + EVP_GCM_TLS_FIXED_IV_LEN,
-                TLS_CIPHER_AES_GCM_128_IV_SIZE);
-        memcpy(crypto_info->gcm128.salt, iiv, TLS_CIPHER_AES_GCM_128_SALT_SIZE);
-        memcpy(crypto_info->gcm128.key, key, EVP_CIPHER_key_length(c));
-        memcpy(crypto_info->gcm128.rec_seq, rl_sequence,
-                TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
-        if (rec_seq != NULL)
-            *rec_seq = crypto_info->gcm128.rec_seq;
-        return 1;
-#  endif
-#  ifdef OPENSSL_KTLS_AES_GCM_256
-    case NID_aes_256_gcm:
-        crypto_info->gcm256.info.cipher_type = TLS_CIPHER_AES_GCM_256;
-        crypto_info->gcm256.info.version = tls_version;
-        crypto_info->tls_crypto_info_len = sizeof(crypto_info->gcm256);
-        memcpy(crypto_info->gcm256.iv, iiv + EVP_GCM_TLS_FIXED_IV_LEN,
-                TLS_CIPHER_AES_GCM_256_IV_SIZE);
-        memcpy(crypto_info->gcm256.salt, iiv, TLS_CIPHER_AES_GCM_256_SALT_SIZE);
-        memcpy(crypto_info->gcm256.key, key, EVP_CIPHER_key_length(c));
-        memcpy(crypto_info->gcm256.rec_seq, rl_sequence,
-                TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
-        if (rec_seq != NULL)
-            *rec_seq = crypto_info->gcm256.rec_seq;
-        return 1;
-#  endif
-#  ifdef OPENSSL_KTLS_AES_CCM_128
-    case NID_aes_128_ccm:
-        crypto_info->ccm128.info.cipher_type = TLS_CIPHER_AES_CCM_128;
-        crypto_info->ccm128.info.version = tls_version;
-        crypto_info->tls_crypto_info_len = sizeof(crypto_info->ccm128);
-        memcpy(crypto_info->ccm128.iv, iiv + EVP_CCM_TLS_FIXED_IV_LEN,
-                TLS_CIPHER_AES_CCM_128_IV_SIZE);
-        memcpy(crypto_info->ccm128.salt, iiv, TLS_CIPHER_AES_CCM_128_SALT_SIZE);
-        memcpy(crypto_info->ccm128.key, key, EVP_CIPHER_key_length(c));
-        memcpy(crypto_info->ccm128.rec_seq, rl_sequence,
-                TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
-        if (rec_seq != NULL)
-            *rec_seq = crypto_info->ccm128.rec_seq;
-        return 1;
-#  endif
-    default:
-        return 0;
-    }
-
-}
-
 #  endif /* OPENSSL_SYS_LINUX */
-# endif /* HEADER_INTERNAL_KTLS */
-#else /* defined(OPENSSL_NO_KTLS) */
+# else /* OPENSSL_NO_KTLS */
 /* Dummy functions here */
 static ossl_inline int ktls_enable(int fd)
 {
@@ -437,4 +428,5 @@ static ossl_inline ossl_ssize_t ktls_sendfile(int s, int fd, off_t off, size_t s
 {
     return -1;
 }
-#endif
+# endif /* OPENSSL_NO_KTLS */
+#endif /* HEADER_INTERNAL_KTLS */
diff --git a/ssl/build.info b/ssl/build.info
index fd187ac7e5..cfcb2b1737 100644
--- a/ssl/build.info
+++ b/ssl/build.info
@@ -10,6 +10,11 @@ IF[{- !$disabled{asm} -}]
   ENDIF
 ENDIF
 
+$KTLSSRC=
+IF[{- !$disabled{ktls} -}]
+  $KTLSSRC=ktls.c
+ENDIF
+
 #TODO: For now we just include the libcrypto packet.c in libssl as well. We
 #      could either continue to do it like this, or export all the WPACKET
 #      symbols so that libssl can use them like any other. Probably would do
@@ -27,7 +32,8 @@ SOURCE[../libssl]=\
         ssl_asn1.c ssl_txt.c ssl_init.c ssl_conf.c  ssl_mcnf.c \
         bio_ssl.c ssl_err.c tls_srp.c t1_trce.c ssl_utst.c \
         record/ssl3_buffer.c record/ssl3_record.c record/dtls1_bitmap.c \
-        statem/statem.c record/ssl3_record_tls13.c record/tls_pad.c
+        statem/statem.c record/ssl3_record_tls13.c record/tls_pad.c \
+        $KTLSSRC
 DEFINE[../libssl]=$AESDEF
 
 SOURCE[../providers/libcommon.a]=record/tls_pad.c
diff --git a/ssl/ktls.c b/ssl/ktls.c
new file mode 100644
index 0000000000..e6c0963259
--- /dev/null
+++ b/ssl/ktls.c
@@ -0,0 +1,222 @@
+/*
+ * Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "ssl_local.h"
+#include "internal/ktls.h"
+
+#if defined(__FreeBSD__)
+# include <crypto/cryptodev.h>
+
+/*-
+ * Check if a given cipher is supported by the KTLS interface.
+ * The kernel might still fail the setsockopt() if no suitable
+ * provider is found, but this checks if the socket option
+ * supports the cipher suite used at all.
+ */
+int ktls_check_supported_cipher(const SSL *s, const EVP_CIPHER *c,
+                                const EVP_CIPHER_CTX *dd)
+{
+
+    switch (s->version) {
+    case TLS1_VERSION:
+    case TLS1_1_VERSION:
+    case TLS1_2_VERSION:
+    case TLS1_3_VERSION:
+        break;
+    default:
+        return 0;
+    }
+
+    switch (s->s3.tmp.new_cipher->algorithm_enc) {
+    case SSL_AES128GCM:
+    case SSL_AES256GCM:
+        return 1;
+    case SSL_AES128:
+    case SSL_AES256:
+        if (s->ext.use_etm)
+            return 0;
+        switch (s->s3.tmp.new_cipher->algorithm_mac) {
+        case SSL_SHA1:
+        case SSL_SHA256:
+        case SSL_SHA384:
+            return 1;
+        default:
+            return 0;
+        }
+    default:
+        return 0;
+    }
+}
+
+/* Function to configure kernel TLS structure */
+int ktls_configure_crypto(const SSL *s, const EVP_CIPHER *c, EVP_CIPHER_CTX *dd,
+                          void *rl_sequence, ktls_crypto_info_t *crypto_info,
+                          unsigned char **rec_seq, unsigned char *iv,
+                          unsigned char *key, unsigned char *mac_key,
+                          size_t mac_secret_size)
+{
+    memset(crypto_info, 0, sizeof(*crypto_info));
+    switch (s->s3.tmp.new_cipher->algorithm_enc) {
+    case SSL_AES128GCM:
+    case SSL_AES256GCM:
+        crypto_info->cipher_algorithm = CRYPTO_AES_NIST_GCM_16;
+        if (s->version == TLS1_3_VERSION)
+            crypto_info->iv_len = EVP_CIPHER_CTX_iv_length(dd);
+        else
+            crypto_info->iv_len = EVP_GCM_TLS_FIXED_IV_LEN;
+        break;
+    case SSL_AES128:
+    case SSL_AES256:
+        switch (s->s3.tmp.new_cipher->algorithm_mac) {
+        case SSL_SHA1:
+            crypto_info->auth_algorithm = CRYPTO_SHA1_HMAC;
+            break;
+        case SSL_SHA256:
+            crypto_info->auth_algorithm = CRYPTO_SHA2_256_HMAC;
+            break;
+        case SSL_SHA384:
+            crypto_info->auth_algorithm = CRYPTO_SHA2_384_HMAC;
+            break;
+        default:
+            return 0;
+        }
+        crypto_info->cipher_algorithm = CRYPTO_AES_CBC;
+        crypto_info->iv_len = EVP_CIPHER_iv_length(c);
+        crypto_info->auth_key = mac_key;
+        crypto_info->auth_key_len = mac_secret_size;
+        break;
+    default:
+        return 0;
+    }
+    crypto_info->cipher_key = key;
+    crypto_info->cipher_key_len = EVP_CIPHER_key_length(c);
+    crypto_info->iv = iv;
+    crypto_info->tls_vmajor = (s->version >> 8) & 0x000000ff;
+    crypto_info->tls_vminor = (s->version & 0x000000ff);
+# ifdef TCP_RXTLS_ENABLE
+    memcpy(crypto_info->rec_seq, rl_sequence, sizeof(crypto_info->rec_seq));
+    if (rec_seq != NULL)
+        *rec_seq = crypto_info->rec_seq;
+# else
+    if (rec_seq != NULL)
+        *rec_seq = NULL;
+# endif
+    return 1;
+};
+
+#endif                         /* __FreeBSD__ */
+
+#if defined(OPENSSL_SYS_LINUX)
+
+/* Function to check supported ciphers in Linux */
+int ktls_check_supported_cipher(const SSL *s, const EVP_CIPHER *c,
+                                const EVP_CIPHER_CTX *dd)
+{
+    switch (s->version) {
+    case TLS1_2_VERSION:
+    case TLS1_3_VERSION:
+        break;
+    default:
+        return 0;
+    }
+
+    /* check that cipher is AES_GCM_128, AES_GCM_256, AES_CCM_128 */
+    switch (EVP_CIPHER_nid(c))
+    {
+# ifdef OPENSSL_KTLS_AES_CCM_128
+    case NID_aes_128_ccm:
+        if (EVP_CIPHER_CTX_tag_length(dd) != EVP_CCM_TLS_TAG_LEN)
+          return 0;
+# endif
+# ifdef OPENSSL_KTLS_AES_GCM_128
+    case NID_aes_128_gcm:
+# endif
+# ifdef OPENSSL_KTLS_AES_GCM_256
+    case NID_aes_256_gcm:
+# endif
+        return 1;
+    default:
+        return 0;
+    }
+}
+
+/* Function to configure kernel TLS structure */
+int ktls_configure_crypto(const SSL *s, const EVP_CIPHER *c, EVP_CIPHER_CTX *dd,
+                          void *rl_sequence, ktls_crypto_info_t *crypto_info,
+                          unsigned char **rec_seq, unsigned char *iv,
+                          unsigned char *key, unsigned char *mac_key,
+                          size_t mac_secret_size)
+{
+    unsigned char geniv[12];
+    unsigned char *iiv = iv;
+
+    if (s->version == TLS1_2_VERSION &&
+        EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) {
+        if (!EVP_CIPHER_CTX_get_iv_state(dd, geniv,
+                                         EVP_GCM_TLS_FIXED_IV_LEN
+                                         + EVP_GCM_TLS_EXPLICIT_IV_LEN))
+            return 0;
+        iiv = geniv;
+    }
+
+    memset(crypto_info, 0, sizeof(*crypto_info));
+    switch (EVP_CIPHER_nid(c))
+    {
+# ifdef OPENSSL_KTLS_AES_GCM_128
+    case NID_aes_128_gcm:
+        crypto_info->gcm128.info.cipher_type = TLS_CIPHER_AES_GCM_128;
+        crypto_info->gcm128.info.version = s->version;
+        crypto_info->tls_crypto_info_len = sizeof(crypto_info->gcm128);
+        memcpy(crypto_info->gcm128.iv, iiv + EVP_GCM_TLS_FIXED_IV_LEN,
+                TLS_CIPHER_AES_GCM_128_IV_SIZE);
+        memcpy(crypto_info->gcm128.salt, iiv, TLS_CIPHER_AES_GCM_128_SALT_SIZE);
+        memcpy(crypto_info->gcm128.key, key, EVP_CIPHER_key_length(c));
+        memcpy(crypto_info->gcm128.rec_seq, rl_sequence,
+                TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
+        if (rec_seq != NULL)
+            *rec_seq = crypto_info->gcm128.rec_seq;
+        return 1;
+# endif
+# ifdef OPENSSL_KTLS_AES_GCM_256
+    case NID_aes_256_gcm:
+        crypto_info->gcm256.info.cipher_type = TLS_CIPHER_AES_GCM_256;
+        crypto_info->gcm256.info.version = s->version;
+        crypto_info->tls_crypto_info_len = sizeof(crypto_info->gcm256);
+        memcpy(crypto_info->gcm256.iv, iiv + EVP_GCM_TLS_FIXED_IV_LEN,
+                TLS_CIPHER_AES_GCM_256_IV_SIZE);
+        memcpy(crypto_info->gcm256.salt, iiv, TLS_CIPHER_AES_GCM_256_SALT_SIZE);
+        memcpy(crypto_info->gcm256.key, key, EVP_CIPHER_key_length(c));
+        memcpy(crypto_info->gcm256.rec_seq, rl_sequence,
+                TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
+        if (rec_seq != NULL)
+            *rec_seq = crypto_info->gcm256.rec_seq;
+        return 1;
+# endif
+# ifdef OPENSSL_KTLS_AES_CCM_128
+    case NID_aes_128_ccm:
+        crypto_info->ccm128.info.cipher_type = TLS_CIPHER_AES_CCM_128;
+        crypto_info->ccm128.info.version = s->version;
+        crypto_info->tls_crypto_info_len = sizeof(crypto_info->ccm128);
+        memcpy(crypto_info->ccm128.iv, iiv + EVP_CCM_TLS_FIXED_IV_LEN,
+                TLS_CIPHER_AES_CCM_128_IV_SIZE);
+        memcpy(crypto_info->ccm128.salt, iiv, TLS_CIPHER_AES_CCM_128_SALT_SIZE);
+        memcpy(crypto_info->ccm128.key, key, EVP_CIPHER_key_length(c));
+        memcpy(crypto_info->ccm128.rec_seq, rl_sequence,
+                TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
+        if (rec_seq != NULL)
+            *rec_seq = crypto_info->ccm128.rec_seq;
+        return 1;
+# endif
+    default:
+        return 0;
+    }
+
+}
+
+#endif /* OPENSSL_SYS_LINUX */
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c
index 27167ba92f..634052d342 100644
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -213,7 +213,7 @@ int ssl3_get_record(SSL *s)
                                num_recs == 0 ? 1 : 0, &n);
             if (rret <= 0) {
 #ifndef OPENSSL_NO_KTLS
-                if (!BIO_get_ktls_recv(s->rbio))
+                if (!BIO_get_ktls_recv(s->rbio) || rret == 0)
                     return rret;     /* error or non-blocking */
                 switch (errno) {
                 case EBADMSG:
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
index 250098600f..f74f833312 100644
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@@ -35,6 +35,7 @@
 # include "internal/refcount.h"
 # include "internal/tsan_assist.h"
 # include "internal/bio.h"
+# include "internal/ktls.h"
 
 # ifdef OPENSSL_BUILD_SHLIBSSL
 #  undef OPENSSL_EXTERN
@@ -2747,6 +2748,17 @@ __owur int ssl_log_secret(SSL *ssl, const char *label,
 #define EARLY_EXPORTER_SECRET_LABEL "EARLY_EXPORTER_SECRET"
 #define EXPORTER_SECRET_LABEL "EXPORTER_SECRET"
 
+#  ifndef OPENSSL_NO_KTLS
+/* ktls.c */
+int ktls_check_supported_cipher(const SSL *s, const EVP_CIPHER *c,
+                                const EVP_CIPHER_CTX *dd);
+int ktls_configure_crypto(const SSL *s, const EVP_CIPHER *c, EVP_CIPHER_CTX *dd,
+                          void *rl_sequence, ktls_crypto_info_t *crypto_info,
+                          unsigned char **rec_seq, unsigned char *iv,
+                          unsigned char *key, unsigned char *mac_key,
+                          size_t mac_secret_size);
+#  endif
+
 /* s3_cbc.c */
 __owur char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);
 __owur int ssl3_cbc_digest_record(SSL *s,
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 2e46187024..52b4ffe132 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -192,16 +192,12 @@ int tls1_change_cipher_state(SSL *s, int which)
     size_t n, i, j, k, cl;
     int reuse_dd = 0;
 #ifndef OPENSSL_NO_KTLS
-# ifdef __FreeBSD__
-    struct tls_enable crypto_info;
-# else
-    struct tls_crypto_info_all crypto_info;
+    ktls_crypto_info_t crypto_info;
     unsigned char *rec_seq;
     void *rl_sequence;
-#  ifndef OPENSSL_NO_KTLS_RX
+# ifndef OPENSSL_NO_KTLS_RX
     int count_unprocessed;
     int bit;
-#  endif
 # endif
     BIO *bio;
 #endif
@@ -465,53 +461,9 @@ int tls1_change_cipher_state(SSL *s, int which)
     if (ssl_get_max_send_fragment(s) != SSL3_RT_MAX_PLAIN_LENGTH)
         goto skip_ktls;
 
-# ifdef __FreeBSD__
-    memset(&crypto_info, 0, sizeof(crypto_info));
-    switch (s->s3.tmp.new_cipher->algorithm_enc) {
-    case SSL_AES128GCM:
-    case SSL_AES256GCM:
-        crypto_info.cipher_algorithm = CRYPTO_AES_NIST_GCM_16;
-        crypto_info.iv_len = EVP_GCM_TLS_FIXED_IV_LEN;
-        break;
-    case SSL_AES128:
-    case SSL_AES256:
-        if (s->ext.use_etm)
-            goto skip_ktls;
-        switch (s->s3.tmp.new_cipher->algorithm_mac) {
-        case SSL_SHA1:
-            crypto_info.auth_algorithm = CRYPTO_SHA1_HMAC;
-            break;
-        case SSL_SHA256:
-            crypto_info.auth_algorithm = CRYPTO_SHA2_256_HMAC;
-            break;
-        case SSL_SHA384:
-            crypto_info.auth_algorithm = CRYPTO_SHA2_384_HMAC;
-            break;
-        default:
-            goto skip_ktls;
-        }
-        crypto_info.cipher_algorithm = CRYPTO_AES_CBC;
-        crypto_info.iv_len = EVP_CIPHER_iv_length(c);
-        crypto_info.auth_key = ms;
-        crypto_info.auth_key_len = *mac_secret_size;
-        break;
-    default:
-        goto skip_ktls;
-    }
-    crypto_info.cipher_key = key;
-    crypto_info.cipher_key_len = EVP_CIPHER_key_length(c);
-    crypto_info.iv = iv;
-    crypto_info.tls_vmajor = (s->version >> 8) & 0x000000ff;
-    crypto_info.tls_vminor = (s->version & 0x000000ff);
-# else /* !defined(__FreeBSD__) */
     /* check that cipher is supported */
-    if (!ktls_check_supported_cipher(c, dd))
-        goto skip_ktls;
-
-    /* check version */
-    if (s->version != TLS1_2_VERSION)
+    if (!ktls_check_supported_cipher(s, c, dd))
         goto skip_ktls;
-# endif
 
     if (which & SSL3_CC_WRITE)
         bio = s->wbio;
@@ -538,18 +490,17 @@ int tls1_change_cipher_state(SSL *s, int which)
         goto err;
     }
 
-# ifndef __FreeBSD__
     if (which & SSL3_CC_WRITE)
         rl_sequence = RECORD_LAYER_get_write_sequence(&s->rlayer);
     else
         rl_sequence = RECORD_LAYER_get_read_sequence(&s->rlayer);
 
-    if (!ktls_configure_crypto(c, s->version, dd, rl_sequence, &crypto_info,
-                               &rec_seq, iv, key))
+    if (!ktls_configure_crypto(s, c, dd, rl_sequence, &crypto_info, &rec_seq,
+                               iv, key, ms, *mac_secret_size))
         goto skip_ktls;
 
     if (which & SSL3_CC_READ) {
-#  ifndef OPENSSL_NO_KTLS_RX
+# ifndef OPENSSL_NO_KTLS_RX
         count_unprocessed = count_unprocessed_records(s);
         if (count_unprocessed < 0)
             goto skip_ktls;
@@ -563,11 +514,10 @@ int tls1_change_cipher_state(SSL *s, int which)
             }
             count_unprocessed--;
         }
-#  else
+# else
         goto skip_ktls;
-#  endif
+# endif
     }
-# endif /* !__FreeBSD__ */
 
     /* ktls works with user provided buffers directly */
     if (BIO_set_ktls(bio, &crypto_info, which & SSL3_CC_WRITE)) {
diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
index ba385f6ea2..829a6e9be1 100644
--- a/ssl/tls13_enc.c
+++ b/ssl/tls13_enc.c
@@ -516,10 +516,8 @@ int tls13_change_cipher_state(SSL *s, int which)
     const EVP_MD *md = NULL;
     const EVP_CIPHER *cipher = NULL;
 #if !defined(OPENSSL_NO_KTLS) && defined(OPENSSL_KTLS_TLS13)
-# ifndef __FreeBSD__
-    struct tls_crypto_info_all crypto_info;
+    ktls_crypto_info_t crypto_info;
     BIO *bio;
-# endif
 #endif
 
     if (which & SSL3_CC_READ) {
@@ -784,7 +782,6 @@ int tls13_change_cipher_state(SSL *s, int which)
         s->statem.enc_write_state = ENC_WRITE_STATE_VALID;
 #ifndef OPENSSL_NO_KTLS
 # if defined(OPENSSL_KTLS_TLS13)
-#  ifndef __FreeBSD__
     if (!(which & SSL3_CC_WRITE) || !(which & SSL3_CC_APPLICATION)
         || ((which & SSL3_CC_WRITE) && (s->mode & SSL_MODE_NO_KTLS_TX)))
         goto skip_ktls;
@@ -798,7 +795,7 @@ int tls13_change_cipher_state(SSL *s, int which)
         goto skip_ktls;
 
     /* check that cipher is supported */
-    if (!ktls_check_supported_cipher(cipher, ciph_ctx))
+    if (!ktls_check_supported_cipher(s, cipher, ciph_ctx))
         goto skip_ktls;
 
     bio = s->wbio;
@@ -814,15 +811,14 @@ int tls13_change_cipher_state(SSL *s, int which)
         goto skip_ktls;
 
     /* configure kernel crypto structure */
-    if (!ktls_configure_crypto(cipher, s->version, ciph_ctx, 
+    if (!ktls_configure_crypto(s, cipher, ciph_ctx,
                                RECORD_LAYER_get_write_sequence(&s->rlayer),
-                               &crypto_info, NULL, iv, key))
+                               &crypto_info, NULL, iv, key, NULL, 0))
         goto skip_ktls;
 
     /* ktls works with user provided buffers directly */
     if (BIO_set_ktls(bio, &crypto_info, which & SSL3_CC_WRITE))
         ssl3_release_write_buffer(s);
-#  endif
 skip_ktls:
 # endif
 #endif
diff --git a/test/sslapitest.c b/test/sslapitest.c
index cf9947ea0b..240cadde90 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -993,6 +993,7 @@ static int execute_test_ktls(int cis_ktls_tx, int cis_ktls_rx,
                                        tls_version, tls_version,
                                        &sctx, &cctx, cert, privkey))
             || !TEST_true(SSL_CTX_set_cipher_list(cctx, cipher))
+            || !TEST_true(SSL_CTX_set_cipher_list(sctx, cipher))
             || !TEST_true(create_ssl_objects2(sctx, cctx, &serverssl,
                                           &clientssl, sfd, cfd)))
         goto end;
@@ -1107,6 +1108,7 @@ static int test_ktls_sendfile(int tls_version, const char *cipher)
                                        tls_version, tls_version,
                                        &sctx, &cctx, cert, privkey))
         || !TEST_true(SSL_CTX_set_cipher_list(cctx, cipher))
+        || !TEST_true(SSL_CTX_set_cipher_list(sctx, cipher))
         || !TEST_true(create_ssl_objects2(sctx, cctx, &serverssl,
                                           &clientssl, sfd, cfd)))
         goto end;
@@ -1116,7 +1118,9 @@ static int test_ktls_sendfile(int tls_version, const char *cipher)
         || !TEST_true(BIO_get_ktls_send(serverssl->wbio)))
         goto end;
 
-    RAND_bytes(buf, SENDFILE_SZ);
+    if (!TEST_true(RAND_bytes_ex(libctx, buf, SENDFILE_SZ)))
+        goto end;
+
     out = BIO_new_file(tmpfilename, "wb");
     if (!TEST_ptr(out))
         goto end;
@@ -1177,314 +1181,11 @@ end:
     return testresult;
 }
 
-static int test_ktls_no_txrx_client_no_txrx_server(int tlsver)
-{
-    int testresult = 1;
-
-#ifdef OPENSSL_KTLS_AES_GCM_128
-    testresult &= execute_test_ktls(0, 0, 0, 0, tlsver,
-         "AES128-GCM-SHA256", TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_CCM_128
-    testresult &= execute_test_ktls(0, 0, 0, 0, tlsver,
-         "AES128-CCM-SHA256", TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_GCM_256
-    testresult &= execute_test_ktls(0, 0, 0, 0, tlsver,
-         "AES256-GCM-SHA384", TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
-#endif
-    return testresult;
-}
-
-static int test_ktls_no_rx_client_no_txrx_server(int tlsver)
-{
-    int testresult = 1;
-
-#ifdef OPENSSL_KTLS_AES_GCM_128
-    testresult &= execute_test_ktls(1, 0, 0, 0, tlsver,
-         "AES128-GCM-SHA256", TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_CCM_128
-    testresult &= execute_test_ktls(1, 0, 0, 0, tlsver,
-         "AES128-CCM-SHA256", TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_GCM_256
-    testresult &= execute_test_ktls(1, 0, 0, 0, tlsver,
-         "AES256-GCM-SHA384", TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
-#endif
-    return testresult;
-}
-
-static int test_ktls_no_tx_client_no_txrx_server(int tlsver)
-{
-    int testresult = 1;
-
-#ifdef OPENSSL_KTLS_AES_GCM_128
-    testresult &= execute_test_ktls(0, 1, 0, 0, tlsver,
-         "AES128-GCM-SHA256", TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_CCM_128
-    testresult &= execute_test_ktls(0, 1, 0, 0, tlsver,
-         "AES128-CCM-SHA256", TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_GCM_256
-    testresult &= execute_test_ktls(0, 1, 0, 0, tlsver,
-         "AES256-GCM-SHA384", TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
-#endif
-    return testresult;
-}
-
-static int test_ktls_client_no_txrx_server(int tlsver)
-{
-    int testresult = 1;
-
-#ifdef OPENSSL_KTLS_AES_GCM_128
-    testresult &= execute_test_ktls(1, 1, 0, 0, tlsver,
-         "AES128-GCM-SHA256", TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_CCM_128
-    testresult &= execute_test_ktls(1, 1, 0, 0, tlsver,
-         "AES128-CCM-SHA256", TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_GCM_256
-    testresult &= execute_test_ktls(1, 1, 0, 0, tlsver,
-         "AES256-GCM-SHA384", TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
-#endif
-    return testresult;
-}
-
-static int test_ktls_no_txrx_client_no_rx_server(int tlsver)
-{
-    int testresult = 1;
-
-#ifdef OPENSSL_KTLS_AES_GCM_128
-    testresult &= execute_test_ktls(0, 0, 1, 0, tlsver,
-         "AES128-GCM-SHA256", TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_CCM_128
-    testresult &= execute_test_ktls(0, 0, 1, 0, tlsver,
-         "AES128-CCM-SHA256", TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_GCM_256
-    testresult &= execute_test_ktls(0, 0, 1, 0, tlsver,
-         "AES256-GCM-SHA384", TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
-#endif
-    return testresult;
-}
-
-static int test_ktls_no_rx_client_no_rx_server(int tlsver)
-{
-    int testresult = 1;
-
-#ifdef OPENSSL_KTLS_AES_GCM_128
-    testresult &= execute_test_ktls(1, 0, 1, 0, tlsver,
-         "AES128-GCM-SHA256", TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_CCM_128
-    testresult &= execute_test_ktls(1, 0, 1, 0, tlsver,
-         "AES128-CCM-SHA256", TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_GCM_256
-    testresult &= execute_test_ktls(1, 0, 1, 0, tlsver,
-         "AES256-GCM-SHA384", TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
-#endif
-    return testresult;
-}
-
-static int test_ktls_no_tx_client_no_rx_server(int tlsver)
-{
-    int testresult = 1;
-
-#ifdef OPENSSL_KTLS_AES_GCM_128
-    testresult &= execute_test_ktls(0, 1, 1, 0, tlsver,
-         "AES128-GCM-SHA256", TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_CCM_128
-    testresult &= execute_test_ktls(0, 1, 1, 0, tlsver,
-         "AES128-CCM-SHA256", TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_GCM_256
-    testresult &= execute_test_ktls(0, 1, 1, 0, tlsver,
-         "AES256-GCM-SHA384", TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
-#endif
-    return testresult;
-}
-
-static int test_ktls_client_no_rx_server(int tlsver)
-{
-    int testresult = 1;
-
-#ifdef OPENSSL_KTLS_AES_GCM_128
-    testresult &= execute_test_ktls(1, 1, 1, 0, tlsver,
-         "AES128-GCM-SHA256", TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_CCM_128
-    testresult &= execute_test_ktls(1, 1, 1, 0, tlsver,
-         "AES128-CCM-SHA256", TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_GCM_256
-    testresult &= execute_test_ktls(1, 1, 1, 0, tlsver,
-         "AES256-GCM-SHA384", TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
-#endif
-    return testresult;
-}
-
-static int test_ktls_no_txrx_client_no_tx_server(int tlsver)
-{
-    int testresult = 1;
-
-#ifdef OPENSSL_KTLS_AES_GCM_128
-    testresult &= execute_test_ktls(0, 0, 0, 1, tlsver,
-         "AES128-GCM-SHA256", TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_CCM_128
-    testresult &= execute_test_ktls(0, 0, 0, 1, tlsver,
-         "AES128-CCM-SHA256", TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_GCM_256
-    testresult &= execute_test_ktls(0, 0, 0, 1, tlsver,
-         "AES256-GCM-SHA384", TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
-#endif
-    return testresult;
-}
-
-static int test_ktls_no_rx_client_no_tx_server(int tlsver)
-{
-    int testresult = 1;
-
-#ifdef OPENSSL_KTLS_AES_GCM_128
-    testresult &= execute_test_ktls(1, 0, 0, 1, tlsver,
-         "AES128-GCM-SHA256", TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_CCM_128
-    testresult &= execute_test_ktls(1, 0, 0, 1, tlsver,
-         "AES128-CCM-SHA256", TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_GCM_256
-    testresult &= execute_test_ktls(1, 0, 0, 1, tlsver,
-         "AES256-GCM-SHA384", TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
-#endif
-    return testresult;
-}
-
-static int test_ktls_no_tx_client_no_tx_server(int tlsver)
-{
-    int testresult = 1;
-
-#ifdef OPENSSL_KTLS_AES_GCM_128
-    testresult &= execute_test_ktls(0, 1, 0, 1, tlsver,
-         "AES128-GCM-SHA256", TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_CCM_128
-    testresult &= execute_test_ktls(0, 1, 0, 1, tlsver,
-         "AES128-CCM-SHA256", TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_GCM_256
-    testresult &= execute_test_ktls(0, 1, 0, 1, tlsver,
-         "AES256-GCM-SHA384", TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
-#endif
-    return testresult;
-}
-
-static int test_ktls_client_no_tx_server(int tlsver)
-{
-    int testresult = 1;
-
-#ifdef OPENSSL_KTLS_AES_GCM_128
-    testresult &= execute_test_ktls(1, 1, 0, 1, tlsver,
-         "AES128-GCM-SHA256", TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_CCM_128
-    testresult &= execute_test_ktls(1, 1, 0, 1, tlsver,
-         "AES128-CCM-SHA256", TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_GCM_256
-    testresult &= execute_test_ktls(1, 1, 0, 1, tlsver,
-         "AES256-GCM-SHA384", TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
-#endif
-    return testresult;
-}
-
-static int test_ktls_no_txrx_client_server(int tlsver)
-{
-    int testresult = 1;
-
-#ifdef OPENSSL_KTLS_AES_GCM_128
-    testresult &= execute_test_ktls(0, 0, 1, 1, tlsver,
-         "AES128-GCM-SHA256", TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_CCM_128
-    testresult &= execute_test_ktls(0, 0, 1, 1, tlsver,
-         "AES128-CCM-SHA256", TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_GCM_256
-    testresult &= execute_test_ktls(0, 0, 1, 1, tlsver,
-         "AES256-GCM-SHA384", TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
-#endif
-    return testresult;
-}
-
-static int test_ktls_no_rx_client_server(int tlsver)
-{
-    int testresult = 1;
-
-#ifdef OPENSSL_KTLS_AES_GCM_128
-    testresult &= execute_test_ktls(1, 0, 1, 1, tlsver,
-         "AES128-GCM-SHA256", TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_CCM_128
-    testresult &= execute_test_ktls(1, 0, 1, 1, tlsver,
-         "AES128-CCM-SHA256", TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_GCM_256
-    testresult &= execute_test_ktls(1, 0, 1, 1, tlsver,
-         "AES256-GCM-SHA384", TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
-#endif
-    return testresult;
-}
-
-static int test_ktls_no_tx_client_server(int tlsver)
-{
-    int testresult = 1;
-
-#ifdef OPENSSL_KTLS_AES_GCM_128
-    testresult &= execute_test_ktls(0, 1, 1, 1, tlsver,
-         "AES128-GCM-SHA256", TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_CCM_128
-    testresult &= execute_test_ktls(0, 1, 1, 1, tlsver,
-         "AES128-CCM-SHA256", TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_GCM_256
-    testresult &= execute_test_ktls(0, 1, 1, 1, tlsver,
-         "AES256-GCM-SHA384", TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
-#endif
-    return testresult;
-}
-
-static int test_ktls_client_server(int tlsver)
-{
-    int testresult = 1;
-
-#ifdef OPENSSL_KTLS_AES_GCM_128
-    testresult &= execute_test_ktls(1, 1, 1, 1, tlsver,
-         "AES128-GCM-SHA256", TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_CCM_128
-    testresult &= execute_test_ktls(1, 1, 1, 1, tlsver,
-         "AES128-CCM-SHA256", TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_GCM_256
-    testresult &= execute_test_ktls(1, 1, 1, 1, tlsver,
-         "AES256-GCM-SHA384", TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
-#endif
-    return testresult;
-}
-
 #if !defined(OPENSSL_NO_TLS1_2) || !defined(OPENSSL_NO_TLS1_3)
 static int test_ktls(int test)
 {
-    int tlsver;
+    int cis_ktls_tx, cis_ktls_rx, sis_ktls_tx, sis_ktls_rx;
+    int tlsver, testresult;
 
     if (test > 15) {
 #if defined(OPENSSL_NO_TLS1_3)
@@ -1501,47 +1202,42 @@ static int test_ktls(int test)
 #endif
     }
 
-    switch(test) {
-    case 0:
-       return test_ktls_no_txrx_client_no_txrx_server(tlsver);
-    case 1:
-       return test_ktls_no_rx_client_no_txrx_server(tlsver);
-    case 2:
-       return test_ktls_no_tx_client_no_txrx_server(tlsver);
-    case 3:
-       return test_ktls_client_no_txrx_server(tlsver);
-    case 4:
-       return test_ktls_no_txrx_client_no_rx_server(tlsver);
-    case 5:
-       return test_ktls_no_rx_client_no_rx_server(tlsver);
-    case 6:
-       return test_ktls_no_tx_client_no_rx_server(tlsver);
-    case 7:
-       return test_ktls_client_no_rx_server(tlsver);
-    case 8:
-       return test_ktls_no_txrx_client_no_tx_server(tlsver);
-    case 9:
-       return test_ktls_no_rx_client_no_tx_server(tlsver);
-    case 10:
-       return test_ktls_no_tx_client_no_tx_server(tlsver);
-    case 11:
-       return test_ktls_client_no_tx_server(tlsver);
-    case 12:
-       return test_ktls_no_txrx_client_server(tlsver);
-    case 13:
-       return test_ktls_no_rx_client_server(tlsver);
-    case 14:
-       return test_ktls_no_tx_client_server(tlsver);
-    case 15:
-       return test_ktls_client_server(tlsver);
-    default:
-       return 0;
-    }
+    cis_ktls_tx = (test & 1) != 0;
+    cis_ktls_rx = (test & 2) != 0;
+    sis_ktls_tx = (test & 4) != 0;
+    sis_ktls_rx = (test & 8) != 0;
+
+#if defined(OPENSSL_NO_KTLS_RX)
+    if (cis_ktls_rx || sis_ktls_rx)
+        return 1;
+#endif
+#if !defined(OPENSSL_NO_TLS1_3)
+    if (tlsver == TLS1_3_VERSION && (cis_ktls_rx || sis_ktls_rx))
+        return 1;
+#endif
+
+    testresult = 1;
+#ifdef OPENSSL_KTLS_AES_GCM_128
+    testresult &= execute_test_ktls(cis_ktls_tx, cis_ktls_rx, sis_ktls_tx,
+                                    sis_ktls_rx, tlsver, "AES128-GCM-SHA256",
+                                    TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
+#endif
+#ifdef OPENSSL_KTLS_AES_CCM_128
+    testresult &= execute_test_ktls(cis_ktls_tx, cis_ktls_rx, sis_ktls_tx,
+                                    sis_ktls_rx, tlsver, "AES128-CCM",
+                                    TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
+#endif
+#ifdef OPENSSL_KTLS_AES_GCM_256
+    testresult &= execute_test_ktls(cis_ktls_tx, cis_ktls_rx, sis_ktls_tx,
+                                    sis_ktls_rx, tlsver, "AES256-GCM-SHA384",
+                                    TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
+#endif
+    return testresult;
 }
 
 static int test_ktls_sendfile_anytls(int tst)
 {
-    char *cipher[] = {"AES128-GCM-SHA256","AES128-CCM-SHA256","AES256-GCM-SHA384"};
+    char *cipher[] = {"AES128-GCM-SHA256","AES128-CCM","AES256-GCM-SHA384"};
     int tlsver;
 
     if (tst > 2) {

From builds at travis-ci.com  Mon Aug 31 10:41:45 2020
From: builds at travis-ci.com (Travis CI)
Date: Mon, 31 Aug 2020 10:41:45 +0000
Subject: Still Failing: openssl/openssl#37052 (master - 72c1e37)
In-Reply-To: <openssl/openssl+182040680+still failing@travis-ci.com>
Message-ID: <5f4cd3ec4abd3_13ff9817ad9004226dc@travis-pro-tasks-67787f4f6b-5ccmh.mail>

Build Update for openssl/openssl
-------------------------------------

Build: #37052
Status: Still Failing

Duration: 1 hr, 24 mins, and 55 secs
Commit: 72c1e37 (master)
Author: John Baldwin
Message: Use global 'libctx' with RAND_bytes_ex to generate sendfile temp data.

While here, check for failure from RAND_bytes_ex as well.

Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12111)

View the changeset: https://github.com/openssl/openssl/compare/23e77b0ba328...72c1e37421ff

View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/182040680?utm_medium=notification&utm_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200831/7dd3bb1e/attachment.html>

From openssl at openssl.org  Mon Aug 31 13:06:55 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 31 Aug 2020 13:06:55 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-err
Message-ID: <1598879215.935337.15349.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-err

Commit log since last time:

458cb85d19 Fix ECX serializer import calls to use correct selection flags.
d9cdfda24f Fix RSA serializer import calls to use correct selection flags.
81fca0e7c1 Fix DSA serializer import calls to use correct selection flags.
3fab56631f Fix DH serializer import calls to use correct selection flags.
835b290016 Fix PKCS#7 so that it still works with non fetchable cipher algorithms.
bd1bbbfe51 Fix PKCS#7 so that it still works with non fetchable digest algorithms.
8e32ea633f Check whether we have MD5-SHA1 and whether we need it
7cd1420b3e Improve some error messages if a digest is not available
e3bf65da88 Include "legacy" in the name of the various MAC bridge functions
52ae0f8fc2 Add some documentation about the EVP_PKEY MAC interface
2ef9a7ac5e Improve code reuse in the provider MAC bridge
2106b04719 Document the EVP_PKEY_new_CMAC_key_with_libctx() function
e5bc0ce2ae Extend test_CMAC_keygen in evp_extra_test
2cf765e5a2 Delete unused PKEY MAC files
a540ef90f5 Extend the provider MAC bridge for CMAC
4db71d0175 Extend the provider MAC bridge for Poly1305
8014b2a966 Don't require a default digest from signature algorithms
b27b31b628 Extend the provider MAC bridge for SIPHASH
6f0bd6ca1c Ensure libssl creates libctx aware MAC keys
ada0670bf6 Fix some EVP_MD_CTX_* functions
5d51925a90 Convert EVP_PKEY_CTX_set_mac_key() into a function
1bf625040c Fix evp_extra_test to not assume that HMAC is legacy
b571e662cd Make the provider side EVP PKEY MAC bridge available in default and fips
409910be16 Implement signature functions for EVP_PKEY MAC to EVP_MAC provider bridge
e538294f8f Implement key management for the EVP_PKEY MAC to EVP_MAC provider bridge
bddfea0271 TEST: Adapt some tests for a stricter PEM_write_bio_PrivateKey_traditional()
87d91d223b Fix PEM_write_bio_PrivateKey_traditional() to not output PKCS#8
b6ef3c7089 Correct description of BN_mask_bits
33855c0af6 conf: add diagnostic option
3d94185718 provider_conf: report missing section on error
cd84d8832d Ignore vendor name in Clang version number.
4516bf7422 rand: instantiate the DRBGs upon first use.
edd53e9135 rand: add a note about a potentially misleading code analyzer warning.
1d6c86709c apps/pkcs12.c: Add -untrusted option
77a9bb83d7 X509_add_certs(): Add to doc some warning notes on memory management
0495a3ec4a Add OCSP_PARTIAL_CHAIN to OCSP_basic_verify()
fcc3a5204c apps: -msg flag enhancement 2/2
50c911b0c5 apps: -msg flag enhancement 1/2
625679b6d7 EVP: NULL pctx pointer after free.

Build log ended with (last 100 lines):

65-test_cmp_status.t ............... ok
65-test_cmp_vfy.t .................. ok
70-test_asyncio.t .................. ok
70-test_bad_dtls.t ................. ok
70-test_clienthello.t .............. ok
70-test_comp.t ..................... ok
70-test_key_share.t ................ ok
70-test_packet.t ................... ok
70-test_recordlen.t ................ ok
70-test_renegotiation.t ............ ok
70-test_servername.t ............... ok
70-test_sslcbcpadding.t ............ ok
70-test_sslcertstatus.t ............ ok
70-test_sslextension.t ............. ok
70-test_sslmessages.t .............. ok
70-test_sslrecords.t ............... ok
70-test_sslsessiontick.t ........... ok
70-test_sslsigalgs.t ............... ok
70-test_sslsignature.t ............. ok
70-test_sslskewith0p.t ............. ok
70-test_sslversions.t .............. ok
70-test_sslvertol.t ................ ok
70-test_tls13alerts.t .............. ok
70-test_tls13cookie.t .............. ok
70-test_tls13downgrade.t ........... ok
70-test_tls13hrr.t ................. ok
70-test_tls13kexmodes.t ............ ok
70-test_tls13messages.t ............ ok
70-test_tls13psk.t ................. ok
70-test_tlsextms.t ................. ok
70-test_verify_extra.t ............. ok
70-test_wpacket.t .................. ok
71-test_ssl_ctx.t .................. ok
80-test_ca.t ....................... ok
80-test_cipherbytes.t .............. ok
80-test_cipherlist.t ............... ok
80-test_ciphername.t ............... ok

# 80-test_cms.t ...................... ok
80-test_cmsapi.t ................... ok
80-test_ct.t ....................... ok
80-test_dane.t ..................... ok
80-test_dtls.t ..................... ok
80-test_dtls_mtu.t ................. ok
80-test_dtlsv1listen.t ............. ok
80-test_http.t ..................... ok
80-test_ocsp.t ..................... ok
80-test_pkcs12.t ................... ok
80-test_ssl_new.t .................. ok
80-test_ssl_old.t .................. ok
80-test_ssl_test_ctx.t ............. ok
80-test_sslcorrupt.t ............... ok
80-test_tsa.t ...................... ok
80-test_x509aux.t .................. ok

# 81-test_cmp_cli.t .................. ok
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
04-test_err.t                    (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=211, Tests=3216, 877 wallclock secs (13.17 usr  1.15 sys + 810.54 cusr 63.61 csys = 888.47 CPU)
Result: FAIL
Makefile:3190: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-err'
Makefile:3188: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Mon Aug 31 13:32:41 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 31 Aug 2020 13:32:41 +0000
Subject: Build failed: openssl master.36514
Message-ID: <20200831133241.1.F9DA277746C0400D@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200831/ed0458f6/attachment.html>

From no-reply at appveyor.com  Mon Aug 31 14:03:06 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 31 Aug 2020 14:03:06 +0000
Subject: Build completed: openssl OpenSSL_1_1_1-stable.36515
Message-ID: <20200831140306.1.410E947EC4D8C26F@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200831/f753f6ba/attachment.html>

From openssl at openssl.org  Mon Aug 31 21:26:57 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 31 Aug 2020 21:26:57 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 --strict-warnings no-ui-console
Message-ID: <1598909217.832712.10792.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ui-console

Commit log since last time:

458cb85d19 Fix ECX serializer import calls to use correct selection flags.
d9cdfda24f Fix RSA serializer import calls to use correct selection flags.
81fca0e7c1 Fix DSA serializer import calls to use correct selection flags.
3fab56631f Fix DH serializer import calls to use correct selection flags.
835b290016 Fix PKCS#7 so that it still works with non fetchable cipher algorithms.
bd1bbbfe51 Fix PKCS#7 so that it still works with non fetchable digest algorithms.
8e32ea633f Check whether we have MD5-SHA1 and whether we need it
7cd1420b3e Improve some error messages if a digest is not available
e3bf65da88 Include "legacy" in the name of the various MAC bridge functions
52ae0f8fc2 Add some documentation about the EVP_PKEY MAC interface
2ef9a7ac5e Improve code reuse in the provider MAC bridge
2106b04719 Document the EVP_PKEY_new_CMAC_key_with_libctx() function
e5bc0ce2ae Extend test_CMAC_keygen in evp_extra_test
2cf765e5a2 Delete unused PKEY MAC files
a540ef90f5 Extend the provider MAC bridge for CMAC
4db71d0175 Extend the provider MAC bridge for Poly1305
8014b2a966 Don't require a default digest from signature algorithms
b27b31b628 Extend the provider MAC bridge for SIPHASH
6f0bd6ca1c Ensure libssl creates libctx aware MAC keys
ada0670bf6 Fix some EVP_MD_CTX_* functions
5d51925a90 Convert EVP_PKEY_CTX_set_mac_key() into a function
1bf625040c Fix evp_extra_test to not assume that HMAC is legacy
b571e662cd Make the provider side EVP PKEY MAC bridge available in default and fips
409910be16 Implement signature functions for EVP_PKEY MAC to EVP_MAC provider bridge
e538294f8f Implement key management for the EVP_PKEY MAC to EVP_MAC provider bridge
bddfea0271 TEST: Adapt some tests for a stricter PEM_write_bio_PrivateKey_traditional()
87d91d223b Fix PEM_write_bio_PrivateKey_traditional() to not output PKCS#8
b6ef3c7089 Correct description of BN_mask_bits
33855c0af6 conf: add diagnostic option
3d94185718 provider_conf: report missing section on error
cd84d8832d Ignore vendor name in Clang version number.
4516bf7422 rand: instantiate the DRBGs upon first use.
edd53e9135 rand: add a note about a potentially misleading code analyzer warning.
1d6c86709c apps/pkcs12.c: Add -untrusted option
77a9bb83d7 X509_add_certs(): Add to doc some warning notes on memory management
0495a3ec4a Add OCSP_PARTIAL_CHAIN to OCSP_basic_verify()
fcc3a5204c apps: -msg flag enhancement 2/2
50c911b0c5 apps: -msg flag enhancement 1/2
625679b6d7 EVP: NULL pctx pointer after free.

Build log ended with (last 100 lines):

    #   Failed test 'p10cr csr empty file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -csr wrong.csr.pem => 139
    not ok 78 - p10cr wrong csr
# ------------------------------------------------------------------------------
    #   Failed test 'p10cr wrong csr'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -revreason 5 => 139
    not ok 79 - ir + ignored revocation
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt => 139
    not ok 82 - cr command
# ------------------------------------------------------------------------------
    #   Failed test 'cr command'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt => 139
    not ok 83 - kur command explicit options
# ------------------------------------------------------------------------------
    #   Failed test 'kur command explicit options'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.cert.pem -oldcert test.cert.pem -server '127.0.0.1:1700' -cert test.cert.pem -key new.key -extracerts issuing.crt -secret "" => 139
    not ok 84 - kur command minimal options
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert test.cert.pem -server '127.0.0.1:1700' => 139
    not ok 86 - kur newkey is directory
# ------------------------------------------------------------------------------
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139
    not ok 89 - kur oldcert is directory
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert is directory'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139
    not ok 90 - kur oldcert not existing
# ------------------------------------------------------------------------------
    #   Failed test 'kur oldcert not existing'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139
    not ok 91 - kur empty oldcert file
# ------------------------------------------------------------------------------
    #   Failed test 'kur empty oldcert file'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.cert.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139
    not ok 92 - kur command without cert and oldcert
# ------------------------------------------------------------------------------
    #   Failed test 'kur command without cert and oldcert'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 65 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/no-ui-console/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 5 (wstat 1280, 0x500)
Failed 5/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... ok
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ ok
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 1280 Tests: 7 Failed: 5)
  Failed tests:  3-7
  Non-zero exit status: 5
Files=211, Tests=3353, 935 wallclock secs (13.35 usr  1.19 sys + 823.24 cusr 66.66 csys = 904.44 CPU)
Result: FAIL
Makefile:3177: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-ui-console'
Makefile:3175: recipe for target 'tests' failed
make: *** [tests] Error 2

From no-reply at appveyor.com  Mon Aug 31 23:31:12 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 31 Aug 2020 23:31:12 +0000
Subject: Build failed: openssl master.36521
Message-ID: <20200831233112.1.DBC82572BB1BE19E@appveyor.com>

An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-commits/attachments/20200831/d67c64c3/attachment.html>

From openssl at openssl.org  Mon Aug 31 23:54:45 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Mon, 31 Aug 2020 23:54:45 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
 enable-fuzz-afl no-shared no-module
Message-ID: <1598918085.006320.27095.nullmailer@run.openssl.org>

Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module

Commit log since last time:

458cb85d19 Fix ECX serializer import calls to use correct selection flags.
d9cdfda24f Fix RSA serializer import calls to use correct selection flags.
81fca0e7c1 Fix DSA serializer import calls to use correct selection flags.
3fab56631f Fix DH serializer import calls to use correct selection flags.
835b290016 Fix PKCS#7 so that it still works with non fetchable cipher algorithms.
bd1bbbfe51 Fix PKCS#7 so that it still works with non fetchable digest algorithms.
8e32ea633f Check whether we have MD5-SHA1 and whether we need it
7cd1420b3e Improve some error messages if a digest is not available
e3bf65da88 Include "legacy" in the name of the various MAC bridge functions
52ae0f8fc2 Add some documentation about the EVP_PKEY MAC interface
2ef9a7ac5e Improve code reuse in the provider MAC bridge
2106b04719 Document the EVP_PKEY_new_CMAC_key_with_libctx() function
e5bc0ce2ae Extend test_CMAC_keygen in evp_extra_test
2cf765e5a2 Delete unused PKEY MAC files
a540ef90f5 Extend the provider MAC bridge for CMAC
4db71d0175 Extend the provider MAC bridge for Poly1305
8014b2a966 Don't require a default digest from signature algorithms
b27b31b628 Extend the provider MAC bridge for SIPHASH
6f0bd6ca1c Ensure libssl creates libctx aware MAC keys
ada0670bf6 Fix some EVP_MD_CTX_* functions
5d51925a90 Convert EVP_PKEY_CTX_set_mac_key() into a function
1bf625040c Fix evp_extra_test to not assume that HMAC is legacy
b571e662cd Make the provider side EVP PKEY MAC bridge available in default and fips
409910be16 Implement signature functions for EVP_PKEY MAC to EVP_MAC provider bridge
e538294f8f Implement key management for the EVP_PKEY MAC to EVP_MAC provider bridge
bddfea0271 TEST: Adapt some tests for a stricter PEM_write_bio_PrivateKey_traditional()
87d91d223b Fix PEM_write_bio_PrivateKey_traditional() to not output PKCS#8
b6ef3c7089 Correct description of BN_mask_bits
33855c0af6 conf: add diagnostic option
3d94185718 provider_conf: report missing section on error
cd84d8832d Ignore vendor name in Clang version number.
4516bf7422 rand: instantiate the DRBGs upon first use.
edd53e9135 rand: add a note about a potentially misleading code analyzer warning.
1d6c86709c apps/pkcs12.c: Add -untrusted option
77a9bb83d7 X509_add_certs(): Add to doc some warning notes on memory management
0495a3ec4a Add OCSP_PARTIAL_CHAIN to OCSP_basic_verify()
fcc3a5204c apps: -msg flag enhancement 2/2
50c911b0c5 apps: -msg flag enhancement 1/2
625679b6d7 EVP: NULL pctx pointer after free.

Build log ended with (last 100 lines):

../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock credentials' -proxy '' -no_proxy 127.0.0.1 -cert "" -key "" -keypass "" -unprotected_requests => 0
    not ok 38 - unprotected request
# ------------------------------------------------------------------------------
    #   Failed test 'unprotected request'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
    # Looks like you failed 3 tests of 38.
not ok 5 - CMP app CLI Mock credentials
# ------------------------------------------------------------------------------
OPENSSL_FUNC:../openssl/apps/cmp.c:2951:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2728:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2063:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2107:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 43 - popo RAVERIFIED
# ------------------------------------------------------------------------------
OPENSSL_FUNC:../openssl/apps/cmp.c:2951:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2728:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2063:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2107:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 47 - popo NONE
# ------------------------------------------------------------------------------
    #   Failed test 'popo NONE'
    #   at ../openssl/test/recipes/81-test_cmp_cli.t line 184.
OPENSSL_FUNC:../openssl/apps/cmp.c:2951:CMP info: received from 127.0.0.1 PKIStatus: accepted 
# OPENSSL_FUNC:../openssl/apps/cmp.c:2728:CMP info: using OpenSSL configuration file '../Mock/test.cnf'
# OPENSSL_FUNC:../openssl/apps/cmp.c:2337:CMP warning: argument of -proxy option is empty string, resetting option
# OPENSSL_FUNC:../openssl/apps/cmp.c:2063:CMP info: will contact http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:172:CMP info: sending CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:190:CMP info: received PKICONF
# OPENSSL_FUNC:../openssl/apps/cmp.c:2107:CMP info: received 1 enrolled certificate(s), saving to file 'test.cert.pem'
../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 2 -certout test.cert.pem -out_trusted root.crt => 0
    not ok 48 - popo KEYENC not supported
# ------------------------------------------------------------------------------
    # Looks like you failed 3 tests of 92.
not ok 7 - CMP app CLI Mock enrollment
# ------------------------------------------------------------------------------
# 
#   Failed test 'CMP app CLI Mock enrollment
# '
#   at /home/openssl/run-checker/enable-fuzz-afl/../openssl/util/perl/OpenSSL/Test.pm line 1302.
# Looks like you failed 3 tests of 7.81-test_cmp_cli.t .................. 
Dubious, test returned 3 (wstat 768, 0x300)
Failed 3/7 subtests 
90-test_asn1_time.t ................ ok
90-test_async.t .................... ok
90-test_bio_enc.t .................. ok
90-test_bio_memleak.t .............. ok
90-test_constant_time.t ............ ok
90-test_fatalerr.t ................. ok
90-test_gmdiff.t ................... ok
90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build
90-test_ige.t ...................... ok
90-test_includes.t ................. ok
90-test_memleak.t .................. ok
90-test_overhead.t ................. ok
90-test_secmem.t ................... ok
90-test_shlibload.t ................ skipped: Test only supported in a shared build
90-test_srp.t ...................... ok
90-test_sslapi.t ................... ok
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
90-test_v3name.t ................... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz.t ..................... ok

Test Summary Report
-------------------
81-test_cmp_cli.t                (Wstat: 768 Tests: 7 Failed: 3)
  Failed tests:  4-5, 7
  Non-zero exit status: 3
Files=211, Tests=3021, 773 wallclock secs (10.26 usr  1.15 sys + 711.61 cusr 52.08 csys = 775.10 CPU)
Result: FAIL
Makefile:2428: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/enable-fuzz-afl'
Makefile:2426: recipe for target 'tests' failed
make: *** [tests] Error 2